ipsec: fix a panic with INVARIANTS
When adding an SPD entry that already exists, a refcount wraparound
panic is encountered. This was caused from dropping a reference on the
wrong security policy.
Fixes: 4920e38fec
("ipsec: fix race condition in key.c")
Reviewed by: wma
Sponsored by: Klara Inc.
Differential Revision: https://reviews.freebsd.org/D33100
This commit is contained in:
parent
a21f086a33
commit
fc21aafe5f
@ -2039,7 +2039,7 @@ key_spdadd(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp)
|
||||
__func__, oldsp));
|
||||
KEYDBG(KEY_DATA, kdebug_secpolicy(oldsp));
|
||||
} else {
|
||||
key_freesp(&newsp);
|
||||
key_freesp(&oldsp);
|
||||
ipseclog((LOG_DEBUG,
|
||||
"%s: a SP entry exists already.\n", __func__));
|
||||
return (key_senderror(so, m, EEXIST));
|
||||
|
Loading…
Reference in New Issue
Block a user