#
1.114 |
|
22-May-2022 |
riastradh |
opencrypto: crypto_dispatch never fails now. Make it return void.
Same with crypto_kdispatch.
|
#
1.113 |
|
22-May-2022 |
riastradh |
opencrypto: Rip out EAGAIN logic when unregistering crypto drivers.
I'm pretty sure this never worked reliably based on code inspection, and it's unlikely to have ever been tested because it only applies when unregistering a driver -- but we have no crypto drivers for removable devices, so it would only apply if we went out of our way to trigger detach with drvctl.
Instead, just make the operation fail with ENODEV, and remove all the callback logic to resubmit the request on EAGAIN. (Maybe this should be ENXIO, but crypto_kdispatch already does ENODEV.)
|
#
1.112 |
|
22-May-2022 |
riastradh |
opencrypto: Make crypto_freesession return void.
No callers use the return value. It is not sensible to allow this to fail.
|
#
1.111 |
|
22-May-2022 |
riastradh |
netipsec: Nothing uses xf_zeroize return value. Nix it.
|
#
1.110 |
|
22-May-2022 |
riastradh |
opencrypto: Make crp_callback, krp_callback return void.
Nothing uses the return values inside opencrypto, so let's stop making users return them.
|
Revision tags: thorpej-i2c-spi-conf2-base thorpej-futex2-base thorpej-cfargs2-base cjep_sun2x-base1 cjep_sun2x-base cjep_staticlib_x-base1 cjep_staticlib_x-base thorpej-i2c-spi-conf-base thorpej-cfargs-base thorpej-futex-base bouyer-xenpvh-base2 phil-wifi-20200421 bouyer-xenpvh-base1 phil-wifi-20200411 bouyer-xenpvh-base is-mlppp-base phil-wifi-20200406 ad-namecache-base3 ad-namecache-base2 ad-namecache-base1 ad-namecache-base phil-wifi-20191119
|
#
1.109 |
|
01-Nov-2019 |
knakahara |
Fix ipsecif(4) IPV6_MINMTU does not work correctly.
|
Revision tags: netbsd-9-2-RELEASE netbsd-9-1-RELEASE netbsd-9-0-RELEASE netbsd-9-0-RC2 netbsd-9-0-RC1 netbsd-9-base
|
#
1.108 |
|
12-Jun-2019 |
christos |
make DPRINTF use varyadic cpp macros, and merge with IPSECLOG.
|
Revision tags: phil-wifi-20190609 isaki-audio2-base
|
#
1.107 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906 pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625
|
#
1.106 |
|
31-May-2018 |
maxv |
branches: 1.106.2; Constify ipseczeroes, and remove one use of it.
|
#
1.105 |
|
30-May-2018 |
maxv |
Correctly handle the padding for IPv6-AH, as specified by RFC4302. Seen in a FreeBSD bug report, by Jason Mader.
The RFC specifies that under IPv6 the complete AH header must be 64bit- aligned, and under IPv4 32bit-aligned. That's a rule we've never respected. The other BSDs and MacOS never have either.
So respect it now.
This makes it possible to set up IPv6-AH between Linux and NetBSD, and also probably between Windows and NetBSD.
Until now all the tests I made were between two *BSD hosts, and everything worked "correctly" since both hosts were speaking the same non-standard AHv6, so they could understand each other.
Tested with Fedora<->NetBSD, hmac-sha2-384.
|
#
1.104 |
|
30-May-2018 |
maxv |
Introduce ah_authsiz, which computes the length of the ICV only. Use it in esp_hdrsiz, and clarify.
Until now we were using ah_hdrsiz, and were relying on the fact that the size of the AH header happens to be equal to that of the ESP trailer.
Now the size of the ESP trailer is added manually. This also fixes one branch in esp_hdrsiz: we always append an ESP trailer, so it must always be taken into account, and not just when an ICV is here.
|
#
1.103 |
|
29-May-2018 |
maxv |
Strengthen and simplify, once more.
|
#
1.102 |
|
29-May-2018 |
ozaki-r |
Fix non-INET6 builds
|
Revision tags: pgoyette-compat-0521
|
#
1.101 |
|
18-May-2018 |
maxv |
IP6_EXTHDR_GET -> M_REGION_GET, no functional change.
|
#
1.100 |
|
13-May-2018 |
maxv |
Remove unused calls to nat_t_ports_get.
|
#
1.99 |
|
11-May-2018 |
maxv |
ENOBUFS -> EACCES when updating the replay counter.
|
#
1.98 |
|
07-May-2018 |
maxv |
Remove unused 'mp' argument from all the xf_output functions. Also clean up xform.h a bit.
|
Revision tags: pgoyette-compat-0502
|
#
1.97 |
|
01-May-2018 |
maxv |
When IP6_EXTHDR_GET fails, return ENOBUFS, and don't log an error (HDROPS is not supposed to be used here).
|
#
1.96 |
|
01-May-2018 |
maxv |
When the replay check fails, return EACCES instead of ENOBUFS.
|
#
1.95 |
|
28-Apr-2018 |
maxv |
Remove IPSEC_SPLASSERT_SOFTNET, it has always been a no-op.
|
#
1.94 |
|
24-Apr-2018 |
maxv |
Remove the M_AUTHIPDGM flag. It is equivalent to M_AUTHIPHDR, both are set in IPsec-AH, and they are always handled together.
|
#
1.93 |
|
23-Apr-2018 |
maxv |
Remove the kernel RH0 code. RH0 is deprecated by RFC5095, for security reasons. RH0 was already removed in the kernel's input path, but some parts were still present in the output path: they are now removed.
Sent on tech-net@ a few days ago.
|
Revision tags: pgoyette-compat-0422
|
#
1.92 |
|
19-Apr-2018 |
maxv |
Remove extra long file paths from the headers.
|
#
1.91 |
|
19-Apr-2018 |
maxv |
cosmetic
|
#
1.90 |
|
18-Apr-2018 |
maxv |
Simplify the IPv4 parser. Get the option length in 'optlen', and sanitize it earlier. A new check is added (off + optlen > skip).
In the IPv6 parser we reuse 'optlen', and remove 'ad' as a result.
|
#
1.89 |
|
16-Apr-2018 |
maxv |
Remove dead code.
ok ozaki-r@
|
Revision tags: pgoyette-compat-0415
|
#
1.88 |
|
13-Apr-2018 |
maxv |
Remove duplicate, to better show that this place doesn't make a lot of sense. The code should probably be removed, it's a leftover from when we had #ifdef __FreeBSD__.
|
Revision tags: pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.87 |
|
26-Feb-2018 |
maxv |
branches: 1.87.2; Reinforce this area, make sure the length field fits the option. Normally it always does because the options were already sanitized earlier.
|
#
1.86 |
|
16-Feb-2018 |
maxv |
Add [ah/esp/ipcomp]_enable sysctls, and remove the FreeBSD #ifdefs. Discussed with ozaki-r@.
|
#
1.85 |
|
16-Feb-2018 |
maxv |
Remove some more FreeBSD sysctl declarations that already have NetBSD counterparts. Discussed with ozaki-r@.
|
#
1.84 |
|
15-Feb-2018 |
ozaki-r |
Fix buffer overflow on sending an IPv6 packet with large options
If an IPv6 packet has large options, a necessary space for evacuation can exceed the expected size (ah_pool_item_size). Give up using the pool_cache if it happens.
Pointed out by maxv@
|
#
1.83 |
|
15-Feb-2018 |
ozaki-r |
Commonalize error paths (NFC)
|
#
1.82 |
|
15-Feb-2018 |
maxv |
style
|
#
1.81 |
|
15-Feb-2018 |
maxv |
Make sure the Authentication Header fits the mbuf chain, otherwise panic.
|
#
1.80 |
|
15-Feb-2018 |
maxv |
Fix use-after-free, 'ah' may not be valid after m_makewritable and ah_massage_headers.
|
#
1.79 |
|
15-Feb-2018 |
ozaki-r |
Fix kernel panic (assertion failure) on receiving an IPv6 packet with large options
If an IPv6 packet has large options, a necessary space for evacuation can exceed the expected size (ah_pool_item_size). Give up using the pool_cache if it happens.
Pointed out by maxv@
|
#
1.78 |
|
15-Feb-2018 |
ozaki-r |
Don't relook up an SP/SA in opencrpyto callbacks
We don't need to do so because we have a reference to it. And also relooking-up one there may return an sp/sav that has different parameters from an original one.
|
#
1.77 |
|
24-Jan-2018 |
maxv |
Reinforce and clarify.
|
#
1.76 |
|
24-Jan-2018 |
maxv |
Fix a vulnerability in IPsec-IPv6-AH, that allows an attacker to remotely crash the kernel with a single packet.
In this loop we need to increment 'ad' by two, because the length field of the option header does not count the size of the option header itself.
If the length is zero, then 'count' is incremented by zero, and there's an infinite loop. Beyond that, this code was written with the assumption that since the IPv6 packet already went through the generic IPv6 option parser, several fields are guaranteed to be valid; but this assumption does not hold because of the missing '+2', and there's as a result a triggerable buffer overflow (write zeros after the end of the mbuf, potentially to the next mbuf in memory since it's a pool).
Add the missing '+2', this place will be reinforced in separate commits.
|
#
1.75 |
|
24-Jan-2018 |
maxv |
Revert a part of rev1.49 (six months ago). The pointer given to memcpy was correct.
Discussed with Christos and Ryota.
|
Revision tags: tls-maxphys-base-20171202
|
#
1.74 |
|
03-Oct-2017 |
ozaki-r |
Constify isr at many places (NFC)
|
Revision tags: nick-nhusb-base-20170825
|
#
1.73 |
|
10-Aug-2017 |
ozaki-r |
Use pool_cache(9) instead of pool(9) for tdb_crypto objects
The change improves network throughput especially on multi-core systems.
|
#
1.72 |
|
09-Aug-2017 |
ozaki-r |
MP-ify SAD (savlist)
localcount(9) is used to protect savlist of sah. The basic design is similar to MP-ifications of SPD and SAD sahlist. Please read the locking notes of SAD for more details.
|
#
1.71 |
|
03-Aug-2017 |
ozaki-r |
Introduce KEY_SA_UNREF and replace KEY_FREESAV with it where sav will never be actually freed in the future
KEY_SA_UNREF is still key_freesav so no functional change for now.
This change reduces diff of further changes.
|
#
1.70 |
|
02-Aug-2017 |
ozaki-r |
Make IPsec SPD MP-safe
We use localcount(9), not psref(9), to make the sptree and secpolicy (SP) entries MP-safe because SPs need to be referenced over opencrypto processing that executes a callback in a different context.
SPs on sockets aren't managed by the sptree and can be destroyed in softint. localcount_drain cannot be used in softint so we delay the destruction of such SPs to a thread context. To do so, a list to manage such SPs is added (key_socksplist) and key_timehandler_spd deletes dead SPs in the list.
For more details please read the locking notes in key.c.
Proposed on tech-kern@ and tech-net@
|
#
1.69 |
|
27-Jul-2017 |
ozaki-r |
Don't acquire global locks for IPsec if NET_MPSAFE
Note that the change is just to make testing easy and IPsec isn't MP-safe yet.
|
#
1.68 |
|
20-Jul-2017 |
ozaki-r |
Use pool to allocate tdb_crypto
For ESP and AH, we need to allocate an extra variable space in addition to struct tdb_crypto. The fixed size of pool items may be larger than an actual requisite size of a buffer, but still the performance improvement by replacing malloc with pool wins.
|
#
1.67 |
|
20-Jul-2017 |
ozaki-r |
Dedup error paths (NFC)
|
#
1.66 |
|
20-Jul-2017 |
ozaki-r |
Fix a debug message
|
#
1.65 |
|
19-Jul-2017 |
ozaki-r |
Hold a reference to an SP during opencrypto processing
An SP has a list of isr (ipsecrequest) that represents a sequence of IPsec encryption/authentication processing. One isr corresponds to one opencrypto processing. The lifetime of an isr follows its SP.
We pass an isr to a callback function of opencrypto to continue to a next encryption/authentication processing. However nobody guaranteed that the isr wasn't freed, i.e., its SP wasn't destroyed.
In order to avoid such unexpected destruction of isr, hold a reference to its SP during opencrypto processing.
|
#
1.64 |
|
19-Jul-2017 |
ozaki-r |
Don't bother the case of crp->crp_buf == NULL in callbacks
|
#
1.63 |
|
19-Jul-2017 |
ozaki-r |
Don't release sav if calling crypto_dispatch again
|
Revision tags: perseant-stdc-iso10646-base
|
#
1.62 |
|
18-Jul-2017 |
ozaki-r |
branches: 1.62.2; Calculate ah_max_authsize on initialization as well as esp_max_ivlen
|
#
1.61 |
|
14-Jul-2017 |
ozaki-r |
Prepare to stop using isr->sav
isr is a shared resource and using isr->sav as a temporal storage for each packet processing is racy. And also having a reference from isr to sav makes the lifetime of sav non-deterministic; such a reference is removed when a packet is processed and isr->sav is overwritten by new one. Let's have a sav locally for each packet processing instead of using shared isr->sav.
However this change doesn't stop using isr->sav yet because there are some users of isr->sav. isr->sav will be removed after the users find a way to not use isr->sav.
|
#
1.60 |
|
14-Jul-2017 |
ozaki-r |
Pass sav directly to opencrypto callback
In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead.
|
#
1.59 |
|
13-Jul-2017 |
ozaki-r |
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
branches: 1.54.2; Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.4; 1.42.6; 1.42.8; 1.42.12; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
branches: 1.37.2; 1.37.6; 1.37.8; remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.109 |
|
01-Nov-2019 |
knakahara |
Fix ipsecif(4) IPV6_MINMTU does not work correctly.
|
Revision tags: netbsd-9-base
|
#
1.108 |
|
12-Jun-2019 |
christos |
make DPRINTF use varyadic cpp macros, and merge with IPSECLOG.
|
Revision tags: phil-wifi-20190609 isaki-audio2-base
|
#
1.107 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906 pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625
|
#
1.106 |
|
31-May-2018 |
maxv |
branches: 1.106.2; Constify ipseczeroes, and remove one use of it.
|
#
1.105 |
|
30-May-2018 |
maxv |
Correctly handle the padding for IPv6-AH, as specified by RFC4302. Seen in a FreeBSD bug report, by Jason Mader.
The RFC specifies that under IPv6 the complete AH header must be 64bit- aligned, and under IPv4 32bit-aligned. That's a rule we've never respected. The other BSDs and MacOS never have either.
So respect it now.
This makes it possible to set up IPv6-AH between Linux and NetBSD, and also probably between Windows and NetBSD.
Until now all the tests I made were between two *BSD hosts, and everything worked "correctly" since both hosts were speaking the same non-standard AHv6, so they could understand each other.
Tested with Fedora<->NetBSD, hmac-sha2-384.
|
#
1.104 |
|
30-May-2018 |
maxv |
Introduce ah_authsiz, which computes the length of the ICV only. Use it in esp_hdrsiz, and clarify.
Until now we were using ah_hdrsiz, and were relying on the fact that the size of the AH header happens to be equal to that of the ESP trailer.
Now the size of the ESP trailer is added manually. This also fixes one branch in esp_hdrsiz: we always append an ESP trailer, so it must always be taken into account, and not just when an ICV is here.
|
#
1.103 |
|
29-May-2018 |
maxv |
Strengthen and simplify, once more.
|
#
1.102 |
|
29-May-2018 |
ozaki-r |
Fix non-INET6 builds
|
Revision tags: pgoyette-compat-0521
|
#
1.101 |
|
18-May-2018 |
maxv |
IP6_EXTHDR_GET -> M_REGION_GET, no functional change.
|
#
1.100 |
|
13-May-2018 |
maxv |
Remove unused calls to nat_t_ports_get.
|
#
1.99 |
|
11-May-2018 |
maxv |
ENOBUFS -> EACCES when updating the replay counter.
|
#
1.98 |
|
07-May-2018 |
maxv |
Remove unused 'mp' argument from all the xf_output functions. Also clean up xform.h a bit.
|
Revision tags: pgoyette-compat-0502
|
#
1.97 |
|
01-May-2018 |
maxv |
When IP6_EXTHDR_GET fails, return ENOBUFS, and don't log an error (HDROPS is not supposed to be used here).
|
#
1.96 |
|
01-May-2018 |
maxv |
When the replay check fails, return EACCES instead of ENOBUFS.
|
#
1.95 |
|
28-Apr-2018 |
maxv |
Remove IPSEC_SPLASSERT_SOFTNET, it has always been a no-op.
|
#
1.94 |
|
24-Apr-2018 |
maxv |
Remove the M_AUTHIPDGM flag. It is equivalent to M_AUTHIPHDR, both are set in IPsec-AH, and they are always handled together.
|
#
1.93 |
|
23-Apr-2018 |
maxv |
Remove the kernel RH0 code. RH0 is deprecated by RFC5095, for security reasons. RH0 was already removed in the kernel's input path, but some parts were still present in the output path: they are now removed.
Sent on tech-net@ a few days ago.
|
Revision tags: pgoyette-compat-0422
|
#
1.92 |
|
19-Apr-2018 |
maxv |
Remove extra long file paths from the headers.
|
#
1.91 |
|
19-Apr-2018 |
maxv |
cosmetic
|
#
1.90 |
|
18-Apr-2018 |
maxv |
Simplify the IPv4 parser. Get the option length in 'optlen', and sanitize it earlier. A new check is added (off + optlen > skip).
In the IPv6 parser we reuse 'optlen', and remove 'ad' as a result.
|
#
1.89 |
|
16-Apr-2018 |
maxv |
Remove dead code.
ok ozaki-r@
|
Revision tags: pgoyette-compat-0415
|
#
1.88 |
|
13-Apr-2018 |
maxv |
Remove duplicate, to better show that this place doesn't make a lot of sense. The code should probably be removed, it's a leftover from when we had #ifdef __FreeBSD__.
|
Revision tags: pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.87 |
|
26-Feb-2018 |
maxv |
branches: 1.87.2; Reinforce this area, make sure the length field fits the option. Normally it always does because the options were already sanitized earlier.
|
#
1.86 |
|
16-Feb-2018 |
maxv |
Add [ah/esp/ipcomp]_enable sysctls, and remove the FreeBSD #ifdefs. Discussed with ozaki-r@.
|
#
1.85 |
|
16-Feb-2018 |
maxv |
Remove some more FreeBSD sysctl declarations that already have NetBSD counterparts. Discussed with ozaki-r@.
|
#
1.84 |
|
15-Feb-2018 |
ozaki-r |
Fix buffer overflow on sending an IPv6 packet with large options
If an IPv6 packet has large options, a necessary space for evacuation can exceed the expected size (ah_pool_item_size). Give up using the pool_cache if it happens.
Pointed out by maxv@
|
#
1.83 |
|
15-Feb-2018 |
ozaki-r |
Commonalize error paths (NFC)
|
#
1.82 |
|
15-Feb-2018 |
maxv |
style
|
#
1.81 |
|
15-Feb-2018 |
maxv |
Make sure the Authentication Header fits the mbuf chain, otherwise panic.
|
#
1.80 |
|
15-Feb-2018 |
maxv |
Fix use-after-free, 'ah' may not be valid after m_makewritable and ah_massage_headers.
|
#
1.79 |
|
15-Feb-2018 |
ozaki-r |
Fix kernel panic (assertion failure) on receiving an IPv6 packet with large options
If an IPv6 packet has large options, a necessary space for evacuation can exceed the expected size (ah_pool_item_size). Give up using the pool_cache if it happens.
Pointed out by maxv@
|
#
1.78 |
|
15-Feb-2018 |
ozaki-r |
Don't relook up an SP/SA in opencrpyto callbacks
We don't need to do so because we have a reference to it. And also relooking-up one there may return an sp/sav that has different parameters from an original one.
|
#
1.77 |
|
24-Jan-2018 |
maxv |
Reinforce and clarify.
|
#
1.76 |
|
24-Jan-2018 |
maxv |
Fix a vulnerability in IPsec-IPv6-AH, that allows an attacker to remotely crash the kernel with a single packet.
In this loop we need to increment 'ad' by two, because the length field of the option header does not count the size of the option header itself.
If the length is zero, then 'count' is incremented by zero, and there's an infinite loop. Beyond that, this code was written with the assumption that since the IPv6 packet already went through the generic IPv6 option parser, several fields are guaranteed to be valid; but this assumption does not hold because of the missing '+2', and there's as a result a triggerable buffer overflow (write zeros after the end of the mbuf, potentially to the next mbuf in memory since it's a pool).
Add the missing '+2', this place will be reinforced in separate commits.
|
#
1.75 |
|
24-Jan-2018 |
maxv |
Revert a part of rev1.49 (six months ago). The pointer given to memcpy was correct.
Discussed with Christos and Ryota.
|
Revision tags: tls-maxphys-base-20171202
|
#
1.74 |
|
03-Oct-2017 |
ozaki-r |
Constify isr at many places (NFC)
|
Revision tags: nick-nhusb-base-20170825
|
#
1.73 |
|
10-Aug-2017 |
ozaki-r |
Use pool_cache(9) instead of pool(9) for tdb_crypto objects
The change improves network throughput especially on multi-core systems.
|
#
1.72 |
|
09-Aug-2017 |
ozaki-r |
MP-ify SAD (savlist)
localcount(9) is used to protect savlist of sah. The basic design is similar to MP-ifications of SPD and SAD sahlist. Please read the locking notes of SAD for more details.
|
#
1.71 |
|
03-Aug-2017 |
ozaki-r |
Introduce KEY_SA_UNREF and replace KEY_FREESAV with it where sav will never be actually freed in the future
KEY_SA_UNREF is still key_freesav so no functional change for now.
This change reduces diff of further changes.
|
#
1.70 |
|
02-Aug-2017 |
ozaki-r |
Make IPsec SPD MP-safe
We use localcount(9), not psref(9), to make the sptree and secpolicy (SP) entries MP-safe because SPs need to be referenced over opencrypto processing that executes a callback in a different context.
SPs on sockets aren't managed by the sptree and can be destroyed in softint. localcount_drain cannot be used in softint so we delay the destruction of such SPs to a thread context. To do so, a list to manage such SPs is added (key_socksplist) and key_timehandler_spd deletes dead SPs in the list.
For more details please read the locking notes in key.c.
Proposed on tech-kern@ and tech-net@
|
#
1.69 |
|
27-Jul-2017 |
ozaki-r |
Don't acquire global locks for IPsec if NET_MPSAFE
Note that the change is just to make testing easy and IPsec isn't MP-safe yet.
|
#
1.68 |
|
20-Jul-2017 |
ozaki-r |
Use pool to allocate tdb_crypto
For ESP and AH, we need to allocate an extra variable space in addition to struct tdb_crypto. The fixed size of pool items may be larger than an actual requisite size of a buffer, but still the performance improvement by replacing malloc with pool wins.
|
#
1.67 |
|
20-Jul-2017 |
ozaki-r |
Dedup error paths (NFC)
|
#
1.66 |
|
20-Jul-2017 |
ozaki-r |
Fix a debug message
|
#
1.65 |
|
19-Jul-2017 |
ozaki-r |
Hold a reference to an SP during opencrypto processing
An SP has a list of isr (ipsecrequest) that represents a sequence of IPsec encryption/authentication processing. One isr corresponds to one opencrypto processing. The lifetime of an isr follows its SP.
We pass an isr to a callback function of opencrypto to continue to a next encryption/authentication processing. However nobody guaranteed that the isr wasn't freed, i.e., its SP wasn't destroyed.
In order to avoid such unexpected destruction of isr, hold a reference to its SP during opencrypto processing.
|
#
1.64 |
|
19-Jul-2017 |
ozaki-r |
Don't bother the case of crp->crp_buf == NULL in callbacks
|
#
1.63 |
|
19-Jul-2017 |
ozaki-r |
Don't release sav if calling crypto_dispatch again
|
Revision tags: perseant-stdc-iso10646-base
|
#
1.62 |
|
18-Jul-2017 |
ozaki-r |
branches: 1.62.2; Calculate ah_max_authsize on initialization as well as esp_max_ivlen
|
#
1.61 |
|
14-Jul-2017 |
ozaki-r |
Prepare to stop using isr->sav
isr is a shared resource and using isr->sav as a temporal storage for each packet processing is racy. And also having a reference from isr to sav makes the lifetime of sav non-deterministic; such a reference is removed when a packet is processed and isr->sav is overwritten by new one. Let's have a sav locally for each packet processing instead of using shared isr->sav.
However this change doesn't stop using isr->sav yet because there are some users of isr->sav. isr->sav will be removed after the users find a way to not use isr->sav.
|
#
1.60 |
|
14-Jul-2017 |
ozaki-r |
Pass sav directly to opencrypto callback
In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead.
|
#
1.59 |
|
13-Jul-2017 |
ozaki-r |
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
branches: 1.54.2; Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.4; 1.42.6; 1.42.8; 1.42.12; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
branches: 1.37.2; 1.37.6; 1.37.8; remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.108 |
|
12-Jun-2019 |
christos |
make DPRINTF use varyadic cpp macros, and merge with IPSECLOG.
|
Revision tags: phil-wifi-20190609 isaki-audio2-base
|
#
1.107 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906 pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625
|
#
1.106 |
|
31-May-2018 |
maxv |
branches: 1.106.2; Constify ipseczeroes, and remove one use of it.
|
#
1.105 |
|
30-May-2018 |
maxv |
Correctly handle the padding for IPv6-AH, as specified by RFC4302. Seen in a FreeBSD bug report, by Jason Mader.
The RFC specifies that under IPv6 the complete AH header must be 64bit- aligned, and under IPv4 32bit-aligned. That's a rule we've never respected. The other BSDs and MacOS never have either.
So respect it now.
This makes it possible to set up IPv6-AH between Linux and NetBSD, and also probably between Windows and NetBSD.
Until now all the tests I made were between two *BSD hosts, and everything worked "correctly" since both hosts were speaking the same non-standard AHv6, so they could understand each other.
Tested with Fedora<->NetBSD, hmac-sha2-384.
|
#
1.104 |
|
30-May-2018 |
maxv |
Introduce ah_authsiz, which computes the length of the ICV only. Use it in esp_hdrsiz, and clarify.
Until now we were using ah_hdrsiz, and were relying on the fact that the size of the AH header happens to be equal to that of the ESP trailer.
Now the size of the ESP trailer is added manually. This also fixes one branch in esp_hdrsiz: we always append an ESP trailer, so it must always be taken into account, and not just when an ICV is here.
|
#
1.103 |
|
29-May-2018 |
maxv |
Strengthen and simplify, once more.
|
#
1.102 |
|
29-May-2018 |
ozaki-r |
Fix non-INET6 builds
|
Revision tags: pgoyette-compat-0521
|
#
1.101 |
|
18-May-2018 |
maxv |
IP6_EXTHDR_GET -> M_REGION_GET, no functional change.
|
#
1.100 |
|
13-May-2018 |
maxv |
Remove unused calls to nat_t_ports_get.
|
#
1.99 |
|
11-May-2018 |
maxv |
ENOBUFS -> EACCES when updating the replay counter.
|
#
1.98 |
|
07-May-2018 |
maxv |
Remove unused 'mp' argument from all the xf_output functions. Also clean up xform.h a bit.
|
Revision tags: pgoyette-compat-0502
|
#
1.97 |
|
01-May-2018 |
maxv |
When IP6_EXTHDR_GET fails, return ENOBUFS, and don't log an error (HDROPS is not supposed to be used here).
|
#
1.96 |
|
01-May-2018 |
maxv |
When the replay check fails, return EACCES instead of ENOBUFS.
|
#
1.95 |
|
28-Apr-2018 |
maxv |
Remove IPSEC_SPLASSERT_SOFTNET, it has always been a no-op.
|
#
1.94 |
|
24-Apr-2018 |
maxv |
Remove the M_AUTHIPDGM flag. It is equivalent to M_AUTHIPHDR, both are set in IPsec-AH, and they are always handled together.
|
#
1.93 |
|
23-Apr-2018 |
maxv |
Remove the kernel RH0 code. RH0 is deprecated by RFC5095, for security reasons. RH0 was already removed in the kernel's input path, but some parts were still present in the output path: they are now removed.
Sent on tech-net@ a few days ago.
|
Revision tags: pgoyette-compat-0422
|
#
1.92 |
|
19-Apr-2018 |
maxv |
Remove extra long file paths from the headers.
|
#
1.91 |
|
19-Apr-2018 |
maxv |
cosmetic
|
#
1.90 |
|
18-Apr-2018 |
maxv |
Simplify the IPv4 parser. Get the option length in 'optlen', and sanitize it earlier. A new check is added (off + optlen > skip).
In the IPv6 parser we reuse 'optlen', and remove 'ad' as a result.
|
#
1.89 |
|
16-Apr-2018 |
maxv |
Remove dead code.
ok ozaki-r@
|
Revision tags: pgoyette-compat-0415
|
#
1.88 |
|
13-Apr-2018 |
maxv |
Remove duplicate, to better show that this place doesn't make a lot of sense. The code should probably be removed, it's a leftover from when we had #ifdef __FreeBSD__.
|
Revision tags: pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.87 |
|
26-Feb-2018 |
maxv |
branches: 1.87.2; Reinforce this area, make sure the length field fits the option. Normally it always does because the options were already sanitized earlier.
|
#
1.86 |
|
16-Feb-2018 |
maxv |
Add [ah/esp/ipcomp]_enable sysctls, and remove the FreeBSD #ifdefs. Discussed with ozaki-r@.
|
#
1.85 |
|
16-Feb-2018 |
maxv |
Remove some more FreeBSD sysctl declarations that already have NetBSD counterparts. Discussed with ozaki-r@.
|
#
1.84 |
|
15-Feb-2018 |
ozaki-r |
Fix buffer overflow on sending an IPv6 packet with large options
If an IPv6 packet has large options, a necessary space for evacuation can exceed the expected size (ah_pool_item_size). Give up using the pool_cache if it happens.
Pointed out by maxv@
|
#
1.83 |
|
15-Feb-2018 |
ozaki-r |
Commonalize error paths (NFC)
|
#
1.82 |
|
15-Feb-2018 |
maxv |
style
|
#
1.81 |
|
15-Feb-2018 |
maxv |
Make sure the Authentication Header fits the mbuf chain, otherwise panic.
|
#
1.80 |
|
15-Feb-2018 |
maxv |
Fix use-after-free, 'ah' may not be valid after m_makewritable and ah_massage_headers.
|
#
1.79 |
|
15-Feb-2018 |
ozaki-r |
Fix kernel panic (assertion failure) on receiving an IPv6 packet with large options
If an IPv6 packet has large options, a necessary space for evacuation can exceed the expected size (ah_pool_item_size). Give up using the pool_cache if it happens.
Pointed out by maxv@
|
#
1.78 |
|
15-Feb-2018 |
ozaki-r |
Don't relook up an SP/SA in opencrpyto callbacks
We don't need to do so because we have a reference to it. And also relooking-up one there may return an sp/sav that has different parameters from an original one.
|
#
1.77 |
|
24-Jan-2018 |
maxv |
Reinforce and clarify.
|
#
1.76 |
|
24-Jan-2018 |
maxv |
Fix a vulnerability in IPsec-IPv6-AH, that allows an attacker to remotely crash the kernel with a single packet.
In this loop we need to increment 'ad' by two, because the length field of the option header does not count the size of the option header itself.
If the length is zero, then 'count' is incremented by zero, and there's an infinite loop. Beyond that, this code was written with the assumption that since the IPv6 packet already went through the generic IPv6 option parser, several fields are guaranteed to be valid; but this assumption does not hold because of the missing '+2', and there's as a result a triggerable buffer overflow (write zeros after the end of the mbuf, potentially to the next mbuf in memory since it's a pool).
Add the missing '+2', this place will be reinforced in separate commits.
|
#
1.75 |
|
24-Jan-2018 |
maxv |
Revert a part of rev1.49 (six months ago). The pointer given to memcpy was correct.
Discussed with Christos and Ryota.
|
Revision tags: tls-maxphys-base-20171202
|
#
1.74 |
|
03-Oct-2017 |
ozaki-r |
Constify isr at many places (NFC)
|
Revision tags: nick-nhusb-base-20170825
|
#
1.73 |
|
10-Aug-2017 |
ozaki-r |
Use pool_cache(9) instead of pool(9) for tdb_crypto objects
The change improves network throughput especially on multi-core systems.
|
#
1.72 |
|
09-Aug-2017 |
ozaki-r |
MP-ify SAD (savlist)
localcount(9) is used to protect savlist of sah. The basic design is similar to MP-ifications of SPD and SAD sahlist. Please read the locking notes of SAD for more details.
|
#
1.71 |
|
03-Aug-2017 |
ozaki-r |
Introduce KEY_SA_UNREF and replace KEY_FREESAV with it where sav will never be actually freed in the future
KEY_SA_UNREF is still key_freesav so no functional change for now.
This change reduces diff of further changes.
|
#
1.70 |
|
02-Aug-2017 |
ozaki-r |
Make IPsec SPD MP-safe
We use localcount(9), not psref(9), to make the sptree and secpolicy (SP) entries MP-safe because SPs need to be referenced over opencrypto processing that executes a callback in a different context.
SPs on sockets aren't managed by the sptree and can be destroyed in softint. localcount_drain cannot be used in softint so we delay the destruction of such SPs to a thread context. To do so, a list to manage such SPs is added (key_socksplist) and key_timehandler_spd deletes dead SPs in the list.
For more details please read the locking notes in key.c.
Proposed on tech-kern@ and tech-net@
|
#
1.69 |
|
27-Jul-2017 |
ozaki-r |
Don't acquire global locks for IPsec if NET_MPSAFE
Note that the change is just to make testing easy and IPsec isn't MP-safe yet.
|
#
1.68 |
|
20-Jul-2017 |
ozaki-r |
Use pool to allocate tdb_crypto
For ESP and AH, we need to allocate an extra variable space in addition to struct tdb_crypto. The fixed size of pool items may be larger than an actual requisite size of a buffer, but still the performance improvement by replacing malloc with pool wins.
|
#
1.67 |
|
20-Jul-2017 |
ozaki-r |
Dedup error paths (NFC)
|
#
1.66 |
|
20-Jul-2017 |
ozaki-r |
Fix a debug message
|
#
1.65 |
|
19-Jul-2017 |
ozaki-r |
Hold a reference to an SP during opencrypto processing
An SP has a list of isr (ipsecrequest) that represents a sequence of IPsec encryption/authentication processing. One isr corresponds to one opencrypto processing. The lifetime of an isr follows its SP.
We pass an isr to a callback function of opencrypto to continue to a next encryption/authentication processing. However nobody guaranteed that the isr wasn't freed, i.e., its SP wasn't destroyed.
In order to avoid such unexpected destruction of isr, hold a reference to its SP during opencrypto processing.
|
#
1.64 |
|
19-Jul-2017 |
ozaki-r |
Don't bother the case of crp->crp_buf == NULL in callbacks
|
#
1.63 |
|
19-Jul-2017 |
ozaki-r |
Don't release sav if calling crypto_dispatch again
|
Revision tags: perseant-stdc-iso10646-base
|
#
1.62 |
|
18-Jul-2017 |
ozaki-r |
branches: 1.62.2; Calculate ah_max_authsize on initialization as well as esp_max_ivlen
|
#
1.61 |
|
14-Jul-2017 |
ozaki-r |
Prepare to stop using isr->sav
isr is a shared resource and using isr->sav as a temporal storage for each packet processing is racy. And also having a reference from isr to sav makes the lifetime of sav non-deterministic; such a reference is removed when a packet is processed and isr->sav is overwritten by new one. Let's have a sav locally for each packet processing instead of using shared isr->sav.
However this change doesn't stop using isr->sav yet because there are some users of isr->sav. isr->sav will be removed after the users find a way to not use isr->sav.
|
#
1.60 |
|
14-Jul-2017 |
ozaki-r |
Pass sav directly to opencrypto callback
In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead.
|
#
1.59 |
|
13-Jul-2017 |
ozaki-r |
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
branches: 1.54.2; Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.4; 1.42.6; 1.42.8; 1.42.12; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
branches: 1.37.2; 1.37.6; 1.37.8; remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
Revision tags: isaki-audio2-base
|
#
1.107 |
|
27-Jan-2019 |
pgoyette |
Merge the [pgoyette-compat] branch
|
Revision tags: pgoyette-compat-20190127 pgoyette-compat-20190118 pgoyette-compat-1226 pgoyette-compat-1126 pgoyette-compat-1020 pgoyette-compat-0930 pgoyette-compat-0906 pgoyette-compat-0728 phil-wifi-base pgoyette-compat-0625
|
#
1.106 |
|
31-May-2018 |
maxv |
Constify ipseczeroes, and remove one use of it.
|
#
1.105 |
|
30-May-2018 |
maxv |
Correctly handle the padding for IPv6-AH, as specified by RFC4302. Seen in a FreeBSD bug report, by Jason Mader.
The RFC specifies that under IPv6 the complete AH header must be 64bit- aligned, and under IPv4 32bit-aligned. That's a rule we've never respected. The other BSDs and MacOS never have either.
So respect it now.
This makes it possible to set up IPv6-AH between Linux and NetBSD, and also probably between Windows and NetBSD.
Until now all the tests I made were between two *BSD hosts, and everything worked "correctly" since both hosts were speaking the same non-standard AHv6, so they could understand each other.
Tested with Fedora<->NetBSD, hmac-sha2-384.
|
#
1.104 |
|
30-May-2018 |
maxv |
Introduce ah_authsiz, which computes the length of the ICV only. Use it in esp_hdrsiz, and clarify.
Until now we were using ah_hdrsiz, and were relying on the fact that the size of the AH header happens to be equal to that of the ESP trailer.
Now the size of the ESP trailer is added manually. This also fixes one branch in esp_hdrsiz: we always append an ESP trailer, so it must always be taken into account, and not just when an ICV is here.
|
#
1.103 |
|
29-May-2018 |
maxv |
Strengthen and simplify, once more.
|
#
1.102 |
|
29-May-2018 |
ozaki-r |
Fix non-INET6 builds
|
Revision tags: pgoyette-compat-0521
|
#
1.101 |
|
18-May-2018 |
maxv |
IP6_EXTHDR_GET -> M_REGION_GET, no functional change.
|
#
1.100 |
|
13-May-2018 |
maxv |
Remove unused calls to nat_t_ports_get.
|
#
1.99 |
|
11-May-2018 |
maxv |
ENOBUFS -> EACCES when updating the replay counter.
|
#
1.98 |
|
07-May-2018 |
maxv |
Remove unused 'mp' argument from all the xf_output functions. Also clean up xform.h a bit.
|
Revision tags: pgoyette-compat-0502
|
#
1.97 |
|
01-May-2018 |
maxv |
When IP6_EXTHDR_GET fails, return ENOBUFS, and don't log an error (HDROPS is not supposed to be used here).
|
#
1.96 |
|
01-May-2018 |
maxv |
When the replay check fails, return EACCES instead of ENOBUFS.
|
#
1.95 |
|
28-Apr-2018 |
maxv |
Remove IPSEC_SPLASSERT_SOFTNET, it has always been a no-op.
|
#
1.94 |
|
24-Apr-2018 |
maxv |
Remove the M_AUTHIPDGM flag. It is equivalent to M_AUTHIPHDR, both are set in IPsec-AH, and they are always handled together.
|
#
1.93 |
|
23-Apr-2018 |
maxv |
Remove the kernel RH0 code. RH0 is deprecated by RFC5095, for security reasons. RH0 was already removed in the kernel's input path, but some parts were still present in the output path: they are now removed.
Sent on tech-net@ a few days ago.
|
Revision tags: pgoyette-compat-0422
|
#
1.92 |
|
19-Apr-2018 |
maxv |
Remove extra long file paths from the headers.
|
#
1.91 |
|
19-Apr-2018 |
maxv |
cosmetic
|
#
1.90 |
|
18-Apr-2018 |
maxv |
Simplify the IPv4 parser. Get the option length in 'optlen', and sanitize it earlier. A new check is added (off + optlen > skip).
In the IPv6 parser we reuse 'optlen', and remove 'ad' as a result.
|
#
1.89 |
|
16-Apr-2018 |
maxv |
Remove dead code.
ok ozaki-r@
|
Revision tags: pgoyette-compat-0415
|
#
1.88 |
|
13-Apr-2018 |
maxv |
Remove duplicate, to better show that this place doesn't make a lot of sense. The code should probably be removed, it's a leftover from when we had #ifdef __FreeBSD__.
|
Revision tags: pgoyette-compat-0407 pgoyette-compat-0330 pgoyette-compat-0322 pgoyette-compat-0315 pgoyette-compat-base
|
#
1.87 |
|
26-Feb-2018 |
maxv |
branches: 1.87.2; Reinforce this area, make sure the length field fits the option. Normally it always does because the options were already sanitized earlier.
|
#
1.86 |
|
16-Feb-2018 |
maxv |
Add [ah/esp/ipcomp]_enable sysctls, and remove the FreeBSD #ifdefs. Discussed with ozaki-r@.
|
#
1.85 |
|
16-Feb-2018 |
maxv |
Remove some more FreeBSD sysctl declarations that already have NetBSD counterparts. Discussed with ozaki-r@.
|
#
1.84 |
|
15-Feb-2018 |
ozaki-r |
Fix buffer overflow on sending an IPv6 packet with large options
If an IPv6 packet has large options, a necessary space for evacuation can exceed the expected size (ah_pool_item_size). Give up using the pool_cache if it happens.
Pointed out by maxv@
|
#
1.83 |
|
15-Feb-2018 |
ozaki-r |
Commonalize error paths (NFC)
|
#
1.82 |
|
15-Feb-2018 |
maxv |
style
|
#
1.81 |
|
15-Feb-2018 |
maxv |
Make sure the Authentication Header fits the mbuf chain, otherwise panic.
|
#
1.80 |
|
15-Feb-2018 |
maxv |
Fix use-after-free, 'ah' may not be valid after m_makewritable and ah_massage_headers.
|
#
1.79 |
|
15-Feb-2018 |
ozaki-r |
Fix kernel panic (assertion failure) on receiving an IPv6 packet with large options
If an IPv6 packet has large options, a necessary space for evacuation can exceed the expected size (ah_pool_item_size). Give up using the pool_cache if it happens.
Pointed out by maxv@
|
#
1.78 |
|
15-Feb-2018 |
ozaki-r |
Don't relook up an SP/SA in opencrpyto callbacks
We don't need to do so because we have a reference to it. And also relooking-up one there may return an sp/sav that has different parameters from an original one.
|
#
1.77 |
|
24-Jan-2018 |
maxv |
Reinforce and clarify.
|
#
1.76 |
|
24-Jan-2018 |
maxv |
Fix a vulnerability in IPsec-IPv6-AH, that allows an attacker to remotely crash the kernel with a single packet.
In this loop we need to increment 'ad' by two, because the length field of the option header does not count the size of the option header itself.
If the length is zero, then 'count' is incremented by zero, and there's an infinite loop. Beyond that, this code was written with the assumption that since the IPv6 packet already went through the generic IPv6 option parser, several fields are guaranteed to be valid; but this assumption does not hold because of the missing '+2', and there's as a result a triggerable buffer overflow (write zeros after the end of the mbuf, potentially to the next mbuf in memory since it's a pool).
Add the missing '+2', this place will be reinforced in separate commits.
|
#
1.75 |
|
24-Jan-2018 |
maxv |
Revert a part of rev1.49 (six months ago). The pointer given to memcpy was correct.
Discussed with Christos and Ryota.
|
Revision tags: tls-maxphys-base-20171202
|
#
1.74 |
|
03-Oct-2017 |
ozaki-r |
Constify isr at many places (NFC)
|
Revision tags: nick-nhusb-base-20170825
|
#
1.73 |
|
10-Aug-2017 |
ozaki-r |
Use pool_cache(9) instead of pool(9) for tdb_crypto objects
The change improves network throughput especially on multi-core systems.
|
#
1.72 |
|
09-Aug-2017 |
ozaki-r |
MP-ify SAD (savlist)
localcount(9) is used to protect savlist of sah. The basic design is similar to MP-ifications of SPD and SAD sahlist. Please read the locking notes of SAD for more details.
|
#
1.71 |
|
03-Aug-2017 |
ozaki-r |
Introduce KEY_SA_UNREF and replace KEY_FREESAV with it where sav will never be actually freed in the future
KEY_SA_UNREF is still key_freesav so no functional change for now.
This change reduces diff of further changes.
|
#
1.70 |
|
02-Aug-2017 |
ozaki-r |
Make IPsec SPD MP-safe
We use localcount(9), not psref(9), to make the sptree and secpolicy (SP) entries MP-safe because SPs need to be referenced over opencrypto processing that executes a callback in a different context.
SPs on sockets aren't managed by the sptree and can be destroyed in softint. localcount_drain cannot be used in softint so we delay the destruction of such SPs to a thread context. To do so, a list to manage such SPs is added (key_socksplist) and key_timehandler_spd deletes dead SPs in the list.
For more details please read the locking notes in key.c.
Proposed on tech-kern@ and tech-net@
|
#
1.69 |
|
27-Jul-2017 |
ozaki-r |
Don't acquire global locks for IPsec if NET_MPSAFE
Note that the change is just to make testing easy and IPsec isn't MP-safe yet.
|
#
1.68 |
|
20-Jul-2017 |
ozaki-r |
Use pool to allocate tdb_crypto
For ESP and AH, we need to allocate an extra variable space in addition to struct tdb_crypto. The fixed size of pool items may be larger than an actual requisite size of a buffer, but still the performance improvement by replacing malloc with pool wins.
|
#
1.67 |
|
20-Jul-2017 |
ozaki-r |
Dedup error paths (NFC)
|
#
1.66 |
|
20-Jul-2017 |
ozaki-r |
Fix a debug message
|
#
1.65 |
|
19-Jul-2017 |
ozaki-r |
Hold a reference to an SP during opencrypto processing
An SP has a list of isr (ipsecrequest) that represents a sequence of IPsec encryption/authentication processing. One isr corresponds to one opencrypto processing. The lifetime of an isr follows its SP.
We pass an isr to a callback function of opencrypto to continue to a next encryption/authentication processing. However nobody guaranteed that the isr wasn't freed, i.e., its SP wasn't destroyed.
In order to avoid such unexpected destruction of isr, hold a reference to its SP during opencrypto processing.
|
#
1.64 |
|
19-Jul-2017 |
ozaki-r |
Don't bother the case of crp->crp_buf == NULL in callbacks
|
#
1.63 |
|
19-Jul-2017 |
ozaki-r |
Don't release sav if calling crypto_dispatch again
|
Revision tags: perseant-stdc-iso10646-base
|
#
1.62 |
|
18-Jul-2017 |
ozaki-r |
branches: 1.62.2; Calculate ah_max_authsize on initialization as well as esp_max_ivlen
|
#
1.61 |
|
14-Jul-2017 |
ozaki-r |
Prepare to stop using isr->sav
isr is a shared resource and using isr->sav as a temporal storage for each packet processing is racy. And also having a reference from isr to sav makes the lifetime of sav non-deterministic; such a reference is removed when a packet is processed and isr->sav is overwritten by new one. Let's have a sav locally for each packet processing instead of using shared isr->sav.
However this change doesn't stop using isr->sav yet because there are some users of isr->sav. isr->sav will be removed after the users find a way to not use isr->sav.
|
#
1.60 |
|
14-Jul-2017 |
ozaki-r |
Pass sav directly to opencrypto callback
In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead.
|
#
1.59 |
|
13-Jul-2017 |
ozaki-r |
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
branches: 1.54.2; Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.4; 1.42.6; 1.42.8; 1.42.12; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
branches: 1.37.2; 1.37.6; 1.37.8; remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.77 |
|
24-Jan-2018 |
maxv |
Reinforce and clarify.
|
#
1.76 |
|
24-Jan-2018 |
maxv |
Fix a vulnerability in IPsec-IPv6-AH, that allows an attacker to remotely crash the kernel with a single packet.
In this loop we need to increment 'ad' by two, because the length field of the option header does not count the size of the option header itself.
If the length is zero, then 'count' is incremented by zero, and there's an infinite loop. Beyond that, this code was written with the assumption that since the IPv6 packet already went through the generic IPv6 option parser, several fields are guaranteed to be valid; but this assumption does not hold because of the missing '+2', and there's as a result a triggerable buffer overflow (write zeros after the end of the mbuf, potentially to the next mbuf in memory since it's a pool).
Add the missing '+2', this place will be reinforced in separate commits.
|
#
1.75 |
|
24-Jan-2018 |
maxv |
Revert a part of rev1.49 (six months ago). The pointer given to memcpy was correct.
Discussed with Christos and Ryota.
|
Revision tags: tls-maxphys-base-20171202
|
#
1.74 |
|
03-Oct-2017 |
ozaki-r |
Constify isr at many places (NFC)
|
Revision tags: nick-nhusb-base-20170825
|
#
1.73 |
|
10-Aug-2017 |
ozaki-r |
Use pool_cache(9) instead of pool(9) for tdb_crypto objects
The change improves network throughput especially on multi-core systems.
|
#
1.72 |
|
09-Aug-2017 |
ozaki-r |
MP-ify SAD (savlist)
localcount(9) is used to protect savlist of sah. The basic design is similar to MP-ifications of SPD and SAD sahlist. Please read the locking notes of SAD for more details.
|
#
1.71 |
|
03-Aug-2017 |
ozaki-r |
Introduce KEY_SA_UNREF and replace KEY_FREESAV with it where sav will never be actually freed in the future
KEY_SA_UNREF is still key_freesav so no functional change for now.
This change reduces diff of further changes.
|
#
1.70 |
|
02-Aug-2017 |
ozaki-r |
Make IPsec SPD MP-safe
We use localcount(9), not psref(9), to make the sptree and secpolicy (SP) entries MP-safe because SPs need to be referenced over opencrypto processing that executes a callback in a different context.
SPs on sockets aren't managed by the sptree and can be destroyed in softint. localcount_drain cannot be used in softint so we delay the destruction of such SPs to a thread context. To do so, a list to manage such SPs is added (key_socksplist) and key_timehandler_spd deletes dead SPs in the list.
For more details please read the locking notes in key.c.
Proposed on tech-kern@ and tech-net@
|
#
1.69 |
|
27-Jul-2017 |
ozaki-r |
Don't acquire global locks for IPsec if NET_MPSAFE
Note that the change is just to make testing easy and IPsec isn't MP-safe yet.
|
#
1.68 |
|
20-Jul-2017 |
ozaki-r |
Use pool to allocate tdb_crypto
For ESP and AH, we need to allocate an extra variable space in addition to struct tdb_crypto. The fixed size of pool items may be larger than an actual requisite size of a buffer, but still the performance improvement by replacing malloc with pool wins.
|
#
1.67 |
|
20-Jul-2017 |
ozaki-r |
Dedup error paths (NFC)
|
#
1.66 |
|
20-Jul-2017 |
ozaki-r |
Fix a debug message
|
#
1.65 |
|
19-Jul-2017 |
ozaki-r |
Hold a reference to an SP during opencrypto processing
An SP has a list of isr (ipsecrequest) that represents a sequence of IPsec encryption/authentication processing. One isr corresponds to one opencrypto processing. The lifetime of an isr follows its SP.
We pass an isr to a callback function of opencrypto to continue to a next encryption/authentication processing. However nobody guaranteed that the isr wasn't freed, i.e., its SP wasn't destroyed.
In order to avoid such unexpected destruction of isr, hold a reference to its SP during opencrypto processing.
|
#
1.64 |
|
19-Jul-2017 |
ozaki-r |
Don't bother the case of crp->crp_buf == NULL in callbacks
|
#
1.63 |
|
19-Jul-2017 |
ozaki-r |
Don't release sav if calling crypto_dispatch again
|
Revision tags: perseant-stdc-iso10646-base
|
#
1.62 |
|
18-Jul-2017 |
ozaki-r |
branches: 1.62.2; Calculate ah_max_authsize on initialization as well as esp_max_ivlen
|
#
1.61 |
|
14-Jul-2017 |
ozaki-r |
Prepare to stop using isr->sav
isr is a shared resource and using isr->sav as a temporal storage for each packet processing is racy. And also having a reference from isr to sav makes the lifetime of sav non-deterministic; such a reference is removed when a packet is processed and isr->sav is overwritten by new one. Let's have a sav locally for each packet processing instead of using shared isr->sav.
However this change doesn't stop using isr->sav yet because there are some users of isr->sav. isr->sav will be removed after the users find a way to not use isr->sav.
|
#
1.60 |
|
14-Jul-2017 |
ozaki-r |
Pass sav directly to opencrypto callback
In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead.
|
#
1.59 |
|
13-Jul-2017 |
ozaki-r |
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
branches: 1.54.2; Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-1-RELEASE netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.74 |
|
03-Oct-2017 |
ozaki-r |
Constify isr at many places (NFC)
|
Revision tags: nick-nhusb-base-20170825
|
#
1.73 |
|
10-Aug-2017 |
ozaki-r |
Use pool_cache(9) instead of pool(9) for tdb_crypto objects
The change improves network throughput especially on multi-core systems.
|
#
1.72 |
|
09-Aug-2017 |
ozaki-r |
MP-ify SAD (savlist)
localcount(9) is used to protect savlist of sah. The basic design is similar to MP-ifications of SPD and SAD sahlist. Please read the locking notes of SAD for more details.
|
#
1.71 |
|
03-Aug-2017 |
ozaki-r |
Introduce KEY_SA_UNREF and replace KEY_FREESAV with it where sav will never be actually freed in the future
KEY_SA_UNREF is still key_freesav so no functional change for now.
This change reduces diff of further changes.
|
#
1.70 |
|
02-Aug-2017 |
ozaki-r |
Make IPsec SPD MP-safe
We use localcount(9), not psref(9), to make the sptree and secpolicy (SP) entries MP-safe because SPs need to be referenced over opencrypto processing that executes a callback in a different context.
SPs on sockets aren't managed by the sptree and can be destroyed in softint. localcount_drain cannot be used in softint so we delay the destruction of such SPs to a thread context. To do so, a list to manage such SPs is added (key_socksplist) and key_timehandler_spd deletes dead SPs in the list.
For more details please read the locking notes in key.c.
Proposed on tech-kern@ and tech-net@
|
#
1.69 |
|
27-Jul-2017 |
ozaki-r |
Don't acquire global locks for IPsec if NET_MPSAFE
Note that the change is just to make testing easy and IPsec isn't MP-safe yet.
|
#
1.68 |
|
20-Jul-2017 |
ozaki-r |
Use pool to allocate tdb_crypto
For ESP and AH, we need to allocate an extra variable space in addition to struct tdb_crypto. The fixed size of pool items may be larger than an actual requisite size of a buffer, but still the performance improvement by replacing malloc with pool wins.
|
#
1.67 |
|
20-Jul-2017 |
ozaki-r |
Dedup error paths (NFC)
|
#
1.66 |
|
20-Jul-2017 |
ozaki-r |
Fix a debug message
|
#
1.65 |
|
19-Jul-2017 |
ozaki-r |
Hold a reference to an SP during opencrypto processing
An SP has a list of isr (ipsecrequest) that represents a sequence of IPsec encryption/authentication processing. One isr corresponds to one opencrypto processing. The lifetime of an isr follows its SP.
We pass an isr to a callback function of opencrypto to continue to a next encryption/authentication processing. However nobody guaranteed that the isr wasn't freed, i.e., its SP wasn't destroyed.
In order to avoid such unexpected destruction of isr, hold a reference to its SP during opencrypto processing.
|
#
1.64 |
|
19-Jul-2017 |
ozaki-r |
Don't bother the case of crp->crp_buf == NULL in callbacks
|
#
1.63 |
|
19-Jul-2017 |
ozaki-r |
Don't release sav if calling crypto_dispatch again
|
Revision tags: perseant-stdc-iso10646-base
|
#
1.62 |
|
18-Jul-2017 |
ozaki-r |
branches: 1.62.2; Calculate ah_max_authsize on initialization as well as esp_max_ivlen
|
#
1.61 |
|
14-Jul-2017 |
ozaki-r |
Prepare to stop using isr->sav
isr is a shared resource and using isr->sav as a temporal storage for each packet processing is racy. And also having a reference from isr to sav makes the lifetime of sav non-deterministic; such a reference is removed when a packet is processed and isr->sav is overwritten by new one. Let's have a sav locally for each packet processing instead of using shared isr->sav.
However this change doesn't stop using isr->sav yet because there are some users of isr->sav. isr->sav will be removed after the users find a way to not use isr->sav.
|
#
1.60 |
|
14-Jul-2017 |
ozaki-r |
Pass sav directly to opencrypto callback
In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead.
|
#
1.59 |
|
13-Jul-2017 |
ozaki-r |
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.73 |
|
10-Aug-2017 |
ozaki-r |
Use pool_cache(9) instead of pool(9) for tdb_crypto objects
The change improves network throughput especially on multi-core systems.
|
#
1.72 |
|
09-Aug-2017 |
ozaki-r |
MP-ify SAD (savlist)
localcount(9) is used to protect savlist of sah. The basic design is similar to MP-ifications of SPD and SAD sahlist. Please read the locking notes of SAD for more details.
|
#
1.71 |
|
03-Aug-2017 |
ozaki-r |
Introduce KEY_SA_UNREF and replace KEY_FREESAV with it where sav will never be actually freed in the future
KEY_SA_UNREF is still key_freesav so no functional change for now.
This change reduces diff of further changes.
|
#
1.70 |
|
02-Aug-2017 |
ozaki-r |
Make IPsec SPD MP-safe
We use localcount(9), not psref(9), to make the sptree and secpolicy (SP) entries MP-safe because SPs need to be referenced over opencrypto processing that executes a callback in a different context.
SPs on sockets aren't managed by the sptree and can be destroyed in softint. localcount_drain cannot be used in softint so we delay the destruction of such SPs to a thread context. To do so, a list to manage such SPs is added (key_socksplist) and key_timehandler_spd deletes dead SPs in the list.
For more details please read the locking notes in key.c.
Proposed on tech-kern@ and tech-net@
|
#
1.69 |
|
27-Jul-2017 |
ozaki-r |
Don't acquire global locks for IPsec if NET_MPSAFE
Note that the change is just to make testing easy and IPsec isn't MP-safe yet.
|
#
1.68 |
|
20-Jul-2017 |
ozaki-r |
Use pool to allocate tdb_crypto
For ESP and AH, we need to allocate an extra variable space in addition to struct tdb_crypto. The fixed size of pool items may be larger than an actual requisite size of a buffer, but still the performance improvement by replacing malloc with pool wins.
|
#
1.67 |
|
20-Jul-2017 |
ozaki-r |
Dedup error paths (NFC)
|
#
1.66 |
|
20-Jul-2017 |
ozaki-r |
Fix a debug message
|
#
1.65 |
|
19-Jul-2017 |
ozaki-r |
Hold a reference to an SP during opencrypto processing
An SP has a list of isr (ipsecrequest) that represents a sequence of IPsec encryption/authentication processing. One isr corresponds to one opencrypto processing. The lifetime of an isr follows its SP.
We pass an isr to a callback function of opencrypto to continue to a next encryption/authentication processing. However nobody guaranteed that the isr wasn't freed, i.e., its SP wasn't destroyed.
In order to avoid such unexpected destruction of isr, hold a reference to its SP during opencrypto processing.
|
#
1.64 |
|
19-Jul-2017 |
ozaki-r |
Don't bother the case of crp->crp_buf == NULL in callbacks
|
#
1.63 |
|
19-Jul-2017 |
ozaki-r |
Don't release sav if calling crypto_dispatch again
|
Revision tags: perseant-stdc-iso10646-base
|
#
1.62 |
|
18-Jul-2017 |
ozaki-r |
Calculate ah_max_authsize on initialization as well as esp_max_ivlen
|
#
1.61 |
|
14-Jul-2017 |
ozaki-r |
Prepare to stop using isr->sav
isr is a shared resource and using isr->sav as a temporal storage for each packet processing is racy. And also having a reference from isr to sav makes the lifetime of sav non-deterministic; such a reference is removed when a packet is processed and isr->sav is overwritten by new one. Let's have a sav locally for each packet processing instead of using shared isr->sav.
However this change doesn't stop using isr->sav yet because there are some users of isr->sav. isr->sav will be removed after the users find a way to not use isr->sav.
|
#
1.60 |
|
14-Jul-2017 |
ozaki-r |
Pass sav directly to opencrypto callback
In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead.
|
#
1.59 |
|
13-Jul-2017 |
ozaki-r |
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.72 |
|
09-Aug-2017 |
ozaki-r |
MP-ify SAD (savlist)
localcount(9) is used to protect savlist of sah. The basic design is similar to MP-ifications of SPD and SAD sahlist. Please read the locking notes of SAD for more details.
|
#
1.71 |
|
03-Aug-2017 |
ozaki-r |
Introduce KEY_SA_UNREF and replace KEY_FREESAV with it where sav will never be actually freed in the future
KEY_SA_UNREF is still key_freesav so no functional change for now.
This change reduces diff of further changes.
|
#
1.70 |
|
02-Aug-2017 |
ozaki-r |
Make IPsec SPD MP-safe
We use localcount(9), not psref(9), to make the sptree and secpolicy (SP) entries MP-safe because SPs need to be referenced over opencrypto processing that executes a callback in a different context.
SPs on sockets aren't managed by the sptree and can be destroyed in softint. localcount_drain cannot be used in softint so we delay the destruction of such SPs to a thread context. To do so, a list to manage such SPs is added (key_socksplist) and key_timehandler_spd deletes dead SPs in the list.
For more details please read the locking notes in key.c.
Proposed on tech-kern@ and tech-net@
|
#
1.69 |
|
27-Jul-2017 |
ozaki-r |
Don't acquire global locks for IPsec if NET_MPSAFE
Note that the change is just to make testing easy and IPsec isn't MP-safe yet.
|
#
1.68 |
|
20-Jul-2017 |
ozaki-r |
Use pool to allocate tdb_crypto
For ESP and AH, we need to allocate an extra variable space in addition to struct tdb_crypto. The fixed size of pool items may be larger than an actual requisite size of a buffer, but still the performance improvement by replacing malloc with pool wins.
|
#
1.67 |
|
20-Jul-2017 |
ozaki-r |
Dedup error paths (NFC)
|
#
1.66 |
|
20-Jul-2017 |
ozaki-r |
Fix a debug message
|
#
1.65 |
|
19-Jul-2017 |
ozaki-r |
Hold a reference to an SP during opencrypto processing
An SP has a list of isr (ipsecrequest) that represents a sequence of IPsec encryption/authentication processing. One isr corresponds to one opencrypto processing. The lifetime of an isr follows its SP.
We pass an isr to a callback function of opencrypto to continue to a next encryption/authentication processing. However nobody guaranteed that the isr wasn't freed, i.e., its SP wasn't destroyed.
In order to avoid such unexpected destruction of isr, hold a reference to its SP during opencrypto processing.
|
#
1.64 |
|
19-Jul-2017 |
ozaki-r |
Don't bother the case of crp->crp_buf == NULL in callbacks
|
#
1.63 |
|
19-Jul-2017 |
ozaki-r |
Don't release sav if calling crypto_dispatch again
|
Revision tags: perseant-stdc-iso10646-base
|
#
1.62 |
|
18-Jul-2017 |
ozaki-r |
Calculate ah_max_authsize on initialization as well as esp_max_ivlen
|
#
1.61 |
|
14-Jul-2017 |
ozaki-r |
Prepare to stop using isr->sav
isr is a shared resource and using isr->sav as a temporal storage for each packet processing is racy. And also having a reference from isr to sav makes the lifetime of sav non-deterministic; such a reference is removed when a packet is processed and isr->sav is overwritten by new one. Let's have a sav locally for each packet processing instead of using shared isr->sav.
However this change doesn't stop using isr->sav yet because there are some users of isr->sav. isr->sav will be removed after the users find a way to not use isr->sav.
|
#
1.60 |
|
14-Jul-2017 |
ozaki-r |
Pass sav directly to opencrypto callback
In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead.
|
#
1.59 |
|
13-Jul-2017 |
ozaki-r |
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.71 |
|
03-Aug-2017 |
ozaki-r |
Introduce KEY_SA_UNREF and replace KEY_FREESAV with it where sav will never be actually freed in the future
KEY_SA_UNREF is still key_freesav so no functional change for now.
This change reduces diff of further changes.
|
#
1.70 |
|
02-Aug-2017 |
ozaki-r |
Make IPsec SPD MP-safe
We use localcount(9), not psref(9), to make the sptree and secpolicy (SP) entries MP-safe because SPs need to be referenced over opencrypto processing that executes a callback in a different context.
SPs on sockets aren't managed by the sptree and can be destroyed in softint. localcount_drain cannot be used in softint so we delay the destruction of such SPs to a thread context. To do so, a list to manage such SPs is added (key_socksplist) and key_timehandler_spd deletes dead SPs in the list.
For more details please read the locking notes in key.c.
Proposed on tech-kern@ and tech-net@
|
#
1.69 |
|
27-Jul-2017 |
ozaki-r |
Don't acquire global locks for IPsec if NET_MPSAFE
Note that the change is just to make testing easy and IPsec isn't MP-safe yet.
|
#
1.68 |
|
20-Jul-2017 |
ozaki-r |
Use pool to allocate tdb_crypto
For ESP and AH, we need to allocate an extra variable space in addition to struct tdb_crypto. The fixed size of pool items may be larger than an actual requisite size of a buffer, but still the performance improvement by replacing malloc with pool wins.
|
#
1.67 |
|
20-Jul-2017 |
ozaki-r |
Dedup error paths (NFC)
|
#
1.66 |
|
20-Jul-2017 |
ozaki-r |
Fix a debug message
|
#
1.65 |
|
19-Jul-2017 |
ozaki-r |
Hold a reference to an SP during opencrypto processing
An SP has a list of isr (ipsecrequest) that represents a sequence of IPsec encryption/authentication processing. One isr corresponds to one opencrypto processing. The lifetime of an isr follows its SP.
We pass an isr to a callback function of opencrypto to continue to a next encryption/authentication processing. However nobody guaranteed that the isr wasn't freed, i.e., its SP wasn't destroyed.
In order to avoid such unexpected destruction of isr, hold a reference to its SP during opencrypto processing.
|
#
1.64 |
|
19-Jul-2017 |
ozaki-r |
Don't bother the case of crp->crp_buf == NULL in callbacks
|
#
1.63 |
|
19-Jul-2017 |
ozaki-r |
Don't release sav if calling crypto_dispatch again
|
Revision tags: perseant-stdc-iso10646-base
|
#
1.62 |
|
18-Jul-2017 |
ozaki-r |
Calculate ah_max_authsize on initialization as well as esp_max_ivlen
|
#
1.61 |
|
14-Jul-2017 |
ozaki-r |
Prepare to stop using isr->sav
isr is a shared resource and using isr->sav as a temporal storage for each packet processing is racy. And also having a reference from isr to sav makes the lifetime of sav non-deterministic; such a reference is removed when a packet is processed and isr->sav is overwritten by new one. Let's have a sav locally for each packet processing instead of using shared isr->sav.
However this change doesn't stop using isr->sav yet because there are some users of isr->sav. isr->sav will be removed after the users find a way to not use isr->sav.
|
#
1.60 |
|
14-Jul-2017 |
ozaki-r |
Pass sav directly to opencrypto callback
In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead.
|
#
1.59 |
|
13-Jul-2017 |
ozaki-r |
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.70 |
|
02-Aug-2017 |
ozaki-r |
Make IPsec SPD MP-safe
We use localcount(9), not psref(9), to make the sptree and secpolicy (SP) entries MP-safe because SPs need to be referenced over opencrypto processing that executes a callback in a different context.
SPs on sockets aren't managed by the sptree and can be destroyed in softint. localcount_drain cannot be used in softint so we delay the destruction of such SPs to a thread context. To do so, a list to manage such SPs is added (key_socksplist) and key_timehandler_spd deletes dead SPs in the list.
For more details please read the locking notes in key.c.
Proposed on tech-kern@ and tech-net@
|
#
1.69 |
|
27-Jul-2017 |
ozaki-r |
Don't acquire global locks for IPsec if NET_MPSAFE
Note that the change is just to make testing easy and IPsec isn't MP-safe yet.
|
#
1.68 |
|
20-Jul-2017 |
ozaki-r |
Use pool to allocate tdb_crypto
For ESP and AH, we need to allocate an extra variable space in addition to struct tdb_crypto. The fixed size of pool items may be larger than an actual requisite size of a buffer, but still the performance improvement by replacing malloc with pool wins.
|
#
1.67 |
|
20-Jul-2017 |
ozaki-r |
Dedup error paths (NFC)
|
#
1.66 |
|
20-Jul-2017 |
ozaki-r |
Fix a debug message
|
#
1.65 |
|
19-Jul-2017 |
ozaki-r |
Hold a reference to an SP during opencrypto processing
An SP has a list of isr (ipsecrequest) that represents a sequence of IPsec encryption/authentication processing. One isr corresponds to one opencrypto processing. The lifetime of an isr follows its SP.
We pass an isr to a callback function of opencrypto to continue to a next encryption/authentication processing. However nobody guaranteed that the isr wasn't freed, i.e., its SP wasn't destroyed.
In order to avoid such unexpected destruction of isr, hold a reference to its SP during opencrypto processing.
|
#
1.64 |
|
19-Jul-2017 |
ozaki-r |
Don't bother the case of crp->crp_buf == NULL in callbacks
|
#
1.63 |
|
19-Jul-2017 |
ozaki-r |
Don't release sav if calling crypto_dispatch again
|
Revision tags: perseant-stdc-iso10646-base
|
#
1.62 |
|
18-Jul-2017 |
ozaki-r |
Calculate ah_max_authsize on initialization as well as esp_max_ivlen
|
#
1.61 |
|
14-Jul-2017 |
ozaki-r |
Prepare to stop using isr->sav
isr is a shared resource and using isr->sav as a temporal storage for each packet processing is racy. And also having a reference from isr to sav makes the lifetime of sav non-deterministic; such a reference is removed when a packet is processed and isr->sav is overwritten by new one. Let's have a sav locally for each packet processing instead of using shared isr->sav.
However this change doesn't stop using isr->sav yet because there are some users of isr->sav. isr->sav will be removed after the users find a way to not use isr->sav.
|
#
1.60 |
|
14-Jul-2017 |
ozaki-r |
Pass sav directly to opencrypto callback
In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead.
|
#
1.59 |
|
13-Jul-2017 |
ozaki-r |
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.69 |
|
27-Jul-2017 |
ozaki-r |
Don't acquire global locks for IPsec if NET_MPSAFE
Note that the change is just to make testing easy and IPsec isn't MP-safe yet.
|
#
1.68 |
|
20-Jul-2017 |
ozaki-r |
Use pool to allocate tdb_crypto
For ESP and AH, we need to allocate an extra variable space in addition to struct tdb_crypto. The fixed size of pool items may be larger than an actual requisite size of a buffer, but still the performance improvement by replacing malloc with pool wins.
|
#
1.67 |
|
20-Jul-2017 |
ozaki-r |
Dedup error paths (NFC)
|
#
1.66 |
|
20-Jul-2017 |
ozaki-r |
Fix a debug message
|
#
1.65 |
|
19-Jul-2017 |
ozaki-r |
Hold a reference to an SP during opencrypto processing
An SP has a list of isr (ipsecrequest) that represents a sequence of IPsec encryption/authentication processing. One isr corresponds to one opencrypto processing. The lifetime of an isr follows its SP.
We pass an isr to a callback function of opencrypto to continue to a next encryption/authentication processing. However nobody guaranteed that the isr wasn't freed, i.e., its SP wasn't destroyed.
In order to avoid such unexpected destruction of isr, hold a reference to its SP during opencrypto processing.
|
#
1.64 |
|
19-Jul-2017 |
ozaki-r |
Don't bother the case of crp->crp_buf == NULL in callbacks
|
#
1.63 |
|
19-Jul-2017 |
ozaki-r |
Don't release sav if calling crypto_dispatch again
|
Revision tags: perseant-stdc-iso10646-base
|
#
1.62 |
|
18-Jul-2017 |
ozaki-r |
Calculate ah_max_authsize on initialization as well as esp_max_ivlen
|
#
1.61 |
|
14-Jul-2017 |
ozaki-r |
Prepare to stop using isr->sav
isr is a shared resource and using isr->sav as a temporal storage for each packet processing is racy. And also having a reference from isr to sav makes the lifetime of sav non-deterministic; such a reference is removed when a packet is processed and isr->sav is overwritten by new one. Let's have a sav locally for each packet processing instead of using shared isr->sav.
However this change doesn't stop using isr->sav yet because there are some users of isr->sav. isr->sav will be removed after the users find a way to not use isr->sav.
|
#
1.60 |
|
14-Jul-2017 |
ozaki-r |
Pass sav directly to opencrypto callback
In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead.
|
#
1.59 |
|
13-Jul-2017 |
ozaki-r |
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.68 |
|
20-Jul-2017 |
ozaki-r |
Use pool to allocate tdb_crypto
For ESP and AH, we need to allocate an extra variable space in addition to struct tdb_crypto. The fixed size of pool items may be larger than an actual requisite size of a buffer, but still the performance improvement by replacing malloc with pool wins.
|
#
1.67 |
|
20-Jul-2017 |
ozaki-r |
Dedup error paths (NFC)
|
#
1.66 |
|
20-Jul-2017 |
ozaki-r |
Fix a debug message
|
#
1.65 |
|
19-Jul-2017 |
ozaki-r |
Hold a reference to an SP during opencrypto processing
An SP has a list of isr (ipsecrequest) that represents a sequence of IPsec encryption/authentication processing. One isr corresponds to one opencrypto processing. The lifetime of an isr follows its SP.
We pass an isr to a callback function of opencrypto to continue to a next encryption/authentication processing. However nobody guaranteed that the isr wasn't freed, i.e., its SP wasn't destroyed.
In order to avoid such unexpected destruction of isr, hold a reference to its SP during opencrypto processing.
|
#
1.64 |
|
19-Jul-2017 |
ozaki-r |
Don't bother the case of crp->crp_buf == NULL in callbacks
|
#
1.63 |
|
19-Jul-2017 |
ozaki-r |
Don't release sav if calling crypto_dispatch again
|
Revision tags: perseant-stdc-iso10646-base
|
#
1.62 |
|
18-Jul-2017 |
ozaki-r |
Calculate ah_max_authsize on initialization as well as esp_max_ivlen
|
#
1.61 |
|
14-Jul-2017 |
ozaki-r |
Prepare to stop using isr->sav
isr is a shared resource and using isr->sav as a temporal storage for each packet processing is racy. And also having a reference from isr to sav makes the lifetime of sav non-deterministic; such a reference is removed when a packet is processed and isr->sav is overwritten by new one. Let's have a sav locally for each packet processing instead of using shared isr->sav.
However this change doesn't stop using isr->sav yet because there are some users of isr->sav. isr->sav will be removed after the users find a way to not use isr->sav.
|
#
1.60 |
|
14-Jul-2017 |
ozaki-r |
Pass sav directly to opencrypto callback
In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead.
|
#
1.59 |
|
13-Jul-2017 |
ozaki-r |
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.65 |
|
19-Jul-2017 |
ozaki-r |
Hold a reference to an SP during opencrypto processing
An SP has a list of isr (ipsecrequest) that represents a sequence of IPsec encryption/authentication processing. One isr corresponds to one opencrypto processing. The lifetime of an isr follows its SP.
We pass an isr to a callback function of opencrypto to continue to a next encryption/authentication processing. However nobody guaranteed that the isr wasn't freed, i.e., its SP wasn't destroyed.
In order to avoid such unexpected destruction of isr, hold a reference to its SP during opencrypto processing.
|
#
1.64 |
|
19-Jul-2017 |
ozaki-r |
Don't bother the case of crp->crp_buf == NULL in callbacks
|
#
1.63 |
|
19-Jul-2017 |
ozaki-r |
Don't release sav if calling crypto_dispatch again
|
Revision tags: perseant-stdc-iso10646-base
|
#
1.62 |
|
18-Jul-2017 |
ozaki-r |
Calculate ah_max_authsize on initialization as well as esp_max_ivlen
|
#
1.61 |
|
14-Jul-2017 |
ozaki-r |
Prepare to stop using isr->sav
isr is a shared resource and using isr->sav as a temporal storage for each packet processing is racy. And also having a reference from isr to sav makes the lifetime of sav non-deterministic; such a reference is removed when a packet is processed and isr->sav is overwritten by new one. Let's have a sav locally for each packet processing instead of using shared isr->sav.
However this change doesn't stop using isr->sav yet because there are some users of isr->sav. isr->sav will be removed after the users find a way to not use isr->sav.
|
#
1.60 |
|
14-Jul-2017 |
ozaki-r |
Pass sav directly to opencrypto callback
In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead.
|
#
1.59 |
|
13-Jul-2017 |
ozaki-r |
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.62 |
|
18-Jul-2017 |
ozaki-r |
Calculate ah_max_authsize on initialization as well as esp_max_ivlen
|
#
1.61 |
|
14-Jul-2017 |
ozaki-r |
Prepare to stop using isr->sav
isr is a shared resource and using isr->sav as a temporal storage for each packet processing is racy. And also having a reference from isr to sav makes the lifetime of sav non-deterministic; such a reference is removed when a packet is processed and isr->sav is overwritten by new one. Let's have a sav locally for each packet processing instead of using shared isr->sav.
However this change doesn't stop using isr->sav yet because there are some users of isr->sav. isr->sav will be removed after the users find a way to not use isr->sav.
|
#
1.60 |
|
14-Jul-2017 |
ozaki-r |
Pass sav directly to opencrypto callback
In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead.
|
#
1.59 |
|
13-Jul-2017 |
ozaki-r |
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.61 |
|
14-Jul-2017 |
ozaki-r |
Prepare to stop using isr->sav
isr is a shared resource and using isr->sav as a temporal storage for each packet processing is racy. And also having a reference from isr to sav makes the lifetime of sav non-deterministic; such a reference is removed when a packet is processed and isr->sav is overwritten by new one. Let's have a sav locally for each packet processing instead of using shared isr->sav.
However this change doesn't stop using isr->sav yet because there are some users of isr->sav. isr->sav will be removed after the users find a way to not use isr->sav.
|
#
1.60 |
|
14-Jul-2017 |
ozaki-r |
Pass sav directly to opencrypto callback
In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead.
|
#
1.59 |
|
13-Jul-2017 |
ozaki-r |
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.60 |
|
14-Jul-2017 |
ozaki-r |
Pass sav directly to opencrypto callback
In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead.
|
#
1.59 |
|
13-Jul-2017 |
ozaki-r |
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.59 |
|
13-Jul-2017 |
ozaki-r |
Fix header size calculation of ah in the case sav is NULL
This fix was also needed for esp.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.58 |
|
10-Jul-2017 |
ozaki-r |
Use explicit_memset to surely zero-clear key_auth and key_enc
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.57 |
|
07-Jul-2017 |
ozaki-r |
Rename key_alloc* functions (NFC)
We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.56 |
|
05-Jul-2017 |
ozaki-r |
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE
It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet.
Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.55 |
|
29-Jun-2017 |
ozaki-r |
Apply C99-style struct initialization to xformsw
|
Revision tags: netbsd-8-base prg-localcount2-base3
|
#
1.54 |
|
11-May-2017 |
ryo |
Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
branches: 1.53.2; Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
#
1.54 |
|
11-May-2017 |
ryo |
Make ipsec_address() and ipsec_logsastr() mpsafe.
|
Revision tags: prg-localcount2-base2 prg-localcount2-base1 prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|
Revision tags: prg-localcount2-base pgoyette-localcount-20170426 bouyer-socketcan-base1
|
#
1.53 |
|
19-Apr-2017 |
ozaki-r |
Retire ipsec_osdep.h
We don't need to care other OSes (FreeBSD) anymore.
Some macros are alive in ipsec_private.h.
|
#
1.52 |
|
18-Apr-2017 |
ozaki-r |
Convert IPSEC_ASSERT to KASSERT or KASSERTMSG
IPSEC_ASSERT just discarded specified message...
|
#
1.51 |
|
18-Apr-2017 |
ozaki-r |
Remove __FreeBSD__ and __NetBSD__ switches
No functional changes (except for a debug printf).
Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes.
|
#
1.50 |
|
15-Apr-2017 |
christos |
cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t
|
#
1.49 |
|
14-Apr-2017 |
christos |
- fix old refactoring which zeroed the wrong part of the buffer. - simplify.
|
#
1.48 |
|
14-Apr-2017 |
christos |
change into __func__
|
#
1.47 |
|
13-Apr-2017 |
christos |
Redo the statistics through an indirection array and put the definitions of the arrays in pfkeyv2.h so that they are next to the index definitions. Remove "bogus" comment about compressing the statistics which is now fixed.
|
#
1.46 |
|
13-Apr-2017 |
ozaki-r |
Fix that ah_algorithm_lookup and esp_algorithm_lookup don't handle some algorithms
Unrelated upper limit values, AH_ALG_MAX and ESP_ALG_MAX, prevented some algorithms from being looked up.
|
Revision tags: jdolecek-ncq-base
|
#
1.45 |
|
06-Apr-2017 |
ozaki-r |
Prepare netipsec for rump-ification
- Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library
|
Revision tags: pgoyette-localcount-20170320 nick-nhusb-base-20170204 bouyer-socketcan-base pgoyette-localcount-20170107 nick-nhusb-base-20161204 pgoyette-localcount-20161104 nick-nhusb-base-20161004 localcount-20160914 pgoyette-localcount-20160806 pgoyette-localcount-20160726 pgoyette-localcount-base nick-nhusb-base-20160907 nick-nhusb-base-20160529 nick-nhusb-base-20160422 nick-nhusb-base-20160319 nick-nhusb-base-20151226 nick-nhusb-base-20150921 nick-nhusb-base-20150606 nick-nhusb-base-20150406
|
#
1.44 |
|
30-Mar-2015 |
ozaki-r |
branches: 1.44.2; 1.44.4; Tidy up opt_ipsec.h inclusions
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary. Add inclusions to some C files for IPSEC_DEBUG.
|
#
1.43 |
|
27-Mar-2015 |
ozaki-r |
KNF
|
Revision tags: netbsd-7-1-RELEASE netbsd-7-1-RC2 netbsd-7-nhusb-base-20170116 netbsd-7-1-RC1 netbsd-7-0-2-RELEASE netbsd-7-nhusb-base netbsd-7-0-1-RELEASE netbsd-7-0-RELEASE netbsd-7-0-RC3 netbsd-7-0-RC2 netbsd-7-0-RC1 nick-nhusb-base netbsd-7-base yamt-pagecache-base9 tls-earlyentropy-base riastradh-xf86-video-intel-2-7-1-pre-2-21-15 riastradh-drm2-base3 rmind-smpnet-nbase rmind-smpnet-base tls-maxphys-base
|
#
1.42 |
|
03-Nov-2013 |
mrg |
branches: 1.42.6; - apply some __diagused - remove unused variables - move some variables inside their relevant use #ifdef
|
#
1.41 |
|
28-Aug-2013 |
riastradh |
Fix sense of consttime_memequal and update all callers.
Now it returns true (nonzero) to mean equal and false (zero) to mean inequal, as the name suggests.
As promised on tech-userlevel back in June:
https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
|
Revision tags: riastradh-drm2-base2 riastradh-drm2-base1 riastradh-drm2-base
|
#
1.40 |
|
24-Jun-2013 |
riastradh |
branches: 1.40.2; Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.
consttime_memequal is the same as the old consttime_bcmp. explicit_memset is to memset as explicit_bzero was to bcmp.
Passes amd64 release and i386/ALL, but I'm sure I missed some spots, so please let me know.
|
#
1.39 |
|
04-Jun-2013 |
christos |
PR/47886: Dr. Wolfgang Stukenbrock: IPSEC_NAT_T enabled kernels may access outdated pointers and pass ESP data to UPD-sockets. While here, simplify the code and remove the IPSEC_NAT_T option; always compile nat-traversal in so that it does not bitrot.
|
Revision tags: agc-symver-base yamt-pagecache-base8 yamt-pagecache-base7 yamt-pagecache-base6
|
#
1.38 |
|
30-Aug-2012 |
drochner |
branches: 1.38.2; Add "consttime_bcmp" and "explicit_bzero" functions for both kernel abd userland, as proposed on tech-security, with explicit_bzero using a volatile function pointer as suggested by Alan Barrett. Both do what the name says. For userland, both are prefixed by "__" to keep them out of the user namespace. Change some memset/memcmp uses to the new functions where it makes sense -- these are just some examples, more to come.
|
Revision tags: netbsd-6-0-6-RELEASE netbsd-6-1-5-RELEASE netbsd-6-1-4-RELEASE netbsd-6-0-5-RELEASE netbsd-6-1-3-RELEASE netbsd-6-0-4-RELEASE netbsd-6-1-2-RELEASE netbsd-6-0-3-RELEASE netbsd-6-1-1-RELEASE netbsd-6-0-2-RELEASE netbsd-6-1-RELEASE netbsd-6-1-RC4 netbsd-6-1-RC3 netbsd-6-1-RC2 netbsd-6-1-RC1 netbsd-6-0-1-RELEASE matt-nb6-plus-nbase netbsd-6-0-RELEASE netbsd-6-0-RC2 matt-nb6-plus-base netbsd-6-0-RC1 jmcneill-usbmp-base10 yamt-pagecache-base5 jmcneill-usbmp-base9 yamt-pagecache-base4 jmcneill-usbmp-base8 jmcneill-usbmp-base7 jmcneill-usbmp-base6 jmcneill-usbmp-base5 jmcneill-usbmp-base4 jmcneill-usbmp-base3 jmcneill-usbmp-base2 netbsd-6-base
|
#
1.37 |
|
26-Jan-2012 |
drochner |
remove some DPRINTFs which are not just diagnostics but cause noise even on regular operation
|
#
1.36 |
|
25-Jan-2012 |
drochner |
Make sure the mbufs in the input path (only the parts which we are going to modify in the AH case) are writable/non-shared. This addresses PR kern/33162 by Jeff Rizzo, and replaces the insufficient patch from that time by a radical solution. (The PR's problem had been worked around by rev.1.3 of xennetback_xenbus.c, so it needs a network driver modification to reproduce it.) Being here, clarify a bit of ipcomp -- uncompression is done in-place, the header must be removed explicitly.
|
#
1.35 |
|
24-Jan-2012 |
drochner |
fix pointer/offset mistakes in handling of IPv4 options
|
#
1.34 |
|
10-Jan-2012 |
drochner |
add patch from Arnaud Degroote to handle IPv6 extended options with (FAST_)IPSEC, tested lightly with a DSTOPTS header consisting of PAD1
|
Revision tags: jmcneill-usbmp-pre-base2 jmcneill-usbmp-base jmcneill-audiomp3-base yamt-pagecache-base3 yamt-pagecache-base2 yamt-pagecache-base rmind-uvmplock-nbase cherry-xenmp-base rmind-uvmplock-base
|
#
1.33 |
|
24-May-2011 |
drochner |
branches: 1.33.4; 1.33.8; copy AES-XCBC-MAC support from KAME IPSEC to FAST_IPSEC For this to fit, an API change in cryptosoft was adopted from OpenBSD (addition of a "Setkey" method to hashes) which was done for GCM/GMAC support there, so it might be useful in the future anyway. tested against KAME IPSEC AFAICT, FAST_IPSEC now supports as much as KAME.
|
#
1.32 |
|
06-May-2011 |
drochner |
As a first step towards more fine-grained locking, don't require crypto_{new.free}session() to be called with the "crypto_mtx" spinlock held. This doesn't change much for now because these functions acquire the said mutex first on entry now, but at least it keeps the nasty locks local to the opencrypto core.
|
Revision tags: bouyer-quota2-nbase
|
#
1.31 |
|
18-Feb-2011 |
drochner |
more "const"
|
#
1.30 |
|
18-Feb-2011 |
drochner |
sprinkle some "const", documenting that the SA is not supposed to change during an xform operation
|
Revision tags: bouyer-quota2-base
|
#
1.29 |
|
16-Feb-2011 |
drochner |
remove some unnecessary pointer typecasts (one was wrong on BE systems, but was harmless here because the result is effectively unused)
|
#
1.28 |
|
14-Feb-2011 |
drochner |
change locking order, to make sure the cpu is at splsoftnet() before the softnet_lock (adaptive) mutex is acquired, from Wolfgang Stukenbrock, should fix a recursive lock panic
|
#
1.27 |
|
10-Feb-2011 |
drochner |
-in opencrypto callbacks (which run in a kernel thread), pull softnet_lock everywhere splsoftnet() was used before, to fix MP concurrency problems -pull KERNEL_LOCK where ip(6)_output() is called, as this is what the network stack (unfortunately) expects, in particular to avoid races for packets in the interface send queues From Wolfgang Stukenbrock per PR kern/44418, with the application of KERNEL_LOCK to what I think are the essential points, tested on a dual-core i386.
|
Revision tags: jruoho-x86intr-base matt-mips64-premerge-20101231 uebayasi-xip-base4 uebayasi-xip-base3 yamt-nfs-mp-base11 uebayasi-xip-base2 yamt-nfs-mp-base10 uebayasi-xip-base1 yamt-nfs-mp-base9 uebayasi-xip-base matt-premerge-20091211 yamt-nfs-mp-base8 yamt-nfs-mp-base7 jymxensuspend-base yamt-nfs-mp-base6 yamt-nfs-mp-base5 yamt-nfs-mp-base4 jym-xensuspend-nbase yamt-nfs-mp-base3 nick-hppapmap-base4 nick-hppapmap-base3 jym-xensuspend-base nick-hppapmap-base
|
#
1.26 |
|
18-Apr-2009 |
tsutsui |
branches: 1.26.4; 1.26.6; 1.26.8; Remove extra whitespace added by a stupid tool. XXX: more in src/sys/arch
|
#
1.25 |
|
18-Mar-2009 |
cegger |
bcopy -> memcpy
|
#
1.24 |
|
18-Mar-2009 |
cegger |
bzero -> memset
|
#
1.23 |
|
18-Mar-2009 |
cegger |
bcmp -> memcmp
|
Revision tags: nick-hppapmap-base2 mjf-devfs2-base
|
#
1.22 |
|
17-Dec-2008 |
cegger |
branches: 1.22.2; kill MALLOC and FREE macros.
|
Revision tags: netbsd-5-2-3-RELEASE netbsd-5-1-5-RELEASE netbsd-5-2-2-RELEASE netbsd-5-1-4-RELEASE netbsd-5-2-1-RELEASE netbsd-5-1-3-RELEASE netbsd-5-2-RELEASE netbsd-5-2-RC1 netbsd-5-1-2-RELEASE netbsd-5-1-1-RELEASE matt-nb5-mips64-premerge-20101231 matt-nb5-pq3-base netbsd-5-1-RELEASE netbsd-5-1-RC4 matt-nb5-mips64-k15 netbsd-5-1-RC3 netbsd-5-1-RC2 netbsd-5-1-RC1 netbsd-5-0-2-RELEASE matt-nb5-mips64-premerge-20091211 matt-nb5-mips64-u2-k2-k4-k7-k8-k9 matt-nb4-mips64-k7-u2a-k9b matt-nb5-mips64-u1-k1-k5 netbsd-5-0-1-RELEASE netbsd-5-0-RELEASE netbsd-5-0-RC4 netbsd-5-0-RC3 netbsd-5-0-RC2 netbsd-5-0-RC1 haad-dm-base2 haad-nbase2 ad-audiomp2-base netbsd-5-base matt-mips64-base2 haad-dm-base1 wrstuden-revivesa-base-4 wrstuden-revivesa-base-3 wrstuden-revivesa-base-2 haad-dm-base wrstuden-revivesa-base-1 simonb-wapbl-nbase yamt-pf42-base4 simonb-wapbl-base yamt-pf42-base3 hpcarm-cleanup-nbase yamt-pf42-base2 yamt-nfs-mp-base2 wrstuden-revivesa-base yamt-nfs-mp-base
|
#
1.21 |
|
23-Apr-2008 |
thorpej |
branches: 1.21.2; 1.21.10; Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and netstat_sysctl().
|
Revision tags: yamt-pf42-baseX yamt-pf42-base ad-socklock-base1 yamt-lazymbuf-base15 yamt-lazymbuf-base14 keiichi-mipv6-nbase nick-net80211-sync-base keiichi-mipv6-base matt-armv6-nbase mjf-devfs-base hpcarm-cleanup-base
|
#
1.20 |
|
04-Feb-2008 |
tls |
branches: 1.20.6; 1.20.8; Rework opencrypto to use a spin mutex (crypto_mtx) instead of "splcrypto" (actually splnet) and condvars instead of tsleep/wakeup. Fix a few miscellaneous problems and add some debugging printfs while there.
Restore set of CRYPTO_F_DONE in crypto_done() which was lost at some point after this code came from FreeBSD -- it made it impossible to wait properly for a condition.
Add flags analogous to the "crp" flags to the key operation's krp struct. Add a new flag, CRYPTO_F_ONRETQ which tells us a request finished before the kthread had a chance to dequeue it and call its callback -- this was letting requests stick on the queues before even though done and copied out.
Callers of crypto_newsession() or crypto_freesession() must now take the mutex. Change netipsec to do so. Dispatch takes the mutex itself as needed.
This was tested fairly extensively with the cryptosoft backend and lightly with a new hardware driver. It has not been tested with FAST_IPSEC; I am unable to ascertain whether FAST_IPSEC currently works at all in our tree.
pjd@FreeBSD.ORG, ad@NetBSD.ORG, and darran@snark.us pointed me in the right direction several times in the course of this. Remaining bugs are mine alone.
|
Revision tags: bouyer-xeni386-merge1 vmlocking2-base3 bouyer-xeni386-nbase yamt-kmem-base3 cube-autoconf-base yamt-kmem-base2 bouyer-xeni386-base yamt-kmem-base vmlocking2-base2 reinoud-bufcleanup-nbase vmlocking2-base1 jmcneill-base bouyer-xenamd64-base2 vmlocking-nbase bouyer-xenamd64-base matt-armv6-base jmcneill-pm-base reinoud-bufcleanup-base
|
#
1.19 |
|
28-Oct-2007 |
adrianp |
branches: 1.19.2; The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed.
Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@
|
Revision tags: nick-csl-alignment-base5 yamt-x86pmap-base4 yamt-x86pmap-base3 yamt-x86pmap-base2 yamt-x86pmap-base matt-mips64-base nick-csl-alignment-base mjf-ufs-trans-base vmlocking-base
|
#
1.18 |
|
27-Jun-2007 |
degroote |
branches: 1.18.6; 1.18.8; 1.18.12; Add support for options IPSEC_NAT_T (RFC 3947 and 3948) for fast_ipsec(4).
No objection on tech-net@
|
Revision tags: yamt-idlelwp-base8 thorpej-atomic-base
|
#
1.17 |
|
25-Mar-2007 |
degroote |
Honor the ip4_ah_offsetmask bits (clear or not the ip->ip_off field for ah processing).
|
#
1.16 |
|
25-Mar-2007 |
degroote |
Use ip4_ah_cleartos instead of ah_cleartos for consistency
|
#
1.15 |
|
04-Mar-2007 |
degroote |
branches: 1.15.2; 1.15.4; 1.15.6; Remove useless cast Use NULL instead of (void*) 0
|
#
1.14 |
|
04-Mar-2007 |
degroote |
Fix fallout from caddr_t changes
|
#
1.13 |
|
04-Mar-2007 |
christos |
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
|
Revision tags: netbsd-4-0-RC3 netbsd-4-0-RC2 netbsd-4-0-RC1 ad-audiomp-base post-newlock2-merge newlock2-nbase yamt-splraiseipl-base5 yamt-splraiseipl-base4 yamt-splraiseipl-base3 newlock2-base netbsd-4-base
|
#
1.12 |
|
16-Nov-2006 |
christos |
branches: 1.12.2; 1.12.4; 1.12.8; __unused removal on arguments; approved by core.
|
Revision tags: yamt-splraiseipl-base2
|
#
1.11 |
|
13-Oct-2006 |
christos |
more __unused
|
Revision tags: abandoned-netbsd-4-base yamt-splraiseipl-base yamt-pdpolicy-base9 yamt-pdpolicy-base8 yamt-pdpolicy-base7 yamt-pdpolicy-base6 chap-midi-nbase gdamore-uart-base yamt-pdpolicy-base5 chap-midi-base elad-kernelauth-base simonb-timecounters-base rpaulo-netinet-merge-pcb-base
|
#
1.10 |
|
11-Apr-2006 |
rpaulo |
branches: 1.10.8; 1.10.10; Add two new sysctls protected under IPSEC_DEBUG:
net.inet.ipsec.test_replay - When set to 1, IPsec will send packets with the same sequence number. This allows to verify if the other side has proper replay attacks detection.
net.inet.ipsec.test_integrity - When set 1, IPsec will send packets with corrupted HMAC. This allows to verify if the other side properly detects modified packets.
(a message will be printed indicating when these sysctls changed)
By Pawel Jakub Dawidek <pjd@FreeBSD.org>. Discussed with Christos Zoulas and Jonathan Stone.
|
Revision tags: yamt-pdpolicy-base4 yamt-pdpolicy-base3 peter-altq-base yamt-pdpolicy-base2 yamt-pdpolicy-base yamt-uio_vmspace-base5
|
#
1.9 |
|
11-Dec-2005 |
christos |
branches: 1.9.4; 1.9.6; 1.9.8; 1.9.10; 1.9.12; merge ktrace-lwp.
|
Revision tags: netbsd-3-1-1-RELEASE netbsd-3-0-3-RELEASE netbsd-3-1-RELEASE netbsd-3-0-2-RELEASE netbsd-3-1-RC4 netbsd-3-1-RC3 netbsd-3-1-RC2 netbsd-3-1-RC1 netbsd-3-0-1-RELEASE netbsd-3-0-RELEASE netbsd-3-0-RC6 yamt-readahead-base3 netbsd-3-0-RC5 netbsd-3-0-RC4 netbsd-3-0-RC3 yamt-readahead-base2 netbsd-3-0-RC2 yamt-readahead-pervnode yamt-readahead-perfile yamt-readahead-base netbsd-3-0-RC1 yamt-vop-base3 yamt-vop-base2 thorpej-vnode-attr-base yamt-vop-base yamt-km-base4 yamt-km-base3 netbsd-3-base kent-audio2-base ktrace-lwp-base
|
#
1.8 |
|
26-Feb-2005 |
perry |
branches: 1.8.2; 1.8.4; 1.8.12; 1.8.14; nuke trailing whitespace
|
Revision tags: yamt-km-base2 yamt-km-base kent-audio1-beforemerge kent-audio1-base
|
#
1.7 |
|
01-May-2004 |
jonathan |
branches: 1.7.2; 1.7.6; 1.7.8; Commit an old diff for AH which has been in my personal tree since August 2003:
On NetBSD, when we get to ah_massage_headers(), ip->ip_len is in network byte order and includes all bytes in the input packet. Therefore we don't need to byte-swap it or to add `skip' back in, before verifying the receive-side hash.
With this change, AH transport mode works against FreeBSD 4.9 fast-ipsec (which also works against Win2k, &c., &c.).
|
Revision tags: netbsd-2-0-base
|
#
1.6 |
|
17-Mar-2004 |
jonathan |
branches: 1.6.2; sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include <netinet6/ip6_ecn.h> in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c
|
#
1.5 |
|
12-Dec-2003 |
thorpej |
Cast an expression with sizeof() to long.
|
#
1.4 |
|
06-Oct-2003 |
tls |
Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes:
1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h
2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless).
3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it.
An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors).
|
#
1.3 |
|
12-Sep-2003 |
itojun |
merge netipsec/key* into netkey/key*. no need for both. change confusing filename
|
#
1.2 |
|
20-Aug-2003 |
jonathan |
opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif.
|
#
1.1 |
|
13-Aug-2003 |
jonathan |
Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
|