Start documenting the locking strategy of struct tdb fields. Note

that gettdb_dir() is MP safe now.  Add the tdb_sadb_mtx mutex in
udpencap_ctlinput() to protect the access to tdb_snext.  Make the
braces consistently for all these TDB loops.  Move NET_ASSERT_LOCKED()
into the functions where the read access happens.
OK mvs@

1 files changed, 4 insertions, 3 deletions

diff --git a/sys/netinet/ipsec_input.c b/sys/netinet/ipsec_input.c
index b850216bbc3..499bea22f79 100644
--- a/sys/netinet/ipsec_input.c
+++ b/sys/netinet/ipsec_input.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ipsec_input.c,v 1.196 2021/12/02 13:46:42 bluhm Exp $	*/
+/*	$OpenBSD: ipsec_input.c,v 1.197 2021/12/08 14:24:18 bluhm Exp $	*/
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -934,15 +934,16 @@ udpencap_ctlinput(int cmd, struct sockaddr *sa, u_int rdomain, void *v)
 
 	first = gettdbbysrcdst_rev(rdomain, 0, su_src, su_dst, IPPROTO_ESP);
 
+	mtx_enter(&tdb_sadb_mtx);
 	for (tdbp = first; tdbp != NULL; tdbp = tdbp->tdb_snext) {
 		if (tdbp->tdb_sproto == IPPROTO_ESP &&
 		    ((tdbp->tdb_flags & (TDBF_INVALID|TDBF_UDPENCAP)) ==
 		    TDBF_UDPENCAP) &&
 		    !memcmp(&tdbp->tdb_dst, &dst, su_dst->sa.sa_len) &&
-		    !memcmp(&tdbp->tdb_src, &src, su_src->sa.sa_len)) {
+		    !memcmp(&tdbp->tdb_src, &src, su_src->sa.sa_len))
 			ipsec_set_mtu(tdbp, mtu);
-		}
 	}
+	mtx_leave(&tdb_sadb_mtx);
 	tdb_unref(first);
 }