Implement reference counting for IPsec tdbs. Not all cases are

covered yet, more ref counts to come.  The timeouts are protected,
so the racy tdb_reaper() gets retired.  The tdb_policy_head, onext
and inext lists are protected.  All gettdb...() functions return a
tdb that is ref counted and has to be unrefed later.  A flag ensures
that tdb_delete() is called only once.
Tested by Hrvoje Popovski; OK sthen@ mvs@ tobhe@

1 files changed, 9 insertions, 2 deletions

diff --git a/sys/netinet/ip_ipsp.h b/sys/netinet/ip_ipsp.h
index 65bcf73eb3b..46fd13b610b 100644
--- a/sys/netinet/ip_ipsp.h
+++ b/sys/netinet/ip_ipsp.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_ipsp.h,v 1.221 2021/11/21 16:17:48 mvs Exp $	*/
+/*	$OpenBSD: ip_ipsp.h,v 1.222 2021/11/25 13:46:02 bluhm Exp $	*/
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr),
@@ -324,6 +324,8 @@ struct tdb {				/* tunnel descriptor block */
 	struct tdb	*tdb_inext;
 	struct tdb	*tdb_onext;
 
+	struct refcnt	tdb_refcnt;
+
 	const struct xformsw	*tdb_xform;		/* Transform to use */
 	const struct enc_xform	*tdb_encalgxform;	/* Enc algorithm */
 	const struct auth_hash	*tdb_authalgxform;	/* Auth algorithm */
@@ -335,6 +337,7 @@ struct tdb {				/* tunnel descriptor block */
 #define	TDBF_ALLOCATIONS	0x00008	/* Check the flows counters */
 #define	TDBF_INVALID		0x00010	/* This SPI is not valid yet/anymore */
 #define	TDBF_FIRSTUSE		0x00020	/* Expire after first use */
+#define	TDBF_DELETED		0x00040	/* This TDB has already been deleted */
 #define	TDBF_SOFT_TIMER		0x00080	/* Soft expiration */
 #define	TDBF_SOFT_BYTES		0x00100	/* Soft expiration */
 #define	TDBF_SOFT_ALLOCATIONS	0x00200	/* Soft expiration */
@@ -349,7 +352,7 @@ struct tdb {				/* tunnel descriptor block */
 
 #define TDBF_BITS ("\20" \
 	"\1UNIQUE\2TIMER\3BYTES\4ALLOCATIONS" \
-	"\5INVALID\6FIRSTUSE\10SOFT_TIMER" \
+	"\5INVALID\6FIRSTUSE\7DELETED\10SOFT_TIMER" \
 	"\11SOFT_BYTES\12SOFT_ALLOCATIONS\13SOFT_FIRSTUSE\14PFS" \
 	"\15TUNNELING" \
 	"\21USEDTUNNEL\22UDPENCAP\23PFSYNC\24PFSYNC_RPL" \
@@ -564,10 +567,14 @@ struct	tdb *gettdbbysrcdst_dir(u_int, u_int32_t, union sockaddr_union *,
 void	puttdb(struct tdb *);
 void	tdb_delete(struct tdb *);
 struct	tdb *tdb_alloc(u_int);
+struct	tdb *tdb_ref(struct tdb *);
+void	tdb_unref(struct tdb *);
 void	tdb_free(struct tdb *);
 int	tdb_init(struct tdb *, u_int16_t, struct ipsecinit *);
 void	tdb_unlink(struct tdb *);
 void	tdb_unlink_locked(struct tdb *);
+void	tdb_unbundle(struct tdb *);
+void	tdb_deltimeouts(struct tdb *);
 int	tdb_walk(u_int, int (*)(struct tdb *, void *, int), void *);
 void	tdb_printit(void *, int, int (*)(const char *, ...));