summaryrefslogtreecommitdiff
path: root/sys/netinet/ip_ipsp.c
AgeCommit message (Expand)Author
2022-01-04Add `ipsec_flows_mtx' mutex(9) to protect `ipsp_ids_*' list andYASUOKA Masahiko
2021-12-20Use per-CPU counters for tunnel descriptor block (TDB) statistics.Vitaliy Makkoveev
2021-12-19There are occasions where the walker function in tdb_walk() mightAlexander Bluhm
2021-12-14To cache lookups, the policy ipo is linked to its SA tdb. ThereAlexander Bluhm
2021-12-11Protect the write access to the TDB flags field with a mutex perAlexander Bluhm
2021-12-08Start documenting the locking strategy of struct tdb fields. NoteAlexander Bluhm
2021-12-07In ipo_tdb the flow contains a reference counted TDB cache. ThisAlexander Bluhm
2021-12-03Add tdb_delete_locked() to replace duplicate tdb deletion code inTobias Heider
2021-12-02Allow to build kernel without IPSEC or INET6 defines.Alexander Bluhm
2021-12-01Reintroduce the TDBF_DELETED flag. Checking next pointer to figureAlexander Bluhm
2021-11-29The network stack currently uses IPL_SOFTNET. Consistently initializeAlexander Bluhm
2021-11-29Using a void pointer for temporary allocated TDB in pfkeyv2 doesAlexander Bluhm
2021-11-26Put a mutex assert locked into puttdb_locked().Alexander Bluhm
2021-11-26Replace TDBF_DELETED flag with check if tdb was already unlinked.Tobias Heider
2021-11-25Implement reference counting for IPsec tdbs. Not all cases areAlexander Bluhm
2021-11-21Add the new `ipsec_exctdb' ipsec(4) counter to count and expose to theVitaliy Makkoveev
2021-11-21Fix whitespace and long lines.Alexander Bluhm
2021-11-18printing udpencap_port in ddb requires ntohs not ntohl. use better formatStuart Henderson
2021-11-16To debug IPsec and tdb refcounting it is useful to have "show tdb"Alexander Bluhm
2021-10-27The crypto layer needs the kernel lock. ah_zeroize() takes it whenAlexander Bluhm
2021-10-25Call a locked variant of tdb_unlink() from tdb_walk(). Fixes aAlexander Bluhm
2021-10-25Protect the tdb hashes with a mutex. Move initialization out ofAlexander Bluhm
2021-10-13The function ipip_output() was registered as .xf_output() xformAlexander Bluhm
2021-09-29Global variables to track initialisation behave poorly with MP.Alexander Bluhm
2021-07-27Revert "Use per-CPU counters for tunnel descriptor block" diff.mvs
2021-07-26Use per-CPU counters for tunnel descriptor block (tdb) statistics.mvs
2021-07-19Remove `ids' from `ipsec_ids_tree' while following ipsp_ids_insert()mvs
2021-07-18Introduce and use garbage collector for 'ipsec_ids' struct entitiesmvs
2021-07-08The xformsw array never changes. Declare struct xformsw constantAlexander Bluhm
2021-07-08Debug printfs in encdebug were inconsistent, some missing newlinesAlexander Bluhm
2021-03-10spellingJonathan Gray
2021-02-23Use pool to allocate tdbs.tobhe
2020-06-24kernel: use gettime(9)/getuptime(9) in lieu of time_second(9)/time_uptime(9)cheloha
2020-04-23Add support for autmatically moving traffic between rdomains on ipsec(4)tobhe
2019-05-11unbreak the build without IPSEC.Sebastian Benoit
2018-10-22ipsec: use monotonic clock for SA creation/lookup timestamps; ok dlg@cheloha
2018-08-28Add per-TDB counters and a new SADB extension to export them toMartin Pieuchot
2018-05-19Introduce a tdb_reaper() function to prevent a use-after-free when aMartin Pieuchot
2018-05-16Fix kernel builds without IPSEC.Reyk Floeter
2017-11-06Use %s and __func__ in DPRINTF() to reduce false positive with grep(1).Martin Pieuchot
2017-10-16Last changes before running IPsec w/o KERNEL_LOCK().Martin Pieuchot
2017-10-11Remove lie talking about splsoftclock().Martin Pieuchot
2017-08-11Remove NET_LOCK()'s argument.Martin Pieuchot
2017-06-26Split a part of tdb_delete() into tdb_unlink() so that we can removePatrick Wildt
2017-05-18The function name ip4_input() is confusing as it also handles IPv6Alexander Bluhm
2017-05-16Replace remaining splsoftassert(IPL_SOFTNET) by NET_ASSERT_LOCKED().Martin Pieuchot
2017-05-06Convert the xformsw definition to C99 style initializer. Also fixAlexander Bluhm
2017-05-05Expand SA_LEN(), there is no benefit for using the macro in theAlexander Bluhm
2017-02-14Get rid of recursive splsoftnet()/splx() dances and convert a timeout toMartin Pieuchot
2016-12-19Introduce the NET_LOCK() a rwlock used to serialize accesses to the partsMartin Pieuchot
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-29 12:07:04 +0000