This prevent a variety of fun panics, and therefore fixes PR 12932, PR 17561,
and PR 18376...
XXX
...however this is most definitely a hack. The real problem here is that there
is no callback to notify a "client" interface like vlan when a "parent"
interface's status changes, and therefore the vlan interface is always
IFF_RUNNING. This allows packets to be queued on vlan interface at any time.
We can't simply leave the packets on the vlan interface, either, because there
is no callback to dequeue them. And last, since it's always IFF_RUNNING, if
we just *toss* the packets, we lose gratuitous ARPs and DAD packets.
"This needs work," but at least it no longer bleeds.
the functionality of M_PREPEND, but with a bug: m_pkthdr.len was
not updated in pppoutput as it is in M_PREPEND.
Also, replace the loop that measures the length of the mbuf chain
with a call to m_length.
This fixes a PR from an anonymous bug reporter. Thank you, anonymous
bug reporter. Thanks, Itojun, for bringing the anonymous bug report
to my attention.
for consistency with M_FREE() and m_freem(). Affected files:
sys/mbuf.h
kern/uipc_socket2.c
kern/uipc_mbuf.c
net/if_ethersubr.c
netatalk/ddp_input.c
nfs/nfs_socket.c
Add bpf_deliver prototype.
Rename bpf_measure to m_length and move it to sys/sys/mbuf.h. I
make m_length an inline function in the header file to preserve
its performance characteristics, for better or for worse.
Optimize m_length: use the length in m_pkthdr.len, if M_PKTHDR.
In bpf_deliver, zero the on-stack mbuf before we do anything else
with it.
* always acquire the device instance lock at splnet()
* missing unlocks in various places
Also, since this driver allows its device instances manipulated by two
independent subsystems (character device & interface clone create/destroy),
be careful not to rip away instance data in a clone destroy request if the
instance is still opened as a character device.
(MD5 signatures for TCP, as used with BGP). Credit for original
FreeBSD code goes to Bruce M. Simpson, with FreeBSD sponsorship
credited to sentex.net. Shortening of the setsockopt() name
attributed to Vincent Jardin.
This commit is a minimal, working version of the FreeBSD code, as
MFC'ed to FreeBSD-4. It has received minimal testing with a ttcp
modified to set the TCP-MD5 option; BMS's additions to tcpdump-current
(tcpdump -M) confirm that the MD5 signatures are correct. Committed
as-is for further testing between a NetBSD BGP speaker (e.g., quagga)
and industry-standard BGP speakers (e.g., Cisco, Juniper).
NOTE: This version has two potential flaws. First, I do see any code
that verifies recieved TCP-MD5 signatures. Second, the TCP-MD5
options are internally padded and assumed to be 32-bit aligned. A more
space-efficient scheme is to pack all TCP options densely (and
possibly unaligned) into the TCP header ; then do one final padding to
a 4-byte boundary. Pre-existing comments note that accounting for
TCP-option space when we add SACK is yet to be done. For now, I'm
punting on that; we can solve it properly, in a way that will handle
SACK blocks, as a separate exercise.
In case a pullup to NetBSD-2 is requested, this adds sys/netipsec/xform_tcp.c
,and modifies:
sys/net/pfkeyv2.h,v 1.15
sys/netinet/files.netinet,v 1.5
sys/netinet/ip.h,v 1.25
sys/netinet/tcp.h,v 1.15
sys/netinet/tcp_input.c,v 1.200
sys/netinet/tcp_output.c,v 1.109
sys/netinet/tcp_subr.c,v 1.165
sys/netinet/tcp_usrreq.c,v 1.89
sys/netinet/tcp_var.h,v 1.109
sys/netipsec/files.netipsec,v 1.3
sys/netipsec/ipsec.c,v 1.11
sys/netipsec/ipsec.h,v 1.7
sys/netipsec/key.c,v 1.11
share/man/man4/tcp.4,v 1.16
lib/libipsec/pfkey.c,v 1.20
lib/libipsec/pfkey_dump.c,v 1.17
lib/libipsec/policy_token.l,v 1.8
sbin/setkey/parse.y,v 1.14
sbin/setkey/setkey.8,v 1.27
sbin/setkey/token.l,v 1.15
Note that the preceding two revisions to tcp.4 will be
required to cleanly apply this diff.
to pool_init. Untouched pools are ones that either in arch-specific
code, or aren't initialiased during initial system startup.
Convert struct session, ucred and lockf to pools.
particule device. In doing this, make a new the bpf_stat structure with
members that are u_long rather than u_int, matching the counters in the bpf_d.
the original bpf_stat is now bpf_stat_old and so to the original ioctl
is preserved as BIOCGSTATSOLD.
not a read operation should be allowed to sleep. This allows the use of
bd_rtout with a value of "-1" to be eliminated (signed comparison and
assignment to an unsigned long.)
* in 1.91, a change was introduced that had bpfpoll() returning POLLRDNORM
set when the timeout expired. This impacted poorly on performance as well
as causing select to return an fd available for reading when it wasn't.
Change the behaviour here to only allow the possibility of POLLIN being
returned as active in the event of a timeout.
Fix the behaviour of BIOCIMMEDIATE (fix from LBL BPF code via FreeBSD.)
In bpf_mtap(), optimise the calling of bpf_filter() and catchpacket()
based on whether or not the entire packet is in one mbuf (based on
similar change FreeBSD but fixes BIOC*SEESENT issue with that.)
Copy the implementation of BIOCSSEESENT, BIOCGSEESENT by FreeBSD.
Review Assistance: Guy Harris
PRs: kern/8674, kern/12170
mycroft