IPSEC/crypto is broken in FreeBSD/powerpc 7.0-RELEASE!

Maxim Sobolev sobomax at sippysoft.com
Fri Sep 19 01:08:47 UTC 2008

Sorry for the delay. After applying the patch I see the following 
message in the verbose log:

Sep 18 23:42:33 sobomac kernel: nexus0: <cryptosoft>, type (unknown) (no 
driver attached)

Not sure if it's OK or not.

M. Warner Losh wrote:
> OK.  Digging deeper into this problem shows that sparc64 also appears
> to do the same things to the nexus bus children that powerpc does.
> There may be other nexus devices that do this, and rewriting them to
> conform to the x86 conventions would take a little bit of effort.
> I'm starting to think that the architecturally clean way to solve this
> issue is to allow children to ask if they have a fixed devclass or a
> wildcard one in newbus.  This is easy to implement, but as I typed
> this up, something inside me rebelled.  In this scenario, the newbus
> would grow a new function device_is_wildcard() that drivers could
> call.
> The other way to fix this is to return a better value from the probe
> routine for those devices that attach to the nexus.  A quick grep of
> the tree suggests that opencrypto is the only MI driver that uses this
> trick.  There are a few MD drivers that use it as well, but they are
> all well controlled.  Here's a quick hack.  If you want to test this
> out without changing newbus, change the cryptosoft.c probe routine to
> return (BUS_PROBE_HOOVER - 1) rather than zero.
> Comments?

Maksym Sobolyev
Sippy Software, Inc.
Internet Telephony (VoIP) Experts
T/F: +1-646-651-1110
Web: http://www.sippysoft.com

More information about the freebsd-current mailing list