#
1.51 |
|
03-Feb-2024 |
mvs |
Rework socket buffers locking for shared netlock.
Shared netlock is not sufficient to call so{r,w}wakeup(). The following sowakeup() modifies `sb_flags' and knote(9) stuff. Unfortunately, we can't call so{r,w}wakeup() with `inp_mtx' mutex(9) because sowakeup() also calls pgsigio() which grabs kernel lock.
However, `so*_filtops' callbacks only perform read-only access to the socket stuff, so it is enough to hold shared netlock only, but the klist stuff needs to be protected.
This diff introduces `sb_mtx' mutex(9) to protect sockbuf. This time `sb_mtx' used to protect only `sb_flags' and `sb_klist'.
Now we have soassertlocked_readonly() and soassertlocked(). The first one is happy if only shared netlock is held, meanwhile the second wants `so_lock' or pru_lock() be held together with shared netlock.
To keep soassertlocked*() assertions soft, we need to know mutex(9) state, so new mtx_owned() macro was introduces. Also, the new optional (*pru_locked)() handler brings the state of pru_lock().
Tests and ok from bluhm.
|
#
1.50 |
|
10-Jan-2024 |
bluhm |
Split UDP PCB table into IPv4 and IPv6.
Having two hash tables instead of a common one, reduces table size and contention on the per table lock. The address family is always known in advance. The lookups and loops are more specific.
OK sashan@
|
Revision tags: OPENBSD_7_3_BASE OPENBSD_7_4_BASE
|
#
1.49 |
|
17-Oct-2022 |
mvs |
Change pru_abort() return type to the type of void and make pru_abort() optional.
We have no interest on pru_abort() return value. We call it only from soabort() which is dummy pru_abort() wrapper and has no return value.
Only the connection oriented sockets need to implement (*pru_abort)() handler. Such sockets are tcp(4) and unix(4) sockets, so remove existing code for all others, it doesn't called.
ok guenther@
|
#
1.48 |
|
03-Oct-2022 |
bluhm |
System calls should not fail due to temporary memory shortage in malloc(9) or pool_get(9). Pass down a wait flag to pru_attach(). During syscall socket(2) it is ok to wait, this logic was missing for internet pcb. Pfkey and route sockets were already waiting. sonewconn() must not wait when called during TCP 3-way handshake. This logic has been preserved. Unix domain stream socket connect(2) can wait until the other side has created the socket to accept. OK mvs@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.47 |
|
05-Sep-2022 |
bluhm |
Use shared netlock in soreceive(). The UDP and IP divert layer provide locking of the PCB. If that is possible, use shared instead of exclusive netlock in soreceive(). The PCB mutex provides a per socket lock against multiple soreceive() running in parallel. Release and regrab both locks in sosleep_nsec(). OK mvs@
|
#
1.46 |
|
03-Sep-2022 |
mvs |
Move PRU_PEERADDR request to (*pru_peeraddr)().
Introduce in{,6}_peeraddr() and use them for inet and inet6 sockets, except tcp(4) case.
Also remove *_usrreq() handlers.
ok bluhm@
|
#
1.45 |
|
02-Sep-2022 |
mvs |
Move PRU_CONTROL request to (*pru_control)().
The 'proc *' arg is not used for PRU_CONTROL request, so remove it from pru_control() wrapper.
Split out {tcp,udp}6_usrreqs from {tcp,udp}_usrreqs and use them for inet6 case.
ok guenther@ bluhm@
|
#
1.44 |
|
28-Aug-2022 |
mvs |
Move PRU_ABORT request to (*pru_abort)().
We abort only the sockets which are linked to `so_q' or `so_q0' queues of listening socket. Such sockets have no corresponding file descriptor and are not accessed from userland, so PRU_ABORT used to destroy them on listening socket destruction.
Currently all our sockets support PRU_ABORT request, but actually it required only for tcp(4) and unix(4) sockets, so i should be optional. However, they will be removed with separate diff, and this time PRU_ABORT requests were converted as is.
Also, the socket should be destroyed on PRU_ABORT request, but route and key management sockets leave it alive. This was also converted as is, because this wrong code never called.
ok bluhm@
|
#
1.43 |
|
27-Aug-2022 |
mvs |
Move PRU_SEND request to (*pru_send)().
The former PRU_SEND error path of gre_usrreq() had `control' mbuf(9) leak. It was fixed in new gre_send().
The former pfkeyv2_send() was renamed to pfkeyv2_dosend().
ok bluhm@
|
#
1.42 |
|
22-Aug-2022 |
mvs |
Move PRU_SHUTDOWN request to (*pru_shutdown)().
ok bluhm@
|
#
1.41 |
|
22-Aug-2022 |
mvs |
Move PRU_DISCONNECT request to (*pru_disconnect).
ok bluhm@
|
#
1.40 |
|
21-Aug-2022 |
mvs |
Move PRU_CONNECT request to (*pru_connect)() handler.
ok bluhm@
|
#
1.39 |
|
20-Aug-2022 |
mvs |
Move PRU_BIND request to (*pru_bind)() handler.
For the protocols which don't support request, leave handler NULL. Do the NULL check within corresponding pru_() wrapper and return EOPNOTSUPP in such case. This will be done for all upcoming user request handlers.
ok bluhm@ guenther@
|
#
1.38 |
|
15-Aug-2022 |
mvs |
Introduce 'pr_usrreqs' structure and move existing user-protocol handlers into it. We want to split existing (*pr_usrreq)() to multiple short handlers for each PRU_ request as it was already done for PRU_ATTACH and PRU_DETACH. This is the preparation step, (*pr_usrreq)() split will be done with the following diffs.
Based on reverted diff from guenther@.
ok bluhm@
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.37 |
|
25-Feb-2022 |
guenther |
Reported-by: syzbot+1b5b209ce506db4d411d@syzkaller.appspotmail.com Revert the pr_usrreqs move: syzkaller found a NULL pointer deref and I won't be available to monitor for followup issues for a bit
|
#
1.36 |
|
25-Feb-2022 |
guenther |
Move pr_attach and pr_detach to a new structure pr_usrreqs that can then be shared among protosw structures, following the same basic direction as NetBSD and FreeBSD for this.
Split PRU_CONTROL out of pr_usrreq into pru_control, giving it the proper prototype to eliminate the previously necessary casts.
ok mvs@ bluhm@
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.35 |
|
22-Aug-2020 |
gnezdo |
Convert udp_sysctl to sysctl_bounded_args
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.34 |
|
02-Nov-2017 |
florian |
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.33 |
|
14-Apr-2017 |
bluhm |
Pass down the address family through the pr_input calls. This allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.32 |
|
13-Mar-2017 |
claudio |
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
|
#
1.31 |
|
29-Jan-2017 |
bluhm |
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
|
#
1.30 |
|
26-Jan-2017 |
bluhm |
Reduce the difference between struct protosw and ip6protosw. The IPv4 pr_ctlinput functions did return a void pointer that was always NULL and never used. Make all functions void like in the IPv6 case. OK mpi@
|
#
1.29 |
|
25-Jan-2017 |
bluhm |
Since raw_input() and route_input() are gone from pr_input, we can make the variable parameters of the protocol input functions fixed. Also add the proto to make it similar to IPv6. OK mpi@ guenther@ millert@
|
#
1.28 |
|
18-Nov-2016 |
dlg |
turn ipstat into a set of percpu counters.
each counter is identified by an enum value which correspond to the original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for now.
ok mpi@ mikeb@ deraadt@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.27 |
|
18-Jun-2016 |
vgross |
Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports cannot be bound to by non-root users.
Ok millert@ bluhm@
|
Revision tags: OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.26 |
|
23-Apr-2014 |
mpi |
Don't use varargs for udp_output() and sync the argument order with udp6_output().
ok henning@, reyk@, jca@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.25 |
|
25-Jan-2014 |
deraadt |
revert counter size changes. this breaks netstat. digging further, there are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
|
#
1.24 |
|
24-Jan-2014 |
henning |
make the udpstat counters u_int32_t, for consistency with tcpstat ok krw phessler
|
#
1.23 |
|
23-Jan-2014 |
henning |
since the cksum rewrite the counters for hardware checksummed packets are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.22 |
|
01-Jun-2013 |
bluhm |
Pass the routing domain to IPv6 pr_ctlinput() like in IPv4. OK claudio@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.21 |
|
21-Oct-2010 |
bluhm |
There is no TCP6 in our kernel, so remove the #ifndef TCP6. No binary change. ok claudio@ henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.20 |
|
13-Nov-2009 |
claudio |
Extend the protosw pr_ctlinput function to include the rdomain. This is needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.19 |
|
24-May-2008 |
thib |
Remove {tcp/udp}6_usrreq(); Since the normal ones now take a proc argument, theres no need for these, since they are just wrappers.
OK claudio@
|
#
1.18 |
|
23-May-2008 |
thib |
Deal with the situation when TCP nfs mounts timeout and processes get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@. "go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.17 |
|
13-Dec-2007 |
reyk |
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later.
discussed with deraadt@ claudio@ gilles@ ok deraadt@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE SMP_SYNC_A SMP_SYNC_B
|
#
1.16 |
|
17-Feb-2004 |
markus |
switch to sysctl_int_arr(); ok henning, deraadt
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.15 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: UBC_SYNC_A
|
#
1.14 |
|
12-May-2003 |
jason |
Nuke a whole bunch of commons; ok tedu (still more to come *sigh*)
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_B
|
#
1.13 |
|
14-Mar-2002 |
millert |
First round of __P removal in sys
|
Revision tags: OPENBSD_3_0_BASE UBC_BASE
|
#
1.12 |
|
23-Jun-2001 |
angelos |
branches: 1.12.4; Keep stats on TCP/UDP hardware checksumming.
|
#
1.11 |
|
09-Jun-2001 |
angelos |
Inclusion protection.
|
Revision tags: OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.10 |
|
18-Jun-2000 |
itojun |
sync with KAME udp6_output(). udp output logic is very different between IPv4/v6 so the separation should make more sense.
TODO: remove IPv6 case from udp_output() TODO: remove/comment out/#if 0 IPv4 mapped address cases
|
Revision tags: OPENBSD_2_7_BASE SMP_BASE kame_19991208
|
#
1.9 |
|
08-Dec-1999 |
itojun |
branches: 1.9.2; bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.8 |
|
27-Mar-1999 |
provos |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
|
#
1.7 |
|
04-Feb-1999 |
deraadt |
report on no udp checksum
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.6 |
|
24-Jan-1998 |
mickey |
sysctl for def sizes for tcp/udp send/recv queues
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.5 |
|
26-Aug-1997 |
deraadt |
indent
|
#
1.4 |
|
09-Aug-1997 |
millert |
The list of tcp/udp ports not to allocate dynamically is now a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc.
|
Revision tags: OPENBSD_2_0_BASE OPENBSD_2_1_BASE
|
#
1.3 |
|
03-Mar-1996 |
niklas |
From NetBSD: 960217 merge
|
#
1.2 |
|
14-Dec-1995 |
deraadt |
from netbsd: make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.50 |
|
10-Jan-2024 |
bluhm |
Split UDP PCB table into IPv4 and IPv6.
Having two hash tables instead of a common one, reduces table size and contention on the per table lock. The address family is always known in advance. The lookups and loops are more specific.
OK sashan@
|
Revision tags: OPENBSD_7_3_BASE OPENBSD_7_4_BASE
|
#
1.49 |
|
17-Oct-2022 |
mvs |
Change pru_abort() return type to the type of void and make pru_abort() optional.
We have no interest on pru_abort() return value. We call it only from soabort() which is dummy pru_abort() wrapper and has no return value.
Only the connection oriented sockets need to implement (*pru_abort)() handler. Such sockets are tcp(4) and unix(4) sockets, so remove existing code for all others, it doesn't called.
ok guenther@
|
#
1.48 |
|
03-Oct-2022 |
bluhm |
System calls should not fail due to temporary memory shortage in malloc(9) or pool_get(9). Pass down a wait flag to pru_attach(). During syscall socket(2) it is ok to wait, this logic was missing for internet pcb. Pfkey and route sockets were already waiting. sonewconn() must not wait when called during TCP 3-way handshake. This logic has been preserved. Unix domain stream socket connect(2) can wait until the other side has created the socket to accept. OK mvs@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.47 |
|
05-Sep-2022 |
bluhm |
Use shared netlock in soreceive(). The UDP and IP divert layer provide locking of the PCB. If that is possible, use shared instead of exclusive netlock in soreceive(). The PCB mutex provides a per socket lock against multiple soreceive() running in parallel. Release and regrab both locks in sosleep_nsec(). OK mvs@
|
#
1.46 |
|
03-Sep-2022 |
mvs |
Move PRU_PEERADDR request to (*pru_peeraddr)().
Introduce in{,6}_peeraddr() and use them for inet and inet6 sockets, except tcp(4) case.
Also remove *_usrreq() handlers.
ok bluhm@
|
#
1.45 |
|
02-Sep-2022 |
mvs |
Move PRU_CONTROL request to (*pru_control)().
The 'proc *' arg is not used for PRU_CONTROL request, so remove it from pru_control() wrapper.
Split out {tcp,udp}6_usrreqs from {tcp,udp}_usrreqs and use them for inet6 case.
ok guenther@ bluhm@
|
#
1.44 |
|
28-Aug-2022 |
mvs |
Move PRU_ABORT request to (*pru_abort)().
We abort only the sockets which are linked to `so_q' or `so_q0' queues of listening socket. Such sockets have no corresponding file descriptor and are not accessed from userland, so PRU_ABORT used to destroy them on listening socket destruction.
Currently all our sockets support PRU_ABORT request, but actually it required only for tcp(4) and unix(4) sockets, so i should be optional. However, they will be removed with separate diff, and this time PRU_ABORT requests were converted as is.
Also, the socket should be destroyed on PRU_ABORT request, but route and key management sockets leave it alive. This was also converted as is, because this wrong code never called.
ok bluhm@
|
#
1.43 |
|
27-Aug-2022 |
mvs |
Move PRU_SEND request to (*pru_send)().
The former PRU_SEND error path of gre_usrreq() had `control' mbuf(9) leak. It was fixed in new gre_send().
The former pfkeyv2_send() was renamed to pfkeyv2_dosend().
ok bluhm@
|
#
1.42 |
|
22-Aug-2022 |
mvs |
Move PRU_SHUTDOWN request to (*pru_shutdown)().
ok bluhm@
|
#
1.41 |
|
22-Aug-2022 |
mvs |
Move PRU_DISCONNECT request to (*pru_disconnect).
ok bluhm@
|
#
1.40 |
|
21-Aug-2022 |
mvs |
Move PRU_CONNECT request to (*pru_connect)() handler.
ok bluhm@
|
#
1.39 |
|
20-Aug-2022 |
mvs |
Move PRU_BIND request to (*pru_bind)() handler.
For the protocols which don't support request, leave handler NULL. Do the NULL check within corresponding pru_() wrapper and return EOPNOTSUPP in such case. This will be done for all upcoming user request handlers.
ok bluhm@ guenther@
|
#
1.38 |
|
15-Aug-2022 |
mvs |
Introduce 'pr_usrreqs' structure and move existing user-protocol handlers into it. We want to split existing (*pr_usrreq)() to multiple short handlers for each PRU_ request as it was already done for PRU_ATTACH and PRU_DETACH. This is the preparation step, (*pr_usrreq)() split will be done with the following diffs.
Based on reverted diff from guenther@.
ok bluhm@
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.37 |
|
25-Feb-2022 |
guenther |
Reported-by: syzbot+1b5b209ce506db4d411d@syzkaller.appspotmail.com Revert the pr_usrreqs move: syzkaller found a NULL pointer deref and I won't be available to monitor for followup issues for a bit
|
#
1.36 |
|
25-Feb-2022 |
guenther |
Move pr_attach and pr_detach to a new structure pr_usrreqs that can then be shared among protosw structures, following the same basic direction as NetBSD and FreeBSD for this.
Split PRU_CONTROL out of pr_usrreq into pru_control, giving it the proper prototype to eliminate the previously necessary casts.
ok mvs@ bluhm@
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.35 |
|
22-Aug-2020 |
gnezdo |
Convert udp_sysctl to sysctl_bounded_args
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.34 |
|
02-Nov-2017 |
florian |
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.33 |
|
14-Apr-2017 |
bluhm |
Pass down the address family through the pr_input calls. This allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.32 |
|
13-Mar-2017 |
claudio |
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
|
#
1.31 |
|
29-Jan-2017 |
bluhm |
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
|
#
1.30 |
|
26-Jan-2017 |
bluhm |
Reduce the difference between struct protosw and ip6protosw. The IPv4 pr_ctlinput functions did return a void pointer that was always NULL and never used. Make all functions void like in the IPv6 case. OK mpi@
|
#
1.29 |
|
25-Jan-2017 |
bluhm |
Since raw_input() and route_input() are gone from pr_input, we can make the variable parameters of the protocol input functions fixed. Also add the proto to make it similar to IPv6. OK mpi@ guenther@ millert@
|
#
1.28 |
|
18-Nov-2016 |
dlg |
turn ipstat into a set of percpu counters.
each counter is identified by an enum value which correspond to the original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for now.
ok mpi@ mikeb@ deraadt@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.27 |
|
18-Jun-2016 |
vgross |
Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports cannot be bound to by non-root users.
Ok millert@ bluhm@
|
Revision tags: OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.26 |
|
23-Apr-2014 |
mpi |
Don't use varargs for udp_output() and sync the argument order with udp6_output().
ok henning@, reyk@, jca@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.25 |
|
25-Jan-2014 |
deraadt |
revert counter size changes. this breaks netstat. digging further, there are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
|
#
1.24 |
|
24-Jan-2014 |
henning |
make the udpstat counters u_int32_t, for consistency with tcpstat ok krw phessler
|
#
1.23 |
|
23-Jan-2014 |
henning |
since the cksum rewrite the counters for hardware checksummed packets are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.22 |
|
01-Jun-2013 |
bluhm |
Pass the routing domain to IPv6 pr_ctlinput() like in IPv4. OK claudio@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.21 |
|
21-Oct-2010 |
bluhm |
There is no TCP6 in our kernel, so remove the #ifndef TCP6. No binary change. ok claudio@ henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.20 |
|
13-Nov-2009 |
claudio |
Extend the protosw pr_ctlinput function to include the rdomain. This is needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.19 |
|
24-May-2008 |
thib |
Remove {tcp/udp}6_usrreq(); Since the normal ones now take a proc argument, theres no need for these, since they are just wrappers.
OK claudio@
|
#
1.18 |
|
23-May-2008 |
thib |
Deal with the situation when TCP nfs mounts timeout and processes get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@. "go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.17 |
|
13-Dec-2007 |
reyk |
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later.
discussed with deraadt@ claudio@ gilles@ ok deraadt@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE SMP_SYNC_A SMP_SYNC_B
|
#
1.16 |
|
17-Feb-2004 |
markus |
switch to sysctl_int_arr(); ok henning, deraadt
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.15 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: UBC_SYNC_A
|
#
1.14 |
|
12-May-2003 |
jason |
Nuke a whole bunch of commons; ok tedu (still more to come *sigh*)
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_B
|
#
1.13 |
|
14-Mar-2002 |
millert |
First round of __P removal in sys
|
Revision tags: OPENBSD_3_0_BASE UBC_BASE
|
#
1.12 |
|
23-Jun-2001 |
angelos |
branches: 1.12.4; Keep stats on TCP/UDP hardware checksumming.
|
#
1.11 |
|
09-Jun-2001 |
angelos |
Inclusion protection.
|
Revision tags: OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.10 |
|
18-Jun-2000 |
itojun |
sync with KAME udp6_output(). udp output logic is very different between IPv4/v6 so the separation should make more sense.
TODO: remove IPv6 case from udp_output() TODO: remove/comment out/#if 0 IPv4 mapped address cases
|
Revision tags: OPENBSD_2_7_BASE SMP_BASE kame_19991208
|
#
1.9 |
|
08-Dec-1999 |
itojun |
branches: 1.9.2; bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.8 |
|
27-Mar-1999 |
provos |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
|
#
1.7 |
|
04-Feb-1999 |
deraadt |
report on no udp checksum
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.6 |
|
24-Jan-1998 |
mickey |
sysctl for def sizes for tcp/udp send/recv queues
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.5 |
|
26-Aug-1997 |
deraadt |
indent
|
#
1.4 |
|
09-Aug-1997 |
millert |
The list of tcp/udp ports not to allocate dynamically is now a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc.
|
Revision tags: OPENBSD_2_0_BASE OPENBSD_2_1_BASE
|
#
1.3 |
|
03-Mar-1996 |
niklas |
From NetBSD: 960217 merge
|
#
1.2 |
|
14-Dec-1995 |
deraadt |
from netbsd: make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.49 |
|
17-Oct-2022 |
mvs |
Change pru_abort() return type to the type of void and make pru_abort() optional.
We have no interest on pru_abort() return value. We call it only from soabort() which is dummy pru_abort() wrapper and has no return value.
Only the connection oriented sockets need to implement (*pru_abort)() handler. Such sockets are tcp(4) and unix(4) sockets, so remove existing code for all others, it doesn't called.
ok guenther@
|
#
1.48 |
|
03-Oct-2022 |
bluhm |
System calls should not fail due to temporary memory shortage in malloc(9) or pool_get(9). Pass down a wait flag to pru_attach(). During syscall socket(2) it is ok to wait, this logic was missing for internet pcb. Pfkey and route sockets were already waiting. sonewconn() must not wait when called during TCP 3-way handshake. This logic has been preserved. Unix domain stream socket connect(2) can wait until the other side has created the socket to accept. OK mvs@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.47 |
|
05-Sep-2022 |
bluhm |
Use shared netlock in soreceive(). The UDP and IP divert layer provide locking of the PCB. If that is possible, use shared instead of exclusive netlock in soreceive(). The PCB mutex provides a per socket lock against multiple soreceive() running in parallel. Release and regrab both locks in sosleep_nsec(). OK mvs@
|
#
1.46 |
|
03-Sep-2022 |
mvs |
Move PRU_PEERADDR request to (*pru_peeraddr)().
Introduce in{,6}_peeraddr() and use them for inet and inet6 sockets, except tcp(4) case.
Also remove *_usrreq() handlers.
ok bluhm@
|
#
1.45 |
|
02-Sep-2022 |
mvs |
Move PRU_CONTROL request to (*pru_control)().
The 'proc *' arg is not used for PRU_CONTROL request, so remove it from pru_control() wrapper.
Split out {tcp,udp}6_usrreqs from {tcp,udp}_usrreqs and use them for inet6 case.
ok guenther@ bluhm@
|
#
1.44 |
|
28-Aug-2022 |
mvs |
Move PRU_ABORT request to (*pru_abort)().
We abort only the sockets which are linked to `so_q' or `so_q0' queues of listening socket. Such sockets have no corresponding file descriptor and are not accessed from userland, so PRU_ABORT used to destroy them on listening socket destruction.
Currently all our sockets support PRU_ABORT request, but actually it required only for tcp(4) and unix(4) sockets, so i should be optional. However, they will be removed with separate diff, and this time PRU_ABORT requests were converted as is.
Also, the socket should be destroyed on PRU_ABORT request, but route and key management sockets leave it alive. This was also converted as is, because this wrong code never called.
ok bluhm@
|
#
1.43 |
|
27-Aug-2022 |
mvs |
Move PRU_SEND request to (*pru_send)().
The former PRU_SEND error path of gre_usrreq() had `control' mbuf(9) leak. It was fixed in new gre_send().
The former pfkeyv2_send() was renamed to pfkeyv2_dosend().
ok bluhm@
|
#
1.42 |
|
22-Aug-2022 |
mvs |
Move PRU_SHUTDOWN request to (*pru_shutdown)().
ok bluhm@
|
#
1.41 |
|
22-Aug-2022 |
mvs |
Move PRU_DISCONNECT request to (*pru_disconnect).
ok bluhm@
|
#
1.40 |
|
21-Aug-2022 |
mvs |
Move PRU_CONNECT request to (*pru_connect)() handler.
ok bluhm@
|
#
1.39 |
|
20-Aug-2022 |
mvs |
Move PRU_BIND request to (*pru_bind)() handler.
For the protocols which don't support request, leave handler NULL. Do the NULL check within corresponding pru_() wrapper and return EOPNOTSUPP in such case. This will be done for all upcoming user request handlers.
ok bluhm@ guenther@
|
#
1.38 |
|
15-Aug-2022 |
mvs |
Introduce 'pr_usrreqs' structure and move existing user-protocol handlers into it. We want to split existing (*pr_usrreq)() to multiple short handlers for each PRU_ request as it was already done for PRU_ATTACH and PRU_DETACH. This is the preparation step, (*pr_usrreq)() split will be done with the following diffs.
Based on reverted diff from guenther@.
ok bluhm@
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.37 |
|
25-Feb-2022 |
guenther |
Reported-by: syzbot+1b5b209ce506db4d411d@syzkaller.appspotmail.com Revert the pr_usrreqs move: syzkaller found a NULL pointer deref and I won't be available to monitor for followup issues for a bit
|
#
1.36 |
|
25-Feb-2022 |
guenther |
Move pr_attach and pr_detach to a new structure pr_usrreqs that can then be shared among protosw structures, following the same basic direction as NetBSD and FreeBSD for this.
Split PRU_CONTROL out of pr_usrreq into pru_control, giving it the proper prototype to eliminate the previously necessary casts.
ok mvs@ bluhm@
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.35 |
|
22-Aug-2020 |
gnezdo |
Convert udp_sysctl to sysctl_bounded_args
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.34 |
|
02-Nov-2017 |
florian |
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.33 |
|
14-Apr-2017 |
bluhm |
Pass down the address family through the pr_input calls. This allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.32 |
|
13-Mar-2017 |
claudio |
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
|
#
1.31 |
|
29-Jan-2017 |
bluhm |
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
|
#
1.30 |
|
26-Jan-2017 |
bluhm |
Reduce the difference between struct protosw and ip6protosw. The IPv4 pr_ctlinput functions did return a void pointer that was always NULL and never used. Make all functions void like in the IPv6 case. OK mpi@
|
#
1.29 |
|
25-Jan-2017 |
bluhm |
Since raw_input() and route_input() are gone from pr_input, we can make the variable parameters of the protocol input functions fixed. Also add the proto to make it similar to IPv6. OK mpi@ guenther@ millert@
|
#
1.28 |
|
18-Nov-2016 |
dlg |
turn ipstat into a set of percpu counters.
each counter is identified by an enum value which correspond to the original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for now.
ok mpi@ mikeb@ deraadt@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.27 |
|
18-Jun-2016 |
vgross |
Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports cannot be bound to by non-root users.
Ok millert@ bluhm@
|
Revision tags: OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.26 |
|
23-Apr-2014 |
mpi |
Don't use varargs for udp_output() and sync the argument order with udp6_output().
ok henning@, reyk@, jca@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.25 |
|
25-Jan-2014 |
deraadt |
revert counter size changes. this breaks netstat. digging further, there are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
|
#
1.24 |
|
24-Jan-2014 |
henning |
make the udpstat counters u_int32_t, for consistency with tcpstat ok krw phessler
|
#
1.23 |
|
23-Jan-2014 |
henning |
since the cksum rewrite the counters for hardware checksummed packets are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.22 |
|
01-Jun-2013 |
bluhm |
Pass the routing domain to IPv6 pr_ctlinput() like in IPv4. OK claudio@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.21 |
|
21-Oct-2010 |
bluhm |
There is no TCP6 in our kernel, so remove the #ifndef TCP6. No binary change. ok claudio@ henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.20 |
|
13-Nov-2009 |
claudio |
Extend the protosw pr_ctlinput function to include the rdomain. This is needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.19 |
|
24-May-2008 |
thib |
Remove {tcp/udp}6_usrreq(); Since the normal ones now take a proc argument, theres no need for these, since they are just wrappers.
OK claudio@
|
#
1.18 |
|
23-May-2008 |
thib |
Deal with the situation when TCP nfs mounts timeout and processes get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@. "go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.17 |
|
13-Dec-2007 |
reyk |
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later.
discussed with deraadt@ claudio@ gilles@ ok deraadt@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE SMP_SYNC_A SMP_SYNC_B
|
#
1.16 |
|
17-Feb-2004 |
markus |
switch to sysctl_int_arr(); ok henning, deraadt
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.15 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: UBC_SYNC_A
|
#
1.14 |
|
12-May-2003 |
jason |
Nuke a whole bunch of commons; ok tedu (still more to come *sigh*)
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_B
|
#
1.13 |
|
14-Mar-2002 |
millert |
First round of __P removal in sys
|
Revision tags: OPENBSD_3_0_BASE UBC_BASE
|
#
1.12 |
|
23-Jun-2001 |
angelos |
branches: 1.12.4; Keep stats on TCP/UDP hardware checksumming.
|
#
1.11 |
|
09-Jun-2001 |
angelos |
Inclusion protection.
|
Revision tags: OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.10 |
|
18-Jun-2000 |
itojun |
sync with KAME udp6_output(). udp output logic is very different between IPv4/v6 so the separation should make more sense.
TODO: remove IPv6 case from udp_output() TODO: remove/comment out/#if 0 IPv4 mapped address cases
|
Revision tags: OPENBSD_2_7_BASE SMP_BASE kame_19991208
|
#
1.9 |
|
08-Dec-1999 |
itojun |
branches: 1.9.2; bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.8 |
|
27-Mar-1999 |
provos |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
|
#
1.7 |
|
04-Feb-1999 |
deraadt |
report on no udp checksum
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.6 |
|
24-Jan-1998 |
mickey |
sysctl for def sizes for tcp/udp send/recv queues
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.5 |
|
26-Aug-1997 |
deraadt |
indent
|
#
1.4 |
|
09-Aug-1997 |
millert |
The list of tcp/udp ports not to allocate dynamically is now a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc.
|
Revision tags: OPENBSD_2_0_BASE OPENBSD_2_1_BASE
|
#
1.3 |
|
03-Mar-1996 |
niklas |
From NetBSD: 960217 merge
|
#
1.2 |
|
14-Dec-1995 |
deraadt |
from netbsd: make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.48 |
|
03-Oct-2022 |
bluhm |
System calls should not fail due to temporary memory shortage in malloc(9) or pool_get(9). Pass down a wait flag to pru_attach(). During syscall socket(2) it is ok to wait, this logic was missing for internet pcb. Pfkey and route sockets were already waiting. sonewconn() must not wait when called during TCP 3-way handshake. This logic has been preserved. Unix domain stream socket connect(2) can wait until the other side has created the socket to accept. OK mvs@
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.47 |
|
05-Sep-2022 |
bluhm |
Use shared netlock in soreceive(). The UDP and IP divert layer provide locking of the PCB. If that is possible, use shared instead of exclusive netlock in soreceive(). The PCB mutex provides a per socket lock against multiple soreceive() running in parallel. Release and regrab both locks in sosleep_nsec(). OK mvs@
|
#
1.46 |
|
03-Sep-2022 |
mvs |
Move PRU_PEERADDR request to (*pru_peeraddr)().
Introduce in{,6}_peeraddr() and use them for inet and inet6 sockets, except tcp(4) case.
Also remove *_usrreq() handlers.
ok bluhm@
|
#
1.45 |
|
02-Sep-2022 |
mvs |
Move PRU_CONTROL request to (*pru_control)().
The 'proc *' arg is not used for PRU_CONTROL request, so remove it from pru_control() wrapper.
Split out {tcp,udp}6_usrreqs from {tcp,udp}_usrreqs and use them for inet6 case.
ok guenther@ bluhm@
|
#
1.44 |
|
28-Aug-2022 |
mvs |
Move PRU_ABORT request to (*pru_abort)().
We abort only the sockets which are linked to `so_q' or `so_q0' queues of listening socket. Such sockets have no corresponding file descriptor and are not accessed from userland, so PRU_ABORT used to destroy them on listening socket destruction.
Currently all our sockets support PRU_ABORT request, but actually it required only for tcp(4) and unix(4) sockets, so i should be optional. However, they will be removed with separate diff, and this time PRU_ABORT requests were converted as is.
Also, the socket should be destroyed on PRU_ABORT request, but route and key management sockets leave it alive. This was also converted as is, because this wrong code never called.
ok bluhm@
|
#
1.43 |
|
27-Aug-2022 |
mvs |
Move PRU_SEND request to (*pru_send)().
The former PRU_SEND error path of gre_usrreq() had `control' mbuf(9) leak. It was fixed in new gre_send().
The former pfkeyv2_send() was renamed to pfkeyv2_dosend().
ok bluhm@
|
#
1.42 |
|
22-Aug-2022 |
mvs |
Move PRU_SHUTDOWN request to (*pru_shutdown)().
ok bluhm@
|
#
1.41 |
|
22-Aug-2022 |
mvs |
Move PRU_DISCONNECT request to (*pru_disconnect).
ok bluhm@
|
#
1.40 |
|
21-Aug-2022 |
mvs |
Move PRU_CONNECT request to (*pru_connect)() handler.
ok bluhm@
|
#
1.39 |
|
20-Aug-2022 |
mvs |
Move PRU_BIND request to (*pru_bind)() handler.
For the protocols which don't support request, leave handler NULL. Do the NULL check within corresponding pru_() wrapper and return EOPNOTSUPP in such case. This will be done for all upcoming user request handlers.
ok bluhm@ guenther@
|
#
1.38 |
|
15-Aug-2022 |
mvs |
Introduce 'pr_usrreqs' structure and move existing user-protocol handlers into it. We want to split existing (*pr_usrreq)() to multiple short handlers for each PRU_ request as it was already done for PRU_ATTACH and PRU_DETACH. This is the preparation step, (*pr_usrreq)() split will be done with the following diffs.
Based on reverted diff from guenther@.
ok bluhm@
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.37 |
|
25-Feb-2022 |
guenther |
Reported-by: syzbot+1b5b209ce506db4d411d@syzkaller.appspotmail.com Revert the pr_usrreqs move: syzkaller found a NULL pointer deref and I won't be available to monitor for followup issues for a bit
|
#
1.36 |
|
25-Feb-2022 |
guenther |
Move pr_attach and pr_detach to a new structure pr_usrreqs that can then be shared among protosw structures, following the same basic direction as NetBSD and FreeBSD for this.
Split PRU_CONTROL out of pr_usrreq into pru_control, giving it the proper prototype to eliminate the previously necessary casts.
ok mvs@ bluhm@
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.35 |
|
22-Aug-2020 |
gnezdo |
Convert udp_sysctl to sysctl_bounded_args
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.34 |
|
02-Nov-2017 |
florian |
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.33 |
|
14-Apr-2017 |
bluhm |
Pass down the address family through the pr_input calls. This allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.32 |
|
13-Mar-2017 |
claudio |
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
|
#
1.31 |
|
29-Jan-2017 |
bluhm |
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
|
#
1.30 |
|
26-Jan-2017 |
bluhm |
Reduce the difference between struct protosw and ip6protosw. The IPv4 pr_ctlinput functions did return a void pointer that was always NULL and never used. Make all functions void like in the IPv6 case. OK mpi@
|
#
1.29 |
|
25-Jan-2017 |
bluhm |
Since raw_input() and route_input() are gone from pr_input, we can make the variable parameters of the protocol input functions fixed. Also add the proto to make it similar to IPv6. OK mpi@ guenther@ millert@
|
#
1.28 |
|
18-Nov-2016 |
dlg |
turn ipstat into a set of percpu counters.
each counter is identified by an enum value which correspond to the original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for now.
ok mpi@ mikeb@ deraadt@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.27 |
|
18-Jun-2016 |
vgross |
Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports cannot be bound to by non-root users.
Ok millert@ bluhm@
|
Revision tags: OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.26 |
|
23-Apr-2014 |
mpi |
Don't use varargs for udp_output() and sync the argument order with udp6_output().
ok henning@, reyk@, jca@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.25 |
|
25-Jan-2014 |
deraadt |
revert counter size changes. this breaks netstat. digging further, there are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
|
#
1.24 |
|
24-Jan-2014 |
henning |
make the udpstat counters u_int32_t, for consistency with tcpstat ok krw phessler
|
#
1.23 |
|
23-Jan-2014 |
henning |
since the cksum rewrite the counters for hardware checksummed packets are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.22 |
|
01-Jun-2013 |
bluhm |
Pass the routing domain to IPv6 pr_ctlinput() like in IPv4. OK claudio@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.21 |
|
21-Oct-2010 |
bluhm |
There is no TCP6 in our kernel, so remove the #ifndef TCP6. No binary change. ok claudio@ henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.20 |
|
13-Nov-2009 |
claudio |
Extend the protosw pr_ctlinput function to include the rdomain. This is needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.19 |
|
24-May-2008 |
thib |
Remove {tcp/udp}6_usrreq(); Since the normal ones now take a proc argument, theres no need for these, since they are just wrappers.
OK claudio@
|
#
1.18 |
|
23-May-2008 |
thib |
Deal with the situation when TCP nfs mounts timeout and processes get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@. "go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.17 |
|
13-Dec-2007 |
reyk |
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later.
discussed with deraadt@ claudio@ gilles@ ok deraadt@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE SMP_SYNC_A SMP_SYNC_B
|
#
1.16 |
|
17-Feb-2004 |
markus |
switch to sysctl_int_arr(); ok henning, deraadt
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.15 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: UBC_SYNC_A
|
#
1.14 |
|
12-May-2003 |
jason |
Nuke a whole bunch of commons; ok tedu (still more to come *sigh*)
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_B
|
#
1.13 |
|
14-Mar-2002 |
millert |
First round of __P removal in sys
|
Revision tags: OPENBSD_3_0_BASE UBC_BASE
|
#
1.12 |
|
23-Jun-2001 |
angelos |
branches: 1.12.4; Keep stats on TCP/UDP hardware checksumming.
|
#
1.11 |
|
09-Jun-2001 |
angelos |
Inclusion protection.
|
Revision tags: OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.10 |
|
18-Jun-2000 |
itojun |
sync with KAME udp6_output(). udp output logic is very different between IPv4/v6 so the separation should make more sense.
TODO: remove IPv6 case from udp_output() TODO: remove/comment out/#if 0 IPv4 mapped address cases
|
Revision tags: OPENBSD_2_7_BASE SMP_BASE kame_19991208
|
#
1.9 |
|
08-Dec-1999 |
itojun |
branches: 1.9.2; bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.8 |
|
27-Mar-1999 |
provos |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
|
#
1.7 |
|
04-Feb-1999 |
deraadt |
report on no udp checksum
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.6 |
|
24-Jan-1998 |
mickey |
sysctl for def sizes for tcp/udp send/recv queues
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.5 |
|
26-Aug-1997 |
deraadt |
indent
|
#
1.4 |
|
09-Aug-1997 |
millert |
The list of tcp/udp ports not to allocate dynamically is now a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc.
|
Revision tags: OPENBSD_2_0_BASE OPENBSD_2_1_BASE
|
#
1.3 |
|
03-Mar-1996 |
niklas |
From NetBSD: 960217 merge
|
#
1.2 |
|
14-Dec-1995 |
deraadt |
from netbsd: make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.47 |
|
05-Sep-2022 |
bluhm |
Use shared netlock in soreceive(). The UDP and IP divert layer provide locking of the PCB. If that is possible, use shared instead of exclusive netlock in soreceive(). The PCB mutex provides a per socket lock against multiple soreceive() running in parallel. Release and regrab both locks in sosleep_nsec(). OK mvs@
|
#
1.46 |
|
03-Sep-2022 |
mvs |
Move PRU_PEERADDR request to (*pru_peeraddr)().
Introduce in{,6}_peeraddr() and use them for inet and inet6 sockets, except tcp(4) case.
Also remove *_usrreq() handlers.
ok bluhm@
|
#
1.45 |
|
02-Sep-2022 |
mvs |
Move PRU_CONTROL request to (*pru_control)().
The 'proc *' arg is not used for PRU_CONTROL request, so remove it from pru_control() wrapper.
Split out {tcp,udp}6_usrreqs from {tcp,udp}_usrreqs and use them for inet6 case.
ok guenther@ bluhm@
|
#
1.44 |
|
28-Aug-2022 |
mvs |
Move PRU_ABORT request to (*pru_abort)().
We abort only the sockets which are linked to `so_q' or `so_q0' queues of listening socket. Such sockets have no corresponding file descriptor and are not accessed from userland, so PRU_ABORT used to destroy them on listening socket destruction.
Currently all our sockets support PRU_ABORT request, but actually it required only for tcp(4) and unix(4) sockets, so i should be optional. However, they will be removed with separate diff, and this time PRU_ABORT requests were converted as is.
Also, the socket should be destroyed on PRU_ABORT request, but route and key management sockets leave it alive. This was also converted as is, because this wrong code never called.
ok bluhm@
|
#
1.43 |
|
27-Aug-2022 |
mvs |
Move PRU_SEND request to (*pru_send)().
The former PRU_SEND error path of gre_usrreq() had `control' mbuf(9) leak. It was fixed in new gre_send().
The former pfkeyv2_send() was renamed to pfkeyv2_dosend().
ok bluhm@
|
#
1.42 |
|
22-Aug-2022 |
mvs |
Move PRU_SHUTDOWN request to (*pru_shutdown)().
ok bluhm@
|
#
1.41 |
|
22-Aug-2022 |
mvs |
Move PRU_DISCONNECT request to (*pru_disconnect).
ok bluhm@
|
#
1.40 |
|
21-Aug-2022 |
mvs |
Move PRU_CONNECT request to (*pru_connect)() handler.
ok bluhm@
|
#
1.39 |
|
20-Aug-2022 |
mvs |
Move PRU_BIND request to (*pru_bind)() handler.
For the protocols which don't support request, leave handler NULL. Do the NULL check within corresponding pru_() wrapper and return EOPNOTSUPP in such case. This will be done for all upcoming user request handlers.
ok bluhm@ guenther@
|
#
1.38 |
|
15-Aug-2022 |
mvs |
Introduce 'pr_usrreqs' structure and move existing user-protocol handlers into it. We want to split existing (*pr_usrreq)() to multiple short handlers for each PRU_ request as it was already done for PRU_ATTACH and PRU_DETACH. This is the preparation step, (*pr_usrreq)() split will be done with the following diffs.
Based on reverted diff from guenther@.
ok bluhm@
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.37 |
|
25-Feb-2022 |
guenther |
Reported-by: syzbot+1b5b209ce506db4d411d@syzkaller.appspotmail.com Revert the pr_usrreqs move: syzkaller found a NULL pointer deref and I won't be available to monitor for followup issues for a bit
|
#
1.36 |
|
25-Feb-2022 |
guenther |
Move pr_attach and pr_detach to a new structure pr_usrreqs that can then be shared among protosw structures, following the same basic direction as NetBSD and FreeBSD for this.
Split PRU_CONTROL out of pr_usrreq into pru_control, giving it the proper prototype to eliminate the previously necessary casts.
ok mvs@ bluhm@
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.35 |
|
22-Aug-2020 |
gnezdo |
Convert udp_sysctl to sysctl_bounded_args
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.34 |
|
02-Nov-2017 |
florian |
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.33 |
|
14-Apr-2017 |
bluhm |
Pass down the address family through the pr_input calls. This allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.32 |
|
13-Mar-2017 |
claudio |
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
|
#
1.31 |
|
29-Jan-2017 |
bluhm |
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
|
#
1.30 |
|
26-Jan-2017 |
bluhm |
Reduce the difference between struct protosw and ip6protosw. The IPv4 pr_ctlinput functions did return a void pointer that was always NULL and never used. Make all functions void like in the IPv6 case. OK mpi@
|
#
1.29 |
|
25-Jan-2017 |
bluhm |
Since raw_input() and route_input() are gone from pr_input, we can make the variable parameters of the protocol input functions fixed. Also add the proto to make it similar to IPv6. OK mpi@ guenther@ millert@
|
#
1.28 |
|
18-Nov-2016 |
dlg |
turn ipstat into a set of percpu counters.
each counter is identified by an enum value which correspond to the original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for now.
ok mpi@ mikeb@ deraadt@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.27 |
|
18-Jun-2016 |
vgross |
Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports cannot be bound to by non-root users.
Ok millert@ bluhm@
|
Revision tags: OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.26 |
|
23-Apr-2014 |
mpi |
Don't use varargs for udp_output() and sync the argument order with udp6_output().
ok henning@, reyk@, jca@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.25 |
|
25-Jan-2014 |
deraadt |
revert counter size changes. this breaks netstat. digging further, there are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
|
#
1.24 |
|
24-Jan-2014 |
henning |
make the udpstat counters u_int32_t, for consistency with tcpstat ok krw phessler
|
#
1.23 |
|
23-Jan-2014 |
henning |
since the cksum rewrite the counters for hardware checksummed packets are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.22 |
|
01-Jun-2013 |
bluhm |
Pass the routing domain to IPv6 pr_ctlinput() like in IPv4. OK claudio@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.21 |
|
21-Oct-2010 |
bluhm |
There is no TCP6 in our kernel, so remove the #ifndef TCP6. No binary change. ok claudio@ henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.20 |
|
13-Nov-2009 |
claudio |
Extend the protosw pr_ctlinput function to include the rdomain. This is needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.19 |
|
24-May-2008 |
thib |
Remove {tcp/udp}6_usrreq(); Since the normal ones now take a proc argument, theres no need for these, since they are just wrappers.
OK claudio@
|
#
1.18 |
|
23-May-2008 |
thib |
Deal with the situation when TCP nfs mounts timeout and processes get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@. "go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.17 |
|
13-Dec-2007 |
reyk |
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later.
discussed with deraadt@ claudio@ gilles@ ok deraadt@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE SMP_SYNC_A SMP_SYNC_B
|
#
1.16 |
|
17-Feb-2004 |
markus |
switch to sysctl_int_arr(); ok henning, deraadt
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.15 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: UBC_SYNC_A
|
#
1.14 |
|
12-May-2003 |
jason |
Nuke a whole bunch of commons; ok tedu (still more to come *sigh*)
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_B
|
#
1.13 |
|
14-Mar-2002 |
millert |
First round of __P removal in sys
|
Revision tags: OPENBSD_3_0_BASE UBC_BASE
|
#
1.12 |
|
23-Jun-2001 |
angelos |
branches: 1.12.4; Keep stats on TCP/UDP hardware checksumming.
|
#
1.11 |
|
09-Jun-2001 |
angelos |
Inclusion protection.
|
Revision tags: OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.10 |
|
18-Jun-2000 |
itojun |
sync with KAME udp6_output(). udp output logic is very different between IPv4/v6 so the separation should make more sense.
TODO: remove IPv6 case from udp_output() TODO: remove/comment out/#if 0 IPv4 mapped address cases
|
Revision tags: OPENBSD_2_7_BASE SMP_BASE kame_19991208
|
#
1.9 |
|
08-Dec-1999 |
itojun |
branches: 1.9.2; bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.8 |
|
27-Mar-1999 |
provos |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
|
#
1.7 |
|
04-Feb-1999 |
deraadt |
report on no udp checksum
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.6 |
|
24-Jan-1998 |
mickey |
sysctl for def sizes for tcp/udp send/recv queues
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.5 |
|
26-Aug-1997 |
deraadt |
indent
|
#
1.4 |
|
09-Aug-1997 |
millert |
The list of tcp/udp ports not to allocate dynamically is now a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc.
|
Revision tags: OPENBSD_2_0_BASE OPENBSD_2_1_BASE
|
#
1.3 |
|
03-Mar-1996 |
niklas |
From NetBSD: 960217 merge
|
#
1.2 |
|
14-Dec-1995 |
deraadt |
from netbsd: make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.46 |
|
03-Sep-2022 |
mvs |
Move PRU_PEERADDR request to (*pru_peeraddr)().
Introduce in{,6}_peeraddr() and use them for inet and inet6 sockets, except tcp(4) case.
Also remove *_usrreq() handlers.
ok bluhm@
|
#
1.45 |
|
02-Sep-2022 |
mvs |
Move PRU_CONTROL request to (*pru_control)().
The 'proc *' arg is not used for PRU_CONTROL request, so remove it from pru_control() wrapper.
Split out {tcp,udp}6_usrreqs from {tcp,udp}_usrreqs and use them for inet6 case.
ok guenther@ bluhm@
|
#
1.44 |
|
28-Aug-2022 |
mvs |
Move PRU_ABORT request to (*pru_abort)().
We abort only the sockets which are linked to `so_q' or `so_q0' queues of listening socket. Such sockets have no corresponding file descriptor and are not accessed from userland, so PRU_ABORT used to destroy them on listening socket destruction.
Currently all our sockets support PRU_ABORT request, but actually it required only for tcp(4) and unix(4) sockets, so i should be optional. However, they will be removed with separate diff, and this time PRU_ABORT requests were converted as is.
Also, the socket should be destroyed on PRU_ABORT request, but route and key management sockets leave it alive. This was also converted as is, because this wrong code never called.
ok bluhm@
|
#
1.43 |
|
27-Aug-2022 |
mvs |
Move PRU_SEND request to (*pru_send)().
The former PRU_SEND error path of gre_usrreq() had `control' mbuf(9) leak. It was fixed in new gre_send().
The former pfkeyv2_send() was renamed to pfkeyv2_dosend().
ok bluhm@
|
#
1.42 |
|
22-Aug-2022 |
mvs |
Move PRU_SHUTDOWN request to (*pru_shutdown)().
ok bluhm@
|
#
1.41 |
|
22-Aug-2022 |
mvs |
Move PRU_DISCONNECT request to (*pru_disconnect).
ok bluhm@
|
#
1.40 |
|
21-Aug-2022 |
mvs |
Move PRU_CONNECT request to (*pru_connect)() handler.
ok bluhm@
|
#
1.39 |
|
20-Aug-2022 |
mvs |
Move PRU_BIND request to (*pru_bind)() handler.
For the protocols which don't support request, leave handler NULL. Do the NULL check within corresponding pru_() wrapper and return EOPNOTSUPP in such case. This will be done for all upcoming user request handlers.
ok bluhm@ guenther@
|
#
1.38 |
|
15-Aug-2022 |
mvs |
Introduce 'pr_usrreqs' structure and move existing user-protocol handlers into it. We want to split existing (*pr_usrreq)() to multiple short handlers for each PRU_ request as it was already done for PRU_ATTACH and PRU_DETACH. This is the preparation step, (*pr_usrreq)() split will be done with the following diffs.
Based on reverted diff from guenther@.
ok bluhm@
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.37 |
|
25-Feb-2022 |
guenther |
Reported-by: syzbot+1b5b209ce506db4d411d@syzkaller.appspotmail.com Revert the pr_usrreqs move: syzkaller found a NULL pointer deref and I won't be available to monitor for followup issues for a bit
|
#
1.36 |
|
25-Feb-2022 |
guenther |
Move pr_attach and pr_detach to a new structure pr_usrreqs that can then be shared among protosw structures, following the same basic direction as NetBSD and FreeBSD for this.
Split PRU_CONTROL out of pr_usrreq into pru_control, giving it the proper prototype to eliminate the previously necessary casts.
ok mvs@ bluhm@
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.35 |
|
22-Aug-2020 |
gnezdo |
Convert udp_sysctl to sysctl_bounded_args
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.34 |
|
02-Nov-2017 |
florian |
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.33 |
|
14-Apr-2017 |
bluhm |
Pass down the address family through the pr_input calls. This allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.32 |
|
13-Mar-2017 |
claudio |
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
|
#
1.31 |
|
29-Jan-2017 |
bluhm |
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
|
#
1.30 |
|
26-Jan-2017 |
bluhm |
Reduce the difference between struct protosw and ip6protosw. The IPv4 pr_ctlinput functions did return a void pointer that was always NULL and never used. Make all functions void like in the IPv6 case. OK mpi@
|
#
1.29 |
|
25-Jan-2017 |
bluhm |
Since raw_input() and route_input() are gone from pr_input, we can make the variable parameters of the protocol input functions fixed. Also add the proto to make it similar to IPv6. OK mpi@ guenther@ millert@
|
#
1.28 |
|
18-Nov-2016 |
dlg |
turn ipstat into a set of percpu counters.
each counter is identified by an enum value which correspond to the original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for now.
ok mpi@ mikeb@ deraadt@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.27 |
|
18-Jun-2016 |
vgross |
Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports cannot be bound to by non-root users.
Ok millert@ bluhm@
|
Revision tags: OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.26 |
|
23-Apr-2014 |
mpi |
Don't use varargs for udp_output() and sync the argument order with udp6_output().
ok henning@, reyk@, jca@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.25 |
|
25-Jan-2014 |
deraadt |
revert counter size changes. this breaks netstat. digging further, there are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
|
#
1.24 |
|
24-Jan-2014 |
henning |
make the udpstat counters u_int32_t, for consistency with tcpstat ok krw phessler
|
#
1.23 |
|
23-Jan-2014 |
henning |
since the cksum rewrite the counters for hardware checksummed packets are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.22 |
|
01-Jun-2013 |
bluhm |
Pass the routing domain to IPv6 pr_ctlinput() like in IPv4. OK claudio@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.21 |
|
21-Oct-2010 |
bluhm |
There is no TCP6 in our kernel, so remove the #ifndef TCP6. No binary change. ok claudio@ henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.20 |
|
13-Nov-2009 |
claudio |
Extend the protosw pr_ctlinput function to include the rdomain. This is needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.19 |
|
24-May-2008 |
thib |
Remove {tcp/udp}6_usrreq(); Since the normal ones now take a proc argument, theres no need for these, since they are just wrappers.
OK claudio@
|
#
1.18 |
|
23-May-2008 |
thib |
Deal with the situation when TCP nfs mounts timeout and processes get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@. "go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.17 |
|
13-Dec-2007 |
reyk |
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later.
discussed with deraadt@ claudio@ gilles@ ok deraadt@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE SMP_SYNC_A SMP_SYNC_B
|
#
1.16 |
|
17-Feb-2004 |
markus |
switch to sysctl_int_arr(); ok henning, deraadt
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.15 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: UBC_SYNC_A
|
#
1.14 |
|
12-May-2003 |
jason |
Nuke a whole bunch of commons; ok tedu (still more to come *sigh*)
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_B
|
#
1.13 |
|
14-Mar-2002 |
millert |
First round of __P removal in sys
|
Revision tags: OPENBSD_3_0_BASE UBC_BASE
|
#
1.12 |
|
23-Jun-2001 |
angelos |
branches: 1.12.4; Keep stats on TCP/UDP hardware checksumming.
|
#
1.11 |
|
09-Jun-2001 |
angelos |
Inclusion protection.
|
Revision tags: OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.10 |
|
18-Jun-2000 |
itojun |
sync with KAME udp6_output(). udp output logic is very different between IPv4/v6 so the separation should make more sense.
TODO: remove IPv6 case from udp_output() TODO: remove/comment out/#if 0 IPv4 mapped address cases
|
Revision tags: OPENBSD_2_7_BASE SMP_BASE kame_19991208
|
#
1.9 |
|
08-Dec-1999 |
itojun |
branches: 1.9.2; bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.8 |
|
27-Mar-1999 |
provos |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
|
#
1.7 |
|
04-Feb-1999 |
deraadt |
report on no udp checksum
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.6 |
|
24-Jan-1998 |
mickey |
sysctl for def sizes for tcp/udp send/recv queues
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.5 |
|
26-Aug-1997 |
deraadt |
indent
|
#
1.4 |
|
09-Aug-1997 |
millert |
The list of tcp/udp ports not to allocate dynamically is now a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc.
|
Revision tags: OPENBSD_2_0_BASE OPENBSD_2_1_BASE
|
#
1.3 |
|
03-Mar-1996 |
niklas |
From NetBSD: 960217 merge
|
#
1.2 |
|
14-Dec-1995 |
deraadt |
from netbsd: make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.45 |
|
02-Sep-2022 |
mvs |
Move PRU_CONTROL request to (*pru_control)().
The 'proc *' arg is not used for PRU_CONTROL request, so remove it from pru_control() wrapper.
Split out {tcp,udp}6_usrreqs from {tcp,udp}_usrreqs and use them for inet6 case.
ok guenther@ bluhm@
|
#
1.44 |
|
28-Aug-2022 |
mvs |
Move PRU_ABORT request to (*pru_abort)().
We abort only the sockets which are linked to `so_q' or `so_q0' queues of listening socket. Such sockets have no corresponding file descriptor and are not accessed from userland, so PRU_ABORT used to destroy them on listening socket destruction.
Currently all our sockets support PRU_ABORT request, but actually it required only for tcp(4) and unix(4) sockets, so i should be optional. However, they will be removed with separate diff, and this time PRU_ABORT requests were converted as is.
Also, the socket should be destroyed on PRU_ABORT request, but route and key management sockets leave it alive. This was also converted as is, because this wrong code never called.
ok bluhm@
|
#
1.43 |
|
27-Aug-2022 |
mvs |
Move PRU_SEND request to (*pru_send)().
The former PRU_SEND error path of gre_usrreq() had `control' mbuf(9) leak. It was fixed in new gre_send().
The former pfkeyv2_send() was renamed to pfkeyv2_dosend().
ok bluhm@
|
#
1.42 |
|
22-Aug-2022 |
mvs |
Move PRU_SHUTDOWN request to (*pru_shutdown)().
ok bluhm@
|
#
1.41 |
|
22-Aug-2022 |
mvs |
Move PRU_DISCONNECT request to (*pru_disconnect).
ok bluhm@
|
#
1.40 |
|
21-Aug-2022 |
mvs |
Move PRU_CONNECT request to (*pru_connect)() handler.
ok bluhm@
|
#
1.39 |
|
20-Aug-2022 |
mvs |
Move PRU_BIND request to (*pru_bind)() handler.
For the protocols which don't support request, leave handler NULL. Do the NULL check within corresponding pru_() wrapper and return EOPNOTSUPP in such case. This will be done for all upcoming user request handlers.
ok bluhm@ guenther@
|
#
1.38 |
|
15-Aug-2022 |
mvs |
Introduce 'pr_usrreqs' structure and move existing user-protocol handlers into it. We want to split existing (*pr_usrreq)() to multiple short handlers for each PRU_ request as it was already done for PRU_ATTACH and PRU_DETACH. This is the preparation step, (*pr_usrreq)() split will be done with the following diffs.
Based on reverted diff from guenther@.
ok bluhm@
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.37 |
|
25-Feb-2022 |
guenther |
Reported-by: syzbot+1b5b209ce506db4d411d@syzkaller.appspotmail.com Revert the pr_usrreqs move: syzkaller found a NULL pointer deref and I won't be available to monitor for followup issues for a bit
|
#
1.36 |
|
25-Feb-2022 |
guenther |
Move pr_attach and pr_detach to a new structure pr_usrreqs that can then be shared among protosw structures, following the same basic direction as NetBSD and FreeBSD for this.
Split PRU_CONTROL out of pr_usrreq into pru_control, giving it the proper prototype to eliminate the previously necessary casts.
ok mvs@ bluhm@
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.35 |
|
22-Aug-2020 |
gnezdo |
Convert udp_sysctl to sysctl_bounded_args
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.34 |
|
02-Nov-2017 |
florian |
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.33 |
|
14-Apr-2017 |
bluhm |
Pass down the address family through the pr_input calls. This allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.32 |
|
13-Mar-2017 |
claudio |
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
|
#
1.31 |
|
29-Jan-2017 |
bluhm |
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
|
#
1.30 |
|
26-Jan-2017 |
bluhm |
Reduce the difference between struct protosw and ip6protosw. The IPv4 pr_ctlinput functions did return a void pointer that was always NULL and never used. Make all functions void like in the IPv6 case. OK mpi@
|
#
1.29 |
|
25-Jan-2017 |
bluhm |
Since raw_input() and route_input() are gone from pr_input, we can make the variable parameters of the protocol input functions fixed. Also add the proto to make it similar to IPv6. OK mpi@ guenther@ millert@
|
#
1.28 |
|
18-Nov-2016 |
dlg |
turn ipstat into a set of percpu counters.
each counter is identified by an enum value which correspond to the original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for now.
ok mpi@ mikeb@ deraadt@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.27 |
|
18-Jun-2016 |
vgross |
Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports cannot be bound to by non-root users.
Ok millert@ bluhm@
|
Revision tags: OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.26 |
|
23-Apr-2014 |
mpi |
Don't use varargs for udp_output() and sync the argument order with udp6_output().
ok henning@, reyk@, jca@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.25 |
|
25-Jan-2014 |
deraadt |
revert counter size changes. this breaks netstat. digging further, there are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
|
#
1.24 |
|
24-Jan-2014 |
henning |
make the udpstat counters u_int32_t, for consistency with tcpstat ok krw phessler
|
#
1.23 |
|
23-Jan-2014 |
henning |
since the cksum rewrite the counters for hardware checksummed packets are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.22 |
|
01-Jun-2013 |
bluhm |
Pass the routing domain to IPv6 pr_ctlinput() like in IPv4. OK claudio@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.21 |
|
21-Oct-2010 |
bluhm |
There is no TCP6 in our kernel, so remove the #ifndef TCP6. No binary change. ok claudio@ henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.20 |
|
13-Nov-2009 |
claudio |
Extend the protosw pr_ctlinput function to include the rdomain. This is needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.19 |
|
24-May-2008 |
thib |
Remove {tcp/udp}6_usrreq(); Since the normal ones now take a proc argument, theres no need for these, since they are just wrappers.
OK claudio@
|
#
1.18 |
|
23-May-2008 |
thib |
Deal with the situation when TCP nfs mounts timeout and processes get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@. "go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.17 |
|
13-Dec-2007 |
reyk |
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later.
discussed with deraadt@ claudio@ gilles@ ok deraadt@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE SMP_SYNC_A SMP_SYNC_B
|
#
1.16 |
|
17-Feb-2004 |
markus |
switch to sysctl_int_arr(); ok henning, deraadt
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.15 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: UBC_SYNC_A
|
#
1.14 |
|
12-May-2003 |
jason |
Nuke a whole bunch of commons; ok tedu (still more to come *sigh*)
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_B
|
#
1.13 |
|
14-Mar-2002 |
millert |
First round of __P removal in sys
|
Revision tags: OPENBSD_3_0_BASE UBC_BASE
|
#
1.12 |
|
23-Jun-2001 |
angelos |
branches: 1.12.4; Keep stats on TCP/UDP hardware checksumming.
|
#
1.11 |
|
09-Jun-2001 |
angelos |
Inclusion protection.
|
Revision tags: OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.10 |
|
18-Jun-2000 |
itojun |
sync with KAME udp6_output(). udp output logic is very different between IPv4/v6 so the separation should make more sense.
TODO: remove IPv6 case from udp_output() TODO: remove/comment out/#if 0 IPv4 mapped address cases
|
Revision tags: OPENBSD_2_7_BASE SMP_BASE kame_19991208
|
#
1.9 |
|
08-Dec-1999 |
itojun |
branches: 1.9.2; bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.8 |
|
27-Mar-1999 |
provos |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
|
#
1.7 |
|
04-Feb-1999 |
deraadt |
report on no udp checksum
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.6 |
|
24-Jan-1998 |
mickey |
sysctl for def sizes for tcp/udp send/recv queues
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.5 |
|
26-Aug-1997 |
deraadt |
indent
|
#
1.4 |
|
09-Aug-1997 |
millert |
The list of tcp/udp ports not to allocate dynamically is now a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc.
|
Revision tags: OPENBSD_2_0_BASE OPENBSD_2_1_BASE
|
#
1.3 |
|
03-Mar-1996 |
niklas |
From NetBSD: 960217 merge
|
#
1.2 |
|
14-Dec-1995 |
deraadt |
from netbsd: make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.44 |
|
28-Aug-2022 |
mvs |
Move PRU_ABORT request to (*pru_abort)().
We abort only the sockets which are linked to `so_q' or `so_q0' queues of listening socket. Such sockets have no corresponding file descriptor and are not accessed from userland, so PRU_ABORT used to destroy them on listening socket destruction.
Currently all our sockets support PRU_ABORT request, but actually it required only for tcp(4) and unix(4) sockets, so i should be optional. However, they will be removed with separate diff, and this time PRU_ABORT requests were converted as is.
Also, the socket should be destroyed on PRU_ABORT request, but route and key management sockets leave it alive. This was also converted as is, because this wrong code never called.
ok bluhm@
|
#
1.43 |
|
27-Aug-2022 |
mvs |
Move PRU_SEND request to (*pru_send)().
The former PRU_SEND error path of gre_usrreq() had `control' mbuf(9) leak. It was fixed in new gre_send().
The former pfkeyv2_send() was renamed to pfkeyv2_dosend().
ok bluhm@
|
#
1.42 |
|
22-Aug-2022 |
mvs |
Move PRU_SHUTDOWN request to (*pru_shutdown)().
ok bluhm@
|
#
1.41 |
|
22-Aug-2022 |
mvs |
Move PRU_DISCONNECT request to (*pru_disconnect).
ok bluhm@
|
#
1.40 |
|
21-Aug-2022 |
mvs |
Move PRU_CONNECT request to (*pru_connect)() handler.
ok bluhm@
|
#
1.39 |
|
20-Aug-2022 |
mvs |
Move PRU_BIND request to (*pru_bind)() handler.
For the protocols which don't support request, leave handler NULL. Do the NULL check within corresponding pru_() wrapper and return EOPNOTSUPP in such case. This will be done for all upcoming user request handlers.
ok bluhm@ guenther@
|
#
1.38 |
|
15-Aug-2022 |
mvs |
Introduce 'pr_usrreqs' structure and move existing user-protocol handlers into it. We want to split existing (*pr_usrreq)() to multiple short handlers for each PRU_ request as it was already done for PRU_ATTACH and PRU_DETACH. This is the preparation step, (*pr_usrreq)() split will be done with the following diffs.
Based on reverted diff from guenther@.
ok bluhm@
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.37 |
|
25-Feb-2022 |
guenther |
Reported-by: syzbot+1b5b209ce506db4d411d@syzkaller.appspotmail.com Revert the pr_usrreqs move: syzkaller found a NULL pointer deref and I won't be available to monitor for followup issues for a bit
|
#
1.36 |
|
25-Feb-2022 |
guenther |
Move pr_attach and pr_detach to a new structure pr_usrreqs that can then be shared among protosw structures, following the same basic direction as NetBSD and FreeBSD for this.
Split PRU_CONTROL out of pr_usrreq into pru_control, giving it the proper prototype to eliminate the previously necessary casts.
ok mvs@ bluhm@
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.35 |
|
22-Aug-2020 |
gnezdo |
Convert udp_sysctl to sysctl_bounded_args
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.34 |
|
02-Nov-2017 |
florian |
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.33 |
|
14-Apr-2017 |
bluhm |
Pass down the address family through the pr_input calls. This allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.32 |
|
13-Mar-2017 |
claudio |
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
|
#
1.31 |
|
29-Jan-2017 |
bluhm |
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
|
#
1.30 |
|
26-Jan-2017 |
bluhm |
Reduce the difference between struct protosw and ip6protosw. The IPv4 pr_ctlinput functions did return a void pointer that was always NULL and never used. Make all functions void like in the IPv6 case. OK mpi@
|
#
1.29 |
|
25-Jan-2017 |
bluhm |
Since raw_input() and route_input() are gone from pr_input, we can make the variable parameters of the protocol input functions fixed. Also add the proto to make it similar to IPv6. OK mpi@ guenther@ millert@
|
#
1.28 |
|
18-Nov-2016 |
dlg |
turn ipstat into a set of percpu counters.
each counter is identified by an enum value which correspond to the original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for now.
ok mpi@ mikeb@ deraadt@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.27 |
|
18-Jun-2016 |
vgross |
Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports cannot be bound to by non-root users.
Ok millert@ bluhm@
|
Revision tags: OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.26 |
|
23-Apr-2014 |
mpi |
Don't use varargs for udp_output() and sync the argument order with udp6_output().
ok henning@, reyk@, jca@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.25 |
|
25-Jan-2014 |
deraadt |
revert counter size changes. this breaks netstat. digging further, there are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
|
#
1.24 |
|
24-Jan-2014 |
henning |
make the udpstat counters u_int32_t, for consistency with tcpstat ok krw phessler
|
#
1.23 |
|
23-Jan-2014 |
henning |
since the cksum rewrite the counters for hardware checksummed packets are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.22 |
|
01-Jun-2013 |
bluhm |
Pass the routing domain to IPv6 pr_ctlinput() like in IPv4. OK claudio@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.21 |
|
21-Oct-2010 |
bluhm |
There is no TCP6 in our kernel, so remove the #ifndef TCP6. No binary change. ok claudio@ henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.20 |
|
13-Nov-2009 |
claudio |
Extend the protosw pr_ctlinput function to include the rdomain. This is needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.19 |
|
24-May-2008 |
thib |
Remove {tcp/udp}6_usrreq(); Since the normal ones now take a proc argument, theres no need for these, since they are just wrappers.
OK claudio@
|
#
1.18 |
|
23-May-2008 |
thib |
Deal with the situation when TCP nfs mounts timeout and processes get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@. "go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.17 |
|
13-Dec-2007 |
reyk |
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later.
discussed with deraadt@ claudio@ gilles@ ok deraadt@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE SMP_SYNC_A SMP_SYNC_B
|
#
1.16 |
|
17-Feb-2004 |
markus |
switch to sysctl_int_arr(); ok henning, deraadt
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.15 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: UBC_SYNC_A
|
#
1.14 |
|
12-May-2003 |
jason |
Nuke a whole bunch of commons; ok tedu (still more to come *sigh*)
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_B
|
#
1.13 |
|
14-Mar-2002 |
millert |
First round of __P removal in sys
|
Revision tags: OPENBSD_3_0_BASE UBC_BASE
|
#
1.12 |
|
23-Jun-2001 |
angelos |
branches: 1.12.4; Keep stats on TCP/UDP hardware checksumming.
|
#
1.11 |
|
09-Jun-2001 |
angelos |
Inclusion protection.
|
Revision tags: OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.10 |
|
18-Jun-2000 |
itojun |
sync with KAME udp6_output(). udp output logic is very different between IPv4/v6 so the separation should make more sense.
TODO: remove IPv6 case from udp_output() TODO: remove/comment out/#if 0 IPv4 mapped address cases
|
Revision tags: OPENBSD_2_7_BASE SMP_BASE kame_19991208
|
#
1.9 |
|
08-Dec-1999 |
itojun |
branches: 1.9.2; bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.8 |
|
27-Mar-1999 |
provos |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
|
#
1.7 |
|
04-Feb-1999 |
deraadt |
report on no udp checksum
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.6 |
|
24-Jan-1998 |
mickey |
sysctl for def sizes for tcp/udp send/recv queues
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.5 |
|
26-Aug-1997 |
deraadt |
indent
|
#
1.4 |
|
09-Aug-1997 |
millert |
The list of tcp/udp ports not to allocate dynamically is now a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc.
|
Revision tags: OPENBSD_2_0_BASE OPENBSD_2_1_BASE
|
#
1.3 |
|
03-Mar-1996 |
niklas |
From NetBSD: 960217 merge
|
#
1.2 |
|
14-Dec-1995 |
deraadt |
from netbsd: make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.43 |
|
27-Aug-2022 |
mvs |
Move PRU_SEND request to (*pru_send)().
The former PRU_SEND error path of gre_usrreq() had `control' mbuf(9) leak. It was fixed in new gre_send().
The former pfkeyv2_send() was renamed to pfkeyv2_dosend().
ok bluhm@
|
#
1.42 |
|
22-Aug-2022 |
mvs |
Move PRU_SHUTDOWN request to (*pru_shutdown)().
ok bluhm@
|
#
1.41 |
|
22-Aug-2022 |
mvs |
Move PRU_DISCONNECT request to (*pru_disconnect).
ok bluhm@
|
#
1.40 |
|
21-Aug-2022 |
mvs |
Move PRU_CONNECT request to (*pru_connect)() handler.
ok bluhm@
|
#
1.39 |
|
20-Aug-2022 |
mvs |
Move PRU_BIND request to (*pru_bind)() handler.
For the protocols which don't support request, leave handler NULL. Do the NULL check within corresponding pru_() wrapper and return EOPNOTSUPP in such case. This will be done for all upcoming user request handlers.
ok bluhm@ guenther@
|
#
1.38 |
|
15-Aug-2022 |
mvs |
Introduce 'pr_usrreqs' structure and move existing user-protocol handlers into it. We want to split existing (*pr_usrreq)() to multiple short handlers for each PRU_ request as it was already done for PRU_ATTACH and PRU_DETACH. This is the preparation step, (*pr_usrreq)() split will be done with the following diffs.
Based on reverted diff from guenther@.
ok bluhm@
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.37 |
|
25-Feb-2022 |
guenther |
Reported-by: syzbot+1b5b209ce506db4d411d@syzkaller.appspotmail.com Revert the pr_usrreqs move: syzkaller found a NULL pointer deref and I won't be available to monitor for followup issues for a bit
|
#
1.36 |
|
25-Feb-2022 |
guenther |
Move pr_attach and pr_detach to a new structure pr_usrreqs that can then be shared among protosw structures, following the same basic direction as NetBSD and FreeBSD for this.
Split PRU_CONTROL out of pr_usrreq into pru_control, giving it the proper prototype to eliminate the previously necessary casts.
ok mvs@ bluhm@
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.35 |
|
22-Aug-2020 |
gnezdo |
Convert udp_sysctl to sysctl_bounded_args
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.34 |
|
02-Nov-2017 |
florian |
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.33 |
|
14-Apr-2017 |
bluhm |
Pass down the address family through the pr_input calls. This allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.32 |
|
13-Mar-2017 |
claudio |
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
|
#
1.31 |
|
29-Jan-2017 |
bluhm |
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
|
#
1.30 |
|
26-Jan-2017 |
bluhm |
Reduce the difference between struct protosw and ip6protosw. The IPv4 pr_ctlinput functions did return a void pointer that was always NULL and never used. Make all functions void like in the IPv6 case. OK mpi@
|
#
1.29 |
|
25-Jan-2017 |
bluhm |
Since raw_input() and route_input() are gone from pr_input, we can make the variable parameters of the protocol input functions fixed. Also add the proto to make it similar to IPv6. OK mpi@ guenther@ millert@
|
#
1.28 |
|
18-Nov-2016 |
dlg |
turn ipstat into a set of percpu counters.
each counter is identified by an enum value which correspond to the original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for now.
ok mpi@ mikeb@ deraadt@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.27 |
|
18-Jun-2016 |
vgross |
Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports cannot be bound to by non-root users.
Ok millert@ bluhm@
|
Revision tags: OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.26 |
|
23-Apr-2014 |
mpi |
Don't use varargs for udp_output() and sync the argument order with udp6_output().
ok henning@, reyk@, jca@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.25 |
|
25-Jan-2014 |
deraadt |
revert counter size changes. this breaks netstat. digging further, there are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
|
#
1.24 |
|
24-Jan-2014 |
henning |
make the udpstat counters u_int32_t, for consistency with tcpstat ok krw phessler
|
#
1.23 |
|
23-Jan-2014 |
henning |
since the cksum rewrite the counters for hardware checksummed packets are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.22 |
|
01-Jun-2013 |
bluhm |
Pass the routing domain to IPv6 pr_ctlinput() like in IPv4. OK claudio@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.21 |
|
21-Oct-2010 |
bluhm |
There is no TCP6 in our kernel, so remove the #ifndef TCP6. No binary change. ok claudio@ henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.20 |
|
13-Nov-2009 |
claudio |
Extend the protosw pr_ctlinput function to include the rdomain. This is needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.19 |
|
24-May-2008 |
thib |
Remove {tcp/udp}6_usrreq(); Since the normal ones now take a proc argument, theres no need for these, since they are just wrappers.
OK claudio@
|
#
1.18 |
|
23-May-2008 |
thib |
Deal with the situation when TCP nfs mounts timeout and processes get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@. "go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.17 |
|
13-Dec-2007 |
reyk |
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later.
discussed with deraadt@ claudio@ gilles@ ok deraadt@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE SMP_SYNC_A SMP_SYNC_B
|
#
1.16 |
|
17-Feb-2004 |
markus |
switch to sysctl_int_arr(); ok henning, deraadt
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.15 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: UBC_SYNC_A
|
#
1.14 |
|
12-May-2003 |
jason |
Nuke a whole bunch of commons; ok tedu (still more to come *sigh*)
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_B
|
#
1.13 |
|
14-Mar-2002 |
millert |
First round of __P removal in sys
|
Revision tags: OPENBSD_3_0_BASE UBC_BASE
|
#
1.12 |
|
23-Jun-2001 |
angelos |
branches: 1.12.4; Keep stats on TCP/UDP hardware checksumming.
|
#
1.11 |
|
09-Jun-2001 |
angelos |
Inclusion protection.
|
Revision tags: OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.10 |
|
18-Jun-2000 |
itojun |
sync with KAME udp6_output(). udp output logic is very different between IPv4/v6 so the separation should make more sense.
TODO: remove IPv6 case from udp_output() TODO: remove/comment out/#if 0 IPv4 mapped address cases
|
Revision tags: OPENBSD_2_7_BASE SMP_BASE kame_19991208
|
#
1.9 |
|
08-Dec-1999 |
itojun |
branches: 1.9.2; bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.8 |
|
27-Mar-1999 |
provos |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
|
#
1.7 |
|
04-Feb-1999 |
deraadt |
report on no udp checksum
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.6 |
|
24-Jan-1998 |
mickey |
sysctl for def sizes for tcp/udp send/recv queues
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.5 |
|
26-Aug-1997 |
deraadt |
indent
|
#
1.4 |
|
09-Aug-1997 |
millert |
The list of tcp/udp ports not to allocate dynamically is now a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc.
|
Revision tags: OPENBSD_2_0_BASE OPENBSD_2_1_BASE
|
#
1.3 |
|
03-Mar-1996 |
niklas |
From NetBSD: 960217 merge
|
#
1.2 |
|
14-Dec-1995 |
deraadt |
from netbsd: make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.42 |
|
22-Aug-2022 |
mvs |
Move PRU_SHUTDOWN request to (*pru_shutdown)().
ok bluhm@
|
#
1.41 |
|
22-Aug-2022 |
mvs |
Move PRU_DISCONNECT request to (*pru_disconnect).
ok bluhm@
|
#
1.40 |
|
21-Aug-2022 |
mvs |
Move PRU_CONNECT request to (*pru_connect)() handler.
ok bluhm@
|
#
1.39 |
|
20-Aug-2022 |
mvs |
Move PRU_BIND request to (*pru_bind)() handler.
For the protocols which don't support request, leave handler NULL. Do the NULL check within corresponding pru_() wrapper and return EOPNOTSUPP in such case. This will be done for all upcoming user request handlers.
ok bluhm@ guenther@
|
#
1.38 |
|
15-Aug-2022 |
mvs |
Introduce 'pr_usrreqs' structure and move existing user-protocol handlers into it. We want to split existing (*pr_usrreq)() to multiple short handlers for each PRU_ request as it was already done for PRU_ATTACH and PRU_DETACH. This is the preparation step, (*pr_usrreq)() split will be done with the following diffs.
Based on reverted diff from guenther@.
ok bluhm@
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.37 |
|
25-Feb-2022 |
guenther |
Reported-by: syzbot+1b5b209ce506db4d411d@syzkaller.appspotmail.com Revert the pr_usrreqs move: syzkaller found a NULL pointer deref and I won't be available to monitor for followup issues for a bit
|
#
1.36 |
|
25-Feb-2022 |
guenther |
Move pr_attach and pr_detach to a new structure pr_usrreqs that can then be shared among protosw structures, following the same basic direction as NetBSD and FreeBSD for this.
Split PRU_CONTROL out of pr_usrreq into pru_control, giving it the proper prototype to eliminate the previously necessary casts.
ok mvs@ bluhm@
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.35 |
|
22-Aug-2020 |
gnezdo |
Convert udp_sysctl to sysctl_bounded_args
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.34 |
|
02-Nov-2017 |
florian |
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.33 |
|
14-Apr-2017 |
bluhm |
Pass down the address family through the pr_input calls. This allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.32 |
|
13-Mar-2017 |
claudio |
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
|
#
1.31 |
|
29-Jan-2017 |
bluhm |
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
|
#
1.30 |
|
26-Jan-2017 |
bluhm |
Reduce the difference between struct protosw and ip6protosw. The IPv4 pr_ctlinput functions did return a void pointer that was always NULL and never used. Make all functions void like in the IPv6 case. OK mpi@
|
#
1.29 |
|
25-Jan-2017 |
bluhm |
Since raw_input() and route_input() are gone from pr_input, we can make the variable parameters of the protocol input functions fixed. Also add the proto to make it similar to IPv6. OK mpi@ guenther@ millert@
|
#
1.28 |
|
18-Nov-2016 |
dlg |
turn ipstat into a set of percpu counters.
each counter is identified by an enum value which correspond to the original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for now.
ok mpi@ mikeb@ deraadt@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.27 |
|
18-Jun-2016 |
vgross |
Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports cannot be bound to by non-root users.
Ok millert@ bluhm@
|
Revision tags: OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.26 |
|
23-Apr-2014 |
mpi |
Don't use varargs for udp_output() and sync the argument order with udp6_output().
ok henning@, reyk@, jca@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.25 |
|
25-Jan-2014 |
deraadt |
revert counter size changes. this breaks netstat. digging further, there are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
|
#
1.24 |
|
24-Jan-2014 |
henning |
make the udpstat counters u_int32_t, for consistency with tcpstat ok krw phessler
|
#
1.23 |
|
23-Jan-2014 |
henning |
since the cksum rewrite the counters for hardware checksummed packets are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.22 |
|
01-Jun-2013 |
bluhm |
Pass the routing domain to IPv6 pr_ctlinput() like in IPv4. OK claudio@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.21 |
|
21-Oct-2010 |
bluhm |
There is no TCP6 in our kernel, so remove the #ifndef TCP6. No binary change. ok claudio@ henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.20 |
|
13-Nov-2009 |
claudio |
Extend the protosw pr_ctlinput function to include the rdomain. This is needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.19 |
|
24-May-2008 |
thib |
Remove {tcp/udp}6_usrreq(); Since the normal ones now take a proc argument, theres no need for these, since they are just wrappers.
OK claudio@
|
#
1.18 |
|
23-May-2008 |
thib |
Deal with the situation when TCP nfs mounts timeout and processes get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@. "go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.17 |
|
13-Dec-2007 |
reyk |
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later.
discussed with deraadt@ claudio@ gilles@ ok deraadt@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE SMP_SYNC_A SMP_SYNC_B
|
#
1.16 |
|
17-Feb-2004 |
markus |
switch to sysctl_int_arr(); ok henning, deraadt
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.15 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: UBC_SYNC_A
|
#
1.14 |
|
12-May-2003 |
jason |
Nuke a whole bunch of commons; ok tedu (still more to come *sigh*)
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_B
|
#
1.13 |
|
14-Mar-2002 |
millert |
First round of __P removal in sys
|
Revision tags: OPENBSD_3_0_BASE UBC_BASE
|
#
1.12 |
|
23-Jun-2001 |
angelos |
branches: 1.12.4; Keep stats on TCP/UDP hardware checksumming.
|
#
1.11 |
|
09-Jun-2001 |
angelos |
Inclusion protection.
|
Revision tags: OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.10 |
|
18-Jun-2000 |
itojun |
sync with KAME udp6_output(). udp output logic is very different between IPv4/v6 so the separation should make more sense.
TODO: remove IPv6 case from udp_output() TODO: remove/comment out/#if 0 IPv4 mapped address cases
|
Revision tags: OPENBSD_2_7_BASE SMP_BASE kame_19991208
|
#
1.9 |
|
08-Dec-1999 |
itojun |
branches: 1.9.2; bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.8 |
|
27-Mar-1999 |
provos |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
|
#
1.7 |
|
04-Feb-1999 |
deraadt |
report on no udp checksum
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.6 |
|
24-Jan-1998 |
mickey |
sysctl for def sizes for tcp/udp send/recv queues
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.5 |
|
26-Aug-1997 |
deraadt |
indent
|
#
1.4 |
|
09-Aug-1997 |
millert |
The list of tcp/udp ports not to allocate dynamically is now a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc.
|
Revision tags: OPENBSD_2_0_BASE OPENBSD_2_1_BASE
|
#
1.3 |
|
03-Mar-1996 |
niklas |
From NetBSD: 960217 merge
|
#
1.2 |
|
14-Dec-1995 |
deraadt |
from netbsd: make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.41 |
|
22-Aug-2022 |
mvs |
Move PRU_DISCONNECT request to (*pru_disconnect).
ok bluhm@
|
#
1.40 |
|
21-Aug-2022 |
mvs |
Move PRU_CONNECT request to (*pru_connect)() handler.
ok bluhm@
|
#
1.39 |
|
20-Aug-2022 |
mvs |
Move PRU_BIND request to (*pru_bind)() handler.
For the protocols which don't support request, leave handler NULL. Do the NULL check within corresponding pru_() wrapper and return EOPNOTSUPP in such case. This will be done for all upcoming user request handlers.
ok bluhm@ guenther@
|
#
1.38 |
|
15-Aug-2022 |
mvs |
Introduce 'pr_usrreqs' structure and move existing user-protocol handlers into it. We want to split existing (*pr_usrreq)() to multiple short handlers for each PRU_ request as it was already done for PRU_ATTACH and PRU_DETACH. This is the preparation step, (*pr_usrreq)() split will be done with the following diffs.
Based on reverted diff from guenther@.
ok bluhm@
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.37 |
|
25-Feb-2022 |
guenther |
Reported-by: syzbot+1b5b209ce506db4d411d@syzkaller.appspotmail.com Revert the pr_usrreqs move: syzkaller found a NULL pointer deref and I won't be available to monitor for followup issues for a bit
|
#
1.36 |
|
25-Feb-2022 |
guenther |
Move pr_attach and pr_detach to a new structure pr_usrreqs that can then be shared among protosw structures, following the same basic direction as NetBSD and FreeBSD for this.
Split PRU_CONTROL out of pr_usrreq into pru_control, giving it the proper prototype to eliminate the previously necessary casts.
ok mvs@ bluhm@
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.35 |
|
22-Aug-2020 |
gnezdo |
Convert udp_sysctl to sysctl_bounded_args
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.34 |
|
02-Nov-2017 |
florian |
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.33 |
|
14-Apr-2017 |
bluhm |
Pass down the address family through the pr_input calls. This allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.32 |
|
13-Mar-2017 |
claudio |
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
|
#
1.31 |
|
29-Jan-2017 |
bluhm |
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
|
#
1.30 |
|
26-Jan-2017 |
bluhm |
Reduce the difference between struct protosw and ip6protosw. The IPv4 pr_ctlinput functions did return a void pointer that was always NULL and never used. Make all functions void like in the IPv6 case. OK mpi@
|
#
1.29 |
|
25-Jan-2017 |
bluhm |
Since raw_input() and route_input() are gone from pr_input, we can make the variable parameters of the protocol input functions fixed. Also add the proto to make it similar to IPv6. OK mpi@ guenther@ millert@
|
#
1.28 |
|
18-Nov-2016 |
dlg |
turn ipstat into a set of percpu counters.
each counter is identified by an enum value which correspond to the original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for now.
ok mpi@ mikeb@ deraadt@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.27 |
|
18-Jun-2016 |
vgross |
Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports cannot be bound to by non-root users.
Ok millert@ bluhm@
|
Revision tags: OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.26 |
|
23-Apr-2014 |
mpi |
Don't use varargs for udp_output() and sync the argument order with udp6_output().
ok henning@, reyk@, jca@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.25 |
|
25-Jan-2014 |
deraadt |
revert counter size changes. this breaks netstat. digging further, there are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
|
#
1.24 |
|
24-Jan-2014 |
henning |
make the udpstat counters u_int32_t, for consistency with tcpstat ok krw phessler
|
#
1.23 |
|
23-Jan-2014 |
henning |
since the cksum rewrite the counters for hardware checksummed packets are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.22 |
|
01-Jun-2013 |
bluhm |
Pass the routing domain to IPv6 pr_ctlinput() like in IPv4. OK claudio@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.21 |
|
21-Oct-2010 |
bluhm |
There is no TCP6 in our kernel, so remove the #ifndef TCP6. No binary change. ok claudio@ henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.20 |
|
13-Nov-2009 |
claudio |
Extend the protosw pr_ctlinput function to include the rdomain. This is needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.19 |
|
24-May-2008 |
thib |
Remove {tcp/udp}6_usrreq(); Since the normal ones now take a proc argument, theres no need for these, since they are just wrappers.
OK claudio@
|
#
1.18 |
|
23-May-2008 |
thib |
Deal with the situation when TCP nfs mounts timeout and processes get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@. "go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.17 |
|
13-Dec-2007 |
reyk |
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later.
discussed with deraadt@ claudio@ gilles@ ok deraadt@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE SMP_SYNC_A SMP_SYNC_B
|
#
1.16 |
|
17-Feb-2004 |
markus |
switch to sysctl_int_arr(); ok henning, deraadt
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.15 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: UBC_SYNC_A
|
#
1.14 |
|
12-May-2003 |
jason |
Nuke a whole bunch of commons; ok tedu (still more to come *sigh*)
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_B
|
#
1.13 |
|
14-Mar-2002 |
millert |
First round of __P removal in sys
|
Revision tags: OPENBSD_3_0_BASE UBC_BASE
|
#
1.12 |
|
23-Jun-2001 |
angelos |
branches: 1.12.4; Keep stats on TCP/UDP hardware checksumming.
|
#
1.11 |
|
09-Jun-2001 |
angelos |
Inclusion protection.
|
Revision tags: OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.10 |
|
18-Jun-2000 |
itojun |
sync with KAME udp6_output(). udp output logic is very different between IPv4/v6 so the separation should make more sense.
TODO: remove IPv6 case from udp_output() TODO: remove/comment out/#if 0 IPv4 mapped address cases
|
Revision tags: OPENBSD_2_7_BASE SMP_BASE kame_19991208
|
#
1.9 |
|
08-Dec-1999 |
itojun |
branches: 1.9.2; bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.8 |
|
27-Mar-1999 |
provos |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
|
#
1.7 |
|
04-Feb-1999 |
deraadt |
report on no udp checksum
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.6 |
|
24-Jan-1998 |
mickey |
sysctl for def sizes for tcp/udp send/recv queues
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.5 |
|
26-Aug-1997 |
deraadt |
indent
|
#
1.4 |
|
09-Aug-1997 |
millert |
The list of tcp/udp ports not to allocate dynamically is now a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc.
|
Revision tags: OPENBSD_2_0_BASE OPENBSD_2_1_BASE
|
#
1.3 |
|
03-Mar-1996 |
niklas |
From NetBSD: 960217 merge
|
#
1.2 |
|
14-Dec-1995 |
deraadt |
from netbsd: make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.39 |
|
20-Aug-2022 |
mvs |
Move PRU_BIND request to (*pru_bind)() handler.
For the protocols which don't support request, leave handler NULL. Do the NULL check within corresponding pru_() wrapper and return EOPNOTSUPP in such case. This will be done for all upcoming user request handlers.
ok bluhm@ guenther@
|
#
1.38 |
|
15-Aug-2022 |
mvs |
Introduce 'pr_usrreqs' structure and move existing user-protocol handlers into it. We want to split existing (*pr_usrreq)() to multiple short handlers for each PRU_ request as it was already done for PRU_ATTACH and PRU_DETACH. This is the preparation step, (*pr_usrreq)() split will be done with the following diffs.
Based on reverted diff from guenther@.
ok bluhm@
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.37 |
|
25-Feb-2022 |
guenther |
Reported-by: syzbot+1b5b209ce506db4d411d@syzkaller.appspotmail.com Revert the pr_usrreqs move: syzkaller found a NULL pointer deref and I won't be available to monitor for followup issues for a bit
|
#
1.36 |
|
25-Feb-2022 |
guenther |
Move pr_attach and pr_detach to a new structure pr_usrreqs that can then be shared among protosw structures, following the same basic direction as NetBSD and FreeBSD for this.
Split PRU_CONTROL out of pr_usrreq into pru_control, giving it the proper prototype to eliminate the previously necessary casts.
ok mvs@ bluhm@
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.35 |
|
22-Aug-2020 |
gnezdo |
Convert udp_sysctl to sysctl_bounded_args
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.34 |
|
02-Nov-2017 |
florian |
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.33 |
|
14-Apr-2017 |
bluhm |
Pass down the address family through the pr_input calls. This allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.32 |
|
13-Mar-2017 |
claudio |
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
|
#
1.31 |
|
29-Jan-2017 |
bluhm |
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
|
#
1.30 |
|
26-Jan-2017 |
bluhm |
Reduce the difference between struct protosw and ip6protosw. The IPv4 pr_ctlinput functions did return a void pointer that was always NULL and never used. Make all functions void like in the IPv6 case. OK mpi@
|
#
1.29 |
|
25-Jan-2017 |
bluhm |
Since raw_input() and route_input() are gone from pr_input, we can make the variable parameters of the protocol input functions fixed. Also add the proto to make it similar to IPv6. OK mpi@ guenther@ millert@
|
#
1.28 |
|
18-Nov-2016 |
dlg |
turn ipstat into a set of percpu counters.
each counter is identified by an enum value which correspond to the original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for now.
ok mpi@ mikeb@ deraadt@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.27 |
|
18-Jun-2016 |
vgross |
Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports cannot be bound to by non-root users.
Ok millert@ bluhm@
|
Revision tags: OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.26 |
|
23-Apr-2014 |
mpi |
Don't use varargs for udp_output() and sync the argument order with udp6_output().
ok henning@, reyk@, jca@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.25 |
|
25-Jan-2014 |
deraadt |
revert counter size changes. this breaks netstat. digging further, there are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
|
#
1.24 |
|
24-Jan-2014 |
henning |
make the udpstat counters u_int32_t, for consistency with tcpstat ok krw phessler
|
#
1.23 |
|
23-Jan-2014 |
henning |
since the cksum rewrite the counters for hardware checksummed packets are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.22 |
|
01-Jun-2013 |
bluhm |
Pass the routing domain to IPv6 pr_ctlinput() like in IPv4. OK claudio@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.21 |
|
21-Oct-2010 |
bluhm |
There is no TCP6 in our kernel, so remove the #ifndef TCP6. No binary change. ok claudio@ henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.20 |
|
13-Nov-2009 |
claudio |
Extend the protosw pr_ctlinput function to include the rdomain. This is needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.19 |
|
24-May-2008 |
thib |
Remove {tcp/udp}6_usrreq(); Since the normal ones now take a proc argument, theres no need for these, since they are just wrappers.
OK claudio@
|
#
1.18 |
|
23-May-2008 |
thib |
Deal with the situation when TCP nfs mounts timeout and processes get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@. "go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.17 |
|
13-Dec-2007 |
reyk |
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later.
discussed with deraadt@ claudio@ gilles@ ok deraadt@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE SMP_SYNC_A SMP_SYNC_B
|
#
1.16 |
|
17-Feb-2004 |
markus |
switch to sysctl_int_arr(); ok henning, deraadt
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.15 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: UBC_SYNC_A
|
#
1.14 |
|
12-May-2003 |
jason |
Nuke a whole bunch of commons; ok tedu (still more to come *sigh*)
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_B
|
#
1.13 |
|
14-Mar-2002 |
millert |
First round of __P removal in sys
|
Revision tags: OPENBSD_3_0_BASE UBC_BASE
|
#
1.12 |
|
23-Jun-2001 |
angelos |
branches: 1.12.4; Keep stats on TCP/UDP hardware checksumming.
|
#
1.11 |
|
09-Jun-2001 |
angelos |
Inclusion protection.
|
Revision tags: OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.10 |
|
18-Jun-2000 |
itojun |
sync with KAME udp6_output(). udp output logic is very different between IPv4/v6 so the separation should make more sense.
TODO: remove IPv6 case from udp_output() TODO: remove/comment out/#if 0 IPv4 mapped address cases
|
Revision tags: OPENBSD_2_7_BASE SMP_BASE kame_19991208
|
#
1.9 |
|
08-Dec-1999 |
itojun |
branches: 1.9.2; bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.8 |
|
27-Mar-1999 |
provos |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
|
#
1.7 |
|
04-Feb-1999 |
deraadt |
report on no udp checksum
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.6 |
|
24-Jan-1998 |
mickey |
sysctl for def sizes for tcp/udp send/recv queues
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.5 |
|
26-Aug-1997 |
deraadt |
indent
|
#
1.4 |
|
09-Aug-1997 |
millert |
The list of tcp/udp ports not to allocate dynamically is now a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc.
|
Revision tags: OPENBSD_2_0_BASE OPENBSD_2_1_BASE
|
#
1.3 |
|
03-Mar-1996 |
niklas |
From NetBSD: 960217 merge
|
#
1.2 |
|
14-Dec-1995 |
deraadt |
from netbsd: make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.38 |
|
15-Aug-2022 |
mvs |
Introduce 'pr_usrreqs' structure and move existing user-protocol handlers into it. We want to split existing (*pr_usrreq)() to multiple short handlers for each PRU_ request as it was already done for PRU_ATTACH and PRU_DETACH. This is the preparation step, (*pr_usrreq)() split will be done with the following diffs.
Based on reverted diff from guenther@.
ok bluhm@
|
Revision tags: OPENBSD_7_1_BASE
|
#
1.37 |
|
25-Feb-2022 |
guenther |
Reported-by: syzbot+1b5b209ce506db4d411d@syzkaller.appspotmail.com Revert the pr_usrreqs move: syzkaller found a NULL pointer deref and I won't be available to monitor for followup issues for a bit
|
#
1.36 |
|
25-Feb-2022 |
guenther |
Move pr_attach and pr_detach to a new structure pr_usrreqs that can then be shared among protosw structures, following the same basic direction as NetBSD and FreeBSD for this.
Split PRU_CONTROL out of pr_usrreq into pru_control, giving it the proper prototype to eliminate the previously necessary casts.
ok mvs@ bluhm@
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.35 |
|
22-Aug-2020 |
gnezdo |
Convert udp_sysctl to sysctl_bounded_args
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.34 |
|
02-Nov-2017 |
florian |
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.33 |
|
14-Apr-2017 |
bluhm |
Pass down the address family through the pr_input calls. This allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.32 |
|
13-Mar-2017 |
claudio |
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
|
#
1.31 |
|
29-Jan-2017 |
bluhm |
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
|
#
1.30 |
|
26-Jan-2017 |
bluhm |
Reduce the difference between struct protosw and ip6protosw. The IPv4 pr_ctlinput functions did return a void pointer that was always NULL and never used. Make all functions void like in the IPv6 case. OK mpi@
|
#
1.29 |
|
25-Jan-2017 |
bluhm |
Since raw_input() and route_input() are gone from pr_input, we can make the variable parameters of the protocol input functions fixed. Also add the proto to make it similar to IPv6. OK mpi@ guenther@ millert@
|
#
1.28 |
|
18-Nov-2016 |
dlg |
turn ipstat into a set of percpu counters.
each counter is identified by an enum value which correspond to the original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for now.
ok mpi@ mikeb@ deraadt@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.27 |
|
18-Jun-2016 |
vgross |
Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports cannot be bound to by non-root users.
Ok millert@ bluhm@
|
Revision tags: OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.26 |
|
23-Apr-2014 |
mpi |
Don't use varargs for udp_output() and sync the argument order with udp6_output().
ok henning@, reyk@, jca@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.25 |
|
25-Jan-2014 |
deraadt |
revert counter size changes. this breaks netstat. digging further, there are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
|
#
1.24 |
|
24-Jan-2014 |
henning |
make the udpstat counters u_int32_t, for consistency with tcpstat ok krw phessler
|
#
1.23 |
|
23-Jan-2014 |
henning |
since the cksum rewrite the counters for hardware checksummed packets are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.22 |
|
01-Jun-2013 |
bluhm |
Pass the routing domain to IPv6 pr_ctlinput() like in IPv4. OK claudio@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.21 |
|
21-Oct-2010 |
bluhm |
There is no TCP6 in our kernel, so remove the #ifndef TCP6. No binary change. ok claudio@ henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.20 |
|
13-Nov-2009 |
claudio |
Extend the protosw pr_ctlinput function to include the rdomain. This is needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.19 |
|
24-May-2008 |
thib |
Remove {tcp/udp}6_usrreq(); Since the normal ones now take a proc argument, theres no need for these, since they are just wrappers.
OK claudio@
|
#
1.18 |
|
23-May-2008 |
thib |
Deal with the situation when TCP nfs mounts timeout and processes get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@. "go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.17 |
|
13-Dec-2007 |
reyk |
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later.
discussed with deraadt@ claudio@ gilles@ ok deraadt@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE SMP_SYNC_A SMP_SYNC_B
|
#
1.16 |
|
17-Feb-2004 |
markus |
switch to sysctl_int_arr(); ok henning, deraadt
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.15 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: UBC_SYNC_A
|
#
1.14 |
|
12-May-2003 |
jason |
Nuke a whole bunch of commons; ok tedu (still more to come *sigh*)
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_B
|
#
1.13 |
|
14-Mar-2002 |
millert |
First round of __P removal in sys
|
Revision tags: OPENBSD_3_0_BASE UBC_BASE
|
#
1.12 |
|
23-Jun-2001 |
angelos |
branches: 1.12.4; Keep stats on TCP/UDP hardware checksumming.
|
#
1.11 |
|
09-Jun-2001 |
angelos |
Inclusion protection.
|
Revision tags: OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.10 |
|
18-Jun-2000 |
itojun |
sync with KAME udp6_output(). udp output logic is very different between IPv4/v6 so the separation should make more sense.
TODO: remove IPv6 case from udp_output() TODO: remove/comment out/#if 0 IPv4 mapped address cases
|
Revision tags: OPENBSD_2_7_BASE SMP_BASE kame_19991208
|
#
1.9 |
|
08-Dec-1999 |
itojun |
branches: 1.9.2; bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.8 |
|
27-Mar-1999 |
provos |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
|
#
1.7 |
|
04-Feb-1999 |
deraadt |
report on no udp checksum
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.6 |
|
24-Jan-1998 |
mickey |
sysctl for def sizes for tcp/udp send/recv queues
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.5 |
|
26-Aug-1997 |
deraadt |
indent
|
#
1.4 |
|
09-Aug-1997 |
millert |
The list of tcp/udp ports not to allocate dynamically is now a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc.
|
Revision tags: OPENBSD_2_0_BASE OPENBSD_2_1_BASE
|
#
1.3 |
|
03-Mar-1996 |
niklas |
From NetBSD: 960217 merge
|
#
1.2 |
|
14-Dec-1995 |
deraadt |
from netbsd: make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.37 |
|
25-Feb-2022 |
guenther |
Reported-by: syzbot+1b5b209ce506db4d411d@syzkaller.appspotmail.com Revert the pr_usrreqs move: syzkaller found a NULL pointer deref and I won't be available to monitor for followup issues for a bit
|
#
1.36 |
|
25-Feb-2022 |
guenther |
Move pr_attach and pr_detach to a new structure pr_usrreqs that can then be shared among protosw structures, following the same basic direction as NetBSD and FreeBSD for this.
Split PRU_CONTROL out of pr_usrreq into pru_control, giving it the proper prototype to eliminate the previously necessary casts.
ok mvs@ bluhm@
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.35 |
|
22-Aug-2020 |
gnezdo |
Convert udp_sysctl to sysctl_bounded_args
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.34 |
|
02-Nov-2017 |
florian |
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.33 |
|
14-Apr-2017 |
bluhm |
Pass down the address family through the pr_input calls. This allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.32 |
|
13-Mar-2017 |
claudio |
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
|
#
1.31 |
|
29-Jan-2017 |
bluhm |
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
|
#
1.30 |
|
26-Jan-2017 |
bluhm |
Reduce the difference between struct protosw and ip6protosw. The IPv4 pr_ctlinput functions did return a void pointer that was always NULL and never used. Make all functions void like in the IPv6 case. OK mpi@
|
#
1.29 |
|
25-Jan-2017 |
bluhm |
Since raw_input() and route_input() are gone from pr_input, we can make the variable parameters of the protocol input functions fixed. Also add the proto to make it similar to IPv6. OK mpi@ guenther@ millert@
|
#
1.28 |
|
18-Nov-2016 |
dlg |
turn ipstat into a set of percpu counters.
each counter is identified by an enum value which correspond to the original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for now.
ok mpi@ mikeb@ deraadt@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.27 |
|
18-Jun-2016 |
vgross |
Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports cannot be bound to by non-root users.
Ok millert@ bluhm@
|
Revision tags: OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.26 |
|
23-Apr-2014 |
mpi |
Don't use varargs for udp_output() and sync the argument order with udp6_output().
ok henning@, reyk@, jca@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.25 |
|
25-Jan-2014 |
deraadt |
revert counter size changes. this breaks netstat. digging further, there are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
|
#
1.24 |
|
24-Jan-2014 |
henning |
make the udpstat counters u_int32_t, for consistency with tcpstat ok krw phessler
|
#
1.23 |
|
23-Jan-2014 |
henning |
since the cksum rewrite the counters for hardware checksummed packets are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.22 |
|
01-Jun-2013 |
bluhm |
Pass the routing domain to IPv6 pr_ctlinput() like in IPv4. OK claudio@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.21 |
|
21-Oct-2010 |
bluhm |
There is no TCP6 in our kernel, so remove the #ifndef TCP6. No binary change. ok claudio@ henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.20 |
|
13-Nov-2009 |
claudio |
Extend the protosw pr_ctlinput function to include the rdomain. This is needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.19 |
|
24-May-2008 |
thib |
Remove {tcp/udp}6_usrreq(); Since the normal ones now take a proc argument, theres no need for these, since they are just wrappers.
OK claudio@
|
#
1.18 |
|
23-May-2008 |
thib |
Deal with the situation when TCP nfs mounts timeout and processes get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@. "go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.17 |
|
13-Dec-2007 |
reyk |
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later.
discussed with deraadt@ claudio@ gilles@ ok deraadt@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE SMP_SYNC_A SMP_SYNC_B
|
#
1.16 |
|
17-Feb-2004 |
markus |
switch to sysctl_int_arr(); ok henning, deraadt
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.15 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: UBC_SYNC_A
|
#
1.14 |
|
12-May-2003 |
jason |
Nuke a whole bunch of commons; ok tedu (still more to come *sigh*)
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_B
|
#
1.13 |
|
14-Mar-2002 |
millert |
First round of __P removal in sys
|
Revision tags: OPENBSD_3_0_BASE UBC_BASE
|
#
1.12 |
|
23-Jun-2001 |
angelos |
branches: 1.12.4; Keep stats on TCP/UDP hardware checksumming.
|
#
1.11 |
|
09-Jun-2001 |
angelos |
Inclusion protection.
|
Revision tags: OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.10 |
|
18-Jun-2000 |
itojun |
sync with KAME udp6_output(). udp output logic is very different between IPv4/v6 so the separation should make more sense.
TODO: remove IPv6 case from udp_output() TODO: remove/comment out/#if 0 IPv4 mapped address cases
|
Revision tags: OPENBSD_2_7_BASE SMP_BASE kame_19991208
|
#
1.9 |
|
08-Dec-1999 |
itojun |
branches: 1.9.2; bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.8 |
|
27-Mar-1999 |
provos |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
|
#
1.7 |
|
04-Feb-1999 |
deraadt |
report on no udp checksum
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.6 |
|
24-Jan-1998 |
mickey |
sysctl for def sizes for tcp/udp send/recv queues
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.5 |
|
26-Aug-1997 |
deraadt |
indent
|
#
1.4 |
|
09-Aug-1997 |
millert |
The list of tcp/udp ports not to allocate dynamically is now a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc.
|
Revision tags: OPENBSD_2_0_BASE OPENBSD_2_1_BASE
|
#
1.3 |
|
03-Mar-1996 |
niklas |
From NetBSD: 960217 merge
|
#
1.2 |
|
14-Dec-1995 |
deraadt |
from netbsd: make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.36 |
|
25-Feb-2022 |
guenther |
Move pr_attach and pr_detach to a new structure pr_usrreqs that can then be shared among protosw structures, following the same basic direction as NetBSD and FreeBSD for this.
Split PRU_CONTROL out of pr_usrreq into pru_control, giving it the proper prototype to eliminate the previously necessary casts.
ok mvs@ bluhm@
|
Revision tags: OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.35 |
|
22-Aug-2020 |
gnezdo |
Convert udp_sysctl to sysctl_bounded_args
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.34 |
|
02-Nov-2017 |
florian |
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.33 |
|
14-Apr-2017 |
bluhm |
Pass down the address family through the pr_input calls. This allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.32 |
|
13-Mar-2017 |
claudio |
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
|
#
1.31 |
|
29-Jan-2017 |
bluhm |
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
|
#
1.30 |
|
26-Jan-2017 |
bluhm |
Reduce the difference between struct protosw and ip6protosw. The IPv4 pr_ctlinput functions did return a void pointer that was always NULL and never used. Make all functions void like in the IPv6 case. OK mpi@
|
#
1.29 |
|
25-Jan-2017 |
bluhm |
Since raw_input() and route_input() are gone from pr_input, we can make the variable parameters of the protocol input functions fixed. Also add the proto to make it similar to IPv6. OK mpi@ guenther@ millert@
|
#
1.28 |
|
18-Nov-2016 |
dlg |
turn ipstat into a set of percpu counters.
each counter is identified by an enum value which correspond to the original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for now.
ok mpi@ mikeb@ deraadt@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.27 |
|
18-Jun-2016 |
vgross |
Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports cannot be bound to by non-root users.
Ok millert@ bluhm@
|
Revision tags: OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.26 |
|
23-Apr-2014 |
mpi |
Don't use varargs for udp_output() and sync the argument order with udp6_output().
ok henning@, reyk@, jca@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.25 |
|
25-Jan-2014 |
deraadt |
revert counter size changes. this breaks netstat. digging further, there are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
|
#
1.24 |
|
24-Jan-2014 |
henning |
make the udpstat counters u_int32_t, for consistency with tcpstat ok krw phessler
|
#
1.23 |
|
23-Jan-2014 |
henning |
since the cksum rewrite the counters for hardware checksummed packets are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.22 |
|
01-Jun-2013 |
bluhm |
Pass the routing domain to IPv6 pr_ctlinput() like in IPv4. OK claudio@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.21 |
|
21-Oct-2010 |
bluhm |
There is no TCP6 in our kernel, so remove the #ifndef TCP6. No binary change. ok claudio@ henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.20 |
|
13-Nov-2009 |
claudio |
Extend the protosw pr_ctlinput function to include the rdomain. This is needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.19 |
|
24-May-2008 |
thib |
Remove {tcp/udp}6_usrreq(); Since the normal ones now take a proc argument, theres no need for these, since they are just wrappers.
OK claudio@
|
#
1.18 |
|
23-May-2008 |
thib |
Deal with the situation when TCP nfs mounts timeout and processes get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@. "go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.17 |
|
13-Dec-2007 |
reyk |
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later.
discussed with deraadt@ claudio@ gilles@ ok deraadt@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE SMP_SYNC_A SMP_SYNC_B
|
#
1.16 |
|
17-Feb-2004 |
markus |
switch to sysctl_int_arr(); ok henning, deraadt
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.15 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: UBC_SYNC_A
|
#
1.14 |
|
12-May-2003 |
jason |
Nuke a whole bunch of commons; ok tedu (still more to come *sigh*)
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_B
|
#
1.13 |
|
14-Mar-2002 |
millert |
First round of __P removal in sys
|
Revision tags: OPENBSD_3_0_BASE UBC_BASE
|
#
1.12 |
|
23-Jun-2001 |
angelos |
branches: 1.12.4; Keep stats on TCP/UDP hardware checksumming.
|
#
1.11 |
|
09-Jun-2001 |
angelos |
Inclusion protection.
|
Revision tags: OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.10 |
|
18-Jun-2000 |
itojun |
sync with KAME udp6_output(). udp output logic is very different between IPv4/v6 so the separation should make more sense.
TODO: remove IPv6 case from udp_output() TODO: remove/comment out/#if 0 IPv4 mapped address cases
|
Revision tags: OPENBSD_2_7_BASE SMP_BASE kame_19991208
|
#
1.9 |
|
08-Dec-1999 |
itojun |
branches: 1.9.2; bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.8 |
|
27-Mar-1999 |
provos |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
|
#
1.7 |
|
04-Feb-1999 |
deraadt |
report on no udp checksum
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.6 |
|
24-Jan-1998 |
mickey |
sysctl for def sizes for tcp/udp send/recv queues
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.5 |
|
26-Aug-1997 |
deraadt |
indent
|
#
1.4 |
|
09-Aug-1997 |
millert |
The list of tcp/udp ports not to allocate dynamically is now a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc.
|
Revision tags: OPENBSD_2_0_BASE OPENBSD_2_1_BASE
|
#
1.3 |
|
03-Mar-1996 |
niklas |
From NetBSD: 960217 merge
|
#
1.2 |
|
14-Dec-1995 |
deraadt |
from netbsd: make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.35 |
|
22-Aug-2020 |
gnezdo |
Convert udp_sysctl to sysctl_bounded_args
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE
|
#
1.34 |
|
02-Nov-2017 |
florian |
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.33 |
|
14-Apr-2017 |
bluhm |
Pass down the address family through the pr_input calls. This allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.32 |
|
13-Mar-2017 |
claudio |
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
|
#
1.31 |
|
29-Jan-2017 |
bluhm |
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
|
#
1.30 |
|
26-Jan-2017 |
bluhm |
Reduce the difference between struct protosw and ip6protosw. The IPv4 pr_ctlinput functions did return a void pointer that was always NULL and never used. Make all functions void like in the IPv6 case. OK mpi@
|
#
1.29 |
|
25-Jan-2017 |
bluhm |
Since raw_input() and route_input() are gone from pr_input, we can make the variable parameters of the protocol input functions fixed. Also add the proto to make it similar to IPv6. OK mpi@ guenther@ millert@
|
#
1.28 |
|
18-Nov-2016 |
dlg |
turn ipstat into a set of percpu counters.
each counter is identified by an enum value which correspond to the original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for now.
ok mpi@ mikeb@ deraadt@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.27 |
|
18-Jun-2016 |
vgross |
Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports cannot be bound to by non-root users.
Ok millert@ bluhm@
|
Revision tags: OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.26 |
|
23-Apr-2014 |
mpi |
Don't use varargs for udp_output() and sync the argument order with udp6_output().
ok henning@, reyk@, jca@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.25 |
|
25-Jan-2014 |
deraadt |
revert counter size changes. this breaks netstat. digging further, there are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
|
#
1.24 |
|
24-Jan-2014 |
henning |
make the udpstat counters u_int32_t, for consistency with tcpstat ok krw phessler
|
#
1.23 |
|
23-Jan-2014 |
henning |
since the cksum rewrite the counters for hardware checksummed packets are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.22 |
|
01-Jun-2013 |
bluhm |
Pass the routing domain to IPv6 pr_ctlinput() like in IPv4. OK claudio@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.21 |
|
21-Oct-2010 |
bluhm |
There is no TCP6 in our kernel, so remove the #ifndef TCP6. No binary change. ok claudio@ henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.20 |
|
13-Nov-2009 |
claudio |
Extend the protosw pr_ctlinput function to include the rdomain. This is needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.19 |
|
24-May-2008 |
thib |
Remove {tcp/udp}6_usrreq(); Since the normal ones now take a proc argument, theres no need for these, since they are just wrappers.
OK claudio@
|
#
1.18 |
|
23-May-2008 |
thib |
Deal with the situation when TCP nfs mounts timeout and processes get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@. "go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.17 |
|
13-Dec-2007 |
reyk |
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later.
discussed with deraadt@ claudio@ gilles@ ok deraadt@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE SMP_SYNC_A SMP_SYNC_B
|
#
1.16 |
|
17-Feb-2004 |
markus |
switch to sysctl_int_arr(); ok henning, deraadt
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.15 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: UBC_SYNC_A
|
#
1.14 |
|
12-May-2003 |
jason |
Nuke a whole bunch of commons; ok tedu (still more to come *sigh*)
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_B
|
#
1.13 |
|
14-Mar-2002 |
millert |
First round of __P removal in sys
|
Revision tags: OPENBSD_3_0_BASE UBC_BASE
|
#
1.12 |
|
23-Jun-2001 |
angelos |
branches: 1.12.4; Keep stats on TCP/UDP hardware checksumming.
|
#
1.11 |
|
09-Jun-2001 |
angelos |
Inclusion protection.
|
Revision tags: OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.10 |
|
18-Jun-2000 |
itojun |
sync with KAME udp6_output(). udp output logic is very different between IPv4/v6 so the separation should make more sense.
TODO: remove IPv6 case from udp_output() TODO: remove/comment out/#if 0 IPv4 mapped address cases
|
Revision tags: OPENBSD_2_7_BASE SMP_BASE kame_19991208
|
#
1.9 |
|
08-Dec-1999 |
itojun |
branches: 1.9.2; bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.8 |
|
27-Mar-1999 |
provos |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
|
#
1.7 |
|
04-Feb-1999 |
deraadt |
report on no udp checksum
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.6 |
|
24-Jan-1998 |
mickey |
sysctl for def sizes for tcp/udp send/recv queues
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.5 |
|
26-Aug-1997 |
deraadt |
indent
|
#
1.4 |
|
09-Aug-1997 |
millert |
The list of tcp/udp ports not to allocate dynamically is now a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc.
|
Revision tags: OPENBSD_2_0_BASE OPENBSD_2_1_BASE
|
#
1.3 |
|
03-Mar-1996 |
niklas |
From NetBSD: 960217 merge
|
#
1.2 |
|
14-Dec-1995 |
deraadt |
from netbsd: make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.34 |
|
02-Nov-2017 |
florian |
Move PRU_DETACH out of pr_usrreq into per proto pr_detach functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.33 |
|
14-Apr-2017 |
bluhm |
Pass down the address family through the pr_input calls. This allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.32 |
|
13-Mar-2017 |
claudio |
Move PRU_ATTACH out of the pr_usrreq functions into pr_attach. Attach is quite a different thing to the other PRU functions and this should make locking a bit simpler. This also removes the ugly hack on how proto was passed to the attach function. OK bluhm@ and mpi@ on a previous version
|
#
1.31 |
|
29-Jan-2017 |
bluhm |
Change the IPv4 pr_input function to the way IPv6 is implemented, to get rid of struct ip6protosw and some wrapper functions. It is more consistent to have less different structures. The divert_input functions cannot be called anyway, so remove them. OK visa@ mpi@
|
#
1.30 |
|
26-Jan-2017 |
bluhm |
Reduce the difference between struct protosw and ip6protosw. The IPv4 pr_ctlinput functions did return a void pointer that was always NULL and never used. Make all functions void like in the IPv6 case. OK mpi@
|
#
1.29 |
|
25-Jan-2017 |
bluhm |
Since raw_input() and route_input() are gone from pr_input, we can make the variable parameters of the protocol input functions fixed. Also add the proto to make it similar to IPv6. OK mpi@ guenther@ millert@
|
#
1.28 |
|
18-Nov-2016 |
dlg |
turn ipstat into a set of percpu counters.
each counter is identified by an enum value which correspond to the original members of the udpstat struct.
udpstat_inc(udps_foo) replaces udpstat.udps_foo++ for the actual updates. udpstat_inc is a thin wrapper around counters_inc.
counters are still returned to userland via the udpstat struct for now.
ok mpi@ mikeb@ deraadt@
|
Revision tags: OPENBSD_6_0_BASE
|
#
1.27 |
|
18-Jun-2016 |
vgross |
Add net.inet.{tcp,udp}.rootonly sysctl, to mark which ports cannot be bound to by non-root users.
Ok millert@ bluhm@
|
Revision tags: OPENBSD_5_6_BASE OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE
|
#
1.26 |
|
23-Apr-2014 |
mpi |
Don't use varargs for udp_output() and sync the argument order with udp6_output().
ok henning@, reyk@, jca@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.25 |
|
25-Jan-2014 |
deraadt |
revert counter size changes. this breaks netstat. digging further, there are so many inconsistancies, that moving one deck chair is pointless. more thought required. ok claudio
|
#
1.24 |
|
24-Jan-2014 |
henning |
make the udpstat counters u_int32_t, for consistency with tcpstat ok krw phessler
|
#
1.23 |
|
23-Jan-2014 |
henning |
since the cksum rewrite the counters for hardware checksummed packets are are lie, since the software engine emulates hardware offloading and that is later indistinguishable. so kill the hw cksummed counters. introduce software checksummed packet counters instead. tcp/udp handles ip & ipvshit, ip cksum covered, 6 has no ip layer cksum. as before we still have a miscounting bug for inbound with pf on, to be fixed in the next step. found by, prodding & ok naddy
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.22 |
|
01-Jun-2013 |
bluhm |
Pass the routing domain to IPv6 pr_ctlinput() like in IPv4. OK claudio@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE
|
#
1.21 |
|
21-Oct-2010 |
bluhm |
There is no TCP6 in our kernel, so remove the #ifndef TCP6. No binary change. ok claudio@ henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.20 |
|
13-Nov-2009 |
claudio |
Extend the protosw pr_ctlinput function to include the rdomain. This is needed so that the route and inp lookups done in TCP and UDP know where to look. Additionally in_pcbnotifyall() and tcp_respond() got a rdomain argument as well for similar reasons. With this tcp seems to be now fully rdomain save and no longer leaks single packets into the main domain. Looks good markus@, henning@
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.19 |
|
24-May-2008 |
thib |
Remove {tcp/udp}6_usrreq(); Since the normal ones now take a proc argument, theres no need for these, since they are just wrappers.
OK claudio@
|
#
1.18 |
|
23-May-2008 |
thib |
Deal with the situation when TCP nfs mounts timeout and processes get hung in nfs_reconnect() because they do not have the proper privilages to bind to a socket, by adding a struct proc * argument to sobind() (and the *_usrreq() routines, and finally in{6}_pcbbind) and do the sobind() with proc0 in nfs_connect.
OK markus@, blambert@. "go ahead" deraadt@.
Fixes an issue reported by bernd@ (Tested by bernd@). Fixes PR5135 too.
|
Revision tags: OPENBSD_4_3_BASE
|
#
1.17 |
|
13-Dec-2007 |
reyk |
implement sysctls to report IP, TCP, UDP, and ICMP statistics and change netstat to use them instead of accessing kvm for it. more protocols will be added later.
discussed with deraadt@ claudio@ gilles@ ok deraadt@
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE OPENBSD_3_9_BASE OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE SMP_SYNC_A SMP_SYNC_B
|
#
1.16 |
|
17-Feb-2004 |
markus |
switch to sysctl_int_arr(); ok henning, deraadt
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.15 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: UBC_SYNC_A
|
#
1.14 |
|
12-May-2003 |
jason |
Nuke a whole bunch of commons; ok tedu (still more to come *sigh*)
|
Revision tags: OPENBSD_3_1_BASE OPENBSD_3_2_BASE OPENBSD_3_3_BASE UBC_SYNC_B
|
#
1.13 |
|
14-Mar-2002 |
millert |
First round of __P removal in sys
|
Revision tags: OPENBSD_3_0_BASE UBC_BASE
|
#
1.12 |
|
23-Jun-2001 |
angelos |
branches: 1.12.4; Keep stats on TCP/UDP hardware checksumming.
|
#
1.11 |
|
09-Jun-2001 |
angelos |
Inclusion protection.
|
Revision tags: OPENBSD_2_8_BASE OPENBSD_2_9_BASE
|
#
1.10 |
|
18-Jun-2000 |
itojun |
sync with KAME udp6_output(). udp output logic is very different between IPv4/v6 so the separation should make more sense.
TODO: remove IPv6 case from udp_output() TODO: remove/comment out/#if 0 IPv4 mapped address cases
|
Revision tags: OPENBSD_2_7_BASE SMP_BASE kame_19991208
|
#
1.9 |
|
08-Dec-1999 |
itojun |
branches: 1.9.2; bring in KAME IPv6 code, dated 19991208. replaces NRL IPv6 layer. reuses NRL pcb layer. no IPsec-on-v6 support. see sys/netinet6/{TODO,IMPLEMENTATION} for more details.
GENERIC configuration should work fine as before. GENERIC.v6 works fine as well, but you'll need KAME userland tools to play with IPv6 (will be bringed into soon).
|
Revision tags: OPENBSD_2_5_BASE OPENBSD_2_6_BASE
|
#
1.8 |
|
27-Mar-1999 |
provos |
add SADB_X_BINDSA to pfkey allowing incoming SAs to refer to an outgoing SA to be used, use this SA in ip_output if available. allow mobile road warriors for bind SAs with wildcard dst and src addresses. check IPSEC AUTH and ESP level when receiving packets, drop them if protection is insufficient. add stats to show dropped packets because of insufficient IPSEC protection. -- phew. this was all done in canada. dugsong and linh provided the ride and company.
|
#
1.7 |
|
04-Feb-1999 |
deraadt |
report on no udp checksum
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.6 |
|
24-Jan-1998 |
mickey |
sysctl for def sizes for tcp/udp send/recv queues
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.5 |
|
26-Aug-1997 |
deraadt |
indent
|
#
1.4 |
|
09-Aug-1997 |
millert |
The list of tcp/udp ports not to allocate dynamically is now a bitmask configurable via sysctl([38]). The default values have not changed. If one wants to change the list it should be done early on in /etc/rc.
|
Revision tags: OPENBSD_2_0_BASE OPENBSD_2_1_BASE
|
#
1.3 |
|
03-Mar-1996 |
niklas |
From NetBSD: 960217 merge
|
#
1.2 |
|
14-Dec-1995 |
deraadt |
from netbsd: make netinet work on systems where pointers and longs are 64 bits (like the alpha). Biggest problem: IP headers were overlayed with structure which included pointers, and which therefore didn't overlay properly on 64-bit machines. Solution: instead of threading pointers through IP header overlays, add a "queue element" structure to do the threading, and point it at the ip headers.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|