| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
whitespace) macros from p4/vimage branch.
Do a better job at enclosing all instantiations of globals
scheduled for virtualization in #ifdef VIMAGE_GLOBALS blocks.
De-virtualize and mark as const saorder_state_alive and
saorder_state_any arrays from ipsec code, given that they are never
updated at runtime, so virtualizing them would be pointless.
Reviewed by: bz, julian
Approved by: julian (mentor)
Obtained from: //depot/projects/vimage-commit2/...
X-MFC after: never
Sponsored by: NLnet Foundation, The FreeBSD Foundation
|
| |
|
|
|
|
|
|
| |
as in_pcbdetach() and we don't need the code twice.
Reviewed by: rwatson
MFC after: 6 weeks (*)
(*) possibly need to leave a stub wrapper in 7 to keep the symbol.
|
| |
|
|
|
|
|
|
|
| |
as possible so that they are easily diffable.
No functional changes.
Reviewed by: rwatson
MFC after: 6 weeks
|
| |
|
|
|
|
|
| |
in6_pcbfree() instead of in_pcbfree(); missed in r183606.
Reviewed by: rwatson
MFC after: 3 days (instantly for 7.1-RC?)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
for virtualization.
Instead of initializing the affected global variables at instatiation,
assign initial values to them in initializer functions. As a rule,
initialization at instatiation for such variables should never be
introduced again from now on. Furthermore, enclose all instantiations
of such global variables in #ifdef VIMAGE_GLOBALS blocks.
Essentialy, this change should have zero functional impact. In the next
phase of merging network stack virtualization infrastructure from
p4/vimage branch, the new initialization methology will allow us to
switch between using global variables and their counterparts residing in
virtualization containers with minimum code churn, and in the long run
allow us to intialize multiple instances of such container structures.
Discussed at: devsummit Strassburg
Reviewed by: bz, julian
Approved by: julian (mentor)
Obtained from: //depot/projects/vimage-commit2/...
X-MFC after: never
Sponsored by: NLnet Foundation, The FreeBSD Foundation
|
| |
|
|
|
|
|
|
|
|
|
| |
fragment reassembly queues.
This allows policies to label reassembly queues, perform access
control checks when matching fragments to a queue, update a queue
label when fragments are matched, and label the resulting
reassembled datagram.
Obtained from: TrustedBSD Project
|
| |
|
|
|
| |
be careful not to fix anything that was already broken; the NFSv4 code is
particularly bad in this respect.
|
| |
|
|
| |
MFC after: 3 months
|
| |
|
|
|
|
|
|
|
|
|
| |
ephemeral port allocation as implemented in netinet/in_pcb.c rev. 1.143
(initially from OpenBSD) and follow-up commits during the last four and
a half years including rev. 1.157, 1.162 and 1.199.
This now is relying on the same infrastructure as has been implemented
in in_pcb.c since rev. 1.199.
Reviewed by: silby, rpaulo, mlaier
MFC after: 2 months
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Read the other way round this means that even with the checks
the m_len turned negative in some cases which led to panics.
The reason to my understanding seems to be that the checks are wrong
(also for v4) ignoring possible padding when checking cmsg_len or
padding after data when adjusting the mbuf.
Doing proper cheks seems to break applications like named so
further investigation and regression tests are needed.
PR: kern/119123
Tested by: Ashish Shukla wahjava gmail.com
MFC after: 3 days
|
| |
|
|
|
|
|
| |
changing of the so_state field, as is done in UDPv4. Remove XXX
locking comment.
MFC after: 3 days
|
| |
|
|
| |
MFC after: 6 weeks
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This means that inp_cred is always there, even after the socket
has gone away. It also means that it is constant for the lifetime
of the inp.
Both facts lead to simpler code and possibly less locking.
Suggested by: rwatson
Reviewed by: rwatson
MFC after: 6 weeks
X-MFC Note: use a inp_pspare for inp_cred
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
from the vimage project, as per plan established at devsummit 08/08:
http://wiki.freebsd.org/Image/Notes200808DevSummit
Introduce INIT_VNET_*() initializer macros, VNET_FOREACH() iterator
macros, and CURVNET_SET() context setting macros, all currently
resolving to NOPs.
Prepare for virtualization of selected SYSCTL objects by introducing a
family of SYSCTL_V_*() macros, currently resolving to their global
counterparts, i.e. SYSCTL_V_INT() == SYSCTL_INT().
Move selected #defines from sys/sys/vimage.h to newly introduced header
files specific to virtualized subsystems (sys/net/vnet.h,
sys/netinet/vinet.h etc.).
All the changes are verified to have zero functional impact at this
point in time by doing MD5 comparision between pre- and post-change
object files(*).
(*) netipsec/keysock.c did not validate depending on compile time options.
Implemented by: julian, bz, brooks, zec
Reviewed by: julian, bz, brooks, kris, rwatson, ...
Approved by: julian (mentor)
Obtained from: //depot/projects/vimage-commit2/...
X-MFC after: never
Sponsored by: NLnet Foundation, The FreeBSD Foundation
|
| |
|
|
|
|
|
|
|
| |
messages.
Approved by: so (cperciva)
Approved by: re (kensmith)
Security: FreeBSD-SA-08:10.nd6
Thanks to: jinmei, bz
|
| |
|
|
|
|
|
|
|
| |
IPv4 address, first drop the udbinfo and inpcb locks, which will otherwise
be recursed. This leads to a potential minor race, but is preferable to a
deadlock when acquiring a read lock after a write lock on the inpcb.
MFC after: 3 days
Reported by: Norbert Papke <fbsd-ml@scrapper.ca>, lioux
|
| |
|
|
|
|
|
| |
and then dividing down to ms, do the maths in ms.
Obtained from: NetBSD mld6.c rev. 1.47
MFC after: 2 months
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Fix nmount(2) local privilege escalation. [08:08]
- Fix IPv6 remote kernel panics. [08:09]
Fix for [08:07] is merge of r181823.
Submitted by: kib [08:07], csjp [08:08], bz [08:09]
Reviewed by: peter [08:07], jhb [08:07]
Reviewed by: jinmei [08:09], rwatson [08:09]
Approved by: re (SA blanket)
Approved by: so (simon)
Security: FreeBSD-SA-08:07.amd64
Security: FreeBSD-SA-08:08.nmount
Security: FreeBSD-SA-08:09.icmp6
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
to an integer divide by zero panic in the kernel, if the kernel was
run with hz<1000.
Neither i386, pc98, amd64 or sparc64 are affected in the currently
supported branches and default configuration.
Submitted by: Miikka Saukko, Ossi Herrala and Jukka Taimisto from
the CROSS project at Codenomicon Ltd. via CERT-FI.
Reviewed by: bz, rwatson
Security: CVE-2008-2464
MFC after: 8 hours
|
| |
|
|
|
|
|
| |
matching socket by dropping it before udp6_append(), and remove
duplicate unlocks of udbinfo and inpcb in sysctl return path.
MFC after: 3 days
|
| | |
|
| |
|
|
| |
in a commit message.
|
| |
|
|
| |
a few days ago.
|
| |
|
|
|
|
|
| |
file local static globals which would be folded onto the same name
with the V_ macros.
Reviewed by: kris, brooks, simon
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
virtualization work done by Marko Zec (zec@).
This is the first in a series of commits over the course
of the next few weeks.
Mark all uses of global variables to be virtualized
with a V_ prefix.
Use macros to map them back to their global names for
now, so this is a NOP change only.
We hope to have caught at least 85-90% of what is needed
so we do not invalidate a lot of outstanding patches again.
Obtained from: //depot/projects/vimage-commit2/...
Reviewed by: brooks, des, ed, mav, julian,
jamie, kris, rwatson, zec, ...
(various people I forgot, different versions)
md5 (with a bit of help)
Sponsored by: NLnet Foundation, The FreeBSD Foundation
X-MFC after: never
V_Commit_Message_Reviewed_By: more people than the patch
|
| |
|
|
|
|
|
|
|
|
|
|
| |
into v4-only vs. v6-only inp_flags processing.
When ip6_savecontrol_v4() is called from ip6_savecontrol() we
were not passing back the **mp thus the information will be missing
in userland.
Istead of going with a *** as suggested in the PR we are returning
**mp now and passing in the v4only flag as a pointer argument.
PR: kern/126349
Reviewed by: rwatson, dwmalone
|
| |
|
|
|
|
|
|
|
|
|
| |
sockets for IPv6 raw sockets: separately lock the inpcb for determining
the destination address for a connect()'d raw socket at the rip6_send()
layer, and then re-acquire the inpcb lock in the rip6_output() layer to
query other options on the socket. Previously, the global raw IP socket
lock was used, which while correct and marginally more consistent, could
add significantly to global raw IP socket lock contention.
MFC after: 1 week
|
| |
|
|
|
|
|
|
|
|
|
|
| |
lock the inpcb and use a local stack variable to copy to/from userspace
so that sooptcopyin()/sooptcopyout() aren't called while holding an
rwlock.
While here, fix a bug in which a failed sooptcopyin() might lead to
partially consistent ICMPv6 filters on the socket by not ignoring the
error returned by sooptcopyin().
MFC after: 2 weeks
|
| |
|
|
|
|
|
| |
be allocated, there's no need to conditionize use and freeing of it
later.
MFC after: 1 week
|
| |
|
|
|
|
|
|
| |
using the passed arguments explicitly and unconditionally rather than
testing them and calling panic(). The result is the same but easier
to read.
MFC after: 3 days
|
| |
|
|
| |
It fixes nothing at this time, but decided to be more correct.
|
| |
|
|
| |
It allows access it while list travercing holding only global pcbinfo lock.
|
| |
|
|
|
|
| |
prison checks.
Reviewed by: rwatson
|
| |
|
|
|
|
| |
All callers either pass in an u_short or u_int16_t.
Reviewed by: rwatson
|
| |
|
|
|
|
|
|
|
|
|
|
| |
2) Adds some __UserSpace__ on some of the common defines that
the user space code needs
3) Fixes a bug when we send up data to a user that failed. We
need to a) trim off the data chunk headers, if present, and
b) make sure the frag bit is communicated properly for the
msgs coming off the stream queues... i.e. we see if some
of the msg has been taken.
Obtained from: jeli contributed the VIMAGE changes on this pass Thanks Julain!
|
| |
|
|
|
|
|
| |
passed in by adding an assert.
Requested by: rwatson
Reviewed by: rwatson
|
| |
|
|
|
|
|
| |
- pass in the inp instead of both in6p_moptions and laddr.
- pass in cred for upcoming prison checks.
Reviewed by: rwatson
|
| |
|
|
|
| |
Tested by: ps
MFC after: 3 months
|
| |
|
|
|
|
|
| |
UDP socket for a datagram; the inpcb read lock is sufficient to provide
inpcb stability during udp6_append().
MFC after: 1 month
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
to global hostname and domainname variables. Where necessary, copy
to or from a stack-local buffer before performing copyin() or
copyout(). A few uses, such as in cd9660 and daemon_saver, remain
under-synchronized and will require further updates.
Correct a bug in which a failed copyin() of domainname would leave
domainname potentially corrupted.
MFC after: 3 weeks
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
dispatched without Giant, and add NETISR_FORCEQUEUE, which allows specific
netisr handlers to always be dispatched via a queue (deferred). Mark the
usb and if_ppp netisr handlers as NETISR_FORCEQUEUE, and explicitly
acquire Giant in those handlers.
Previously, any netisr handler not marked NETISR_MPSAFE would necessarily
run deferred and with Giant acquired. This change removes Giant
scaffolding from the netisr infrastructure, but NETISR_FORCEQUEUE allows
non-MPSAFE handlers to continue to force deferred dispatch so as to avoid
lock order reversals between their acqusition of Giant and any calling
context.
It is likely we will be able to remove NETISR_FORCEQUEUE once
IFF_NEEDSGIANT is removed, as non-MPSAFE usb and if_ppp drivers will no
longer be supported.
Reviewed by: bz
MFC after: 1 month
X-MFC note: We can't remove NETISR_MPSAFE from stable/7 for KPI reasons,
but the rest can go back.
|
| |
|
|
|
|
| |
code is believed to be MPSAFE, and leaving aside the IPv6 route cache in
forwarding, Giant appears not to adequately synchronize the data structures
in the input or forwarding paths.
|
| |
|
|
|
|
| |
there still being some well-known races in mld6 and nd6, running with
Giant over the netisr handler provides little or not additional
synchronization that might cause mld6 and nd6 to behave better.
|
| |
|
|
|
|
|
|
| |
* Include ip6_var.h for ip6stat.
* Use the correct name under ip6stat: `ip6s_cantforward' instead
of its IPv4 counterpart.
MFC after: 10 days
|
| |
|
|
| |
Pointy hat to: julian
|
| |
|
|
| |
Obtained from: vimage tree
|
| |
|
|
|
|
|
| |
They are static so it was not a problem 'per se' but it was confusing to
the reader.
Obtained from: vimage tree
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Vimage prep - these are major restructures to move
all global variables to be accessed via a macro or two.
The variables all go into a single structure.
- Asconf address addition tweaks (add_or_del Interfaces)
- Fix rwnd calcualtion to be more conservative.
- Support SACK_IMMEDIATE flag to skip delayed sack
by demand of peer.
- Comment updates in the sack mapping calculations
- Invarients panic added.
- Pre-support for UDP tunneling (we can do this on
MAC but will need added support from UDP to
get a "pipe" of UDP packets in.
- clear trace buffer sysctl added when local tracing on.
Note the majority of this huge patch is all the vimage prep stuff :-)
|
| |
|
|
|
|
|
|
| |
monitoring UDP connections using sysctls. In some cases, add
previously missing locking of inpcbs, as inp_socket is followed,
which also allows us to drop global locks more quickly.
MFC after: 1 week
|
