d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2a4fd6b17a
freebsd-skq/sys/netipsec
History
Andrey V. Elsukov f367798498 Take extra reference to security policy before calling crypto_dispatch(). 
Currently we perform crypto requests for IPSEC synchronous for most of
crypto providers (software, aesni) and only VIA padlock calls crypto
callback asynchronous. In synchronous mode it is possible, that security
policy will be removed during the processing crypto request. And crypto
callback will release the last reference to SP. Then upon return into
ipsec[46]_process_packet() IPSECREQUEST_UNLOCK() will be called to already
freed request. To prevent this we will take extra reference to SP.

PR:		201876
Sponsored by:	Yandex LLC
2015-09-30 08:16:33 +00:00
..
ah_var.h
ah.h
esp_var.h
esp.h Summary: Remove spurious, extra, next header comments. 2015-05-15 18:04:49 +00:00
ipcomp_var.h
ipcomp.h
ipsec6.h Remove now unused mtag argument from ipsec*_common_input_cb. 2014-12-11 17:14:49 +00:00
ipsec_input.c IPSEC, remove variable argument function its already due. 2015-07-21 21:46:24 +00:00
ipsec_mbuf.c Remove route chaching support from ipsec code. It isn't used for some time. 2014-12-02 04:20:50 +00:00
ipsec_output.c Take extra reference to security policy before calling crypto_dispatch(). 2015-09-30 08:16:33 +00:00
ipsec.c Reduce overhead of IPSEC for traffic generated from host 2015-07-03 15:31:56 +00:00
ipsec.h IPSEC, remove variable argument function its already due. 2015-07-21 21:46:24 +00:00
key_debug.c Make IPsec work with AES-GCM and AES-ICM (aka CTR) in OCF... IPsec 2015-08-04 17:47:11 +00:00
key_debug.h Remove __P() macro. 2014-12-03 04:08:41 +00:00
key_var.h Remove more constants related to static sysctl nodes. The MAXID constants 2014-02-25 18:44:33 +00:00
key.c Make IPsec work with AES-GCM and AES-ICM (aka CTR) in OCF... IPsec 2015-08-04 17:47:11 +00:00
key.h drop key_sa_stir_iv as it isn't used... 2015-06-11 13:05:37 +00:00
keydb.h Make IPsec work with AES-GCM and AES-ICM (aka CTR) in OCF... IPsec 2015-08-04 17:47:11 +00:00
keysock.c Remove unneded mbuf length adjustment, M_PREPEND() already did that. 2015-05-19 17:14:27 +00:00
keysock.h Remove __P() macro. 2014-12-03 04:08:41 +00:00
xform_ah.c Take extra reference to security policy before calling crypto_dispatch(). 2015-09-30 08:16:33 +00:00
xform_esp.c Take extra reference to security policy before calling crypto_dispatch(). 2015-09-30 08:16:33 +00:00
xform_ipcomp.c Take extra reference to security policy before calling crypto_dispatch(). 2015-09-30 08:16:33 +00:00
xform_tcp.c Remove route chaching support from ipsec code. It isn't used for some time. 2014-12-02 04:20:50 +00:00
xform.h RFC4868 section 2.3 requires that the output be half... This fixes 2015-07-29 07:15:16 +00:00