Bug #1915
IPsec kstats shouldn't be persistent
Start date:
2011-12-21
Due date:
% Done:
100%
Estimated time:
Difficulty:
Medium
Tags:
needs-triage
Gerrit CR:
Description
Currently ipsec creates persistent kstats which are based upon the netstack id.
Having persistent kstats here doesn't actually make sense, because if we were to reuse this netstack id there is no guarantee that the same zone would use it.
Updated by John Sonnenschein about 9 years ago
[johns@johns ~/illumos-gate]$ git show HEAD commit bac5707c79d544cbe6b186bea95003005ddb28d8 Author: Robert Mustacchi <rm@joyent.com> Date: Fri Dec 16 01:57:56 2011 +0000 1915 IPsec esp kstats shouldn't be persistent Reviewed by: Bryan Cantrill <bryan@joyent.com> diff --git a/usr/src/uts/common/inet/ip/ipsecesp.c b/usr/src/uts/common/inet/ip/ipsecesp.c index 47972a8..5e4e400 100644 --- a/usr/src/uts/common/inet/ip/ipsecesp.c +++ b/usr/src/uts/common/inet/ip/ipsecesp.c @@ -21,6 +21,8 @@ /* * Copyright 2010 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. + * + * Copyright 2011 Joyent, Inc. All rights reserved. */ #include <sys/types.h> @@ -234,8 +236,7 @@ esp_kstat_init(ipsecesp_stack_t *espstack, netstackid_t stackid) { espstack->esp_ksp = kstat_create_netstack("ipsecesp", 0, "esp_stat", "net", KSTAT_TYPE_NAMED, - sizeof (esp_kstats_t) / sizeof (kstat_named_t), - KSTAT_FLAG_PERSISTENT, stackid); + sizeof (esp_kstats_t) / sizeof (kstat_named_t), 0, stackid); if (espstack->esp_ksp == NULL || espstack->esp_ksp->ks_data == NULL) return (B_FALSE);
Updated by Rich Lowe about 9 years ago
- Subject changed from IPsec esp kstats shouldn't be persistent to IPsec kstats shouldn't be persistent
Updated by Dan McDonald over 3 years ago
This one is also known as SmartOS bugs https://smartos.org/bugview/OS-816 and https://smartos.org/bugview/OS-6334
Updated by Dan McDonald over 3 years ago
The cause of this bug goes WAY back to before Stack Instances. Because of the IPsec loader thread, there was thought that maybe IPsec could be unloaded, and reloaded again, so persistent kstats were desirable in the face of such a possibility. Reality proved that once loaded, IPsec would stay up for the life of the system's boot.
Updated by Electric Monk about 3 years ago
- Status changed from New to Closed
- % Done changed from 0 to 100
git commit 281819e5f8b19cd8627541a22d261906fd190276
commit 281819e5f8b19cd8627541a22d261906fd190276 Author: Dan McDonald <danmcd@joyent.com> Date: 2017-12-08T18:35:58.000Z 1915 IPsec kstats shouldn't be persistent Reviewed by: Jason King <jason.king@joyent.com> Reviewed by: ken mays <maybird1776@yahoo.com> Reviewed by: Yuri Pankov <yuripv@gmx.com> Reviewed by: Igor Kozhukhov <igor@dilos.org> Approved by: Richard Lowe <richlowe@richlowe.net>