[PATCH rtems-libbsd] ipsec-tools/pfkey: Fix socket leak
Joel Sherrill
joel at rtems.org
Fri May 7 14:45:33 UTC 2021
On Fri, May 7, 2021 at 9:04 AM Christian MAUDERER <
christian.mauderer at embedded-brains.de> wrote:
> It is a bit hard to see: The setkey programm uses the functions from
> this library. In pfkey_open, a socket is opened and returned to setkey.
> But setkey never closes it.
>
This much I assumed from the words "socket" and "leak" :)
>
> We already have wrappers around all of the "dangerous" functions that
> allocated resources. The wrappers register the resource allocation. If
> an application called with rtems_bsd_program_call_main_with_data_restore
> exits, it will close or free the resources.
>
This makes sense. Is this documented?
>
> There are some other functions in the pfkey that don't work well with
> that mechanism. Therefore I only added the one function that is
> responsible for the socket leak.
>
How about add some more to the commit message along the lines of
what you explained here. It just isn't obvious how a change to a macro
without words like free or deallocate in it fixes anything.
>
> Note that it is a bit of a hack but it works. I have planned to replace
> the ipsec-tools with the tools from racoon2 soon to support newer
> encryption protocols. So I think it's a reasonable intermediate solution.
>
OK. One thing we have gotten better at is migrating to pick up better
things.
--joel
>
> Best regards
>
> Christian
>
> Am 07.05.21 um 15:56 schrieb Joel Sherrill:
> > How does this fix a leak?
> >
> > On Fri, May 7, 2021 at 7:09 AM Christian MAUDERER
> > <christian.mauderer at embedded-brains.de
> > <mailto:christian.mauderer at embedded-brains.de>> wrote:
> >
> > Note that I would like to push this patch on 5-freebsd-12 as well as
> on
> > master.
> >
> > Best regards
> >
> > Christian
> >
> >
> > Am 07.05.21 um 14:08 schrieb Christian Mauderer:
> > > Fixes #4404
> > > ---
> > > ipsec-tools/src/libipsec/pfkey.c | 7 +++++++
> > > 1 file changed, 7 insertions(+)
> > >
> > > diff --git a/ipsec-tools/src/libipsec/pfkey.c
> > b/ipsec-tools/src/libipsec/pfkey.c
> > > index a621be12..385a21a9 100644
> > > --- a/ipsec-tools/src/libipsec/pfkey.c
> > > +++ b/ipsec-tools/src/libipsec/pfkey.c
> > > @@ -1,5 +1,12 @@
> > > #include <machine/rtems-bsd-user-space.h>
> > >
> > > +#ifdef __rtems__
> > > +/* Only need socket from rtems-bsd-program wrappers! */
> > > +int
> > > +rtems_bsd_program_socket(int domain, int type, int protocol);
> > > +#define socket(domain, type, protocol) \
> > > + rtems_bsd_program_socket(domain, type, protocol)
> > > +#endif /* __rtems__ */
> > > /* $NetBSD: pfkey.c,v 1.21.2.1 2011/11/14 13:25:06 tteras Exp
> > $ */
> > >
> > > /* $KAME: pfkey.c,v 1.47 2003/10/02 19:52:12 itojun Exp $ */
> > >
> >
> > --
> > --------------------------------------------
> > embedded brains GmbH
> > Herr Christian MAUDERER
> > Dornierstr. 4
> > 82178 Puchheim
> > Germany
> > email: christian.mauderer at embedded-brains.de
> > <mailto:christian.mauderer at embedded-brains.de>
> > phone: +49-89-18 94 741 - 18
> > fax: +49-89-18 94 741 - 08
> >
> > Registergericht: Amtsgericht München
> > Registernummer: HRB 157899
> > Vertretungsberechtigte Geschäftsführer: Peter Rasmussen, Thomas
> Dörfler
> > Unsere Datenschutzerklärung finden Sie hier:
> > https://embedded-brains.de/datenschutzerklaerung/
> > <https://embedded-brains.de/datenschutzerklaerung/>
> > _______________________________________________
> > devel mailing list
> > devel at rtems.org <mailto:devel at rtems.org>
> > http://lists.rtems.org/mailman/listinfo/devel
> > <http://lists.rtems.org/mailman/listinfo/devel>
> >
>
> --
> --------------------------------------------
> embedded brains GmbH
> Herr Christian MAUDERER
> Dornierstr. 4
> 82178 Puchheim
> Germany
> email: christian.mauderer at embedded-brains.de
> phone: +49-89-18 94 741 - 18
> fax: +49-89-18 94 741 - 08
>
> Registergericht: Amtsgericht München
> Registernummer: HRB 157899
> Vertretungsberechtigte Geschäftsführer: Peter Rasmussen, Thomas Dörfler
> Unsere Datenschutzerklärung finden Sie hier:
> https://embedded-brains.de/datenschutzerklaerung/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rtems.org/pipermail/devel/attachments/20210507/851752bf/attachment-0001.html>
More information about the devel
mailing list