freebsd-nq/sys/netipsec
Andrey V. Elsukov 47568136c5 Fix possible memory leak and several races in the IPsec policy management
code.

Resurrect the state field in the struct secpolicy, it has
IPSEC_SPSTATE_ALIVE value when security policy linked in the chain,
and IPSEC_SPSTATE_DEAD value in all other cases. This field protects
from trying to unlink one security policy several times from the different
threads.

Take additional reference in the key_flush_spd() to be sure that policy
won't be freed from the different thread while we are sending SPDEXPIRE message.

Add KEY_FREESP() call to the key_unlink() to release additional reference
that we take when use key_getsp*() functions.

Differential Revision:	https://reviews.freebsd.org/D1914
Tested by:		Emeric POUPON <emeric.poupon at stormshield dot eu>
Reviewed by:	hrs
Sponsored by:	Yandex LLC
2015-02-24 10:35:07 +00:00
..
ah_var.h Migrate structs ahstat, espstat, ipcompstat, ipipstat, pfkeystat, 2013-07-09 10:08:13 +00:00
ah.h
esp_var.h Migrate structs ahstat, espstat, ipcompstat, ipipstat, pfkeystat, 2013-07-09 10:08:13 +00:00
esp.h
ipcomp_var.h Migrate structs ahstat, espstat, ipcompstat, ipipstat, pfkeystat, 2013-07-09 10:08:13 +00:00
ipcomp.h
ipsec6.h Remove now unused mtag argument from ipsec*_common_input_cb. 2014-12-11 17:14:49 +00:00
ipsec_input.c Remove now unused mtag argument from ipsec*_common_input_cb. 2014-12-11 17:14:49 +00:00
ipsec_mbuf.c Remove route chaching support from ipsec code. It isn't used for some time. 2014-12-02 04:20:50 +00:00
ipsec_output.c Remove flags and tunalready arguments from ipsec4_process_packet() 2014-12-11 17:34:49 +00:00
ipsec.c Rename ip4_def_policy variable to def_policy. It is used by both IPv4 and 2014-12-24 18:34:56 +00:00
ipsec.h Fix possible memory leak and several races in the IPsec policy management 2015-02-24 10:35:07 +00:00
key_debug.c Rename ip4_def_policy variable to def_policy. It is used by both IPv4 and 2014-12-24 18:34:56 +00:00
key_debug.h Remove __P() macro. 2014-12-03 04:08:41 +00:00
key_var.h Remove more constants related to static sysctl nodes. The MAXID constants 2014-02-25 18:44:33 +00:00
key.c Fix possible memory leak and several races in the IPsec policy management 2015-02-24 10:35:07 +00:00
key.h Remove __P() macro. 2014-12-03 04:08:41 +00:00
keydb.h Remove __P() macro. 2014-12-03 04:08:41 +00:00
keysock.c In order to reduce use of M_EXT outside of the mbuf allocator and 2015-01-06 12:59:37 +00:00
keysock.h Remove __P() macro. 2014-12-03 04:08:41 +00:00
xform_ah.c Remove now unused mtag argument from ipsec*_common_input_cb. 2014-12-11 17:14:49 +00:00
xform_esp.c Remove now unused mtag argument from ipsec*_common_input_cb. 2014-12-11 17:14:49 +00:00
xform_ipcomp.c Remove now unused mtag argument from ipsec*_common_input_cb. 2014-12-11 17:14:49 +00:00
xform_ipip.c Remove route chaching support from ipsec code. It isn't used for some time. 2014-12-02 04:20:50 +00:00
xform_tcp.c Remove route chaching support from ipsec code. It isn't used for some time. 2014-12-02 04:20:50 +00:00
xform.h Remove ip4_input() declaration. It was removed in r275133. 2014-11-27 00:27:39 +00:00