1
0
mirror of https://git.FreeBSD.org/src.git synced 2025-01-01 12:19:28 +00:00
freebsd/sys/netipsec
Andrey V. Elsukov f367798498 Take extra reference to security policy before calling crypto_dispatch().
Currently we perform crypto requests for IPSEC synchronous for most of
crypto providers (software, aesni) and only VIA padlock calls crypto
callback asynchronous. In synchronous mode it is possible, that security
policy will be removed during the processing crypto request. And crypto
callback will release the last reference to SP. Then upon return into
ipsec[46]_process_packet() IPSECREQUEST_UNLOCK() will be called to already
freed request. To prevent this we will take extra reference to SP.

PR:		201876
Sponsored by:	Yandex LLC
2015-09-30 08:16:33 +00:00
..
ah_var.h
ah.h
esp_var.h
esp.h
ipcomp_var.h
ipcomp.h
ipsec6.h
ipsec_input.c IPSEC, remove variable argument function its already due. 2015-07-21 21:46:24 +00:00
ipsec_mbuf.c
ipsec_output.c Take extra reference to security policy before calling crypto_dispatch(). 2015-09-30 08:16:33 +00:00
ipsec.c Reduce overhead of IPSEC for traffic generated from host 2015-07-03 15:31:56 +00:00
ipsec.h IPSEC, remove variable argument function its already due. 2015-07-21 21:46:24 +00:00
key_debug.c Make IPsec work with AES-GCM and AES-ICM (aka CTR) in OCF... IPsec 2015-08-04 17:47:11 +00:00
key_debug.h
key_var.h
key.c Make IPsec work with AES-GCM and AES-ICM (aka CTR) in OCF... IPsec 2015-08-04 17:47:11 +00:00
key.h drop key_sa_stir_iv as it isn't used... 2015-06-11 13:05:37 +00:00
keydb.h Make IPsec work with AES-GCM and AES-ICM (aka CTR) in OCF... IPsec 2015-08-04 17:47:11 +00:00
keysock.c
keysock.h
xform_ah.c Take extra reference to security policy before calling crypto_dispatch(). 2015-09-30 08:16:33 +00:00
xform_esp.c Take extra reference to security policy before calling crypto_dispatch(). 2015-09-30 08:16:33 +00:00
xform_ipcomp.c Take extra reference to security policy before calling crypto_dispatch(). 2015-09-30 08:16:33 +00:00
xform_tcp.c
xform.h RFC4868 section 2.3 requires that the output be half... This fixes 2015-07-29 07:15:16 +00:00