272461 |
03-Oct-2014 |
gjb |
Copy stable/10@r272459 to releng/10.1 as part of the 10.1-RELEASE process.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
|
268061 |
30-Jun-2014 |
trociny |
MFC r267336:
PF_BLUETOOTH protocols: skip initialization of non-virtualized globals for non-default VNET instances.
This fixes panic on a vnet initialization when ng_btsocket is loaded.
|
267093 |
05-Jun-2014 |
mav |
MFC r266538: Make ng_mppc to not disable the node in case of multiple packet loss. Quite often it can be just packet reorder, and killing link in such case is inconvenient. Add few sysctl's to control that behavior.
PR: kern/182212 Submitted by: Eugene Grosbein <egrosbein@rdtc.ru>
|
261022 |
22-Jan-2014 |
glebius |
Merge r260046: Fix the parse type for NGM_LISTTYPES.
|
261009 |
22-Jan-2014 |
glebius |
Merge 260225:
Fix circular math macro.
PR: 146082
|
260278 |
04-Jan-2014 |
dim |
MFC r260048:
In sys/netgraph/netflow, use __FBSDID() instead of old-style rcs_id[].
|
260226 |
03-Jan-2014 |
glebius |
Merge r259681 from head:
Changes: - Reinit uio_resid and flags before every call to soreceive(). - Set maximum acceptable size of packet to IP_MAXPACKET. As for now the module doesn't support INET6. - Properly handle MSG_TRUNC return from soreceive().
PR: 184601
|
256381 |
12-Oct-2013 |
markm |
Merge from project branch via main. Uninteresting commits are trimmed.
Refactor of /dev/random device. Main points include:
* Userland seeding is no longer used. This auto-seeds at boot time on PC/Desktop setups; this may need some tweeking and intelligence from those folks setting up embedded boxes, but the work is believed to be minimal.
* An entropy cache is written to /entropy (even during installation) and the kernel uses this at next boot.
* An entropy file written to /boot/entropy can be loaded by loader(8)
* Hardware sources such as rdrand are fed into Yarrow, and are no longer available raw.
------------------------------------------------------------------------ r256240 | des | 2013-10-09 21:14:16 +0100 (Wed, 09 Oct 2013) | 4 lines
Add a RANDOM_RWFILE option and hide the entropy cache code behind it. Rename YARROW_RNG and FORTUNA_RNG to RANDOM_YARROW and RANDOM_FORTUNA. Add the RANDOM_* options to LINT.
------------------------------------------------------------------------ r256239 | des | 2013-10-09 21:12:59 +0100 (Wed, 09 Oct 2013) | 2 lines
Define RANDOM_PURE_RNDTEST for rndtest(4).
------------------------------------------------------------------------ r256204 | des | 2013-10-09 18:51:38 +0100 (Wed, 09 Oct 2013) | 2 lines
staticize struct random_hardware_source
------------------------------------------------------------------------ r256203 | markm | 2013-10-09 18:50:36 +0100 (Wed, 09 Oct 2013) | 2 lines
Wrap some policy-rich code in 'if NOTYET' until we can thresh out what it really needs to do.
------------------------------------------------------------------------ r256184 | des | 2013-10-09 10:13:12 +0100 (Wed, 09 Oct 2013) | 2 lines
Re-add /dev/urandom for compatibility purposes.
------------------------------------------------------------------------ r256182 | des | 2013-10-09 10:11:14 +0100 (Wed, 09 Oct 2013) | 3 lines
Add missing include guards and move the existing ones out of the implementation namespace.
------------------------------------------------------------------------ r256168 | markm | 2013-10-08 23:14:07 +0100 (Tue, 08 Oct 2013) | 10 lines
Fix some just-noticed problems:
o Allow this to work with "nodevice random" by fixing where the MALLOC pool is defined.
o Fix the explicit reseed code. This was correct as submitted, but in the project branch doesn't need to set the "seeded" bit as this is done correctly in the "unblock" function.
o Remove some debug ifdeffing.
o Adjust comments.
------------------------------------------------------------------------ r256159 | markm | 2013-10-08 19:48:11 +0100 (Tue, 08 Oct 2013) | 6 lines
Time to eat crow for me.
I replaced the sx_* locks that Arthur used with regular mutexes; this turned out the be the wrong thing to do as the locks need to be sleepable. Revert this folly.
# Submitted by: Arthur Mesh <arthurmesh@gmail.com> (In original diff)
------------------------------------------------------------------------ r256138 | des | 2013-10-08 12:05:26 +0100 (Tue, 08 Oct 2013) | 10 lines
Add YARROW_RNG and FORTUNA_RNG to sys/conf/options.
Add a SYSINIT that forces a reseed during proc0 setup, which happens fairly late in the boot process.
Add a RANDOM_DEBUG option which enables some debugging printf()s.
Add a new RANDOM_ATTACH entropy source which harvests entropy from the get_cyclecount() delta across each call to a device attach method.
------------------------------------------------------------------------ r256135 | markm | 2013-10-08 07:54:52 +0100 (Tue, 08 Oct 2013) | 8 lines
Debugging. My attempt at EVENTHANDLER(multiuser) was a failure; use EVENTHANDLER(mountroot) instead.
This means we can't count on /var being present, so something will need to be done about harvesting /var/db/entropy/... .
Some policy now needs to be sorted out, and a pre-sync cache needs to be written, but apart from that we are now ready to go.
Over to review.
------------------------------------------------------------------------ r256094 | markm | 2013-10-06 23:45:02 +0100 (Sun, 06 Oct 2013) | 8 lines
Snapshot.
Looking pretty good; this mostly works now. New code includes:
* Read cached entropy at startup, both from files and from loader(8) preloaded entropy. Failures are soft, but announced. Untested.
* Use EVENTHANDLER to do above just before we go multiuser. Untested.
------------------------------------------------------------------------ r256088 | markm | 2013-10-06 14:01:42 +0100 (Sun, 06 Oct 2013) | 2 lines
Fix up the man page for random(4). This mainly removes no-longer-relevant details about HW RNGs, reseeding explicitly and user-supplied entropy.
------------------------------------------------------------------------ r256087 | markm | 2013-10-06 13:43:42 +0100 (Sun, 06 Oct 2013) | 6 lines
As userland writing to /dev/random is no more, remove the "better than nothing" bootstrap mode.
Add SWI harvesting to the mix.
My box seeds Yarrow by itself in a few seconds! YMMV; more to follow.
------------------------------------------------------------------------ r256086 | markm | 2013-10-06 13:40:32 +0100 (Sun, 06 Oct 2013) | 11 lines
Debug run. This now works, except that the "live" sources haven't been tested. With all sources turned on, this unlocks itself in a couple of seconds! That is no my box, and there is no guarantee that this will be the case everywhere.
* Cut debug prints.
* Use the same locks/mutexes all the way through.
* Be a tad more conservative about entropy estimates.
------------------------------------------------------------------------ r256084 | markm | 2013-10-06 13:35:29 +0100 (Sun, 06 Oct 2013) | 5 lines
Don't use the "real" assembler mnemonics; older compilers may not understand them (like when building CURRENT on 9.x).
# Submitted by: Konstantin Belousov <kostikbel@gmail.com>
------------------------------------------------------------------------ r256081 | markm | 2013-10-06 10:55:28 +0100 (Sun, 06 Oct 2013) | 12 lines
SNAPSHOT.
Simplify the malloc pools; We only need one for this device.
Simplify the harvest queue.
Marginally improve the entropy pool hashing, making it a bit faster in the process.
Connect up the hardware "live" source harvesting. This is simplistic for now, and will need to be made rate-adaptive.
All of the above passes a compile test but needs to be debugged.
------------------------------------------------------------------------ r256042 | markm | 2013-10-04 07:55:06 +0100 (Fri, 04 Oct 2013) | 25 lines
Snapshot. This passes the build test, but has not yet been finished or debugged.
Contains:
* Refactor the hardware RNG CPU instruction sources to feed into the software mixer. This is unfinished. The actual harvesting needs to be sorted out. Modified by me (see below).
* Remove 'frac' parameter from random_harvest(). This was never used and adds extra code for no good reason.
* Remove device write entropy harvesting. This provided a weak attack vector, was not very good at bootstrapping the device. To follow will be a replacement explicit reseed knob.
* Separate out all the RANDOM_PURE sources into separate harvest entities. This adds some secuity in the case where more than one is present.
* Review all the code and fix anything obviously messy or inconsistent. Address som review concerns while I'm here, like rename the pseudo-rng to 'dummy'.
# Submitted by: Arthur Mesh <arthurmesh@gmail.com> (the first item)
------------------------------------------------------------------------ r255319 | markm | 2013-09-06 18:51:52 +0100 (Fri, 06 Sep 2013) | 4 lines
Yarrow wants entropy estimations to be conservative; the usual idea is that if you are certain you have N bits of entropy, you declare N/2.
------------------------------------------------------------------------ r255075 | markm | 2013-08-30 18:47:53 +0100 (Fri, 30 Aug 2013) | 4 lines
Remove short-lived idea; thread to harvest (eg) RDRAND enropy into the usual harvest queues. It was a nifty idea, but too heavyweight.
# Submitted by: Arthur Mesh <arthurmesh@gmail.com>
------------------------------------------------------------------------ r255071 | markm | 2013-08-30 12:42:57 +0100 (Fri, 30 Aug 2013) | 4 lines
Separate out the Software RNG entropy harvesting queue and thread into its own files.
# Submitted by: Arthur Mesh <arthurmesh@gmail.com>
------------------------------------------------------------------------ r254934 | markm | 2013-08-26 20:07:03 +0100 (Mon, 26 Aug 2013) | 2 lines
Remove the short-lived namei experiment.
------------------------------------------------------------------------ r254928 | markm | 2013-08-26 19:35:21 +0100 (Mon, 26 Aug 2013) | 2 lines
Snapshot; Do some running repairs on entropy harvesting. More needs to follow.
------------------------------------------------------------------------ r254927 | markm | 2013-08-26 19:29:51 +0100 (Mon, 26 Aug 2013) | 15 lines
Snapshot of current work;
1) Clean up namespace; only use "Yarrow" where it is Yarrow-specific or close enough to the Yarrow algorithm. For the rest use a neutral name.
2) Tidy up headers; put private stuff in private places. More could be done here.
3) Streamline the hashing/encryption; no need for a 256-bit counter; 128 bits will last for long enough.
There are bits of debug code lying around; these will be removed at a later stage.
------------------------------------------------------------------------ r254784 | markm | 2013-08-24 14:54:56 +0100 (Sat, 24 Aug 2013) | 39 lines
1) example (partially humorous random_adaptor, that I call "EXAMPLE") * It's not meant to be used in a real system, it's there to show how the basics of how to create interfaces for random_adaptors. Perhaps it should belong in a manual page
2) Move probe.c's functionality in to random_adaptors.c * rename random_ident_hardware() to random_adaptor_choose()
3) Introduce a new way to choose (or select) random_adaptors via tunable "rngs_want" It's a list of comma separated names of adaptors, ordered by preferences. I.e.: rngs_want="yarrow,rdrand"
Such setting would cause yarrow to be preferred to rdrand. If neither of them are available (or registered), then system will default to something reasonable (currently yarrow). If yarrow is not present, then we fall back to the adaptor that's first on the list of registered adaptors.
4) Introduce a way where RNGs can play a role of entropy source. This is mostly useful for HW rngs.
The way I envision this is that every HW RNG will use this functionality by default. Functionality to disable this is also present. I have an example of how to use this in random_adaptor_example.c (see modload event, and init function)
5) fix kern.random.adaptors from kern.random.adaptors: yarrowpanicblock to kern.random.adaptors: yarrow,panic,block
6) add kern.random.active_adaptor to indicate currently selected adaptor: root@freebsd04:~ # sysctl kern.random.active_adaptor kern.random.active_adaptor: yarrow
# Submitted by: Arthur Mesh <arthurmesh@gmail.com>
Submitted by: Dag-Erling Smørgrav <des@FreeBSD.org>, Arthur Mesh <arthurmesh@gmail.com> Reviewed by: des@FreeBSD.org Approved by: re (delphij) Approved by: secteam (des,delphij)
|
256281 |
10-Oct-2013 |
gjb |
Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
|
255362 |
07-Sep-2013 |
markm |
Bring in some behind-the-scenes development, mainly By Arthur Mesh, the rest by me.
o Namespace cleanup; the Yarrow name is now restricted to where it really applies; this is in anticipation of being augmented or replaced by Fortuna in the future. Fortuna is mentioned, but behind #if logic, and is ignorable for now.
o The harvest queue is pulled out into its own modules.
o Entropy harvesting is emproved, both by being made more conservative, and by separating (a bit!) the sources. Available entropy crumbs are marginally improved.
o Selection of sources is made clearer. With recent revelations, this will receive more work in the weeks and months to come.
Submitted by: Arthur Mesh (partly) <arthurmesh@gmail.com>
|
255202 |
04-Sep-2013 |
glebius |
Make default cache size more modern.
Requested by: Slawa Olhovchenkov <slw zxy.spb.ru>
|
255128 |
01-Sep-2013 |
eadler |
Add support for the BCM20702A0 chipset, ASUS USB-BT400.
PR: kern/181728 Submitted by: rakuco
|
255090 |
31-Aug-2013 |
hselasky |
Sync USB bluetooth product list with Linux.
MFC after: 1 week
|
253564 |
23-Jul-2013 |
glebius |
Add constant for PPP-Max-PayLoad tag.
Submitted by: Dmitry Luhtionov <dmitryluhtionov gmail.com>
|
253347 |
15-Jul-2013 |
rodrigc |
PR: kern/168520
Revert GRN 253255. It is not needed now that GRN 253346 is committed.
|
253346 |
15-Jul-2013 |
rodrigc |
PR: 168520 170096 Submitted by: adrian, zec
Fix multiple kernel panics when VIMAGE is enabled in the kernel. These fixes are based on patches submitted by Adrian Chadd and Marko Zec.
(1) Set curthread->td_vnet to vnet0 in device_probe_and_attach() just before calling device_attach(). This fixes multiple VIMAGE related kernel panics when trying to attach Bluetooth or USB Ethernet devices because curthread->td_vnet is NULL.
(2) Set curthread->td_vnet in if_detach(). This fixes kernel panics when detaching networking interfaces, especially USB Ethernet devices.
(3) Use VNET_DOMAIN_SET() in ng_btsocket.c
(4) In ng_unref_node() set curthread->td_vnet. This fixes kernel panics when detaching Netgraph nodes.
|
253255 |
12-Jul-2013 |
rodrigc |
PR: kern/168520 Submitted by: "YAMAMOTO, Shigeru" <shigeru@iij.ad.jp> Reviewed by: adrian
In PC-BSD 9.1, VIMAGE is enabled in the kernel config. For laptops with Bluetooth capability, such as the HP Elitebook 8460p, the kernel will panic upon bootup, because curthread->td_vnet is not initialized.
Properly initialize curthread->td_vnet when initializing the Bluetooth stack.
This allows laptops such as the HP Elitebook 8460p laptop to properly boot with VIMAGE kernels.
|
250576 |
12-May-2013 |
eadler |
Fix several typos
PR: kern/176054 Submitted by: Christoph Mallon <christoph.mallon@gmx.de> MFC after: 3 days
|
250460 |
10-May-2013 |
eadler |
Fxi a bunch of typos.
PR: misc/174625 Submitted by: Jeremy Chadwick <jdc@koitsu.org>
|
249925 |
26-Apr-2013 |
glebius |
Add const qualifier to the dst parameter of the ifnet if_output method.
|
249583 |
17-Apr-2013 |
gabor |
- Correct mispellings of the word necessary
Submitted by: Christoph Mallon <christoph.mallon@gmx.de> (via private mail)
|
249400 |
12-Apr-2013 |
glebius |
Attempt to clean up spacing and long lines.
|
249178 |
05-Apr-2013 |
adrian |
Add blacklist entries for Atheros bluetooth device IDs that are known to need firmware before they will re-attach as correctly functioning bluetooth devices.
Reviewed by: maksim Obtained from: Linux ath3k device driver
|
248885 |
29-Mar-2013 |
glebius |
Revamp mbuf handling in ng_ksocket_incoming2():
- Clear code that workarounded a bug in FreeBSD 3, and even predated import of netgraph(4). - Clear workaround for m_nextpkt pointing into next record in buffer (fixed in r248884). Assert that m_nextpkt is clear. - Do not rely on SOCK_STREAM sockets containing M_PKTHDR mbufs. Create a header ourselves and attach chain to it. This is correct fix for kern/154676.
PR: kern/154676 Sponsored by: Nginx, Inc
|
248883 |
29-Mar-2013 |
glebius |
Whitespace.
|
248882 |
29-Mar-2013 |
glebius |
Non-functional cleanup of ng_ksocket_incoming2().
|
248725 |
26-Mar-2013 |
glebius |
Return ENOMEM if malloc() fails.
|
248724 |
26-Mar-2013 |
glebius |
Cleanup: wrap long lines, cleanup comments, etc.
|
248570 |
21-Mar-2013 |
glebius |
Add NGM_NAT_LIBALIAS_INFO command, that reports internal stats of libalias instance. To be used in the mpd5 daemon.
Submitted by: Dmitry Luhtionov <dmitryluhtionov gmail.com>
|
246821 |
15-Feb-2013 |
glebius |
Fix compilation warning.
Sponsored by: Nginx, Inc
|
246324 |
04-Feb-2013 |
avg |
ng_ether_ifnet_arrival_event: check interface type before using IFP2NG
The check is copied from vnet_ng_ether_init. Not sure if it covers all the types that we want to support with ng_ether.
Reported by: markj Discussed with: zec MFC after: 10 days X-MFC with: r246245
|
246245 |
02-Feb-2013 |
avg |
ng_ether: track interface renaming
Also sanitize interface names that can potentially contain characters that are prohibited in netgraph names.
PR: kern/154850 (sanitizing of names) Discussed with: eri, melifaro Submitted by: Nikolay Denev <ndenev@gmail.com> (sanitizing code) Reviewed by: eri, glebius MFC after: 17 days
|
244715 |
26-Dec-2012 |
rakuco |
Use DEVMETHOD_END, as suggested by hselasky@.
Approved by: glebius
|
244714 |
26-Dec-2012 |
rakuco |
Use the correct USB interface macros instead of USB_IF_CSI.
As pointed out by hselasky@, USB_IF_CSI is the wrong macro here since we want to declare the device's interface class, subclass and protocol, not class, subclass and driver info.
Follow-up to r244704.
PR: kern/174707 Approved by: glebius MFC after: 1 week
|
244704 |
26-Dec-2012 |
glebius |
Add vendor IDs for Broadcom USB dongles (BCM20702).
PR: kern/174707 Submitted by: rakuco
|
243882 |
05-Dec-2012 |
glebius |
Mechanically substitute flags from historic mbuf allocator with malloc(9) flags within sys.
Exceptions:
- sys/contrib not touched - sys/mbuf.h edited manually
|
241913 |
22-Oct-2012 |
glebius |
Switch the entire IPv4 stack to keep the IP packet header in network byte order. Any host byte order processing is done in local variables and host byte order values are never[1] written to a packet.
After this change a packet processed by the stack isn't modified at all[2] except for TTL.
After this change a network stack hacker doesn't need to scratch his head trying to figure out what is the byte order at the given place in the stack.
[1] One exception still remains. The raw sockets convert host byte order before pass a packet to an application. Probably this would remain for ages for compatibility.
[2] The ip_input() still subtructs header len from ip->ip_len, but this is planned to be fixed soon.
Reviewed by: luigi, Maxim Dounin <mdounin mdounin.ru> Tested by: ray, Olivier Cochard-Labbe <olivier cochard.me>
|
241686 |
18-Oct-2012 |
andre |
Mechanically remove the last stray remains of spl* calls from net*/*. They have been Noop's for a long time now.
|
241446 |
11-Oct-2012 |
melifaro |
Add NG_NETFLOW_V9INFO_TYPE command to be able to request netflowv9-specific data.
Submitted by: Dmitry Luhtionov <dmitryluhtionov at gmail.com> MFC after: 2 weeks
|
241394 |
10-Oct-2012 |
kevlo |
Revert previous commit...
Pointyhat to: kevlo (myself)
|
241370 |
09-Oct-2012 |
kevlo |
Prefer NULL over 0 for pointers
|
241369 |
09-Oct-2012 |
kevlo |
Fix typo: s/unknow/unknown
|
241344 |
08-Oct-2012 |
glebius |
After r241245 it appeared that in_delayed_cksum(), which still expects host byte order, was sometimes called with net byte order. Since we are moving towards net byte order throughout the stack, the function was converted to expect net byte order, and its consumers fixed appropriately: - ip_output(), ipfilter(4) not changed, since already call in_delayed_cksum() with header in net byte order. - divert(4), ng_nat(4), ipfw_nat(4) now don't need to swap byte order there and back. - mrouting code and IPv6 ipsec now need to switch byte order there and back, but I hope, this is temporary solution. - In ipsec(4) shifted switch to net byte order prior to in_delayed_cksum(). - pf_route() catches up on r241245 changes to ip_output().
|
241078 |
30-Sep-2012 |
hselasky |
The USB Bluetooth driver should only grab its own interfaces. This allows the USB bluetooth driver to co-exist with other USB device classes and drivers.
Reported by: Geoffrey Levand MFC after: 1 week
|
241009 |
27-Sep-2012 |
rstone |
Ensure that all cases that enqueue a netgraph item for delivery by a ngthread properly set the item's depth to 1. In particular, prior to this change if ng_snd_item failed to acquire a lock on a node, the item's depth would not be set at all. This fix ensures that the error code from rcvmsg/ rcvdata is properly passed back to the apply callback. For example, this fixes a bug where an error from rcvmsg/rcvdata would not previously propagate back to a libnetgraph consumer when the message was queued.
Reviewed by: mav MFC after: 1 month Sponsored by: Sandvine Incorporated
|
240494 |
14-Sep-2012 |
glebius |
o Create directory sys/netpfil, where all packet filters should reside, and move there ipfw(4) and pf(4).
o Move most modified parts of pf out of contrib.
Actual movements:
sys/contrib/pf/net/*.c -> sys/netpfil/pf/ sys/contrib/pf/net/*.h -> sys/net/ contrib/pf/pfctl/*.c -> sbin/pfctl contrib/pf/pfctl/*.h -> sbin/pfctl contrib/pf/pfctl/pfctl.8 -> sbin/pfctl contrib/pf/pfctl/*.4 -> share/man/man4 contrib/pf/pfctl/*.5 -> share/man/man5
sys/netinet/ipfw -> sys/netpfil/ipfw
The arguable movement is pf/net/*.h -> sys/net. There are future plans to refactor pf includes, so I decided not to break things twice.
Not modified bits of pf left in contrib: authpf, ftp-proxy, tftp-proxy, pflogd.
The ipfw(4) movement is planned to be merged to stable/9, to make head and stable match.
Discussed with: bz, luigi
|
239007 |
03-Aug-2012 |
mav |
Remove duplicate check.
Submitted by: Dmitry Luhtionov <dmitryluhtionov@gmail.com>
|
238844 |
27-Jul-2012 |
emaste |
Add version so others can depend on this module
|
237227 |
18-Jun-2012 |
melifaro |
Make radix lookup on src and dst flow addresses optional and configurable on per-interface basis. Remove __inline__ for several functions being called once per flow (e.g once per 10-20 packets on common traffic flows). Update manual page to simplify search for BPF data link types.
Sponsored by Yandex LLC
Reviewed by: glebius Approved by: ae(mentor) MFC after: 2 weeks
|
237226 |
18-Jun-2012 |
melifaro |
Simplify IP pointer recovery in case of mbuf reallocation.
Reviewed by: glebius (previous version) Approved by: ae(mentor) MFC after: 2 weeks
|
237164 |
16-Jun-2012 |
melifaro |
Use time_uptime instead of getnanotime for accouting integer number of seconds.
Reviewed by: glebius Approved by: ae(mentor) MFC after: 1 week
|
237163 |
16-Jun-2012 |
melifaro |
Set netflow v9 observation domain value to fib number instead of node id. This fixes multi-fib netflow v9 export.
Reviewed by: glebius Approved by: kib(mentor) MFC after: 1 week
|
237162 |
16-Jun-2012 |
melifaro |
Fix improper L4 header handling for IPv6 packets passed via DLT_RAW.
Reported by: Emil Muratov <gpm@hotplug.ru> Reviewed by: glebius Approved by: ae(mentor) MFC after: 1 week
|
235979 |
25-May-2012 |
glebius |
Revert my local not yet properly tested changes, that leaked in with r235923.
|
235923 |
24-May-2012 |
glebius |
Revert r220768 for ng_ksocket. This node is special and when it is cloning, its constructor method may be called in a context that isn't allowed to sleep.
Noticed by: Vadim Goncharov
|
234574 |
22-Apr-2012 |
melifaro |
Fix panic in ng_patch(4) caused by checksum flags being added to mbuf flags.
Tested by: Maxim Ignatenko <gelraen.ua@gmail.com> Approved by: kib(mentor)
MFC after: 3 days
|
234341 |
16-Apr-2012 |
zec |
#include <net/vnet.h> is no longer needed here.
Spotted by: Ed Maste MFC after: 3 days.
|
233774 |
02-Apr-2012 |
hselasky |
Fix compiler warnings, mostly signed issues, when USB modules are compiled with WARNS=9.
MFC after: 1 weeks
|
232921 |
13-Mar-2012 |
melifaro |
Use rt_numfibs variable instead of compile-time RT_NUMFIBS.
Reviewed by: glebius (previous version) Approved by: kib(mentor), ae(mentor)
|
232825 |
11-Mar-2012 |
adrian |
Upgrade the netgraph vlan node to support 802.1q, encapsulation type, PCP and CFI fields.
* Ethernet_type for VLAN encapsulation is tunable, default is 0x8100; * PCP (Priority code point) and CFI (canonical format indicator) is tunable per VID; * Tunable encapsulation to support 802.1q * Encapsulation/Decapsulation code improvements
New messages have been added for this netgraph node to support the new features.
However, the legacy "vlan" id is still supported and compiled in by default. It can be disabled in a future release.
TODO:
* Documentation * Examples
PR: kern/161908 Submitted by: Ivan <rozhuk.im@gmail.com>
|
231997 |
22-Feb-2012 |
glebius |
Revert r231829, that was my braino.
|
231831 |
16-Feb-2012 |
glebius |
Refactor the name hash and the ID hash, that are used to address nodes:
- Make hash sizes growable, to satisfy users running large mpd installations, having thousands of nodes. - NG_NAMEHASH() proved to give a very bad distribution in real life name sets, while generic hash32_str(name, HASHINIT) proved to give an even one, so you the latter for name hash. - Do not store unnamed nodes in slot 0 of name hash, no reason for that. - Use the ID hash in cases when we need to run through all nodes: the NGM_LISTNODES command and in the vnet_netgraph_uninit(). - Implement NGM_LISTNODES and NGM_LISTNAMES as separate code, the former iterates through the ID hash, and the latter through the name hash. - Keep count of all nodes and of named nodes, so that we don't need to count nodes in NGM_LISTNODES and NGM_LISTNAMES. The counters are also used to estimate whether we need to grow hashes. - Close a race between two threads running ng_name_node() assigning same name to different nodes.
|
231830 |
16-Feb-2012 |
glebius |
Specify correct loading order for core of netgraph(4).
|
231829 |
16-Feb-2012 |
glebius |
Supply correct "how" argument to the uma_zcreate().
|
231823 |
16-Feb-2012 |
glebius |
In ng_getsockaddr() allocate memory prior to obtaining lock.
Reported & tested by: Mykola Dzham <i levsha.me>
|
231766 |
15-Feb-2012 |
glebius |
Fix includes list.
Submitted by: bde
|
231765 |
15-Feb-2012 |
glebius |
Trim double empty lines.
|
231764 |
15-Feb-2012 |
glebius |
Remove testing stuff, reducing kernel memory footprint by 1 Kb.
Anyway, when we are building a LINT kernel, all these macros are tested via nodes.
|
231761 |
15-Feb-2012 |
glebius |
In ng_bypass() add more protection against potential race with ng_rmnode() and its followers.
|
231760 |
15-Feb-2012 |
glebius |
style(9): sort includes.
|
231585 |
13-Feb-2012 |
glebius |
No need to optimise for a node with no hooks, my braino.
|
231543 |
12-Feb-2012 |
fjoe |
- Use fixed-width integer types. - Prefer to use C99 stdint types.
This fixes ng_cisco on 64-bit architectures.
MFC after: 1 week
|
231378 |
10-Feb-2012 |
ed |
Remove direct access to si_name.
Code should just use the devtoname() function to obtain the name of a character device. Also add const keywords to pieces of code that need it to build properly.
MFC after: 2 weeks
|
230487 |
23-Jan-2012 |
glebius |
Provide a findhook method for ng_socket(4). The node stores a hash with names of its hooks. It starts with size of 16, and grows when number of hooks reaches twice the current size. A failure to grow (memory is allocated with M_NOWAIT) isn't fatal, however.
I used standard hash(9) function for the hash. With 25000 hooks named in the mpd (ports/net/mpd5) manner of "b%u", the distributions is the following: 72.1% entries consist of one element, 22.1% consist of two, 5.2% consist of three and 0.6% of four.
Speedup in a synthetic test that creates 25000 hooks and then runs through a long cyclce dereferencing them in a random order is over 25 times.
|
230481 |
23-Jan-2012 |
glebius |
In ng_socket(4) expose less kernel internals to userland. This commit breaks ABI, but makes probability of ABI breakage in future less.
|
230480 |
23-Jan-2012 |
glebius |
Convert locks that protect name hash, ID hash and typelist from mutex(9) to rwlock(9) based locks.
While here remove dropping lock when processing NGM_LISTNODES, and NGM_LISTTYPES generic commands. We don't need to drop it since memory allocation is done with M_NOWAIT.
|
230272 |
17-Jan-2012 |
glebius |
The newhook method can be called in ISR context at certain circumstances, so better use M_NOWAIT in it.
|
230214 |
16-Jan-2012 |
glebius |
Add missing static.
|
230213 |
16-Jan-2012 |
glebius |
Remove some disabled NOTYET code. Probability of enabling it is low, if anyone wants, he/she can take it from svn.
|
229272 |
02-Jan-2012 |
ed |
Use strchr() and strrchr().
It seems strchr() and strrchr() are used more often than index() and rindex(). Therefore, simply migrate all kernel code to use it.
For the XFS code, remove an empty line to make the code identical to the code in the Linux kernel.
|
229003 |
30-Dec-2011 |
glebius |
style(9), whitespace and spelling nits.
|
227459 |
11-Nov-2011 |
brooks |
In r191367 the need for if_free_type() was removed and a new member if_alloctype was used to store the origional interface type. Take advantage of this change by removing all existing uses of if_free_type() in favor of if_free().
MFC after: 1 Month
|
227309 |
07-Nov-2011 |
ed |
Mark all SYSCTL_NODEs static that have no corresponding SYSCTL_DECLs.
The SYSCTL_NODE macro defines a list that stores all child-elements of that node. If there's no SYSCTL_DECL macro anywhere else, there's no reason why it shouldn't be static.
|
227293 |
07-Nov-2011 |
ed |
Mark MALLOC_DEFINEs static that have no corresponding MALLOC_DECLAREs.
This means that their use is restricted to a single C file.
|
227132 |
06-Nov-2011 |
fjoe |
- Fix potential double mbuf free: M_PREPEND may free mbuf chain and return NULL but item will still have the reference ot the mbuf chain and will free it upon destruction. - Fix memory leak (unfree'd item on error path).
|
227131 |
06-Nov-2011 |
fjoe |
Fix potential double mbuf free: M_PREPEND may free mbuf chain and return NULL but item will still have the reference ot the mbuf chain and will free it upon destruction.
|
227130 |
06-Nov-2011 |
fjoe |
Constify "address" argument of ng_address_path().
|
226829 |
27-Oct-2011 |
glebius |
- If KDB & NETGRAPH_DEBUG are on, print traces on discovered failed invariants. - Reduce tautology in NETGRAPH_DEBUG output.
|
226186 |
10-Oct-2011 |
melifaro |
Free mbuf in case when protocol in unknown in ng_ipfw_rcvdata(). This change fixes (theoretically) possible mbuf leak introduced in r225586. Reorder code a bit and change return codes to be more specific
Reviewed by: glebius Approved by: kib (mentor)
|
225586 |
15-Sep-2011 |
ae |
Add IPv6 support to the ng_ipfw(4) [1]. Also add ifdefs to be able build it with and without INET/INET6 support.
Submitted by: Alexander V. Chernikov <melifaro at yandex-team.ru> [1] Tested by: Alexander V. Chernikov <melifaro at yandex-team.ru> [1] Approved by: re (bz) MFC after: 2 weeks
|
224778 |
11-Aug-2011 |
rwatson |
Second-to-last commit implementing Capsicum capabilities in the FreeBSD kernel for FreeBSD 9.0:
Add a new capability mask argument to fget(9) and friends, allowing system call code to declare what capabilities are required when an integer file descriptor is converted into an in-kernel struct file *. With options CAPABILITIES compiled into the kernel, this enforces capability protection; without, this change is effectively a no-op.
Some cases require special handling, such as mmap(2), which must preserve information about the maximum rights at the time of mapping in the memory map so that they can later be enforced in mprotect(2) -- this is done by narrowing the rights in the existing max_protection field used for similar purposes with file permissions.
In namei(9), we assert that the code is not reached from within capability mode, as we're not yet ready to enforce namespace capabilities there. This will follow in a later commit.
Update two capability names: CAP_EVENT and CAP_KEVENT become CAP_POST_KEVENT and CAP_POLL_KEVENT to more accurately indicate what they represent.
Approved by: re (bz) Submitted by: jonathan Sponsored by: Google Inc
|
224307 |
25-Jul-2011 |
avg |
remove RESTARTABLE_PANICS option
This is done per request/suggestion from John Baldwin who introduced the option. Trying to resume normal system operation after a panic is very unpredictable and dangerous. It will become even more dangerous when we allow a thread in panic(9) to penetrate all lock contexts. I understand that the only purpose of this option was for testing scenarios potentially resulting in panic.
Suggested by: jhb Reviewed by: attilio, jhb X-MFC-After: never Approved by: re (kib)
|
224107 |
16-Jul-2011 |
zec |
Clear pending ifnet events, in an attempt at preventing ng_ether_link_state() from being dispatched after we have cleared our IFP2NG(ifp).
MFC after: 3 days
|
224031 |
14-Jul-2011 |
glebius |
In ng_attach_cntl() first allocate things that may fail, and then do the rest of initialization. This simplifies code and fixes a double free in failure scenario.
Reviewed by: bz
|
223822 |
06-Jul-2011 |
glebius |
Add missing unlocks.
|
223787 |
05-Jul-2011 |
glebius |
o Eliminate flow6_hash_entry in favor of flow_hash_entry. We don't need a separate struct to start a slist of semi-opaque structs. This makes some code more compact. o Rewrite ng_netflow_flow_show() and its API/ABI: - Support for IPv6 is added. - Request and response now use same struct. Structure specifies version (6 or 4), index of last retrieved hash, and also index of last retrieved entry in the hash entry.
|
223768 |
04-Jul-2011 |
glebius |
Fix build with NETGRAPH_DEBUG.
|
223761 |
04-Jul-2011 |
glebius |
Fix build with NETGRAPH_DEBUG.
|
223754 |
04-Jul-2011 |
glebius |
- Use refcount(9) API to manage node and hook refcounting. - Make ng_unref_node() void, since caller shouldn't be interested in whether node is valid after call or not, since it can't be guaranteed to be valid. [1]
Ok from: julian [1]
|
223741 |
03-Jul-2011 |
bz |
Tag mbufs of all incoming frames or packets with the interface's FIB setting (either default or if supported as set by SIOCSIFFIB, e.g. from ifconfig).
Submitted by: Alexander V. Chernikov (melifaro ipfw.ru) Reviewed by: julian MFC after: 2 weeks
|
223706 |
01-Jul-2011 |
glebius |
Fix double free.
Submitted by: Alexander V. Chernikov <melifaro ipfw.ru>
|
223486 |
24-Jun-2011 |
hselasky |
- Move all USB device ID arrays into so-called sections, sorted according to the mode which they support: host, device or dual mode - Add generic tool to extract these data: tools/bus_autoconf
Discussed with: imp Suggested by: Robert Millan <rmh@debian.org> PR: misc/157903 MFC after: 14 days
|
223469 |
23-Jun-2011 |
glebius |
Be consistent with r160968: keep autoSrcAddr flag untouched when node receives NGM_SHUTDOWN.
Submitted by: pluknet
|
222808 |
07-Jun-2011 |
ae |
Sync ng_nat with recent (r222806) ipfw_nat changes:
Make a behaviour of the libalias based in-kernel NAT a bit closer to how natd(8) does work. natd(8) drops packets only when libalias returns PKT_ALIAS_IGNORED and "deny_incoming" option is set, but ipfw_nat always did drop packets that were not aliased, even if they should not be aliased and just are going through.
Also add SCTP support: mark response packets to skip firewall processing.
MFC after: 1 month
|
222257 |
24-May-2011 |
zec |
Assume the link to be dead if bit error rate (BER) parameter is set to 1. When a transition from link alive to link dead configuration or vice versa occurs, notify any upstream and / or downstream peers using NGM_FLOW messagges.
Link state notification using NGM_FLOW messages is modelled around around already existing code in ng_ether.c.
MFC after: 3 days
|
222255 |
24-May-2011 |
zec |
Provide fake link status information in an attempt to let ng_eiface(4) virtual ifnets more realistically mimic physical ethernet interfaces. The main motivation behind this change is to allow for ng_eiface(4) interfaces to participate in STP if_bridge(4) configurations.
When announcing link status changes, switch to the vnet to which the ifnet belongs, since it is possible for ng_eiface ifnets to be assigned to a vnet different from the one in which its netgraph node resides.
MFC after: 3 days
|
222055 |
18-May-2011 |
avg |
usb: fix a missed use of use_generic in r222051
Submitted by: gcooper Pointyhat to: avg MFC after: 1 month X-MFC with: r222051
|
220800 |
18-Apr-2011 |
glebius |
LibAliasInit() should allocate memory with M_WAITOK flag. Modify it and its callers.
|
220783 |
18-Apr-2011 |
glebius |
Finish last change.
Pointy hat to: glebius
|
220781 |
18-Apr-2011 |
glebius |
Further cleanup of node creation path from M_NOWAIT usage.
|
220769 |
18-Apr-2011 |
glebius |
ng_netflow_cache_init() can be void.
|
220768 |
18-Apr-2011 |
glebius |
Node constructor methods are supposed to be called in syscall context always. Convert nodes to consistently use M_WAITOK flag for memory allocation.
Reviewed by: julian
|
220767 |
18-Apr-2011 |
ae |
Use M_WAITOK flag instead M_WAIT for malloc.
Suggested by: glebius MFC after: 1 week
|
220745 |
17-Apr-2011 |
glebius |
Fix error where error variable was assigned result of comparison, instead of function return value.
Submitted by: Przemyslaw Frasunek <przemyslaw frasunek.com> MFC after: 4 days
|
220416 |
07-Apr-2011 |
zec |
Properly unref ng_hub nodes on shutdown, so that we don't leak them.
MFC after: 3 days
|
219827 |
21-Mar-2011 |
glebius |
Improve locking of creating and dropping links in the graph, acquiring the topology mutex in the following functions, that manipulate pointers to peer nodes:
- ng_bypass() - ng_path2noderef() when switching to the next node in sequence. Rewrite the function a bit. - ng_address_hook() - ng_address_path()
This patch improves stability of large mpd5 installations.
|
219781 |
19-Mar-2011 |
glebius |
Remove spl(9) remnants.
|
219229 |
03-Mar-2011 |
bz |
Unbreak the build for no options INET6.
PR: kern/155227 Submitted by: Dmitry Afanasiev (KOT MATPOCKuH.Ru)
|
219182 |
02-Mar-2011 |
glebius |
Add support for NetFlow version 9 into ng_netflow(4) node.
Submitted by: Alexander V. Chernikov <melifaro ipfw.ru>
|
219127 |
01-Mar-2011 |
ae |
Add XMIT_FAILOVER transmit algorithm to ng_one2many node. Packets are delivered out the first active "many" hook.
PR: kern/137775 Submitted by: Maxim Ignatenko MFC after: 2 weeks
|
218909 |
21-Feb-2011 |
brucec |
Fix typos - remove duplicate "the".
PR: bin/154928 Submitted by: Eitan Adler <lists at eitanadler.com> MFC after: 3 days
|
218757 |
16-Feb-2011 |
bz |
Mfp4 CH=177274,177280,177284-177285,177297,177324-177325
VNET socket push back: try to minimize the number of places where we have to switch vnets and narrow down the time we stay switched. Add assertions to the socket code to catch possibly unset vnets as seen in r204147.
While this reduces the number of vnet recursion in some places like NFS, POSIX local sockets and some netgraph, .. recursions are impossible to fix.
The current expectations are documented at the beginning of uipc_socket.c along with the other information there.
Sponsored by: The FreeBSD Foundation Sponsored by: CK Software GmbH Reviewed by: jhb Tested by: zec
Tested by: Mikolaj Golub (to.my.trociny gmail.com) MFC after: 2 weeks
|
217320 |
12-Jan-2011 |
mdf |
sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly.
Commit the netgraph piece.
|
217265 |
11-Jan-2011 |
jhb |
Remove unneeded includes of <sys/linker_set.h>. Other headers that use it internally contain nested includes.
Reviewed by: bde
|
215800 |
24-Nov-2010 |
zec |
Simplify ng_pipe locking model by relying on the netgraph framework to provide serialization of calls into the node, which is accomplished by markng the node as single-threaded (NGF_FORCE_WRITER).
The price we pay is that each ng_pipe instance now has its own callout handler which polls for queued frames on each clock tick, as long as the pipe has any frames in its internal queues. OTOH, we got rid of the global ng_pipe mutex, so from now on multiple ng_pipe instances can operate in parallel. This change also fixes counting of forwarded frames when an ng_pipe node is not enforcing any packet impairments.
While here, attempt to improve adherance to style(9) throughout otherwise mostly unreadable code.
MFC after: 3 days
|
215701 |
22-Nov-2010 |
dim |
After some off-list discussion, revert a number of changes to the DPCPU_DEFINE and VNET_DEFINE macros, as these cause problems for various people working on the affected files. A better long-term solution is still being considered. This reversal may give some modules empty set_pcpu or set_vnet sections, but these are harmless.
Changes reverted:
------------------------------------------------------------------------ r215318 | dim | 2010-11-14 21:40:55 +0100 (Sun, 14 Nov 2010) | 4 lines
Instead of unconditionally emitting .globl's for the __start_set_xxx and __stop_set_xxx symbols, only emit them when the set_vnet or set_pcpu sections are actually defined.
------------------------------------------------------------------------ r215317 | dim | 2010-11-14 21:38:11 +0100 (Sun, 14 Nov 2010) | 3 lines
Apply the STATIC_VNET_DEFINE and STATIC_DPCPU_DEFINE macros throughout the tree.
------------------------------------------------------------------------ r215316 | dim | 2010-11-14 21:23:02 +0100 (Sun, 14 Nov 2010) | 2 lines
Add macros to define static instances of VNET_DEFINE and DPCPU_DEFINE.
|
215673 |
22-Nov-2010 |
zec |
Allow for MTU sizes of up to ETHER_MAX_LEN_JUMBO (i.e. 9018) bytes to be configured on ng_eiface ifnets. The default MTU remains unchanged at 1500 bytes.
Mark ng_eiface ifnets as IFCAP_VLAN_MTU capable, so that the associated vlan(4) ifnets may use full-sized Ethernet MTUs (1500 bytes).
MFC after: 3 days
|
215317 |
14-Nov-2010 |
dim |
Apply the STATIC_VNET_DEFINE and STATIC_DPCPU_DEFINE macros throughout the tree.
|
213794 |
13-Oct-2010 |
rpaulo |
When calling panic(), always pass a format string.
|
210783 |
02-Aug-2010 |
emax |
Fix typo
PR: kern/140590 MFC after: 3 days
|
210537 |
27-Jul-2010 |
glebius |
Fix operation of "netgraph" action in conjunction with the net.inet.ip.fw.one_pass sysctl.
The "ngtee" action is still broken.
PR: kern/148885 Submitted by: Nickolay Dudorov <nnd mail.nsk.ru>
|
210500 |
26-Jul-2010 |
glebius |
Zero padding fields of netflow records. This helps to reduce size of compressed export logs.
Requested by: Alexey Illarionov <littlesavage orionet.ru>
|
209730 |
06-Jul-2010 |
emaste |
Remove defunct email address from header as well.
|
209728 |
06-Jul-2010 |
emaste |
Remove email address that no longer exists.
|
209723 |
06-Jul-2010 |
zec |
Fix a double-free bug which can occur if both bit error rate and packet duplication probability are configured on a ng_pipe node.
Submitted by: Jeffrey Ahrenholtz MFC after: 3 days
|
209722 |
06-Jul-2010 |
glebius |
Avoid double-free. In error cases ipfw(4) frees the mbuf(4), we don't need to.
PR: kern/145462
|
209633 |
01-Jul-2010 |
glebius |
The struct ipfw_rule_ref follows the struct m_tag. Deal with this correctly. This fixes breakage of ng_ipfw(4) in r201527.
Submitted by: Alexander Zagrebin <alexz visp.ru>
|
209194 |
15-Jun-2010 |
ae |
* Include sys/systm.h for KASSERT() * Remove unneeded includes and comment * Replace home made OFFSETOF() macro with standard offsetof()
Pointed out by: bde Approved by: kib (mentor)
|
208989 |
10-Jun-2010 |
ae |
Style(9) fixes: * Sort includes * Replace #define<SPACE> to #define<TAB> * Split declarations and initializations * Split long lines
Requested by: kib Approved by: kib (mentor) MFC after: 1 month
|
208946 |
09-Jun-2010 |
ae |
New netgraph node ng_patch(4). It performs data modification of packets passing through. Modifications are restricted to a subset of C language operations on unsigned integers of 8, 16, 32 or 64 bit size. These are: set to new value (=), addition (+=), subtraction (-=), multiplication (*=), division (/=), negation (= -), bitwise AND (&=), bitwise OR (|=), bitwise eXclusive OR (^=), shift left (<<=), shift right (>>=). Several operations are all applied to a packet sequentially in order they were specified by user.
Submitted by: Maxim Ignatenko <gelraen.ua at gmail.com> Vadim Goncharov <vadimnuclight at tpu.ru> Discussed with: net@ Approved by: mav (mentor) MFC after: 1 month
|
208824 |
05-Jun-2010 |
mav |
Remove some dead and incorrect code.
Found with: Coverity Prevent(tm) CID: 4562
|
208300 |
19-May-2010 |
attilio |
Fix a race between ngs_rcvmsg() and soclose() which closes the control socket while it is still in use. priv->ctlsock is checked at the top of the function but without any lock held, which means the control socket state may certainly change. Add a similar protection to ngs_shutdown() even if a race is unlikely to be experienced there.
Sponsored by: Sandvine Incorporated Obtained from: Nima Misaghian @ Sandvine Incorporated <nmisaghian at sandvine dot com> MFC after: 10 days
|
208036 |
13-May-2010 |
zec |
Increase the target buffer for performing NGM_ASCII2BINARY conversion from 2000 bytes to 20 Kbytes, which now matches the buffer size used for NGM_BINARY2ASCII conversions.
The aim of this change is to allow for bigger binary structures to be managed via netgraph ASCII messages, until we come up with an API improvement which would get rid of such arbitrary hardcoded limits.
MFC after: 3 days
|
207732 |
06-May-2010 |
fabient |
Fix an invalid parameter detected by INVARIANT and confirmed by r193272.
|
207680 |
05-May-2010 |
zec |
Add an optional "persistent" flag to ng_hub and ng_bridge, which if set, disables automatic node shutdown when the last hook gets disconnected.
Reviewed by: julian
|
207572 |
03-May-2010 |
zec |
When destroying a vnet, shut down all netgraph nodes tied to that vnet before proceeding with dismantling other protocol domains.
This change only affects options VIMAGE builds.
Reviewed by: julian, bz MFC after: 3 days
|
207554 |
03-May-2010 |
sobomax |
Add new tunable 'net.link.ifqmaxlen' to set default send interface queue length. The default value for this parameter is 50, which is quite low for many of today's uses and the only way to modify this parameter right now is to edit if_var.h file. Also add read-only sysctl with the same name, so that it's possible to retrieve the current value.
MFC after: 1 month
|
207426 |
30-Apr-2010 |
trasz |
Avoid undefined behaviour.
Reviewed by: zec@
|
206360 |
07-Apr-2010 |
joel |
Start copyright notice with /*-
|
206050 |
01-Apr-2010 |
mav |
Remove alignment constraints.
|
206049 |
01-Apr-2010 |
mav |
Remove alignment constraints.
|
206032 |
01-Apr-2010 |
mav |
Remove alignment constraints.
|
206021 |
31-Mar-2010 |
mav |
Remove some more alignment constraints.
|
206017 |
31-Mar-2010 |
mav |
Make ng_ksocket fulfill lower protocol stack layers alignment requirements on platforms with strict alignment constraints. This fixes kernel panics on arm and probably other architectures.
PR: sparc64/80410
|
206015 |
31-Mar-2010 |
mav |
Make ng_l2tp irrelevant to data alignment.
|
206000 |
31-Mar-2010 |
mav |
Make ng_ppp fulfill upper protocol stack layers alignment requirements on platforms with strict alignment constraints. This fixes kernel panics on arm and probably other architectures.
PR: sparc64/80410
|
205636 |
25-Mar-2010 |
glebius |
Remove disabled code. In 99% cases exports are send to ng_ksocket(4), which already forces queued mode, so what was suggested in disabled code is already done.
|
205083 |
12-Mar-2010 |
glebius |
Now fix functionality of 'netstat -f netgraph' that hasn't worked starting from netgraph import in 1999.
netstat(8) used pointer to node as node address, oops. That didn't work, we need the node ID in brackets to successfully address a node. We can't look into ng_node, due to inability to include netgraph/netgraph.h in userland code. So let the node make a hint for a userland, storing the node ID in its private data.
MFC after: 2 weeks
|
205082 |
12-Mar-2010 |
glebius |
Fix 'netstat -f netgraph', which I had broken in r163463 ling time ago in 2006. This linked list is actually needed for userland.
PR: kern/140446 Submitted by: Adrian Steinmann <ast marabu.ch>
|
202588 |
18-Jan-2010 |
thompsa |
Declare a new EVENTHANDLER called iflladdr_event which signals that the L2 address on an interface has changed. This lets stacked interfaces such as vlan(4) detect that their lower interface has changed and adjust things in order to keep working. Previously this situation broke at least vlan(4) and lagg(4) configurations.
The EVENTHANDLER_INVOKE call was not placed within if_setlladdr() due to the risk of a loop.
PR: kern/142927 Submitted by: Nikolay Denev
|
201924 |
09-Jan-2010 |
fjoe |
Send link state change control messages to "orphans" hook as well.
MFC after: 1 week
|
201748 |
07-Jan-2010 |
luigi |
ip_var.h now needs to be before ip_fw_private.h
|
201527 |
04-Jan-2010 |
luigi |
Various cleanup done in ipfw3-head branch including: - use a uniform mtag format for all packets that exit and re-enter the firewall in the middle of a rulechain. On reentry, all tags containing reinject info are renamed to MTAG_IPFW_RULE so the processing is simpler.
- make ipfw and dummynet use ip_len and ip_off in network format everywhere. Conversion is done only once instead of tracking the format in every place.
- use a macro FREE_PKT to dispose of mbufs. This eases portability.
On passing i also removed a few typos, staticise or localise variables, remove useless declarations and other minor things.
Overall the code shrinks a bit and is hopefully more readable.
I have tested functionality for all but ng_ipfw and if_bridge/if_ethersubr. For ng_ipfw i am actually waiting for feedback from glebius@ because we might have some small changes to make. For if_bridge and if_ethersubr feedback would be welcome (there are still some redundant parts in these two modules that I would like to remove, but first i need to check functionality).
|
201145 |
28-Dec-2009 |
antoine |
(S)LIST_HEAD_INITIALIZER takes a (S)LIST_HEAD as an argument. Fix some wrong usages. Note: this does not affect generated binaries as this argument is not used.
PR: 137213 Submitted by: Eygene Ryabinkin (initial version) MFC after: 1 month
|
201124 |
28-Dec-2009 |
luigi |
bring the NGM_IPFW_COOKIE back into ng_ipfw.h, libnetgraph expects to find it there. Unfortunately this reintroduces the dependency on ip_fw_pfil.c
|
201122 |
28-Dec-2009 |
luigi |
bring in several cleanups tested in ipfw3-head branch, namely:
r201011 - move most of ng_ipfw.h into ip_fw_private.h, as this code is ipfw-specific. This removes a dependency on ng_ipfw.h from some files.
- move many equivalent definitions of direction (IN, OUT) for reinjected packets into ip_fw_private.h
- document the structure of the packet tags used for dummynet and netgraph;
r201049 - merge some common code to attach/detach hooks into a single function.
r201055 - remove some duplicated code in ip_fw_pfil. The input and output processing uses almost exactly the same code so there is no need to use two separate hooks. ip_fw_pfil.o goes from 2096 to 1382 bytes of .text
r201057 (see the svn log for full details) - macros to make the conversion of ip_len and ip_off between host and network format more explicit
r201113 (the remaining parts) - readability fixes -- put braces around some large for() blocks, localize variables so the compiler does not think they are uninitialized, do not insist on precise allocation size if we have more than we need.
r201119 - when doing a lookup, keys must be in big endian format because this is what the radix code expects (this fixes a bug in the recently-introduced 'lookup' option)
No ABI changes in this commit.
MFC after: 1 week
|
200855 |
22-Dec-2009 |
luigi |
merge code from ipfw3-head to reduce contention on the ipfw lock and remove all O(N) sequences from kernel critical sections in ipfw.
In detail:
1. introduce a IPFW_UH_LOCK to arbitrate requests from the upper half of the kernel. Some things, such as 'ipfw show', can be done holding this lock in read mode, whereas insert and delete require IPFW_UH_WLOCK.
2. introduce a mapping structure to keep rules together. This replaces the 'next' chain currently used in ipfw rules. At the moment the map is a simple array (sorted by rule number and then rule_id), so we can find a rule quickly instead of having to scan the list. This reduces many expensive lookups from O(N) to O(log N).
3. when an expensive operation (such as insert or delete) is done by userland, we grab IPFW_UH_WLOCK, create a new copy of the map without blocking the bottom half of the kernel, then acquire IPFW_WLOCK and quickly update pointers to the map and related info. After dropping IPFW_LOCK we can then continue the cleanup protected by IPFW_UH_LOCK. So userland still costs O(N) but the kernel side is only blocked for O(1).
4. do not pass pointers to rules through dummynet, netgraph, divert etc, but rather pass a <slot, chain_id, rulenum, rule_id> tuple. We validate the slot index (in the array of #2) with chain_id, and if successful do a O(1) dereference; otherwise, we can find the rule in O(log N) through <rulenum, rule_id>
All the above does not change the userland/kernel ABI, though there are some disgusting casts between pointers and uint32_t
Operation costs now are as follows:
Function Old Now Planned ------------------------------------------------------------------- + skipto X, non cached O(N) O(log N) + skipto X, cached O(1) O(1) XXX dynamic rule lookup O(1) O(log N) O(1) + skipto tablearg O(N) O(1) + reinject, non cached O(N) O(log N) + reinject, cached O(1) O(1) + kernel blocked during setsockopt() O(N) O(1) -------------------------------------------------------------------
The only (very small) regression is on dynamic rule lookup and this will be fixed in a day or two, without changing the userland/kernel ABI
Supported by: Valeria Paoli MFC after: 1 month
|
200582 |
15-Dec-2009 |
luigi |
add ip_fw_private.h to ng_ipfw.c, forgotten in previous commit; comment out remove ip_fw.h from ng_bridge.c, as it seems unused.
MFC after: 1 month
|
198988 |
06-Nov-2009 |
jhb |
Take a step towards removing if_watchdog/if_timer. Don't explicitly set if_watchdog/if_timer to NULL/0 when initializing an ifnet. if_alloc() sets those members to NULL/0 already.
|
198448 |
24-Oct-2009 |
ru |
Spell DIAGNOSTIC correctly.
|
197952 |
11-Oct-2009 |
julian |
Virtualize the pfil hooks so that different jails may chose different packet filters. ALso allows ipfw to be enabled on on ejail and disabled on another. In 8.0 it's a global setting.
Sitting aroung in tree waiting to commit for: 2 months MFC after: 2 months
|
197083 |
10-Sep-2009 |
emax |
Get those pesky RFCOMM RPM data bits right. This is likely a noop.
MFC after: 1 month
|
196481 |
23-Aug-2009 |
rwatson |
Rework global locks for interface list and index management, correcting several critical bugs, including race conditions and lock order issues:
Replace the single rwlock, ifnet_lock, with two locks, an rwlock and an sxlock. Either can be held to stablize the lists and indexes, but both are required to write. This allows the list to be held stable in both network interrupt contexts and sleepable user threads across sleeping memory allocations or device driver interactions. As before, writes to the interface list must occur from sleepable contexts.
Reviewed by: bz, julian MFC after: 3 days
|
196219 |
14-Aug-2009 |
jhb |
Purge mergeinfo from files that were temporarily renamed while USB2 was imported into the tree alongside USB.
Approved by: re (mergeinfo blanket)
|
196019 |
01-Aug-2009 |
rwatson |
Merge the remainder of kern_vimage.c and vimage.h into vnet.c and vnet.h, we now use jails (rather than vimages) as the abstraction for virtualization management, and what remained was specific to virtual network stacks. Minor cleanups are done in the process, and comments updated to reflect these changes.
Reviewed by: bz Approved by: re (vimage blanket)
|
195837 |
23-Jul-2009 |
rwatson |
Introduce and use a sysinit-based initialization scheme for virtual network stacks, VNET_SYSINIT:
- Add VNET_SYSINIT and VNET_SYSUNINIT macros to declare events that will occur each time a network stack is instantiated and destroyed. In the !VIMAGE case, these are simply mapped into regular SYSINIT/SYSUNINIT. For the VIMAGE case, we instead use SYSINIT's to track their order and properties on registration, using them for each vnet when created/ destroyed, or immediately on module load for already-started vnets. - Remove vnet_modinfo mechanism that existed to serve this purpose previously, as well as its dependency scheme: we now just use the SYSINIT ordering scheme. - Implement VNET_DOMAIN_SET() to allow protocol domains to declare that they want init functions to be called for each virtual network stack rather than just once at boot, compiling down to DOMAIN_SET() in the non-VIMAGE case. - Walk all virtualized kernel subsystems and make use of these instead of modinfo or DOMAIN_SET() for init/uninit events. In some cases, convert modular components from using modevent to using sysinit (where appropriate). In some cases, do minor rejuggling of SYSINIT ordering to make room for or better manage events.
Portions submitted by: jhb (VNET_SYSINIT), bz (cleanup) Discussed with: jhb, bz, julian, zec Reviewed by: bz Approved by: re (VIMAGE blanket)
|
195760 |
19-Jul-2009 |
rwatson |
Reimplement and/or implement vnet list locking by replacing a mostly unused custom mutex/condvar-based sleep locks with two locks: an rwlock (for non-sleeping use) and sxlock (for sleeping use). Either acquired for read is sufficient to stabilize the vnet list, but both must be acquired for write to modify the list.
Replace previous no-op read locking macros, used in various places in the stack, with actual locking to prevent race conditions. Callers must declare when they may perform unbounded sleeps or not when selecting how to lock.
Refactor vnet sysinits so that the vnet list and locks are initialized before kernel modules are linked, as the kernel linker will use them for modules loaded by the boot loader.
Update various consumers of these KPIs based on whether they may sleep or not.
Reviewed by: bz Approved by: re (kib)
|
195727 |
16-Jul-2009 |
rwatson |
Remove unused VNET_SET() and related macros; only VNET_GET() is ever actually used. Rename VNET_GET() to VNET() to shorten variable references.
Discussed with: bz, julian Reviewed by: bz Approved by: re (kensmith, kib)
|
195699 |
14-Jul-2009 |
rwatson |
Build on Jeff Roberson's linker-set based dynamic per-CPU allocator (DPCPU), as suggested by Peter Wemm, and implement a new per-virtual network stack memory allocator. Modify vnet to use the allocator instead of monolithic global container structures (vinet, ...). This change solves many binary compatibility problems associated with VIMAGE, and restores ELF symbols for virtualized global variables.
Each virtualized global variable exists as a "reference copy", and also once per virtual network stack. Virtualized global variables are tagged at compile-time, placing the in a special linker set, which is loaded into a contiguous region of kernel memory. Virtualized global variables in the base kernel are linked as normal, but those in modules are copied and relocated to a reserved portion of the kernel's vnet region with the help of a the kernel linker.
Virtualized global variables exist in per-vnet memory set up when the network stack instance is created, and are initialized statically from the reference copy. Run-time access occurs via an accessor macro, which converts from the current vnet and requested symbol to a per-vnet address. When "options VIMAGE" is not compiled into the kernel, normal global ELF symbols will be used instead and indirection is avoided.
This change restores static initialization for network stack global variables, restores support for non-global symbols and types, eliminates the need for many subsystem constructors, eliminates large per-subsystem structures that caused many binary compatibility issues both for monitoring applications (netstat) and kernel modules, removes the per-function INIT_VNET_*() macros throughout the stack, eliminates the need for vnet_symmap ksym(2) munging, and eliminates duplicate definitions of virtualized globals under VIMAGE_GLOBALS.
Bump __FreeBSD_version and update UPDATING.
Portions submitted by: bz Reviewed by: bz, zec Discussed with: gnn, jamie, jeff, jhb, julian, sam Suggested by: peter Approved by: re (kensmith)
|
195231 |
01-Jul-2009 |
mav |
Fix infinite loop in ng_iface, that happens when packet passes out via two different ng interfaces sequentially due to tunnelling.
PR: kern/134557 Submitted by: Mikolaj Golub Approved by: re (kensmith) MFC after: 3 days
|
195148 |
28-Jun-2009 |
stas |
- Turn the third (islocked) argument of the knote call into flags parameter. Introduce the new flag KNF_NOKQLOCK to allow event callers to be called without KQ_LOCK mtx held. - Modify VFS knote calls to always use KNF_NOKQLOCK flag. This is required for ZFS as its getattr implementation may sleep.
Approved by: re (rwatson) Reviewed by: kib MFC after: 2 weeks
|
195049 |
26-Jun-2009 |
rwatson |
Use if_maddr_rlock()/if_maddr_runlock() rather than IF_ADDR_LOCK()/ IF_ADDR_UNLOCK() across network device drivers when accessing the per-interface multicast address list, if_multiaddrs. This will allow us to change the locking strategy without affecting our driver programming interface or binary interface.
For two wireless drivers, remove unnecessary locking, since they don't actually access the multicast address list.
Approved by: re (kib) MFC after: 6 weeks
|
195024 |
26-Jun-2009 |
rwatson |
Update Netgraph nodes to use if_addr_rlock()/if_addr_runlock() instead of IF_ADDR_LOCK()/IF_ADDR_UNLOCK() when iterating ifp->if_addrhead.
MFC after: 6 weeks
|
194825 |
24-Jun-2009 |
rdivacky |
Use proper form of gnu designated initalizers. This lets clang compile this files.
Approved by: ed (mentor) Silence from: harti (maintainer?)
|
194739 |
23-Jun-2009 |
bz |
After cleaning up rt_tables from vnet.h and cleaning up opt_route.h a lot of files no longer need route.h either. Garbage collect them. While here remove now unneeded vnet.h #includes as well.
|
194699 |
23-Jun-2009 |
mav |
Mark ng_ether node hooks as HI_STACK. It is usually the last point when netgraph may unroll the call stack, and I have found that in some cases 2K guarantied there for i386 may be not enough for NIC driver and BPF.
|
194682 |
23-Jun-2009 |
thompsa |
Fix a typeo in the frame len function to unbreak the build, make it shorter while I am here.
|
194677 |
23-Jun-2009 |
thompsa |
- Make struct usb_xfer opaque so that drivers can not access the internals - Reduce the number of headers needed for a usb driver, the common case is just usb.h and usbdi.h
|
194228 |
15-Jun-2009 |
thompsa |
s/usb2_/usb_|usbd_/ on all function names for the USB stack.
|
194051 |
12-Jun-2009 |
zec |
Assign ng_eiface nodes a netgraph name on instantiation, in a way which is consistent with the current behavior of ng_iface, i.e. borrow the same naming code from ng_iface.c.
Approved by: julian (mentor)
|
194012 |
11-Jun-2009 |
zec |
Introduce a mechanism for detecting calls from outbound path of the network stack when reentering the inbound path from netgraph, and force queueing of mbufs at the outbound netgraph node.
The mechanism relies on two components. First, in netgraph nodes where outbound path of the network stack calls into netgraph, the current thread has to be appropriately marked using the new NG_OUTBOUND_THREAD_REF() macro before proceeding to call further into the netgraph topology, and unmarked using the NG_OUTBOUND_THREAD_UNREF() macro before returning to the caller. Second, netgraph nodes which can potentially reenter the network stack in the inbound path have to mark their inbound hooks using NG_HOOK_SET_TO_INBOUND() macro. The netgraph framework will then detect when there is a danger of a call graph looping back from outbound to inbound path via netgraph, and defer handing off the mbufs to the "inbound" node to a worker thread with a clean stack.
In this first pass only the most obvious netgraph nodes have been updated to ensure no outbound to inbound calls can occur. Nodes such as ng_ipfw, ng_gif etc. should be further examined whether a potential for outbound to inbound call looping exists.
This commit changes the layout of struct thread, but due to __FreeBSD_version number shortage a version bump has been omitted at this time, nevertheless kernel and modules have to be rebuilt.
Reviewed by: julian, rwatson, bz Approved by: julian (mentor)
|
193859 |
09-Jun-2009 |
oleg |
Close long existed race with net.inet.ip.fw.one_pass = 0: If packet leaves ipfw to other kernel subsystem (dummynet, netgraph, etc) it carries pointer to matching ipfw rule. If this packet then reinjected back to ipfw, ruleset processing starts from that rule. If rule was deleted meanwhile, due to existed race condition panic was possible (as well as other odd effects like parsing rules in 'reap list').
P.S. this commit changes ABI so userland ipfw related binaries should be recompiled.
MFC after: 1 month Tested by: Mikolaj Golub
|
193812 |
09-Jun-2009 |
imp |
World now builds without these defines, so eliminate them.
Approved by: julian@
|
193744 |
08-Jun-2009 |
bz |
After r193232 rt_tables in vnet.h are no longer indirectly dependent on the ROUTETABLES kernel option thus there is no need to include opt_route.h anymore in all consumers of vnet.h and no longer depend on it for module builds.
Remove the hidden include in flowtable.h as well and leave the two explicit #includes in ip_input.c and ip_output.c.
|
193731 |
08-Jun-2009 |
zec |
Introduce an infrastructure for dismantling vnet instances.
Vnet modules and protocol domains may now register destructor functions to clean up and release per-module state. The destructor mechanisms can be triggered by invoking "vimage -d", or a future equivalent command which will be provided via the new jail framework.
While this patch introduces numerous placeholder destructor functions, many of those are currently incomplete, thus leaking memory or (even worse) failing to stop all running timers. Many of such issues are already known and will be incrementaly fixed over the next weeks in smaller incremental commits.
Apart from introducing new fields in structs ifnet, domain, protosw and vnet_net, which requires the kernel and modules to be rebuilt, this change should have no impact on nooptions VIMAGE builds, since vnet destructors can only be called in VIMAGE kernels. Moreover, destructor functions should be in general compiled in only in options VIMAGE builds, except for kernel modules which can be safely kldunloaded at run time.
Bump __FreeBSD_version to 800097. Reviewed by: bz, julian Approved by: rwatson, kib (re), julian (mentor)
|
193272 |
01-Jun-2009 |
jhb |
Rework socket upcalls to close some races with setup/teardown of upcalls. - Each socket upcall is now invoked with the appropriate socket buffer locked. It is not permissible to call soisconnected() with this lock held; however, so socket upcalls now return an integer value. The two possible values are SU_OK and SU_ISCONNECTED. If an upcall returns SU_ISCONNECTED, then the soisconnected() will be invoked on the socket after the socket buffer lock is dropped. - A new API is provided for setting and clearing socket upcalls. The API consists of soupcall_set() and soupcall_clear(). - To simplify locking, each socket buffer now has a separate upcall. - When a socket upcall returns SU_ISCONNECTED, the upcall is cleared from the receive socket buffer automatically. Note that a SO_SND upcall should never return SU_ISCONNECTED. - All this means that accept filters should now return SU_ISCONNECTED instead of calling soisconnected() directly. They also no longer need to explicitly clear the upcall on the new socket. - The HTTP accept filter still uses soupcall_set() to manage its internal state machine, but other accept filters no longer have any explicit knowlege of socket upcall internals aside from their return value. - The various RPC client upcalls currently drop the socket buffer lock while invoking soreceive() as a temporary band-aid. The plan for the future is to add a new flag to allow soreceive() to be called with the socket buffer locked. - The AIO callback for socket I/O is now also invoked with the socket buffer locked. Previously sowakeup() would drop the socket buffer lock only to call aio_swake() which immediately re-acquired the socket buffer lock for the duration of the function call.
Discussed with: rwatson, rmacklem
|
193045 |
29-May-2009 |
thompsa |
s/usb2_/usb_/ on all typedefs for the USB stack.
|
192984 |
28-May-2009 |
thompsa |
s/usb2_/usb_/ on all C structs for the USB stack.
|
192909 |
27-May-2009 |
thompsa |
Hook ubt and ubtbcmfw back up to the build.
|
192907 |
27-May-2009 |
thompsa |
move ng_ubt_var.h back to its original place
|
192906 |
27-May-2009 |
thompsa |
move ng_ubt.c back to its original place
|
192905 |
27-May-2009 |
thompsa |
move ubtbcmfw.c back to its original place
|
192903 |
27-May-2009 |
thompsa |
Delete the bluetooth drivers for the old usb stack.
|
192032 |
13-May-2009 |
mav |
Fix copy-paste bug in NGM_NETFLOW_SETCONFIG argument size verification.
PR: kern/134220 Submitted by: Eugene Mychlo MFC after: 1 week
|
191827 |
05-May-2009 |
zec |
Unbreak LINT build, caused by a change in struct ng_node layout introduced with r191816, which become uncovered only with NETGRAPH_DEBUG defined.
NOT approved by mentor (julian) due to emergency.
|
191816 |
05-May-2009 |
zec |
Change the curvnet variable from a global const struct vnet *, previously always pointing to the default vnet context, to a dynamically changing thread-local one. The currvnet context should be set on entry to networking code via CURVNET_SET() macros, and reverted to previous state via CURVNET_RESTORE(). Recursions on curvnet are permitted, though strongly discuouraged.
This change should have no functional impact on nooptions VIMAGE kernel builds, where CURVNET_* macros expand to whitespace.
The curthread->td_vnet (aka curvnet) variable's purpose is to be an indicator of the vnet context in which the current network-related operation takes place, in case we cannot deduce the current vnet context from any other source, such as by looking at mbuf's m->m_pkthdr.rcvif->if_vnet, sockets's so->so_vnet etc. Moreover, so far curvnet has turned out to be an invaluable consistency checking aid: it helps to catch cases when sockets, ifnets or any other vnet-aware structures may have leaked from one vnet to another.
The exact placement of the CURVNET_SET() / CURVNET_RESTORE() macros was a result of an empirical iterative process, whith an aim to reduce recursions on CURVNET_SET() to a minimum, while still reducing the scope of CURVNET_SET() to networking only operations - the alternative would be calling CURVNET_SET() on each system call entry. In general, curvnet has to be set in three typicall cases: when processing socket-related requests from userspace or from within the kernel; when processing inbound traffic flowing from device drivers to upper layers of the networking stack, and when executing timer-driven networking functions.
This change also introduces a DDB subcommand to show the list of all vnet instances.
Approved by: julian (mentor)
|
191510 |
26-Apr-2009 |
zec |
In preparation to make options VIMAGE operational, where needed, initialize / release netgraph related state in iattach() / idetach() functions called via the vnet module registration / initialization framework, instead of initialization / cleanups being done in mod_event handlers.
While here, introduce a crude hack aimed at preventing ng_ether to autoattach to ng_eiface ifnets, which are also netgraph nodes already.
Reviewed by: bz Approved by: julian (mentor)
|
191284 |
19-Apr-2009 |
rwatson |
Lock the interface address list while building replies to NGM_CISCO_COOKIE messages in ng_iface.
MFC after: 2 weeks
|
191283 |
19-Apr-2009 |
rwatson |
Lock interface address list when building a reply to NGM_EIFACE_GET_IFADDRS messages in ng_eiface.
MFC after: 2 weeks
|
191226 |
17-Apr-2009 |
ed |
Switch ubtbcmfw(4) to use si_drv1 instead of storing the unit number.
The unit number is still used to store the type of the device node.
Approved by: emax
|
191148 |
16-Apr-2009 |
kmacy |
Change if_output to take a struct route as its fourth argument in order to allow passing a cached struct llentry * down to L2
Reviewed by: rwatson
|
189315 |
03-Mar-2009 |
ed |
Make Netgraph compile with Clang.
Clang disallows structs with variable length arrays to be nested inside other structs, because this is in violation with ISO C99. Even though we can keep bugging the LLVM folks about this issue, we'd better just fix our code to not do this. This code seems to be the only code in the entire source tree that does this.
I haven't tested this patch by using the kernel modules in question, but Diane Bruce and I have compared disassembled versions of these kernel modules. We would have expected them to be exactly the same, but due to randomness in the register allocator and reordering of instructions, there were some minor differences.
Approved by: julian
|
189170 |
28-Feb-2009 |
ed |
Add memmove() to the kernel, making the kernel compile with Clang.
When copying big structures, LLVM generates calls to memmove(), because it may not be able to figure out whether structures overlap. This caused linker errors to occur. memmove() is now implemented using bcopy(). Ideally it would be the other way around, but that can be solved in the future. On ARM we don't do add anything, because it already has memmove().
Discussed on: arch@ Reviewed by: rdivacky
|
189106 |
27-Feb-2009 |
bz |
For all files including net/vnet.h directly include opt_route.h and net/route.h.
Remove the hidden include of opt_route.h and net/route.h from net/vnet.h.
We need to make sure that both opt_route.h and net/route.h are included before net/vnet.h because of the way MRT figures out the number of FIBs from the kernel option. If we do not, we end up with the default number of 1 when including net/vnet.h and array sizes are wrong.
This does not change the list of files which depend on opt_route.h but we can identify them now more easily.
|
188452 |
10-Feb-2009 |
emax |
Update comment. soalloc() is no longer performing M_WAITOK memory allocations.
Submitted by: ru MFC after: 3 days
|
188132 |
04-Feb-2009 |
emax |
Allow unprivileged users to run l2ping(8).
MFC after: 1 month
|
187495 |
20-Jan-2009 |
mav |
Check for infinite recursion possible on some broken PPTP/L2TP/... VPN setups. Mark packets with mbuf_tag on first interface passage and drop on second.
PR: ports/129625, ports/125303, MFC after: 2 weeks
|
187454 |
19-Jan-2009 |
emax |
Properly return error code to the caller. This should fix the following panic in ng_l2cap(4).
panic: ng_l2cap_l2ca_con_req: ubt0l2cap - could not find connection!
While i'm here get rid of few goto's.
MFC after: 1 week
|
187410 |
18-Jan-2009 |
mav |
If source mbuf chain consists of only one mbuf, use it directly as source buffer to avoid extra copying.
|
187405 |
18-Jan-2009 |
mav |
Use m_unshare()+m_copyback() instead of m_freem()+m_devget() to keep original mbuf chain headers. It can be less efficient in some cases, but it looks better then mess of copying headers into the nonempty chain.
|
187387 |
18-Jan-2009 |
mav |
Remove strict limitation on minimal multilink MRRU. RFC claims that MRRU of 1500 must be supported, but allows smaller values to be negotiated. Enforce specified MRRU for outgoing frames.
MFC after: 2 weeks
|
186907 |
08-Jan-2009 |
mav |
Mark ng_vjc node as FORCE_WRITER to protect slcompress state. I think it can be the reason of livelock in netgraph reported by some mpd users.
MFC after: 3 days
|
186488 |
25-Dec-2008 |
julian |
shave about 7% off the overhead of ng_ether by using per-hook receive data methods.
|
186481 |
25-Dec-2008 |
julian |
Add a trivial node to reflect ethernet frames to whence they came.
MFC after: 1 month
|
186466 |
24-Dec-2008 |
emax |
Change message severity level from WARN to INFO. This should reduce amount of messages sent to syslog
MFC after: 1 week
|
186189 |
16-Dec-2008 |
mav |
Unroll two loops of SHA1Update(). 60 bytes of static memory is not a price.
|
186119 |
15-Dec-2008 |
qingli |
This main goals of this project are: 1. separating L2 tables (ARP, NDP) from the L3 routing tables 2. removing as much locking dependencies among these layers as possible to allow for some parallelism in the search operations 3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route cloning (RTF_CLONING) concept, which translated into code reduction in both IPv4 ARP and IPv6 NDP related modules, and size reduction in struct rtentry{}. The change in design obsoletes the semantics of RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland applications such as "arp" and "ndp" have been modified to reflect those changes. The output from "netstat -r" shows only the routing entries.
Quite a few developers have contributed to this project in the past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing the last piece of the puzzle, Kip has also been conducting active functional testing - Sam Leffler has helped me improving/refactoring the code, and provided valuable reviews - Julian Elischer setup the perforce tree for me and has helped me maintaining that branch before the svn conversion
|
186093 |
14-Dec-2008 |
mav |
To avoid one doubtless netgraph SMP scalability limitation point, switch node queues processing from single swi:net thread to several specialized threads.
Reviewed by: julian Tested with: Netperf Cluster
|
186060 |
13-Dec-2008 |
mav |
Revert rev. 183277:
Remove ng_rmnode_flags() function. ng_rmnode_self() was made to be called only while having node locked. When node is properly locked, any function call sent to it will always be queued. So turning ng_rmnode_self() into the ng_rmnode_flags() is not just meaningless, but incorrent, as it violates node locking when called outside.
No objections: julian, thompsa
|
186059 |
13-Dec-2008 |
mav |
Remove node shutdown on tty close. This could be easily done by user-level while it's present implementation with ng_rmnode_flags() is at least incorrect.
|
186056 |
13-Dec-2008 |
mav |
Change ttyhook_register() second argument from thread to process pointer. Thread was not really needed there, while previous ng_tty implementation that used thread pointer had locking issues (using sx while holding mutex).
|
185895 |
10-Dec-2008 |
zec |
Conditionally compile out V_ globals while instantiating the appropriate container structures, depending on VIMAGE_GLOBALS compile time option.
Make VIMAGE_GLOBALS a new compile-time option, which by default will not be defined, resulting in instatiations of global variables selected for V_irtualization (enclosed in #ifdef VIMAGE_GLOBALS blocks) to be effectively compiled out. Instantiate new global container structures to hold V_irtualized variables: vnet_net_0, vnet_inet_0, vnet_inet6_0, vnet_ipsec_0, vnet_netgraph_0, and vnet_gif_0.
Update the VSYM() macro so that depending on VIMAGE_GLOBALS the V_ macros resolve either to the original globals, or to fields inside container structures, i.e. effectively
#ifdef VIMAGE_GLOBALS #define V_rt_tables rt_tables #else #define V_rt_tables vnet_net_0._rt_tables #endif
Update SYSCTL_V_*() macros to operate either on globals or on fields inside container structs.
Extend the internal kldsym() lookups with the ability to resolve selected fields inside the virtualization container structs. This applies only to the fields which are explicitly registered for kldsym() visibility via VNET_MOD_DECLARE() and vnet_mod_register(), currently this is done only in sys/net/if.c.
Fix a few broken instances of MODULE_GLOBAL() macro use in SCTP code, and modify the MODULE_GLOBAL() macro to resolve to V_ macros, which in turn result in proper code being generated depending on VIMAGE_GLOBALS.
De-virtualize local static variables in sys/contrib/pf/net/pf_subr.c which were prematurely V_irtualized by automated V_ prepending scripts during earlier merging steps. PF virtualization will be done separately, most probably after next PF import.
Convert a few variable initializations at instantiation to initialization in init functions, most notably in ipfw. Also convert TUNABLE_INT() initializers for V_ variables to TUNABLE_FETCH_INT() in initializer functions.
Discussed at: devsummit Strassburg Reviewed by: bz, julian Approved by: julian (mentor) Obtained from: //depot/projects/vimage-commit2/... X-MFC after: never Sponsored by: NLnet Foundation, The FreeBSD Foundation
|
185723 |
06-Dec-2008 |
mav |
Carefully handle memory errors to keep peers compression/encryption state consistent. There are some cases reported where peers fatally getting out of sync without any visible reason. I hope this solve the problem.
|
185571 |
02-Dec-2008 |
bz |
Rather than using hidden includes (with cicular dependencies), directly include only the header files needed. This reduces the unneeded spamming of various headers into lots of files.
For now, this leaves us with very few modules including vnet.h and thus needing to depend on opt_route.h.
Reviewed by: brooks, gnn, des, zec, imp Sponsored by: The FreeBSD Foundation
|
185419 |
28-Nov-2008 |
zec |
Unhide declarations of network stack virtualization structs from underneath #ifdef VIMAGE blocks.
This change introduces some churn in #include ordering and nesting throughout the network stack and drivers but is not expected to cause any additional issues.
In the next step this will allow us to instantiate the virtualization container structures and switch from using global variables to their "containerized" counterparts.
Reviewed by: bz, julian Approved by: julian (mentor) Obtained from: //depot/projects/vimage-commit2/... X-MFC after: never Sponsored by: NLnet Foundation, The FreeBSD Foundation
|
185183 |
22-Nov-2008 |
mav |
Remove unused variable.
Found with: Coverity Prevent(tm) CID: 3682
|
185182 |
22-Nov-2008 |
mav |
Fix typo. Clear session stats instead of config and part of stats.
Found with: Coverity Prevent(tm) CID: 2472
|
185179 |
22-Nov-2008 |
mav |
Remove unneeded NULL check. At first msg can't be null here and and at second NG_FREE_MSG() also checks it.
Found with: Coverity Prevent(tm)
|
185164 |
22-Nov-2008 |
kmacy |
convert calls to IFQ_HANDOFF to if_transmit
|
184762 |
08-Nov-2008 |
mav |
Don't use curthread to resolve file descriptor. Request may be queued, so thread will be different. Instead require sender to send process ID together with file descriptor.
|
184760 |
08-Nov-2008 |
mav |
Assign new cookie to the node to reflect API change. All applications will have to be adapted and rebuilt.
|
184752 |
07-Nov-2008 |
mav |
Don't assign completely meaningless name to the node on creation. As soon as node is created from the netgraph side now, it can be found without using this. Allow application to assign whatever name it want later.
|
184214 |
23-Oct-2008 |
des |
Fix a number of style issues in the MALLOC / FREE commit. I've tried to be careful not to fix anything that was already broken; the NFSv4 code is particularly bad in this respect.
|
184205 |
23-Oct-2008 |
des |
Retire the MALLOC and FREE macros. They are an abomination unto style(9).
MFC after: 3 months
|
183693 |
08-Oct-2008 |
mav |
Add ability to generate egress netflow instead or in addition to ingress. Use mbuf tagging for accounted packets to not account packets twice when both ingress and egress netflow enabled. To keep compatibility new "setconfig" message added to control new functionality. By default node works as before, doing only ingress accounting without using mbuf tags.
Reviewed by: glebius
|
183576 |
03-Oct-2008 |
emax |
Abort transfers on all pipes before closing them. This fixes the crash when Bluetooth USB device is pulled out without stopping the stack first.
Submitted by: Vladimir Grebenschikov vova at fbsd dot ru MFC after: 1 week
|
183562 |
03-Oct-2008 |
thompsa |
Update ng_tty for MPSAFE TTY.
This changes from a line discipline to the tty_hooks mechanism. Data will come in directly via rint_bypass and sent to the peer node in a single mbuf.
As line disciplines are no longer used a new netgraph command called NGM_TTY_SET_TTY is used to attach the tty. This takes a pointer to to the open file descriptor of the tty and registers the tty hooks. When the tty disappears the node will shutdown.
Thanks to: ed Sponsored by: Hobnob, Inc
|
183550 |
02-Oct-2008 |
zec |
Step 1.5 of importing the network stack virtualization infrastructure from the vimage project, as per plan established at devsummit 08/08: http://wiki.freebsd.org/Image/Notes200808DevSummit
Introduce INIT_VNET_*() initializer macros, VNET_FOREACH() iterator macros, and CURVNET_SET() context setting macros, all currently resolving to NOPs.
Prepare for virtualization of selected SYSCTL objects by introducing a family of SYSCTL_V_*() macros, currently resolving to their global counterparts, i.e. SYSCTL_V_INT() == SYSCTL_INT().
Move selected #defines from sys/sys/vimage.h to newly introduced header files specific to virtualized subsystems (sys/net/vnet.h, sys/netinet/vinet.h etc.).
All the changes are verified to have zero functional impact at this point in time by doing MD5 comparision between pre- and post-change object files(*).
(*) netipsec/keysock.c did not validate depending on compile time options.
Implemented by: julian, bz, brooks, zec Reviewed by: julian, bz, brooks, kris, rwatson, ... Approved by: julian (mentor) Obtained from: //depot/projects/vimage-commit2/... X-MFC after: never Sponsored by: NLnet Foundation, The FreeBSD Foundation
|
183397 |
27-Sep-2008 |
ed |
Replace all calls to minor() with dev2unit().
After I removed all the unit2minor()/minor2unit() calls from the kernel yesterday, I realised calling minor() everywhere is quite confusing. Character devices now only have the ability to store a unit number, not a minor number. Remove the confusion by using dev2unit() everywhere.
This commit could also be considered as a bug fix. A lot of drivers call minor(), while they should actually be calling dev2unit(). In -CURRENT this isn't a problem, but it turns out we never had any problem reports related to that issue in the past. I suspect not many people connect more than 256 pieces of the same hardware.
Reviewed by: kib
|
183381 |
26-Sep-2008 |
ed |
Remove unit2minor() use from kernel code.
When I changed kern_conf.c three months ago I made device unit numbers equal to (unneeded) device minor numbers. We used to require bitshifting, because there were eight bits in the middle that were reserved for a device major number. Not very long after I turned dev2unit(), minor(), unit2minor() and minor2unit() into macro's. The unit2minor() and minor2unit() macro's were no-ops.
We'd better not remove these four macro's from the kernel, because there is a lot of (external) code that may still depend on them. For now it's harmless to remove all invocations of unit2minor() and minor2unit().
Reviewed by: kib
|
183277 |
22-Sep-2008 |
thompsa |
Add ng_rmnode_flags() so the caller can pass NG_QUEUE and have the node destroyed asynchronously due to locking or other constraints.
Reviewed by: julian
|
183225 |
21-Sep-2008 |
zec |
Fix error message content.
Approved by: julian (mentor) MFC after: 3 days
|
182995 |
13-Sep-2008 |
mav |
We can't implicitly trust the hook on NGQF_FN/NGQF_FN2 processing in ng_apply_item(). There are possible (and I have got one) use-after-free class panics because of it.
If hook is specified, require it to be valid at the apply time. The only exceptions are the internal ng_con_part2(), ng_con_part3() and ng_rmhook_part2() functions which are specially made to work with invalid hooks.
|
182734 |
03-Sep-2008 |
julian |
Add Marko's pipe node. This allows one to do flow modulation similar to dummynet between arbitrary nodes.
|
182447 |
29-Aug-2008 |
jkim |
Make sure BPF program is not bigger than set maximum (net.bpf.maxinsns).
|
181887 |
20-Aug-2008 |
julian |
A bunch of formatting fixes brough to light by, or created by the Vimage commit a few days ago.
|
181803 |
17-Aug-2008 |
bz |
Commit step 1 of the vimage project, (network stack) virtualization work done by Marko Zec (zec@).
This is the first in a series of commits over the course of the next few weeks.
Mark all uses of global variables to be virtualized with a V_ prefix. Use macros to map them back to their global names for now, so this is a NOP change only.
We hope to have caught at least 85-90% of what is needed so we do not invalidate a lot of outstanding patches again.
Obtained from: //depot/projects/vimage-commit2/... Reviewed by: brooks, des, ed, mav, julian, jamie, kris, rwatson, zec, ... (various people I forgot, different versions) md5 (with a bit of help) Sponsored by: NLnet Foundation, The FreeBSD Foundation X-MFC after: never V_Commit_Message_Reviewed_By: more people than the patch
|
181093 |
01-Aug-2008 |
emax |
Implement ratelimiting for debug messages. For now, allow at most one message per second. In the future might add a sysctl knob for each socket family to fine tune this.
MFC after: 1 week
|
181089 |
01-Aug-2008 |
emax |
Increase maximum input queue size limit for raw Bluetooth HCI sockets.
MFC after: 3 days
|
181088 |
01-Aug-2008 |
emax |
Fix locking bug, i.e. lock "wildcard" matched pcb before return.
|
181033 |
30-Jul-2008 |
emax |
Introduce support for Bluetooth SCO sockets. This is based on older code that was revisted.
MFC after: 3 months
|
180945 |
29-Jul-2008 |
emax |
Simplify ubt_isoc_in_complete2(). Also should fix off by 1 bug.
MFC after: 3 months
|
180943 |
28-Jul-2008 |
mav |
Don't use memcpy() to copy several bytes. Store IDs is host order. It is not so important to bloat code for it. Combine m_adj() and M_PREPEND() into single M_PREPEND().
|
180508 |
14-Jul-2008 |
trhodes |
Fill in the string portion of the bluetooth stack version sysctl.
Approved by: emax
|
180452 |
11-Jul-2008 |
emax |
Dust off old code for support of USB isochronous transfers. USB isochronous transfer support is required for Bluetooth SCO. While i'm here change u_int to uint and update TODO. This should produce no visible changes unless the device is broken (or really old).
MFC after: 3 months
|
180399 |
10-Jul-2008 |
emax |
Get in some basic infrastructure for Bluetooth SCO support.
MFC after: 3 months
|
180372 |
08-Jul-2008 |
gonzo |
Back out r180370. It was not discussed with subsystem maintainers.
|
180370 |
08-Jul-2008 |
gonzo |
Queue decapsulated packed instead of performing direct dispatch. Some execution pathes might hit stack limit under certain circumstances (e.g. ng_mppc).
PR: kern/125314 Reported by: Illya Klymov <ilia dot klimov at gmail dot com>
|
180239 |
04-Jul-2008 |
rwatson |
Remove NETISR_MPSAFE, which allows specific netisr handlers to be directly dispatched without Giant, and add NETISR_FORCEQUEUE, which allows specific netisr handlers to always be dispatched via a queue (deferred). Mark the usb and if_ppp netisr handlers as NETISR_FORCEQUEUE, and explicitly acquire Giant in those handlers.
Previously, any netisr handler not marked NETISR_MPSAFE would necessarily run deferred and with Giant acquired. This change removes Giant scaffolding from the netisr infrastructure, but NETISR_FORCEQUEUE allows non-MPSAFE handlers to continue to force deferred dispatch so as to avoid lock order reversals between their acqusition of Giant and any calling context.
It is likely we will be able to remove NETISR_FORCEQUEUE once IFF_NEEDSGIANT is removed, as non-MPSAFE usb and if_ppp drivers will no longer be supported.
Reviewed by: bz MFC after: 1 month X-MFC note: We can't remove NETISR_MPSAFE from stable/7 for KPI reasons, but the rest can go back.
|
179973 |
24-Jun-2008 |
gnn |
Make it simpler to build netgraph modules outside of the kernel source tree. This change follows similar ones in the device tree.
MFC after: 2 weeks
|
179477 |
01-Jun-2008 |
mav |
Pass really available buffer size to libalias instead of MCLBYTES constant. MCLBYTES constant were used with believe that m_megapullup() always moves date into a fresh cluster that may become not so.
|
179308 |
25-May-2008 |
rwatson |
Remove netatm from HEAD as it is not MPSAFE and relies on the now removed NET_NEEDS_GIANT. netatm has been disconnected from the build for ten months in HEAD/RELENG_7. Specifics:
- netatm include files - netatm command line management tools - libatm - ATM parts in rescue and sysinstall - sample configuration files and documents - kernel support as a module or in NOTES - netgraph wrapper nodes for netatm - ctags data for netatm. - netatm-specific device drivers.
MFC after: 3 weeks Reviewed by: bz Discussed with: bms, bz, harti
|
178888 |
09-May-2008 |
julian |
Add code to allow the system to handle multiple routing tables. This particular implementation is designed to be fully backwards compatible and to be MFC-able to 7.x (and 6.x)
Currently the only protocol that can make use of the multiple tables is IPv4 Similar functionality exists in OpenBSD and Linux.
From my notes:
-----
One thing where FreeBSD has been falling behind, and which by chance I have some time to work on is "policy based routing", which allows different packet streams to be routed by more than just the destination address.
Constraints: ------------
I want to make some form of this available in the 6.x tree (and by extension 7.x) , but FreeBSD in general needs it so I might as well do it in -current and back port the portions I need.
One of the ways that this can be done is to have the ability to instantiate multiple kernel routing tables (which I will now refer to as "Forwarding Information Bases" or "FIBs" for political correctness reasons). Which FIB a particular packet uses to make the next hop decision can be decided by a number of mechanisms. The policies these mechanisms implement are the "Policies" referred to in "Policy based routing".
One of the constraints I have if I try to back port this work to 6.x is that it must be implemented as a EXTENSION to the existing ABIs in 6.x so that third party applications do not need to be recompiled in timespan of the branch.
This first version will not have some of the bells and whistles that will come with later versions. It will, for example, be limited to 16 tables in the first commit. Implementation method, Compatible version. (part 1) ------------------------------- For this reason I have implemented a "sufficient subset" of a multiple routing table solution in Perforce, and back-ported it to 6.x. (also in Perforce though not always caught up with what I have done in -current/P4). The subset allows a number of FIBs to be defined at compile time (8 is sufficient for my purposes in 6.x) and implements the changes needed to allow IPV4 to use them. I have not done the changes for ipv6 simply because I do not need it, and I do not have enough knowledge of ipv6 (e.g. neighbor discovery) needed to do it.
Other protocol families are left untouched and should there be users with proprietary protocol families, they should continue to work and be oblivious to the existence of the extra FIBs.
To understand how this is done, one must know that the current FIB code starts everything off with a single dimensional array of pointers to FIB head structures (One per protocol family), each of which in turn points to the trie of routes available to that family.
The basic change in the ABI compatible version of the change is to extent that array to be a 2 dimensional array, so that instead of protocol family X looking at rt_tables[X] for the table it needs, it looks at rt_tables[Y][X] when for all protocol families except ipv4 Y is always 0. Code that is unaware of the change always just sees the first row of the table, which of course looks just like the one dimensional array that existed before.
The entry points rtrequest(), rtalloc(), rtalloc1(), rtalloc_ign() are all maintained, but refer only to the first row of the array, so that existing callers in proprietary protocols can continue to do the "right thing". Some new entry points are added, for the exclusive use of ipv4 code called in_rtrequest(), in_rtalloc(), in_rtalloc1() and in_rtalloc_ign(), which have an extra argument which refers the code to the correct row.
In addition, there are some new entry points (currently called rtalloc_fib() and friends) that check the Address family being looked up and call either rtalloc() (and friends) if the protocol is not IPv4 forcing the action to row 0 or to the appropriate row if it IS IPv4 (and that info is available). These are for calling from code that is not specific to any particular protocol. The way these are implemented would change in the non ABI preserving code to be added later.
One feature of the first version of the code is that for ipv4, the interface routes show up automatically on all the FIBs, so that no matter what FIB you select you always have the basic direct attached hosts available to you. (rtinit() does this automatically).
You CAN delete an interface route from one FIB should you want to but by default it's there. ARP information is also available in each FIB. It's assumed that the same machine would have the same MAC address, regardless of which FIB you are using to get to it.
This brings us as to how the correct FIB is selected for an outgoing IPV4 packet.
Firstly, all packets have a FIB associated with them. if nothing has been done to change it, it will be FIB 0. The FIB is changed in the following ways.
Packets fall into one of a number of classes.
1/ locally generated packets, coming from a socket/PCB. Such packets select a FIB from a number associated with the socket/PCB. This in turn is inherited from the process, but can be changed by a socket option. The process in turn inherits it on fork. I have written a utility call setfib that acts a bit like nice..
setfib -3 ping target.example.com # will use fib 3 for ping.
It is an obvious extension to make it a property of a jail but I have not done so. It can be achieved by combining the setfib and jail commands.
2/ packets received on an interface for forwarding. By default these packets would use table 0, (or possibly a number settable in a sysctl(not yet)). but prior to routing the firewall can inspect them (see below). (possibly in the future you may be able to associate a FIB with packets received on an interface.. An ifconfig arg, but not yet.)
3/ packets inspected by a packet classifier, which can arbitrarily associate a fib with it on a packet by packet basis. A fib assigned to a packet by a packet classifier (such as ipfw) would over-ride a fib associated by a more default source. (such as cases 1 or 2).
4/ a tcp listen socket associated with a fib will generate accept sockets that are associated with that same fib.
5/ Packets generated in response to some other packet (e.g. reset or icmp packets). These should use the FIB associated with the packet being reponded to.
6/ Packets generated during encapsulation. gif, tun and other tunnel interfaces will encapsulate using the FIB that was in effect withthe proces that set up the tunnel. thus setfib 1 ifconfig gif0 [tunnel instructions] will set the fib for the tunnel to use to be fib 1.
Routing messages would be associated with their process, and thus select one FIB or another. messages from the kernel would be associated with the fib they refer to and would only be received by a routing socket associated with that fib. (not yet implemented)
In addition Netstat has been edited to be able to cope with the fact that the array is now 2 dimensional. (It looks in system memory using libkvm (!)). Old versions of netstat see only the first FIB.
In addition two sysctls are added to give: a) the number of FIBs compiled in (active) b) the default FIB of the calling process.
Early testing experience: -------------------------
Basically our (IronPort's) appliance does this functionality already using ipfw fwd but that method has some drawbacks.
For example, It can't fully simulate a routing table because it can't influence the socket's choice of local address when a connect() is done.
Testing during the generating of these changes has been remarkably smooth so far. Multiple tables have co-existed with no notable side effects, and packets have been routes accordingly.
ipfw has grown 2 new keywords:
setfib N ip from anay to any count ip from any to any fib N
In pf there seems to be a requirement to be able to give symbolic names to the fibs but I do not have that capacity. I am not sure if it is required.
SCTP has interestingly enough built in support for this, called VRFs in Cisco parlance. it will be interesting to see how that handles it when it suddenly actually does something.
Where to next: --------------------
After committing the ABI compatible version and MFCing it, I'd like to proceed in a forward direction in -current. this will result in some roto-tilling in the routing code.
Firstly: the current code's idea of having a separate tree per protocol family, all of the same format, and pointed to by the 1 dimensional array is a bit silly. Especially when one considers that there is code that makes assumptions about every protocol having the same internal structures there. Some protocols don't WANT that sort of structure. (for example the whole idea of a netmask is foreign to appletalk). This needs to be made opaque to the external code.
My suggested first change is to add routing method pointers to the 'domain' structure, along with information pointing the data. instead of having an array of pointers to uniform structures, there would be an array pointing to the 'domain' structures for each protocol address domain (protocol family), and the methods this reached would be called. The methods would have an argument that gives FIB number, but the protocol would be free to ignore it.
When the ABI can be changed it raises the possibilty of the addition of a fib entry into the "struct route". Currently, the structure contains the sockaddr of the desination, and the resulting fib entry. To make this work fully, one could add a fib number so that given an address and a fib, one can find the third element, the fib entry.
Interaction with the ARP layer/ LL layer would need to be revisited as well. Qing Li has been working on this already.
This work was sponsored by Ironport Systems/Cisco
Reviewed by: several including rwatson, bz and mlair (parts each) Obtained from: Ironport systems/Cisco
|
178311 |
19-Apr-2008 |
mav |
ng_address_hook() microoptimization. Use local variables as they should be. It helps compiller to avoid some extra memory accesses.
|
178259 |
16-Apr-2008 |
mav |
Use separate UMA zone for data items allocation. It is a partial rev. 1.149 rework. It allows to save several percents of CPU time on SMP by using UMA's internal per-CPU allocation limits instead of own global variable each time updated with atomics.
Tested with: Netperf cluster
|
178250 |
16-Apr-2008 |
kris |
Replace callout_init(..., 1) with callout_init(..., CALLOUT_MPSAFE) for better grep-compliance and to standardize with the rest of the kernel.
Reviewed by: jhb MFC after: 1 week
|
178228 |
15-Apr-2008 |
mav |
Several changes breaking netgraph module ABI collected together: - reorder structures fields (XX_refs) a bit to group fields modified same time together. According to my tests it gives up to 10% SMP performance benefit on real workload due to reduced inter-CPU cache trashing. - change q_flags from long to int as long is not really needed there and it's usage with atomics is argued by some people. - move NGF_WORKQ flag into the separate field q_flags2 as it protected by queue mutex instead of node writer protection used by the rest of flags. - move nd_work queue entry to ng_queue structure to which it is more related and make it STAILQ instead of TAILQ as now it is a classic FIFO. - remove q_node pointer from ng_queue structure as it is not really needed. - reimplement item queue using STAILQ instead of own equal implementation. As soon as BT subsystem has own item queues using ng_item.el_next update it also. - change depth field in ng_item from uintptr_t to u_int. It was made uintptr_t to keep ABI compatibility.
Reviewed by: julian, emax Tested with: Netperf cluster
|
178039 |
09-Apr-2008 |
mav |
Add memory barriers to the node locking operations. Add some comments.
|
177953 |
06-Apr-2008 |
mav |
Rewrite node's r/w/q-lock semantics using only atomics instead of mutex and atomics combination. Mutex is now used only for queue protection. Also avoid unneded extra swi scheduling calls.
|
177732 |
30-Mar-2008 |
mav |
- Account all node stats at the shape mode. - Do not check destination hook presence, it will be done by netgraph. - Use u_int instead of int in some places to simplify type conversions. - Use NG_SEND_DATA_ONLY() macro instead of selfmade equivalent.
|
177728 |
30-Mar-2008 |
mav |
Use new atomic_fetchadd() primitive instead of looping atomic_cmpset().
|
177722 |
29-Mar-2008 |
mav |
There is no need to erase hook->hk_node before freing hook.
|
177673 |
27-Mar-2008 |
mav |
Remove ng_setisr() call from ng_dequeue(). It is useless as we any way will never exit ngintr(), while there is some ready requests on the queue. It was made years ago with hope of parallel queue processing by several net threads. But even if we have several threads sometimes, we have no rights to process queue in parallel as it will break original requests serialization that is critically important for some setups.
|
177670 |
27-Mar-2008 |
mav |
Switch from timeval to bintime, to use 1/(2^20) of seconds instead of microseconds. It allows to use bit shifts instead of some heavy 64bit mul/div math operations.
|
177646 |
26-Mar-2008 |
mav |
Some minor code and math optimizations.
|
177587 |
24-Mar-2008 |
mav |
Rewrite node to support multiple hooks, alike to ng_l2tp, to use one pair of pptpgre and ksocket nodes for all calls between two peers. This patch modifies node's API by adding new "session_%04x" hook names support, while keeping backward compatibility.
Together with appropriate user-level support (by latest mpd5) it gives huge performance benefits for case of multiple active calls between two peers because of avoiding data duplication and extra socket processing. On my benchmarks I have got more then 10 times speedup for the 200 simultaneous PPTP calls between two peers. In conclusion, it allows now to build effective "clients <=> PAC <=> PNS" setups.
|
177286 |
16-Mar-2008 |
mav |
Remove impossible (hk_peer == NULL) check from ng_address_hook(). Valid hook can't have NULL peer. Even invalid one can't, as it is resets to deadhook, but not NULL.
|
177279 |
16-Mar-2008 |
mav |
Add session ID hashing to speedup incoming packets dispatch in case of many connections working via the same tunnel. For example, in case of full "client <-> LAC <-> LNS" setup.
|
177071 |
11-Mar-2008 |
mav |
Improve apply callback error reporting: Before this patch callback returned result of the last finished call chain. Now it returns last nonzero result from all call chain results in this request.
As soon as this improvement gives reliable error reporting, it is now possible to remove dirty workaround in ng_socket, made to return ENOBUFS error statuses of request-response operations. That workaround was responsible for returning ENOBUFS errors to completely unrelated requests working at the same time on socket.
|
176971 |
09-Mar-2008 |
mav |
Addition to the previous commit. Release inproc in case of memory error.
|
176962 |
08-Mar-2008 |
mav |
To avoid control data losses do not acknowledge recieving of control packet if netgraph reported error while delivering to destination. Reset 'next send' counter to the last requested by peer on ack timeout to resend all subsequest packets after lost one again without additional hints.
|
176917 |
07-Mar-2008 |
mav |
Send only one incoming notification at a time to reduce queue trashing and improve performance. Remove waitflag argument from ng_ksocket_incoming2(), it means nothing as function call was queued by netgraph. Remove node validity check, as node validity guarantied by netgraph. Update comments.
|
176849 |
05-Mar-2008 |
mav |
Increase default queue items allocation limit from 512 to 4096 items to avoid terrible unpredicted effects for netgraph operation of their exhaustion while allocating control messages. Add separate configurable 512 items limit for data items allocation for DoS/overload protection.
Discussed with: julian
|
176802 |
04-Mar-2008 |
mav |
Implement 128 items node name hash for faster name search. Increase node ID hash size from 32 to 128 items.
|
176791 |
04-Mar-2008 |
mav |
Fix incorrect field name.
|
176775 |
03-Mar-2008 |
mav |
Use more compact LIST instead of TAILQ for session hash. Add all listening hooks into LIST to simplify searches. Use ng_findhook() instead of own equal implementation.
|
176753 |
02-Mar-2008 |
mav |
Make session ID generator to use session ID hash. Make session ID generator thread-safe.
|
176706 |
01-Mar-2008 |
mav |
Add support for the libalias redirect functionality.
Submitted by: Vadim Goncharov <vadim_nuclight@mail.ru>
|
176567 |
25-Feb-2008 |
mav |
Fix incorrect constant used in rev. 1.146 that broke node writer locking.
|
176508 |
24-Feb-2008 |
mav |
Fix shutdown bug made by previous commit.
|
176085 |
07-Feb-2008 |
glebius |
Use rtalloc1() instead of rtalloc_ign(). It returns a locked rtentry. We quickly copy the fields of interest, and then RTFREE_LOCKED(). This should be faster then lock & unlock the rtentry twice.
|
176057 |
06-Feb-2008 |
mav |
Do not use bcmp() to compare two bytes with constants.
|
176046 |
06-Feb-2008 |
mav |
Cleanup and tune ng_snd_item() function as it is one of the most busy netgraph functions. Tune stack protection constants to avoid division operation.
|
175974 |
04-Feb-2008 |
mav |
Prepare hooks direct pointers on setup to avoid heavy ng_findhook() calls during operarion.
|
175954 |
03-Feb-2008 |
mav |
Move all possible node logic out of the rcvdata() function to the newhook()/disconnect(). Unify function names with other nodes.
|
175934 |
03-Feb-2008 |
mav |
Revert previous commit. glebius@ noticed that it was not a bug, but undocumented feature.
|
175889 |
02-Feb-2008 |
marck |
Fix one more grammo.
Noticed by: ru
|
175871 |
01-Feb-2008 |
marck |
Reword recent comment a bit.
|
175868 |
01-Feb-2008 |
mav |
Add comments about stack protection mechanism.
|
175867 |
01-Feb-2008 |
mav |
Tune the message for better informativity. Print the hook pointer as other functions do.
|
175866 |
01-Feb-2008 |
benno |
Band-aid recent commit by mav by replacing a variable in a CTR statement with the variable that appears as if it should've been there.
Pointy hat to: mav Not tested either by: benno
|
175865 |
31-Jan-2008 |
mav |
Implement Session-ID hashing to improve receive performance scalability for big number of concurrent sessions.
|
175850 |
31-Jan-2008 |
mav |
Some code reformat.
|
175847 |
31-Jan-2008 |
mav |
Implement stack protection based on GET_STACK_USAGE() macro. This fixes system panics possible with complicated netgraph setups and allows to avoid unneded extra queueing for stack unwrapping.
|
175776 |
28-Jan-2008 |
mav |
Avoid data copying when it is possible. bpf_filter() is able to work directly on mbuf chain.
|
175721 |
27-Jan-2008 |
mav |
Run expire even without export hook connected.
PR: kern/119839
|
175718 |
27-Jan-2008 |
mav |
Fix memory leak when export hook is not connected.
|
175717 |
27-Jan-2008 |
mav |
Remove one very strange unneded if.
|
175706 |
27-Jan-2008 |
mav |
Slightly simplify code.
|
175698 |
26-Jan-2008 |
mav |
Improve multilink receive performance by netgraph item reuse.
|
175697 |
26-Jan-2008 |
mav |
Improve multilink xmit performance by netgraph item reuse.
|
175696 |
26-Jan-2008 |
mav |
Improve multilink receive performance with fragment headers preallocation.
|
175594 |
23-Jan-2008 |
mav |
Fix bundle xmit octets stats for packet-split operation mode.
|
174988 |
30-Dec-2007 |
jeff |
Remove explicit locking of struct file. - Introduce a finit() which is used to initailize the fields of struct file in such a way that the ops vector is only valid after the data, type, and flags are valid. - Protect f_flag and f_count with atomic operations. - Remove the global list of all files and associated accounting. - Rewrite the unp garbage collection such that it no longer requires the global list of all files and instead uses a list of all unp sockets. - Mark sockets in the accept queue so we don't incorrectly gc them.
Tested by: kris, pho
|
174981 |
29-Dec-2007 |
mav |
Add support for optional "AC-Name\Service-Name" syntax at NGM_PPPOE_CONNECT argument. It allows ppp, mpd or any other node consumer to request connection to specified access concentrator.
Proposed by: Alexander A. Burylov <burylov@mail.ru>
|
174931 |
26-Dec-2007 |
mav |
Fix incorrectly placed bracket in pppoe_find_svc().
|
174929 |
26-Dec-2007 |
mav |
Remove some prehistoric never used defines.
|
174898 |
25-Dec-2007 |
rwatson |
Add a new 'why' argument to kdb_enter(), and a set of constants to use for that argument. This will allow DDB to detect the broad category of reason why the debugger has been entered, which it can use for the purposes of deciding which DDB script to run.
Assign approximate why values to all current consumers of the kdb_enter() interface.
|
174795 |
19-Dec-2007 |
mav |
Add option to set packets per second limits instead of default bits per second ones.
|
174554 |
12-Dec-2007 |
mav |
Increase control channel xmit queue to 128 packets. Previous value 16 was too small for real LAC as temporal activity spike cound easily overflow queue demanding tunnel disconnection due to possible state inconsistency.
|
174118 |
30-Nov-2007 |
julian |
Add ipv6 to ng_cisco node. ipv6 wasn't a reality when I wrote it..
Submitted by: Marko Zec
|
173605 |
14-Nov-2007 |
glebius |
- Merge all the ng_send_fn2* functions into one - ng_send_fn2(), removing some copy&pasted code. - Reduce copy and paste in ng_apply_item(). - Resurrect ng_send_fn() as a valid symbol, not a define.
Reviewed by: mav, julian
|
173231 |
31-Oct-2007 |
emax |
Fix locking issue in ng_btsocket_l2cap_ctloutput()
Submitted by: Heiko Wundram (Beenic) < wundram at beenic dot net > MFC after: 3 days
|
173151 |
29-Oct-2007 |
emax |
Allow RFCOMM servers to bind to a ''wildcard'' RFCOMM channel zero (0). Actual RFCOMM channel will be assigned after listen(2) call is done on a RFCOMM socket bound to a ''wildcard'' RFCOMM channel zero (0).
Address locking issues in ng_btsocket_rfcomm_bind()
Submitted by: Heiko Wundram (Beenic) < wundram at beenic dot net > MFC after: 1 week
|
173110 |
28-Oct-2007 |
mav |
Minor debug message fix.
|
172820 |
19-Oct-2007 |
ru |
Fix build with NETGRAPH_DEBUG.
|
172806 |
19-Oct-2007 |
mav |
Implement new apply callback mechanism to handle item forwarding. When item forwarded refence counter is incremented, when item processed, counter decremented. When counter reaches zero, apply handler is getting called. Now it allows to report right connect() call status from user-level at the right time.
|
172629 |
14-Oct-2007 |
mav |
Split ng_pppoe_rcvdata() function into three hook-specific ones to simplify code and reduce stack usage.
|
172628 |
14-Oct-2007 |
mav |
Remove ng_pppoe_sendpacket() function to simplify code as it is called as much times as it has cases inside of it.
|
172565 |
12-Oct-2007 |
mav |
Protect struct seq with mutex.
Approved by: glebius (mentor)
|
172564 |
12-Oct-2007 |
mav |
Remove one unneded assertion. It is also checked in ng_l2tp_seq_check().
Approved by: glebius (mentor)
|
172563 |
12-Oct-2007 |
mav |
Replace single rcvdata with 3 distinct to simplify code and reduce stack usage.
Approved by: mentor (glebius)
|
172562 |
12-Oct-2007 |
mav |
Remove duplicate variables.
|
172271 |
21-Sep-2007 |
mav |
Dead code removal.
Approved by: re (kensmith), glebius (mentor)
|
172270 |
21-Sep-2007 |
mav |
This is optimization of ether and debug hooks determination. It simplifies code and should speedup pppoe_findsession() function which is called for every incoming packet.
Approved by: re (kensmith), glebius (mentor)
|
172269 |
21-Sep-2007 |
mav |
This patch fixes thread unsafe usage of global pkt_hdr variable. Second part is not so important, but IMO is also good.
Approved by: re (kensmith), glebius (mentor)
|
172186 |
15-Sep-2007 |
mav |
Fix typo which brokes VJ decompression when VJC negotiated in only one direction.
Approved by: re (bmah), glebius (mentor)
|
171937 |
23-Aug-2007 |
emax |
Return EADDRNOTAVAIL instead of EDESTADDRREQ error when listen(2) is called on improperly bound socket.
Suggested by: Iain Hibbert Approved by: re (kensmith) MFC after: 3 days
|
171885 |
18-Aug-2007 |
mav |
Add ng_send_fn() error handeling inside ng_con_nodes(). Without it some errors may left unnoticed and unhandeled that will lead to hooks left in half-connected state.
Reviewed by: julian@ Approved by: re (kensmith), glebius (mentor)
|
171818 |
13-Aug-2007 |
emax |
Make ng_h4(4) MPSAFE. Use similar to ng_tty(4) locking strategy. Reconnect ng_h(4) back to the build.
Reviewed by: kensmith Approved by: re (kensmith) MFC after: 1 month
|
171744 |
06-Aug-2007 |
rwatson |
Remove the now-unused NET_{LOCK,UNLOCK,ASSERT}_GIANT() macros, which previously conditionally acquired Giant based on debug.mpsafenet. As that has now been removed, they are no longer required. Removing them significantly simplifies error-handling in the socket layer, eliminated quite a bit of unwinding of locking in error cases.
While here clean up the now unneeded opt_net.h, which previously was used for the NET_WITH_GIANT kernel option. Clean up some related gotos for consistency.
Reviewed by: bz, csjp Tested by: kris Approved by: re (kensmith)
|
171688 |
01-Aug-2007 |
mav |
Add 64bit statistic counters to the ng_ppp node. 64bit counters are needed to simplify traffic accounting and reduce system load at the big PPP concentrators.
Approved by: re (rwatson), glebius (mentor)
|
171681 |
01-Aug-2007 |
mav |
This patch improves fine-grained locking for the ng_ppp node. Till now node's transmit path was completely unprotected and so wasn't thread safe in multilink mode. It's receive path was declared as WRITER as the simpliest protection method but it reduces performance when compression or encryption enabled.
Approved by: re (rwatson), glebius (mentor)
|
171637 |
28-Jul-2007 |
rwatson |
Replace references to NET_CALLOUT_MPSAFE with CALLOUT_MPSAFE, and remove definition of NET_CALLOUT_MPSAFE, which is no longer required now that debug.mpsafenet has been removed.
The once over: bz Approved by: re (kensmith)
|
171600 |
26-Jul-2007 |
mav |
Reduce stack usage by 256 bytes per call. It helps to avoid kernel stack overflow in complicated traffic filtering setups.
There can be minor performance degradation for the MHLEN < len <= 256 case due to additional buffer allocation, but it is a rare case.
Approved by: re (rwatson), glebius (mentor) MFC after: 1 week
|
171595 |
26-Jul-2007 |
glebius |
Honor the IFF_MONITOR flag.
PR: kern/99500 Submitted by: Craig Leres <leres ee.lbl.gov> Approved by: re (kensmith)
|
171345 |
10-Jul-2007 |
emax |
Mark ng_h4(4) as not MPSAFE and disconnect it from the build for now.
Approved by: re (rwatson)
|
170999 |
23-Jun-2007 |
imp |
These modules depend on usb, make that explicit
Approved by: re@
|
170996 |
23-Jun-2007 |
mjacob |
Fix various compilation warnings for gcc-4.2.
Approved by: re (bruce)
|
170972 |
21-Jun-2007 |
emax |
Replace sosend() with direct call to .pru_send method on the L2CAP socket. This is to avoid LOR with sx(9) lock in sblock() called from sosend_generic().
Approved by: re (kensmith) MFC after: 1 week
|
170952 |
19-Jun-2007 |
delphij |
Fix build problem caused by a set of typos.
Reported by: tinderbox Approved by: re (mux)
|
170933 |
18-Jun-2007 |
imp |
Finish removing usb_port.h compat macros.
|
170662 |
13-Jun-2007 |
ru |
Remove two more instances of the USBDEV() macro.
|
170661 |
13-Jun-2007 |
mav |
Add missing ng_uncallout() on node shutdown.
Approved by: glebius (mentor)
|
170641 |
13-Jun-2007 |
emax |
Catch up with USB cleanups and fix the world
|
170617 |
12-Jun-2007 |
imp |
Eliminate usb_thread_t.
|
170612 |
12-Jun-2007 |
imp |
Expand USB_ATTACH_{ERROR,SUCCESS}_RETURN inline and eliminate from usb_port.h. They aren't needed, and are a legacy of this code's past.
|
170561 |
11-Jun-2007 |
imp |
Silence a gcc warning in a more canonical way (evl = NULL rather than &evl). I saw warnings here at one point on the arm build.
|
170456 |
09-Jun-2007 |
imp |
Expand USB_ATTACH_SETUP inline. Kill devinfo stuff.
|
170289 |
04-Jun-2007 |
dwmalone |
Despite several examples in the kernel, the third argument of sysctl_handle_int is not sizeof the int type you want to export. The type must always be an int or an unsigned int.
Remove the instances where a sizeof(variable) is passed to stop people accidently cut and pasting these examples.
In a few places this was sysctl_handle_int was being used on 64 bit types, which would truncate the value to be exported. In these cases use sysctl_handle_quad to export them and change the format to Q so that sysctl(1) can still print them.
|
170283 |
04-Jun-2007 |
mav |
No need to update link queue stats when round-robin algorithm enabled.
Approved by: glebius (mentor)
|
170180 |
01-Jun-2007 |
glebius |
Partially back out rev. 1.127, to restore broken functionality. This should be redesigned, but better enter RELENG_7 with a working ngctl(8).
Agreed by: julian
|
170035 |
27-May-2007 |
rwatson |
Universally adopt most conventional spelling of acquire.
|
169867 |
22-May-2007 |
mav |
Add support for setmode and settarget messages.
Approved by: glebius (mentor)
|
169866 |
22-May-2007 |
mav |
Allow node to bypass traffic while no alias address defined.
Approved by: glebius (mentor)
|
169678 |
18-May-2007 |
mav |
Fix build with NETGRAPH_MPPC_COMPRESSION but without NETGRAPH_MPPC_ENCRYPTION.
Approved by: glebius (mentor)
|
169677 |
18-May-2007 |
dwmalone |
Help ng_fec deal with multicast addresses.
While ng_fec called the ioctl to let interfaces in the bundle know the list of multicast addresses had changed, it never actually updated that list on the interfaces in the bundle. Consequently, the multicast filters could be programmed incorrectly.
if_lagg does this correctly, by maintaining a list of addresses that it has added to interfaces in the bundle. This commit basically takes the if_lagg code and adds it to ng_fec.
A version of this patch for RELENG_6 has fixed some problems with IPv6 ND over ng_fec. This is probably the problem in PR 107523.
PR: 107523 Tested by: Rob Gallagher <robert.gallagher@heanet.ie> Obtained from: if_lagg MFC after: 3 weeks
|
169656 |
17-May-2007 |
mav |
Fix small copy/paste mistake.
|
169602 |
16-May-2007 |
mav |
Style cleanup.
Approved by: glebius (mentor)
|
169577 |
15-May-2007 |
mav |
A node that implements various traffic shaping and rate limiting algorithms.
Approved by: glebius (mentor)
|
169474 |
11-May-2007 |
mav |
Performance optimization of the "encryption without compression" case by avoiding memory allocation and data copying. Encrypting directly at the original mbuf chain.
Approved by: glebius (mentor)
|
169462 |
11-May-2007 |
rwatson |
Reduce network stack oddness: implement .pru_sockaddr and .pru_peeraddr protocol entry points using functions named proto_getsockaddr and proto_getpeeraddr rather than proto_setsockaddr and proto_setpeeraddr. While it's true that sockaddrs are allocated and set, the net effect is to retrieve (get) the socket address or peer address from a socket, not set it, so align names to that intent.
|
169263 |
04-May-2007 |
mav |
Avoid extra rc4_init() when ng_mppc_updatekey() going to do it anyway.
Approved by: glebius (mentor)
|
169262 |
04-May-2007 |
mav |
Compact code a bit
Approved by: glebius (mentor)
|
169261 |
04-May-2007 |
mav |
Make coherency counter 12bit as it should
Approved by: glebius (mentor)
|
169258 |
04-May-2007 |
mav |
Fix small mistake (sizeof(pad2) instead of sizeof(pad1))
Approved by: glebius (mentor)
|
169256 |
04-May-2007 |
mav |
Remove unneded bzero(). SHA1Final() does not require clean buffer.
Approved by: glebius (mentor)
|
169004 |
24-Apr-2007 |
mav |
Avoid false assertion on transmit and delayed ack timeout with enabled invariants. Replace callout_pending() by callout_active() to remove race window.
Reviewed by: archie Approved by: glebius (mentor)
|
168981 |
23-Apr-2007 |
mav |
Global xmit stats calculation fix.
Approved by: glebius (mentor)
|
168898 |
20-Apr-2007 |
mav |
Added m_tag_copy_chain() call to copy original outgoing packet tags to all of it's fragments.
Reviewed by: archie Approved by: glebius (mentor)
|
168897 |
20-Apr-2007 |
mav |
Optimized packet distribution plan for the equal links case. Do not split packet on fragments smaller then MP_MIN_FRAG_LEN to reduce total overhead.
Reviewed by: archie Approved by: glebius (mentor)
|
168896 |
20-Apr-2007 |
mav |
- Changed sequence numbers processing to avoid incorrect timeout waiting when one of links is inactive and have stale sequence number. To avoid this sequence numbers of all links are getting updated on every successful packet reassembling. - ng_ppp_bump_mseq function created to simplify code. - ng_ppp_frag_drop function separated from ng_ppp_frag_process to simplify code.
Reviewed by: archie Approved by: glebius (mentor)
|
168895 |
20-Apr-2007 |
mav |
- Fixed mistakes in latency and xmitBytes calculation math which lead to ineffective multilink packet distribution plans. - Changed bytesInQueue calculation math to have more precise information about links utilization. - Taken rough account of the link overhead. Better way to do it could be to get exact overhead from user-level, but I have not done it to keep binary compatibility.
Reviewed by: archie Approved by: glebius (mentor)
|
168137 |
31-Mar-2007 |
wkoszek |
We don't need spinning locks here. Change them to the adaptive mutexes. This change should bring no performance decrease, as it did not in my tests.
Reviewed by: julian, glebius Approved by: cognet (mentor)
|
168049 |
30-Mar-2007 |
wkoszek |
Instead of direct manipulation on queue and worklist mutexes, bring macros for doing this job. This change will make it easy to migrate from using spinning locks to adaptive ones.
Reviewed by: glebius, julian Approved by: cognet (mentor)
|
168009 |
28-Mar-2007 |
emax |
Try to silence Coverity by adding (void) in front of function call. Also add a comment, explaining why return value is not being checked.
Requested by: netchild MFC after: 1 week
|
167990 |
28-Mar-2007 |
glebius |
Bump maximum number of interface hooks to the maximum possible value. This will increase the memory consumption for more than 1 Mb, but this is required for operation on multiinterface access concentrators running mpd.
Requested by: Alexander Motin
|
167907 |
26-Mar-2007 |
maxim |
o Update a comment: sonewconn() lives in uipc_socket.c now.
|
167729 |
20-Mar-2007 |
bms |
Implement reference counting for ifmultiaddr, in_multi, and in6_multi structures. Detect when ifnet instances are detached from the network stack and perform appropriate cleanup to prevent memory leaks.
This has been implemented in such a way as to be backwards ABI compatible. Kernel consumers are changed to use if_delmulti_ifma(); in_delmulti() is unable to detect interface removal by design, as it performs searches on structures which are removed with the interface.
With this architectural change, the panics FreeBSD users have experienced with carp and pfsync should be resolved.
Obtained from: p4 branch bms_netdev Reviewed by: andre Sponsored by: Garance A Drosehn Idea from: NetBSD MFC after: 1 month
|
167677 |
18-Mar-2007 |
rwatson |
Prefer more traditional spellings of some words in comments.
|
167402 |
10-Mar-2007 |
julian |
oops committed the wrong patch. try this one..
|
167385 |
09-Mar-2007 |
julian |
ng_apply_item should be void. It is called from the interrupt source or from whoever has dequeued the item from the queue. Generally they have no interest in the result, and even if it is called by the queuer, it should still pretend that it was queued. The queuer should be assuming that the call was queued and giving them the false confidence that they are getting status leads to hard to find bugs.
Make it a void and remove all the code that tried to return status through it.
|
167348 |
08-Mar-2007 |
ru |
ng_send_fn() can return with an error, the function of interest will never be called and OACTIVE will never be reset. Fix this.
Submitted by: Vsevolod Lobko MFC after: 3 days
|
167168 |
02-Mar-2007 |
emaste |
Ensure message passed to "settimestamp" and "setcounter" is the right length. Use NULL instead of 0.
Submitted by: glebius, ru
|
167160 |
02-Mar-2007 |
emaste |
Add "setcounter" and "getcounter" messages, providing the the ability to embed up to four counters in outgoing packets. The message specifies the offset at which the counter should be inserted as well as the parameters of the counter.
Example usage:
ngctl msg src0: setcounter \ '{ index=0 offset=0x40 flags=1 width=4 increment=1 max_val=12345 }'
Sponsored by: Sandvine Incorporated
|
167156 |
01-Mar-2007 |
emaste |
Add "settimestamp" and "gettimestamp" messages, providing the the ability to embed a timestamp (struct timeval) in outgoing packets. The message specifies the offset at which the timestamp should be inserted.
NG_SOURCE(4) gives an example usage that queues an ICMP packet. Using that example, the following command will insert a timestamp in the ICMP's data payload:
ngctl msg src0: settimestamp '{ offset=0x2a flags=1 }'
Sponsored by: Sandvine Incorporated
|
166901 |
23-Feb-2007 |
piso |
o break newbus api: add a new argument of type driver_filter_t to bus_setup_intr()
o add an int return code to all fast handlers
o retire INTR_FAST/IH_FAST
For more info: http://docs.freebsd.org/cgi/getmsg.cgi?fetch=465712+0+current/freebsd-current
Reviewed by: many Approved by: re@
|
166585 |
09-Feb-2007 |
bms |
In the output path, mask off M_BCAST|M_MCAST so as to prevent incorrect addressing if a packet is later re-encapsulated and sent to a non-broadcast, non-multicast destination after being received on the ng_ksocket input hook.
PR: 106999 Submitted by: Kevin Lahey MFC after: 4 weeks
|
166424 |
02-Feb-2007 |
glebius |
Quoting Alexander: Formulas described in RFC require high precision of floating point. Formulas of integer math implemented in ng_pptpgre give mistake in range of +0-7ms on RTT and +0-3ms on deviation. This leads to significant underestimation of real packet RTT.
I have made a very simple patch to reduce mistake to +4-3ms on RTT and +2-1ms on deviation. Mistake in RTT is not good, but gets covered by deviation. To cover worst possible negative mistake in deviation I have added 2ms to it. Also this 2 ms cover the case when measured deviation is so small (about zero) that it can interfere with process scheduling delays or weather on Mars.
My tests show decreasing of packet losses on 20ms RTT link from 2.5% to 0.3% while speed increased un 1/3.
Reviewed by: archie
|
166234 |
25-Jan-2007 |
glebius |
- Create ng_ppp_bypass() function, that prepares a packet with bypass header, to send it out to userland. - Use ng_ppp_bypass() in ng_ppp_proto_recv(). - Use ng_ppp_bypass() in ng_ppp_comp_recv() and in ng_ppp_crypt_recv() if compression or encryption is disabled, respectively. - Any LCP packet goes directly to ng_ppp_bypass(), instead of passing through PPP stack. - Any non-LCP packet on disabled link is discarded. This is behavior defined in RFC.
Submitted by: Alexander Motin <mav alkar.net>
|
166099 |
18-Jan-2007 |
mjacob |
A less draconian fix to the build.
|
166097 |
18-Jan-2007 |
obrien |
Temporarily comment out the KASSERT that broke the kernel build.
|
166093 |
18-Jan-2007 |
glebius |
Revise the ng_ppp(4) node, so that code flow is more clear. All non-link hooks get their per hook rcvdata methods, and all functions are organized corresponding to protocol stack model.
Submitted by: Alexander Motin <mav alkar.net> Reviewed by: archie, julian
|
166019 |
15-Jan-2007 |
glebius |
Whitespace cleanup.
Checked with: cvs diff -b
|
166018 |
15-Jan-2007 |
glebius |
Update ip and tcp pointers after m_pullup().
Submitted by: Alexander Motin <mav alkar.net>
|
165925 |
10-Jan-2007 |
glebius |
Fix accounting of incoming octets.
Submitted by: Alexander Motin <mav alkar.net>
|
165632 |
29-Dec-2006 |
jhb |
Various bpf(4) related fixes to catch places up to the new bpf(4) semantics. - Stop testing bpf pointers for NULL. In some cases use bpf_peers_present() and then call the function directly inside the conditional block instead of the macro. - For places where the entire conditional block is the macro, remove the test and make the macro unconditional. - Use BPF_MTAP() in if_pfsync on FreeBSD instead of an expanded version of the old semantics.
Reviewed by: csjp (older version)
|
165619 |
29-Dec-2006 |
glebius |
A node that implements Predictor-1 compression for PPP.
Submitted by: Alexander Motin <mav alkar.net>
|
165581 |
28-Dec-2006 |
glebius |
A node that implements the Deflate sub-protocols of the Compression Control Protocol (CCP).
Submitted by: Alexander Motin <mav alkar.net>
|
165580 |
28-Dec-2006 |
glebius |
Before this commit, if the compression is enabled the, ng_ppp(4) node would send every outgoing frame to the "compress" hook. Packets received on the "compress" hook were expected to be compressed and PROT_COMPD tag was put on them unconditionally.
After this commit an alternative compression mode can be set. In this mode the node doesn't put the PROT_COMPD, the compressor should put it itself. This is important for such kind of compressors, that can submit uncompressed frames.
Before this commit, if the decompression is enabled, the ng_ppp(4) node would send and incoming frame to the "decompress" hook only if it has the PROT_COMPD proto tag on it.
After this commit an alternative decompression mode can be set. In this mode the node sends all the incoming packets to the decompression hook. This is important for such kind of compressors that need uncompressed packets too, to keep their library in sync.
These new features will be used in new version of mpd4, and in new compressor nodes.
Submitted by: Alexander Motin <mav alkar.net>
|
165435 |
21-Dec-2006 |
glebius |
Return value PKT_ALIAS_FOUND_HEADER_FRAGMENT isn't an error case. The packet shouldn't be dropped.
Submitted by: Alexander Motin <mav alkar.net>
|
165119 |
12-Dec-2006 |
glebius |
Correctly calculate length of IP header.
Submitted by: Eugene Hartmann <eugene tpsb.com.ru>
|
164797 |
01-Dec-2006 |
piso |
Remove m_megapullup from ng_nat and put it under libalias.
Approved by: gleb
|
164033 |
06-Nov-2006 |
rwatson |
Sweep kernel replacing suser(9) calls with priv(9) calls, assigning specific privilege names to a broad range of privileges. These may require some future tweaking.
Sponsored by: nCircle Network Security, Inc. Obtained from: TrustedBSD Project Discussed on: arch@ Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri, Alex Lyashkov <umka at sevcity dot net>, Skip Ford <skip dot ford at verizon dot net>, Antoine Brodin <antoine dot brodin at laposte dot net>
|
163915 |
02-Nov-2006 |
andre |
Rename m_getm() to m_getm2() and rewrite it to allocate up to page sized mbuf clusters. Add a flags parameter to accept M_PKTHDR and M_EOR mbuf chain flags. Provide compatibility macro for m_getm() calling m_getm2() with M_PKTHDR set.
Rewrite m_uiotombuf() to use m_getm2() for mbuf allocation and do the uiomove() in a tight loop over the mbuf chain. Add a flags parameter to accept mbuf flags to be passed to m_getm2(). Adjust all callers for the extra parameter.
Sponsored by: TCP/IP Optimization Fundraise 2005 MFC after: 3 month
|
163475 |
18-Oct-2006 |
glebius |
Check pointer before dereferencing.
Reported by: Coverity CID: 1556
|
163468 |
17-Oct-2006 |
glebius |
Some clenaup of ngs_rcvmsg(): - Inline ship_msg() into ngs_rcvmsg(). - Plug memory leak in case if no control socket present. - Remove malloc() and allocate the sockaddr on stack. - style(9).
|
163463 |
17-Oct-2006 |
glebius |
Some cleanup and small changes: - Use malloc() and free() instead of MALLOC() and FREE() macros. - Do not check malloc results if M_WAITOK was used. - Remove linked list of all netgraph sockets. It isn't needed. - Use ng_findhook() instead of searching the list ourselves. - Use NG_WAITOK in syscalls. - Remove unneeded includes. - style(9)
|
163462 |
17-Oct-2006 |
glebius |
Make the sg_len and sg_family members of the sockaddr_ng the same type as the corresponding values in sockaddr are.
|
163461 |
17-Oct-2006 |
glebius |
Make ng_ID_t fixed size, so that its maximum value is platform independent. This will be important in future.
|
163460 |
17-Oct-2006 |
glebius |
- ng_address_ID() has already freed the message, don't do double free. - Get error from ng_address_ID().
Reported by: Coverity via pjd
|
163297 |
13-Oct-2006 |
glebius |
Fix result of some mechanical change that I did some time ago, when writing this node.
|
163247 |
11-Oct-2006 |
glebius |
Recognize 802.1q frames in Ethernet input and process them.
PR: kern/101162 Submitted by: CoolDavid (Tseng Guo-Fu) <cooldavid cdpa.nsysu.edu.tw>
|
163244 |
11-Oct-2006 |
glebius |
Do not leak hooks in ng_bypass().
Submitted by: Alexander Motin <mav alkar.net>
|
163241 |
11-Oct-2006 |
glebius |
Make it buildable.
|
163240 |
11-Oct-2006 |
glebius |
Unbreak a short one.
Submitted by: maxim
|
163239 |
11-Oct-2006 |
glebius |
Break long line.
|
163238 |
11-Oct-2006 |
glebius |
Use hash functions with better distribution. Tested on live traffic.
Submitted by: Alexander Motin <mav alkar.net>
|
163234 |
11-Oct-2006 |
glebius |
Use bitcount32() from sys/systm.h instead of my own.
|
162849 |
30-Sep-2006 |
netchild |
Don't use data after free.
Found by: Coverity Prevent CID: 536 Submitted by: harti (via vs)
|
162375 |
17-Sep-2006 |
andre |
Move ethernet VLAN tags from mtags to its own mbuf packet header field m_pkthdr.ether_vlan. The presence of the M_VLANTAG flag on the mbuf signifies the presence and validity of its content.
Drivers that support hardware VLAN tag stripping fill in the received VLAN tag (containing both vlan and priority information) into the ether_vtag mbuf packet header field:
m->m_pkthdr.ether_vtag = vlan_id; /* ntohs()? */ m->m_flags |= M_VLANTAG;
to mark the packet m with the specified VLAN tag.
On output the driver should check the mbuf for the M_VLANTAG flag to see if a VLAN tag is present and valid:
if (m->m_flags & M_VLANTAG) { ... = m->m_pkthdr.ether_vtag; /* htons()? */ ... pass tag to hardware ... }
VLAN tags are stored in host byte order. Byte swapping may be necessary.
(Note: This driver conversion was mechanic and did not add or remove any byte swapping in the drivers.)
Remove zone_mtag_vlan UMA zone and MTAG_VLAN definition. No more tag memory allocation have to be done.
Reviewed by: thompsa, yar Sponsored by: TCP/IP Optimization Fundraise 2005
|
162332 |
15-Sep-2006 |
ru |
Fix input byte counting. Now the sum of the ipackets/ibytes counters of individual interfaces should match the ipackets/ibytes counter of the aggregate (FEC) interface.
PR: kern/82189 Submitted by: Stikheev Andrew <sand AT zunet DOT ru> MFC after: 3 days
|
162324 |
15-Sep-2006 |
ru |
Make it possible to set a larger MTU by attempting to set MTUs on all trunk ports first. If that succeeds, and we're inside our own bounds, so be it.
Still not ideal -- adding a port after changing an MTU doesn't change port's MTU, but a step in the right direction.
PR: kern/95417 Submitted by: Vladimir Ivanov <wawa AT yandex-team DOT ru> MFC after: 3 days
I've slightly edited a patch to make the conditional logic positive and remove (what I think was) a redundant ng_fec_init() call.
|
162323 |
15-Sep-2006 |
ru |
SIOCSIFFLAGS doesn't require an argument in kernel land; instead, flags are supposed to be set directly in ifnet already. This change fixes a panic when ng_eiface node is attached to ng_fec node and the latter is shut down (ng_fec sets flags and then calls SIOCSIFFLAGS with a NULL argument).
MFC after: 3 days
|
162134 |
07-Sep-2006 |
emax |
s/USBDEVNAME/device_get_nameunit/g s/USBBASEDEVICE/device_t/g
|
162103 |
07-Sep-2006 |
mjacob |
more usb fallout changes
|
161623 |
25-Aug-2006 |
emax |
- Catch up with ongoing rwatson's socket work;
- Fix a couple of LORs and panics;
- Temporarily remove the code that tries to cleanup sockets that stuck on accepting queues (both complete and incomplete). I'm taking an ostrich approach here until I find a better way to deal with sockets that were disconnected before accepting (i.e. while socket was on complete or incomplete accept queue).
|
161585 |
24-Aug-2006 |
ru |
Fix another fallout from the IF_LLADDR() type change.
Spotted by: mwlucas
|
161579 |
24-Aug-2006 |
emax |
Define mtu as u_int16_t not as int. This should fix problem with rfcomm on sparc64.
Reported by: Andrew Belashov <bel at orel dot ru> Tested by: Andrew Belashov <bel at orel dot ru> MFC after: 3 days
|
161181 |
10-Aug-2006 |
glebius |
Some perfectionizm against last revision.
Submitted by: ru
|
161117 |
09-Aug-2006 |
glebius |
Fix ng_pppoe(4) after turning off "autosrc feature" on ng_ether(4).
- Store the Ethernet header in node softc. - Initialize header with dst addr and ethertype in node constructor method. - In node connect method send NGM_ETHER_GET_ENADDR message downwards. - If received reply from ng_ether(4) store the src addr in softc. - Add NGM_PPPOE_SETENDADDR message that allows user to override the address with whatever he/she wants.
|
161034 |
07-Aug-2006 |
glebius |
- Use log(9) instead of printf(9). - Print node ID, where possible. - Prepend log messages with function name, or at least with "ng_pppoe".
Reviewed by: julian Tested by: Joao Barros <joao.barros gmail.com>
|
160968 |
04-Aug-2006 |
glebius |
Turn off by default "feature" that overwrites MAC address on output frames.
Many people were confused with not working CARP, ng_bridge(4) and other subsystems, because ng_ether(4) overwritten source MAC address.
|
160769 |
27-Jul-2006 |
thompsa |
Remove the dependency of bridgestp.h on if_bridgevar.h by moving a couple of private structures to if_bridge.c.
|
160739 |
27-Jul-2006 |
avatar |
Fixing compilation bustage: net/if_bridgevar.h depends on net/bridgestp.h.
|
160619 |
24-Jul-2006 |
rwatson |
soreceive_generic(), and sopoll_generic(). Add new functions sosend(), soreceive(), and sopoll(), which are wrappers for pru_sosend, pru_soreceive, and pru_sopoll, and are now used univerally by socket consumers rather than either directly invoking the old so*() functions or directly invoking the protocol switch method (about an even split prior to this commit).
This completes an architectural change that was begun in 1996 to permit protocols to provide substitute implementations, as now used by UDP. Consumers now uniformly invoke sosend(), soreceive(), and sopoll() to perform these operations on sockets -- in particular, distributed file systems and socket system calls.
Architectural head nod: sam, gnn, wollman
|
160549 |
21-Jul-2006 |
rwatson |
Change semantics of socket close and detach. Add a new protocol switch function, pru_close, to notify protocols that the file descriptor or other consumer of a socket is closing the socket. pru_abort is now a notification of close also, and no longer detaches. pru_detach is no longer used to notify of close, and will be called during socket tear-down by sofree() when all references to a socket evaporate after an earlier call to abort or close the socket. This means detach is now an unconditional teardown of a socket, whereas previously sockets could persist after detach of the protocol retained a reference.
This faciliates sharing mutexes between layers of the network stack as the mutex is required during the checking and removal of references at the head of sofree(). With this change, pru_detach can now assume that the mutex will no longer be required by the socket layer after completion, whereas before this was not necessarily true.
Reviewed by: gnn
|
160114 |
05-Jul-2006 |
emax |
Replace inb() and outb() with bus_space_read_1() and bus_space_write_1()
Submitted by: marius MFC after: 1 week
|
159979 |
27-Jun-2006 |
glebius |
A netgraph node that can do different manipulations with mbuf_tags(9) on packets.
Submitted by: Vadim Goncharov <vadimnuclight tpu.ru> mdoc(7) reviewed by: ru
|
159590 |
13-Jun-2006 |
jhb |
Use kern_kldload() and kern_kldunload() to load and unload modules when we intend for the user to be able to unload them later via kldunload(2) instead of calling linker_load_module() and then directly adjusting the ref count on the linker file structure. This makes the resulting consumer code simpler and cleaner and better hides the linker internals making it possible to sanely lock the linker.
|
159373 |
07-Jun-2006 |
glebius |
When counting nodes second time, use the same criteria as for the first time.
PR: kern/98529 Submitted by: Michael Heyman
|
159331 |
06-Jun-2006 |
glebius |
Use NET_CALLOUT_MPSAFE for netgraph callout initializer.
|
159183 |
02-Jun-2006 |
sam |
add missed calls to bpf_peers_present
|
159182 |
02-Jun-2006 |
jhb |
Conditionally acquire Giant in netgraph callouts to honor mpsafenet=0.
Reported by: sekes <gexlie at gmail dot com> MFC after: 1 week
|
159166 |
02-Jun-2006 |
dds |
Replace the array initialization using the gcc-specific format [constant] value with the C99 format [constant] = value
|
158672 |
17-May-2006 |
emax |
Add new SIOC_HCI_RAW_NODE_LIST_NAMES ioctl. User-space applications can use this ioctl to obtain the list of HCI nodes. User-space application is expected to preallocate 'ng_btsocket_hci_raw_node_list_names' structure and set limit in 'num_nodes' field. The 'nodes' field should be allocated as well and it should have space for at least 'num_nodes' elements.
The SIOC_HCI_RAW_NODE_LIST_NAMES should be issued on bound raw HCI socket. It does not really really matter what HCI name the socket is bound to, as long as it is not empty.
MFC after: 1 week
|
158646 |
16-May-2006 |
glebius |
Remove unneeded check.
Coverity ID: 445
|
158643 |
16-May-2006 |
glebius |
Do not leak kernel memory in case if userland has been compiled against older NG_VERSION.
Coverity ID: 1131
|
158028 |
25-Apr-2006 |
maxim |
o Replace disappeared URLs to Cisco docs by new ones, style. No functional changes.
|
158027 |
25-Apr-2006 |
maxim |
o Set to zero engine_type, engine_id and pad (cisco calls it sampling_interval) fields in netflow v5 header. We do not use them but some netflow tools show garbage.
PR: kern/96296 Submitted by: David Duchscher Approved by: glebius MFC after: 1 week
|
157558 |
06-Apr-2006 |
rwatson |
Correct assertion in ng_detach().
Submitted by: tegge MFC after: 3 months
|
157370 |
01-Apr-2006 |
rwatson |
Chance protocol switch method pru_detach() so that it returns void rather than an error. Detaches do not "fail", they other occur or the protocol flags SS_PROTOREF to take ownership of the socket.
soclose() no longer looks at so_pcb to see if it's NULL, relying entirely on the protocol to decide whether it's time to free the socket or not using SS_PROTOREF. so_pcb is now entirely owned and managed by the protocol code. Likewise, no longer test so_pcb in other socket functions, such as soreceive(), which have no business digging into protocol internals.
Protocol detach routines no longer try to free the socket on detach, this is performed in the socket code if the protocol permits it.
In rts_detach(), no longer test for rp != NULL in detach, and likewise in other protocols that don't permit a NULL so_pcb, reduce the incidence of testing for it during detach.
netinet and netinet6 are not fully updated to this change, which will be in an upcoming commit. In their current state they may leak memory or panic.
MFC after: 3 months
|
157366 |
01-Apr-2006 |
rwatson |
Change protocol switch pru_abort() API so that it returns void rather than an int, as an error here is not meaningful. Modify soabort() to unconditionally free the socket on the return of pru_abort(), and modify most protocols to no longer conditionally free the socket, since the caller will do this.
This commit likely leaves parts of netinet and netinet6 in a situation where they may panic or leak memory, as they have not are not fully updated by this commit. This will be corrected shortly in followup commits to these components.
MFC after: 3 months
|
156742 |
15-Mar-2006 |
glebius |
Free private data when deleting hook.
PR: kern/93952 Submitted by: Antoine Brodin <antoine.brodin laposte.net>
|
155877 |
21-Feb-2006 |
ru |
Clear csum_flags after reading data from socket buffer. Otherwise, if ksocket is connected to an interface-type node somewhere later in the graph (e.g., ng_eiface or ng_iface), the csum_data may be applied to a wrong packet (if we encapsulate Ethernet or IP).
MFC after: 3 days
|
155777 |
17-Feb-2006 |
glebius |
Remove unused now field.
|
155681 |
14-Feb-2006 |
ru |
Unbreak this.
|
155554 |
11-Feb-2006 |
ru |
Don't count output bytes twice (the byte accouting is done in if.c). Count output errors.
MFC after: 3 days
|
155468 |
09-Feb-2006 |
glebius |
- Increase maximum number of interfaces to 2048. - Regroup softc so that frequently used elements are grouped in the beginning, while the interfaces array is at the end.
|
155388 |
06-Feb-2006 |
ru |
Two fixes:
- Run send queue down to completion, not just one packet. It has been observed to cause a stall queue otherwise.
- Prevent queueing multiple function calls to a node.
MFC after: 3 days
|
155016 |
29-Jan-2006 |
rik |
Fix module from panic. Pointy hat: brooks MFC after: 3 days
|
154901 |
27-Jan-2006 |
glebius |
o Introduce D-Link compat mode, that is default to off and can be set by NGM_PPPOE_SETMODE message. When D-Link compat mode is on, we will broadcast PADI with empty Service-Name to all listening hooks. o Rewrite the compatibility options. Before we had two modes - standard and non-standard (aka 3Com). Now we have standard mode and two compat flags, that can be combined. o Be consistent and do s/STUPID/3COM/g. I don't say that 3Com mode isn't stupid, just want to make code easier to read.
|
154862 |
26-Jan-2006 |
glebius |
From the RFC2516 it is not clear, what is the correct behavior for a PPPoE AC, servicing a specific Service-Name, when client sends a PADI with an empty Service-Name. Should it reply with all available service names or should it be silent? Our implementation had chosen the latter, while some other had chosen the former (they say Linux and Cisco). Now some PPPoE clients appear, that rely on the assumption that AC will send all names in a PADO reply to a PADI with wildcard Service-Name. These clients can't connect to FreeBSD AC.
I have requested comments from authors of RFC2516 via email, but received no reply.
This change makes FreeBSD AC compatible with D-Link DI-614+ and D-Link DI-624+ SOHO routers, and probably others.
Big thanks to D-Link's Russian office, namely Victor Platov, for assistance and support in investigation and testing of this change.
Details: o Split pppoe_match_svc() into three different functions serving different purposes: - pppoe_match_svc() - match non-empty Service-Name tag from PADI against all available hooks in listening state. - pppoe_find_svc() - check that given Service-Name is not yet registered. - pppoe_broadcast_padi() - send a copy of PADI packet with empty Service-Name tag to all listening hooks. o For NGM_PPPOE_LISTEN message use pppoe_find_svc(). o In ng_pppoe_rcvdata() in a PADI case use pppoe_match_svc() for a non-empty Service-Name tag, and pppoe_broadcast_padi() in either case.
A side effect from the above changes is that now pppoed(8) and mpd will reply to a empty Service-Name PADI sending a PADO with two Service-Name tags - an empty one and correct one. This is not fatal, and will be corrected in pppoed(8) and mpd later. No need to update node interface version.
Supported by: D-Link
|
154707 |
23-Jan-2006 |
glebius |
Simplify ng_source_send() removing temporary queue and merging two cycles into one.
|
154604 |
21-Jan-2006 |
glebius |
- Remove debugging printfs. - Add some ktr(4) debugging. - Whitespaces at eols. - Tidy up comments. - u_intXX -> uintXX
|
154521 |
18-Jan-2006 |
ru |
Fix two accesses to uninitialized variables that a revision 1.27 has introduced.
Found with: Coverity Prevent(tm)
|
154376 |
14-Jan-2006 |
glebius |
Initialize variable.
Found with: Coverity Prevent(tm)
|
154375 |
14-Jan-2006 |
glebius |
Make code simplier fixing memory leak.
Found with: Coverity Prevent(tm)
|
154357 |
14-Jan-2006 |
glebius |
Remove dead code.
Found with: Coverity Prevent(tm)
|
154354 |
14-Jan-2006 |
glebius |
Correct off-by-one errors.
Found with: Coverity Prevent(tm)
|
154353 |
14-Jan-2006 |
glebius |
Fix two memory leakages.
Found with: Coverity Prevent(tm)
|
154277 |
12-Jan-2006 |
glebius |
When sending export datagram from interrupt thread, use NG_QUEUE in flags. When sending export datagram from expiry thread, then use default zero flags. This removes unpleasant contention of the interrupt thread on mutexes (usually ng_ksocket's socket buffer mutex).
|
154276 |
12-Jan-2006 |
glebius |
Provide additional macros for sending netgraph items, which allow to use non-default flags for netgraph functions. Implement current macros via new ones.
|
154275 |
12-Jan-2006 |
glebius |
- Print also node ID in ktr(9) messages. [1] - Use fixed length for function name, making ktrdump(8) output easier to read.
Suggested by: julian [1]
|
154272 |
12-Jan-2006 |
glebius |
Do not force queueing on peer hooks. This was important only for 5.0-CURRENT. And it looks like this didn't work before Julian's revamp of netgraph queue code.
Reviewed by: julian
|
154270 |
12-Jan-2006 |
glebius |
Remove old debugging leftover.
Reviewed by: julian
|
154267 |
12-Jan-2006 |
glebius |
Mark appropriate commands with NGM_READONLY and NGM_HASREPLY and bump type cookie.
|
154265 |
12-Jan-2006 |
glebius |
In the splnet(9) times netgraph(4) was synchronous and if a message had been replied, the reply was always delivered to the originator synchronously.
With introduction of netgraph item callbacks and a wait channel with mutex in ng_socket(4), we have fixed the problem with ngctl(8) returning earlier than the command has been proceeded by target node. But still ngctl(8) can return prior to the reply has arrived to its node.
To fix this: - Introduce a new flag for netgraph(4) messages - NGM_HASREPLY. This flag is or'ed with message like NGM_READONLY. - In netgraph userland library if we have sent a message with NGM_HASREPLY flag, then select(2) until reply comes. - Mark appropriate generic commands with NGM_HASREPLY flag, gathering them into one enum {}. Bump generic cookie.
|
154253 |
12-Jan-2006 |
glebius |
Fix wording in last commit.
Submitted by: julian
|
154225 |
11-Jan-2006 |
glebius |
Add ktr(9) hooks to easier tracing of the netgraph item flow through netgraph.
|
153791 |
28-Dec-2005 |
glebius |
In ng_netflow_disconnect() check whether we are working with "iface" or with "out" hook, and clear the right pointer.
Reported by: Vitaliy Ovsyannikov <V.Ovsyannikov kr.ru>
|
153690 |
23-Dec-2005 |
glebius |
Implement an upper limit for packets per second sent by node.
|
153261 |
09-Dec-2005 |
ru |
Fix memory leak.
PR: kern/90113 Submitted by: Antoine Brodin
|
153214 |
07-Dec-2005 |
jkim |
Fix build without BPF_JITTER option.
|
153213 |
07-Dec-2005 |
jkim |
Add BPF Just-In-Time compiler support for ng_bpf(4).
The sysctl is changed from net.bpf.jitter.enable to net.bpf_jitter.enable and this controls both bpf(4) and ng_bpf(4) now.
|
153084 |
04-Dec-2005 |
ru |
Fix -Wundef from compiling the amd64 LINT.
|
153069 |
04-Dec-2005 |
ru |
Use __LP64__ to check for the 64-bit pointer type, and fix -Wundef.
|
152847 |
27-Nov-2005 |
glebius |
- Update the flow sequence before converting count to network byte order. - Update the flow sequence in one atomic op instead of two.
Reported by: Denis Shaposhnikov <dsh vlink.ru> Reported by: Daniil Kharoun <kdl chelcom.ru> PR: kern/89417
|
152451 |
15-Nov-2005 |
glebius |
Some whitespace and style cleanup.
|
152315 |
11-Nov-2005 |
ru |
- Store pointer to the link-level address right in "struct ifnet" rather than in ifindex_table[]; all (except one) accesses are through ifp anyway. IF_LLADDR() works faster, and all (except one) ifaddr_byindex() users were converted to use ifp->if_addr.
- Stop storing a (pointer to) Ethernet address in "struct arpcom", and drop the IFP2ENADDR() macro; all users have been converted to use IF_LLADDR() instead.
|
152243 |
09-Nov-2005 |
ru |
Make IFP2NG() usable as an lvalue.
|
152242 |
09-Nov-2005 |
ru |
Use sparse initializers for "struct domain" and "struct protosw", so they are easier to follow for the human being.
|
152184 |
08-Nov-2005 |
ru |
Simplify setting the link-level address.
|
152032 |
04-Nov-2005 |
ru |
Use if_setlladdr() to reprogram the link-level addresses; it causes a synchronous reprogramming of hardware MAC filters if the physical interface are up and running. Previously, MAC filters would be reconfigured only when the fec interface was brought up.
|
152031 |
04-Nov-2005 |
ru |
Bring some level of stability to this driver:
- Disallow bundle reconfiguration when virtual interface is running; otherwise, removing a port from a running configuration will cause a panic in the start() method on the next packet on an assumption that a bundle has an even number of ports (2 or 4).
- Disallow bringing of virtual interface to a running state when a bundle size is 0; otherwise, adding and then removing the port will similarly cause a panic.
- Add missing initialization of fec_ifstat when adding a new port and fix media status reporting when virtual interface isn't yet up (check for fec_status of 1 rather than != 0).
|
152030 |
04-Nov-2005 |
ru |
- Fix another fallout from the if_alloc() conversion: previously, ifp->if_type was set to IFT_ETHER by ether_ifattach(), now it's done by if_alloc() so an assignment of if_type to IFT_PROPVIRTUAL after if_alloc() but before ether_ifattach() broke it. This makes arp(8) and friends happy about the fec interfaces, and will allow us to use if_setlladdr() on the fec interface.
- Set/reset IFF_DRV_RUNNING/IFF_DRV_OACTIVE in init() and stop() methods rather than in ioctl(), like the rest of the drivers do. This fixes a bug when an "ifconfig fec0 ipv4_address" would not have made the interface running, didn't launch the ticker function to track media status of bundled ports, etc.
|
152001 |
03-Nov-2005 |
ru |
Restore part of the code dropped in rev. 1.25 that makes sure ether_demux() will receive an mbuf chain with Ethernet header in the data portion of the first mbuf.
|
151975 |
02-Nov-2005 |
glebius |
Fix several races between socket closure and node/hook destruction: - Backout 1.62, since it doesn't fix all possible problems. - Upon node creation, put an additional reference on node. - Add a mutex and refcounter to struct ngsock. Netgraph node, control socket and data socket all count as references. - Introduce ng_socket_free_priv() which removes one reference from ngsock, and frees it when all references has gone. - No direct pointers between pcbs and node, all pointing is done via struct ngsock and protected with mutex.
|
151974 |
02-Nov-2005 |
glebius |
Fix two races which happen when netgraph is restructuring: - Introduce ng_topo_mtx, a mutex to protect topology changes. - In ng_destroy_node() protect with ng_topo_mtx the process of checking and pointing at ng_deadnode. [1] - In ng_con_part2() check that our peer is not a ng_deadnode, and protect the check with ng_topo_mtx. - Add KASSERTs to ng_acquire_read/write, to make more understandible synopsis in case if called on ng_deadnode.
Reported by: Roselyn Lee [1]
|
151973 |
02-Nov-2005 |
glebius |
Rework the ng_item queueing on nodes: - Introduce a new flags NGQF_QREADER and NGQF_QWRITER, which tell how the item should be actually applied, overriding NGQF_READER/NGQF_WRITER flags. - Do not differ between pending reader or writer. Use only one flag that is raised, when there are pending items. - Schedule netgraph ISR in ng_queue_rw(), so that callers do not need to do this job. - Fix several comments.
Submitted by: julian
|
151897 |
31-Oct-2005 |
rwatson |
Normalize a significant number of kernel malloc type names:
- Prefer '_' to ' ', as it results in more easily parsed results in memory monitoring tools such as vmstat.
- Remove punctuation that is incompatible with using memory type names as file names, such as '/' characters.
- Disambiguate some collisions by adding subsystem prefixes to some memory types.
- Generally prefer lower case to upper case.
- If the same type is defined in multiple architecture directories, attempt to use the same name in additional cases.
Not all instances were caught in this change, so more work is required to finish this conversion. Similar changes are required for UMA zone names.
|
151888 |
30-Oct-2005 |
rwatson |
Push the assignment of a new or updated so_qlimit from solisten() following the protocol pru_listen() call to solisten_proto(), so that it occurs under the socket lock acquisition that also sets SO_ACCEPTCONN. This requires passing the new backlog parameter to the protocol, which also allows the protocol to be aware of changes in queue limit should it wish to do something about the new queue limit. This continues a move towards the socket layer acting as a library for the protocol.
Bump __FreeBSD_version due to a change in the in-kernel protocol interface. This change has been tested with IPv4 and UNIX domain sockets, but not other protocols.
|
151800 |
28-Oct-2005 |
ru |
Use variable-sized arrays where appropriate.
|
151726 |
26-Oct-2005 |
emax |
Do not manually allocate/free device's softc structure.
Pointed by: jhb Reviewed by: imp, jhb
|
151700 |
26-Oct-2005 |
jhb |
- Use swi_remove() to teardown swi handlers rather than intr_event_remove_handler(). - Remove tty: prefix from a couple of swi handler names.
|
151689 |
26-Oct-2005 |
ru |
Catch up with new interrupt handling code.
|
151676 |
25-Oct-2005 |
ru |
Make the cookie constant name canonical.
|
151387 |
16-Oct-2005 |
phk |
Use new (inline) functions for calls into driver.
|
151349 |
14-Oct-2005 |
yar |
In preparation for making the modules actually use opt_*.h files provided in the kernel build directory, fix modules that were failing to build this way due to not quite correct kernel option usage. In particular:
ng_mppc.c uses two complementary options, both of which are listed in sys/conf/files. Ideally, there should be a separate option for including ng_mppc.c in kernel build, but now only NETGRAPH_MPPC_ENCRYPTION is usable anyway, the other one requires proprietary files.
nwfs and smbfs were trying to ensure they were built with proper network components, but the check was rather questionable.
Discussed with: ru
|
151305 |
14-Oct-2005 |
thompsa |
Further clean up the bridge hooks in if_ethersubr.c and ng_ether.c
- move the function pointer definitions to if_bridgevar.h - move most of the logic to the new BRIDGE_INPUT and BRIDGE_OUTPUT macros - remove unneeded functions from if_bridgevar.h and sort a little.
|
151283 |
13-Oct-2005 |
glebius |
- When flushing node input queue, check whether item has a callback. If it does, then call it suppling ENOENT as error value. - Add assert, that helped to catch the above error.
|
151282 |
13-Oct-2005 |
thompsa |
Clean up the if_bridge hooks a bit in if_ethersubr.c and ng_ether.c, move the broadcast/multicast test to bridge_input().
Requested by: glebius
|
151256 |
12-Oct-2005 |
glebius |
After rev. 1.103 the oitem and ierror are no longer needed, remove them.
|
151238 |
11-Oct-2005 |
glebius |
Fix a regression introduced in rev. 1.107. If an item once had a writer semantics, and then was reused for next node, it still would be applied as writer again. To fix the regression the decision is made never to alter item->el_flags after the item has been allocated. This requires checking for overrides both in ng_dequeue() and in ng_snd_item().
Details: - Caller of the ng_apply_item() knows what is the current access to node and specifies it to ng_apply_item(). The latter drops the given access after item has beem applied. - ng_dequeue() needs to be supplied with int pointer, where it stores the obtained access on node. - Check for node/hook access overrides in ng_dequeue().
|
151231 |
11-Oct-2005 |
glebius |
Style and other fixes for the last commit.
Submitted by: ru
|
151203 |
10-Oct-2005 |
glebius |
ALTQ support for ng_iface(4). Before turning on please consult manual page.
|
151085 |
08-Oct-2005 |
tanimura |
In ngt_input(), do not derefer sc (= (sc_p) tp->t_lsc) before making sure sc != NULL.
|
151063 |
07-Oct-2005 |
glebius |
A deja vu of:
http://lists.freebsd.org/pipermail/cvs-src/2004-October/033496.html
The same problem applies to if_bridge(4), too.
- Copy-and-paste the if_bridge(4) related block from if_ethersubr.c to ng_ether.c - Add XXXs, so that copy-and-paste would be noticed by any future editors of this code. - Also add XXXs near if_bridge(4) declarations.
Silence from: thompsa
|
150636 |
27-Sep-2005 |
mlaier |
Remove bridge(4) from the tree. if_bridge(4) is a full functional replacement and has additional features which make it superior.
Discussed on: -arch Reviewed by: thompsa X-MFC-after: never (RELENG_6 as transition period)
|
150482 |
22-Sep-2005 |
emax |
Fix comment
|
150457 |
22-Sep-2005 |
imp |
Finish last commit: actually remove compat methods from bt3c_pccard_methods
|
150456 |
22-Sep-2005 |
imp |
Remove broken OLDCARD compat shims. "PC Card" is the correct spelling. "PC-Card" isn't, per the PCMCIA standard.
|
150319 |
19-Sep-2005 |
glebius |
Dej'a vu of revision 1.35
PR: kern/86258 Submitted by: Hiroshi Oota <ghelp excite.co.jp>
|
150042 |
12-Sep-2005 |
glebius |
When message can't fit into socket receive buffer return ENOBUFS to userland program instead of letting it wait until end of days.
PR: kern/85907
|
150018 |
12-Sep-2005 |
glebius |
Remove ng_callout_init_mtx() macro. Mutexed callouts are incompatible with netgraph(4).
|
149881 |
08-Sep-2005 |
glebius |
Fix an item leak, that happens when some node calls ng_callout() two times consequently, without checking whether callout has been serviced or not. (ng_pptpgre and ng_ppp were catched in this behavior).
- In ng_callout() save old item before calling callout_reset(). If the latter has returned 1, then free this item. - In ng_uncallout() clear c->c_arg.
Problem reported by: Alexandre Kardanev
|
149880 |
08-Sep-2005 |
glebius |
Rework locking, that I have introduced recently, since it was incorrect:
First, mutexed callouts are incompatible with netgraph nodes, because netgraph(4) can guarantee that the function will be called with mutex held.
Second, nodes should not send data to their neighbor holding their mutex. A node does not know what stack can it enter sending data in some direction. May be executing will encounter a place to sleep.
New locking:
- ng_pptpgre_recv() and ng_pptpgre_xmit() must be entered with mutex held. - ng_pptpgre_recv() and ng_pptpgre_xmit() unlock mutex before sending data and then return unlocked. - callout routines acquire mutex themselves.
|
149827 |
06-Sep-2005 |
glebius |
Fix build.
|
149820 |
06-Sep-2005 |
glebius |
When we read data from socket buffer using soreceive() the socket layer does not clear m_nextpkt for us. The mbufs are sent into netgraph and then, if they contain a TCP packet delivered locally, they will enter socket code again. They can pass the first assert in sbappendstream() because m_nextpkt may be set not in the first mbuf, but deeper in the chain. So the problem will trigger much later, when local program reads the data from socket, and an mbuf with m_nextpkt becomes a first one.
This bug was demasked by revision 1.54, when I made upcall queueable. Before revision 1.54 there was a very small probability to have 2 mbufs in GRE socket buffer, because ng_ksocket_incoming2() dequeued the first one immediately.
- in ng_ksocket_incoming2() clear m_nextpkt on all mbufs read from socket. - restore rev. 1.54 change in ng_ksocket_incoming().
PR: kern/84952 PR: kern/82413 In collaboration with: rwatson
|
149818 |
06-Sep-2005 |
glebius |
In INVARIANTS case also check that nodes do not pass queues of mbufs each other.
|
149817 |
06-Sep-2005 |
glebius |
Raise one more bit in READER_MASK. I believe that before this change it was possible to have 1 reader and 1 writer thread working on a node simultaneously.
Reviewed by: julian
|
149735 |
02-Sep-2005 |
glebius |
Use non-debug macros inside debugging functions, to prevent important information from being rewritten.
|
149679 |
31-Aug-2005 |
emax |
Fix dangling callout problem in the Bluetooth L2CAP code that leads to panic. The panic happens when outgoing L2CAP connection descriptor is deleted with the L2CAP command(s) pending in the queue. In this case when the last L2CAP command is deleted (due to cleanup) and reference counter for the L2CAP connection goes down to zero the auto disconnect timeout is incorrectly set. pjd gets credit for tracking this down and committing bandaid.
Reported by: Jonatan B <onatan at gmail dot com> MFC after: 3 days
|
149615 |
30-Aug-2005 |
glebius |
Lock down PPTP node, since it has many data structures, that won't survive parallel ng_pptp_rcvdata():
- Add a per-node mutex. - Acquire mutex during all ng_pptp_rcvdata() method. - Make callouts protected by mutex. Now callouts count as netgraph writers, but there are plans to allow reader callouts for nodes, that have internal locking. - Acquire mutex in ng_pptp_reset(), which can be triggered by a message or node shutdown.
PR: kern/80035 Tested by: Deomid Ryabkov <myself rojer.pp.ru> Reviewed by: Deomid Ryabkov <myself rojer.pp.ru>
|
149614 |
30-Aug-2005 |
glebius |
Add ng_callout_ini_mtx() macro.
|
149577 |
29-Aug-2005 |
glebius |
Plug item leak in case when not all hooks are connected.
Found by: David Vos <david.vos gmail.com>
|
149505 |
26-Aug-2005 |
glebius |
Cleanup the reader/writer policy in netgraph(4). Assign either reader or writer flag on item in the function, that allocates the item. Do not modify these flags when item is applied or queued. The only exceptions are node and hook overrides - they can change item flags to writer.
|
149462 |
25-Aug-2005 |
emax |
Make sure ng_fec_init() uses the same calling convention as the rest of the code, i.e. ng_fec_init() is called with the ifp->if_softc pointer and NOT with the ifp pointer.
PR: kern/85239 Reviewed by: brooks MFC after: 1 day
|
149447 |
25-Aug-2005 |
glebius |
Backout revision 1.54, because it exposes a worse problem, than it fixes. I believe the problem lives somewhere outside ng_ksocket, but until it is found, let the node be working.
PR: kern/84952 PR: kern/82413 MFC after: 3 days
|
149382 |
23-Aug-2005 |
emax |
Fix multiple typos in the mutex names. This fixes false positive (and pretty strange looking too) LORs I have seen on my system. Pointy hat to goes to me.
MFC after: 1 day
|
149357 |
21-Aug-2005 |
glebius |
In ng_callout() assert that supplied arguments are non-NULL.
|
149356 |
21-Aug-2005 |
pjd |
Stop callout before freeing memory, so it won't panic from softclock.
Reported by: Jonatan B <onatan@gmail.com> MFC after: 3 days
|
149355 |
21-Aug-2005 |
pjd |
Before freeing memory, assert that there is no pending callout.
MFC after: 3 days
|
148915 |
10-Aug-2005 |
obrien |
Use the ISO standard function variable vs. a GCC'ism.
|
148887 |
09-Aug-2005 |
rwatson |
Propagate rename of IFF_OACTIVE and IFF_RUNNING to IFF_DRV_OACTIVE and IFF_DRV_RUNNING, as well as the move from ifnet.if_flags to ifnet.if_drv_flags. Device drivers are now responsible for synchronizing access to these flags, as they are in if_drv_flags. This helps prevent races between the network stack and device driver in maintaining the interface flags field.
Many __FreeBSD__ and __FreeBSD_version checks maintained and continued; some less so.
Reviewed by: pjd, bz MFC after: 7 days
|
148870 |
08-Aug-2005 |
julian |
reorder a couple of cases of void __inline to __inline void to silence warnings from compilig with -W
Submitted by: sandvine inc MFC after: 1 week
|
148646 |
02-Aug-2005 |
ru |
Fix up the comment.
|
148645 |
02-Aug-2005 |
ru |
Fixed parsing of unsigned integers.
|
148518 |
29-Jul-2005 |
emax |
Fix typo and check correct (rsp) pointer against the NULL value.
Submitted by: Oliver < urnenfel at tiscali dot es > MFC after: 1 day
|
148487 |
28-Jul-2005 |
emax |
Address minor locking issues. Use taskqueue_swi instead of taskqueue_swi_giant.
MFC after: 1 month
|
148351 |
23-Jul-2005 |
obrien |
Fix missing '=' in structure initialization.
|
148266 |
21-Jul-2005 |
glebius |
Fix cut-n-paste error, introduced in rev. 1.103.
|
148261 |
21-Jul-2005 |
glebius |
Catch up with netgraph.h rev. 1.57 and fix build.
|
148239 |
21-Jul-2005 |
glebius |
Bump NG_ABI_VERSION. A number of ABI breakeges had been done since RELENG_5 fork.
|
148238 |
21-Jul-2005 |
glebius |
Enhance struct ng_hook - add hk_type field. This field will describe data link type of the hook. It will be used to ease autoconfiguration of netgraph and also to print warning messages, when incompatoble nodes are connected together.
|
148236 |
21-Jul-2005 |
glebius |
Problem description:
At the end of ng_snd_item(), node queue is processed. In certain netgraph setups deep recursive calls can occur. For example this happens, when two nodes are connected and can send items to each other in both directions. If, for some reason, both nodes have a lot of items in their queues, then the processing thread will recurse between these two nodes, delivering items left and right, going deeper in the stack. Other setups can suffer from deep recursion, too. The following factors can influence risk of deep netgraph call: - periodical write-access events on node - combination of slow link and fast one in one graph - net.inet.ip.fastforwarding
Changes made:
- In ng_acquire_{read,write}() do not dequeue another item. Instead, call ng_setisr() for this node. - At the end of ng_snd_item(), do not process queue. Call ng_setisr(), if there are any dequeueable items on node queue. - In ng_setisr() narrow worklist mutex holding. - In ng_setisr() assert queue mutex.
Theoretically, the first two changes should negatively affect performance. To check this, some profiling was made:
1) In general real tasks, no noticable performance difference was found.
2) The following test was made: two multithreaded nodes and one single-threaded were connected into a ring. A large queues of packets were sent around this ring. Time to pass the ring N times was measured. This is a very vacuous test: no items/mbufs are allocated, no upcalls or downcalls outside of netgraph. It doesn't represent a real load, it is a stress test for ng_acquire_{read,write}() and item queueing functions. Surprisingly, the performance impact was positive! New code is 13% faster on UP and 17% faster on SMP, in this particular test.
The problem was originally found, described, analyzed and original patch was written by Roselyn Lee from Vernier Networks. Thanks!
Submitted by: Roselyn Lee <rosel verniernetworks com>
|
148146 |
19-Jul-2005 |
emax |
Ignore AVM BlueFRITZ! USB Bluetooth Adapter v1.0 (product ID 0x2200). It does not work with ng_ubt(4) and require special driver and firmware.
Obtained from: Marcel Holtmann < marcel at holtmann dot org > Submitted by: Rainer Goellner < rainer at jabbe dot de > MFC after: 3 days
|
148124 |
18-Jul-2005 |
emax |
Add support for AVM BlueFRITZ! USB Bluetooth Adapter v2.0. It appears that there are at least two versions of the adapter. Version 1 (product ID 0x2200) of the adapter does not work with ng_ubt(4) and require special driver and firmware. Version 2 (product ID 0x3800) seems to work just fine, except it does not have bDeviceClass, bDeviceSubClass and bDeviceProtocol set to required (by specification) values. This change forces ng_ubt(4) to attach to the version 2 adapter.
Obtained from: Marcel Holtmann <marcel at holtmann dot org> Submitted by: Rainer Goellner <rainer at jabbe dot de>
|
148091 |
17-Jul-2005 |
glebius |
Check that we have first fragment before pulling up TCP/UDP header.
|
147778 |
05-Jul-2005 |
glebius |
Remove obsoleted sysctl interface for switching between standard and 3Com PPPoE modes. The interface was declared obsoleted before 5.3-RELEASE.
When running as access concentrator ng_pppoe(4) supports both modes simultanously. When running as client mode can be swicthed in ppp(8) configuration.
Approved by: re (scottl)
|
147774 |
05-Jul-2005 |
glebius |
In the splnet times, netgraph was functional and synchronous. Nowadays, an item may be queued and processed later. While this is OK for mbufs, this is a problem for control messages.
In the framework: - Add optional callback function pointer to an item. When item gets applied the callback is executed from ng_apply_item(). - Add new flag NG_PROGRESS. If this flag is supplied, then return EINPROGRESS instead of 0 in case if item failed to deliver synchronously and was queued. - Honor NG_PROGRESS in ng_snd_item().
In ng_socket: - When userland sends control message add callback to the item. - If ng_snd_item() returns EINPROGRESS, then sleep.
This change fixes possible races in ngctl(8) scripts.
Reviewed by: julian Approved by: re (scottl)
|
147625 |
27-Jun-2005 |
glebius |
- After LibAlias processing check for TCP packet with th_x2 field set. If found, then recalculate its checksum. - Remove debugging printfs. - Slightly rearrange code in ng_nat_rcvdata().
Approved by: re (scottl)
|
147611 |
26-Jun-2005 |
dwmalone |
Fix some long standing bugs in writing to the BPF device attached to a DLT_NULL interface. In particular:
1) Consistently use type u_int32_t for the header of a DLT_NULL device - it continues to represent the address family as always. 2) In the DLT_NULL case get bpf_movein to store the u_int32_t in a sockaddr rather than in the mbuf, to be consistent with all the DLT types. 3) Consequently fix a bug in bpf_movein/bpfwrite which only permitted packets up to 4 bytes less than the MTU to be written. 4) Fix all DLT_NULL devices to have the code required to allow writing to their bpf devices. 5) Move the code to allow writing to if_lo from if_simloop to looutput, because it only applies to DLT_NULL devices but was being applied to other devices that use if_simloop possibly incorrectly.
PR: 82157 Submitted by: Matthew Luckie <mjl@luckie.org.nz> Approved by: re (scottl)
|
147580 |
24-Jun-2005 |
imp |
Eliminate unused argument in PCMCIA_CARD macro.
Provide a backwards compatible way to have the extra macro by defining PCCARD_API_LEVEL 5 before including pccarddevs for driver writers that want/need to have the same driver on 5 and 6 with pccard attachments.
Approved by: re (dwhite)
|
147256 |
10-Jun-2005 |
brooks |
Stop embedding struct ifnet at the top of driver softcs. Instead the struct ifnet or the layer 2 common structure it was embedded in have been replaced with a struct ifnet pointer to be filled by a call to the new function, if_alloc(). The layer 2 common structure is also allocated via if_alloc() based on the interface type. It is hung off the new struct ifnet member, if_l2com.
This change removes the size of these structures from the kernel ABI and will allow us to better manage them as interfaces come and go.
Other changes of note: - Struct arpcom is no longer referenced in normal interface code. Instead the Ethernet address is accessed via the IFP2ENADDR() macro. To enforce this ac_enaddr has been renamed to _ac_enaddr. - The second argument to ether_ifattach is now always the mac address from driver private storage rather than sometimes being ac_enaddr.
Reviewed by: sobomax, sam
|
147248 |
10-Jun-2005 |
glebius |
- Remove redundant parenthesis in M_CHECK macro. - Do not edit pullup_len outside M_CHECK macro. - Do not reimplement NG_FWD_NEW_DATA(). - Remove redundant check for item being not NULL.
Submitted by: ru
|
147231 |
10-Jun-2005 |
glebius |
Add ng_tcpmss node, which alters MSS options of TCP packets. Useful to hack MSS of packets outgoing via interface with small MTU, to workaround path MTU discovery problems.
Written by Alexey Popov, with some cleanups from me. There are also plans to improve mpd port, so that it uses this node, instead of doing MSS hacking in userland, when 'enable tcpmssfix' option is on.
Submitted by: Alexey Popov <lollypop@flexuser.ru>
|
147163 |
09-Jun-2005 |
ru |
Refer to the mbuf header length field via the official method.
|
147104 |
07-Jun-2005 |
glebius |
Update statistics only in case if delivery was successfull.
|
146919 |
03-Jun-2005 |
glebius |
MPPC node is not thread safe.
PR: kern/79990 Reported by: Arcadiy Ivanov Reported by: atckoe.zlo @ gmail.com MFC after: 1 week
|
146745 |
29-May-2005 |
glebius |
Fix check for leading zero, so that it does not block two zeroes in hook name.
|
146718 |
28-May-2005 |
bz |
Fix use of uninitialized variable len in ngd_send.
Note: len gets intialized to 0 for sap == NULL case only to make compiler on amd64 happy. This has nothing todo with the former uninitialized use of len in sap != NULL case.
Reviewed by: glebius Approved by: pjd (mentor)
|
146701 |
28-May-2005 |
emax |
Move AVM USB Bluetooth-Adapter BlueFritz! from "broken" devices list (where I incorrectly put it initially) to "ignored" devices list (where it should be). Pointy hat goes to me.
MFC after: 3 days
|
146545 |
23-May-2005 |
glebius |
Remove local error variable, which leads to hiding error from return value.
PR: kern/81371 Submitted by: Wojciech A. Koszek MFC after: 1 week
|
146544 |
23-May-2005 |
glebius |
Return EINVAL for incorrect hook names.
PR: kern/81349 Submitted by: Wojciech A. Koszek
|
146317 |
17-May-2005 |
glebius |
- Unwind NG_SEND_MSG_PATH() macro and merge it with already unwinded version under TRACE_MESSAGES. - Pass NG_WAITOK flag to ng_package_data() in unwinded macro.
|
146305 |
16-May-2005 |
glebius |
Use NG_QUEUE instead of constant.
|
146302 |
16-May-2005 |
glebius |
Refactor places where ng_package_data() failed.
Suggested & reviewed by: archie
|
146296 |
16-May-2005 |
glebius |
- Fix build with TRACE_MESSAGES on. - Reformat code under TRACE_MESSAGES to make it more readable. - Move linker hackery out of #ifdef. - Break long lines in linker hackery block.
|
146290 |
16-May-2005 |
glebius |
Close race between node being shutdown and socket being detached. To do this, obtain netgraph locking in detach method via ng_send_fn1().
Reviewed by: julian MFC after: 2 weeks
|
146285 |
16-May-2005 |
glebius |
Catch up with new ng_package_data().
|
146284 |
16-May-2005 |
glebius |
Catch up with new ng_package_data(). Use NG_WAITOK on userland path.
|
146283 |
16-May-2005 |
glebius |
- Catch up with new interface to ng_package_data(). - Handle errors from ng_package_data().
|
146282 |
16-May-2005 |
glebius |
Catch up with new ng_send_fn1() interface.
|
146281 |
16-May-2005 |
glebius |
- Extend interface of ng_getqblk(), so that malloc wait flags are specified by caller. - Change ng_send_item() interface - use 'flags' argument instead of boolean 'queue'. - Extend ng_send_fn(), ng_package_data() and ng_package_msg() interface - add possibility to pass flags. Rename ng_send_fn() to ng_send_fn1(). Create macro for ng_send_fn(). - Update all macros, that use ng_package_data() and ng_package_msg().
Reviewed by: julian
|
146259 |
16-May-2005 |
glebius |
Make NETGRAPH_DEBUG a kernel option, so that it can't be turned off without hacking source.
In collaboration with: ru, julian
|
146213 |
14-May-2005 |
glebius |
Move queue element routines upper, so that all related declarations are in one place, to improve readability. No functional changes.
|
146212 |
14-May-2005 |
glebius |
Use uma(9) for allocating netgraph items: - ng_getqblk() simply runs uma_zalloc(). - ng_free_item() simply frees. - ngq_mtx is pushed down under NETGRAPH_DEBUG. - NGQF_FREE is removed.
Increase default maxalloc to 512.
Reviewed by: julian
|
146181 |
13-May-2005 |
glebius |
When used as divert socket we need to decouple stack when node is entered from socket side. Use ng_queue_fn() instead of ng_send_fn().
|
146180 |
13-May-2005 |
glebius |
Since there is no way to queue a function call to node, create ng_queue_fn() - a queue version of ng_send_fn().
|
146139 |
12-May-2005 |
glebius |
- Gather statistics about failed mbuf+cluster+ng_item allocations. - Adjust comments and variables names in nfinfo.
|
146092 |
11-May-2005 |
glebius |
A new version of NetFlow node.
The most significant changes are: - Use UMA zone instead of own chunk of memory. - Lock each hash entry separately. - Expire items "actively" - interrupt method can expire flows from hash slot, when it searches through it. - Remove global tailqueue. Make callout thread search through every hash slot. - Export datagram is detached from private data and filled. If it is incomplete, it is attached back. Another thread will continue working with it.
Lesser, but also important speedups: - Flows in hash slot are stored in tailqueue. Whenever a flow is hit, it is moved to the begging, so it can be located quicker. - When callout thread works with hash slot it bails out if slot mutex is contested.
|
146084 |
11-May-2005 |
glebius |
Move assertion below initializer.
Submitted by: Noritoshi Demizu Pointy hat to: glebius
|
146067 |
10-May-2005 |
emax |
Mark AVM USB Bluetooth-Adapter BlueFritz! as "broken". This device is not supported by ng_ubt(4) driver and needs its own driver.
PR: kern/76205 Submitted by: Tim Hemel < bsd AT timit DOT nl > MFC after: 1 week
|
146063 |
10-May-2005 |
glebius |
- Assert that mbuf length equals packet length. - Tell libalias, that we have MCLBYTES to play with. - Obtain length of data in mbuf from updated IP header.
|
145937 |
05-May-2005 |
glebius |
ng_nat - a netgraph(4) node, which does NAT
|
145883 |
04-May-2005 |
emax |
Change m_uiotombuf so it will accept offset at which data should be copied to the mbuf. Offset cannot exceed MHLEN bytes. This is currently used to fix Ethernet header alignment problem on alpha and sparc64. Also change all users of m_uiotombuf to pass proper offset.
Reviewed by: jmg, sam Tested by: Sten Spans "sten AT blinkenlights DOT nl" MFC after: 1 week
|
145331 |
20-Apr-2005 |
glebius |
- Initialize interface as UP when hook is connected. - Call if_link_state_change() when netgraph flow control messages are received.
Sponsored by: Rambler
|
145330 |
20-Apr-2005 |
glebius |
When netgraph flow control message comes from downstream, broadcast it to all vlans.
Sponsored by: Rambler
|
145325 |
20-Apr-2005 |
glebius |
Remove extra ifnet pointer from private data. It can be accessed via arpcom.
|
145324 |
20-Apr-2005 |
glebius |
Add macro NG_COPYMESSAGE(), which allocates memory and creates a copy of given control message.
|
145229 |
18-Apr-2005 |
glebius |
Fix panics with misconfigured routing: - Backout previous revision, the check is useless. - Turn node to queue mode, since it is edge node.
Reported by: sem
|
145101 |
15-Apr-2005 |
glebius |
- Return error, if there was one. - No need to initialize error here.
PR: kern/79884 Submitted by: Wojciech A. Koszek
|
145015 |
13-Apr-2005 |
glebius |
NG_MKRESPONSE() macro includes sizeof struct ng_mesg when doing allocation.
PR: kern/79806 Submitted by: Wojciech A. Koszek
|
144901 |
11-Apr-2005 |
glebius |
Remove goto.
|
144781 |
08-Apr-2005 |
peter |
Change the embedded module name from "bluetooth" to "ng_bluetooth" to match the rest of the names assigned to this object.
|
144724 |
06-Apr-2005 |
emax |
Correct typo that could cause FIFO overflow.
PR: kern/78431 MFC after: 3 days
|
144723 |
06-Apr-2005 |
emax |
Remove PR_ATOMIC flag in ng_btsocket_protosw[] for BLUETOOTH_PROTO_RFCOMM protocol. RFCOMM is a SOCK_STREAM protocol not SOCK_SEQPACKET. This was a serious bug caused by cut-and-paste. I'm surprised it did not bite me before. Dunce hat goes to me.
MFC after: 3 days
|
144721 |
06-Apr-2005 |
emax |
In ng_btsocket_rfcomm_receive_frame() correctly set length variable when EA bit is set in hdr->length (16-bit length). This currently has no effect on the rest of the code. It just fixes the debug message.
MFC After: 3 weeks
|
144674 |
05-Apr-2005 |
glebius |
Major overhaul and cleanup of ng_source node.
Functional changes: - Cut struct source_hookinfo. Just use hook_p pointer. - Remove "start_now" command. "start" command now requires number of packets to send as argument. "start" command actually starts sending. Move the code that actually starts sending from ng_source_rcvmsg() to ng_source_start(). - Remove check for NG_SOURCE_ACTIVE in ng_source_stop(). We can be called with flag cleared (see begin of ng_source_intr()). - If NG_SEND_DATA_ONLY() use log(LOG_DEBUG) instead of printf(). Otherwise we will *flood* console. - Add ng_connect_t method, which sends NGM_ETHER_GET_IFNAME command to "output" hook. Cut ng_source_request_output_ifp(). Refactor ng_source_store_output_ifp() to use ifunit() and don't muck through interface list. - Add "setiface" command, which gives ability to configure interface in case when ng_source_connect() failed. This happens, when we are not connected directly to ng_ether(4) node. - Remove KASSERTs, which can never fire. - Don't check for M_PKTHDR in rcvdata method. netgraph(4) does this for us.
Style: - Assign sc_p = NG_NODE_PRIVATE(node) in declaration, to be consistent with style of other nodes. - Sort variables. - u_intXX -> uintXX. - Dots at ends of comments.
Sponsored by: Rambler
|
144566 |
03-Apr-2005 |
brooks |
Don't init ifp->if_addrhead, if_attach() does it for us.
|
143988 |
22-Mar-2005 |
glebius |
Add a possibility to bypass unmodified accounted data to special hook(s). Data received on these hook(s) is sent back to ifaceX hook(s).
|
143924 |
21-Mar-2005 |
glebius |
Refactor node so that it does not modify mbuf contents. Next step would be pass-thru mode, when traffic is not copied by ng_tee, but passed thru ng_netflow.
Changes made:
- In ng_netflow_rcvdata() do all necessary pulluping: Ethernet header, IP header, and TCP/UDP header. - Pass only pointer to struct ip to ng_netflow_flow_add(). Any TCP/UDP headers are guaranteed to by after it. - Merge make_flow_rec() function into ng_netflow_flow_add().
|
143923 |
21-Mar-2005 |
glebius |
Refactor node so that it does not modify mbuf contents. Next step would be pass-thru mode, when traffic is not copied by ng_tee, but passed thru ng_netflow.
Changes made:
- In ng_netflow_rcvdata() do all necessary pulluping: Ethernet header, IP header, and TCP/UDP header. - Pass only pointer to struct ip to ng_netflow_flow_add(). Any TCP/UDP headers are guaranteed to by after it. - Merge make_flow_rec() function into ng_netflow_flow_add().
|
143912 |
21-Mar-2005 |
glebius |
Plug item leak, which occured when m_pullup() failed.
|
143890 |
20-Mar-2005 |
glebius |
- Don't lose TCP flags of the first packet in a flow. - Don't account length of the first packet in a flow twice.
|
143607 |
14-Mar-2005 |
glebius |
Remove ng_connect_t where it is unused. Probably it remained from ng_source.c.
|
143604 |
14-Mar-2005 |
glebius |
Use subr_unit allocator instead of own functions.
|
143603 |
14-Mar-2005 |
glebius |
Use subr_unit allocator instead of own functions.
|
143593 |
14-Mar-2005 |
glebius |
o Use subr_unit allocator. This simplifies code much: - Remove get_free_unit(). - Remove SLIST of nodes. - Remove global mutex.
o Increase NGD_MAX to 999. o Move ngd_mod_event() up to netgraph methods.
|
143404 |
11-Mar-2005 |
glebius |
Fix getting stats from many links with index > 0.
Submitted by: Richard Kojedzinszky MFC after: 3 days
|
143387 |
10-Mar-2005 |
bmilekic |
Make some basic grammar and style fixes to ng_source.c and ng_source.h. The latter was particularly violated by someone's editor in the past, due to an effect I like to call "premature linewrapping."
|
143385 |
10-Mar-2005 |
glebius |
Plug item leak in macro NG_RESPOND_MSG. Item was leaked when destination node couldn't be addressed.
Submitted by: Roselyn Lee
|
143384 |
10-Mar-2005 |
glebius |
Plug item leak in case when NGI_FN is applied to invalid node.
Submitted by: Roselyn Lee MFC after: 3 days
|
143103 |
03-Mar-2005 |
glebius |
Cisco uses milliseconds for uptime. This is stupid. Nobody cares of such precision when IP packet may travel through internet for several seconds. Also uptime measured in milliseconds overflows every 48+ days. But we have to do same to keep compatibility with Cisco and flow-tools.
Make a macro MILLIUPTIME, which does overflowable multiplication to 1000.
Requested by: Sergey Ryabin, Oleg Bulyzhin MFC after: 1 week
|
142945 |
01-Mar-2005 |
ru |
Pull up to ETHER_HDR_LEN before passing an mbuf to ether_input(). The bug was found by running ng_dummy(4) node configured with a delay, in front of the ng_eiface(4) node.
|
142902 |
01-Mar-2005 |
glebius |
Replace NG_PARSE_APPEND() macro with ng_parse_append() function. Check its return value and free resources if function returns error. Plug several memory leaks with this change.
Submitted by: archie Found by: Coverity Prevent analysis tool
|
142542 |
26-Feb-2005 |
sam |
move ptr use down to after null check
Noticed by: Coverity Prevent analysis tool Reviewed by: emax
|
142190 |
21-Feb-2005 |
rwatson |
In the current world order, solisten() implements the state transition of a socket from a regular socket to a listening socket able to accept new connections. As part of this state transition, solisten() calls into the protocol to update protocol-layer state. There were several bugs in this implementation that could result in a race wherein a TCP SYN received in the interval between the protocol state transition and the shortly following socket layer transition would result in a panic in the TCP code, as the socket would be in the TCPS_LISTEN state, but the socket would not have the SO_ACCEPTCONN flag set.
This change does the following:
- Pushes the socket state transition from the socket layer solisten() to to socket "library" routines called from the protocol. This permits the socket routines to be called while holding the protocol mutexes, preventing a race exposing the incomplete socket state transition to TCP after the TCP state transition has completed. The check for a socket layer state transition is performed by solisten_proto_check(), and the actual transition is performed by solisten_proto().
- Holds the socket lock for the duration of the socket state test and set, and over the protocol layer state transition, which is now possible as the socket lock is acquired by the protocol layer, rather than vice versa. This prevents additional state related races in the socket layer.
This permits the dual transition of socket layer and protocol layer state to occur while holding locks for both layers, making the two changes atomic with respect to one another. Similar changes are likely require elsewhere in the socket/protocol code.
Reported by: Peter Holm <peter@holm.cc> Review and fixes from: emax, Antoine Brodin <antoine.brodin@laposte.net> Philosophical head nod: gnn
|
142092 |
19-Feb-2005 |
glebius |
Reimplement recursion protection, checking whether current thread holds sockbuf mutex.
Reviewed by: rwatson
|
141971 |
16-Feb-2005 |
glebius |
Remove a recursion protection, which we inherited from splnet() netgraph times. Now several threads may write data to ng_ksocket. Locking of socket is done in sosend().
Reviewed by: archie, julian, rwatson MFC after: 2 weeks
|
141914 |
14-Feb-2005 |
glebius |
Make WITNESS happier: - refactor ngd_constructor, so that make_dev() is called without any locks held, since it mallocs memory with M_WAITOK flag. - rename global mtx, to have name different to per-node mtx
MFC after: 2 weeks
|
141910 |
14-Feb-2005 |
glebius |
Add new netgraph control message NGM_ETHER_DETACH, which actually removes netgraph node and unwraps Ethernet interface.
This gives us ability to unload ng_ether.ko, when all interfaces are detached, making ng_ether(4) developers happy.
Reviewed by: ru
|
141811 |
13-Feb-2005 |
archie |
Bump cookie value to reflect change in NGM_IFACE_GET_IFNAME semantics.
|
141778 |
13-Feb-2005 |
ru |
Drop mythical module dependency on ng_ether.
|
141756 |
12-Feb-2005 |
glebius |
Restore previous cookie. Old programs will work with new node OK, new programs with old node wil receive EINVAL trying to access new messages.
Submitted by: ru
|
141755 |
12-Feb-2005 |
glebius |
- bzero sockaddr_dl - use constant instead of number
Suggested by: ru
|
141751 |
12-Feb-2005 |
ru |
Fix typo in a comment.
|
141745 |
12-Feb-2005 |
ru |
Fallout from the ALTQ import.
|
141743 |
12-Feb-2005 |
glebius |
Allocate enough space for new tag.
Pointy hat to: glebius
|
141728 |
12-Feb-2005 |
glebius |
When netgraph(4) was converted to use mbuf_tags(9) instead of meta-data a definite setup was broken: two ng_ksockets are connected to each other, connect()ed to different remote hosts, and bind()ed to different local interfaces. In this case one ng_ksocket is fooled with tag from the other one.
Put node id into tag. In rcvdata method utilize tag only if it has our own id inside or id equals zero. The latter case is added to support packets send by some third, not ng_ksocket node.
MFC after: 1 week
|
141721 |
12-Feb-2005 |
glebius |
Add two new netgraph messages NGM_ETHER_ADD_MULTI and NGM_ETHER_DEL_MULTI, to join and leave Ethernet multicast membership, respectively. Messages take MAC address as argument.
Sponsored by: Rinet ISP
|
141720 |
12-Feb-2005 |
ru |
Removed redundant MODULE_VERSION().
|
141719 |
12-Feb-2005 |
glebius |
Make netgraph ISR and callout MPSAFE.
Reviewed by: rwatson, ru
|
141706 |
11-Feb-2005 |
glebius |
style: fix indentation and spacing.
Submitted by: ru
|
141705 |
11-Feb-2005 |
glebius |
Do not trust ipfw: check m_len always, not only after m_dup.
Submitted by: ru
|
141704 |
11-Feb-2005 |
glebius |
- do m_pullup() after m_dup() - clean style in previous commit
Suggested by: ru
|
141702 |
11-Feb-2005 |
glebius |
pullup to sizeof struct ip before sending to ip_output.
Suggested by: ru
|
141699 |
11-Feb-2005 |
glebius |
Packets from ipfw come with IP header in host byte order. Netgraph works with net byte order. Change byte order to net in ng_ipfw_input(), change byte order to host before ip_output(), do not change before ip_input().
In collaboration with: ru
|
141635 |
10-Feb-2005 |
phk |
Make M_NETGRAPH_ETF static
|
141598 |
10-Feb-2005 |
archie |
Fix incorrect comment.
Submitted by: James Bowman <jamesb@acelere.net>
|
141574 |
09-Feb-2005 |
ru |
In revision 1.29 timeout() was converted to ng_callout().
The difference is that the callout function installed via the ng_callout() method is guaranteed to NOT fire after the shutdown method was run (when a node is marked NGF_INVALID). Also, the shutdown method and the callout function are guaranteed to NOT run at the same time, as both require the writer lock. Thus we can safely ignore a zero return value from ng_uncallout() (callout_stop()) in shutdown methods, and go on with freeing the node.
The said revision broke the node shutdown -- ng_bridge_timeout() is no longer fired after ng_bridge_shutdown() was run, resulting in a memory leak, dead nodes, and inability to unload the module. Fix this by cancelling the callout on shutdown, and moving part responsible for freeing a node resources from ng_bridge_timer() to ng_bridge_shutdown().
Noticed by: ru Submitted by: glebius, ru
|
141502 |
08-Feb-2005 |
ru |
bzero() -> M_ZERO.
|
141451 |
07-Feb-2005 |
glebius |
Improve parsing of hook name.
Submitted by: ru
|
141410 |
06-Feb-2005 |
glebius |
Whitespace.
|
141409 |
06-Feb-2005 |
glebius |
Remove comment which left after removal of ng_rcvdataq_t.
MFC after: 1 week
|
141375 |
05-Feb-2005 |
glebius |
Increase size of arglen to uint32_t, since uint16_t proved to be not enough (e.g. listing 911 nodes). Bump NG_VERSION.
Reviewed by: julian, archie, ru
|
141351 |
05-Feb-2005 |
glebius |
Add a ng_ipfw node, implementing a quick and simple interface between ipfw(4) and netgraph(4) facilities.
Reviewed by: andre, brooks, julian
|
141348 |
05-Feb-2005 |
glebius |
Expire aged flows in normal expiry thread. This fixes the problem, when a node disconnected from all sources of traffic never purges its cache.
|
141343 |
05-Feb-2005 |
glebius |
Break long lines in code and comments.
|
141341 |
05-Feb-2005 |
ru |
Create a per-module mutex on MOD_LOAD, and destroy it on MOD_UNLOAD. (This fixes witness_destroy() panic after module unload.)
OK'ed by: rwatson, julian
|
141308 |
04-Feb-2005 |
glebius |
Do check that version of a message from userland matches ours.
MFC after: 3 days
|
141286 |
04-Feb-2005 |
glebius |
- Fix build with TRACE_MESSAGES defined - Remove extra parenthesis
|
141197 |
03-Feb-2005 |
ru |
Parse "getifname" using the standard parse string type.
Fixed an off-by-one error when dealing with interface name (if_xname is NUL-terminated).
Don't waste time making a copy of if_xname in constructor.
|
141196 |
03-Feb-2005 |
ru |
Fixed an off-by-one error when dealing with interface name (if_xname is NUL-terminated).
Don't waste time making a copy of if_xname in attach().
|
141195 |
03-Feb-2005 |
ru |
Fixed an off-by-one error when dealing with interface name (if_xname is IFNAMSIZ-sized and NUL-terminated).
|
141193 |
03-Feb-2005 |
ru |
Added ASCII version of the NGM_EIFACE_GET_IFNAME message, "getifname".
|
141190 |
03-Feb-2005 |
ru |
Removed unused includes.
|
141142 |
02-Feb-2005 |
ru |
Fix the comment.
|
141140 |
02-Feb-2005 |
ru |
Whitespace and "const" changes to reduce diffs to RELENG_4. (Gives the same object when compiled without NETGRAPH_DEBUG.)
|
141112 |
01-Feb-2005 |
glebius |
In case of various tunneling protocols, mbuf may pass several interfaces before entering ng_netflow. In this case it will have not NULL m_pkthdr.rcvif. However, it will enter ng_iface soon with another index. So let in_ifIndex value configured by user override m_pkthdr.rcvif.
Reported by: Damir Bikmuhametov MFC after: 1 week
|
140852 |
26-Jan-2005 |
glebius |
Rename ng_callout_trapoline to ng_callout_trampoline.
Requested by: ru
|
140833 |
25-Jan-2005 |
glebius |
With recent changes to _callout_stop_safe() we can remove a hack in ng_uncallout().
|
140737 |
24-Jan-2005 |
glebius |
Fix an evil typo.
Submitted by: Roselyn Lee MFC after: 3 days
|
140511 |
20-Jan-2005 |
glebius |
Use log() instead of printf(), to reduce flood on console.
MFC after: 1 week
|
140365 |
16-Jan-2005 |
rik |
Ups, misprint, change and => add.
Submitted by: ru
|
140358 |
16-Jan-2005 |
rik |
Fix comment. Code 0x95 means locking shift to codeset 5 according to T1.617 AnnexD. Locking shift procedure is described in ANSI T1.607.
MFC after: 3 days
|
140357 |
16-Jan-2005 |
rik |
Fix variable name in comment num=>alen. (Lost part of commit rev 1.2)
MFC after: 3 days
|
140240 |
14-Jan-2005 |
glebius |
Raise & drop IFF_RUNNING upon receival of netgraph flow control messages.
|
140239 |
14-Jan-2005 |
glebius |
Consider IFF_UP as "administratively up" flag, and IFF_RUNNING as "operationally up" flag. Hence this, revert 1.35 to use IFF_RUNNING.
|
140164 |
13-Jan-2005 |
glebius |
Locking and cleanup of tty netgraph node. Tty stack is Giant-locked, so we need to acquire Giant in netgraph methods, so that we don't race with line discipline methods. Remove NET_NEEDS_GIANT.
- Packets coming into node from netgraph are queued in ifqueue attached to node private data. - Mutex in struct ifqueue is used to lock not only the queue, but the whole private data, and tp->t_lsc field. - tp->t_lsc pointer is used to indicate whether line discipline is attached to netgraph or not. - Use FLG_DIE flag to indicate that node may be destroyed. (This protection doesn't work, and it didn't before. Must be redesigned.) - Increment ngt_unit atomically, removing mutex. - Acquire Giant, when executing ngt_start() from netgraph context. - Acquire Giant, when {,de}registering line discipline. - Uncomment forcing queue mode on peers hook, since this is reasonable. - Force queue mode on our hook, to avoid acquiring Giant when coming from network stack. We may already hold some mutexes at this point.
Cleanups: - Use callout_pending() instead of our own flag. - Remove spl(9) calls. Now we can use return() instead of ERROUT().
style(9): - Sort includes. - Sparse initializer for struct linesw. - Remove some empty lines, sort declarations.
Reviewed by: julian, phk MFC after: 1 month
|
140068 |
11-Jan-2005 |
glebius |
Utilize callout_pending() macro
|
140066 |
11-Jan-2005 |
glebius |
- Use ng_callout() instead of timeout(9). - Remove spl(9) calls.
XXX: not tested
|
140065 |
11-Jan-2005 |
glebius |
- Use ng_callout() instead of home-grown implementation.
Submitted by: emax
|
140064 |
11-Jan-2005 |
glebius |
- Use ng_callout() instead of callout_reset(9). - Use callout_pending() instead of our own flags. - Remove home-grown protection of node, which has a scheduled callout(). - Remove spl(9) calls.
Tested by: bz
|
140027 |
11-Jan-2005 |
emax |
Make default RFCOMM session MTU match default L2CAP MTU.
This is just a workaround for a know problem with Motorola E1000 phone. Something is wrong with the configuration of L2CAP/RFCOMM channel. Even though we set L2CAP MTU to 132 bytes (default RFCOMM MTU 127 + 5 bytes RFCOMM frame header) and the phone accepts it, the phone still sends oversized L2CAP packets. It appears that the phone wants to use bigger (667 bytes) RFCOMM frames, but it does not segment them according to the configured L2CAP MTU. The 667 bytes RFCOMM frame size corresponds to the default L2CAP MTU of 672 bytes (667 + 5 bytes RFCOMM frame header).
This problem only appears if connection was initiated from the phone. I'm not sure who is at fault here, so for now just put workaround in place. Quick look at the spec did not reveal any anwser.
Tested by: Jes < jjess at freebsd dot polarhome dot com > MFC after: 3 days
|
139903 |
08-Jan-2005 |
glebius |
This change adds reliability for Ethernet trunks built with ng_one2many:
- Introduce another ng_ether(4) callback ng_ether_link_state_p, which is called from if_link_state_change(), every time link is changed. - In ng_ether_link_state() send netgraph control message notifying of link state change to a node connected to "lower" hook.
Reviewed by: sam MFC after: 2 weeks
|
139823 |
07-Jan-2005 |
imp |
/* -> /*- for license, minor formatting changes
|
139774 |
06-Jan-2005 |
emax |
Introduce new startup level SI_SUB_NETGRAPH that is after SI_SUB_INIT_IF but before SI_SUB_DRIVERS. Make Netgraph(4) framework initialize at SI_SUB_NETGRAPH level.
This does not address the bigger problem: MODULE_DEPEND does not seem to work when modules are compiled in the kernel, but it fixes the problem with Netgraph Bluetooth device drivers reported by a few folks.
PR: i386/69876 Reviewed by: julian, rik, scottl MFC after: 3 days
|
139688 |
04-Jan-2005 |
rik |
Kill a half dead comment. It's first half was killed in rev 1.12.
MFC after: 3 days
|
139686 |
04-Jan-2005 |
emax |
Rename 'class' field to 'uclass' in the ng_hci_inquiry_response structure. class is a reserved word in C++
Submitted by: Markus Brueffer < markus AT brueffer DOT de > MFC after: 3 days
|
139433 |
30-Dec-2004 |
glebius |
Remove a check that never returns true, because in this case we have panic before the check.
|
139374 |
28-Dec-2004 |
glebius |
- Plug a memory leak in ng_netflow_cache_init(). - Initialize error to 0 in ng_netflow_flow_add() (a nop change). - Update cache statistics holding workqueue mutex.
MFC after: 3 days
|
139331 |
26-Dec-2004 |
rik |
tsleep => msleep read sys/kern/kern_synch.c, msleep ():
KASSERT(timo != 0 || mtx_owned(&Giant) || mtx != NULL, ("sleeping without a mutex"));
MFC after: 3 days
|
139249 |
23-Dec-2004 |
rik |
Fix creation on "dlciX" hook in ng_sample.
Approved by: julian MFC after: 3 days
|
139238 |
23-Dec-2004 |
rik |
Fix counting length of leadin for hook name (sizeof () => strlen ()).
Approved by: julian MFC after: 3 days
|
139236 |
23-Dec-2004 |
glebius |
Move systm.h up, since it is required by mbuf.h.
Requested by: ru
|
139235 |
23-Dec-2004 |
glebius |
- sort includes - remove duplicate include sys/sysctl.h
|
139039 |
19-Dec-2004 |
glebius |
Assert queue mutex in ng_dequeue() and ng_queue_rw().
|
138834 |
14-Dec-2004 |
glebius |
- Use ng_callout() instead of timeout. - Schedule next timeout *after* finishing job of the current one. - Remove spl(9) calls.
Tested by: ru Reviewed by: julian
|
138618 |
09-Dec-2004 |
glebius |
Use ng_callout() and ng_uncallout() instead of home-grown implementation.
Tested by: Savchuk Taras Reviewed by: archie Approved by: julian (mentor)
|
138562 |
08-Dec-2004 |
glebius |
- Use ng_callout() instead of timeout() - remove spl(9) calls
Tested by: Ilya Pizik Approved by: julian (mentor)
|
138479 |
06-Dec-2004 |
glebius |
- Use ng_callout() instead of timeout(9). - Do not put/remove node references, since this no longer needed. - Remove timerActive flag, use callout flags. - Schedule next callout after doing current one.
Reviewed by: archie Approved by: julian (mentor)
|
138420 |
05-Dec-2004 |
glebius |
Use ng_callout() instead of timeout(9).
Approved by: julian (mentor)
|
138392 |
05-Dec-2004 |
glebius |
- Use uint16_t to pass argument for NGM_NETFLOW_IFINFO, bump cookie. - Always check that index number passed from userland is <= NG_NETFLOW_MAXIFACES. [1] - Increase NG_NETFLOW_MAXIFACES up to 512. [2]
Noticed by: Roman Palagin [1] Requested by: Yuri Y. Bushmelev [2] MFC after: 1 week
|
138268 |
01-Dec-2004 |
glebius |
Mechanically rename s/ng_timeout/ng_callout/g, s/ng_untimeout/ng_uncallout/g. This is done to keep both versions in RELENG_5 and support both APIs.
Reviewed by: scottl Approved by: julian (mentor), implicitly
|
138238 |
30-Nov-2004 |
mlaier |
Move ng_socket and ng_btsocket initialization to SI_SUB_PROTO_DOMAIN as they call net_add_domain(). Calling this function too early (or late) breaks assertations about the global domains list. Actually it should be forbidden to call net_add_domain() outside of SI_SUB_PROTO_DOMAIN completely as there are many places where we traverse the domains list unprotected, but for now we allow late calls (mostly to support netgraph). In order to really fix this we have to lock the domains list in all places or find another way to ensure that we can safely walk the list while another thread might be adding a new domain.
Spotted by: se Reviewed by: julian, glebius PR: kern/73321 (partly)
|
138138 |
27-Nov-2004 |
archie |
Disable protocol field compression on the inner PPP frame when also doing normal PPP compression, as a workaround for certain (arguably) broken Linux PPP implementations that can't handle this particular case.
MFC after: 1 week
|
138011 |
23-Nov-2004 |
glebius |
Netgraph flow control: change interface status when node receive LINK_IS_UP/LINK_IS_DOWN messages.
Approved by: julian (mentor), implicitly MFC after: 1 week
|
138010 |
23-Nov-2004 |
glebius |
Introduce new failure detection algorithm, called NG_ONE2MANY_FAIL_NOTIFY. It means, that node listens to flow control messages from downstreams and removes link from list of active links whenever a LINK_IS_DOWN message is received. If LINK_IS_UP message is received, then links is put back into list of active links.
Approved by: julian (mentor), implicitly MFC after: 1 week
|
138009 |
23-Nov-2004 |
glebius |
o Use ng_timeout() instead of timeout(9).
o Implement some netgraph flow control: - Whenever status of HDLC heartbeat from pear is timed out, send NGM_LINK_IS_DOWN message. - If HDLC link changes status from down to up, send NGM_LINK_IS_UP message.
Approved by: julian (mentor), implicitly MFC after: 1 week
|
137899 |
19-Nov-2004 |
glebius |
Remove unused macro.
Approved by: julian (mentor)
|
137897 |
19-Nov-2004 |
glebius |
Cancel pending timeout before scheduling a new one. This fixes item leak, I've introduced with previous change.
Approved by: julian (mentor)
|
137896 |
19-Nov-2004 |
emax |
Correct typo. Return ENXIO instead of EIO.
|
137525 |
10-Nov-2004 |
glebius |
Add myself to copyright.
Approved by: marks
|
137386 |
08-Nov-2004 |
phk |
Initialize struct pr_userreqs in new/sparse style and fill in common default elements in net_init_domain().
This makes it possible to grep these structures and see any bogosities.
|
137230 |
04-Nov-2004 |
glebius |
Partically backout previous commit. Since _callout_stop_safe() clears out c->c_func, we can't take it after callout_stop(). To take it before we need to acquire callout_lock, to avoid race. This commit narrows down area where lock is held, but hack is still present.
This should be redesigned.
Approved by: julian (mentor)
|
137199 |
04-Nov-2004 |
harti |
Adapt to the new ng_timeout/ng_untimeout arguments. These now use the callout instead of the timeout interface.
Submitted by: glebius
|
137163 |
03-Nov-2004 |
emax |
Fix kernel build (caused by recent ng_{un}timeout API change)
Submitted by: glebius
|
137138 |
02-Nov-2004 |
glebius |
- Make ng_timeout() to use callout() interface instead of timeout(). - Remove callout-hacking from ng_untimeout().
Approved by: julian (mentor) MFC after: 1 month
|
137136 |
02-Nov-2004 |
glebius |
Fix a harmless error in order of ng_timeout() arguments.
Approved by: julian (mentor)
|
137133 |
02-Nov-2004 |
emax |
Fix broken ng_h4(4). Basically, do not abuse t_sc field and use new t_lsc field created for line disciplne drivers private use. Also add NET_NEEDS_GIANT warning. For whatever reason ng_tty(4) was fixed but ng_h4(4) was not :(
|
137115 |
01-Nov-2004 |
glebius |
Removed bogus comment.
|
137114 |
01-Nov-2004 |
glebius |
o style changes: - tabs after defines - tabs instead of many spaces - sort local variables by size
o remove spl(9) calls
Approved by: julian (mentor)
|
137100 |
31-Oct-2004 |
glebius |
Since last change moved ';' from macro to code, we need to embrace macros with 'do {} while (0)' to avoid error in case macro is not defined.
Prodded by: julian, archie Pointy hat to: glebius
|
137022 |
28-Oct-2004 |
glebius |
Rename debug macro to DBG and indent it properly.
Requested by: maxim Approved by: julian (mentor)
|
136682 |
18-Oct-2004 |
rwatson |
Push acquisition of the accept mutex out of sofree() into the caller (sorele()/sotryfree()):
- This permits the caller to acquire the accept mutex before the socket mutex, avoiding sofree() having to drop the socket mutex and re-order, which could lead to races permitting more than one thread to enter sofree() after a socket is ready to be free'd.
- This also covers clearing of the so_pcb weak socket reference from the protocol to the socket, preventing races in clearing and evaluation of the reference such that sofree() might be called more than once on the same socket.
This appears to close a race I was able to easily trigger by repeatedly opening and resetting TCP connections to a host, in which the tcp_close() code called as a result of the RST raced with the close() of the accepted socket in the user process resulting in simultaneous attempts to de-allocate the same socket. The new locking increases the overhead for operations that may potentially free the socket, so we will want to revise the synchronization strategy here as we normalize the reference counting model for sockets. The use of the accept mutex in freeing of sockets that are not listen sockets is primarily motivated by the potential need to remove the socket from the incomplete connection queue on its parent (listen) socket, so cleaning up the reference model here may allow us to substantially weaken the synchronization requirements.
RELENG_5_3 candidate.
MFC after: 3 days Reviewed by: dwhite Discussed with: gnn, dwhite, green Reported by: Marc UBM Bocklet <ubm at u-boot-man dot de> Reported by: Vlad <marchenko at gmail dot com>
|
136673 |
18-Oct-2004 |
glebius |
Major overhaul.
List of functional changes: - Make a single device per single node with a single hook. This gives us parrallelizm, which can't be achieved on a single node with many devices/hooks. This also gives us flexibility - we can play with a particular device node, not affecting others. - Remove read queue as it is. Use struct ifqueue instead. This change removes a lot of extra memcpy()ing, m_devget()ting and m_copymem()ming. In ng_device_receivedata() we enqueue an mbuf and wake readers. In ngdread() we take one mbuf from qeueue and uiomove() it to userspace. If no mbuf is present we optionally block. [1] - In ngdwrite() we create an mbuf from uio using m_uiotombuf(). This is faster then uiomove() into buffer, and then m_copydata(), and this is much better than huge m_pullup(). - Perform locking of device - Perform locking of connection list. - Clear out _rcvmsg method, since it does nothing good yet. - Implement NGM_DEVICE_GET_DEVNAME message. - #if 0 ioctl method, while nothing is done here yet. - Return immediately from ngdwrite() if uio_resid == 0.
List of tidyness changes: - Introduce device2priv(), to remove cut'n'paste. - Use MALLOC/FREE, instead of malloc/free. - Use unit2minor(). - Use UID_ROOT/GID_WHEEL instead of 0/0. - Define NGD_DEVICE_DEVNAME, use it. - Use more nice macros for debugging. [2] - Return Exxx, not -1.
style(9) changes: - No "#endif" after short block. - Break long lines. - Remove extra spaces, add needed spaces.
[1] Obtained from: if_tun.c [2] Obtained from: ng_pppoe.c Reviewed by: marks Approved by: julian (mentor) MFC after: 1 month
|
136460 |
12-Oct-2004 |
emax |
Get rid of device nodes interface. It is useless and confusing. The original idea was to use it for firmware upgrading and similar operations. In real life almost all Bluetooth USB devices do not need firmware download. If device does require firmware download then ugen(4) (or specialized driver like ubtbcmfw(8)) should be used instead.
MFC after: 3 days
|
136428 |
12-Oct-2004 |
glebius |
Fix packet flow when both ng_ether(4) and bridge(4) are in use:
- push all bridge logic from if_ethersubr.c into bridge.c make bridge_in() return mbuf pointer (or NULL). - call only bridge_in() from ether_input(), after ng_ether_input() was optinally called. - call bridge_in() from ng_ether_rcv_upper().
Long description: http://lists.freebsd.org/mailman/htdig/freebsd-net/2004-May/003881.html Reported by: Jian-Wei Wang <jwwang at FreeBSD.csie.NCTU.edu.tw> Tested by: myself, Sergey Lyubka Reviewed by: sam Approved by: julian (mentor) MFC after: 2 months
|
136312 |
09-Oct-2004 |
des |
Return 0, not NULL, from a function declared as returning int.
|
135406 |
17-Sep-2004 |
phk |
Fix an issue with ng_tty which (ab)used the tty->t_sc field which is reserved for the device drivers:
Add a t_lsc field for line discipline private use.
|
135400 |
17-Sep-2004 |
glebius |
- Remove advertising clause from copyright [1] - Change my email to glebius@FreeBSD.org
Requested by: ru [1]
|
135332 |
16-Sep-2004 |
glebius |
A netgraph node implementing Netflow version 5.
Supported by: Bestcom ISP, Rinet ISP Approved by: julian (mentor)
|
135075 |
11-Sep-2004 |
glebius |
Remove orphaned comment about Meta data.
|
134865 |
06-Sep-2004 |
glebius |
Increase PPTP_MAX_TIMEOUT up to 3 seconds. 10 prooved too much for high packet loss links, and 1 second appeared to be too small for high latency links.
If we will receive more complaints, we should make this parameter configurable.
PR: kern/69536 Approved by: archie, julian (mentor) MFC after: 3 days
|
134651 |
02-Sep-2004 |
rwatson |
In FreeBSD 5.x, curthread is always defined, so we don't need to to test and optionally use &thread0 if it's NULL.
Spotted by: julian
|
134521 |
30-Aug-2004 |
rwatson |
Acquire Giant arounds calls into the linker from Netgraph sockets. We now no longer hold Giant in send(), so it isn't inheritted by the linker, which calls into VFS.
Reported by: glebius Discussed with: glebius, bz
|
134445 |
28-Aug-2004 |
rwatson |
Mark Netgraph TTY, KAME IPSEC, and IPX/SPX as requiring Giant for correct operation using NET_NEEDS_GIANT(). This will result in a boot-time restoration of Giant-enabled network operation, or run-time warning on dynamic load (applicable only to the Netgraph component). Additional components will likely need to be marked with this in the future.
|
134391 |
27-Aug-2004 |
andre |
Apply error and success logic consistently to the function netisr_queue() and its users.
netisr_queue() now returns (0) on success and ERRNO on failure. At the moment ENXIO (netisr queue not functional) and ENOBUFS (netisr queue full) are supported.
Previously it would return (1) on success but the return value of IF_HANDOFF() was interpreted wrongly and (0) was actually returned on success. Due to this schednetisr() was never called to kick the scheduling of the isr. However this was masked by other normal packets coming through netisr_dispatch() causing the dequeueing of waiting packets.
PR: kern/70988 Found by: MOROHOSHI Akihiko <moro@remus.dti.ne.jp> MFC after: 3 days
|
134057 |
20-Aug-2004 |
julian |
Align netgraph message fields ready for 64-bit (and 128 bit :-) machines. requires a recompile of netgraph users. Also change the size of a field in the bluetooth code that was waiting for the next change that needed recompiles so it could piggyback its way in.
Submitted by: jdp, maksim MFC after: 2 days
|
133920 |
17-Aug-2004 |
andre |
Convert ipfw to use PFIL_HOOKS. This is change is transparent to userland and preserves the ipfw ABI. The ipfw core packet inspection and filtering functions have not been changed, only how ipfw is invoked is different.
However there are many changes how ipfw is and its add-on's are handled:
In general ipfw is now called through the PFIL_HOOKS and most associated magic, that was in ip_input() or ip_output() previously, is now done in ipfw_check_[in|out]() in the ipfw PFIL handler.
IPDIVERT is entirely handled within the ipfw PFIL handlers. A packet to be diverted is checked if it is fragmented, if yes, ip_reass() gets in for reassembly. If not, or all fragments arrived and the packet is complete, divert_packet is called directly. For 'tee' no reassembly attempt is made and a copy of the packet is sent to the divert socket unmodified. The original packet continues its way through ip_input/output().
ipfw 'forward' is done via m_tag's. The ipfw PFIL handlers tag the packet with the new destination sockaddr_in. A check if the new destination is a local IP address is made and the m_flags are set appropriately. ip_input() and ip_output() have some more work to do here. For ip_input() the m_flags are checked and a packet for us is directly sent to the 'ours' section for further processing. Destination changes on the input path are only tagged and the 'srcrt' flag to ip_forward() is set to disable destination checks and ICMP replies at this stage. The tag is going to be handled on output. ip_output() again checks for m_flags and the 'ours' tag. If found, the packet will be dropped back to the IP netisr where it is going to be picked up by ip_input() again and the directly sent to the 'ours' section. When only the destination changes, the route's 'dst' is overwritten with the new destination from the forward m_tag. Then it jumps back at the route lookup again and skips the firewall check because it has been marked with M_SKIP_FIREWALL. ipfw 'forward' has to be compiled into the kernel with 'option IPFIREWALL_FORWARD' to enable it.
DUMMYNET is entirely handled within the ipfw PFIL handlers. A packet for a dummynet pipe or queue is directly sent to dummynet_io(). Dummynet will then inject it back into ip_input/ip_output() after it has served its time. Dummynet packets are tagged and will continue from the next rule when they hit the ipfw PFIL handlers again after re-injection.
BRIDGING and IPFW_ETHER are not changed yet and use ipfw_chk() directly as they did before. Later this will be changed to dedicated ETHER PFIL_HOOKS.
More detailed changes to the code:
conf/files Add netinet/ip_fw_pfil.c.
conf/options Add IPFIREWALL_FORWARD option.
modules/ipfw/Makefile Add ip_fw_pfil.c.
net/bridge.c Disable PFIL_HOOKS if ipfw for bridging is active. Bridging ipfw is still directly invoked to handle layer2 headers and packets would get a double ipfw when run through PFIL_HOOKS as well.
netinet/ip_divert.c Removed divert_clone() function. It is no longer used.
netinet/ip_dummynet.[ch] Neither the route 'ro' nor the destination 'dst' need to be stored while in dummynet transit. Structure members and associated macros are removed.
netinet/ip_fastfwd.c Removed all direct ipfw handling code and replace it with the new 'ipfw forward' handling code.
netinet/ip_fw.h Removed 'ro' and 'dst' from struct ip_fw_args.
netinet/ip_fw2.c (Re)moved some global variables and the module handling.
netinet/ip_fw_pfil.c New file containing the ipfw PFIL handlers and module initialization.
netinet/ip_input.c Removed all direct ipfw handling code and replace it with the new 'ipfw forward' handling code. ip_forward() does not longer require the 'next_hop' struct sockaddr_in argument. Disable early checks if 'srcrt' is set.
netinet/ip_output.c Removed all direct ipfw handling code and replace it with the new 'ipfw forward' handling code.
netinet/ip_var.h Add ip_reass() as general function. (Used from ipfw PFIL handlers for IPDIVERT.)
netinet/raw_ip.c Directly check if ipfw and dummynet control pointers are active.
netinet/tcp_input.c Rework the 'ipfw forward' to local code to work with the new way of forward tags.
netinet/tcp_sack.c Remove include 'opt_ipfw.h' which is not needed here.
sys/mbuf.h Remove m_claim_next() macro which was exclusively for ipfw 'forward' and is no longer needed.
Approved by: re (scottl)
|
133578 |
12-Aug-2004 |
harti |
This is the netgraph node framework for the user side call control node for ATM. This node implements the API to the signalling services.
|
133415 |
10-Aug-2004 |
emax |
Introduce ng_hci_inquiry_response structure and use it in the hccontrol(8)
|
133060 |
03-Aug-2004 |
bz |
Implement minimalistic L2TP sessions statistics and correct man page for L2TP tunnel statistics (which do not take an argument sessionID).
Reviewed by: archie Approved by: pjd (mentor)
|
133058 |
03-Aug-2004 |
bz |
add a new control message to set sequence numbers on an uninitialized node.
Reviewed by: archie Approved by: pjd (mentor)
|
133056 |
03-Aug-2004 |
bz |
Correct L2TP header offset handling: - according to RFC2661 an offset size of 0 is allowed. - when skipping offset padding do not forget to also skip the 2 octets of the offset size field.
Reviewed by: archie Approved by: pjd (mentor)
|
133055 |
03-Aug-2004 |
bz |
Do not change link[n].conf.latency for internal usage but have link[n].latency calculated from user supplied value. This prevents repeated NGM_PPP_SET_CONFIG/NGM_PPP_GET_CONFIG from failing because of link[n].conf.latency being out of range.
Reviewed by: archie Approved by: pjd (mentor)
|
132975 |
01-Aug-2004 |
glebius |
Another stupid error from my side. PPPOE_NONSTANDARD was first defined in enum {}, and then redefined with #define. No warnings from compiler, though.
Submitted by: bz Pointy hat to: glebius
|
132939 |
31-Jul-2004 |
glebius |
Fix a stupid error in my previous commit, which broke operation of many nodes.
Pointy hat to: glebius
|
132828 |
29-Jul-2004 |
glebius |
Address node in a less complex way.
Approved by: julian (mentor)
|
132780 |
28-Jul-2004 |
kan |
Avoid casts as lvalues.
|
132705 |
27-Jul-2004 |
glebius |
When making a peer of unknown type framework tries to load module using linker_load_module(). This works OK if NGM_MKPEER message came from userland and we have process associated with thread. But when NGM_MKPEER was queued because target node was busy, linker_load_module() is called from netisr thread leading to panic. To workaround that we do not load modules by framework, instead ng_socket loads module (if this is required) before sending NGM_MKPEER. However, the race condition between return from NgSendMsg() and actual creation of node still exist and needs to be solved.
PR: kern/62789 Approved by: julian
|
132703 |
27-Jul-2004 |
glebius |
When node is server serve both standard RFC2516 and non-standard 3Com clients simultaneously. When node is client its mode is configured with a control message.
sysctl net.graph.nonstandard_pppoe is deprecated but kept for backward compatibility for some time.
Approved by: julian
|
132464 |
20-Jul-2004 |
julian |
Slight cosmetic changes. Also introduce a macro to be called by persistent nodes to signal their persistence during shutdown to hide this mechanism from the node author.
Make node flags have a consistent style in naming.
Document the change.
|
132448 |
20-Jul-2004 |
glebius |
In ng_device_newhook(): - Return meaningful return errorcodes. - Free previously allocated connection in error cases.
In ng_device_rcvdata(): - Return meaningful return errorcodes. - Detach mbuf from netgraph item, and free the item before doing any other actions that may return from method. - Do not call strange malloc() for buffer. [1] - In case of any error jump to end, where mbuf is freed.
In ng_device_disconnect(): - Return meaningful return errorcodes. - Free disconnected connection.
style(9) in mentioned above functions: - Remove '/* NGD_DEBUG */', when only one line is ifdef'ed. - Remove extra braces to easier reading. - Add space after comma in function calls.
PR: kern/41881 (part) Reviewed by: marks Approved by: julian (mentor)
|
132446 |
20-Jul-2004 |
glebius |
1. Make ng_device.h system include. This fixes module build. 2. Sort includes, while here. 3. s/NULL/0/ in NG_SEND_MSG_HOOK(), since ng_ID_t is integer.
PR: kern/41881 (part) Reviewed by: marks Approved by: julian (mentor)
|
132369 |
18-Jul-2004 |
julian |
Reverse a lock/unlock pair that were the wrong way around in some code that is obviously not run a lot. (but is in some test cases). This code is not usually run because it covers a case that doesn't happen a lot (removing a node that has data traversing it).
|
132229 |
16-Jul-2004 |
glebius |
Use qsort_r() instead of qsort() when sorting links by latency This helps us to remove a global variable and a mutex protecting it.
Reviewed by: rwatson Approved by: julian (mentor)
|
132199 |
15-Jul-2004 |
phk |
Do a pass over all modules in the kernel and make them return EOPNOTSUPP for unknown events.
A number of modules return EINVAL in this instance, and I have left those alone for now and instead taught MOD_QUIESCE to accept this as "didn't do anything".
|
132164 |
14-Jul-2004 |
rwatson |
Add a note indicating that the eh_prototype field used to construct ethernet headers is unsynchronized.
|
132163 |
14-Jul-2004 |
rwatson |
Add a mutex ng_tty_mtx to protect the global variable ngt_unit. Note that the locking of globals here isn't complete, and there's also a locking issue relating to calling into and out of the tty code.
|
132162 |
14-Jul-2004 |
rwatson |
Add ng_ppp_latencies_mtx, a global mutex to protect the latency list. Note that the table is a hack, and so is this mutex.
Reviewed by: glebius
|
132161 |
14-Jul-2004 |
rwatson |
Introduce a new mutex, ng_fec_mtx, to protect the global unit list to synchronization allocation of FEC unit numbers.
Reviewed by: glebius
|
132160 |
14-Jul-2004 |
rwatson |
Introduce a new mutex, ng_eiface_mtx, to protect the global unit list lock used to synchronize allocation of unit numbers for new netgraph ethernet interfaces.
Reviewed by: glebius
|
132159 |
14-Jul-2004 |
rwatson |
Introduce a new mutex, ng_iface_mtx, to protect the global unit list lock used to synchronize allocation of unit numbers for new netgraph interfaces.
Reviewed by: glebius Tested by: glebius
|
132013 |
12-Jul-2004 |
rwatson |
Introduce a global mtx 'ngsocketlist_mtx' to protect the global ng_socket list during insert/delete.
|
132010 |
12-Jul-2004 |
rwatson |
Mark 'makeup' in ng_frame_relay as const, as its values are immutable.
|
131933 |
10-Jul-2004 |
marcel |
Update for the KDB framework: o Call kdb_enter() instead of Debugger(). o Change comments accordingly.
|
131575 |
04-Jul-2004 |
stefanf |
Consistently use __inline instead of __inline__ as the former is an empty macro in <sys/cdefs.h> for compilers without support for inline.
|
131374 |
30-Jun-2004 |
julian |
Remove the home-grown metadata facility in favour of the now generic mbuf tags facility. Netgraph modules will all need a recompile.
Submitted by: Gleb Smirnoff <glebius@cell.sick.ru>
|
131271 |
29-Jun-2004 |
marks |
Remove 3rd clause from the licence.
Approved by: njl
|
131199 |
27-Jun-2004 |
imp |
MFp4: Last references to dev/usb/usbdevs.h converted.
|
131155 |
26-Jun-2004 |
julian |
Having moved metadata usage to mbuf tags, remove code that supports the old way of doing it.
Submitted by: Gleb Smirnoff <glebius@cell.sick.ru>
|
131144 |
26-Jun-2004 |
le |
Catch up with usbd_get_string_desc() change.
Spotted by: Tai-hwa Liang <avatar@mmlab.cse.yzu.edu.tw>
|
131130 |
26-Jun-2004 |
phk |
Fix line discipline switching issues: If opening a new ldisc fails, we have to revert to TTYDISC which we know will successfully open rather than try the previous ldisc which might also fail to open.
Do not let ldisc implementations muck about with ->t_line, and remove code which checks for reopens, it should never happen.
Move ldisc->l_hotchar to tty->t_hotchar and have ldisc implementation initialize it in their open routines. Reset to zero when we enter TTYDISC. ("no" should really be -1 since zero could be a valid hotchar for certain old european mainframe protocols.)
|
131123 |
26-Jun-2004 |
julian |
Not quite sure how that one got past me..
|
131118 |
25-Jun-2004 |
emax |
Add '#include <sys/mbuf.h>' to fix the kernel build.
|
131117 |
25-Jun-2004 |
julian |
oops from Gleb.. This shouldn't be visible from userland.
Submitted by: Gleb Smirnoff <glebius@cell.sick.ru>
|
131112 |
25-Jun-2004 |
julian |
Make the frameworkl responsible for not passing the nodes a NULL mbuf pointer. this allows the nodes to not test for this..
Submitted by: Gleb Smirnoff <glebius@cell.sick.ru>
|
131108 |
25-Jun-2004 |
julian |
Convert Netgraph to use mbuf tags to pass its meta information around. Thanks to Sam for importing tags in a way that allowed this to be done.
Submitted by: Gleb Smirnoff <glebius@cell.sick.ru> Also allow the sr and ar drivers to create netgraph versions of their modules. Document the change to the ksocket node.
|
131008 |
24-Jun-2004 |
rwatson |
Clean up use of ng_hdhasb_mtx a little:
- Assert the mutex in NG_IDHASH_FIND() since the mutex is required to safely walk the node lists in the ng_ID_hash table.
- Acquire the ng_nodelist_mtx when walking ng_allnodes or ng_allhooks to generate state dump output from the netgraph sysctls.
|
130956 |
23-Jun-2004 |
archie |
Avoid calling bpf_filter() with len == 0, which causes a change in semantics (it treats the buffer pointer as an mbuf pointer) and subsequent panic.
MFC after: 3 days Reported by: Tony Hariman <tony@cbn.net.id>
|
130931 |
22-Jun-2004 |
green |
Fix a problem with multiple-delivery (i.e. broadcast) in ng_bridge. Only the first link0..link$NLINKS hooks would be utilized, whereas the link hooks may be connected sparsely.
Add a counter variable so that the link hook array is only traversed while there is still work to do, but that it continues up to the end if it has to.
|
130815 |
20-Jun-2004 |
wpaul |
Remove one more unneeded reference to arpcom.ac_netgraph.
Tweak things so that ng_fec has a chance of working with things other than ethernet. Use ifp->if_output of the underlying interfaces and use IF_HANDOFF() rather than depending on ether_output() and ether_output_frame() explicitly. Also, don't insist that underlying devices be IFM_ETHER when checking their link states in the link monitor code.
With these changes, I was able to create a two channel bundle consisting of one ethernet interface and one 802.11 wireless device (via ndis). Note that this only works because both devices use the same if_output vector: ng_fec will not let you bundle devices with different output vectors together (it really doesn't make sense to do that).
|
130808 |
20-Jun-2004 |
wpaul |
Stash our node context pointer somewhere else within struct ifnet of underlying interfaces rather than using ac_netgraph in struct arpcom. The latter is meant only for use by ng_ether, and using it breaks interoperability with the rest of netgraph.
|
130670 |
18-Jun-2004 |
rwatson |
Correct merge-o: make sure to unlock symmetrically socket buffer locks on bluetooth sockets when clearing upcall flags.
Submitted by: emax
|
130653 |
17-Jun-2004 |
rwatson |
Merge additional socket buffer locking from rwatson_netperf:
- Lock down low hanging fruit use of sb_flags with socket buffer lock.
- Lock down low hanging fruit use of so_state with socket lock.
- Lock down low hanging fruit use of so_options.
- Lock down low-hanging fruit use of sb_lowwat and sb_hiwat with socket buffer lock.
- Annotate situations in which we unlock the socket lock and then grab the receive socket buffer lock, which are currently actually the same lock. Depending on how we want to play our cards, we may want to coallesce these lock uses to reduce overhead.
- Convert a if()->panic() into a KASSERT relating to so_state in soaccept().
- Remove a number of splnet()/splx() references.
More complex merging of socket and socket buffer locking to follow.
|
130640 |
17-Jun-2004 |
phk |
Second half of the dev_t cleanup.
The big lines are: NODEV -> NULL NOUDEV -> NODEV udev_t -> dev_t udev2dev() -> findcdev()
Various minor adjustments including handling of userland access to kernel space struct cdev etc.
|
130585 |
16-Jun-2004 |
phk |
Do the dreaded s/dev_t/struct cdev */ Bump __FreeBSD_version accordingly.
|
130480 |
14-Jun-2004 |
rwatson |
The socket field so_state is used to hold a variety of socket related flags relating to several aspects of socket functionality. This change breaks out several bits relating to send and receive operation into a new per-socket buffer field, sb_state, in order to facilitate locking. This is required because, in order to provide more granular locking of sockets, different state fields have different locking properties. The following fields are moved to sb_state:
SS_CANTRCVMORE (so_state) SS_CANTSENDMORE (so_state) SS_RCVATMARK (so_state)
Rename respectively to:
SBS_CANTRCVMORE (so_rcv.sb_state) SBS_CANTSENDMORE (so_snd.sb_state) SBS_RCVATMARK (so_rcv.sb_state)
This facilitates locking by isolating fields to be located with other identically locked fields, and permits greater granularity in socket locking by avoiding storing fields with different locking semantics in the same short (avoiding locking conflicts). In the future, we may wish to coallesce sb_state and sb_flags; for the time being I leave them separate and there is no additional memory overhead due to the packing/alignment of shorts in the socket buffer structure.
|
130413 |
13-Jun-2004 |
julian |
Add the capacity for the rfc1490 node to handle cisco style encasulation which is often used alongside rfc1490 in frame relay links.
Submitted by: Gleb Smirnoff <glebius@cell.sick.ru>
|
130387 |
12-Jun-2004 |
rwatson |
Extend coverage of SOCK_LOCK(so) to include so_count, the socket reference count:
- Assert SOCK_LOCK(so) macros that directly manipulate so_count: soref(), sorele().
- Assert SOCK_LOCK(so) in macros/functions that rely on the state of so_count: sofree(), sotryfree().
- Acquire SOCK_LOCK(so) before calling these functions or macros in various contexts in the stack, both at the socket and protocol layers.
- In some cases, perform soisdisconnected() before sotryfree(), as this could result in frobbing of a non-present socket if sotryfree() actually frees the socket.
- Note that sofree()/sotryfree() will release the socket lock even if they don't free the socket.
Submitted by: sam Sponsored by: FreeBSD Foundation Obtained from: BSD/OS
|
130215 |
07-Jun-2004 |
julian |
Now that mbufs are allocated using uma, don't check for accidental usage of mbuf 'how' flags as they are the same thing.
|
129979 |
02-Jun-2004 |
rwatson |
Integrate accept locking from rwatson_netperf, introducing a new global mutex, accept_mtx, which serializes access to the following fields across all sockets:
so_qlen so_incqlen so_qstate so_comp so_incomp so_list so_head
While providing only coarse granularity, this approach avoids lock order issues between sockets by avoiding ownership of the fields by a specific socket and its per-socket mutexes.
While here, rewrite soclose(), sofree(), soaccept(), and sonewconn() to add assertions, close additional races and address lock order concerns. In particular:
- Reorganize the optimistic concurrency behavior in accept1() to always allocate a file descriptor with falloc() so that if we do find a socket, we don't have to encounter the "Oh, there wasn't a socket" race that can occur if falloc() sleeps in the current code, which broke inbound accept() ordering, not to mention requiring backing out socket state changes in a way that raced with the protocol level. We may want to add a lockless read of the queue state if polling of empty queues proves to be important to optimize.
- In accept1(), soref() the socket while holding the accept lock so that the socket cannot be free'd in a race with the protocol layer. Likewise in netgraph equivilents of the accept1() code.
- In sonewconn(), loop waiting for the queue to be small enough to insert our new socket once we've committed to inserting it, or races can occur that cause the incomplete socket queue to overfill. In the previously implementation, it was sufficient to simply tested once since calling soabort() didn't release synchronization permitting another thread to insert a socket as we discard a previous one.
- In soclose()/sofree()/et al, it is the responsibility of the caller to remove a socket from the incomplete connection queue before calling soabort(), which prevents soabort() from having to walk into the accept socket to release the socket from its queue, and avoids races when releasing the accept mutex to enter soabort(), permitting soabort() to avoid lock ordering issues with the caller.
- Generally cluster accept queue related operations together throughout these functions in order to facilitate locking.
Annotate new locking in socketvar.h.
|
129942 |
01-Jun-2004 |
ru |
Removed a leftover from the previous change.
Submitted by: Gleb Smirnoff
|
129916 |
01-Jun-2004 |
rwatson |
The SS_COMP and SS_INCOMP flags in the so_state field indicate whether the socket is on an accept queue of a listen socket. This change renames the flags to SQ_COMP and SQ_INCOMP, and moves them to a new state field on the socket, so_qstate, as the locking for these flags is substantially different for the locking on the remainder of the flags in so_state.
|
129880 |
30-May-2004 |
phk |
add missing #include <sys/module.h>
|
129836 |
29-May-2004 |
julian |
Add a new netgraph method to allow restoration of some behaviour lost in the change from 4.x style netgraph tee nodes. Alter the tee node to use the new method. Document the behaviour.
Step the ABI version number... old netgraph klds will refuse to load. Better than just crashing.
Submitted by: Gleb Smirnoff <glebius@cell.sick.ru>
|
129835 |
29-May-2004 |
julian |
Missed these in the last commit. Change to C99 structure initialisation for the type method structure.
|
129823 |
29-May-2004 |
julian |
Switch to using C99 sparse initialisers for the type methods array. Should make no binary difference.
Submitted by: Gleb Smirnoff <glebius@cell.sick.ru> Reviewed by: Harti Brandt <harti@freebsd.org> MFC after: 1 week
|
129740 |
26-May-2004 |
imp |
Move to generating pccarddevs.h on the fly, both for the kernel and the modules.
Also generate usbdevs.h automatically now, but a non-kernel file is stopping that at the moment.
|
129674 |
24-May-2004 |
julian |
Use NG_HOOKSIZ instead of the deprecated (NG_HOOKLEN + 1)
|
129442 |
19-May-2004 |
ru |
Whitespace nit.
|
129441 |
19-May-2004 |
ru |
Maintain statistics about the received frames.
|
129281 |
16-May-2004 |
archie |
Allow ng_ether "lower" and "orphans" hooks to be connected at the same time.
Reviewed by: julian PR: kern/63317
|
129079 |
10-May-2004 |
emax |
Mode few Bluetooth defines into system include files
Reviewed by: imp
|
128729 |
29-Apr-2004 |
jdp |
Fix a memory leak in ng_get_string_token. A dynamically-allocated buffer wasn't freed if the function failed.
MFC after: 3 days
|
128688 |
27-Apr-2004 |
emax |
Address few style issues pointed out by bde
Reviewed by: bde, ru
|
128657 |
26-Apr-2004 |
archie |
Add 'enableWindowing' configuration knob to the ng_pptpgre(4) netgraph node.
Submitted by: Michael Bretterklieber <mbretter@a-quadrat.at> MFC after: 2 weeks
|
128591 |
23-Apr-2004 |
emax |
Make sure RFCOMM multiplexor channel does not hang in DISCONNECTING state. Apparently it happens when both devices try to disconnect RFCOMM multiplexor channel at the same time.
The scenario is as follows:
- local device initiates RFCOMM connection to the remote device. This creates both RFCOMM multiplexor channel and data channel;
- remote device terminates RFCOMM data channel (inactivity timeout);
- local device acknowledges RFCOMM data channel termination. Because there is no more active data channels and local device has initiated connection it terminates RFCOMM multiplexor channel;
- remote device does not acknowledges RFCOMM multiplexor channel termination. Instead it sends its own request to terminate RFCOMM multiplexor channel. Even though local device acknowledges RFCOMM multiplexor channel termination the remote device still keeps L2CAP connection open.
Because of hanging RFCOMM multiplexor channel subsequent RFCOMM connections between local and remote devices will fail.
Reported by: Johann Hugo <jhugo@icomtek.csir.co.za>
|
128376 |
18-Apr-2004 |
luigi |
+ rename and document an unused field in struct arpcom (field is still there so there are no ABI changes); + replace 5 redefinitions of the IPF2AC macro with one in if_arp.h
Eventually (but before freezing the ABI) we need to get rid of struct arpcom (initially with the help of some smart #defines to avoid having to touch each and every driver, see below).
Apart from the struct ifnet, struct arpcom now only stores a copy of the MAC address (ac_enaddr, but we already have another copy in the struct ifnet -- if_addrhead), and a netgraph-specific field which is _always_ accessed through the ifp, so it might well go into the struct ifnet too (where, besides, there is already an entry for AF_NETGRAPH data...)
Too bad ac_enaddr is widely referenced by all drivers. But this can be fixed as follows:
#define ac_enaddr ac_if.the_original_ac_enaddr_in_struct_ifnet
(note that the right hand side would likely be a pointer rather than the base address of an array.)
|
128371 |
17-Apr-2004 |
ru |
Don't give up if sending to one link fails, continue.
Suggested by: jmallett
|
128355 |
17-Apr-2004 |
ru |
A simple packet distribution node type that acts like an Ethernet hub.
|
128312 |
16-Apr-2004 |
luigi |
Consistently use ifaddr_byindex() to access the link-level address of an interface. No functional change.
On passing, comment an useless invocation of TAILQ_INIT(&ifp->if_addrhead) which could probably be removed in the interest of clarity.
|
128076 |
09-Apr-2004 |
emax |
Make sure Bluetooth stuff can be compiled on amd64
Submitted by: ps
|
127866 |
04-Apr-2004 |
archie |
Rename internal structure to fix cut & paste error.
Submitted by: Bjoern A. Zeeb <bzeeb+freebsd@zabbadoz.net> MFC After: 3 days
|
127376 |
24-Mar-2004 |
rik |
sppp (4) to netgraph (4) node. As always: I'l connect it to the system after extra check.
Approved by: imp (mentor) Approved by: julian (in general)
|
127364 |
24-Mar-2004 |
julian |
Don't duplicate a packet, just to throw it away when we discover the duplicat hook is not connected.
|
127286 |
22-Mar-2004 |
julian |
Dont count bytes being sent to a disconnected hook.
MFC after: 3 days
|
127169 |
18-Mar-2004 |
dwmalone |
Make the vaule of PTT_RELAY_SID match the RFC. This should help PPPoE users that are working with relayed PPPoE.
Submitted by: Bodo Rüskamp <jordbaer@mac.com> PR: 44936 Approved by: julian MFC after: 1 week
|
127135 |
17-Mar-2004 |
njl |
Convert callers to the new bus_alloc_resource_any(9) API.
Submitted by: Mark Santcroos <marks@ripe.net> Reviewed by: imp, dfr, bde
|
126742 |
08-Mar-2004 |
benno |
Add a netgraph node to handle ATM LLC encapsulation. This currently handles ethernet (tested) and FDDI (not tested). The main use for this is on ADSL (or other ATM) connections where bridged ethernet is used, PPPoE being a prime example.
There is no manual page as yet, I will write one shortly.
Reviewed by: harti
|
126730 |
07-Mar-2004 |
ru |
Implemented the "getifindex" control message.
PR: kern/63864 Submitted by: Gleb Smirnoff
|
126447 |
01-Mar-2004 |
ru |
Netgraph node type for IEEE 802.1Q VLAN tagging.
|
126425 |
01-Mar-2004 |
rwatson |
Rename dup_sockaddr() to sodupsockaddr() for consistency with other functions in kern_socket.c.
Rename the "canwait" field to "mflags" and pass M_WAITOK and M_NOWAIT in from the caller context rather than "1" or "0".
Correct mflags pass into mac_init_socket() from previous commit to not include M_ZERO.
Submitted by: sam
|
126203 |
24-Feb-2004 |
phk |
Unconst. Somebody didn't compile LINT.
|
126196 |
24-Feb-2004 |
cperciva |
Check that a pointer is non-NULL before dereferencing it, not after.
Reported by: "Ted Unangst" <tedu@coverity.com> Approved by: rwatson (mentor)
|
126080 |
21-Feb-2004 |
phk |
Device megapatch 4/6:
Introduce d_version field in struct cdevsw, this must always be initialized to D_VERSION.
Flip sense of D_NOGIANT flag to D_NEEDGIANT, this involves removing four D_NOGIANT flags and adding 145 D_NEEDGIANT flags.
|
126076 |
21-Feb-2004 |
phk |
Device megapatch 1/6:
Free approx 86 major numbers with a mostly automatically generated patch.
A number of strategic drivers have been left behind by caution, and a few because they still (ab)use their major number.
|
126035 |
20-Feb-2004 |
pjd |
Backout previous change, it breaks build and it is not needed layering violation. As pointed out, there is much better way to do this. Sorry guys, I need to find a better way to force reviews.
Requested by: harti, julian, scottl (mentor) Pointy hat to: pjd
|
126012 |
19-Feb-2004 |
pjd |
Add new failure detection algorithm. It works as follows: In every 'interval' seconds defined links are checked. If they are non-active they will not be used by to data transfer.
No response from: julian, archie Silent on: net@ Approved by: scottl (mentor)
|
126011 |
19-Feb-2004 |
pjd |
Export private structure owned by ng_ether(4) module outside. It'll is required by new failure detection algorithm for ng_one2many(4).
No response from: julian, archie Silent on: net@ Approved by: scottl (mentor)
|
125243 |
30-Jan-2004 |
harti |
Use the official ng_timeout function to trigger sending. This means, that we can get rid of of all the spl*() calls, because ng_timeout handles the locking issues.
|
125116 |
27-Jan-2004 |
ru |
Correct the description of the net.graph.recvspace sysctl.
|
125078 |
27-Jan-2004 |
harti |
Don't confuse NULL and 0, use 0 where an integer is expected.
|
125077 |
27-Jan-2004 |
harti |
Style: add __FBSDID, relocate some { that were on the wrong line, correct some indendation, change __FUNCTION__ to __func__ and remove a local KASSERT definition.
|
125037 |
26-Jan-2004 |
harti |
Replace deprecated NG_NODELEN with the new NG_NODESIZ. There is one problem here still to be solved: the sockaddr_hci has still a 16 byte field for the node name. The code currently does not correctly use the length field in the sockaddr to handle the address length, so node names get truncated to 15 characters when put into a sockaddr_hci.
|
125035 |
26-Jan-2004 |
harti |
Get rid of the old *LEN constants in favour of the new *SIZ constants that also include the trailing \0 byte.
|
125034 |
26-Jan-2004 |
harti |
Define the new command NGM_SOURCE_START_NOW to allow generation of traffic for non-ethernet hooks. This commit should have been packaged with the commit to ng_source.c.
|
125033 |
26-Jan-2004 |
harti |
Make ng_source to work with non-ethernet interfaces. We do this by introducing a START_NOW command. This command does not send and GET_IFINDEX message downstream (to wait for the response from the ETHERNET node), but directly starts the sending process. This allows one to generate traffic as input for any hook on any node.
|
125032 |
26-Jan-2004 |
harti |
Declare a function to silence a warning.
|
125031 |
26-Jan-2004 |
harti |
Should use the non-locking versions of the ifqueue macros to fiddle around with private queues, because their mutex is not needed. All this processing should be protected by the netgraph locking.
|
125030 |
26-Jan-2004 |
harti |
Replace a call to bzero() with an M_ZERO flag. Replace the MALLOC() with malloc().
|
125029 |
26-Jan-2004 |
harti |
The version in the type description must be the ABI version, not the netgraph version.
Correct the return type of a function: it wants to return an error code, so it cannot be void.
|
125028 |
26-Jan-2004 |
harti |
Get rid of the deprecated *LEN constants in favour of the new *SIZ constants that include the trailing \0 byte.
|
125021 |
26-Jan-2004 |
harti |
Get rid of the deprecated *LEN constants and use the new *SIZ (that include the trailing \0) constants instead.
|
124871 |
23-Jan-2004 |
ru |
Allow the socket buffer sizes to be controlled via sysctl(8).
MFC after: 3 days
|
124810 |
21-Jan-2004 |
phk |
Simplify timing gymnastics a bit.
|
124506 |
14-Jan-2004 |
green |
Add an "ethernet" hook to the rfc1490 netgraph module. It will send and receive FCS-less RFC1490-"bridged" Ethernet packets that are currently just ignored.
|
124270 |
09-Jan-2004 |
green |
Also, don't crash in the netgraph disconnect node if the interface is detached from the other direction.
|
124269 |
09-Jan-2004 |
green |
Don't try to ifpromisc() on an interface that's deleted already.
|
123922 |
28-Dec-2003 |
sam |
o eliminate widespread on-stack mbuf use for bpf by introducing a new bpf_mtap2 routine that does the right thing for an mbuf and a variable-length chunk of data that should be prepended. o while we're sweeping the drivers, use u_int32_t uniformly when when prepending the address family (several places were assuming sizeof(int) was 4) o return M_ASSERTVALID to BPF_MTAP* now that all stack-allocated mbufs have been eliminated; this may better be moved to the bpf routines
Reviewed by: arch@ and several others
|
123812 |
24-Dec-2003 |
alfred |
NULL -> 0 where appropriate.
|
123671 |
19-Dec-2003 |
yar |
The default value of net.graph.nonstandard_pppoe is changed to -1, which means "always stay in the standard mode of PPPoE operation regardless of any junk floating around."
As the referenced PR stated clearly, the old default setting of 0 was extremely dangerous because it opened a possibility for a spurious frame not only to put down a single PPPoE node running FreeBSD, but to plague *every* FreeBSD node in a PPPoE network in such a way that those nodes would keep poisoning each other until rebooted simultaneously.
PR: kern/47920 Reviewed by: Gleb Smirnoff <glebius <at> cell.sick.ru> MFC after: 1 week
|
123670 |
19-Dec-2003 |
ru |
Fixed panic on hook disconnection that previous revision has introduced.
|
123658 |
19-Dec-2003 |
ru |
Fixed compilation on 64-bit platforms.
|
123640 |
18-Dec-2003 |
yar |
There are two modes of ng_pppoe operation, standard and nonstandard. They differ in the values of certain fields in the PPPoE frame. Previously, ng_pppoe would start in standard mode, yet switch to nonstandard one upon reception of a single nonstandard frame. After having done so, ng_pppoe would be unable to interact with standard PPPoE peers. Thus, a DoS condition existed that could be triggered by a buggy peer or malicious party.
Since few people have expressed their displeasure WRT this problem, the default operation of ng_pppoe is left untouched for now. However, a new value for the sysctl net.graph.nonstandard_pppoe is introduced, -1, which will force ng_pppoe stay in standard mode regardless of any bogus frames floating around.
PR: kern/47920 Submitted by: Gleb Smirnoff <glebius <at> cell.sick.ru> MFC after: 1 week
|
123635 |
18-Dec-2003 |
ru |
Removed an outdated comment.
Submitted by: archie
|
123601 |
17-Dec-2003 |
ru |
Use the (now standard) Ethernet address parse type.
|
123600 |
17-Dec-2003 |
ru |
Made the Ethernet address parse type standard.
OK'ed by: archie
|
123599 |
17-Dec-2003 |
ru |
Replaced two bzero() calls with the M_ZERO flag to malloc().
Reviewed by: julian
|
123549 |
15-Dec-2003 |
ru |
MFS: Make struct arpcom the first entry in softc. (There are at least two functions in sys/net/if.c that assume that softc starts with arpcom.) This makes setting of ethernet address via ifconfig(8) work as expected.
|
123541 |
15-Dec-2003 |
truckman |
Pass MTX_DEF instead of 0 as the last argument to mtx_init().
Submitted by: Gavin Atkinson <gavin+freebsdc@ury.york.ac.uk>
|
123278 |
08-Dec-2003 |
truckman |
The last argument to mtx_init() should be MTX_DEF, not 0. This is not a functional change since MTX_DEF happens to be defined as 0.
|
122890 |
18-Nov-2003 |
archie |
Lower the maximum ACK timeout for GRE packets from 10 to 1 second. In practice it seems that in situations of high packet loss the ACK timeout seems to hit this maximum (perhaps inappropriately, but the estimation algorithm is not perfect, so apparently it happens). In any case, 10 seconds is way too high a value so lower to 1 second.
MFC after: 3 days
|
122875 |
18-Nov-2003 |
rwatson |
Introduce a MAC label reference in 'struct inpcb', which caches the MAC label referenced from 'struct socket' in the IPv4 and IPv6-based protocols. This permits MAC labels to be checked during network delivery operations without dereferencing inp->inp_socket to get to so->so_label, which will eventually avoid our having to grab the socket lock during delivery at the network layer.
This change introduces 'struct inpcb' as a labeled object to the MAC Framework, along with the normal circus of entry points: initialization, creation from socket, destruction, as well as a delivery access control check.
For most policies, the inpcb label will simply be a cache of the socket label, so a new protocol switch method is introduced, pr_sosetlabel() to notify protocols that the socket layer label has been updated so that the cache can be updated while holding appropriate locks. Most protocols implement this using pru_sosetlabel_null(), but IPv4/IPv6 protocols using inpcbs use the the worker function in_pcbsosetlabel(), which calls into the MAC Framework to perform a cache update.
Biba, LOMAC, and MLS implement these entry points, as do the stub policy, and test policy.
Reviewed by: sam, bms Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
122865 |
17-Nov-2003 |
ru |
Fixed two memory leaks.
Reviewed by: harti
|
122864 |
17-Nov-2003 |
ru |
Check the correct set of interface flags and fix a memory leak.
Reviewed by: harti
|
122634 |
14-Nov-2003 |
emax |
Change double include protection style in headers to match the rest of Netgraph code.
Reviewed by: imp, ru Approved by: imp (mentor)
|
122614 |
13-Nov-2003 |
harti |
Make the defines that prevent multiple includes look like the others in netgraph.
|
122566 |
12-Nov-2003 |
harti |
Bump the netgraph header version to 6 for the change of the name length definitions.
Reminded by: jdp
|
122548 |
12-Nov-2003 |
harti |
Double length of node names, hook names, command strings and types. Add defines for these constants that include the trailing NUL byte. These new constants have SIZ in their name instead of LEN. As soon as all consumers in the tree are converted to use the new defines the old defines will be put under BURN_BRIDGES.
Reviewed by: archie, julian, ru Approved by: re (in principle)
|
122488 |
11-Nov-2003 |
ru |
MFS: Change interface name from "nge" to "ngeth" to avoid conflict with nge(4).
|
122481 |
11-Nov-2003 |
ru |
Use a single style of multiple inclusion protection for Netgraph headers.
Reviewed by: archie, harti, emax
|
122320 |
08-Nov-2003 |
sam |
o add a flags parameter to netisr_register that is used to specify whether or not the isr needs to hold Giant when running; Giant-less operation is also controlled by the setting of debug_mpsafenet o mark all netisr's except NETISR_IP as needing Giant o add a GIANT_REQUIRED assertion to the top of netisr's that need Giant o pickup Giant (when debug_mpsafenet is 1) inside ip_input before calling up with a packet o change netisr handling so swi_net runs w/o Giant; instead we grab Giant before invoking handlers based on whether the handler needs Giant o change netisr handling so that netisr's that are marked MPSAFE may have multiple instances active at a time o add netisr statistics for packets dropped because the isr is inactive
Supported by: FreeBSD Foundation
|
122219 |
07-Nov-2003 |
harti |
The layer 3 (signalling) of NgATM netgraph node: ng_uni. This node handles user and network side signaling and partly PNNI.
|
122110 |
05-Nov-2003 |
harti |
Replace the lock-less algorithm for the free item list with a more conservative lock. The problem with the lock-less algorithm is that it suffers from the ABA problem. Running an application with funnels a couple of 100kpkts/s through the netgraph system on a dual CPU system with MPSAFE drivers will panic almost immediatly with the old algorithm.
It may be possible to eliminate the contention between threads that insert free items into the list and those that get free items by using the Michael/Scott queue algorithm that has two locks.
|
121816 |
31-Oct-2003 |
brooks |
Replace the if_name and if_unit members of struct ifnet with new members if_xname, if_dname, and if_dunit. if_xname is the name of the interface and if_dname/unit are the driver name and instance.
This change paves the way for interface renaming and enhanced pseudo device creation and configuration symantics.
Approved By: re (in principle) Reviewed By: njl, imp Tested On: i386, amd64, sparc64 Obtained From: NetBSD (if_xname)
|
121461 |
24-Oct-2003 |
harti |
Netgraph part of the NgATM signalling AA layer. These nodes can also be used as a general-purpose transport protocol above any packet layer (IP, UDP).
|
121325 |
22-Oct-2003 |
harti |
Remove a gcc-ism: declaring a variable array at the end of a structure as [0] and replace it with the ISO way of writing []. This has caused warnings with WARNS=6.
|
121307 |
21-Oct-2003 |
silby |
Change all SYSCTLS which are readonly and have a related TUNABLE from CTLFLAG_RD to CTLFLAG_RDTUN so that sysctl(8) can provide more useful error messages.
|
121054 |
12-Oct-2003 |
emax |
Update Bluetooth code.
Reviewed by: M. Warner Losh <imp@bsdimp.com>; John Hay <jhay@freebsd.org> Approved by: M. Warner Losh <imp@bsdimp.com> (mentor)
|
120559 |
28-Sep-2003 |
phk |
I don't know from where the notion that device driver should or even could call VOP_REVOKE() on vnodes associated with its dev_t's has originated, but it stops right here.
If there are things people belive destroy_dev() needs to learn how to do, please tell me about it, preferably with a reproducible test case.
Include <sys/uio.h> in bluetooth code rather than rely on <sys/vnode.h> to do so.
The fact that some of the USB code needs to include <sys/vnode.h> still disturbs me greatly, but I do not have time to chase that.
|
119187 |
20-Aug-2003 |
hsu |
Add Protocol Independent Multicast protocol.
Submitted by: Pavlin Radoslavov <pavlin@icir.org>
|
118774 |
11-Aug-2003 |
harti |
Add ng_atmpif: a HARP physical interface emulation. This allows one to run the HARP ATM stack without real hardware.
Submitted by: Vincent Jardin <vjardin@wanadoo.fr>
|
118175 |
29-Jul-2003 |
harti |
Process events from the ATM drivers. Carrier change and PVC change messages are forwarded as netgraph control messages to the node that is connected to the manage hook. If that hook is not connected, the event is lost. Flow control events are converted to netgraph flow control messages and send along the hook that is connected to the flow controlled VC. ACR change events are converted to control messages and sent along the hook for the given VC.
|
117663 |
16-Jul-2003 |
jmg |
add missing machine/bus.h that is necessary to build now that usb is bus_dma aware.
|
117642 |
15-Jul-2003 |
harti |
Test the OPEN flag to see whether a VCI is already open on the hook instead to look for vci != 0. We can now open VCI 0 for monitoring purposes.
|
117631 |
15-Jul-2003 |
harti |
Remove three unneccessary comparisons that were always true.
Spotted by: gcc
|
117209 |
03-Jul-2003 |
julian |
Allow the caller to get an erro direclty if we sent the packet immediatly. Submitted by: Ian Dowse <iedowse@maths.tcd.ie> MFC after: 1 day
|
117157 |
02-Jul-2003 |
harti |
Allow VPI/VCI 0/0 to be opened. This will be used by the IDT77252 driver to provide a "receive all cells" mode that can be used for monitoring.
Check only the relevant MTU size when NOTX or NORX flags are set.
|
116839 |
25-Jun-2003 |
julian |
Fix a comment
MFC after: 1 day
|
116808 |
25-Jun-2003 |
harti |
This is a netgraph node to access ATM interfaces. It works with the hatm(4) and fatm(4) drivers, en(4) will follow soon.
|
116307 |
13-Jun-2003 |
phk |
Use the <sys/bitstring.h> rather than <bitstring.h>
|
115036 |
15-May-2003 |
julian |
fix a cut-n-paste error. in the case where the bridge node was closed down but a timeout still applied to it, the final reference to the node was freeing the private data structure using the wrong malloc type.
Approved by: re@
|
114883 |
10-May-2003 |
julian |
Last commit of the bluetooth upgrade. (this patch was forgotten in the first commit)
Submitted by: Maksim Yevmenkin <m_evmenkin@yahoo.com> Approved by: re@
|
114878 |
10-May-2003 |
julian |
Part one of undating the bluetooth code to the newest version
Submitted by: Maksim Yevmenkin <m_evmenkin@yahoo.com> Approved by: re@
|
114216 |
29-Apr-2003 |
kan |
Deprecate machine/limits.h in favor of new sys/limits.h. Change all in-tree consumers to include <sys/limits.h>
Discussed on: standards@ Partially submitted by: Craig Rodrigues <rodrigc@attbi.com>
|
114178 |
28-Apr-2003 |
archie |
Add missing braces.
Submitted by: Andrew Lankford <arlankfo@141.com>
|
113781 |
21-Apr-2003 |
rwatson |
Remove extraneous reference to intrq.h, which broke the kernel build.
|
113663 |
18-Apr-2003 |
phk |
KASSERT that NG_MKMESSAGE() is not called with mbuf flags.
|
113255 |
08-Apr-2003 |
des |
Introduce an M_ASSERTPKTHDR() macro which performs the very common task of asserting that an mbuf has a packet header. Use it instead of hand- rolled versions wherever applicable.
Submitted by: Hiten Pandya <hiten@unixdaemons.com>
|
113073 |
04-Apr-2003 |
des |
Don't use ovbcopy().
|
111997 |
08-Mar-2003 |
jlemon |
Include correct opt_* headers for supported address families. Dike out the unused ATM cases.
Sponsored by: DARPA, NAI Labs
|
111934 |
05-Mar-2003 |
archie |
Fix a use-after-free bug that could cause multi-link fragment reassembly to fail for a long time (until the incoming sequence numbers wrapped around).
Reported by: Matthew Impett <mimpett@Glue.umd.edu> MFC after: 3 days
|
111926 |
05-Mar-2003 |
peter |
Finish driving a stake through the heart of netns and the associated ifdefs scattered around the place - its dead Jim!
The SMB stuff had stolen AF_NS, make it official.
|
111888 |
04-Mar-2003 |
jlemon |
Update netisr handling; Each SWI now registers its queue, and all queue drain routines are done by swi_net, which allows for better queue control at some future point. Packets may also be directly dispatched to a netisr instead of queued, this may be of interest at some installations, but currently defaults to off.
Reviewed by: hsu, silby, jayanth, sam Sponsored by: DARPA, NAI Labs
|
111815 |
03-Mar-2003 |
phk |
Gigacommit to improve device-driver source compatibility between branches:
Initialize struct cdevsw using C99 sparse initializtion and remove all initializations to default values.
This patch is automatically generated and has been tested by compiling LINT with all the fields in struct cdevsw in reverse order on alpha, sparc64 and i386.
Approved by: re(scottl)
|
111749 |
02-Mar-2003 |
harti |
Add two loader tuneables that allow one to change the maximum number of queue items that can be allocated by netgraph and the number of free queue items that are cached on a private list.
Netgraph places an upper limit on the number of queue items it may allocate. When there is a large number of netgraph messages travelling through the system (100k/sec and more) there is a high probability, that messages get queued at the nodes and netgraph runs out of queue items. In this case the data flow through netgraph gets blocked. The tuneable for the number of free items lets one trade memory for performance.
The tunables are also available as read-only sysctls.
PR: kern/47393 Reviewed by: julian Approved by: jake (mentor)
|
111565 |
26-Feb-2003 |
wpaul |
Some more updates for the new world order:
- Make transmission of packets work again. This stopped working because ether_ifattach() was forcing ifp->if_output to be ether_output() and clobbering our attempt to override this vector with a pointer to ng_fec_output(). Move the overriding of ifp->if_output to after ether_ifattach().
- Abandon the use of the netgraph ng_ether_input_p hook for snagging incoming frames, and instead override the ifp->if_input vector for interfaces that have been aggregated into our bundle. (I would have loved to have written things this way in the first place, but I didn't want to have to be the one to implement the if_input hook and change all the drivers.) This avoids collisions with the ng_ether module, which uses the same hook. Each aggregated device now calls ng_fec_input() directly, which then fakes up the rcvif pointer before invoking ifp->if_input itself.
This module should actually work now.
|
111537 |
26-Feb-2003 |
wpaul |
Attempt to make the ng_fec module play nice with BPF again. Things have changed since this code was written:
- The ng_ether_input_p hook only accepts two arguments now: the pointer to the ether header structure is gone.
- It's no longer necessary to cons up a fake ether header before passing incoming packets to BPF_MTAP().
ng_fec_input() has been modified to account for these two changes. Running tcpdump on fec0 should work now.
PR: kern/46720
|
111528 |
26-Feb-2003 |
scottl |
Introduce a new taskqueue that runs completely free of Giant, and in turns runs its tasks free of Giant too. It is intended that as drivers become locked down, they will move out of the old, Giant-bound taskqueue and into this new one. The old taskqueue has been renamed to taskqueue_swi_giant, and the new one keeps the name taskqueue_swi.
|
111119 |
19-Feb-2003 |
imp |
Back out M_* changes, per decision of the TRB.
Approved by: trb
|
110409 |
05-Feb-2003 |
ambrisko |
Take the rc4 code out of ng_mppc module so we don't fail to load when we have the rc4 code already in the kernel (via wlan stuff or awi). Add a dependency on the rc4 module so if it doesn't exist then load it.
Reviewed by: archie
|
110234 |
02-Feb-2003 |
alfred |
Catch more uses of MIN().
|
109623 |
21-Jan-2003 |
alfred |
Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0. Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
|
109153 |
13-Jan-2003 |
dillon |
Bow to the whining masses and change a union back into void *. Retain removal of unnecessary casts and throw in some minor cleanups to see if anyone complains, just for the hell of it.
|
109123 |
12-Jan-2003 |
dillon |
Change struct file f_data to un_data, a union of the correct struct pointer types, and remove a huge number of casts from code using it.
Change struct xfile xf_data to xun_data (ABI is still compatible).
If we need to add a #define for f_data and xf_data we can, but I don't think it will be necessary. There are no operational changes in this commit.
|
108533 |
01-Jan-2003 |
schweikh |
Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup, especially in troff files.
|
108240 |
23-Dec-2002 |
julian |
Make ng_fec.c compile again since Sam's changes.
Submitted by: Hiten Pandya (hiten@unixdaemons.com)
|
108172 |
22-Dec-2002 |
hsu |
SMP locking for ifnet list.
|
108107 |
19-Dec-2002 |
bmilekic |
o Untangle the confusion with the malloc flags {M_WAITOK, M_NOWAIT} and the mbuf allocator flags {M_TRYWAIT, M_DONTWAIT}. o Fix a bpf_compat issue where malloc() was defined to just call bpf_alloc() and pass the 'canwait' flag(s) along. It's been changed to call bpf_alloc() but pass the corresponding M_TRYWAIT or M_DONTWAIT flag (and only one of those two).
Submitted by: Hiten Pandya <hiten@unixdaemons.com> (hiten->commit_count++)
|
107845 |
14-Dec-2002 |
archie |
Fix two bugs:
(a) Save control message return address only if NGM_MPPC_CONFIG_DECOMP (b) Properly count the number of required re-key operations when we loose synchronization and have to resync
MFC after: 3 days
|
107287 |
26-Nov-2002 |
julian |
fixes for this driver: 1) "ubt" driver did not work when system is booted with the device attached 2) missing "break;" in ubt_rcvmsg() function;
Submitted by: Maksim Yevmenkin <Maksim.Yevmenkin@cw.com> Approved by: re (jhb)
|
107120 |
20-Nov-2002 |
julian |
The second try a committing the bluetooth code Has been seen to work on several cards and communicating with several mobile phones to use them as modems etc.
We are still talking with 3com to try get them to allow us to include the firmware for their pccard in the driver but the driver is here.. In the mean time it can be downloaded from the 3com website and loaded using the utility bt3cfw(8) (supplied) (instructions in the man page)
Not yet linked to the build
Submitted by: Maksim Yevmenkin <myevmenk@exodus.net> Approved by: re
|
106933 |
14-Nov-2002 |
sam |
o track changes to ethernet input packet handling o track changes to bpf o track changes to make ng hooks more private
Reviewed by: many Approved by: re
|
106665 |
08-Nov-2002 |
jhb |
Use intptr_t to fix various sizeof(int) != sizeof(void *) warnings.
|
106624 |
08-Nov-2002 |
jhb |
Use %z to print a size_t value.
|
106435 |
05-Nov-2002 |
julian |
Slight redesign for fitting in with -current.
|
106321 |
02-Nov-2002 |
julian |
The easy part of converting the ng_source node to -current. More to come.. does not compile (deliberatly.. logic broken)
|
106319 |
02-Nov-2002 |
julian |
Whitespace fixes
|
106317 |
01-Nov-2002 |
julian |
ifnet_addrs doesn;t exist any more so use TAILQ_FIRST(&ifp->if_addrhead) to find the link layer ifaddr. (it's always first I believe) Allows this to compile on -current. .. need testers with FEC capable switches..
|
106266 |
31-Oct-2002 |
julian |
Add the netgraph 'source' module. This is NOT YET CONVERTED TO -current. This node is a source for preprogrammed packets at a known rate for testing.
I will convert it to -current "in place" but will MFC teh original pre-conversion variant as that is what is originally submitted. Man page my me, info from Dave's README.
Submitted by: Dave Chapeskie <dchapeskie@SANDVINE.com> Obtained from: Sandvine inc. MFC after: 1 week
|
106159 |
29-Oct-2002 |
julian |
Finally get around to committing Bill Paul's FEC netgraph nodes. These are really only partly netgraph nodes as they do not use the netgraph interfaces for many of the functions for which they could be used, however they represent important functionality.
Submitted by: wpaul MFC after: 2 days
|
105598 |
21-Oct-2002 |
brooks |
Use if_printf(ifp, "blah") instead of printf("%s%d: blah", ifp->if_name, ifp->if_xname).
|
103870 |
23-Sep-2002 |
alfred |
use __packed.
|
103313 |
14-Sep-2002 |
benno |
Reference the socket we're accepting.
|
103308 |
14-Sep-2002 |
archie |
Relax checking of incoming PPTP GRE packets a bit: ignore a bogus payload length field when there's no payload indicated by the header 'S' bit. This works around semi-brokenness in the Mac OS X PPTP client.
|
103205 |
11-Sep-2002 |
benno |
Remember who asked for a connect or accept operation so we can actually tell them when it's done.
Reviewed by: archie
|
102244 |
22-Aug-2002 |
archie |
Don't use "NULL" when "0" is really meant.
|
102195 |
20-Aug-2002 |
archie |
New L2TP netgraph node type.
Obtained from: Packet Design
|
102190 |
20-Aug-2002 |
archie |
When declaring local variables in macros, always use "_name" instead of "name" to avoid ugly problems when the containing code already has a variable named "name".
|
101241 |
02-Aug-2002 |
mux |
Make the consumers of the linker_load_file() function use linker_load_module() instead.
This fixes a bug where the kernel was unable to properly locate and load a kernel module in vfs_mount() (and probably in the netgraph code as well since it was using the same function). This is because the linker_load_file() does not properly search the module path.
Problem found by: peter Reviewed by: peter Thanks to: peter
|
98636 |
22-Jun-2002 |
brian |
NUL terminate the ACNAME passed to userland.
|
98402 |
18-Jun-2002 |
julian |
A node that creates a device entry in /dev (yay devfs) so that /dev/mumble can be the entrypoint to some networking graph, e.g. a tunnel or a remote tape drive or whatever...
Not fully tested (by me) yet.
Submitted by: Mark Santcroos <marks@ripe.net> MFC after: 3 weeks
|
98063 |
09-Jun-2002 |
julian |
if you have taken the mbuf out of the message object, then if you pass the object to someone else, you need to put the mbuf back into it first..
|
97897 |
05-Jun-2002 |
archie |
Const'ify variables to make it clear we're not writing to the mbuf data.
Reviewed by: julian, brian MFC after: 1 week
|
97896 |
05-Jun-2002 |
archie |
Fix bug where an mbuf was being written to without checking M_WRITABLE(). Eliminate some of the unnecessary complexity of ng_ether_glueback_header(). Simplify two functions a bit by doing the NG_FREE_META(meta) earlier.
Reviewed by: julian, brian MFC after: 1 week
|
97895 |
05-Jun-2002 |
archie |
Fix bugs where mbuf data was being accessed without m_pullup().
Reviewed by: julian, brian MFC after: 1 week
|
97722 |
01-Jun-2002 |
alfred |
Declare a variable sized array within a structure using [] rather than [0] to silence warnings.
|
97685 |
31-May-2002 |
archie |
Fix GCC warnings caused by initializing a zero length array. In the process, simply things a bit by getting rid of 'struct ng_parse_struct_info' which was useless because it only contained one field.
MFC after: 2 weeks
|
97658 |
31-May-2002 |
tanimura |
Back out my lats commit of locking down a socket, it conflicts with hsu's work.
Requested by: hsu
|
97229 |
24-May-2002 |
peter |
Fix warnings: deprecated use of label at end of compound statement
|
96972 |
20-May-2002 |
tanimura |
Lock down a socket, milestone 1.
o Add a mutex (sb_mtx) to struct sockbuf. This protects the data in a socket buffer. The mutex in the receive buffer also protects the data in struct socket.
o Determine the lock strategy for each members in struct socket.
o Lock down the following members:
- so_count - so_options - so_linger - so_state
o Remove *_locked() socket APIs. Make the following socket APIs touching the members above now require a locked socket:
- sodisconnect() - soisconnected() - soisconnecting() - soisdisconnected() - soisdisconnecting() - sofree() - soref() - sorele() - sorwakeup() - sotryfree() - sowakeup() - sowwakeup()
Reviewed by: alfred
|
96578 |
14-May-2002 |
brian |
Add a NGM_PPPOE_SESSIONID message to the ng_pppoe node. This message is sent to the control socket when the SessionID is established.
Approved by: archie (after a very cursory glance)
|
96265 |
09-May-2002 |
archie |
Don't send packets out an interface unless it is IFF_UP|IFF_RUNNING. This fixes panics with certain Ethernet drivers when doing bridging, PPPoE, etc. before the driver has been fully brought up.
MFC after: 1 week
|
95759 |
30-Apr-2002 |
tanimura |
Revert the change of #includes in sys/filedesc.h and sys/socketvar.h.
Requested by: bde
Since locking sigio_lock is usually followed by calling pgsigio(), move the declaration of sigio_lock and the definitions of SIGIO_*() to sys/signalvar.h.
While I am here, sort include files alphabetically, where possible.
|
94667 |
14-Apr-2002 |
archie |
Use 'struct callout' instead of 'struct callout_handle' to avoid exhausting the kernel timeout table. Perform the usual gymnastics to avoid race conditions between node shutdown and timeouts occurring.
Also fix a bug in handling ack delays < PPTP_MIN_ACK_DELAY. Before, we were ack'ing immediately. Instead, just impose a minimum ack delay time, like the name of the macro implies.
MFC after: 1 week
|
93818 |
04-Apr-2002 |
jhb |
Change callers of mtx_init() to pass in an appropriate lock type name. In most cases NULL is passed, but in some cases such as network driver locks (which use the MTX_NETWORK_LOCK macro) and UMA zone locks, a name is used.
Tested on: i386, alpha, sparc64
|
93593 |
01-Apr-2002 |
jhb |
Change the suser() API to take advantage of td_ucred as well as do a general cleanup of the API. The entire API now consists of two functions similar to the pre-KSE API. The suser() function takes a thread pointer as its only argument. The td_ucred member of this thread must be valid so the only valid thread pointers are curthread and a few kernel threads such as thread0. The suser_cred() function takes a pointer to a struct ucred as its first argument and an integer flag as its second argument. The flag is currently only used for the PRISON_ROOT flag.
Discussed on: smp@
|
92298 |
15-Mar-2002 |
archie |
Fix bugs where the ng_ppp node could transmit PPP frames whose length exceeded the peer's configured MRU or MRRU.
MFC after: 1 week
|
91711 |
05-Mar-2002 |
julian |
Official timeout routines for netgraph nodes that know how to use (and abuse) the node locking system.
MFC after: 1 week
|
91406 |
27-Feb-2002 |
jhb |
Simple p_ucred -> td_ucred changes to start using the per-thread ucred reference.
|
90973 |
20-Feb-2002 |
brian |
Send a NGM_PPPOE_ACNAME message to userland when a node is connected.
Submitted by: Andre Albsmeier <andre@albsmeier.net> Shuffled about by: brian Approved by: julian
|
90868 |
18-Feb-2002 |
mike |
o Move NTOHL() and associated macros into <sys/param.h>. These are deprecated in favor of the POSIX-defined lowercase variants. o Change all occurrences of NTOHL() and associated marcros in the source tree to use the lowercase function variants. o Add missing license bits to sparc64's <machine/endian.h>. Approved by: jake o Clean up <machine/endian.h> files. o Remove unused __uint16_swap_uint32() from i386's <machine/endian.h>. o Remove prototypes for non-existent bswapXX() functions. o Include <machine/endian.h> in <arpa/inet.h> to define the POSIX-required ntohl() family of functions. o Do similar things to expose the ntohl() family in libstand, <netinet/in.h>, and <sys/param.h>. o Prepend underscores to the ntohl() family to help deal with complexities associated with having MD (asm and inline) versions, and having to prevent exposure of these functions in other headers that happen to make use of endian-specific defines. o Create weak aliases to the canonical function name to help deal with third-party software forgetting to include an appropriate header. o Remove some now unneeded pollution from <sys/types.h>. o Add missing <arpa/inet.h> includes in userland.
Tested on: alpha, i386 Reviewed by: bde, jake, tmm
|
90594 |
13-Feb-2002 |
archie |
Fix another bug in handling of multi-link sequence numbers.
MFC after: 1 week
|
90584 |
12-Feb-2002 |
archie |
Fix bug in previous commit.
Submitted by: Harti Brandt <brandt@fokus.gmd.de>
|
90361 |
07-Feb-2002 |
julian |
Pre-KSE/M3 commit. this is a low-functionality change that changes the kernel to access the main thread of a process via the linked list of threads rather than assuming that it is embedded in the process. It IS still embeded there but remove all teh code that assumes that in preparation for the next commit which will actually move it out.
Reviewed by: peter@freebsd.org, gallatin@cs.duke.edu, benno rice,
|
90249 |
05-Feb-2002 |
archie |
The hardware checksum code makes the assumption that a packet routed out a particular Ethernet interface will actually be delivered by (only) that device driver. This is not necessarily true when ng_ether(4) is used.
To word around this, while a ng_ether(4)'s "upper" hook is connected, turn off all hardware checksum, fragmentation, etc., features for that interface.
PR: kern/31586 MFC after: 1 week
|
90227 |
05-Feb-2002 |
dillon |
Get rid of the twisted MFREE() macro entirely.
Reviewed by: dg, bmilekic MFC after: 3 days
|
90047 |
01-Feb-2002 |
archie |
Some netgraph parse types (such as for the 'value' field in ng_ksocket's 'struct ng_ksocket_sockopt') like to peek into the ng_mesg header for information. Make sure when generating default values that we provide a valid header to peek into.
MFC after: 1 week
|
89319 |
14-Jan-2002 |
alfred |
Replace ffind_* with fget calls.
Make fget MPsafe.
Make fgetvp and fgetsock use the fget subsystem to reduce code bloat.
Push giant down in fpathconf().
|
89306 |
13-Jan-2002 |
alfred |
SMP Lock struct file, filedesc and the global file list.
Seigo Tanimura (tanimura) posted the initial delta.
I've polished it quite a bit reducing the need for locking and adapting it for KSE.
Locks:
1 mutex in each filedesc protects all the fields. protects "struct file" initialization, while a struct file is being changed from &badfileops -> &pipeops or something the filedesc should be locked.
1 mutex in each struct file protects the refcount fields. doesn't protect anything else. the flags used for garbage collection have been moved to f_gcflag which was the FILLER short, this doesn't need locking because the garbage collection is a single threaded container. could likely be made to use a pool mutex.
1 sx lock for the global filelist.
struct file * fhold(struct file *fp); /* increments reference count on a file */
struct file * fhold_locked(struct file *fp); /* like fhold but expects file to locked */
struct file * ffind_hold(struct thread *, int fd); /* finds the struct file in thread, adds one reference and returns it unlocked */
struct file * ffind_lock(struct thread *, int fd); /* ffind_hold, but returns file locked */
I still have to smp-safe the fget cruft, I'll get to that asap.
|
89066 |
08-Jan-2002 |
msmith |
Staticise the socket list.
|
88945 |
06-Jan-2002 |
archie |
Avoid reentrantly sending on the same socket, which causes a kernel panic.
|
88739 |
31-Dec-2001 |
rwatson |
o Make the credential used by socreate() an explicit argument to socreate(), rather than getting it implicitly from the thread argument.
o Make NFS cache the credential provided at mount-time, and use the cached credential (nfsmount->nm_cred) when making calls to socreate() on initially connecting, or reconnecting the socket.
This fixes bugs involving NFS over TCP and ipfw uid/gid rules, as well as bugs involving NFS and mandatory access control implementations.
Reviewed by: freebsd-arch
|
87998 |
15-Dec-2001 |
archie |
Typo.
|
87997 |
15-Dec-2001 |
archie |
Don't free a structure containing a 'struct callout' structure while that callout is still pending.
MFC after: 3 days
|
87971 |
15-Dec-2001 |
archie |
Add support for 56 bit MPPE encryption.
MFC after: 3 days
|
87599 |
10-Dec-2001 |
obrien |
Update to C99, s/__FUNCTION__/__func__/, also don't use ANSI string concatenation.
|
87070 |
28-Nov-2001 |
archie |
When a socket is not connected, allow the peer "struct sockaddr" to be included in the meta information that is associated with incoming and outgoing packets.
Reviewed by: julian MFC after: 1 week
|
85722 |
30-Oct-2001 |
julian |
A node that allows ethernet type packets to be filtered to different hooks depending on ethertype. Great for prototyping protocols. connects to the lower and upper hooks of an ethernet type of node.
Obtained from: Monzoon Networks. Thanks to Andre Oppermann, May 2001.
|
85659 |
29-Oct-2001 |
dillon |
log routine called w/ %ld and int argument, cast argument to long
|
84777 |
10-Oct-2001 |
archie |
Fix bug that cheated hook names out of the last 2 bytes.
MFC after: 3 days
|
84776 |
10-Oct-2001 |
archie |
Let "raw" mean IPPROTO_RAW instead of IPPROTO_IP.
Noticed by: jdp MFC after: 3 days
|
84472 |
04-Oct-2001 |
dwmalone |
Hopefully improve control message passing over Unix domain sockets.
1) Allow the sending of more than one control message at a time over a unix domain socket. This should cover the PR 29499.
2) This requires that unp_{ex,in}ternalize and unp_scan understand mbufs with more than one control message at a time.
3) Internalize and externalize used to work on the mbuf in-place. This made life quite complicated and the code for sizeof(int) < sizeof(file *) could end up doing the wrong thing. The patch always create a new mbuf/cluster now. This resulted in the change of the prototype for the domain externalise function.
4) You can now send SCM_TIMESTAMP messages.
5) Always use CMSG_DATA(cm) to determine the start where the data in unp_{ex,in}ternalize. It was using ((struct cmsghdr *)cm + 1) in some places, which gives the wrong alignment on the alpha. (NetBSD made this fix some time ago).
This results in an ABI change for discriptor passing and creds passing on the alpha. (Probably on the IA64 and Spare ports too).
6) Fix userland programs to use CMSG_* macros too.
7) Be more careful about freeing mbufs containing (file *)s. This is made possible by the prototype change of externalise.
PR: 29499 MFC after: 6 weeks
|
84443 |
04-Oct-2001 |
bde |
Fixed pedantic syntax error (trailing semicolon in enum).
|
84060 |
28-Sep-2001 |
brooks |
Remove a couple unintentional mentions of Ethernet that crept in from ng_ether.c.
|
84053 |
27-Sep-2001 |
brooks |
Add ng_ip_input. A new netgraph node for queuing IP packets into the main IP input processing code.
|
84000 |
27-Sep-2001 |
brooks |
The initial commit contained an error in the license, this is the correct one.
|
83998 |
26-Sep-2001 |
brooks |
/home/brooks/ng_gif.message
|
83366 |
12-Sep-2001 |
julian |
KSE Milestone 2 Note ALL MODULES MUST BE RECOMPILED make the kernel aware that there are smaller units of scheduling than the process. (but only allow one thread per process at this time). This is functionally equivalent to teh previousl -current except that there is a thread associated with each process.
Sorry john! (your next MFC will be a doosie!)
Reviewed by: peter@freebsd.org, dillon@freebsd.org
X-MFC after: ha ha ha ha
|
83186 |
07-Sep-2001 |
julian |
First pass at porting John's "accept" changes to allow an in-kernel webserver (or similar) to accept and handle incoming connections using netgraph without ever leaving the kernel. (allows incoming tunnel requests to be handled totally within the kernel for example)
Needs work, but shouldn't break existing functionality.
Submitted by: John Polstra <jdp@polstra.com> MFC after: 2 weeks
|
82933 |
04-Sep-2001 |
julian |
MFS: change name of sysctl to something more diplomatic.
|
82586 |
30-Aug-2001 |
archie |
Fix kernel crash when VLANs are combined with ng_ether(4), by attaching interfaces of type IFT_L2VLAN as well as IFT_ETHER during module load.
Submitted by: yar
|
82058 |
21-Aug-2001 |
brian |
Fix two typos
|
81032 |
02-Aug-2001 |
brian |
Pack struct uniqtag declarations to stop our data field from being pushed 4 bytes to the right on the alpha.
Tested by: Thomas Pornin <Thomas.Pornin@ens.fr> MFC after: 1 week
|
80311 |
25-Jul-2001 |
brian |
If an attempt is made to LISTEN for a service tag that's already being LISTENed for, return EEXISTS.
Only match the magic "*" service tag if no other LISTEN service tags match.
Require an explicit LISTEN for an empty service tag in order to match empty service requests.
Approved by: julian MFC after: 3 days
|
80304 |
24-Jul-2001 |
brooks |
General cleanup providing better style(9) conformance and generally improved readability. The two real functional changes are that netgraph now sees this as the "split" node type rather then the "ng_split" node type and that meta data is passed through without processing rather then being dropped.
Reviewed by: jhb, julian MFC after: 7 weeks
|
80222 |
23-Jul-2001 |
julian |
Add an external function to unlink a netgraph type from the types list.
|
79706 |
14-Jul-2001 |
julian |
remember to set the return address in a message when sending it along a hook.
PR: 27906 Submitted by: Harti Brandt <brandt@fokus.gmd.de>
no MFC as code is different in 4.x
|
78252 |
15-Jun-2001 |
peter |
Fix warning: (int/long mixup in printf) 475: warning: unsigned int format, long unsigned int arg (arg 3)
|
76860 |
19-May-2001 |
jdp |
Fix a range checking bug in ng_int32_parse which affected 64-bit machines. The code formerly read:
long val; if (val < (long)-0x80000000 || ...) return EINVAL;
The constant 0x80000000 has type unsigned int. The unary `-' operator does not change the type (or the value, in this case). Therefore the promotion to long is done by 0-extension, giving 0x0000000080000000 instead of the desired 0xffffffff80000000. I got rid of the `-' and changed the cast to (int32_t) to give proper sign-extension on all architectures and to better reflect the fact that we are range-checking a 32-bit value.
This commit also makes the analogous changes to ng_int{8,16}_parse for consistency.
MFC after: 3 days
|
76648 |
15-May-2001 |
jhb |
Remove unneeded includes in the i386 case.
|
75433 |
11-Apr-2001 |
archie |
Don't reference a node after we dropped a reference to it (same as in previous checkin, but in a different function).
|
74914 |
28-Mar-2001 |
jhb |
Catch up to header include changes: - <sys/mutex.h> now requires <sys/systm.h> - <sys/mutex.h> and <sys/sx.h> now require <sys/lock.h>
|
74078 |
10-Mar-2001 |
julian |
netgraph.h: Change a prototype. Add a function version of ng_ref_node() when debugging so a breakpoint can be set on it. ng_base.c: add 'node' as an argument to ng_apply_item so that it is up to the caller to take over and release the item's reference on the node. If the release reports back that the node went away due to the reference going to 0, the caller should cease referencing the now defunct node. (e.g. the item was a 'kill node' message). Alter ng_unref_node to report back the residual references as a result. ng_pptpgre.c: Don't reference a node after we dropped a reference to it. (What if it was the last?) Fixes a node leak reported by Harti Brandt <brandt@fokus.gmd.de> which was due to an incorrect earlier attempt to fix the "accessing node after dropping the last reference" problem.
|
73998 |
08-Mar-2001 |
archie |
Fix potential crash caused by packets with bogus ACK's.
Reported by: Fabien THOMAS <fabient@netasq.com>
|
73371 |
03-Mar-2001 |
julian |
Cleanups to Macros for sending data between netgraph nodes.
|
73370 |
03-Mar-2001 |
julian |
Add parenthesis to a macro. This took me 2 whole days to track down. (bleah)
|
73238 |
28-Feb-2001 |
julian |
Shuffle netgraph mutexes a bit and hold a reference on a node from the function that is calling the destructor.
|
73083 |
26-Feb-2001 |
julian |
Allow a changed MAC address to show up in ifconfig by changing it in the ifaddr list as well. Also change an error return in the base system.
|
73035 |
25-Feb-2001 |
julian |
slight cleanups during testing.
|
73006 |
25-Feb-2001 |
julian |
Add a node that looks to all the word like an ethernet but delivers its ehternet frames to a netgraph hook.
Submitted by: "Vitaly V. Belekhov" <vitaly@riss-telecom.ru> translated to 5.0 by me. man page not yet written.
This node still needs a little work.. don't use yet. Not yet linked into the build.
|
73005 |
25-Feb-2001 |
julian |
Make the sample netgraph node compileable again. Makes it easier for people if they can start with something that actually compiles.
|
72979 |
24-Feb-2001 |
julian |
Add knowledge of the netgraph spinlocks into the Witness code. Well, at least I think that's how it's done.
|
72946 |
23-Feb-2001 |
julian |
Shuffle sysctls a bit (thankyou whoever made them dynamic for modules) and add a sysctl to pppoe to activate non standard ethertypes so that idiot ISPs (apparently in France) who use equipment from idiot suppliers (rumour says 3com) who use nonstandard ethertypes can still connect.
"yep, sure we do pppoe, we use a different identifier to that dictated in the standard, but sure it's pppoe!"
sysctl -w net.graph.stupid_isp=1 enables the changeover.
|
72909 |
22-Feb-2001 |
julian |
Add a 'splitter' node to separate a bidirectional packet flow into two unidirectional flows.
Part of a suite of nodes developed for packet flow control. More to follow as I have time to port them to 5.x or as others do so. The ipfw node will be the hardest..
Submitted by: "Vitaly V. Belekhov" <vitaly@riss-telecom.ru>
|
72645 |
18-Feb-2001 |
asmodai |
Preceed/preceeding are not english words. Use precede and preceding.
|
72545 |
16-Feb-2001 |
archie |
Fix an erroneous comment and two style(9) bugs.
|
72200 |
09-Feb-2001 |
bmilekic |
Change and clean the mutex lock interface.
mtx_enter(lock, type) becomes:
mtx_lock(lock) for sleep locks (MTX_DEF-initialized locks) mtx_lock_spin(lock) for spin locks (MTX_SPIN-initialized)
similarily, for releasing a lock, we now have:
mtx_unlock(lock) for MTX_DEF and mtx_unlock_spin(lock) for MTX_SPIN. We change the caller interface for the two different types of locks because the semantics are entirely different for each case, and this makes it explicitly clear and, at the same time, it rids us of the extra `type' argument.
The enter->lock and exit->unlock change has been made with the idea that we're "locking data" and not "entering locked code" in mind.
Further, remove all additional "flags" previously passed to the lock acquire/release routines with the exception of two:
MTX_QUIET and MTX_NOSWITCH
The functionality of these flags is preserved and they can be passed to the lock/unlock routines by calling the corresponding wrappers:
mtx_{lock, unlock}_flags(lock, flag(s)) and mtx_{lock, unlock}_spin_flags(lock, flag(s)) for MTX_DEF and MTX_SPIN locks, respectively.
Re-inline some lock acq/rel code; in the sleep lock case, we only inline the _obtain_lock()s in order to ensure that the inlined code fits into a cache line. In the spin lock case, we inline recursion and actually only perform a function call if we need to spin. This change has been made with the idea that we generally tend to avoid spin locks and that also the spin locks that we do have and are heavily used (i.e. sched_lock) do recurse, and therefore in an effort to reduce function call overhead for some architectures (such as alpha), we inline recursion for this case.
Create a new malloc type for the witness code and retire from using the M_DEV type. The new type is called M_WITNESS and is only declared if WITNESS is enabled.
Begin cleaning up some machdep/mutex.h code - specifically updated the "optimized" inlined code in alpha/mutex.h and wrote MTX_LOCK_SPIN and MTX_UNLOCK_SPIN asm macros for the i386/mutex.h as we presently need those.
Finally, caught up to the interface changes in all sys code.
Contributors: jake, jhb, jasone (in no particular order)
|
72055 |
05-Feb-2001 |
julian |
Add a dummy disconnect function so that the socket code doesn't leap into space when it calls the disconnect PRU function without checking that it there.
|
72053 |
05-Feb-2001 |
julian |
Make netgraph modules refuse to link with modules of a different ABI version. also try implement teh documented behaviour in socket nodes so that when there is only one hook, an unaddressed write/send will DTRT and send the data to that hook.
|
71906 |
01-Feb-2001 |
julian |
Change the kernel internal ABI number as the HOOK structure has changed. Forgotten by: me
|
71902 |
01-Feb-2001 |
julian |
Clean up reference counting with relation to queued packets and the worklist, and while I'm there, clean up the worklist insertion and removal.
Inspired by: Harti Brandt <brandt@fokus.gmd.de>
|
71885 |
31-Jan-2001 |
julian |
Add the ability to declare ore-ride methods on a per-hook basis for the rcvdata() and rcvmsg() methods.
Also bring the man page up to sync with my last commit. (and this one)
|
71849 |
30-Jan-2001 |
julian |
Implement direct support for semipersistant nodes. (e.g. ethernet nodes are persistent until you rip out the hardware) Use this support in the ethernet and sample nodes. Add some more abstraction on the 'item's so that node and hook reference counting can be checked easier. Slight man page correction. Make pppoe type dependent on ethernet type. Clean up node shutdown a little. Move a mutex from MTX_SPIN to MTX_DEF (oops) Fix small ref-counting bug. remove warning on one2many type.
|
71821 |
30-Jan-2001 |
julian |
Fix cut and paste error in a comment. Submitted by: Peter Wemm <peter@freebsd.org>
|
71738 |
28-Jan-2001 |
julian |
Add a new distribution algorythm to the 'one2many' node type. The new method is 'flood' (in addition to the old round-robin) in which incoming packets are sent to more than one outgoing hook. (I'm not sure what Rogier is using this for but it seems generally useful and isn't much extra)
Submitted by: Rogier R. Mulhuijzen (drwilco@drwilco.net )
|
71669 |
26-Jan-2001 |
julian |
Swap egress hooks for packets entering from the monitor hooks.
|
71650 |
25-Jan-2001 |
julian |
Only clear the 'free' bit if we were successful in getting a queue item off the free list.
Found by: Harti Brandt (address unknown)
|
71603 |
24-Jan-2001 |
julian |
Don't crash the kernel if the user tries to load a netgraph module with the wrong version number.
|
71380 |
22-Jan-2001 |
julian |
Add MTX_SPIN to an mtx_init(
|
71354 |
21-Jan-2001 |
julian |
remove stupid braino (recursive mutex) tripped over by: PHK
|
71047 |
14-Jan-2001 |
julian |
Add a generic "queued function callin" mechanism Use it to implement (hopefully) SMP safe node/hook addition and removal. Fix some debug stuff.
|
70942 |
11-Jan-2001 |
julian |
remove debug sysctl slight tweek to hook removal. (or is that tweak?)
|
70939 |
11-Jan-2001 |
julian |
Make hook deletion SMP safe.
|
70935 |
11-Jan-2001 |
julian |
Add an exported function ng_rmhook_self() that removes a hook from a node, but does it via the locking queue, thus ensuring that the node is locked when it's hook is removed.
Add 'deadnode' and 'deadhook' structures for when a node or hook is invalidated but not yet freed. (not yet freed)
|
70933 |
11-Jan-2001 |
julian |
Another brian fix, luckily not in live code.
|
70931 |
11-Jan-2001 |
julian |
Fix uninitialised pointer.
Found by: Brian Sommers
|
70917 |
11-Jan-2001 |
archie |
Unbreak compilation.
|
70914 |
10-Jan-2001 |
julian |
Only free items that are not already free or passed to other nodes. Clever work by: Brian Sommers (Brian@freeBSD.org)
|
70912 |
10-Jan-2001 |
julian |
Changes to stop zombie nodes showing up in active node lists. Also some changes resulting from debug work done earlier.
|
70870 |
10-Jan-2001 |
julian |
Fix some memory leaks Add memory leak detection assitance.
|
70810 |
09-Jan-2001 |
julian |
Missing FREE().
|
70791 |
08-Jan-2001 |
julian |
Bad julian.. forgot to destroy mutex before freeing the structure it was part of!
|
70784 |
08-Jan-2001 |
julian |
Part 2 of the netgraph rewrite. This is mostly cosmetic changes, (though I caught a bug or two while makeing them) Reviewed by: archie@freebsd.org
|
70700 |
06-Jan-2001 |
julian |
Rewrite of netgraph to start getting ready for SMP. This version is functional and is aproaching solid.. notice I said APROACHING. There are many node types I cannot test I have tested: echo hole ppp socket vjc iface tee bpf async tty The rest compile and "Look" right. More changes to follow. DEBUGGING is enabled in this code to help if people have problems.
|
70159 |
18-Dec-2000 |
julian |
Divorce the kernel binary ABI version number from the message format version number. (userland programs should not need to be recompiled when the netgraph kernel internal ABI is changed.
Also fix modules that don;t handle the fact that a caller may not supply a return message pointer. (benign at the moment because the calling code checks, but that will change)
|
70157 |
18-Dec-2000 |
archie |
Use "node->ID" for the node's ID, instead of "(long)node".
Reported by: julian
|
70148 |
18-Dec-2000 |
julian |
Impossible to see typo.. |= instead of !=
|
69938 |
12-Dec-2000 |
archie |
Fix bug in parse type for struct ng_one2many_config.
Reported by: Yian Zhu <Yian.Zhu@qobra.com>
|
69934 |
12-Dec-2000 |
julian |
I have no idea at all why this file was not included in the last commit.
|
69923 |
12-Dec-2000 |
julian |
oops that commit included a local hack... take it out..
|
69922 |
12-Dec-2000 |
julian |
Reviewed by: Archie@freebsd.org This clears out my outstanding netgraph changes. There is a netgraph change of design in the offing and this is to some extent a superset of soem of the new functionality and some of the old functionality that may be removed.
This code works as before, but allows some new features that I want to work with and evaluate. It is the basis for a version of netgraph with integral locking for SMP use.
This is running on my test machine with no new problems :-)
|
69840 |
11-Dec-2000 |
archie |
Fix a bug where if the interface was in promiscuous mode when the last hook was disconnected, the interface would not get reset to non-promiscuous mode.
Reported by: jdp
|
69519 |
02-Dec-2000 |
julian |
Add splhigh()s to protect against a race condition that shows up when running with ethernet bridging at high speed.
Submitted by: Chris Csanady <ccsanady@iastate.edu> (and extended by me)
|
69225 |
26-Nov-2000 |
jlemon |
Fix another callout_init() that I missed.
|
68876 |
18-Nov-2000 |
dwmalone |
Add the use of M_ZERO to netgraph.
Submitted by: josh@zipperup.org Submitted by: Robert Drehmel <robd@gmx.net> Submitted by: archie Approved by: archie
|
68845 |
16-Nov-2000 |
brian |
Go back to using data_len in struct ngpppoe_init_data after discussions with Julian and Archie.
Implement a new ``sizedstring'' parse type for dealing with field pairs consisting of a uint16_t followed by a data field of that size, and use this to deal with the data_len and data fields.
Written by: Archie with some input by me Agreed in principle by: julian
|
68810 |
16-Nov-2000 |
archie |
New netgraph node type ng_one2many(4).
|
68761 |
15-Nov-2000 |
mckusick |
In preparation for deprecating CIRCLEQ macros in favor of TAILQ macros which provide the same functionality and are a bit more efficient, convert use of CIRCLEQ's in netgraph PPP code to TAILQ's.
Reviewed by: Archie Cobbs <archie@dellroad.org>
|
68079 |
31-Oct-2000 |
julian |
Swap the order of two tags in the pppoe PADI and PADS packets as there are apparently some buggy switches that need them in that order. (I hope there aren't any that require them in the old order!)
|
68031 |
31-Oct-2000 |
brian |
Change the format of ngpppoe_init_data so that the provider is NUL terminated and the data_len field is no longer necessary.
Add ASCII2BINARY and BINARY2ASCII capabilities.
The old format is still understood and dealt with, but can't do the ASCII2BINARY and BINARY2ASCII stuff.
Approved by: archie
|
67893 |
29-Oct-2000 |
phk |
Move suser() and suser_xxx() prototypes and a related #define from <sys/proc.h> to <sys/systm.h>.
Correctly document the #includes needed in the manpage.
Add one now needed #include of <sys/systm.h>. Remove the consequent 48 unused #includes of <sys/proc.h>.
|
67506 |
24-Oct-2000 |
julian |
Since neither archie nor I work at Whistle any more, change our email addresses to be the more usefu @freebsd.org ones so we can keep getting bug-reports. - man pages to follow..
|
67164 |
15-Oct-2000 |
phk |
Remove unneeded #include <machine/clock.h>
|
66983 |
11-Oct-2000 |
archie |
Calling untimeout(9) leads to a race window where memory could be leaked. Close this window by simply not calling untimeout(9).
|
66980 |
11-Oct-2000 |
archie |
Fix memory leak.
Submitted by: Christopher N. Harrell <cnh@ivmg.net>
|
66887 |
09-Oct-2000 |
archie |
Fix typo in NETGRAPH_INIT() macro.
|
66775 |
06-Oct-2000 |
archie |
More complete fix for multi-link sequence number handling bugs. Add a new control message for querying the sequence number state.
|
66764 |
06-Oct-2000 |
archie |
Fix bug in handling of multi-link sequence numbers.
Reported by: Becca Anderson <becca@worldint.com>
|
66313 |
23-Sep-2000 |
archie |
Use m_dup() instead of m_copypacket() for the time being. Not all of the code in the kernel properly checks for read-onlyness before writing into an mbuf data area. When that code is fixed, the m_dup() can go back to being m_copypacket().
Requested by: nsayer
|
66260 |
22-Sep-2000 |
archie |
Remove unnecessary #include's as reported by phk's script.
|
66182 |
21-Sep-2000 |
archie |
Allocate all memory (including within node constructors) with M_NOWAIT instead of M_WAITOK, to allow for maximum flexibility.
|
66177 |
21-Sep-2000 |
archie |
Allocate memory with M_NOWAIT instead of M_WAITOK because we could be called in an interrupt context.
|
66061 |
19-Sep-2000 |
julian |
When sending a packet back to a network interface to simulate an arrived packet, make sure that the packet has the interface marked in the first mbuf, the same a truely arrived packets would have.
|
66052 |
19-Sep-2000 |
archie |
Rename "struct session" to "struct sess_con" to avoid conflict with upcoming "struct session" in proc.h.
Requested by: jasone
|
65557 |
07-Sep-2000 |
jasone |
Major update to the way synchronization is done in the kernel. Highlights include:
* Mutual exclusion is used instead of spl*(). See mutex(9). (Note: The alpha port is still in transition and currently uses both.)
* Per-CPU idle processes.
* Interrupts are run in their own separate kernel threads and can be preempted (i386 only).
Partially contributed by: BSDi (BSD/OS) Submissions by (at least): cp, dfr, dillon, grog, jake, jhb, sheldonh
|
65310 |
01-Sep-2000 |
archie |
New netgraph node type for Ethernet bridging. No ipfw support yet.
|
65305 |
01-Sep-2000 |
archie |
Fix wrong offset bug in ng_enaddr_unparse().
|
65303 |
31-Aug-2000 |
archie |
Avoid free'ing a NULL pointer.
|
65262 |
30-Aug-2000 |
archie |
Export ng_ether_enaddr_type for other nodes that want to use it.
|
64653 |
15-Aug-2000 |
archie |
Add three more control messages to complement their opposites: NGM_ETHER_SET_ENADDR, NGM_ETHER_GET_PROMISC, and NGM_ETHER_GET_AUTOSRC. Alter parsing algorithm so the EN address really looks like one.
|
64517 |
10-Aug-2000 |
archie |
Oops, previous commit fixed a bug that was already fixed before. Back it out.
|
64513 |
10-Aug-2000 |
archie |
Add new control message to atomically get and clear statistics.
|
64512 |
10-Aug-2000 |
archie |
Increase the maximum allowable datagram length.
|
64511 |
10-Aug-2000 |
archie |
"u_int32_t" should have been "int32_t".
|
64510 |
10-Aug-2000 |
archie |
Use a bigger buffer for NGM_BINARY2ASCII conversion, to handle really long ASCII control messages.
|
64509 |
10-Aug-2000 |
archie |
- Add new control message NGM_VJC_GET_CONFIG - Implement control message ASCII'fication for all control messages
|
64508 |
10-Aug-2000 |
archie |
Take advantage of the new unsigned and hex integer types.
|
64507 |
10-Aug-2000 |
archie |
- Make statistics unsigned. - Add new control message to atomically get and clear statistics.
|
64506 |
10-Aug-2000 |
archie |
- Add new unsigned and hex integer parse types - Fix bug in commented example code
|
64505 |
10-Aug-2000 |
archie |
- Add new unsigned and hex integer parse types; this allows simplifying the bytearray parse type. - Allocate (larger) temporary work buffer dynamically instead of on the stack when comparing to the default value.
|
64502 |
10-Aug-2000 |
archie |
RFC 1661 requires that all LCP packets are sent with no address and control field compression. The ng_ppp(4) node correctly follows this rule. However, PPPoE is an exception: when doing PPPoE *all* frames are sent with address and control field compression.
Alter this node's behavior so that when an outgoing frame is received, any leading address and control field bytes are removed. This makes this node compatible with ng_ppp(4).
|
64470 |
09-Aug-2000 |
archie |
In a struct sockaddr, sa->sa_len can be zero if uninitialized. Make sure that this doesn't cause a problem when parsing.
|
64443 |
09-Aug-2000 |
archie |
Fix bug where bundle-level receive statistics were not getting updated.
|
64365 |
07-Aug-2000 |
archie |
Fix a bug where we were accessing already free'd memory during node shutdown.
Detected via: 0xdeadc0de
|
64358 |
07-Aug-2000 |
archie |
Add three new control messages to the ng_ether(4) netgraph node type:
NGM_ETHER_GET_ENADDR: Get the device's Ethernet address NGM_ETHER_SET_PROMISC: Enable/disable promiscuous mode NGM_ETHER_SET_AUTOSRC: Enable/disable packet source address override
|
64287 |
05-Aug-2000 |
archie |
Fix misspelling.
|
63852 |
25-Jul-2000 |
archie |
Followup to previous commit.. - It's worthwhile to use untimeout(9), even though we must still protect against "false" timeouts, because most of the time it saves having to handle a dummy timeout event. - Slight tweaks to the delayed ACK algorithm paramters.
|
63822 |
25-Jul-2000 |
archie |
Several fixes: - Fix slowness when operating over fast connections, where the timeout(9) granularity is on the same order of magnitude as the round trip time. timeout(9) can happen up to 1 tick early, which was causing receive ack timeouts to happen too early, causing bogus "lost" packets. - Increase the local time counter to 64 bits to avoid roll-over. - Keep statistics on memory allocation failures. - Add a new option to always include the ack when sending data packets. Might be useful in high packet loss situations. Might not.
|
63675 |
20-Jul-2000 |
archie |
Allocate memory with M_NOWAIT instead of M_WAITOK, because it's possible for these routines to be called from an interrupt context.
PR: kern/20057
|
63543 |
19-Jul-2000 |
archie |
Remove node's name reference when the interface is detached; otherwise, the ng_ether.ko KLD will never be unloadable after all Ethernet interfaces are detached, as it should be, because of the lingering extra reference.
Submitted by: "Yevmenkin, Maksim N, CSCIO" <myevmenkin@att.com>
|
63195 |
14-Jul-2000 |
archie |
Set NG_INVALID flag when destroying node.
|
63138 |
14-Jul-2000 |
asmodai |
Fix typo, teh -> the.
|
63053 |
12-Jul-2000 |
archie |
Fix race condition caused by using NG_SEND_DATAQ() where we meant to use ng_queue_data().
Reported by: Udo Erdelhoff <ue@nathan.ruhr.de>
|
62678 |
06-Jul-2000 |
julian |
Don't forget to set our MAC address into packets we wre sending out via netgraph. Eventually we may need to have a separate hook for packets that already have a source AMC address but for now just drop it in. Should fix PPPoE.
|
62471 |
03-Jul-2000 |
phk |
Experiemntal ascii based device configuration mechanism.
This may or may not survive, decision will be made well before 5.0-R
|
62222 |
28-Jun-2000 |
archie |
Fix incorrectly implemented receive ACK timeout algorithm: instead of bumping the recvAck counter by one, pretend that all outstanding xmit packets are acknowleged, and restart transmitting anew, with an empty (but halved) transmit window.
Put a lower bound on the adaptive timeout value.
|
62143 |
26-Jun-2000 |
archie |
Make the ng_ether(4) node type dynamically loadable like the rest. This means 'options NETGRAPH' is no longer necessary in order to get netgraph-enabled Ethernet interfaces. This supports loading/unloading the ng_ether.ko and attaching/detaching the Ethernet interface in any order.
Add two new hooks 'upper' and 'lower' to allow access to the protocol demux engine and the raw device, respectively. This enables bridging to be defined as a netgraph node, if so desired.
Reviewed by: freebsd-net@freebsd.org
|
62129 |
26-Jun-2000 |
archie |
- Start sequence numbers at zero instead of one; the rest of the world seems to interpret the spec this way - Initialize transmit window to two instead of one; helps get things going initially when the first packet may get dropped - Really fix the shutdown + timeout race condition this time
|
61143 |
01-Jun-2000 |
archie |
Fix bug where receive statistics for the bundle were not getting updated.
|
60938 |
26-May-2000 |
jake |
Back out the previous change to the queue(3) interface. It was not discussed and should probably not happen.
Requested by: msmith and others
|
60833 |
23-May-2000 |
jake |
Change the way that the queue(3) structures are declared; don't assume that the type argument to *_HEAD and *_ENTRY is a struct.
Suggested by: phk Reviewed by: phk Approved by: mdodd
|
60330 |
10-May-2000 |
archie |
Add hook for IPv6.
|
60009 |
05-May-2000 |
archie |
Fix a couple of bugs: - Properly handle 32 bit sequence numbers when they wrap around - Don't drop GRE packets with stale ACK numbers, just ignore the ACK - Close race between node being shutdown and timer going off Also add support for lots of statistics, and control message ASCIIfication
|
59900 |
02-May-2000 |
archie |
Don't assume *lasthook is initialized in ng_path2node().
|
59882 |
02-May-2000 |
archie |
Fix broken multi-link fragment reassembly algorithm. Add hook for IPv6. Misc cleanups.
PR: kern/16335
|
59881 |
01-May-2000 |
archie |
Macro call to ng_send_dataq() should have been to ng_send_data() instead.
|
59879 |
01-May-2000 |
archie |
Use 'type_name' structure field instead of 'typename', which is a C++ reserved work.
Add a ng_copy_meta() function.
|
59875 |
01-May-2000 |
peter |
A temporary band-aid for ng_base. It works for some people, a better fix will follow.
Submitted by: Gary Jennejohn <garyj@muc.de>
|
59756 |
29-Apr-2000 |
peter |
Minimal tweak to make the ng_XXX modules depend on netgraph so that they see its symbols and link ok.
|
59728 |
28-Apr-2000 |
julian |
Two simple changes to the kernel internal API for netgraph modules, to support future work in flow-control and 'packet reject/replace' processing modes.
reviewed by: phk, archie
|
59391 |
19-Apr-2000 |
phk |
Remove ~25 unneeded #include <sys/conf.h> Remove ~60 unneeded #include <sys/malloc.h>
|
59178 |
12-Apr-2000 |
archie |
Fix uninitialized variable.
PR: kern/17911 Submitted by: Tom Pavel <pavel@alum.mit.edu>
|
59109 |
09-Apr-2000 |
archie |
A netgraph node that implements Microsoft Point-to-Point compression (MPPC) and Microsoft Point-to-Point encryption (MPPE) protocols.
Note: the MPPC part is disabled as it requires proprietary files.
Obtained from: Whistle source tree
|
58412 |
21-Mar-2000 |
archie |
Call bpfdetach() before going away.
|
58171 |
17-Mar-2000 |
phk |
Newer ciscos have become more picky, and will not accept the MULTICAST bit being set for unicast packets.
|
58015 |
13-Mar-2000 |
archie |
Updates to the ng_iface(8) netgraph node type: - Make iface nodes removable on shutdown since FreeBSD now supports removable interfaces - Simplify supporting new protocols using family_enqueue(); add a few new ones including IPv6 - Add support for configurable interface mode using new NGM_IFACE_POINT2POINT and NGM_IFACE_BROADCAST control messages - Remove NGM_IFACE_GET_IFADDRS control message; it just duplicates the functionality of SIOCGIFCONF
|
58013 |
13-Mar-2000 |
archie |
Some minor prototype tweaks.
|
58012 |
13-Mar-2000 |
archie |
Use snprintf() instead of sprintf().
|
58011 |
13-Mar-2000 |
archie |
Fix typo: "ng_parse_fixedsstring_info" -> "ng_parse_fixedstring_info"
|
56658 |
27-Jan-2000 |
archie |
Add control message ASCII conversion for this node type.
|
55481 |
05-Jan-2000 |
archie |
Fix a few obscure memory leaks.
|
55418 |
04-Jan-2000 |
archie |
Fix race condition caused by missing splnet()'s.
|
55205 |
29-Dec-1999 |
peter |
Change #ifdef KERNEL to #ifdef _KERNEL in the public headers. "KERNEL" is an application space macro and the applications are supposed to be free to use it as they please (but cannot). This is consistant with the other BSD's who made this change quite some time ago. More commits to come.
|
54755 |
17-Dec-1999 |
archie |
Fix bugs in the MP fragment reassembly code that can cause a panic.
|
54331 |
08-Dec-1999 |
archie |
New netgraph node type 'pptpgre': this performs GRE encapsulation for the PPTP protocol as specified in RFC 2637.
|
54249 |
07-Dec-1999 |
julian |
Remove a bunch of un-needed includes. Submitted by: phk@freebsd.org
|
54214 |
06-Dec-1999 |
archie |
Change definition of NG_BPF_HOOKPROG_SIZE() so as not to require a structure pointer, just the number of BPF instructions.
|
54097 |
03-Dec-1999 |
archie |
New netgraph node type, ng_bpf(8). This node type allows you to apply bpf(4) filters to data travelling through a netgraph network.
|
54096 |
03-Dec-1999 |
archie |
Add a new function ng_findhook() for finding a node's hook; if the node type provides a more efficient implementation than the normal linear scan, use it.
Reviewed by: julian
|
54094 |
03-Dec-1999 |
archie |
Fix bug parsing 32 bit integers on machines where sizeof(long) == 4.
|
54007 |
01-Dec-1999 |
archie |
Use m_dup() instead of m_copypacket() to duplicate the mbuf chain. This fixes a bug where if the original packet was modified downstream of the tee node, then the copy could get modified too.
|
53998 |
01-Dec-1999 |
archie |
Add more comments describing how to use parse types and how they work.
|
53997 |
01-Dec-1999 |
archie |
Show how to supply a struct ng_cmdlist for (de)asciification of control messages.
Suggested by: julian
|
53979 |
01-Dec-1999 |
julian |
change intial timeout for session negotiation from 1 to 2 seconds. One second was being hit too many times in normal situations.
|
53913 |
30-Nov-1999 |
archie |
Add two new generic control messages, NGM_ASCII2BINARY and NGM_BINARY2ASCII, which convert control messages to ASCII and back. This allows control messages to be sent and received in ASCII form using ngctl(8), which makes ngctl a lot more useful.
This also allows all the type-specific debugging code in libnetgraph to go away -- instead, we just ask the node itself to do the ASCII translation for us.
Currently, all generic control messages are supported, as well as messages associated with the following node types: async, cisco, ksocket, and ppp.
See /usr/share/examples/netgraph/ngctl for an example of using this.
Also give ngctl(8) the ability to print out incoming data and control messages at any time. Eventually nghook(8) may be subsumed.
Several other misc. bug fixes.
Reviewed by: julian
|
53648 |
24-Nov-1999 |
archie |
Change the prototype of the strto* routines to make the second parameter a char ** instead of a const char **. This make these kernel routines consistent with the corresponding libc userland routines.
Which is actually 'correct' is debatable, but consistency and following the spec was deemed more important in this case.
Reviewed by (in concept): phk, bde
|
53532 |
21-Nov-1999 |
julian |
oops cut-n-paste error
|
53530 |
21-Nov-1999 |
julian |
It's time to only allow root to manipulate netgraph nodes. (I meant to do this before checking in to FreeBSD and forgot)
|
53526 |
21-Nov-1999 |
julian |
Hopefully the last patch from Brian to get server side PPPoE working. remove a 'free' that is no longer needed.
|
53498 |
21-Nov-1999 |
julian |
Fixes from brian. With some changes from me. Allows FreeBSD to run as a PPPOE server One patch still not included.
|
53431 |
19-Nov-1999 |
archie |
Revert previous commit now that 'acfcomp' has been removed from libnetgraph/debug.c to fix make world.
|
53429 |
19-Nov-1999 |
julian |
Add a field archie forgot to merge in from out sources.
|
53407 |
19-Nov-1999 |
archie |
Use 'struct ng_xxx_private' instead of 'struct private' to help gdb disambiguate when debugging.
|
53406 |
19-Nov-1999 |
archie |
Fix bug where hook pointers were not getting updated on disconnection.
|
53405 |
19-Nov-1999 |
archie |
Move misplaced #define.
|
53404 |
19-Nov-1999 |
archie |
Add some safety using KASSERT() and splnet().
|
53403 |
19-Nov-1999 |
archie |
Use KASSERT() instead of old #ifdef DIAGNOSTICS. Add more INVARIANTS-enabled sanity checking.
|
53394 |
19-Nov-1999 |
archie |
Remove the address and control field compression functionality of this node type. ACF is device independent and therefore belongs in ng_ppp.c (which already implements it).
|
53393 |
19-Nov-1999 |
archie |
Rename 'struct private' to 'struct ng_xxx_private' to allow gdb to disambiguate when debugging.
|
53284 |
17-Nov-1999 |
archie |
When allocating a new PKTHDR mbuf, always set m->m_pkthdr.rcvif = NULL.
|
53246 |
16-Nov-1999 |
archie |
New netgraph node type "ksocket".
Obtained from: Whistle source tree
|
53190 |
15-Nov-1999 |
archie |
More bug fixes for the VJ Compression node. Seems to work now (really).
|
53172 |
15-Nov-1999 |
julian |
Small fixes from Brian for the Server side of PPPoE.
|
53154 |
14-Nov-1999 |
julian |
Rework some tag handling, prompted by Brian Somers.
|
53145 |
14-Nov-1999 |
julian |
Try handle missing packet tags better. Inspired by changes suggested by brian Somers.
|
53098 |
11-Nov-1999 |
brian |
Provide an empty name to getsockname() if one hasn't been set up.
Ok'd (for now) by: julian
|
53088 |
10-Nov-1999 |
archie |
More bug fixes.
|
53087 |
10-Nov-1999 |
archie |
Minor change to the configuration of number of slots.
|
53076 |
10-Nov-1999 |
archie |
Fix some bugs; seems to work now. Minor change to the configuration field to make the number of compression slots parameter consistent with what IPCP negotiates (ie, the number of slots - 1).
|
53075 |
10-Nov-1999 |
archie |
Move handling of the address and control fields into the PPP node; they belong there because they are device independent. Also some other misc. fixes.
|
53042 |
09-Nov-1999 |
julian |
Remove a null pointer reference
Submitted by: Brian Somers (brian@freebsd.org)
|
52977 |
08-Nov-1999 |
archie |
Fix crash when trying to duplicate a NULL meta.
|
52976 |
08-Nov-1999 |
archie |
Get rid of the 'sync2' hook, which was a hack. Instead, just directly detect outgoing LCP frames and do the right thing.
|
52975 |
08-Nov-1999 |
archie |
Add support for the IFF_MULTICAST flag. There's not much to do because we are a point-to-point interface.
Submitted by: phk
|
52951 |
07-Nov-1999 |
julian |
Be more accepting about the format of node IDs. Submitted by: Brian Somers <brian@Awfulhak.org>
|
52919 |
06-Nov-1999 |
julian |
Move a structure Netstat needs back out to ng_socketvar.h (yech)
|
52912 |
06-Nov-1999 |
archie |
Fix several bugs found in the first bit of testing.
|
52907 |
05-Nov-1999 |
julian |
Re-add this till I can fix netstat to not need it.
|
52885 |
05-Nov-1999 |
julian |
Add the option for a socket node to shut down when the last hook to an adjoining node is removed. Also move file scope definitions back within the file, and remove un-needed include file.
|
52843 |
03-Nov-1999 |
phk |
Move isfoo() and friends to the newly created sys/ctype.h.
Urged by: bde
|
52817 |
02-Nov-1999 |
archie |
Add statistics counters to "tee" netgraph node type.
|
52816 |
02-Nov-1999 |
archie |
Simplify checking/parsing of strings using strtoul(), isdigit(), etc.
|
52766 |
01-Nov-1999 |
archie |
Fix some bugs in MP allocation routine when links are non-equivalent.
|
52752 |
01-Nov-1999 |
julian |
Add typedefs for node methods Suggested by phk.
|
52736 |
01-Nov-1999 |
julian |
braino in sample code. picked up by phk.
|
52722 |
01-Nov-1999 |
julian |
Start making the contents of the generic framework opaque to the nodes. This step: IDs are no-longer the address of the node. Reviewd by: Archie@freebsd.org
|
52639 |
29-Oct-1999 |
archie |
Revamped and more useful PPP node type, supporting multi-link PPP directly. This is one piece of the grand unified PPP daemon concept, whereby using netgraph nodes enables PPP data to be handled completely in kernel land, while leaving negotiation/control to be handled by a single user land daemon, no matter what the link type(s).
This is a safety checkin only; it compiles, but is utterly untested.
Concept reviewed by: julian, brian
|
52614 |
29-Oct-1999 |
julian |
When the session is running, don't include the ethernet header in the length of the payload.
|
52564 |
27-Oct-1999 |
julian |
fix typo
|
52563 |
27-Oct-1999 |
julian |
The node goes away when last session disconnects or when disconnected from the ethernet node.
|
52562 |
27-Oct-1999 |
julian |
change PPPoE occurences to pppoe. Not JUST a cosmeting change. some occurrances needed to be the same as the filenmnae which was pppoe not PPPoE.
|
52539 |
26-Oct-1999 |
julian |
cleanups regarding misused m_pullup() and similar.
|
52524 |
26-Oct-1999 |
julian |
Send the negotiated session ID on our packets (DUH!).
|
52523 |
26-Oct-1999 |
julian |
Send a PADT message to the peer when a session is closed down.
|
52522 |
26-Oct-1999 |
julian |
This one actually gets session data to the waiting ppp daemon (well, my test program at least).
|
52510 |
26-Oct-1999 |
julian |
This one actually negotiated it's way into a session. still tuning to be done.
|
52498 |
25-Oct-1999 |
julian |
Bring ng_iface up-to-date with what has happenned to the bpf code.
|
52448 |
23-Oct-1999 |
julian |
more fixes, braino's, typo's, etc.
|
52443 |
23-Oct-1999 |
julian |
A version of the pppoe code ellicits a response from the ISP end (but still not quite right)
|
52442 |
23-Oct-1999 |
julian |
dang, deleted a line
|
52441 |
23-Oct-1999 |
julian |
Now that Netgraph is in the system there are some cleanups we can do. Also save a slightly closer to completion version of the PPPOE code.
Submitted by: Archie Cobbs <archie@freebsd.org>
|
52419 |
21-Oct-1999 |
julian |
Whistle's Netgraph link-layer (sometimes more) networking infrastructure. Been in production for 3 years now. Gives Instant Frame relay to if_sr and if_ar drivers, and PPPOE support soon. See: ftp://ftp.whistle.com/pub/archie/netgraph/index.html for on-line manual pages.
Reviewed by: Doug Rabson (dfr@freebsd.org) Obtained from: Whistle CVS tree
|