Page MenuHomeFreeBSD

if_ovpn: ensure we're in vnet context when calling sorele()
ClosedPublic

Authored by kp on Nov 10 2022, 1:31 PM.
Tags
None
Referenced Files
F105195158: D37326.id112841.diff
Fri, Dec 13, 10:10 AM
Unknown Object (File)
Thu, Dec 12, 12:03 PM
Unknown Object (File)
Tue, Dec 10, 6:09 AM
Unknown Object (File)
Sun, Dec 8, 3:44 AM
Unknown Object (File)
Sat, Nov 16, 7:37 PM
Unknown Object (File)
Sat, Nov 16, 6:23 AM
Unknown Object (File)
Oct 18 2024, 12:43 AM
Unknown Object (File)
Sep 30 2024, 1:42 PM

Details

Summary

We reference count to ensure we don't release the socket while we still
have data in flight. That means that we can end up releasing the socket
from ovpn_encrypt_tx_cb().

We must have a vnet context set when calling sorele() (which asserts
this from within sofree()), so move the CURVNET_SET()/CURVNET_RESTORE()
to ensure this is the case.

While here also add a couple of assertions to make this more obvious,
and to ease future debugging.

Sponsored by: Rubicon Communications, LLC ("Netgate")

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kp requested review of this revision.Nov 10 2022, 1:31 PM

Just a fractional micropercent optimization suggestion. First set the VNET context, then enter the epoch. Same at the end: first exit the epoch, then restore VNET pointer. The VNET context set on a thread for extra time doesn't have any negative impact. The epoch prolonged for extra time does.

micro-optimisation, as recommended by Gleb.

This revision was not accepted when it landed; it landed in state Needs Review.Nov 14 2022, 8:37 AM
This revision was automatically updated to reflect the committed changes.