The NetBSD Project

CVS log for src/sys/netinet/tcp_input.c

[BACK] Up to [cvs.NetBSD.org] / src / sys / netinet

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.438 / (download) - annotate - [select for diffs], Fri Nov 4 09:01:53 2022 UTC (15 months, 3 weeks ago) by ozaki-r
Branch: MAIN
CVS Tags: thorpej-ifq-base, thorpej-ifq, thorpej-altq-separation-base, thorpej-altq-separation, netbsd-10-base, netbsd-10-0-RC4, netbsd-10-0-RC3, netbsd-10-0-RC2, netbsd-10-0-RC1, netbsd-10, HEAD
Changes since 1.437: +6 -6 lines
Diff to previous 1.437 (colored)

inpcb: rename functions to in6pcb_*

Revision 1.437 / (download) - annotate - [select for diffs], Fri Nov 4 09:00:58 2022 UTC (15 months, 3 weeks ago) by ozaki-r
Branch: MAIN
Changes since 1.436: +4 -4 lines
Diff to previous 1.436 (colored)

inpcb: rename functions to inpcb_*

Inspired by rmind-smpnet patches.

Revision 1.436 / (download) - annotate - [select for diffs], Fri Oct 28 05:25:36 2022 UTC (16 months ago) by ozaki-r
Branch: MAIN
Changes since 1.435: +6 -6 lines
Diff to previous 1.435 (colored)

inpcb: separate inpcb again to reduce the size of PCB for IPv4

The data size of PCB for IPv4 increased because of the merge of
struct in6pcb.  The change decreases the size to the original size by
separating struct inpcb (again).  struct in4pcb and in6pcb that embed
struct inpcb are introduced.

Even after the separation, users don't need to realize the separation
and only have to use some macros to access dedicated data.  For example,
inp->inp_laddr is now accessed through in4p_laddr(inp).

Revision 1.435 / (download) - annotate - [select for diffs], Fri Oct 28 05:18:39 2022 UTC (16 months ago) by ozaki-r
Branch: MAIN
Changes since 1.434: +27 -92 lines
Diff to previous 1.434 (colored)

inpcb: integrate data structures of PCB into one

Data structures of network protocol control blocks (PCBs), i.e.,
struct inpcb, in6pcb and inpcb_hdr, are not organized well.  Users of
the data structures have to handle them separately and thus the code
is cluttered and duplicated.

The commit integrates the data structures into one, struct inpcb.  As a
result, users of PCBs only have to handle just one data structure, so
the code becomes simple.

One drawback is that the data size of PCB for IPv4 increases by 40 bytes
(from 248 bytes to 288 bytes).

Revision 1.434 / (download) - annotate - [select for diffs], Tue Sep 20 07:19:14 2022 UTC (17 months, 1 week ago) by ozaki-r
Branch: MAIN
CVS Tags: bouyer-sunxi-drm-base, bouyer-sunxi-drm
Changes since 1.433: +4 -1186 lines
Diff to previous 1.433 (colored)

tcp: separate syn cache stuffs into tcp_syncache.[ch] files

No functional change.

Revision 1.433 / (download) - annotate - [select for diffs], Tue May 24 20:50:20 2022 UTC (21 months ago) by andvar
Branch: MAIN
Changes since 1.432: +3 -3 lines
Diff to previous 1.432 (colored)

fix various typos in comment, documentation and log messages.

Revision 1.432 / (download) - annotate - [select for diffs], Wed Mar 23 11:08:28 2022 UTC (23 months ago) by andvar
Branch: MAIN
Changes since 1.431: +3 -3 lines
Diff to previous 1.431 (colored)

fix few typos in comments, mainly s/paramenters/parameters/.

Revision 1.431 / (download) - annotate - [select for diffs], Mon Aug 9 19:57:58 2021 UTC (2 years, 6 months ago) by andvar
Branch: MAIN
Changes since 1.430: +3 -3 lines
Diff to previous 1.430 (colored)

fix typos in asymmetry, asymmetric(al), symmetrical.

Revision 1.430 / (download) - annotate - [select for diffs], Fri Aug 6 07:55:13 2021 UTC (2 years, 6 months ago) by andvar
Branch: MAIN
CVS Tags: thorpej-i2c-spi-conf2-base, thorpej-i2c-spi-conf2
Changes since 1.429: +6 -6 lines
Diff to previous 1.429 (colored)

fix various typos in comments.

Revision 1.428.4.1 / (download) - annotate - [select for diffs], Sun Aug 1 22:42:42 2021 UTC (2 years, 6 months ago) by thorpej
Branch: thorpej-i2c-spi-conf
Changes since 1.428: +3 -3 lines
Diff to previous 1.428 (colored) next main 1.429 (colored)

Sync with HEAD.

Revision 1.429 / (download) - annotate - [select for diffs], Sat Jul 31 20:29:37 2021 UTC (2 years, 6 months ago) by andvar
Branch: MAIN
CVS Tags: thorpej-i2c-spi-conf-base, thorpej-futex2-base, thorpej-futex2, thorpej-cfargs2-base, thorpej-cfargs2
Changes since 1.428: +3 -3 lines
Diff to previous 1.428 (colored)

s/threshhold/threshold

Revision 1.424.2.1 / (download) - annotate - [select for diffs], Sat Apr 3 22:29:01 2021 UTC (2 years, 10 months ago) by thorpej
Branch: thorpej-futex
Changes since 1.424: +7 -7 lines
Diff to previous 1.424 (colored) next main 1.425 (colored)

Sync with HEAD.

Revision 1.428 / (download) - annotate - [select for diffs], Mon Mar 8 18:17:27 2021 UTC (2 years, 11 months ago) by christos
Branch: MAIN
CVS Tags: thorpej-futex-base, thorpej-cfargs-base, thorpej-cfargs, cjep_sun2x-base1, cjep_sun2x-base, cjep_sun2x, cjep_staticlib_x-base1, cjep_staticlib_x-base, cjep_staticlib_x
Branch point for: thorpej-i2c-spi-conf
Changes since 1.427: +4 -4 lines
Diff to previous 1.427 (colored)

Remove the unused "addin" argument (it was always 0) and go back using
a random iss by default (instead of rfc1948)

Revision 1.427 / (download) - annotate - [select for diffs], Fri Feb 19 15:43:56 2021 UTC (3 years ago) by jakllsch
Branch: MAIN
Changes since 1.426: +5 -5 lines
Diff to previous 1.426 (colored)

it's spelled struct tcphdr, not struct tcp_hdr

Revision 1.426 / (download) - annotate - [select for diffs], Fri Feb 19 14:51:59 2021 UTC (3 years ago) by christos
Branch: MAIN
Changes since 1.425: +5 -5 lines
Diff to previous 1.425 (colored)

- Make ALIGNED_POINTER use __alignof(t) instead of sizeof(t). This is more
  correct because it works with non-primitive types and provides the ABI
  alignment for the type the compiler will use.
- Remove all the *_HDR_ALIGNMENT macros and asserts
- Replace POINTER_ALIGNED_P with ACCESSIBLE_POINTER which is identical to
  ALIGNED_POINTER, but returns that the pointer is always aligned if the
  CPU supports unaligned accesses.
[ as proposed in tech-kern ]

Revision 1.425 / (download) - annotate - [select for diffs], Sun Feb 14 20:58:35 2021 UTC (3 years ago) by christos
Branch: MAIN
Changes since 1.424: +5 -5 lines
Diff to previous 1.424 (colored)

- centralize header align and pullup into a single inline function
- use a single macro to align pointers and expose the alignment, instead
  of hard-coding 3 in 1/2 the macros.
- fix an issue in the ipv6 lt2p where it was aligning for ipv4 and pulling
  for ipv6.

Revision 1.424 / (download) - annotate - [select for diffs], Tue Sep 29 02:58:53 2020 UTC (3 years, 4 months ago) by msaitoh
Branch: MAIN
Branch point for: thorpej-futex
Changes since 1.423: +3 -3 lines
Diff to previous 1.423 (colored)

s/occurence/occurrence/

Revision 1.414.2.4 / (download) - annotate - [select for diffs], Sun Sep 13 12:18:16 2020 UTC (3 years, 5 months ago) by martin
Branch: netbsd-9
CVS Tags: netbsd-9-3-RELEASE, netbsd-9-2-RELEASE, netbsd-9-1-RELEASE
Changes since 1.414.2.3: +15 -3 lines
Diff to previous 1.414.2.3 (colored) to branchpoint 1.414 (colored) next main 1.415 (colored)

Pull up following revision(s) (requested by kardel in ticket #1081):

	sys/netinet/tcp_input.c: revision 1.420

PR/kern 55567
fix the data-only fast path. RCV.UP and SND.WL1 could be left behind
on long sequences of data only packets. pull them along to avoid relative
sequence wraps.
consistent with FreeBSD

addresses second failure mode of PR/kern 55567.
pullup to netbsd-8
pullup to netbsd-9

Revision 1.357.4.7 / (download) - annotate - [select for diffs], Sun Sep 13 12:16:34 2020 UTC (3 years, 5 months ago) by martin
Branch: netbsd-8
Changes since 1.357.4.6: +15 -3 lines
Diff to previous 1.357.4.6 (colored) to branchpoint 1.357 (colored) next main 1.358 (colored)

Pull up following revision(s) (requested by kardel in ticket #1604):

	sys/netinet/tcp_input.c: revision 1.420

PR/kern 55567
fix the data-only fast path. RCV.UP and SND.WL1 could be left behind
on long sequences of data only packets. pull them along to avoid relative
sequence wraps.
consistent with FreeBSD

addresses second failure mode of PR/kern 55567.
pullup to netbsd-8
pullup to netbsd-9

Revision 1.423 / (download) - annotate - [select for diffs], Sun Sep 13 11:47:12 2020 UTC (3 years, 5 months ago) by roy
Branch: MAIN
Changes since 1.422: +5 -5 lines
Diff to previous 1.422 (colored)

inet: Fix build without ARP

Revision 1.422 / (download) - annotate - [select for diffs], Fri Sep 11 15:16:00 2020 UTC (3 years, 5 months ago) by roy
Branch: MAIN
Changes since 1.421: +11 -2 lines
Diff to previous 1.421 (colored)

ARP: Use ND rather than our own.

This brings the benefit of Neighbour Unreachability Detection which is
something ARP sorely lacks.

The new timings mirror those of IPv6 and are adjustable via sysctl(8).
Unlike IPv6 ND, these are global and not per interface.

Revision 1.421 / (download) - annotate - [select for diffs], Fri Sep 11 15:08:25 2020 UTC (3 years, 5 months ago) by roy
Branch: MAIN
Changes since 1.420: +42 -20 lines
Diff to previous 1.420 (colored)

tcp_input: Adjust for ND changes

Revision 1.420 / (download) - annotate - [select for diffs], Fri Sep 11 09:08:47 2020 UTC (3 years, 5 months ago) by kardel
Branch: MAIN
Changes since 1.419: +15 -3 lines
Diff to previous 1.419 (colored)

PR/kern 55567

fix the data-only fast path. RCV.UP and SND.WL1 could be left behind
on long sequences of data only packets. pull them along to avoid relative
sequence wraps.

consistent with FreeBSD

addresses second failure mode of PR/kern 55567.

pullup to netbsd-8
pullup to netbsd-9

Revision 1.357.4.6 / (download) - annotate - [select for diffs], Thu Sep 3 13:40:41 2020 UTC (3 years, 5 months ago) by martin
Branch: netbsd-8
Changes since 1.357.4.5: +15 -2 lines
Diff to previous 1.357.4.5 (colored) to branchpoint 1.357 (colored)

Pull up following revision(s) (requested by kardel in ticket #1602):

	sys/netinet/tcp_input.c: revision 1.419

Fix fast path for uni directional transfers

pure ACK case:
drag snd_wl2 along so only newer
ACKs can update the window size.

also avoids the state where snd_wl2
is eventually larger than th_ack and thus
blocking the window update mechanism and
the connection gets stuck for a loooong
time in the zero sized send window state.

see PR/kern 55567

ok thorpej@, also found in FreeBSD

Revision 1.414.2.3 / (download) - annotate - [select for diffs], Thu Sep 3 13:38:29 2020 UTC (3 years, 5 months ago) by martin
Branch: netbsd-9
Changes since 1.414.2.2: +15 -2 lines
Diff to previous 1.414.2.2 (colored) to branchpoint 1.414 (colored)

Pull up following revision(s) (requested by kardel in ticket #1074):

	sys/netinet/tcp_input.c: revision 1.419

Fix fast path for uni directional transfers

pure ACK case:
drag snd_wl2 along so only newer
ACKs can update the window size.

also avoids the state where snd_wl2
is eventually larger than th_ack and thus
blocking the window update mechanism and
the connection gets stuck for a loooong
time in the zero sized send window state.

see PR/kern 55567

ok thorpej@, also found in FreeBSD

Revision 1.419 / (download) - annotate - [select for diffs], Wed Sep 2 15:08:46 2020 UTC (3 years, 5 months ago) by kardel
Branch: MAIN
Changes since 1.418: +15 -2 lines
Diff to previous 1.418 (colored)

Fix fast path for uni directional transfers
pure ACK case:

drag snd_wl2 along so only newer
ACKs can update the window size.
also avoids the state where snd_wl2
is eventually larger than th_ack and thus
blocking the window update mechanism and
the connection gets stuck for a loooong
time in the zero sized send window state.

see PR/kern 55567

ok thorpej@, also found in FreeBSD

Revision 1.357.4.5 / (download) - annotate - [select for diffs], Wed Jul 8 13:48:36 2020 UTC (3 years, 7 months ago) by martin
Branch: netbsd-8
Changes since 1.357.4.4: +10 -17 lines
Diff to previous 1.357.4.4 (colored) to branchpoint 1.357 (colored)

Apply patch, requested by christos in ticket #1566:

Deduplicate more code and avoid use of uninitialized variables.

Revision 1.357.4.4 / (download) - annotate - [select for diffs], Tue Jul 7 11:56:57 2020 UTC (3 years, 7 months ago) by martin
Branch: netbsd-8
Changes since 1.357.4.3: +21 -25 lines
Diff to previous 1.357.4.3 (colored) to branchpoint 1.357 (colored)

Pull up following revision(s) (requested by christos in ticket #1566):

	sys/netinet/tcp_input.c: revision 1.418 (via patch)

- always set both ip and ip6, otherwise a kernel assertion can be triggered
- move alignment early so that we do less work

Revision 1.414.2.2 / (download) - annotate - [select for diffs], Tue Jul 7 11:00:54 2020 UTC (3 years, 7 months ago) by martin
Branch: netbsd-9
Changes since 1.414.2.1: +19 -25 lines
Diff to previous 1.414.2.1 (colored) to branchpoint 1.414 (colored)

Pull up following revision(s) (requested by christos in ticket #985):

	sys/netinet/tcp_input.c: revision 1.418

- always set both ip and ip6, otherwise a kernel assertion can be triggered
- move alignment early so that we do less work

Revision 1.418 / (download) - annotate - [select for diffs], Mon Jul 6 18:49:12 2020 UTC (3 years, 7 months ago) by christos
Branch: MAIN
Changes since 1.417: +19 -25 lines
Diff to previous 1.417 (colored)

- always set both ip and ip6, otherwise a kernel assertion can be triggered
- move alignment early so that we do less work

Revision 1.408.2.2 / (download) - annotate - [select for diffs], Mon Apr 13 08:05:16 2020 UTC (3 years, 10 months ago) by martin
Branch: phil-wifi
Changes since 1.408.2.1: +9 -8 lines
Diff to previous 1.408.2.1 (colored) to branchpoint 1.408 (colored) next main 1.409 (colored)

Mostly merge changes from HEAD upto 20200411

Revision 1.417 / (download) - annotate - [select for diffs], Sat Nov 16 10:15:10 2019 UTC (4 years, 3 months ago) by maxv
Branch: MAIN
CVS Tags: phil-wifi-20200421, phil-wifi-20200411, phil-wifi-20200406, phil-wifi-20191119, is-mlppp-base, is-mlppp, bouyer-xenpvh-base2, bouyer-xenpvh-base1, bouyer-xenpvh-base, bouyer-xenpvh, ad-namecache-base3, ad-namecache-base2, ad-namecache-base1, ad-namecache-base, ad-namecache
Changes since 1.416: +5 -4 lines
Diff to previous 1.416 (colored)

Call rtcache_unref() only when the checks succeed, instead of relying on
another NULL check in rtcache_unref().

Because, in order to resolve the address of the second argument, we do a
dereference on 'tp', which is theoretically allowed to be NULL. The five
callers of nd6_hint() never pass a NULL argument however, so by luck the
actual NULL deref never happens.

Maybe the NULL check on 'tp' in should be replaced to a KASSERT ensuring
it isn't NULL, for clarity.

Reported by kUBSan.

Revision 1.416 / (download) - annotate - [select for diffs], Wed Sep 25 19:06:30 2019 UTC (4 years, 5 months ago) by jnemeth
Branch: MAIN
Changes since 1.415: +4 -4 lines
Diff to previous 1.415 (colored)

PR/54572 - Edgar Fu-- error in comment

Revision 1.414.2.1 / (download) - annotate - [select for diffs], Tue Sep 10 16:18:59 2019 UTC (4 years, 5 months ago) by martin
Branch: netbsd-9
CVS Tags: netbsd-9-0-RELEASE, netbsd-9-0-RC2, netbsd-9-0-RC1
Changes since 1.414: +4 -4 lines
Diff to previous 1.414 (colored)

Pull up following revision(s) (requested by maxv in ticket #193):

	sys/netinet/tcp_timer.h: revision 1.30
	sys/netinet/tcp_input.c: revision 1.415
	sys/netinet/tcp_usrreq.c: revision 1.225
	sys/netinet/tcp_subr.c: revision 1.283

Clamp tcp timer quantities to reasonable ranges.

Revision 1.415 / (download) - annotate - [select for diffs], Tue Aug 6 15:48:18 2019 UTC (4 years, 6 months ago) by riastradh
Branch: MAIN
Changes since 1.414: +4 -4 lines
Diff to previous 1.414 (colored)

Clamp tcp timer quantities to reasonable ranges.

Reported-by: syzbot+259675123340bf46a6de@syzkaller.appspotmail.com

Revision 1.408.2.1 / (download) - annotate - [select for diffs], Mon Jun 10 22:09:47 2019 UTC (4 years, 8 months ago) by christos
Branch: phil-wifi
Changes since 1.408: +27 -32 lines
Diff to previous 1.408 (colored)

Sync with HEAD

Revision 1.414 / (download) - annotate - [select for diffs], Sat Jun 1 15:18:42 2019 UTC (4 years, 8 months ago) by kamil
Branch: MAIN
CVS Tags: phil-wifi-20190609, netbsd-9-base
Branch point for: netbsd-9
Changes since 1.413: +5 -5 lines
Diff to previous 1.413 (colored)

Replace potentially misaligned pointer dereference + htonl() with be32dec()

Reported by kUBSan.

Revision 1.383.2.8 / (download) - annotate - [select for diffs], Mon Nov 26 01:52:51 2018 UTC (5 years, 3 months ago) by pgoyette
Branch: pgoyette-compat
CVS Tags: pgoyette-compat-merge-20190127
Changes since 1.383.2.7: +3 -3 lines
Diff to previous 1.383.2.7 (colored) to branchpoint 1.383 (colored) next main 1.384 (colored)

Sync with HEAD, resolve a couple of conflicts

Revision 1.413 / (download) - annotate - [select for diffs], Thu Nov 8 06:43:52 2018 UTC (5 years, 3 months ago) by msaitoh
Branch: MAIN
CVS Tags: pgoyette-compat-20190127, pgoyette-compat-20190118, pgoyette-compat-1226, pgoyette-compat-1126, isaki-audio2-base, isaki-audio2
Changes since 1.412: +3 -3 lines
Diff to previous 1.412 (colored)

"s/ an an / an /" in comment. No functional change.

Revision 1.383.2.7 / (download) - annotate - [select for diffs], Sun Sep 30 01:45:56 2018 UTC (5 years, 4 months ago) by pgoyette
Branch: pgoyette-compat
Changes since 1.383.2.6: +21 -26 lines
Diff to previous 1.383.2.6 (colored) to branchpoint 1.383 (colored)

Ssync with HEAD

Revision 1.412 / (download) - annotate - [select for diffs], Fri Sep 14 05:09:51 2018 UTC (5 years, 5 months ago) by maxv
Branch: MAIN
CVS Tags: pgoyette-compat-1020, pgoyette-compat-0930
Changes since 1.411: +4 -9 lines
Diff to previous 1.411 (colored)

Use non-variadic function pointer in protosw::pr_input.

Revision 1.411 / (download) - annotate - [select for diffs], Fri Sep 14 04:29:46 2018 UTC (5 years, 5 months ago) by maxv
Branch: MAIN
Changes since 1.410: +15 -15 lines
Diff to previous 1.410 (colored)

rename toff -> off

Revision 1.410 / (download) - annotate - [select for diffs], Fri Sep 14 04:25:16 2018 UTC (5 years, 5 months ago) by maxv
Branch: MAIN
Changes since 1.409: +12 -12 lines
Diff to previous 1.409 (colored)

rename off -> thlen

Revision 1.383.2.6 / (download) - annotate - [select for diffs], Thu Sep 6 06:56:45 2018 UTC (5 years, 5 months ago) by pgoyette
Branch: pgoyette-compat
Changes since 1.383.2.5: +4 -4 lines
Diff to previous 1.383.2.5 (colored) to branchpoint 1.383 (colored)

Sync with HEAD

Resolve a couple of conflicts (result of the uimin/uimax changes)

Revision 1.409 / (download) - annotate - [select for diffs], Mon Sep 3 16:29:36 2018 UTC (5 years, 5 months ago) by riastradh
Branch: MAIN
CVS Tags: pgoyette-compat-0906
Changes since 1.408: +4 -4 lines
Diff to previous 1.408 (colored)

Rename min/max -> uimin/uimax for better honesty.

These functions are defined on unsigned int.  The generic name
min/max should not silently truncate to 32 bits on 64-bit systems.
This is purely a name change -- no functional change intended.

HOWEVER!  Some subsystems have

	#define min(a, b)	((a) < (b) ? (a) : (b))
	#define max(a, b)	((a) > (b) ? (a) : (b))

even though our standard name for that is MIN/MAX.  Although these
may invite multiple evaluation bugs, these do _not_ cause integer
truncation.

To avoid `fixing' these cases, I first changed the name in libkern,
and then compile-tested every file where min/max occurred in order to
confirm that it failed -- and thus confirm that nothing shadowed
min/max -- before changing it.

I have left a handful of bootloaders that are too annoying to
compile-test, and some dead code:

cobalt ews4800mips hp300 hppa ia64 luna68k vax
acorn32/if_ie.c (not included in any kernels)
macppc/if_gm.c (superseded by gem(4))

It should be easy to fix the fallout once identified -- this way of
doing things fails safe, and the goal here, after all, is to _avoid_
silent integer truncations, not introduce them.

Maybe one day we can reintroduce min/max as type-generic things that
never silently truncate.  But we should avoid doing that for a while,
so that existing code has a chance to be detected by the compiler for
conversion to uimin/uimax without changing the semantics until we can
properly audit it all.  (Who knows, maybe in some cases integer
truncation is actually intended!)

Revision 1.383.2.5 / (download) - annotate - [select for diffs], Mon May 21 04:36:16 2018 UTC (5 years, 9 months ago) by pgoyette
Branch: pgoyette-compat
Changes since 1.383.2.4: +4 -6 lines
Diff to previous 1.383.2.4 (colored) to branchpoint 1.383 (colored)

Sync with HEAD

Revision 1.408 / (download) - annotate - [select for diffs], Fri May 18 18:58:51 2018 UTC (5 years, 9 months ago) by maxv
Branch: MAIN
CVS Tags: phil-wifi-base, pgoyette-compat-0728, pgoyette-compat-0625, pgoyette-compat-0521
Branch point for: phil-wifi
Changes since 1.407: +4 -5 lines
Diff to previous 1.407 (colored)

IP6_EXTHDR_GET -> M_REGION_GET, no functional change.

Revision 1.407 / (download) - annotate - [select for diffs], Thu May 3 07:13:48 2018 UTC (5 years, 9 months ago) by maxv
Branch: MAIN
Changes since 1.406: +2 -3 lines
Diff to previous 1.406 (colored)

Remove now unused tcpip.h includes. Some were already unused before.

Revision 1.383.2.4 / (download) - annotate - [select for diffs], Wed May 2 07:20:23 2018 UTC (5 years, 9 months ago) by pgoyette
Branch: pgoyette-compat
Changes since 1.383.2.3: +2 -3 lines
Diff to previous 1.383.2.3 (colored) to branchpoint 1.383 (colored)

Synch with HEAD

Revision 1.406 / (download) - annotate - [select for diffs], Sat Apr 28 13:26:57 2018 UTC (5 years, 10 months ago) by maxv
Branch: MAIN
CVS Tags: pgoyette-compat-0502
Changes since 1.405: +2 -3 lines
Diff to previous 1.405 (colored)

Remove unused ipsec_var.h includes.

Revision 1.383.2.3 / (download) - annotate - [select for diffs], Mon Apr 16 02:00:09 2018 UTC (5 years, 10 months ago) by pgoyette
Branch: pgoyette-compat
Changes since 1.383.2.2: +5 -13 lines
Diff to previous 1.383.2.2 (colored) to branchpoint 1.383 (colored)

Sync with HEAD, resolve some conflicts

Revision 1.405 / (download) - annotate - [select for diffs], Sun Apr 8 12:18:06 2018 UTC (5 years, 10 months ago) by maxv
Branch: MAIN
CVS Tags: pgoyette-compat-0422, pgoyette-compat-0415
Changes since 1.404: +5 -13 lines
Diff to previous 1.404 (colored)

Remove the ipre_mlast field and the TRAVERSE macro.

The goal was to store in ipre_mlast the last mbuf of the chain, so that
m_cat could be called on it. But it's not needed, since m_cat already
does the equivalent of TRAVERSE itself.

If it were needed, there would be a bug, since we don't call TRAVERSE on
ipre_mlast when creating a new reassembly entry.

Revision 1.383.2.2 / (download) - annotate - [select for diffs], Sat Apr 7 04:12:19 2018 UTC (5 years, 10 months ago) by pgoyette
Branch: pgoyette-compat
Changes since 1.383.2.1: +15 -30 lines
Diff to previous 1.383.2.1 (colored) to branchpoint 1.383 (colored)

Sync with HEAD.  77 conflicts resolved - all of them $NetBSD$

Revision 1.404 / (download) - annotate - [select for diffs], Tue Apr 3 09:03:59 2018 UTC (5 years, 10 months ago) by maxv
Branch: MAIN
CVS Tags: pgoyette-compat-0407
Changes since 1.403: +2 -25 lines
Diff to previous 1.403 (colored)

Remove ipsec_copy_policy and ipsec_copy_pcbpolicy. No functional change,
since we used only ipsec_copy_pcbpolicy, and it was a no-op.

Originally we were using ipsec_copy_policy to optimize the IPsec-PCB
cache: when an ACK was received in response to a SYN, we used to copy the
SP cached in the SYN's PCB into the ACK's PCB, so that
ipsec_getpolicybysock could use the cached SP instead of requerying it.

Then we switched to ipsec_copy_pcbpolicy which has always been a no-op. As
a result the SP cached in the SYN was/is not copied in the ACK, and the
first call to ipsec_getpolicybysock had to query the SP and cache it
itself. It's not totally clear to me why this change was made.

But it has been this way for years, and after a conversation with Ryota
Ozaki it turns out the optimization is not valid anymore due to
MP-ification, so it won't be re-enabled.

ok ozaki-r@

Revision 1.357.4.3 / (download) - annotate - [select for diffs], Fri Mar 30 11:17:19 2018 UTC (5 years, 11 months ago) by martin
Branch: netbsd-8
CVS Tags: netbsd-8-2-RELEASE, netbsd-8-1-RELEASE, netbsd-8-1-RC1, netbsd-8-0-RELEASE, netbsd-8-0-RC2, netbsd-8-0-RC1
Changes since 1.357.4.2: +5 -44 lines
Diff to previous 1.357.4.2 (colored) to branchpoint 1.357 (colored)

Pull up following revision(s) (requested by maxv in ticket #662):

	sys/netinet/tcp_input.c: revision 1.383 (via patch)

Revert rev1.183 (2003).

It was intended as an optimization, but it increases the attack surface:

the IPsec policy is not enforced on RST packets when the socket is in the
LISTEN state, and an (unauthenticated) attacker could jam the connection
between two IPsec hosts by sending RST packets between the client's SYN
and ACK packets.

Discussed with ozaki-r@.

Revision 1.403 / (download) - annotate - [select for diffs], Fri Mar 30 08:25:06 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.402: +12 -5 lines
Diff to previous 1.402 (colored)

Fix the log. mtod never returns NULL, so 'ip' is always non-NULL, and the
'ip6' branch is never taken. As a result we log garbage on IPv6 packets.

Use ip_v instead.

Revision 1.402 / (download) - annotate - [select for diffs], Fri Mar 30 07:11:40 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.401: +5 -4 lines
Diff to previous 1.401 (colored)

Use consttime_memequal instead of memcmp, to prevent side channels. This
functions returns 1 when the buffers are equal, contrary to memcmp, hence
the !.

Revision 1.383.2.1 / (download) - annotate - [select for diffs], Fri Mar 30 06:20:16 2018 UTC (5 years, 11 months ago) by pgoyette
Branch: pgoyette-compat
Changes since 1.383: +290 -373 lines
Diff to previous 1.383 (colored)

Resolve conflicts between branch and HEAD

Revision 1.401 / (download) - annotate - [select for diffs], Thu Mar 29 21:40:53 2018 UTC (5 years, 11 months ago) by rmind
Branch: MAIN
CVS Tags: pgoyette-compat-0330
Changes since 1.400: +3 -3 lines
Diff to previous 1.400 (colored)

tcp_urp_drop: fix a bug introduced in 1.390 rev (hi maxv@).

Revision 1.400 / (download) - annotate - [select for diffs], Thu Mar 29 18:54:48 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.399: +2 -32 lines
Diff to previous 1.399 (colored)

Remove TCPREASS_DEBUG. It was introduced 20 years ago when the reassembler
was being developed, but it's irrelevant today. Makes the code clearer.

Revision 1.399 / (download) - annotate - [select for diffs], Thu Mar 29 17:46:17 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.398: +48 -39 lines
Diff to previous 1.398 (colored)

Reorder/Fix comments to clarify.

Revision 1.398 / (download) - annotate - [select for diffs], Thu Mar 29 17:12:36 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.397: +5 -6 lines
Diff to previous 1.397 (colored)

Remove two more 'else' branches.

Revision 1.397 / (download) - annotate - [select for diffs], Thu Mar 29 17:09:00 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.396: +4 -2 lines
Diff to previous 1.396 (colored)

Fix memory leak, we may reallocate 'tcp_saveti' after 'findpcb'. It's not
a tragic bug, because it happens only on sockets with debug enabled.

Revision 1.396 / (download) - annotate - [select for diffs], Thu Mar 29 17:01:46 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.395: +3 -4 lines
Diff to previous 1.395 (colored)

Remove 'else', makes it clearer that we leave.

Revision 1.395 / (download) - annotate - [select for diffs], Thu Mar 29 16:59:38 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.394: +3 -2 lines
Diff to previous 1.394 (colored)

Clarify with KASSERT.

Revision 1.394 / (download) - annotate - [select for diffs], Thu Mar 29 16:54:59 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.393: +5 -6 lines
Diff to previous 1.393 (colored)

Simplify the computation:

	  m->m_pkthdr.len -  sizeof(struct tcphdr) - optlen - hlen
	= m->m_pkthdr.len - (sizeof(struct tcphdr) + optlen + hlen)
	= m->m_pkthdr.len - [tcp_len]
	= toff

Revision 1.393 / (download) - annotate - [select for diffs], Wed Mar 28 14:43:55 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.392: +18 -31 lines
Diff to previous 1.392 (colored)

Several changes in syn_cache_respond:

 * Replace idiotic diagnostic check by KASSERT. max_linkhdr+tlen<=MCLBYTES
   is a widespread assumption.

 * Improve initialization of 'tp'.

 * Put panics in dead branches.

 * Merge two switches.

Revision 1.392 / (download) - annotate - [select for diffs], Wed Mar 28 14:30:42 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.391: +2 -5 lines
Diff to previous 1.391 (colored)

Remove unused variable.

Revision 1.391 / (download) - annotate - [select for diffs], Wed Mar 28 14:22:16 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.390: +4 -6 lines
Diff to previous 1.390 (colored)

Remove two unused args from syn_cache_get().

Revision 1.390 / (download) - annotate - [select for diffs], Wed Mar 28 14:16:59 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.389: +19 -29 lines
Diff to previous 1.389 (colored)

Dedup: introduce tcp_urp_drop() and use it.

Revision 1.389 / (download) - annotate - [select for diffs], Wed Mar 28 13:50:14 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.388: +127 -119 lines
Diff to previous 1.388 (colored)

Minor changes: style, improve comments (and put them at the correct place),
use NULL for pointers, and add {}s to prevent confusion.

Revision 1.388 / (download) - annotate - [select for diffs], Fri Mar 23 09:30:55 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.387: +6 -45 lines
Diff to previous 1.387 (colored)

Remove #ifdef INET. Nobody is doing that in the kernel, and there are
even IPv4 places that are not covered here.

Revision 1.387 / (download) - annotate - [select for diffs], Fri Mar 23 08:57:40 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.386: +35 -31 lines
Diff to previous 1.386 (colored)

Improve a bit here and there. Replace bcopy by memcpy/memmove.

Revision 1.386 / (download) - annotate - [select for diffs], Thu Mar 22 21:19:28 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.385: +9 -9 lines
Diff to previous 1.385 (colored)

Don't pass a pointer to tcp_reass, otherwise it looks like it can modify
tlen while it doesn't.

Revision 1.385 / (download) - annotate - [select for diffs], Thu Mar 22 21:10:17 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.384: +29 -30 lines
Diff to previous 1.384 (colored)

Rearrange a bit. No real functional change.

Revision 1.384 / (download) - annotate - [select for diffs], Thu Mar 22 20:48:38 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.383: +5 -11 lines
Diff to previous 1.383 (colored)

Don't call tcp_input_checksum again, it was already called earlier, no
need to checksum twice.

Then call tcp_fields_to_host a bit earlier, so that we don't need to call
it in each branch.

Revision 1.383 / (download) - annotate - [select for diffs], Thu Mar 1 06:08:43 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
CVS Tags: pgoyette-compat-base, pgoyette-compat-0322, pgoyette-compat-0315
Branch point for: pgoyette-compat
Changes since 1.382: +5 -40 lines
Diff to previous 1.382 (colored)

Revert rev1.183 (2003).

It was intended as an optimization, but it increases the attack surface:
the IPsec policy is not enforced on RST packets when the socket is in the
LISTEN state, and an (unauthenticated) attacker could jam the connection
between two IPsec hosts by sending RST packets between the client's SYN
and ACK packets.

Discussed with ozaki-r@.

Revision 1.382 / (download) - annotate - [select for diffs], Wed Feb 28 11:23:24 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.381: +2 -3 lines
Diff to previous 1.381 (colored)

Remove unused ipsec_private.h includes.

Revision 1.381 / (download) - annotate - [select for diffs], Wed Feb 28 11:09:03 2018 UTC (5 years, 11 months ago) by maxv
Branch: MAIN
Changes since 1.380: +2 -7 lines
Diff to previous 1.380 (colored)

Remove duplicate IPSEC_STATINC(IPSEC_STAT_IN_POLVIO), ipsec_in_reject
already increases it. IPSEC6_STATINC is now unused, so remove it too.

Revision 1.380 / (download) - annotate - [select for diffs], Mon Feb 26 09:04:29 2018 UTC (6 years ago) by maxv
Branch: MAIN
Changes since 1.379: +7 -7 lines
Diff to previous 1.379 (colored)

Dedup: merge ipsec4_in_reject and ipsec6_in_reject into ipsec_in_reject.
While here fix misleading comment.

ok ozaki-r@

Revision 1.379 / (download) - annotate - [select for diffs], Mon Feb 12 08:22:26 2018 UTC (6 years ago) by maxv
Branch: MAIN
Changes since 1.378: +5 -9 lines
Diff to previous 1.378 (colored)

Remove unused argument from tcp_signature_getsav.

Revision 1.378 / (download) - annotate - [select for diffs], Mon Feb 12 08:13:08 2018 UTC (6 years ago) by maxv
Branch: MAIN
Changes since 1.377: +4 -2 lines
Diff to previous 1.377 (colored)

Add a KASSERT.

Revision 1.377 / (download) - annotate - [select for diffs], Mon Feb 12 08:08:28 2018 UTC (6 years ago) by maxv
Branch: MAIN
Changes since 1.376: +11 -11 lines
Diff to previous 1.376 (colored)

Remove the 'm' argument from syn_cache_respond(); all it does with it is
freeing it, so free in the caller instead.

Revision 1.376 / (download) - annotate - [select for diffs], Mon Feb 12 08:03:42 2018 UTC (6 years ago) by maxv
Branch: MAIN
Changes since 1.375: +4 -19 lines
Diff to previous 1.375 (colored)

Remove this multicast check. Multicast packets are already dropped at
the beginning of the function.

Revision 1.375 / (download) - annotate - [select for diffs], Fri Feb 9 14:06:17 2018 UTC (6 years ago) by maxv
Branch: MAIN
Changes since 1.374: +27 -36 lines
Diff to previous 1.374 (colored)

Style, and move the 'ip_srcroute' call after 'tcp_dooptions', otherwise
we're leaking 'ipopts'. (Harmless, since TCP_SIGNATURE is disabled.)

Revision 1.374 / (download) - annotate - [select for diffs], Thu Feb 8 20:50:00 2018 UTC (6 years ago) by maxv
Branch: MAIN
Changes since 1.373: +19 -22 lines
Diff to previous 1.373 (colored)

Style, rename a variable, and remove an unreachable case.

Revision 1.373 / (download) - annotate - [select for diffs], Thu Feb 8 20:41:36 2018 UTC (6 years ago) by maxv
Branch: MAIN
Changes since 1.372: +6 -17 lines
Diff to previous 1.372 (colored)

Move the IPv4 multicast check earlier; we want to kick multicast packets
all the time, and not just when they are SYNs.

The IPv6 multicast check is already done earlier, so this block of code
can be removed.

Revision 1.372 / (download) - annotate - [select for diffs], Thu Feb 8 20:19:30 2018 UTC (6 years ago) by maxv
Branch: MAIN
Changes since 1.371: +4 -19 lines
Diff to previous 1.371 (colored)

Remove the unused 'multicast' argument from tcp_vtw_input, and remove
the now-unused multicast detection code. It couldn't have been correct on
IPv6, since multicast packets are kicked at the beginning of the function.

Revision 1.371 / (download) - annotate - [select for diffs], Thu Feb 8 20:10:55 2018 UTC (6 years ago) by maxv
Branch: MAIN
Changes since 1.370: +2 -4 lines
Diff to previous 1.370 (colored)

Remove the default case, the beginning of the function already ensures
af == AF_INET || af == AF_INET6.

Revision 1.370 / (download) - annotate - [select for diffs], Thu Feb 8 20:06:21 2018 UTC (6 years ago) by maxv
Branch: MAIN
Changes since 1.369: +9 -14 lines
Diff to previous 1.369 (colored)

Dedup code.

Revision 1.369 / (download) - annotate - [select for diffs], Thu Feb 8 19:58:05 2018 UTC (6 years ago) by maxv
Branch: MAIN
Changes since 1.368: +2 -9 lines
Diff to previous 1.368 (colored)

Remove the IN6_IS_ADDR_V4MAPPED checks in the protocol functions. They
are useless, because the IPv6 entry point (ip6_input) already performs
them.

The checks were first added in the protocol functions:

	Wed Dec 22 04:03:02 1999 UTC (18 years, 1 month ago) by itojun

"drop IPv6 packets with v4 mapped address on src/dst.  they are illegal
and may be used to fool IPv6 implementations (by using ::ffff:127.0.0.1 as
source you may be able to pretend the packet is from local node)"

Shortly afterwards they were also added in the IPv6 entry point, but
where not removed from the protocol functions:

	Mon Jan 31 10:33:22 2000 UTC (18 years ago) by itojun

"be proactive about malicious packet on the wire.  we fear that v4 mapped
address to be used as a tool to hose security filters (like bypassing
"local host only" filter by using ::ffff:127.0.0.1)."

OpenBSD did the same a few months ago. FreeBSD has never had these checks.

Revision 1.368 / (download) - annotate - [select for diffs], Thu Feb 8 19:38:21 2018 UTC (6 years ago) by maxv
Branch: MAIN
Changes since 1.367: +46 -67 lines
Diff to previous 1.367 (colored)

Style, and remove outdated comments.

Revision 1.367 / (download) - annotate - [select for diffs], Thu Feb 8 19:25:48 2018 UTC (6 years ago) by maxv
Branch: MAIN
Changes since 1.366: +2 -6 lines
Diff to previous 1.366 (colored)

Remove this check, it is already done at the beginning of the function.

Revision 1.366 / (download) - annotate - [select for diffs], Thu Feb 8 18:58:59 2018 UTC (6 years ago) by maxv
Branch: MAIN
Changes since 1.365: +185 -186 lines
Diff to previous 1.365 (colored)

Reduce the indentation level of this huge block (without realigning yet,
for proofreadability). No functional change.

Revision 1.365 / (download) - annotate - [select for diffs], Thu Feb 8 18:55:11 2018 UTC (6 years ago) by maxv
Branch: MAIN
Changes since 1.364: +37 -36 lines
Diff to previous 1.364 (colored)

Move the SO_DEBUG block earlier, to reduce the indentation level.

Revision 1.364 / (download) - annotate - [select for diffs], Thu Feb 8 09:05:20 2018 UTC (6 years ago) by dholland
Branch: MAIN
Changes since 1.363: +3 -3 lines
Diff to previous 1.363 (colored)

Typos.

Revision 1.325.2.3 / (download) - annotate - [select for diffs], Sun Dec 3 11:39:04 2017 UTC (6 years, 2 months ago) by jdolecek
Branch: tls-maxphys
Changes since 1.325.2.2: +236 -211 lines
Diff to previous 1.325.2.2 (colored) to branchpoint 1.325 (colored) next main 1.326 (colored)

update from HEAD

Revision 1.363 / (download) - annotate - [select for diffs], Wed Nov 15 09:56:31 2017 UTC (6 years, 3 months ago) by ozaki-r
Branch: MAIN
CVS Tags: tls-maxphys-base-20171202
Changes since 1.362: +15 -13 lines
Diff to previous 1.362 (colored)

Convert SYN_CACHE_TIMER_ARM macro to static inline function (NFC)

Revision 1.362 / (download) - annotate - [select for diffs], Wed Nov 15 09:55:22 2017 UTC (6 years, 3 months ago) by ozaki-r
Branch: MAIN
Changes since 1.361: +5 -3 lines
Diff to previous 1.361 (colored)

Make syn_cache_timer static

Revision 1.361 / (download) - annotate - [select for diffs], Wed Nov 15 09:54:18 2017 UTC (6 years, 3 months ago) by ozaki-r
Branch: MAIN
Changes since 1.360: +9 -10 lines
Diff to previous 1.360 (colored)

Reduce return points (NFC)

Revision 1.357.4.2 / (download) - annotate - [select for diffs], Sat Oct 21 19:43:54 2017 UTC (6 years, 4 months ago) by snj
Branch: netbsd-8
CVS Tags: matt-nb8-mediatek-base, matt-nb8-mediatek
Changes since 1.357.4.1: +6 -6 lines
Diff to previous 1.357.4.1 (colored) to branchpoint 1.357 (colored)

Pull up following revision(s) (requested by ozaki-r in ticket #300):
	crypto/dist/ipsec-tools/src/setkey/parse.y: 1.19
	crypto/dist/ipsec-tools/src/setkey/token.l: 1.20
	distrib/sets/lists/tests/mi: 1.754, 1.757, 1.759
	doc/TODO.smpnet: 1.12-1.13
	sys/net/pfkeyv2.h: 1.32
	sys/net/raw_cb.c: 1.23-1.24, 1.28
	sys/net/raw_cb.h: 1.28
	sys/net/raw_usrreq.c: 1.57-1.58
	sys/net/rtsock.c: 1.228-1.229
	sys/netinet/in_proto.c: 1.125
	sys/netinet/ip_input.c: 1.359-1.361
	sys/netinet/tcp_input.c: 1.359-1.360
	sys/netinet/tcp_output.c: 1.197
	sys/netinet/tcp_var.h: 1.178
	sys/netinet6/icmp6.c: 1.213
	sys/netinet6/in6_proto.c: 1.119
	sys/netinet6/ip6_forward.c: 1.88
	sys/netinet6/ip6_input.c: 1.181-1.182
	sys/netinet6/ip6_output.c: 1.193
	sys/netinet6/ip6protosw.h: 1.26
	sys/netipsec/ipsec.c: 1.100-1.122
	sys/netipsec/ipsec.h: 1.51-1.61
	sys/netipsec/ipsec6.h: 1.18-1.20
	sys/netipsec/ipsec_input.c: 1.44-1.51
	sys/netipsec/ipsec_netbsd.c: 1.41-1.45
	sys/netipsec/ipsec_output.c: 1.49-1.64
	sys/netipsec/ipsec_private.h: 1.5
	sys/netipsec/key.c: 1.164-1.234
	sys/netipsec/key.h: 1.20-1.32
	sys/netipsec/key_debug.c: 1.18-1.21
	sys/netipsec/key_debug.h: 1.9
	sys/netipsec/keydb.h: 1.16-1.20
	sys/netipsec/keysock.c: 1.59-1.62
	sys/netipsec/keysock.h: 1.10
	sys/netipsec/xform.h: 1.9-1.12
	sys/netipsec/xform_ah.c: 1.55-1.74
	sys/netipsec/xform_esp.c: 1.56-1.72
	sys/netipsec/xform_ipcomp.c: 1.39-1.53
	sys/netipsec/xform_ipip.c: 1.50-1.54
	sys/netipsec/xform_tcp.c: 1.12-1.16
	sys/rump/librump/rumpkern/Makefile.rumpkern: 1.170
	sys/rump/librump/rumpnet/net_stub.c: 1.27
	sys/sys/protosw.h: 1.67-1.68
	tests/net/carp/t_basic.sh: 1.7
	tests/net/if_gif/t_gif.sh: 1.11
	tests/net/if_l2tp/t_l2tp.sh: 1.3
	tests/net/ipsec/Makefile: 1.7-1.9
	tests/net/ipsec/algorithms.sh: 1.5
	tests/net/ipsec/common.sh: 1.4-1.6
	tests/net/ipsec/t_ipsec_ah_keys.sh: 1.2
	tests/net/ipsec/t_ipsec_esp_keys.sh: 1.2
	tests/net/ipsec/t_ipsec_gif.sh: 1.6-1.7
	tests/net/ipsec/t_ipsec_l2tp.sh: 1.6-1.7
	tests/net/ipsec/t_ipsec_misc.sh: 1.8-1.18
	tests/net/ipsec/t_ipsec_sockopt.sh: 1.1-1.2
	tests/net/ipsec/t_ipsec_tcp.sh: 1.1-1.2
	tests/net/ipsec/t_ipsec_transport.sh: 1.5-1.6
	tests/net/ipsec/t_ipsec_tunnel.sh: 1.9
	tests/net/ipsec/t_ipsec_tunnel_ipcomp.sh: 1.1-1.2
	tests/net/ipsec/t_ipsec_tunnel_odd.sh: 1.3
	tests/net/mcast/t_mcast.sh: 1.6
	tests/net/net/t_ipaddress.sh: 1.11
	tests/net/net_common.sh: 1.20
	tests/net/npf/t_npf.sh: 1.3
	tests/net/route/t_flags.sh: 1.20
	tests/net/route/t_flags6.sh: 1.16
	usr.bin/netstat/fast_ipsec.c: 1.22
Do m_pullup before mtod

It may fix panicks of some tests on anita/sparc and anita/GuruPlug.
---
KNF
---
Enable DEBUG for babylon5
---
Apply C99-style struct initialization to xformsw
---
Tweak outputs of netstat -s for IPsec

- Get rid of "Fast"
- Use ipsec and ipsec6 for titles to clarify protocol
- Indent outputs of sub protocols

Original outputs were organized like this:

(Fast) IPsec:
IPsec ah:
IPsec esp:
IPsec ipip:
IPsec ipcomp:
(Fast) IPsec:
IPsec ah:
IPsec esp:
IPsec ipip:
IPsec ipcomp:

New outputs are organized like this:

ipsec:
	ah:
	esp:
	ipip:
	ipcomp:
ipsec6:
	ah:
	esp:
	ipip:
	ipcomp:
---
Add test cases for IPComp
---
Simplify IPSEC_OSTAT macro (NFC)
---
KNF; replace leading whitespaces with hard tabs
---
Introduce and use SADB_SASTATE_USABLE_P
---
KNF
---
Add update command for testing

Updating an SA (SADB_UPDATE) requires that a process issuing
SADB_UPDATE is the same as a process issued SADB_ADD (or SADB_GETSPI).
This means that update command must be used with add command in a
configuration of setkey. This usage is normally meaningless but
useful for testing (and debugging) purposes.
---
Add test cases for updating SA/SP

The tests require newly-added udpate command of setkey.
---
PR/52346: Frank Kardel: Fix checksumming for NAT-T
See XXX for improvements.
---
Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE

It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters
that have IPsec accelerators; a driver sets the mtag to a packet
when its device has already encrypted the packet.

Unfortunately no driver implements such offload features for long
years and seems unlikely to implement them soon. (Note that neither
FreeBSD nor Linux doesn't have such drivers.) Let's remove related
(unused) codes and simplify the IPsec code.
---
Fix usages of sadb_msg_errno
---
Avoid updating sav directly

On SADB_UPDATE a target sav was updated directly, which was unsafe.
Instead allocate another sav, copy variables of the old sav to
the new one and replace the old one with the new one.
---
Simplify; we can assume sav->tdb_xform cannot be NULL while it's valid
---
Rename key_alloc* functions (NFC)

We shouldn't use the term "alloc" for functions that just look up
data and actually don't allocate memory.
---
Use explicit_memset to surely zero-clear key_auth and key_enc
---
Make sure to clear keys on error paths of key_setsaval
---
Add missing KEY_FREESAV
---
Make sure a sav is inserted to a sah list after its initialization completes
---
Remove unnecessary zero-clearing codes from key_setsaval

key_setsaval is now used only for a newly-allocated sav. (It was
used to reset variables of an existing sav.)
---
Correct wrong assumption of sav->refcnt in key_delsah

A sav in a list is basically not to be sav->refcnt == 0. And also
KEY_FREESAV assumes sav->refcnt > 0.
---
Let key_getsavbyspi take a reference of a returning sav
---
Use time_mono_to_wall (NFC)
---
Separate sending message routine (NFC)
---
Simplify; remove unnecessary zero-clears

key_freesaval is used only when a target sav is being destroyed.
---
Omit NULL checks for sav->lft_c

sav->lft_c can be NULL only when initializing or destroying sav.
---
Omit unnecessary NULL checks for sav->sah
---
Omit unnecessary check of sav->state

key_allocsa_policy picks a sav of either MATURE or DYING so we
don't need to check its state again.
---
Simplify; omit unnecessary saidx passing

- ipsec_nextisr returns a saidx but no caller uses it
- key_checkrequest is passed a saidx but it can be gotton by
  another argument (isr)
---
Fix splx isn't called on some error paths
---
Fix header size calculation of esp where sav is NULL
---
Fix header size calculation of ah in the case sav is NULL

This fix was also needed for esp.
---
Pass sav directly to opencrypto callback

In a callback, use a passed sav as-is by default and look up a sav
only if the passed sav is dead.
---
Avoid examining freshness of sav on packet processing

If a sav list is sorted (by lft_c->sadb_lifetime_addtime) in advance,
we don't need to examine each sav and also don't need to delete one
on the fly and send up a message. Fortunately every sav lists are sorted
as we need.

Added key_validate_savlist validates that each sav list is surely sorted
(run only if DEBUG because it's not cheap).
---
Add test cases for SAs with different SPIs
---
Prepare to stop using isr->sav

isr is a shared resource and using isr->sav as a temporal storage
for each packet processing is racy. And also having a reference from
isr to sav makes the lifetime of sav non-deterministic; such a reference
is removed when a packet is processed and isr->sav is overwritten by
new one. Let's have a sav locally for each packet processing instead of
using shared isr->sav.

However this change doesn't stop using isr->sav yet because there are
some users of isr->sav. isr->sav will be removed after the users find
a way to not use isr->sav.
---
Fix wrong argument handling
---
fix printf format.
---
Don't validate sav lists of LARVAL or DEAD states

We don't sort the lists so the validation will always fail.

Fix PR kern/52405
---
Make sure to sort the list when changing the state by key_sa_chgstate
---
Rename key_allocsa_policy to key_lookup_sa_bysaidx
---
Separate test files
---
Calculate ah_max_authsize on initialization as well as esp_max_ivlen
---
Remove m_tag_find(PACKET_TAG_IPSEC_PENDING_TDB) because nobody sets the tag
---
Restore a comment removed in previous

The comment is valid for the below code.
---
Make tests more stable

sleep command seems to wait longer than expected on anita so
use polling to wait for a state change.
---
Add tests that explicitly delete SAs instead of waiting for expirations
---
Remove invalid M_AUTHIPDGM check on ESP isr->sav

M_AUTHIPDGM flag is set to a mbuf in ah_input_cb. An sav of ESP can
have AH authentication as sav->tdb_authalgxform. However, in that
case esp_input and esp_input_cb are used to do ESP decryption and
AH authentication and M_AUTHIPDGM never be set to a mbuf. So
checking M_AUTHIPDGM of a mbuf on isr->sav of ESP is meaningless.
---
Look up sav instead of relying on unstable sp->req->sav

This code is executed only in an error path so an additional lookup
doesn't matter.
---
Correct a comment
---
Don't release sav if calling crypto_dispatch again
---
Remove extra KEY_FREESAV from ipsec_process_done

It should be done by the caller.
---
Don't bother the case of crp->crp_buf == NULL in callbacks
---
Hold a reference to an SP during opencrypto processing

An SP has a list of isr (ipsecrequest) that represents a sequence
of IPsec encryption/authentication processing. One isr corresponds
to one opencrypto processing. The lifetime of an isr follows its SP.

We pass an isr to a callback function of opencrypto to continue
to a next encryption/authentication processing. However nobody
guaranteed that the isr wasn't freed, i.e., its SP wasn't destroyed.

In order to avoid such unexpected destruction of isr, hold a reference
to its SP during opencrypto processing.
---
Don't make SAs expired on tests that delete SAs explicitly
---
Fix a debug message
---
Dedup error paths (NFC)
---
Use pool to allocate tdb_crypto

For ESP and AH, we need to allocate an extra variable space in addition
to struct tdb_crypto. The fixed size of pool items may be larger than
an actual requisite size of a buffer, but still the performance
improvement by replacing malloc with pool wins.
---
Don't use unstable isr->sav for header size calculations

We may need to optimize to not look up sav here for users that
don't need to know an exact size of headers (e.g., TCP segmemt size
caclulation).
---
Don't use sp->req->sav when handling NAT-T ESP fragmentation

In order to do this we need to look up a sav however an additional
look-up degrades performance. A sav is later looked up in
ipsec4_process_packet so delay the fragmentation check until then
to avoid an extra look-up.
---
Don't use key_lookup_sp that depends on unstable sp->req->sav

It provided a fast look-up of SP. We will provide an alternative
method in the future (after basic MP-ification finishes).
---
Stop setting isr->sav on looking up sav in key_checkrequest
---
Remove ipsecrequest#sav
---
Stop setting mtag of PACKET_TAG_IPSEC_IN_DONE because there is no users anymore
---
Skip ipsec_spi_*_*_preferred_new_timeout when running on qemu

Probably due to PR 43997
---
Add localcount to rump kernels
---
Remove unused macro
---
Fix key_getcomb_setlifetime

The fix adjusts a soft limit to be 80% of a corresponding hard limit.

I'm not sure the fix is really correct though, at least the original
code is wrong. A passed comb is zero-cleared before calling
key_getcomb_setlifetime, so
  comb->sadb_comb_soft_addtime = comb->sadb_comb_soft_addtime * 80 / 100;
is meaningless.
---
Provide and apply key_sp_refcnt (NFC)

It simplifies further changes.
---
Fix indentation

Pointed out by knakahara@
---
Use pslist(9) for sptree
---
Don't acquire global locks for IPsec if NET_MPSAFE

Note that the change is just to make testing easy and IPsec isn't MP-safe yet.
---
Let PF_KEY socks hold their own lock instead of softnet_lock

Operations on SAD and SPD are executed via PF_KEY socks. The operations
include deletions of SAs and SPs that will use synchronization mechanisms
such as pserialize_perform to wait for references to SAs and SPs to be
released. It is known that using such mechanisms with holding softnet_lock
causes a dead lock. We should avoid the situation.
---
Make IPsec SPD MP-safe

We use localcount(9), not psref(9), to make the sptree and secpolicy (SP)
entries MP-safe because SPs need to be referenced over opencrypto
processing that executes a callback in a different context.

SPs on sockets aren't managed by the sptree and can be destroyed in softint.
localcount_drain cannot be used in softint so we delay the destruction of
such SPs to a thread context. To do so, a list to manage such SPs is added
(key_socksplist) and key_timehandler_spd deletes dead SPs in the list.

For more details please read the locking notes in key.c.

Proposed on tech-kern@ and tech-net@
---
Fix updating ipsec_used

- key_update_used wasn't called in key_api_spddelete2 and key_api_spdflush
- key_update_used wasn't called if an SP had been added/deleted but
  a reply to userland failed
---
Fix updating ipsec_used; turn on when SPs on sockets are added
---
Add missing IPsec policy checks to icmp6_rip6_input

icmp6_rip6_input is quite similar to rip6_input and the same checks exist
in rip6_input.
---
Add test cases for setsockopt(IP_IPSEC_POLICY)
---
Don't use KEY_NEWSP for dummy SP entries

By the change KEY_NEWSP is now not called from softint anymore
and we can use kmem_zalloc with KM_SLEEP for KEY_NEWSP.
---
Comment out unused functions
---
Add test cases that there are SPs but no relevant SAs
---
Don't allow sav->lft_c to be NULL

lft_c of an sav that was created by SADB_GETSPI could be NULL.
---
Clean up clunky eval strings

- Remove unnecessary \ at EOL
  - This allows to omit ; too
- Remove unnecessary quotes for arguments of atf_set
- Don't expand $DEBUG in eval
  - We expect it's expanded on execution

Suggested by kre@
---
Remove unnecessary KEY_FREESAV in an error path

sav should be freed (unreferenced) by the caller.
---
Use pslist(9) for sahtree
---
Use pslist(9) for sah->savtree
---
Rename local variable newsah to sah

It may not be new.
---
MP-ify SAD slightly

- Introduce key_sa_mtx and use it for some list operations
- Use pserialize for some list iterations
---
Introduce KEY_SA_UNREF and replace KEY_FREESAV with it where sav will never be actually freed in the future

KEY_SA_UNREF is still key_freesav so no functional change for now.

This change reduces diff of further changes.
---
Remove out-of-date log output

Pointed out by riastradh@
---
Use KDASSERT instead of KASSERT for mutex_ownable

Because mutex_ownable is too heavy to run in a fast path
even for DIAGNOSTIC + LOCKDEBUG.

Suggested by riastradh@
---
Assemble global lists and related locks into cache lines (NFCI)

Also rename variable names from *tree to *list because they are
just lists, not trees.

Suggested by riastradh@
---
Move locking notes
---
Update the locking notes

- Add locking order
- Add locking notes for misc lists such as reglist
- Mention pserialize, key_sp_ref and key_sp_unref on SP operations

Requested by riastradh@
---
Describe constraints of key_sp_ref and key_sp_unref

Requested by riastradh@
---
Hold key_sad.lock on SAVLIST_WRITER_INSERT_TAIL
---
Add __read_mostly to key_psz

Suggested by riastradh@
---
Tweak wording (pserialize critical section => pserialize read section)

Suggested by riastradh@
---
Add missing mutex_exit
---
Fix setkey -D -P outputs

The outputs were tweaked (by me), but I forgot updating libipsec
in my local ATF environment...
---
MP-ify SAD (key_sad.sahlist and sah entries)

localcount(9) is used to protect key_sad.sahlist and sah entries
as well as SPD (and will be used for SAD sav).

Please read the locking notes of SAD for more details.
---
Introduce key_sa_refcnt and replace sav->refcnt with it (NFC)
---
Destroy sav only in the loop for DEAD sav
---
Fix KASSERT(solocked(sb->sb_so)) failure in sbappendaddr that is called eventually from key_sendup_mbuf

If key_sendup_mbuf isn't passed a socket, the assertion fails.
Originally in this case sb->sb_so was softnet_lock and callers
held softnet_lock so the assertion was magically satisfied.
Now sb->sb_so is key_so_mtx and also softnet_lock isn't always
held by callers so the assertion can fail.

Fix it by holding key_so_mtx if key_sendup_mbuf isn't passed a socket.

Reported by knakahara@
Tested by knakahara@ and ozaki-r@
---
Fix locking notes of SAD
---
Fix deadlock between key_sendup_mbuf called from key_acquire and localcount_drain

If we call key_sendup_mbuf from key_acquire that is called on packet
processing, a deadlock can happen like this:
- At key_acquire, a reference to an SP (and an SA) is held
- key_sendup_mbuf will try to take key_so_mtx
- Some other thread may try to localcount_drain to the SP with
  holding key_so_mtx in say key_api_spdflush
- In this case localcount_drain never return because key_sendup_mbuf
  that has stuck on key_so_mtx never release a reference to the SP

Fix the deadlock by deferring key_sendup_mbuf to the timer
(key_timehandler).
---
Fix that prev isn't cleared on retry
---
Limit the number of mbufs queued for deferred key_sendup_mbuf

It's easy to be queued hundreds of mbufs on the list under heavy
network load.
---
MP-ify SAD (savlist)

localcount(9) is used to protect savlist of sah. The basic design is
similar to MP-ifications of SPD and SAD sahlist. Please read the
locking notes of SAD for more details.
---
Simplify ipsec_reinject_ipstack (NFC)
---
Add per-CPU rtcache to ipsec_reinject_ipstack

It reduces route lookups and also reduces rtcache lock contentions
when NET_MPSAFE is enabled.
---
Use pool_cache(9) instead of pool(9) for tdb_crypto objects

The change improves network throughput especially on multi-core systems.
---
Update

ipsec(4), opencrypto(9) and vlan(4) are now MP-safe.
---
Write known issues on scalability
---
Share a global dummy SP between PCBs

It's never be changed so it can be pre-allocated and shared safely between PCBs.
---
Fix race condition on the rawcb list shared by rtsock and keysock

keysock now protects itself by its own mutex, which means that
the rawcb list is protected by two different mutexes (keysock's one
and softnet_lock for rtsock), of course it's useless.

Fix the situation by having a discrete rawcb list for each.
---
Use a dedicated mutex for rt_rawcb instead of softnet_lock if NET_MPSAFE
---
fix localcount leak in sav. fixed by ozaki-r@n.o.

I commit on behalf of him.
---
remove unnecessary comment.
---
Fix deadlock between pserialize_perform and localcount_drain

A typical ussage of localcount_drain looks like this:

  mutex_enter(&mtx);
  item = remove_from_list();
  pserialize_perform(psz);
  localcount_drain(&item->localcount, &cv, &mtx);
  mutex_exit(&mtx);

This sequence can cause a deadlock which happens for example on the following
situation:

- Thread A calls localcount_drain which calls xc_broadcast after releasing
  a specified mutex
- Thread B enters the sequence and calls pserialize_perform with holding
  the mutex while pserialize_perform also calls xc_broadcast
- Thread C (xc_thread) that calls an xcall callback of localcount_drain tries
  to hold the mutex

xc_broadcast of thread B doesn't start until xc_broadcast of thread A
finishes, which is a feature of xcall(9). This means that pserialize_perform
never complete until xc_broadcast of thread A finishes. On the other hand,
thread C that is a callee of xc_broadcast of thread A sticks on the mutex.
Finally the threads block each other (A blocks B, B blocks C and C blocks A).

A possible fix is to serialize executions of the above sequence by another
mutex, but adding another mutex makes the code complex, so fix the deadlock
by another way; the fix is to release the mutex before pserialize_perform
and instead use a condvar to prevent pserialize_perform from being called
simultaneously.

Note that the deadlock has happened only if NET_MPSAFE is enabled.
---
Add missing ifdef NET_MPSAFE
---
Take softnet_lock on pr_input properly if NET_MPSAFE

Currently softnet_lock is taken unnecessarily in some cases, e.g.,
icmp_input and encap4_input from ip_input, or not taken even if needed,
e.g., udp_input and tcp_input from ipsec4_common_input_cb. Fix them.

NFC if NET_MPSAFE is disabled (default).
---
- sanitize key debugging so that we don't print extra newlines or unassociated
  debugging messages.
- remove unused functions and make internal ones static
- print information in one line per message
---
humanize printing of ip addresses
---
cast reduction, NFC.
---
Fix typo in comment
---
Pull out ipsec_fill_saidx_bymbuf (NFC)
---
Don't abuse key_checkrequest just for looking up sav

It does more than expected for example key_acquire.
---
Fix SP is broken on transport mode

isr->saidx was modified accidentally in ipsec_nextisr.

Reported by christos@
Helped investigations by christos@ and knakahara@
---
Constify isr at many places (NFC)
---
Include socketvar.h for softnet_lock
---
Fix buffer length for ipsec_logsastr

Revision 1.334.4.8 / (download) - annotate - [select for diffs], Mon Aug 28 17:53:12 2017 UTC (6 years, 6 months ago) by skrll
Branch: nick-nhusb
Changes since 1.334.4.7: +25 -25 lines
Diff to previous 1.334.4.7 (colored) to branchpoint 1.334 (colored) next main 1.335 (colored)

Sync with HEAD

Revision 1.360 / (download) - annotate - [select for diffs], Thu Aug 3 06:32:51 2017 UTC (6 years, 6 months ago) by ozaki-r
Branch: MAIN
CVS Tags: nick-nhusb-base-20170825
Changes since 1.359: +5 -5 lines
Diff to previous 1.359 (colored)

Introduce KEY_SA_UNREF and replace KEY_FREESAV with it where sav will never be actually freed in the future

KEY_SA_UNREF is still key_freesav so no functional change for now.

This change reduces diff of further changes.

Revision 1.359 / (download) - annotate - [select for diffs], Fri Jul 7 01:37:34 2017 UTC (6 years, 7 months ago) by ozaki-r
Branch: MAIN
CVS Tags: perseant-stdc-iso10646-base, perseant-stdc-iso10646
Changes since 1.358: +3 -3 lines
Diff to previous 1.358 (colored)

Rename key_alloc* functions (NFC)

We shouldn't use the term "alloc" for functions that just look up
data and actually don't allocate memory.

Revision 1.357.4.1 / (download) - annotate - [select for diffs], Wed Jun 21 18:14:34 2017 UTC (6 years, 8 months ago) by snj
Branch: netbsd-8
Changes since 1.357: +9 -3 lines
Diff to previous 1.357 (colored)

Pull up following revision(s) (requested by ozaki-r in ticket #51):
	sys/netinet/tcp_input.c: revision 1.358
	tests/net/ipsec/t_ipsec_misc.sh: revision 1.7
Fix KASSERT in tcp_input
inp can be NULL when receiving an IPv4 packet on an IPv4-mapped IPv6
address. In that case KASSERT(sotoinpcb(so) == inp) always fails.
Should fix PR kern/52304 (at least it fixes the same panic as the
report)
--
Add test cases of TCP/IPsec on an IPv4-mapped IPv6 address
It reproduces the same panic reported in PR kern/52304
(but not sure that its cause is also same).

Revision 1.358 / (download) - annotate - [select for diffs], Mon Jun 19 10:04:23 2017 UTC (6 years, 8 months ago) by ozaki-r
Branch: MAIN
Changes since 1.357: +9 -3 lines
Diff to previous 1.357 (colored)

Fix KASSERT in tcp_input

inp can be NULL when receiving an IPv4 packet on an IPv4-mapped IPv6
address. In that case KASSERT(sotoinpcb(so) == inp) always fails.

Should fix PR kern/52304 (at least it fixes the same panic as the
report)

Revision 1.347.2.3 / (download) - annotate - [select for diffs], Wed Apr 26 02:53:29 2017 UTC (6 years, 10 months ago) by pgoyette
Branch: pgoyette-localcount
Changes since 1.347.2.2: +9 -7 lines
Diff to previous 1.347.2.2 (colored) to branchpoint 1.347 (colored) next main 1.348 (colored)

Sync with HEAD

Revision 1.353.2.1 / (download) - annotate - [select for diffs], Fri Apr 21 16:54:06 2017 UTC (6 years, 10 months ago) by bouyer
Branch: bouyer-socketcan
Changes since 1.353: +15 -21 lines
Diff to previous 1.353 (colored) next main 1.354 (colored)

Sync with HEAD

Revision 1.357 / (download) - annotate - [select for diffs], Thu Apr 20 08:46:07 2017 UTC (6 years, 10 months ago) by ozaki-r
Branch: MAIN
CVS Tags: prg-localcount2-base3, prg-localcount2-base2, prg-localcount2-base1, prg-localcount2-base, prg-localcount2, pgoyette-localcount-20170426, netbsd-8-base, bouyer-socketcan-base1
Branch point for: netbsd-8
Changes since 1.356: +7 -5 lines
Diff to previous 1.356 (colored)

Remove unnecessary NULL checks for inp_socket and in6p_socket

They cannot be NULL except for programming errors.

Revision 1.356 / (download) - annotate - [select for diffs], Fri Mar 31 06:49:44 2017 UTC (6 years, 10 months ago) by ozaki-r
Branch: MAIN
CVS Tags: jdolecek-ncq-base, jdolecek-ncq
Changes since 1.355: +4 -4 lines
Diff to previous 1.355 (colored)

Don't use a single global variable to store source route information for multiple incoming packets

It's not MP-safe. So use a m_tag to store the information instead.

Pointed out by knakahara@
The fix is from OpenBSD (originally fixed in FreeBSD)

Revision 1.347.2.2 / (download) - annotate - [select for diffs], Mon Mar 20 06:57:51 2017 UTC (6 years, 11 months ago) by pgoyette
Branch: pgoyette-localcount
Changes since 1.347.2.1: +8 -16 lines
Diff to previous 1.347.2.1 (colored) to branchpoint 1.347 (colored)

Sync with HEAD

Revision 1.355 / (download) - annotate - [select for diffs], Fri Mar 3 07:13:06 2017 UTC (6 years, 11 months ago) by ozaki-r
Branch: MAIN
CVS Tags: pgoyette-localcount-20170320
Changes since 1.354: +6 -16 lines
Diff to previous 1.354 (colored)

Pass inpcb/in6pcb instead of socket to ip_output/ip6_output

- Passing a socket to Layer 3 is layer violation and even unnecessary
- The change makes codes of callers and IPsec a bit simple

Revision 1.354 / (download) - annotate - [select for diffs], Tue Feb 7 02:38:08 2017 UTC (7 years ago) by ozaki-r
Branch: MAIN
Changes since 1.353: +4 -2 lines
Diff to previous 1.353 (colored)

Add missing NULL checks for m_get_rcvif

Revision 1.334.4.7 / (download) - annotate - [select for diffs], Sun Feb 5 13:40:59 2017 UTC (7 years ago) by skrll
Branch: nick-nhusb
Changes since 1.334.4.6: +101 -86 lines
Diff to previous 1.334.4.6 (colored) to branchpoint 1.334 (colored)

Sync with HEAD

Revision 1.347.2.1 / (download) - annotate - [select for diffs], Sat Jan 7 08:56:51 2017 UTC (7 years, 1 month ago) by pgoyette
Branch: pgoyette-localcount
Changes since 1.347: +117 -87 lines
Diff to previous 1.347 (colored)

Sync with HEAD.  (Note that most of these changes are simply $NetBSD$
tag issues.)

Revision 1.353 / (download) - annotate - [select for diffs], Wed Jan 4 12:35:14 2017 UTC (7 years, 1 month ago) by kre
Branch: MAIN
CVS Tags: pgoyette-localcount-20170107, nick-nhusb-base-20170204, bouyer-socketcan-base
Branch point for: bouyer-socketcan
Changes since 1.352: +3 -3 lines
Diff to previous 1.352 (colored)


Remove redundant tests:  if optlen === 0, then optlen % 4 != 2 (it is 0)
so there is no need to test both.

Revision 1.352 / (download) - annotate - [select for diffs], Mon Jan 2 01:18:42 2017 UTC (7 years, 1 month ago) by christos
Branch: MAIN
Changes since 1.351: +80 -58 lines
Diff to previous 1.351 (colored)

Fix TCP signature code:
1. pack options more tightly instead of being generous with no/op
2. put TCP_SIGNATURE option before SACK
3. fix computation of options length, by deferring it
XXX: Really we should move the options setting code in one place instead
of having two copies one for input and one for output.
XXX: tcp_optlen/tcp_hdrsiz need to be fixed; they were wrong before too.

Revision 1.351 / (download) - annotate - [select for diffs], Sat Dec 31 22:46:46 2016 UTC (7 years, 1 month ago) by christos
Branch: MAIN
Changes since 1.350: +20 -29 lines
Diff to previous 1.350 (colored)

remove ancient ipsec code, and don't conditionalize tcp signatures on ipsec_used

Revision 1.350 / (download) - annotate - [select for diffs], Thu Dec 8 05:16:33 2016 UTC (7 years, 2 months ago) by ozaki-r
Branch: MAIN
Changes since 1.349: +6 -4 lines
Diff to previous 1.349 (colored)

Add rtcache_unref to release points of rtentry stemming from rtcache

In the MP-safe world, a rtentry stemming from a rtcache can be freed at any
points. So we need to protect rtentries somehow say by reference couting or
passive references. Regardless of the method, we need to call some release
function of a rtentry after using it.

The change adds a new function rtcache_unref to release a rtentry. At this
point, this function does nothing because for now we don't add a reference
to a rtentry when we get one from a rtcache. We will add something useful
in a further commit.

This change is a part of changes for MP-safe routing table. It is separated
to avoid one big change that makes difficult to debug by bisecting.

Revision 1.334.4.6 / (download) - annotate - [select for diffs], Mon Dec 5 10:55:28 2016 UTC (7 years, 2 months ago) by skrll
Branch: nick-nhusb
Changes since 1.334.4.5: +18 -3 lines
Diff to previous 1.334.4.5 (colored) to branchpoint 1.334 (colored)

Sync with HEAD

Revision 1.349 / (download) - annotate - [select for diffs], Tue Nov 15 22:23:09 2016 UTC (7 years, 3 months ago) by mrg
Branch: MAIN
CVS Tags: nick-nhusb-base-20161204
Changes since 1.348: +4 -2 lines
Diff to previous 1.348 (colored)

apply a #ifdef INET6 so the previous compiles without INET6.

Revision 1.348 / (download) - annotate - [select for diffs], Tue Nov 15 20:50:28 2016 UTC (7 years, 3 months ago) by mlelstv
Branch: MAIN
Changes since 1.347: +16 -3 lines
Diff to previous 1.347 (colored)

Enforce alignment requirements that are violated in some cases.
For machines that don't need strict alignment (i386,amd64,vax,m68k) this
is a no-op.

Fixes PR kern/50766 but should be improved.

Revision 1.334.4.5 / (download) - annotate - [select for diffs], Sat Jul 9 20:25:22 2016 UTC (7 years, 7 months ago) by skrll
Branch: nick-nhusb
Changes since 1.334.4.4: +25 -12 lines
Diff to previous 1.334.4.4 (colored) to branchpoint 1.334 (colored)

Sync with HEAD

Revision 1.347 / (download) - annotate - [select for diffs], Fri Jun 10 13:31:44 2016 UTC (7 years, 8 months ago) by ozaki-r
Branch: MAIN
CVS Tags: pgoyette-localcount-base, pgoyette-localcount-20161104, pgoyette-localcount-20160806, pgoyette-localcount-20160726, nick-nhusb-base-20161004, nick-nhusb-base-20160907, localcount-20160914
Branch point for: pgoyette-localcount
Changes since 1.346: +24 -11 lines
Diff to previous 1.346 (colored)

Avoid storing a pointer of an interface in a mbuf

Having a pointer of an interface in a mbuf isn't safe if we remove big
kernel locks; an interface object (ifnet) can be destroyed anytime in any
packet processing and accessing such object via a pointer is racy. Instead
we have to get an object from the interface collection (ifindex2ifnet) via
an interface index (if_index) that is stored to a mbuf instead of an
pointer.

The change provides two APIs: m_{get,put}_rcvif_psref that use psref(9)
for sleep-able critical sections and m_{get,put}_rcvif that use
pserialize(9) for other critical sections. The change also adds another
API called m_get_rcvif_NOMPSAFE, that is NOT MP-safe and for transition
moratorium, i.e., it is intended to be used for places where are not
planned to be MP-ified soon.

The change adds some overhead due to psref to performance sensitive paths,
however the overhead is not serious, 2% down at worst.

Proposed on tech-kern and tech-net.

Revision 1.346 / (download) - annotate - [select for diffs], Fri Jun 10 13:27:16 2016 UTC (7 years, 8 months ago) by ozaki-r
Branch: MAIN
Changes since 1.345: +3 -3 lines
Diff to previous 1.345 (colored)

Introduce m_set_rcvif and m_reset_rcvif

The API is used to set (or reset) a received interface of a mbuf.
They are counterpart of m_get_rcvif, which will come in another
commit, hide internal of rcvif operation, and reduce the diff of
the upcoming change.

No functional change.

Revision 1.334.4.4 / (download) - annotate - [select for diffs], Sat Mar 19 11:30:33 2016 UTC (7 years, 11 months ago) by skrll
Branch: nick-nhusb
Changes since 1.334.4.3: +5 -16 lines
Diff to previous 1.334.4.3 (colored) to branchpoint 1.334 (colored)

Sync with HEAD

Revision 1.345 / (download) - annotate - [select for diffs], Mon Feb 15 14:59:03 2016 UTC (8 years ago) by rtr
Branch: MAIN
CVS Tags: nick-nhusb-base-20160529, nick-nhusb-base-20160422, nick-nhusb-base-20160319
Changes since 1.344: +5 -16 lines
Diff to previous 1.344 (colored)

Reduce code duplication.

Split creation of IPv4-Mapped IPv6 addresses into its own function
and use it.

No functional change intended.  As posted to tech-net@

Revision 1.334.4.3 / (download) - annotate - [select for diffs], Tue Sep 22 12:06:11 2015 UTC (8 years, 5 months ago) by skrll
Branch: nick-nhusb
Changes since 1.334.4.2: +9 -4 lines
Diff to previous 1.334.4.2 (colored) to branchpoint 1.334 (colored)

Sync with HEAD

Revision 1.344 / (download) - annotate - [select for diffs], Mon Aug 24 22:21:26 2015 UTC (8 years, 6 months ago) by pooka
Branch: MAIN
CVS Tags: nick-nhusb-base-20151226, nick-nhusb-base-20150921
Changes since 1.343: +4 -2 lines
Diff to previous 1.343 (colored)

sprinkle _KERNEL_OPT

Revision 1.291.4.5.2.1 / (download) - annotate - [select for diffs], Fri Jul 24 07:47:02 2015 UTC (8 years, 7 months ago) by martin
Branch: netbsd-5-1
Changes since 1.291.4.5: +6 -3 lines
Diff to previous 1.291.4.5 (colored) next main 1.291.4.6 (colored)

Pull up following revision(s) (requested by matt in ticket #1973):
	sys/netinet/tcp_output.c: revision 1.184
	sys/netinet/tcp_input.c: revision 1.343

If we are sending a window probe and there's unacked data in the
socket, make sure at least the persist timer is running.
Make sure that snd_win doesn't go negative.

Revision 1.291.4.5.6.1 / (download) - annotate - [select for diffs], Fri Jul 24 07:44:35 2015 UTC (8 years, 7 months ago) by martin
Branch: netbsd-5-2
Changes since 1.291.4.5: +6 -3 lines
Diff to previous 1.291.4.5 (colored) next main 1.291.4.6 (colored)

Pull up following revision(s) (requested by matt in ticket #1973):
	sys/netinet/tcp_output.c: revision 1.184
	sys/netinet/tcp_input.c: revision 1.343

If we are sending a window probe and there's unacked data in the
socket, make sure at least the persist timer is running.
Make sure that snd_win doesn't go negative.

Revision 1.291.4.6 / (download) - annotate - [select for diffs], Fri Jul 24 07:42:43 2015 UTC (8 years, 7 months ago) by martin
Branch: netbsd-5
Changes since 1.291.4.5: +6 -3 lines
Diff to previous 1.291.4.5 (colored) to branchpoint 1.291 (colored) next main 1.292 (colored)

Pull up following revision(s) (requested by matt in ticket #1973):
	sys/netinet/tcp_output.c: revision 1.184
	sys/netinet/tcp_input.c: revision 1.343

If we are sending a window probe and there's unacked data in the
socket, make sure at least the persist timer is running.
Make sure that snd_win doesn't go negative.

Revision 1.321.2.1 / (download) - annotate - [select for diffs], Fri Jul 24 07:40:17 2015 UTC (8 years, 7 months ago) by martin
Branch: netbsd-6
Changes since 1.321: +6 -3 lines
Diff to previous 1.321 (colored) next main 1.322 (colored)

Pull up following revision(s) (requested by matt in ticket #1315):
	sys/netinet/tcp_output.c: revision 1.184
	sys/netinet/tcp_input.c: revision 1.343

If we are sending a window probe and there's unacked data in the
socket, make sure at least the persist timer is running.
Make sure that snd_win doesn't go negative.

Revision 1.321.6.1 / (download) - annotate - [select for diffs], Fri Jul 24 07:37:49 2015 UTC (8 years, 7 months ago) by martin
Branch: netbsd-6-0
Changes since 1.321: +6 -3 lines
Diff to previous 1.321 (colored) next main 1.322 (colored)

Pull up following revision(s) (requested by matt in ticket #1315):
	sys/netinet/tcp_output.c: revision 1.184
	sys/netinet/tcp_input.c: revision 1.343

If we are sending a window probe and there's unacked data in the
socket, make sure at least the persist timer is running.
Make sure that snd_win doesn't go negative.

Revision 1.321.8.1 / (download) - annotate - [select for diffs], Fri Jul 24 07:36:05 2015 UTC (8 years, 7 months ago) by martin
Branch: netbsd-6-1
Changes since 1.321: +6 -3 lines
Diff to previous 1.321 (colored) next main 1.322 (colored)

Pull up following revision(s) (requested by matt in ticket #1315):
	sys/netinet/tcp_output.c: revision 1.184
	sys/netinet/tcp_input.c: revision 1.343

If we are sending a window probe and there's unacked data in the
socket, make sure at least the persist timer is running.
Make sure that snd_win doesn't go negative.

Revision 1.334.2.2 / (download) - annotate - [select for diffs], Fri Jul 24 07:30:40 2015 UTC (8 years, 7 months ago) by martin
Branch: netbsd-7
CVS Tags: netbsd-7-nhusb-base-20170116, netbsd-7-nhusb-base, netbsd-7-nhusb, netbsd-7-2-RELEASE, netbsd-7-1-RELEASE, netbsd-7-1-RC2, netbsd-7-1-RC1, netbsd-7-1-2-RELEASE, netbsd-7-1-1-RELEASE, netbsd-7-1, netbsd-7-0-RELEASE, netbsd-7-0-RC3, netbsd-7-0-2-RELEASE, netbsd-7-0-1-RELEASE, netbsd-7-0
Changes since 1.334.2.1: +6 -3 lines
Diff to previous 1.334.2.1 (colored) to branchpoint 1.334 (colored) next main 1.335 (colored)

Pull up following revision(s) (requested by matt in ticket #886):
	sys/netinet/tcp_output.c: revision 1.184
	sys/netinet/tcp_input.c: revision 1.343

If we are sending a window probe and there's unacked data in the
socket, make sure at least the persist timer is running.
Make sure that snd_win doesn't go negative.

Revision 1.343 / (download) - annotate - [select for diffs], Fri Jul 24 04:31:20 2015 UTC (8 years, 7 months ago) by matt
Branch: MAIN
Changes since 1.342: +6 -3 lines
Diff to previous 1.342 (colored)

Make sure that snd_win doesn't go negative.

Revision 1.342 / (download) - annotate - [select for diffs], Wed Jul 15 09:20:18 2015 UTC (8 years, 7 months ago) by ozaki-r
Branch: MAIN
Changes since 1.341: +3 -3 lines
Diff to previous 1.341 (colored)

Remove unused arguments and the associated code from nd6_nud_hint()

from OpenBSD

Revision 1.334.4.2 / (download) - annotate - [select for diffs], Sat Jun 6 14:40:25 2015 UTC (8 years, 8 months ago) by skrll
Branch: nick-nhusb
Changes since 1.334.4.1: +27 -39 lines
Diff to previous 1.334.4.1 (colored) to branchpoint 1.334 (colored)

Sync with HEAD

Revision 1.341 / (download) - annotate - [select for diffs], Sun May 24 15:43:45 2015 UTC (8 years, 9 months ago) by rtr
Branch: MAIN
CVS Tags: nick-nhusb-base-20150606
Changes since 1.340: +15 -25 lines
Diff to previous 1.340 (colored)

remove transitional functions in{,6}_pcbconnect_m() that were used in
converting protocol user requests to accept sockaddr instead of mbufs.

remove tcp_input copy in to mbuf from sockaddr and just copy to sockaddr
to make it possible for the transitional functions to go away.

no version bump since these functions only existed for a short time and
were commented as adapters (they appeared in 7.99.15).

Revision 1.340 / (download) - annotate - [select for diffs], Fri May 15 18:03:45 2015 UTC (8 years, 9 months ago) by kefren
Branch: MAIN
Changes since 1.339: +8 -8 lines
Diff to previous 1.339 (colored)

Don't try to do PCB lookup for bad checksummed segments
Fixes PR/43510 and PR/48452

Revision 1.339 / (download) - annotate - [select for diffs], Sat May 2 17:18:03 2015 UTC (8 years, 9 months ago) by rtr
Branch: MAIN
Changes since 1.338: +4 -4 lines
Diff to previous 1.338 (colored)

make connect syscall use sockaddr_big and modify pr_{send,connect}
nam parameter type from buf * to sockaddr *.

final commit for parameter type changes to protocol user requests

* bump kernel version to 7.99.15 for parameter type changes to pr_{send,connect}

Revision 1.338 / (download) - annotate - [select for diffs], Mon Apr 27 02:59:44 2015 UTC (8 years, 10 months ago) by ozaki-r
Branch: MAIN
Changes since 1.337: +3 -5 lines
Diff to previous 1.337 (colored)

Introduce in6_selecthlim_rt to consolidate an idiom for rt->rt_ifp

It consolidates a scattered routine:
(rt = rtcache_validate(&in6p->in6p_route)) != NULL ? rt->rt_ifp : NULL

Revision 1.334.4.1 / (download) - annotate - [select for diffs], Mon Apr 6 15:18:23 2015 UTC (8 years, 10 months ago) by skrll
Branch: nick-nhusb
Changes since 1.334: +33 -36 lines
Diff to previous 1.334 (colored)

Sync with HEAD

Revision 1.337 / (download) - annotate - [select for diffs], Sat Mar 14 02:08:16 2015 UTC (8 years, 11 months ago) by rtr
Branch: MAIN
CVS Tags: nick-nhusb-base-20150406
Changes since 1.336: +15 -17 lines
Diff to previous 1.336 (colored)

Move code that is conditional on options INET6 into #ifdef INET6.

* Re-organize some variable declarations to limit #ifdef's.
* Move INET and INET6 code into respective switch cases to simplify
  #ifdef INET6.

No intended functional change.

Revision 1.334.2.1 / (download) - annotate - [select for diffs], Sat Feb 21 13:40:19 2015 UTC (9 years ago) by martin
Branch: netbsd-7
CVS Tags: netbsd-7-0-RC2, netbsd-7-0-RC1
Changes since 1.334: +3 -2 lines
Diff to previous 1.334 (colored)

Pull up following revision(s) (requested by he in ticket #530):
	sys/netinet/tcp_output.c: revision 1.180
	sys/netinet/tcp_input.c: revision 1.336
	sys/netinet/tcp_usrreq.c: revision 1.203
	share/man/man4/tcp.4: revision 1.30
	sys/netinet/tcp.h: revision 1.31
	sys/netinet/tcp_subr.c: revision 1.258
	sys/netinet/tcp_var.h: revision 1.176
	sys/netinet/tcp_var.h: revision 1.177
	sys/sys/param.h: bump revision

Port over the TCP_INFO socket option from FreeBSD, originally from
the Linux 2.6 TCP API.  This permits the caller to query certain information
about a TCP connection, and is used by pkgsrc's net/iperf3 test program
if available.

This extends struct tcbcb with three fields to count retransmits,
out-of-sequence receives and zero window announcements, and will
therefore warrant a kernel revision bump (done separately).

Change the new counter variables in struct tcpcb to uint32_t, as
per christos' comments.

Revision 1.336 / (download) - annotate - [select for diffs], Sat Feb 14 12:57:53 2015 UTC (9 years ago) by he
Branch: MAIN
Changes since 1.335: +3 -2 lines
Diff to previous 1.335 (colored)

Port over the TCP_INFO socket option from FreeBSD, originally from
the Linux 2.6 TCP API.  This permits the caller to query certain information
about a TCP connection, and is used by pkgsrc's net/iperf3 test program
if available.

This extends struct tcbcb with three fields to count retransmits,
out-of-sequence receives and zero window announcements, and will
therefore warrant a kernel revision bump (done separately).

Revision 1.335 / (download) - annotate - [select for diffs], Tue Dec 2 20:25:47 2014 UTC (9 years, 2 months ago) by christos
Branch: MAIN
Changes since 1.334: +19 -21 lines
Diff to previous 1.334 (colored)

use the new printing code.

Revision 1.325.2.2 / (download) - annotate - [select for diffs], Wed Aug 20 00:04:35 2014 UTC (9 years, 6 months ago) by tls
Branch: tls-maxphys
Changes since 1.325.2.1: +73 -73 lines
Diff to previous 1.325.2.1 (colored) to branchpoint 1.325 (colored)

Rebase to HEAD as of a few days ago.

Revision 1.331.2.1 / (download) - annotate - [select for diffs], Sun Aug 10 06:56:25 2014 UTC (9 years, 6 months ago) by tls
Branch: tls-earlyentropy
Changes since 1.331: +70 -64 lines
Diff to previous 1.331 (colored) next main 1.332 (colored)

Rebase.

Revision 1.334 / (download) - annotate - [select for diffs], Fri Aug 8 03:05:45 2014 UTC (9 years, 6 months ago) by rtr
Branch: MAIN
CVS Tags: tls-maxphys-base, tls-earlyentropy-base, nick-nhusb-base, netbsd-7-base
Branch point for: nick-nhusb, netbsd-7
Changes since 1.333: +3 -3 lines
Diff to previous 1.333 (colored)

split PRU_RCVD function out of pr_generic() usrreq switches and put into
separate functions

  - always KASSERT(solocked(so)) even if not implemented

  - replace calls to pr_generic() with req = PRU_RCVD with calls to
    pr_rcvd()

Revision 1.333 / (download) - annotate - [select for diffs], Fri May 30 02:27:29 2014 UTC (9 years, 9 months ago) by rmind
Branch: MAIN
Changes since 1.332: +3 -2 lines
Diff to previous 1.332 (colored)

tcp_signature_getsav: handle !ipsec_used case and fix the build (hi christos!).

Revision 1.332 / (download) - annotate - [select for diffs], Fri May 30 01:39:03 2014 UTC (9 years, 9 months ago) by christos
Branch: MAIN
Changes since 1.331: +68 -63 lines
Diff to previous 1.331 (colored)

Introduce 2 new variables: ipsec_enabled and ipsec_used.
Ipsec enabled is controlled by sysctl and determines if is allowed.
ipsec_used is set automatically based on ipsec being enabled, and
rules existing.

Revision 1.317.2.2 / (download) - annotate - [select for diffs], Thu May 22 11:41:10 2014 UTC (9 years, 9 months ago) by yamt
Branch: yamt-pagecache
Changes since 1.317.2.1: +27 -58 lines
Diff to previous 1.317.2.1 (colored) to branchpoint 1.317 (colored) next main 1.318 (colored)

sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs.  ("Protocol error: too many arguments")

Revision 1.327.2.3 / (download) - annotate - [select for diffs], Sun May 18 17:46:13 2014 UTC (9 years, 9 months ago) by rmind
Branch: rmind-smpnet
Changes since 1.327.2.2: +7 -13 lines
Diff to previous 1.327.2.2 (colored) to branchpoint 1.327 (colored) next main 1.328 (colored)

sync with head

Revision 1.331 / (download) - annotate - [select for diffs], Sat Mar 1 16:46:14 2014 UTC (9 years, 11 months ago) by maxv
Branch: MAIN
CVS Tags: yamt-pagecache-base9, rmind-smpnet-nbase, rmind-smpnet-base, riastradh-xf86-video-intel-2-7-1-pre-2-21-15, riastradh-drm2-base3
Branch point for: tls-earlyentropy
Changes since 1.330: +3 -3 lines
Diff to previous 1.330 (colored)

';;' -> ';'

no functional change

spotted by my code scanner

ok christos@

Revision 1.330 / (download) - annotate - [select for diffs], Tue Nov 12 09:02:05 2013 UTC (10 years, 3 months ago) by kefren
Branch: MAIN
Changes since 1.329: +4 -8 lines
Diff to previous 1.329 (colored)

* implement TCP CUBIC congestion control algorithm
* move tcp_sack_newack bits inside reno and newreno_fast_retransmit_newack
* notify ECN peer about cwnd shrink in [new]reno_slow_retransmit

Based on the patch proposed on tech-net@ on Nov 7 with minor improvments:
 * adapt wmax for no-fast convergence case
 * correct cbrt calculation for big window sizes (>750KB)

Revision 1.327.2.2 / (download) - annotate - [select for diffs], Mon Sep 23 00:57:53 2013 UTC (10 years, 5 months ago) by rmind
Branch: rmind-smpnet
Changes since 1.327.2.1: +4 -4 lines
Diff to previous 1.327.2.1 (colored) to branchpoint 1.327 (colored)

- Add some initial locking to the IPv4 PCB.
- Rename inpcb_lookup_*() routines to be more accurate and add comments.
- Add some comments about connection life-cycle WRT socket layer.

Revision 1.329 / (download) - annotate - [select for diffs], Sun Sep 15 14:42:38 2013 UTC (10 years, 5 months ago) by martin
Branch: MAIN
Changes since 1.328: +3 -5 lines
Diff to previous 1.328 (colored)

Remove unused variable

Revision 1.328 / (download) - annotate - [select for diffs], Thu Aug 29 17:49:20 2013 UTC (10 years, 6 months ago) by rmind
Branch: MAIN
Changes since 1.327: +3 -3 lines
Diff to previous 1.327 (colored)

Remove SS_ISCONFIRMING, it is unused and TP4 will not come back.

Revision 1.327.2.1 / (download) - annotate - [select for diffs], Wed Jul 17 03:16:31 2013 UTC (10 years, 7 months ago) by rmind
Branch: rmind-smpnet
Changes since 1.327: +59 -39 lines
Diff to previous 1.327 (colored)

Checkpoint work in progress:
- Move PCB structures under __INPCB_PRIVATE, adjust most of the callers
  and thus make IPv4 PCB structures mostly opaque.  Any volunteers for
  merging in6pcb with inpcb (see rpaulo-netinet-merge-pcb branch)?
- Move various global vars to the modules where they belong, make them static.
- Some preliminary work for IPv4 PCB locking scheme.
- Make raw IP code mostly MP-safe.  Simplify some of it.
- Rework "fast" IP forwarding (ipflow) code to be mostly MP-safe.  It should
  run from a software interrupt, rather than hard.
- Rework tun(4) pseudo interface to be MP-safe.
- Work towards making some other interfaces more strict.

Revision 1.325.2.1 / (download) - annotate - [select for diffs], Sun Jun 23 06:20:25 2013 UTC (10 years, 8 months ago) by tls
Branch: tls-maxphys
Changes since 1.325: +22 -47 lines
Diff to previous 1.325 (colored)

resync from head

Revision 1.327 / (download) - annotate - [select for diffs], Thu Jun 6 00:03:14 2013 UTC (10 years, 8 months ago) by christos
Branch: MAIN
CVS Tags: riastradh-drm2-base2, riastradh-drm2-base1, riastradh-drm2-base, riastradh-drm2
Branch point for: rmind-smpnet
Changes since 1.326: +14 -19 lines
Diff to previous 1.326 (colored)

merge error paths, pass the address of sav; pointed out by Greg Troxel

Revision 1.326 / (download) - annotate - [select for diffs], Wed Jun 5 19:01:26 2013 UTC (10 years, 8 months ago) by christos
Branch: MAIN
Changes since 1.325: +12 -32 lines
Diff to previous 1.325 (colored)

IPSEC has not come in two speeds for a long time now (IPSEC == kame,
FAST_IPSEC). Make everything refer to IPSEC to avoid confusion.

Revision 1.325 / (download) - annotate - [select for diffs], Fri Jun 22 15:09:36 2012 UTC (11 years, 8 months ago) by christos
Branch: MAIN
CVS Tags: yamt-pagecache-base8, yamt-pagecache-base7, yamt-pagecache-base6, khorben-n900, agc-symver-base, agc-symver
Branch point for: tls-maxphys
Changes since 1.324: +2 -7 lines
Diff to previous 1.324 (colored)

remove unintended commit (this was to avoid a bug in the hme driver which
I have not been able to reproduce)

Revision 1.324 / (download) - annotate - [select for diffs], Fri Jun 22 14:54:35 2012 UTC (11 years, 8 months ago) by christos
Branch: MAIN
Changes since 1.323: +7 -2 lines
Diff to previous 1.323 (colored)

PR/46602: Move the rfc6056 port randomization to the IP layer.

Revision 1.318.2.3 / (download) - annotate - [select for diffs], Sun Apr 29 23:05:06 2012 UTC (11 years, 10 months ago) by mrg
Branch: jmcneill-usbmp
Changes since 1.318.2.2: +8 -2 lines
Diff to previous 1.318.2.2 (colored) to branchpoint 1.318 (colored) next main 1.319 (colored)

sync to latest -current.

Revision 1.317.2.1 / (download) - annotate - [select for diffs], Tue Apr 17 00:08:41 2012 UTC (11 years, 10 months ago) by yamt
Branch: yamt-pagecache
CVS Tags: yamt-pagecache-tag8
Changes since 1.317: +19 -17 lines
Diff to previous 1.317 (colored)

sync with head

Revision 1.323 / (download) - annotate - [select for diffs], Fri Apr 13 15:35:57 2012 UTC (11 years, 10 months ago) by yamt
Branch: MAIN
CVS Tags: yamt-pagecache-base5, yamt-pagecache-base4, jmcneill-usbmp-base9, jmcneill-usbmp-base10
Changes since 1.322: +8 -2 lines
Diff to previous 1.322 (colored)

comment

Revision 1.318.2.2 / (download) - annotate - [select for diffs], Thu Apr 5 21:33:44 2012 UTC (11 years, 10 months ago) by mrg
Branch: jmcneill-usbmp
Changes since 1.318.2.1: +6 -11 lines
Diff to previous 1.318.2.1 (colored) to branchpoint 1.318 (colored)

sync to latest -current.

Revision 1.322 / (download) - annotate - [select for diffs], Thu Mar 22 20:34:39 2012 UTC (11 years, 11 months ago) by drochner
Branch: MAIN
CVS Tags: jmcneill-usbmp-base8
Changes since 1.321: +6 -11 lines
Diff to previous 1.321 (colored)

remove KAME IPSEC, replaced by FAST_IPSEC

Revision 1.318.2.1 / (download) - annotate - [select for diffs], Sat Feb 18 07:35:40 2012 UTC (12 years ago) by mrg
Branch: jmcneill-usbmp
Changes since 1.318: +12 -12 lines
Diff to previous 1.318 (colored)

merge to -current.

Revision 1.321 / (download) - annotate - [select for diffs], Wed Jan 11 14:39:08 2012 UTC (12 years, 1 month ago) by drochner
Branch: MAIN
CVS Tags: netbsd-6-base, netbsd-6-1-RELEASE, netbsd-6-1-RC4, netbsd-6-1-RC3, netbsd-6-1-RC2, netbsd-6-1-RC1, netbsd-6-1-5-RELEASE, netbsd-6-1-4-RELEASE, netbsd-6-1-3-RELEASE, netbsd-6-1-2-RELEASE, netbsd-6-1-1-RELEASE, netbsd-6-0-RELEASE, netbsd-6-0-RC2, netbsd-6-0-RC1, netbsd-6-0-6-RELEASE, netbsd-6-0-5-RELEASE, netbsd-6-0-4-RELEASE, netbsd-6-0-3-RELEASE, netbsd-6-0-2-RELEASE, netbsd-6-0-1-RELEASE, matt-nb6-plus-nbase, matt-nb6-plus-base, matt-nb6-plus, jmcneill-usbmp-base7, jmcneill-usbmp-base6, jmcneill-usbmp-base5, jmcneill-usbmp-base4, jmcneill-usbmp-base3, jmcneill-usbmp-base2
Branch point for: netbsd-6-1, netbsd-6-0, netbsd-6
Changes since 1.320: +3 -3 lines
Diff to previous 1.320 (colored)

fix build in the (FAST_)IPSEC & TCP_SIGNATURE case

Revision 1.320 / (download) - annotate - [select for diffs], Sat Dec 31 20:41:59 2011 UTC (12 years, 1 month ago) by christos
Branch: MAIN
Changes since 1.319: +4 -4 lines
Diff to previous 1.319 (colored)

- fix offsetof usage, and redundant defines
- kill pointer casts to 0

Revision 1.319 / (download) - annotate - [select for diffs], Mon Dec 19 11:59:57 2011 UTC (12 years, 2 months ago) by drochner
Branch: MAIN
Changes since 1.318: +9 -9 lines
Diff to previous 1.318 (colored)

rename the IPSEC in-kernel CPP variable and config(8) option to
KAME_IPSEC, and make IPSEC define it so that existing kernel
config files work as before
Now the default can be easily be changed to FAST_IPSEC just by
setting the IPSEC alias to FAST_IPSEC.

Revision 1.318 / (download) - annotate - [select for diffs], Sat Nov 19 22:51:25 2011 UTC (12 years, 3 months ago) by tls
Branch: MAIN
CVS Tags: jmcneill-usbmp-pre-base2, jmcneill-usbmp-base
Branch point for: jmcneill-usbmp
Changes since 1.317: +5 -4 lines
Diff to previous 1.317 (colored)

First step of random number subsystem rework described in
<20111022023242.BA26F14A158@mail.netbsd.org>.  This change includes
the following:

	An initial cleanup and minor reorganization of the entropy pool
	code in sys/dev/rnd.c and sys/dev/rndpool.c.  Several bugs are
	fixed.  Some effort is made to accumulate entropy more quickly at
	boot time.

	A generic interface, "rndsink", is added, for stream generators to
	request that they be re-keyed with good quality entropy from the pool
	as soon as it is available.

	The arc4random()/arc4randbytes() implementation in libkern is
	adjusted to use the rndsink interface for rekeying, which helps
	address the problem of low-quality keys at boot time.

	An implementation of the FIPS 140-2 statistical tests for random
	number generator quality is provided (libkern/rngtest.c).  This
	is based on Greg Rose's implementation from Qualcomm.

	A new random stream generator, nist_ctr_drbg, is provided.  It is
	based on an implementation of the NIST SP800-90 CTR_DRBG by
	Henric Jungheim.  This generator users AES in a modified counter
	mode to generate a backtracking-resistant random stream.

	An abstraction layer, "cprng", is provided for in-kernel consumers
	of randomness.  The arc4random/arc4randbytes API is deprecated for
	in-kernel use.  It is replaced by "cprng_strong".  The current
	cprng_fast implementation wraps the existing arc4random
	implementation.  The current cprng_strong implementation wraps the
	new CTR_DRBG implementation.  Both interfaces are rekeyed from
	the entropy pool automatically at intervals justifiable from best
	current cryptographic practice.

	In some quick tests, cprng_fast() is about the same speed as
	the old arc4randbytes(), and cprng_strong() is about 20% faster
	than rnd_extract_data().  Performance is expected to improve.

	The AES code in src/crypto/rijndael is no longer an optional
	kernel component, as it is required by cprng_strong, which is
	not an optional kernel component.

	The entropy pool output is subjected to the rngtest tests at
	startup time; if it fails, the system will reboot.  There is
	approximately a 3/10000 chance of a false positive from these
	tests.  Entropy pool _input_ from hardware random numbers is
	subjected to the rngtest tests at attach time, as well as the
	FIPS continuous-output test, to detect bad or stuck hardware
	RNGs; if any are detected, they are detached, but the system
	continues to run.

	A problem with rndctl(8) is fixed -- datastructures with
	pointers in arrays are no longer passed to userspace (this
	was not a security problem, but rather a major issue for
	compat32).  A new kernel will require a new rndctl.

	The sysctl kern.arandom() and kern.urandom() nodes are hooked
	up to the new generators, but the /dev/*random pseudodevices
	are not, yet.

	Manual pages for the new kernel interfaces are forthcoming.

Revision 1.317 / (download) - annotate - [select for diffs], Mon Oct 31 13:01:42 2011 UTC (12 years, 4 months ago) by yamt
Branch: MAIN
CVS Tags: yamt-pagecache-base3, yamt-pagecache-base2, yamt-pagecache-base, jmcneill-audiomp3-base, jmcneill-audiomp3
Branch point for: yamt-pagecache
Changes since 1.316: +2 -3 lines
Diff to previous 1.316 (colored)

fix a double unlock bug introduced by tcp_input.c rev.1.312.

Revision 1.316 / (download) - annotate - [select for diffs], Wed Aug 31 18:31:03 2011 UTC (12 years, 6 months ago) by plunky
Branch: MAIN
Changes since 1.315: +3 -3 lines
Diff to previous 1.315 (colored)

NULL does not need a cast

Revision 1.315 / (download) - annotate - [select for diffs], Sun Jul 17 20:54:53 2011 UTC (12 years, 7 months ago) by joerg
Branch: MAIN
Changes since 1.314: +2 -4 lines
Diff to previous 1.314 (colored)

Retire varargs.h support. Move machine/stdarg.h logic into MI
sys/stdarg.h and expect compiler to provide proper builtins, defaulting
to the GCC interface. lint still has a special fallback.
Reduce abuse of _BSD_VA_LIST_ by defining __va_list by default and
derive va_list as required by standards.

Revision 1.306.2.1 / (download) - annotate - [select for diffs], Mon Jun 6 09:09:56 2011 UTC (12 years, 8 months ago) by jruoho
Branch: jruoho-x86intr
Changes since 1.306: +372 -53 lines
Diff to previous 1.306 (colored) next main 1.307 (colored)

Sync with HEAD.

Revision 1.300.4.4 / (download) - annotate - [select for diffs], Tue May 31 03:05:07 2011 UTC (12 years, 9 months ago) by rmind
Branch: rmind-uvmplock
Changes since 1.300.4.3: +310 -33 lines
Diff to previous 1.300.4.3 (colored) to branchpoint 1.300 (colored) next main 1.301 (colored)

sync with head

Revision 1.314 / (download) - annotate - [select for diffs], Wed May 25 23:20:57 2011 UTC (12 years, 9 months ago) by gdt
Branch: MAIN
CVS Tags: rmind-uvmplock-nbase, rmind-uvmplock-base, cherry-xenmp-base, cherry-xenmp
Changes since 1.313: +4 -4 lines
Diff to previous 1.313 (colored)

Remove erroneous additional tick in RTO estimation.  The variable
ts_rtt is 1 plus the RTT, so that 0 can mean invalid measurement.
However, the code failed to subtract the 1 back out before use.  With
this change, TCP from Massachusetts to France now typically has 1s RTO
values, rather than 1.5s.

This bug was found and fixed by Bev Schwartz of BBN.  This material is
based upon work supported by the Defense Advanced Research Projects
Agency and Space and Naval Warfare Systems Center, Pacific, under
Contract No. N66001-09-C-2073.  Approved for Public Release,
Distribution Unlimited

Revision 1.291.8.1.2.2 / (download) - annotate - [select for diffs], Fri May 20 08:11:29 2011 UTC (12 years, 9 months ago) by matt
Branch: matt-nb5-mips64
Changes since 1.291.8.1.2.1: +15 -9 lines
Diff to previous 1.291.8.1.2.1 (colored) to branchpoint 1.291.8.1 (colored) next main 1.292 (colored)

bring matt-nb5-mips64 up to date with netbsd-5-1-RELEASE (except compat).

Revision 1.313 / (download) - annotate - [select for diffs], Tue May 17 05:40:24 2011 UTC (12 years, 9 months ago) by dholland
Branch: MAIN
Changes since 1.312: +3 -3 lines
Diff to previous 1.312 (colored)

typo in comment

Revision 1.312 / (download) - annotate - [select for diffs], Tue May 3 18:28:45 2011 UTC (12 years, 9 months ago) by dyoung
Branch: MAIN
Changes since 1.311: +305 -28 lines
Diff to previous 1.311 (colored)

Reduces the resources demanded by TCP sessions in TIME_WAIT-state using
methods called Vestigial Time-Wait (VTW) and Maximum Segment Lifetime
Truncation (MSLT).

MSLT and VTW were contributed by Coyote Point Systems, Inc.

Even after a TCP session enters the TIME_WAIT state, its corresponding
socket and protocol control blocks (PCBs) stick around until the TCP
Maximum Segment Lifetime (MSL) expires.  On a host whose workload
necessarily creates and closes down many TCP sockets, the sockets & PCBs
for TCP sessions in TIME_WAIT state amount to many megabytes of dead
weight in RAM.

Maximum Segment Lifetimes Truncation (MSLT) assigns each TCP session to
a class based on the nearness of the peer.  Corresponding to each class
is an MSL, and a session uses the MSL of its class.  The classes are
loopback (local host equals remote host), local (local host and remote
host are on the same link/subnet), and remote (local host and remote
host communicate via one or more gateways).  Classes corresponding to
nearer peers have lower MSLs by default: 2 seconds for loopback, 10
seconds for local, 60 seconds for remote.  Loopback and local sessions
expire more quickly when MSLT is used.

Vestigial Time-Wait (VTW) replaces a TIME_WAIT session's PCB/socket
dead weight with a compact representation of the session, called a
"vestigial PCB".  VTW data structures are designed to be very fast and
memory-efficient: for fast insertion and lookup of vestigial PCBs,
the PCBs are stored in a hash table that is designed to minimize the
number of cacheline visits per lookup/insertion.  The memory both
for vestigial PCBs and for elements of the PCB hashtable come from
fixed-size pools, and linked data structures exploit this to conserve
memory by representing references with a narrow index/offset from the
start of a pool instead of a pointer.  When space for new vestigial PCBs
runs out, VTW makes room by discarding old vestigial PCBs, oldest first.
VTW cooperates with MSLT.

It may help to think of VTW as a "FIN cache" by analogy to the SYN
cache.

A 2.8-GHz Pentium 4 running a test workload that creates TIME_WAIT
sessions as fast as it can is approximately 17% idle when VTW is active
versus 0% idle when VTW is inactive.  It has 103 megabytes more free RAM
when VTW is active (approximately 64k vestigial PCBs are created) than
when it is inactive.

Revision 1.311 / (download) - annotate - [select for diffs], Mon Apr 25 22:12:43 2011 UTC (12 years, 10 months ago) by yamt
Branch: MAIN
Changes since 1.310: +7 -7 lines
Diff to previous 1.310 (colored)

tcp_input: simplify redundant assignment.  no functional changes.

Revision 1.300.4.3 / (download) - annotate - [select for diffs], Thu Apr 21 01:42:14 2011 UTC (12 years, 10 months ago) by rmind
Branch: rmind-uvmplock
Changes since 1.300.4.2: +60 -18 lines
Diff to previous 1.300.4.2 (colored) to branchpoint 1.300 (colored)

sync with head

Revision 1.310 / (download) - annotate - [select for diffs], Wed Apr 20 14:08:07 2011 UTC (12 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.309: +4 -4 lines
Diff to previous 1.309 (colored)

Fix typos.

Revision 1.309 / (download) - annotate - [select for diffs], Wed Apr 20 13:35:51 2011 UTC (12 years, 10 months ago) by gdt
Branch: MAIN
Changes since 1.308: +53 -18 lines
Diff to previous 1.308 (colored)

Rewrite comments about TCP RTO calculations.

Long ago, the storage representations of srtt and rttvar were changed
from the 4.4BSD scheme, and the comments are out of sync with the
code.  This commit rewrites most of the comments that explain the RTO
calculations, and points out some issues in the code.

Joint work with Bev Schwartz of BBN (original analysis and comments),
but I have rewritten and extended them, so errors are mine.

This material is based upon work supported by the Defense Advanced
Research Projects Agency and Space and Naval Warfare Systems Center,
Pacific, under Contract No. N66001-09-C-2073.  Approved for Public
Release, Distribution Unlimited

Revision 1.308 / (download) - annotate - [select for diffs], Thu Apr 14 15:48:48 2011 UTC (12 years, 10 months ago) by yamt
Branch: MAIN
Changes since 1.307: +10 -3 lines
Diff to previous 1.307 (colored)

comments

Revision 1.307 / (download) - annotate - [select for diffs], Wed Mar 9 00:44:23 2011 UTC (12 years, 11 months ago) by yamt
Branch: MAIN
Changes since 1.306: +3 -3 lines
Diff to previous 1.306 (colored)

fix a typo in rev.1.283, which broke tcp dupack and duppack statistics.

Revision 1.300.4.2 / (download) - annotate - [select for diffs], Sat Mar 5 20:55:58 2011 UTC (12 years, 11 months ago) by rmind
Branch: rmind-uvmplock
Changes since 1.300.4.1: +3 -3 lines
Diff to previous 1.300.4.1 (colored) to branchpoint 1.300 (colored)

sync with head

Revision 1.306 / (download) - annotate - [select for diffs], Thu Dec 2 19:07:27 2010 UTC (13 years, 2 months ago) by plunky
Branch: MAIN
CVS Tags: matt-mips64-premerge-20101231, jruoho-x86intr-base, bouyer-quota2-nbase, bouyer-quota2-base, bouyer-quota2
Branch point for: jruoho-x86intr
Changes since 1.305: +3 -3 lines
Diff to previous 1.305 (colored)

fix potential mbuf overflow, from Alexander Danilov on tech-net

Revision 1.300.2.2 / (download) - annotate - [select for diffs], Tue Aug 17 06:47:47 2010 UTC (13 years, 6 months ago) by uebayasi
Branch: uebayasi-xip
Changes since 1.300.2.1: +5 -0 lines
Diff to previous 1.300.2.1 (colored) to branchpoint 1.300 (colored) next main 1.301 (colored)

Sync with HEAD.

Revision 1.286.2.7 / (download) - annotate - [select for diffs], Wed Aug 11 22:54:56 2010 UTC (13 years, 6 months ago) by yamt
Branch: yamt-nfs-mp
Changes since 1.286.2.6: +32 -15 lines
Diff to previous 1.286.2.6 (colored) to branchpoint 1.286 (colored) next main 1.287 (colored)

sync with head.

Revision 1.291.4.5 / (download) - annotate - [select for diffs], Fri Jun 11 23:36:07 2010 UTC (13 years, 8 months ago) by riz
Branch: netbsd-5
CVS Tags: netbsd-5-2-RELEASE, netbsd-5-2-RC1, netbsd-5-2-3-RELEASE, netbsd-5-2-2-RELEASE, netbsd-5-2-1-RELEASE, netbsd-5-1-RELEASE, netbsd-5-1-RC4, netbsd-5-1-RC3, netbsd-5-1-5-RELEASE, netbsd-5-1-4-RELEASE, netbsd-5-1-3-RELEASE, netbsd-5-1-2-RELEASE, netbsd-5-1-1-RELEASE, matt-nb5-pq3-base, matt-nb5-pq3
Branch point for: netbsd-5-2, netbsd-5-1
Changes since 1.291.4.4: +15 -9 lines
Diff to previous 1.291.4.4 (colored) to branchpoint 1.291 (colored)

Pull up following revision(s) (requested by bouyer in ticket #1382):
	sys/netinet/tcp_input.c: revision 1.304
	sys/netinet/tcp_input.c: revision 1.305
syn_cache_put(): defer all pool_put() to the callout. Reschedule
the callout if needed so frees are not delayed too much.
syn_cache_timer(): we can't call syn_cache_put() here any more,
so move code deleted from syn_cache_put() here.
Avoid KASSERT() in kern_timeout.c because pool_put() is called from
ipintr context, as reported in
http://mail-index.netbsd.org/tech-kern/2010/03/19/msg007762.html
Thanks to Andrew Doran and Mindaugas Rasiukevicius for help and review.
Make sure SYN_CACHE_TIMER_ARM() has been run before calling syn_cache_put()
as it will reschedule the timer.  Fixes PR kern/43318.

Revision 1.300.4.1 / (download) - annotate - [select for diffs], Sun May 30 05:18:02 2010 UTC (13 years, 9 months ago) by rmind
Branch: rmind-uvmplock
Changes since 1.300: +32 -15 lines
Diff to previous 1.300 (colored)

sync with head

Revision 1.305 / (download) - annotate - [select for diffs], Wed May 26 17:38:29 2010 UTC (13 years, 9 months ago) by bouyer
Branch: MAIN
CVS Tags: yamt-nfs-mp-base11, yamt-nfs-mp-base10, uebayasi-xip-base4, uebayasi-xip-base3, uebayasi-xip-base2
Changes since 1.304: +7 -2 lines
Diff to previous 1.304 (colored)

Make sure SYN_CACHE_TIMER_ARM() has been run before calling syn_cache_put()
as it will reschedule the timer.  Fixes PR kern/43318.

Revision 1.291.4.4 / (download) - annotate - [select for diffs], Thu May 20 05:42:06 2010 UTC (13 years, 9 months ago) by snj
Branch: netbsd-5
CVS Tags: netbsd-5-1-RC2
Changes since 1.291.4.3: +9 -10 lines
Diff to previous 1.291.4.3 (colored) to branchpoint 1.291 (colored)

Revert ticket 1382.

Revision 1.291.4.3 / (download) - annotate - [select for diffs], Thu May 20 05:21:54 2010 UTC (13 years, 9 months ago) by snj
Branch: netbsd-5
Changes since 1.291.4.2: +10 -9 lines
Diff to previous 1.291.4.2 (colored) to branchpoint 1.291 (colored)

Pull up following revision(s) (requested by bouyer in ticket #1382):
	sys/netinet/tcp_input.c: revision 1.304
syn_cache_put(): defer all pool_put() to the callout. Reschedule
the callout if needed so frees are not delayed too much.
syn_cache_timer(): we can't call syn_cache_put() here any more,
so move code deleted from syn_cache_put() here.
Avoid KASSERT() in kern_timeout.c because pool_put() is called from
ipintr context, as reported in
http://mail-index.netbsd.org/tech-kern/2010/03/19/msg007762.html
Thanks to Andrew Doran and Mindaugas Rasiukevicius for help and review.

Revision 1.300.2.1 / (download) - annotate - [select for diffs], Fri Apr 30 14:44:21 2010 UTC (13 years, 10 months ago) by uebayasi
Branch: uebayasi-xip
Changes since 1.300: +27 -15 lines
Diff to previous 1.300 (colored)

Sync with HEAD.

Revision 1.304 / (download) - annotate - [select for diffs], Wed Apr 21 20:40:16 2010 UTC (13 years, 10 months ago) by bouyer
Branch: MAIN
CVS Tags: uebayasi-xip-base1
Changes since 1.303: +10 -9 lines
Diff to previous 1.303 (colored)

syn_cache_put(): defer all pool_put() to the callout. Reschedule
the callout if needed so frees are not delayed too much.
syn_cache_timer(): we can't call syn_cache_put() here any more,
so move code deleted from syn_cache_put() here.

Avoid KASSERT() in kern_timeout.c because pool_put() is called from
ipintr context, as reported in
http://mail-index.netbsd.org/tech-kern/2010/03/19/msg007762.html
Thanks to Andrew Doran and Mindaugas Rasiukevicius for help and review.

Revision 1.291.8.1.2.1 / (download) - annotate - [select for diffs], Wed Apr 21 00:28:22 2010 UTC (13 years, 10 months ago) by matt
Branch: matt-nb5-mips64
CVS Tags: matt-nb5-mips64-premerge-20101231, matt-nb5-mips64-k15
Changes since 1.291.8.1: +8 -6 lines
Diff to previous 1.291.8.1 (colored)

sync to netbsd-5

Revision 1.303 / (download) - annotate - [select for diffs], Fri Apr 16 03:13:03 2010 UTC (13 years, 10 months ago) by rmind
Branch: MAIN
Changes since 1.302: +5 -6 lines
Diff to previous 1.302 (colored)

tcp_input: set ECE flag even if CWR flag is active.
Submitted by Richard Scheffenegger in PR/43150.

Revision 1.302 / (download) - annotate - [select for diffs], Thu Apr 1 14:31:51 2010 UTC (13 years, 11 months ago) by tls
Branch: MAIN
Changes since 1.301: +6 -4 lines
Diff to previous 1.301 (colored)

Oops.  Fix LOCKDEBUG panic -- and spurious calls to tcp_output()! -- in
previous.  Be careful with that {}, Eugene.

Revision 1.301 / (download) - annotate - [select for diffs], Thu Apr 1 00:24:41 2010 UTC (13 years, 11 months ago) by tls
Branch: MAIN
Changes since 1.300: +12 -2 lines
Diff to previous 1.300 (colored)

After discussion with ad@: it appears that KERNEL_LOCK also protects
the driver output path (that is, ifp->if_output()).  In the case of
entry through the socket code, we are fine, because pru_usrreq takes
KERNEL_LOCK.  However, there are a few other ways to cause output
which require protection:

	1) direct calls to tcp_output() in tcp_input()
	2) fast-forwarding code (ip_flow) -- protected elsewise
	   against itself by the softnet lock.
	3) *Possibly* the ARP code.  I have currently persuaded
	   myself that it is safe because of how it's called.
	4) Possibly the ICMP code.

This change addresses #1 and #2.

Revision 1.286.2.6 / (download) - annotate - [select for diffs], Thu Mar 11 15:04:28 2010 UTC (13 years, 11 months ago) by yamt
Branch: yamt-nfs-mp
Changes since 1.286.2.5: +3 -3 lines
Diff to previous 1.286.2.5 (colored) to branchpoint 1.286 (colored)

sync with head

Revision 1.300 / (download) - annotate - [select for diffs], Tue Jan 26 18:09:07 2010 UTC (14 years, 1 month ago) by pooka
Branch: MAIN
CVS Tags: yamt-nfs-mp-base9, uebayasi-xip-base
Branch point for: uebayasi-xip, rmind-uvmplock
Changes since 1.299: +3 -3 lines
Diff to previous 1.299 (colored)

tcp sockbuf autoscaling was initially added turned off because it
was experimental.  People (including myself) have been running with
it turned on for eons now, so flip the default to enabled.

Revision 1.291.4.2 / (download) - annotate - [select for diffs], Sat Sep 26 18:34:29 2009 UTC (14 years, 5 months ago) by snj
Branch: netbsd-5
CVS Tags: netbsd-5-1-RC1
Changes since 1.291.4.1: +8 -6 lines
Diff to previous 1.291.4.1 (colored) to branchpoint 1.291 (colored)

Pull up following revision(s) (requested by darran in ticket #950):
	sys/netinet/tcp_input.c: revision 1.299
	sys/netinet/tcp_usrreq.c: revision 1.156
	sys/netinet/tcp_var.h: revision 1.161
Make tcp msl (max segment life) tunable via sysctl net.inet.tcp.msl.
Okayed by tls@.

Revision 1.286.2.5 / (download) - annotate - [select for diffs], Wed Sep 16 13:38:02 2009 UTC (14 years, 5 months ago) by yamt
Branch: yamt-nfs-mp
Changes since 1.286.2.4: +8 -6 lines
Diff to previous 1.286.2.4 (colored) to branchpoint 1.286 (colored)

sync with head

Revision 1.299 / (download) - annotate - [select for diffs], Wed Sep 9 22:41:28 2009 UTC (14 years, 5 months ago) by darran
Branch: MAIN
CVS Tags: yamt-nfs-mp-base8, matt-premerge-20091211, jym-xensuspend-nbase
Changes since 1.298: +8 -6 lines
Diff to previous 1.298 (colored)

Make tcp msl (max segment life) tunable via sysctl net.inet.tcp.msl.
Okayed by tls@.

Revision 1.286.2.4 / (download) - annotate - [select for diffs], Wed Aug 19 18:48:24 2009 UTC (14 years, 6 months ago) by yamt
Branch: yamt-nfs-mp
Changes since 1.286.2.3: +6 -2 lines
Diff to previous 1.286.2.3 (colored) to branchpoint 1.286 (colored)

sync with head.

Revision 1.292.2.2 / (download) - annotate - [select for diffs], Thu Jul 23 23:32:48 2009 UTC (14 years, 7 months ago) by jym
Branch: jym-xensuspend
Changes since 1.292.2.1: +8 -4 lines
Diff to previous 1.292.2.1 (colored) to branchpoint 1.292 (colored) next main 1.293 (colored)

Sync with HEAD.

Revision 1.298 / (download) - annotate - [select for diffs], Sat Jul 18 23:09:53 2009 UTC (14 years, 7 months ago) by minskim
Branch: MAIN
CVS Tags: yamt-nfs-mp-base7, jymxensuspend-base
Changes since 1.297: +6 -6 lines
Diff to previous 1.297 (colored)

Check the minimum ttl only when pcb is available.

Revision 1.291.4.1 / (download) - annotate - [select for diffs], Sat Jul 18 21:38:09 2009 UTC (14 years, 7 months ago) by snj
Branch: netbsd-5
Changes since 1.291: +4 -4 lines
Diff to previous 1.291 (colored)

Pull up following revision(s) (requested by is in ticket #859):
	sys/netinet/tcp_input.c: revision 1.296
Follow exactly the recommendation of draft-ietf-tcpm-tcpsecure-11.txt:
Don't check gainst the last ack received, but the expected sequence number.
This makes RST handling independent of delayed ACK. From Joanne M Mikkelson.

Revision 1.291.8.1 / (download) - annotate - [select for diffs], Sat Jul 18 21:37:34 2009 UTC (14 years, 7 months ago) by snj
Branch: netbsd-5-0
CVS Tags: netbsd-5-0-2-RELEASE, netbsd-5-0-1-RELEASE, matt-nb5-mips64-u2-k2-k4-k7-k8-k9, matt-nb5-mips64-u1-k1-k5, matt-nb5-mips64-premerge-20091211, matt-nb4-mips64-k7-u2a-k9b
Branch point for: matt-nb5-mips64
Changes since 1.291: +4 -4 lines
Diff to previous 1.291 (colored) next main 1.292 (colored)

Pull up following revision(s) (requested by is in ticket #859):
	sys/netinet/tcp_input.c: revision 1.296
Follow exactly the recommendation of draft-ietf-tcpm-tcpsecure-11.txt:
Don't check gainst the last ack received, but the expected sequence number.
This makes RST handling independent of delayed ACK. From Joanne M Mikkelson.

Revision 1.286.2.3 / (download) - annotate - [select for diffs], Sat Jul 18 14:53:25 2009 UTC (14 years, 7 months ago) by yamt
Branch: yamt-nfs-mp
Changes since 1.286.2.2: +4 -4 lines
Diff to previous 1.286.2.2 (colored) to branchpoint 1.286 (colored)

sync with head.

Revision 1.297 / (download) - annotate - [select for diffs], Fri Jul 17 22:02:54 2009 UTC (14 years, 7 months ago) by minskim
Branch: MAIN
Changes since 1.296: +6 -2 lines
Diff to previous 1.296 (colored)

Add the IP_MINTTL socket option.

The IP_MINTTL option may be used on SOCK_STREAM sockets to discard
packets with a TTL lower than the option value.  This can be used to
implement the Generalized TTL Security Mechanism (GTSM) according to
RFC 3682.

OK'ed by christos@.

Revision 1.296 / (download) - annotate - [select for diffs], Sat Jun 20 17:29:31 2009 UTC (14 years, 8 months ago) by christos
Branch: MAIN
CVS Tags: yamt-nfs-mp-base6
Changes since 1.295: +4 -4 lines
Diff to previous 1.295 (colored)

Follow exactly the recommendation of draft-ietf-tcpm-tcpsecure-11.txt:
Don't check gainst the last ack received, but the expected sequence number.
This makes RST handling independent of delayed ACK. From Joanne M Mikkelson.

Revision 1.292.2.1 / (download) - annotate - [select for diffs], Wed May 13 17:22:28 2009 UTC (14 years, 9 months ago) by jym
Branch: jym-xensuspend
Changes since 1.292: +18 -18 lines
Diff to previous 1.292 (colored)

Sync with HEAD.

Commit is split, to avoid a "too many arguments" protocol error.

Revision 1.286.2.2 / (download) - annotate - [select for diffs], Mon May 4 08:14:17 2009 UTC (14 years, 9 months ago) by yamt
Branch: yamt-nfs-mp
Changes since 1.286.2.1: +39 -23 lines
Diff to previous 1.286.2.1 (colored) to branchpoint 1.286 (colored)

sync with head.

Revision 1.291.2.2 / (download) - annotate - [select for diffs], Tue Apr 28 07:37:22 2009 UTC (14 years, 10 months ago) by skrll
Branch: nick-hppapmap
Changes since 1.291.2.1: +18 -18 lines
Diff to previous 1.291.2.1 (colored) to branchpoint 1.291 (colored) next main 1.292 (colored)

Sync with HEAD.

Revision 1.295 / (download) - annotate - [select for diffs], Wed Mar 18 16:00:22 2009 UTC (14 years, 11 months ago) by cegger
Branch: MAIN
CVS Tags: yamt-nfs-mp-base5, yamt-nfs-mp-base4, yamt-nfs-mp-base3, nick-hppapmap-base4, nick-hppapmap-base3, nick-hppapmap-base, jym-xensuspend-base
Changes since 1.294: +13 -13 lines
Diff to previous 1.294 (colored)

bzero -> memset

Revision 1.294 / (download) - annotate - [select for diffs], Wed Mar 18 15:14:31 2009 UTC (14 years, 11 months ago) by cegger
Branch: MAIN
Changes since 1.293: +6 -6 lines
Diff to previous 1.293 (colored)

bcmp -> memcmp

Revision 1.293 / (download) - annotate - [select for diffs], Sun Mar 15 21:25:32 2009 UTC (14 years, 11 months ago) by cegger
Branch: MAIN
Changes since 1.292: +3 -3 lines
Diff to previous 1.292 (colored)

ansify function definitions

Revision 1.291.2.1 / (download) - annotate - [select for diffs], Tue Mar 3 18:33:38 2009 UTC (14 years, 11 months ago) by skrll
Branch: nick-hppapmap
Changes since 1.291: +15 -6 lines
Diff to previous 1.291 (colored)

Sync with HEAD.

Revision 1.292 / (download) - annotate - [select for diffs], Thu Jan 29 20:38:22 2009 UTC (15 years, 1 month ago) by pooka
Branch: MAIN
CVS Tags: nick-hppapmap-base2
Branch point for: jym-xensuspend
Changes since 1.291: +15 -6 lines
Diff to previous 1.291 (colored)

stinkset purge: POOL_INIT -> pool_init
also, make the syncache pool static in scope

Revision 1.289.2.1 / (download) - annotate - [select for diffs], Sun Oct 19 22:17:46 2008 UTC (15 years, 4 months ago) by haad
Branch: haad-dm
Changes since 1.289: +5 -3 lines
Diff to previous 1.289 (colored) next main 1.290 (colored)

Sync with HEAD.

Revision 1.280.6.3 / (download) - annotate - [select for diffs], Sun Sep 28 10:40:58 2008 UTC (15 years, 5 months ago) by mjf
Branch: mjf-devfs2
Changes since 1.280.6.2: +9 -2 lines
Diff to previous 1.280.6.2 (colored) to branchpoint 1.280 (colored) next main 1.281 (colored)

Sync with HEAD.

Revision 1.287.2.1 / (download) - annotate - [select for diffs], Thu Sep 18 04:37:01 2008 UTC (15 years, 5 months ago) by wrstuden
Branch: wrstuden-revivesa
Changes since 1.287: +11 -4 lines
Diff to previous 1.287 (colored) next main 1.288 (colored)

Sync with wrstuden-revivesa-base-2.

Revision 1.291 / (download) - annotate - [select for diffs], Mon Aug 4 04:08:47 2008 UTC (15 years, 6 months ago) by tls
Branch: MAIN
CVS Tags: wrstuden-revivesa-base-4, wrstuden-revivesa-base-3, wrstuden-revivesa-base-2, netbsd-5-base, netbsd-5-0-RELEASE, netbsd-5-0-RC4, netbsd-5-0-RC3, netbsd-5-0-RC2, netbsd-5-0-RC1, mjf-devfs2-base, matt-mips64-base2, haad-nbase2, haad-dm-base2, haad-dm-base1, haad-dm-base, ad-audiomp2-base, ad-audiomp2
Branch point for: nick-hppapmap, netbsd-5-0, netbsd-5
Changes since 1.290: +4 -3 lines
Diff to previous 1.290 (colored)

Unlock reassembly queue before calling sorwakeup(), not after.  In unusual
cases with in-kernel consumers which might send data on the same socket,
we can deadlock on the reassembly queue otherwise (observed while testing
accept filters).

Revision 1.287.4.3 / (download) - annotate - [select for diffs], Thu Jul 31 04:51:03 2008 UTC (15 years, 7 months ago) by simonb
Branch: simonb-wapbl
Changes since 1.287.4.2: +3 -2 lines
Diff to previous 1.287.4.2 (colored) to branchpoint 1.287 (colored) next main 1.288 (colored)

Sync with head.

Revision 1.290 / (download) - annotate - [select for diffs], Mon Jul 28 18:41:07 2008 UTC (15 years, 7 months ago) by matt
Branch: MAIN
CVS Tags: simonb-wapbl-nbase, simonb-wapbl-base
Changes since 1.289: +3 -2 lines
Diff to previous 1.289 (colored)

Reacquire softnet_lock after calling soabort which returns with the socket
unlocked.

Revision 1.287.4.2 / (download) - annotate - [select for diffs], Fri Jul 18 16:37:57 2008 UTC (15 years, 7 months ago) by simonb
Branch: simonb-wapbl
Changes since 1.287.4.1: +5 -2 lines
Diff to previous 1.287.4.1 (colored) to branchpoint 1.287 (colored)

Sync with head.

Revision 1.289 / (download) - annotate - [select for diffs], Fri Jul 4 18:22:21 2008 UTC (15 years, 7 months ago) by ad
Branch: MAIN
Branch point for: haad-dm
Changes since 1.288: +5 -2 lines
Diff to previous 1.288 (colored)

tcp_input: add a couple of assertions.

Revision 1.287.4.1 / (download) - annotate - [select for diffs], Thu Jul 3 18:38:20 2008 UTC (15 years, 7 months ago) by simonb
Branch: simonb-wapbl
Changes since 1.287: +5 -3 lines
Diff to previous 1.287 (colored)

Sync with head.

Revision 1.288 / (download) - annotate - [select for diffs], Thu Jul 3 15:35:28 2008 UTC (15 years, 7 months ago) by ad
Branch: MAIN
Changes since 1.287: +5 -3 lines
Diff to previous 1.287 (colored)

syn_cache_get: remove new endpoint's socket from head's queue if aborting
the connection. Should fix KASSERT(so->so_head == NULL).

Revision 1.280.6.2 / (download) - annotate - [select for diffs], Mon Jun 2 13:24:25 2008 UTC (15 years, 8 months ago) by mjf
Branch: mjf-devfs2
Changes since 1.280.6.1: +120 -95 lines
Diff to previous 1.280.6.1 (colored) to branchpoint 1.280 (colored)

Sync with HEAD.

Revision 1.284.2.1 / (download) - annotate - [select for diffs], Sun May 18 12:35:29 2008 UTC (15 years, 9 months ago) by yamt
Branch: yamt-pf42
Changes since 1.284: +19 -21 lines
Diff to previous 1.284 (colored) next main 1.285 (colored)

sync with head.

Revision 1.286.2.1 / (download) - annotate - [select for diffs], Fri May 16 02:25:42 2008 UTC (15 years, 9 months ago) by yamt
Branch: yamt-nfs-mp
Changes since 1.286: +2 -9 lines
Diff to previous 1.286 (colored)

sync with head.

Revision 1.287 / (download) - annotate - [select for diffs], Mon Apr 28 20:24:09 2008 UTC (15 years, 10 months ago) by martin
Branch: MAIN
CVS Tags: yamt-pf42-base4, yamt-pf42-base3, yamt-pf42-base2, yamt-nfs-mp-base2, wrstuden-revivesa-base-1, wrstuden-revivesa-base, hpcarm-cleanup-nbase
Branch point for: wrstuden-revivesa, simonb-wapbl
Changes since 1.286: +2 -9 lines
Diff to previous 1.286 (colored)

Remove clause 3 and 4 from TNF licenses

Revision 1.286 / (download) - annotate - [select for diffs], Thu Apr 24 11:38:38 2008 UTC (15 years, 10 months ago) by ad
Branch: MAIN
CVS Tags: yamt-nfs-mp-base
Branch point for: yamt-nfs-mp
Changes since 1.285: +11 -8 lines
Diff to previous 1.285 (colored)

Merge the socket locking patch:

- Socket layer becomes MP safe.
- Unix protocols become MP safe.
- Allows protocol processing interrupts to safely block on locks.
- Fixes a number of race conditions.

With much feedback from matt@ and plunky@.

Revision 1.285 / (download) - annotate - [select for diffs], Wed Apr 23 06:09:05 2008 UTC (15 years, 10 months ago) by thorpej
Branch: MAIN
Changes since 1.284: +10 -8 lines
Diff to previous 1.284 (colored)

Make IPSEC and FAST_IPSEC stats per-cpu.  Use <net/net_stats.h> and
netstat_sysctl().

Revision 1.284 / (download) - annotate - [select for diffs], Sat Apr 12 05:58:22 2008 UTC (15 years, 10 months ago) by thorpej
Branch: MAIN
CVS Tags: yamt-pf42-baseX, yamt-pf42-base
Branch point for: yamt-pf42
Changes since 1.283: +105 -78 lines
Diff to previous 1.283 (colored)

Make IP, TCP, UDP, and ICMP statistics per-CPU.  The stats are collated
when the user requests them via sysctl.

Revision 1.283 / (download) - annotate - [select for diffs], Tue Apr 8 01:03:58 2008 UTC (15 years, 10 months ago) by thorpej
Branch: MAIN
Changes since 1.282: +78 -78 lines
Diff to previous 1.282 (colored)

Change TCP stats from a structure to an array of uint64_t's.

Note: This is ABI-compatible with the old tcpstat structure; old netstat
binaries will continue to work properly.

Revision 1.280.6.1 / (download) - annotate - [select for diffs], Thu Apr 3 12:43:08 2008 UTC (15 years, 10 months ago) by mjf
Branch: mjf-devfs2
Changes since 1.280: +4 -4 lines
Diff to previous 1.280 (colored)

Sync with HEAD.

Revision 1.280.2.1 / (download) - annotate - [select for diffs], Mon Mar 24 07:16:24 2008 UTC (15 years, 11 months ago) by keiichi
Branch: keiichi-mipv6
Changes since 1.280: +4 -4 lines
Diff to previous 1.280 (colored) next main 1.281 (colored)

sync with head.

Revision 1.270.4.3 / (download) - annotate - [select for diffs], Sun Mar 23 02:05:06 2008 UTC (15 years, 11 months ago) by matt
Branch: matt-armv6
Changes since 1.270.4.2: +94 -86 lines
Diff to previous 1.270.4.2 (colored) to branchpoint 1.270 (colored) next main 1.271 (colored)

sync with HEAD

Revision 1.230.2.10 / (download) - annotate - [select for diffs], Mon Mar 17 09:15:41 2008 UTC (15 years, 11 months ago) by yamt
Branch: yamt-lazymbuf
Changes since 1.230.2.9: +4 -4 lines
Diff to previous 1.230.2.9 (colored) next main 1.231 (colored)

sync with head.

Revision 1.282 / (download) - annotate - [select for diffs], Sat Mar 1 14:16:52 2008 UTC (16 years ago) by rmind
Branch: MAIN
CVS Tags: yamt-lazymbuf-base15, yamt-lazymbuf-base14, matt-armv6-nbase, keiichi-mipv6-nbase, keiichi-mipv6-base, ad-socklock-base1
Changes since 1.281: +3 -3 lines
Diff to previous 1.281 (colored)

Welcome to 4.99.55:

- Add a lot of missing selinit() and seldestroy() calls.

- Merge selwakeup() and selnotify() calls into a single selnotify().

- Add an additional 'events' argument to selnotify() call.  It will
  indicate which event (POLL_IN, POLL_OUT, etc) happen.  If unknown,
  zero may be used.

Note: please pass appropriate value of 'events' where possible.
Proposed on: <tech-kern>

Revision 1.281 / (download) - annotate - [select for diffs], Wed Feb 27 19:41:51 2008 UTC (16 years ago) by matt
Branch: MAIN
Changes since 1.280: +3 -3 lines
Diff to previous 1.280 (colored)

Convert stragglers to ansi definitions from old-style definitons.
Remember that func() is not ansi, func(void) is.

Revision 1.230.2.9 / (download) - annotate - [select for diffs], Wed Feb 27 08:37:04 2008 UTC (16 years ago) by yamt
Branch: yamt-lazymbuf
Changes since 1.230.2.8: +62 -56 lines
Diff to previous 1.230.2.8 (colored)

sync with head.

Revision 1.280 / (download) - annotate - [select for diffs], Wed Feb 20 11:44:07 2008 UTC (16 years ago) by yamt
Branch: MAIN
CVS Tags: nick-net80211-sync-base, nick-net80211-sync, hpcarm-cleanup-base
Branch point for: mjf-devfs2, keiichi-mipv6
Changes since 1.279: +62 -56 lines
Diff to previous 1.279 (colored)

make TCP_SETUP_ACK, ICMP_CHECK, TCP_FIELDS_TO_HOST, and TCP_FIELDS_TO_NET
static functions.

Revision 1.271.2.3 / (download) - annotate - [select for diffs], Mon Feb 18 21:07:08 2008 UTC (16 years ago) by mjf
Branch: mjf-devfs
Changes since 1.271.2.2: +32 -30 lines
Diff to previous 1.271.2.2 (colored) to branchpoint 1.271 (colored) next main 1.272 (colored)

Sync with HEAD.

Revision 1.230.2.8 / (download) - annotate - [select for diffs], Mon Feb 11 15:00:05 2008 UTC (16 years ago) by yamt
Branch: yamt-lazymbuf
Changes since 1.230.2.7: +28 -25 lines
Diff to previous 1.230.2.7 (colored)

sync with head.

Revision 1.279 / (download) - annotate - [select for diffs], Tue Feb 5 09:38:47 2008 UTC (16 years ago) by yamt
Branch: MAIN
CVS Tags: mjf-devfs-base
Changes since 1.278: +1 -1 lines
Diff to previous 1.278 (colored)

- start tcp timestamp from 1 instead of 0.
- add a comment to explain why:
+        * We start with 1, because 0 doesn't work with linux, which
+        * considers timestamp 0 in a SYN packet as a bug and disables
+        * timestamps.

Revision 1.278 / (download) - annotate - [select for diffs], Mon Feb 4 23:56:14 2008 UTC (16 years ago) by yamt
Branch: MAIN
Changes since 1.277: +27 -24 lines
Diff to previous 1.277 (colored)

redo tcp_input.c rev.1.230 correctly.

    revision 1.230
    date: 2005/06/30 02:58:28;  author: christos;  state: Exp;  lines: +20 -4
    Normalize our PAWS code with Free and Open, as mentioned in tech-security.

reviewed by christos@ and matt@.

Revision 1.230.2.7 / (download) - annotate - [select for diffs], Mon Feb 4 09:24:40 2008 UTC (16 years ago) by yamt
Branch: yamt-lazymbuf
Changes since 1.230.2.6: +3 -4 lines
Diff to previous 1.230.2.6 (colored)

sync with head.

Revision 1.277 / (download) - annotate - [select for diffs], Tue Jan 29 12:34:47 2008 UTC (16 years, 1 month ago) by yamt
Branch: MAIN
Changes since 1.276: +3 -4 lines
Diff to previous 1.276 (colored)

revert tcp_output.c 1.253 because it has an ill effect when sending
small (not full-sized) segments.
http://mail-index.NetBSD.org/tech-net/2008/01/27/0009.html

Revision 1.230.2.6 / (download) - annotate - [select for diffs], Mon Jan 21 09:47:17 2008 UTC (16 years, 1 month ago) by yamt
Branch: yamt-lazymbuf
Changes since 1.230.2.5: +27 -17 lines
Diff to previous 1.230.2.5 (colored)

sync with head

Revision 1.272.6.2 / (download) - annotate - [select for diffs], Sat Jan 19 12:15:32 2008 UTC (16 years, 1 month ago) by bouyer
Branch: bouyer-xeni386
Changes since 1.272.6.1: +3 -3 lines
Diff to previous 1.272.6.1 (colored) to branchpoint 1.272 (colored) next main 1.273 (colored)

Sync with HEAD

Revision 1.276 / (download) - annotate - [select for diffs], Mon Jan 14 04:19:10 2008 UTC (16 years, 1 month ago) by dyoung
Branch: MAIN
CVS Tags: bouyer-xeni386-nbase, bouyer-xeni386-base
Changes since 1.275: +5 -5 lines
Diff to previous 1.275 (colored)

Use rtcache_validate() instead of rtcache_getrt().  Shorten staircase
in in_losing().

Revision 1.270.4.2 / (download) - annotate - [select for diffs], Wed Jan 9 01:57:29 2008 UTC (16 years, 1 month ago) by matt
Branch: matt-armv6
Changes since 1.270.4.1: +69 -57 lines
Diff to previous 1.270.4.1 (colored) to branchpoint 1.270 (colored)

sync with HEAD

Revision 1.272.6.1 / (download) - annotate - [select for diffs], Wed Jan 2 21:57:24 2008 UTC (16 years, 1 month ago) by bouyer
Branch: bouyer-xeni386
CVS Tags: bouyer-xeni386-merge1
Changes since 1.272: +27 -17 lines
Diff to previous 1.272 (colored)

Sync with HEAD

Revision 1.271.2.2 / (download) - annotate - [select for diffs], Thu Dec 27 00:46:31 2007 UTC (16 years, 2 months ago) by mjf
Branch: mjf-devfs
Changes since 1.271.2.1: +27 -17 lines
Diff to previous 1.271.2.1 (colored) to branchpoint 1.271 (colored)

Sync with HEAD.

Revision 1.272.2.1 / (download) - annotate - [select for diffs], Wed Dec 26 19:57:41 2007 UTC (16 years, 2 months ago) by ad
Branch: vmlocking2
Changes since 1.272: +27 -17 lines
Diff to previous 1.272 (colored) next main 1.273 (colored)

Sync with head.

Revision 1.275 / (download) - annotate - [select for diffs], Thu Dec 20 20:24:49 2007 UTC (16 years, 2 months ago) by martin
Branch: MAIN
CVS Tags: vmlocking2-base3, matt-armv6-base
Changes since 1.274: +4 -2 lines
Diff to previous 1.274 (colored)

A few missing ifdefs to make non-INET6 kernels build again.

Revision 1.274 / (download) - annotate - [select for diffs], Thu Dec 20 19:53:32 2007 UTC (16 years, 2 months ago) by dyoung
Branch: MAIN
Changes since 1.273: +23 -16 lines
Diff to previous 1.273 (colored)

Poison struct route->ro_rt uses in the kernel by changing the name
to _ro_rt.  Use rtcache_getrt() to access a route cache's struct
rtentry *.

Introduce struct ifnet->if_dl that always points at the interface
identifier/link-layer address.  Make code that treated the first
ifaddr on struct ifnet->if_addrlist as the interface address use
if_dl, instead.

Remove stale debugging code from net/route.c.  Move the rtflush()
code into rtcache_clear() and delete rtflush().  Delete rtalloc(),
because nothing uses it any more.

Make ND6_HINT an inline, lowercase subroutine, nd6_hint.

I've done my best to convert IP Filter, the ISO stack, and the
AppleTalk stack to rtcache_getrt().  They compile, but I have not
tested them.  I have given the changes to PF, GRE, IPv4 and IPv6
stacks a lot of exercise.

Revision 1.273 / (download) - annotate - [select for diffs], Sun Dec 16 14:12:34 2007 UTC (16 years, 2 months ago) by elad
Branch: MAIN
Changes since 1.272: +4 -3 lines
Diff to previous 1.272 (colored)

Really fix low port allocation, by always passing a valid lwp to
in_pcbbind().

Okay dyoung@.

Note that the network code is another candidate for major cleanup... also
note that this issue is likely to be present in netinet6 code, too.

Revision 1.271.2.1 / (download) - annotate - [select for diffs], Mon Nov 19 00:49:11 2007 UTC (16 years, 3 months ago) by mjf
Branch: mjf-devfs
Changes since 1.271: +44 -42 lines
Diff to previous 1.271 (colored)

Sync with HEAD.

Revision 1.230.2.5 / (download) - annotate - [select for diffs], Thu Nov 15 11:45:08 2007 UTC (16 years, 3 months ago) by yamt
Branch: yamt-lazymbuf
Changes since 1.230.2.4: +60 -48 lines
Diff to previous 1.230.2.4 (colored)

sync with head.

Revision 1.270.8.1 / (download) - annotate - [select for diffs], Tue Nov 13 16:02:51 2007 UTC (16 years, 3 months ago) by bouyer
Branch: bouyer-xenamd64
Changes since 1.270: +60 -48 lines
Diff to previous 1.270 (colored) next main 1.271 (colored)

Sync with HEAD

Revision 1.270.2.2 / (download) - annotate - [select for diffs], Sun Nov 11 16:48:31 2007 UTC (16 years, 3 months ago) by joerg
Branch: jmcneill-pm
Changes since 1.270.2.1: +44 -42 lines
Diff to previous 1.270.2.1 (colored) to branchpoint 1.270 (colored) next main 1.271 (colored)

Sync with HEAD.

Revision 1.272 / (download) - annotate - [select for diffs], Fri Nov 9 23:55:58 2007 UTC (16 years, 3 months ago) by dyoung
Branch: MAIN
CVS Tags: yamt-kmem-base3, yamt-kmem-base2, yamt-kmem-base, yamt-kmem, vmlocking2-base2, vmlocking2-base1, vmlocking-nbase, reinoud-bufcleanup-nbase, reinoud-bufcleanup-base, jmcneill-pm-base, cube-autoconf-base, cube-autoconf, bouyer-xenamd64-base2, bouyer-xenamd64-base
Branch point for: vmlocking2, bouyer-xeni386
Changes since 1.271: +44 -42 lines
Diff to previous 1.271 (colored)

Change macros SYN_CACHE_PUT() and SYN_CACHE_RM() into inline
subroutines syn_cache_put() and syn_cache_rm().

Revision 1.270.4.1 / (download) - annotate - [select for diffs], Tue Nov 6 23:33:52 2007 UTC (16 years, 3 months ago) by matt
Branch: matt-armv6
CVS Tags: matt-armv6-prevmlocking
Changes since 1.270: +18 -8 lines
Diff to previous 1.270 (colored)

sync with HEAD

Revision 1.270.2.1 / (download) - annotate - [select for diffs], Sun Nov 4 21:03:38 2007 UTC (16 years, 3 months ago) by jmcneill
Branch: jmcneill-pm
Changes since 1.270: +18 -8 lines
Diff to previous 1.270 (colored)

Sync with HEAD.

Revision 1.271 / (download) - annotate - [select for diffs], Sun Nov 4 11:04:26 2007 UTC (16 years, 3 months ago) by rmind
Branch: MAIN
CVS Tags: jmcneill-base
Branch point for: mjf-devfs
Changes since 1.270: +18 -8 lines
Diff to previous 1.270 (colored)

Pick the smallest possible TCP window scaling factor that will still allow
us to scale up to sb_max.  This might fix the problems with some firewalls.

Taken from FreeBSD (silby).
OK by <dyoung>.

Revision 1.230.2.4 / (download) - annotate - [select for diffs], Mon Sep 3 14:43:01 2007 UTC (16 years, 5 months ago) by yamt
Branch: yamt-lazymbuf
Changes since 1.230.2.3: +117 -37 lines
Diff to previous 1.230.2.3 (colored)

sync with head.

Revision 1.262.2.5 / (download) - annotate - [select for diffs], Mon Aug 20 21:28:00 2007 UTC (16 years, 6 months ago) by ad
Branch: vmlocking
Changes since 1.262.2.4: +84 -4 lines
Diff to previous 1.262.2.4 (colored) next main 1.263 (colored)

Sync with HEAD.

Revision 1.268.2.1 / (download) - annotate - [select for diffs], Wed Aug 15 13:49:46 2007 UTC (16 years, 6 months ago) by skrll
Branch: nick-csl-alignment
Changes since 1.268: +84 -4 lines
Diff to previous 1.268 (colored) next main 1.269 (colored)

Sync with HEAD.

Revision 1.270.10.2 / (download) - annotate - [select for diffs], Thu Aug 2 13:06:31 2007 UTC (16 years, 6 months ago) by yamt
Branch: matt-mips64
Changes since 1.270.10.1: +4427 -0 lines
Diff to previous 1.270.10.1 (colored) to branchpoint 1.270 (colored) next main 1.271 (colored)

our tcp timestamps are in PR_SLOWHZ, not HZ.

Revision 1.270.10.1, Thu Aug 2 13:06:30 2007 UTC (16 years, 6 months ago) by yamt
Branch: matt-mips64
Changes since 1.270: +0 -4427 lines
FILE REMOVED

file tcp_input.c was added on branch matt-mips64 on 2007-08-02 13:06:31 +0000

Revision 1.270 / (download) - annotate - [select for diffs], Thu Aug 2 13:06:30 2007 UTC (16 years, 6 months ago) by yamt
Branch: MAIN
CVS Tags: yamt-x86pmap-base4, yamt-x86pmap-base3, yamt-x86pmap-base2, yamt-x86pmap-base, yamt-x86pmap, vmlocking-base, nick-csl-alignment-base5, matt-mips64-base
Branch point for: matt-mips64, matt-armv6, jmcneill-pm, bouyer-xenamd64
Changes since 1.269: +3 -3 lines
Diff to previous 1.269 (colored)

our tcp timestamps are in PR_SLOWHZ, not HZ.

Revision 1.269 / (download) - annotate - [select for diffs], Thu Aug 2 02:42:40 2007 UTC (16 years, 7 months ago) by rmind
Branch: MAIN
Changes since 1.268: +84 -4 lines
Diff to previous 1.268 (colored)

TCP socket buffers automatic sizing - ported from FreeBSD.
http://mail-index.netbsd.org/tech-net/2007/02/04/0006.html

! Disabled by default, marked as experimental. Testers are very needed.
! Someone should thoroughly test this, and improve if possible.

Discussed on <tech-net>:
http://mail-index.netbsd.org/tech-net/2007/07/12/0002.html
Thanks Greg Troxel for comments.

OK by the long silence on <tech-net>.

Revision 1.262.2.4 / (download) - annotate - [select for diffs], Sun Jul 15 13:27:57 2007 UTC (16 years, 7 months ago) by ad
Branch: vmlocking
Changes since 1.262.2.3: +7 -7 lines
Diff to previous 1.262.2.3 (colored)

Sync with head.

Revision 1.263.2.1 / (download) - annotate - [select for diffs], Wed Jul 11 20:11:27 2007 UTC (16 years, 7 months ago) by mjf
Branch: mjf-ufs-trans
Changes since 1.263: +21 -22 lines
Diff to previous 1.263 (colored) next main 1.264 (colored)

Sync with head.

Revision 1.268 / (download) - annotate - [select for diffs], Mon Jul 9 21:11:11 2007 UTC (16 years, 7 months ago) by ad
Branch: MAIN
CVS Tags: nick-csl-alignment-base, mjf-ufs-trans-base, hpcarm-cleanup
Branch point for: nick-csl-alignment
Changes since 1.267: +7 -4 lines
Diff to previous 1.267 (colored)

Merge some of the less invasive changes from the vmlocking branch:

- kthread, callout, devsw API changes
- select()/poll() improvements
- miscellaneous MT safety improvements

Revision 1.262.2.3 / (download) - annotate - [select for diffs], Sun Jul 1 21:50:50 2007 UTC (16 years, 8 months ago) by ad
Branch: vmlocking
Changes since 1.262.2.2: +7 -4 lines
Diff to previous 1.262.2.2 (colored)

Adapt to callout API change.

Revision 1.267 / (download) - annotate - [select for diffs], Wed Jun 20 15:29:18 2007 UTC (16 years, 8 months ago) by christos
Branch: MAIN
Changes since 1.266: +7 -7 lines
Diff to previous 1.266 (colored)

- per socket keepalive settings
- settable connection establishment timeout

Revision 1.262.2.2 / (download) - annotate - [select for diffs], Fri Jun 8 14:17:47 2007 UTC (16 years, 8 months ago) by ad
Branch: vmlocking
Changes since 1.262.2.1: +11 -15 lines
Diff to previous 1.262.2.1 (colored)

Sync with head.

Revision 1.255.4.1 / (download) - annotate - [select for diffs], Mon Jun 4 01:54:23 2007 UTC (16 years, 8 months ago) by wrstuden
Branch: wrstuden-fixsa
Changes since 1.255: +17 -12 lines
Diff to previous 1.255 (colored) next main 1.256 (colored)

Update to today's netbsd-4.

Revision 1.255.2.2 / (download) - annotate - [select for diffs], Fri May 25 07:12:00 2007 UTC (16 years, 9 months ago) by pavel
Branch: netbsd-4
CVS Tags: wrstuden-fixsa-newbase, wrstuden-fixsa-base-1, wrstuden-fixsa-base, netbsd-4-0-RELEASE, netbsd-4-0-RC5, netbsd-4-0-RC4, netbsd-4-0-RC3, netbsd-4-0-RC2, netbsd-4-0-RC1, netbsd-4-0-1-RELEASE, netbsd-4-0, matt-nb4-arm-base, matt-nb4-arm
Changes since 1.255.2.1: +4 -5 lines
Diff to previous 1.255.2.1 (colored) to branchpoint 1.255 (colored) next main 1.256 (colored)

Pull up following revision(s) (requested by riz in ticket #670):
	sys/netinet/tcp_input.c: revision 1.265
	sys/netinet/tcp_input.c: revision 1.266
	sys/arch/i386/conf/ALL: revision 1.98
Revert a small part of revision 1.254 - remove const qualifier from
the struct tcphdr * argument of tcp_dooptions().  RFC2385 support
(options TCP_SIGNATURE) needs to modify the header during options
processing, and this revision broke it.
OK yamt@.

Fix compilation in the TCP_SIGNATURE case:
	- don't use void * for pointer arithmetic
	- don't try to modify const parameters
A kernel with 'options TCP_SIGNATURE' works as well as it ever did, now.
(ie, clunky, but passable)

Add 'options TCP_SIGNATURE' to hopefully keep this code from
invisibly breaking periodically, as it's done a couple times.

Revision 1.255.2.1 / (download) - annotate - [select for diffs], Thu May 24 19:13:14 2007 UTC (16 years, 9 months ago) by pavel
Branch: netbsd-4
Changes since 1.255: +15 -9 lines
Diff to previous 1.255 (colored)

Pull up following revision(s) (requested by degroote in ticket #667):
	sys/netinet/tcp_input.c: revision 1.260
	sys/netinet/tcp_output.c: revision 1.154
	sys/netinet/tcp_subr.c: revision 1.210
	sys/netinet6/icmp6.c: revision 1.129
	sys/netinet6/in6_proto.c: revision 1.70
	sys/netinet6/ip6_forward.c: revision 1.54
	sys/netinet6/ip6_input.c: revision 1.94
	sys/netinet6/ip6_output.c: revision 1.114
	sys/netinet6/raw_ip6.c: revision 1.81
	sys/netipsec/ipcomp_var.h: revision 1.4
	sys/netipsec/ipsec.c: revision 1.26 via patch,1.31-1.32
	sys/netipsec/ipsec6.h: revision 1.5
	sys/netipsec/ipsec_input.c: revision 1.14
	sys/netipsec/ipsec_netbsd.c: revision 1.18,1.26
	sys/netipsec/ipsec_output.c: revision 1.21 via patch
	sys/netipsec/key.c: revision 1.33,1.44
	sys/netipsec/xform_ipcomp.c: revision 1.9
	sys/netipsec/xform_ipip.c: revision 1.15
	sys/opencrypto/deflate.c: revision 1.8
Commit my SoC work
Add ipv6 support for fast_ipsec
Note that currently, packet with extensions headers are not correctly
supported
Change the ipcomp logic

Add sysctl tree to modify the fast_ipsec options related to ipv6. Similar
to the sysctl kame interface.

Choose the good default policy, depending of the adress family of the
desired policy

Increase the refcount for the default ipv6 policy so nobody can reclaim it

Always compute the sp index even if we don't have any sp in spd. It will
let us to choose the right default policy (based on the adress family
requested).
While here, fix an error message

Use dynamic array instead of an static array to decompress. It lets us to
decompress any data, whatever is the radio decompressed data / compressed
data.
It fixes the last issues with fast_ipsec and ipcomp.
While here, bzero -> memset, bcopy -> memcpy, FREE -> free
Reviewed a long time ago by sam@

Revision 1.266 / (download) - annotate - [select for diffs], Fri May 18 21:48:43 2007 UTC (16 years, 9 months ago) by riz
Branch: MAIN
Changes since 1.265: +2 -3 lines
Diff to previous 1.265 (colored)

Fix compilation in the TCP_SIGNATURE case:

	- don't use void * for pointer arithmetic
	- don't try to modify const parameters

A kernel with 'options TCP_SIGNATURE' works as well as it ever did, now.
(ie, clunky, but passable)

Revision 1.265 / (download) - annotate - [select for diffs], Fri May 18 21:31:16 2007 UTC (16 years, 9 months ago) by riz
Branch: MAIN
Changes since 1.264: +4 -4 lines
Diff to previous 1.264 (colored)

Revert a small part of revision 1.254 - remove const qualifier from
the struct tcphdr * argument of tcp_dooptions().  RFC2385 support
(options TCP_SIGNATURE) needs to modify the header during options
processing, and this revision broke it.

OK yamt@.

Revision 1.260.2.4 / (download) - annotate - [select for diffs], Mon May 7 10:56:00 2007 UTC (16 years, 9 months ago) by yamt
Branch: yamt-idlelwp
Changes since 1.260.2.3: +9 -12 lines
Diff to previous 1.260.2.3 (colored) next main 1.261 (colored)

sync with head.

Revision 1.264 / (download) - annotate - [select for diffs], Wed May 2 20:40:25 2007 UTC (16 years, 10 months ago) by dyoung
Branch: MAIN
CVS Tags: yamt-idlelwp-base8
Changes since 1.263: +9 -12 lines
Diff to previous 1.263 (colored)

Eliminate address family-specific route caches (struct route, struct
route_in6, struct route_iso), replacing all caches with a struct
route.

The principle benefit of this change is that all of the protocol
families can benefit from route cache-invalidation, which is
necessary for correct routing.  Route-cache invalidation fixes an
ancient PR, kern/3508, at long last; it fixes various other PRs,
also.

Discussions with and ideas from Joerg Sonnenberger influenced this
work tremendously.  Of course, all design oversights and bugs are
mine.

DETAILS

1 I added to each address family a pool of sockaddrs.  I have
  introduced routines for allocating, copying, and duplicating,
  and freeing sockaddrs:

        struct sockaddr *sockaddr_alloc(sa_family_t af, int flags);
        struct sockaddr *sockaddr_copy(struct sockaddr *dst,
                                       const struct sockaddr *src);
        struct sockaddr *sockaddr_dup(const struct sockaddr *src, int flags);
        void sockaddr_free(struct sockaddr *sa);

  sockaddr_alloc() returns either a sockaddr from the pool belonging
  to the specified family, or NULL if the pool is exhausted.  The
  returned sockaddr has the right size for that family; sa_family
  and sa_len fields are initialized to the family and sockaddr
  length---e.g., sa_family = AF_INET and sa_len = sizeof(struct
  sockaddr_in).  sockaddr_free() puts the given sockaddr back into
  its family's pool.

  sockaddr_dup() and sockaddr_copy() work analogously to strdup()
  and strcpy(), respectively.  sockaddr_copy() KASSERTs that the
  family of the destination and source sockaddrs are alike.

  The 'flags' argumet for sockaddr_alloc() and sockaddr_dup() is
  passed directly to pool_get(9).

2 I added routines for initializing sockaddrs in each address
  family, sockaddr_in_init(), sockaddr_in6_init(), sockaddr_iso_init(),
  etc.  They are fairly self-explanatory.

3 structs route_in6 and route_iso are no more.  All protocol families
  use struct route.  I have changed the route cache, 'struct route',
  so that it does not contain storage space for a sockaddr.  Instead,
  struct route points to a sockaddr coming from the pool the sockaddr
  belongs to.  I added a new method to struct route, rtcache_setdst(),
  for setting the cache destination:

        int rtcache_setdst(struct route *, const struct sockaddr *);

  rtcache_setdst() returns 0 on success, or ENOMEM if no memory is
  available to create the sockaddr storage.

  It is now possible for rtcache_getdst() to return NULL if, say,
  rtcache_setdst() failed.  I check the return value for NULL
  everywhere in the kernel.

4 Each routing domain (struct domain) has a list of live route
  caches, dom_rtcache.  rtflushall(sa_family_t af) looks up the
  domain indicated by 'af', walks the domain's list of route caches
  and invalidates each one.

Revision 1.260.2.3 / (download) - annotate - [select for diffs], Sat Mar 24 14:56:10 2007 UTC (16 years, 11 months ago) by yamt
Branch: yamt-idlelwp
Changes since 1.260.2.2: +5 -4 lines
Diff to previous 1.260.2.2 (colored)

sync with head.

Revision 1.262.2.1 / (download) - annotate - [select for diffs], Tue Mar 13 16:52:02 2007 UTC (16 years, 11 months ago) by ad
Branch: vmlocking
Changes since 1.262: +5 -4 lines
Diff to previous 1.262 (colored)

Sync with head.

Revision 1.263 / (download) - annotate - [select for diffs], Mon Mar 12 18:18:36 2007 UTC (16 years, 11 months ago) by ad
Branch: MAIN
CVS Tags: thorpej-atomic-base, thorpej-atomic, reinoud-bufcleanup
Branch point for: mjf-ufs-trans
Changes since 1.262: +5 -4 lines
Diff to previous 1.262 (colored)

Pass an ipl argument to pool_init/POOL_INIT to be used when initializing
the pool's lock.

Revision 1.260.2.2 / (download) - annotate - [select for diffs], Mon Mar 12 05:59:38 2007 UTC (16 years, 11 months ago) by rmind
Branch: yamt-idlelwp
Changes since 1.260.2.1: +13 -13 lines
Diff to previous 1.260.2.1 (colored)

Sync with HEAD.

Revision 1.262 / (download) - annotate - [select for diffs], Sun Mar 4 06:03:22 2007 UTC (16 years, 11 months ago) by christos
Branch: MAIN
Branch point for: vmlocking
Changes since 1.261: +13 -13 lines
Diff to previous 1.261 (colored)

Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.

Revision 1.260.2.1 / (download) - annotate - [select for diffs], Tue Feb 27 16:54:56 2007 UTC (17 years ago) by yamt
Branch: yamt-idlelwp
Changes since 1.260: +4 -4 lines
Diff to previous 1.260 (colored)

- sync with head.
- move sched_changepri back to kern_synch.c as it doesn't know PPQ anymore.

Revision 1.230.2.3 / (download) - annotate - [select for diffs], Mon Feb 26 09:11:45 2007 UTC (17 years ago) by yamt
Branch: yamt-lazymbuf
Changes since 1.230.2.2: +17 -11 lines
Diff to previous 1.230.2.2 (colored)

sync with head.

Revision 1.261 / (download) - annotate - [select for diffs], Thu Feb 22 06:17:51 2007 UTC (17 years ago) by thorpej
Branch: MAIN
CVS Tags: ad-audiomp-base, ad-audiomp
Changes since 1.260: +4 -4 lines
Diff to previous 1.260 (colored)

TRUE -> true, FALSE -> false

Revision 1.260 / (download) - annotate - [select for diffs], Sat Feb 10 09:43:05 2007 UTC (17 years ago) by degroote
Branch: MAIN
Branch point for: yamt-idlelwp
Changes since 1.259: +15 -9 lines
Diff to previous 1.259 (colored)

Commit my SoC work
Add ipv6 support for fast_ipsec
Note that currently, packet with extensions headers are not correctly
supported
Change the ipcomp logic

Revision 1.244.2.2 / (download) - annotate - [select for diffs], Fri Jan 12 01:04:14 2007 UTC (17 years, 1 month ago) by ad
Branch: newlock2
Changes since 1.244.2.1: +22 -11 lines
Diff to previous 1.244.2.1 (colored) to branchpoint 1.244 (colored) next main 1.245 (colored)

Sync with head.

Revision 1.230.2.2 / (download) - annotate - [select for diffs], Sat Dec 30 20:50:33 2006 UTC (17 years, 2 months ago) by yamt
Branch: yamt-lazymbuf
Changes since 1.230.2.1: +186 -213 lines
Diff to previous 1.230.2.1 (colored)

sync with head.

Revision 1.244.4.3 / (download) - annotate - [select for diffs], Mon Dec 18 11:42:21 2006 UTC (17 years, 2 months ago) by yamt
Branch: yamt-splraiseipl
Changes since 1.244.4.2: +8 -18 lines
Diff to previous 1.244.4.2 (colored) to branchpoint 1.244 (colored) next main 1.245 (colored)

sync with head.

Revision 1.259 / (download) - annotate - [select for diffs], Fri Dec 15 21:18:54 2006 UTC (17 years, 2 months ago) by joerg
Branch: MAIN
CVS Tags: yamt-splraiseipl-base5, yamt-splraiseipl-base4, post-newlock2-merge, newlock2-nbase, newlock2-base
Changes since 1.258: +8 -18 lines
Diff to previous 1.258 (colored)

Introduce new helper functions to abstract the route caching.
rtcache_init and rtcache_init_noclone lookup ro_dst and store
the result in ro_rt, taking care of the reference counting and
calling the domain specific route cache.
rtcache_free checks if a route was cashed and frees the reference.
rtcache_copy copies ro_dst of the given struct route, checking that
enough space is available and incrementing the reference count of the
cached rtentry if necessary.
rtcache_check validates that the cached route is still up. If it isn't,
it tries to look it up again. Afterwards ro_rt is either a valid again
or NULL.
rtcache_copy is used internally.

Adjust to callers of rtalloc/rtflush in the tree to check the sanity of
ro_dst first (if necessary). If it doesn't fit the expectations, free
the cache, otherwise check if the cached route is still valid. After
that combination, a single check for ro_rt == NULL is enough to decide
whether a new lookup needs to be done with a different ro_dst.
Make the route checking in gre stricter by repeating the loop check
after revalidation.
Remove some unused RADIX_MPATH code in in6_src.c. The logic is slightly
changed here to first validate the route and check RTF_GATEWAY
afterwards. This is sementically equivalent though.
etherip doesn't need sc_route_expire similiar to the gif changes from
dyoung@ earlier.

Based on the earlier patch from dyoung@, reviewed and discussed with
him.

Revision 1.244.4.2 / (download) - annotate - [select for diffs], Sun Dec 10 07:19:11 2006 UTC (17 years, 2 months ago) by yamt
Branch: yamt-splraiseipl
Changes since 1.244.4.1: +32 -11 lines
Diff to previous 1.244.4.1 (colored) to branchpoint 1.244 (colored)

sync with head.

Revision 1.258 / (download) - annotate - [select for diffs], Sat Dec 9 05:33:04 2006 UTC (17 years, 2 months ago) by dyoung
Branch: MAIN
CVS Tags: yamt-splraiseipl-base3
Changes since 1.257: +19 -6 lines
Diff to previous 1.257 (colored)

Here are various changes designed to protect against bad IPv4
routing caused by stale route caches (struct route).  Route caches
are sprinkled throughout PCBs, the IP fast-forwarding table, and
IP tunnel interfaces (gre, gif, stf).

Stale IPv6 and ISO route caches will be treated by separate patches.

Thank you to Christoph Badura for suggesting the general approach
to invalidating route caches that I take here.

Here are the details:

Add hooks to struct domain for tracking and for invalidating each
domain's route caches: dom_rtcache, dom_rtflush, and dom_rtflushall.

Introduce helper subroutines, rtflush(ro) for invalidating a route
cache, rtflushall(family) for invalidating all route caches in a
routing domain, and rtcache(ro) for notifying the domain of a new
cached route.

Chain together all IPv4 route caches where ro_rt != NULL.  Provide
in_rtcache() for adding a route to the chain.  Provide in_rtflush()
and in_rtflushall() for invalidating IPv4 route caches.  In
in_rtflush(), set ro_rt to NULL, and remove the route from the
chain.  In in_rtflushall(), walk the chain and remove every route
cache.

In rtrequest1(), call rtflushall() to invalidate route caches when
a route is added.

In gif(4), discard the workaround for stale caches that involves
expiring them every so often.

Replace the pattern 'RTFREE(ro->ro_rt); ro->ro_rt = NULL;' with a
call to rtflush(ro).

Update ipflow_fastforward() and all other users of route caches so
that they expect a cached route, ro->ro_rt, to turn to NULL.

Take care when moving a 'struct route' to rtflush() the source and
to rtcache() the destination.

In domain initializers, use .dom_xxx tags.

KNF here and there.

Revision 1.257 / (download) - annotate - [select for diffs], Wed Dec 6 09:10:45 2006 UTC (17 years, 2 months ago) by yamt
Branch: MAIN
Changes since 1.256: +8 -2 lines
Diff to previous 1.256 (colored)

add some more tcp mowners.

Revision 1.256 / (download) - annotate - [select for diffs], Wed Dec 6 09:08:27 2006 UTC (17 years, 2 months ago) by yamt
Branch: MAIN
Changes since 1.255: +6 -4 lines
Diff to previous 1.255 (colored)

- make tcp_reass static.
- constify.

Revision 1.244.2.1 / (download) - annotate - [select for diffs], Sat Nov 18 21:39:36 2006 UTC (17 years, 3 months ago) by ad
Branch: newlock2
Changes since 1.244: +66 -223 lines
Diff to previous 1.244 (colored)

Sync with head.

Revision 1.255 / (download) - annotate - [select for diffs], Thu Nov 16 01:33:45 2006 UTC (17 years, 3 months ago) by christos
Branch: MAIN
CVS Tags: netbsd-4-base
Branch point for: wrstuden-fixsa, netbsd-4
Changes since 1.254: +5 -5 lines
Diff to previous 1.254 (colored)

__unused removal on arguments; approved by core.

Revision 1.224.2.3 / (download) - annotate - [select for diffs], Thu Oct 26 10:51:19 2006 UTC (17 years, 4 months ago) by ghen
Branch: netbsd-3
CVS Tags: netbsd-3-1-RELEASE, netbsd-3-1-1-RELEASE, netbsd-3-1
Changes since 1.224.2.2: +18 -21 lines
Diff to previous 1.224.2.2 (colored) to branchpoint 1.224 (colored) next main 1.225 (colored)

Pull up following revision(s) (requested by rpaulo in ticket #1547):
	sys/netinet/tcp_input.c: revision 1.250
PR 34776: don't accept TCP connections to broadcast addresses.
Move the multicast/broadcast check above (before creating a
syn_cache entry)
By Yasuoka Yasuoka.

Revision 1.224.2.2.2.1 / (download) - annotate - [select for diffs], Thu Oct 26 10:51:14 2006 UTC (17 years, 4 months ago) by ghen
Branch: netbsd-3-0
CVS Tags: netbsd-3-0-3-RELEASE, netbsd-3-0-2-RELEASE
Changes since 1.224.2.2: +18 -21 lines
Diff to previous 1.224.2.2 (colored) next main 1.224.2.3 (colored)

Pull up following revision(s) (requested by rpaulo in ticket #1547):
	sys/netinet/tcp_input.c: revision 1.250
PR 34776: don't accept TCP connections to broadcast addresses.
Move the multicast/broadcast check above (before creating a
syn_cache entry)
By Yasuoka Yasuoka.

Revision 1.244.4.1 / (download) - annotate - [select for diffs], Sun Oct 22 06:07:28 2006 UTC (17 years, 4 months ago) by yamt
Branch: yamt-splraiseipl
Changes since 1.244: +68 -225 lines
Diff to previous 1.244 (colored)

sync with head

Revision 1.254 / (download) - annotate - [select for diffs], Sat Oct 21 10:08:54 2006 UTC (17 years, 4 months ago) by yamt
Branch: MAIN
CVS Tags: yamt-splraiseipl-base2
Changes since 1.253: +8 -3 lines
Diff to previous 1.253 (colored)

- constify.
- make tcp_dooptions and tcpipqent_pool static.

Revision 1.253 / (download) - annotate - [select for diffs], Tue Oct 17 09:31:17 2006 UTC (17 years, 4 months ago) by yamt
Branch: MAIN
Changes since 1.252: +4 -3 lines
Diff to previous 1.252 (colored)

tcp_input: if we have SACK, don't enter fastrecovery on three dupacks.
otherwise, we can enter fastrecovery due to DSACKs, which we treat
as dupacks here.  PR/34748.  reviewed by Rui Paulo.

Revision 1.252 / (download) - annotate - [select for diffs], Sun Oct 15 17:53:30 2006 UTC (17 years, 4 months ago) by rpaulo
Branch: MAIN
Changes since 1.251: +2 -23 lines
Diff to previous 1.251 (colored)

Move comments to proper places.

Revision 1.251 / (download) - annotate - [select for diffs], Sun Oct 15 17:45:06 2006 UTC (17 years, 4 months ago) by rpaulo
Branch: MAIN
Changes since 1.250: +3 -3 lines
Diff to previous 1.250 (colored)

Add a new tcp_congctl(9) structure member for congestion experienced callback.
Needed by HSTCP.

Revision 1.250 / (download) - annotate - [select for diffs], Thu Oct 12 11:46:30 2006 UTC (17 years, 4 months ago) by rpaulo
Branch: MAIN
Changes since 1.249: +20 -23 lines
Diff to previous 1.249 (colored)

PR 34776: don't accept TCP connections to broadcast addresses.
Move the multicast/broadcast check above (before creating a syn_cache entry)
By Yasuoka Yasuoka.

Revision 1.249 / (download) - annotate - [select for diffs], Thu Oct 12 01:32:38 2006 UTC (17 years, 4 months ago) by christos
Branch: MAIN
Changes since 1.248: +6 -6 lines
Diff to previous 1.248 (colored)

- sprinkle __unused on function decls.
- fix a couple of unused bugs
- no more -Wno-unused for i386

Revision 1.248 / (download) - annotate - [select for diffs], Tue Oct 10 11:13:02 2006 UTC (17 years, 4 months ago) by rpaulo
Branch: MAIN
Changes since 1.247: +3 -5 lines
Diff to previous 1.247 (colored)

Revert previous. The check is now done in tcp_congctl.

Revision 1.247 / (download) - annotate - [select for diffs], Tue Oct 10 09:19:40 2006 UTC (17 years, 4 months ago) by yamt
Branch: MAIN
Changes since 1.246: +5 -3 lines
Diff to previous 1.246 (colored)

tcp_input: don't call congctl->newack when doing fast retransmit.

Revision 1.246 / (download) - annotate - [select for diffs], Mon Oct 9 16:27:07 2006 UTC (17 years, 4 months ago) by rpaulo
Branch: MAIN
Changes since 1.245: +19 -167 lines
Diff to previous 1.245 (colored)

Modular (I tried ;-) TCP congestion control API. Whenever certain conditions
happen in the TCP stack, this interface calls the specified callback to
handle the situation according to the currently selected congestion
control algorithm.
A new sysctl node was created: net.inet.tcp.congctl.{available,selected}
with obvious meanings.
The old net.inet.tcp.newreno MIB was removed.
The API is discussed in tcp_congctl(9).

In the near future, it will be possible to selected a congestion control
algorithm on a per-socket basis.

Discussed on tech-net and reviewed by <yamt>.

Revision 1.245 / (download) - annotate - [select for diffs], Thu Oct 5 17:35:19 2006 UTC (17 years, 4 months ago) by tls
Branch: MAIN
Changes since 1.244: +19 -10 lines
Diff to previous 1.244 (colored)

Protect calls to pool_put/pool_get that may occur in interrupt context
with spl used to protect other allocations and frees, or datastructure
element insertion and removal, in adjacent code.

It is almost unquestionably the case that some of the spl()/splx() calls
added here are superfluous, but it really seems wrong to see:

	s=splfoo();
	/* frob data structure */
	splx(s);
	pool_put(x);

and if we think we need to protect the first operation, then it is hard
to see why we should not think we need to protect the next.  "Better
safe than sorry".

It is also almost unquestionably the case that I missed some pool
gets/puts from interrupt context with my strategy for finding these
calls; use of PR_NOWAIT is a strong hint that a pool may be used from
interrupt context but many callers in the kernel pass a "can wait/can't
wait" flag down such that my searches might not have found them.  One
notable area that needs to be looked at is pf.

See also:

http://mail-index.netbsd.org/tech-kern/2006/07/19/0003.html
http://mail-index.netbsd.org/tech-kern/2006/07/19/0009.html

Revision 1.239.2.3 / (download) - annotate - [select for diffs], Thu Sep 14 12:31:55 2006 UTC (17 years, 5 months ago) by yamt
Branch: yamt-pdpolicy
Changes since 1.239.2.2: +132 -13 lines
Diff to previous 1.239.2.2 (colored) to branchpoint 1.239 (colored) next main 1.240 (colored)

sync with head.

Revision 1.237.4.3 / (download) - annotate - [select for diffs], Sat Sep 9 02:58:47 2006 UTC (17 years, 5 months ago) by rpaulo
Branch: rpaulo-netinet-merge-pcb
Changes since 1.237.4.2: +139 -18 lines
Diff to previous 1.237.4.2 (colored) to branchpoint 1.237 (colored) next main 1.238 (colored)

sync with head

Revision 1.244 / (download) - annotate - [select for diffs], Tue Sep 5 00:29:36 2006 UTC (17 years, 5 months ago) by rpaulo
Branch: MAIN
CVS Tags: yamt-splraiseipl-base, yamt-pdpolicy-base9, rpaulo-netinet-merge-pcb-base
Branch point for: yamt-splraiseipl, newlock2
Changes since 1.243: +132 -13 lines
Diff to previous 1.243 (colored)

Import of TCP ECN algorithm for congestion control.
Both available for IPv4 and IPv6.
Basic implementation test results are available at
http://netbsd-soc.sourceforge.net/projects/ecn/testresults.html.

Work sponsored by the Google Summer of Code project 2006.
Special thanks to Kentaro Kurahone, Allen Briggs and Matt Thomas for their
help, comments and support during the project.

Revision 1.239.2.2 / (download) - annotate - [select for diffs], Mon Jun 26 12:53:58 2006 UTC (17 years, 8 months ago) by yamt
Branch: yamt-pdpolicy
Changes since 1.239.2.1: +2 -4 lines
Diff to previous 1.239.2.1 (colored) to branchpoint 1.239 (colored)

sync with head.

Revision 1.230.2.1 / (download) - annotate - [select for diffs], Wed Jun 21 15:11:01 2006 UTC (17 years, 8 months ago) by yamt
Branch: yamt-lazymbuf
Changes since 1.230: +87 -19 lines
Diff to previous 1.230 (colored)

sync with head.

Revision 1.240.2.1 / (download) - annotate - [select for diffs], Mon Jun 19 04:09:48 2006 UTC (17 years, 8 months ago) by chap
Branch: chap-midi
Changes since 1.240: +2 -4 lines
Diff to previous 1.240 (colored) next main 1.241 (colored)

Sync with head.

Revision 1.243 / (download) - annotate - [select for diffs], Wed Jun 7 22:34:01 2006 UTC (17 years, 8 months ago) by kardel
Branch: MAIN
CVS Tags: yamt-pdpolicy-base8, yamt-pdpolicy-base7, yamt-pdpolicy-base6, gdamore-uart-base, gdamore-uart, chap-midi-nbase, chap-midi-base, abandoned-netbsd-4-base, abandoned-netbsd-4
Changes since 1.242: +2 -4 lines
Diff to previous 1.242 (colored)

merge FreeBSD timecounters from branch simonb-timecounters
- struct timeval time is gone
  time.tv_sec -> time_second
- struct timeval mono_time is gone
  mono_time.tv_sec -> time_uptime
- access to time via
	{get,}{micro,nano,bin}time()
	get* versions are fast but less precise
- support NTP nanokernel implementation (NTP API 4)
- further reading:
  Timecounter Paper: http://phk.freebsd.dk/pubs/timecounter.pdf
  NTP Nanokernel: http://www.eecis.udel.edu/~mills/ntp/html/kern.html

Revision 1.242 / (download) - annotate - [select for diffs], Sat May 27 13:35:20 2006 UTC (17 years, 9 months ago) by bouyer
Branch: MAIN
CVS Tags: simonb-timecounters-base
Changes since 1.241: +0 -14 lines
Diff to previous 1.241 (colored)

Revert rev 1.241: calling m_makewritable() in tcp_input causes problems when
it has to change the mbuf chain. I experience hard hang on a Xen2 domU after
TCP connections have been closed, and a crash has been reported which may be
caused by this too.

Revision 1.241 / (download) - annotate - [select for diffs], Thu May 25 21:49:19 2006 UTC (17 years, 9 months ago) by bouyer
Branch: MAIN
Changes since 1.240: +16 -2 lines
Diff to previous 1.240 (colored)

If we're going to byteswap fields in the TCP header, make sure the mbuf
area is writable first.

Revision 1.239.6.1 / (download) - annotate - [select for diffs], Wed May 24 15:50:45 2006 UTC (17 years, 9 months ago) by tron
Branch: peter-altq
Changes since 1.239: +3 -2 lines
Diff to previous 1.239 (colored) next main 1.240 (colored)

Merge 2006-05-24 NetBSD-current into the "peter-altq" branch.

Revision 1.239.2.1 / (download) - annotate - [select for diffs], Wed May 24 10:59:03 2006 UTC (17 years, 9 months ago) by yamt
Branch: yamt-pdpolicy
Changes since 1.239: +3 -2 lines
Diff to previous 1.239 (colored)

sync with head.

Revision 1.238.2.2 / (download) - annotate - [select for diffs], Sat Apr 22 11:40:10 2006 UTC (17 years, 10 months ago) by simonb
Branch: simonb-timecounters
CVS Tags: simonb-timcounters-final
Changes since 1.238.2.1: +5 -4 lines
Diff to previous 1.238.2.1 (colored) next main 1.239 (colored)

Sync with head.

Revision 1.239.4.1 / (download) - annotate - [select for diffs], Wed Apr 19 04:46:11 2006 UTC (17 years, 10 months ago) by elad
Branch: elad-kernelauth
Changes since 1.239: +3 -2 lines
Diff to previous 1.239 (colored) next main 1.240 (colored)

sync with head.

Revision 1.240 / (download) - annotate - [select for diffs], Sat Apr 15 02:32:22 2006 UTC (17 years, 10 months ago) by christos
Branch: MAIN
CVS Tags: yamt-pdpolicy-base5, elad-kernelauth-base
Branch point for: chap-midi
Changes since 1.239: +3 -2 lines
Diff to previous 1.239 (colored)

Coverity CID 1152: Add KASSERT before deref.

Revision 1.237.2.2 / (download) - annotate - [select for diffs], Wed Mar 1 09:28:47 2006 UTC (18 years ago) by yamt
Branch: yamt-uio_vmspace
Changes since 1.237.2.1: +4 -4 lines
Diff to previous 1.237.2.1 (colored) to branchpoint 1.237 (colored) next main 1.238 (colored)

sync with head.

Revision 1.239 / (download) - annotate - [select for diffs], Sat Feb 18 17:34:49 2006 UTC (18 years ago) by rpaulo
Branch: MAIN
CVS Tags: yamt-uio_vmspace-base5, yamt-pdpolicy-base4, yamt-pdpolicy-base3, yamt-pdpolicy-base2, yamt-pdpolicy-base, peter-altq-base
Branch point for: yamt-pdpolicy, peter-altq, elad-kernelauth
Changes since 1.238: +4 -4 lines
Diff to previous 1.238 (colored)

PR 13952: Noritoshi Demizu: correct the TCP window information update check.

Revision 1.237.2.1 / (download) - annotate - [select for diffs], Sat Feb 18 15:39:23 2006 UTC (18 years ago) by yamt
Branch: yamt-uio_vmspace
Changes since 1.237: +5 -2 lines
Diff to previous 1.237 (colored)

sync with head.

Revision 1.237.4.2 / (download) - annotate - [select for diffs], Sun Feb 5 03:15:53 2006 UTC (18 years ago) by rpaulo
Branch: rpaulo-netinet-merge-pcb
Changes since 1.237.4.1: +15 -14 lines
Diff to previous 1.237.4.1 (colored) to branchpoint 1.237 (colored)

Adapt to in6pcb -> inpcb changes.

Revision 1.237.4.1 / (download) - annotate - [select for diffs], Sun Feb 5 03:09:11 2006 UTC (18 years ago) by rpaulo
Branch: rpaulo-netinet-merge-pcb
Changes since 1.237: +2 -3 lines
Diff to previous 1.237 (colored)

<netinet6/in6_pcb.h> went away. Bye!

Revision 1.238.2.1 / (download) - annotate - [select for diffs], Sat Feb 4 14:18:52 2006 UTC (18 years ago) by simonb
Branch: simonb-timecounters
Changes since 1.238: +2 -4 lines
Diff to previous 1.238 (colored)

Adapt for timecounters: mostly use get*time(), use bintime's for timeout
calculations and use "time_second" instead of "time.tv_sec".

Revision 1.238 / (download) - annotate - [select for diffs], Thu Feb 2 05:52:23 2006 UTC (18 years ago) by riz
Branch: MAIN
Branch point for: simonb-timecounters
Changes since 1.237: +5 -2 lines
Diff to previous 1.237 (colored)

If TCP_SIGNATURE is defined, include netinet6/scope6_var.h for the
prototype of in6_clearscope().  Kernels with options TCP_SIGNATURE now
compile again after the IPv6 scoped address changes.

Revision 1.171.2.11 / (download) - annotate - [select for diffs], Sun Dec 11 10:29:24 2005 UTC (18 years, 2 months ago) by christos
Branch: ktrace-lwp
Changes since 1.171.2.10: +4 -4 lines
Diff to previous 1.171.2.10 (colored) next main 1.172 (colored)

Sync with head.

Revision 1.236.6.1 / (download) - annotate - [select for diffs], Tue Nov 22 16:08:21 2005 UTC (18 years, 3 months ago) by yamt
Branch: yamt-readahead
Changes since 1.236: +4 -4 lines
Diff to previous 1.236 (colored) next main 1.237 (colored)

sync with head.

Revision 1.237 / (download) - annotate - [select for diffs], Tue Nov 15 18:39:46 2005 UTC (18 years, 3 months ago) by dsl
Branch: MAIN
CVS Tags: yamt-readahead-base3, yamt-readahead-base2, ktrace-lwp-base
Branch point for: yamt-uio_vmspace, rpaulo-netinet-merge-pcb
Changes since 1.236: +4 -4 lines
Diff to previous 1.236 (colored)

Pass the current process structure to in_pcbconnect() so that it can
pass it to in_pcbbind() so that can allocate a low numbered port
if setsockopt() has been used to set IP_PORTRANGE to IP_PORTRANGE_LOW.
While there, fail in_pcbconnect() if the in_pcbbind() fails - rather
than sending the request out from a port of zero.
This has been largely broken since the socket option was added in 1998.

Revision 1.171.2.10 / (download) - annotate - [select for diffs], Thu Nov 10 14:11:07 2005 UTC (18 years, 3 months ago) by skrll
Branch: ktrace-lwp
Changes since 1.171.2.9: +121 -38 lines
Diff to previous 1.171.2.9 (colored)

Sync with HEAD. Here we go again...

Revision 1.236 / (download) - annotate - [select for diffs], Fri Aug 12 14:41:00 2005 UTC (18 years, 6 months ago) by christos
Branch: MAIN
CVS Tags: yamt-vop-base3, yamt-vop-base2, yamt-vop-base, yamt-vop, yamt-readahead-pervnode, yamt-readahead-perfile, yamt-readahead-base, thorpej-vnode-attr-base, thorpej-vnode-attr
Branch point for: yamt-readahead
Changes since 1.235: +3 -2 lines
Diff to previous 1.235 (colored)

If called from syn_cache_add, we need to initialize t_state before calling
tcp_dooptions. Pointed out by yamt.

Revision 1.235 / (download) - annotate - [select for diffs], Fri Aug 12 04:19:22 2005 UTC (18 years, 6 months ago) by hubertf
Branch: MAIN
Changes since 1.234: +3 -4 lines
Diff to previous 1.234 (colored)

Clarify comment that "the protocol specification dated September, 1981"
is really RFC 793.

Revision 1.234 / (download) - annotate - [select for diffs], Thu Aug 11 22:25:18 2005 UTC (18 years, 6 months ago) by christos
Branch: MAIN
Changes since 1.233: +15 -7 lines
Diff to previous 1.233 (colored)

Don't process TCP options in SYN packets after the connection has
been established. (FreeBSD-SA-05:15.tcp)

Revision 1.233 / (download) - annotate - [select for diffs], Wed Aug 10 13:06:49 2005 UTC (18 years, 6 months ago) by yamt
Branch: MAIN
Changes since 1.232: +3 -2 lines
Diff to previous 1.232 (colored)

move {tcp,udp}_do_loopback_cksum back to tcp/udp
so that they can be referenced by ipv6.

Revision 1.232 / (download) - annotate - [select for diffs], Wed Aug 10 13:05:16 2005 UTC (18 years, 6 months ago) by yamt
Branch: MAIN
Changes since 1.231: +38 -6 lines
Diff to previous 1.231 (colored)

device independent part of ipv6 rx checksum offloading.

Revision 1.231 / (download) - annotate - [select for diffs], Tue Jul 19 17:00:02 2005 UTC (18 years, 7 months ago) by christos
Branch: MAIN
Changes since 1.230: +27 -2 lines
Diff to previous 1.230 (colored)

Implement PMTU checks from:

        http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html

1. Don't act on ICMP-need-frag immediately if adhoc checks on the
advertised MTU fail. The MTU update is delayed until a TCP retransmit
happens.
2. Ignore ICMP Source Quench messages meant for TCP connections.

From OpenBSD.

Revision 1.230 / (download) - annotate - [select for diffs], Thu Jun 30 02:58:28 2005 UTC (18 years, 8 months ago) by christos
Branch: MAIN
Branch point for: yamt-lazymbuf
Changes since 1.229: +20 -4 lines
Diff to previous 1.229 (colored)

Normalize our PAWS code with Free and Open, as mentioned in tech-security.

Revision 1.229 / (download) - annotate - [select for diffs], Mon Jun 6 12:10:09 2005 UTC (18 years, 8 months ago) by yamt
Branch: MAIN
Changes since 1.228: +12 -9 lines
Diff to previous 1.228 (colored)

tcp_input: don't overload opti.ts_ecr.

Revision 1.228 / (download) - annotate - [select for diffs], Sun May 29 21:41:23 2005 UTC (18 years, 9 months ago) by christos
Branch: MAIN
Changes since 1.227: +13 -13 lines
Diff to previous 1.227 (colored)

- add const
- remove bogus casts
- avoid nested variables

Revision 1.212.2.1 / (download) - annotate - [select for diffs], Fri Apr 29 11:29:33 2005 UTC (18 years, 10 months ago) by kent
Branch: kent-audio2
Changes since 1.212: +274 -195 lines
Diff to previous 1.212 (colored) next main 1.213 (colored)

sync with -current

Revision 1.224.2.2 / (download) - annotate - [select for diffs], Thu Apr 28 11:02:08 2005 UTC (18 years, 10 months ago) by tron
Branch: netbsd-3
CVS Tags: netbsd-3-1-RC4, netbsd-3-1-RC3, netbsd-3-1-RC2, netbsd-3-1-RC1, netbsd-3-0-RELEASE, netbsd-3-0-RC6, netbsd-3-0-RC5, netbsd-3-0-RC4, netbsd-3-0-RC3, netbsd-3-0-RC2, netbsd-3-0-RC1, netbsd-3-0-1-RELEASE
Branch point for: netbsd-3-0
Changes since 1.224.2.1: +2 -2 lines
Diff to previous 1.224.2.1 (colored) to branchpoint 1.224 (colored)

Pull up revision 1.227 (requested by manu in ticket #206):
Fix build problem after recent NAT-T changes

Revision 1.227 / (download) - annotate - [select for diffs], Tue Apr 26 05:37:45 2005 UTC (18 years, 10 months ago) by manu
Branch: MAIN
CVS Tags: kent-audio2-base
Changes since 1.226: +4 -4 lines
Diff to previous 1.226 (colored)

Fix build problem after recent NAT-T changes

Revision 1.190.2.6.2.2 / (download) - annotate - [select for diffs], Fri Apr 22 06:58:50 2005 UTC (18 years, 10 months ago) by tron
Branch: netbsd-2
CVS Tags: netbsd-2-1-RELEASE, netbsd-2-1-RC6, netbsd-2-1-RC5, netbsd-2-1-RC4, netbsd-2-1-RC3, netbsd-2-1-RC2, netbsd-2-1-RC1, netbsd-2-1
Changes since 1.190.2.6.2.1: +4 -5 lines
Diff to previous 1.190.2.6.2.1 (colored) to branchpoint 1.190.2.6 (colored) next main 1.190.2.7 (colored)

Apply patch (requested by christos in ticket #1445):
Fix TCP performance problems introduced in ticket 1401.

Revision 1.190.2.8 / (download) - annotate - [select for diffs], Fri Apr 22 06:58:40 2005 UTC (18 years, 10 months ago) by tron
Branch: netbsd-2-0
CVS Tags: netbsd-2-0-3-RELEASE
Changes since 1.190.2.7: +4 -5 lines
Diff to previous 1.190.2.7 (colored) to branchpoint 1.190 (colored) next main 1.191 (colored)

Apply patch (requested by christos in ticket #1445):
Fix TCP performance problems introduced in ticket 1401.

Revision 1.190.2.6.2.1 / (download) - annotate - [select for diffs], Wed Apr 6 13:50:45 2005 UTC (18 years, 10 months ago) by tron
Branch: netbsd-2
Changes since 1.190.2.6: +17 -2 lines
Diff to previous 1.190.2.6 (colored)

Apply patch (requested by christos in ticket #1401):
If an echoed RFC 1323 time stamp appears to be later than the current time,
ignore it and fall back to old-style RTT calculation.  This prevents ending
up with a negative RTT and panicking later.

Revision 1.190.2.7 / (download) - annotate - [select for diffs], Wed Apr 6 13:48:34 2005 UTC (18 years, 10 months ago) by tron
Branch: netbsd-2-0
Changes since 1.190.2.6: +17 -2 lines
Diff to previous 1.190.2.6 (colored) to branchpoint 1.190 (colored)

Apply patch (requested by christos in ticket #1401):
If an echoed RFC 1323 time stamp appears to be later than the current time,
ignore it and fall back to old-style RTT calculation.  This prevents ending
up with a negative RTT and panicking later.

Revision 1.224.2.1 / (download) - annotate - [select for diffs], Mon Apr 4 17:22:08 2005 UTC (18 years, 10 months ago) by tron
Branch: netbsd-3
Changes since 1.224: +38 -12 lines
Diff to previous 1.224 (colored)

Pull up revision 1.225 (requested by yamt in ticket #90):
protect tcpipqent with splvm.

Revision 1.226 / (download) - annotate - [select for diffs], Sun Apr 3 05:02:46 2005 UTC (18 years, 10 months ago) by yamt
Branch: MAIN
Changes since 1.225: +3 -5 lines
Diff to previous 1.225 (colored)

tcp_input: update a comment to match with the code.

Revision 1.171.2.9 / (download) - annotate - [select for diffs], Fri Apr 1 14:31:50 2005 UTC (18 years, 11 months ago) by skrll
Branch: ktrace-lwp
Changes since 1.171.2.8: +52 -16 lines
Diff to previous 1.171.2.8 (colored)

Sync with HEAD.

Revision 1.225 / (download) - annotate - [select for diffs], Tue Mar 29 20:10:16 2005 UTC (18 years, 11 months ago) by yamt
Branch: MAIN
Changes since 1.224: +38 -12 lines
Diff to previous 1.224 (colored)

protect tcpipqent with splvm.

Revision 1.212.4.2 / (download) - annotate - [select for diffs], Sat Mar 19 08:36:38 2005 UTC (18 years, 11 months ago) by yamt
Branch: yamt-km
Changes since 1.212.4.1: +78 -28 lines
Diff to previous 1.212.4.1 (colored) to branchpoint 1.212 (colored) next main 1.213 (colored)

sync with head.  xen and whitespace.  xen part is not finished.

Revision 1.224 / (download) - annotate - [select for diffs], Wed Mar 16 00:39:56 2005 UTC (18 years, 11 months ago) by yamt
Branch: MAIN
CVS Tags: yamt-km-base4, yamt-km-base3, netbsd-3-base
Branch point for: netbsd-3
Changes since 1.223: +16 -6 lines
Diff to previous 1.223 (colored)

simplify data receiver side sack processing.
- introduce t_segqlen, the number of segments in segq/timeq.
  the name is from freebsd.
- rather than maintaining a copy of sack blocks (rcv_sack_block[]),
  build it directly from the segment list when needed.

Revision 1.171.2.8 / (download) - annotate - [select for diffs], Fri Mar 4 16:53:29 2005 UTC (18 years, 11 months ago) by skrll
Branch: ktrace-lwp
Changes since 1.171.2.7: +68 -28 lines
Diff to previous 1.171.2.7 (colored)

Sync with HEAD.

Hi Perry!

Revision 1.223 / (download) - annotate - [select for diffs], Wed Mar 2 10:20:18 2005 UTC (19 years ago) by mycroft
Branch: MAIN
Changes since 1.222: +5 -3 lines
Diff to previous 1.222 (colored)

Copyright maintenance.

Revision 1.222 / (download) - annotate - [select for diffs], Mon Feb 28 16:20:59 2005 UTC (19 years ago) by jonathan
Branch: MAIN
Changes since 1.221: +61 -23 lines
Diff to previous 1.221 (colored)

Commit TCP SACK patches from Kentaro A. Karahone's patch at:
   http://www.sigusr1.org/~kurahone/tcp-sack-netbsd-02152005.diff.gz

Fixes in that patch for pre-existing TCP pcb initializations were already
committed to NetBSD-current, so are not included in this commit.

The SACK patch has been observed to correctly negotiate and respond,
to SACKs in wide-area traffic.

There are two indepenently-observed, as-yet-unresolved anomalies:
First, seeing unexplained delays between in fast retransmission
(potentially explainable by an 0.2sec RTT between adjacent
ethernet/wifi NICs); and second, peculiar and unepxlained TCP
retransmits observed over an ath0 card.

After discussion with several interested developers, I'm committing
this now, as-is, for more eyes to use and look over.  Current hypothesis
is that the anomalies above may in fact be due to link/level (hardware,
driver, HAL, firmware) abberations in the test setup, affecting  both
Kentaro's  wired-Ethernet NIC and in my two (different) WiFi NICs.

Revision 1.221 / (download) - annotate - [select for diffs], Sat Feb 26 22:45:12 2005 UTC (19 years ago) by perry
Branch: MAIN
Changes since 1.220: +6 -6 lines
Diff to previous 1.220 (colored)

nuke trailing whitespace

Revision 1.212.4.1 / (download) - annotate - [select for diffs], Sat Feb 12 18:17:54 2005 UTC (19 years ago) by yamt
Branch: yamt-km
Changes since 1.212: +164 -159 lines
Diff to previous 1.212 (colored)

sync with head.

Revision 1.171.2.7 / (download) - annotate - [select for diffs], Fri Feb 4 11:47:48 2005 UTC (19 years ago) by skrll
Branch: ktrace-lwp
Changes since 1.171.2.6: +164 -159 lines
Diff to previous 1.171.2.6 (colored)

Sync with HEAD.

Revision 1.220 / (download) - annotate - [select for diffs], Thu Feb 3 23:39:32 2005 UTC (19 years ago) by perry
Branch: MAIN
CVS Tags: yamt-km-base2
Changes since 1.219: +28 -76 lines
Diff to previous 1.219 (colored)

ANSIfy function declarations

Revision 1.219 / (download) - annotate - [select for diffs], Wed Feb 2 21:41:55 2005 UTC (19 years ago) by perry
Branch: MAIN
Changes since 1.218: +4 -5 lines
Diff to previous 1.218 (colored)

de-__P -- will ANSIfy .c files later.

Revision 1.218 / (download) - annotate - [select for diffs], Fri Jan 28 00:18:22 2005 UTC (19 years, 1 month ago) by mycroft
Branch: MAIN
Changes since 1.217: +20 -15 lines
Diff to previous 1.217 (colored)

Several changes based on comparison with NS:

1) dupseg_fix_=true from NS: do not count a segment with completely duplicate
data as a duplicate ack.  This can occur due to duplicate packets in the
network, or due to fast retransmit from the other side.

2) dupack_reset_=false from NS: do not reset the duplicate ack counter or exit
fast recovery if we happen to get data or a window update along with a
duplicate ack.

3) In the "very old ack" case that itojun added, send an ACK before dropping
the segment, to try to update the other side's send sequence number.

4) Check the ssthresh crossover point with >= rather than >.  Otherwise we
start to do "exponential" growth immediately following recovery, where we
should be doing "linear".  This is what NS does.

Revision 1.217 / (download) - annotate - [select for diffs], Thu Jan 27 17:14:04 2005 UTC (19 years, 1 month ago) by mycroft
Branch: MAIN
Changes since 1.216: +6 -6 lines
Diff to previous 1.216 (colored)

There is no reason to adjust ts_recent_age for ts_timebase; it's strictly an
internal variable.

Revision 1.216 / (download) - annotate - [select for diffs], Thu Jan 27 17:10:07 2005 UTC (19 years, 1 month ago) by mycroft
Branch: MAIN
Changes since 1.215: +4 -5 lines
Diff to previous 1.215 (colored)

Do the other TCP_PAWS_IDLE check unsigned as well.  It doesn't do us any harm,
and it could detect even older time stamps.  (Really, to be 100% correct, there
should be a timer that clears these out -- but it probably doesn't matter in
the real world.)

Revision 1.215 / (download) - annotate - [select for diffs], Thu Jan 27 16:56:06 2005 UTC (19 years, 1 month ago) by mycroft
Branch: MAIN
Changes since 1.214: +7 -9 lines
Diff to previous 1.214 (colored)

Also check whether an echoed RTT is very large -- this *could* cause the
smoothing function to overflow.  I use TCP_PAWS_IDLE (24 days) for this.

Revision 1.214 / (download) - annotate - [select for diffs], Thu Jan 27 03:39:36 2005 UTC (19 years, 1 month ago) by mycroft
Branch: MAIN
Changes since 1.213: +42 -17 lines
Diff to previous 1.213 (colored)

Introduce a new state variable, t_partialacks.  It has 3 states:
* t_partialacks<0 means we are not in fast recovery.
* t_partialacks==0 means we are in fast recovery, but we have not received
  any partial acks yet.
* t_partialacks>0 means we are in fast recovery, and we have received
  partial acks.

This is used to implement 2 changes in RFC 3782:
* We keep the notion that we are in fast recovery separate from t_dupacks, so
  it is not reset due to out-of-order acks.  (This affects both the Reno and
  NewReno cases.)
* We only reset the retransmit timer on the first partial ack -- preventing us
  from possibly taking one RTO per segment once fast recovery is initiated.

As before, it is hard to measure any difference between Reno and NewReno in the
real-world cases that I've tested.

Revision 1.213 / (download) - annotate - [select for diffs], Wed Jan 26 21:49:27 2005 UTC (19 years, 1 month ago) by mycroft
Branch: MAIN
Changes since 1.212: +86 -59 lines
Diff to previous 1.212 (colored)

Fix two problems in our TCP stack:

1) If an echoed RFC 1323 time stamp appears to be later than the current time,
   ignore it and fall back to old-style RTT calculation.  This prevents ending
   up with a negative RTT and panicking later.

2) Fix NewReno.  This involves a few changes:

   a) Implement the send_high variable in RFC 2582.  Our implementation is
      subtly different; it is one *past* the last sequence number transmitted
      rather than being equal to it.  This simplifies some logic and makes
      the code smaller.  Additional logic was required to prevent sequence
      number wraparound problems; this is not mentioned in RFC 2582.

   b) Make sure we reset t_dupacks on new acks, but *not* on a partial ack.
      All of the new ack code is pushed out into tcp_newreno().  (Later this
      will probably be a pluggable function.)  Thus t_dupacks keeps track of
      whether we're in fast recovery all the time, with Reno or NewReno, which
      keeps some logic simpler.

   c) We do not need to update snd_recover when we're not in fast recovery.
      See tech-net for an explanation of this.

   d) In the gratuitous fast retransmit prevention case, do not send a packet.
      RFC 2582 specifically says that we should "do nothing".

   e) Do not inflate the congestion window on a partial ack.  (This is done by
      testing t_dupacks to see whether we're still in fast recovery.)

This brings the performance of NewReno back up to the same as Reno in a few
random test cases (e.g. transferring peer-to-peer over my wireless network).
I have not concocted a good test case for the behavior specific to NewReno.

Revision 1.171.2.6 / (download) - annotate - [select for diffs], Mon Jan 17 19:32:54 2005 UTC (19 years, 1 month ago) by skrll
Branch: ktrace-lwp
Changes since 1.171.2.5: +85 -59 lines
Diff to previous 1.171.2.5 (colored)

Sync with HEAD.

Revision 1.212 / (download) - annotate - [select for diffs], Tue Dec 21 05:51:31 2004 UTC (19 years, 2 months ago) by yamt
Branch: MAIN
CVS Tags: yamt-km-base, kent-audio1-beforemerge
Branch point for: yamt-km, kent-audio2
Changes since 1.211: +85 -59 lines
Diff to previous 1.211 (colored)

factor out receive side tcp/udp checksum handling code so that they
can be used by eg. packet filters.

reviewed by Christos Zoulas on tech-net@.
(slightly tweaked since then to make tcp and udp similar.)

Revision 1.171.2.5 / (download) - annotate - [select for diffs], Sat Dec 18 11:21:24 2004 UTC (19 years, 2 months ago) by skrll
Branch: ktrace-lwp
Changes since 1.171.2.4: +7 -4 lines
Diff to previous 1.171.2.4 (colored)

Sync with HEAD.

Revision 1.171.2.4 / (download) - annotate - [select for diffs], Sat Dec 18 09:33:05 2004 UTC (19 years, 2 months ago) by skrll
Branch: ktrace-lwp
Changes since 1.171.2.3: +14 -6 lines
Diff to previous 1.171.2.3 (colored)

Sync with HEAD.

Revision 1.211 / (download) - annotate - [select for diffs], Sat Dec 18 07:30:17 2004 UTC (19 years, 2 months ago) by yamt
Branch: MAIN
Changes since 1.210: +7 -4 lines
Diff to previous 1.210 (colored)

tcp_input: add missing loopback checksum omission code for ipv6.

Revision 1.210 / (download) - annotate - [select for diffs], Wed Dec 15 04:25:19 2004 UTC (19 years, 2 months ago) by thorpej
Branch: MAIN
Changes since 1.209: +14 -6 lines
Diff to previous 1.209 (colored)

Don't perform checksums on loopback interfaces.  They can be reenabled with
the net.inet.*.do_loopback_cksum sysctl.

Approved by: groo

Revision 1.171.2.3 / (download) - annotate - [select for diffs], Tue Sep 21 13:37:13 2004 UTC (19 years, 5 months ago) by skrll
Branch: ktrace-lwp
Changes since 1.171.2.2: +0 -0 lines
Diff to previous 1.171.2.2 (colored)

Fix the sync with head I botched.

Revision 1.190.2.6 / (download) - annotate - [select for diffs], Sun Sep 19 15:38:01 2004 UTC (19 years, 5 months ago) by he
Branch: netbsd-2-0
CVS Tags: netbsd-2-base, netbsd-2-0-RELEASE, netbsd-2-0-RC5, netbsd-2-0-RC4, netbsd-2-0-RC3, netbsd-2-0-RC2, netbsd-2-0-RC1, netbsd-2-0-2-RELEASE, netbsd-2-0-1-RELEASE
Branch point for: netbsd-2
Changes since 1.190.2.5: +3 -3 lines
Diff to previous 1.190.2.5 (colored) to branchpoint 1.190 (colored)

Apply patch (requested by yamt in ticket #861):
  Fix this so it compiles again; we cannot use the link
  set macros for pool initialization on this release branch.

Revision 1.190.2.5 / (download) - annotate - [select for diffs], Sat Sep 18 19:35:05 2004 UTC (19 years, 5 months ago) by he
Branch: netbsd-2-0
Changes since 1.190.2.4: +9 -7 lines
Diff to previous 1.190.2.4 (colored) to branchpoint 1.190 (colored)

Pull up revision 1.209 (requested by yamt in ticket #861):
  Fix ipqent pool corruption problems.  Make the TCP reassembly
  code use its own pool of ipqent rather than sharing it with
  the IP reassembly code.  Fixes PR#24782.

Revision 1.171.2.2 / (download) - annotate - [select for diffs], Sat Sep 18 14:54:54 2004 UTC (19 years, 5 months ago) by skrll
Branch: ktrace-lwp
Changes since 1.171.2.1: +9 -7 lines
Diff to previous 1.171.2.1 (colored)

Sync with HEAD.

Revision 1.209 / (download) - annotate - [select for diffs], Wed Sep 15 09:21:22 2004 UTC (19 years, 5 months ago) by yamt
Branch: MAIN
CVS Tags: kent-audio1-base, kent-audio1
Changes since 1.208: +9 -7 lines
Diff to previous 1.208 (colored)

fix ipqent pool corruption problems.  make tcp reass code use
its own pool of ipqent rather than sharing it with ip reass code.
PR/24782.

Revision 1.171.2.1 / (download) - annotate - [select for diffs], Tue Aug 3 10:54:44 2004 UTC (19 years, 6 months ago) by skrll
Branch: ktrace-lwp
Changes since 1.171: +494 -130 lines
Diff to previous 1.171 (colored)

Sync with HEAD

Revision 1.208 / (download) - annotate - [select for diffs], Sat Jun 26 03:29:15 2004 UTC (19 years, 8 months ago) by itojun
Branch: MAIN
CVS Tags: BEFORE-IPF413
Changes since 1.207: +18 -6 lines
Diff to previous 1.207 (colored)

correct TCP-MD5 support.  Jeff Rizzo

Revision 1.207 / (download) - annotate - [select for diffs], Sun May 23 00:37:27 2004 UTC (19 years, 9 months ago) by jonathan
Branch: MAIN
Changes since 1.206: +2 -5 lines
Diff to previous 1.206 (colored)

Remove now-unused variable.

Revision 1.206 / (download) - annotate - [select for diffs], Tue May 18 14:44:14 2004 UTC (19 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.205: +259 -47 lines
Diff to previous 1.205 (colored)

fix MD5 signature support to actually validate inbound signature, and
drop packet if fails.

Revision 1.190.2.4 / (download) - annotate - [select for diffs], Mon May 10 14:59:59 2004 UTC (19 years, 9 months ago) by tron
Branch: netbsd-2-0
Changes since 1.190.2.3: +3 -2 lines
Diff to previous 1.190.2.3 (colored) to branchpoint 1.190 (colored)

Pull up revision 1.205 (requested by jonathan in ticket #280):
Redo net.inet.* sysctl subtree for fast-ipsec from scratch.
Attach FAST-IPSEC statistics with 64-bit counters to new sysctl MIB.
Rework netstat to show FAST_IPSEC statistics, via sysctl,  for
netstat -p ipsec.
New kernel files:
	sys/netipsec/Makefile		(new file; install *_var.h includes)
	sys/netipsec/ipsec_var.h	(new 64-bit mib counter struct)
Changed kernel files:
	sys/Makefile			(recurse into sys/netipsec/)
	sys/netinet/in.h		(fake IP_PROTO name for fast_ipsec
					sysctl subtree.)
	sys/netipsec/ipsec.h		(minimal userspace inclusion)
	sys/netipsec/ipsec_osdep.h	(minimal userspace inclusion)
	sys/netipsec/ipsec_netbsd.c	(redo sysctl subtree from scratch)
	sys/netipsec/key*.c		(fix broken net.key subtree)
	sys/netipsec/ah_var.h		(increase all counters to 64 bits)
	sys/netipsec/esp_var.h		(increase all counters to 64 bits)
	sys/netipsec/ipip_var.h		(increase all counters to 64 bits)
	sys/netipsec/ipcomp_var.h	(increase all counters to 64 bits)
	sys/netipsec/ipsec.c		(add #include netipsec/ipsec_var.h)
	sys/netipsec/ipsec_mbuf.c	(add #include netipsec/ipsec_var.h)
	sys/netipsec/ipsec_output.c	(add #include netipsec/ipsec_var.h)
	sys/netinet/raw_ip.c		(add #include netipsec/ipsec_var.h)
	sys/netinet/tcp_input.c		(add #include netipsec/ipsec_var.h)
	sys/netinet/udp_usrreq.c	(add #include netipsec/ipsec_var.h)
Changes to usr.bin/netstat to print the new fast-ipsec sysctl tree
for "netstat -s -p ipsec":
New file:
	usr.bin/netstat/fast_ipsec.c	(print fast-ipsec counters)
Changed files:
	usr.bin/netstat/Makefile	(add fast_ipsec.c)
	usr.bin/netstat/netstat.h	(declarations for fast_ipsec.c)
	usr.bin/netstat/main.c		(call KAME-vs-fast-ipsec dispatcher)

Revision 1.205 / (download) - annotate - [select for diffs], Fri May 7 00:55:15 2004 UTC (19 years, 9 months ago) by jonathan
Branch: MAIN
Changes since 1.204: +3 -2 lines
Diff to previous 1.204 (colored)

Redo net.inet.* sysctl subtree for fast-ipsec from scratch.
Attach FAST-IPSEC statistics with 64-bit counters to new sysctl MIB.
Rework netstat to show FAST_IPSEC statistics, via sysctl,  for
netstat -p ipsec.

New kernel files:
	sys/netipsec/Makefile		(new file; install *_var.h includes)
	sys/netipsec/ipsec_var.h	(new 64-bit mib counter struct)

Changed kernel files:
	sys/Makefile			(recurse into sys/netipsec/)
	sys/netinet/in.h		(fake IP_PROTO name for fast_ipsec
					sysctl subtree.)
	sys/netipsec/ipsec.h		(minimal userspace inclusion)
	sys/netipsec/ipsec_osdep.h	(minimal userspace inclusion)
	sys/netipsec/ipsec_netbsd.c	(redo sysctl subtree from scratch)
	sys/netipsec/key*.c		(fix broken net.key subtree)

	sys/netipsec/ah_var.h		(increase all counters to 64 bits)
	sys/netipsec/esp_var.h		(increase all counters to 64 bits)
	sys/netipsec/ipip_var.h		(increase all counters to 64 bits)
	sys/netipsec/ipcomp_var.h	(increase all counters to 64 bits)

	sys/netipsec/ipsec.c		(add #include netipsec/ipsec_var.h)
	sys/netipsec/ipsec_mbuf.c	(add #include netipsec/ipsec_var.h)
	sys/netipsec/ipsec_output.c	(add #include netipsec/ipsec_var.h)

	sys/netinet/raw_ip.c		(add #include netipsec/ipsec_var.h)
	sys/netinet/tcp_input.c		(add #include netipsec/ipsec_var.h)
	sys/netinet/udp_usrreq.c	(add #include netipsec/ipsec_var.h)

Changes to usr.bin/netstat to print the new fast-ipsec sysctl tree
for "netstat -s -p ipsec":

New file:
	usr.bin/netstat/fast_ipsec.c	(print fast-ipsec counters)

Changed files:
	usr.bin/netstat/Makefile	(add fast_ipsec.c)
	usr.bin/netstat/netstat.h	(declarations for fast_ipsec.c)
	usr.bin/netstat/main.c		(call KAME-vs-fast-ipsec dispatcher)

Revision 1.190.2.3 / (download) - annotate - [select for diffs], Thu Apr 29 04:22:33 2004 UTC (19 years, 10 months ago) by jmc
Branch: netbsd-2-0
Changes since 1.190.2.2: +9 -2 lines
Diff to previous 1.190.2.2 (colored) to branchpoint 1.190 (colored)

Pullup rev 1.204 (requested by matt in ticket #213)

When a packet is received that overlaps the left side of the window,
check for RST *before* trimming data and adjust its sequence number.

Revision 1.204 / (download) - annotate - [select for diffs], Tue Apr 27 14:46:07 2004 UTC (19 years, 10 months ago) by matt
Branch: MAIN
Changes since 1.203: +9 -2 lines
Diff to previous 1.203 (colored)

When a packet is received that overlaps the left side of the window,
check for RST *before* trimming data and adjust its sequence number.

Revision 1.203 / (download) - annotate - [select for diffs], Mon Apr 26 03:54:28 2004 UTC (19 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.202: +4 -4 lines
Diff to previous 1.202 (colored)

make TCP MD5 signature work with KAME IPSEC (#define IPSEC).

support IPv6 if KAME IPSEC (RFC is not explicit about how we make data stream
for checksum with IPv6, but i'm pretty sure using normal pseudo-header is the
right thing).

XXX
current TCP MD5 signature code has giant flaw:
it does not validate signature on input (can't believe it! what is the point?)

Revision 1.202 / (download) - annotate - [select for diffs], Mon Apr 26 01:31:57 2004 UTC (19 years, 10 months ago) by matt
Branch: MAIN
Changes since 1.201: +2 -7 lines
Diff to previous 1.201 (colored)

Remove #else clause of __STDC__

Revision 1.201 / (download) - annotate - [select for diffs], Sun Apr 25 22:25:03 2004 UTC (19 years, 10 months ago) by jonathan
Branch: MAIN
Changes since 1.200: +56 -2 lines
Diff to previous 1.200 (colored)

Initial commit of a port of the FreeBSD implementation of RFC 2385
(MD5 signatures for TCP, as used with BGP).  Credit for original
FreeBSD code goes to Bruce M. Simpson, with FreeBSD sponsorship
credited to sentex.net.  Shortening of the setsockopt() name
attributed to Vincent Jardin.

This commit is a minimal, working version of the FreeBSD code, as
MFC'ed to FreeBSD-4. It has received minimal testing with a ttcp
modified to set the TCP-MD5 option; BMS's additions to tcpdump-current
(tcpdump -M) confirm that the MD5 signatures are correct.  Committed
as-is for further testing between a NetBSD BGP speaker (e.g., quagga)
and industry-standard BGP speakers (e.g., Cisco, Juniper).


NOTE: This version has two potential flaws. First, I do see any code
that verifies recieved TCP-MD5 signatures.  Second, the TCP-MD5
options are internally padded and assumed to be 32-bit aligned. A more
space-efficient scheme is to pack all TCP options densely (and
possibly unaligned) into the TCP header ; then do one final padding to
a 4-byte boundary.  Pre-existing comments note that accounting for
TCP-option space when we add SACK is yet to be done. For now, I'm
punting on that; we can solve it properly, in a way that will handle
SACK blocks, as a separate exercise.

In case a pullup to NetBSD-2 is requested, this adds sys/netipsec/xform_tcp.c
,and modifies:

sys/net/pfkeyv2.h,v 1.15
sys/netinet/files.netinet,v 1.5
sys/netinet/ip.h,v 1.25
sys/netinet/tcp.h,v 1.15
sys/netinet/tcp_input.c,v 1.200
sys/netinet/tcp_output.c,v 1.109
sys/netinet/tcp_subr.c,v 1.165
sys/netinet/tcp_usrreq.c,v 1.89
sys/netinet/tcp_var.h,v 1.109
sys/netipsec/files.netipsec,v 1.3
sys/netipsec/ipsec.c,v 1.11
sys/netipsec/ipsec.h,v 1.7
sys/netipsec/key.c,v 1.11
share/man/man4/tcp.4,v 1.16
lib/libipsec/pfkey.c,v 1.20
lib/libipsec/pfkey_dump.c,v 1.17
lib/libipsec/policy_token.l,v 1.8
sbin/setkey/parse.y,v 1.14
sbin/setkey/setkey.8,v 1.27
sbin/setkey/token.l,v 1.15

Note that the preceding two revisions to tcp.4 will be
required to cleanly apply this diff.

Revision 1.200 / (download) - annotate - [select for diffs], Sun Apr 25 16:42:42 2004 UTC (19 years, 10 months ago) by simonb
Branch: MAIN
Changes since 1.199: +3 -7 lines
Diff to previous 1.199 (colored)

Initialise (most) pools from a link set instead of explicit calls
to pool_init.  Untouched pools are ones that either in arch-specific
code, or aren't initialiased during initial system startup.

 Convert struct session, ucred and lockf to pools.

Revision 1.199 / (download) - annotate - [select for diffs], Sun Apr 25 03:29:11 2004 UTC (19 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.198: +3 -4 lines
Diff to previous 1.198 (colored)

fix how we send RST against ACK.  markus@openbsd

Revision 1.198 / (download) - annotate - [select for diffs], Sun Apr 25 00:08:54 2004 UTC (19 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.197: +3 -3 lines
Diff to previous 1.197 (colored)

indent for little bit better readability

Revision 1.197 / (download) - annotate - [select for diffs], Sat Apr 24 23:59:13 2004 UTC (19 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.196: +3 -3 lines
Diff to previous 1.196 (colored)

fix comment; we no longer move ip+tcp into the same mbuf

Revision 1.196 / (download) - annotate - [select for diffs], Thu Apr 22 15:05:33 2004 UTC (19 years, 10 months ago) by ragge
Branch: MAIN
Changes since 1.195: +13 -5 lines
Diff to previous 1.195 (colored)

Avoid performance problem in tcp_reass() when appending mbufs to a chain
by keeping a pointer to the last mbuf in the chain.

Revision 1.190.2.2 / (download) - annotate - [select for diffs], Tue Apr 20 20:27:54 2004 UTC (19 years, 10 months ago) by jmc
Branch: netbsd-2-0
Changes since 1.190.2.1: +78 -30 lines
Diff to previous 1.190.2.1 (colored) to branchpoint 1.190 (colored)

Pullup patch (requested by itojun in ticket #169)

If a segment is received with RST set and the segment is completely to the
left of the receive window, ignore it.  Add some additional comments to
the code that deals with received segemnts that are completely to the right
of the receive window.  If an invalid SYN is received, force an ACK and
drop it; if the other side really sent the SYN; it'll respond with a reset.
Respond to RST by ACK, as suggested in NISCC recommendation.
Rate-limit ACKs against RSTs and SYNs.
If SYN is coming and RCV.NXT == SEG.SEQ, then ACK with value - 1.

Revision 1.141.4.8 / (download) - annotate - [select for diffs], Tue Apr 20 20:26:52 2004 UTC (19 years, 10 months ago) by jmc
Branch: netbsd-1-6
Changes since 1.141.4.7: +78 -30 lines
Diff to previous 1.141.4.7 (colored) to branchpoint 1.141 (colored) next main 1.142 (colored)

Pullup patch (requested by itojun in ticket #1680)

If a segment is received with RST set and the segment is completely to the
left of the receive window, ignore it.  Add some additional comments to
the code that deals with received segemnts that are completely to the right
of the receive window.  If an invalid SYN is received, force an ACK and
drop it; if the other side really sent the SYN; it'll respond with a reset.
Respond to RST by ACK, as suggested in NISCC recommendation.
Rate-limit ACKs against RSTs and SYNs.
If SYN is coming and RCV.NXT == SEG.SEQ, then ACK with value - 1.

Revision 1.108.4.15 / (download) - annotate - [select for diffs], Tue Apr 20 20:25:39 2004 UTC (19 years, 10 months ago) by jmc
Branch: netbsd-1-5
Changes since 1.108.4.14: +77 -29 lines
Diff to previous 1.108.4.14 (colored) to branchpoint 1.108 (colored) next main 1.109 (colored)

Pullup patch (requested by itojun in ticket #143)

If a segment is received with RST set and the segment is completely to the
left of the receive window, ignore it.  Add some additional comments to
the code that deals with received segemnts that are completely to the right
of the receive window.  If an invalid SYN is received, force an ACK and
drop it; if the other side really sent the SYN; it'll respond with a reset.
Respond to RST by ACK, as suggested in NISCC recommendation.
Rate-limit ACKs against RSTs and SYNs.
If SYN is coming and RCV.NXT == SEG.SEQ, then ACK with value - 1.

Revision 1.195 / (download) - annotate - [select for diffs], Tue Apr 20 19:49:15 2004 UTC (19 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.194: +12 -3 lines
Diff to previous 1.194 (colored)

follow draft-ietf-tcpm-tcpsecure-00.txt 3.2 (B):
if SYN is coming and RCV.NXT == SEG.SEQ, then ACK with value - 1.

Revision 1.194 / (download) - annotate - [select for diffs], Tue Apr 20 16:52:12 2004 UTC (19 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.193: +51 -22 lines
Diff to previous 1.193 (colored)

- respond to RST by ACK, as suggested in NISCC recommendation
- rate-limit ACKs against RSTs and SYNs

Revision 1.193 / (download) - annotate - [select for diffs], Sat Apr 17 23:35:37 2004 UTC (19 years, 10 months ago) by matt
Branch: MAIN
Changes since 1.192: +23 -13 lines
Diff to previous 1.192 (colored)

If a segment is received with RST set and the segment is completely to the
left of the receive window, ignore it.  Add some additional comments to
the code that deals with received segemnts that are completely to the right
of the receive window.  If an invalid SYN is received, force an ACK and
drop it; if the other side really sent the SYN; it'll respond with a reset.

Revision 1.190.2.1 / (download) - annotate - [select for diffs], Fri Apr 16 08:04:22 2004 UTC (19 years, 10 months ago) by tron
Branch: netbsd-2-0
Changes since 1.190: +3 -2 lines
Diff to previous 1.190 (colored)

Pull up revision 1.192 (requested by ragge in ticket #140):
Add back one line which was accidentially removed (by me) a while ago.
Spotted by Markus Friedl (markus at openbsd.org).

Revision 1.192 / (download) - annotate - [select for diffs], Wed Apr 14 18:07:52 2004 UTC (19 years, 10 months ago) by ragge
Branch: MAIN
Changes since 1.191: +3 -2 lines
Diff to previous 1.191 (colored)

Add back one line which was accidentially removed (by me) a while ago.
Spotted by Markus Friedl (markus at openbsd.org).

Revision 1.191 / (download) - annotate - [select for diffs], Mon Mar 29 04:59:02 2004 UTC (19 years, 11 months ago) by atatat
Branch: MAIN
Changes since 1.190: +4 -2 lines
Diff to previous 1.190 (colored)

Make these compile without INET.  tcp_input probably needs a lot more
work...

Revision 1.190 / (download) - annotate - [select for diffs], Wed Mar 10 18:50:45 2004 UTC (19 years, 11 months ago) by drochner
Branch: MAIN
CVS Tags: netbsd-2-0-base, BEFORE-IPF411
Branch point for: netbsd-2-0
Changes since 1.189: +3 -4 lines
Diff to previous 1.189 (colored)

fix tcp/udp checksum test in the M_CSUM_NO_PSEUDOHDR case
(this can never have worked)
now I can use a "bge" gigabit interface with hw checksumming
ttcp-t: 2147483648 bytes in 18.31 real seconds = 114527.11 KB/sec +++
woow!

Revision 1.189 / (download) - annotate - [select for diffs], Thu Feb 26 02:34:59 2004 UTC (20 years ago) by itojun
Branch: MAIN
Changes since 1.188: +17 -18 lines
Diff to previous 1.188 (colored)

KNF

Revision 1.188 / (download) - annotate - [select for diffs], Fri Jan 2 12:01:39 2004 UTC (20 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.187: +6 -8 lines
Diff to previous 1.187 (colored)

some corrections from markus@openbsd;
- callout_ack() was called with wrong argument
- no need for xor with timestamp as we are using arc4random()
- minor typo/cleanup

Revision 1.187 / (download) - annotate - [select for diffs], Wed Nov 19 20:47:00 2003 UTC (20 years, 3 months ago) by jonathan
Branch: MAIN
Changes since 1.186: +5 -2 lines
Diff to previous 1.186 (colored)

Footwork for fast-ipsec and IPv6: when compiling sys/netinet/tcp_input.c
for both FAST_IPSEC and INET6, include <netipsec/ipsec6.h>.

Revision 1.186 / (download) - annotate - [select for diffs], Fri Oct 24 10:25:40 2003 UTC (20 years, 4 months ago) by ragge
Branch: MAIN
Changes since 1.185: +8 -21 lines
Diff to previous 1.185 (colored)

Fix the bug in the tcp transmit prediction code.
During testing the prediction counters show a hit-rate on about 85% for
packets sent on a local LAN, and better than 99% for intercontinental
high-speed bulk traffic (!).

Revision 1.185 / (download) - annotate - [select for diffs], Thu Oct 23 20:55:08 2003 UTC (20 years, 4 months ago) by mycroft
Branch: MAIN
Changes since 1.184: +2 -9 lines
Diff to previous 1.184 (colored)

Remove all the code to maintain ia_inpcbs.  This information was only used to
close sockets on address changes, which was deemed to be a bad idea and was
summarily removed, so there is no point in wasting effort on maintaining it
any more.

Revision 1.141.4.7 / (download) - annotate - [select for diffs], Wed Oct 22 06:05:47 2003 UTC (20 years, 4 months ago) by jmc
Branch: netbsd-1-6
CVS Tags: netbsd-1-6-PATCH002-RELEASE, netbsd-1-6-PATCH002-RC4, netbsd-1-6-PATCH002-RC3, netbsd-1-6-PATCH002-RC2, netbsd-1-6-PATCH002-RC1, netbsd-1-6-PATCH002
Changes since 1.141.4.6: +14 -3 lines
Diff to previous 1.141.4.6 (colored) to branchpoint 1.141 (colored)

Pullup rev 1.173 (requested by he in ticket #1530)


        Introduce a new INVOKING status for callouts, and use it to close
        a race condition in the TCP code.  Fixes PR#20390.

Revision 1.184 / (download) - annotate - [select for diffs], Wed Sep 10 01:46:27 2003 UTC (20 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.183: +2 -12 lines
Diff to previous 1.183 (colored)

cut-and-paste error.  Valeriy E. Ushakov

Revision 1.183 / (download) - annotate - [select for diffs], Wed Sep 10 00:58:29 2003 UTC (20 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.182: +40 -5 lines
Diff to previous 1.182 (colored)

if IPsec inbound policy mismatches, respond to SYN with RST (instead of
just dropping it), allow client to react quickly.

Revision 1.182 / (download) - annotate - [select for diffs], Sat Sep 6 03:12:51 2003 UTC (20 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.181: +2 -6 lines
Diff to previous 1.181 (colored)

clarify flowlabel handling

Revision 1.181 / (download) - annotate - [select for diffs], Thu Sep 4 09:16:59 2003 UTC (20 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.180: +11 -9 lines
Diff to previous 1.180 (colored)

revamp inpcb/in6pcb so that they are more aligned with each other.
in6pcb lookup now uses hash(9).

Revision 1.180 / (download) - annotate - [select for diffs], Fri Aug 22 22:49:34 2003 UTC (20 years, 6 months ago) by itojun
Branch: MAIN
Changes since 1.179: +4 -5 lines
Diff to previous 1.179 (colored)

make sure so is properly initialized

Revision 1.179 / (download) - annotate - [select for diffs], Fri Aug 22 22:00:37 2003 UTC (20 years, 6 months ago) by itojun
Branch: MAIN
Changes since 1.178: +2 -9 lines
Diff to previous 1.178 (colored)

remove ipsec_set/getsocket.  now we explicitly pass socket * to ip{,6}_output.

Revision 1.178 / (download) - annotate - [select for diffs], Fri Aug 22 21:53:05 2003 UTC (20 years, 6 months ago) by itojun
Branch: MAIN
Changes since 1.177: +7 -8 lines
Diff to previous 1.177 (colored)

change the additional arg to be passed to ip{,6}_output to struct socket *.

this fixes KAME policy lookup which was broken by the previous commit.

Revision 1.177 / (download) - annotate - [select for diffs], Fri Aug 22 20:20:11 2003 UTC (20 years, 6 months ago) by jonathan
Branch: MAIN
Changes since 1.176: +11 -6 lines
Diff to previous 1.176 (colored)

Replace the set_socket() method of passing an extra struct socket*
argument to ip6_output() with a new explicit struct in6pcb* argument.
(The underlying socket can be obtained via in6pcb->inp6_socket.)

In preparation for fast-ipsec.  Reviewed by itojun.

Revision 1.176 / (download) - annotate - [select for diffs], Thu Aug 21 14:49:49 2003 UTC (20 years, 6 months ago) by jonathan
Branch: MAIN
Changes since 1.175: +12 -4 lines
Diff to previous 1.175 (colored)

Honour the M_CSUM_NO_PSEUDOHDR, if set on inbound TCP and UDP packets.
Tested against  bcm5700 with patched if_bge.c.

Revision 1.175 / (download) - annotate - [select for diffs], Fri Aug 15 03:42:04 2003 UTC (20 years, 6 months ago) by jonathan
Branch: MAIN
Changes since 1.174: +14 -8 lines
Diff to previous 1.174 (colored)

(fast-ipsec): Add hooks to pass IPv4 IPsec traffic into fast-ipsec, if
configured with ``options FAST_IPSEC''.  Kernels with KAME IPsec or
with no IPsec should work as before.

All calls to ip_output() now always pass an additional compulsory
argument: the inpcb associated with the packet being sent,
or 0 if no inpcb is available.

Fast-ipsec tested with ICMP or UDP over ESP. TCP doesn't work, yet.

Revision 1.174 / (download) - annotate - [select for diffs], Thu Aug 7 16:33:15 2003 UTC (20 years, 6 months ago) by agc
Branch: MAIN
Changes since 1.173: +3 -7 lines
Diff to previous 1.173 (colored)

Move UCB-licensed code from 4-clause to 3-clause licence.

Patches provided by Joel Baker in PR 22364, verified by myself.

Revision 1.173 / (download) - annotate - [select for diffs], Sun Jul 20 16:35:07 2003 UTC (20 years, 7 months ago) by he
Branch: MAIN
Changes since 1.172: +14 -3 lines
Diff to previous 1.172 (colored)

As a temporary workaround, apply the fix from PR#20390, thereby
cooperating with the callout code in working around the race
condition caused by the TCP code's use of the callout facility.

Instead of unconditionally releasing memory in tcp_close() and
SYN_CACHE_PUT(), check whether any of the related callout handlers
are about to be invoked (but have not yet done callout_ack()), and
if so, just mark the associated data structure (tcpcb or syn cache
entry) as "dead", and test for this (and release storage) in the
callout handler functions.

Revision 1.172 / (download) - annotate - [select for diffs], Wed Jul 2 19:33:20 2003 UTC (20 years, 8 months ago) by ragge
Branch: MAIN
Changes since 1.171: +20 -7 lines
Diff to previous 1.171 (colored)

Fix previous bug. Thanks to Enami for spotting the (obvious) error, and
to other people with much help with bug reports etc.
While fixing, change some of the code I added last time to make it
cleaner and simpler.

Revision 1.171 / (download) - annotate - [select for diffs], Sun Jun 29 22:31:58 2003 UTC (20 years, 8 months ago) by fvdl
Branch: MAIN
Branch point for: ktrace-lwp
Changes since 1.170: +0 -0 lines
Diff to previous 1.170 (colored)

Back out the lwp/ktrace changes. They contained a lot of colateral damage,
and need to be examined and discussed more.

Revision 1.170 / (download) - annotate - [select for diffs], Sun Jun 29 18:58:26 2003 UTC (20 years, 8 months ago) by ragge
Branch: MAIN
Changes since 1.169: +9 -2 lines
Diff to previous 1.169 (colored)

Add code to remember where in the send queue of mbufs the last packet was
sent from. This change avoid a linear search through all mbufs when using
large TCP windows, and therefore permit high-speed connections on long
distances.

Tested on a 1 Gigabit connection between Luleand San Francisco, a distance
of about 15000km.  With TCP windows of just over 20 Mbytes it could keep up
with 950Mbit/s.

After discussions with Matt Thomas and Jason Thorpe.

Revision 1.141.4.6 / (download) - annotate - [select for diffs], Tue Jun 17 09:48:25 2003 UTC (20 years, 8 months ago) by msaitoh
Branch: netbsd-1-6
Changes since 1.141.4.5: +6 -2 lines
Diff to previous 1.141.4.5 (colored) to branchpoint 1.141 (colored)

Pull up revisions 1.168 (requested by itojun in ticket #1304):
 inherit IPV6_V6ONLY from listening socket. Fixes PR#21713.

Revision 1.169 / (download) - annotate - [select for diffs], Sun Jun 15 02:49:33 2003 UTC (20 years, 8 months ago) by matt
Branch: MAIN
Changes since 1.168: +22 -14 lines
Diff to previous 1.168 (colored)

Change the way multicasts are kept.  They now use a hash table in the same
manner as the ifaddr hash table.  By doing this, the mkludge code can go
away.  At the same time, keep track of what pcbs are using what ifaddr and
when an address is deleted from an interface, notify/abort all sockets
that have that address as a source.  Switch IGMP and multicasts to use pools
for allocation.  Fix a number of potential problems in the igmp code where
allocation failures could cause a trap/panic.

Revision 1.168 / (download) - annotate - [select for diffs], Fri May 30 01:15:04 2003 UTC (20 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.167: +6 -2 lines
Diff to previous 1.167 (colored)

inherit IPV6_V6ONLY from listening socket.  PR 21713

Revision 1.167 / (download) - annotate - [select for diffs], Sat May 17 17:16:20 2003 UTC (20 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.166: +2 -22 lines
Diff to previous 1.166 (colored)

no need for ip_v recovery in output path too
(tcp_template includes ip_v setting)

Revision 1.166 / (download) - annotate - [select for diffs], Sat May 17 17:08:15 2003 UTC (20 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.165: +2 -22 lines
Diff to previous 1.165 (colored)

ip checksum logic no longer damage ip_v

Revision 1.165 / (download) - annotate - [select for diffs], Fri May 16 03:58:33 2003 UTC (20 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.164: +10 -10 lines
Diff to previous 1.164 (colored)

use strlcpy

Revision 1.164 / (download) - annotate - [select for diffs], Wed May 14 06:47:35 2003 UTC (20 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.163: +2 -66 lines
Diff to previous 1.163 (colored)

always use PULLDOWN_TEST codepath.

Revision 1.163 / (download) - annotate - [select for diffs], Sat Mar 1 04:40:27 2003 UTC (21 years ago) by thorpej
Branch: MAIN
Changes since 1.162: +26 -7 lines
Diff to previous 1.162 (colored)

Allow TCP connections to hosts on a local network to use a larger
slow start initial window.  Default this larger initial window to
4 packets, allowing it to be adjusted with net.inet.tcp.init_win_local.

Revision 1.162 / (download) - annotate - [select for diffs], Wed Feb 26 06:31:15 2003 UTC (21 years ago) by matt
Branch: MAIN
Changes since 1.161: +6 -2 lines
Diff to previous 1.161 (colored)

Add MBUFTRACE kernel option.
Do a little mbuf rework while here.  Change all uses of MGET*(*, M_WAIT, *)
to m_get*(M_WAIT, *).  These are not performance critical and making them
call m_get saves considerable space.  Add m_clget analogue of MCLGET and
make corresponding change for M_WAIT uses.
Modify netinet, gem, fxp, tulip, nfs to support MBUFTRACE.
Begin to change netstat to use sysctl.

Revision 1.161 / (download) - annotate - [select for diffs], Tue Feb 25 22:12:24 2003 UTC (21 years ago) by he
Branch: MAIN
Changes since 1.160: +3 -3 lines
Diff to previous 1.160 (colored)

Swap neighboring lines of callout_init() and bzero() of container
struct in syn_cache_add(); the bzero() invalidates whatever
callout_init() has done (which might matter, but presently doesn't).

Revision 1.122.2.16 / (download) - annotate - [select for diffs], Tue Jan 7 21:41:42 2003 UTC (21 years, 1 month ago) by thorpej
Branch: nathanw_sa
CVS Tags: nathanw_sa_end
Changes since 1.122.2.15: +3 -3 lines
Diff to previous 1.122.2.15 (colored) next main 1.123 (colored)

Sync with HEAD.

Revision 1.160 / (download) - annotate - [select for diffs], Sat Jan 4 23:43:06 2003 UTC (21 years, 1 month ago) by wiz
Branch: MAIN
CVS Tags: nathanw_sa_before_merge, nathanw_sa_base
Changes since 1.159: +3 -3 lines
Diff to previous 1.159 (colored)

Spell output with two ts.

Revision 1.122.2.15 / (download) - annotate - [select for diffs], Mon Nov 11 22:15:27 2002 UTC (21 years, 3 months ago) by nathanw
Branch: nathanw_sa
Changes since 1.122.2.14: +7 -7 lines
Diff to previous 1.122.2.14 (colored)

Catch up to -current

Revision 1.159 / (download) - annotate - [select for diffs], Sat Nov 2 07:28:14 2002 UTC (21 years, 4 months ago) by perry
Branch: MAIN
CVS Tags: gmcgarry_ucred_base, gmcgarry_ucred, gmcgarry_ctxsw_base, gmcgarry_ctxsw, fvdl_fs64_base
Changes since 1.158: +7 -7 lines
Diff to previous 1.158 (colored)

/*CONTCOND*/ while (0)'ed macros

Revision 1.141.4.5 / (download) - annotate - [select for diffs], Wed Oct 23 12:21:24 2002 UTC (21 years, 4 months ago) by lukem
Branch: netbsd-1-6
CVS Tags: netbsd-1-6-PATCH001-RELEASE, netbsd-1-6-PATCH001-RC3, netbsd-1-6-PATCH001-RC2, netbsd-1-6-PATCH001-RC1, netbsd-1-6-PATCH001
Changes since 1.141.4.4: +8 -7 lines
Diff to previous 1.141.4.4 (colored) to branchpoint 1.141 (colored)

Pull up revision 1.158 (requested by thorpej in ticket #938):
Make sure TF_REQ_TSTMP and TF_REQ_SCALE get set correctly in the new
TCPCB in the passive-open case.
Fixes PR 18677.

Revision 1.122.2.14 / (download) - annotate - [select for diffs], Tue Oct 22 04:57:25 2002 UTC (21 years, 4 months ago) by thorpej
Branch: nathanw_sa
Changes since 1.122.2.13: +13 -15 lines
Diff to previous 1.122.2.13 (colored)

Sync with HEAD.

Revision 1.158 / (download) - annotate - [select for diffs], Tue Oct 22 04:24:50 2002 UTC (21 years, 4 months ago) by thorpej
Branch: MAIN
CVS Tags: kqueue-beforemerge, kqueue-aftermerge
Changes since 1.157: +8 -7 lines
Diff to previous 1.157 (colored)

Make sure TF_REQ_TSTMP and TF_REQ_SCALE get set correctly in the new
TCPCB in the passive-open case.

Fixes PR 18677.

Revision 1.157 / (download) - annotate - [select for diffs], Tue Oct 22 03:07:06 2002 UTC (21 years, 4 months ago) by simonb
Branch: MAIN
Changes since 1.156: +7 -10 lines
Diff to previous 1.156 (colored)

In tcp_input():
 Remove the set-but-not-used "proto" variable.
 Guard the "ostate" variable in #ifdef TCP_DEBUG.
Remove the set-but-not-used "parentinpcb" variable in syn_cache_get().

Revision 1.141.4.4 / (download) - annotate - [select for diffs], Mon Oct 21 02:22:26 2002 UTC (21 years, 4 months ago) by lukem
Branch: netbsd-1-6
Changes since 1.141.4.3: +6 -4 lines
Diff to previous 1.141.4.3 (colored) to branchpoint 1.141 (colored)

Pull up revision 1.156 via patch (requested by itojun in ticket #915):
correct log_refused check (TH_SYN, !TH_RST and !TH_ACK).  PR 18669

Revision 1.108.4.14 / (download) - annotate - [select for diffs], Fri Oct 18 10:24:41 2002 UTC (21 years, 4 months ago) by itojun
Branch: netbsd-1-5
Changes since 1.108.4.13: +5 -3 lines
Diff to previous 1.108.4.13 (colored) to branchpoint 1.108 (colored)

sys/netinet/tcp_input.c				1.156 via patch

  Correct log_refused check (TH_SYN, !TH_RST and !TH_ACK).  Fixes PR#18669.

(itojun)

Revision 1.122.2.13 / (download) - annotate - [select for diffs], Fri Oct 18 02:45:19 2002 UTC (21 years, 4 months ago) by nathanw
Branch: nathanw_sa
Changes since 1.122.2.12: +4 -2 lines
Diff to previous 1.122.2.12 (colored)

Catch up to -current.

Revision 1.156 / (download) - annotate - [select for diffs], Wed Oct 16 15:15:28 2002 UTC (21 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.155: +6 -4 lines
Diff to previous 1.155 (colored)

correct log_refused check (TH_SYN, !TH_RST and !TH_ACK).  PR 18669

Revision 1.127.2.7 / (download) - annotate - [select for diffs], Thu Oct 10 18:44:06 2002 UTC (21 years, 4 months ago) by jdolecek
Branch: kqueue
Changes since 1.127.2.6: +16 -8 lines
Diff to previous 1.127.2.6 (colored) to branchpoint 1.127 (colored) next main 1.128 (colored)

sync kqueue with -current; this includes merge of gehenna-devsw branch,
merge of i386 MP branch, and part of autoconf rototil work

Revision 1.122.2.12 / (download) - annotate - [select for diffs], Tue Sep 17 21:23:06 2002 UTC (21 years, 5 months ago) by nathanw
Branch: nathanw_sa
Changes since 1.122.2.11: +16 -8 lines
Diff to previous 1.122.2.11 (colored)

Catch up to -current.

Revision 1.155 / (download) - annotate - [select for diffs], Wed Sep 11 02:41:21 2002 UTC (21 years, 5 months ago) by itojun
Branch: MAIN
CVS Tags: kqueue-base
Changes since 1.154: +4 -4 lines
Diff to previous 1.154 (colored)

correct signedness mixup in pointer passing.  sync w/kame

Revision 1.127.2.6 / (download) - annotate - [select for diffs], Fri Sep 6 08:49:18 2002 UTC (21 years, 5 months ago) by jdolecek
Branch: kqueue
Changes since 1.127.2.5: +135 -37 lines
Diff to previous 1.127.2.5 (colored) to branchpoint 1.127 (colored)

sync kqueue branch with HEAD

Revision 1.141.4.3 / (download) - annotate - [select for diffs], Fri Sep 6 06:21:17 2002 UTC (21 years, 5 months ago) by lukem
Branch: netbsd-1-6
CVS Tags: netbsd-1-6-RELEASE
Changes since 1.141.4.2: +14 -6 lines
Diff to previous 1.141.4.2 (colored) to branchpoint 1.141 (colored)

Pull up revision 1.154 via patch (requested by itojun in ticket #775):
always consult SS_CANTRCVMORE.  PR 18185

Revision 1.108.4.13 / (download) - annotate - [select for diffs], Thu Sep 5 23:06:17 2002 UTC (21 years, 5 months ago) by itojun
Branch: netbsd-1-5
Changes since 1.108.4.12: +13 -5 lines
Diff to previous 1.108.4.12 (colored) to branchpoint 1.108 (colored)

sys/netinet/tcp_input.c				1.154
  always consult SS_CANTRCVMORE.  PR 18185

(itojun)

Revision 1.154 / (download) - annotate - [select for diffs], Thu Sep 5 23:02:18 2002 UTC (21 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.153: +14 -6 lines
Diff to previous 1.153 (colored)

always consult SS_CANTRCVMORE.  PR 18185

Revision 1.141.2.5 / (download) - annotate - [select for diffs], Thu Aug 29 00:56:47 2002 UTC (21 years, 6 months ago) by gehenna
Branch: gehenna-devsw
Changes since 1.141.2.4: +70 -4 lines
Diff to previous 1.141.2.4 (colored) to branchpoint 1.141 (colored) next main 1.142 (colored)

catch up with -current.

Revision 1.122.2.11 / (download) - annotate - [select for diffs], Wed Aug 28 02:50:43 2002 UTC (21 years, 6 months ago) by thorpej
Branch: nathanw_sa
Changes since 1.122.2.10: +21 -2 lines
Diff to previous 1.122.2.10 (colored)

Sync with -current.

Revision 1.141.4.2 / (download) - annotate - [select for diffs], Wed Aug 28 02:33:36 2002 UTC (21 years, 6 months ago) by lukem
Branch: netbsd-1-6
CVS Tags: netbsd-1-6-RC3, netbsd-1-6-RC2
Changes since 1.141.4.1: +19 -0 lines
Diff to previous 1.141.4.1 (colored) to branchpoint 1.141 (colored)

Pull up revision 1.153 (requested by thorpej in ticket #738):
Fix a problem introduced in rev 1.103, where we recycle a TIME_WAIT
TCPCB .. the fields need to be converted back to net-order, because
the packet is checksummed after the TCPCB lookup happens.
From YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>.

Revision 1.153 / (download) - annotate - [select for diffs], Wed Aug 28 02:23:57 2002 UTC (21 years, 6 months ago) by thorpej
Branch: MAIN
CVS Tags: gehenna-devsw-base
Changes since 1.152: +21 -2 lines
Diff to previous 1.152 (colored)

Fix a problem introduced in rev 1.103, where we recycle a TIME_WAIT
TCPCB .. the fields need to be converted back to net-order, because
the packet is checksummed after the TCPCB lookup happens.

From YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>.

Revision 1.122.2.10 / (download) - annotate - [select for diffs], Tue Aug 27 23:48:03 2002 UTC (21 years, 6 months ago) by nathanw
Branch: nathanw_sa
Changes since 1.122.2.9: +49 -2 lines
Diff to previous 1.122.2.9 (colored)

Catch up to -current.

Revision 1.152 / (download) - annotate - [select for diffs], Mon Aug 19 02:17:54 2002 UTC (21 years, 6 months ago) by itojun
Branch: MAIN
Changes since 1.151: +46 -43 lines
Diff to previous 1.151 (colored)

better sync w/kame on deprecated address handling.  check af == AF_INET6.

Revision 1.151 / (download) - annotate - [select for diffs], Mon Aug 19 02:13:46 2002 UTC (21 years, 6 months ago) by itojun
Branch: MAIN
Changes since 1.150: +46 -2 lines
Diff to previous 1.150 (colored)

pull in deprecated address handling from KAME sys/netinet6/tcp6_input.c.

Revision 1.150 / (download) - annotate - [select for diffs], Wed Aug 14 00:23:33 2002 UTC (21 years, 6 months ago) by itojun
Branch: MAIN
Changes since 1.149: +4 -4 lines
Diff to previous 1.149 (colored)

avoid swapping endian of ip_len and ip_off on mbuf, to meet with M_LEADINGSPACE
optimization made last year.  should solve PR 17867 and 10195.

IP_HDRINCL behavior of raw ip socket is kept unchanged.  we may want to
provide IP_HDRINCL variant that does not swap endian.

Revision 1.122.2.9 / (download) - annotate - [select for diffs], Thu Aug 1 02:46:48 2002 UTC (21 years, 7 months ago) by nathanw
Branch: nathanw_sa
Changes since 1.122.2.8: +67 -35 lines
Diff to previous 1.122.2.8 (colored)

Catch up to -current.

Revision 1.141.4.1 / (download) - annotate - [select for diffs], Sun Jul 21 00:55:11 2002 UTC (21 years, 7 months ago) by lukem
Branch: netbsd-1-6
CVS Tags: netbsd-1-6-RC1
Changes since 1.141: +3 -2 lines
Diff to previous 1.141 (colored)

Pull up revision 1.149 (requested by wrstuden in ticket #517):
When a new connection arrives on a listening port, copy over the
value of the TCP_NODELAY socket option from the listener to the
newly connected connection. Agrees with how Linux & FreeBSD behave,
and goes more with the spirit of accept(2) creating a socket with
the same properties as the listener.
Analysis by Kevin Lahey. Closes PR 17616 by myself.

Revision 1.141.2.4 / (download) - annotate - [select for diffs], Sat Jul 20 11:35:13 2002 UTC (21 years, 7 months ago) by gehenna
Branch: gehenna-devsw
Changes since 1.141.2.3: +3 -2 lines
Diff to previous 1.141.2.3 (colored) to branchpoint 1.141 (colored)

catch up with -current.

Revision 1.149 / (download) - annotate - [select for diffs], Thu Jul 18 03:23:01 2002 UTC (21 years, 7 months ago) by wrstuden
Branch: MAIN
Changes since 1.148: +3 -2 lines
Diff to previous 1.148 (colored)

When a new connection arrives on a listening port, copy over the
value of the TCP_NODELAY socket option from the listener to the
newly connected connection. Agrees with how Linux & FreeBSD behave,
and goes more with the spirit of accept(2) creating a socket with
the same properties as the listener.

Analysis by Kevin Lahey. Closes PR 17616 by myself.

Revision 1.141.2.3 / (download) - annotate - [select for diffs], Mon Jul 15 10:36:59 2002 UTC (21 years, 7 months ago) by gehenna
Branch: gehenna-devsw
Changes since 1.141.2.2: +66 -35 lines
Diff to previous 1.141.2.2 (colored) to branchpoint 1.141 (colored)

catch up with -current.

Revision 1.148 / (download) - annotate - [select for diffs], Wed Jul 3 21:36:58 2002 UTC (21 years, 8 months ago) by thorpej
Branch: MAIN
Changes since 1.147: +5 -5 lines
Diff to previous 1.147 (colored)

Rename sbappend_stream() to sbappendstream(), per suggestion from
Jonathan Stone.

Revision 1.147 / (download) - annotate - [select for diffs], Wed Jul 3 19:06:50 2002 UTC (21 years, 8 months ago) by thorpej
Branch: MAIN
Changes since 1.146: +5 -5 lines
Diff to previous 1.146 (colored)

Make insertion of data into socket buffers O(C):
* Keep pointers to the first and last mbufs of the last record in the
  socket buffer.
* Use the sb_lastrecord pointer in the sbappend*() family of functions
  to avoid traversing the packet chain to find the last record.
* Add a new sbappend_stream() function for stream protocols which
  guarantee that there will never be more than one record in the
  socket buffer.  This function uses the sb_mbtail pointer to perform
  the data insertion.  Make TCP use sbappend_stream().

On a profiling run, this makes sbappend of a TCP transmission using
a 1M socket buffer go from 50% of the time to .02% of the time.

Thanks to Bill Sommerfeld and YAMAMOTO Takashi for their debugging
assistance!

Revision 1.146 / (download) - annotate - [select for diffs], Sun Jun 30 22:40:35 2002 UTC (21 years, 8 months ago) by thorpej
Branch: MAIN
Changes since 1.145: +5 -2 lines
Diff to previous 1.145 (colored)

Changes to allow the IPv4 and IPv6 layers to align headers themseves,
as necessary:
* Implement a new mbuf utility routine, m_copyup(), is is like
  m_pullup(), except that it always prepends and copies, rather
  than only doing so if the desired length is larger than m->m_len.
  m_copyup() also allows an offset into the destination mbuf, which
  allows space for packet headers, in the forwarding case.
* Add *_HDR_ALIGNED_P() macros for IP, IPv6, ICMP, and IGMP.  These
  macros expand to 1 if __NO_STRICT_ALIGNMENT is defined, so that
  architectures which do not have strict alignment constraints don't
  pay for the test or visit the new align-if-needed path.
* Use the new macros to check if a header needs to be aligned, or to
  assert that it already is, as appropriate.

Note: This code is still somewhat experimental.  However, the new
code path won't be visited if individual device drivers continue
to guarantee that packets are delivered to layer 3 already properly
aligned (which are rules that are already in use).

Revision 1.145 / (download) - annotate - [select for diffs], Sat Jun 29 04:13:21 2002 UTC (21 years, 8 months ago) by yamt
Branch: MAIN
Changes since 1.144: +60 -32 lines
Diff to previous 1.144 (colored)

split logging code in order to reduce maximum stack usage.

Revision 1.127.2.5 / (download) - annotate - [select for diffs], Sun Jun 23 17:50:59 2002 UTC (21 years, 8 months ago) by jdolecek
Branch: kqueue
Changes since 1.127.2.4: +189 -62 lines
Diff to previous 1.127.2.4 (colored) to branchpoint 1.127 (colored)

catch up with -current on kqueue branch

Revision 1.141.2.2 / (download) - annotate - [select for diffs], Thu Jun 20 15:52:28 2002 UTC (21 years, 8 months ago) by gehenna
Branch: gehenna-devsw
Changes since 1.141.2.1: +36 -35 lines
Diff to previous 1.141.2.1 (colored) to branchpoint 1.141 (colored)

catch up with -current.

Revision 1.122.2.8 / (download) - annotate - [select for diffs], Thu Jun 20 03:48:54 2002 UTC (21 years, 8 months ago) by nathanw
Branch: nathanw_sa
Changes since 1.122.2.7: +154 -52 lines
Diff to previous 1.122.2.7 (colored)

Catch up to -current.

Revision 1.144 / (download) - annotate - [select for diffs], Tue Jun 11 19:39:59 2002 UTC (21 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.143: +5 -4 lines
Diff to previous 1.143 (colored)

share policy-on-pcb for listening socket.  sync w/kame
todo: share even more, avoid frequent updates of spidx

Revision 1.143 / (download) - annotate - [select for diffs], Sun Jun 9 16:33:43 2002 UTC (21 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.142: +33 -33 lines
Diff to previous 1.142 (colored)

whitespace

Revision 1.141.2.1 / (download) - annotate - [select for diffs], Thu May 30 13:52:27 2002 UTC (21 years, 9 months ago) by gehenna
Branch: gehenna-devsw
Changes since 1.141: +4 -4 lines
Diff to previous 1.141 (colored)

Catch up with -current.

Revision 1.142 / (download) - annotate - [select for diffs], Tue May 28 10:11:51 2002 UTC (21 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.141: +4 -4 lines
Diff to previous 1.141 (colored)

use arc4random() where possible.
XXX is it necessary to do microtime() on tcp syn cache?

Revision 1.141 / (download) - annotate - [select for diffs], Tue May 7 02:59:38 2002 UTC (21 years, 9 months ago) by matt
Branch: MAIN
CVS Tags: netbsd-1-6-base
Branch point for: netbsd-1-6, gehenna-devsw
Changes since 1.140: +118 -17 lines
Diff to previous 1.140 (colored)

Change struct ipqe to use TAILQ's instead of LIST's (primarily for TCP's
benefit currently).  Rework tcp_reass code to optimize the 4 most likely causes
of out-of-order packets: first OoO pkt, next OoO pkt in seq, OoO pkt is part
of new chuck of OoO packets, and the OoO pkt fills the first hole.  Add evcnts
to instrument tcp_reass (enabled by the options TCP_REASS_COUNTERS).  This is
part 1/2 of tcp_reass changes.

Revision 1.108.4.12 / (download) - annotate - [select for diffs], Wed Apr 3 21:17:06 2002 UTC (21 years, 10 months ago) by he
Branch: netbsd-1-5
CVS Tags: netbsd-1-5-PATCH003
Changes since 1.108.4.11: +36 -1 lines
Diff to previous 1.108.4.11 (colored) to branchpoint 1.108 (colored)

Pull up revisions 1.138-1.140 (via patch, requested by itojun):
  Reject TCP SYN packets sent to the broadcast address.

Revision 1.122.2.7 / (download) - annotate - [select for diffs], Mon Apr 1 07:48:42 2002 UTC (21 years, 11 months ago) by nathanw
Branch: nathanw_sa
Changes since 1.122.2.6: +56 -24 lines
Diff to previous 1.122.2.6 (colored)

Catch up to -current.
(CVS: It's not just a program. It's an adventure!)

Revision 1.140 / (download) - annotate - [select for diffs], Sun Mar 24 17:09:01 2002 UTC (21 years, 11 months ago) by christos
Branch: MAIN
Changes since 1.139: +36 -14 lines
Diff to previous 1.139 (colored)

Change the multicast/broadcast test to happen later, and when we are
in listen mode. Fixes panic with telnet ::1 port, where the port is an
ipv4 open port.

Revision 1.139 / (download) - annotate - [select for diffs], Fri Mar 22 04:31:01 2002 UTC (21 years, 11 months ago) by itojun
Branch: MAIN
Changes since 1.138: +2 -7 lines
Diff to previous 1.138 (colored)

no need to check in_broadaddr/IN_MULTICAST in dropwithreset label.
suggested by enami

Revision 1.138 / (download) - annotate - [select for diffs], Fri Mar 22 03:21:13 2002 UTC (21 years, 11 months ago) by itojun
Branch: MAIN
Changes since 1.137: +5 -4 lines
Diff to previous 1.137 (colored)

make sure we don't touch "ip" in IPv6 path

Revision 1.108.4.11 / (download) - annotate - [select for diffs], Wed Mar 20 21:42:32 2002 UTC (21 years, 11 months ago) by he
Branch: netbsd-1-5
Changes since 1.108.4.10: +19 -12 lines
Diff to previous 1.108.4.10 (colored) to branchpoint 1.108 (colored)

Pull up revision 1.136 (requested by itojun):
  Support tcp_log_refused for IPv6.

Revision 1.137 / (download) - annotate - [select for diffs], Tue Mar 19 14:35:20 2002 UTC (21 years, 11 months ago) by christos
Branch: MAIN
CVS Tags: eeh-devprop-base, eeh-devprop
Changes since 1.136: +10 -3 lines
Diff to previous 1.136 (colored)

Drop connections to the broadcast address. From BUGTRAQ. This is a security
issue because it can by-pass ipf rules unintentionally.

Revision 1.127.2.4 / (download) - annotate - [select for diffs], Sat Mar 16 16:02:13 2002 UTC (21 years, 11 months ago) by jdolecek
Branch: kqueue
Changes since 1.127.2.3: +21 -14 lines
Diff to previous 1.127.2.3 (colored) to branchpoint 1.127 (colored)

Catch up with -current.

Revision 1.136 / (download) - annotate - [select for diffs], Tue Mar 12 04:36:47 2002 UTC (21 years, 11 months ago) by itojun
Branch: MAIN
Changes since 1.135: +20 -13 lines
Diff to previous 1.135 (colored)

support tcp_log_refused for IPv6. From: Andrew Brown <atatat@atatdot.net>

Revision 1.135 / (download) - annotate - [select for diffs], Fri Mar 8 20:48:44 2002 UTC (21 years, 11 months ago) by thorpej
Branch: MAIN
CVS Tags: newlock-base, newlock
Changes since 1.134: +3 -3 lines
Diff to previous 1.134 (colored)

Pool deals fairly well with physical memory shortage, but it doesn't
deal with shortages of the VM maps where the backing pages are mapped
(usually kmem_map).  Try to deal with this:

* Group all information about the backend allocator for a pool in a
  separate structure.  The pool references this structure, rather than
  the individual fields.
* Change the pool_init() API accordingly, and adjust all callers.
* Link all pools using the same backend allocator on a list.
* The backend allocator is responsible for waiting for physical memory
  to become available, but will still fail if it cannot callocate KVA
  space for the pages.  If this happens, carefully drain all pools using
  the same backend allocator, so that some KVA space can be freed.
* Change pool_reclaim() to indicate if it actually succeeded in freeing
  some pages, and use that information to make draining easier and more
  efficient.
* Get rid of PR_URGENT.  There was only one use of it, and it could be
  dealt with by the caller.

From art@openbsd.org.

Revision 1.122.2.6 / (download) - annotate - [select for diffs], Thu Feb 28 04:15:12 2002 UTC (22 years ago) by nathanw
Branch: nathanw_sa
Changes since 1.122.2.5: +42 -15 lines
Diff to previous 1.122.2.5 (colored)

Catch up to -current.

Revision 1.127.2.3 / (download) - annotate - [select for diffs], Mon Feb 11 20:10:38 2002 UTC (22 years ago) by jdolecek
Branch: kqueue
Changes since 1.127.2.2: +42 -15 lines
Diff to previous 1.127.2.2 (colored) to branchpoint 1.127 (colored)

Sync w/ -current.

Revision 1.108.4.10 / (download) - annotate - [select for diffs], Thu Jan 24 22:44:21 2002 UTC (22 years, 1 month ago) by he
Branch: netbsd-1-5
Changes since 1.108.4.9: +41 -14 lines
Diff to previous 1.108.4.9 (colored) to branchpoint 1.108 (colored)

Pull up revision 1.134 (requested by itojun):
  Clean up the NRL copyright.

Revision 1.134 / (download) - annotate - [select for diffs], Thu Jan 24 02:12:29 2002 UTC (22 years, 1 month ago) by itojun
Branch: MAIN
CVS Tags: ifpoll-base
Changes since 1.133: +42 -15 lines
Diff to previous 1.133 (colored)

place NRL copyright notice itself, not a reference to it.

Revision 1.127.2.2 / (download) - annotate - [select for diffs], Thu Jan 10 20:02:59 2002 UTC (22 years, 1 month ago) by thorpej
Branch: kqueue
Changes since 1.127.2.1: +10 -7 lines
Diff to previous 1.127.2.1 (colored) to branchpoint 1.127 (colored)

Sync kqueue branch with -current.

Revision 1.122.2.5 / (download) - annotate - [select for diffs], Wed Nov 14 19:17:55 2001 UTC (22 years, 3 months ago) by nathanw
Branch: nathanw_sa
Changes since 1.122.2.4: +9 -6 lines
Diff to previous 1.122.2.4 (colored)

Catch up to -current.

Revision 1.133 / (download) - annotate - [select for diffs], Tue Nov 13 00:32:40 2001 UTC (22 years, 3 months ago) by lukem
Branch: MAIN
Changes since 1.132: +4 -1 lines
Diff to previous 1.132 (colored)

add RCSIDs

Revision 1.131.2.1 / (download) - annotate - [select for diffs], Mon Nov 12 21:19:27 2001 UTC (22 years, 3 months ago) by thorpej
Branch: thorpej-mips-cache
Changes since 1.131: +6 -6 lines
Diff to previous 1.131 (colored) next main 1.132 (colored)

Sync the thorpej-mips-cache branch with -current.

Revision 1.132 / (download) - annotate - [select for diffs], Sun Nov 4 20:55:28 2001 UTC (22 years, 3 months ago) by matt
Branch: MAIN
CVS Tags: thorpej-mips-cache-base
Changes since 1.131: +6 -6 lines
Diff to previous 1.131 (colored)

Convert netinet to not use the internal <sys/queue.h> field names
but instead the access macros.  Use the FOREACH macros where appropriate.

Revision 1.127.4.1 / (download) - annotate - [select for diffs], Mon Oct 1 12:47:45 2001 UTC (22 years, 5 months ago) by fvdl
Branch: thorpej-devvp
Changes since 1.127: +94 -125 lines
Diff to previous 1.127 (colored) next main 1.128 (colored)

Catch up with -current.

Revision 1.122.2.4 / (download) - annotate - [select for diffs], Fri Sep 21 22:36:49 2001 UTC (22 years, 5 months ago) by nathanw
Branch: nathanw_sa
Changes since 1.122.2.3: +94 -125 lines
Diff to previous 1.122.2.3 (colored)

Catch up to -current.

Revision 1.131 / (download) - annotate - [select for diffs], Mon Sep 17 17:27:00 2001 UTC (22 years, 5 months ago) by thorpej
Branch: MAIN
CVS Tags: thorpej-devvp-base3, thorpej-devvp-base2
Branch point for: thorpej-mips-cache
Changes since 1.130: +2 -2 lines
Diff to previous 1.130 (colored)

Split the pre-computed ifnet checksum flags into Tx and Rx directions.
Add capabilities bits that indicate an interface can only perform
in-bound TCPv4 or UDPv4 checksums.  There is at least one Gig-E chip
for which this is true (Level One LXT-1001), and this is also the
case for the Intel i82559 10/100 Ethernet chips.

Revision 1.127.2.1 / (download) - annotate - [select for diffs], Thu Sep 13 01:16:22 2001 UTC (22 years, 5 months ago) by thorpej
Branch: kqueue
Changes since 1.127: +93 -124 lines
Diff to previous 1.127 (colored)

Update the kqueue branch to HEAD.

Revision 1.130 / (download) - annotate - [select for diffs], Tue Sep 11 21:03:20 2001 UTC (22 years, 5 months ago) by thorpej
Branch: MAIN
CVS Tags: pre-chs-ubcperf, post-chs-ubcperf
Changes since 1.129: +77 -105 lines
Diff to previous 1.129 (colored)

Use callouts for SYN cache timers, rather than traversing time queues
in tcp_slowtimo().

Revision 1.129 / (download) - annotate - [select for diffs], Mon Sep 10 22:14:26 2001 UTC (22 years, 5 months ago) by thorpej
Branch: MAIN
Changes since 1.128: +2 -1 lines
Diff to previous 1.128 (colored)

Use callouts for TCP timers, rather than traversing the list of
all open TCP connections in tcp_slowtimo() (which is called 2x
per second).  It's fairly rare for TCP timers to actually fire,
so saving this list traversal is good, especially if you want
to scale to thousands of open connections.

Revision 1.128 / (download) - annotate - [select for diffs], Mon Sep 10 15:23:09 2001 UTC (22 years, 5 months ago) by thorpej
Branch: MAIN
Changes since 1.127: +16 -20 lines
Diff to previous 1.127 (colored)

Change the way receive idle time and round trip time are measured.
Instead of incrementing t_idle and t_rtt in tcp_slowtimo(), we now
take a timstamp (via tcp_now) and use subtraction to compute the
delta when we actually need it (using unsigned arithmetic so that
tcp_now wrapping is handled correctly).

Based on similar changes in FreeBSD.

Revision 1.122.2.3 / (download) - annotate - [select for diffs], Fri Aug 24 00:12:29 2001 UTC (22 years, 6 months ago) by nathanw
Branch: nathanw_sa
Changes since 1.122.2.2: +7 -3 lines
Diff to previous 1.122.2.2 (colored)

Catch up with -current.

Revision 1.127 / (download) - annotate - [select for diffs], Sun Jul 8 16:18:57 2001 UTC (22 years, 7 months ago) by abs
Branch: MAIN
CVS Tags: thorpej-devvp-base
Branch point for: thorpej-devvp, kqueue
Changes since 1.126: +7 -3 lines
Diff to previous 1.126 (colored)

Rename TCPDEBUG to TCP_DEBUG, defopt TCP_DEBUG and TCP_NDEBUG, and
make all usage of tcp_trace dependent on TCP_DEBUG - resulting in
a 31K saving on an INET enabled i386 kernel.

Revision 1.122.2.2 / (download) - annotate - [select for diffs], Thu Jun 21 20:08:42 2001 UTC (22 years, 8 months ago) by nathanw
Branch: nathanw_sa
Changes since 1.122.2.1: +65 -31 lines
Diff to previous 1.122.2.1 (colored)

Catch up to -current.

Revision 1.126 / (download) - annotate - [select for diffs], Tue Jun 19 13:42:19 2001 UTC (22 years, 8 months ago) by wiz
Branch: MAIN
Changes since 1.125: +2 -2 lines
Diff to previous 1.125 (colored)

`existent', not `existant'

Revision 1.125 / (download) - annotate - [select for diffs], Sat Jun 2 16:17:10 2001 UTC (22 years, 9 months ago) by thorpej
Branch: MAIN
Changes since 1.124: +58 -22 lines
Diff to previous 1.124 (colored)

Implement support for IP/TCP/UDP checksum offloading provided by
network interfaces.  This works by pre-computing the pseudo-header
checksum and caching it, delaying the actual checksum to ip_output()
if the hardware cannot perform the sum for us.  In-bound checksums
can either be fully-checked by hardware, or summed up for final
verification by software.  This method was modeled after how this
is done in FreeBSD, although the code is significantly different in
most places.

We don't delay checksums for IPv6/TCP, but we do take advantage of the
cached pseudo-header checksum.

Note: hardware-assisted checksumming defaults to "off".  It is
enabled with ifconfig(8).  See the manual page for details.

Implement hardware-assisted checksumming on the DP83820 Gigabit Ethernet,
3c90xB/3c90xC 10/100 Ethernet, and Alteon Tigon/Tigon2 Gigabit Ethernet.

Revision 1.108.4.9 / (download) - annotate - [select for diffs], Wed May 9 19:37:19 2001 UTC (22 years, 9 months ago) by he
Branch: netbsd-1-5
CVS Tags: netbsd-1-5-PATCH002, netbsd-1-5-PATCH001
Changes since 1.108.4.8: +7 -9 lines
Diff to previous 1.108.4.8 (colored) to branchpoint 1.108 (colored)

Pull up revision 1.124 (requested by itojun):
  Correct faith prefix determintaion.

Revision 1.124 / (download) - annotate - [select for diffs], Tue May 8 10:15:13 2001 UTC (22 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.123: +7 -9 lines
Diff to previous 1.123 (colored)

correct faith prefix determination.  use sys/netinet/if_faith.c:faithprefix()
to determine.  sync with kame.
(without this change, non-faith socket may mistakenly accept for-faith traffic)

Revision 1.122.2.1 / (download) - annotate - [select for diffs], Mon Apr 9 01:58:30 2001 UTC (22 years, 10 months ago) by nathanw
Branch: nathanw_sa
Changes since 1.122: +41 -12 lines
Diff to previous 1.122 (colored)

Catch up with -current.

Revision 1.108.4.8 / (download) - annotate - [select for diffs], Fri Apr 6 00:25:58 2001 UTC (22 years, 10 months ago) by he
Branch: netbsd-1-5
Changes since 1.108.4.7: +5 -2 lines
Diff to previous 1.108.4.7 (colored) to branchpoint 1.108 (colored)

Pull up revision 1.122 (requested by itojun):
  Record IPsec packet history in m_aux structure.  Let ipfilter
  look at wire-format packet only (not the decapsulated ones), so
  that VPN setting can work with NAT/ipfilter settings.

Revision 1.96.2.4 / (download) - annotate - [select for diffs], Tue Mar 27 15:32:34 2001 UTC (22 years, 11 months ago) by bouyer
Branch: thorpej_scsipi
Changes since 1.96.2.3: +41 -12 lines
Diff to previous 1.96.2.3 (colored) to branchpoint 1.96 (colored) next main 1.97 (colored)

Sync with HEAD.

Revision 1.123 / (download) - annotate - [select for diffs], Tue Mar 20 20:07:51 2001 UTC (22 years, 11 months ago) by thorpej
Branch: MAIN
CVS Tags: thorpej_scsipi_nbase, thorpej_scsipi_beforemerge, thorpej_scsipi_base
Changes since 1.122: +41 -12 lines
Diff to previous 1.122 (colored)

Two changes, designed to make us even more resilient against TCP
ISS attacks (which we already fend off quite well).

1. First-cut implementation of RFC1948, Steve Bellovin's cryptographic
   hash method of generating TCP ISS values.  Note, this code is experimental
   and disabled by default (experimental enough that I don't export the
   variable via sysctl yet, either).  There are a couple of issues I'd
   like to discuss with Steve, so this code should only be used by people
   who really know what they're doing.

2. Per a recent thread on Bugtraq, it's possible to determine a system's
   uptime by snooping the RFC1323 TCP timestamp options sent by a host; in
   4.4BSD, timestamps are created by incrementing the tcp_now variable
   at 2 Hz; there's even a company out there that uses this to determine
   web server uptime.  According to Newsham's paper "The Problem With
   Random Increments", while NetBSD's TCP ISS generation method is much
   better than the "random increment" method used by FreeBSD and OpenBSD,
   it is still theoretically possible to mount an attack against NetBSD's
   method if the attacker knows how many times the tcp_iss_seq variable
   has been incremented.  By not leaking uptime information, we can make
   that much harder to determine.  So, we avoid the leak by giving each
   TCP connection a timebase of 0.

Revision 1.96.2.3 / (download) - annotate - [select for diffs], Sun Feb 11 19:17:17 2001 UTC (23 years ago) by bouyer
Branch: thorpej_scsipi
Changes since 1.96.2.2: +5 -2 lines
Diff to previous 1.96.2.2 (colored) to branchpoint 1.96 (colored)

Sync with HEAD.

Revision 1.122 / (download) - annotate - [select for diffs], Wed Jan 24 09:04:15 2001 UTC (23 years, 1 month ago) by itojun
Branch: MAIN
Branch point for: nathanw_sa
Changes since 1.121: +5 -2 lines
Diff to previous 1.121 (colored)

- record IPsec packet history into m_aux structure.
- let ipfilter look at wire-format packet only (not the decapsulated ones),
  so that VPN setting can work with NAT/ipfilter settings.
sync with kame.

TODO: use header history for stricter inbound validation

Revision 1.96.2.2 / (download) - annotate - [select for diffs], Wed Dec 13 15:50:34 2000 UTC (23 years, 2 months ago) by bouyer
Branch: thorpej_scsipi
Changes since 1.96.2.1: +1 -10 lines
Diff to previous 1.96.2.1 (colored) to branchpoint 1.96 (colored)

Sync with HEAD (for UBC fixes).

Revision 1.121 / (download) - annotate - [select for diffs], Sun Dec 10 23:39:36 2000 UTC (23 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.120: +1 -10 lines
Diff to previous 1.120 (colored)

remove NRL code leftover.  sync with kame

Revision 1.96.2.1 / (download) - annotate - [select for diffs], Mon Nov 20 18:10:35 2000 UTC (23 years, 3 months ago) by bouyer
Branch: thorpej_scsipi
Changes since 1.96: +334 -199 lines
Diff to previous 1.96 (colored)

Update thorpej_scsipi to -current as of a month ago

Revision 1.120 / (download) - annotate - [select for diffs], Thu Oct 19 20:22:59 2000 UTC (23 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.119: +4 -4 lines
Diff to previous 1.119 (colored)

remove #ifdef TCP6.  it is not likely for us to bring in sys/netinet6/tcp6*.c
(separate TCP/IPv6 stack) into netbsd-current.

Revision 1.119 / (download) - annotate - [select for diffs], Tue Oct 17 03:06:42 2000 UTC (23 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.118: +34 -3 lines
Diff to previous 1.118 (colored)

be more friendly with INET-less build.
XXX we need to do more to do a working INET-less build

Revision 1.118 / (download) - annotate - [select for diffs], Tue Oct 17 02:57:02 2000 UTC (23 years, 4 months ago) by thorpej
Branch: MAIN
Changes since 1.117: +4 -36 lines
Diff to previous 1.117 (colored)

Add an IP_MTUDISC flag to the flags that can be passed to
ip_output().  This flag, if set, causes ip_output() to set
DF in the IP header if the MTU in the route is not locked.

This allows a bunch of redundant code, which I was never
really all that happy about adding in the first place, to
be eliminated.

Inspired by a similar change made by provos@openbsd.org when
he integrated NetBSD's Path MTU Discovery code into OpenBSD.

Revision 1.108.4.7 / (download) - annotate - [select for diffs], Wed Aug 16 01:22:22 2000 UTC (23 years, 6 months ago) by itojun
Branch: netbsd-1-5
CVS Tags: netbsd-1-5-RELEASE, netbsd-1-5-BETA2, netbsd-1-5-BETA
Changes since 1.108.4.6: +6 -4 lines
Diff to previous 1.108.4.6 (colored) to branchpoint 1.108 (colored)

pullup (approved by releng-1-5)

switch from net.inet*.*.*ratelimit to net.inet*.*.ppslimit.

(tags are rough estimate - we had some try-and-error in main trunc)
sys/netinet/icmp6.h             1.9 -> 1.11
sys/netinet/icmp_var.h          1.15 -> 1.17
sys/netinet/in_proto.c          1.39 -> 1.42
sys/netinet/ip_icmp.c           1.50 -> 1.51, 1.52 -> 1.54
sys/netinet/tcp_input.c         1.111 -> 1.112, 1.115 -> 1.117
sys/netinet/tcp_usrreq.c        1.52 -> 1.53
sys/netinet/tcp_var.h           1.72 -> 1.75
sys/netinet6/icmp6.c            1.34 -> 1.35, 1.36 -> 1.38
sys/netinet6/in6_proto.c        1.17 -> 1.19

Revision 1.117 / (download) - annotate - [select for diffs], Fri Jul 28 04:06:53 2000 UTC (23 years, 7 months ago) by itojun
Branch: MAIN
Changes since 1.116: +1 -6 lines
Diff to previous 1.116 (colored)

nuke the following sysctl variables.  "ppsratelimit" should work better.
need to recompile sbin/sysctl after updating /usr/include.
	net.inet.tcp.rstratelimit
	net.inet.icmp.errratelimit
	net.inet6.icmp6.errratelimit

Revision 1.108.4.6 / (download) - annotate - [select for diffs], Fri Jul 28 02:31:08 2000 UTC (23 years, 7 months ago) by itojun
Branch: netbsd-1-5
CVS Tags: netbsd-1-5-ALPHA2
Changes since 1.108.4.5: +14 -1 lines
Diff to previous 1.108.4.5 (colored) to branchpoint 1.108 (colored)

pullup 1.114 -> 1.115 (approved by releng-1-5)

 > be proactive about unspecified IPv6 source address.  pcb layer uses
 > unspecified address (::) to mean "unbounded" or "unconnected",
 > and can be confused by packets from outside.
 >
 > use of :: as source is not documented well in IPv6 specification.
 >
 > not sure if it presents a real threat.  the worst case scenario is a DoS
 > against TCP listening socket:
 > - - outsider transmit TCP SYN with :: as IPv6 source
 > - - receiving side creates TCP control block with:
 >      local address = my addres
 >      remote address = ::     (meaning "unconnected")
 >      state = SYN_RCVD
 >   note that SYN ACK will not be sent due to ip6_output() filter.
 >   this stays until it timeouts.
 > - - the TCP control block prevents listening TCP control block from
 >   being contacted (DoS).
 >
 > udp6/raw6 socket may have similar problem, but as they are connectionless,
 > it may too much to filter it out.

Revision 1.116 / (download) - annotate - [select for diffs], Thu Jul 27 11:34:06 2000 UTC (23 years, 7 months ago) by itojun
Branch: MAIN
Changes since 1.115: +8 -1 lines
Diff to previous 1.115 (colored)

implement net.inet.tcp.rstppslimit to limit TCP RSTs by packet-per-second
basis.  default: 100pps

set default value for net.inet.tcp.rstratelimit to 0 (disabled),
NOTE: it does not work right for smaller-than-1/hz interval.  maybe we should
nuke it, or make it impossible to set smaller-than-1/hz value.

Revision 1.115 / (download) - annotate - [select for diffs], Thu Jul 27 06:18:13 2000 UTC (23 years, 7 months ago) by itojun
Branch: MAIN
Changes since 1.114: +14 -1 lines
Diff to previous 1.114 (colored)

be proactive about unspecified IPv6 source address.  pcb layer uses
unspecified address (::) to mean "unbounded" or "unconnected",
and can be confused by packets from outside.

use of :: as source is not documented well in IPv6 specification.

not sure if it presents a real threat.  the worst case scenario is a DoS
against TCP listening socket:
- outsider transmit TCP SYN with :: as IPv6 source
- receiving side creates TCP control block with:
	local address = my addres
	remote address = ::     (meaning "unconnected")
	state = SYN_RCVD
  note that SYN ACK will not be sent due to ip6_output() filter.
  this stays until it timeouts.
- the TCP control block prevents listening TCP control block from
  being contacted (DoS).

udp6/raw6 socket may have similar problem, but as they are connectionless,
it may too much to filter it out.

Revision 1.108.4.5 / (download) - annotate - [select for diffs], Sun Jul 23 07:27:11 2000 UTC (23 years, 7 months ago) by itojun
Branch: netbsd-1-5
Changes since 1.108.4.4: +5 -1 lines
Diff to previous 1.108.4.4 (colored) to branchpoint 1.108 (colored)

pullup 1.113 -> 1.114 (approved by releng-1-5)
add an DIAGNOSTIC case for MCLBYTES assumption

Revision 1.108.4.4 / (download) - annotate - [select for diffs], Sun Jul 23 05:25:07 2000 UTC (23 years, 7 months ago) by itojun
Branch: netbsd-1-5
Changes since 1.108.4.3: +34 -13 lines
Diff to previous 1.108.4.3 (colored) to branchpoint 1.108 (colored)

pullup from main trunc (approved by releng-1-5)

remove old mbuf assumption (ip header and tcp header are on the same mbuf).
this is for m_pulldown use. (sync with kame)

1.108 -> 1.109 syssrc/sys/netinet/tcp_input.c
1.56  -> 1.57  syssrc/sys/netinet/tcp_output.c
1.91  -> 1.92  syssrc/sys/netinet/tcp_subr.c

Revision 1.114 / (download) - annotate - [select for diffs], Sun Jul 23 05:00:01 2000 UTC (23 years, 7 months ago) by itojun
Branch: MAIN
Changes since 1.113: +5 -1 lines
Diff to previous 1.113 (colored)

add an DIAGNOSTIC case for MCLBYTES assumption

Revision 1.108.4.3 / (download) - annotate - [select for diffs], Thu Jul 20 00:07:04 2000 UTC (23 years, 7 months ago) by itojun
Branch: netbsd-1-5
Changes since 1.108.4.2: +3 -2 lines
Diff to previous 1.108.4.2 (colored) to branchpoint 1.108 (colored)

pullup from main trunc (approved by releng-1-5)
- add protection mechanism against ND cache corruption due to bad NUD hints.

this is part of:
sys/netinet/icmp6.h	1.9 -> 1.10
sys/netinet/tcp_input.c	1.111 -> 1.112
sys/netinet6/icmp6.c	1.34 -> 1.35
sys/netinet6/nd6.c	1.30 -> 1.31
sys/netinet6/nd6.h	1.14 -> 1.15

Revision 1.108.4.2 / (download) - annotate - [select for diffs], Sun Jul 16 01:27:13 2000 UTC (23 years, 7 months ago) by itojun
Branch: netbsd-1-5
Changes since 1.108.4.1: +4 -2 lines
Diff to previous 1.108.4.1 (colored) to branchpoint 1.108 (colored)

pullup 1.112 -> 1.113 (approved by releng-1-5)
date: 2000/07/09 12:49:08;  author: itojun;  state: Exp;  lines: +4 -2
be more cautious about tcp option length field.  drop bogus ones earlier.
not sure if there is a real threat or not, but it seems that there's
possibility for overrun/underrun (like non-NOP option with optlen > cnt).

Revision 1.113 / (download) - annotate - [select for diffs], Sun Jul 9 12:49:08 2000 UTC (23 years, 7 months ago) by itojun
Branch: MAIN
Changes since 1.112: +4 -2 lines
Diff to previous 1.112 (colored)

be more cautious about tcp option length field.  drop bogus ones earlier.
not sure if there is a real threat or not, but it seems that there's
possibility for overrun/underrun (like non-NOP option with optlen > cnt).

Revision 1.112 / (download) - annotate - [select for diffs], Thu Jul 6 12:36:19 2000 UTC (23 years, 7 months ago) by itojun
Branch: MAIN
Changes since 1.111: +3 -3 lines
Diff to previous 1.111 (colored)

- do not use bitfield for router renumbering header.
- add protection mechanism against ND cache corruption due to bad NUD hints.
- more stats
- icmp6 pps limitation.  TOOD: should implement ppsratecheck(9).

Revision 1.111 / (download) - annotate - [select for diffs], Wed Jul 5 21:45:14 2000 UTC (23 years, 7 months ago) by thorpej
Branch: MAIN
Changes since 1.110: +2 -2 lines
Diff to previous 1.110 (colored)

Fix some zero-vs-NULL confusion.

Revision 1.108.4.1 / (download) - annotate - [select for diffs], Mon Jul 3 08:31:57 2000 UTC (23 years, 8 months ago) by itojun
Branch: netbsd-1-5
Changes since 1.108: +1 -11 lines
Diff to previous 1.108 (colored)

pullup from main trunc (approved by releng-1-5)
repair kernel faithd(8) support.  there were two mistakes:
(1) tcp6_input dropped packets for translation
(2) in6_pcblookup_connect was too strict

Revision 1.110 / (download) - annotate - [select for diffs], Sun Jul 2 08:04:10 2000 UTC (23 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.109: +1 -11 lines
Diff to previous 1.109 (colored)

repair kernel faithd(8) support.  there were two mistakes:
(1) tcp6_input dropped packets for translation
(2) in6_pcblookup_connect was too strict

Revision 1.109 / (download) - annotate - [select for diffs], Fri Jun 30 16:44:33 2000 UTC (23 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.108: +34 -13 lines
Diff to previous 1.108 (colored)

remove old mbuf assumption (ip header and tcp header are on the same mbuf).
this is for m_pulldown use. (sync with kame)

Revision 1.108 / (download) - annotate - [select for diffs], Fri May 5 15:05:29 2000 UTC (23 years, 9 months ago) by matt
Branch: MAIN
CVS Tags: netbsd-1-5-base, minoura-xpg4dl-base, minoura-xpg4dl
Branch point for: netbsd-1-5
Changes since 1.107: +2 -2 lines
Diff to previous 1.107 (colored)

remove superfluous test (snd_una is always > iss since th_ack must > iss
(first test at start of case) and th_ack is assigned to snd_una).

Revision 1.107 / (download) - annotate - [select for diffs], Fri May 5 14:51:46 2000 UTC (23 years, 9 months ago) by matt
Branch: MAIN
Changes since 1.106: +2 -2 lines
Diff to previous 1.106 (colored)

From PR #3733: Only disarm timer if SYN contained the ACK bit since if
it didn't it would be a crossing/simultaneous SYN and doesn't mean the
remote TCP received our SYN.

Revision 1.106 / (download) - annotate - [select for diffs], Thu Mar 30 13:25:05 2000 UTC (23 years, 11 months ago) by augustss
Branch: MAIN
Changes since 1.105: +18 -18 lines
Diff to previous 1.105 (colored)

Remove register declarations.

Revision 1.105 / (download) - annotate - [select for diffs], Wed Mar 1 12:49:37 2000 UTC (24 years ago) by itojun
Branch: MAIN
Changes since 1.104: +2 -4 lines
Diff to previous 1.104 (colored)

introduce m->m_pkthdr.aux to hold random data which needs to be passed
between protocol handlers.

ipsec socket pointers, ipsec decryption/auth information, tunnel
decapsulation information are in my mind - there can be several other usage.
at this moment, we use this for ipsec socket pointer passing.  this will
avoid reuse of m->m_pkthdr.rcvif in ipsec code.

due to the change, MHLEN will be decreased by sizeof(void *) - for example,
for i386, MHLEN was 100 bytes, but is now 96 bytes.
we may want to increase MSIZE from 128 to 256 for some of our architectures.

take caution if you use it for keeping some data item for long period
of time - use extra caution on M_PREPEND() or m_adj(), as they may result
in loss of m->m_pkthdr.aux pointer (and mbuf leak).

this will bump kernel version.

(as discussed in tech-net, tested in kame tree)

Revision 1.104 / (download) - annotate - [select for diffs], Tue Feb 15 19:54:12 2000 UTC (24 years ago) by thorpej
Branch: MAIN
Changes since 1.103: +19 -5 lines
Diff to previous 1.103 (colored)

Add support for rate-limiting RSTs sent in response to no socket for
an incoming packet.  Default minimum interval is 10ms.  The interval
is changeable via the "net.inet.tcp.rstratelimit" sysctl variable.

Revision 1.103 / (download) - annotate - [select for diffs], Sat Feb 12 17:19:34 2000 UTC (24 years ago) by thorpej
Branch: MAIN
CVS Tags: chs-ubc2-newbase
Changes since 1.102: +92 -67 lines
Diff to previous 1.102 (colored)

In the tcp_input() path:
- Filter out multicast destinations explicitly for every incoming packet,
  not just SYNs.  Previously, non-SYN multicast destination would be
  filtered out as a side effect of PCB lookup.  Remove now redundant
  similar checks in the dropwithreset case and in syn_cache_add().
- Defer the TCP checksum until we know that we want to process the
  packet (i.e. have a non-CLOSED connection or a listen socket).

Revision 1.102 / (download) - annotate - [select for diffs], Mon Jan 31 14:18:56 2000 UTC (24 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.101: +9 -14 lines
Diff to previous 1.101 (colored)

bring in latest KAME ipsec tree.
- interop issues in ipcomp is fixed
- padding type (after ESP) is configurable
- key database memory management (need more fixes)
- policy specification is revisited

XXX m->m_pkthdr.rcvif is still overloaded - hope to fix it soon

Revision 1.96.8.1 / (download) - annotate - [select for diffs], Mon Dec 27 18:36:19 1999 UTC (24 years, 2 months ago) by wrstuden
Branch: wrstuden-devbsize
Changes since 1.96: +102 -37 lines
Diff to previous 1.96 (colored) next main 1.97 (colored)

Pull up to last week's -current.

Revision 1.101 / (download) - annotate - [select for diffs], Wed Dec 22 04:03:02 1999 UTC (24 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.100: +8 -1 lines
Diff to previous 1.100 (colored)

drop IPv6 packets with v4 mapped address on src/dst.  they are illegal
and may be used to fool IPv6 implementations (by using ::ffff:127.0.0.1 as
source you may be able to pretend the packet is from local node)

Revision 1.100 / (download) - annotate - [select for diffs], Wed Dec 15 06:28:43 1999 UTC (24 years, 2 months ago) by itojun
Branch: MAIN
CVS Tags: wrstuden-devbsize-base, wrstuden-devbsize-19991221
Changes since 1.99: +3 -2 lines
Diff to previous 1.99 (colored)

do not overwrite traffic class field when we write IPv6 version field.

Revision 1.99 / (download) - annotate - [select for diffs], Mon Dec 13 15:17:20 1999 UTC (24 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.98: +53 -4 lines
Diff to previous 1.98 (colored)

sync IPv6 part with latest KAME tree.   IPsec part is left unmodified
due to massive changes in KAME side.
- IPv6 output goes through nd6_output
- faith can capture IPv4 packets as well - you can run IPv4-to-IPv6 translator
  using heavily modified DNS servers
- per-interface statistics (required for IPv6 MIB)
- interface autoconfig is revisited
- udp input handling has a big change for mapped address support.
- introduce in4_cksum() for non-overwriting checksumming
- introduce m_pulldown()
- neighbor discovery cleanups/improvements
- netinet/in.h strictly conforms to RFC2553 (no extra defs visible to userland)
- IFA_STATS is fixed a bit (not tested)
- and more more more.

TODO:
- cleanup os-independency #ifdef
- avoid rcvif dual use (for IPsec) to help ifdetach

(sorry for jumbo commit, I can't separate this any more...)

Revision 1.98 / (download) - annotate - [select for diffs], Sat Dec 11 09:55:14 1999 UTC (24 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.97: +33 -8 lines
Diff to previous 1.97 (colored)

implement upper-layer reachability confirmation for IPv6 ND (RFC2461 7.3.1).
fix code to reject "tcp to IPv6 anycast".

sync with recent KAME.

Revision 1.97 / (download) - annotate - [select for diffs], Wed Dec 8 16:22:20 1999 UTC (24 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.96: +16 -26 lines
Diff to previous 1.96 (colored)

do not drop from IP header to tcp option until sbappend(), to reduce
requirement to mbuf chain.
part of KAME sync, committed separately for its (possible) impact.

Revision 1.77.2.3.4.3 / (download) - annotate - [select for diffs], Tue Nov 30 13:35:35 1999 UTC (24 years, 3 months ago) by itojun
Branch: kame
CVS Tags: kame_141_19991130
Changes since 1.77.2.3.4.2: +210 -77 lines
Diff to previous 1.77.2.3.4.2 (colored) to branchpoint 1.77.2.3 (colored) next main 1.78 (colored)

bring in latest KAME (as of 19991130, KAME/NetBSD141) into kame branch
just for reference purposes.
This commit includes 1.4 -> 1.4.1 sync for kame branch.

The branch does not compile at all (due to the lack of ALTQ and some other
source code).  Please do not try to modify the branch, this is just for
referenre purposes.

synchronization to latest KAME will take place on HEAD branch soon.

Revision 1.96 / (download) - annotate - [select for diffs], Thu Sep 23 02:21:30 1999 UTC (24 years, 5 months ago) by itojun
Branch: MAIN
CVS Tags: fvdl-softdep-base, fvdl-softdep, comdex-fall-1999-base, comdex-fall-1999
Branch point for: wrstuden-devbsize, thorpej_scsipi
Changes since 1.95: +5 -15 lines
Diff to previous 1.95 (colored)

cleanup and correct TCP MSS consideration with IPsec headers.

MSS advertisement must always be:
	max(if mtu) - ip hdr siz - tcp hdr siz
We violated this in the previous code so it was fixed.

tcp_mss_to_advertise() now takes af (af on wire) as its argument,
to compute right ip hdr siz.

tcp_segsize() will take care of IPsec header size.
One thing I'm not really sure is how to handle IPsec header size in
*rxsegsizep (inbound segment size estimation).
The current code subtracts possible *outbound* IPsec size from *rxsegsizep,
hoping that the peer is using the same IPsec policy as me.
It may not be applicable, could TCP gulu please comment...

Revision 1.95 / (download) - annotate - [select for diffs], Fri Sep 10 03:24:14 1999 UTC (24 years, 5 months ago) by simonb
Branch: MAIN
Changes since 1.94: +2 -2 lines
Diff to previous 1.94 (colored)

s/acknowledgment/acknowledgement/

Revision 1.94 / (download) - annotate - [select for diffs], Thu Aug 26 00:04:30 1999 UTC (24 years, 6 months ago) by thorpej
Branch: MAIN
Changes since 1.93: +9 -8 lines
Diff to previous 1.93 (colored)

Fix a problem discovered by the snd_recover update fix.  A bit of the
New Reno fast recovery code was being executed even when New Reno was
disabled, resulting in an unfortunate interaction with the traditional
fast recovery code, the end resulting being that the very condition
that would trigger the traditional fast recovery mechanism caused fast
recovery to be disabled!

Problem reported by Ted Lemon, and some analytical help from Charles Hannum.

Revision 1.93 / (download) - annotate - [select for diffs], Wed Aug 25 15:23:12 1999 UTC (24 years, 6 months ago) by itojun
Branch: MAIN
Changes since 1.92: +56 -6 lines
Diff to previous 1.92 (colored)

When listening socket goes away, remove assockated syn cache entires.
Stale syn cache entries are useless because none of them will be used
if there is no listening socket, as tcp_input looks up listening socket by
in_pcblookup*() before looking into syn cache.

This fixes race condition due to dangling socket pointer from syn cache
entries to listening socket (this was introduced when ipsec is merged in).

This should preserve currently implemented behavior (but not 4.4BSD
behavior prior to syn cache).

Tested in KAME repository before commit, but we'd better run some
regression tests.

Revision 1.92 / (download) - annotate - [select for diffs], Mon Aug 23 14:14:30 1999 UTC (24 years, 6 months ago) by christos
Branch: MAIN
Changes since 1.91: +6 -6 lines
Diff to previous 1.91 (colored)

PR/8254: Wolfgang Rupprecht: Incorrect logging of tcp connections; Fix src/dst
	 confusion.

Revision 1.91 / (download) - annotate - [select for diffs], Wed Aug 11 17:37:59 1999 UTC (24 years, 6 months ago) by thorpej
Branch: MAIN
Changes since 1.90: +31 -12 lines
Diff to previous 1.90 (colored)

Fix a few bugs in the TCP New Reno code:
- Make sure that snd_recover is always at least snd_una.  If we don't do
  this, there can be confusion when sequence numbers wrap around on a
  large loss-free data transfer.
- When doing a New Reno retransmit, snd_una hasn't been updated yet,
  and the socket's send buffer has not yet dropped off ACK'd data, so
  don't muddle with snd_una, so that tcp_output() gets the correct data
  offset.
- When doing a New Reno retransmit, make sure the congestion window is
  open one segment beyond the ACK'd data, so that we can actually perform
  the retransmit.

Partially derived from, although more complete than, similar changes in
OpenBSD, which in turn originated from Tom Henderson <tomh@cs.berkeley.edu>.

Revision 1.90 / (download) - annotate - [select for diffs], Wed Aug 11 03:02:18 1999 UTC (24 years, 6 months ago) by thorpej
Branch: MAIN
Changes since 1.89: +4 -4 lines
Diff to previous 1.89 (colored)

Make sure the echoed RFC 1323 timestamp is valid before using it to
compute the round trip time.  From Mark Allman <mallman@lerc.nasa.gov>.

Revision 1.77.2.3.2.3 / (download) - annotate - [select for diffs], Mon Aug 2 22:34:59 1999 UTC (24 years, 7 months ago) by thorpej
Branch: chs-ubc2
Changes since 1.77.2.3.2.2: +46 -12 lines
Diff to previous 1.77.2.3.2.2 (colored) to branchpoint 1.77.2.3 (colored) next main 1.78 (colored)

Update from trunk.

Revision 1.89 / (download) - annotate - [select for diffs], Thu Jul 22 12:56:56 1999 UTC (24 years, 7 months ago) by itojun
Branch: MAIN
CVS Tags: chs-ubc2-base
Changes since 1.88: +14 -5 lines
Diff to previous 1.88 (colored)

- implement IPv6 pmtud, which is necessary for TCP6.
- fix memory leak on SO_DEBUG over TCP.

Revision 1.88 / (download) - annotate - [select for diffs], Sat Jul 17 12:53:05 1999 UTC (24 years, 7 months ago) by itojun
Branch: MAIN
Changes since 1.87: +3 -2 lines
Diff to previous 1.87 (colored)

no need to include faith.h on non-IPv6 build, so wrap by #ifdef.
(dunno if it's better to always include it or not)

Revision 1.87 / (download) - annotate - [select for diffs], Sat Jul 17 07:07:08 1999 UTC (24 years, 7 months ago) by itojun
Branch: MAIN
Changes since 1.86: +23 -5 lines
Diff to previous 1.86 (colored)

fix faith interface support.  need testing.
(i understand this is a dirty hack, of course)

Revision 1.86 / (download) - annotate - [select for diffs], Wed Jul 14 22:37:13 1999 UTC (24 years, 7 months ago) by itojun
Branch: MAIN
Changes since 1.85: +4 -4 lines
Diff to previous 1.85 (colored)

Use proper ip protocol # field and tcp hdr on sending RST against SYN,
when ip header and tcp header are not adjacent to each other
(i.e. when ip6 options are attached).

To test this, try
	telnet @::1@::1 port
toward a port without responding server.  Prior to the fix, the kernel will
generate broken RST packet.

Revision 1.85 / (download) - annotate - [select for diffs], Fri Jul 9 22:57:20 1999 UTC (24 years, 7 months ago) by thorpej
Branch: MAIN
Changes since 1.84: +2 -1 lines
Diff to previous 1.84 (colored)

defopt IPSEC and IPSEC_ESP (both into opt_ipsec.h).

Revision 1.77.2.3.4.2 / (download) - annotate - [select for diffs], Tue Jul 6 11:02:47 1999 UTC (24 years, 7 months ago) by itojun
Branch: kame
CVS Tags: kame_14_19990705
Changes since 1.77.2.3.4.1: +16 -11 lines
Diff to previous 1.77.2.3.4.1 (colored) to branchpoint 1.77.2.3 (colored)

KAME/NetBSD 1.4, SNAP kit 1999/07/05.
NOTE: this branch is just for reference purposes (i.e. for taking cvs diff).
do not touch anything on the branch.  actual work must be done on HEAD branch.

Revision 1.84 / (download) - annotate - [select for diffs], Fri Jul 2 12:45:32 1999 UTC (24 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.83: +6 -1 lines
Diff to previous 1.83 (colored)

avoid "variable not initialized" warnings on some of the platforms.

Revision 1.77.2.3.2.2 / (download) - annotate - [select for diffs], Thu Jul 1 23:47:03 1999 UTC (24 years, 8 months ago) by thorpej
Branch: chs-ubc2
Changes since 1.77.2.3.2.1: +1055 -334 lines
Diff to previous 1.77.2.3.2.1 (colored) to branchpoint 1.77.2.3 (colored)

Sync w/ -current.

Revision 1.83 / (download) - annotate - [select for diffs], Thu Jul 1 08:12:51 1999 UTC (24 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.82: +1055 -334 lines
Diff to previous 1.82 (colored)

IPv6 kernel code, based on KAME/NetBSD 1.4, SNAP kit 19990628.
(Sorry for a big commit, I can't separate this into several pieces...)
Pls check sys/netinet6/TODO and sys/netinet6/IMPLEMENTATION for details.

- sys/kern: do not assume single mbuf, accept chained mbuf on passing
  data from userland to kernel (or other way round).
- "midway" ATM card: ATM PVC pseudo device support, like those done in ALTQ
  package (ftp://ftp.csl.sony.co.jp/pub/kjc/).
- sys/netinet/tcp*: IPv4/v6 dual stack tcp support.
- sys/netinet/{ip6,icmp6}.h, sys/net/pfkeyv2.h: IETF document assumes those
  file to be there so we patch it up.
- sys/netinet: IPsec additions are here and there.
- sys/netinet6/*: most of IPv6 code sits here.
- sys/netkey: IPsec key management code
- dev/pci/pcidevs: regen

In my understanding no code here is subject to export control so it
should be safe.

Revision 1.77.2.3.4.1 / (download) - annotate - [select for diffs], Mon Jun 28 06:37:01 1999 UTC (24 years, 8 months ago) by itojun
Branch: kame
CVS Tags: kame_14_19990628
Changes since 1.77.2.3: +1024 -327 lines
Diff to previous 1.77.2.3 (colored)

KAME/NetBSD 1.4 SNAP kit, dated 19990628.

NOTE: this branch (kame) is used just for refernce.  this may not compile
due to multiple reasons.

Revision 1.77.2.3.2.1 / (download) - annotate - [select for diffs], Mon Jun 21 01:27:50 1999 UTC (24 years, 8 months ago) by thorpej
Branch: chs-ubc2
Changes since 1.77.2.3: +10 -1 lines
Diff to previous 1.77.2.3 (colored)

Sync w/ -current.

Revision 1.82 / (download) - annotate - [select for diffs], Sun May 23 20:33:50 1999 UTC (24 years, 9 months ago) by ad
Branch: MAIN
Changes since 1.81: +10 -1 lines
Diff to previous 1.81 (colored)

Add new sysctl (net.inet.tcp.log_refused) that when set, causes refused TCP
connections to be logged.

Revision 1.77.2.3 / (download) - annotate - [select for diffs], Mon May 3 23:51:53 1999 UTC (24 years, 10 months ago) by perry
Branch: netbsd-1-4
CVS Tags: netbsd-1-4-RELEASE, netbsd-1-4-PATCH003, netbsd-1-4-PATCH002, netbsd-1-4-PATCH001
Branch point for: kame, chs-ubc2
Changes since 1.77.2.2: +2 -1 lines
Diff to previous 1.77.2.2 (colored) to branchpoint 1.77 (colored) next main 1.78 (colored)

pullup 1.80->1.81 (thorpej)

Revision 1.81 / (download) - annotate - [select for diffs], Mon May 3 23:30:27 1999 UTC (24 years, 10 months ago) by thorpej
Branch: MAIN
Changes since 1.80: +2 -1 lines
Diff to previous 1.80 (colored)

Fix an ininitialized variable that the MIPS compiler caught (but the
SPARC, Alpha, Arm, and i386 compilers missed).

Revision 1.77.2.2 / (download) - annotate - [select for diffs], Thu Apr 29 14:52:40 1999 UTC (24 years, 10 months ago) by perry
Branch: netbsd-1-4
Changes since 1.77.2.1: +154 -98 lines
Diff to previous 1.77.2.1 (colored) to branchpoint 1.77 (colored)

sync to 1.80 (thorpej)

Revision 1.80 / (download) - annotate - [select for diffs], Thu Apr 29 03:54:22 1999 UTC (24 years, 10 months ago) by thorpej
Branch: MAIN
Changes since 1.79: +154 -96 lines
Diff to previous 1.79 (colored)

Implement retransmit logic for the SYN cache engine.  Fixes a rare condition
where one side can think a connection exists, where the other side thinks
the connection was never established.

The original problem was first reported by Ty Sarna in PR #5909.  The
original fix I made to the code didn't cover all cases.  The problem this
fix addresses was reported by Christoph Badura via private e-mail.

Many thanks to Bill Sommerfeld for helping me to test this code, and
for finding a subtle bug.

Revision 1.79 / (download) - annotate - [select for diffs], Thu Apr 22 01:32:30 1999 UTC (24 years, 10 months ago) by simonb
Branch: MAIN
Changes since 1.78: +1 -3 lines
Diff to previous 1.78 (colored)

Don't extern sb_max, <sys/socketvar.h> provides a definition.

Revision 1.77.2.1 / (download) - annotate - [select for diffs], Fri Apr 9 22:05:19 1999 UTC (24 years, 10 months ago) by kml
Branch: netbsd-1-4
Changes since 1.77: +7 -3 lines
Diff to previous 1.77 (colored)

Pullup of 1.78, which fixes the stack so that out of window SYNs are ACKed.

Revision 1.78 / (download) - annotate - [select for diffs], Fri Apr 9 22:01:07 1999 UTC (24 years, 10 months ago) by kml
Branch: MAIN
Changes since 1.77: +7 -3 lines
Diff to previous 1.77 (colored)

Ensure that out of window SYNs receive an ACK in responce, rather than
being dropped.  This fixes a bug reported by Jason Thorpe.

Revision 1.77 / (download) - annotate - [select for diffs], Fri Feb 5 22:37:24 1999 UTC (25 years ago) by matt
Branch: MAIN
CVS Tags: netbsd-1-4-base
Branch point for: netbsd-1-4
Changes since 1.76: +2 -2 lines
Diff to previous 1.76 (colored)

According to Dave Borman, the iss should be using snd_nxt and not rcv_nxt
(from tcp_impl mailing-list).

Revision 1.76 / (download) - annotate - [select for diffs], Thu Feb 4 22:58:37 1999 UTC (25 years ago) by explorer
Branch: MAIN
Changes since 1.75: +3 -3 lines
Diff to previous 1.75 (colored)

REALLY only update the window when we get an ACK.  (the old code seemed broken)

Revision 1.75 / (download) - annotate - [select for diffs], Sun Jan 24 01:19:28 1999 UTC (25 years, 1 month ago) by thorpej
Branch: MAIN
Changes since 1.74: +123 -77 lines
Diff to previous 1.74 (colored)

* Completely rewrite syn_cache_respond().
- Don't use tcp_respond(), instead create the tcp/ip header from scratch,
and send it ourself.
- Reuse the mbuf that carried the SYN, or allocate one if that is not
available.
- Cache the route we look up to do the Path MTU Discovery check, and
transfer the reference to that route to the inpcb when the connection
completes.
* Macro'ize a small, but often repeated code fragment.

Revision 1.74 / (download) - annotate - [select for diffs], Tue Jan 19 23:03:21 1999 UTC (25 years, 1 month ago) by mycroft
Branch: MAIN
Changes since 1.73: +3 -3 lines
Diff to previous 1.73 (colored)

Don't screw with ip_len; just subtract from it where we actually use the
value.

Revision 1.73 / (download) - annotate - [select for diffs], Tue Jan 19 21:58:41 1999 UTC (25 years, 1 month ago) by mycroft
Branch: MAIN
Changes since 1.72: +2 -2 lines
Diff to previous 1.72 (colored)

Don't overwrite the checksum fields when checking them.  There's no reason to
do this, and it screws up ICMP replies.
XXX The returned IP checksum and length are still wrong.

Revision 1.72 / (download) - annotate - [select for diffs], Fri Dec 18 21:38:02 1998 UTC (25 years, 2 months ago) by thorpej
Branch: MAIN
Changes since 1.71: +9 -1 lines
Diff to previous 1.71 (colored)

Add a lock around the TCPCB's sequence queue, to prevent tcp_drain()
from corrupting the queue if called from a device's interrupt context.

Similar in nature to the problem reported in PR #5684.

Revision 1.71 / (download) - annotate - [select for diffs], Thu Oct 8 01:19:26 1998 UTC (25 years, 4 months ago) by thorpej
Branch: MAIN
CVS Tags: kenh-if-detach-base, kenh-if-detach, chs-ubc-base, chs-ubc
Changes since 1.70: +6 -6 lines
Diff to previous 1.70 (colored)

Use the pool allocator for ipqent structures.

Revision 1.70 / (download) - annotate - [select for diffs], Tue Oct 6 00:41:13 1998 UTC (25 years, 4 months ago) by matt
Branch: MAIN
Changes since 1.69: +2 -2 lines
Diff to previous 1.69 (colored)

Fix boolean dyslexic test.  Duh!

Revision 1.69 / (download) - annotate - [select for diffs], Tue Oct 6 00:20:44 1998 UTC (25 years, 4 months ago) by matt
Branch: MAIN
Changes since 1.68: +9 -3 lines
Diff to previous 1.68 (colored)

Add a sysctl for newreno (default to off).

Revision 1.68 / (download) - annotate - [select for diffs], Sun Oct 4 21:33:53 1998 UTC (25 years, 4 months ago) by matt
Branch: MAIN
Changes since 1.67: +62 -5 lines
Diff to previous 1.67 (colored)

Adapt the NEWRENO changes from the UCSB diffs of BSDI 3.0's TCP
to NetBSD.  Ignore the SACK & FACK stuff for now.

Revision 1.67 / (download) - annotate - [select for diffs], Sat Sep 19 04:34:34 1998 UTC (25 years, 5 months ago) by mycroft
Branch: MAIN
Changes since 1.66: +2 -2 lines
Diff to previous 1.66 (colored)

Fix a typo (not mine) in a comment.

Revision 1.66 / (download) - annotate - [select for diffs], Sat Sep 19 04:32:51 1998 UTC (25 years, 5 months ago) by mycroft
Branch: MAIN
Changes since 1.65: +9 -2 lines
Diff to previous 1.65 (colored)

If we're in LISTEN state and all of RST, SYN and ACK are clear, send a RST.

Revision 1.65 / (download) - annotate - [select for diffs], Thu Sep 10 10:46:59 1998 UTC (25 years, 5 months ago) by mouse
Branch: MAIN
Changes since 1.64: +4 -3 lines
Diff to previous 1.64 (colored)

Create tcp.keepidle, tcp.keepintvl, tcp.keepcnt, tcp.slowhz sysctls.

Revision 1.64 / (download) - annotate - [select for diffs], Wed Sep 9 01:32:27 1998 UTC (25 years, 5 months ago) by thorpej
Branch: MAIN
Changes since 1.63: +27 -3 lines
Diff to previous 1.63 (colored)

Use an algorithm similar to that in tcp_notify() to determine if
syn_cache_unreach() should remove the entry, or just continue on.

Algorithm is to only remove the entry if we've had more than one unreach
error and have retransmitted 3 or more times.  This prevents the following
scenario, as noted in PR #5909 (PR from Ty Sarna, scenario from
Charles Hannum):

	* Host A sends a SYN.
	* Host A retransmits the SYN.
	* Host B gets the first SYN and sends a SYN-ACK.
	* Host B gets the second SYN and sends a SYN-ACK.
	* One of the SYN-ACK bounces with an
	  ICMP unreachable, causing the `SYN cache' entry to be
	  removed with no notification.
	* Host A receives the other SYN-ACK, sends an ACK, and goes to
	  ESTABLISHED state.

Should fix PR #5909.

Revision 1.63 / (download) - annotate - [select for diffs], Sun Aug 2 00:35:51 1998 UTC (25 years, 7 months ago) by thorpej
Branch: MAIN
Changes since 1.62: +18 -11 lines
Diff to previous 1.62 (colored)

Use the pool allocator for syn_cache entries.

Revision 1.62 / (download) - annotate - [select for diffs], Fri Jul 17 22:58:56 1998 UTC (25 years, 7 months ago) by thorpej
Branch: MAIN
CVS Tags: eeh-paddr_t-base, eeh-paddr_t
Changes since 1.61: +12 -9 lines
Diff to previous 1.61 (colored)

Clarify that we are using the Loss Window if a retransmission occurred
during the three-way handshake.

Revision 1.61 / (download) - annotate - [select for diffs], Tue Jun 2 18:33:02 1998 UTC (25 years, 9 months ago) by thorpej
Branch: MAIN
Changes since 1.60: +7 -2 lines
Diff to previous 1.60 (colored)

Add a comment explaining why we do _not_ ACK data that might accompany
a SYN (avoidance of a DoS attack).

Revision 1.60 / (download) - annotate - [select for diffs], Mon May 11 19:57:23 1998 UTC (25 years, 9 months ago) by thorpej
Branch: MAIN
Changes since 1.59: +1 -7 lines
Diff to previous 1.59 (colored)

Nuke TUBA per my note to tech-net; there's no reason to keep it around.

Revision 1.33.2.6 / (download) - annotate - [select for diffs], Sat May 9 03:33:01 1998 UTC (25 years, 9 months ago) by mycroft
Branch: netbsd-1-3
CVS Tags: netbsd-1-3-PATCH003-CANDIDATE2, netbsd-1-3-PATCH003-CANDIDATE1, netbsd-1-3-PATCH003-CANDIDATE0, netbsd-1-3-PATCH003, netbsd-1-3-PATCH002
Changes since 1.33.2.5: +3 -2 lines
Diff to previous 1.33.2.5 (colored) to branchpoint 1.33 (colored) next main 1.34 (colored)

Pull up patch from kml.

Revision 1.59 / (download) - annotate - [select for diffs], Thu May 7 01:37:27 1998 UTC (25 years, 9 months ago) by thorpej
Branch: MAIN
Changes since 1.58: +84 -142 lines
Diff to previous 1.58 (colored)

Rework the syn cache code somewhat:
- Don't use home-grown queue manipulation.  Use <sys/queue.h> instead.  The
  data structures are a little larger, but we are otherwise wasting the
  memory chunk anyway (we're already a 64-byte malloc bucket).
- Fix a bug in the cache-is-full case: if the oldest element removed from
  the first non-empty bucket was the only element in the bucket, the
  bucket wouldn't be removed from the bucket cache, causing queue corruption
  later.
- Optimize the syn cache timers by using PRT timers rather than home-grown
  decrement-and-propagate timers.

This code is now a fair bit smaller, and significantly easier to read
and understand.

Revision 1.58 / (download) - annotate - [select for diffs], Wed May 6 01:21:20 1998 UTC (25 years, 9 months ago) by thorpej
Branch: MAIN
Changes since 1.57: +21 -18 lines
Diff to previous 1.57 (colored)

Use macros from tcp_timer.h to manipulate TCP timers, so that their
implementation can be changed easily.

Revision 1.33.2.5 / (download) - annotate - [select for diffs], Tue May 5 09:24:43 1998 UTC (25 years, 9 months ago) by mycroft
Branch: netbsd-1-3
Changes since 1.33.2.4: +7 -3 lines
Diff to previous 1.33.2.4 (colored) to branchpoint 1.33 (colored)

Pull up 1.45, per request of kml.

Revision 1.57 / (download) - annotate - [select for diffs], Sun May 3 19:54:56 1998 UTC (25 years, 10 months ago) by thorpej
Branch: MAIN
Changes since 1.56: +1 -3 lines
Diff to previous 1.56 (colored)

Once again, move a declaration for the benefit of TUBA (grumble).

Revision 1.56 / (download) - annotate - [select for diffs], Sat May 2 04:23:05 1998 UTC (25 years, 10 months ago) by thorpej
Branch: MAIN
Changes since 1.55: +3 -3 lines
Diff to previous 1.55 (colored)

Oops, move a variable declaration so TUBA won't lose.

Revision 1.55 / (download) - annotate - [select for diffs], Sat May 2 04:21:58 1998 UTC (25 years, 10 months ago) by thorpej
Branch: MAIN
Changes since 1.54: +7 -2 lines
Diff to previous 1.54 (colored)

Reintroduce the immediate ACK-on-PUSH behavior removed in revision 1.47,
but make the decision to do this dependent on the sysctl variable
net.inet.tcp.ack_on_push, which is disabled by default.

Revision 1.54 / (download) - annotate - [select for diffs], Wed Apr 29 20:43:29 1998 UTC (25 years, 10 months ago) by matt
Branch: MAIN
Changes since 1.53: +233 -76 lines
Diff to previous 1.53 (colored)

New TCP reassembly code.  The new code reduces the memory needed by
out-of-order packets and builds the infrastructure needed for sending
SACK blocks (to be added shortly).

Revision 1.53 / (download) - annotate - [select for diffs], Wed Apr 29 00:43:46 1998 UTC (25 years, 10 months ago) by thorpej
Branch: MAIN
Changes since 1.52: +5 -4 lines
Diff to previous 1.52 (colored)

Change RFC1323 timestamp update rule per Section 3.4 of RFC1323.bis.  Old
rule was to update the timestamp if the sequence numbers are in range.  New
rule adds a check that the timestamp is advancing, thus preventing our notion
of the most recent timestamp from incorrectly moving backwards.

Revision 1.52 / (download) - annotate - [select for diffs], Tue Apr 28 21:52:16 1998 UTC (25 years, 10 months ago) by thorpej
Branch: MAIN
Changes since 1.51: +11 -2 lines
Diff to previous 1.51 (colored)

Log the peer's IP address on received window scale factors larger than
TCP_MAX_WINSHIFT (14), as recommended in Section 2.3 of RFC1323.

Revision 1.51 / (download) - annotate - [select for diffs], Mon Apr 13 21:18:19 1998 UTC (25 years, 10 months ago) by kml
Branch: MAIN
Changes since 1.50: +3 -2 lines
Diff to previous 1.50 (colored)

Fix to ensure that the correct MSS is advertised for loopback
TCP connections by using the MTU of the interface.  Also added
a knob, mss_ifmtu, to force all connections to use the MTU of
the interface to calculate the advertised MSS.

Revision 1.50 / (download) - annotate - [select for diffs], Tue Apr 7 05:09:19 1998 UTC (25 years, 10 months ago) by thorpej
Branch: MAIN
Changes since 1.49: +47 -5 lines
Diff to previous 1.49 (colored)

Remember any source routes that may have accompanied a SYN.

Revision 1.49 / (download) - annotate - [select for diffs], Fri Apr 3 08:02:45 1998 UTC (25 years, 11 months ago) by thorpej
Branch: MAIN
Changes since 1.48: +7 -7 lines
Diff to previous 1.48 (colored)

Now that we have a flags word in the syn cache entry, use a flag to indicate
"peer will do timestamps" rather than a bitfield, and give the now-unsed
bit to the hash, making it now 32 bits.

Revision 1.48 / (download) - annotate - [select for diffs], Fri Apr 3 07:54:01 1998 UTC (25 years, 11 months ago) by thorpej
Branch: MAIN
Changes since 1.47: +6 -31 lines
Diff to previous 1.47 (colored)

Clean up some comments wrt. the syn cache code.

Revision 1.47 / (download) - annotate - [select for diffs], Tue Mar 31 23:44:09 1998 UTC (25 years, 11 months ago) by thorpej
Branch: MAIN
Changes since 1.46: +3 -5 lines
Diff to previous 1.46 (colored)

Back out a change made some time ago, that would cause the NetBSD TCP
to ACK immediately any packet that arrived with PSH set.  This breaks
delayed ACKs in a few specific common cases that delayed ACKs were
supposed to help, and ends up not making much (if any) difference in
the case where where this ACK-on-PSH change was supposed to help.

Per discussion with several members of the TCPIMPL and TCPSAT IETF
working groups.

Revision 1.46 / (download) - annotate - [select for diffs], Tue Mar 31 22:49:09 1998 UTC (25 years, 11 months ago) by thorpej
Branch: MAIN
Changes since 1.45: +26 -1 lines
Diff to previous 1.45 (colored)

Fix a potential-congestion case in the larger initial congestion window
code, as clarified in the TCPIMPL WG meeting at IETF #41: If the SYN
(active open) or SYN,ACK (passive open) was retransmitted, the initial
congestion window for the first slow start of that connection must be
one segment.

Revision 1.45 / (download) - annotate - [select for diffs], Thu Mar 19 22:29:33 1998 UTC (25 years, 11 months ago) by kml
Branch: MAIN
Changes since 1.44: +7 -3 lines
Diff to previous 1.44 (colored)

Fix a retransmission bug introduced by the Brakmo and Peterson
RTO estimation changes.  Under some circumstances it would return a value
of 0, while the old Van Jacobson RTO code would return a minimum of 3.
This would result in 12 retransmissions, each 1 second apart.
This takes care of those instances, and ensures that t_rttmin is
used everywhere as a lower bound.

Revision 1.44 / (download) - annotate - [select for diffs], Thu Feb 19 02:36:42 1998 UTC (26 years ago) by thorpej
Branch: MAIN
Changes since 1.43: +38 -1 lines
Diff to previous 1.43 (colored)

Update copyright (sigh, should have done this long ago).

Revision 1.33.2.4 / (download) - annotate - [select for diffs], Thu Jan 29 10:21:32 1998 UTC (26 years, 1 month ago) by mellon
Branch: netbsd-1-3
CVS Tags: netbsd-1-3-PATCH001
Changes since 1.33.2.3: +40 -26 lines
Diff to previous 1.33.2.3 (colored) to branchpoint 1.33 (colored)

Pull up 1.37-1.37 (thorpej).   Pull up 1.40-1.41 and 1.43 (mellon)   Pull up 1.42 (mycroft)

Revision 1.43 / (download) - annotate - [select for diffs], Sat Jan 24 12:27:31 1998 UTC (26 years, 1 month ago) by mellon
Branch: MAIN
Changes since 1.42: +10 -5 lines
Diff to previous 1.42 (colored)

Always set sc->sc_timeout (it was missed in one case).   This fixes a problem where SYN cache entries are sometimes timed out almost immediately.

Revision 1.42 / (download) - annotate - [select for diffs], Sat Jan 24 05:04:27 1998 UTC (26 years, 1 month ago) by mycroft
Branch: MAIN
Changes since 1.41: +10 -8 lines
Diff to previous 1.41 (colored)

Fix an old editing error from merging a bug fix into Lite,
that might cause us to erroneously drop a FIN.
Also, minor changes so the code looks more like Stevens vol 2 figure 28.30.

Revision 1.41 / (download) - annotate - [select for diffs], Wed Jan 21 01:21:22 1998 UTC (26 years, 1 month ago) by mellon
Branch: MAIN
Changes since 1.40: +1 -2 lines
Diff to previous 1.40 (colored)

Never free the mbuf that we give to tcp_respond().   The previous change corrected an inconsistency but in exactly the wrong way.

Revision 1.40 / (download) - annotate - [select for diffs], Sun Jan 18 05:56:15 1998 UTC (26 years, 1 month ago) by mellon
Branch: MAIN
Changes since 1.39: +3 -5 lines
Diff to previous 1.39 (colored)

In syn_cache_get(), don't free incoming packet before jumping to resetandabort, but do free it after sending the reset.

Revision 1.39 / (download) - annotate - [select for diffs], Mon Jan 5 10:32:03 1998 UTC (26 years, 1 month ago) by thorpej
Branch: MAIN
Changes since 1.38: +3 -3 lines
Diff to previous 1.38 (colored)

Finishing merging 4.4BSD-Lite2 netinet.  At this point, the only changes
left were SCCS IDs and Copyright dates.

Revision 1.1.1.3 / (download) - annotate - [select for diffs] (vendor branch), Mon Jan 5 09:55:59 1998 UTC (26 years, 1 month ago) by thorpej
Branch: WFJ-920714, CSRG
CVS Tags: lite-2
Changes since 1.1.1.2: +26 -13 lines
Diff to previous 1.1.1.2 (colored)

Import sys/netinet from 4.4BSD-Lite2 for reference purposes.

Revision 1.1.1.2 / (download) - annotate - [select for diffs] (vendor branch), Mon Jan 5 09:54:22 1998 UTC (26 years, 1 month ago) by thorpej
Branch: WFJ-920714, CSRG
CVS Tags: lite-1, date-03-may-96
Changes since 1.1.1.1: +263 -109 lines
Diff to previous 1.1.1.1 (colored)

Import sys/netinet from 4.4BSD-Lite for reference purposes.

Revision 1.38 / (download) - annotate - [select for diffs], Wed Dec 31 03:31:23 1997 UTC (26 years, 2 months ago) by thorpej
Branch: MAIN
Changes since 1.37: +2 -2 lines
Diff to previous 1.37 (colored)

Implement a queue for delayed ACK processing.  This queue is used in
tcp_fasttimo() in lieu of scanning all open TCP connections.

Revision 1.37 / (download) - annotate - [select for diffs], Thu Dec 11 06:33:29 1997 UTC (26 years, 2 months ago) by thorpej
Branch: MAIN
Changes since 1.36: +19 -9 lines
Diff to previous 1.36 (colored)

Fix the "stretch ACK violation" bug documented in internet draft
draft-ietf-tcpimpl-prob-02.txt.  Also, fix another bug in the header
prediction case where an ACK would not be sent when it should be.

Revision 1.33.2.3 / (download) - annotate - [select for diffs], Fri Nov 21 06:42:39 1997 UTC (26 years, 3 months ago) by thorpej
Branch: netbsd-1-3
CVS Tags: netbsd-1-3-RELEASE, netbsd-1-3-BETA
Changes since 1.33.2.2: +4 -3 lines
Diff to previous 1.33.2.2 (colored) to branchpoint 1.33 (colored)

Pull up from trunk: slight change to previous: don't send RST in the
self-connect case.

Revision 1.36 / (download) - annotate - [select for diffs], Fri Nov 21 06:41:54 1997 UTC (26 years, 3 months ago) by thorpej
Branch: MAIN
Changes since 1.35: +4 -3 lines
Diff to previous 1.35 (colored)

Slight change to the previous: just drop the packet in the self-connect
case.  Sending an RST to ourselves is a little silly, considering that
we'll just attempt to remove a non-existent compressed state entry and
then drop the packet anyway.

Revision 1.33.2.2 / (download) - annotate - [select for diffs], Fri Nov 21 06:22:24 1997 UTC (26 years, 3 months ago) by thorpej
Branch: netbsd-1-3
Changes since 1.33.2.1: +34 -8 lines
Diff to previous 1.33.2.1 (colored) to branchpoint 1.33 (colored)

Pull up from trunk: send RST on SYNs that come from themselves, and
if we receive SYN,ACK on a LISTEN socket.

Revision 1.35 / (download) - annotate - [select for diffs], Fri Nov 21 06:18:30 1997 UTC (26 years, 3 months ago) by thorpej
Branch: MAIN
Changes since 1.34: +34 -8 lines
Diff to previous 1.34 (colored)

In tcp_input(), if the PCB we lookup for an incoming packet is a listen
socket:
- If we received a SYN,ACK, send an RST.
- If we received a SYN, and the connection attempt appears to come from
  itself, send an RST, since it cannot possibly be valid.

Revision 1.33.2.1 / (download) - annotate - [select for diffs], Sat Nov 8 06:31:29 1997 UTC (26 years, 3 months ago) by thorpej
Branch: netbsd-1-3
Changes since 1.33: +12 -12 lines
Diff to previous 1.33 (colored)

Pull up from trunk: TCP MSS fixes to provide cleaner slow-start and recovery.
(kml)

Revision 1.34 / (download) - annotate - [select for diffs], Sat Nov 8 02:35:22 1997 UTC (26 years, 3 months ago) by kml
Branch: MAIN
Changes since 1.33: +12 -12 lines
Diff to previous 1.33 (colored)

TCP MSS fixes to provide cleaner slow-start and recovery.

Revision 1.31.2.2 / (download) - annotate - [select for diffs], Tue Oct 14 10:29:37 1997 UTC (26 years, 4 months ago) by thorpej
Branch: marc-pcmcia
Changes since 1.31.2.1: +4 -4 lines
Diff to previous 1.31.2.1 (colored) to branchpoint 1.31 (colored) next main 1.32 (colored)

Update marc-pcmcia branch from trunk.

Revision 1.33 / (download) - annotate - [select for diffs], Fri Oct 10 01:51:07 1997 UTC (26 years, 4 months ago) by explorer
Branch: MAIN
CVS Tags: netbsd-1-3-base, marc-pcmcia-base
Branch point for: netbsd-1-3
Changes since 1.32: +4 -4 lines
Diff to previous 1.32 (colored)

Add hooks to use the kernel random system to generate TCP sequence numbers.

Revision 1.31.2.1 / (download) - annotate - [select for diffs], Mon Sep 29 07:21:20 1997 UTC (26 years, 5 months ago) by thorpej
Branch: marc-pcmcia
Changes since 1.31: +17 -166 lines
Diff to previous 1.31 (colored)

Update marc-pcmcia branch from trunk.

Revision 1.32 / (download) - annotate - [select for diffs], Mon Sep 22 21:49:55 1997 UTC (26 years, 5 months ago) by thorpej
Branch: MAIN
Changes since 1.31: +17 -166 lines
Diff to previous 1.31 (colored)

Fix several annoyances related to MSS handling in BSD TCP:
- Don't overload t_maxseg.  Previous behavior was to set it to the min
  of the peer's advertised MSS, our advertised MSS, and tcp_mssdflt
  (for non-local networks).  This breaks PMTU discovery running on
  either host.  Instead, remember the MSS we advertise, and use it
  as appropriate (in silly window avoidance).
- Per last bullet, split tcp_mss() into several functions for handling
  MSS (ours and peer's), and performing various tasks when a connection
  becomes ESTABLISHED.
- Introduce a new function, tcp_segsize(), which computes the max size
  for every segment transmitted in tcp_output().  This will eventually
  be used to hook in PMTU discovery.

Revision 1.31 / (download) - annotate - [select for diffs], Mon Jul 28 22:07:38 1997 UTC (26 years, 7 months ago) by thorpej
Branch: MAIN
CVS Tags: thorpej-signal-base, thorpej-signal, marc-pcmcia-bp
Branch point for: marc-pcmcia
Changes since 1.30: +1 -6 lines
Diff to previous 1.30 (colored)

Garbage-collect some "extern"s.

Revision 1.30 / (download) - annotate - [select for diffs], Mon Jul 28 01:07:48 1997 UTC (26 years, 7 months ago) by thorpej
Branch: MAIN
Changes since 1.29: +13 -4 lines
Diff to previous 1.29 (colored)

Fix a rather severe bug in handling of incoming SYNs for peer/port values
which happen to have a TCB in TIME_WAIT, where an mbuf which had been
advanced past the IP+TCP headers and TCP options would be reused as if
it had not been advanced.  Problem found by Juergen Hannken-Illjes, who
also suggested a work-around on which this fix is based.

Revision 1.29 / (download) - annotate - [select for diffs], Wed Jul 23 21:26:49 1997 UTC (26 years, 7 months ago) by thorpej
Branch: MAIN
Changes since 1.28: +772 -153 lines
Diff to previous 1.28 (colored)

Pull SYN_cache_branch down into the main line.

Revision 1.27.8.26 / (download) - annotate - [select for diffs], Wed Jul 16 18:39:27 1997 UTC (26 years, 7 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.25: +34 -40 lines
Diff to previous 1.27.8.25 (colored) to branchpoint 1.27 (colored) next main 1.28 (colored)

Rearrange things a bit so that TUBA compiles again.

Revision 1.27.8.25 / (download) - annotate - [select for diffs], Sun Jul 13 21:45:50 1997 UTC (26 years, 7 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.24: +2 -2 lines
Diff to previous 1.27.8.24 (colored) to branchpoint 1.27 (colored)

Pay attention to tcp_do_rfc1323 when creating compressed state for a SYN.

Revision 1.27.8.24 / (download) - annotate - [select for diffs], Fri Jul 11 08:29:04 1997 UTC (26 years, 7 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.23: +35 -48 lines
Diff to previous 1.27.8.23 (colored) to branchpoint 1.27 (colored)

If we have to abort the connection after the 3-way handshake is completed,
send an RST to the peer.

Revision 1.27.8.23 / (download) - annotate - [select for diffs], Fri Jul 11 06:33:10 1997 UTC (26 years, 7 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.22: +2 -2 lines
Diff to previous 1.27.8.22 (colored) to branchpoint 1.27 (colored)

In the "received SYN for listen socket" case, correct an off-by-one
botch in the backlog test, which could cause our SYN to not be put in
compressed state.

XXX In a perfect world, we want to create compressed state for _all_ SYNs,
XXX even if the socket queue is full of legit connections, but doing so
XXX would break backlog semantics (because we'd have to drop the connection
XXX before the last ACK that completes the 3-way handshake, and we don't
XXX currently have a way to do that).  Needs more thought.

Revision 1.27.8.22 / (download) - annotate - [select for diffs], Sun Jul 6 07:07:00 1997 UTC (26 years, 7 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.21: +2 -2 lines
Diff to previous 1.27.8.21 (colored) to branchpoint 1.27 (colored)

Update from trunk.

Revision 1.28 / (download) - annotate - [select for diffs], Sun Jul 6 07:04:34 1997 UTC (26 years, 7 months ago) by thorpej
Branch: MAIN
CVS Tags: SYN_cache_cur_base
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored)

Fix an old and obscure TCP bug, brought to my attention by Bill Fenner,
fixed in FreeBSD by John Polstra:

Fix a bug (apparently very old) that can cause a TCP connection to
be dropped when it has an unusual traffic pattern.  For full details
as well as a test case that demonstrates the failure, see the
referenced PR (FreeBSD's kern/3998).

   Under certain circumstances involving the persist state, it is
   possible for the receive side's tp->rcv_nxt to advance beyond its
   tp->rcv_adv.  This causes (tp->rcv_adv - tp->rcv_nxt) to become
   negative.  However, in the code affected by this fix, that difference
   was interpreted as an unsigned number by max().  Since it was
   negative, it was taken as a huge unsigned number.  The effect was
   to cause the receiver to believe that its receive window had negative
   size, thereby rejecting all received segments including ACKs.  As
   the test case shows, this led to fruitless retransmissions and
   eventually to a dropped connection.  Even connections using the
   loopback interface could be dropped.  The fix substitutes the signed
   imax() for the unsigned max() function.

Bill informs me that his research indicates this bug appeared in Reno.

Revision 1.27.8.21 / (download) - annotate - [select for diffs], Mon Jun 30 18:53:44 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.20: +3 -9 lines
Diff to previous 1.27.8.20 (colored) to branchpoint 1.27 (colored)

Clean up the TODO list a bit.

Revision 1.27.8.20 / (download) - annotate - [select for diffs], Mon Jun 30 18:35:55 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.19: +60 -11 lines
Diff to previous 1.27.8.19 (colored) to branchpoint 1.27 (colored)

Correct and document the semantics of error handling in syn_cache_get()
when creating the connection.  syn_cache_get() now returns the following:
* NULL: We don't have a SYN for this ACK; send the peer an RST.
* -1: We are unable to create a socket for this connection.  We have
  sent an ACK,RST to the peer.  Since the mbuf is being used to send
  the response, caller should not free it.
* -2: Some other error occured while creating the connection, but we were
  able to create a socket.  In this case, caller should simply drop the
  packet, and let the peer resend the ACK (this is the "abort and retry"
  case).
* Else, return value is a pointer to the socket created for the new
  connection.

Revision 1.27.8.19 / (download) - annotate - [select for diffs], Sun Jun 29 03:57:31 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.18: +12 -9 lines
Diff to previous 1.27.8.18 (colored) to branchpoint 1.27 (colored)

In tcp_input():
- Perform the DIAGNOSTIC check for TCPS_LISTEN a bit earlier, and remove
  a now-unnecessary check for TCPS_LISTEN state in the TCB.

Revision 1.27.8.18 / (download) - annotate - [select for diffs], Sun Jun 29 01:52:43 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.17: +3 -1 lines
Diff to previous 1.27.8.17 (colored) to branchpoint 1.27 (colored)

In syn_cache_get():
- If we abort the connection (due to resource shortage or other error),
  make sure notify tcp_input() upon return.

Revision 1.27.8.17 / (download) - annotate - [select for diffs], Sun Jun 29 01:32:28 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.16: +43 -85 lines
Diff to previous 1.27.8.16 (colored) to branchpoint 1.27 (colored)

In tcp_input():
- Garbage-collect TCPS_LISTEN state from TCP input processing now that
  all SYNs are handled with compressed state.  Since we should never see
  TCPS_LISTEN here, add a DIAGNOSTIC panic() if we encounter it.

In syn_cache_insert():
- Instrument hash collisions.

In syn_cache_get():
- Actually do all of the processing necessary to complete the connection
  (not as far as the foreign host is concerned, but rather internal state
  housekeeping).  This fixes the last of the "weird" problems I have
  encountered during normal use and under attack from multiple 10Mb/s
  syn floods.

Also, add a few comments to clarify a few bits of code.

Revision 1.27.8.16 / (download) - annotate - [select for diffs], Sat Jun 28 07:54:25 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.15: +1 -4 lines
Diff to previous 1.27.8.15 (colored) to branchpoint 1.27 (colored)

SYN cache can't ever be disabled since we use it for all incoming SYNs.

Revision 1.27.8.15 / (download) - annotate - [select for diffs], Sat Jun 28 04:24:15 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.14: +5 -5 lines
Diff to previous 1.27.8.14 (colored) to branchpoint 1.27 (colored)

KNF.

Revision 1.27.8.14 / (download) - annotate - [select for diffs], Sat Jun 28 02:44:26 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.13: +13 -86 lines
Diff to previous 1.27.8.13 (colored) to branchpoint 1.27 (colored)

In tcp_input(), always create compressed state when we receive a SYN,
rather than attempting to create a TCB, and using compressed state if
that fails.  This makes the logic much simpler, removes some code
duplication, and kills the "temporary socket" hack that has historically
existed in SYN handling.

This change eliminates the need for SS_FORCE, since we only create
TCBs on legitimate connections.  Previously, SS_FORCE was needed to
bypass the socket queue limit because legitimate connections might
have bee blocked out by bogus SYNs that weren't in compressed state.

Update TODO list appropriately.  (This was a BIG one.)

Revision 1.27.8.13 / (download) - annotate - [select for diffs], Sat Jun 28 00:59:31 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.12: +10 -10 lines
Diff to previous 1.27.8.12 (colored) to branchpoint 1.27 (colored)

Change some spaces -> tabs in indentation.  (Hmm, looks like someone
uses _emacs_ :-)

Revision 1.27.8.12 / (download) - annotate - [select for diffs], Sat Jun 28 00:48:08 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.11: +5 -4 lines
Diff to previous 1.27.8.11 (colored) to branchpoint 1.27 (colored)

In syn_cache_get(), set the state of the new inpcb to INP_BOUND.
If we don't do this, the PCB lookup will fail on subsequent packets
from the peer, causing an RST to be generated.

Couple of minor stylistic changes while I'm here.

Revision 1.27.8.11 / (download) - annotate - [select for diffs], Thu Jun 26 23:19:20 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.10: +22 -23 lines
Diff to previous 1.27.8.10 (colored) to branchpoint 1.27 (colored)

KNF sweep over the syn cache code.

Revision 1.27.8.10 / (download) - annotate - [select for diffs], Thu Jun 26 22:37:54 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.9: +7 -14 lines
Diff to previous 1.27.8.9 (colored) to branchpoint 1.27 (colored)

Remove unnecessary (and incorrect) htonl()s in the multicast test in
syn_cache_add().

Revision 1.27.8.9 / (download) - annotate - [select for diffs], Thu Jun 26 22:24:36 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.8: +7 -11 lines
Diff to previous 1.27.8.8 (colored) to branchpoint 1.27 (colored)

Knock tcp_mss() lossage and type-size problems off the TODO list.

Revision 1.27.8.8 / (download) - annotate - [select for diffs], Thu Jun 26 22:20:35 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.7: +13 -13 lines
Diff to previous 1.27.8.7 (colored) to branchpoint 1.27 (colored)

In sys_cache_respond():
- Fix type size problems, especially in creation of the timestamp option.
- Fix byte order problems in creation of the MSS option.

Revision 1.27.8.7 / (download) - annotate - [select for diffs], Thu Jun 26 21:57:00 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.6: +2 -2 lines
Diff to previous 1.27.8.6 (colored) to branchpoint 1.27 (colored)

tcp_mss() needs to take a u_int, not a u_int16_t.

Revision 1.27.8.6 / (download) - annotate - [select for diffs], Thu Jun 26 21:40:03 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.5: +2 -2 lines
Diff to previous 1.27.8.5 (colored) to branchpoint 1.27 (colored)

Casting pointers to u_int64_t isn't correct.  Casting to u_long is fine
for arithmetic operations.

Revision 1.27.8.5 / (download) - annotate - [select for diffs], Thu Jun 26 21:31:17 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.4: +2 -2 lines
Diff to previous 1.27.8.4 (colored) to branchpoint 1.27 (colored)

Oops, remove nested comment in the TODO list.

Revision 1.27.8.4 / (download) - annotate - [select for diffs], Thu Jun 26 18:38:31 1997 UTC (26 years, 8 months ago) by thorpej
Branch: SYN_cache_branch
Changes since 1.27.8.3: +85 -1 lines
Diff to previous 1.27.8.3 (colored) to branchpoint 1.27 (colored)

Add a TODO list, from Charles M. Hannum.

Revision 1.27.8.3 / (download) - annotate - [select for diffs], Wed May 28 21:46:08 1997 UTC (26 years, 9 months ago) by mellon
Branch: SYN_cache_branch
Changes since 1.27.8.2: +2 -2 lines
Diff to previous 1.27.8.2 (colored) to branchpoint 1.27 (colored)

Pointers are 64 bits on alpha - fix warning.

Revision 1.27.8.2 / (download) - annotate - [select for diffs], Wed May 14 18:11:28 1997 UTC (26 years, 9 months ago) by mellon
Branch: SYN_cache_branch
Changes since 1.27.8.1: +2 -2 lines
Diff to previous 1.27.8.1 (colored) to branchpoint 1.27 (colored)

SS_PRIV -> SS_FORCE

Revision 1.27.8.1 / (download) - annotate - [select for diffs], Wed May 14 17:42:27 1997 UTC (26 years, 9 months ago) by mellon
Branch: SYN_cache_branch
Changes since 1.27: +674 -39 lines
Diff to previous 1.27 (colored)

Incorporate David Borman of BSDI's tcp SYN caching patches for
4.4BSD-lite2:

	- define non-global syn cache variables
	- define syn cache hashing algorithm

	in tcp_input():

	- package ts_val, ts_ecr and ts_present in a tcp_opt_info
	  structure so that they can be passed en masse to the
	  syn_cache code.

	if the packet matched a socket that's in the ACCEPTING state:

	- if an incoming connection does not yet have a tcpcb, but
	  it's not a SYN packet, check in the syn cache to see if we
	  cached the initial SYN.   If not, send an RST packet.   If
	  so, and if it's an RST packet, though, just blow away the
	  cache entry.   If there was a cache entry and we aren't
	  processing an RST packet, create the full-blown connection
	  now and jump into the part of tcp_input() that deals with
	  connected sockets.

	- if it is a SYN, and sonewconn() wouldn't queue it because
	  the limit for incoming half-up connections has been
	  exceeded, but the limit for established connections hasn't
	  yet been exceeded, then put this connection into the syn
	  cache.

	after we've handled the accepting state:

	- call tcp_dooptions with tcp_opt_info structure rather than
	  discrete option state variables.

	- If the connection is half-up, and we get an ACK packet, but
	  it's not for the SYN we sent, drop the connection and send
	  an RST, per rfc793, p. 36.

	in tcp_dooptions:

	- combine all the option state passed as arguments into one
	  tcp_opt_info structure.

	add syn cache management functions, verbatim from David's
	patch:

	syn_cache_insert: insert a connection into the SYN cache.   If
	  we reach the per-bucket or cache size limit, toss the oldest
	  entry in the bucket, or if there are no entries in this
	  bucket yet, go looking for an entry to toss.

	syn_cache_timer: blow away aging cache entries.

	syn_cache_lookup: find the syn cache entry matching a
	  particular tcp packet, if any.

	syn_cache_get: take an entry out of the cache and make a
	  socket for it.

	syn_cache_reset: zap a connection in the syn cache based on
	  receipt of an RST packet.

	syn_cache_unreach: zap a connection in the syn cache based on
	  an ICMP unreachable message.

	syn_cache_add: given a LISTEN socket and an inbound SYN
	  request, add an entry to the syn cache and send a SYN,ACK to
	  the source.

	syn_cache_respond: actually sends the SYN,ACK.

Revision 1.23.4.2 / (download) - annotate - [select for diffs], Wed Dec 11 02:25:19 1996 UTC (27 years, 2 months ago) by mycroft
Branch: netbsd-1-2
CVS Tags: netbsd-1-2-PATCH001
Changes since 1.23.4.1: +5 -2 lines
Diff to previous 1.23.4.1 (colored) to branchpoint 1.23 (colored) next main 1.24 (colored)

From trunk:
If we're in SYN-SENT or SYN-RECEIVED state, don't reset the keepalive
timer until we transition to ESTABLISHED state.

Revision 1.23.4.1 / (download) - annotate - [select for diffs], Tue Dec 10 18:21:07 1996 UTC (27 years, 2 months ago) by mycroft
Branch: netbsd-1-2
Changes since 1.23: +9 -8 lines
Diff to previous 1.23 (colored)

From trunk:
Fix RTT scaling problems introduced with Brakmo and Peterson changes.

Revision 1.27 / (download) - annotate - [select for diffs], Tue Dec 10 18:20:19 1996 UTC (27 years, 2 months ago) by mycroft
Branch: MAIN
CVS Tags: thorpej-setroot, mrg-vm-swap, is-newarp-before-merge, is-newarp-base, is-newarp, bouyer-scsipi
Branch point for: SYN_cache_branch
Changes since 1.26: +9 -8 lines
Diff to previous 1.26 (colored)

Fix RTT scaling problems introduced with Brakmo and Peterson changes.

Revision 1.26 / (download) - annotate - [select for diffs], Sun Sep 15 18:11:09 1996 UTC (27 years, 5 months ago) by mycroft
Branch: MAIN
Changes since 1.25: +4 -5 lines
Diff to previous 1.25 (colored)

Hash unconnected PCBs.

Revision 1.25 / (download) - annotate - [select for diffs], Tue Sep 10 23:26:05 1996 UTC (27 years, 5 months ago) by mycroft
Branch: MAIN
Changes since 1.24: +5 -2 lines
Diff to previous 1.24 (colored)

If we're in SYN-SENT or SYN-RECEIVED state, don't reset the keepalive
timer until we transition to ESTABLISHED state.  Suggested by TCP/IP
vol 3.

Revision 1.24 / (download) - annotate - [select for diffs], Mon Sep 9 14:51:20 1996 UTC (27 years, 5 months ago) by mycroft
Branch: MAIN
Changes since 1.23: +12 -10 lines
Diff to previous 1.23 (colored)

Add in_nullhost() and in_hosteq() macros, to hide some protocol
details.  Also, fix a bug in TCP wrt SYN+URG packets.

Revision 1.23 / (download) - annotate - [select for diffs], Tue Feb 13 23:43:44 1996 UTC (28 years ago) by christos
Branch: MAIN
CVS Tags: netbsd-1-2-base, netbsd-1-2-RELEASE, netbsd-1-2-BETA
Branch point for: netbsd-1-2
Changes since 1.22: +23 -13 lines
Diff to previous 1.22 (colored)

netinet prototypes

Revision 1.19.2.1 / (download) - annotate - [select for diffs], Fri Feb 2 06:12:54 1996 UTC (28 years, 1 month ago) by mycroft
Branch: netbsd-1-1
Changes since 1.19: +14 -17 lines
Diff to previous 1.19 (colored) next main 1.20 (colored)

Bring in changes for mondo patch 2.

Revision 1.22 / (download) - annotate - [select for diffs], Wed Jan 31 05:56:56 1996 UTC (28 years, 1 month ago) by mycroft
Branch: MAIN
Changes since 1.21: +6 -7 lines
Diff to previous 1.21 (colored)

Ignore FIN if not yet connected.

Revision 1.21 / (download) - annotate - [select for diffs], Wed Jan 31 03:49:33 1996 UTC (28 years, 1 month ago) by mycroft
Branch: MAIN
Changes since 1.20: +9 -11 lines
Diff to previous 1.20 (colored)

Build a hash table of PCBs.  Hash function needs tweaking.

Revision 1.20 / (download) - annotate - [select for diffs], Tue Nov 21 01:07:39 1995 UTC (28 years, 3 months ago) by cgd
Branch: MAIN
Changes since 1.19: +57 -39 lines
Diff to previous 1.19 (colored)

make netinet work on systems where pointers and longs are 64 bits
(like the alpha).  Biggest problem: IP headers were overlayed with
structure which included pointers, and which therefore didn't overlay
properly on 64-bit machines.  Solution: instead of threading pointers
through IP header overlays, add a "queue element" structure to do
the threading, and point it at the ip headers.

Revision 1.19 / (download) - annotate - [select for diffs], Fri Aug 4 01:12:23 1995 UTC (28 years, 7 months ago) by mycroft
Branch: MAIN
CVS Tags: netbsd-1-1-base, netbsd-1-1-RELEASE, netbsd-1-1-PATCH001
Branch point for: netbsd-1-1
Changes since 1.18: +3 -3 lines
Diff to previous 1.18 (colored)

Encapsulate the test for sending a notification in a macro, sb_notify().

Revision 1.18 / (download) - annotate - [select for diffs], Mon Jun 12 00:47:52 1995 UTC (28 years, 8 months ago) by mycroft
Branch: MAIN
Changes since 1.17: +15 -15 lines
Diff to previous 1.17 (colored)

Various cleanup, including:
* Convert several data structures to use queue.h.
* Split in_pcbnotify() into two parts; one for notifying a specific PCB, and
one for notifying all PCBs for a particular foreign address.

Revision 1.17 / (download) - annotate - [select for diffs], Sun Jun 11 21:36:04 1995 UTC (28 years, 8 months ago) by mycroft
Branch: MAIN
Changes since 1.16: +2 -2 lines
Diff to previous 1.16 (colored)

Oops.  Decrement rtt earlier.

Revision 1.16 / (download) - annotate - [select for diffs], Sun Jun 11 20:39:22 1995 UTC (28 years, 8 months ago) by mycroft
Branch: MAIN
Changes since 1.15: +8 -7 lines
Diff to previous 1.15 (colored)

As suggested by Brakmo and Peterson:
* Don't add the extra 1/8 of the mss when ramping up the congestion window.
* Scale the RTT values slightly to adjust for rounding errors.
* Set the lower bound of the RTO to RTT+2.

Revision 1.15 / (download) - annotate - [select for diffs], Sun Jun 11 09:36:28 1995 UTC (28 years, 8 months ago) by mycroft
Branch: MAIN
Changes since 1.14: +3 -2 lines
Diff to previous 1.14 (colored)

Check for inflated congestion window during header prediction, per Bramko and
Peterson.

Revision 1.14 / (download) - annotate - [select for diffs], Sun Jun 4 05:07:14 1995 UTC (28 years, 9 months ago) by mycroft
Branch: MAIN
Changes since 1.13: +2 -3 lines
Diff to previous 1.13 (colored)

Clean up many more casts.

Revision 1.13 / (download) - annotate - [select for diffs], Thu Jun 1 21:36:45 1995 UTC (28 years, 9 months ago) by mycroft
Branch: MAIN
Changes since 1.12: +3 -3 lines
Diff to previous 1.12 (colored)

Avoid byte-swapping IP addresses at run time.

Revision 1.12 / (download) - annotate - [select for diffs], Thu Apr 13 06:36:37 1995 UTC (28 years, 10 months ago) by cgd
Branch: MAIN
Changes since 1.11: +9 -8 lines
Diff to previous 1.11 (colored)

be a bit more careful and explicit with types.  (basically a large no-op.)

Revision 1.11 / (download) - annotate - [select for diffs], Fri Oct 14 16:01:49 1994 UTC (29 years, 4 months ago) by mycroft
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)

Don't return received data to the user until the initial handshake is complete.
Also use TCPS_HAVEESTABLISHED() in a few other places.

Revision 1.10 / (download) - annotate - [select for diffs], Wed Jun 29 06:38:40 1994 UTC (29 years, 8 months ago) by cgd
Branch: MAIN
CVS Tags: netbsd-1-0-base, netbsd-1-0-RELEASE, netbsd-1-0-PATCH1, netbsd-1-0-PATCH06, netbsd-1-0-PATCH05, netbsd-1-0-PATCH04, netbsd-1-0-PATCH03, netbsd-1-0-PATCH02, netbsd-1-0-PATCH0, netbsd-1-0
Changes since 1.9: +3 -2 lines
Diff to previous 1.9 (colored)

New RCS ID's, take two.  they're more aesthecially pleasant, and use 'NetBSD'

Revision 1.9 / (download) - annotate - [select for diffs], Fri May 13 06:06:39 1994 UTC (29 years, 9 months ago) by mycroft
Branch: MAIN
Changes since 1.8: +236 -93 lines
Diff to previous 1.8 (colored)

Update to 4.4-Lite networking code, with a few local changes.

Revision 1.8 / (download) - annotate - [select for diffs], Mon Apr 25 19:16:53 1994 UTC (29 years, 10 months ago) by mycroft
Branch: MAIN
Changes since 1.7: +9 -3 lines
Diff to previous 1.7 (colored)

As I described this on comp.protocols.tcp-ip:

I've found a problem with the TCP delayed ack algorithm.  If the writer's
buffer becomes full before sending an entire window, the writer will stop
and the ack will be delayed and the transmission will be stalled pending
a timeout on (and transmission of) the delayed ack.

As an experiment, I've applied the following patch to my (NetBSD) kernel,
and it alleviates the problem.

The worst case for this change is that the writer sets the PSH bit on
every outgoing packet, in which case delayed ack is effectively disabled.
This is not an issue of correctness, however, and since most vendors use
the PSH bit a bit more intelligently, it doesn't seem like a serious
problem.

Revision 1.7 / (download) - annotate - [select for diffs], Tue Apr 12 18:07:46 1994 UTC (29 years, 10 months ago) by mycroft
Branch: MAIN
Changes since 1.6: +11 -27 lines
Diff to previous 1.6 (colored)

Patch from James Carlson to fix TCP stalls.

Revision 1.6 / (download) - annotate - [select for diffs], Sat Jan 8 23:26:40 1994 UTC (30 years, 1 month ago) by mycroft
Branch: MAIN
Changes since 1.5: +1 -3 lines
Diff to previous 1.5 (colored)

Remove some extra prototypes.

Revision 1.5 / (download) - annotate - [select for diffs], Sat Jan 8 23:07:18 1994 UTC (30 years, 1 month ago) by mycroft
Branch: MAIN
Changes since 1.4: +16 -4 lines
Diff to previous 1.4 (colored)

Prototypes.

Revision 1.4 / (download) - annotate - [select for diffs], Sat Jan 8 21:21:58 1994 UTC (30 years, 1 month ago) by mycroft
Branch: MAIN
Changes since 1.3: +12 -12 lines
Diff to previous 1.3 (colored)

Fix some inconsistent spacing; spaces at the end of lines, etc.

Revision 1.3 / (download) - annotate - [select for diffs], Sat Dec 18 00:42:03 1993 UTC (30 years, 2 months ago) by mycroft
Branch: MAIN
Changes since 1.2: +24 -24 lines
Diff to previous 1.2 (colored)

Canonicalize all #includes.

Revision 1.2 / (download) - annotate - [select for diffs], Tue May 18 18:20:15 1993 UTC (30 years, 9 months ago) by cgd
Branch: MAIN
CVS Tags: netbsd-0-9-patch-001, netbsd-0-9-base, netbsd-0-9-RELEASE, netbsd-0-9-BETA, netbsd-0-9-ALPHA2, netbsd-0-9-ALPHA, netbsd-0-9, magnum-base, magnum
Changes since 1.1: +3 -1 lines
Diff to previous 1.1 (colored)

make kernel select interface be one-stop shopping & clean it all up.

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sun Mar 21 09:45:37 1993 UTC (30 years, 11 months ago) by cgd
Branch: WFJ-920714, CSRG
CVS Tags: patchkit-0-2-2, netbsd-alpha-1, netbsd-0-8, WFJ-386bsd-01
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

initial import of 386bsd-0.1 sources

Revision 1.1 / (download) - annotate - [select for diffs], Sun Mar 21 09:45:37 1993 U