The NetBSD Project

CVS log for src/sys/netinet6/nd6_nbr.c

[BACK] Up to [cvs.NetBSD.org] / src / sys / netinet6

Request diff between arbitrary revisions


Default branch: MAIN
Current tag: MAIN


Revision 1.181 / (download) - annotate - [select for diffs], Fri Sep 11 15:03:33 2020 UTC (2 months, 1 week ago) by roy
Branch: MAIN
CVS Tags: thorpej-futex-base, thorpej-futex, HEAD
Changes since 1.180: +18 -21 lines
Diff to previous 1.180 (colored)

inet6: Use generic Neighor Detection rather than IPv6 specific

No functional change intended.

Revision 1.180 / (download) - annotate - [select for diffs], Thu Aug 20 11:01:02 2020 UTC (3 months ago) by roy
Branch: MAIN
Changes since 1.179: +6 -5 lines
Diff to previous 1.179 (colored)

Sprinkle some const

Revision 1.179 / (download) - annotate - [select for diffs], Fri Jun 12 11:04:45 2020 UTC (5 months, 1 week ago) by roy
Branch: MAIN
Changes since 1.178: +2 -43 lines
Diff to previous 1.178 (colored)

Remove in-kernel handling of Router Advertisements

This is much better handled by a user-land tool.
Proposed on tech-net here:
https://mail-index.netbsd.org/tech-net/2020/04/22/msg007766.html

Note that the ioctl SIOCGIFINFO_IN6 no longer sets flags. That now
needs to be done using the pre-existing SIOCSIFINFO_FLAGS ioctl.

Compat is fully provided where it makes sense, but trying to turn on
RA handling will obviously throw an error as it no longer exists.

Note that if you use IPv6 temporary addresses, this now needs to be
turned on in dhcpcd.conf(5) rather than in sysctl.conf(5).

Revision 1.178 / (download) - annotate - [select for diffs], Wed Apr 22 19:32:11 2020 UTC (7 months ago) by roy
Branch: MAIN
CVS Tags: bouyer-xenpvh-base2
Changes since 1.177: +3 -3 lines
Diff to previous 1.177 (colored)

inet6: nd6_na_input() now considers ln_state <= ND6_LLINFO_INCOMPLETE

Otherwise if ln_state != ND6_LLINFO_INCOMPLETE and the is no lladdr
and this message was solicited then ln_state is set to ND6_LLINFO_REACHABLE
which could then cause a panic in nd6_resolve().
If ln_state > ND6_LLINFO_INCOMPLETE then it's assumed we have a lladdr.

Potentially this could have been triggered by the introduction of
ND6_LLINFO_PURGE in nd6.c r1.143 but also by the re-introduction of
ND6_LLINFO_INCOMPLETE in nd6.c r1.263.
Depending on the timing, it's technically possible to receive such
a message after the llentry is created with ND6_LLINFO_NOSTATE.

Revision 1.177 / (download) - annotate - [select for diffs], Mon Mar 9 21:20:56 2020 UTC (8 months, 2 weeks ago) by roy
Branch: MAIN
CVS Tags: phil-wifi-20200421, phil-wifi-20200411, phil-wifi-20200406, bouyer-xenpvh-base1, bouyer-xenpvh-base
Branch point for: bouyer-xenpvh
Changes since 1.176: +3 -3 lines
Diff to previous 1.176 (colored)

route: RTM_MISS now puts the message source address in RTA_AUTHOR

route(8) also reports this.
A userland app could use this to blacklist nodes who probe for machines
that doesn't exist on a subnet / prefix.

Revision 1.176 / (download) - annotate - [select for diffs], Mon Jan 20 18:38:22 2020 UTC (10 months ago) by thorpej
Branch: MAIN
CVS Tags: is-mlppp-base, is-mlppp, ad-namecache-base3, ad-namecache-base2
Changes since 1.175: +2 -4 lines
Diff to previous 1.175 (colored)

Remove FDDI support.

Revision 1.175 / (download) - annotate - [select for diffs], Wed Nov 13 02:51:22 2019 UTC (12 months, 1 week ago) by ozaki-r
Branch: MAIN
CVS Tags: phil-wifi-20191119, ad-namecache-base1, ad-namecache-base
Branch point for: ad-namecache
Changes since 1.174: +7 -9 lines
Diff to previous 1.174 (colored)

Get rid of unnecessary NULL checks for rt_ifa and ifa_ifp

They are always non-NULL nowadays.

Revision 1.174 / (download) - annotate - [select for diffs], Wed Sep 25 09:52:32 2019 UTC (14 months ago) by ozaki-r
Branch: MAIN
Changes since 1.173: +10 -12 lines
Diff to previous 1.173 (colored)

Initialize DAD components properly

The original code initialized each component in non-init functions such as
arp_dad_start and nd6_dad_find, conditionally based on a global flag for each.
However, it was racy because the flag and the code around it were not
protected by a lock and could cause a kernel panic at worst.

Fix the issue by initializing the components in bootup as usual.

Revision 1.173 / (download) - annotate - [select for diffs], Wed Sep 18 08:18:05 2019 UTC (14 months, 1 week ago) by ozaki-r
Branch: MAIN
Changes since 1.172: +2 -3 lines
Diff to previous 1.172 (colored)

nd6: remove extra pserialize_read_exit

Revision 1.172 / (download) - annotate - [select for diffs], Sun Sep 1 18:54:38 2019 UTC (14 months, 3 weeks ago) by roy
Branch: MAIN
Changes since 1.171: +11 -9 lines
Diff to previous 1.171 (colored)

inet6: Send RTM_MISS when we fail to resolve an address.

Takes the same approach as when adding a new address - we no longer
announce the new lladdr right away but we announce the result.
This will either be RTM_ADD or RTM_MISS.
RTM_DELETE is only sent if we have a lladdr assigned OR gc'ed.

This results in less messages via route(4) and tells us when a new
lladdr has been added (RTM_ADD), changed (RTM_CHANGE), deleted (RTM_DELETED)
or has failed to been resolved (RTM_MISS). The latter case can be
interpreted as unreachable.

Revision 1.171 / (download) - annotate - [select for diffs], Fri Aug 30 08:40:25 2019 UTC (14 months, 3 weeks ago) by roy
Branch: MAIN
Changes since 1.170: +2 -21 lines
Diff to previous 1.170 (colored)

inet6: Revert prior

It's not needed, listing to RA is enough as discussed on tech-net.

Revision 1.170 / (download) - annotate - [select for diffs], Thu Aug 29 16:26:43 2019 UTC (14 months, 3 weeks ago) by roy
Branch: MAIN
Changes since 1.169: +24 -6 lines
Diff to previous 1.169 (colored)

Userland really has no business with NA messages.
However, RFC 4861 6.2.5 only says departing routers
*SHOULD* send RA with lifetime of zero and *MUST*
send all subsequent NA messages if the router flag
unset.

To help userland avoid the expensive process of
parsing NA messages, send RTM_CHANGE without a
lladdr in the gateway.
This is different from the intial RTM_ADD also
without a lladdr in the gateway and RTM_DELETE.

Revision 1.169 / (download) - annotate - [select for diffs], Thu Aug 29 14:28:06 2019 UTC (14 months, 3 weeks ago) by roy
Branch: MAIN
Changes since 1.168: +4 -4 lines
Diff to previous 1.168 (colored)

more bool

Revision 1.168 / (download) - annotate - [select for diffs], Thu Aug 29 14:26:55 2019 UTC (14 months, 3 weeks ago) by roy
Branch: MAIN
Changes since 1.167: +8 -8 lines
Diff to previous 1.167 (colored)

inet6: change rt_announce and llchange to bool in nd6_na_input()

Revision 1.167 / (download) - annotate - [select for diffs], Thu Aug 22 21:22:50 2019 UTC (15 months ago) by roy
Branch: MAIN
Changes since 1.166: +9 -7 lines
Diff to previous 1.166 (colored)

nd6: notify userland of neighbour lla updates once more

XXX pullup -8 -9

Revision 1.166 / (download) - annotate - [select for diffs], Mon Apr 29 16:12:30 2019 UTC (18 months, 3 weeks ago) by roy
Branch: MAIN
CVS Tags: phil-wifi-20190609, netbsd-9-base
Branch point for: netbsd-9
Changes since 1.165: +43 -24 lines
Diff to previous 1.165 (colored)

Introduce rt_addrmsg_src which adds RTA_AUTHOR to the message.
Use this when we notify userland of a duplicate address
and set RTA_AUTHOR to the hardware address of the sender.

While here, match the logging diagnostic of INET6 to the simpler one
of INET so it's consistent.

Revision 1.165 / (download) - annotate - [select for diffs], Mon Apr 29 11:57:22 2019 UTC (18 months, 3 weeks ago) by roy
Branch: MAIN
Changes since 1.164: +5 -5 lines
Diff to previous 1.164 (colored)

rtsock: Route address message simplification

Rename rt_newaddrmsg to rt_addrmsg_rt.
Add rt_addrmsg which drops the error and route arguments which are only
needed by one caller.

Revision 1.164 / (download) - annotate - [select for diffs], Sat Dec 22 14:28:57 2018 UTC (23 months ago) by maxv
Branch: MAIN
CVS Tags: pgoyette-compat-20190127, pgoyette-compat-20190118, pgoyette-compat-1226, isaki-audio2-base, isaki-audio2
Changes since 1.163: +4 -4 lines
Diff to previous 1.163 (colored)

Replace M_ALIGN and MH_ALIGN by m_align.

Revision 1.163 / (download) - annotate - [select for diffs], Thu Dec 13 10:27:51 2018 UTC (23 months, 1 week ago) by roy
Branch: MAIN
Changes since 1.162: +20 -10 lines
Diff to previous 1.162 (colored)

inet6: discard any received NA with a LL address we own

This matches ARP behaviour.

Revision 1.162 / (download) - annotate - [select for diffs], Fri Dec 7 14:47:24 2018 UTC (23 months, 2 weeks ago) by roy
Branch: MAIN
Changes since 1.161: +46 -7 lines
Diff to previous 1.161 (colored)

inet6: match NS nonce to any interface

This allows the same address to exist on many interfaces on the same
prefix, matching the inet behaviour.

Revision 1.161 / (download) - annotate - [select for diffs], Tue Dec 4 21:16:54 2018 UTC (23 months, 2 weeks ago) by roy
Branch: MAIN
Changes since 1.160: +3 -5 lines
Diff to previous 1.160 (colored)

inet6: remove needless ifa_release.

Revision 1.160 / (download) - annotate - [select for diffs], Tue Dec 4 21:01:48 2018 UTC (23 months, 2 weeks ago) by roy
Branch: MAIN
Changes since 1.159: +6 -28 lines
Diff to previous 1.159 (colored)

inet6: use one function for nd6_dad_input

Having different ones for NA and NS is a bit wasteful.

Revision 1.159 / (download) - annotate - [select for diffs], Tue Dec 4 20:46:56 2018 UTC (23 months, 2 weeks ago) by roy
Branch: MAIN
Changes since 1.158: +8 -15 lines
Diff to previous 1.158 (colored)

inet6: simplify NA DaD checking

Revision 1.158 / (download) - annotate - [select for diffs], Tue Dec 4 12:23:43 2018 UTC (23 months, 3 weeks ago) by roy
Branch: MAIN
Changes since 1.157: +35 -88 lines
Diff to previous 1.157 (colored)

inet6: remove unused dad ns/na counters

The current DaD code triggers when either an NS or NA is directly
received, so the counters themselves do nothing of use.

Revision 1.157 / (download) - annotate - [select for diffs], Thu Nov 29 09:51:21 2018 UTC (23 months, 3 weeks ago) by ozaki-r
Branch: MAIN
Changes since 1.156: +4 -4 lines
Diff to previous 1.156 (colored)

Introduce and use ip_dad_enabled() and ip6_dad_enabled() functions

Revision 1.156 / (download) - annotate - [select for diffs], Sat May 19 08:22:58 2018 UTC (2 years, 6 months ago) by maxv
Branch: MAIN
CVS Tags: phil-wifi-base, pgoyette-compat-1126, pgoyette-compat-1020, pgoyette-compat-0930, pgoyette-compat-0906, pgoyette-compat-0728, pgoyette-compat-0625, pgoyette-compat-0521
Branch point for: phil-wifi
Changes since 1.155: +3 -4 lines
Diff to previous 1.155 (colored)

Style.

Revision 1.155 / (download) - annotate - [select for diffs], Thu May 17 12:07:48 2018 UTC (2 years, 6 months ago) by maxv
Branch: MAIN
Changes since 1.154: +6 -6 lines
Diff to previous 1.154 (colored)

Fix the KASSERTs. It doesn't matter at all since the packet can't be this
big anyway, and there are many other places that have this kind of typo;
but still fix it, for the sake of closing PR/49834.

Revision 1.154 / (download) - annotate - [select for diffs], Tue May 1 07:21:39 2018 UTC (2 years, 6 months ago) by maxv
Branch: MAIN
CVS Tags: pgoyette-compat-0502
Changes since 1.153: +2 -4 lines
Diff to previous 1.153 (colored)

Remove now unused net_osdep.h includes, the other BSDs did the same.

Revision 1.153 / (download) - annotate - [select for diffs], Mon Mar 19 03:14:08 2018 UTC (2 years, 8 months ago) by ozaki-r
Branch: MAIN
CVS Tags: pgoyette-compat-0422, pgoyette-compat-0415, pgoyette-compat-0407, pgoyette-compat-0330, pgoyette-compat-0322
Changes since 1.152: +7 -5 lines
Diff to previous 1.152 (colored)

Pull out a sleepable function (in6_selectsrc) from a pserialize read section

Revision 1.152 / (download) - annotate - [select for diffs], Thu Mar 8 06:48:23 2018 UTC (2 years, 8 months ago) by ozaki-r
Branch: MAIN
CVS Tags: pgoyette-compat-0315
Changes since 1.151: +51 -33 lines
Diff to previous 1.151 (colored)

Fix a race condition on DAD destructions (again)

The previous fix to DAD timers was wrong; it avoided a use-after-free but
instead introduced a memory leak.  The destruction method had delegated
a destruction of a DAD timer to the timer itself and told that by setting NULL
to dp->dad_ifa.  However, the previous fix made DAD timers do nothing on
the sign.

Fixing the issue with using callout_stop isn't easy.  One approach is to have
a refcount on dp but it introduces extra complexity that we want to avoid.

The new fix falls back to using callout_halt, which was abandoned because of
softnet_lock.  Fortunately now the network stack is protected by KERNEL_LOCK
so we can remove softnet_lock from DAD timers (callout) and use callout_halt
safely.

Revision 1.151 / (download) - annotate - [select for diffs], Wed Mar 7 01:37:24 2018 UTC (2 years, 8 months ago) by ozaki-r
Branch: MAIN
Changes since 1.150: +10 -10 lines
Diff to previous 1.150 (colored)

Avoid passing NULL to nd6_dad_duplicated

Fix PR kern/53075

Revision 1.150 / (download) - annotate - [select for diffs], Tue Mar 6 11:21:31 2018 UTC (2 years, 8 months ago) by martin
Branch: MAIN
Changes since 1.149: +2 -6 lines
Diff to previous 1.149 (colored)

Remove unused variables

Revision 1.149 / (download) - annotate - [select for diffs], Tue Mar 6 10:57:00 2018 UTC (2 years, 8 months ago) by roy
Branch: MAIN
Changes since 1.148: +86 -34 lines
Diff to previous 1.148 (colored)

nd6: add a nonce to DaD probes in-case they are looped back to us

This implements RFC 7527, based a similar change in FreeBSD.

Revision 1.148 / (download) - annotate - [select for diffs], Sat Feb 24 07:53:15 2018 UTC (2 years, 9 months ago) by ozaki-r
Branch: MAIN
CVS Tags: pgoyette-compat-base
Branch point for: pgoyette-compat
Changes since 1.147: +6 -11 lines
Diff to previous 1.147 (colored)

Avoid a race condition of DAD timer destructions

When we see dp->dad_ifa == NULL, it means that the ifa is being deleted and also
the callout is scheduled again by someone.  We shouldn't rely on a result of
callout_pending to know if the callout is scheduled because it returns false if
the subsequent callout handler is already on the fly.

We have to always delegate the destruction of dp to the subsequent handler
unconditionally if dp->dad_ifa == NULL. Otherwise, the first handler destroys
the dp and the second handler tries to handle destroyed dp.

Revision 1.147 / (download) - annotate - [select for diffs], Sat Feb 24 07:40:40 2018 UTC (2 years, 9 months ago) by ozaki-r
Branch: MAIN
Changes since 1.146: +20 -28 lines
Diff to previous 1.146 (colored)

Simplify; pass dp to nd6_dad_duplicated instead of looking it up again in it

Revision 1.146 / (download) - annotate - [select for diffs], Sat Feb 24 07:38:05 2018 UTC (2 years, 9 months ago) by ozaki-r
Branch: MAIN
Changes since 1.145: +3 -4 lines
Diff to previous 1.145 (colored)

Use KASSERT for checking a programming error

Revision 1.145 / (download) - annotate - [select for diffs], Fri Feb 2 10:49:01 2018 UTC (2 years, 9 months ago) by maxv
Branch: MAIN
Changes since 1.144: +3 -4 lines
Diff to previous 1.144 (colored)

Fix memory leak. Contrary to what the XXX indicates, this place is 100%
reachable remotely.

Revision 1.144 / (download) - annotate - [select for diffs], Tue Jan 16 08:13:47 2018 UTC (2 years, 10 months ago) by ozaki-r
Branch: MAIN
Changes since 1.143: +35 -33 lines
Diff to previous 1.143 (colored)

Make DAD destructions (MP-)safe with callout_stop

arp_dad_stoptimer and nd6_dad_stoptimer can be called with or without
softnet_lock held and unfortunately we have no easy way to statically know which.
So it is hard to use callout_halt there.

To address the situation, we use callout_stop to make the code safe. The new
approach copes with the issue by delegating the destruction of a callout to
callout itself, which allows us to not wait the callout to finish. This can be
done thanks to that DAD objects are separated from other data such as ifa.

The approach is suggested by riastradh@
Proposed on tech-kern@ and tech-net@

Revision 1.143 / (download) - annotate - [select for diffs], Tue Jan 16 07:56:55 2018 UTC (2 years, 10 months ago) by ozaki-r
Branch: MAIN
Changes since 1.142: +3 -7 lines
Diff to previous 1.142 (colored)

Revert "Work around softnet_lock handling" as per pgoyette@'s request

We should avoid if (mutex_owned(softnet_lock)).

Revision 1.142 / (download) - annotate - [select for diffs], Wed Jan 10 07:34:31 2018 UTC (2 years, 10 months ago) by ozaki-r
Branch: MAIN
Changes since 1.141: +2 -4 lines
Diff to previous 1.141 (colored)

Get rid of unnecessary ifdef for IFT_IEEE80211

Revision 1.141 / (download) - annotate - [select for diffs], Wed Jan 10 07:11:38 2018 UTC (2 years, 10 months ago) by ozaki-r
Branch: MAIN
Changes since 1.140: +5 -5 lines
Diff to previous 1.140 (colored)

Fix a deadlock on callout_halt of nd6_dad_timer

We must not call callout_halt of nd6_dad_timer with holding nd6_dad_lock because
the lock is taken in nd6_dad_timer. Once softnet_lock goes away, we can pass the
lock to callout_halt, but for now we cannot.

Revision 1.140 / (download) - annotate - [select for diffs], Tue Dec 26 02:26:45 2017 UTC (2 years, 10 months ago) by ozaki-r
Branch: MAIN
Changes since 1.139: +7 -3 lines
Diff to previous 1.139 (colored)

Work around softnet_lock handling

nd6_dad_stoptimer can be called with or without softnet_lock held.
callout_halt has to take softnet_lock depending on the situation.

Revision 1.139 / (download) - annotate - [select for diffs], Fri Nov 17 07:37:12 2017 UTC (3 years ago) by ozaki-r
Branch: MAIN
CVS Tags: tls-maxphys-base-20171202
Changes since 1.138: +4 -10 lines
Diff to previous 1.138 (colored)

Provide macros for softnet_lock and KERNEL_LOCK hiding NET_MPSAFE switch

It reduces C&P codes such as "#ifndef NET_MPSAFE KERNEL_LOCK(1, NULL); ..."
scattered all over the source code and makes it easy to identify remaining
KERNEL_LOCK and/or softnet_lock that are held even if NET_MPSAFE.

No functional change

Revision 1.138 / (download) - annotate - [select for diffs], Tue Mar 14 04:25:10 2017 UTC (3 years, 8 months ago) by ozaki-r
Branch: MAIN
CVS Tags: prg-localcount2-base3, prg-localcount2-base2, prg-localcount2-base1, prg-localcount2-base, prg-localcount2, pgoyette-localcount-20170426, pgoyette-localcount-20170320, perseant-stdc-iso10646-base, perseant-stdc-iso10646, nick-nhusb-base-20170825, netbsd-8-base, matt-nb8-mediatek-base, matt-nb8-mediatek, jdolecek-ncq-base, jdolecek-ncq, bouyer-socketcan-base1
Branch point for: netbsd-8
Changes since 1.137: +8 -18 lines
Diff to previous 1.137 (colored)

Replace DIAGNOSTIC + panic with KASSERT

Revision 1.137 / (download) - annotate - [select for diffs], Tue Feb 21 03:58:24 2017 UTC (3 years, 9 months ago) by ozaki-r
Branch: MAIN
Changes since 1.136: +19 -17 lines
Diff to previous 1.136 (colored)

Replace malloc for DAD with kmem and move them out of the lock for DAD

Revision 1.136 / (download) - annotate - [select for diffs], Mon Jan 16 15:44:47 2017 UTC (3 years, 10 months ago) by christos
Branch: MAIN
CVS Tags: nick-nhusb-base-20170204
Changes since 1.135: +27 -27 lines
Diff to previous 1.135 (colored)

ip6_sprintf -> IN6_PRINT so that we pass the size.

Revision 1.135 / (download) - annotate - [select for diffs], Mon Jan 16 07:33:36 2017 UTC (3 years, 10 months ago) by ryo
Branch: MAIN
Changes since 1.134: +37 -27 lines
Diff to previous 1.134 (colored)

Make ip6_sprintf(), in_fmtaddr(), lla_snprintf() and icmp6_redirect_diag() mpsafe.

Reviewed by ozaki-r@

Revision 1.134 / (download) - annotate - [select for diffs], Mon Dec 19 07:51:34 2016 UTC (3 years, 11 months ago) by ozaki-r
Branch: MAIN
CVS Tags: pgoyette-localcount-20170107, bouyer-socketcan-base
Branch point for: bouyer-socketcan
Changes since 1.133: +8 -12 lines
Diff to previous 1.133 (colored)

Protect IPv6 default router and prefix lists with coarse-grained rwlock

in6_purgeaddr (in6_unlink_ifa) itself unrefernces a prefix entry and calls
nd6_prelist_remove if the counter becomes 0, so callers doesn't need to
handle the reference counting.

Performance-sensitive paths (sending/forwarding packets) call just one
reader lock. This is a trade-off between performance impact vs. the amount
of efforts; if we want to remove the reader lock, we need huge amount of
works including destroying objects with psz/psref in softint, for example.

Revision 1.133 / (download) - annotate - [select for diffs], Wed Dec 14 04:05:11 2016 UTC (3 years, 11 months ago) by ozaki-r
Branch: MAIN
Changes since 1.132: +4 -3 lines
Diff to previous 1.132 (colored)

Make functions static

Revision 1.132 / (download) - annotate - [select for diffs], Mon Dec 12 03:55:57 2016 UTC (3 years, 11 months ago) by ozaki-r
Branch: MAIN
Changes since 1.131: +3 -3 lines
Diff to previous 1.131 (colored)

Make the routing table and rtcaches MP-safe

See the following descriptions for details.

Proposed on tech-kern and tech-net


Overview
--------

We protect the routing table with a rwock and protect
rtcaches with another rwlock. Each rtentry is protected
from being freed or updated via reference counting and psref.

Global rwlocks
--------------

There are two rwlocks; one for the routing table (rt_lock) and
the other for rtcaches (rtcache_lock). rtcache_lock covers
all existing rtcaches; there may have room for optimizations
(future work).

The locking order is rtcache_lock first and rt_lock is next.

rtentry references
------------------

References to an rtentry is managed with reference counting
and psref. Either of the two mechanisms is used depending on
where a rtentry is obtained. Reference counting is used when
we obtain a rtentry from the routing table directly via
rtalloc1 and rtrequest{,1} while psref is used when we obtain
a rtentry from a rtcache via rtcache_* APIs. In both cases,
a caller can sleep/block with holding an obtained rtentry.

The reasons why we use two different mechanisms are (i) only
using reference counting hurts the performance due to atomic
instructions (rtcache case) (ii) ease of implementation;
applying psref to APIs such rtaloc1 and rtrequest{,1} requires
additional works (adding a local variable and an argument).

We will finally migrate to use only psref but we can do it
when we have a lockless routing table alternative.

Reference counting for rtentry
------------------------------

rt_refcnt now doesn't count permanent references such as for
rt_timers and rtcaches, instead it is used only for temporal
references when obtaining a rtentry via rtalloc1 and rtrequest{,1}.
We can do so because destroying a rtentry always involves
removing references of rt_timers and rtcaches to the rtentry
and we don't need to track such references. This also makes
it easy to wait for readers to release references on deleting
or updating a rtentry, i.e., we can simply wait until the
reference counter is 0 or 1. (If there are permanent references
the counter can be arbitrary.)

rt_ref increments a reference counter of a rtentry and rt_unref
decrements it. rt_ref is called inside APIs (rtalloc1 and
rtrequest{,1} so users don't need to care about it while
users must call rt_unref to an obtained rtentry after using it.

rtfree is removed and we use rt_unref and rt_free instead.
rt_unref now just decrements the counter of a given rtentry
and rt_free just tries to destroy a given rtentry.

See the next section for destructions of rtentries by rt_free.

Destructions of rtentries
-------------------------

We destroy a rtentry only when we call rtrequst{,1}(RTM_DELETE);
the original implementation can destroy in any rtfree where it's
the last reference. If we use reference counting or psref, it's
easy to understand if the place that a rtentry is destroyed is
fixed.

rt_free waits for references to a given rtentry to be released
before actually destroying the rtentry. rt_free uses a condition
variable (cv_wait) (and psref_target_destroy for psref) to wait.

Unfortunately rtrequst{,1}(RTM_DELETE) can be called in softint
that we cannot use cv_wait. In that case, we have to defer the
destruction to a workqueue.

rtentry#rt_cv, rtentry#rt_psref and global variables
(see rt_free_global) are added to conduct the procedure.

Updates of rtentries
--------------------

One difficulty to use refcnt/psref instead of rwlock for rtentry
is updates of rtentries. We need an additional mechanism to
prevent readers from seeing inconsistency of a rtentry being
updated.

We introduce RTF_UPDATING flag to rtentries that are updating.
While the flag is set to a rtentry, users cannot acquire the
rtentry. By doing so, we avoid users to see inconsistent
rtentries.

There are two options when a user tries to acquire a rtentry
with the RTF_UPDATING flag; if a user runs in softint context
the user fails to acquire a rtentry (NULL is returned).
Otherwise a user waits until the update completes by waiting
on cv.

The procedure of a updater is simpler to destruction of
a rtentry. Wait on cv (and psref) and after all readers left,
proceed with the update.

Global variables (see rt_update_global) are added to conduct
the procedure.

Currently we apply the mechanism to only RTM_CHANGE in
rtsock.c. We would have to apply other codes. See
"Known issues" section.

psref for rtentry
-----------------

When we obtain a rtentry from a rtcache via rtcache_* APIs,
psref is used to reference to the rtentry.

rtcache_ref acquires a reference to a rtentry with psref
and rtcache_unref releases the reference after using it.
rtcache_ref is called inside rtcache_* APIs and users don't
need to take care of it while users must call rtcache_unref
to release the reference.

struct psref and int bound that is needed for psref is
embedded into struct route. By doing so we don't need to
add local variables and additional argument to APIs.

However this adds another constraint to psref other than
reference counting one's; holding a reference of an rtentry
via a rtcache is allowed by just one caller at the same time.
So we must not acquire a rtentry via a rtcache twice and
avoid a recursive use of a rtcache. And also a rtcache must
be arranged to be used by a LWP/softint at the same time
somehow. For IP forwarding case, we have per-CPU rtcaches
used in softint so the constraint is guaranteed. For a h
rtcache of a PCB case, the constraint is guaranteed by the
solock of each PCB. Any other cases (pf, ipf, stf and ipsec)
are currently guaranteed by only the existence of the global
locks (softnet_lock and/or KERNEL_LOCK). If we've found the
cases that we cannot guarantee the constraint, we would need
to introduce other rtcache APIs that use simple reference
counting.

psref of rtcache is created with IPL_SOFTNET and so rtcache
shouldn't used at an IPL higher than IPL_SOFTNET.

Note that rtcache_free is used to invalidate a given rtcache.
We don't need another care by my change; just keep them as
they are.

Performance impact
------------------

When NET_MPSAFE is disabled the performance drop is 3% while
when it's enabled the drop is increased to 11%. The difference
comes from that currently we don't take any global locks and
don't use psref if NET_MPSAFE is disabled.

We can optimize the performance of the case of NET_MPSAFE
on by reducing lookups of rtcache that uses psref;
currently we do two lookups but we should be able to trim
one of two. This is a future work.

Known issues
------------

There are two known issues to be solved; one is that
a caller of rtrequest(RTM_ADD) may change rtentry (see rtinit).
We need to prevent new references during the update. Or
we may be able to remove the code (perhaps, need more
investigations).

The other is rtredirect that updates a rtentry. We need
to apply our update mechanism, however it's not easy because
rtredirect is called in softint and we cannot apply our
mechanism simply. One solution is to defer rtredirect to
a workqueue but it requires some code restructuring.

Revision 1.131 / (download) - annotate - [select for diffs], Sun Dec 11 07:38:50 2016 UTC (3 years, 11 months ago) by ozaki-r
Branch: MAIN
Changes since 1.130: +7 -7 lines
Diff to previous 1.130 (colored)

Add nd6_ prefix to exported functions

Revision 1.130 / (download) - annotate - [select for diffs], Tue Nov 15 21:17:07 2016 UTC (4 years ago) by mlelstv
Branch: MAIN
CVS Tags: nick-nhusb-base-20161204
Changes since 1.129: +7 -7 lines
Diff to previous 1.129 (colored)

nd6_dad_duplicated takes the lock itself. Move it out of the critical
section.

Revision 1.129 / (download) - annotate - [select for diffs], Mon Oct 31 04:16:25 2016 UTC (4 years ago) by ozaki-r
Branch: MAIN
CVS Tags: pgoyette-localcount-20161104
Changes since 1.128: +10 -9 lines
Diff to previous 1.128 (colored)

Fix race condition of in6_selectsrc

in6_selectsrc returned a pointer to in6_addr that wan't guaranteed to be
safe by pserialize (or psref), which was racy. Let callers pass a pointer
to in6_addr and in6_selectsrc copy a result to it inside pserialize
critical sections.

Revision 1.128 / (download) - annotate - [select for diffs], Tue Oct 18 07:30:31 2016 UTC (4 years, 1 month ago) by ozaki-r
Branch: MAIN
Changes since 1.127: +11 -2 lines
Diff to previous 1.127 (colored)

Don't hold global locks if NET_MPSAFE is enabled

If NET_MPSAFE is enabled, don't hold KERNEL_LOCK and softnet_lock in
part of the network stack such as IP forwarding paths. The aim of the
change is to make it easy to test the network stack without the locks
and reduce our local diffs.

By default (i.e., if NET_MPSAFE isn't enabled), the locks are held
as they used to be.

Reviewed by knakahara@

Revision 1.127 / (download) - annotate - [select for diffs], Mon Aug 1 03:15:31 2016 UTC (4 years, 3 months ago) by ozaki-r
Branch: MAIN
CVS Tags: pgoyette-localcount-20160806, nick-nhusb-base-20161004, localcount-20160914
Changes since 1.126: +32 -10 lines
Diff to previous 1.126 (colored)

Apply pserialize and psref to struct ifaddr and its variants

This change makes struct ifaddr and its variants (in_ifaddr and in6_ifaddr)
MP-safe by using pserialize and psref. At this moment, pserialize_perform
and psref_target_destroy are disabled because (1) we don't need them
because of softnet_lock (2) they cause a deadlock because of softnet_lock.
So we'll enable them when we remove softnet_lock in the future.

Revision 1.126 / (download) - annotate - [select for diffs], Thu Jul 28 09:03:50 2016 UTC (4 years, 3 months ago) by ozaki-r
Branch: MAIN
Changes since 1.125: +3 -3 lines
Diff to previous 1.125 (colored)

Fix panic on adding/deleting IP addresses under network load

Adding and deleting IP addresses aren't serialized with other network
opeartions, e.g., forwarding packets. So if we add or delete an IP
address under network load, a kernel panic may happen on manipulating
network-related shared objects such as rtentry and rtcache.

To avoid such panicks, we still need to hold softnet_lock in in_control
and in6_control that are called via ioctl and do network-related operations
including IP address additions/deletions.

Fix PR kern/51356

Revision 1.125 / (download) - annotate - [select for diffs], Mon Jul 25 04:21:20 2016 UTC (4 years, 4 months ago) by ozaki-r
Branch: MAIN
CVS Tags: pgoyette-localcount-20160726
Changes since 1.124: +37 -9 lines
Diff to previous 1.124 (colored)

Make DAD of ARP/NDP MP-safe with coarse-grained locks

The change also prevents arp_dad_timer/nd6_dad_timer from running if
arp_dad_stop/nd6_dad_stop is called, which makes sure that callout_reset
won't be called during callout_halt.

Revision 1.124 / (download) - annotate - [select for diffs], Mon Jul 25 01:52:21 2016 UTC (4 years, 4 months ago) by ozaki-r
Branch: MAIN
Changes since 1.123: +3 -4 lines
Diff to previous 1.123 (colored)

Use KASSERT for checking non-NULL of ifa->ifa_ifp

ifa->ifa_ifp should be always non-NULL, so doing the check only if
DIAGNOSTIC is ok.

Revision 1.123 / (download) - annotate - [select for diffs], Fri Jul 15 07:40:09 2016 UTC (4 years, 4 months ago) by ozaki-r
Branch: MAIN
Changes since 1.122: +3 -3 lines
Diff to previous 1.122 (colored)

Use sin6tosa and sin6tocsa macros

No functional change.

Revision 1.122 / (download) - annotate - [select for diffs], Fri Jul 1 05:22:33 2016 UTC (4 years, 4 months ago) by ozaki-r
Branch: MAIN
CVS Tags: pgoyette-localcount-base, nick-nhusb-base-20160907
Branch point for: pgoyette-localcount
Changes since 1.121: +3 -3 lines
Diff to previous 1.121 (colored)

Make sure to free all interface addresses in if_detach

Addresses of an interface (struct ifaddr) have a (reverse) pointer of an
interface object (ifa->ifa_ifp). If the addresses are surely freed when
their interface is destroyed, the pointer is always valid and we don't
need a tweak of replacing the pointer to if_index like mbuf.

In order to make sure the assumption, the following changes are required:
- Deactivate the interface at the firstish of if_detach. This prevents
  in6_unlink_ifa from saving multicast addresses (wrongly)
- Invalidate rtcache(s) and clear a rtentry referencing an address on
  RTM_DELETE. rtcache(s) may delay freeing an address
- Replace callout_stop with callout_halt of DAD timers to ensure stopping
  such timers in if_detach

Revision 1.121 / (download) - annotate - [select for diffs], Tue Jun 21 10:25:27 2016 UTC (4 years, 5 months ago) by ozaki-r
Branch: MAIN
Changes since 1.120: +4 -4 lines
Diff to previous 1.120 (colored)

Make sure returning ifp from in6_select* functions psref-ed

To this end, callers need to pass struct psref to the functions
and the fuctions acquire a reference of ifp with it. In some cases,
we can simply use if_get_byindex, however, in other cases
(say rt->rt_ifp and ia->ifa_ifp), we have no MP-safe way for now.
In order to take a reference anyway we use non MP-safe function
if_acquire_NOMPSAFE for the latter cases. They should be fixed in
the future somehow.

Revision 1.120 / (download) - annotate - [select for diffs], Tue Jun 21 03:28:27 2016 UTC (4 years, 5 months ago) by ozaki-r
Branch: MAIN
Changes since 1.119: +4 -4 lines
Diff to previous 1.119 (colored)

Replace ifp of ip_moptions and ip6_moptions with if_index

The motivation is the same as the mbuf's rcvif case; avoid having a pointer
of an ifnet object in ip_moptions and ip6_moptions, which is not MP-safe.

ip_moptions and ip6_moptions can be stored in a PCB for inet or inet6
that's life time is different from ifnet one and so an ifnet object can be
disappeared anytime we get it via them. Thus we need to look up an ifnet
object by if_index every time for safe.

Revision 1.119 / (download) - annotate - [select for diffs], Fri Jun 10 13:31:44 2016 UTC (4 years, 5 months ago) by ozaki-r
Branch: MAIN
Changes since 1.118: +23 -5 lines
Diff to previous 1.118 (colored)

Avoid storing a pointer of an interface in a mbuf

Having a pointer of an interface in a mbuf isn't safe if we remove big
kernel locks; an interface object (ifnet) can be destroyed anytime in any
packet processing and accessing such object via a pointer is racy. Instead
we have to get an object from the interface collection (ifindex2ifnet) via
an interface index (if_index) that is stored to a mbuf instead of an
pointer.

The change provides two APIs: m_{get,put}_rcvif_psref that use psref(9)
for sleep-able critical sections and m_{get,put}_rcvif that use
pserialize(9) for other critical sections. The change also adds another
API called m_get_rcvif_NOMPSAFE, that is NOT MP-safe and for transition
moratorium, i.e., it is intended to be used for places where are not
planned to be MP-ified soon.

The change adds some overhead due to psref to performance sensitive paths,
however the overhead is not serious, 2% down at worst.

Proposed on tech-kern and tech-net.

Revision 1.118 / (download) - annotate - [select for diffs], Fri Jun 10 13:27:16 2016 UTC (4 years, 5 months ago) by ozaki-r
Branch: MAIN
Changes since 1.117: +4 -4 lines
Diff to previous 1.117 (colored)

Introduce m_set_rcvif and m_reset_rcvif

The API is used to set (or reset) a received interface of a mbuf.
They are counterpart of m_get_rcvif, which will come in another
commit, hide internal of rcvif operation, and reduce the diff of
the upcoming change.

No functional change.

Revision 1.117 / (download) - annotate - [select for diffs], Fri Apr 29 11:46:17 2016 UTC (4 years, 6 months ago) by is
Branch: MAIN
CVS Tags: nick-nhusb-base-20160529
Changes since 1.116: +7 -4 lines
Diff to previous 1.116 (colored)

Let non-neighbor NS/NA debug error message include useful information.

Revision 1.116 / (download) - annotate - [select for diffs], Mon Apr 11 01:16:20 2016 UTC (4 years, 7 months ago) by ozaki-r
Branch: MAIN
CVS Tags: nick-nhusb-base-20160422
Changes since 1.115: +7 -3 lines
Diff to previous 1.115 (colored)

Don't call pfxlist_onlink_check with holding llentry lock

From FreeBSD (as of 2016-04-11).

Should fix PR kern/51060.

Revision 1.115 / (download) - annotate - [select for diffs], Mon Apr 4 07:37:07 2016 UTC (4 years, 7 months ago) by ozaki-r
Branch: MAIN
Changes since 1.114: +28 -22 lines
Diff to previous 1.114 (colored)

Separate nexthop caches from the routing table

By this change, nexthop caches (IP-MAC address pair) are not stored
in the routing table anymore. Instead nexthop caches are stored in
each network interface; we already have lltable/llentry data structure
for this purpose. This change also obsoletes the concept of cloning/cloned
routes. Cloned routes no longer exist while cloning routes still exist
with renamed to connected routes.

Noticeable changes are:
- Nexthop caches aren't listed in route show/netstat -r
  - sysctl(NET_RT_DUMP) doesn't return them
  - If RTF_LLDATA is specified, it returns nexthop caches
- Several definitions of routing flags and messages are removed
  - RTF_CLONING, RTF_XRESOLVE, RTF_LLINFO, RTF_CLONED and RTM_RESOLVE
- RTF_CONNECTED is added
  - It has the same value of RTF_CLONING for backward compatibility
- route's -xresolve, -[no]cloned and -llinfo options are removed
  - -[no]cloning remains because it seems there are users
  - -[no]connected is introduced and recommended
    to be used instead of -[no]cloning
- route show/netstat -r drops some flags
  - 'L' and 'c' are not seen anymore
  - 'C' now indicates a connected route
- Gateway value of a route of an interface address is now not
  a L2 address but "link#N" like a connected (cloning) route
- Proxy ARP: "arp -s ... pub" doesn't create a route

You can know details of behavior changes by seeing diffs under tests/.

Proposed on tech-net and tech-kern:
  http://mail-index.netbsd.org/tech-net/2016/03/11/msg005701.html

Revision 1.114 / (download) - annotate - [select for diffs], Fri Apr 1 08:12:00 2016 UTC (4 years, 7 months ago) by ozaki-r
Branch: MAIN
Changes since 1.113: +39 -49 lines
Diff to previous 1.113 (colored)

Refine nd6log

Add __func__ to nd6log itself instead of adding it to callers.

Revision 1.113 / (download) - annotate - [select for diffs], Mon Dec 7 06:19:13 2015 UTC (4 years, 11 months ago) by ozaki-r
Branch: MAIN
CVS Tags: nick-nhusb-base-20160319, nick-nhusb-base-20151226
Changes since 1.112: +7 -7 lines
Diff to previous 1.112 (colored)

CID 1341546: Fix integer handling issue (CONSTANT_EXPRESSION_RESULT)

n > INT_MAX where n is a long integer variable never be true on 32bit
architectures. Use time_t(int64_t) instead of long for the variable.

Revision 1.112 / (download) - annotate - [select for diffs], Wed Nov 25 06:21:26 2015 UTC (5 years ago) by ozaki-r
Branch: MAIN
Changes since 1.111: +5 -5 lines
Diff to previous 1.111 (colored)

Use lltable/llentry for NDP

lltable and llentry were introduced to replace ARP cache data structure
for further restructuring of the routing table: L2 nexthop cache
separation. This change replaces the NDP cache data structure
(llinfo_nd6) with them as well as ARP.

One noticeable change is for neighbor cache GC mechanism that was
introduced to prevent IPv6 DoS attacks. net.inet6.ip6.neighborgcthresh
was the max number of caches that we store in the system. After
introducing lltable/llentry, the value is changed to be per-interface
basis because lltable/llentry stores neighbor caches in each interface
separately. And the change brings one degradation; the old GC mechanism
dropped exceeded packets based on LRU while the new implementation drops
packets in order from the beginning of lltable (a hash table + linked
lists). It would be improved in the future.

Added functions in in6.c come from FreeBSD (as of r286629) and are
tweaked for NetBSD.

Proposed on tech-kern and tech-net.

Revision 1.111 / (download) - annotate - [select for diffs], Wed Nov 18 05:16:22 2015 UTC (5 years ago) by ozaki-r
Branch: MAIN
Changes since 1.110: +3 -18 lines
Diff to previous 1.110 (colored)

Stop passing llinfo_nd6 to nd6_ns_output

This is a restructuring for coming changes to nd6 (replacing
llinfo_nd6 with llentry). Once we have a lock of llinfo_nd6,
we need to pass it to nd6_ns_output with holding the lock.
However, in a function subsequent to nd6_ns_output, the llinfo_nd6
may be looked up, i.e., its lock would be acquired again.
To avoid such a situation, pass only required data (in6_addr) to
nd6_ns_output instead of passing whole llinfo_nd6.

Inspired by FreeBSD

Revision 1.110 / (download) - annotate - [select for diffs], Mon Aug 24 22:21:27 2015 UTC (5 years, 3 months ago) by pooka
Branch: MAIN
CVS Tags: nick-nhusb-base-20150921
Changes since 1.109: +4 -2 lines
Diff to previous 1.109 (colored)

sprinkle _KERNEL_OPT

Revision 1.109 / (download) - annotate - [select for diffs], Fri Jul 17 02:21:08 2015 UTC (5 years, 4 months ago) by ozaki-r
Branch: MAIN
Changes since 1.108: +5 -3 lines
Diff to previous 1.108 (colored)

Reform use of rt_refcnt

rt_refcnt of rtentry was used in bad manners, for example, direct rt_refcnt++
and rt_refcnt-- outside route.c, "rt->rt_refcnt++; rtfree(rt);" idiom, and
touching rt after rt->rt_refcnt--.

These abuses seem to be needed because rt_refcnt manages only references
between rtentry and doesn't take care of references during packet processing
(IOW references from local variables). In order to reduce the above abuses,
the latter cases should be counted by rt_refcnt as well as the former cases.

This change improves consistency of use of rt_refcnt:
- rtentry is always accessed with rt_refcnt incremented
- rtentry's rt_refcnt is decremented after use (rtfree is always used instead
  of rt_refcnt--)
- functions returning rtentry increment its rt_refcnt (and caller rtfree it)

Note that rt_refcnt prevents rtentry from being freed but doesn't prevent
rtentry from being updated. Toward MP-safe, we need to provide another
protection for rtentry, e.g., locks. (Or introduce a better data structure
allowing concurrent readers during updates.)

Revision 1.108 / (download) - annotate - [select for diffs], Mon Apr 27 10:14:44 2015 UTC (5 years, 7 months ago) by ozaki-r
Branch: MAIN
CVS Tags: nick-nhusb-base-20150606
Changes since 1.107: +4 -3 lines
Diff to previous 1.107 (colored)

Add missing error checks on rtcache_setdst

It can fail with ENOMEM.

Revision 1.107 / (download) - annotate - [select for diffs], Mon Mar 30 04:25:26 2015 UTC (5 years, 7 months ago) by ozaki-r
Branch: MAIN
CVS Tags: nick-nhusb-base-20150406
Changes since 1.106: +2 -3 lines
Diff to previous 1.106 (colored)

Tidy up opt_ipsec.h inclusions

Revision 1.106 / (download) - annotate - [select for diffs], Wed Feb 25 12:45:34 2015 UTC (5 years, 9 months ago) by roy
Branch: MAIN
Changes since 1.105: +3 -3 lines
Diff to previous 1.105 (colored)

Rename nd6_rtmsg() to rt_newmsg() and move into the generic routing code
as it's not IPv6 specific and will be used elsewhere.

Revision 1.105 / (download) - annotate - [select for diffs], Wed Feb 25 00:26:58 2015 UTC (5 years, 9 months ago) by roy
Branch: MAIN
Changes since 1.104: +5 -25 lines
Diff to previous 1.104 (colored)

Retire nd6_newaddrmsg and use rt_newaddrmsg directly instead so that
we don't spam route changes when the route hasn't changed.

Revision 1.104 / (download) - annotate - [select for diffs], Mon Feb 23 19:15:59 2015 UTC (5 years, 9 months ago) by martin
Branch: MAIN
Changes since 1.103: +3 -3 lines
Diff to previous 1.103 (colored)

Rearange interface detachement slightly: before we free the INET6 specific
per-interface data, make sure to call nd6_purge() with it to remove
routing entries pointing to the going interface.
When we should happen to call this function again later, with the data
already gone, just return.
Fixes PR kern/49682, ok: christos.

Revision 1.103 / (download) - annotate - [select for diffs], Tue Dec 16 11:42:27 2014 UTC (5 years, 11 months ago) by roy
Branch: MAIN
Changes since 1.102: +9 -4 lines
Diff to previous 1.102 (colored)

Report route additions/changes/deletions for cached neighbours to userland.

Revision 1.102 / (download) - annotate - [select for diffs], Sun Oct 12 20:05:50 2014 UTC (6 years, 1 month ago) by roy
Branch: MAIN
CVS Tags: nick-nhusb-base
Branch point for: nick-nhusb
Changes since 1.101: +3 -16 lines
Diff to previous 1.101 (colored)

Remove redundant logging.

Revision 1.101 / (download) - annotate - [select for diffs], Tue Sep 9 20:16:12 2014 UTC (6 years, 2 months ago) by rmind
Branch: MAIN
Changes since 1.100: +7 -7 lines
Diff to previous 1.100 (colored)

Eliminate IFAREF() and IFAFREE() macros in favour of functions.

Revision 1.100 / (download) - annotate - [select for diffs], Tue Jul 1 07:51:29 2014 UTC (6 years, 4 months ago) by ozaki-r
Branch: MAIN
CVS Tags: tls-maxphys-base, tls-earlyentropy-base, netbsd-7-base
Branch point for: netbsd-7
Changes since 1.99: +4 -2 lines
Diff to previous 1.99 (colored)

Stop using callout randomly

nd6_dad_start uses callout when xtick > 0 while doesn't when
xtick == 0. So if we pass a random value ranging from 0 to N,
nd6_dad_start uses callout randomly. This behavior makes
debugging difficult.

Discussed in http://mail-index.netbsd.org/tech-kern/2014/06/25/msg017278.html

Revision 1.99 / (download) - annotate - [select for diffs], Mon Jan 13 18:23:36 2014 UTC (6 years, 10 months ago) by roy
Branch: MAIN
CVS Tags: yamt-pagecache-base9, rmind-smpnet-nbase, rmind-smpnet-base, riastradh-xf86-video-intel-2-7-1-pre-2-21-15, riastradh-drm2-base3
Branch point for: tls-earlyentropy
Changes since 1.98: +11 -5 lines
Diff to previous 1.98 (colored)

When handling NS/NA we need to check our prefix list instead of our
address list to work out if it came from a valid neighbor.

Revision 1.98 / (download) - annotate - [select for diffs], Tue May 21 09:54:12 2013 UTC (7 years, 6 months ago) by roy
Branch: MAIN
CVS Tags: riastradh-drm2-base2, riastradh-drm2-base1, riastradh-drm2-base, riastradh-drm2
Branch point for: rmind-smpnet
Changes since 1.97: +4 -4 lines
Diff to previous 1.97 (colored)

Disable nd6_newaddrmsg debug

Revision 1.97 / (download) - annotate - [select for diffs], Tue May 21 08:37:27 2013 UTC (7 years, 6 months ago) by roy
Branch: MAIN
Changes since 1.96: +41 -7 lines
Diff to previous 1.96 (colored)

For IPv6, emit RTM_NEWADDR once DAD completes and also when address flag
changes. Tentative addresses are not emitted.

Version bumped so userland can detect this behaviour change.

Revision 1.96 / (download) - annotate - [select for diffs], Thu Mar 22 20:34:41 2012 UTC (8 years, 8 months ago) by drochner
Branch: MAIN
CVS Tags: yamt-pagecache-base8, yamt-pagecache-base7, yamt-pagecache-base6, yamt-pagecache-base5, yamt-pagecache-base4, khorben-n900, jmcneill-usbmp-base9, jmcneill-usbmp-base8, jmcneill-usbmp-base10, agc-symver-base, agc-symver
Branch point for: tls-maxphys
Changes since 1.95: +2 -6 lines
Diff to previous 1.95 (colored)

remove KAME IPSEC, replaced by FAST_IPSEC

Revision 1.95 / (download) - annotate - [select for diffs], Mon Dec 19 11:59:58 2011 UTC (8 years, 11 months ago) by drochner
Branch: MAIN
CVS Tags: netbsd-6-base, netbsd-6-1-RELEASE, netbsd-6-1-RC4, netbsd-6-1-RC3, netbsd-6-1-RC2, netbsd-6-1-RC1, netbsd-6-1-5-RELEASE, netbsd-6-1-4-RELEASE, netbsd-6-1-3-RELEASE, netbsd-6-1-2-RELEASE, netbsd-6-1-1-RELEASE, netbsd-6-0-RELEASE, netbsd-6-0-RC2, netbsd-6-0-RC1, netbsd-6-0-6-RELEASE, netbsd-6-0-5-RELEASE, netbsd-6-0-4-RELEASE, netbsd-6-0-3-RELEASE, netbsd-6-0-2-RELEASE, netbsd-6-0-1-RELEASE, matt-nb6-plus-nbase, matt-nb6-plus-base, matt-nb6-plus, jmcneill-usbmp-base7, jmcneill-usbmp-base6, jmcneill-usbmp-base5, jmcneill-usbmp-base4, jmcneill-usbmp-base3, jmcneill-usbmp-base2
Branch point for: netbsd-6-1, netbsd-6-0, netbsd-6
Changes since 1.94: +3 -3 lines
Diff to previous 1.94 (colored)

rename the IPSEC in-kernel CPP variable and config(8) option to
KAME_IPSEC, and make IPSEC define it so that existing kernel
config files work as before
Now the default can be easily be changed to FAST_IPSEC just by
setting the IPSEC alias to FAST_IPSEC.

Revision 1.94 / (download) - annotate - [select for diffs], Sat Apr 18 14:58:05 2009 UTC (11 years, 7 months ago) by tsutsui
Branch: MAIN
CVS Tags: yamt-pagecache-base3, yamt-pagecache-base2, yamt-pagecache-base, yamt-nfs-mp-base9, yamt-nfs-mp-base8, yamt-nfs-mp-base7, yamt-nfs-mp-base6, yamt-nfs-mp-base5, yamt-nfs-mp-base4, yamt-nfs-mp-base3, yamt-nfs-mp-base11, yamt-nfs-mp-base10, uebayasi-xip-base4, uebayasi-xip-base3, uebayasi-xip-base2, uebayasi-xip-base1, uebayasi-xip-base, uebayasi-xip, rmind-uvmplock-nbase, rmind-uvmplock-base, rmind-uvmplock, nick-hppapmap-base4, nick-hppapmap-base3, nick-hppapmap-base, matt-premerge-20091211, matt-mips64-premerge-20101231, jymxensuspend-base, jym-xensuspend-nbase, jym-xensuspend-base, jruoho-x86intr-base, jruoho-x86intr, jmcneill-usbmp-pre-base2, jmcneill-usbmp-base, jmcneill-audiomp3-base, jmcneill-audiomp3, cherry-xenmp-base, cherry-xenmp, bouyer-quota2-nbase, bouyer-quota2-base, bouyer-quota2
Branch point for: yamt-pagecache, jmcneill-usbmp
Changes since 1.93: +4 -4 lines
Diff to previous 1.93 (colored)

Remove extra whitespace added by a stupid tool.
XXX: more in src/sys/arch

Revision 1.93 / (download) - annotate - [select for diffs], Wed Mar 18 17:06:52 2009 UTC (11 years, 8 months ago) by cegger
Branch: MAIN
Changes since 1.92: +4 -4 lines
Diff to previous 1.92 (colored)

bcopy -> memcpy

Revision 1.92 / (download) - annotate - [select for diffs], Wed Mar 18 16:00:23 2009 UTC (11 years, 8 months ago) by cegger
Branch: MAIN
Changes since 1.91: +6 -6 lines
Diff to previous 1.91 (colored)

bzero -> memset

Revision 1.91 / (download) - annotate - [select for diffs], Wed Mar 18 15:14:31 2009 UTC (11 years, 8 months ago) by cegger
Branch: MAIN
Changes since 1.90: +3 -3 lines
Diff to previous 1.90 (colored)

bcmp -> memcmp

Revision 1.90 / (download) - annotate - [select for diffs], Thu Jul 31 18:24:07 2008 UTC (12 years, 3 months ago) by matt
Branch: MAIN
CVS Tags: wrstuden-revivesa-base-4, wrstuden-revivesa-base-3, wrstuden-revivesa-base-2, nick-hppapmap-base2, netbsd-5-base, netbsd-5-2-RELEASE, netbsd-5-2-RC1, netbsd-5-2-3-RELEASE, netbsd-5-2-2-RELEASE, netbsd-5-2-1-RELEASE, netbsd-5-2, netbsd-5-1-RELEASE, netbsd-5-1-RC4, netbsd-5-1-RC3, netbsd-5-1-RC2, netbsd-5-1-RC1, netbsd-5-1-5-RELEASE, netbsd-5-1-4-RELEASE, netbsd-5-1-3-RELEASE, netbsd-5-1-2-RELEASE, netbsd-5-1-1-RELEASE, netbsd-5-1, netbsd-5-0-RELEASE, netbsd-5-0-RC4, netbsd-5-0-RC3, netbsd-5-0-RC2, netbsd-5-0-RC1, netbsd-5-0-2-RELEASE, netbsd-5-0-1-RELEASE, netbsd-5-0, netbsd-5, mjf-devfs2-base, matt-nb5-pq3-base, matt-nb5-pq3, matt-nb5-mips64-u2-k2-k4-k7-k8-k9, matt-nb5-mips64-u1-k1-k5, matt-nb5-mips64-premerge-20101231, matt-nb5-mips64-premerge-20091211, matt-nb5-mips64-k15, matt-nb5-mips64, matt-nb4-mips64-k7-u2a-k9b, matt-mips64-base2, haad-nbase2, haad-dm-base2, haad-dm-base1, haad-dm-base, ad-audiomp2-base, ad-audiomp2
Branch point for: nick-hppapmap, jym-xensuspend
Changes since 1.89: +11 -14 lines
Diff to previous 1.89 (colored)

Generalize previous fix so that both NS and NA packets are checked.

Revision 1.89 / (download) - annotate - [select for diffs], Thu Jul 31 18:01:36 2008 UTC (12 years, 3 months ago) by matt
Branch: MAIN
Changes since 1.88: +21 -2 lines
Diff to previous 1.88 (colored)

If a neighbor solictation isn't from the unspecified address, make sure
that the source address matches one of the interfaces address prefixes.

Revision 1.88 / (download) - annotate - [select for diffs], Thu May 22 22:25:05 2008 UTC (12 years, 6 months ago) by dyoung
Branch: MAIN
CVS Tags: yamt-pf42-base4, yamt-pf42-base3, wrstuden-revivesa-base-1, wrstuden-revivesa-base, simonb-wapbl-nbase, simonb-wapbl-base, simonb-wapbl
Branch point for: haad-dm
Changes since 1.87: +3 -4 lines
Diff to previous 1.87 (colored)

Cosmetic: join lines.

Revision 1.87 / (download) - annotate - [select for diffs], Thu May 22 01:05:38 2008 UTC (12 years, 6 months ago) by dyoung
Branch: MAIN
Changes since 1.86: +3 -3 lines
Diff to previous 1.86 (colored)

Cosmetic: don't cast NULL unnecessarily.

Revision 1.86 / (download) - annotate - [select for diffs], Thu Apr 24 11:38:38 2008 UTC (12 years, 7 months ago) by ad
Branch: MAIN
CVS Tags: yamt-pf42-base2, yamt-nfs-mp-base2, yamt-nfs-mp-base, hpcarm-cleanup-nbase
Branch point for: yamt-nfs-mp, wrstuden-revivesa
Changes since 1.85: +8 -6 lines
Diff to previous 1.85 (colored)

Merge the socket locking patch:

- Socket layer becomes MP safe.
- Unix protocols become MP safe.
- Allows protocol processing interrupts to safely block on locks.
- Fixes a number of race conditions.

With much feedback from matt@ and plunky@.

Revision 1.85 / (download) - annotate - [select for diffs], Tue Apr 15 03:57:04 2008 UTC (12 years, 7 months ago) by thorpej
Branch: MAIN
CVS Tags: yamt-pf42-baseX, yamt-pf42-base
Branch point for: yamt-pf42
Changes since 1.84: +9 -8 lines
Diff to previous 1.84 (colored)

Make ip6 and icmp6 stats per-cpu.

Revision 1.84 / (download) - annotate - [select for diffs], Tue Apr 8 15:04:35 2008 UTC (12 years, 7 months ago) by thorpej
Branch: MAIN
Changes since 1.83: +8 -8 lines
Diff to previous 1.83 (colored)

Change ICMP6 stats from a structure to an array of uint64_t's.

Note: This is ABI-compatible with the old icmp6stat structure; old netstat
binaries will continue to work properly.

Revision 1.83 / (download) - annotate - [select for diffs], Wed Feb 27 19:40:56 2008 UTC (12 years, 8 months ago) by matt
Branch: MAIN
CVS Tags: yamt-lazymbuf-base15, yamt-lazymbuf-base14, matt-armv6-nbase, keiichi-mipv6-nbase, keiichi-mipv6-base, ad-socklock-base1
Changes since 1.82: +9 -8 lines
Diff to previous 1.82 (colored)

Convert to ansi definitions from old-style definitons.
Remember that func() is not ansi, func(void) is.

Revision 1.82 / (download) - annotate - [select for diffs], Fri Nov 16 17:51:51 2007 UTC (13 years ago) by dyoung
Branch: MAIN
CVS Tags: yamt-kmem-base3, yamt-kmem-base2, yamt-kmem-base, yamt-kmem, vmlocking2-base3, vmlocking2-base2, vmlocking2-base1, vmlocking2, vmlocking-nbase, reinoud-bufcleanup-nbase, reinoud-bufcleanup-base, nick-net80211-sync-base, nick-net80211-sync, mjf-devfs-base, matt-armv6-base, jmcneill-pm-base, hpcarm-cleanup-base, cube-autoconf-base, cube-autoconf, bouyer-xeni386-nbase, bouyer-xeni386-merge1, bouyer-xeni386-base, bouyer-xeni386, bouyer-xenamd64-base2, bouyer-xenamd64-base
Branch point for: mjf-devfs2, keiichi-mipv6
Changes since 1.81: +4 -4 lines
Diff to previous 1.81 (colored)

We might leave nd6_ns_output() really early.  Postpone memset()
until after we decide to stay.

Revision 1.81 / (download) - annotate - [select for diffs], Sat Nov 10 00:14:32 2007 UTC (13 years ago) by dyoung
Branch: MAIN
Changes since 1.80: +4 -10 lines
Diff to previous 1.80 (colored)

Use sockaddr_in6_init().

Revision 1.80 / (download) - annotate - [select for diffs], Thu Aug 30 02:17:38 2007 UTC (13 years, 2 months ago) by dyoung
Branch: MAIN
CVS Tags: yamt-x86pmap-base4, yamt-x86pmap-base3, yamt-x86pmap-base2, yamt-x86pmap-base, yamt-x86pmap, vmlocking-base, nick-csl-alignment-base5, jmcneill-base
Branch point for: mjf-devfs, bouyer-xenamd64
Changes since 1.79: +10 -9 lines
Diff to previous 1.79 (colored)

Use malloc(9) for sockaddrs instead of pool(9), and remove dom_sa_pool
and dom_sa_len members from struct domain.  Pools of fixed-size
objects are too rigid for sockaddr_dls, whose size can vary over
a wide range.

Return sockaddr_dl to its "historical" size.  Now that I'm using
malloc(9) instead of pool(9) to allocate sockaddr_dl, I can create
a sockaddr_dl of any size in the kernel, so expanding sockaddr_dl
is useless.

Avoid using sizeof(struct sockaddr_dl) in the kernel.

Introduce sockaddr_dl_alloc() for allocating & initializing an
arbitrary sockaddr_dl on the heap.

Add an argument, the sockaddr length, to sockaddr_alloc(),
sockaddr_copy(), and sockaddr_dl_setaddr().

Constify: LLADDR() -> CLLADDR().

Where the kernel overwrites LLADDR(), use sockaddr_dl_setaddr(),
instead.  Used properly, sockaddr_dl_setaddr() will not overrun
the end of the sockaddr.

Revision 1.79 / (download) - annotate - [select for diffs], Sun Aug 26 23:07:17 2007 UTC (13 years, 3 months ago) by dyoung
Branch: MAIN
Branch point for: matt-armv6
Changes since 1.78: +3 -3 lines
Diff to previous 1.78 (colored)

Constify: LLADDR -> CLLADDR.  I'm aiming here to make it easier to
identify sockaddr_dl abuse that remains in the kernel, especially
the potential for overwriting memory past the end of a sockaddr_dl
with, e.g., memcpy(LLADDR(), ...).

Use sockaddr_dl_setaddr() in a few places.

Revision 1.78 / (download) - annotate - [select for diffs], Tue Aug 7 04:35:43 2007 UTC (13 years, 3 months ago) by dyoung
Branch: MAIN
CVS Tags: matt-mips64-base
Branch point for: matt-mips64
Changes since 1.77: +13 -16 lines
Diff to previous 1.77 (colored)

Avoid writing past the end of the buffer [lldst, lldst + dstsize)
in nd6_storelladdr().

Use sockaddr_dl_setaddr().  Constify some sockaddr_dl's.  Constify
a sockaddr argument to nd6_na_output().  Change SDL() to "standard"
satocsdl() or satosdl().  Change SIN6() to satocsin6() or satosin6().

bcmp -> memcmp, bcopy -> memcpy.

Revision 1.77 / (download) - annotate - [select for diffs], Thu Jul 19 20:48:58 2007 UTC (13 years, 4 months ago) by dyoung
Branch: MAIN
CVS Tags: hpcarm-cleanup
Branch point for: jmcneill-pm
Changes since 1.76: +4 -4 lines
Diff to previous 1.76 (colored)

Take steps to hide the radix_node implementation of the forwarding table
from the forwarding table's users:

        Introduce rt_walktree() for walking the routing table and
        applying a function to each rtentry.  Replace most
        rn_walktree() calls with it.

        Use rt_getkey()/rt_setkey() to get/set a route's destination.
        Keep a pointer to the sockaddr key in the rtentry, so that
        rtentry users do not have to grovel in the radix_node for
        the key.

        Add a RTM_GET method to rtrequest.  Use that instead of
        radix_node lookups in, e.g., carp(4).

Add sys/net/link_proto.c, which supplies sockaddr routines for
link-layer socket addresses (sockaddr_dl).

Cosmetic:

        Constify.  KNF.  Stop open-coding LIST_FOREACH, TAILQ_FOREACH,
        et cetera.  Use NULL instead of 0 for null pointers.  Use
        __arraycount().  Reduce gratuitous parenthesization.

        Stop using variadic arguments for rip6_output(), it is
        unnecessary.

        Remove the unnecessary rtentry member rt_genmask and the
        code to maintain it, since nothing actually used it.

        Make rt_maskedcopy() easier to read by using meaningful variable
        names.

        Extract a subroutine intern_netmask() for looking up a netmask in
        the masks table.

        Start converting backslash-ridden IPv6 macros in
        sys/netinet6/in6_var.h into inline subroutines that one
        can read without special eyeglasses.

One functional change: when the kernel serves an RTM_GET, RTM_LOCK,
or RTM_CHANGE request, it applies the netmask (if supplied) to a
destination before searching for it in the forwarding table.

I have changed sys/netinet/ip_carp.c, carp_setroute(), to remove
the unlawful radix_node knowledge.

Apart from the changes to carp(4), netiso, ATM, and strip(4), I
have run the changes on three nodes in my wireless routing testbed,
which involves IPv4 + IPv6 dynamic routing acrobatics, and it's
working beautifully so far.

Revision 1.76 / (download) - annotate - [select for diffs], Mon Jul 9 21:11:13 2007 UTC (13 years, 4 months ago) by ad
Branch: MAIN
CVS Tags: nick-csl-alignment-base, mjf-ufs-trans-base
Branch point for: nick-csl-alignment
Changes since 1.75: +3 -3 lines
Diff to previous 1.75 (colored)

Merge some of the less invasive changes from the vmlocking branch:

- kthread, callout, devsw API changes
- select()/poll() improvements
- miscellaneous MT safety improvements

Revision 1.75 / (download) - annotate - [select for diffs], Wed May 23 17:15:03 2007 UTC (13 years, 6 months ago) by christos
Branch: MAIN
Changes since 1.74: +3 -4 lines
Diff to previous 1.74 (colored)

Ansify + add a few comments, from Karl Sjödahl

Revision 1.74 / (download) - annotate - [select for diffs], Thu May 17 00:53:26 2007 UTC (13 years, 6 months ago) by dyoung
Branch: MAIN
CVS Tags: yamt-idlelwp-base8
Changes since 1.73: +3 -24 lines
Diff to previous 1.73 (colored)

Fix the memory leak reported in kern/36337.  Thanks Matthias Scheler
for the heads-up.  My fix is based on the following patches from
FreeBSD, however, I extracted the code into a subroutine,
nd6_llinfo_release_pkts():

http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/nd6.c.diff?r1=1.48.2.18;r2=1.48.2.19
http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/nd6_nbr.c.diff?r1=1.29.2.8;r2=1.29.2.9

Revision 1.73 / (download) - annotate - [select for diffs], Wed May 2 20:40:28 2007 UTC (13 years, 6 months ago) by dyoung
Branch: MAIN
Changes since 1.72: +20 -18 lines
Diff to previous 1.72 (colored)

Eliminate address family-specific route caches (struct route, struct
route_in6, struct route_iso), replacing all caches with a struct
route.

The principle benefit of this change is that all of the protocol
families can benefit from route cache-invalidation, which is
necessary for correct routing.  Route-cache invalidation fixes an
ancient PR, kern/3508, at long last; it fixes various other PRs,
also.

Discussions with and ideas from Joerg Sonnenberger influenced this
work tremendously.  Of course, all design oversights and bugs are
mine.

DETAILS

1 I added to each address family a pool of sockaddrs.  I have
  introduced routines for allocating, copying, and duplicating,
  and freeing sockaddrs:

        struct sockaddr *sockaddr_alloc(sa_family_t af, int flags);
        struct sockaddr *sockaddr_copy(struct sockaddr *dst,
                                       const struct sockaddr *src);
        struct sockaddr *sockaddr_dup(const struct sockaddr *src, int flags);
        void sockaddr_free(struct sockaddr *sa);

  sockaddr_alloc() returns either a sockaddr from the pool belonging
  to the specified family, or NULL if the pool is exhausted.  The
  returned sockaddr has the right size for that family; sa_family
  and sa_len fields are initialized to the family and sockaddr
  length---e.g., sa_family = AF_INET and sa_len = sizeof(struct
  sockaddr_in).  sockaddr_free() puts the given sockaddr back into
  its family's pool.

  sockaddr_dup() and sockaddr_copy() work analogously to strdup()
  and strcpy(), respectively.  sockaddr_copy() KASSERTs that the
  family of the destination and source sockaddrs are alike.

  The 'flags' argumet for sockaddr_alloc() and sockaddr_dup() is
  passed directly to pool_get(9).

2 I added routines for initializing sockaddrs in each address
  family, sockaddr_in_init(), sockaddr_in6_init(), sockaddr_iso_init(),
  etc.  They are fairly self-explanatory.

3 structs route_in6 and route_iso are no more.  All protocol families
  use struct route.  I have changed the route cache, 'struct route',
  so that it does not contain storage space for a sockaddr.  Instead,
  struct route points to a sockaddr coming from the pool the sockaddr
  belongs to.  I added a new method to struct route, rtcache_setdst(),
  for setting the cache destination:

        int rtcache_setdst(struct route *, const struct sockaddr *);

  rtcache_setdst() returns 0 on success, or ENOMEM if no memory is
  available to create the sockaddr storage.

  It is now possible for rtcache_getdst() to return NULL if, say,
  rtcache_setdst() failed.  I check the return value for NULL
  everywhere in the kernel.

4 Each routing domain (struct domain) has a list of live route
  caches, dom_rtcache.  rtflushall(sa_family_t af) looks up the
  domain indicated by 'af', walks the domain's list of route caches
  and invalidates each one.

Revision 1.72 / (download) - annotate - [select for diffs], Thu Mar 15 23:39:51 2007 UTC (13 years, 8 months ago) by dyoung
Branch: MAIN
CVS Tags: thorpej-atomic-base, thorpej-atomic
Changes since 1.71: +29 -45 lines
Diff to previous 1.71 (colored)

Don't open-code TAILQ_FOREACH().  KNF: Fix K&R prototypes and
parameter-type declarations.

Revision 1.71 / (download) - annotate - [select for diffs], Sun Mar 4 06:03:27 2007 UTC (13 years, 8 months ago) by christos
Branch: MAIN
Branch point for: vmlocking, reinoud-bufcleanup, mjf-ufs-trans
Changes since 1.70: +9 -9 lines
Diff to previous 1.70 (colored)

Kill caddr_t; there will be some MI fallout, but it will be fixed shortly.

Revision 1.70 / (download) - annotate - [select for diffs], Sat Feb 17 22:34:15 2007 UTC (13 years, 9 months ago) by dyoung
Branch: MAIN
CVS Tags: ad-audiomp-base, ad-audiomp
Changes since 1.69: +5 -4 lines
Diff to previous 1.69 (colored)

KNF: de-__P, bzero -> memset, bcmp -> memcmp.  Remove extraneous
   parentheses in return statements.

Cosmetic: don't open-code TAILQ_FOREACH().

Cosmetic: change types of variables to avoid oodles of casts: in
   in6_src.c, avoid casts by changing several route_in6 pointers
   to struct route pointers.  Remove unnecessary casts to caddr_t
   elsewhere.

Pave the way for eliminating address family-specific route caches:
   soon, struct route will not embed a sockaddr, but it will hold
   a reference to an external sockaddr, instead.  We will set the
   destination sockaddr using rtcache_setdst().  (I created a stub
   for it, but it isn't used anywhere, yet.)  rtcache_free() will
   free the sockaddr.  I have extracted from rtcache_free() a helper
   subroutine, rtcache_clear().  rtcache_clear() will "forget" a
   cached route, but it will not forget the destination by releasing
   the sockaddr.  I use rtcache_clear() instead of rtcache_free()
   in rtcache_update(), because rtcache_update() is not supposed
   to forget the destination.

Constify:

   1 Introduce const accessor for route->ro_dst, rtcache_getdst().

   2 Constify the 'dst' argument to ifnet->if_output().  This
     led me to constify a lot of code called by output routines.

   3 Constify the sockaddr argument to protosw->pr_ctlinput.  This
     led me to constify a lot of code called by ctlinput routines.

   4 Introduce const macros for converting from a generic sockaddr
     to family-specific sockaddrs, e.g., sockaddr_in: satocsin6,
     satocsin, et cetera.

Revision 1.69 / (download) - annotate - [select for diffs], Mon Jan 29 06:20:43 2007 UTC (13 years, 9 months ago) by dyoung
Branch: MAIN
CVS Tags: post-newlock2-merge, newlock2-nbase, newlock2-base
Branch point for: yamt-idlelwp
Changes since 1.68: +6 -6 lines
Diff to previous 1.68 (colored)

Cosmetic: bzero -> memset.  Change a bcopy() to a struct assignment.

Revision 1.68 / (download) - annotate - [select for diffs], Fri Dec 15 21:18:56 2006 UTC (13 years, 11 months ago) by joerg
Branch: MAIN
CVS Tags: yamt-splraiseipl-base5, yamt-splraiseipl-base4
Changes since 1.67: +6 -10 lines
Diff to previous 1.67 (colored)

Introduce new helper functions to abstract the route caching.
rtcache_init and rtcache_init_noclone lookup ro_dst and store
the result in ro_rt, taking care of the reference counting and
calling the domain specific route cache.
rtcache_free checks if a route was cashed and frees the reference.
rtcache_copy copies ro_dst of the given struct route, checking that
enough space is available and incrementing the reference count of the
cached rtentry if necessary.
rtcache_check validates that the cached route is still up. If it isn't,
it tries to look it up again. Afterwards ro_rt is either a valid again
or NULL.
rtcache_copy is used internally.

Adjust to callers of rtalloc/rtflush in the tree to check the sanity of
ro_dst first (if necessary). If it doesn't fit the expectations, free
the cache, otherwise check if the cached route is still valid. After
that combination, a single check for ro_rt == NULL is enough to decide
whether a new lookup needs to be done with a different ro_dst.
Make the route checking in gre stricter by repeating the loop check
after revalidation.
Remove some unused RADIX_MPATH code in in6_src.c. The logic is slightly
changed here to first validate the route and check RTF_GATEWAY
afterwards. This is sementically equivalent though.
etherip doesn't need sc_route_expire similiar to the gif changes from
dyoung@ earlier.

Based on the earlier patch from dyoung@, reviewed and discussed with
him.

Revision 1.67 / (download) - annotate - [select for diffs], Sat Dec 9 05:33:08 2006 UTC (13 years, 11 months ago) by dyoung
Branch: MAIN
CVS Tags: yamt-splraiseipl-base3
Changes since 1.66: +10 -14 lines
Diff to previous 1.66 (colored)

Here are various changes designed to protect against bad IPv4
routing caused by stale route caches (struct route).  Route caches
are sprinkled throughout PCBs, the IP fast-forwarding table, and
IP tunnel interfaces (gre, gif, stf).

Stale IPv6 and ISO route caches will be treated by separate patches.

Thank you to Christoph Badura for suggesting the general approach
to invalidating route caches that I take here.

Here are the details:

Add hooks to struct domain for tracking and for invalidating each
domain's route caches: dom_rtcache, dom_rtflush, and dom_rtflushall.

Introduce helper subroutines, rtflush(ro) for invalidating a route
cache, rtflushall(family) for invalidating all route caches in a
routing domain, and rtcache(ro) for notifying the domain of a new
cached route.

Chain together all IPv4 route caches where ro_rt != NULL.  Provide
in_rtcache() for adding a route to the chain.  Provide in_rtflush()
and in_rtflushall() for invalidating IPv4 route caches.  In
in_rtflush(), set ro_rt to NULL, and remove the route from the
chain.  In in_rtflushall(), walk the chain and remove every route
cache.

In rtrequest1(), call rtflushall() to invalidate route caches when
a route is added.

In gif(4), discard the workaround for stale caches that involves
expiring them every so often.

Replace the pattern 'RTFREE(ro->ro_rt); ro->ro_rt = NULL;' with a
call to rtflush(ro).

Update ipflow_fastforward() and all other users of route caches so
that they expect a cached route, ro->ro_rt, to turn to NULL.

Take care when moving a 'struct route' to rtflush() the source and
to rtcache() the destination.

In domain initializers, use .dom_xxx tags.

KNF here and there.

Revision 1.66 / (download) - annotate - [select for diffs], Sat Dec 2 18:59:17 2006 UTC (13 years, 11 months ago) by dyoung
Branch: MAIN
Changes since 1.65: +6 -6 lines
Diff to previous 1.65 (colored)

Use the queue(3) macros instead of open-coding them.  Shorten
staircases.  Remove unnecessary casts.  Where appropriate, s/8/NBBY/.
De-__P().  KNF.

No functional changes intended.

Revision 1.65 / (download) - annotate - [select for diffs], Wed Jun 28 16:43:43 2006 UTC (14 years, 5 months ago) by drochner
Branch: MAIN
CVS Tags: yamt-splraiseipl-base2, yamt-splraiseipl-base, yamt-pdpolicy-base9, yamt-pdpolicy-base8, yamt-pdpolicy-base7, wrstuden-fixsa-newbase, wrstuden-fixsa-base-1, wrstuden-fixsa-base, wrstuden-fixsa, rpaulo-netinet-merge-pcb-base, netbsd-4-base, netbsd-4-0-RELEASE, netbsd-4-0-RC5, netbsd-4-0-RC4, netbsd-4-0-RC3, netbsd-4-0-RC2, netbsd-4-0-RC1, matt-nb4-arm-base, matt-nb4-arm, abandoned-netbsd-4-base, abandoned-netbsd-4
Branch point for: yamt-splraiseipl, newlock2, netbsd-4-0, netbsd-4
Changes since 1.64: +3 -2 lines
Diff to previous 1.64 (colored)

fix the dad_count logic: if we send a packet successfully, reset the counter
for sent tries -- otherwise it gets confused if dad_count is set to >15
by the sysctl, and addresses get stuck in "tentative" state forever

Revision 1.64 / (download) - annotate - [select for diffs], Thu May 18 09:05:51 2006 UTC (14 years, 6 months ago) by liamjfoy
Branch: MAIN
CVS Tags: yamt-pdpolicy-base6, yamt-pdpolicy-base5, simonb-timecounters-base, gdamore-uart-base, chap-midi-nbase, chap-midi-base, chap-midi
Branch point for: gdamore-uart
Changes since 1.63: +17 -2 lines
Diff to previous 1.63 (colored)

Integrate Common Address Redundancy Procotol (CARP) from OpenBSD

'pseudo-device	carp'

Thanks to: joerg@ christos@ riz@ and others who tested
Ok: core@

Revision 1.63 / (download) - annotate - [select for diffs], Mon Mar 6 20:33:52 2006 UTC (14 years, 8 months ago) by rpaulo
Branch: MAIN
CVS Tags: yamt-pdpolicy-base4, yamt-pdpolicy-base3, yamt-pdpolicy-base2, peter-altq-base, elad-kernelauth-base, elad-kernelauth
Branch point for: peter-altq
Changes since 1.62: +6 -6 lines
Diff to previous 1.62 (colored)

Rename local variables called delay that shadow the delay() decl.
Pointed out by Robert Swindells.

Revision 1.62 / (download) - annotate - [select for diffs], Sun Mar 5 23:47:08 2006 UTC (14 years, 8 months ago) by rpaulo
Branch: MAIN
Changes since 1.61: +88 -42 lines
Diff to previous 1.61 (colored)

NDP-related improvements:
        RFC4191
	- supports host-side router-preference

	RFC3542
	- if DAD fails on a interface, disables IPv6 operation on the
          interface
	- don't advertise MLD report before DAD finishes

	Others
	- fixes integer overflow for valid and preferred lifetimes
	- improves timer granularity for MLD, using callout-timer.
	- reflects rtadvd's IPv6 host variable information into kernel
	  (router only)
	- adds a sysctl option to enable/disable pMTUd for multicast
          packets
	- performs NUD on PPP/GRE interface by default
	- Redirect works regardless of ip6_accept_rtadv
	- removes RFC1885-related code

From the KAME project via SUZUKI Shinsuke.
Reviewed by core.

Revision 1.61 / (download) - annotate - [select for diffs], Fri Mar 3 14:07:06 2006 UTC (14 years, 8 months ago) by rpaulo
Branch: MAIN
CVS Tags: yamt-pdpolicy-base
Branch point for: yamt-pdpolicy
Changes since 1.60: +13 -13 lines
Diff to previous 1.60 (colored)

Fix typos in comments.

From: the KAME project via SUZUKI Shinsuke.

Revision 1.60 / (download) - annotate - [select for diffs], Sat Feb 25 00:58:35 2006 UTC (14 years, 9 months ago) by wiz
Branch: MAIN
CVS Tags: yamt-uio_vmspace-base5
Changes since 1.59: +3 -3 lines
Diff to previous 1.59 (colored)

Fix typos, reported by Alexey Dobriyan ("Gathered from Linux"),
forwarded by jmc@openbsd.

Revision 1.59 / (download) - annotate - [select for diffs], Sat Jan 21 00:15:37 2006 UTC (14 years, 10 months ago) by rpaulo
Branch: MAIN
Branch point for: simonb-timecounters, rpaulo-netinet-merge-pcb
Changes since 1.58: +72 -69 lines
Diff to previous 1.58 (colored)

Better support of IPv6 scoped addresses.

- most of the kernel code will not care about the actual encoding of
  scope zone IDs and won't touch "s6_addr16[1]" directly.
- similarly, most of the kernel code will not care about link-local
  scoped addresses as a special case.
- scope boundary check will be stricter.  For example, the current
  *BSD code allows a packet with src=::1 and dst=(some global IPv6
  address) to be sent outside of the node, if the application do:
    s = socket(AF_INET6);
    bind(s, "::1");
    sendto(s, some_global_IPv6_addr);
  This is clearly wrong, since ::1 is only meaningful within a single
  node, but the current implementation of the *BSD kernel cannot
  reject this attempt.
- and, while there, don't try to remove the ff02::/32 interface route
  entry in in6_ifdetach() as it's already gone.

This also includes some level of support for the standard source
address selection algorithm defined in RFC3484, which will be
completed on in the future.

From the KAME project via JINMEI Tatuya.
Approved by core@.

Revision 1.58 / (download) - annotate - [select for diffs], Sun Dec 11 12:25:02 2005 UTC (14 years, 11 months ago) by christos
Branch: MAIN
Branch point for: yamt-uio_vmspace
Changes since 1.57: +2 -2 lines
Diff to previous 1.57 (colored)

merge ktrace-lwp.

Revision 1.57 / (download) - annotate - [select for diffs], Sun May 29 21:43:51 2005 UTC (15 years, 6 months ago) by christos
Branch: MAIN
CVS Tags: yamt-vop-base3, yamt-vop-base2, yamt-vop-base, yamt-vop, yamt-readahead-pervnode, yamt-readahead-perfile, yamt-readahead-base3, yamt-readahead-base2, yamt-readahead-base, yamt-readahead, thorpej-vnode-attr-base, thorpej-vnode-attr, ktrace-lwp-base
Branch point for: yamt-lazymbuf
Changes since 1.56: +8 -8 lines
Diff to previous 1.56 (colored)

- avoid shadowed variables
- sprinkle const.

Revision 1.56 / (download) - annotate - [select for diffs], Sat Feb 26 22:45:13 2005 UTC (15 years, 9 months ago) by perry
Branch: MAIN
CVS Tags: yamt-km-base4, yamt-km-base3, netbsd-3-base, netbsd-3-1-RELEASE, netbsd-3-1-RC4, netbsd-3-1-RC3, netbsd-3-1-RC2, netbsd-3-1-RC1, netbsd-3-1-1-RELEASE, netbsd-3-0-RELEASE, netbsd-3-0-RC6, netbsd-3-0-RC5, netbsd-3-0-RC4, netbsd-3-0-RC3, netbsd-3-0-RC2, netbsd-3-0-RC1, netbsd-3-0-3-RELEASE, netbsd-3-0-2-RELEASE, netbsd-3-0-1-RELEASE, kent-audio2-base
Branch point for: netbsd-3-1, netbsd-3-0, netbsd-3
Changes since 1.55: +3 -3 lines
Diff to previous 1.55 (colored)

nuke trailing whitespace

Revision 1.55 / (download) - annotate - [select for diffs], Thu Feb 10 02:57:17 2005 UTC (15 years, 9 months ago) by itojun
Branch: MAIN
CVS Tags: yamt-km-base2
Changes since 1.54: +7 -30 lines
Diff to previous 1.54 (colored)

backout 1.54.  heurestic code should never be used.  if you experience DAD
failure, suspect your driver, not ND code.

Revision 1.54 / (download) - annotate - [select for diffs], Wed Feb 2 20:56:27 2005 UTC (15 years, 9 months ago) by drochner
Branch: MAIN
Changes since 1.53: +16 -18 lines
Diff to previous 1.53 (colored)

Give DAD a chance to succeed even if the network is "slightly broken"
(in my case it as a switch set to "monitor" mode):
If we see an NS request for the address we are just probing for, for
three times the number of DAD packets we are supposed to send (the
"ip6.dad_count" sysctl variable), assume that these are our own packets
and let DAD succeed.
The code for this was mostly there, commented out. Just needed some fixes.
The "three times" is heuristic of course.
Being here, reset the "dad_ns_tcount" variable on a successful send;
otherwise we get strange interdependencies with user-settable variables
(ever tried to set ip6.dad_count to something >15?).

Revision 1.53 / (download) - annotate - [select for diffs], Tue Feb 10 20:57:20 2004 UTC (16 years, 9 months ago) by itojun
Branch: MAIN
CVS Tags: yamt-km-base, netbsd-2-base, netbsd-2-1-RELEASE, netbsd-2-1-RC6, netbsd-2-1-RC5, netbsd-2-1-RC4, netbsd-2-1-RC3, netbsd-2-1-RC2, netbsd-2-1-RC1, netbsd-2-1, netbsd-2-0-base, netbsd-2-0-RELEASE, netbsd-2-0-RC5, netbsd-2-0-RC4, netbsd-2-0-RC3, netbsd-2-0-RC2, netbsd-2-0-RC1, netbsd-2-0-3-RELEASE, netbsd-2-0-2-RELEASE, netbsd-2-0-1-RELEASE, netbsd-2-0, netbsd-2, kent-audio1-beforemerge, kent-audio1-base, kent-audio1
Branch point for: yamt-km, kent-audio2
Changes since 1.52: +7 -9 lines
Diff to previous 1.52 (colored)

reduce useless variables

Revision 1.52 / (download) - annotate - [select for diffs], Thu Oct 30 01:43:10 2003 UTC (17 years ago) by simonb
Branch: MAIN
Changes since 1.51: +2 -4 lines
Diff to previous 1.51 (colored)

Remove some assigned-to but otherwise unused variables.

Revision 1.51 / (download) - annotate - [select for diffs], Fri Sep 5 23:20:48 2003 UTC (17 years, 2 months ago) by itojun
Branch: MAIN
Changes since 1.50: +4 -4 lines
Diff to previous 1.50 (colored)

u_short -> u_int16_t.  sync w/ kame.
don't set ip6_plen where unneeded (i.e. before calling ip6_output)

Revision 1.50 / (download) - annotate - [select for diffs], Fri Aug 22 22:00:40 2003 UTC (17 years, 3 months ago) by itojun
Branch: MAIN
Changes since 1.49: +2 -10 lines
Diff to previous 1.49 (colored)

remove ipsec_set/getsocket.  now we explicitly pass socket * to ip{,6}_output.

Revision 1.49 / (download) - annotate - [select for diffs], Fri Aug 22 21:53:09 2003 UTC (17 years, 3 months ago) by itojun
Branch: MAIN
Changes since 1.48: +4 -5 lines
Diff to previous 1.48 (colored)

change the additional arg to be passed to ip{,6}_output to struct socket *.

this fixes KAME policy lookup which was broken by the previous commit.

Revision 1.48 / (download) - annotate - [select for diffs], Fri Aug 22 20:20:10 2003 UTC (17 years, 3 months ago) by jonathan
Branch: MAIN
Changes since 1.47: +6 -4 lines
Diff to previous 1.47 (colored)

Replace the set_socket() method of passing an extra struct socket*
argument to ip6_output() with a new explicit struct in6pcb* argument.
(The underlying socket can be obtained via in6pcb->inp6_socket.)

In preparation for fast-ipsec.  Reviewed by itojun.

Revision 1.47 / (download) - annotate - [select for diffs], Fri Jun 27 08:41:09 2003 UTC (17 years, 5 months ago) by itojun
Branch: MAIN
Branch point for: ktrace-lwp
Changes since 1.46: +15 -13 lines
Diff to previous 1.46 (colored)

split ND6 cache timer management to per-entry.  increased accuracy,
no O(N) loop.   sync w/ kame

Revision 1.46 / (download) - annotate - [select for diffs], Tue Jun 24 07:54:48 2003 UTC (17 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.45: +3 -3 lines
Diff to previous 1.45 (colored)

remove unneeded checks of accept_rtadv.  from kame

Revision 1.45 / (download) - annotate - [select for diffs], Tue Jun 24 07:39:26 2003 UTC (17 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.44: +7 -8 lines
Diff to previous 1.44 (colored)

use time.tv_sec directly

Revision 1.44 / (download) - annotate - [select for diffs], Wed May 14 06:47:44 2003 UTC (17 years, 6 months ago) by itojun
Branch: MAIN
Changes since 1.43: +2 -12 lines
Diff to previous 1.43 (colored)

always use PULLDOWN_TEST codepath.

Revision 1.43 / (download) - annotate - [select for diffs], Mon Sep 23 05:51:16 2002 UTC (18 years, 2 months ago) by simonb
Branch: MAIN
CVS Tags: nathanw_sa_before_merge, nathanw_sa_base, kqueue-beforemerge, kqueue-base, kqueue-aftermerge, gmcgarry_ucred_base, gmcgarry_ucred, gmcgarry_ctxsw_base, gmcgarry_ctxsw, fvdl_fs64_base
Changes since 1.42: +2 -3 lines
Diff to previous 1.42 (colored)

Remove breaks after returns, unreachable returns and returns after
returns(!).

Revision 1.42 / (download) - annotate - [select for diffs], Sun Jun 9 14:43:13 2002 UTC (18 years, 5 months ago) by itojun
Branch: MAIN
CVS Tags: gehenna-devsw-base
Changes since 1.41: +7 -7 lines
Diff to previous 1.41 (colored)

whitespace cleanup

Revision 1.41 / (download) - annotate - [select for diffs], Sat Jun 8 21:29:26 2002 UTC (18 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.40: +5 -5 lines
Diff to previous 1.40 (colored)

KNF

Revision 1.40 / (download) - annotate - [select for diffs], Sat Jun 8 21:28:18 2002 UTC (18 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.39: +2 -3 lines
Diff to previous 1.39 (colored)

gc

Revision 1.39 / (download) - annotate - [select for diffs], Sat Jun 8 21:22:34 2002 UTC (18 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.38: +122 -71 lines
Diff to previous 1.38 (colored)

sync with latest KAME in6_ifaddr/prefix/default router manipulation.
behavior changes:
- two iocts used by ndp(8) are now obsolete (backward compat provided).
  use sysctl path instead.
- lo0 does not get ::1 automatically.  it will get ::1 when lo0 comes up.

Revision 1.38 / (download) - annotate - [select for diffs], Fri Jun 7 07:38:51 2002 UTC (18 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.37: +4 -4 lines
Diff to previous 1.37 (colored)

whitespace

Revision 1.37 / (download) - annotate - [select for diffs], Fri Jun 7 07:35:39 2002 UTC (18 years, 5 months ago) by itojun
Branch: MAIN
Changes since 1.36: +3 -3 lines
Diff to previous 1.36 (colored)

whitespace

Revision 1.36 / (download) - annotate - [select for diffs], Wed May 29 07:53:42 2002 UTC (18 years, 6 months ago) by itojun
Branch: MAIN
Changes since 1.35: +6 -6 lines
Diff to previous 1.35 (colored)

attach nd_ifinfo structure into if_afdata.
split IPv6 link MTU (advertised by RA) from real link MTU.
sync with kame

Revision 1.35 / (download) - annotate - [select for diffs], Tue May 28 10:11:51 2002 UTC (18 years, 6 months ago) by itojun
Branch: MAIN
Changes since 1.34: +4 -4 lines
Diff to previous 1.34 (colored)

use arc4random() where possible.
XXX is it necessary to do microtime() on tcp syn cache?

Revision 1.34 / (download) - annotate - [select for diffs], Fri Mar 15 09:36:27 2002 UTC (18 years, 8 months ago) by itojun
Branch: MAIN
CVS Tags: netbsd-1-6-base, netbsd-1-6-RELEASE, netbsd-1-6-RC3, netbsd-1-6-RC2, netbsd-1-6-RC1, netbsd-1-6-PATCH001-RELEASE, netbsd-1-6-PATCH001-RC3, netbsd-1-6-PATCH001-RC2, netbsd-1-6-PATCH001-RC1, netbsd-1-6-PATCH001, eeh-devprop-base, eeh-devprop
Branch point for: netbsd-1-6, gehenna-devsw
Changes since 1.33: +3 -3 lines
Diff to previous 1.33 (colored)

s/0/NULL/ as ln_hold is a pointer.  sync w/ kame

Revision 1.33 / (download) - annotate - [select for diffs], Tue Nov 13 00:57:05 2001 UTC (19 years ago) by lukem
Branch: MAIN
CVS Tags: newlock-base, newlock, ifpoll-base
Changes since 1.32: +4 -1 lines
Diff to previous 1.32 (colored)

add RCSIDs

Revision 1.32 / (download) - annotate - [select for diffs], Thu Oct 18 07:44:35 2001 UTC (19 years, 1 month ago) by itojun
Branch: MAIN
CVS Tags: thorpej-mips-cache-base, thorpej-mips-cache
Changes since 1.31: +19 -16 lines
Diff to previous 1.31 (colored)

reduce diffs with kame (mostly cosmetic).
move IPV6_CHECKSUM processing to sys/netinet6/raw_ip6.c.
constify a couple of places.

Revision 1.31 / (download) - annotate - [select for diffs], Wed Oct 17 10:55:09 2001 UTC (19 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.30: +37 -48 lines
Diff to previous 1.30 (colored)

do not change neighbor cache state on entry timeout,
if the cache entry is for outgoing router.

perform on-linkness check before default router (re-)seletion.

do not play with interface direct route on nd6_rtrequest.

sync a lot of cosmetic changes.  sync with kame

Revision 1.30 / (download) - annotate - [select for diffs], Wed Oct 17 08:23:07 2001 UTC (19 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.29: +1 -5 lines
Diff to previous 1.29 (colored)

unifdef OLDIP6OUTPUT

Revision 1.29 / (download) - annotate - [select for diffs], Tue Oct 16 06:24:45 2001 UTC (19 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.28: +16 -7 lines
Diff to previous 1.28 (colored)

more whitespace/comment sync with kame

Revision 1.28 / (download) - annotate - [select for diffs], Fri Feb 23 08:02:42 2001 UTC (19 years, 9 months ago) by itojun
Branch: MAIN
CVS Tags: thorpej_scsipi_nbase, thorpej_scsipi_beforemerge, thorpej_scsipi_base, thorpej-devvp-base3, thorpej-devvp-base2, thorpej-devvp-base, thorpej-devvp, pre-chs-ubcperf, post-chs-ubcperf
Branch point for: nathanw_sa, kqueue
Changes since 1.27: +11 -5 lines
Diff to previous 1.27 (colored)

garbage-collect stale ND entries (default: 1 day).
RFC 2461 5.3.  sync with kame.

Revision 1.27 / (download) - annotate - [select for diffs], Sun Feb 11 07:00:03 2001 UTC (19 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.26: +3 -1 lines
Diff to previous 1.26 (colored)

make sure to clean ln_byhint on reachability confirmation.

Revision 1.26 / (download) - annotate - [select for diffs], Wed Feb 7 08:59:49 2001 UTC (19 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.25: +121 -69 lines
Diff to previous 1.25 (colored)

during ip6/icmp6 inbound packet processing, do not call log() nor printf() in
normal operation (/var can get filled up by flodding bogus packets).
sysctl net.inet6.icmp6.nd6_debug will turn on diagnostic messages.
(#define ND6_DEBUG will turn it on by default)

improve stats in ND6 code.

lots of synchronziation with kame (including comments and cometic ones).

Revision 1.25 / (download) - annotate - [select for diffs], Wed Jan 24 09:04:17 2001 UTC (19 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.24: +4 -4 lines
Diff to previous 1.24 (colored)

- record IPsec packet history into m_aux structure.
- let ipfilter look at wire-format packet only (not the decapsulated ones),
  so that VPN setting can work with NAT/ipfilter settings.
sync with kame.

TODO: use header history for stricter inbound validation

Revision 1.24 / (download) - annotate - [select for diffs], Wed Jan 17 11:26:52 2001 UTC (19 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.23: +5 -1 lines
Diff to previous 1.23 (colored)

wrap noisy ND6 debugging messages with ND6_DEBUG.  sync with kame

Revision 1.23 / (download) - annotate - [select for diffs], Sun Nov 5 17:17:16 2000 UTC (20 years ago) by onoe
Branch: MAIN
Changes since 1.22: +2 -1 lines
Diff to previous 1.22 (colored)

First Prototype implementation of network interface part for IEEE1394 (if_fw).

Current status:
	Only OHCI chip is supported (fwohci).
	ping (IPv4) works with Sony's implementation (SmartConnect) on Win98.
	sometimes works but not stable.
Not implemented yet:
	IRM (Isochronous Resource Manager) functionality.
	Link layer fragmentation.
	Topology map.
More to do:
	clean ups
	MCAP
	charactor device part
	dhcp

There is no entry in GENERIC config file yet.
Follow sys/dev/ieee1394/IMPLEMENTATION to enable if_fw.

Revision 1.22 / (download) - annotate - [select for diffs], Fri May 19 01:40:19 2000 UTC (20 years, 6 months ago) by itojun
Branch: MAIN
CVS Tags: netbsd-1-5-base, netbsd-1-5-RELEASE, netbsd-1-5-BETA2, netbsd-1-5-BETA, netbsd-1-5-ALPHA2, minoura-xpg4dl-base, minoura-xpg4dl
Branch point for: netbsd-1-5
Changes since 1.21: +10 -6 lines
Diff to previous 1.21 (colored)

do not mistakingly forward link-local scoped packet (the bug was added
with "beyondscope" icmp6 support).
"options FAKE_LOOPBACK_IF" will honor scope on loopback outputs.  rcvif will
be real interface, not the loopback, just like when multicast loopback.

(sync with kame)

Revision 1.21 / (download) - annotate - [select for diffs], Fri Mar 24 04:09:05 2000 UTC (20 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.20: +8 -5 lines
Diff to previous 1.20 (colored)

move ia6->ia6_dad_ch to dp->dad_timer_ch, to ease KAME code sharing.
now in6_var.h does not need to pull sys/callout.h in.

Revision 1.20 / (download) - annotate - [select for diffs], Thu Mar 23 07:03:31 2000 UTC (20 years, 8 months ago) by thorpej
Branch: MAIN
Changes since 1.19: +10 -8 lines
Diff to previous 1.19 (colored)

New callout mechanism with two major improvements over the old
timeout()/untimeout() API:
- Clients supply callout handle storage, thus eliminating problems of
  resource allocation.
- Insertion and removal of callouts is constant time, important as
  this facility is used quite a lot in the kernel.

The old timeout()/untimeout() API has been removed from the kernel.

Revision 1.19 / (download) - annotate - [select for diffs], Thu Mar 16 02:53:45 2000 UTC (20 years, 8 months ago) by thorpej
Branch: MAIN
Changes since 1.18: +6 -2 lines
Diff to previous 1.18 (colored)

Quiet down the DAD messages a little more.

Revision 1.18 / (download) - annotate - [select for diffs], Wed Mar 1 12:49:49 2000 UTC (20 years, 8 months ago) by itojun
Branch: MAIN
Changes since 1.17: +11 -5 lines
Diff to previous 1.17 (colored)

introduce m->m_pkthdr.aux to hold random data which needs to be passed
between protocol handlers.

ipsec socket pointers, ipsec decryption/auth information, tunnel
decapsulation information are in my mind - there can be several other usage.
at this moment, we use this for ipsec socket pointer passing.  this will
avoid reuse of m->m_pkthdr.rcvif in ipsec code.

due to the change, MHLEN will be decreased by sizeof(void *) - for example,
for i386, MHLEN was 100 bytes, but is now 96 bytes.
we may want to increase MSIZE from 128 to 256 for some of our architectures.

take caution if you use it for keeping some data item for long period
of time - use extra caution on M_PREPEND() or m_adj(), as they may result
in loss of m->m_pkthdr.aux pointer (and mbuf leak).

this will bump kernel version.

(as discussed in tech-net, tested in kame tree)

Revision 1.17 / (download) - annotate - [select for diffs], Mon Feb 28 12:08:24 2000 UTC (20 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.16: +2 -6 lines
Diff to previous 1.16 (colored)

remove some of cross-BSD portability #ifdef.
remove xxCTL_VARS, which is BSDI specific.

Revision 1.16 / (download) - annotate - [select for diffs], Sat Feb 26 08:39:20 2000 UTC (20 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.15: +104 -44 lines
Diff to previous 1.15 (colored)

bring in recent KAME changes (only important and stable ones, as usual).
- remove net.inet6.ip6.nd6_proxyall.  introduce proxy NDP code works
  just like "arp -s".
- revise source address selection.
  be more careful about use of yet-to-be-valid addresses as source.
- as router, transmit ICMP6_DST_UNREACH_BEYONDSCOPE against out-of-scope
  packet forwarding attempt.
- path MTU discovery takes care of routing header properly.
- be more strict about mbuf chain parsing.

Revision 1.15 / (download) - annotate - [select for diffs], Mon Feb 7 05:42:28 2000 UTC (20 years, 9 months ago) by itojun
Branch: MAIN
CVS Tags: chs-ubc2-newbase
Changes since 1.14: +62 -21 lines
Diff to previous 1.14 (colored)

add more sanity check against mbuf length.
use log() for DAD related kernel message.

Revision 1.14 / (download) - annotate - [select for diffs], Sun Feb 6 12:49:48 2000 UTC (20 years, 9 months ago) by itojun
Branch: MAIN
Changes since 1.13: +3 -3 lines
Diff to previous 1.13 (colored)

fix include pathname for better rfc2292 compliance.

Revision 1.13 / (download) - annotate - [select for diffs], Tue Feb 1 22:52:11 2000 UTC (20 years, 9 months ago) by thorpej
Branch: MAIN
Changes since 1.12: +5 -5 lines
Diff to previous 1.12 (colored)

First-draft if_detach() implementation, originally from Bill Studnemund,
although this version has been changed somewhat:
- reference counting on ifaddrs isn't as complete as Bill's original
  work was.  This is hard to get right, and we should attack one
  protocol at a time.
- This doesn't do reference counting or dynamic allocation of ifnets yet.
- This version introduces a new PRU -- PRU_PURGEADDR, which is used to
  purge an ifaddr from a protocol.  The old method Bill used didn't work
  on all protocols, and it only worked on some because it was Very Lucky.

This mostly works ... i.e. works for my USB Ethernet, except for a dangling
ifaddr reference left by the IPv6 code; have not yet tracked this down.

Revision 1.12 / (download) - annotate - [select for diffs], Fri Jan 28 07:21:29 2000 UTC (20 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.11: +3 -3 lines
Diff to previous 1.11 (colored)

wrap "DAD start" message into #ifdef DIAGNOSTIC.
From: thorpej, "Soren S. Jorvang" <soren@wheel.dk>

Revision 1.11 / (download) - annotate - [select for diffs], Thu Jan 6 15:46:11 2000 UTC (20 years, 10 months ago) by itojun
Branch: MAIN
Changes since 1.10: +3 -57 lines
Diff to previous 1.10 (colored)

remove extra portability #ifdef (like #ifdef __FreeBSD__) in KAME IPv6/IPsec
code, from netbsd-current repository.
#ifdef'ed version is always available from ftp.kame.net.

XXX please do not make too many diff-unfriendly changes, we'll need to take
bunch of diffs on upgrade...

Revision 1.10 / (download) - annotate - [select for diffs], Wed Dec 15 06:28:44 1999 UTC (20 years, 11 months ago) by itojun
Branch: MAIN
CVS Tags: wrstuden-devbsize-base, wrstuden-devbsize-19991221
Changes since 1.9: +5 -3 lines
Diff to previous 1.9 (colored)

do not overwrite traffic class field when we write IPv6 version field.

Revision 1.9 / (download) - annotate - [select for diffs], Mon Dec 13 15:17:23 1999 UTC (20 years, 11 months ago) by itojun
Branch: MAIN
Changes since 1.8: +94 -30 lines
Diff to previous 1.8 (colored)

sync IPv6 part with latest KAME tree.   IPsec part is left unmodified
due to massive changes in KAME side.
- IPv6 output goes through nd6_output
- faith can capture IPv4 packets as well - you can run IPv4-to-IPv6 translator
  using heavily modified DNS servers
- per-interface statistics (required for IPv6 MIB)
- interface autoconfig is revisited
- udp input handling has a big change for mapped address support.
- introduce in4_cksum() for non-overwriting checksumming
- introduce m_pulldown()
- neighbor discovery cleanups/improvements
- netinet/in.h strictly conforms to RFC2553 (no extra defs visible to userland)
- IFA_STATS is fixed a bit (not tested)
- and more more more.

TODO:
- cleanup os-independency #ifdef
- avoid rcvif dual use (for IPsec) to help ifdetach

(sorry for jumbo commit, I can't separate this any more...)

Revision 1.8 / (download) - annotate - [select for diffs], Sun Sep 19 21:31:35 1999 UTC (21 years, 2 months ago) by is
Branch: MAIN
CVS Tags: fvdl-softdep-base, fvdl-softdep, comdex-fall-1999-base, comdex-fall-1999
Branch point for: wrstuden-devbsize, thorpej_scsipi
Changes since 1.7: +9 -3 lines
Diff to previous 1.7 (colored)

Zeroth version of IPv6 support for ARCnet. Correct MTU handling still needs
to be done.

Revision 1.7 / (download) - annotate - [select for diffs], Sat Jul 31 18:41:17 1999 UTC (21 years, 3 months ago) by itojun
Branch: MAIN
CVS Tags: chs-ubc2-base
Changes since 1.6: +4 -2 lines
Diff to previous 1.6 (colored)

sync with recent KAME.
- loosen ipsec restriction on packet diredtion.
- revise icmp6 redirect handling on IsRouter bit.
- tcp/udp notification processing (link-local address case)
- cosmetic fixes (better code share across *BSD).

Revision 1.6 / (download) - annotate - [select for diffs], Sat Jul 10 19:46:10 1999 UTC (21 years, 4 months ago) by thorpej
Branch: MAIN
Changes since 1.5: +18 -13 lines
Diff to previous 1.5 (colored)

Clean up some printfs(), and mark a few for possible later nuking,
since they appear to be for debugging purposes only.

Revision 1.5 / (download) - annotate - [select for diffs], Fri Jul 9 22:57:30 1999 UTC (21 years, 4 months ago) by thorpej
Branch: MAIN
Changes since 1.4: +2 -1 lines
Diff to previous 1.4 (colored)

defopt IPSEC and IPSEC_ESP (both into opt_ipsec.h).

Revision 1.4 / (download) - annotate - [select for diffs], Sun Jul 4 02:01:15 1999 UTC (21 years, 4 months ago) by itojun
Branch: MAIN
Changes since 1.3: +3 -3 lines
Diff to previous 1.3 (colored)

s/splnet/splsoftnet/ in IPv6/IPsec part.
hope I made no mistake (the kernel works fine but I need a regress test)

Suggested by: thorpej

Revision 1.3 / (download) - annotate - [select for diffs], Sat Jul 3 21:30:19 1999 UTC (21 years, 4 months ago) by thorpej
Branch: MAIN
Changes since 1.2: +2 -0 lines
Diff to previous 1.2 (colored)

RCS ID police.

Revision 1.2 / (download) - annotate - [select for diffs], Thu Jul 1 08:12:57 1999 UTC (21 years, 4 months ago) by itojun
Branch: MAIN
Branch point for: chs-ubc2
Changes since 1.1: +1181 -0 lines
Diff to previous 1.1 (colored)

IPv6 kernel code, based on KAME/NetBSD 1.4, SNAP kit 19990628.
(Sorry for a big commit, I can't separate this into several pieces...)
Pls check sys/netinet6/TODO and sys/netinet6/IMPLEMENTATION for details.

- sys/kern: do not assume single mbuf, accept chained mbuf on passing
  data from userland to kernel (or other way round).
- "midway" ATM card: ATM PVC pseudo device support, like those done in ALTQ
  package (ftp://ftp.csl.sony.co.jp/pub/kjc/).
- sys/netinet/tcp*: IPv4/v6 dual stack tcp support.
- sys/netinet/{ip6,icmp6}.h, sys/net/pfkeyv2.h: IETF document assumes those
  file to be there so we patch it up.
- sys/netinet: IPsec additions are here and there.
- sys/netinet6/*: most of IPv6 code sits here.
- sys/netkey: IPsec key management code
- dev/pci/pcidevs: regen

In my understanding no code here is subject to export control so it
should be safe.

Revision 1.1, Mon Jun 28 06:37:07 1999 UTC (21 years, 5 months ago) by itojun
Branch: MAIN
Branch point for: kame
FILE REMOVED

file nd6_nbr.c was initially added on branch kame.

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>