![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / sys / netinet6
Request diff between arbitrary revisions
Default branch: MAIN
Current tag: MAIN
Revision 1.91 / (download) - annotate - [select for diffs], Fri Sep 11 15:03:33 2020 UTC (3 years, 7 months ago) by roy
Branch: MAIN
CVS Tags: thorpej-ifq-base,
thorpej-ifq,
thorpej-i2c-spi-conf2-base,
thorpej-i2c-spi-conf2,
thorpej-i2c-spi-conf-base,
thorpej-i2c-spi-conf,
thorpej-futex2-base,
thorpej-futex2,
thorpej-futex-base,
thorpej-futex,
thorpej-cfargs2-base,
thorpej-cfargs2,
thorpej-cfargs-base,
thorpej-cfargs,
thorpej-altq-separation-base,
thorpej-altq-separation,
netbsd-10-base,
netbsd-10-0-RELEASE,
netbsd-10-0-RC6,
netbsd-10-0-RC5,
netbsd-10-0-RC4,
netbsd-10-0-RC3,
netbsd-10-0-RC2,
netbsd-10-0-RC1,
netbsd-10,
cjep_sun2x-base1,
cjep_sun2x-base,
cjep_sun2x,
cjep_staticlib_x-base1,
cjep_staticlib_x-base,
cjep_staticlib_x,
bouyer-sunxi-drm-base,
bouyer-sunxi-drm,
HEAD
Changes since 1.90: +15 -28
lines
Diff to previous 1.90 (unified)
inet6: Use generic Neighor Detection rather than IPv6 specific No functional change intended.
Revision 1.90 / (download) - annotate - [select for diffs], Thu Aug 20 11:01:02 2020 UTC (3 years, 7 months ago) by roy
Branch: MAIN
Changes since 1.89: +2 -2
lines
Diff to previous 1.89 (unified)
Sprinkle some const
Revision 1.89 / (download) - annotate - [select for diffs], Fri Jun 12 11:04:45 2020 UTC (3 years, 10 months ago) by roy
Branch: MAIN
Changes since 1.88: +18 -289
lines
Diff to previous 1.88 (unified)
Remove in-kernel handling of Router Advertisements This is much better handled by a user-land tool. Proposed on tech-net here: https://mail-index.netbsd.org/tech-net/2020/04/22/msg007766.html Note that the ioctl SIOCGIFINFO_IN6 no longer sets flags. That now needs to be done using the pre-existing SIOCSIFINFO_FLAGS ioctl. Compat is fully provided where it makes sense, but trying to turn on RA handling will obviously throw an error as it no longer exists. Note that if you use IPv6 temporary addresses, this now needs to be turned on in dhcpcd.conf(5) rather than in sysctl.conf(5).
Revision 1.88 / (download) - annotate - [select for diffs], Wed Sep 25 09:52:32 2019 UTC (4 years, 6 months ago) by ozaki-r
Branch: MAIN
CVS Tags: phil-wifi-20200421,
phil-wifi-20200411,
phil-wifi-20200406,
phil-wifi-20191119,
is-mlppp-base,
is-mlppp,
bouyer-xenpvh-base2,
bouyer-xenpvh-base1,
bouyer-xenpvh-base,
bouyer-xenpvh,
ad-namecache-base3,
ad-namecache-base2,
ad-namecache-base1,
ad-namecache-base,
ad-namecache
Changes since 1.87: +2 -1
lines
Diff to previous 1.87 (unified)
Initialize DAD components properly The original code initialized each component in non-init functions such as arp_dad_start and nd6_dad_find, conditionally based on a global flag for each. However, it was racy because the flag and the code around it were not protected by a lock and could cause a kernel panic at worst. Fix the issue by initializing the components in bootup as usual.
Revision 1.87 / (download) - annotate - [select for diffs], Sun Sep 1 19:26:21 2019 UTC (4 years, 7 months ago) by roy
Branch: MAIN
Changes since 1.86: +2 -9
lines
Diff to previous 1.86 (unified)
inet6: Re-introduce ND6_LLINFO_WAITDELETE so we can return EHOSTDOWN Once we've sent nd6_mmaxtries NS messages, send RTM_MISS and move to the ND6_LLINFO_WAITDELETE state rather than freeing the llentry right away. Wait for a probe cycle and then free the llentry. If a connection attempts to re-use the llentry during ND6_LLINFO_WAITDELETE, return EHOSTDOWN (or EHOSTUNREACH if a gateway) to match inet behaviour. Continue to ND6_LLINFO_INCOMPLETE and send another NS probe in hope of a reply. Rinse and repeat. This reverts part of nd6.c r1.14 - an 18 year old commit!
Revision 1.86 / (download) - annotate - [select for diffs], Tue Mar 6 10:57:00 2018 UTC (6 years, 1 month ago) by roy
Branch: MAIN
CVS Tags: phil-wifi-base,
phil-wifi-20190609,
pgoyette-compat-20190127,
pgoyette-compat-20190118,
pgoyette-compat-1226,
pgoyette-compat-1126,
pgoyette-compat-1020,
pgoyette-compat-0930,
pgoyette-compat-0906,
pgoyette-compat-0728,
pgoyette-compat-0625,
pgoyette-compat-0521,
pgoyette-compat-0502,
pgoyette-compat-0422,
pgoyette-compat-0415,
pgoyette-compat-0407,
pgoyette-compat-0330,
pgoyette-compat-0322,
pgoyette-compat-0315,
netbsd-9-base,
isaki-audio2-base,
isaki-audio2
Branch point for: phil-wifi,
netbsd-9
Changes since 1.85: +14 -3
lines
Diff to previous 1.85 (unified)
nd6: add a nonce to DaD probes in-case they are looped back to us This implements RFC 7527, based a similar change in FreeBSD.
Revision 1.85 / (download) - annotate - [select for diffs], Thu Jun 22 09:24:02 2017 UTC (6 years, 9 months ago) by ozaki-r
Branch: MAIN
CVS Tags: tls-maxphys-base-20171202,
pgoyette-compat-base,
perseant-stdc-iso10646-base,
perseant-stdc-iso10646,
nick-nhusb-base-20170825
Branch point for: pgoyette-compat
Changes since 1.84: +1 -2
lines
Diff to previous 1.84 (unified)
Remove unused function (nd6_rem_ifa_lle)
Revision 1.84 / (download) - annotate - [select for diffs], Wed Jun 21 09:05:31 2017 UTC (6 years, 9 months ago) by ozaki-r
Branch: MAIN
Changes since 1.83: +1 -2
lines
Diff to previous 1.83 (unified)
Don't create a permanent L2 cache entry on adding an address to an interface It was created to copy FreeBSD, however actually the cache isn't necessary. Remove it to simplify the code and reduce the cost to maintain it (e.g., keep a consistency with a corresponding local route).
Revision 1.83 / (download) - annotate - [select for diffs], Wed Feb 22 03:02:55 2017 UTC (7 years, 1 month ago) by ozaki-r
Branch: MAIN
CVS Tags: prg-localcount2-base3,
prg-localcount2-base2,
prg-localcount2-base1,
prg-localcount2-base,
prg-localcount2,
pgoyette-localcount-20170426,
pgoyette-localcount-20170320,
netbsd-8-base,
jdolecek-ncq-base,
jdolecek-ncq,
bouyer-socketcan-base1
Branch point for: netbsd-8
Changes since 1.82: +2 -1
lines
Diff to previous 1.82 (unified)
Fix prefix invalidation via nd6_timer We cannot remove a prefix there. Instead just invalidate it; the prefix will be removed when purging an associated address. This is the same as the original behavior.
Revision 1.82 / (download) - annotate - [select for diffs], Tue Feb 14 03:05:06 2017 UTC (7 years, 2 months ago) by ozaki-r
Branch: MAIN
Changes since 1.81: +3 -7
lines
Diff to previous 1.81 (unified)
Do ND in L2_output in the same manner as arpresolve The benefits of this change are: - The flow is consistent with IPv4 (and FreeBSD and OpenBSD) - old: ip6_output => nd6_output (do ND if needed) => L2_output (lookup a stored cache) - new: ip6_output => L2_output (lookup a cache. Do ND if cache not found) - We can remove some workarounds in nd6_output - We can move L2 specific operations to their own place - The performance slightly improves because one cache lookup is reduced
Revision 1.81 / (download) - annotate - [select for diffs], Mon Dec 19 07:51:34 2016 UTC (7 years, 3 months ago) by ozaki-r
Branch: MAIN
CVS Tags: pgoyette-localcount-20170107,
nick-nhusb-base-20170204,
bouyer-socketcan-base
Branch point for: bouyer-socketcan
Changes since 1.80: +10 -1
lines
Diff to previous 1.80 (unified)
Protect IPv6 default router and prefix lists with coarse-grained rwlock in6_purgeaddr (in6_unlink_ifa) itself unrefernces a prefix entry and calls nd6_prelist_remove if the counter becomes 0, so callers doesn't need to handle the reference counting. Performance-sensitive paths (sending/forwarding packets) call just one reader lock. This is a trade-off between performance impact vs. the amount of efforts; if we want to remove the reader lock, we need huge amount of works including destroying objects with psz/psref in softint, for example.
Revision 1.80 / (download) - annotate - [select for diffs], Mon Dec 19 03:32:54 2016 UTC (7 years, 3 months ago) by ozaki-r
Branch: MAIN
Changes since 1.79: +2 -1
lines
Diff to previous 1.79 (unified)
Get rid of extra nd6_purge from in6_ifdetach There were two nd6_purge in in6_ifdetach for some reason, but at least now We don't need extra nd6_purge. Remove it and instead add assertions that check if surely purged.
Revision 1.79 / (download) - annotate - [select for diffs], Wed Dec 14 04:05:11 2016 UTC (7 years, 4 months ago) by ozaki-r
Branch: MAIN
Changes since 1.78: +1 -3
lines
Diff to previous 1.78 (unified)
Make functions static
Revision 1.78 / (download) - annotate - [select for diffs], Mon Dec 12 03:14:01 2016 UTC (7 years, 4 months ago) by ozaki-r
Branch: MAIN
Changes since 1.77: +10 -1
lines
Diff to previous 1.77 (unified)
Introduce macros for the prefix list No functional change.
Revision 1.77 / (download) - annotate - [select for diffs], Mon Dec 12 03:13:14 2016 UTC (7 years, 4 months ago) by ozaki-r
Branch: MAIN
Changes since 1.76: +20 -1
lines
Diff to previous 1.76 (unified)
Introduce macros for the default router list No functional change.
Revision 1.76 / (download) - annotate - [select for diffs], Sun Dec 11 07:38:50 2016 UTC (7 years, 4 months ago) by ozaki-r
Branch: MAIN
Changes since 1.75: +8 -8
lines
Diff to previous 1.75 (unified)
Add nd6_ prefix to exported functions
Revision 1.75 / (download) - annotate - [select for diffs], Sun Dec 11 07:37:53 2016 UTC (7 years, 4 months ago) by ozaki-r
Branch: MAIN
Changes since 1.74: +1 -3
lines
Diff to previous 1.74 (unified)
Move default interface things from nd6_rtr.c to nd6.c
Revision 1.74 / (download) - annotate - [select for diffs], Sun Dec 11 07:36:55 2016 UTC (7 years, 4 months ago) by ozaki-r
Branch: MAIN
Changes since 1.73: +1 -7
lines
Diff to previous 1.73 (unified)
Make some functions static
Revision 1.73 / (download) - annotate - [select for diffs], Sun Dec 11 07:36:20 2016 UTC (7 years, 4 months ago) by ozaki-r
Branch: MAIN
Changes since 1.72: +1 -3
lines
Diff to previous 1.72 (unified)
Remove function declarations that have no actual definition
Revision 1.72 / (download) - annotate - [select for diffs], Mon Apr 4 07:37:07 2016 UTC (8 years ago) by ozaki-r
Branch: MAIN
CVS Tags: pgoyette-localcount-base,
pgoyette-localcount-20161104,
pgoyette-localcount-20160806,
pgoyette-localcount-20160726,
nick-nhusb-base-20161204,
nick-nhusb-base-20161004,
nick-nhusb-base-20160907,
nick-nhusb-base-20160529,
nick-nhusb-base-20160422,
localcount-20160914
Branch point for: pgoyette-localcount
Changes since 1.71: +6 -5
lines
Diff to previous 1.71 (unified)
Separate nexthop caches from the routing table
By this change, nexthop caches (IP-MAC address pair) are not stored
in the routing table anymore. Instead nexthop caches are stored in
each network interface; we already have lltable/llentry data structure
for this purpose. This change also obsoletes the concept of cloning/cloned
routes. Cloned routes no longer exist while cloning routes still exist
with renamed to connected routes.
Noticeable changes are:
- Nexthop caches aren't listed in route show/netstat -r
- sysctl(NET_RT_DUMP) doesn't return them
- If RTF_LLDATA is specified, it returns nexthop caches
- Several definitions of routing flags and messages are removed
- RTF_CLONING, RTF_XRESOLVE, RTF_LLINFO, RTF_CLONED and RTM_RESOLVE
- RTF_CONNECTED is added
- It has the same value of RTF_CLONING for backward compatibility
- route's -xresolve, -[no]cloned and -llinfo options are removed
- -[no]cloning remains because it seems there are users
- -[no]connected is introduced and recommended
to be used instead of -[no]cloning
- route show/netstat -r drops some flags
- 'L' and 'c' are not seen anymore
- 'C' now indicates a connected route
- Gateway value of a route of an interface address is now not
a L2 address but "link#N" like a connected (cloning) route
- Proxy ARP: "arp -s ... pub" doesn't create a route
You can know details of behavior changes by seeing diffs under tests/.
Proposed on tech-net and tech-kern:
http://mail-index.netbsd.org/tech-net/2016/03/11/msg005701.html
Revision 1.71 / (download) - annotate - [select for diffs], Fri Apr 1 08:12:00 2016 UTC (8 years ago) by ozaki-r
Branch: MAIN
Changes since 1.70: +3 -2
lines
Diff to previous 1.70 (unified)
Refine nd6log Add __func__ to nd6log itself instead of adding it to callers.
Revision 1.70 / (download) - annotate - [select for diffs], Fri Apr 1 05:11:38 2016 UTC (8 years ago) by ozaki-r
Branch: MAIN
Changes since 1.69: +1 -4
lines
Diff to previous 1.69 (unified)
Tidy up nd6_timer initialization
Revision 1.69 / (download) - annotate - [select for diffs], Mon Dec 7 06:19:13 2015 UTC (8 years, 4 months ago) by ozaki-r
Branch: MAIN
CVS Tags: nick-nhusb-base-20160319,
nick-nhusb-base-20151226
Changes since 1.68: +3 -3
lines
Diff to previous 1.68 (unified)
CID 1341546: Fix integer handling issue (CONSTANT_EXPRESSION_RESULT) n > INT_MAX where n is a long integer variable never be true on 32bit architectures. Use time_t(int64_t) instead of long for the variable.
Revision 1.68 / (download) - annotate - [select for diffs], Wed Nov 25 06:21:26 2015 UTC (8 years, 4 months ago) by ozaki-r
Branch: MAIN
Changes since 1.67: +6 -19
lines
Diff to previous 1.67 (unified)
Use lltable/llentry for NDP lltable and llentry were introduced to replace ARP cache data structure for further restructuring of the routing table: L2 nexthop cache separation. This change replaces the NDP cache data structure (llinfo_nd6) with them as well as ARP. One noticeable change is for neighbor cache GC mechanism that was introduced to prevent IPv6 DoS attacks. net.inet6.ip6.neighborgcthresh was the max number of caches that we store in the system. After introducing lltable/llentry, the value is changed to be per-interface basis because lltable/llentry stores neighbor caches in each interface separately. And the change brings one degradation; the old GC mechanism dropped exceeded packets based on LRU while the new implementation drops packets in order from the beginning of lltable (a hash table + linked lists). It would be improved in the future. Added functions in in6.c come from FreeBSD (as of r286629) and are tweaked for NetBSD. Proposed on tech-kern and tech-net.
Revision 1.67 / (download) - annotate - [select for diffs], Wed Nov 18 05:16:22 2015 UTC (8 years, 4 months ago) by ozaki-r
Branch: MAIN
Changes since 1.66: +2 -2
lines
Diff to previous 1.66 (unified)
Stop passing llinfo_nd6 to nd6_ns_output This is a restructuring for coming changes to nd6 (replacing llinfo_nd6 with llentry). Once we have a lock of llinfo_nd6, we need to pass it to nd6_ns_output with holding the lock. However, in a function subsequent to nd6_ns_output, the llinfo_nd6 may be looked up, i.e., its lock would be acquired again. To avoid such a situation, pass only required data (in6_addr) to nd6_ns_output instead of passing whole llinfo_nd6. Inspired by FreeBSD
Revision 1.66 / (download) - annotate - [select for diffs], Fri Jul 17 02:21:08 2015 UTC (8 years, 9 months ago) by ozaki-r
Branch: MAIN
CVS Tags: nick-nhusb-base-20150921
Changes since 1.65: +2 -2
lines
Diff to previous 1.65 (unified)
Reform use of rt_refcnt rt_refcnt of rtentry was used in bad manners, for example, direct rt_refcnt++ and rt_refcnt-- outside route.c, "rt->rt_refcnt++; rtfree(rt);" idiom, and touching rt after rt->rt_refcnt--. These abuses seem to be needed because rt_refcnt manages only references between rtentry and doesn't take care of references during packet processing (IOW references from local variables). In order to reduce the above abuses, the latter cases should be counted by rt_refcnt as well as the former cases. This change improves consistency of use of rt_refcnt: - rtentry is always accessed with rt_refcnt incremented - rtentry's rt_refcnt is decremented after use (rtfree is always used instead of rt_refcnt--) - functions returning rtentry increment its rt_refcnt (and caller rtfree it) Note that rt_refcnt prevents rtentry from being freed but doesn't prevent rtentry from being updated. Toward MP-safe, we need to provide another protection for rtentry, e.g., locks. (Or introduce a better data structure allowing concurrent readers during updates.)
Revision 1.65 / (download) - annotate - [select for diffs], Wed Jul 15 09:20:18 2015 UTC (8 years, 9 months ago) by ozaki-r
Branch: MAIN
Changes since 1.64: +2 -2
lines
Diff to previous 1.64 (unified)
Remove unused arguments and the associated code from nd6_nud_hint() from OpenBSD
Revision 1.64 / (download) - annotate - [select for diffs], Wed Feb 25 12:45:34 2015 UTC (9 years, 1 month ago) by roy
Branch: MAIN
CVS Tags: nick-nhusb-base-20150606,
nick-nhusb-base-20150406
Changes since 1.63: +1 -2
lines
Diff to previous 1.63 (unified)
Rename nd6_rtmsg() to rt_newmsg() and move into the generic routing code as it's not IPv6 specific and will be used elsewhere.
Revision 1.63 / (download) - annotate - [select for diffs], Wed Feb 25 00:26:58 2015 UTC (9 years, 1 month ago) by roy
Branch: MAIN
Changes since 1.62: +1 -2
lines
Diff to previous 1.62 (unified)
Retire nd6_newaddrmsg and use rt_newaddrmsg directly instead so that we don't spam route changes when the route hasn't changed.
Revision 1.62 / (download) - annotate - [select for diffs], Mon Feb 23 19:15:59 2015 UTC (9 years, 1 month ago) by martin
Branch: MAIN
Changes since 1.61: +4 -4
lines
Diff to previous 1.61 (unified)
Rearange interface detachement slightly: before we free the INET6 specific per-interface data, make sure to call nd6_purge() with it to remove routing entries pointing to the going interface. When we should happen to call this function again later, with the data already gone, just return. Fixes PR kern/49682, ok: christos.
Revision 1.61 / (download) - annotate - [select for diffs], Tue Dec 16 11:42:27 2014 UTC (9 years, 4 months ago) by roy
Branch: MAIN
Changes since 1.60: +2 -1
lines
Diff to previous 1.60 (unified)
Report route additions/changes/deletions for cached neighbours to userland.
Revision 1.60 / (download) - annotate - [select for diffs], Fri Sep 5 06:08:15 2014 UTC (9 years, 7 months ago) by matt
Branch: MAIN
CVS Tags: nick-nhusb-base
Branch point for: nick-nhusb
Changes since 1.59: +12 -7
lines
Diff to previous 1.59 (unified)
Don't use C++ keyword as variable. Use different prefix for nd6_prefixctl members than for nd6_prefix members.
Revision 1.59 / (download) - annotate - [select for diffs], Thu Jun 5 16:06:49 2014 UTC (9 years, 10 months ago) by roy
Branch: MAIN
CVS Tags: tls-maxphys-base,
tls-earlyentropy-base,
netbsd-7-base
Branch point for: netbsd-7
Changes since 1.58: +2 -1
lines
Diff to previous 1.58 (unified)
Add IPV6CTL_AUTO_LINKLOCAL and ND6_IFF_AUTO_LINKLOCAL toggles which control the automatic creation of IPv6 link-local addresses when an interface is brought up. Taken from FreeBSD.
Revision 1.58 / (download) - annotate - [select for diffs], Tue May 21 08:37:27 2013 UTC (10 years, 10 months ago) by roy
Branch: MAIN
CVS Tags: yamt-pagecache-base9,
rmind-smpnet-nbase,
rmind-smpnet-base,
rmind-smpnet,
riastradh-xf86-video-intel-2-7-1-pre-2-21-15,
riastradh-drm2-base3,
riastradh-drm2-base2,
riastradh-drm2-base1,
riastradh-drm2-base,
riastradh-drm2
Branch point for: tls-earlyentropy
Changes since 1.57: +2 -1
lines
Diff to previous 1.57 (unified)
For IPv6, emit RTM_NEWADDR once DAD completes and also when address flag changes. Tentative addresses are not emitted. Version bumped so userland can detect this behaviour change.
Revision 1.57 / (download) - annotate - [select for diffs], Sat Jun 23 03:14:04 2012 UTC (11 years, 9 months ago) by christos
Branch: MAIN
CVS Tags: yamt-pagecache-base8,
yamt-pagecache-base7,
yamt-pagecache-base6,
khorben-n900,
agc-symver-base,
agc-symver
Branch point for: tls-maxphys
Changes since 1.56: +4 -1
lines
Diff to previous 1.56 (unified)
4 new sysctls to avoid ipv6 DoS attacks from OpenBSD
Revision 1.56 / (download) - annotate - [select for diffs], Sat Nov 19 22:51:29 2011 UTC (12 years, 4 months ago) by tls
Branch: MAIN
CVS Tags: yamt-pagecache-base5,
yamt-pagecache-base4,
netbsd-6-base,
netbsd-6-1-RELEASE,
netbsd-6-1-RC4,
netbsd-6-1-RC3,
netbsd-6-1-RC2,
netbsd-6-1-RC1,
netbsd-6-0-RELEASE,
netbsd-6-0-RC2,
netbsd-6-0-RC1,
netbsd-6-0-2-RELEASE,
netbsd-6-0-1-RELEASE,
matt-nb6-plus-nbase,
matt-nb6-plus-base,
matt-nb6-plus,
jmcneill-usbmp-pre-base2,
jmcneill-usbmp-base9,
jmcneill-usbmp-base8,
jmcneill-usbmp-base7,
jmcneill-usbmp-base6,
jmcneill-usbmp-base5,
jmcneill-usbmp-base4,
jmcneill-usbmp-base3,
jmcneill-usbmp-base2,
jmcneill-usbmp-base10,
jmcneill-usbmp-base,
jmcneill-usbmp
Branch point for: netbsd-6-1,
netbsd-6-0,
netbsd-6
Changes since 1.55: +2 -2
lines
Diff to previous 1.55 (unified)
First step of random number subsystem rework described in <20111022023242.BA26F14A158@mail.netbsd.org>. This change includes the following: An initial cleanup and minor reorganization of the entropy pool code in sys/dev/rnd.c and sys/dev/rndpool.c. Several bugs are fixed. Some effort is made to accumulate entropy more quickly at boot time. A generic interface, "rndsink", is added, for stream generators to request that they be re-keyed with good quality entropy from the pool as soon as it is available. The arc4random()/arc4randbytes() implementation in libkern is adjusted to use the rndsink interface for rekeying, which helps address the problem of low-quality keys at boot time. An implementation of the FIPS 140-2 statistical tests for random number generator quality is provided (libkern/rngtest.c). This is based on Greg Rose's implementation from Qualcomm. A new random stream generator, nist_ctr_drbg, is provided. It is based on an implementation of the NIST SP800-90 CTR_DRBG by Henric Jungheim. This generator users AES in a modified counter mode to generate a backtracking-resistant random stream. An abstraction layer, "cprng", is provided for in-kernel consumers of randomness. The arc4random/arc4randbytes API is deprecated for in-kernel use. It is replaced by "cprng_strong". The current cprng_fast implementation wraps the existing arc4random implementation. The current cprng_strong implementation wraps the new CTR_DRBG implementation. Both interfaces are rekeyed from the entropy pool automatically at intervals justifiable from best current cryptographic practice. In some quick tests, cprng_fast() is about the same speed as the old arc4randbytes(), and cprng_strong() is about 20% faster than rnd_extract_data(). Performance is expected to improve. The AES code in src/crypto/rijndael is no longer an optional kernel component, as it is required by cprng_strong, which is not an optional kernel component. The entropy pool output is subjected to the rngtest tests at startup time; if it fails, the system will reboot. There is approximately a 3/10000 chance of a false positive from these tests. Entropy pool _input_ from hardware random numbers is subjected to the rngtest tests at attach time, as well as the FIPS continuous-output test, to detect bad or stuck hardware RNGs; if any are detected, they are detached, but the system continues to run. A problem with rndctl(8) is fixed -- datastructures with pointers in arrays are no longer passed to userspace (this was not a security problem, but rather a major issue for compat32). A new kernel will require a new rndctl. The sysctl kern.arandom() and kern.urandom() nodes are hooked up to the new generators, but the /dev/*random pseudodevices are not, yet. Manual pages for the new kernel interfaces are forthcoming.
Revision 1.55 / (download) - annotate - [select for diffs], Fri Nov 11 15:09:33 2011 UTC (12 years, 5 months ago) by gdt
Branch: MAIN
CVS Tags: jmcneill-audiomp3-base,
jmcneill-audiomp3
Changes since 1.54: +1 -6
lines
Diff to previous 1.54 (unified)
Move RTF_ANNOUNCE flag so that it no longer conflicts with RTF_PROTO2. RTF_ANNOUNCE was defined as RTF_PROTO2. The flag is used to indicated that host should act as a proxy for a link level arp or ndp request. (If RTF_PROTO2 is used as an experimental flag (as advertised), various problems can occur.) This commit provides a first-class definition with its own bit for RTF_ANNOUNCE, removes the old aliasing definitions, and adds support for the new RTF_ANNOUNCE flag to netstat(8) and route(8)., Also, remove unused RTF_ flags that collide with RTF_PROTO1: netinet/icmp6.h defined RTF_PROBEMTU as RTF_PROTO1 netinet/if_inarp.h defined RTF_USETRAILERS as RTF_PROTO1 (Neither of these flags are used anywhere. Both have been removed to reduce chances of collision with RTF_PROTO1.) Figuring this out and the diff are the work of Beverly Schwartz of BBN. (Passed release build, boot in VM, with no apparently related atf failures.) Approved for Public Release, Distribution Unlimited This material is based upon work supported by the Defense Advanced Research Projects Agency and Space and Naval Warfare Systems Center, Pacific, under Contract No. N66001-09-C-2073.
Revision 1.54 / (download) - annotate - [select for diffs], Tue May 24 18:07:11 2011 UTC (12 years, 10 months ago) by spz
Branch: MAIN
CVS Tags: yamt-pagecache-base3,
yamt-pagecache-base2,
yamt-pagecache-base,
rmind-uvmplock-nbase,
rmind-uvmplock-base,
cherry-xenmp-base,
cherry-xenmp
Branch point for: yamt-pagecache
Changes since 1.53: +2 -1
lines
Diff to previous 1.53 (unified)
RA flood mitigation via a limit on accepted routes: - introduce a limit for the routes accepted via IPv6 Router Advertisement: a common 2 interface client will have 6, the default limit is 100 and can be adjusted via sysctl - report the current number of routes installed via RA via sysctl - count discarded route additions. Note that one RA message is two routes. This is at present only across all interfaces even though per-interface would be more useful, since the per-interface structure complies to RFC2466 - bump kernel version due to the previous change - adjust netstat to use the new value (with netstat -p icmp6)
Revision 1.53 / (download) - annotate - [select for diffs], Fri Nov 6 20:41:22 2009 UTC (14 years, 5 months ago) by dyoung
Branch: MAIN
CVS Tags: yamt-nfs-mp-base9,
yamt-nfs-mp-base11,
yamt-nfs-mp-base10,
uebayasi-xip-base4,
uebayasi-xip-base3,
uebayasi-xip-base2,
uebayasi-xip-base1,
uebayasi-xip-base,
uebayasi-xip,
matt-premerge-20091211,
matt-mips64-premerge-20101231,
jruoho-x86intr-base,
bouyer-quota2-nbase,
bouyer-quota2-base,
bouyer-quota2
Branch point for: rmind-uvmplock,
jruoho-x86intr
Changes since 1.52: +31 -7
lines
Diff to previous 1.52 (unified)
Fix net.inet6.ip6.accept_rtadv and 'ndp -i <interface> accept_rtadv': Add a flag ND6_IFF_OVERRIDE_RTADV that tells the kernel to override ip6_accept_rtadv (net.inet6.ip6.accept_rtadv) on an interface. Add a routine nd6_accepts_rtadv(ndi) that evaluates both the flags on the interface represented by ndi and ip6_accept_rtadv, and returns 'true' if the given interface should accept Router Advertisements, and 'false' if not. Now, ND6_IFF_ACCEPT_RTADV works as it was historically documented: if it is set, then accept router advertisements iff ip6_accept_rtadv != 0. Otherwise, do not accept router advertisements. If ND6_IFF_OVERRIDE_RTADV is set, then the flag ND6_IFF_ACCEPT_RTADV overrides ip6_accept_rtadv: if ND6_IFF_ACCEPT_RTADV is set, accept; otherwise reject. Ignore ip6_accept_rtadv. If neither ND6_IFF_ACCEPT_RTADV nor ND6_IFF_OVERRIDE_RTADV is set, reject Router Advertisements.
Revision 1.52 / (download) - annotate - [select for diffs], Thu Jan 15 18:20:48 2009 UTC (15 years, 3 months ago) by christos
Branch: MAIN
CVS Tags: yamt-nfs-mp-base8,
yamt-nfs-mp-base7,
yamt-nfs-mp-base6,
yamt-nfs-mp-base5,
yamt-nfs-mp-base4,
yamt-nfs-mp-base3,
nick-hppapmap-base4,
nick-hppapmap-base3,
nick-hppapmap-base2,
nick-hppapmap-base,
mjf-devfs2-base,
jymxensuspend-base,
jym-xensuspend-nbase,
jym-xensuspend-base,
jym-xensuspend
Changes since 1.51: +2 -2
lines
Diff to previous 1.51 (unified)
- switch the lifetime struct to time_t and provide compatibility for the old ioctl.
Revision 1.51 / (download) - annotate - [select for diffs], Fri Oct 24 17:07:33 2008 UTC (15 years, 5 months ago) by dyoung
Branch: MAIN
CVS Tags: netbsd-5-base,
netbsd-5-2-RELEASE,
netbsd-5-2-RC1,
netbsd-5-2-3-RELEASE,
netbsd-5-2-2-RELEASE,
netbsd-5-2-1-RELEASE,
netbsd-5-2,
netbsd-5-1-RELEASE,
netbsd-5-1-RC4,
netbsd-5-1-RC3,
netbsd-5-1-RC2,
netbsd-5-1-RC1,
netbsd-5-1-5-RELEASE,
netbsd-5-1-4-RELEASE,
netbsd-5-1-3-RELEASE,
netbsd-5-1-2-RELEASE,
netbsd-5-1-1-RELEASE,
netbsd-5-1,
netbsd-5-0-RELEASE,
netbsd-5-0-RC4,
netbsd-5-0-RC3,
netbsd-5-0-RC2,
netbsd-5-0-RC1,
netbsd-5-0-2-RELEASE,
netbsd-5-0-1-RELEASE,
netbsd-5-0,
netbsd-5,
matt-nb5-pq3-base,
matt-nb5-pq3,
matt-nb5-mips64-u2-k2-k4-k7-k8-k9,
matt-nb5-mips64-u1-k1-k5,
matt-nb5-mips64-premerge-20101231,
matt-nb5-mips64-premerge-20091211,
matt-nb5-mips64-k15,
matt-nb5-mips64,
matt-nb4-mips64-k7-u2a-k9b,
matt-mips64-base2,
haad-nbase2,
haad-dm-base2,
haad-dm-base,
ad-audiomp2-base,
ad-audiomp2
Branch point for: nick-hppapmap
Changes since 1.50: +2 -2
lines
Diff to previous 1.50 (unified)
Constify the rt_addrinfo argument to the ifa_rtrequest member function of struct ifaddr.
Revision 1.50 / (download) - annotate - [select for diffs], Thu Aug 30 02:17:38 2007 UTC (16 years, 7 months ago) by dyoung
Branch: MAIN
CVS Tags: yamt-x86pmap-base4,
yamt-x86pmap-base3,
yamt-x86pmap-base2,
yamt-x86pmap-base,
yamt-x86pmap,
yamt-pf42-baseX,
yamt-pf42-base4,
yamt-pf42-base3,
yamt-pf42-base2,
yamt-pf42-base,
yamt-pf42,
yamt-nfs-mp-base2,
yamt-nfs-mp-base,
yamt-lazymbuf-base15,
yamt-lazymbuf-base14,
yamt-kmem-base3,
yamt-kmem-base2,
yamt-kmem-base,
yamt-kmem,
wrstuden-revivesa-base-4,
wrstuden-revivesa-base-3,
wrstuden-revivesa-base-2,
wrstuden-revivesa-base-1,
wrstuden-revivesa-base,
wrstuden-revivesa,
vmlocking2-base3,
vmlocking2-base2,
vmlocking2-base1,
vmlocking2,
vmlocking-nbase,
vmlocking-base,
simonb-wapbl-nbase,
simonb-wapbl-base,
simonb-wapbl,
reinoud-bufcleanup-nbase,
reinoud-bufcleanup-base,
nick-net80211-sync-base,
nick-net80211-sync,
nick-csl-alignment-base5,
mjf-devfs-base,
mjf-devfs,
matt-armv6-nbase,
matt-armv6-base,
keiichi-mipv6-nbase,
keiichi-mipv6-base,
jmcneill-pm-base,
jmcneill-base,
hpcarm-cleanup-nbase,
hpcarm-cleanup-base,
haad-dm-base1,
cube-autoconf-base,
cube-autoconf,
bouyer-xeni386-nbase,
bouyer-xeni386-merge1,
bouyer-xeni386-base,
bouyer-xeni386,
bouyer-xenamd64-base2,
bouyer-xenamd64-base,
bouyer-xenamd64,
ad-socklock-base1
Branch point for: yamt-nfs-mp,
mjf-devfs2,
keiichi-mipv6,
haad-dm
Changes since 1.49: +2 -2
lines
Diff to previous 1.49 (unified)
Use malloc(9) for sockaddrs instead of pool(9), and remove dom_sa_pool and dom_sa_len members from struct domain. Pools of fixed-size objects are too rigid for sockaddr_dls, whose size can vary over a wide range. Return sockaddr_dl to its "historical" size. Now that I'm using malloc(9) instead of pool(9) to allocate sockaddr_dl, I can create a sockaddr_dl of any size in the kernel, so expanding sockaddr_dl is useless. Avoid using sizeof(struct sockaddr_dl) in the kernel. Introduce sockaddr_dl_alloc() for allocating & initializing an arbitrary sockaddr_dl on the heap. Add an argument, the sockaddr length, to sockaddr_alloc(), sockaddr_copy(), and sockaddr_dl_setaddr(). Constify: LLADDR() -> CLLADDR(). Where the kernel overwrites LLADDR(), use sockaddr_dl_setaddr(), instead. Used properly, sockaddr_dl_setaddr() will not overrun the end of the sockaddr.
Revision 1.49 / (download) - annotate - [select for diffs], Tue Aug 7 04:35:43 2007 UTC (16 years, 8 months ago) by dyoung
Branch: MAIN
CVS Tags: matt-mips64-base
Branch point for: matt-mips64,
matt-armv6
Changes since 1.48: +2 -2
lines
Diff to previous 1.48 (unified)
Avoid writing past the end of the buffer [lldst, lldst + dstsize) in nd6_storelladdr(). Use sockaddr_dl_setaddr(). Constify some sockaddr_dl's. Constify a sockaddr argument to nd6_na_output(). Change SDL() to "standard" satocsdl() or satosdl(). Change SIN6() to satocsin6() or satosin6(). bcmp -> memcmp, bcopy -> memcpy.
Revision 1.48 / (download) - annotate - [select for diffs], Thu Jul 19 20:48:57 2007 UTC (16 years, 9 months ago) by dyoung
Branch: MAIN
CVS Tags: hpcarm-cleanup
Branch point for: jmcneill-pm
Changes since 1.47: +2 -2
lines
Diff to previous 1.47 (unified)
Take steps to hide the radix_node implementation of the forwarding table
from the forwarding table's users:
Introduce rt_walktree() for walking the routing table and
applying a function to each rtentry. Replace most
rn_walktree() calls with it.
Use rt_getkey()/rt_setkey() to get/set a route's destination.
Keep a pointer to the sockaddr key in the rtentry, so that
rtentry users do not have to grovel in the radix_node for
the key.
Add a RTM_GET method to rtrequest. Use that instead of
radix_node lookups in, e.g., carp(4).
Add sys/net/link_proto.c, which supplies sockaddr routines for
link-layer socket addresses (sockaddr_dl).
Cosmetic:
Constify. KNF. Stop open-coding LIST_FOREACH, TAILQ_FOREACH,
et cetera. Use NULL instead of 0 for null pointers. Use
__arraycount(). Reduce gratuitous parenthesization.
Stop using variadic arguments for rip6_output(), it is
unnecessary.
Remove the unnecessary rtentry member rt_genmask and the
code to maintain it, since nothing actually used it.
Make rt_maskedcopy() easier to read by using meaningful variable
names.
Extract a subroutine intern_netmask() for looking up a netmask in
the masks table.
Start converting backslash-ridden IPv6 macros in
sys/netinet6/in6_var.h into inline subroutines that one
can read without special eyeglasses.
One functional change: when the kernel serves an RTM_GET, RTM_LOCK,
or RTM_CHANGE request, it applies the netmask (if supplied) to a
destination before searching for it in the forwarding table.
I have changed sys/netinet/ip_carp.c, carp_setroute(), to remove
the unlawful radix_node knowledge.
Apart from the changes to carp(4), netiso, ATM, and strip(4), I
have run the changes on three nodes in my wireless routing testbed,
which involves IPv4 + IPv6 dynamic routing acrobatics, and it's
working beautifully so far.
Revision 1.47 / (download) - annotate - [select for diffs], Thu May 17 00:53:26 2007 UTC (16 years, 11 months ago) by dyoung
Branch: MAIN
CVS Tags: yamt-idlelwp-base8,
nick-csl-alignment-base,
mjf-ufs-trans-base
Branch point for: nick-csl-alignment
Changes since 1.46: +3 -1
lines
Diff to previous 1.46 (unified)
Fix the memory leak reported in kern/36337. Thanks Matthias Scheler for the heads-up. My fix is based on the following patches from FreeBSD, however, I extracted the code into a subroutine, nd6_llinfo_release_pkts(): http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/nd6.c.diff?r1=1.48.2.18;r2=1.48.2.19 http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/nd6_nbr.c.diff?r1=1.29.2.8;r2=1.29.2.9
Revision 1.46 / (download) - annotate - [select for diffs], Wed May 2 20:40:28 2007 UTC (16 years, 11 months ago) by dyoung
Branch: MAIN
Changes since 1.45: +2 -2
lines
Diff to previous 1.45 (unified)
Eliminate address family-specific route caches (struct route, struct
route_in6, struct route_iso), replacing all caches with a struct
route.
The principle benefit of this change is that all of the protocol
families can benefit from route cache-invalidation, which is
necessary for correct routing. Route-cache invalidation fixes an
ancient PR, kern/3508, at long last; it fixes various other PRs,
also.
Discussions with and ideas from Joerg Sonnenberger influenced this
work tremendously. Of course, all design oversights and bugs are
mine.
DETAILS
1 I added to each address family a pool of sockaddrs. I have
introduced routines for allocating, copying, and duplicating,
and freeing sockaddrs:
struct sockaddr *sockaddr_alloc(sa_family_t af, int flags);
struct sockaddr *sockaddr_copy(struct sockaddr *dst,
const struct sockaddr *src);
struct sockaddr *sockaddr_dup(const struct sockaddr *src, int flags);
void sockaddr_free(struct sockaddr *sa);
sockaddr_alloc() returns either a sockaddr from the pool belonging
to the specified family, or NULL if the pool is exhausted. The
returned sockaddr has the right size for that family; sa_family
and sa_len fields are initialized to the family and sockaddr
length---e.g., sa_family = AF_INET and sa_len = sizeof(struct
sockaddr_in). sockaddr_free() puts the given sockaddr back into
its family's pool.
sockaddr_dup() and sockaddr_copy() work analogously to strdup()
and strcpy(), respectively. sockaddr_copy() KASSERTs that the
family of the destination and source sockaddrs are alike.
The 'flags' argumet for sockaddr_alloc() and sockaddr_dup() is
passed directly to pool_get(9).
2 I added routines for initializing sockaddrs in each address
family, sockaddr_in_init(), sockaddr_in6_init(), sockaddr_iso_init(),
etc. They are fairly self-explanatory.
3 structs route_in6 and route_iso are no more. All protocol families
use struct route. I have changed the route cache, 'struct route',
so that it does not contain storage space for a sockaddr. Instead,
struct route points to a sockaddr coming from the pool the sockaddr
belongs to. I added a new method to struct route, rtcache_setdst(),
for setting the cache destination:
int rtcache_setdst(struct route *, const struct sockaddr *);
rtcache_setdst() returns 0 on success, or ENOMEM if no memory is
available to create the sockaddr storage.
It is now possible for rtcache_getdst() to return NULL if, say,
rtcache_setdst() failed. I check the return value for NULL
everywhere in the kernel.
4 Each routing domain (struct domain) has a list of live route
caches, dom_rtcache. rtflushall(sa_family_t af) looks up the
domain indicated by 'af', walks the domain's list of route caches
and invalidates each one.
Revision 1.45 / (download) - annotate - [select for diffs], Thu Mar 15 23:35:45 2007 UTC (17 years, 1 month ago) by dyoung
Branch: MAIN
CVS Tags: thorpej-atomic-base,
thorpej-atomic
Changes since 1.44: +51 -51
lines
Diff to previous 1.44 (unified)
In nd6_lookup, shorten a staircase. KNF: change return (expr); to return expr; throughout. Fix K&R prototypes and parameter type declarations.
Revision 1.44 / (download) - annotate - [select for diffs], Sun Mar 4 06:03:27 2007 UTC (17 years, 1 month ago) by christos
Branch: MAIN
Branch point for: vmlocking,
reinoud-bufcleanup,
mjf-ufs-trans
Changes since 1.43: +3 -3
lines
Diff to previous 1.43 (unified)
Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.
Revision 1.43 / (download) - annotate - [select for diffs], Sat Feb 17 22:34:15 2007 UTC (17 years, 2 months ago) by dyoung
Branch: MAIN
CVS Tags: ad-audiomp-base,
ad-audiomp
Changes since 1.42: +5 -5
lines
Diff to previous 1.42 (unified)
KNF: de-__P, bzero -> memset, bcmp -> memcmp. Remove extraneous
parentheses in return statements.
Cosmetic: don't open-code TAILQ_FOREACH().
Cosmetic: change types of variables to avoid oodles of casts: in
in6_src.c, avoid casts by changing several route_in6 pointers
to struct route pointers. Remove unnecessary casts to caddr_t
elsewhere.
Pave the way for eliminating address family-specific route caches:
soon, struct route will not embed a sockaddr, but it will hold
a reference to an external sockaddr, instead. We will set the
destination sockaddr using rtcache_setdst(). (I created a stub
for it, but it isn't used anywhere, yet.) rtcache_free() will
free the sockaddr. I have extracted from rtcache_free() a helper
subroutine, rtcache_clear(). rtcache_clear() will "forget" a
cached route, but it will not forget the destination by releasing
the sockaddr. I use rtcache_clear() instead of rtcache_free()
in rtcache_update(), because rtcache_update() is not supposed
to forget the destination.
Constify:
1 Introduce const accessor for route->ro_dst, rtcache_getdst().
2 Constify the 'dst' argument to ifnet->if_output(). This
led me to constify a lot of code called by output routines.
3 Constify the sockaddr argument to protosw->pr_ctlinput. This
led me to constify a lot of code called by ctlinput routines.
4 Introduce const macros for converting from a generic sockaddr
to family-specific sockaddrs, e.g., sockaddr_in: satocsin6,
satocsin, et cetera.
Revision 1.42 / (download) - annotate - [select for diffs], Mon Nov 20 04:34:16 2006 UTC (17 years, 4 months ago) by dyoung
Branch: MAIN
CVS Tags: yamt-splraiseipl-base5,
yamt-splraiseipl-base4,
yamt-splraiseipl-base3,
wrstuden-fixsa-newbase,
wrstuden-fixsa-base-1,
wrstuden-fixsa-base,
wrstuden-fixsa,
post-newlock2-merge,
newlock2-nbase,
newlock2-base,
netbsd-4-base,
netbsd-4-0-RELEASE,
netbsd-4-0-RC5,
netbsd-4-0-RC4,
netbsd-4-0-RC3,
netbsd-4-0-RC2,
netbsd-4-0-RC1,
netbsd-4-0-1-RELEASE,
netbsd-4-0,
netbsd-4,
matt-nb4-arm-base,
matt-nb4-arm
Branch point for: yamt-idlelwp
Changes since 1.41: +1 -4
lines
Diff to previous 1.41 (unified)
Use LIST_/TAILQ_ macros, esp. LIST_FOREACH() and TAILQ_FOREACH().
Use the usual idiom for iterating over a list where we might
_REMOVE() entries,
for (x = TAILQ_FIRST(...); x != NULL; x = nx) {
nx = TAILQ_NEXT(x, ...);
...
}
Revision 1.41 / (download) - annotate - [select for diffs], Sun Mar 5 23:47:08 2006 UTC (18 years, 1 month ago) by rpaulo
Branch: MAIN
CVS Tags: yamt-splraiseipl-base2,
yamt-splraiseipl-base,
yamt-pdpolicy-base9,
yamt-pdpolicy-base8,
yamt-pdpolicy-base7,
yamt-pdpolicy-base6,
yamt-pdpolicy-base5,
yamt-pdpolicy-base4,
yamt-pdpolicy-base3,
yamt-pdpolicy-base2,
simonb-timecounters-base,
rpaulo-netinet-merge-pcb-base,
peter-altq-base,
peter-altq,
gdamore-uart-base,
gdamore-uart,
elad-kernelauth-base,
elad-kernelauth,
chap-midi-nbase,
chap-midi-base,
chap-midi,
abandoned-netbsd-4-base,
abandoned-netbsd-4
Branch point for: yamt-splraiseipl,
newlock2
Changes since 1.40: +31 -8
lines
Diff to previous 1.40 (unified)
NDP-related improvements:
RFC4191
- supports host-side router-preference
RFC3542
- if DAD fails on a interface, disables IPv6 operation on the
interface
- don't advertise MLD report before DAD finishes
Others
- fixes integer overflow for valid and preferred lifetimes
- improves timer granularity for MLD, using callout-timer.
- reflects rtadvd's IPv6 host variable information into kernel
(router only)
- adds a sysctl option to enable/disable pMTUd for multicast
packets
- performs NUD on PPP/GRE interface by default
- Redirect works regardless of ip6_accept_rtadv
- removes RFC1885-related code
From the KAME project via SUZUKI Shinsuke.
Reviewed by core.
Revision 1.40 / (download) - annotate - [select for diffs], Sat Dec 10 23:39:56 2005 UTC (18 years, 4 months ago) by elad
Branch: MAIN
CVS Tags: yamt-uio_vmspace-base5,
yamt-uio_vmspace,
yamt-pdpolicy-base,
ktrace-lwp-base
Branch point for: yamt-pdpolicy,
simonb-timecounters,
rpaulo-netinet-merge-pcb
Changes since 1.39: +2 -2
lines
Diff to previous 1.39 (unified)
Multiple inclusion protection, as suggested by christos@ on tech-kern@ few days ago.
Revision 1.39 / (download) - annotate - [select for diffs], Mon Feb 28 09:27:07 2005 UTC (19 years, 1 month ago) by itojun
Branch: MAIN
CVS Tags: yamt-vop-base3,
yamt-vop-base2,
yamt-vop-base,
yamt-vop,
yamt-readahead-pervnode,
yamt-readahead-perfile,
yamt-readahead-base3,
yamt-readahead-base2,
yamt-readahead-base,
yamt-readahead,
yamt-km-base4,
yamt-km-base3,
thorpej-vnode-attr-base,
thorpej-vnode-attr,
netbsd-3-base,
netbsd-3-1-RELEASE,
netbsd-3-1-RC4,
netbsd-3-1-RC3,
netbsd-3-1-RC2,
netbsd-3-1-RC1,
netbsd-3-1-1-RELEASE,
netbsd-3-1,
netbsd-3-0-RELEASE,
netbsd-3-0-RC6,
netbsd-3-0-RC5,
netbsd-3-0-RC4,
netbsd-3-0-RC3,
netbsd-3-0-RC2,
netbsd-3-0-RC1,
netbsd-3-0-3-RELEASE,
netbsd-3-0-2-RELEASE,
netbsd-3-0-1-RELEASE,
netbsd-3-0,
netbsd-3,
kent-audio2-base
Branch point for: yamt-lazymbuf
Changes since 1.38: +1 -3
lines
Diff to previous 1.38 (unified)
make ip6_getpmtu back to static
Revision 1.38 / (download) - annotate - [select for diffs], Tue Mar 23 18:21:38 2004 UTC (20 years ago) by martti
Branch: MAIN
CVS Tags: yamt-km-base2,
yamt-km-base,
netbsd-2-base,
netbsd-2-1-RELEASE,
netbsd-2-1-RC6,
netbsd-2-1-RC5,
netbsd-2-1-RC4,
netbsd-2-1-RC3,
netbsd-2-1-RC2,
netbsd-2-1-RC1,
netbsd-2-1,
netbsd-2-0-base,
netbsd-2-0-RELEASE,
netbsd-2-0-RC5,
netbsd-2-0-RC4,
netbsd-2-0-RC3,
netbsd-2-0-RC2,
netbsd-2-0-RC1,
netbsd-2-0-3-RELEASE,
netbsd-2-0-2-RELEASE,
netbsd-2-0-1-RELEASE,
netbsd-2-0,
netbsd-2,
kent-audio1-beforemerge,
kent-audio1-base,
kent-audio1
Branch point for: yamt-km,
kent-audio2
Changes since 1.37: +3 -1
lines
Diff to previous 1.37 (unified)
Make ip6_getpmtu() globally visible. This is needed by IPFilter 4.x.
Revision 1.37 / (download) - annotate - [select for diffs], Wed Feb 4 10:31:27 2004 UTC (20 years, 2 months ago) by tron
Branch: MAIN
Changes since 1.36: +1 -3
lines
Diff to previous 1.36 (unified)
Remove outdated prototype for ip6_getpmtu(). The function has a different signature now and is statically declared in "ip6_output.c".
Revision 1.36 / (download) - annotate - [select for diffs], Sat Jan 24 13:02:41 2004 UTC (20 years, 2 months ago) by darrenr
Branch: MAIN
Changes since 1.35: +3 -1
lines
Diff to previous 1.35 (unified)
make ip6_getpmtu() externally visible
Revision 1.35 / (download) - annotate - [select for diffs], Fri Jun 27 08:41:08 2003 UTC (20 years, 9 months ago) by itojun
Branch: MAIN
Branch point for: ktrace-lwp
Changes since 1.34: +6 -7
lines
Diff to previous 1.34 (unified)
split ND6 cache timer management to per-entry. increased accuracy, no O(N) loop. sync w/ kame
Revision 1.34 / (download) - annotate - [select for diffs], Sat Feb 1 06:23:47 2003 UTC (21 years, 2 months ago) by thorpej
Branch: MAIN
Changes since 1.33: +4 -1
lines
Diff to previous 1.33 (unified)
Add extensible malloc types, adapted from FreeBSD. This turns malloc types into a structure, a pointer to which is passed around, instead of an int constant. Allow the limit to be adjusted when the malloc type is defined, or with a function call, as suggested by Jonathan Stone.
Revision 1.33 / (download) - annotate - [select for diffs], Sat Nov 2 07:31:00 2002 UTC (21 years, 5 months ago) by perry
Branch: MAIN
CVS Tags: nathanw_sa_before_merge,
nathanw_sa_base,
gmcgarry_ucred_base,
gmcgarry_ucred,
gmcgarry_ctxsw_base,
gmcgarry_ctxsw,
fvdl_fs64_base
Changes since 1.32: +2 -2
lines
Diff to previous 1.32 (unified)
/*CONTCOND*/ while (0)'ed macros
Revision 1.32 / (download) - annotate - [select for diffs], Sat Jun 8 21:32:55 2002 UTC (21 years, 10 months ago) by itojun
Branch: MAIN
CVS Tags: kqueue-beforemerge,
kqueue-base,
kqueue-aftermerge,
gehenna-devsw-base
Changes since 1.31: +4 -4
lines
Diff to previous 1.31 (unified)
indent cleanup
Revision 1.31 / (download) - annotate - [select for diffs], Sat Jun 8 21:22:34 2002 UTC (21 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.30: +70 -29
lines
Diff to previous 1.30 (unified)
sync with latest KAME in6_ifaddr/prefix/default router manipulation. behavior changes: - two iocts used by ndp(8) are now obsolete (backward compat provided). use sysctl path instead. - lo0 does not get ::1 automatically. it will get ::1 when lo0 comes up.
Revision 1.30 / (download) - annotate - [select for diffs], Fri Jun 7 02:31:04 2002 UTC (21 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.29: +2 -2
lines
Diff to previous 1.29 (unified)
cope with cases when maxmtu == 0 (this shoulnd't happen!)
Revision 1.29 / (download) - annotate - [select for diffs], Wed Jun 5 01:10:54 2002 UTC (21 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.28: +5 -3
lines
Diff to previous 1.28 (unified)
be sure to use L3 MTU, not L2 MTU, when specified in spec (affects FDDI/ARCnet)
Revision 1.28 / (download) - annotate - [select for diffs], Thu May 30 05:06:29 2002 UTC (21 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.27: +2 -2
lines
Diff to previous 1.27 (unified)
improve nd6_setmtu(), to warn too-small MTU on SIOCSIFMTU. sync w/kame
Revision 1.27 / (download) - annotate - [select for diffs], Wed May 29 09:32:01 2002 UTC (21 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.26: +1 -2
lines
Diff to previous 1.26 (unified)
"receivedra" field name is obsolete.
Revision 1.26 / (download) - annotate - [select for diffs], Wed May 29 07:53:42 2002 UTC (21 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.25: +42 -6
lines
Diff to previous 1.25 (unified)
attach nd_ifinfo structure into if_afdata. split IPv6 link MTU (advertised by RA) from real link MTU. sync with kame
Revision 1.25 / (download) - annotate - [select for diffs], Tue May 28 11:26:43 2002 UTC (21 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.24: +2 -2
lines
Diff to previous 1.24 (unified)
use arc4random
Revision 1.24 / (download) - annotate - [select for diffs], Tue Dec 18 03:04:04 2001 UTC (22 years, 4 months ago) by itojun
Branch: MAIN
CVS Tags: newlock-base,
newlock,
netbsd-1-6-base,
netbsd-1-6-RELEASE,
netbsd-1-6-RC3,
netbsd-1-6-RC2,
netbsd-1-6-RC1,
netbsd-1-6-PATCH002-RELEASE,
netbsd-1-6-PATCH002-RC4,
netbsd-1-6-PATCH002-RC3,
netbsd-1-6-PATCH002-RC2,
netbsd-1-6-PATCH002-RC1,
netbsd-1-6-PATCH002,
netbsd-1-6-PATCH001-RELEASE,
netbsd-1-6-PATCH001-RC3,
netbsd-1-6-PATCH001-RC2,
netbsd-1-6-PATCH001-RC1,
netbsd-1-6-PATCH001,
netbsd-1-6,
ifpoll-base,
eeh-devprop-base,
eeh-devprop
Branch point for: gehenna-devsw
Changes since 1.23: +4 -5
lines
Diff to previous 1.23 (unified)
reduce white space/cosmetic diffs w/kame.
Revision 1.23 / (download) - annotate - [select for diffs], Thu Oct 18 07:44:35 2001 UTC (22 years, 6 months ago) by itojun
Branch: MAIN
CVS Tags: thorpej-mips-cache-base,
thorpej-mips-cache
Changes since 1.22: +5 -5
lines
Diff to previous 1.22 (unified)
reduce diffs with kame (mostly cosmetic). move IPV6_CHECKSUM processing to sys/netinet6/raw_ip6.c. constify a couple of places.
Revision 1.22 / (download) - annotate - [select for diffs], Wed Oct 17 10:55:09 2001 UTC (22 years, 6 months ago) by itojun
Branch: MAIN
Changes since 1.21: +2 -2
lines
Diff to previous 1.21 (unified)
do not change neighbor cache state on entry timeout, if the cache entry is for outgoing router. perform on-linkness check before default router (re-)seletion. do not play with interface direct route on nd6_rtrequest. sync a lot of cosmetic changes. sync with kame
Revision 1.21 / (download) - annotate - [select for diffs], Mon Jun 11 01:50:57 2001 UTC (22 years, 10 months ago) by wiz
Branch: MAIN
CVS Tags: thorpej-devvp-base3,
thorpej-devvp-base2,
thorpej-devvp-base,
thorpej-devvp,
pre-chs-ubcperf,
post-chs-ubcperf
Branch point for: kqueue
Changes since 1.20: +2 -2
lines
Diff to previous 1.20 (unified)
Fix various misspellings of compatible/compatibility.
Revision 1.20 / (download) - annotate - [select for diffs], Fri Feb 23 08:02:41 2001 UTC (23 years, 1 month ago) by itojun
Branch: MAIN
CVS Tags: thorpej_scsipi_nbase,
thorpej_scsipi_beforemerge,
thorpej_scsipi_base
Branch point for: nathanw_sa
Changes since 1.19: +2 -1
lines
Diff to previous 1.19 (unified)
garbage-collect stale ND entries (default: 1 day). RFC 2461 5.3. sync with kame.
Revision 1.19 / (download) - annotate - [select for diffs], Fri Feb 23 06:41:50 2001 UTC (23 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.18: +10 -3
lines
Diff to previous 1.18 (unified)
remove unnecessary state, ND6_LLINFO_WAITDELETE, from neighbor cache state machine. no need for RTF_REJECT on neighbor cache entires, they are leftover from ARP code. sync with kame.
Revision 1.18 / (download) - annotate - [select for diffs], Thu Feb 8 12:57:55 2001 UTC (23 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.17: +3 -3
lines
Diff to previous 1.17 (unified)
when chasing nd6_llinfo chain, make sure we do not touch dangling pointer (due to RTM_DELETE during default router list management). from kame
Revision 1.17 / (download) - annotate - [select for diffs], Wed Feb 7 08:59:48 2001 UTC (23 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.16: +6 -2
lines
Diff to previous 1.16 (unified)
during ip6/icmp6 inbound packet processing, do not call log() nor printf() in normal operation (/var can get filled up by flodding bogus packets). sysctl net.inet6.icmp6.nd6_debug will turn on diagnostic messages. (#define ND6_DEBUG will turn it on by default) improve stats in ND6 code. lots of synchronziation with kame (including comments and cometic ones).
Revision 1.16 / (download) - annotate - [select for diffs], Wed Jan 17 04:05:45 2001 UTC (23 years, 3 months ago) by itojun
Branch: MAIN
Changes since 1.15: +3 -3
lines
Diff to previous 1.15 (unified)
pull post-4.4BSD change to sys/net/route.c from BSD/OS 4.2 (UCB copyrighted). have sys/net/route.c:rtrequest1(), which takes rt_addrinfo * as the argument. pass rt_addrinfo all the way down to rtrequest, and ifa->ifa_rtrequest. 3rd arg of ifa->ifa_rtrequest is now rt_addrinfo * instead of sockaddr * (almost noone is using it anyways). benefit: the follwoing command now works. previously we need two route(8) invocations, "add" then "change". # route add -inet6 default ::1 -ifp gif0 remove unsafe typecast in rtrequest(), from rtentry * to sockaddr *. it was introduced by 4.3BSD-reno and never corrected. XXX is eon_rtrequest() change correct regarding to 3rd arg? eon_rtrequest() and rtrequest() were incorrect since 4.3BSD-reno, so i do not have correct answer in the source code. someone with more clue about netiso-over-ip, please help.
Revision 1.15 / (download) - annotate - [select for diffs], Thu Jul 6 12:36:19 2000 UTC (23 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.14: +5 -3
lines
Diff to previous 1.14 (unified)
- do not use bitfield for router renumbering header. - add protection mechanism against ND cache corruption due to bad NUD hints. - more stats - icmp6 pps limitation. TOOD: should implement ppsratecheck(9).
Revision 1.14 / (download) - annotate - [select for diffs], Fri May 19 01:40:19 2000 UTC (23 years, 11 months ago) by itojun
Branch: MAIN
CVS Tags: netbsd-1-5-base,
minoura-xpg4dl-base,
minoura-xpg4dl
Branch point for: netbsd-1-5
Changes since 1.13: +4 -4
lines
Diff to previous 1.13 (unified)
do not mistakingly forward link-local scoped packet (the bug was added with "beyondscope" icmp6 support). "options FAKE_LOOPBACK_IF" will honor scope on loopback outputs. rcvif will be real interface, not the loopback, just like when multicast loopback. (sync with kame)
Revision 1.13 / (download) - annotate - [select for diffs], Tue May 9 11:51:12 2000 UTC (23 years, 11 months ago) by itojun
Branch: MAIN
Changes since 1.12: +3 -3
lines
Diff to previous 1.12 (unified)
do not try NUD unless the gateway is a real neighbor. real fix to KAME PR 245 (workaround has been implemented).
Revision 1.12 / (download) - annotate - [select for diffs], Sun Apr 16 15:28:00 2000 UTC (24 years ago) by itojun
Branch: MAIN
Changes since 1.11: +4 -1
lines
Diff to previous 1.11 (unified)
perform neighbor unreachability detection on p2p links (spec requires it for bidir p2p links). improve -i in ndp(8) to allow tweaking per-interface ND flag on. fix ndp(8) infinite loop on certain routing table setup.
Revision 1.11 / (download) - annotate - [select for diffs], Sun Apr 16 15:00:57 2000 UTC (24 years ago) by itojun
Branch: MAIN
Changes since 1.10: +4 -4
lines
Diff to previous 1.10 (unified)
better sync with latest kame (cosmetic only).
Revision 1.10 / (download) - annotate - [select for diffs], Thu Mar 23 07:03:31 2000 UTC (24 years ago) by thorpej
Branch: MAIN
Changes since 1.9: +4 -1
lines
Diff to previous 1.9 (unified)
New callout mechanism with two major improvements over the old timeout()/untimeout() API: - Clients supply callout handle storage, thus eliminating problems of resource allocation. - Insertion and removal of callouts is constant time, important as this facility is used quite a lot in the kernel. The old timeout()/untimeout() API has been removed from the kernel.
Revision 1.9 / (download) - annotate - [select for diffs], Sat Feb 26 08:39:20 2000 UTC (24 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.8: +9 -3
lines
Diff to previous 1.8 (unified)
bring in recent KAME changes (only important and stable ones, as usual). - remove net.inet6.ip6.nd6_proxyall. introduce proxy NDP code works just like "arp -s". - revise source address selection. be more careful about use of yet-to-be-valid addresses as source. - as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope packet forwarding attempt. - path MTU discovery takes care of routing header properly. - be more strict about mbuf chain parsing.
Revision 1.8 / (download) - annotate - [select for diffs], Fri Feb 4 14:34:28 2000 UTC (24 years, 2 months ago) by itojun
Branch: MAIN
CVS Tags: chs-ubc2-newbase
Changes since 1.7: +2 -1
lines
Diff to previous 1.7 (unified)
avoid calling in6_control(SIOCDIFADDR_IN6) from interrupt context. it is not supposed to work. logging fix: add "\n" to some of log() in in6_prefix.c. improve in6_ifdetach(). now almost all structure depend on ifnet will be cleared up. possible loose ends: - cached route_in6 in static varaiables needs to be cleared as well - there are ifaddr manipulation without reference counting, which should be fixed we still see panics after card removal, though... not sure what is left. (sync with kame)
Revision 1.7 / (download) - annotate - [select for diffs], Thu Jan 6 15:46:10 2000 UTC (24 years, 3 months ago) by itojun
Branch: MAIN
Changes since 1.6: +1 -6
lines
Diff to previous 1.6 (unified)
remove extra portability #ifdef (like #ifdef __FreeBSD__) in KAME IPv6/IPsec code, from netbsd-current repository. #ifdef'ed version is always available from ftp.kame.net. XXX please do not make too many diff-unfriendly changes, we'll need to take bunch of diffs on upgrade...
Revision 1.6 / (download) - annotate - [select for diffs], Mon Dec 13 15:17:23 1999 UTC (24 years, 4 months ago) by itojun
Branch: MAIN
CVS Tags: wrstuden-devbsize-base,
wrstuden-devbsize-19991221
Changes since 1.5: +29 -21
lines
Diff to previous 1.5 (unified)
sync IPv6 part with latest KAME tree. IPsec part is left unmodified due to massive changes in KAME side. - IPv6 output goes through nd6_output - faith can capture IPv4 packets as well - you can run IPv4-to-IPv6 translator using heavily modified DNS servers - per-interface statistics (required for IPv6 MIB) - interface autoconfig is revisited - udp input handling has a big change for mapped address support. - introduce in4_cksum() for non-overwriting checksumming - introduce m_pulldown() - neighbor discovery cleanups/improvements - netinet/in.h strictly conforms to RFC2553 (no extra defs visible to userland) - IFA_STATS is fixed a bit (not tested) - and more more more. TODO: - cleanup os-independency #ifdef - avoid rcvif dual use (for IPsec) to help ifdetach (sorry for jumbo commit, I can't separate this any more...)
Revision 1.5 / (download) - annotate - [select for diffs], Sat Jul 31 18:41:17 1999 UTC (24 years, 8 months ago) by itojun
Branch: MAIN
CVS Tags: fvdl-softdep-base,
fvdl-softdep,
comdex-fall-1999-base,
comdex-fall-1999,
chs-ubc2-base
Branch point for: wrstuden-devbsize,
thorpej_scsipi
Changes since 1.4: +2 -2
lines
Diff to previous 1.4 (unified)
sync with recent KAME. - loosen ipsec restriction on packet diredtion. - revise icmp6 redirect handling on IsRouter bit. - tcp/udp notification processing (link-local address case) - cosmetic fixes (better code share across *BSD).
Revision 1.4 / (download) - annotate - [select for diffs], Tue Jul 6 12:23:22 1999 UTC (24 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.3: +2 -1
lines
Diff to previous 1.3 (unified)
sync with KAME/NetBSD 1.4, SNAP kit 19990705. key changes are: - icmp6 redirect fix (dst check) - revised ip6 multicast check for loopback i/f - several RCS ID cleanups
Revision 1.3 / (download) - annotate - [select for diffs], Sat Jul 3 21:30:19 1999 UTC (24 years, 9 months ago) by thorpej
Branch: MAIN
Changes since 1.2: +2 -0
lines
Diff to previous 1.2 (unified)
RCS ID police.
Revision 1.2 / (download) - annotate - [select for diffs], Thu Jul 1 08:12:57 1999 UTC (24 years, 9 months ago) by itojun
Branch: MAIN
Branch point for: chs-ubc2
Changes since 1.1: +309 -0
lines
Diff to previous 1.1 (unified)
IPv6 kernel code, based on KAME/NetBSD 1.4, SNAP kit 19990628.
(Sorry for a big commit, I can't separate this into several pieces...)
Pls check sys/netinet6/TODO and sys/netinet6/IMPLEMENTATION for details.
- sys/kern: do not assume single mbuf, accept chained mbuf on passing
data from userland to kernel (or other way round).
- "midway" ATM card: ATM PVC pseudo device support, like those done in ALTQ
package (ftp://ftp.csl.sony.co.jp/pub/kjc/).
- sys/netinet/tcp*: IPv4/v6 dual stack tcp support.
- sys/netinet/{ip6,icmp6}.h, sys/net/pfkeyv2.h: IETF document assumes those
file to be there so we patch it up.
- sys/netinet: IPsec additions are here and there.
- sys/netinet6/*: most of IPv6 code sits here.
- sys/netkey: IPsec key management code
- dev/pci/pcidevs: regen
In my understanding no code here is subject to export control so it
should be safe.
Revision 1.1, Mon Jun 28 06:37:07 1999 UTC (24 years, 9 months ago) by itojun
Branch: MAIN
Branch point for: kame
FILE REMOVED
file nd6.h was initially added on branch kame.