CVS commit: src/sys/netipsec

Thu, 08 Dec 2022 00:05:15 -0800 

Module Name:    src
Committed By:   knakahara
Date:           Thu Dec  8 08:05:03 UTC 2022

Modified Files:
        src/sys/netipsec: ipsecif.c key.c key.h

Log Message:
Fix: update lastused of ipsecif(4) IPv6 out SP.


To generate a diff of this commit:
cvs rdiff -u -r1.20 -r1.21 src/sys/netipsec/ipsecif.c
cvs rdiff -u -r1.278 -r1.279 src/sys/netipsec/key.c
cvs rdiff -u -r1.37 -r1.38 src/sys/netipsec/key.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/netipsec/ipsecif.c
diff -u src/sys/netipsec/ipsecif.c:1.20 src/sys/netipsec/ipsecif.c:1.21
--- src/sys/netipsec/ipsecif.c:1.20	Wed Dec  7 08:30:15 2022
+++ src/sys/netipsec/ipsecif.c	Thu Dec  8 08:05:03 2022
@@ -1,4 +1,4 @@
-/*	$NetBSD: ipsecif.c,v 1.20 2022/12/07 08:30:15 knakahara Exp $  */
+/*	$NetBSD: ipsecif.c,v 1.21 2022/12/08 08:05:03 knakahara Exp $  */
 
 /*
  * Copyright (c) 2017 Internet Initiative Japan Inc.
@@ -27,7 +27,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsecif.c,v 1.20 2022/12/07 08:30:15 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsecif.c,v 1.21 2022/12/08 08:05:03 knakahara Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -395,7 +395,10 @@ ipsecif4_output(struct ipsec_variant *va
 	/*
 	 * The SPs in ipsec_variant are prevented from freed by
 	 * ipsec_variant->iv_psref. So, KEY_SP_REF() is unnecessary here.
+	 *
+	 * However, lastused should be updated.
 	 */
+	key_sp_touch(sp);
 
 	KASSERT(sp->policy != IPSEC_POLICY_NONE);
 	KASSERT(sp->policy != IPSEC_POLICY_ENTRUST);

Index: src/sys/netipsec/key.c
diff -u src/sys/netipsec/key.c:1.278 src/sys/netipsec/key.c:1.279
--- src/sys/netipsec/key.c:1.278	Wed Oct 19 21:28:02 2022
+++ src/sys/netipsec/key.c	Thu Dec  8 08:05:03 2022
@@ -1,4 +1,4 @@
-/*	$NetBSD: key.c,v 1.278 2022/10/19 21:28:02 christos Exp $	*/
+/*	$NetBSD: key.c,v 1.279 2022/12/08 08:05:03 knakahara Exp $	*/
 /*	$FreeBSD: key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $	*/
 /*	$KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $	*/
 
@@ -32,7 +32,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.278 2022/10/19 21:28:02 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.279 2022/12/08 08:05:03 knakahara Exp $");
 
 /*
  * This code is referred to RFC 2367
@@ -871,6 +871,13 @@ key_sp_refcnt(const struct secpolicy *sp
 	return 0;
 }
 
+void
+key_sp_touch(struct secpolicy *sp)
+{
+
+	sp->lastused = time_uptime;
+}
+
 static void
 key_spd_pserialize_perform(void)
 {

Index: src/sys/netipsec/key.h
diff -u src/sys/netipsec/key.h:1.37 src/sys/netipsec/key.h:1.38
--- src/sys/netipsec/key.h:1.37	Mon Aug  9 20:49:10 2021
+++ src/sys/netipsec/key.h	Thu Dec  8 08:05:03 2022
@@ -1,4 +1,4 @@
-/*	$NetBSD: key.h,v 1.37 2021/08/09 20:49:10 andvar Exp $	*/
+/*	$NetBSD: key.h,v 1.38 2022/12/08 08:05:03 knakahara Exp $	*/
 /*	$FreeBSD: key.h,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $	*/
 /*	$KAME: key.h,v 1.21 2001/07/27 03:51:30 itojun Exp $	*/
 
@@ -67,6 +67,7 @@ void key_free_sp(struct secpolicy *);
 u_int key_sp_refcnt(const struct secpolicy *);
 void key_sp_ref(struct secpolicy *, const char *, int);
 void key_sp_unref(struct secpolicy *, const char *, int);
+void key_sp_touch(struct secpolicy *);
 void key_sa_ref(struct secasvar *, const char *, int);
 void key_sa_unref(struct secasvar *, const char *, int);
 u_int key_sa_refcnt(const struct secasvar *);

Reply via email to