The NetBSD Project

CVS log for src/sys/netinet6/ip6_output.c

[BACK] Up to [cvs.NetBSD.org] / src / sys / netinet6

Request diff between arbitrary revisions


Default branch: MAIN
Current tag: MAIN


Revision 1.226 / (download) - annotate - [select for diffs], Tue Sep 8 14:12:57 2020 UTC (2 months, 2 weeks ago) by christos
Branch: MAIN
CVS Tags: thorpej-futex-base, thorpej-futex, HEAD
Changes since 1.225: +18 -2 lines
Diff to previous 1.225 (colored)

Add IP_BINDANY, IPV6_BINDANY which can be used to bind to any address in
order to implement transparent proxies.

Revision 1.225 / (download) - annotate - [select for diffs], Fri Aug 28 06:32:24 2020 UTC (2 months, 3 weeks ago) by ozaki-r
Branch: MAIN
Changes since 1.224: +22 -7 lines
Diff to previous 1.224 (colored)

inet6: reduce silent packet discards

Revision 1.224 / (download) - annotate - [select for diffs], Fri Aug 28 06:19:13 2020 UTC (2 months, 3 weeks ago) by ozaki-r
Branch: MAIN
Changes since 1.223: +3 -2 lines
Diff to previous 1.223 (colored)

inet, inet6: count packets dropped by IPsec

The counters count packets dropped due to security policy checks.

Revision 1.223 / (download) - annotate - [select for diffs], Fri Jun 12 11:04:45 2020 UTC (5 months, 1 week ago) by roy
Branch: MAIN
Changes since 1.222: +7 -10 lines
Diff to previous 1.222 (colored)

Remove in-kernel handling of Router Advertisements

This is much better handled by a user-land tool.
Proposed on tech-net here:
https://mail-index.netbsd.org/tech-net/2020/04/22/msg007766.html

Note that the ioctl SIOCGIFINFO_IN6 no longer sets flags. That now
needs to be done using the pre-existing SIOCSIFINFO_FLAGS ioctl.

Compat is fully provided where it makes sense, but trying to turn on
RA handling will obviously throw an error as it no longer exists.

Note that if you use IPv6 temporary addresses, this now needs to be
turned on in dhcpcd.conf(5) rather than in sysctl.conf(5).

Revision 1.222 / (download) - annotate - [select for diffs], Wed Nov 13 02:51:22 2019 UTC (12 months, 1 week ago) by ozaki-r
Branch: MAIN
CVS Tags: phil-wifi-20200421, phil-wifi-20200411, phil-wifi-20200406, phil-wifi-20191119, is-mlppp-base, is-mlppp, bouyer-xenpvh-base2, bouyer-xenpvh-base1, bouyer-xenpvh-base, bouyer-xenpvh, ad-namecache-base3, ad-namecache-base2, ad-namecache-base1, ad-namecache-base, ad-namecache
Changes since 1.221: +3 -3 lines
Diff to previous 1.221 (colored)

Get rid of unnecessary NULL checks for rt_ifa and ifa_ifp

They are always non-NULL nowadays.

Revision 1.221 / (download) - annotate - [select for diffs], Fri Nov 1 04:23:21 2019 UTC (12 months, 3 weeks ago) by knakahara
Branch: MAIN
Changes since 1.220: +3 -3 lines
Diff to previous 1.220 (colored)

Fix ipsecif(4) IPV6_MINMTU does not work correctly.

Revision 1.220 / (download) - annotate - [select for diffs], Wed May 15 02:59:18 2019 UTC (18 months, 1 week ago) by ozaki-r
Branch: MAIN
CVS Tags: phil-wifi-20190609, netbsd-9-base, netbsd-9-1-RELEASE, netbsd-9-0-RELEASE, netbsd-9-0-RC2, netbsd-9-0-RC1, netbsd-9
Changes since 1.219: +2 -15 lines
Diff to previous 1.219 (colored)

Get rid of IFNET_LOCK for if_mcast_op to avoid a deadlock

The IFNET_LOCK was added to avoid data races on if_flags for IFF_ALLMULTI.
Unfortunatetly it caused a deadlock instead.  A known scenario causing a
deadlock is to occur the following two operations concurrently: (a) a removal of
an IP adddres assigned to an interface and (b) a manipulation of multicast
groups to the interface.  The resource dependency graph is like this:
  softnet_lock => IFNET_LOCK => psref_target_destroy => softint => softnet_lock

Thanks to the previous commit that avoids data races on if_flags for
IFF_ALLMULTI by another approach, we can remove IFNET_LOCK and defuse the
deadlock.

PR kern/54189

Revision 1.219 / (download) - annotate - [select for diffs], Mon May 13 07:47:59 2019 UTC (18 months, 1 week ago) by ozaki-r
Branch: MAIN
Changes since 1.218: +6 -5 lines
Diff to previous 1.218 (colored)

Count packets dropped by pfil

Revision 1.218 / (download) - annotate - [select for diffs], Wed Apr 3 19:23:38 2019 UTC (19 months, 3 weeks ago) by maxv
Branch: MAIN
CVS Tags: isaki-audio2-base, isaki-audio2
Changes since 1.217: +3 -3 lines
Diff to previous 1.217 (colored)

Fix small read overflow; harmless, because since I removed RH0, the memory
access on IPV6_RTHDR that would normally be illegal is not needed, and GCC
automatically removes it.

Revision 1.217 / (download) - annotate - [select for diffs], Mon Feb 4 10:48:46 2019 UTC (21 months, 2 weeks ago) by mrg
Branch: MAIN
Changes since 1.216: +8 -8 lines
Diff to previous 1.216 (colored)

rework the #ifdef IPSEC code to not use fallthru.
same number of lines with more local context.

Revision 1.216 / (download) - annotate - [select for diffs], Sat Dec 22 14:28:57 2018 UTC (23 months ago) by maxv
Branch: MAIN
CVS Tags: pgoyette-compat-20190127, pgoyette-compat-20190118, pgoyette-compat-1226
Changes since 1.215: +3 -3 lines
Diff to previous 1.215 (colored)

Replace M_ALIGN and MH_ALIGN by m_align.

Revision 1.215 / (download) - annotate - [select for diffs], Sat Dec 22 13:11:38 2018 UTC (23 months ago) by maxv
Branch: MAIN
Changes since 1.214: +3 -3 lines
Diff to previous 1.214 (colored)

Replace: M_MOVE_PKTHDR -> m_move_pkthdr. No functional change, since the
former is a macro to the latter.

Revision 1.214 / (download) - annotate - [select for diffs], Wed Dec 12 01:53:52 2018 UTC (23 months, 1 week ago) by rin
Branch: MAIN
Changes since 1.213: +9 -7 lines
Diff to previous 1.213 (colored)

Simplify logic in ip{,6}_output().

Now, we have M_CSUM_TSOv[46] bit in ifp->if_csum_flags_tx when
TSO[46] is enabled for the interface. So we can simply check
whether TSO[46] is required in a packet but missing in the
interface by (sw_csum & M_CSUM_TSOv[46]).

Note that this is a very rare case where TSO[46] is suddenly
turned off during a packet passing b/w TCP and IP.

part of PR kern/53562
OK msaitoh

Revision 1.213 / (download) - annotate - [select for diffs], Thu Nov 29 10:02:52 2018 UTC (23 months, 3 weeks ago) by ozaki-r
Branch: MAIN
Changes since 1.212: +3 -2 lines
Diff to previous 1.212 (colored)

Don't validate the source address of forwarding IPv6 packets (same as IPv4)

Revision 1.212 / (download) - annotate - [select for diffs], Fri Aug 10 06:46:09 2018 UTC (2 years, 3 months ago) by maxv
Branch: MAIN
CVS Tags: pgoyette-compat-1126, pgoyette-compat-1020, pgoyette-compat-0930, pgoyette-compat-0906
Changes since 1.211: +5 -32 lines
Diff to previous 1.211 (colored)

Rename

	ip6_undefer_csum  -> in6_undefer_cksum
	in6_delayed_cksum -> in6_undefer_cksum_tcpudp

The two previous names were inconsistent and misleading.

Put the two functions into in6_offload.c. Add comments to explain what
we're doing.

Same as IPv4.

Revision 1.211 / (download) - annotate - [select for diffs], Fri Jun 1 08:56:00 2018 UTC (2 years, 5 months ago) by maxv
Branch: MAIN
CVS Tags: phil-wifi-base, pgoyette-compat-0728, pgoyette-compat-0625
Branch point for: phil-wifi
Changes since 1.210: +5 -5 lines
Diff to previous 1.210 (colored)

Rename

	M_CSUM_DATA_IPv6_HL -> M_CSUM_DATA_IPv6_IPHL
	M_CSUM_DATA_IPv6_HL_SET -> M_CSUM_DATA_IPv6_SET

Reduces the diff against IPv4. Also, clarify the definitions.

Revision 1.210 / (download) - annotate - [select for diffs], Tue May 29 16:21:30 2018 UTC (2 years, 5 months ago) by maxv
Branch: MAIN
Changes since 1.209: +2 -25 lines
Diff to previous 1.209 (colored)

Remove dead code, we don't care.

Revision 1.209 / (download) - annotate - [select for diffs], Wed May 9 06:35:10 2018 UTC (2 years, 6 months ago) by maxv
Branch: MAIN
CVS Tags: pgoyette-compat-0521
Changes since 1.208: +3 -3 lines
Diff to previous 1.208 (colored)

Replace
	m_copym(m, 0, M_COPYALL, M_DONTWAIT)
by
	m_copypacket(m, M_DONTWAIT)
when it is clear that we are copying a packet (that has M_PKTHDR) and not
a raw mbuf chain.

Revision 1.208 / (download) - annotate - [select for diffs], Tue May 1 07:21:39 2018 UTC (2 years, 6 months ago) by maxv
Branch: MAIN
CVS Tags: pgoyette-compat-0502
Changes since 1.207: +2 -5 lines
Diff to previous 1.207 (colored)

Remove now unused net_osdep.h includes, the other BSDs did the same.

Revision 1.207 / (download) - annotate - [select for diffs], Sun Apr 29 11:51:08 2018 UTC (2 years, 6 months ago) by maxv
Branch: MAIN
Changes since 1.206: +3 -3 lines
Diff to previous 1.206 (colored)

Remove unused and misleading argument from ipsec_set_policy.

Revision 1.206 / (download) - annotate - [select for diffs], Thu Apr 26 19:50:09 2018 UTC (2 years, 6 months ago) by maxv
Branch: MAIN
Changes since 1.205: +4 -4 lines
Diff to previous 1.205 (colored)

Stop using m_copy(), use m_copym() directly. m_copy is useless,
undocumented and confusing.

Revision 1.205 / (download) - annotate - [select for diffs], Mon Apr 23 07:22:54 2018 UTC (2 years, 7 months ago) by maxv
Branch: MAIN
Changes since 1.204: +4 -33 lines
Diff to previous 1.204 (colored)

Remove the kernel RH0 code. RH0 is deprecated by RFC5095, for security
reasons. RH0 was already removed in the kernel's input path, but some
parts were still present in the output path: they are now removed.

Sent on tech-net@ a few days ago.

Revision 1.204 / (download) - annotate - [select for diffs], Wed Apr 18 07:17:49 2018 UTC (2 years, 7 months ago) by maxv
Branch: MAIN
CVS Tags: pgoyette-compat-0422
Changes since 1.203: +2 -3 lines
Diff to previous 1.203 (colored)

Remove unused netipsec/xform.h includes.

Revision 1.203 / (download) - annotate - [select for diffs], Tue Feb 27 15:01:30 2018 UTC (2 years, 8 months ago) by maxv
Branch: MAIN
CVS Tags: pgoyette-compat-base, pgoyette-compat-0415, pgoyette-compat-0407, pgoyette-compat-0330, pgoyette-compat-0322, pgoyette-compat-0315
Branch point for: pgoyette-compat
Changes since 1.202: +3 -3 lines
Diff to previous 1.202 (colored)

Dedup: merge ipsec4_set_policy and ipsec6_set_policy. The content of the
original ipsec_set_policy function is inlined into the new one.

Revision 1.202 / (download) - annotate - [select for diffs], Tue Feb 27 14:44:10 2018 UTC (2 years, 8 months ago) by maxv
Branch: MAIN
Changes since 1.201: +3 -3 lines
Diff to previous 1.201 (colored)

Dedup: merge

	ipsec4_get_policy and ipsec6_get_policy
	ipsec4_delete_pcbpolicy and ipsec6_delete_pcbpolicy

The already-existing ipsec_get_policy() function is inlined in the new
one.

Revision 1.201 / (download) - annotate - [select for diffs], Mon Feb 12 12:52:12 2018 UTC (2 years, 9 months ago) by maxv
Branch: MAIN
Changes since 1.200: +8 -8 lines
Diff to previous 1.200 (colored)

Replace bcopy -> memcpy when it is obvious that the areas don't overlap.
Rearrange ip6_splithdr() for clarity.

Revision 1.200 / (download) - annotate - [select for diffs], Wed Jan 31 15:23:08 2018 UTC (2 years, 9 months ago) by maxv
Branch: MAIN
Changes since 1.199: +5 -3 lines
Diff to previous 1.199 (colored)

Correct the check; we want to find IPPROTO_HOPOPTS, not IPV6_HOPOPTS. This
just couldn't work.

By the way, I'm wondering what is the point of this block. Calling
ip6_hopopts_input() won't achieve anything useful, and it could actually
be a problem, because there are several paths in it that call icmp6_error,
which calls ip6_output, and then we're back in the same function. Besides
it is possible to reach icmp6_error with a packet we emitted (as opposed
to a packet we are forwarding), and in that case we are sending an ICMP
error back to ourselves.

Revision 1.199 / (download) - annotate - [select for diffs], Wed Jan 31 14:16:28 2018 UTC (2 years, 9 months ago) by maxv
Branch: MAIN
Changes since 1.198: +2 -3 lines
Diff to previous 1.198 (colored)

Remove a misleading instruction. We don't care about increasing
m_pkthdr.len in ip6_insertfraghdr(), it gets recomputed after calling
this function.

If we cared there would be a bug, since we don't increase it in the
other branches.

Revision 1.198 / (download) - annotate - [select for diffs], Wed Jan 31 14:10:11 2018 UTC (2 years, 9 months ago) by maxv
Branch: MAIN
Changes since 1.197: +15 -13 lines
Diff to previous 1.197 (colored)

Try to sound a little less pessimistic, there is nothing wrong here.

Revision 1.197 / (download) - annotate - [select for diffs], Wed Jan 31 13:57:08 2018 UTC (2 years, 9 months ago) by maxv
Branch: MAIN
Changes since 1.196: +88 -89 lines
Diff to previous 1.196 (colored)

Style, localify, constify, and reorder a bit. No real functional change.

Revision 1.196 / (download) - annotate - [select for diffs], Fri Dec 15 04:03:46 2017 UTC (2 years, 11 months ago) by ozaki-r
Branch: MAIN
Changes since 1.195: +18 -3 lines
Diff to previous 1.195 (colored)

Ensure to call if_mcast_op with holding IFNET_LOCK

Note that CARP doesn't deal with IFNET_LOCK yet.

Revision 1.195 / (download) - annotate - [select for diffs], Sat Nov 25 13:18:02 2017 UTC (2 years, 11 months ago) by kre
Branch: MAIN
CVS Tags: tls-maxphys-base-20171202
Changes since 1.194: +3 -3 lines
Diff to previous 1.194 (colored)


Attempt to restore v6 networking.   Not 100% certain that these
changes are all that is needed, but they're certainly a big part of it
(especially the ip6_input.c change.)

Revision 1.194 / (download) - annotate - [select for diffs], Fri Nov 24 14:03:25 2017 UTC (3 years ago) by roy
Branch: MAIN
Changes since 1.193: +14 -8 lines
Diff to previous 1.193 (colored)

Allow local communication over DETACHED addresses.
Allow binding to DETACHED or TENTATIVE addresses as we deny
sending upstream from them anyway.
Prefer non DETACHED or TENTATIVE addresses.

Revision 1.193 / (download) - annotate - [select for diffs], Wed Aug 2 01:28:03 2017 UTC (3 years, 3 months ago) by ozaki-r
Branch: MAIN
CVS Tags: nick-nhusb-base-20170825
Changes since 1.192: +3 -3 lines
Diff to previous 1.192 (colored)

Make IPsec SPD MP-safe

We use localcount(9), not psref(9), to make the sptree and secpolicy (SP)
entries MP-safe because SPs need to be referenced over opencrypto
processing that executes a callback in a different context.

SPs on sockets aren't managed by the sptree and can be destroyed in softint.
localcount_drain cannot be used in softint so we delay the destruction of
such SPs to a thread context. To do so, a list to manage such SPs is added
(key_socksplist) and key_timehandler_spd deletes dead SPs in the list.

For more details please read the locking notes in key.c.

Proposed on tech-kern@ and tech-net@

Revision 1.192 / (download) - annotate - [select for diffs], Mon Jun 26 08:01:53 2017 UTC (3 years, 4 months ago) by ozaki-r
Branch: MAIN
CVS Tags: perseant-stdc-iso10646-base, perseant-stdc-iso10646
Changes since 1.191: +4 -2 lines
Diff to previous 1.191 (colored)

Fix usage of ip6_get_membership

It may set nothing to ifp even if returning 0. So we need to NULL-clear
ifp before calling it.

Fix PR kern/52324

Revision 1.191 / (download) - annotate - [select for diffs], Fri Mar 3 07:13:06 2017 UTC (3 years, 8 months ago) by ozaki-r
Branch: MAIN
CVS Tags: prg-localcount2-base3, prg-localcount2-base2, prg-localcount2-base1, prg-localcount2-base, prg-localcount2, pgoyette-localcount-20170426, pgoyette-localcount-20170320, netbsd-8-base, jdolecek-ncq-base, jdolecek-ncq, bouyer-socketcan-base1
Branch point for: netbsd-8
Changes since 1.190: +4 -4 lines
Diff to previous 1.190 (colored)

Pass inpcb/in6pcb instead of socket to ip_output/ip6_output

- Passing a socket to Layer 3 is layer violation and even unnecessary
- The change makes codes of callers and IPsec a bit simple

Revision 1.190 / (download) - annotate - [select for diffs], Thu Mar 2 05:26:24 2017 UTC (3 years, 8 months ago) by ozaki-r
Branch: MAIN
Changes since 1.189: +4 -3 lines
Diff to previous 1.189 (colored)

Make sure im6o_memberships is protected by in6p's lock (solock)

Revision 1.189 / (download) - annotate - [select for diffs], Thu Mar 2 05:24:23 2017 UTC (3 years, 8 months ago) by ozaki-r
Branch: MAIN
Changes since 1.188: +34 -16 lines
Diff to previous 1.188 (colored)

Make usages of ifp MP-safe in some functions of IP multicast

Revision 1.188 / (download) - annotate - [select for diffs], Thu Mar 2 01:05:02 2017 UTC (3 years, 8 months ago) by ozaki-r
Branch: MAIN
Changes since 1.187: +8 -9 lines
Diff to previous 1.187 (colored)

Use LIST_* macros

No functional change.

Revision 1.187 / (download) - annotate - [select for diffs], Wed Mar 1 08:54:12 2017 UTC (3 years, 8 months ago) by ozaki-r
Branch: MAIN
Changes since 1.186: +5 -6 lines
Diff to previous 1.186 (colored)

Provide in6_multi_group

Use it when checking if we belong to the group, instead of in6_lookup_multi.

No functional change.

Revision 1.186 / (download) - annotate - [select for diffs], Wed Feb 22 07:46:00 2017 UTC (3 years, 9 months ago) by ozaki-r
Branch: MAIN
Changes since 1.185: +3 -3 lines
Diff to previous 1.185 (colored)

Stop using useless IN6_*_MULTI macros

Revision 1.185 / (download) - annotate - [select for diffs], Wed Feb 22 07:05:04 2017 UTC (3 years, 9 months ago) by ozaki-r
Branch: MAIN
Changes since 1.184: +7 -2 lines
Diff to previous 1.184 (colored)

Add assertions and comments for lock states of socket and pcb

Revision 1.184 / (download) - annotate - [select for diffs], Fri Feb 17 03:57:17 2017 UTC (3 years, 9 months ago) by ozaki-r
Branch: MAIN
Changes since 1.183: +3 -3 lines
Diff to previous 1.183 (colored)

Rename if_acquire_NOMPSAFE to if_acquire

It can be used in MP-safe ways. So let's remove the confusing postfix.
If it's used in a unsafe way, warn NOMPSAFE in a comment.

Revision 1.183 / (download) - annotate - [select for diffs], Tue Feb 14 03:05:06 2017 UTC (3 years, 9 months ago) by ozaki-r
Branch: MAIN
Changes since 1.182: +29 -4 lines
Diff to previous 1.182 (colored)

Do ND in L2_output in the same manner as arpresolve

The benefits of this change are:
- The flow is consistent with IPv4 (and FreeBSD and OpenBSD)
  - old: ip6_output => nd6_output (do ND if needed) => L2_output (lookup a stored cache)
  - new: ip6_output => L2_output (lookup a cache. Do ND if cache not found)
- We can remove some workarounds in nd6_output
- We can move L2 specific operations to their own place
- The performance slightly improves because one cache lookup is reduced

Revision 1.182 / (download) - annotate - [select for diffs], Mon Jan 16 15:44:47 2017 UTC (3 years, 10 months ago) by christos
Branch: MAIN
CVS Tags: nick-nhusb-base-20170204
Changes since 1.181: +3 -3 lines
Diff to previous 1.181 (colored)

ip6_sprintf -> IN6_PRINT so that we pass the size.

Revision 1.181 / (download) - annotate - [select for diffs], Mon Jan 16 07:33:36 2017 UTC (3 years, 10 months ago) by ryo
Branch: MAIN
Changes since 1.180: +4 -3 lines
Diff to previous 1.180 (colored)

Make ip6_sprintf(), in_fmtaddr(), lla_snprintf() and icmp6_redirect_diag() mpsafe.

Reviewed by ozaki-r@

Revision 1.180 / (download) - annotate - [select for diffs], Wed Jan 11 13:08:29 2017 UTC (3 years, 10 months ago) by ozaki-r
Branch: MAIN
CVS Tags: bouyer-socketcan-base
Branch point for: bouyer-socketcan
Changes since 1.179: +2 -3 lines
Diff to previous 1.179 (colored)

Get rid of unnecessary header inclusions

Revision 1.179 / (download) - annotate - [select for diffs], Thu Dec 8 05:16:34 2016 UTC (3 years, 11 months ago) by ozaki-r
Branch: MAIN
CVS Tags: pgoyette-localcount-20170107
Changes since 1.178: +11 -4 lines
Diff to previous 1.178 (colored)

Add rtcache_unref to release points of rtentry stemming from rtcache

In the MP-safe world, a rtentry stemming from a rtcache can be freed at any
points. So we need to protect rtentries somehow say by reference couting or
passive references. Regardless of the method, we need to call some release
function of a rtentry after using it.

The change adds a new function rtcache_unref to release a rtentry. At this
point, this function does nothing because for now we don't add a reference
to a rtentry when we get one from a rtcache. We will add something useful
in a further commit.

This change is a part of changes for MP-safe routing table. It is separated
to avoid one big change that makes difficult to debug by bisecting.

Revision 1.178 / (download) - annotate - [select for diffs], Thu Nov 10 04:13:53 2016 UTC (4 years ago) by ozaki-r
Branch: MAIN
CVS Tags: nick-nhusb-base-20161204
Changes since 1.177: +32 -20 lines
Diff to previous 1.177 (colored)

Tidy up in6_select*

This change tidies up in6_select* functions, especially
selectroute.

selectroute is annoying because:
- It returns both/either of a rtentry and/or an ifp
  - Yes, it may return only an ifp!
    - It is valid but selectroute shouldn't handle the case
  - Such conditional behavior makes it difficult
    to apply locking/psref thingy
- It may return a rtentry even if error
- It may use opt->ip6po_nextroute rtcache implicitly
  - The caller can know if it is used
    by rtcache_validate(&opt->ip6po_nextroute)
    but it's racy in MP-safe world
  - Even if it uses opt->ip6po_nextroute, it may
    return a rtentry that isn't derived from the rtcache

The change includes:
- Rename selectroute to in6_selectroute
  - Let a remaining caller of selectroute, in6_selectif,
    use in6_selectroute instead
- Let in6_selectroute return only an rtentry
  - If error, it doesn't return an rtentry
  - A caller gets an ifp from a returned rtentry
- Allow in6_selectroute to modify a passed rtcache
  and a caller can know if opt->ip6po_nextroute is
  used via the rtcache
- Let callers (ip6_output and in6_selectif) handle
  the case that only an ifp is required

Inspired by OpenBSD
Proposed on tech-kern and tech-net
LGTM by roy@

Revision 1.177 / (download) - annotate - [select for diffs], Mon Nov 7 01:55:17 2016 UTC (4 years ago) by ozaki-r
Branch: MAIN
Changes since 1.176: +45 -37 lines
Diff to previous 1.176 (colored)

Pull routing header handling out of ip6_output

No functional change.

Revision 1.176 / (download) - annotate - [select for diffs], Mon Nov 7 01:05:39 2016 UTC (4 years ago) by ozaki-r
Branch: MAIN
Changes since 1.175: +32 -23 lines
Diff to previous 1.175 (colored)

Tidy up ip6_getpmtu

Pull rtcache thing out of ip6_getpmtu; that isn't an essential
of the function. Add comments inspired by FreeBSD.

No functional change.

Revision 1.175 / (download) - annotate - [select for diffs], Tue Sep 20 14:30:13 2016 UTC (4 years, 2 months ago) by roy
Branch: MAIN
CVS Tags: pgoyette-localcount-20161104, nick-nhusb-base-20161004
Changes since 1.174: +10 -7 lines
Diff to previous 1.174 (colored)

Drop UDP packets as well as TCP without error when sending from detached or
tentative addresses.

Revision 1.174 / (download) - annotate - [select for diffs], Thu Sep 15 18:25:45 2016 UTC (4 years, 2 months ago) by roy
Branch: MAIN
Changes since 1.173: +55 -2 lines
Diff to previous 1.173 (colored)

Ensure that packets are sent from a valid address.
If the packet is TCP and the address is detached or tentative then
it's just dropped, otherwise an error is returned.

This is needed because you can bind to a valid address and it can then
become invalid.

This satisfies RFC 4862 section 5.5.4.

Revision 1.173 / (download) - annotate - [select for diffs], Mon Aug 1 03:15:31 2016 UTC (4 years, 3 months ago) by ozaki-r
Branch: MAIN
CVS Tags: pgoyette-localcount-20160806, localcount-20160914
Changes since 1.172: +10 -2 lines
Diff to previous 1.172 (colored)

Apply pserialize and psref to struct ifaddr and its variants

This change makes struct ifaddr and its variants (in_ifaddr and in6_ifaddr)
MP-safe by using pserialize and psref. At this moment, pserialize_perform
and psref_target_destroy are disabled because (1) we don't need them
because of softnet_lock (2) they cause a deadlock because of softnet_lock.
So we'll enable them when we remove softnet_lock in the future.

Revision 1.172 / (download) - annotate - [select for diffs], Fri Jul 29 06:02:03 2016 UTC (4 years, 3 months ago) by ozaki-r
Branch: MAIN
Changes since 1.171: +5 -5 lines
Diff to previous 1.171 (colored)

Avoid memset and rtcache_free if unnecessary

It's the same as ip_output.

Revision 1.171 / (download) - annotate - [select for diffs], Mon Jun 27 18:35:54 2016 UTC (4 years, 4 months ago) by christos
Branch: MAIN
CVS Tags: pgoyette-localcount-base, pgoyette-localcount-20160726, nick-nhusb-base-20160907
Branch point for: pgoyette-localcount
Changes since 1.170: +3 -4 lines
Diff to previous 1.170 (colored)

CID 1362905: Initialize ifp early, so that we don't if_put garbage in the
IPSEC case.

Revision 1.170 / (download) - annotate - [select for diffs], Tue Jun 21 10:25:27 2016 UTC (4 years, 5 months ago) by ozaki-r
Branch: MAIN
Changes since 1.169: +16 -6 lines
Diff to previous 1.169 (colored)

Make sure returning ifp from in6_select* functions psref-ed

To this end, callers need to pass struct psref to the functions
and the fuctions acquire a reference of ifp with it. In some cases,
we can simply use if_get_byindex, however, in other cases
(say rt->rt_ifp and ia->ifa_ifp), we have no MP-safe way for now.
In order to take a reference anyway we use non MP-safe function
if_acquire_NOMPSAFE for the latter cases. They should be fixed in
the future somehow.

Revision 1.169 / (download) - annotate - [select for diffs], Tue Jun 21 10:21:04 2016 UTC (4 years, 5 months ago) by ozaki-r
Branch: MAIN
Changes since 1.168: +9 -5 lines
Diff to previous 1.168 (colored)

Protect if_byindex with pserialize

Revision 1.168 / (download) - annotate - [select for diffs], Tue Jun 21 03:28:27 2016 UTC (4 years, 5 months ago) by ozaki-r
Branch: MAIN
Changes since 1.167: +7 -7 lines
Diff to previous 1.167 (colored)

Replace ifp of ip_moptions and ip6_moptions with if_index

The motivation is the same as the mbuf's rcvif case; avoid having a pointer
of an ifnet object in ip_moptions and ip6_moptions, which is not MP-safe.

ip_moptions and ip6_moptions can be stored in a PCB for inet or inet6
that's life time is different from ifnet one and so an ifnet object can be
disappeared anytime we get it via them. Thus we need to look up an ifnet
object by if_index every time for safe.

Revision 1.167 / (download) - annotate - [select for diffs], Fri Jun 10 13:27:16 2016 UTC (4 years, 5 months ago) by ozaki-r
Branch: MAIN
Changes since 1.166: +4 -4 lines
Diff to previous 1.166 (colored)

Introduce m_set_rcvif and m_reset_rcvif

The API is used to set (or reset) a received interface of a mbuf.
They are counterpart of m_get_rcvif, which will come in another
commit, hide internal of rcvif operation, and reduce the diff of
the upcoming change.

No functional change.

Revision 1.166 / (download) - annotate - [select for diffs], Mon Aug 24 22:21:27 2015 UTC (5 years, 3 months ago) by pooka
Branch: MAIN
CVS Tags: nick-nhusb-base-20160529, nick-nhusb-base-20160422, nick-nhusb-base-20160319, nick-nhusb-base-20151226, nick-nhusb-base-20150921
Changes since 1.165: +4 -2 lines
Diff to previous 1.165 (colored)

sprinkle _KERNEL_OPT

Revision 1.165 / (download) - annotate - [select for diffs], Mon Apr 27 10:14:44 2015 UTC (5 years, 6 months ago) by ozaki-r
Branch: MAIN
CVS Tags: nick-nhusb-base-20150606
Changes since 1.164: +5 -3 lines
Diff to previous 1.164 (colored)

Add missing error checks on rtcache_setdst

It can fail with ENOMEM.

Revision 1.164 / (download) - annotate - [select for diffs], Fri Apr 24 08:53:06 2015 UTC (5 years, 7 months ago) by ozaki-r
Branch: MAIN
Changes since 1.163: +5 -6 lines
Diff to previous 1.163 (colored)

Avoid NULL checks for a variable that is definitely NULL

Revision 1.163 / (download) - annotate - [select for diffs], Mon Feb 2 03:14:02 2015 UTC (5 years, 9 months ago) by christos
Branch: MAIN
CVS Tags: nick-nhusb-base-20150406
Changes since 1.162: +3 -2 lines
Diff to previous 1.162 (colored)

CID/1267860: Missing break in switch

Revision 1.162 / (download) - annotate - [select for diffs], Tue Jan 20 21:42:36 2015 UTC (5 years, 10 months ago) by roy
Branch: MAIN
Changes since 1.161: +3 -2 lines
Diff to previous 1.161 (colored)

Fix IPV6_USE_MIN_MTU set by setsockopt(2) being ignored when
IPV6_PKTINFO is set as a control with sendmsg(2).

Revision 1.161 / (download) - annotate - [select for diffs], Tue Jan 20 21:27:36 2015 UTC (5 years, 10 months ago) by roy
Branch: MAIN
Changes since 1.160: +33 -2 lines
Diff to previous 1.160 (colored)

Add net.inet6.ip6.prefer_tempaddr sysctl knob so that we can prefer
IPv6 temporary addresses as the source address.

Fixes PR kern/47100 based on a patch by Dieter Roelants.

Revision 1.160 / (download) - annotate - [select for diffs], Sun Oct 12 19:00:21 2014 UTC (6 years, 1 month ago) by christos
Branch: MAIN
CVS Tags: nick-nhusb-base
Branch point for: nick-nhusb
Changes since 1.159: +96 -69 lines
Diff to previous 1.159 (colored)

Refactor the multicast membership code so that we can handle v4 mapped
addresses using the v6 membership ioctls.

Revision 1.159 / (download) - annotate - [select for diffs], Sat Oct 11 20:53:16 2014 UTC (6 years, 1 month ago) by christos
Branch: MAIN
Changes since 1.158: +27 -3 lines
Diff to previous 1.158 (colored)

Make IPV4 mapped addresses able to do IPV4 multicast. Fixes needed:

	- allow binding to mapped v4 multicast addresses
	- define v4moptions, allow setting it via ioctl, pass it to ip_output,
	  free it when killing the pcb.

Ideally we would allow the IPV6 multicast setsockopts work on mapped addresses
too, but this is a lot more work and linux does not do it either.

Revision 1.158 / (download) - annotate - [select for diffs], Sat Aug 16 17:27:09 2014 UTC (6 years, 3 months ago) by maxv
Branch: MAIN
Changes since 1.157: +4 -2 lines
Diff to previous 1.157 (colored)

	http://m00nbsd.net/ae123a9bae03f7dde5c6d654412daf5a.html#Report-2

#03-0x02: Memory leak

ok ozaki-r@

Revision 1.157 / (download) - annotate - [select for diffs], Fri May 30 01:39:03 2014 UTC (6 years, 5 months ago) by christos
Branch: MAIN
CVS Tags: tls-maxphys-base, tls-earlyentropy-base, netbsd-7-base
Branch point for: netbsd-7
Changes since 1.156: +40 -34 lines
Diff to previous 1.156 (colored)

Introduce 2 new variables: ipsec_enabled and ipsec_used.
Ipsec enabled is controlled by sysctl and determines if is allowed.
ipsec_used is set automatically based on ipsec being enabled, and
rules existing.

Revision 1.156 / (download) - annotate - [select for diffs], Sat May 17 21:26:20 2014 UTC (6 years, 6 months ago) by rmind
Branch: MAIN
CVS Tags: rmind-smpnet-nbase, rmind-smpnet-base
Changes since 1.155: +7 -15 lines
Diff to previous 1.155 (colored)

Replace open-coded access (and boundary checking) of ifindex2ifnet with
if_byindex() function.

Revision 1.155 / (download) - annotate - [select for diffs], Thu Oct 3 20:27:55 2013 UTC (7 years, 1 month ago) by christos
Branch: MAIN
CVS Tags: yamt-pagecache-base9, riastradh-xf86-video-intel-2-7-1-pre-2-21-15, riastradh-drm2-base3
Branch point for: tls-earlyentropy
Changes since 1.154: +7 -3 lines
Diff to previous 1.154 (colored)

check sockopt_get() error, from logan.

Revision 1.154 / (download) - annotate - [select for diffs], Sat Jun 29 21:06:58 2013 UTC (7 years, 4 months ago) by rmind
Branch: MAIN
CVS Tags: riastradh-drm2-base2, riastradh-drm2-base1, riastradh-drm2-base, riastradh-drm2
Changes since 1.153: +5 -11 lines
Diff to previous 1.153 (colored)

- Rewrite parts of pfil(9): use array to store hooks and thus be more cache
  friendly (there are only few hooks in the system).  Make the structures
  opaque and the interface more strict.
- Remove PFIL_HOOKS option by making pfil(9) mandatory.

Revision 1.153 / (download) - annotate - [select for diffs], Wed Jun 5 19:01:26 2013 UTC (7 years, 5 months ago) by christos
Branch: MAIN
Branch point for: rmind-smpnet
Changes since 1.152: +12 -12 lines
Diff to previous 1.152 (colored)

IPSEC has not come in two speeds for a long time now (IPSEC == kame,
FAST_IPSEC). Make everything refer to IPSEC to avoid confusion.

Revision 1.152 / (download) - annotate - [select for diffs], Mon Mar 18 19:31:39 2013 UTC (7 years, 8 months ago) by gdt
Branch: MAIN
CVS Tags: khorben-n900, agc-symver-base, agc-symver
Changes since 1.151: +7 -2 lines
Diff to previous 1.151 (colored)

Initialize variable used as (conditional) result parameter.

ip6_insertfraghdr either sets a result parameter or returns an error.
While the caller only uses the result parameter in the non-error case,
knowing that requires cross-module static analysis, and that's not
robust against distant code changes.  Therfore, set ip6f to NULL
before the function call that maybe sets it, avoiding a spuruious
warning and changing the future possible bug from an unitialized
dereference to a NULL deferrence.

Revision 1.151 / (download) - annotate - [select for diffs], Fri Jan 25 10:33:53 2013 UTC (7 years, 10 months ago) by kefren
Branch: MAIN
Changes since 1.150: +3 -3 lines
Diff to previous 1.150 (colored)

don't return hlim when asked for multicast loop flag

Revision 1.150 / (download) - annotate - [select for diffs], Sat Jul 21 14:52:40 2012 UTC (8 years, 4 months ago) by gdt
Branch: MAIN
CVS Tags: yamt-pagecache-base8, yamt-pagecache-base7, yamt-pagecache-base6
Branch point for: tls-maxphys
Changes since 1.149: +6 -2 lines
Diff to previous 1.149 (colored)

Add comments describing parameter handling for ip6_insertfraghdr.

Depending on compiler options, this code can be involved in an
(apparently) spurious compiler warning.  However, it was not
immediately obvious the the compiler was wrong.

Revision 1.149 / (download) - annotate - [select for diffs], Mon Jun 25 15:28:40 2012 UTC (8 years, 5 months ago) by christos
Branch: MAIN
Changes since 1.148: +5 -5 lines
Diff to previous 1.148 (colored)

rename rfc6056 -> portalgo, requested by yamt

Revision 1.148 / (download) - annotate - [select for diffs], Fri Jun 22 14:54:35 2012 UTC (8 years, 5 months ago) by christos
Branch: MAIN
Changes since 1.147: +16 -2 lines
Diff to previous 1.147 (colored)

PR/46602: Move the rfc6056 port randomization to the IP layer.

Revision 1.147 / (download) - annotate - [select for diffs], Thu Mar 22 20:34:41 2012 UTC (8 years, 8 months ago) by drochner
Branch: MAIN
CVS Tags: yamt-pagecache-base5, yamt-pagecache-base4, jmcneill-usbmp-base9, jmcneill-usbmp-base8, jmcneill-usbmp-base10
Changes since 1.146: +4 -196 lines
Diff to previous 1.146 (colored)

remove KAME IPSEC, replaced by FAST_IPSEC

Revision 1.146 / (download) - annotate - [select for diffs], Tue Mar 13 18:40:59 2012 UTC (8 years, 8 months ago) by elad
Branch: MAIN
Changes since 1.145: +21 -16 lines
Diff to previous 1.145 (colored)

Replace the remaining KAUTH_GENERIC_ISSUSER authorization calls with
something meaningful. All relevant documentation has been updated or
written.

Most of these changes were brought up in the following messages:

    http://mail-index.netbsd.org/tech-kern/2012/01/18/msg012490.html
    http://mail-index.netbsd.org/tech-kern/2012/01/19/msg012502.html
    http://mail-index.netbsd.org/tech-kern/2012/02/17/msg012728.html

Thanks to christos, manu, njoly, and jmmv for input.

Huge thanks to pgoyette for spinning these changes through some build
cycles and ATF.

Revision 1.145 / (download) - annotate - [select for diffs], Sun Feb 5 00:41:15 2012 UTC (8 years, 9 months ago) by rmind
Branch: MAIN
CVS Tags: netbsd-6-base, netbsd-6-1-RELEASE, netbsd-6-1-RC4, netbsd-6-1-RC3, netbsd-6-1-RC2, netbsd-6-1-RC1, netbsd-6-1-4-RELEASE, netbsd-6-1-3-RELEASE, netbsd-6-1-2-RELEASE, netbsd-6-1-1-RELEASE, netbsd-6-0-RELEASE, netbsd-6-0-RC2, netbsd-6-0-RC1, netbsd-6-0-5-RELEASE, netbsd-6-0-4-RELEASE, netbsd-6-0-3-RELEASE, netbsd-6-0-2-RELEASE, netbsd-6-0-1-RELEASE, matt-nb6-plus-nbase, matt-nb6-plus-base, matt-nb6-plus, jmcneill-usbmp-base7, jmcneill-usbmp-base6, jmcneill-usbmp-base5, jmcneill-usbmp-base4, jmcneill-usbmp-base3, jmcneill-usbmp-base2
Branch point for: netbsd-6-1, netbsd-6-0, netbsd-6
Changes since 1.144: +6 -3 lines
Diff to previous 1.144 (colored)

ip6_output: check for rtcache_setdst() error, which may happen if running
out of memory.

Revision 1.144 / (download) - annotate - [select for diffs], Tue Jan 10 20:05:37 2012 UTC (8 years, 10 months ago) by drochner
Branch: MAIN
Changes since 1.143: +6 -6 lines
Diff to previous 1.143 (colored)

remove conditionals which can't succeed, and also shouldn't because
one would get a kernel NULL dereference immediately

Revision 1.143 / (download) - annotate - [select for diffs], Tue Jan 10 20:01:56 2012 UTC (8 years, 10 months ago) by drochner
Branch: MAIN
Changes since 1.142: +7 -21 lines
Diff to previous 1.142 (colored)

add patch from Arnaud Degroote to handle IPv6 extended options with
(FAST_)IPSEC, tested lightly with a DSTOPTS header consisting
of PAD1

Revision 1.142 / (download) - annotate - [select for diffs], Sat Dec 31 20:41:59 2011 UTC (8 years, 10 months ago) by christos
Branch: MAIN
Changes since 1.141: +3 -3 lines
Diff to previous 1.141 (colored)

- fix offsetof usage, and redundant defines
- kill pointer casts to 0

Revision 1.141 / (download) - annotate - [select for diffs], Mon Dec 19 11:59:58 2011 UTC (8 years, 11 months ago) by drochner
Branch: MAIN
Changes since 1.140: +18 -18 lines
Diff to previous 1.140 (colored)

rename the IPSEC in-kernel CPP variable and config(8) option to
KAME_IPSEC, and make IPSEC define it so that existing kernel
config files work as before
Now the default can be easily be changed to FAST_IPSEC just by
setting the IPSEC alias to FAST_IPSEC.

Revision 1.140 / (download) - annotate - [select for diffs], Mon Apr 25 22:20:59 2011 UTC (9 years, 7 months ago) by yamt
Branch: MAIN
CVS Tags: yamt-pagecache-base3, yamt-pagecache-base2, yamt-pagecache-base, rmind-uvmplock-nbase, rmind-uvmplock-base, jmcneill-usbmp-pre-base2, jmcneill-usbmp-base, jmcneill-audiomp3-base, jmcneill-audiomp3, cherry-xenmp-base, cherry-xenmp
Branch point for: yamt-pagecache, jmcneill-usbmp
Changes since 1.139: +2 -7 lines
Diff to previous 1.139 (colored)

undefer csum in looutput.
looutput is used by various code (ether_output, mcast) to loopback packets.

Revision 1.139 / (download) - annotate - [select for diffs], Thu May 7 21:51:47 2009 UTC (11 years, 6 months ago) by elad
Branch: MAIN
CVS Tags: yamt-nfs-mp-base9, yamt-nfs-mp-base8, yamt-nfs-mp-base7, yamt-nfs-mp-base6, yamt-nfs-mp-base5, yamt-nfs-mp-base4, yamt-nfs-mp-base11, yamt-nfs-mp-base10, uebayasi-xip-base4, uebayasi-xip-base3, uebayasi-xip-base2, uebayasi-xip-base1, uebayasi-xip-base, uebayasi-xip, matt-premerge-20091211, matt-mips64-premerge-20101231, jymxensuspend-base, jym-xensuspend-nbase, jym-xensuspend-base, jruoho-x86intr-base, bouyer-quota2-nbase, bouyer-quota2-base, bouyer-quota2
Branch point for: rmind-uvmplock, jruoho-x86intr
Changes since 1.138: +16 -13 lines
Diff to previous 1.138 (colored)

Remove some more "priv" variable usage in favor of kauth(9) calls.

Revision 1.138 / (download) - annotate - [select for diffs], Wed May 6 21:41:59 2009 UTC (11 years, 6 months ago) by elad
Branch: MAIN
Changes since 1.137: +34 -32 lines
Diff to previous 1.137 (colored)

Remove some usage of "priv" and "privileged" variables and instead pass
around credentials. Also push down kauth(9) calls closer to where the
operation is done.

Mailing list reference:

	http://mail-index.netbsd.org/tech-net/2009/04/30/msg001270.html

Revision 1.137 / (download) - annotate - [select for diffs], Sat Apr 18 12:40:52 2009 UTC (11 years, 7 months ago) by drochner
Branch: MAIN
CVS Tags: yamt-nfs-mp-base3, nick-hppapmap-base4, nick-hppapmap-base3, nick-hppapmap-base
Changes since 1.136: +4 -3 lines
Diff to previous 1.136 (colored)

fix traversing of a control mbuf in the case that a message len
is not aligned wrt CMSG_ALIGN - the length counter drops below 0
in this case which was not checked for,
fixes crashes (with isc_dhcrelay4) reported by Uwe in tech-net
(subject: netbsd5-rc3 crash caused by isc_dhcrelay)

Revision 1.136 / (download) - annotate - [select for diffs], Wed Mar 18 16:00:23 2009 UTC (11 years, 8 months ago) by cegger
Branch: MAIN
Changes since 1.135: +8 -8 lines
Diff to previous 1.135 (colored)

bzero -> memset

Revision 1.135 / (download) - annotate - [select for diffs], Mon Oct 27 20:03:07 2008 UTC (12 years ago) by plunky
Branch: MAIN
CVS Tags: nick-hppapmap-base2, netbsd-5-base, netbsd-5-0-RC4, netbsd-5-0-RC3, netbsd-5-0-RC2, netbsd-5-0-RC1, mjf-devfs2-base, haad-nbase2, haad-dm-base2, haad-dm-base, ad-audiomp2-base, ad-audiomp2
Branch point for: netbsd-5, jym-xensuspend
Changes since 1.134: +7 -2 lines
Diff to previous 1.134 (colored)

sockopt_getmbuf() may fail, handle that possibility

Revision 1.134 / (download) - annotate - [select for diffs], Sun Oct 12 15:24:10 2008 UTC (12 years, 1 month ago) by plunky
Branch: MAIN
CVS Tags: matt-mips64-base2, haad-dm-base1
Branch point for: nick-hppapmap
Changes since 1.133: +7 -4 lines
Diff to previous 1.133 (colored)

ip6_pcbopts() is called with the socket lock held, use M_NOWAIT

Revision 1.133 / (download) - annotate - [select for diffs], Sun Oct 12 15:12:17 2008 UTC (12 years, 1 month ago) by plunky
Branch: MAIN
Changes since 1.132: +6 -3 lines
Diff to previous 1.132 (colored)

ip6_pcbopt() is in the ctloutput path, we should not
sleep here because socket lock is held. use M_NOWAIT

Revision 1.132 / (download) - annotate - [select for diffs], Sun Oct 12 11:34:48 2008 UTC (12 years, 1 month ago) by plunky
Branch: MAIN
Changes since 1.131: +68 -90 lines
Diff to previous 1.131 (colored)

convert ip6_[sg]etmoptions() to use sockopt(9) API
should be no functional change

Revision 1.131 / (download) - annotate - [select for diffs], Sun Oct 12 10:25:04 2008 UTC (12 years, 1 month ago) by plunky
Branch: MAIN
Changes since 1.130: +10 -5 lines
Diff to previous 1.130 (colored)

do not sleep while allocating memory, socket lock is held
(use ENOBUFS for failure)

Revision 1.130 / (download) - annotate - [select for diffs], Wed Aug 6 15:01:23 2008 UTC (12 years, 3 months ago) by plunky
Branch: MAIN
CVS Tags: wrstuden-revivesa-base-4, wrstuden-revivesa-base-3, wrstuden-revivesa-base-2
Changes since 1.129: +80 -121 lines
Diff to previous 1.129 (colored)

Convert socket options code to use a sockopt structure
instead of laying everything into an mbuf.

approved by core

Revision 1.129 / (download) - annotate - [select for diffs], Wed Apr 23 06:09:05 2008 UTC (12 years, 7 months ago) by thorpej
Branch: MAIN
CVS Tags: yamt-pf42-base4, yamt-pf42-base3, yamt-pf42-base2, yamt-nfs-mp-base2, yamt-nfs-mp-base, wrstuden-revivesa-base-1, wrstuden-revivesa-base, simonb-wapbl-nbase, simonb-wapbl-base, simonb-wapbl, hpcarm-cleanup-nbase
Branch point for: yamt-nfs-mp, wrstuden-revivesa, haad-dm
Changes since 1.128: +5 -4 lines
Diff to previous 1.128 (colored)

Make IPSEC and FAST_IPSEC stats per-cpu.  Use <net/net_stats.h> and
netstat_sysctl().

Revision 1.128 / (download) - annotate - [select for diffs], Tue Apr 15 03:57:04 2008 UTC (12 years, 7 months ago) by thorpej
Branch: MAIN
CVS Tags: yamt-pf42-baseX, yamt-pf42-base
Branch point for: yamt-pf42
Changes since 1.127: +13 -12 lines
Diff to previous 1.127 (colored)

Make ip6 and icmp6 stats per-cpu.

Revision 1.127 / (download) - annotate - [select for diffs], Tue Apr 8 23:37:43 2008 UTC (12 years, 7 months ago) by thorpej
Branch: MAIN
Changes since 1.126: +12 -12 lines
Diff to previous 1.126 (colored)

Change IPv6 stats from a structure to an array of uint64_t's.

Note: This is ABI-compatible with the old ip6stat structure; old netstat
binaries will continue to work properly.

Revision 1.126 / (download) - annotate - [select for diffs], Mon Jan 14 04:16:45 2008 UTC (12 years, 10 months ago) by dyoung
Branch: MAIN
CVS Tags: yamt-lazymbuf-base15, yamt-lazymbuf-base14, nick-net80211-sync-base, nick-net80211-sync, mjf-devfs-base, matt-armv6-nbase, keiichi-mipv6-nbase, keiichi-mipv6-base, hpcarm-cleanup-base, bouyer-xeni386-nbase, bouyer-xeni386-base, ad-socklock-base1
Branch point for: mjf-devfs2, keiichi-mipv6
Changes since 1.125: +7 -6 lines
Diff to previous 1.125 (colored)

Use rtcache_validate() instead of rtcache_getrt().  Shorten staircase
in in6_losing().

Revision 1.125 / (download) - annotate - [select for diffs], Thu Jan 10 08:06:12 2008 UTC (12 years, 10 months ago) by dyoung
Branch: MAIN
Changes since 1.124: +3 -4 lines
Diff to previous 1.124 (colored)

Save some rtcache_getrt() calls.

Revision 1.124 / (download) - annotate - [select for diffs], Thu Dec 20 19:53:34 2007 UTC (12 years, 11 months ago) by dyoung
Branch: MAIN
CVS Tags: vmlocking2-base3, matt-armv6-base
Changes since 1.123: +14 -15 lines
Diff to previous 1.123 (colored)

Poison struct route->ro_rt uses in the kernel by changing the name
to _ro_rt.  Use rtcache_getrt() to access a route cache's struct
rtentry *.

Introduce struct ifnet->if_dl that always points at the interface
identifier/link-layer address.  Make code that treated the first
ifaddr on struct ifnet->if_addrlist as the interface address use
if_dl, instead.

Remove stale debugging code from net/route.c.  Move the rtflush()
code into rtcache_clear() and delete rtflush().  Delete rtalloc(),
because nothing uses it any more.

Make ND6_HINT an inline, lowercase subroutine, nd6_hint.

I've done my best to convert IP Filter, the ISO stack, and the
AppleTalk stack to rtcache_getrt().  They compile, but I have not
tested them.  I have given the changes to PF, GRE, IPv4 and IPv6
stacks a lot of exercise.

Revision 1.123 / (download) - annotate - [select for diffs], Tue Nov 6 23:48:24 2007 UTC (13 years ago) by dyoung
Branch: MAIN
CVS Tags: yamt-kmem-base3, yamt-kmem-base2, yamt-kmem-base, yamt-kmem, vmlocking2-base2, vmlocking2-base1, vmlocking-nbase, reinoud-bufcleanup-nbase, reinoud-bufcleanup-base, jmcneill-pm-base, cube-autoconf-base, cube-autoconf, bouyer-xenamd64-base2, bouyer-xenamd64-base
Branch point for: vmlocking2, bouyer-xeni386
Changes since 1.122: +8 -22 lines
Diff to previous 1.122 (colored)

Use sockaddr_in6_init().

Revision 1.122 / (download) - annotate - [select for diffs], Thu Nov 1 20:33:57 2007 UTC (13 years ago) by dyoung
Branch: MAIN
CVS Tags: jmcneill-base
Branch point for: mjf-devfs
Changes since 1.121: +17 -17 lines
Diff to previous 1.121 (colored)

De-__P().

Revision 1.121 / (download) - annotate - [select for diffs], Wed Sep 19 04:33:44 2007 UTC (13 years, 2 months ago) by dyoung
Branch: MAIN
CVS Tags: yamt-x86pmap-base4, yamt-x86pmap-base3, yamt-x86pmap-base2, yamt-x86pmap-base, yamt-x86pmap, vmlocking-base
Branch point for: bouyer-xenamd64
Changes since 1.120: +475 -476 lines
Diff to previous 1.120 (colored)

1) Introduce a new socket option, (SOL_SOCKET, SO_NOHEADER), that
   tells a socket that it should both add a protocol header to tx'd
   datagrams and remove the header from rx'd datagrams:

        int onoff = 1, s = socket(...);
        setsockopt(s, SOL_SOCKET, SO_NOHEADER, &onoff);

2) Add an implementation of (SOL_SOCKET, SO_NOHEADER) for raw IPv4
   sockets.

3) Reorganize the protocols' pr_ctloutput implementations a bit.
   Consistently return ENOPROTOOPT when an option is unsupported,
   and EINVAL if a supported option's arguments are incorrect.
   Reorganize the flow of code so that it's more clear how/when
   options are passed down the stack until they are handled.

   Shorten some pr_ctloutput staircases for readability.

4) Extract common mbuf code into subroutines, add new sockaddr
   methods, and introduce a new subroutine, fsocreate(), for reuse
   later; use it first in sys_socket():

struct mbuf *m_getsombuf(struct socket *so)

        Create an mbuf and make its owner the socket `so'.

struct mbuf *m_intopt(struct socket *so, int val)

        Create an mbuf, make its owner the socket `so', put the
        int `val' into it, and set its length to sizeof(int).


int fsocreate(..., int *fd)

        Create a socket, a la socreate(9), put the socket into the
        given LWP's descriptor table, return the descriptor at `fd'
        on success.

void *sockaddr_addr(struct sockaddr *sa, socklen_t *slenp)
const void *sockaddr_const_addr(const struct sockaddr *sa, socklen_t *slenp)

        Extract a pointer to the address part of a sockaddr.  Write
        the length of the address  part at `slenp', if `slenp' is
        not NULL.

socklen_t sockaddr_getlen(const struct sockaddr *sa)

        Return the length of a sockaddr.  This just evaluates to
        sa->sa_len.  I only add this for consistency with code that
        appears in a portable userland library that I am going to
        import.

const struct sockaddr *sockaddr_any(const struct sockaddr *sa)

        Return the "don't care" sockaddr in the same family as
        `sa'.  This is the address a client should sobind(9) if it
        does not care the source address and, if applicable, the
        port et cetera that it uses.

const void *sockaddr_anyaddr(const struct sockaddr *sa, socklen_t *slenp)

        Return the "don't care" sockaddr in the same family as
        `sa'.  This is the address a client should sobind(9) if it
        does not care the source address and, if applicable, the
        port et cetera that it uses.

Revision 1.120 / (download) - annotate - [select for diffs], Sat Jun 2 23:26:26 2007 UTC (13 years, 5 months ago) by alc
Branch: MAIN
CVS Tags: nick-csl-alignment-base5, nick-csl-alignment-base, nick-csl-alignment, mjf-ufs-trans-base, matt-mips64-base, matt-mips64, hpcarm-cleanup
Branch point for: matt-armv6, jmcneill-pm
Changes since 1.119: +2 -10 lines
Diff to previous 1.119 (colored)

don't increment `ip6stat.ip6s_noroute' here, it has already been done in
in6_src:in6_selectroute().

ok dyoung@

Revision 1.119 / (download) - annotate - [select for diffs], Wed May 23 17:15:02 2007 UTC (13 years, 6 months ago) by christos
Branch: MAIN
Changes since 1.118: +18 -45 lines
Diff to previous 1.118 (colored)

Ansify + add a few comments, from Karl Sjödahl

Revision 1.118 / (download) - annotate - [select for diffs], Wed May 2 20:40:27 2007 UTC (13 years, 6 months ago) by dyoung
Branch: MAIN
CVS Tags: yamt-idlelwp-base8
Changes since 1.117: +64 -66 lines
Diff to previous 1.117 (colored)

Eliminate address family-specific route caches (struct route, struct
route_in6, struct route_iso), replacing all caches with a struct
route.

The principle benefit of this change is that all of the protocol
families can benefit from route cache-invalidation, which is
necessary for correct routing.  Route-cache invalidation fixes an
ancient PR, kern/3508, at long last; it fixes various other PRs,
also.

Discussions with and ideas from Joerg Sonnenberger influenced this
work tremendously.  Of course, all design oversights and bugs are
mine.

DETAILS

1 I added to each address family a pool of sockaddrs.  I have
  introduced routines for allocating, copying, and duplicating,
  and freeing sockaddrs:

        struct sockaddr *sockaddr_alloc(sa_family_t af, int flags);
        struct sockaddr *sockaddr_copy(struct sockaddr *dst,
                                       const struct sockaddr *src);
        struct sockaddr *sockaddr_dup(const struct sockaddr *src, int flags);
        void sockaddr_free(struct sockaddr *sa);

  sockaddr_alloc() returns either a sockaddr from the pool belonging
  to the specified family, or NULL if the pool is exhausted.  The
  returned sockaddr has the right size for that family; sa_family
  and sa_len fields are initialized to the family and sockaddr
  length---e.g., sa_family = AF_INET and sa_len = sizeof(struct
  sockaddr_in).  sockaddr_free() puts the given sockaddr back into
  its family's pool.

  sockaddr_dup() and sockaddr_copy() work analogously to strdup()
  and strcpy(), respectively.  sockaddr_copy() KASSERTs that the
  family of the destination and source sockaddrs are alike.

  The 'flags' argumet for sockaddr_alloc() and sockaddr_dup() is
  passed directly to pool_get(9).

2 I added routines for initializing sockaddrs in each address
  family, sockaddr_in_init(), sockaddr_in6_init(), sockaddr_iso_init(),
  etc.  They are fairly self-explanatory.

3 structs route_in6 and route_iso are no more.  All protocol families
  use struct route.  I have changed the route cache, 'struct route',
  so that it does not contain storage space for a sockaddr.  Instead,
  struct route points to a sockaddr coming from the pool the sockaddr
  belongs to.  I added a new method to struct route, rtcache_setdst(),
  for setting the cache destination:

        int rtcache_setdst(struct route *, const struct sockaddr *);

  rtcache_setdst() returns 0 on success, or ENOMEM if no memory is
  available to create the sockaddr storage.

  It is now possible for rtcache_getdst() to return NULL if, say,
  rtcache_setdst() failed.  I check the return value for NULL
  everywhere in the kernel.

4 Each routing domain (struct domain) has a list of live route
  caches, dom_rtcache.  rtflushall(sa_family_t af) looks up the
  domain indicated by 'af', walks the domain's list of route caches
  and invalidates each one.

Revision 1.117 / (download) - annotate - [select for diffs], Sun Mar 4 06:03:26 2007 UTC (13 years, 8 months ago) by christos
Branch: MAIN
CVS Tags: thorpej-atomic-base, thorpej-atomic, reinoud-bufcleanup
Branch point for: vmlocking, mjf-ufs-trans
Changes since 1.116: +14 -14 lines
Diff to previous 1.116 (colored)

Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.

Revision 1.116 / (download) - annotate - [select for diffs], Wed Feb 21 23:00:08 2007 UTC (13 years, 9 months ago) by thorpej
Branch: MAIN
CVS Tags: ad-audiomp-base, ad-audiomp
Changes since 1.115: +3 -3 lines
Diff to previous 1.115 (colored)

Replace the Mach-derived boolean_t type with the C99 bool type.  A
future commit will replace use of TRUE and FALSE with true and false.

Revision 1.115 / (download) - annotate - [select for diffs], Sat Feb 17 22:34:14 2007 UTC (13 years, 9 months ago) by dyoung
Branch: MAIN
Changes since 1.114: +21 -26 lines
Diff to previous 1.114 (colored)

KNF: de-__P, bzero -> memset, bcmp -> memcmp.  Remove extraneous
   parentheses in return statements.

Cosmetic: don't open-code TAILQ_FOREACH().

Cosmetic: change types of variables to avoid oodles of casts: in
   in6_src.c, avoid casts by changing several route_in6 pointers
   to struct route pointers.  Remove unnecessary casts to caddr_t
   elsewhere.

Pave the way for eliminating address family-specific route caches:
   soon, struct route will not embed a sockaddr, but it will hold
   a reference to an external sockaddr, instead.  We will set the
   destination sockaddr using rtcache_setdst().  (I created a stub
   for it, but it isn't used anywhere, yet.)  rtcache_free() will
   free the sockaddr.  I have extracted from rtcache_free() a helper
   subroutine, rtcache_clear().  rtcache_clear() will "forget" a
   cached route, but it will not forget the destination by releasing
   the sockaddr.  I use rtcache_clear() instead of rtcache_free()
   in rtcache_update(), because rtcache_update() is not supposed
   to forget the destination.

Constify:

   1 Introduce const accessor for route->ro_dst, rtcache_getdst().

   2 Constify the 'dst' argument to ifnet->if_output().  This
     led me to constify a lot of code called by output routines.

   3 Constify the sockaddr argument to protosw->pr_ctlinput.  This
     led me to constify a lot of code called by ctlinput routines.

   4 Introduce const macros for converting from a generic sockaddr
     to family-specific sockaddrs, e.g., sockaddr_in: satocsin6,
     satocsin, et cetera.

Revision 1.114 / (download) - annotate - [select for diffs], Sat Feb 10 09:43:05 2007 UTC (13 years, 9 months ago) by degroote
Branch: MAIN
Branch point for: yamt-idlelwp
Changes since 1.113: +71 -10 lines
Diff to previous 1.113 (colored)

Commit my SoC work
Add ipv6 support for fast_ipsec
Note that currently, packet with extensions headers are not correctly
supported
Change the ipcomp logic

Revision 1.113 / (download) - annotate - [select for diffs], Mon Jan 29 06:13:58 2007 UTC (13 years, 9 months ago) by dyoung
Branch: MAIN
CVS Tags: post-newlock2-merge, newlock2-nbase, newlock2-base
Changes since 1.112: +7 -7 lines
Diff to previous 1.112 (colored)

Cosmetic: bzero -> memset, remove gratuitous cast, compare pointer
with NULL instead of 0.

Revision 1.112 / (download) - annotate - [select for diffs], Mon Jan 29 06:12:48 2007 UTC (13 years, 9 months ago) by dyoung
Branch: MAIN
Changes since 1.111: +3 -7 lines
Diff to previous 1.111 (colored)

In In ip6_setmoptions(), don't leave a route cache (struct route_in6)
on the stack if we exit with EADDRNOTAVAIL.

(I already fixed this bug once tonight.  Clearly, ip6_setmoptions
was cut-and-pasted from ip_setmoptions.)

Revision 1.111 / (download) - annotate - [select for diffs], Thu Jan 4 19:07:04 2007 UTC (13 years, 10 months ago) by elad
Branch: MAIN
Changes since 1.110: +5 -5 lines
Diff to previous 1.110 (colored)

Consistent usage of KAUTH_GENERIC_ISSUSER.

Revision 1.110 / (download) - annotate - [select for diffs], Wed Dec 27 18:49:40 2006 UTC (13 years, 11 months ago) by alc
Branch: MAIN
Changes since 1.109: +15 -12 lines
Diff to previous 1.109 (colored)

CID-3317: check for 'm != NULL' before using it (rework the code path to
explicitly return `EINVAL'. Before, it was done but later in
ip6_setpktopt() when checking for 'len < ...')
CID-3316: check for 'm != NULL' before using it

ok christos@

Revision 1.109 / (download) - annotate - [select for diffs], Fri Dec 15 21:18:55 2006 UTC (13 years, 11 months ago) by joerg
Branch: MAIN
CVS Tags: yamt-splraiseipl-base5, yamt-splraiseipl-base4
Changes since 1.108: +16 -18 lines
Diff to previous 1.108 (colored)

Introduce new helper functions to abstract the route caching.
rtcache_init and rtcache_init_noclone lookup ro_dst and store
the result in ro_rt, taking care of the reference counting and
calling the domain specific route cache.
rtcache_free checks if a route was cashed and frees the reference.
rtcache_copy copies ro_dst of the given struct route, checking that
enough space is available and incrementing the reference count of the
cached rtentry if necessary.
rtcache_check validates that the cached route is still up. If it isn't,
it tries to look it up again. Afterwards ro_rt is either a valid again
or NULL.
rtcache_copy is used internally.

Adjust to callers of rtalloc/rtflush in the tree to check the sanity of
ro_dst first (if necessary). If it doesn't fit the expectations, free
the cache, otherwise check if the cached route is still valid. After
that combination, a single check for ro_rt == NULL is enough to decide
whether a new lookup needs to be done with a different ro_dst.
Make the route checking in gre stricter by repeating the loop check
after revalidation.
Remove some unused RADIX_MPATH code in in6_src.c. The logic is slightly
changed here to first validate the route and check RTF_GATEWAY
afterwards. This is sementically equivalent though.
etherip doesn't need sc_route_expire similiar to the gif changes from
dyoung@ earlier.

Based on the earlier patch from dyoung@, reviewed and discussed with
him.

Revision 1.108 / (download) - annotate - [select for diffs], Sat Dec 9 05:33:08 2006 UTC (13 years, 11 months ago) by dyoung
Branch: MAIN
CVS Tags: yamt-splraiseipl-base3
Changes since 1.107: +13 -20 lines
Diff to previous 1.107 (colored)

Here are various changes designed to protect against bad IPv4
routing caused by stale route caches (struct route).  Route caches
are sprinkled throughout PCBs, the IP fast-forwarding table, and
IP tunnel interfaces (gre, gif, stf).

Stale IPv6 and ISO route caches will be treated by separate patches.

Thank you to Christoph Badura for suggesting the general approach
to invalidating route caches that I take here.

Here are the details:

Add hooks to struct domain for tracking and for invalidating each
domain's route caches: dom_rtcache, dom_rtflush, and dom_rtflushall.

Introduce helper subroutines, rtflush(ro) for invalidating a route
cache, rtflushall(family) for invalidating all route caches in a
routing domain, and rtcache(ro) for notifying the domain of a new
cached route.

Chain together all IPv4 route caches where ro_rt != NULL.  Provide
in_rtcache() for adding a route to the chain.  Provide in_rtflush()
and in_rtflushall() for invalidating IPv4 route caches.  In
in_rtflush(), set ro_rt to NULL, and remove the route from the
chain.  In in_rtflushall(), walk the chain and remove every route
cache.

In rtrequest1(), call rtflushall() to invalidate route caches when
a route is added.

In gif(4), discard the workaround for stale caches that involves
expiring them every so often.

Replace the pattern 'RTFREE(ro->ro_rt); ro->ro_rt = NULL;' with a
call to rtflush(ro).

Update ipflow_fastforward() and all other users of route caches so
that they expect a cached route, ro->ro_rt, to turn to NULL.

Take care when moving a 'struct route' to rtflush() the source and
to rtcache() the destination.

In domain initializers, use .dom_xxx tags.

KNF here and there.

Revision 1.107 / (download) - annotate - [select for diffs], Sat Dec 2 18:59:17 2006 UTC (13 years, 11 months ago) by dyoung
Branch: MAIN
Changes since 1.106: +6 -7 lines
Diff to previous 1.106 (colored)

Use the queue(3) macros instead of open-coding them.  Shorten
staircases.  Remove unnecessary casts.  Where appropriate, s/8/NBBY/.
De-__P().  KNF.

No functional changes intended.

Revision 1.106 / (download) - annotate - [select for diffs], Sat Nov 25 18:41:36 2006 UTC (14 years ago) by yamt
Branch: MAIN
CVS Tags: netbsd-4-base
Branch point for: wrstuden-fixsa, netbsd-4
Changes since 1.105: +2 -35 lines
Diff to previous 1.105 (colored)

move tso-by-software code to their own files.  no functional changes.

Revision 1.105 / (download) - annotate - [select for diffs], Thu Nov 23 19:41:58 2006 UTC (14 years ago) by yamt
Branch: MAIN
Changes since 1.104: +52 -6 lines
Diff to previous 1.104 (colored)

implement ipv6 TSO.
partly from Matthias Scheler.  tested by him.

Revision 1.104 / (download) - annotate - [select for diffs], Thu Nov 16 01:33:45 2006 UTC (14 years ago) by christos
Branch: MAIN
Changes since 1.103: +3 -3 lines
Diff to previous 1.103 (colored)

__unused removal on arguments; approved by core.

Revision 1.103 / (download) - annotate - [select for diffs], Thu Oct 12 01:32:39 2006 UTC (14 years, 1 month ago) by christos
Branch: MAIN
CVS Tags: yamt-splraiseipl-base2
Changes since 1.102: +11 -10 lines
Diff to previous 1.102 (colored)

- sprinkle __unused on function decls.
- fix a couple of unused bugs
- no more -Wno-unused for i386

Revision 1.102 / (download) - annotate - [select for diffs], Wed Aug 30 17:15:22 2006 UTC (14 years, 2 months ago) by christos
Branch: MAIN
CVS Tags: yamt-splraiseipl-base, yamt-pdpolicy-base9, yamt-pdpolicy-base8, rpaulo-netinet-merge-pcb-base
Branch point for: yamt-splraiseipl, newlock2
Changes since 1.101: +6 -10 lines
Diff to previous 1.101 (colored)

remove impossible comparisons.

Revision 1.101 / (download) - annotate - [select for diffs], Sun Jul 23 22:06:13 2006 UTC (14 years, 4 months ago) by ad
Branch: MAIN
CVS Tags: yamt-pdpolicy-base7, abandoned-netbsd-4-base, abandoned-netbsd-4
Changes since 1.100: +11 -8 lines
Diff to previous 1.100 (colored)

Use the LWP cached credentials where sane.

Revision 1.100 / (download) - annotate - [select for diffs], Wed Jul 12 13:11:27 2006 UTC (14 years, 4 months ago) by tron
Branch: MAIN
Changes since 1.99: +19 -2 lines
Diff to previous 1.99 (colored)

Add diagnostic checks for hardware-assisted checksum related flags in
the mbuf which supposed to get sent out:
- Complain in ip_output() if any of the IPv6 related flags are set.
- Complain in ip6_output() if any of the IPv4 related flags are set.
- Complain in both functions if the flags indicate that both a TCP and
  UCP checksum should be calculated by the hardware.

Revision 1.99 / (download) - annotate - [select for diffs], Sat Jul 8 19:58:40 2006 UTC (14 years, 4 months ago) by rpaulo
Branch: MAIN
Changes since 1.98: +16 -2 lines
Diff to previous 1.98 (colored)

Add a missing piece from RFC 3542. KAME-NetBSD-current branch
revision 1.1.1.2.2.5:
	do not call pfctlinput2(PRC_MSGSIZE) on fragmentation to avoid
	notification storm

From Keiichi SHIMA:
  "In the current NetBSD code, the PRC_MSGSIZE message will be generated
   for every fragmented packets when a node is trying to send a big
   packet. That was the intermediate behavior while RFC3542 was under
   discussion."

By (obviously) the KAME project.

Revision 1.98 / (download) - annotate - [select for diffs], Sun May 14 21:19:34 2006 UTC (14 years, 6 months ago) by elad
Branch: MAIN
CVS Tags: yamt-pdpolicy-base6, yamt-pdpolicy-base5, simonb-timecounters-base, gdamore-uart-base, chap-midi-nbase, chap-midi-base, chap-midi
Branch point for: gdamore-uart
Changes since 1.97: +6 -5 lines
Diff to previous 1.97 (colored)

integrate kauth.

Revision 1.97 / (download) - annotate - [select for diffs], Fri May 5 00:03:22 2006 UTC (14 years, 6 months ago) by rpaulo
Branch: MAIN
CVS Tags: elad-kernelauth-base
Changes since 1.96: +1107 -275 lines
Diff to previous 1.96 (colored)

Add support for RFC 3542 Adv. Socket API for IPv6 (which obsoletes 2292).
* RFC 3542 isn't binary compatible with RFC 2292.
* RFC 2292 support is on by default but can be disabled.
* update ping6, telnet and traceroute6 to the new API.

From the KAME project (www.kame.net).
Reviewed by core.

Revision 1.96 / (download) - annotate - [select for diffs], Sat Apr 15 00:28:16 2006 UTC (14 years, 7 months ago) by christos
Branch: MAIN
Changes since 1.95: +4 -3 lines
Diff to previous 1.95 (colored)

Coverity CID 608: #ifdef out dead code.

Revision 1.95 / (download) - annotate - [select for diffs], Sun Mar 5 23:47:08 2006 UTC (14 years, 8 months ago) by rpaulo
Branch: MAIN
CVS Tags: yamt-pdpolicy-base4, yamt-pdpolicy-base3, yamt-pdpolicy-base2, peter-altq-base
Branch point for: peter-altq, elad-kernelauth
Changes since 1.94: +4 -4 lines
Diff to previous 1.94 (colored)

NDP-related improvements:
        RFC4191
	- supports host-side router-preference

	RFC3542
	- if DAD fails on a interface, disables IPv6 operation on the
          interface
	- don't advertise MLD report before DAD finishes

	Others
	- fixes integer overflow for valid and preferred lifetimes
	- improves timer granularity for MLD, using callout-timer.
	- reflects rtadvd's IPv6 host variable information into kernel
	  (router only)
	- adds a sysctl option to enable/disable pMTUd for multicast
          packets
	- performs NUD on PPP/GRE interface by default
	- Redirect works regardless of ip6_accept_rtadv
	- removes RFC1885-related code

From the KAME project via SUZUKI Shinsuke.
Reviewed by core.

Revision 1.94 / (download) - annotate - [select for diffs], Sat Jan 21 00:15:36 2006 UTC (14 years, 10 months ago) by rpaulo
Branch: MAIN
CVS Tags: yamt-uio_vmspace-base5, yamt-pdpolicy-base
Branch point for: yamt-pdpolicy, simonb-timecounters, rpaulo-netinet-merge-pcb
Changes since 1.93: +254 -235 lines
Diff to previous 1.93 (colored)

Better support of IPv6 scoped addresses.

- most of the kernel code will not care about the actual encoding of
  scope zone IDs and won't touch "s6_addr16[1]" directly.
- similarly, most of the kernel code will not care about link-local
  scoped addresses as a special case.
- scope boundary check will be stricter.  For example, the current
  *BSD code allows a packet with src=::1 and dst=(some global IPv6
  address) to be sent outside of the node, if the application do:
    s = socket(AF_INET6);
    bind(s, "::1");
    sendto(s, some_global_IPv6_addr);
  This is clearly wrong, since ::1 is only meaningful within a single
  node, but the current implementation of the *BSD kernel cannot
  reject this attempt.
- and, while there, don't try to remove the ff02::/32 interface route
  entry in in6_ifdetach() as it's already gone.

This also includes some level of support for the standard source
address selection algorithm defined in RFC3484, which will be
completed on in the future.

From the KAME project via JINMEI Tatuya.
Approved by core@.

Revision 1.93 / (download) - annotate - [select for diffs], Sun Dec 11 12:25:02 2005 UTC (14 years, 11 months ago) by christos
Branch: MAIN
Branch point for: yamt-uio_vmspace
Changes since 1.92: +2 -2 lines
Diff to previous 1.92 (colored)

merge ktrace-lwp.

Revision 1.92 / (download) - annotate - [select for diffs], Fri Sep 23 21:21:58 2005 UTC (15 years, 2 months ago) by christos
Branch: MAIN
CVS Tags: yamt-vop-base3, yamt-vop-base2, yamt-vop-base, yamt-vop, yamt-readahead-pervnode, yamt-readahead-perfile, yamt-readahead-base3, yamt-readahead-base2, yamt-readahead-base, yamt-readahead, thorpej-vnode-attr-base, thorpej-vnode-attr, ktrace-lwp-base
Changes since 1.91: +3 -3 lines
Diff to previous 1.91 (colored)

change bcopy to memmove since this was supposed to be an ovbcopy (from kre)

Revision 1.91 / (download) - annotate - [select for diffs], Thu Aug 18 00:30:59 2005 UTC (15 years, 3 months ago) by yamt
Branch: MAIN
Changes since 1.90: +3 -5 lines
Diff to previous 1.90 (colored)

- introduce M_MOVE_PKTHDR and use it where appropriate.
  intended to be mostly API compatible with openbsd/freebsd.
- remove a glue #define in netipsec/ipsec_osdep.h.

Revision 1.90 / (download) - annotate - [select for diffs], Wed Aug 10 13:08:11 2005 UTC (15 years, 3 months ago) by yamt
Branch: MAIN
Changes since 1.89: +17 -4 lines
Diff to previous 1.89 (colored)

re-implement ipv6 tx loopback checksum omission.

Revision 1.89 / (download) - annotate - [select for diffs], Wed Aug 10 12:58:37 2005 UTC (15 years, 3 months ago) by yamt
Branch: MAIN
Changes since 1.88: +55 -2 lines
Diff to previous 1.88 (colored)

ipv6 tx checksum offloading.  reviewed by Jason Thorpe.

Revision 1.88 / (download) - annotate - [select for diffs], Mon Feb 28 09:27:07 2005 UTC (15 years, 8 months ago) by itojun
Branch: MAIN
CVS Tags: yamt-km-base4, yamt-km-base3, netbsd-3-base, netbsd-3-1-RELEASE, netbsd-3-1-RC4, netbsd-3-1-RC3, netbsd-3-1-RC2, netbsd-3-1-RC1, netbsd-3-1-1-RELEASE, netbsd-3-1, netbsd-3-0-RELEASE, netbsd-3-0-RC6, netbsd-3-0-RC5, netbsd-3-0-RC4, netbsd-3-0-RC3, netbsd-3-0-RC2, netbsd-3-0-RC1, netbsd-3-0-3-RELEASE, netbsd-3-0-2-RELEASE, netbsd-3-0-1-RELEASE, netbsd-3-0, netbsd-3, kent-audio2-base
Branch point for: yamt-lazymbuf
Changes since 1.87: +5 -3 lines
Diff to previous 1.87 (colored)

make ip6_getpmtu back to static

Revision 1.87 / (download) - annotate - [select for diffs], Tue Dec 21 11:37:47 2004 UTC (15 years, 11 months ago) by drochner
Branch: MAIN
CVS Tags: yamt-km-base2, yamt-km-base, kent-audio1-beforemerge
Branch point for: yamt-km, kent-audio2
Changes since 1.86: +35 -30 lines
Diff to previous 1.86 (colored)

fix ifindex argument checks for IPV6_JOIN_GROUP,
IPV6_LEAVE_GROUP and IPV6_MULTICAST_IF -
0 is always legal

Revision 1.86 / (download) - annotate - [select for diffs], Sat Dec 4 16:10:25 2004 UTC (15 years, 11 months ago) by peter
Branch: MAIN
CVS Tags: kent-audio1-base, kent-audio1
Changes since 1.85: +6 -11 lines
Diff to previous 1.85 (colored)

Convert lo(4) to a clonable device.

This also removes the loif array and changes all code to use the new
lo0ifp pointer which points to the lo0 ifnet structure.

Approved by christos.

Revision 1.85 / (download) - annotate - [select for diffs], Wed Jul 14 03:06:08 2004 UTC (16 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.84: +7 -3 lines
Diff to previous 1.84 (colored)

- update ro_pmtu on IPsec tunnel encapsulation.  ro != ro_pmtu is used as the
  sign for the existence of routing header.
- fragment to 1280 on IPv6-over-IPv6 encapsulation, as ICMPv6 too big may not
  give you enough information to update pmtu cache.

from iij seil team, via kame.

Revision 1.84 / (download) - annotate - [select for diffs], Tue Jul 6 04:30:29 2004 UTC (16 years, 4 months ago) by minoura
Branch: MAIN
Changes since 1.83: +4 -3 lines
Diff to previous 1.83 (colored)

Remove broken code for now: getsockopt(s, IPPROTO_IP, IP_IPSEC_POLICY,...).
It returned EINVAL, now returns ENOPROTOOPT.
Ok'd by itojun.

Revision 1.83 / (download) - annotate - [select for diffs], Fri Jun 11 04:10:10 2004 UTC (16 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.82: +12 -2 lines
Diff to previous 1.82 (colored)

implement IPV6_USE_MIN_MTU sockopt.  needed by bind9 + EDNS0 + big receive buffer.

Revision 1.82 / (download) - annotate - [select for diffs], Tue Mar 23 18:21:38 2004 UTC (16 years, 8 months ago) by martti
Branch: MAIN
CVS Tags: netbsd-2-0-base
Branch point for: netbsd-2-0
Changes since 1.81: +3 -5 lines
Diff to previous 1.81 (colored)

Make ip6_getpmtu() globally visible. This is needed by IPFilter 4.x.

Revision 1.81 / (download) - annotate - [select for diffs], Tue Mar 2 02:28:28 2004 UTC (16 years, 8 months ago) by thorpej
Branch: MAIN
Changes since 1.80: +9 -3 lines
Diff to previous 1.80 (colored)

Use the new IPSEC_PCB_SKIP_IPSEC() to bypass a socket policy lookup
when possible.  This shaves several cycles from the output path for
non-IPsec connections, even if the policy is cached in the PCB.

Revision 1.80 / (download) - annotate - [select for diffs], Mon Mar 1 22:32:35 2004 UTC (16 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.79: +6 -6 lines
Diff to previous 1.79 (colored)

knf

Revision 1.79 / (download) - annotate - [select for diffs], Fri Feb 6 08:07:55 2004 UTC (16 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.78: +2 -10 lines
Diff to previous 1.78 (colored)

remove unneeded #ifdef

Revision 1.78 / (download) - annotate - [select for diffs], Wed Feb 4 05:17:28 2004 UTC (16 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.77: +114 -30 lines
Diff to previous 1.77 (colored)

strictly follow RFC2460 section 5 last paragraph
(sending rule when PMTU < 1280).  pointed out by guninski at guninski.com

Revision 1.77 / (download) - annotate - [select for diffs], Sat Jan 24 13:02:41 2004 UTC (16 years, 10 months ago) by darrenr
Branch: MAIN
Changes since 1.76: +3 -5 lines
Diff to previous 1.76 (colored)

make ip6_getpmtu() externally visible

Revision 1.76 / (download) - annotate - [select for diffs], Mon Jan 19 05:14:58 2004 UTC (16 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.75: +9 -2 lines
Diff to previous 1.75 (colored)

do not lookup security policy if IPV6_FORWARDING.
avoids possible infinite ipsec encapsulation on
        ip6_input -> ip6_forward -(tunnel mode)-> ip6_output
case.  from kame

Revision 1.75 / (download) - annotate - [select for diffs], Wed Dec 10 22:35:35 2003 UTC (16 years, 11 months ago) by itojun
Branch: MAIN
Changes since 1.74: +6 -5 lines
Diff to previous 1.74 (colored)

fix cases where pktinfo specifies outgoing interface of "0".

Revision 1.74 / (download) - annotate - [select for diffs], Wed Dec 10 11:46:33 2003 UTC (16 years, 11 months ago) by itojun
Branch: MAIN
Changes since 1.73: +12 -8 lines
Diff to previous 1.73 (colored)

use if_indexlim (instead of if_index) and ifindex2ifnet[x] != NULL
to check if interface exists, as (1) if_index has different meaning
(2) ifindex2ifnet could become NULL when interface gets destroyed,
since when we have introduced dynamically-created interfaces.  from kame

Revision 1.73 / (download) - annotate - [select for diffs], Thu Nov 6 06:10:51 2003 UTC (17 years ago) by itojun
Branch: MAIN
Changes since 1.72: +5 -5 lines
Diff to previous 1.72 (colored)

correct behavior when ipv6mr_interface is 0.  Matthias Drochner

Revision 1.72 / (download) - annotate - [select for diffs], Thu Oct 30 01:43:09 2003 UTC (17 years ago) by simonb
Branch: MAIN
Changes since 1.71: +2 -5 lines
Diff to previous 1.71 (colored)

Remove some assigned-to but otherwise unused variables.

Revision 1.71 / (download) - annotate - [select for diffs], Fri Oct 3 20:56:11 2003 UTC (17 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.70: +3 -2 lines
Diff to previous 1.70 (colored)

when dropping M_PKTHDR, need to free m_tag associated with it.

Revision 1.70 / (download) - annotate - [select for diffs], Sat Sep 6 03:36:33 2003 UTC (17 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.69: +3 -3 lines
Diff to previous 1.69 (colored)

randomize IPv4/v6 fragment ID and IPv6 flowlabel.  avoids predictability
of these fields.  ip_id.c is from openbsd.  ip6_id.c is adapted by kame.

Revision 1.69 / (download) - annotate - [select for diffs], Fri Sep 5 23:20:50 2003 UTC (17 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.68: +4 -4 lines
Diff to previous 1.68 (colored)

u_short -> u_int16_t.  sync w/ kame.
don't set ip6_plen where unneeded (i.e. before calling ip6_output)

Revision 1.68 / (download) - annotate - [select for diffs], Thu Sep 4 03:07:33 2003 UTC (17 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.67: +7 -3 lines
Diff to previous 1.67 (colored)

don't use m_cat to mbuf of different types.  KAME-PR-495

Revision 1.67 / (download) - annotate - [select for diffs], Mon Aug 25 00:10:27 2003 UTC (17 years, 3 months ago) by itojun
Branch: MAIN
Changes since 1.66: +42 -25 lines
Diff to previous 1.66 (colored)

don't commit value into ip6_ptkopts until the validation is done.
(note: the code will be updated with 2292bis definition soon, hopefully)

Revision 1.66 / (download) - annotate - [select for diffs], Fri Aug 22 22:00:40 2003 UTC (17 years, 3 months ago) by itojun
Branch: MAIN
Changes since 1.65: +2 -5 lines
Diff to previous 1.65 (colored)

remove ipsec_set/getsocket.  now we explicitly pass socket * to ip{,6}_output.

Revision 1.65 / (download) - annotate - [select for diffs], Fri Aug 22 21:53:08 2003 UTC (17 years, 3 months ago) by itojun
Branch: MAIN
Changes since 1.64: +4 -6 lines
Diff to previous 1.64 (colored)

change the additional arg to be passed to ip{,6}_output to struct socket *.

this fixes KAME policy lookup which was broken by the previous commit.

Revision 1.64 / (download) - annotate - [select for diffs], Fri Aug 22 20:29:01 2003 UTC (17 years, 3 months ago) by jonathan
Branch: MAIN
Changes since 1.63: +3 -3 lines
Diff to previous 1.63 (colored)

Change KAME code for ip_output()/ip6_output() to obtain struct socket*
from the explicit inpcb*/in6pcb* argument.  set_socket() becomes redundant.

Revision 1.63 / (download) - annotate - [select for diffs], Fri Aug 22 20:20:09 2003 UTC (17 years, 3 months ago) by jonathan
Branch: MAIN
Changes since 1.62: +6 -4 lines
Diff to previous 1.62 (colored)

Replace the set_socket() method of passing an extra struct socket*
argument to ip6_output() with a new explicit struct in6pcb* argument.
(The underlying socket can be obtained via in6pcb->inp6_socket.)

In preparation for fast-ipsec.  Reviewed by itojun.

Revision 1.62 / (download) - annotate - [select for diffs], Thu Aug 7 16:33:28 2003 UTC (17 years, 3 months ago) by agc
Branch: MAIN
Changes since 1.61: +3 -7 lines
Diff to previous 1.61 (colored)

Move UCB-licensed code from 4-clause to 3-clause licence.

Patches provided by Joel Baker in PR 22364, verified by myself.

Revision 1.61 / (download) - annotate - [select for diffs], Fri Jun 6 08:13:43 2003 UTC (17 years, 5 months ago) by itojun
Branch: MAIN
Branch point for: ktrace-lwp
Changes since 1.60: +7 -6 lines
Diff to previous 1.60 (colored)

- sync up MLD declaration with RFC3542 (s/MLD6/MLD/)
- routing header declaration with RFC3542
  (note: sizeof(ip6_rthdr0) has changed!)
  also, sync up with RFC2460 routing header definition (no "strict" source
  routing mode any more)

part of advanced API update (RFC2292 -> 3542).

Revision 1.60 / (download) - annotate - [select for diffs], Sat Nov 2 07:30:58 2002 UTC (18 years ago) by perry
Branch: MAIN
CVS Tags: nathanw_sa_before_merge, nathanw_sa_base, gmcgarry_ucred_base, gmcgarry_ucred, gmcgarry_ctxsw_base, gmcgarry_ctxsw, fvdl_fs64_base
Changes since 1.59: +5 -5 lines
Diff to previous 1.59 (colored)

/*CONTCOND*/ while (0)'ed macros

Revision 1.59 / (download) - annotate - [select for diffs], Thu Oct 31 17:36:16 2002 UTC (18 years ago) by itojun
Branch: MAIN
Changes since 1.58: +4 -4 lines
Diff to previous 1.58 (colored)

plug a memory leak.  from sam leffler.  sync w/kame

Revision 1.58 / (download) - annotate - [select for diffs], Mon Sep 23 13:28:55 2002 UTC (18 years, 2 months ago) by itojun
Branch: MAIN
CVS Tags: kqueue-beforemerge, kqueue-base, kqueue-aftermerge
Changes since 1.57: +3 -3 lines
Diff to previous 1.57 (colored)

length field on PADN option, before jumbo payload option was wrong.
sync w/kame

Revision 1.57 / (download) - annotate - [select for diffs], Wed Sep 11 02:46:45 2002 UTC (18 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.56: +51 -51 lines
Diff to previous 1.56 (colored)

KNF - return is not a function.  sync w/kame.

Revision 1.56 / (download) - annotate - [select for diffs], Wed Sep 11 02:41:26 2002 UTC (18 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.55: +6 -6 lines
Diff to previous 1.55 (colored)

correct signedness mixup in pointer passing.  sync w/kame

Revision 1.55 / (download) - annotate - [select for diffs], Sun Jun 9 14:43:12 2002 UTC (18 years, 5 months ago) by itojun
Branch: MAIN
CVS Tags: gehenna-devsw-base
Changes since 1.54: +3 -3 lines
Diff to previous 1.54 (colored)

whitespace cleanup

Revision 1.54 / (download) - annotate - [select for diffs], Sat Jun 8 21:22:33 2002 UTC (18 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.53: +3 -3 lines
Diff to previous 1.53 (colored)

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
  use sysctl path instead.
- lo0 does not get ::1 automatically.  it will get ::1 when lo0 comes up.

Revision 1.53 / (download) - annotate - [select for diffs], Fri Jun 7 22:03:02 2002 UTC (18 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.52: +78 -2 lines
Diff to previous 1.52 (colored)

sync IPV6_CHECKSUM handling with kame.

Revision 1.52 / (download) - annotate - [select for diffs], Fri Jun 7 17:13:56 2002 UTC (18 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.51: +6 -2 lines
Diff to previous 1.51 (colored)

comment

Revision 1.51 / (download) - annotate - [select for diffs], Fri Jun 7 14:48:56 2002 UTC (18 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.50: +4 -5 lines
Diff to previous 1.50 (colored)

whitespace

Revision 1.50 / (download) - annotate - [select for diffs], Fri Jun 7 14:43:11 2002 UTC (18 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.49: +2 -14 lines
Diff to previous 1.49 (colored)

remove #if 0'ed portion

Revision 1.49 / (download) - annotate - [select for diffs], Fri Jun 7 14:29:10 2002 UTC (18 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.48: +56 -80 lines
Diff to previous 1.48 (colored)

KNF a bit

Revision 1.48 / (download) - annotate - [select for diffs], Fri Jun 7 04:18:12 2002 UTC (18 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.47: +7 -7 lines
Diff to previous 1.47 (colored)

typo

Revision 1.47 / (download) - annotate - [select for diffs], Fri Jun 7 04:07:55 2002 UTC (18 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.46: +7 -7 lines
Diff to previous 1.46 (colored)

'fall through' is not a valid LINT keyword.

Revision 1.46 / (download) - annotate - [select for diffs], Fri May 31 03:18:54 2002 UTC (18 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.45: +6 -6 lines
Diff to previous 1.45 (colored)

do not try to update rmx_mtu if rmx_mtu == 0 (obey ifmtu)

Revision 1.45 / (download) - annotate - [select for diffs], Wed May 29 07:53:41 2002 UTC (18 years, 6 months ago) by itojun
Branch: MAIN
Changes since 1.44: +76 -49 lines
Diff to previous 1.44 (colored)

attach nd_ifinfo structure into if_afdata.
split IPv6 link MTU (advertised by RA) from real link MTU.
sync with kame

Revision 1.44 / (download) - annotate - [select for diffs], Thu Mar 28 01:33:50 2002 UTC (18 years, 8 months ago) by itojun
Branch: MAIN
CVS Tags: netbsd-1-6-base
Branch point for: netbsd-1-6, gehenna-devsw
Changes since 1.43: +4 -3 lines
Diff to previous 1.43 (colored)

make sure to check address family in route cache
(I really hate IPv4 mapped address...)

Revision 1.43 / (download) - annotate - [select for diffs], Thu Dec 20 07:26:37 2001 UTC (18 years, 11 months ago) by itojun
Branch: MAIN
CVS Tags: newlock-base, newlock, ifpoll-base, eeh-devprop-base, eeh-devprop
Changes since 1.42: +11 -16 lines
Diff to previous 1.42 (colored)

centralize multicast group management (in6_join/leavegroup).
have a flag for ip6_output() to fragment to minimum MTU.
sync with kame

Revision 1.42 / (download) - annotate - [select for diffs], Tue Dec 18 03:04:04 2001 UTC (18 years, 11 months ago) by itojun
Branch: MAIN
Changes since 1.41: +13 -7 lines
Diff to previous 1.41 (colored)

reduce white space/cosmetic diffs w/kame.

Revision 1.41 / (download) - annotate - [select for diffs], Tue Nov 13 00:57:02 2001 UTC (19 years ago) by lukem
Branch: MAIN
Changes since 1.40: +4 -1 lines
Diff to previous 1.40 (colored)

add RCSIDs

Revision 1.40 / (download) - annotate - [select for diffs], Wed Oct 24 06:36:38 2001 UTC (19 years, 1 month ago) by itojun
Branch: MAIN
CVS Tags: thorpej-mips-cache-base
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)

more whitespace sync with kame

Revision 1.39 / (download) - annotate - [select for diffs], Thu Oct 18 07:44:34 2001 UTC (19 years, 1 month ago) by itojun
Branch: MAIN
Branch point for: thorpej-mips-cache
Changes since 1.38: +1 -11 lines
Diff to previous 1.38 (colored)

reduce diffs with kame (mostly cosmetic).
move IPV6_CHECKSUM processing to sys/netinet6/raw_ip6.c.
constify a couple of places.

Revision 1.38 / (download) - annotate - [select for diffs], Wed Oct 17 08:23:06 2001 UTC (19 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.37: +1 -12 lines
Diff to previous 1.37 (colored)

unifdef OLDIP6OUTPUT

Revision 1.37 / (download) - annotate - [select for diffs], Mon Oct 15 09:51:17 2001 UTC (19 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.36: +70 -62 lines
Diff to previous 1.36 (colored)

implement IPV6_V6ONLY socket option from draft-ietf-ipngwg-rfc2553bis-03.txt.
IPV6_BINDV6ONLY (netbsd only) is deprecated, but still work just like before.

Revision 1.36 / (download) - annotate - [select for diffs], Mon Jun 11 13:49:18 2001 UTC (19 years, 5 months ago) by itojun
Branch: MAIN
CVS Tags: thorpej-devvp-base3, thorpej-devvp-base2, thorpej-devvp-base, thorpej-devvp, pre-chs-ubcperf, post-chs-ubcperf
Branch point for: kqueue
Changes since 1.35: +1 -5 lines
Diff to previous 1.35 (colored)

remove IPV6FIREWALL case, which is never used

Revision 1.35 / (download) - annotate - [select for diffs], Wed Apr 11 04:57:53 2001 UTC (19 years, 7 months ago) by itojun
Branch: MAIN
CVS Tags: thorpej_scsipi_nbase, thorpej_scsipi_beforemerge, thorpej_scsipi_base
Changes since 1.34: +9 -2 lines
Diff to previous 1.34 (colored)

disallow userland programs from specifying addresses with IPV6_PKTINFO
setsockopt, if:
- the address is not verified by DAD (= not ready)
- the address is an anycast address (= not permitted as source)
sync with kame

Revision 1.34 / (download) - annotate - [select for diffs], Fri Mar 30 11:08:57 2001 UTC (19 years, 7 months ago) by itojun
Branch: MAIN
Changes since 1.33: +10 -24 lines
Diff to previous 1.33 (colored)

enable FAKE_LOOPBACK_IF case by default.
now traffic on loopback interface will be presented to bpf as normal wire
format packet (without KAME scopeid in s6_addr16[1]).

fix KAME PR 250 (host mistakenly accepts packets to fe80::x%lo0).

sync with kame.

Revision 1.33 / (download) - annotate - [select for diffs], Sun Mar 25 09:58:43 2001 UTC (19 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.32: +3 -3 lines
Diff to previous 1.32 (colored)

re-initialize mopt in ip6_insert_jumboopt().  sync with kame
From: csapuntz@stanford.edu

Revision 1.32 / (download) - annotate - [select for diffs], Wed Mar 21 07:52:14 2001 UTC (19 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.31: +6 -3 lines
Diff to previous 1.31 (colored)

set rmx_mtu to L2 interface mtu, instead of 0, on mtudisc timeout.
ip6_output() change is for safety.  sync with kame

Revision 1.31 / (download) - annotate - [select for diffs], Sat Feb 10 04:14:28 2001 UTC (19 years, 9 months ago) by itojun
Branch: MAIN
Branch point for: nathanw_sa
Changes since 1.30: +21 -20 lines
Diff to previous 1.30 (colored)

to sync with kame better, (1) remove register declaration for variables,
(2) sync whitespaces, (3) update comments. (4) bring in some of portability
and logging enhancements.  no functional changes here.

Revision 1.30 / (download) - annotate - [select for diffs], Tue Feb 6 01:27:29 2001 UTC (19 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)

bad semicolon after "if" conditional.  sync with kame

Revision 1.29 / (download) - annotate - [select for diffs], Fri Feb 2 15:54:56 2001 UTC (19 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.28: +16 -3 lines
Diff to previous 1.28 (colored)

avoid panic when a packet with nonexistent link-local address is issued.
kame 1.151 -> 1.152.

Revision 1.28 / (download) - annotate - [select for diffs], Wed Jan 24 09:04:17 2001 UTC (19 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.27: +10 -2 lines
Diff to previous 1.27 (colored)

- record IPsec packet history into m_aux structure.
- let ipfilter look at wire-format packet only (not the decapsulated ones),
  so that VPN setting can work with NAT/ipfilter settings.
sync with kame.

TODO: use header history for stricter inbound validation

Revision 1.27 / (download) - annotate - [select for diffs], Sat Nov 11 00:52:39 2000 UTC (20 years ago) by thorpej
Branch: MAIN
Changes since 1.26: +11 -20 lines
Diff to previous 1.26 (colored)

Restructure the PFIL_HOOKS mechanism a bit:
- All packets are passed to PFIL_HOOKS as they come off the wire, i.e.
  fields in protocol headers in network order, etc.
- Allow for multiple hooks to be registered, using a "key" and a "dlt".
  The "dlt" is a BPF data link type, indicating what type of header is
  present.
- INET and INET6 register with key == AF_INET or AF_INET6, and
  dlt == DLT_RAW.
- PFIL_HOOKS now take an argument for the filter hook, and mbuf **,
  an ifnet *, and a direction (PFIL_IN or PFIL_OUT), thus making them
  less IP (really, IP Filter) centric.

Maintain compatibility with IP Filter by adding wrapper functions for
IP Filter.

Revision 1.26 / (download) - annotate - [select for diffs], Mon Oct 23 03:45:25 2000 UTC (20 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.25: +13 -17 lines
Diff to previous 1.25 (colored)

make IFA_STATS really work on IPv6.

Revision 1.25 / (download) - annotate - [select for diffs], Sat Aug 19 08:15:54 2000 UTC (20 years, 3 months ago) by itojun
Branch: MAIN
Changes since 1.24: +48 -17 lines
Diff to previous 1.24 (colored)

- icmp6 nodeinfo: remove possibility of unaligned pointer access.
- jumbo payload output: fix incorrect mbuf manipulation
- pedant: align issues, mbuf assumption
(sync with kame)

Revision 1.24 / (download) - annotate - [select for diffs], Thu Jul 6 12:51:41 2000 UTC (20 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.23: +2 -3 lines
Diff to previous 1.23 (colored)

remove unnecessary #include <netkey/key_debug.h>.  from kame.

Revision 1.23 / (download) - annotate - [select for diffs], Tue Jun 20 02:24:42 2000 UTC (20 years, 5 months ago) by itojun
Branch: MAIN
CVS Tags: netbsd-1-5-base, netbsd-1-5-RELEASE, netbsd-1-5-BETA2, netbsd-1-5-BETA, netbsd-1-5-ALPHA2
Branch point for: netbsd-1-5
Changes since 1.22: +4 -4 lines
Diff to previous 1.22 (colored)

avoid possible mbuf leaks on ipsec policy violation.(sync with kame)

Revision 1.22 / (download) - annotate - [select for diffs], Sat Jun 3 14:36:37 2000 UTC (20 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.21: +49 -13 lines
Diff to previous 1.21 (colored)

sync with kame.
- use latest source address selection code - in6_src.c.
- correct frag header insertion.
- deep copy ip6 header portion in ip6_mloopback to avoid overwrite.
- do not bark when we forward packet to loopback.
- some cosmetics.

Revision 1.21 / (download) - annotate - [select for diffs], Fri May 19 20:09:27 2000 UTC (20 years, 6 months ago) by itojun
Branch: MAIN
CVS Tags: minoura-xpg4dl-base
Branch point for: minoura-xpg4dl
Changes since 1.20: +3 -3 lines
Diff to previous 1.20 (colored)

correct manipulation of link-local scoped address on loopback.
now "telnet fe80::1%lo0" should work again.
(we have another bug near here - will attack it soon)

Revision 1.20 / (download) - annotate - [select for diffs], Fri May 19 04:34:43 2000 UTC (20 years, 6 months ago) by thorpej
Branch: MAIN
Changes since 1.19: +2 -2 lines
Diff to previous 1.19 (colored)

NULL != 0

Revision 1.19 / (download) - annotate - [select for diffs], Fri May 19 01:40:18 2000 UTC (20 years, 6 months ago) by itojun
Branch: MAIN
Changes since 1.18: +67 -43 lines
Diff to previous 1.18 (colored)

do not mistakingly forward link-local scoped packet (the bug was added
with "beyondscope" icmp6 support).
"options FAKE_LOOPBACK_IF" will honor scope on loopback outputs.  rcvif will
be real interface, not the loopback, just like when multicast loopback.

(sync with kame)

Revision 1.18 / (download) - annotate - [select for diffs], Wed Mar 29 03:38:53 2000 UTC (20 years, 8 months ago) by simonb
Branch: MAIN
Changes since 1.17: +1 -2 lines
Diff to previous 1.17 (colored)

Remove duplicate declaration of ifindex2ifnet - it's in <net/if.h>.

Revision 1.17 / (download) - annotate - [select for diffs], Wed Mar 1 12:49:46 2000 UTC (20 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.16: +3 -3 lines
Diff to previous 1.16 (colored)

introduce m->m_pkthdr.aux to hold random data which needs to be passed
between protocol handlers.

ipsec socket pointers, ipsec decryption/auth information, tunnel
decapsulation information are in my mind - there can be several other usage.
at this moment, we use this for ipsec socket pointer passing.  this will
avoid reuse of m->m_pkthdr.rcvif in ipsec code.

due to the change, MHLEN will be decreased by sizeof(void *) - for example,
for i386, MHLEN was 100 bytes, but is now 96 bytes.
we may want to increase MSIZE from 128 to 256 for some of our architectures.

take caution if you use it for keeping some data item for long period
of time - use extra caution on M_PREPEND() or m_adj(), as they may result
in loss of m->m_pkthdr.aux pointer (and mbuf leak).

this will bump kernel version.

(as discussed in tech-net, tested in kame tree)

Revision 1.16 / (download) - annotate - [select for diffs], Sun Feb 20 00:56:43 2000 UTC (20 years, 9 months ago) by darrenr
Branch: MAIN
Changes since 1.15: +2 -2 lines
Diff to previous 1.15 (colored)

pass "struct pfil_head *" to pfil_add_hook and pfil_remove hook rather
than "struct protosw *".

Revision 1.15 / (download) - annotate - [select for diffs], Thu Feb 17 10:59:39 2000 UTC (20 years, 9 months ago) by darrenr
Branch: MAIN
Changes since 1.14: +29 -1 lines
Diff to previous 1.14 (colored)

Change the use of pfil hooks.  There is no longer a single list of all
pfil information, instead, struct protosw now contains a structure
which caontains list heads, etc.  The per-protosw pfil struct is passed
to pfil_hook_get(), along with an in/out flag to get the head of the
relevant filter list.  This has been done for only IPv4 and IPv6, at
present, with these patches only enabling filtering for IPPROTO_IP and
IPPROTO_IPV6, although it is possible to have tcp/udp, etc, dedicated
filters now also.  The ipfilter code has been updated to only filter
IPv4 packets - next major release of ipfilter is required for ipv6.

Revision 1.14 / (download) - annotate - [select for diffs], Sun Feb 6 12:49:46 2000 UTC (20 years, 9 months ago) by itojun
Branch: MAIN
CVS Tags: chs-ubc2-newbase
Changes since 1.13: +3 -3 lines
Diff to previous 1.13 (colored)

fix include pathname for better rfc2292 compliance.

Revision 1.13 / (download) - annotate - [select for diffs], Mon Jan 31 14:19:03 2000 UTC (20 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.12: +18 -9 lines
Diff to previous 1.12 (colored)

bring in latest KAME ipsec tree.
- interop issues in ipcomp is fixed
- padding type (after ESP) is configurable
- key database memory management (need more fixes)
- policy specification is revisited

XXX m->m_pkthdr.rcvif is still overloaded - hope to fix it soon

Revision 1.12 / (download) - annotate - [select for diffs], Wed Jan 26 17:06:37 2000 UTC (20 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.11: +40 -1 lines
Diff to previous 1.11 (colored)

make setsockopt(IPV6_PORTRANGE) work.  obeys IPNOPRIVPORTS.

Revision 1.11 / (download) - annotate - [select for diffs], Thu Jan 6 15:46:10 2000 UTC (20 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.10: +3 -69 lines
Diff to previous 1.10 (colored)

remove extra portability #ifdef (like #ifdef __FreeBSD__) in KAME IPv6/IPsec
code, from netbsd-current repository.
#ifdef'ed version is always available from ftp.kame.net.

XXX please do not make too many diff-unfriendly changes, we'll need to take
bunch of diffs on upgrade...

Revision 1.10 / (download) - annotate - [select for diffs], Thu Jan 6 06:41:19 2000 UTC (20 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.9: +20 -2 lines
Diff to previous 1.9 (colored)

make IPV6_BINDV6ONLY setsockopt available.  it controls behavior of
AF_INET6 wildcard listening socket.  heavily documented in ip6(4).
net.inet6.ip6.bindv6only defines default value.  default is 1.

"options INET6_BINDV6ONLY" removes any code fragment that supports
IPV6_BINDV6ONLY == 0 case (not defopt'ed as use of this is rare).

Revision 1.9 / (download) - annotate - [select for diffs], Mon Dec 13 15:17:23 1999 UTC (20 years, 11 months ago) by itojun
Branch: MAIN
CVS Tags: wrstuden-devbsize-base, wrstuden-devbsize-19991221
Changes since 1.8: +118 -29 lines
Diff to previous 1.8 (colored)

sync IPv6 part with latest KAME tree.   IPsec part is left unmodified
due to massive changes in KAME side.
- IPv6 output goes through nd6_output
- faith can capture IPv4 packets as well - you can run IPv4-to-IPv6 translator
  using heavily modified DNS servers
- per-interface statistics (required for IPv6 MIB)
- interface autoconfig is revisited
- udp input handling has a big change for mapped address support.
- introduce in4_cksum() for non-overwriting checksumming
- introduce m_pulldown()
- neighbor discovery cleanups/improvements
- netinet/in.h strictly conforms to RFC2553 (no extra defs visible to userland)
- IFA_STATS is fixed a bit (not tested)
- and more more more.

TODO:
- cleanup os-independency #ifdef
- avoid rcvif dual use (for IPsec) to help ifdetach

(sorry for jumbo commit, I can't separate this any more...)

Revision 1.8 / (download) - annotate - [select for diffs], Sat Jul 31 18:41:16 1999 UTC (21 years, 3 months ago) by itojun
Branch: MAIN
CVS Tags: fvdl-softdep-base, fvdl-softdep, comdex-fall-1999-base, comdex-fall-1999, chs-ubc2-base
Branch point for: wrstuden-devbsize, thorpej_scsipi
Changes since 1.7: +3 -1 lines
Diff to previous 1.7 (colored)

sync with recent KAME.
- loosen ipsec restriction on packet diredtion.
- revise icmp6 redirect handling on IsRouter bit.
- tcp/udp notification processing (link-local address case)
- cosmetic fixes (better code share across *BSD).

Revision 1.7 / (download) - annotate - [select for diffs], Fri Jul 30 10:35:36 1999 UTC (21 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.6: +1 -2 lines
Diff to previous 1.6 (colored)

remove reference to in6_systm.h (file itself will be removed afterwords)

Revision 1.6 / (download) - annotate - [select for diffs], Thu Jul 22 12:56:57 1999 UTC (21 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.5: +9 -1 lines
Diff to previous 1.5 (colored)

- implement IPv6 pmtud, which is necessary for TCP6.
- fix memory leak on SO_DEBUG over TCP.

Revision 1.5 / (download) - annotate - [select for diffs], Thu Jul 22 03:59:42 1999 UTC (21 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.4: +3 -3 lines
Diff to previous 1.4 (colored)

change unnecessary u_long/long into u_int32_t or something relevant.
more fixes should follow.

Revision 1.4 / (download) - annotate - [select for diffs], Fri Jul 9 22:57:28 1999 UTC (21 years, 4 months ago) by thorpej
Branch: MAIN
Changes since 1.3: +2 -1 lines
Diff to previous 1.3 (colored)

defopt IPSEC and IPSEC_ESP (both into opt_ipsec.h).

Revision 1.3 / (download) - annotate - [select for diffs], Sat Jul 3 21:30:19 1999 UTC (21 years, 4 months ago) by thorpej
Branch: MAIN
Changes since 1.2: +2 -0 lines
Diff to previous 1.2 (colored)

RCS ID police.

Revision 1.2 / (download) - annotate - [select for diffs], Thu Jul 1 08:12:56 1999 UTC (21 years, 4 months ago) by itojun
Branch: MAIN
Branch point for: chs-ubc2
Changes since 1.1: +2011 -0 lines
Diff to previous 1.1 (colored)

IPv6 kernel code, based on KAME/NetBSD 1.4, SNAP kit 19990628.
(Sorry for a big commit, I can't separate this into several pieces...)
Pls check sys/netinet6/TODO and sys/netinet6/IMPLEMENTATION for details.

- sys/kern: do not assume single mbuf, accept chained mbuf on passing
  data from userland to kernel (or other way round).
- "midway" ATM card: ATM PVC pseudo device support, like those done in ALTQ
  package (ftp://ftp.csl.sony.co.jp/pub/kjc/).
- sys/netinet/tcp*: IPv4/v6 dual stack tcp support.
- sys/netinet/{ip6,icmp6}.h, sys/net/pfkeyv2.h: IETF document assumes those
  file to be there so we patch it up.
- sys/netinet: IPsec additions are here and there.
- sys/netinet6/*: most of IPv6 code sits here.
- sys/netkey: IPsec key management code
- dev/pci/pcidevs: regen

In my understanding no code here is subject to export control so it
should be safe.

Revision 1.1, Mon Jun 28 06:37:05 1999 UTC (21 years, 5 months ago) by itojun
Branch: MAIN
Branch point for: kame
FILE REMOVED

file ip6_output.c was initially added on branch kame.

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>