From owner-freebsd-security@FreeBSD.ORG Mon Nov 17 20:31:17 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AD9B233B; Mon, 17 Nov 2014 20:31:17 +0000 (UTC) Received: from h2.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "funkthat.com", Issuer "funkthat.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 5C9F7FF; Mon, 17 Nov 2014 20:31:16 +0000 (UTC) Received: from h2.funkthat.com (localhost [127.0.0.1]) by h2.funkthat.com (8.14.3/8.14.3) with ESMTP id sAHKVE3f035398 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 17 Nov 2014 12:31:15 -0800 (PST) (envelope-from jmg@h2.funkthat.com) Received: (from jmg@localhost) by h2.funkthat.com (8.14.3/8.14.3/Submit) id sAHKVEJ2035397; Mon, 17 Nov 2014 12:31:14 -0800 (PST) (envelope-from jmg) Date: Mon, 17 Nov 2014 12:31:14 -0800 From: John-Mark Gurney To: "Andrey V. Elsukov" Subject: Re: CFR: AES-GCM and OpenCrypto work review Message-ID: <20141117203114.GQ24601@funkthat.com> Mail-Followup-To: "Andrey V. Elsukov" , freebsd-security@freebsd.org, current@freebsd.org References: <20141108042300.GA24601@funkthat.com> <54655257.8080705@yandex.ru> <54660389.9060409@yandex.ru> <20141114193911.GR24601@funkthat.com> <20141115024201.GW24601@funkthat.com> <546744B6.8040504@yandex.ru> <20141116061525.GG24601@funkthat.com> <546A3FB8.8080808@yandex.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <546A3FB8.8080808@yandex.ru> User-Agent: Mutt/1.4.2.3i X-Operating-System: FreeBSD 7.2-RELEASE i386 X-PGP-Fingerprint: 54BA 873B 6515 3F10 9E88 9322 9CB1 8F74 6D3F A396 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.2 (h2.funkthat.com [127.0.0.1]); Mon, 17 Nov 2014 12:31:15 -0800 (PST) Cc: freebsd-security@freebsd.org, current@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Nov 2014 20:31:17 -0000 Andrey V. Elsukov wrote this message on Mon, Nov 17, 2014 at 21:34 +0300: > On 16.11.2014 09:15, John-Mark Gurney wrote: > > Ok, I was able to reproduce the bug, and found that my optimization > > for single mbuf packets was broken... I've attached a new patch > > that has the fix... > > > > This patch also has added a lock around the aesni fpu context setting > > to deal w/ the issue that I had... > > > > Let me know how things are w/ this new patch. > > with this patch all works as expected. Just so you know, even tunnel mode w/ aesni on a clean HEAD can panic.. I just got a: panic: dummy ctx from the tunnel mode by having two machines ping -f'ing each other... This is a different form of the same panic I posted about earlier w/ the fpu context being reused for different threads... I plan on committing the patch w/o the mtx_lock as including the lock will significantly impact people who use geli... I am working on a fix for this w/ kib that will allow us to not allocate an fpu context and get things a little more stable, but there are other bugs that also need to be addressed before aesni is safe to use w/ IPsec... Thanks for testing! -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."