From: mvs Date: Tue, 4 May 2021 09:28:04 +0000 (+0000) Subject: Initialize `ipsec_policy_pool' within pfkey_init() instead of doing that X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=83933ee2d12cd1e447fea7596debe725d6766d3e;p=openbsd Initialize `ipsec_policy_pool' within pfkey_init() instead of doing that in runtime within pfkeyv2_send(). Also set it's interrupt protection level to IPL_SOFTNET. ok bluhm@ mpi@ --- diff --git a/sys/net/pfkeyv2.c b/sys/net/pfkeyv2.c index 052d9a3b215..3a5693f630b 100644 --- a/sys/net/pfkeyv2.c +++ b/sys/net/pfkeyv2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkeyv2.c,v 1.210 2021/05/04 09:27:22 mvs Exp $ */ +/* $OpenBSD: pfkeyv2.c,v 1.211 2021/05/04 09:28:04 mvs Exp $ */ /* * @(#)COPYRIGHT 1.1 (NRL) 17 January 1995 @@ -252,6 +252,8 @@ pfkey_init(void) SRPL_INIT(&pkptable.pkp_list); pool_init(&pkpcb_pool, sizeof(struct pkpcb), 0, IPL_NONE, PR_WAITOK, "pkpcb", NULL); + pool_init(&ipsec_policy_pool, sizeof(struct ipsec_policy), 0, + IPL_SOFTNET, 0, "ipsec policy", NULL); } @@ -1887,13 +1889,6 @@ pfkeyv2_send(struct socket *so, void *message, int len) } if (!exists) { - if (ipsec_policy_pool_initialized == 0) { - ipsec_policy_pool_initialized = 1; - pool_init(&ipsec_policy_pool, - sizeof(struct ipsec_policy), 0, - IPL_NONE, 0, "ipsec policy", NULL); - } - /* Allocate policy entry */ ipo = pool_get(&ipsec_policy_pool, PR_NOWAIT|PR_ZERO); if (ipo == NULL) { diff --git a/sys/netinet/ip_ipsp.h b/sys/netinet/ip_ipsp.h index 1bea23e1e2b..e048fe7a422 100644 --- a/sys/netinet/ip_ipsp.h +++ b/sys/netinet/ip_ipsp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ipsp.h,v 1.196 2020/11/05 19:28:28 phessler Exp $ */ +/* $OpenBSD: ip_ipsp.h,v 1.197 2021/05/04 09:28:04 mvs Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr), @@ -482,7 +482,6 @@ struct xformsw { extern int ipsec_in_use; extern u_int64_t ipsec_last_added; -extern int ipsec_policy_pool_initialized; extern int encdebug; /* enable message reporting */ extern int ipsec_keep_invalid; /* lifetime of embryonic SAs (in sec) */ diff --git a/sys/netinet/ip_spd.c b/sys/netinet/ip_spd.c index 9487ee4893d..844621dac7e 100644 --- a/sys/netinet/ip_spd.c +++ b/sys/netinet/ip_spd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_spd.c,v 1.102 2020/06/24 22:03:43 cheloha Exp $ */ +/* $OpenBSD: ip_spd.c,v 1.103 2021/05/04 09:28:04 mvs Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) * @@ -50,7 +50,6 @@ void ipsp_delete_acquire(struct ipsec_acquire *); struct pool ipsec_policy_pool; struct pool ipsec_acquire_pool; -int ipsec_policy_pool_initialized = 0; /* Protected by the NET_LOCK(). */ int ipsec_acquire_pool_initialized = 0;