CVSROOT: /cvs Module name: src Changes by: [email protected] 2018/04/21 20:59:03
Modified files:
sys/arch/amd64/amd64: aesni.c
Log message:
Add reference counting that prevents freeing of busy aesni sessions.
The early freeing has become possible because aesni_process() and
crypto_freesession() are no longer serialized by the kernel lock.
The flaw has caused kernel panics with IPsec traffic.
Issue seen by some, fix tested by mabi on bugs@
OK mikeb@, mpi@
