Having the flag named "6" can possibly be a problem for configurations
where parsing strings and numbers can produce ambivalent results.
Rename the "6" flag to the "S"ix (or Silence-IPv4) flag.
This change defines the RA "6" (IPv6-Only) flag which routers
may advertise, kernel logic to check if all routers on a link
have the flag set and accordingly update a per-interface flag.
If all routers agree that it is an IPv6-only link, ether_output_frame(),
based on the interface flag, will filter out all ETHERTYPE_IP/ARP
frames, drop them, and return EAFNOSUPPORT to upper layers.
The change also updates ndp to show the "6" flag, ifconfig to
display the IPV6_ONLY nd6 flag if set, and rtadvd to allow
announcing the flag.
Further changes to tcpdump (contrib code) are availble and will
be upstreamed.
Tested the code (slightly earlier version) with 2 FreeBSD
IPv6 routers, a FreeBSD laptop on ethernet as well as wifi,
and with Win10 and OSX clients (which did not fall over with
the "6" flag set but not understood).
We may also want to (a) implement and RX filter, and (b) over
time enahnce user space to, say, stop dhclient from running
when the interface flag is set. Also we might want to start
IPv6 before IPv4 in the future.
All the code is hidden under the EXPERIMENTAL option and not
compiled by default as the draft is a work-in-progress and
we cannot rely on the fact that IANA will assign the bits
as requested by the draft and hence they may change.
Dear 6man, you have running code.
Discussed with: Bob Hinden, Brian E Carpenter
While <sys/sysctl.h> includes <sys/queue.h> unconditionally, it is only
actually used in code which is conditional on _KERNEL. Make the #include
itself conditional as well, and fix userland code that uses <sys/queue.h>
for other purposes but relied on <sys/sysctl.h> to bring it in.
MFC after: 1 week
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
No functional change intended.
Mainly focus on files that use BSD 3-Clause license.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.
Submitted by: Jan Schaumann <jschauma@stevens.edu>
Pull Request: https://github.com/freebsd/freebsd/pull/96
(it takes a long time on systems with many interfaces)
without reason and without checking its return value.
Reviewed by: cem
Obtained from: Maryse Levavasseur <maryse.levavasseur@stormshield.eu>
MFC after: 1 month
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D6979
cm_send() closes 'fd' on error. In that case, bail out early without trying to
recv from or close 'fd' again.
Reported by: Coverity
CID: 1006078
Sponsored by: EMC / Isilon Storage Division
This whole block of code as committed fully formed in r224144. I'm not really
sure what the intent was, but it seems plausible that !persist ifis could need
other member cleanup. Don't free the object until after we've finished
cleaning its members.
Reported by: Coverity
CID: 1006079
Sponsored by: EMC / Isilon Storage Division
Check against the size of the struct, not the pointer. Previously, a message
with a cm_len between 9 and 23 (inclusive) could cause int msglen to underflow
and read(2) to be invoked with msglen size (implicitly cast to signed),
overrunning the caller-provided buffer.
All users of cm_recv() supply a stack buffer.
On the other hand, the rtadvd control socket appears to only be writable by the
owner, who is probably root.
While here, correct some types to be size_t or ssize_t.
Reported by: Coverity
CID: 1008477
Security: unix socket remotes may overflow stack in rtadvd
Sponsored by: EMC / Isilon Storage Division
working.
- Fix a pointer calculation for padding when multiple dnssl[0-9]
parameters are specified [*].
Reported by: http://bugs.dragonflybsd.org/issues/2847 [*]
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.
Still need to add real targets under targets/ to build packages.
Differential Revision: D2796
Reviewed by: brooks imp
usr.sbin/rtadvd:
usr.sbin/rtadvd/rtadvd.c:1291:7: error: taking the absolute value of unsigned type 'unsigned int' has no effect [-Werror,-Wabsolute-value]
abs(preferred_time - pfx->pfx_pltimeexpire) > rai->rai_clockskew) {
^
usr.sbin/rtadvd/rtadvd.c:1291:7: note: remove the call to 'abs' since unsigned values cannot be negative
abs(preferred_time - pfx->pfx_pltimeexpire) > rai->rai_clockskew) {
^~~
usr.sbin/rtadvd/rtadvd.c:1324:7: error: taking the absolute value of unsigned type 'unsigned int' has no effect [-Werror,-Wabsolute-value]
abs(valid_time - pfx->pfx_vltimeexpire) > rai->rai_clockskew) {
^
usr.sbin/rtadvd/rtadvd.c:1324:7: note: remove the call to 'abs' since unsigned values cannot be negative
abs(valid_time - pfx->pfx_vltimeexpire) > rai->rai_clockskew) {
^~~
2 errors generated.
These warnings occur because both preferred_time and pfx_pltimeexpire
are uint32_t's, so the subtraction expression is also unsigned, and
calling abs() is a no-op.
However, the intention was to look at the absolute difference between
the two unsigned quantities. Introduce a small static function to
clarify what we're doing, and call that instead.
Reviewed by: hrs
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D1197
the prefix to the interface's prefix list. This shouldn't make a
difference, since rtadvd(8) is single-threaded, but I've seen it crash
in delete_prefix() with pfx_rainfo == NULL, and this is the only place
where a prefix can be added to the list with a NULL pfx_rainfo.
MFC after: 3 days
PF_INET6 in kernel. This fixes various malfunction when the wall time
clock is changed. Bump __FreeBSD_version to 1000041.
- Use clock_gettime(CLOCK_MONOTONIC_FAST) in userland utilities.
MFC after: 1 month
clean-up RA messages for shutting down. The RA timers could prevent the rtadvd
daemon from shutting down because ra_output() just ignored !IFF_UP interfaces
and TRANSITIVE->UNCONFIGURED state transition never happened due to it.
Spotted by: kib
Approved by: re (bz)