rection) @@ -819,6 +821,8 @@ ktls_create_session(struct socket *so, struct tls_enable *en, arc4rand(tls->params.iv + 8, sizeof(uint64_t), 0); } + atomic_thread_fence_rel(); + tls->gen = atomic_fetchadd_64(&ktls_glob_gen, 1); *tlsp = tls; return (0); } @@ -861,6 +865,8 @@ ktls_clone_session(struct ktls_session *tls, int direction) memcpy(tls_new->params.cipher_key, tls->params.cipher_key, tls->params.cipher_key_len); + atomic_thread_fence_rel(); + tls_new->gen = atomic_fetchadd_64(&ktls_glob_gen, 1); return (tls_new); } @@ -1940,6 +1946,8 @@ ktls_destroy(struct ktls_session *tls) MPASS(tls->refcount == 0); + atomic_add_acq_64(&ktls_glob_gen, 1); + inp = tls->inp; if (tls->tx) { wlocked = INP_WLOCKED(inp); diff --git a/sys/sys/ktls.h b/sys/sys/ktls.h index 0e52d643fe3b..8dad53868686 100644 --- a/sys/sys/ktls.h +++ b/sys/sys/ktls.h @@ -206,9 +206,12 @@ struct ktls_session { /* Used to destroy any kTLS session */ struct task destroy_task; + + uint64_t gen; } __aligned(CACHE_LINE_SIZE); extern unsigned int ktls_ifnet_max_rexmit_pct; +extern uint64_t ktls_glob_gen; typedef enum { KTLS_MBUF_CRYPTO_ST_MIXED = 0, @@ -258,5 +261,11 @@ ktls_free(struct ktls_session *tls) ktls_destroy(tls); } +static inline bool +ktls_session_genvis(const struct ktls_session *ks, uint64_t gen) +{ + return (ks != NULL && ks->gen <= gen); +} + #endif /* !_KERNEL */ #endif /* !_SYS_KTLS_H_ */