| Age | Commit message (Collapse) | Author |
|---|
|
Use atomic operations to read ip6_forwarding while processing packets
in the network stack.
To make clear where actually the router property is needed, use the
i_am_router variable based on ip6_forwarding. It already existed
in nd6_nbr. Move i_am_router setting up the call stack until all
users are independent.
The forwarding decisions in pf_test, pf_refragment6, ip6_input do
also not interfere.
Use a new array ipv6ctl_vars_unlocked to make transition of all the
integer sysctls easier. Adapt IPv4 to the new style.
OK mvs@
|
|
|
|
All call-sites call nd6_options() directly after nd6_option_init().
Fold them to simplify the logic and do less pointing around.
Feedback OK bluhm florian
|
|
The ND6 option handling in the kernel got a lot simpler since only
the tgt and src lladdr option are inspected by the kernel. The magic
of assigning options via one side of the union and accessing them
via the other is total overkill and actually quite error prone.
OK florian@
|
|
rtable_walk(9) now passes a routing entry back to the caller when
a non zero value is returned and if it asked for it.
This allows us to call rtdeletemsg()/rtrequest_delete() from the
caller without creating a recursion because of rtflushclone().
Multicast code hasn't been adapted and is still possibly creating
recursions. However multicast route entries aren't cloned so if
a recursion exists it isn't because of rtflushclone().
Fix stack exhaustion triggered by the use of "-msave-args".
Issue reported by Dániel Lévai on bugs@ confirmed by and ok bluhm@.
|
|
packet through ip6_input() or from the routing table. In both cases
the KAME hack has added the embeded scope to the address, so it is
not necessary to fill the scope id again in rt6_flush(). Assert
that it is already there.
OK mpi@
|
|
for the Source Link-layer Address Options.
Merge nd6_rs_input() and nd6_ra_input() into one generic function that
does just that.
input & OK mpi
|
|
kernel.
OK mpi
|
|
shall all be cleansed.
Remove sending of router solicitations and processing of router
advertisements from the kernel. It's handled by slaacd(8) these days.
Input & OK bluhm@, mpi@
|
|
advertisement processing and solicitation sending like we already did
for the non-install kernels.
Next step will be to tedu all that code from the kernel.
OK rpe@ for the installer bits
move forward deraadt@
|
|
try to remove a route from the table if it is and invalid cache.
This is a step towards decoupling code dealing with userland and kernel
inserted routes.
ok bluhm@
|
|
aren't protected by the NET_LOCK().
While here change lock assertions in rt_{set,put}gwroute(), the NET_LOCK()
is enough.
Tested by Hrvoje Popovski.
ok jmatthew@, claudio@
|
|
advertisement processing in the kernel.
Go for it!!! deraadt@
additional encouragement to push forward from at least mpi and henning
special thanks to naddy for being an early adopter and finding bugs.
|
|
ok visa@
|
|
them all in net/rtsock.c.
This allows to easily spot which functions are doing a copyout(9)
when dealing with the routing midlayer.
ok phessler@, bluhm@, dhill@, krw@, claudio@
|
|
list of IPv6 addresses.
ok bluhm@
|
|
ok mpi@
|
|
NET_LOCK().
ok bluhm@
|
|
This will allow to strengthen checks when userland adds a route.
ok phessler@, bluhm@
|
|
ok bluhm@
|
|
|
|
While here use __func__ in debug strings to reduce noise when grepping.
|
|
While here us __func__ in debug strings to reduce noise when grepping.
|
|
time_second is unix time so it can be affected by clock changes.
time_uptime is monotonic so it isnt affected by clock changes. that
in turn means route expiries wont jump with clock changes if set
against time_uptime.
the expiry is translated into unix time for export to userland though.
Should fix mismatch between route timers that were already converted
and ND default routers that were still using time_second.
Tested by matthieu@ and sthen@
ok sthen@, dlg@
|
|
to previous behaviour of starting quick, exponentially backing off and
settling on every 60 seconds.
sthen@ noticed that this broke the backing off when we don't receive
an advertisment and so we would hammer the network every second which
is particularly bad on wifi networks.
OK sthen@
|
|
|
|
instead of creating a new one.
Having two addresses mean that the old, deprecated one, would be
selected instead of the new one. The issue could be triggered by
reducing the pltime/vltime values sent by a router advertisement
daemon.
Problem reported and fix tested by Jens Sauer on bugs@
|
|
blindly always sending one every 60 seconds.
repeated prodding & input naddy
input & OK vgross
|
|
OK benno@
|
|
This check does not make sense since November 2000 when IPv6 autoconf
address deletion has been made independent from prefix lifetimes.
Fix a case when a route was added to the table but the corresponding
address was not, leaving v6 unusable.
Found the hardway by and ok sthen@
|
|
|
|
|
|
callbacks return EAGAIN if they modify the routing table. While we're here,
simplify life for rtable_walk callers by moving the loop that restarts the
walk on EAGAIN into rtable_walk itself.
Flushing cloned routes on interface state changes becomes a bit more
inefficient, but this can be improved later.
ok mpi@ dlg@
|
|
code in a task.
Such dereferenced can be triggered by receiving a RA with the 'on-link'
bit set to 0 apparently generated by dnsmasq and reported by matthieu@.
ok matthieu@, sthen@, bluhm@
|
|
Ensure that arc4random_uniform() doesn't loop by redefining
ND6_MAX_DESYNC_FACTOR to be 512, the largest power of two smaller
than the RFC-specified 600 seconds. Suggested by florian@ and deraadt@
ok florian@, sthen@ in this form, arc4random change ok djm@, tedu@
|
|
route entry in ART.
rt_plen() now represents the prefix length of a route entry and should
be used instead.
For now use a "struct sockaddr_in6" to represent the mask when needed,
this should be then replaced by the prefix length and RTA_NETMASK only
used for compatibility with userland.
ok claudio@
|
|
While here pick the corresponding ``ifa'' to attach the route instead
of the one corresponding to the link-local address on the same interface.
ok bluhm@
|
|
As a bonus this removes a "#if NCARP > 0", say yeah!
|
|
|
|
interface index directly.
ok bluhm@
|
|
OK mpi@
|
|
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@
|
|
Requested by stsp
|
|
L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.
Discussed with bluhm@, ok claudio@
|
|
Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.
Imputs from bluhm@, ok phessler@, florian@, bluhm@
|
|
Instead of casts they check wether the incoming object has the
expected type. So introduce satosdl() and sdltosa() in the kernel.
OK mpi@
|
|
callers rtfree(9) it.
Inputs and ok bluhm@
|
|
stop passing it in every rt_ifa_add(9) calls.
ok claudio@
|
|
ifpp - XXX: just for statistics
ifpp is always NULL in all callers so that statistic confirms ifpp is
dying
OK mpi@
|
|
instead of the name so we don't have to if_get/if_put it for just that.
OK dlg@
|
