summaryrefslogtreecommitdiffstats
path: root/sys/net
diff options
context:
space:
mode:
Diffstat (limited to 'sys/net')
-rw-r--r--sys/net/if.c18
-rw-r--r--sys/net/if_ethersubr.c3
-rw-r--r--sys/net/if_gif.c3
-rw-r--r--sys/net/if_gre.c2
-rw-r--r--sys/net/if_spppsubr.c1
-rw-r--r--sys/net/if_tap.c2
-rw-r--r--sys/net/if_tun.c9
-rw-r--r--sys/net/netisr.c48
8 files changed, 21 insertions, 65 deletions
diff --git a/sys/net/if.c b/sys/net/if.c
index 2cb3da0..0356ec7 100644
--- a/sys/net/if.c
+++ b/sys/net/if.c
@@ -2553,11 +2553,23 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct thread *td)
CURVNET_RESTORE();
return (EOPNOTSUPP);
}
+
+ /*
+ * Pass the request on to the socket control method, and if the
+ * latter returns EOPNOTSUPP, directly to the interface.
+ *
+ * Make an exception for the legacy SIOCSIF* requests. Drivers
+ * trust SIOCSIFADDR et al to come from an already privileged
+ * layer, and do not perform any credentials checks or input
+ * validation.
+ */
#ifndef COMPAT_43
error = ((*so->so_proto->pr_usrreqs->pru_control)(so, cmd,
data,
ifp, td));
- if (error == EOPNOTSUPP && ifp != NULL && ifp->if_ioctl != NULL)
+ if (error == EOPNOTSUPP && ifp != NULL && ifp->if_ioctl != NULL &&
+ cmd != SIOCSIFADDR && cmd != SIOCSIFBRDADDR &&
+ cmd != SIOCSIFDSTADDR && cmd != SIOCSIFNETMASK)
error = (*ifp->if_ioctl)(ifp, cmd, data);
#else
{
@@ -2601,7 +2613,9 @@ ifioctl(struct socket *so, u_long cmd, caddr_t data, struct thread *td)
data,
ifp, td));
if (error == EOPNOTSUPP && ifp != NULL &&
- ifp->if_ioctl != NULL)
+ ifp->if_ioctl != NULL &&
+ cmd != SIOCSIFADDR && cmd != SIOCSIFBRDADDR &&
+ cmd != SIOCSIFDSTADDR && cmd != SIOCSIFNETMASK)
error = (*ifp->if_ioctl)(ifp, cmd, data);
switch (ocmd) {
diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c
index e8d395a..638b364 100644
--- a/sys/net/if_ethersubr.c
+++ b/sys/net/if_ethersubr.c
@@ -638,9 +638,8 @@ ether_input_internal(struct ifnet *ifp, struct mbuf *m)
m->m_flags |= M_PROMISC;
}
- /* First chunk of an mbuf contains good entropy */
if (harvest.ethernet)
- random_harvest(m, 16, 3, 0, RANDOM_NET);
+ random_harvest(&(m->m_data), 12, 3, 0, RANDOM_NET_ETHER);
ether_demux(ifp, m);
CURVNET_RESTORE();
diff --git a/sys/net/if_gif.c b/sys/net/if_gif.c
index 874bbc00..dfc2697 100644
--- a/sys/net/if_gif.c
+++ b/sys/net/if_gif.c
@@ -687,9 +687,6 @@ gif_ioctl(ifp, cmd, data)
ifp->if_flags |= IFF_UP;
break;
- case SIOCSIFDSTADDR:
- break;
-
case SIOCADDMULTI:
case SIOCDELMULTI:
break;
diff --git a/sys/net/if_gre.c b/sys/net/if_gre.c
index df0fc82..98090e5 100644
--- a/sys/net/if_gre.c
+++ b/sys/net/if_gre.c
@@ -534,8 +534,6 @@ gre_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
case SIOCSIFADDR:
ifp->if_flags |= IFF_UP;
break;
- case SIOCSIFDSTADDR:
- break;
case SIOCSIFFLAGS:
/*
* XXXRW: Isn't this priv_check() redundant to the ifnet
diff --git a/sys/net/if_spppsubr.c b/sys/net/if_spppsubr.c
index 7255545..9fe713c 100644
--- a/sys/net/if_spppsubr.c
+++ b/sys/net/if_spppsubr.c
@@ -1200,7 +1200,6 @@ sppp_ioctl(struct ifnet *ifp, IOCTL_CMD_T cmd, void *data)
rv = 0;
switch (cmd) {
case SIOCAIFADDR:
- case SIOCSIFDSTADDR:
break;
case SIOCSIFADDR:
diff --git a/sys/net/if_tap.c b/sys/net/if_tap.c
index 45bd7d2..ad6f781 100644
--- a/sys/net/if_tap.c
+++ b/sys/net/if_tap.c
@@ -409,8 +409,6 @@ tapcreate(struct cdev *dev)
const char *name = NULL;
u_char eaddr[6];
- dev->si_flags &= ~SI_CHEAPCLONE;
-
/* allocate driver storage and create device */
tp = malloc(sizeof(*tp), M_TAP, M_WAITOK | M_ZERO);
mtx_init(&tp->tap_mtx, "tap_mtx", NULL, MTX_DEF);
diff --git a/sys/net/if_tun.c b/sys/net/if_tun.c
index e917793..f44bc0e 100644
--- a/sys/net/if_tun.c
+++ b/sys/net/if_tun.c
@@ -361,8 +361,6 @@ tuncreate(const char *name, struct cdev *dev)
struct tun_softc *sc;
struct ifnet *ifp;
- dev->si_flags &= ~SI_CHEAPCLONE;
-
sc = malloc(sizeof(*sc), M_TUN, M_WAITOK | M_ZERO);
mtx_init(&sc->tun_mtx, "tun_mtx", NULL, MTX_DEF);
cv_init(&sc->tun_cv, "tun_condvar");
@@ -554,10 +552,6 @@ tunifioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
tuninit(ifp);
TUNDEBUG(ifp, "address set\n");
break;
- case SIOCSIFDSTADDR:
- tuninit(ifp);
- TUNDEBUG(ifp, "destination address set\n");
- break;
case SIOCSIFMTU:
ifp->if_mtu = ifr->ifr_mtu;
TUNDEBUG(ifp, "mtu set\n");
@@ -922,9 +916,8 @@ tunwrite(struct cdev *dev, struct uio *uio, int flag)
m_freem(m);
return (EAFNOSUPPORT);
}
- /* First chunk of an mbuf contains good junk */
if (harvest.point_to_point)
- random_harvest(m, 16, 3, 0, RANDOM_NET);
+ random_harvest(&(m->m_data), 12, 3, 0, RANDOM_NET_TUN);
ifp->if_ibytes += m->m_pkthdr.len;
ifp->if_ipackets++;
CURVNET_SET(ifp->if_vnet);
diff --git a/sys/net/netisr.c b/sys/net/netisr.c
index 534d80c..3045e95 100644
--- a/sys/net/netisr.c
+++ b/sys/net/netisr.c
@@ -154,19 +154,6 @@ SYSCTL_PROC(_net_isr, OID_AUTO, dispatch, CTLTYPE_STRING | CTLFLAG_RW |
"netisr dispatch policy");
/*
- * These sysctls were used in previous versions to control and export
- * dispatch policy state. Now, we provide read-only export via them so that
- * older netstat binaries work. At some point they can be garbage collected.
- */
-static int netisr_direct_force;
-SYSCTL_INT(_net_isr, OID_AUTO, direct_force, CTLFLAG_RD,
- &netisr_direct_force, 0, "compat: force direct dispatch");
-
-static int netisr_direct;
-SYSCTL_INT(_net_isr, OID_AUTO, direct, CTLFLAG_RD, &netisr_direct, 0,
- "compat: enable direct dispatch");
-
-/*
* Allow the administrator to limit the number of threads (CPUs) to use for
* netisr. We don't check netisr_maxthreads before creating the thread for
* CPU 0, so in practice we ignore values <= 1. This must be set at boot.
@@ -338,32 +325,6 @@ netisr_dispatch_policy_from_str(const char *str, u_int *dispatch_policyp)
return (EINVAL);
}
-static void
-netisr_dispatch_policy_compat(void)
-{
-
- switch (netisr_dispatch_policy) {
- case NETISR_DISPATCH_DEFERRED:
- netisr_direct_force = 0;
- netisr_direct = 0;
- break;
-
- case NETISR_DISPATCH_HYBRID:
- netisr_direct_force = 0;
- netisr_direct = 1;
- break;
-
- case NETISR_DISPATCH_DIRECT:
- netisr_direct_force = 1;
- netisr_direct = 1;
- break;
-
- default:
- panic("%s: unknown policy %u", __func__,
- netisr_dispatch_policy);
- }
-}
-
static int
sysctl_netisr_dispatch_policy(SYSCTL_HANDLER_ARGS)
{
@@ -379,10 +340,8 @@ sysctl_netisr_dispatch_policy(SYSCTL_HANDLER_ARGS)
&dispatch_policy);
if (error == 0 && dispatch_policy == NETISR_DISPATCH_DEFAULT)
error = EINVAL;
- if (error == 0) {
+ if (error == 0)
netisr_dispatch_policy = dispatch_policy;
- netisr_dispatch_policy_compat();
- }
}
return (error);
}
@@ -1199,10 +1158,9 @@ netisr_init(void *arg)
&dispatch_policy);
if (error == 0 && dispatch_policy == NETISR_DISPATCH_DEFAULT)
error = EINVAL;
- if (error == 0) {
+ if (error == 0)
netisr_dispatch_policy = dispatch_policy;
- netisr_dispatch_policy_compat();
- } else
+ else
printf(
"%s: invalid dispatch policy %s, using default\n",
__func__, tmp);
OpenPOWER on IntegriCloud