| Age | Commit message (Collapse) | Author |
|---|
|
crypto task anymore, it is possible to return the next protocol.
Then ip_deliver() will walk the header chain in its loop.
IPsec bridge(4) tested by jan@
OK mvs@ tobhe@ jan@
|
|
ok patrick@
|
|
ok patrick@
|
|
all callers get an update if the mbuf changes.
OK tobhe@
|
|
called from tdb_walk(). tdb_walk() needs mutex tdb_sadb_mtx to
protect the loop traversal. First take the kernel lock in tdb_walk()
to preserve lock order.
found by witness
OK tobhe@ mvs@
|
|
set the error output parameter or return a tdb. Both are ignored
in in_pcbconnect(). Remove the code that does nothing.
OK tobhe@ jca@ mvs@
|
|
mutex locking against myself panic introduced by my previous commit.
OK beck@ patrick@
|
|
the processing path. If rehashing fails due to low memory, just
keep the old hash buckets.
OK tobhe@
|
|
Found by jsg@
ok patrick@
|
|
ok bluhm@
|
|
for ah, esp, and ipcomp. Move common code into ipsec_protoff()
which finds the offset of the next protocol field in the previous
header.
OK tobhe@
|
|
ok bluhm@
|
|
to old crypto API.
ok bluhm@
|
|
to the mbuf to update it globally. At the end it will reach
ip_deliver() which expects a pointer to an mbuf.
OK sashan@
|
|
This was needed to pass arguments to the callback function, but is no longer
necessary after the API makeover.
ok bluhm@
|
|
ok patrick@
|
|
counter is handled there.
OK tobhe@
|
|
the mbuf, the callers must be careful. Although there is no bug,
use the common pattern to handle this. Pass down an mbuf pointer
mp and let m_pullup() update the pointer in all callers.
It looks like the tcp signature functions should not be called.
Avoid an mbuf leak and return an error.
OK mvs@
|
|
Retrieve ilen and olen from crypto descriptors before freeing them.
Found by regress/sys/netinet/ipsec.
OK mpi@
|
|
adds unnecessary complexity. Dedicated crypto offloading devices are not common
anymore. Modern CPU crypto acceleration works synchronously, eliminating the need
for callbacks.
Replace all occurrences of crypto_dispatch() with crypto_invoke(), which is
blocking and only returns after the operation has completed or an error occured.
Invoke callback functions directly from the consumer (e.g. IPsec, softraid)
instead of relying on the crypto driver to call crypto_done().
ok bluhm@ mvs@ patrick@
|
|
OK tobhe@
|
|
algorithm is gone. Reomve all LZS references from the tree. The
v42bis in isakmpd also looks unsupported.
OK mvs@ patrick@ sthen@
|
|
not reachable because all callers had set the CRYPTO_F_NOQUEUE flag.
ok patrick@ mvs@ bluhm@
|
|
ok bluhm@
|
|
ok mvs@
|
|
void and remove error handling in the callers.
OK patrick@ mvs@
|
|
function. But was is never called via this pointer. It would have
immediatley crashed as mp is always NULL when called via .xf_output().
Do not set .xf_output to ipip_output. This allows to pass only the
parameters which are actually needed and the control flow is clearer.
OK mpi@
|
|
goto drop instead of return. An ENOBUFS should be EINVAL in IPv6
case. Also use combined packet and byte counter.
OK sthen@ dlg@
|
|
in ipsec_common_ctlinput() is not necessary, the loop in ipsec_set_mtu()
does that anyway. udpencap_ctlinput() did not work for bundled SA,
this also needs the loop in ipsec_set_mtu().
OK sthen@
|
|
Move the tdb pool init into an init function.
OK mvs@
|
|
ok gnezdo@
|
|
The sending machine is doing zero window probes, but is not sending
any more data although the other machine announced that it has space
again. The header prediction code did not update snd_wl2. If there
was a sequence number wrap, the send window update block is not
reached.
Update snd_wl2 when receiving predicted ACKs and and update snd_wl1
and rcv_up for predicted pure data.
from FreeBSD; OK sashan@ claudio@
|
|
|
|
Panic reported by Hrvoje Popovski.
|
|
'tdb_data' struct became unused and was removed.
ok bluhm@
|
|
task queues were unlimited and could overflow during havy traffic.
Even if we still use hardware drivers that sleep, softnet task
instead of soft interrupt can handle this now. Without queues net
lock is inherited and kernel lock is only needed once per packet.
This results in less lock contention and faster IPsec.
Also protect tdb drop counters with net lock and avoid a leak in
crypto dispatch error handling.
intense testing Hrvoje Popovski; OK mpi@
|
|
strict. ICMP error packets generated by pf were not passed
immediately, but could be blocked. Preserve PF_TAG_GENERATED flag
in icmp_reflect() and icmp6_reflect().
reported by sf@; OK patrick@ kn@
|
|
previous commit.
|
|
should not happen, but always check error conditions. tq is never
NULL, remove the check. tdb->tdb_odrops++ is not MP safe, but will
be addressed separately in ipsec_output_cb().
OK mvs@
|
|
error path. This fixes use-after-free issue. Also fix debug message
mistype pointed by bluhm@ in error path.
ok millert@ bluhm@
|
|
destruction instead of using per-entity timeout. This fixes the races
between ipsp_ids_insert(), ipsp_ids_free() and ipsp_ids_timeout().
ipsp_ids_insert() can't stop ipsp_ids_timeout() timeout handler which is
already running and awaiting netlock to be released, so reused `ids' will
be silently removed in this case.
ipsp_ids_free() can't determine is ipsp_ids_timeout() timeout handler
running because timeout_del(9) called by ipsp_ids_insert() clears it's
triggered state. So ipsp_ids_timeout() could be scheduled to run twice in
this case.
Also hrvoje@ reported about ipsec(4) throughput increased with this diff
so it seems we caught significant count of ipsp_ids_insert() races.
tests and feedback by hrvoje@
ok bluhm@
|
|
counter than after decryption. This could result in "esp_input_cb:
authentication failed for packet in SA" errors. As we run crypto
operations async, thousands of packets are stored in the crypto
task. During the queueing the replay counter of the tdb can change.
Then the higher 32 bits may increment although the lower 32 bits
did not wrap.
checkreplaywindow() must be called twice per packet with the same
replay counter. Store the value in struct tdb_crypto while dangling
in the task queue and doing crypto operations.
tested by Hrvoje Popovski; joint work with tobhe@
|
|
OK tobhe@
|
|
route and was not there before. This should prevent a recursion
in path MTU discovery with TCP over IPsec.
reported and tested Matthias Schmidt; tested and OK tobhe@
|
|
ok tobhe@
|
|
and map data read only.
OK deraadt@ mvs@ mpi@
|
|
doing that in runtime within ipsp_acquire_sa().
ok bluhm@
|
|
produced ugly output. Move the function name and the newline into
the DPRINTF macro. This simplifies the debug statements.
OK tobhe@
|
|
constant. Then they are mapped as read only.
OK deraadt@ dlg@
|
|
because smr_read sections don't play well with sleeping locks in pf(4).
OK bluhm@
|
