Commit Graph

1317 Commits

Author SHA1 Message Date
Warner Losh
a163d034fa Back out M_* changes, per decision of the TRB.
Approved by: trb
2003-02-19 05:47:46 +00:00
Sam Leffler
0bbd84e2d0 remove stray debugging printf
Noted by:	Kasper Steensgaard <steensgaard@person.dk>
2003-02-18 06:25:46 +00:00
Maxim Konovalov
27b15c23f8 o Restore an interrupt priority level before return.
Submitted by:	Roman Kurakin <rik@cronyx.ru>
Reviewed by:	joerg
MFC after:	5 days
2003-02-17 13:41:55 +00:00
Poul-Henning Kamp
f341ca9891 Remove #include <sys/dkstat.h> 2003-02-16 14:13:23 +00:00
Peter Wemm
cc8557f550 Do not do an assignment in a truth test (previous commit) or gcc gives a
warning which breaks builds.

cc1: warnings being treated as errors
src/sys/net/bridge.c: In function `bdg_forward':
sys/net/bridge.c:931: warning: suggest parentheses around assignment used as truth value
*** Error code 1
2003-02-12 19:34:34 +00:00
Sam Leffler
ee7785a7f8 PFIL_HOOKS optimization: check if at least one hook is present before
munging the IP header to pass to the hooks
2003-02-11 21:48:20 +00:00
Jeffrey Hsu
8480e03dd7 Make the radix tree code compilable in userland. Requested by ru.
Some style fixes requested by bde.
2003-02-08 01:44:09 +00:00
Poul-Henning Kamp
7f1d66b53a A minor stylistic change to make it more clear to lint-like tools. 2003-02-02 18:15:28 +00:00
Alfred Perlstein
b7f305981e chase more of the MIN/MAX mess. *sigh* 2003-02-02 13:52:25 +00:00
Alfred Perlstein
8deebb0160 Consolidate MIN/MAX macros into one place (param.h).
Submitted by: Hiten Pandya <hiten@unixdaemons.com>
2003-02-02 13:17:30 +00:00
Max Khon
6b58184eb0 - bpf is now working (tested with tcpdump)
- fix promiscious mode

MFC after:	3 days
2003-01-30 15:55:02 +00:00
Poul-Henning Kamp
6ec82c07ac NODEVFS cleanup: unifdef 2003-01-30 13:13:11 +00:00
Jeffrey Hsu
93f798891a Avoid lock order reversal by expanding the scope of the
AF_INET radix tree lock to cover the ARP data structures.
2003-01-28 20:22:19 +00:00
Max Khon
6cdcc15976 - add support for IPX (tested with mount -t nwfs and mars_nwe),
IP fast forwarding, SIOCGIFADDR, setting hardware address (not currently
enabled in cm driver), multicasts (experimental)
- add ARC_MAX_DATA, use IF_HANDOFF, remove arc_sprintf() and some unused
variables
- if_simloop logic is made more similar to ethernet
- drop not ours packets early (if we are not in promiscous mode)

Submitted by:	mark tinguely (partially)
2003-01-24 01:32:20 +00:00
Bill Fenner
b3cca10864 Implement SIOCGIFMEDIA for vlan devices by passing the request to the
parent device, if there is a parent configured.  Modify the result
 returned by the parent to indicate that the only supported media
 is the currently configured one.

Reviewed by:	brooks
2003-01-22 23:30:26 +00:00
Alfred Perlstein
44956c9863 Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.
Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
2003-01-21 08:56:16 +00:00
Sam Leffler
8eab61f3de o add BIOCGDLTLIST and BIOCSDLT ioctls to get the data link type list
and set the link type for use by libpcap and tcpdump
o move mtx unlock in bpfdetach up; it doesn't need to be held so long
o change printf in bpf_detach to distinguish it from the same one in bpfsetdlt

Note there are locking issues here related to ioctl processing; they
have not been addressed here.

Submitted by:	Guy Harris <guy@alum.mit.edu>
Obtained from:	NetBSD (w/ locking modifications)
2003-01-20 19:08:46 +00:00
Sam Leffler
9142ac5760 accept short WEP keys for backward compatibility 2003-01-19 20:13:43 +00:00
Poul-Henning Kamp
7e760e148a Originally when DEVFS was added, a global variable "devfs_present"
was used to control code which were conditional on DEVFS' precense
since this avoided the need for large-scale source pollution with
#include "opt_geom.h"

Now that we approach making DEVFS standard, replace these tests
with an #ifdef to facilitate mechanical removal once DEVFS becomes
non-optional.

No functional change by this commit.
2003-01-19 11:03:07 +00:00
Sam Leffler
024906dc2c fix ioctl handling for setting wep keys 2003-01-19 07:08:03 +00:00
SUZUKI Shinsuke
8d95b0ce40 sync with KAME to simplify rev 1.28's patch (no functional changes)
Obtained from: KAME
Reviewd by: fenner
Approved by: re (jhb)
2003-01-15 20:09:52 +00:00
Sam Leffler
a190a9598f 802.11 link layer support. This code implements the basic 802.11
state machine to provide station and host ap functionality for drivers.

More work will follow to split out the state machine and protocol
support from the ioctl interfaces to ease portability/sharing with
NetBSD and forthcoming ports to other systems.

Reviewed by:	imp
Obtained from:	NetBSD (originally)
2003-01-15 20:01:50 +00:00
Sam Leffler
53d96a08a4 don't reference a pkthdr after M_MOVE_PKTHDR has "remove it"; instead
reference the pkthdr now in the destination of the move

Sponsored by:	Vernier Networks
2003-01-06 21:33:54 +00:00
Bill Fenner
2b0e597682 Fix alignment problems -- the embedded v4 address is guaranteed to
be only 16-bit aligned, so only do byte operations to compare with it.
2003-01-05 14:03:26 +00:00
Jens Schweikhardt
9d5abbddbf Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup,
especially in troff files.
2003-01-01 18:49:04 +00:00
Jens Schweikhardt
d64ada501a Fix typos, mostly s/ an / a / where appropriate and a few s/an/and/
Add FreeBSD Id tag where missing.
2002-12-30 21:18:15 +00:00
Sam Leffler
9967cafc49 Correct mbuf packet header propagation. Previously, packet headers
were sometimes propagated using M_COPY_PKTHDR which actually did
something between a "move" and a  "copy" operation.  This is replaced
by M_MOVE_PKTHDR (which copies the pkthdr contents and "removes" it
from the source mbuf) and m_dup_pkthdr which copies the packet
header contents including any m_tag chain.  This corrects numerous
problems whereby mbuf tags could be lost during packet manipulations.

These changes also introduce arguments to m_tag_copy and m_tag_copy_chain
to specify if the tag copy work should potentially block.  This
introduces an incompatibility with openbsd which we may want to revisit.

Note that move/dup of packet headers does not handle target mbufs
that have a cluster bound to them.  We may want to support this;
for now we watch for it with an assert.

Finally, M_COPYFLAGS was updated to include M_FIRSTFRAG|M_LASTFRAG.

Supported by:	Vernier Networks
Reviewed by:	Robert Watson <rwatson@FreeBSD.org>
2002-12-30 20:22:40 +00:00
Poul-Henning Kamp
c5ec6754d5 Remove cdevw_add() calls, they are deprecated. 2002-12-28 21:40:20 +00:00
Kelly Yancey
e366b8c087 Remove useless local variable from raw_input().
Sponsored by:	NTT Multimedia Communications Labs
MFC after:	3 days
2002-12-28 02:29:19 +00:00
Ian Dowse
03a585553a Oops, I misread the purpose of the NULL check in EH_RESTORE() in
revision 1.62. It was checking for M_PREPEND() failing, not for the
case of a NULL mbuf pointer being supplied to the macro. Back out
that revision, and fix the NULL dereference by not calling EH_RESTORE()
in the case where the mbuf pointer is NULL because the firewall
rejected the packet.
2002-12-27 17:15:16 +00:00
Ian Dowse
bf235b1710 Fix a bug introduced by revision 1.59 that would cause an immediate
NULL dereference if a bridged packet was rejected by ipfw.
2002-12-27 16:27:45 +00:00
Jeffrey Hsu
c919b1e24b Long chain of calls starting with bridge_on(), going through IPv6, and
ending up at ifa_ifwithdstaddr() could lead to a recursive lock of
the ifnet list mutex.
2002-12-27 00:24:35 +00:00
Jeffrey Hsu
7701e15b6b Disable radix node locking for sysctl until we fix the sysctl infrastructure
to not sleep.
2002-12-26 03:35:57 +00:00
Ruslan Ermilov
d68189df30 Typo in function name. 2002-12-25 11:40:53 +00:00
Ruslan Ermilov
94e013f0e6 I'm not sure what was the problem at the time of revision 1.37
when julian@ added it, but the commented out code had at least
one bug -- not freeing the allocated mbuf.

Anyway, this comment no longer applies as of revision 1.67, so
remove it.
2002-12-25 10:55:44 +00:00
Jeffrey Hsu
b2aaf46eae Range-check the address family parameter passed in to the sysctl handler.
Submitted by:	ru
2002-12-25 10:51:20 +00:00
Ruslan Ermilov
42e9e16d2b Revision 1.67 changes correspond to CSRG revision 8.3.1.1 changes. 2002-12-25 10:50:08 +00:00
Ruslan Ermilov
71eba91593 If the caller of rtrequest*(RTM_DELETE, ...) asked for a copy of
the entry being removed (ret_nrt != NULL), increment the entry's
rt_refcnt like we do it for RTM_ADD and RTM_RESOLVE, rather than
messing around with 1->0 transitions for rtfree() all over.
2002-12-25 10:21:02 +00:00
Ruslan Ermilov
053e23428c A month after pst@ has committed his revision 1.8, it was
incorporated by UCB as revision 8.5.  Do a diff reduction.
2002-12-25 09:16:58 +00:00
Jeffrey Hsu
956b0b653c SMP locking for radix nodes. 2002-12-24 03:03:39 +00:00
Ruslan Ermilov
36fea5de60 rn_walktree*() compute the next leaf before applying a function
to current leaves because function may vanish the current node.

If parent RTA_GENMASK route has a clone (a "cloning clone"), an
rn_walktree_from() starting from parent will cause another walk
starting from clone.  If a function is either rt_fixdelete() or
rt_fixchange(), this recursive walk may vanish the leaf that is
remembered by an outer walk (the "next leaf" above), panicing a
system when it resumes with an outer walk.

The following script paniced my single-user mode booted system:

: sysctl net.inet.ip.forwarding=1
: ipfw add 1 allow ip from any to any
: ifconfig lo0 127.1
: route add -net 10 -genmask 255.255.255.0 127.1
: telnet 10.1			# rt_fixchange() panic
: telnet 10.2
: telnet 10.1
: route delete -net 10		# rt_fixdelete() panic

For the time being, avoid these races by disallowing recursive
walks in rt_fixchange() and rt_fixdelete().

Also, make a slight optimization in the rtrequest(RTM_RESOLVE)
case: there is no reason to call rt_fixchange() in this case.

PR:		kern/37606
MFC after:	5 days
2002-12-23 13:12:41 +00:00
Jeffrey Hsu
b30a244c34 SMP locking for ifnet list. 2002-12-22 05:35:03 +00:00
Jeffrey Hsu
12e552d69f Swap the order of a free and a use of an ifaddr structure. 2002-12-20 11:21:07 +00:00
Bosko Milekic
86fea6be59 o Untangle the confusion with the malloc flags {M_WAITOK, M_NOWAIT} and
the mbuf allocator flags {M_TRYWAIT, M_DONTWAIT}.
o Fix a bpf_compat issue where malloc() was defined to just call
  bpf_alloc() and pass the 'canwait' flag(s) along.  It's been changed
  to call bpf_alloc() but pass the corresponding M_TRYWAIT or M_DONTWAIT
  flag (and only one of those two).

Submitted by: Hiten Pandya <hiten@unixdaemons.com> (hiten->commit_count++)
2002-12-19 22:58:27 +00:00
Robert Watson
fe6fb873dc Under some circumstances, the loopback interface will allocate a new
mbuf for a packet looping back to provide alignment guarantees for
KAME.  Unfortunately, this code performs a direct copy of the header
rather than using a header copying primitive (largely because we have
sucky header copying primitives).  This results in a multiple free
of the MAC label in the header when the same label data is freed
twice when the two mbufs with that header are freed.  As a temporary
work-around, clear the initialized flag on the label to prevent the
duplicate free, which prevents panics on large unaligned loopback
IP and IPv6 data.  The real fix is to improve and make use of proper
packet header copying routines here.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-12-18 15:34:17 +00:00
Jeffrey Hsu
68eec1f80c Switch to the conventional reference counting scheme. 2002-12-18 12:41:03 +00:00
Jeffrey Hsu
19fc74fb60 Lock up ifaddr reference counts. 2002-12-18 11:46:59 +00:00
Maxim Sobolev
16199bf2d3 MFS: recognize gre packets used in the WCCP protocol.
Approved by:	re
2002-12-07 14:22:05 +00:00
Luigi Rizzo
97850a5dd9 Move fw_one_pass from ip_fw2.c to ip_input.c so that neither
bridge.c nor if_ethersubr.c depend on IPFIREWALL.
Restore the use of fw_one_pass in if_ethersubr.c

ipfw.8 will be updated with a separate commit.

Approved by: re
2002-11-20 19:07:27 +00:00
Luigi Rizzo
032dcc7680 Back out some style changes. They are not urgent,
I will put them back in after 5.0 is out.

Requested by: sam
Approved by: re
2002-11-20 19:00:54 +00:00
Sam Leffler
e5562bee60 correct function declarations of stubs used for building w/o device bpf 2002-11-19 02:50:46 +00:00
Luigi Rizzo
6c6cc282a7 Replace m_copy() with m_copypacket() where applicable.
Replace 0 with NULL where appropriate.
Fix indentation and function headers.
2002-11-17 18:14:04 +00:00
Luigi Rizzo
a9897b2662 Fix function headers, remove 'register' from variable declarations. 2002-11-17 18:13:02 +00:00
Luigi Rizzo
bbb4330b61 Massive cleanup of the ip_mroute code.
No functional changes, but:

  + the mrouting module now should behave the same as the compiled-in
    version (it did not before, some of the rsvp code was not loaded
    properly);
  + netinet/ip_mroute.c is now truly optional;
  + removed some redundant/unused code;
  + changed many instances of '0' to NULL and INADDR_ANY as appropriate;
  + removed several static variables to make the code more SMP-friendly;
  + fixed some minor bugs in the mrouting code (mostly, incorrect return
    values from functions).

This commit is also a prerequisite to the addition of support for PIM,
which i would like to put in before DP2 (it does not change any of
the existing APIs, anyways).

Note, in the process we found out that some device drivers fail to
properly handle changes in IFF_ALLMULTI, leading to interesting
behaviour when a multicast router is started. This bug is not
corrected by this commit, and will be fixed with a separate commit.

Detailed changes:
--------------------
netinet/ip_mroute.c     all the above.
conf/files              make ip_mroute.c optional
net/route.c             fix mrt_ioctl hook
netinet/ip_input.c      fix ip_mforward hook, move rsvp_input() here
                        together with other rsvp code, and a couple
                        of indentation fixes.
netinet/ip_output.c     fix ip_mforward and ip_mcast_src hooks
netinet/ip_var.h        rsvp function hooks
netinet/raw_ip.c        hooks for mrouting and rsvp functions, plus
                        interface cleanup.
netinet/ip_mroute.h     remove an unused and optional field from a struct

Most of the code is from Pavlin Radoslavov and the XORP project

Reviewed by: sam
MFC after: 1 week
2002-11-15 22:53:53 +00:00
Sam Leffler
0f43e1aada Back out rev 1.150; things are more complicated than this. 2002-11-15 18:42:10 +00:00
Sam Leffler
10ed96fd9c if_attach should not sleep; change malloc's M_WAITOK to M_NOWAIT 2002-11-15 18:35:41 +00:00
Sam Leffler
6fc32a2495 network interface and link layer changes:
o on input don't strip the Ethernet header from packets
o input packet handling is now done with if_input
o track changes to ether_ifattach/ether_ifdetach API
o track changes to bpf tapping
o call ether_ioctl for default handling of ioctl's
o use constants from net/ethernet.h where possible

Reviewed by:	many
Approved by:	re
2002-11-15 00:00:15 +00:00
Sam Leffler
2f907a97c7 track changes to ethernet input handling to no longer strip the Ethernet header
Reviewed by:	many
Approved by:	re
2002-11-14 23:57:09 +00:00
Sam Leffler
a3814acf84 o eliminate separate callback interface for h/w tagged input packets; instead
drivers "tag packets" with an m_tag and the input packet handling recognizes
  such packets and does the right thing
o track the number of active vlans on an interface; this lets lots of places
  only do vlan-specific processing when needed
o track changes to ether_ifdetach/ether_ifattach
o track bpf changes
o eliminate the use of M_PROTO1 for communicating to drivers about tagged
  packets
o eliminate the use of IFF_LINK0 for drivers communicating to the vlan code
  that they support h/w tagging; replaced by explicit interface capabilities
o add ifnet capabilities for h/w tagging and support of "large mtu's"
o use new interface capabilities to auto-configure use of large mtu's and h/w
  tagging
o add support for proper handling of promiscuous mode
o document driver/vlan communication conventions

Reviewed by:	many
Approved by:	re
2002-11-14 23:43:16 +00:00
Sam Leffler
76cfd3001b o add if_nvlans member to track the number of vlans active on an interface
o add if_input member for interface drivers to call through to pass packets "up"
o remove ethernet-specific function decls (moved to ethernet.h)

Reviewed by:	many
Approved by:	re
2002-11-14 23:36:28 +00:00
Sam Leffler
c1d93b0588 o change input packet handling to eliminate the pointer to the struct
ether_header; instead drivers are to leave the Ethernet header at the
  front of the packet
o add declarations for netgraph and vlan hooks that were removed from ethernet.h
o change various in-file calling conventions to track change in input API
o fixup bridge support to handle Ethernet header no longer being stripped
o add consistency checks to ether_input to catch problems with the change
  in the API; some of these may want to be moved to #ifdef DIAGNOSTIC at a
  later time (though they are not too expensive to leave as is)
o change ether_demux to eliminate the passing of the Ethernet header; it is
  now expected at the front of the packet a la ether_input
o add ether_sprintf compatibility shim
o change ether_ifattach API to remove "bpf supported param" and add a pointer
  to the MAC address to be installed for the LL address (this is for future
  changes to divest struct arpcom from struct ifnet)
o change ether_ifdetach API to remove "bpf support param"

Reviewed by:	many
Approved by:	re
2002-11-14 23:35:06 +00:00
Sam Leffler
eef6f89728 general cleanups mostly aimed at improving portability of drivers
o ETHER_* (ETHER_ALIGN, ETHER_MAX_FRAME, ETHER_CRC_LEN, etc.)
o M_HASFCS for drivers to indicate packets include FCS
o remove global declarations for ng_ether* and vlan_* since these
  represent a private contract between the if_ethersubr.c code and
  certain parts of the system that should not normally be abused
o add ether_* declarations that were elsewhere
o remove ETHER_BPF_* since they are no longer used with the parameter
  no longer passed to ether_ifattach and ether_ifdetach

Reviewed by:	many
Approved by:	re
2002-11-14 23:28:47 +00:00
Sam Leffler
24a229f466 o add support for multiple link types per interface (e.g. 802.11 and Ethernet)
o introduce BPF_TAP and BPF_MTAP macros to hide implementation details and
  ease code portability
o use m_getcl where appropriate

Reviewed by:	many
Approved by:	re
Obtained from:	NetBSD (multiple link type support)
2002-11-14 23:24:13 +00:00
Sam Leffler
bb68f0af5e o add IF_*bps macros for netbsd compatibility
o add interface capabilities for vlan use and to signal jumbo frame support

Reviewed by:	many
Approved by:	re
2002-11-14 23:16:18 +00:00
Alfred Perlstein
29f194457c Fix instances of macros with improperly parenthasized arguments.
Verified by: md5
2002-11-09 12:55:07 +00:00
John Baldwin
a92833983a Add a cast to quiet a warning. 2002-11-07 22:49:15 +00:00
Hidetoshi Shimokawa
6fe6a00661 Don't check IFF_RUNNING in previous change.
The flag is sometimes unset if the interface has IPv6 link-local
address only.
2002-10-25 17:31:03 +00:00
Hidetoshi Shimokawa
3983050934 Don't send/recieve packets when the interface is down. 2002-10-23 15:16:37 +00:00
Brooks Davis
8e9dc28535 Use if_printf(ifp, "blah") instead of printf("ppp%d: blah", ifp->if_unit). 2002-10-21 03:41:58 +00:00
Brooks Davis
28a1a7c6cc Use if_printf(ifp, "blah") instead of printf("vlan%d: blah", ifp->if_unit). 2002-10-21 03:40:30 +00:00
Brooks Davis
63dd8be938 Use if_printf(ifp, "blah") instead of printf("sl%d: blah", sc->sc_if.if_unit). 2002-10-21 03:35:25 +00:00
Brooks Davis
29e1b85f97 Use if_printf(ifp, "blah") instead of
printf("%s%d: blah", ifp->if_name, ifp->if_xname).
2002-10-21 02:51:56 +00:00
Robert Watson
6b459e4956 When packets pass in and out of six-to-four (STF) tunnels, perform
labeling checks and operations as with other network interfaces.
Eventually, if it proves desirable, we might want to offer special
casing of this or other tunnel interfaces where we have an existing
label of interest, rather than treating it as though it's an
entirely fresh mbuf in the incoming/outgoing encapsulation directions.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-20 22:39:55 +00:00
Poul-Henning Kamp
33f9080f82 We have mem{cpy,cmp,set} functions in the kernel, don't #define them to
b{copy,zero,cmp} functions anymore.

Spotted by:	FlexeLint.
2002-10-20 22:35:20 +00:00
Robert Watson
4141b621ac When a packet is sent via a FDDI interface, perform appropriate MAC
transmission checks; when it is received, label the packet appropriately.
Although we don't have a local FDDI setup to test this with, the
labeling and checks are identical to other interface classes.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-20 22:27:59 +00:00
Robert Watson
9476111d3a When a packet is destined for delivery via an ATM medium, perform
appropriate interface transmission checks and delivery labeling.  While
we don't have a local ATM configuration, this code is almost identical
to all other interface classes.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-20 22:20:48 +00:00
Poul-Henning Kamp
083019ba97 Don't us an array[1], it just hides where '&' isn't used right.
Be consistent about functions being static.

Verified by:	md5 hash of generated .o file.
2002-10-20 20:53:42 +00:00
Hajimu UMEMOTO
b6e2845324 last arg of in6?_gif_output() is not used any more.
Obtained from:	KAME
MFC after:	3 weeks
2002-10-17 17:47:55 +00:00
Hajimu UMEMOTO
3bb61ca669 - drop too short IPv6 frame
- NULL != 0

Obtained from:	KAME
MFC after:	3 weeks
2002-10-17 17:42:46 +00:00
Hajimu UMEMOTO
21fb391fdb s/gifp/ifp/
Obtained from:	KAME
MFC after:	3 weeks
2002-10-17 17:39:56 +00:00
Alfred Perlstein
9ee35470c9 de-__P() 2002-10-16 22:26:32 +00:00
Hajimu UMEMOTO
9426aedf7f - after gif_set_tunnel(), psrc/pdst may be null. set IFF_RUNNING accordingly.
- set IFF_UP on SIOCSIFADDR.  be consistent with others.
- set if_addrlen explicitly (just in case)
- multi destination mode is long gone.
- missing break statement
- add gif_set_tunnel(), so that we can set tunnel address from within the
  kernel at ease.
- encap_attach/detach dynamically on ioctls
- move encap_attach() to dedicated function in in*_gif.c

Obtained from:	KAME
MFC after:	3 weeks
2002-10-16 19:49:37 +00:00
Poul-Henning Kamp
08b29601a0 Be consistent about functions being static.
Spotted by:	FlexeLint
2002-10-16 10:45:53 +00:00
Poul-Henning Kamp
c694310048 FIx misindentation.
Spotted by:	FlexeLint.
2002-10-16 09:00:53 +00:00
Sam Leffler
c919ec4b66 add definitions for RIPEMD-160 HMAC and Skipjack encryption algorithms,
for use by "Fast IPsec"
2002-10-16 02:18:56 +00:00
Sam Leffler
5d84645305 Replace aux mbufs with packet tags:
o instead of a list of mbufs use a list of m_tag structures a la openbsd
o for netgraph et. al. extend the stock openbsd m_tag to include a 32-bit
  ABI/module number cookie
o for openbsd compatibility define a well-known cookie MTAG_ABI_COMPAT and
  use this in defining openbsd-compatible m_tag_find and m_tag_get routines
o rewrite KAME use of aux mbufs in terms of packet tags
o eliminate the most heavily used aux mbufs by adding an additional struct
  inpcb parameter to ip_output and ip6_output to allow the IPsec code to
  locate the security policy to apply to outbound packets
o bump __FreeBSD_version so code can be conditionalized
o fixup ipfilter's call to ip_output based on __FreeBSD_version

Reviewed by:	julian, luigi (silent), -arch, -net, darren
Approved by:	julian, silence from everyone else
Obtained from:	openbsd (mostly)
MFC after:	1 month
2002-10-16 01:54:46 +00:00
Hajimu UMEMOTO
3a3b49aaff Correct the definitions of SADB_* to be compatible with
RFC2407/IANA assignment.  This change breaks binary
compatibility.  So, you need to recompile IPsec related
applications.
2002-10-15 20:59:56 +00:00
Crist J. Clark
232a880278 Unconditionally restore the pointer to the saved Ethernet header after
going to bridge.c:bdg_forward(). The header can be munged even if the
mbuf does not /appear/ to change.

PR:		kern/42465
MFC after:	4 days
2002-10-14 05:27:00 +00:00
Maxime Henrion
1f6973c5b4 When reusing a pointer as a number, at least cast it
to uintptr_t rather than u_int to avoid warnings on
64 bits architectures.
2002-10-06 14:02:35 +00:00
Don Lewis
91e97a8266 In an SMP environment post-Giant it is no longer safe to blindly
dereference the struct sigio pointer without any locking.  Change
fgetown() to take a reference to the pointer instead of a copy of the
pointer and call SIGIO_LOCK() before copying the pointer and
dereferencing it.

Reviewed by:	rwatson
2002-10-03 02:13:00 +00:00
Maxim Sobolev
748bb23dcc Since bpf is no longer an optional component, remove associated ifdef's.
Submitted by:	don't quite remember - the name of the sender disappeared
		with the rest of my inbox. :(
2002-10-02 09:38:17 +00:00
Mike Barcroft
edfcad955c style(9):
o Align members of struct if_nameindex.
o Align and sort function prototypes.
2002-10-02 07:55:33 +00:00
Mike Barcroft
f2ba8326cd Use standards visibility conditionals to conditionalize most of this
header (details on how the visibility conditionals work are available
in <sys/cdefs.h>).  Use standard types instead of BSD specific ones,
so that this header compiles in the standards case (specifically this
means changing `u_int' to `unsigned int').
2002-10-02 07:44:50 +00:00
Poul-Henning Kamp
8d3574c7a4 Fix some harmless mis-indents.
Spotted by:	FlexeLint
2002-10-01 15:48:31 +00:00
Bruce Evans
a7f6243009 Fixed some of the namespace pollution in rev.1.33. <sys/systm.h> was
included here because it was once a prerequisite of <sys/mutex.h>
although that bug was fixed long ago.
2002-09-29 12:09:08 +00:00
Poul-Henning Kamp
37c841831f Be consistent about "static" functions: if the function is marked
static in its prototype, mark it static at the definition too.

Inspired by:    FlexeLint warning #512
2002-09-28 17:15:38 +00:00
Poul-Henning Kamp
7b83124255 Don't return(foo(bla)) when foo returns void. 2002-09-28 14:03:27 +00:00
Poul-Henning Kamp
afbe3a0f81 Add the "Monitor" interface flag.
Setting this flag on an ethernet interface blocks transmission of packets
and discards incoming packets after BPF processing.

This is useful if you want to monitor network trafic but not interact
with the network in question.

Sponsored by:	http://www.babeltech.dk
2002-09-27 18:57:47 +00:00
Poul-Henning Kamp
a6ddbff039 Be a bit more technical:
Technically junk may have low entropy.
2002-09-26 14:01:50 +00:00
Maxim Sobolev
9c0d6e4c6d Revert 1.27, as it breaks IPv6 over IPv4 tunnels.
Submitted by:	Mark Huizer <xaa@timewasters.nl>, ume
2002-09-26 07:22:29 +00:00
Brooks Davis
06204d34a8 Convert most printf()s to if_printf()s. 2002-09-24 17:37:32 +00:00
Brooks Davis
fa882e87a5 Add a new helper function if_printf() modeled on device_printf(). The
function takes a struct ifnet pointer followed by the usual printf
arguments and prints "<interfacename>: " before the results of printf.
Since this is the primary form of printf calls in network device drivers
and accounts for most uses of the ifnet menber if_unit, this
significantly simplifies many printf()s.
2002-09-24 17:35:08 +00:00
Alfred Perlstein
744ae3e66a use __packed/__aligned rather than GCC-specific __attribute__. 2002-09-23 06:35:33 +00:00
Alfred Perlstein
ebc82cbbf0 s/__attribute__((__packed__))/__packed/g 2002-09-23 06:25:08 +00:00
Jake Burkholder
e3b6e33c07 Moved netisr code from kern/kern_intr.c to net/netisr.c as threatened in a
comment.
2002-09-22 05:56:41 +00:00
Robert Watson
0c7fb5347c Insert a missing call to MAC protection check for delivering an
mbuf to a bpf device.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
Submitted by:	phk
2002-09-21 00:59:56 +00:00
Hajimu UMEMOTO
a62f34e3c4 mistakenly set IFF_UP by SIOCSIFPHYADDR.
Obtained from:	KAME
2002-09-20 18:21:46 +00:00
Poul-Henning Kamp
2201e1b039 Optimize the way we call BPF a tiny bit: If we chop the ether-header off
ourselves, call bpf before we do so, rather than re-construct the entire
thing afterwards.

Sponsored:	http://www.babeltech.dk/
2002-09-18 19:50:48 +00:00
Poul-Henning Kamp
f0e2422b1b Use m_length() instead of home-rolled.
In bpf_mtap(), if the entire packet is in one mbuf, call bpf_tap()
instead since it is a tad faster.

Sponsored by:	http://www.babeltech.dk/
2002-09-18 19:48:59 +00:00
Poul-Henning Kamp
7ed60de837 Use m_length() instead of home-rolled versions. 2002-09-18 19:44:14 +00:00
Hajimu UMEMOTO
f26b2d5bf2 - increment interface output counter. sync w/ netbsd-current
- increase if_oerrors.  sync w/netbsd

Obtained from:	KAME
2002-09-17 14:25:19 +00:00
Maxim Sobolev
563a9b6ecb Remove __RCSID().
Submitted by:	bde
2002-09-17 11:31:41 +00:00
Hajimu UMEMOTO
ce9d7b2f1a - reject SIOCSIFADDR if embedded address is in private address range
- reject packets from private address range.  from hitachi

Obtained from:	KAME
2002-09-17 10:45:51 +00:00
Bruce Evans
127686220a Include include "opt_atalk.h" so that the NETATALK support can work.
Removed unused includes.

Removed used includes of <sys/queue.h> and <sys/time.h>, since these are
standard pollution (especially the latter).

Reviewed by:	sobomax
2002-09-16 10:10:18 +00:00
Bruce Evans
1b861caae0 Include <sys/systm.h> instead of depending on namespace pollution 2
layers deep in <sys/malloc.h> or 1 layer deep in <net/if_var.h>.
2002-09-15 13:54:12 +00:00
Maxim Sobolev
f013345497 Restore original behaviour of recursion preventer.
Submitted by:   sumikawa
2002-09-13 06:24:27 +00:00
David E. O'Brien
5908354455 Fix the GENERIC build. Don't refer to the non-existant fw_one_pass. 2002-09-12 15:36:13 +00:00
Luigi Rizzo
015d72e0c9 Make bridging and layer2-ipfw obey net.inet.ip.fw.one_pass.
I should have committed this ages ago.

The MFC for if_ethersubr.c could be done in the usual few days (only
ipfw2 uses it), the one for bridge.c should probably wait until
after 4.7 because it changes an existing though mostly undocumented
behaviour (on which i hope nobody relies). All in all, i'll wait for
both things unless there is demand.

MFC after: 35 days
2002-09-12 01:05:46 +00:00
Maxim Sobolev
565bb857d0 Since from now on encap_input() also catches IPPROTO_MOBILE and IPPROTO_GRE
packets in addition to IPPROTO_IPV4 and IPPROTO_IPV6, explicitly specify
IPPROTO_IPV4 or IPPROTO_IPV6 instead of -1 when calling encap_attach().

MFC after:	28 days
		(along with other if_gre changes)
2002-09-09 09:36:47 +00:00
Maxim Sobolev
ccd6d236b8 Prevent namespace pollution in use-land by putting everything used only in
kernel (softc and such) under #ifdef _KERNEL.

Submitted by:   bde
2002-09-09 08:25:00 +00:00
Maxim Sobolev
7c2ffa8911 Remove #include <netinet/ip.h>.
Submitted by:	bde
2002-09-07 12:22:17 +00:00
Maxim Sobolev
af7027033d Include <netinet/ip.h> to unbreak kdump. I don't know why does kdump
includes if_gre.h at all, but it does, without including ip.h before
that.

Poked by:	peter
Pointy hat to:	kdump(1)
2002-09-06 21:58:57 +00:00
Maxim Sobolev
c23d234cce Reduce namespace pollution by staticizing everything, which doesn't need to
be visible from outside of the module.
2002-09-06 18:16:03 +00:00
Maxim Sobolev
8e96e13e6a Add a new gre(4) driver, which could be used to create GRE (RFC1701)
and MOBILE (RFC2004) IP tunnels.

Obrained from:  NetBSD
2002-09-06 17:12:50 +00:00
Maxim Sobolev
d04c7d51be Add more ethernet types and move AppleTalk types into proper location.
Obtained from:  NetBSD (syssrc/sys/net/ethertypes.h, rev.1.13)
2002-09-06 17:02:29 +00:00
Maxim Sobolev
070dba1cfe Make recursion prevention variable per-instance and remove XXX comment
about thread-unsafety.

MFC after:	2 weeks
2002-09-05 15:35:38 +00:00
Maxim Sobolev
25faf49d12 Fix a silly typo in user-setable promisc mode code.
Pointed out by:	Yann Berthier <yb@sainte-barbe.org>
MFC after:	1 day
2002-08-30 13:37:13 +00:00
Maxim Sobolev
9717c34cf8 Add IFF_POLLING into the list of flags which are protected from changing via
ioctl(SIOCSIFFLAGS).

MFC after:	1 day
2002-08-28 15:55:49 +00:00
Philippe Charnier
93b0017f88 Replace various spelling with FALLTHROUGH which is lint()able 2002-08-25 13:23:09 +00:00
Archie Cobbs
4a6a94d8d8 Replace (ab)uses of "NULL" where "0" is really meant. 2002-08-22 21:24:01 +00:00
Brooks Davis
51e2390d61 Fix a couple of bogus return values in previous commit.
Submitted by:	"Vladimir B. " Grebenschikov <vova@sw.ru>
Pointy hat to:	brooks
2002-08-19 19:22:41 +00:00
Juli Mallett
6e82956c21 Clean up a comment talking about C strings, which are terminated with the
ASCII NUL character (0, or '\0' in C).
2002-08-19 17:20:03 +00:00
Maxim Sobolev
ffb079be0c Implement user-setable promiscuous mode (a new `promisc' flag for ifconfig(8)).
Also, for all interfaces in this mode pass all ethernet frames to upper layer,
even those not addressed to our own MAC, which allows packets encapsulated
in those frames be processed with packet filters (ipfw(8) et al).

Emphatically requested by:	Anton Turygin <pa3op@ukr-link.net>
Valuable suggestions by:	fenner
2002-08-19 15:16:38 +00:00
Maxim Sobolev
62f7648682 Increase size of ifnet.if_flags from 16 bits (short) to 32 bits (int). To avoid
breaking application ABI use unused ifreq.ifru_flags[1] for upper 16 bits in
SIOCSIFFLAGS and SIOCGIFFLAGS ioctl's.

Reviewed by:	-hackers, -net
2002-08-18 07:05:00 +00:00
Robert Watson
909610a5c1 Move mac.h include to match the MAC tree location. Both locations
are about equally as alphabetized.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-15 19:02:17 +00:00
Robert Watson
c44d84056d Move to nested include of _label.h instead of mac.h, reducing namespace
pollution.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
Suggested by:	bde
2002-08-14 01:37:22 +00:00
Robert Watson
e0852ce2de Correct error handling during MAC transmission check for if_gif.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 16:08:23 +00:00
Brooks Davis
05c872ad62 Make ppp(4) devices clonable and unloadable. 2002-08-09 15:30:48 +00:00
Luigi Rizzo
c939f1aee7 Extend the interface to ether_input(): a NULL eh pointer means that
the mbuf contains the ethernet header (eh) as well, which ether_input()
will strip off as needed.

This permits the removal (in a backward compatible way) of the
header removal code which right now is replicated in all drivers,
sometimes in an inconsistent way. Also, because many functions
called after ether_input() require the eh in the mbuf, eventually
we can propagate the interface and handle outdated drivers just
in ether_input().

Individual driver changes to use the new interface will follow as
we have a chance to touch them.

NOTE THAT THIS CHANGE IS FULLY BACKWARD COMPATIBLE AND DOES NOT BREAK
BINARY COMPATIBILITY FOR DRIVERS.

MFC after: 3 days
2002-08-04 23:55:06 +00:00
Robert Watson
8f293a63ce Introduce support for Mandatory Access Control and extensible
kernel access control.

Introduce two ioctls, SIOCGIFMAC, SIOCSIFMAC, which permit user
processes to manage the MAC labels on network interfaces.  Note
that this is part of the user process API/ABI that will be revised
prior to 5.0-RELEASE.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 21:15:53 +00:00
Robert Watson
64c2d84570 Introduce support for Mandatory Access Control and extensible
kernel access control.

Add MAC support for if_ppp.  Label packets as they are removed from
the raw PPP mbuf queue.  Preserve the mbuf MAC label across various
PPP data-munging and reconstitution operations.  Perform access
control checks on mbufs to be transmitted via the interface.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 21:13:47 +00:00
Robert Watson
10722b852b Introduce support for Mandatory Access Control and extensible
kernel access control.

Label packets generated by the gif virtual interface.

Perform access control on packets delivered to gif virtual interfaces.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 21:00:05 +00:00
Robert Watson
3afe533f4f Introduce support for Mandatory Access Control and extensible
kernel access control.

Label mbufs received via kernel tunnel device interfaces by invoking
appropriate MAC framework entry points.

Perform access control checks on out-going mbufs delivered via tunnel
interfaces by invoking appropriate MAC entry points:

NOTE: Currently the label for a tunnel interface is not derived from
the label of the process that opened the tunnel interface.  It
probably should be.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-07-31 16:23:42 +00:00
Robert Watson
43b2936963 Introduce support for Mandatory Access Control and extensible
kernel access control.

Label mbufs received via ethernet-based interfaces by invoking
appropriate MAC framework entry points.

Perform access control checks on out-going mbufs delivered via
ethernet-based interfaces by invoking appropriate MAC entry
points.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-07-31 16:22:02 +00:00
Robert Watson
e70cd26366 Introduce support for Mandatory Access Control and extensible
kernel access control.

Instrument the interface management code so that MAC labels are
properly maintained on network interfaces (struct ifnet).  In
particular, invoke entry points when interfaces are created and
removed.  MAC policies may initialized the label interface based
on a variety of factors, including the interface name.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-07-31 16:16:03 +00:00
Robert Watson
36c4f2b0d8 Introduce support for Mandatory Access Control and extensible
kernel access control.

When decompressing data from one mbuf into another mbuf, preserve the
mbuf label by copying it to the new mbuf.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-07-31 16:13:13 +00:00
Robert Watson
ec272d8708 Introduce support for Mandatory Access Control and extensible
kernel access control.

Invoke a MAC framework entry point to authorize reception of an
incoming mbuf by the BPF descriptor, permitting MAC policies to
limit the visibility of packets delivered to particular BPF
descriptors.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-07-31 16:11:32 +00:00
Robert Watson
82f4445d4c Introduce support for Mandatory Access Control and extensible
kernel access control.

Instrument BPF so that MAC labels are properly maintained on BPF
descriptors.  MAC framework entry points are invoked at BPF
instantiation and allocation, permitting the MAC framework to
derive the BPF descriptor label from the credential authorizing
the device open.  Also enter the MAC framework to label mbufs
created using the BPF device.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-07-31 16:09:38 +00:00
Robert Watson
19930ae546 Introduce support for Mandatory Access Control and extensible
kernel access control.

Label network interface structures, permitting security features to
be maintained on those objects.  if_label will be used to authorize
data flow using the network interface.  if_label will be protected
using the same synchronization primitives as other mutable entries
in struct ifnet.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-07-30 23:06:07 +00:00
Robert Watson
39bd868cc3 Introduce support for Mandatory Access Control and extensible
kernel access control.

Label BPF descriptor objects, permitting security features to be
maintained on those objects.  bd_label will be used to authorize
data flow from network interfaces to user processes.  BPF
labels are protected using the same synchronization model as other
mutable data in the BPF descriptor.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-07-30 23:03:29 +00:00
Robert Watson
4a583fd480 Slight whitespace cleanup. Whitespace sync to MAC tree. 2002-07-27 19:53:02 +00:00
Kelly Yancey
03d5516f44 Add some additional 802.11 media definitions.
Reviewed by:	imp
2002-07-14 21:58:19 +00:00
Luigi Rizzo
c4ddb6caf5 Remove 0 initializers for global/static variables, so they end up in
BSS instead of DATA. This marginally reduces the kernel image size, though
the difference is almost irrelevant for compressed kernels.
2002-07-07 22:42:57 +00:00
Peter Wemm
a5ac5be2e6 Turn on BPF_ALIGN for all non-i386 platforms, instead of having an
ifdef list that currently lists all the non-i386 platforms that bpf
currently works on.
2002-07-05 00:06:08 +00:00
Maxim Konovalov
0e37791701 Remove trailing whitespaces.
Approved by:	luigi
2002-07-03 11:04:17 +00:00
Maxim Konovalov
b4eabccf51 o Strict interface names comparison. The old code assumed "fxp1" == "fxp11".
o Use an appropriate constant for interface name buffer.

Reviewed by:	luigi
Approved by:	luigi
MFC after:	1 month
2002-07-03 11:00:55 +00:00
Jonathan Mini
13990766ef Check retifma for NULL before using it.
PR:		kern/9391
Submitted by:	Assar Westerlund <assar@sics.se>
MFC after:	3 days
2002-07-02 08:23:00 +00:00
Luigi Rizzo
9961e27d73 Remove one useless variable. 2002-06-30 08:02:38 +00:00
Kenneth D. Merry
98cb733c67 At long last, commit the zero copy sockets code.
MAKEDEV:	Add MAKEDEV glue for the ti(4) device nodes.

ti.4:		Update the ti(4) man page to include information on the
		TI_JUMBO_HDRSPLIT and TI_PRIVATE_JUMBOS kernel options,
		and also include information about the new character
		device interface and the associated ioctls.

man9/Makefile:	Add jumbo.9 and zero_copy.9 man pages and associated
		links.

jumbo.9:	New man page describing the jumbo buffer allocator
		interface and operation.

zero_copy.9:	New man page describing the general characteristics of
		the zero copy send and receive code, and what an
		application author should do to take advantage of the
		zero copy functionality.

NOTES:		Add entries for ZERO_COPY_SOCKETS, TI_PRIVATE_JUMBOS,
		TI_JUMBO_HDRSPLIT, MSIZE, and MCLSHIFT.

conf/files:	Add uipc_jumbo.c and uipc_cow.c.

conf/options:	Add the 5 options mentioned above.

kern_subr.c:	Receive side zero copy implementation.  This takes
		"disposable" pages attached to an mbuf, gives them to
		a user process, and then recycles the user's page.
		This is only active when ZERO_COPY_SOCKETS is turned on
		and the kern.ipc.zero_copy.receive sysctl variable is
		set to 1.

uipc_cow.c:	Send side zero copy functions.  Takes a page written
		by the user and maps it copy on write and assigns it
		kernel virtual address space.  Removes copy on write
		mapping once the buffer has been freed by the network
		stack.

uipc_jumbo.c:	Jumbo disposable page allocator code.  This allocates
		(optionally) disposable pages for network drivers that
		want to give the user the option of doing zero copy
		receive.

uipc_socket.c:	Add kern.ipc.zero_copy.{send,receive} sysctls that are
		enabled if ZERO_COPY_SOCKETS is turned on.

		Add zero copy send support to sosend() -- pages get
		mapped into the kernel instead of getting copied if
		they meet size and alignment restrictions.

uipc_syscalls.c:Un-staticize some of the sf* functions so that they
		can be used elsewhere.  (uipc_cow.c)

if_media.c:	In the SIOCGIFMEDIA ioctl in ifmedia_ioctl(), avoid
		calling malloc() with M_WAITOK.  Return an error if
		the M_NOWAIT malloc fails.

		The ti(4) driver and the wi(4) driver, at least, call
		this with a mutex held.  This causes witness warnings
		for 'ifconfig -a' with a wi(4) or ti(4) board in the
		system.  (I've only verified for ti(4)).

ip_output.c:	Fragment large datagrams so that each segment contains
		a multiple of PAGE_SIZE amount of data plus headers.
		This allows the receiver to potentially do page
		flipping on receives.

if_ti.c:	Add zero copy receive support to the ti(4) driver.  If
		TI_PRIVATE_JUMBOS is not defined, it now uses the
		jumbo(9) buffer allocator for jumbo receive buffers.

		Add a new character device interface for the ti(4)
		driver for the new debugging interface.  This allows
		(a patched version of) gdb to talk to the Tigon board
		and debug the firmware.  There are also a few additional
		debugging ioctls available through this interface.

		Add header splitting support to the ti(4) driver.

		Tweak some of the default interrupt coalescing
		parameters to more useful defaults.

		Add hooks for supporting transmit flow control, but
		leave it turned off with a comment describing why it
		is turned off.

if_tireg.h:	Change the firmware rev to 12.4.11, since we're really
		at 12.4.11 plus fixes from 12.4.13.

		Add defines needed for debugging.

		Remove the ti_stats structure, it is now defined in
		sys/tiio.h.

ti_fw.h:	12.4.11 firmware.

ti_fw2.h:	12.4.11 firmware, plus selected fixes from 12.4.13,
		and my header splitting patches.  Revision 12.4.13
		doesn't handle 10/100 negotiation properly.  (This
		firmware is the same as what was in the tree previously,
		with the addition of header splitting support.)

sys/jumbo.h:	Jumbo buffer allocator interface.

sys/mbuf.h:	Add a new external mbuf type, EXT_DISPOSABLE, to
		indicate that the payload buffer can be thrown away /
		flipped to a userland process.

socketvar.h:	Add prototype for socow_setup.

tiio.h:		ioctl interface to the character portion of the ti(4)
		driver, plus associated structure/type definitions.

uio.h:		Change prototype for uiomoveco() so that we'll know
		whether the source page is disposable.

ufs_readwrite.c:Update for new prototype of uiomoveco().

vm_fault.c:	In vm_fault(), check to see whether we need to do a page
		based copy on write fault.

vm_object.c:	Add a new function, vm_object_allocate_wait().  This
		does the same thing that vm_object allocate does, except
		that it gives the caller the opportunity to specify whether
		it should wait on the uma_zalloc() of the object structre.

		This allows vm objects to be allocated while holding a
		mutex.  (Without generating WITNESS warnings.)

		vm_object_allocate() is implemented as a call to
		vm_object_allocate_wait() with the malloc flag set to
		M_WAITOK.

vm_object.h:	Add prototype for vm_object_allocate_wait().

vm_page.c:	Add page-based copy on write setup, clear and fault
		routines.

vm_page.h:	Add page based COW function prototypes and variable in
		the vm_page structure.

Many thanks to Drew Gallatin, who wrote the zero copy send and receive
code, and to all the other folks who have tested and reviewed this code
over the years.
2002-06-26 03:37:47 +00:00
Warner Losh
039e0899d2 Add kernel print bits #define for the IEEE80211_CAPINFO bits. 2002-06-24 04:40:12 +00:00
Luigi Rizzo
2f8ebbf49f fix indentation, whitespace and a few comments. 2002-06-23 11:19:53 +00:00
Luigi Rizzo
2b25acc158 Remove (almost all) global variables that were used to hold
packet forwarding state ("annotations") during ip processing.
The code is considerably cleaner now.

The variables removed by this change are:

        ip_divert_cookie        used by divert sockets
        ip_fw_fwd_addr          used for transparent ip redirection
        last_pkt                used by dynamic pipes in dummynet

Removal of the first two has been done by carrying the annotations
into volatile structs prepended to the mbuf chains, and adding
appropriate code to add/remove annotations in the routines which
make use of them, i.e. ip_input(), ip_output(), tcp_input(),
bdg_forward(), ether_demux(), ether_output_frame(), div_output().

On passing, remove a bug in divert handling of fragmented packet.
Now it is the fragment at offset 0 which sets the divert status of
the whole packet, whereas formerly it was the last incoming fragment
to decide.

Removal of last_pkt required a change in the interface of ip_fw_chk()
and dummynet_io(). On passing, use the same mechanism for dummynet
annotations and for divert/forward annotations.

option IPFIREWALL_FORWARD is effectively useless, the code to
implement it is very small and is now in by default to avoid the
obfuscation of conditionally compiled code.

NOTES:
 * there is at least one global variable left, sro_fwd, in ip_output().
   I am not sure if/how this can be removed.

 * I have deliberately avoided gratuitous style changes in this commit
   to avoid cluttering the diffs. Minor stule cleanup will likely be
   necessary

 * this commit only focused on the IP layer. I am sure there is a
   number of global variables used in the TCP and maybe UDP stack.

 * despite the number of files touched, there are absolutely no API's
   or data structures changed by this commit (except the interfaces of
   ip_fw_chk() and dummynet_io(), which are internal anyways), so
   an MFC is quite safe and unintrusive (and desirable, given the
   improved readability of the code).

MFC after: 10 days
2002-06-22 11:51:02 +00:00
Bill Fenner
94413c0dba Update for libpcap 0.7.1
Originally-committed-to-wrong-repository by:	fenner
2002-06-21 05:29:40 +00:00
Seigo Tanimura
03e4918190 Remove so*_locked(), which were backed out by mistake. 2002-06-18 07:42:02 +00:00
Seigo Tanimura
4cc20ab1f0 Back out my lats commit of locking down a socket, it conflicts with hsu's work.
Requested by:	hsu
2002-05-31 11:52:35 +00:00
Mike Silbersack
54e84abb59 Ensure that packet counts are always reset to 0 when
a route is cloned.  Previously, they took on the count
of their parent route (which was sometimes nonzero.)

Submitted by:	Andre Oppermann <oppermann@pipeline.ch>
MFC after:	5 days
2002-05-31 04:27:51 +00:00
Poul-Henning Kamp
f4258597dc Add one copy of crc32() and crc32_tab[] in libkern, and remove it two other
places.

Comment out crc32 related definitions in zlib.h, we don't seem to have the
corresponding code in our kernel.
2002-05-29 20:24:09 +00:00
Brooks Davis
c69b7ffe7d Make discard devices clonable and unloadable. Also, change the
interface name from ds# to disc#.
2002-05-25 20:20:35 +00:00
Brooks Davis
ae5a19be8e Move all unit number management cloned interfaces into the cloning
code.  The reverts the API change which made the <if>_clone_destory()
functions return an int instead of void bringing us into closer
alignment with NetBSD.

Reviewed by:	net (a long time ago)
2002-05-25 20:17:04 +00:00
Peter Wemm
46d870bc0c Fix warning; remove unused arg that was passed through uninitialized. 2002-05-24 06:10:25 +00:00
Bruce Evans
2dd0744cbe Include <sys.systm.h> for the declaration of some atomic functions -- don't
depend on namespace pollution in <sys/mutex.h>.
2002-05-22 06:26:44 +00:00
Ian Dowse
d497e87891 Avoid exposing struct if_clone and the sys/queue.h macros to userland
programs by restricting these to the case where _KERNEL is defined.

Reviewed by:	brooks (ages ago)
2002-05-20 22:48:39 +00:00
Seigo Tanimura
243917fe3b Lock down a socket, milestone 1.
o Add a mutex (sb_mtx) to struct sockbuf. This protects the data in a
  socket buffer. The mutex in the receive buffer also protects the data
  in struct socket.

o Determine the lock strategy for each members in struct socket.

o Lock down the following members:

  - so_count
  - so_options
  - so_linger
  - so_state

o Remove *_locked() socket APIs.  Make the following socket APIs
  touching the members above now require a locked socket:

 - sodisconnect()
 - soisconnected()
 - soisconnecting()
 - soisdisconnected()
 - soisdisconnecting()
 - sofree()
 - soref()
 - sorele()
 - sorwakeup()
 - sotryfree()
 - sowakeup()
 - sowwakeup()

Reviewed by:	alfred
2002-05-20 05:41:09 +00:00
Tom Rhodes
d394511de3 More s/file system/filesystem/g 2002-05-16 21:28:32 +00:00
Luigi Rizzo
4b9840932d Add ipfw hooks to ether_demux() and ether_output_frame().
Ipfw processing of frames at layer 2 can be enabled by the sysctl variable

	net.link.ether.ipfw=1

Consider this feature experimental, because right now, the firewall
is invoked in the places indicated below, and controlled by the
sysctl variables listed on the right.  As a consequence, a packet
can be filtered from 1 to 4 times depending on the path it follows,
which might make a ruleset a bit hard to follow.

I will add an ipfw option to tell if we want a given rule to apply
to ether_demux() and ether_output_frame(), but we have run out of
flags in the struct ip_fw so i need to think a bit on how to implement
this.

		to upper layers
	     |			     |
	     +----------->-----------+
	     ^			     V
	[ip_input]		[ip_output]	net.inet.ip.fw.enable=1
	     |			     |
	     ^			     V
	[ether_demux]      [ether_output_frame]	net.link.ether.ipfw=1
	     |			     |
	     +->- [bdg_forward]-->---+		net.link.ether.bridge_ipfw=1
	     ^			     V
	     |			     |
		 to devices
2002-05-13 10:37:19 +00:00
Kelly Yancey
ca2b29fd52 Fix logic inversion bug. 2002-05-11 06:27:24 +00:00
Joerg Wunsch
ca06fe5647 Fix a misplaced break statement within a switch that accidentally made
it into an "#ifdef INET6" block.  This caused a (harmless but annoying)
EINVAL return value to be sent even though the operation completed
successfully.

PR:		kern/37786
Submitted by:	Ari Suutari <ari.suutari@syncrontech.com>,David Malone <dwmalone@maths.tcd.ie>
MFC after:	1 day
2002-05-10 12:48:09 +00:00
Luigi Rizzo
d60315bef5 Cleanup the interface to ip_fw_chk, two of the input arguments
were totally useless and have been removed.

ip_input.c, ip_output.c:
    Properly initialize the "ip" pointer in case the firewall does an
    m_pullup() on the packet.

    Remove some debugging code forgotten long ago.

ip_fw.[ch], bridge.c:
    Prepare the grounds for matching MAC header fields in bridged packets,
    so we can have 'etherfw' functionality without a lot of kernel and
    userland bloat.
2002-05-09 10:34:57 +00:00
Kelly Yancey
0ee3222df6 Roll my own min() (named ISO88025_MIN() so as to not cause conflicts) so
that this header may be included from userland where min() may not be
declared (or worse, declared differently).  I open to alternative
solutions.
2002-05-08 01:08:26 +00:00
Kelly Yancey
42fdfc126a Move ISO88025 source routing information into sockaddr_dl's sdl_data
field.  This returns the sdl_data field to a variable-length field.  More
importantly, this prevents a easily-reproduceable data-corruption bug when
the interface name plus the hardware address exceed the sdl_data field's
original 12 byte limit.  However, token-ring interfaces may still overflow
the new sdl_data field's 46 byte limit if the interface name exceeds 6
characters (since 6 characters for interface name plus 6 for hardware
address plus 34 for source routing = the size of sdl_data).  Further
refinements could overcome this limitation but would break binary
compatibility; this commit only addresses fixing the bug for
commonly-occuring cases without breaking binary compatibility with the
intention that the functionality can be MFC'ed to -stable.

  See message ID's (both send to -arch):
	20020421013332.F87395-100000@gateway.posi.net
	20020430181359.G11009-300000@gateway.posi.net
  for a more thorough description of the bug addressed and how to
reproduce it.

Approved by:	silence on -arch and -net
Sponsored by:	NTT Multimedia Communications Labs
MFC after:	1 week
2002-05-07 22:14:06 +00:00
Warner Losh
f6462e80ac MFOpenBSD: ibss and ibss-master.
ibss is the modern ad-hoc mode.  ibss-master is the same, except that
it creates the ibss network.  This distinction is necessary because
some supported cards (symbol) support the former without supporting
the latter.

A seprate commit will introduce a demo-adhoc mode so that we can
disentwingle the multiple, mutually exclusive meandings of adhoc in
the present state of affairs.

Submitted by: jhay
2002-05-07 18:16:39 +00:00
Warner Losh
f0a8d5cb6c Minor style nit 2002-05-07 18:11:55 +00:00
Alfred Perlstein
e649887b1e Make funsetown() take a 'struct sigio **' so that the locking can
be done internally.

Ensure that no one can fsetown() to a dying process/pgrp.  We need
to check the process for P_WEXIT to see if it's exiting.  Process
groups are already safe because there is no such thing as a pgrp
zombie, therefore the proctree lock completely protects the pgrp
from having sigio structures associated with it after it runs
funsetownlst.

Add sigio lock to witness list under proctree and allproc, but over
proc and pgrp.

Seigo Tanimura helped with this.
2002-05-06 19:31:28 +00:00
Alfred Perlstein
f132072368 Redo the sigio locking.
Turn the sigio sx into a mutex.

Sigio lock is really only needed to protect interrupts from dereferencing
the sigio pointer in an object when the sigio itself is being destroyed.

In order to do this in the most unintrusive manner change pgsigio's
sigio * argument into a **, that way we can lock internally to the
function.
2002-05-01 20:44:46 +00:00
David E. O'Brien
addbf23d05 "pointers are not permitted as case values", so force the macros to ints. 2002-05-01 04:18:36 +00:00
Seigo Tanimura
960ed29c4b Revert the change of #includes in sys/filedesc.h and sys/socketvar.h.
Requested by:	bde

Since locking sigio_lock is usually followed by calling pgsigio(),
move the declaration of sigio_lock and the definitions of SIGIO_*() to
sys/signalvar.h.

While I am here, sort include files alphabetically, where possible.
2002-04-30 01:54:54 +00:00
Poul-Henning Kamp
45521525a7 Move us yet closer to IFM_* definitions in NetBSD. 2002-04-29 05:32:44 +00:00
Poul-Henning Kamp
b418ad5c2e Follow NetBSD and s/IFM_1000_TX/IFM_1000_T/ 2002-04-28 20:34:20 +00:00
Seigo Tanimura
d48d4b2501 Add a global sx sigio_lock to protect the pointer to the sigio object
of a socket.  This avoids lock order reversal caused by locking a
process in pgsigio().

sowakeup() and the callers of it (sowwakeup, soisconnected, etc.) now
require sigio_lock to be locked.  Provide sowwakeup_locked(),
soisconnected_locked(), and so on in case where we have to modify a
socket and wake up a process atomically.
2002-04-27 08:24:29 +00:00
SUZUKI Shinsuke
88ff5695c1 just merged cosmetic changes from KAME to ease sync between KAME and FreeBSD.
(based on freebsd4-snap-20020128)

Reviewed by:	ume
MFC after:	1 week
2002-04-19 04:46:24 +00:00
Max Khon
b3827c8bd6 Cosmetical change: remove empty line to reduce diffs to RELENG_4 2002-04-14 16:40:11 +00:00
Warner Losh
73ce5fac0e Add hostap 802.11 media type.
From wi_hostap stuff by Thomas Skibo
2002-04-12 06:10:37 +00:00
Warner Losh
b0db732e54 Add two more IEEE80211 defines for status. 2002-04-11 05:43:10 +00:00
David Malone
4a771f59c2 Swap a bzero for an M_ZERO. Borris approved this ages ago, but
the hard drive with the patch on it went south before I committed
it.

Approved by:	bp
2002-04-10 21:08:33 +00:00
Peter Wemm
d637e9891d Add missing 'struct ifreq ifr;' that was forgotten in the last commit. 2002-04-10 06:07:16 +00:00
SUZUKI Shinsuke
ee0a4f7ee7 fixed a kernel crash when enabling multicast on vlan interface
owing to a NULL argument to vlan_ioctl() at if_allmulti().

Reviewed by:    ume
MFC after:   	1 week
2002-04-10 04:18:42 +00:00
John Baldwin
6008862bc2 Change callers of mtx_init() to pass in an appropriate lock type name. In
most cases NULL is passed, but in some cases such as network driver locks
(which use the MTX_NETWORK_LOCK macro) and UMA zone locks, a name is used.

Tested on:	i386, alpha, sparc64
2002-04-04 21:03:38 +00:00
Luigi Rizzo
d722be5487 Replace (deprecated ?) FREE() macro with direct calls to free() 2002-04-04 06:03:17 +00:00
Luigi Rizzo
2dfe320036 Fix incorrect m_free - m_freem() usage. 2002-04-04 06:00:21 +00:00
Luigi Rizzo
7d3e4c6e71 Fix a couple of incorrect m_free() vs. m_freem() usages and related issues.
Reviewed-by: brooks
2002-04-04 05:42:09 +00:00