[src/netbsd-9]: src/sys/netipsec Pull up following revision(s) (requested by ...

[martin <martin%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/7643b1cbd5db
branches:  netbsd-9
changeset: 940504:7643b1cbd5db
user:      martin <martin%NetBSD.org@localhost>
date:      Thu Oct 08 17:49:03 2020 +0000

description:
Pull up following revision(s) (requested by knakahara in ticket #1103):

        sys/netipsec/xform_esp.c: revision 1.101

Make sequence number of esp header MP-safe for IPsec Tx side. reviewed by ozaki-r@n.o

In IPsec Tx side, one Security Association can be used by multiple CPUs.
On the other hand, in IPsec Rx side, one Security Association is used
by only one CPU.

XXX pullup-{8,9}

diffstat:

 sys/netipsec/xform_esp.c |  11 ++++++-----
 1 files changed, 6 insertions(+), 5 deletions(-)

diffs (34 lines):

diff -r 783727bce8e9 -r 7643b1cbd5db sys/netipsec/xform_esp.c
--- a/sys/netipsec/xform_esp.c  Thu Oct 08 16:53:57 2020 +0000
+++ b/sys/netipsec/xform_esp.c  Thu Oct 08 17:49:03 2020 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: xform_esp.c,v 1.98 2019/06/12 22:23:50 christos Exp $  */
+/*     $NetBSD: xform_esp.c,v 1.98.2.1 2020/10/08 17:49:03 martin Exp $        */
 /*     $FreeBSD: xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $   */
 /*     $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */
 
@@ -39,7 +39,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.98 2019/06/12 22:23:50 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.98.2.1 2020/10/08 17:49:03 martin Exp $");
 
 #if defined(_KERNEL_OPT)
 #include "opt_inet.h"
@@ -796,11 +796,12 @@
 
 #ifdef IPSEC_DEBUG
                /* Emulate replay attack when ipsec_replay is TRUE. */
-               if (!ipsec_replay)
+               if (ipsec_replay)
+                       replay = htonl(sav->replay->count);
+               else
 #endif
-                       sav->replay->count++;
+                       replay = htonl(atomic_inc_32_nv(&sav->replay->count));
 
-               replay = htonl(sav->replay->count);
                memcpy(mtod(mo,char *) + roff + sizeof(uint32_t), &replay,
                    sizeof(uint32_t));
        }