summaryrefslogtreecommitdiffstats
path: root/sys/netinet
Commit message (Collapse)AuthorAgeFilesLines
* Fix a potential panic in the SACK code that was causingjayanth2004-07-191-8/+29
| | | | | | | | | | | | 1) data to be sent to the right of snd_recover. 2) send more data then whats in the send buffer. The fix is to postpone sack retransmit to a subsequent recovery episode if the current retransmit pointer is beyond snd_recover. Thanks to Mohan Srinivasan for helping fix the bug. Submitted by:Daniel Lang
* Fix the !INET6 build.dwmalone2004-07-171-0/+4
| | | | Reported by: alc
* The tcp syncache code was leaving the IPv6 flowlabel uninitialiseddwmalone2004-07-172-6/+32
| | | | | | | | | | | | for the SYN|ACK packet and then letting in6_pcbconnect set the flowlabel later. Arange for the syncache/syncookie code to set and recall the flow label so that the flowlabel used for the SYN|ACK is consistent. This is done by using some of the cookie (when tcp cookies are enabeled) and by stashing the flowlabel in syncache. Tested and Discovered by: Orla McGann <orly@cnri.dit.ie> Approved by: ume, silby MFC after: 1 month
* Define semantic of M_SKIP_FIREWALL more precisely, i.e. also pass associatedmlaier2004-07-171-11/+5
| | | | | | | | icmp_error() packets. While here retire PACKET_TAG_PF_GENERATED (which served the same purpose) and use M_SKIP_FIREWALL in pf as well. This should speed up things a bit as we get rid of the tag allocations. Discussed with: juli
* Make M_SKIP_FIREWALL a global (and semantic) flag, preventing anything fromjmallett2004-07-171-12/+0
| | | | | | | | | | | using M_PROTO6 and possibly shooting someone's foot, as well as allowing the firewall to be used in multiple passes, or with a packet classifier frontend, that may need to explicitly allow a certain packet. Presently this is handled in the ipfw_chk code as before, though I have run with it moved to upper layers, and possibly it should apply to ipfilter and pf as well, though this has not been investigated. Discussed with: luigi, rwatson
* when IN6P_AUTOFLOWLABEL is set, the flowlabel is not set onume2004-07-161-2/+10
| | | | | | | | outgoing tcp connections. Reported by: Orla McGann <orly@cnri.dit.ie> Reviewed by: Orla McGann <orly@cnri.dit.ie> Obtained from: KAME
* Do a pass over all modules in the kernel and make them return EOPNOTSUPPphk2004-07-153-0/+4
| | | | | | | | for unknown events. A number of modules return EINVAL in this instance, and I have left those alone for now and instead taught MOD_QUIESCE to accept this as "didn't do anything".
* Remove erroneous semicolons.stefanf2004-07-132-2/+2
|
* After each label in tcp_input(), assert the inpcbinfo and inpcb lockrwatson2004-07-122-2/+34
| | | | state that we expect.
* Change the following environment variables to kernel options:brian2004-07-081-6/+5
| | | | | | | | | | | | | bootp -> BOOTP bootp.nfsroot -> BOOTP_NFSROOT bootp.nfsv3 -> BOOTP_NFSV3 bootp.compat -> BOOTP_COMPAT bootp.wired_to -> BOOTP_WIRED_TO - i.e. back out the previous commit. It's already possible to pxeboot(8) with a GENERIC kernel. Pointed out by: dwmalone
* Change the following kernel options to environment variables:brian2004-07-081-5/+6
| | | | | | | | | | | | | | | | | | BOOTP -> bootp BOOTP_NFSROOT -> bootp.nfsroot BOOTP_NFSV3 -> bootp.nfsv3 BOOTP_COMPAT -> bootp.compat BOOTP_WIRED_TO -> bootp.wired_to This lets you PXE boot with a GENERIC kernel by putting this sort of thing in loader.conf: bootp="YES" bootp.nfsroot="YES" bootp.nfsv3="YES" bootp.wired_to="bge1" or even setting the variables manually from the OK prompt.
* Push WARNS back up to 6, but define NO_WERROR; I want the warts out in thedes2004-07-061-1/+2
| | | | open where people can see them and hopefully fix them.
* Introduce inline {ip,udp,tcp}_next() functions which take a pointer to andes2004-07-0612-52/+77
| | | | | | | {ip,udp,tcp} header and return a void * pointing to the payload (i.e. the first byte past the end of the header and any required padding). Use them consistently throughout libalias to a) reduce code duplication, b) improve code legibility, c) get rid of a bunch of alignment warnings.
* Rewrite twowords() to access its argument through a char pointer and notdes2004-07-061-3/+10
| | | | | | a short pointer. The previous implementation seems to be in a gray zone of the C standard, and GCC generates incorrect code for it at -O2 or higher on some platforms.
* Temporarily lower WARNS to 3 while I figure out the alignment issues ondes2004-07-061-1/+1
| | | | alpha.
* Make libalias WARNS?=6-clean. This mostly involves renaming variablesdes2004-07-0515-676/+721
| | | | | | | | | named link, foo_link or link_foo to lnk, foo_lnk or lnk_foo, fixing signed / unsigned comparisons, and shoving unused function arguments under the carpet. I was hoping WARNS?=6 might reveal more serious problems, and perhaps the source of the -O2 breakage, but found no smoking gun.
* Parenthesize return values.des2004-07-056-120/+120
|
* Mechanical whitespace cleanup.des2004-07-056-126/+126
|
* Add LibAliasOutTry() which checks a packet for a hit in the tables, butphk2004-07-042-16/+29
| | | | does not create a new entry if none is found.
* Mechanically kill hard sentence breaks.ru2004-07-021-7/+7
|
* On receiving 3 duplicate acknowledgements, SACK recovery was not being ↵jayanth2004-07-012-14/+40
| | | | | | | | | | | entered correctly. Fix this problem by separating out the SACK and the newreno cases. Also, check if we are in FASTRECOVERY for the sack case and if so, turn off dupacks. Fix an issue where the congestion window was not being incremented by ssthresh. Thanks to Mohan Srinivasan for finding this problem.
* Bumped document date.ru2004-07-011-5/+7
| | | | | Fixed markup. Fixed examples to match the new API.
* Rwatson, write 100 times for tomorrow:phk2004-06-271-1/+1
| | | | First unlock, then assign NULL to pointer.
* Those are unneeded too.pjd2004-06-271-1/+0
|
* Add two missing includes and remove two uneeded.pjd2004-06-271-1/+0
| | | | | This is quite serious fix, because even with MAC framework compiled in, MAC entry points in those two files were simply ignored.
* Reduce the number of unnecessary unlock-relocks on socket buffer mutexesrwatson2004-06-266-27/+51
| | | | | | | | | | | | | | | | | | | | associated with performing a wakeup on the socket buffer: - When performing an sbappend*() followed by a so[rw]wakeup(), explicitly acquire the socket buffer lock and use the _locked() variants of both calls. Note that the _locked() sowakeup() versions unlock the mutex on return. This is done in uipc_send(), divert_packet(), mroute socket_send(), raw_append(), tcp_reass(), tcp_input(), and udp_append(). - When the socket buffer lock is dropped before a sowakeup(), remove the explicit unlock and use the _locked() sowakeup() variant. This is done in soisdisconnecting(), soisdisconnected() when setting the can't send/ receive flags and dropping data, and in uipc_rcvd() which adjusting back-pressure on the sockets. For UNIX domain sockets running mpsafe with a contention-intensive SMP mysql benchmark, this results in a 1.6% query rate improvement due to reduce mutex costs.
* Remove spl's from TCP protocol entry points. While not all lockingrwatson2004-06-261-32/+1
| | | | | is merged here yet, this will ease the merge process by bringing the locked and unlocked versions into sync.
* White space & spelling fixesps2004-06-252-6/+6
| | | | Submitted by: Xin LI <delphij@frontfree.net>
* Whitespace.bms2004-06-251-3/+3
|
* Broaden scope of the socket buffer lock when processing an ACK so thatrwatson2004-06-242-4/+8
| | | | | the read and write of sb_cc are atomic. Call sbdrop_locked() instead of sbdrop() since we already hold the socket buffer lock.
* Protect so_oobmark with with SOCKBUF_LOCK(&so->so_rcv), and broadenrwatson2004-06-242-8/+6
| | | | | | | | locking in tcp_input() for TCP packets with urgent data pointers to hold the socket buffer lock across testing and updating oobmark from just protecting sb_state. Update socket locking annotations
* In ip_ctloutput(), acquire the inpcb lock around some of the basicrwatson2004-06-241-5/+10
| | | | inpcb flag and status updates.
* When asserting non-Giant locks in the network stack, also assertrwatson2004-06-244-9/+33
| | | | | | | | | | Giant if debug.mpsafenet=0, as any points that require synchronization in the SMPng world also required it in the Giant-world: - inpcb locks (including IPv6) - inpcbinfo locks (including IPv6) - dummynet subsystem lock - ipfw2 subsystem lock
* Introduce sbreserve_locked(), which asserts the socket buffer lock onrwatson2004-06-242-4/+12
| | | | | | | | | | the socket buffer having its limits adjusted. sbreserve() now acquires the lock before calling sbreserve_locked(). In soreserve(), acquire socket buffer locks across read-modify-writes of socket buffer fields, and calls into sbreserve/sbrelease; make sure to acquire in keeping with the socket buffer lock order. In tcp_mss(), acquire the socket buffer lock in the calling context so that we have atomic read-modify -write on buffer sizes.
* Move the sack sysctl's under net.inet.tcp.sackps2004-06-232-8/+8
| | | | | | | net.inet.tcp.do_sack -> net.inet.tcp.sack.enable net.inet.tcp.sackhole_limit -> net.inet.tcp.sack.sackhole_limit Requested by: wollman
* Add support for TCP Selective Acknowledgements. The work for thisps2004-06-2311-37/+973
| | | | | | | | | | | | | | | originated on RELENG_4 and was ported to -CURRENT. The scoreboarding code was obtained from OpenBSD, and many of the remaining changes were inspired by OpenBSD, but not taken directly from there. You can enable/disable sack using net.inet.tcp.do_sack. You can also limit the number of sack holes that all senders can have in the scoreboard with net.inet.tcp.sackhole_limit. Reviewed by: gnn Obtained from: Yahoo! (Mohan Srinivasan, Jayanth Vijayaraghavan)
* Acquire socket lock around frobbing of socket state in divert sockets.rwatson2004-06-221-0/+2
|
* Prefer use of the inpcb as a MAC label source for outgoing packets sentrwatson2004-06-221-6/+8
| | | | via divert sockets, when available.
* If debug.mpsafenet is set, initialize TCP callouts as CALLOUT_MPSAFE.rwatson2004-06-202-10/+24
|
* Assert the inpcb lock before letting MAC check whether we can deliverrwatson2004-06-202-0/+2
| | | | to the inpcb in tcp_input().
* IP multicast code no longer needs to acquire Giant before appendingrwatson2004-06-201-3/+0
| | | | | an mbuf onto a socket buffer. This is left over from debug.mpsafenet affecting the forwarding/bridging plane only.
* In tcp_ctloutput(), don't hold the inpcb lock over a call torwatson2004-06-181-1/+1
| | | | | | | | ip_ctloutput(), as it may need to perform blocking memory allocations. This also improves consistency with locking relative to other points that call into ip_ctloutput(). Bumped into by: Grover Lines <grover@ceribus.net>
* Check that m->m_pkthdr.rcvif is not NULL before checking if a packetbms2004-06-181-1/+2
| | | | | | | | | | | was received on a broadcast address on the input path. Under certain circumstances this could result in a panic, notably for locally-generated packets which do not have m_pkthdr.rcvif set. This is a similar situation to that which is solved by src/sys/netinet/ip_icmp.c rev 1.66. PR: kern/52935
* Appease GCC.bms2004-06-181-1/+1
|
* If SO_DEBUG is enabled for a TCP socket, and a received segment isbms2004-06-181-2/+11
| | | | | | | | | | | | encapsulated within an IPv6 datagram, do not abuse the 'ipov' pointer when registering trace records. 'ipov' is specific to IPv4, and will therefore be uninitialized. [This fandango is only necessary in the first place because of our host-byte-order IP field pessimization.] PR: kern/60856 Submitted by: Galois Zheng
* Don't set FIN on a retransmitted segment after a FIN has been sent,bms2004-06-181-1/+1
| | | | | | | | | unless the segment really contains the last of the data for the stream. PR: kern/34619 Obtained from: OpenBSD (tcp_output.c rev 1.47) Noticed by: Joseph Ishac Reviewed by: George Neville-Neil
* Ensure that dst is bzeroed before calling rtalloc_ign(), to avoid possiblebms2004-06-181-0/+1
| | | | | | | | routing table corruption. PR: kern/40563, freebsd4/432 (KAME) Obtained from: NetBSD (in_gif.c rev 1.26.10.1) Requested by: Jean-Luc Richier
* Commit pf version 3.5 and link additional files to the kernel build.mlaier2004-06-161-0/+14
| | | | | | | | | | | | Version 3.5 brings: - Atomic commits of ruleset changes (reduce the chance of ending up in an inconsistent state). - A 30% reduction in the size of state table entries. - Source-tracking (limit number of clients and states per client). - Sticky-address (the flexibility of round-robin with the benefits of source-hash). - Significant improvements to interface handling. - and many more ...
* Prepare for pf 3.5 import:mlaier2004-06-161-0/+2
| | | | | | | | | | - Remove pflog and pfsync modules. Things will change in such a fashion that there will be one module with pf+pflog that can be loaded into GENERIC without problems (which is what most people want). pfsync is no longer possible as a module. - Add multicast address for in-kernel multicast pfsync protocol. Protocol glue will follow once the import is done. - Add one more mbuf tag
* o connect(2): if there is no a route to the destinationmaxim2004-06-161-3/+1
| | | | | | | | do not pick up the first local ip address for the source ip address, return ENETUNREACH instead. Submitted by: Gleb Smirnoff Reviewed by: -current (silence)
OpenPOWER on IntegriCloud