summaryrefslogtreecommitdiffstats
path: root/sys/netinet/in_pcb.c
Commit message (Collapse)AuthorAgeFilesLines
* Simple p_ucred -> td_ucred changes to start using the per-thread ucredjhb2002-02-271-5/+5
| | | | reference.
* - Check the address family of the destination cached in a PCB.ume2002-01-211-3/+7
| | | | | | | | - Clear the cached destination before getting another cached route. Otherwise, garbage in the padding space (which might be filled in if it was used for IPv4) could annoy rtalloc. Obtained from: KAME
* Minor style fixes.jlemon2001-12-131-2/+2
|
* o Introduce pr_mtx into struct prison, providing protection for therwatson2001-12-031-2/+2
| | | | | | | | | | | | | | | | | | mutable contents of struct prison (hostname, securelevel, refcount, pr_linux, ...) o Generally introduce mtx_lock()/mtx_unlock() calls throughout kern/ so as to enforce these protections, in particular, in kern_mib.c protection sysctl access to the hostname and securelevel, as well as kern_prot.c access to the securelevel for access control purposes. o Rewrite linux emulator abstractions for accessing per-jail linux mib entries (osname, osrelease, osversion) so that they don't return a pointer to the text in the struct linux_prison, rather, a copy to an array passed into the calls. Likewise, update linprocfs to use these primitives. o Update in_pcb.c to always use prison_getip() rather than directly accessing struct prison. Reviewed by: jhb
* Introduce a syncache, which enables FreeBSD to withstand a SYN floodjlemon2001-11-221-17/+2
| | | | | | | DoS in an improved fashion over the existing code. Reviewed by: silby (in a previous iteration) Sponsored by: DARPA, NAI Labs
* Give struct socket structures a ref counting interface similar todillon2001-11-171-1/+1
| | | | | | | vnodes. This will hopefully serve as a base from which we can expand the MP code. We currently do not attempt to obtain any mutex or SX locks, but the door is open to add them when we nail down exactly how that part of it is going to work.
* - Fixes non-zero'd out sin_zero field problem so that the paddingarr2001-11-061-0/+1
| | | | | | | | is used as it is supposed to be. Inspired by: PR #31704 Approved by: jdp Reviewed by: jhb, -net@
* Pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2.ru2001-10-171-6/+4
| | | | | | | | | | | | | | | | | | | | Have sys/net/route.c:rtrequest1(), which takes ``rt_addrinfo *'' as the argument. Pass rt_addrinfo all the way down to rtrequest1 and ifa->ifa_rtrequest. 3rd argument of ifa->ifa_rtrequest is now ``rt_addrinfo *'' instead of ``sockaddr *'' (almost noone is using it anyways). Benefit: the following command now works. Previously we needed two route(8) invocations, "add" then "change". # route add -inet6 default ::1 -ifp gif0 Remove unsafe typecast in rtrequest(), from ``rtentry *'' to ``sockaddr *''. It was introduced by 4.3BSD-Reno and never corrected. Obtained from: BSD/OS, NetBSD MFC after: 1 month PR: kern/28360
* Centralize satosin(), sintosa() and ifatoia() macros in <netinet/in.h>jlemon2001-09-291-3/+0
| | | | Remove local definitions.
* Make faith loadable, unloadable, and clonable.brooks2001-09-251-4/+0
|
* KSE Milestone 2julian2001-09-121-8/+9
| | | | | | | | | | | | | | Note ALL MODULES MUST BE RECOMPILED make the kernel aware that there are smaller units of scheduling than the process. (but only allow one thread per process at this time). This is functionally equivalent to teh previousl -current except that there is a thread associated with each process. Sorry john! (your next MFC will be a doosie!) Reviewed by: peter@freebsd.org, dillon@freebsd.org X-MFC after: ha ha ha ha
* When running aplication joined multicast address,ume2001-08-041-0/+38
| | | | | | | | | | | | | | removing network card, and kill aplication. imo_membership[].inm_ifp refer interface pointer after removing interface. When kill aplication, release socket,and imo_membership. imo_membership use already not exist interface pointer. Then, kernel panic. PR: 29345 Submitted by: Inoue Yuichi <inoue@nd.net.fujitsu.co.jp> Obtained from: KAME MFC after: 3 days
* move ipsec security policy allocation into in_pcballoc, beforeume2001-07-261-0/+10
| | | | | | | | making pcbs available to the outside world. otherwise, we will see inpcb without ipsec security policy attached (-> panic() in ipsec.c). Obtained from: KAME MFC after: 3 days
* Backout CSRG revision 7.22 to this file (if in_losing notices anru2001-06-291-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | RTF_DYNAMIC route, it got freed twice). I am not sure what was the actual problem in 1992, but the current behavior is memory leak if PCB holds a reference to a dynamically created/modified routing table entry. (rt_refcnt>0 and we don't call rtfree().) My test bed was: 1. Set net.inet.tcp.msl to a low value (for test purposes), e.g., 5 seconds, to speed up the transition of TCP connection to a "closed" state. 2. Add a network route which causes ICMP redirect from the gateway. 3. ping(8) host H that matches this route; this creates RTF_DYNAMIC RTF_HOST route to H. (I was forced to use ICMP to cause gateway to generate ICMP host redirect, because gateway in question is a 4.2-STABLE system vulnerable to a problem that was fixed later in ip_icmp.c,v 1.39.2.6, and TCP packets with DF bit set were triggering this bug.) 4. telnet(1) to H 5. Block access to H with ipfw(8) 6. Send something in telnet(1) session; this causes EPERM, followed by an in_losing() call in a few seconds. 7. Delete ipfw(8) rule blocking access to H, and wait for TCP connection moving to a CLOSED state; PCB is freed. 8. Delete host route to H. 9. Watch with netstat(1) that `rttrash' increased. 10. Repeat steps 3-9, and watch `rttrash' increases. PR: kern/25421 MFC after: 2 weeks
* Sync with recent KAME.ume2001-06-111-9/+8
| | | | | | | | | | | | | | | | | | This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks
* Fix a style(9) nit.phk2001-03-161-1/+1
|
* Correctly cleanup in case of failure to bind a pcb.phk2001-03-121-7/+10
| | | | | PR: 25751 Submitted by: <unicorn@Forest.Od.UA>
* During a flood, we don't call rtfree(), but we remove the entry ourselves.bmilekic2001-03-041-13/+7
| | | | | | | | | | | | | | | However, if the RTF_DELCLONE and RTF_WASCLONED condition passes, but the ref count is > 1, we won't decrement the count at all. This could lead to route entries never being deleted. Here, we call rtfree() not only if the initial two conditions fail, but also if the ref count is > 1 (and we therefore don't immediately delete the route, but let rtfree() handle it). This is an urgent MFC candidate. Thanks go to Mike Silbersack for the fix, once again. :-) Submitted by: Mike Silbersack <silby@silby.com>
* Fix jails.phk2001-02-281-0/+3
|
* Remove in_pcbnotify and use in_pcblookup_hash to find the cb directly.jlemon2001-02-261-94/+9
| | | | | | | | For TCP, verify that the sequence number in the ICMP packet falls within the tcp receive window before performing any actions indicated by the icmp packet. Clean up some layering violations (access to tcp internals from in_pcb)
* Redo the security update done in rev 1.54 of src/sys/netinet/tcp_subr.cjesper2001-02-221-23/+45
| | | | | | | | | | | | | | | | | | | | | | | | | | | and 1.84 of src/sys/netinet/udp_usrreq.c The changes broken down: - remove 0 as a wildcard for addresses and port numbers in src/sys/netinet/in_pcb.c:in_pcbnotify() - add src/sys/netinet/in_pcb.c:in_pcbnotifyall() used to notify all sessions with the specific remote address. - change - src/sys/netinet/udp_usrreq.c:udp_ctlinput() - src/sys/netinet/tcp_subr.c:tcp_ctlinput() to use in_pcbnotifyall() to notify multiple sessions, instead of using in_pcbnotify() with 0 as src address and as port numbers. - remove check for src port == 0 in - src/sys/netinet/tcp_subr.c:tcp_ctlinput() - src/sys/netinet/udp_usrreq.c:udp_ctlinput() as they are no longer needed. - move handling of redirects and host dead from in_pcbnotify() to udp_ctlinput() and tcp_ctlinput(), so they will call in_pcbnotifyall() to notify all sessions with the specific remote address. Approved by: jlemon Inspired by: NetBSD
* o Move per-process jail pointer (p->pr_prison) to inside of the subjectrwatson2001-02-211-9/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | credential structure, ucred (cr->cr_prison). o Allow jail inheritence to be a function of credential inheritence. o Abstract prison structure reference counting behind pr_hold() and pr_free(), invoked by the similarly named credential reference management functions, removing this code from per-ABI fork/exit code. o Modify various jail() functions to use struct ucred arguments instead of struct proc arguments. o Introduce jailed() function to determine if a credential is jailed, rather than directly checking pointers all over the place. o Convert PRISON_CHECK() macro to prison_check() function. o Move jail() function prototypes to jail.h. o Emulate the P_JAILED flag in fill_kinfo_proc() and no longer set the flag in the process flags field itself. o Eliminate that "const" qualifier from suser/p_can/etc to reflect mutex use. Notes: o Some further cleanup of the linux/jail code is still required. o It's now possible to consider resolving some of the process vs credential based permission checking confusion in the socket code. o Mutex protection of struct prison is still not present, and is required to protect the reference count plus some fields in the structure. Reviewed by: freebsd-arch Obtained from: TrustedBSD Project
* Remove unneeded loop increment in src/sys/netinet/in_pcb.c:in_pcbnotifyjesper2001-02-201-3/+1
| | | | | | | | Forgotten by phk, when committing fix in kern/23986 PR: kern/23986 Reviewed by: phk Approved by: phk
* Another round of the <sys/queue.h> FOREACH transmogriffer.phk2001-02-041-4/+2
| | | | | Created with: sed(1) Reviewed by: md5(1)
* Mechanical change to use <sys/queue.h> macro API instead ofphk2001-02-041-18/+18
| | | | | | | fondling implementation details. Created with: sed(1) Reviewed by: md5(1)
* When attempting to bind to an ephemeral port, if no such port iswes2001-01-231-2/+2
| | | | | | | | | available, the error return should be EADDRNOTAVAIL rather than EAGAIN. PR: 14181 Submitted by: Dima Dorfman <dima@unixfreak.org> Reviewed by: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>
* First step towards an MP-safe zone allocator:des2001-01-211-2/+2
| | | | | | | - have zalloc() and zfree() always lock the vm_zone. - remove zalloci() and zfreei(), which are now redundant. Reviewed by: bmilekic, jasone
* include tcp header files to get the prototype for tcp_seq_vs_sessassar2000-12-271-0/+2
|
* Update the "icmp_admin_prohib_like_rst" code to check the tcp-window andphk2000-12-241-1/+19
| | | | | | | to be configurable with respect to acting only in SYN or in all TCP states. PR: 23665 Submitted by: Jesper Skriver <jesper@skriver.dk>
* Convert more malloc+bzero to malloc+M_ZERO.dwmalone2000-12-081-4/+4
| | | | | Submitted by: josh@zipperup.org Submitted by: Robert Drehmel <robd@gmx.net>
* Properly jail UDP sockets. This is quite a bit more tricky than TCP.phk2000-09-171-5/+19
| | | | | | | This fixes a !root userland panic, and some cases where the wrong interface was chosen for a jailed UDP socket. PR: 20167, 19839, 20946
* When a connection is being dropped due to a listen queue overflow,jayanth2000-07-211-2/+23
| | | | | | | | | delete the cloned route that is associated with the connection. This does not exhaust the routing table memory when the system is under a SYN flood attack. The route entry is not deleted if there is any prior information cached in it. Reviewed by: Peter Wemm,asmodai
* sync with kame tree as of july00. tons of bug fixes/improvements.itojun2000-07-041-3/+1
| | | | | | | API changes: - additional IPv6 ioctls - IPsec PF_KEY API was changed, it is mandatory to upgrade setkey(8). (also syntax change)
* Previous commit changing SYSCTL_HANDLER_ARGS violated KNF.phk2000-07-041-1/+1
| | | | Pointed out by: bde
* Style police catches up with rev 1.26 of src/sys/sys/sysctl.h:phk2000-07-031-1/+1
| | | | | | | | Sanitize SYSCTL_HANDLER_ARGS so that simplistic tools can grog our sources: -sysctl_vm_zone SYSCTL_HANDLER_ARGS +sysctl_vm_zone (SYSCTL_HANDLER_ARGS)
* Return ECONNRESET instead of EINVAL if the connection has been shotpeter2000-05-191-3/+3
| | | | | | | | down as a result of a reset. Returning EINVAL in that case makes no sense at all and just confuses people as to what happened. It could be argued that we should save the original address somewhere so that getsockname() etc can tell us what it used to be so we know where the problem connection attempts are coming from.
* Try and make the kernel build again without INET6.ps2000-04-021-0/+2
|
* Support per socket based IPv4 mapped IPv6 addr enable/disable control.shin2000-04-011-2/+7
| | | | Submitted by: ume
* in6_pcb.c:green2000-03-221-1/+2
| | | | | | | | | | | Remove a bogus (redundant, just weird, etc.) key_freeso(so). There are no consumers of it now, nor does it seem there ever will be. in6?_pcb.c: Add an if (inp->in6?p_sp != NULL) before the call to ipsec[46]_delete_pcbpolicy(inp). In low-memory conditions this can cause a crash because in6?_sp can be NULL...
* IPSEC support in the kernel.shin1999-12-221-0/+1
| | | | | | | | pr_input() routines prototype is also changed to support IPSEC and IPV6 chained protocol headers. Reviewed by: freebsd-arch, cvs-committers Obtained from: KAME project
* Change incorrect NULLs to 0seivind1999-12-211-5/+5
|
* udp IPv6 support, IPv6/IPv4 tunneling support in kernel,shin1999-12-071-7/+107
| | | | | | | | | | packet divert at kernel for IPv6/IPv4 translater daemon This includes queue related patch submitted by jburkhol@home.com. Submitted by: queue related patch from jburkhol@home.com Reviewed by: freebsd-arch, cvs-committers Obtained from: KAME project
* KAME netinet6 basic part(no IPsec,no V6 Multicast Forwarding, no UDP/TCPshin1999-11-221-8/+8
| | | | | | | | | | for IPv6 yet) With this patch, you can assigne IPv6 addr automatically, and can reply to IPv6 ping. Reviewed by: freebsd-arch, cvs-committers Obtained from: KAME project
* KAME related header files additions and merges.shin1999-11-051-2/+1
| | | | | | | (only those which don't affect c source files so much) Reviewed by: cvs-committers Obtained from: KAME project
* Change so_cred's type to a ucred, not a pcred. THis makes more sense, actually.green1999-09-191-4/+3
| | | | | | Make a sonewconn3() which takes an extra argument (proc) so new sockets created with sonewconn() from a user's system call get the correct credentials, not just the parent's credentials.
* $Id$ -> $FreeBSD$peter1999-08-281-1/+1
|
* Correct a mistake in so_cred changes. In practice, I don't think that itgreen1999-07-121-2/+2
| | | | | | | | would make a difference. However, my previous diff _did_ change the behavior in some way (not necessarily break it), so I'm fixing it. Found by: bde Submitted by: bde
* In in_pcbconnect(), check the return value from in_pcbbind() andpb1999-06-251-3/+6
| | | | | | | | | | | | exit on errors. If we don't, in_pcbrehash() is called without a preceeding in_pcbinshash(), causing a crash. There are apparently several conditions that could cause the crash; PR misc/12256 is only one of these. PR: misc/12256
* Reviewed by: the cast of thousandsgreen1999-06-171-3/+5
| | | | | | | | | This is the change to struct sockets that gets rid of so_uid and replaces it with a much more useful struct pcred *so_cred. This is here to be able to do socket-level credential checks (i.e. IPFW uid/gid support, to be added to HEAD soon). Along with this comes an update to pidentd which greatly simplifies the code necessary to get a uid from a socket. Soon to come: a sysctl() interface to finding individual sockets' credentials.
* This Implements the mumbled about "Jail" feature.phk1999-04-281-6/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a seriously beefed up chroot kind of thing. The process is jailed along the same lines as a chroot does it, but with additional tough restrictions imposed on what the superuser can do. For all I know, it is safe to hand over the root bit inside a prison to the customer living in that prison, this is what it was developed for in fact: "real virtual servers". Each prison has an ip number associated with it, which all IP communications will be coerced to use and each prison has its own hostname. Needless to say, you need more RAM this way, but the advantage is that each customer can run their own particular version of apache and not stomp on the toes of their neighbors. It generally does what one would expect, but setting up a jail still takes a little knowledge. A few notes: I have no scripts for setting up a jail, don't ask me for them. The IP number should be an alias on one of the interfaces. mount a /proc in each jail, it will make ps more useable. /proc/<pid>/status tells the hostname of the prison for jailed processes. Quotas are only sensible if you have a mountpoint per prison. There are no privisions for stopping resource-hogging. Some "#ifdef INET" and similar may be missing (send patches!) If somebody wants to take it from here and develop it into more of a "virtual machine" they should be most welcome! Tools, comments, patches & documentation most welcome. Have fun... Sponsored by: http://www.rndassociates.com/ Run for almost a year by: http://www.servetheweb.com/
OpenPOWER on IntegriCloud