diff options
author | Filip Tehlar <ftehlar@cisco.com> | 2020-05-01 06:37:39 +0000 |
---|---|---|
committer | Damjan Marion <dmarion@me.com> | 2020-05-05 10:44:42 +0000 |
commit | 2fdb41ae41bd3a034bf28d06c17df992fc664d37 (patch) | |
tree | a582840e08344472288e5ccfae3b8ce466fc3c33 /src | |
parent | ed63a0ff7b819ebfc4d82b4cfc09218fc49b8977 (diff) |
ikev2: remove sa from main thread
Type: fix
Change-Id: Ib73ce48552cfa9e825a6833f5594650783d82f3b
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/plugins/ikev2/ikev2.c | 46 |
1 files changed, 29 insertions, 17 deletions
diff --git a/src/plugins/ikev2/ikev2.c b/src/plugins/ikev2/ikev2.c index 1baa01eab9d..d695e2d85d1 100644 --- a/src/plugins/ikev2/ikev2.c +++ b/src/plugins/ikev2/ikev2.c @@ -380,8 +380,6 @@ ikev2_complete_sa_data (ikev2_sa_t * sa, ikev2_sa_t * sai) ikev2_sa_transform_t *t = 0, *t2; ikev2_main_t *km = &ikev2_main; - sai->init_response_received = 1; - /*move some data to the new SA */ #define _(A) ({void* __tmp__ = (A); (A) = 0; __tmp__;}) sa->i_nonce = _(sai->i_nonce); @@ -2310,6 +2308,27 @@ ikev2_init_sa (vlib_main_t * vm, ikev2_sa_t * sa) sa->liveness_period_check = vlib_time_now (vm) + km->liveness_period; } +static void +ikev2_del_sa_init_from_main (u64 * ispi) +{ + ikev2_main_t *km = &ikev2_main; + uword *p = hash_get (km->sa_by_ispi, *ispi); + if (p) + { + ikev2_sa_t *sai = pool_elt_at_index (km->sais, p[0]); + hash_unset (km->sa_by_ispi, sai->ispi); + ikev2_sa_free_all_vec (sai); + pool_put (km->sais, sai); + } +} + +static void +ikev2_del_sa_init (u64 ispi) +{ + vl_api_rpc_call_main_thread (ikev2_del_sa_init_from_main, (u8 *) & ispi, + sizeof (ispi)); +} + static uword ikev2_node_fn (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) @@ -2444,18 +2463,19 @@ ikev2_node_fn (vlib_main_t * vm, ikev2_sa_t *sai = pool_elt_at_index (km->sais, p[0]); - if (sai->init_response_received) - { - /* we've already processed sa-init response */ - sa0->state = IKEV2_STATE_UNKNOWN; - } - else + if (clib_atomic_bool_cmp_and_swap + (&sai->init_response_received, 0, 1)) { ikev2_complete_sa_data (sa0, sai); ikev2_calc_keys (sa0); ikev2_sa_auth_init (sa0); len = ikev2_generate_message (sa0, ike0, 0); } + else + { + /* we've already processed sa-init response */ + sa0->state = IKEV2_STATE_UNKNOWN; + } } } @@ -2516,15 +2536,7 @@ ikev2_node_fn (vlib_main_t * vm, if (sa0->is_initiator) { - uword *p = hash_get (km->sa_by_ispi, ike0->ispi); - if (p) - { - ikev2_sa_t *sai = - pool_elt_at_index (km->sais, p[0]); - hash_unset (km->sa_by_ispi, sai->ispi); - ikev2_sa_free_all_vec (sai); - pool_put (km->sais, sai); - } + ikev2_del_sa_init (ike0->ispi); } else { |