Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/netipsec Make sequence number of esp header MP-safe for ...
details: https://anonhg.NetBSD.org/src/rev/41d07714b5cd
branches: trunk
changeset: 944627:41d07714b5cd
user: knakahara <knakahara%NetBSD.org@localhost>
date: Mon Oct 05 09:51:25 2020 +0000
description:
Make sequence number of esp header MP-safe for IPsec Tx side. reviewed by ozaki-r@n.o
In IPsec Tx side, one Security Association can be used by multiple CPUs.
On the other hand, in IPsec Rx side, one Security Association is used
by only one CPU.
XXX pullup-{8,9}
diffstat:
sys/netipsec/xform_esp.c | 11 ++++++-----
1 files changed, 6 insertions(+), 5 deletions(-)
diffs (34 lines):
diff -r de08e5490170 -r 41d07714b5cd sys/netipsec/xform_esp.c
--- a/sys/netipsec/xform_esp.c Mon Oct 05 09:16:53 2020 +0000
+++ b/sys/netipsec/xform_esp.c Mon Oct 05 09:51:25 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: xform_esp.c,v 1.100 2020/06/30 04:14:55 riastradh Exp $ */
+/* $NetBSD: xform_esp.c,v 1.101 2020/10/05 09:51:25 knakahara Exp $ */
/* $FreeBSD: xform_esp.c,v 1.2.2.1 2003/01/24 05:11:36 sam Exp $ */
/* $OpenBSD: ip_esp.c,v 1.69 2001/06/26 06:18:59 angelos Exp $ */
@@ -39,7 +39,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.100 2020/06/30 04:14:55 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: xform_esp.c,v 1.101 2020/10/05 09:51:25 knakahara Exp $");
#if defined(_KERNEL_OPT)
#include "opt_inet.h"
@@ -796,11 +796,12 @@
#ifdef IPSEC_DEBUG
/* Emulate replay attack when ipsec_replay is TRUE. */
- if (!ipsec_replay)
+ if (ipsec_replay)
+ replay = htonl(sav->replay->count);
+ else
#endif
- sav->replay->count++;
+ replay = htonl(atomic_inc_32_nv(&sav->replay->count));
- replay = htonl(sav->replay->count);
memcpy(mtod(mo,char *) + roff + sizeof(uint32_t), &replay,
sizeof(uint32_t));
}
Home |
Main Index |
Thread Index |
Old Index