artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d2c58a4) | patch
The crypto(9) framework used by IPsec runs on a kernel task that
authorbluhm <bluhm@openbsd.org>
Fri, 18 Jun 2021 15:34:21 +0000 (15:34 +0000)
committerbluhm <bluhm@openbsd.org>
Fri, 18 Jun 2021 15:34:21 +0000 (15:34 +0000)
commitb7be02dc3945b7da7398b50fcbe334c0c2f5ab24
tree868198a48c98133c0ee3c0195f190d5f29883cfftree | snapshot
parentd2c58a42a790ed7f6cb58f70754efa113c9822f3commit | diff
The crypto(9) framework used by IPsec runs on a kernel task that
is protected by kernel lock.  There were crashes in swcr_authenc()
when it was accessing swcr_sessions.  As a quick fix, protect all
calls from network stack to crypto with kernel lock.  This also
covers the rekeying case that is called from pfkey via tdb_init().
OK mvs@
sys/netinet/ip_ah.c diff | blob | history
sys/netinet/ip_esp.c diff | blob | history
sys/netinet/ip_ipcomp.c diff | blob | history
sys/netinet/ipsec_input.c diff | blob | history
sys/netinet/ipsec_output.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim