| Age | Commit message (Collapse) | Author |
|---|
|
descriptor.
Allow to get rid of two if_ref() in the output paths.
ok dlg@
|
|
While here remove unused argument and convert the route check to
rtisvalid(9).
ok bluhm@
|
|
Found by LLVM/Clang Static Analyzer.
ok bluhm@ mpi@
|
|
IP options or if an IPv6 packet contains header extensions.
Required by cnmac(4) and a sensible precautionary measure in general.
ok visa@, mikeb@
|
|
One of the keys of our MP work relies on making OpenBSD's kernel simpler!
In this case turning ARP processing MP-safe is quite complicated due to
the way carp(4) is hooked in arpinput() and nowadays you'd better run
kitchensinkd(9) anyway :)
ok bluhm@, claudio@, reyk@
|
|
|
|
OK millert@ mpi@
|
|
interface index directly.
ok bluhm@
|
|
ok bluhm@
|
|
OK mpi@
|
|
OK mpi@
|
|
OK mpi@
|
|
a single value
|
|
|
|
ABI form for the sake of existing programs. no programs from that era have
been able to run for quite some time. Kill it all.
ok deraadt florian millert mpi
(I believe this is my first IPv6 diff. Future, here I come!)
|
|
longer true.
|
|
ok mpi@ bluhm@
|
|
die and ifp->if_mtu is the one true mtu.
Suggested by and OK mpi@
|
|
ok bluhm@
|
|
Requested by stsp
|
|
ok claudio mpi florian
|
|
|
|
a bad idea these days.
kill it mpi@
general agreement in the network hackers room at u2k15
|
|
address.
Fix a regression introduced when removing the lo0 hack.
ok florian@
|
|
L2 resolution depends on the protocol (encoded in the route entry) and
an ``ifp''. Not having to care about an ``ifa'' makes our life easier
in our MP effort. Fewer dependencies between data structures implies
fewer headaches.
Discussed with bluhm@, ok claudio@
|
|
ok bluhm@
|
|
ok bluhm@
|
|
Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.
Imputs from bluhm@, ok phessler@, florian@, bluhm@
|
|
ok claudio@
|
|
ok mpi@ bluhm@
|
|
entry is attached to this entry.
ok phessler@, bluhm@
|
|
ok bluhm@
|
|
Instead of casts they check wether the incoming object has the
expected type. So introduce satosdl() and sdltosa() in the kernel.
OK mpi@
|
|
During s2k15 we fixed this ugly 20+ years loopback hack of having a
rt_ifp different than rt_ifa->ifa_ifp.
ok millert@, bluhm@
|
|
ok millert@, bluhm@
|
|
socket(). Without pledge, all other socket behaviours become permitted,
except this one case: connect/send* only works to *:53. In pledge mode,
a very few are further restricted. Some backwards compatibility for
the dnssocket/dnsconnect calls will remain in the tree temporarily so
that people can build through the transition.
ok tedu guenther semarie
|
|
While here add two missing ``rtableid'' checks in in6_selectsrc().
ok bluhm@
|
|
ifa are refcounted to ensure that rt_ifa is always valid.
|
|
ok mpi@
|
|
SS_DNS tagged socket which has limited functionality (for example, you
cannot accept on them...) The libc resolver will switch to using these,
therefore pledge can identify a DNS transaction better.
ok tedu guenther kettenis beck and others
|
|
all the ports in the range portfirst .. portlast
are in use.
ok millert@, mpi@
|
|
configured addressses.
ok mikeb@
|
|
Note that after calling rtalloc(9) we only check if a route has been
returned or not and do not check for its validity. This cannot be
improved without a massive refactoring.
The kernel currently *do* use !RTF_UP route due to a mismatch between
the value of ifp->if_link_state and the IFF_UP|IFF_RUNNING code.
I'd explain the RTF_UP flag as follow:
. If a cached route entry w/o RTF_UP is passed to ip{6,}_output(),
. call rtalloc(9) to see if a better entry is present in the tree.
This is enough to support MPATH and route cache invalidation.
ok bluhm@
|
|
strict than anticipated. It allows a programmer to pledge/promise/covenant
that their program will operate within an easily defined subset of the
Unix environment, or it pays the price.
|
|
The routing table is not an optional component of the network stack
and initializing it inside the "routing domain" requires some ugly
introspection in the domain interface.
This put the rtable* layer at the same level of the if* level. These
two subsystem are organized around the two global data structure used
in the network stack:
- the global &ifnet list, to be used in process context only, and
- the routing table which can be read in interrupt context.
This change makes the rtable_* layer domain-aware and extends the
"struct domain" such that INET, INET6 and MPLS can specify the length
of the binary key used in lookups. This allows us to keep, or move
towards, AF-free route and rtable layers.
While here stop the madness and pass the size of the maximum key length
in *byte* to rn_inithead0().
ok claudio@, mikeb@
|
|
|
|
This gives us userland notification for free and get rid of a
rtrequest1(9) call.
ok phessler@, mikeb@, sthen@
|
|
Tested by <mxb AT alumni DOT chalmers DOT se>.
ok dlg@
|
|
specific places.
ok claudio@, benno@
|
|
in in_pcbbind() and in6_pcbsetport()
ok claudio@, with input from David Hill
|
