summaryrefslogtreecommitdiff
path: root/sys
AgeCommit message (Collapse)Author
2015-12-04Add intr_barrier() just in case...Mark Kettenis
2015-12-04Reduce the stride length of the tables by two and use a single pageMartin Pieuchot
allocator for the 4K heap. In this configuration a fullfeed BGP server for v4 and v6 consumes 10M more than with the radix tree. This double the depth of the tree and makes the lookup slower. But the ratio speed/memory can be adjusted in the future, for now we are interested in a lock-free route lookup. Tested by and ok benno@
2015-12-04Move the KERNEL_LOCK from rt_match() to rtable_match().Martin Pieuchot
ok claudio@
2015-12-04remove PLEDGE_INET granting when using "getpw" in YP environnmentSebastien Marie
it makes PLEDGE_YPACTIVE enough for doing required networking with YP. It should permit to bring YP internals into the light. discuted with deraadt@
2015-12-04Reject input when either the version is wrong or the pad is non-zero;Reyk Floeter
not when the version is wrong and the pad is non-zero. OK goda@
2015-12-04prefix function names like randomid and pmod to keep them out of globalTed Unangst
namespace. the history of this file is that it was a modified version of ip_id.c (with static functions to avoid clashes), then that file was rewritten, then this file lost static.
2015-12-04Grab the KERNEL_LOCK() around bridge_output().Martin Pieuchot
It is now safe to call if_enqueue() without holding the KERNEL_LOCK() even on an interface part of a bridge(4). ok dlg@, henning@, kettenis@
2015-12-04There is no need to grab the KERNEL_LOCK here anymore. After discussion withClaudio Jeker
dlg@ and mpi@
2015-12-04bridge(4) never outputs packets so set its if_output and if_start to NULL.Martin Pieuchot
bridge_output() is used by the stack to duplicate a packet coming from a bridge member to its other ports. Confusion pointed by Momtchil Momtchev on misc@ ok reyk@
2015-12-04Add pledge "dpath", which provides access to mknod(2) and mkfifo(2).Theo de Raadt
This will be required to keep pax/tar/cpio at otherwise very high levels of pledge (and we will see where else it is beneficial). Allocate a bit for pledge "audio", which will be coming soon. good discussions with semarie
2015-12-04add a missing mtx_leave before a panic to give ddb/reboot a betterJonathan Gray
chance of working. ok deraadt@
2015-12-04Do not think atomicity is required here. In any case, prepare forTheo de Raadt
ps_pledge to become 64-bits over the next few days (things are getting a bit tight; most newer pledges will be quite device-driver specific)
2015-12-03mpi@ forgot to commit this. That should unbreak the tree.Claudio Jeker
2015-12-03Get rid of rt_mask() and stop allocating a "struct sockaddr" for everyMartin Pieuchot
route entry in ART. rt_plen() now represents the prefix length of a route entry and should be used instead. For now use a "struct sockaddr_in6" to represent the mask when needed, this should be then replaced by the prefix length and RTA_NETMASK only used for compatibility with userland. ok claudio@
2015-12-03deleting ip_insertoptions() prototype, which is no longer neededAlexandr Nedvedicky
(follow up on my earlier commit) OK bluhm@
2015-12-03ip_send()/ip6_send() allow PF to send response packet in ipsoftnet task.Alexandr Nedvedicky
this avoids current recursion to pf_test() function. the change also switches icmp_error()/icmp6_error() to use ip_send()/ip6_send() so they are safe for PF. The idea comes from Markus Friedl. bluhm, mikeb and mpi helped me a lot to get it into shape. OK bluhm@, mpi@
2015-12-03remove code that's been #ifdef'ed out for 20 yearsBret Lambert
ok deraadt@
2015-12-03When enqueuing a mbuf chain, take the top instead of the lastAlexander Bluhm
element. Otherwise the kernel paniced with "ipintr no HDR" if the data passed to pppxwrite() had a certain length. Bug reported and fix tested by Sevan / Venture37. Debugged with and OK mikeb@
2015-12-03Remove the /usr/share/nls/ exception from pledge(2). The libcAlexander Bluhm
native language support was deleted a month ago at u2k15. OK semarie@ deraadt@
2015-12-03Use SRPL_HEAD() and SRPL_ENTRY() to be consistent with and allow toMartin Pieuchot
fallback to a SLIST. ok dlg@, jasper@
2015-12-03add ifdef IPSEC for protoypes; requested by mpi@Markus Friedl
2015-12-03pledge(pf) needs to allow DIOCKILLSRCNODES, used in relayd.Sebastian Benoit
ok deaadt@
2015-12-03Let the IP27 kernel build with DEBUG.Visa Hankala
2015-12-03factor out ip_input_ipsec_{fwd,ours}_check(); ok mpi@Markus Friedl
2015-12-03Remove broadcast matching from ifa_ifwithaddr(), use in_broadcast() whereVincent Gross
required. ok bluhm@ mpi@.
2015-12-03ieee80211com's ic_sup_mcs array is smaller than it used to be because part ofStefan Sperling
it has been split out into new struct fields. The athn(4) driver was still assuming the old size and wrote beyond the ic_sup_mcs array. Make the driver write to the new ic_tx_mcs_set field instead. found by daniel@ with gcc 4.9 ok sthen@ kettenis@
2015-12-03ANSIfy function definitionsBret Lambert
no change in .o file checksum ok claudio@
2015-12-03Remove unused ``rt_tableid'' field from "struct rtentry".Martin Pieuchot
This reduces the size of the structure by 8 bytes on amd64 now that we are using an index instead of a pointer for reaching interfaces.
2015-12-03Store an interface index instead of a pointer in the "struct rtentry".Martin Pieuchot
These indexes are unique and should be used with if_get() to get a pointer to the corresponding ``ifp''. Such pointer is guaranteed to be valid in a MP environment until if_put() is called. ok claudio@, sthen@
2015-12-03To avoid that the stack manipules the pf statekeys directly, introduceAlexander Bluhm
pf_inp_...() lookup, link and unlink functions as an interface. Locking can be added to them later. Remove the first linking at the beginning of tcp_input() and udp_input() as it is not necessary. It will be done later anyway. That code was a relict, from the time before I had added the second linking. Input from mikeb@ and sashan@; OK sashan@
2015-12-03Add sizes to most free calls. OK sashan@ tedu@Claudio Jeker
2015-12-03add sizes to some free() calls. ok claudioTed Unangst
2015-12-03rewrite if to be more clear. ok bluhm stspTed Unangst
2015-12-03remove some unused defines. ok mikebTed Unangst
2015-12-03tell the stack myx_start is mpsafe.David Gwynne
as per the stack commit, the driver changes are: 1. setting ifp->if_xflags = IFXF_MPSAFE 2. only calling if_start() instead of its own start routine 3. clearing IFF_RUNNING before calling if_start_barrier() on its way down 4. only using IFQ_DEQUEUE (not ifq_deq_begin/commit/rollback)
2015-12-03Implement etherip(4) driverKazuya Goda
This commit is not removing the existing EtherIP part of gif(4) and it keeps EtherIP of gif(4) working. ok jbg@ sthen@ mpi@ reyk@ yasuoka@
2015-12-03remove nettxintr prototypeDavid Gwynne
2015-12-03rework if_start to allow nics to provide an mpsafe start routine.David Gwynne
existing start routines will still be called under the kernel lock and at IPL_NET. mpsafe start routines will be serialised so only one instance of each interfaces function will be running in the kernel at any point in time. this guarantees packets will be dequeued in order, and the start routines dont have to lock against themselves because if_start does it for them. the code to do that is based on the scsi runqueue code. this also provides an if_start_barrier() function that should wait until any currently running instances of if_start have finished. a driver can opt in to the mpsafe if_start call by doing the following: 1. setting ifp->if_xflags = IFXF_MPSAFE 2. only calling if_start() instead of its own start routine 3. clearing IFF_RUNNING before calling if_start_barrier() on its way down 4. only using IFQ_DEQUEUE (not ifq_deq_begin/commit/rollback) to simplify the implementation the tx mitigation code has been removed. tested by several ok mpi@ jmatthew@
2015-12-03rm unused kernel only IPV6_RECVRTHDRDSTOPTS sockopt. ok deraadt sthenTed Unangst
2015-12-03allocate PF tags as M_RTABLE vice M_TEMPBret Lambert
ok henning@ claudio@
2015-12-03Rework cas_start to check for space on the ring before dequeueing and dropJonathan Matthew
the packet if encap fails, use m_defrag if the mbuf is too fragmented, adjust sc_tx_cnt using atomic operations, hold the kernel lock while calling cas_init and cas_start from the interrupt handler, use an interrupt barrier in cas_stop, and finally mark the interupt handler mpsafe. encouragement from dlg@ and kettenis@
2015-12-03Rename pf_unlink_state() to pf_remove_state() so the name does notAlexander Bluhm
collide with the statekey to inp unlinking. OK sashan@ mpi@
2015-12-03Rewrite the tx handler to just use ifq_dequeue and drop packets thatClaudio Jeker
could not be sent either because the dma mapping failed or because m_defrag failed. Those errors are accounted as oerrors. dlg@ agrees.
2015-12-02Move port picking away from in_pcbbind()Vincent Gross
ok sthen@
2015-12-02Since we want to print the interface names in the log messages it isClaudio Jeker
required to do the if_get/if_put dance around the log() calls. These were the last users of rt_ifp. OK mpi@ bluhm@
2015-12-02More rt_ifp killing. There checks in in_arpinput() to verify that theClaudio Jeker
arp packet was recieved on the interface we expected. This is because multicast and broadcast packets are sometimes forwarded on multiple local interfaces. So simplify the checks and make them more generic at the same time (in the SIN_PROXY case). For SIN_PROXY only the interface holding the proxy arp route will answer to the requests. OK mpi@
2015-12-02factor out ip_output_ipsec_{lookup,send}(); with & ok claudio@Markus Friedl
2015-12-02There is no reason for this carp magic in arpresolve. rt->rt_ifp has toClaudio Jeker
be the same as ifp or something is very broken. So remove this including one more rt_ifp. OK mpi@
2015-12-02rtable_delete() does not use its prio parameter, so delete it.Alexander Bluhm
OK mpi@
2015-12-02When destroying an interface, we have to wait until all referencesAlexander Bluhm
are not used anymore. This has to be done before any interface fields become invalid. As the route delete request cannot call if_get() anymore, pass down the interface. Split rtrequest_delete() into a separate function that may take an existing inteface. OK mpi@