diff options
author | zec <zec@FreeBSD.org> | 2008-12-10 23:12:39 +0000 |
---|---|---|
committer | zec <zec@FreeBSD.org> | 2008-12-10 23:12:39 +0000 |
commit | 7b573d1496799fd4543bfa925fd691d650b3c628 (patch) | |
tree | 69ada7d351f2f4e8f7205f24e4f8473aad40573d /sys/netinet | |
parent | f30a0a94fe04dfbd42fcd3337a2bed2f65bd9c4c (diff) | |
download | FreeBSD-src-7b573d1496799fd4543bfa925fd691d650b3c628.zip FreeBSD-src-7b573d1496799fd4543bfa925fd691d650b3c628.tar.gz |
Conditionally compile out V_ globals while instantiating the appropriate
container structures, depending on VIMAGE_GLOBALS compile time option.
Make VIMAGE_GLOBALS a new compile-time option, which by default will not
be defined, resulting in instatiations of global variables selected for
V_irtualization (enclosed in #ifdef VIMAGE_GLOBALS blocks) to be
effectively compiled out. Instantiate new global container structures
to hold V_irtualized variables: vnet_net_0, vnet_inet_0, vnet_inet6_0,
vnet_ipsec_0, vnet_netgraph_0, and vnet_gif_0.
Update the VSYM() macro so that depending on VIMAGE_GLOBALS the V_
macros resolve either to the original globals, or to fields inside
container structures, i.e. effectively
#ifdef VIMAGE_GLOBALS
#define V_rt_tables rt_tables
#else
#define V_rt_tables vnet_net_0._rt_tables
#endif
Update SYSCTL_V_*() macros to operate either on globals or on fields
inside container structs.
Extend the internal kldsym() lookups with the ability to resolve
selected fields inside the virtualization container structs. This
applies only to the fields which are explicitly registered for kldsym()
visibility via VNET_MOD_DECLARE() and vnet_mod_register(), currently
this is done only in sys/net/if.c.
Fix a few broken instances of MODULE_GLOBAL() macro use in SCTP code,
and modify the MODULE_GLOBAL() macro to resolve to V_ macros, which in
turn result in proper code being generated depending on VIMAGE_GLOBALS.
De-virtualize local static variables in sys/contrib/pf/net/pf_subr.c
which were prematurely V_irtualized by automated V_ prepending scripts
during earlier merging steps. PF virtualization will be done
separately, most probably after next PF import.
Convert a few variable initializations at instantiation to
initialization in init functions, most notably in ipfw. Also convert
TUNABLE_INT() initializers for V_ variables to TUNABLE_FETCH_INT() in
initializer functions.
Discussed at: devsummit Strassburg
Reviewed by: bz, julian
Approved by: julian (mentor)
Obtained from: //depot/projects/vimage-commit2/...
X-MFC after: never
Sponsored by: NLnet Foundation, The FreeBSD Foundation
Diffstat (limited to 'sys/netinet')
-rw-r--r-- | sys/netinet/in_proto.c | 1 | ||||
-rw-r--r-- | sys/netinet/ip_divert.c | 3 | ||||
-rw-r--r-- | sys/netinet/ip_dummynet.c | 2 | ||||
-rw-r--r-- | sys/netinet/ip_fw.h | 13 | ||||
-rw-r--r-- | sys/netinet/ip_fw2.c | 80 | ||||
-rw-r--r-- | sys/netinet/ip_fw_nat.c | 2 | ||||
-rw-r--r-- | sys/netinet/ip_fw_pfil.c | 2 | ||||
-rw-r--r-- | sys/netinet/ip_input.c | 16 | ||||
-rw-r--r-- | sys/netinet/ip_output.c | 1 | ||||
-rw-r--r-- | sys/netinet/ip_var.h | 1 | ||||
-rw-r--r-- | sys/netinet/libalias/alias_db.c | 2 | ||||
-rw-r--r-- | sys/netinet/raw_ip.c | 1 | ||||
-rw-r--r-- | sys/netinet/sctp_os_bsd.h | 9 | ||||
-rw-r--r-- | sys/netinet/sctp_pcb.c | 8 | ||||
-rw-r--r-- | sys/netinet/tcp_sack.c | 1 | ||||
-rw-r--r-- | sys/netinet/tcp_subr.c | 4 | ||||
-rw-r--r-- | sys/netinet/udp_usrreq.c | 2 | ||||
-rw-r--r-- | sys/netinet/vinet.h | 21 |
18 files changed, 116 insertions, 53 deletions
diff --git a/sys/netinet/in_proto.c b/sys/netinet/in_proto.c index 8af52f2..a93f1f2 100644 --- a/sys/netinet/in_proto.c +++ b/sys/netinet/in_proto.c @@ -46,6 +46,7 @@ __FBSDID("$FreeBSD$"); #include <sys/kernel.h> #include <sys/socket.h> #include <sys/domain.h> +#include <sys/proc.h> #include <sys/protosw.h> #include <sys/queue.h> #include <sys/sysctl.h> diff --git a/sys/netinet/ip_divert.c b/sys/netinet/ip_divert.c index dc627a8..d6eb16f 100644 --- a/sys/netinet/ip_divert.c +++ b/sys/netinet/ip_divert.c @@ -52,6 +52,7 @@ __FBSDID("$FreeBSD$"); #include <sys/priv.h> #include <sys/proc.h> #include <sys/protosw.h> +#include <sys/rwlock.h> #include <sys/signalvar.h> #include <sys/socket.h> #include <sys/socketvar.h> @@ -167,7 +168,7 @@ div_init(void) V_divcbinfo.ipi_zone = uma_zcreate("divcb", sizeof(struct inpcb), NULL, NULL, div_inpcb_init, div_inpcb_fini, UMA_ALIGN_PTR, UMA_ZONE_NOFREE); - uma_zone_set_max(divcbinfo.ipi_zone, maxsockets); + uma_zone_set_max(V_divcbinfo.ipi_zone, maxsockets); EVENTHANDLER_REGISTER(maxsockets_change, div_zone_change, NULL, EVENTHANDLER_PRI_ANY); } diff --git a/sys/netinet/ip_dummynet.c b/sys/netinet/ip_dummynet.c index a7c0a31..15595b8 100644 --- a/sys/netinet/ip_dummynet.c +++ b/sys/netinet/ip_dummynet.c @@ -62,9 +62,11 @@ __FBSDID("$FreeBSD$"); #include <sys/malloc.h> #include <sys/mbuf.h> #include <sys/kernel.h> +#include <sys/lock.h> #include <sys/module.h> #include <sys/priv.h> #include <sys/proc.h> +#include <sys/rwlock.h> #include <sys/socket.h> #include <sys/socketvar.h> #include <sys/time.h> diff --git a/sys/netinet/ip_fw.h b/sys/netinet/ip_fw.h index a0123ad..6e7db99 100644 --- a/sys/netinet/ip_fw.h +++ b/sys/netinet/ip_fw.h @@ -650,8 +650,6 @@ typedef int ip_fw_chk_t(struct ip_fw_args *args); extern ip_fw_chk_t *ip_fw_chk_ptr; #define IPFW_LOADED (ip_fw_chk_ptr != NULL) -#ifdef IPFW_INTERNAL - struct ip_fw_chain { struct ip_fw *rules; /* list of rules */ struct ip_fw *reap; /* list of rules to reap */ @@ -659,6 +657,9 @@ struct ip_fw_chain { struct radix_node_head *tables[IPFW_TABLES_MAX]; struct rwlock rwmtx; }; + +#ifdef IPFW_INTERNAL + #define IPFW_LOCK_INIT(_chain) \ rw_init(&(_chain)->rwmtx, "IPFW static rules") #define IPFW_LOCK_DESTROY(_chain) rw_destroy(&(_chain)->rwmtx) @@ -684,9 +685,7 @@ typedef int ipfw_nat_cfg_t(struct sockopt *); /* * Stack virtualization support. */ -#ifdef VIMAGE struct vnet_ipfw { - int _fw_one_pass; int _fw_enable; int _fw6_enable; u_int32_t _set_disable; @@ -716,6 +715,11 @@ struct vnet_ipfw { struct callout _ipfw_timeout; eventhandler_tag _ifaddr_event_tag; }; + +#ifndef VIMAGE +#ifndef VIMAGE_GLOBALS +extern struct vnet_ipfw vnet_ipfw_0; +#endif #endif /* @@ -726,7 +730,6 @@ struct vnet_ipfw { #define VNET_IPFW(sym) VSYM(vnet_ipfw, sym) -#define V_fw_one_pass VNET_IPFW(fw_one_pass) #define V_fw_enable VNET_IPFW(fw_enable) #define V_fw6_enable VNET_IPFW(fw6_enable) #define V_set_disable VNET_IPFW(set_disable) diff --git a/sys/netinet/ip_fw2.c b/sys/netinet/ip_fw2.c index f9696cc..61c76cf 100644 --- a/sys/netinet/ip_fw2.c +++ b/sys/netinet/ip_fw2.c @@ -110,6 +110,12 @@ __FBSDID("$FreeBSD$"); #include <security/mac/mac_framework.h> +#ifndef VIMAGE +#ifndef VIMAGE_GLOBALS +struct vnet_ipfw vnet_ipfw_0; +#endif +#endif + /* * set_disable contains one bit per set value (0..31). * If the bit is set, all rules with the corresponding set @@ -118,12 +124,13 @@ __FBSDID("$FreeBSD$"); * and CANNOT be disabled. * Rules in set RESVD_SET can only be deleted explicitly. */ +#ifdef VIMAGE_GLOBALS static u_int32_t set_disable; - static int fw_verbose; +static struct callout ipfw_timeout; +#endif static int verbose_limit; -static struct callout ipfw_timeout; static uma_zone_t ipfw_dyn_rule_zone; /* @@ -159,8 +166,10 @@ struct table_entry { u_int32_t value; }; -static int fw_debug = 1; -static int autoinc_step = 100; /* bounded to 1..1000 in add_rule() */ +#ifdef VIMAGE_GLOBALS +static int fw_debug; +static int autoinc_step; +#endif extern int ipfw_chg_hook(SYSCTL_HANDLER_ARGS); @@ -171,7 +180,7 @@ SYSCTL_V_PROC(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, enable, ipfw_chg_hook, "I", "Enable ipfw"); SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, autoinc_step, CTLFLAG_RW, autoinc_step, 0, "Rule number autincrement step"); -SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, one_pass, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_fw, OID_AUTO, one_pass, CTLFLAG_RW | CTLFLAG_SECURE3, fw_one_pass, 0, "Only do a single pass through ipfw when using dummynet(4)"); SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, debug, CTLFLAG_RW, @@ -222,9 +231,11 @@ SYSCTL_UINT(_net_inet_ip_fw, OID_AUTO, tables_max, CTLFLAG_RD, * obey the 'randomized match', and we do not do multiple * passes through the firewall. XXX check the latter!!! */ -static ipfw_dyn_rule **ipfw_dyn_v = NULL; -static u_int32_t dyn_buckets = 256; /* must be power of 2 */ -static u_int32_t curr_dyn_buckets = 256; /* must be power of 2 */ +#ifdef VIMAGE_GLOBALS +static ipfw_dyn_rule **ipfw_dyn_v; +static u_int32_t dyn_buckets; +static u_int32_t curr_dyn_buckets; +#endif static struct mtx ipfw_dyn_mtx; /* mutex guarding dynamic rules */ #define IPFW_DYN_LOCK_INIT() \ @@ -237,12 +248,13 @@ static struct mtx ipfw_dyn_mtx; /* mutex guarding dynamic rules */ /* * Timeouts for various events in handing dynamic rules. */ -static u_int32_t dyn_ack_lifetime = 300; -static u_int32_t dyn_syn_lifetime = 20; -static u_int32_t dyn_fin_lifetime = 1; -static u_int32_t dyn_rst_lifetime = 1; -static u_int32_t dyn_udp_lifetime = 10; -static u_int32_t dyn_short_lifetime = 5; +#ifdef VIMAGE_GLOBALS +static u_int32_t dyn_ack_lifetime; +static u_int32_t dyn_syn_lifetime; +static u_int32_t dyn_fin_lifetime; +static u_int32_t dyn_rst_lifetime; +static u_int32_t dyn_udp_lifetime; +static u_int32_t dyn_short_lifetime; /* * Keepalives are sent if dyn_keepalive is set. They are sent every @@ -252,14 +264,15 @@ static u_int32_t dyn_short_lifetime = 5; * than dyn_keepalive_period. */ -static u_int32_t dyn_keepalive_interval = 20; -static u_int32_t dyn_keepalive_period = 5; -static u_int32_t dyn_keepalive = 1; /* do send keepalives */ +static u_int32_t dyn_keepalive_interval; +static u_int32_t dyn_keepalive_period; +static u_int32_t dyn_keepalive; static u_int32_t static_count; /* # of static rules */ static u_int32_t static_len; /* size in bytes of static rules */ -static u_int32_t dyn_count; /* # of dynamic rules */ -static u_int32_t dyn_max = 4096; /* max # of dynamic rules */ +static u_int32_t dyn_count; /* # of dynamic rules */ +static u_int32_t dyn_max; /* max # of dynamic rules */ +#endif /* VIMAGE_GLOBALS */ SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_buckets, CTLFLAG_RW, dyn_buckets, 0, "Number of dyn. buckets"); @@ -299,8 +312,9 @@ static struct sysctl_oid *ip6_fw_sysctl_tree; #endif /* INET6 */ #endif /* SYSCTL_NODE */ -static int fw_deny_unknown_exthdrs = 1; - +#ifdef VIMAGE_GLOBALS +static int fw_deny_unknown_exthdrs; +#endif /* * L3HDR maps an ipv4 pointer into a layer3 header pointer of type T @@ -748,7 +762,9 @@ send_reject6(struct ip_fw_args *args, int code, u_int hlen, struct ip6_hdr *ip6) #endif /* INET6 */ +#ifdef VIMAGE_GLOBALS static u_int64_t norule_counter; /* counter for ipfw_log(NULL...) */ +#endif #define SNPARGS(buf, len) buf + len, sizeof(buf) > len ? sizeof(buf) - len : 0 #define SNP(buf) buf, sizeof(buf) @@ -4510,6 +4526,28 @@ ipfw_init(void) struct ip_fw default_rule; int error; + V_fw_debug = 1; + V_autoinc_step = 100; /* bounded to 1..1000 in add_rule() */ + + V_ipfw_dyn_v = NULL; + V_dyn_buckets = 256; /* must be power of 2 */ + V_curr_dyn_buckets = 256; /* must be power of 2 */ + + V_dyn_ack_lifetime = 300; + V_dyn_syn_lifetime = 20; + V_dyn_fin_lifetime = 1; + V_dyn_rst_lifetime = 1; + V_dyn_udp_lifetime = 10; + V_dyn_short_lifetime = 5; + + V_dyn_keepalive_interval = 20; + V_dyn_keepalive_period = 5; + V_dyn_keepalive = 1; /* do send keepalives */ + + V_dyn_max = 4096; /* max # of dynamic rules */ + + V_fw_deny_unknown_exthdrs = 1; + #ifdef INET6 /* Setup IPv6 fw sysctl tree. */ sysctl_ctx_init(&ip6_fw_sysctl_ctx); diff --git a/sys/netinet/ip_fw_nat.c b/sys/netinet/ip_fw_nat.c index 6b8369c..d770d5c 100644 --- a/sys/netinet/ip_fw_nat.c +++ b/sys/netinet/ip_fw_nat.c @@ -71,7 +71,9 @@ MALLOC_DECLARE(M_IPFW); extern struct ip_fw_chain layer3_chain; +#ifdef VIMAGE_GLOBALS static eventhandler_tag ifaddr_event_tag; +#endif extern ipfw_nat_t *ipfw_nat_ptr; extern ipfw_nat_cfg_t *ipfw_nat_cfg_ptr; diff --git a/sys/netinet/ip_fw_pfil.c b/sys/netinet/ip_fw_pfil.c index 3199ce8..246fdef 100644 --- a/sys/netinet/ip_fw_pfil.c +++ b/sys/netinet/ip_fw_pfil.c @@ -43,6 +43,8 @@ __FBSDID("$FreeBSD$"); #include <sys/mbuf.h> #include <sys/module.h> #include <sys/kernel.h> +#include <sys/lock.h> +#include <sys/rwlock.h> #include <sys/socket.h> #include <sys/socketvar.h> #include <sys/sysctl.h> diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index 35ebf86..c99c53e 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -49,6 +49,8 @@ __FBSDID("$FreeBSD$"); #include <sys/socket.h> #include <sys/time.h> #include <sys/kernel.h> +#include <sys/lock.h> +#include <sys/rwlock.h> #include <sys/syslog.h> #include <sys/sysctl.h> #include <sys/vimage.h> @@ -91,6 +93,12 @@ __FBSDID("$FreeBSD$"); CTASSERT(sizeof(struct ip) == 20); #endif +#ifndef VIMAGE +#ifndef VIMAGE_GLOBALS +struct vnet_inet vnet_inet_0; +#endif +#endif + #ifdef VIMAGE_GLOBALS static int ipsendredirects; static int ip_checkinterface; @@ -170,7 +178,9 @@ SYSCTL_INT(_net_inet_ip, IPCTL_INTRQDROPS, intr_queue_drops, CTLFLAG_RD, SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_ip, IPCTL_STATS, stats, CTLFLAG_RW, ipstat, ipstat, "IP statistics (struct ipstat, netinet/ip_var.h)"); +#ifdef VIMAGE_GLOBALS static uma_zone_t ipq_zone; +#endif static struct mtx ipqlock; #define IPQ_LOCK() mtx_lock(&ipqlock) @@ -207,7 +217,9 @@ SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW, */ ip_fw_chk_t *ip_fw_chk_ptr = NULL; ip_dn_io_t *ip_dn_io_ptr = NULL; -int fw_one_pass = 1; +#ifdef VIMAGE_GLOBALS +int fw_one_pass; +#endif static void ip_freef(struct ipqhead *, struct ipq *); @@ -246,6 +258,8 @@ ip_init(void) V_ipport_randomtime = 45; /* user controlled via sysctl */ V_ipport_stoprandom = 0; /* toggled by ipport_tick */ + V_fw_one_pass = 1; + #ifdef NOTYET /* XXX global static but not instantiated in this file */ V_ipfastforward_active = 0; diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c index a40dd1d..03cf56f 100644 --- a/sys/netinet/ip_output.c +++ b/sys/netinet/ip_output.c @@ -793,7 +793,6 @@ done: void in_delayed_cksum(struct mbuf *m) { - INIT_VNET_INET(curvnet); struct ip *ip; u_short csum, offset; diff --git a/sys/netinet/ip_var.h b/sys/netinet/ip_var.h index e23fe93..a4e73db 100644 --- a/sys/netinet/ip_var.h +++ b/sys/netinet/ip_var.h @@ -177,6 +177,7 @@ struct sockopt; extern struct ipstat ipstat; extern u_short ip_id; /* ip packet ctr, for ids */ +extern int ip_do_randomid; extern int ip_defttl; /* default IP ttl */ extern int ipforwarding; /* ip forwarding */ #ifdef IPSTEALTH diff --git a/sys/netinet/libalias/alias_db.c b/sys/netinet/libalias/alias_db.c index 82ff138..93b226e 100644 --- a/sys/netinet/libalias/alias_db.c +++ b/sys/netinet/libalias/alias_db.c @@ -146,7 +146,9 @@ __FBSDID("$FreeBSD$"); #include <machine/stdarg.h> #include <sys/param.h> #include <sys/kernel.h> +#include <sys/lock.h> #include <sys/module.h> +#include <sys/rwlock.h> #include <sys/syslog.h> #else #include <stdarg.h> diff --git a/sys/netinet/raw_ip.c b/sys/netinet/raw_ip.c index 7871949..9b5a3f3 100644 --- a/sys/netinet/raw_ip.c +++ b/sys/netinet/raw_ip.c @@ -46,6 +46,7 @@ __FBSDID("$FreeBSD$"); #include <sys/priv.h> #include <sys/proc.h> #include <sys/protosw.h> +#include <sys/rwlock.h> #include <sys/signalvar.h> #include <sys/socket.h> #include <sys/socketvar.h> diff --git a/sys/netinet/sctp_os_bsd.h b/sys/netinet/sctp_os_bsd.h index ff9d534..d0e7a18 100644 --- a/sys/netinet/sctp_os_bsd.h +++ b/sys/netinet/sctp_os_bsd.h @@ -68,6 +68,7 @@ __FBSDID("$FreeBSD$"); #include <net/if_types.h> #include <net/if_var.h> #include <net/route.h> +#include <net/vnet.h> #include <netinet/in.h> #include <netinet/in_systm.h> @@ -96,6 +97,7 @@ __FBSDID("$FreeBSD$"); #include <netinet6/ip6protosw.h> #include <netinet6/nd6.h> #include <netinet6/scope6_var.h> +#include <netinet6/vinet6.h> #endif /* INET6 */ @@ -152,13 +154,8 @@ MALLOC_DECLARE(SCTP_M_SOCKOPT); #define MOD_IPSEC ipsec /* then define the macro(s) that hook into the vimage macros */ -#if defined(__FreeBSD__) && __FreeBSD_version >= 800044 && defined(VIMAGE) -#if 0 -#define VSYMNAME(__MODULE) vnet_ ## __MODULE -#define MODULE_GLOBAL(__MODULE, __SYMBOL) VSYM(VSYMNAME(__MODULE), __SYMBOL) -#else +#if defined(__FreeBSD__) && __FreeBSD_version >= 800056 #define MODULE_GLOBAL(__MODULE, __SYMBOL) V_ ## __SYMBOL -#endif #else #define MODULE_GLOBAL(__MODULE, __SYMBOL) (__SYMBOL) #endif diff --git a/sys/netinet/sctp_pcb.c b/sys/netinet/sctp_pcb.c index d300382..5f05dcd 100644 --- a/sys/netinet/sctp_pcb.c +++ b/sys/netinet/sctp_pcb.c @@ -59,11 +59,11 @@ SCTP6_ARE_ADDR_EQUAL(struct sockaddr_in6 *a, struct sockaddr_in6 *b) struct sockaddr_in6 tmp_a, tmp_b; memcpy(&tmp_a, a, sizeof(struct sockaddr_in6)); - if (sa6_embedscope(&tmp_a, MODULE_GLOBAL(MOD_INET6, MODULE_GLOBAL(MOD_INET6, ip6_use_defzone))) != 0) { + if (sa6_embedscope(&tmp_a, MODULE_GLOBAL(MOD_INET6, ip6_use_defzone)) != 0) { return 0; } memcpy(&tmp_b, b, sizeof(struct sockaddr_in6)); - if (sa6_embedscope(&tmp_b, MODULE_GLOBAL(MOD_INET6, MODULE_GLOBAL(MOD_INET6, ip6_use_defzone))) != 0) { + if (sa6_embedscope(&tmp_b, MODULE_GLOBAL(MOD_INET6, ip6_use_defzone)) != 0) { return 0; } return (IN6_ARE_ADDR_EQUAL(&tmp_a.sin6_addr, &tmp_b.sin6_addr)); @@ -2008,7 +2008,7 @@ sctp_findassociation_addr(struct mbuf *m, int iphlen, int offset, /* Get the scopes in properly to the sin6 addr's */ /* we probably don't need these operations */ (void)sa6_recoverscope(from6); - sa6_embedscope(from6, MODULE_GLOBAL(MOD_INET6, MODULE_GLOBAL(MOD_INET6, ip6_use_defzone))); + sa6_embedscope(from6, MODULE_GLOBAL(MOD_INET6, ip6_use_defzone)); break; } #endif @@ -2049,7 +2049,7 @@ sctp_findassociation_addr(struct mbuf *m, int iphlen, int offset, /* Get the scopes in properly to the sin6 addr's */ /* we probably don't need these operations */ (void)sa6_recoverscope(to6); - sa6_embedscope(to6, MODULE_GLOBAL(MOD_INET6, MODULE_GLOBAL(MOD_INET6, ip6_use_defzone))); + sa6_embedscope(to6, MODULE_GLOBAL(MOD_INET6, ip6_use_defzone)); break; } #endif diff --git a/sys/netinet/tcp_sack.c b/sys/netinet/tcp_sack.c index b52b5b3..4ca10af 100644 --- a/sys/netinet/tcp_sack.c +++ b/sys/netinet/tcp_sack.c @@ -135,7 +135,6 @@ int tcp_sack_globalholes; SYSCTL_NODE(_net_inet_tcp, OID_AUTO, sack, CTLFLAG_RW, 0, "TCP SACK"); SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_sack, OID_AUTO, enable, CTLFLAG_RW, tcp_do_sack, 0, "Enable/Disable TCP SACK support"); -TUNABLE_INT("net.inet.tcp.sack.enable", &tcp_do_sack); SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_sack, OID_AUTO, maxholes, CTLFLAG_RW, tcp_sack_maxholes, 0, diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c index 639c42f..bc136b2 100644 --- a/sys/netinet/tcp_subr.c +++ b/sys/netinet/tcp_subr.c @@ -203,7 +203,7 @@ SYSCTL_INT(_net_inet_tcp, OID_AUTO, do_tcpdrain, CTLFLAG_RW, &do_tcpdrain, 0, "Enable tcp_drain routine for extra help when low on mbufs"); SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, pcbcount, - CTLFLAG_RD, V_tcbinfo.ipi_count, 0, "Number of active PCBs"); + CTLFLAG_RD, tcbinfo.ipi_count, 0, "Number of active PCBs"); SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, icmp_may_rst, CTLFLAG_RW, icmp_may_rst, 0, @@ -359,6 +359,8 @@ tcp_init(void) V_tcp_inflight_rttthresh = TCPTV_INFLIGHT_RTTTHRESH; tcp_finwait2_timeout = TCPTV_FINWAIT2_TIMEOUT; + TUNABLE_INT_FETCH("net.inet.tcp.sack.enable", &V_tcp_do_sack); + INP_INFO_LOCK_INIT(&V_tcbinfo, "tcp"); LIST_INIT(&V_tcb); V_tcbinfo.ipi_listhead = &V_tcb; diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index 53e9626..e402297 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -1198,7 +1198,7 @@ udp_connect(struct socket *so, struct sockaddr *nam, struct thread *td) sin = (struct sockaddr_in *)nam; if (prison_remote_ip4(td->td_ucred, &sin->sin_addr) != 0) { INP_WUNLOCK(inp); - INP_INFO_WUNLOCK(&udbinfo); + INP_INFO_WUNLOCK(&V_udbinfo); return (EAFNOSUPPORT); } error = in_pcbconnect(inp, nam, td->td_ucred); diff --git a/sys/netinet/vinet.h b/sys/netinet/vinet.h index 8a8baba..65ccfa4 100644 --- a/sys/netinet/vinet.h +++ b/sys/netinet/vinet.h @@ -194,8 +194,16 @@ struct vnet_inet { int _icmp_rfi; int _icmp_quotelen; int _icmpbmcastecho; + + int _fw_one_pass; }; +#ifndef VIMAGE +#ifndef VIMAGE_GLOBALS +extern struct vnet_inet vnet_inet_0; +#endif +#endif + /* * Symbol translation macros */ @@ -212,6 +220,7 @@ struct vnet_inet { #define V_divcbinfo VNET_INET(divcbinfo) #define V_drop_redirect VNET_INET(drop_redirect) #define V_drop_synfin VNET_INET(drop_synfin) +#define V_fw_one_pass VNET_INET(fw_one_pass) #define V_icmp_may_rst VNET_INET(icmp_may_rst) #define V_icmp_quotelen VNET_INET(icmp_quotelen) #define V_icmp_rfi VNET_INET(icmp_rfi) @@ -330,16 +339,6 @@ struct vnet_inet { #define V_udpstat VNET_INET(udpstat) #define V_useloopback VNET_INET(useloopback) -static __inline uint16_t ip_newid(void); -extern int ip_do_randomid; - -static __inline uint16_t -ip_newid(void) -{ - if (V_ip_do_randomid) - return ip_randomid(); - - return htons(V_ip_id++); -} +#define ip_newid() ((V_ip_do_randomid != 0) ? ip_randomid() : htons(V_ip_id++)) #endif /* !_NETINET_VINET_H_ */ |