1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-15 10:17:20 +00:00
Commit Graph

250 Commits

Author SHA1 Message Date
Sam Leffler
5c47350dad M_MOVE_PKTHDR must happen before any cluster is attached
Submitted by:	Harti Brandt <brandt@fokus.fraunhofer.de>
MFC after:	1 day
2003-02-18 06:20:16 +00:00
Alfred Perlstein
8deebb0160 Consolidate MIN/MAX macros into one place (param.h).
Submitted by: Hiten Pandya <hiten@unixdaemons.com>
2003-02-02 13:17:30 +00:00
Alfred Perlstein
44956c9863 Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.
Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
2003-01-21 08:56:16 +00:00
Hajimu UMEMOTO
a5c8d51908 "struct route" is not sufficient. NetBSD PR 18751
Obtained from:	KAME
MFC after:	1 days
2003-01-08 17:59:24 +00:00
Sam Leffler
53d96a08a4 don't reference a pkthdr after M_MOVE_PKTHDR has "remove it"; instead
reference the pkthdr now in the destination of the move

Sponsored by:	Vernier Networks
2003-01-06 21:33:54 +00:00
Sam Leffler
0e7dea8326 purge extraneous clears of M_PKTHDR since M_MOVE_PKTHDR does this already 2003-01-06 21:29:27 +00:00
Mike Barcroft
f08294ced0 Bah, just use %zu for printing size_t. 2003-01-06 16:31:39 +00:00
Mike Barcroft
ea4c7ada01 Cast return values of sizeof() to int so they can be printed with %d.
The size of this struct is unlikely to ever grow beyond what an int
can represent.

Noticed by:	alpha tinderbox
2003-01-06 04:33:46 +00:00
Sam Leffler
2268ca475b correct pkthdr length calculation for ipv6 echo packets; after moving a packet
header with M_MOVE_PKTHDR one should not reference the packet header in the
original packet; in this case the code was assuming that m_adj would alter
m_pkthdr.len which stopped happening because M_MOVE_PKTHDR removes the
M_PKTHDR bit from m_flags

Submitted by:	Bill Fenner <fenner@research.att.com>
2003-01-05 22:37:36 +00:00
Jens Schweikhardt
9d5abbddbf Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup,
especially in troff files.
2003-01-01 18:49:04 +00:00
Jens Schweikhardt
d64ada501a Fix typos, mostly s/ an / a / where appropriate and a few s/an/and/
Add FreeBSD Id tag where missing.
2002-12-30 21:18:15 +00:00
Sam Leffler
9967cafc49 Correct mbuf packet header propagation. Previously, packet headers
were sometimes propagated using M_COPY_PKTHDR which actually did
something between a "move" and a  "copy" operation.  This is replaced
by M_MOVE_PKTHDR (which copies the pkthdr contents and "removes" it
from the source mbuf) and m_dup_pkthdr which copies the packet
header contents including any m_tag chain.  This corrects numerous
problems whereby mbuf tags could be lost during packet manipulations.

These changes also introduce arguments to m_tag_copy and m_tag_copy_chain
to specify if the tag copy work should potentially block.  This
introduces an incompatibility with openbsd which we may want to revisit.

Note that move/dup of packet headers does not handle target mbufs
that have a cluster bound to them.  We may want to support this;
for now we watch for it with an assert.

Finally, M_COPYFLAGS was updated to include M_FIRSTFRAG|M_LASTFRAG.

Supported by:	Vernier Networks
Reviewed by:	Robert Watson <rwatson@FreeBSD.org>
2002-12-30 20:22:40 +00:00
Ruslan Ermilov
71eba91593 If the caller of rtrequest*(RTM_DELETE, ...) asked for a copy of
the entry being removed (ret_nrt != NULL), increment the entry's
rt_refcnt like we do it for RTM_ADD and RTM_RESOLVE, rather than
messing around with 1->0 transitions for rtfree() all over.
2002-12-25 10:21:02 +00:00
Jeffrey Hsu
956b0b653c SMP locking for radix nodes. 2002-12-24 03:03:39 +00:00
Jeffrey Hsu
b30a244c34 SMP locking for ifnet list. 2002-12-22 05:35:03 +00:00
Sam Leffler
69f05a0761 define HAVE_PPSRATECHECK now that we have this stuff in the kernel
(probably belongs elsewhere; add it this way for now so the system
will build)
2002-12-20 23:57:22 +00:00
Bosko Milekic
86fea6be59 o Untangle the confusion with the malloc flags {M_WAITOK, M_NOWAIT} and
the mbuf allocator flags {M_TRYWAIT, M_DONTWAIT}.
o Fix a bpf_compat issue where malloc() was defined to just call
  bpf_alloc() and pass the 'canwait' flag(s) along.  It's been changed
  to call bpf_alloc() but pass the corresponding M_TRYWAIT or M_DONTWAIT
  flag (and only one of those two).

Submitted by: Hiten Pandya <hiten@unixdaemons.com> (hiten->commit_count++)
2002-12-19 22:58:27 +00:00
Jeffrey Hsu
19fc74fb60 Lock up ifaddr reference counts. 2002-12-18 11:46:59 +00:00
SUZUKI Shinsuke
6645ef44ad fixed a bug that IPv6 multicast packet is not forwarded if its packet size is equal to the outgoing interface's MTU
Approved by: re
Obtained from: KAME
MFC after: 3 days
2002-12-16 01:41:07 +00:00
Hajimu UMEMOTO
35f6695bb2 plugged memory leakage in some erroneous cases
Obtained from:	KAME
MFC after:	1 week
2002-10-31 19:45:48 +00:00
Hajimu UMEMOTO
b6e2845324 last arg of in6?_gif_output() is not used any more.
Obtained from:	KAME
MFC after:	3 weeks
2002-10-17 17:47:55 +00:00
Hajimu UMEMOTO
ab94625826 use encapcheck.
Obtained from:	KAME
MFC after:	3 weeks
2002-10-16 20:16:49 +00:00
Hajimu UMEMOTO
9426aedf7f - after gif_set_tunnel(), psrc/pdst may be null. set IFF_RUNNING accordingly.
- set IFF_UP on SIOCSIFADDR.  be consistent with others.
- set if_addrlen explicitly (just in case)
- multi destination mode is long gone.
- missing break statement
- add gif_set_tunnel(), so that we can set tunnel address from within the
  kernel at ease.
- encap_attach/detach dynamically on ioctls
- move encap_attach() to dedicated function in in*_gif.c

Obtained from:	KAME
MFC after:	3 weeks
2002-10-16 19:49:37 +00:00
Sam Leffler
b9234fafa0 Tie new "Fast IPsec" code into the build. This involves the usual
configuration stuff as well as conditional code in the IPv4 and IPv6
areas.  Everything is conditional on FAST_IPSEC which is mutually
exclusive with IPSEC (KAME IPsec implmentation).

As noted previously, don't use FAST_IPSEC with INET6 at the moment.

Reviewed by:	KAME, rwatson
Approved by:	silence
Supported by:	Vernier Networks
2002-10-16 02:25:05 +00:00
Sam Leffler
5d84645305 Replace aux mbufs with packet tags:
o instead of a list of mbufs use a list of m_tag structures a la openbsd
o for netgraph et. al. extend the stock openbsd m_tag to include a 32-bit
  ABI/module number cookie
o for openbsd compatibility define a well-known cookie MTAG_ABI_COMPAT and
  use this in defining openbsd-compatible m_tag_find and m_tag_get routines
o rewrite KAME use of aux mbufs in terms of packet tags
o eliminate the most heavily used aux mbufs by adding an additional struct
  inpcb parameter to ip_output and ip6_output to allow the IPsec code to
  locate the security policy to apply to outbound packets
o bump __FreeBSD_version so code can be conditionalized
o fixup ipfilter's call to ip_output based on __FreeBSD_version

Reviewed by:	julian, luigi (silent), -arch, -net, darren
Approved by:	julian, silence from everyone else
Obtained from:	openbsd (mostly)
MFC after:	1 month
2002-10-16 01:54:46 +00:00
Alfred Perlstein
ebc82cbbf0 s/__attribute__((__packed__))/__packed/g 2002-09-23 06:25:08 +00:00
Crist J. Clark
784d7650f7 Lock the sysctl(8) knobs that turn ip{,6}fw(8) firewalling and
firewall logging on and off when at elevated securelevel(8). It would
be nice to be able to only lock these at securelevel >= 3, like rules
are, but there is no such functionality at present. I don't see reason
to be adding features to securelevel(8) with MAC being merged into 5.0.

PR:		kern/39396
Reviewed by:	luigi
MFC after:	1 week
2002-08-25 03:50:29 +00:00
Hajimu UMEMOTO
0731a74b08 check packet length before fetching ESP crypto checksum.
Obtained from:	KAME
MFC after:	2 days
2002-08-24 04:48:13 +00:00
Archie Cobbs
4a6a94d8d8 Replace (ab)uses of "NULL" where "0" is really meant. 2002-08-22 21:24:01 +00:00
Mike Barcroft
abbd890233 o Merge <machine/ansi.h> and <machine/types.h> into a new header
called <machine/_types.h>.
o <machine/ansi.h> will continue to live so it can define MD clock
  macros, which are only MD because of gratuitous differences between
  architectures.
o Change all headers to make use of this.  This mainly involves
  changing:
    #ifdef _BSD_FOO_T_
    typedef	_BSD_FOO_T_	foo_t;
    #undef _BSD_FOO_T_
    #endif
  to:
    #ifndef _FOO_T_DECLARED
    typedef	__foo_t	foo_t;
    #define	_FOO_T_DECLARED
    #endif

Concept by:	bde
Reviewed by:	jake, obrien
2002-08-21 16:20:02 +00:00
Don Lewis
26ef6ac4df Create new functions in_sockaddr(), in6_sockaddr(), and
in6_v4mapsin6_sockaddr() which allocate the appropriate sockaddr_in*
structure and initialize it with the address and port information passed
as arguments.  Use calls to these new functions to replace code that is
replicated multiple times in in_setsockaddr(), in_setpeeraddr(),
in6_setsockaddr(), in6_setpeeraddr(), in6_mapped_sockaddr(), and
in6_mapped_peeraddr().  Inline COMMON_END in tcp_usr_accept() so that
we can call in_sockaddr() with temporary copies of the address and port
after the PCB is unlocked.

Fix the lock violation in tcp6_usr_accept() (caused by calling MALLOC()
inside in6_mapped_peeraddr() while the PCB is locked) by changing
the implementation of tcp6_usr_accept() to match tcp_usr_accept().

Reviewed by:	suz
2002-08-21 11:57:12 +00:00
Juli Mallett
ded7008a07 Enclose IPv6 addresses in brackets when they are displayed printable with a
TCP/UDP port seperated by a colon.  This is for the log_in_vain facility.

Pointed out by:	Edward J. M. Brocklesby
Reviewed by:	ume
MFC after:	2 weeks
2002-08-19 19:47:13 +00:00
Maxim Sobolev
62f7648682 Increase size of ifnet.if_flags from 16 bits (short) to 32 bits (int). To avoid
breaking application ABI use unused ifreq.ifru_flags[1] for upper 16 bits in
SIOCSIFFLAGS and SIOCGIFFLAGS ioctl's.

Reviewed by:	-hackers, -net
2002-08-18 07:05:00 +00:00
Robert Watson
4b32dfdcd7 Introduce support for Mandatory Access Control and extensible
kernel access control.

When generating nd6 output on an interface, label the packet
appropriately.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-02 20:49:14 +00:00
Hajimu UMEMOTO
7b79862463 correct comment for setsockopt arg size.
Reported by:	Martin Laabs <martin@martin.erfurt.thur.de>
Obtained from:	KAME
MFC after:	1 week
2002-07-25 20:40:09 +00:00
Hajimu UMEMOTO
eccb7001ee cleanup usage of ip6_mapped_addr_on and ip6_v6only. now,
ip6_mapped_addr_on is unified into ip6_v6only.

MFC after:	1 week
2002-07-25 17:40:45 +00:00
Hajimu UMEMOTO
dcaecffe69 Change the default setting of an IPv4-mapped IPv6 address to off.
Requested by:	many people
2002-07-25 15:44:01 +00:00
Hajimu UMEMOTO
1225379557 make sure to set/unset INP_IPV4 according to a value
of IN6P_IPV6_V6ONLY

Reviewed by:	Keiichi SHIMA <keiichi@iij.ad.jp>
2002-07-24 19:19:53 +00:00
Hajimu UMEMOTO
854d3b19a2 do not refer to IN6P_BINDV6ONLY anymore.
Obtained from:	KAME
MFC after:	1 week
2002-07-22 15:51:02 +00:00
Hajimu UMEMOTO
a5b71fafb7 sin6_len is not an address family. I believe this doesn't
break compatibility with POSIX.1-2001.
2002-07-22 15:13:55 +00:00
Hajimu UMEMOTO
90171c93bb fixed to make mbuf chain.
Obtained from:	KAME
MFC after:	1 week
2002-07-18 04:18:56 +00:00
Hajimu UMEMOTO
b115006a67 - fixed a bug that we can't send a packet to ipv4mapped ipv6 address
using a udp6 socket without bind(2)ing.
- fbsd4/430 reported from the FreeBSD team.
- this fix is different from the fix reported in the above PR.  i think
  this better, but we need some test.

Obtained from:	KAME
MFC after:	3 weeks
2002-07-15 19:25:46 +00:00
Jeffrey Hsu
3ce144ea88 Notify functions can destroy the pcb, so they have to return an
indication of whether this happenned so the calling function
knows whether or not to unlock the pcb.

Submitted by:	Jennifer Yang (yangjihui@yahoo.com)
Bug reported by:  Sid Carter (sidcarter@symonds.net)
2002-06-14 08:35:21 +00:00
Jeffrey Hsu
bdc2055256 As a stop-gap measure, add one INP_LOCK_DESTROY() to in6_pcbdetach() to
get kernel compiled with INET6 to boot.
2002-06-12 06:01:22 +00:00
Jeffrey Hsu
f76fcf6d4c Lock up inpcb.
Submitted by:	Jennifer Yang <yangjihui@yahoo.com>
2002-06-10 20:05:46 +00:00
Hajimu UMEMOTO
0776834a11 __FreeBSD__ is not a compiler constant. We must use
__FreeBSD_version here.

Submitted by:	rwatson
2002-05-31 17:56:45 +00:00
Seigo Tanimura
4cc20ab1f0 Back out my lats commit of locking down a socket, it conflicts with hsu's work.
Requested by:	hsu
2002-05-31 11:52:35 +00:00
Mike Barcroft
9e2e036f90 o Conditionalize sections for POSIX.1-2001 compatibility.
o Use POSIX spelling for types, where possible.
o Define size_t in the __BSD_VISIBLE case (this isn't really needed
  for standards conformance, but follows the tradition of not
  requiring <sys/types.h> as a prerequisite).
o Use _BYTE_ORDER and friends instead of BYTE_ORDER and friends, since
  there may not be enough pollution in order for the latter to work.
o Add an XXX note about the missing IPPROTO_IPV6 macro.
2002-05-23 18:48:27 +00:00
Seigo Tanimura
243917fe3b Lock down a socket, milestone 1.
o Add a mutex (sb_mtx) to struct sockbuf. This protects the data in a
  socket buffer. The mutex in the receive buffer also protects the data
  in struct socket.

o Determine the lock strategy for each members in struct socket.

o Lock down the following members:

  - so_count
  - so_options
  - so_linger
  - so_state

o Remove *_locked() socket APIs.  Make the following socket APIs
  touching the members above now require a locked socket:

 - sodisconnect()
 - soisconnected()
 - soisconnecting()
 - soisdisconnected()
 - soisdisconnecting()
 - sofree()
 - soref()
 - sorele()
 - sorwakeup()
 - sotryfree()
 - sowakeup()
 - sowwakeup()

Reviewed by:	alfred
2002-05-20 05:41:09 +00:00
Hajimu UMEMOTO
88a89f8617 Recent zlib does not like Z_FLUSH at the end of inflate().
Reported by:	quak@mydiax.ch
Obtained from:	KAME
MFC after:	2 days
		and approved by re
2002-05-12 14:12:30 +00:00