| Age | Commit message (Collapse) | Author |
|---|
|
Linux guests like to issue VIRTIO_BLK_T_GET_ID commands in attempts
to read the device serial number. It's not part of the virtio spec,
but has been part of QEMU and Bhyve for multiple years. It will be
landing in the next version of virtio (1.2), so this stubs out
handling for the request type. The added benefit is it helps squelch
log noise from Linux guests.
For now, no serial number is set and the request status is set to
VIRTIO_BLK_S_UNSUPP to tell the driver we don't support it.
While here, swap the response to VIRTIO_BLK_T_FLUSH{,_OUT} to be
also returning VIRTIO_BLK_S_UNSUPP. It's not negotiated nor
implemented. Lastly, add checks for validating the vioblk device
is only reading/writing descriptors with approrpriate read/write-only
flags per the virtio spec.
With input from claudio@, OK mlarkin@
|
|
can be enabled with 'announce enhanced refresh yes'
Similar to graceful restart this allows to mark routes as stale, refresh
them and the flush out routes that are still stale. Enhanced route refresh
uses a begin of rr and a end of rr message to signal the various stages.
A future enhancement would be the addition of a timeout in case the EoRR
message is not sent in reasonable time.
OK denis@ job@
|
|
seems OK claudio@
|
|
and use it in the two places that need to keep in sync.
OK sthen@
|
|
rde_up_dump_upcall(). This is the 4th place up_generate_updates() is
called.
|
|
to rde_generate_updates() but forgot to add the same checks to
rde_softreconfig_out(). As a result a config reload could result in
prefixes for a not-negotiated address family to leak into the Adj-RIB-Out.
Adjust both rde_generate_updates() and rde_softreconfig_out() to use the
same filter logic.
Also adjust rde_up_flush_upcall() to pass the peer as argument instead of
using prefix_peer(). The up_generate_updates() call there does not need
any filtering since the walker runs on the Adj-RIB-Out and just withdraws
everything.
OK job@ on a previous diff
|
|
OK job@
|
|
ones being sent out. Mainly prepend the ASPATH if needed and also change
the nexthop to the one being sent.
This should make the `bgpctl show rib out` output show the values the
peer receives.
OK job@
|
|
Lots of organic growth other the years lead to unnecessary includes
(proc.h everywhere) and odd dependencies between header files. This
cleans things up a bit to help with upcoming cleanup around dhcp
code.
No functional change.
"go for it" mlarkin@
|
|
OK claudio@
|
|
For this we need to be able to handle multiple routes being sent from
the engine to the main process as well as to the control tool.
The configuration of the various cases (default route, directly
connected routes, non-default route via a gateway) was inspired by
dhclient's set_routes() and should behave the same way.
Tested by Uwe Werler
|
|
where this filtering was done in bpf but here vmd needs to make sure to
not look at non IPv4 packets.
OK florian@ and dv@
|
|
ok jung@
|
|
|
|
This check was incomplete: to correctly verify the ASN1 INTEGER holding
the version component, first the context specific explicit tag would need
to be checked.
However, the X.690 spec (section 11.5) states that if the one should not
encode a component if it is the default value. There are no RFCs specifying
new versions of ROA or MFT, so checking the content of the version component
should be skipped entirely.
Thus if the version component is present, something is wrong.
|
|
surrounding code to handle these errors gracefully. When rpki-client runs
out of space it will keep on running including the cleanup at the end.
This way the temporary and old files are removed hopfully giving back some
space. This affects mainly RRDP and the initial fetch of TA files.
OK job@
|
|
is large enough for the cache. People like to build VM images with way
too small filesystems and so warning about this situation should help.
With deraadt@ and job@
|
|
No need for each case in the switch block to have the same logic
for updating the used ring and writing the state back to the guest.
Move it outside the switch. No functional change.
ok mlarkin@
|
|
Instead of translating imsg types, update vmclt(8) to handle receiving
IMSG_VMDOP_TERMINATE_VM_EVENT messages on vm termination.
This finishes the work previously committed for supporting multiple
waiters or the cancellation of a client waiting on a vm shutdown.
vmd no longer needs to translate an IMSG_VMDOP_TERMINATE_VM_RESPONSE
into an *_EVENT.
ok mlarkin@
|
|
A sufficiently large dhcp packet can cause a stack overflow in vmd's
internal dhcp server used for providing ip addresses to local guest
interfaces. (This does not affect non-local interfaces.)
The primary changes drop larger packets and change the memory copying
logic to use a compile-time constant. The dhcp option processing
also additional prevention for out of bound reads.
While here, improve construction of the dhcp response's hostname
handling to guard against overflowing the response dhcp options.
Vulnerability reported by Maxime Villard.
ok claudio@
|
|
Special values need to be translated to longs for use with functions
like hist/lhist. Add "cpu" to conversion list.
ok mpi@
|
|
name as is done elsewhere on this page.
pointed out by jmc
|
|
|
|
|
|
clearer when using -d.
OK deraadt@
|
|
|
|
media length check to allow EFI GPT partitions to be smaller that
the entire disk.
Consistently use GPTSECTOR instead of randomly tossing in some
literal '1's.
ok kettenis@
|
|
ok krw@, deraadt@
|
|
Provide a default value of a zero'd mac address so a user can still
specify the interface should be "locked" (only transmitting ethernet
packets with a matching source address). vmd will assign a random
address at vm launch.
As an example, this is now valid:
vm "name" {
interface {
locked lladdr
}
...
}
From Martin Vahlensieck
ok claudio@
|
|
|
|
from Leon Fischer
|
|
|
|
When the RDE issues an UPDATE NOTIFICATION because of some fatal error
like max-prefix count reached the peer is put into state PEER_ERR by
rde_update_err() and all UDPDATEs that are still queued should be dropped.
Noticed and OK deraadt@, OK job@
|
|
hopefully better names peer_has_as4byte() and peer_accept_no_as_set().
Move them to rde_peer.c where all other peer functions live.
OK sthen@
|
|
|
|
OK tb@
|
|
sent (and also for which AFI/SAFI). Use a slightly better way to write
return if neither route-refresh nor enhanced route-refresh are on.
|
|
|
|
OK tb@
|
|
old prefix pointer is most probably NULL. If a secondary route is removed
the withdraw would not happen because old == NULL which skips the withdraw.
Access to old is only needed to extract the prefix. So instead extract the
prefix early and use it for both cases. So if 'rde evaluate all' is used
the code tries all prefixes and if none is allowed a withdraw is issued.
Problem noticed and fix tested by Pier Carlo Chiodi
|
|
when a new peer shows up or during a reload. Tracking this during runtime
just does not work reliably (especially for reloads).
Problem noticed and fix tested by Pier Carlo Chiodi
|
|
route refresh capabilities in the neighbor output.
|
|
(RFC7313). This is the frist step toward this.
It adds the capability parsers for the two no capabilities, extends the
capability struct and adds the capability negotiation bits.
The route refresh message parser and generator are extended to support
the BoRR and EoRR message. Also add the new NOTIFICATION type and subtype
for the route refresh message.
|
|
state is preserved do the graceful restart dance. If graceful restart is off
or the forwarding state was not preserved flush the table.
|
|
Announce only the graceful restart capability header but do not include any
AFI / SAFI pairs. bgpd does not preserve its forwarding state over restarts
and only implements the "Procedures for the Receiving Speaker".
When calculating the negotiated capabilities do not override the peer
capabilities (AFI / SAFI bits), just make sure the negotiated bits are
cleared. With this the peer capabilities are properly shown in bgpctl.
|
|
for code that runs in the daemon.
ok florian@ millert@
|
|
ok millert@
|
|
|
|
prefix withdraw as required by RFC6793. Also update the documentation to
reference RFC6793 instead of the older 4893.
OK sthen@
|
|
reyk@ imported packet.c from (I think) dhclient(8). In dhclient,
the packets are already filtered down to just udp. This change has
vmd skip a non-udp ip packet sooner when it's trying to determine
if it is a dhcp/bootp packet that needs processing.
The counters (seen, bad checksums, etc) for ip and udp packets are
also removed as they aren't used by vmd.
This only affects "local" network interfaces for vmd.
OK mlarkin@
|
