On 01/04/2025 11:59, Sabrina Dubroca wrote:
2025-03-18, 02:40:44 +0100, Antonio Quartulli wrote:
+/* this swap is not atomic, but there will be a very short time frame where the
+ * old_secondary key won't be available. This should not be a big deal as most
+ * likely both peers are already usin
2025-03-18, 02:40:44 +0100, Antonio Quartulli wrote:
> +/* this swap is not atomic, but there will be a very short time frame where
> the
> + * old_secondary key won't be available. This should not be a big deal as
> most
> + * likely both peers are already using the new primary at this point.
>
On 26/03/2025 13:43, Qingfang Deng wrote:
On Wed, Mar 26, 2025 at 6:22 PM Antonio Quartulli wrote:
This is not what we want.
Got it. You could replace it with
atomic_fetch_add_unless(&pid->seq_num, 1, 0) and check if it wraps
around to zero.
What about the first time when seq_num is 0? It w
On Wed, Mar 26, 2025 at 6:22 PM Antonio Quartulli wrote:
> >> This is not what we want.
> >
> > Got it. You could replace it with
> > atomic_fetch_add_unless(&pid->seq_num, 1, 0) and check if it wraps
> > around to zero.
>
> What about the first time when seq_num is 0? It will already stop, no?
T
Hi Antonio,
On Wed, Mar 26, 2025 at 5:41 PM Antonio Quartulli wrote:
> >> +/* Get the next packet ID for xmit */
> >> +static inline int ovpn_pktid_xmit_next(struct ovpn_pktid_xmit *pid, u32
> >> *pktid)
> >> +{
> >> +const s64 seq_num = atomic64_fetch_add_unless(&pid->seq_num, 1,
> >> +
On 26/03/2025 11:03, Qingfang Deng wrote:
Hi Antonio,
On Wed, Mar 26, 2025 at 5:41 PM Antonio Quartulli wrote:
+/* Get the next packet ID for xmit */
+static inline int ovpn_pktid_xmit_next(struct ovpn_pktid_xmit *pid, u32 *pktid)
+{
+const s64 seq_num = atomic64_fetch_add_unless(&pid->seq
On 25/03/2025 03:07, Qingfang Deng wrote:
[...]
-static void ovpn_decrypt_post(struct sk_buff *skb, int ret)
+void ovpn_decrypt_post(void *data, int ret)
{
- struct ovpn_peer *peer = ovpn_skb_cb(skb)->peer;
+ struct ovpn_crypto_key_slot *ks;
+ unsigned int payload_offset = 0;
2025-03-24, 21:53:02 +0100, Antonio Quartulli wrote:
> On 24/03/2025 12:02, Sabrina Dubroca wrote:
> > 2025-03-18, 02:40:44 +0100, Antonio Quartulli wrote:
> > > +int ovpn_crypto_state_reset(struct ovpn_crypto_state *cs,
> > > + const struct ovpn_peer_key_reset *pkr)
> > > +{
>
Hi Antonio,
On Tue, 18 Mar 2025 02:40:44 +0100, Antonio Quartulli wrote:
>
> This change implements encryption/decryption and
> encapsulation/decapsulation of OpenVPN packets.
>
> Support for generic crypto state is added along with
> a wrapper for the AEAD crypto kernel API.
>
> Signed-off-by:
On 24/03/2025 12:02, Sabrina Dubroca wrote:
2025-03-18, 02:40:44 +0100, Antonio Quartulli wrote:
+int ovpn_crypto_state_reset(struct ovpn_crypto_state *cs,
+ const struct ovpn_peer_key_reset *pkr)
+{
+ struct ovpn_crypto_key_slot *old = NULL, *new;
+ u8 idx;
2025-03-18, 02:40:44 +0100, Antonio Quartulli wrote:
> +int ovpn_crypto_state_reset(struct ovpn_crypto_state *cs,
> + const struct ovpn_peer_key_reset *pkr)
> +{
> + struct ovpn_crypto_key_slot *old = NULL, *new;
> + u8 idx;
> +
> + if (pkr->slot != OVPN_KEY_SLOT
This change implements encryption/decryption and
encapsulation/decapsulation of OpenVPN packets.
Support for generic crypto state is added along with
a wrapper for the AEAD crypto kernel API.
Signed-off-by: Antonio Quartulli
---
drivers/net/Kconfig| 4 +
drivers/net/ovpn/Makefile
12 matches
Mail list logo
