#
267654 |
|
19-Jun-2014 |
gjb |
Copy stable/9 to releng/9.3 as part of the 9.3-RELEASE cycle.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
233275 |
|
21-Mar-2012 |
glebius |
Merge 232685 from head: Merge from OpenBSD:
revision 1.146 date: 2010/05/12 08:11:11; author: claudio; state: Exp; lines: +2 -3 bzero() the full compressed update struct before setting the values. This is needed because pf_state_peer_hton() skips some fields in certain situations which could result in garbage beeing sent to the other peer. This seems to fix the pfsync storms seen by stephan@ and so dlg owes me a whiskey.
I didn't see any storms, but this definitely fixes a useless memory allocation on the receiving side, due to non zero scrub_flags field in a pfsync_state_peer structure.
|
#
230868 |
|
01-Feb-2012 |
glebius |
Merge some cleanups and bugfixes to pfsync(4) and pf(4) from head. Merged revisions: r229773,229777,229849-229853,229857,229959,229961-229964,229976.
r229777: Merge from OpenBSD: revision 1.170 date: 2011/10/30 23:04:38; author: mikeb; state: Exp; lines: +6 -7 Allow setting big MTU values on the pfsync interface but not larger than the syncdev MTU. Prompted by the discussion with and tested by Maxim Bourmistrov; ok dlg, mpf
Consistently use sc_ifp->if_mtu in the MTU check throughout the module. This backs out r228813.
r229849: o Fix panic on module unload, that happened due to mutex being destroyed prior to pfsync_uninit(). To do this, move all the initialization to the module_t method, instead of SYSINIT(9). o Fix another panic after module unload, due to not clearing the m_addr_chg_pf_p pointer. o Refuse to unload module, unless being unloaded forcibly. o Revert the sub argument to MODULE_DECLARE, to the stable/8 value.
r229850: Bunch of fixes to pfsync(4) module load/unload:
o Make the pfsync.ko actually usable. Before this change loading it didn't register protosw, so was a nop. However, a module /boot/kernel did confused users. o Rewrite the way we are joining multicast group: - Move multicast initialization/destruction to separate functions. - Don't allocate memory if we aren't going to join a multicast group. - Use modern API for joining/leaving multicast group. - Now the utterly wrong pfsync_ifdetach() isn't needed. o Move module initialization from SYSINIT(9) to moduledata_t method. o Refuse to unload module, unless asked forcibly. o Improve a bit some FreeBSD porting code: - Use separate malloc type. - Simplify swi sheduling.
r229857: Can't pass MSIZE to m_cljget(), an mbuf can't be attached as external storage to another mbuf.
r229963: Add necessary locking in pfsync_in_ureq().
r229976: Redo r226660: - Define schednetisr() to swi_sched. - In the swi handler check if there is some data prepared, and if true, then call pfsync_sendout(), however tell it not to schedule swi again. - Since now we don't obtain the pfsync lock in the swi handler, don't use ifqueue mutex to synchronize queue access.
r229773, r229851, r229959, r229961, r229962, r229964 - minor cleanups.
|
#
229770 |
|
07-Jan-2012 |
glebius |
Merge from head/ 228732,228811,228813-228816,228855:
r228732 | glebius | 2011-12-20 16:34:16 +0400 (вт, 20 дек 2011) | 3 lines
- Cover pfsync callouts deletion with PF_LOCK(). - Cover setting up interface between pf and pfsync with PF_LOCK().
r228811 | glebius | 2011-12-22 22:31:47 +0400 (чт, 22 дек 2011) | 3 lines
In FreeBSD we always have bpf(4) API, either real or stub. No need in detecting presense of 'device bpf'.
r228813 | glebius | 2011-12-22 22:51:35 +0400 (чт, 22 дек 2011) | 2 lines
We really mean MTU of the real interface here, not of our pseudo.
r228814 | glebius | 2011-12-22 22:56:27 +0400 (чт, 22 дек 2011) | 16 lines
Merge couple more fixes from OpenBSD to bulk processing:
revision 1.118 date: 2009/03/23 06:19:59; author: dlg; state: Exp; lines: +8 -6 wait an appropriate amount of time before giving up on a bulk update, rather than giving up after a hardcoded 5 seconds (which is generally much too short an interval for a bulk update). pointed out by david@, eyeballed by mcbride@
revision 1.171 date: 2011/10/31 22:02:52; author: mikeb; state: Exp; lines: +2 -1 Don't forget to cancel bulk update failure timeout when destroying an interface. Problem report and fix from Erik Lax, thanks!
Start a brief note of revisions merged from OpenBSD.
r228815 | glebius | 2011-12-22 23:05:58 +0400 (чт, 22 дек 2011) | 12 lines
Merge from OpenBSD: revision 1.120 date: 2009/04/04 13:09:29; author: dlg; state: Exp; lines: +5 -5 use time_uptime instead of time_second internally. time_uptime isnt affected by adjusting the clock.
revision 1.175 date: 2011/11/25 12:52:10; author: dlg; state: Exp; lines: +3 -3 use time_uptime to set state creation values as time_second can be skewed at runtime by things like date(1) and ntpd. time_uptime is monotonic and therefore more useful to compare against.
r228816 | glebius | 2011-12-22 23:09:55 +0400 (чт, 22 дек 2011) | 11 lines
Merge from OpenBSD: revision 1.122 date: 2009/05/13 01:01:34; author: dlg; state: Exp; lines: +6 -4 only keep track of the number of updates on tcp connections. state sync on all the other protocols is simply pushing the timeouts along which has a resolution of 1 second, so it isnt going to be hurt by pfsync taking up to a second to send it over.
keep track of updates on tcp still though, their windows need constant attention.
|
#
226801 |
|
26-Oct-2011 |
glebius |
Sync pf(4) and pfsync(4) with head, merging lots of important bugfixes required for normal operation of pfsync(4). Revisions merged:
r226531 | bz | 2011-10-19 13:34:40 +0400 (ср, 19 окт 2011) | 4 lines
Fix an obvious locking bug where we would lock again rather than unlock.
r226532 | bz | 2011-10-19 14:04:24 +0400 (ср, 19 окт 2011) | 12 lines
Pseudo interfaces should go at SI_SUB_PSEUDO. However at least pfsync also depends on pf to be initialized already so pf goes at FIRST and the interfaces go at ANY. Then the (VNET_)SYSINIT startups for pf stays at SI_SUB_PROTO_BEGIN and for pfsync we move to the later SI_SUB_PROTO_IF.
This is not ideal either but at least an order that should work for the moment and can be re-fined with the VIMAGE merge, once this will actually work with more than one network stack.
r226533 | bz | 2011-10-19 14:08:58 +0400 (ср, 19 окт 2011) | 4 lines
In the non-FreeBSD case we do not expect PF_LOCK and friends to do anything.
r226535 | bz | 2011-10-19 14:16:42 +0400 (ср, 19 окт 2011) | 5 lines
Adjust the PF_ASSERT() macro to what we usually use in the network stack: PF_LOCK_ASSERT() and PF_UNLOCK_ASSERT().
r226536 | bz | 2011-10-19 15:04:49 +0400 (ср, 19 окт 2011) | 8 lines
De-virtualize the pf_task_mtx lock. At the current state of pf locking and virtualization it is not helpful but complicates things.
Current state of art is to not virtualize these kinds of locks - inp_group/hash/info/.. are all not virtualized either.
r226544 | bz | 2011-10-19 17:13:56 +0400 (ср, 19 окт 2011) | 12 lines
Fix recursive pf locking leading to panics. Splatter PF_LOCK_ASSERT()s to document where we are expecting to be called with a lock held to more easily catch unnoticed code paths. This does not neccessarily improve locking in pfsync, it just tries to avoid the panics reported.
PR: kern/159390, kern/158873 Submitted by: pluknet (at least something that partly resembles my patch ignoring other cleanup, which I only saw too late on the 2nd PR)
r226609 | glebius | 2011-10-21 15:11:18 +0400 (пт, 21 окт 2011) | 4 lines
In FreeBSD ip_output() expects ip_len and ip_off in host byte order
PR: kern/159029
r226623 | glebius | 2011-10-22 02:28:15 +0400 (сб, 22 окт 2011) | 5 lines
Fix a race: we should update sc_len before dropping the pf lock, otherwise a number of packets can be queued on sc, while we are in ip_output(), and then we wipe the accumulated sc_len. On next pfsync_sendout() that would lead to writing beyond our mbuf cluster.
r226655 | glebius | 2011-10-23 14:05:25 +0400 (вс, 23 окт 2011) | 5 lines
Correct flag for uma_zalloc() is M_WAITOK. M_WAIT is an old and deprecated flag from historical mbuf(9) allocator.
This is style only change.
r226656 | glebius | 2011-10-23 14:13:20 +0400 (вс, 23 окт 2011) | 5 lines
Absense of M_WAITOK in malloc flags for UMA doesn't equals presense of M_NOWAIT. Specify M_NOWAIT explicitly.
This fixes sleeping with PF_LOCK().
r226660 | glebius | 2011-10-23 18:59:54 +0400 (вс, 23 окт 2011) | 22 lines
Fix from r226623 is not sufficient to close all races in pfsync(4).
The root of problem is re-locking at the end of pfsync_sendout(). Several functions are calling pfsync_sendout() holding pointers to pf data on stack, and these functions expect this data to be consistent.
To fix this, the following approach was taken:
- The pfsync_sendout() doesn't call ip_output() directly, but enqueues the mbuf on sc->sc_ifp's interfaces queue, that is currently unused. Then pfsync netisr is scheduled. PF_LOCK isn't dropped in pfsync_sendout(). - The netisr runs through queue and ip_output()s packets on it.
Apart from fixing race, this also decouples stack, fixing potential issues, that may happen, when sending pfsync(4) packets on input path.
Reviewed by: eri (a quick review)
r226661 | glebius | 2011-10-23 19:08:18 +0400 (вс, 23 окт 2011) | 13 lines
- Fix a bad typo (FreeBSD specific) in pfsync_bulk_update(). Instead of scheduling next run pfsync_bulk_update(), pfsync_bulk_fail() was scheduled. This lead to instant 100% state leak after first bulk update request. - After above fix, it appeared that pfsync_bulk_update() lacks locking. To fix this, sc_bulk_tmo callout was converted to an mtx one. Eventually, all pf/pfsync callouts should be converted to mtx version, since it isn't possible to stop or drain a non-mtx callout without risk of race. - Add comment that callout_stop() in pfsync_clone_destroy() lacks locking. Since pfsync0 can't be destroyed (yet), let it be here.
r226662 | glebius | 2011-10-23 19:10:15 +0400 (вс, 23 окт 2011) | 2 lines
Fix indentation, no code changed.
r226663 | glebius | 2011-10-23 19:15:17 +0400 (вс, 23 окт 2011) | 4 lines
Merge several fixes to bulk update processing from OpenBSD. Merged revisions: 1.148, 1.149, 1.150. This makes number of states on master/slave to be of a sane value.
Approved by: re (kib)
|
#
225736 |
|
22-Sep-2011 |
kensmith |
Copy head to stable/9 as part of 9.0-RELEASE release cycle.
Approved by: re (implicit)
|
#
224936 |
|
17-Aug-2011 |
pluknet |
Fix build failure without BPF.
Reported by: deeptech71 at gmail dot com Approved by: re (kib)
|
#
223637 |
|
28-Jun-2011 |
bz |
Update packet filter (pf) code to OpenBSD 4.5.
You need to update userland (world and ports) tools to be in sync with the kernel.
Submitted by: mlaier Submitted by: eri
|
#
200930 |
|
23-Dec-2009 |
delphij |
Adapt OpenBSD pf's "sloopy" TCP state machine which is useful for Direct Server Return mode, where not all packets would be visible to the load balancer or gateway.
This commit should be reverted when we merge future pf versions. The benefit it would provide is that this version does not break any existing public interface and thus won't be a problem if we want to MFC it to earlier FreeBSD releases.
Discussed with: mlaier Obtained from: OpenBSD Sponsored by: iXsystems, Inc. MFC after: 1 month
|
#
191148 |
|
16-Apr-2009 |
kmacy |
Change if_output to take a struct route as its fourth argument in order to allow passing a cached struct llentry * down to L2
Reviewed by: rwatson
|
#
171637 |
|
28-Jul-2007 |
rwatson |
Replace references to NET_CALLOUT_MPSAFE with CALLOUT_MPSAFE, and remove definition of NET_CALLOUT_MPSAFE, which is no longer required now that debug.mpsafenet has been removed.
The once over: bz Approved by: re (kensmith)
|
#
171168 |
|
03-Jul-2007 |
mlaier |
Commit resolved import of OpenBSD 4.1 pf from perforce.
Approved by: re (kensmith)
|
#
168700 |
|
13-Apr-2007 |
bms |
In member interface detach event handler, do not attempt to free state which has already been freed by in_ifdetach(). With this cumulative change, the removal of a member interface will not cause a panic in pfsync(4).
Requested by: yar PR: 86848
|
#
167710 |
|
19-Mar-2007 |
bms |
Teach pfsync(4) that its member interfaces may go away.
This change partially resolves the issue in the PR. Further architectural fixes, in the form of reference counting, are needed.
PR: 86848 Reviewed by: yar MFC after: 1 month
|
#
165632 |
|
29-Dec-2006 |
jhb |
Various bpf(4) related fixes to catch places up to the new bpf(4) semantics. - Stop testing bpf pointers for NULL. In some cases use bpf_peers_present() and then call the function directly inside the conditional block instead of the macro. - For places where the entire conditional block is the macro, remove the test and make the macro unconditional. - Use BPF_MTAP() in if_pfsync on FreeBSD instead of an expanded version of the old semantics.
Reviewed by: csjp (older version)
|
#
164033 |
|
06-Nov-2006 |
rwatson |
Sweep kernel replacing suser(9) calls with priv(9) calls, assigning specific privilege names to a broad range of privileges. These may require some future tweaking.
Sponsored by: nCircle Network Security, Inc. Obtained from: TrustedBSD Project Discussed on: arch@ Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri, Alex Lyashkov <umka at sevcity dot net>, Skip Ford <skip dot ford at verizon dot net>, Antoine Brodin <antoine dot brodin at laposte dot net>
|
#
160195 |
|
09-Jul-2006 |
sam |
Revise network interface cloning to take an optional opaque parameter that can specify configuration parameters: o rev cloner api's to add optional parameter block o add SIOCCREATE2 that accepts parameter data o rev vlan support to use new api (maintain old code)
Reviewed by: arch@
|
#
160164 |
|
07-Jul-2006 |
mlaier |
Make in-kernel multicast protocols for pfsync and carp work after enabling dynamic resizing of multicast membership array.
Reported and testing by: Maxim Konovalov, Scott Ullrich Reminded by: thompsa MFC after: 2 weeks
|
#
159656 |
|
16-Jun-2006 |
mlaier |
Fix pfsync w/o carp compilation.
Submitted by: yar
|
#
159603 |
|
14-Jun-2006 |
mlaier |
Fix byteorder of syncpeer and make it actually work.
Submitted by: glebius MFC after: 1 week
|
#
153110 |
|
05-Dec-2005 |
ru |
Fix -Wundef warnings found when compiling i386 LINT, GENERIC and custom kernels.
|
#
152209 |
|
08-Nov-2005 |
thompsa |
Move the cloned interface list management in to if_clone. For some drivers the softc lists and associated mutex are now unused so these have been removed.
Calling if_clone_detach() will now destroy all the cloned interfaces for the driver and in most cases is all thats needed to unload.
Idea by: brooks Reviewed by: brooks
|
#
151266 |
|
12-Oct-2005 |
thompsa |
Change the reference counting to count the number of cloned interfaces for each cloner. This ensures that ifc->ifc_units is not prematurely freed in if_clone_detach() before the clones are destroyed, resulting in memory modified after free. This could be triggered with if_vlan.
Assert that all cloners have been destroyed when freeing the memory.
Change all simple cloners to destroy their clones with ifc_simple_destroy() on module unload so the reference count is properly updated. This also cleans up the interface destroy routines and allows future optimisation.
Discussed with: brooks, pjd, -current Reviewed by: brooks
|
#
149982 |
|
11-Sep-2005 |
mlaier |
Stop leaking a lock. This used to cause a propagate_priority() page fault when setting syncdev and syncpeer.
Reported by: Dominic Marks
|
#
148891 |
|
09-Aug-2005 |
mlaier |
Wrap the new world order in __FreeBSD__ to ease future imports.
|
#
148887 |
|
09-Aug-2005 |
rwatson |
Propagate rename of IFF_OACTIVE and IFF_RUNNING to IFF_DRV_OACTIVE and IFF_DRV_RUNNING, as well as the move from ifnet.if_flags to ifnet.if_drv_flags. Device drivers are now responsible for synchronizing access to these flags, as they are in if_drv_flags. This helps prevent races between the network stack and device driver in maintaining the interface flags field.
Many __FreeBSD__ and __FreeBSD_version checks maintained and continued; some less so.
Reviewed by: pjd, bz MFC after: 7 days
|
#
148015 |
|
14-Jul-2005 |
mlaier |
Export pfsyncstats via sysctl "net.inet.pfsync" in order to print them with netstat (seperate commit).
Requested by: glebius MFC after: 1 week
|
#
147614 |
|
26-Jun-2005 |
mlaier |
Properly initialize ifq_maxlen for the defered send queue and make it actually work. Also use the right semantics for IF_HANDOFF to get correct stats.
Reported and tested by: Sascha Luck <sascha at c4inet dot net> Approved by: re (blanket)
|
#
147321 |
|
12-Jun-2005 |
mlaier |
Mark pf callouts as NET_MPSAFE.
Requested by: yongari (serveral times) Approved by: re (blanket) MFC after: 1 week
|
#
147261 |
|
10-Jun-2005 |
mlaier |
Defer ip_output of pfsync updates to an independent callout thread instead of just dropping the lock around the ip_output call. This used to cause corrupted state tree walks for some call-paths.
In a second stage all callouts will be marked MPSAFE according to the setting of mpsafenet.
Reported and tested by: Matthew Grooms <mgrooms at seton dot org> MFC after: 3 days X-MFC after: Marking callouts MPSAFE + 1 week
|
#
147256 |
|
10-Jun-2005 |
brooks |
Stop embedding struct ifnet at the top of driver softcs. Instead the struct ifnet or the layer 2 common structure it was embedded in have been replaced with a struct ifnet pointer to be filled by a call to the new function, if_alloc(). The layer 2 common structure is also allocated via if_alloc() based on the interface type. It is hung off the new struct ifnet member, if_l2com.
This change removes the size of these structures from the kernel ABI and will allow us to better manage them as interfaces come and go.
Other changes of note: - Struct arpcom is no longer referenced in normal interface code. Instead the Ethernet address is accessed via the IFP2ENADDR() macro. To enforce this ac_enaddr has been renamed to _ac_enaddr. - The second argument to ether_ifattach is now always the mac address from driver private storage rather than sometimes being ac_enaddr.
Reviewed by: sobomax, sam
|
#
145836 |
|
03-May-2005 |
mlaier |
Resolve conflicts created during the import of pf 3.7 Some features are missing and will be implemented in a second step. This is functional as is.
Tested by: freebsd-pf, pfsense.org Obtained from: OpenBSD X-MFC after: never (breaks API/ABI)
|
#
141584 |
|
09-Feb-2005 |
mlaier |
Access softc embedded struct ifnet via function macro to make it easier to untangle struct ifnet and softc/arpcom in the future.
Requested by: brooks
|
#
138666 |
|
10-Dec-2004 |
mlaier |
Compile pfsync w/o bpf.
Noticed by: "Jayel Villamin" <jarthel operamail com>
|
#
135196 |
|
14-Sep-2004 |
mlaier |
Move pf* init from SI_SUB_PSEUDO to SI_SUB_PROTO_IFATTACHDOMAIN where it is save to call if_attachdomain from if_attach() (as done for if_loop.c). We will now end up with a properly initialized if_afdata array and the nd6 callout will no longer try to deref a NULL pointer.
Still this is a temp workaround and the locking for if_afdata should be revisited at a later point.
Requested by: rwatson Discussed with and tested by: yongari (a while ago) PR: kern/70393 MFC after: 5 days
|
#
133720 |
|
14-Aug-2004 |
dwmalone |
Get rid of the RANDOM_IP_ID option and make it a sysctl. NetBSD have already done this, so I have styled the patch on their work:
1) introduce a ip_newid() static inline function that checks the sysctl and then decides if it should return a sequential or random IP ID.
2) named the sysctl net.inet.ip.random_id
3) IPv6 flow IDs and fragment IDs are now always random. Flow IDs and frag IDs are significantly less common in the IPv6 world (ie. rarely generated per-packet), so there should be smaller performance concerns.
The sysctl defaults to 0 (sequential IP IDs).
Reviewed by: andre, silby, mlaier, ume Based on: NetBSD MFC after: 2 months
|
#
132767 |
|
28-Jul-2004 |
kan |
Initialize s variable early to shut up GCC warnings. Do not declare inline functions without body as this is useless in general and generates a warning with GCC 3.4.x.
Glanced over by: dhartmei
|
#
130933 |
|
22-Jun-2004 |
brooks |
Major overhaul of pseudo-interface cloning. Highlights include:
- Split the code out into if_clone.[ch]. - Locked struct if_clone. [1] - Add a per-cloner match function rather then simply matching names of the form <name><unit> and <name>. - Use the match function to allow creation of <interface>.<tag> vlan interfaces. The old way is preserved unchanged! - Also the match function to allow creation of stf(4) interfaces named stf0, stf, or 6to4. This is the only major user visible change in that "ifconfig stf" creates the interface stf rather then stf0 and does not print "stf0" to stdout. - Allow destroy functions to fail so they can refuse to delete interfaces. Currently, we forbid the deletion of interfaces which were created in the init function, particularly lo0, pflog0, and pfsync0. In the case of lo0 this was a panic implementation so it does not count as a user visiable change. :-) - Since most interfaces do not need the new functionality, an family of wrapper functions, ifc_simple_*(), were created to wrap old style cloner functions. - The IF_CLONE_INITIALIZER macro is replaced with a new incompatible IFC_CLONE_INITIALIZER and ifc_simple consumers use IFC_SIMPLE_DECLARE instead.
Submitted by: Maurycy Pawlowski-Wieronski <maurycy at fouk.org> [1] Reviewed by: andre, mlaier Discussed on: net
|
#
130613 |
|
16-Jun-2004 |
mlaier |
Commit pf version 3.5 and link additional files to the kernel build.
Version 3.5 brings: - Atomic commits of ruleset changes (reduce the chance of ending up in an inconsistent state). - A 30% reduction in the size of state table entries. - Source-tracking (limit number of clients and states per client). - Sticky-address (the flexibility of round-robin with the benefits of source-hash). - Significant improvements to interface handling. - and many more ...
|
#
130475 |
|
14-Jun-2004 |
mlaier |
Remove some more leftover from the old pfaltq_module hack to allow for kernels w/ pf, but w/o altq.
Reported-by: Xin LI
|
#
129907 |
|
31-May-2004 |
mlaier |
"Get rid of the nested include of <sys/module.h> from <sys/kernel.h>" or better do no longer depend on it.
Requested-by: phk Approved-by: bms(mentor)
|
#
128209 |
|
13-Apr-2004 |
brooks |
Staticize <if>_clone_{create,destroy} functions.
Reviewed by: mlaier
|
#
127145 |
|
17-Mar-2004 |
mlaier |
Style(9) round for the pf kernel parts. Mostly #if defined() -> #ifdef
Also set HOOK_HACK to true (remove the related #ifdef's) as we have the hooks in the kernel this was missed during the merge from the port.
Noticed by: Amir S. (for the HOOK_HACK part) Approved by: bms(mentor)
|
#
126812 |
|
10-Mar-2004 |
mlaier |
Remove `$Name$' leftovers from the port version reporting.
Noticed by: Craig Rodrigues Approved by: bms(mentor)
|
#
126261 |
|
26-Feb-2004 |
mlaier |
Bring diff from the security/pf port. This has code been tested as a port for a long time and is run in production use. This is the code present in portversion 2.03 with some additional tweaks.
The rather extensive diff accounts for: - locking (to enable pf to work with a giant-free netstack) - byte order difference between OpenBSD and FreeBSD for ip_len/ip_off - conversion from pool(9) to zone(9) - api differences etc.
Approved by: bms(mentor) (in general)
|
#
126259 |
|
26-Feb-2004 |
mlaier |
This commit was generated by cvs2svn to compensate for changes in r126258, which included commits to RCS files with non-trunk default branches.
|
#
126258 |
|
26-Feb-2004 |
mlaier |
Vendor import of OpenBSD's packet filter (pf) as of OpenBSD 3.4
Approved by: bms(mentor), core (in general)
|