summaryrefslogtreecommitdiffstats
path: root/sys/netinet6
Commit message (Collapse)AuthorAgeFilesLines
* - Copyright updates (aka 2007)rrs2007-02-121-3/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - ZONE get now also take a type cast so it does the cast like mtod does. - New macro SCTP_LIST_EMPTY, which in bsd is just LIST_EMPTY - Removal of const in some of the static hmac functions (not needed) - Store length changes to allow for new fields in auth - Auth code updated to current draft (this should be the RFC version we think). - use uint8_t instead of u_char in LOOPBACK address comparison - Some u_int32_t converted to uint32_t (in crc code) - A bug was found in the mib counts for ordered/unordered count, this was fixed (was referencing a freed mbuf). - SCTP_ASOCLOG_OF_TSNS added (code will probably disappear after my testing completes. It allows us to keep a small log on each assoc of the last 40 TSN's in/out and stream assignment. It is NOT in options and so is only good for private builds. - Some CMT changes in prep for Jana fixing his problem with reneging when CMT is enabled (Concurrent Multipath Transfer = CMT). - Some missing mib stats added. - Correction to number of open assoc's count in mib - Correction to os_bsd.h to get right sha2 macros - Add of special AUTH_04 flags so you can compile the code with the old format (in case the peer does not yet support the latest auth code). - Nonce sum was incorrectly being set in when ecn_nonce was NOT on. - LOR in listen with implicit bind found and fixed. - Moved away from using mbuf's for socket options to using just data pointers. The mbufs were used to harmonize NetBSD code since both Net and Open used this method. We have decided to move away from that and more conform to FreeBSD style (which makes more sense). - Very very nasty bug found in some of my "debug" code. The cookie_how collision case tracking had an endless loop in it if you got a second retransmission of a cookie collision case. This would lock up a CPU .. ugly.. - auth function goes to using size_t instead of int which conforms to socketapi better - Found the nasty bug that happens after 9 days of testing.. you get the data chunk, deliver it and due to the reference to a ch-> that every now and then has been deleted (depending on the postion in the mbuf) you have an invalid ch->ch.flags.. and thus you don't advance the stream sequence number.. so you block the stream permanently. The fix is to make local variables of these guys and set them up before you have any chance of trimming the mbuf. - style fix in sctp_util.h, not sure how this got bad maybe in the last patch? (aka it may not be in the real source). - Found interesting bug when using the extended snd/rcv info where we would get an error on receiving with this. Thats because it was NOT padded to the same size as the snd_rcv info. We increase (add the pad) so the two structs are the same size in sctp_uio.h - In sctp_usrreq.c one of the most common things we did for socket options was to cast the pointer and validate the size. This as been macro-ized to help make the code more readable. - in sctputil.c two things, the socketapi class found a missing flag type (the next msg is a notification) and a missing scope recovery was also fixed. Reviewed by: gnn
* In the ICMP6 path to handle FQDN 'who-are-you' queries, check that thebms2007-02-101-1/+1
| | | | | | | | packet header mbuf is non-NULL before trying to create a duplicate of it. PR: 95957 Reviewed by: ume MFC after: 3 days
* MFC after: 3 daysbms2007-02-051-1/+1
|
* ng_iface requiers neighbor cache as well.ume2007-02-031-0/+1
| | | | MFC after: 3 days
* Revert nd6.c revs. 1.67, 1.68, 1.69, 1.70 in an attempt to unbreakbmah2007-01-261-1/+1
| | | | | | | | | | | | | | | | | | | | | | IPv6 over point-to-point gif(4) tunnels. These revisions caused a host route to the destination of a point-to-point gif(4) interface to not get installed when the interface and destination addresses were assigned. This caused "no route to host" errors when trying to send traffic over the interface. The first packet arriving inbound over the tunnel, however, would cause the correct route to get installed, allowing subsequent outbound traffic to be routed correctly. gif(4) interfaces with prefix lengths of less than 128 bits (i.e. no explicit destination address assigned) were not affected by this bug. This bug fix is a possible candidate for a 6.2-RELEASE errata note. Approved by: jhay (original committer) Discussed with: jhay, JINMEI Tatuya MFC after: 3 days
* - most all includes (#include <>) migrate to the sctp_os_bsd.h filerrs2007-01-182-106/+18
| | | | | | | | | | | | | | | - Finally all splxx() are removed - Count error fixed in mapping array which might cause a wrong cumack generation. - Invariants around panic for case D + printf when no invariants. - one-to-one model race condition fixed by using a pre-formed connection and then completing the work so accept won't happen on a non-formed association. - Some additional paranoia checks in sctp_output. - Locks that were missing in the accept code. Approved by: gnn
* Avoid infinite loop if nicmp6 and nip6 are not on the same mbuf.ume2007-01-161-1/+2
| | | | | | NetBSD PR 34994+35333 MFC after: 3 days
* - Macroizes the V6ONLY flag check.rrs2007-01-151-16/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Added a short time wait (not used yet) constant - Corrected the type of the crc32c table (it was unsigned long and really is a uint32_t - Got rid of the user of MHeaders until they are truely needed by lower layers. - Fixed an initialization problem in the readq structure (ordering was off). - Found yet another collision bug when the random number generator returns two numbers on one side (during a collision) that are the same. Also added some tracking of cookies that will go away when we know that we have the last collision bug gone. - Fixed an init bug for book_size_scale, that was causing Early FR code to run when it should not. - Fixed a flight size tracking bug that was associated with Early FR but due to above bug also effected all FR's - Fixed it so Max Burst also will apply to Fast Retransmit. - Fixed a bug in the temporary logging code that allowed a static log array overflow - hashinit_flags is now used. - Two last mcopym's were converted to the macro sctp_m_copym that has always been used by all other places - macro sctp_m_copym was converted to upper case. - We now validate sinfo_flags on input (we did not before). - Fixed a bug that prevented a user from sending data and immediately shuting down with one send operation. - Moved to use hashdestroy instead of free() in our macros. - Fixed an init problem in our timed_wait vtag where we did not fully initialize our time-wait blocks. - Timer stops were re-positioned. - A pcb cleanup method was added, however this probably will not be used in BSD.. unless we make module loadable protocols - I think this fixes the mysterious timer bug.. it was a ordering of locks problem in the way we did timers. It now conforms to the timeout(9) manual (except for the _drain part, we had to do this a different way due to locks). - Fixed error return code so we get either CONNREUSED or CONNRESET depending on where one is in progression - Purged an unused clone macro. - Fixed a read erro code issue where we were NOT getting the proper error when the connection was reset. - Purged an unused clone macro. - Fixed a read erro code issue where we were NOT getting the proper error when the connection was reset. Approved by: gnn
* Marked these as packed correctlyimp2007-01-122-2/+2
|
* a) macro-ization of all mbuf and random numberrrs2006-12-291-26/+14
| | | | | | | | | | | | | | | | | | access plus timers. This makes the code more portable and able to change out the mbuf or timer system used more easily ;-) b) removal of all use of pkt-hdr's until only the places we need them (before ip_output routines). c) remove a bunch of code not needed due to <b> aka worrying about pkthdr's :-) d) There was one last reorder problem it looks where if a restart occur's and we release and relock (at the point where we setup our alias vtag) we would end up possibly getting the wrong TSN in place. The code that fixed the TSN's just needed to be shifted around BEFORE the release of the lock.. also code that set the state (since this also could contribute). Approved by: gnn
* In ip6_sprintf print the addresses in a more common/readablebz2006-12-161-4/+18
| | | | | | format eliminating leading zeros like in :0001 -> :1. Reviewed by: mlaier
* 1) Fixes on a number of different collision case LOR's.rrs2006-12-141-3/+12
| | | | | | | | 2) Fix all "magic numbers" to be constants. 3) A collision case that would generate two associations to the same peer due to a missing lock is fixed. 4) Added tracking of where timers are stopped. Approved by: gnn
* MFp4: 92972, 98913 + one more changebz2006-12-1216-152/+235
| | | | | | | In ip6_sprintf no longer use and return one of eight static buffers for printing/logging ipv6 addresses. The caller now has to hand in a sufficiently large buffer as first argument.
* - In nd6_rtrequest(), when caching an rtentry, don't forgetru2006-11-251-9/+29
| | | | | | | | | | | | | | to add a reference to it; otherwise, we could later access a freed memory. This is believed to fix panics some users were observing when running route6d(8), and is similar to the fix in sys/netinet/if_ether.c,v 1.139 by glebius@. PR: kern/93910, kern/105437 Testing by: Wojciech Puchar (still ongoing) - Add rtentry locking to nd6_output() similar to rt_check(). MFC after: 4 days
* -Fixes first of all the getcred on IPv6 and V4. Therrs2006-11-081-10/+29
| | | | | | | | | | | | copy's were incorrect and so was the locking. -A bug was also found that would create a race and panic when an abort arrived on a socket being read from. -Also fix the reader to get MSG_TRUNC when a partial delivery is aborted. -Also addresses a couple of coverity caught error path memory leaks and a couple of other valid complaints Approved by: gnn
* Convert three new suser(9) calls introduced between when the priv(9)rwatson2006-11-061-1/+8
| | | | | | | | | patch was prepared and committed to priv(9) calls. Add XXX comments as, in each case, the semantics appear to differ from the TCP/UDP versions of the calls with respect to jail, and because cr_canseecred() is not used to validate the query. Obtained from: TrustedBSD Project
* Sweep kernel replacing suser(9) calls with priv(9) calls, assigningrwatson2006-11-065-22/+63
| | | | | | | | | | | | | specific privilege names to a broad range of privileges. These may require some future tweaking. Sponsored by: nCircle Network Security, Inc. Obtained from: TrustedBSD Project Discussed on: arch@ Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri, Alex Lyashkov <umka at sevcity dot net>, Skip Ford <skip dot ford at verizon dot net>, Antoine Brodin <antoine dot brodin at laposte dot net>
* Tons of fixes to get all the 64bit issues removed.rrs2006-11-051-4/+5
| | | | | | | | | This also moves two 16 bit int's to become 32 bit values so we do not have to use atomic_add_16. Most of the changes are %p, casts and other various nasty's that were in the orignal code base. With this commit my machine will now do a build universe.. however I as yet have not tested on a 64bit machine .. it may not work :-(
* Opps... in my fix up of all the $FreeBSD:$-> $FreeBSD$ Irrs2006-11-032-3/+3
| | | | | | | | | | inserted a few to the new files.. but I falied to add the #include <sys/cdef.h> Which causes a compile error.. sorry about that... got it now :-) Approved by:gnn
* Ok, here it is, we finally add SCTP to current. Note that thisrrs2006-11-033-0/+1470
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | work is not just mine, but it is also the works of Peter Lei and Michael Tuexen. They both are my two key other developers working on the project.. and they need ata-boy's too: **** peterlei@cisco.com tuexen@fh-muenster.de **** I did do a make sysent which updated the syscall's and sysproto.. I hope that is correct... without it you don't build since we have new syscalls for SCTP :-0 So go out and look at the NOTES, add option SCTP (make sure inet and inet6 are present too) and play with SCTP. I will see about comitting some test tools I have after I figure out where I should place them. I also have a lib (libsctp.a) that adds some of the missing socketapi functions that I need to put into lib's.. I will talk to George about this :-) There may still be some 64 bit issues in here, none of us have a 64 bit processor to test with yet.. Michael may have a MAC but thats another beast too.. If you have a mac and want to use SCTP contact Michael he maintains a web site with a loadable module with this code :-) Reviewed by: gnn Approved by: gnn
* Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.hrwatson2006-10-221-1/+2
| | | | | | | | | | | | | begun with a repo-copy of mac.h to mac_framework.h. sys/mac.h now contains the userspace and user<->kernel API and definitions, with all in-kernel interfaces moved to mac_framework.h, which is now included across most of the kernel instead. This change is the first step in a larger cleanup and sweep of MAC Framework interfaces in the kernel, and will not be MFC'd. Obtained from: TrustedBSD Project Sponsored by: SPARTA
* Make net.inet6.ip6.auto_linklocal tunable. Someone may want toume2006-10-131-0/+1
| | | | | | | enable/disable auto_linklocal even in single user mode. Discussed with: re@, gnn@ MFC after: 3 days
* Revert the default value of net.inet6.ip6.auto_linklocal to 1.ume2006-10-131-1/+1
| | | | | | | | If ipv6_enable is not set to "YES", net.inet6.ip6.auto_linklocal is turned to 0 at boot. Discussed with: re@, gnn@ MFC after: 3 days
* Hopefully the last tweak in trying to make it possible to add ipv6 directjhay2006-10-021-4/+1
| | | | | | | host routes without side effects. Submitted by: JINMEI Tatuya MFC after: 4 days
* Turn off automatic link local address if ipv6_enable is not set to YESgnn2006-10-021-1/+1
| | | | | | | in rc.conf Reviewed by: KAME core team, cperciva MFC after: 3 days
* A better fix is to check if it is a host route.jhay2006-09-301-1/+1
| | | | | Submitted by: ume MFC after: 5 days
* My previous commit broke "route add -inet6 <network_addr> -interface gif0".jhay2006-09-301-1/+2
| | | | | | Fix that by excluding point-to-point interfaces. MFC after: 5 days
* Nits.bms2006-09-291-1/+1
| | | | Submitted by: ru
* Push removal of mrouted down to the rest of the tree.bms2006-09-291-1/+1
|
* fixed a bug that IPv6 packets arriving to stf are not accepted.suz2006-09-221-2/+6
| | | | | | | | (a degrade introduced in in6.c Rev 1.61) PR: kern/103415 Submitted by: JINMEI Tatuya MFC after: 1 week
* Make it possible to add an IPv6 host route to a host directly connected.jhay2006-09-161-0/+2
| | | | | | | | | Use something like this: route add -inet6 <dest_addr> <my_addr_on_that_interface> -interface -llinfo This is usefull for wireless adhoc mesh networks. MFC after: 5 days
* All multicast listeners on a port should get one copy of the packet. Thisjhay2006-09-071-3/+3
| | | | was broken during the locking changes.
* First step of TSO (TCP segmentation offload) support in our network stack.andre2006-09-061-1/+1
| | | | | | | | | | | | o add IFCAP_TSO[46] for drivers to announce this capability for IPv4 and IPv6 o add CSUM_TSO flag to mbuf pkthdr csum_flags field o add tso_segsz field to mbuf pkthdr o enhance ip_output() packet length check to allow for large TSO packets o extend tcp_maxmtu[46]() with a flag pointer to pass interface capabilities o adjust all callers of tcp_maxmtu[46]() accordingly Discussed on: -current, -net Sponsored by: TCP/IP Optimization Fundraise 2005
* Use net.inet6.ip6.redirect / ip6_sendredirects as part of the decisionjhay2006-09-051-1/+1
| | | | | | to generate icmp6 redirects. Now it is possible to switch redirects off. MFC after: 1 week
* With exception of the if_name() macro, all definitions in net_osdep.hbrooks2006-08-0430-59/+0
| | | | | | | | were unused or already in if_var.h so add if_name() to if_var.h and remove net_osdep.h along with all references to it. Longer term we may want to kill off if_name() entierly since all modern BSDs have if_xname variables rendering it unnecessicary.
* Align IPv6 socket locking with IPv4 locking: lock socket buffer explicitlyrwatson2006-07-231-4/+10
| | | | | | | and use _locked variants to avoid extra lock and unlock operations. Reviewed by: gnn MFC after: 1 week
* The KAME project ceased work on IPv6 and IPSec in March of 2006.gnn2006-07-221-76/+0
| | | | | | | | | | Remove the README file which warns against cosmetic or local only changes. FreeBSD committers should now feel free to work on the IPv6 and IPSec code without fetters. The KAME mailing lists still exist and it is always a good idea to ask questions about this code on the snap-users@kame.net mailing list. Reviewed by: rwatson, brooks
* Change semantics of socket close and detach. Add a new protocol switchrwatson2006-07-212-7/+67
| | | | | | | | | | | | | | | | | | | function, pru_close, to notify protocols that the file descriptor or other consumer of a socket is closing the socket. pru_abort is now a notification of close also, and no longer detaches. pru_detach is no longer used to notify of close, and will be called during socket tear-down by sofree() when all references to a socket evaporate after an earlier call to abort or close the socket. This means detach is now an unconditional teardown of a socket, whereas previously sockets could persist after detach of the protocol retained a reference. This faciliates sharing mutexes between layers of the network stack as the mutex is required during the checking and removal of references at the head of sofree(). With this change, pru_detach can now assume that the mutex will no longer be required by the socket layer after completion, whereas before this was not necessarily true. Reviewed by: gnn
* Fix race conditions on enumerating pcb lists by moving the initializationups2006-07-183-5/+3
| | | | | | | | | | | | | | | ( and where appropriate the destruction) of the pcb mutex to the init/finit functions of the pcb zones. This allows locking of the pcb entries and race condition free comparison of the generation count. Rearrange locking a bit to avoid extra locking operation to update the generation count in in_pcballoc(). (in_pcballoc now returns the pcb locked) I am planning to convert pcb list handling from a type safe to a reference count model soon. ( As this allows really freeing the PCBs) Reviewed by: rwatson@, mohans@ MFC after: 1 week
* Complete timebase (time_second -> time_uptime) conversion.oleg2006-07-051-7/+8
| | | | | | PR: kern/94249 Reviewed by: andre (few months ago) Approved by: glebius (mentor)
* We needn't check "m" for NULL here because "off" should be withinyar2006-06-301-1/+1
| | | | | | | | | | the mbuf chain. If we ever get a buggy caller, a bogus "off" should be caught by the sanity check at the function entry. Null "m" here means a very unusual condition of a totally broken mbuf chain (wrong m_pkthdr.len or whatever), so we can just page fault later. Found by: Coverity Prevent(tm) CID: 825
* There is a consensus that ifaddr.ifa_addr should never be NULL,yar2006-06-292-8/+0
| | | | | | | | | | except in places dealing with ifaddr creation or destruction; and in such special places incomplete ifaddrs should never be linked to system-wide data structures. Therefore we can eliminate all the superfluous checks for "ifa->ifa_addr != NULL" and get ready to the system crashing honestly instead of masking possible bugs. Suggested by: glebius, jhb, ru
* Use queue(3) macros instead of accessing list/queue internals directly.yar2006-06-291-3/+3
|
* Use INPLOOKUP_WILDCARD instead of just 1 more consistently.bz2006-06-291-1/+1
| | | | OKed by: rwatson (some weeks ago)
* - Use suser_cred(9) instead of directly comparing cr_uid.pjd2006-06-271-1/+2
| | | | | | - Compare pointer with NULL, instead of 0. Reviewed by: rwatson
* - Use suser_cred(9) instead of directly checking cr_uid.pjd2006-06-271-2/+2
| | | | | | | - Change the order of conditions to first verify that we actually need to check for privileges and then eventually check them. Reviewed by: rwatson
* Use suser_cred() instead of a direct comparison of cr_uid with 0 inrwatson2006-06-251-1/+1
| | | | | | rip6_output(). MFC after: 1 week
* Fix spurious warnings from neighbor discovery when working with IPv6 overgnn2006-06-082-8/+53
| | | | | | | | point to point tunnels (gif). PR: 93220 Submitted by: Jinmei Tatuya MFC after: 1 week
* Avoid spurious release of an rtentry.tanimura2006-05-231-3/+3
|
* In IN6_IS_ADDR_V4MAPPED case instead of returning directly set error andbz2006-05-201-2/+4
| | | | | | goto out so that locks will be dropped. Reviewed by: rwatson, gnn
OpenPOWER on IntegriCloud