Commit Graph

453 Commits

Author SHA1 Message Date
Yaroslav Tykhiy
e883537ce7 The default value of net.graph.nonstandard_pppoe is changed to -1,
which means "always stay in the standard mode of PPPoE operation
regardless of any junk floating around."

As the referenced PR stated clearly, the old default setting of 0
was extremely dangerous because it opened a possibility for a
spurious frame not only to put down a single PPPoE node running
FreeBSD, but to plague *every* FreeBSD node in a PPPoE network in
such a way that those nodes would keep poisoning each other until
rebooted simultaneously.

PR:		kern/47920
Reviewed by:	Gleb Smirnoff <glebius <at> cell.sick.ru>
MFC after:	1 week
2003-12-19 16:03:28 +00:00
Ruslan Ermilov
05f768d918 Fixed panic on hook disconnection that previous revision has introduced. 2003-12-19 15:09:12 +00:00
Ruslan Ermilov
9ab65054a7 Fixed compilation on 64-bit platforms. 2003-12-19 09:34:37 +00:00
Yaroslav Tykhiy
875467fafa There are two modes of ng_pppoe operation, standard and
nonstandard.  They differ in the values of certain fields in
the PPPoE frame.  Previously, ng_pppoe would start in standard
mode, yet switch to nonstandard one upon reception of a single
nonstandard frame.  After having done so, ng_pppoe would be unable
to interact with standard PPPoE peers.  Thus, a DoS condition
existed that could be triggered by a buggy peer or malicious party.

Since few people have expressed their displeasure WRT this problem,
the default operation of ng_pppoe is left untouched for now.  However,
a new value for the sysctl net.graph.nonstandard_pppoe is introduced,
-1, which will force ng_pppoe stay in standard mode regardless of any
bogus frames floating around.

PR:		kern/47920
Submitted by:	Gleb Smirnoff <glebius <at> cell.sick.ru>
MFC after:	1 week
2003-12-18 16:38:35 +00:00
Ruslan Ermilov
85a1bad78e Removed an outdated comment.
Submitted by:	archie
2003-12-18 09:16:40 +00:00
Ruslan Ermilov
37fc1cc08e Use the (now standard) Ethernet address parse type. 2003-12-17 13:03:32 +00:00
Ruslan Ermilov
8c7e4101f8 Made the Ethernet address parse type standard.
OK'ed by:	archie
2003-12-17 12:40:34 +00:00
Ruslan Ermilov
7304a833fb Replaced two bzero() calls with the M_ZERO flag to malloc().
Reviewed by:	julian
2003-12-17 11:48:18 +00:00
Ruslan Ermilov
2fbf6cf055 MFS: Make struct arpcom the first entry in softc. (There are at least
two functions in sys/net/if.c that assume that softc starts with arpcom.)
This makes setting of ethernet address via ifconfig(8) work as expected.
2003-12-15 11:28:15 +00:00
Don Lewis
adb9b459bd Pass MTX_DEF instead of 0 as the last argument to mtx_init().
Submitted by:	Gavin Atkinson <gavin+freebsdc@ury.york.ac.uk>
2003-12-15 01:36:54 +00:00
Don Lewis
efd8e7c9b6 The last argument to mtx_init() should be MTX_DEF, not 0. This is not a
functional change since MTX_DEF happens to be defined as 0.
2003-12-08 01:18:04 +00:00
Archie Cobbs
f6a1906569 Lower the maximum ACK timeout for GRE packets from 10 to 1 second.
In practice it seems that in situations of high packet loss the ACK
timeout seems to hit this maximum (perhaps inappropriately, but the
estimation algorithm is not perfect, so apparently it happens). In
any case, 10 seconds is way too high a value so lower to 1 second.

MFC after:	3 days
2003-11-18 20:43:23 +00:00
Robert Watson
a557af222b Introduce a MAC label reference in 'struct inpcb', which caches
the   MAC label referenced from 'struct socket' in the IPv4 and
IPv6-based protocols.  This permits MAC labels to be checked during
network delivery operations without dereferencing inp->inp_socket
to get to so->so_label, which will eventually avoid our having to
grab the socket lock during delivery at the network layer.

This change introduces 'struct inpcb' as a labeled object to the
MAC Framework, along with the normal circus of entry points:
initialization, creation from socket, destruction, as well as a
delivery access control check.

For most policies, the inpcb label will simply be a cache of the
socket label, so a new protocol switch method is introduced,
pr_sosetlabel() to notify protocols that the socket layer label
has been updated so that the cache can be updated while holding
appropriate locks.  Most protocols implement this using
pru_sosetlabel_null(), but IPv4/IPv6 protocols using inpcbs use
the the worker function in_pcbsosetlabel(), which calls into the
MAC Framework to perform a cache update.

Biba, LOMAC, and MLS implement these entry points, as do the stub
policy, and test policy.

Reviewed by:	sam, bms
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-11-18 00:39:07 +00:00
Ruslan Ermilov
cdea8b85bb Fixed two memory leaks.
Reviewed by:	harti
2003-11-17 19:13:44 +00:00
Ruslan Ermilov
d47c9466dd Check the correct set of interface flags and fix a memory leak.
Reviewed by:	harti
2003-11-17 19:13:01 +00:00
Maksim Yevmenkin
f21fff6cf2 Change double include protection style in headers to match
the rest of Netgraph code.

Reviewed by: imp, ru
Approved by: imp (mentor)
2003-11-14 03:45:29 +00:00
Hartmut Brandt
835ab74093 Make the defines that prevent multiple includes look like the
others in netgraph.
2003-11-13 13:00:56 +00:00
Hartmut Brandt
67371b0f5c Bump the netgraph header version to 6 for the change of the name
length definitions.

Reminded by: jdp
2003-11-12 17:03:40 +00:00
Hartmut Brandt
387ebc6d63 Double length of node names, hook names, command strings and types. Add
defines for these constants that include the trailing NUL byte. These
new constants have SIZ in their name instead of LEN. As soon as all
consumers in the tree are converted to use the new defines the old
defines will be put under BURN_BRIDGES.

Reviewed by:	archie, julian, ru
Approved by:	re (in principle)
2003-11-12 09:10:11 +00:00
Ruslan Ermilov
80476bacd8 MFS: Change interface name from "nge" to "ngeth" to avoid conflict
with nge(4).
2003-11-11 16:12:05 +00:00
Ruslan Ermilov
e20480bfb6 Use a single style of multiple inclusion protection for Netgraph headers.
Reviewed by:	archie, harti, emax
2003-11-11 12:30:37 +00:00
Sam Leffler
7902224c6b o add a flags parameter to netisr_register that is used to specify
whether or not the isr needs to hold Giant when running; Giant-less
  operation is also controlled by the setting of debug_mpsafenet
o mark all netisr's except NETISR_IP as needing Giant
o add a GIANT_REQUIRED assertion to the top of netisr's that need Giant
o pickup Giant (when debug_mpsafenet is 1) inside ip_input before
  calling up with a packet
o change netisr handling so swi_net runs w/o Giant; instead we grab
  Giant before invoking handlers based on whether the handler needs Giant
o change netisr handling so that netisr's that are marked MPSAFE may
  have multiple instances active at a time
o add netisr statistics for packets dropped because the isr is inactive

Supported by:	FreeBSD Foundation
2003-11-08 22:28:40 +00:00
Hartmut Brandt
4295875a6d The layer 3 (signalling) of NgATM netgraph node: ng_uni. This node
handles user and network side signaling and partly PNNI.
2003-11-07 09:15:14 +00:00
Hartmut Brandt
adcdb48eb5 Replace the lock-less algorithm for the free item list with a more
conservative lock. The problem with the lock-less algorithm is that
it suffers from the ABA problem. Running an application with funnels
a couple of 100kpkts/s through the netgraph system on a dual CPU system
with MPSAFE drivers will panic almost immediatly with the old algorithm.

It may be possible to eliminate the contention between threads that insert
free items into the list and those that get free items by using the
Michael/Scott queue algorithm that has two locks.
2003-11-05 10:32:21 +00:00
Brooks Davis
9bf40ede4a Replace the if_name and if_unit members of struct ifnet with new members
if_xname, if_dname, and if_dunit. if_xname is the name of the interface
and if_dname/unit are the driver name and instance.

This change paves the way for interface renaming and enhanced pseudo
device creation and configuration symantics.

Approved By:	re (in principle)
Reviewed By:	njl, imp
Tested On:	i386, amd64, sparc64
Obtained From:	NetBSD (if_xname)
2003-10-31 18:32:15 +00:00
Hartmut Brandt
98ef351f12 Netgraph part of the NgATM signalling AA layer. These nodes can
also be used as a general-purpose transport protocol above any
packet layer (IP, UDP).
2003-10-24 07:39:11 +00:00
Hartmut Brandt
0eecad8da7 Remove a gcc-ism: declaring a variable array at the end of a structure
as [0] and replace it with the ISO way of writing []. This has caused
warnings with WARNS=6.
2003-10-22 07:35:05 +00:00
Mike Silbersack
184dcdc7c8 Change all SYSCTLS which are readonly and have a related TUNABLE
from CTLFLAG_RD to CTLFLAG_RDTUN so that sysctl(8) can provide
more useful error messages.
2003-10-21 18:28:36 +00:00
Maksim Yevmenkin
0986ab12e4 Update Bluetooth code.
Reviewed by: M. Warner Losh <imp@bsdimp.com>; John Hay <jhay@freebsd.org>
Approved by: M. Warner Losh <imp@bsdimp.com> (mentor)
2003-10-12 22:04:24 +00:00
Poul-Henning Kamp
ed692400eb I don't know from where the notion that device driver should or
even could call VOP_REVOKE() on vnodes associated with its dev_t's
has originated, but it stops right here.

If there are things people belive destroy_dev() needs to learn how to
do, please tell me about it, preferably with a reproducible test case.

Include <sys/uio.h> in bluetooth code rather than rely on <sys/vnode.h>
to do so.

The fact that some of the USB code needs to include <sys/vnode.h>
still disturbs me greatly, but I do not have time to chase that.
2003-09-28 20:48:13 +00:00
Jeffrey Hsu
33583c6f18 Add Protocol Independent Multicast protocol.
Submitted by:	Pavlin Radoslavov <pavlin@icir.org>
2003-08-20 22:11:58 +00:00
Hartmut Brandt
ee4080d424 Add ng_atmpif: a HARP physical interface emulation. This allows one
to run the HARP ATM stack without real hardware.

Submitted by:	Vincent Jardin <vjardin@wanadoo.fr>
2003-08-11 08:40:02 +00:00
Hartmut Brandt
fa6a7ef6e4 Process events from the ATM drivers. Carrier change and PVC change
messages are forwarded as netgraph control messages to the node
that is connected to the manage hook. If that hook is not connected,
the event is lost. Flow control events are converted to netgraph
flow control messages and send along the hook that is connected to
the flow controlled VC. ACR change events are converted to control
messages and sent along the hook for the given VC.
2003-07-29 16:27:23 +00:00
John-Mark Gurney
e7091e1518 add missing machine/bus.h that is necessary to build now that usb is bus_dma
aware.
2003-07-16 03:43:14 +00:00
Hartmut Brandt
4b394dbdd4 Test the OPEN flag to see whether a VCI is already open on the hook instead
to look for vci != 0. We can now open VCI 0 for monitoring purposes.
2003-07-15 15:48:10 +00:00
Hartmut Brandt
b3d4fe3d04 Remove three unneccessary comparisons that were always true.
Spotted by: gcc
2003-07-15 11:50:59 +00:00
Julian Elischer
53dc6459d7 Allow the caller to get an erro direclty if we sent the packet immediatly.
Submitted by: Ian Dowse <iedowse@maths.tcd.ie>
MFC after:	1 day
2003-07-03 22:09:47 +00:00
Hartmut Brandt
3fb1076132 Allow VPI/VCI 0/0 to be opened. This will be used by the IDT77252 driver
to provide a "receive all cells" mode that can be used for monitoring.

Check only the relevant MTU size when NOTX or NORX flags are set.
2003-07-02 11:52:46 +00:00
Julian Elischer
722a139cfa Fix a comment
MFC after:	1 day
2003-06-25 20:58:35 +00:00
Hartmut Brandt
cfca62bfac This is a netgraph node to access ATM interfaces. It works with the
hatm(4) and fatm(4) drivers, en(4) will follow soon.
2003-06-25 13:20:19 +00:00
Poul-Henning Kamp
cc0815a886 Use the <sys/bitstring.h> rather than <bitstring.h> 2003-06-13 19:40:44 +00:00
Julian Elischer
95f04def4b fix a cut-n-paste error.
in the case where the bridge node was closed down but a timeout
still applied to it, the final reference to the node was freeing the private
data structure using the wrong malloc type.

Approved by:	re@
2003-05-15 18:51:28 +00:00
Julian Elischer
335d40c8ff Last commit of the bluetooth upgrade. (this patch was forgotten in the first
commit)

Submitted by: Maksim Yevmenkin <m_evmenkin@yahoo.com>
Approved by: re@
2003-05-10 22:11:25 +00:00
Julian Elischer
f2bb1cae36 Part one of undating the bluetooth code to the newest version
Submitted by:   Maksim Yevmenkin <m_evmenkin@yahoo.com>
Approved by: re@
2003-05-10 21:44:42 +00:00
Alexander Kabaev
104a9b7e3e Deprecate machine/limits.h in favor of new sys/limits.h.
Change all in-tree consumers to include <sys/limits.h>

Discussed on:	standards@
Partially submitted by: Craig Rodrigues <rodrigc@attbi.com>
2003-04-29 13:36:06 +00:00
Archie Cobbs
7d78074030 Add missing braces.
Submitted by:	Andrew Lankford <arlankfo@141.com>
2003-04-28 20:38:05 +00:00
Robert Watson
dbf4bdffd9 Remove extraneous reference to intrq.h, which broke the kernel build. 2003-04-21 03:17:27 +00:00
Poul-Henning Kamp
11589318f3 KASSERT that NG_MKMESSAGE() is not called with mbuf flags. 2003-04-18 12:37:33 +00:00
Dag-Erling Smørgrav
fe58453891 Introduce an M_ASSERTPKTHDR() macro which performs the very common task
of asserting that an mbuf has a packet header.  Use it instead of hand-
rolled versions wherever applicable.

Submitted by:	Hiten Pandya <hiten@unixdaemons.com>
2003-04-08 14:25:47 +00:00
Dag-Erling Smørgrav
f7854568f5 Don't use ovbcopy(). 2003-04-04 12:12:34 +00:00
Jonathan Lemon
8c90439d70 Include correct opt_* headers for supported address families. Dike out
the unused ATM cases.

Sponsored by: DARPA, NAI Labs
2003-03-08 16:25:27 +00:00
Archie Cobbs
2b2a8188b1 Fix a use-after-free bug that could cause multi-link fragment reassembly to
fail for a long time (until the incoming sequence numbers wrapped around).

Reported by:	Matthew Impett <mimpett@Glue.umd.edu>
MFC after:	3 days
2003-03-05 23:12:59 +00:00
Peter Wemm
3c6b084e96 Finish driving a stake through the heart of netns and the associated
ifdefs scattered around the place - its dead Jim!

The SMB stuff had stolen AF_NS, make it official.
2003-03-05 19:24:24 +00:00
Jonathan Lemon
1cafed3941 Update netisr handling; Each SWI now registers its queue, and all queue
drain routines are done by swi_net, which allows for better queue control
at some future point.  Packets may also be directly dispatched to a netisr
instead of queued, this may be of interest at some installations, but
currently defaults to off.

Reviewed by: hsu, silby, jayanth, sam
Sponsored by: DARPA, NAI Labs
2003-03-04 23:19:55 +00:00
Poul-Henning Kamp
7ac40f5f59 Gigacommit to improve device-driver source compatibility between
branches:

Initialize struct cdevsw using C99 sparse initializtion and remove
all initializations to default values.

This patch is automatically generated and has been tested by compiling
LINT with all the fields in struct cdevsw in reverse order on alpha,
sparc64 and i386.

Approved by:    re(scottl)
2003-03-03 12:15:54 +00:00
Hartmut Brandt
5dfe609dd1 Add two loader tuneables that allow one to change the maximum number of
queue items that can be allocated by netgraph and the number of free queue
items that are cached on a private list.

Netgraph places an upper limit on the number of queue items it may allocate.
When there is a large number of netgraph messages travelling through the
system (100k/sec and more) there is a high probability, that messages get
queued at the nodes and netgraph runs out of queue items. In this case the data
flow through netgraph gets blocked. The tuneable for the number of free
items lets one trade memory for performance.

The tunables are also available as read-only sysctls.

PR:		kern/47393
Reviewed by:	julian
Approved by:	jake (mentor)
2003-03-02 18:04:10 +00:00
Bill Paul
7dd982591b Some more updates for the new world order:
- Make transmission of packets work again. This stopped working because
  ether_ifattach() was forcing ifp->if_output to be ether_output() and
  clobbering our attempt to override this vector with a pointer to
  ng_fec_output(). Move the overriding of ifp->if_output to after
  ether_ifattach().

- Abandon the use of the netgraph ng_ether_input_p hook for snagging
  incoming frames, and instead override the ifp->if_input vector for
  interfaces that have been aggregated into our bundle. (I would have
  loved to have written things this way in the first place, but I
  didn't want to have to be the one to implement the if_input hook
  and change all the drivers.) This avoids collisions with the ng_ether
  module, which uses the same hook. Each aggregated device now calls
  ng_fec_input() directly, which then fakes up the rcvif pointer
  before invoking ifp->if_input itself.

This module should actually work now.
2003-02-26 19:49:32 +00:00
Bill Paul
0aef141cd0 Attempt to make the ng_fec module play nice with BPF again. Things have
changed since this code was written:

- The ng_ether_input_p hook only accepts two arguments now: the pointer
  to the ether header structure is gone.

- It's no longer necessary to cons up a fake ether header before passing
  incoming packets to BPF_MTAP().

ng_fec_input() has been modified to account for these two changes.
Running tcpdump on fec0 should work now.

PR:	kern/46720
2003-02-26 06:38:54 +00:00
Scott Long
7874f606d5 Introduce a new taskqueue that runs completely free of Giant, and in
turns runs its tasks free of Giant too.  It is intended that as drivers
become locked down, they will move out of the old, Giant-bound taskqueue
and into this new one.  The old taskqueue has been renamed to
taskqueue_swi_giant, and the new one keeps the name taskqueue_swi.
2003-02-26 03:15:42 +00:00
Warner Losh
a163d034fa Back out M_* changes, per decision of the TRB.
Approved by: trb
2003-02-19 05:47:46 +00:00
Doug Ambrisko
233896e9da Take the rc4 code out of ng_mppc module so we don't fail to load when
we have the rc4 code already in the kernel (via wlan stuff or awi).
Add a dependency on the rc4 module so if it doesn't exist then load it.

Reviewed by:	archie
2003-02-05 19:11:11 +00:00
Alfred Perlstein
04738e99b5 Catch more uses of MIN(). 2003-02-02 13:30:00 +00:00
Alfred Perlstein
44956c9863 Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.
Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
2003-01-21 08:56:16 +00:00
Matthew Dillon
48e3128b34 Bow to the whining masses and change a union back into void *. Retain
removal of unnecessary casts and throw in some minor cleanups to see if
anyone complains, just for the hell of it.
2003-01-13 00:33:17 +00:00
Matthew Dillon
cd72f2180b Change struct file f_data to un_data, a union of the correct struct
pointer types, and remove a huge number of casts from code using it.

Change struct xfile xf_data to xun_data (ABI is still compatible).

If we need to add a #define for f_data and xf_data we can, but I don't
think it will be necessary.  There are no operational changes in this
commit.
2003-01-12 01:37:13 +00:00
Jens Schweikhardt
9d5abbddbf Correct typos, mostly s/ a / an / where appropriate. Some whitespace cleanup,
especially in troff files.
2003-01-01 18:49:04 +00:00
Julian Elischer
6282381da2 Make ng_fec.c compile again since Sam's changes.
Submitted by:	Hiten Pandya (hiten@unixdaemons.com)
2002-12-23 22:31:24 +00:00
Jeffrey Hsu
b30a244c34 SMP locking for ifnet list. 2002-12-22 05:35:03 +00:00
Bosko Milekic
86fea6be59 o Untangle the confusion with the malloc flags {M_WAITOK, M_NOWAIT} and
the mbuf allocator flags {M_TRYWAIT, M_DONTWAIT}.
o Fix a bpf_compat issue where malloc() was defined to just call
  bpf_alloc() and pass the 'canwait' flag(s) along.  It's been changed
  to call bpf_alloc() but pass the corresponding M_TRYWAIT or M_DONTWAIT
  flag (and only one of those two).

Submitted by: Hiten Pandya <hiten@unixdaemons.com> (hiten->commit_count++)
2002-12-19 22:58:27 +00:00
Archie Cobbs
f3059f3906 Fix two bugs:
(a) Save control message return address only if NGM_MPPC_CONFIG_DECOMP
    (b) Properly count the number of required re-key operations
	when we loose synchronization and have to resync

MFC after:	3 days
2002-12-14 00:56:07 +00:00
Julian Elischer
f2ec255a33 fixes for this driver:
1) "ubt" driver did not work when system is booted with the device attached
2) missing "break;" in ubt_rcvmsg() function;

Submitted by: Maksim Yevmenkin <Maksim.Yevmenkin@cw.com>
Approved by: re (jhb)
2002-11-26 18:30:45 +00:00
Julian Elischer
878ed22696 The second try a committing the bluetooth code
Has been seen to work on several cards and communicating with
several mobile phones to use them as modems etc.

We are still talking with 3com to try get them to allow us to include
the firmware for their pccard in the driver but the driver is here..
In the mean time
it can be downloaded from the 3com website and loaded using the utility
bt3cfw(8) (supplied) (instructions in the man page)

Not yet linked to the build

Submitted by:	Maksim Yevmenkin <myevmenk@exodus.net>
Approved by:	re
2002-11-20 23:01:59 +00:00
Sam Leffler
edbb5246ff o track changes to ethernet input packet handling
o track changes to bpf
o track changes to make ng hooks more private

Reviewed by:	many
Approved by:	re
2002-11-14 23:44:37 +00:00
John Baldwin
8214d60e20 Use intptr_t to fix various sizeof(int) != sizeof(void *) warnings. 2002-11-08 21:13:18 +00:00
John Baldwin
a2a6abd546 Use %z to print a size_t value. 2002-11-08 14:50:44 +00:00
Julian Elischer
b655e33d55 Slight redesign for fitting in with -current. 2002-11-05 01:08:11 +00:00
Julian Elischer
5968e29e00 The easy part of converting the ng_source node to -current.
More to come.. does not compile (deliberatly.. logic broken)
2002-11-02 02:29:43 +00:00
Julian Elischer
4b52f2836a Whitespace fixes 2002-11-02 01:26:28 +00:00
Julian Elischer
3a114c5de9 ifnet_addrs doesn;t exist any more so use
TAILQ_FIRST(&ifp->if_addrhead) to find the link layer ifaddr.
(it's always first I believe)
Allows this to compile on -current.
 .. need testers with FEC capable switches..
2002-11-01 23:09:15 +00:00
Julian Elischer
585ff168dc Add the netgraph 'source' module.
This is NOT YET CONVERTED TO -current.
This node is a source for preprogrammed packets at a known rate for testing.

I will convert it to -current "in place" but will MFC teh original
pre-conversion variant as that is  what is originally submitted.
Man page my me, info from Dave's README.

Submitted by:	Dave Chapeskie <dchapeskie@SANDVINE.com>
Obtained from:	Sandvine inc.
MFC after:	1 week
2002-10-31 23:03:09 +00:00
Julian Elischer
6da3d5ce7f Finally get around to committing Bill Paul's FEC netgraph nodes.
These are really only partly netgraph nodes as they do not use the
netgraph interfaces for many of the functions for which they could
be used, however they represent important functionality.

Submitted by:	wpaul
MFC after: 2 days
2002-10-29 19:12:44 +00:00
Brooks Davis
29e1b85f97 Use if_printf(ifp, "blah") instead of
printf("%s%d: blah", ifp->if_name, ifp->if_xname).
2002-10-21 02:51:56 +00:00
Alfred Perlstein
4f492bfab5 use __packed. 2002-09-23 18:54:32 +00:00
Benno Rice
fcfa0b48b3 Reference the socket we're accepting. 2002-09-14 08:56:10 +00:00
Archie Cobbs
cc78c48a68 Relax checking of incoming PPTP GRE packets a bit: ignore a bogus payload
length field when there's no payload indicated by the header 'S' bit.
This works around semi-brokenness in the Mac OS X PPTP client.
2002-09-14 00:00:49 +00:00
Benno Rice
a7d83226f0 Remember who asked for a connect or accept operation so we can actually tell
them when it's done.

Reviewed by:	archie
2002-09-11 00:52:50 +00:00
Archie Cobbs
facfd88935 Don't use "NULL" when "0" is really meant. 2002-08-22 00:30:03 +00:00
Archie Cobbs
901fadf792 New L2TP netgraph node type.
Obtained from:	Packet Design
2002-08-20 21:59:50 +00:00
Archie Cobbs
0157ee2275 When declaring local variables in macros, always use "_name" instead
of "name" to avoid ugly problems when the containing code already has
a variable named "name".
2002-08-20 18:57:11 +00:00
Maxime Henrion
f2b17113cf Make the consumers of the linker_load_file() function use
linker_load_module() instead.

This fixes a bug where the kernel was unable to properly locate and
load a kernel module in vfs_mount() (and probably in the netgraph
code as well since it was using the same function).  This is because
the linker_load_file() does not properly search the module path.

Problem found by:	peter
Reviewed by:		peter
Thanks to:		peter
2002-08-02 20:56:07 +00:00
Brian Somers
9e6798e7c0 NUL terminate the ACNAME passed to userland. 2002-06-22 21:00:53 +00:00
Julian Elischer
a835396035 A node that creates a device entry in /dev (yay devfs)
so that /dev/mumble can be the entrypoint to some networking graph,
e.g. a tunnel or a remote tape drive or whatever...

Not fully tested (by me) yet.

Submitted by:	Mark Santcroos <marks@ripe.net>
MFC after:	3 weeks
2002-06-18 21:32:33 +00:00
Julian Elischer
ed2836692f if you have taken the mbuf out of the message object, then if you pass
the object to someone else, you need to put the mbuf back into it first..
2002-06-09 07:28:35 +00:00
Archie Cobbs
816b834f14 Const'ify variables to make it clear we're not writing to the mbuf data.
Reviewed by:	julian, brian
MFC after:	1 week
2002-06-05 23:35:31 +00:00
Archie Cobbs
7b9f235f4c Fix bug where an mbuf was being written to without checking M_WRITABLE().
Eliminate some of the unnecessary complexity of ng_ether_glueback_header().
Simplify two functions a bit by doing the NG_FREE_META(meta) earlier.

Reviewed by:	julian, brian
MFC after:	1 week
2002-06-05 23:32:56 +00:00
Archie Cobbs
d3479b8238 Fix bugs where mbuf data was being accessed without m_pullup().
Reviewed by:	julian, brian
MFC after:	1 week
2002-06-05 23:29:29 +00:00
Alfred Perlstein
f3bfd2edaf Declare a variable sized array within a structure using [] rather than [0]
to silence warnings.
2002-06-01 20:40:05 +00:00
Archie Cobbs
f0184ff8e3 Fix GCC warnings caused by initializing a zero length array. In the process,
simply things a bit by getting rid of 'struct ng_parse_struct_info' which
was useless because it only contained one field.

MFC after:	2 weeks
2002-05-31 23:48:03 +00:00
Seigo Tanimura
4cc20ab1f0 Back out my lats commit of locking down a socket, it conflicts with hsu's work.
Requested by:	hsu
2002-05-31 11:52:35 +00:00
Peter Wemm
55be04ab11 Fix warnings: deprecated use of label at end of compound statement 2002-05-24 07:02:04 +00:00
Seigo Tanimura
243917fe3b Lock down a socket, milestone 1.
o Add a mutex (sb_mtx) to struct sockbuf. This protects the data in a
  socket buffer. The mutex in the receive buffer also protects the data
  in struct socket.

o Determine the lock strategy for each members in struct socket.

o Lock down the following members:

  - so_count
  - so_options
  - so_linger
  - so_state

o Remove *_locked() socket APIs.  Make the following socket APIs
  touching the members above now require a locked socket:

 - sodisconnect()
 - soisconnected()
 - soisconnecting()
 - soisdisconnected()
 - soisdisconnecting()
 - sofree()
 - soref()
 - sorele()
 - sorwakeup()
 - sotryfree()
 - sowakeup()
 - sowwakeup()

Reviewed by:	alfred
2002-05-20 05:41:09 +00:00
Brian Somers
87c4cce00e Add a NGM_PPPOE_SESSIONID message to the ng_pppoe node.
This message is sent to the control socket when the SessionID
is established.

Approved by:	archie (after a very cursory glance)
2002-05-14 12:32:41 +00:00
Archie Cobbs
a1479aa2fd Don't send packets out an interface unless it is IFF_UP|IFF_RUNNING.
This fixes panics with certain Ethernet drivers when doing bridging,
PPPoE, etc. before the driver has been fully brought up.

MFC after:	1 week
2002-05-09 20:19:00 +00:00
Seigo Tanimura
960ed29c4b Revert the change of #includes in sys/filedesc.h and sys/socketvar.h.
Requested by:	bde

Since locking sigio_lock is usually followed by calling pgsigio(),
move the declaration of sigio_lock and the definitions of SIGIO_*() to
sys/signalvar.h.

While I am here, sort include files alphabetically, where possible.
2002-04-30 01:54:54 +00:00
Archie Cobbs
4a48abb26a Use 'struct callout' instead of 'struct callout_handle' to avoid
exhausting the kernel timeout table. Perform the usual gymnastics to
avoid race conditions between node shutdown and timeouts occurring.

Also fix a bug in handling ack delays < PPTP_MIN_ACK_DELAY. Before,
we were ack'ing immediately. Instead, just impose a minimum ack delay
time, like the name of the macro implies.

MFC after:	1 week
2002-04-14 17:37:35 +00:00
John Baldwin
6008862bc2 Change callers of mtx_init() to pass in an appropriate lock type name. In
most cases NULL is passed, but in some cases such as network driver locks
(which use the MTX_NETWORK_LOCK macro) and UMA zone locks, a name is used.

Tested on:	i386, alpha, sparc64
2002-04-04 21:03:38 +00:00
John Baldwin
44731cab3b Change the suser() API to take advantage of td_ucred as well as do a
general cleanup of the API.  The entire API now consists of two functions
similar to the pre-KSE API.  The suser() function takes a thread pointer
as its only argument.  The td_ucred member of this thread must be valid
so the only valid thread pointers are curthread and a few kernel threads
such as thread0.  The suser_cred() function takes a pointer to a struct
ucred as its first argument and an integer flag as its second argument.
The flag is currently only used for the PRISON_ROOT flag.

Discussed on:	smp@
2002-04-01 21:31:13 +00:00
Archie Cobbs
931c828ac5 Fix bugs where the ng_ppp node could transmit PPP frames whose length
exceeded the peer's configured MRU or MRRU.

MFC after:	1 week
2002-03-15 02:31:14 +00:00
Julian Elischer
d2ca21a9b2 Official timeout routines for netgraph nodes that know how to
use (and abuse) the node locking system.

MFC after:	1 week
2002-03-05 20:26:20 +00:00
John Baldwin
a854ed9893 Simple p_ucred -> td_ucred changes to start using the per-thread ucred
reference.
2002-02-27 18:32:23 +00:00
Brian Somers
c48a0b5fb4 Send a NGM_PPPOE_ACNAME message to userland when a node is connected.
Submitted by:		Andre Albsmeier <andre@albsmeier.net>
Shuffled about by:	brian
Approved by:		julian
2002-02-20 15:51:11 +00:00
Mike Barcroft
fd8e4ebc8c o Move NTOHL() and associated macros into <sys/param.h>. These are
deprecated in favor of the POSIX-defined lowercase variants.
o Change all occurrences of NTOHL() and associated marcros in the
  source tree to use the lowercase function variants.
o Add missing license bits to sparc64's <machine/endian.h>.
  Approved by: jake
o Clean up <machine/endian.h> files.
o Remove unused __uint16_swap_uint32() from i386's <machine/endian.h>.
o Remove prototypes for non-existent bswapXX() functions.
o Include <machine/endian.h> in <arpa/inet.h> to define the
  POSIX-required ntohl() family of functions.
o Do similar things to expose the ntohl() family in libstand, <netinet/in.h>,
  and <sys/param.h>.
o Prepend underscores to the ntohl() family to help deal with
  complexities associated with having MD (asm and inline) versions, and
  having to prevent exposure of these functions in other headers that
  happen to make use of endian-specific defines.
o Create weak aliases to the canonical function name to help deal with
  third-party software forgetting to include an appropriate header.
o Remove some now unneeded pollution from <sys/types.h>.
o Add missing <arpa/inet.h> includes in userland.

Tested on:	alpha, i386
Reviewed by:	bde, jake, tmm
2002-02-18 20:35:27 +00:00
Archie Cobbs
b5a60ddb7e Fix another bug in handling of multi-link sequence numbers.
MFC after:	1 week
2002-02-13 00:58:49 +00:00
Archie Cobbs
3cbeb9758d Fix bug in previous commit.
Submitted by:	Harti Brandt <brandt@fokus.gmd.de>
2002-02-12 18:33:10 +00:00
Julian Elischer
079b7badea Pre-KSE/M3 commit.
this is a low-functionality change that changes the kernel to access the main
thread of a process via the linked list of threads rather than
assuming that it is embedded in the process. It IS still embeded there
but remove all teh code that assumes that in preparation for the next commit
which will actually move it out.

Reviewed by: peter@freebsd.org, gallatin@cs.duke.edu, benno rice,
2002-02-07 20:58:47 +00:00
Archie Cobbs
a3e232d65b The hardware checksum code makes the assumption that a packet routed out
a particular Ethernet interface will actually be delivered by (only) that
device driver. This is not necessarily true when ng_ether(4) is used.

To word around this, while a ng_ether(4)'s "upper" hook is connected,
turn off all hardware checksum, fragmentation, etc., features for that
interface.

PR:		kern/31586
MFC after:	1 week
2002-02-05 18:27:30 +00:00
Matthew Dillon
ecde8f7c29 Get rid of the twisted MFREE() macro entirely.
Reviewed by:	dg, bmilekic
MFC after:	3 days
2002-02-05 02:00:56 +00:00
Archie Cobbs
d9bfecab53 Some netgraph parse types (such as for the 'value' field in ng_ksocket's
'struct ng_ksocket_sockopt') like to peek into the ng_mesg header for
information. Make sure when generating default values that we provide
a valid header to peek into.

MFC after:	1 week
2002-02-01 02:21:41 +00:00
Alfred Perlstein
a4db49537b Replace ffind_* with fget calls.
Make fget MPsafe.

Make fgetvp and fgetsock use the fget subsystem to reduce code bloat.

Push giant down in fpathconf().
2002-01-14 00:13:45 +00:00
Alfred Perlstein
426da3bcfb SMP Lock struct file, filedesc and the global file list.
Seigo Tanimura (tanimura) posted the initial delta.

I've polished it quite a bit reducing the need for locking and
adapting it for KSE.

Locks:

1 mutex in each filedesc
   protects all the fields.
   protects "struct file" initialization, while a struct file
     is being changed from &badfileops -> &pipeops or something
     the filedesc should be locked.

1 mutex in each struct file
   protects the refcount fields.
   doesn't protect anything else.
   the flags used for garbage collection have been moved to
     f_gcflag which was the FILLER short, this doesn't need
     locking because the garbage collection is a single threaded
     container.
  could likely be made to use a pool mutex.

1 sx lock for the global filelist.

struct file *	fhold(struct file *fp);
        /* increments reference count on a file */

struct file *	fhold_locked(struct file *fp);
        /* like fhold but expects file to locked */

struct file *	ffind_hold(struct thread *, int fd);
        /* finds the struct file in thread, adds one reference and
                returns it unlocked */

struct file *	ffind_lock(struct thread *, int fd);
        /* ffind_hold, but returns file locked */

I still have to smp-safe the fget cruft, I'll get to that asap.
2002-01-13 11:58:06 +00:00
Mike Smith
b78929a257 Staticise the socket list. 2002-01-08 10:30:34 +00:00
Archie Cobbs
dc9c2e0149 Avoid reentrantly sending on the same socket, which causes a kernel panic. 2002-01-06 01:08:30 +00:00
Robert Watson
9c4d63da6d o Make the credential used by socreate() an explicit argument to
socreate(), rather than getting it implicitly from the thread
  argument.

o Make NFS cache the credential provided at mount-time, and use
  the cached credential (nfsmount->nm_cred) when making calls to
  socreate() on initially connecting, or reconnecting the socket.

This fixes bugs involving NFS over TCP and ipfw uid/gid rules, as well
as bugs involving NFS and mandatory access control implementations.

Reviewed by:	freebsd-arch
2001-12-31 17:45:16 +00:00
Archie Cobbs
b9bc94b33f Typo. 2001-12-15 20:53:15 +00:00
Archie Cobbs
6c12c2b195 Don't free a structure containing a 'struct callout' structure while that
callout is still pending.

MFC after:	3 days
2001-12-15 20:48:53 +00:00
Archie Cobbs
34fd23818a Add support for 56 bit MPPE encryption.
MFC after:	3 days
2001-12-15 02:07:32 +00:00
David E. O'Brien
6e551fb628 Update to C99, s/__FUNCTION__/__func__/,
also don't use ANSI string concatenation.
2001-12-10 08:09:49 +00:00
Archie Cobbs
19ff9e5f3e When a socket is not connected, allow the peer "struct sockaddr"
to be included in the meta information that is associated with
incoming and outgoing packets.

Reviewed by:	julian
MFC after:	1 week
2001-11-28 19:39:58 +00:00
Julian Elischer
10d7ccab88 A node that allows ethernet type packets to be filtered to different
hooks depending on ethertype. Great for prototyping protocols.
connects to the lower and upper hooks of an ethernet type of node.

Obtained from: Monzoon Networks.
	Thanks to Andre Oppermann, May 2001.
2001-10-30 07:28:17 +00:00
Matthew Dillon
e74e9032da log routine called w/ %ld and int argument, cast argument to long 2001-10-29 02:22:49 +00:00
Archie Cobbs
6628011155 Fix bug that cheated hook names out of the last 2 bytes.
MFC after:      3 days
2001-10-10 19:58:11 +00:00
Archie Cobbs
129bc89568 Let "raw" mean IPPROTO_RAW instead of IPPROTO_IP.
Noticed by:	jdp
MFC after:	3 days
2001-10-10 19:51:13 +00:00
David Malone
2bc21ed985 Hopefully improve control message passing over Unix domain sockets.
1) Allow the sending of more than one control message at a time
over a unix domain socket. This should cover the PR 29499.

2) This requires that unp_{ex,in}ternalize and unp_scan understand
mbufs with more than one control message at a time.

3) Internalize and externalize used to work on the mbuf in-place.
This made life quite complicated and the code for sizeof(int) <
sizeof(file *) could end up doing the wrong thing. The patch always
create a new mbuf/cluster now. This resulted in the change of the
prototype for the domain externalise function.

4) You can now send SCM_TIMESTAMP messages.

5) Always use CMSG_DATA(cm) to determine the start where the data
in unp_{ex,in}ternalize. It was using ((struct cmsghdr *)cm + 1)
in some places, which gives the wrong alignment on the alpha.
(NetBSD made this fix some time ago).

This results in an ABI change for discriptor passing and creds
passing on the alpha. (Probably on the IA64 and Spare ports too).

6) Fix userland programs to use CMSG_* macros too.

7) Be more careful about freeing mbufs containing (file *)s.
This is made possible by the prototype change of externalise.

PR:		29499
MFC after:	6 weeks
2001-10-04 13:11:48 +00:00
Bruce Evans
4c6bb41ef2 Fixed pedantic syntax error (trailing semicolon in enum). 2001-10-04 07:51:42 +00:00
Brooks Davis
7360079ab3 Remove a couple unintentional mentions of Ethernet that crept in from
ng_ether.c.
2001-09-28 00:02:50 +00:00
Brooks Davis
c2eed10556 Add ng_ip_input. A new netgraph node for queuing IP packets into the
main IP input processing code.
2001-09-27 21:54:27 +00:00
Brooks Davis
cf776d8152 The initial commit contained an error in the license, this is the
correct one.
2001-09-27 00:04:29 +00:00
Brooks Davis
94408d94c3 /home/brooks/ng_gif.message 2001-09-26 23:50:17 +00:00
Julian Elischer
b40ce4165d KSE Milestone 2
Note ALL MODULES MUST BE RECOMPILED
make the kernel aware that there are smaller units of scheduling than the
process. (but only allow one thread per process at this time).
This is functionally equivalent to teh previousl -current except
that there is a thread associated with each process.

Sorry john! (your next MFC will be a doosie!)

Reviewed by: peter@freebsd.org, dillon@freebsd.org

X-MFC after:    ha ha ha ha
2001-09-12 08:38:13 +00:00
Julian Elischer
f97e0a0719 First pass at porting John's "accept" changes to
allow an in-kernel webserver (or similar) to accept
and handle incoming connections using netgraph without ever leaving the
kernel. (allows incoming tunnel requests to be
handled totally within the kernel for example)

Needs work, but shouldn't break existing functionality.

Submitted by:	John Polstra <jdp@polstra.com>
MFC after:	2 weeks
2001-09-07 07:12:51 +00:00
Julian Elischer
94142c49dc MFS: change name of sysctl to something more diplomatic. 2001-09-04 06:29:35 +00:00
Archie Cobbs
cf2010b81f Fix kernel crash when VLANs are combined with ng_ether(4), by attaching
interfaces of type IFT_L2VLAN as well as IFT_ETHER during module load.

Submitted by:	yar
2001-08-30 19:09:10 +00:00
Brian Somers
376958b412 Fix two typos 2001-08-21 13:20:02 +00:00
Brian Somers
2b5dcd2ffe Pack struct uniqtag declarations to stop our data field from being pushed
4 bytes to the right on the alpha.

Tested by:	Thomas Pornin <Thomas.Pornin@ens.fr>
MFC after:	1 week
2001-08-02 09:28:31 +00:00
Brian Somers
9088fa05ae If an attempt is made to LISTEN for a service tag that's already being
LISTENed for, return EEXISTS.

Only match the magic "*" service tag if no other LISTEN service tags
match.

Require an explicit LISTEN for an empty service tag in order to match
empty service requests.

Approved by:	julian
MFC after:	3 days
2001-07-25 03:34:07 +00:00
Brooks Davis
bb5c977fbd General cleanup providing better style(9) conformance and generally
improved readability.  The two real functional changes are that
netgraph now sees this as the "split" node type rather then the
"ng_split" node type and that meta data is passed through without
processing rather then being dropped.

Reviewed by:	jhb, julian
MFC after:	7 weeks
2001-07-24 23:33:06 +00:00
Julian Elischer
c31b4a5381 Add an external function to unlink a netgraph type from the types list. 2001-07-23 21:14:57 +00:00
Julian Elischer
8b68f82f72 remember to set the return address in a message when
sending it along a hook.

PR: 27906
Submitted by: Harti Brandt <brandt@fokus.gmd.de>

no MFC as code is different in 4.x
2001-07-14 05:51:33 +00:00
Peter Wemm
bc66c1fd1f Fix warning: (int/long mixup in printf)
475: warning: unsigned int format, long unsigned int arg (arg 3)
2001-06-15 07:35:25 +00:00
John Polstra
a514569e9a Fix a range checking bug in ng_int32_parse which affected 64-bit
machines.  The code formerly read:

    long val;
    if (val < (long)-0x80000000 || ...)
            return EINVAL;

The constant 0x80000000 has type unsigned int.  The unary `-'
operator does not change the type (or the value, in this case).
Therefore the promotion to long is done by 0-extension, giving
0x0000000080000000 instead of the desired 0xffffffff80000000.  I
got rid of the `-' and changed the cast to (int32_t) to give proper
sign-extension on all architectures and to better reflect the fact
that we are range-checking a 32-bit value.

This commit also makes the analogous changes to ng_int{8,16}_parse
for consistency.

MFC after:	3 days
2001-05-19 19:36:32 +00:00