| Age | Commit message (Collapse) | Author |
|---|
|
out of the KERNEL_LOCK().
ok visa@, bluhm@
|
|
for netstat -a. Introduce a global mutex that protects the tables
and hashes for the internet PCBs. To detect detached PCB, set its
inp_socket field to NULL. This has to be protected by a per PCB
mutex. The protocol pointer has to be protected by the mutex as
netstat uses it.
Always take the kernel lock in in_pcbnotifyall() and in6_pcbnotify()
before the table mutex to avoid lock ordering problems in the notify
functions.
OK visa@
|
|
PAWS. Otherwise we could trigger a retransmit of the opposite party with another
wrong timestamp and produce loop. I have seen this with a buggy server which
messed up tcp timestamps.
Suggested by Prof. Jacobson for FreeBSD.
ok krw, bluhm, henning, mpi
|
|
ipsec_{input,output}_cb() so that in the case of sending or receiving a bogus
mbuf (NULL) we don't end up trying to dereference the TDB, while being an
uninitialized pointer, to increase the drops.
Coverity IDs 1473312, 1473313 and 1473317.
OK mpi@ visa@
|
|
The inet PCB uses one hash with local and foreign addresses, and
one with local port numbers. Give both hashes separate keys. Also
document the struct fields.
OK visa@
|
|
ok visa@
|
|
start locking the socket. An inp can be referenced by the PCB queue
and hashes, by a pf mbuf header, or by a pf state key.
OK visa@
|
|
Problem found and anaylyzed by Romain Gabet, ok markus@
|
|
what FreeBSD does. Remove old #if 0 version of inet6ctlerrmap.
OK mpi@
|
|
in6_pcb.c consistent, to ease comparing the code. Move all inet6
functions to in6_. Bring functions in both source files in same
order. Cleanup the include section. Now in_pcb.c is a superset
of in6_pcb.c. The latter contains all the special implementations.
Just moving arround, no code change intended.
OK mpi@
|
|
OK stsp@
|
|
put the algorithm into a new function m_calchdrlen(). Also set an
uninitialized m_len to 0 in NFS code.
OK claudio@
|
|
created. Add a new function m_removehdr() do convert packet header
mbufs within the chain to regular mbufs. Assert that the mbuf at
the beginning of the chain has a packet header.
found by Maxime Villard in NetBSD; from markus@; OK claudio@
|
|
input and OK claudio@
|
|
|
|
userland.
Inputs from markus@, ok sthen@
|
|
syn_cache_get() is not neccessary. Also make the abort label
consistent to resetandabort and free the mbuf there.
OK mpi@
|
|
Found by and ok jsg@, ok markus@
|
|
dropped packets in the output path.
While here fix a memory leak when compression is not needed w/ IPcomp.
ok markus@
|
|
magic constant to panic() calls.
ok benno@ henning@ tb@
|
|
route socket is flooded with those messages. Instead maek sure that the
removal of the dynamic route that can happen is actually also sent to
the routing socket.
OK mpi@ henning@
|
|
these changes to the routing table have not been visible whereas the
RTM_DELETE of those routes have been. Remove this inconsistency.
Input and OK mpi@
OK henning@
|
|
ok markus@
|
|
callbacks to be able to count dropped packet.
Having more generic statistics will help troubleshooting problems
with specific tunnels. Per-TDB counters are coming once all the
refactoring bits are in.
ok markus@
|
|
why it was necessary.
OK bluhm@
'ok but watch for fallouts' mpi@
|
|
with sendmsg(2) and MSG_OOB. Sync the code in udp, rip, and
rip6_usrreq. Add an inp NULL check in rip6_usrreq for consistency.
OK benno@ mpi@
|
|
rip{6,}_usrreq() since soreceive() will free it.
ok bluhm@
|
|
ok visa@ as part of a larger bigger diff
|
|
the global inpcb queue and hashes.
OK visa@ mpi@ as part of a larger diff
|
|
in_pcbconnect() to avoid the address family maze in syn_cache_get().
input claudio@; OK mpi@
|
|
ok bluhm
|
|
found the hard way by krw@
|
|
Instead introduce two flags to deal with global lock recursion. This
is necessary until we get per-socket lock.
Req. by and ok visa@
|
|
ok visa@, tb@
|
|
was NULL and nothing was traced. So save the old tcpcb and use
that to retrieve some information. Note that otb may be freed and
must not be dereferenced. Use a heuristic for cases where the
address family is in the IP header but not provided in the PCB.
OK visa@
|
|
Multicast lacked receive destination port. Better use a function
and do it all in one place. The pipex chunk does not use the
options, so it can happen before. Adding the udp header length to
the ip header length was done inconsistently. Do it explicitly
when needed.
OK mpi@ visa@
|
|
OK tb@ visa@
|
|
locking.
ok visa@, bluhm@
|
|
from markus@; OK mpi@
|
|
functions.
discussed with and OK mpi@ visa@
|
|
the hashmask. For the resize calculations it is clearer to use the
field inpt_size.
OK visa@ mpi@
|
|
now unused 'ifra' from in_ioctl().
Discussed with mpi and visa
|
|
to its own function and merge the two switches in in_ioctl_change_ifaddr().
Finally: each ioctl has its own case and privilege check.
ok visa
As an aside, an audit of the ports tree has shown that we should continue
to support the legacy ioctls SIOCSIF{,BRD,DST}ADDR, SIOCSIFNETMASK despite
the fact that they have been deprecated for the better part of two decades
and FreeBSD dropped support 7 years ago. Too many ports still rely on them.
Thanks to sthen and visa for their help with that.
|
|
in_pcb.h header file.
OK mpi@ visa@
|
|
rdomain. Move the printf to the end of the pcb lookup functions.
OK tb@ mpi@ visa@
|
|
So in in_pcbresize() the variant without _SAFE of the TAILQ_FOREACH
macro is sufficient.
OK tb@ mpi@ visa@
|
|
|
|
Some more code shuffling to get rid of one switch in in_ioctl().
This way there is one case for each of SIOCSIFBRDADDR, SIOCSIFDSTADDR
and SIOCSIFNETMASK, starting with a privilege check before any global
data is modified.
ok visa
|
|
|
|
and in_ioctl_change_ifaddr(). This way there is one case per ioctl
starting with a privilege check before any global data is modified.
The code paths are now straightforward. Some code duplication between
SIOCSIFADDR and SIOCAIFADDR, but that can be addressed later.
tested by hrvoje
ok visa
|
