summaryrefslogtreecommitdiff
path: root/sys/netinet
AgeCommit message (Collapse)Author
2018-04-02Use memcpy on freshly allocated memory and add the free size.David Hill
OK millert@
2018-03-31When reusing an mbuf to send an ARP response, don't forget to clearStefan Sperling
the mbuf packet header. Otherwise, stale mbuf state related to the ARP request packet might affect the fate of the ARP reply packet. For example, I observed that for an ARP request to a carp IP, where the underlying carpdev interface is part of a bridge, ARP replies were always sent out on the carpdev interface, even if the corresponding ARP request was received not on the carpdev but on a different bridge member interface. This happened because the M_PROTO1 mbuf flag was set on the ARP request mbuf when it left the bridge towards carp, and was still set on the ARP reply, which reused the same mbuf, sent back towards the bridge. The bridge's loop detection saw the M_PROTO1 flag and prevented the ARP reply from entering the bridge, so the reply was instead sent out directly on the carpdev... ok bluhm@ mpi@
2018-03-30Store the allocation size in inpcbhead for free().David Hill
OK visa@
2018-03-21The function carp_prepare_ad() never fails. The error handling inAlexander Bluhm
the caller would leak a mbuf. Convert carp_prepare_ad() to a void function and remove the error check. reported by Maxime Villard; OK mpi@
2018-03-21In ip6_output() check that the interface of a route is valid. ForAlexander Bluhm
IPv4 we do the same and there are races that triggers it. Increment the statistics counter for both. from markus@; OK mpi@
2018-03-18Refactor tcp_mtudisc() like NetBSD did. Do the route lookup onlyAlexander Bluhm
if the tcpcb exits. OK mpi@
2018-03-14When processing IPsec AH packets check that the header fits intoAlexander Bluhm
the packet length. found by Maxime Villard; from FreeBSD; OK procter@ markus@
2018-03-13Mbuf data is used as struct ether_header before it has been madeAlexander Bluhm
continuous. The length of the hardware and protocol address are provided in the network packet and have to be checked first. So enforce that we only deal with internet over ethernet arp headers with the address length filled correctly. found by Maxime Villard; OK claudio@
2018-03-02Revert all the bits of the autocreate 127.0.0.1 on lo(4) creation for now.Claudio Jeker
This needs to go back to the drawing board.
2018-02-27make kernel compile again without INET6Sebastian Benoit
ok mpi@
2018-02-19Remove almost unused `flags' argument of suser().Martin Pieuchot
The account flag `ASU' will no longer be set but that makes suser() mpsafe since it no longer mess with a per-process field. No objection from millert@, ok tedu@, bluhm@
2018-02-10Kill unneeded caddr_t cast.Claudio Jeker
2018-02-10rework gif to be more consistent.David Gwynne
while here, give us support for mpls in gif on ipv6. this moves all the gif handling into if_gif, eg, the mpls handling is no longer in ip_etherip.c. ok claudio@
2018-02-10Similar to the IPv6 case create 127.0.0.1/8 on lo(4) interfaces which actClaudio Jeker
as loopback interfaces for each rdomain (including lo0). This is done when the interface is brought up. This is now also done by default (either on attach of lo0 or when creating the rdomain). OK mpi@
2018-02-07comment change only. ok bluhm@Richard Procter
2018-02-07update the gre driver.David Gwynne
the main new feature is gre keys, supported by the vnetid ioctls. this also adds support for gre over ipv6, the use of hfsc, and allows tx mitigation in the future. this diff removes keepalive support, but i promised claudio@ and patrick@ i would put it back after this goes in. ok claudio@
2018-02-07Unbreak carp(4) MAC check in bridge_process().Martin Pieuchot
Introduce bridge_ourether() and move carp(4)-specific SRPL code inside carp_ourether(). ok bluhm@
2018-02-07split mobileip(4) out from the gre(4) driver.David Gwynne
having mobileip in gre makes it hard to cut gre up. the current mobileip code is also broken, so this is def and improvement. it also makes it easy to disable and remove mobileip in the future. ok claudio@ henning@
2018-02-07Historically TCP timeouts were implemented with pr_slowtimo andAlexander Bluhm
pr_fasttimo. That is the reason why we have two timeout mechanisms with complicated ticks calculation. Move the delay ACK timeout to milliseconds and remove some ticks and hz mess from the others. This makes it easier to see the actual values. OK florian@ dhill@ dlg@
2018-02-06There was a race in the TCP timers. As they may sleep to grab theAlexander Bluhm
netlock, timers may still run after they have been disarmed. Deleting the timeout is not sufficient to cancel them, but the code from 4.4 BSD is assuming this. The solution is to add a flag for every timer to see whether it has been armed or canceled. Remove the TF_DEAD check as tcp_canceltimers() is called before the reaper timer is fired. Cancelation works reliably now. OK mpi@
2018-02-06Do some cleanup in ah_massage_headers().Alexander Bluhm
- Declare global array ipseczeroes containing zeroes constant. - The proto parameter contains the address family, so call it af. - Remove an unused if block, just keep the else. - If m_copyback(M_NOWAIT) fails, return with error instead of working with an inconsistent mbuf. - ip6_nxt is u_int8_t, no need to clear the high bits. - The offset and next protocol are advanced for all extension headers, move it after the switch. - ah_massage_headers() returns an errno, call the variable error. OK procter@
2018-02-05Remove tcp_acounts, some tcp_usrreq() counting from 1981. AlsoAlexander Bluhm
remove the #ifdef KPROF which seems to be unused since that year. OK mpi@
2018-02-03Since tcp_attach() has moved to a separate protocol function, theAlexander Bluhm
inp cannot be NULL. Remove the useless if in tcp_usrreq(). OK mpi@
2018-02-01When processing IPsec AH packets with IP options or IPv6 extensionAlexander Bluhm
headers, check all lengths before accessing the values. found by Maxime Villard; from NetBSD; with and OK markus@; OK patrick@
2018-01-25Use a workaround for detached parent in carp_proto_input_c().Martin Pieuchot
A NULL dereference can happen since processing protocol layer is deffered to a second task. In other words the NET_LOCK() is released then regrabbed between ip_input() and carp_proto_input(). The same workaround is already in use in carp_output() due to deffered processing in case of IPsec. The real fix is to make carp(4) MP-safe and use if_get(9) there, any taker? Found & fix tested by Hrvoje Popovski.
2018-01-23The TCP reaper timeout was still imlemented as soft timeout. SoAlexander Bluhm
it could run immediately and was not synchronized with the TCP timeouts, although that was the intension when it was introduced in revision 1.85. Convert the reaper to an ordinary TCP timeout so it is scheduled on the same timeout thread after all timeouts have finished. A net lock is not necessary as the process calling tcp_close() will not access the tcpcb after arming the reaper timeout. OK mikeb@
2018-01-23Although it is a dead store here, always reassign the tcpcb afterAlexander Bluhm
calling tcp_close(), tcp_drop(), and tcp_disconnect(). Then no freed memory can be used after closing a TCP connection. OK mikeb@ mpi@
2018-01-23Bring back the PRU_ATTACH constant and description. Then trpt(8)Alexander Bluhm
prints the ATTACH action for TCP debugging socketes correctly. OK bluhm@
2018-01-23Fix printf(9) format strings so that a kernel with TCPDEBUG compiles.Alexander Bluhm
Mark the string variables with TCP debugging names as constant. OK mpi@
2018-01-22Bring back the detach messages in trpt(8) for tcp debugging. TheyAlexander Bluhm
got lost with the pr_detach conversion. While there, remove some dead code. OK mpi@
2018-01-16Recycle IFF_NOTRAILERS into IFF_STATICARP and document ownerhsipMartin Pieuchot
of IFF* flags. inputs from jmc@, ok bluhm@, visa@
2018-01-15There was an issue that dynamic path MTU discovery together withAlexander Bluhm
ARP or ND timeout could delete local routes. Put an assert into arptfree() and nd6_free() so this cannot happen again. OK mpi@
2018-01-12have carp use standard detach hooks instead of getting special handlingDavid Gwynne
if_deactivate looked for carp parent interfaces and called carp_ifdetach to have children interfaces unplug themselves. this diff has the carp interfaces register detach hooks on the parent instead. the effect is the same, but using the standard every other interface uses. while im here i shuffle the order the hooks carp_set_ifp are estabilshed so it will fail if they arent allocated. ok visa@ mpi@
2018-01-12unbreak configurations using carppeersDavid Gwynne
ip_carp.c r1.322 removed the ability to receive carp protocol packets on !IFT_CARP interfaces. however, carppeers cause the carp protocol packets to be directed to a unicast address on another interface, which definitely is not mapped back to a carp interface. this brings back the ability to get carp packets on parent interfaces. it is a bit different to a backout because it only allows carp parents to be ethernet interfaces. mpi@ told me carp regress tests were failing.
2018-01-12restrict carp to configuring ethernet interfaces as carpdevs.David Gwynne
previously the driver only cared that a carp interface wasnt configured as a carpdev. because the code only really works on ethernet, it makes sense to restrict it. ok visa@ mpi@
2018-01-11carp_ourether gets passed the parent interface, not the carp interface.David Gwynne
2018-01-10get rid of struct carp_if by moving the srpl into struct ifnet if_carp.David Gwynne
currently carp uses a struct carp_if to hold an srp list head, which is accessed by both if_carp in struct ifnet, and via the if input handlers list. this gets rid of some indirection by making if_carp itself the list head, rather than a pointer to the list head via a struct carp_if. it also makes accessing the list consistent by only using if_carp to get to it. ok mpi@
2018-01-10simplify the input interface type check in carp_proto_input_if.David Gwynne
carp6_proto_input_if only handles packets "received" on real carp interfaces, which the ethernet stack goes to a lot of trouble to provide. since carp assumes ethernet, carp_proto_input_if can assume the packets will come in right too. ok mpi@
2018-01-09Creating a cloned interface could return ENOMEM due to temporaryAlexander Bluhm
memory shortage. As it is invoked from a system call, it should not fail and wait instead. OK visa@ mpi@
2018-01-09Change `so_state' and `so_error' to unsigned int such that they canMartin Pieuchot
be atomically read from any context. ok bluhm@, visa@
2018-01-09make mpls_input take a struct ifnet *ifp argument.David Gwynne
this makes it like all our other protocol family input functions. mpls_input always looks up the interface the mbuf was received on, but it's always called by code that already has a reference to that interface anyway. the result of this is a few less if_get/if_put calls. ok mpi@ bluhm@ visa@ claudio@
2017-12-29Make the functions which link the pf state keys to mbufs, inpcbs,Alexander Bluhm
or other states more consistent. OK visa@ sashan@ on a previous version
2017-12-14The pf code marks ICMP packets belonging to an TCP or UDP divertAlexander Bluhm
state as diverted. This is necessary for IP input to accept the packet as ours. But it must not be used to match the ICMP packet to a raw socket. Clear the PF_TAG_DIVERTED mbuf pf flag for the special ICMP and ICMP6 packets in icmp_input_if() and icmp6_input(). The m_tag_delete_chain() caused an inconsistent PF_TAG_DIVERTED mbuf pf flag and PACKET_TAG_PF_DIVERT mbuf tag which triggered an assert in rip_input(). Deleting all mbuf tags can have undesired side effects and is not necessary anymore since icmp_reflect() calls m_resethdr(). Do not touch the mbuf tags and adjust the mbuf pf flags for the correct behavior of rip_input() and rip6_input(). reported by Chris Eidem, James Turner, vicviq, Scott Vanderbilt OK mpi@
2017-12-07Initialize tcp_secret in tcp_initMike Belopuhov
The initialization of a secret SHA256 context for generating TCP initial sequence numbers is moved out of tcp_set_iss_tsm used to set up ISN for new connections and into tcp_init, sparing the need for a global flag. OK deraadt, visa, mpi
2017-12-04Make divert lookup similar for all socket types. If PF_TAG_DIVERTEDAlexander Bluhm
is set, pf_find_divert() cannot fail so put an assert there. Explicitly check all possible divert types, panic in the default case. For raw sockets call pf_find_divert() before of the socket loop. Divert reply should not match on TCP or UDP listen sockets. OK sashan@ visa@
2017-12-01Fix white spaces and shorten long line.Alexander Bluhm
2017-12-01Simplify the reverse PCB lookup logic. The PF_TAG_TRANSLATE_LOCALHOSTAlexander Bluhm
security check prevents that the user accidentally configures redirect where a divert-to would be appropriate. Instead of spreading the logic into tcp and udp input, check the flag during PCB listen lookup. This also reduces parameters of in_pcblookup_listen(). OK visa@
2017-11-30Fix typos in comments.Nayden Markatchev
OK florian@
2017-11-28The divert structure was using the port number to indicate thatAlexander Bluhm
divert-to or divert-reply was active. If the address was also set, it meant divert-to. Divert packet used a separate structure. This is confusing and makes it hard to add new features. It is better to have a divert type that explicitly says what is configured. Adapt the pf rule struct in kernel and pfctl, no functional change. Note that kernel and pfctl have to be updated together. OK sashan@
2017-11-23Constify protocol tables and remove an assert now that ip_deliver() isMartin Pieuchot
mp-safe. ok bluhm@, visa@