git: 01f43479b592 - main - ipsec: Drain async ipsec_offload work when destroying a vnet
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 04 Sep 2024 14:29:03 UTC
The branch main has been updated by markj:
URL: https://cgit.FreeBSD.org/src/commit/?id=01f43479b5925d5e1f996a5ae2929aa2d2aab83b
commit 01f43479b5925d5e1f996a5ae2929aa2d2aab83b
Author: Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2024-08-30 00:44:45 +0000
Commit: Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-09-04 14:28:28 +0000
ipsec: Drain async ipsec_offload work when destroying a vnet
Re-apply commit e196b12f4d4d. This was reverted by commit 28294dc92476
because it could trigger a deadlock, but the underlying problem there
was fixed in commit f76826b892de.
Reported by: KASAN
Reviewed by: kib
Fixes: ef2a572bf6bd ("ipsec_offload: kernel infrastructure")
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D46483
---
sys/netipsec/ipsec_offload.c | 2 +-
sys/netipsec/key.c | 3 +++
2 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/sys/netipsec/ipsec_offload.c b/sys/netipsec/ipsec_offload.c
index a06e91ada1a1..19719a8f171b 100644
--- a/sys/netipsec/ipsec_offload.c
+++ b/sys/netipsec/ipsec_offload.c
@@ -392,7 +392,7 @@ ipsec_accel_sa_newkey_impl(struct secasvar *sav)
TASK_INIT(&tq->install_task, 0, ipsec_accel_sa_newkey_act, tq);
tq->sav = sav;
- tq->install_vnet = curthread->td_vnet; /* XXXKIB liveness */
+ tq->install_vnet = curthread->td_vnet;
taskqueue_enqueue(ipsec_accel_tq, &tq->install_task);
}
diff --git a/sys/netipsec/key.c b/sys/netipsec/key.c
index 5a3e5727bc2e..ad1d6164f158 100644
--- a/sys/netipsec/key.c
+++ b/sys/netipsec/key.c
@@ -8713,6 +8713,9 @@ key_vnet_destroy(void *arg __unused)
}
SAHTREE_WUNLOCK();
+ /* Wait for async work referencing this VNET to finish. */
+ ipsec_accel_sync();
+
key_freesah_flushed(&sahdrainq);
hashdestroy(V_sphashtbl, M_IPSEC_SP, V_sphash_mask);
hashdestroy(V_savhashtbl, M_IPSEC_SA, V_savhash_mask);