Commit Graph

156 Commits

Author SHA1 Message Date
ad 88ab7da936 Merge some of the less invasive changes from the vmlocking branch:
- kthread, callout, devsw API changes
- select()/poll() improvements
- miscellaneous MT safety improvements
2007-07-09 20:51:58 +00:00
degroote 68c3173bb4 When we construct an answer for SADB_X_SPDGET, don't use an hardcoded 0 for seq but
the seq used by the request. It will improve consistency with the answer of SADB_GET
request and helps some applications which relies both on seq and pid.

Reported by  Karl Knutsson by pr/36119.
2007-04-11 21:33:40 +00:00
degroote 507fd51bd3 Call key_checkspidup with spi in network bit order in order to make correct
comparaison with spi stored into the sadb.

Reported by Karl Knutsson in kern/36038 .
2007-03-21 22:38:34 +00:00
christos 53524e44ef Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. 2007-03-04 05:59:00 +00:00
dyoung 5493f188c7 KNF: de-__P, bzero -> memset, bcmp -> memcmp. Remove extraneous
parentheses in return statements.

Cosmetic: don't open-code TAILQ_FOREACH().

Cosmetic: change types of variables to avoid oodles of casts: in
   in6_src.c, avoid casts by changing several route_in6 pointers
   to struct route pointers.  Remove unnecessary casts to caddr_t
   elsewhere.

Pave the way for eliminating address family-specific route caches:
   soon, struct route will not embed a sockaddr, but it will hold
   a reference to an external sockaddr, instead.  We will set the
   destination sockaddr using rtcache_setdst().  (I created a stub
   for it, but it isn't used anywhere, yet.)  rtcache_free() will
   free the sockaddr.  I have extracted from rtcache_free() a helper
   subroutine, rtcache_clear().  rtcache_clear() will "forget" a
   cached route, but it will not forget the destination by releasing
   the sockaddr.  I use rtcache_clear() instead of rtcache_free()
   in rtcache_update(), because rtcache_update() is not supposed
   to forget the destination.

Constify:

   1 Introduce const accessor for route->ro_dst, rtcache_getdst().

   2 Constify the 'dst' argument to ifnet->if_output().  This
     led me to constify a lot of code called by output routines.

   3 Constify the sockaddr argument to protosw->pr_ctlinput.  This
     led me to constify a lot of code called by ctlinput routines.

   4 Introduce const macros for converting from a generic sockaddr
     to family-specific sockaddrs, e.g., sockaddr_in: satocsin6,
     satocsin, et cetera.
2007-02-17 22:34:07 +00:00
hubertf 142c2a33ba Remove duplicate #includes, patch contributed in private mail
by Slava Semushin <slava.semushin@gmail.com>.

To verify that no nasty side effects of duplicate includes (or their
removal) have an effect here, I've compiled an i386/ALL kernel with
and without the patch, and the only difference in the resulting .o
files was in shifted line numbers in some assert() calls.
The comparison of the .o files was based on the output of "objdump -D".

Thanks to martin@ for the input on testing.
2007-01-24 13:08:11 +00:00
joerg eb04733c4e Introduce new helper functions to abstract the route caching.
rtcache_init and rtcache_init_noclone lookup ro_dst and store
the result in ro_rt, taking care of the reference counting and
calling the domain specific route cache.
rtcache_free checks if a route was cashed and frees the reference.
rtcache_copy copies ro_dst of the given struct route, checking that
enough space is available and incrementing the reference count of the
cached rtentry if necessary.
rtcache_check validates that the cached route is still up. If it isn't,
it tries to look it up again. Afterwards ro_rt is either a valid again
or NULL.
rtcache_copy is used internally.

Adjust to callers of rtalloc/rtflush in the tree to check the sanity of
ro_dst first (if necessary). If it doesn't fit the expectations, free
the cache, otherwise check if the cached route is still valid. After
that combination, a single check for ro_rt == NULL is enough to decide
whether a new lookup needs to be done with a different ro_dst.
Make the route checking in gre stricter by repeating the loop check
after revalidation.
Remove some unused RADIX_MPATH code in in6_src.c. The logic is slightly
changed here to first validate the route and check RTF_GATEWAY
afterwards. This is sementically equivalent though.
etherip doesn't need sc_route_expire similiar to the gif changes from
dyoung@ earlier.

Based on the earlier patch from dyoung@, reviewed and discussed with
him.
2006-12-15 21:18:52 +00:00
he 4bc99ef5ff Remove a superfluous cast. 2006-12-10 11:19:15 +00:00
dyoung 0aaca355b2 Fix misplaced ampersand. Noticed by Greg Troxel. 2006-12-09 19:29:18 +00:00
dyoung c308b1c661 Here are various changes designed to protect against bad IPv4
routing caused by stale route caches (struct route).  Route caches
are sprinkled throughout PCBs, the IP fast-forwarding table, and
IP tunnel interfaces (gre, gif, stf).

Stale IPv6 and ISO route caches will be treated by separate patches.

Thank you to Christoph Badura for suggesting the general approach
to invalidating route caches that I take here.

Here are the details:

Add hooks to struct domain for tracking and for invalidating each
domain's route caches: dom_rtcache, dom_rtflush, and dom_rtflushall.

Introduce helper subroutines, rtflush(ro) for invalidating a route
cache, rtflushall(family) for invalidating all route caches in a
routing domain, and rtcache(ro) for notifying the domain of a new
cached route.

Chain together all IPv4 route caches where ro_rt != NULL.  Provide
in_rtcache() for adding a route to the chain.  Provide in_rtflush()
and in_rtflushall() for invalidating IPv4 route caches.  In
in_rtflush(), set ro_rt to NULL, and remove the route from the
chain.  In in_rtflushall(), walk the chain and remove every route
cache.

In rtrequest1(), call rtflushall() to invalidate route caches when
a route is added.

In gif(4), discard the workaround for stale caches that involves
expiring them every so often.

Replace the pattern 'RTFREE(ro->ro_rt); ro->ro_rt = NULL;' with a
call to rtflush(ro).

Update ipflow_fastforward() and all other users of route caches so
that they expect a cached route, ro->ro_rt, to turn to NULL.

Take care when moving a 'struct route' to rtflush() the source and
to rtcache() the destination.

In domain initializers, use .dom_xxx tags.

KNF here and there.
2006-12-09 05:33:04 +00:00
christos 168cd830d2 __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
smb f182d6d2ee Fix argument order 2006-10-14 21:05:40 +00:00
christos 8056b71c34 more __unused 2006-10-14 18:59:57 +00:00
christos 4d595fd7b1 - sprinkle __unused on function decls.
- fix a couple of unused bugs
- no more -Wno-unused for i386
2006-10-12 01:30:41 +00:00
christos 10f27c9c57 remove impossible comparison 2006-09-02 06:39:27 +00:00
ad f474dceb13 Use the LWP cached credentials where sane. 2006-07-23 22:06:03 +00:00
kardel de4337ab21 merge FreeBSD timecounters from branch simonb-timecounters
- struct timeval time is gone
  time.tv_sec -> time_second
- struct timeval mono_time is gone
  mono_time.tv_sec -> time_uptime
- access to time via
	{get,}{micro,nano,bin}time()
	get* versions are fast but less precise
- support NTP nanokernel implementation (NTP API 4)
- further reading:
  Timecounter Paper: http://phk.freebsd.dk/pubs/timecounter.pdf
  NTP Nanokernel: http://www.eecis.udel.edu/~mills/ntp/html/kern.html
2006-06-07 22:33:33 +00:00
rpaulo c87dd30f36 Make this compile without INET6. Spotted by Arto Selonen and Kurt
Schreiner.
2006-01-25 15:12:05 +00:00
rpaulo 78678b130a Better support of IPv6 scoped addresses.
- most of the kernel code will not care about the actual encoding of
  scope zone IDs and won't touch "s6_addr16[1]" directly.
- similarly, most of the kernel code will not care about link-local
  scoped addresses as a special case.
- scope boundary check will be stricter.  For example, the current
  *BSD code allows a packet with src=::1 and dst=(some global IPv6
  address) to be sent outside of the node, if the application do:
    s = socket(AF_INET6);
    bind(s, "::1");
    sendto(s, some_global_IPv6_addr);
  This is clearly wrong, since ::1 is only meaningful within a single
  node, but the current implementation of the *BSD kernel cannot
  reject this attempt.
- and, while there, don't try to remove the ff02::/32 interface route
  entry in in6_ifdetach() as it's already gone.

This also includes some level of support for the standard source
address selection algorithm defined in RFC3484, which will be
completed on in the future.

From the KAME project via JINMEI Tatuya.
Approved by core@.
2006-01-21 00:15:35 +00:00
christos 95e1ffb156 merge ktrace-lwp. 2005-12-11 12:16:03 +00:00
manu a02c0f01ca Make sure that the port numbers are set to 0 in SAD and SPD when NAT-T
is not enabled. While we are here, add some safety tests on PFKEY
messages

This fixes the problem described in bin/30437
2005-10-03 13:14:38 +00:00
manu 771a32d331 Another NAT-T fix: don't check for port information in transport mode, as there
is no port information.
2005-07-03 22:57:09 +00:00
christos 8eaf136917 - sprinkle const
- change b*() -> mem*()
- rename shadowed variables.
2005-05-29 21:29:43 +00:00
manu b83e2b6cb3 Yet another NAT-T fix: don't forbid SP with ports in the policy 2005-05-05 12:08:24 +00:00
manu 29ba532e9b After more testing, it turns out that we don't really need to check the
source address to make NAT-T working with multiple clients behind the NAT.
Remove that check for the sake of RFC 2401 conformance.
2005-04-25 08:39:28 +00:00
manu 455d55f55b Enhance IPSEC_NAT_T so that it can work with multiple machines behind the
same NAT.
2005-04-23 14:05:28 +00:00
manu c5a5178582 Send NAT-T ports in SAD dump so that setkey -D can display them. 2005-04-20 15:44:12 +00:00
perry bcfcddbac1 nuke trailing whitespace 2005-02-26 22:31:44 +00:00
manu 5c217c1a67 Add support for IPsec Network Address Translator traversal (NAT-T), as
described by RFC 3947 and 3948.
2005-02-12 12:31:07 +00:00
itojun 4db58ab415 fixed a unexpected addr/port matching failure in SA management
FreeBSD-PR: kern/72393
2005-01-11 01:30:17 +00:00
itojun 8d487352ba move SA header to DEAD if there's no children. markus@openbsd 2004-12-06 08:07:28 +00:00
itojun bc4b33d8be reqid (for unique policy) is u_int16_t quantity. from markus@openbsd 2004-12-06 08:05:26 +00:00
itojun b637834754 m->m_next check here is not needed, since we make no assumption on m_len below,
and key_align() may chop mbuf into multiple mbufs.
from freebsd via kame
2004-09-28 04:24:54 +00:00
itojun 3b68465490 as we use arc4random(9) for random number, we no longer need to reseed random
number.  noted by rwatson@freebsd
2004-08-27 04:56:16 +00:00
itojun 19dd3c9508 send error up when error happens during SADB_UPDATE. kame-pr-785 2004-08-03 15:53:03 +00:00
itojun 7bd231952e safer key_{spd,}dump. comment from yamt.
XXX is spl level ok?
2004-05-31 04:29:01 +00:00
itojun 2cb6995056 dump/spddump can now handle tons of records. 2004-05-26 02:59:15 +00:00
yamt c9290b239d key_sp_unlink: decrement refcnt of the policy only if it was chained.
otherwise SADB_X_SPDDELETE2 and SADB_X_SPDFLUSH can free per-pcb policies
erroneously.  it's the identical with what kame repository has.

ok'ed by itojun@
2004-05-10 09:30:23 +00:00
itojun 23973135aa fix key_mature for tcp md5 signature 2004-04-26 04:39:17 +00:00
itojun 06dd2ce65c add missing "break" 2004-04-26 04:00:06 +00:00
itojun e0395ac8f0 make TCP MD5 signature work with KAME IPSEC (#define IPSEC).
support IPv6 if KAME IPSEC (RFC is not explicit about how we make data stream
for checksum with IPv6, but i'm pretty sure using normal pseudo-header is the
right thing).

XXX
current TCP MD5 signature code has giant flaw:
it does not validate signature on input (can't believe it! what is the point?)
2004-04-26 03:54:28 +00:00
matt e06794e93a Remove #else of #if __STDC__ 2004-04-26 01:41:15 +00:00
itojun 25b85e1925 fixed a memory leak (refcnt) in #ifdef IPSEC_DOSEQCHECK portion 2004-04-12 07:50:56 +00:00
atatat 19af35fd0d Tango on sysctl_createv() and flags. The flags have all been renamed,
and sysctl_createv() now uses more arguments.
2004-03-24 15:34:46 +00:00
wiz f05e6f1a3a occured -> occurred. From Peter Postma. 2004-02-24 15:12:51 +00:00
itojun 7df1e71161 invalidate pcb policy cache on key_timehandler(). part of
http://sources.zabbadoz.net/freebsd/patchset/110-ipsec-netkey-key.diff
2004-01-14 04:11:13 +00:00
itojun 45e487aa97 secpolicy refcnt mistake (missing key_freesp). part of
http://sources.zabbadoz.net/freebsd/patchset/110-ipsec-netkey-key.diff
2004-01-13 23:02:40 +00:00
itojun b37e7ce6ef do not touch sav->xx after key_freesav(). from hajimu umemoto 2003-12-10 23:46:42 +00:00
atatat 13f8d2ce5f Dynamic sysctl.
Gone are the old kern_sysctl(), cpu_sysctl(), hw_sysctl(),
vfs_sysctl(), etc, routines, along with sysctl_int() et al.  Now all
nodes are registered with the tree, and nodes can be added (or
removed) easily, and I/O to and from the tree is handled generically.

Since the nodes are registered with the tree, the mapping from name to
number (and back again) can now be discovered, instead of having to be
hard coded.  Adding new nodes to the tree is likewise much simpler --
the new infrastructure handles almost all the work for simple types,
and just about anything else can be done with a small helper function.

All existing nodes are where they were before (numerically speaking),
so all existing consumers of sysctl information should notice no
difference.

PS - I'm sorry, but there's a distinct lack of documentation at the
moment.  I'm working on sysctl(3/8/9) right now, and I promise to
watch out for buses.
2003-12-04 19:38:21 +00:00
itojun bf72fd111d missing splx. Hajimu UMEMOTO via kame 2003-11-27 18:26:46 +00:00