Retire CRYPTO_F_MPSAFE it is no longer of any use. The crypto framework
no longer uses a callback and so there is no need to define the
callback as MPSAFE.
OK bluhm@

Shifting signed integers left by 31 is undefined behavior in C.
found by kubsan; joint work with tobhe@; OK miod@

Remove unused variables and assignments in ah and esp output.
found by clang 13; OK tobhe@

IPsec is not MP safe yet. To allow forwarding in parallel without
dirty hacks, it is better to protect IPsec input and output with
kernel lock. Not much is lost as crypto needs the kernel lock
anyw

IPsec is not MP safe yet. To allow forwarding in parallel without
dirty hacks, it is better to protect IPsec input and output with
kernel lock. Not much is lost as crypto needs the kernel lock
anyway. From here we can refine the lock later.
Note that there is no kernel lock in the SPD lockup path. Goal is
to keep that lock free to allow fast forwarding with non IPsec
traffic.
tested by Hrvoje Popovski; OK tobhe@

show more ...

Remove unused variable 'clen'.

ok bluhm@

Use per-CPU counters for tunnel descriptor block (TDB) statistics.
'tdb_data' struct became unused and was removed.

Tested by Hrvoje Popovski.
ok bluhm@

Protect the write access to the TDB flags field with a mutex per
TDB. Clearing the timeout flags just before pool put in tdb_free()
does not make sense. Move this to tdb_delete(). While there make

Protect the write access to the TDB flags field with a mutex per
TDB. Clearing the timeout flags just before pool put in tdb_free()
does not make sense. Move this to tdb_delete(). While there make
the parentheses in the flag check consistent.
tested by Hrvoje Popovski; OK tobhe@

show more ...

Add the new `ipsec_exctdb' ipsec(4) counter to count and expose to the
userland the TDBs which exceeded hard limit.

Also the `ipsec_notdb' counter description in header doesn't math to
netstat(1) de

Add the new `ipsec_exctdb' ipsec(4) counter to count and expose to the
userland the TDBs which exceeded hard limit.

Also the `ipsec_notdb' counter description in header doesn't math to
netstat(1) description. We never count `ipsec_notdb' and the netstat(1)
description looks more appropriate so it's used to avoid confusion with
the new counter.

ok bluhm@

show more ...

Do not call ip_deliver() recursively from IPsec. As there is no
crypto task anymore, it is possible to return the next protocol.
Then ip_deliver() will walk the header chain in its loop.
IPsec bridg

Do not call ip_deliver() recursively from IPsec. As there is no
crypto task anymore, it is possible to return the next protocol.
Then ip_deliver() will walk the header chain in its loop.
IPsec bridge(4) tested by jan@
OK mvs@ tobhe@ jan@

show more ...

Use plen consistently.

ok patrick@

The authenticator is removed elsewhere.

ok patrick@

Merge esp_input_cb() intp esp_input().

ok bluhm@

There are more m_pullup() in IPsec input. Pass down the pointer
to the mbuf to update it globally. At the end it will reach
ip_deliver() which expects a pointer to an mbuf.
OK sashan@

Remove 'struct tdb_crypto' allocations from esp_input() and esp_output().
This was needed to pass arguments to the callback function, but is no longer
necessary after the API makeover.

ok bluhm@

Remove crp_etype and return errors directly from crypto_invoke()

ok patrick@

Pass the error of the IPsec callback to the caller. The dropped
counter is handled there.
OK tobhe@

There is an m_pullup() down in AH input. As it may free or change
the mbuf, the callers must be careful. Although there is no bug,
use the common pattern to handle this. Pass down an mbuf pointer

There is an m_pullup() down in AH input. As it may free or change
the mbuf, the callers must be careful. Although there is no bug,
use the common pattern to handle this. Pass down an mbuf pointer
mp and let m_pullup() update the pointer in all callers.
It looks like the tcp signature functions should not be called.
Avoid an mbuf leak and return an error.
OK mvs@

show more ...

Retire asynchronous crypto API as it is no longer required by any driver and
adds unnecessary complexity. Dedicated crypto offloading devices are not common
anymore. Modern CPU crypto acceleration

Retire asynchronous crypto API as it is no longer required by any driver and
adds unnecessary complexity. Dedicated crypto offloading devices are not common
anymore. Modern CPU crypto acceleration works synchronously, eliminating the need
for callbacks.

Replace all occurrences of crypto_dispatch() with crypto_invoke(), which is
blocking and only returns after the operation has completed or an error occured.
Invoke callback functions directly from the consumer (e.g. IPsec, softraid)
instead of relying on the crypto driver to call crypto_done().

ok bluhm@ mvs@ patrick@

show more ...

Make error handling in IPsec consistent. Pass errors to the callers.
OK tobhe@

Remove code to run crypto operations in a task queue. The code was
not reachable because all callers had set the CRYPTO_F_NOQUEUE flag.

ok patrick@ mvs@ bluhm@

Remove duplicate variable ibytes, use plen instead.

ok bluhm@

The function crypto_dispatch() never returns an error. Make it
void and remove error handling in the callers.
OK patrick@ mvs@

The function ipip_output() was registered as .xf_output() xform
function. But was is never called via this pointer. It would have
immediatley crashed as mp is always NULL when called via .xf_output

The function ipip_output() was registered as .xf_output() xform
function. But was is never called via this pointer. It would have
immediatley crashed as mp is always NULL when called via .xf_output().
Do not set .xf_output to ipip_output. This allows to pass only the
parameters which are actually needed and the control flow is clearer.
OK mpi@

show more ...

Revert "Use per-CPU counters for tunnel descriptor block" diff.

Panic reported by Hrvoje Popovski.

Use per-CPU counters for tunnel descriptor block (tdb) statistics.
'tdb_data' struct became unused and was removed.

ok bluhm@