ipsec: fix edge case detection in key_getnewspid

Same comparison problem as in key_do_getnewspi. Reviewed by: ae Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D32827
2021-11-03 19:50:41 +01:00 · 2021-11-03 19:50:41 +01:00 · e469b16d0b
commit e469b16d0b
parent 2f35e7d9fa
1 changed files with 5 additions and 3 deletions
--- a/sys/netipsec/key.c
+++ b/sys/netipsec/key.c
@ -2147,10 +2147,12 @@ key_getnewspid(void)
 {
 	struct secpolicy *sp;
 	uint32_t newid = 0;
-	int count = V_key_spi_trycnt;	/* XXX */
+	int tries, limit;

 	SPTREE_WLOCK_ASSERT();
-	while (count--) {
+
+	limit = atomic_load_int(&V_key_spi_trycnt);
+	for (tries = 0; tries < limit; tries++) {
 		if (V_policy_id == ~0) /* overflowed */
 			newid = V_policy_id = 1;
 		else
@ -2162,7 +2164,7 @@ key_getnewspid(void)
 		if (sp == NULL)
 			break;
 	}
-	if (count == 0 || newid == 0) {
+	if (tries == limit || newid == 0) {
 		ipseclog((LOG_DEBUG, "%s: failed to allocate policy id.\n",
 		    __func__));
 		return (0);