Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
75ffcec5e7
NetBSD/sys/netipsec
History
ozaki-r 75ffcec5e7 Avoid a race condition between SA (sav) manipulations 
An sav can be removed from belonging list(s) twice resulting in an assertion
failure of pslist.  It can occur if the following two operations interleave:
(i) a deletion or a update of an SA via the API, and
(ii) a state change (key_sa_chgstate) of the same SA by the timer.
Note that even (ii) removes an sav once from its list(s) on a update.

The cause of the race condition is that the two operations are not serialized
and (i) doesn't get and remove an sav from belonging list(s) atomically.  So
(ii) can be inserted between an acquisition and a removal of (i).

Avoid the race condition by making (i) atomic.
2019-07-17 07:07:59 +00:00
..
ah_var.h Remove extra long file paths from the headers. 2018-04-19 08:27:38 +00:00
ah.h Remove extra long file paths from the headers. 2018-04-19 08:27:38 +00:00
esp_var.h Remove extra long file paths from the headers. 2018-04-19 08:27:38 +00:00
esp.h Remove extra long file paths from the headers. 2018-04-19 08:27:38 +00:00
files.netipsec add ipsec(4) interface, which is used for route-based VPN. 2018-01-10 10:56:30 +00:00
ipcomp_var.h Remove extra long file paths from the headers. 2018-04-19 08:27:38 +00:00
ipcomp.h Remove extra long file paths from the headers. 2018-04-19 08:27:38 +00:00
ipip_var.h Rename ipip_allow->ipip_spoofcheck, and add net.inet.ipsec.ipip_spoofcheck. 2018-04-22 10:25:40 +00:00
ipsec6.h Merge ipsec4_input and ipsec6_input into ipsec_ip_input. Make the argument 2018-05-14 17:34:26 +00:00
ipsec_input.c Merge the [pgoyette-compat] branch 2019-01-27 02:08:33 +00:00
ipsec_mbuf.c Replace: M_MOVE_PKTHDR -> m_move_pkthdr. No functional change, since the 2018-12-22 13:11:37 +00:00
ipsec_netbsd.c Fix the net.inet6.ipsec6.def_policy node, the variable should be 2018-04-28 13:44:19 +00:00
ipsec_output.c ipsecif(4) supports multiple peers in the same NAPT. 2018-12-26 08:58:51 +00:00
ipsec_private.h Remove IPSEC_SPLASSERT_SOFTNET, it has always been a no-op. 2018-04-28 15:45:16 +00:00
ipsec_var.h - Cleanup for dynamic sysctl: 2018-08-22 01:05:21 +00:00
ipsec.c Fix uninitialized variable: in ipsec_checkpcbcache(), spidx.dir is not 2019-07-09 16:56:24 +00:00
ipsec.h make DPRINTF use varyadic cpp macros, and merge with IPSECLOG. 2019-06-12 22:23:50 +00:00
ipsecif.c Don't clear calculated Tx tos value for IPv[46] over IPv6. 2019-05-17 05:27:24 +00:00
ipsecif.h Fix unexpected failure when ipsecif(4) over IPv6 is changed port number only. 2018-04-06 10:38:53 +00:00
key_debug.c Merge the [pgoyette-compat] branch 2019-01-27 02:08:33 +00:00
key_debug.h Remove extra long file paths from the headers. 2018-04-19 08:27:38 +00:00
key_var.h Remove unused macros. 2018-04-28 13:23:17 +00:00
key.c Avoid a race condition between SA (sav) manipulations 2019-07-17 07:07:59 +00:00
key.h Remove extra long file paths from the headers. 2018-04-19 08:27:38 +00:00
keydb.h Remove extra long file paths from the headers. 2018-04-19 08:27:38 +00:00
keysock.c make DPRINTF use varyadic cpp macros, and merge with IPSECLOG. 2019-06-12 22:23:50 +00:00
keysock.h Remove unused function. 2018-12-24 15:57:15 +00:00
Makefile add ipsec(4) interface, which is used for route-based VPN. 2018-01-10 10:56:30 +00:00
xform_ah.c make DPRINTF use varyadic cpp macros, and merge with IPSECLOG. 2019-06-12 22:23:50 +00:00
xform_esp.c make DPRINTF use varyadic cpp macros, and merge with IPSECLOG. 2019-06-12 22:23:50 +00:00
xform_ipcomp.c make DPRINTF use varyadic cpp macros, and merge with IPSECLOG. 2019-06-12 22:23:50 +00:00
xform_ipip.c make DPRINTF use varyadic cpp macros, and merge with IPSECLOG. 2019-06-12 22:23:50 +00:00
xform_tcp.c make DPRINTF use varyadic cpp macros, and merge with IPSECLOG. 2019-06-12 22:23:50 +00:00
xform.h Introduce ah_authsiz, which computes the length of the ICV only. Use it in 2018-05-30 17:17:11 +00:00