| Age | Commit message (Collapse) | Author |
|---|
|
will reduce the sleep time by one tick which doesn't matter in the common
case. The code never passes a true 0 timeval to timeout_add_tv so the code
will always sleep for at least 1 tick which is good enough.
OK kn@, florian@, visa@, cheloha@
|
|
This also makes the IPv4 and IPv6 code more similar.
OK phessler@
|
|
out of the KERNEL_LOCK().
ok visa@, bluhm@
|
|
why it was necessary.
OK bluhm@
'ok but watch for fallouts' mpi@
|
|
It does not make sense to call if_get() again, just pass ifp as
parameter. Move the IFT_CARP check into the function instead of
doing it everywhere. Replace the inverted match variable logic
with simple returns.
OK mpi@ friehm@
|
|
the caller would leak a mbuf. Convert carp_prepare_ad() to a void
function and remove the error check.
reported by Maxime Villard; OK mpi@
|
|
The account flag `ASU' will no longer be set but that makes suser()
mpsafe since it no longer mess with a per-process field.
No objection from millert@, ok tedu@, bluhm@
|
|
Introduce bridge_ourether() and move carp(4)-specific SRPL code inside
carp_ourether().
ok bluhm@
|
|
A NULL dereference can happen since processing protocol layer is
deffered to a second task. In other words the NET_LOCK() is released
then regrabbed between ip_input() and carp_proto_input().
The same workaround is already in use in carp_output() due to deffered
processing in case of IPsec.
The real fix is to make carp(4) MP-safe and use if_get(9) there, any
taker?
Found & fix tested by Hrvoje Popovski.
|
|
if_deactivate looked for carp parent interfaces and called carp_ifdetach
to have children interfaces unplug themselves. this diff has the
carp interfaces register detach hooks on the parent instead. the
effect is the same, but using the standard every other interface
uses.
while im here i shuffle the order the hooks carp_set_ifp are
estabilshed so it will fail if they arent allocated.
ok visa@ mpi@
|
|
ip_carp.c r1.322 removed the ability to receive carp protocol packets
on !IFT_CARP interfaces. however, carppeers cause the carp protocol
packets to be directed to a unicast address on another interface,
which definitely is not mapped back to a carp interface.
this brings back the ability to get carp packets on parent interfaces.
it is a bit different to a backout because it only allows carp
parents to be ethernet interfaces.
mpi@ told me carp regress tests were failing.
|
|
previously the driver only cared that a carp interface wasnt configured
as a carpdev. because the code only really works on ethernet, it makes
sense to restrict it.
ok visa@ mpi@
|
|
|
|
currently carp uses a struct carp_if to hold an srp list head, which
is accessed by both if_carp in struct ifnet, and via the if input
handlers list.
this gets rid of some indirection by making if_carp itself the list
head, rather than a pointer to the list head via a struct carp_if.
it also makes accessing the list consistent by only using if_carp
to get to it.
ok mpi@
|
|
carp6_proto_input_if only handles packets "received" on real carp
interfaces, which the ethernet stack goes to a lot of trouble to
provide. since carp assumes ethernet, carp_proto_input_if can assume
the packets will come in right too.
ok mpi@
|
|
memory shortage. As it is invoked from a system call, it should
not fail and wait instead.
OK visa@ mpi@
|
|
They have the same functionnality since friehm@ cleaned up
balancing code.
ok florian@, visa@, patrick@, bluhm@, jmatthew@
|
|
to make it symmetric to the addrhook establish which is being done in
carp_clone_create(). This fixes the issue that carp does not recognize
address changes on the carp after an interface has detached, which could
cause issues like carp not recovering or even panics. Unfortunately
there are more bugs lurking in carp.
ok bluhm@
|
|
pr_input handlers without KERNEL_LOCK().
ok visa@
|
|
while packets where being passed to IPsec tasks.
Found the hardway by Hrvoje Popovski.
ok phessler@, claudio@
|
|
Exposes per-CPU counters to real parrallelism.
ok visa@, bluhm@, jca@
|
|
Tested by Hrvoje Popovski, ok bluhm@
|
|
|
|
bugs could easily result in use-after-free or double free. Introduce
m_freemp() which automatically resets the pointer before freeing
it. So we have less dangling pointers in the kernel.
OK krw@ mpi@ claudio@
|
|
ether_input(). Now we use mbuf tags instead of modifying the MAC
address.
ok mpi@
|
|
Grab the lock before calling carpdetach().
ok bluhm@
|
|
if at least one vhid is in state MASTER.
from Florian Riehm; OK florian@
|
|
change the pointer. Then *mp keeps the invalid pointer and it might
be used. Fix the potential use after free and also reset *mp in
other places to have less dangling pointers to freed mbufs.
OK mpi@ mikeb@
|
|
allows to simplify code used for both IPv4 and IPv6.
OK mikeb@ deraadt@
|
|
constants.
The consensus is that if both operands are constant, we don't need
mallocarray. Reminded by tedu@
ok deraadt@
|
|
ok deraadt@
|
|
zero the buffers first. All the current objects appear to be safe,
however future changes might introduce structure pads.
Discussed with guenther, ok bluhm
|
|
OK mpi@
|
|
unneeded splnet()/splx() dance.
ok mikeb@, bluhm@
|
|
ok florian@
|
|
to get rid of struct ip6protosw and some wrapper functions. It is
more consistent to have less different structures. The divert_input
functions cannot be called anyway, so remove them.
OK visa@ mpi@
|
|
make the variable parameters of the protocol input functions fixed.
Also add the proto to make it similar to IPv6.
OK mpi@ guenther@ millert@
|
|
only once per packet.
Fix a regression introduced when if_input() started to be called by
every pseudo-driver.
ok claudio@, dlg@
|
|
While here remove two redundant splsoftnet()/splx() dances.
inputs and ok bluhm@
|
|
of the network stack that are not yet ready to be executed in parallel or
where new sleeping points are not possible.
This first pass replace all the entry points leading to ip_output(). This
is done to not introduce new sleeping points when trying to acquire ART's
write lock, needed when a new L2 entry is created via the RT_RESOLVE.
Inputs from and ok bluhm@, ok dlg@
|
|
This allows us to introduce SRPL_NEXT() that can be used to start
iterating on an arbitrary member of an srp list, hence without calling
SRPL_ENTER().
ok dlg@, jmatthew@
|
|
When both "carppeer" and "real mac-address" are used at once and the
BACKUP is to take over the new MASTER, the present MASTER receives
such packets. Found by and diff from nagasaka at iij.
ok henning bluhm
|
|
The current reason is that rtalloc_mpath(9) inside ip_output() might
end up inserting a RTF_CLONED route and that require a write lock.
ok kettenis@, bluhm@
|
|
diff from jsg@
ok deraadt@, benno@
|
|
from leaking the multicast address.
beck@ found the hard way that this made his second CARP master use a
wrong MAC address.
This is part of a bigger diff from Florian Riehm who is currently
working on a proper solution to fix balancing modes.
ok beck@, bluhm@
|
|
It was only checked in balancing mode, which is currently broken, and is
no longer needed.
Discusssed with bluhm@ and Florian Riehm.
|
|
the packet has been feed to the pseudo-interfaces input handlers.
To fix that without introducing a layer violation we should be able to
disable HW-vlan on parent when in use with different pseudo-interfaces.
In the case of bridge(4) for example it makes no sense to let the interface
remove the VLAN header if the kernel has to add it back for every packet.
Fix issues reported by sebastia@ and markus@
From dlg@, ok claudio@
|
|
the srp_ref struct is used to track the location of the callers
hazard pointer so later calls to srp_follow and srp_enter already
know what to clear. this in turn means most of the caveats around
using srps go away. specifically, you can now:
- switch cpus while holding an srp ref
- ie, you can sleep while holding an srp ref
- you can take and release srp refs in any order
the original intent was to simplify use of the api when dealing
with complicated data structures. the caller now no longer has to
track the location of the srp a value was fetched from, the srp_ref
effectively does that for you.
srp lists have been refactored to use srp_refs instead of srpl_iter
structs.
this is in preparation of using srps inside the ART code. ART is a
complicated data structure, and lookups require overlapping holds
of srp references.
ok mpi@ jmatthew@
|
|
|
|
if a physical interface receives a multicast/broadcast packet and
has carp interfaces on it, that packet needs to be copied for
reception by each of those carp interfaces.
previously it was using m_copym2, but that doesn't respect the
alignment of the source packet. this meant the ip header in the
copies were aligned incorrectly for the network stack, which breaks
strict alignment archs.
m_dup_pkt lets carp specify that the payload needs an ETHER_ALIGN
adjustment, so the ip header inside will be aligned correctly.
reported and tested by anthony eden who hit this on armv7
i reproduced the problem on sparc64 and verified the fix on amd64
and sparc64
ok mpi@ mikeb@ deraadt@
|
