configured with ``options FAST_IPSEC''. Kernels with KAME IPsec or
with no IPsec should work as before.
All calls to ip_output() now always pass an additional compulsory
argument: the inpcb associated with the packet being sent,
or 0 if no inpcb is available.
Fast-ipsec tested with ICMP or UDP over ESP. TCP doesn't work, yet.
in jazz_bus_dmamap_create() disable BUS_DMA_ALLOCNOW for now
rather than return ENOMEM. Required by some PCI devices (like pciide(4)).
XXX needs re-think how BUS_DMA_ALLOCNOW should be handled.
XXX (we should use another flag for the jazz internal DMAC?)
Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the
OpenCryptoFramework (and thus hardware crypto accelerators) and
numerous detailed performance improvements.
This import is (aside from SPL-level names) the FreeBSD source,
imported ``as-is'' as a historical snapshot, for future maintenance
and comparison against the FreeBSD source. For now, several minor
kernel-API differences are hidden by macros a shim file, ipsec_osdep.h,
which (aside from SPL names) can be targeted at either NetBSD or FreeBSD.
for that file to not be built with profiling. This makes it reasonable to
use pthread_{set,get}specific() to implement thread-safe profiline call counts.
(previously 'GLptr' was used as mask.)
this long standing bug seems to be uncovered by
my previous change(rev.1.2) on some machines.
PR/22457 from Matthias Scheler, and tested by him.
and when MAXDSIZ were increased memcpy() length sometimes were larger
than 64k (like in amap_extend()) All functions now checks the length.
This fixes PR#19968.
Disable the inline string functions and use the C versions instead.
