NetBSD/sys/netinet
dyoung c308b1c661 Here are various changes designed to protect against bad IPv4
routing caused by stale route caches (struct route).  Route caches
are sprinkled throughout PCBs, the IP fast-forwarding table, and
IP tunnel interfaces (gre, gif, stf).

Stale IPv6 and ISO route caches will be treated by separate patches.

Thank you to Christoph Badura for suggesting the general approach
to invalidating route caches that I take here.

Here are the details:

Add hooks to struct domain for tracking and for invalidating each
domain's route caches: dom_rtcache, dom_rtflush, and dom_rtflushall.

Introduce helper subroutines, rtflush(ro) for invalidating a route
cache, rtflushall(family) for invalidating all route caches in a
routing domain, and rtcache(ro) for notifying the domain of a new
cached route.

Chain together all IPv4 route caches where ro_rt != NULL.  Provide
in_rtcache() for adding a route to the chain.  Provide in_rtflush()
and in_rtflushall() for invalidating IPv4 route caches.  In
in_rtflush(), set ro_rt to NULL, and remove the route from the
chain.  In in_rtflushall(), walk the chain and remove every route
cache.

In rtrequest1(), call rtflushall() to invalidate route caches when
a route is added.

In gif(4), discard the workaround for stale caches that involves
expiring them every so often.

Replace the pattern 'RTFREE(ro->ro_rt); ro->ro_rt = NULL;' with a
call to rtflush(ro).

Update ipflow_fastforward() and all other users of route caches so
that they expect a cached route, ro->ro_rt, to turn to NULL.

Take care when moving a 'struct route' to rtflush() the source and
to rtcache() the destination.

In domain initializers, use .dom_xxx tags.

KNF here and there.
2006-12-09 05:33:04 +00:00
..
files.ipfilter defflag IPFILTER_LOOKUP. 2006-09-17 13:43:15 +00:00
files.netinet Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
icmp6.h 'advertisment' -> 'advertisement', from leonardo chiquitto filho 2006-03-07 18:15:28 +00:00
icmp_var.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
if_arp.c fix spelling of accidentally; from Zapher 2006-11-24 19:37:02 +00:00
if_atm.c __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
if_atm.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
if_ether.h typo. 2006-09-25 12:24:47 +00:00
if_inarp.h Integrate Common Address Redundancy Procotol (CARP) from OpenBSD 2006-05-18 09:05:49 +00:00
igmp_var.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
igmp.c Protect calls to pool_put/pool_get that may occur in interrupt context 2006-10-05 17:35:19 +00:00
igmp.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
in4_cksum.c merge ktrace-lwp. 2005-12-11 12:16:03 +00:00
in_cksum.c merge ktrace-lwp. 2005-12-11 12:16:03 +00:00
in_gif.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
in_gif.h New EtherIP driver based on tap(4) and gif(4) by Hans Rosenfeld. 2006-11-23 04:07:07 +00:00
in_ifattach.h Add a source-address selection policy mechanism to the kernel. 2006-11-13 05:13:38 +00:00
in_offload.c move tso-by-software code to their own files. no functional changes. 2006-11-25 18:41:36 +00:00
in_offload.h move tso-by-software code to their own files. no functional changes. 2006-11-25 18:41:36 +00:00
in_pcb_hdr.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
in_pcb.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
in_pcb.h Use the LWP cached credentials where sane. 2006-07-23 22:06:03 +00:00
in_proto.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
in_proto.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
in_route.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
in_route.h Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
in_selsrc.c __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
in_selsrc.h Add a source-address selection policy mechanism to the kernel. 2006-11-13 05:13:38 +00:00
in_systm.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
in_var.h Use the LWP cached credentials where sane. 2006-07-23 22:06:03 +00:00
in.c __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
in.h Add a source-address selection policy mechanism to the kernel. 2006-11-13 05:13:38 +00:00
ip6.h Add support for RFC 3542 Adv. Socket API for IPv6 (which obsoletes 2292). 2006-05-05 00:03:21 +00:00
ip_carp.c __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
ip_carp.h Prototype for tvtohz() is no longer needed here. 2006-06-13 15:57:15 +00:00
ip_ecn.c Import of TCP ECN algorithm for congestion control. 2006-09-05 00:29:35 +00:00
ip_ecn.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
ip_encap.c remove some dead code 2006-05-28 11:07:04 +00:00
ip_encap.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
ip_etherip.c Explicitly include <sys/device.h>, which we need for `struct device'. 2006-12-06 21:42:38 +00:00
ip_etherip.h New EtherIP driver based on tap(4) and gif(4) by Hans Rosenfeld. 2006-11-23 04:07:07 +00:00
ip_flow.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
ip_gre.c Use LIST_FOREACH(). 2006-11-16 22:54:14 +00:00
ip_gre.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
ip_icmp.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
ip_icmp.h Comment out attribute packed. Gcc4 warns us that the field is too narrow 2006-05-14 02:34:41 +00:00
ip_id.c static comes first 2006-08-30 18:54:19 +00:00
ip_input.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
ip_mroute.c __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
ip_mroute.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
ip_output.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
ip_var.h Change "inline" back to "__inline" in .h files -- C99 is still too 2006-02-16 20:17:12 +00:00
ip.h Import of TCP ECN algorithm for congestion control. 2006-09-05 00:29:35 +00:00
Makefile Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
pim_var.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
pim.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
raw_ip.c Introduce KAUTH_REQ_NETWORK_SOCKET_OPEN, to check if opening a socket is 2006-10-25 22:49:22 +00:00
tcp_congctl.c __unused removal on arguments; approved by core. 2006-11-16 01:32:37 +00:00
tcp_congctl.h constify. 2006-10-21 10:24:47 +00:00
tcp_debug.c merge ktrace-lwp. 2005-12-11 12:16:03 +00:00
tcp_debug.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
tcp_fsm.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
tcp_input.c Here are various changes designed to protect against bad IPv4 2006-12-09 05:33:04 +00:00
tcp_output.c move tso-by-software code to their own files. no functional changes. 2006-11-25 18:41:36 +00:00
tcp_sack.c add sack_dump(), a function to dump sack holes, if defined(DDB). 2006-10-21 10:26:21 +00:00
tcp_seq.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
tcp_subr.c add some more tcp mowners. 2006-12-06 09:10:45 +00:00
tcp_timer.c Modular (I tried ;-) TCP congestion control API. Whenever certain conditions 2006-10-09 16:27:07 +00:00
tcp_timer.h Fixed a bug in the timeout range constraint macro that can cause a timeout 2006-09-26 06:39:22 +00:00
tcp_usrreq.c add some more tcp mowners. 2006-12-06 09:10:45 +00:00
tcp_var.h add some more tcp mowners. 2006-12-06 09:10:45 +00:00
tcp.h Modular (I tried ;-) TCP congestion control API. Whenever certain conditions 2006-10-09 16:27:07 +00:00
tcpip.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00
udp_usrreq.c Remove ifndef COMPAT_42. No objections in tech-net. 2006-11-14 12:05:55 +00:00
udp_var.h merge ktrace-lwp. 2005-12-11 12:16:03 +00:00
udp.h Multiple inclusion protection, as suggested by christos@ on tech-kern@ 2005-12-10 23:31:41 +00:00