| Age | Commit message (Collapse) | Author |
|---|
|
CID 1453252
ok claudio@ mpi@
|
|
all interfaces. Most handlers will ignore it but at least umb(4) will
send a response back.
OK florian@
|
|
the size constraint to allow this to pass through the kernel.
Looks good to deraadt@
|
|
kernel. Will be used to have umb(4) inform unwind(8) about DNS changes.
OK bluhm@ tested by florian@ and deraadt@
|
|
commit.
|
|
Do not overwrite the address family, we need to know if this is IPv4
or IPv6 to parse the message.
Nameservers are IP addresses, not NUL-terminated strings.
Check that the length is a multiple of the length of an IP address.
OK krw
|
|
messages from user land. Inspect length field early in rtm_xaddrs().
Strings must be NUL terminated. The socket address type and length
depend on the routing message type. Currently checks are not super
strict to avoid too much user land fallout.
OK mpi@
Reported-by: syzbot+638dbf7851da8e255af5@syzkaller.appspotmail.com
|
|
|
|
then the big switch in rtm_output() has RTM_CHANGE as a unique case.
Remove redundant checks of rtm_type within this case.
OK kn@
|
|
socket is only used in process context, so pass PR_WAITOK to
pool_init(9). The possible sleep in pool_put(9) should not hurt
as route_detach() is only called by soclose(9). As both pr_attach()
and pr_detach() are always called with kernel lock, PR_RWLOCK is
not needed.
OK mpi@
|
|
rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().
Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().
Fix stack exhaustion triggered by the use of "-msave-args".
Issue reported by Dániel Lévai on bugs@ confirmed by and ok bluhm@.
|
|
with bad address flags.
OK bluhm@ sthen@
|
|
the RTF_MPLS can't be toggled without rt_mpls_set() being called. While
RTF_MPLS is part of RTF_FMASK it should be excluded from the flags and mask
when they are applied to the route since toggling it requires a call to
rt_mpls_set().
OK bluhm@
Reported-by: syzbot+86344a9e31c27aa6f15b@syzkaller.appspotmail.com
|
|
providing a corresponding socket address. A stricter kernel check
returns EINVAL and the software does not work anymore. Relax the
check for OpenBSD 6.5 release so we have more time to find and fix
bugs in ports afterwards. This is a temporary workaround.
analysis sthen@; OK claudio@ jca@
|
|
struct rt_msghdr bytes are passed in. Also return a failure from
rtm_xaddrs() if rti_addrs has bad flags or run out of space.
Ok bluhm@
Reported-by: syzbot+18fd599cf8e14c507115@syzkaller.appspotmail.com
|
|
from NetBSD; OK deraadt@ visa@
|
|
usrreq functions move the mbuf m_freem() logic to the release block
instead of distributing it over the switch statement. Then the
goto release in the initial check, whether the pcb still exists,
will not free the mbuf for the PRU_RCVD, PRU_RVCOOB, PRU_SENSE
command.
OK claudio@ mpi@ visa@
Reported-by: syzbot+8e7997d4036ae523c79c@syzkaller.appspotmail.com
|
|
OK visa@ bluhm@ kn@
|
|
802.11 interface state changes (e.g. SSID) to interested parties.
Original diff from phessler@. Many suggestions and tweaks from
claudio@, stsp@, anton@.
ok claudio@ stsp@ anton@ phessler@
|
|
protocol specific ones.
OK mpi@
|
|
variables can be delared constant.
OK claudio@ mpi@
|
|
route code since there is no more special wrapping needed and in some
places the PRU cases get easier because route(4) for example always connected.
OK bluhm@ henning@ mpi@
|
|
|
|
ok phessler@
|
|
where it belongs. Problem spotted by by remi@
ok sthen@ claudio@ krw@
|
|
ok tb@, sthen@
|
|
ok claudio@
|
|
ok tb@, visa@
|
|
ok claudio@
|
|
ok visa@, tb@
|
|
ok tb@
|
|
ok visa@, tb@
|
|
of calling sofree(), when its PCB is detached.
This is different from TCP which does not always detach `inpcb's from
sockets. In the pfkey & routing case caling sofree() there is a noop
whereas for TCP it's needed to free closed connections.
Having fewer sofree() makes it easier to understand the code and move
the locks down.
ok visa@
|
|
grab the KERNEL_LOCK() when delivering messages.
This is the same solution already used by routing sockets.
ok claudio@, visa@
|
|
socket receive buffer.
It is modelled after pfkey_sendup() as both will need the same MP
treatment.
ok tb@, bluhm@, visa@
|
|
Input bluhm
OK benno, kn, claudio
|
|
The account flag `ASU' will no longer be set but that makes suser()
mpsafe since it no longer mess with a per-process field.
No objection from millert@, ok tedu@, bluhm@
|
|
allows filtering on the priority of the route. All routes up to
the specified value will be passed.
ok claudio, ok henning previous version, feedback and manpage from
sthen.
|
|
Still needs the big kernel lock but this is another step in the right direction.
With and OK mpi@
|
|
From <kshe59 at zoho.eu>
|
|
|
|
From kshe59@zoho.eu.
|
|
From kshe59@zoho.eu
|
|
by & OK mpi, input & OK visa
|
|
|
|
Suggested by and OK mpi, OK visa
|
|
functions to pave way for more fine grained locking.
Suggested by, comments & OK mpi
|
|
Exposes per-CPU counters to real parrallelism.
ok visa@, bluhm@, jca@
|
|
Not all of them need the NET_LOCK().
ok bluhm@
|
|
all the callers to call m_freem(9).
Support from deraadt@ and tedu@, ok visa@, bluhm@
|
