From 1ca19e1938f79977617776d4a61b348691f6b52c Mon Sep 17 00:00:00 2001 From: jmg Date: Wed, 8 Jul 2015 19:15:29 +0000 Subject: address an issue where consumers, like IPsec, can reuse the same session in multiple threads w/o locking.. There was a single fpu context shared per session, if multiple threads were using the session, and both migrated away, they could corrupt each other's fpu context... This patch adds a per cpu context and a lock to protect it... It also tries to better address unloading of the aesni module... The pause will be removed once the OpenCrypto Framework provides a better method for draining callers into _newsession... I first discovered the fpu context sharing issue w/ a flood ping over an IPsec tunnel between two bhyve machines... The patch in D3015 was used to verify that this fix does fix the issue... Reviewed by: gnn, kib (both earlier versions) Differential Revision: https://reviews.freebsd.org/D3016 --- sys/crypto/aesni/aesni.h | 1 - 1 file changed, 1 deletion(-) (limited to 'sys/crypto/aesni/aesni.h') diff --git a/sys/crypto/aesni/aesni.h b/sys/crypto/aesni/aesni.h index 2210f7f..0594176 100644 --- a/sys/crypto/aesni/aesni.h +++ b/sys/crypto/aesni/aesni.h @@ -64,7 +64,6 @@ struct aesni_session { int used; uint32_t id; TAILQ_ENTRY(aesni_session) next; - struct fpu_kern_ctx *fpu_ctx; }; /* -- cgit v1.1