diff options
Diffstat (limited to 'sys/netinet')
35 files changed, 1156 insertions, 317 deletions
diff --git a/sys/netinet/if_ether.c b/sys/netinet/if_ether.c index e32864c..7d78d9a 100644 --- a/sys/netinet/if_ether.c +++ b/sys/netinet/if_ether.c @@ -104,12 +104,15 @@ static int arp_maxtries = 5; static int useloopback = 1; /* use loopback interface for local traffic */ static int arp_proxyall = 0; -SYSCTL_INT(_net_link_ether_inet, OID_AUTO, maxtries, CTLFLAG_RW, - &arp_maxtries, 0, "ARP resolution attempts before returning error"); -SYSCTL_INT(_net_link_ether_inet, OID_AUTO, useloopback, CTLFLAG_RW, - &useloopback, 0, "Use the loopback interface for local traffic"); -SYSCTL_INT(_net_link_ether_inet, OID_AUTO, proxyall, CTLFLAG_RW, - &arp_proxyall, 0, "Enable proxy ARP for all suitable requests"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_link_ether_inet, OID_AUTO, maxtries, + CTLFLAG_RW, arp_maxtries, 0, + "ARP resolution attempts before returning error"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_link_ether_inet, OID_AUTO, useloopback, + CTLFLAG_RW, useloopback, 0, + "Use the loopback interface for local traffic"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_link_ether_inet, OID_AUTO, proxyall, + CTLFLAG_RW, arp_proxyall, 0, + "Enable proxy ARP for all suitable requests"); static void arp_init(void); static void arp_rtrequest(int, struct rtentry *, struct rt_addrinfo *); @@ -150,6 +153,8 @@ arptimer(void *arg) static void arp_rtrequest(int req, struct rtentry *rt, struct rt_addrinfo *info) { + INIT_VNET_NET(curvnet); + INIT_VNET_INET(curvnet); struct sockaddr *gate; struct llinfo_arp *la; static struct sockaddr_dl null_sdl = {sizeof(null_sdl), AF_LINK}; @@ -361,6 +366,7 @@ int arpresolve(struct ifnet *ifp, struct rtentry *rt0, struct mbuf *m, struct sockaddr *dst, u_char *desten) { + INIT_VNET_INET(ifp->if_vnet); struct llinfo_arp *la = NULL; struct rtentry *rt = NULL; struct sockaddr_dl *sdl; @@ -613,7 +619,8 @@ in_arpinput(struct mbuf *m) sin.sin_len = sizeof(struct sockaddr_in); sin.sin_family = AF_INET; sin.sin_addr.s_addr = 0; - + INIT_VNET_INET(ifp->if_vnet); + if (ifp->if_bridge) bridged = 1; if (ifp->if_type == IFT_BRIDGE) diff --git a/sys/netinet/igmp.c b/sys/netinet/igmp.c index 54dd41d..10bc50d 100644 --- a/sys/netinet/igmp.c +++ b/sys/netinet/igmp.c @@ -82,8 +82,8 @@ static void igmp_sendpkt(struct in_multi *, int, unsigned long); static struct igmpstat igmpstat; -SYSCTL_STRUCT(_net_inet_igmp, IGMPCTL_STATS, stats, CTLFLAG_RW, &igmpstat, - igmpstat, ""); +SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_igmp, IGMPCTL_STATS, + stats, CTLFLAG_RW, igmpstat, igmpstat, ""); /* * igmp_mtx protects all mutable global variables in igmp.c, as well as the @@ -116,6 +116,7 @@ static struct route igmprt; void igmp_init(void) { + INIT_VNET_INET(curvnet); struct ipoption *ra; /* @@ -145,6 +146,7 @@ igmp_init(void) static struct router_info * find_rti(struct ifnet *ifp) { + INIT_VNET_INET(ifp->if_vnet); struct router_info *rti; mtx_assert(&igmp_mtx, MA_OWNED); @@ -183,6 +185,7 @@ igmp_input(register struct mbuf *m, int off) struct in_multistep step; struct router_info *rti; int timer; /** timer value in the igmp query header **/ + INIT_VNET_INET(ifp->if_vnet); ++V_igmpstat.igps_rcv_total; @@ -410,6 +413,7 @@ igmp_leavegroup(struct in_multi *inm) void igmp_fasttimo(void) { + VNET_ITERATOR_DECL(vnet_iter); register struct in_multi *inm; struct in_multistep step; @@ -423,35 +427,50 @@ igmp_fasttimo(void) IN_MULTI_LOCK(); igmp_timers_are_running = 0; - IN_FIRST_MULTI(step, inm); - while (inm != NULL) { - if (inm->inm_timer == 0) { - /* do nothing */ - } else if (--inm->inm_timer == 0) { - igmp_sendpkt(inm, inm->inm_rti->rti_type, 0); - inm->inm_state = IGMP_IREPORTEDLAST; - } else { - igmp_timers_are_running = 1; + VNET_LIST_RLOCK(); + VNET_FOREACH(vnet_iter) { + CURVNET_SET(vnet_iter); + INIT_VNET_INET(vnet_iter); + IN_FIRST_MULTI(step, inm); + while (inm != NULL) { + if (inm->inm_timer == 0) { + /* do nothing */ + } else if (--inm->inm_timer == 0) { + igmp_sendpkt(inm, inm->inm_rti->rti_type, 0); + inm->inm_state = IGMP_IREPORTEDLAST; + } else { + igmp_timers_are_running = 1; + } + IN_NEXT_MULTI(step, inm); } - IN_NEXT_MULTI(step, inm); + CURVNET_RESTORE(); } + VNET_LIST_RUNLOCK(); IN_MULTI_UNLOCK(); } void igmp_slowtimo(void) { + VNET_ITERATOR_DECL(vnet_iter); struct router_info *rti; IGMP_PRINTF("[igmp.c,_slowtimo] -- > entering \n"); mtx_lock(&igmp_mtx); - SLIST_FOREACH(rti, &V_router_info_head, rti_list) { - if (rti->rti_type == IGMP_V1_ROUTER) { - rti->rti_time++; - if (rti->rti_time >= IGMP_AGE_THRESHOLD) - rti->rti_type = IGMP_V2_ROUTER; + VNET_LIST_RLOCK(); + VNET_FOREACH(vnet_iter) { + CURVNET_SET(vnet_iter); + INIT_VNET_INET(vnet_iter); + SLIST_FOREACH(rti, &V_router_info_head, rti_list) { + if (rti->rti_type == IGMP_V1_ROUTER) { + rti->rti_time++; + if (rti->rti_time >= IGMP_AGE_THRESHOLD) + rti->rti_type = IGMP_V2_ROUTER; + } } + CURVNET_RESTORE(); } + VNET_LIST_RUNLOCK(); mtx_unlock(&igmp_mtx); IGMP_PRINTF("[igmp.c,_slowtimo] -- > exiting \n"); } @@ -459,6 +478,8 @@ igmp_slowtimo(void) static void igmp_sendpkt(struct in_multi *inm, int type, unsigned long addr) { + INIT_VNET_NET(curvnet); + INIT_VNET_INET(curvnet); struct mbuf *m; struct igmp *igmp; struct ip *ip; diff --git a/sys/netinet/in.c b/sys/netinet/in.c index 1952fff..7cdf139 100644 --- a/sys/netinet/in.c +++ b/sys/netinet/in.c @@ -67,11 +67,12 @@ static int in_ifinit(struct ifnet *, static void in_purgemaddrs(struct ifnet *); static int subnetsarelocal = 0; -SYSCTL_INT(_net_inet_ip, OID_AUTO, subnets_are_local, CTLFLAG_RW, - &subnetsarelocal, 0, "Treat all subnets as directly connected"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, subnets_are_local, + CTLFLAG_RW, subnetsarelocal, 0, + "Treat all subnets as directly connected"); static int sameprefixcarponly = 0; -SYSCTL_INT(_net_inet_ip, OID_AUTO, same_prefix_carp_only, CTLFLAG_RW, - &sameprefixcarponly, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, same_prefix_carp_only, + CTLFLAG_RW, sameprefixcarponly, 0, "Refuse to create same prefixes on different interfaces"); extern struct inpcbinfo ripcbinfo; @@ -86,6 +87,7 @@ extern struct inpcbinfo udbinfo; int in_localaddr(struct in_addr in) { + INIT_VNET_INET(curvnet); register u_long i = ntohl(in.s_addr); register struct in_ifaddr *ia; @@ -108,6 +110,7 @@ in_localaddr(struct in_addr in) int in_localip(struct in_addr in) { + INIT_VNET_INET(curvnet); struct in_ifaddr *ia; LIST_FOREACH(ia, INADDR_HASH(in.s_addr), ia_hash) { @@ -200,6 +203,7 @@ int in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp, struct thread *td) { + INIT_VNET_INET(curvnet); /* both so and ifp can be NULL here! */ register struct ifreq *ifr = (struct ifreq *)data; register struct in_ifaddr *ia = 0, *iap; register struct ifaddr *ifa; @@ -708,6 +712,7 @@ static int in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin, int scrub) { + INIT_VNET_INET(ifp->if_vnet); register u_long i = ntohl(sin->sin_addr.s_addr); struct sockaddr_in oldaddr; int s = splimp(), flags = RTF_UP, error = 0; @@ -810,6 +815,7 @@ in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin, static int in_addprefix(struct in_ifaddr *target, int flags) { + INIT_VNET_INET(curvnet); struct in_ifaddr *ia; struct in_addr prefix, mask, p, m; int error; @@ -870,6 +876,7 @@ in_addprefix(struct in_ifaddr *target, int flags) static int in_scrubprefix(struct in_ifaddr *target) { + INIT_VNET_INET(curvnet); struct in_ifaddr *ia; struct in_addr prefix, mask, p; int error; @@ -976,6 +983,7 @@ in_broadcast(struct in_addr in, struct ifnet *ifp) static void in_purgemaddrs(struct ifnet *ifp) { + INIT_VNET_INET(ifp->if_vnet); struct in_multi *inm; struct in_multi *oinm; @@ -998,6 +1006,7 @@ in_purgemaddrs(struct ifnet *ifp) void in_ifdetach(struct ifnet *ifp) { + INIT_VNET_INET(ifp->if_vnet); in_pcbpurgeif0(&V_ripcbinfo, ifp); in_pcbpurgeif0(&V_udbinfo, ifp); diff --git a/sys/netinet/in.h b/sys/netinet/in.h index b969bdf..b505a2e 100644 --- a/sys/netinet/in.h +++ b/sys/netinet/in.h @@ -743,4 +743,8 @@ void in_ifdetach(struct ifnet *); #undef __KAME_NETINET_IN_H_INCLUDED_ #endif +#ifdef _KERNEL +#include <netinet/vinet.h> +#endif + #endif /* !_NETINET_IN_H_*/ diff --git a/sys/netinet/in_gif.c b/sys/netinet/in_gif.c index cbbde54..6165421 100644 --- a/sys/netinet/in_gif.c +++ b/sys/netinet/in_gif.c @@ -45,7 +45,6 @@ __FBSDID("$FreeBSD$"); #include <sys/kernel.h> #include <sys/sysctl.h> #include <sys/protosw.h> - #include <sys/malloc.h> #include <sys/vimage.h> @@ -87,12 +86,13 @@ struct protosw in_gif_protosw = { }; static int ip_gif_ttl = GIF_TTL; -SYSCTL_INT(_net_inet_ip, IPCTL_GIF_TTL, gifttl, CTLFLAG_RW, - &ip_gif_ttl, 0, ""); +SYSCTL_V_INT(V_NET, vnet_gif, _net_inet_ip, IPCTL_GIF_TTL, gifttl, + CTLFLAG_RW, ip_gif_ttl, 0, ""); int in_gif_output(struct ifnet *ifp, int family, struct mbuf *m) { + INIT_VNET_GIF(ifp->if_vnet); struct gif_softc *sc = ifp->if_softc; struct sockaddr_in *dst = (struct sockaddr_in *)&sc->gif_ro.ro_dst; struct sockaddr_in *sin_src = (struct sockaddr_in *)sc->gif_psrc; @@ -242,6 +242,7 @@ in_gif_output(struct ifnet *ifp, int family, struct mbuf *m) void in_gif_input(struct mbuf *m, int off) { + INIT_VNET_INET(curvnet); struct ifnet *gifp = NULL; struct gif_softc *sc; struct ip *ip; @@ -336,6 +337,7 @@ in_gif_input(struct mbuf *m, int off) static int gif_validate4(const struct ip *ip, struct gif_softc *sc, struct ifnet *ifp) { + INIT_VNET_INET(curvnet); struct sockaddr_in *src, *dst; struct in_ifaddr *ia4; diff --git a/sys/netinet/in_mcast.c b/sys/netinet/in_mcast.c index 0aa19a3..df841cb 100644 --- a/sys/netinet/in_mcast.c +++ b/sys/netinet/in_mcast.c @@ -311,6 +311,7 @@ imo_match_source(struct ip_moptions *imo, size_t gidx, struct sockaddr *src) struct in_multi * in_addmulti(struct in_addr *ap, struct ifnet *ifp) { + INIT_VNET_INET(ifp->if_vnet); struct in_multi *inm; inm = NULL; @@ -463,6 +464,8 @@ in_delmulti_locked(struct in_multi *inm) static int inp_change_source_filter(struct inpcb *inp, struct sockopt *sopt) { + INIT_VNET_NET(curvnet); + INIT_VNET_INET(curvnet); struct group_source_req gsr; sockunion_t *gsa, *ssa; struct ifnet *ifp; @@ -752,6 +755,7 @@ inp_freemoptions(struct ip_moptions *imo) static int inp_get_source_filters(struct inpcb *inp, struct sockopt *sopt) { + INIT_VNET_NET(curvnet); struct __msfilterreq msfr; sockunion_t *gsa; struct ifnet *ifp; @@ -849,6 +853,7 @@ inp_get_source_filters(struct inpcb *inp, struct sockopt *sopt) int inp_getmoptions(struct inpcb *inp, struct sockopt *sopt) { + INIT_VNET_INET(curvnet); struct ip_mreqn mreqn; struct ip_moptions *imo; struct ifnet *ifp; @@ -955,6 +960,8 @@ inp_getmoptions(struct inpcb *inp, struct sockopt *sopt) static int inp_join_group(struct inpcb *inp, struct sockopt *sopt) { + INIT_VNET_NET(curvnet); + INIT_VNET_INET(curvnet); struct group_source_req gsr; sockunion_t *gsa, *ssa; struct ifnet *ifp; @@ -1211,6 +1218,8 @@ out_locked: static int inp_leave_group(struct inpcb *inp, struct sockopt *sopt) { + INIT_VNET_NET(curvnet); + INIT_VNET_INET(curvnet); struct group_source_req gsr; struct ip_mreq_source mreqs; sockunion_t *gsa, *ssa; @@ -1399,6 +1408,7 @@ out_locked: static int inp_set_multicast_if(struct inpcb *inp, struct sockopt *sopt) { + INIT_VNET_NET(curvnet); struct in_addr addr; struct ip_mreqn mreqn; struct ifnet *ifp; @@ -1467,6 +1477,7 @@ inp_set_multicast_if(struct inpcb *inp, struct sockopt *sopt) static int inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) { + INIT_VNET_NET(curvnet); struct __msfilterreq msfr; sockunion_t *gsa; struct ifnet *ifp; diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c index 8de45f7..f41296c 100644 --- a/sys/netinet/in_pcb.c +++ b/sys/netinet/in_pcb.c @@ -136,30 +136,37 @@ sysctl_net_ipport_check(SYSCTL_HANDLER_ARGS) SYSCTL_NODE(_net_inet_ip, IPPROTO_IP, portrange, CTLFLAG_RW, 0, "IP Ports"); -SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, lowfirst, CTLTYPE_INT|CTLFLAG_RW, - &ipport_lowfirstauto, 0, &sysctl_net_ipport_check, "I", ""); -SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, lowlast, CTLTYPE_INT|CTLFLAG_RW, - &ipport_lowlastauto, 0, &sysctl_net_ipport_check, "I", ""); -SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, first, CTLTYPE_INT|CTLFLAG_RW, - &ipport_firstauto, 0, &sysctl_net_ipport_check, "I", ""); -SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, last, CTLTYPE_INT|CTLFLAG_RW, - &ipport_lastauto, 0, &sysctl_net_ipport_check, "I", ""); -SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, hifirst, CTLTYPE_INT|CTLFLAG_RW, - &ipport_hifirstauto, 0, &sysctl_net_ipport_check, "I", ""); -SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, hilast, CTLTYPE_INT|CTLFLAG_RW, - &ipport_hilastauto, 0, &sysctl_net_ipport_check, "I", ""); -SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, reservedhigh, - CTLFLAG_RW|CTLFLAG_SECURE, &ipport_reservedhigh, 0, ""); -SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, reservedlow, - CTLFLAG_RW|CTLFLAG_SECURE, &ipport_reservedlow, 0, ""); -SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, randomized, CTLFLAG_RW, - &ipport_randomized, 0, "Enable random port allocation"); -SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, randomcps, CTLFLAG_RW, - &ipport_randomcps, 0, "Maximum number of random port " - "allocations before switching to a sequental one"); -SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, randomtime, CTLFLAG_RW, - &ipport_randomtime, 0, "Minimum time to keep sequental port " - "allocation before switching to a random one"); +SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, + lowfirst, CTLTYPE_INT|CTLFLAG_RW, ipport_lowfirstauto, 0, + &sysctl_net_ipport_check, "I", ""); +SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, + lowlast, CTLTYPE_INT|CTLFLAG_RW, ipport_lowlastauto, 0, + &sysctl_net_ipport_check, "I", ""); +SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, + first, CTLTYPE_INT|CTLFLAG_RW, ipport_firstauto, 0, + &sysctl_net_ipport_check, "I", ""); +SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, + last, CTLTYPE_INT|CTLFLAG_RW, ipport_lastauto, 0, + &sysctl_net_ipport_check, "I", ""); +SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, + hifirst, CTLTYPE_INT|CTLFLAG_RW, ipport_hifirstauto, 0, + &sysctl_net_ipport_check, "I", ""); +SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, + hilast, CTLTYPE_INT|CTLFLAG_RW, ipport_hilastauto, 0, + &sysctl_net_ipport_check, "I", ""); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, + reservedhigh, CTLFLAG_RW|CTLFLAG_SECURE, ipport_reservedhigh, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, reservedlow, + CTLFLAG_RW|CTLFLAG_SECURE, ipport_reservedlow, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, randomized, + CTLFLAG_RW, ipport_randomized, 0, "Enable random port allocation"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, randomcps, + CTLFLAG_RW, ipport_randomcps, 0, "Maximum number of random port " + "allocations before switching to a sequental one"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, randomtime, + CTLFLAG_RW, ipport_randomtime, 0, + "Minimum time to keep sequental port " + "allocation before switching to a random one"); /* * in_pcb.c: manage the Protocol Control Blocks. @@ -176,6 +183,9 @@ SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, randomtime, CTLFLAG_RW, int in_pcballoc(struct socket *so, struct inpcbinfo *pcbinfo) { +#ifdef INET6 + INIT_VNET_INET6(curvnet); +#endif struct inpcb *inp; int error; @@ -270,6 +280,7 @@ int in_pcbbind_setup(struct inpcb *inp, struct sockaddr *nam, in_addr_t *laddrp, u_short *lportp, struct ucred *cred) { + INIT_VNET_INET(inp->inp_vnet); struct socket *so = inp->inp_socket; unsigned short *lastport; struct sockaddr_in *sin; @@ -543,6 +554,7 @@ in_pcbconnect_setup(struct inpcb *inp, struct sockaddr *nam, in_addr_t *laddrp, u_short *lportp, in_addr_t *faddrp, u_short *fportp, struct inpcb **oinpp, struct ucred *cred) { + INIT_VNET_INET(inp->inp_vnet); struct sockaddr_in *sin = (struct sockaddr_in *)nam; struct in_ifaddr *ia; struct sockaddr_in sa; @@ -1223,13 +1235,22 @@ in_pcbsosetlabel(struct socket *so) void ipport_tick(void *xtp) { - - if (V_ipport_tcpallocs <= V_ipport_tcplastcount + V_ipport_randomcps) { - if (V_ipport_stoprandom > 0) - V_ipport_stoprandom--; - } else - V_ipport_stoprandom = V_ipport_randomtime; - V_ipport_tcplastcount = V_ipport_tcpallocs; + VNET_ITERATOR_DECL(vnet_iter); + + VNET_LIST_RLOCK(); + VNET_FOREACH(vnet_iter) { + CURVNET_SET(vnet_iter); /* XXX appease INVARIANTS here */ + INIT_VNET_INET(vnet_iter); + if (V_ipport_tcpallocs <= + V_ipport_tcplastcount + V_ipport_randomcps) { + if (V_ipport_stoprandom > 0) + V_ipport_stoprandom--; + } else + V_ipport_stoprandom = V_ipport_randomtime; + V_ipport_tcplastcount = V_ipport_tcpallocs; + CURVNET_RESTORE(); + } + VNET_LIST_RUNLOCK(); callout_reset(&ipport_tick_callout, hz, ipport_tick, NULL); } @@ -1280,6 +1301,7 @@ inp_unlock_assert(struct inpcb *inp) void inp_apply_all(void (*func)(struct inpcb *, void *), void *arg) { + INIT_VNET_INET(curvnet); struct inpcb *inp; INP_INFO_RLOCK(&V_tcbinfo); diff --git a/sys/netinet/in_rmx.c b/sys/netinet/in_rmx.c index e79337b..66b8bb3 100644 --- a/sys/netinet/in_rmx.c +++ b/sys/netinet/in_rmx.c @@ -152,17 +152,19 @@ in_matroute(void *v_arg, struct radix_node_head *head) } static int rtq_reallyold = 60*60; /* one hour is "really old" */ -SYSCTL_INT(_net_inet_ip, IPCTL_RTEXPIRE, rtexpire, CTLFLAG_RW, - &rtq_reallyold, 0, "Default expiration time on dynamically learned routes"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_RTEXPIRE, rtexpire, + CTLFLAG_RW, rtq_reallyold, 0, + "Default expiration time on dynamically learned routes"); static int rtq_minreallyold = 10; /* never automatically crank down to less */ -SYSCTL_INT(_net_inet_ip, IPCTL_RTMINEXPIRE, rtminexpire, CTLFLAG_RW, - &rtq_minreallyold, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_RTMINEXPIRE, + rtminexpire, CTLFLAG_RW, rtq_minreallyold, 0, "Minimum time to attempt to hold onto dynamically learned routes"); static int rtq_toomany = 128; /* 128 cached routes is "too many" */ -SYSCTL_INT(_net_inet_ip, IPCTL_RTMAXCACHE, rtmaxcache, CTLFLAG_RW, - &rtq_toomany, 0, "Upper limit on dynamically learned routes"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_RTMAXCACHE, + rtmaxcache, CTLFLAG_RW, rtq_toomany, 0, + "Upper limit on dynamically learned routes"); /* * On last reference drop, mark the route as belong to us so that it can be @@ -171,6 +173,7 @@ SYSCTL_INT(_net_inet_ip, IPCTL_RTMAXCACHE, rtmaxcache, CTLFLAG_RW, static void in_clsroute(struct radix_node *rn, struct radix_node_head *head) { + INIT_VNET_INET(curvnet); struct rtentry *rt = (struct rtentry *)rn; RT_LOCK_ASSERT(rt); @@ -216,6 +219,7 @@ struct rtqk_arg { static int in_rtqkill(struct radix_node *rn, void *rock) { + INIT_VNET_INET(curvnet); struct rtqk_arg *ap = rock; struct rtentry *rt = (struct rtentry *)rn; int err; @@ -323,21 +327,29 @@ in_rtqtimo_one(void *rock) void in_rtqdrain(void) { + VNET_ITERATOR_DECL(vnet_iter); struct radix_node_head *rnh; struct rtqk_arg arg; int fibnum; - for ( fibnum = 0; fibnum < rt_numfibs; fibnum++) { - rnh = V_rt_tables[fibnum][AF_INET]; - arg.found = arg.killed = 0; - arg.rnh = rnh; - arg.nextstop = 0; - arg.draining = 1; - arg.updating = 0; - RADIX_NODE_HEAD_LOCK(rnh); - rnh->rnh_walktree(rnh, in_rtqkill, &arg); - RADIX_NODE_HEAD_UNLOCK(rnh); + VNET_LIST_RLOCK(); + VNET_FOREACH(vnet_iter) { + CURVNET_SET(vnet_iter); + INIT_VNET_NET(vnet_iter); + for ( fibnum = 0; fibnum < rt_numfibs; fibnum++) { + rnh = V_rt_tables[fibnum][AF_INET]; + arg.found = arg.killed = 0; + arg.rnh = rnh; + arg.nextstop = 0; + arg.draining = 1; + arg.updating = 0; + RADIX_NODE_HEAD_LOCK(rnh); + rnh->rnh_walktree(rnh, in_rtqkill, &arg); + RADIX_NODE_HEAD_UNLOCK(rnh); + } + CURVNET_RESTORE(); } + VNET_LIST_RUNLOCK(); } static int _in_rt_was_here; @@ -347,6 +359,7 @@ static int _in_rt_was_here; int in_inithead(void **head, int off) { + INIT_VNET_INET(curvnet); struct radix_node_head *rnh; /* XXX MRT @@ -416,6 +429,7 @@ in_ifadownkill(struct radix_node *rn, void *xap) int in_ifadown(struct ifaddr *ifa, int delete) { + INIT_VNET_NET(curvnet); struct in_ifadown_arg arg; struct radix_node_head *rnh; int fibnum; diff --git a/sys/netinet/ip6.h b/sys/netinet/ip6.h index 09692d9..a7df9c8 100644 --- a/sys/netinet/ip6.h +++ b/sys/netinet/ip6.h @@ -346,6 +346,9 @@ do { \ } \ } \ } while (/*CONSTCOND*/ 0) + +#include <netinet6/vinet6.h> + #endif /*_KERNEL*/ #endif /* not _NETINET_IP6_H_ */ diff --git a/sys/netinet/ip_carp.c b/sys/netinet/ip_carp.c index 1a07a97..25b629d 100644 --- a/sys/netinet/ip_carp.c +++ b/sys/netinet/ip_carp.c @@ -914,6 +914,7 @@ carp_send_ad_locked(struct carp_softc *sc) ch.carp_cksum = 0; #ifdef INET + INIT_VNET_INET(curvnet); if (sc->sc_ia) { struct ip *ip; @@ -1452,6 +1453,7 @@ carp_multicast6_cleanup(struct carp_softc *sc) static int carp_set_addr(struct carp_softc *sc, struct sockaddr_in *sin) { + INIT_VNET_INET(curvnet); struct ifnet *ifp; struct carp_if *cif; struct in_ifaddr *ia, *ia_if; @@ -1617,6 +1619,7 @@ carp_del_addr(struct carp_softc *sc, struct sockaddr_in *sin) static int carp_set_addr6(struct carp_softc *sc, struct sockaddr_in6 *sin6) { + INIT_VNET_INET6(curvnet); struct ifnet *ifp; struct carp_if *cif; struct in6_ifaddr *ia, *ia_if; diff --git a/sys/netinet/ip_divert.c b/sys/netinet/ip_divert.c index 1bba15a..aea0d61 100644 --- a/sys/netinet/ip_divert.c +++ b/sys/netinet/ip_divert.c @@ -148,6 +148,7 @@ div_inpcb_fini(void *mem, int size) void div_init(void) { + INIT_VNET_INET(curvnet); INP_INFO_LOCK_INIT(&V_divcbinfo, "div"); LIST_INIT(&V_divcb); @@ -175,6 +176,8 @@ div_init(void) void div_input(struct mbuf *m, int off) { + INIT_VNET_INET(curvnet); + V_ipstat.ips_noproto++; m_freem(m); } @@ -188,6 +191,7 @@ div_input(struct mbuf *m, int off) static void divert_packet(struct mbuf *m, int incoming) { + INIT_VNET_INET(curvnet); struct ip *ip; struct inpcb *inp; struct socket *sa; @@ -304,6 +308,7 @@ static int div_output(struct socket *so, struct mbuf *m, struct sockaddr_in *sin, struct mbuf *control) { + INIT_VNET_INET(curvnet); struct m_tag *mtag; struct divert_tag *dt; int error = 0; @@ -456,6 +461,7 @@ cantsend: static int div_attach(struct socket *so, int proto, struct thread *td) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; int error; @@ -487,6 +493,7 @@ div_attach(struct socket *so, int proto, struct thread *td) static void div_detach(struct socket *so) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -501,6 +508,7 @@ div_detach(struct socket *so) static int div_bind(struct socket *so, struct sockaddr *nam, struct thread *td) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; int error; @@ -541,6 +549,8 @@ static int div_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, struct mbuf *control, struct thread *td) { + INIT_VNET_INET(so->so_vnet); + /* Packet must have a header (but that's about it) */ if (m->m_len < sizeof (struct ip) && (m = m_pullup(m, sizeof (struct ip))) == 0) { diff --git a/sys/netinet/ip_fastfwd.c b/sys/netinet/ip_fastfwd.c index b38dfc0..4cdfd6b 100644 --- a/sys/netinet/ip_fastfwd.c +++ b/sys/netinet/ip_fastfwd.c @@ -107,12 +107,13 @@ __FBSDID("$FreeBSD$"); #include <machine/in_cksum.h> static int ipfastforward_active = 0; -SYSCTL_INT(_net_inet_ip, OID_AUTO, fastforwarding, CTLFLAG_RW, - &ipfastforward_active, 0, "Enable fast IP forwarding"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, fastforwarding, + CTLFLAG_RW, ipfastforward_active, 0, "Enable fast IP forwarding"); static struct sockaddr_in * ip_findroute(struct route *ro, struct in_addr dest, struct mbuf *m) { + INIT_VNET_INET(curvnet); struct sockaddr_in *dst; struct rtentry *rt; @@ -156,6 +157,7 @@ ip_findroute(struct route *ro, struct in_addr dest, struct mbuf *m) struct mbuf * ip_fastforward(struct mbuf *m) { + INIT_VNET_INET(curvnet); struct ip *ip; struct mbuf *m0 = NULL; struct route ro; diff --git a/sys/netinet/ip_fw.h b/sys/netinet/ip_fw.h index 666e536..a274f94 100644 --- a/sys/netinet/ip_fw.h +++ b/sys/netinet/ip_fw.h @@ -630,14 +630,20 @@ int ipfw_chk(struct ip_fw_args *); int ipfw_init(void); void ipfw_destroy(void); +#ifdef NOTYET +void ipfw_nat_destroy(void); +#endif typedef int ip_fw_ctl_t(struct sockopt *); extern ip_fw_ctl_t *ip_fw_ctl_ptr; + +#ifndef VIMAGE extern int fw_one_pass; extern int fw_enable; #ifdef INET6 extern int fw6_enable; #endif +#endif /* For kernel ipfw_ether and ipfw_bridge. */ typedef int ip_fw_chk_t(struct ip_fw_args *args); @@ -675,5 +681,80 @@ typedef int ipfw_nat_t(struct ip_fw_args *, struct cfg_nat *, struct mbuf *); typedef int ipfw_nat_cfg_t(struct sockopt *); #endif +/* + * Stack virtualization support. + */ +#ifdef VIMAGE +struct vnet_ipfw { + int _fw_one_pass; + int _fw_enable; + int _fw6_enable; + u_int32_t _set_disable; + int _fw_deny_unknown_exthdrs; + int _fw_verbose; + int _verbose_limit; + int _fw_debug; + int _autoinc_step; + ipfw_dyn_rule **_ipfw_dyn_v; + struct ip_fw_chain _layer3_chain; + u_int32_t _dyn_buckets; + u_int32_t _curr_dyn_buckets; + u_int32_t _dyn_ack_lifetime; + u_int32_t _dyn_syn_lifetime; + u_int32_t _dyn_fin_lifetime; + u_int32_t _dyn_rst_lifetime; + u_int32_t _dyn_udp_lifetime; + u_int32_t _dyn_short_lifetime; + u_int32_t _dyn_keepalive_interval; + u_int32_t _dyn_keepalive_period; + u_int32_t _dyn_keepalive; + u_int32_t _static_count; + u_int32_t _static_len; + u_int32_t _dyn_count; + u_int32_t _dyn_max; + u_int64_t _norule_counter; + struct callout _ipfw_timeout; + eventhandler_tag _ifaddr_event_tag; +}; +#endif + +/* + * Symbol translation macros + */ +#define INIT_VNET_IPFW(vnet) \ + INIT_FROM_VNET(vnet, VNET_MOD_IPFW, struct vnet_ipfw, vnet_ipfw) + +#define VNET_IPFW(sym) VSYM(vnet_ipfw, sym) + +#define V_fw_one_pass VNET_IPFW(fw_one_pass) +#define V_fw_enable VNET_IPFW(fw_enable) +#define V_fw6_enable VNET_IPFW(fw6_enable) +#define V_set_disable VNET_IPFW(set_disable) +#define V_fw_deny_unknown_exthdrs VNET_IPFW(fw_deny_unknown_exthdrs) +#define V_fw_verbose VNET_IPFW(fw_verbose) +#define V_verbose_limit VNET_IPFW(verbose_limit) +#define V_fw_debug VNET_IPFW(fw_debug) +#define V_autoinc_step VNET_IPFW(autoinc_step) +#define V_ipfw_dyn_v VNET_IPFW(ipfw_dyn_v) +#define V_layer3_chain VNET_IPFW(layer3_chain) +#define V_dyn_buckets VNET_IPFW(dyn_buckets) +#define V_curr_dyn_buckets VNET_IPFW(curr_dyn_buckets) +#define V_dyn_ack_lifetime VNET_IPFW(dyn_ack_lifetime) +#define V_dyn_syn_lifetime VNET_IPFW(dyn_syn_lifetime) +#define V_dyn_fin_lifetime VNET_IPFW(dyn_fin_lifetime) +#define V_dyn_rst_lifetime VNET_IPFW(dyn_rst_lifetime) +#define V_dyn_udp_lifetime VNET_IPFW(dyn_udp_lifetime) +#define V_dyn_short_lifetime VNET_IPFW(dyn_short_lifetime) +#define V_dyn_keepalive_interval VNET_IPFW(dyn_keepalive_interval) +#define V_dyn_keepalive_period VNET_IPFW(dyn_keepalive_period) +#define V_dyn_keepalive VNET_IPFW(dyn_keepalive) +#define V_static_count VNET_IPFW(static_count) +#define V_static_len VNET_IPFW(static_len) +#define V_dyn_count VNET_IPFW(dyn_count) +#define V_dyn_max VNET_IPFW(dyn_max) +#define V_norule_counter VNET_IPFW(norule_counter) +#define V_ipfw_timeout VNET_IPFW(ipfw_timeout) +#define V_ifaddr_event_tag VNET_IPFW(ifaddr_event_tag) + #endif /* _KERNEL */ #endif /* _IPFW2_H */ diff --git a/sys/netinet/ip_fw2.c b/sys/netinet/ip_fw2.c index 00ab781..861f9e9 100644 --- a/sys/netinet/ip_fw2.c +++ b/sys/netinet/ip_fw2.c @@ -163,20 +163,19 @@ extern int ipfw_chg_hook(SYSCTL_HANDLER_ARGS); #ifdef SYSCTL_NODE SYSCTL_NODE(_net_inet_ip, OID_AUTO, fw, CTLFLAG_RW, 0, "Firewall"); -SYSCTL_PROC(_net_inet_ip_fw, OID_AUTO, enable, - CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE3, &fw_enable, 0, +SYSCTL_V_PROC(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, enable, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE3, fw_enable, 0, ipfw_chg_hook, "I", "Enable ipfw"); -SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, autoinc_step, CTLFLAG_RW, - &autoinc_step, 0, "Rule number autincrement step"); -SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, one_pass, - CTLFLAG_RW | CTLFLAG_SECURE3, - &fw_one_pass, 0, +SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, autoinc_step, + CTLFLAG_RW, autoinc_step, 0, "Rule number autincrement step"); +SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, one_pass, + CTLFLAG_RW | CTLFLAG_SECURE3, fw_one_pass, 0, "Only do a single pass through ipfw when using dummynet(4)"); -SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, debug, CTLFLAG_RW, - &fw_debug, 0, "Enable printing of debug ip_fw statements"); -SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, verbose, +SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, debug, CTLFLAG_RW, + fw_debug, 0, "Enable printing of debug ip_fw statements"); +SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, verbose, CTLFLAG_RW | CTLFLAG_SECURE3, - &fw_verbose, 0, "Log matches to ipfw rules"); + fw_verbose, 0, "Log matches to ipfw rules"); SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, verbose_limit, CTLFLAG_RW, &verbose_limit, 0, "Set upper limit of matches of ipfw rules logged"); SYSCTL_UINT(_net_inet_ip_fw, OID_AUTO, default_rule, CTLFLAG_RD, @@ -259,30 +258,32 @@ static u_int32_t static_len; /* size in bytes of static rules */ static u_int32_t dyn_count; /* # of dynamic rules */ static u_int32_t dyn_max = 4096; /* max # of dynamic rules */ -SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_buckets, CTLFLAG_RW, - &dyn_buckets, 0, "Number of dyn. buckets"); -SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, curr_dyn_buckets, CTLFLAG_RD, - &curr_dyn_buckets, 0, "Current Number of dyn. buckets"); -SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_count, CTLFLAG_RD, - &dyn_count, 0, "Number of dyn. rules"); -SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_max, CTLFLAG_RW, - &dyn_max, 0, "Max number of dyn. rules"); -SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, static_count, CTLFLAG_RD, - &static_count, 0, "Number of static rules"); -SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_ack_lifetime, CTLFLAG_RW, - &dyn_ack_lifetime, 0, "Lifetime of dyn. rules for acks"); -SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_syn_lifetime, CTLFLAG_RW, - &dyn_syn_lifetime, 0, "Lifetime of dyn. rules for syn"); -SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_fin_lifetime, CTLFLAG_RW, - &dyn_fin_lifetime, 0, "Lifetime of dyn. rules for fin"); -SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_rst_lifetime, CTLFLAG_RW, - &dyn_rst_lifetime, 0, "Lifetime of dyn. rules for rst"); -SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_udp_lifetime, CTLFLAG_RW, - &dyn_udp_lifetime, 0, "Lifetime of dyn. rules for UDP"); -SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_short_lifetime, CTLFLAG_RW, - &dyn_short_lifetime, 0, "Lifetime of dyn. rules for other situations"); -SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_keepalive, CTLFLAG_RW, - &dyn_keepalive, 0, "Enable keepalives for dyn. rules"); +SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_buckets, + CTLFLAG_RW, dyn_buckets, 0, "Number of dyn. buckets"); +SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, curr_dyn_buckets, + CTLFLAG_RD, curr_dyn_buckets, 0, "Current Number of dyn. buckets"); +SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_count, + CTLFLAG_RD, dyn_count, 0, "Number of dyn. rules"); +SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_max, + CTLFLAG_RW, dyn_max, 0, "Max number of dyn. rules"); +SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, static_count, + CTLFLAG_RD, static_count, 0, "Number of static rules"); +SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_ack_lifetime, + CTLFLAG_RW, dyn_ack_lifetime, 0, "Lifetime of dyn. rules for acks"); +SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_syn_lifetime, + CTLFLAG_RW, dyn_syn_lifetime, 0, "Lifetime of dyn. rules for syn"); +SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_fin_lifetime, + CTLFLAG_RW, dyn_fin_lifetime, 0, "Lifetime of dyn. rules for fin"); +SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_rst_lifetime, + CTLFLAG_RW, dyn_rst_lifetime, 0, "Lifetime of dyn. rules for rst"); +SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_udp_lifetime, + CTLFLAG_RW, dyn_udp_lifetime, 0, "Lifetime of dyn. rules for UDP"); +SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_short_lifetime, + CTLFLAG_RW, dyn_short_lifetime, 0, + "Lifetime of dyn. rules for other situations"); +SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_keepalive, + CTLFLAG_RW, dyn_keepalive, 0, "Enable keepalives for dyn. rules"); + #ifdef INET6 /* @@ -566,6 +567,7 @@ flow6id_match( int curr_flow, ipfw_insn_u32 *cmd ) static int search_ip6_addr_net (struct in6_addr * ip6_addr) { + INIT_VNET_NET(curvnet); struct ifnet *mdc; struct ifaddr *mdc2; struct in6_ifaddr *fdm; @@ -757,6 +759,7 @@ ipfw_log(struct ip_fw *f, u_int hlen, struct ip_fw_args *args, struct mbuf *m, struct ifnet *oif, u_short offset, uint32_t tablearg, struct ip *ip) { + INIT_VNET_IPFW(curvnet); struct ether_header *eh = args->eh; char *action; int limit_reached = 0; @@ -1027,6 +1030,7 @@ ipfw_log(struct ip_fw *f, u_int hlen, struct ip_fw_args *args, static __inline int hash_packet(struct ipfw_flow_id *id) { + INIT_VNET_IPFW(curvnet); u_int32_t i; #ifdef INET6 @@ -1078,6 +1082,7 @@ hash_packet(struct ipfw_flow_id *id) static void remove_dyn_rule(struct ip_fw *rule, ipfw_dyn_rule *keep_me) { + INIT_VNET_IPFW(curvnet); static u_int32_t last_remove = 0; #define FORCE (keep_me == NULL) @@ -1148,6 +1153,7 @@ static ipfw_dyn_rule * lookup_dyn_rule_locked(struct ipfw_flow_id *pkt, int *match_direction, struct tcphdr *tcp) { + INIT_VNET_IPFW(curvnet); /* * stateful ipfw extensions. * Lookup into dynamic session queue @@ -1304,6 +1310,7 @@ lookup_dyn_rule(struct ipfw_flow_id *pkt, int *match_direction, static void realloc_dynamic_table(void) { + INIT_VNET_IPFW(curvnet); IPFW_DYN_LOCK_ASSERT(); /* @@ -1343,6 +1350,7 @@ realloc_dynamic_table(void) static ipfw_dyn_rule * add_dyn_rule(struct ipfw_flow_id *id, u_int8_t dyn_type, struct ip_fw *rule) { + INIT_VNET_IPFW(curvnet); ipfw_dyn_rule *r; int i; @@ -1398,6 +1406,7 @@ add_dyn_rule(struct ipfw_flow_id *id, u_int8_t dyn_type, struct ip_fw *rule) static ipfw_dyn_rule * lookup_dyn_parent(struct ipfw_flow_id *pkt, struct ip_fw *rule) { + INIT_VNET_IPFW(curvnet); ipfw_dyn_rule *q; int i; @@ -1441,6 +1450,7 @@ static int install_state(struct ip_fw *rule, ipfw_insn_limit *cmd, struct ip_fw_args *args, uint32_t tablearg) { + INIT_VNET_IPFW(curvnet); static int last_log; ipfw_dyn_rule *q; struct in_addr da; @@ -1602,6 +1612,7 @@ static struct mbuf * send_pkt(struct mbuf *replyto, struct ipfw_flow_id *id, u_int32_t seq, u_int32_t ack, int flags) { + INIT_VNET_INET(curvnet); struct mbuf *m; struct ip *ip; struct tcphdr *tcp; @@ -1778,6 +1789,7 @@ static int add_table_entry(struct ip_fw_chain *ch, uint16_t tbl, in_addr_t addr, uint8_t mlen, uint32_t value) { + INIT_VNET_IPFW(curvnet); struct radix_node_head *rnh; struct table_entry *ent; @@ -1982,6 +1994,7 @@ check_uidgid(ipfw_insn_u32 *insn, int proto, struct ifnet *oif, u_int16_t src_port, struct ip_fw_ugid *ugp, int *ugid_lookupp, struct inpcb *inp) { + INIT_VNET_INET(curvnet); struct inpcbinfo *pi; int wildcard; struct inpcb *pcb; @@ -2099,6 +2112,9 @@ check_uidgid(ipfw_insn_u32 *insn, int proto, struct ifnet *oif, int ipfw_chk(struct ip_fw_args *args) { + INIT_VNET_INET(curvnet); + INIT_VNET_IPFW(curvnet); + /* * Local variables holding state during the processing of a packet: * @@ -3408,6 +3424,7 @@ flush_rule_ptrs(struct ip_fw_chain *chain) static int add_rule(struct ip_fw_chain *chain, struct ip_fw *input_rule) { + INIT_VNET_IPFW(curvnet); struct ip_fw *rule, *f, *prev; int l = RULESIZE(input_rule); @@ -3493,6 +3510,7 @@ static struct ip_fw * remove_rule(struct ip_fw_chain *chain, struct ip_fw *rule, struct ip_fw *prev) { + INIT_VNET_IPFW(curvnet); struct ip_fw *n; int l = RULESIZE(rule); @@ -3707,6 +3725,7 @@ clear_counters(struct ip_fw *rule, int log_only) static int zero_entry(struct ip_fw_chain *chain, u_int32_t arg, int log_only) { + INIT_VNET_IPFW(curvnet); struct ip_fw *rule; char *msg; @@ -4074,6 +4093,7 @@ bad_size: static size_t ipfw_getrules(struct ip_fw_chain *chain, void *buf, size_t space) { + INIT_VNET_IPFW(curvnet); char *bp = buf; char *ep = bp + space; struct ip_fw *rule; @@ -4156,6 +4176,7 @@ static int ipfw_ctl(struct sockopt *sopt) { #define RULE_MAXSIZE (256*sizeof(u_int32_t)) + INIT_VNET_IPFW(curvnet); int error; size_t size; struct ip_fw *buf, *rule; @@ -4495,6 +4516,7 @@ done: int ipfw_init(void) { + INIT_VNET_IPFW(curvnet); struct ip_fw default_rule; int error; diff --git a/sys/netinet/ip_fw_nat.c b/sys/netinet/ip_fw_nat.c index 688a181..732b6ae 100644 --- a/sys/netinet/ip_fw_nat.c +++ b/sys/netinet/ip_fw_nat.c @@ -82,6 +82,7 @@ extern ipfw_nat_cfg_t *ipfw_nat_get_log_ptr; static void ifaddr_change(void *arg __unused, struct ifnet *ifp) { + INIT_VNET_IPFW(curvnet); struct cfg_nat *ptr; struct ifaddr *ifa; @@ -109,6 +110,7 @@ ifaddr_change(void *arg __unused, struct ifnet *ifp) static void flush_nat_ptrs(const int i) { + INIT_VNET_IPFW(curvnet); struct ip_fw *rule; IPFW_WLOCK_ASSERT(&V_layer3_chain); @@ -404,6 +406,7 @@ ipfw_nat(struct ip_fw_args *args, struct cfg_nat *t, struct mbuf *m) static int ipfw_nat_cfg(struct sockopt *sopt) { + INIT_VNET_IPFW(curvnet); struct cfg_nat *ptr, *ser_n; char *buf; @@ -474,6 +477,7 @@ ipfw_nat_cfg(struct sockopt *sopt) static int ipfw_nat_del(struct sockopt *sopt) { + INIT_VNET_IPFW(curvnet); struct cfg_nat *ptr; int i; @@ -496,6 +500,7 @@ ipfw_nat_del(struct sockopt *sopt) static int ipfw_nat_get_cfg(struct sockopt *sopt) { + INIT_VNET_IPFW(curvnet); uint8_t *data; struct cfg_nat *n; struct cfg_redir *r; @@ -550,6 +555,7 @@ nospace: static int ipfw_nat_get_log(struct sockopt *sopt) { + INIT_VNET_IPFW(curvnet); uint8_t *data; struct cfg_nat *ptr; int i, size, cnt, sof; @@ -584,6 +590,7 @@ ipfw_nat_get_log(struct sockopt *sopt) static void ipfw_nat_init(void) { + INIT_VNET_IPFW(curvnet); IPFW_WLOCK(&V_layer3_chain); /* init ipfw hooks */ @@ -600,6 +607,7 @@ ipfw_nat_init(void) static void ipfw_nat_destroy(void) { + INIT_VNET_IPFW(curvnet); struct ip_fw *rule; struct cfg_nat *ptr, *ptr_temp; diff --git a/sys/netinet/ip_icmp.c b/sys/netinet/ip_icmp.c index bd8ac70..2487533 100644 --- a/sys/netinet/ip_icmp.c +++ b/sys/netinet/ip_icmp.c @@ -78,45 +78,48 @@ __FBSDID("$FreeBSD$"); */ struct icmpstat icmpstat; -SYSCTL_STRUCT(_net_inet_icmp, ICMPCTL_STATS, stats, CTLFLAG_RW, - &icmpstat, icmpstat, ""); +SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_icmp, ICMPCTL_STATS, stats, + CTLFLAG_RW, icmpstat, icmpstat, ""); static int icmpmaskrepl = 0; -SYSCTL_INT(_net_inet_icmp, ICMPCTL_MASKREPL, maskrepl, CTLFLAG_RW, - &icmpmaskrepl, 0, "Reply to ICMP Address Mask Request packets."); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, ICMPCTL_MASKREPL, maskrepl, + CTLFLAG_RW, icmpmaskrepl, 0, + "Reply to ICMP Address Mask Request packets."); static u_int icmpmaskfake = 0; -SYSCTL_UINT(_net_inet_icmp, OID_AUTO, maskfake, CTLFLAG_RW, - &icmpmaskfake, 0, "Fake reply to ICMP Address Mask Request packets."); +SYSCTL_V_UINT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, maskfake, CTLFLAG_RW, + icmpmaskfake, 0, "Fake reply to ICMP Address Mask Request packets."); static int drop_redirect = 0; -SYSCTL_INT(_net_inet_icmp, OID_AUTO, drop_redirect, CTLFLAG_RW, - &drop_redirect, 0, "Ignore ICMP redirects"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, drop_redirect, + CTLFLAG_RW, drop_redirect, 0, "Ignore ICMP redirects"); static int log_redirect = 0; -SYSCTL_INT(_net_inet_icmp, OID_AUTO, log_redirect, CTLFLAG_RW, - &log_redirect, 0, "Log ICMP redirects to the console"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, log_redirect, + CTLFLAG_RW, log_redirect, 0, "Log ICMP redirects to the console"); static int icmplim = 200; -SYSCTL_INT(_net_inet_icmp, ICMPCTL_ICMPLIM, icmplim, CTLFLAG_RW, - &icmplim, 0, "Maximum number of ICMP responses per second"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, ICMPCTL_ICMPLIM, icmplim, + CTLFLAG_RW, icmplim, 0, "Maximum number of ICMP responses per second"); static int icmplim_output = 1; -SYSCTL_INT(_net_inet_icmp, OID_AUTO, icmplim_output, CTLFLAG_RW, - &icmplim_output, 0, "Enable rate limiting of ICMP responses"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, icmplim_output, + CTLFLAG_RW, icmplim_output, 0, + "Enable rate limiting of ICMP responses"); static char reply_src[IFNAMSIZ]; -SYSCTL_STRING(_net_inet_icmp, OID_AUTO, reply_src, CTLFLAG_RW, - &reply_src, IFNAMSIZ, "icmp reply source for non-local packets."); +SYSCTL_V_STRING(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, reply_src, + CTLFLAG_RW, reply_src, IFNAMSIZ, + "icmp reply source for non-local packets."); static int icmp_rfi = 0; -SYSCTL_INT(_net_inet_icmp, OID_AUTO, reply_from_interface, CTLFLAG_RW, - &icmp_rfi, 0, "ICMP reply from incoming interface for " +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, reply_from_interface, + CTLFLAG_RW, icmp_rfi, 0, "ICMP reply from incoming interface for " "non-local packets"); static int icmp_quotelen = 8; -SYSCTL_INT(_net_inet_icmp, OID_AUTO, quotelen, CTLFLAG_RW, - &icmp_quotelen, 0, "Number of bytes from original packet to " +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, quotelen, CTLFLAG_RW, + icmp_quotelen, 0, "Number of bytes from original packet to " "quote in ICMP reply"); /* @@ -124,8 +127,8 @@ SYSCTL_INT(_net_inet_icmp, OID_AUTO, quotelen, CTLFLAG_RW, */ static int icmpbmcastecho = 0; -SYSCTL_INT(_net_inet_icmp, OID_AUTO, bmcastecho, CTLFLAG_RW, - &icmpbmcastecho, 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, bmcastecho, + CTLFLAG_RW, icmpbmcastecho, 0, ""); #ifdef ICMPPRINTFS @@ -144,6 +147,7 @@ extern struct protosw inetsw[]; void icmp_error(struct mbuf *n, int type, int code, n_long dest, int mtu) { + INIT_VNET_INET(curvnet); register struct ip *oip = mtod(n, struct ip *), *nip; register unsigned oiphlen = oip->ip_hl << 2; register struct icmp *icp; @@ -207,9 +211,9 @@ icmp_error(struct mbuf *n, int type, int code, n_long dest, int mtu) if (n->m_len < oiphlen + tcphlen && ((n = m_pullup(n, oiphlen + tcphlen)) == NULL)) goto freeit; - icmpelen = max(tcphlen, min(icmp_quotelen, oip->ip_len - oiphlen)); + icmpelen = max(tcphlen, min(V_icmp_quotelen, oip->ip_len - oiphlen)); } else -stdreply: icmpelen = max(8, min(icmp_quotelen, oip->ip_len - oiphlen)); +stdreply: icmpelen = max(8, min(V_icmp_quotelen, oip->ip_len - oiphlen)); icmplen = min(oiphlen + icmpelen, nlen); if (icmplen < sizeof(struct ip)) @@ -292,6 +296,7 @@ freeit: void icmp_input(struct mbuf *m, int off) { + INIT_VNET_INET(curvnet); struct icmp *icp; struct in_ifaddr *ia; struct ip *ip = mtod(m, struct ip *); @@ -462,7 +467,7 @@ icmp_input(struct mbuf *m, int off) break; case ICMP_ECHO: - if (!icmpbmcastecho + if (!V_icmpbmcastecho && (m->m_flags & (M_MCAST | M_BCAST)) != 0) { V_icmpstat.icps_bmcastecho++; break; @@ -474,7 +479,7 @@ icmp_input(struct mbuf *m, int off) goto reflect; case ICMP_TSTAMP: - if (!icmpbmcastecho + if (!V_icmpbmcastecho && (m->m_flags & (M_MCAST | M_BCAST)) != 0) { V_icmpstat.icps_bmcasttstamp++; break; @@ -492,7 +497,7 @@ icmp_input(struct mbuf *m, int off) goto reflect; case ICMP_MASKREQ: - if (icmpmaskrepl == 0) + if (V_icmpmaskrepl == 0) break; /* * We are not able to respond with all ones broadcast @@ -517,10 +522,10 @@ icmp_input(struct mbuf *m, int off) if (ia->ia_ifp == 0) break; icp->icmp_type = ICMP_MASKREPLY; - if (icmpmaskfake == 0) + if (V_icmpmaskfake == 0) icp->icmp_mask = ia->ia_sockmask.sin_addr.s_addr; else - icp->icmp_mask = icmpmaskfake; + icp->icmp_mask = V_icmpmaskfake; if (ip->ip_src.s_addr == 0) { if (ia->ia_ifp->if_flags & IFF_BROADCAST) ip->ip_src = satosin(&ia->ia_broadaddr)->sin_addr; @@ -535,7 +540,7 @@ reflect: return; case ICMP_REDIRECT: - if (log_redirect) { + if (V_log_redirect) { u_long src, dst, gw; src = ntohl(ip->ip_src.s_addr); @@ -554,7 +559,7 @@ reflect: * RFC1812 says we must ignore ICMP redirects if we * are acting as router. */ - if (drop_redirect || V_ipforwarding) + if (V_drop_redirect || V_ipforwarding) break; if (code > 3) goto badcode; @@ -622,6 +627,7 @@ freeit: static void icmp_reflect(struct mbuf *m) { + INIT_VNET_INET(curvnet); struct ip *ip = mtod(m, struct ip *); struct ifaddr *ifa; struct ifnet *ifn; @@ -672,7 +678,7 @@ icmp_reflect(struct mbuf *m) * doesn't have a suitable IP address, the normal selection * criteria apply. */ - if (icmp_rfi && m->m_pkthdr.rcvif != NULL) { + if (V_icmp_rfi && m->m_pkthdr.rcvif != NULL) { TAILQ_FOREACH(ifa, &m->m_pkthdr.rcvif->if_addrhead, ifa_link) { if (ifa->ifa_addr->sa_family != AF_INET) continue; @@ -686,7 +692,7 @@ icmp_reflect(struct mbuf *m) * net.inet.icmp.reply_src (default not set). Otherwise continue * with normal source selection. */ - if (reply_src[0] != '\0' && (ifn = ifunit(reply_src))) { + if (V_reply_src[0] != '\0' && (ifn = ifunit(V_reply_src))) { TAILQ_FOREACH(ifa, &ifn->if_addrhead, ifa_link) { if (ifa->ifa_addr->sa_family != AF_INET) continue; @@ -889,6 +895,8 @@ ip_next_mtu(int mtu, int dir) int badport_bandlim(int which) { + INIT_VNET_INET(curvnet); + #define N(a) (sizeof (a) / sizeof (a[0])) static struct rate { const char *type; @@ -906,20 +914,20 @@ badport_bandlim(int which) /* * Return ok status if feature disabled or argument out of range. */ - if (icmplim > 0 && (u_int) which < N(rates)) { + if (V_icmplim > 0 && (u_int) which < N(rates)) { struct rate *r = &rates[which]; int opps = r->curpps; - if (!ppsratecheck(&r->lasttime, &r->curpps, icmplim)) + if (!ppsratecheck(&r->lasttime, &r->curpps, V_icmplim)) return -1; /* discard packet */ /* * If we've dropped below the threshold after having * rate-limited traffic print the message. This preserves * the previous behaviour at the expense of added complexity. */ - if (icmplim_output && opps > icmplim) + if (V_icmplim_output && opps > V_icmplim) printf("Limiting %s from %d to %d packets/sec\n", - r->type, opps, icmplim); + r->type, opps, V_icmplim); } return 0; /* okay to send packet */ #undef N diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index ef1586d..ce92c2f 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -92,31 +92,32 @@ CTASSERT(sizeof(struct ip) == 20); int rsvp_on = 0; int ipforwarding = 0; -SYSCTL_INT(_net_inet_ip, IPCTL_FORWARDING, forwarding, CTLFLAG_RW, - &ipforwarding, 0, "Enable IP forwarding between interfaces"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_FORWARDING, + forwarding, CTLFLAG_RW, ipforwarding, 0, + "Enable IP forwarding between interfaces"); static int ipsendredirects = 1; /* XXX */ -SYSCTL_INT(_net_inet_ip, IPCTL_SENDREDIRECTS, redirect, CTLFLAG_RW, - &ipsendredirects, 0, "Enable sending IP redirects"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_SENDREDIRECTS, + redirect, CTLFLAG_RW, ipsendredirects, 0, + "Enable sending IP redirects"); int ip_defttl = IPDEFTTL; -SYSCTL_INT(_net_inet_ip, IPCTL_DEFTTL, ttl, CTLFLAG_RW, - &ip_defttl, 0, "Maximum TTL on IP packets"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_DEFTTL, + ttl, CTLFLAG_RW, ip_defttl, 0, "Maximum TTL on IP packets"); static int ip_keepfaith = 0; -SYSCTL_INT(_net_inet_ip, IPCTL_KEEPFAITH, keepfaith, CTLFLAG_RW, - &ip_keepfaith, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_KEEPFAITH, + keepfaith, CTLFLAG_RW, ip_keepfaith, 0, "Enable packet capture for FAITH IPv4->IPv6 translater daemon"); static int ip_sendsourcequench = 0; -SYSCTL_INT(_net_inet_ip, OID_AUTO, sendsourcequench, CTLFLAG_RW, - &ip_sendsourcequench, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, + sendsourcequench, CTLFLAG_RW, ip_sendsourcequench, 0, "Enable the transmission of source quench packets"); int ip_do_randomid = 0; -SYSCTL_INT(_net_inet_ip, OID_AUTO, random_id, CTLFLAG_RW, - &ip_do_randomid, 0, - "Assign random ip_id values"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, random_id, + CTLFLAG_RW, ip_do_randomid, 0, "Assign random ip_id values"); /* * XXX - Setting ip_checkinterface mostly implements the receive side of @@ -132,8 +133,9 @@ SYSCTL_INT(_net_inet_ip, OID_AUTO, random_id, CTLFLAG_RW, * packets for those addresses are received. */ static int ip_checkinterface = 0; -SYSCTL_INT(_net_inet_ip, OID_AUTO, check_interface, CTLFLAG_RW, - &ip_checkinterface, 0, "Verify packet arrives on correct interface"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, + check_interface, CTLFLAG_RW, ip_checkinterface, 0, + "Verify packet arrives on correct interface"); struct pfil_head inet_pfil_hook; /* Packet filter hooks */ @@ -154,8 +156,8 @@ SYSCTL_INT(_net_inet_ip, IPCTL_INTRQDROPS, intr_queue_drops, CTLFLAG_RD, "Number of packets dropped from the IP input queue"); struct ipstat ipstat; -SYSCTL_STRUCT(_net_inet_ip, IPCTL_STATS, stats, CTLFLAG_RW, - &ipstat, ipstat, "IP statistics (struct ipstat, netinet/ip_var.h)"); +SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_ip, IPCTL_STATS, stats, CTLFLAG_RW, + ipstat, ipstat, "IP statistics (struct ipstat, netinet/ip_var.h)"); /* * IP datagram reassembly. @@ -180,12 +182,13 @@ static void ipq_zone_change(void *); static int maxnipq; /* Administrative limit on # reass queues. */ static int nipq = 0; /* Total # of reass queues */ -SYSCTL_INT(_net_inet_ip, OID_AUTO, fragpackets, CTLFLAG_RD, - &nipq, 0, "Current number of IPv4 fragment reassembly queue entries"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, fragpackets, + CTLFLAG_RD, nipq, 0, + "Current number of IPv4 fragment reassembly queue entries"); static int maxfragsperpacket; -SYSCTL_INT(_net_inet_ip, OID_AUTO, maxfragsperpacket, CTLFLAG_RW, - &maxfragsperpacket, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, maxfragsperpacket, + CTLFLAG_RW, maxfragsperpacket, 0, "Maximum number of IPv4 fragments allowed per packet"); struct callout ipport_tick_callout; @@ -197,8 +200,8 @@ SYSCTL_INT(_net_inet_ip, IPCTL_DEFMTU, mtu, CTLFLAG_RW, #ifdef IPSTEALTH int ipstealth = 0; -SYSCTL_INT(_net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW, - &ipstealth, 0, "IP stealth mode, no TTL decrementation on forwarding"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW, + ipstealth, 0, "IP stealth mode, no TTL decrementation on forwarding"); #endif /* @@ -218,6 +221,7 @@ static void ip_freef(struct ipqhead *, struct ipq *); void ip_init(void) { + INIT_VNET_INET(curvnet); struct protosw *pr; int i; @@ -289,6 +293,7 @@ ip_fini(void *xtp) void ip_input(struct mbuf *m) { + INIT_VNET_INET(curvnet); struct ip *ip = NULL; struct in_ifaddr *ia = NULL; struct ifaddr *ifa; @@ -681,6 +686,7 @@ bad: static void maxnipq_update(void) { + INIT_VNET_INET(curvnet); /* * -1 for unlimited allocation. @@ -704,6 +710,7 @@ maxnipq_update(void) static void ipq_zone_change(void *tag) { + INIT_VNET_INET(curvnet); if (V_maxnipq > 0 && V_maxnipq < (nmbclusters / 32)) { V_maxnipq = nmbclusters / 32; @@ -714,6 +721,7 @@ ipq_zone_change(void *tag) static int sysctl_maxnipq(SYSCTL_HANDLER_ARGS) { + INIT_VNET_INET(curvnet); int error, i; i = V_maxnipq; @@ -749,6 +757,7 @@ SYSCTL_PROC(_net_inet_ip, OID_AUTO, maxfragpackets, CTLTYPE_INT|CTLFLAG_RW, struct mbuf * ip_reass(struct mbuf *m) { + INIT_VNET_INET(curvnet); struct ip *ip; struct mbuf *p, *q, *nq, *t; struct ipq *fp = NULL; @@ -1064,6 +1073,7 @@ done: static void ip_freef(struct ipqhead *fhp, struct ipq *fp) { + INIT_VNET_INET(curvnet); struct mbuf *q; IPQ_LOCK_ASSERT(); @@ -1086,36 +1096,47 @@ ip_freef(struct ipqhead *fhp, struct ipq *fp) void ip_slowtimo(void) { + VNET_ITERATOR_DECL(vnet_iter); struct ipq *fp; int i; IPQ_LOCK(); - for (i = 0; i < IPREASS_NHASH; i++) { - for(fp = TAILQ_FIRST(&V_ipq[i]); fp;) { - struct ipq *fpp; - - fpp = fp; - fp = TAILQ_NEXT(fp, ipq_list); - if(--fpp->ipq_ttl == 0) { - V_ipstat.ips_fragtimeout += fpp->ipq_nfrags; - ip_freef(&V_ipq[i], fpp); + VNET_LIST_RLOCK(); + VNET_FOREACH(vnet_iter) { + CURVNET_SET(vnet_iter); + INIT_VNET_INET(vnet_iter); + for (i = 0; i < IPREASS_NHASH; i++) { + for(fp = TAILQ_FIRST(&V_ipq[i]); fp;) { + struct ipq *fpp; + + fpp = fp; + fp = TAILQ_NEXT(fp, ipq_list); + if(--fpp->ipq_ttl == 0) { + V_ipstat.ips_fragtimeout += + fpp->ipq_nfrags; + ip_freef(&V_ipq[i], fpp); + } } } - } - /* - * If we are over the maximum number of fragments - * (due to the limit being lowered), drain off - * enough to get down to the new limit. - */ - if (V_maxnipq >= 0 && V_nipq > V_maxnipq) { - for (i = 0; i < IPREASS_NHASH; i++) { - while (V_nipq > V_maxnipq && !TAILQ_EMPTY(&V_ipq[i])) { - V_ipstat.ips_fragdropped += - TAILQ_FIRST(&V_ipq[i])->ipq_nfrags; - ip_freef(&V_ipq[i], TAILQ_FIRST(&V_ipq[i])); + /* + * If we are over the maximum number of fragments + * (due to the limit being lowered), drain off + * enough to get down to the new limit. + */ + if (V_maxnipq >= 0 && V_nipq > V_maxnipq) { + for (i = 0; i < IPREASS_NHASH; i++) { + while (V_nipq > V_maxnipq && + !TAILQ_EMPTY(&V_ipq[i])) { + V_ipstat.ips_fragdropped += + TAILQ_FIRST(&V_ipq[i])->ipq_nfrags; + ip_freef(&V_ipq[i], + TAILQ_FIRST(&V_ipq[i])); + } } } + CURVNET_RESTORE(); } + VNET_LIST_RUNLOCK(); IPQ_UNLOCK(); } @@ -1125,16 +1146,24 @@ ip_slowtimo(void) void ip_drain(void) { + VNET_ITERATOR_DECL(vnet_iter); int i; IPQ_LOCK(); - for (i = 0; i < IPREASS_NHASH; i++) { - while(!TAILQ_EMPTY(&V_ipq[i])) { - V_ipstat.ips_fragdropped += - TAILQ_FIRST(&V_ipq[i])->ipq_nfrags; - ip_freef(&V_ipq[i], TAILQ_FIRST(&V_ipq[i])); + VNET_LIST_RLOCK(); + VNET_FOREACH(vnet_iter) { + CURVNET_SET(vnet_iter); + INIT_VNET_INET(vnet_iter); + for (i = 0; i < IPREASS_NHASH; i++) { + while(!TAILQ_EMPTY(&V_ipq[i])) { + V_ipstat.ips_fragdropped += + TAILQ_FIRST(&V_ipq[i])->ipq_nfrags; + ip_freef(&V_ipq[i], TAILQ_FIRST(&V_ipq[i])); + } } + CURVNET_RESTORE(); } + VNET_LIST_RUNLOCK(); IPQ_UNLOCK(); in_rtqdrain(); } @@ -1251,6 +1280,7 @@ u_char inetctlerrmap[PRC_NCMDS] = { void ip_forward(struct mbuf *m, int srcrt) { + INIT_VNET_INET(curvnet); struct ip *ip = mtod(m, struct ip *); struct in_ifaddr *ia = NULL; struct mbuf *mcopy; @@ -1466,6 +1496,8 @@ void ip_savecontrol(struct inpcb *inp, struct mbuf **mp, struct ip *ip, struct mbuf *m) { + INIT_VNET_NET(inp->inp_vnet); + if (inp->inp_socket->so_options & (SO_BINTIME | SO_TIMESTAMP)) { struct bintime bt; @@ -1564,6 +1596,8 @@ struct socket *ip_rsvpd; int ip_rsvp_init(struct socket *so) { + INIT_VNET_INET(so->so_vnet); + if (so->so_type != SOCK_RAW || so->so_proto->pr_protocol != IPPROTO_RSVP) return EOPNOTSUPP; @@ -1587,6 +1621,8 @@ ip_rsvp_init(struct socket *so) int ip_rsvp_done(void) { + INIT_VNET_INET(curvnet); + V_ip_rsvpd = NULL; /* * This may seem silly, but we need to be sure we don't over-decrement @@ -1602,6 +1638,8 @@ ip_rsvp_done(void) void rsvp_input(struct mbuf *m, int off) /* XXX must fixup manually */ { + INIT_VNET_INET(curvnet); + if (rsvp_input_p) { /* call the real one if loaded */ rsvp_input_p(m, off); return; diff --git a/sys/netinet/ip_ipsec.c b/sys/netinet/ip_ipsec.c index 3e8e826..a4f8631 100644 --- a/sys/netinet/ip_ipsec.c +++ b/sys/netinet/ip_ipsec.c @@ -94,6 +94,8 @@ int ip_ipsec_fwd(struct mbuf *m) { #ifdef IPSEC + INIT_VNET_INET(curvnet); + INIT_VNET_IPSEC(curvnet); struct m_tag *mtag; struct tdb_ident *tdbi; struct secpolicy *sp; @@ -141,6 +143,7 @@ ip_ipsec_input(struct mbuf *m) { struct ip *ip = mtod(m, struct ip *); #ifdef IPSEC + INIT_VNET_IPSEC(curvnet); struct m_tag *mtag; struct tdb_ident *tdbi; struct secpolicy *sp; diff --git a/sys/netinet/ip_mroute.c b/sys/netinet/ip_mroute.c index 730f0af..a241ec4 100644 --- a/sys/netinet/ip_mroute.c +++ b/sys/netinet/ip_mroute.c @@ -422,6 +422,7 @@ mfc_find(in_addr_t o, in_addr_t g) static int X_ip_mrouter_set(struct socket *so, struct sockopt *sopt) { + INIT_VNET_INET(curvnet); int error, optval; vifi_t vifi; struct vifctl vifc; @@ -646,6 +647,7 @@ ip_mrouter_reset(void) static void if_detached_event(void *arg __unused, struct ifnet *ifp) { + INIT_VNET_INET(curvnet); vifi_t vifi; int i; struct mfc *mfc; @@ -709,6 +711,8 @@ if_detached_event(void *arg __unused, struct ifnet *ifp) static int ip_mrouter_init(struct socket *so, int version) { + INIT_VNET_INET(curvnet); + if (mrtdebug) log(LOG_DEBUG, "ip_mrouter_init: so_type = %d, pr_protocol = %d\n", so->so_type, so->so_proto->pr_protocol); @@ -755,6 +759,7 @@ ip_mrouter_init(struct socket *so, int version) static int X_ip_mrouter_done(void) { + INIT_VNET_INET(curvnet); vifi_t vifi; int i; struct ifnet *ifp; @@ -1286,6 +1291,7 @@ static int X_ip_mforward(struct ip *ip, struct ifnet *ifp, struct mbuf *m, struct ip_moptions *imo) { + INIT_VNET_INET(curvnet); struct mfc *rt; int error; vifi_t vifi; @@ -1590,6 +1596,7 @@ expire_upcalls(void *unused) static int ip_mdq(struct mbuf *m, struct ifnet *ifp, struct mfc *rt, vifi_t xmt_vif) { + INIT_VNET_INET(curvnet); struct ip *ip = mtod(m, struct ip *); vifi_t vifi; int plen = ip->ip_len; @@ -1801,6 +1808,7 @@ send_packet(struct vif *vifp, struct mbuf *m) static int X_ip_rsvp_vif(struct socket *so, struct sockopt *sopt) { + INIT_VNET_INET(curvnet); int error, vifi; if (so->so_type != SOCK_RAW || so->so_proto->pr_protocol != IPPROTO_RSVP) @@ -1855,6 +1863,7 @@ X_ip_rsvp_vif(struct socket *so, struct sockopt *sopt) static void X_ip_rsvp_force_done(struct socket *so) { + INIT_VNET_INET(curvnet); int vifi; /* Don't bother if it is not the right type of socket. */ @@ -1885,6 +1894,7 @@ X_ip_rsvp_force_done(struct socket *so) static void X_rsvp_input(struct mbuf *m, int off) { + INIT_VNET_INET(curvnet); int vifi; struct ip *ip = mtod(m, struct ip *); struct sockaddr_in rsvp_src = { sizeof rsvp_src, AF_INET }; @@ -2286,6 +2296,7 @@ bw_meter_prepare_upcall(struct bw_meter *x, struct timeval *nowp) static void bw_upcalls_send(void) { + INIT_VNET_INET(curvnet); struct mbuf *m; int len = bw_upcalls_n * sizeof(bw_upcalls[0]); struct sockaddr_in k_igmpsrc = { sizeof k_igmpsrc, AF_INET }; @@ -2646,6 +2657,7 @@ static int pim_register_send_upcall(struct ip *ip, struct vif *vifp, struct mbuf *mb_copy, struct mfc *rt) { + INIT_VNET_INET(curvnet); struct mbuf *mb_first; int len = ntohs(ip->ip_len); struct igmpmsg *im; @@ -2700,6 +2712,7 @@ static int pim_register_send_rp(struct ip *ip, struct vif *vifp, struct mbuf *mb_copy, struct mfc *rt) { + INIT_VNET_INET(curvnet); struct mbuf *mb_first; struct ip *ip_outer; struct pim_encap_pimhdr *pimhdr; @@ -3029,6 +3042,8 @@ pim_input_to_daemon: static int ip_mroute_modevent(module_t mod, int type, void *unused) { + INIT_VNET_INET(curvnet); + switch (type) { case MOD_LOAD: MROUTER_LOCK_INIT(); diff --git a/sys/netinet/ip_options.c b/sys/netinet/ip_options.c index df41c43..1cbe9f6 100644 --- a/sys/netinet/ip_options.c +++ b/sys/netinet/ip_options.c @@ -98,6 +98,7 @@ static void save_rte(struct mbuf *m, u_char *, struct in_addr); int ip_dooptions(struct mbuf *m, int pass) { + INIT_VNET_INET(curvnet); struct ip *ip = mtod(m, struct ip *); u_char *cp; struct in_ifaddr *ia; diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c index 4567f05..7612f67 100644 --- a/sys/netinet/ip_output.c +++ b/sys/netinet/ip_output.c @@ -109,6 +109,8 @@ int ip_output(struct mbuf *m, struct mbuf *opt, struct route *ro, int flags, struct ip_moptions *imo, struct inpcb *inp) { + INIT_VNET_NET(curvnet); + INIT_VNET_INET(curvnet); struct ip *ip; struct ifnet *ifp = NULL; /* keep compiler happy */ struct mbuf *m0; @@ -626,6 +628,7 @@ int ip_fragment(struct ip *ip, struct mbuf **m_frag, int mtu, u_long if_hwassist_flags, int sw_csum) { + INIT_VNET_INET(curvnet); int error = 0; int hlen = ip->ip_hl << 2; int len = (mtu - hlen) & ~7; /* size of payload in each fragment */ diff --git a/sys/netinet/raw_ip.c b/sys/netinet/raw_ip.c index 9e70ceb..c6bca32 100644 --- a/sys/netinet/raw_ip.c +++ b/sys/netinet/raw_ip.c @@ -158,6 +158,7 @@ rip_delhash(struct inpcb *inp) static void rip_zone_change(void *tag) { + INIT_VNET_INET(curvnet); uma_zone_set_max(V_ripcbinfo.ipi_zone, maxsockets); } @@ -174,6 +175,7 @@ rip_inpcb_init(void *mem, int size, int flags) void rip_init(void) { + INIT_VNET_INET(curvnet); INP_INFO_LOCK_INIT(&V_ripcbinfo, "rip"); LIST_INIT(&V_ripcb); @@ -240,6 +242,7 @@ rip_append(struct inpcb *last, struct ip *ip, struct mbuf *n, void rip_input(struct mbuf *m, int off) { + INIT_VNET_INET(curvnet); struct ip *ip = mtod(m, struct ip *); int proto = ip->ip_p; struct inpcb *inp, *last; @@ -333,6 +336,7 @@ rip_input(struct mbuf *m, int off) int rip_output(struct mbuf *m, struct socket *so, u_long dst) { + INIT_VNET_INET(so->so_vnet); struct ip *ip; int error; struct inpcb *inp = sotoinpcb(so); @@ -598,6 +602,7 @@ rip_ctloutput(struct socket *so, struct sockopt *sopt) void rip_ctlinput(int cmd, struct sockaddr *sa, void *vip) { + INIT_VNET_INET(curvnet); struct in_ifaddr *ia; struct ifnet *ifp; int err; @@ -656,6 +661,7 @@ SYSCTL_ULONG(_net_inet_raw, OID_AUTO, recvspace, CTLFLAG_RW, static int rip_attach(struct socket *so, int proto, struct thread *td) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; int error; @@ -689,6 +695,7 @@ rip_attach(struct socket *so, int proto, struct thread *td) static void rip_detach(struct socket *so) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -728,6 +735,7 @@ rip_dodisconnect(struct socket *so, struct inpcb *inp) static void rip_abort(struct socket *so) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -743,6 +751,7 @@ rip_abort(struct socket *so) static void rip_close(struct socket *so) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -758,6 +767,7 @@ rip_close(struct socket *so) static int rip_disconnect(struct socket *so) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; if ((so->so_state & SS_ISCONNECTED) == 0) @@ -777,6 +787,8 @@ rip_disconnect(struct socket *so) static int rip_bind(struct socket *so, struct sockaddr *nam, struct thread *td) { + INIT_VNET_NET(so->so_vnet); + INIT_VNET_INET(so->so_vnet); struct sockaddr_in *addr = (struct sockaddr_in *)nam; struct inpcb *inp; @@ -813,6 +825,8 @@ rip_bind(struct socket *so, struct sockaddr *nam, struct thread *td) static int rip_connect(struct socket *so, struct sockaddr *nam, struct thread *td) { + INIT_VNET_NET(so->so_vnet); + INIT_VNET_INET(so->so_vnet); struct sockaddr_in *addr = (struct sockaddr_in *)nam; struct inpcb *inp; @@ -883,6 +897,7 @@ rip_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, static int rip_pcblist(SYSCTL_HANDLER_ARGS) { + INIT_VNET_INET(curvnet); int error, i, n; struct inpcb *inp, **inp_list; inp_gen_t gencnt; diff --git a/sys/netinet/tcp_hostcache.c b/sys/netinet/tcp_hostcache.c index 50bf593..ec8f9ba 100644 --- a/sys/netinet/tcp_hostcache.c +++ b/sys/netinet/tcp_hostcache.c @@ -158,26 +158,32 @@ static void tcp_hc_purge(void *); SYSCTL_NODE(_net_inet_tcp, OID_AUTO, hostcache, CTLFLAG_RW, 0, "TCP Host cache"); -SYSCTL_INT(_net_inet_tcp_hostcache, OID_AUTO, cachelimit, CTLFLAG_RDTUN, - &tcp_hostcache.cache_limit, 0, "Overall entry limit for hostcache"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, cachelimit, + CTLFLAG_RDTUN, tcp_hostcache.cache_limit, 0, + "Overall entry limit for hostcache"); -SYSCTL_INT(_net_inet_tcp_hostcache, OID_AUTO, hashsize, CTLFLAG_RDTUN, - &tcp_hostcache.hashsize, 0, "Size of TCP hostcache hashtable"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, hashsize, + CTLFLAG_RDTUN, tcp_hostcache.hashsize, 0, + "Size of TCP hostcache hashtable"); -SYSCTL_INT(_net_inet_tcp_hostcache, OID_AUTO, bucketlimit, CTLFLAG_RDTUN, - &tcp_hostcache.bucket_limit, 0, "Per-bucket hash limit for hostcache"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, bucketlimit, + CTLFLAG_RDTUN, tcp_hostcache.bucket_limit, 0, + "Per-bucket hash limit for hostcache"); -SYSCTL_INT(_net_inet_tcp_hostcache, OID_AUTO, count, CTLFLAG_RD, - &tcp_hostcache.cache_count, 0, "Current number of entries in hostcache"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, count, + CTLFLAG_RD, tcp_hostcache.cache_count, 0, + "Current number of entries in hostcache"); -SYSCTL_INT(_net_inet_tcp_hostcache, OID_AUTO, expire, CTLFLAG_RW, - &tcp_hostcache.expire, 0, "Expire time of TCP hostcache entries"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, expire, + CTLFLAG_RW, tcp_hostcache.expire, 0, + "Expire time of TCP hostcache entries"); -SYSCTL_INT(_net_inet_tcp_hostcache, OID_AUTO, prune, CTLFLAG_RW, - &tcp_hostcache.prune, 0, "Time between purge runs"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, prune, + CTLFLAG_RW, tcp_hostcache.prune, 0, "Time between purge runs"); -SYSCTL_INT(_net_inet_tcp_hostcache, OID_AUTO, purge, CTLFLAG_RW, - &tcp_hostcache.purgeall, 0, "Expire all entires on next purge run"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, purge, + CTLFLAG_RW, tcp_hostcache.purgeall, 0, + "Expire all entires on next purge run"); SYSCTL_PROC(_net_inet_tcp_hostcache, OID_AUTO, list, CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_SKIP, 0, 0, @@ -204,6 +210,7 @@ static MALLOC_DEFINE(M_HOSTCACHE, "hostcache", "TCP hostcache"); void tcp_hc_init(void) { + INIT_VNET_INET(curvnet); int i; /* @@ -271,6 +278,7 @@ tcp_hc_init(void) static struct hc_metrics * tcp_hc_lookup(struct in_conninfo *inc) { + INIT_VNET_INET(curvnet); int hash; struct hc_head *hc_head; struct hc_metrics *hc_entry; @@ -326,6 +334,7 @@ tcp_hc_lookup(struct in_conninfo *inc) static struct hc_metrics * tcp_hc_insert(struct in_conninfo *inc) { + INIT_VNET_INET(curvnet); int hash; struct hc_head *hc_head; struct hc_metrics *hc_entry; @@ -416,6 +425,7 @@ tcp_hc_insert(struct in_conninfo *inc) void tcp_hc_get(struct in_conninfo *inc, struct hc_metrics_lite *hc_metrics_lite) { + INIT_VNET_INET(curvnet); struct hc_metrics *hc_entry; /* @@ -456,6 +466,7 @@ tcp_hc_get(struct in_conninfo *inc, struct hc_metrics_lite *hc_metrics_lite) u_long tcp_hc_getmtu(struct in_conninfo *inc) { + INIT_VNET_INET(curvnet); struct hc_metrics *hc_entry; u_long mtu; @@ -478,6 +489,7 @@ tcp_hc_getmtu(struct in_conninfo *inc) void tcp_hc_updatemtu(struct in_conninfo *inc, u_long mtu) { + INIT_VNET_INET(curvnet); struct hc_metrics *hc_entry; /* @@ -517,6 +529,7 @@ tcp_hc_updatemtu(struct in_conninfo *inc, u_long mtu) void tcp_hc_update(struct in_conninfo *inc, struct hc_metrics_lite *hcml) { + INIT_VNET_INET(curvnet); struct hc_metrics *hc_entry; hc_entry = tcp_hc_lookup(inc); @@ -597,6 +610,7 @@ tcp_hc_update(struct in_conninfo *inc, struct hc_metrics_lite *hcml) static int sysctl_tcp_hc_list(SYSCTL_HANDLER_ARGS) { + INIT_VNET_INET(curvnet); int bufsize; int linesize = 128; char *p, *buf; @@ -659,6 +673,7 @@ sysctl_tcp_hc_list(SYSCTL_HANDLER_ARGS) static void tcp_hc_purge(void *arg) { + INIT_VNET_INET(curvnet); struct hc_metrics *hc_entry, *hc_next; int all = (intptr_t)arg; int i; diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index 78ea22f..e31bea1 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -100,60 +100,63 @@ __FBSDID("$FreeBSD$"); static const int tcprexmtthresh = 3; struct tcpstat tcpstat; -SYSCTL_STRUCT(_net_inet_tcp, TCPCTL_STATS, stats, CTLFLAG_RW, - &tcpstat , tcpstat, "TCP statistics (struct tcpstat, netinet/tcp_var.h)"); +SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_tcp, TCPCTL_STATS, stats, + CTLFLAG_RW, tcpstat , tcpstat, + "TCP statistics (struct tcpstat, netinet/tcp_var.h)"); int tcp_log_in_vain = 0; SYSCTL_INT(_net_inet_tcp, OID_AUTO, log_in_vain, CTLFLAG_RW, &tcp_log_in_vain, 0, "Log all incoming TCP segments to closed ports"); static int blackhole = 0; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, blackhole, CTLFLAG_RW, - &blackhole, 0, "Do not send RST on segments to closed ports"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, blackhole, CTLFLAG_RW, + blackhole, 0, "Do not send RST on segments to closed ports"); int tcp_delack_enabled = 1; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, delayed_ack, CTLFLAG_RW, - &tcp_delack_enabled, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, delayed_ack, + CTLFLAG_RW, tcp_delack_enabled, 0, "Delay ACK to try and piggyback it onto a data packet"); static int drop_synfin = 0; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, drop_synfin, CTLFLAG_RW, - &drop_synfin, 0, "Drop TCP packets with SYN+FIN set"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, drop_synfin, + CTLFLAG_RW, drop_synfin, 0, "Drop TCP packets with SYN+FIN set"); static int tcp_do_rfc3042 = 1; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, rfc3042, CTLFLAG_RW, - &tcp_do_rfc3042, 0, "Enable RFC 3042 (Limited Transmit)"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, rfc3042, CTLFLAG_RW, + tcp_do_rfc3042, 0, "Enable RFC 3042 (Limited Transmit)"); static int tcp_do_rfc3390 = 1; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, rfc3390, CTLFLAG_RW, - &tcp_do_rfc3390, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, rfc3390, CTLFLAG_RW, + tcp_do_rfc3390, 0, "Enable RFC 3390 (Increasing TCP's Initial Congestion Window)"); int tcp_do_ecn = 0; int tcp_ecn_maxretries = 1; SYSCTL_NODE(_net_inet_tcp, OID_AUTO, ecn, CTLFLAG_RW, 0, "TCP ECN"); -SYSCTL_INT(_net_inet_tcp_ecn, OID_AUTO, enable, CTLFLAG_RW, - &tcp_do_ecn, 0, "TCP ECN support"); -SYSCTL_INT(_net_inet_tcp_ecn, OID_AUTO, maxretries, CTLFLAG_RW, - &tcp_ecn_maxretries, 0, "Max retries before giving up on ECN"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_ecn, OID_AUTO, enable, + CTLFLAG_RW, tcp_do_ecn, 0, "TCP ECN support"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_ecn, OID_AUTO, maxretries, + CTLFLAG_RW, tcp_ecn_maxretries, 0, "Max retries before giving up on ECN"); static int tcp_insecure_rst = 0; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, insecure_rst, CTLFLAG_RW, - &tcp_insecure_rst, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, insecure_rst, + CTLFLAG_RW, tcp_insecure_rst, 0, "Follow the old (insecure) criteria for accepting RST packets"); int tcp_do_autorcvbuf = 1; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, recvbuf_auto, CTLFLAG_RW, - &tcp_do_autorcvbuf, 0, "Enable automatic receive buffer sizing"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, recvbuf_auto, + CTLFLAG_RW, tcp_do_autorcvbuf, 0, + "Enable automatic receive buffer sizing"); int tcp_autorcvbuf_inc = 16*1024; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, recvbuf_inc, CTLFLAG_RW, - &tcp_autorcvbuf_inc, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, recvbuf_inc, + CTLFLAG_RW, tcp_autorcvbuf_inc, 0, "Incrementor step size of automatic receive buffer"); int tcp_autorcvbuf_max = 256*1024; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, recvbuf_max, CTLFLAG_RW, - &tcp_autorcvbuf_max, 0, "Max size of automatic receive buffer"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, recvbuf_max, + CTLFLAG_RW, tcp_autorcvbuf_max, 0, + "Max size of automatic receive buffer"); struct inpcbhead tcb; #define tcb6 tcb /* for KAME src sync over BSD*'s */ @@ -225,6 +228,7 @@ do { \ int tcp6_input(struct mbuf **mp, int *offp, int proto) { + INIT_VNET_INET6(curvnet); struct mbuf *m = *mp; struct in6_ifaddr *ia6; @@ -252,6 +256,13 @@ tcp6_input(struct mbuf **mp, int *offp, int proto) void tcp_input(struct mbuf *m, int off0) { + INIT_VNET_INET(curvnet); +#ifdef INET6 + INIT_VNET_INET6(curvnet); +#endif +#ifdef IPSEC + INIT_VNET_IPSEC(curvnet); +#endif struct tcphdr *th; struct ip *ip = NULL; struct ipovly *ipov; @@ -921,6 +932,7 @@ static void tcp_do_segment(struct mbuf *m, struct tcphdr *th, struct socket *so, struct tcpcb *tp, int drop_hdrlen, int tlen, uint8_t iptos) { + INIT_VNET_INET(tp->t_vnet); int thflags, acked, ourfinisacked, needoutput = 0; int headlocked = 1; int rstreason, todrop, win; @@ -2585,6 +2597,7 @@ drop: static void tcp_dooptions(struct tcpopt *to, u_char *cp, int cnt, int flags) { + INIT_VNET_INET(curvnet); int opt, optlen; to->to_flags = 0; @@ -2712,6 +2725,7 @@ tcp_pulloutofband(struct socket *so, struct tcphdr *th, struct mbuf *m, static void tcp_xmit_timer(struct tcpcb *tp, int rtt) { + INIT_VNET_INET(tp->t_inpcb->inp_vnet); int delta; INP_WLOCK_ASSERT(tp->t_inpcb); @@ -2817,6 +2831,7 @@ tcp_xmit_timer(struct tcpcb *tp, int rtt) void tcp_mss_update(struct tcpcb *tp, int offer, struct hc_metrics_lite *metricptr) { + INIT_VNET_INET(tp->t_inpcb->inp_vnet); int mss; u_long maxmtu; struct inpcb *inp = tp->t_inpcb; @@ -3100,6 +3115,7 @@ tcp_mss(struct tcpcb *tp, int offer) int tcp_mssopt(struct in_conninfo *inc) { + INIT_VNET_INET(curvnet); int mss = 0; u_long maxmtu = 0; u_long thcmtu = 0; diff --git a/sys/netinet/tcp_offload.c b/sys/netinet/tcp_offload.c index 604aab0..6419a95 100644 --- a/sys/netinet/tcp_offload.c +++ b/sys/netinet/tcp_offload.c @@ -107,6 +107,7 @@ fail: void tcp_offload_twstart(struct tcpcb *tp) { + INIT_VNET_INET(curvnet); INP_INFO_WLOCK(&V_tcbinfo); INP_WLOCK(tp->t_inpcb); @@ -117,6 +118,7 @@ tcp_offload_twstart(struct tcpcb *tp) struct tcpcb * tcp_offload_close(struct tcpcb *tp) { + INIT_VNET_INET(curvnet); INP_INFO_WLOCK(&V_tcbinfo); INP_WLOCK(tp->t_inpcb); @@ -131,6 +133,7 @@ tcp_offload_close(struct tcpcb *tp) struct tcpcb * tcp_offload_drop(struct tcpcb *tp, int error) { + INIT_VNET_INET(curvnet); INP_INFO_WLOCK(&V_tcbinfo); INP_WLOCK(tp->t_inpcb); diff --git a/sys/netinet/tcp_output.c b/sys/netinet/tcp_output.c index f8cf22f..b3a010b 100644 --- a/sys/netinet/tcp_output.c +++ b/sys/netinet/tcp_output.c @@ -88,36 +88,41 @@ extern struct mbuf *m_copypack(); #endif int path_mtu_discovery = 1; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, path_mtu_discovery, CTLFLAG_RW, - &path_mtu_discovery, 1, "Enable Path MTU Discovery"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, path_mtu_discovery, + CTLFLAG_RW, path_mtu_discovery, 1, "Enable Path MTU Discovery"); int ss_fltsz = 1; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, slowstart_flightsize, CTLFLAG_RW, - &ss_fltsz, 1, "Slow start flight size"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, + slowstart_flightsize, CTLFLAG_RW, + ss_fltsz, 1, "Slow start flight size"); int ss_fltsz_local = 4; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, local_slowstart_flightsize, CTLFLAG_RW, - &ss_fltsz_local, 1, "Slow start flight size for local networks"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, + local_slowstart_flightsize, CTLFLAG_RW, + ss_fltsz_local, 1, "Slow start flight size for local networks"); int tcp_do_newreno = 1; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, newreno, CTLFLAG_RW, - &tcp_do_newreno, 0, "Enable NewReno Algorithms"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, newreno, CTLFLAG_RW, + tcp_do_newreno, 0, "Enable NewReno Algorithms"); int tcp_do_tso = 1; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, tso, CTLFLAG_RW, - &tcp_do_tso, 0, "Enable TCP Segmentation Offload"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, tso, CTLFLAG_RW, + tcp_do_tso, 0, "Enable TCP Segmentation Offload"); int tcp_do_autosndbuf = 1; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, sendbuf_auto, CTLFLAG_RW, - &tcp_do_autosndbuf, 0, "Enable automatic send buffer sizing"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, sendbuf_auto, + CTLFLAG_RW, + tcp_do_autosndbuf, 0, "Enable automatic send buffer sizing"); int tcp_autosndbuf_inc = 8*1024; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, sendbuf_inc, CTLFLAG_RW, - &tcp_autosndbuf_inc, 0, "Incrementor step size of automatic send buffer"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, sendbuf_inc, + CTLFLAG_RW, tcp_autosndbuf_inc, 0, + "Incrementor step size of automatic send buffer"); int tcp_autosndbuf_max = 256*1024; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, sendbuf_max, CTLFLAG_RW, - &tcp_autosndbuf_max, 0, "Max size of automatic send buffer"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, sendbuf_max, + CTLFLAG_RW, tcp_autosndbuf_max, 0, + "Max size of automatic send buffer"); /* @@ -126,6 +131,7 @@ SYSCTL_INT(_net_inet_tcp, OID_AUTO, sendbuf_max, CTLFLAG_RW, int tcp_output(struct tcpcb *tp) { + INIT_VNET_INET(tp->t_inpcb->inp_vnet); struct socket *so = tp->t_inpcb->inp_socket; long len, recwin, sendwin; int off, flags, error; @@ -1318,6 +1324,7 @@ tcp_setpersist(struct tcpcb *tp) int tcp_addoptions(struct tcpopt *to, u_char *optp) { + INIT_VNET_INET(curvnet); u_int mask, optlen = 0; for (mask = 1; mask < TOF_MAXOPT; mask <<= 1) { diff --git a/sys/netinet/tcp_reass.c b/sys/netinet/tcp_reass.c index cf83bc2..6f55e11 100644 --- a/sys/netinet/tcp_reass.c +++ b/sys/netinet/tcp_reass.c @@ -78,29 +78,30 @@ SYSCTL_NODE(_net_inet_tcp, OID_AUTO, reass, CTLFLAG_RW, 0, "TCP Segment Reassembly Queue"); static int tcp_reass_maxseg = 0; -SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLFLAG_RDTUN, - &tcp_reass_maxseg, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_reass, OID_AUTO, maxsegments, + CTLFLAG_RDTUN, tcp_reass_maxseg, 0, "Global maximum number of TCP Segments in Reassembly Queue"); int tcp_reass_qsize = 0; -SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, cursegments, CTLFLAG_RD, - &tcp_reass_qsize, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_reass, OID_AUTO, cursegments, + CTLFLAG_RD, tcp_reass_qsize, 0, "Global number of TCP Segments currently in Reassembly Queue"); static int tcp_reass_maxqlen = 48; -SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, maxqlen, CTLFLAG_RW, - &tcp_reass_maxqlen, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_reass, OID_AUTO, maxqlen, + CTLFLAG_RW, tcp_reass_maxqlen, 0, "Maximum number of TCP Segments per individual Reassembly Queue"); static int tcp_reass_overflows = 0; -SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, overflows, CTLFLAG_RD, - &tcp_reass_overflows, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_reass, OID_AUTO, overflows, + CTLFLAG_RD, tcp_reass_overflows, 0, "Global number of TCP Segment Reassembly Queue Overflows"); /* Initialize TCP reassembly queue */ static void tcp_reass_zone_change(void *tag) { + INIT_VNET_INET(curvnet); V_tcp_reass_maxseg = nmbclusters / 16; uma_zone_set_max(tcp_reass_zone, V_tcp_reass_maxseg); @@ -111,6 +112,7 @@ uma_zone_t tcp_reass_zone; void tcp_reass_init(void) { + INIT_VNET_INET(curvnet); V_tcp_reass_maxseg = nmbclusters / 16; TUNABLE_INT_FETCH("net.inet.tcp.reass.maxsegments", @@ -125,6 +127,7 @@ tcp_reass_init(void) int tcp_reass(struct tcpcb *tp, struct tcphdr *th, int *tlenp, struct mbuf *m) { + INIT_VNET_INET(curvnet); struct tseg_qent *q; struct tseg_qent *p = NULL; struct tseg_qent *nq; diff --git a/sys/netinet/tcp_sack.c b/sys/netinet/tcp_sack.c index 961cb78..f43e4e7 100644 --- a/sys/netinet/tcp_sack.c +++ b/sys/netinet/tcp_sack.c @@ -126,23 +126,23 @@ extern struct uma_zone *sack_hole_zone; SYSCTL_NODE(_net_inet_tcp, OID_AUTO, sack, CTLFLAG_RW, 0, "TCP SACK"); int tcp_do_sack = 1; -SYSCTL_INT(_net_inet_tcp_sack, OID_AUTO, enable, CTLFLAG_RW, - &tcp_do_sack, 0, "Enable/Disable TCP SACK support"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_sack, OID_AUTO, enable, + CTLFLAG_RW, tcp_do_sack, 0, "Enable/Disable TCP SACK support"); TUNABLE_INT("net.inet.tcp.sack.enable", &tcp_do_sack); static int tcp_sack_maxholes = 128; -SYSCTL_INT(_net_inet_tcp_sack, OID_AUTO, maxholes, CTLFLAG_RW, - &tcp_sack_maxholes, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_sack, OID_AUTO, maxholes, + CTLFLAG_RW, tcp_sack_maxholes, 0, "Maximum number of TCP SACK holes allowed per connection"); static int tcp_sack_globalmaxholes = 65536; -SYSCTL_INT(_net_inet_tcp_sack, OID_AUTO, globalmaxholes, CTLFLAG_RW, - &tcp_sack_globalmaxholes, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_sack, OID_AUTO, globalmaxholes, + CTLFLAG_RW, tcp_sack_globalmaxholes, 0, "Global maximum number of TCP SACK holes"); static int tcp_sack_globalholes = 0; -SYSCTL_INT(_net_inet_tcp_sack, OID_AUTO, globalholes, CTLFLAG_RD, - &tcp_sack_globalholes, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_sack, OID_AUTO, globalholes, + CTLFLAG_RD, tcp_sack_globalholes, 0, "Global number of TCP SACK holes currently allocated"); /* @@ -253,6 +253,7 @@ tcp_clean_sackreport(struct tcpcb *tp) static struct sackhole * tcp_sackhole_alloc(struct tcpcb *tp, tcp_seq start, tcp_seq end) { + INIT_VNET_INET(tp->t_inpcb->inp_vnet); struct sackhole *hole; if (tp->snd_numholes >= V_tcp_sack_maxholes || @@ -281,6 +282,7 @@ tcp_sackhole_alloc(struct tcpcb *tp, tcp_seq start, tcp_seq end) static void tcp_sackhole_free(struct tcpcb *tp, struct sackhole *hole) { + INIT_VNET_INET(tp->t_vnet); uma_zfree(sack_hole_zone, hole); diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c index fd3ea2d..f94e290 100644 --- a/sys/netinet/tcp_subr.c +++ b/sys/netinet/tcp_subr.c @@ -119,6 +119,7 @@ int tcp_v6mssdflt = TCP6_MSS; static int sysctl_net_inet_tcp_mss_check(SYSCTL_HANDLER_ARGS) { + INIT_VNET_INET(TD_TO_VNET(curthread)); int error, new; new = V_tcp_mssdflt; @@ -140,6 +141,7 @@ SYSCTL_PROC(_net_inet_tcp, TCPCTL_MSSDFLT, mssdflt, CTLTYPE_INT|CTLFLAG_RW, static int sysctl_net_inet_tcp_mss_v6_check(SYSCTL_HANDLER_ARGS) { + INIT_VNET_INET6(TD_TO_VNET(curthread)); int error, new; new = V_tcp_v6mssdflt; @@ -167,12 +169,13 @@ SYSCTL_PROC(_net_inet_tcp, TCPCTL_V6MSSDFLT, v6mssdflt, CTLTYPE_INT|CTLFLAG_RW, * checking. This setting prevents us from sending too small packets. */ int tcp_minmss = TCP_MINMSS; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, minmss, CTLFLAG_RW, - &tcp_minmss , 0, "Minmum TCP Maximum Segment Size"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, minmss, + CTLFLAG_RW, tcp_minmss , 0, "Minmum TCP Maximum Segment Size"); int tcp_do_rfc1323 = 1; -SYSCTL_INT(_net_inet_tcp, TCPCTL_DO_RFC1323, rfc1323, CTLFLAG_RW, - &tcp_do_rfc1323, 0, "Enable rfc1323 (high performance TCP) extensions"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, TCPCTL_DO_RFC1323, rfc1323, + CTLFLAG_RW, tcp_do_rfc1323, 0, + "Enable rfc1323 (high performance TCP) extensions"); static int tcp_log_debug = 0; SYSCTL_INT(_net_inet_tcp, OID_AUTO, log_debug, CTLFLAG_RW, @@ -183,21 +186,21 @@ SYSCTL_INT(_net_inet_tcp, OID_AUTO, tcbhashsize, CTLFLAG_RDTUN, &tcp_tcbhashsize, 0, "Size of TCP control-block hashtable"); static int do_tcpdrain = 1; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, do_tcpdrain, CTLFLAG_RW, - &do_tcpdrain, 0, +SYSCTL_INT(_net_inet_tcp, OID_AUTO, do_tcpdrain, CTLFLAG_RW, &do_tcpdrain, 0, "Enable tcp_drain routine for extra help when low on mbufs"); -SYSCTL_INT(_net_inet_tcp, OID_AUTO, pcbcount, CTLFLAG_RD, - &tcbinfo.ipi_count, 0, "Number of active PCBs"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, pcbcount, + CTLFLAG_RD, tcbinfo.ipi_count, 0, "Number of active PCBs"); static int icmp_may_rst = 1; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, icmp_may_rst, CTLFLAG_RW, - &icmp_may_rst, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, icmp_may_rst, + CTLFLAG_RW, icmp_may_rst, 0, "Certain ICMP unreachable messages may abort connections in SYN_SENT"); static int tcp_isn_reseed_interval = 0; -SYSCTL_INT(_net_inet_tcp, OID_AUTO, isn_reseed_interval, CTLFLAG_RW, - &tcp_isn_reseed_interval, 0, "Seconds between reseeding of ISN secret"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, isn_reseed_interval, + CTLFLAG_RW, tcp_isn_reseed_interval, 0, + "Seconds between reseeding of ISN secret"); /* * TCP bandwidth limiting sysctls. Note that the default lower bound of @@ -208,8 +211,9 @@ SYSCTL_NODE(_net_inet_tcp, OID_AUTO, inflight, CTLFLAG_RW, 0, "TCP inflight data limiting"); static int tcp_inflight_enable = 1; -SYSCTL_INT(_net_inet_tcp_inflight, OID_AUTO, enable, CTLFLAG_RW, - &tcp_inflight_enable, 0, "Enable automatic TCP inflight data limiting"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_inflight, OID_AUTO, enable, + CTLFLAG_RW, tcp_inflight_enable, 0, + "Enable automatic TCP inflight data limiting"); static int tcp_inflight_debug = 0; SYSCTL_INT(_net_inet_tcp_inflight, OID_AUTO, debug, CTLFLAG_RW, @@ -221,16 +225,17 @@ SYSCTL_PROC(_net_inet_tcp_inflight, OID_AUTO, rttthresh, CTLTYPE_INT|CTLFLAG_RW, "RTT threshold below which inflight will deactivate itself"); static int tcp_inflight_min = 6144; -SYSCTL_INT(_net_inet_tcp_inflight, OID_AUTO, min, CTLFLAG_RW, - &tcp_inflight_min, 0, "Lower-bound for TCP inflight window"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_inflight, OID_AUTO, min, + CTLFLAG_RW, tcp_inflight_min, 0, "Lower-bound for TCP inflight window"); static int tcp_inflight_max = TCP_MAXWIN << TCP_MAX_WINSHIFT; -SYSCTL_INT(_net_inet_tcp_inflight, OID_AUTO, max, CTLFLAG_RW, - &tcp_inflight_max, 0, "Upper-bound for TCP inflight window"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_inflight, OID_AUTO, max, + CTLFLAG_RW, tcp_inflight_max, 0, "Upper-bound for TCP inflight window"); static int tcp_inflight_stab = 20; -SYSCTL_INT(_net_inet_tcp_inflight, OID_AUTO, stab, CTLFLAG_RW, - &tcp_inflight_stab, 0, "Inflight Algorithm Stabilization 20 = 2 packets"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_inflight, OID_AUTO, stab, + CTLFLAG_RW, tcp_inflight_stab, 0, + "Inflight Algorithm Stabilization 20 = 2 packets"); uma_zone_t sack_hole_zone; @@ -291,6 +296,7 @@ tcp_inpcb_init(void *mem, int size, int flags) void tcp_init(void) { + INIT_VNET_INET(curvnet); int hashsize = TCBHASHSIZE; tcp_delacktime = TCPTV_DELACK; @@ -450,6 +456,7 @@ void tcp_respond(struct tcpcb *tp, void *ipgen, struct tcphdr *th, struct mbuf *m, tcp_seq ack, tcp_seq seq, int flags) { + INIT_VNET_INET(curvnet); int tlen; int win = 0; struct ip *ip; @@ -620,6 +627,7 @@ tcp_respond(struct tcpcb *tp, void *ipgen, struct tcphdr *th, struct mbuf *m, struct tcpcb * tcp_newtcpcb(struct inpcb *inp) { + INIT_VNET_INET(inp->inp_vnet); struct tcpcb_mem *tm; struct tcpcb *tp; #ifdef INET6 @@ -683,6 +691,7 @@ tcp_newtcpcb(struct inpcb *inp) struct tcpcb * tcp_drop(struct tcpcb *tp, int errno) { + INIT_VNET_INET(tp->t_inpcb->inp_vnet); struct socket *so = tp->t_inpcb->inp_socket; INP_INFO_WLOCK_ASSERT(&V_tcbinfo); @@ -703,6 +712,7 @@ tcp_drop(struct tcpcb *tp, int errno) void tcp_discardcb(struct tcpcb *tp) { + INIT_VNET_INET(tp->t_vnet); struct tseg_qent *q; struct inpcb *inp = tp->t_inpcb; struct socket *so = inp->inp_socket; @@ -804,6 +814,7 @@ tcp_discardcb(struct tcpcb *tp) struct tcpcb * tcp_close(struct tcpcb *tp) { + INIT_VNET_INET(tp->t_inpcb->inp_vnet); struct inpcb *inp = tp->t_inpcb; struct socket *so; @@ -835,8 +846,15 @@ tcp_close(struct tcpcb *tp) void tcp_drain(void) { + VNET_ITERATOR_DECL(vnet_iter); - if (do_tcpdrain) { + if (!do_tcpdrain) + return; + + VNET_LIST_RLOCK(); + VNET_FOREACH(vnet_iter) { + CURVNET_SET(vnet_iter); + INIT_VNET_INET(vnet_iter); struct inpcb *inpb; struct tcpcb *tcpb; struct tseg_qent *te; @@ -868,7 +886,9 @@ tcp_drain(void) INP_WUNLOCK(inpb); } INP_INFO_RUNLOCK(&V_tcbinfo); + CURVNET_RESTORE(); } + VNET_LIST_RUNLOCK(); } /* @@ -926,6 +946,7 @@ tcp_notify(struct inpcb *inp, int error) static int tcp_pcblist(SYSCTL_HANDLER_ARGS) { + INIT_VNET_INET(curvnet); int error, i, m, n, pcb_count; struct inpcb *inp, **inp_list; inp_gen_t gencnt; @@ -1062,6 +1083,7 @@ SYSCTL_PROC(_net_inet_tcp, TCPCTL_PCBLIST, pcblist, CTLFLAG_RD, 0, 0, static int tcp_getcred(SYSCTL_HANDLER_ARGS) { + INIT_VNET_INET(curvnet); struct xucred xuc; struct sockaddr_in addrs[2]; struct inpcb *inp; @@ -1104,6 +1126,8 @@ SYSCTL_PROC(_net_inet_tcp, OID_AUTO, getcred, static int tcp6_getcred(SYSCTL_HANDLER_ARGS) { + INIT_VNET_INET(curvnet); + INIT_VNET_INET6(curvnet); struct xucred xuc; struct sockaddr_in6 addrs[2]; struct inpcb *inp; @@ -1167,6 +1191,7 @@ SYSCTL_PROC(_net_inet6_tcp6, OID_AUTO, getcred, void tcp_ctlinput(int cmd, struct sockaddr *sa, void *vip) { + INIT_VNET_INET(curvnet); struct ip *ip = vip; struct tcphdr *th; struct in_addr faddr; @@ -1286,6 +1311,7 @@ tcp_ctlinput(int cmd, struct sockaddr *sa, void *vip) void tcp6_ctlinput(int cmd, struct sockaddr *sa, void *d) { + INIT_VNET_INET(curvnet); struct tcphdr th; struct inpcb *(*notify)(struct inpcb *, int) = tcp_notify; struct ip6_hdr *ip6; @@ -1414,6 +1440,7 @@ static MD5_CTX isn_ctx; tcp_seq tcp_new_isn(struct tcpcb *tp) { + INIT_VNET_INET(tp->t_vnet); u_int32_t md5_buffer[4]; tcp_seq new_isn; @@ -1464,15 +1491,24 @@ tcp_new_isn(struct tcpcb *tp) static void tcp_isn_tick(void *xtp) { + VNET_ITERATOR_DECL(vnet_iter); u_int32_t projected_offset; ISN_LOCK(); - projected_offset = V_isn_offset_old + ISN_BYTES_PER_SECOND / 100; - - if (SEQ_GT(projected_offset, V_isn_offset)) - V_isn_offset = projected_offset; - - V_isn_offset_old = V_isn_offset; + VNET_LIST_RLOCK(); + VNET_FOREACH(vnet_iter) { + CURVNET_SET(vnet_iter); /* XXX appease INVARIANTS */ + INIT_VNET_INET(curvnet); + projected_offset = + V_isn_offset_old + ISN_BYTES_PER_SECOND / 100; + + if (SEQ_GT(projected_offset, V_isn_offset)) + V_isn_offset = projected_offset; + + V_isn_offset_old = V_isn_offset; + CURVNET_RESTORE(); + } + VNET_LIST_RUNLOCK(); callout_reset(&isn_callout, hz/100, tcp_isn_tick, NULL); ISN_UNLOCK(); } @@ -1485,6 +1521,9 @@ tcp_isn_tick(void *xtp) struct inpcb * tcp_drop_syn_sent(struct inpcb *inp, int errno) { +#ifdef INVARIANTS + INIT_VNET_INET(inp->inp_vnet); +#endif struct tcpcb *tp; INP_INFO_WLOCK_ASSERT(&V_tcbinfo); @@ -1514,6 +1553,7 @@ tcp_drop_syn_sent(struct inpcb *inp, int errno) struct inpcb * tcp_mtudisc(struct inpcb *inp, int errno) { + INIT_VNET_INET(inp->inp_vnet); struct tcpcb *tp; struct socket *so; @@ -1720,6 +1760,7 @@ ipsec_hdrsiz_tcp(struct tcpcb *tp) void tcp_xmit_bandwidth_limit(struct tcpcb *tp, tcp_seq ack_seq) { + INIT_VNET_INET(tp->t_vnet); u_long bw; u_long bwnd; int save_ticks; @@ -2008,6 +2049,10 @@ tcp_signature_compute(struct mbuf *m, int _unused, int len, int optlen, static int sysctl_drop(SYSCTL_HANDLER_ARGS) { + INIT_VNET_INET(curvnet); +#ifdef INET6 + INIT_VNET_INET6(curvnet); +#endif /* addrs[0] is a foreign socket, addrs[1] is a local one. */ struct sockaddr_storage addrs[2]; struct inpcb *inp; diff --git a/sys/netinet/tcp_syncache.c b/sys/netinet/tcp_syncache.c index fe67f81..b3846ce 100644 --- a/sys/netinet/tcp_syncache.c +++ b/sys/netinet/tcp_syncache.c @@ -146,24 +146,30 @@ static struct tcp_syncache tcp_syncache; SYSCTL_NODE(_net_inet_tcp, OID_AUTO, syncache, CTLFLAG_RW, 0, "TCP SYN cache"); -SYSCTL_INT(_net_inet_tcp_syncache, OID_AUTO, bucketlimit, CTLFLAG_RDTUN, - &tcp_syncache.bucket_limit, 0, "Per-bucket hash limit for syncache"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO, + bucketlimit, CTLFLAG_RDTUN, + tcp_syncache.bucket_limit, 0, "Per-bucket hash limit for syncache"); -SYSCTL_INT(_net_inet_tcp_syncache, OID_AUTO, cachelimit, CTLFLAG_RDTUN, - &tcp_syncache.cache_limit, 0, "Overall entry limit for syncache"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO, + cachelimit, CTLFLAG_RDTUN, + tcp_syncache.cache_limit, 0, "Overall entry limit for syncache"); -SYSCTL_INT(_net_inet_tcp_syncache, OID_AUTO, count, CTLFLAG_RD, - &tcp_syncache.cache_count, 0, "Current number of entries in syncache"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO, + count, CTLFLAG_RD, + tcp_syncache.cache_count, 0, "Current number of entries in syncache"); -SYSCTL_INT(_net_inet_tcp_syncache, OID_AUTO, hashsize, CTLFLAG_RDTUN, - &tcp_syncache.hashsize, 0, "Size of TCP syncache hashtable"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO, + hashsize, CTLFLAG_RDTUN, + tcp_syncache.hashsize, 0, "Size of TCP syncache hashtable"); -SYSCTL_INT(_net_inet_tcp_syncache, OID_AUTO, rexmtlimit, CTLFLAG_RW, - &tcp_syncache.rexmt_limit, 0, "Limit on SYN/ACK retransmissions"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO, + rexmtlimit, CTLFLAG_RW, + tcp_syncache.rexmt_limit, 0, "Limit on SYN/ACK retransmissions"); int tcp_sc_rst_sock_fail = 1; -SYSCTL_INT(_net_inet_tcp_syncache, OID_AUTO, rst_on_sock_fail, CTLFLAG_RW, - &tcp_sc_rst_sock_fail, 0, "Send reset on socket allocation failure"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO, + rst_on_sock_fail, CTLFLAG_RW, + tcp_sc_rst_sock_fail, 0, "Send reset on socket allocation failure"); static MALLOC_DEFINE(M_SYNCACHE, "syncache", "TCP syncache"); @@ -198,6 +204,8 @@ static MALLOC_DEFINE(M_SYNCACHE, "syncache", "TCP syncache"); static void syncache_free(struct syncache *sc) { + INIT_VNET_INET(curvnet); + if (sc->sc_ipopts) (void) m_free(sc->sc_ipopts); if (sc->sc_cred) @@ -212,6 +220,7 @@ syncache_free(struct syncache *sc) void syncache_init(void) { + INIT_VNET_INET(curvnet); int i; V_tcp_syncache.cache_count = 0; @@ -265,6 +274,7 @@ syncache_init(void) static void syncache_insert(struct syncache *sc, struct syncache_head *sch) { + INIT_VNET_INET(sch->sch_vnet); struct syncache *sc2; SCH_LOCK(sch); @@ -303,6 +313,7 @@ syncache_insert(struct syncache *sc, struct syncache_head *sch) static void syncache_drop(struct syncache *sc, struct syncache_head *sch) { + INIT_VNET_INET(sch->sch_vnet); SCH_LOCK_ASSERT(sch); @@ -343,6 +354,7 @@ static void syncache_timer(void *xsch) { struct syncache_head *sch = (struct syncache_head *)xsch; + INIT_VNET_INET(sch->sch_vnet); struct syncache *sc, *nsc; int tick = ticks; char *s; @@ -404,6 +416,7 @@ syncache_timer(void *xsch) struct syncache * syncache_lookup(struct in_conninfo *inc, struct syncache_head **schp) { + INIT_VNET_INET(curvnet); struct syncache *sc; struct syncache_head *sch; @@ -451,6 +464,7 @@ syncache_lookup(struct in_conninfo *inc, struct syncache_head **schp) void syncache_chkrst(struct in_conninfo *inc, struct tcphdr *th) { + INIT_VNET_INET(curvnet); struct syncache *sc; struct syncache_head *sch; char *s = NULL; @@ -525,6 +539,7 @@ done: void syncache_badack(struct in_conninfo *inc) { + INIT_VNET_INET(curvnet); struct syncache *sc; struct syncache_head *sch; @@ -540,6 +555,7 @@ syncache_badack(struct in_conninfo *inc) void syncache_unreach(struct in_conninfo *inc, struct tcphdr *th) { + INIT_VNET_INET(curvnet); struct syncache *sc; struct syncache_head *sch; @@ -576,6 +592,7 @@ done: static struct socket * syncache_socket(struct syncache *sc, struct socket *lso, struct mbuf *m) { + INIT_VNET_INET(lso->so_vnet); struct inpcb *inp = NULL; struct socket *so; struct tcpcb *tp; @@ -788,6 +805,7 @@ int syncache_expand(struct in_conninfo *inc, struct tcpopt *to, struct tcphdr *th, struct socket **lsop, struct mbuf *m) { + INIT_VNET_INET(curvnet); struct syncache *sc; struct syncache_head *sch; struct syncache scs; @@ -933,6 +951,7 @@ _syncache_add(struct in_conninfo *inc, struct tcpopt *to, struct tcphdr *th, struct inpcb *inp, struct socket **lsop, struct mbuf *m, struct toe_usrreqs *tu, void *toepcb) { + INIT_VNET_INET(inp->inp_vnet); struct tcpcb *tp; struct socket *so; struct syncache *sc = NULL; @@ -1231,6 +1250,7 @@ done: static int syncache_respond(struct syncache *sc) { + INIT_VNET_INET(curvnet); struct ip *ip = NULL; struct mbuf *m; struct tcphdr *th; @@ -1400,6 +1420,7 @@ tcp_offload_syncache_add(struct in_conninfo *inc, struct tcpopt *to, struct tcphdr *th, struct inpcb *inp, struct socket **lsop, struct toe_usrreqs *tu, void *toepcb) { + INIT_VNET_INET(curvnet); INP_INFO_WLOCK(&V_tcbinfo); INP_WLOCK(inp); @@ -1488,6 +1509,7 @@ static void syncookie_generate(struct syncache_head *sch, struct syncache *sc, u_int32_t *flowlabel) { + INIT_VNET_INET(curvnet); MD5_CTX ctx; u_int32_t md5_buffer[MD5_DIGEST_LENGTH / sizeof(u_int32_t)]; u_int32_t data; @@ -1563,6 +1585,7 @@ syncookie_lookup(struct in_conninfo *inc, struct syncache_head *sch, struct syncache *sc, struct tcpopt *to, struct tcphdr *th, struct socket *so) { + INIT_VNET_INET(curvnet); MD5_CTX ctx; u_int32_t md5_buffer[MD5_DIGEST_LENGTH / sizeof(u_int32_t)]; u_int32_t data = 0; @@ -1670,6 +1693,7 @@ syncookie_lookup(struct in_conninfo *inc, struct syncache_head *sch, int syncache_pcbcount(void) { + INIT_VNET_INET(curvnet); struct syncache_head *sch; int count, i; @@ -1693,6 +1717,7 @@ syncache_pcbcount(void) int syncache_pcblist(struct sysctl_req *req, int max_pcbs, int *pcbs_exported) { + INIT_VNET_INET(curvnet); struct xtcpcb xt; struct syncache *sc; struct syncache_head *sch; diff --git a/sys/netinet/tcp_timer.c b/sys/netinet/tcp_timer.c index db156ec..2e70719 100644 --- a/sys/netinet/tcp_timer.c +++ b/sys/netinet/tcp_timer.c @@ -124,11 +124,19 @@ int tcp_maxidle; void tcp_slowtimo(void) { - - tcp_maxidle = tcp_keepcnt * tcp_keepintvl; - INP_INFO_WLOCK(&V_tcbinfo); - (void) tcp_tw_2msl_scan(0); - INP_INFO_WUNLOCK(&V_tcbinfo); + VNET_ITERATOR_DECL(vnet_iter); + + VNET_LIST_RLOCK(); + VNET_FOREACH(vnet_iter) { + CURVNET_SET(vnet_iter); + INIT_VNET_INET(vnet_iter); + tcp_maxidle = tcp_keepcnt * tcp_keepintvl; + INP_INFO_WLOCK(&V_tcbinfo); + (void) tcp_tw_2msl_scan(0); + INP_INFO_WUNLOCK(&V_tcbinfo); + CURVNET_RESTORE(); + } + VNET_LIST_RUNLOCK(); } int tcp_syn_backoff[TCP_MAXRXTSHIFT + 1] = @@ -152,6 +160,8 @@ tcp_timer_delack(void *xtp) { struct tcpcb *tp = xtp; struct inpcb *inp; + CURVNET_SET(tp->t_vnet); + INIT_VNET_INET(tp->t_vnet); INP_INFO_RLOCK(&V_tcbinfo); inp = tp->t_inpcb; @@ -165,6 +175,7 @@ tcp_timer_delack(void *xtp) if (inp == NULL) { tcp_timer_race++; INP_INFO_RUNLOCK(&V_tcbinfo); + CURVNET_RESTORE(); return; } INP_WLOCK(inp); @@ -172,6 +183,7 @@ tcp_timer_delack(void *xtp) if ((inp->inp_vflag & INP_DROPPED) || callout_pending(&tp->t_timers->tt_delack) || !callout_active(&tp->t_timers->tt_delack)) { INP_WUNLOCK(inp); + CURVNET_RESTORE(); return; } callout_deactivate(&tp->t_timers->tt_delack); @@ -180,6 +192,7 @@ tcp_timer_delack(void *xtp) V_tcpstat.tcps_delack++; (void) tcp_output(tp); INP_WUNLOCK(inp); + CURVNET_RESTORE(); } void @@ -187,6 +200,8 @@ tcp_timer_2msl(void *xtp) { struct tcpcb *tp = xtp; struct inpcb *inp; + CURVNET_SET(tp->t_vnet); + INIT_VNET_INET(tp->t_vnet); #ifdef TCPDEBUG int ostate; @@ -207,6 +222,7 @@ tcp_timer_2msl(void *xtp) if (inp == NULL) { tcp_timer_race++; INP_INFO_WUNLOCK(&V_tcbinfo); + CURVNET_RESTORE(); return; } INP_WLOCK(inp); @@ -215,6 +231,7 @@ tcp_timer_2msl(void *xtp) !callout_active(&tp->t_timers->tt_2msl)) { INP_WUNLOCK(tp->t_inpcb); INP_INFO_WUNLOCK(&V_tcbinfo); + CURVNET_RESTORE(); return; } callout_deactivate(&tp->t_timers->tt_2msl); @@ -250,6 +267,7 @@ tcp_timer_2msl(void *xtp) if (tp != NULL) INP_WUNLOCK(inp); INP_INFO_WUNLOCK(&V_tcbinfo); + CURVNET_RESTORE(); } void @@ -258,6 +276,8 @@ tcp_timer_keep(void *xtp) struct tcpcb *tp = xtp; struct tcptemp *t_template; struct inpcb *inp; + CURVNET_SET(tp->t_vnet); + INIT_VNET_INET(tp->t_vnet); #ifdef TCPDEBUG int ostate; @@ -275,6 +295,7 @@ tcp_timer_keep(void *xtp) if (inp == NULL) { tcp_timer_race++; INP_INFO_WUNLOCK(&V_tcbinfo); + CURVNET_RESTORE(); return; } INP_WLOCK(inp); @@ -282,6 +303,7 @@ tcp_timer_keep(void *xtp) || !callout_active(&tp->t_timers->tt_keep)) { INP_WUNLOCK(inp); INP_INFO_WUNLOCK(&V_tcbinfo); + CURVNET_RESTORE(); return; } callout_deactivate(&tp->t_timers->tt_keep); @@ -327,6 +349,7 @@ tcp_timer_keep(void *xtp) #endif INP_WUNLOCK(inp); INP_INFO_WUNLOCK(&V_tcbinfo); + CURVNET_RESTORE(); return; dropit: @@ -341,6 +364,7 @@ dropit: if (tp != NULL) INP_WUNLOCK(tp->t_inpcb); INP_INFO_WUNLOCK(&V_tcbinfo); + CURVNET_RESTORE(); } void @@ -348,6 +372,8 @@ tcp_timer_persist(void *xtp) { struct tcpcb *tp = xtp; struct inpcb *inp; + CURVNET_SET(tp->t_vnet); + INIT_VNET_INET(tp->t_vnet); #ifdef TCPDEBUG int ostate; @@ -365,6 +391,7 @@ tcp_timer_persist(void *xtp) if (inp == NULL) { tcp_timer_race++; INP_INFO_WUNLOCK(&V_tcbinfo); + CURVNET_RESTORE(); return; } INP_WLOCK(inp); @@ -372,6 +399,7 @@ tcp_timer_persist(void *xtp) || !callout_active(&tp->t_timers->tt_persist)) { INP_WUNLOCK(inp); INP_INFO_WUNLOCK(&V_tcbinfo); + CURVNET_RESTORE(); return; } callout_deactivate(&tp->t_timers->tt_persist); @@ -407,12 +435,15 @@ out: if (tp != NULL) INP_WUNLOCK(inp); INP_INFO_WUNLOCK(&V_tcbinfo); + CURVNET_RESTORE(); } void tcp_timer_rexmt(void * xtp) { struct tcpcb *tp = xtp; + CURVNET_SET(tp->t_vnet); + INIT_VNET_INET(tp->t_vnet); int rexmt; int headlocked; struct inpcb *inp; @@ -434,6 +465,7 @@ tcp_timer_rexmt(void * xtp) if (inp == NULL) { tcp_timer_race++; INP_INFO_WUNLOCK(&V_tcbinfo); + CURVNET_RESTORE(); return; } INP_WLOCK(inp); @@ -441,6 +473,7 @@ tcp_timer_rexmt(void * xtp) || !callout_active(&tp->t_timers->tt_rexmt)) { INP_WUNLOCK(inp); INP_INFO_WUNLOCK(&V_tcbinfo); + CURVNET_RESTORE(); return; } callout_deactivate(&tp->t_timers->tt_rexmt); @@ -564,6 +597,7 @@ out: INP_WUNLOCK(inp); if (headlocked) INP_INFO_WUNLOCK(&V_tcbinfo); + CURVNET_RESTORE(); } void diff --git a/sys/netinet/tcp_timewait.c b/sys/netinet/tcp_timewait.c index 75d61e7..83b8aa6 100644 --- a/sys/netinet/tcp_timewait.c +++ b/sys/netinet/tcp_timewait.c @@ -110,6 +110,7 @@ static void tcp_tw_2msl_stop(struct tcptw *); static int tcptw_auto_size(void) { + INIT_VNET_INET(curvnet); int halfrange; /* @@ -162,6 +163,7 @@ tcp_tw_zone_change(void) void tcp_tw_init(void) { + INIT_VNET_INET(curvnet); tcptw_zone = uma_zcreate("tcptw", sizeof(struct tcptw), NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE); @@ -181,6 +183,9 @@ tcp_tw_init(void) void tcp_twstart(struct tcpcb *tp) { +#if defined(INVARIANTS) || defined(INVARIANT_SUPPORT) + INIT_VNET_INET(tp->t_vnet); +#endif struct tcptw *tw; struct inpcb *inp = tp->t_inpcb; int acknow; @@ -296,6 +301,7 @@ tcp_twstart(struct tcpcb *tp) int tcp_twrecycleable(struct tcptw *tw) { + INIT_VNET_INET(curvnet); tcp_seq new_iss = tw->iss; tcp_seq new_irs = tw->irs; @@ -318,6 +324,9 @@ int tcp_twcheck(struct inpcb *inp, struct tcpopt *to, struct tcphdr *th, struct mbuf *m, int tlen) { +#if defined(INVARIANTS) || defined(INVARIANT_SUPPORT) + INIT_VNET_INET(curvnet); +#endif struct tcptw *tw; int thflags; tcp_seq seq; @@ -454,6 +463,7 @@ drop: void tcp_twclose(struct tcptw *tw, int reuse) { + INIT_VNET_INET(curvnet); struct socket *so; struct inpcb *inp; @@ -521,6 +531,7 @@ tcp_twclose(struct tcptw *tw, int reuse) int tcp_twrespond(struct tcptw *tw, int flags) { + INIT_VNET_INET(curvnet); struct inpcb *inp = tw->tw_inpcb; struct tcphdr *th; struct mbuf *m; @@ -614,6 +625,7 @@ tcp_twrespond(struct tcptw *tw, int flags) static void tcp_tw_2msl_reset(struct tcptw *tw, int rearm) { + INIT_VNET_INET(curvnet); INP_INFO_WLOCK_ASSERT(&V_tcbinfo); INP_WLOCK_ASSERT(tw->tw_inpcb); @@ -626,6 +638,7 @@ tcp_tw_2msl_reset(struct tcptw *tw, int rearm) static void tcp_tw_2msl_stop(struct tcptw *tw) { + INIT_VNET_INET(curvnet); INP_INFO_WLOCK_ASSERT(&V_tcbinfo); TAILQ_REMOVE(&V_twq_2msl, tw, tw_2msl); @@ -634,6 +647,7 @@ tcp_tw_2msl_stop(struct tcptw *tw) struct tcptw * tcp_tw_2msl_scan(int reuse) { + INIT_VNET_INET(curvnet); struct tcptw *tw; INP_INFO_WLOCK_ASSERT(&V_tcbinfo); diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c index 6a19ad0..856d3f0 100644 --- a/sys/netinet/tcp_usrreq.c +++ b/sys/netinet/tcp_usrreq.c @@ -159,6 +159,9 @@ tcp_detach(struct socket *so, struct inpcb *inp) #ifdef INET6 int isipv6 = INP_CHECK_SOCKAF(so, AF_INET6) != 0; #endif +#ifdef INVARIANTS + INIT_VNET_INET(so->so_vnet); +#endif INP_INFO_WLOCK_ASSERT(&V_tcbinfo); INP_WLOCK_ASSERT(inp); @@ -249,6 +252,7 @@ tcp_detach(struct socket *so, struct inpcb *inp) static void tcp_usr_detach(struct socket *so) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -267,6 +271,7 @@ tcp_usr_detach(struct socket *so) static int tcp_usr_bind(struct socket *so, struct sockaddr *nam, struct thread *td) { + INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp; struct tcpcb *tp = NULL; @@ -307,6 +312,7 @@ out: static int tcp6_usr_bind(struct socket *so, struct sockaddr *nam, struct thread *td) { + INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp; struct tcpcb *tp = NULL; @@ -365,6 +371,7 @@ out: static int tcp_usr_listen(struct socket *so, int backlog, struct thread *td) { + INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp; struct tcpcb *tp = NULL; @@ -402,6 +409,7 @@ out: static int tcp6_usr_listen(struct socket *so, int backlog, struct thread *td) { + INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp; struct tcpcb *tp = NULL; @@ -449,6 +457,7 @@ out: static int tcp_usr_connect(struct socket *so, struct sockaddr *nam, struct thread *td) { + INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp; struct tcpcb *tp = NULL; @@ -491,6 +500,7 @@ out: static int tcp6_usr_connect(struct socket *so, struct sockaddr *nam, struct thread *td) { + INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp; struct tcpcb *tp = NULL; @@ -563,6 +573,7 @@ out: static int tcp_usr_disconnect(struct socket *so) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; struct tcpcb *tp = NULL; int error = 0; @@ -594,6 +605,7 @@ out: static int tcp_usr_accept(struct socket *so, struct sockaddr **nam) { + INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp = NULL; struct tcpcb *tp = NULL; @@ -691,6 +703,7 @@ out: static int tcp_usr_shutdown(struct socket *so) { + INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp; struct tcpcb *tp = NULL; @@ -757,6 +770,7 @@ static int tcp_usr_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, struct mbuf *control, struct thread *td) { + INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp; struct tcpcb *tp = NULL; @@ -912,6 +926,7 @@ out: static void tcp_usr_abort(struct socket *so) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; struct tcpcb *tp = NULL; TCPDEBUG0; @@ -950,6 +965,7 @@ tcp_usr_abort(struct socket *so) static void tcp_usr_close(struct socket *so) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; struct tcpcb *tp = NULL; TCPDEBUG0; @@ -1082,6 +1098,7 @@ tcp_connect(struct tcpcb *tp, struct sockaddr *nam, struct thread *td) { struct inpcb *inp = tp->t_inpcb, *oinp; struct socket *so = inp->inp_socket; + INIT_VNET_INET(so->so_vnet); struct in_addr laddr; u_short lport; int error; @@ -1137,6 +1154,7 @@ tcp6_connect(struct tcpcb *tp, struct sockaddr *nam, struct thread *td) { struct inpcb *inp = tp->t_inpcb, *oinp; struct socket *so = inp->inp_socket; + INIT_VNET_INET(so->so_vnet); struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; struct in6_addr *addr6; int error; @@ -1258,6 +1276,7 @@ tcp_fill_info(struct tcpcb *tp, struct tcp_info *ti) int tcp_ctloutput(struct socket *so, struct sockopt *sopt) { + INIT_VNET_INET(so->so_vnet); int error, opt, optval; struct inpcb *inp; struct tcpcb *tp; @@ -1445,6 +1464,7 @@ SYSCTL_ULONG(_net_inet_tcp, TCPCTL_RECVSPACE, recvspace, CTLFLAG_RW, static int tcp_attach(struct socket *so) { + INIT_VNET_INET(so->so_vnet); struct tcpcb *tp; struct inpcb *inp; int error; @@ -1509,6 +1529,9 @@ tcp_disconnect(struct tcpcb *tp) { struct inpcb *inp = tp->t_inpcb; struct socket *so = inp->inp_socket; +#ifdef INVARIANTS + INIT_VNET_INET(so->so_vnet); +#endif INP_INFO_WLOCK_ASSERT(&V_tcbinfo); INP_WLOCK_ASSERT(inp); @@ -1547,6 +1570,9 @@ tcp_disconnect(struct tcpcb *tp) static void tcp_usrclosed(struct tcpcb *tp) { +#ifdef INVARIANTS + INIT_VNET_INET(tp->t_inpcb->inp_vnet); +#endif INP_INFO_WLOCK_ASSERT(&V_tcbinfo); INP_WLOCK_ASSERT(tp->t_inpcb); diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index 52ddbec..f33b760 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -137,8 +137,9 @@ struct inpcbinfo udbinfo; #endif struct udpstat udpstat; /* from udp_var.h */ -SYSCTL_STRUCT(_net_inet_udp, UDPCTL_STATS, stats, CTLFLAG_RW, &udpstat, - udpstat, "UDP statistics (struct udpstat, netinet/udp_var.h)"); +SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_udp, UDPCTL_STATS, stats, + CTLFLAG_RW, udpstat, udpstat, + "UDP statistics (struct udpstat, netinet/udp_var.h)"); static void udp_detach(struct socket *so); static int udp_output(struct inpcb *, struct mbuf *, struct sockaddr *, @@ -164,6 +165,7 @@ udp_inpcb_init(void *mem, int size, int flags) void udp_init(void) { + INIT_VNET_INET(curvnet); INP_INFO_LOCK_INIT(&V_udbinfo, "udp"); LIST_INIT(&V_udb); @@ -202,6 +204,7 @@ udp_append(struct inpcb *inp, struct ip *ip, struct mbuf *n, int off, #ifdef IPSEC /* Check AH/ESP integrity. */ if (ipsec4_in_reject(n, inp)) { + INIT_VNET_IPSEC(curvnet); m_freem(n); V_ipsec4stat.in_polvio++; return; @@ -237,6 +240,7 @@ udp_append(struct inpcb *inp, struct ip *ip, struct mbuf *n, int off, so = inp->inp_socket; SOCKBUF_LOCK(&so->so_rcv); if (sbappendaddr_locked(&so->so_rcv, append_sa, n, opts) == 0) { + INIT_VNET_INET(so->so_vnet); SOCKBUF_UNLOCK(&so->so_rcv); m_freem(n); if (opts) @@ -249,6 +253,7 @@ udp_append(struct inpcb *inp, struct ip *ip, struct mbuf *n, int off, void udp_input(struct mbuf *m, int off) { + INIT_VNET_INET(curvnet); int iphlen = off; struct ip *ip; struct udphdr *uh; @@ -586,6 +591,7 @@ udp_notify(struct inpcb *inp, int errno) void udp_ctlinput(int cmd, struct sockaddr *sa, void *vip) { + INIT_VNET_INET(curvnet); struct ip *ip = vip; struct udphdr *uh; struct in_addr faddr; @@ -632,6 +638,7 @@ udp_ctlinput(int cmd, struct sockaddr *sa, void *vip) static int udp_pcblist(SYSCTL_HANDLER_ARGS) { + INIT_VNET_INET(curvnet); int error, i, n; struct inpcb *inp, **inp_list; inp_gen_t gencnt; @@ -730,6 +737,7 @@ SYSCTL_PROC(_net_inet_udp, UDPCTL_PCBLIST, pcblist, CTLFLAG_RD, 0, 0, static int udp_getcred(SYSCTL_HANDLER_ARGS) { + INIT_VNET_INET(curvnet); struct xucred xuc; struct sockaddr_in addrs[2]; struct inpcb *inp; @@ -772,6 +780,7 @@ static int udp_output(struct inpcb *inp, struct mbuf *m, struct sockaddr *addr, struct mbuf *control, struct thread *td) { + INIT_VNET_INET(inp->inp_vnet); struct udpiphdr *ui; int len = m->m_pkthdr.len; struct in_addr faddr, laddr; @@ -1081,6 +1090,7 @@ release: static void udp_abort(struct socket *so) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -1099,6 +1109,7 @@ udp_abort(struct socket *so) static int udp_attach(struct socket *so, int proto, struct thread *td) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; int error; @@ -1125,6 +1136,7 @@ udp_attach(struct socket *so, int proto, struct thread *td) static int udp_bind(struct socket *so, struct sockaddr *nam, struct thread *td) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; int error; @@ -1141,6 +1153,7 @@ udp_bind(struct socket *so, struct sockaddr *nam, struct thread *td) static void udp_close(struct socket *so) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -1159,6 +1172,7 @@ udp_close(struct socket *so) static int udp_connect(struct socket *so, struct sockaddr *nam, struct thread *td) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; int error; struct sockaddr_in *sin; @@ -1186,6 +1200,7 @@ udp_connect(struct socket *so, struct sockaddr *nam, struct thread *td) static void udp_detach(struct socket *so) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -1202,6 +1217,7 @@ udp_detach(struct socket *so) static int udp_disconnect(struct socket *so) { + INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); diff --git a/sys/netinet/vinet.h b/sys/netinet/vinet.h new file mode 100644 index 0000000..1f16dfd --- /dev/null +++ b/sys/netinet/vinet.h @@ -0,0 +1,331 @@ +/*- + * Copyright (c) 2006-2008 University of Zagreb + * Copyright (c) 2006-2008 FreeBSD Foundation + * + * This software was developed by the University of Zagreb and the + * FreeBSD Foundation under sponsorship by the Stichting NLnet and the + * FreeBSD Foundation. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _NETINET_VINET_H_ +#define _NETINET_VINET_H_ + +#ifdef VIMAGE +#include <sys/socketvar.h> +#include <sys/sysctl.h> +#include <sys/md5.h> + +#include <netinet/in.h> +#include <netinet/in_systm.h> +#include <netinet/in_var.h> +#include <netinet/in_pcb.h> +#include <netinet/ip_var.h> +#include <netinet/ip.h> +#include <netinet/ip_icmp.h> +#include <netinet/icmp_var.h> +#include <netinet/igmp_var.h> +#include <netinet/tcp.h> +#include <netinet/tcp_var.h> +#include <netinet/tcp_hostcache.h> +#include <netinet/tcp_syncache.h> +#include <netinet/udp.h> +#include <netinet/udp_var.h> + +struct vnet_inet { + struct in_ifaddrhashhead *_in_ifaddrhashtbl; + struct in_ifaddrhead _in_ifaddrhead; + u_long _in_ifaddrhmask; + struct in_multihead _in_multihead; + + int _arpt_keep; + int _arp_maxtries; + int _useloopback; + int _arp_proxyall; + int _subnetsarelocal; + int _sameprefixcarponly; + + int _ipforwarding; + int _ipstealth; + int _ipfastforward_active; + int _ipsendredirects; + int _ip_defttl; + int _ip_keepfaith; + int _ip_sendsourcequench; + int _ip_do_randomid; + int _ip_checkinterface; + u_short _ip_id; + + uma_zone_t _ipq_zone; + int _nipq; /* Total # of reass queues */ + int _maxnipq; /* Admin. limit on # reass queues. */ + int _maxfragsperpacket; + TAILQ_HEAD(ipqhead, ipq) _ipq[IPREASS_NHASH]; + + struct inpcbhead _tcb; /* head of queue of active tcpcb's */ + struct inpcbinfo _tcbinfo; + struct tcpstat _tcpstat; /* tcp statistics */ + struct tcp_hostcache _tcp_hostcache; + struct callout _tcp_hc_callout; + struct tcp_syncache _tcp_syncache; + struct inpcbhead _divcb; + struct inpcbinfo _divcbinfo; + TAILQ_HEAD(, tcptw) _twq_2msl; + + int _tcp_sc_rst_sock_fail; + int _tcp_mssdflt; + int _tcp_v6mssdflt; + int _tcp_minmss; + int _tcp_do_rfc1323; + int _icmp_may_rst; + int _tcp_isn_reseed_interval; + int _tcp_inflight_enable; + int _tcp_inflight_rttthresh; + int _tcp_inflight_min; + int _tcp_inflight_max; + int _tcp_inflight_stab; + int _nolocaltimewait; + int _path_mtu_discovery; + int _ss_fltsz; + int _ss_fltsz_local; + int _tcp_do_newreno; + int _tcp_do_tso; + int _tcp_do_autosndbuf; + int _tcp_autosndbuf_inc; + int _tcp_autosndbuf_max; + int _tcp_do_sack; + int _tcp_sack_maxholes; + int _tcp_sack_globalmaxholes; + int _tcp_sack_globalholes; + int _blackhole; + int _tcp_delack_enabled; + int _drop_synfin; + int _tcp_do_rfc3042; + int _tcp_do_rfc3390; + int _tcp_do_ecn; + int _tcp_ecn_maxretries; + int _tcp_insecure_rst; + int _tcp_do_autorcvbuf; + int _tcp_autorcvbuf_inc; + int _tcp_autorcvbuf_max; + int _tcp_reass_maxseg; + int _tcp_reass_qsize; + int _tcp_reass_maxqlen; + int _tcp_reass_overflows; + + u_char _isn_secret[32]; + int _isn_last_reseed; + u_int32_t _isn_offset; + u_int32_t _isn_offset_old; + MD5_CTX _isn_ctx; + + struct inpcbhead _udb; + struct inpcbinfo _udbinfo; + struct udpstat _udpstat; + int _udp_blackhole; + + struct inpcbhead _ripcb; + struct inpcbinfo _ripcbinfo; + struct socket *_ip_mrouter; + + struct socket *_ip_rsvpd; + int _ip_rsvp_on; + int _rsvp_on; + + struct icmpstat _icmpstat; + struct ipstat _ipstat; + struct igmpstat _igmpstat; + + SLIST_HEAD(, router_info) _router_info_head; + + int _rtq_timeout; + int _rtq_reallyold; + int _rtq_minreallyold; + int _rtq_toomany; + struct callout _rtq_timer; + + int _ipport_lowfirstauto; + int _ipport_lowlastauto; + int _ipport_firstauto; + int _ipport_lastauto; + int _ipport_hifirstauto; + int _ipport_hilastauto; + int _ipport_reservedhigh; + int _ipport_reservedlow; + int _ipport_randomized; + int _ipport_randomcps; + int _ipport_randomtime; + int _ipport_stoprandom; + int _ipport_tcpallocs; + int _ipport_tcplastcount; + + int _icmpmaskrepl; + u_int _icmpmaskfake; + int _drop_redirect; + int _log_redirect; + int _icmplim; + int _icmplim_output; + char _reply_src[IFNAMSIZ]; + int _icmp_rfi; + int _icmp_quotelen; + int _icmpbmcastecho; +}; +#endif + + +/* + * Symbol translation macros + */ +#define INIT_VNET_INET(vnet) \ + INIT_FROM_VNET(vnet, VNET_MOD_INET, struct vnet_inet, vnet_inet) + +#define VNET_INET(sym) VSYM(vnet_inet, sym) + +#define V_arp_maxtries VNET_INET(arp_maxtries) +#define V_arp_proxyall VNET_INET(arp_proxyall) +#define V_arpt_keep VNET_INET(arpt_keep) +#define V_arpt_prune VNET_INET(arpt_prune) +#define V_blackhole VNET_INET(blackhole) +#define V_divcb VNET_INET(divcb) +#define V_divcbinfo VNET_INET(divcbinfo) +#define V_drop_redirect VNET_INET(drop_redirect) +#define V_drop_synfin VNET_INET(drop_synfin) +#define V_icmp_may_rst VNET_INET(icmp_may_rst) +#define V_icmp_quotelen VNET_INET(icmp_quotelen) +#define V_icmp_rfi VNET_INET(icmp_rfi) +#define V_icmpbmcastecho VNET_INET(icmpbmcastecho) +#define V_icmplim VNET_INET(icmplim) +#define V_icmplim_output VNET_INET(icmplim_output) +#define V_icmpmaskfake VNET_INET(icmpmaskfake) +#define V_icmpmaskrepl VNET_INET(icmpmaskrepl) +#define V_icmpstat VNET_INET(icmpstat) +#define V_igmpstat VNET_INET(igmpstat) +#define V_in_ifaddrhashtbl VNET_INET(in_ifaddrhashtbl) +#define V_in_ifaddrhead VNET_INET(in_ifaddrhead) +#define V_in_ifaddrhmask VNET_INET(in_ifaddrhmask) +#define V_in_multihead VNET_INET(in_multihead) +#define V_ip_checkinterface VNET_INET(ip_checkinterface) +#define V_ip_defttl VNET_INET(ip_defttl) +#define V_ip_do_randomid VNET_INET(ip_do_randomid) +#define V_ip_id VNET_INET(ip_id) +#define V_ip_keepfaith VNET_INET(ip_keepfaith) +#define V_ip_mrouter VNET_INET(ip_mrouter) +#define V_ip_rsvp_on VNET_INET(ip_rsvp_on) +#define V_ip_rsvpd VNET_INET(ip_rsvpd) +#define V_ip_sendsourcequench VNET_INET(ip_sendsourcequench) +#define V_ipfastforward_active VNET_INET(ipfastforward_active) +#define V_ipforwarding VNET_INET(ipforwarding) +#define V_ipport_firstauto VNET_INET(ipport_firstauto) +#define V_ipport_hifirstauto VNET_INET(ipport_hifirstauto) +#define V_ipport_hilastauto VNET_INET(ipport_hilastauto) +#define V_ipport_lastauto VNET_INET(ipport_lastauto) +#define V_ipport_lowfirstauto VNET_INET(ipport_lowfirstauto) +#define V_ipport_lowlastauto VNET_INET(ipport_lowlastauto) +#define V_ipport_randomcps VNET_INET(ipport_randomcps) +#define V_ipport_randomized VNET_INET(ipport_randomized) +#define V_ipport_randomtime VNET_INET(ipport_randomtime) +#define V_ipport_reservedhigh VNET_INET(ipport_reservedhigh) +#define V_ipport_reservedlow VNET_INET(ipport_reservedlow) +#define V_ipport_stoprandom VNET_INET(ipport_stoprandom) +#define V_ipport_tcpallocs VNET_INET(ipport_tcpallocs) +#define V_ipport_tcplastcount VNET_INET(ipport_tcplastcount) +#define V_ipq VNET_INET(ipq) +#define V_ipq_zone VNET_INET(ipq_zone) +#define V_ipsendredirects VNET_INET(ipsendredirects) +#define V_ipstat VNET_INET(ipstat) +#define V_ipstealth VNET_INET(ipstealth) +#define V_isn_ctx VNET_INET(isn_ctx) +#define V_isn_last_reseed VNET_INET(isn_last_reseed) +#define V_isn_offset VNET_INET(isn_offset) +#define V_isn_offset_old VNET_INET(isn_offset_old) +#define V_isn_secret VNET_INET(isn_secret) +#define V_llinfo_arp VNET_INET(llinfo_arp) +#define V_log_redirect VNET_INET(log_redirect) +#define V_maxfragsperpacket VNET_INET(maxfragsperpacket) +#define V_maxnipq VNET_INET(maxnipq) +#define V_nipq VNET_INET(nipq) +#define V_nolocaltimewait VNET_INET(nolocaltimewait) +#define V_path_mtu_discovery VNET_INET(path_mtu_discovery) +#define V_reply_src VNET_INET(reply_src) +#define V_ripcb VNET_INET(ripcb) +#define V_ripcbinfo VNET_INET(ripcbinfo) +#define V_router_info_head VNET_INET(router_info_head) +#define V_rsvp_on VNET_INET(rsvp_on) +#define V_rtq_minreallyold VNET_INET(rtq_minreallyold) +#define V_rtq_reallyold VNET_INET(rtq_reallyold) +#define V_rtq_timeout VNET_INET(rtq_timeout) +#define V_rtq_timer VNET_INET(rtq_timer) +#define V_rtq_toomany VNET_INET(rtq_toomany) +#define V_sameprefixcarponly VNET_INET(sameprefixcarponly) +#define V_ss_fltsz VNET_INET(ss_fltsz) +#define V_ss_fltsz_local VNET_INET(ss_fltsz_local) +#define V_subnetsarelocal VNET_INET(subnetsarelocal) +#define V_tcb VNET_INET(tcb) +#define V_tcbinfo VNET_INET(tcbinfo) +#define V_tcp_autorcvbuf_inc VNET_INET(tcp_autorcvbuf_inc) +#define V_tcp_autorcvbuf_max VNET_INET(tcp_autorcvbuf_max) +#define V_tcp_autosndbuf_inc VNET_INET(tcp_autosndbuf_inc) +#define V_tcp_autosndbuf_max VNET_INET(tcp_autosndbuf_max) +#define V_tcp_delack_enabled VNET_INET(tcp_delack_enabled) +#define V_tcp_do_autorcvbuf VNET_INET(tcp_do_autorcvbuf) +#define V_tcp_do_autosndbuf VNET_INET(tcp_do_autosndbuf) +#define V_tcp_do_ecn VNET_INET(tcp_do_ecn) +#define V_tcp_do_newreno VNET_INET(tcp_do_newreno) +#define V_tcp_do_rfc1323 VNET_INET(tcp_do_rfc1323) +#define V_tcp_do_rfc3042 VNET_INET(tcp_do_rfc3042) +#define V_tcp_do_rfc3390 VNET_INET(tcp_do_rfc3390) +#define V_tcp_do_sack VNET_INET(tcp_do_sack) +#define V_tcp_do_tso VNET_INET(tcp_do_tso) +#define V_tcp_ecn_maxretries VNET_INET(tcp_ecn_maxretries) +#define V_tcp_hc_callout VNET_INET(tcp_hc_callout) +#define V_tcp_hostcache VNET_INET(tcp_hostcache) +#define V_tcp_inflight_enable VNET_INET(tcp_inflight_enable) +#define V_tcp_inflight_max VNET_INET(tcp_inflight_max) +#define V_tcp_inflight_min VNET_INET(tcp_inflight_min) +#define V_tcp_inflight_rttthresh VNET_INET(tcp_inflight_rttthresh) +#define V_tcp_inflight_stab VNET_INET(tcp_inflight_stab) +#define V_tcp_insecure_rst VNET_INET(tcp_insecure_rst) +#define V_tcp_isn_reseed_interval VNET_INET(tcp_isn_reseed_interval) +#define V_tcp_minmss VNET_INET(tcp_minmss) +#define V_tcp_mssdflt VNET_INET(tcp_mssdflt) +#define V_tcp_reass_maxqlen VNET_INET(tcp_reass_maxqlen) +#define V_tcp_reass_maxseg VNET_INET(tcp_reass_maxseg) +#define V_tcp_reass_overflows VNET_INET(tcp_reass_overflows) +#define V_tcp_reass_qsize VNET_INET(tcp_reass_qsize) +#define V_tcp_sack_globalholes VNET_INET(tcp_sack_globalholes) +#define V_tcp_sack_globalmaxholes VNET_INET(tcp_sack_globalmaxholes) +#define V_tcp_sack_maxholes VNET_INET(tcp_sack_maxholes) +#define V_tcp_sc_rst_sock_fail VNET_INET(tcp_sc_rst_sock_fail) +#define V_tcp_syncache VNET_INET(tcp_syncache) +#define V_tcp_v6mssdflt VNET_INET(tcp_v6mssdflt) +#define V_tcpstat VNET_INET(tcpstat) +#define V_twq_2msl VNET_INET(twq_2msl) +#define V_udb VNET_INET(udb) +#define V_udbinfo VNET_INET(udbinfo) +#define V_udp_blackhole VNET_INET(udp_blackhole) +#define V_udpstat VNET_INET(udpstat) +#define V_useloopback VNET_INET(useloopback) + +#endif /* !_NETINET_VINET_H_ */ |
