Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
251,151 Commits 606 Branches 0 Tags 3.1 GiB
7c67bced42
Commit Graph

2578 Commits

Author SHA1 Message Date
para
2c8d4f6106 pool_init does not copy its name argument 
therefore don't pass in a stack allocated buffer

vmstat -mv shows pool(s) with broken name(s)

use the name argument passed into wqinput_create directly
which is a static string in all 4 callee cases

(workqueue_create/workqueue_init copies the name argument)
 2017-06-02 19:10:19 +00:00
ozaki-r
4ce45a7981 Assert inph_locked on ipsec_pcb_skip_ipsec (was IPSEC_PCB_SKIP_IPSEC) 
The assertion confirms SP caches are accessed under inph lock (solock).
 2017-06-02 03:41:20 +00:00
chs
fd34ea77eb remove checks for failure after memory allocation calls that cannot fail: 
kmem_alloc() with KM_SLEEP
  kmem_zalloc() with KM_SLEEP
  percpu_alloc()
  pserialize_create()
  psref_class_create()

all of these paths include an assertion that the allocation has not failed,
so callers should not assert that again.
 2017-06-01 02:45:05 +00:00
ozaki-r
b760398bd2 Fix that a fresh in_ifaddr is unexpectedly freed before activating it 
An in_ifaddr object is initialized with refcnt=0 and the refcnt
is incremented when being enqueued to the lists. However before
enqueuing it, in_ifinit can hold and refelease a reference to
it, i.e., call ifaref and ifafree, resulting in that the object
is freed in ifafree because its refcnt is decremented to 0.

It can be reproduced by doing:
  ifconfig tun0 create
  ifconfig tun1 create
  ifconfig tun0 10.1 10.2
  ifconfig tun1 10.2 10.1
  ifconfig  # Cause a kernel panic (may depend on environmemts)

We need to initialize a created in_ifaddr object with refcnt=1
to make the object survive over in_ifinit.

The issue is found by ryo@
 2017-05-25 02:43:43 +00:00
ozaki-r
df67fa0ad1 Add missing NULL check for pool_get call with PR_NOWAIT 
This should fix a kernel panic reported by wiz@ on current-users ML:
  http://mail-index.netbsd.org/current-users/2017/05/03/msg031646.html
 2017-05-21 08:36:22 +00:00
ozaki-r
11f21739e7 Allow CARP to call the link_state_change handler immediately 
If the handler is delayed because of the indirection call via softint,
some operations are executed in reverse and may cause unexpected
behaviors. For example, due to the issue a GARP packet wasn't sent on
a transition from the BACKUP state to the MASTER state; this happened
because IN_IFF_DETACHED flag wasn't cleared on arpannounce, which
had been cleared in the link_state_change handler.

This fixes an issue reported by sborrill@ on tech-net:
  http://mail-index.netbsd.org/tech-net/2017/03/14/msg006283.html
 2017-05-19 08:53:51 +00:00
ozaki-r
a9d79d7f68 Lookup caches from a CARP interface if the packet is routed to the interface 
This fixes CARP setups without carpdev (physical interface) having any IPs.
 2017-05-18 06:33:11 +00:00
ryo
13f80cd683 replace in_fmtaddr() by IN_PRINT(), and delete function in_fmtaddr() 2017-05-12 17:53:53 +00:00
roy
0dc9e8f6b9 carp should call if_link_state_change instead of affecting 
if_link_state directly.
 2017-05-12 09:22:01 +00:00
ozaki-r
38eefa3747 Stop ipsec4_output returning SP to the caller 
SP isn't used by the caller (ip_output) and also holding its
reference looks unnecessary.
 2017-05-10 09:34:51 +00:00
rjs
a72ef8c319 Change bzero -> memset, bcopy -> memcpy. 2017-05-07 21:36:23 +00:00
rjs
a36cc65452 Change SPL around call to in_pcbbind(). 2017-05-07 21:24:37 +00:00
rjs
701c806a51 Remove some foreign conditional code, NFC intended. 2017-05-07 20:08:02 +00:00
christos
57b897e7c9 PR/52074: Frank Kardel: current npf map directive broken 
Don't filter packets that can't be resolved to source interfaces because
they could have been generated by a packet filter.
 2017-05-07 16:41:22 +00:00
ozaki-r
c33d80e3e4 Don't output debugging logs just if DIAGNOSTIC 
Also make log messages informative.
 2017-04-28 05:56:33 +00:00
ozaki-r
5cfcce1f60 Check if solock of PCB is held when SP caches in the PCB are accessed 
To this end, a back pointer from inpcbpolicy to inpcb_hdr is added.
 2017-04-25 05:44:11 +00:00
ozaki-r
c5b713b4e3 Fix build of kernel with SCTP 2017-04-20 09:19:19 +00:00
ozaki-r
ed8b1986a9 Remove unnecessary NULL checks for inp_socket and in6p_socket 
They cannot be NULL except for programming errors.
 2017-04-20 08:46:07 +00:00
ozaki-r
c4cc9034cb Simplify logic of udp4_sendup and udp6_sendup 
They are always passed a socket with the same protocol faimiliy
as its own: AF_INET for udp4_sendup and AF_INET6 for udp6_sendup.
 2017-04-20 08:45:09 +00:00
ozaki-r
641f918792 Fix build without INET6 2017-04-19 03:23:06 +00:00
riastradh
c8bcfc34de No need for membar_datadep_consumer here. 
PSLIST_READER_FOREACH takes care of it already.
PSLIST_WRITER_FOREACH is exclusive so doesn't need it.
 2017-04-15 17:06:45 +00:00
ozaki-r
469c0f099a Rumpify netipsec 
Note that we should modularize netipsec and reduce reverse symbol references
(referencing symbols of netipsec from net, netinet and netinet6) though,
the task needs lots of code changes. Prior to doing so, rumpifying it and
having ATF tests should be useful.
 2017-04-14 02:43:27 +00:00
ozaki-r
0d787d119d Commit a forgotten change for "Prepare netipsec for rump-ification" 
- Allow encapinit to be called twice (by ifinit and ipe4_attach)
  - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called
    it instead), however, on a rump kernel ipe4_attach may not be called
    even if IPSEC is enabled. So we need to allow ifinit to call it anyway
 2017-04-07 03:31:50 +00:00
ozaki-r
26a0055807 Get rid of unused macros 2017-04-04 09:53:02 +00:00
ozaki-r
67c047d165 Don't use a single global variable to store source route information for multiple incoming packets 
It's not MP-safe. So use a m_tag to store the information instead.

Pointed out by knakahara@
The fix is from OpenBSD (originally fixed in FreeBSD)
 2017-03-31 06:49:44 +00:00
ozaki-r
1abfd1a0eb Don't use a single global variable as a temporal storage for multiple packets 
It's not MP-safe. So use local variables instead.
 2017-03-31 06:42:19 +00:00
knakahara
d35df4a96d remove duplicated validation. That is already done in l2tp_lookup_session_ref(). 
pointed out by s-yamaguchi@IIJ, thanks.
 2017-03-30 23:13:54 +00:00
roy
56d35f4e73 Add the local route after finishing the configuration of the address. 
This fixes the issue where the initial address announced had an
invalid broadcast address.
 2017-03-17 17:26:20 +00:00
roy
ea016466e3 If we're not doing DAD, don't set IN_IFF_TENTATIVE. 2017-03-17 16:15:11 +00:00
ozaki-r
0eaf4e5356 Use if_acquire and if_release instead of using psref API directly 
- Provide if_release for consistency to if_acquire
- Use if_acquire and if_release for ifp iterations
- Make ifnet_psref_class static
 2017-03-14 09:03:08 +00:00
roy
a0a6c91f2c If an ARP packet is received to the null host (0.0.0.0) then look for 
an address matching the sender IP address on the interface.
This allows DAD to fail during the probe phase when a reverse ARP
proxy is present.
 2017-03-10 20:27:31 +00:00
roy
074272399a Only check target address collision if the sender address is the null 
address (ie a DAD probe) or our matching address is either TENTATIVE
or DUPLICATED.
 2017-03-09 08:41:56 +00:00
ozaki-r
ab7c3877f1 Make sure icmp_redirect_timeout_q and ip_mtudisc_timeout_q are initialized on bootup 
Fix PR kern/52029
 2017-03-06 07:31:15 +00:00
ozaki-r
89bba5e4dd Fix the position of curlwp_bindx; it should be after if_put 2017-03-05 11:07:46 +00:00
ozaki-r
2495e7a0c7 Pass inpcb/in6pcb instead of socket to ip_output/ip6_output 
- Passing a socket to Layer 3 is layer violation and even unnecessary
- The change makes codes of callers and IPsec a bit simple
 2017-03-03 07:13:06 +00:00
ozaki-r
030b9751dc Protect ia_allhosts by in_ifaddr_lock 2017-03-02 05:31:04 +00:00
ozaki-r
d0c11d0872 Make sure imo_membership is protected by inp's lock (solock) 2017-03-02 05:29:31 +00:00
ozaki-r
36ae5d22b0 Make usages of ifp MP-safe in some functions of IP multicast 2017-03-02 05:24:23 +00:00
ozaki-r
5ca786c5d4 Make CARP on IPv6 work 
It passes ATF tests but no more, no less.
 2017-02-27 08:26:53 +00:00
roy
808f48e3a5 Only do DaD if the interface actually has the address. 2017-02-24 13:42:18 +00:00
ozaki-r
559b831490 Add assertions and comments for lock states of socket and pcb 2017-02-22 07:05:04 +00:00
ozaki-r
67412bb47f Replace malloc for DAD with kmem and move them out of the lock for DAD 2017-02-21 03:58:23 +00:00
ozaki-r
d453ae2d83 Fix return value 2017-02-17 18:09:25 +00:00
ozaki-r
d412d1c277 Protect sysctl_net_inet_ip_pmtudto with icmp_mtx instead of softnet_lock 2017-02-17 04:32:10 +00:00
ozaki-r
77a7c1c676 Make NOMPSAFE comments informative 2017-02-17 04:31:34 +00:00
knakahara
706b73f634 add missing files. 2017-02-16 08:23:35 +00:00
knakahara
939a415a7d add l2tp(4) L2TPv3 interface. 
originally implemented by IIJ SEIL team.
 2017-02-16 08:12:43 +00:00
ozaki-r
19c4d830db Protect mtudisc and redirect stuffs of icmp/icmp6 with mutex 
We have to run pr_init of icmp and icmp6 prior to tcp and tcp6 ones
for mutex initialization.
 2017-02-13 07:18:20 +00:00
ozaki-r
10400e2a88 Use IFQ_LOCK instead of splnet for if_snd 2017-02-13 04:06:39 +00:00
ozaki-r
b070ee09f7 Replace splnet with splsoftnet 2017-02-13 04:05:58 +00:00