summaryrefslogtreecommitdiffstats
path: root/sys/netinet/ip_ipsp.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* spellingjsg2021-03-101-2/+2
| | | | ok gnezdo@ semarie@ mpi@
* Use pool to allocate tdbs.tobhe2021-02-231-3/+12
| | | | ok patrick@ bluhm@
* kernel: use gettime(9)/getuptime(9) in lieu of time_second(9)/time_uptime(9)cheloha2020-06-241-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | time_second(9) and time_uptime(9) are widely used in the kernel to quickly get the system UTC or system uptime as a time_t. However, time_t is 64-bit everywhere, so it is not generally safe to use them on 32-bit platforms: you have a split-read problem if your hardware cannot perform atomic 64-bit reads. This patch replaces time_second(9) with gettime(9), a safer successor interface, throughout the kernel. Similarly, time_uptime(9) is replaced with getuptime(9). There is a performance cost on 32-bit platforms in exchange for eliminating the split-read problem: instead of two register reads you now have a lockless read loop to pull the values from the timehands. This is really not *too* bad in the grand scheme of things, but compared to what we were doing before it is several times slower. There is no performance cost on 64-bit (__LP64__) platforms. With input from visa@, dlg@, and tedu@. Several bugs squashed by visa@. ok kettenis@
* Add support for autmatically moving traffic between rdomains on ipsec(4)tobhe2020-04-231-37/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | encryption or decryption. This allows us to keep plaintext and encrypted network traffic seperated and reduces the attack surface for network sidechannel attacks. The only way to reach the inner rdomain from outside is by successful decryption and integrity verification through the responsible Security Association (SA). The only way for internal traffic to get out is getting encrypted and moved through the outgoing SA. Multiple plaintext rdomains can share the same encrypted rdomain while the unencrypted packets are still kept seperate. The encrypted and unencrypted rdomains can have different default routes. The rdomains can be configured with the new SADB_X_EXT_RDOMAIN pfkey extension. Each SA (tdb) gets a new attribute 'tdb_rdomain_post'. If this differs from 'tdb_rdomain' then the packet is moved to 'tdb_rdomain_post' afer IPsec processing. Flows and outgoing IPsec SAs are installed in the plaintext rdomain, incoming IPsec SAs are installed in the encrypted rdomain. IPCOMP SAs are always installed in the plaintext rdomain. They can be viewed with 'route -T X exec ipsecctl -sa' where X is the rdomain ID. As the kernel does not create encX devices automatically when creating rdomains they have to be added by hand with ifconfig for IPsec to work in non-default rdomains. discussed with chris@ and kn@ ok markus@, patrick@
* unbreak the build without IPSEC.benno2019-05-111-1/+5
| | | | ok claudio@ deraadt@
* ipsec: use monotonic clock for SA creation/lookup timestamps; ok dlg@cheloha2018-10-221-2/+2
|
* Add per-TDB counters and a new SADB extension to export them tompi2018-08-281-1/+8
| | | | | | userland. Inputs from markus@, ok sthen@
* Introduce a tdb_reaper() function to prevent a use-after-free when ampi2018-05-191-40/+46
| | | | | | timeout is blocking on the NET_LOCK(). Issue reported by Harald Dunkel, ok visa@, bluhm@
* Fix kernel builds without IPSEC.reyk2018-05-161-1/+3
| | | | OK mikeb@
* Use %s and __func__ in DPRINTF() to reduce false positive with grep(1).mpi2017-11-061-2/+2
| | | | ok kettenis@, dhill@, visa@, jca@
* Last changes before running IPsec w/o KERNEL_LOCK().mpi2017-10-161-7/+22
| | | | | | | | | | Put more NET_ASSERT_LOCK() and document which globals it protects. Add a mutex for pfkeyv2 globals. Convert ipsp_delete_acquire() to timeout_set_proc(). Tested by Hrvoje Popovski, ok bluhm@ visa@
* Remove lie talking about splsoftclock().mpi2017-10-111-4/+1
|
* Remove NET_LOCK()'s argument.mpi2017-08-111-16/+11
| | | | Tested by Hrvoje Popovski, ok bluhm@
* Split a part of tdb_delete() into tdb_unlink() so that we can removepatrick2017-06-261-3/+11
| | | | | | | a TDB from the hash table without actually free()ing it. That way we can modify the TDB and then put it back in using puttdb(). ok claudio@
* The function name ip4_input() is confusing as it also handles IPv6bluhm2017-05-181-1/+2
| | | | | | | | | | packets. This is the IP in IP protocol input function, so call it ipip_input(). Rename the existing ipip_input() to ipip_input_gif() as it is the input function used by the gif interface. Pass the address family to make it consistent with pr_input. Use __func__ in debug print and panic messages. Move all ipip prototypes to the ip_ipip.h header file. OK dhill@ mpi@
* Replace remaining splsoftassert(IPL_SOFTNET) by NET_ASSERT_LOCKED().mpi2017-05-161-7/+7
| | | | ok visa@
* Convert the xformsw definition to C99 style initializer. Also fixbluhm2017-05-061-18/+51
| | | | | the function declaration of ipe4_input() and avoid a wrong cast. OK mikeb@ dhill@
* Expand SA_LEN(), there is no benefit for using the macro in thebluhm2017-05-051-10/+10
| | | | | kernel. It was only used in IPsec sources. No binary change OK deraadt@
* Get rid of recursive splsoftnet()/splx() dances and convert a timeout tompi2017-02-141-27/+18
| | | | | | the timeout_set_proc(9) variant to take the NET_LOCK(). ok mikeb@, bluhm@
* Introduce the NET_LOCK() a rwlock used to serialize accesses to the partsmpi2016-12-191-9/+9
| | | | | | | | | | | of the network stack that are not yet ready to be executed in parallel or where new sleeping points are not possible. This first pass replace all the entry points leading to ip_output(). This is done to not introduce new sleeping points when trying to acquire ART's write lock, needed when a new L2 entry is created via the RT_RESOLVE. Inputs from and ok bluhm@, ok dlg@
* TDB timers need a context process, so convert them to timeout_set_proc(9).mpi2016-11-151-5/+5
| | | | ok phessler@, bluhm@ as part of a larger diff
* Sprinkle splsoftnets in TDB timeout callbacks; ok bluhmmikeb2016-09-201-1/+13
|
* convert bcopy to memcpy. from david hill.tedu2016-09-191-3/+3
|
* move from RB macros to RBT functionsdlg2016-09-151-16/+18
| | | | shaves a bunch of bytes off kernels
* introduce ipsec-id bundles and use them for ipsecflowinfo,markus2015-05-231-42/+133
| | | | | fixes rekeying for l2tp/ipsec against multiple windows clients and saves memory (for many SAs to same peers); feedback and ok mikeb@
* Stubs and support code for NIC-enabled IPsec bite the dust.mikeb2015-04-171-31/+1
| | | | No objection from reyk@, OK markus, hshoexer
* Remove unused ipsp_parse_headers that was supposed to parse packetsmikeb2015-04-171-219/+1
| | | | returned by IPsec-enabled NICs; OK markus, hshoexer
* remove unfinished/unused support for socket-attached ipsec-policiesmarkus2015-04-161-81/+1
| | | | ok mikeb
* make ipsp_address thread safe; ok mpimikeb2015-04-141-16/+12
|
* Remove support for storing credentials and auth information in the kernel.mikeb2015-04-141-44/+11
| | | | | | | | | This code is largely unfinished and is not used for anything. The change leaves identities as only objects referenced by ipsec_ref structure and their handling requires some changes to support more advanced matching of IPsec connections. No objections from reyk and hshoexer, with and OK markus.
* Make filter argument to ipsp_aux_match optional like the rest of them.mikeb2015-04-131-2/+3
| | | | OK markus, hshoexer
* Rename gettdbbyaddr to gettdbbydst; OK markus, hshoexer, mpimikeb2015-04-131-23/+26
|
* Remove unused arguments from gettdb* functions; OK markus, hshoexer, mpimikeb2015-04-131-5/+4
|
* replace the guts of tdb_hash with SipHash24dlg2015-04-101-27/+11
| | | | tested by (including some statistical measurement) and ok mikeb@
* Remove some includes include-what-you-use claims don'tjsg2015-03-141-2/+1
| | | | | | | have any direct symbols used. Tested for indirect use by compiling amd64/i386/sparc64 kernels. ok tedu@ deraadt@
* Userland (base & ports) was adapted to always include <netinet/in.h>deraadt2015-01-241-9/+7
| | | | | | before <net/pfvar.h> or <net/if_pflog.h>. The kernel files can be cleaned up next. Some sockaddr_union steps make it into here as well. ok naddy
* unifdef INET in net code as a precursor to removing the pretend option.tedu2014-12-191-18/+1
| | | | | long live the one true internet. ok henning mikeb
* More malloc() -> mallocarray() in the kernel.doug2014-12-091-8/+8
| | | | ok deraadt@ tedu@
* move arc4random prototype to systm.h. more appropriate for most codetedu2014-11-181-2/+1
| | | | to include that than rdnvar.h. ok deraadt dlg
* remove uneeded proc.h includesjsg2014-09-141-2/+1
| | | | ok mpi@ kspillner@
* remove uneeded route.h includesjsg2014-09-081-2/+1
| | | | ok miod@ mpi@
* Fewer <netinet/in_systm.h> !mpi2014-07-221-2/+1
|
* add a size argument to free. will be used soon, but for now default to 0.tedu2014-07-121-6/+6
| | | | after discussions with beck deraadt kettenis.
* decouple struct uvmexp into a new file, so that uvm_extern.h and sysctl.hderaadt2014-07-081-2/+2
| | | | | don't need to be married. ok guenther miod beck jsing kettenis
* "struct pkthdr" holds a routing table ID, not a routing domain one.mpi2014-04-141-3/+3
| | | | | | | | | | | | | | Avoid the confusion by using an appropriate name for the variable. Note that since routing domain IDs are a subset of the set of routing table IDs, the following idiom is correct: rtableid = rdomain But to get the routing domain ID corresponding to a given routing table ID, you must call rtable_l2(9). claudio@ likes it, ok mikeb@
* bzero/bcmp -> memset/memcmp. ok matthewtedu2014-01-091-15/+15
|
* Replace most of our formating functions to convert IPv4/6 addresses frommpi2013-11-111-19/+13
| | | | | | | | network to presentation format to inet_ntop(). The few remaining functions will be soon converted. ok mikeb@, deraadt@ and moral support from henning@
* Remove the number of in6_var.h inclusions by moving some functions andmpi2013-10-241-2/+1
| | | | | | global variables to in6.h. ok deraadt@
* These functions are only used in debug code, so put them undermpi2013-07-041-1/+3
| | | | ifdef ENCDEBUG to make sure we don't use them elsewhere.
* Remove the extern keyword from function declarations, documentmpi2013-04-111-4/+1
| | | | | | | sysctl declarations, move variables and functions used in only one place in their corresponding file. No functional change. No objection from markus@, ok mikeb@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.