Commit Graph

313 Commits

Author SHA1 Message Date
dsl
e21a34c25e Add some pre-processor magic to verify that the type of the data item
passed to sysctl_createv() actually matches the declared type for
  the item itself.
In the places where the caller specifies a function and a structure
  address (typically the 'softc') an explicit (void *) cast is now needed.
Fixes bugs in sys/dev/acpi/asus_acpi.c sys/dev/bluetooth/bcsp.c
  sys/kern/vfs_bio.c sys/miscfs/syncfs/sync_subr.c and setting
  AcpiGbl_EnableAmlDebugObject.
(mostly passing the address of a uint64_t when typed as CTLTYPE_INT).
I've test built quite a few kernels, but there may be some unfixed MD
  fallout. Most likely passing &char[] to char *.
Also add CTLFLAG_UNSIGNED for unsiged decimals - not set yet.
2012-06-02 21:36:41 +00:00
christos
42c420856f - fix offsetof usage, and redundant defines
- kill pointer casts to 0
2011-12-31 20:41:58 +00:00
tls
3afd44cf08 First step of random number subsystem rework described in
<20111022023242.BA26F14A158@mail.netbsd.org>.  This change includes
the following:

	An initial cleanup and minor reorganization of the entropy pool
	code in sys/dev/rnd.c and sys/dev/rndpool.c.  Several bugs are
	fixed.  Some effort is made to accumulate entropy more quickly at
	boot time.

	A generic interface, "rndsink", is added, for stream generators to
	request that they be re-keyed with good quality entropy from the pool
	as soon as it is available.

	The arc4random()/arc4randbytes() implementation in libkern is
	adjusted to use the rndsink interface for rekeying, which helps
	address the problem of low-quality keys at boot time.

	An implementation of the FIPS 140-2 statistical tests for random
	number generator quality is provided (libkern/rngtest.c).  This
	is based on Greg Rose's implementation from Qualcomm.

	A new random stream generator, nist_ctr_drbg, is provided.  It is
	based on an implementation of the NIST SP800-90 CTR_DRBG by
	Henric Jungheim.  This generator users AES in a modified counter
	mode to generate a backtracking-resistant random stream.

	An abstraction layer, "cprng", is provided for in-kernel consumers
	of randomness.  The arc4random/arc4randbytes API is deprecated for
	in-kernel use.  It is replaced by "cprng_strong".  The current
	cprng_fast implementation wraps the existing arc4random
	implementation.  The current cprng_strong implementation wraps the
	new CTR_DRBG implementation.  Both interfaces are rekeyed from
	the entropy pool automatically at intervals justifiable from best
	current cryptographic practice.

	In some quick tests, cprng_fast() is about the same speed as
	the old arc4randbytes(), and cprng_strong() is about 20% faster
	than rnd_extract_data().  Performance is expected to improve.

	The AES code in src/crypto/rijndael is no longer an optional
	kernel component, as it is required by cprng_strong, which is
	not an optional kernel component.

	The entropy pool output is subjected to the rngtest tests at
	startup time; if it fails, the system will reboot.  There is
	approximately a 3/10000 chance of a false positive from these
	tests.  Entropy pool _input_ from hardware random numbers is
	subjected to the rngtest tests at attach time, as well as the
	FIPS continuous-output test, to detect bad or stuck hardware
	RNGs; if any are detected, they are detached, but the system
	continues to run.

	A problem with rndctl(8) is fixed -- datastructures with
	pointers in arrays are no longer passed to userspace (this
	was not a security problem, but rather a major issue for
	compat32).  A new kernel will require a new rndctl.

	The sysctl kern.arandom() and kern.urandom() nodes are hooked
	up to the new generators, but the /dev/*random pseudodevices
	are not, yet.

	Manual pages for the new kernel interfaces are forthcoming.
2011-11-19 22:51:18 +00:00
dyoung
2ed4138b61 Use atomic_ops(3) to increase/decrease node reference counts, just
like the upstream code did, because the current reference counting is
potentially racy.  This works fine in light testing.
2011-10-07 16:51:45 +00:00
joerg
3eb244d801 Retire varargs.h support. Move machine/stdarg.h logic into MI
sys/stdarg.h and expect compiler to provide proper builtins, defaulting
to the GCC interface. lint still has a special fallback.
Reduce abuse of _BSD_VA_LIST_ by defining __va_list by default and
derive va_list as required by standards.
2011-07-17 20:54:30 +00:00
christos
6793b1da06 Change i_len in ieee80211req to be unsigned and fix other signed/unsigned
issues. From Dan Rosenberg (drosenberg at vsecurity dot com).
2011-06-12 00:07:19 +00:00
drochner
4bd7f95161 -remove references to crypto/arc4/arc4.* -- the code isn't used
anywhere afaics
 (The confusion comes probably from use of arc4random() at various places,
  but this lives in libkern and doesn't share code with the former.)
-g/c non-implementation of arc4 encryption in swcrypto(4)
-remove special casing of ARC4 in crypto(4) -- the point is that it
 doesn't use an IV, and this fact is made explicit by the new "ivsize"
 property of xforms
2011-05-23 15:37:35 +00:00
drochner
786f64be87 make michael_mic() robust against degenerate mbuf layouts like
odd sizes in the middle of a chain
2011-04-03 10:04:32 +00:00
mbalmer
1571556be6 Fix misplaced parenthesis. From henning.petersen@t-online.de, thanks. 2011-04-02 08:11:31 +00:00
tron
89953a5ba8 Remove duplicate definitions which break the build. 2011-02-25 10:45:57 +00:00
cegger
bb30508062 fix botched line break. How did this even compile for me? 2011-02-25 08:04:18 +00:00
cegger
6d8192ac4c sync with FreeBSD rev 1.11. No binary changes. 2011-02-25 08:01:49 +00:00
jmcneill
bab42b3956 add ieee80211_get_rts and ieee80211_get_cts_to_self from openbsd, ok dyoung@ 2011-02-21 23:50:08 +00:00
christos
92607a7ba2 From: Anon Ymous
add a few constants so that if_otus.c compiles.
2010-11-03 20:05:21 +00:00
joerg
58e867556f Push the bpf_ops usage back into bpf.h. Push the common ifp->if_bpf
check into the inline functions as well the fourth argument for
bpf_attach.
2010-04-05 07:19:28 +00:00
dyoung
da20ddcdb7 Delete ieee80211_setbasicrates(). It's buggy, and we drivers can get
along fine without it.
2010-04-02 03:46:50 +00:00
dyoung
bfe5593bc2 In ieee80211_media_init(), change a pointer that we never write
through to a pointer to const.
2010-03-26 17:18:05 +00:00
pooka
b014350f7f Redefine bpf linkage through an always present op vector, i.e.
#if NBPFILTER is no longer required in the client.  This change
doesn't yet add support for loading bpf as a module, since drivers
can register before bpf is attached.  However, callers of bpf can
now be modularized.

Dynamically loadable bpf could probably be done fairly easily with
coordination from the stub driver and the real driver by registering
attachments in the stub before the real driver is loaded and doing
a handoff.  ... and I'm not going to ponder the depths of unload
here.

Tested with i386/MONOLITHIC, modified MONOLITHIC without bpf and rump.
2010-01-19 22:08:16 +00:00
pooka
64da563d90 Forward declare struct bpf_if and use that as the type for bpf_if
instead of "void *".  Buys us oo times the type-safety for 0 times
the price.
(no functional change)
2010-01-17 19:45:06 +00:00
rmind
993cb03302 Drop 3rd and 4th clauses from David Young's license.
Reviewed and approved by dyoung@ (copyright holder).
2009-10-19 23:19:37 +00:00
joerg
21268b3994 Fix ALTQ for bridge mode. Based on FreeBSD's revision 1.115.
Tested by roy@.
2009-09-02 22:03:08 +00:00
tsutsui
d779b85d3e Remove extra whitespace added by a stupid tool.
XXX: more in src/sys/arch
2009-04-18 14:58:02 +00:00
cegger
e2cb85904d bcopy -> memcpy 2009-03-18 17:06:41 +00:00
cegger
c363a9cb62 bzero -> memset 2009-03-18 16:00:08 +00:00
cegger
09b32df7ac Introduce ieee80211_setbasicrates().
Use it to set speed in ieee80211_ifattach().
Export new ieee80211_std_rateset_11{a,b,g}.

From OpenBSD.
2009-01-10 12:53:45 +00:00
yamt
b1fea83762 remove extra semicolons. 2009-01-03 03:43:21 +00:00
cegger
9b87d582bd kill MALLOC and FREE macros. 2008-12-17 20:51:31 +00:00
alc
a4c7f1185e Doh! What should have happened happens ...
Restore the check to see if the chip does MIC correctly when
WME is turned on. Btw, define IEEE80211_C_WME_TKIPMIC and fix build :/
2008-12-11 06:04:01 +00:00
ad
0efea177e3 Remove LKMs and switch to the module framework, pass 1.
Proposed on tech-kern@.
2008-11-12 12:35:50 +00:00
dyoung
de87fe677d *** Summary ***
When a link-layer address changes (e.g., ifconfig ex0 link
02🇩🇪ad:be:ef:02 active), send a gratuitous ARP and/or a Neighbor
Advertisement to update the network-/link-layer address bindings
on our LAN peers.

Refuse a change of ethernet address to the address 00:00:00:00:00:00
or to any multicast/broadcast address.  (Thanks matt@.)

Reorder ifnet ioctl operations so that driver ioctls may inherit
the functions of their "class"---ether_ioctl(), fddi_ioctl(), et
cetera---and the class ioctls may inherit from the generic ioctl,
ifioctl_common(), but both driver- and class-ioctls may override
the generic behavior.  Make network drivers share more code.

Distinguish a "factory" link-layer address from others for the
purposes of both protecting that address from deletion and computing
EUI64.

Return consistent, appropriate error codes from network drivers.

Improve readability.  KNF.

*** Details ***

In if_attach(), always initialize the interface ioctl routine,
ifnet->if_ioctl, if the driver has not already initialized it.
Delete if_ioctl == NULL tests everywhere else, because it cannot
happen.

In the ioctl routines of network interfaces, inherit common ioctl
behaviors by calling either ifioctl_common() or whichever ioctl
routine is appropriate for the class of interface---e.g., ether_ioctl()
for ethernets.

Stop (ab)using SIOCSIFADDR and start to use SIOCINITIFADDR.  In
the user->kernel interface, SIOCSIFADDR's argument was an ifreq,
but on the protocol->ifnet interface, SIOCSIFADDR's argument was
an ifaddr.  That was confusing, and it would work against me as I
make it possible for a network interface to overload most ioctls.
On the protocol->ifnet interface, replace SIOCSIFADDR with
SIOCINITIFADDR.  In ifioctl(), return EPERM if userland tries to
invoke SIOCINITIFADDR.

In ifioctl(), give the interface the first shot at handling most
interface ioctls, and give the protocol the second shot, instead
of the other way around. Finally, let compatibility code (COMPAT_OSOCK)
take a shot.

Pull device initialization out of switch statements under
SIOCINITIFADDR.  For example, pull ..._init() out of any switch
statement that looks like this:

        switch (...->sa_family) {
        case ...:
                ..._init();
                ...
                break;
        ...
        default:
                ..._init();
                ...
                break;
        }

Rewrite many if-else clauses that handle all permutations of IFF_UP
and IFF_RUNNING to use a switch statement,

        switch (x & (IFF_UP|IFF_RUNNING)) {
        case 0:
                ...
                break;
        case IFF_RUNNING:
                ...
                break;
        case IFF_UP:
                ...
                break;
        case IFF_UP|IFF_RUNNING:
                ...
                break;
        }

unifdef lots of code containing #ifdef FreeBSD, #ifdef NetBSD, and
#ifdef SIOCSIFMTU, especially in fwip(4) and in ndis(4).

In ipw(4), remove an if_set_sadl() call that is out of place.

In nfe(4), reuse the jumbo MTU logic in ether_ioctl().

Let ethernets register a callback for setting h/w state such as
promiscuous mode and the multicast filter in accord with a change
in the if_flags: ether_set_ifflags_cb() registers a callback that
returns ENETRESET if the caller should reset the ethernet by calling
if_init(), 0 on success, != 0 on failure.  Pull common code from
ex(4), gem(4), nfe(4), sip(4), tlp(4), vge(4) into ether_ioctl(),
and register if_flags callbacks for those drivers.

Return ENOTTY instead of EINVAL for inappropriate ioctls.  In
zyd(4), use ENXIO instead of ENOTTY to indicate that the device is
not any longer attached.

Add to if_set_sadl() a boolean 'factory' argument that indicates
whether a link-layer address was assigned by the factory or some
other source.  In a comment, recommend using the factory address
for generating an EUI64, and update in6_get_hw_ifid() to prefer a
factory address to any other link-layer address.

Add a routing message, RTM_LLINFO_UPD, that tells protocols to
update the binding of network-layer addresses to link-layer addresses.
Implement this message in IPv4 and IPv6 by sending a gratuitous
ARP or a neighbor advertisement, respectively.  Generate RTM_LLINFO_UPD
messages on a change of an interface's link-layer address.

In ether_ioctl(), do not let SIOCALIFADDR set a link-layer address
that is broadcast/multicast or equal to 00:00:00:00:00:00.

Make ether_ioctl() call ifioctl_common() to handle ioctls that it
does not understand.

In gif(4), initialize if_softc and use it, instead of assuming that
the gif_softc and ifp overlap.

Let ifioctl_common() handle SIOCGIFADDR.

Sprinkle rtcache_invariants(), which checks on DIAGNOSTIC kernels
that certain invariants on a struct route are satisfied.

In agr(4), rewrite agr_ioctl_filter() to be a bit more explicit
about the ioctls that we do not allow on an agr(4) member interface.

bzero -> memset.  Delete unnecessary casts to void *.  Use
sockaddr_in_init() and sockaddr_in6_init().  Compare pointers with
NULL instead of "testing truth".  Replace some instances of (type
*)0 with NULL.  Change some K&R prototypes to ANSI C, and join
lines.
2008-11-07 00:20:01 +00:00
dyoung
0703ab0f27 Fix typo: IEEE80211_DUR_DIFS -> IEEE80211_DUR_DS_DIFS. 2008-11-06 03:28:59 +00:00
gmcgarry
0de5da9678 Replace most gcc-specific __attribute__ uses with BSD-style sys/cdef.h
preprocessor macros.
2008-09-08 23:36:53 +00:00
drochner
e3a68e6148 replace ths previous fix with a simpler one by Sam Leffler - it doesn't
deal with odd lengths in the mbuf before the last one, but it is assumed
that these don't occur in practice
2008-08-26 12:25:39 +00:00
drochner
9d0ccb1f06 in michael_mic, handle the case where the last 4 bytes cross a mbuf
boundary, fixes connection drops with WPA aka TKIP on dumb
wireless adapters (tested with wpi)
2008-08-19 16:30:47 +00:00
christos
eda454c1f4 - trailing commas in enums
- arithmetic on enums needs cast
from Anon Ymous
2008-07-28 17:54:02 +00:00
gmcgarry
d2ed2a72ab Replace gcc-style designated initialisers with c99-style. 2008-06-24 10:33:46 +00:00
gmcgarry
43950e78ba Fix uses of #ifdef/#endif inside macro expansions. 2008-06-24 10:33:08 +00:00
dyoung
36a64e2edd Note a defect in 802.11 Duration field calculations. 2008-06-19 23:13:10 +00:00
christos
dda729b216 move TAILQ_FOREACH_SAFE -> sys/queue.h 2008-06-15 16:42:18 +00:00
mlelstv
8dbc8a3822 revert the broken DeMorgan-ification 2008-04-05 09:34:22 +00:00
skrll
5bee90fecc s/MUTEX_DRIVER/MUTEX_DEFAULT/
The only true NetBSD mutex type.
2008-02-13 16:04:03 +00:00
dyoung
cf2b2c7c4b Re-implement the net80211 locks using mutex(9) instead of splnet(9)
shenanigans.  This matches the FreeBSD implementation much more
closely, but performance may suffer.
2008-02-11 22:38:51 +00:00
dyoung
2ccede0a9c Start patching up the kernel so that a network driver always has
the opportunity to handle an ioctl before generic ifioctl handling
occurs.  This will ease extending the kernel and sharing of code
between drivers.

First steps:  Make the signature of ifioctl_common() match struct
ifinet->if_ioctl.  Convert SIOCSIFCAP and SIOCSIFMTU to the new
ifioctl() regime, throughout the kernel.
2008-02-07 01:21:52 +00:00
christos
3f5a745e04 fix 0 bssid problem on rejoin. From FreeBSD. 2008-01-31 22:07:22 +00:00
degroote
f8d4f721c1 Fix ieee80211_node leak
We can't use IF_PURGE here because m_pkthdr.rcvif have here a special meaning :
it holds ieee80211_node to which the management frame should be sent and the
node has its reference count bumped.

Introduce ieee80211_drain_ifq which release the node before freeing the mbuf.
Use it instead of IF_PURGE.

From DragonflyBSD
2008-01-13 13:01:12 +00:00
perry
b6a2ef7569 Convert many of the uses of __attribute__ to equivalent
__packed, __unused and __dead macros from cdefs.h
2007-12-25 18:33:32 +00:00
dyoung
36ed1d69c0 Use #ifdef _KERNEL to keep kernel-only definitions out of userland. 2007-12-22 00:51:07 +00:00
dyoung
d0630858ad Add IEEE80211_NODE_UNLOCK() to match the IEEE80211_NODE_LOCK() . 2007-12-20 20:56:18 +00:00
degroote
9fe6472fc5 Add support for the command list scan in ifconfig (this command permits to scan
access point in the neighbourhood).

Complete list of channel attributes and list of management information element
payload.

While here, use estrlcpy instead of strncpy.

From FreeBSD ifconfig and net80211
2007-12-16 13:49:21 +00:00
lukem
9d8f493213 use __KERNEL_RCSID() 2007-12-11 12:40:10 +00:00