On Fri, Dec 24, 2021 at 04:16:28PM +0900, YASUOKA Masahiko wrote:
> > - npppd l2pt ipsecflowinfo is not MP safe
>
> Does this mean the things we are discussing on the "Fix
> ipsp_spd_lookup() for transport mode" thread? I wonder if there is
> another issue.
In this mail thread I was concerned about things might get worse.
Currently I see these problems:
tdb_free() will be called with a shared netlock. From there
ipsp_ids_free() is called.
if (--ids->id_refcount > 0)
return;
This ref count needs to be atomic.
if (LIST_EMPTY(&ipsp_ids_gc_list))
timeout_add_sec(&ipsp_ids_gc_timeout, 1);
LIST_INSERT_HEAD(&ipsp_ids_gc_list, ids, id_gc_list);
And some mutex should protect ipsp_ids_gc_list.
bluhm
