Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
243,843 Commits 606 Branches 0 Tags 3.1 GiB
0d5ace558d
Commit Graph

13 Commits

Author SHA1 Message Date
ozaki-r
fe6d427551 Avoid storing a pointer of an interface in a mbuf 
Having a pointer of an interface in a mbuf isn't safe if we remove big
kernel locks; an interface object (ifnet) can be destroyed anytime in any
packet processing and accessing such object via a pointer is racy. Instead
we have to get an object from the interface collection (ifindex2ifnet) via
an interface index (if_index) that is stored to a mbuf instead of an
pointer.

The change provides two APIs: m_{get,put}_rcvif_psref that use psref(9)
for sleep-able critical sections and m_{get,put}_rcvif that use
pserialize(9) for other critical sections. The change also adds another
API called m_get_rcvif_NOMPSAFE, that is NOT MP-safe and for transition
moratorium, i.e., it is intended to be used for places where are not
planned to be MP-ified soon.

The change adds some overhead due to psref to performance sensitive paths,
however the overhead is not serious, 2% down at worst.

Proposed on tech-kern and tech-net.
 2016-06-10 13:31:43 +00:00
ozaki-r
48b3acd885 Tidy up opt_ipsec.h inclusions 
Some inclusions of opt_ipsec.h were for IPSEC_NAT_T and are now unnecessary.
Add inclusions to some C files for IPSEC_DEBUG.
 2015-03-30 03:51:50 +00:00
drochner
fe35ba177e g/c remainders of IV handling in pfkey code -- this is done in 
opencrypto now
 2011-05-23 15:17:25 +00:00
drochner
7a1d44a2ce declare input to kdebug_*() functions which dump structures 
to stdout in human readable form as "const"
 2011-02-21 22:21:40 +00:00
degroote
a382db0aa9 Ansify 
Remove useless extern
bzero -> memset, bcopy -> memcpy

No functionnal changes
 2007-07-07 18:38:22 +00:00
degroote
dd86ba7231 Remove useless cast 
Use NULL instead of (void*) 0
 2007-03-04 21:17:54 +00:00
degroote
c252f603d0 Fix fallout from caddr_t changes 2007-03-04 19:54:48 +00:00
christos
53524e44ef Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
christos
95e1ffb156 merge ktrace-lwp. 2005-12-11 12:16:03 +00:00
christos
8dc75b1c08 Panic strings should not end with \n. 2005-05-08 18:44:39 +00:00
tls
9355900ec9 Reversion of "netkey merge", part 2 (replacement of removed files in the 
repository by christos was part 1).  netipsec should now be back as it
was on 2003-09-11, with some very minor changes:

1) Some residual platform-dependent code was moved from ipsec.h to
   ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined.  ipsec.h
   now includes ipsec_osdep.h

2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has
   been left in place (it's arguable which name is less confusing but the
   rename is pretty harmless).

3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN
   is invalid and GCC 3 won't compile it.

An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now
gets through "make depend" but fails to build with errors in ip_input.c.
But it's better than it was (thank heaven for small favors).
 2003-10-06 22:05:15 +00:00
jonathan
c23a2c9c86 opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif. 2003-08-20 22:33:40 +00:00
jonathan
740290313e Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. 
Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the
OpenCryptoFramework (and thus hardware crypto accelerators) and
numerous detailed performance improvements.

This import is (aside from SPL-level names) the FreeBSD source,
imported ``as-is'' as a historical snapshot, for future maintenance
and comparison against the FreeBSD source.  For now, several minor
kernel-API differences are hidden by macros a shim file, ipsec_osdep.h,
which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
 2003-08-13 20:06:49 +00:00