The NetBSD Project

CVS log for src/sys/dist/pf/net/pf.c

[BACK] Up to [cvs.NetBSD.org] / src / sys / dist / pf / net

Request diff between arbitrary revisions


Keyword substitution: kv
Default branch: MAIN


Revision 1.87: download - view: text, markup, annotated - select for diffs
Fri Nov 4 09:01:53 2022 UTC (2 years ago) by ozaki-r
Branches: MAIN
CVS tags: thorpej-ifq-base, thorpej-ifq, thorpej-altq-separation-base, thorpej-altq-separation, perseant-exfatfs-base-20240630, perseant-exfatfs-base, perseant-exfatfs, netbsd-10-base, netbsd-10-0-RELEASE, netbsd-10-0-RC6, netbsd-10-0-RC5, netbsd-10-0-RC4, netbsd-10-0-RC3, netbsd-10-0-RC2, netbsd-10-0-RC1, netbsd-10, HEAD
Diff to: previous 1.86: preferred, colored
Changes since revision 1.86: +4 -4 lines
inpcb: rename functions to in6pcb_*

Revision 1.86: download - view: text, markup, annotated - select for diffs
Fri Nov 4 09:00:58 2022 UTC (2 years ago) by ozaki-r
Branches: MAIN
Diff to: previous 1.85: preferred, colored
Changes since revision 1.85: +5 -5 lines
inpcb: rename functions to inpcb_*

Inspired by rmind-smpnet patches.

Revision 1.85: download - view: text, markup, annotated - select for diffs
Fri Oct 28 05:20:08 2022 UTC (2 years, 1 month ago) by ozaki-r
Branches: MAIN
Diff to: previous 1.84: preferred, colored
Changes since revision 1.84: +3 -6 lines
Adjust pf, wg, dccp and sctp for struct inpcb integration

Revision 1.84: download - view: text, markup, annotated - select for diffs
Mon Aug 10 10:59:34 2020 UTC (4 years, 3 months ago) by rin
Branches: MAIN
CVS tags: thorpej-i2c-spi-conf2-base, thorpej-i2c-spi-conf2, thorpej-i2c-spi-conf-base, thorpej-i2c-spi-conf, thorpej-futex2-base, thorpej-futex2, thorpej-futex-base, thorpej-futex, thorpej-cfargs2-base, thorpej-cfargs2, thorpej-cfargs-base, thorpej-cfargs, cjep_sun2x-base1, cjep_sun2x-base, cjep_sun2x, cjep_staticlib_x-base1, cjep_staticlib_x-base, cjep_staticlib_x, bouyer-sunxi-drm-base, bouyer-sunxi-drm
Diff to: previous 1.83: preferred, colored
Changes since revision 1.83: +7 -7 lines
Clean up _LKM --> _MODULE leftovers.

Note that _KERNEL is always defined for modules.

Revision 1.81.2.1: download - view: text, markup, annotated - select for diffs
Mon Jun 10 22:07:37 2019 UTC (5 years, 5 months ago) by christos
Branches: phil-wifi
Diff to: previous 1.81: preferred, colored; next MAIN 1.82: preferred, colored
Changes since revision 1.81: +7 -7 lines
Sync with HEAD

Revision 1.80.2.3: download - view: text, markup, annotated - select for diffs
Thu Sep 6 06:56:06 2018 UTC (6 years, 2 months ago) by pgoyette
Branches: pgoyette-compat
CVS tags: pgoyette-compat-merge-20190127
Diff to: previous 1.80.2.2: preferred, colored; branchpoint 1.80: preferred, colored; next MAIN 1.81: preferred, colored
Changes since revision 1.80.2.2: +6 -6 lines
Sync with HEAD

Resolve a couple of conflicts (result of the uimin/uimax changes)

Revision 1.83: download - view: text, markup, annotated - select for diffs
Mon Sep 3 16:29:34 2018 UTC (6 years, 2 months ago) by riastradh
Branches: MAIN
CVS tags: phil-wifi-20200421, phil-wifi-20200411, phil-wifi-20200406, phil-wifi-20191119, phil-wifi-20190609, pgoyette-compat-20190127, pgoyette-compat-20190118, pgoyette-compat-1226, pgoyette-compat-1126, pgoyette-compat-1020, pgoyette-compat-0930, pgoyette-compat-0906, netbsd-9-base, netbsd-9-4-RELEASE, netbsd-9-3-RELEASE, netbsd-9-2-RELEASE, netbsd-9-1-RELEASE, netbsd-9-0-RELEASE, netbsd-9-0-RC2, netbsd-9-0-RC1, netbsd-9, isaki-audio2-base, isaki-audio2, is-mlppp-base, is-mlppp, bouyer-xenpvh-base2, bouyer-xenpvh-base1, bouyer-xenpvh-base, bouyer-xenpvh, ad-namecache-base3, ad-namecache-base2, ad-namecache-base1, ad-namecache-base, ad-namecache
Diff to: previous 1.82: preferred, colored
Changes since revision 1.82: +6 -6 lines
Rename min/max -> uimin/uimax for better honesty.

These functions are defined on unsigned int.  The generic name
min/max should not silently truncate to 32 bits on 64-bit systems.
This is purely a name change -- no functional change intended.

HOWEVER!  Some subsystems have

	#define min(a, b)	((a) < (b) ? (a) : (b))
	#define max(a, b)	((a) > (b) ? (a) : (b))

even though our standard name for that is MIN/MAX.  Although these
may invite multiple evaluation bugs, these do _not_ cause integer
truncation.

To avoid `fixing' these cases, I first changed the name in libkern,
and then compile-tested every file where min/max occurred in order to
confirm that it failed -- and thus confirm that nothing shadowed
min/max -- before changing it.

I have left a handful of bootloaders that are too annoying to
compile-test, and some dead code:

cobalt ews4800mips hp300 hppa ia64 luna68k vax
acorn32/if_ie.c (not included in any kernels)
macppc/if_gm.c (superseded by gem(4))

It should be easy to fix the fallout once identified -- this way of
doing things fails safe, and the goal here, after all, is to _avoid_
silent integer truncations, not introduce them.

Maybe one day we can reintroduce min/max as type-generic things that
never silently truncate.  But we should avoid doing that for a while,
so that existing code has a chance to be detected by the compiler for
conversion to uimin/uimax without changing the semantics until we can
properly audit it all.  (Who knows, maybe in some cases integer
truncation is actually intended!)

Revision 1.80.2.2: download - view: text, markup, annotated - select for diffs
Sat Jul 28 04:37:59 2018 UTC (6 years, 4 months ago) by pgoyette
Branches: pgoyette-compat
Diff to: previous 1.80.2.1: preferred, colored; branchpoint 1.80: preferred, colored
Changes since revision 1.80.2.1: +3 -3 lines
Sync with HEAD

Revision 1.82: download - view: text, markup, annotated - select for diffs
Wed Jul 11 05:25:46 2018 UTC (6 years, 4 months ago) by maxv
Branches: MAIN
CVS tags: pgoyette-compat-0728
Diff to: previous 1.81: preferred, colored
Changes since revision 1.81: +3 -3 lines
Rename

	ip_undefer_csum  -> in_undefer_cksum
	in_delayed_cksum -> in_undefer_cksum_tcpudp

The two previous names were inconsistent and misleading.

Put the two functions into in_offload.c. Add comments to explain what
we're doing.

The same could be done for IPv6.

Revision 1.80.2.1: download - view: text, markup, annotated - select for diffs
Mon May 21 04:36:12 2018 UTC (6 years, 6 months ago) by pgoyette
Branches: pgoyette-compat
Diff to: previous 1.80: preferred, colored
Changes since revision 1.80: +6 -2 lines
Sync with HEAD

Revision 1.81: download - view: text, markup, annotated - select for diffs
Thu May 3 07:01:08 2018 UTC (6 years, 7 months ago) by maxv
Branches: MAIN
CVS tags: phil-wifi-base, pgoyette-compat-0625, pgoyette-compat-0521
Branch point for: phil-wifi
Diff to: previous 1.80: preferred, colored
Changes since revision 1.80: +6 -2 lines
Remove m_copy completely.

Revision 1.76.6.2: download - view: text, markup, annotated - select for diffs
Mon Feb 26 00:33:08 2018 UTC (6 years, 9 months ago) by snj
Branches: netbsd-8
CVS tags: netbsd-8-3-RELEASE, netbsd-8-2-RELEASE, netbsd-8-1-RELEASE, netbsd-8-1-RC1, netbsd-8-0-RELEASE, netbsd-8-0-RC2, netbsd-8-0-RC1
Diff to: previous 1.76.6.1: preferred, colored; branchpoint 1.76: preferred, colored; next MAIN 1.77: preferred, colored
Changes since revision 1.76.6.1: +4 -2 lines
Pull up following revision(s) (requested by alnsn in ticket #570):
	sys/dist/pf/net/pf.c: 1.79-1.80
PR/53036: Alexander Nasonov: 'block user' in pf's ruleset panics 8.0_BETA
Check for NULL.
--
It is normal for socket credentials to be missing for incoming sockets,
so don't warn.

Revision 1.80: download - view: text, markup, annotated - select for diffs
Mon Feb 19 23:03:00 2018 UTC (6 years, 9 months ago) by christos
Branches: MAIN
CVS tags: pgoyette-compat-base, pgoyette-compat-0502, pgoyette-compat-0422, pgoyette-compat-0415, pgoyette-compat-0407, pgoyette-compat-0330, pgoyette-compat-0322, pgoyette-compat-0315
Branch point for: pgoyette-compat
Diff to: previous 1.79: preferred, colored
Changes since revision 1.79: +3 -8 lines
It is normal for socket credentials to be missing for incoming sockets,
so don't warn.

Revision 1.79: download - view: text, markup, annotated - select for diffs
Sun Feb 18 21:51:28 2018 UTC (6 years, 9 months ago) by christos
Branches: MAIN
Diff to: previous 1.78: preferred, colored
Changes since revision 1.78: +9 -2 lines
PR/53036: Alexander Nasonov: 'block user' in pf's ruleset panics 8.0_BETA
Check for NULL.

Revision 1.68.2.1: download - view: text, markup, annotated - select for diffs
Sat Feb 10 04:25:37 2018 UTC (6 years, 9 months ago) by snj
Branches: netbsd-6
Diff to: previous 1.68: preferred, colored; next MAIN 1.69: preferred, colored
Changes since revision 1.68: +3 -3 lines
Pull up following revision(s) (requested by maxv in ticket #1527):
	sys/dist/pf/net/pf.c: revision 1.78 via patch
Oh, what is this. Fix a remotely-triggerable integer overflow: the way we
define TCPOLEN_SACK makes it unsigned, and the comparison in the while()
is unsigned too. That's not the expected behavior, the original code
wanted a signed comparison.
It's pretty easy to make 'hlen' go negative and trigger a buffer overflow.
This bug was reported 8 years ago by Lucio Albornoz in PR/44059.

Revision 1.68.8.1: download - view: text, markup, annotated - select for diffs
Sat Feb 10 04:25:36 2018 UTC (6 years, 9 months ago) by snj
Branches: netbsd-6-1
Diff to: previous 1.68: preferred, colored; next MAIN 1.69: preferred, colored
Changes since revision 1.68: +3 -3 lines
Pull up following revision(s) (requested by maxv in ticket #1527):
	sys/dist/pf/net/pf.c: revision 1.78 via patch
Oh, what is this. Fix a remotely-triggerable integer overflow: the way we
define TCPOLEN_SACK makes it unsigned, and the comparison in the while()
is unsigned too. That's not the expected behavior, the original code
wanted a signed comparison.
It's pretty easy to make 'hlen' go negative and trigger a buffer overflow.
This bug was reported 8 years ago by Lucio Albornoz in PR/44059.

Revision 1.68.6.1: download - view: text, markup, annotated - select for diffs
Sat Feb 10 04:25:34 2018 UTC (6 years, 9 months ago) by snj
Branches: netbsd-6-0
Diff to: previous 1.68: preferred, colored; next MAIN 1.69: preferred, colored
Changes since revision 1.68: +3 -3 lines
Pull up following revision(s) (requested by maxv in ticket #1527):
	sys/dist/pf/net/pf.c: revision 1.78 via patch
Oh, what is this. Fix a remotely-triggerable integer overflow: the way we
define TCPOLEN_SACK makes it unsigned, and the comparison in the while()
is unsigned too. That's not the expected behavior, the original code
wanted a signed comparison.
It's pretty easy to make 'hlen' go negative and trigger a buffer overflow.
This bug was reported 8 years ago by Lucio Albornoz in PR/44059.

Revision 1.72.2.1: download - view: text, markup, annotated - select for diffs
Sat Feb 10 04:21:19 2018 UTC (6 years, 9 months ago) by snj
Branches: netbsd-7
CVS tags: netbsd-7-2-RELEASE
Diff to: previous 1.72: preferred, colored; next MAIN 1.73: preferred, colored
Changes since revision 1.72: +3 -3 lines
Pull up following revision(s) (requested by maxv in ticket #1565):
	sys/dist/pf/net/pf.c: revision 1.78 via patch
Oh, what is this. Fix a remotely-triggerable integer overflow: the way we
define TCPOLEN_SACK makes it unsigned, and the comparison in the while()
is unsigned too. That's not the expected behavior, the original code
wanted a signed comparison.
It's pretty easy to make 'hlen' go negative and trigger a buffer overflow.
This bug was reported 8 years ago by Lucio Albornoz in PR/44059.

Revision 1.72.10.1: download - view: text, markup, annotated - select for diffs
Sat Feb 10 04:21:17 2018 UTC (6 years, 9 months ago) by snj
Branches: netbsd-7-1
CVS tags: netbsd-7-1-2-RELEASE
Diff to: previous 1.72: preferred, colored; next MAIN 1.73: preferred, colored
Changes since revision 1.72: +3 -3 lines
Pull up following revision(s) (requested by maxv in ticket #1565):
	sys/dist/pf/net/pf.c: revision 1.78 via patch
Oh, what is this. Fix a remotely-triggerable integer overflow: the way we
define TCPOLEN_SACK makes it unsigned, and the comparison in the while()
is unsigned too. That's not the expected behavior, the original code
wanted a signed comparison.
It's pretty easy to make 'hlen' go negative and trigger a buffer overflow.
This bug was reported 8 years ago by Lucio Albornoz in PR/44059.

Revision 1.72.6.1: download - view: text, markup, annotated - select for diffs
Sat Feb 10 04:21:15 2018 UTC (6 years, 9 months ago) by snj
Branches: netbsd-7-0
Diff to: previous 1.72: preferred, colored; next MAIN 1.73: preferred, colored
Changes since revision 1.72: +3 -3 lines
Pull up following revision(s) (requested by maxv in ticket #1565):
	sys/dist/pf/net/pf.c: revision 1.78 via patch
Oh, what is this. Fix a remotely-triggerable integer overflow: the way we
define TCPOLEN_SACK makes it unsigned, and the comparison in the while()
is unsigned too. That's not the expected behavior, the original code
wanted a signed comparison.
It's pretty easy to make 'hlen' go negative and trigger a buffer overflow.
This bug was reported 8 years ago by Lucio Albornoz in PR/44059.

Revision 1.76.6.1: download - view: text, markup, annotated - select for diffs
Sat Feb 10 04:12:17 2018 UTC (6 years, 9 months ago) by snj
Branches: netbsd-8
Diff to: previous 1.76: preferred, colored
Changes since revision 1.76: +4 -4 lines
Pull up following revision(s) (requested by maxv in ticket #540):
	sys/dist/pf/net/pf.c: 1.77-1.78
PR/52682: David Binderman: Fix wrong assignment (in the !__NetBSD__ code)
Oh, what is this. Fix a remotely-triggerable integer overflow: the way we
define TCPOLEN_SACK makes it unsigned, and the comparison in the while()
is unsigned too. That's not the expected behavior, the original code
wanted a signed comparison.
It's pretty easy to make 'hlen' go negative and trigger a buffer overflow.
This bug was reported 8 years ago by Lucio Albornoz in PR/44059.

Revision 1.78: download - view: text, markup, annotated - select for diffs
Fri Feb 9 21:25:04 2018 UTC (6 years, 9 months ago) by maxv
Branches: MAIN
Diff to: previous 1.77: preferred, colored
Changes since revision 1.77: +3 -3 lines
Oh, what is this. Fix a remotely-triggerable integer overflow: the way we
define TCPOLEN_SACK makes it unsigned, and the comparison in the while()
is unsigned too. That's not the expected behavior, the original code
wanted a signed comparison.

It's pretty easy to make 'hlen' go negative and trigger a buffer overflow.

This bug was reported 8 years ago by Lucio Albornoz in PR/44059.

Revision 1.69.2.2: download - view: text, markup, annotated - select for diffs
Sun Dec 3 11:37:37 2017 UTC (7 years ago) by jdolecek
Branches: tls-maxphys
Diff to: previous 1.69.2.1: preferred, colored; branchpoint 1.69: preferred, colored; next MAIN 1.70: preferred, colored
Changes since revision 1.69.2.1: +11 -5 lines
update from HEAD

Revision 1.77: download - view: text, markup, annotated - select for diffs
Tue Oct 31 15:00:03 2017 UTC (7 years, 1 month ago) by christos
Branches: MAIN
CVS tags: tls-maxphys-base-20171202
Diff to: previous 1.76: preferred, colored
Changes since revision 1.76: +3 -3 lines
PR/52682: David Binderman: Fix wrong assignment (in the !__NetBSD__ code)

Revision 1.72.4.3: download - view: text, markup, annotated - select for diffs
Mon Aug 28 17:52:31 2017 UTC (7 years, 3 months ago) by skrll
Branches: nick-nhusb
Diff to: previous 1.72.4.2: preferred, colored; branchpoint 1.72: preferred, colored; next MAIN 1.73: preferred, colored
Changes since revision 1.72.4.2: +3 -3 lines
Sync with HEAD

Revision 1.75.2.1: download - view: text, markup, annotated - select for diffs
Fri Apr 21 16:53:54 2017 UTC (7 years, 7 months ago) by bouyer
Branches: bouyer-socketcan
Diff to: previous 1.75: preferred, colored; next MAIN 1.76: preferred, colored
Changes since revision 1.75: +3 -3 lines
Sync with HEAD

Revision 1.74.2.2: download - view: text, markup, annotated - select for diffs
Mon Mar 20 06:57:39 2017 UTC (7 years, 8 months ago) by pgoyette
Branches: pgoyette-localcount
Diff to: previous 1.74.2.1: preferred, colored; branchpoint 1.74: preferred, colored; next MAIN 1.75: preferred, colored
Changes since revision 1.74.2.1: +3 -3 lines
Sync with HEAD

Revision 1.76: download - view: text, markup, annotated - select for diffs
Tue Feb 14 03:05:06 2017 UTC (7 years, 9 months ago) by ozaki-r
Branches: MAIN
CVS tags: prg-localcount2-base3, prg-localcount2-base2, prg-localcount2-base1, prg-localcount2-base, prg-localcount2, pgoyette-localcount-20170426, pgoyette-localcount-20170320, perseant-stdc-iso10646-base, perseant-stdc-iso10646, nick-nhusb-base-20170825, netbsd-8-base, matt-nb8-mediatek-base, matt-nb8-mediatek, jdolecek-ncq-base, jdolecek-ncq, bouyer-socketcan-base1
Branch point for: netbsd-8
Diff to: previous 1.75: preferred, colored
Changes since revision 1.75: +3 -3 lines
Do ND in L2_output in the same manner as arpresolve

The benefits of this change are:
- The flow is consistent with IPv4 (and FreeBSD and OpenBSD)
  - old: ip6_output => nd6_output (do ND if needed) => L2_output (lookup a stored cache)
  - new: ip6_output => L2_output (lookup a cache. Do ND if cache not found)
- We can remove some workarounds in nd6_output
- We can move L2 specific operations to their own place
- The performance slightly improves because one cache lookup is reduced

Revision 1.72.4.2: download - view: text, markup, annotated - select for diffs
Sun Feb 5 13:40:49 2017 UTC (7 years, 9 months ago) by skrll
Branches: nick-nhusb
Diff to: previous 1.72.4.1: preferred, colored; branchpoint 1.72: preferred, colored
Changes since revision 1.72.4.1: +9 -3 lines
Sync with HEAD

Revision 1.74.2.1: download - view: text, markup, annotated - select for diffs
Sat Jan 7 08:56:43 2017 UTC (7 years, 10 months ago) by pgoyette
Branches: pgoyette-localcount
Diff to: previous 1.74: preferred, colored
Changes since revision 1.74: +9 -3 lines
Sync with HEAD.  (Note that most of these changes are simply $NetBSD$
tag issues.)

Revision 1.75: download - view: text, markup, annotated - select for diffs
Thu Dec 8 05:16:33 2016 UTC (7 years, 11 months ago) by ozaki-r
Branches: MAIN
CVS tags: pgoyette-localcount-20170107, nick-nhusb-base-20170204, bouyer-socketcan-base
Branch point for: bouyer-socketcan
Diff to: previous 1.74: preferred, colored
Changes since revision 1.74: +9 -3 lines
Add rtcache_unref to release points of rtentry stemming from rtcache

In the MP-safe world, a rtentry stemming from a rtcache can be freed at any
points. So we need to protect rtentries somehow say by reference couting or
passive references. Regardless of the method, we need to call some release
function of a rtentry after using it.

The change adds a new function rtcache_unref to release a rtentry. At this
point, this function does nothing because for now we don't add a reference
to a rtentry when we get one from a rtcache. We will add something useful
in a further commit.

This change is a part of changes for MP-safe routing table. It is separated
to avoid one big change that makes difficult to debug by bisecting.

Revision 1.72.4.1: download - view: text, markup, annotated - select for diffs
Sat Jul 9 20:25:18 2016 UTC (8 years, 4 months ago) by skrll
Branches: nick-nhusb
Diff to: previous 1.72: preferred, colored
Changes since revision 1.72: +4 -4 lines
Sync with HEAD

Revision 1.74: download - view: text, markup, annotated - select for diffs
Mon Jun 20 06:46:37 2016 UTC (8 years, 5 months ago) by knakahara
Branches: MAIN
CVS tags: pgoyette-localcount-base, pgoyette-localcount-20161104, pgoyette-localcount-20160806, pgoyette-localcount-20160726, nick-nhusb-base-20161204, nick-nhusb-base-20161004, nick-nhusb-base-20160907, localcount-20160914
Branch point for: pgoyette-localcount
Diff to: previous 1.73: preferred, colored
Changes since revision 1.73: +3 -3 lines
apply if_output_lock() to L3 callers which call ifp->if_output() of L2(or L3 tunneling).

Revision 1.73: download - view: text, markup, annotated - select for diffs
Fri Jun 10 13:27:15 2016 UTC (8 years, 5 months ago) by ozaki-r
Branches: MAIN
Diff to: previous 1.72: preferred, colored
Changes since revision 1.72: +3 -3 lines
Introduce m_set_rcvif and m_reset_rcvif

The API is used to set (or reset) a received interface of a mbuf.
They are counterpart of m_get_rcvif, which will come in another
commit, hide internal of rcvif operation, and reduce the diff of
the upcoming change.

No functional change.

Revision 1.69.2.1: download - view: text, markup, annotated - select for diffs
Wed Aug 20 00:03:52 2014 UTC (10 years, 3 months ago) by tls
Branches: tls-maxphys
Diff to: previous 1.69: preferred, colored
Changes since revision 1.69: +50 -42 lines
Rebase to HEAD as of a few days ago.

Revision 1.70.2.1: download - view: text, markup, annotated - select for diffs
Sun Aug 10 06:55:09 2014 UTC (10 years, 3 months ago) by tls
Branches: tls-earlyentropy
Diff to: previous 1.70: preferred, colored; next MAIN 1.71: preferred, colored
Changes since revision 1.70: +16 -10 lines
Rebase.

Revision 1.72: download - view: text, markup, annotated - select for diffs
Fri Jul 25 04:09:58 2014 UTC (10 years, 4 months ago) by ozaki-r
Branches: MAIN
CVS tags: tls-maxphys-base, tls-earlyentropy-base, nick-nhusb-base-20160529, nick-nhusb-base-20160422, nick-nhusb-base-20160319, nick-nhusb-base-20151226, nick-nhusb-base-20150921, nick-nhusb-base-20150606, nick-nhusb-base-20150406, nick-nhusb-base, netbsd-7-nhusb-base-20170116, netbsd-7-nhusb-base, netbsd-7-nhusb, netbsd-7-base, netbsd-7-1-RELEASE, netbsd-7-1-RC2, netbsd-7-1-RC1, netbsd-7-1-1-RELEASE, netbsd-7-0-RELEASE, netbsd-7-0-RC3, netbsd-7-0-RC2, netbsd-7-0-RC1, netbsd-7-0-2-RELEASE, netbsd-7-0-1-RELEASE
Branch point for: nick-nhusb, netbsd-7-1, netbsd-7-0, netbsd-7
Diff to: previous 1.71: preferred, colored
Changes since revision 1.71: +6 -2 lines
Unbreak the build of pf

Revision 1.71: download - view: text, markup, annotated - select for diffs
Thu Jun 5 23:48:16 2014 UTC (10 years, 5 months ago) by rmind
Branches: MAIN
Diff to: previous 1.70: preferred, colored
Changes since revision 1.70: +12 -10 lines
- Implement pktqueue interface for lockless IP input queue.
- Replace ipintrq and ip6intrq with the pktqueue mechanism.
- Eliminate kernel-lock from ipintr() and ip6intr().
- Some preparation work to push softnet_lock out of ipintr().

Discussed on tech-net.

Revision 1.66.2.2: download - view: text, markup, annotated - select for diffs
Thu May 22 11:40:38 2014 UTC (10 years, 6 months ago) by yamt
Branches: yamt-pagecache
Diff to: previous 1.66.2.1: preferred, colored; branchpoint 1.66: preferred, colored; next MAIN 1.67: preferred, colored
Changes since revision 1.66.2.1: +36 -34 lines
sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs.  ("Protocol error: too many arguments")

Revision 1.69.4.3: download - view: text, markup, annotated - select for diffs
Sun May 18 17:45:48 2014 UTC (10 years, 6 months ago) by rmind
Branches: rmind-smpnet
Diff to: previous 1.69.4.2: preferred, colored; branchpoint 1.69: preferred, colored; next MAIN 1.70: preferred, colored
Changes since revision 1.69.4.2: +36 -34 lines
sync with head

Revision 1.70: download - view: text, markup, annotated - select for diffs
Sun Oct 20 21:05:47 2013 UTC (11 years, 1 month ago) by christos
Branches: MAIN
CVS tags: yamt-pagecache-base9, rmind-smpnet-nbase, rmind-smpnet-base, riastradh-xf86-video-intel-2-7-1-pre-2-21-15, riastradh-drm2-base3
Branch point for: tls-earlyentropy
Diff to: previous 1.69: preferred, colored
Changes since revision 1.69: +36 -34 lines
fix compiler warnings

Revision 1.69.4.2: download - view: text, markup, annotated - select for diffs
Mon Sep 23 00:57:53 2013 UTC (11 years, 2 months ago) by rmind
Branches: rmind-smpnet
Diff to: previous 1.69.4.1: preferred, colored; branchpoint 1.69: preferred, colored
Changes since revision 1.69.4.1: +4 -4 lines
- Add some initial locking to the IPv4 PCB.
- Rename inpcb_lookup_*() routines to be more accurate and add comments.
- Add some comments about connection life-cycle WRT socket layer.

Revision 1.69.4.1: download - view: text, markup, annotated - select for diffs
Wed Jul 17 03:16:31 2013 UTC (11 years, 4 months ago) by rmind
Branches: rmind-smpnet
Diff to: previous 1.69: preferred, colored
Changes since revision 1.69: +11 -11 lines
Checkpoint work in progress:
- Move PCB structures under __INPCB_PRIVATE, adjust most of the callers
  and thus make IPv4 PCB structures mostly opaque.  Any volunteers for
  merging in6pcb with inpcb (see rpaulo-netinet-merge-pcb branch)?
- Move various global vars to the modules where they belong, make them static.
- Some preliminary work for IPv4 PCB locking scheme.
- Make raw IP code mostly MP-safe.  Simplify some of it.
- Rework "fast" IP forwarding (ipflow) code to be mostly MP-safe.  It should
  run from a software interrupt, rather than hard.
- Rework tun(4) pseudo interface to be MP-safe.
- Work towards making some other interfaces more strict.

Revision 1.66.2.1: download - view: text, markup, annotated - select for diffs
Tue Apr 17 00:08:14 2012 UTC (12 years, 7 months ago) by yamt
Branches: yamt-pagecache
CVS tags: yamt-pagecache-tag8
Diff to: previous 1.66: preferred, colored
Changes since revision 1.66: +14 -28 lines
sync with head

Revision 1.67.2.2: download - view: text, markup, annotated - select for diffs
Thu Apr 5 21:33:35 2012 UTC (12 years, 7 months ago) by mrg
Branches: jmcneill-usbmp
Diff to: previous 1.67.2.1: preferred, colored; branchpoint 1.67: preferred, colored; next MAIN 1.68: preferred, colored
Changes since revision 1.67.2.1: +2 -17 lines
sync to latest -current.

Revision 1.69: download - view: text, markup, annotated - select for diffs
Thu Mar 22 20:34:38 2012 UTC (12 years, 8 months ago) by drochner
Branches: MAIN
CVS tags: yamt-pagecache-base8, yamt-pagecache-base7, yamt-pagecache-base6, yamt-pagecache-base5, yamt-pagecache-base4, riastradh-drm2-base2, riastradh-drm2-base1, riastradh-drm2-base, riastradh-drm2, khorben-n900, jmcneill-usbmp-base9, jmcneill-usbmp-base8, jmcneill-usbmp-base10, agc-symver-base, agc-symver
Branch point for: tls-maxphys, rmind-smpnet
Diff to: previous 1.68: preferred, colored
Changes since revision 1.68: +2 -17 lines
remove KAME IPSEC, replaced by FAST_IPSEC

Revision 1.67.2.1: download - view: text, markup, annotated - select for diffs
Sat Feb 18 07:35:22 2012 UTC (12 years, 9 months ago) by mrg
Branches: jmcneill-usbmp
Diff to: previous 1.67: preferred, colored
Changes since revision 1.67: +6 -6 lines
merge to -current.

Revision 1.68: download - view: text, markup, annotated - select for diffs
Mon Dec 19 16:10:07 2011 UTC (12 years, 11 months ago) by drochner
Branches: MAIN
CVS tags: netbsd-6-base, netbsd-6-1-RELEASE, netbsd-6-1-RC4, netbsd-6-1-RC3, netbsd-6-1-RC2, netbsd-6-1-RC1, netbsd-6-1-5-RELEASE, netbsd-6-1-4-RELEASE, netbsd-6-1-3-RELEASE, netbsd-6-1-2-RELEASE, netbsd-6-1-1-RELEASE, netbsd-6-0-RELEASE, netbsd-6-0-RC2, netbsd-6-0-RC1, netbsd-6-0-6-RELEASE, netbsd-6-0-5-RELEASE, netbsd-6-0-4-RELEASE, netbsd-6-0-3-RELEASE, netbsd-6-0-2-RELEASE, netbsd-6-0-1-RELEASE, matt-nb6-plus-nbase, matt-nb6-plus-base, matt-nb6-plus, jmcneill-usbmp-base7, jmcneill-usbmp-base6, jmcneill-usbmp-base5, jmcneill-usbmp-base4, jmcneill-usbmp-base3, jmcneill-usbmp-base2
Branch point for: netbsd-6-1, netbsd-6-0, netbsd-6
Diff to: previous 1.67: preferred, colored
Changes since revision 1.67: +6 -6 lines
do missing ipsec->kame_ipsec renames

Revision 1.67: download - view: text, markup, annotated - select for diffs
Sat Nov 19 22:51:24 2011 UTC (13 years ago) by tls
Branches: MAIN
CVS tags: jmcneill-usbmp-pre-base2, jmcneill-usbmp-base
Branch point for: jmcneill-usbmp
Diff to: previous 1.66: preferred, colored
Changes since revision 1.66: +14 -13 lines
First step of random number subsystem rework described in
<20111022023242.BA26F14A158@mail.netbsd.org>.  This change includes
the following:

	An initial cleanup and minor reorganization of the entropy pool
	code in sys/dev/rnd.c and sys/dev/rndpool.c.  Several bugs are
	fixed.  Some effort is made to accumulate entropy more quickly at
	boot time.

	A generic interface, "rndsink", is added, for stream generators to
	request that they be re-keyed with good quality entropy from the pool
	as soon as it is available.

	The arc4random()/arc4randbytes() implementation in libkern is
	adjusted to use the rndsink interface for rekeying, which helps
	address the problem of low-quality keys at boot time.

	An implementation of the FIPS 140-2 statistical tests for random
	number generator quality is provided (libkern/rngtest.c).  This
	is based on Greg Rose's implementation from Qualcomm.

	A new random stream generator, nist_ctr_drbg, is provided.  It is
	based on an implementation of the NIST SP800-90 CTR_DRBG by
	Henric Jungheim.  This generator users AES in a modified counter
	mode to generate a backtracking-resistant random stream.

	An abstraction layer, "cprng", is provided for in-kernel consumers
	of randomness.  The arc4random/arc4randbytes API is deprecated for
	in-kernel use.  It is replaced by "cprng_strong".  The current
	cprng_fast implementation wraps the existing arc4random
	implementation.  The current cprng_strong implementation wraps the
	new CTR_DRBG implementation.  Both interfaces are rekeyed from
	the entropy pool automatically at intervals justifiable from best
	current cryptographic practice.

	In some quick tests, cprng_fast() is about the same speed as
	the old arc4randbytes(), and cprng_strong() is about 20% faster
	than rnd_extract_data().  Performance is expected to improve.

	The AES code in src/crypto/rijndael is no longer an optional
	kernel component, as it is required by cprng_strong, which is
	not an optional kernel component.

	The entropy pool output is subjected to the rngtest tests at
	startup time; if it fails, the system will reboot.  There is
	approximately a 3/10000 chance of a false positive from these
	tests.  Entropy pool _input_ from hardware random numbers is
	subjected to the rngtest tests at attach time, as well as the
	FIPS continuous-output test, to detect bad or stuck hardware
	RNGs; if any are detected, they are detached, but the system
	continues to run.

	A problem with rndctl(8) is fixed -- datastructures with
	pointers in arrays are no longer passed to userspace (this
	was not a security problem, but rather a major issue for
	compat32).  A new kernel will require a new rndctl.

	The sysctl kern.arandom() and kern.urandom() nodes are hooked
	up to the new generators, but the /dev/*random pseudodevices
	are not, yet.

	Manual pages for the new kernel interfaces are forthcoming.

Revision 1.66: download - view: text, markup, annotated - select for diffs
Mon Aug 29 09:50:04 2011 UTC (13 years, 3 months ago) by jmcneill
Branches: MAIN
CVS tags: yamt-pagecache-base3, yamt-pagecache-base2, yamt-pagecache-base, jmcneill-audiomp3-base, jmcneill-audiomp3
Branch point for: yamt-pagecache
Diff to: previous 1.65: preferred, colored
Changes since revision 1.65: +14 -14 lines
build pf module with WARNS=3, and remove the need for -Wno-shadow

Revision 1.64.2.1: download - view: text, markup, annotated - select for diffs
Mon Jun 6 09:08:47 2011 UTC (13 years, 5 months ago) by jruoho
Branches: jruoho-x86intr
Diff to: previous 1.64: preferred, colored; next MAIN 1.65: preferred, colored
Changes since revision 1.64: +4 -4 lines
Sync with HEAD.

Revision 1.61.4.2: download - view: text, markup, annotated - select for diffs
Tue May 31 03:04:57 2011 UTC (13 years, 6 months ago) by rmind
Branches: rmind-uvmplock
Diff to: previous 1.61.4.1: preferred, colored; branchpoint 1.61: preferred, colored; next MAIN 1.62: preferred, colored
Changes since revision 1.61.4.1: +4 -4 lines
sync with head

Revision 1.65: download - view: text, markup, annotated - select for diffs
Tue May 3 18:28:45 2011 UTC (13 years, 7 months ago) by dyoung
Branches: MAIN
CVS tags: rmind-uvmplock-nbase, rmind-uvmplock-base, cherry-xenmp-base, cherry-xenmp
Diff to: previous 1.64: preferred, colored
Changes since revision 1.64: +4 -4 lines
Reduces the resources demanded by TCP sessions in TIME_WAIT-state using
methods called Vestigial Time-Wait (VTW) and Maximum Segment Lifetime
Truncation (MSLT).

MSLT and VTW were contributed by Coyote Point Systems, Inc.

Even after a TCP session enters the TIME_WAIT state, its corresponding
socket and protocol control blocks (PCBs) stick around until the TCP
Maximum Segment Lifetime (MSL) expires.  On a host whose workload
necessarily creates and closes down many TCP sockets, the sockets & PCBs
for TCP sessions in TIME_WAIT state amount to many megabytes of dead
weight in RAM.

Maximum Segment Lifetimes Truncation (MSLT) assigns each TCP session to
a class based on the nearness of the peer.  Corresponding to each class
is an MSL, and a session uses the MSL of its class.  The classes are
loopback (local host equals remote host), local (local host and remote
host are on the same link/subnet), and remote (local host and remote
host communicate via one or more gateways).  Classes corresponding to
nearer peers have lower MSLs by default: 2 seconds for loopback, 10
seconds for local, 60 seconds for remote.  Loopback and local sessions
expire more quickly when MSLT is used.

Vestigial Time-Wait (VTW) replaces a TIME_WAIT session's PCB/socket
dead weight with a compact representation of the session, called a
"vestigial PCB".  VTW data structures are designed to be very fast and
memory-efficient: for fast insertion and lookup of vestigial PCBs,
the PCBs are stored in a hash table that is designed to minimize the
number of cacheline visits per lookup/insertion.  The memory both
for vestigial PCBs and for elements of the PCB hashtable come from
fixed-size pools, and linked data structures exploit this to conserve
memory by representing references with a narrow index/offset from the
start of a pool instead of a pointer.  When space for new vestigial PCBs
runs out, VTW makes room by discarding old vestigial PCBs, oldest first.
VTW cooperates with MSLT.

It may help to think of VTW as a "FIN cache" by analogy to the SYN
cache.

A 2.8-GHz Pentium 4 running a test workload that creates TIME_WAIT
sessions as fast as it can is approximately 17% idle when VTW is active
versus 0% idle when VTW is inactive.  It has 103 megabytes more free RAM
when VTW is active (approximately 64k vestigial PCBs are created) than
when it is inactive.

Revision 1.61.2.2: download - view: text, markup, annotated - select for diffs
Tue Aug 17 06:46:49 2010 UTC (14 years, 3 months ago) by uebayasi
Branches: uebayasi-xip
Diff to: previous 1.61.2.1: preferred, colored; branchpoint 1.61: preferred, colored; next MAIN 1.62: preferred, colored
Changes since revision 1.61.2.1: +14 -2 lines
Sync with HEAD.

Revision 1.51.4.6: download - view: text, markup, annotated - select for diffs
Wed Aug 11 22:54:19 2010 UTC (14 years, 3 months ago) by yamt
Branches: yamt-nfs-mp
Diff to: previous 1.51.4.5: preferred, colored; branchpoint 1.51: preferred, colored; next MAIN 1.52: preferred, colored
Changes since revision 1.51.4.5: +37 -7 lines
sync with head.

Revision 1.61.4.1: download - view: text, markup, annotated - select for diffs
Sun May 30 05:17:47 2010 UTC (14 years, 6 months ago) by rmind
Branches: rmind-uvmplock
Diff to: previous 1.61: preferred, colored
Changes since revision 1.61: +37 -7 lines
sync with head

Revision 1.64: download - view: text, markup, annotated - select for diffs
Fri May 7 17:41:57 2010 UTC (14 years, 6 months ago) by degroote
Branches: MAIN
CVS tags: yamt-nfs-mp-base11, yamt-nfs-mp-base10, uebayasi-xip-base4, uebayasi-xip-base3, uebayasi-xip-base2, matt-mips64-premerge-20101231, jruoho-x86intr-base, bouyer-quota2-nbase, bouyer-quota2-base, bouyer-quota2
Branch point for: jruoho-x86intr
Diff to: previous 1.63: preferred, colored
Changes since revision 1.63: +16 -4 lines
Add support for pfs(8)

pfs(8) is a tool similar to ipfs(8) but for pf(4). It allows the admin to
dump internal configuration of pf, and restore at a latter point, after a
maintenance reboot for example, in a transparent way for user.

This work has been done mostly during my GSoC 2009

No objections on tech-net@

Revision 1.61.2.1: download - view: text, markup, annotated - select for diffs
Fri Apr 30 14:43:56 2010 UTC (14 years, 7 months ago) by uebayasi
Branches: uebayasi-xip
Diff to: previous 1.61: preferred, colored
Changes since revision 1.61: +23 -5 lines
Sync with HEAD.

Revision 1.63: download - view: text, markup, annotated - select for diffs
Mon Apr 12 13:57:38 2010 UTC (14 years, 7 months ago) by ahoka
Branches: MAIN
CVS tags: uebayasi-xip-base1
Diff to: previous 1.62: preferred, colored
Changes since revision 1.62: +20 -2 lines
- Make the pf and pflog driver able to detach.
- Add code for module support.

Original patch from Jared McNeill

Revision 1.62: download - view: text, markup, annotated - select for diffs
Mon Apr 12 06:56:19 2010 UTC (14 years, 7 months ago) by skrll
Branches: MAIN
Diff to: previous 1.61: preferred, colored
Changes since revision 1.61: +5 -5 lines
Spello in comment.

Revision 1.51.4.5: download - view: text, markup, annotated - select for diffs
Thu Mar 11 15:04:10 2010 UTC (14 years, 8 months ago) by yamt
Branches: yamt-nfs-mp
Diff to: previous 1.51.4.4: preferred, colored; branchpoint 1.51: preferred, colored
Changes since revision 1.51.4.4: +6 -6 lines
sync with head

Revision 1.61: download - view: text, markup, annotated - select for diffs
Tue Jan 19 22:08:00 2010 UTC (14 years, 10 months ago) by pooka
Branches: MAIN
CVS tags: yamt-nfs-mp-base9, uebayasi-xip-base
Branch point for: uebayasi-xip, rmind-uvmplock
Diff to: previous 1.60: preferred, colored
Changes since revision 1.60: +2 -3 lines
Redefine bpf linkage through an always present op vector, i.e.
#if NBPFILTER is no longer required in the client.  This change
doesn't yet add support for loading bpf as a module, since drivers
can register before bpf is attached.  However, callers of bpf can
now be modularized.

Dynamically loadable bpf could probably be done fairly easily with
coordination from the stub driver and the real driver by registering
attachments in the stub before the real driver is loaded and doing
a handoff.  ... and I'm not going to ponder the depths of unload
here.

Tested with i386/MONOLITHIC, modified MONOLITHIC without bpf and rump.

Revision 1.60: download - view: text, markup, annotated - select for diffs
Wed Dec 30 19:47:15 2009 UTC (14 years, 11 months ago) by elad
Branches: MAIN
Diff to: previous 1.59: preferred, colored
Changes since revision 1.59: +3 -3 lines
Replace uidinfo.h with kauth.h, should fix problems observed by tron@.

Revision 1.59: download - view: text, markup, annotated - select for diffs
Wed Dec 30 16:49:02 2009 UTC (14 years, 11 months ago) by elad
Branches: MAIN
Diff to: previous 1.58: preferred, colored
Changes since revision 1.58: +3 -3 lines
Use the right member to store gid in the non-NetBSD case.

Pointed out by uebayasi@ and cegger@, thanks!

Revision 1.58: download - view: text, markup, annotated - select for diffs
Wed Dec 30 07:00:01 2009 UTC (14 years, 11 months ago) by elad
Branches: MAIN
Diff to: previous 1.57: preferred, colored
Changes since revision 1.57: +5 -4 lines
Get uid/gid from the socket's credentials.

Revision 1.1.1.4 (vendor branch): download - view: text, markup, annotated - select for diffs
Tue Dec 1 07:03:13 2009 UTC (15 years ago) by martti
Branches: OPENBSD
CVS tags: v4_2
Diff to: previous 1.1.1.3: preferred, colored
Changes since revision 1.1.1.3: +1357 -1671 lines
Import PF from OpenBSD 4.2

Revision 1.51.4.4: download - view: text, markup, annotated - select for diffs
Wed Sep 16 13:37:59 2009 UTC (15 years, 2 months ago) by yamt
Branches: yamt-nfs-mp
Diff to: previous 1.51.4.3: preferred, colored; branchpoint 1.51: preferred, colored
Changes since revision 1.51.4.3: +2 -6 lines
sync with head

Revision 1.57: download - view: text, markup, annotated - select for diffs
Mon Sep 14 10:36:49 2009 UTC (15 years, 2 months ago) by degroote
Branches: MAIN
CVS tags: yamt-nfs-mp-base8, matt-premerge-20091211, jym-xensuspend-nbase
Diff to: previous 1.56: preferred, colored
Changes since revision 1.56: +2 -6 lines
Import pfsync support from OpenBSD 4.2

Pfsync interface exposes change in the pf(4) over a pseudo-interface, and can
be used to synchronise different pf.

This work was part of my 2009 GSoC

No objection on tech-net@

Revision 1.51.4.3: download - view: text, markup, annotated - select for diffs
Wed Aug 19 18:47:33 2009 UTC (15 years, 3 months ago) by yamt
Branches: yamt-nfs-mp
Diff to: previous 1.51.4.2: preferred, colored; branchpoint 1.51: preferred, colored
Changes since revision 1.51.4.2: +2 -20 lines
sync with head.

Revision 1.56: download - view: text, markup, annotated - select for diffs
Tue Jul 28 18:15:26 2009 UTC (15 years, 4 months ago) by minskim
Branches: MAIN
CVS tags: yamt-nfs-mp-base7
Diff to: previous 1.55: preferred, colored
Changes since revision 1.55: +2 -20 lines
Remove LKM code from pf.

Revision 1.53.8.2: download - view: text, markup, annotated - select for diffs
Thu Jul 23 23:32:21 2009 UTC (15 years, 4 months ago) by jym
Branches: jym-xensuspend
Diff to: previous 1.53.8.1: preferred, colored; branchpoint 1.53: preferred, colored; next MAIN 1.54: preferred, colored
Changes since revision 1.53.8.1: +3 -3 lines
Sync with HEAD.

Revision 1.51.4.2: download - view: text, markup, annotated - select for diffs
Sat Jun 20 07:20:30 2009 UTC (15 years, 5 months ago) by yamt
Branches: yamt-nfs-mp
Diff to: previous 1.51.4.1: preferred, colored; branchpoint 1.51: preferred, colored
Changes since revision 1.51.4.1: +3 -3 lines
sync with head

Revision 1.55: download - view: text, markup, annotated - select for diffs
Tue Jun 16 05:15:41 2009 UTC (15 years, 5 months ago) by minskim
Branches: MAIN
CVS tags: yamt-nfs-mp-base6, yamt-nfs-mp-base5, jymxensuspend-base
Diff to: previous 1.54: preferred, colored
Changes since revision 1.54: +3 -3 lines
Reduce diff with OpenBSD.  No functional change.

Revision 1.53.8.1: download - view: text, markup, annotated - select for diffs
Wed May 13 17:21:43 2009 UTC (15 years, 6 months ago) by jym
Branches: jym-xensuspend
Diff to: previous 1.53: preferred, colored
Changes since revision 1.53: +21 -2 lines
Sync with HEAD.

Commit is split, to avoid a "too many arguments" protocol error.

Revision 1.51.4.1: download - view: text, markup, annotated - select for diffs
Mon May 4 08:13:27 2009 UTC (15 years, 7 months ago) by yamt
Branches: yamt-nfs-mp
Diff to: previous 1.51: preferred, colored
Changes since revision 1.51: +1684 -1730 lines
sync with head.

Revision 1.53.2.1: download - view: text, markup, annotated - select for diffs
Tue Apr 28 07:36:47 2009 UTC (15 years, 7 months ago) by skrll
Branches: nick-hppapmap
Diff to: previous 1.53: preferred, colored; next MAIN 1.54: preferred, colored
Changes since revision 1.53: +21 -2 lines
Sync with HEAD.

Revision 1.28.8.1: download - view: text, markup, annotated - select for diffs
Wed Apr 15 20:40:25 2009 UTC (15 years, 7 months ago) by snj
Branches: netbsd-4-0
Diff to: previous 1.28: preferred, colored; next MAIN 1.29: preferred, colored
Changes since revision 1.28: +19 -1 lines
Pull up following revision(s) (requested by christos in ticket #1305):
	sys/dist/pf/net/pf.c: revision 1.54 via patch
Fix http://www.securityfocus.com/archive/1/502634, from OpenBSD.

Revision 1.28.2.1: download - view: text, markup, annotated - select for diffs
Wed Apr 15 20:38:55 2009 UTC (15 years, 7 months ago) by snj
Branches: netbsd-4
Diff to: previous 1.28: preferred, colored; next MAIN 1.29: preferred, colored
Changes since revision 1.28: +19 -1 lines
Pull up following revision(s) (requested by christos in ticket #1305):
	sys/dist/pf/net/pf.c: revision 1.54 via patch
Fix http://www.securityfocus.com/archive/1/502634, from OpenBSD.

Revision 1.53.4.1: download - view: text, markup, annotated - select for diffs
Tue Apr 14 11:43:57 2009 UTC (15 years, 7 months ago) by jdc
Branches: netbsd-5
CVS tags: netbsd-5-2-RELEASE, netbsd-5-2-RC1, netbsd-5-2-3-RELEASE, netbsd-5-2-2-RELEASE, netbsd-5-2-1-RELEASE, netbsd-5-2, netbsd-5-1-RELEASE, netbsd-5-1-RC4, netbsd-5-1-RC3, netbsd-5-1-RC2, netbsd-5-1-RC1, netbsd-5-1-5-RELEASE, netbsd-5-1-4-RELEASE, netbsd-5-1-3-RELEASE, netbsd-5-1-2-RELEASE, netbsd-5-1-1-RELEASE, netbsd-5-1, netbsd-5-0-RELEASE, netbsd-5-0-RC4, netbsd-5-0-2-RELEASE, netbsd-5-0-1-RELEASE, netbsd-5-0, matt-nb5-pq3-base, matt-nb5-pq3, matt-nb5-mips64-u2-k2-k4-k7-k8-k9, matt-nb5-mips64-u1-k1-k5, matt-nb5-mips64-premerge-20101231, matt-nb5-mips64-premerge-20091211, matt-nb5-mips64-k15, matt-nb5-mips64, matt-nb4-mips64-k7-u2a-k9b
Diff to: previous 1.53: preferred, colored; next MAIN 1.54: preferred, colored
Changes since revision 1.53: +21 -2 lines
Pull up revision 1.54 (requested by christos in ticket #702).

Fix http://www.securityfocus.com/archive/1/502634, from OpenBSD.

Revision 1.54: download - view: text, markup, annotated - select for diffs
Mon Apr 13 22:29:11 2009 UTC (15 years, 7 months ago) by christos
Branches: MAIN
CVS tags: yamt-nfs-mp-base4, yamt-nfs-mp-base3, nick-hppapmap-base4, nick-hppapmap-base3, nick-hppapmap-base, jym-xensuspend-base
Diff to: previous 1.53: preferred, colored
Changes since revision 1.53: +21 -2 lines
Fix http://www.securityfocus.com/archive/1/502634, from OpenBSD.
XXX: should be pulled up to 5.x

Revision 1.44.6.3: download - view: text, markup, annotated - select for diffs
Sat Jan 17 13:29:11 2009 UTC (15 years, 10 months ago) by mjf
Branches: mjf-devfs2
Diff to: previous 1.44.6.2: preferred, colored; branchpoint 1.44: preferred, colored; next MAIN 1.45: preferred, colored
Changes since revision 1.44.6.2: +1 -0 lines
Sync with HEAD.

Revision 1.52.2.1: download - view: text, markup, annotated - select for diffs
Sun Oct 19 22:17:17 2008 UTC (16 years, 1 month ago) by haad
Branches: haad-dm
Diff to: previous 1.52: preferred, colored; next MAIN 1.53: preferred, colored
Changes since revision 1.52: +3 -2 lines
Sync with HEAD.

Revision 1.53: download - view: text, markup, annotated - select for diffs
Sat Oct 11 13:40:57 2008 UTC (16 years, 1 month ago) by pooka
Branches: MAIN
CVS tags: nick-hppapmap-base2, netbsd-5-base, netbsd-5-0-RC3, netbsd-5-0-RC2, netbsd-5-0-RC1, mjf-devfs2-base, matt-mips64-base2, haad-nbase2, haad-dm-base2, haad-dm-base1, haad-dm-base, ad-audiomp2-base, ad-audiomp2
Branch point for: nick-hppapmap, netbsd-5, jym-xensuspend
Diff to: previous 1.52: preferred, colored
Changes since revision 1.52: +3 -2 lines
Move uidinfo to its own module in kern_uidinfo.c and include in rump.
No functional change to uidinfo.

Revision 1.44.6.2: download - view: text, markup, annotated - select for diffs
Sun Jun 29 09:33:12 2008 UTC (16 years, 5 months ago) by mjf
Branches: mjf-devfs2
Diff to: previous 1.44.6.1: preferred, colored; branchpoint 1.44: preferred, colored
Changes since revision 1.44.6.1: +1670 -1736 lines
Sync with HEAD.

Revision 1.51.6.1: download - view: text, markup, annotated - select for diffs
Mon Jun 23 04:31:46 2008 UTC (16 years, 5 months ago) by wrstuden
Branches: wrstuden-revivesa
Diff to: previous 1.51: preferred, colored; next MAIN 1.52: preferred, colored
Changes since revision 1.51: +1672 -1738 lines
Sync w/ -current. 34 merge conflicts to follow.

Revision 1.51.8.1: download - view: text, markup, annotated - select for diffs
Wed Jun 18 16:33:34 2008 UTC (16 years, 5 months ago) by simonb
Branches: simonb-wapbl
Diff to: previous 1.51: preferred, colored; next MAIN 1.52: preferred, colored
Changes since revision 1.51: +1672 -1738 lines
Sync with head.

Revision 1.52: download - view: text, markup, annotated - select for diffs
Wed Jun 18 09:06:27 2008 UTC (16 years, 5 months ago) by yamt
Branches: MAIN
CVS tags: wrstuden-revivesa-base-4, wrstuden-revivesa-base-3, wrstuden-revivesa-base-2, wrstuden-revivesa-base-1, wrstuden-revivesa-base, simonb-wapbl-nbase, simonb-wapbl-base
Branch point for: haad-dm
Diff to: previous 1.51: preferred, colored
Changes since revision 1.51: +1663 -1729 lines
merge yamt-pf42 branch.
(import newer pf from OpenBSD 4.2)

ok'ed by peter@.  requested by core@

Revision 1.51.2.9: download - view: text, markup, annotated - select for diffs
Fri Jun 6 20:17:45 2008 UTC (16 years, 5 months ago) by christos
Branches: yamt-pf42
Diff to: previous 1.51.2.8: preferred, colored; branchpoint 1.51: preferred, colored; next MAIN 1.52: preferred, colored
Changes since revision 1.51.2.8: +30 -33 lines
Use macros to make ifdefs smaller; enable pid, gid for NetBSD

Revision 1.51.2.8: download - view: text, markup, annotated - select for diffs
Thu Jun 5 20:47:28 2008 UTC (16 years, 6 months ago) by joerg
Branches: yamt-pf42
Diff to: previous 1.51.2.7: preferred, colored; branchpoint 1.51: preferred, colored
Changes since revision 1.51.2.7: +19 -12 lines
Fix up pf_modulate_sack as discussed with christos@.

Revision 1.51.2.7: download - view: text, markup, annotated - select for diffs
Wed Jun 4 20:34:37 2008 UTC (16 years, 6 months ago) by joerg
Branches: yamt-pf42
Diff to: previous 1.51.2.6: preferred, colored; branchpoint 1.51: preferred, colored
Changes since revision 1.51.2.6: +7 -5 lines
Add some explicit casts to make it build on AMD64.

Revision 1.44.6.1: download - view: text, markup, annotated - select for diffs
Mon Jun 2 13:24:04 2008 UTC (16 years, 6 months ago) by mjf
Branches: mjf-devfs2
Diff to: previous 1.44: preferred, colored
Changes since revision 1.44: +9 -9 lines
Sync with HEAD.

Revision 1.51.2.6: download - view: text, markup, annotated - select for diffs
Tue Apr 29 17:24:29 2008 UTC (16 years, 7 months ago) by peter
Branches: yamt-pf42
Diff to: previous 1.51.2.5: preferred, colored; branchpoint 1.51: preferred, colored
Changes since revision 1.51.2.5: +23 -5 lines
Pass the direction (PF_IN/PF_OUT) to pf_check_proto_cksum and skip
input checksumming when direction != PF_IN, as suggested by yamt@.

Revision 1.51.2.5: download - view: text, markup, annotated - select for diffs
Thu Apr 24 08:28:49 2008 UTC (16 years, 7 months ago) by peter
Branches: yamt-pf42
Diff to: previous 1.51.2.4: preferred, colored; branchpoint 1.51: preferred, colored
Changes since revision 1.51.2.4: +57 -21 lines
Add PACKET_TAG_ALTQ_QID and use it for pf/ALTQ. The ALTQ code compiles now.

ok yamt@

Revision 1.51.2.4: download - view: text, markup, annotated - select for diffs
Wed Apr 23 19:25:18 2008 UTC (16 years, 7 months ago) by peter
Branches: yamt-pf42
Diff to: previous 1.51.2.3: preferred, colored; branchpoint 1.51: preferred, colored
Changes since revision 1.51.2.3: +23 -2 lines
pfdetach: stop the purge thread.

Revision 1.51.2.3: download - view: text, markup, annotated - select for diffs
Wed Apr 23 18:14:49 2008 UTC (16 years, 7 months ago) by peter
Branches: yamt-pf42
Diff to: previous 1.51.2.2: preferred, colored; branchpoint 1.51: preferred, colored
Changes since revision 1.51.2.2: +2 -4 lines
Putting bpfilter.h/pf.h/pflog.h under _KERNEL_OPT was a mistake, revert this.

Revision 1.51.2.2: download - view: text, markup, annotated - select for diffs
Sat Apr 19 12:10:18 2008 UTC (16 years, 7 months ago) by yamt
Branches: yamt-pf42
Diff to: previous 1.51.2.1: preferred, colored; branchpoint 1.51: preferred, colored
Changes since revision 1.51.2.1: +2 -3 lines
pf_routable: use the return value of rtcache_init instead of ro.ro_rt.

Revision 1.51.2.1: download - view: text, markup, annotated - select for diffs
Sat Apr 19 08:33:26 2008 UTC (16 years, 7 months ago) by yamt
Branches: yamt-pf42
Diff to: previous 1.51: preferred, colored
Changes since revision 1.51: +1645 -1789 lines
Peter Postma's work-in-progress pf import from OpenBSD 4.2.
updated to -current by me.

Revision 1.51: download - view: text, markup, annotated - select for diffs
Tue Apr 15 03:57:04 2008 UTC (16 years, 7 months ago) by thorpej
Branches: MAIN
CVS tags: yamt-pf42-baseX, yamt-pf42-base4, yamt-pf42-base3, yamt-pf42-base2, yamt-pf42-base, yamt-nfs-mp-base2, yamt-nfs-mp-base, hpcarm-cleanup-nbase
Branch point for: yamt-pf42, yamt-nfs-mp, wrstuden-revivesa, simonb-wapbl
Diff to: previous 1.50: preferred, colored
Changes since revision 1.50: +3 -3 lines
Make ip6 and icmp6 stats per-cpu.

Revision 1.50: download - view: text, markup, annotated - select for diffs
Sat Apr 12 05:58:22 2008 UTC (16 years, 7 months ago) by thorpej
Branches: MAIN
Diff to: previous 1.49: preferred, colored
Changes since revision 1.49: +8 -8 lines
Make IP, TCP, UDP, and ICMP statistics per-CPU.  The stats are collated
when the user requests them via sysctl.

Revision 1.49: download - view: text, markup, annotated - select for diffs
Tue Apr 8 15:04:35 2008 UTC (16 years, 7 months ago) by thorpej
Branches: MAIN
Diff to: previous 1.48: preferred, colored
Changes since revision 1.48: +3 -3 lines
Change ICMP6 stats from a structure to an array of uint64_t's.

Note: This is ABI-compatible with the old icmp6stat structure; old netstat
binaries will continue to work properly.

Revision 1.48: download - view: text, markup, annotated - select for diffs
Tue Apr 8 01:03:58 2008 UTC (16 years, 7 months ago) by thorpej
Branches: MAIN
Diff to: previous 1.47: preferred, colored
Changes since revision 1.47: +3 -3 lines
Change TCP stats from a structure to an array of uint64_t's.

Note: This is ABI-compatible with the old tcpstat structure; old netstat
binaries will continue to work properly.

Revision 1.47: download - view: text, markup, annotated - select for diffs
Mon Apr 7 06:31:27 2008 UTC (16 years, 7 months ago) by thorpej
Branches: MAIN
Diff to: previous 1.46: preferred, colored
Changes since revision 1.46: +5 -5 lines
Change IP stats from a structure to an array of uint64_t's.

Note: This is ABI-compatible with the old ipstat structure; old netstat
binaries will continue to work properly.

Revision 1.46: download - view: text, markup, annotated - select for diffs
Sun Apr 6 20:17:27 2008 UTC (16 years, 7 months ago) by thorpej
Branches: MAIN
Diff to: previous 1.45: preferred, colored
Changes since revision 1.45: +3 -3 lines
Change UDP stats from a structure to an array of uint64_t's.

Note: This is ABI-compatible with the old icmpstat structure; old netstat
binaries will continue to work properly.

Revision 1.45: download - view: text, markup, annotated - select for diffs
Sun Apr 6 19:04:48 2008 UTC (16 years, 7 months ago) by thorpej
Branches: MAIN
Diff to: previous 1.44: preferred, colored
Changes since revision 1.44: +3 -3 lines
Change ICMP stats from a structure to an array of uint64_t's.

Note: This is ABI-compatible with the old icmpstat structure; old netstat
binaries will continue to work properly.

Revision 1.40.2.2: download - view: text, markup, annotated - select for diffs
Sun Mar 23 02:04:55 2008 UTC (16 years, 8 months ago) by matt
Branches: matt-armv6
Diff to: previous 1.40.2.1: preferred, colored; branchpoint 1.40: preferred, colored; next MAIN 1.41: preferred, colored
Changes since revision 1.40.2.1: +11 -14 lines
sync with HEAD

Revision 1.40.8.3: download - view: text, markup, annotated - select for diffs
Mon Feb 18 21:06:35 2008 UTC (16 years, 9 months ago) by mjf
Branches: mjf-devfs
Diff to: previous 1.40.8.2: preferred, colored; branchpoint 1.40: preferred, colored; next MAIN 1.41: preferred, colored
Changes since revision 1.40.8.2: +11 -14 lines
Sync with HEAD.

Revision 1.17.2.6: download - view: text, markup, annotated - select for diffs
Mon Jan 21 09:45:41 2008 UTC (16 years, 10 months ago) by yamt
Branches: yamt-lazymbuf
Diff to: previous 1.17.2.5: preferred, colored; branchpoint 1.17: preferred, colored; next MAIN 1.18: preferred, colored
Changes since revision 1.17.2.5: +23 -18 lines
sync with head

Revision 1.41.6.3: download - view: text, markup, annotated - select for diffs
Sat Jan 19 12:15:16 2008 UTC (16 years, 10 months ago) by bouyer
Branches: bouyer-xeni386
Diff to: previous 1.41.6.2: preferred, colored; branchpoint 1.41: preferred, colored; next MAIN 1.42: preferred, colored
Changes since revision 1.41.6.2: +9 -12 lines
Sync with HEAD

Revision 1.44: download - view: text, markup, annotated - select for diffs
Mon Jan 14 17:14:21 2008 UTC (16 years, 10 months ago) by dyoung
Branches: MAIN
CVS tags: yamt-lazymbuf-base15, yamt-lazymbuf-base14, nick-net80211-sync-base, nick-net80211-sync, mjf-devfs-base, matt-armv6-nbase, keiichi-mipv6-nbase, keiichi-mipv6-base, keiichi-mipv6, hpcarm-cleanup-base, bouyer-xeni386-nbase, bouyer-xeni386-base, ad-socklock-base1
Branch point for: mjf-devfs2
Diff to: previous 1.43: preferred, colored
Changes since revision 1.43: +11 -14 lines
Change rtcache_init()+rtcache_getrt() and
rtcache_init_noclone()+rtcache_getrt() to single rtcache_init()
and rtcache_init_clone() calls.

Revision 1.40.2.1: download - view: text, markup, annotated - select for diffs
Wed Jan 9 01:55:37 2008 UTC (16 years, 10 months ago) by matt
Branches: matt-armv6
Diff to: previous 1.40: preferred, colored
Changes since revision 1.40: +22 -9 lines
sync with HEAD

Revision 1.41.6.2: download - view: text, markup, annotated - select for diffs
Wed Jan 2 21:55:25 2008 UTC (16 years, 11 months ago) by bouyer
Branches: bouyer-xeni386
CVS tags: bouyer-xeni386-merge1
Diff to: previous 1.41.6.1: preferred, colored; branchpoint 1.41: preferred, colored
Changes since revision 1.41.6.1: +13 -8 lines
Sync with HEAD

Revision 1.40.8.2: download - view: text, markup, annotated - select for diffs
Thu Dec 27 00:45:41 2007 UTC (16 years, 11 months ago) by mjf
Branches: mjf-devfs
Diff to: previous 1.40.8.1: preferred, colored; branchpoint 1.40: preferred, colored
Changes since revision 1.40.8.1: +17 -9 lines
Sync with HEAD.

Revision 1.41.2.1: download - view: text, markup, annotated - select for diffs
Wed Dec 26 19:55:27 2007 UTC (16 years, 11 months ago) by ad
Branches: vmlocking2
Diff to: previous 1.41: preferred, colored; next MAIN 1.42: preferred, colored
Changes since revision 1.41: +17 -9 lines
Sync with head.

Revision 1.43: download - view: text, markup, annotated - select for diffs
Thu Dec 20 19:53:30 2007 UTC (16 years, 11 months ago) by dyoung
Branches: MAIN
CVS tags: vmlocking2-base3, matt-armv6-base
Diff to: previous 1.42: preferred, colored
Changes since revision 1.42: +15 -10 lines
Poison struct route->ro_rt uses in the kernel by changing the name
to _ro_rt.  Use rtcache_getrt() to access a route cache's struct
rtentry *.

Introduce struct ifnet->if_dl that always points at the interface
identifier/link-layer address.  Make code that treated the first
ifaddr on struct ifnet->if_addrlist as the interface address use
if_dl, instead.

Remove stale debugging code from net/route.c.  Move the rtflush()
code into rtcache_clear() and delete rtflush().  Delete rtalloc(),
because nothing uses it any more.

Make ND6_HINT an inline, lowercase subroutine, nd6_hint.

I've done my best to convert IP Filter, the ISO stack, and the
AppleTalk stack to rtcache_getrt().  They compile, but I have not
tested them.  I have given the changes to PF, GRE, IPv4 and IPv6
stacks a lot of exercise.

Revision 1.41.6.1: download - view: text, markup, annotated - select for diffs
Thu Dec 13 21:56:48 2007 UTC (16 years, 11 months ago) by bouyer
Branches: bouyer-xeni386
Diff to: previous 1.41: preferred, colored
Changes since revision 1.41: +4 -1 lines
Sync with HEAD

Revision 1.41.4.1: download - view: text, markup, annotated - select for diffs
Tue Dec 11 15:44:08 2007 UTC (16 years, 11 months ago) by yamt
Branches: yamt-kmem
Diff to: previous 1.41: preferred, colored; next MAIN 1.42: preferred, colored
Changes since revision 1.41: +4 -1 lines
sync with head.

Revision 1.42: download - view: text, markup, annotated - select for diffs
Tue Dec 11 11:08:20 2007 UTC (16 years, 11 months ago) by lukem
Branches: MAIN
CVS tags: yamt-kmem-base3, yamt-kmem-base2, cube-autoconf-base, cube-autoconf
Diff to: previous 1.41: preferred, colored
Changes since revision 1.41: +4 -1 lines
use __KERNEL_RCSID()

Revision 1.40.8.1: download - view: text, markup, annotated - select for diffs
Sat Dec 8 18:20:11 2007 UTC (16 years, 11 months ago) by mjf
Branches: mjf-devfs
Diff to: previous 1.40: preferred, colored
Changes since revision 1.40: +6 -1 lines
Sync with HEAD.

Revision 1.17.2.5: download - view: text, markup, annotated - select for diffs
Fri Dec 7 17:31:47 2007 UTC (16 years, 11 months ago) by yamt
Branches: yamt-lazymbuf
Diff to: previous 1.17.2.4: preferred, colored; branchpoint 1.17: preferred, colored
Changes since revision 1.17.2.4: +6 -1 lines
sync with head

Revision 1.39.6.2: download - view: text, markup, annotated - select for diffs
Mon Dec 3 16:14:44 2007 UTC (17 years ago) by joerg
Branches: jmcneill-pm
Diff to: previous 1.39.6.1: preferred, colored; branchpoint 1.39: preferred, colored; next MAIN 1.40: preferred, colored
Changes since revision 1.39.6.1: +6 -1 lines
Sync with HEAD.

Revision 1.41: download - view: text, markup, annotated - select for diffs
Wed Nov 28 04:23:33 2007 UTC (17 years ago) by dyoung
Branches: MAIN
CVS tags: yamt-kmem-base, vmlocking2-base2, vmlocking2-base1, vmlocking-nbase, reinoud-bufcleanup-nbase, reinoud-bufcleanup-base, jmcneill-pm-base
Branch point for: yamt-kmem, vmlocking2, bouyer-xeni386
Diff to: previous 1.40: preferred, colored
Changes since revision 1.40: +6 -1 lines
Bug fix: make pf_route() set M_CSUM_IPV4 before calling ip_fragment().

If you use a route-to rule such as 'pass out quick on ath0 route-to
gre2 all', and the MTU on gre2 is smaller than the MTU on ath0,
then pf_route() will fragment your packet by calling ip_fragment().
Because pf_route() did not set M_CSUM_IPv4, ip_fragment() would
not compute the checksum on the fragments, and PF would send IP
fragments with bad checksums out of gre2.

Revision 1.17.2.4: download - view: text, markup, annotated - select for diffs
Mon Sep 3 14:40:02 2007 UTC (17 years, 3 months ago) by yamt
Branches: yamt-lazymbuf
Diff to: previous 1.17.2.3: preferred, colored; branchpoint 1.17: preferred, colored
Changes since revision 1.17.2.3: +69 -70 lines
sync with head.

Revision 1.36.2.2: download - view: text, markup, annotated - select for diffs
Mon Aug 20 21:27:25 2007 UTC (17 years, 3 months ago) by ad
Branches: vmlocking
Diff to: previous 1.36.2.1: preferred, colored; branchpoint 1.36: preferred, colored; next MAIN 1.37: preferred, colored
Changes since revision 1.36.2.1: +2 -1 lines
Sync with HEAD.

Revision 1.39.2.1: download - view: text, markup, annotated - select for diffs
Wed Aug 15 13:48:53 2007 UTC (17 years, 3 months ago) by skrll
Branches: nick-csl-alignment
Diff to: previous 1.39: preferred, colored; next MAIN 1.40: preferred, colored
Changes since revision 1.39: +2 -1 lines
Sync with HEAD.

Revision 1.39.6.1: download - view: text, markup, annotated - select for diffs
Thu Aug 9 02:37:16 2007 UTC (17 years, 3 months ago) by jmcneill
Branches: jmcneill-pm
Diff to: previous 1.39: preferred, colored
Changes since revision 1.39: +2 -1 lines
Sync with HEAD.

Revision 1.40: download - view: text, markup, annotated - select for diffs
Tue Aug 7 10:08:21 2007 UTC (17 years, 3 months ago) by yamt
Branches: MAIN
CVS tags: yamt-x86pmap-base4, yamt-x86pmap-base3, yamt-x86pmap-base2, yamt-x86pmap-base, yamt-x86pmap, vmlocking-base, nick-csl-alignment-base5, matt-armv6-prevmlocking, jmcneill-base, bouyer-xenamd64-base2, bouyer-xenamd64-base, bouyer-xenamd64
Branch point for: mjf-devfs, matt-armv6
Diff to: previous 1.39: preferred, colored
Changes since revision 1.39: +2 -1 lines
reduce diff.

Revision 1.36.4.1: download - view: text, markup, annotated - select for diffs
Wed Jul 11 20:09:17 2007 UTC (17 years, 4 months ago) by mjf
Branches: mjf-ufs-trans
Diff to: previous 1.36: preferred, colored; next MAIN 1.37: preferred, colored
Changes since revision 1.36: +62 -64 lines
Sync with head.

Revision 1.36.2.1: download - view: text, markup, annotated - select for diffs
Fri Jun 8 14:14:59 2007 UTC (17 years, 5 months ago) by ad
Branches: vmlocking
Diff to: previous 1.36: preferred, colored
Changes since revision 1.36: +62 -64 lines
Sync with head.

Revision 1.39: download - view: text, markup, annotated - select for diffs
Thu May 17 17:04:12 2007 UTC (17 years, 6 months ago) by christos
Branches: MAIN
CVS tags: nick-csl-alignment-base, mjf-ufs-trans-base, matt-mips64-base, matt-mips64, hpcarm-cleanup
Branch point for: nick-csl-alignment, jmcneill-pm
Diff to: previous 1.38: preferred, colored
Changes since revision 1.38: +1 -2 lines
Coverity CID 3157: remove bogus break.

Revision 1.34.2.4: download - view: text, markup, annotated - select for diffs
Thu May 17 13:41:42 2007 UTC (17 years, 6 months ago) by yamt
Branches: yamt-idlelwp
Diff to: previous 1.34.2.3: preferred, colored; branchpoint 1.34: preferred, colored; next MAIN 1.35: preferred, colored
Changes since revision 1.34.2.3: +23 -9 lines
sync with head.

Revision 1.38: download - view: text, markup, annotated - select for diffs
Thu May 10 22:30:55 2007 UTC (17 years, 6 months ago) by dyoung
Branches: MAIN
CVS tags: yamt-idlelwp-base8
Diff to: previous 1.37: preferred, colored
Changes since revision 1.37: +23 -9 lines
pfctl: extend pf.conf(5) syntax.  Let the operator supply an optional
"state lock" flag (if-bound, gr-bound, floating) at the end of a
NAT rule.  The new syntax is backwards-compatbile with the old
syntax.

PF (kernel): change the macro BOUND_IFACE() to the inline function
bound_iface(), and add a new argument, the applicable NAT rule.
Use both the flags on the applicable filter rule and on the applicable
NAT rule to decide whether or not to bind a state to the interface
or the group where it is created.

Revision 1.34.2.3: download - view: text, markup, annotated - select for diffs
Mon May 7 10:55:41 2007 UTC (17 years, 7 months ago) by yamt
Branches: yamt-idlelwp
Diff to: previous 1.34.2.2: preferred, colored; branchpoint 1.34: preferred, colored
Changes since revision 1.34.2.2: +40 -55 lines
sync with head.

Revision 1.37: download - view: text, markup, annotated - select for diffs
Wed May 2 20:40:22 2007 UTC (17 years, 7 months ago) by dyoung
Branches: MAIN
Diff to: previous 1.36: preferred, colored
Changes since revision 1.36: +40 -55 lines
Eliminate address family-specific route caches (struct route, struct
route_in6, struct route_iso), replacing all caches with a struct
route.

The principle benefit of this change is that all of the protocol
families can benefit from route cache-invalidation, which is
necessary for correct routing.  Route-cache invalidation fixes an
ancient PR, kern/3508, at long last; it fixes various other PRs,
also.

Discussions with and ideas from Joerg Sonnenberger influenced this
work tremendously.  Of course, all design oversights and bugs are
mine.

DETAILS

1 I added to each address family a pool of sockaddrs.  I have
  introduced routines for allocating, copying, and duplicating,
  and freeing sockaddrs:

        struct sockaddr *sockaddr_alloc(sa_family_t af, int flags);
        struct sockaddr *sockaddr_copy(struct sockaddr *dst,
                                       const struct sockaddr *src);
        struct sockaddr *sockaddr_dup(const struct sockaddr *src, int flags);
        void sockaddr_free(struct sockaddr *sa);

  sockaddr_alloc() returns either a sockaddr from the pool belonging
  to the specified family, or NULL if the pool is exhausted.  The
  returned sockaddr has the right size for that family; sa_family
  and sa_len fields are initialized to the family and sockaddr
  length---e.g., sa_family = AF_INET and sa_len = sizeof(struct
  sockaddr_in).  sockaddr_free() puts the given sockaddr back into
  its family's pool.

  sockaddr_dup() and sockaddr_copy() work analogously to strdup()
  and strcpy(), respectively.  sockaddr_copy() KASSERTs that the
  family of the destination and source sockaddrs are alike.

  The 'flags' argumet for sockaddr_alloc() and sockaddr_dup() is
  passed directly to pool_get(9).

2 I added routines for initializing sockaddrs in each address
  family, sockaddr_in_init(), sockaddr_in6_init(), sockaddr_iso_init(),
  etc.  They are fairly self-explanatory.

3 structs route_in6 and route_iso are no more.  All protocol families
  use struct route.  I have changed the route cache, 'struct route',
  so that it does not contain storage space for a sockaddr.  Instead,
  struct route points to a sockaddr coming from the pool the sockaddr
  belongs to.  I added a new method to struct route, rtcache_setdst(),
  for setting the cache destination:

        int rtcache_setdst(struct route *, const struct sockaddr *);

  rtcache_setdst() returns 0 on success, or ENOMEM if no memory is
  available to create the sockaddr storage.

  It is now possible for rtcache_getdst() to return NULL if, say,
  rtcache_setdst() failed.  I check the return value for NULL
  everywhere in the kernel.

4 Each routing domain (struct domain) has a list of live route
  caches, dom_rtcache.  rtflushall(sa_family_t af) looks up the
  domain indicated by 'af', walks the domain's list of route caches
  and invalidates each one.

Revision 1.34.2.2: download - view: text, markup, annotated - select for diffs
Mon Mar 12 05:58:08 2007 UTC (17 years, 8 months ago) by rmind
Branches: yamt-idlelwp
Diff to: previous 1.34.2.1: preferred, colored; branchpoint 1.34: preferred, colored
Changes since revision 1.34.2.1: +8 -8 lines
Sync with HEAD.

Revision 1.36: download - view: text, markup, annotated - select for diffs
Sun Mar 4 06:02:58 2007 UTC (17 years, 9 months ago) by christos
Branches: MAIN
CVS tags: thorpej-atomic-base, thorpej-atomic, reinoud-bufcleanup
Branch point for: vmlocking, mjf-ufs-trans
Diff to: previous 1.35: preferred, colored
Changes since revision 1.35: +8 -8 lines
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.

Revision 1.34.2.1: download - view: text, markup, annotated - select for diffs
Tue Feb 27 16:54:10 2007 UTC (17 years, 9 months ago) by yamt
Branches: yamt-idlelwp
Diff to: previous 1.34: preferred, colored
Changes since revision 1.34: +6 -4 lines
- sync with head.
- move sched_changepri back to kern_synch.c as it doesn't know PPQ anymore.

Revision 1.17.2.3: download - view: text, markup, annotated - select for diffs
Mon Feb 26 09:10:54 2007 UTC (17 years, 9 months ago) by yamt
Branches: yamt-lazymbuf
Diff to: previous 1.17.2.2: preferred, colored; branchpoint 1.17: preferred, colored
Changes since revision 1.17.2.2: +6 -4 lines
sync with head.

Revision 1.35: download - view: text, markup, annotated - select for diffs
Sat Feb 17 21:08:52 2007 UTC (17 years, 9 months ago) by dyoung
Branches: MAIN
CVS tags: ad-audiomp-base, ad-audiomp
Diff to: previous 1.34: preferred, colored
Changes since revision 1.34: +6 -4 lines
In pf_rtlabel_match, use rtcache_free()/rtcache_init().  This is
just cosmetic, since the whole routine is presently #if 0'd.

Revision 1.23.8.2: download - view: text, markup, annotated - select for diffs
Fri Jan 12 01:04:04 2007 UTC (17 years, 10 months ago) by ad
Branches: newlock2
Diff to: previous 1.23.8.1: preferred, colored; branchpoint 1.23: preferred, colored; next MAIN 1.24: preferred, colored
Changes since revision 1.23.8.1: +53 -56 lines
Sync with head.

Revision 1.17.2.2: download - view: text, markup, annotated - select for diffs
Sat Dec 30 20:49:56 2006 UTC (17 years, 11 months ago) by yamt
Branches: yamt-lazymbuf
Diff to: previous 1.17.2.1: preferred, colored; branchpoint 1.17: preferred, colored
Changes since revision 1.17.2.1: +79 -74 lines
sync with head.

Revision 1.23.10.3: download - view: text, markup, annotated - select for diffs
Mon Dec 18 11:42:15 2006 UTC (17 years, 11 months ago) by yamt
Branches: yamt-splraiseipl
Diff to: previous 1.23.10.2: preferred, colored; branchpoint 1.23: preferred, colored; next MAIN 1.24: preferred, colored
Changes since revision 1.23.10.2: +24 -21 lines
sync with head.

Revision 1.34: download - view: text, markup, annotated - select for diffs
Fri Dec 15 21:18:52 2006 UTC (17 years, 11 months ago) by joerg
Branches: MAIN
CVS tags: yamt-splraiseipl-base5, yamt-splraiseipl-base4, post-newlock2-merge, newlock2-nbase, newlock2-base
Branch point for: yamt-idlelwp
Diff to: previous 1.33: preferred, colored
Changes since revision 1.33: +21 -17 lines
Introduce new helper functions to abstract the route caching.
rtcache_init and rtcache_init_noclone lookup ro_dst and store
the result in ro_rt, taking care of the reference counting and
calling the domain specific route cache.
rtcache_free checks if a route was cashed and frees the reference.
rtcache_copy copies ro_dst of the given struct route, checking that
enough space is available and incrementing the reference count of the
cached rtentry if necessary.
rtcache_check validates that the cached route is still up. If it isn't,
it tries to look it up again. Afterwards ro_rt is either a valid again
or NULL.
rtcache_copy is used internally.

Adjust to callers of rtalloc/rtflush in the tree to check the sanity of
ro_dst first (if necessary). If it doesn't fit the expectations, free
the cache, otherwise check if the cached route is still valid. After
that combination, a single check for ro_rt == NULL is enough to decide
whether a new lookup needs to be done with a different ro_dst.
Make the route checking in gre stricter by repeating the loop check
after revalidation.
Remove some unused RADIX_MPATH code in in6_src.c. The logic is slightly
changed here to first validate the route and check RTF_GATEWAY
afterwards. This is sementically equivalent though.
etherip doesn't need sc_route_expire similiar to the gif changes from
dyoung@ earlier.

Based on the earlier patch from dyoung@, reviewed and discussed with
him.

Revision 1.33: download - view: text, markup, annotated - select for diffs
Wed Dec 13 03:45:48 2006 UTC (17 years, 11 months ago) by matt
Branches: MAIN
Diff to: previous 1.32: preferred, colored
Changes since revision 1.32: +4 -5 lines
Don't apply a window scale to the window size in a SYN packet.

Revision 1.23.10.2: download - view: text, markup, annotated - select for diffs
Sun Dec 10 07:18:34 2006 UTC (17 years, 11 months ago) by yamt
Branches: yamt-splraiseipl
Diff to: previous 1.23.10.1: preferred, colored; branchpoint 1.23: preferred, colored
Changes since revision 1.23.10.1: +50 -56 lines
sync with head.

Revision 1.32: download - view: text, markup, annotated - select for diffs
Sat Dec 9 05:33:06 2006 UTC (17 years, 11 months ago) by dyoung
Branches: MAIN
CVS tags: yamt-splraiseipl-base3
Diff to: previous 1.31: preferred, colored
Changes since revision 1.31: +6 -5 lines
Here are various changes designed to protect against bad IPv4
routing caused by stale route caches (struct route).  Route caches
are sprinkled throughout PCBs, the IP fast-forwarding table, and
IP tunnel interfaces (gre, gif, stf).

Stale IPv6 and ISO route caches will be treated by separate patches.

Thank you to Christoph Badura for suggesting the general approach
to invalidating route caches that I take here.

Here are the details:

Add hooks to struct domain for tracking and for invalidating each
domain's route caches: dom_rtcache, dom_rtflush, and dom_rtflushall.

Introduce helper subroutines, rtflush(ro) for invalidating a route
cache, rtflushall(family) for invalidating all route caches in a
routing domain, and rtcache(ro) for notifying the domain of a new
cached route.

Chain together all IPv4 route caches where ro_rt != NULL.  Provide
in_rtcache() for adding a route to the chain.  Provide in_rtflush()
and in_rtflushall() for invalidating IPv4 route caches.  In
in_rtflush(), set ro_rt to NULL, and remove the route from the
chain.  In in_rtflushall(), walk the chain and remove every route
cache.

In rtrequest1(), call rtflushall() to invalidate route caches when
a route is added.

In gif(4), discard the workaround for stale caches that involves
expiring them every so often.

Replace the pattern 'RTFREE(ro->ro_rt); ro->ro_rt = NULL;' with a
call to rtflush(ro).

Update ipflow_fastforward() and all other users of route caches so
that they expect a cached route, ro->ro_rt, to turn to NULL.

Take care when moving a 'struct route' to rtflush() the source and
to rtcache() the destination.

In domain initializers, use .dom_xxx tags.

KNF here and there.

Revision 1.31: download - view: text, markup, annotated - select for diffs
Mon Dec 4 02:59:35 2006 UTC (18 years ago) by dyoung
Branches: MAIN
Diff to: previous 1.30: preferred, colored
Changes since revision 1.30: +7 -7 lines
Indent these macros for readability.  People have to read this
code, too.

Revision 1.30: download - view: text, markup, annotated - select for diffs
Mon Dec 4 02:58:06 2006 UTC (18 years ago) by dyoung
Branches: MAIN
Diff to: previous 1.29: preferred, colored
Changes since revision 1.29: +7 -7 lines
Lightly constify.  Helps compile-time checking that we are not
scribbling over shared or read-only memory---e.g., in mbufs.

Revision 1.29: download - view: text, markup, annotated - select for diffs
Mon Dec 4 02:28:12 2006 UTC (18 years ago) by dyoung
Branches: MAIN
Diff to: previous 1.28: preferred, colored
Changes since revision 1.28: +20 -27 lines
No need for a struct route_in6 in pf_route6().  Replace it with a
sockaddr_in6.

In pf_calc_mss(), factor common code out of PF_INET and PF_INET6
switch cases.

Revision 1.23.8.1: download - view: text, markup, annotated - select for diffs
Sat Nov 18 21:39:17 2006 UTC (18 years ago) by ad
Branches: newlock2
Diff to: previous 1.23: preferred, colored
Changes since revision 1.23: +27 -19 lines
Sync with head.

Revision 1.28: download - view: text, markup, annotated - select for diffs
Thu Nov 16 01:33:34 2006 UTC (18 years ago) by christos
Branches: MAIN
CVS tags: wrstuden-fixsa-newbase, wrstuden-fixsa-base-1, wrstuden-fixsa-base, wrstuden-fixsa, netbsd-4-base, netbsd-4-0-RELEASE, netbsd-4-0-RC5, netbsd-4-0-RC4, netbsd-4-0-RC3, netbsd-4-0-RC2, netbsd-4-0-RC1, netbsd-4-0-1-RELEASE, matt-nb4-arm-base, matt-nb4-arm
Branch point for: netbsd-4-0, netbsd-4
Diff to: previous 1.27: preferred, colored
Changes since revision 1.27: +14 -14 lines
__unused removal on arguments; approved by core.

Revision 1.23.10.1: download - view: text, markup, annotated - select for diffs
Sun Oct 22 06:07:05 2006 UTC (18 years, 1 month ago) by yamt
Branches: yamt-splraiseipl
Diff to: previous 1.23: preferred, colored
Changes since revision 1.23: +36 -28 lines
sync with head

Revision 1.27: download - view: text, markup, annotated - select for diffs
Thu Oct 12 19:59:08 2006 UTC (18 years, 1 month ago) by peter
Branches: MAIN
CVS tags: yamt-splraiseipl-base2
Diff to: previous 1.26: preferred, colored
Changes since revision 1.26: +10 -10 lines
Merge the peter-altq branch.

(sync with KAME & add support for using ALTQ with pf(4)).

Revision 1.26: download - view: text, markup, annotated - select for diffs
Thu Oct 12 01:32:10 2006 UTC (18 years, 1 month ago) by christos
Branches: MAIN
Diff to: previous 1.25: preferred, colored
Changes since revision 1.25: +18 -15 lines
- sprinkle __unused on function decls.
- fix a couple of unused bugs
- no more -Wno-unused for i386

Revision 1.25: download - view: text, markup, annotated - select for diffs
Sat Oct 7 21:45:49 2006 UTC (18 years, 1 month ago) by peter
Branches: MAIN
Diff to: previous 1.24: preferred, colored
Changes since revision 1.24: +19 -14 lines
PR/34746: Nino Dehne: pf(4)'s synproxy state breaks when used with tags

Apply OpenBSD src/sys/net/pf.c rev 1.486 and 1.487:

1.486:
When synproxy sends packets to the destination host, make sure to copy
the 'tag' from the original state entry into the outgoing mbuf.

1.487:
When synproxy completes the replayed handshake and modifies the state
into a normal one, it sets both peers' sequence windows. Fix a bug where
the previously advertised windows are applied to the wrong side (i.e.
peer A's seqhi is peer A's seqlo plus peer B's, not A's, window). This
went undetected because mostly the windows are similar and/or re-
advertised soon. But there are (rare) cases where a synproxy'd connection
would stall right after handshake. Found by Gleb Smirnoff.

Revision 1.24: download - view: text, markup, annotated - select for diffs
Sun Oct 1 12:52:24 2006 UTC (18 years, 2 months ago) by pavel
Branches: MAIN
Diff to: previous 1.23: preferred, colored
Changes since revision 1.23: +9 -9 lines
In pf, there are lots of #ifdef ALTQ, but our ALTQ is not what pf expects,
and if ALTQ and pf are both enabled, it leads to compile errors. So,
change all tests for ALTQ to ALTQ_NEW, which won't be defined.

This allows simultaneous compilation of pf and ALTQ and is a temporary
measure before the peter-altq brach is merged.

Tested and approved by Peter Postma.

Revision 1.19.4.1: download - view: text, markup, annotated - select for diffs
Sat Sep 9 02:56:56 2006 UTC (18 years, 2 months ago) by rpaulo
Branches: rpaulo-netinet-merge-pcb
Diff to: previous 1.19: preferred, colored; next MAIN 1.20: preferred, colored
Changes since revision 1.19: +14 -13 lines
sync with head

Revision 1.17.2.1: download - view: text, markup, annotated - select for diffs
Wed Jun 21 15:09:23 2006 UTC (18 years, 5 months ago) by yamt
Branches: yamt-lazymbuf
Diff to: previous 1.17: preferred, colored
Changes since revision 1.17: +16 -15 lines
sync with head.

Revision 1.19.6.2: download - view: text, markup, annotated - select for diffs
Thu Jun 1 22:37:51 2006 UTC (18 years, 6 months ago) by kardel
Branches: simonb-timecounters
CVS tags: simonb-timcounters-final
Diff to: previous 1.19.6.1: preferred, colored; next MAIN 1.20: preferred, colored
Changes since revision 1.19.6.1: +7 -5 lines
Sync with head.

Revision 1.21.6.2: download - view: text, markup, annotated - select for diffs
Wed May 24 15:50:33 2006 UTC (18 years, 6 months ago) by tron
Branches: peter-altq
Diff to: previous 1.21.6.1: preferred, colored; branchpoint 1.21: preferred, colored; next MAIN 1.22: preferred, colored
Changes since revision 1.21.6.1: +7 -5 lines
Merge 2006-05-24 NetBSD-current into the "peter-altq" branch.

Revision 1.21.2.1: download - view: text, markup, annotated - select for diffs
Wed May 24 10:58:35 2006 UTC (18 years, 6 months ago) by yamt
Branches: yamt-pdpolicy
Diff to: previous 1.21: preferred, colored; next MAIN 1.22: preferred, colored
Changes since revision 1.21: +7 -5 lines
sync with head.

Revision 1.23: download - view: text, markup, annotated - select for diffs
Sun May 14 03:40:02 2006 UTC (18 years, 6 months ago) by christos
Branches: MAIN
CVS tags: yamt-splraiseipl-base, yamt-pdpolicy-base9, yamt-pdpolicy-base8, yamt-pdpolicy-base7, yamt-pdpolicy-base6, yamt-pdpolicy-base5, simonb-timecounters-base, rpaulo-netinet-merge-pcb-base, gdamore-uart-base, gdamore-uart, chap-midi-nbase, chap-midi-base, chap-midi, abandoned-netbsd-4-base, abandoned-netbsd-4
Branch point for: yamt-splraiseipl, newlock2
Diff to: previous 1.22: preferred, colored
Changes since revision 1.22: +5 -5 lines
XXX: GCC uninitialized

Revision 1.21.4.1: download - view: text, markup, annotated - select for diffs
Thu May 11 23:30:14 2006 UTC (18 years, 6 months ago) by elad
Branches: elad-kernelauth
Diff to: previous 1.21: preferred, colored; next MAIN 1.22: preferred, colored
Changes since revision 1.21: +3 -1 lines
sync with head

Revision 1.22: download - view: text, markup, annotated - select for diffs
Thu May 11 01:08:38 2006 UTC (18 years, 6 months ago) by mrg
Branches: MAIN
CVS tags: elad-kernelauth-base
Diff to: previous 1.21: preferred, colored
Changes since revision 1.21: +3 -1 lines
quell GCC 4.1 uninitialised variable warnings.

XXX: we should audit the tree for which old ones are no longer needed
after getting the older compilers out of the tree..

Revision 1.19.6.1: download - view: text, markup, annotated - select for diffs
Sat Apr 22 11:39:55 2006 UTC (18 years, 7 months ago) by simonb
Branches: simonb-timecounters
Diff to: previous 1.19: preferred, colored
Changes since revision 1.19: +8 -9 lines
Sync with head.

Revision 1.21.6.1: download - view: text, markup, annotated - select for diffs
Sat Mar 18 14:07:27 2006 UTC (18 years, 8 months ago) by peter
Branches: peter-altq
Diff to: previous 1.21: preferred, colored
Changes since revision 1.21: +2 -2 lines
Fix a GCC warning.

Revision 1.19.2.2: download - view: text, markup, annotated - select for diffs
Wed Mar 1 09:28:41 2006 UTC (18 years, 9 months ago) by yamt
Branches: yamt-uio_vmspace
Diff to: previous 1.19.2.1: preferred, colored; next MAIN 1.20: preferred, colored
Changes since revision 1.19.2.1: +7 -8 lines
sync with head.

Revision 1.12.4.4: download - view: text, markup, annotated - select for diffs
Mon Feb 20 15:23:44 2006 UTC (18 years, 9 months ago) by tron
Branches: netbsd-3
CVS tags: netbsd-3-1-RELEASE, netbsd-3-1-RC4, netbsd-3-1-RC3, netbsd-3-1-RC2, netbsd-3-1-RC1, netbsd-3-1-1-RELEASE, netbsd-3-1
Diff to: previous 1.12.4.3: preferred, colored; branchpoint 1.12: preferred, colored; next MAIN 1.13: preferred, colored
Changes since revision 1.12.4.3: +7 -8 lines
Pull up following revision(s) (requested by peter in ticket #1177):
	sys/dist/pf/net/pf.c: revision 1.21
Fix TCP/UDP checksum handling as pointed out by Daniel Hartmeier in:
http://mail-index.netbsd.org/tech-net/2006/01/21/0000.html.
Problem reported and patch tested by der Mouse & Nino Dehne (PR/32874).

Revision 1.21: download - view: text, markup, annotated - select for diffs
Sun Feb 19 12:15:33 2006 UTC (18 years, 9 months ago) by peter
Branches: MAIN
CVS tags: yamt-uio_vmspace-base5, yamt-pdpolicy-base4, yamt-pdpolicy-base3, yamt-pdpolicy-base2, yamt-pdpolicy-base, peter-altq-base
Branch point for: yamt-pdpolicy, peter-altq, elad-kernelauth
Diff to: previous 1.20: preferred, colored
Changes since revision 1.20: +7 -8 lines
Fix TCP/UDP checksum handling as pointed out by Daniel Hartmeier in:
http://mail-index.netbsd.org/tech-net/2006/01/21/0000.html.

Problem reported and patch tested by der Mouse & Nino Dehne (PR/32874).

Revision 1.19.2.1: download - view: text, markup, annotated - select for diffs
Sat Feb 18 15:39:12 2006 UTC (18 years, 9 months ago) by yamt
Branches: yamt-uio_vmspace
Diff to: previous 1.19: preferred, colored
Changes since revision 1.19: +2 -2 lines
sync with head.

Revision 1.20: download - view: text, markup, annotated - select for diffs
Tue Feb 7 22:53:03 2006 UTC (18 years, 9 months ago) by rpaulo
Branches: MAIN
Diff to: previous 1.19: preferred, colored
Changes since revision 1.19: +2 -2 lines
In pf_socket_lookup() fix copy & paste problem when in6_pcblookup_bind()
returns NULL.

Revision 1.19: download - view: text, markup, annotated - select for diffs
Sun Dec 11 12:24:25 2005 UTC (18 years, 11 months ago) by christos
Branches: MAIN
Branch point for: yamt-uio_vmspace, simonb-timecounters, rpaulo-netinet-merge-pcb
Diff to: previous 1.18: preferred, colored
Changes since revision 1.18: +1 -1 lines
merge ktrace-lwp.

Revision 1.3.2.9: download - view: text, markup, annotated - select for diffs
Thu Nov 10 14:09:07 2005 UTC (19 years ago) by skrll
Branches: ktrace-lwp
Diff to: previous 1.3.2.8: preferred, colored; next MAIN 1.4: preferred, colored
Changes since revision 1.3.2.8: +486 -125 lines
Sync with HEAD. Here we go again...

Revision 1.17.4.1: download - view: text, markup, annotated - select for diffs
Wed Oct 26 08:32:45 2005 UTC (19 years, 1 month ago) by yamt
Branches: yamt-vop
Diff to: previous 1.17: preferred, colored; next MAIN 1.18: preferred, colored
Changes since revision 1.17: +3 -3 lines
sync with head

Revision 1.18: download - view: text, markup, annotated - select for diffs
Sun Oct 23 19:40:20 2005 UTC (19 years, 1 month ago) by christos
Branches: MAIN
CVS tags: yamt-vop-base3, yamt-vop-base2, yamt-readahead-pervnode, yamt-readahead-perfile, yamt-readahead-base3, yamt-readahead-base2, yamt-readahead-base, yamt-readahead, thorpej-vnode-attr-base, thorpej-vnode-attr, ktrace-lwp-base
Diff to: previous 1.17: preferred, colored
Changes since revision 1.17: +3 -3 lines
Adjust for icmp_error signature.

Revision 1.12.4.3: download - view: text, markup, annotated - select for diffs
Mon Aug 15 13:14:14 2005 UTC (19 years, 3 months ago) by tron
Branches: netbsd-3
CVS tags: netbsd-3-0-RELEASE, netbsd-3-0-RC6, netbsd-3-0-RC5, netbsd-3-0-RC4, netbsd-3-0-RC3, netbsd-3-0-RC2, netbsd-3-0-RC1, netbsd-3-0-3-RELEASE, netbsd-3-0-2-RELEASE, netbsd-3-0-1-RELEASE, netbsd-3-0
Diff to: previous 1.12.4.2: preferred, colored; branchpoint 1.12: preferred, colored
Changes since revision 1.12.4.2: +9 -5 lines
Pull up revision 1.16 (requested by peter in ticket #658):
Use an "XXXGCC -Wuninitalized" style that is consistent with that used
elsewhere in the tree.

Revision 1.12.4.2: download - view: text, markup, annotated - select for diffs
Mon Aug 15 13:07:04 2005 UTC (19 years, 3 months ago) by tron
Branches: netbsd-3
Diff to: previous 1.12.4.1: preferred, colored; branchpoint 1.12: preferred, colored
Changes since revision 1.12.4.1: +4 -3 lines
Pull up revision 1.15 (requested by peter in ticket #658):
Cleanup XXGCC in a few places to make it easier to see.

Revision 1.12.4.1: download - view: text, markup, annotated - select for diffs
Mon Aug 15 13:03:55 2005 UTC (19 years, 3 months ago) by tron
Branches: netbsd-3
Diff to: previous 1.12: preferred, colored
Changes since revision 1.12: +4 -4 lines
Pull up revision 1.14 (requested by peter in ticket #658):
Fix unitialized warnings that only crop up on m68k. XXGCC taggedd

Revision 1.17: download - view: text, markup, annotated - select for diffs
Fri Jul 1 12:37:34 2005 UTC (19 years, 5 months ago) by peter
Branches: MAIN
CVS tags: yamt-vop-base
Branch point for: yamt-vop, yamt-lazymbuf
Diff to: previous 1.16: preferred, colored
Changes since revision 1.16: +476 -120 lines
Resolve conflicts (pf from OpenBSD 3.7, kernel part).

Revision 1.1.1.3 (vendor branch): download - view: text, markup, annotated - select for diffs
Fri Jul 1 12:27:42 2005 UTC (19 years, 5 months ago) by peter
Branches: OPENBSD
CVS tags: v3_7
Diff to: previous 1.1.1.2: preferred, colored
Changes since revision 1.1.1.2: +483 -139 lines
Import pf from OpenBSD 3.7 (kernel part).

Revision 1.16: download - view: text, markup, annotated - select for diffs
Wed Jun 15 01:48:20 2005 UTC (19 years, 5 months ago) by lukem
Branches: MAIN
Diff to: previous 1.15: preferred, colored
Changes since revision 1.15: +9 -5 lines
Use an "XXXGCC -Wuninitalized" style that is consistent with that used
elsewhere in the tree.

Revision 1.15: download - view: text, markup, annotated - select for diffs
Tue Jun 14 21:20:30 2005 UTC (19 years, 5 months ago) by jmc
Branches: MAIN
Diff to: previous 1.14: preferred, colored
Changes since revision 1.14: +4 -3 lines
Cleanup XXGCC in a few places to make it easier to see.

Revision 1.14: download - view: text, markup, annotated - select for diffs
Mon Jun 13 20:33:53 2005 UTC (19 years, 5 months ago) by jmc
Branches: MAIN
Diff to: previous 1.13: preferred, colored
Changes since revision 1.13: +4 -4 lines
Fix unitialized warnings that only crop up on m68k. XXGCC taggedd

Revision 1.13: download - view: text, markup, annotated - select for diffs
Sat May 7 19:59:56 2005 UTC (19 years, 7 months ago) by christos
Branches: MAIN
Diff to: previous 1.12: preferred, colored
Changes since revision 1.12: +3 -3 lines
more fallout from so_uid -> so_uidinfo.

Revision 1.11.2.1: download - view: text, markup, annotated - select for diffs
Fri Apr 29 11:29:21 2005 UTC (19 years, 7 months ago) by kent
Branches: kent-audio2
Diff to: previous 1.11: preferred, colored; next MAIN 1.12: preferred, colored
Changes since revision 1.11: +5 -5 lines
sync with -current

Revision 1.11.4.1: download - view: text, markup, annotated - select for diffs
Sat Mar 19 08:36:06 2005 UTC (19 years, 8 months ago) by yamt
Branches: yamt-km
Diff to: previous 1.11: preferred, colored; next MAIN 1.12: preferred, colored
Changes since revision 1.11: +5 -5 lines
sync with head.  xen and whitespace.  xen part is not finished.

Revision 1.3.2.8: download - view: text, markup, annotated - select for diffs
Tue Feb 15 21:33:29 2005 UTC (19 years, 9 months ago) by skrll
Branches: ktrace-lwp
Diff to: previous 1.3.2.7: preferred, colored
Changes since revision 1.3.2.7: +4 -4 lines
Sync with HEAD.

Revision 1.12: download - view: text, markup, annotated - select for diffs
Mon Feb 14 21:27:26 2005 UTC (19 years, 9 months ago) by peter
Branches: MAIN
CVS tags: yamt-km-base4, yamt-km-base3, netbsd-3-base, kent-audio2-base
Branch point for: netbsd-3
Diff to: previous 1.11: preferred, colored
Changes since revision 1.11: +5 -5 lines
Merge in a fix from OPENBSD_3_6.
ok yamt@

> MFC:
> Fix by dhartmei@
>
> ICMP state entries use the ICMP ID as port for the unique state key. When
> checking for a usable key, construct the key in the same way. Otherwise,
> a colliding key might be missed or a state insertion might be refused even
> though it could be inserted. The second case triggers the endless loop
> fixed by 1.474, possibly allowing a NATed LAN client to lock up the kernel.
> Report and test data by Srebrenko Sehic.

Revision 1.3.2.7: download - view: text, markup, annotated - select for diffs
Mon Jan 17 19:32:11 2005 UTC (19 years, 10 months ago) by skrll
Branches: ktrace-lwp
Diff to: previous 1.3.2.6: preferred, colored
Changes since revision 1.3.2.6: +31 -5 lines
Sync with HEAD.

Revision 1.11: download - view: text, markup, annotated - select for diffs
Tue Dec 21 12:06:37 2004 UTC (19 years, 11 months ago) by peter
Branches: MAIN
CVS tags: yamt-km-base2, yamt-km-base, kent-audio1-beforemerge
Branch point for: yamt-km, kent-audio2
Diff to: previous 1.10: preferred, colored
Changes since revision 1.10: +8 -5 lines
Apply a patch from OPENBSD_3_6 branch (ok yamt).

MFC:
Fix by dhartmei@

IPv6 packets can contain headers (like options) before the TCP/UDP/ICMP6
header. pf finds the first TCP/UDP/ICMP6 header to filter by traversing
the header chain. In the case where headers are skipped, the protocol
checksum verification used the wrong length (included the skipped headers),
leading to incorrectly mismatching checksums. Such IPv6 packets with
headers were silently dropped. Reported by Bernhard Schmidt.

ok deraadt@ dhartmei@ mcbride@

Revision 1.10: download - view: text, markup, annotated - select for diffs
Tue Dec 21 12:05:34 2004 UTC (19 years, 11 months ago) by peter
Branches: MAIN
Diff to: previous 1.9: preferred, colored
Changes since revision 1.9: +4 -2 lines
Apply a patch from OPENBSD_3_6 branch (ok yamt).

MFC:
Fix by mcbride@

Initialise init_addr in pf_map_addr() in the PF_POOL_ROUNDROBIN,
prevents a possible endless loop in pf_get_sport() with 'static-port'

Reported by adm at celeritystorm dot com in FreeBSD PR74930, debugging
by dhartmei@

ok mcbride@ dhartmei@ deraadt@ henning@

Revision 1.9: download - view: text, markup, annotated - select for diffs
Tue Dec 21 05:55:23 2004 UTC (19 years, 11 months ago) by yamt
Branches: MAIN
Diff to: previous 1.8: preferred, colored
Changes since revision 1.8: +23 -2 lines
pf_check_proto_cksum: use {tcp,udp}_input_checksum so that we can:
- handle loopback checksum omission properly.
- profit from h/w checksum offloading.

Revision 1.3.2.6: download - view: text, markup, annotated - select for diffs
Sat Dec 18 09:32:35 2004 UTC (19 years, 11 months ago) by skrll
Branches: ktrace-lwp
Diff to: previous 1.3.2.5: preferred, colored
Changes since revision 1.3.2.5: +2 -2 lines
Sync with HEAD.

Revision 1.8: download - view: text, markup, annotated - select for diffs
Sun Dec 5 13:32:17 2004 UTC (20 years ago) by peter
Branches: MAIN
CVS tags: kent-audio1-base, kent-audio1
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +3 -3 lines
Apply a patch from OpenBSD 3.6 branch (ok yamt@).

MFC:
Fix by dhartmei@

fix a bug that leads to a crash when binat rules of the form
'binat from ... to ... -> (if)' are used, where the interface
is dynamic. reported by kos(at)bastard(dot)net, analyzed by
Pyun YongHyeon.

Revision 1.3.2.5: download - view: text, markup, annotated - select for diffs
Mon Nov 29 07:24:33 2004 UTC (20 years ago) by skrll
Branches: ktrace-lwp
Diff to: previous 1.3.2.4: preferred, colored
Changes since revision 1.3.2.4: +460 -311 lines
Sync with HEAD.

Revision 1.7: download - view: text, markup, annotated - select for diffs
Sun Nov 21 17:59:24 2004 UTC (20 years ago) by peter
Branches: MAIN
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +4 -4 lines
Apply a patch from the OPENBSD_3_6 branch, ok itojun.

MFC:
Fix by dhartmei@

The flag to re-filter pf-generated packets was set wrong by synproxy
for ACKs. It should filter the ACK replayed to the server, instead of
of the one to the client.

Revision 1.6: download - view: text, markup, annotated - select for diffs
Sun Nov 21 17:57:52 2004 UTC (20 years ago) by peter
Branches: MAIN
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +5 -12 lines
Apply a patch from the OPENBSD_3_6 branch, ok itojun.

MFC:
Fix by dhartmei@

For RST generated due to state mismatch during handshake, don't set
th_flags TH_ACK and leave th_ack 0, just like the RST generated by
the stack in this case. Fixes the Raptor workaround.

Revision 1.5: download - view: text, markup, annotated - select for diffs
Sun Nov 14 11:12:16 2004 UTC (20 years ago) by yamt
Branches: MAIN
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +457 -301 lines
resolve conflicts.  (pf from OpenBSD 3.6, kernel part)

Revision 1.1.1.2 (vendor branch): download - view: text, markup, annotated - select for diffs
Sun Nov 14 11:07:24 2004 UTC (20 years ago) by yamt
Branches: OPENBSD
CVS tags: v3_6
Diff to: previous 1.1.1.1: preferred, colored
Changes since revision 1.1.1.1: +440 -291 lines
import pf from OpenBSD 3.6. (kernel part)

Revision 1.3.2.4: download - view: text, markup, annotated - select for diffs
Tue Sep 21 13:34:43 2004 UTC (20 years, 2 months ago) by skrll
Branches: ktrace-lwp
Diff to: previous 1.3.2.3: preferred, colored
Changes since revision 1.3.2.3: +1 -1 lines
Fix the sync with head I botched.

Revision 1.3.2.3: download - view: text, markup, annotated - select for diffs
Sat Sep 18 14:52:37 2004 UTC (20 years, 2 months ago) by skrll
Branches: ktrace-lwp
Diff to: previous 1.3.2.2: preferred, colored
Changes since revision 1.3.2.2: +34 -38 lines
Sync with HEAD.

Revision 1.4: download - view: text, markup, annotated - select for diffs
Wed Sep 8 12:11:25 2004 UTC (20 years, 2 months ago) by yamt
Branches: MAIN
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +34 -38 lines
remove no longer needed caddr_t casts to reduce diffs from openbsd.

Revision 1.3.2.2: download - view: text, markup, annotated - select for diffs
Tue Aug 3 10:52:23 2004 UTC (20 years, 4 months ago) by skrll
Branches: ktrace-lwp
Diff to: previous 1.3.2.1: preferred, colored
Changes since revision 1.3.2.1: +5987 -0 lines
Sync with HEAD

Revision 1.3.2.1
Tue Jun 22 18:37:49 2004 UTC (20 years, 5 months ago) by skrll
Branches: ktrace-lwp
FILE REMOVED
Changes since revision 1.3: +0 -5987 lines
file pf.c was added on branch ktrace-lwp on 2004-08-03 10:52:23 +0000

Revision 1.3: download - view: text, markup, annotated - select for diffs
Tue Jun 22 18:37:49 2004 UTC (20 years, 5 months ago) by martin
Branches: MAIN
Branch point for: ktrace-lwp
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +3 -3 lines
Fix formatting for 64 bit archs. This fixes PR port-sparc64/26010.
While there, make it compile for non-INET6 aware kernels.

Revision 1.2: download - view: text, markup, annotated - select for diffs
Tue Jun 22 14:17:07 2004 UTC (20 years, 5 months ago) by itojun
Branches: MAIN
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +176 -43 lines
PF from openbsd 3.5.  missing features:
- pfsync (due to protocol # assignment issues)
- carp (not really a PF portion, but thought important to mention)
- PF and ALTQ are mutually-exclusive.  this will be sorted out when
  kjc@csl.sony.co.jp updates ALTQ and PF (and API inbetween)

reviewed by matt, christos, perry

torture-test is very welcomed.

Revision 1.1.1.1 (vendor branch): download - view: text, markup, annotated - select for diffs
Tue Jun 22 13:52:16 2004 UTC (20 years, 5 months ago) by itojun
Branches: OPENBSD
CVS tags: v3_5
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +0 -0 lines
PF from OpenBSD 3.5

Revision 1.1: download - view: text, markup, annotated - select for diffs
Tue Jun 22 13:52:16 2004 UTC (20 years, 5 months ago) by itojun
Branches: MAIN
Initial revision

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Log view options

CVSweb <webmaster@jp.NetBSD.org>