summaryrefslogtreecommitdiff
path: root/sys/netinet/ip_ipsp.c
AgeCommit message (Expand)Author
2023-08-07add the glue between ipsec security associations and sec(4) interfaces.David Gwynne
2022-11-11timeout(9): remove timeout_set_kclock(), TIMEOUT_INITIALIZER_KCLOCK()Scott Soule Cheloha
2022-11-05Fix kernel build without IPSEC option.Jan Klemkow
2022-08-06Clean up the netlock macros. Merge NET_RLOCK_IN_SOFTNET andAlexander Bluhm
2022-07-14Use capital letters for global ipsec(4) locks description. Use 'D'Vitaliy Makkoveev
2022-06-28Use btrace(8) to debug reference counting. dt(4) provides a staticAlexander Bluhm
2022-04-30When performing ipsp_ids_free(), grab `ipsec_flows_mtx' mutex(9) before doVitaliy Makkoveev
2022-03-10Use atomic load and store functions to access refcnt and waitAlexander Bluhm
2022-01-04Add `ipsec_flows_mtx' mutex(9) to protect `ipsp_ids_*' list andYASUOKA Masahiko
2021-12-20Use per-CPU counters for tunnel descriptor block (TDB) statistics.Vitaliy Makkoveev
2021-12-19There are occasions where the walker function in tdb_walk() mightAlexander Bluhm
2021-12-14To cache lookups, the policy ipo is linked to its SA tdb. ThereAlexander Bluhm
2021-12-11Protect the write access to the TDB flags field with a mutex perAlexander Bluhm
2021-12-08Start documenting the locking strategy of struct tdb fields. NoteAlexander Bluhm
2021-12-07In ipo_tdb the flow contains a reference counted TDB cache. ThisAlexander Bluhm
2021-12-03Add tdb_delete_locked() to replace duplicate tdb deletion code inTobias Heider
2021-12-02Allow to build kernel without IPSEC or INET6 defines.Alexander Bluhm
2021-12-01Reintroduce the TDBF_DELETED flag. Checking next pointer to figureAlexander Bluhm
2021-11-29The network stack currently uses IPL_SOFTNET. Consistently initializeAlexander Bluhm
2021-11-29Using a void pointer for temporary allocated TDB in pfkeyv2 doesAlexander Bluhm
2021-11-26Put a mutex assert locked into puttdb_locked().Alexander Bluhm
2021-11-26Replace TDBF_DELETED flag with check if tdb was already unlinked.Tobias Heider
2021-11-25Implement reference counting for IPsec tdbs. Not all cases areAlexander Bluhm
2021-11-21Add the new `ipsec_exctdb' ipsec(4) counter to count and expose to theVitaliy Makkoveev
2021-11-21Fix whitespace and long lines.Alexander Bluhm
2021-11-18printing udpencap_port in ddb requires ntohs not ntohl. use better formatStuart Henderson
2021-11-16To debug IPsec and tdb refcounting it is useful to have "show tdb"Alexander Bluhm
2021-10-27The crypto layer needs the kernel lock. ah_zeroize() takes it whenAlexander Bluhm
2021-10-25Call a locked variant of tdb_unlink() from tdb_walk(). Fixes aAlexander Bluhm
2021-10-25Protect the tdb hashes with a mutex. Move initialization out ofAlexander Bluhm
2021-10-13The function ipip_output() was registered as .xf_output() xformAlexander Bluhm
2021-09-29Global variables to track initialisation behave poorly with MP.Alexander Bluhm
2021-07-27Revert "Use per-CPU counters for tunnel descriptor block" diff.mvs
2021-07-26Use per-CPU counters for tunnel descriptor block (tdb) statistics.mvs
2021-07-19Remove `ids' from `ipsec_ids_tree' while following ipsp_ids_insert()mvs
2021-07-18Introduce and use garbage collector for 'ipsec_ids' struct entitiesmvs
2021-07-08The xformsw array never changes. Declare struct xformsw constantAlexander Bluhm
2021-07-08Debug printfs in encdebug were inconsistent, some missing newlinesAlexander Bluhm
2021-03-10spellingJonathan Gray
2021-02-23Use pool to allocate tdbs.tobhe
2020-06-24kernel: use gettime(9)/getuptime(9) in lieu of time_second(9)/time_uptime(9)cheloha
2020-04-23Add support for autmatically moving traffic between rdomains on ipsec(4)tobhe
2019-05-11unbreak the build without IPSEC.Sebastian Benoit
2018-10-22ipsec: use monotonic clock for SA creation/lookup timestamps; ok dlg@cheloha
2018-08-28Add per-TDB counters and a new SADB extension to export them toMartin Pieuchot
2018-05-19Introduce a tdb_reaper() function to prevent a use-after-free when aMartin Pieuchot
2018-05-16Fix kernel builds without IPSEC.Reyk Floeter
2017-11-06Use %s and __func__ in DPRINTF() to reduce false positive with grep(1).Martin Pieuchot
2017-10-16Last changes before running IPsec w/o KERNEL_LOCK().Martin Pieuchot
2017-10-11Remove lie talking about splsoftclock().Martin Pieuchot
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-02 12:41:25 +0000