diff options
Diffstat (limited to 'sys/net')
-rw-r--r-- | sys/net/if.c | 18 | ||||
-rw-r--r-- | sys/net/if_ethersubr.c | 3 | ||||
-rw-r--r-- | sys/net/if_gif.c | 3 | ||||
-rw-r--r-- | sys/net/if_gre.c | 2 | ||||
-rw-r--r-- | sys/net/if_spppsubr.c | 1 | ||||
-rw-r--r-- | sys/net/if_tap.c | 2 | ||||
-rw-r--r-- | sys/net/if_tun.c | 9 | ||||
-rw-r--r-- | sys/net/netisr.c | 48 |
8 files changed, 21 insertions, 65 deletions
diff --git a/sys/net/if.c b/sys/net/if.c index 2cb3da0..0356ec7 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -2553,11 +2553,23 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct thread *td) CURVNET_RESTORE(); return (EOPNOTSUPP); } + + /* + * Pass the request on to the socket control method, and if the + * latter returns EOPNOTSUPP, directly to the interface. + * + * Make an exception for the legacy SIOCSIF* requests. Drivers + * trust SIOCSIFADDR et al to come from an already privileged + * layer, and do not perform any credentials checks or input + * validation. + */ #ifndef COMPAT_43 error = ((*so->so_proto->pr_usrreqs->pru_control)(so, cmd, data, ifp, td)); - if (error == EOPNOTSUPP && ifp != NULL && ifp->if_ioctl != NULL) + if (error == EOPNOTSUPP && ifp != NULL && ifp->if_ioctl != NULL && + cmd != SIOCSIFADDR && cmd != SIOCSIFBRDADDR && + cmd != SIOCSIFDSTADDR && cmd != SIOCSIFNETMASK) error = (*ifp->if_ioctl)(ifp, cmd, data); #else { @@ -2601,7 +2613,9 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct thread *td) data, ifp, td)); if (error == EOPNOTSUPP && ifp != NULL && - ifp->if_ioctl != NULL) + ifp->if_ioctl != NULL && + cmd != SIOCSIFADDR && cmd != SIOCSIFBRDADDR && + cmd != SIOCSIFDSTADDR && cmd != SIOCSIFNETMASK) error = (*ifp->if_ioctl)(ifp, cmd, data); switch (ocmd) { diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c index e8d395a..638b364 100644 --- a/sys/net/if_ethersubr.c +++ b/sys/net/if_ethersubr.c @@ -638,9 +638,8 @@ ether_input_internal(struct ifnet *ifp, struct mbuf *m) m->m_flags |= M_PROMISC; } - /* First chunk of an mbuf contains good entropy */ if (harvest.ethernet) - random_harvest(m, 16, 3, 0, RANDOM_NET); + random_harvest(&(m->m_data), 12, 3, 0, RANDOM_NET_ETHER); ether_demux(ifp, m); CURVNET_RESTORE(); diff --git a/sys/net/if_gif.c b/sys/net/if_gif.c index 874bbc00..dfc2697 100644 --- a/sys/net/if_gif.c +++ b/sys/net/if_gif.c @@ -687,9 +687,6 @@ gif_ioctl(ifp, cmd, data) ifp->if_flags |= IFF_UP; break; - case SIOCSIFDSTADDR: - break; - case SIOCADDMULTI: case SIOCDELMULTI: break; diff --git a/sys/net/if_gre.c b/sys/net/if_gre.c index df0fc82..98090e5 100644 --- a/sys/net/if_gre.c +++ b/sys/net/if_gre.c @@ -534,8 +534,6 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) case SIOCSIFADDR: ifp->if_flags |= IFF_UP; break; - case SIOCSIFDSTADDR: - break; case SIOCSIFFLAGS: /* * XXXRW: Isn't this priv_check() redundant to the ifnet diff --git a/sys/net/if_spppsubr.c b/sys/net/if_spppsubr.c index 7255545..9fe713c 100644 --- a/sys/net/if_spppsubr.c +++ b/sys/net/if_spppsubr.c @@ -1200,7 +1200,6 @@ sppp_ioctl(struct ifnet *ifp, IOCTL_CMD_T cmd, void *data) rv = 0; switch (cmd) { case SIOCAIFADDR: - case SIOCSIFDSTADDR: break; case SIOCSIFADDR: diff --git a/sys/net/if_tap.c b/sys/net/if_tap.c index 45bd7d2..ad6f781 100644 --- a/sys/net/if_tap.c +++ b/sys/net/if_tap.c @@ -409,8 +409,6 @@ tapcreate(struct cdev *dev) const char *name = NULL; u_char eaddr[6]; - dev->si_flags &= ~SI_CHEAPCLONE; - /* allocate driver storage and create device */ tp = malloc(sizeof(*tp), M_TAP, M_WAITOK | M_ZERO); mtx_init(&tp->tap_mtx, "tap_mtx", NULL, MTX_DEF); diff --git a/sys/net/if_tun.c b/sys/net/if_tun.c index e917793..f44bc0e 100644 --- a/sys/net/if_tun.c +++ b/sys/net/if_tun.c @@ -361,8 +361,6 @@ tuncreate(const char *name, struct cdev *dev) struct tun_softc *sc; struct ifnet *ifp; - dev->si_flags &= ~SI_CHEAPCLONE; - sc = malloc(sizeof(*sc), M_TUN, M_WAITOK | M_ZERO); mtx_init(&sc->tun_mtx, "tun_mtx", NULL, MTX_DEF); cv_init(&sc->tun_cv, "tun_condvar"); @@ -554,10 +552,6 @@ tunifioctl(struct ifnet *ifp, u_long cmd, caddr_t data) tuninit(ifp); TUNDEBUG(ifp, "address set\n"); break; - case SIOCSIFDSTADDR: - tuninit(ifp); - TUNDEBUG(ifp, "destination address set\n"); - break; case SIOCSIFMTU: ifp->if_mtu = ifr->ifr_mtu; TUNDEBUG(ifp, "mtu set\n"); @@ -922,9 +916,8 @@ tunwrite(struct cdev *dev, struct uio *uio, int flag) m_freem(m); return (EAFNOSUPPORT); } - /* First chunk of an mbuf contains good junk */ if (harvest.point_to_point) - random_harvest(m, 16, 3, 0, RANDOM_NET); + random_harvest(&(m->m_data), 12, 3, 0, RANDOM_NET_TUN); ifp->if_ibytes += m->m_pkthdr.len; ifp->if_ipackets++; CURVNET_SET(ifp->if_vnet); diff --git a/sys/net/netisr.c b/sys/net/netisr.c index 534d80c..3045e95 100644 --- a/sys/net/netisr.c +++ b/sys/net/netisr.c @@ -154,19 +154,6 @@ SYSCTL_PROC(_net_isr, OID_AUTO, dispatch, CTLTYPE_STRING | CTLFLAG_RW | "netisr dispatch policy"); /* - * These sysctls were used in previous versions to control and export - * dispatch policy state. Now, we provide read-only export via them so that - * older netstat binaries work. At some point they can be garbage collected. - */ -static int netisr_direct_force; -SYSCTL_INT(_net_isr, OID_AUTO, direct_force, CTLFLAG_RD, - &netisr_direct_force, 0, "compat: force direct dispatch"); - -static int netisr_direct; -SYSCTL_INT(_net_isr, OID_AUTO, direct, CTLFLAG_RD, &netisr_direct, 0, - "compat: enable direct dispatch"); - -/* * Allow the administrator to limit the number of threads (CPUs) to use for * netisr. We don't check netisr_maxthreads before creating the thread for * CPU 0, so in practice we ignore values <= 1. This must be set at boot. @@ -338,32 +325,6 @@ netisr_dispatch_policy_from_str(const char *str, u_int *dispatch_policyp) return (EINVAL); } -static void -netisr_dispatch_policy_compat(void) -{ - - switch (netisr_dispatch_policy) { - case NETISR_DISPATCH_DEFERRED: - netisr_direct_force = 0; - netisr_direct = 0; - break; - - case NETISR_DISPATCH_HYBRID: - netisr_direct_force = 0; - netisr_direct = 1; - break; - - case NETISR_DISPATCH_DIRECT: - netisr_direct_force = 1; - netisr_direct = 1; - break; - - default: - panic("%s: unknown policy %u", __func__, - netisr_dispatch_policy); - } -} - static int sysctl_netisr_dispatch_policy(SYSCTL_HANDLER_ARGS) { @@ -379,10 +340,8 @@ sysctl_netisr_dispatch_policy(SYSCTL_HANDLER_ARGS) &dispatch_policy); if (error == 0 && dispatch_policy == NETISR_DISPATCH_DEFAULT) error = EINVAL; - if (error == 0) { + if (error == 0) netisr_dispatch_policy = dispatch_policy; - netisr_dispatch_policy_compat(); - } } return (error); } @@ -1199,10 +1158,9 @@ netisr_init(void *arg) &dispatch_policy); if (error == 0 && dispatch_policy == NETISR_DISPATCH_DEFAULT) error = EINVAL; - if (error == 0) { + if (error == 0) netisr_dispatch_policy = dispatch_policy; - netisr_dispatch_policy_compat(); - } else + else printf( "%s: invalid dispatch policy %s, using default\n", __func__, tmp); |