summaryrefslogtreecommitdiffstats
path: root/sys/netinet6
Commit message (Collapse)AuthorAgeFilesLines
* Check the alignment of the IP header before passing the packet up to thethompsa2005-07-021-0/+6
| | | | | | | | | | | | | | | | | | | packet filter. This would cause a panic on architectures that require strict alignment such as sparc64 (tier1) and ia64/ppc (tier2). This adds two new macros that check the alignment, these are compile time dependent on __NO_STRICT_ALIGNMENT which is set for i386 and amd64 where alignment isn't need so the cost is avoided. IP_HDR_ALIGNED_P() IP6_HDR_ALIGNED_P() Move bridge_ip_checkbasic()/bridge_ip6_checkbasic() up so that the alignment is checked for ipfw and dummynet too. PR: ia64/81284 Obtained from: NetBSD Approved by: re (dwhite), mlaier (mentor)
* fix IP(v4) over IPv6 tunneling most likely broken with ifnet changes.ume2005-06-201-1/+8
| | | | | Submitted by: bz Approved by: re (dwhite)
* Fix IPv6 neighbor discovery by using IF_LLADDR to get the mac addressbrooks2005-06-121-1/+2
| | | | | | instead of a particularly ugly cast + pointer math hack. Reported by: kuriyama, kris
* Stop embedding struct ifnet at the top of driver softcs. Instead thebrooks2005-06-102-6/+6
| | | | | | | | | | | | | | | | | | | | struct ifnet or the layer 2 common structure it was embedded in have been replaced with a struct ifnet pointer to be filled by a call to the new function, if_alloc(). The layer 2 common structure is also allocated via if_alloc() based on the interface type. It is hung off the new struct ifnet member, if_l2com. This change removes the size of these structures from the kernel ABI and will allow us to better manage them as interfaces come and go. Other changes of note: - Struct arpcom is no longer referenced in normal interface code. Instead the Ethernet address is accessed via the IFP2ENADDR() macro. To enforce this ac_enaddr has been renamed to _ac_enaddr. - The second argument to ether_ifattach is now always the mac address from driver private storage rather than sometimes being ac_enaddr. Reviewed by: sobomax, sam
* Use IFF_LOCKGIANT/IFF_UNLOCKGIANT around calls to the interfaceiedowse2005-06-021-4/+8
| | | | | | if_ioctl routine. This should fix a number of code paths through soo_ioctl() that could call into Giant-locked network drivers without first acquiring Giant.
* Lock udbinfo and inp before calling in6_pcbdetach() from udp6_abort().rwatson2005-06-011-1/+6
| | | | MFC after: 1 week
* Fixes for various nits found by the Coverity tool.gnn2005-05-154-5/+8
| | | | | | | | | In particular 2 missed return values and an inappropriate bcopy from a possibly NULL pointer. Reviewed by: jake Approved by: rwatson MFC after: 1 week
* Add IPv6 support to IPFW and Dummynet.brooks2005-04-181-0/+26
| | | | Submitted by: Mariano Tortoriello and Raffaele De Lorenzo (via luigi)
* Remove dead code which would never execute.gnn2005-04-141-18/+18
| | | | | | | | | | | i.e. checking to see if a cluster was every less than 48 bytes, a rather unlikely case. Check return value of m_dup_pkthdr() calls. Found by: Coverity Reviewed by: rwatson (mentor), Keiichi Shima (for Kame) Approved by: rwatson (mentor)
* check for malloc failure (also move malloc up to simplify error recovery)sam2005-03-291-2/+7
| | | | | Noticed by: Coverity Prevent analysis tool Reviewed by: gnn
* ifma_protospec is a pointer. Use NULL when assigning or compating it.glebius2005-03-201-2/+2
|
* correct bounds checksam2005-03-161-1/+1
| | | | Noticed by: Coverity Prevent analysis tool
* refer opencrypto/cast.h directly.ume2005-03-111-1/+9
|
* reported from VANHULLEBUS Yvan [remote kernel crash may result]ume2005-03-091-1/+1
| | | | | | Submitted by: itojun Obtained from: KAME MFC after: 1 day
* ignores ICMPv6 code field in case of ICMPv6 Packet-Too-Big (as specified in ↵suz2005-03-021-2/+0
| | | | | | | RFC2463 and draft-ietf-ipngwg-icmp-v3-06.txt) Obtained from: KAME MFC after: 1 day
* icmp6_notify_error uses IP6_EXTHDR_CHECK, which in turn callsume2005-02-271-4/+6
| | | | | | | | | | | m_pullup. icmp6_notify_error continued to use the old pointer, which after the m_pullup is not suitable as a packet header any longer (see m_move_pkthdr). and this is what causes the kernel panic in sbappendaddr later on. PR: kern/77934 Submitted by: Gerd Rausch <gerd@juniper.net> MFC after: 2 days
* fix typo.ume2005-02-271-2/+2
| | | | MFC after: 2 days
* initialized the last arg to ip6_process_hopopts(), because the recentume2005-02-271-3/+3
| | | | | | | | | code requires it to be 0 when a jumbo payload option is contained. PR: kern/77934 Submitted by: Gerd Rausch <gerd@juniper.net> Obtained from: KAME MFC after: 2 days
* remove dead codesam2005-02-251-3/+3
| | | | Noticed by: Coverity Prevent analysis tool
* eliminate dead codesam2005-02-231-6/+6
| | | | Noticed by: Coverity Prevent analysis tool
* Add CARP (Common Address Redundancy Protocol), which allows multipleglebius2005-02-226-5/+82
| | | | | | | | | | | | | hosts to share an IP address, providing high availability and load balancing. Original work on CARP done by Michael Shalayeff, with many additions by Marco Pfatschbacher and Ryan McBride. FreeBSD port done solely by Max Laier. Patch by: mlaier Obtained from: OpenBSD (mickey, mcbride)
* Add missed merge of ripcbinfo extern. Given how widely usedrwatson2005-02-091-0/+1
| | | | | | ripcbinfo is, we should probably add it to an include file. Spotted by: mux
* Lock raw IP socket pcb list and PCBs when processing input viarwatson2005-02-081-5/+13
| | | | | | | icmp6_rip6_input(). Reviewed by: gnn MFC after: 1 week
* Remove a comment from the raw IPv6 output function regardingrwatson2005-02-061-6/+0
| | | | | | M_TRYWAIT allocations: M_PREPEND() now uses M_DONTWAIT. MFC after: 3 days
* we don't need to make fake sockaddr_in6 to compare subject address.ume2005-01-211-13/+2
| | | | MFC after: 1 week
* /* -> /*- for license, minor formatting changes, separate for KAMEimp2005-01-0768-91/+91
|
* In certain cases ip_output() can free our route, so checkglebius2004-12-101-1/+2
| | | | | | for its presence before RTFREE(). Noticed by: ru
* style the last changeglebius2004-12-091-2/+2
|
* MFinet4:glebius2004-12-091-3/+10
| | | | | | | - Make route cacheing optional, configurable via IFF_LINK0 flag. - Turn it off by default. Reminded by: suz
* Reviewed by: SUZUKI Shinsuke <suz@kame.net>gnn2004-11-291-17/+34
| | | | | | | | | | Approved by: Robert Watson <rwatson@freebsd.org> Add locking to the IPv6 scoping code. All spl() like calls have also been removed. Cleaning up the handling of ifnet data will happen at a later date.
* support TCP-MD5(IPv4) in KAME-IPSEC, too.suz2004-11-081-0/+6
| | | | MFC after: 3 week
* Initialize struct pr_userreqs in new/sparse style and fill in commonphk2004-11-082-10/+23
| | | | | | default elements in net_init_domain(). This makes it possible to grep these structures and see any bogosities.
* fixed a bug that incorrect IPsec request level may be returned for proto AHsuz2004-10-281-0/+1
| | | | Obtained from: KAME
* Be more careful to only index valid IP protocols and be more verbose withandre2004-10-191-2/+11
| | | | comments.
* Push acquisition of the accept mutex out of sofree() into the callerrwatson2004-10-181-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (sorele()/sotryfree()): - This permits the caller to acquire the accept mutex before the socket mutex, avoiding sofree() having to drop the socket mutex and re-order, which could lead to races permitting more than one thread to enter sofree() after a socket is ready to be free'd. - This also covers clearing of the so_pcb weak socket reference from the protocol to the socket, preventing races in clearing and evaluation of the reference such that sofree() might be called more than once on the same socket. This appears to close a race I was able to easily trigger by repeatedly opening and resetting TCP connections to a host, in which the tcp_close() code called as a result of the RST raced with the close() of the accepted socket in the user process resulting in simultaneous attempts to de-allocate the same socket. The new locking increases the overhead for operations that may potentially free the socket, so we will want to revise the synchronization strategy here as we normalize the reference counting model for sockets. The use of the accept mutex in freeing of sockets that are not listen sockets is primarily motivated by the potential need to remove the socket from the incomplete connection queue on its parent (listen) socket, so cleaning up the reference model here may allow us to substantially weaken the synchronization requirements. RELENG_5_3 candidate. MFC after: 3 days Reviewed by: dwhite Discussed with: gnn, dwhite, green Reported by: Marc UBM Bocklet <ubm at u-boot-man dot de> Reported by: Vlad <marchenko at gmail dot com>
* fixed too delayed routing cache expiry. (tvtohz() converts a time interval ↵suz2004-10-061-4/+4
| | | | | | to ticks, whereas hzto() converts an absolute time to ticks) Obtained from: KAME
* Prevent reentrancy of the IPv6 routing code (leading to crash withgreen2004-10-031-5/+26
| | | | INVARIANTS on, who knows what with it off).
* Disable MTU feedback in IPv6 if the sender writes data that must be fragmented.dwhite2004-10-021-0/+14
| | | | | | | | | | | Discussed extensively with KAME. The API author's intent isn't clear at this point, so rather than remove the code entirely, #if 0 out and put a big comment in for now. The IPV6_RECVPATHMTU sockopt is available if the application wants to be notified of the path MTU to optimize packet sizes. Thanks to JINMEI Tatuya <jinmei@isl.rdc.toshiba.co.jp> for putting up with my incessant badgering on this issue, and fenner for pointing out the API issue and suggesting solutions.
* Add an additional struct inpcb * argument to pfil(9) in order to enablemlaier2004-09-293-3/+3
| | | | | | | | | | | | | | | | | | | passing along socket information. This is required to work around a LOR with the socket code which results in an easy reproducible hard lockup with debug.mpsafenet=1. This commit does *not* fix the LOR, but enables us to do so later. The missing piece is to turn the filter locking into a leaf lock and will follow in a seperate (later) commit. This will hopefully be MT5'ed in order to fix the problem for RELENG_5 in forseeable future. Suggested by: rwatson A lot of work by: csjp (he'd be even more helpful w/o mentor-reviews ;) Reviewed by: rwatson, csjp Tested by: -pf, -ipfw, LINT, csjp and myself MFC after: 3 days LOR IDs: 14 - 17 (not fixed yet)
* Prefer C99's __func__ over GCC's __FUNCTION__.stefanf2004-09-221-1/+1
|
* Call callout_init() on nd6_slowtimo_ch before setting it going; otherwise,rwatson2004-09-051-0/+1
| | | | | | | the flags field will be improperly initialized resulting in inconsistent operation (sometimes with Giant, sometimes without, et al). RELENG_5 candidate.
* Unlock rather than lock the ripcbinfo lock at the end of rip6_input().rwatson2004-09-021-1/+1
| | | | | | RELENG_5 candidate. Foot provided by: Patrick Guelat <pg at imp dot ch>
* Mark Netgraph TTY, KAME IPSEC, and IPX/SPX as requiring Giant for correctrwatson2004-08-281-0/+2
| | | | | | | operation using NET_NEEDS_GIANT(). This will result in a boot-time restoration of Giant-enabled network operation, or run-time warning on dynamic load (applicable only to the Netgraph component). Additional components will likely need to be marked with this in the future.
* Apply error and success logic consistently to the function netisr_queue() andandre2004-08-272-4/+4
| | | | | | | | | | | | | | | | | | its users. netisr_queue() now returns (0) on success and ERRNO on failure. At the moment ENXIO (netisr queue not functional) and ENOBUFS (netisr queue full) are supported. Previously it would return (1) on success but the return value of IF_HANDOFF() was interpreted wrongly and (0) was actually returned on success. Due to this schednetisr() was never called to kick the scheduling of the isr. However this was masked by other normal packets coming through netisr_dispatch() causing the dequeueing of waiting packets. PR: kern/70988 Found by: MOROHOSHI Akihiko <moro@remus.dti.ne.jp> MFC after: 3 days
* Always compile PFIL_HOOKS into the kernel and remove the associated kernelandre2004-08-274-32/+22
| | | | | | | | | | | compile option. All FreeBSD packet filters now use the PFIL_HOOKS API and thus it becomes a standard part of the network stack. If no hooks are connected the entire packet filter hooks section and related activities are jumped over. This removes any performance impact if no hooks are active. Both OpenBSD and DragonFlyBSD have integrated PFIL_HOOKS permanently as well.
* Remove in6_prefix.[ch] and the contained router renumbering capability.rwatson2004-08-237-1327/+0
| | | | | | | | | | | | The prefix management code currently resides in nd6, leaving only the unused router renumbering capability in the in6_prefix files. Removing it will make it easier for us to provide locking for the remainder of IPv6 by reducing the number of objects requiring synchronized access. This functionality has also been removed from NetBSD and OpenBSD. Submitted by: George Neville-Neil <gnn at neville-neil.com> Discussed with/approved by: suz, keiichi at kame.net, core at kame.net
* When notifying protocol components of an event on an in6pcb, use therwatson2004-08-211-3/+5
| | | | | | | | | | result of the notify() function to decide if we need to unlock the in6pcb or not, rather than always unlocking. Otherwise, we may unlock and already unlocked in6pcb. Reported by: kuriyama, Gordon Bergling <gbergling at 0xfce3.net> Tested by: kuriyama, Gordon Bergling <gbergling at 0xfce3.net> Discussed with: mdodd
* Get rid of the RANDOM_IP_ID option and make it a sysctl. NetBSDdwmalone2004-08-148-46/+1
| | | | | | | | | | | | | | | | | | | | | have already done this, so I have styled the patch on their work: 1) introduce a ip_newid() static inline function that checks the sysctl and then decides if it should return a sequential or random IP ID. 2) named the sysctl net.inet.ip.random_id 3) IPv6 flow IDs and fragment IDs are now always random. Flow IDs and frag IDs are significantly less common in the IPv6 world (ie. rarely generated per-packet), so there should be smaller performance concerns. The sysctl defaults to 0 (sequential IP IDs). Reviewed by: andre, silby, mlaier, ume Based on: NetBSD MFC after: 2 months
* When allocating the IPv6 header to stick in front of raw packet beingrwatson2004-08-121-1/+5
| | | | | | | sent via a raw IPv6 socket, use M_DONTWAIT not M_TRYWAIT, as we're holding the raw pcb mutex. Reported, tested by: kuriyama
* Pass pcbinfo structures to in6_pcbnotify() rather than pcbheadrwatson2004-08-064-8/+19
| | | | | | | | | | structures, allowing in6_pcbnotify() to lock the pcbinfo and each inpcb that it notifies of ICMPv6 events. This prevents inpcb assertions from firing when IPv6 generates and delievers event notifications for inpcbs. Reported by: kuriyama Tested by: kuriyama
OpenPOWER on IntegriCloud