Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
253,197 Commits 606 Branches 0 Tags 3.1 GiB
Commit Graph

1664 Commits

Author SHA1 Message Date
christos b9baaeeb55 PR/52382: BERTRAND Joel: Fix mapped IPv4 source selection; this got broken 
in the last code refactoring. in6_selectif failing is not fatal.
XXX: pullup-8
 2017-08-27 12:34:21 +00:00
christos a2c4fad4b4 PR/52472: Edgar Fuss: Document handling of scoped IPv6 addresses by embedding 
ASCII art from:
	IPv6 Core Protocols Implementation
	By Qing Li, Tatuya Jinmei, Keiichi Shima
	Page 56, Figure 2.12
 2017-08-09 17:20:44 +00:00
ozaki-r ae6fc59569 Add missing IPsec policy checks to icmp6_rip6_input 
icmp6_rip6_input is quite similar to rip6_input and the same checks exist
in rip6_input.
 2017-08-02 02:18:17 +00:00
ozaki-r 0c084e85e9 Make IPsec SPD MP-safe 
We use localcount(9), not psref(9), to make the sptree and secpolicy (SP)
entries MP-safe because SPs need to be referenced over opencrypto
processing that executes a callback in a different context.

SPs on sockets aren't managed by the sptree and can be destroyed in softint.
localcount_drain cannot be used in softint so we delay the destruction of
such SPs to a thread context. To do so, a list to manage such SPs is added
(key_socksplist) and key_timehandler_spd deletes dead SPs in the list.

For more details please read the locking notes in key.c.

Proposed on tech-kern@ and tech-net@
 2017-08-02 01:28:02 +00:00
ozaki-r e1c9808fed Don't acquire global locks for IPsec if NET_MPSAFE 
Note that the change is just to make testing easy and IPsec isn't MP-safe yet.
 2017-07-27 06:59:28 +00:00
knakahara a431af6bf4 l2tp(4): fix mbuf leak when tunnel nested over the limit 
XXX need pullup -8 branch
 2017-07-11 05:03:45 +00:00
knakahara 25917aa5e0 fix PR kern/52353. implemented by ozaki-r@n.o. I just commit by proxy. 
XXX need to pullup to -8.
 2017-07-07 00:55:15 +00:00
christos 1922edaa5b remove unnecessary casts; use sizeof(var) instead of sizeof(type). 2017-07-06 17:14:35 +00:00
christos 2b50acc97b Merge the two copies SO_TIMESTAMP/SO_OTIMESTAMP processing to a single 
function, and add a SOOPT_TIMESTAMP define reducing compat pollution from
5 places to 1.
 2017-07-06 17:08:57 +00:00
ozaki-r 50558ab0df Fix usage of ip6_get_membership 
It may set nothing to ifp even if returning 0. So we need to NULL-clear
ifp before calling it.

Fix PR kern/52324
 2017-06-26 08:01:53 +00:00
ozaki-r d59e7b9e71 Purge ARP/NDP entries on an interface when the interface is down 
Fix PR kern/51179
 2017-06-22 09:53:24 +00:00
ozaki-r a4910d9c60 Allow in6_lltable_free_entry to be called without holding the afdata lock of ifp as well as in_lltable_free_entry 
This behavior is a bit odd and should be fixed in the future...
 2017-06-22 09:29:23 +00:00
ozaki-r e765209802 Remove unused function (nd6_rem_ifa_lle) 2017-06-22 09:24:02 +00:00
ozaki-r dc9233b94b Don't create a permanent L2 cache entry on adding an address to an interface 
It was created to copy FreeBSD, however actually the cache isn't
necessary. Remove it to simplify the code and reduce the cost to
maintain it (e.g., keep a consistency with a corresponding local
route).
 2017-06-21 09:05:31 +00:00
ozaki-r 5ecc1e1d8c Sending a routing message (RTM_ADD) on adding an llentry 
A message used to be sent on adding a cloned route. Restore the
behavior for backward compatibility.

Requested by ryo@
 2017-06-16 02:24:54 +00:00
chs fd34ea77eb remove checks for failure after memory allocation calls that cannot fail: 
kmem_alloc() with KM_SLEEP
  kmem_zalloc() with KM_SLEEP
  percpu_alloc()
  pserialize_create()
  psref_class_create()

all of these paths include an assertion that the allocation has not failed,
so callers should not assert that again.
 2017-06-01 02:45:05 +00:00
kardel acf7aadada avoid a double ifa_release() and thus a panic when e. g. running ifmcstat 2017-05-13 20:13:26 +00:00
ozaki-r 808b116a48 Add missing KEY_FREESP to ip6_forward 2017-05-09 04:24:10 +00:00
ozaki-r c33d80e3e4 Don't output debugging logs just if DIAGNOSTIC 
Also make log messages informative.
 2017-04-28 05:56:33 +00:00
ozaki-r 5cfcce1f60 Check if solock of PCB is held when SP caches in the PCB are accessed 
To this end, a back pointer from inpcbpolicy to inpcb_hdr is added.
 2017-04-25 05:44:11 +00:00
ozaki-r c5b713b4e3 Fix build of kernel with SCTP 2017-04-20 09:19:19 +00:00
ozaki-r ed8b1986a9 Remove unnecessary NULL checks for inp_socket and in6p_socket 
They cannot be NULL except for programming errors.
 2017-04-20 08:46:07 +00:00
ozaki-r c4cc9034cb Simplify logic of udp4_sendup and udp6_sendup 
They are always passed a socket with the same protocol faimiliy
as its own: AF_INET for udp4_sendup and AF_INET6 for udp6_sendup.
 2017-04-20 08:45:09 +00:00
ozaki-r 469c0f099a Rumpify netipsec 
Note that we should modularize netipsec and reduce reverse symbol references
(referencing symbols of netipsec from net, netinet and netinet6) though,
the task needs lots of code changes. Prior to doing so, rumpifying it and
having ATF tests should be useful.
 2017-04-14 02:43:27 +00:00
knakahara 685eeb51f1 fix module build 2017-04-04 23:49:17 +00:00
sevan cb2085f041 Revert change to allow builds to continue until the missing vlan.h file is committed. 
https://mail-index.netbsd.org/source-changes/2017/04/04/msg083283.html
 2017-04-04 16:49:15 +00:00
knakahara 6f4f1b05e1 remove unnecessary if_vlanvar.h. add missing include "vlan.h". 
pointed out by s-yamaguchi@IIJ, thanks.
 2017-04-04 10:25:38 +00:00
knakahara d35df4a96d remove duplicated validation. That is already done in l2tp_lookup_session_ref(). 
pointed out by s-yamaguchi@IIJ, thanks.
 2017-03-30 23:13:54 +00:00
ozaki-r 07a4b673ca Replace DIAGNOSTIC + panic with KASSERT 2017-03-14 04:25:10 +00:00
ozaki-r 4ea7185a98 Replace DIAGNOSTIC + panic with CTASSERT 2017-03-14 04:24:04 +00:00
ozaki-r 752d3b8752 Remove unnecessary NULL check 2017-03-14 04:21:38 +00:00
ozaki-r 2495e7a0c7 Pass inpcb/in6pcb instead of socket to ip_output/ip6_output 
- Passing a socket to Layer 3 is layer violation and even unnecessary
- The change makes codes of callers and IPsec a bit simple
 2017-03-03 07:13:06 +00:00
msaitoh f71865e18b Add missing opt_net_mpsafe.h. 2017-03-03 06:27:20 +00:00
ozaki-r f27f4e283c Plug a race condition on accessing i6mm_maddr 2017-03-02 09:48:20 +00:00
ozaki-r 362a23cbc0 Fix racy in6m_sol 
Relook up the entry instead of reusing it, which makes locking simple.
 2017-03-02 09:16:46 +00:00
ozaki-r 549f799fbf Protect ia6_memberships by in6_ifaddr_lock 2017-03-02 05:27:39 +00:00
ozaki-r 3e6e186e8a Make sure im6o_memberships is protected by in6p's lock (solock) 2017-03-02 05:26:24 +00:00
ozaki-r 36ae5d22b0 Make usages of ifp MP-safe in some functions of IP multicast 2017-03-02 05:24:23 +00:00
ozaki-r 0b2f4040ea Use LIST_* macros 
No functional change.
 2017-03-02 01:05:02 +00:00
ozaki-r 73c95a6a4c Make IPv6 multicast MP-safe partially 
To complete the task, we need to make users of IPv6 multicast MP-safe, for
example socket/PCB and CARP.
 2017-03-01 09:09:37 +00:00
ozaki-r ef30413ffd Provide in6_multi_group 
Use it when checking if we belong to the group, instead of in6_lookup_multi.

No functional change.
 2017-03-01 08:54:12 +00:00
ozaki-r 2496195667 Restore/add some softnet_lock for nd6_rt_flush and defrouter_addreq 
May help PR kern/52015
 2017-03-01 03:02:35 +00:00
ozaki-r 2d60fd0074 Separate the code of joining multicast groups 
No functional change.
 2017-02-28 04:07:11 +00:00
ozaki-r b44b24fe31 Prevent ia6 from being freed in in6_ifinit 
It fixes a panic (diagnostic assertion "entry->ple_prevp != NULL" failed)
on:
  ifconfig lo1 create
  ifconfig lo1 127.0.0.2
reported by ryo@
 2017-02-28 02:56:49 +00:00
ozaki-r 00a9cf741d Remove mkludge stuffs 
For unknown reasons, IPv6 multicast addresses are linked to a first
IPv6 address assigned to an interface. Due to the design, when removing
a first address having multicast addresses, we need to save them to
somewhere and later restore them once a new IPv6 address is activated.
mkludge stuffs support the operations.

This change links multicast addresses to an interface directly and
throws the kludge away.

Note that as usual some obsolete member variables remain for kvm(3)
users. And also sysctl net.inet6.multicast_kludge remains to avoid
breaking old ifmcstat.

TODO: currently ifnet has a list of in6_multi but obviously the list
should be protocol independent. Provide a common structure (if_multi
or something) to handle in6_multi and in_multi together as well as
ifaddr does for in_ifaddr and in6_ifaddr.
 2017-02-23 07:57:09 +00:00
ozaki-r 40914f019e Stop using useless IN6_*_MULTI macros 2017-02-22 07:46:00 +00:00
ozaki-r fcf7d70e3a Get rid of unnecessary splsoftnet 2017-02-22 07:05:47 +00:00
ozaki-r 559b831490 Add assertions and comments for lock states of socket and pcb 2017-02-22 07:05:04 +00:00
ozaki-r 66d96cc093 Use kmem istead of malloc 2017-02-22 03:41:54 +00:00
ozaki-r 93f6b1d8be Fix prefix invalidation via nd6_timer 
We cannot remove a prefix there. Instead just invalidate it; the prefix
will be removed when purging an associated address. This is the same as
the original behavior.
 2017-02-22 03:02:55 +00:00