diff options
author | jmg <jmg@FreeBSD.org> | 2015-07-08 19:15:29 +0000 |
---|---|---|
committer | jmg <jmg@FreeBSD.org> | 2015-07-08 19:15:29 +0000 |
commit | 1ca19e1938f79977617776d4a61b348691f6b52c (patch) | |
tree | 12e78210806cfb01216e3c6c0f60749c28888b36 /sys/crypto/aesni/aesni.h | |
parent | ba98a8a0694151c65040b4dbdc059501072cbbcf (diff) | |
download | FreeBSD-src-1ca19e1938f79977617776d4a61b348691f6b52c.zip FreeBSD-src-1ca19e1938f79977617776d4a61b348691f6b52c.tar.gz |
address an issue where consumers, like IPsec, can reuse the same
session in multiple threads w/o locking.. There was a single fpu
context shared per session, if multiple threads were using the session,
and both migrated away, they could corrupt each other's fpu context...
This patch adds a per cpu context and a lock to protect it...
It also tries to better address unloading of the aesni module...
The pause will be removed once the OpenCrypto Framework provides a
better method for draining callers into _newsession...
I first discovered the fpu context sharing issue w/ a flood ping over
an IPsec tunnel between two bhyve machines... The patch in D3015
was used to verify that this fix does fix the issue...
Reviewed by: gnn, kib (both earlier versions)
Differential Revision: https://reviews.freebsd.org/D3016
Diffstat (limited to 'sys/crypto/aesni/aesni.h')
-rw-r--r-- | sys/crypto/aesni/aesni.h | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/sys/crypto/aesni/aesni.h b/sys/crypto/aesni/aesni.h index 2210f7f..0594176 100644 --- a/sys/crypto/aesni/aesni.h +++ b/sys/crypto/aesni/aesni.h @@ -64,7 +64,6 @@ struct aesni_session { int used; uint32_t id; TAILQ_ENTRY(aesni_session) next; - struct fpu_kern_ctx *fpu_ctx; }; /* |