address an issue where consumers, like IPsec, can reuse the same

session in multiple threads w/o locking.. There was a single fpu context shared per session, if multiple threads were using the session, and both migrated away, they could corrupt each other's fpu context... This patch adds a per cpu context and a lock to protect it... It also tries to better address unloading of the aesni module... The pause will be removed once the OpenCrypto Framework provides a better method for draining callers into _newsession... I first discovered the fpu context sharing issue w/ a flood ping over an IPsec tunnel between two bhyve machines... The patch in D3015 was used to verify that this fix does fix the issue... Reviewed by: gnn, kib (both earlier versions) Differential Revision: https://reviews.freebsd.org/D3016
author: jmg <jmg@FreeBSD.org> 2015-07-08 19:15:29 +0000
committer: jmg <jmg@FreeBSD.org> 2015-07-08 19:15:29 +0000
commit: 1ca19e1938f79977617776d4a61b348691f6b52c (patch)
tree: 12e78210806cfb01216e3c6c0f60749c28888b36 /sys/crypto/aesni/aesni.h
parent: ba98a8a0694151c65040b4dbdc059501072cbbcf (diff)
download: FreeBSD-src-1ca19e1938f79977617776d4a61b348691f6b52c.zip
FreeBSD-src-1ca19e1938f79977617776d4a61b348691f6b52c.tar.gz
1 files changed, 0 insertions, 1 deletions
diff --git a/sys/crypto/aesni/aesni.h b/sys/crypto/aesni/aesni.h
index 2210f7f..0594176 100644
--- a/sys/crypto/aesni/aesni.h
+++ b/sys/crypto/aesni/aesni.h
@@ -64,7 +64,6 @@ struct aesni_session {
 	int used;
 	uint32_t id;
 	TAILQ_ENTRY(aesni_session) next;
-	struct fpu_kern_ctx *fpu_ctx;
 };
 
 /*
author	jmg <jmg@FreeBSD.org>	2015-07-08 19:15:29 +0000
committer	jmg <jmg@FreeBSD.org>	2015-07-08 19:15:29 +0000
commit	1ca19e1938f79977617776d4a61b348691f6b52c (patch)
tree	12e78210806cfb01216e3c6c0f60749c28888b36 /sys/crypto/aesni/aesni.h
parent	ba98a8a0694151c65040b4dbdc059501072cbbcf (diff)
download	FreeBSD-src-1ca19e1938f79977617776d4a61b348691f6b52c.zip FreeBSD-src-1ca19e1938f79977617776d4a61b348691f6b52c.tar.gz