Re: [PATCH] Fix hard_use for xfrm_state

Herbert Xu <herbert@gondor.apana.org.au> · Sun, 1 Jun 2003 17:16:41 +1000

On Sat, May 31, 2003 at 11:56:49PM -0700, David S. Miller wrote:
>    
> What this code is trying to do is determine the earliest time
> at which it would next need to check that one of the following
> lifetime variables have expired:
> 
> 1) hard_add_expires_seconds
> 2) hard_use_expires_seconds
> 3) soft_add_expires_seconds
> 4) soft_use_expires_seconds

Right.

> It computes the minimum of all such timeouts and then uses this to
> reschedule the timer (or timeout/expire/rekey the xfrm_state).
> 
> Both soft and hard use expirations need to do something in this area.
> So at a minimum, your patch needs to be extended to fix the bug for
> the soft case as well.  It currently only fixes the hard case.

OK, I've attached the revised patch.

> But, when "x->curlft.use_time" is zero, we should compute 'tmo'
> as "x->lft.{soft,hard}_use_expires_seconds - now".  This means
> that it should be sufficient to just remove "&& x->curlft.use_time"
> from the two if statements.

Sorry, you've lost me there.  Isn't that going to make the policy
expire immediately if hard_use_expires_seconds = 900?

> This works because the earliest it could be first used is "now".
> Eventually, in your version of the fix, "now" could catch up to
> "add_time" and thus have the same failure you're trying to eliminate
> :-)

You'll have to explain that failure in a bit more detail I'm afraid :)
-- 
Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Index: kernel-source-2.5/net/xfrm/xfrm_state.c
===================================================================
RCS file: /home/gondolin/herbert/src/CVS/debian/kernel-source-2.5/net/xfrm/xfrm_state.c,v
retrieving revision 1.1.1.3
diff -u -r1.1.1.3 xfrm_state.c

--- kernel-source-2.5/net/xfrm/xfrm_state.c	27 May 2003 08:38:41 -0000	1.1.1.3
+++ kernel-source-2.5/net/xfrm/xfrm_state.c	1 Jun 2003 07:12:04 -0000
@@ -112,9 +112,9 @@
 		if (tmo < next)
 			next = tmo;
 	}
-	if (x->lft.hard_use_expires_seconds && x->curlft.use_time) {
+	if (x->lft.hard_use_expires_seconds) {
 		long tmo = x->lft.hard_use_expires_seconds +
-			x->curlft.use_time - now;
+			(x->curlft.use_time ?: x->curlft.add_time) - now;
 		if (tmo <= 0)
 			goto expired;
 		if (tmo < next)
@@ -130,9 +130,9 @@
 		else if (tmo < next)
 			next = tmo;
 	}
-	if (x->lft.soft_use_expires_seconds && x->curlft.use_time) {
+	if (x->lft.soft_use_expires_seconds) {
 		long tmo = x->lft.soft_use_expires_seconds +
-			x->curlft.use_time - now;
+			(x->curlft.use_time ?: x->curlft.add_time) - now;
 		if (tmo <= 0)
 			warn = 1;
 		else if (tmo < next)




