#
361862 |
|
06-Jun-2020 |
freqlabs |
MFC r361756, r361757:
scope6: Check for NULL afdata before dereferencing
Narrows the race window with if_detach.
Approved by: mav (mentor) Sponsored by: iXsystems, Inc. Differential Revision: https://reviews.freebsd.org/D25017
|
#
331722 |
|
29-Mar-2018 |
eadler |
Revert r330897:
This was intended to be a non-functional change. It wasn't. The commit message was thus wrong. In addition it broke arm, and merged crypto related code.
Revert with prejudice.
This revert skips files touched in r316370 since that commit was since MFCed. This revert also skips files that require $FreeBSD$ property changes.
Thank you to those who helped me get out of this mess including but not limited to gonzo, kevans, rgrimes.
Requested by: gjb (re)
|
#
330897 |
|
14-Mar-2018 |
eadler |
Partial merge of the SPDX changes
These changes are incomplete but are making it difficult to determine what other changes can/should be merged.
No objections from: pfg
|
#
329791 |
|
22-Feb-2018 |
asomers |
MFC r328296:
sys/netinet6: fix typos in comments. No functional change.
Sponsored by: Spectra Logic Corp
|
#
302408 |
|
07-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle. Prune svn:mergeinfo from the new branch, as nothing has been merged here.
Additional commits post-branch will follow.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
295584 |
|
12-Feb-2016 |
markj |
Add a missing newline to a log message.
MFC after: 1 week
|
#
291993 |
|
08-Dec-2015 |
melifaro |
Merge helper fib* functions used for basic lookups.
Vast majority of rtalloc(9) users require only basic info from route table (e.g. "does the rtentry interface match with the interface I have?". "what is the MTU?", "Give me the IPv4 source address to use", etc..). Instead of hand-rolling lookups, checking if rtentry is up, valid, dealing with IPv6 mtu, finding "address" ifp (almost never done right), provide easy-to-use API hiding all the complexity and returning the needed info into small on-stack structure.
This change also helps hiding route subsystem internals (locking, direct rtentry accesses). Additionaly, using this API improves lookup performance since rtentry is not locked. (This is safe, since all the rtentry changes happens under both radix WLOCK and rtentry WLOCK).
Sponsored by: Yandex LLC
|
#
274348 |
|
10-Nov-2014 |
ae |
Add sa6_checkzone_ifp() function. It checks correctness of struct sockaddr_in6, usually obtained from the user level through ioctl. It initializes sin6_scope_id using given interface.
Sponsored by: Yandex LLC
|
#
274225 |
|
07-Nov-2014 |
glebius |
Remove SYSCTL_VNET_* macros, and simply put CTLFLAG_VNET where needed.
Sponsored by: Nginx, Inc.
|
#
271426 |
|
11-Sep-2014 |
ae |
* use M_ZERO flag with malloc instead of explicit zeroing. * remove MULTI_SCOPE ifdef.
Obtained from: Yandex LLC Sponsored by: Yandex LLC
|
#
271425 |
|
11-Sep-2014 |
ae |
Introduce new scope related functions.
* new macro to remove magic number - IPV6_ADDR_SCOPES_COUNT; * sa6_checkzone() - this function checks sockaddr_in6 structure for correctness of sin6_scope_id. It also can fill correct value sometimes. * in6_getscopezone() - this function returns scope zone id for specified interface and scope. * in6_getlinkifnet() - this function returns struct ifnet for corresponding zone id of link-local scope.
Obtained from: Yandex LLC Sponsored by: Yandex LLC
|
#
271421 |
|
11-Sep-2014 |
ae |
* constify argument of in6_addrscope(); * use IN6_IS_ADDR_XXX() macro instead of hardcoded values; * for multicast addresses just return scope value, the only exception is addresses with 0x0F scope value (RFC 4291 p2.7.0);
Obtained from: Yandex LLC Sponsored by: Yandex LLC
|
#
270348 |
|
22-Aug-2014 |
markj |
Add some missing checks for unsupported interfaces (e.g. pflog(4)) when handling ioctls. While here, remove duplicated checks for a NULL ifp in in6_control(): this check is already done near the beginning of the function.
PR: 189117 Reviewed by: hrs MFC after: 2 weeks
|
#
257176 |
|
26-Oct-2013 |
glebius |
The r48589 promised to remove implicit inclusion of if_var.h soon. Prepare to this event, adding if_var.h to files that do need it. Also, include all includes that now are included due to implicit pollution via if_var.h
Sponsored by: Netflix Sponsored by: Nginx, Inc.
|
#
245244 |
|
09-Jan-2013 |
ae |
Simplify in6_setscope() function to get better performance. Currently we use interface indeces as zone IDs for link-local and interface-local scopes, and since we don't have any tool to configure zone IDs, there is no need to acquire the afdata lock several times per packet only to read if_index value. So, now in6_setscope reads zone IDs for interface-local, link-local and global scopes without a lock.
Sponsored by: Yandex LLC MFC after: 2 weeks
|
#
245233 |
|
09-Jan-2013 |
ae |
Remove unneeded variable.
MFC after: 1 week
|
#
245199 |
|
08-Jan-2013 |
ae |
The in6_setscope() function determines the scope zone id of an address and embeds it into address. Inside the kernel we keep addresses with embedded zone id only for two scopes: link-local and interface-local.
For other scopes this function is nop in most cases. To reduce an overhead of locking, first check that address is capable for embedding. Also, handle the loopback address before acquire the lock.
Sponsored by: Yandex LLC MFC after: 1 week
|
#
243903 |
|
05-Dec-2012 |
hrs |
- Move definition of V_deembed_scopeid to scope6_var.h. - Deembed scope id in L3 address in in6_lltable_dump(). - Simplify scope id recovery in rtsock routines. - Remove embedded scope id handling in ndp(8) and route(8) completely.
|
#
243235 |
|
18-Nov-2012 |
hrs |
Check if an extracted zoneid is equal to the non-zero sin6_scope_id only when it is link-local or MC interface-local.
|
#
243031 |
|
14-Nov-2012 |
ae |
if_afdata lock was converted from mutex to rwlock a long ago, so we can replace IF_AFDATA_LOCK() macro depending to the access type.
Sponsored by: Yandex LLC MFC after: 1 week
|
#
243029 |
|
14-Nov-2012 |
ae |
SCOPE6_LOCK protects V_sid_default, no need to acquire it without any access to V_sid_default.
Sponsored by: Yandex LLC MFC after: 1 week
|
#
243028 |
|
14-Nov-2012 |
ae |
zoneid has unsigned type.
MFC after: 1 week
|
#
235916 |
|
24-May-2012 |
bz |
MFp4 bz_ipv6_fast:
Introduce in6_getscope() to allow more effective checksum computations without the need to copy the address to clear the scope.
Sponsored by: The FreeBSD Foundation Sponsored by: iXsystems
Reviewed by: gnn (as part of the whole) MFC After: 3 days
|
#
215701 |
|
22-Nov-2010 |
dim |
After some off-list discussion, revert a number of changes to the DPCPU_DEFINE and VNET_DEFINE macros, as these cause problems for various people working on the affected files. A better long-term solution is still being considered. This reversal may give some modules empty set_pcpu or set_vnet sections, but these are harmless.
Changes reverted:
------------------------------------------------------------------------ r215318 | dim | 2010-11-14 21:40:55 +0100 (Sun, 14 Nov 2010) | 4 lines
Instead of unconditionally emitting .globl's for the __start_set_xxx and __stop_set_xxx symbols, only emit them when the set_vnet or set_pcpu sections are actually defined.
------------------------------------------------------------------------ r215317 | dim | 2010-11-14 21:38:11 +0100 (Sun, 14 Nov 2010) | 3 lines
Apply the STATIC_VNET_DEFINE and STATIC_DPCPU_DEFINE macros throughout the tree.
------------------------------------------------------------------------ r215316 | dim | 2010-11-14 21:23:02 +0100 (Sun, 14 Nov 2010) | 2 lines
Add macros to define static instances of VNET_DEFINE and DPCPU_DEFINE.
|
#
215317 |
|
14-Nov-2010 |
dim |
Apply the STATIC_VNET_DEFINE and STATIC_DPCPU_DEFINE macros throughout the tree.
|
#
207369 |
|
29-Apr-2010 |
bz |
MFP4: @176978-176982, 176984, 176990-176994, 177441
"Whitspace" churn after the VIMAGE/VNET whirls.
Remove the need for some "init" functions within the network stack, like pim6_init(), icmp_init() or significantly shorten others like ip6_init() and nd6_init(), using static initialization again where possible and formerly missed.
Move (most) variables back to the place they used to be before the container structs and VIMAGE_GLOABLS (before r185088) and try to reduce the diff to stable/7 and earlier as good as possible, to help out-of-tree consumers to update from 6.x or 7.x to 8 or 9.
This also removes some header file pollution for putatively static global variables.
Revert VIMAGE specific changes in ipfilter::ip_auth.c, that are no longer needed.
Reviewed by: jhb Discussed with: rwatson Sponsored by: The FreeBSD Foundation Sponsored by: CK Software GmbH MFC after: 6 days
|
#
196019 |
|
01-Aug-2009 |
rwatson |
Merge the remainder of kern_vimage.c and vimage.h into vnet.c and vnet.h, we now use jails (rather than vimages) as the abstraction for virtualization management, and what remained was specific to virtual network stacks. Minor cleanups are done in the process, and comments updated to reflect these changes.
Reviewed by: bz Approved by: re (vimage blanket)
|
#
195727 |
|
16-Jul-2009 |
rwatson |
Remove unused VNET_SET() and related macros; only VNET_GET() is ever actually used. Rename VNET_GET() to VNET() to shorten variable references.
Discussed with: bz, julian Reviewed by: bz Approved by: re (kensmith, kib)
|
#
195699 |
|
14-Jul-2009 |
rwatson |
Build on Jeff Roberson's linker-set based dynamic per-CPU allocator (DPCPU), as suggested by Peter Wemm, and implement a new per-virtual network stack memory allocator. Modify vnet to use the allocator instead of monolithic global container structures (vinet, ...). This change solves many binary compatibility problems associated with VIMAGE, and restores ELF symbols for virtualized global variables.
Each virtualized global variable exists as a "reference copy", and also once per virtual network stack. Virtualized global variables are tagged at compile-time, placing the in a special linker set, which is loaded into a contiguous region of kernel memory. Virtualized global variables in the base kernel are linked as normal, but those in modules are copied and relocated to a reserved portion of the kernel's vnet region with the help of a the kernel linker.
Virtualized global variables exist in per-vnet memory set up when the network stack instance is created, and are initialized statically from the reference copy. Run-time access occurs via an accessor macro, which converts from the current vnet and requested symbol to a per-vnet address. When "options VIMAGE" is not compiled into the kernel, normal global ELF symbols will be used instead and indirection is avoided.
This change restores static initialization for network stack global variables, restores support for non-global symbols and types, eliminates the need for many subsystem constructors, eliminates large per-subsystem structures that caused many binary compatibility issues both for monitoring applications (netstat) and kernel modules, removes the per-function INIT_VNET_*() macros throughout the stack, eliminates the need for vnet_symmap ksym(2) munging, and eliminates duplicate definitions of virtualized globals under VIMAGE_GLOBALS.
Bump __FreeBSD_version and update UPDATING.
Portions submitted by: bz Reviewed by: bz, zec Discussed with: gnn, jamie, jeff, jhb, julian, sam Suggested by: peter Approved by: re (kensmith)
|
#
194739 |
|
23-Jun-2009 |
bz |
After cleaning up rt_tables from vnet.h and cleaning up opt_route.h a lot of files no longer need route.h either. Garbage collect them. While here remove now unneeded vnet.h #includes as well.
|
#
193744 |
|
08-Jun-2009 |
bz |
After r193232 rt_tables in vnet.h are no longer indirectly dependent on the ROUTETABLES kernel option thus there is no need to include opt_route.h anymore in all consumers of vnet.h and no longer depend on it for module builds.
Remove the hidden include in flowtable.h as well and leave the two explicit #includes in ip_input.c and ip_output.c.
|
#
190787 |
|
06-Apr-2009 |
zec |
First pass at separating per-vnet initializer functions from existing functions for initializing global state.
At this stage, the new per-vnet initializer functions are directly called from the existing global initialization code, which should in most cases result in compiler inlining those new functions, hence yielding a near-zero functional change.
Modify the existing initializer functions which are invoked via protosw, like ip_init() et. al., to allow them to be invoked multiple times, i.e. per each vnet. Global state, if any, is initialized only if such functions are called within the context of vnet0, which will be determined via the IS_DEFAULT_VNET(curvnet) check (currently always true).
While here, V_irtualize a few remaining global UMA zones used by net/netinet/netipsec networking code. While it is not yet clear to me or anybody else whether this is the right thing to do, at this stage this makes the code more readable, and makes it easier to track uncollected UMA-zone-backed objects on vnet removal. In the long run, it's quite possible that some form of shared use of UMA zone pools among multiple vnets should be considered.
Bump __FreeBSD_version due to changes in layout of structs vnet_ipfw, vnet_inet and vnet_net.
Approved by: julian (mentor)
|
#
189106 |
|
27-Feb-2009 |
bz |
For all files including net/vnet.h directly include opt_route.h and net/route.h.
Remove the hidden include of opt_route.h and net/route.h from net/vnet.h.
We need to make sure that both opt_route.h and net/route.h are included before net/vnet.h because of the way MRT figures out the number of FIBs from the kernel option. If we do not, we end up with the default number of 1 when including net/vnet.h and array sizes are wrong.
This does not change the list of files which depend on opt_route.h but we can identify them now more easily.
|
#
185571 |
|
02-Dec-2008 |
bz |
Rather than using hidden includes (with cicular dependencies), directly include only the header files needed. This reduces the unneeded spamming of various headers into lots of files.
For now, this leaves us with very few modules including vnet.h and thus needing to depend on opt_route.h.
Reviewed by: brooks, gnn, des, zec, imp Sponsored by: The FreeBSD Foundation
|
#
185088 |
|
19-Nov-2008 |
zec |
Change the initialization methodology for global variables scheduled for virtualization.
Instead of initializing the affected global variables at instatiation, assign initial values to them in initializer functions. As a rule, initialization at instatiation for such variables should never be introduced again from now on. Furthermore, enclose all instantiations of such global variables in #ifdef VIMAGE_GLOBALS blocks.
Essentialy, this change should have zero functional impact. In the next phase of merging network stack virtualization infrastructure from p4/vimage branch, the new initialization methology will allow us to switch between using global variables and their counterparts residing in virtualization containers with minimum code churn, and in the long run allow us to intialize multiple instances of such container structures.
Discussed at: devsummit Strassburg Reviewed by: bz, julian Approved by: julian (mentor) Obtained from: //depot/projects/vimage-commit2/... X-MFC after: never Sponsored by: NLnet Foundation, The FreeBSD Foundation
|
#
183550 |
|
02-Oct-2008 |
zec |
Step 1.5 of importing the network stack virtualization infrastructure from the vimage project, as per plan established at devsummit 08/08: http://wiki.freebsd.org/Image/Notes200808DevSummit
Introduce INIT_VNET_*() initializer macros, VNET_FOREACH() iterator macros, and CURVNET_SET() context setting macros, all currently resolving to NOPs.
Prepare for virtualization of selected SYSCTL objects by introducing a family of SYSCTL_V_*() macros, currently resolving to their global counterparts, i.e. SYSCTL_V_INT() == SYSCTL_INT().
Move selected #defines from sys/sys/vimage.h to newly introduced header files specific to virtualized subsystems (sys/net/vnet.h, sys/netinet/vinet.h etc.).
All the changes are verified to have zero functional impact at this point in time by doing MD5 comparision between pre- and post-change object files(*).
(*) netipsec/keysock.c did not validate depending on compile time options.
Implemented by: julian, bz, brooks, zec Reviewed by: julian, bz, brooks, kris, rwatson, ... Approved by: julian (mentor) Obtained from: //depot/projects/vimage-commit2/... X-MFC after: never Sponsored by: NLnet Foundation, The FreeBSD Foundation
|
#
181803 |
|
17-Aug-2008 |
bz |
Commit step 1 of the vimage project, (network stack) virtualization work done by Marko Zec (zec@).
This is the first in a series of commits over the course of the next few weeks.
Mark all uses of global variables to be virtualized with a V_ prefix. Use macros to map them back to their global names for now, so this is a NOP change only.
We hope to have caught at least 85-90% of what is needed so we do not invalidate a lot of outstanding patches again.
Obtained from: //depot/projects/vimage-commit2/... Reviewed by: brooks, des, ed, mav, julian, jamie, kris, rwatson, zec, ... (various people I forgot, different versions) md5 (with a bit of help) Sponsored by: NLnet Foundation, The FreeBSD Foundation X-MFC after: never V_Commit_Message_Reviewed_By: more people than the patch
|
#
174510 |
|
10-Dec-2007 |
obrien |
Clean up VCS Ids.
|
#
171259 |
|
05-Jul-2007 |
delphij |
ANSIfy[1] plus some style cleanup nearby.
Discussed with: gnn, rwatson Submitted by: Karl Sj?dahl - dunceor <dunceor gmail com> [1] Approved by: re (rwatson)
|
#
165118 |
|
12-Dec-2006 |
bz |
MFp4: 92972, 98913 + one more change
In ip6_sprintf no longer use and return one of eight static buffers for printing/logging ipv6 addresses. The caller now has to hand in a sufficiently large buffer as first argument.
|
#
148399 |
|
25-Jul-2005 |
ume |
oops, make it compilable. i need sleep. X-(
|
#
148396 |
|
25-Jul-2005 |
ume |
restore locks which disappeared wrongly by my previous commit.
|
#
148385 |
|
25-Jul-2005 |
ume |
scope cleanup. with this change - most of the kernel code will not care about the actual encoding of scope zone IDs and won't touch "s6_addr16[1]" directly. - similarly, most of the kernel code will not care about link-local scoped addresses as a special case. - scope boundary check will be stricter. For example, the current *BSD code allows a packet with src=::1 and dst=(some global IPv6 address) to be sent outside of the node, if the application do: s = socket(AF_INET6); bind(s, "::1"); sendto(s, some_global_IPv6_addr); This is clearly wrong, since ::1 is only meaningful within a single node, but the current implementation of the *BSD kernel cannot reject this attempt.
Submitted by: JINMEI Tatuya <jinmei__at__isl.rdc.toshiba.co.jp> Obtained from: KAME
|
#
139826 |
|
07-Jan-2005 |
imp |
/* -> /*- for license, minor formatting changes, separate for KAME
|
#
138184 |
|
29-Nov-2004 |
gnn |
Reviewed by: SUZUKI Shinsuke <suz@kame.net> Approved by: Robert Watson <rwatson@freebsd.org>
Add locking to the IPv6 scoping code.
All spl() like calls have also been removed.
Cleaning up the handling of ifnet data will happen at a later date.
|
#
121343 |
|
22-Oct-2003 |
ume |
protect sid_default and sid.
Submitted by: rwatson (with modification)
|
#
121315 |
|
21-Oct-2003 |
ume |
- change scope to zone. - change node-local to interface-local. - better error handling of address-to-scope mapping. - use in6_clearscope().
Obtained from: KAME
|
#
121161 |
|
17-Oct-2003 |
ume |
- add dom_if{attach,detach} framework. - transition to use ifp->if_afdata.
Obtained from: KAME
|
#
120941 |
|
09-Oct-2003 |
ume |
- typo in comment - style - ANSIfy (there is no functional change.)
Obtained from: KAME
|
#
120856 |
|
06-Oct-2003 |
ume |
return(code) -> return (code) (reduce diffs against KAME)
|
#
111119 |
|
19-Feb-2003 |
imp |
Back out M_* changes, per decision of the TRB.
Approved by: trb
|
#
109623 |
|
21-Jan-2003 |
alfred |
Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0. Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
|
#
93128 |
|
25-Mar-2002 |
ume |
3rd arg to bcmp() was wrong. From: David Wang <dsw@juniper.net>
Obtained from: KAME MFC after: 1 week
|
#
78064 |
|
11-Jun-2001 |
ume |
Sync with recent KAME. This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge.
TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT.
Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks
|
#
62587 |
|
04-Jul-2000 |
itojun |
sync with kame tree as of july00. tons of bug fixes/improvements.
API changes: - additional IPv6 ioctls - IPsec PF_KEY API was changed, it is mandatory to upgrade setkey(8). (also syntax change)
|