Commit Graph

1964 Commits

Author SHA1 Message Date
dyoung
462deb7ea8 In ifreq_setaddr(), use the right buffer sizes for compat v.
non-compat commands.
2007-10-11 20:47:27 +00:00
dyoung
c54777285d Delete dead code. 2007-10-10 22:14:38 +00:00
ad
46ed8f7d77 Use the softint API. 2007-10-08 16:18:02 +00:00
ad
451aacda90 Merge file descriptor locking, cwdi locking and cross-call changes
from the vmlocking branch.
2007-10-08 15:12:05 +00:00
dyoung
1dc4f12dca Change some ints to bools. 2007-10-06 03:35:14 +00:00
dyoung
2c54ff5913 Good-bye, kernel thread, we don't need you any longer. 2007-10-06 03:30:25 +00:00
martin
38e2704180 Add missing include for definition of struct evcnt. 2007-10-05 08:05:37 +00:00
dyoung
32fddb3293 Cosmetic: KNF. Litter the code with fewer #if NBPFILTER > 0. 2007-10-05 05:15:58 +00:00
dyoung
944a024048 Remove a lot of dead code. Move gre_do_send() code into greintr(),
and move gre_do_recv() code into gre_receive().  Get rid of some
unused event counters.
2007-10-05 04:55:10 +00:00
dyoung
60149b1ce8 Work in progress: use a raw socket for GRE in IP encapsulation
instead of adding/subtracting our own IPv4 header.

There are many benefits:  gre(4) needn't grok the outer encapsulation
header any longer, so this simplifies the gre(4) code.  The IP
stack needn't grok GRE, so it is simplified, too.  gre(4) will
benefit from optimizations in the socket code.  Eventually, gre(4)
will gain an IPv6 encapsulation with very few new lines of code.

There is a small performance loss.  A 133 MHz, 486-class AMD Elan
sinks/sources a TCP stream over GRE with about 93% the throughput
of the old code.  TCP throughput on a 266 MHz, 586-class AMD Geode
is about 96% the throughput of the old code.  A 175-MHz ADM5120
(MIPS) only sinks a TCP stream over GRE at about 90% of the old
code; I am still investigating that.

I produced stripped-down versions of sosend() and soreceive() for
gre(4) to use.  They are guaranteed not to block, so they can be
called from a software interrupt and from a socket upcall,
respectively.

A kernel thread is no longer necessary for socket transmit/receive,
but I didn't get around to removing it, yet.

Thanks to Matt Thomas for suggesting the use of stripped-down socket
code and software interrupts, and to Andrew Doran for advice and
answers concerning software interrupts, threads, and performance.
2007-10-05 03:28:12 +00:00
scw
851609250e s/NPBFILTER/NBPFILTER/
Compile-tested only.
2007-09-29 18:44:51 +00:00
dyoung
43390716bc Constify sockaddr argument to ether_multiaddr(). Change struct
ifreq * arguments to ether_addmulti() and ether_delmulti() to const
struct sockaddr *, since ether_{add,del}multi() only ever read the
sockaddr ifreq member, ifr_addr.  Update uses in carp(4) and in
vlan(4).
2007-09-19 05:25:33 +00:00
dyoung
306b542543 Save some lines of code, use sockaddr_dup(), sockaddr_free(),
sockaddr_cmp().  No functional change intended.

Bug fix: pass M_WAITOK, not M_WAIT, to malloc(9).
2007-09-16 18:09:51 +00:00
dyoung
2d2c83df85 KNF: use tabs instead of spaces. 2007-09-16 02:23:29 +00:00
dyoung
b0dad91e16 Use sockaddr_dup() and sockaddr_free(). 2007-09-16 02:19:44 +00:00
dyoung
d34212ed04 Move the LIST_HEAD() definition below etherip_softc's definition.
Somehow having it above interfered with ctags(1) producing a tag
for etherip_softc.

Remove the sole member of the union etherip_softc.sc_scr; call it
sc_ro.  Delete the union.  Delete the #define for sc_ro.  The union
was a holdover from days before the route caches were unified.
2007-09-16 02:15:54 +00:00
gdt
2f4541505a Add a define for the ifru_space union member.
Copy the entire sockaddr to the buffer to be written to user space,
according to its length, not just the part that fits in struct
sockaddr.

This fixes the 'bad MAC address' problem in dhclient.
2007-09-13 18:54:57 +00:00
gdt
aebe6f5793 Fix bug in SIOCGIFCONF where the wrong length was calculated for
sockaddrs bigger than struct sockaddr.  Tightly bind decrementing
available space and using it, avoiding incorrect accounting in an
error case.  Document invariants.  Document calling convention for
SIOCGIFCONF.  Simplify by removing code to handle sockaddrs that don't
fit in struct ifreq; with sockaddr_storage this can no longer occur.
Add several KASSERTs.

This commit resolves the problem with racoon failing to list
interfaces.

Proposed on tech-net@ with no objections.
2007-09-11 19:31:22 +00:00
cube
c725329722 Remove 3rd clause and my name from all the licences which were only in my
name.
2007-09-10 10:35:51 +00:00
martin
90ef42f1bb Print the access concentrator name when a session is established.
This seems to be usefull to identify peers with known broken firmware
(e.g. that can only do IPv4 reliably).
2007-09-09 09:58:55 +00:00
dyoung
7cf94b5474 Rename gre_socreate1() -> gre_socreate(). 2007-09-08 04:34:02 +00:00
dyoung
88399b6877 We cannot sleep in a software interrupt, so do not sockaddr_dl_alloc(...,
M_WAITOK).  Instead, sockaddr_dl_init() a sockaddr_dl on the stack.
2007-09-02 19:42:21 +00:00
dyoung
da055795a8 Delete unused variable. 2007-09-02 07:03:22 +00:00
dyoung
c87aad4f08 Simplify code, add debug statements, and fix a bug that could
soclose() a UDP socket that a struct file still pointed at.
2007-09-02 07:01:41 +00:00
dyoung
76b1df3703 Get rid of struct oifreq/ifreq compat code, because ifioctl() has
taken care of this for us.
2007-09-02 01:50:58 +00:00
dyoung
0af5ef16d6 Be consistent: use the prefix sc_ for all members of the gre_softc. 2007-09-02 01:49:49 +00:00
dyoung
36a3794513 Protect userland from ifreq_getaddr() w/ #ifdef _KERNEL. 2007-09-02 00:24:18 +00:00
dyoung
064ec1416f token_addmulti and token_delmulti are never used in the kernel, so
delete them.
2007-09-01 07:41:22 +00:00
dyoung
c66d2e7604 fddi_addmulti and fddi_delmulti are never used in the kernel, so
delete them.
2007-09-01 07:40:53 +00:00
dyoung
9bee2cd7f1 Fix compilation if !defined(INET6). Thanks, Geoff Wing, for the
bug report & patch.
2007-09-01 07:03:32 +00:00
dyoung
2fc102750d Use ifreq_setaddr(), ifreq_getaddr(), sockaddr_in_init(), and
sockaddr_copy().  Constify.  Compare pointers with NULL, not 0.
Don't "test truth" of pointers, but compare with NULL.
2007-09-01 04:32:50 +00:00
dyoung
aade2db1a7 Use ifreq_getaddr(). Pass a sockaddr instead of ifreq where sockaddr
will suffice.
2007-09-01 03:07:24 +00:00
dyoung
7e6b3f4292 Per discussion in 30 May 2007 on tech-net, add accessors for
ifreq->ifr_addr, ifreq_getaddr() and ifreq_setaddr().
2007-08-31 21:02:15 +00:00
dyoung
e44b703953 Move sc_fp & sc_newfp from struct gre_softc to struct gre_soparm. 2007-08-30 05:54:07 +00:00
dyoung
7ac92eed2a Remove out-of-date debug message and comment. 2007-08-30 05:14:32 +00:00
dyoung
f562a76244 Cosmetic: remove an out-of-place comma in a comment. 2007-08-30 05:01:30 +00:00
dyoung
17038010cb Do not hold the mutex as much in gre_thread1(). Move initial mutex
acquisition and final release out into gre_thread().  This will
fix a locking bug that LOCKDEBUG exposed: holding a spinlock over
an sosend() call is a no-no.

Cosmetic: join some lines, remove some unnecessary curly braces.
2007-08-30 04:58:25 +00:00
dyoung
a7ae782635 Make rtcache() and rtflush() block IPL_NET while they add/remove
a route from the cached routes list, so that the list won't change
out from under them.
2007-08-30 02:22:29 +00:00
dyoung
b3fc296326 Use malloc(9) for sockaddrs instead of pool(9), and remove dom_sa_pool
and dom_sa_len members from struct domain.  Pools of fixed-size
objects are too rigid for sockaddr_dls, whose size can vary over
a wide range.

Return sockaddr_dl to its "historical" size.  Now that I'm using
malloc(9) instead of pool(9) to allocate sockaddr_dl, I can create
a sockaddr_dl of any size in the kernel, so expanding sockaddr_dl
is useless.

Avoid using sizeof(struct sockaddr_dl) in the kernel.

Introduce sockaddr_dl_alloc() for allocating & initializing an
arbitrary sockaddr_dl on the heap.

Add an argument, the sockaddr length, to sockaddr_alloc(),
sockaddr_copy(), and sockaddr_dl_setaddr().

Constify: LLADDR() -> CLLADDR().

Where the kernel overwrites LLADDR(), use sockaddr_dl_setaddr(),
instead.  Used properly, sockaddr_dl_setaddr() will not overrun
the end of the sockaddr.
2007-08-30 02:17:34 +00:00
dyoung
b4ed197c2d LLADDR -> CLLADDR. 2007-08-27 14:59:11 +00:00
dyoung
d93512cce5 Remove dead code. 2007-08-27 14:57:47 +00:00
dyoung
ae7a571b06 Add a new routing message type, RTM_SETGATE. We can use an
RTM_SETGATE message to ask the link layer to fill in the link-layer
nexthop before we try to detect a duplicate route in a multipath-capable
kernel.
2007-08-27 00:34:01 +00:00
dyoung
5204966a96 Constify: LLADDR -> CLLADDR. I'm aiming here to make it easier to
identify sockaddr_dl abuse that remains in the kernel, especially
the potential for overwriting memory past the end of a sockaddr_dl
with, e.g., memcpy(LLADDR(), ...).

Use sockaddr_dl_setaddr() in a few places.
2007-08-26 22:59:08 +00:00
dyoung
e7e5e02759 Overhaul gre(4), especially the GRE in UDP bits:
* Create the kernel thread in gre_clone_create() instead of trying
  to create it in gre_ioctl().  (Thanks ad@ for suggesting it, and
  pointing out that I can't kthread_create while I hold a spin
  lock.)  Run the thread always, but put it to sleep while the
  gre(4) is not in UDP mode.

* Use sockaddr_in_init().

* Move some thread state off of the stack and into the softc.

* Extract subroutines gre_do_recv(), gre_do_send(), and gre_reconf()
  from gre_thread1(), making the code more readable.
2007-08-24 23:38:31 +00:00
skd
d4509b0376 Clean up net compat ioctls, and clean up handling of wireless ioctls. 2007-08-20 04:49:40 +00:00
joerg
b2dde09db1 Explicitly assert that the protocol out pr_ctloutput before calling it. 2007-08-14 16:03:48 +00:00
seanb
7a700a611e - Check IFF_RUNNING | IFF_UP in gre_output() correctly. 2007-08-14 13:36:50 +00:00
dyoung
3aa180f03a As a stopgap measure to avoid dependency on net/if.h, don't use
IFNAMSIZ.
2007-08-07 04:59:46 +00:00
dyoung
97ecf3fcfd Constify. bcopy -> memcpy. 2007-08-07 04:41:46 +00:00
dyoung
9ca94f6e09 Use satocsdl() instead of SDL(). 2007-08-07 04:41:15 +00:00
dyoung
846a5ed688 Use satocsdl() instead of SDL(). bcopy -> memcpy. 2007-08-07 04:39:34 +00:00
dyoung
e3b7db6399 Constify. 2007-08-07 04:37:44 +00:00
dyoung
59d43281b6 Use sockaddr_dl_measure() and sockaddr_dl_init(). Erase unnecessary
cast.
2007-08-07 04:27:44 +00:00
dyoung
1cf606d23a In if_alloc_sadl(), use sockaddr_dl_init() and satocsdl(). Introduce
variable 'mask' for the netmask, and use it instead of assigning
to 'sdl' twice.

In ifa_ifwithnet(), use satocsdl().
2007-08-07 04:14:37 +00:00
dyoung
04d14f227e Lengthen sockaddr_dl so that a 16-byte FireWire address will fit
into sdl_data[].

Move the macro satocsdl() to net/if_dl.h, and introduce satosdl().

Add some helpers for initializing sockaddr_dl (sockaddr_dl_init),
for finding out the length to put in a sockaddr_dl's sdl_len member
(sockaddr_dl_measure), and for setting the link-layer address in
a sockaddr_dl to a new value (sockaddr_dl_setaddr).

Make sockaddr_copy() panic if the caller tries to copy a sockaddr
to a destination where it will not fit.
2007-08-07 04:06:20 +00:00
yamt
cf51ee04a5 don't forget to maintain ama_addrs. reported by Coverity via Arnaud Lacombe. 2007-08-02 12:37:47 +00:00
yamt
5e1e651c3e agrport_mc_del_callback: s/SIOCADDMULTI/SIOCDELMULTI/ 2007-08-02 12:34:23 +00:00
dyoung
edc2327d04 Cosmetic: remove superfluous parentheses. Compare pointers with
NULL instead of testing "truth."  Remove unnecessary casts to void*
in memset() calls.
2007-07-21 03:12:10 +00:00
dyoung
49412ed4f9 Use NULL instead of 0 for null pointers. 2007-07-21 02:24:11 +00:00
dyoung
08e6f22226 Take steps to hide the radix_node implementation of the forwarding table
from the forwarding table's users:

        Introduce rt_walktree() for walking the routing table and
        applying a function to each rtentry.  Replace most
        rn_walktree() calls with it.

        Use rt_getkey()/rt_setkey() to get/set a route's destination.
        Keep a pointer to the sockaddr key in the rtentry, so that
        rtentry users do not have to grovel in the radix_node for
        the key.

        Add a RTM_GET method to rtrequest.  Use that instead of
        radix_node lookups in, e.g., carp(4).

Add sys/net/link_proto.c, which supplies sockaddr routines for
link-layer socket addresses (sockaddr_dl).

Cosmetic:

        Constify.  KNF.  Stop open-coding LIST_FOREACH, TAILQ_FOREACH,
        et cetera.  Use NULL instead of 0 for null pointers.  Use
        __arraycount().  Reduce gratuitous parenthesization.

        Stop using variadic arguments for rip6_output(), it is
        unnecessary.

        Remove the unnecessary rtentry member rt_genmask and the
        code to maintain it, since nothing actually used it.

        Make rt_maskedcopy() easier to read by using meaningful variable
        names.

        Extract a subroutine intern_netmask() for looking up a netmask in
        the masks table.

        Start converting backslash-ridden IPv6 macros in
        sys/netinet6/in6_var.h into inline subroutines that one
        can read without special eyeglasses.

One functional change: when the kernel serves an RTM_GET, RTM_LOCK,
or RTM_CHANGE request, it applies the netmask (if supplied) to a
destination before searching for it in the forwarding table.

I have changed sys/netinet/ip_carp.c, carp_setroute(), to remove
the unlawful radix_node knowledge.

Apart from the changes to carp(4), netiso, ATM, and strip(4), I
have run the changes on three nodes in my wireless routing testbed,
which involves IPv4 + IPv6 dynamic routing acrobatics, and it's
working beautifully so far.
2007-07-19 20:48:52 +00:00
ad
bba99c25aa Generic soft interrupts are mandatory. 2007-07-14 21:02:36 +00:00
dyoung
690f9353c0 Cosmetic: KNF. Shorten a staircase. 2007-07-12 04:28:59 +00:00
xtraeme
746fb9e8e8 Replace a simple lock with a mutex and make it static (as it's only used
on this file). Ok by ad@.
2007-07-11 21:26:53 +00:00
dyoung
911c7b0317 Cosmetic: KNF. 2007-07-11 00:53:14 +00:00
ad
88ab7da936 Merge some of the less invasive changes from the vmlocking branch:
- kthread, callout, devsw API changes
- select()/poll() improvements
- miscellaneous MT safety improvements
2007-07-09 20:51:58 +00:00
scw
2346befecc If the underlying link's MTU is less than PP_MTU (e.g. PPPoE), set our
MRU to the link's MTU and initiate an MRU negotiation with the peer.

This is useful when the PPP session is bridged from Ethernet to ATM
by an ADSL modem (such as the Linksys AM200). Unless we negotiate the
lower MRU, the peer is unaware that 1500-byte packets will not make
it umolested across the link (the Linksys AM200 silently truncates them
to 1498 bytes, creating a nice PMTU blackhole).

Note that the PPP RFC says peers MUST accept 1500 byte packets,
regardless of the negotiated MRU, so most ISPs which use PPPoA will
probably still send 1500-byte packets. However, I persuaded my ISP
(Andrews and Arnold) to modify their software to generate an ICMP error
"fragment needed" for packets with IP.DF set which are larger than the
negotiated MRU. They will still forward non-IP.DF packets, with the
associated truncation, but at least my PMTU troubles have gone.
2007-06-23 08:45:25 +00:00
dyoung
cb3da2abc3 Remove unnecessary __UNCONST(). 2007-06-13 05:08:02 +00:00
dyoung
95edb940c2 Get rid of radix_node_head.rnh_walktree, because it is only ever
set to rn_walktree.

Introduce rt_walktree(), which applies a subroutine to every route
in a particular address family.  Use it instead of rn_walktree()
virtually everywhere.  This helps to hide the routing table
implementation.
2007-06-09 03:07:21 +00:00
christos
89734304c6 - fix unused variable when none of the compat options are defined.
- remove debugging
2007-06-01 15:41:15 +00:00
enami
723ff30abc Fix some bugs in ifconf():
- maintain space left correctly.  the pointer is advanced by the size
  of struct ifreq when length of address is small.
- single sizeof operator is enough to take the size of struct.
- the type of `sz' must be singed type since it is/was compared against to
  the variable which may become negative.
- no need to traverse rest of interfaces once we got an error.  note that
  the latter `break' statement was inside inner loop.
2007-06-01 09:35:47 +00:00
christos
f6ca3502bf provide the minimum ifreq size (when sockaddr is empty) 2007-05-31 02:56:50 +00:00
christos
d81aadc176 Move the nasty ifdefs in one place. Requested by ad and dyoung. 2007-05-30 21:02:02 +00:00
christos
781021f65e fix unused variable. 2007-05-29 23:32:41 +00:00
xtraeme
967c5e0168 Initialize oifr to fix build with COMPAT_40. 2007-05-29 22:05:01 +00:00
christos
20bfd9898e Add a sockaddr_storage member to "struct ifreq" maintaining backwards
compatibility with the older ioctls. This avoids stack smashing and
abuse of "struct sockaddr" when ioctls placed "struct sockaddr_foo's" that
were longer than "struct sockaddr".
XXX: Some of the emulations might be broken; I tried to add code for
them but I did not test them.
2007-05-29 21:32:27 +00:00
yamt
a5e5b20e90 use mutex. 2007-05-20 07:57:03 +00:00
christos
885ed2ab13 return POLLERR instead of ENXIO since we are expecting an revents mask not
an errno.
2007-05-17 18:01:57 +00:00
dyoung
752b247e01 Cosmetic: make the macro 'equal' into an inline subroutine, bcmp
-> memcmp, bcopy -> memcpy, 0 -> NULL, shorten staircases, remove
needless cast to int.
2007-05-06 06:21:26 +00:00
dyoung
d9b62cfaed Switch from spl(9) to mutex(9) and condvar(9).
Fix a defect in the locking of file descriptors as we delegate a
UDP socket from userland to the kernel.  Move sc_fp out of sc_soparm.
Synchronize access to sc_fp by gre_ioctl() and the kernel thread
using a condition variable.  For simplicity's sake, make it the
kernel helper thread's responsibility to close its UDP socket.
2007-05-06 02:47:52 +00:00
dyoung
680f00f8b5 Factor rtcache_lookup2() out of rtcache_lookup1(), for re-use in
the IPv6 stack.  rtcache_lookup2() takes an int * argument that it
writes with 1 if we had a cache 'hit', 0 if there was a cache
'miss'.
2007-05-06 02:17:54 +00:00
dyoung
f650cb5d03 Free the route cache after detaching the interface w/ if_detach()
instead of before, because if_detach() may cause the cache to be
reloaded.  (I already fixed this in both etherip(4) and gre(4).
Ewww, rampant code duplication.)
2007-05-06 02:15:34 +00:00
yamt
3c8e37e03e agrether_hashmbuf: feed ipv6 flowlabel to hash calculation. 2007-05-05 18:23:23 +00:00
dyoung
72f0a6dfb0 Eliminate address family-specific route caches (struct route, struct
route_in6, struct route_iso), replacing all caches with a struct
route.

The principle benefit of this change is that all of the protocol
families can benefit from route cache-invalidation, which is
necessary for correct routing.  Route-cache invalidation fixes an
ancient PR, kern/3508, at long last; it fixes various other PRs,
also.

Discussions with and ideas from Joerg Sonnenberger influenced this
work tremendously.  Of course, all design oversights and bugs are
mine.

DETAILS

1 I added to each address family a pool of sockaddrs.  I have
  introduced routines for allocating, copying, and duplicating,
  and freeing sockaddrs:

        struct sockaddr *sockaddr_alloc(sa_family_t af, int flags);
        struct sockaddr *sockaddr_copy(struct sockaddr *dst,
                                       const struct sockaddr *src);
        struct sockaddr *sockaddr_dup(const struct sockaddr *src, int flags);
        void sockaddr_free(struct sockaddr *sa);

  sockaddr_alloc() returns either a sockaddr from the pool belonging
  to the specified family, or NULL if the pool is exhausted.  The
  returned sockaddr has the right size for that family; sa_family
  and sa_len fields are initialized to the family and sockaddr
  length---e.g., sa_family = AF_INET and sa_len = sizeof(struct
  sockaddr_in).  sockaddr_free() puts the given sockaddr back into
  its family's pool.

  sockaddr_dup() and sockaddr_copy() work analogously to strdup()
  and strcpy(), respectively.  sockaddr_copy() KASSERTs that the
  family of the destination and source sockaddrs are alike.

  The 'flags' argumet for sockaddr_alloc() and sockaddr_dup() is
  passed directly to pool_get(9).

2 I added routines for initializing sockaddrs in each address
  family, sockaddr_in_init(), sockaddr_in6_init(), sockaddr_iso_init(),
  etc.  They are fairly self-explanatory.

3 structs route_in6 and route_iso are no more.  All protocol families
  use struct route.  I have changed the route cache, 'struct route',
  so that it does not contain storage space for a sockaddr.  Instead,
  struct route points to a sockaddr coming from the pool the sockaddr
  belongs to.  I added a new method to struct route, rtcache_setdst(),
  for setting the cache destination:

        int rtcache_setdst(struct route *, const struct sockaddr *);

  rtcache_setdst() returns 0 on success, or ENOMEM if no memory is
  available to create the sockaddr storage.

  It is now possible for rtcache_getdst() to return NULL if, say,
  rtcache_setdst() failed.  I check the return value for NULL
  everywhere in the kernel.

4 Each routing domain (struct domain) has a list of live route
  caches, dom_rtcache.  rtflushall(sa_family_t af) looks up the
  domain indicated by 'af', walks the domain's list of route caches
  and invalidates each one.
2007-05-02 20:40:22 +00:00
dyoung
7ff356f18d Free route cache after detaching an etherip(4) instance. 2007-04-23 05:05:03 +00:00
xtraeme
df40909241 rtcache_clear is defined as static void in route.c, but it's used
in netinet/in_route.c. Move the prototype into route.h to fix
the build.
2007-04-22 13:05:21 +00:00
dyoung
3ce5c94b0e In gre_clone_destroy(), free the route cache after calling if_detach(),
because if_detach() may cause us to transmit a packet, which
ordinarily entails reloading the route cache.  This fixes a bug
where the kernel would panic later in rtflush().  Thanks Michael
Earnhart for reporting the bug.

In gre_output(), do not leak mbufs.
2007-04-14 22:41:42 +00:00
martin
de3603e82a caddr_t fallout (only visible with options PPPOE_SERVER) 2007-03-31 11:00:23 +00:00
ad
9982390dd6 lwp::l_acflag is no longer used. 2007-03-29 16:51:21 +00:00
dyoung
be7bb25d74 Make all debug messages use GRE_DPRINTF(). Get rid of a redundant
if_ierrors++.  Change (type *)0 to NULL.  Get rid of unnecessary
casts to void *.
2007-03-21 03:18:08 +00:00
dyoung
271d77fa58 If we do not recognize the protocol of a received packet, then
increase ifi_noproto.  If the GRE header contains routing options,
increase the input-error count, ifi_ierrors.

While I am here, make some cosmetic changes: remove unnecessary
'proto' argument from gre_input3().  Shorten some staircases.
2007-03-21 01:56:05 +00:00
dyoung
cafee584b5 KNF: compare pointers with NULL instead of 0, and do not "test
truth" of either integers or pointers, so that it's clear
     what's going on.  Remove superfluous () from return statements.
     bcmp -> memcmp, bcopy -> memcpy.

Misc. cosmetic: join some lines, remove a few empty lines, remove
spaces from type casts.  Don't open-code IFNET_FOREACH().  Shorten
some staircases.
2007-03-18 20:59:38 +00:00
dyoung
912b6eb53e The departure of IPv6 interfaces does not agree with pf. The pfil
hooks that signal the interface's departure run before IPv6 sends
messages to indicate that it is leaving its multicast groups; when
pf filters the departure messages, it does not recognize the output
interface, so it complains at the departure of gre65, for example:

pf_test6: kif == NULL, if_xname gre65

I have changed if_detach() so that it calls pr_usrreq(PRU_PURGEIF)
before pfil_run_hooks(PFIL_IFNET_DETACH), instead of the other way
around.  That quiets the pf_test6: messages.
2007-03-18 20:05:52 +00:00
dyoung
72d41408ef bcopy -> memcpy, bcmp -> memcmp.
Don't open-code LIST_FOREACH().
2007-03-17 06:36:05 +00:00
ad
59d979c5f1 Pass an ipl argument to pool_init/POOL_INIT to be used when initializing
the pool's lock.
2007-03-12 18:18:22 +00:00
drochner
814e248430 don't use DVUNIT_ANY as unit number to attach pseudo devices,
use FSTATE_STAR and cf_unit=0 like normal devices.
Thanks to Arnaud Degroote for the bug report and testing.
2007-03-09 18:42:22 +00:00
liamjfoy
8aa640dadd Add IPv6 Fast Forward - the IPv4 counterpart:
If ip6_forward successfully forwards a packet, a cache, in this case a
ip6flow struct entry, will be created. ether_input and friends will
then be able to call ip6flow_fastforward with the packet which will then
be passed to if_output (unless an issue is found - in that case the packet
is passed back to ip6_input).

ok matt@ christos@ dyoung@ and joerg@
2007-03-07 22:20:04 +00:00
christos
53524e44ef Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
cube
f361d6e858 Remove unnecessary output and reduce verbosity in dmesg(8) output. That
makes the output consistent with etherip(4).

Suggested by Nino Dehne on current-users@.
2007-02-26 23:52:18 +00:00
dyoung
6a5d57a4de In gif_clone_destroy(), free the cached route before freeing the
interface.
2007-02-23 06:15:31 +00:00
dyoung
2bc5758505 Cosmetic: remove gratuitous () from return statements. 2007-02-23 06:13:24 +00:00
dyoung
6917e4364d If we enter gre_output() without a route in the cache, call
rtcache_init() to try to fill the cache.  rtcache_check() was not
sufficient.
2007-02-23 06:10:40 +00:00
dyoung
9020519740 Destroy route cache before destroying the interface. 2007-02-23 04:20:02 +00:00
dyoung
fea99925e4 Cosmetic: use TAILQ_EMPTY, TAILQ_FOREACH. 2007-02-22 09:23:38 +00:00
thorpej
7cc07e11dc TRUE -> true, FALSE -> false 2007-02-22 06:16:03 +00:00
thorpej
712239e366 Replace the Mach-derived boolean_t type with the C99 bool type. A
future commit will replace use of TRUE and FALSE with true and false.
2007-02-21 22:59:35 +00:00
dyoung
58cb526fa7 Use __arraycount(). 2007-02-21 02:24:14 +00:00
dyoung
af8be3e751 Remove extraneous parentheses. bcopy -> memcpy. 2007-02-20 08:55:54 +00:00
dyoung
818fe8ed7b Remove unused #define SIN.
Constify.
2007-02-20 08:32:14 +00:00
dyoung
b700519db9 Remove unused #define SIN(). From he@. 2007-02-19 21:18:23 +00:00
dyoung
ba2aee81a0 Fix fallout from if_output constification. Thanks, Havard Eidnes,
for reporting the problem and testing my patch.
2007-02-19 21:17:03 +00:00
matt
58aa85753d Initialize routeswitch with structure initializers. 2007-02-18 22:46:32 +00:00
dyoung
3365b046ad Use satocsin to cast to const struct sockaddr_in *. 2007-02-18 07:17:48 +00:00
dogcow
27a0c93811 constify struct sockaddr. 2007-02-18 06:20:10 +00:00
dyoung
5493f188c7 KNF: de-__P, bzero -> memset, bcmp -> memcmp. Remove extraneous
parentheses in return statements.

Cosmetic: don't open-code TAILQ_FOREACH().

Cosmetic: change types of variables to avoid oodles of casts: in
   in6_src.c, avoid casts by changing several route_in6 pointers
   to struct route pointers.  Remove unnecessary casts to caddr_t
   elsewhere.

Pave the way for eliminating address family-specific route caches:
   soon, struct route will not embed a sockaddr, but it will hold
   a reference to an external sockaddr, instead.  We will set the
   destination sockaddr using rtcache_setdst().  (I created a stub
   for it, but it isn't used anywhere, yet.)  rtcache_free() will
   free the sockaddr.  I have extracted from rtcache_free() a helper
   subroutine, rtcache_clear().  rtcache_clear() will "forget" a
   cached route, but it will not forget the destination by releasing
   the sockaddr.  I use rtcache_clear() instead of rtcache_free()
   in rtcache_update(), because rtcache_update() is not supposed
   to forget the destination.

Constify:

   1 Introduce const accessor for route->ro_dst, rtcache_getdst().

   2 Constify the 'dst' argument to ifnet->if_output().  This
     led me to constify a lot of code called by output routines.

   3 Constify the sockaddr argument to protosw->pr_ctlinput.  This
     led me to constify a lot of code called by ctlinput routines.

   4 Introduce const macros for converting from a generic sockaddr
     to family-specific sockaddrs, e.g., sockaddr_in: satocsin6,
     satocsin, et cetera.
2007-02-17 22:34:07 +00:00
dyoung
3267be0b29 Cosmetic: don't open-code LIST_FOREACH(). Remove extraneous
parentheses.  Bzero -> memset.  Shorten staircase in rt_timer_add().
2007-02-17 07:50:49 +00:00
dyoung
7cfeb3c2ed Clean this code up some.
Extract subroutine rn_delete1() to ease RADIX_MPATH integration,
should we ever do that.

Remove RN_DEBUG code that does not compile.

Join some lines of the type

        type var1;
        type var2;
        type var3;

making

        type var1, var2, var3.

Break lines of the type if (expr) stmt1; else stmt2; so that normal
people can read them.
2007-02-17 07:46:38 +00:00
bouyer
53bfe8e81c Drop M_PROMISC before passing the packet to a carp device, for the same
reason it's dropped before passing to bridge: when a vlan interface is
in promisc mode, it will loop the packet back to ether_input() with
M_PROMISC set, and when carp calls ether_input again the flag is still
there and the packet is dropped. If the carp interface doesn't take
the packet M_PROMISC is set just after is needed anyway.
Tested on a box with multiple carp on vlans, no comments about this patch
on tech-net@
2007-01-29 22:13:14 +00:00
cbiere
bcfa6c3c08 Use be16dec() and be32dec() instead of reimplementing them. 2007-01-27 07:16:01 +00:00
cbiere
6b77c2af74 Use a plain memcpy() instead of alignment- and endian-specific hacks. 2007-01-27 07:12:16 +00:00
dyoung
2115f7da2f Fix the check for a routing loop. 2007-01-26 19:32:32 +00:00
dyoung
832c31b2c6 Mark some shared variables as volatile. 2007-01-26 03:01:32 +00:00
isaki
7525ed1e40 Install <net/if_pflog.h>. 2007-01-13 14:13:53 +00:00
mouse
8fb29141e0 Hook srt into the rest of the kernel build machinery, so it works to
just uncomment the pseudo-device line (which arguably should go into
other ports' GENERICs too, and at some point may).

OKed by perry.
2007-01-11 05:36:29 +00:00
bouyer
9403f4d239 Don't define dropanyway: label unless ISO or NETATALK is defined. Fix
kern/35364 by Gene ENonymous
2007-01-06 20:38:14 +00:00
joerg
8632294e2e Add a debug option for the route cache to help tracing down issues
like PR 35272 and 35318. When the kernel is compiled with
-DRTCACHE_DEBUG, all rtcache entries are logged to a list with the place
they got initialised. This allows overwrites, double inits and other
manual messing to be detected.
2007-01-05 16:40:08 +00:00
mouse
9707fdff94 Add workarounds for include-file bugs exposed by this file. (Ideal, of
course, would be to fix the include-file bugs; that may follow later.)
2007-01-05 06:32:48 +00:00
elad
b2eb9a5389 Consistent usage of KAUTH_GENERIC_ISSUSER. 2007-01-04 19:07:03 +00:00
wiz
0b5301abc7 Add RCS Id. 2006-12-29 10:39:59 +00:00
mouse
ebc746c114 Very first import of the source-address-based routing pseudo-device,
before any cleanup at all, per discussion with perry@.
2006-12-29 04:20:14 +00:00
joerg
eb04733c4e Introduce new helper functions to abstract the route caching.
rtcache_init and rtcache_init_noclone lookup ro_dst and store
the result in ro_rt, taking care of the reference counting and
calling the domain specific route cache.
rtcache_free checks if a route was cashed and frees the reference.
rtcache_copy copies ro_dst of the given struct route, checking that
enough space is available and incrementing the reference count of the
cached rtentry if necessary.
rtcache_check validates that the cached route is still up. If it isn't,
it tries to look it up again. Afterwards ro_rt is either a valid again
or NULL.
rtcache_copy is used internally.

Adjust to callers of rtalloc/rtflush in the tree to check the sanity of
ro_dst first (if necessary). If it doesn't fit the expectations, free
the cache, otherwise check if the cached route is still valid. After
that combination, a single check for ro_rt == NULL is enough to decide
whether a new lookup needs to be done with a different ro_dst.
Make the route checking in gre stricter by repeating the loop check
after revalidation.
Remove some unused RADIX_MPATH code in in6_src.c. The logic is slightly
changed here to first validate the route and check RTF_GATEWAY
afterwards. This is sementically equivalent though.
etherip doesn't need sc_route_expire similiar to the gif changes from
dyoung@ earlier.

Based on the earlier patch from dyoung@, reviewed and discussed with
him.
2006-12-15 21:18:52 +00:00
christos
5abf774808 initialize error, cause gcc3 says so. 2006-12-10 23:12:37 +00:00
is
dc12fff4c3 Explain XID magic constants, correcting the format ID 2006-12-10 14:52:29 +00:00
is
8812d0414b oops, forgot lan_hdr_len length offset 2006-12-10 14:49:43 +00:00
is
e80820a117 oops, forgot the m_adj 2006-12-10 14:47:40 +00:00
is
9c9b34873f was wrong magic constant. no functional change. 2006-12-10 14:45:09 +00:00
is
d227658f6b Avoid overlapping struct assignment, like in the Ethernet and FDDI cases. 2006-12-10 14:39:03 +00:00
is
60ee96c865 Explain llc XID magic constants, correcting the XID header format tag. 2006-12-10 14:21:32 +00:00
is
74a405e314 Avoid overlapping struct assignment for FDDI. Should fix netiso like in the
Ethernet case.
2006-12-10 12:34:42 +00:00
is
287d53b453 explain XID constants, and fix a wrong one 2006-12-10 11:39:43 +00:00
is
1f15d00952 define some more magic LLC constants 2006-12-10 11:35:36 +00:00
is
29b0f75d10 comment on llc class 2006-12-10 10:51:11 +00:00
dyoung
cf7bb443ac Straggler from last: convert to rtflush(). 2006-12-09 06:32:58 +00:00
dyoung
c308b1c661 Here are various changes designed to protect against bad IPv4
routing caused by stale route caches (struct route).  Route caches
are sprinkled throughout PCBs, the IP fast-forwarding table, and
IP tunnel interfaces (gre, gif, stf).

Stale IPv6 and ISO route caches will be treated by separate patches.

Thank you to Christoph Badura for suggesting the general approach
to invalidating route caches that I take here.

Here are the details:

Add hooks to struct domain for tracking and for invalidating each
domain's route caches: dom_rtcache, dom_rtflush, and dom_rtflushall.

Introduce helper subroutines, rtflush(ro) for invalidating a route
cache, rtflushall(family) for invalidating all route caches in a
routing domain, and rtcache(ro) for notifying the domain of a new
cached route.

Chain together all IPv4 route caches where ro_rt != NULL.  Provide
in_rtcache() for adding a route to the chain.  Provide in_rtflush()
and in_rtflushall() for invalidating IPv4 route caches.  In
in_rtflush(), set ro_rt to NULL, and remove the route from the
chain.  In in_rtflushall(), walk the chain and remove every route
cache.

In rtrequest1(), call rtflushall() to invalidate route caches when
a route is added.

In gif(4), discard the workaround for stale caches that involves
expiring them every so often.

Replace the pattern 'RTFREE(ro->ro_rt); ro->ro_rt = NULL;' with a
call to rtflush(ro).

Update ipflow_fastforward() and all other users of route caches so
that they expect a cached route, ro->ro_rt, to turn to NULL.

Take care when moving a 'struct route' to rtflush() the source and
to rtcache() the destination.

In domain initializers, use .dom_xxx tags.

KNF here and there.
2006-12-09 05:33:04 +00:00
joerg
b49bdf49d7 Deinline rt_get_ifa. Keep it in route.c as it is part of the routing
API, even though rtsock.c is the only user right now.
2006-12-07 19:37:08 +00:00
joerg
d87b42b41f Deinline rt_replace_ifa and move rt_set_ifa and rt_set_ifa1 to
route.c as they are not used outside that file.
2006-12-07 19:20:14 +00:00
dyoung
627864e36f Per discussion on tech-net@, discard the address-munging hack that
let one create a tunnel with equal inner and outer destination IP
numbers.  Update gre(4) documentation for this change.

Extract subroutine  gre_update_route() from gre_compute_route(),
and always call it in gre_output() to freshen the route for
tunnel-encapsulated packets.
2006-12-04 02:40:15 +00:00
dyoung
31730224f4 In gre_clone_destroy,
1 use splnet() to synchronize gre clone destruction with interrupts,
  and
2 wait to call if_detach() until after joining the gre kernel
  thread.
2006-12-04 01:49:47 +00:00
dyoung
e45f67b8b4 Extract subroutines rn_walkfirst() and rn_walknext() from rn_walktree().
No functional change intended.

Add some new diagnostic code, bracketed by #ifdef RN_DEBUG, that
uses the two new subroutines to walk and print a tree.

XXX The format of the diagnostic print-outs needs improvement.
2006-12-04 01:45:50 +00:00
dyoung
7e5a475027 Replace the temporary variable ndst with rt_key(rt). This will
simplify the application of RADIX_MPATH patches.

No functional change intended.
2006-12-04 00:56:44 +00:00
dyoung
8a5a3d2d66 Paranoid protection against use after free: in rtfree(), set rt_ifa
and rt_ifp to NULL.
2006-12-04 00:52:47 +00:00
dyoung
b0520122af Cosmetic: remove extra empty line. 2006-12-04 00:48:59 +00:00
dyoung
626b8f05e2 Fix spelling, s/straglers/stragglers/. 2006-12-03 19:17:41 +00:00
dyoung
7b85ed030b In if_rt_walktree(), make absolutely certain not to leave a dangling
pointer, rt_ifp, from an rtentry to an interface that we are going
to destroy.
2006-12-02 20:48:13 +00:00
is
07e04d08c3 Remove an overlapping struct copy from ether_input, which caused address
corruption for incoming netiso packets with recent (at least NetBSD-3 and
later) compilers. This is done in a way that the copy is avoided totally.
Code path tested with tcp+udp/ipv4+ipv6, arp and ISO cltp/clnp.
Visually ok'd by Christos@.
2006-12-01 18:43:40 +00:00
wiz
fa34b615d2 Correct spelling of "immediate(ly)". From Zafer. 2006-11-24 21:23:07 +00:00
rpaulo
bc3d08297a The change I committed to etherip was wrong. ether_snprintf doesn't make
sense when chaning the MAC address of the virtual interface as pointed
out by Hans himself.
So, introduce ether_nonstatic_aton() and make etherip(4) and tap(4) use it.
2006-11-24 01:04:30 +00:00
yamt
809ec70bcf implement ipv6 TSO.
partly from Matthias Scheler.  tested by him.
2006-11-23 19:41:58 +00:00
rpaulo
74b7608af9 Remove extra prototype. 2006-11-23 04:20:54 +00:00
rpaulo
5423539f94 New EtherIP driver based on tap(4) and gif(4) by Hans Rosenfeld.
Notable changes:
	* Fixes PR 34268.
	* Separates the code from gif(4) (which is more cleaner).
	* Allows the usage of STP (Spanning Tree Protocol).
	* Removed EtherIP implementation from gif(4)/tap(4).

Some input from Christos.
2006-11-23 04:07:07 +00:00
dyoung
43778cd2ec "Reform" TAILQ usage:
Obey the TAILQ abstraction while removing ifaddrs from an interface
in if_detach; just restart the loop after removing one or more
ifaddrs from the interface.

Convert a bunch of for (ifa = TAILQ_FIRST(); ifa; ifa = TAILQ_NEXT())
loops to TAILQ_FOREACH().

Remove some superfluous parentheses while I am here.
2006-11-20 04:09:25 +00:00
dyoung
33f672908d Correct the length of the TTL argument to setsockopt(IPPROTO_IP,
IP_TTL).
2006-11-16 22:58:00 +00:00
dyoung
51a6c2e769 Cosmetic: s/g_proto/sc_proto/.
(Straggler from last commit affecting net/if_gre.c, netinet/ip_gre.c.)
2006-11-16 22:32:38 +00:00
dyoung
641edc65f1 Cosmetic: s/g_proto/sc_proto/. Remove superfluous parentheses and
curly braces.
2006-11-16 22:26:35 +00:00
christos
168cd830d2 __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
dyoung
2ed50f892c make the routing socket report the right source address in RTM_GET
responses when a source-address selection policy is in use.
2006-11-13 19:16:01 +00:00
dyoung
00aa0b8d95 Fix bugs in rt_get_ifa() and put aside the sequence number stuff,
which isn't ready for primetime yet.
2006-11-13 19:14:30 +00:00
dyoung
e362cfc96f In rtalloc(), release our reference to the prior rtentry before
referencing a new rtentry.
2006-11-13 17:51:02 +00:00
dyoung
a25eaede91 Add a source-address selection policy mechanism to the kernel.
Also, add ioctls SIOCGIFADDRPREF/SIOCSIFADDRPREF to get/set preference
numbers for addresses.  Make ifconfig(8) set/display preference
numbers.

To activate source-address selection policies in your kernel, add
'options IPSELSRC' to your kernel configuration.

Miscellaneous changes in support of source-address selection:

        1 Factor out some common code, producing rt_replace_ifa().

        2 Abbreviate a for-loop with TAILQ_FOREACH().

        3 Add the predicates on IPv4 addresses IN_LINKLOCAL() and
          IN_PRIVATE(), that are true for link-local unicast
          (169.254/16) and RFC1918 private addresses, respectively.
          Add the predicate IN_ANY_LOCAL() that is true for link-local
          unicast and multicast.

        4 Add IPv4-specific interface attach/detach routines,
          in_domifattach and in_domifdetach, which build #ifdef
          IPSELSRC.

See in_getifa(9) for a more thorough description of source-address
selection policy.
2006-11-13 05:13:38 +00:00
dyoung
0787046d01 Change lengthy ((struct sockaddr_in *)x) to satosin(x). 2006-11-04 07:13:19 +00:00
dyoung
f6cb813915 Remove unused variables. 2006-11-04 06:41:48 +00:00
dyoung
cce119d20c Expand the comment concerning gre_kick().
Shorten the code in gre_compute_route() that flips the least
significant bit of the tunnel address.  No functional change.
2006-11-04 06:38:05 +00:00
martin
567f8e3fe9 Do not truncate the last char from a remote error message 2006-11-01 12:10:06 +00:00
yamt
d566a2d50f make agr headers include lock.h and queue.h by themselves. 2006-10-29 22:14:14 +00:00
yamt
fb3b846458 agr_setconfig: ensure ifname is NUL terminated. PR/34894 from Michael Pounov. 2006-10-29 11:38:56 +00:00
christos
78a48d28a3 Use strncpy to copy out interface names so that the trailing part of the
buffer is zeroed, and check for overflow.
2006-10-27 15:33:11 +00:00
elad
74482de29f Kill a couple of KAUTH_GENERIC_ISSUSER usages.
I had to refactor the code a bit, I hope it's okay.
2006-10-26 15:11:22 +00:00
elad
f808f29d05 Kill KAUTH_GENERIC_ISSUSER use. 2006-10-25 22:56:14 +00:00
elad
adf8d7aab2 Introduce KAUTH_REQ_NETWORK_SOCKET_OPEN, to check if opening a socket is
allowed. It takes three int * arguments indicating domain, type, and
protocol. Replace previous KAUTH_REQ_NETWORK_SOCKET_RAWSOCK with it (but
keep it still).

Places that used to explicitly check for privileged context now don't
need it anymore, so I replaced these with XXX comment indiacting it for
future reference.

Documented and updated examples as well.
2006-10-25 22:49:22 +00:00
elad
0a57b5966b Kill some KAUTH_GENERIC_ISSUSER uses. 2006-10-25 20:28:45 +00:00
christos
a4b205c85a don't leak kernel variable declarations to userland. 2006-10-22 20:55:09 +00:00
christos
1536848b53 fix typo. 2006-10-22 19:21:26 +00:00
christos
f6c67772ca use strlcpy instead of strncpy or bcopy to copy the interface name. 2006-10-22 18:24:02 +00:00
pooka
80b7c62e48 be appropriately const poisonous 2006-10-22 13:25:54 +00:00
uebayasi
3d643c0f73 const static -> static const 2006-10-22 03:39:43 +00:00
dogcow
372e6ef309 now that we have -Wno-unused-parameter, back out all the tremendously ugly
code to gratuitously access said parameters.
2006-10-17 18:21:29 +00:00
dyoung
ca38b620b0 Two bug fixes:
If gre_socreate1() cannot find out the socket's address, exit with
an error.  Before, it could exit *without* an error.

If gre_thread1() finds that it is without a valid socket (i.e., so
== NULL) but the configuration is "unchanged" (in initial state),
force reconfiguration.  This prevents a crash when we try to bring
up a GRE over UDP interface whose UDP endpoints have never been
specified.
2006-10-15 06:36:54 +00:00
dyoung
755be14a30 Cosmetic: join lines to conserve vertical space. 2006-10-15 06:28:53 +00:00
dogcow
2023789a40 More -Wunused fallout. sprinkle __unused when possible; otherwise, use the
do { if (&x) {} } while (/* CONSTCOND */ 0);
construct as suggested by uwe in <20061012224845.GA9449@snark.ptc.spbu.ru>.
2006-10-13 16:53:35 +00:00
hannken
1dac4c24ec More __unused (COMPAT_OSOCK not defined). 2006-10-13 10:29:41 +00:00
christos
4d595fd7b1 - sprinkle __unused on function decls.
- fix a couple of unused bugs
- no more -Wno-unused for i386
2006-10-12 01:30:41 +00:00
dyoung
52f0206b50 Bug fix: do not try to destroy a NULL socket. Stops the kernel
from crashing when a GRE over UDP instance of gre(4) is destroyed
before its socket is created/delegated.
2006-10-09 17:54:23 +00:00
peter
9fc3877a2a Remove unneeded usage of LIST_*.
ok cube@
2006-10-09 10:46:00 +00:00
martin
0efa9c8ed3 Make lo* always have the IFF_RUNNING flag set, to apease some
SNMP apps. Fixes PR kern/11830.
2006-10-08 23:19:32 +00:00
tls
8cc016b4bc Protect calls to pool_put/pool_get that may occur in interrupt context
with spl used to protect other allocations and frees, or datastructure
element insertion and removal, in adjacent code.

It is almost unquestionably the case that some of the spl()/splx() calls
added here are superfluous, but it really seems wrong to see:

	s=splfoo();
	/* frob data structure */
	splx(s);
	pool_put(x);

and if we think we need to protect the first operation, then it is hard
to see why we should not think we need to protect the next.  "Better
safe than sorry".

It is also almost unquestionably the case that I missed some pool
gets/puts from interrupt context with my strategy for finding these
calls; use of PR_NOWAIT is a strong hint that a pool may be used from
interrupt context but many callers in the kernel pass a "can wait/can't
wait" flag down such that my searches might not have found them.  One
notable area that needs to be looked at is pf.

See also:

http://mail-index.netbsd.org/tech-kern/2006/07/19/0003.html
http://mail-index.netbsd.org/tech-kern/2006/07/19/0009.html
2006-10-05 17:35:19 +00:00
oster
75642ab7ae It is not sufficient for MINDEX to just 'return 0' if the MINDEX macro
is going to be used from within m_xhalf() and m_xword().  In using
MINDEX in those cases, we must set *err to '1' *before* calling MINDEX
just in case MINDEX does decide to 'return', and causes the function
to return 0 with an un-set err value.  A consequence of this fix is
that we can cleanup a couple of (now) unneeded goto's.  Problem found
by inspection whilst searching for the cause of a different panic.

Also: pavel@ noted the following:
				if (merr != 0)
 					return 0;
was missing from after a call to m_xhalf(), so fix that too.

src/regress/sys/net/bpf/out-of-bounds now passes the regression test.

Ok'ed by pavel@.
2006-10-04 20:47:43 +00:00
elad
51afb61202 PR/19795: Joel Wilsson: net_osdep.h is lying.
Sync comment with reality, thanks for the patch!
2006-09-23 15:17:58 +00:00
elad
83a5239b28 Remove ugly (void *) casts from network scope authorization wrapper and
calls to it.

While here, adapt code for system scope listeners to avoid some more
casts (forgotten in previous run).

Update documentation.
2006-09-19 21:42:29 +00:00
elad
5f7169ccb1 First take at security model abstraction.
- Add a few scopes to the kernel: system, network, and machdep.

- Add a few more actions/sub-actions (requests), and start using them as
  opposed to the KAUTH_GENERIC_ISSUSER place-holders.

- Introduce a basic set of listeners that implement our "traditional"
  security model, called "bsd44". This is the default (and only) model we
  have at the moment.

- Update all relevant documentation.

- Add some code and docs to help folks who want to actually use this stuff:

  * There's a sample overlay model, sitting on-top of "bsd44", for
    fast experimenting with tweaking just a subset of an existing model.

    This is pretty cool because it's *really* straightforward to do stuff
    you had to use ugly hacks for until now...

  * And of course, documentation describing how to do the above for quick
    reference, including code samples.

All of these changes were tested for regressions using a Python-based
testsuite that will be (I hope) available soon via pkgsrc. Information
about the tests, and how to write new ones, can be found on:

	http://kauth.linbsd.org/kauthwiki

NOTE FOR DEVELOPERS: *PLEASE* don't add any code that does any of the
following:

  - Uses a KAUTH_GENERIC_ISSUSER kauth(9) request,
  - Checks 'securelevel' directly,
  - Checks a uid/gid directly.

(or if you feel you have to, contact me first)

This is still work in progress; It's far from being done, but now it'll
be a lot easier.

Relevant mailing list threads:

http://mail-index.netbsd.org/tech-security/2006/01/25/0011.html
http://mail-index.netbsd.org/tech-security/2006/03/24/0001.html
http://mail-index.netbsd.org/tech-security/2006/04/18/0000.html
http://mail-index.netbsd.org/tech-security/2006/05/15/0000.html
http://mail-index.netbsd.org/tech-security/2006/08/01/0000.html
http://mail-index.netbsd.org/tech-security/2006/08/25/0000.html

Many thanks to YAMAMOTO Takashi, Matt Thomas, and Christos Zoulas for help
stablizing kauth(9).

Full credit for the regression tests, making sure these changes didn't break
anything, goes to Matt Fleming and Jaime Fournier.

Happy birthday Randi! :)
2006-09-08 20:58:56 +00:00
dogcow
f2d329dca0 remove more vestiges of CCITT, LLC, HDLC, NS, and NSIP. 2006-09-07 02:40:31 +00:00
dyoung
8db36d06c3 Don't use IFQ_ macros on an ifqueue. Fixes a compilation error
reported by christos.
2006-09-03 06:10:06 +00:00
christos
44dddc087f use c99 initializers 2006-09-03 05:08:18 +00:00
cube
207af46910 Add a note about the use of CTL_CREATE in sysctl_createv, otherwise the
code can be confusing.
2006-09-01 16:28:53 +00:00
dyoung
9cc1c09a17 Rename gre_softc member sc_sp to sc_soparm to fix NetBSD/alpha
compiles, where some other system header #defines sc_sp.

In gre_ioctl, GREDSOCK case, do not try to delete sc_fp if it is
NULL.

Move GREDSOCK and GRESSOCK definitions to where the other GRE ioctls
are defined.

Remove #ifdef GRESSOCK, it's unnecessary now that the feature is
complete.
2006-09-01 01:34:05 +00:00
dyoung
47be766fd3 Add a mode to gre(4) that sends GRE tunnel packets in UDP datagrams.
Fix MOBILE encapsulation.  Add many debugging printfs (mainly
concerning UDP mode).  Clean up the gre(4) code a bit.  Add the
capability to setup UDP tunnels to ifconfig.  Update documentation.

In UDP mode, gre(4) puts a GRE header onto transmitted packets,
and hands them to a UDP socket for transmission.  That is, the
encapsulation looks like this: IP+UDP+GRE+encapsulated packet.

There are two ways to set up a UDP tunnel.  One way is to tell the
source and destination IP+port to gre(4), and let gre(4) create
the socket.  The other way to create a UDP tunnel is for userland
to "delegate" a UDP socket to the kernel.
2006-08-31 17:46:16 +00:00
christos
514b3fccd7 fix initializer 2006-08-30 17:00:15 +00:00
christos
378a57007e fix initializers. 2006-08-30 16:58:38 +00:00
christos
3ed5fa0441 Fix initializers. 2006-08-30 16:57:59 +00:00
christos
a3b3beb093 fully initialize IF_CLONE_INITIALIZER 2006-08-30 16:41:08 +00:00
christos
6d637b500d add missing initializer 2006-08-28 00:09:28 +00:00
matt
6c8fa3224e One step closer to loadable domains. Store pointers to a domain's soft
interrupt queues so if_detach can remove packets to removed interfaces from
them.  This eliminates a lot of conditional ugly code in if.c
2006-08-25 19:33:50 +00:00
adrianp
3d8cbc06ba A problem has been identified in the in-kernel PPP code shared by ISDN PPP
interfaces ippp(4) and pppoe(4). Insufficient checking of options presented
by the peer may cause writing of copies of the malicious input beyond the
end of a buffer allocated for that purpose.

Issue found by pavel@
Fix from martin@

This is SA2006-019 (CVE-2006-4304)
2006-08-23 20:02:23 +00:00
pavel
8bf13164fe defflag PPPOE_SERVER and PPPOE_TERM_UNKNOWN_SESSIONS. 2006-08-05 17:20:54 +00:00
martin
f1dc5b61db Fix typo in comment 2006-08-04 23:18:53 +00:00
christos
224c697f91 Patch from Dheeraj S, inspired by the following FreeBSD change:
Rather than calling mircotime() in catchpacket(), make catchpacket()
take a timeval indicating when the packet was captured. Move
microtime() to the calling functions and grab the timestamp as soon
as we know that we're going to call catchpacket at least once.

This means that we call microtime() once per matched packet, as
opposed to once per matched packet per bpf listener. It also means
that we return the same timestamp to all bpf listeners, rather than
slightly different ones.

It would be more accurate to call microtime() even earlier for all
packets, as you have to grab (1+#listener) locks before you can
determine if the packet will be logged. You could always grab a
timestamp before the locks, but microtime() can be costly, so this
didn't seem like a good idea.

(I guess most ethernet interfaces will have a bpf listener these
days because of dhclient. That means that we could be doing two bpf
locks on most packets going through the interface.)
2006-07-26 13:54:13 +00:00
ad
f474dceb13 Use the LWP cached credentials where sane. 2006-07-23 22:06:03 +00:00
martin
dee43775e6 Small simplification, pointed out by Christian Hattemer in private mail. 2006-07-13 23:43:13 +00:00
martin
81b2f47532 Do not automagically UP the interface when setting the address.
Together with previous ifconfig changes, this fixes PR 30694, at
least for pppoe (and other sppp based) interfaces.
2006-07-13 14:04:50 +00:00
tsutsui
79d3d94bff KNF. 2006-07-08 18:32:53 +00:00
yamt
7d19947ffd make a multiple inclusion protection macro match with the filename. 2006-07-08 05:57:41 +00:00
yamt
85d844ab45 agr_ioctl: wrap a long line after kauth merge. 2006-07-08 05:56:48 +00:00
tron
d700257e96 Make this build with GCC 4.x. 2006-06-27 10:45:09 +00:00
yamt
8dc7b19627 add a comment on if_agrprivate. 2006-06-25 07:50:00 +00:00
drochner
9d26b198b5 remove dependency on "agr" to make "struct ifnet" independant of the
kernel configuration, avoids kernel/userland mismatches, ok by christos
2006-06-23 19:02:51 +00:00
uwe
59d7f20391 Do not instal net/if_pppvar.h, net/if_slvar.h and net/if_stripvar.h.
The former two are no longer necessary as slstats is no more
and pppstats now uses an ioctl instead of rummaging through kmem.
The latter has nothign interesting for the userland, but uses
struct bintime that I'm about to hide under #ifdef _KERNEL.

A bunch of remaining <net/if_*.h> headers is pretty useless to the
userland too, but ... someone else's yag to shave...
2006-06-18 21:02:16 +00:00
kardel
de4337ab21 merge FreeBSD timecounters from branch simonb-timecounters
- struct timeval time is gone
  time.tv_sec -> time_second
- struct timeval mono_time is gone
  mono_time.tv_sec -> time_uptime
- access to time via
	{get,}{micro,nano,bin}time()
	get* versions are fast but less precise
- support NTP nanokernel implementation (NTP API 4)
- further reading:
  Timecounter Paper: http://phk.freebsd.dk/pubs/timecounter.pdf
  NTP Nanokernel: http://www.eecis.udel.edu/~mills/ntp/html/kern.html
2006-06-07 22:33:33 +00:00
ragge
cb7f51a59d Add IFM_10G_SR and IFM_10G_CX4, to keep in sync with FreeBSD.
Kindly requested by Gleb Smirnoff at FreeBSD.
2006-06-03 12:43:28 +00:00
elad
4ea6eb36cb add sysctl for routing stats 2006-05-27 23:08:11 +00:00
christos
c52ff7f9d5 Fixes from David Boggs; in his words:
/sys/net/if_spppvar.h says:

	"Lower layer drivers that are always ready to communicate
	(like hardware HDLC) can shortcut pp_up from pp_tls,
	and pp_down from pp_tlf."

	When I follow those instructions, I get a kernel stack
	overflow as soon as I open the HDLC device.

	Here is the loop:
	 sppp_ioctl calls sppp_lcp_open
	 sppp_lcp_open calls sppp_open_event
	 sppp_open_event calls sppp_lcp_tls
	 sppp_lcp_tls calls pp_tls
	 pp_tls is the SHORTCUT to sppp_lcp_up
	 sppp_lcp_up calls spp_lcp_open
	 ...and around we go until the stack overflows.

	The fix is to reverse the order of the action (tls)
	and the state change (from INITIAL to STARTING) in
	sppp_open_event.

	There is a similar loop during closing:
	 sppp_ioctl calls sppp_lcp_close
	 sppp_lcp_close calls sppp_close_event
	 spp_close_event calls sppp_lcp_tlf
	 sppp_lcp_tlf calls pp_tlf
	 pp_tlf is the SHORTCUT to sppp_lcp_down
	 sppp_lcp_down calls sppp_lcp_close
	 ...and around we go until the stack overflows.

	The fix is to reverse the order of the action (tlf)
	and the state change (from STARTING to INITIAL) in
	sppp_close_event.

	Separately, while I was discovering this, I noticed
	that pp_tlf was being called unconditionally rather
	than first checking to see if it is NULL.  pp_tlf
	is a callout from sppp to the hdlc device driver.
	Elsewhere in sppp, this is always checked for NULL
	before calling it, and the comments in if_spppvar.h
	imply that filling it in is optional.

	From spppvar.h:
	"These functions need to be filled in by the lower layer
	(hardware) drivers if they request notification from the
	PPP layer whether the link is actually required."
	This clearly says that pp_tlf and pp_tls are optional
	and so sppp must check before calling them.
2006-05-21 05:09:13 +00:00
liamjfoy
4876c304b1 Integrate Common Address Redundancy Procotol (CARP) from OpenBSD
'pseudo-device	carp'

Thanks to: joerg@ christos@ riz@ and others who tested
Ok: core@
2006-05-18 09:05:49 +00:00
yamt
fd1132d079 include sys/kauth.h for kauth_authorize_generic. 2006-05-15 09:07:59 +00:00
elad
874fef3711 integrate kauth. 2006-05-14 21:19:33 +00:00
christos
103d2f520c XXX: GCC uninitialized. 2006-05-14 05:30:31 +00:00
christos
d04095abaa Comment out packed attributes that gcc 4 does not like. 2006-05-14 02:45:45 +00:00
mrg
126f7e1139 since ar_tha() can return NULL, don't pass it directly to functions
that expect real addresses.  explicitly KASSERT() that it is not
NULL in the kernel and just avoid using it userland.

(the kernel could be more defensive about this, but, until now it
would have just crashed anyway.)
2006-05-12 01:20:33 +00:00
mrg
084c052803 quell GCC 4.1 uninitialised variable warnings.
XXX: we should audit the tree for which old ones are no longer needed
after getting the older compilers out of the tree..
2006-05-10 21:53:14 +00:00
dyoung
2d794b9ed5 Remove needless "link state changed to DOWN/UP" message. 2006-05-01 18:17:42 +00:00
tron
ed14057f29 Adapt maximum MTU permitted on pppoe(4) interfaces to the MTU of the
connected ethernet interface.
2006-04-27 20:04:26 +00:00
tron
7604b6a404 Don't allow to connect a non ethernet interface to a PPPoE interface. 2006-04-27 13:19:04 +00:00
simonb
22d1f42229 One __KERNEL_RCSID() should be enough for this file. 2006-04-22 04:58:49 +00:00
christos
667e91e30f Add an empty attach function. Reported by David Boggs 2006-04-20 17:03:35 +00:00
christos
74e3aa75eb Perry reports that buf can be NULL, so deal with it. 2006-04-19 15:13:34 +00:00
rpaulo
994567415c Fix another typo... I must be on drugs... 2006-04-18 19:30:49 +00:00
christos
17db7d5dd6 Don't use KASSERT, return an error instead to fix the build. 2006-04-15 04:45:01 +00:00
christos
a302c8092d Coverity CID 2728: Add KASSERT before NULL deref. 2006-04-15 02:38:19 +00:00
christos
d3b0d78d54 Coverity CID 1193: Add KASSERT before negative array deref. 2006-04-15 02:35:22 +00:00
christos
e1b8701a82 Coverity CID 1147: Protect against NULL deref. 2006-04-15 02:27:25 +00:00
christos
ef31177b25 Coverity CID 1146: Protect against NULL deref. 2006-04-15 02:26:17 +00:00
christos
2973de5c38 Coverity CID 1145: Protect against NULL deref. 2006-04-15 02:25:24 +00:00
christos
bd7ea99daf Don't try to free a NULL mbuf. 2006-04-15 02:22:44 +00:00
christos
29a12667b7 Coverity CID 855: Add a KASSERT for null route from successful rtrequest. 2006-04-15 02:19:00 +00:00