Commit Graph

2720 Commits

Author SHA1 Message Date
ozaki-r
a532303129 Tweak return value handling
rtrequest1 ensures to return an rtentry on success.
2015-12-22 01:59:21 +00:00
mlelstv
30470de52f make DDB print ipv6 addresses too 2015-12-17 12:17:13 +00:00
mlelstv
378c085bac handle delayed cksums also for ipv6 2015-12-17 12:16:21 +00:00
ozaki-r
66d9895f20 Fix memory leak of llentry#la_opaque
llentry#la_opaque which is for token ring is allocated in arp.c
and freed in arp.c when freeing llentry. However, llentry can be
freed from other places, e.g., lltable_free. In such cases,
la_opaque is never freed.

To fix that, add a new callback (lle_ll_free) to llentry and
register a destruction function of la_opque to it. On freeing a
llentry, we can surely free la_opque via the callback.
2015-12-17 02:38:33 +00:00
christos
43eac92e53 don't free mbuf twice.
XXX: pullup 7.
2015-12-16 23:14:42 +00:00
ozaki-r
213b8d3cc6 Fix token_rif extractions from llentry 2015-12-16 05:44:59 +00:00
knakahara
a00e94f4ff PR kern/50522: gif(4) ioctl causes panic while someone is using the gif(4) interface.
It is required to wait other CPU's softint completion before disestablishing
the softint handler.
2015-12-11 07:59:14 +00:00
knakahara
ef0c59f955 revert KASSERT. It should use 'if' instead of KASSERT.
see updated(later than r1.18) kmem(9) man.
2015-12-11 04:29:24 +00:00
knakahara
5b880df5ec kmem_zalloc(, KM_SLEEP) must not return NULL. 2015-12-10 08:11:03 +00:00
knakahara
eaf1fb5902 add NULL check 2015-12-10 01:20:12 +00:00
knakahara
849e83fa25 gif(4) uses kmem_alloc APIs instead of malloc. 2015-12-09 05:56:24 +00:00
knakahara
5e4601c62c Refactor gif_set_tunnel(). No functional change. 2015-12-09 03:33:32 +00:00
knakahara
118f179f3d Improve gif_set_tunnel() rollback code. 2015-12-09 03:31:28 +00:00
knakahara
c705cd3ca5 gif(4): Infinite recursion calls prevention code works again now.
The prevention code haven't worked since gif(4) was changed
to use softint(9). To work this prevention, git_output uses
m_tag(9) like FreeBSD and OpenBSD.

I tested with following code.
====================
# ifconfig gif0 create
# ifconfig gif0 tunnel 10.1.1.1  10.1.1.2
# ifconfig gif0 inet 192.168.100.1 192.168.100.100

# ifconfig gif1 create
# ifconfig gif1 tunnel 192.168.100.1 192.168.100.100
# ifconfig gif1 inet 192.168.101.1 192.168.101.101

# ifconfig gif2 create
# ifconfig gif2 tunnel 192.168.101.1 192.168.101.101
# ifconfig gif2 inet 192.168.102.1 192.168.102.102

# ping -w 1 -c 1 192.168.102.102
# dmesg | tail -n 1
gif0: recursively called too many times(2)
====================
2015-12-04 02:26:11 +00:00
knakahara
48ec8fb3d6 LIST_REMOVE should be done before clearing members of the list element. 2015-12-03 03:03:58 +00:00
knakahara
44351c996d remove extra encap_detach().
encap_detach() is already done in gif_delete_tunnel()->in{,6}_gif_detach().
2015-12-03 02:50:49 +00:00
ozaki-r
f373fa78e6 Fix build dependency of if_llatbl.c
if_llatbl.c is required if inet or inet6 is enabled. Depending on ether
doesn't suit for NDP case.
2015-11-26 01:41:20 +00:00
ozaki-r
ecd5b23eef Use lltable/llentry for NDP
lltable and llentry were introduced to replace ARP cache data structure
for further restructuring of the routing table: L2 nexthop cache
separation. This change replaces the NDP cache data structure
(llinfo_nd6) with them as well as ARP.

One noticeable change is for neighbor cache GC mechanism that was
introduced to prevent IPv6 DoS attacks. net.inet6.ip6.neighborgcthresh
was the max number of caches that we store in the system. After
introducing lltable/llentry, the value is changed to be per-interface
basis because lltable/llentry stores neighbor caches in each interface
separately. And the change brings one degradation; the old GC mechanism
dropped exceeded packets based on LRU while the new implementation drops
packets in order from the beginning of lltable (a hash table + linked
lists). It would be improved in the future.

Added functions in in6.c come from FreeBSD (as of r286629) and are
tweaked for NetBSD.

Proposed on tech-kern and tech-net.
2015-11-25 06:21:26 +00:00
ozaki-r
a84874a1a0 Remove an ifnet object from the global list before destructing it 2015-11-20 08:10:36 +00:00
christos
88b3ee5eb5 Add handling of VLAN packets in if_bridge where the parent interface supports
them (Jean-Jacques.Puig@espci.fr). Factor out the vlan_mtu enabling and
disabling code.
2015-11-19 16:23:54 +00:00
knakahara
fd06f20054 fix CID 980463 2015-11-11 03:57:57 +00:00
knakahara
e96c855269 fix panic after "ifconfig gifX tunnel src dst" failed for the reason of address pair duplication.
e.g.
    ====================
    # ifconfig gif0 create
    # ifconfig gif0 tunnel 192.168.0.1 192.168.0.2
    # ifconfig gif0 inet 172.16.0.1/24 172.16.0.2
    # route add 10.1.0.0/24 172.16.0.1

    # ifconfig gif1 create
    # ifconfig gif1 tunnel 192.168.0.1 192.168.0.3

    # ifconfig gif0 tunnel 192.168.0.1 192.168.0.3
    ifconfig: SIOCSLIFPHYADDR: Can't assign requested address # expected
    # ping 10.1.0.1
    (panic)
    ====================
2015-11-11 02:57:17 +00:00
christos
04542e546d correct mistake in previous 2015-11-10 18:22:46 +00:00
christos
fa11598f4c CID 980463: Provide common error path for rollback. Remove extra check for
success.
2015-11-10 17:59:37 +00:00
ozaki-r
e7339922fb Improve lock traces and add reference traces 2015-11-05 06:50:51 +00:00
christos
805ab1e001 Simplify even further and fix non-modular kernels:
We cannot use the init at attach() trick, because other npf ext modules
will load before the attach function is called on non modular kernels.
2015-10-29 15:19:43 +00:00
christos
c0dba4ec09 remove bogus KASSERT, there are error paths that don't satisfy this.
XXX: should improve error reporting to userland.
2015-10-28 01:54:10 +00:00
christos
32f4b28226 modules don't define MODULAR. 2015-10-27 19:58:09 +00:00
christos
afd95c9bf1 simplify (and fix) logic. 2015-10-27 19:31:55 +00:00
maxv
2f8be1878d Harmless alloc inconsistency; make sure the exact same argument is given to
kmem_alloc/kmem_free. Found by Brainy.
2015-10-20 14:46:45 +00:00
ozaki-r
e4a5751875 Stop using softnet_lock (fix possible deadlock)
Using softnet_lock for mutual exclusion between lltable_free and
arptimer was wrong and had an issue causing a deadlock between
them;  lltable_free waits arptimer completion by calling
callout_halt with softnet_lock that is held in arptimer, however
lltable_free also holds llentry's lock that is also held in
arptimer so arptimer never obtain the lock and both never go
forward eventually.  We have to pass llentry's lock to
callout_halt instead.
2015-10-20 07:35:15 +00:00
martin
d041befd31 Ifdef npf_init() the same way as all it's callers are protected. 2015-10-19 09:28:24 +00:00
christos
a6022a4b9e Fix the code so that it works in all 3 cases: non-modular, modular/builtin,
modular/filesystem. In the non-modular case we initialize through attach.
In the modular/builtin case we define the module to be class misc so it
attaches late (after percpu is initialized) since driver modules attach
too early.  In the modular/filesystem case we define it to be a driver
module since we autoload it via /dev/npf open.
2015-10-19 00:29:57 +00:00
jmcneill
f0bb3f7042 Defer initialization of built-in npf module until other pseudo-devices
are initialized. MODULE_CLASS_DRIVER modules are now initialized before
autoconfiguration starts, but npf_init has a dependency on percpu(9) which
doesn't work until CPUs have attached (at least on ARM).
2015-10-18 20:39:53 +00:00
christos
635094c1f5 needs to be driver, otherwise it will not load! 2015-10-18 18:48:01 +00:00
jmcneill
4e97921379 mark this MODULE_CLASS_MISC as npf_init cannot run when builtin driver modules are initialized 2015-10-17 13:53:40 +00:00
christos
d522fec9f5 PR/49386: Ryota Ozaki: Add a mutex for bpf creation/removal to avoid races.
Add M_CANFAIL to malloc.
2015-10-14 19:40:09 +00:00
rjs
8c2654abca Add core networking support for SCTP. 2015-10-13 21:28:34 +00:00
roy
222d6fab6a arpresolve() now returns 0 on success otherwise an error code.
Callers of arpresolve() now pass the error code back to their caller,
masking out EWOULDBLOCK.

This allows applications such as ping(8) to display a suitable error
condition.
2015-10-13 12:33:07 +00:00
ozaki-r
6a74db0c04 Fix LLE_TRY_UPGRADE when GATEWAY
It's expected to return a value.
2015-10-09 01:50:09 +00:00
roy
e600c51d95 Remove rt_ifa_localrequest().
In it's place, use rtrequest1() inside rt_ifa_addlocal() and
rtdeletemsg() inside rt_ifa_remlocal().

This removes the need for INET/INET6 specific code and allows
greater control over the creation of the local address route.
2015-10-07 09:44:26 +00:00
ozaki-r
ef5da9a970 Enqueue frames to a curcpu's pktqueue
Currently RX can run on a CPU other than CPU#0, so always enqueuing
to a pktqueue of CPU#0 makes no sense. Let's use a curcpu's pktqueue,
although bridge_foward softint doesn't run in parallel without
NET_MPSAFE.

This is a temporal solution. We need a fundamental solution.
2015-10-07 08:48:04 +00:00
ozaki-r
0e7ec84c8c Fix typo 2015-10-02 03:08:26 +00:00
ozaki-r
99284d7cc5 Make GATEWAY (fastforward) work again
With GATEWAY (fastforward), the whole forwarding processing runs in
hardware interrupt context. So we cannot use rwlock for lltable and
llentry in that case.

This change replaces rwlock with mutex(IPL_NET) for lltable and llentry
when GATEWAY is enabled. We need to tweak locking only around rtree
in lltable_free. Other than that, what we need to do is to change macros
for locks.

I hope fastforward runs in softint some day in the future...
2015-09-30 07:12:32 +00:00
ozaki-r
ad91e721ff Remove extra opt_gateway.h 2015-09-30 06:25:59 +00:00
ozaki-r
fc47734756 Tweak mutex_enter(softnet_lock) position
The previous code took locks the following order:
- LLE_WLOCKs
- mutex_enter(softnet_lock)
- LLE_WUNLOCKs
- mutex_exit(softnet_lock)

This fix moves mutex_enter(softnet_lock) before LLE_WLOCKs.
2015-09-28 07:55:26 +00:00
ozaki-r
30818f7132 Fix race condition on la_rt between lltable_free and other places touching la_rt
We have to touch la_rt always with holding softnet_lock. And we have to
use callout_halt with softnet_lock instead of callout_stop for
la_timer (arptimer) because arptimer holds softnet_lock inside it.

This fix may solve a kernel panic christos@ encountered.
2015-09-09 01:26:50 +00:00
dholland
1fbab01a93 More on PR 41200: headers that declare ioctls should include sys/ioccom.h.
This covers (I think) all the MI headers outside of external/ (and dist/).
2015-09-06 06:00:59 +00:00
dholland
0be2106b75 Uses _IOR/_IOW/etc. and thus needs sys/ioccom.h. PR 41200 2015-09-05 20:01:21 +00:00
ozaki-r
5392bf8aeb Add refcnt constraint checks for debugging
It's useful to know where the constraint is violated (by extra rtfree).
It's enabled only if DEBUG because it's heavy (O(n)).
2015-09-03 02:04:31 +00:00