ipsec lookup speed up

2022-03-04 Thread Alexander Bluhm
Hi, When sending packets, we spend 2.2% doing IPsec lookups, even if no IPsec is configured. Serach for ipsp_spd_lookup here: http://bluhm.genua.de/perform/results/2022-03-03T23:17:19Z/2022-03-03T00%3A00%3A00Z/btrace/iperf3_-c10.3.45.35_-w1m_-t10-btrace-kstack.0.svg Usually we check

Re: multicast malloc

2022-03-04 Thread Vitaliy Makkoveev
ok mvs@ > On 4 Mar 2022, at 19:05, Alexander Bluhm wrote: > > Hi, > > in_addmulti() is only called from ioctl(2) or setsockopt(2). Wait > for malloc(9) to make the system call reliable. > > ok? > > bluhm > > Index: netinet/in.c >

multicast malloc

2022-03-04 Thread Alexander Bluhm
Hi, in_addmulti() is only called from ioctl(2) or setsockopt(2). Wait for malloc(9) to make the system call reliable. ok? bluhm Index: netinet/in.c === RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/in.c,v retrieving revision

Re: pcb init malloc

2022-03-04 Thread Vitaliy Makkoveev
ok mvs@ > On 4 Mar 2022, at 18:32, Alexander Bluhm wrote: > > Hi, > > in_pcbinit() is called during boot. There malloc(9) cannot fail. > If called with M_WAITOK it would panic otherwise. So this error > handling is needles. > > ok? > > bluhm > > Index: netinet/in_pcb.c >

pcb init malloc

2022-03-04 Thread Alexander Bluhm
Hi, in_pcbinit() is called during boot. There malloc(9) cannot fail. If called with M_WAITOK it would panic otherwise. So this error handling is needles. ok? bluhm Index: netinet/in_pcb.c === RCS file:

if_get NULL race arp, nd6, igmp

2022-03-04 Thread Alexander Bluhm
Hi, syzkaller has found this race in arp. https://syzkaller.appspot.com/bug?id=e3dc94533ddee95b6d69c2e7049360022f4190d3 The assumption of the code is that either the arp entry or the interface is removed. But in if_detach() if_remove() is called without net lock and all arp entries are removed

Re: typo in comment lib/libssl/ssl_ciph.c

2022-03-04 Thread Theo Buehler
On Fri, Mar 04, 2022 at 09:10:54AM +0100, Bjorn Ketelaars wrote: > Small typo in lib/libssl/ssl_ciph.c, `ssl_cipher_get_aead_evp` should > read `ssl_cipher_get_evp_aead`. > > OK? Sure, ok > > diff --git lib/libssl/ssl_ciph.c lib/libssl/ssl_ciph.c > index 13dcd905255..160a0dea8eb 100644 > ---

typo in comment lib/libssl/ssl_ciph.c

2022-03-04 Thread Bjorn Ketelaars
Small typo in lib/libssl/ssl_ciph.c, `ssl_cipher_get_aead_evp` should read `ssl_cipher_get_evp_aead`. OK? diff --git lib/libssl/ssl_ciph.c lib/libssl/ssl_ciph.c index 13dcd905255..160a0dea8eb 100644 --- lib/libssl/ssl_ciph.c +++ lib/libssl/ssl_ciph.c @@ -448,7 +448,7 @@ ssl_cipher_get_evp(const