Page MenuHomeFreeBSD
Differential D37326

if_ovpn: ensure we're in vnet context when calling sorele()
ClosedPublic
Actions

Authored by kp on Nov 10 2022, 1:31 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Mar 23, 7:25 PM
Unknown Object (File)
Feb 8 2026, 9:38 AM
Unknown Object (File)
Feb 8 2026, 9:01 AM
Unknown Object (File)
Feb 7 2026, 10:47 PM
Unknown Object (File)
Jan 31 2026, 12:25 AM
Unknown Object (File)
Jan 30 2026, 1:48 AM
Unknown Object (File)
Dec 1 2025, 11:05 AM
Unknown Object (File)
Nov 13 2025, 2:27 PM
View All Files
Subscribers
ae
glebius
imp
melifaro

Details

Reviewers
None
Group Reviewers
network
pfsense
Commits
rG6905fd01cb64: if_ovpn: ensure we're in vnet context when calling sorele()
Summary

We reference count to ensure we don't release the socket while we still
have data in flight. That means that we can end up releasing the socket
from ovpn_encrypt_tx_cb().

We must have a vnet context set when calling sorele() (which asserts
this from within sofree()), so move the CURVNET_SET()/CURVNET_RESTORE()
to ensure this is the case.

While here also add a couple of assertions to make this more obvious,
and to ease future debugging.

Sponsored by: Rubicon Communications, LLC ("Netgate")

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 48253
Build 45139: arc lint + arc unit

Event Timeline

kp created this revision.Nov 10 2022, 1:31 PM
Herald added subscribers: glebius, melifaro, ae, imp. · View Herald TranscriptNov 10 2022, 1:31 PM
kp requested review of this revision.Nov 10 2022, 1:31 PM
Harbormaster completed remote builds in B48253: Diff 112841.Nov 10 2022, 1:31 PM
glebius added a comment.Nov 10 2022, 6:09 PM

Just a fractional micropercent optimization suggestion. First set the VNET context, then enter the epoch. Same at the end: first exit the epoch, then restore VNET pointer. The VNET context set on a thread for extra time doesn't have any negative impact. The epoch prolonged for extra time does.

kp updated this revision to Diff 112923.Nov 11 2022, 10:35 AM

micro-optimisation, as recommended by Gleb.

Harbormaster completed remote builds in B48298: Diff 112923.Nov 11 2022, 10:35 AM
This revision was not accepted when it landed; it landed in state Needs Review.Nov 14 2022, 8:37 AM
Closed by commit rG6905fd01cb64: if_ovpn: ensure we're in vnet context when calling sorele() (authored by kp). · Explain Why
This revision was automatically updated to reflect the committed changes.
kp added a commit: rG6905fd01cb64: if_ovpn: ensure we're in vnet context when calling sorele().

Revision Contents
Changeset List

PathSize
sys/
net/
19 lines

Diff 112841

View Options

sys/net/if_ovpn.c

Loading...