summaryrefslogtreecommitdiffstats
path: root/sys/kern/uipc_sockbuf.c
Commit message (Collapse)AuthorAgeFilesLines
...
* Make sure that sockets undergoing accept filtering are aborted in asilby2002-04-261-1/+7
| | | | | | | | | LRU fashion when the listen queue fills up. Previously, there was no mechanism to kick out old sockets, leading to an easy DoS of daemons using accept filtering. Reviewed by: alfred MFC after: 3 days
* Remove sodropablereq - this function hasn't been used since thesilby2002-04-241-44/+0
| | | | | | syncache went in. MFC after: 3 days
* Backout part of my previous commit; I was wrong about vm_zone's handling ofjeff2002-03-201-0/+14
| | | | limits on zones w/o objects.
* Remove references to vm_zone.h and switch over to the new uma API.jeff2002-03-201-14/+0
| | | | | Also, remove maxsockets. If you look carefully you'll notice that the old zone allocator never honored this anyway.
* Get rid of the twisted MFREE() macro entirely.dillon2002-02-051-8/+5
| | | | | Reviewed by: dg, bmilekic MFC after: 3 days
* Revert 1.81; 1.19 fixed this already in a different way.silby2002-01-091-3/+1
|
* Reorder a calculation in sbreserve so that it does not overflowsilby2002-01-061-1/+3
| | | | | | | with multi-megabyte socket buffer sizes. PR: 7420 MFC after: 3 weeks
* Make AIO a loadable module.alfred2001-12-291-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | Remove the explicit call to aio_proc_rundown() from exit1(), instead AIO will use at_exit(9). Add functions at_exec(9), rm_at_exec(9) which function nearly the same as at_exec(9) and rm_at_exec(9), these functions are called on behalf of modules at the time of execve(2) after the image activator has run. Use a modified version of tegge's suggestion via at_exec(9) to close an exploitable race in AIO. Fix SYSCALL_MODULE_HELPER such that it's archetecuterally neutral, the problem was that one had to pass it a paramater indicating the number of arguments which were actually the number of "int". Fix it by using an inline version of the AS macro against the syscall arguments. (AS should be available globally but we'll get to that later.) Add a primative system for dynamically adding kqueue ops, it's really not as sophisticated as it should be, but I'll discuss with jlemon when he's around.
* Avoid an interaction between syncache and accept filters. The syncachepeter2001-12-211-0/+2
| | | | | | | | code only passed up the connection to the tcp stack when it was complete, so it went directly into the so_comp (complete) queue. However, with accept filters, there is an additional phase before calling it "complete". Reviewed by: jlemon
* o Back out portions of 1.50 and 1.47, eliminating sonewconn3() andrwatson2001-12-131-14/+1
| | | | | | | | | | | | always deriving the credential for a newly accepted connection from the listen socket. Previously, the selection of the credential depended on the protocol: UNIX domain sockets would use the connecting process's credential, and protocols supporting a creation of the socket before the receiving end called accept() would use the listening socket. After this change, it is always the listening credential. Reviewed by: green
* Give struct socket structures a ref counting interface similar todillon2001-11-171-1/+3
| | | | | | | vnodes. This will hopefully serve as a base from which we can expand the MP code. We currently do not attempt to obtain any mutex or SX locks, but the door is open to add them when we nail down exactly how that part of it is going to work.
* Change the kernel's ucred API as follows:jhb2001-10-111-2/+4
| | | | | | | | - crhold() returns a reference to the ucred whose refcount it bumps. - crcopy() now simply copies the credentials from one credential to another and has no return value. - a new crshared() primitive is added which returns true if a ucred's refcount is > 1 and false (0) otherwise.
* Allow sbcreatecontrol to make cluster sized control messages.dwmalone2001-10-041-3/+13
|
* KSE Milestone 2julian2001-09-121-13/+13
| | | | | | | | | | | | | | Note ALL MODULES MUST BE RECOMPILED make the kernel aware that there are smaller units of scheduling than the process. (but only allow one thread per process at this time). This is functionally equivalent to teh previousl -current except that there is a thread associated with each process. Sorry john! (your next MFC will be a doosie!) Reviewed by: peter@freebsd.org, dillon@freebsd.org X-MFC after: ha ha ha ha
* Fix up indentation.jlemon2001-06-291-2/+2
|
* "Fix" the previous initial attempt at fixing TUNABLE_INT(). This timepeter2001-06-081-1/+1
| | | | | | | around, use a common function for looking up and extracting the tunables from the kernel environment. This saves duplicating the same function over and over again. This way typically has an overhead of 8 bytes + the path string, versus about 26 bytes + the path string.
* Back out part of my previous commit. This was a last minute changepeter2001-06-071-1/+1
| | | | | and I botched testing. This is a perfect example of how NOT to do this sort of thing. :-(
* Make the TUNABLE_*() macros look and behave more consistantly like thepeter2001-06-061-2/+2
| | | | | SYSCTL_*() macros. TUNABLE_INT_DECL() was an odd name because it didn't actually declare the int, which is what the name suggests it would do.
* Revert the last bits of my bogus move of NMBCLUSTERSjesper2001-06-011-0/+1
| | | | to <sys/param.h>
* Move the definition of NMBCLUSTERS from src/sys/kern/uipc_mbuf.cjesper2001-05-311-1/+0
| | | | | | | to <sys/param.h>, so it's available to src/sys/netinet/ip_input.c, and remove the now unneeded includes of "opt_param.h". MFC after: 1 week
* Undo part of the tangle of having sys/lock.h and sys/mutex.h included inmarkm2001-05-011-1/+3
| | | | | | | | | | | other "system" header files. Also help the deprecation of lockmgr.h by making it a sub-include of sys/lock.h and removing sys/lockmgr.h form kernel .c files. Sort sys/*.h includes where possible in affected files. OK'ed by: bde (with reservations)
* Make sbcompress use the new M_WRITABLE macro. Previously sbcompressdwmalone2000-11-191-2/+4
| | | | | | | | | | | | | | could not compress into clusters. This could result in lots of wasted clusters while recieving small packets from an interface that uses clusters for all it's packets. Patch is partially from BSDi (limiting the size of the copy) and based on a patch for 4.1 by Ian Dowse <iedowse@maths.tcd.ie> and myself. Reviewed by: bmilekic Obtained From: BSDi Submitted by: iedowse
* Remove uidinfo hash table lookup and maintenance out of chgproccnt() andtruckman2000-09-051-2/+3
| | | | | | | | | | | | | | chgsbsize(), which are called rather frequently and may be called from an interrupt context in the case of chgsbsize(). Instead, do the hash table lookup and maintenance when credentials are changed, which is a lot less frequent. Add pointers to the uidinfo structures to the ucred and pcred structures for fast access. Pass a pointer to the credential to chgproccnt() and chgsbsize() instead of passing the uid. Add a reference count to the uidinfo structure and use it to decide when to free the structure rather than freeing the structure when the resource consumption drops to zero. Move the resource tracking code from kern_proc.c to kern_resource.c. Move some duplicate code sequences in kern_prot.c to separate helper functions. Change KASSERTs in this code to unconditional tests and calls to panic().
* Fix hangs caused by overzealous code removal.green2000-08-311-2/+2
| | | | | | Thanks, Nickolay, for figuring out this is the problem. Submitted by: Nickolay Dudorov <nnd@mail.nsk.ru>
* Remove an extraneous setting of sb_hiwat.green2000-08-301-1/+0
|
* Remove any possibility of hiwat-related race conditions by changinggreen2000-08-291-5/+3
| | | | | | | the chgsbsize() call to use a "subject" pointer (&sb.sb_hiwat) and a u_long target to set it to. The whole thing is splnet(). This fixes a problem that jdp has been able to provoke.
* Remove unnecessary call to splnet when setting an accept filterps2000-07-311-3/+0
| | | | since we are already at splnet.
* fix races in the uidinfo subsystem, several problems existed:alfred2000-06-221-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | 1) while allocating a uidinfo struct malloc is called with M_WAITOK, it's possible that while asleep another process by the same user could have woken up earlier and inserted an entry into the uid hash table. Having redundant entries causes inconsistancies that we can't handle. fix: do a non-waiting malloc, and if that fails then do a blocking malloc, after waking up check that no one else has inserted an entry for us already. 2) Because many checks for sbsize were done as "test then set" in a non atomic manner it was possible to exceed the limits put up via races. fix: instead of querying the count then setting, we just attempt to set the count and leave it up to the function to return success or failure. 3) The uidinfo code was inlining and repeating, lookups and insertions and deletions needed to be in their own functions for clarity. Reviewed by: green
* return of the accept filter part IIalfred2000-06-201-0/+11
| | | | | | | | | | | accept filters are now loadable as well as able to be compiled into the kernel. two accept filters are provided, one that returns sockets when data arrives the other when an http request is completed (doesn't work with 0.9 requests) Reviewed by: jmg
* backout accept optimizations.alfred2000-06-181-145/+0
| | | | Requested by: jmg, dcs, jdp, nate
* add socketoptions DELAYACCEPT and HTTPACCEPT which will not allow an accept()alfred2000-06-151-2/+147
| | | | | | | | | | | | until the incoming connection has either data waiting or what looks like a HTTP request header already in the socketbuffer. This ought to reduce the context switch time and overhead for processing requests. The initial idea and code for HTTPACCEPT came from Yahoo engineers and has been cleaned up and a more lightweight DELAYACCEPT for non-http servers has been added Reviewed by: silence on hackers.
* Introduce kqueue() and kevent(), a kernel event notification facility.jlemon2000-04-161-0/+2
|
* CMSG_XXX macros alignment fixes to follow RFC2292.shin2000-03-031-4/+3
| | | | | | | Approved by: jkh Submitted by: Partly from tech@openbsd Reviewed by: itojun
* Add length check to sbcreatecontrol().shin2000-02-241-0/+2
| | | | | | | | | | | | | | | | | | | Now this check is necessary because IPv6 source routing might use control data bigger than MLEN. (e.g. 16bytes IPv6 addr x 23 hops) Actually mbuf cluster should be used in uipc_socket.c:sbcreatecontrol() and uipc_syscalls.c:sockargs() when data size is bigger then MLEN, and such patches were already in KAME environment and have been confirmed to work well. I just forgot to merge them into 4.0, sorry. For safety, I'll postpone such patches until after 4.0 release. The effect of postponement is followings. -Ping6 source routing hops are limitted to around 6 or so. -If some apps do setsockopt IPV6_RTHDR and try to receive incoming IPv6 source routing info, it can't receive more than 6 hops source routing info. (But currently, no apps seems to be doing it.) Approved by: jkh
* Add aio_waitcomplete(). Make aio work correctly for socket descriptors.jasone2000-01-141-0/+3
| | | | | | | | Make gratuitous style(9) fixes (me, not the submitter) to make the aio code more readable. PR: kern/12053 Submitted by: Chris Sedore <cmsedore@maxwell.syr.edu>
* Implement RLIMIT_SBSIZE in the kernel. This is a per-uid sockbuf totalgreen1999-10-091-5/+21
| | | | usage limit.
* In sbflush(), don't exit the while loop too early: this can causepb1999-09-281-1/+8
| | | | | | | | | | | an empty mbuf to stay in the queue, then causing a needless panic because sb_cc == 0 and sb_mbcnt != 0. But we still need to panic rather than endlessly looping if, for some reason, sb_cc == 0 and there are non-empty mbufs in the queue. PR: kern/11988 Reviewed by: fenner
* Change so_cred's type to a ucred, not a pcred. THis makes more sense, actually.green1999-09-191-7/+16
| | | | | | Make a sonewconn3() which takes an extra argument (proc) so new sockets created with sonewconn() from a user's system call get the correct credentials, not just the parent's credentials.
* $Id$ -> $FreeBSD$peter1999-08-281-1/+1
|
* Move the initialisation/tuning of nmbclusters from param.c/machdep.cmsmith1999-07-051-3/+14
| | | | | | | | | | | | | | | into uipc_mbuf.c. This reduces three sets of identical tunable code to one set, and puts the initialisation with the mbuf code proper. Make NMBUFs tunable as well. Move the nmbclusters sysctl here as well. Move the initialisation of maxsockets from param.c to uipc_socket2.c, next to its corresponding sysctl. Use the new tunable macros for the kern.vm.kmem.size tunable (this should have been in a separate commit, whoops).
* Reviewed by: the cast of thousandsgreen1999-06-171-3/+5
| | | | | | | | | This is the change to struct sockets that gets rid of so_uid and replaces it with a much more useful struct pcred *so_cred. This is here to be able to do socket-level credential checks (i.e. IPFW uid/gid support, to be added to HEAD soon). Along with this comes an update to pidentd which greatly simplifies the code necessary to get a uid from a socket. Soon to come: a sysctl() interface to finding individual sockets' credentials.
* Update one set of comments.. s/so_q0/so_incomp/ and s/so_q/so_comp/ (that'speter1999-05-101-6/+6
| | | | incomplete and complete connections I think)
* Add sysctl descriptions to many SYSCTL_XXXsbillf1999-05-031-5/+8
| | | | | | | PR: kern/11197 Submitted by: Adrian Chadd <adrian@FreeBSD.org> Reviewed by: billf(spelling/style/minor nits) Looked at by: bde(style)
* Port NetBSD's 19990120-accept bug fix. This works around the race conditionfenner1999-01-251-2/+2
| | | | | | | | | | where select(2) can return that a listening socket has a connected socket queued, the connection is broken, and the user calls accept(2), which then blocks because there are no connections queued. Reviewed by: wollman Obtained from: NetBSD (ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/patches/19990120-accept)
* The "easy" fixes for compiling the kernel -Wunused: remove unreferenced staticarchie1998-12-071-3/+1
| | | | and local variables, goto labels, and functions declared but not defined.
* We can't call fsetown() from sonewconn() because sonewconn() is be calledtruckman1998-11-231-2/+1
| | | | | | | | | | | | | | | | | | | from an interrupt context and fsetown() wants to peek at curproc, call malloc(..., M_WAITOK), and fiddle with various unprotected data structures. The fix is to move the code that duplicates the F_SETOWN/FIOSETOWN state of the original socket to the new socket from sonewconn() to accept1(), since accept1() runs in the correct context. Deferring this until the process calls accept() is harmless since the process can't do anything useful with SIGIO on the new socket until it has the descriptor for that socket. One could make the case for not bothering to duplicate the F_SETOWN/FIOSETOWN state and requiring the process to explicitly make the fcntl() or ioctl() call on the new socket, but this would be incompatible with the previous implementation and might break programs which rely on the old semantics. This bug was discovered by Andrew Gallatin <gallatin@cs.duke.edu>.
* Installed the second patch attached to kern/7899 with some changes suggestedtruckman1998-11-111-9/+5
| | | | | | | | | | | | | | | | by bde, a few other tweaks to get the patch to apply cleanly again and some improvements to the comments. This change closes some fairly minor security holes associated with F_SETOWN, fixes a few bugs, and removes some limitations that F_SETOWN had on tty devices. For more details, see the description on the PR. Because this patch increases the size of the proc and pgrp structures, it is necessary to re-install the includes and recompile libkvm, the vinum lkm, fstat, gcore, gdb, ipfilter, ps, top, and w. PR: kern/7899 Reviewed by: bde, elvind
* Fix sbcheck() to check all packets on socket buffer.fenner1998-11-041-9/+11
| | | | | | | | | | Also fix data types and printf formats while I'm here. PR: misc/8494 Panic instead of looping forever in sbflush(). If sb_mbcnt counts more mbufs than sb_cc counts bytes, the original code can turn into an infinite loop of removing 0 bytes from the socket buffer until it's empty.
* Fixed recently perpetrated printf format errors.bde1998-09-051-3/+2
|
* make sbflush panic messages more descriptiveache1998-09-041-3/+4
|
OpenPOWER on IntegriCloud