summaryrefslogtreecommitdiffstats
path: root/sys/net/rtsock.c
Commit message (Collapse)AuthorAgeFilesLines
* Finish driving a stake through the heart of netns and the associatedpeter2003-03-051-6/+0
| | | | | | ifdefs scattered around the place - its dead Jim! The SMB stuff had stolen AF_NS, make it official.
* Back out M_* changes, per decision of the TRB.imp2003-02-191-3/+3
| | | | Approved by: trb
* Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.alfred2003-01-211-3/+3
| | | | Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
* Disable radix node locking for sysctl until we fix the sysctl infrastructurehsu2002-12-261-5/+5
| | | | to not sleep.
* Range-check the address family parameter passed in to the sysctl handler.hsu2002-12-251-0/+2
| | | | Submitted by: ru
* If the caller of rtrequest*(RTM_DELETE, ...) asked for a copy ofru2002-12-251-2/+1
| | | | | | the entry being removed (ret_nrt != NULL), increment the entry's rt_refcnt like we do it for RTM_ADD and RTM_RESOLVE, rather than messing around with 1->0 transitions for rtfree() all over.
* SMP locking for radix nodes.hsu2002-12-241-7/+25
|
* SMP locking for ifnet list.hsu2002-12-221-2/+5
|
* Swap the order of a free and a use of an ifaddr structure.hsu2002-12-201-1/+1
|
* Lock up ifaddr reference counts.hsu2002-12-181-5/+7
|
* Fix some harmless mis-indents.phk2002-10-011-1/+1
| | | | Spotted by: FlexeLint
* Be consistent about "static" functions: if the function is markedphk2002-09-281-2/+2
| | | | | | static in its prototype, mark it static at the definition too. Inspired by: FlexeLint warning #512
* Replace various spelling with FALLTHROUGH which is lint()ablecharnier2002-08-251-3/+1
|
* Increase size of ifnet.if_flags from 16 bits (short) to 32 bits (int). To avoidsobomax2002-08-181-2/+2
| | | | | | | breaking application ABI use unused ifreq.ifru_flags[1] for upper 16 bits in SIOCSIFFLAGS and SIOCGIFFLAGS ioctl's. Reviewed by: -hackers, -net
* Remove so*_locked(), which were backed out by mistake.tanimura2002-06-181-1/+1
|
* Back out my lats commit of locking down a socket, it conflicts with hsu's work.tanimura2002-05-311-7/+2
| | | | Requested by: hsu
* Lock down a socket, milestone 1.tanimura2002-05-201-2/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | o Add a mutex (sb_mtx) to struct sockbuf. This protects the data in a socket buffer. The mutex in the receive buffer also protects the data in struct socket. o Determine the lock strategy for each members in struct socket. o Lock down the following members: - so_count - so_options - so_linger - so_state o Remove *_locked() socket APIs. Make the following socket APIs touching the members above now require a locked socket: - sodisconnect() - soisconnected() - soisconnecting() - soisdisconnected() - soisdisconnecting() - sofree() - soref() - sorele() - sorwakeup() - sotryfree() - sowakeup() - sowwakeup() Reviewed by: alfred
* Redo the sigio locking.alfred2002-05-011-4/+0
| | | | | | | | | | | Turn the sigio sx into a mutex. Sigio lock is really only needed to protect interrupts from dereferencing the sigio pointer in an object when the sigio itself is being destroyed. In order to do this in the most unintrusive manner change pgsigio's sigio * argument into a **, that way we can lock internally to the function.
* Revert the change of #includes in sys/filedesc.h and sys/socketvar.h.tanimura2002-04-301-7/+10
| | | | | | | | | | Requested by: bde Since locking sigio_lock is usually followed by calling pgsigio(), move the declaration of sigio_lock and the definitions of SIGIO_*() to sys/signalvar.h. While I am here, sort include files alphabetically, where possible.
* Add a global sx sigio_lock to protect the pointer to the sigio objecttanimura2002-04-271-1/+3
| | | | | | | | | | of a socket. This avoids lock order reversal caused by locking a process in pgsigio(). sowakeup() and the callers of it (sowwakeup, soisconnected, etc.) now require sigio_lock to be locked. Provide sowwakeup_locked(), soisconnected_locked(), and so on in case where we have to modify a socket and wake up a process atomically.
* Change the suser() API to take advantage of td_ucred as well as do ajhb2002-04-011-1/+1
| | | | | | | | | | | | general cleanup of the API. The entire API now consists of two functions similar to the pre-KSE API. The suser() function takes a thread pointer as its only argument. The td_ucred member of this thread must be valid so the only valid thread pointers are curthread and a few kernel threads such as thread0. The suser_cred() function takes a pointer to a struct ucred as its first argument and an integer flag as its second argument. The flag is currently only used for the PRISON_ROOT flag. Discussed on: smp@
* Remove __P.alfred2002-03-191-8/+7
|
* Simple p_ucred -> td_ucred changes to start using the per-thread ucredjhb2002-02-271-2/+2
| | | | reference.
* Prevent the kernel from generating an unaligned sysctl data buffer ongallatin2002-01-271-0/+1
| | | | | | | | | 64-bit platforms. The unaligned access is caused by struct ifa_msghdr not being a multiple of 8-bytes in size. If an interface has an odd number of addresses, this causes the next interface to generate an unaligned access in the user-level app walking the interfaces (ifconfig). Submitted by: Bernd Walter <ticso@cicely8.cicely.de>
* Have sysctl() return the correct errno(2) as documented in thecjc2002-01-251-1/+1
| | | | | | | sysctl(3) manpage. Submitted by: ru Obtained from: BSD/OS
* Introduce an interface announcement message for the routingru2002-01-181-0/+32
| | | | | | | | | socket so that routing daemons and other interested parties know when an interface is attached/detached. PR: kern/33747 Obtained from: NetBSD MFC after: 2 weeks
* It's no longer necessary to ensure that ``gate'' is set when RTF_GATEWAYbrian2001-12-191-10/+0
| | | | | | is passed, as subsequent code does that check now anyway. Submitted by: ru
* Only call rt_getifa() if we've either been passed a gateway orbrian2001-12-191-2/+8
| | | | | | | | | | | | | | | if we've been given an RTA_IFP or changed RTA_IFA sockaddr. This fixes the following bug: >/dev/tun100 >/dev/tun101 ifconfig tun100 1.2.3.4 5.6.7.8 ifconfig tun101 1.2.3.4 6.7.8.9 route change 6.7.8.9 -ifa 1.2.3.4 -iface -mtu 500 which erroneously changed tun101's host route to have an ifp of tun100 (rt_getifa() sets the ifp after calling ifa_ifwithnet(1.2.3.4)) This incarnation submitted by: ru
* Pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2.ru2001-10-171-21/+14
| | | | | | | | | | | | | | | | | | | | Have sys/net/route.c:rtrequest1(), which takes ``rt_addrinfo *'' as the argument. Pass rt_addrinfo all the way down to rtrequest1 and ifa->ifa_rtrequest. 3rd argument of ifa->ifa_rtrequest is now ``rt_addrinfo *'' instead of ``sockaddr *'' (almost noone is using it anyways). Benefit: the following command now works. Previously we needed two route(8) invocations, "add" then "change". # route add -inet6 default ::1 -ifp gif0 Remove unsafe typecast in rtrequest(), from ``rtentry *'' to ``sockaddr *''. It was introduced by 4.3BSD-Reno and never corrected. Obtained from: BSD/OS, NetBSD MFC after: 1 month PR: kern/28360
* Bring in latest CSRG revisions to this file:ru2001-10-171-1/+9
| | | | | | | | | | | - Report destination address of a P2P link when servicing routing socket messages. - Report interface name, address, and destination address of a P2P link when servicing NET_RT_{DUMP,FLAGS} sysctls. Part of CSRG revision 8.6 coresponds to revision 1.12. CSRG revision 8.7 corresponds to revision 1.15.
* Change sysctl_iflist() so it has a single point of return. This willjlemon2001-09-291-3/+4
| | | | assist any future locking efforts.
* Use the current process's credentials rather than socket's cached.ru2001-09-201-2/+2
| | | | | | | If the process drops its super-user privileges, we certainly don't want to allow it to modify routing tables. Discussed with: rwatson
* KSE Milestone 2julian2001-09-121-7/+7
| | | | | | | | | | | | | | Note ALL MODULES MUST BE RECOMPILED make the kernel aware that there are smaller units of scheduling than the process. (but only allow one thread per process at this time). This is functionally equivalent to teh previousl -current except that there is a thread associated with each process. Sorry john! (your next MFC will be a doosie!) Reviewed by: peter@freebsd.org, dillon@freebsd.org X-MFC after: ha ha ha ha
* Synch with NetBSD and OpenBSD.ru2001-08-311-1/+9
| | | | | | | | | | Allow non-superuser to open, listen to, and send safe commands on the routing socket. Superuser priviledge is required for all commands but RTM_GET. Lose `setuid root' bit of route(8). Reviewed by: wollman, dd
* fix memory leak when error during opening of routing socketjon2001-08-021-0/+1
| | | | | | PR: kern/29336 Submitted by: Richard Andrades <richard@xebeo.com> MFC after: 1 month
* adjust mbuf length right in route_output().ume2001-07-041-1/+7
| | | | | Obtained from: KAME MFC after: 1 week
* Sync with recent KAME.ume2001-06-111-4/+11
| | | | | | | | | | | | | | | | | | This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks
* o Move per-process jail pointer (p->pr_prison) to inside of the subjectrwatson2001-02-211-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | credential structure, ucred (cr->cr_prison). o Allow jail inheritence to be a function of credential inheritence. o Abstract prison structure reference counting behind pr_hold() and pr_free(), invoked by the similarly named credential reference management functions, removing this code from per-ABI fork/exit code. o Modify various jail() functions to use struct ucred arguments instead of struct proc arguments. o Introduce jailed() function to determine if a credential is jailed, rather than directly checking pointers all over the place. o Convert PRISON_CHECK() macro to prison_check() function. o Move jail() function prototypes to jail.h. o Emulate the P_JAILED flag in fill_kinfo_proc() and no longer set the flag in the process flags field itself. o Eliminate that "const" qualifier from suser/p_can/etc to reflect mutex use. Notes: o Some further cleanup of the linux/jail code is still required. o It's now possible to consider resolving some of the process vs credential based permission checking confusion in the socket code. o Mutex protection of struct prison is still not present, and is required to protect the reference count plus some fields in the structure. Reviewed by: freebsd-arch Obtained from: TrustedBSD Project
* Mechanical change to use <sys/queue.h> macro API instead ofphk2001-02-041-1/+1
| | | | | | | fondling implementation details. Created with: sed(1) Reviewed by: md5(1)
* Use <sys/queue.h> macro api rather than fondle its implementation detals.phk2001-02-031-7/+7
| | | | | Created with: /usr/bin/sed Reviewed by: /sbin/md5
* Convert more malloc+bzero to malloc+M_ZERO.dwmalone2000-12-081-2/+2
| | | | | Submitted by: josh@zipperup.org Submitted by: Robert Drehmel <robd@gmx.net>
* Workaround to avoid panic during detach pccard nic.ume2000-07-251-1/+4
|
* Previous commit changing SYSCTL_HANDLER_ARGS violated KNF.phk2000-07-041-1/+1
| | | | Pointed out by: bde
* Style police catches up with rev 1.26 of src/sys/sys/sysctl.h:phk2000-07-031-1/+1
| | | | | | | | Sanitize SYSCTL_HANDLER_ARGS so that simplistic tools can grog our sources: -sysctl_vm_zone SYSCTL_HANDLER_ARGS +sysctl_vm_zone (SYSCTL_HANDLER_ARGS)
* Clean up some loose ends in the network code, including the X.25 and ISOpeter2000-02-131-6/+0
| | | | | | | #ifdefs. Clean out unused netisr's and leftover netisr linker set gunk. Tested on x86 and alpha, including world. Approved by: jkh
* Count AF_INET6 attachement to routing socket.shin2000-01-281-0/+6
| | | | Obtained from: KAME project
* Make cloning mask sockaddr (genmask) possible.ru1999-12-281-1/+2
| | | | | PR: kern/3061 Reviewed by: wollman
* $Id$ -> $FreeBSD$peter1999-08-281-1/+1
|
* Postpone route_init() until all domains are attached.luoqi1999-04-291-2/+2
|
* This Implements the mumbled about "Jail" feature.phk1999-04-281-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a seriously beefed up chroot kind of thing. The process is jailed along the same lines as a chroot does it, but with additional tough restrictions imposed on what the superuser can do. For all I know, it is safe to hand over the root bit inside a prison to the customer living in that prison, this is what it was developed for in fact: "real virtual servers". Each prison has an ip number associated with it, which all IP communications will be coerced to use and each prison has its own hostname. Needless to say, you need more RAM this way, but the advantage is that each customer can run their own particular version of apache and not stomp on the toes of their neighbors. It generally does what one would expect, but setting up a jail still takes a little knowledge. A few notes: I have no scripts for setting up a jail, don't ask me for them. The IP number should be an alias on one of the interfaces. mount a /proc in each jail, it will make ps more useable. /proc/<pid>/status tells the hostname of the prison for jailed processes. Quotas are only sensible if you have a mountpoint per prison. There are no privisions for stopping resource-hogging. Some "#ifdef INET" and similar may be missing (send patches!) If somebody wants to take it from here and develop it into more of a "virtual machine" they should be most welcome! Tools, comments, patches & documentation most welcome. Have fun... Sponsored by: http://www.rndassociates.com/ Run for almost a year by: http://www.servetheweb.com/
OpenPOWER on IntegriCloud