Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
173,769 Commits 606 Branches 0 Tags 3.1 GiB
2f48b72832
Commit Graph

1127 Commits

Author SHA1 Message Date
adrianp
2f48b72832 Fix for CVE-2008-3530 from matt@ 
Implement improved checking for MTU values on ICMP 'Packet Too Big Messages'
 2008-10-03 08:23:06 +00:00
adrianp
93955a2e3d Fix from matt@ for malformed ICMPv6 MLD query (CVE-2008-2464). 2008-08-22 17:11:39 +00:00
matt
6c03151a48 Change KERNEL_LOCK_ONE (wrong name) to KERNEL_LOCK (the right name). 2008-08-21 15:34:10 +00:00
simonb
c5c6e8a42a Fix 8-spaces-vs-tab goop. 2008-08-20 22:58:42 +00:00
matt
34cedfb2bf Make the sysctl routines take out softnet_lock before dealing with 
any data structures.

Change inet6ctlerrmap and zeroin6_addr to const.
 2008-08-20 18:35:20 +00:00
plunky
fd7356a917 Convert socket options code to use a sockopt structure 
instead of laying everything into an mbuf.

approved by core
 2008-08-06 15:01:23 +00:00
matt
b89c8b7b61 Free the socket only after disposing of the PCB. 2008-08-04 06:47:52 +00:00
matt
a1469c2d6d Generalize previous fix so that both NS and NA packets are checked. 2008-07-31 18:24:07 +00:00
matt
fc3801b3c9 If a neighbor solictation isn't from the unspecified address, make sure 
that the source address matches one of the interfaces address prefixes.
 2008-07-31 18:01:36 +00:00
cegger
6e15fd7e81 remove undeclared caddr_t. makes i386 ALL kernel build again. 2008-06-27 09:16:21 +00:00
mlelstv
fa014c6383 Verify icmp type and code in IPSEC rules. 
Fixes PR kern/39018
 2008-06-27 05:18:58 +00:00
gmcgarry
4bb1ed1308 ioctl commands are unsigned long. ABI change to mrt6_ioctl() will affect 64-bit platforms. 2008-06-24 10:35:14 +00:00
dyoung
132e9baecf Cosmetic: join lines. 2008-05-22 22:25:05 +00:00
dyoung
a8ad22e5d9 Don't cast to void * unnecessarily. 2008-05-22 01:06:39 +00:00
dyoung
e47d9e31bc Cosmetic: don't cast NULL unnecessarily. 2008-05-22 01:05:38 +00:00
drochner
0a6f1919c0 protocol "drain" functions can be called in interrupt context, so 
don't acquire softnet_lock
approved by ad
 2008-05-21 17:08:07 +00:00
dyoung
9e7ef562d2 Simplify RT_DPRINTF() calls. 2008-05-15 01:33:28 +00:00
dyoung
ec34b3825c Change bzero() to memset(), non-overlapping bcopy() to memcpy(). 
Remove unnecessary casts to struct route *.
 2008-05-13 17:53:52 +00:00
dyoung
323b0fda0c Compare route with NULL instead of testing truth. Where applicable, 
s/0/NULL/.  s/u_char/uint8_t/.  Remove superfluous curly braces.
 2008-05-11 20:19:44 +00:00
bouyer
993c458b34 Sync with ipv4 icmp_input(): make sure the mbuf is writable and 
contains the entire icmp message befre calling icmp6_input().
should fix "panic: mbuf too short for IPv6 header" seen by several peoples.
 2008-05-07 11:28:37 +00:00
ad
2bbb14eaa4 Back out previous. It broke the build. 2008-05-05 13:41:29 +00:00
ad
b407147f14 Move zlib out of net/ and into kern/. It would probably be better to use 
the reachover Makefiles and libz, but this is already here and it works.
 2008-05-04 23:07:09 +00:00
thorpej
b129a80c20 Simplify the interface to netstat_sysctl() and allocate space for 
the collated counters using kmem_alloc().

PR kern/38577
 2008-05-04 07:22:14 +00:00
martin
ce099b4099 Remove clause 3 and 4 from TNF licenses 2008-04-28 20:22:51 +00:00
yamt
fb7535aecb udp6_init: fix a comment. 2008-04-28 15:01:39 +00:00
ad
15e29e981b Merge the socket locking patch: 
- Socket layer becomes MP safe.
- Unix protocols become MP safe.
- Allows protocol processing interrupts to safely block on locks.
- Fixes a number of race conditions.

With much feedback from matt@ and plunky@.
 2008-04-24 11:38:36 +00:00
thorpej
caf49ea572 Make IPSEC and FAST_IPSEC stats per-cpu. Use <net/net_stats.h> and 
netstat_sysctl().
 2008-04-23 06:09:04 +00:00
thorpej
33326077b1 Use <net/net_stats.h> / netstat_sysctl(). 2008-04-23 05:26:50 +00:00
thorpej
0e499be12d Make pim6 stats per-cpu. 2008-04-15 05:40:15 +00:00
thorpej
27c227fe6e Explicitly include <sys/percpu.h>. 2008-04-15 05:23:33 +00:00
thorpej
16497cdf28 Make raw6 stats per-cpu. 2008-04-15 05:13:37 +00:00
thorpej
c2da059bc6 Make udp6 stats per-cpu. 2008-04-15 04:43:25 +00:00
thorpej
0dd41b37de Make ip6 and icmp6 stats per-cpu. 2008-04-15 03:57:04 +00:00
thorpej
7ff8d08aae Make IP, TCP, UDP, and ICMP statistics per-CPU. The stats are collated 
when the user requests them via sysctl.
 2008-04-12 05:58:22 +00:00
thorpej
3f466bce48 Change IPv6 stats from a structure to an array of uint64_t's. 
Note: This is ABI-compatible with the old ip6stat structure; old netstat
binaries will continue to work properly.
 2008-04-08 23:37:43 +00:00
thorpej
aa8724ff7b Change ICMP6 stats from a structure to an array of uint64_t's. 
Note: This is ABI-compatible with the old icmp6stat structure; old netstat
binaries will continue to work properly.
 2008-04-08 15:04:35 +00:00
thorpej
88d65e9212 Change IP stats from a structure to an array of uint64_t's. 
Note: This is ABI-compatible with the old ipstat structure; old netstat
binaries will continue to work properly.
 2008-04-07 06:31:27 +00:00
xtraeme
cc926059e9 Make this build again after thorpej's changes to udpstat. 2008-04-06 23:36:43 +00:00
dyoung
4957795396 Use ip6_clearpktopts() to destroy the IPv6 PCB's in6p_outputopts, 
so that there's no chance of either leaking memory, or leaving
dangling pointers to a route cache.
 2008-03-20 20:32:00 +00:00
dyoung
ff82b311dd No code ever sets struct ip6_pktopts member ip6po_m, so get rid of 
it.
 2008-03-19 08:10:18 +00:00
yamt
b714b9dd42 in6_cksum: use IN6_IS_SCOPE_EMBEDDABLE. 2008-03-10 22:34:40 +00:00
yamt
15b5bc3e70 in6_cksum: avoid using -> operator and use (char *) arithmetics instead. 
reviewed by Joerg Sonnenberger.  he pointed out that the original code
was written that way so that the compiler will explicitly not assume that
the alignment of the data is correct.  although i don't know if it really
matters or not, being safer is not a problem.
 2008-03-10 22:29:13 +00:00
yamt
6ff0e4eec3 in6_cksum: constify 2008-03-09 22:05:50 +00:00
matt
58bb9f6508 Convert to ansi definitions from old-style definitons. 
Remember that func() is not ansi, func(void) is.
 2008-02-27 19:54:27 +00:00
matt
c939552209 Convert to ansi definitions from old-style definitons. 
Remember that func() is not ansi, func(void) is.
 2008-02-27 19:40:56 +00:00
joerg
862a285bde Explicitly predict panic conditions as false. 2008-02-12 13:05:55 +00:00
joerg
db0043926a Provide a simplified inplace version of in6_cksum. 
Tested by is@ on amd64.
 2008-02-12 13:02:24 +00:00
bjs
5fb9f423de ip_newid() -> ip_newid(NULL) due to Matt Thomas' commit some hours ago; 
The function now requires a pointer (to struct in_ifaddr) as an argument,
i.e. it is no longer ip_newid(void).

Fixes ipsec+inet6 kernel builds.
 2008-02-06 07:42:43 +00:00
joerg
6e869e402d Refactor in_cksum/in4_cksum/in6_cksum implementations: 
- All three functions are included in the kernel by default.
  They call a backend function cpu_in_cksum after possibly
  computing the checksum of the pseudo header.
- cpu_in_cksum is the core to implement the one-complement sum.
  The default implementation is moderate fast on most platforms
  and provides a 32bit accumulator with 16bit addends for L32 platforms
  and a 64bit accumulator with 32bit addends for L64 platforms.
  It handles edge cases like very large mbuf chains (could happen with
  native IPv6 in the future) and provides a good base for new native
  implementations.
- Modify i386 and amd64 assembly to use the new interface.

This disables the MD implementations on !x86 until the conversion is
done. For Alpha, the portable version is faster.
 2008-01-25 21:12:10 +00:00
dyoung
19dd9ed4a7 Use rtcache_validate() instead of rtcache_getrt(). Shorten staircase 
in in6_losing().
 2008-01-14 04:16:45 +00:00