NetBSD/sys/netinet6
dyoung c308b1c661 Here are various changes designed to protect against bad IPv4
routing caused by stale route caches (struct route).  Route caches
are sprinkled throughout PCBs, the IP fast-forwarding table, and
IP tunnel interfaces (gre, gif, stf).

Stale IPv6 and ISO route caches will be treated by separate patches.

Thank you to Christoph Badura for suggesting the general approach
to invalidating route caches that I take here.

Here are the details:

Add hooks to struct domain for tracking and for invalidating each
domain's route caches: dom_rtcache, dom_rtflush, and dom_rtflushall.

Introduce helper subroutines, rtflush(ro) for invalidating a route
cache, rtflushall(family) for invalidating all route caches in a
routing domain, and rtcache(ro) for notifying the domain of a new
cached route.

Chain together all IPv4 route caches where ro_rt != NULL.  Provide
in_rtcache() for adding a route to the chain.  Provide in_rtflush()
and in_rtflushall() for invalidating IPv4 route caches.  In
in_rtflush(), set ro_rt to NULL, and remove the route from the
chain.  In in_rtflushall(), walk the chain and remove every route
cache.

In rtrequest1(), call rtflushall() to invalidate route caches when
a route is added.

In gif(4), discard the workaround for stale caches that involves
expiring them every so often.

Replace the pattern 'RTFREE(ro->ro_rt); ro->ro_rt = NULL;' with a
call to rtflush(ro).

Update ipflow_fastforward() and all other users of route caches so
that they expect a cached route, ro->ro_rt, to turn to NULL.

Take care when moving a 'struct route' to rtflush() the source and
to rtcache() the destination.

In domain initializers, use .dom_xxx tags.

KNF here and there.
2006-12-09 05:33:04 +00:00
..
ah_aesxcbcmac.c merge ktrace-lwp. 2005-12-11 12:16:03 +00:00
ah_aesxcbcmac.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
ah_core.c __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
ah_input.c __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
ah_output.c fix spelling of accommodate; from Zapher. 2006-11-24 19:46:58 +00:00
ah.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
dest6.c __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
esp_aesctr.c __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
esp_aesctr.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
esp_core.c __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
esp_input.c __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
esp_output.c fix spelling of accommodate; from Zapher. 2006-11-24 19:46:58 +00:00
esp_rijndael.c __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
esp_rijndael.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
esp.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
files.ipsec Merge kernel and userland rmd160 and sha2 implementation. 2006-10-27 21:20:48 +00:00
files.netinet6 move tso-by-software code to their own files. no functional changes. 2006-11-25 18:41:36 +00:00
frag6.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
icmp6.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
in6_cksum.c PR 32653: mrt@notwork.org: remove 'sum += w[0]' left in previous revision. 2006-01-27 20:08:11 +00:00
in6_gif.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
in6_gif.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
in6_ifattach.c Use the TAILQ_/LIST_ macros instead of open-coding them. 2006-11-20 04:16:27 +00:00
in6_ifattach.h NDP-related improvements: 2006-03-05 23:47:08 +00:00
in6_offload.c move tso-by-software code to their own files. no functional changes. 2006-11-25 18:41:36 +00:00
in6_offload.h move tso-by-software code to their own files. no functional changes. 2006-11-25 18:41:36 +00:00
in6_pcb.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
in6_pcb.h Use the LWP cached credentials where sane. 2006-07-23 22:06:03 +00:00
in6_proto.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
in6_src.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
in6_var.h Use the queue(3) macros instead of open-coding them. Shorten 2006-12-02 18:59:17 +00:00
in6.c Synchronize access to the ifaddr list by in6_update_ifa() and 2006-12-02 20:40:58 +00:00
in6.h Commented out IPv6 socket options which are no longer supported. 2006-10-31 00:29:30 +00:00
ip6_etherip.c Explicitly include <sys/device.h>, which we need for `struct device'. 2006-12-06 21:42:38 +00:00
ip6_etherip.h New EtherIP driver based on tap(4) and gif(4) by Hans Rosenfeld. 2006-11-23 04:07:07 +00:00
ip6_forward.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
ip6_id.c Fix initializers. 2006-08-30 17:11:53 +00:00
ip6_input.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
ip6_mroute.c __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
ip6_mroute.h merge ktrace-lwp. 2005-12-11 12:16:03 +00:00
ip6_output.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
ip6_var.h Add support for RFC 3542 Adv. Socket API for IPv6 (which obsoletes 2292). 2006-05-05 00:03:21 +00:00
ip6protosw.h gc unused member. 2006-08-27 23:55:16 +00:00
ipcomp_core.c __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
ipcomp_input.c __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
ipcomp_output.c fix spelling of accommodate; from Zapher. 2006-11-24 19:46:58 +00:00
ipcomp.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
ipsec.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
ipsec.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
Makefile Remove KDIR=, since SYS_INCLUDE=symlinks and KDIR are not supported any more. 2002-11-26 23:30:07 +00:00
mld6_var.h NDP-related improvements: 2006-03-05 23:47:08 +00:00
mld6.c Fix a spelling error. 2006-11-29 03:05:12 +00:00
nd6_nbr.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
nd6_rtr.c Use LIST_/TAILQ_ macros, esp. LIST_FOREACH() and TAILQ_FOREACH(). 2006-11-20 04:34:16 +00:00
nd6.c fix spelling of accommodate; from Zapher. 2006-11-24 19:46:58 +00:00
nd6.h Use LIST_/TAILQ_ macros, esp. LIST_FOREACH() and TAILQ_FOREACH(). 2006-11-20 04:34:16 +00:00
pim6_var.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
pim6.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
raw_ip6.c Use the queue(3) macros instead of open-coding them. Shorten 2006-12-02 18:59:17 +00:00
raw_ip6.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
route6.c __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
scope6_var.h Better support of IPv6 scoped addresses. 2006-01-21 00:15:35 +00:00
scope6.c comment out impossible comparison. 2006-09-03 05:16:59 +00:00
udp6_output.c Use the LWP cached credentials where sane. 2006-07-23 22:06:03 +00:00
udp6_usrreq.c Use the LWP cached credentials where sane. 2006-07-23 22:06:03 +00:00
udp6_var.h Use the LWP cached credentials where sane. 2006-07-23 22:06:03 +00:00
udp6.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00