1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-29 12:03:03 +00:00
freebsd/sys/netinet
Bjoern A. Zeeb 813dd6ae5e Restrict arp, ndp and theoretically the FIB listing (if not
read with libkvm) to the addresses of a prison, when inside a
jail. [1]
As the patch from the PR was pre-'new-arp', add checks to the
llt_dump handlers as well.

While touching RTM_GET in route_output(), consistently use
curthread credentials rather than the creds from the socket
there. [2]

PR:		kern/68189
Submitted by:	Mark Delany <sxcg2-fuwxj@qmda.emu.st> [1]
Discussed with:	rwatson [2]
Reviewed by:	rwatson
MFC after:	4 weeks
2009-01-09 21:57:49 +00:00
..
libalias Conditionally compile out V_ globals while instantiating the appropriate 2008-12-10 23:12:39 +00:00
accf_data.c Add FBSDID to all files in netinet so that people can more 2007-10-07 20:44:24 +00:00
accf_dns.c Add an accept filter for TCP based DNS requests. It waits until the 2008-07-18 14:44:51 +00:00
accf_http.c Add FBSDID to all files in netinet so that people can more 2007-10-07 20:44:24 +00:00
icmp6.h Second round of putting global variables, which were virtualized 2008-12-13 19:13:03 +00:00
icmp_var.h Second round of putting global variables, which were virtualized 2008-12-13 19:13:03 +00:00
if_atm.c This main goals of this project are: 2008-12-15 06:10:57 +00:00
if_atm.h
if_ether.c Fix missed unlock and reference drop of lle 2008-12-24 05:31:26 +00:00
if_ether.h This main goals of this project are: 2008-12-15 06:10:57 +00:00
igmp_var.h Import rewrite of IPv4 socket multicast layer to support source-specific 2007-06-12 16:24:56 +00:00
igmp.c Rather than using hidden includes (with cicular dependencies), 2008-12-02 21:37:28 +00:00
igmp.h Stub out imported IGMPv3 definitions which clash with those of 2007-06-15 18:59:10 +00:00
in_cksum.c Add FBSDID to all files in netinet so that people can more 2007-10-07 20:44:24 +00:00
in_gif.c Rather than using hidden includes (with cicular dependencies), 2008-12-02 21:37:28 +00:00
in_gif.h
in_mcast.c This main goals of this project are: 2008-12-15 06:10:57 +00:00
in_pcb.c Fix fat-fingered comment. 2009-01-09 18:38:57 +00:00
in_pcb.h Implement a new IP option (not compiled/enabled by default) to allow 2009-01-09 16:02:19 +00:00
in_proto.c This main goals of this project are: 2008-12-15 06:10:57 +00:00
in_rmx.c This main goals of this project are: 2008-12-15 06:10:57 +00:00
in_systm.h
in_var.h This main goals of this project are: 2008-12-15 06:10:57 +00:00
in.c Restrict arp, ndp and theoretically the FIB listing (if not 2009-01-09 21:57:49 +00:00
in.h Better comment what the socket option does. Thanks to Sam Leffler 2009-01-09 17:18:17 +00:00
ip6.h Rather than using hidden includes (with cicular dependencies), 2008-12-02 21:37:28 +00:00
ip_carp.c This main goals of this project are: 2008-12-15 06:10:57 +00:00
ip_carp.h Make sure that carp_header is 36 bytes long 2006-12-01 18:37:41 +00:00
ip_divert.c Conditionally compile out V_ globals while instantiating the appropriate 2008-12-10 23:12:39 +00:00
ip_divert.h
ip_dummynet.c Conditionally compile out V_ globals while instantiating the appropriate 2008-12-10 23:12:39 +00:00
ip_dummynet.h Type of q_time (start of queue idle time) has changed: uint32_t -> uint64_t. 2008-10-28 14:14:57 +00:00
ip_ecn.c Add FBSDID to all files in netinet so that people can more 2007-10-07 20:44:24 +00:00
ip_ecn.h
ip_encap.c Add FBSDID to all files in netinet so that people can more 2007-10-07 20:44:24 +00:00
ip_encap.h
ip_fastfwd.c This main goals of this project are: 2008-12-15 06:10:57 +00:00
ip_fw2.c ipfw doesn't use the radix node head lock to protect the radix tree - remove acquisition 2008-12-16 11:06:30 +00:00
ip_fw_nat.c Put a global variables, which were virtualized but formerly 2008-12-11 16:26:38 +00:00
ip_fw_pfil.c IPFW's pfil hook/unhook code ignores the return values of pfil_add_hook() 2008-12-16 15:05:35 +00:00
ip_fw.h Second round of putting global variables, which were virtualized 2008-12-13 19:13:03 +00:00
ip_gre.c Enqueue de-capsulated packet instead of performing direct dispatch. It's 2008-07-04 21:01:30 +00:00
ip_gre.h
ip_icmp.c Rather than using hidden includes (with cicular dependencies), 2008-12-02 21:37:28 +00:00
ip_icmp.h Change the initialization methodology for global variables scheduled 2008-11-19 09:39:34 +00:00
ip_id.c Rather than using hidden includes (with cicular dependencies), 2008-12-02 21:37:28 +00:00
ip_input.c This main goals of this project are: 2008-12-15 06:10:57 +00:00
ip_ipsec.c Rather than using hidden includes (with cicular dependencies), 2008-12-02 21:37:28 +00:00
ip_ipsec.h Take the route mtu into account, if available, when sending an 2008-04-09 05:17:18 +00:00
ip_mroute.c Rather than using hidden includes (with cicular dependencies), 2008-12-02 21:37:28 +00:00
ip_mroute.h Add code to allow the system to handle multiple routing tables. 2008-05-09 23:03:00 +00:00
ip_options.c Rather than using hidden includes (with cicular dependencies), 2008-12-02 21:37:28 +00:00
ip_options.h Normalize style a bit: reduce pseudo-randomness of comment layout and 2007-05-11 10:48:30 +00:00
ip_output.c Fix indentation; add FALLTHROUGH. 2009-01-09 17:21:22 +00:00
ip_var.h Put a global variables, which were virtualized but formerly 2008-12-11 16:26:38 +00:00
ip.h Move CTASSERT from header file to source file, per implementation note now 2008-09-26 18:30:11 +00:00
pim_var.h
pim.h
raw_ip.c check pointer against NULL 2008-12-16 03:18:59 +00:00
sctp_asconf.c Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_asconf.h Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_auth.c Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_auth.h Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_bsd_addr.c Nit 2008-08-09 11:28:57 +00:00
sctp_bsd_addr.h 1) Adds the rest of the VIMAGE change macros 2008-07-09 16:45:30 +00:00
sctp_cc_functions.c - Macro-izes the packed declaration in all headers. 2008-06-14 07:58:05 +00:00
sctp_cc_functions.h 1) Adds the rest of the VIMAGE change macros 2008-07-09 16:45:30 +00:00
sctp_constants.h Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_crc32.c Reported by Yehuda Weinraub (yehudasa@gamil.com) - CRC32C algorithm 2008-10-18 15:53:31 +00:00
sctp_crc32.h 1) Adds the rest of the VIMAGE change macros 2008-07-09 16:45:30 +00:00
sctp_header.h Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_indata.c Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_indata.h Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_input.c Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_input.h 1) Adds the rest of the VIMAGE change macros 2008-07-09 16:45:30 +00:00
sctp_lock_bsd.h - Make strict-sacks be the default. 2008-08-28 09:44:07 +00:00
sctp_os_bsd.h Conditionally compile out V_ globals while instantiating the appropriate 2008-12-10 23:12:39 +00:00
sctp_os.h - Fix address add handling to clear cached routes and source addresses 2007-08-24 00:53:53 +00:00
sctp_output.c Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_output.h Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_pcb.c Conditionally compile out V_ globals while instantiating the appropriate 2008-12-10 23:12:39 +00:00
sctp_pcb.h Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_peeloff.c - Macro-izes the packed declaration in all headers. 2008-06-14 07:58:05 +00:00
sctp_peeloff.h - Copyright change, cisco's silly tool wants it to say: 2007-05-08 17:01:12 +00:00
sctp_structs.h Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_sysctl.c Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_sysctl.h Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_timer.c Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_timer.h Invariants changes that make more sense. 2008-10-27 13:53:31 +00:00
sctp_uio.h Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_usrreq.c Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp_var.h Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctp.h Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctputil.c Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
sctputil.h Code from the hack-session known as the IETF (and a 2008-12-06 13:19:54 +00:00
tcp_debug.c To my reading there are no real consumers of ip6_plen (IPv6 2008-09-07 20:44:45 +00:00
tcp_debug.h o Use a define for a buffer size. 2007-03-24 22:15:02 +00:00
tcp_fsm.h Make tcpstates[] static, and make sure TCPSTATES is defined before 2007-07-30 11:06:42 +00:00
tcp_hostcache.c Use inc_flags instead of the inc_isipv6 alias which so far 2008-12-17 12:52:34 +00:00
tcp_hostcache.h Add an essential .h file that skipped from the last commit (r185419). 2008-11-28 23:39:25 +00:00
tcp_input.c Use inc_flags instead of the inc_isipv6 alias which so far 2008-12-17 12:52:34 +00:00
tcp_lro.c Don't calculate checksum if it has already been validated 2008-08-24 02:31:09 +00:00
tcp_lro.h Add generic TCP LOR into netinet 2008-06-11 22:12:50 +00:00
tcp_offload.c Rather than using hidden includes (with cicular dependencies), 2008-12-02 21:37:28 +00:00
tcp_offload.h - Switch to INP_WLOCK macro from inp_wlock 2008-07-21 21:22:56 +00:00
tcp_output.c Rather than using hidden includes (with cicular dependencies), 2008-12-02 21:37:28 +00:00
tcp_reass.c Rather than using hidden includes (with cicular dependencies), 2008-12-02 21:37:28 +00:00
tcp_sack.c Conditionally compile out V_ globals while instantiating the appropriate 2008-12-10 23:12:39 +00:00
tcp_seq.h
tcp_subr.c Use inc_flags instead of the inc_isipv6 alias which so far 2008-12-17 12:52:34 +00:00
tcp_syncache.c Use inc_flags instead of the inc_isipv6 alias which so far 2008-12-17 12:52:34 +00:00
tcp_syncache.h Move syncache flag definitions below data structure, compress some vertical 2008-12-10 11:11:43 +00:00
tcp_timer.c Rather than using hidden includes (with cicular dependencies), 2008-12-02 21:37:28 +00:00
tcp_timer.h Two changes: 2007-09-24 05:26:24 +00:00
tcp_timewait.c Use inc_flags instead of the inc_isipv6 alias which so far 2008-12-17 12:52:34 +00:00
tcp_usrreq.c Use inc_flags instead of the inc_isipv6 alias which so far 2008-12-17 12:52:34 +00:00
tcp_var.h Second round of putting global variables, which were virtualized 2008-12-13 19:13:03 +00:00
tcp.h add rcv_nxt, snd_nxt, and toe offload id to FreeBSD-specific 2008-05-05 20:13:31 +00:00
tcpip.h
toedev.h Don't check if an interface can do tcp offload if there are no offload devices registered on the system. 2008-09-01 05:30:22 +00:00
udp_usrreq.c Addresses Roberts comments on comments. Also adds 2009-01-06 13:27:56 +00:00
udp_var.h Add the ability of an alternate transport protocol 2009-01-06 12:13:40 +00:00
udp.h Gratuitous UDP restyling toward style(9) in 7.x. 2007-02-20 10:13:11 +00:00
vinet.h De-virtualize the MD5 context for TCP initial seq number generation 2008-12-13 21:59:18 +00:00