diff --git a/ObsoleteFiles.inc b/ObsoleteFiles.inc index b988324e0212..4c2844b81375 100644 --- a/ObsoleteFiles.inc +++ b/ObsoleteFiles.inc @@ -14,6 +14,10 @@ # The file is partitioned: OLD_FILES first, then OLD_LIBS and OLD_DIRS last. # +# 20090713: vimage container structs removed. +OLD_FILES+=usr/include/netinet/vinet.h +OLD_FILES+=usr/include/netinet6/vinet6.h +OLD_FILES+=usr/include/netipsec/vipsec.h # 20090709: msgctl.3 msgget.3 msgrcv.3 msgsnd.3 manual pages moved OLD_FILES+=usr/share/man/man3/msgctl.3.gz OLD_FILES+=usr/share/man/man3/msgget.3.gz diff --git a/UPDATING b/UPDATING index 411f56cf918d..14b1f4768a7c 100644 --- a/UPDATING +++ b/UPDATING @@ -22,6 +22,11 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 8.x IS SLOW: to maximize performance. (To disable malloc debugging, run ln -s aj /etc/malloc.conf.) +20090714: + Due to changes in the implementation of virtual network stack + support, all network-related kernel modules must be recompiled. + As this change breaks the ABI, bump __FreeBSD_version to 800104. + 20090713: The TOE interface to the TCP syncache has been modified to remove struct tcpopt () from the ABI of the network stack. The diff --git a/sys/compat/linprocfs/linprocfs.c b/sys/compat/linprocfs/linprocfs.c index ed68b1a376d0..5bca38137c0c 100644 --- a/sys/compat/linprocfs/linprocfs.c +++ b/sys/compat/linprocfs/linprocfs.c @@ -1078,7 +1078,6 @@ linprocfs_doprocmaps(PFS_FILL_ARGS) static int linprocfs_donetdev(PFS_FILL_ARGS) { - INIT_VNET_NET(TD_TO_VNET(td)); char ifname[16]; /* XXX LINUX_IFNAMSIZ */ struct ifnet *ifp; diff --git a/sys/compat/linux/linux_ioctl.c b/sys/compat/linux/linux_ioctl.c index 7d11b9801e32..a8b09451f1e5 100644 --- a/sys/compat/linux/linux_ioctl.c +++ b/sys/compat/linux/linux_ioctl.c @@ -2059,7 +2059,6 @@ linux_ioctl_console(struct thread *td, struct linux_ioctl_args *args) int linux_ifname(struct ifnet *ifp, char *buffer, size_t buflen) { - INIT_VNET_NET(ifp->if_vnet); struct ifnet *ifscan; int ethno; @@ -2093,7 +2092,6 @@ linux_ifname(struct ifnet *ifp, char *buffer, size_t buflen) static struct ifnet * ifname_linux_to_bsd(struct thread *td, const char *lxname, char *bsdname) { - INIT_VNET_NET(TD_TO_VNET(td)); struct ifnet *ifp; int len, unit; char *ep; @@ -2134,7 +2132,6 @@ ifname_linux_to_bsd(struct thread *td, const char *lxname, char *bsdname) static int linux_ifconf(struct thread *td, struct ifconf *uifc) { - INIT_VNET_NET(TD_TO_VNET(td)); #ifdef COMPAT_LINUX32 struct l_ifconf ifc; #else diff --git a/sys/compat/linux/linux_socket.c b/sys/compat/linux/linux_socket.c index 45a1d5377482..0c48b917fb23 100644 --- a/sys/compat/linux/linux_socket.c +++ b/sys/compat/linux/linux_socket.c @@ -60,7 +60,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #endif #ifdef COMPAT_LINUX32 @@ -599,11 +598,6 @@ struct linux_socket_args { static int linux_socket(struct thread *td, struct linux_socket_args *args) { -#ifdef INET6 -#ifndef KLD_MODULE - INIT_VNET_INET6(curvnet); -#endif -#endif struct socket_args /* { int domain; int type; diff --git a/sys/compat/svr4/svr4_sockio.c b/sys/compat/svr4/svr4_sockio.c index 6ed4e69e5fc2..ec62f718ef03 100644 --- a/sys/compat/svr4/svr4_sockio.c +++ b/sys/compat/svr4/svr4_sockio.c @@ -89,7 +89,6 @@ svr4_sock_ioctl(fp, td, retval, fd, cmd, data) switch (cmd) { case SVR4_SIOCGIFNUM: { - INIT_VNET_NET(curvnet); struct ifnet *ifp; struct ifaddr *ifa; int ifnum = 0; diff --git a/sys/conf/files b/sys/conf/files index b28f5b3003ca..66cc354acab3 100644 --- a/sys/conf/files +++ b/sys/conf/files @@ -1989,7 +1989,7 @@ kern/kern_time.c standard kern/kern_timeout.c standard kern/kern_umtx.c standard kern/kern_uuid.c standard -kern/kern_vimage.c standard +kern/kern_vimage.c optional vimage kern/kern_xxx.c standard kern/link_elf.c standard kern/linker_if.m standard @@ -2231,6 +2231,7 @@ net/route.c standard net/rtsock.c standard net/slcompress.c optional netgraph_vjc | sppp | \ netgraph_sppp +net/vnet.c optional vimage net/zlib.c optional crypto | geom_uzip | ipsec | \ mxge | netgraph_deflate | \ ddb_ctf diff --git a/sys/conf/options b/sys/conf/options index fcf76b5bc98a..41c80b5434c5 100644 --- a/sys/conf/options +++ b/sys/conf/options @@ -823,7 +823,6 @@ TDMA_TXRATE_11NG_DEFAULT opt_tdma.h # Virtualize the network stack VIMAGE opt_global.h -VIMAGE_GLOBALS opt_global.h # Common Flash Interface (CFI) options CFI_SUPPORT_STRATAFLASH opt_cfi.h diff --git a/sys/contrib/altq/altq/altq_subr.c b/sys/contrib/altq/altq/altq_subr.c index ac367706a667..348128f4daf0 100644 --- a/sys/contrib/altq/altq/altq_subr.c +++ b/sys/contrib/altq/altq/altq_subr.c @@ -469,7 +469,6 @@ tbr_timeout(arg) VNET_LIST_RLOCK(); VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); - INIT_VNET_NET(vnet_iter); #endif for (ifp = TAILQ_FIRST(&V_ifnet); ifp; ifp = TAILQ_NEXT(ifp, if_list)) { diff --git a/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c b/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c index 3e0e63321919..1480ed0c370f 100644 --- a/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c +++ b/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c @@ -64,6 +64,7 @@ static const char rcsid[] = "@(#)$Id: ip_fil_freebsd.c,v 2.53.2.50 2007/09/20 12 #endif #if __FreeBSD_version >= 800044 # include +# include #else #define V_path_mtu_discovery path_mtu_discovery #define V_ipforwarding ipforwarding @@ -92,9 +93,6 @@ static const char rcsid[] = "@(#)$Id: ip_fil_freebsd.c,v 2.53.2.50 2007/09/20 12 #include #include #include -#if defined(__FreeBSD_version) && (__FreeBSD_version >= 800056) -# include -#endif #ifndef _KERNEL # include "netinet/ipf.h" #endif @@ -213,7 +211,6 @@ char *s; int ipfattach() { - INIT_VNET_INET(curvnet); #ifdef USE_SPL int s; #endif @@ -265,7 +262,6 @@ int ipfattach() */ int ipfdetach() { - INIT_VNET_INET(curvnet); #ifdef USE_SPL int s; #endif @@ -654,7 +650,6 @@ static int fr_send_ip(fin, m, mpp) fr_info_t *fin; mb_t *m, **mpp; { - INIT_VNET_INET(curvnet); fr_info_t fnew; ip_t *ip, *oip; int hlen; diff --git a/sys/contrib/pf/net/pf.c b/sys/contrib/pf/net/pf.c index d0947b9416ac..d59930f2db9d 100644 --- a/sys/contrib/pf/net/pf.c +++ b/sys/contrib/pf/net/pf.c @@ -119,9 +119,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#ifdef __FreeBSD__ -#include -#endif #ifndef __FreeBSD__ #include @@ -141,7 +138,6 @@ __FBSDID("$FreeBSD$"); #ifdef __FreeBSD__ #include #include -#include #endif #endif /* INET6 */ @@ -1762,7 +1758,6 @@ pf_send_tcp(const struct pf_rule *r, sa_family_t af, u_int8_t flags, u_int16_t win, u_int16_t mss, u_int8_t ttl, int tag, u_int16_t rtag, struct ether_header *eh, struct ifnet *ifp) { - INIT_VNET_INET(curvnet); struct mbuf *m; int len, tlen; #ifdef INET @@ -2926,7 +2921,6 @@ pf_socket_lookup(int direction, struct pf_pdesc *pd, struct inpcb *inp_arg) pf_socket_lookup(int direction, struct pf_pdesc *pd) #endif { - INIT_VNET_INET(curvnet); struct pf_addr *saddr, *daddr; u_int16_t sport, dport; #ifdef __FreeBSD__ @@ -3096,7 +3090,6 @@ pf_get_wscale(struct mbuf *m, int off, u_int16_t th_off, sa_family_t af) u_int16_t pf_get_mss(struct mbuf *m, int off, u_int16_t th_off, sa_family_t af) { - INIT_VNET_INET(curvnet); int hlen; u_int8_t hdr[60]; u_int8_t *opt, optlen; @@ -3136,7 +3129,6 @@ u_int16_t pf_calc_mss(struct pf_addr *addr, sa_family_t af, u_int16_t offer) { #ifdef INET - INIT_VNET_INET(curvnet); struct sockaddr_in *dst; struct route ro; #endif /* INET */ @@ -3239,7 +3231,6 @@ pf_test_tcp(struct pf_rule **rm, struct pf_state **sm, int direction, struct ifqueue *ifq) #endif { - INIT_VNET_INET(curvnet); struct pf_rule *nr = NULL; struct pf_addr *saddr = pd->src, *daddr = pd->dst; struct tcphdr *th = pd->hdr.tcp; @@ -6094,7 +6085,6 @@ void pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp, struct pf_state *s, struct pf_pdesc *pd) { - INIT_VNET_INET(curvnet); struct mbuf *m0, *m1; struct route iproute; struct route *ro = NULL; @@ -6633,26 +6623,22 @@ pf_check_proto_cksum(struct mbuf *m, int off, int len, u_int8_t p, sa_family_t a switch (p) { case IPPROTO_TCP: { - INIT_VNET_INET(curvnet); TCPSTAT_INC(tcps_rcvbadsum); break; } case IPPROTO_UDP: { - INIT_VNET_INET(curvnet); UDPSTAT_INC(udps_badsum); break; } case IPPROTO_ICMP: { - INIT_VNET_INET(curvnet); ICMPSTAT_INC(icps_checksum); break; } #ifdef INET6 case IPPROTO_ICMPV6: { - INIT_VNET_INET6(curvnet); ICMP6STAT_INC(icp6s_checksum); break; } diff --git a/sys/contrib/pf/net/pf_if.c b/sys/contrib/pf/net/pf_if.c index 1972edc4326f..70566404699c 100644 --- a/sys/contrib/pf/net/pf_if.c +++ b/sys/contrib/pf/net/pf_if.c @@ -115,9 +115,6 @@ void pfi_change_group_event(void * __unused, char *); void pfi_detach_group_event(void * __unused, struct ifg_group *); void pfi_ifaddr_event(void * __unused, struct ifnet *); -#ifdef VIMAGE_GLOBALS -extern struct ifgrouphead ifg_head; -#endif #endif RB_PROTOTYPE(pfi_ifhead, pfi_kif, pfik_tree, pfi_if_compare); @@ -129,7 +126,6 @@ RB_GENERATE(pfi_ifhead, pfi_kif, pfik_tree, pfi_if_compare); void pfi_initialize(void) { - INIT_VNET_NET(curvnet); if (pfi_all != NULL) /* already initialized */ return; diff --git a/sys/contrib/pf/net/pf_ioctl.c b/sys/contrib/pf/net/pf_ioctl.c index 436f7654a774..36331f365a29 100644 --- a/sys/contrib/pf/net/pf_ioctl.c +++ b/sys/contrib/pf/net/pf_ioctl.c @@ -3703,7 +3703,6 @@ static int pf_check6_in(void *arg, struct mbuf **m, struct ifnet *ifp, int dir, struct inpcb *inp) { - INIT_VNET_NET(curvnet); /* * IPv6 is not affected by ip_len/ip_off byte order changes. diff --git a/sys/contrib/pf/net/pf_subr.c b/sys/contrib/pf/net/pf_subr.c index a722aef9691b..9314bf170f4b 100644 --- a/sys/contrib/pf/net/pf_subr.c +++ b/sys/contrib/pf/net/pf_subr.c @@ -65,7 +65,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include /* diff --git a/sys/contrib/pf/net/pfvar.h b/sys/contrib/pf/net/pfvar.h index b12d389fd392..2c176db0299b 100644 --- a/sys/contrib/pf/net/pfvar.h +++ b/sys/contrib/pf/net/pfvar.h @@ -1855,12 +1855,4 @@ int pf_osfp_match(struct pf_osfp_enlist *, pf_osfp_t); struct pf_os_fingerprint * pf_osfp_validate(void); -/* - * Symbol translation macros - */ -#define INIT_VNET_PF(vnet) \ - INIT_FROM_VNET(vnet, VNET_MOD_PF, struct vnet_pf, vnet_pf) - -#define VNET_PF(sym) VSYM(vnet_pf, sym) - #endif /* _NET_PFVAR_H_ */ diff --git a/sys/contrib/rdma/rdma_cma.c b/sys/contrib/rdma/rdma_cma.c index 23d56f1d9985..1bf2d086140c 100644 --- a/sys/contrib/rdma/rdma_cma.c +++ b/sys/contrib/rdma/rdma_cma.c @@ -51,7 +51,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include @@ -1950,7 +1949,6 @@ err1: static int cma_alloc_any_port(struct kvl *ps, struct rdma_id_private *id_priv) { - INIT_VNET_INET(curvnet); struct rdma_bind_list *bind_list; int port, ret; @@ -1995,7 +1993,6 @@ err1: static int cma_use_port(struct kvl *ps, struct rdma_id_private *id_priv) { - INIT_VNET_INET(curvnet); struct rdma_id_private *cur_id; struct sockaddr_in *sin, *cur_sin; struct rdma_bind_list *bind_list; @@ -2915,7 +2912,6 @@ static void cma_remove_one(struct ib_device *device) static int cma_init(void) { - INIT_VNET_INET(curvnet); int ret; LIST_INIT(&listen_any_list); diff --git a/sys/ddb/db_expr.c b/sys/ddb/db_expr.c index eaab874336b8..424384ce341a 100644 --- a/sys/ddb/db_expr.c +++ b/sys/ddb/db_expr.c @@ -51,7 +51,9 @@ db_term(db_expr_t *valuep) t = db_read_token(); if (t == tIDENT) { - if (!db_value_of_name(db_tok_string, valuep)) { + if (!db_value_of_name(db_tok_string, valuep) && + !db_value_of_name_pcpu(db_tok_string, valuep) && + !db_value_of_name_vnet(db_tok_string, valuep)) { db_error("Symbol not found\n"); /*NOTREACHED*/ } diff --git a/sys/ddb/db_sym.c b/sys/ddb/db_sym.c index 9d043b38dbbd..1a95c11902a8 100644 --- a/sys/ddb/db_sym.c +++ b/sys/ddb/db_sym.c @@ -32,10 +32,15 @@ __FBSDID("$FreeBSD$"); #include +#include #include +#include + +#include #include #include +#include #include @@ -56,6 +61,117 @@ static char *db_qualify(c_db_sym_t sym, char *symtabname); static boolean_t db_symbol_is_ambiguous(c_db_sym_t sym); static boolean_t db_line_at_pc(c_db_sym_t, char **, int *, db_expr_t); +static int db_cpu = -1; + +#ifdef VIMAGE +extern uintptr_t *__start_set_vnet; +extern uintptr_t *__stop_set_vnet; + +#define VNET_START (uintptr_t)&__start_set_vnet +#define VNET_STOP (uintptr_t)&__stop_set_vnet + +static void *db_vnet = NULL; +#endif + +/* + * Validate the CPU number used to interpret per-CPU variables so we can + * avoid later confusion if an invalid CPU is requested. + */ +int +db_var_db_cpu(struct db_variable *vp, db_expr_t *valuep, int op) +{ + + switch (op) { + case DB_VAR_GET: + *valuep = db_cpu; + return (1); + + case DB_VAR_SET: + if (*(int *)valuep < -1 && *(int *)valuep > mp_maxid) { + db_printf("Invalid value: %d", *(int*)valuep); + return (0); + } + db_cpu = *(int *)valuep; + return (1); + + default: + db_printf("db_var_db_cpu: unknown operation\n"); + return (0); + } +} + +/* + * Read-only variable reporting the current CPU, which is what we use when + * db_cpu is set to -1. + */ +int +db_var_curcpu(struct db_variable *vp, db_expr_t *valuep, int op) +{ + + switch (op) { + case DB_VAR_GET: + *valuep = curcpu; + return (1); + + case DB_VAR_SET: + db_printf("Read-only variable.\n"); + return (0); + + default: + db_printf("db_var_curcpu: unknown operation\n"); + return (0); + } +} + +#ifdef VIMAGE +/* + * Validate the virtual network pointer used to interpret per-vnet global + * variable expansion. Right now we don't do much here, really we should + * walk the global vnet list to check it's an OK pointer. + */ +int +db_var_db_vnet(struct db_variable *vp, db_expr_t *valuep, int op) +{ + + switch (op) { + case DB_VAR_GET: + *valuep = (db_expr_t)db_vnet; + return (1); + + case DB_VAR_SET: + db_vnet = *(void **)valuep; + return (1); + + default: + db_printf("db_var_db_vnet: unknown operation\n"); + return (0); + } +} + +/* + * Read-only variable reporting the current vnet, which is what we use when + * db_vnet is set to NULL. + */ +int +db_var_curvnet(struct db_variable *vp, db_expr_t *valuep, int op) +{ + + switch (op) { + case DB_VAR_GET: + *valuep = (db_expr_t)curvnet; + return (1); + + case DB_VAR_SET: + db_printf("Read-only variable.\n"); + return (0); + + default: + db_printf("db_var_curcpu: unknown operation\n"); + return (0); + } +} +#endif + /* * Add symbol table, with given name, to list of symbol tables. */ @@ -125,6 +241,59 @@ db_value_of_name(name, valuep) return (TRUE); } +boolean_t +db_value_of_name_pcpu(name, valuep) + const char *name; + db_expr_t *valuep; +{ + static char tmp[256]; + db_expr_t value; + c_db_sym_t sym; + int cpu; + + if (db_cpu != -1) + cpu = db_cpu; + else + cpu = curcpu; + snprintf(tmp, sizeof(tmp), "pcpu_entry_%s", name); + sym = db_lookup(tmp); + if (sym == C_DB_SYM_NULL) + return (FALSE); + db_symbol_values(sym, &name, &value); + if (value < DPCPU_START || value >= DPCPU_STOP) + return (FALSE); + *valuep = (db_expr_t)((uintptr_t)value + dpcpu_off[cpu]); + return (TRUE); +} + +boolean_t +db_value_of_name_vnet(name, valuep) + const char *name; + db_expr_t *valuep; +{ +#ifdef VIMAGE + static char tmp[256]; + db_expr_t value; + c_db_sym_t sym; + struct vnet *vnet; + + if (db_vnet != NULL) + vnet = db_vnet; + else + vnet = curvnet; + snprintf(tmp, sizeof(tmp), "vnet_entry_%s", name); + sym = db_lookup(tmp); + if (sym == C_DB_SYM_NULL) + return (FALSE); + db_symbol_values(sym, &name, &value); + if (value < VNET_START || value >= VNET_STOP) + return (FALSE); + *valuep = (db_expr_t)((uintptr_t)value + vnet->vnet_data_base); + return (TRUE); +#else + return (FALSE); +#endif +} /* * Lookup a symbol. diff --git a/sys/ddb/db_variables.c b/sys/ddb/db_variables.c index 706ebe60ec94..69c11aefa05a 100644 --- a/sys/ddb/db_variables.c +++ b/sys/ddb/db_variables.c @@ -46,6 +46,12 @@ static struct db_variable db_vars[] = { { "maxwidth", &db_max_width, FCN_NULL }, { "tabstops", &db_tab_stop_width, FCN_NULL }, { "lines", &db_lines_per_page, FCN_NULL }, + { "curcpu", NULL, db_var_curcpu }, + { "db_cpu", NULL, db_var_db_cpu }, +#ifdef VIMAGE + { "curvnet", NULL, db_var_curvnet }, + { "db_vnet", NULL, db_var_db_vnet }, +#endif }; static struct db_variable *db_evars = db_vars + sizeof(db_vars)/sizeof(db_vars[0]); diff --git a/sys/ddb/db_variables.h b/sys/ddb/db_variables.h index 1ff0e4442d00..42a3bf95b8d1 100644 --- a/sys/ddb/db_variables.h +++ b/sys/ddb/db_variables.h @@ -52,6 +52,11 @@ struct db_variable { extern struct db_variable db_regs[]; /* machine registers */ extern struct db_variable *db_eregs; +extern db_varfcn_t db_var_curcpu; /* DPCPU default CPU */ +extern db_varfcn_t db_var_curvnet; /* Default vnet */ +extern db_varfcn_t db_var_db_cpu; /* DPCPU active CPU */ +extern db_varfcn_t db_var_db_vnet; /* Active vnet */ + int db_read_variable(struct db_variable *, db_expr_t *); int db_write_variable(struct db_variable *, db_expr_t); diff --git a/sys/ddb/ddb.h b/sys/ddb/ddb.h index 1afdfa39a54e..e6d8a9514ca4 100644 --- a/sys/ddb/ddb.h +++ b/sys/ddb/ddb.h @@ -213,6 +213,8 @@ boolean_t db_stop_at_pc(boolean_t *is_breakpoint); void db_trace_self(void); int db_trace_thread(struct thread *, int); int db_value_of_name(const char *name, db_expr_t *valuep); +int db_value_of_name_pcpu(const char *name, db_expr_t *valuep); +int db_value_of_name_vnet(const char *name, db_expr_t *valuep); int db_write_bytes(vm_offset_t addr, size_t size, char *data); void db_command_register(struct command_table *, struct command *); void db_command_unregister(struct command_table *, struct command *); diff --git a/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb.c b/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb.c index db1c406f7830..8fd1e970d7a0 100644 --- a/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb.c +++ b/sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb.c @@ -240,7 +240,6 @@ iwch_init_module(void) VNET_LIST_RLOCK(); VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); /* XXX CURVNET_SET_QUIET() ? */ - INIT_VNET_NET(vnet_iter); TAILQ_FOREACH(ifp, &V_ifnet, if_link) (void)ifaddr_event_handler(NULL, ifp); CURVNET_RESTORE(); diff --git a/sys/dev/cxgb/ulp/tom/cxgb_cpl_io.c b/sys/dev/cxgb/ulp/tom/cxgb_cpl_io.c index f04d54f9e206..1cbaaff79e43 100644 --- a/sys/dev/cxgb/ulp/tom/cxgb_cpl_io.c +++ b/sys/dev/cxgb/ulp/tom/cxgb_cpl_io.c @@ -78,9 +78,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#if __FreeBSD_version >= 800056 -#include -#endif #include #include @@ -274,7 +271,6 @@ mk_tid_release(struct mbuf *m, const struct toepcb *toep, unsigned int tid) static inline void make_tx_data_wr(struct socket *so, struct mbuf *m, int len, struct mbuf *tail) { - INIT_VNET_INET(so->so_vnet); struct tcpcb *tp = so_sototcpcb(so); struct toepcb *toep = tp->t_toe; struct tx_data_wr *req; @@ -1219,7 +1215,6 @@ install_offload_ops(struct socket *so) static __inline int select_rcv_wscale(int space, struct vnet *vnet) { - INIT_VNET_INET(vnet); int wscale = 0; if (space > MAX_RCV_WND) @@ -1237,7 +1232,6 @@ select_rcv_wscale(int space, struct vnet *vnet) static unsigned long select_rcv_wnd(struct toedev *dev, struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct tom_data *d = TOM_DATA(dev); unsigned int wnd; unsigned int max_rcv_wnd; @@ -3780,7 +3774,6 @@ fixup_and_send_ofo(struct toepcb *toep) static void socket_act_establish(struct socket *so, struct mbuf *m) { - INIT_VNET_INET(so->so_vnet); struct cpl_act_establish *req = cplhdr(m); u32 rcv_isn = ntohl(req->rcv_isn); /* real RCV_ISN + 1 */ struct tcpcb *tp = so_sototcpcb(so); diff --git a/sys/fs/nfs/nfsport.h b/sys/fs/nfs/nfsport.h index d10fdfbc0789..1f4872ba733b 100644 --- a/sys/fs/nfs/nfsport.h +++ b/sys/fs/nfs/nfsport.h @@ -95,7 +95,6 @@ #include #include #include -#include #include #include #include diff --git a/sys/fs/nfsclient/nfs_clvnops.c b/sys/fs/nfsclient/nfs_clvnops.c index bf6ec85a8ff8..81b78a099e59 100644 --- a/sys/fs/nfsclient/nfs_clvnops.c +++ b/sys/fs/nfsclient/nfs_clvnops.c @@ -75,7 +75,6 @@ __FBSDID("$FreeBSD$"); #include #include -#include #include #include @@ -1401,7 +1400,6 @@ again: CURVNET_SET(P_TO_VNET(&proc0)); #ifdef INET - INIT_VNET_INET(curvnet); IN_IFADDR_RLOCK(); if (!TAILQ_EMPTY(&V_in_ifaddrhead)) cverf.lval[0] = IA_SIN(TAILQ_FIRST(&V_in_ifaddrhead))->sin_addr.s_addr; diff --git a/sys/fs/nfsserver/nfs_nfsdport.c b/sys/fs/nfsserver/nfs_nfsdport.c index 8f5cc94c0f8a..0cebc21ce7b0 100644 --- a/sys/fs/nfsserver/nfs_nfsdport.c +++ b/sys/fs/nfsserver/nfs_nfsdport.c @@ -2671,7 +2671,6 @@ nfsrv_v4rootexport(void *argp, struct ucred *cred, struct thread *p) int nfsrv_getsocksndseq(struct socket *so, tcp_seq *maxp, tcp_seq *unap) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; struct tcpcb *tp; int error = EPIPE; diff --git a/sys/kern/kern_linker.c b/sys/kern/kern_linker.c index 9775059fd0ab..1768e69a7c40 100644 --- a/sys/kern/kern_linker.c +++ b/sys/kern/kern_linker.c @@ -1334,23 +1334,8 @@ kldsym(struct thread *td, struct kldsym_args *uap) break; } } -#ifndef VIMAGE_GLOBALS - /* - * If the symbol is not found in global namespace, - * try to look it up in the current vimage namespace. - */ - if (lf == NULL) { - CURVNET_SET(TD_TO_VNET(td)); - error = vi_symlookup(&lookup, symstr); - CURVNET_RESTORE(); - if (error == 0) - error = copyout(&lookup, uap->data, - sizeof(lookup)); - } -#else if (lf == NULL) error = ENOENT; -#endif } KLD_UNLOCK(); out: diff --git a/sys/kern/kern_poll.c b/sys/kern/kern_poll.c index d9cf49fa28ce..53962402f453 100644 --- a/sys/kern/kern_poll.c +++ b/sys/kern/kern_poll.c @@ -545,7 +545,6 @@ ether_poll_deregister(struct ifnet *ifp) static int poll_switch(SYSCTL_HANDLER_ARGS) { - INIT_VNET_NET(curvnet); struct ifnet *ifp; int error; int val = polling; diff --git a/sys/kern/kern_sysctl.c b/sys/kern/kern_sysctl.c index 9e615449a7b3..94e45f13caf4 100644 --- a/sys/kern/kern_sysctl.c +++ b/sys/kern/kern_sysctl.c @@ -59,6 +59,8 @@ __FBSDID("$FreeBSD$"); #include #endif +#include + #include #include @@ -936,33 +938,9 @@ sysctl_handle_int(SYSCTL_HANDLER_ARGS) return (error); } -#ifdef VIMAGE -int -sysctl_handle_v_int(SYSCTL_HANDLER_ARGS) -{ - int tmpout, error = 0; - - SYSCTL_RESOLVE_V_ARG1(); - - /* - * Attempt to get a coherent snapshot by making a copy of the data. - */ - tmpout = *(int *)arg1; - error = SYSCTL_OUT(req, &tmpout, sizeof(int)); - - if (error || !req->newptr) - return (error); - - if (!arg1) - error = EPERM; - else - error = SYSCTL_IN(req, arg1, sizeof(int)); - return (error); -} -#endif - /* * Based on on sysctl_handle_int() convert milliseconds into ticks. + * Note: this is used by TCP. */ int @@ -970,8 +948,11 @@ sysctl_msec_to_ticks(SYSCTL_HANDLER_ARGS) { int error, s, tt; - SYSCTL_RESOLVE_V_ARG1(); - +#ifdef VIMAGE + if (arg1 != NULL) + arg1 = (void *)(TD_TO_VNET(req->td)->vnet_data_base + + (uintptr_t)arg1); +#endif tt = *(int *)arg1; s = (int)((int64_t)tt * 1000 / hz); @@ -1097,47 +1078,6 @@ retry: return (error); } -#ifdef VIMAGE -int -sysctl_handle_v_string(SYSCTL_HANDLER_ARGS) -{ - int error=0; - char *tmparg; - size_t outlen; - - SYSCTL_RESOLVE_V_ARG1(); - - /* - * Attempt to get a coherent snapshot by copying to a - * temporary kernel buffer. - */ -retry: - outlen = strlen((char *)arg1)+1; - tmparg = malloc(outlen, M_SYSCTLTMP, M_WAITOK); - - if (strlcpy(tmparg, (char *)arg1, outlen) >= outlen) { - free(tmparg, M_SYSCTLTMP); - goto retry; - } - - error = SYSCTL_OUT(req, tmparg, outlen); - free(tmparg, M_SYSCTLTMP); - - if (error || !req->newptr) - return (error); - - if ((req->newlen - req->newidx) >= arg2) { - error = EINVAL; - } else { - arg2 = (req->newlen - req->newidx); - error = SYSCTL_IN(req, arg1, arg2); - ((char *)arg1)[arg2] = '\0'; - } - - return (error); -} -#endif - /* * Handle any kind of opaque data. * arg1 points to it, arg2 is the size. @@ -1175,35 +1115,6 @@ retry: return (error); } -#ifdef VIMAGE -int -sysctl_handle_v_opaque(SYSCTL_HANDLER_ARGS) -{ - int error, tries; - u_int generation; - struct sysctl_req req2; - - SYSCTL_RESOLVE_V_ARG1(); - - tries = 0; - req2 = *req; -retry: - generation = curthread->td_generation; - error = SYSCTL_OUT(req, arg1, arg2); - if (error) - return (error); - tries++; - if (generation != curthread->td_generation && tries < 3) { - *req = req2; - goto retry; - } - - error = SYSCTL_IN(req, arg1, arg2); - - return (error); -} -#endif - /* * Transfer functions to/from kernel space. * XXX: rather untested at this point diff --git a/sys/kern/kern_uuid.c b/sys/kern/kern_uuid.c index a0c26b92bd01..cd88538f7e38 100644 --- a/sys/kern/kern_uuid.c +++ b/sys/kern/kern_uuid.c @@ -89,7 +89,6 @@ MTX_SYSINIT(uuid_lock, &uuid_mutex, "UUID generator mutex lock", MTX_DEF); static void uuid_node(uint16_t *node) { - INIT_VNET_NET(curvnet); struct ifnet *ifp; struct ifaddr *ifa; struct sockaddr_dl *sdl; diff --git a/sys/kern/kern_vimage.c b/sys/kern/kern_vimage.c index 9ee3e1dc4640..daa9b9f4f96c 100644 --- a/sys/kern/kern_vimage.c +++ b/sys/kern/kern_vimage.c @@ -53,8 +53,6 @@ __FBSDID("$FreeBSD$"); #include #include -#ifndef VIMAGE_GLOBALS - MALLOC_DEFINE(M_VIMAGE, "vimage", "vimage resource container"); MALLOC_DEFINE(M_VNET, "vnet", "network stack control block"); MALLOC_DEFINE(M_VPROCG, "vprocg", "process group control block"); @@ -65,13 +63,11 @@ static void vnet_mod_complete_registration(struct vnet_modlink *); static int vnet_mod_constructor(struct vnet_modlink *); static int vnet_mod_destructor(struct vnet_modlink *); -#ifdef VIMAGE static struct vimage *vi_alloc(struct vimage *, char *); static int vi_destroy(struct vimage *); static struct vimage *vimage_get_next(struct vimage *, struct vimage *, int); static void vimage_relative_name(struct vimage *, struct vimage *, char *, int); -#endif #define VNET_LIST_WLOCK() \ mtx_lock(&vnet_list_refc_mtx); \ @@ -81,17 +77,11 @@ static void vimage_relative_name(struct vimage *, struct vimage *, #define VNET_LIST_WUNLOCK() \ mtx_unlock(&vnet_list_refc_mtx); -#ifdef VIMAGE struct vimage_list_head vimage_head; struct vnet_list_head vnet_head; struct vprocg_list_head vprocg_head; -#else -#ifndef VIMAGE_GLOBALS struct vprocg vprocg_0; -#endif -#endif -#ifdef VIMAGE struct cv vnet_list_condvar; struct mtx vnet_list_refc_mtx; int vnet_list_refc = 0; @@ -100,9 +90,7 @@ static u_int last_vi_id = 0; static u_int last_vprocg_id = 0; struct vnet *vnet0; -#endif -#ifdef VIMAGE /* * Move an ifnet to or from another vnet, specified by the jail id. If a @@ -396,8 +384,6 @@ vimage_get_next(struct vimage *top, struct vimage *where, int recurse) return (NULL); } -#endif /* VIMAGE */ /* User interface block */ - /* * Kernel interfaces and handlers. @@ -540,25 +526,11 @@ vnet_mod_constructor(struct vnet_modlink *vml) if (vml->vml_iarg) printf("/%s", vml->vml_iname); printf(": "); -#ifdef VIMAGE - if (vmi->vmi_size) - printf("malloc(%zu); ", vmi->vmi_size); -#endif if (vmi->vmi_iattach != NULL) printf("iattach()"); printf("\n"); #endif -#ifdef VIMAGE - if (vmi->vmi_size) { - void *mem = malloc(vmi->vmi_size, M_VNET, - M_NOWAIT | M_ZERO); - if (mem == NULL) /* XXX should return error, not panic. */ - panic("malloc for %s\n", vmi->vmi_name); - curvnet->mod_data[vmi->vmi_id] = mem; - } -#endif - if (vmi->vmi_iattach != NULL) vmi->vmi_iattach(vml->vml_iarg); @@ -577,63 +549,15 @@ vnet_mod_destructor(struct vnet_modlink *vml) printf(": "); if (vmi->vmi_idetach != NULL) printf("idetach(); "); -#ifdef VIMAGE - if (vmi->vmi_size) - printf("free()"); -#endif printf("\n"); #endif if (vmi->vmi_idetach) vmi->vmi_idetach(vml->vml_iarg); -#ifdef VIMAGE - if (vmi->vmi_size) { - if (curvnet->mod_data[vmi->vmi_id] == NULL) - panic("vi_destroy: %s\n", vmi->vmi_name); - free(curvnet->mod_data[vmi->vmi_id], M_VNET); - curvnet->mod_data[vmi->vmi_id] = NULL; - } -#endif - return (0); } -/* - * vi_symlookup() attempts to resolve name to address queries for - * variables which have been moved from global namespace to virtualization - * container structures, but are still directly accessed from legacy - * userspace processes via kldsym(2) and kmem(4) interfaces. - */ -int -vi_symlookup(struct kld_sym_lookup *lookup, char *symstr) -{ - struct vnet_modlink *vml; - struct vnet_symmap *mapentry; - - TAILQ_FOREACH(vml, &vnet_modlink_head, vml_mod_le) { - if (vml->vml_modinfo->vmi_symmap == NULL) - continue; - for (mapentry = vml->vml_modinfo->vmi_symmap; - mapentry->name != NULL; mapentry++) { - if (strcmp(symstr, mapentry->name) == 0) { -#ifdef VIMAGE - lookup->symvalue = - (u_long) curvnet->mod_data[ - vml->vml_modinfo->vmi_id]; - lookup->symvalue += mapentry->offset; -#else - lookup->symvalue = (u_long) mapentry->offset; -#endif - lookup->symsize = mapentry->size; - return (0); - } - } - } - return (ENOENT); -} - -#ifdef VIMAGE struct vnet * vnet_alloc(void) { @@ -642,6 +566,7 @@ vnet_alloc(void) vnet = malloc(sizeof(struct vnet), M_VNET, M_WAITOK | M_ZERO); vnet->vnet_magic_n = VNET_MAGIC_N; + vnet_data_init(vnet); /* Initialize / attach vnet module instances. */ CURVNET_SET_QUIET(vnet); @@ -669,7 +594,6 @@ vnet_destroy(struct vnet *vnet) VNET_LIST_WUNLOCK(); CURVNET_SET_QUIET(vnet); - INIT_VNET_NET(vnet); /* Return all inherited interfaces to their parent vnets. */ TAILQ_FOREACH_SAFE(ifp, &V_ifnet, if_link, nifp) { @@ -685,10 +609,22 @@ vnet_destroy(struct vnet *vnet) CURVNET_RESTORE(); /* Hopefully, we are OK to free the vnet container itself. */ + vnet_data_destroy(vnet); vnet->vnet_magic_n = 0xdeadbeef; free(vnet, M_VNET); } +void +vnet_foreach(void (*vnet_foreach_fn)(struct vnet *, void *), void *arg) +{ + struct vnet *vnet; + + VNET_LIST_RLOCK(); + LIST_FOREACH(vnet, &vnet_head, vnet_le) + vnet_foreach_fn(vnet, arg); + VNET_LIST_RUNLOCK(); +} + static struct vimage * vi_alloc(struct vimage *parent, char *name) { @@ -757,7 +693,6 @@ vi_destroy(struct vimage *vip) return (0); } -#endif /* VIMAGE */ static void vi_init(void *unused) @@ -766,7 +701,6 @@ vi_init(void *unused) TAILQ_INIT(&vnet_modlink_head); TAILQ_INIT(&vnet_modpending_head); -#ifdef VIMAGE LIST_INIT(&vimage_head); LIST_INIT(&vprocg_head); LIST_INIT(&vnet_head); @@ -783,7 +717,6 @@ vi_init(void *unused) * curvnet recursions. */ curvnet = prison0.pr_vnet = vnet0 = LIST_FIRST(&vnet_head); -#endif } static void @@ -791,9 +724,7 @@ vi_init_done(void *unused) { struct vnet_modlink *vml_iter; -#ifdef VIMAGE curvnet = NULL; -#endif if (TAILQ_EMPTY(&vnet_modpending_head)) return; @@ -809,45 +740,21 @@ vi_init_done(void *unused) SYSINIT(vimage, SI_SUB_VIMAGE, SI_ORDER_FIRST, vi_init, NULL); SYSINIT(vimage_done, SI_SUB_VIMAGE_DONE, SI_ORDER_FIRST, vi_init_done, NULL); -#endif /* !VIMAGE_GLOBALS */ -#ifdef VIMAGE #ifdef DDB -static void -db_vnet_ptr(void *arg) -{ - - if (arg) - db_printf(" %p", arg); - else -#if SIZE_MAX == UINT32_MAX /* 32-bit arch */ - db_printf(" 0"); -#else /* 64-bit arch, most probaly... */ - db_printf(" 0"); -#endif -} - DB_SHOW_COMMAND(vnets, db_show_vnets) { VNET_ITERATOR_DECL(vnet_iter); #if SIZE_MAX == UINT32_MAX /* 32-bit arch */ db_printf(" vnet ifs socks"); - db_printf(" net inet inet6 ipsec netgraph\n"); #else /* 64-bit arch, most probaly... */ db_printf(" vnet ifs socks"); - db_printf(" net inet inet6 ipsec netgraph\n"); #endif VNET_FOREACH(vnet_iter) { db_printf("%p %3d %5d", vnet_iter, vnet_iter->ifcnt, vnet_iter->sockcnt); - db_vnet_ptr(vnet_iter->mod_data[VNET_MOD_NET]); - db_vnet_ptr(vnet_iter->mod_data[VNET_MOD_INET]); - db_vnet_ptr(vnet_iter->mod_data[VNET_MOD_INET6]); - db_vnet_ptr(vnet_iter->mod_data[VNET_MOD_IPSEC]); - db_vnet_ptr(vnet_iter->mod_data[VNET_MOD_NETGRAPH]); db_printf("\n"); } } #endif -#endif /* VIMAGE */ diff --git a/sys/kern/link_elf.c b/sys/kern/link_elf.c index cd0f3e909d5b..b389ace5bd49 100644 --- a/sys/kern/link_elf.c +++ b/sys/kern/link_elf.c @@ -49,6 +49,8 @@ __FBSDID("$FreeBSD$"); #include +#include + #include #include @@ -111,6 +113,11 @@ typedef struct elf_file { Elf_Addr pcpu_start; /* Pre-relocation pcpu set start. */ Elf_Addr pcpu_stop; /* Pre-relocation pcpu set stop. */ Elf_Addr pcpu_base; /* Relocated pcpu set address. */ +#ifdef VIMAGE + Elf_Addr vnet_start; /* Pre-relocation vnet set start. */ + Elf_Addr vnet_stop; /* Pre-relocation vnet set stop. */ + Elf_Addr vnet_base; /* Relocated vnet set address. */ +#endif #ifdef GDB struct link_map gdb; /* hooks for gdb */ #endif @@ -506,6 +513,36 @@ parse_dpcpu(elf_file_t ef) return (0); } +#ifdef VIMAGE +static int +parse_vnet(elf_file_t ef) +{ + int count; + int error; + + ef->vnet_start = 0; + ef->vnet_stop = 0; + error = link_elf_lookup_set(&ef->lf, "vnet", (void ***)&ef->vnet_start, + (void ***)&ef->vnet_stop, &count); + /* Error just means there is no vnet data set to relocate. */ + if (error) + return (0); + count *= sizeof(void *); + /* + * Allocate space in the primary vnet area. Copy in our initialization + * from the data section and then initialize all per-vnet storage from + * that. + */ + ef->vnet_base = (Elf_Addr)(uintptr_t)vnet_data_alloc(count); + if (ef->vnet_base == (Elf_Addr)NULL) + return (ENOSPC); + memcpy((void *)ef->vnet_base, (void *)ef->vnet_start, count); + vnet_data_copy((void *)ef->vnet_base, count); + + return (0); +} +#endif + static int link_elf_link_preload(linker_class_t cls, const char* filename, linker_file_t *result) @@ -553,6 +590,10 @@ link_elf_link_preload(linker_class_t cls, error = parse_dynamic(ef); if (error == 0) error = parse_dpcpu(ef); +#ifdef VIMAGE + if (error == 0) + error = parse_vnet(ef); +#endif if (error) { linker_file_unload(lf, LINKER_UNLOAD_FORCE); return error; @@ -838,6 +879,11 @@ link_elf_load_file(linker_class_t cls, const char* filename, error = parse_dpcpu(ef); if (error) goto out; +#ifdef VIMAGE + error = parse_vnet(ef); + if (error) + goto out; +#endif link_elf_reloc_local(lf); VOP_UNLOCK(nd.ni_vp, 0); @@ -942,6 +988,10 @@ elf_relocaddr(linker_file_t lf, Elf_Addr x) ef = (elf_file_t)lf; if (x >= ef->pcpu_start && x < ef->pcpu_stop) return ((x - ef->pcpu_start) + ef->pcpu_base); +#ifdef VIMAGE + if (x >= ef->vnet_start && x < ef->vnet_stop) + return ((x - ef->vnet_start) + ef->vnet_base); +#endif return (x); } @@ -954,6 +1004,11 @@ link_elf_unload_file(linker_file_t file) if (ef->pcpu_base) { dpcpu_free((void *)ef->pcpu_base, ef->pcpu_stop - ef->pcpu_start); } +#ifdef VIMAGE + if (ef->vnet_base) { + vnet_data_free((void *)ef->vnet_base, ef->vnet_stop - ef->vnet_start); + } +#endif #ifdef GDB if (ef->gdb.l_ld) { GDB_STATE(RT_DELETE); diff --git a/sys/kern/link_elf_obj.c b/sys/kern/link_elf_obj.c index 9d4d70c83f2d..afcdd63a21bd 100644 --- a/sys/kern/link_elf_obj.c +++ b/sys/kern/link_elf_obj.c @@ -45,6 +45,8 @@ __FBSDID("$FreeBSD$"); #include +#include + #include #include @@ -346,6 +348,21 @@ link_elf_link_preload(linker_class_t cls, const char *filename, ef->progtab[pb].size); dpcpu_copy(dpcpu, shdr[i].sh_size); ef->progtab[pb].addr = dpcpu; +#ifdef VIMAGE + } else if (ef->progtab[pb].name != NULL && + !strcmp(ef->progtab[pb].name, "set_vnet")) { + void *vnet_data; + + vnet_data = vnet_data_alloc(shdr[i].sh_size); + if (vnet_data == NULL) { + error = ENOSPC; + goto out; + } + memcpy(vnet_data, ef->progtab[pb].addr, + ef->progtab[pb].size); + vnet_data_copy(vnet_data, shdr[i].sh_size); + ef->progtab[pb].addr = vnet_data; +#endif } /* Update all symbol values with the offset. */ @@ -737,6 +754,12 @@ link_elf_load_file(linker_class_t cls, const char *filename, !strcmp(ef->progtab[pb].name, "set_pcpu")) ef->progtab[pb].addr = dpcpu_alloc(shdr[i].sh_size); +#ifdef VIMAGE + else if (ef->progtab[pb].name != NULL && + !strcmp(ef->progtab[pb].name, "set_vnet")) + ef->progtab[pb].addr = + vnet_data_alloc(shdr[i].sh_size); +#endif else ef->progtab[pb].addr = (void *)(uintptr_t)mapbase; @@ -758,10 +781,21 @@ link_elf_load_file(linker_class_t cls, const char *filename, error = EINVAL; goto out; } - /* Initialize the per-cpu area. */ - if (ef->progtab[pb].addr != (void *)mapbase) + /* Initialize the per-cpu or vnet area. */ + if (ef->progtab[pb].addr != (void *)mapbase && + !strcmp(ef->progtab[pb].name, "set_pcpu")) dpcpu_copy(ef->progtab[pb].addr, shdr[i].sh_size); +#ifdef VIMAGE + else if (ef->progtab[pb].addr != + (void *)mapbase && + !strcmp(ef->progtab[pb].name, "set_vnet")) + vnet_data_copy(ef->progtab[pb].addr, + shdr[i].sh_size); +#endif + else + panic("link_elf_load_file: unexpected " + "progbits type"); } else bzero(ef->progtab[pb].addr, shdr[i].sh_size); @@ -877,6 +911,11 @@ link_elf_unload_file(linker_file_t file) if (!strcmp(ef->progtab[i].name, "set_pcpu")) dpcpu_free(ef->progtab[i].addr, ef->progtab[i].size); +#ifdef VIMAGE + else if (!strcmp(ef->progtab[i].name, "set_vnet")) + vnet_data_free(ef->progtab[i].addr, + ef->progtab[i].size); +#endif } } if (ef->preloaded) { diff --git a/sys/kern/uipc_domain.c b/sys/kern/uipc_domain.c index 9ee6047dd2ea..88322d564484 100644 --- a/sys/kern/uipc_domain.c +++ b/sys/kern/uipc_domain.c @@ -106,14 +106,12 @@ struct pr_usrreqs nousrreqs = { .pru_sopoll = pru_sopoll_notsupp, }; -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_modinfo_t vnet_domain_modinfo = { .vmi_id = VNET_MOD_DOMAIN, .vmi_name = "domain", .vmi_iattach = net_init_domain, -#ifdef VIMAGE .vmi_idetach = net_detach_domain, -#endif }; #endif @@ -249,7 +247,7 @@ net_add_domain(void *data) "domainfinalize()\n", dp->dom_name); #endif mtx_unlock(&dom_mtx); -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_register_multi(&vnet_domain_modinfo, dp, dp->dom_name); #else net_init_domain(dp); diff --git a/sys/net/bridgestp.c b/sys/net/bridgestp.c index a4ec6bcd6299..9349be44b767 100644 --- a/sys/net/bridgestp.c +++ b/sys/net/bridgestp.c @@ -2006,7 +2006,6 @@ bstp_same_bridgeid(uint64_t id1, uint64_t id2) void bstp_reinit(struct bstp_state *bs) { - INIT_VNET_NET(curvnet); struct bstp_port *bp; struct ifnet *ifp, *mif; u_char *e_addr; diff --git a/sys/net/flowtable.c b/sys/net/flowtable.c index fafdc0a6b559..dd1b04055da6 100644 --- a/sys/net/flowtable.c +++ b/sys/net/flowtable.c @@ -64,7 +64,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include @@ -164,29 +163,28 @@ struct flowtable { }; static struct proc *flowcleanerproc; -#ifdef VIMAGE_GLOBALS -static struct flowtable *flow_list_head; -static uint32_t flow_hashjitter; -static uma_zone_t flow_ipv4_zone; -static uma_zone_t flow_ipv6_zone; -#endif +static VNET_DEFINE(struct flowtable *, flow_list_head); +static VNET_DEFINE(uint32_t, flow_hashjitter); +static VNET_DEFINE(uma_zone_t, flow_ipv4_zone); +static VNET_DEFINE(uma_zone_t, flow_ipv6_zone); + +#define V_flow_list_head VNET_GET(flow_list_head) +#define V_flow_hashjitter VNET_GET(flow_hashjitter) +#define V_flow_ipv4_zone VNET_GET(flow_ipv4_zone) +#define V_flow_ipv6_zone VNET_GET(flow_ipv6_zone) static int flowtable_iattach(const void *); #ifdef VIMAGE static int flowtable_idetach(const void *); -#endif -#ifndef VIMAGE_GLOBALS static const vnet_modinfo_t flowtable_modinfo = { .vmi_id = VNET_MOD_FLOWTABLE, .vmi_name = "flowtable", .vmi_dependson = VNET_MOD_INET, .vmi_iattach = flowtable_iattach, -#ifdef VIMAGE .vmi_idetach = flowtable_idetach -#endif }; -#endif /* !VIMAGE_GLOBALS */ +#endif /* * TODO: @@ -205,54 +203,67 @@ static const vnet_modinfo_t flowtable_modinfo = { * - support explicit connection state (currently only ad-hoc for DSR) * - idetach() cleanup for options VIMAGE builds. */ -#ifdef VIMAGE_GLOBALS -int flowtable_enable; -static int flowtable_hits; -static int flowtable_lookups; -static int flowtable_misses; -static int flowtable_frees; -static int flowtable_free_checks; -static int flowtable_max_depth; -static int flowtable_collisions; -static int flowtable_syn_expire; -static int flowtable_udp_expire; -static int flowtable_fin_wait_expire; -static int flowtable_tcp_expire; -static int flowtable_nmbflows; -#endif +VNET_DEFINE(int, flowtable_enable) = 1; +static VNET_DEFINE(int, flowtable_hits); +static VNET_DEFINE(int, flowtable_lookups); +static VNET_DEFINE(int, flowtable_misses); +static VNET_DEFINE(int, flowtable_frees); +static VNET_DEFINE(int, flowtable_free_checks); +static VNET_DEFINE(int, flowtable_max_depth); +static VNET_DEFINE(int, flowtable_collisions); +static VNET_DEFINE(int, flowtable_syn_expire) = SYN_IDLE; +static VNET_DEFINE(int, flowtable_udp_expire) = UDP_IDLE; +static VNET_DEFINE(int, flowtable_fin_wait_expire) = FIN_WAIT_IDLE; +static VNET_DEFINE(int, flowtable_tcp_expire) = TCP_IDLE; +static VNET_DEFINE(int, flowtable_nmbflows) = 4096; + +#define V_flowtable_enable VNET_GET(flowtable_enable) +#define V_flowtable_hits VNET_GET(flowtable_hits) +#define V_flowtable_lookups VNET_GET(flowtable_lookups) +#define V_flowtable_misses VNET_GET(flowtable_misses) +#define V_flowtable_frees VNET_GET(flowtable_frees) +#define V_flowtable_free_checks VNET_GET(flowtable_free_checks) +#define V_flowtable_max_depth VNET_GET(flowtable_max_depth) +#define V_flowtable_collisions VNET_GET(flowtable_collisions) +#define V_flowtable_syn_expire VNET_GET(flowtable_syn_expire) +#define V_flowtable_udp_expire VNET_GET(flowtable_udp_expire) +#define V_flowtable_fin_wait_expire VNET_GET(flowtable_fin_wait_expire) +#define V_flowtable_tcp_expire VNET_GET(flowtable_tcp_expire) +#define V_flowtable_nmbflows VNET_GET(flowtable_nmbflows) + SYSCTL_NODE(_net_inet, OID_AUTO, flowtable, CTLFLAG_RD, NULL, "flowtable"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_flowtable, OID_AUTO, enable, - CTLFLAG_RW, flowtable_enable, 0, "enable flowtable caching."); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_flowtable, OID_AUTO, hits, - CTLFLAG_RD, flowtable_hits, 0, "# flowtable hits."); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_flowtable, OID_AUTO, lookups, - CTLFLAG_RD, flowtable_lookups, 0, "# flowtable lookups."); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_flowtable, OID_AUTO, misses, - CTLFLAG_RD, flowtable_misses, 0, "#flowtable misses."); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_flowtable, OID_AUTO, frees, - CTLFLAG_RD, flowtable_frees, 0, "#flows freed."); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_flowtable, OID_AUTO, free_checks, - CTLFLAG_RD, flowtable_free_checks, 0, "#flows free checks."); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_flowtable, OID_AUTO, max_depth, - CTLFLAG_RD, flowtable_max_depth, 0, "max collision list length."); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_flowtable, OID_AUTO, collisions, - CTLFLAG_RD, flowtable_collisions, 0, "#flowtable collisions."); +SYSCTL_VNET_INT(_net_inet_flowtable, OID_AUTO, enable, CTLFLAG_RW, + &VNET_NAME(flowtable_enable), 0, "enable flowtable caching."); +SYSCTL_VNET_INT(_net_inet_flowtable, OID_AUTO, hits, CTLFLAG_RD, + &VNET_NAME(flowtable_hits), 0, "# flowtable hits."); +SYSCTL_VNET_INT(_net_inet_flowtable, OID_AUTO, lookups, CTLFLAG_RD, + &VNET_NAME(flowtable_lookups), 0, "# flowtable lookups."); +SYSCTL_VNET_INT(_net_inet_flowtable, OID_AUTO, misses, CTLFLAG_RD, + &VNET_NAME(flowtable_misses), 0, "#flowtable misses."); +SYSCTL_VNET_INT(_net_inet_flowtable, OID_AUTO, frees, CTLFLAG_RD, + &VNET_NAME(flowtable_frees), 0, "#flows freed."); +SYSCTL_VNET_INT(_net_inet_flowtable, OID_AUTO, free_checks, CTLFLAG_RD, + &VNET_NAME(flowtable_free_checks), 0, "#flows free checks."); +SYSCTL_VNET_INT(_net_inet_flowtable, OID_AUTO, max_depth, CTLFLAG_RD, + &VNET_NAME(flowtable_max_depth), 0, "max collision list length."); +SYSCTL_VNET_INT(_net_inet_flowtable, OID_AUTO, collisions, CTLFLAG_RD, + &VNET_NAME(flowtable_collisions), 0, "#flowtable collisions."); /* * XXX This does not end up updating timeouts at runtime * and only reflects the value for the last table added :-/ */ -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_flowtable, OID_AUTO, syn_expire, - CTLFLAG_RW, flowtable_syn_expire, 0, +SYSCTL_VNET_INT(_net_inet_flowtable, OID_AUTO, syn_expire, CTLFLAG_RW, + &VNET_NAME(flowtable_syn_expire), 0, "seconds after which to remove syn allocated flow."); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_flowtable, OID_AUTO, udp_expire, - CTLFLAG_RW, flowtable_udp_expire, 0, +SYSCTL_VNET_INT(_net_inet_flowtable, OID_AUTO, udp_expire, CTLFLAG_RW, + &VNET_NAME(flowtable_udp_expire), 0, "seconds after which to remove flow allocated to UDP."); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_flowtable, OID_AUTO, fin_wait_expire, - CTLFLAG_RW, flowtable_fin_wait_expire, 0, +SYSCTL_VNET_INT(_net_inet_flowtable, OID_AUTO, fin_wait_expire, CTLFLAG_RW, + &VNET_NAME(flowtable_fin_wait_expire), 0, "seconds after which to remove a flow in FIN_WAIT."); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_flowtable, OID_AUTO, tcp_expire, - CTLFLAG_RW, flowtable_tcp_expire, 0, +SYSCTL_VNET_INT(_net_inet_flowtable, OID_AUTO, tcp_expire, CTLFLAG_RW, + &VNET_NAME(flowtable_tcp_expire), 0, "seconds after which to remove flow allocated to a TCP connection."); @@ -266,7 +277,6 @@ SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_flowtable, OID_AUTO, tcp_expire, static int sysctl_nmbflows(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); int error, newnmbflows; newnmbflows = V_flowtable_nmbflows; @@ -283,8 +293,8 @@ sysctl_nmbflows(SYSCTL_HANDLER_ARGS) } return (error); } -SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_flowtable, OID_AUTO, nmbflows, - CTLTYPE_INT|CTLFLAG_RW, flowtable_nmbflows, 0, sysctl_nmbflows, "IU", +SYSCTL_VNET_PROC(_net_inet_flowtable, OID_AUTO, nmbflows, + CTLTYPE_INT|CTLFLAG_RW, 0, 0, sysctl_nmbflows, "IU", "Maximum number of flows allowed"); #ifndef RADIX_MPATH @@ -338,7 +348,6 @@ static uint32_t ipv4_flow_lookup_hash_internal(struct mbuf *m, struct route *ro, uint32_t *key, uint16_t *flags, uint8_t *protop) { - INIT_VNET_INET(curvnet); uint16_t sport = 0, dport = 0; struct ip *ip = NULL; uint8_t proto = 0; @@ -505,7 +514,6 @@ static int flowtable_insert(struct flowtable *ft, uint32_t hash, uint32_t *key, uint8_t proto, struct route *ro, uint16_t flags) { - INIT_VNET_INET(curvnet); struct flentry *fle, *fletail, *newfle, **flep; int depth; uma_zone_t flezone; @@ -596,7 +604,6 @@ flowtable_key_equal(struct flentry *fle, uint32_t *key) int flowtable_lookup(struct flowtable *ft, struct mbuf *m, struct route *ro) { - INIT_VNET_INET(curvnet); uint32_t key[9], hash; struct flentry *fle; uint16_t flags; @@ -718,7 +725,6 @@ uncached: struct flowtable * flowtable_alloc(int nentry, int flags) { - INIT_VNET_INET(curvnet); struct flowtable *ft, *fttail; int i; @@ -800,7 +806,7 @@ static void flowtable_setup(void *arg) { -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_register(&flowtable_modinfo); #else flowtable_iattach(NULL); @@ -810,21 +816,6 @@ flowtable_setup(void *arg) static int flowtable_iattach(const void *unused __unused) { - INIT_VNET_INET(curvnet); - - V_flowtable_enable = 1; - V_flowtable_hits = 0; - V_flowtable_lookups = 0; - V_flowtable_misses = 0; - V_flowtable_frees = 0; - V_flowtable_free_checks = 0; - V_flowtable_max_depth = 0; - V_flowtable_collisions = 0; - V_flowtable_syn_expire = SYN_IDLE; - V_flowtable_udp_expire = UDP_IDLE; - V_flowtable_fin_wait_expire = FIN_WAIT_IDLE; - V_flowtable_tcp_expire = TCP_IDLE; - V_flowtable_nmbflows = 4096; V_flow_ipv4_zone = uma_zcreate("ip4flow", sizeof(struct flentry_v4), NULL, NULL, NULL, NULL, 64, UMA_ZONE_MAXBUCKET); @@ -839,7 +830,6 @@ flowtable_iattach(const void *unused __unused) static int flowtable_idetach(const void *unused __unused) { - INIT_VNET_INET(curvnet); uma_zdestroy(V_flow_ipv4_zone); uma_zdestroy(V_flow_ipv6_zone); @@ -858,7 +848,6 @@ SYSINIT(flowtable_setup, SI_SUB_KTHREAD_INIT, SI_ORDER_ANY, flowtable_setup, NUL static void fle_free(struct flentry *fle) { - INIT_VNET_INET(curvnet); struct rtentry *rt; struct llentry *lle; @@ -873,7 +862,6 @@ fle_free(struct flentry *fle) static void flowtable_free_stale(struct flowtable *ft) { - INIT_VNET_INET(curvnet); int curbit = 0, count; struct flentry *fle, **flehead, *fleprev; struct flentry *flefreehead, *flefreetail, *fletmp; @@ -961,7 +949,6 @@ flowtable_free_stale(struct flowtable *ft) static void flowtable_clean_vnet(void) { - INIT_VNET_INET(curvnet); struct flowtable *ft; int i; diff --git a/sys/net/flowtable.h b/sys/net/flowtable.h index 26aa11d256b2..13fdfdbe2c1f 100644 --- a/sys/net/flowtable.h +++ b/sys/net/flowtable.h @@ -38,9 +38,8 @@ $FreeBSD$ #define FL_PCPU (1<<1) /* pcpu cache */ struct flowtable; -#ifdef VIMAGE_GLOBALS -extern struct flowtable *ip_ft; -#endif +VNET_DECLARE(struct flowtable *, ip_ft); +#define V_ip_ft VNET_GET(ip_ft) struct flowtable *flowtable_alloc(int nentry, int flags); diff --git a/sys/net/if.c b/sys/net/if.c index 480347746d38..daab1ace46df 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -84,7 +84,6 @@ #endif #ifdef INET #include -#include #endif #if defined(INET) || defined(INET6) #ifdef DEV_CARP @@ -94,12 +93,6 @@ #include -#ifndef VIMAGE -#ifndef VIMAGE_GLOBALS -struct vnet_net vnet_net_0; -#endif -#endif - struct ifindex_entry { struct ifnet *ife_ifnet; }; @@ -162,37 +155,30 @@ static int vnet_net_iattach(const void *); static int vnet_net_idetach(const void *); #endif -#ifdef VIMAGE_GLOBALS -struct ifnethead ifnet; /* depend on static init XXX */ -struct ifgrouphead ifg_head; -int if_index; -static int if_indexlim; +VNET_DEFINE(struct ifnethead, ifnet); /* depend on static init XXX */ +VNET_DEFINE(struct ifgrouphead, ifg_head); +VNET_DEFINE(int, if_index); +static VNET_DEFINE(int, if_indexlim) = 8; + /* Table of ifnet by index. Locked with ifnet_lock. */ -static struct ifindex_entry *ifindex_table; -#endif +static VNET_DEFINE(struct ifindex_entry *, ifindex_table); + +#define V_if_indexlim VNET_GET(if_indexlim) +#define V_ifindex_table VNET_GET(ifindex_table) int ifqmaxlen = IFQ_MAXLEN; struct rwlock ifnet_lock; static if_com_alloc_t *if_com_alloc[256]; static if_com_free_t *if_com_free[256]; -#ifndef VIMAGE_GLOBALS -static struct vnet_symmap vnet_net_symmap[] = { - VNET_SYMMAP(net, ifnet), - VNET_SYMMAP_END -}; - +#ifdef VIMAGE static const vnet_modinfo_t vnet_net_modinfo = { .vmi_id = VNET_MOD_NET, .vmi_name = "net", - .vmi_size = sizeof(struct vnet_net), - .vmi_symmap = vnet_net_symmap, .vmi_iattach = vnet_net_iattach, -#ifdef VIMAGE .vmi_idetach = vnet_net_idetach -#endif }; -#endif /* !VIMAGE_GLOBALS */ +#endif /* * System initialization @@ -207,7 +193,6 @@ MALLOC_DEFINE(M_IFMADDR, "ether_multi", "link-level multicast address"); struct ifnet * ifnet_byindex_locked(u_short idx) { - INIT_VNET_NET(curvnet); if (idx > V_if_index) return (NULL); @@ -244,7 +229,6 @@ ifnet_byindex_ref(u_short idx) static void ifnet_setbyindex(u_short idx, struct ifnet *ifp) { - INIT_VNET_NET(curvnet); IFNET_WLOCK_ASSERT(); @@ -276,7 +260,7 @@ static void if_init(void *dummy __unused) { -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_register(&vnet_net_modinfo); #else vnet_net_iattach(NULL); @@ -289,11 +273,6 @@ if_init(void *dummy __unused) static int vnet_net_iattach(const void *unused __unused) { - INIT_VNET_NET(curvnet); - - V_if_index = 0; - V_ifindex_table = NULL; - V_if_indexlim = 8; TAILQ_INIT(&V_ifnet); TAILQ_INIT(&V_ifg_head); @@ -306,7 +285,6 @@ vnet_net_iattach(const void *unused __unused) static int vnet_net_idetach(const void *unused __unused) { - INIT_VNET_NET(curvnet); VNET_ASSERT(TAILQ_EMPTY(&V_ifnet)); VNET_ASSERT(TAILQ_EMPTY(&V_ifg_head)); @@ -320,7 +298,6 @@ vnet_net_idetach(const void *unused __unused) void if_grow(void) { - INIT_VNET_NET(curvnet); u_int n; struct ifindex_entry *e; @@ -354,7 +331,6 @@ if_check(void *dummy __unused) struct ifnet * if_alloc(u_char type) { - INIT_VNET_NET(curvnet); struct ifnet *ifp; ifp = malloc(sizeof(struct ifnet), M_IFNET, M_WAITOK|M_ZERO); @@ -418,7 +394,6 @@ if_alloc(u_char type) static void if_free_internal(struct ifnet *ifp) { - INIT_VNET_NET(curvnet); /* ifp->if_vnet is already NULL here */ KASSERT((ifp->if_flags & IFF_DYING), ("if_free_internal: interface not dying")); @@ -544,7 +519,6 @@ if_attach(struct ifnet *ifp) static void if_attach_internal(struct ifnet *ifp, int vmove) { - INIT_VNET_NET(curvnet); unsigned socksize, ifasize; int namelen, masklen; struct sockaddr_dl *sdl; @@ -649,7 +623,6 @@ if_attach_internal(struct ifnet *ifp, int vmove) static void if_attachdomain(void *dummy) { - INIT_VNET_NET(curvnet); struct ifnet *ifp; int s; @@ -769,7 +742,6 @@ if_detach(struct ifnet *ifp) static void if_detach_internal(struct ifnet *ifp, int vmove) { - INIT_VNET_NET(ifp->if_vnet); struct ifaddr *ifa; struct radix_node_head *rnh; int i, j; @@ -904,25 +876,17 @@ if_vmove(struct ifnet *ifp, struct vnet *new_vnet) /* * Unlink the ifnet from ifindex_table[] in current vnet, * and shrink the if_index for that vnet if possible. - * do / while construct below is needed to confine the scope - * of INIT_VNET_NET(). */ - { - INIT_VNET_NET(curvnet); - - IFNET_WLOCK(); - ifnet_setbyindex(ifp->if_index, NULL); - while (V_if_index > 0 && \ - ifnet_byindex_locked(V_if_index) == NULL) - V_if_index--; - IFNET_WUNLOCK(); - }; + IFNET_WLOCK(); + ifnet_setbyindex(ifp->if_index, NULL); + while (V_if_index > 0 && ifnet_byindex_locked(V_if_index) == NULL) + V_if_index--; + IFNET_WUNLOCK(); /* * Switch to the context of the target vnet. */ CURVNET_SET_QUIET(new_vnet); - INIT_VNET_NET(new_vnet); /* * Try to find an empty slot below if_index. If we fail, take @@ -956,7 +920,6 @@ if_vmove(struct ifnet *ifp, struct vnet *new_vnet) int if_addgroup(struct ifnet *ifp, const char *groupname) { - INIT_VNET_NET(ifp->if_vnet); struct ifg_list *ifgl; struct ifg_group *ifg = NULL; struct ifg_member *ifgm; @@ -1026,7 +989,6 @@ if_addgroup(struct ifnet *ifp, const char *groupname) int if_delgroup(struct ifnet *ifp, const char *groupname) { - INIT_VNET_NET(ifp->if_vnet); struct ifg_list *ifgl; struct ifg_member *ifgm; @@ -1072,7 +1034,6 @@ if_delgroup(struct ifnet *ifp, const char *groupname) static void if_delgroups(struct ifnet *ifp) { - INIT_VNET_NET(ifp->if_vnet); struct ifg_list *ifgl; struct ifg_member *ifgm; char groupname[IFNAMSIZ]; @@ -1164,7 +1125,6 @@ if_getgroup(struct ifgroupreq *data, struct ifnet *ifp) static int if_getgroupmembers(struct ifgroupreq *data) { - INIT_VNET_NET(curvnet); struct ifgroupreq *ifgr = data; struct ifg_group *ifg; struct ifg_member *ifgm; @@ -1336,7 +1296,6 @@ ifa_free(struct ifaddr *ifa) static struct ifaddr * ifa_ifwithaddr_internal(struct sockaddr *addr, int getref) { - INIT_VNET_NET(curvnet); struct ifnet *ifp; struct ifaddr *ifa; @@ -1392,7 +1351,6 @@ ifa_ifwithaddr_check(struct sockaddr *addr) struct ifaddr * ifa_ifwithbroadaddr(struct sockaddr *addr) { - INIT_VNET_NET(curvnet); struct ifnet *ifp; struct ifaddr *ifa; @@ -1426,7 +1384,6 @@ done: struct ifaddr * ifa_ifwithdstaddr(struct sockaddr *addr) { - INIT_VNET_NET(curvnet); struct ifnet *ifp; struct ifaddr *ifa; @@ -1460,7 +1417,6 @@ done: struct ifaddr * ifa_ifwithnet(struct sockaddr *addr) { - INIT_VNET_NET(curvnet); struct ifnet *ifp; struct ifaddr *ifa; struct ifaddr *ifa_maybe = NULL; @@ -1841,7 +1797,6 @@ if_slowtimo(void *arg) VNET_LIST_RLOCK(); VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); - INIT_VNET_NET(vnet_iter); TAILQ_FOREACH(ifp, &V_ifnet, if_link) { if (ifp->if_timer == 0 || --ifp->if_timer) continue; @@ -1863,7 +1818,6 @@ if_slowtimo(void *arg) struct ifnet * ifunit_ref(const char *name) { - INIT_VNET_NET(curvnet); struct ifnet *ifp; IFNET_RLOCK(); @@ -1881,7 +1835,6 @@ ifunit_ref(const char *name) struct ifnet * ifunit(const char *name) { - INIT_VNET_NET(curvnet); struct ifnet *ifp; IFNET_RLOCK(); @@ -2478,7 +2431,6 @@ ifpromisc(struct ifnet *ifp, int pswitch) static int ifconf(u_long cmd, caddr_t data) { - INIT_VNET_NET(curvnet); struct ifconf *ifc = (struct ifconf *)data; #ifdef __amd64__ struct ifconf32 *ifc32 = (struct ifconf32 *)data; @@ -2837,7 +2789,6 @@ if_delmulti(struct ifnet *ifp, struct sockaddr *sa) int lastref; #ifdef INVARIANTS struct ifnet *oifp; - INIT_VNET_NET(ifp->if_vnet); IFNET_RLOCK(); TAILQ_FOREACH(oifp, &V_ifnet, if_link) @@ -2878,9 +2829,6 @@ if_delmulti(struct ifnet *ifp, struct sockaddr *sa) void if_delmulti_ifma(struct ifmultiaddr *ifma) { -#ifdef DIAGNOSTIC - INIT_VNET_NET(curvnet); -#endif struct ifnet *ifp; int lastref; diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c index 08310d7f2b3b..945bc5f2e661 100644 --- a/sys/net/if_bridge.c +++ b/sys/net/if_bridge.c @@ -116,11 +116,9 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #ifdef INET6 #include #include -#include #endif #if defined(INET) || defined(INET6) #ifdef DEV_CARP @@ -3042,7 +3040,6 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir) } if (ip_fw_chk_ptr && pfil_ipfw != 0 && dir == PFIL_OUT && ifp != NULL) { - INIT_VNET_INET(curvnet); struct dn_pkt_tag *dn_tag; error = -1; @@ -3236,7 +3233,6 @@ bad: static int bridge_ip_checkbasic(struct mbuf **mp) { - INIT_VNET_INET(curvnet); struct mbuf *m = *mp; struct ip *ip; int len, hlen; @@ -3332,7 +3328,6 @@ bad: static int bridge_ip6_checkbasic(struct mbuf **mp) { - INIT_VNET_INET6(curvnet); struct mbuf *m = *mp; struct ip6_hdr *ip6; @@ -3387,7 +3382,6 @@ static int bridge_fragment(struct ifnet *ifp, struct mbuf *m, struct ether_header *eh, int snap, struct llc *llc) { - INIT_VNET_INET(curvnet); struct mbuf *m0; struct ip *ip; int error = -1; diff --git a/sys/net/if_clone.c b/sys/net/if_clone.c index eaa7397e0423..9347d2c74fd6 100644 --- a/sys/net/if_clone.c +++ b/sys/net/if_clone.c @@ -58,10 +58,11 @@ static int if_clone_createif(struct if_clone *ifc, char *name, size_t len, static int vnet_clone_iattach(const void *); static struct mtx if_cloners_mtx; -#ifdef VIMAGE_GLOBALS -static int if_cloners_count; -LIST_HEAD(, if_clone) if_cloners; -#endif +static VNET_DEFINE(int, if_cloners_count); +VNET_DEFINE(LIST_HEAD(, if_clone), if_cloners); + +#define V_if_cloners_count VNET_GET(if_cloners_count) +#define V_if_cloners VNET_GET(if_cloners) #define IF_CLONERS_LOCK_INIT() \ mtx_init(&if_cloners_mtx, "if_cloners lock", NULL, MTX_DEF) @@ -115,17 +116,16 @@ LIST_HEAD(, if_clone) if_cloners; static MALLOC_DEFINE(M_CLONE, "clone", "interface cloning framework"); -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE static const vnet_modinfo_t vnet_clone_modinfo = { .vmi_id = VNET_MOD_IF_CLONE, .vmi_name = "if_clone", .vmi_iattach = vnet_clone_iattach }; -#endif /* !VIMAGE_GLOBALS */ +#endif static int vnet_clone_iattach(const void *unused __unused) { - INIT_VNET_NET(curvnet); LIST_INIT(&V_if_cloners); return (0); @@ -136,7 +136,7 @@ if_clone_init(void) { IF_CLONERS_LOCK_INIT(); -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_register(&vnet_clone_modinfo); #else vnet_clone_iattach(NULL); @@ -149,7 +149,6 @@ if_clone_init(void) int if_clone_create(char *name, size_t len, caddr_t params) { - INIT_VNET_NET(curvnet); struct if_clone *ifc; /* Try to find an applicable cloner for this request */ @@ -162,7 +161,6 @@ if_clone_create(char *name, size_t len, caddr_t params) #ifdef VIMAGE if (ifc == NULL && !IS_DEFAULT_VNET(curvnet)) { CURVNET_SET_QUIET(vnet0); - INIT_VNET_NET(vnet0); LIST_FOREACH(ifc, &V_if_cloners, ifc_list) { if (ifc->ifc_match(ifc, name)) break; @@ -213,7 +211,6 @@ if_clone_createif(struct if_clone *ifc, char *name, size_t len, caddr_t params) int if_clone_destroy(const char *name) { - INIT_VNET_NET(curvnet); struct if_clone *ifc; struct ifnet *ifp; @@ -231,7 +228,6 @@ if_clone_destroy(const char *name) #ifdef VIMAGE if (ifc == NULL && !IS_DEFAULT_VNET(curvnet)) { CURVNET_SET_QUIET(vnet0); - INIT_VNET_NET(vnet0); LIST_FOREACH(ifc, &V_if_cloners, ifc_list) { if (ifc->ifc_match(ifc, name)) break; @@ -289,7 +285,6 @@ if_clone_destroyif(struct if_clone *ifc, struct ifnet *ifp) void if_clone_attach(struct if_clone *ifc) { - INIT_VNET_NET(curvnet); int len, maxclone; /* @@ -322,7 +317,6 @@ if_clone_attach(struct if_clone *ifc) void if_clone_detach(struct if_clone *ifc) { - INIT_VNET_NET(curvnet); struct ifc_simple_data *ifcs = ifc->ifc_data; IF_CLONERS_LOCK(); @@ -362,7 +356,6 @@ if_clone_free(struct if_clone *ifc) int if_clone_list(struct if_clonereq *ifcr) { - INIT_VNET_NET(curvnet); char *buf, *dst, *outbuf = NULL; struct if_clone *ifc; int buf_count, count, err = 0; diff --git a/sys/net/if_ef.c b/sys/net/if_ef.c index e5e7dd8c3582..c0b2d671759a 100644 --- a/sys/net/if_ef.c +++ b/sys/net/if_ef.c @@ -493,7 +493,6 @@ ef_load(void) VNET_LIST_RLOCK(); VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); - INIT_VNET_NET(vnet_iter); IFNET_RLOCK(); TAILQ_FOREACH(ifp, &V_ifnet, if_link) { if (ifp->if_type != IFT_ETHER) continue; diff --git a/sys/net/if_enc.c b/sys/net/if_enc.c index 38321ffcdcfc..7b62734d14c7 100644 --- a/sys/net/if_enc.c +++ b/sys/net/if_enc.c @@ -47,6 +47,7 @@ #include #include #include +#include #include #include diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c index 5e98e539156c..f7c9042f41ff 100644 --- a/sys/net/if_ethersubr.c +++ b/sys/net/if_ethersubr.c @@ -73,7 +73,7 @@ #include #include #include -#include +#include #endif #ifdef INET6 #include @@ -148,9 +148,8 @@ MALLOC_DEFINE(M_ARPCOM, "arpcom", "802.* interface internals"); #if defined(INET) || defined(INET6) int ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst, int shared); -#ifdef VIMAGE_GLOBALS -static int ether_ipfw; -#endif +static VNET_DEFINE(int, ether_ipfw); +#define V_ether_ipfw VNET_GET(ether_ipfw) #endif @@ -434,7 +433,6 @@ int ether_output_frame(struct ifnet *ifp, struct mbuf *m) { #if defined(INET) || defined(INET6) - INIT_VNET_NET(ifp->if_vnet); if (ip_fw_chk_ptr && V_ether_ipfw != 0) { if (ether_ipfw_chk(&m, ifp, 0) == 0) { @@ -463,7 +461,6 @@ ether_output_frame(struct ifnet *ifp, struct mbuf *m) int ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst, int shared) { - INIT_VNET_INET(dst->if_vnet); struct ether_header *eh; struct ether_header save_eh; struct mbuf *m; @@ -774,7 +771,6 @@ ether_demux(struct ifnet *ifp, struct mbuf *m) KASSERT(ifp != NULL, ("%s: NULL interface pointer", __func__)); #if defined(INET) || defined(INET6) - INIT_VNET_NET(ifp->if_vnet); /* * Allow dummynet and/or ipfw to claim the frame. * Do not do this for PROMISC frames in case we are re-entered. @@ -994,8 +990,8 @@ ether_ifdetach(struct ifnet *ifp) SYSCTL_DECL(_net_link); SYSCTL_NODE(_net_link, IFT_ETHER, ether, CTLFLAG_RW, 0, "Ethernet"); #if defined(INET) || defined(INET6) -SYSCTL_V_INT(V_NET, vnet_net, _net_link_ether, OID_AUTO, ipfw, CTLFLAG_RW, - ether_ipfw, 0, "Pass ether pkts through firewall"); +SYSCTL_VNET_INT(_net_link_ether, OID_AUTO, ipfw, CTLFLAG_RW, + &VNET_NAME(ether_ipfw), 0, "Pass ether pkts through firewall"); #endif #if 0 diff --git a/sys/net/if_faith.c b/sys/net/if_faith.c index 3b60d2c3598c..cbca740ed5db 100644 --- a/sys/net/if_faith.c +++ b/sys/net/if_faith.c @@ -77,7 +77,6 @@ #include #include #include -#include #endif #define FAITHNAME "faith" @@ -328,7 +327,6 @@ static int faithprefix(in6) struct in6_addr *in6; { - INIT_VNET_INET6(curvnet); struct rtentry *rt; struct sockaddr_in6 sin6; int ret; diff --git a/sys/net/if_gif.c b/sys/net/if_gif.c index 06a849a1eff0..e96cb41417b8 100644 --- a/sys/net/if_gif.c +++ b/sys/net/if_gif.c @@ -95,22 +95,21 @@ static struct mtx gif_mtx; static MALLOC_DEFINE(M_GIF, "gif", "Generic Tunnel Interface"); -#ifndef VIMAGE -#ifndef VIMAGE_GLOBALS -struct vnet_gif vnet_gif_0; -#endif -#endif +static VNET_DEFINE(LIST_HEAD(, gif_softc), gif_softc_list); +static VNET_DEFINE(int, max_gif_nesting); +static VNET_DEFINE(int, parallel_tunnels); + +#define V_gif_softc_list VNET_GET(gif_softc_list) +#define V_max_gif_nesting VNET_GET(max_gif_nesting) +#define V_parallel_tunnels VNET_GET(parallel_tunnels) -#ifdef VIMAGE_GLOBALS -static LIST_HEAD(, gif_softc) gif_softc_list; -static int max_gif_nesting; -static int parallel_tunnels; #ifdef INET -int ip_gif_ttl; +VNET_DEFINE(int, ip_gif_ttl); +#define V_ip_gif_ttl VNET_GET(ip_gif_ttl) #endif #ifdef INET6 -int ip6_gif_hlim; -#endif +VNET_DEFINE(int, ip6_gif_hlim); +#define V_ip6_gif_hlim VNET_GET(ip6_gif_hlim) #endif void (*ng_gif_input_p)(struct ifnet *ifp, struct mbuf **mp, int af); @@ -123,11 +122,10 @@ static int gif_clone_create(struct if_clone *, int, caddr_t); static void gif_clone_destroy(struct ifnet *); static int vnet_gif_iattach(const void *); -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE static const vnet_modinfo_t vnet_gif_modinfo = { .vmi_id = VNET_MOD_GIF, .vmi_name = "gif", - .vmi_size = sizeof(struct vnet_gif), .vmi_dependson = VNET_MOD_NET, .vmi_iattach = vnet_gif_iattach }; @@ -151,13 +149,13 @@ SYSCTL_NODE(_net_link, IFT_GIF, gif, CTLFLAG_RW, 0, */ #define MAX_GIF_NEST 1 #endif -SYSCTL_V_INT(V_NET, vnet_gif, _net_link_gif, OID_AUTO, max_nesting, - CTLFLAG_RW, max_gif_nesting, 0, "Max nested tunnels"); +SYSCTL_VNET_INT(_net_link_gif, OID_AUTO, max_nesting, CTLFLAG_RW, + &VNET_NAME(max_gif_nesting), 0, "Max nested tunnels"); #ifdef INET6 SYSCTL_DECL(_net_inet6_ip6); -SYSCTL_V_INT(V_NET, vnet_gif, _net_inet6_ip6, IPV6CTL_GIF_HLIM, - gifhlim, CTLFLAG_RW, ip6_gif_hlim, 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_GIF_HLIM, gifhlim, CTLFLAG_RW, + &VNET_NAME(ip6_gif_hlim), 0, ""); #endif /* @@ -165,8 +163,8 @@ SYSCTL_V_INT(V_NET, vnet_gif, _net_inet6_ip6, IPV6CTL_GIF_HLIM, * pair of addresses. Some applications require this functionality so * we allow control over this check here. */ -SYSCTL_V_INT(V_NET, vnet_gif, _net_link_gif, OID_AUTO, parallel_tunnels, - CTLFLAG_RW, parallel_tunnels, 0, "Allow parallel tunnels?"); +SYSCTL_VNET_INT(_net_link_gif, OID_AUTO, parallel_tunnels, CTLFLAG_RW, + &VNET_NAME(parallel_tunnels), 0, "Allow parallel tunnels?"); /* copy from src/sys/net/if_ethersubr.c */ static const u_char etherbroadcastaddr[ETHER_ADDR_LEN] = @@ -182,7 +180,6 @@ gif_clone_create(ifc, unit, params) int unit; caddr_t params; { - INIT_VNET_GIF(curvnet); struct gif_softc *sc; sc = malloc(sizeof(struct gif_softc), M_GIF, M_WAITOK | M_ZERO); @@ -265,7 +262,6 @@ gif_clone_destroy(ifp) static int vnet_gif_iattach(const void *unused __unused) { - INIT_VNET_GIF(curvnet); LIST_INIT(&V_gif_softc_list); V_max_gif_nesting = MAX_GIF_NEST; @@ -295,7 +291,7 @@ gifmodevent(mod, type, data) case MOD_LOAD: mtx_init(&gif_mtx, "gif_mtx", NULL, MTX_DEF); -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_register(&vnet_gif_modinfo); #else vnet_gif_iattach(NULL); @@ -419,7 +415,6 @@ gif_output(ifp, m, dst, ro) struct sockaddr *dst; struct route *ro; { - INIT_VNET_GIF(ifp->if_vnet); struct gif_softc *sc = ifp->if_softc; struct m_tag *mtag; int error = 0; @@ -944,7 +939,6 @@ gif_set_tunnel(ifp, src, dst) struct sockaddr *src; struct sockaddr *dst; { - INIT_VNET_GIF(ifp->if_vnet); struct gif_softc *sc = ifp->if_softc; struct gif_softc *sc2; struct sockaddr *osrc, *odst, *sa; diff --git a/sys/net/if_gif.h b/sys/net/if_gif.h index c8768b585441..525783786769 100644 --- a/sys/net/if_gif.h +++ b/sys/net/if_gif.h @@ -119,34 +119,8 @@ int gif_set_tunnel(struct ifnet *, struct sockaddr *, struct sockaddr *); void gif_delete_tunnel(struct ifnet *); int gif_encapcheck(const struct mbuf *, int, int, void *); -/* - * Virtualization support - */ - -struct vnet_gif { - LIST_HEAD(, gif_softc) _gif_softc_list; - int _max_gif_nesting; - int _parallel_tunnels; - int _ip_gif_ttl; - int _ip6_gif_hlim; -}; - -#ifndef VIMAGE -#ifndef VIMAGE_GLOBALS -extern struct vnet_gif vnet_gif_0; -#endif -#endif - -#define INIT_VNET_GIF(vnet) \ - INIT_FROM_VNET(vnet, VNET_MOD_GIF, struct vnet_gif, vnet_gif) - -#define VNET_GIF(sym) VSYM(vnet_gif, sym) - -#define V_gif_softc_list VNET_GIF(gif_softc_list) -#define V_max_gif_nesting VNET_GIF(max_gif_nesting) -#define V_parallel_tunnels VNET_GIF(parallel_tunnels) -#define V_ip_gif_ttl VNET_GIF(ip_gif_ttl) -#define V_ip6_gif_hlim VNET_GIF(ip6_gif_hlim) +VNET_DECLARE(int, ip_gif_ttl); +#define V_ip_gif_ttl VNET_GET(ip_gif_ttl) #endif /* _KERNEL */ diff --git a/sys/net/if_gre.c b/sys/net/if_gre.c index e7eb34afa22c..4ed2a9ef13f5 100644 --- a/sys/net/if_gre.c +++ b/sys/net/if_gre.c @@ -80,7 +80,6 @@ #include #include #include -#include #else #error "Huh? if_gre without inet?" #endif @@ -243,9 +242,6 @@ static int gre_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst, struct route *ro) { -#ifdef INET6 - INIT_VNET_INET(ifp->if_vnet); -#endif int error = 0; struct gre_softc *sc = ifp->if_softc; struct greip *gh; diff --git a/sys/net/if_loop.c b/sys/net/if_loop.c index 82c68ffbd4a2..c2acacd94ca7 100644 --- a/sys/net/if_loop.c +++ b/sys/net/if_loop.c @@ -108,25 +108,26 @@ static int vnet_loif_iattach(const void *); static int vnet_loif_idetach(const void *); #endif -#ifdef VIMAGE_GLOBALS -struct ifnet *loif; /* Used externally */ -#endif +VNET_DEFINE(struct ifnet *, loif); /* Used externally */ #ifdef VIMAGE +static VNET_DEFINE(struct ifc_simple_data *, lo_cloner_data); +static VNET_DEFINE(struct if_clone *, lo_cloner); +#define V_lo_cloner_data VNET_GET(lo_cloner_data) +#define V_lo_cloner VNET_GET(lo_cloner) + MALLOC_DEFINE(M_LO_CLONER, "lo_cloner", "lo_cloner"); #endif -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE static const vnet_modinfo_t vnet_loif_modinfo = { .vmi_id = VNET_MOD_LOIF, .vmi_dependson = VNET_MOD_IF_CLONE, .vmi_name = "loif", .vmi_iattach = vnet_loif_iattach, -#ifdef VIMAGE .vmi_idetach = vnet_loif_idetach -#endif }; -#endif /* !VIMAGE_GLOBALS */ +#endif IFC_SIMPLE_DECLARE(lo, 1); @@ -147,7 +148,6 @@ lo_clone_destroy(struct ifnet *ifp) static int lo_clone_create(struct if_clone *ifc, int unit, caddr_t params) { - INIT_VNET_NET(curvnet); struct ifnet *ifp; ifp = if_alloc(IFT_LOOP); @@ -173,10 +173,7 @@ lo_clone_create(struct if_clone *ifc, int unit, caddr_t params) static int vnet_loif_iattach(const void *unused __unused) { - INIT_VNET_NET(curvnet); - V_loif = NULL; - #ifdef VIMAGE V_lo_cloner = malloc(sizeof(*V_lo_cloner), M_LO_CLONER, M_WAITOK | M_ZERO); @@ -196,7 +193,6 @@ vnet_loif_iattach(const void *unused __unused) static int vnet_loif_idetach(const void *unused __unused) { - INIT_VNET_NET(curvnet); if_clone_detach(V_lo_cloner); free(V_lo_cloner, M_LO_CLONER); @@ -213,7 +209,7 @@ loop_modevent(module_t mod, int type, void *data) switch (type) { case MOD_LOAD: -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_register(&vnet_loif_modinfo); #else vnet_loif_iattach(NULL); @@ -309,7 +305,6 @@ looutput(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst, int if_simloop(struct ifnet *ifp, struct mbuf *m, int af, int hlen) { - INIT_VNET_NET(ifp->if_vnet); int isr; M_ASSERTPKTHDR(m); diff --git a/sys/net/if_mib.c b/sys/net/if_mib.c index e4c8a983c03a..c0018efae9ba 100644 --- a/sys/net/if_mib.c +++ b/sys/net/if_mib.c @@ -67,8 +67,8 @@ SYSCTL_DECL(_net_link_generic); SYSCTL_NODE(_net_link_generic, IFMIB_SYSTEM, system, CTLFLAG_RW, 0, "Variables global to all interfaces"); -SYSCTL_V_INT(V_NET, vnet_net, _net_link_generic_system, IFMIB_IFCOUNT, - ifcount, CTLFLAG_RD, if_index, 0, +SYSCTL_VNET_INT(_net_link_generic_system, IFMIB_IFCOUNT, ifcount, CTLFLAG_RD, + &VNET_NAME(if_index), 0, "Number of configured interfaces"); static int diff --git a/sys/net/if_spppsubr.c b/sys/net/if_spppsubr.c index 0515afc90bc7..2c325eea9bdd 100644 --- a/sys/net/if_spppsubr.c +++ b/sys/net/if_spppsubr.c @@ -56,7 +56,6 @@ #ifdef INET #include #include -#include #endif #ifdef INET6 @@ -4937,7 +4936,6 @@ sppp_get_ip_addrs(struct sppp *sp, u_long *src, u_long *dst, u_long *srcmask) static void sppp_set_ip_addr(struct sppp *sp, u_long src) { - INIT_VNET_INET(curvnet); STDDCL; struct ifaddr *ifa; struct sockaddr_in *si; diff --git a/sys/net/if_stf.c b/sys/net/if_stf.c index 24e5ca5a8cc1..ddc56629b2aa 100644 --- a/sys/net/if_stf.c +++ b/sys/net/if_stf.c @@ -106,7 +106,6 @@ #include #include #include -#include #include #include @@ -378,7 +377,6 @@ static struct in6_ifaddr * stf_getsrcifa6(ifp) struct ifnet *ifp; { - INIT_VNET_INET(ifp->if_vnet); struct ifaddr *ia; struct in_ifaddr *ia4; struct sockaddr_in6 *sin6; @@ -596,7 +594,6 @@ stf_checkaddr4(sc, in, inifp) struct in_addr *in; struct ifnet *inifp; /* incoming interface */ { - INIT_VNET_INET(curvnet); struct in_ifaddr *ia4; /* diff --git a/sys/net/if_var.h b/sys/net/if_var.h index a995dfd8ae8a..07914f5b1daf 100644 --- a/sys/net/if_var.h +++ b/sys/net/if_var.h @@ -80,6 +80,7 @@ struct vnet; #include #include #include +#include #endif /* _KERNEL */ #include /* XXX */ #include /* XXX */ @@ -779,11 +780,16 @@ struct ifnet *ifnet_byindex_ref(u_short idx); */ struct ifaddr *ifaddr_byindex(u_short idx); -#ifdef VIMAGE_GLOBALS -extern struct ifnethead ifnet; -extern struct ifnet *loif; /* first loopback interface */ -extern int if_index; -#endif +VNET_DECLARE(struct ifnethead, ifnet); +VNET_DECLARE(struct ifgrouphead, ifg_head); +VNET_DECLARE(int, if_index); +VNET_DECLARE(struct ifnet *, loif); /* first loopback interface */ + +#define V_ifnet VNET_GET(ifnet) +#define V_ifg_head VNET_GET(ifg_head) +#define V_if_index VNET_GET(if_index) +#define V_loif VNET_GET(loif) + extern int ifqmaxlen; int if_addgroup(struct ifnet *, const char *); diff --git a/sys/net/if_vlan.c b/sys/net/if_vlan.c index 627839611b1c..ac7287006d12 100644 --- a/sys/net/if_vlan.c +++ b/sys/net/if_vlan.c @@ -576,7 +576,6 @@ MODULE_VERSION(if_vlan, 3); static struct ifnet * vlan_clone_match_ethertag(struct if_clone *ifc, const char *name, int *tag) { - INIT_VNET_NET(curvnet); const char *cp; struct ifnet *ifp; int t = 0; diff --git a/sys/net/raw_cb.c b/sys/net/raw_cb.c index 1dedff8aac8a..30a526fbbeab 100644 --- a/sys/net/raw_cb.c +++ b/sys/net/raw_cb.c @@ -58,9 +58,7 @@ */ struct mtx rawcb_mtx; -#ifdef VIMAGE_GLOBALS -struct rawcb_list_head rawcb_list; -#endif +VNET_DEFINE(struct rawcb_list_head, rawcb_list); SYSCTL_NODE(_net, OID_AUTO, raw, CTLFLAG_RW, 0, "Raw socket infrastructure"); @@ -79,7 +77,6 @@ SYSCTL_ULONG(_net_raw, OID_AUTO, recvspace, CTLFLAG_RW, &raw_recvspace, 0, int raw_attach(struct socket *so, int proto) { - INIT_VNET_NET(so->so_vnet); struct rawcb *rp = sotorawcb(so); int error; diff --git a/sys/net/raw_cb.h b/sys/net/raw_cb.h index ffdf7317ac36..aa84a0526d0a 100644 --- a/sys/net/raw_cb.h +++ b/sys/net/raw_cb.h @@ -55,9 +55,9 @@ struct rawcb { #define RAWRCVQ 8192 #ifdef _KERNEL -#ifdef VIMAGE_GLOBALS -extern LIST_HEAD(rawcb_list_head, rawcb) rawcb_list; -#endif +VNET_DECLARE(LIST_HEAD(rawcb_list_head, rawcb), rawcb_list); +#define V_rawcb_list VNET_GET(rawcb_list) + extern struct mtx rawcb_mtx; /* diff --git a/sys/net/raw_usrreq.c b/sys/net/raw_usrreq.c index 79d3e30bb101..0759e427483a 100644 --- a/sys/net/raw_usrreq.c +++ b/sys/net/raw_usrreq.c @@ -58,7 +58,6 @@ MTX_SYSINIT(rawcb_mtx, &rawcb_mtx, "rawcb", MTX_DEF); void raw_init(void) { - INIT_VNET_NET(curvnet); LIST_INIT(&V_rawcb_list); } @@ -73,7 +72,6 @@ raw_init(void) void raw_input(struct mbuf *m0, struct sockproto *proto, struct sockaddr *src) { - INIT_VNET_NET(curvnet); struct rawcb *rp; struct mbuf *m = m0; struct socket *last; diff --git a/sys/net/route.c b/sys/net/route.c index 750829a77e6b..59a59121faf2 100644 --- a/sys/net/route.c +++ b/sys/net/route.c @@ -63,7 +63,6 @@ #include #include -#include #include @@ -88,68 +87,29 @@ SYSCTL_INT(_net, OID_AUTO, add_addr_allfibs, CTLFLAG_RW, &rt_add_addr_allfibs, 0, ""); TUNABLE_INT("net.add_addr_allfibs", &rt_add_addr_allfibs); -#ifdef VIMAGE_GLOBALS -struct radix_node_head *rt_tables; -static uma_zone_t rtzone; /* Routing table UMA zone. */ -int rttrash; /* routes not in table but not freed */ -struct rtstat rtstat; -#endif +VNET_DEFINE(struct radix_node_head *, rt_tables); +static VNET_DEFINE(uma_zone_t, rtzone); /* Routing table UMA zone. */ +VNET_DEFINE(int, rttrash); /* routes not in table but not freed */ +VNET_DEFINE(struct rtstat, rtstat); -#ifndef VIMAGE_GLOBALS -struct vnet_rtable { - struct radix_node_head *_rt_tables; - uma_zone_t _rtzone; - int _rttrash; - struct rtstat _rtstat; -}; - -/* Size guard. See sys/vimage.h. */ -VIMAGE_CTASSERT(SIZEOF_vnet_rtable, sizeof(struct vnet_rtable)); - -#ifndef VIMAGE -static struct vnet_rtable vnet_rtable_0; -#endif -#endif - -/* - * Symbol translation macros - */ -#define INIT_VNET_RTABLE(vnet) \ - INIT_FROM_VNET(vnet, VNET_MOD_RTABLE, struct vnet_rtable, vnet_rtable) - -#define VNET_RTABLE(sym) VSYM(vnet_rtable, sym) - -#define V_rt_tables VNET_RTABLE(rt_tables) -#define V_rtstat VNET_RTABLE(rtstat) -#define V_rttrash VNET_RTABLE(rttrash) -#define V_rtzone VNET_RTABLE(rtzone) +#define V_rt_tables VNET_GET(rt_tables) +#define V_rtzone VNET_GET(rtzone) +#define V_rttrash VNET_GET(rttrash) +#define V_rtstat VNET_GET(rtstat) static void rt_maskedcopy(struct sockaddr *, struct sockaddr *, struct sockaddr *); static int vnet_route_iattach(const void *); #ifdef VIMAGE static int vnet_route_idetach(const void *); -#endif - -#ifndef VIMAGE_GLOBALS -static struct vnet_symmap vnet_rtable_symmap[] = { - VNET_SYMMAP(rtable, rt_tables), - VNET_SYMMAP(rtable, rtstat), - VNET_SYMMAP(rtable, rttrash), - VNET_SYMMAP_END -}; static const vnet_modinfo_t vnet_rtable_modinfo = { .vmi_id = VNET_MOD_RTABLE, .vmi_name = "rtable", - .vmi_size = sizeof(struct vnet_rtable), - .vmi_symmap = vnet_rtable_symmap, .vmi_iattach = vnet_route_iattach, -#ifdef VIMAGE .vmi_idetach = vnet_route_idetach -#endif }; -#endif /* !VIMAGE_GLOBALS */ +#endif /* compare two sockaddr structures */ #define sa_equal(a1, a2) (bcmp((a1), (a2), (a1)->sa_len) == 0) @@ -192,7 +152,6 @@ SYSCTL_PROC(_net, OID_AUTO, my_fibnum, CTLTYPE_INT|CTLFLAG_RD, static __inline struct radix_node_head ** rt_tables_get_rnh_ptr(int table, int fam) { - INIT_VNET_RTABLE(curvnet); struct radix_node_head **rnh; KASSERT(table >= 0 && table < rt_numfibs, ("%s: table out of bounds.", @@ -226,7 +185,7 @@ route_init(void) rt_numfibs = 1; rn_init(); /* initialize all zeroes, all ones, mask table */ -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_register(&vnet_rtable_modinfo); #else vnet_route_iattach(NULL); @@ -236,7 +195,6 @@ route_init(void) static int vnet_route_iattach(const void *unused __unused) { - INIT_VNET_RTABLE(curvnet); struct domain *dom; struct radix_node_head **rnh; int table; @@ -382,7 +340,6 @@ struct rtentry * rtalloc1_fib(struct sockaddr *dst, int report, u_long ignflags, u_int fibnum) { - INIT_VNET_RTABLE(curvnet); struct radix_node_head *rnh; struct rtentry *rt; struct radix_node *rn; @@ -452,7 +409,6 @@ done: void rtfree(struct rtentry *rt) { - INIT_VNET_RTABLE(curvnet); struct radix_node_head *rnh; KASSERT(rt != NULL,("%s: NULL rt", __func__)); @@ -551,7 +507,6 @@ rtredirect_fib(struct sockaddr *dst, struct sockaddr *src, u_int fibnum) { - INIT_VNET_RTABLE(curvnet); struct rtentry *rt, *rt0 = NULL; int error = 0; short *stat = NULL; @@ -880,7 +835,6 @@ rt_getifa_fib(struct rt_addrinfo *info, u_int fibnum) int rtexpunge(struct rtentry *rt) { - INIT_VNET_RTABLE(curvnet); struct radix_node *rn; struct radix_node_head *rnh; struct ifaddr *ifa; @@ -1018,8 +972,6 @@ gwdelete: RT_LOCK(rt); RT_ADDREF(rt); if (req == RTM_DELETE) { - INIT_VNET_RTABLE(curvnet); - rt->rt_flags &= ~RTF_UP; /* * One more rtentry floating around that is not @@ -1027,7 +979,6 @@ gwdelete: * when RTFREE(rt) is eventually called. */ V_rttrash++; - } nondelete: @@ -1054,7 +1005,6 @@ int rtrequest1_fib(int req, struct rt_addrinfo *info, struct rtentry **ret_nrt, u_int fibnum) { - INIT_VNET_RTABLE(curvnet); int error = 0, needlock = 0; register struct rtentry *rt; register struct radix_node *rn; diff --git a/sys/net/rtsock.c b/sys/net/rtsock.c index 532070d6b483..bdea325cf316 100644 --- a/sys/net/rtsock.c +++ b/sys/net/rtsock.c @@ -1238,7 +1238,6 @@ rt_ifannouncemsg(struct ifnet *ifp, int what) static void rt_dispatch(struct mbuf *m, const struct sockaddr *sa) { - INIT_VNET_NET(curvnet); struct m_tag *tag; /* @@ -1317,7 +1316,6 @@ sysctl_dumpentry(struct radix_node *rn, void *vw) static int sysctl_iflist(int af, struct walkarg *w) { - INIT_VNET_NET(curvnet); struct ifnet *ifp; struct ifaddr *ifa; struct rt_addrinfo info; @@ -1378,7 +1376,6 @@ done: static int sysctl_ifmalist(int af, struct walkarg *w) { - INIT_VNET_NET(curvnet); struct ifnet *ifp; struct ifmultiaddr *ifma; struct rt_addrinfo info; diff --git a/sys/net/vnet.c b/sys/net/vnet.c new file mode 100644 index 000000000000..a3148868bf98 --- /dev/null +++ b/sys/net/vnet.c @@ -0,0 +1,341 @@ +/*- + * Copyright (c) 2009 Jeffrey Roberson + * Copyright (c) 2009 Robert N. M. Watson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +/*- + * This is the virtual network stack allocator, which provides storage for + * virtualized global variables. These variables are defined/declared using + * the VNET_DEFINE()/VNET_DECLARE() macros, which place them in the + * 'set_vnet' linker set. The details of the implementation are somewhat + * subtle, but allow the majority of most network subsystems to maintain + * virtualization-agnostic. + * + * The virtual network stack allocator handles variables in the base kernel + * vs. modules in similar but different ways. In both cases, virtualized + * global variables are marked as such by being declared to be part of the + * vnet linker set. These "master" copies of global variables serve two + * functions: + * + * (1) They contain static initialization or "default" values for global + * variables which will be propagated to each virtual network stack + * instance when created. As with normal global variables, they default + * to zero-filled. + * + * (2) They act as unique global names by which the variable can be referred + * to, regardless of network stack instance. The single global symbol + * will be used to calculate the location of a per-virtual instance + * variable at run-time. + * + * Each virtual network stack instance has a complete copy of each + * virtualized global variable, stored in a malloc'd block of memory + * referred to by vnet->vnet_data_mem. Critical to the design is that each + * per-instance memory block is laid out identically to the master block so + * that the offset of each global variable is the same across all blocks. To + * optimize run-time access, a precalculated 'base' address, + * vnet->vnet_data_base, is stored in each vnet, and is the amount that can + * be added to the address of a 'master' instance of a variable to get to the + * per-vnet instance. + * + * Virtualized global variables are handled in a similar manner, but as each + * module has its own 'set_vnet' linker set, and we want to keep all + * virtualized globals togther, we reserve space in the kernel's linker set + * for potential module variables using a per-vnet character array, + * 'modspace'. The virtual network stack allocator maintains a free list to + * track what space in the array is free (all, initially) and as modules are + * linked, allocates portions of the space to specific globals. The kernel + * module linker queries the virtual network stack allocator and will + * bind references of the global to the location during linking. It also + * calls into the virtual network stack allocator, once the memory is + * initialized, in order to propagate the new static initializations to all + * existing virtual network stack instances so that the soon-to-be executing + * module will find every network stack instance with proper default values. + */ + +/* + * Location of the kernel's 'set_vnet' linker set. + */ +extern uintptr_t *__start_set_vnet; +extern uintptr_t *__stop_set_vnet; + +#define VNET_START (uintptr_t)&__start_set_vnet +#define VNET_STOP (uintptr_t)&__stop_set_vnet + +/* + * Number of bytes of data in the 'set_vnet' linker set, and hence the total + * size of all kernel virtualized global variables, and the malloc(9) type + * that will be used to allocate it. + */ +#define VNET_BYTES (VNET_STOP - VNET_START) + +MALLOC_DEFINE(M_VNET_DATA, "vnet_data", "VNET data"); + +/* + * VNET_MODMIN is the minimum number of bytes we will reserve for the sum of + * global variables across all loaded modules. As this actually sizes an + * array declared as a virtualized global variable in the kernel itself, and + * we want the virtualized global variable space to be page-sized, we may + * have more space than that in practice. + */ +#define VNET_MODMIN 8192 +#define VNET_SIZE roundup2(VNET_BYTES, PAGE_SIZE) +#define VNET_MODSIZE (VNET_SIZE - (VNET_BYTES - VNET_MODMIN)) + +/* + * Space to store virtualized global variables from loadable kernel modules, + * and the free list to manage it. + */ +static VNET_DEFINE(char, modspace[VNET_MODMIN]); + +struct vnet_data_free { + uintptr_t vnd_start; + int vnd_len; + TAILQ_ENTRY(vnet_data_free) vnd_link; +}; + +MALLOC_DEFINE(M_VNET_DATA_FREE, "vnet_data_free", "VNET resource accounting"); +static TAILQ_HEAD(, vnet_data_free) vnet_data_free_head = + TAILQ_HEAD_INITIALIZER(vnet_data_free_head); +static struct sx vnet_data_free_lock; + +/* + * Allocate storage for virtualized global variables in a new virtual network + * stack instance, and copy in initial values from our 'master' copy. + */ +void +vnet_data_init(struct vnet *vnet) +{ + + vnet->vnet_data_mem = malloc(VNET_SIZE, M_VNET_DATA, M_WAITOK); + memcpy(vnet->vnet_data_mem, (void *)VNET_START, VNET_BYTES); + + /* + * All use of vnet-specific data will immediately subtract VNET_START + * from the base memory pointer, so pre-calculate that now to avoid + * it on each use. + */ + vnet->vnet_data_base = (uintptr_t)vnet->vnet_data_mem - VNET_START; +} + +/* + * Release storage for a virtual network stack instance. + */ +void +vnet_data_destroy(struct vnet *vnet) +{ + + free(vnet->vnet_data_mem, M_VNET_DATA); + vnet->vnet_data_mem = NULL; + vnet->vnet_data_base = 0; +} + +/* + * Once on boot, initialize the modspace freelist to entirely cover modspace. + */ +static void +vnet_data_startup(void *dummy __unused) +{ + struct vnet_data_free *df; + + df = malloc(sizeof(*df), M_VNET_DATA_FREE, M_WAITOK | M_ZERO); + df->vnd_start = (uintptr_t)&VNET_NAME(modspace); + df->vnd_len = VNET_MODSIZE; + TAILQ_INSERT_HEAD(&vnet_data_free_head, df, vnd_link); + sx_init(&vnet_data_free_lock, "vnet_data alloc lock"); +} +SYSINIT(vnet_data, SI_SUB_KLD, SI_ORDER_FIRST, vnet_data_startup, 0); + +/* + * When a module is loaded and requires storage for a virtualized global + * variable, allocate space from the modspace free list. This interface + * should be used only by the kernel linker. + */ +void * +vnet_data_alloc(int size) +{ + struct vnet_data_free *df; + void *s; + + s = NULL; + size = roundup2(size, sizeof(void *)); + sx_xlock(&vnet_data_free_lock); + TAILQ_FOREACH(df, &vnet_data_free_head, vnd_link) { + if (df->vnd_len < size) + continue; + if (df->vnd_len == size) { + s = (void *)df->vnd_start; + TAILQ_REMOVE(&vnet_data_free_head, df, vnd_link); + free(df, M_VNET_DATA_FREE); + break; + } + s = (void *)df->vnd_start; + df->vnd_len -= size; + df->vnd_start = df->vnd_start + size; + break; + } + sx_xunlock(&vnet_data_free_lock); + + return (s); +} + +/* + * Free space for a virtualized global variable on module unload. + */ +void +vnet_data_free(void *start_arg, int size) +{ + struct vnet_data_free *df; + struct vnet_data_free *dn; + uintptr_t start; + uintptr_t end; + + size = roundup2(size, sizeof(void *)); + start = (uintptr_t)start_arg; + end = start + size; + /* + * Free a region of space and merge it with as many neighbors as + * possible. Keeping the list sorted simplifies this operation. + */ + sx_xlock(&vnet_data_free_lock); + TAILQ_FOREACH(df, &vnet_data_free_head, vnd_link) { + if (df->vnd_start > end) + break; + /* + * If we expand at the end of an entry we may have to + * merge it with the one following it as well. + */ + if (df->vnd_start + df->vnd_len == start) { + df->vnd_len += size; + dn = TAILQ_NEXT(df, vnd_link); + if (df->vnd_start + df->vnd_len == dn->vnd_start) { + df->vnd_len += dn->vnd_len; + TAILQ_REMOVE(&vnet_data_free_head, dn, vnd_link); + free(dn, M_VNET_DATA_FREE); + } + sx_xunlock(&vnet_data_free_lock); + return; + } + if (df->vnd_start == end) { + df->vnd_start = start; + df->vnd_len += size; + sx_xunlock(&vnet_data_free_lock); + return; + } + } + dn = malloc(sizeof(*df), M_VNET_DATA_FREE, M_WAITOK | M_ZERO); + dn->vnd_start = start; + dn->vnd_len = size; + if (df) + TAILQ_INSERT_BEFORE(df, dn, vnd_link); + else + TAILQ_INSERT_TAIL(&vnet_data_free_head, dn, vnd_link); + sx_xunlock(&vnet_data_free_lock); +} + +struct vnet_data_copy_fn_arg { + void *start; + int size; +}; + +static void +vnet_data_copy_fn(struct vnet *vnet, void *arg) +{ + struct vnet_data_copy_fn_arg *varg = arg; + + memcpy((void *)((uintptr_t)vnet->vnet_data_base + + (uintptr_t)varg->start), varg->start, varg->size); +} + +/* + * When a new virtualized global variable has been allocated, propagate its + * initial value to each already-allocated virtual network stack instance. + */ +void +vnet_data_copy(void *start, int size) +{ + struct vnet_data_copy_fn_arg varg; + + varg.start = start; + varg.size = size; + vnet_foreach(vnet_data_copy_fn, &varg); +} + +/* + * Variants on sysctl_handle_foo that know how to handle virtualized global + * variables: if 'arg1' is a pointer, then we transform it to the local vnet + * offset. + */ +int +vnet_sysctl_handle_int(SYSCTL_HANDLER_ARGS) +{ + + if (arg1 != NULL) + arg1 = (void *)(curvnet->vnet_data_base + (uintptr_t)arg1); + return (sysctl_handle_int(oidp, arg1, arg2, req)); +} + +int +vnet_sysctl_handle_opaque(SYSCTL_HANDLER_ARGS) +{ + + if (arg1 != NULL) + arg1 = (void *)(curvnet->vnet_data_base + (uintptr_t)arg1); + return (sysctl_handle_opaque(oidp, arg1, arg2, req)); +} + +int +vnet_sysctl_handle_string(SYSCTL_HANDLER_ARGS) +{ + + if (arg1 != NULL) + arg1 = (void *)(curvnet->vnet_data_base + (uintptr_t)arg1); + return (sysctl_handle_string(oidp, arg1, arg2, req)); +} + +int +vnet_sysctl_handle_uint(SYSCTL_HANDLER_ARGS) +{ + + if (arg1 != NULL) + arg1 = (void *)(curvnet->vnet_data_base + (uintptr_t)arg1); + return (sysctl_handle_int(oidp, arg1, arg2, req)); +} diff --git a/sys/net/vnet.h b/sys/net/vnet.h index b5d2fbdc4f3b..4b543e6317d3 100644 --- a/sys/net/vnet.h +++ b/sys/net/vnet.h @@ -1,10 +1,6 @@ /*- - * Copyright (c) 2006-2008 University of Zagreb - * Copyright (c) 2006-2008 FreeBSD Foundation - * - * This software was developed by the University of Zagreb and the - * FreeBSD Foundation under sponsorship by the Stichting NLnet and the - * FreeBSD Foundation. + * Copyright (c) 2009 Jeffrey Roberson + * Copyright (c) 2009 Robert N. M. Watson * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -30,62 +26,131 @@ * $FreeBSD$ */ +/* + * This is the virtual network stack memory allocator, which provides support + * for virtualized global variables via a special linker set, set_vnet. When + * "options VIMAGE" isn't defined, virtualized global variables are compiled + * as normal globals. + */ + #ifndef _NET_VNET_H_ #define _NET_VNET_H_ -#include +#ifdef _KERNEL +#ifdef VIMAGE -struct ifindex_entry; - -struct vnet_net { - int _if_index; - struct ifindex_entry * _ifindex_table; - struct ifnethead _ifnet; - struct ifgrouphead _ifg_head; - - int _if_indexlim; - - struct ifnet * _loif; - struct if_clone * _lo_cloner; - struct ifc_simple_data *_lo_cloner_data; - - LIST_HEAD(, rawcb) _rawcb_list; - - LIST_HEAD(, if_clone) _if_cloners; - int _if_cloners_count; - - int _ether_ipfw; -}; - -/* Size guard. See sys/vimage.h. */ -VIMAGE_CTASSERT(SIZEOF_vnet_net, sizeof(struct vnet_net)); - -#ifndef VIMAGE -#ifndef VIMAGE_GLOBALS -extern struct vnet_net vnet_net_0; -#endif +#if defined(__arm__) +__asm__(".section set_vnet, \"aw\", %progbits"); +#else +__asm__(".section set_vnet, \"aw\", @progbits"); #endif +__asm__(".previous"); + +#define VNET_NAME(n) vnet_entry_##n +#define VNET_DECLARE(t, n) extern t VNET_NAME(n) +#define VNET_DEFINE(t, n) t VNET_NAME(n) __section("set_vnet") __used +#define _VNET_PTR(b, n) (__typeof(VNET_NAME(n))*) \ + ((b) + (uintptr_t)&VNET_NAME(n)) + +#define _VNET_GET(b, n) (*_VNET_PTR(b, n)) +#define _VNET_SET(b, n, v) (*_VNET_PTR(b, n) = v) /* - * Symbol translation macros + * Virtualized global variable accessor macros. */ -#define INIT_VNET_NET(vnet) \ - INIT_FROM_VNET(vnet, VNET_MOD_NET, struct vnet_net, vnet_net) +#define VNET_VNET_PTR(vnet, n) _VNET_PTR((vnet)->vnet_data_base, n) +#define VNET_VNET_GET(vnet, n) (*VNET_VNET_PTR((vnet), n)) +#define VNET_VNET_SET(vnet, n, v) ((*VNET_VNET_PTR((vnet), n)) = v) -#define VNET_NET(sym) VSYM(vnet_net, sym) +#define VNET_PTR(n) VNET_VNET_PTR(curvnet, n) +#define VNET_GET(n) VNET_VNET_GET(curvnet, n) +#define VNET_SET(n, v) VNET_VNET_SET(curvnet, n, v) -#define V_ether_ipfw VNET_NET(ether_ipfw) -#define V_if_index VNET_NET(if_index) -#define V_if_indexlim VNET_NET(if_indexlim) -#define V_if_cloners VNET_NET(if_cloners) -#define V_if_cloners_count VNET_NET(if_cloners_count) -#define V_ifg_head VNET_NET(ifg_head) -#define V_ifindex_table VNET_NET(ifindex_table) -#define V_ifklist VNET_NET(ifklist) -#define V_ifnet VNET_NET(ifnet) -#define V_lo_cloner VNET_NET(lo_cloner) -#define V_lo_cloner_data VNET_NET(lo_cloner_data) -#define V_loif VNET_NET(loif) -#define V_rawcb_list VNET_NET(rawcb_list) +/* + * Sysctl variants for vnet-virtualized global variables. Include + * to expose these definitions. + * + * Note: SYSCTL_PROC() handler functions will need to resolve pointer + * arguments themselves, if required. + */ +#ifdef SYSCTL_OID +int vnet_sysctl_handle_int(SYSCTL_HANDLER_ARGS); +int vnet_sysctl_handle_opaque(SYSCTL_HANDLER_ARGS); +int vnet_sysctl_handle_string(SYSCTL_HANDLER_ARGS); +int vnet_sysctl_handle_uint(SYSCTL_HANDLER_ARGS); + +#define SYSCTL_VNET_INT(parent, nbr, name, access, ptr, val, descr) \ + SYSCTL_OID(parent, nbr, name, CTLTYPE_INT|CTLFLAG_MPSAFE|(access), \ + ptr, val, vnet_sysctl_handle_int, "I", descr) +#define SYSCTL_VNET_PROC(parent, nbr, name, access, ptr, arg, handler, \ + fmt, descr) \ + SYSCTL_OID(parent, nbr, name, access, ptr, arg, handler, fmt, \ + descr) +#define SYSCTL_VNET_STRING(parent, nbr, name, access, arg, len, descr) \ + SYSCTL_OID(parent, nbr, name, CTLTYPE_STRING|(access), arg, \ + len, vnet_sysctl_handle_string, "A", descr) +#define SYSCTL_VNET_STRUCT(parent, nbr, name, access, ptr, type, descr) \ + SYSCTL_OID(parent, nbr, name, CTLTYPE_OPAQUE|(access), ptr, \ + sizeof(struct type), vnet_sysctl_handle_opaque, "S," #type, \ + descr) +#define SYSCTL_VNET_UINT(parent, nbr, name, access, ptr, val, descr) \ + SYSCTL_OID(parent, nbr, name, CTLTYPE_UINT|CTLFLAG_MPSAFE|(access), \ + ptr, val, vnet_sysctl_handle_uint, "IU", descr) +#endif /* SYSCTL_OID */ + +/* + * Interfaces from the kernel linker. + */ +void *vnet_data_alloc(int size); +void vnet_data_copy(void *start, int size); +void vnet_data_free(void *start_arg, int size); + +/* + * Interfaces for vnet setup/teardown. + */ +struct vnet; +void vnet_data_init(struct vnet *vnet); +void vnet_data_destroy(struct vnet *vnet); + +#else /* !VIMAGE */ + +/* + * Versions of the VNET macros that compile to normal global variables and + * standard sysctl definitions. + */ +#define VNET_NAME(n) n +#define VNET_DECLARE(t, n) extern t n +#define VNET_DEFINE(t, n) t n +#define _VNET_PTR(b, n) &VNET_NAME(n) + +#ifdef SYSCTL_OID +#define SYSCTL_VNET_INT(parent, nbr, name, access, ptr, val, descr) \ + SYSCTL_INT(parent, nbr, name, access, ptr, val, descr) +#define SYSCTL_VNET_PROC(parent, nbr, name, access, ptr, arg, handler, \ + fmt, descr) \ + SYSCTL_PROC(parent, nbr, name, access, ptr, arg, handler, fmt, \ + descr) +#define SYSCTL_VNET_STRING(parent, nbr, name, access, arg, len, descr) \ + SYSCTL_STRING(parent, nbr, name, access, arg, len, descr) +#define SYSCTL_VNET_STRUCT(parent, nbr, name, access, ptr, type, descr) \ + SYSCTL_STRUCT(parent, nbr, name, access, ptr, type, descr) +#define SYSCTL_VNET_UINT(parent, nbr, name, access, ptr, val, descr) \ + SYSCTL_UINT(parent, nbr, name, access, ptr, val, descr) +#endif /* SYSCTL_OID */ + +/* + * Virtualized global variable accessor macros. + */ +#define VNET_VNET_PTR(vnet, n) (&(n)) +#define VNET_VNET_GET(vnet, n) (n) +#define VNET_VNET_SET(vnet, n, v) ((n) = (v)) + +#define VNET_PTR(n) (&(n)) +#define VNET_GET(n) (n) +#define VNET_SET(n, v) ((n) = (v)) + +#endif /* VIMAGE */ + +#endif /* _KERNEL */ #endif /* !_NET_VNET_H_ */ diff --git a/sys/net80211/ieee80211_ddb.c b/sys/net80211/ieee80211_ddb.c index 57447d50f044..1386409f2d8c 100644 --- a/sys/net80211/ieee80211_ddb.c +++ b/sys/net80211/ieee80211_ddb.c @@ -165,7 +165,6 @@ DB_SHOW_ALL_COMMAND(vaps, db_show_all_vaps) } VNET_FOREACH(vnet_iter) { - INIT_VNET_NET(vnet_iter); TAILQ_FOREACH(ifp, &V_ifnet, if_list) if (ifp->if_type == IFT_IEEE80211) { const struct ieee80211com *ic = ifp->if_l2com; diff --git a/sys/netgraph/atm/ng_atm.c b/sys/netgraph/atm/ng_atm.c index e5e1e2eaadc1..7296aa153f14 100644 --- a/sys/netgraph/atm/ng_atm.c +++ b/sys/netgraph/atm/ng_atm.c @@ -1407,7 +1407,6 @@ ng_atm_mod_event(module_t mod, int event, void *data) VNET_LIST_RLOCK(); VNET_FOREACH(vnet_iter) { CURVNET_SET_QUIET(vnet_iter); - INIT_VNET_NET(vnet_iter); TAILQ_FOREACH(ifp, &V_ifnet, if_link) { if (ifp->if_type == IFT_ATM) ng_atm_attach(ifp); @@ -1431,7 +1430,6 @@ ng_atm_mod_event(module_t mod, int event, void *data) VNET_LIST_RLOCK(); VNET_FOREACH(vnet_iter) { CURVNET_SET_QUIET(vnet_iter); - INIT_VNET_NET(vnet_iter); TAILQ_FOREACH(ifp, &V_ifnet, if_link) { if (ifp->if_type == IFT_ATM) ng_atm_detach(ifp); diff --git a/sys/netgraph/netgraph.h b/sys/netgraph/netgraph.h index 5a0418e638aa..37ef833cae46 100644 --- a/sys/netgraph/netgraph.h +++ b/sys/netgraph/netgraph.h @@ -1218,36 +1218,4 @@ typedef void *meta_p; ("%s: negative td_ng_outbound", __func__)); \ } while (0) -/* Virtualization macros */ -#define INIT_VNET_NETGRAPH(vnet) \ - INIT_FROM_VNET(vnet, VNET_MOD_NETGRAPH, \ - struct vnet_netgraph, vnet_netgraph) - -#define VNET_NETGRAPH(sym) VSYM(vnet_netgraph, sym) - -struct vnet_netgraph { - LIST_HEAD(, ng_node) _ng_ID_hash[NG_ID_HASH_SIZE]; - LIST_HEAD(, ng_node) _ng_name_hash[NG_NAME_HASH_SIZE]; - LIST_HEAD(, ng_node) _ng_nodelist; - ng_ID_t _nextID; - struct unrhdr *_ng_iface_unit; - struct unrhdr *_ng_eiface_unit; - struct unrhdr *_ng_wormhole_unit; -}; - -#ifndef VIMAGE -#ifndef VIMAGE_GLOBALS -extern struct vnet_netgraph vnet_netgraph_0; -#endif -#endif - -/* Symbol translation macros */ -#define V_nextID VNET_NETGRAPH(nextID) -#define V_ng_ID_hash VNET_NETGRAPH(ng_ID_hash) -#define V_ng_eiface_unit VNET_NETGRAPH(ng_eiface_unit) -#define V_ng_iface_unit VNET_NETGRAPH(ng_iface_unit) -#define V_ng_name_hash VNET_NETGRAPH(ng_name_hash) -#define V_ng_nodelist VNET_NETGRAPH(ng_nodelist) -#define V_ng_wormhole_unit VNET_NETGRAPH(ng_wormhole_unit) - #endif /* _NETGRAPH_NETGRAPH_H_ */ diff --git a/sys/netgraph/ng_base.c b/sys/netgraph/ng_base.c index a49570126325..9eb99d5539cd 100644 --- a/sys/netgraph/ng_base.c +++ b/sys/netgraph/ng_base.c @@ -68,6 +68,7 @@ #include #include +#include #include #include @@ -75,16 +76,9 @@ MODULE_VERSION(netgraph, NG_ABI_VERSION); -#ifndef VIMAGE -#ifndef VIMAGE_GLOBALS -struct vnet_netgraph vnet_netgraph_0; -#endif -#endif - /* Mutex to protect topology events. */ static struct mtx ng_topo_mtx; -static vnet_attach_fn vnet_netgraph_iattach; #ifdef VIMAGE static vnet_detach_fn vnet_netgraph_idetach; #endif @@ -182,9 +176,9 @@ static struct mtx ng_typelist_mtx; /* Hash related definitions */ /* XXX Don't need to initialise them because it's a LIST */ -#ifdef VIMAGE_GLOBALS -static LIST_HEAD(, ng_node) ng_ID_hash[NG_ID_HASH_SIZE]; -#endif +static VNET_DEFINE(LIST_HEAD(, ng_node), ng_ID_hash[NG_ID_HASH_SIZE]); +#define V_ng_ID_hash VNET_GET(ng_ID_hash) + static struct mtx ng_idhash_mtx; /* Method to find a node.. used twice so do it here */ #define NG_IDHASH_FN(ID) ((ID) % (NG_ID_HASH_SIZE)) @@ -200,9 +194,9 @@ static struct mtx ng_idhash_mtx; } \ } while (0) -#ifdef VIMAGE_GLOBALS -static LIST_HEAD(, ng_node) ng_name_hash[NG_NAME_HASH_SIZE]; -#endif +static VNET_DEFINE(LIST_HEAD(, ng_node), ng_name_hash[NG_NAME_HASH_SIZE]); +#define V_ng_name_hash VNET_GET(ng_name_hash) + static struct mtx ng_namehash_mtx; #define NG_NAMEHASH(NAME, HASH) \ do { \ @@ -370,9 +364,8 @@ ng_alloc_node(void) #define TRAP_ERROR() #endif -#ifdef VIMAGE_GLOBALS -static ng_ID_t nextID; -#endif +static VNET_DEFINE(ng_ID_t, nextID) = 1; +#define V_nextID VNET_GET(nextID) #ifdef INVARIANTS #define CHECK_DATA_MBUF(m) do { \ @@ -634,7 +627,6 @@ ng_make_node(const char *typename, node_p *nodepp) int ng_make_node_common(struct ng_type *type, node_p *nodepp) { - INIT_VNET_NETGRAPH(curvnet); node_p node; /* Require the node type to have been already installed */ @@ -819,7 +811,6 @@ ng_unref_node(node_p node) static node_p ng_ID2noderef(ng_ID_t ID) { - INIT_VNET_NETGRAPH(curvnet); node_p node; mtx_lock(&ng_idhash_mtx); NG_IDHASH_FIND(ID, node); @@ -845,7 +836,6 @@ ng_node2ID(node_p node) int ng_name_node(node_p node, const char *name) { - INIT_VNET_NETGRAPH(curvnet); int i, hash; node_p node2; @@ -896,7 +886,6 @@ ng_name_node(node_p node, const char *name) node_p ng_name2noderef(node_p here, const char *name) { - INIT_VNET_NETGRAPH(curvnet); node_p node; ng_ID_t temp; int hash; @@ -2457,7 +2446,6 @@ ng_apply_item(node_p node, item_p item, int rw) static int ng_generic_msg(node_p here, item_p item, hook_p lasthook) { - INIT_VNET_NETGRAPH(curvnet); int error = 0; struct ng_mesg *msg; struct ng_mesg *resp = NULL; @@ -3080,37 +3068,24 @@ ng_mod_event(module_t mod, int event, void *data) return (error); } -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE static const vnet_modinfo_t vnet_netgraph_modinfo = { .vmi_id = VNET_MOD_NETGRAPH, .vmi_name = "netgraph", - .vmi_size = sizeof(struct vnet_netgraph), .vmi_dependson = VNET_MOD_LOIF, - .vmi_iattach = vnet_netgraph_iattach, -#ifdef VIMAGE .vmi_idetach = vnet_netgraph_idetach -#endif }; #endif -static int -vnet_netgraph_iattach(const void *unused __unused) -{ - INIT_VNET_NETGRAPH(curvnet); - - V_nextID = 1; - - return (0); -} - #ifdef VIMAGE static int vnet_netgraph_idetach(const void *unused __unused) { - INIT_VNET_NETGRAPH(curvnet); +#if 0 node_p node, last_killed = NULL; - while ((node = LIST_FIRST(&V_ng_nodelist)) != NULL) { + /* XXXRW: utterly bogus. */ + while ((node = LIST_FIRST(&V_ng_allnodes)) != NULL) { if (node == last_killed) { /* This should never happen */ node->nd_flags |= NGF_REALLY_DIE; @@ -3118,13 +3093,14 @@ vnet_netgraph_idetach(const void *unused __unused) node->nd_name); ng_rmnode(node, NULL, NULL, 0); /* This must never happen */ - if (node == LIST_FIRST(&V_ng_nodelist)) + if (node == LIST_FIRST(&V_ng_allnodes)) panic("netgraph node %s won't die", node->nd_name); } ng_rmnode(node, NULL, NULL, 0); last_killed = node; } +#endif return (0); } @@ -3144,10 +3120,8 @@ ngb_mod_event(module_t mod, int event, void *data) switch (event) { case MOD_LOAD: /* Initialize everything. */ -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_register(&vnet_netgraph_modinfo); -#else - vnet_netgraph_iattach(NULL); #endif NG_WORKLIST_LOCK_INIT(); mtx_init(&ng_typelist_mtx, "netgraph types mutex", NULL, diff --git a/sys/netgraph/ng_eiface.c b/sys/netgraph/ng_eiface.c index 27b4b451bd8f..9969924f1bbd 100644 --- a/sys/netgraph/ng_eiface.c +++ b/sys/netgraph/ng_eiface.c @@ -116,11 +116,10 @@ NETGRAPH_INIT(eiface, &typestruct); static vnet_attach_fn ng_eiface_iattach; static vnet_detach_fn ng_eiface_idetach; -#ifdef VIMAGE_GLOBALS -static struct unrhdr *ng_eiface_unit; -#endif +static VNET_DEFINE(struct unrhdr *, ng_eiface_unit); +#define V_ng_eiface_unit VNET_GET(ng_eiface_unit) -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE static vnet_modinfo_t vnet_ng_eiface_modinfo = { .vmi_id = VNET_MOD_NG_EIFACE, .vmi_name = "ng_eiface", @@ -351,7 +350,6 @@ ng_eiface_print_ioctl(struct ifnet *ifp, int command, caddr_t data) static int ng_eiface_constructor(node_p node) { - INIT_VNET_NETGRAPH(curvnet); struct ifnet *ifp; priv_p priv; u_char eaddr[6] = {0,0,0,0,0,0}; @@ -563,7 +561,6 @@ ng_eiface_rcvdata(hook_p hook, item_p item) static int ng_eiface_rmnode(node_p node) { - INIT_VNET_NETGRAPH(curvnet); const priv_p priv = NG_NODE_PRIVATE(node); struct ifnet *const ifp = priv->ifp; @@ -604,14 +601,14 @@ ng_eiface_mod_event(module_t mod, int event, void *data) switch (event) { case MOD_LOAD: -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_register(&vnet_ng_eiface_modinfo); #else ng_eiface_iattach(NULL); #endif break; case MOD_UNLOAD: -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_deregister(&vnet_ng_eiface_modinfo); #else ng_eiface_idetach(NULL); @@ -626,7 +623,6 @@ ng_eiface_mod_event(module_t mod, int event, void *data) static int ng_eiface_iattach(const void *unused) { - INIT_VNET_NETGRAPH(curvnet); V_ng_eiface_unit = new_unrhdr(0, 0xffff, NULL); @@ -635,7 +631,6 @@ static int ng_eiface_iattach(const void *unused) static int ng_eiface_idetach(const void *unused) { - INIT_VNET_NETGRAPH(curvnet); delete_unrhdr(V_ng_eiface_unit); diff --git a/sys/netgraph/ng_ether.c b/sys/netgraph/ng_ether.c index 2be3b8832faa..09a8615ab87e 100644 --- a/sys/netgraph/ng_ether.c +++ b/sys/netgraph/ng_ether.c @@ -74,7 +74,7 @@ static vnet_attach_fn ng_ether_iattach; -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE static vnet_modinfo_t vnet_ng_ether_modinfo = { .vmi_id = VNET_MOD_NG_ETHER, .vmi_name = "ng_ether", @@ -783,7 +783,7 @@ ng_ether_mod_event(module_t mod, int event, void *data) ng_ether_input_orphan_p = ng_ether_input_orphan; ng_ether_link_state_p = ng_ether_link_state; -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_register(&vnet_ng_ether_modinfo); #else error = ng_ether_iattach(NULL); @@ -800,7 +800,7 @@ ng_ether_mod_event(module_t mod, int event, void *data) * is MOD_UNLOAD, so there's no need to detach any nodes. */ -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_deregister(&vnet_ng_ether_modinfo); #endif @@ -823,7 +823,6 @@ ng_ether_mod_event(module_t mod, int event, void *data) static int ng_ether_iattach(const void *unused) { - INIT_VNET_NET(curvnet); struct ifnet *ifp; /* Create nodes for any already-existing Ethernet interfaces. */ diff --git a/sys/netgraph/ng_gif.c b/sys/netgraph/ng_gif.c index 6f2657e74513..f099d614d6a3 100644 --- a/sys/netgraph/ng_gif.c +++ b/sys/netgraph/ng_gif.c @@ -565,7 +565,6 @@ ng_gif_mod_event(module_t mod, int event, void *data) VNET_LIST_RLOCK(); VNET_FOREACH(vnet_iter) { CURVNET_SET_QUIET(vnet_iter); /* XXX revisit quiet */ - INIT_VNET_NET(curvnet); TAILQ_FOREACH(ifp, &V_ifnet, if_link) { if (ifp->if_type == IFT_GIF) ng_gif_attach(ifp); diff --git a/sys/netgraph/ng_iface.c b/sys/netgraph/ng_iface.c index cd65ad3b6d29..7743b2bc1488 100644 --- a/sys/netgraph/ng_iface.c +++ b/sys/netgraph/ng_iface.c @@ -212,11 +212,10 @@ NETGRAPH_INIT(iface, &typestruct); static vnet_attach_fn ng_iface_iattach; static vnet_detach_fn ng_iface_idetach; -#ifdef VIMAGE_GLOBALS -static struct unrhdr *ng_iface_unit; -#endif +static VNET_DEFINE(struct unrhdr *, ng_iface_unit); +#define V_ng_iface_unit VNET_GET(ng_iface_unit) -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE static vnet_modinfo_t vnet_ng_iface_modinfo = { .vmi_id = VNET_MOD_NG_IFACE, .vmi_name = "ng_iface", @@ -542,7 +541,6 @@ ng_iface_print_ioctl(struct ifnet *ifp, int command, caddr_t data) static int ng_iface_constructor(node_p node) { - INIT_VNET_NETGRAPH(curvnet); struct ifnet *ifp; priv_p priv; @@ -806,7 +804,6 @@ ng_iface_rcvdata(hook_p hook, item_p item) static int ng_iface_shutdown(node_p node) { - INIT_VNET_NETGRAPH(curvnet); const priv_p priv = NG_NODE_PRIVATE(node); /* @@ -852,14 +849,14 @@ ng_iface_mod_event(module_t mod, int event, void *data) switch (event) { case MOD_LOAD: -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_register(&vnet_ng_iface_modinfo); #else ng_iface_iattach(NULL); #endif break; case MOD_UNLOAD: -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_deregister(&vnet_ng_iface_modinfo); #else ng_iface_idetach(NULL); @@ -874,7 +871,6 @@ ng_iface_mod_event(module_t mod, int event, void *data) static int ng_iface_iattach(const void *unused) { - INIT_VNET_NETGRAPH(curvnet); V_ng_iface_unit = new_unrhdr(0, 0xffff, NULL); @@ -883,7 +879,6 @@ static int ng_iface_iattach(const void *unused) static int ng_iface_idetach(const void *unused) { - INIT_VNET_NETGRAPH(curvnet); delete_unrhdr(V_ng_iface_unit); diff --git a/sys/netinet/icmp6.h b/sys/netinet/icmp6.h index c9daa93bc26e..32e3e9fbe38a 100644 --- a/sys/netinet/icmp6.h +++ b/sys/netinet/icmp6.h @@ -716,10 +716,11 @@ do { \ } \ } while (/*CONSTCOND*/ 0) -#ifdef VIMAGE_GLOBALS -extern int icmp6_rediraccept; /* accept/process redirects */ -extern int icmp6_redirtimeout; /* cache time for redirect routes */ -#endif +VNET_DECLARE(int, icmp6_rediraccept); /* accept/process redirects */ +VNET_DECLARE(int, icmp6_redirtimeout); /* cache time for redirect routes */ + +#define V_icmp6_rediraccept VNET_GET(icmp6_rediraccept) +#define V_icmp6_redirtimeout VNET_GET(icmp6_redirtimeout) #define ICMP6_NODEINFO_FQDNOK 0x1 #define ICMP6_NODEINFO_NODEADDROK 0x2 diff --git a/sys/netinet/icmp_var.h b/sys/netinet/icmp_var.h index 8d7b9dee8894..8be07b8d1f0f 100644 --- a/sys/netinet/icmp_var.h +++ b/sys/netinet/icmp_var.h @@ -79,9 +79,10 @@ struct icmpstat { #ifdef _KERNEL SYSCTL_DECL(_net_inet_icmp); -#ifdef VIMAGE_GLOBALS -extern struct icmpstat icmpstat; /* icmp statistics */ -#endif + +VNET_DECLARE(struct icmpstat, icmpstat); /* icmp statistics. */ +#define V_icmpstat VNET_GET(icmpstat) + extern int badport_bandlim(int); #define BANDLIM_UNLIMITED -1 #define BANDLIM_ICMP_UNREACH 0 diff --git a/sys/netinet/if_ether.c b/sys/netinet/if_ether.c index 97ea1085bfdf..bf5f124921ea 100644 --- a/sys/netinet/if_ether.c +++ b/sys/netinet/if_ether.c @@ -65,7 +65,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include @@ -83,28 +82,33 @@ SYSCTL_DECL(_net_link_ether); SYSCTL_NODE(_net_link_ether, PF_INET, inet, CTLFLAG_RW, 0, ""); /* timer values */ -#ifdef VIMAGE_GLOBALS -static int arpt_keep; /* once resolved, good for 20 more minutes */ -static int arp_maxtries; -int useloopback; /* use loopback interface for local traffic */ -static int arp_proxyall; -#endif +static VNET_DEFINE(int, arpt_keep) = (20*60); /* once resolved, good for 20 + * minutes */ +static VNET_DEFINE(int, arp_maxtries) = 5; +static VNET_DEFINE(int, useloopback) = 1; /* use loopback interface for + * local traffic */ +static VNET_DEFINE(int, arp_proxyall); -SYSCTL_V_INT(V_NET, vnet_inet, _net_link_ether_inet, OID_AUTO, max_age, - CTLFLAG_RW, arpt_keep, 0, "ARP entry lifetime in seconds"); +#define V_arpt_keep VNET_GET(arpt_keep) +#define V_arp_maxtries VNET_GET(arp_maxtries) +#define V_useloopback VNET_GET(useloopback) +#define V_arp_proxyall VNET_GET(arp_proxyall) -SYSCTL_V_INT(V_NET, vnet_inet, _net_link_ether_inet, OID_AUTO, maxtries, - CTLFLAG_RW, arp_maxtries, 0, +SYSCTL_VNET_INT(_net_link_ether_inet, OID_AUTO, max_age, CTLFLAG_RW, + &VNET_NAME(arpt_keep), 0, + "ARP entry lifetime in seconds"); + +SYSCTL_VNET_INT(_net_link_ether_inet, OID_AUTO, maxtries, CTLFLAG_RW, + &VNET_NAME(arp_maxtries), 0, "ARP resolution attempts before returning error"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_link_ether_inet, OID_AUTO, useloopback, - CTLFLAG_RW, useloopback, 0, +SYSCTL_VNET_INT(_net_link_ether_inet, OID_AUTO, useloopback, CTLFLAG_RW, + &VNET_NAME(useloopback), 0, "Use the loopback interface for local traffic"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_link_ether_inet, OID_AUTO, proxyall, - CTLFLAG_RW, arp_proxyall, 0, +SYSCTL_VNET_INT(_net_link_ether_inet, OID_AUTO, proxyall, CTLFLAG_RW, + &VNET_NAME(arp_proxyall), 0, "Enable proxy ARP for all suitable requests"); static void arp_init(void); -static int arp_iattach(const void *); void arprequest(struct ifnet *, struct in_addr *, struct in_addr *, u_char *); static void arpintr(struct mbuf *); @@ -120,15 +124,6 @@ static const struct netisr_handler arp_nh = { .nh_policy = NETISR_POLICY_SOURCE, }; -#ifndef VIMAGE_GLOBALS -static const vnet_modinfo_t vnet_arp_modinfo = { - .vmi_id = VNET_MOD_ARP, - .vmi_name = "arp", - .vmi_dependson = VNET_MOD_INET, - .vmi_iattach = arp_iattach -}; -#endif /* !VIMAGE_GLOBALS */ - #ifdef AF_INET void arp_ifscrub(struct ifnet *ifp, uint32_t addr); @@ -263,7 +258,6 @@ int arpresolve(struct ifnet *ifp, struct rtentry *rt0, struct mbuf *m, struct sockaddr *dst, u_char *desten, struct llentry **lle) { - INIT_VNET_INET(ifp->if_vnet); struct llentry *la = 0; u_int flags = 0; int error, renew; @@ -482,7 +476,6 @@ in_arpinput(struct mbuf *m) sin.sin_len = sizeof(struct sockaddr_in); sin.sin_family = AF_INET; sin.sin_addr.s_addr = 0; - INIT_VNET_INET(ifp->if_vnet); if (ifp->if_bridge) bridged = 1; @@ -825,29 +818,10 @@ arp_ifinit2(struct ifnet *ifp, struct ifaddr *ifa, u_char *enaddr) ifa->ifa_rtrequest = NULL; } -static int -arp_iattach(const void *unused __unused) -{ - INIT_VNET_INET(curvnet); - - V_arpt_keep = (20*60); /* once resolved, good for 20 more minutes */ - V_arp_maxtries = 5; - V_useloopback = 1; /* use loopback interface for local traffic */ - V_arp_proxyall = 0; - - return (0); -} - static void arp_init(void) { -#ifndef VIMAGE_GLOBALS - vnet_mod_register(&vnet_arp_modinfo); -#else - arp_iattach(NULL); -#endif - netisr_register(&arp_nh); } SYSINIT(arp, SI_SUB_PROTO_DOMAIN, SI_ORDER_ANY, arp_init, 0); diff --git a/sys/netinet/igmp.c b/sys/netinet/igmp.c index be102d442e78..c8bd09a265b6 100644 --- a/sys/netinet/igmp.c +++ b/sys/netinet/igmp.c @@ -75,7 +75,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include @@ -212,55 +211,72 @@ MALLOC_DEFINE(M_IGMP, "igmp", "igmp state"); * FUTURE: Stop using IFP_TO_IA/INADDR_ANY, and use source address selection * policy to control the address used by IGMP on the link. */ -#ifdef VIMAGE_GLOBALS -int interface_timers_running; /* IGMPv3 general query response */ -int state_change_timers_running; /* IGMPv3 state-change retransmit */ -int current_state_timers_running; /* IGMPv1/v2 host report; - * IGMPv3 g/sg query response */ +static VNET_DEFINE(int, interface_timers_running); /* IGMPv3 general + * query response */ +static VNET_DEFINE(int, state_change_timers_running); /* IGMPv3 state-change + * retransmit */ +static VNET_DEFINE(int, current_state_timers_running); /* IGMPv1/v2 host + * report; IGMPv3 g/sg + * query response */ -LIST_HEAD(, igmp_ifinfo) igi_head; -struct igmpstat igmpstat; -struct timeval igmp_gsrdelay; +#define V_interface_timers_running VNET_GET(interface_timers_running) +#define V_state_change_timers_running VNET_GET(state_change_timers_running) +#define V_current_state_timers_running VNET_GET(current_state_timers_running) -int igmp_recvifkludge; -int igmp_sendra; -int igmp_sendlocal; -int igmp_v1enable; -int igmp_v2enable; -int igmp_legacysupp; -int igmp_default_version; -#endif /* VIMAGE_GLOBALS */ +static VNET_DEFINE(LIST_HEAD(, igmp_ifinfo), igi_head); +static VNET_DEFINE(struct igmpstat, igmpstat); +static VNET_DEFINE(struct timeval, igmp_gsrdelay) = {10, 0}; + +#define V_igi_head VNET_GET(igi_head) +#define V_igmpstat VNET_GET(igmpstat) +#define V_igmp_gsrdelay VNET_GET(igmp_gsrdelay) + +static VNET_DEFINE(int, igmp_recvifkludge) = 1; +static VNET_DEFINE(int, igmp_sendra) = 1; +static VNET_DEFINE(int, igmp_sendlocal) = 1; +static VNET_DEFINE(int, igmp_v1enable) = 1; +static VNET_DEFINE(int, igmp_v2enable) = 1; +static VNET_DEFINE(int, igmp_legacysupp); +static VNET_DEFINE(int, igmp_default_version) = IGMP_VERSION_3; + +#define V_igmp_recvifkludge VNET_GET(igmp_recvifkludge) +#define V_igmp_sendra VNET_GET(igmp_sendra) +#define V_igmp_sendlocal VNET_GET(igmp_sendlocal) +#define V_igmp_v1enable VNET_GET(igmp_v1enable) +#define V_igmp_v2enable VNET_GET(igmp_v2enable) +#define V_igmp_legacysupp VNET_GET(igmp_legacysupp) +#define V_igmp_default_version VNET_GET(igmp_default_version) /* * Virtualized sysctls. */ -SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_igmp, IGMPCTL_STATS, stats, - CTLFLAG_RW, igmpstat, igmpstat, ""); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_igmp, OID_AUTO, recvifkludge, - CTLFLAG_RW, igmp_recvifkludge, 0, +SYSCTL_VNET_STRUCT(_net_inet_igmp, IGMPCTL_STATS, stats, CTLFLAG_RW, + &VNET_NAME(igmpstat), igmpstat, ""); +SYSCTL_VNET_INT(_net_inet_igmp, OID_AUTO, recvifkludge, CTLFLAG_RW, + &VNET_NAME(igmp_recvifkludge), 0, "Rewrite IGMPv1/v2 reports from 0.0.0.0 to contain subnet address"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_igmp, OID_AUTO, sendra, - CTLFLAG_RW, igmp_sendra, 0, +SYSCTL_VNET_INT(_net_inet_igmp, OID_AUTO, sendra, CTLFLAG_RW, + &VNET_NAME(igmp_sendra), 0, "Send IP Router Alert option in IGMPv2/v3 messages"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_igmp, OID_AUTO, sendlocal, - CTLFLAG_RW, igmp_sendlocal, 0, +SYSCTL_VNET_INT(_net_inet_igmp, OID_AUTO, sendlocal, CTLFLAG_RW, + &VNET_NAME(igmp_sendlocal), 0, "Send IGMP membership reports for 224.0.0.0/24 groups"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_igmp, OID_AUTO, v1enable, - CTLFLAG_RW, igmp_v1enable, 0, +SYSCTL_VNET_INT(_net_inet_igmp, OID_AUTO, v1enable, CTLFLAG_RW, + &VNET_NAME(igmp_v1enable), 0, "Enable backwards compatibility with IGMPv1"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_igmp, OID_AUTO, v2enable, - CTLFLAG_RW, igmp_v2enable, 0, +SYSCTL_VNET_INT(_net_inet_igmp, OID_AUTO, v2enable, CTLFLAG_RW, + &VNET_NAME(igmp_v2enable), 0, "Enable backwards compatibility with IGMPv2"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_igmp, OID_AUTO, legacysupp, - CTLFLAG_RW, igmp_legacysupp, 0, +SYSCTL_VNET_INT(_net_inet_igmp, OID_AUTO, legacysupp, CTLFLAG_RW, + &VNET_NAME(igmp_legacysupp), 0, "Allow v1/v2 reports to suppress v3 group responses"); -SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_igmp, OID_AUTO, default_version, - CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, igmp_default_version, 0, - sysctl_igmp_default_version, "I", +SYSCTL_VNET_PROC(_net_inet_igmp, OID_AUTO, default_version, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, + &VNET_NAME(igmp_default_version), 0, sysctl_igmp_default_version, "I", "Default version of IGMP to run on each interface"); -SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_igmp, OID_AUTO, gsrdelay, - CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, igmp_gsrdelay.tv_sec, 0, - sysctl_igmp_gsr, "I", +SYSCTL_VNET_PROC(_net_inet_igmp, OID_AUTO, gsrdelay, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, + &VNET_NAME(igmp_gsrdelay.tv_sec), 0, sysctl_igmp_gsr, "I", "Rate limit for IGMPv3 Group-and-Source queries in seconds"); /* @@ -327,7 +343,6 @@ igmp_restore_context(struct mbuf *m) static int sysctl_igmp_default_version(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); int error; int new; @@ -367,7 +382,6 @@ out_locked: static int sysctl_igmp_gsr(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); int error; int i; @@ -408,8 +422,6 @@ out_locked: static int sysctl_igmp_ifinfo(SYSCTL_HANDLER_ARGS) { - INIT_VNET_NET(curvnet); - INIT_VNET_INET(curvnet); int *name; int error; u_int namelen; @@ -495,7 +507,6 @@ igmp_dispatch_queue(struct ifqueue *ifq, int limit, const int loop) static __inline int igmp_isgroupreported(const struct in_addr addr) { - INIT_VNET_INET(curvnet); if (in_allhosts(addr) || ((!V_igmp_sendlocal && IN_LOCAL_GROUP(ntohl(addr.s_addr))))) @@ -553,7 +564,6 @@ igmp_domifattach(struct ifnet *ifp) static struct igmp_ifinfo * igi_alloc_locked(/*const*/ struct ifnet *ifp) { - INIT_VNET_INET(ifp->if_vnet); struct igmp_ifinfo *igi; IGMP_LOCK_ASSERT(); @@ -661,7 +671,6 @@ igmp_domifdetach(struct ifnet *ifp) static void igi_delete_locked(const struct ifnet *ifp) { - INIT_VNET_INET(ifp->if_vnet); struct igmp_ifinfo *igi, *tigi; CTR3(KTR_IGMPV3, "%s: freeing igmp_ifinfo for ifp %p(%s)", @@ -702,7 +711,6 @@ static int igmp_input_v1_query(struct ifnet *ifp, const struct ip *ip, const struct igmp *igmp) { - INIT_VNET_INET(ifp->if_vnet); struct ifmultiaddr *ifma; struct igmp_ifinfo *igi; struct in_multi *inm; @@ -788,7 +796,6 @@ static int igmp_input_v2_query(struct ifnet *ifp, const struct ip *ip, const struct igmp *igmp) { - INIT_VNET_INET(ifp->if_vnet); struct ifmultiaddr *ifma; struct igmp_ifinfo *igi; struct in_multi *inm; @@ -893,7 +900,6 @@ out_locked: static void igmp_v2_update_group(struct in_multi *inm, const int timer) { - INIT_VNET_INET(curvnet); CTR4(KTR_IGMPV3, "%s: %s/%s timer=%d", __func__, inet_ntoa(inm->inm_addr), inm->inm_ifp->if_xname, timer); @@ -941,7 +947,6 @@ static int igmp_input_v3_query(struct ifnet *ifp, const struct ip *ip, /*const*/ struct igmpv3 *igmpv3) { - INIT_VNET_INET(ifp->if_vnet); struct igmp_ifinfo *igi; struct in_multi *inm; int is_general_query; @@ -1106,7 +1111,6 @@ static int igmp_input_v3_group_query(struct in_multi *inm, struct igmp_ifinfo *igi, int timer, /*const*/ struct igmpv3 *igmpv3) { - INIT_VNET_INET(curvnet); int retval; uint16_t nsrc; @@ -1209,7 +1213,6 @@ static int igmp_input_v1_report(struct ifnet *ifp, /*const*/ struct ip *ip, /*const*/ struct igmp *igmp) { - INIT_VNET_INET(ifp->if_vnet); struct in_ifaddr *ia; struct in_multi *inm; @@ -1318,7 +1321,6 @@ static int igmp_input_v2_report(struct ifnet *ifp, /*const*/ struct ip *ip, /*const*/ struct igmp *igmp) { - INIT_VNET_INET(ifp->if_vnet); struct in_ifaddr *ia; struct in_multi *inm; @@ -1436,7 +1438,6 @@ igmp_input(struct mbuf *m, int off) CTR3(KTR_IGMPV3, "%s: called w/mbuf (%p,%d)", __func__, m, off); ifp = m->m_pkthdr.rcvif; - INIT_VNET_INET(ifp->if_vnet); IGMPSTAT_INC(igps_rcv_total); @@ -1633,7 +1634,6 @@ igmp_fasttimo(void) static void igmp_fasttimo_vnet(void) { - INIT_VNET_INET(curvnet); struct ifqueue scq; /* State-change packets */ struct ifqueue qrq; /* Query response packets */ struct ifnet *ifp; @@ -1756,7 +1756,6 @@ out_locked: static void igmp_v1v2_process_group_timer(struct in_multi *inm, const int version) { - INIT_VNET_INET(curvnet); int report_timer_expired; IN_MULTI_LOCK_ASSERT(); @@ -1805,7 +1804,6 @@ igmp_v3_process_group_timers(struct igmp_ifinfo *igi, struct ifqueue *qrq, struct ifqueue *scq, struct in_multi *inm, const int uri_fasthz) { - INIT_VNET_INET(curvnet); int query_response_timer_expired; int state_change_retransmit_timer_expired; @@ -2083,7 +2081,6 @@ igmp_v3_cancel_link_timers(struct igmp_ifinfo *igi) static void igmp_v1v2_process_querier_timers(struct igmp_ifinfo *igi) { - INIT_VNET_INET(curvnet); IGMP_LOCK_ASSERT(); @@ -2177,7 +2174,6 @@ igmp_slowtimo(void) static void igmp_slowtimo_vnet(void) { - INIT_VNET_INET(curvnet); struct igmp_ifinfo *igi; IGMP_LOCK(); @@ -2342,7 +2338,6 @@ out_locked: static int igmp_initial_join(struct in_multi *inm, struct igmp_ifinfo *igi) { - INIT_VNET_INET(curvnet); struct ifnet *ifp; struct ifqueue *ifq; int error, retval, syncstates; @@ -2471,7 +2466,6 @@ igmp_initial_join(struct in_multi *inm, struct igmp_ifinfo *igi) static int igmp_handle_state_change(struct in_multi *inm, struct igmp_ifinfo *igi) { - INIT_VNET_INET(curvnet); struct ifnet *ifp; int retval; @@ -2531,7 +2525,6 @@ igmp_handle_state_change(struct in_multi *inm, struct igmp_ifinfo *igi) static void igmp_final_leave(struct in_multi *inm, struct igmp_ifinfo *igi) { - INIT_VNET_INET(curvnet); int syncstates; syncstates = 1; @@ -3324,7 +3317,6 @@ igmp_v3_merge_state_changes(struct in_multi *inm, struct ifqueue *ifscq) static void igmp_v3_dispatch_general_query(struct igmp_ifinfo *igi) { - INIT_VNET_INET(curvnet); struct ifmultiaddr *ifma, *tifma; struct ifnet *ifp; struct in_multi *inm; @@ -3412,8 +3404,6 @@ igmp_intr(struct mbuf *m) * unique to each VIMAGE and must be retrieved. */ CURVNET_SET((struct vnet *)(m->m_pkthdr.header)); - INIT_VNET_NET(curvnet); - INIT_VNET_INET(curvnet); ifindex = igmp_restore_context(m); /* @@ -3495,7 +3485,6 @@ out: static struct mbuf * igmp_v3_encap_report(struct ifnet *ifp, struct mbuf *m) { - INIT_VNET_INET(curvnet); struct igmp_report *igmp; struct ip *ip; int hdrlen, igmpreclen; @@ -3621,30 +3610,14 @@ igmp_sysuninit(void) static int vnet_igmp_iattach(const void *unused __unused) { - INIT_VNET_INET(curvnet); CTR1(KTR_IGMPV3, "%s: initializing", __func__); LIST_INIT(&V_igi_head); - V_current_state_timers_running = 0; - V_state_change_timers_running = 0; - V_interface_timers_running = 0; - /* * Initialize sysctls to default values. */ - V_igmp_recvifkludge = 1; - V_igmp_sendra = 1; - V_igmp_sendlocal = 1; - V_igmp_v1enable = 1; - V_igmp_v2enable = 1; - V_igmp_legacysupp = 0; - V_igmp_default_version = IGMP_VERSION_3; - V_igmp_gsrdelay.tv_sec = 10; - V_igmp_gsrdelay.tv_usec = 0; - - memset(&V_igmpstat, 0, sizeof(struct igmpstat)); V_igmpstat.igps_version = IGPS_VERSION_3; V_igmpstat.igps_len = sizeof(struct igmpstat); @@ -3654,9 +3627,6 @@ vnet_igmp_iattach(const void *unused __unused) static int vnet_igmp_idetach(const void *unused __unused) { -#ifdef INVARIANTS - INIT_VNET_INET(curvnet); -#endif CTR1(KTR_IGMPV3, "%s: tearing down", __func__); @@ -3666,7 +3636,7 @@ vnet_igmp_idetach(const void *unused __unused) return (0); } -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE static vnet_modinfo_t vnet_igmp_modinfo = { .vmi_id = VNET_MOD_IGMP, .vmi_name = "igmp", @@ -3683,14 +3653,14 @@ igmp_modevent(module_t mod, int type, void *unused __unused) switch (type) { case MOD_LOAD: igmp_sysinit(); -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_register(&vnet_igmp_modinfo); #else vnet_igmp_iattach(NULL); #endif break; case MOD_UNLOAD: -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_deregister(&vnet_igmp_modinfo); #else vnet_igmp_idetach(NULL); diff --git a/sys/netinet/in.c b/sys/netinet/in.c index b9db746591e8..8b7eab67fdc3 100644 --- a/sys/netinet/in.c +++ b/sys/netinet/in.c @@ -59,8 +59,9 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include +#include +#include static int in_mask2len(struct in_addr *); static void in_len2mask(struct in_addr *, int); @@ -74,17 +75,19 @@ static int in_ifinit(struct ifnet *, struct in_ifaddr *, struct sockaddr_in *, int); static void in_purgemaddrs(struct ifnet *); -#ifdef VIMAGE_GLOBALS -static int subnetsarelocal; -static int sameprefixcarponly; -extern struct inpcbinfo ripcbinfo; -#endif +static VNET_DEFINE(int, subnetsarelocal); +static VNET_DEFINE(int, sameprefixcarponly); +VNET_DECLARE(struct inpcbinfo, ripcbinfo); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, subnets_are_local, - CTLFLAG_RW, subnetsarelocal, 0, +#define V_subnetsarelocal VNET_GET(subnetsarelocal) +#define V_sameprefixcarponly VNET_GET(sameprefixcarponly) +#define V_ripcbinfo VNET_GET(ripcbinfo) + +SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, subnets_are_local, CTLFLAG_RW, + &VNET_NAME(subnetsarelocal), 0, "Treat all subnets as directly connected"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, same_prefix_carp_only, - CTLFLAG_RW, sameprefixcarponly, 0, +SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, same_prefix_carp_only, CTLFLAG_RW, + &VNET_NAME(sameprefixcarponly), 0, "Refuse to create same prefixes on different interfaces"); /* @@ -96,7 +99,6 @@ SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, same_prefix_carp_only, int in_localaddr(struct in_addr in) { - INIT_VNET_INET(curvnet); register u_long i = ntohl(in.s_addr); register struct in_ifaddr *ia; @@ -127,7 +129,6 @@ in_localaddr(struct in_addr in) int in_localip(struct in_addr in) { - INIT_VNET_INET(curvnet); struct in_ifaddr *ia; IN_IFADDR_RLOCK(); @@ -225,7 +226,6 @@ int in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp, struct thread *td) { - INIT_VNET_INET(curvnet); /* both so and ifp can be NULL here! */ register struct ifreq *ifr = (struct ifreq *)data; register struct in_ifaddr *ia, *iap; register struct ifaddr *ifa; @@ -816,8 +816,6 @@ static int in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin, int scrub) { - INIT_VNET_NET(ifp->if_vnet); - INIT_VNET_INET(ifp->if_vnet); register u_long i = ntohl(sin->sin_addr.s_addr); struct sockaddr_in oldaddr; struct rtentry *rt = NULL; @@ -952,7 +950,6 @@ in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin, static int in_addprefix(struct in_ifaddr *target, int flags) { - INIT_VNET_INET(curvnet); struct in_ifaddr *ia; struct in_addr prefix, mask, p, m; int error; @@ -1020,8 +1017,6 @@ extern void arp_ifscrub(struct ifnet *ifp, uint32_t addr); static int in_scrubprefix(struct in_ifaddr *target) { - INIT_VNET_NET(curvnet); - INIT_VNET_INET(curvnet); struct in_ifaddr *ia; struct in_addr prefix, mask, p; int error; @@ -1166,7 +1161,6 @@ in_broadcast(struct in_addr in, struct ifnet *ifp) void in_ifdetach(struct ifnet *ifp) { - INIT_VNET_INET(ifp->if_vnet); in_pcbpurgeif0(&V_ripcbinfo, ifp); in_pcbpurgeif0(&V_udbinfo, ifp); diff --git a/sys/netinet/in_gif.c b/sys/netinet/in_gif.c index 11e32c356408..fe2c9ee3bca4 100644 --- a/sys/netinet/in_gif.c +++ b/sys/netinet/in_gif.c @@ -59,7 +59,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #ifdef INET6 #include @@ -86,16 +85,12 @@ struct protosw in_gif_protosw = { .pr_usrreqs = &rip_usrreqs }; -#ifdef VIMAGE_GLOBALS -extern int ip_gif_ttl; -#endif -SYSCTL_V_INT(V_NET, vnet_gif, _net_inet_ip, IPCTL_GIF_TTL, gifttl, - CTLFLAG_RW, ip_gif_ttl, 0, ""); +SYSCTL_VNET_INT(_net_inet_ip, IPCTL_GIF_TTL, gifttl, CTLFLAG_RW, + &VNET_NAME(ip_gif_ttl), 0, ""); int in_gif_output(struct ifnet *ifp, int family, struct mbuf *m) { - INIT_VNET_GIF(ifp->if_vnet); struct gif_softc *sc = ifp->if_softc; struct sockaddr_in *dst = (struct sockaddr_in *)&sc->gif_ro.ro_dst; struct sockaddr_in *sin_src = (struct sockaddr_in *)sc->gif_psrc; @@ -273,7 +268,6 @@ in_gif_output(struct ifnet *ifp, int family, struct mbuf *m) void in_gif_input(struct mbuf *m, int off) { - INIT_VNET_INET(curvnet); struct ifnet *gifp = NULL; struct gif_softc *sc; struct ip *ip; @@ -368,7 +362,6 @@ in_gif_input(struct mbuf *m, int off) static int gif_validate4(const struct ip *ip, struct gif_softc *sc, struct ifnet *ifp) { - INIT_VNET_INET(curvnet); struct sockaddr_in *src, *dst; struct in_ifaddr *ia4; diff --git a/sys/netinet/in_mcast.c b/sys/netinet/in_mcast.c index 5c299af6a6e1..6efa7d852b1c 100644 --- a/sys/netinet/in_mcast.c +++ b/sys/netinet/in_mcast.c @@ -60,7 +60,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #ifndef KTR_IGMPV3 #define KTR_IGMPV3 KTR_INET @@ -84,10 +83,6 @@ static MALLOC_DEFINE(M_IPMOPTS, "ip_moptions", "IPv4 multicast options"); static MALLOC_DEFINE(M_IPMSOURCE, "ip_msource", "IPv4 multicast IGMP-layer source filter"); -#ifdef VIMAGE_GLOBALS -struct in_multihead in_multihead; /* XXX now unused; retain for ABI */ -#endif - /* * Locking: * - Lock order is: Giant, INP_WLOCK, IN_MULTI_LOCK, IGMP_LOCK, IF_ADDR_LOCK. @@ -1295,8 +1290,6 @@ in_delmulti(struct in_multi *inm) static int inp_block_unblock_source(struct inpcb *inp, struct sockopt *sopt) { - INIT_VNET_NET(curvnet); - INIT_VNET_INET(curvnet); struct group_source_req gsr; sockunion_t *gsa, *ssa; struct ifnet *ifp; @@ -1560,7 +1553,6 @@ inp_freemoptions(struct ip_moptions *imo) static int inp_get_source_filters(struct inpcb *inp, struct sockopt *sopt) { - INIT_VNET_NET(curvnet); struct __msfilterreq msfr; sockunion_t *gsa; struct ifnet *ifp; @@ -1678,7 +1670,6 @@ inp_get_source_filters(struct inpcb *inp, struct sockopt *sopt) int inp_getmoptions(struct inpcb *inp, struct sockopt *sopt) { - INIT_VNET_INET(curvnet); struct ip_mreqn mreqn; struct ip_moptions *imo; struct ifnet *ifp; @@ -1809,7 +1800,6 @@ static struct ifnet * inp_lookup_mcast_ifp(const struct inpcb *inp, const struct sockaddr_in *gsin, const struct in_addr ina) { - INIT_VNET_INET(curvnet); struct ifnet *ifp; KASSERT(gsin->sin_family == AF_INET, ("%s: not AF_INET", __func__)); @@ -1856,7 +1846,6 @@ inp_lookup_mcast_ifp(const struct inpcb *inp, static int inp_join_group(struct inpcb *inp, struct sockopt *sopt) { - INIT_VNET_NET(curvnet); struct group_source_req gsr; sockunion_t *gsa, *ssa; struct ifnet *ifp; @@ -2097,8 +2086,6 @@ out_inp_locked: static int inp_leave_group(struct inpcb *inp, struct sockopt *sopt) { - INIT_VNET_NET(curvnet); - INIT_VNET_INET(curvnet); struct group_source_req gsr; struct ip_mreq_source mreqs; sockunion_t *gsa, *ssa; @@ -2308,8 +2295,6 @@ out_inp_locked: static int inp_set_multicast_if(struct inpcb *inp, struct sockopt *sopt) { - INIT_VNET_NET(curvnet); - INIT_VNET_INET(curvnet); struct in_addr addr; struct ip_mreqn mreqn; struct ifnet *ifp; @@ -2376,7 +2361,6 @@ inp_set_multicast_if(struct inpcb *inp, struct sockopt *sopt) static int inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt) { - INIT_VNET_NET(curvnet); struct __msfilterreq msfr; sockunion_t *gsa; struct ifnet *ifp; @@ -2699,7 +2683,6 @@ inp_setmoptions(struct inpcb *inp, struct sockopt *sopt) static int sysctl_ip_mcast_filters(SYSCTL_HANDLER_ARGS) { - INIT_VNET_NET(curvnet); struct in_addr src, group; struct ifnet *ifp; struct ifmultiaddr *ifma; diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c index 958e6b6ab313..58bf77a8b3ee 100644 --- a/sys/netinet/in_pcb.c +++ b/sys/netinet/in_pcb.c @@ -70,11 +70,9 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #ifdef INET6 #include #include -#include #endif /* INET6 */ @@ -85,34 +83,34 @@ __FBSDID("$FreeBSD$"); #include -#ifdef VIMAGE_GLOBALS /* * These configure the range of local port addresses assigned to * "unspecified" outgoing connections/packets/whatever. */ -int ipport_lowfirstauto; -int ipport_lowlastauto; -int ipport_firstauto; -int ipport_lastauto; -int ipport_hifirstauto; -int ipport_hilastauto; +VNET_DEFINE(int, ipport_lowfirstauto) = IPPORT_RESERVED - 1; /* 1023 */ +VNET_DEFINE(int, ipport_lowlastauto) = IPPORT_RESERVEDSTART; /* 600 */ +VNET_DEFINE(int, ipport_firstauto) = IPPORT_EPHEMERALFIRST; /* 10000 */ +VNET_DEFINE(int, ipport_lastauto) = IPPORT_EPHEMERALLAST; /* 65535 */ +VNET_DEFINE(int, ipport_hifirstauto) = IPPORT_HIFIRSTAUTO; /* 49152 */ +VNET_DEFINE(int, ipport_hilastauto) = IPPORT_HILASTAUTO; /* 65535 */ /* * Reserved ports accessible only to root. There are significant * security considerations that must be accounted for when changing these, * but the security benefits can be great. Please be careful. */ -int ipport_reservedhigh; -int ipport_reservedlow; +VNET_DEFINE(int, ipport_reservedhigh) = IPPORT_RESERVED - 1; /* 1023 */ +VNET_DEFINE(int, ipport_reservedlow); /* Variables dealing with random ephemeral port allocation. */ -int ipport_randomized; -int ipport_randomcps; -int ipport_randomtime; -int ipport_stoprandom; -int ipport_tcpallocs; -int ipport_tcplastcount; -#endif +VNET_DEFINE(int, ipport_randomized) = 1; /* user controlled via sysctl */ +VNET_DEFINE(int, ipport_randomcps) = 10; /* user controlled via sysctl */ +VNET_DEFINE(int, ipport_randomtime) = 45; /* user controlled via sysctl */ +VNET_DEFINE(int, ipport_stoprandom); /* toggled by ipport_tick */ +VNET_DEFINE(int, ipport_tcpallocs); +static VNET_DEFINE(int, ipport_tcplastcount); + +#define V_ipport_tcplastcount VNET_GET(ipport_tcplastcount) #define RANGECHK(var, min, max) \ if ((var) < (min)) { (var) = (min); } \ @@ -123,12 +121,13 @@ static void in_pcbremlists(struct inpcb *inp); static int sysctl_net_ipport_check(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); int error; - SYSCTL_RESOLVE_V_ARG1(); - +#ifdef VIMAGE + error = vnet_sysctl_handle_int(oidp, arg1, arg2, req); +#else error = sysctl_handle_int(oidp, arg1, arg2, req); +#endif if (error == 0) { RANGECHK(V_ipport_lowfirstauto, 1, IPPORT_RESERVED - 1); RANGECHK(V_ipport_lowlastauto, 1, IPPORT_RESERVED - 1); @@ -144,35 +143,35 @@ sysctl_net_ipport_check(SYSCTL_HANDLER_ARGS) SYSCTL_NODE(_net_inet_ip, IPPROTO_IP, portrange, CTLFLAG_RW, 0, "IP Ports"); -SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, - lowfirst, CTLTYPE_INT|CTLFLAG_RW, ipport_lowfirstauto, 0, +SYSCTL_VNET_PROC(_net_inet_ip_portrange, OID_AUTO, lowfirst, + CTLTYPE_INT|CTLFLAG_RW, &VNET_NAME(ipport_lowfirstauto), 0, &sysctl_net_ipport_check, "I", ""); -SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, - lowlast, CTLTYPE_INT|CTLFLAG_RW, ipport_lowlastauto, 0, +SYSCTL_VNET_PROC(_net_inet_ip_portrange, OID_AUTO, lowlast, + CTLTYPE_INT|CTLFLAG_RW, &VNET_NAME(ipport_lowlastauto), 0, &sysctl_net_ipport_check, "I", ""); -SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, - first, CTLTYPE_INT|CTLFLAG_RW, ipport_firstauto, 0, +SYSCTL_VNET_PROC(_net_inet_ip_portrange, OID_AUTO, first, + CTLTYPE_INT|CTLFLAG_RW, &VNET_NAME(ipport_firstauto), 0, &sysctl_net_ipport_check, "I", ""); -SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, - last, CTLTYPE_INT|CTLFLAG_RW, ipport_lastauto, 0, +SYSCTL_VNET_PROC(_net_inet_ip_portrange, OID_AUTO, last, + CTLTYPE_INT|CTLFLAG_RW, &VNET_NAME(ipport_lastauto), 0, &sysctl_net_ipport_check, "I", ""); -SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, - hifirst, CTLTYPE_INT|CTLFLAG_RW, ipport_hifirstauto, 0, +SYSCTL_VNET_PROC(_net_inet_ip_portrange, OID_AUTO, hifirst, + CTLTYPE_INT|CTLFLAG_RW, &VNET_NAME(ipport_hifirstauto), 0, &sysctl_net_ipport_check, "I", ""); -SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, - hilast, CTLTYPE_INT|CTLFLAG_RW, ipport_hilastauto, 0, +SYSCTL_VNET_PROC(_net_inet_ip_portrange, OID_AUTO, hilast, + CTLTYPE_INT|CTLFLAG_RW, &VNET_NAME(ipport_hilastauto), 0, &sysctl_net_ipport_check, "I", ""); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, - reservedhigh, CTLFLAG_RW|CTLFLAG_SECURE, ipport_reservedhigh, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, reservedlow, - CTLFLAG_RW|CTLFLAG_SECURE, ipport_reservedlow, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, randomized, - CTLFLAG_RW, ipport_randomized, 0, "Enable random port allocation"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, randomcps, - CTLFLAG_RW, ipport_randomcps, 0, "Maximum number of random port " +SYSCTL_VNET_INT(_net_inet_ip_portrange, OID_AUTO, reservedhigh, + CTLFLAG_RW|CTLFLAG_SECURE, &VNET_NAME(ipport_reservedhigh), 0, ""); +SYSCTL_VNET_INT(_net_inet_ip_portrange, OID_AUTO, reservedlow, + CTLFLAG_RW|CTLFLAG_SECURE, &VNET_NAME(ipport_reservedlow), 0, ""); +SYSCTL_VNET_INT(_net_inet_ip_portrange, OID_AUTO, randomized, CTLFLAG_RW, + &VNET_NAME(ipport_randomized), 0, "Enable random port allocation"); +SYSCTL_VNET_INT(_net_inet_ip_portrange, OID_AUTO, randomcps, CTLFLAG_RW, + &VNET_NAME(ipport_randomcps), 0, "Maximum number of random port " "allocations before switching to a sequental one"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, randomtime, - CTLFLAG_RW, ipport_randomtime, 0, +SYSCTL_VNET_INT(_net_inet_ip_portrange, OID_AUTO, randomtime, CTLFLAG_RW, + &VNET_NAME(ipport_randomtime), 0, "Minimum time to keep sequental port " "allocation before switching to a random one"); @@ -191,9 +190,6 @@ SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, randomtime, int in_pcballoc(struct socket *so, struct inpcbinfo *pcbinfo) { -#ifdef INET6 - INIT_VNET_INET6(curvnet); -#endif struct inpcb *inp; int error; @@ -288,7 +284,6 @@ int in_pcbbind_setup(struct inpcb *inp, struct sockaddr *nam, in_addr_t *laddrp, u_short *lportp, struct ucred *cred) { - INIT_VNET_INET(inp->inp_vnet); struct socket *so = inp->inp_socket; unsigned short *lastport; struct sockaddr_in *sin; @@ -776,7 +771,6 @@ in_pcbconnect_setup(struct inpcb *inp, struct sockaddr *nam, in_addr_t *laddrp, u_short *lportp, in_addr_t *faddrp, u_short *fportp, struct inpcb **oinpp, struct ucred *cred) { - INIT_VNET_INET(inp->inp_vnet); struct sockaddr_in *sin = (struct sockaddr_in *)nam; struct in_ifaddr *ia; struct inpcb *oinp; @@ -1579,7 +1573,6 @@ ipport_tick(void *xtp) VNET_LIST_RLOCK(); VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); /* XXX appease INVARIANTS here */ - INIT_VNET_INET(vnet_iter); if (V_ipport_tcpallocs <= V_ipport_tcplastcount + V_ipport_randomcps) { if (V_ipport_stoprandom > 0) @@ -1640,7 +1633,6 @@ inp_unlock_assert(struct inpcb *inp) void inp_apply_all(void (*func)(struct inpcb *, void *), void *arg) { - INIT_VNET_INET(curvnet); struct inpcb *inp; INP_INFO_RLOCK(&V_tcbinfo); diff --git a/sys/netinet/in_pcb.h b/sys/netinet/in_pcb.h index f5b713bd6ac6..d8ac3bff0b08 100644 --- a/sys/netinet/in_pcb.h +++ b/sys/netinet/in_pcb.h @@ -41,6 +41,7 @@ #ifdef _KERNEL #include +#include #endif #define in6pcb inpcb /* for KAME src sync over BSD*'s */ @@ -450,21 +451,34 @@ void inp_4tuple_get(struct inpcb *inp, uint32_t *laddr, uint16_t *lp, #define INP_CHECK_SOCKAF(so, af) (INP_SOCKAF(so) == af) #ifdef _KERNEL -#ifdef VIMAGE_GLOBALS -extern int ipport_reservedhigh; -extern int ipport_reservedlow; -extern int ipport_lowfirstauto; -extern int ipport_lowlastauto; -extern int ipport_firstauto; -extern int ipport_lastauto; -extern int ipport_hifirstauto; -extern int ipport_hilastauto; -extern int ipport_randomized; -extern int ipport_randomcps; -extern int ipport_randomtime; -extern int ipport_stoprandom; -extern int ipport_tcpallocs; -#endif +VNET_DECLARE(int, ipport_reservedhigh); +VNET_DECLARE(int, ipport_reservedlow); +VNET_DECLARE(int, ipport_lowfirstauto); +VNET_DECLARE(int, ipport_lowlastauto); +VNET_DECLARE(int, ipport_firstauto); +VNET_DECLARE(int, ipport_lastauto); +VNET_DECLARE(int, ipport_hifirstauto); +VNET_DECLARE(int, ipport_hilastauto); +VNET_DECLARE(int, ipport_randomized); +VNET_DECLARE(int, ipport_randomcps); +VNET_DECLARE(int, ipport_randomtime); +VNET_DECLARE(int, ipport_stoprandom); +VNET_DECLARE(int, ipport_tcpallocs); + +#define V_ipport_reservedhigh VNET_GET(ipport_reservedhigh) +#define V_ipport_reservedlow VNET_GET(ipport_reservedlow) +#define V_ipport_lowfirstauto VNET_GET(ipport_lowfirstauto) +#define V_ipport_lowlastauto VNET_GET(ipport_lowlastauto) +#define V_ipport_firstauto VNET_GET(ipport_firstauto) +#define V_ipport_lastauto VNET_GET(ipport_lastauto) +#define V_ipport_hifirstauto VNET_GET(ipport_hifirstauto) +#define V_ipport_hilastauto VNET_GET(ipport_hilastauto) +#define V_ipport_randomized VNET_GET(ipport_randomized) +#define V_ipport_randomcps VNET_GET(ipport_randomcps) +#define V_ipport_randomtime VNET_GET(ipport_randomtime) +#define V_ipport_stoprandom VNET_GET(ipport_stoprandom) +#define V_ipport_tcpallocs VNET_GET(ipport_tcpallocs) + extern struct callout ipport_tick_callout; void in_pcbpurgeif0(struct inpcbinfo *, struct ifnet *); diff --git a/sys/netinet/in_rmx.c b/sys/netinet/in_rmx.c index feaa2f9a6370..d39187181811 100644 --- a/sys/netinet/in_rmx.c +++ b/sys/netinet/in_rmx.c @@ -59,7 +59,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include extern int in_inithead(void **head, int off); #ifdef VIMAGE @@ -132,22 +131,24 @@ in_matroute(void *v_arg, struct radix_node_head *head) return rn; } -#ifdef VIMAGE_GLOBALS -static int rtq_reallyold; -static int rtq_minreallyold; -static int rtq_toomany; -#endif +static VNET_DEFINE(int, rtq_reallyold); +static VNET_DEFINE(int, rtq_minreallyold); +static VNET_DEFINE(int, rtq_toomany); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_RTEXPIRE, rtexpire, - CTLFLAG_RW, rtq_reallyold, 0, +#define V_rtq_reallyold VNET_GET(rtq_reallyold) +#define V_rtq_minreallyold VNET_GET(rtq_minreallyold) +#define V_rtq_toomany VNET_GET(rtq_toomany) + +SYSCTL_VNET_INT(_net_inet_ip, IPCTL_RTEXPIRE, rtexpire, CTLFLAG_RW, + &VNET_NAME(rtq_reallyold), 0, "Default expiration time on dynamically learned routes"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_RTMINEXPIRE, - rtminexpire, CTLFLAG_RW, rtq_minreallyold, 0, +SYSCTL_VNET_INT(_net_inet_ip, IPCTL_RTMINEXPIRE, rtminexpire, CTLFLAG_RW, + &VNET_NAME(rtq_minreallyold), 0, "Minimum time to attempt to hold onto dynamically learned routes"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_RTMAXCACHE, - rtmaxcache, CTLFLAG_RW, rtq_toomany, 0, +SYSCTL_VNET_INT(_net_inet_ip, IPCTL_RTMAXCACHE, rtmaxcache, CTLFLAG_RW, + &VNET_NAME(rtq_toomany), 0, "Upper limit on dynamically learned routes"); /* @@ -157,7 +158,6 @@ SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_RTMAXCACHE, static void in_clsroute(struct radix_node *rn, struct radix_node_head *head) { - INIT_VNET_INET(curvnet); struct rtentry *rt = (struct rtentry *)rn; RT_LOCK_ASSERT(rt); @@ -200,7 +200,6 @@ struct rtqk_arg { static int in_rtqkill(struct radix_node *rn, void *rock) { - INIT_VNET_INET(curvnet); struct rtqk_arg *ap = rock; struct rtentry *rt = (struct rtentry *)rn; int err; @@ -240,10 +239,11 @@ in_rtqkill(struct radix_node *rn, void *rock) } #define RTQ_TIMEOUT 60*10 /* run no less than once every ten minutes */ -#ifdef VIMAGE_GLOBALS -static int rtq_timeout; -static struct callout rtq_timer; -#endif +static VNET_DEFINE(int, rtq_timeout); +static VNET_DEFINE(struct callout, rtq_timer); + +#define V_rtq_timeout VNET_GET(rtq_timeout) +#define V_rtq_timer VNET_GET(rtq_timer) static void in_rtqtimo_one(void *rock); @@ -251,7 +251,6 @@ static void in_rtqtimo(void *rock) { CURVNET_SET((struct vnet *) rock); - INIT_VNET_INET(curvnet); int fibnum; void *newrock; struct timeval atv; @@ -270,7 +269,6 @@ in_rtqtimo(void *rock) static void in_rtqtimo_one(void *rock) { - INIT_VNET_INET(curvnet); struct radix_node_head *rnh = rock; struct rtqk_arg arg; static time_t last_adjusted_timeout = 0; @@ -348,7 +346,6 @@ static int _in_rt_was_here; int in_inithead(void **head, int off) { - INIT_VNET_INET(curvnet); struct radix_node_head *rnh; /* XXX MRT @@ -386,7 +383,6 @@ in_inithead(void **head, int off) int in_detachhead(void **head, int off) { - INIT_VNET_INET(curvnet); callout_drain(&V_rtq_timer); return (1); diff --git a/sys/netinet/in_var.h b/sys/netinet/in_var.h index d4ba18c6c5ca..9a7cfb56548f 100644 --- a/sys/netinet/in_var.h +++ b/sys/netinet/in_var.h @@ -102,11 +102,14 @@ extern u_char inetctlerrmap[]; */ TAILQ_HEAD(in_ifaddrhead, in_ifaddr); LIST_HEAD(in_ifaddrhashhead, in_ifaddr); -#ifdef VIMAGE_GLOBALS -extern struct in_ifaddrhashhead *in_ifaddrhashtbl; -extern struct in_ifaddrhead in_ifaddrhead; -extern u_long in_ifaddrhmask; /* mask for hash table */ -#endif + +VNET_DECLARE(struct in_ifaddrhashhead *, in_ifaddrhashtbl); +VNET_DECLARE(struct in_ifaddrhead, in_ifaddrhead); +VNET_DECLARE(u_long, in_ifaddrhmask); /* mask for hash table */ + +#define V_in_ifaddrhashtbl VNET_GET(in_ifaddrhashtbl) +#define V_in_ifaddrhead VNET_GET(in_ifaddrhead) +#define V_in_ifaddrhmask VNET_GET(in_ifaddrhmask) #define INADDR_NHASH_LOG2 9 #define INADDR_NHASH (1 << INADDR_NHASH_LOG2) @@ -345,11 +348,6 @@ SYSCTL_DECL(_net_inet_ip); SYSCTL_DECL(_net_inet_raw); #endif -LIST_HEAD(in_multihead, in_multi); /* XXX unused */ -#ifdef VIMAGE_GLOBALS -extern struct in_multihead in_multihead; -#endif - /* * Lock macros for IPv4 layer multicast address lists. IPv4 lock goes * before link layer multicast locks in the lock order. In most cases, diff --git a/sys/netinet/ip_carp.c b/sys/netinet/ip_carp.c index 152f5e6cd422..a4cd95029870 100644 --- a/sys/netinet/ip_carp.c +++ b/sys/netinet/ip_carp.c @@ -74,7 +74,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #endif #ifdef INET6 @@ -83,7 +82,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #endif #include @@ -920,7 +918,6 @@ carp_send_ad_locked(struct carp_softc *sc) ch.carp_cksum = 0; #ifdef INET - INIT_VNET_INET(curvnet); if (sc->sc_ia) { struct ip *ip; @@ -1476,7 +1473,6 @@ carp_multicast6_cleanup(struct carp_softc *sc) static int carp_set_addr(struct carp_softc *sc, struct sockaddr_in *sin) { - INIT_VNET_INET(curvnet); struct ifnet *ifp; struct carp_if *cif; struct in_ifaddr *ia, *ia_if; @@ -1655,7 +1651,6 @@ carp_del_addr(struct carp_softc *sc, struct sockaddr_in *sin) static int carp_set_addr6(struct carp_softc *sc, struct sockaddr_in6 *sin6) { - INIT_VNET_INET6(curvnet); struct ifnet *ifp; struct carp_if *cif; struct in6_ifaddr *ia, *ia_if; diff --git a/sys/netinet/ip_divert.c b/sys/netinet/ip_divert.c index 80b001ab64b4..86ec9fce84c7 100644 --- a/sys/netinet/ip_divert.c +++ b/sys/netinet/ip_divert.c @@ -75,7 +75,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #ifdef SCTP #include #endif @@ -117,10 +116,11 @@ __FBSDID("$FreeBSD$"); */ /* Internal variables. */ -#ifdef VIMAGE_GLOBALS -static struct inpcbhead divcb; -static struct inpcbinfo divcbinfo; -#endif +static VNET_DEFINE(struct inpcbhead, divcb); +static VNET_DEFINE(struct inpcbinfo, divcbinfo); + +#define V_divcb VNET_GET(divcb) +#define V_divcbinfo VNET_GET(divcbinfo) static u_long div_sendspace = DIVSNDQ; /* XXX sysctl ? */ static u_long div_recvspace = DIVRCVQ; /* XXX sysctl ? */ @@ -131,7 +131,6 @@ static u_long div_recvspace = DIVRCVQ; /* XXX sysctl ? */ static void div_zone_change(void *tag) { - INIT_VNET_INET(curvnet); uma_zone_set_max(V_divcbinfo.ipi_zone, maxsockets); } @@ -156,7 +155,6 @@ div_inpcb_fini(void *mem, int size) void div_init(void) { - INIT_VNET_INET(curvnet); INP_INFO_LOCK_INIT(&V_divcbinfo, "div"); LIST_INIT(&V_divcb); @@ -187,7 +185,6 @@ div_init(void) void div_input(struct mbuf *m, int off) { - INIT_VNET_INET(curvnet); IPSTAT_INC(ips_noproto); m_freem(m); @@ -202,7 +199,6 @@ div_input(struct mbuf *m, int off) static void divert_packet(struct mbuf *m, int incoming) { - INIT_VNET_INET(curvnet); struct ip *ip; struct inpcb *inp; struct socket *sa; @@ -330,7 +326,6 @@ static int div_output(struct socket *so, struct mbuf *m, struct sockaddr_in *sin, struct mbuf *control) { - INIT_VNET_INET(curvnet); struct m_tag *mtag; struct divert_tag *dt; int error = 0; @@ -483,7 +478,6 @@ cantsend: static int div_attach(struct socket *so, int proto, struct thread *td) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; int error; @@ -515,7 +509,6 @@ div_attach(struct socket *so, int proto, struct thread *td) static void div_detach(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -530,7 +523,6 @@ div_detach(struct socket *so) static int div_bind(struct socket *so, struct sockaddr *nam, struct thread *td) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; int error; @@ -571,7 +563,6 @@ static int div_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, struct mbuf *control, struct thread *td) { - INIT_VNET_INET(so->so_vnet); /* Packet must have a header (but that's about it) */ if (m->m_len < sizeof (struct ip) && @@ -600,7 +591,6 @@ div_ctlinput(int cmd, struct sockaddr *sa, void *vip) static int div_pcblist(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); int error, i, n; struct inpcb *inp, **inp_list; inp_gen_t gencnt; @@ -725,7 +715,6 @@ struct protosw div_protosw = { static int div_modevent(module_t mod, int type, void *unused) { - INIT_VNET_INET(curvnet); /* XXX move to iattach - revisit!!! */ int err = 0; int n; diff --git a/sys/netinet/ip_fastfwd.c b/sys/netinet/ip_fastfwd.c index 8752916934f1..2207cc46aaae 100644 --- a/sys/netinet/ip_fastfwd.c +++ b/sys/netinet/ip_fastfwd.c @@ -103,20 +103,18 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include -#ifdef VIMAGE_GLOBALS -static int ipfastforward_active; -#endif -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, fastforwarding, - CTLFLAG_RW, ipfastforward_active, 0, "Enable fast IP forwarding"); +static VNET_DEFINE(int, ipfastforward_active); +#define V_ipfastforward_active VNET_GET(ipfastforward_active) + +SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, fastforwarding, CTLFLAG_RW, + &VNET_NAME(ipfastforward_active), 0, "Enable fast IP forwarding"); static struct sockaddr_in * ip_findroute(struct route *ro, struct in_addr dest, struct mbuf *m) { - INIT_VNET_INET(curvnet); struct sockaddr_in *dst; struct rtentry *rt; @@ -160,7 +158,6 @@ ip_findroute(struct route *ro, struct in_addr dest, struct mbuf *m) struct mbuf * ip_fastforward(struct mbuf *m) { - INIT_VNET_INET(curvnet); struct ip *ip; struct mbuf *m0 = NULL; struct route ro; diff --git a/sys/netinet/ip_fw.h b/sys/netinet/ip_fw.h index 9e3468f1671d..609ac4c4a503 100644 --- a/sys/netinet/ip_fw.h +++ b/sys/netinet/ip_fw.h @@ -651,12 +651,14 @@ void ipfw_destroy(void); void ipfw_nat_destroy(void); #endif -#ifdef VIMAGE_GLOBALS -extern int fw_one_pass; -extern int fw_enable; +VNET_DECLARE(int, fw_one_pass); +VNET_DECLARE(int, fw_enable); +#define V_fw_one_pass VNET_GET(fw_one_pass) +#define V_fw_enable VNET_GET(fw_enable) + #ifdef INET6 -extern int fw6_enable; -#endif +VNET_DECLARE(int, fw6_enable); +#define V_fw6_enable VNET_GET(fw6_enable) #endif struct ip_fw_chain { @@ -692,83 +694,8 @@ typedef int ipfw_nat_t(struct ip_fw_args *, struct cfg_nat *, struct mbuf *); typedef int ipfw_nat_cfg_t(struct sockopt *); #endif -struct eventhandler_entry; -/* - * Stack virtualization support. - */ -struct vnet_ipfw { - int _fw_enable; - int _fw6_enable; - u_int32_t _set_disable; - int _fw_deny_unknown_exthdrs; - int _fw_verbose; - int _verbose_limit; - int _autoinc_step; - ipfw_dyn_rule ** _ipfw_dyn_v; - uma_zone_t _ipfw_dyn_rule_zone; - struct ip_fw_chain _layer3_chain; - u_int32_t _dyn_buckets; - u_int32_t _curr_dyn_buckets; - u_int32_t _dyn_ack_lifetime; - u_int32_t _dyn_syn_lifetime; - u_int32_t _dyn_fin_lifetime; - u_int32_t _dyn_rst_lifetime; - u_int32_t _dyn_udp_lifetime; - u_int32_t _dyn_short_lifetime; - u_int32_t _dyn_keepalive_interval; - u_int32_t _dyn_keepalive_period; - u_int32_t _dyn_keepalive; - u_int32_t _static_count; - u_int32_t _static_len; - u_int32_t _dyn_count; - u_int32_t _dyn_max; - u_int64_t _norule_counter; - struct callout _ipfw_timeout; - struct eventhandler_entry *_ifaddr_event_tag; -}; - -#ifndef VIMAGE -#ifndef VIMAGE_GLOBALS -extern struct vnet_ipfw vnet_ipfw_0; -#endif -#endif - -/* - * Symbol translation macros - */ -#define INIT_VNET_IPFW(vnet) \ - INIT_FROM_VNET(vnet, VNET_MOD_IPFW, struct vnet_ipfw, vnet_ipfw) - -#define VNET_IPFW(sym) VSYM(vnet_ipfw, sym) - -#define V_fw_enable VNET_IPFW(fw_enable) -#define V_fw6_enable VNET_IPFW(fw6_enable) -#define V_set_disable VNET_IPFW(set_disable) -#define V_fw_deny_unknown_exthdrs VNET_IPFW(fw_deny_unknown_exthdrs) -#define V_fw_verbose VNET_IPFW(fw_verbose) -#define V_verbose_limit VNET_IPFW(verbose_limit) -#define V_autoinc_step VNET_IPFW(autoinc_step) -#define V_ipfw_dyn_v VNET_IPFW(ipfw_dyn_v) -#define V_ipfw_dyn_rule_zone VNET_IPFW(ipfw_dyn_rule_zone) -#define V_layer3_chain VNET_IPFW(layer3_chain) -#define V_dyn_buckets VNET_IPFW(dyn_buckets) -#define V_curr_dyn_buckets VNET_IPFW(curr_dyn_buckets) -#define V_dyn_ack_lifetime VNET_IPFW(dyn_ack_lifetime) -#define V_dyn_syn_lifetime VNET_IPFW(dyn_syn_lifetime) -#define V_dyn_fin_lifetime VNET_IPFW(dyn_fin_lifetime) -#define V_dyn_rst_lifetime VNET_IPFW(dyn_rst_lifetime) -#define V_dyn_udp_lifetime VNET_IPFW(dyn_udp_lifetime) -#define V_dyn_short_lifetime VNET_IPFW(dyn_short_lifetime) -#define V_dyn_keepalive_interval VNET_IPFW(dyn_keepalive_interval) -#define V_dyn_keepalive_period VNET_IPFW(dyn_keepalive_period) -#define V_dyn_keepalive VNET_IPFW(dyn_keepalive) -#define V_static_count VNET_IPFW(static_count) -#define V_static_len VNET_IPFW(static_len) -#define V_dyn_count VNET_IPFW(dyn_count) -#define V_dyn_max VNET_IPFW(dyn_max) -#define V_norule_counter VNET_IPFW(norule_counter) -#define V_ipfw_timeout VNET_IPFW(ipfw_timeout) -#define V_ifaddr_event_tag VNET_IPFW(ifaddr_event_tag) +VNET_DECLARE(struct ip_fw_chain, layer3_chain); +#define V_layer3_chain VNET_GET(layer3_chain) #endif /* _KERNEL */ #endif /* _IPFW2_H */ diff --git a/sys/netinet/ip_icmp.c b/sys/netinet/ip_icmp.c index f3ef17524470..475f297e1f43 100644 --- a/sys/netinet/ip_icmp.c +++ b/sys/netinet/ip_icmp.c @@ -47,6 +47,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include @@ -60,7 +61,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #ifdef IPSEC #include @@ -77,61 +77,75 @@ __FBSDID("$FreeBSD$"); * host table maintenance routines. */ -#ifdef VIMAGE_GLOBALS -struct icmpstat icmpstat; -static int icmpmaskrepl; -static u_int icmpmaskfake; -static int drop_redirect; -static int log_redirect; -static int icmplim; -static int icmplim_output; -static char reply_src[IFNAMSIZ]; -static int icmp_rfi; -static int icmp_quotelen; -static int icmpbmcastecho; -#endif +VNET_DEFINE(struct icmpstat, icmpstat); +static VNET_DEFINE(int, icmpmaskrepl); +static VNET_DEFINE(u_int, icmpmaskfake); +static VNET_DEFINE(int, drop_redirect); +static VNET_DEFINE(int, log_redirect); +static VNET_DEFINE(int, icmplim); +static VNET_DEFINE(int, icmplim_output); +static VNET_DEFINE(char, reply_src[IFNAMSIZ]); +static VNET_DEFINE(int, icmp_rfi); +static VNET_DEFINE(int, icmp_quotelen); +static VNET_DEFINE(int, icmpbmcastecho); -SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_icmp, ICMPCTL_STATS, stats, - CTLFLAG_RW, icmpstat, icmpstat, ""); +#define V_icmpmaskrepl VNET_GET(icmpmaskrepl) +#define V_icmpmaskfake VNET_GET(icmpmaskfake) +#define V_drop_redirect VNET_GET(drop_redirect) +#define V_log_redirect VNET_GET(log_redirect) +#define V_icmplim VNET_GET(icmplim) +#define V_icmplim_output VNET_GET(icmplim_output) +#define V_reply_src VNET_GET(reply_src) +#define V_icmp_rfi VNET_GET(icmp_rfi) +#define V_icmp_quotelen VNET_GET(icmp_quotelen) +#define V_icmpbmcastecho VNET_GET(icmpbmcastecho) -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, ICMPCTL_MASKREPL, maskrepl, - CTLFLAG_RW, icmpmaskrepl, 0, +SYSCTL_VNET_STRUCT(_net_inet_icmp, ICMPCTL_STATS, stats, CTLFLAG_RW, + &VNET_NAME(icmpstat), icmpstat, ""); + +SYSCTL_VNET_INT(_net_inet_icmp, ICMPCTL_MASKREPL, maskrepl, CTLFLAG_RW, + &VNET_NAME(icmpmaskrepl), 0, "Reply to ICMP Address Mask Request packets."); -SYSCTL_V_UINT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, maskfake, CTLFLAG_RW, - icmpmaskfake, 0, "Fake reply to ICMP Address Mask Request packets."); +SYSCTL_VNET_UINT(_net_inet_icmp, OID_AUTO, maskfake, CTLFLAG_RW, + &VNET_NAME(icmpmaskfake), 0, + "Fake reply to ICMP Address Mask Request packets."); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, drop_redirect, - CTLFLAG_RW, drop_redirect, 0, "Ignore ICMP redirects"); +SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, drop_redirect, CTLFLAG_RW, + &VNET_NAME(drop_redirect), 0, + "Ignore ICMP redirects"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, log_redirect, - CTLFLAG_RW, log_redirect, 0, "Log ICMP redirects to the console"); +SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, log_redirect, CTLFLAG_RW, + &VNET_NAME(log_redirect), 0, + "Log ICMP redirects to the console"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, ICMPCTL_ICMPLIM, icmplim, - CTLFLAG_RW, icmplim, 0, "Maximum number of ICMP responses per second"); +SYSCTL_VNET_INT(_net_inet_icmp, ICMPCTL_ICMPLIM, icmplim, CTLFLAG_RW, + &VNET_NAME(icmplim), 0, + "Maximum number of ICMP responses per second"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, icmplim_output, - CTLFLAG_RW, icmplim_output, 0, +SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, icmplim_output, CTLFLAG_RW, + &VNET_NAME(icmplim_output), 0, "Enable rate limiting of ICMP responses"); -SYSCTL_V_STRING(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, reply_src, - CTLFLAG_RW, reply_src, IFNAMSIZ, +SYSCTL_VNET_STRING(_net_inet_icmp, OID_AUTO, reply_src, CTLFLAG_RW, + &VNET_NAME(reply_src), IFNAMSIZ, "icmp reply source for non-local packets."); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, reply_from_interface, - CTLFLAG_RW, icmp_rfi, 0, "ICMP reply from incoming interface for " - "non-local packets"); +SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, reply_from_interface, CTLFLAG_RW, + &VNET_NAME(icmp_rfi), 0, + "ICMP reply from incoming interface for non-local packets"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, quotelen, CTLFLAG_RW, - icmp_quotelen, 0, "Number of bytes from original packet to " - "quote in ICMP reply"); +SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, quotelen, CTLFLAG_RW, + &VNET_NAME(icmp_quotelen), 0, + "Number of bytes from original packet to quote in ICMP reply"); /* * ICMP broadcast echo sysctl */ -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, bmcastecho, - CTLFLAG_RW, icmpbmcastecho, 0, ""); +SYSCTL_VNET_INT(_net_inet_icmp, OID_AUTO, bmcastecho, CTLFLAG_RW, + &VNET_NAME(icmpbmcastecho), 0, + ""); #ifdef ICMPPRINTFS @@ -146,7 +160,6 @@ extern struct protosw inetsw[]; void icmp_init(void) { - INIT_VNET_INET(curvnet); V_icmpmaskrepl = 0; V_icmpmaskfake = 0; @@ -166,7 +179,6 @@ icmp_init(void) void icmp_error(struct mbuf *n, int type, int code, uint32_t dest, int mtu) { - INIT_VNET_INET(curvnet); register struct ip *oip = mtod(n, struct ip *), *nip; register unsigned oiphlen = oip->ip_hl << 2; register struct icmp *icp; @@ -315,7 +327,6 @@ freeit: void icmp_input(struct mbuf *m, int off) { - INIT_VNET_INET(curvnet); struct icmp *icp; struct in_ifaddr *ia; struct ip *ip = mtod(m, struct ip *); @@ -649,7 +660,6 @@ freeit: static void icmp_reflect(struct mbuf *m) { - INIT_VNET_INET(curvnet); struct ip *ip = mtod(m, struct ip *); struct ifaddr *ifa; struct ifnet *ifp; @@ -941,7 +951,6 @@ ip_next_mtu(int mtu, int dir) int badport_bandlim(int which) { - INIT_VNET_INET(curvnet); #define N(a) (sizeof (a) / sizeof (a[0])) static struct rate { diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index 73ee28635197..11ab3c7355a1 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -71,10 +71,10 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include -#include #ifdef DEV_CARP #include #endif @@ -90,58 +90,69 @@ __FBSDID("$FreeBSD$"); CTASSERT(sizeof(struct ip) == 20); #endif -#ifndef VIMAGE -#ifndef VIMAGE_GLOBALS -struct vnet_inet vnet_inet_0; -#endif -#endif +static VNET_DEFINE(int, ipsendredirects) = 1; /* XXX */ +static VNET_DEFINE(int, ip_checkinterface); +static VNET_DEFINE(int, ip_keepfaith); +static VNET_DEFINE(int, ip_sendsourcequench); -#ifdef VIMAGE_GLOBALS -static int ipsendredirects; -static int ip_checkinterface; -static int ip_keepfaith; -static int ip_sendsourcequench; -int ip_defttl; -int ip_do_randomid; -int ipforwarding; -struct in_ifaddrhead in_ifaddrhead; /* first inet address */ -struct in_ifaddrhashhead *in_ifaddrhashtbl; /* inet addr hash table */ -u_long in_ifaddrhmask; /* mask for hash table */ -struct ipstat ipstat; -static int ip_rsvp_on; -struct socket *ip_rsvpd; -int rsvp_on; -static struct ipqhead ipq[IPREASS_NHASH]; -static int maxnipq; /* Administrative limit on # reass queues. */ -static int maxfragsperpacket; -int ipstealth; -static int nipq; /* Total # of reass queues */ -#endif +#define V_ipsendredirects VNET_GET(ipsendredirects) +#define V_ip_checkinterface VNET_GET(ip_checkinterface) +#define V_ip_keepfaith VNET_GET(ip_keepfaith) +#define V_ip_sendsourcequench VNET_GET(ip_sendsourcequench) + +VNET_DEFINE(int, ip_defttl) = IPDEFTTL; +VNET_DEFINE(int, ip_do_randomid); +VNET_DEFINE(int, ipforwarding); + +VNET_DEFINE(struct in_ifaddrhead, in_ifaddrhead); /* first inet address */ +VNET_DEFINE(struct in_ifaddrhashhead *, in_ifaddrhashtbl); /* inet addr hash table */ +VNET_DEFINE(u_long, in_ifaddrhmask); /* mask for hash table */ +VNET_DEFINE(struct ipstat, ipstat); + +static VNET_DEFINE(int, ip_rsvp_on); +VNET_DEFINE(struct socket *, ip_rsvpd); +VNET_DEFINE(int, rsvp_on); + +#define V_ip_rsvp_on VNET_GET(ip_rsvp_on) + +static VNET_DEFINE(TAILQ_HEAD(ipqhead, ipq), ipq[IPREASS_NHASH]); +static VNET_DEFINE(int, maxnipq); /* Administrative limit on # reass queues. */ +static VNET_DEFINE(int, maxfragsperpacket); +static VNET_DEFINE(int, nipq); /* Total # of reass queues */ + +#define V_ipq VNET_GET(ipq) +#define V_maxnipq VNET_GET(maxnipq) +#define V_maxfragsperpacket VNET_GET(maxfragsperpacket) +#define V_nipq VNET_GET(nipq) + +VNET_DEFINE(int, ipstealth); struct rwlock in_ifaddr_lock; RW_SYSINIT(in_ifaddr_lock, &in_ifaddr_lock, "in_ifaddr_lock"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_FORWARDING, - forwarding, CTLFLAG_RW, ipforwarding, 0, +SYSCTL_VNET_INT(_net_inet_ip, IPCTL_FORWARDING, forwarding, CTLFLAG_RW, + &VNET_NAME(ipforwarding), 0, "Enable IP forwarding between interfaces"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_SENDREDIRECTS, - redirect, CTLFLAG_RW, ipsendredirects, 0, +SYSCTL_VNET_INT(_net_inet_ip, IPCTL_SENDREDIRECTS, redirect, CTLFLAG_RW, + &VNET_NAME(ipsendredirects), 0, "Enable sending IP redirects"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_DEFTTL, - ttl, CTLFLAG_RW, ip_defttl, 0, "Maximum TTL on IP packets"); +SYSCTL_VNET_INT(_net_inet_ip, IPCTL_DEFTTL, ttl, CTLFLAG_RW, + &VNET_NAME(ip_defttl), 0, + "Maximum TTL on IP packets"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_KEEPFAITH, - keepfaith, CTLFLAG_RW, ip_keepfaith, 0, +SYSCTL_VNET_INT(_net_inet_ip, IPCTL_KEEPFAITH, keepfaith, CTLFLAG_RW, + &VNET_NAME(ip_keepfaith), 0, "Enable packet capture for FAITH IPv4->IPv6 translater daemon"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, - sendsourcequench, CTLFLAG_RW, ip_sendsourcequench, 0, +SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, sendsourcequench, CTLFLAG_RW, + &VNET_NAME(ip_sendsourcequench), 0, "Enable the transmission of source quench packets"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, random_id, - CTLFLAG_RW, ip_do_randomid, 0, "Assign random ip_id values"); +SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, random_id, CTLFLAG_RW, + &VNET_NAME(ip_do_randomid), 0, + "Assign random ip_id values"); /* * XXX - Setting ip_checkinterface mostly implements the receive side of @@ -156,8 +167,8 @@ SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, random_id, * to the loopback interface instead of the interface where the * packets for those addresses are received. */ -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, - check_interface, CTLFLAG_RW, ip_checkinterface, 0, +SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, check_interface, CTLFLAG_RW, + &VNET_NAME(ip_checkinterface), 0, "Verify packet arrives on correct interface"); struct pfil_head inet_pfil_hook; /* Packet filter hooks */ @@ -173,13 +184,13 @@ extern struct domain inetdomain; extern struct protosw inetsw[]; u_char ip_protox[IPPROTO_MAX]; +SYSCTL_VNET_STRUCT(_net_inet_ip, IPCTL_STATS, stats, CTLFLAG_RW, + &VNET_NAME(ipstat), ipstat, + "IP statistics (struct ipstat, netinet/ip_var.h)"); -SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_ip, IPCTL_STATS, stats, CTLFLAG_RW, - ipstat, ipstat, "IP statistics (struct ipstat, netinet/ip_var.h)"); +static VNET_DEFINE(uma_zone_t, ipq_zone); +#define V_ipq_zone VNET_GET(ipq_zone) -#ifdef VIMAGE_GLOBALS -static uma_zone_t ipq_zone; -#endif static struct mtx ipqlock; #define IPQ_LOCK() mtx_lock(&ipqlock) @@ -190,12 +201,12 @@ static struct mtx ipqlock; static void maxnipq_update(void); static void ipq_zone_change(void *); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, fragpackets, - CTLFLAG_RD, nipq, 0, +SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, fragpackets, CTLFLAG_RD, + &VNET_NAME(nipq), 0, "Current number of IPv4 fragment reassembly queue entries"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, maxfragsperpacket, - CTLFLAG_RW, maxfragsperpacket, 0, +SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, maxfragsperpacket, CTLFLAG_RW, + &VNET_NAME(maxfragsperpacket), 0, "Maximum number of IPv4 fragments allowed per packet"); struct callout ipport_tick_callout; @@ -206,32 +217,32 @@ SYSCTL_INT(_net_inet_ip, IPCTL_DEFMTU, mtu, CTLFLAG_RW, #endif #ifdef IPSTEALTH -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW, - ipstealth, 0, "IP stealth mode, no TTL decrementation on forwarding"); +SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW, + &VNET_NAME(ipstealth), 0, + "IP stealth mode, no TTL decrementation on forwarding"); #endif + #ifdef FLOWTABLE -#ifdef VIMAGE_GLOBALS -static int ip_output_flowtable_size; -struct flowtable *ip_ft; -#endif -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, output_flowtable_size, - CTLFLAG_RDTUN, ip_output_flowtable_size, 2048, +static VNET_DEFINE(int, ip_output_flowtable_size) = 2048; +VNET_DEFINE(struct flowtable *, ip_ft); +#define V_ip_output_flowtable_size VNET_GET(ip_output_flowtable_size) + +SYSCTL_VNET_INT(_net_inet_ip, OID_AUTO, output_flowtable_size, CTLFLAG_RDTUN, + &VNET_NAME(ip_output_flowtable_size), 2048, "number of entries in the per-cpu output flow caches"); #endif -#ifdef VIMAGE_GLOBALS -int fw_one_pass; -#endif +VNET_DEFINE(int, fw_one_pass) = 1; static void ip_freef(struct ipqhead *, struct ipq *); -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE +/* XXX only has to stay for .vmi_dependson elsewhere. */ static void vnet_inet_register(void); static const vnet_modinfo_t vnet_inet_modinfo = { .vmi_id = VNET_MOD_INET, .vmi_name = "inet", - .vmi_size = sizeof(struct vnet_inet) }; static void vnet_inet_register() @@ -288,43 +299,10 @@ SYSCTL_PROC(_net_inet_ip, IPCTL_INTRQDROPS, intr_queue_drops, void ip_init(void) { - INIT_VNET_INET(curvnet); struct protosw *pr; int i; - V_ipsendredirects = 1; /* XXX */ - V_ip_checkinterface = 0; - V_ip_keepfaith = 0; - V_ip_sendsourcequench = 0; - V_rsvp_on = 0; - V_ip_defttl = IPDEFTTL; - V_ip_do_randomid = 0; V_ip_id = time_second & 0xffff; - V_ipforwarding = 0; - V_ipstealth = 0; - V_nipq = 0; /* Total # of reass queues */ - - V_ipport_lowfirstauto = IPPORT_RESERVED - 1; /* 1023 */ - V_ipport_lowlastauto = IPPORT_RESERVEDSTART; /* 600 */ - V_ipport_firstauto = IPPORT_EPHEMERALFIRST; /* 10000 */ - V_ipport_lastauto = IPPORT_EPHEMERALLAST; /* 65535 */ - V_ipport_hifirstauto = IPPORT_HIFIRSTAUTO; /* 49152 */ - V_ipport_hilastauto = IPPORT_HILASTAUTO; /* 65535 */ - V_ipport_reservedhigh = IPPORT_RESERVED - 1; /* 1023 */ - V_ipport_reservedlow = 0; - V_ipport_randomized = 1; /* user controlled via sysctl */ - V_ipport_randomcps = 10; /* user controlled via sysctl */ - V_ipport_randomtime = 45; /* user controlled via sysctl */ - V_ipport_stoprandom = 0; /* toggled by ipport_tick */ - - V_fw_one_pass = 1; - -#ifdef NOTYET - /* XXX global static but not instantiated in this file */ - V_ipfastforward_active = 0; - V_subnetsarelocal = 0; - V_sameprefixcarponly = 0; -#endif TAILQ_INIT(&V_in_ifaddrhead); V_in_ifaddrhashtbl = hashinit(INADDR_NHASH, M_IFADDR, &V_in_ifaddrhmask); @@ -339,7 +317,6 @@ ip_init(void) maxnipq_update(); #ifdef FLOWTABLE - V_ip_output_flowtable_size = 2048; TUNABLE_INT_FETCH("net.inet.ip.output_flowtable_size", &V_ip_output_flowtable_size); V_ip_ft = flowtable_alloc(V_ip_output_flowtable_size, FL_PCPU); @@ -403,7 +380,6 @@ ip_fini(void *xtp) void ip_input(struct mbuf *m) { - INIT_VNET_INET(curvnet); struct ip *ip = NULL; struct in_ifaddr *ia = NULL; struct ifaddr *ifa; @@ -808,7 +784,6 @@ bad: static void maxnipq_update(void) { - INIT_VNET_INET(curvnet); /* * -1 for unlimited allocation. @@ -832,7 +807,6 @@ maxnipq_update(void) static void ipq_zone_change(void *tag) { - INIT_VNET_INET(curvnet); if (V_maxnipq > 0 && V_maxnipq < (nmbclusters / 32)) { V_maxnipq = nmbclusters / 32; @@ -843,7 +817,6 @@ ipq_zone_change(void *tag) static int sysctl_maxnipq(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); int error, i; i = V_maxnipq; @@ -879,7 +852,6 @@ SYSCTL_PROC(_net_inet_ip, OID_AUTO, maxfragpackets, CTLTYPE_INT|CTLFLAG_RW, struct mbuf * ip_reass(struct mbuf *m) { - INIT_VNET_INET(curvnet); struct ip *ip; struct mbuf *p, *q, *nq, *t; struct ipq *fp = NULL; @@ -1195,7 +1167,6 @@ done: static void ip_freef(struct ipqhead *fhp, struct ipq *fp) { - INIT_VNET_INET(curvnet); struct mbuf *q; IPQ_LOCK_ASSERT(); @@ -1226,7 +1197,6 @@ ip_slowtimo(void) VNET_LIST_RLOCK(); VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); - INIT_VNET_INET(vnet_iter); for (i = 0; i < IPREASS_NHASH; i++) { for(fp = TAILQ_FIRST(&V_ipq[i]); fp;) { struct ipq *fpp; @@ -1275,7 +1245,6 @@ ip_drain(void) VNET_LIST_RLOCK(); VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); - INIT_VNET_INET(vnet_iter); for (i = 0; i < IPREASS_NHASH; i++) { while(!TAILQ_EMPTY(&V_ipq[i])) { IPSTAT_ADD(ips_fragdropped, @@ -1403,7 +1372,6 @@ u_char inetctlerrmap[PRC_NCMDS] = { void ip_forward(struct mbuf *m, int srcrt) { - INIT_VNET_INET(curvnet); struct ip *ip = mtod(m, struct ip *); struct in_ifaddr *ia; struct mbuf *mcopy; @@ -1638,7 +1606,6 @@ void ip_savecontrol(struct inpcb *inp, struct mbuf **mp, struct ip *ip, struct mbuf *m) { - INIT_VNET_NET(inp->inp_vnet); if (inp->inp_socket->so_options & (SO_BINTIME | SO_TIMESTAMP)) { struct bintime bt; @@ -1736,7 +1703,6 @@ makedummy: int ip_rsvp_init(struct socket *so) { - INIT_VNET_INET(so->so_vnet); if (so->so_type != SOCK_RAW || so->so_proto->pr_protocol != IPPROTO_RSVP) @@ -1761,7 +1727,6 @@ ip_rsvp_init(struct socket *so) int ip_rsvp_done(void) { - INIT_VNET_INET(curvnet); V_ip_rsvpd = NULL; /* @@ -1778,7 +1743,6 @@ ip_rsvp_done(void) void rsvp_input(struct mbuf *m, int off) /* XXX must fixup manually */ { - INIT_VNET_INET(curvnet); if (rsvp_input_p) { /* call the real one if loaded */ rsvp_input_p(m, off); diff --git a/sys/netinet/ip_ipsec.c b/sys/netinet/ip_ipsec.c index 20baa15dfcc7..da34d770b871 100644 --- a/sys/netinet/ip_ipsec.c +++ b/sys/netinet/ip_ipsec.c @@ -47,6 +47,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include #include #include @@ -56,7 +57,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #ifdef SCTP #include #endif @@ -71,9 +71,19 @@ __FBSDID("$FreeBSD$"); extern struct protosw inetsw[]; -#ifdef VIMAGE_GLOBALS -int ip4_ipsec_filtertunnel; +#ifdef IPSEC +#ifdef IPSEC_FILTERTUNNEL +static VNET_DEFINE(int, ip4_ipsec_filtertunnel) = 1; +#else +static VNET_DEFINE(int, ip4_ipsec_filtertunnel) = 0; #endif +#define V_ip4_ipsec_filtertunnel VNET_GET(ip4_ipsec_filtertunnel) + +SYSCTL_DECL(_net_inet_ipsec); +SYSCTL_VNET_INT(_net_inet_ipsec, OID_AUTO, filtertunnel, + CTLFLAG_RW, &VNET_NAME(ip4_ipsec_filtertunnel), 0, + "If set filter packets from an IPsec tunnel."); +#endif /* IPSEC */ /* * Check if we have to jump over firewall processing for this packet. @@ -84,7 +94,6 @@ int ip_ipsec_filtertunnel(struct mbuf *m) { #if defined(IPSEC) - INIT_VNET_IPSEC(curvnet); /* * Bypass packet filtering for packets from a tunnel. @@ -106,8 +115,6 @@ int ip_ipsec_fwd(struct mbuf *m) { #ifdef IPSEC - INIT_VNET_INET(curvnet); - INIT_VNET_IPSEC(curvnet); struct m_tag *mtag; struct tdb_ident *tdbi; struct secpolicy *sp; @@ -153,9 +160,8 @@ ip_ipsec_fwd(struct mbuf *m) int ip_ipsec_input(struct mbuf *m) { - struct ip *ip = mtod(m, struct ip *); #ifdef IPSEC - INIT_VNET_IPSEC(curvnet); + struct ip *ip = mtod(m, struct ip *); struct m_tag *mtag; struct tdb_ident *tdbi; struct secpolicy *sp; diff --git a/sys/netinet/ip_mroute.c b/sys/netinet/ip_mroute.c index 3c3c014238aa..b8957f42e421 100644 --- a/sys/netinet/ip_mroute.c +++ b/sys/netinet/ip_mroute.c @@ -111,7 +111,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include @@ -379,7 +378,6 @@ mfc_find(struct in_addr *o, struct in_addr *g) static int X_ip_mrouter_set(struct socket *so, struct sockopt *sopt) { - INIT_VNET_INET(curvnet); int error, optval; vifi_t vifi; struct vifctl vifc; @@ -602,7 +600,6 @@ ip_mrouter_reset(void) static void if_detached_event(void *arg __unused, struct ifnet *ifp) { - INIT_VNET_INET(curvnet); vifi_t vifi; int i; @@ -651,7 +648,6 @@ if_detached_event(void *arg __unused, struct ifnet *ifp) static int ip_mrouter_init(struct socket *so, int version) { - INIT_VNET_INET(curvnet); CTR3(KTR_IPMF, "%s: so_type %d, pr_protocol %d", __func__, so->so_type, so->so_proto->pr_protocol); @@ -699,7 +695,6 @@ ip_mrouter_init(struct socket *so, int version) static int X_ip_mrouter_done(void) { - INIT_VNET_INET(curvnet); vifi_t vifi; int i; struct ifnet *ifp; @@ -1220,7 +1215,6 @@ static int X_ip_mforward(struct ip *ip, struct ifnet *ifp, struct mbuf *m, struct ip_moptions *imo) { - INIT_VNET_INET(curvnet); struct mfc *rt; int error; vifi_t vifi; @@ -1475,7 +1469,6 @@ expire_upcalls(void *unused) static int ip_mdq(struct mbuf *m, struct ifnet *ifp, struct mfc *rt, vifi_t xmt_vif) { - INIT_VNET_INET(curvnet); struct ip *ip = mtod(m, struct ip *); vifi_t vifi; int plen = ip->ip_len; @@ -1709,7 +1702,6 @@ X_ip_rsvp_force_done(struct socket *so __unused) static void X_rsvp_input(struct mbuf *m, int off __unused) { - INIT_VNET_INET(curvnet); if (!V_rsvp_on) m_freem(m); @@ -2044,7 +2036,6 @@ bw_meter_prepare_upcall(struct bw_meter *x, struct timeval *nowp) static void bw_upcalls_send(void) { - INIT_VNET_INET(curvnet); struct mbuf *m; int len = bw_upcalls_n * sizeof(bw_upcalls[0]); struct sockaddr_in k_igmpsrc = { sizeof k_igmpsrc, AF_INET }; @@ -2401,7 +2392,6 @@ static int pim_register_send_upcall(struct ip *ip, struct vif *vifp, struct mbuf *mb_copy, struct mfc *rt) { - INIT_VNET_INET(curvnet); struct mbuf *mb_first; int len = ntohs(ip->ip_len); struct igmpmsg *im; @@ -2454,7 +2444,6 @@ static int pim_register_send_rp(struct ip *ip, struct vif *vifp, struct mbuf *mb_copy, struct mfc *rt) { - INIT_VNET_INET(curvnet); struct mbuf *mb_first; struct ip *ip_outer; struct pim_encap_pimhdr *pimhdr; @@ -2795,7 +2784,6 @@ SYSCTL_NODE(_net_inet_ip, OID_AUTO, mfctable, CTLFLAG_RD, sysctl_mfctable, static int ip_mroute_modevent(module_t mod, int type, void *unused) { - INIT_VNET_INET(curvnet); switch (type) { case MOD_LOAD: diff --git a/sys/netinet/ip_options.c b/sys/netinet/ip_options.c index 09a1d6279202..5c4b441f546e 100644 --- a/sys/netinet/ip_options.c +++ b/sys/netinet/ip_options.c @@ -62,7 +62,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include @@ -98,7 +97,6 @@ static void save_rte(struct mbuf *m, u_char *, struct in_addr); int ip_dooptions(struct mbuf *m, int pass) { - INIT_VNET_INET(curvnet); struct ip *ip = mtod(m, struct ip *); u_char *cp; struct in_ifaddr *ia; diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c index 8ed63a524682..220bf234b498 100644 --- a/sys/netinet/ip_output.c +++ b/sys/netinet/ip_output.c @@ -70,7 +70,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #ifdef SCTP #include #include @@ -91,9 +90,7 @@ __FBSDID("$FreeBSD$"); (ntohl(a.s_addr)>>8)&0xFF,\ (ntohl(a.s_addr))&0xFF, y); -#ifdef VIMAGE_GLOBALS -u_short ip_id; -#endif +VNET_DEFINE(u_short, ip_id); #ifdef MBUF_STRESS_TEST int mbuf_frag_size = 0; @@ -120,8 +117,6 @@ int ip_output(struct mbuf *m, struct mbuf *opt, struct route *ro, int flags, struct ip_moptions *imo, struct inpcb *inp) { - INIT_VNET_NET(curvnet); - INIT_VNET_INET(curvnet); struct ip *ip; struct ifnet *ifp = NULL; /* keep compiler happy */ struct mbuf *m0; @@ -689,7 +684,6 @@ int ip_fragment(struct ip *ip, struct mbuf **m_frag, int mtu, u_long if_hwassist_flags, int sw_csum) { - INIT_VNET_INET(curvnet); int error = 0; int hlen = ip->ip_hl << 2; int len = (mtu - hlen) & ~7; /* size of payload in each fragment */ diff --git a/sys/netinet/ip_var.h b/sys/netinet/ip_var.h index c0b02eb1ea19..0db34d28d6b1 100644 --- a/sys/netinet/ip_var.h +++ b/sys/netinet/ip_var.h @@ -129,6 +129,8 @@ struct ipstat { #ifdef _KERNEL +#include + #define IPSTAT_ADD(name, val) V_ipstat.name += (val) #define IPSTAT_SUB(name, val) V_ipstat.name -= (val) #define IPSTAT_INC(name) IPSTAT_ADD(name, 1) @@ -158,19 +160,27 @@ struct inpcb; struct route; struct sockopt; -#ifdef VIMAGE_GLOBALS -extern struct ipstat ipstat; -extern u_short ip_id; /* ip packet ctr, for ids */ -extern int ip_do_randomid; -extern int ip_defttl; /* default IP ttl */ -extern int ipforwarding; /* ip forwarding */ +VNET_DECLARE(struct ipstat, ipstat); +VNET_DECLARE(u_short, ip_id); /* ip packet ctr, for ids */ +VNET_DECLARE(int, ip_defttl); /* default IP ttl */ +VNET_DECLARE(int, ipforwarding); /* ip forwarding */ #ifdef IPSTEALTH -extern int ipstealth; /* stealth forwarding */ +VNET_DECLARE(int, ipstealth); /* stealth forwarding */ #endif -extern int rsvp_on; -extern struct socket *ip_rsvpd; /* reservation protocol daemon */ -extern struct socket *ip_mrouter; /* multicast routing daemon */ -#endif /* VIMAGE_GLOBALS */ +VNET_DECLARE(int, rsvp_on); +VNET_DECLARE(struct socket *, ip_rsvpd); /* reservation protocol daemon*/ +VNET_DECLARE(struct socket *, ip_mrouter); /* multicast routing daemon */ + +#define V_ipstat VNET_GET(ipstat) +#define V_ip_id VNET_GET(ip_id) +#define V_ip_defttl VNET_GET(ip_defttl) +#define V_ipforwarding VNET_GET(ipforwarding) +#ifdef IPSTEALTH +#define V_ipstealth VNET_GET(ipstealth) +#endif +#define V_rsvp_on VNET_GET(rsvp_on) +#define V_ip_rsvpd VNET_GET(ip_rsvpd) +#define V_ip_mrouter VNET_GET(ip_mrouter) extern u_char ip_protox[]; extern int (*legal_vif_num)(int); @@ -231,6 +241,12 @@ extern int (*ip_fw_ctl_ptr)(struct sockopt *); extern int (*ip_dn_ctl_ptr)(struct sockopt *); extern int (*ip_dn_io_ptr)(struct mbuf **m, int dir, struct ip_fw_args *fwa); extern void (*ip_dn_ruledel_ptr)(void *); /* in ip_fw2.c */ + +VNET_DECLARE(int, ip_do_randomid); +#define V_ip_do_randomid VNET_GET(ip_do_randomid) +#define ip_newid() ((V_ip_do_randomid != 0) ? ip_randomid() : \ + htons(V_ip_id++)) + #endif /* _KERNEL */ #endif /* !_NETINET_IP_VAR_H_ */ diff --git a/sys/netinet/ipfw/ip_fw2.c b/sys/netinet/ipfw/ip_fw2.c index cce1a4d44a69..95efc2b9869c 100644 --- a/sys/netinet/ipfw/ip_fw2.c +++ b/sys/netinet/ipfw/ip_fw2.c @@ -88,7 +88,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include @@ -104,12 +103,6 @@ __FBSDID("$FreeBSD$"); #include #endif -#ifndef VIMAGE -#ifndef VIMAGE_GLOBALS -struct vnet_ipfw vnet_ipfw_0; -#endif -#endif - /* * set_disable contains one bit per set value (0..31). * If the bit is set, all rules with the corresponding set @@ -118,12 +111,15 @@ struct vnet_ipfw vnet_ipfw_0; * and CANNOT be disabled. * Rules in set RESVD_SET can only be deleted explicitly. */ -#ifdef VIMAGE_GLOBALS -static u_int32_t set_disable; -static int fw_verbose; -static struct callout ipfw_timeout; -static int verbose_limit; -#endif +static VNET_DEFINE(u_int32_t, set_disable); +static VNET_DEFINE(int, fw_verbose); +static VNET_DEFINE(struct callout, ipfw_timeout); +static VNET_DEFINE(int, verbose_limit); + +#define V_set_disable VNET_GET(set_disable) +#define V_fw_verbose VNET_GET(fw_verbose) +#define V_ipfw_timeout VNET_GET(ipfw_timeout) +#define V_verbose_limit VNET_GET(verbose_limit) #ifdef IPFIREWALL_DEFAULT_TO_ACCEPT static int default_to_accept = 1; @@ -137,9 +133,7 @@ struct ip_fw *ip_fw_default_rule; /* * list of rules for layer 3 */ -#ifdef VIMAGE_GLOBALS -struct ip_fw_chain layer3_chain; -#endif +VNET_DEFINE(struct ip_fw_chain, layer3_chain); MALLOC_DEFINE(M_IPFW, "IpFw/IpAcct", "IpFw/IpAcct chain's"); MALLOC_DEFINE(M_IPFW_TBL, "ipfw_tbl", "IpFw tables"); @@ -156,27 +150,26 @@ struct table_entry { u_int32_t value; }; -#ifdef VIMAGE_GLOBALS -static int autoinc_step; -#endif +static VNET_DEFINE(int, autoinc_step); +#define V_autoinc_step VNET_GET(autoinc_step) extern int ipfw_chg_hook(SYSCTL_HANDLER_ARGS); #ifdef SYSCTL_NODE SYSCTL_NODE(_net_inet_ip, OID_AUTO, fw, CTLFLAG_RW, 0, "Firewall"); -SYSCTL_V_PROC(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, enable, - CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE3, fw_enable, 0, +SYSCTL_VNET_PROC(_net_inet_ip_fw, OID_AUTO, enable, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE3, &VNET_NAME(fw_enable), 0, ipfw_chg_hook, "I", "Enable ipfw"); -SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, autoinc_step, - CTLFLAG_RW, autoinc_step, 0, "Rule number auto-increment step"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_fw, OID_AUTO, one_pass, - CTLFLAG_RW | CTLFLAG_SECURE3, fw_one_pass, 0, +SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUTO, autoinc_step, + CTLFLAG_RW, &VNET_NAME(autoinc_step), 0, "Rule number auto-increment step"); +SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUTO, one_pass, + CTLFLAG_RW | CTLFLAG_SECURE3, &VNET_NAME(fw_one_pass), 0, "Only do a single pass through ipfw when using dummynet(4)"); -SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, verbose, +SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUTO, verbose, CTLFLAG_RW | CTLFLAG_SECURE3, - fw_verbose, 0, "Log matches to ipfw rules"); -SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, verbose_limit, - CTLFLAG_RW, verbose_limit, 0, + &VNET_NAME(fw_verbose), 0, "Log matches to ipfw rules"); +SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUTO, verbose_limit, + CTLFLAG_RW, &VNET_NAME(verbose_limit), 0, "Set upper limit of matches of ipfw rules logged"); SYSCTL_UINT(_net_inet_ip_fw, OID_AUTO, default_rule, CTLFLAG_RD, NULL, IPFW_DEFAULT_RULE, "The default/max possible rule number."); @@ -223,11 +216,13 @@ TUNABLE_INT("net.inet.ip.fw.default_to_accept", &default_to_accept); * obey the 'randomized match', and we do not do multiple * passes through the firewall. XXX check the latter!!! */ -#ifdef VIMAGE_GLOBALS -static ipfw_dyn_rule **ipfw_dyn_v; -static u_int32_t dyn_buckets; -static u_int32_t curr_dyn_buckets; -#endif +static VNET_DEFINE(ipfw_dyn_rule **, ipfw_dyn_v); +static VNET_DEFINE(u_int32_t, dyn_buckets); +static VNET_DEFINE(u_int32_t, curr_dyn_buckets); + +#define V_ipfw_dyn_v VNET_GET(ipfw_dyn_v) +#define V_dyn_buckets VNET_GET(dyn_buckets) +#define V_curr_dyn_buckets VNET_GET(curr_dyn_buckets) static struct mtx ipfw_dyn_mtx; /* mutex guarding dynamic rules */ #define IPFW_DYN_LOCK_INIT() \ @@ -240,13 +235,19 @@ static struct mtx ipfw_dyn_mtx; /* mutex guarding dynamic rules */ /* * Timeouts for various events in handing dynamic rules. */ -#ifdef VIMAGE_GLOBALS -static u_int32_t dyn_ack_lifetime; -static u_int32_t dyn_syn_lifetime; -static u_int32_t dyn_fin_lifetime; -static u_int32_t dyn_rst_lifetime; -static u_int32_t dyn_udp_lifetime; -static u_int32_t dyn_short_lifetime; +static VNET_DEFINE(u_int32_t, dyn_ack_lifetime); +static VNET_DEFINE(u_int32_t, dyn_syn_lifetime); +static VNET_DEFINE(u_int32_t, dyn_fin_lifetime); +static VNET_DEFINE(u_int32_t, dyn_rst_lifetime); +static VNET_DEFINE(u_int32_t, dyn_udp_lifetime); +static VNET_DEFINE(u_int32_t, dyn_short_lifetime); + +#define V_dyn_ack_lifetime VNET_GET(dyn_ack_lifetime) +#define V_dyn_syn_lifetime VNET_GET(dyn_syn_lifetime) +#define V_dyn_fin_lifetime VNET_GET(dyn_fin_lifetime) +#define V_dyn_rst_lifetime VNET_GET(dyn_rst_lifetime) +#define V_dyn_udp_lifetime VNET_GET(dyn_udp_lifetime) +#define V_dyn_short_lifetime VNET_GET(dyn_short_lifetime) /* * Keepalives are sent if dyn_keepalive is set. They are sent every @@ -256,42 +257,57 @@ static u_int32_t dyn_short_lifetime; * than dyn_keepalive_period. */ -static u_int32_t dyn_keepalive_interval; -static u_int32_t dyn_keepalive_period; -static u_int32_t dyn_keepalive; +static VNET_DEFINE(u_int32_t, dyn_keepalive_interval); +static VNET_DEFINE(u_int32_t, dyn_keepalive_period); +static VNET_DEFINE(u_int32_t, dyn_keepalive); -static u_int32_t static_count; /* # of static rules */ -static u_int32_t static_len; /* size in bytes of static rules */ -static u_int32_t dyn_count; /* # of dynamic rules */ -static u_int32_t dyn_max; /* max # of dynamic rules */ -#endif /* VIMAGE_GLOBALS */ +#define V_dyn_keepalive_interval VNET_GET(dyn_keepalive_interval) +#define V_dyn_keepalive_period VNET_GET(dyn_keepalive_period) +#define V_dyn_keepalive VNET_GET(dyn_keepalive) + +static VNET_DEFINE(u_int32_t, static_count); /* # of static rules */ +static VNET_DEFINE(u_int32_t, static_len); /* bytes of static rules */ +static VNET_DEFINE(u_int32_t, dyn_count); /* # of dynamic rules */ +static VNET_DEFINE(u_int32_t, dyn_max); /* max # of dynamic rules */ + +#define V_static_count VNET_GET(static_count) +#define V_static_len VNET_GET(static_len) +#define V_dyn_count VNET_GET(dyn_count) +#define V_dyn_max VNET_GET(dyn_max) #ifdef SYSCTL_NODE -SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_buckets, - CTLFLAG_RW, dyn_buckets, 0, "Number of dyn. buckets"); -SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, curr_dyn_buckets, - CTLFLAG_RD, curr_dyn_buckets, 0, "Current Number of dyn. buckets"); -SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_count, - CTLFLAG_RD, dyn_count, 0, "Number of dyn. rules"); -SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_max, - CTLFLAG_RW, dyn_max, 0, "Max number of dyn. rules"); -SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, static_count, - CTLFLAG_RD, static_count, 0, "Number of static rules"); -SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_ack_lifetime, - CTLFLAG_RW, dyn_ack_lifetime, 0, "Lifetime of dyn. rules for acks"); -SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_syn_lifetime, - CTLFLAG_RW, dyn_syn_lifetime, 0, "Lifetime of dyn. rules for syn"); -SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_fin_lifetime, - CTLFLAG_RW, dyn_fin_lifetime, 0, "Lifetime of dyn. rules for fin"); -SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_rst_lifetime, - CTLFLAG_RW, dyn_rst_lifetime, 0, "Lifetime of dyn. rules for rst"); -SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_udp_lifetime, - CTLFLAG_RW, dyn_udp_lifetime, 0, "Lifetime of dyn. rules for UDP"); -SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_short_lifetime, - CTLFLAG_RW, dyn_short_lifetime, 0, +SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUTO, dyn_buckets, + CTLFLAG_RW, &VNET_NAME(dyn_buckets), 0, "Number of dyn. buckets"); +SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUTO, curr_dyn_buckets, + CTLFLAG_RD, &VNET_NAME(curr_dyn_buckets), 0, + "Current Number of dyn. buckets"); +SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUTO, dyn_count, + CTLFLAG_RD, &VNET_NAME(dyn_count), 0, "Number of dyn. rules"); +SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUTO, dyn_max, + CTLFLAG_RW, &VNET_NAME(dyn_max), 0, "Max number of dyn. rules"); +SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUTO, static_count, + CTLFLAG_RD, &VNET_NAME(static_count), 0, "Number of static rules"); +SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUTO, dyn_ack_lifetime, + CTLFLAG_RW, &VNET_NAME(dyn_ack_lifetime), 0, + "Lifetime of dyn. rules for acks"); +SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUTO, dyn_syn_lifetime, + CTLFLAG_RW, &VNET_NAME(dyn_syn_lifetime), 0, + "Lifetime of dyn. rules for syn"); +SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUTO, dyn_fin_lifetime, + CTLFLAG_RW, &VNET_NAME(dyn_fin_lifetime), 0, + "Lifetime of dyn. rules for fin"); +SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUTO, dyn_rst_lifetime, + CTLFLAG_RW, &VNET_NAME(dyn_rst_lifetime), 0, + "Lifetime of dyn. rules for rst"); +SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUTO, dyn_udp_lifetime, + CTLFLAG_RW, &VNET_NAME(dyn_udp_lifetime), 0, + "Lifetime of dyn. rules for UDP"); +SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUTO, dyn_short_lifetime, + CTLFLAG_RW, &VNET_NAME(dyn_short_lifetime), 0, "Lifetime of dyn. rules for other situations"); -SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_keepalive, - CTLFLAG_RW, dyn_keepalive, 0, "Enable keepalives for dyn. rules"); +SYSCTL_VNET_INT(_net_inet_ip_fw, OID_AUTO, dyn_keepalive, + CTLFLAG_RW, &VNET_NAME(dyn_keepalive), 0, + "Enable keepalives for dyn. rules"); #endif /* SYSCTL_NODE */ #ifdef INET6 @@ -306,9 +322,8 @@ static struct sysctl_ctx_list ip6_fw_sysctl_ctx; static struct sysctl_oid *ip6_fw_sysctl_tree; #endif /* INET6 */ -#ifdef VIMAGE_GLOBALS -static int fw_deny_unknown_exthdrs; -#endif +static VNET_DEFINE(int, fw_deny_unknown_exthdrs); +#define V_fw_deny_unknown_exthdrs VNET_GET(fw_deny_unknown_exthdrs) /* * L3HDR maps an ipv4 pointer into a layer3 header pointer of type T @@ -581,7 +596,6 @@ flow6id_match( int curr_flow, ipfw_insn_u32 *cmd ) static int search_ip6_addr_net (struct in6_addr * ip6_addr) { - INIT_VNET_NET(curvnet); struct ifnet *mdc; struct ifaddr *mdc2; struct in6_ifaddr *fdm; @@ -764,9 +778,9 @@ send_reject6(struct ip_fw_args *args, int code, u_int hlen, struct ip6_hdr *ip6) #endif /* INET6 */ -#ifdef VIMAGE_GLOBALS -static u_int64_t norule_counter; /* counter for ipfw_log(NULL...) */ -#endif +/* counter for ipfw_log(NULL...) */ +static VNET_DEFINE(u_int64_t, norule_counter); +#define V_norule_counter VNET_GET(norule_counter) #define SNPARGS(buf, len) buf + len, sizeof(buf) > len ? sizeof(buf) - len : 0 #define SNP(buf) buf, sizeof(buf) @@ -780,7 +794,6 @@ ipfw_log(struct ip_fw *f, u_int hlen, struct ip_fw_args *args, struct mbuf *m, struct ifnet *oif, u_short offset, uint32_t tablearg, struct ip *ip) { - INIT_VNET_IPFW(curvnet); struct ether_header *eh = args->eh; char *action; int limit_reached = 0; @@ -1054,7 +1067,6 @@ ipfw_log(struct ip_fw *f, u_int hlen, struct ip_fw_args *args, static __inline int hash_packet(struct ipfw_flow_id *id) { - INIT_VNET_IPFW(curvnet); u_int32_t i; #ifdef INET6 @@ -1106,7 +1118,6 @@ hash_packet(struct ipfw_flow_id *id) static void remove_dyn_rule(struct ip_fw *rule, ipfw_dyn_rule *keep_me) { - INIT_VNET_IPFW(curvnet); static u_int32_t last_remove = 0; #define FORCE (keep_me == NULL) @@ -1177,7 +1188,6 @@ static ipfw_dyn_rule * lookup_dyn_rule_locked(struct ipfw_flow_id *pkt, int *match_direction, struct tcphdr *tcp) { - INIT_VNET_IPFW(curvnet); /* * stateful ipfw extensions. * Lookup into dynamic session queue @@ -1334,7 +1344,6 @@ lookup_dyn_rule(struct ipfw_flow_id *pkt, int *match_direction, static void realloc_dynamic_table(void) { - INIT_VNET_IPFW(curvnet); IPFW_DYN_LOCK_ASSERT(); /* @@ -1374,7 +1383,6 @@ realloc_dynamic_table(void) static ipfw_dyn_rule * add_dyn_rule(struct ipfw_flow_id *id, u_int8_t dyn_type, struct ip_fw *rule) { - INIT_VNET_IPFW(curvnet); ipfw_dyn_rule *r; int i; @@ -1430,7 +1438,6 @@ add_dyn_rule(struct ipfw_flow_id *id, u_int8_t dyn_type, struct ip_fw *rule) static ipfw_dyn_rule * lookup_dyn_parent(struct ipfw_flow_id *pkt, struct ip_fw *rule) { - INIT_VNET_IPFW(curvnet); ipfw_dyn_rule *q; int i; @@ -1474,7 +1481,6 @@ static int install_state(struct ip_fw *rule, ipfw_insn_limit *cmd, struct ip_fw_args *args, uint32_t tablearg) { - INIT_VNET_IPFW(curvnet); static int last_log; ipfw_dyn_rule *q; struct in_addr da; @@ -1636,7 +1642,6 @@ static struct mbuf * send_pkt(struct mbuf *replyto, struct ipfw_flow_id *id, u_int32_t seq, u_int32_t ack, int flags) { - INIT_VNET_INET(curvnet); struct mbuf *m; struct ip *ip; struct tcphdr *tcp; @@ -2002,7 +2007,6 @@ check_uidgid(ipfw_insn_u32 *insn, int proto, struct ifnet *oif, u_int16_t src_port, struct ucred **uc, int *ugid_lookupp, struct inpcb *inp) { - INIT_VNET_INET(curvnet); struct inpcbinfo *pi; int wildcard; struct inpcb *pcb; @@ -2110,8 +2114,6 @@ check_uidgid(ipfw_insn_u32 *insn, int proto, struct ifnet *oif, int ipfw_chk(struct ip_fw_args *args) { - INIT_VNET_INET(curvnet); - INIT_VNET_IPFW(curvnet); /* * Local variables holding state during the processing of a packet: @@ -3491,7 +3493,6 @@ flush_rule_ptrs(struct ip_fw_chain *chain) static int add_rule(struct ip_fw_chain *chain, struct ip_fw *input_rule) { - INIT_VNET_IPFW(curvnet); struct ip_fw *rule, *f, *prev; int l = RULESIZE(input_rule); @@ -3580,7 +3581,6 @@ static struct ip_fw * remove_rule(struct ip_fw_chain *chain, struct ip_fw *rule, struct ip_fw *prev) { - INIT_VNET_IPFW(curvnet); struct ip_fw *n; int l = RULESIZE(rule); @@ -3793,7 +3793,6 @@ clear_counters(struct ip_fw *rule, int log_only) static int zero_entry(struct ip_fw_chain *chain, u_int32_t arg, int log_only) { - INIT_VNET_IPFW(curvnet); struct ip_fw *rule; char *msg; @@ -4167,7 +4166,6 @@ bad_size: static size_t ipfw_getrules(struct ip_fw_chain *chain, void *buf, size_t space) { - INIT_VNET_IPFW(curvnet); char *bp = buf; char *ep = bp + space; struct ip_fw *rule; @@ -4250,7 +4248,6 @@ static int ipfw_ctl(struct sockopt *sopt) { #define RULE_MAXSIZE (256*sizeof(u_int32_t)) - INIT_VNET_IPFW(curvnet); int error; size_t size; struct ip_fw *buf, *rule; @@ -4521,7 +4518,6 @@ ipfw_ctl(struct sockopt *sopt) static void ipfw_tick(void * __unused unused) { - INIT_VNET_IPFW(curvnet); struct mbuf *m0, *m, *mnext, **mtailp; int i; ipfw_dyn_rule *q; @@ -4576,7 +4572,6 @@ done: int ipfw_init(void) { - INIT_VNET_IPFW(curvnet); struct ip_fw default_rule; int error; @@ -4701,7 +4696,6 @@ ipfw_init(void) void ipfw_destroy(void) { - INIT_VNET_IPFW(curvnet); struct ip_fw *reap; ip_fw_chk_ptr = NULL; diff --git a/sys/netinet/ipfw/ip_fw_nat.c b/sys/netinet/ipfw/ip_fw_nat.c index 6ef30bbdd314..9ba2f5f13962 100644 --- a/sys/netinet/ipfw/ip_fw_nat.c +++ b/sys/netinet/ipfw/ip_fw_nat.c @@ -69,10 +69,8 @@ __FBSDID("$FreeBSD$"); MALLOC_DECLARE(M_IPFW); -#ifdef VIMAGE_GLOBALS -extern struct ip_fw_chain layer3_chain; -static eventhandler_tag ifaddr_event_tag; -#endif +static VNET_DEFINE(eventhandler_tag, ifaddr_event_tag); +#define V_ifaddr_event_tag VNET_GET(ifaddr_event_tag) extern ipfw_nat_t *ipfw_nat_ptr; extern ipfw_nat_cfg_t *ipfw_nat_cfg_ptr; @@ -83,7 +81,6 @@ extern ipfw_nat_cfg_t *ipfw_nat_get_log_ptr; static void ifaddr_change(void *arg __unused, struct ifnet *ifp) { - INIT_VNET_IPFW(curvnet); struct cfg_nat *ptr; struct ifaddr *ifa; @@ -111,7 +108,6 @@ ifaddr_change(void *arg __unused, struct ifnet *ifp) static void flush_nat_ptrs(const int i) { - INIT_VNET_IPFW(curvnet); struct ip_fw *rule; IPFW_WLOCK_ASSERT(&V_layer3_chain); @@ -411,7 +407,6 @@ ipfw_nat(struct ip_fw_args *args, struct cfg_nat *t, struct mbuf *m) static int ipfw_nat_cfg(struct sockopt *sopt) { - INIT_VNET_IPFW(curvnet); struct cfg_nat *ptr, *ser_n; char *buf; @@ -482,7 +477,6 @@ ipfw_nat_cfg(struct sockopt *sopt) static int ipfw_nat_del(struct sockopt *sopt) { - INIT_VNET_IPFW(curvnet); struct cfg_nat *ptr; int i; @@ -505,7 +499,6 @@ ipfw_nat_del(struct sockopt *sopt) static int ipfw_nat_get_cfg(struct sockopt *sopt) { - INIT_VNET_IPFW(curvnet); uint8_t *data; struct cfg_nat *n; struct cfg_redir *r; @@ -560,7 +553,6 @@ nospace: static int ipfw_nat_get_log(struct sockopt *sopt) { - INIT_VNET_IPFW(curvnet); uint8_t *data; struct cfg_nat *ptr; int i, size, cnt, sof; @@ -595,7 +587,6 @@ ipfw_nat_get_log(struct sockopt *sopt) static void ipfw_nat_init(void) { - INIT_VNET_IPFW(curvnet); IPFW_WLOCK(&V_layer3_chain); /* init ipfw hooks */ @@ -612,7 +603,6 @@ ipfw_nat_init(void) static void ipfw_nat_destroy(void) { - INIT_VNET_IPFW(curvnet); struct ip_fw *rule; struct cfg_nat *ptr, *ptr_temp; diff --git a/sys/netinet/ipfw/ip_fw_pfil.c b/sys/netinet/ipfw/ip_fw_pfil.c index 5fd6a05e8fb3..a763855d5396 100644 --- a/sys/netinet/ipfw/ip_fw_pfil.c +++ b/sys/netinet/ipfw/ip_fw_pfil.c @@ -62,17 +62,14 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include -#ifdef VIMAGE_GLOBALS -int fw_enable = 1; +VNET_DEFINE(int, fw_enable) = 1; #ifdef INET6 -int fw6_enable = 1; -#endif +VNET_DEFINE(int, fw6_enable) = 1; #endif int ipfw_chg_hook(SYSCTL_HANDLER_ARGS); @@ -92,7 +89,6 @@ int ipfw_check_in(void *arg, struct mbuf **m0, struct ifnet *ifp, int dir, struct inpcb *inp) { - INIT_VNET_INET(curvnet); struct ip_fw_args args; struct ng_ipfw_tag *ng_tag; struct m_tag *dn_tag; @@ -226,7 +222,6 @@ int ipfw_check_out(void *arg, struct mbuf **m0, struct ifnet *ifp, int dir, struct inpcb *inp) { - INIT_VNET_INET(curvnet); struct ip_fw_args args; struct ng_ipfw_tag *ng_tag; struct m_tag *dn_tag; @@ -520,7 +515,6 @@ ipfw6_unhook(void) int ipfw_chg_hook(SYSCTL_HANDLER_ARGS) { - INIT_VNET_IPFW(curvnet); int enable = *(int *)arg1; int error; diff --git a/sys/netinet/raw_ip.c b/sys/netinet/raw_ip.c index 00ec4231988b..c3a0a74dcfb9 100644 --- a/sys/netinet/raw_ip.c +++ b/sys/netinet/raw_ip.c @@ -68,18 +68,17 @@ __FBSDID("$FreeBSD$"); #include #include -#include - #ifdef IPSEC #include #endif /*IPSEC*/ #include -#ifdef VIMAGE_GLOBALS -struct inpcbhead ripcb; -struct inpcbinfo ripcbinfo; -#endif +VNET_DEFINE(struct inpcbhead, ripcb); +VNET_DEFINE(struct inpcbinfo, ripcbinfo); + +#define V_ripcb VNET_GET(ripcb) +#define V_ripcbinfo VNET_GET(ripcbinfo) /* * Control and data hooks for ipfw and dummynet. @@ -99,9 +98,7 @@ int (*ip_dn_io_ptr)(struct mbuf **m, int dir, struct ip_fw_args *fwa) = NULL; /* * The socket used to communicate with the multicast routing daemon. */ -#ifdef VIMAGE_GLOBALS -struct socket *ip_mrouter; -#endif +VNET_DEFINE(struct socket *, ip_mrouter); /* * The various mrouter and rsvp functions. @@ -168,7 +165,6 @@ rip_delhash(struct inpcb *inp) static void rip_zone_change(void *tag) { - INIT_VNET_INET(curvnet); uma_zone_set_max(V_ripcbinfo.ipi_zone, maxsockets); } @@ -185,7 +181,6 @@ rip_inpcb_init(void *mem, int size, int flags) void rip_init(void) { - INIT_VNET_INET(curvnet); INP_INFO_LOCK_INIT(&V_ripcbinfo, "rip"); LIST_INIT(&V_ripcb); @@ -208,7 +203,6 @@ rip_init(void) void rip_destroy(void) { - INIT_VNET_INET(curvnet); hashdestroy(V_ripcbinfo.ipi_hashbase, M_PCB, V_ripcbinfo.ipi_hashmask); @@ -268,7 +262,6 @@ rip_append(struct inpcb *last, struct ip *ip, struct mbuf *n, void rip_input(struct mbuf *m, int off) { - INIT_VNET_INET(curvnet); struct ifnet *ifp; struct ip *ip = mtod(m, struct ip *); int proto = ip->ip_p; @@ -398,7 +391,6 @@ rip_input(struct mbuf *m, int off) int rip_output(struct mbuf *m, struct socket *so, u_long dst) { - INIT_VNET_INET(so->so_vnet); struct ip *ip; int error; struct inpcb *inp = sotoinpcb(so); @@ -670,7 +662,6 @@ rip_ctloutput(struct socket *so, struct sockopt *sopt) void rip_ctlinput(int cmd, struct sockaddr *sa, void *vip) { - INIT_VNET_INET(curvnet); struct in_ifaddr *ia; struct ifnet *ifp; int err; @@ -741,7 +732,6 @@ SYSCTL_ULONG(_net_inet_raw, OID_AUTO, recvspace, CTLFLAG_RW, static int rip_attach(struct socket *so, int proto, struct thread *td) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; int error; @@ -775,7 +765,6 @@ rip_attach(struct socket *so, int proto, struct thread *td) static void rip_detach(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -815,7 +804,6 @@ rip_dodisconnect(struct socket *so, struct inpcb *inp) static void rip_abort(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -831,7 +819,6 @@ rip_abort(struct socket *so) static void rip_close(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -847,7 +834,6 @@ rip_close(struct socket *so) static int rip_disconnect(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; if ((so->so_state & SS_ISCONNECTED) == 0) @@ -867,8 +853,6 @@ rip_disconnect(struct socket *so) static int rip_bind(struct socket *so, struct sockaddr *nam, struct thread *td) { - INIT_VNET_NET(so->so_vnet); - INIT_VNET_INET(so->so_vnet); struct sockaddr_in *addr = (struct sockaddr_in *)nam; struct inpcb *inp; int error; @@ -903,8 +887,6 @@ rip_bind(struct socket *so, struct sockaddr *nam, struct thread *td) static int rip_connect(struct socket *so, struct sockaddr *nam, struct thread *td) { - INIT_VNET_NET(so->so_vnet); - INIT_VNET_INET(so->so_vnet); struct sockaddr_in *addr = (struct sockaddr_in *)nam; struct inpcb *inp; @@ -975,7 +957,6 @@ rip_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, static int rip_pcblist(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); int error, i, n; struct inpcb *inp, **inp_list; inp_gen_t gencnt; diff --git a/sys/netinet/sctp_os_bsd.h b/sys/netinet/sctp_os_bsd.h index db139d8a8f45..46a73bf94cb9 100644 --- a/sys/netinet/sctp_os_bsd.h +++ b/sys/netinet/sctp_os_bsd.h @@ -78,12 +78,10 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #ifdef IPSEC #include #include -#include #endif /* IPSEC */ #ifdef INET6 @@ -98,7 +96,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #endif /* INET6 */ diff --git a/sys/netinet/tcp_hostcache.c b/sys/netinet/tcp_hostcache.c index cdd8c3652183..e7bf0d1ec9cd 100644 --- a/sys/netinet/tcp_hostcache.c +++ b/sys/netinet/tcp_hostcache.c @@ -94,7 +94,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #ifdef INET6 #include #endif @@ -107,10 +106,11 @@ __FBSDID("$FreeBSD$"); #define TCP_HOSTCACHE_EXPIRE 60*60 /* one hour */ #define TCP_HOSTCACHE_PRUNE 5*60 /* every 5 minutes */ -#ifdef VIMAGE_GLOBALS -static struct tcp_hostcache tcp_hostcache; -static struct callout tcp_hc_callout; -#endif +static VNET_DEFINE(struct tcp_hostcache, tcp_hostcache); +static VNET_DEFINE(struct callout, tcp_hc_callout); + +#define V_tcp_hostcache VNET_GET(tcp_hostcache) +#define V_tcp_hc_callout VNET_GET(tcp_hc_callout) static struct hc_metrics *tcp_hc_lookup(struct in_conninfo *); static struct hc_metrics *tcp_hc_insert(struct in_conninfo *); @@ -120,31 +120,32 @@ static void tcp_hc_purge(void *); SYSCTL_NODE(_net_inet_tcp, OID_AUTO, hostcache, CTLFLAG_RW, 0, "TCP Host cache"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, cachelimit, - CTLFLAG_RDTUN, tcp_hostcache.cache_limit, 0, +SYSCTL_VNET_INT(_net_inet_tcp_hostcache, OID_AUTO, cachelimit, CTLFLAG_RDTUN, + &VNET_NAME(tcp_hostcache.cache_limit), 0, "Overall entry limit for hostcache"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, hashsize, - CTLFLAG_RDTUN, tcp_hostcache.hashsize, 0, +SYSCTL_VNET_INT(_net_inet_tcp_hostcache, OID_AUTO, hashsize, CTLFLAG_RDTUN, + &VNET_NAME(tcp_hostcache.hashsize), 0, "Size of TCP hostcache hashtable"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, bucketlimit, - CTLFLAG_RDTUN, tcp_hostcache.bucket_limit, 0, +SYSCTL_VNET_INT(_net_inet_tcp_hostcache, OID_AUTO, bucketlimit, + CTLFLAG_RDTUN, &VNET_NAME(tcp_hostcache.bucket_limit), 0, "Per-bucket hash limit for hostcache"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, count, - CTLFLAG_RD, tcp_hostcache.cache_count, 0, +SYSCTL_VNET_INT(_net_inet_tcp_hostcache, OID_AUTO, count, CTLFLAG_RD, + &VNET_NAME(tcp_hostcache.cache_count), 0, "Current number of entries in hostcache"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, expire, - CTLFLAG_RW, tcp_hostcache.expire, 0, +SYSCTL_VNET_INT(_net_inet_tcp_hostcache, OID_AUTO, expire, CTLFLAG_RW, + &VNET_NAME(tcp_hostcache.expire), 0, "Expire time of TCP hostcache entries"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, prune, - CTLFLAG_RW, tcp_hostcache.prune, 0, "Time between purge runs"); +SYSCTL_VNET_INT(_net_inet_tcp_hostcache, OID_AUTO, prune, CTLFLAG_RW, + &VNET_NAME(tcp_hostcache.prune), 0, + "Time between purge runs"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, purge, - CTLFLAG_RW, tcp_hostcache.purgeall, 0, +SYSCTL_VNET_INT(_net_inet_tcp_hostcache, OID_AUTO, purge, CTLFLAG_RW, + &VNET_NAME(tcp_hostcache.purgeall), 0, "Expire all entires on next purge run"); SYSCTL_PROC(_net_inet_tcp_hostcache, OID_AUTO, list, @@ -172,7 +173,6 @@ static MALLOC_DEFINE(M_HOSTCACHE, "hostcache", "TCP hostcache"); void tcp_hc_init(void) { - INIT_VNET_INET(curvnet); int i; /* @@ -235,7 +235,6 @@ tcp_hc_init(void) void tcp_hc_destroy(void) { - INIT_VNET_INET(curvnet); /* XXX TODO walk the hashtable and free all entries */ @@ -252,7 +251,6 @@ tcp_hc_destroy(void) static struct hc_metrics * tcp_hc_lookup(struct in_conninfo *inc) { - INIT_VNET_INET(curvnet); int hash; struct hc_head *hc_head; struct hc_metrics *hc_entry; @@ -308,7 +306,6 @@ tcp_hc_lookup(struct in_conninfo *inc) static struct hc_metrics * tcp_hc_insert(struct in_conninfo *inc) { - INIT_VNET_INET(curvnet); int hash; struct hc_head *hc_head; struct hc_metrics *hc_entry; @@ -399,7 +396,6 @@ tcp_hc_insert(struct in_conninfo *inc) void tcp_hc_get(struct in_conninfo *inc, struct hc_metrics_lite *hc_metrics_lite) { - INIT_VNET_INET(curvnet); struct hc_metrics *hc_entry; /* @@ -440,7 +436,6 @@ tcp_hc_get(struct in_conninfo *inc, struct hc_metrics_lite *hc_metrics_lite) u_long tcp_hc_getmtu(struct in_conninfo *inc) { - INIT_VNET_INET(curvnet); struct hc_metrics *hc_entry; u_long mtu; @@ -463,7 +458,6 @@ tcp_hc_getmtu(struct in_conninfo *inc) void tcp_hc_updatemtu(struct in_conninfo *inc, u_long mtu) { - INIT_VNET_INET(curvnet); struct hc_metrics *hc_entry; /* @@ -503,7 +497,6 @@ tcp_hc_updatemtu(struct in_conninfo *inc, u_long mtu) void tcp_hc_update(struct in_conninfo *inc, struct hc_metrics_lite *hcml) { - INIT_VNET_INET(curvnet); struct hc_metrics *hc_entry; hc_entry = tcp_hc_lookup(inc); @@ -584,7 +577,6 @@ tcp_hc_update(struct in_conninfo *inc, struct hc_metrics_lite *hcml) static int sysctl_tcp_hc_list(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); int bufsize; int linesize = 128; char *p, *buf; @@ -648,7 +640,6 @@ static void tcp_hc_purge(void *arg) { CURVNET_SET((struct vnet *) arg); - INIT_VNET_INET(curvnet); struct hc_metrics *hc_entry, *hc_next; int all = 0; int i; diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index cad7bbef4c5a..42ed197fe693 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -86,11 +86,6 @@ __FBSDID("$FreeBSD$"); #ifdef TCPDEBUG #include #endif /* TCPDEBUG */ -#include - -#ifdef INET6 -#include -#endif #ifdef IPSEC #include @@ -103,75 +98,82 @@ __FBSDID("$FreeBSD$"); static const int tcprexmtthresh = 3; -#ifdef VIMAGE_GLOBALS -struct tcpstat tcpstat; -int blackhole; -int tcp_delack_enabled; -int drop_synfin; -int tcp_do_rfc3042; -int tcp_do_rfc3390; -int tcp_do_ecn; -int tcp_ecn_maxretries; -int tcp_insecure_rst; -int tcp_do_autorcvbuf; -int tcp_autorcvbuf_inc; -int tcp_autorcvbuf_max; -int tcp_do_rfc3465; -int tcp_abc_l_var; -#endif +VNET_DEFINE(struct tcpstat, tcpstat); +VNET_DEFINE(int, blackhole); +VNET_DEFINE(int, tcp_delack_enabled); +VNET_DEFINE(int, drop_synfin); +VNET_DEFINE(int, tcp_do_rfc3042); +VNET_DEFINE(int, tcp_do_rfc3390); +VNET_DEFINE(int, tcp_do_ecn); +VNET_DEFINE(int, tcp_ecn_maxretries); +VNET_DEFINE(int, tcp_insecure_rst); +VNET_DEFINE(int, tcp_do_autorcvbuf); +VNET_DEFINE(int, tcp_autorcvbuf_inc); +VNET_DEFINE(int, tcp_autorcvbuf_max); +VNET_DEFINE(int, tcp_do_rfc3465); +VNET_DEFINE(int, tcp_abc_l_var); -SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_tcp, TCPCTL_STATS, stats, - CTLFLAG_RW, tcpstat , tcpstat, +SYSCTL_VNET_STRUCT(_net_inet_tcp, TCPCTL_STATS, stats, CTLFLAG_RW, + &VNET_NAME(tcpstat), tcpstat, "TCP statistics (struct tcpstat, netinet/tcp_var.h)"); int tcp_log_in_vain = 0; SYSCTL_INT(_net_inet_tcp, OID_AUTO, log_in_vain, CTLFLAG_RW, - &tcp_log_in_vain, 0, "Log all incoming TCP segments to closed ports"); + &tcp_log_in_vain, 0, + "Log all incoming TCP segments to closed ports"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, blackhole, CTLFLAG_RW, - blackhole, 0, "Do not send RST on segments to closed ports"); +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, blackhole, CTLFLAG_RW, + &VNET_NAME(blackhole), 0, + "Do not send RST on segments to closed ports"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, delayed_ack, - CTLFLAG_RW, tcp_delack_enabled, 0, +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, delayed_ack, CTLFLAG_RW, + &VNET_NAME(tcp_delack_enabled), 0, "Delay ACK to try and piggyback it onto a data packet"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, drop_synfin, - CTLFLAG_RW, drop_synfin, 0, "Drop TCP packets with SYN+FIN set"); +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, drop_synfin, CTLFLAG_RW, + &VNET_NAME(drop_synfin), 0, + "Drop TCP packets with SYN+FIN set"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, rfc3042, CTLFLAG_RW, - tcp_do_rfc3042, 0, "Enable RFC 3042 (Limited Transmit)"); +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, rfc3042, CTLFLAG_RW, + &VNET_NAME(tcp_do_rfc3042), 0, + "Enable RFC 3042 (Limited Transmit)"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, rfc3390, CTLFLAG_RW, - tcp_do_rfc3390, 0, +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, rfc3390, CTLFLAG_RW, + &VNET_NAME(tcp_do_rfc3390), 0, "Enable RFC 3390 (Increasing TCP's Initial Congestion Window)"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, rfc3465, CTLFLAG_RW, - tcp_do_rfc3465, 0, +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, rfc3465, CTLFLAG_RW, + &VNET_NAME(tcp_do_rfc3465), 0, "Enable RFC 3465 (Appropriate Byte Counting)"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, abc_l_var, CTLFLAG_RW, - tcp_abc_l_var, 2, + +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, abc_l_var, CTLFLAG_RW, + &VNET_NAME(tcp_abc_l_var), 2, "Cap the max cwnd increment during slow-start to this number of segments"); SYSCTL_NODE(_net_inet_tcp, OID_AUTO, ecn, CTLFLAG_RW, 0, "TCP ECN"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_ecn, OID_AUTO, enable, - CTLFLAG_RW, tcp_do_ecn, 0, "TCP ECN support"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_ecn, OID_AUTO, maxretries, - CTLFLAG_RW, tcp_ecn_maxretries, 0, "Max retries before giving up on ECN"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, insecure_rst, - CTLFLAG_RW, tcp_insecure_rst, 0, +SYSCTL_VNET_INT(_net_inet_tcp_ecn, OID_AUTO, enable, CTLFLAG_RW, + &VNET_NAME(tcp_do_ecn), 0, + "TCP ECN support"); + +SYSCTL_VNET_INT(_net_inet_tcp_ecn, OID_AUTO, maxretries, CTLFLAG_RW, + &VNET_NAME(tcp_ecn_maxretries), 0, + "Max retries before giving up on ECN"); + +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, insecure_rst, CTLFLAG_RW, + &VNET_NAME(tcp_insecure_rst), 0, "Follow the old (insecure) criteria for accepting RST packets"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, recvbuf_auto, - CTLFLAG_RW, tcp_do_autorcvbuf, 0, +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, recvbuf_auto, CTLFLAG_RW, + &VNET_NAME(tcp_do_autorcvbuf), 0, "Enable automatic receive buffer sizing"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, recvbuf_inc, - CTLFLAG_RW, tcp_autorcvbuf_inc, 0, +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, recvbuf_inc, CTLFLAG_RW, + &VNET_NAME(tcp_autorcvbuf_inc), 0, "Incrementor step size of automatic receive buffer"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, recvbuf_max, - CTLFLAG_RW, tcp_autorcvbuf_max, 0, +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, recvbuf_max, CTLFLAG_RW, + &VNET_NAME(tcp_autorcvbuf_max), 0, "Max size of automatic receive buffer"); int tcp_read_locking = 1; @@ -198,10 +200,8 @@ int tcp_wlock_looped; SYSCTL_INT(_net_inet_tcp, OID_AUTO, wlock_looped, CTLFLAG_RD, &tcp_wlock_looped, 0, ""); -#ifdef VIMAGE_GLOBALS -struct inpcbhead tcb; -struct inpcbinfo tcbinfo; -#endif +VNET_DEFINE(struct inpcbhead, tcb); +VNET_DEFINE(struct inpcbinfo, tcbinfo); #define tcb6 tcb /* for KAME src sync over BSD*'s */ static void tcp_dooptions(struct tcpopt *, u_char *, int, int); @@ -271,7 +271,6 @@ do { \ int tcp6_input(struct mbuf **mp, int *offp, int proto) { - INIT_VNET_INET6(curvnet); struct mbuf *m = *mp; struct in6_ifaddr *ia6; @@ -300,13 +299,6 @@ tcp6_input(struct mbuf **mp, int *offp, int proto) void tcp_input(struct mbuf *m, int off0) { - INIT_VNET_INET(curvnet); -#ifdef INET6 - INIT_VNET_INET6(curvnet); -#endif -#ifdef IPSEC - INIT_VNET_IPSEC(curvnet); -#endif struct tcphdr *th; struct ip *ip = NULL; struct ipovly *ipov; @@ -1083,7 +1075,6 @@ tcp_do_segment(struct mbuf *m, struct tcphdr *th, struct socket *so, struct tcpcb *tp, int drop_hdrlen, int tlen, uint8_t iptos, int ti_locked) { - INIT_VNET_INET(tp->t_vnet); int thflags, acked, ourfinisacked, needoutput = 0; int rstreason, todrop, win; u_long tiwin; @@ -2868,7 +2859,6 @@ drop: static void tcp_dooptions(struct tcpopt *to, u_char *cp, int cnt, int flags) { - INIT_VNET_INET(curvnet); int opt, optlen; to->to_flags = 0; @@ -2996,7 +2986,6 @@ tcp_pulloutofband(struct socket *so, struct tcphdr *th, struct mbuf *m, static void tcp_xmit_timer(struct tcpcb *tp, int rtt) { - INIT_VNET_INET(tp->t_inpcb->inp_vnet); int delta; INP_WLOCK_ASSERT(tp->t_inpcb); @@ -3103,7 +3092,6 @@ void tcp_mss_update(struct tcpcb *tp, int offer, struct hc_metrics_lite *metricptr, int *mtuflags) { - INIT_VNET_INET(tp->t_inpcb->inp_vnet); int mss; u_long maxmtu; struct inpcb *inp = tp->t_inpcb; @@ -3269,7 +3257,6 @@ tcp_mss(struct tcpcb *tp, int offer) int isipv6; #endif KASSERT(tp != NULL, ("%s: tp == NULL", __func__)); - INIT_VNET_INET(tp->t_vnet); tcp_mss_update(tp, offer, &metrics, &mtuflags); @@ -3396,7 +3383,6 @@ tcp_mss(struct tcpcb *tp, int offer) int tcp_mssopt(struct in_conninfo *inc) { - INIT_VNET_INET(curvnet); int mss = 0; u_long maxmtu = 0; u_long thcmtu = 0; diff --git a/sys/netinet/tcp_offload.c b/sys/netinet/tcp_offload.c index 5afd8cdb0249..94cf5706bd88 100644 --- a/sys/netinet/tcp_offload.c +++ b/sys/netinet/tcp_offload.c @@ -51,7 +51,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include uint32_t toedev_registration_count; @@ -109,7 +108,6 @@ fail: void tcp_offload_twstart(struct tcpcb *tp) { - INIT_VNET_INET(curvnet); INP_INFO_WLOCK(&V_tcbinfo); INP_WLOCK(tp->t_inpcb); @@ -120,8 +118,7 @@ tcp_offload_twstart(struct tcpcb *tp) struct tcpcb * tcp_offload_close(struct tcpcb *tp) { - INIT_VNET_INET(curvnet); - + INP_INFO_WLOCK(&V_tcbinfo); INP_WLOCK(tp->t_inpcb); tp = tcp_close(tp); @@ -135,8 +132,7 @@ tcp_offload_close(struct tcpcb *tp) struct tcpcb * tcp_offload_drop(struct tcpcb *tp, int error) { - INIT_VNET_INET(curvnet); - + INP_INFO_WLOCK(&V_tcbinfo); INP_WLOCK(tp->t_inpcb); tp = tcp_drop(tp, error); diff --git a/sys/netinet/tcp_output.c b/sys/netinet/tcp_output.c index 35ba51cadf53..c74107e74a6a 100644 --- a/sys/netinet/tcp_output.c +++ b/sys/netinet/tcp_output.c @@ -74,7 +74,6 @@ __FBSDID("$FreeBSD$"); #ifdef TCPDEBUG #include #endif -#include #ifdef IPSEC #include @@ -88,44 +87,45 @@ __FBSDID("$FreeBSD$"); extern struct mbuf *m_copypack(); #endif -#ifdef VIMAGE_GLOBALS -int path_mtu_discovery; -int ss_fltsz; -int ss_fltsz_local; -int tcp_do_newreno; -int tcp_do_tso; -int tcp_do_autosndbuf; -int tcp_autosndbuf_inc; -int tcp_autosndbuf_max; -#endif +VNET_DEFINE(int, path_mtu_discovery); +VNET_DEFINE(int, ss_fltsz); +VNET_DEFINE(int, ss_fltsz_local); +VNET_DEFINE(int, tcp_do_newreno); +VNET_DEFINE(int, tcp_do_tso); +VNET_DEFINE(int, tcp_do_autosndbuf); +VNET_DEFINE(int, tcp_autosndbuf_inc); +VNET_DEFINE(int, tcp_autosndbuf_max); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, path_mtu_discovery, - CTLFLAG_RW, path_mtu_discovery, 1, "Enable Path MTU Discovery"); +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, path_mtu_discovery, CTLFLAG_RW, + &VNET_NAME(path_mtu_discovery), 1, + "Enable Path MTU Discovery"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, - slowstart_flightsize, CTLFLAG_RW, - ss_fltsz, 1, "Slow start flight size"); +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, slowstart_flightsize, CTLFLAG_RW, + &VNET_NAME(ss_fltsz), 1, + "Slow start flight size"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, - local_slowstart_flightsize, CTLFLAG_RW, - ss_fltsz_local, 1, "Slow start flight size for local networks"); +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, local_slowstart_flightsize, + CTLFLAG_RW, &VNET_NAME(ss_fltsz_local), 1, + "Slow start flight size for local networks"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, newreno, CTLFLAG_RW, - tcp_do_newreno, 0, "Enable NewReno Algorithms"); +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, newreno, CTLFLAG_RW, + &VNET_NAME(tcp_do_newreno), 0, + "Enable NewReno Algorithms"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, tso, CTLFLAG_RW, - tcp_do_tso, 0, "Enable TCP Segmentation Offload"); +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, tso, CTLFLAG_RW, + &VNET_NAME(tcp_do_tso), 0, + "Enable TCP Segmentation Offload"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, sendbuf_auto, - CTLFLAG_RW, - tcp_do_autosndbuf, 0, "Enable automatic send buffer sizing"); +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, sendbuf_auto, CTLFLAG_RW, + &VNET_NAME(tcp_do_autosndbuf), 0, + "Enable automatic send buffer sizing"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, sendbuf_inc, - CTLFLAG_RW, tcp_autosndbuf_inc, 0, +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, sendbuf_inc, CTLFLAG_RW, + &VNET_NAME(tcp_autosndbuf_inc), 0, "Incrementor step size of automatic send buffer"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, sendbuf_max, - CTLFLAG_RW, tcp_autosndbuf_max, 0, +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, sendbuf_max, CTLFLAG_RW, + &VNET_NAME(tcp_autosndbuf_max), 0, "Max size of automatic send buffer"); @@ -135,7 +135,6 @@ SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, sendbuf_max, int tcp_output(struct tcpcb *tp) { - INIT_VNET_INET(tp->t_inpcb->inp_vnet); struct socket *so = tp->t_inpcb->inp_socket; long len, recwin, sendwin; int off, flags, error; @@ -1328,7 +1327,6 @@ tcp_setpersist(struct tcpcb *tp) int tcp_addoptions(struct tcpopt *to, u_char *optp) { - INIT_VNET_INET(curvnet); u_int mask, optlen = 0; for (mask = 1; mask < TOF_MAXOPT; mask <<= 1) { diff --git a/sys/netinet/tcp_reass.c b/sys/netinet/tcp_reass.c index 0849c25161c3..88ef3917be85 100644 --- a/sys/netinet/tcp_reass.c +++ b/sys/netinet/tcp_reass.c @@ -73,52 +73,49 @@ __FBSDID("$FreeBSD$"); #ifdef TCPDEBUG #include #endif /* TCPDEBUG */ -#include -#ifdef VIMAGE_GLOBALS -static int tcp_reass_maxseg; -int tcp_reass_qsize; -static int tcp_reass_maxqlen; -static int tcp_reass_overflows; -#endif +static VNET_DEFINE(int, tcp_reass_maxseg); +VNET_DEFINE(int, tcp_reass_qsize); +static VNET_DEFINE(int, tcp_reass_maxqlen); +static VNET_DEFINE(int, tcp_reass_overflows); + +#define V_tcp_reass_maxseg VNET_GET(tcp_reass_maxseg) +#define V_tcp_reass_maxqlen VNET_GET(tcp_reass_maxqlen) +#define V_tcp_reass_overflows VNET_GET(tcp_reass_overflows) SYSCTL_NODE(_net_inet_tcp, OID_AUTO, reass, CTLFLAG_RW, 0, "TCP Segment Reassembly Queue"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_reass, OID_AUTO, maxsegments, - CTLFLAG_RDTUN, tcp_reass_maxseg, 0, +SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLFLAG_RDTUN, + &VNET_NAME(tcp_reass_maxseg), 0, "Global maximum number of TCP Segments in Reassembly Queue"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_reass, OID_AUTO, cursegments, - CTLFLAG_RD, tcp_reass_qsize, 0, +SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, cursegments, CTLFLAG_RD, + &VNET_NAME(tcp_reass_qsize), 0, "Global number of TCP Segments currently in Reassembly Queue"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_reass, OID_AUTO, maxqlen, - CTLFLAG_RW, tcp_reass_maxqlen, 0, +SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, maxqlen, CTLFLAG_RW, + &VNET_NAME(tcp_reass_maxqlen), 0, "Maximum number of TCP Segments per individual Reassembly Queue"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_reass, OID_AUTO, overflows, - CTLFLAG_RD, tcp_reass_overflows, 0, +SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, overflows, CTLFLAG_RD, + &VNET_NAME(tcp_reass_overflows), 0, "Global number of TCP Segment Reassembly Queue Overflows"); /* Initialize TCP reassembly queue */ static void tcp_reass_zone_change(void *tag) { - INIT_VNET_INET(curvnet); V_tcp_reass_maxseg = nmbclusters / 16; uma_zone_set_max(V_tcp_reass_zone, V_tcp_reass_maxseg); } -#ifdef VIMAGE_GLOBALS -uma_zone_t tcp_reass_zone; -#endif +VNET_DEFINE(uma_zone_t, tcp_reass_zone); void tcp_reass_init(void) { - INIT_VNET_INET(curvnet); V_tcp_reass_maxseg = 0; V_tcp_reass_qsize = 0; @@ -138,7 +135,6 @@ tcp_reass_init(void) int tcp_reass(struct tcpcb *tp, struct tcphdr *th, int *tlenp, struct mbuf *m) { - INIT_VNET_INET(curvnet); struct tseg_qent *q; struct tseg_qent *p = NULL; struct tseg_qent *nq; diff --git a/sys/netinet/tcp_sack.c b/sys/netinet/tcp_sack.c index 2a2ae9cdf452..defc9ebb1ab3 100644 --- a/sys/netinet/tcp_sack.c +++ b/sys/netinet/tcp_sack.c @@ -119,32 +119,35 @@ __FBSDID("$FreeBSD$"); #ifdef TCPDEBUG #include #endif /* TCPDEBUG */ -#include #include -#ifdef VIMAGE_GLOBALS -extern struct uma_zone *sack_hole_zone; -int tcp_do_sack; -int tcp_sack_maxholes; -int tcp_sack_globalmaxholes; -int tcp_sack_globalholes; -#endif +VNET_DECLARE(struct uma_zone *, sack_hole_zone); +VNET_DEFINE(int, tcp_do_sack); +VNET_DEFINE(int, tcp_sack_maxholes); +VNET_DEFINE(int, tcp_sack_globalmaxholes); +VNET_DEFINE(int, tcp_sack_globalholes); + +#define V_sack_hole_zone VNET_GET(sack_hole_zone) +#define V_tcp_do_sack VNET_GET(tcp_do_sack) +#define V_tcp_sack_maxholes VNET_GET(tcp_sack_maxholes) +#define V_tcp_sack_globalmaxholes VNET_GET(tcp_sack_globalmaxholes) +#define V_tcp_sack_globalholes VNET_GET(tcp_sack_globalholes) SYSCTL_NODE(_net_inet_tcp, OID_AUTO, sack, CTLFLAG_RW, 0, "TCP SACK"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_sack, OID_AUTO, enable, - CTLFLAG_RW, tcp_do_sack, 0, "Enable/Disable TCP SACK support"); +SYSCTL_VNET_INT(_net_inet_tcp_sack, OID_AUTO, enable, CTLFLAG_RW, + &VNET_NAME(tcp_do_sack), 0, "Enable/Disable TCP SACK support"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_sack, OID_AUTO, maxholes, - CTLFLAG_RW, tcp_sack_maxholes, 0, +SYSCTL_VNET_INT(_net_inet_tcp_sack, OID_AUTO, maxholes, CTLFLAG_RW, + &VNET_NAME(tcp_sack_maxholes), 0, "Maximum number of TCP SACK holes allowed per connection"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_sack, OID_AUTO, globalmaxholes, - CTLFLAG_RW, tcp_sack_globalmaxholes, 0, +SYSCTL_VNET_INT(_net_inet_tcp_sack, OID_AUTO, globalmaxholes, CTLFLAG_RW, + &VNET_NAME(tcp_sack_globalmaxholes), 0, "Global maximum number of TCP SACK holes"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_sack, OID_AUTO, globalholes, - CTLFLAG_RD, tcp_sack_globalholes, 0, +SYSCTL_VNET_INT(_net_inet_tcp_sack, OID_AUTO, globalholes, CTLFLAG_RD, + &VNET_NAME(tcp_sack_globalholes), 0, "Global number of TCP SACK holes currently allocated"); /* @@ -255,7 +258,6 @@ tcp_clean_sackreport(struct tcpcb *tp) static struct sackhole * tcp_sackhole_alloc(struct tcpcb *tp, tcp_seq start, tcp_seq end) { - INIT_VNET_INET(tp->t_inpcb->inp_vnet); struct sackhole *hole; if (tp->snd_numholes >= V_tcp_sack_maxholes || @@ -284,7 +286,6 @@ tcp_sackhole_alloc(struct tcpcb *tp, tcp_seq start, tcp_seq end) static void tcp_sackhole_free(struct tcpcb *tp, struct sackhole *hole) { - INIT_VNET_INET(tp->t_vnet); uma_zfree(V_sack_hole_zone, hole); diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c index 2b2231309140..7839cfa9503d 100644 --- a/sys/netinet/tcp_subr.c +++ b/sys/netinet/tcp_subr.c @@ -94,9 +94,7 @@ __FBSDID("$FreeBSD$"); #ifdef TCPDEBUG #include #endif -#include #include -#include #ifdef IPSEC #include @@ -113,26 +111,32 @@ __FBSDID("$FreeBSD$"); #include -#ifdef VIMAGE_GLOBALS -int tcp_mssdflt; +VNET_DEFINE(int, tcp_mssdflt); #ifdef INET6 -int tcp_v6mssdflt; -#endif -int tcp_minmss; -int tcp_do_rfc1323; -static int icmp_may_rst; -static int tcp_isn_reseed_interval; -static int tcp_inflight_enable; -static int tcp_inflight_rttthresh; -static int tcp_inflight_min; -static int tcp_inflight_max; -static int tcp_inflight_stab; +VNET_DEFINE(int, tcp_v6mssdflt); #endif +VNET_DEFINE(int, tcp_minmss); +VNET_DEFINE(int, tcp_do_rfc1323); + +static VNET_DEFINE(int, icmp_may_rst); +static VNET_DEFINE(int, tcp_isn_reseed_interval); +static VNET_DEFINE(int, tcp_inflight_enable); +static VNET_DEFINE(int, tcp_inflight_rttthresh); +static VNET_DEFINE(int, tcp_inflight_min); +static VNET_DEFINE(int, tcp_inflight_max); +static VNET_DEFINE(int, tcp_inflight_stab); + +#define V_icmp_may_rst VNET_GET(icmp_may_rst) +#define V_tcp_isn_reseed_interval VNET_GET(tcp_isn_reseed_interval) +#define V_tcp_inflight_enable VNET_GET(tcp_inflight_enable) +#define V_tcp_inflight_rttthresh VNET_GET(tcp_inflight_rttthresh) +#define V_tcp_inflight_min VNET_GET(tcp_inflight_min) +#define V_tcp_inflight_max VNET_GET(tcp_inflight_max) +#define V_tcp_inflight_stab VNET_GET(tcp_inflight_stab) static int sysctl_net_inet_tcp_mss_check(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(TD_TO_VNET(req->td)); int error, new; new = V_tcp_mssdflt; @@ -146,8 +150,8 @@ sysctl_net_inet_tcp_mss_check(SYSCTL_HANDLER_ARGS) return (error); } -SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_tcp, TCPCTL_MSSDFLT, mssdflt, - CTLTYPE_INT|CTLFLAG_RW, tcp_mssdflt, 0, +SYSCTL_VNET_PROC(_net_inet_tcp, TCPCTL_MSSDFLT, mssdflt, + CTLTYPE_INT|CTLFLAG_RW, &VNET_NAME(tcp_mssdflt), 0, &sysctl_net_inet_tcp_mss_check, "I", "Default TCP Maximum Segment Size"); @@ -155,7 +159,6 @@ SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_tcp, TCPCTL_MSSDFLT, mssdflt, static int sysctl_net_inet_tcp_mss_v6_check(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(TD_TO_VNET(req->td)); int error, new; new = V_tcp_v6mssdflt; @@ -169,8 +172,8 @@ sysctl_net_inet_tcp_mss_v6_check(SYSCTL_HANDLER_ARGS) return (error); } -SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_tcp, TCPCTL_V6MSSDFLT, v6mssdflt, - CTLTYPE_INT|CTLFLAG_RW, tcp_v6mssdflt, 0, +SYSCTL_VNET_PROC(_net_inet_tcp, TCPCTL_V6MSSDFLT, v6mssdflt, + CTLTYPE_INT|CTLFLAG_RW, &VNET_NAME(tcp_v6mssdflt), 0, &sysctl_net_inet_tcp_mss_v6_check, "I", "Default TCP Maximum Segment Size for IPv6"); #endif @@ -183,11 +186,12 @@ SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_tcp, TCPCTL_V6MSSDFLT, v6mssdflt, * with packet generation and sending. Set to zero to disable MINMSS * checking. This setting prevents us from sending too small packets. */ -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, minmss, - CTLFLAG_RW, tcp_minmss , 0, "Minmum TCP Maximum Segment Size"); +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, minmss, CTLFLAG_RW, + &VNET_NAME(tcp_minmss), 0, + "Minmum TCP Maximum Segment Size"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, TCPCTL_DO_RFC1323, rfc1323, - CTLFLAG_RW, tcp_do_rfc1323, 0, +SYSCTL_VNET_INT(_net_inet_tcp, TCPCTL_DO_RFC1323, rfc1323, CTLFLAG_RW, + &VNET_NAME(tcp_do_rfc1323), 0, "Enable rfc1323 (high performance TCP) extensions"); static int tcp_log_debug = 0; @@ -202,15 +206,15 @@ static int do_tcpdrain = 1; SYSCTL_INT(_net_inet_tcp, OID_AUTO, do_tcpdrain, CTLFLAG_RW, &do_tcpdrain, 0, "Enable tcp_drain routine for extra help when low on mbufs"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, pcbcount, - CTLFLAG_RD, tcbinfo.ipi_count, 0, "Number of active PCBs"); +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, pcbcount, CTLFLAG_RD, + &VNET_NAME(tcbinfo.ipi_count), 0, "Number of active PCBs"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, icmp_may_rst, - CTLFLAG_RW, icmp_may_rst, 0, +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, icmp_may_rst, CTLFLAG_RW, + &VNET_NAME(icmp_may_rst), 0, "Certain ICMP unreachable messages may abort connections in SYN_SENT"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, isn_reseed_interval, - CTLFLAG_RW, tcp_isn_reseed_interval, 0, +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, isn_reseed_interval, CTLFLAG_RW, + &VNET_NAME(tcp_isn_reseed_interval), 0, "Seconds between reseeding of ISN secret"); /* @@ -221,31 +225,34 @@ SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, isn_reseed_interval, SYSCTL_NODE(_net_inet_tcp, OID_AUTO, inflight, CTLFLAG_RW, 0, "TCP inflight data limiting"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_inflight, OID_AUTO, enable, - CTLFLAG_RW, tcp_inflight_enable, 0, +SYSCTL_VNET_INT(_net_inet_tcp_inflight, OID_AUTO, enable, CTLFLAG_RW, + &VNET_NAME(tcp_inflight_enable), 0, "Enable automatic TCP inflight data limiting"); static int tcp_inflight_debug = 0; SYSCTL_INT(_net_inet_tcp_inflight, OID_AUTO, debug, CTLFLAG_RW, - &tcp_inflight_debug, 0, "Debug TCP inflight calculations"); + &tcp_inflight_debug, 0, + "Debug TCP inflight calculations"); -SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_tcp_inflight, OID_AUTO, rttthresh, - CTLTYPE_INT|CTLFLAG_RW, tcp_inflight_rttthresh, 0, sysctl_msec_to_ticks, - "I", "RTT threshold below which inflight will deactivate itself"); +SYSCTL_VNET_PROC(_net_inet_tcp_inflight, OID_AUTO, rttthresh, + CTLTYPE_INT|CTLFLAG_RW, &VNET_NAME(tcp_inflight_rttthresh), 0, + sysctl_msec_to_ticks, "I", + "RTT threshold below which inflight will deactivate itself"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_inflight, OID_AUTO, min, - CTLFLAG_RW, tcp_inflight_min, 0, "Lower-bound for TCP inflight window"); +SYSCTL_VNET_INT(_net_inet_tcp_inflight, OID_AUTO, min, CTLFLAG_RW, + &VNET_NAME(tcp_inflight_min), 0, + "Lower-bound for TCP inflight window"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_inflight, OID_AUTO, max, - CTLFLAG_RW, tcp_inflight_max, 0, "Upper-bound for TCP inflight window"); +SYSCTL_VNET_INT(_net_inet_tcp_inflight, OID_AUTO, max, CTLFLAG_RW, + &VNET_NAME(tcp_inflight_max), 0, + "Upper-bound for TCP inflight window"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_inflight, OID_AUTO, stab, - CTLFLAG_RW, tcp_inflight_stab, 0, +SYSCTL_VNET_INT(_net_inet_tcp_inflight, OID_AUTO, stab, CTLFLAG_RW, + &VNET_NAME(tcp_inflight_stab), 0, "Inflight Algorithm Stabilization 20 = 2 packets"); -#ifdef VIMAGE_GLOBALS -uma_zone_t sack_hole_zone; -#endif +VNET_DEFINE(uma_zone_t, sack_hole_zone); +#define V_sack_hole_zone VNET_GET(sack_hole_zone) static struct inpcb *tcp_notify(struct inpcb *, int); static void tcp_isn_tick(void *); @@ -271,9 +278,9 @@ struct tcpcb_mem { struct tcp_timer tt; }; -#ifdef VIMAGE_GLOBALS -static uma_zone_t tcpcb_zone; -#endif +static VNET_DEFINE(uma_zone_t, tcpcb_zone); +#define V_tcpcb_zone VNET_GET(tcpcb_zone) + MALLOC_DEFINE(M_TCPLOG, "tcplog", "TCP address and flags print buffers"); struct callout isn_callout; static struct mtx isn_mtx; @@ -288,7 +295,6 @@ static struct mtx isn_mtx; static void tcp_zone_change(void *tag) { - INIT_VNET_INET(curvnet); uma_zone_set_max(V_tcbinfo.ipi_zone, maxsockets); uma_zone_set_max(V_tcpcb_zone, maxsockets); @@ -307,7 +313,6 @@ tcp_inpcb_init(void *mem, int size, int flags) void tcp_init(void) { - INIT_VNET_INET(curvnet); int hashsize; V_blackhole = 0; @@ -431,7 +436,6 @@ tcp_init(void) void tcp_destroy(void) { - INIT_VNET_INET(curvnet); tcp_tw_destroy(); tcp_hc_destroy(); @@ -543,7 +547,6 @@ void tcp_respond(struct tcpcb *tp, void *ipgen, struct tcphdr *th, struct mbuf *m, tcp_seq ack, tcp_seq seq, int flags) { - INIT_VNET_INET(curvnet); int tlen; int win = 0; struct ip *ip; @@ -714,7 +717,6 @@ tcp_respond(struct tcpcb *tp, void *ipgen, struct tcphdr *th, struct mbuf *m, struct tcpcb * tcp_newtcpcb(struct inpcb *inp) { - INIT_VNET_INET(inp->inp_vnet); struct tcpcb_mem *tm; struct tcpcb *tp; #ifdef INET6 @@ -781,7 +783,6 @@ tcp_newtcpcb(struct inpcb *inp) struct tcpcb * tcp_drop(struct tcpcb *tp, int errno) { - INIT_VNET_INET(tp->t_inpcb->inp_vnet); struct socket *so = tp->t_inpcb->inp_socket; INP_INFO_WLOCK_ASSERT(&V_tcbinfo); @@ -802,7 +803,6 @@ tcp_drop(struct tcpcb *tp, int errno) void tcp_discardcb(struct tcpcb *tp) { - INIT_VNET_INET(tp->t_vnet); struct tseg_qent *q; struct inpcb *inp = tp->t_inpcb; struct socket *so = inp->inp_socket; @@ -904,7 +904,6 @@ tcp_discardcb(struct tcpcb *tp) struct tcpcb * tcp_close(struct tcpcb *tp) { - INIT_VNET_INET(tp->t_inpcb->inp_vnet); struct inpcb *inp = tp->t_inpcb; struct socket *so; @@ -944,7 +943,6 @@ tcp_drain(void) VNET_LIST_RLOCK(); VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); - INIT_VNET_INET(vnet_iter); struct inpcb *inpb; struct tcpcb *tcpb; struct tseg_qent *te; @@ -993,9 +991,6 @@ static struct inpcb * tcp_notify(struct inpcb *inp, int error) { struct tcpcb *tp; -#ifdef INVARIANTS - INIT_VNET_INET(inp->inp_vnet); /* V_tcbinfo WLOCK ASSERT */ -#endif INP_INFO_WLOCK_ASSERT(&V_tcbinfo); INP_WLOCK_ASSERT(inp); @@ -1039,7 +1034,6 @@ tcp_notify(struct inpcb *inp, int error) static int tcp_pcblist(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); int error, i, m, n, pcb_count; struct inpcb *inp, **inp_list; inp_gen_t gencnt; @@ -1175,7 +1169,6 @@ SYSCTL_PROC(_net_inet_tcp, TCPCTL_PCBLIST, pcblist, CTLFLAG_RD, 0, 0, static int tcp_getcred(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); struct xucred xuc; struct sockaddr_in addrs[2]; struct inpcb *inp; @@ -1217,8 +1210,6 @@ SYSCTL_PROC(_net_inet_tcp, OID_AUTO, getcred, static int tcp6_getcred(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); - INIT_VNET_INET6(curvnet); struct xucred xuc; struct sockaddr_in6 addrs[2]; struct inpcb *inp; @@ -1281,7 +1272,6 @@ SYSCTL_PROC(_net_inet6_tcp6, OID_AUTO, getcred, void tcp_ctlinput(int cmd, struct sockaddr *sa, void *vip) { - INIT_VNET_INET(curvnet); struct ip *ip = vip; struct tcphdr *th; struct in_addr faddr; @@ -1398,7 +1388,6 @@ tcp_ctlinput(int cmd, struct sockaddr *sa, void *vip) void tcp6_ctlinput(int cmd, struct sockaddr *sa, void *d) { - INIT_VNET_INET(curvnet); struct tcphdr th; struct inpcb *(*notify)(struct inpcb *, int) = tcp_notify; struct ip6_hdr *ip6; @@ -1520,16 +1509,19 @@ tcp6_ctlinput(int cmd, struct sockaddr *sa, void *d) #define ISN_STATIC_INCREMENT 4096 #define ISN_RANDOM_INCREMENT (4096 - 1) -#ifdef VIMAGE_GLOBALS -static u_char isn_secret[32]; -static int isn_last_reseed; -static u_int32_t isn_offset, isn_offset_old; -#endif +static VNET_DEFINE(u_char, isn_secret[32]); +static VNET_DEFINE(int, isn_last_reseed); +static VNET_DEFINE(u_int32_t, isn_offset); +static VNET_DEFINE(u_int32_t, isn_offset_old); + +#define V_isn_secret VNET_GET(isn_secret) +#define V_isn_last_reseed VNET_GET(isn_last_reseed) +#define V_isn_offset VNET_GET(isn_offset) +#define V_isn_offset_old VNET_GET(isn_offset_old) tcp_seq tcp_new_isn(struct tcpcb *tp) { - INIT_VNET_INET(tp->t_vnet); MD5_CTX isn_ctx; u_int32_t md5_buffer[4]; tcp_seq new_isn; @@ -1588,7 +1580,6 @@ tcp_isn_tick(void *xtp) ISN_LOCK(); VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); /* XXX appease INVARIANTS */ - INIT_VNET_INET(curvnet); projected_offset = V_isn_offset_old + ISN_BYTES_PER_SECOND / 100; @@ -1611,9 +1602,6 @@ tcp_isn_tick(void *xtp) struct inpcb * tcp_drop_syn_sent(struct inpcb *inp, int errno) { -#ifdef INVARIANTS - INIT_VNET_INET(inp->inp_vnet); -#endif struct tcpcb *tp; INP_INFO_WLOCK_ASSERT(&V_tcbinfo); @@ -1643,7 +1631,6 @@ tcp_drop_syn_sent(struct inpcb *inp, int errno) struct inpcb * tcp_mtudisc(struct inpcb *inp, int errno) { - INIT_VNET_INET(inp->inp_vnet); struct tcpcb *tp; struct socket *so; @@ -1850,7 +1837,6 @@ ipsec_hdrsiz_tcp(struct tcpcb *tp) void tcp_xmit_bandwidth_limit(struct tcpcb *tp, tcp_seq ack_seq) { - INIT_VNET_INET(tp->t_vnet); u_long bw; u_long bwnd; int save_ticks; @@ -1987,7 +1973,6 @@ int tcp_signature_compute(struct mbuf *m, int _unused, int len, int optlen, u_char *buf, u_int direction) { - INIT_VNET_IPSEC(curvnet); union sockaddr_union dst; struct ippseudo ippseudo; MD5_CTX ctx; @@ -2140,10 +2125,6 @@ tcp_signature_compute(struct mbuf *m, int _unused, int len, int optlen, static int sysctl_drop(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); -#ifdef INET6 - INIT_VNET_INET6(curvnet); -#endif /* addrs[0] is a foreign socket, addrs[1] is a local one. */ struct sockaddr_storage addrs[2]; struct inpcb *inp; diff --git a/sys/netinet/tcp_syncache.c b/sys/netinet/tcp_syncache.c index 440115df3651..9a7ce79b6096 100644 --- a/sys/netinet/tcp_syncache.c +++ b/sys/netinet/tcp_syncache.c @@ -59,6 +59,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include #include #include @@ -84,7 +85,6 @@ __FBSDID("$FreeBSD$"); #ifdef INET6 #include #endif -#include #ifdef IPSEC #include @@ -98,19 +98,21 @@ __FBSDID("$FreeBSD$"); #include -#ifdef VIMAGE_GLOBALS -static struct tcp_syncache tcp_syncache; -static int tcp_syncookies; -static int tcp_syncookiesonly; -int tcp_sc_rst_sock_fail; -#endif +static VNET_DEFINE(struct tcp_syncache, tcp_syncache); +static VNET_DEFINE(int, tcp_syncookies); +static VNET_DEFINE(int, tcp_syncookiesonly); +VNET_DEFINE(int, tcp_sc_rst_sock_fail); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, syncookies, - CTLFLAG_RW, tcp_syncookies, 0, +#define V_tcp_syncache VNET_GET(tcp_syncache) +#define V_tcp_syncookies VNET_GET(tcp_syncookies) +#define V_tcp_syncookiesonly VNET_GET(tcp_syncookiesonly) + +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, syncookies, CTLFLAG_RW, + &VNET_NAME(tcp_syncookies), 0, "Use TCP SYN cookies if the syncache overflows"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, syncookies_only, - CTLFLAG_RW, tcp_syncookiesonly, 0, +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, syncookies_only, CTLFLAG_RW, + &VNET_NAME(tcp_syncookiesonly), 0, "Use only TCP SYN cookies"); #ifdef TCP_OFFLOAD_DISABLE @@ -149,29 +151,29 @@ static struct syncache SYSCTL_NODE(_net_inet_tcp, OID_AUTO, syncache, CTLFLAG_RW, 0, "TCP SYN cache"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO, - bucketlimit, CTLFLAG_RDTUN, - tcp_syncache.bucket_limit, 0, "Per-bucket hash limit for syncache"); +SYSCTL_VNET_INT(_net_inet_tcp_syncache, OID_AUTO, bucketlimit, CTLFLAG_RDTUN, + &VNET_NAME(tcp_syncache.bucket_limit), 0, + "Per-bucket hash limit for syncache"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO, - cachelimit, CTLFLAG_RDTUN, - tcp_syncache.cache_limit, 0, "Overall entry limit for syncache"); +SYSCTL_VNET_INT(_net_inet_tcp_syncache, OID_AUTO, cachelimit, CTLFLAG_RDTUN, + &VNET_NAME(tcp_syncache.cache_limit), 0, + "Overall entry limit for syncache"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO, - count, CTLFLAG_RD, - tcp_syncache.cache_count, 0, "Current number of entries in syncache"); +SYSCTL_VNET_INT(_net_inet_tcp_syncache, OID_AUTO, count, CTLFLAG_RD, + &VNET_NAME(tcp_syncache.cache_count), 0, + "Current number of entries in syncache"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO, - hashsize, CTLFLAG_RDTUN, - tcp_syncache.hashsize, 0, "Size of TCP syncache hashtable"); +SYSCTL_VNET_INT(_net_inet_tcp_syncache, OID_AUTO, hashsize, CTLFLAG_RDTUN, + &VNET_NAME(tcp_syncache.hashsize), 0, + "Size of TCP syncache hashtable"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO, - rexmtlimit, CTLFLAG_RW, - tcp_syncache.rexmt_limit, 0, "Limit on SYN/ACK retransmissions"); +SYSCTL_VNET_INT(_net_inet_tcp_syncache, OID_AUTO, rexmtlimit, CTLFLAG_RW, + &VNET_NAME(tcp_syncache.rexmt_limit), 0, + "Limit on SYN/ACK retransmissions"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO, - rst_on_sock_fail, CTLFLAG_RW, - tcp_sc_rst_sock_fail, 0, "Send reset on socket allocation failure"); +SYSCTL_VNET_INT(_net_inet_tcp_syncache, OID_AUTO, rst_on_sock_fail, + CTLFLAG_RW, &VNET_NAME(tcp_sc_rst_sock_fail), 0, + "Send reset on socket allocation failure"); static MALLOC_DEFINE(M_SYNCACHE, "syncache", "TCP syncache"); @@ -206,7 +208,6 @@ static MALLOC_DEFINE(M_SYNCACHE, "syncache", "TCP syncache"); static void syncache_free(struct syncache *sc) { - INIT_VNET_INET(curvnet); if (sc->sc_ipopts) (void) m_free(sc->sc_ipopts); @@ -222,7 +223,6 @@ syncache_free(struct syncache *sc) void syncache_init(void) { - INIT_VNET_INET(curvnet); int i; V_tcp_syncookies = 1; @@ -279,7 +279,6 @@ syncache_init(void) void syncache_destroy(void) { - INIT_VNET_INET(curvnet); /* XXX walk the cache, free remaining objects, stop timers */ @@ -295,7 +294,6 @@ syncache_destroy(void) static void syncache_insert(struct syncache *sc, struct syncache_head *sch) { - INIT_VNET_INET(sch->sch_vnet); struct syncache *sc2; SCH_LOCK(sch); @@ -334,7 +332,6 @@ syncache_insert(struct syncache *sc, struct syncache_head *sch) static void syncache_drop(struct syncache *sc, struct syncache_head *sch) { - INIT_VNET_INET(sch->sch_vnet); SCH_LOCK_ASSERT(sch); @@ -380,7 +377,6 @@ syncache_timer(void *xsch) char *s; CURVNET_SET(sch->sch_vnet); - INIT_VNET_INET(sch->sch_vnet); /* NB: syncache_head has already been locked by the callout. */ SCH_LOCK_ASSERT(sch); @@ -440,7 +436,6 @@ syncache_timer(void *xsch) struct syncache * syncache_lookup(struct in_conninfo *inc, struct syncache_head **schp) { - INIT_VNET_INET(curvnet); struct syncache *sc; struct syncache_head *sch; @@ -488,7 +483,6 @@ syncache_lookup(struct in_conninfo *inc, struct syncache_head **schp) void syncache_chkrst(struct in_conninfo *inc, struct tcphdr *th) { - INIT_VNET_INET(curvnet); struct syncache *sc; struct syncache_head *sch; char *s = NULL; @@ -563,7 +557,6 @@ done: void syncache_badack(struct in_conninfo *inc) { - INIT_VNET_INET(curvnet); struct syncache *sc; struct syncache_head *sch; @@ -579,7 +572,6 @@ syncache_badack(struct in_conninfo *inc) void syncache_unreach(struct in_conninfo *inc, struct tcphdr *th) { - INIT_VNET_INET(curvnet); struct syncache *sc; struct syncache_head *sch; @@ -616,7 +608,6 @@ done: static struct socket * syncache_socket(struct syncache *sc, struct socket *lso, struct mbuf *m) { - INIT_VNET_INET(lso->so_vnet); struct inpcb *inp = NULL; struct socket *so; struct tcpcb *tp; @@ -827,7 +818,6 @@ int syncache_expand(struct in_conninfo *inc, struct tcpopt *to, struct tcphdr *th, struct socket **lsop, struct mbuf *m) { - INIT_VNET_INET(curvnet); struct syncache *sc; struct syncache_head *sch; struct syncache scs; @@ -946,7 +936,6 @@ int tcp_offload_syncache_expand(struct in_conninfo *inc, struct toeopt *toeo, struct tcphdr *th, struct socket **lsop, struct mbuf *m) { - INIT_VNET_INET(curvnet); struct tcpopt to; int rc; @@ -980,7 +969,6 @@ _syncache_add(struct in_conninfo *inc, struct tcpopt *to, struct tcphdr *th, struct inpcb *inp, struct socket **lsop, struct mbuf *m, struct toe_usrreqs *tu, void *toepcb) { - INIT_VNET_INET(inp->inp_vnet); struct tcpcb *tp; struct socket *so; struct syncache *sc = NULL; @@ -1277,7 +1265,6 @@ done: static int syncache_respond(struct syncache *sc) { - INIT_VNET_INET(curvnet); struct ip *ip = NULL; struct mbuf *m; struct tcphdr *th; @@ -1447,7 +1434,6 @@ tcp_offload_syncache_add(struct in_conninfo *inc, struct toeopt *toeo, struct tcphdr *th, struct inpcb *inp, struct socket **lsop, struct toe_usrreqs *tu, void *toepcb) { - INIT_VNET_INET(curvnet); struct tcpopt to; bzero(&to, sizeof(struct tcpopt)); @@ -1543,7 +1529,6 @@ static void syncookie_generate(struct syncache_head *sch, struct syncache *sc, u_int32_t *flowlabel) { - INIT_VNET_INET(curvnet); MD5_CTX ctx; u_int32_t md5_buffer[MD5_DIGEST_LENGTH / sizeof(u_int32_t)]; u_int32_t data; @@ -1618,7 +1603,6 @@ syncookie_lookup(struct in_conninfo *inc, struct syncache_head *sch, struct syncache *sc, struct tcpopt *to, struct tcphdr *th, struct socket *so) { - INIT_VNET_INET(curvnet); MD5_CTX ctx; u_int32_t md5_buffer[MD5_DIGEST_LENGTH / sizeof(u_int32_t)]; u_int32_t data = 0; @@ -1726,7 +1710,6 @@ syncookie_lookup(struct in_conninfo *inc, struct syncache_head *sch, int syncache_pcbcount(void) { - INIT_VNET_INET(curvnet); struct syncache_head *sch; int count, i; @@ -1750,7 +1733,6 @@ syncache_pcbcount(void) int syncache_pcblist(struct sysctl_req *req, int max_pcbs, int *pcbs_exported) { - INIT_VNET_INET(curvnet); struct xtcpcb xt; struct syncache *sc; struct syncache_head *sch; diff --git a/sys/netinet/tcp_timer.c b/sys/netinet/tcp_timer.c index ec4d68837294..7006b70d6740 100644 --- a/sys/netinet/tcp_timer.c +++ b/sys/netinet/tcp_timer.c @@ -65,7 +65,6 @@ __FBSDID("$FreeBSD$"); #ifdef TCPDEBUG #include #endif -#include int tcp_keepinit; SYSCTL_PROC(_net_inet_tcp, TCPCTL_KEEPINIT, keepinit, CTLTYPE_INT|CTLFLAG_RW, @@ -131,7 +130,6 @@ tcp_slowtimo(void) VNET_LIST_RLOCK(); VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); - INIT_VNET_INET(vnet_iter); tcp_maxidle = tcp_keepcnt * tcp_keepintvl; INP_INFO_WLOCK(&V_tcbinfo); (void) tcp_tw_2msl_scan(0); @@ -163,7 +161,6 @@ tcp_timer_delack(void *xtp) struct tcpcb *tp = xtp; struct inpcb *inp; CURVNET_SET(tp->t_vnet); - INIT_VNET_INET(tp->t_vnet); INP_INFO_RLOCK(&V_tcbinfo); inp = tp->t_inpcb; @@ -203,7 +200,6 @@ tcp_timer_2msl(void *xtp) struct tcpcb *tp = xtp; struct inpcb *inp; CURVNET_SET(tp->t_vnet); - INIT_VNET_INET(tp->t_vnet); #ifdef TCPDEBUG int ostate; @@ -279,7 +275,6 @@ tcp_timer_keep(void *xtp) struct tcptemp *t_template; struct inpcb *inp; CURVNET_SET(tp->t_vnet); - INIT_VNET_INET(tp->t_vnet); #ifdef TCPDEBUG int ostate; @@ -375,7 +370,6 @@ tcp_timer_persist(void *xtp) struct tcpcb *tp = xtp; struct inpcb *inp; CURVNET_SET(tp->t_vnet); - INIT_VNET_INET(tp->t_vnet); #ifdef TCPDEBUG int ostate; @@ -445,7 +439,6 @@ tcp_timer_rexmt(void * xtp) { struct tcpcb *tp = xtp; CURVNET_SET(tp->t_vnet); - INIT_VNET_INET(tp->t_vnet); int rexmt; int headlocked; struct inpcb *inp; diff --git a/sys/netinet/tcp_timewait.c b/sys/netinet/tcp_timewait.c index 32108c74af3e..1ac14ec69843 100644 --- a/sys/netinet/tcp_timewait.c +++ b/sys/netinet/tcp_timewait.c @@ -87,7 +87,6 @@ __FBSDID("$FreeBSD$"); #include #endif #include -#include #include @@ -101,11 +100,12 @@ static int maxtcptw; * queue pointers in each tcptw structure, are protected using the global * tcbinfo lock, which must be held over queue iteration and modification. */ -#ifdef VIMAGE_GLOBALS -static uma_zone_t tcptw_zone; -static TAILQ_HEAD(, tcptw) twq_2msl; -int nolocaltimewait; -#endif +static VNET_DEFINE(uma_zone_t, tcptw_zone); +static VNET_DEFINE(TAILQ_HEAD(, tcptw), twq_2msl); +VNET_DEFINE(int, nolocaltimewait); + +#define V_tcptw_zone VNET_GET(tcptw_zone) +#define V_twq_2msl VNET_GET(twq_2msl) static void tcp_tw_2msl_reset(struct tcptw *, int); static void tcp_tw_2msl_stop(struct tcptw *); @@ -113,7 +113,6 @@ static void tcp_tw_2msl_stop(struct tcptw *); static int tcptw_auto_size(void) { - INIT_VNET_INET(curvnet); int halfrange; /* @@ -131,7 +130,6 @@ tcptw_auto_size(void) static int sysctl_maxtcptw(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); int error, new; if (maxtcptw == 0) @@ -151,14 +149,13 @@ SYSCTL_PROC(_net_inet_tcp, OID_AUTO, maxtcptw, CTLTYPE_INT|CTLFLAG_RW, &maxtcptw, 0, sysctl_maxtcptw, "IU", "Maximum number of compressed TCP TIME_WAIT entries"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, nolocaltimewait, - CTLFLAG_RW, nolocaltimewait, 0, +SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, nolocaltimewait, CTLFLAG_RW, + &VNET_NAME(nolocaltimewait), 0, "Do not create compressed TCP TIME_WAIT entries for local connections"); void tcp_tw_zone_change(void) { - INIT_VNET_INET(curvnet); if (maxtcptw == 0) uma_zone_set_max(V_tcptw_zone, tcptw_auto_size()); @@ -167,7 +164,6 @@ tcp_tw_zone_change(void) void tcp_tw_init(void) { - INIT_VNET_INET(curvnet); V_tcptw_zone = uma_zcreate("tcptw", sizeof(struct tcptw), NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE); @@ -183,7 +179,6 @@ tcp_tw_init(void) void tcp_tw_destroy(void) { - INIT_VNET_INET(curvnet); struct tcptw *tw; INP_INFO_WLOCK(&V_tcbinfo); @@ -201,7 +196,6 @@ tcp_tw_destroy(void) void tcp_twstart(struct tcpcb *tp) { - INIT_VNET_INET(tp->t_vnet); struct tcptw *tw; struct inpcb *inp = tp->t_inpcb; int acknow; @@ -317,7 +311,6 @@ tcp_twstart(struct tcpcb *tp) int tcp_twrecycleable(struct tcptw *tw) { - INIT_VNET_INET(curvnet); tcp_seq new_iss = tw->iss; tcp_seq new_irs = tw->irs; @@ -340,9 +333,6 @@ int tcp_twcheck(struct inpcb *inp, struct tcpopt *to, struct tcphdr *th, struct mbuf *m, int tlen) { -#if defined(INVARIANTS) || defined(INVARIANT_SUPPORT) - INIT_VNET_INET(curvnet); -#endif struct tcptw *tw; int thflags; tcp_seq seq; @@ -434,7 +424,6 @@ drop: void tcp_twclose(struct tcptw *tw, int reuse) { - INIT_VNET_INET(curvnet); struct socket *so; struct inpcb *inp; @@ -496,7 +485,6 @@ tcp_twclose(struct tcptw *tw, int reuse) int tcp_twrespond(struct tcptw *tw, int flags) { - INIT_VNET_INET(curvnet); struct inpcb *inp = tw->tw_inpcb; struct tcphdr *th; struct mbuf *m; @@ -590,7 +578,6 @@ tcp_twrespond(struct tcptw *tw, int flags) static void tcp_tw_2msl_reset(struct tcptw *tw, int rearm) { - INIT_VNET_INET(curvnet); INP_INFO_WLOCK_ASSERT(&V_tcbinfo); INP_WLOCK_ASSERT(tw->tw_inpcb); @@ -603,7 +590,6 @@ tcp_tw_2msl_reset(struct tcptw *tw, int rearm) static void tcp_tw_2msl_stop(struct tcptw *tw) { - INIT_VNET_INET(curvnet); INP_INFO_WLOCK_ASSERT(&V_tcbinfo); TAILQ_REMOVE(&V_twq_2msl, tw, tw_2msl); @@ -612,7 +598,6 @@ tcp_tw_2msl_stop(struct tcptw *tw) struct tcptw * tcp_tw_2msl_scan(int reuse) { - INIT_VNET_INET(curvnet); struct tcptw *tw; INP_INFO_WLOCK_ASSERT(&V_tcbinfo); diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c index 5fc283734633..dfd05dcff486 100644 --- a/sys/netinet/tcp_usrreq.c +++ b/sys/netinet/tcp_usrreq.c @@ -87,7 +87,6 @@ __FBSDID("$FreeBSD$"); #include #endif #include -#include /* * TCP protocol interface to socket abstraction. @@ -157,9 +156,6 @@ static void tcp_detach(struct socket *so, struct inpcb *inp) { struct tcpcb *tp; -#ifdef INVARIANTS - INIT_VNET_INET(so->so_vnet); -#endif INP_INFO_WLOCK_ASSERT(&V_tcbinfo); INP_WLOCK_ASSERT(inp); @@ -221,7 +217,6 @@ tcp_detach(struct socket *so, struct inpcb *inp) static void tcp_usr_detach(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -240,7 +235,6 @@ tcp_usr_detach(struct socket *so) static int tcp_usr_bind(struct socket *so, struct sockaddr *nam, struct thread *td) { - INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp; struct tcpcb *tp = NULL; @@ -281,7 +275,6 @@ out: static int tcp6_usr_bind(struct socket *so, struct sockaddr *nam, struct thread *td) { - INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp; struct tcpcb *tp = NULL; @@ -340,7 +333,6 @@ out: static int tcp_usr_listen(struct socket *so, int backlog, struct thread *td) { - INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp; struct tcpcb *tp = NULL; @@ -378,7 +370,6 @@ out: static int tcp6_usr_listen(struct socket *so, int backlog, struct thread *td) { - INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp; struct tcpcb *tp = NULL; @@ -426,7 +417,6 @@ out: static int tcp_usr_connect(struct socket *so, struct sockaddr *nam, struct thread *td) { - INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp; struct tcpcb *tp = NULL; @@ -469,7 +459,6 @@ out: static int tcp6_usr_connect(struct socket *so, struct sockaddr *nam, struct thread *td) { - INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp; struct tcpcb *tp = NULL; @@ -547,7 +536,6 @@ out: static int tcp_usr_disconnect(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; struct tcpcb *tp = NULL; int error = 0; @@ -579,7 +567,6 @@ out: static int tcp_usr_accept(struct socket *so, struct sockaddr **nam) { - INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp = NULL; struct tcpcb *tp = NULL; @@ -677,7 +664,6 @@ out: static int tcp_usr_shutdown(struct socket *so) { - INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp; struct tcpcb *tp = NULL; @@ -745,7 +731,6 @@ static int tcp_usr_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, struct mbuf *control, struct thread *td) { - INIT_VNET_INET(so->so_vnet); int error = 0; struct inpcb *inp; struct tcpcb *tp = NULL; @@ -901,7 +886,6 @@ out: static void tcp_usr_abort(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; struct tcpcb *tp = NULL; TCPDEBUG0; @@ -940,7 +924,6 @@ tcp_usr_abort(struct socket *so) static void tcp_usr_close(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; struct tcpcb *tp = NULL; TCPDEBUG0; @@ -1079,7 +1062,6 @@ tcp_connect(struct tcpcb *tp, struct sockaddr *nam, struct thread *td) { struct inpcb *inp = tp->t_inpcb, *oinp; struct socket *so = inp->inp_socket; - INIT_VNET_INET(so->so_vnet); struct in_addr laddr; u_short lport; int error; @@ -1135,7 +1117,6 @@ tcp6_connect(struct tcpcb *tp, struct sockaddr *nam, struct thread *td) { struct inpcb *inp = tp->t_inpcb, *oinp; struct socket *so = inp->inp_socket; - INIT_VNET_INET(so->so_vnet); struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; struct in6_addr addr6; int error; @@ -1257,7 +1238,6 @@ tcp_fill_info(struct tcpcb *tp, struct tcp_info *ti) int tcp_ctloutput(struct socket *so, struct sockopt *sopt) { - INIT_VNET_INET(so->so_vnet); int error, opt, optval; struct inpcb *inp; struct tcpcb *tp; @@ -1445,7 +1425,6 @@ SYSCTL_ULONG(_net_inet_tcp, TCPCTL_RECVSPACE, recvspace, CTLFLAG_RW, static int tcp_attach(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct tcpcb *tp; struct inpcb *inp; int error; @@ -1498,9 +1477,6 @@ tcp_disconnect(struct tcpcb *tp) { struct inpcb *inp = tp->t_inpcb; struct socket *so = inp->inp_socket; -#ifdef INVARIANTS - INIT_VNET_INET(so->so_vnet); -#endif INP_INFO_WLOCK_ASSERT(&V_tcbinfo); INP_WLOCK_ASSERT(inp); @@ -1539,9 +1515,6 @@ tcp_disconnect(struct tcpcb *tp) static void tcp_usrclosed(struct tcpcb *tp) { -#ifdef INVARIANTS - INIT_VNET_INET(tp->t_inpcb->inp_vnet); -#endif INP_INFO_WLOCK_ASSERT(&V_tcbinfo); INP_WLOCK_ASSERT(tp->t_inpcb); diff --git a/sys/netinet/tcp_var.h b/sys/netinet/tcp_var.h index e8022204e83e..8c175f8a5573 100644 --- a/sys/netinet/tcp_var.h +++ b/sys/netinet/tcp_var.h @@ -35,14 +35,20 @@ #include -struct vnet; +#ifdef _KERNEL +#include /* * Kernel variables for tcp. */ -#ifdef VIMAGE_GLOBALS -extern int tcp_do_rfc1323; -#endif +VNET_DECLARE(int, tcp_do_rfc1323); +VNET_DECLARE(int, tcp_reass_qsize); +VNET_DECLARE(struct uma_zone *, tcp_reass_zone); +#define V_tcp_do_rfc1323 VNET_GET(tcp_do_rfc1323) +#define V_tcp_reass_qsize VNET_GET(tcp_reass_qsize) +#define V_tcp_reass_zone VNET_GET(tcp_reass_zone) + +#endif /* _KERNEL */ /* TCP segment queue entry */ struct tseg_qent { @@ -52,10 +58,6 @@ struct tseg_qent { struct mbuf *tqe_m; /* mbuf contains packet */ }; LIST_HEAD(tsegqe_head, tseg_qent); -#ifdef VIMAGE_GLOBALS -extern int tcp_reass_qsize; -#endif -extern struct uma_zone *tcp_reass_zone; struct sackblk { tcp_seq start; /* start seq no. of sack block */ @@ -538,44 +540,79 @@ MALLOC_DECLARE(M_TCPLOG); extern int tcp_log_in_vain; -#ifdef VIMAGE_GLOBALS -extern struct inpcbhead tcb; /* head of queue of active tcpcb's */ -extern struct inpcbinfo tcbinfo; -extern struct tcpstat tcpstat; /* tcp statistics */ -extern int tcp_mssdflt; /* XXX */ -extern int tcp_minmss; -extern int tcp_delack_enabled; -extern int tcp_do_newreno; -extern int path_mtu_discovery; -extern int ss_fltsz; -extern int ss_fltsz_local; +VNET_DECLARE(struct inpcbhead, tcb); /* queue of active tcpcb's */ +VNET_DECLARE(struct inpcbinfo, tcbinfo); +VNET_DECLARE(struct tcpstat, tcpstat); /* tcp statistics */ +VNET_DECLARE(int, tcp_mssdflt); /* XXX */ +VNET_DECLARE(int, tcp_minmss); +VNET_DECLARE(int, tcp_delack_enabled); +VNET_DECLARE(int, tcp_do_newreno); +VNET_DECLARE(int, path_mtu_discovery); +VNET_DECLARE(int, ss_fltsz); +VNET_DECLARE(int, ss_fltsz_local); -extern int blackhole; -extern int drop_synfin; -extern int tcp_do_rfc3042; -extern int tcp_do_rfc3390; -extern int tcp_insecure_rst; -extern int tcp_do_autorcvbuf; -extern int tcp_autorcvbuf_inc; -extern int tcp_autorcvbuf_max; -extern int tcp_do_rfc3465; -extern int tcp_abc_l_var; +#define V_tcb VNET_GET(tcb) +#define V_tcbinfo VNET_GET(tcbinfo) +#define V_tcpstat VNET_GET(tcpstat) +#define V_tcp_mssdflt VNET_GET(tcp_mssdflt) +#define V_tcp_minmss VNET_GET(tcp_minmss) +#define V_tcp_delack_enabled VNET_GET(tcp_delack_enabled) +#define V_tcp_do_newreno VNET_GET(tcp_do_newreno) +#define V_path_mtu_discovery VNET_GET(path_mtu_discovery) +#define V_ss_fltsz VNET_GET(ss_fltsz) +#define V_ss_fltsz_local VNET_GET(ss_fltsz_local) -extern int tcp_do_tso; -extern int tcp_do_autosndbuf; -extern int tcp_autosndbuf_inc; -extern int tcp_autosndbuf_max; +VNET_DECLARE(int, blackhole); +VNET_DECLARE(int, drop_synfin); +VNET_DECLARE(int, tcp_do_rfc3042); +VNET_DECLARE(int, tcp_do_rfc3390); +VNET_DECLARE(int, tcp_insecure_rst); +VNET_DECLARE(int, tcp_do_autorcvbuf); +VNET_DECLARE(int, tcp_autorcvbuf_inc); +VNET_DECLARE(int, tcp_autorcvbuf_max); +VNET_DECLARE(int, tcp_do_rfc3465); +VNET_DECLARE(int, tcp_abc_l_var); -extern int nolocaltimewait; +#define V_blackhole VNET_GET(blackhole) +#define V_drop_synfin VNET_GET(drop_synfin) +#define V_tcp_do_rfc3042 VNET_GET(tcp_do_rfc3042) +#define V_tcp_do_rfc3390 VNET_GET(tcp_do_rfc3390) +#define V_tcp_insecure_rst VNET_GET(tcp_insecure_rst) +#define V_tcp_do_autorcvbuf VNET_GET(tcp_do_autorcvbuf) +#define V_tcp_autorcvbuf_inc VNET_GET(tcp_autorcvbuf_inc) +#define V_tcp_autorcvbuf_max VNET_GET(tcp_autorcvbuf_max) +#define V_tcp_do_rfc3465 VNET_GET(tcp_do_rfc3465) +#define V_tcp_abc_l_var VNET_GET(tcp_abc_l_var) -extern int tcp_do_sack; /* SACK enabled/disabled */ -extern int tcp_sack_maxholes; -extern int tcp_sack_globalmaxholes; -extern int tcp_sack_globalholes; -extern int tcp_sc_rst_sock_fail; /* RST on sock alloc failure */ -extern int tcp_do_ecn; /* TCP ECN enabled/disabled */ -extern int tcp_ecn_maxretries; -#endif /* VIMAGE_GLOBALS */ +VNET_DECLARE(int, tcp_do_tso); +VNET_DECLARE(int, tcp_do_autosndbuf); +VNET_DECLARE(int, tcp_autosndbuf_inc); +VNET_DECLARE(int, tcp_autosndbuf_max); + +#define V_tcp_do_tso VNET_GET(tcp_do_tso) +#define V_tcp_do_autosndbuf VNET_GET(tcp_do_autosndbuf) +#define V_tcp_autosndbuf_inc VNET_GET(tcp_autosndbuf_inc) +#define V_tcp_autosndbuf_max VNET_GET(tcp_autosndbuf_max) + +VNET_DECLARE(int, nolocaltimewait); + +#define V_nolocaltimewait VNET_GET(nolocaltimewait) + +VNET_DECLARE(int, tcp_do_sack); /* SACK enabled/disabled */ +VNET_DECLARE(int, tcp_sack_maxholes); +VNET_DECLARE(int, tcp_sack_globalmaxholes); +VNET_DECLARE(int, tcp_sack_globalholes); +VNET_DECLARE(int, tcp_sc_rst_sock_fail); /* RST on sock alloc failure */ +VNET_DECLARE(int, tcp_do_ecn); /* TCP ECN enabled/disabled */ +VNET_DECLARE(int, tcp_ecn_maxretries); + +#define V_tcp_do_sack VNET_GET(tcp_do_sack) +#define V_tcp_sack_maxholes VNET_GET(tcp_sack_maxholes) +#define V_tcp_sack_globalmaxholes VNET_GET(tcp_sack_globalmaxholes) +#define V_tcp_sack_globalholes VNET_GET(tcp_sack_globalholes) +#define V_tcp_sc_rst_sock_fail VNET_GET(tcp_sc_rst_sock_fail) +#define V_tcp_do_ecn VNET_GET(tcp_do_ecn) +#define V_tcp_ecn_maxretries VNET_GET(tcp_ecn_maxretries) int tcp_addoptions(struct tcpopt *, u_char *); struct tcpcb * diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index 51dda23ad23f..f9623f3af65f 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -80,7 +80,6 @@ __FBSDID("$FreeBSD$"); #endif #include #include -#include #ifdef IPSEC #include @@ -96,9 +95,7 @@ __FBSDID("$FreeBSD$"); * Per RFC 768, August, 1980. */ -#ifdef VIMAGE_GLOBALS -int udp_blackhole; -#endif +VNET_DEFINE(int, udp_blackhole); /* * BSD 4.2 defaulted the udp checksum to be off. Turning off udp checksums @@ -114,8 +111,8 @@ int udp_log_in_vain = 0; SYSCTL_INT(_net_inet_udp, OID_AUTO, log_in_vain, CTLFLAG_RW, &udp_log_in_vain, 0, "Log all incoming UDP packets"); -SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_udp, OID_AUTO, blackhole, - CTLFLAG_RW, udp_blackhole, 0, +SYSCTL_VNET_INT(_net_inet_udp, OID_AUTO, blackhole, CTLFLAG_RW, + &VNET_NAME(udp_blackhole), 0, "Do not send port unreachables for refused connects"); u_long udp_sendspace = 9216; /* really max datagram size */ @@ -134,19 +131,19 @@ u_long udp_recvspace = 40 * (1024 + SYSCTL_ULONG(_net_inet_udp, UDPCTL_RECVSPACE, recvspace, CTLFLAG_RW, &udp_recvspace, 0, "Maximum space for incoming UDP datagrams"); -#ifdef VIMAGE_GLOBALS -struct inpcbhead udb; /* from udp_var.h */ -struct inpcbinfo udbinfo; -static uma_zone_t udpcb_zone; -struct udpstat udpstat; /* from udp_var.h */ -#endif +VNET_DEFINE(struct inpcbhead, udb); /* from udp_var.h */ +VNET_DEFINE(struct inpcbinfo, udbinfo); +static VNET_DEFINE(uma_zone_t, udpcb_zone); +VNET_DEFINE(struct udpstat, udpstat); /* from udp_var.h */ + +#define V_udpcb_zone VNET_GET(udpcb_zone) #ifndef UDBHASHSIZE #define UDBHASHSIZE 128 #endif -SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_udp, UDPCTL_STATS, stats, - CTLFLAG_RW, udpstat, udpstat, +SYSCTL_VNET_STRUCT(_net_inet_udp, UDPCTL_STATS, stats, CTLFLAG_RW, + &VNET_NAME(udpstat), udpstat, "UDP statistics (struct udpstat, netinet/udp_var.h)"); static void udp_detach(struct socket *so); @@ -164,7 +161,6 @@ static struct mbuf *udp4_espdecap(struct inpcb *, struct mbuf *, int); static void udp_zone_change(void *tag) { - INIT_VNET_INET(curvnet); uma_zone_set_max(V_udbinfo.ipi_zone, maxsockets); uma_zone_set_max(V_udpcb_zone, maxsockets); @@ -183,7 +179,6 @@ udp_inpcb_init(void *mem, int size, int flags) void udp_init(void) { - INIT_VNET_INET(curvnet); V_udp_blackhole = 0; @@ -212,7 +207,6 @@ udp_init(void) int udp_newudpcb(struct inpcb *inp) { - INIT_VNET_INET(curvnet); struct udpcb *up; up = uma_zalloc(V_udpcb_zone, M_NOWAIT | M_ZERO); @@ -225,7 +219,6 @@ udp_newudpcb(struct inpcb *inp) void udp_discardcb(struct udpcb *up) { - INIT_VNET_INET(curvnet); uma_zfree(V_udpcb_zone, up); } @@ -234,7 +227,6 @@ udp_discardcb(struct udpcb *up) void udp_destroy(void) { - INIT_VNET_INET(curvnet); hashdestroy(V_udbinfo.ipi_hashbase, M_PCB, V_udbinfo.ipi_hashmask); @@ -274,7 +266,6 @@ udp_append(struct inpcb *inp, struct ip *ip, struct mbuf *n, int off, #ifdef IPSEC /* Check AH/ESP integrity. */ if (ipsec4_in_reject(n, inp)) { - INIT_VNET_IPSEC(curvnet); m_freem(n); V_ipsec4stat.in_polvio++; return; @@ -321,7 +312,6 @@ udp_append(struct inpcb *inp, struct ip *ip, struct mbuf *n, int off, so = inp->inp_socket; SOCKBUF_LOCK(&so->so_rcv); if (sbappendaddr_locked(&so->so_rcv, append_sa, n, opts) == 0) { - INIT_VNET_INET(so->so_vnet); SOCKBUF_UNLOCK(&so->so_rcv); m_freem(n); if (opts) @@ -334,7 +324,6 @@ udp_append(struct inpcb *inp, struct ip *ip, struct mbuf *n, int off, void udp_input(struct mbuf *m, int off) { - INIT_VNET_INET(curvnet); int iphlen = off; struct ip *ip; struct udphdr *uh; @@ -668,7 +657,6 @@ udp_notify(struct inpcb *inp, int errno) void udp_ctlinput(int cmd, struct sockaddr *sa, void *vip) { - INIT_VNET_INET(curvnet); struct ip *ip = vip; struct udphdr *uh; struct in_addr faddr; @@ -715,7 +703,6 @@ udp_ctlinput(int cmd, struct sockaddr *sa, void *vip) static int udp_pcblist(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); int error, i, n; struct inpcb *inp, **inp_list; inp_gen_t gencnt; @@ -814,7 +801,6 @@ SYSCTL_PROC(_net_inet_udp, UDPCTL_PCBLIST, pcblist, CTLFLAG_RD, 0, 0, static int udp_getcred(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); struct xucred xuc; struct sockaddr_in addrs[2]; struct inpcb *inp; @@ -949,7 +935,6 @@ static int udp_output(struct inpcb *inp, struct mbuf *m, struct sockaddr *addr, struct mbuf *control, struct thread *td) { - INIT_VNET_INET(inp->inp_vnet); struct udpiphdr *ui; int len = m->m_pkthdr.len; struct in_addr faddr, laddr; @@ -1270,7 +1255,6 @@ release: static struct mbuf * udp4_espdecap(struct inpcb *inp, struct mbuf *m, int off) { - INIT_VNET_IPSEC(curvnet); size_t minlen, payload, skip, iphlen; caddr_t data; struct udpcb *up; @@ -1397,7 +1381,6 @@ udp4_espdecap(struct inpcb *inp, struct mbuf *m, int off) static void udp_abort(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -1416,7 +1399,6 @@ udp_abort(struct socket *so) static int udp_attach(struct socket *so, int proto, struct thread *td) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; int error; @@ -1480,7 +1462,6 @@ udp_set_kernel_tunneling(struct socket *so, udp_tun_func_t f) static int udp_bind(struct socket *so, struct sockaddr *nam, struct thread *td) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; int error; @@ -1497,7 +1478,6 @@ udp_bind(struct socket *so, struct sockaddr *nam, struct thread *td) static void udp_close(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -1516,7 +1496,6 @@ udp_close(struct socket *so) static int udp_connect(struct socket *so, struct sockaddr *nam, struct thread *td) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; int error; struct sockaddr_in *sin; @@ -1548,7 +1527,6 @@ udp_connect(struct socket *so, struct sockaddr *nam, struct thread *td) static void udp_detach(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; struct udpcb *up; @@ -1570,7 +1548,6 @@ udp_detach(struct socket *so) static int udp_disconnect(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); diff --git a/sys/netinet/udp_var.h b/sys/netinet/udp_var.h index 211edff8fa3f..417c59716362 100644 --- a/sys/netinet/udp_var.h +++ b/sys/netinet/udp_var.h @@ -119,12 +119,16 @@ SYSCTL_DECL(_net_inet_udp); extern struct pr_usrreqs udp_usrreqs; -#ifdef VIMAGE_GLOBALS -extern struct inpcbhead udb; -extern struct inpcbinfo udbinfo; -extern struct udpstat udpstat; -extern int udp_blackhole; -#endif +VNET_DECLARE(struct inpcbhead, udb); +VNET_DECLARE(struct inpcbinfo, udbinfo); +VNET_DECLARE(struct udpstat, udpstat); +VNET_DECLARE(int, udp_blackhole); + +#define V_udb VNET_GET(udb) +#define V_udbinfo VNET_GET(udbinfo) +#define V_udpstat VNET_GET(udpstat) +#define V_udp_blackhole VNET_GET(udp_blackhole) + extern u_long udp_sendspace; extern u_long udp_recvspace; extern int udp_log_in_vain; diff --git a/sys/netinet/vinet.h b/sys/netinet/vinet.h deleted file mode 100644 index 495f79759630..000000000000 --- a/sys/netinet/vinet.h +++ /dev/null @@ -1,422 +0,0 @@ -/*- - * Copyright (c) 2006-2008 University of Zagreb - * Copyright (c) 2006-2008 FreeBSD Foundation - * - * This software was developed by the University of Zagreb and the - * FreeBSD Foundation under sponsorship by the Stichting NLnet and the - * FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _NETINET_VINET_H_ -#define _NETINET_VINET_H_ - -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -struct vnet_inet { - struct in_ifaddrhashhead *_in_ifaddrhashtbl; - struct in_ifaddrhead _in_ifaddrhead; - u_long _in_ifaddrhmask; - - int _arpt_keep; - int _arp_maxtries; - int _useloopback; - int _arp_proxyall; - int _subnetsarelocal; - int _sameprefixcarponly; - - int _ipforwarding; - int _ipstealth; - int _ipfastforward_active; - int _ipsendredirects; - int _ip_defttl; - int _ip_keepfaith; - int _ip_sendsourcequench; - int _ip_do_randomid; - int _ip_checkinterface; - int _ip_output_flowtable_size; - u_short _ip_id; - - uma_zone_t _ipq_zone; - int _nipq; /* Total # of reass queues */ - int _maxnipq; /* Admin. limit on # reass queues. */ - int _maxfragsperpacket; - TAILQ_HEAD(ipqhead, ipq) _ipq[IPREASS_NHASH]; - - struct inpcbhead _tcb; /* head of queue of active tcpcb's */ - struct inpcbinfo _tcbinfo; - struct tcpstat _tcpstat; /* tcp statistics */ - struct tcp_hostcache _tcp_hostcache; - struct callout _tcp_hc_callout; - - uma_zone_t _tcp_reass_zone; - uma_zone_t _tcpcb_zone; - uma_zone_t _tcptw_zone; - uma_zone_t _sack_hole_zone; - - struct tcp_syncache _tcp_syncache; - int _tcp_syncookies; - int _tcp_syncookiesonly; - int _tcp_sc_rst_sock_fail; - - struct inpcbhead _divcb; - struct inpcbinfo _divcbinfo; - TAILQ_HEAD(, tcptw) _twq_2msl; - - int _tcp_mssdflt; - int _tcp_v6mssdflt; - int _tcp_minmss; - int _tcp_do_rfc1323; - int _icmp_may_rst; - int _tcp_isn_reseed_interval; - int _tcp_inflight_enable; - int _tcp_inflight_rttthresh; - int _tcp_inflight_min; - int _tcp_inflight_max; - int _tcp_inflight_stab; - int _nolocaltimewait; - int _path_mtu_discovery; - int _ss_fltsz; - int _ss_fltsz_local; - int _tcp_do_newreno; - int _tcp_do_tso; - int _tcp_do_autosndbuf; - int _tcp_autosndbuf_inc; - int _tcp_autosndbuf_max; - int _tcp_do_sack; - int _tcp_sack_maxholes; - int _tcp_sack_globalmaxholes; - int _tcp_sack_globalholes; - int _blackhole; - int _tcp_delack_enabled; - int _drop_synfin; - int _tcp_do_rfc3042; - int _tcp_do_rfc3390; - int _tcp_do_rfc3465; - int _tcp_abc_l_var; - int _tcp_do_ecn; - int _tcp_ecn_maxretries; - int _tcp_insecure_rst; - int _tcp_do_autorcvbuf; - int _tcp_autorcvbuf_inc; - int _tcp_autorcvbuf_max; - int _tcp_reass_maxseg; - int _tcp_reass_qsize; - int _tcp_reass_maxqlen; - int _tcp_reass_overflows; - - u_char _isn_secret[32]; - int _isn_last_reseed; - u_int32_t _isn_offset; - u_int32_t _isn_offset_old; - - struct inpcbhead _udb; - struct inpcbinfo _udbinfo; - uma_zone_t _udpcb_zone; - struct udpstat _udpstat; - int _udp_blackhole; - - struct inpcbhead _ripcb; - struct inpcbinfo _ripcbinfo; - struct socket * _ip_mrouter; - - struct socket * _ip_rsvpd; - int _ip_rsvp_on; - int _rsvp_on; - - struct icmpstat _icmpstat; - struct ipstat _ipstat; - - LIST_HEAD(, igmp_ifinfo) _igi_head; - struct igmpstat _igmpstat; - int _interface_timers_running; - int _state_change_timers_running; - int _current_state_timers_running; - int _igmp_recvifkludge; - int _igmp_sendra; - int _igmp_sendlocal; - int _igmp_v1enable; - int _igmp_v2enable; - int _igmp_legacysupp; - int _igmp_sgalloc; - int _igmp_default_version; - struct timeval _igmp_gsrdelay; - - int _rtq_timeout; - int _rtq_reallyold; - int _rtq_minreallyold; - int _rtq_toomany; - struct callout _rtq_timer; - - int _ipport_lowfirstauto; - int _ipport_lowlastauto; - int _ipport_firstauto; - int _ipport_lastauto; - int _ipport_hifirstauto; - int _ipport_hilastauto; - int _ipport_reservedhigh; - int _ipport_reservedlow; - int _ipport_randomized; - int _ipport_randomcps; - int _ipport_randomtime; - int _ipport_stoprandom; - int _ipport_tcpallocs; - int _ipport_tcplastcount; - - int _icmpmaskrepl; - u_int _icmpmaskfake; - int _drop_redirect; - int _log_redirect; - int _icmplim; - int _icmplim_output; - char _reply_src[IFNAMSIZ]; - int _icmp_rfi; - int _icmp_quotelen; - int _icmpbmcastecho; - - int _fw_one_pass; - - struct flowtable * _ip_ft; - struct flowtable * _flow_list_head; - uint32_t _flow_hashjitter; - uma_zone_t _flow_ipv4_zone; - uma_zone_t _flow_ipv6_zone; - int _flowtable_enable; - int _flowtable_hits; - int _flowtable_lookups; - int _flowtable_misses; - int _flowtable_frees; - int _flowtable_free_checks; - int _flowtable_max_depth; - int _flowtable_collisions; - int _flowtable_syn_expire; - int _flowtable_udp_expire; - int _flowtable_fin_wait_expire; - int _flowtable_tcp_expire; - int _flowtable_nmbflows; -}; - -/* Size guard. See sys/vimage.h. */ -VIMAGE_CTASSERT(SIZEOF_vnet_inet, sizeof(struct vnet_inet)); - -#ifndef VIMAGE -#ifndef VIMAGE_GLOBALS -extern struct vnet_inet vnet_inet_0; -#endif -#endif - -/* - * Symbol translation macros - */ -#define INIT_VNET_INET(vnet) \ - INIT_FROM_VNET(vnet, VNET_MOD_INET, struct vnet_inet, vnet_inet) - -#define VNET_INET(sym) VSYM(vnet_inet, sym) - -#define V_arp_maxtries VNET_INET(arp_maxtries) -#define V_arp_proxyall VNET_INET(arp_proxyall) -#define V_arpt_keep VNET_INET(arpt_keep) -#define V_blackhole VNET_INET(blackhole) -#define V_divcb VNET_INET(divcb) -#define V_divcbinfo VNET_INET(divcbinfo) -#define V_drop_redirect VNET_INET(drop_redirect) -#define V_drop_synfin VNET_INET(drop_synfin) -#define V_fw_one_pass VNET_INET(fw_one_pass) -#define V_flow_hashjitter VNET_INET(flow_hashjitter) -#define V_flow_ipv4_zone VNET_INET(flow_ipv4_zone) -#define V_flow_ipv6_zone VNET_INET(flow_ipv6_zone) -#define V_flow_list_head VNET_INET(flow_list_head) -#define V_flowtable_collisions VNET_INET(flowtable_collisions) -#define V_flowtable_enable VNET_INET(flowtable_enable) -#define V_flowtable_fin_wait_expire VNET_INET(flowtable_fin_wait_expire) -#define V_flowtable_free_checks VNET_INET(flowtable_free_checks) -#define V_flowtable_frees VNET_INET(flowtable_frees) -#define V_flowtable_hits VNET_INET(flowtable_hits) -#define V_flowtable_lookups VNET_INET(flowtable_lookups) -#define V_flowtable_max_depth VNET_INET(flowtable_max_depth) -#define V_flowtable_misses VNET_INET(flowtable_misses) -#define V_flowtable_nmbflows VNET_INET(flowtable_nmbflows) -#define V_flowtable_syn_expire VNET_INET(flowtable_syn_expire) -#define V_flowtable_tcp_expire VNET_INET(flowtable_tcp_expire) -#define V_flowtable_udp_expire VNET_INET(flowtable_udp_expire) -#define V_icmp_may_rst VNET_INET(icmp_may_rst) -#define V_icmp_quotelen VNET_INET(icmp_quotelen) -#define V_icmp_rfi VNET_INET(icmp_rfi) -#define V_icmpbmcastecho VNET_INET(icmpbmcastecho) -#define V_icmplim VNET_INET(icmplim) -#define V_icmplim_output VNET_INET(icmplim_output) -#define V_icmpmaskfake VNET_INET(icmpmaskfake) -#define V_icmpmaskrepl VNET_INET(icmpmaskrepl) -#define V_icmpstat VNET_INET(icmpstat) -#define V_igi_head VNET_INET(igi_head) -#define V_igmpstat VNET_INET(igmpstat) -#define V_interface_timers_running \ - VNET_INET(interface_timers_running) -#define V_state_change_timers_running \ - VNET_INET(state_change_timers_running) -#define V_current_state_timers_running \ - VNET_INET(current_state_timers_running) -#define V_igmp_recvifkludge VNET_INET(igmp_recvifkludge) -#define V_igmp_sendra VNET_INET(igmp_sendra) -#define V_igmp_sendlocal VNET_INET(igmp_sendlocal) -#define V_igmp_v1enable VNET_INET(igmp_v1enable) -#define V_igmp_v2enable VNET_INET(igmp_v2enable) -#define V_igmp_legacysupp VNET_INET(igmp_legacysupp) -#define V_igmp_sgalloc VNET_INET(igmp_sgalloc) -#define V_igmp_default_version VNET_INET(igmp_default_version) -#define V_igmp_gsrdelay VNET_INET(igmp_gsrdelay) -#define V_in_ifaddrhashtbl VNET_INET(in_ifaddrhashtbl) -#define V_in_ifaddrhead VNET_INET(in_ifaddrhead) -#define V_in_ifaddrhmask VNET_INET(in_ifaddrhmask) -#define V_ip_checkinterface VNET_INET(ip_checkinterface) -#define V_ip_defttl VNET_INET(ip_defttl) -#define V_ip_do_randomid VNET_INET(ip_do_randomid) -#define V_ip_ft VNET_INET(ip_ft) -#define V_ip_id VNET_INET(ip_id) -#define V_ip_keepfaith VNET_INET(ip_keepfaith) -#define V_ip_mrouter VNET_INET(ip_mrouter) -#define V_ip_output_flowtable_size VNET_INET(ip_output_flowtable_size) -#define V_ip_rsvp_on VNET_INET(ip_rsvp_on) -#define V_ip_rsvpd VNET_INET(ip_rsvpd) -#define V_ip_sendsourcequench VNET_INET(ip_sendsourcequench) -#define V_ipfastforward_active VNET_INET(ipfastforward_active) -#define V_ipforwarding VNET_INET(ipforwarding) -#define V_ipport_firstauto VNET_INET(ipport_firstauto) -#define V_ipport_hifirstauto VNET_INET(ipport_hifirstauto) -#define V_ipport_hilastauto VNET_INET(ipport_hilastauto) -#define V_ipport_lastauto VNET_INET(ipport_lastauto) -#define V_ipport_lowfirstauto VNET_INET(ipport_lowfirstauto) -#define V_ipport_lowlastauto VNET_INET(ipport_lowlastauto) -#define V_ipport_randomcps VNET_INET(ipport_randomcps) -#define V_ipport_randomized VNET_INET(ipport_randomized) -#define V_ipport_randomtime VNET_INET(ipport_randomtime) -#define V_ipport_reservedhigh VNET_INET(ipport_reservedhigh) -#define V_ipport_reservedlow VNET_INET(ipport_reservedlow) -#define V_ipport_stoprandom VNET_INET(ipport_stoprandom) -#define V_ipport_tcpallocs VNET_INET(ipport_tcpallocs) -#define V_ipport_tcplastcount VNET_INET(ipport_tcplastcount) -#define V_ipq VNET_INET(ipq) -#define V_ipq_zone VNET_INET(ipq_zone) -#define V_ipsendredirects VNET_INET(ipsendredirects) -#define V_ipstat VNET_INET(ipstat) -#define V_ipstealth VNET_INET(ipstealth) -#define V_isn_last_reseed VNET_INET(isn_last_reseed) -#define V_isn_offset VNET_INET(isn_offset) -#define V_isn_offset_old VNET_INET(isn_offset_old) -#define V_isn_secret VNET_INET(isn_secret) -#define V_llinfo_arp VNET_INET(llinfo_arp) -#define V_log_redirect VNET_INET(log_redirect) -#define V_maxfragsperpacket VNET_INET(maxfragsperpacket) -#define V_maxnipq VNET_INET(maxnipq) -#define V_nipq VNET_INET(nipq) -#define V_nolocaltimewait VNET_INET(nolocaltimewait) -#define V_path_mtu_discovery VNET_INET(path_mtu_discovery) -#define V_reply_src VNET_INET(reply_src) -#define V_ripcb VNET_INET(ripcb) -#define V_ripcbinfo VNET_INET(ripcbinfo) -#define V_router_info_head VNET_INET(router_info_head) -#define V_rsvp_on VNET_INET(rsvp_on) -#define V_rtq_minreallyold VNET_INET(rtq_minreallyold) -#define V_rtq_reallyold VNET_INET(rtq_reallyold) -#define V_rtq_timeout VNET_INET(rtq_timeout) -#define V_rtq_timer VNET_INET(rtq_timer) -#define V_rtq_toomany VNET_INET(rtq_toomany) -#define V_sack_hole_zone VNET_INET(sack_hole_zone) -#define V_sameprefixcarponly VNET_INET(sameprefixcarponly) -#define V_ss_fltsz VNET_INET(ss_fltsz) -#define V_ss_fltsz_local VNET_INET(ss_fltsz_local) -#define V_subnetsarelocal VNET_INET(subnetsarelocal) -#define V_tcb VNET_INET(tcb) -#define V_tcbinfo VNET_INET(tcbinfo) -#define V_tcpcb_zone VNET_INET(tcpcb_zone) -#define V_tcptw_zone VNET_INET(tcptw_zone) -#define V_tcp_abc_l_var VNET_INET(tcp_abc_l_var) -#define V_tcp_autorcvbuf_inc VNET_INET(tcp_autorcvbuf_inc) -#define V_tcp_autorcvbuf_max VNET_INET(tcp_autorcvbuf_max) -#define V_tcp_autosndbuf_inc VNET_INET(tcp_autosndbuf_inc) -#define V_tcp_autosndbuf_max VNET_INET(tcp_autosndbuf_max) -#define V_tcp_delack_enabled VNET_INET(tcp_delack_enabled) -#define V_tcp_do_autorcvbuf VNET_INET(tcp_do_autorcvbuf) -#define V_tcp_do_autosndbuf VNET_INET(tcp_do_autosndbuf) -#define V_tcp_do_ecn VNET_INET(tcp_do_ecn) -#define V_tcp_do_newreno VNET_INET(tcp_do_newreno) -#define V_tcp_do_rfc1323 VNET_INET(tcp_do_rfc1323) -#define V_tcp_do_rfc3042 VNET_INET(tcp_do_rfc3042) -#define V_tcp_do_rfc3390 VNET_INET(tcp_do_rfc3390) -#define V_tcp_do_rfc3465 VNET_INET(tcp_do_rfc3465) -#define V_tcp_do_sack VNET_INET(tcp_do_sack) -#define V_tcp_do_tso VNET_INET(tcp_do_tso) -#define V_tcp_ecn_maxretries VNET_INET(tcp_ecn_maxretries) -#define V_tcp_hc_callout VNET_INET(tcp_hc_callout) -#define V_tcp_hostcache VNET_INET(tcp_hostcache) -#define V_tcp_inflight_enable VNET_INET(tcp_inflight_enable) -#define V_tcp_inflight_max VNET_INET(tcp_inflight_max) -#define V_tcp_inflight_min VNET_INET(tcp_inflight_min) -#define V_tcp_inflight_rttthresh VNET_INET(tcp_inflight_rttthresh) -#define V_tcp_inflight_stab VNET_INET(tcp_inflight_stab) -#define V_tcp_insecure_rst VNET_INET(tcp_insecure_rst) -#define V_tcp_isn_reseed_interval VNET_INET(tcp_isn_reseed_interval) -#define V_tcp_minmss VNET_INET(tcp_minmss) -#define V_tcp_mssdflt VNET_INET(tcp_mssdflt) -#define V_tcp_reass_maxqlen VNET_INET(tcp_reass_maxqlen) -#define V_tcp_reass_maxseg VNET_INET(tcp_reass_maxseg) -#define V_tcp_reass_overflows VNET_INET(tcp_reass_overflows) -#define V_tcp_reass_qsize VNET_INET(tcp_reass_qsize) -#define V_tcp_reass_zone VNET_INET(tcp_reass_zone) -#define V_tcp_sack_globalholes VNET_INET(tcp_sack_globalholes) -#define V_tcp_sack_globalmaxholes VNET_INET(tcp_sack_globalmaxholes) -#define V_tcp_sack_maxholes VNET_INET(tcp_sack_maxholes) -#define V_tcp_sc_rst_sock_fail VNET_INET(tcp_sc_rst_sock_fail) -#define V_tcp_syncache VNET_INET(tcp_syncache) -#define V_tcp_syncookies VNET_INET(tcp_syncookies) -#define V_tcp_syncookiesonly VNET_INET(tcp_syncookiesonly) -#define V_tcp_v6mssdflt VNET_INET(tcp_v6mssdflt) -#define V_tcpstat VNET_INET(tcpstat) -#define V_twq_2msl VNET_INET(twq_2msl) -#define V_udb VNET_INET(udb) -#define V_udbinfo VNET_INET(udbinfo) -#define V_udpcb_zone VNET_INET(udpcb_zone) -#define V_udp_blackhole VNET_INET(udp_blackhole) -#define V_udpstat VNET_INET(udpstat) -#define V_useloopback VNET_INET(useloopback) - -#define ip_newid() ((V_ip_do_randomid != 0) ? ip_randomid() : htons(V_ip_id++)) - -#endif /* !_NETINET_VINET_H_ */ diff --git a/sys/netinet6/dest6.c b/sys/netinet6/dest6.c index f0045aab78ed..20b5e9d7a1fa 100644 --- a/sys/netinet6/dest6.c +++ b/sys/netinet6/dest6.c @@ -55,7 +55,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include /* * Destination options header processing. @@ -63,7 +62,6 @@ __FBSDID("$FreeBSD$"); int dest6_input(struct mbuf **mp, int *offp, int proto) { - INIT_VNET_INET6(curvnet); struct mbuf *m = *mp; int off = *offp, dstoptlen, optlen; struct ip6_dest *dstopts; diff --git a/sys/netinet6/frag6.c b/sys/netinet6/frag6.c index 3f57802528d9..1531c87efb55 100644 --- a/sys/netinet6/frag6.c +++ b/sys/netinet6/frag6.c @@ -47,6 +47,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include #include #include @@ -55,7 +56,6 @@ __FBSDID("$FreeBSD$"); #include #include /* for ECN definitions */ #include /* for ECN definitions */ -#include #include @@ -76,11 +76,13 @@ static struct mtx ip6qlock; /* * These fields all protected by ip6qlock. */ -#ifdef VIMAGE_GLOBALS -static u_int frag6_nfragpackets; -static u_int frag6_nfrags; -static struct ip6q ip6q; /* ip6 reassemble queue */ -#endif +static VNET_DEFINE(u_int, frag6_nfragpackets); +static VNET_DEFINE(u_int, frag6_nfrags); +static VNET_DEFINE(struct ip6q, ip6q); /* ip6 reassemble queue */ + +#define V_frag6_nfragpackets VNET_GET(frag6_nfragpackets) +#define V_frag6_nfrags VNET_GET(frag6_nfrags) +#define V_ip6q VNET_GET(ip6q) #define IP6Q_LOCK_INIT() mtx_init(&ip6qlock, "ip6qlock", NULL, MTX_DEF); #define IP6Q_LOCK() mtx_lock(&ip6qlock) @@ -96,7 +98,6 @@ static MALLOC_DEFINE(M_FTABLE, "fragment", "fragment reassembly header"); static void frag6_change(void *tag) { - INIT_VNET_INET6(curvnet); V_ip6_maxfragpackets = nmbclusters / 4; V_ip6_maxfrags = nmbclusters / 4; @@ -105,7 +106,6 @@ frag6_change(void *tag) void frag6_init(void) { - INIT_VNET_INET6(curvnet); V_ip6q.ip6q_next = V_ip6q.ip6q_prev = &V_ip6q; V_ip6_maxfragpackets = nmbclusters / 4; @@ -154,7 +154,6 @@ frag6_init(void) int frag6_input(struct mbuf **mp, int *offp, int proto) { - INIT_VNET_INET6(curvnet); struct mbuf *m = *mp, *t; struct ip6_hdr *ip6; struct ip6_frag *ip6f; @@ -619,7 +618,6 @@ insert: void frag6_freef(struct ip6q *q6) { - INIT_VNET_INET6(curvnet); struct ip6asfrag *af6, *down6; IP6Q_LOCK_ASSERT(); @@ -726,7 +724,6 @@ frag6_slowtimo(void) VNET_LIST_RLOCK(); VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); - INIT_VNET_INET6(vnet_iter); q6 = V_ip6q.ip6q_next; if (q6) while (q6 != &V_ip6q) { @@ -768,7 +765,6 @@ frag6_drain(void) VNET_LIST_RLOCK(); VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); - INIT_VNET_INET6(vnet_iter); while (V_ip6q.ip6q_next != &V_ip6q) { V_ip6stat.ip6s_fragdropped++; /* XXX in6_ifstat_inc(ifp, ifs6_reass_fail) */ diff --git a/sys/netinet6/icmp6.c b/sys/netinet6/icmp6.c index 3ecf386572b5..f65aec85b16d 100644 --- a/sys/netinet6/icmp6.c +++ b/sys/netinet6/icmp6.c @@ -97,7 +97,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include @@ -106,7 +105,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #ifdef IPSEC #include @@ -115,16 +113,22 @@ __FBSDID("$FreeBSD$"); extern struct domain inet6domain; -#ifdef VIMAGE_GLOBALS -extern struct inpcbinfo ripcbinfo; -extern struct inpcbhead ripcb; -extern int icmp6errppslim; -extern int icmp6_nodeinfo; +VNET_DECLARE(struct inpcbinfo, ripcbinfo); +VNET_DECLARE(struct inpcbhead, ripcb); +VNET_DECLARE(int, icmp6errppslim); +VNET_DECLARE(int, icmp6_nodeinfo); -struct icmp6stat icmp6stat; -static int icmp6errpps_count; -static struct timeval icmp6errppslim_last; -#endif +#define V_ripcbinfo VNET_GET(ripcbinfo) +#define V_ripcb VNET_GET(ripcb) +#define V_icmp6errppslim VNET_GET(icmp6errppslim) +#define V_icmp6_nodeinfo VNET_GET(icmp6_nodeinfo) + +VNET_DEFINE(struct icmp6stat, icmp6stat); +static VNET_DEFINE(int, icmp6errpps_count); +static VNET_DEFINE(struct timeval, icmp6errppslim_last); + +#define V_icmp6errpps_count VNET_GET(icmp6errpps_count) +#define V_icmp6errppslim_last VNET_GET(icmp6errppslim_last) static void icmp6_errcount(struct icmp6errstat *, int, int); static int icmp6_rip6_input(struct mbuf **, int); @@ -144,7 +148,6 @@ static int icmp6_notify_error(struct mbuf **, int, int, int); void icmp6_init(void) { - INIT_VNET_INET6(curvnet); V_icmp6errpps_count = 0; } @@ -213,7 +216,6 @@ void icmp6_error2(struct mbuf *m, int type, int code, int param, struct ifnet *ifp) { - INIT_VNET_INET6(curvnet); struct ip6_hdr *ip6; if (ifp == NULL) @@ -245,7 +247,6 @@ icmp6_error2(struct mbuf *m, int type, int code, int param, void icmp6_error(struct mbuf *m, int type, int code, int param) { - INIT_VNET_INET6(curvnet); struct ip6_hdr *oip6, *nip6; struct icmp6_hdr *icmp6; u_int preplen; @@ -400,7 +401,6 @@ icmp6_error(struct mbuf *m, int type, int code, int param) int icmp6_input(struct mbuf **mp, int *offp, int proto) { - INIT_VNET_INET6(curvnet); struct mbuf *m = *mp, *n; struct ifnet *ifp; struct ip6_hdr *ip6, *nip6; @@ -884,7 +884,6 @@ icmp6_input(struct mbuf **mp, int *offp, int proto) static int icmp6_notify_error(struct mbuf **mp, int off, int icmp6len, int code) { - INIT_VNET_INET6(curvnet); struct mbuf *m = *mp; struct icmp6_hdr *icmp6; struct ip6_hdr *eip6; @@ -1116,7 +1115,6 @@ icmp6_notify_error(struct mbuf **mp, int off, int icmp6len, int code) void icmp6_mtudisc_update(struct ip6ctlparam *ip6cp, int validated) { - INIT_VNET_INET6(curvnet); struct in6_addr *dst = ip6cp->ip6c_finaldst; struct icmp6_hdr *icmp6 = ip6cp->ip6c_icmp6; struct mbuf *m = ip6cp->ip6c_m; /* will be necessary for scope issue */ @@ -1181,7 +1179,6 @@ icmp6_mtudisc_update(struct ip6ctlparam *ip6cp, int validated) static struct mbuf * ni6_input(struct mbuf *m, int off) { - INIT_VNET_INET6(curvnet); struct icmp6_nodeinfo *ni6, *nni6; struct mbuf *n = NULL; struct prison *pr; @@ -1673,8 +1670,6 @@ static int ni6_addrs(struct icmp6_nodeinfo *ni6, struct mbuf *m, struct ifnet **ifpp, struct in6_addr *subj) { - INIT_VNET_NET(curvnet); - INIT_VNET_INET6(curvnet); struct ifnet *ifp; struct in6_ifaddr *ifa6; struct ifaddr *ifa; @@ -1768,8 +1763,6 @@ static int ni6_store_addrs(struct icmp6_nodeinfo *ni6, struct icmp6_nodeinfo *nni6, struct ifnet *ifp0, int resid) { - INIT_VNET_NET(curvnet); - INIT_VNET_INET6(curvnet); struct ifnet *ifp = ifp0 ? ifp0 : TAILQ_FIRST(&V_ifnet); struct in6_ifaddr *ifa6; struct ifaddr *ifa; @@ -1911,8 +1904,6 @@ ni6_store_addrs(struct icmp6_nodeinfo *ni6, struct icmp6_nodeinfo *nni6, static int icmp6_rip6_input(struct mbuf **mp, int off) { - INIT_VNET_INET(curvnet); - INIT_VNET_INET6(curvnet); struct mbuf *m = *mp; struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); struct inpcb *in6p; @@ -2073,7 +2064,6 @@ icmp6_rip6_input(struct mbuf **mp, int off) void icmp6_reflect(struct mbuf *m, size_t off) { - INIT_VNET_INET6(curvnet); struct ip6_hdr *ip6; struct icmp6_hdr *icmp6; struct in6_ifaddr *ia = NULL; @@ -2265,7 +2255,6 @@ icmp6_redirect_diag(struct in6_addr *src6, struct in6_addr *dst6, void icmp6_redirect_input(struct mbuf *m, int off) { - INIT_VNET_INET6(curvnet); struct ifnet *ifp; struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); struct nd_redirect *nd_rd; @@ -2473,7 +2462,6 @@ icmp6_redirect_input(struct mbuf *m, int off) void icmp6_redirect_output(struct mbuf *m0, struct rtentry *rt) { - INIT_VNET_INET6(curvnet); struct ifnet *ifp; /* my outgoing interface */ struct in6_addr *ifp_ll6; struct in6_addr *router_ll6; @@ -2843,7 +2831,6 @@ static int icmp6_ratelimit(const struct in6_addr *dst, const int type, const int code) { - INIT_VNET_INET6(curvnet); int ret; ret = 0; /* okay to send */ diff --git a/sys/netinet6/in6.c b/sys/netinet6/in6.c index 40d198a974a9..7100ff1dde5e 100644 --- a/sys/netinet6/in6.c +++ b/sys/netinet6/in6.c @@ -103,7 +103,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include /* * Definitions of some costant IP6 addresses. @@ -181,7 +180,6 @@ int in6_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp, struct thread *td) { - INIT_VNET_INET6(curvnet); struct in6_ifreq *ifr = (struct in6_ifreq *)data; struct in6_ifaddr *ia = NULL; struct in6_aliasreq *ifra = (struct in6_aliasreq *)data; @@ -682,7 +680,6 @@ int in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, struct in6_ifaddr *ia, int flags) { - INIT_VNET_INET6(ifp->if_vnet); int error = 0, hostIsNew = 0, plen = -1; struct sockaddr_in6 dst6; struct in6_addrlifetime *lt; @@ -1388,7 +1385,6 @@ cleanup: static void in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp) { - INIT_VNET_INET6(ifp->if_vnet); int s = splnet(); IF_ADDR_LOCK(ifp); @@ -1964,7 +1960,6 @@ ip6_sprintf(char *ip6buf, const struct in6_addr *addr) int in6_localaddr(struct in6_addr *in6) { - INIT_VNET_INET6(curvnet); struct in6_ifaddr *ia; if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6)) @@ -1986,7 +1981,6 @@ in6_localaddr(struct in6_addr *in6) int in6_is_addr_deprecated(struct sockaddr_in6 *sa6) { - INIT_VNET_INET6(curvnet); struct in6_ifaddr *ia; IN6_IFADDR_RLOCK(); @@ -2083,7 +2077,6 @@ in6_prefixlen2mask(struct in6_addr *maskp, int len) struct in6_ifaddr * in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst) { - INIT_VNET_INET6(curvnet); int dst_scope = in6_addrscope(dst), blen = -1, tlen; struct ifaddr *ifa; struct in6_ifaddr *besta = 0; @@ -2244,8 +2237,6 @@ in6if_do_dad(struct ifnet *ifp) void in6_setmaxmtu(void) { - INIT_VNET_NET(curvnet); - INIT_VNET_INET6(curvnet); unsigned long maxmtu = 0; struct ifnet *ifp; diff --git a/sys/netinet6/in6_gif.c b/sys/netinet6/in6_gif.c index 68ebc9ce289b..e51506b3c159 100644 --- a/sys/netinet6/in6_gif.c +++ b/sys/netinet6/in6_gif.c @@ -66,7 +66,6 @@ __FBSDID("$FreeBSD$"); #include #ifdef INET6 #include -#include #endif #include @@ -91,7 +90,6 @@ in6_gif_output(struct ifnet *ifp, int family, /* family of the packet to be encapsulate */ struct mbuf *m) { - INIT_VNET_GIF(ifp->if_vnet); struct gif_softc *sc = ifp->if_softc; struct sockaddr_in6 *dst = (struct sockaddr_in6 *)&sc->gif_ro6.ro_dst; struct sockaddr_in6 *sin6_src = (struct sockaddr_in6 *)sc->gif_psrc; @@ -279,7 +277,6 @@ in6_gif_output(struct ifnet *ifp, int in6_gif_input(struct mbuf **mp, int *offp, int proto) { - INIT_VNET_INET6(curvnet); struct mbuf *m = *mp; struct ifnet *gifp = NULL; struct gif_softc *sc; diff --git a/sys/netinet6/in6_ifattach.c b/sys/netinet6/in6_ifattach.c index 7fc1251f235e..56d9f27d3dfd 100644 --- a/sys/netinet6/in6_ifattach.c +++ b/sys/netinet6/in6_ifattach.c @@ -53,7 +53,9 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include +#include +#include +#include #include #include @@ -64,14 +66,15 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include -#ifdef VIMAGE_GLOBALS -unsigned long in6_maxmtu; -int ip6_auto_linklocal; -struct callout in6_tmpaddrtimer_ch; -extern struct inpcbinfo ripcbinfo; -#endif +VNET_DEFINE(unsigned long, in6_maxmtu); +VNET_DEFINE(int, ip6_auto_linklocal); +VNET_DEFINE(struct callout, in6_tmpaddrtimer_ch); + +#define V_in6_tmpaddrtimer_ch VNET_GET(in6_tmpaddrtimer_ch) + +VNET_DECLARE(struct inpcbinfo, ripcbinfo); +#define V_ripcbinfo VNET_GET(ripcbinfo) static int get_rand_ifid(struct ifnet *, struct in6_addr *); static int generate_tmp_ifid(u_int8_t *, const u_int8_t *, u_int8_t *); @@ -142,7 +145,6 @@ get_rand_ifid(struct ifnet *ifp, struct in6_addr *in6) static int generate_tmp_ifid(u_int8_t *seed0, const u_int8_t *seed1, u_int8_t *ret) { - INIT_VNET_INET6(curvnet); MD5_CTX ctxt; u_int8_t seed[16], digest[16], nullbuf[8]; u_int32_t val32; @@ -379,8 +381,6 @@ static int get_ifid(struct ifnet *ifp0, struct ifnet *altifp, struct in6_addr *in6) { - INIT_VNET_NET(ifp0->if_vnet); - INIT_VNET_INET6(ifp0->if_vnet); struct ifnet *ifp; /* first, try to get it from the interface itself */ @@ -444,7 +444,6 @@ success: static int in6_ifattach_linklocal(struct ifnet *ifp, struct ifnet *altifp) { - INIT_VNET_INET6(curvnet); struct in6_ifaddr *ia; struct in6_aliasreq ifra; struct nd_prefixctl pr0; @@ -562,7 +561,6 @@ in6_ifattach_linklocal(struct ifnet *ifp, struct ifnet *altifp) static int in6_ifattach_loopback(struct ifnet *ifp) { - INIT_VNET_INET6(curvnet); struct in6_aliasreq ifra; int error; @@ -694,7 +692,6 @@ in6_nigroup(struct ifnet *ifp, const char *name, int namelen, void in6_ifattach(struct ifnet *ifp, struct ifnet *altifp) { - INIT_VNET_INET6(ifp->if_vnet); struct in6_ifaddr *ia; struct in6_addr in6; @@ -782,8 +779,6 @@ statinit: void in6_ifdetach(struct ifnet *ifp) { - INIT_VNET_INET(ifp->if_vnet); - INIT_VNET_INET6(ifp->if_vnet); struct in6_ifaddr *ia; struct ifaddr *ifa, *next; struct radix_node_head *rnh; @@ -908,8 +903,6 @@ void in6_tmpaddrtimer(void *arg) { CURVNET_SET((struct vnet *) arg); - INIT_VNET_NET(curvnet); - INIT_VNET_INET6(curvnet); struct nd_ifinfo *ndi; u_int8_t nullbuf[8]; struct ifnet *ifp; diff --git a/sys/netinet6/in6_mcast.c b/sys/netinet6/in6_mcast.c index 4ea8e102d887..f7607deca2d7 100644 --- a/sys/netinet6/in6_mcast.c +++ b/sys/netinet6/in6_mcast.c @@ -66,9 +66,8 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include -#include #include +#include #ifndef KTR_MLD #define KTR_MLD KTR_INET6 @@ -1319,7 +1318,6 @@ in6_mc_leave_locked(struct in6_multi *inm, /*const*/ struct in6_mfilter *imf) static int in6p_block_unblock_source(struct inpcb *inp, struct sockopt *sopt) { - INIT_VNET_NET(curvnet); struct group_source_req gsr; sockunion_t *gsa, *ssa; struct ifnet *ifp; @@ -1482,7 +1480,6 @@ out_in6p_locked: static struct ip6_moptions * in6p_findmoptions(struct inpcb *inp) { - INIT_VNET_INET6(curvnet); struct ip6_moptions *imo; struct in6_multi **immp; struct in6_mfilter *imfp; @@ -1560,7 +1557,6 @@ ip6_freemoptions(struct ip6_moptions *imo) static int in6p_get_source_filters(struct inpcb *inp, struct sockopt *sopt) { - INIT_VNET_NET(curvnet); struct __msfilterreq msfr; sockunion_t *gsa; struct ifnet *ifp; @@ -1685,7 +1681,6 @@ in6p_get_source_filters(struct inpcb *inp, struct sockopt *sopt) int ip6_getmoptions(struct inpcb *inp, struct sockopt *sopt) { - INIT_VNET_INET6(curvnet); struct ip6_moptions *im6o; int error; u_int optval; @@ -1808,7 +1803,6 @@ in6p_lookup_mcast_ifp(const struct inpcb *in6p __unused, static int in6p_join_group(struct inpcb *inp, struct sockopt *sopt) { - INIT_VNET_NET(curvnet); struct group_source_req gsr; sockunion_t *gsa, *ssa; struct ifnet *ifp; @@ -2055,8 +2049,6 @@ out_in6p_locked: static int in6p_leave_group(struct inpcb *inp, struct sockopt *sopt) { - INIT_VNET_NET(curvnet); - INIT_VNET_INET6(curvnet); struct ipv6_mreq mreq; struct group_source_req gsr; sockunion_t *gsa, *ssa; @@ -2292,7 +2284,6 @@ out_in6p_locked: static int in6p_set_multicast_if(struct inpcb *inp, struct sockopt *sopt) { - INIT_VNET_NET(curvnet); struct ifnet *ifp; struct ip6_moptions *imo; u_int ifindex; @@ -2326,7 +2317,6 @@ in6p_set_multicast_if(struct inpcb *inp, struct sockopt *sopt) static int in6p_set_source_filters(struct inpcb *inp, struct sockopt *sopt) { - INIT_VNET_NET(curvnet); struct __msfilterreq msfr; sockunion_t *gsa; struct ifnet *ifp; @@ -2507,7 +2497,6 @@ out_in6p_locked: int ip6_setmoptions(struct inpcb *inp, struct sockopt *sopt) { - INIT_VNET_INET6(curvnet); struct ip6_moptions *im6o; int error; @@ -2615,7 +2604,6 @@ ip6_setmoptions(struct inpcb *inp, struct sockopt *sopt) static int sysctl_ip6_mcast_filters(SYSCTL_HANDLER_ARGS) { - INIT_VNET_NET(curvnet); struct in6_addr mcaddr; struct in6_addr src; struct ifnet *ifp; diff --git a/sys/netinet6/in6_pcb.c b/sys/netinet6/in6_pcb.c index 9df8c333c505..924e15d14d1c 100644 --- a/sys/netinet6/in6_pcb.c +++ b/sys/netinet6/in6_pcb.c @@ -95,14 +95,12 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include #include #include #include -#include #include @@ -112,8 +110,6 @@ int in6_pcbbind(register struct inpcb *inp, struct sockaddr *nam, struct ucred *cred) { - INIT_VNET_INET6(inp->inp_vnet); - INIT_VNET_INET(inp->inp_vnet); struct socket *so = inp->inp_socket; struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)NULL; struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; @@ -291,7 +287,6 @@ int in6_pcbladdr(register struct inpcb *inp, struct sockaddr *nam, struct in6_addr *plocal_addr6) { - INIT_VNET_INET6(inp->inp_vnet); register struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; int error = 0; struct ifnet *ifp = NULL; diff --git a/sys/netinet6/in6_proto.c b/sys/netinet6/in6_proto.c index 21a4a0355942..1a536dc23fa2 100644 --- a/sys/netinet6/in6_proto.c +++ b/sys/netinet6/in6_proto.c @@ -130,7 +130,6 @@ __FBSDID("$FreeBSD$"); #endif /* IPSEC */ #include -#include /* * TCP/IP protocol family: IP6, ICMP6, UDP, TCP. @@ -381,26 +380,25 @@ DOMAIN_SET(inet6); /* * Internet configuration info */ -#ifdef VIMAGE_GLOBALS -int ip6_forwarding; -int ip6_sendredirects; -int ip6_defhlim; -int ip6_defmcasthlim; -int ip6_accept_rtadv; -int ip6_maxfragpackets; -int ip6_maxfrags; -int ip6_log_interval; -int ip6_hdrnestlimit; -int ip6_dad_count; -int ip6_auto_flowlabel; -int ip6_use_deprecated; -int ip6_rr_prune; -int ip6_mcast_pmtu; -int ip6_v6only; -int ip6_keepfaith; -time_t ip6_log_time; -int ip6stealth; -int nd6_onlink_ns_rfc4861; +VNET_DEFINE(int, ip6_forwarding); +VNET_DEFINE(int, ip6_sendredirects); +VNET_DEFINE(int, ip6_defhlim); +VNET_DEFINE(int, ip6_defmcasthlim); +VNET_DEFINE(int, ip6_accept_rtadv); +VNET_DEFINE(int, ip6_maxfragpackets); +VNET_DEFINE(int, ip6_maxfrags); +VNET_DEFINE(int, ip6_log_interval); +VNET_DEFINE(int, ip6_hdrnestlimit); +VNET_DEFINE(int, ip6_dad_count); +VNET_DEFINE(int, ip6_auto_flowlabel); +VNET_DEFINE(int, ip6_use_deprecated); +VNET_DEFINE(int, ip6_rr_prune); +VNET_DEFINE(int, ip6_mcast_pmtu); +VNET_DEFINE(int, ip6_v6only); +VNET_DEFINE(int, ip6_keepfaith); +VNET_DEFINE(time_t, ip6_log_time); +VNET_DEFINE(int, ip6stealth); +VNET_DEFINE(int, nd6_onlink_ns_rfc4861); /* icmp6 */ /* @@ -408,27 +406,26 @@ int nd6_onlink_ns_rfc4861; * XXX: what if we don't define INET? Should we define pmtu6_expire * or so? (jinmei@kame.net 19990310) */ -int pmtu_expire; -int pmtu_probe; +VNET_DEFINE(int, pmtu_expire); +VNET_DEFINE(int, pmtu_probe); /* raw IP6 parameters */ /* * Nominal space allocated to a raw ip socket. */ -u_long rip6_sendspace; -u_long rip6_recvspace; +VNET_DEFINE(u_long, rip6_sendspace); +VNET_DEFINE(u_long, rip6_recvspace); /* ICMPV6 parameters */ -int icmp6_rediraccept; -int icmp6_redirtimeout; -int icmp6errppslim; +VNET_DEFINE(int, icmp6_rediraccept); +VNET_DEFINE(int, icmp6_redirtimeout); +VNET_DEFINE(int, icmp6errppslim); /* control how to respond to NI queries */ -int icmp6_nodeinfo; +VNET_DEFINE(int, icmp6_nodeinfo); /* UDP on IP6 parameters */ -int udp6_sendspace; -int udp6_recvspace; -#endif /* VIMAGE_GLOBALS */ +VNET_DEFINE(int, udp6_sendspace); +VNET_DEFINE(int, udp6_recvspace); /* * sysctl related items. @@ -452,11 +449,14 @@ SYSCTL_NODE(_net_inet6, IPPROTO_ESP, ipsec6, CTLFLAG_RW, 0, "IPSEC6"); static int sysctl_ip6_temppltime(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET6(curvnet); int error = 0; int old; - SYSCTL_RESOLVE_V_ARG1(); +#ifdef VIMAGE + if (arg1 != NULL) + arg1 = (void *)(TD_TO_VNET(req->td)->vnet_data_base + + (uintptr_t)arg1); +#endif error = SYSCTL_OUT(req, arg1, sizeof(int)); if (error || !req->newptr) @@ -474,11 +474,14 @@ sysctl_ip6_temppltime(SYSCTL_HANDLER_ARGS) static int sysctl_ip6_tempvltime(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET6(curvnet); int error = 0; int old; - SYSCTL_RESOLVE_V_ARG1(); +#ifdef VIMAGE + if (arg1 != NULL) + arg1 = (void *)(TD_TO_VNET(req->td)->vnet_data_base + + (uintptr_t)arg1); +#endif error = SYSCTL_OUT(req, arg1, sizeof(int)); if (error || !req->newptr) @@ -492,89 +495,89 @@ sysctl_ip6_tempvltime(SYSCTL_HANDLER_ARGS) return (error); } -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_FORWARDING, - forwarding, CTLFLAG_RW, ip6_forwarding, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_SENDREDIRECTS, - redirect, CTLFLAG_RW, ip6_sendredirects, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_DEFHLIM, - hlim, CTLFLAG_RW, ip6_defhlim, 0, ""); -SYSCTL_V_STRUCT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_STATS, stats, - CTLFLAG_RD, ip6stat, ip6stat, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_MAXFRAGPACKETS, - maxfragpackets, CTLFLAG_RW, ip6_maxfragpackets, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_ACCEPT_RTADV, - accept_rtadv, CTLFLAG_RW, ip6_accept_rtadv, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_KEEPFAITH, - keepfaith, CTLFLAG_RW, ip6_keepfaith, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_LOG_INTERVAL, - log_interval, CTLFLAG_RW, ip6_log_interval, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_HDRNESTLIMIT, - hdrnestlimit, CTLFLAG_RW, ip6_hdrnestlimit, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_DAD_COUNT, - dad_count, CTLFLAG_RW, ip6_dad_count, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_AUTO_FLOWLABEL, - auto_flowlabel, CTLFLAG_RW, ip6_auto_flowlabel, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_DEFMCASTHLIM, - defmcasthlim, CTLFLAG_RW, ip6_defmcasthlim, 0, ""); -SYSCTL_STRING(_net_inet6_ip6, IPV6CTL_KAME_VERSION, - kame_version, CTLFLAG_RD, __KAME_VERSION, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_USE_DEPRECATED, - use_deprecated, CTLFLAG_RW, ip6_use_deprecated, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_RR_PRUNE, - rr_prune, CTLFLAG_RW, ip6_rr_prune, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_USETEMPADDR, - use_tempaddr, CTLFLAG_RW, ip6_use_tempaddr, 0, ""); -SYSCTL_V_OID(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_TEMPPLTIME, temppltime, - CTLTYPE_INT|CTLFLAG_RW, ip6_temp_preferred_lifetime, 0, +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_FORWARDING, forwarding, CTLFLAG_RW, + &VNET_NAME(ip6_forwarding), 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_SENDREDIRECTS, redirect, CTLFLAG_RW, + &VNET_NAME(ip6_sendredirects), 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_DEFHLIM, hlim, CTLFLAG_RW, + &VNET_NAME(ip6_defhlim), 0, ""); +SYSCTL_VNET_STRUCT(_net_inet6_ip6, IPV6CTL_STATS, stats, CTLFLAG_RD, + &VNET_NAME(ip6stat), ip6stat, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_MAXFRAGPACKETS, maxfragpackets, + CTLFLAG_RW, &VNET_NAME(ip6_maxfragpackets), 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_ACCEPT_RTADV, accept_rtadv, + CTLFLAG_RW, &VNET_NAME(ip6_accept_rtadv), 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_KEEPFAITH, keepfaith, CTLFLAG_RW, + &VNET_NAME(ip6_keepfaith), 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_LOG_INTERVAL, log_interval, + CTLFLAG_RW, &VNET_NAME(ip6_log_interval), 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_HDRNESTLIMIT, hdrnestlimit, + CTLFLAG_RW, &VNET_NAME(ip6_hdrnestlimit), 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_DAD_COUNT, dad_count, CTLFLAG_RW, + &VNET_NAME(ip6_dad_count), 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_AUTO_FLOWLABEL, auto_flowlabel, + CTLFLAG_RW, &VNET_NAME(ip6_auto_flowlabel), 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_DEFMCASTHLIM, defmcasthlim, + CTLFLAG_RW, &VNET_NAME(ip6_defmcasthlim), 0, ""); +SYSCTL_STRING(_net_inet6_ip6, IPV6CTL_KAME_VERSION, kame_version, + CTLFLAG_RD, __KAME_VERSION, 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_USE_DEPRECATED, use_deprecated, + CTLFLAG_RW, &VNET_NAME(ip6_use_deprecated), 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_RR_PRUNE, rr_prune, CTLFLAG_RW, + &VNET_NAME(ip6_rr_prune), 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_USETEMPADDR, use_tempaddr, + CTLFLAG_RW, &VNET_NAME(ip6_use_tempaddr), 0, ""); +SYSCTL_VNET_PROC(_net_inet6_ip6, IPV6CTL_TEMPPLTIME, temppltime, + CTLTYPE_INT|CTLFLAG_RW, &VNET_NAME(ip6_temp_preferred_lifetime), 0, sysctl_ip6_temppltime, "I", ""); -SYSCTL_V_OID(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_TEMPVLTIME, tempvltime, - CTLTYPE_INT|CTLFLAG_RW, ip6_temp_valid_lifetime, 0, +SYSCTL_VNET_PROC(_net_inet6_ip6, IPV6CTL_TEMPVLTIME, tempvltime, + CTLTYPE_INT|CTLFLAG_RW, &VNET_NAME(ip6_temp_valid_lifetime), 0, sysctl_ip6_tempvltime, "I", ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_V6ONLY, - v6only, CTLFLAG_RW, ip6_v6only, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_AUTO_LINKLOCAL, - auto_linklocal, CTLFLAG_RW, ip6_auto_linklocal, 0, ""); -SYSCTL_V_STRUCT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_RIP6STATS, - rip6stats, CTLFLAG_RD, rip6stat, rip6stat, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_PREFER_TEMPADDR, - prefer_tempaddr, CTLFLAG_RW, ip6_prefer_tempaddr, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_USE_DEFAULTZONE, - use_defaultzone, CTLFLAG_RW, ip6_use_defzone, 0,""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_MAXFRAGS, - maxfrags, CTLFLAG_RW, ip6_maxfrags, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_MCAST_PMTU, - mcast_pmtu, CTLFLAG_RW, ip6_mcast_pmtu, 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_V6ONLY, v6only, CTLFLAG_RW, + &VNET_NAME(ip6_v6only), 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_AUTO_LINKLOCAL, auto_linklocal, + CTLFLAG_RW, &VNET_NAME(ip6_auto_linklocal), 0, ""); +SYSCTL_VNET_STRUCT(_net_inet6_ip6, IPV6CTL_RIP6STATS, rip6stats, CTLFLAG_RD, + &VNET_NAME(rip6stat), rip6stat, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_PREFER_TEMPADDR, prefer_tempaddr, + CTLFLAG_RW, &VNET_NAME(ip6_prefer_tempaddr), 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_USE_DEFAULTZONE, use_defaultzone, + CTLFLAG_RW, &VNET_NAME(ip6_use_defzone), 0,""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_MAXFRAGS, maxfrags, CTLFLAG_RW, + &VNET_NAME(ip6_maxfrags), 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_MCAST_PMTU, mcast_pmtu, CTLFLAG_RW, + &VNET_NAME(ip6_mcast_pmtu), 0, ""); #ifdef IPSTEALTH -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_STEALTH, - stealth, CTLFLAG_RW, ip6stealth, 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_STEALTH, stealth, CTLFLAG_RW, + &VNET_NAME(ip6stealth), 0, ""); #endif /* net.inet6.icmp6 */ -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_REDIRACCEPT, - rediraccept, CTLFLAG_RW, icmp6_rediraccept, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_REDIRTIMEOUT, - redirtimeout, CTLFLAG_RW, icmp6_redirtimeout, 0, ""); -SYSCTL_V_STRUCT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_STATS, - stats, CTLFLAG_RD, icmp6stat, icmp6stat, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_PRUNE, - nd6_prune, CTLFLAG_RW, nd6_prune, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_DELAY, - nd6_delay, CTLFLAG_RW, nd6_delay, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_UMAXTRIES, - nd6_umaxtries, CTLFLAG_RW, nd6_umaxtries, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_MMAXTRIES, - nd6_mmaxtries, CTLFLAG_RW, nd6_mmaxtries, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_USELOOPBACK, - nd6_useloopback, CTLFLAG_RW, nd6_useloopback, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_NODEINFO, - nodeinfo, CTLFLAG_RW, icmp6_nodeinfo, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ERRPPSLIMIT, - errppslimit, CTLFLAG_RW, icmp6errppslim, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_MAXNUDHINT, - nd6_maxnudhint, CTLFLAG_RW, nd6_maxnudhint, 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_DEBUG, - nd6_debug, CTLFLAG_RW, nd6_debug, 0, ""); +SYSCTL_VNET_INT(_net_inet6_icmp6, ICMPV6CTL_REDIRACCEPT, rediraccept, + CTLFLAG_RW, &VNET_NAME(icmp6_rediraccept), 0, ""); +SYSCTL_VNET_INT(_net_inet6_icmp6, ICMPV6CTL_REDIRTIMEOUT, redirtimeout, + CTLFLAG_RW, &VNET_NAME(icmp6_redirtimeout), 0, ""); +SYSCTL_VNET_STRUCT(_net_inet6_icmp6, ICMPV6CTL_STATS, stats, CTLFLAG_RD, + &VNET_NAME(icmp6stat), icmp6stat, ""); +SYSCTL_VNET_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_PRUNE, nd6_prune, CTLFLAG_RW, + &VNET_NAME(nd6_prune), 0, ""); +SYSCTL_VNET_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_DELAY, nd6_delay, CTLFLAG_RW, + &VNET_NAME(nd6_delay), 0, ""); +SYSCTL_VNET_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_UMAXTRIES, nd6_umaxtries, + CTLFLAG_RW, &VNET_NAME(nd6_umaxtries), 0, ""); +SYSCTL_VNET_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_MMAXTRIES, nd6_mmaxtries, + CTLFLAG_RW, &VNET_NAME(nd6_mmaxtries), 0, ""); +SYSCTL_VNET_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_USELOOPBACK, nd6_useloopback, + CTLFLAG_RW, &VNET_NAME(nd6_useloopback), 0, ""); +SYSCTL_VNET_INT(_net_inet6_icmp6, ICMPV6CTL_NODEINFO, nodeinfo, CTLFLAG_RW, + &VNET_NAME(icmp6_nodeinfo), 0, ""); +SYSCTL_VNET_INT(_net_inet6_icmp6, ICMPV6CTL_ERRPPSLIMIT, errppslimit, + CTLFLAG_RW, &VNET_NAME(icmp6errppslim), 0, ""); +SYSCTL_VNET_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_MAXNUDHINT, nd6_maxnudhint, + CTLFLAG_RW, &VNET_NAME(nd6_maxnudhint), 0, ""); +SYSCTL_VNET_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_DEBUG, nd6_debug, CTLFLAG_RW, + &VNET_NAME(nd6_debug), 0, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_ONLINKNSRFC4861, - nd6_onlink_ns_rfc4861, CTLFLAG_RW, nd6_onlink_ns_rfc4861, 0, - "Accept 'on-link' nd6 NS in compliance with RFC 4861."); +SYSCTL_VNET_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_ONLINKNSRFC4861, + nd6_onlink_ns_rfc4861, CTLFLAG_RW, &VNET_NAME(nd6_onlink_ns_rfc4861), + 0, "Accept 'on-link' nd6 NS in compliance with RFC 4861."); diff --git a/sys/netinet6/in6_rmx.c b/sys/netinet6/in6_rmx.c index f05a093aab5c..b378f5ac8c78 100644 --- a/sys/netinet6/in6_rmx.c +++ b/sys/netinet6/in6_rmx.c @@ -101,7 +101,6 @@ __FBSDID("$FreeBSD$"); #include #include -#include #include #include @@ -206,22 +205,22 @@ in6_matroute(void *v_arg, struct radix_node_head *head) SYSCTL_DECL(_net_inet6_ip6); -#ifdef VIMAGE_GLOBALS -static int rtq_reallyold6; -static int rtq_minreallyold6; -static int rtq_toomany6; -#endif +static VNET_DEFINE(int, rtq_reallyold6); +static VNET_DEFINE(int, rtq_minreallyold6); +static VNET_DEFINE(int, rtq_toomany6); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_RTEXPIRE, - rtexpire, CTLFLAG_RW, rtq_reallyold6 , 0, ""); +#define V_rtq_reallyold6 VNET_GET(rtq_reallyold6) +#define V_rtq_minreallyold6 VNET_GET(rtq_minreallyold6) +#define V_rtq_toomany6 VNET_GET(rtq_toomany6) -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_RTMINEXPIRE, - rtminexpire, CTLFLAG_RW, rtq_minreallyold6 , 0, ""); - -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_RTMAXCACHE, - rtmaxcache, CTLFLAG_RW, rtq_toomany6 , 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_RTEXPIRE, rtexpire, CTLFLAG_RW, + &VNET_NAME(rtq_reallyold6) , 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_RTMINEXPIRE, rtminexpire, CTLFLAG_RW, + &VNET_NAME(rtq_minreallyold6) , 0, ""); +SYSCTL_VNET_INT(_net_inet6_ip6, IPV6CTL_RTMAXCACHE, rtmaxcache, CTLFLAG_RW, + &VNET_NAME(rtq_toomany6) , 0, ""); struct rtqk_arg { struct radix_node_head *rnh; @@ -241,7 +240,6 @@ struct rtqk_arg { static int in6_rtqkill(struct radix_node *rn, void *rock) { - INIT_VNET_INET6(curvnet); struct rtqk_arg *ap = rock; struct rtentry *rt = (struct rtentry *)rn; int err; @@ -280,16 +278,16 @@ in6_rtqkill(struct radix_node *rn, void *rock) } #define RTQ_TIMEOUT 60*10 /* run no less than once every ten minutes */ -#ifdef VIMAGE_GLOBALS -static int rtq_timeout6; -static struct callout rtq_timer6; -#endif +static VNET_DEFINE(int, rtq_timeout6); +static VNET_DEFINE(struct callout, rtq_timer6); + +#define V_rtq_timeout6 VNET_GET(rtq_timeout6) +#define V_rtq_timer6 VNET_GET(rtq_timer6) static void in6_rtqtimo(void *rock) { CURVNET_SET_QUIET((struct vnet *) rock); - INIT_VNET_INET6(curvnet); struct radix_node_head *rnh; struct rtqk_arg arg; struct timeval atv; @@ -349,9 +347,9 @@ struct mtuex_arg { struct radix_node_head *rnh; time_t nextstop; }; -#ifdef VIMAGE_GLOBALS -static struct callout rtq_mtutimer; -#endif + +static VNET_DEFINE(struct callout, rtq_mtutimer); +#define V_rtq_mtutimer VNET_GET(rtq_mtutimer) static int in6_mtuexpire(struct radix_node *rn, void *rock) @@ -381,7 +379,6 @@ static void in6_mtutimo(void *rock) { CURVNET_SET_QUIET((struct vnet *) rock); - INIT_VNET_INET6(curvnet); struct radix_node_head *rnh; struct mtuex_arg arg; struct timeval atv; @@ -418,7 +415,6 @@ in6_mtutimo(void *rock) int in6_inithead(void **head, int off) { - INIT_VNET_INET6(curvnet); struct radix_node_head *rnh; if (!rn_inithead(head, offsetof(struct sockaddr_in6, sin6_addr) << 3)) @@ -447,7 +443,6 @@ in6_inithead(void **head, int off) int in6_detachhead(void **head, int off) { - INIT_VNET_INET6(curvnet); callout_drain(&V_rtq_timer6); callout_drain(&V_rtq_mtutimer); diff --git a/sys/netinet6/in6_src.c b/sys/netinet6/in6_src.c index f1ccca15ffec..ffa6c3ee2d4d 100644 --- a/sys/netinet6/in6_src.c +++ b/sys/netinet6/in6_src.c @@ -100,7 +100,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include @@ -108,7 +107,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include static struct mtx addrsel_lock; #define ADDRSEL_LOCK_INIT() mtx_init(&addrsel_lock, "addrsel_lock", NULL, MTX_DEF) @@ -125,10 +123,10 @@ static struct sx addrsel_sxlock; #define ADDR_LABEL_NOTAPP (-1) -#ifdef VIMAGE_GLOBALS -struct in6_addrpolicy defaultaddrpolicy; -int ip6_prefer_tempaddr; -#endif +static VNET_DEFINE(struct in6_addrpolicy, defaultaddrpolicy); +VNET_DEFINE(int, ip6_prefer_tempaddr); + +#define V_defaultaddrpolicy VNET_GET(defaultaddrpolicy) static int selectroute __P((struct sockaddr_in6 *, struct ip6_pktopts *, struct ip6_moptions *, struct route_in6 *, struct ifnet **, @@ -184,7 +182,6 @@ in6_selectsrc(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, struct inpcb *inp, struct route_in6 *ro, struct ucred *cred, struct ifnet **ifpp, struct in6_addr *srcp) { - INIT_VNET_INET6(curvnet); struct in6_addr dst; struct ifnet *ifp = NULL; struct in6_ifaddr *ia = NULL, *ia_best = NULL; @@ -488,7 +485,6 @@ selectroute(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, struct ip6_moptions *mopts, struct route_in6 *ro, struct ifnet **retifp, struct rtentry **retrt, int norouteok) { - INIT_VNET_INET6(curvnet); int error = 0; struct ifnet *ifp = NULL; struct rtentry *rt = NULL; @@ -793,7 +789,6 @@ in6_selectroute(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts, int in6_selecthlim(struct inpcb *in6p, struct ifnet *ifp) { - INIT_VNET_INET6(curvnet); if (in6p && in6p->in6p_hops >= 0) return (in6p->in6p_hops); @@ -826,7 +821,6 @@ in6_selecthlim(struct inpcb *in6p, struct ifnet *ifp) int in6_pcbsetport(struct in6_addr *laddr, struct inpcb *inp, struct ucred *cred) { - INIT_VNET_INET(curvnet); struct socket *so = inp->inp_socket; u_int16_t lport = 0, first, last, *lastport; int count, error, wild = 0, dorandom; @@ -928,7 +922,6 @@ in6_pcbsetport(struct in6_addr *laddr, struct inpcb *inp, struct ucred *cred) void addrsel_policy_init(void) { - INIT_VNET_INET6(curvnet); V_ip6_prefer_tempaddr = 0; @@ -948,7 +941,6 @@ addrsel_policy_init(void) static struct in6_addrpolicy * lookup_addrsel_policy(struct sockaddr_in6 *key) { - INIT_VNET_INET6(curvnet); struct in6_addrpolicy *match = NULL; ADDRSEL_LOCK(); @@ -1035,14 +1027,12 @@ struct addrsel_policyent { TAILQ_HEAD(addrsel_policyhead, addrsel_policyent); -#ifdef VIMAGE_GLOBALS -struct addrsel_policyhead addrsel_policytab; -#endif +static VNET_DEFINE(struct addrsel_policyhead, addrsel_policytab); +#define V_addrsel_policytab VNET_GET(addrsel_policytab) static void init_policy_queue(void) { - INIT_VNET_INET6(curvnet); TAILQ_INIT(&V_addrsel_policytab); } @@ -1050,7 +1040,6 @@ init_policy_queue(void) static int add_addrsel_policyent(struct in6_addrpolicy *newpolicy) { - INIT_VNET_INET6(curvnet); struct addrsel_policyent *new, *pol; new = malloc(sizeof(*new), M_IFADDR, @@ -1086,7 +1075,6 @@ add_addrsel_policyent(struct in6_addrpolicy *newpolicy) static int delete_addrsel_policyent(struct in6_addrpolicy *key) { - INIT_VNET_INET6(curvnet); struct addrsel_policyent *pol; ADDRSEL_XLOCK(); @@ -1118,7 +1106,6 @@ static int walk_addrsel_policy(int (*callback)(struct in6_addrpolicy *, void *), void *w) { - INIT_VNET_INET6(curvnet); struct addrsel_policyent *pol; int error = 0; @@ -1147,7 +1134,6 @@ dump_addrsel_policyent(struct in6_addrpolicy *pol, void *arg) static struct in6_addrpolicy * match_addrsel_policy(struct sockaddr_in6 *key) { - INIT_VNET_INET6(curvnet); struct addrsel_policyent *pent; struct in6_addrpolicy *bestpol = NULL, *pol; int matchlen, bestmatchlen = -1; diff --git a/sys/netinet6/in6_var.h b/sys/netinet6/in6_var.h index 6fe9df08569f..f5f5954dbfdc 100644 --- a/sys/netinet6/in6_var.h +++ b/sys/netinet6/in6_var.h @@ -486,13 +486,13 @@ struct in6_rrenumreq { #endif #ifdef _KERNEL -#ifdef VIMAGE_GLOBALS -extern struct in6_ifaddrhead in6_ifaddrhead; +VNET_DECLARE(struct in6_ifaddrhead, in6_ifaddrhead); +VNET_DECLARE(struct icmp6stat, icmp6stat); +VNET_DECLARE(unsigned long, in6_maxmtu); -extern struct icmp6stat icmp6stat; - -extern unsigned long in6_maxmtu; -#endif /* VIMAGE_GLOBALS */ +#define V_in6_ifaddrhead VNET_GET(in6_ifaddrhead) +#define V_icmp6stat VNET_GET(icmp6stat) +#define V_in6_maxmtu VNET_GET(in6_maxmtu) extern struct rwlock in6_ifaddr_lock; #define IN6_IFADDR_LOCK_ASSERT( ) rw_assert(&in6_ifaddr_lock, RA_LOCKED) diff --git a/sys/netinet6/ip6_forward.c b/sys/netinet6/ip6_forward.c index 10a6c45b54a1..896d67c707af 100644 --- a/sys/netinet6/ip6_forward.c +++ b/sys/netinet6/ip6_forward.c @@ -65,7 +65,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include @@ -92,7 +91,6 @@ __FBSDID("$FreeBSD$"); void ip6_forward(struct mbuf *m, int srcrt) { - INIT_VNET_INET6(curvnet); struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); struct sockaddr_in6 *dst = NULL; struct rtentry *rt = NULL; @@ -103,7 +101,6 @@ ip6_forward(struct mbuf *m, int srcrt) u_int32_t inzone, outzone; struct in6_addr src_in6, dst_in6; #ifdef IPSEC - INIT_VNET_IPSEC(curvnet); struct secpolicy *sp = NULL; int ipsecrt = 0; #endif diff --git a/sys/netinet6/ip6_input.c b/sys/netinet6/ip6_input.c index b9d594c2bc4b..78c0901b80c8 100644 --- a/sys/netinet6/ip6_input.c +++ b/sys/netinet6/ip6_input.c @@ -96,7 +96,6 @@ __FBSDID("$FreeBSD$"); #ifdef INET #include #include -#include #endif /* INET */ #include #include @@ -106,7 +105,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #ifdef IPSEC #include @@ -127,28 +125,30 @@ static struct netisr_handler ip6_nh = { .nh_policy = NETISR_POLICY_FLOW, }; -#ifndef VIMAGE -#ifndef VIMAGE_GLOBALS -struct vnet_inet6 vnet_inet6_0; -#endif -#endif +VNET_DEFINE(struct in6_ifaddrhead, in6_ifaddrhead); +VNET_DEFINE(struct ip6stat, ip6stat); -#ifdef VIMAGE_GLOBALS -struct in6_ifaddrhead in6_ifaddrhead; -struct ip6stat ip6stat; +VNET_DECLARE(struct callout, in6_tmpaddrtimer_ch); +VNET_DECLARE(int, dad_init); +VNET_DECLARE(int, pmtu_expire); +VNET_DECLARE(int, pmtu_probe); +VNET_DECLARE(u_long, rip6_sendspace); +VNET_DECLARE(u_long, rip6_recvspace); +VNET_DECLARE(int, icmp6errppslim); +VNET_DECLARE(int, icmp6_nodeinfo); +VNET_DECLARE(int, udp6_sendspace); +VNET_DECLARE(int, udp6_recvspace); -extern struct callout in6_tmpaddrtimer_ch; - -extern int dad_init; -extern int pmtu_expire; -extern int pmtu_probe; -extern u_long rip6_sendspace; -extern u_long rip6_recvspace; -extern int icmp6errppslim; -extern int icmp6_nodeinfo; -extern int udp6_sendspace; -extern int udp6_recvspace; -#endif +#define V_in6_tmpaddrtimer_ch VNET_GET(in6_tmpaddrtimer_ch) +#define V_dad_init VNET_GET(dad_init) +#define V_pmtu_expire VNET_GET(pmtu_expire) +#define V_pmtu_probe VNET_GET(pmtu_probe) +#define V_rip6_sendspace VNET_GET(rip6_sendspace) +#define V_rip6_recvspace VNET_GET(rip6_recvspace) +#define V_icmp6errppslim VNET_GET(icmp6errppslim) +#define V_icmp6_nodeinfo VNET_GET(icmp6_nodeinfo) +#define V_udp6_sendspace VNET_GET(udp6_sendspace) +#define V_udp6_recvspace VNET_GET(udp6_recvspace) struct rwlock in6_ifaddr_lock; RW_SYSINIT(in6_ifaddr_lock, &in6_ifaddr_lock, "in6_ifaddr_lock"); @@ -162,13 +162,13 @@ static int ip6_hopopts_input(u_int32_t *, u_int32_t *, struct mbuf **, int *); static struct mbuf *ip6_pullexthdr(struct mbuf *, size_t, int); #endif -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE +/* XXX only has to stay for .vmi_dependson elsewhere. */ static void vnet_inet6_register(void); static const vnet_modinfo_t vnet_inet6_modinfo = { .vmi_id = VNET_MOD_INET6, .vmi_name = "inet6", - .vmi_size = sizeof(struct vnet_inet6), .vmi_dependson = VNET_MOD_INET /* XXX revisit - TCP/UDP needs this? */ }; @@ -189,7 +189,6 @@ SYSINIT(inet6, SI_SUB_PROTO_BEGIN, SI_ORDER_FIRST, vnet_inet6_register, 0); void ip6_init(void) { - INIT_VNET_INET6(curvnet); struct ip6protosw *pr; int i; @@ -311,7 +310,6 @@ ip6_init(void) void ip6_destroy() { - INIT_VNET_INET6(curvnet); nd6_destroy(); callout_drain(&V_in6_tmpaddrtimer_ch); @@ -321,7 +319,6 @@ ip6_destroy() static int ip6_init2_vnet(const void *unused __unused) { - INIT_VNET_INET6(curvnet); /* nd6_timer_init */ callout_init(&V_nd6_timer_ch, 0); @@ -351,8 +348,6 @@ SYSINIT(netinet6init2, SI_SUB_PROTO_DOMAIN, SI_ORDER_MIDDLE, ip6_init2, NULL); void ip6_input(struct mbuf *m) { - INIT_VNET_NET(curvnet); - INIT_VNET_INET6(curvnet); struct ip6_hdr *ip6; int off = sizeof(struct ip6_hdr), nest; u_int32_t plen; @@ -967,7 +962,6 @@ static int ip6_hopopts_input(u_int32_t *plenp, u_int32_t *rtalertp, struct mbuf **mp, int *offp) { - INIT_VNET_INET6(curvnet); struct mbuf *m = *mp; int off = *offp, hbhlen; struct ip6_hbh *hbh; @@ -1023,7 +1017,6 @@ int ip6_process_hopopts(struct mbuf *m, u_int8_t *opthead, int hbhlen, u_int32_t *rtalertp, u_int32_t *plenp) { - INIT_VNET_INET6(curvnet); struct ip6_hdr *ip6; int optlen = 0; u_int8_t *opt = opthead; @@ -1156,7 +1149,6 @@ ip6_process_hopopts(struct mbuf *m, u_int8_t *opthead, int hbhlen, int ip6_unknown_opt(u_int8_t *optp, struct mbuf *m, int off) { - INIT_VNET_INET6(curvnet); struct ip6_hdr *ip6; switch (IP6OPT_TYPE(*optp)) { diff --git a/sys/netinet6/ip6_ipsec.c b/sys/netinet6/ip6_ipsec.c index 57a504407dc2..e763187542dc 100644 --- a/sys/netinet6/ip6_ipsec.c +++ b/sys/netinet6/ip6_ipsec.c @@ -30,6 +30,7 @@ #include __FBSDID("$FreeBSD$"); +#include "opt_inet6.h" #include "opt_ipsec.h" #include @@ -46,6 +47,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include #include #include @@ -72,13 +74,25 @@ __FBSDID("$FreeBSD$"); #include #include -#include extern struct protosw inet6sw[]; -#ifdef VIMAGE_GLOBALS -int ip6_ipsec6_filtertunnel; + +#ifdef INET6 +#ifdef IPSEC +#ifdef IPSEC_FILTERTUNNEL +static VNET_DEFINE(int, ip6_ipsec6_filtertunnel) = 1; +#else +static VNET_DEFINE(int, ip6_ipsec6_filtertunnel) = 0; #endif +#define V_ip6_ipsec6_filtertunnel VNET_GET(ip6_ipsec6_filtertunnel) + +SYSCTL_DECL(_net_inet6_ipsec6); +SYSCTL_VNET_INT(_net_inet6_ipsec6, OID_AUTO, + filtertunnel, CTLFLAG_RW, &VNET_NAME(ip6_ipsec6_filtertunnel), 0, + "If set filter packets from an IPsec tunnel."); +#endif /* IPSEC */ +#endif /* INET6 */ /* * Check if we have to jump over firewall processing for this packet. @@ -89,7 +103,6 @@ int ip6_ipsec_filtertunnel(struct mbuf *m) { #if defined(IPSEC) - INIT_VNET_IPSEC(curvnet); /* * Bypass packet filtering for packets from a tunnel. @@ -111,8 +124,6 @@ int ip6_ipsec_fwd(struct mbuf *m) { #ifdef IPSEC - INIT_VNET_INET6(curvnet); - INIT_VNET_IPSEC(curvnet); struct m_tag *mtag; struct tdb_ident *tdbi; struct secpolicy *sp; @@ -158,7 +169,6 @@ int ip6_ipsec_input(struct mbuf *m, int nxt) { #ifdef IPSEC - INIT_VNET_IPSEC(curvnet); struct m_tag *mtag; struct tdb_ident *tdbi; struct secpolicy *sp; diff --git a/sys/netinet6/ip6_mroute.c b/sys/netinet6/ip6_mroute.c index 46bfcf1191ce..ccdbbdc16d81 100644 --- a/sys/netinet6/ip6_mroute.c +++ b/sys/netinet6/ip6_mroute.c @@ -113,7 +113,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include @@ -124,7 +123,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include static MALLOC_DEFINE(M_MRTABLE6, "mf6c", "multicast forwarding cache entry"); @@ -156,9 +154,8 @@ static const struct ip6protosw in6_pim_protosw = { }; static int pim6_encapcheck(const struct mbuf *, int, int, void *); -#ifdef VIMAGE_GLOBALS -static int ip6_mrouter_ver; -#endif +static VNET_DEFINE(int, ip6_mrouter_ver); +#define V_ip6_mrouter_ver VNET_GET(ip6_mrouter_ver) SYSCTL_DECL(_net_inet6); SYSCTL_DECL(_net_inet6_ip6); @@ -216,9 +213,8 @@ static struct mtx mif6_mtx; #define MIF6_LOCK_DESTROY() mtx_destroy(&mif6_mtx) #ifdef MRT6DEBUG -#ifdef VIMAGE_GLOBALS -static u_int mrt6debug; /* debug level */ -#endif +static VNET_DEFINE(u_int, mrt6debug); /* debug level */ +#define V_mrt6debug VNET_GET(mrt6debug) #define DEBUG_MFC 0x02 #define DEBUG_FORWARD 0x04 #define DEBUG_EXPIRE 0x08 @@ -261,9 +257,8 @@ SYSCTL_STRUCT(_net_inet6_pim, PIM6CTL_STATS, stats, CTLFLAG_RD, &pim6stat, pim6stat, "PIM Statistics (struct pim6stat, netinet6/pim_var.h)"); -#ifdef VIMAGE_GLOBALS -static int pim6; -#endif +static VNET_DEFINE(int, pim6); +#define V_pim6 VNET_GET(pim6) /* * Hash function for a source, group entry @@ -347,9 +342,7 @@ int X_mrt6_ioctl(u_long, caddr_t); static void pim6_init(void) { - INIT_VNET_INET6(curvnet); - V_ip6_mrouter_ver = 0; #ifdef MRT6DEBUG V_mrt6debug = 0; /* debug level */ #endif @@ -361,7 +354,6 @@ pim6_init(void) int X_ip6_mrouter_set(struct socket *so, struct sockopt *sopt) { - INIT_VNET_INET6(curvnet); int error = 0; int optval; struct mif6ctl mifc; @@ -430,7 +422,6 @@ X_ip6_mrouter_set(struct socket *so, struct sockopt *sopt) int X_ip6_mrouter_get(struct socket *so, struct sockopt *sopt) { - INIT_VNET_INET6(curvnet); int error = 0; if (so != V_ip6_mrouter) @@ -528,7 +519,6 @@ get_mif6_cnt(struct sioc_mif_req6 *req) static int set_pim6(int *i) { - INIT_VNET_INET6(curvnet); if ((*i != 1) && (*i != 0)) return (EINVAL); @@ -543,7 +533,6 @@ set_pim6(int *i) static int ip6_mrouter_init(struct socket *so, int v, int cmd) { - INIT_VNET_INET6(curvnet); V_ip6_mrouter_ver = 0; @@ -598,7 +587,6 @@ ip6_mrouter_init(struct socket *so, int v, int cmd) int X_ip6_mrouter_done(void) { - INIT_VNET_INET6(curvnet); mifi_t mifi; int i; struct mf6c *rt; @@ -683,7 +671,6 @@ static struct sockaddr_in6 sin6 = { sizeof(sin6), AF_INET6 }; static int add_m6if(struct mif6ctl *mifcp) { - INIT_VNET_NET(curvnet); struct mif6 *mifp; struct ifnet *ifp; int error; @@ -1100,7 +1087,6 @@ socket_send(struct socket *s, struct mbuf *mm, struct sockaddr_in6 *src) int X_ip6_mforward(struct ip6_hdr *ip6, struct ifnet *ifp, struct mbuf *m) { - INIT_VNET_INET6(curvnet); struct mf6c *rt; struct mif6 *mifp; struct mbuf *mm; @@ -1425,7 +1411,6 @@ expire_upcalls(void *unused) static int ip6_mdq(struct mbuf *m, struct ifnet *ifp, struct mf6c *rt) { - INIT_VNET_INET6(curvnet); struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); mifi_t mifi, iif; struct mif6 *mifp; @@ -1604,7 +1589,6 @@ ip6_mdq(struct mbuf *m, struct ifnet *ifp, struct mf6c *rt) static void phyint_send(struct ip6_hdr *ip6, struct mif6 *mifp, struct mbuf *m) { - INIT_VNET_INET6(curvnet); struct mbuf *mb_copy; struct ifnet *ifp = mifp->m6_ifp; int error = 0; @@ -1714,7 +1698,6 @@ phyint_send(struct ip6_hdr *ip6, struct mif6 *mifp, struct mbuf *m) static int register_send(struct ip6_hdr *ip6, struct mif6 *mif, struct mbuf *m) { - INIT_VNET_INET6(curvnet); struct mbuf *mm; int i, len = m->m_pkthdr.len; static struct sockaddr_in6 sin6 = { sizeof(sin6), AF_INET6 }; @@ -1805,7 +1788,6 @@ pim6_encapcheck(const struct mbuf *m, int off, int proto, void *arg) int pim6_input(struct mbuf **mp, int *offp, int proto) { - INIT_VNET_INET6(curvnet); struct pim *pim; /* pointer to a pim struct */ struct ip6_hdr *ip6; int pimlen; @@ -2036,7 +2018,6 @@ pim6_input(struct mbuf **mp, int *offp, int proto) static int ip6_mroute_modevent(module_t mod, int type, void *unused) { - INIT_VNET_INET6(curvnet); switch (type) { case MOD_LOAD: diff --git a/sys/netinet6/ip6_output.c b/sys/netinet6/ip6_output.c index 713dd28a54be..c208ca77b6b8 100644 --- a/sys/netinet6/ip6_output.c +++ b/sys/netinet6/ip6_output.c @@ -96,7 +96,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #ifdef IPSEC #include @@ -107,7 +106,6 @@ __FBSDID("$FreeBSD$"); #include #include -#include extern int in6_mcast_loop; @@ -191,8 +189,6 @@ ip6_output(struct mbuf *m0, struct ip6_pktopts *opt, struct route_in6 *ro, int flags, struct ip6_moptions *im6o, struct ifnet **ifpp, struct inpcb *inp) { - INIT_VNET_NET(curvnet); - INIT_VNET_INET6(curvnet); struct ip6_hdr *ip6, *mhip6; struct ifnet *ifp, *origifp; struct mbuf *m = m0; @@ -2420,8 +2416,6 @@ static int ip6_setpktopt(int optname, u_char *buf, int len, struct ip6_pktopts *opt, struct ucred *cred, int sticky, int cmsg, int uproto) { - INIT_VNET_NET(curvnet); - INIT_VNET_INET6(curvnet); int minmtupolicy, preftemp; int error; diff --git a/sys/netinet6/ip6_var.h b/sys/netinet6/ip6_var.h index 414880b4ac52..b61da422eb55 100644 --- a/sys/netinet6/ip6_var.h +++ b/sys/netinet6/ip6_var.h @@ -291,42 +291,72 @@ struct ip6aux { #define IP6_HDR_ALIGNED_P(ip) ((((intptr_t) (ip)) & 3) == 0) #endif -#ifdef VIMAGE_GLOBALS -extern struct ip6stat ip6stat; /* statistics */ -extern int ip6_defhlim; /* default hop limit */ -extern int ip6_defmcasthlim; /* default multicast hop limit */ -extern int ip6_forwarding; /* act as router? */ -extern int ip6_gif_hlim; /* Hop limit for gif encap packet */ -extern int ip6_use_deprecated; /* allow deprecated addr as source */ -extern int ip6_rr_prune; /* router renumbering prefix +VNET_DECLARE(struct ip6stat, ip6stat); /* statistics */ +VNET_DECLARE(int, ip6_defhlim); /* default hop limit */ +VNET_DECLARE(int, ip6_defmcasthlim); /* default multicast hop limit */ +VNET_DECLARE(int, ip6_forwarding); /* act as router? */ +VNET_DECLARE(int, ip6_gif_hlim); /* Hop limit for gif encap packet */ +VNET_DECLARE(int, ip6_use_deprecated); /* allow deprecated addr as source */ +VNET_DECLARE(int, ip6_rr_prune); /* router renumbering prefix * walk list every 5 sec. */ -extern int ip6_mcast_pmtu; /* enable pMTU discovery for multicast? */ -extern int ip6_v6only; -extern struct socket *ip6_mrouter; /* multicast routing daemon */ -extern int ip6_sendredirects; /* send IP redirects when forwarding? */ -extern int ip6_maxfragpackets; /* Maximum packets in reassembly queue */ -extern int ip6_maxfrags; /* Maximum fragments in reassembly queue */ -extern int ip6_accept_rtadv; /* Acts as a host not a router */ -extern int ip6_keepfaith; /* Firewall Aided Internet Translator */ -extern int ip6_log_interval; -extern time_t ip6_log_time; -extern int ip6_hdrnestlimit; /* upper limit of # of extension headers */ -extern int ip6_dad_count; /* DupAddrDetectionTransmits */ +VNET_DECLARE(int, ip6_mcast_pmtu); /* enable pMTU discovery for multicast? */ +VNET_DECLARE(int, ip6_v6only); +VNET_DECLARE(struct socket *, ip6_mrouter); /* multicast routing daemon */ +VNET_DECLARE(int, ip6_sendredirects); /* send IP redirects when forwarding? */ +VNET_DECLARE(int, ip6_maxfragpackets); /* Maximum packets in reassembly + * queue */ +VNET_DECLARE(int, ip6_maxfrags); /* Maximum fragments in reassembly + * queue */ +VNET_DECLARE(int, ip6_accept_rtadv); /* Acts as a host not a router */ +VNET_DECLARE(int, ip6_keepfaith); /* Firewall Aided Internet Translator */ +VNET_DECLARE(int, ip6_log_interval); +VNET_DECLARE(time_t, ip6_log_time); +VNET_DECLARE(int, ip6_hdrnestlimit); /* upper limit of # of extension + * headers */ +VNET_DECLARE(int, ip6_dad_count); /* DupAddrDetectionTransmits */ -extern int ip6_auto_flowlabel; -extern int ip6_auto_linklocal; +VNET_DECLARE(int, ip6_auto_flowlabel); +VNET_DECLARE(int, ip6_auto_linklocal); -extern int ip6_use_tempaddr; /* whether to use temporary addresses. */ -extern int ip6_prefer_tempaddr; /* whether to prefer temporary addresses - in the source address selection */ +VNET_DECLARE(int, ip6_use_tempaddr); /* Whether to use temporary addresses */ +VNET_DECLARE(int, ip6_prefer_tempaddr); /* Whether to prefer temporary + * addresses in the source address + * selection */ #ifdef IPSTEALTH -extern int ip6stealth; +VNET_DECLARE(int, ip6stealth); #endif -extern int ip6_use_defzone; /* whether to use the default scope zone - when unspecified */ -#endif /* VIMAGE_GLOBALS */ +VNET_DECLARE(int, ip6_use_defzone); /* Whether to use the default scope + * zone when unspecified */ + +#define V_ip6stat VNET_GET(ip6stat) +#define V_ip6_defhlim VNET_GET(ip6_defhlim) +#define V_ip6_defmcasthlim VNET_GET(ip6_defmcasthlim) +#define V_ip6_forwarding VNET_GET(ip6_forwarding) +#define V_ip6_gif_hlim VNET_GET(ip6_gif_hlim) +#define V_ip6_use_deprecated VNET_GET(ip6_use_deprecated) +#define V_ip6_rr_prune VNET_GET(ip6_rr_prune) +#define V_ip6_mcast_pmtu VNET_GET(ip6_mcast_pmtu) +#define V_ip6_v6only VNET_GET(ip6_v6only) +#define V_ip6_mrouter VNET_GET(ip6_mrouter) +#define V_ip6_sendredirects VNET_GET(ip6_sendredirects) +#define V_ip6_maxfragpackets VNET_GET(ip6_maxfragpackets) +#define V_ip6_maxfrags VNET_GET(ip6_maxfrags) +#define V_ip6_accept_rtadv VNET_GET(ip6_accept_rtadv) +#define V_ip6_keepfaith VNET_GET(ip6_keepfaith) +#define V_ip6_log_interval VNET_GET(ip6_log_interval) +#define V_ip6_log_time VNET_GET(ip6_log_time) +#define V_ip6_hdrnestlimit VNET_GET(ip6_hdrnestlimit) +#define V_ip6_dad_count VNET_GET(ip6_dad_count) +#define V_ip6_auto_flowlabel VNET_GET(ip6_auto_flowlabel) +#define V_ip6_auto_linklocal VNET_GET(ip6_auto_linklocal) +#define V_ip6_use_tempaddr VNET_GET(ip6_use_tempaddr) +#define V_ip6_prefer_tempaddr VNET_GET(ip6_prefer_tempaddr) +#ifdef IPSTEALTH +#define V_ip6stealth VNET_GET(ip6stealth) +#endif +#define V_ip6_use_defzone VNET_GET(ip6_use_defzone) extern struct pfil_head inet6_pfil_hook; /* packet filter hooks */ diff --git a/sys/netinet6/mld6.c b/sys/netinet6/mld6.c index 61fff113b40a..98c9021be1fe 100644 --- a/sys/netinet6/mld6.c +++ b/sys/netinet6/mld6.c @@ -94,8 +94,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include -#include #include @@ -207,13 +205,17 @@ MALLOC_DEFINE(M_MLD, "mld", "mld state"); /* * VIMAGE-wide globals. */ -#ifdef VIMAGE_GLOBALS -struct timeval mld_gsrdelay; -LIST_HEAD(, mld_ifinfo) mli_head; -int interface_timers_running6; -int state_change_timers_running6; -int current_state_timers_running6; -#endif /* VIMAGE_GLOBALS */ +static VNET_DEFINE(struct timeval, mld_gsrdelay) = {10, 0}; +static VNET_DEFINE(LIST_HEAD(, mld_ifinfo), mli_head); +static VNET_DEFINE(int, interface_timers_running6); +static VNET_DEFINE(int, state_change_timers_running6); +static VNET_DEFINE(int, current_state_timers_running6); + +#define V_mld_gsrdelay VNET_GET(mld_gsrdelay) +#define V_mli_head VNET_GET(mli_head) +#define V_interface_timers_running6 VNET_GET(interface_timers_running6) +#define V_state_change_timers_running6 VNET_GET(state_change_timers_running6) +#define V_current_state_timers_running6 VNET_GET(current_state_timers_running6) SYSCTL_DECL(_net_inet6); /* Note: Not in any common header. */ @@ -223,9 +225,9 @@ SYSCTL_NODE(_net_inet6, OID_AUTO, mld, CTLFLAG_RW, 0, /* * Virtualized sysctls. */ -SYSCTL_V_PROC(V_NET, vnet_inet6, _net_inet6_mld, OID_AUTO, gsrdelay, - CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, mld_gsrdelay.tv_sec, 0, - sysctl_mld_gsr, "I", +SYSCTL_VNET_PROC(_net_inet6_mld, OID_AUTO, gsrdelay, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, + &VNET_NAME(mld_gsrdelay.tv_sec), 0, sysctl_mld_gsr, "I", "Rate limit for MLDv2 Group-and-Source queries in seconds"); /* @@ -308,7 +310,6 @@ mld_restore_context(struct mbuf *m) static int sysctl_mld_gsr(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET6(curvnet); int error; int i; @@ -349,8 +350,6 @@ out_locked: static int sysctl_mld_ifinfo(SYSCTL_HANDLER_ARGS) { - INIT_VNET_NET(curvnet); - INIT_VNET_INET6(curvnet); int *name; int error; u_int namelen; @@ -479,7 +478,6 @@ mld_domifattach(struct ifnet *ifp) static struct mld_ifinfo * mli_alloc_locked(/*const*/ struct ifnet *ifp) { - INIT_VNET_INET6(ifp->if_vnet); struct mld_ifinfo *mli; MLD_LOCK_ASSERT(); @@ -582,7 +580,6 @@ mld_domifdetach(struct ifnet *ifp) static void mli_delete_locked(const struct ifnet *ifp) { - INIT_VNET_INET6(ifp->if_vnet); struct mld_ifinfo *mli, *tmli; CTR3(KTR_MLD, "%s: freeing mld_ifinfo for ifp %p(%s)", @@ -747,7 +744,6 @@ mld_v1_input_query(struct ifnet *ifp, const struct ip6_hdr *ip6, static void mld_v1_update_group(struct in6_multi *inm, const int timer) { - INIT_VNET_INET6(curvnet); #ifdef KTR char ip6tbuf[INET6_ADDRSTRLEN]; #endif @@ -801,7 +797,6 @@ static int mld_v2_input_query(struct ifnet *ifp, const struct ip6_hdr *ip6, struct mbuf *m, const int off, const int icmp6len) { - INIT_VNET_INET6(curvnet); struct mld_ifinfo *mli; struct mldv2_query *mld; struct in6_multi *inm; @@ -980,7 +975,6 @@ static int mld_v2_process_group_query(struct in6_multi *inm, struct mld_ifinfo *mli, int timer, struct mbuf *m0, const int off) { - INIT_VNET_INET6(curvnet); struct mldv2_query *mld; int retval; uint16_t nsrc; @@ -1252,7 +1246,6 @@ mld_input(struct mbuf *m, int off, int icmp6len) CTR3(KTR_MLD, "%s: called w/mbuf (%p,%d)", __func__, m, off); ifp = m->m_pkthdr.rcvif; - INIT_VNET_INET6(ifp->if_vnet); ip6 = mtod(m, struct ip6_hdr *); @@ -1330,7 +1323,6 @@ mld_fasttimo(void) static void mld_fasttimo_vnet(void) { - INIT_VNET_INET6(curvnet); struct ifqueue scq; /* State-change packets */ struct ifqueue qrq; /* Query response packets */ struct ifnet *ifp; @@ -1458,7 +1450,6 @@ out_locked: static void mld_v1_process_group_timer(struct in6_multi *inm, const int version) { - INIT_VNET_INET6(curvnet); int report_timer_expired; IN6_MULTI_LOCK_ASSERT(); @@ -1505,7 +1496,6 @@ mld_v2_process_group_timers(struct mld_ifinfo *mli, struct ifqueue *qrq, struct ifqueue *scq, struct in6_multi *inm, const int uri_fasthz) { - INIT_VNET_INET6(curvnet); int query_response_timer_expired; int state_change_retransmit_timer_expired; #ifdef KTR @@ -1654,7 +1644,6 @@ mld_set_version(struct mld_ifinfo *mli, const int version) static void mld_v2_cancel_link_timers(struct mld_ifinfo *mli) { - INIT_VNET_INET6(curvnet); struct ifmultiaddr *ifma; struct ifnet *ifp; struct in6_multi *inm; @@ -1747,7 +1736,6 @@ mld_slowtimo(void) static void mld_slowtimo_vnet(void) { - INIT_VNET_INET6(curvnet); struct mld_ifinfo *mli; MLD_LOCK(); @@ -1951,7 +1939,6 @@ static int mld_initial_join(struct in6_multi *inm, struct mld_ifinfo *mli, const int delay) { - INIT_VNET_INET6(curvnet); struct ifnet *ifp; struct ifqueue *ifq; int error, retval, syncstates; @@ -2100,7 +2087,6 @@ mld_initial_join(struct in6_multi *inm, struct mld_ifinfo *mli, static int mld_handle_state_change(struct in6_multi *inm, struct mld_ifinfo *mli) { - INIT_VNET_INET6(curvnet); struct ifnet *ifp; int retval; #ifdef KTR @@ -2164,7 +2150,6 @@ mld_handle_state_change(struct in6_multi *inm, struct mld_ifinfo *mli) static void mld_final_leave(struct in6_multi *inm, struct mld_ifinfo *mli) { - INIT_VNET_INET6(curvnet); int syncstates; #ifdef KTR char ip6tbuf[INET6_ADDRSTRLEN]; @@ -2947,7 +2932,6 @@ mld_v2_merge_state_changes(struct in6_multi *inm, struct ifqueue *ifscq) static void mld_v2_dispatch_general_query(struct mld_ifinfo *mli) { - INIT_VNET_INET6(curvnet); struct ifmultiaddr *ifma, *tifma; struct ifnet *ifp; struct in6_multi *inm; @@ -3036,8 +3020,6 @@ mld_dispatch_packet(struct mbuf *m) * indexes to guard against interface detach, they are * unique to each VIMAGE and must be retrieved. */ - INIT_VNET_NET(curvnet); - INIT_VNET_INET6(curvnet); ifindex = mld_restore_context(m); /* @@ -3247,31 +3229,17 @@ mld_sysuninit(void) static int vnet_mld_iattach(const void *unused __unused) { - INIT_VNET_INET6(curvnet); CTR1(KTR_MLD, "%s: initializing", __func__); LIST_INIT(&V_mli_head); - V_current_state_timers_running6 = 0; - V_interface_timers_running6 = 0; - V_state_change_timers_running6 = 0; - - /* - * Initialize sysctls to default values. - */ - V_mld_gsrdelay.tv_sec = 10; - V_mld_gsrdelay.tv_usec = 0; - return (0); } static int vnet_mld_idetach(const void *unused __unused) { -#ifdef INVARIANTS - INIT_VNET_INET6(curvnet); -#endif CTR1(KTR_MLD, "%s: tearing down", __func__); @@ -3281,7 +3249,7 @@ vnet_mld_idetach(const void *unused __unused) return (0); } -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE static vnet_modinfo_t vnet_mld_modinfo = { .vmi_id = VNET_MOD_MLD, .vmi_name = "mld", @@ -3298,14 +3266,14 @@ mld_modevent(module_t mod, int type, void *unused __unused) switch (type) { case MOD_LOAD: mld_sysinit(); -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_register(&vnet_mld_modinfo); #else vnet_mld_iattach(NULL); #endif break; case MOD_UNLOAD: -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_deregister(&vnet_mld_modinfo); #else vnet_mld_idetach(NULL); diff --git a/sys/netinet6/nd6.c b/sys/netinet6/nd6.c index 0e93aec573da..9c97988a37a8 100644 --- a/sys/netinet6/nd6.c +++ b/sys/netinet6/nd6.c @@ -72,7 +72,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include @@ -83,32 +82,32 @@ __FBSDID("$FreeBSD$"); #define SIN6(s) ((struct sockaddr_in6 *)s) -#ifdef VIMAGE_GLOBALS -int nd6_prune; -int nd6_delay; -int nd6_umaxtries; -int nd6_mmaxtries; -int nd6_useloopback; -int nd6_gctimer; +VNET_DEFINE(int, nd6_prune); +VNET_DEFINE(int, nd6_delay); +VNET_DEFINE(int, nd6_umaxtries); +VNET_DEFINE(int, nd6_mmaxtries); +VNET_DEFINE(int, nd6_useloopback); +VNET_DEFINE(int, nd6_gctimer); /* preventing too many loops in ND option parsing */ -int nd6_maxndopt; +static VNET_DEFINE(int, nd6_maxndopt); +VNET_DEFINE(int, nd6_maxnudhint); +static VNET_DEFINE(int, nd6_maxqueuelen); +#define V_nd6_maxndopt VNET_GET(nd6_maxndopt) +#define V_nd6_maxqueuelen VNET_GET(nd6_maxqueuelen) -int nd6_maxnudhint; -int nd6_maxqueuelen; - -int nd6_debug; +VNET_DEFINE(int, nd6_debug); /* for debugging? */ #if 0 static int nd6_inuse, nd6_allocated; #endif -struct nd_drhead nd_defrouter; -struct nd_prhead nd_prefix; +VNET_DEFINE(struct nd_drhead, nd_defrouter); +VNET_DEFINE(struct nd_prhead, nd_prefix); -int nd6_recalc_reachtm_interval; -#endif /* VIMAGE_GLOBALS */ +VNET_DEFINE(int, nd6_recalc_reachtm_interval); +#define V_nd6_recalc_reachtm_interval VNET_GET(nd6_recalc_reachtm_interval) static struct sockaddr_in6 all1_sa; @@ -121,18 +120,19 @@ static struct llentry *nd6_free(struct llentry *, int); static void nd6_llinfo_timer(void *); static void clear_llinfo_pqueue(struct llentry *); -#ifdef VIMAGE_GLOBALS -struct callout nd6_slowtimo_ch; -struct callout nd6_timer_ch; -extern struct callout in6_tmpaddrtimer_ch; -extern int dad_ignore_ns; -extern int dad_maxtry; -#endif +static VNET_DEFINE(struct callout, nd6_slowtimo_ch); +#define V_nd6_slowtimo_ch VNET_GET(nd6_slowtimo_ch) + +VNET_DEFINE(struct callout, nd6_timer_ch); + +VNET_DECLARE(int, dad_ignore_ns); +VNET_DECLARE(int, dad_maxtry); +#define V_dad_ignore_ns VNET_GET(dad_ignore_ns) +#define V_dad_maxtry VNET_GET(dad_maxtry) void nd6_init(void) { - INIT_VNET_INET6(curvnet); int i; V_nd6_prune = 1; /* walk list every 1 seconds */ @@ -193,7 +193,6 @@ nd6_init(void) void nd6_destroy() { - INIT_VNET_INET6(curvnet); callout_drain(&V_nd6_slowtimo_ch); callout_drain(&V_nd6_timer_ch); @@ -249,7 +248,6 @@ nd6_setmtu(struct ifnet *ifp) void nd6_setmtu0(struct ifnet *ifp, struct nd_ifinfo *ndi) { - INIT_VNET_INET6(ifp->if_vnet); u_int32_t omaxmtu; omaxmtu = ndi->maxmtu; @@ -358,7 +356,6 @@ nd6_option(union nd_opts *ndopts) int nd6_options(union nd_opts *ndopts) { - INIT_VNET_INET6(curvnet); struct nd_opt_hdr *nd_opt; int i = 0; @@ -492,7 +489,6 @@ nd6_llinfo_timer(void *arg) panic("ln ifp == NULL"); CURVNET_SET(ifp->if_vnet); - INIT_VNET_INET6(curvnet); if (ln->ln_ntick > 0) { if (ln->ln_ntick > INT_MAX) { @@ -595,7 +591,6 @@ void nd6_timer(void *arg) { CURVNET_SET((struct vnet *) arg); - INIT_VNET_INET6(curvnet); int s; struct nd_defrouter *dr; struct nd_prefix *pr; @@ -794,7 +789,6 @@ regen_tmpaddr(struct in6_ifaddr *ia6) void nd6_purge(struct ifnet *ifp) { - INIT_VNET_INET6(ifp->if_vnet); struct nd_defrouter *dr, *ndr; struct nd_prefix *pr, *npr; @@ -908,7 +902,6 @@ nd6_lookup(struct in6_addr *addr6, int flags, struct ifnet *ifp) static int nd6_is_new_addr_neighbor(struct sockaddr_in6 *addr, struct ifnet *ifp) { - INIT_VNET_INET6(ifp->if_vnet); struct nd_prefix *pr; struct ifaddr *dstaddr; @@ -1017,7 +1010,6 @@ nd6_is_addr_neighbor(struct sockaddr_in6 *addr, struct ifnet *ifp) static struct llentry * nd6_free(struct llentry *ln, int gc) { - INIT_VNET_INET6(curvnet); struct llentry *next; struct nd_defrouter *dr; struct ifnet *ifp=NULL; @@ -1124,7 +1116,6 @@ nd6_free(struct llentry *ln, int gc) void nd6_nud_hint(struct rtentry *rt, struct in6_addr *dst6, int force) { - INIT_VNET_INET6(curvnet); struct llentry *ln; struct ifnet *ifp; @@ -1165,7 +1156,6 @@ done: int nd6_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp) { - INIT_VNET_INET6(ifp->if_vnet); struct in6_drlist *drl = (struct in6_drlist *)data; struct in6_oprlist *oprl = (struct in6_oprlist *)data; struct in6_ndireq *ndi = (struct in6_ndireq *)data; @@ -1406,7 +1396,6 @@ struct llentry * nd6_cache_lladdr(struct ifnet *ifp, struct in6_addr *from, char *lladdr, int lladdrlen, int type, int code) { - INIT_VNET_INET6(curvnet); struct llentry *ln = NULL; int is_newentry; int do_update; @@ -1669,8 +1658,6 @@ static void nd6_slowtimo(void *arg) { CURVNET_SET((struct vnet *) arg); - INIT_VNET_NET((struct vnet *) arg); - INIT_VNET_INET6((struct vnet *) arg); struct nd_ifinfo *nd6if; struct ifnet *ifp; @@ -1720,7 +1707,6 @@ nd6_output_lle(struct ifnet *ifp, struct ifnet *origifp, struct mbuf *m0, struct sockaddr_in6 *dst, struct rtentry *rt0, struct llentry *lle, struct mbuf **chain) { - INIT_VNET_INET6(curvnet); struct mbuf *m = m0; struct llentry *ln = lle; int error = 0; @@ -2105,13 +2091,12 @@ SYSCTL_NODE(_net_inet6_icmp6, ICMPV6CTL_ND6_DRLIST, nd6_drlist, CTLFLAG_RD, nd6_sysctl_drlist, ""); SYSCTL_NODE(_net_inet6_icmp6, ICMPV6CTL_ND6_PRLIST, nd6_prlist, CTLFLAG_RD, nd6_sysctl_prlist, ""); -SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_MAXQLEN, - nd6_maxqueuelen, CTLFLAG_RW, nd6_maxqueuelen, 1, ""); +SYSCTL_VNET_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_MAXQLEN, nd6_maxqueuelen, + CTLFLAG_RW, &VNET_NAME(nd6_maxqueuelen), 1, ""); static int nd6_sysctl_drlist(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET6(curvnet); int error; char buf[1024] __aligned(4); struct in6_defrouter *d, *de; @@ -2152,7 +2137,6 @@ nd6_sysctl_drlist(SYSCTL_HANDLER_ARGS) static int nd6_sysctl_prlist(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET6(curvnet); int error; char buf[1024] __aligned(4); struct in6_prefix *p, *pe; diff --git a/sys/netinet6/nd6.h b/sys/netinet6/nd6.h index 0730d8406d4f..f54e02e40bbe 100644 --- a/sys/netinet6/nd6.h +++ b/sys/netinet6/nd6.h @@ -318,28 +318,44 @@ struct nd_pfxrouter { LIST_HEAD(nd_prhead, nd_prefix); /* nd6.c */ -#ifdef VIMAGE_GLOBALS -extern int nd6_prune; -extern int nd6_delay; -extern int nd6_umaxtries; -extern int nd6_mmaxtries; -extern int nd6_useloopback; -extern int nd6_maxnudhint; -extern int nd6_gctimer; -extern struct nd_drhead nd_defrouter; -extern struct nd_prhead nd_prefix; -extern int nd6_debug; -extern int nd6_onlink_ns_rfc4861; +VNET_DECLARE(int, nd6_prune); +VNET_DECLARE(int, nd6_delay); +VNET_DECLARE(int, nd6_umaxtries); +VNET_DECLARE(int, nd6_mmaxtries); +VNET_DECLARE(int, nd6_useloopback); +VNET_DECLARE(int, nd6_maxnudhint); +VNET_DECLARE(int, nd6_gctimer); +VNET_DECLARE(struct nd_drhead, nd_defrouter); +VNET_DECLARE(struct nd_prhead, nd_prefix); +VNET_DECLARE(int, nd6_debug); +VNET_DECLARE(int, nd6_onlink_ns_rfc4861); +VNET_DECLARE(struct callout, nd6_timer_ch); -extern struct callout nd6_timer_ch; +#define V_nd6_prune VNET_GET(nd6_prune) +#define V_nd6_delay VNET_GET(nd6_delay) +#define V_nd6_umaxtries VNET_GET(nd6_umaxtries) +#define V_nd6_mmaxtries VNET_GET(nd6_mmaxtries) +#define V_nd6_useloopback VNET_GET(nd6_useloopback) +#define V_nd6_maxnudhint VNET_GET(nd6_maxnudhint) +#define V_nd6_gctimer VNET_GET(nd6_gctimer) +#define V_nd_defrouter VNET_GET(nd_defrouter) +#define V_nd_prefix VNET_GET(nd_prefix) +#define V_nd6_debug VNET_GET(nd6_debug) +#define V_nd6_onlink_ns_rfc4861 VNET_GET(nd6_onlink_ns_rfc4861) +#define V_nd6_timer_ch VNET_GET(nd6_timer_ch) /* nd6_rtr.c */ -extern int nd6_defifindex; -extern int ip6_desync_factor; /* seconds */ -extern u_int32_t ip6_temp_preferred_lifetime; /* seconds */ -extern u_int32_t ip6_temp_valid_lifetime; /* seconds */ -extern int ip6_temp_regen_advance; /* seconds */ -#endif /* VIMAGE_GLOBALS */ +VNET_DECLARE(int, nd6_defifindex); +VNET_DECLARE(int, ip6_desync_factor); /* seconds */ +VNET_DECLARE(u_int32_t, ip6_temp_preferred_lifetime); /* seconds */ +VNET_DECLARE(u_int32_t, ip6_temp_valid_lifetime); /* seconds */ +VNET_DECLARE(int, ip6_temp_regen_advance); /* seconds */ + +#define V_nd6_defifindex VNET_GET(nd6_defifindex) +#define V_ip6_desync_factor VNET_GET(ip6_desync_factor) +#define V_ip6_temp_preferred_lifetime VNET_GET(ip6_temp_preferred_lifetime) +#define V_ip6_temp_valid_lifetime VNET_GET(ip6_temp_valid_lifetime) +#define V_ip6_temp_regen_advance VNET_GET(ip6_temp_regen_advance) #define nd6log(x) do { if (V_nd6_debug) log x; } while (/*CONSTCOND*/ 0) diff --git a/sys/netinet6/nd6_nbr.c b/sys/netinet6/nd6_nbr.c index 8c5bf89a67c2..751466eae73e 100644 --- a/sys/netinet6/nd6_nbr.c +++ b/sys/netinet6/nd6_nbr.c @@ -74,7 +74,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #ifdef DEV_CARP #include @@ -91,10 +90,11 @@ static void nd6_dad_ns_output(struct dadq *, struct ifaddr *); static void nd6_dad_ns_input(struct ifaddr *); static void nd6_dad_na_input(struct ifaddr *); -#ifdef VIMAGE_GLOBALS -int dad_ignore_ns; -int dad_maxtry; -#endif +VNET_DEFINE(int, dad_ignore_ns); +VNET_DEFINE(int, dad_maxtry); + +#define V_dad_ignore_ns VNET_GET(dad_ignore_ns) +#define V_dad_maxtry VNET_GET(dad_maxtry) /* * Input a Neighbor Solicitation Message. @@ -105,7 +105,6 @@ int dad_maxtry; void nd6_ns_input(struct mbuf *m, int off, int icmp6len) { - INIT_VNET_INET6(curvnet); struct ifnet *ifp = m->m_pkthdr.rcvif; struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); struct nd_neighbor_solicit *nd_ns; @@ -389,7 +388,6 @@ void nd6_ns_output(struct ifnet *ifp, const struct in6_addr *daddr6, const struct in6_addr *taddr6, struct llentry *ln, int dad) { - INIT_VNET_INET6(ifp->if_vnet); struct mbuf *m; struct ip6_hdr *ip6; struct nd_neighbor_solicit *nd_ns; @@ -600,7 +598,6 @@ nd6_ns_output(struct ifnet *ifp, const struct in6_addr *daddr6, void nd6_na_input(struct mbuf *m, int off, int icmp6len) { - INIT_VNET_INET6(curvnet); struct ifnet *ifp = m->m_pkthdr.rcvif; struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); struct nd_neighbor_advert *nd_na; @@ -929,7 +926,6 @@ nd6_na_output(struct ifnet *ifp, const struct in6_addr *daddr6_0, const struct in6_addr *taddr6, u_long flags, int tlladdr, struct sockaddr *sdl0) { - INIT_VNET_INET6(ifp->if_vnet); struct mbuf *m; struct ip6_hdr *ip6; struct nd_neighbor_advert *nd_na; @@ -1128,15 +1124,15 @@ struct dadq { struct vnet *dad_vnet; }; -#ifdef VIMAGE_GLOBALS -static TAILQ_HEAD(, dadq) dadq; -int dad_init; -#endif +static VNET_DEFINE(TAILQ_HEAD(, dadq), dadq); +#define V_dadq VNET_GET(dadq) + +VNET_DEFINE(int, dad_init); +#define V_dad_init VNET_GET(dad_init) static struct dadq * nd6_dad_find(struct ifaddr *ifa) { - INIT_VNET_INET6(curvnet); struct dadq *dp; for (dp = V_dadq.tqh_first; dp; dp = dp->dad_list.tqe_next) { @@ -1167,7 +1163,6 @@ nd6_dad_stoptimer(struct dadq *dp) void nd6_dad_start(struct ifaddr *ifa, int delay) { - INIT_VNET_INET6(curvnet); struct in6_ifaddr *ia = (struct in6_ifaddr *)ifa; struct dadq *dp; char ip6buf[INET6_ADDRSTRLEN]; @@ -1253,7 +1248,6 @@ nd6_dad_start(struct ifaddr *ifa, int delay) void nd6_dad_stop(struct ifaddr *ifa) { - INIT_VNET_INET6(curvnet); struct dadq *dp; if (!V_dad_init) @@ -1276,7 +1270,6 @@ static void nd6_dad_timer(struct dadq *dp) { CURVNET_SET(dp->dad_vnet); - INIT_VNET_INET6(curvnet); int s; struct ifaddr *ifa = dp->dad_ifa; struct in6_ifaddr *ia = (struct in6_ifaddr *)ifa; @@ -1377,7 +1370,6 @@ done: void nd6_dad_duplicated(struct ifaddr *ifa) { - INIT_VNET_INET6(curvnet); struct in6_ifaddr *ia = (struct in6_ifaddr *)ifa; struct ifnet *ifp; struct dadq *dp; @@ -1467,7 +1459,6 @@ nd6_dad_ns_output(struct dadq *dp, struct ifaddr *ifa) static void nd6_dad_ns_input(struct ifaddr *ifa) { - INIT_VNET_INET6(curvnet); struct in6_ifaddr *ia; struct ifnet *ifp; const struct in6_addr *taddr6; diff --git a/sys/netinet6/nd6_rtr.c b/sys/netinet6/nd6_rtr.c index c746fcd80740..86e8818a6728 100644 --- a/sys/netinet6/nd6_rtr.c +++ b/sys/netinet6/nd6_rtr.c @@ -66,7 +66,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include static int rtpref(struct nd_defrouter *); static struct nd_defrouter *defrtrlist_update(struct nd_defrouter *); @@ -88,18 +87,18 @@ static void in6_init_address_ltimes __P((struct nd_prefix *, static int rt6_deleteroute(struct radix_node *, void *); -#ifdef VIMAGE_GLOBALS -extern int nd6_recalc_reachtm_interval; +VNET_DECLARE(int, nd6_recalc_reachtm_interval); +#define V_nd6_recalc_reachtm_interval VNET_GET(nd6_recalc_reachtm_interval) -static struct ifnet *nd6_defifp; -int nd6_defifindex; +static VNET_DEFINE(struct ifnet *, nd6_defifp); +#define V_nd6_defifp VNET_GET(nd6_defifp) -int ip6_use_tempaddr; -int ip6_desync_factor; -u_int32_t ip6_temp_preferred_lifetime; -u_int32_t ip6_temp_valid_lifetime; -int ip6_temp_regen_advance; -#endif +VNET_DEFINE(int, nd6_defifindex); +VNET_DEFINE(int, ip6_use_tempaddr); +VNET_DEFINE(int, ip6_desync_factor); +VNET_DEFINE(u_int32_t, ip6_temp_preferred_lifetime); +VNET_DEFINE(u_int32_t, ip6_temp_valid_lifetime); +VNET_DEFINE(int, ip6_temp_regen_advance); /* RTPREF_MEDIUM has to be 0! */ #define RTPREF_HIGH 1 @@ -118,7 +117,6 @@ int ip6_temp_regen_advance; void nd6_rs_input(struct mbuf *m, int off, int icmp6len) { - INIT_VNET_INET6(curvnet); struct ifnet *ifp = m->m_pkthdr.rcvif; struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); struct nd_router_solicit *nd_rs; @@ -203,7 +201,6 @@ nd6_rs_input(struct mbuf *m, int off, int icmp6len) void nd6_ra_input(struct mbuf *m, int off, int icmp6len) { - INIT_VNET_INET6(curvnet); struct ifnet *ifp = m->m_pkthdr.rcvif; struct nd_ifinfo *ndi = ND_IFINFO(ifp); struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); @@ -491,7 +488,6 @@ defrouter_addreq(struct nd_defrouter *new) struct nd_defrouter * defrouter_lookup(struct in6_addr *addr, struct ifnet *ifp) { - INIT_VNET_INET6(ifp->if_vnet); struct nd_defrouter *dr; for (dr = TAILQ_FIRST(&V_nd_defrouter); dr; @@ -540,7 +536,6 @@ defrouter_delreq(struct nd_defrouter *dr) void defrouter_reset(void) { - INIT_VNET_INET6(curvnet); struct nd_defrouter *dr; for (dr = TAILQ_FIRST(&V_nd_defrouter); dr; @@ -556,7 +551,6 @@ defrouter_reset(void) void defrtrlist_del(struct nd_defrouter *dr) { - INIT_VNET_INET6(curvnet); struct nd_defrouter *deldr = NULL; struct nd_prefix *pr; @@ -618,7 +612,6 @@ defrtrlist_del(struct nd_defrouter *dr) void defrouter_select(void) { - INIT_VNET_INET6(curvnet); int s = splnet(); struct nd_defrouter *dr, *selected_dr = NULL, *installed_dr = NULL; struct llentry *ln = NULL; @@ -743,7 +736,6 @@ rtpref(struct nd_defrouter *dr) static struct nd_defrouter * defrtrlist_update(struct nd_defrouter *new) { - INIT_VNET_INET6(curvnet); struct nd_defrouter *dr, *n; int s = splnet(); @@ -865,7 +857,6 @@ pfxrtr_del(struct nd_pfxrouter *pfr) struct nd_prefix * nd6_prefix_lookup(struct nd_prefixctl *key) { - INIT_VNET_INET6(curvnet); struct nd_prefix *search; for (search = V_nd_prefix.lh_first; @@ -885,7 +876,6 @@ int nd6_prelist_add(struct nd_prefixctl *pr, struct nd_defrouter *dr, struct nd_prefix **newp) { - INIT_VNET_INET6(curvnet); struct nd_prefix *new = NULL; int error = 0; int i, s; @@ -944,7 +934,6 @@ nd6_prelist_add(struct nd_prefixctl *pr, struct nd_defrouter *dr, void prelist_remove(struct nd_prefix *pr) { - INIT_VNET_INET6(curvnet); struct nd_pfxrouter *pfr, *next; int e, s; char ip6buf[INET6_ADDRSTRLEN]; @@ -997,7 +986,6 @@ static int prelist_update(struct nd_prefixctl *new, struct nd_defrouter *dr, struct mbuf *m, int mcast) { - INIT_VNET_INET6(curvnet); struct in6_ifaddr *ia6 = NULL, *ia6_match = NULL; struct ifaddr *ifa; struct ifnet *ifp = new->ndpr_ifp; @@ -1374,7 +1362,6 @@ find_pfxlist_reachable_router(struct nd_prefix *pr) void pfxlist_onlink_check() { - INIT_VNET_INET6(curvnet); struct nd_prefix *pr; struct in6_ifaddr *ifa; struct nd_defrouter *dr; @@ -1556,7 +1543,6 @@ pfxlist_onlink_check() int nd6_prefix_onlink(struct nd_prefix *pr) { - INIT_VNET_INET6(curvnet); struct ifaddr *ifa; struct ifnet *ifp = pr->ndpr_ifp; struct sockaddr_in6 mask6; @@ -1682,7 +1668,6 @@ nd6_prefix_onlink(struct nd_prefix *pr) int nd6_prefix_offlink(struct nd_prefix *pr) { - INIT_VNET_INET6(curvnet); int error = 0; struct ifnet *ifp = pr->ndpr_ifp; struct nd_prefix *opr; @@ -1774,7 +1759,6 @@ nd6_prefix_offlink(struct nd_prefix *pr) static struct in6_ifaddr * in6_ifadd(struct nd_prefixctl *pr, int mcast) { - INIT_VNET_INET6(curvnet); struct ifnet *ifp = pr->ndpr_ifp; struct ifaddr *ifa; struct in6_aliasreq ifra; @@ -1912,7 +1896,6 @@ in6_ifadd(struct nd_prefixctl *pr, int mcast) int in6_tmpifadd(const struct in6_ifaddr *ia0, int forcegen, int delay) { - INIT_VNET_INET6(curvnet); struct ifnet *ifp = ia0->ia_ifa.ifa_ifp; struct in6_ifaddr *newia, *ia; struct in6_aliasreq ifra; @@ -2141,8 +2124,6 @@ rt6_deleteroute(struct radix_node *rn, void *arg) int nd6_setdefaultiface(int ifindex) { - INIT_VNET_NET(curvnet); - INIT_VNET_INET6(curvnet); int error = 0; if (ifindex < 0 || V_if_index < ifindex) diff --git a/sys/netinet6/raw_ip6.c b/sys/netinet6/raw_ip6.c index 73bb9669fea9..32c3bcaa5aab 100644 --- a/sys/netinet6/raw_ip6.c +++ b/sys/netinet6/raw_ip6.c @@ -90,7 +90,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include @@ -101,7 +100,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #ifdef IPSEC #include @@ -117,11 +115,12 @@ __FBSDID("$FreeBSD$"); * Raw interface to IP6 protocol. */ -#ifdef VIMAGE_GLOBALS -extern struct inpcbhead ripcb; -extern struct inpcbinfo ripcbinfo; -struct rip6stat rip6stat; -#endif +VNET_DECLARE(struct inpcbhead, ripcb); +VNET_DECLARE(struct inpcbinfo, ripcbinfo); +#define V_ripcb VNET_GET(ripcb) +#define V_ripcbinfo VNET_GET(ripcbinfo) + +VNET_DEFINE(struct rip6stat, rip6stat); extern u_long rip_sendspace; extern u_long rip_recvspace; @@ -134,9 +133,7 @@ extern u_long rip_recvspace; /* * The socket used to communicate with the multicast routing daemon. */ -#ifdef VIMAGE_GLOBALS -struct socket *ip6_mrouter; -#endif +VNET_DEFINE(struct socket *, ip6_mrouter); /* * The various mrouter functions. @@ -154,11 +151,6 @@ int (*mrt6_ioctl)(u_long, caddr_t); int rip6_input(struct mbuf **mp, int *offp, int proto) { - INIT_VNET_INET(curvnet); - INIT_VNET_INET6(curvnet); -#ifdef IPSEC - INIT_VNET_IPSEC(curvnet); -#endif struct ifnet *ifp; struct mbuf *m = *mp; register struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); @@ -320,7 +312,6 @@ rip6_input(struct mbuf **mp, int *offp, int proto) void rip6_ctlinput(int cmd, struct sockaddr *sa, void *d) { - INIT_VNET_INET(curvnet); struct ip6_hdr *ip6; struct mbuf *m; int off = 0; @@ -376,7 +367,6 @@ rip6_output(m, va_alist) va_dcl #endif { - INIT_VNET_INET6(curvnet); struct mbuf *control; struct socket *so; struct sockaddr_in6 *dstsock; @@ -609,7 +599,6 @@ rip6_ctloutput(struct socket *so, struct sockopt *sopt) static int rip6_attach(struct socket *so, int proto, struct thread *td) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; struct icmp6_filter *filter; int error; @@ -648,8 +637,6 @@ rip6_attach(struct socket *so, int proto, struct thread *td) static void rip6_detach(struct socket *so) { - INIT_VNET_INET(so->so_vnet); - INIT_VNET_INET6(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -707,9 +694,6 @@ rip6_disconnect(struct socket *so) static int rip6_bind(struct socket *so, struct sockaddr *nam, struct thread *td) { - INIT_VNET_NET(so->so_vnet); - INIT_VNET_INET(so->so_vnet); - INIT_VNET_INET6(so->so_vnet); struct inpcb *inp; struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam; struct ifaddr *ifa = NULL; @@ -750,9 +734,6 @@ rip6_bind(struct socket *so, struct sockaddr *nam, struct thread *td) static int rip6_connect(struct socket *so, struct sockaddr *nam, struct thread *td) { - INIT_VNET_NET(so->so_vnet); - INIT_VNET_INET(so->so_vnet); - INIT_VNET_INET6(so->so_vnet); struct inpcb *inp; struct sockaddr_in6 *addr = (struct sockaddr_in6 *)nam; struct in6_addr in6a; diff --git a/sys/netinet6/raw_ip6.h b/sys/netinet6/raw_ip6.h index a57253e6623d..b8d58a180593 100644 --- a/sys/netinet6/raw_ip6.h +++ b/sys/netinet6/raw_ip6.h @@ -48,9 +48,8 @@ struct rip6stat { }; #ifdef _KERNEL -#ifdef VIMAGE_GLOBALS -extern struct rip6stat rip6stat; -#endif +VNET_DECLARE(struct rip6stat, rip6stat); +#define V_rip6stat VNET_GET(rip6stat) #endif #endif diff --git a/sys/netinet6/route6.c b/sys/netinet6/route6.c index 64f057e2516c..9628960cfb76 100644 --- a/sys/netinet6/route6.c +++ b/sys/netinet6/route6.c @@ -51,7 +51,6 @@ __FBSDID("$FreeBSD$"); #include #include -#include /* * proto - is unused @@ -60,7 +59,6 @@ __FBSDID("$FreeBSD$"); int route6_input(struct mbuf **mp, int *offp, int proto) { - INIT_VNET_INET6(curvnet); struct ip6_hdr *ip6; struct mbuf *m = *mp; struct ip6_rthdr *rh; diff --git a/sys/netinet6/scope6.c b/sys/netinet6/scope6.c index c9028b9d95b7..a4093b183d17 100644 --- a/sys/netinet6/scope6.c +++ b/sys/netinet6/scope6.c @@ -48,8 +48,8 @@ __FBSDID("$FreeBSD$"); #include #include +#include #include -#include /* @@ -62,10 +62,10 @@ static struct mtx scope6_lock; #define SCOPE6_UNLOCK() mtx_unlock(&scope6_lock) #define SCOPE6_LOCK_ASSERT() mtx_assert(&scope6_lock, MA_OWNED) -#ifdef VIMAGE_GLOBALS -static struct scope6_id sid_default; -int ip6_use_defzone; -#endif +static VNET_DEFINE(struct scope6_id, sid_default); +VNET_DEFINE(int, ip6_use_defzone); + +#define V_sid_default VNET_GET(sid_default) #define SID(ifp) \ (((struct in6_ifextra *)(ifp)->if_afdata[AF_INET6])->scope6_id) @@ -73,7 +73,6 @@ int ip6_use_defzone; void scope6_init(void) { - INIT_VNET_INET6(curvnet); #ifdef ENABLE_DEFAULT_SCOPE V_ip6_use_defzone = 1; @@ -121,7 +120,6 @@ scope6_ifdetach(struct scope6_id *sid) int scope6_set(struct ifnet *ifp, struct scope6_id *idlist) { - INIT_VNET_NET(ifp->if_vnet); int i; int error = 0; struct scope6_id *sid = NULL; @@ -276,7 +274,6 @@ in6_addrscope(struct in6_addr *addr) void scope6_setdefault(struct ifnet *ifp) { - INIT_VNET_INET6(ifp->if_vnet); /* * Currently, this function just sets the default "interfaces" @@ -300,7 +297,6 @@ scope6_setdefault(struct ifnet *ifp) int scope6_get_default(struct scope6_id *idlist) { - INIT_VNET_INET6(curvnet); SCOPE6_LOCK(); *idlist = V_sid_default; @@ -312,7 +308,6 @@ scope6_get_default(struct scope6_id *idlist) u_int32_t scope6_addr2default(struct in6_addr *addr) { - INIT_VNET_INET6(curvnet); u_int32_t id; /* @@ -343,7 +338,6 @@ scope6_addr2default(struct in6_addr *addr) int sa6_embedscope(struct sockaddr_in6 *sin6, int defaultok) { - INIT_VNET_NET(curvnet); struct ifnet *ifp; u_int32_t zoneid; @@ -380,7 +374,6 @@ sa6_embedscope(struct sockaddr_in6 *sin6, int defaultok) int sa6_recoverscope(struct sockaddr_in6 *sin6) { - INIT_VNET_NET(curvnet); char ip6buf[INET6_ADDRSTRLEN]; u_int32_t zoneid; diff --git a/sys/netinet6/tcp6_var.h b/sys/netinet6/tcp6_var.h index 18a48a3ca002..3e0b6ecaef15 100644 --- a/sys/netinet6/tcp6_var.h +++ b/sys/netinet6/tcp6_var.h @@ -65,10 +65,9 @@ #ifdef _KERNEL #ifdef SYSCTL_DECL SYSCTL_DECL(_net_inet6_tcp6); -#endif -#ifdef VIMAGE_GLOBALS -extern int tcp_v6mssdflt; /* XXX */ +VNET_DECLARE(int, tcp_v6mssdflt); /* XXX */ +#define V_tcp_v6mssdflt VNET_GET(tcp_v6mssdflt) #endif struct ip6_hdr; diff --git a/sys/netinet6/udp6_usrreq.c b/sys/netinet6/udp6_usrreq.c index 5eb4a4733d32..ab173a89c042 100644 --- a/sys/netinet6/udp6_usrreq.c +++ b/sys/netinet6/udp6_usrreq.c @@ -102,14 +102,12 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include #include #include #include -#include #ifdef IPSEC #include @@ -130,7 +128,6 @@ static void udp6_append(struct inpcb *inp, struct mbuf *n, int off, struct sockaddr_in6 *fromsa) { - INIT_VNET_INET(inp->inp_vnet); struct socket *so; struct mbuf *opts; @@ -139,7 +136,6 @@ udp6_append(struct inpcb *inp, struct mbuf *n, int off, #ifdef IPSEC /* Check AH/ESP integrity. */ if (ipsec6_in_reject(n, inp)) { - INIT_VNET_IPSEC(inp->inp_vnet); m_freem(n); V_ipsec6stat.in_polvio++; return; @@ -173,8 +169,6 @@ udp6_append(struct inpcb *inp, struct mbuf *n, int off, int udp6_input(struct mbuf **mp, int *offp, int proto) { - INIT_VNET_INET(curvnet); - INIT_VNET_INET6(curvnet); struct mbuf *m = *mp; struct ifnet *ifp; struct ip6_hdr *ip6; @@ -427,7 +421,6 @@ badunlocked: void udp6_ctlinput(int cmd, struct sockaddr *sa, void *d) { - INIT_VNET_INET(curvnet); struct udphdr uh; struct ip6_hdr *ip6; struct mbuf *m; @@ -493,8 +486,6 @@ udp6_ctlinput(int cmd, struct sockaddr *sa, void *d) static int udp6_getcred(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); - INIT_VNET_INET6(curvnet); struct xucred xuc; struct sockaddr_in6 addrs[2]; struct inpcb *inp; @@ -546,8 +537,6 @@ static int udp6_output(struct inpcb *inp, struct mbuf *m, struct sockaddr *addr6, struct mbuf *control, struct thread *td) { - INIT_VNET_INET(curvnet); - INIT_VNET_INET6(curvnet); u_int32_t ulen = m->m_pkthdr.len; u_int32_t plen = sizeof(struct udphdr) + ulen; struct ip6_hdr *ip6; @@ -766,7 +755,6 @@ releaseopt: static void udp6_abort(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -796,7 +784,6 @@ udp6_abort(struct socket *so) static int udp6_attach(struct socket *so, int proto, struct thread *td) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; int error; @@ -843,7 +830,6 @@ udp6_attach(struct socket *so, int proto, struct thread *td) static int udp6_bind(struct socket *so, struct sockaddr *nam, struct thread *td) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; int error; @@ -883,7 +869,6 @@ out: static void udp6_close(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; inp = sotoinpcb(so); @@ -912,7 +897,6 @@ udp6_close(struct socket *so) static int udp6_connect(struct socket *so, struct sockaddr *nam, struct thread *td) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; struct sockaddr_in6 *sin6; int error; @@ -969,7 +953,6 @@ out: static void udp6_detach(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; struct udpcb *up; @@ -989,7 +972,6 @@ udp6_detach(struct socket *so) static int udp6_disconnect(struct socket *so) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; int error; @@ -1029,7 +1011,6 @@ static int udp6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *addr, struct mbuf *control, struct thread *td) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; int error = 0; diff --git a/sys/netinet6/vinet6.h b/sys/netinet6/vinet6.h deleted file mode 100644 index 2b0344f8efdd..000000000000 --- a/sys/netinet6/vinet6.h +++ /dev/null @@ -1,270 +0,0 @@ -/*- - * Copyright (c) 2006-2008 University of Zagreb - * Copyright (c) 2006-2008 FreeBSD Foundation - * - * This software was developed by the University of Zagreb and the - * FreeBSD Foundation under sponsorship by the Stichting NLnet and the - * FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _NETINET6_VINET6_H_ -#define _NETINET6_VINET6_H_ - -#include -#include -#include - -#include - -#include -#include - -#include -#include -#include -#include - -struct vnet_inet6 { - struct in6_ifaddrhead _in6_ifaddrhead; - - u_int _frag6_nfragpackets; - u_int _frag6_nfrags; - struct ip6q _ip6q; - - struct in6_addrpolicy _defaultaddrpolicy; - TAILQ_HEAD(, addrsel_policyent) _addrsel_policytab; - u_int _in6_maxmtu; - int _ip6_auto_linklocal; - int _rtq_minreallyold6; - int _rtq_reallyold6; - int _rtq_toomany6; - - struct ip6stat _ip6stat; - struct rip6stat _rip6stat; - struct icmp6stat _icmp6stat; - - int _rtq_timeout6; - struct callout _rtq_timer6; - struct callout _rtq_mtutimer; - struct callout _nd6_slowtimo_ch; - struct callout _nd6_timer_ch; - struct callout _in6_tmpaddrtimer_ch; - - int _nd6_inuse; - int _nd6_allocated; - int _nd6_onlink_ns_rfc4861; - struct nd_drhead _nd_defrouter; - struct nd_prhead _nd_prefix; - struct ifnet * _nd6_defifp; - int _nd6_defifindex; - - struct scope6_id _sid_default; - - TAILQ_HEAD(, dadq) _dadq; - int _dad_init; - - int _icmp6errpps_count; - struct timeval _icmp6errppslim_last; - - int _ip6_forwarding; - int _ip6_sendredirects; - int _ip6_defhlim; - int _ip6_defmcasthlim; - int _ip6_accept_rtadv; - int _ip6_maxfragpackets; - int _ip6_maxfrags; - int _ip6_log_interval; - int _ip6_hdrnestlimit; - int _ip6_dad_count; - int _ip6_auto_flowlabel; - int _ip6_use_deprecated; - int _ip6_rr_prune; - int _ip6_mcast_pmtu; - int _ip6_v6only; - int _ip6_keepfaith; - int _ip6stealth; - time_t _ip6_log_time; - - int _pmtu_expire; - int _pmtu_probe; - u_long _rip6_sendspace; - u_long _rip6_recvspace; - int _icmp6_rediraccept; - int _icmp6_redirtimeout; - int _icmp6errppslim; - int _icmp6_nodeinfo; - int _udp6_sendspace; - int _udp6_recvspace; - int _ip6_prefer_tempaddr; - - int _nd6_prune; - int _nd6_delay; - int _nd6_umaxtries; - int _nd6_mmaxtries; - int _nd6_useloopback; - int _nd6_gctimer; - int _nd6_maxndopt; - int _nd6_maxnudhint; - int _nd6_maxqueuelen; - int _nd6_debug; - int _nd6_recalc_reachtm_interval; - int _dad_ignore_ns; - int _dad_maxtry; - int _ip6_use_tempaddr; - int _ip6_desync_factor; - u_int32_t _ip6_temp_preferred_lifetime; - u_int32_t _ip6_temp_valid_lifetime; - - struct socket * _ip6_mrouter; - int _ip6_mrouter_ver; - int _pim6; - u_int _mrt6debug; - - int _ip6_temp_regen_advance; - int _ip6_use_defzone; - - struct ip6_pktopts _ip6_opts; - - struct timeval _mld_gsrdelay; - LIST_HEAD(, mld_ifinfo) _mli_head; - int _interface_timers_running6; - int _state_change_timers_running6; - int _current_state_timers_running6; -}; - -/* Size guard. See sys/vimage.h. */ -VIMAGE_CTASSERT(SIZEOF_vnet_inet6, sizeof(struct vnet_inet6)); - -#ifndef VIMAGE -#ifndef VIMAGE_GLOBALS -extern struct vnet_inet6 vnet_inet6_0; -#endif -#endif - -#define INIT_VNET_INET6(vnet) \ - INIT_FROM_VNET(vnet, VNET_MOD_INET6, struct vnet_inet6, vnet_inet6) - -#define VNET_INET6(sym) VSYM(vnet_inet6, sym) - -/* - * Symbol translation macros - */ -#define V_addrsel_policytab VNET_INET6(addrsel_policytab) -#define V_current_state_timers_running6 \ - VNET_INET6(current_state_timers_running6) -#define V_dad_ignore_ns VNET_INET6(dad_ignore_ns) -#define V_dad_init VNET_INET6(dad_init) -#define V_dad_maxtry VNET_INET6(dad_maxtry) -#define V_dadq VNET_INET6(dadq) -#define V_defaultaddrpolicy VNET_INET6(defaultaddrpolicy) -#define V_frag6_nfragpackets VNET_INET6(frag6_nfragpackets) -#define V_frag6_nfrags VNET_INET6(frag6_nfrags) -#define V_icmp6_nodeinfo VNET_INET6(icmp6_nodeinfo) -#define V_icmp6_rediraccept VNET_INET6(icmp6_rediraccept) -#define V_icmp6_redirtimeout VNET_INET6(icmp6_redirtimeout) -#define V_icmp6errpps_count VNET_INET6(icmp6errpps_count) -#define V_icmp6errppslim VNET_INET6(icmp6errppslim) -#define V_icmp6errppslim_last VNET_INET6(icmp6errppslim_last) -#define V_icmp6stat VNET_INET6(icmp6stat) -#define V_in6_ifaddrhead VNET_INET6(in6_ifaddrhead) -#define V_in6_maxmtu VNET_INET6(in6_maxmtu) -#define V_in6_tmpaddrtimer_ch VNET_INET6(in6_tmpaddrtimer_ch) -#define V_interface_timers_running6 \ - VNET_INET6(interface_timers_running6) -#define V_ip6_accept_rtadv VNET_INET6(ip6_accept_rtadv) -#define V_ip6_auto_flowlabel VNET_INET6(ip6_auto_flowlabel) -#define V_ip6_auto_linklocal VNET_INET6(ip6_auto_linklocal) -#define V_ip6_dad_count VNET_INET6(ip6_dad_count) -#define V_ip6_defhlim VNET_INET6(ip6_defhlim) -#define V_ip6_defmcasthlim VNET_INET6(ip6_defmcasthlim) -#define V_ip6_desync_factor VNET_INET6(ip6_desync_factor) -#define V_ip6_forwarding VNET_INET6(ip6_forwarding) -#define V_ip6_hdrnestlimit VNET_INET6(ip6_hdrnestlimit) -#define V_ip6_keepfaith VNET_INET6(ip6_keepfaith) -#define V_ip6_log_interval VNET_INET6(ip6_log_interval) -#define V_ip6_log_time VNET_INET6(ip6_log_time) -#define V_ip6_maxfragpackets VNET_INET6(ip6_maxfragpackets) -#define V_ip6_maxfrags VNET_INET6(ip6_maxfrags) -#define V_ip6_mcast_pmtu VNET_INET6(ip6_mcast_pmtu) -#define V_ip6_mrouter VNET_INET6(ip6_mrouter) -#define V_ip6_mrouter_ver VNET_INET6(ip6_mrouter_ver) -#define V_ip6_opts VNET_INET6(ip6_opts) -#define V_ip6_prefer_tempaddr VNET_INET6(ip6_prefer_tempaddr) -#define V_ip6_rr_prune VNET_INET6(ip6_rr_prune) -#define V_ip6_sendredirects VNET_INET6(ip6_sendredirects) -#define V_ip6_temp_preferred_lifetime VNET_INET6(ip6_temp_preferred_lifetime) -#define V_ip6_temp_regen_advance VNET_INET6(ip6_temp_regen_advance) -#define V_ip6_temp_valid_lifetime VNET_INET6(ip6_temp_valid_lifetime) -#define V_ip6_use_defzone VNET_INET6(ip6_use_defzone) -#define V_ip6_use_deprecated VNET_INET6(ip6_use_deprecated) -#define V_ip6_use_tempaddr VNET_INET6(ip6_use_tempaddr) -#define V_ip6_v6only VNET_INET6(ip6_v6only) -#define V_ip6q VNET_INET6(ip6q) -#define V_ip6stat VNET_INET6(ip6stat) -#define V_ip6stealth VNET_INET6(ip6stealth) -#define V_llinfo_nd6 VNET_INET6(llinfo_nd6) -#define V_mrt6debug VNET_INET6(mrt6debug) -#define V_mld_gsrdelay VNET_INET6(mld_gsrdelay) -#define V_mli_head VNET_INET6(mli_head) -#define V_nd6_allocated VNET_INET6(nd6_allocated) -#define V_nd6_debug VNET_INET6(nd6_debug) -#define V_nd6_defifindex VNET_INET6(nd6_defifindex) -#define V_nd6_defifp VNET_INET6(nd6_defifp) -#define V_nd6_delay VNET_INET6(nd6_delay) -#define V_nd6_gctimer VNET_INET6(nd6_gctimer) -#define V_nd6_inuse VNET_INET6(nd6_inuse) -#define V_nd6_maxndopt VNET_INET6(nd6_maxndopt) -#define V_nd6_maxnudhint VNET_INET6(nd6_maxnudhint) -#define V_nd6_maxqueuelen VNET_INET6(nd6_maxqueuelen) -#define V_nd6_mmaxtries VNET_INET6(nd6_mmaxtries) -#define V_nd6_onlink_ns_rfc4861 VNET_INET6(nd6_onlink_ns_rfc4861) -#define V_nd6_prune VNET_INET6(nd6_prune) -#define V_nd6_recalc_reachtm_interval VNET_INET6(nd6_recalc_reachtm_interval) -#define V_nd6_slowtimo_ch VNET_INET6(nd6_slowtimo_ch) -#define V_nd6_timer_ch VNET_INET6(nd6_timer_ch) -#define V_nd6_umaxtries VNET_INET6(nd6_umaxtries) -#define V_nd6_useloopback VNET_INET6(nd6_useloopback) -#define V_nd_defrouter VNET_INET6(nd_defrouter) -#define V_nd_prefix VNET_INET6(nd_prefix) -#define V_pim6 VNET_INET6(pim6) -#define V_pmtu_expire VNET_INET6(pmtu_expire) -#define V_pmtu_probe VNET_INET6(pmtu_probe) -#define V_rip6_recvspace VNET_INET6(rip6_recvspace) -#define V_rip6_sendspace VNET_INET6(rip6_sendspace) -#define V_rip6stat VNET_INET6(rip6stat) -#define V_rtq_minreallyold6 VNET_INET6(rtq_minreallyold6) -#define V_rtq_mtutimer VNET_INET6(rtq_mtutimer) -#define V_rtq_reallyold6 VNET_INET6(rtq_reallyold6) -#define V_rtq_timeout6 VNET_INET6(rtq_timeout6) -#define V_rtq_timer6 VNET_INET6(rtq_timer6) -#define V_rtq_toomany6 VNET_INET6(rtq_toomany6) -#define V_sid_default VNET_INET6(sid_default) -#define V_state_change_timers_running6 \ - VNET_INET6(state_change_timers_running6) -#define V_udp6_recvspace VNET_INET6(udp6_recvspace) -#define V_udp6_sendspace VNET_INET6(udp6_sendspace) - -#endif /* !_NETINET6_VINET6_H_ */ diff --git a/sys/netipsec/ah_var.h b/sys/netipsec/ah_var.h index 5a8c06e14155..974cc6cad0cc 100644 --- a/sys/netipsec/ah_var.h +++ b/sys/netipsec/ah_var.h @@ -71,8 +71,11 @@ struct ahstat { }; #ifdef _KERNEL -extern int ah_enable; -extern int ah_cleartos; -extern struct ahstat ahstat; +VNET_DECLARE(int, ah_enable); +#define V_ah_enable VNET_GET(ah_enable) +VNET_DECLARE(int, ah_cleartos); +#define V_ah_cleartos VNET_GET(ah_cleartos) +VNET_DECLARE(struct ahstat, ahstat); +#define V_ahstat VNET_GET(ahstat) #endif /* _KERNEL */ #endif /*_NETIPSEC_AH_VAR_H_*/ diff --git a/sys/netipsec/esp_var.h b/sys/netipsec/esp_var.h index 278b996a708f..66fcd395525c 100644 --- a/sys/netipsec/esp_var.h +++ b/sys/netipsec/esp_var.h @@ -72,7 +72,9 @@ struct espstat { }; #ifdef _KERNEL -extern int esp_enable; -extern struct espstat espstat; +VNET_DECLARE(int, esp_enable); +#define V_esp_enable VNET_GET(esp_enable) +VNET_DECLARE(struct espstat, espstat); +#define V_espstat VNET_GET(espstat) #endif /* _KERNEL */ #endif /*_NETIPSEC_ESP_VAR_H_*/ diff --git a/sys/netipsec/ipcomp_var.h b/sys/netipsec/ipcomp_var.h index 6a506bb5bf04..d70c6a272f88 100644 --- a/sys/netipsec/ipcomp_var.h +++ b/sys/netipsec/ipcomp_var.h @@ -61,7 +61,9 @@ struct ipcompstat { }; #ifdef _KERNEL -extern int ipcomp_enable; -extern struct ipcompstat ipcompstat; +VNET_DECLARE(int, ipcomp_enable); +#define V_ipcomp_enable VNET_GET(ipcomp_enable) +VNET_DECLARE(struct ipcompstat, ipcompstat); +#define V_ipcompstat VNET_GET(ipcompstat) #endif /* _KERNEL */ #endif /*_NETIPSEC_IPCOMP_VAR_H_*/ diff --git a/sys/netipsec/ipip_var.h b/sys/netipsec/ipip_var.h index 3d4ee15ff2f1..a620b724b14c 100644 --- a/sys/netipsec/ipip_var.h +++ b/sys/netipsec/ipip_var.h @@ -59,9 +59,9 @@ struct ipipstat }; #ifdef _KERNEL -extern int ipip_allow; -#ifdef VIMAGE_GLOBALS -extern struct ipipstat ipipstat; -#endif +VNET_DECLARE(int, ipip_allow); +#define V_ipip_allow VNET_GET(ipip_allow) +VNET_DECLARE(struct ipipstat, ipipstat); +#define V_ipipstat VNET_GET(ipipstat) #endif /* _KERNEL */ #endif /* _NETINET_IPIP_H_ */ diff --git a/sys/netipsec/ipsec.c b/sys/netipsec/ipsec.c index dabd5b6078c7..4a7001ef1bb4 100644 --- a/sys/netipsec/ipsec.c +++ b/sys/netipsec/ipsec.c @@ -57,6 +57,7 @@ #include #include +#include #include #include @@ -97,30 +98,25 @@ #include -#ifndef VIMAGE -#ifndef VIMAGE_GLOBALS -struct vnet_ipsec vnet_ipsec_0; +#ifdef IPSEC_DEBUG +VNET_DEFINE(int, ipsec_debug) = 1; +#else +VNET_DEFINE(int, ipsec_debug) = 0; #endif -#endif - -static int ipsec_iattach(const void *); -#ifdef VIMAGE -static int ipsec_idetach(const void *); -#endif - -#ifdef VIMAGE_GLOBALS /* NB: name changed so netstat doesn't use it. */ -struct ipsecstat ipsec4stat; -struct secpolicy ip4_def_policy; -int ipsec_debug; -int ip4_ah_offsetmask; -int ip4_ipsec_dfbit; -int ip4_esp_trans_deflev; -int ip4_esp_net_deflev; -int ip4_ah_trans_deflev; -int ip4_ah_net_deflev; -int ip4_ipsec_ecn; -int ip4_esp_randpad; +VNET_DEFINE(struct ipsecstat, ipsec4stat); +VNET_DEFINE(int, ip4_ah_offsetmask) = 0; /* maybe IP_DF? */ +/* DF bit on encap. 0: clear 1: set 2: copy */ +VNET_DEFINE(int, ip4_ipsec_dfbit) = 0; +VNET_DEFINE(int, ip4_esp_trans_deflev) = IPSEC_LEVEL_USE; +VNET_DEFINE(int, ip4_esp_net_deflev) = IPSEC_LEVEL_USE; +VNET_DEFINE(int, ip4_ah_trans_deflev) = IPSEC_LEVEL_USE; +VNET_DEFINE(int, ip4_ah_net_deflev) = IPSEC_LEVEL_USE; +VNET_DEFINE(struct secpolicy, ip4_def_policy); +/* ECN ignore(-1)/forbidden(0)/allowed(1) */ +VNET_DEFINE(int, ip4_ipsec_ecn) = 0; +VNET_DEFINE(int, ip4_esp_randpad) = -1; + /* * Crypto support requirements: * @@ -128,80 +124,74 @@ int ip4_esp_randpad; * -1 require software support * 0 take anything */ -int crypto_support; -#endif /* VIMAGE_GLOBALS */ +VNET_DEFINE(int, crypto_support) = CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE; SYSCTL_DECL(_net_inet_ipsec); /* net.inet.ipsec */ -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet_ipsec, IPSECCTL_DEF_POLICY, - def_policy, CTLFLAG_RW, ip4_def_policy.policy, 0, +SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_DEF_POLICY, def_policy, + CTLFLAG_RW, &VNET_NAME(ip4_def_policy).policy, 0, "IPsec default policy."); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet_ipsec, IPSECCTL_DEF_ESP_TRANSLEV, - esp_trans_deflev, CTLFLAG_RW, ip4_esp_trans_deflev, 0, +SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_DEF_ESP_TRANSLEV, esp_trans_deflev, + CTLFLAG_RW, &VNET_NAME(ip4_esp_trans_deflev), 0, "Default ESP transport mode level"); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet_ipsec, IPSECCTL_DEF_ESP_NETLEV, - esp_net_deflev, CTLFLAG_RW, ip4_esp_net_deflev, 0, +SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_DEF_ESP_NETLEV, esp_net_deflev, + CTLFLAG_RW, &VNET_NAME(ip4_esp_net_deflev), 0, "Default ESP tunnel mode level."); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet_ipsec, IPSECCTL_DEF_AH_TRANSLEV, - ah_trans_deflev, CTLFLAG_RW, ip4_ah_trans_deflev, 0, +SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_DEF_AH_TRANSLEV, ah_trans_deflev, + CTLFLAG_RW, &VNET_NAME(ip4_ah_trans_deflev), 0, "AH transfer mode default level."); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet_ipsec, IPSECCTL_DEF_AH_NETLEV, - ah_net_deflev, CTLFLAG_RW, ip4_ah_net_deflev, 0, +SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_DEF_AH_NETLEV, ah_net_deflev, + CTLFLAG_RW, &VNET_NAME(ip4_ah_net_deflev), 0, "AH tunnel mode default level."); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet_ipsec, IPSECCTL_AH_CLEARTOS, - ah_cleartos, CTLFLAG_RW, ah_cleartos, 0, +SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_AH_CLEARTOS, ah_cleartos, + CTLFLAG_RW, &VNET_NAME(ah_cleartos), 0, "If set clear type-of-service field when doing AH computation."); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet_ipsec, IPSECCTL_AH_OFFSETMASK, - ah_offsetmask, CTLFLAG_RW, ip4_ah_offsetmask, 0, +SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_AH_OFFSETMASK, ah_offsetmask, + CTLFLAG_RW, &VNET_NAME(ip4_ah_offsetmask), 0, "If not set clear offset field mask when doing AH computation."); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet_ipsec, IPSECCTL_DFBIT, - dfbit, CTLFLAG_RW, ip4_ipsec_dfbit, 0, +SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_DFBIT, dfbit, + CTLFLAG_RW, &VNET_NAME(ip4_ipsec_dfbit), 0, "Do not fragment bit on encap."); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet_ipsec, IPSECCTL_ECN, - ecn, CTLFLAG_RW, ip4_ipsec_ecn, 0, +SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_ECN, ecn, + CTLFLAG_RW, &VNET_NAME(ip4_ipsec_ecn), 0, "Explicit Congestion Notification handling."); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet_ipsec, IPSECCTL_DEBUG, - debug, CTLFLAG_RW, ipsec_debug, 0, +SYSCTL_VNET_INT(_net_inet_ipsec, IPSECCTL_DEBUG, debug, + CTLFLAG_RW, &VNET_NAME(ipsec_debug), 0, "Enable IPsec debugging output when set."); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet_ipsec, OID_AUTO, - crypto_support, CTLFLAG_RW, crypto_support,0, +SYSCTL_VNET_INT(_net_inet_ipsec, OID_AUTO, crypto_support, + CTLFLAG_RW, &VNET_NAME(crypto_support), 0, "Crypto driver selection."); -SYSCTL_V_STRUCT(V_NET, vnet_ipsec, _net_inet_ipsec, OID_AUTO, - ipsecstats, CTLFLAG_RD, ipsec4stat, ipsecstat, +SYSCTL_VNET_STRUCT(_net_inet_ipsec, OID_AUTO, ipsecstats, + CTLFLAG_RD, &VNET_NAME(ipsec4stat), ipsecstat, "IPsec IPv4 statistics."); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet_ipsec, OID_AUTO, - filtertunnel, CTLFLAG_RW, ip4_ipsec_filtertunnel, 0, - "If set filter packets from an IPsec tunnel."); #ifdef REGRESSION -#ifdef VIMAGE_GLOBALS -int ipsec_replay; -int ipsec_integrity; -#endif /* * When set to 1, IPsec will send packets with the same sequence number. * This allows to verify if the other side has proper replay attacks detection. */ -SYSCTL_V_INT(V_NET, vnet_ipsec,_net_inet_ipsec, OID_AUTO, test_replay, - CTLFLAG_RW, ipsec_replay, 0, "Emulate replay attack"); +VNET_DEFINE(int, ipsec_replay) = 0; +SYSCTL_VNET_INT(_net_inet_ipsec, OID_AUTO, test_replay, + CTLFLAG_RW, &VNET_NAME(ipsec_replay), 0, + "Emulate replay attack"); /* * When set 1, IPsec will send packets with corrupted HMAC. * This allows to verify if the other side properly detects modified packets. */ -SYSCTL_V_INT(V_NET, vnet_ipsec,_net_inet_ipsec, OID_AUTO, test_integrity, - CTLFLAG_RW, ipsec_integrity, 0, "Emulate man-in-the-middle attack"); +VNET_DEFINE(int, ipsec_integrity) = 0; +SYSCTL_VNET_INT(_net_inet_ipsec, OID_AUTO, test_integrity, + CTLFLAG_RW, &VNET_NAME(ipsec_integrity), 0, + "Emulate man-in-the-middle attack"); #endif #ifdef INET6 -#ifdef VIMAGE_GLOBALS -struct ipsecstat ipsec6stat; -int ip6_esp_trans_deflev; -int ip6_esp_net_deflev; -int ip6_ah_trans_deflev; -int ip6_ah_net_deflev; -int ip6_ipsec_ecn; -#endif +VNET_DEFINE(struct ipsecstat, ipsec6stat); +VNET_DEFINE(int, ip6_esp_trans_deflev) = IPSEC_LEVEL_USE; +VNET_DEFINE(int, ip6_esp_net_deflev) = IPSEC_LEVEL_USE; +VNET_DEFINE(int, ip6_ah_trans_deflev) = IPSEC_LEVEL_USE; +VNET_DEFINE(int, ip6_ah_net_deflev) = IPSEC_LEVEL_USE; +VNET_DEFINE(int, ip6_ipsec_ecn) = 0; /* ECN ignore(-1)/forbidden(0)/allowed(1) */ SYSCTL_DECL(_net_inet6_ipsec6); @@ -210,33 +200,30 @@ SYSCTL_DECL(_net_inet6_ipsec6); SYSCTL_OID(_net_inet6_ipsec6, IPSECCTL_STATS, stats, CTLFLAG_RD, 0, 0, compat_ipsecstats_sysctl, "S", "IPsec IPv6 statistics."); #endif /* COMPAT_KAME */ -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet6_ipsec6, IPSECCTL_DEF_POLICY, - def_policy, CTLFLAG_RW, ip4_def_policy.policy, 0, +SYSCTL_VNET_INT(_net_inet6_ipsec6, IPSECCTL_DEF_POLICY, def_policy, CTLFLAG_RW, + &VNET_NAME(ip4_def_policy).policy, 0, "IPsec default policy."); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet6_ipsec6, IPSECCTL_DEF_ESP_TRANSLEV, - esp_trans_deflev, CTLFLAG_RW, ip6_esp_trans_deflev, 0, +SYSCTL_VNET_INT(_net_inet6_ipsec6, IPSECCTL_DEF_ESP_TRANSLEV, + esp_trans_deflev, CTLFLAG_RW, &VNET_NAME(ip6_esp_trans_deflev), 0, "Default ESP transport mode level."); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet6_ipsec6, IPSECCTL_DEF_ESP_NETLEV, - esp_net_deflev, CTLFLAG_RW, ip6_esp_net_deflev, 0, +SYSCTL_VNET_INT(_net_inet6_ipsec6, IPSECCTL_DEF_ESP_NETLEV, + esp_net_deflev, CTLFLAG_RW, &VNET_NAME(ip6_esp_net_deflev), 0, "Default ESP tunnel mode level."); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet6_ipsec6, IPSECCTL_DEF_AH_TRANSLEV, - ah_trans_deflev, CTLFLAG_RW, ip6_ah_trans_deflev, 0, +SYSCTL_VNET_INT(_net_inet6_ipsec6, IPSECCTL_DEF_AH_TRANSLEV, + ah_trans_deflev, CTLFLAG_RW, &VNET_NAME(ip6_ah_trans_deflev), 0, "AH transfer mode default level."); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet6_ipsec6, IPSECCTL_DEF_AH_NETLEV, - ah_net_deflev, CTLFLAG_RW, ip6_ah_net_deflev, 0, +SYSCTL_VNET_INT(_net_inet6_ipsec6, IPSECCTL_DEF_AH_NETLEV, + ah_net_deflev, CTLFLAG_RW, &VNET_NAME(ip6_ah_net_deflev), 0, "AH tunnel mode default level."); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet6_ipsec6, IPSECCTL_ECN, - ecn, CTLFLAG_RW, ip6_ipsec_ecn, 0, +SYSCTL_VNET_INT(_net_inet6_ipsec6, IPSECCTL_ECN, + ecn, CTLFLAG_RW, &VNET_NAME(ip6_ipsec_ecn), 0, "Explicit Congestion Notification handling."); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet6_ipsec6, IPSECCTL_DEBUG, - debug, CTLFLAG_RW, ipsec_debug, 0, +SYSCTL_VNET_INT(_net_inet6_ipsec6, IPSECCTL_DEBUG, debug, CTLFLAG_RW, + &VNET_NAME(ipsec_debug), 0, "Enable IPsec debugging output when set."); -SYSCTL_V_STRUCT(V_NET, vnet_ipsec, _net_inet6_ipsec6, IPSECCTL_STATS, - ipsecstats, CTLFLAG_RD, ipsec6stat, ipsecstat, +SYSCTL_VNET_STRUCT(_net_inet6_ipsec6, IPSECCTL_STATS, + ipsecstats, CTLFLAG_RD, &VNET_NAME(ipsec6stat), ipsecstat, "IPsec IPv6 statistics."); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet6_ipsec6, OID_AUTO, - filtertunnel, CTLFLAG_RW, ip6_ipsec6_filtertunnel, 0, - "If set filter packets from an IPsec tunnel."); #endif /* INET6 */ static int ipsec_setspidx_inpcb __P((struct mbuf *, struct inpcb *)); @@ -253,72 +240,22 @@ static void vshiftl __P((unsigned char *, int, int)); MALLOC_DEFINE(M_IPSEC_INPCB, "inpcbpolicy", "inpcb-resident ipsec policy"); -#ifndef VIMAGE_GLOBALS +static int ipsec_iattach(const void *); +#ifdef VIMAGE static const vnet_modinfo_t vnet_ipsec_modinfo = { .vmi_id = VNET_MOD_IPSEC, .vmi_name = "ipsec", - .vmi_size = sizeof(struct vnet_ipsec), .vmi_dependson = VNET_MOD_INET, /* XXX revisit - INET6 ? */ .vmi_iattach = ipsec_iattach, -#ifdef VIMAGE - .vmi_idetach = ipsec_idetach -#endif }; -#endif /* !VIMAGE_GLOBALS */ - -void -ipsec_init(void) -{ - INIT_VNET_IPSEC(curvnet); - -#ifdef IPSEC_DEBUG - V_ipsec_debug = 1; -#else - V_ipsec_debug = 0; #endif - V_ip4_ah_offsetmask = 0; /* maybe IP_DF? */ - V_ip4_ipsec_dfbit = 0; /* DF bit on encap. 0: clear 1: set 2: copy */ - V_ip4_esp_trans_deflev = IPSEC_LEVEL_USE; - V_ip4_esp_net_deflev = IPSEC_LEVEL_USE; - V_ip4_ah_trans_deflev = IPSEC_LEVEL_USE; - V_ip4_ah_net_deflev = IPSEC_LEVEL_USE; - V_ip4_ipsec_ecn = 0; /* ECN ignore(-1)/forbidden(0)/allowed(1) */ - V_ip4_esp_randpad = -1; -#ifdef IPSEC_FILTERTUNNEL - V_ip4_ipsec_filtertunnel = 1; -#else - V_ip4_ipsec_filtertunnel = 0; -#endif - - V_crypto_support = CRYPTOCAP_F_HARDWARE | CRYPTOCAP_F_SOFTWARE; - -#ifdef REGRESSION - V_ipsec_replay = 0; - V_ipsec_integrity = 0; -#endif - -#ifdef INET6 - V_ip6_esp_trans_deflev = IPSEC_LEVEL_USE; - V_ip6_esp_net_deflev = IPSEC_LEVEL_USE; - V_ip6_ah_trans_deflev = IPSEC_LEVEL_USE; - V_ip6_ah_net_deflev = IPSEC_LEVEL_USE; - V_ip6_ipsec_ecn = 0; /* ECN ignore(-1)/forbidden(0)/allowed(1) */ -#ifdef IPSEC_FILTERTUNNEL - V_ip6_ipsec6_filtertunnel = 1; -#else - V_ip6_ipsec6_filtertunnel = 0; -#endif -#endif -} - /* * Return a held reference to the default SP. */ static struct secpolicy * key_allocsp_default(const char* where, int tag) { - INIT_VNET_IPSEC(curvnet); struct secpolicy *sp; KEYDEBUG(KEYDEBUG_IPSEC_STAMP, @@ -384,7 +321,6 @@ ipsec_getpolicy(struct tdb_ident *tdbi, u_int dir) static struct secpolicy * ipsec_getpolicybysock(struct mbuf *m, u_int dir, struct inpcb *inp, int *error) { - INIT_VNET_IPSEC(curvnet); struct inpcbpolicy *pcbsp; struct secpolicy *currsp = NULL; /* Policy on socket. */ struct secpolicy *sp; @@ -482,7 +418,6 @@ ipsec_getpolicybysock(struct mbuf *m, u_int dir, struct inpcb *inp, int *error) struct secpolicy * ipsec_getpolicybyaddr(struct mbuf *m, u_int dir, int flag, int *error) { - INIT_VNET_IPSEC(curvnet); struct secpolicyindex spidx; struct secpolicy *sp; @@ -515,7 +450,6 @@ struct secpolicy * ipsec4_checkpolicy(struct mbuf *m, u_int dir, u_int flag, int *error, struct inpcb *inp) { - INIT_VNET_IPSEC(curvnet); struct secpolicy *sp; *error = 0; @@ -587,7 +521,6 @@ ipsec_setspidx_inpcb(struct mbuf *m, struct inpcb *inp) static int ipsec_setspidx(struct mbuf *m, struct secpolicyindex *spidx, int needport) { - INIT_VNET_IPSEC(curvnet); struct ip *ip = NULL; struct ip ipbuf; u_int v; @@ -778,7 +711,6 @@ ipsec4_setspidx_ipaddr(struct mbuf *m, struct secpolicyindex *spidx) static void ipsec6_get_ulp(struct mbuf *m, struct secpolicyindex *spidx, int needport) { - INIT_VNET_IPSEC(curvnet); int off, nxt; struct tcphdr th; struct udphdr uh; @@ -891,7 +823,6 @@ ipsec_delpcbpolicy(struct inpcbpolicy *p) int ipsec_init_policy(struct socket *so, struct inpcbpolicy **pcb_sp) { - INIT_VNET_IPSEC(curvnet); struct inpcbpolicy *new; /* Sanity check. */ @@ -1030,7 +961,6 @@ static int ipsec_set_policy_internal(struct secpolicy **pcb_sp, int optname, caddr_t request, size_t len, struct ucred *cred) { - INIT_VNET_IPSEC(curvnet); struct sadb_x_policy *xpl; struct secpolicy *newsp = NULL; int error; @@ -1079,7 +1009,6 @@ int ipsec_set_policy(struct inpcb *inp, int optname, caddr_t request, size_t len, struct ucred *cred) { - INIT_VNET_IPSEC(curvnet); struct sadb_x_policy *xpl; struct secpolicy **pcb_sp; @@ -1111,7 +1040,6 @@ int ipsec_get_policy(struct inpcb *inp, caddr_t request, size_t len, struct mbuf **mp) { - INIT_VNET_IPSEC(curvnet); struct sadb_x_policy *xpl; struct secpolicy *pcb_sp; @@ -1182,7 +1110,6 @@ ipsec_delete_pcbpolicy(struct inpcb *inp) u_int ipsec_get_reqlevel(struct ipsecrequest *isr) { - INIT_VNET_IPSEC(curvnet); u_int level = 0; u_int esp_trans_deflev, esp_net_deflev; u_int ah_trans_deflev, ah_net_deflev; @@ -1287,7 +1214,6 @@ ipsec_get_reqlevel(struct ipsecrequest *isr) int ipsec_in_reject(struct secpolicy *sp, struct mbuf *m) { - INIT_VNET_IPSEC(curvnet); struct ipsecrequest *isr; int need_auth; @@ -1390,7 +1316,6 @@ ipsec46_in_reject(struct mbuf *m, struct inpcb *inp) int ipsec4_in_reject(struct mbuf *m, struct inpcb *inp) { - INIT_VNET_IPSEC(curvnet); int result; result = ipsec46_in_reject(m, inp); @@ -1409,7 +1334,6 @@ ipsec4_in_reject(struct mbuf *m, struct inpcb *inp) int ipsec6_in_reject(struct mbuf *m, struct inpcb *inp) { - INIT_VNET_IPSEC(curvnet); int result; result = ipsec46_in_reject(m, inp); @@ -1428,7 +1352,6 @@ ipsec6_in_reject(struct mbuf *m, struct inpcb *inp) static size_t ipsec_hdrsiz_internal(struct secpolicy *sp) { - INIT_VNET_IPSEC(curvnet); struct ipsecrequest *isr; size_t size; @@ -1491,7 +1414,6 @@ ipsec_hdrsiz_internal(struct secpolicy *sp) size_t ipsec_hdrsiz(struct mbuf *m, u_int dir, struct inpcb *inp) { - INIT_VNET_IPSEC(curvnet); struct secpolicy *sp; int error; size_t size; @@ -1591,7 +1513,6 @@ ipsec_chkreplay(u_int32_t seq, struct secasvar *sav) int ipsec_updatereplay(u_int32_t seq, struct secasvar *sav) { - INIT_VNET_IPSEC(curvnet); struct secreplay *replay; u_int32_t diff; int fr; @@ -1791,10 +1712,10 @@ ipsec_dumpmbuf(struct mbuf *m) } static void -ipsec_attach(void) +ipsec_attach(const void *unused __unused) { -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_register(&vnet_ipsec_modinfo); #else ipsec_iattach(NULL); @@ -1804,7 +1725,6 @@ ipsec_attach(void) static int ipsec_iattach(const void *unused __unused) { - INIT_VNET_IPSEC(curvnet); SECPOLICY_LOCK_INIT(&V_ip4_def_policy); V_ip4_def_policy.refcnt = 1; /* NB: disallow free. */ @@ -1812,16 +1732,6 @@ ipsec_iattach(const void *unused __unused) return (0); } -#ifdef VIMAGE -static int -ipsec_idetach(const void *unused __unused) -{ - - /* XXX revisit this! */ - - return (0); -} -#endif SYSINIT(ipsec, SI_SUB_PROTO_DOMAIN, SI_ORDER_FIRST, ipsec_attach, NULL); diff --git a/sys/netipsec/ipsec.h b/sys/netipsec/ipsec.h index c869ec85ee8c..03df7bc685d0 100644 --- a/sys/netipsec/ipsec.h +++ b/sys/netipsec/ipsec.h @@ -332,25 +332,40 @@ struct ipsec_history { u_int32_t ih_spi; }; -extern int ipsec_debug; -#ifdef REGRESSION -extern int ipsec_replay; -extern int ipsec_integrity; -#endif +VNET_DECLARE(int, ipsec_debug); +#define V_ipsec_debug VNET_GET(ipsec_debug) +VNET_DECLARE(struct ipsecstat, ipsec4stat); +#define V_ipsec4stat VNET_GET(ipsec4stat) +VNET_DECLARE(int, ip4_ah_offsetmask); +#define V_ip4_ah_offsetmask VNET_GET(ip4_ah_offsetmask) +VNET_DECLARE(int, ip4_ipsec_dfbit); +#define V_ip4_ipsec_dfbit VNET_GET(ip4_ipsec_dfbit) +VNET_DECLARE(int, ip4_esp_trans_deflev); +#define V_ip4_esp_trans_deflev VNET_GET(ip4_esp_trans_deflev) +VNET_DECLARE(int, ip4_esp_net_deflev); +#define V_ip4_esp_net_deflev VNET_GET(ip4_esp_net_deflev) +VNET_DECLARE(int, ip4_ah_trans_deflev); +#define V_ip4_ah_trans_deflev VNET_GET(ip4_ah_trans_deflev) +VNET_DECLARE(int, ip4_ah_net_deflev); +#define V_ip4_ah_net_deflev VNET_GET(ip4_ah_net_deflev) +VNET_DECLARE(struct secpolicy, ip4_def_policy); +#define V_ip4_def_policy VNET_GET(ip4_def_policy) +VNET_DECLARE(int, ip4_ipsec_ecn); +#define V_ip4_ipsec_ecn VNET_GET(ip4_ipsec_ecn) +VNET_DECLARE(int, ip4_esp_randpad); +#define V_ip4_esp_randpad VNET_GET(ip4_esp_randpad) + +VNET_DECLARE(int, crypto_support); +#define V_crypto_support VNET_GET(crypto_support) -extern struct ipsecstat ipsec4stat; -extern struct secpolicy ip4_def_policy; -extern int ip4_esp_trans_deflev; -extern int ip4_esp_net_deflev; -extern int ip4_ah_trans_deflev; -extern int ip4_ah_net_deflev; extern int ip4_ah_cleartos; -extern int ip4_ah_offsetmask; -extern int ip4_ipsec_dfbit; -extern int ip4_ipsec_ecn; -extern int ip4_ipsec_filtertunnel; -extern int ip4_esp_randpad; -extern int crypto_support; + +#ifdef REGRESSION +VNET_DECLARE(int, ipsec_replay); +#define V_ipsec_replay VNET_GET(ipsec_replay) +VNET_DECLARE(int, ipsec_integrity); +#define V_ipsec_integrity VNET_GET(ipsec_integrity) +#endif #define ipseclog(x) do { if (V_ipsec_debug) log x; } while (0) /* for openbsd compatibility */ @@ -360,7 +375,6 @@ extern struct ipsecrequest *ipsec_newisr(void); extern void ipsec_delisr(struct ipsecrequest *); struct tdb_ident; -extern void ipsec_init(void); extern struct secpolicy *ipsec_getpolicy __P((struct tdb_ident*, u_int)); struct inpcb; extern struct secpolicy *ipsec4_checkpolicy __P((struct mbuf *, u_int, u_int, @@ -434,8 +448,6 @@ extern char *ipsec_dump_policy __P((caddr_t, char *)); extern const char *ipsec_strerror __P((void)); -#else -#include #endif /* ! KERNEL */ #endif /* _NETIPSEC_IPSEC_H_ */ diff --git a/sys/netipsec/ipsec6.h b/sys/netipsec/ipsec6.h index 2f494632886b..a04cbec3cac4 100644 --- a/sys/netipsec/ipsec6.h +++ b/sys/netipsec/ipsec6.h @@ -41,13 +41,18 @@ #include #ifdef _KERNEL -extern struct ipsecstat ipsec6stat; -extern int ip6_esp_trans_deflev; -extern int ip6_esp_net_deflev; -extern int ip6_ah_trans_deflev; -extern int ip6_ah_net_deflev; -extern int ip6_ipsec_ecn; -extern int ip6_ipsec6_filtertunnel; +VNET_DECLARE(struct ipsecstat, ipsec6stat); +#define V_ipsec6stat VNET_GET(ipsec6stat) +VNET_DECLARE(int, ip6_esp_trans_deflev); +#define V_ip6_esp_trans_deflev VNET_GET(ip6_esp_trans_deflev) +VNET_DECLARE(int, ip6_esp_net_deflev); +#define V_ip6_esp_net_deflev VNET_GET(ip6_esp_net_deflev) +VNET_DECLARE(int, ip6_ah_trans_deflev); +#define V_ip6_ah_trans_deflev VNET_GET(ip6_ah_trans_deflev) +VNET_DECLARE(int, ip6_ah_net_deflev); +#define V_ip6_ah_net_deflev VNET_GET(ip6_ah_net_deflev) +VNET_DECLARE(int, ip6_ipsec_ecn); +#define V_ip6_ipsec_ecn VNET_GET(ip6_ipsec_ecn) struct inpcb; diff --git a/sys/netipsec/ipsec_input.c b/sys/netipsec/ipsec_input.c index 4ec169bfe46b..78f023a67f2b 100644 --- a/sys/netipsec/ipsec_input.c +++ b/sys/netipsec/ipsec_input.c @@ -60,6 +60,7 @@ #include #include #include +#include #include #include @@ -74,7 +75,6 @@ #include #ifdef INET6 #include -#include #endif #include @@ -116,7 +116,6 @@ static void ipsec4_common_ctlinput(int, struct sockaddr *, void *, int); static int ipsec_common_input(struct mbuf *m, int skip, int protoff, int af, int sproto) { - INIT_VNET_IPSEC(curvnet); union sockaddr_union dst_address; struct secasvar *sav; u_int32_t spi; @@ -295,7 +294,6 @@ int ipsec4_common_input_cb(struct mbuf *m, struct secasvar *sav, int skip, int protoff, struct m_tag *mt) { - INIT_VNET_IPSEC(curvnet); int prot, af, sproto; struct ip *ip; struct m_tag *mtag; @@ -518,7 +516,6 @@ ipsec4_common_ctlinput(int cmd, struct sockaddr *sa, void *v, int proto) int ipsec6_common_input(struct mbuf **mp, int *offp, int proto) { - INIT_VNET_IPSEC(curvnet); int l = 0; int protoff; struct ip6_ext ip6e; @@ -569,8 +566,6 @@ int ipsec6_common_input_cb(struct mbuf *m, struct secasvar *sav, int skip, int protoff, struct m_tag *mt) { - INIT_VNET_INET6(curvnet); - INIT_VNET_IPSEC(curvnet); int prot, af, sproto; struct ip6_hdr *ip6; struct m_tag *mtag; diff --git a/sys/netipsec/ipsec_mbuf.c b/sys/netipsec/ipsec_mbuf.c index d813c923a101..1b92881e25fb 100644 --- a/sys/netipsec/ipsec_mbuf.c +++ b/sys/netipsec/ipsec_mbuf.c @@ -39,6 +39,8 @@ #include #include +#include + #include #include @@ -54,7 +56,6 @@ struct mbuf * m_makespace(struct mbuf *m0, int skip, int hlen, int *off) { - INIT_VNET_IPSEC(curvnet); struct mbuf *m; unsigned remain; @@ -158,7 +159,6 @@ m_makespace(struct mbuf *m0, int skip, int hlen, int *off) caddr_t m_pad(struct mbuf *m, int n) { - INIT_VNET_IPSEC(curvnet); register struct mbuf *m0, *m1; register int len, pad; caddr_t retval; @@ -231,7 +231,6 @@ m_pad(struct mbuf *m, int n) int m_striphdr(struct mbuf *m, int skip, int hlen) { - INIT_VNET_IPSEC(curvnet); struct mbuf *m1; int roff; diff --git a/sys/netipsec/ipsec_output.c b/sys/netipsec/ipsec_output.c index b95378686059..f689fb2c0f61 100644 --- a/sys/netipsec/ipsec_output.c +++ b/sys/netipsec/ipsec_output.c @@ -47,6 +47,7 @@ #include #include #include +#include #include #include @@ -65,7 +66,6 @@ #include #ifdef INET6 #include -#include #endif #include @@ -96,7 +96,6 @@ int ipsec_process_done(struct mbuf *m, struct ipsecrequest *isr) { - INIT_VNET_IPSEC(curvnet); struct tdb_ident *tdbi; struct m_tag *mtag; struct secasvar *sav; @@ -264,7 +263,6 @@ ipsec_nextisr( { #define IPSEC_OSTAT(x,y,z) (isr->saidx.proto == IPPROTO_ESP ? (x)++ : \ isr->saidx.proto == IPPROTO_AH ? (y)++ : (z)++) - INIT_VNET_IPSEC(curvnet); struct secasvar *sav; IPSECREQUEST_LOCK_ASSERT(isr); @@ -408,7 +406,6 @@ ipsec4_process_packet( int flags, int tunalready) { - INIT_VNET_IPSEC(curvnet); struct secasindex saidx; struct secasvar *sav; struct ip *ip; @@ -622,7 +619,6 @@ ipsec6_output_trans( int flags, int *tun) { - INIT_VNET_IPSEC(curvnet); struct ipsecrequest *isr; struct secasindex saidx; int error = 0; @@ -690,7 +686,6 @@ bad: static int ipsec6_encapsulate(struct mbuf *m, struct secasvar *sav) { - INIT_VNET_IPSEC(curvnet); struct ip6_hdr *oip6; struct ip6_hdr *ip6; size_t plen; @@ -760,8 +755,6 @@ ipsec6_encapsulate(struct mbuf *m, struct secasvar *sav) int ipsec6_output_tunnel(struct ipsec_output_state *state, struct secpolicy *sp, int flags) { - INIT_VNET_INET6(curvnet); - INIT_VNET_IPSEC(curvnet); struct ip6_hdr *ip6; struct ipsecrequest *isr; struct secasindex saidx; diff --git a/sys/netipsec/key.c b/sys/netipsec/key.c index 3dc687842f6e..07a59454e5f8 100644 --- a/sys/netipsec/key.c +++ b/sys/netipsec/key.c @@ -61,6 +61,7 @@ #include #include #include +#include #include #include @@ -75,11 +76,9 @@ #ifdef INET #include -#include #endif #ifdef INET6 #include -#include #endif /* INET6 */ #include @@ -99,7 +98,6 @@ /* randomness */ #include -#include #define FULLMASK 0xff #define _BITS(bytes) ((bytes) << 3) @@ -115,31 +113,37 @@ * field hits 0 (= no external reference other than from SA header. */ -#ifdef VIMAGE_GLOBALS -u_int32_t key_debug_level; -static u_int key_spi_trycnt; -static u_int32_t key_spi_minval; -static u_int32_t key_spi_maxval; -static u_int32_t policy_id; -static u_int key_int_random; -static u_int key_larval_lifetime; -static int key_blockacq_count; -static int key_blockacq_lifetime; -static int key_preferred_oldsa; +VNET_DEFINE(u_int32_t, key_debug_level) = 0; +static VNET_DEFINE(u_int, key_spi_trycnt) = 1000; +#define V_key_spi_trycnt VNET_GET(key_spi_trycnt) +static VNET_DEFINE(u_int32_t, key_spi_minval) = 0x100; +#define V_key_spi_minval VNET_GET(key_spi_minval) +static VNET_DEFINE(u_int32_t, key_spi_maxval) = 0x0fffffff; /* XXX */ +#define V_key_spi_maxval VNET_GET(key_spi_maxval) +static VNET_DEFINE(u_int32_t, policy_id) = 0; +#define V_policy_id VNET_GET(policy_id) +/*interval to initialize randseed,1(m)*/ +static VNET_DEFINE(u_int, key_int_random) = 60; +#define V_key_int_random VNET_GET(key_int_random) +/* interval to expire acquiring, 30(s)*/ +static VNET_DEFINE(u_int, key_larval_lifetime) = 30; +#define V_key_larval_lifetime VNET_GET(key_larval_lifetime) +/* counter for blocking SADB_ACQUIRE.*/ +static VNET_DEFINE(int, key_blockacq_count) = 10; +#define V_key_blockacq_count VNET_GET(key_blockacq_count) +/* lifetime for blocking SADB_ACQUIRE.*/ +static VNET_DEFINE(int, key_blockacq_lifetime) = 20; +#define V_key_blockacq_lifetime VNET_GET(key_blockacq_lifetime) +/* preferred old sa rather than new sa.*/ +static VNET_DEFINE(int, key_preferred_oldsa) = 1; +#define V_key_preferred_oldsa VNET_GET(key_preferred_oldsa) -static u_int32_t acq_seq; - -static int ipsec_esp_keymin; -static int ipsec_esp_auth; -static int ipsec_ah_keymin; - -static LIST_HEAD(_sptree, secpolicy) sptree[IPSEC_DIR_MAX]; /* SPD */ -static LIST_HEAD(_sahtree, secashead) sahtree; /* SAD */ -static LIST_HEAD(_regtree, secreg) regtree[SADB_SATYPE_MAX + 1]; -static LIST_HEAD(_acqtree, secacq) acqtree; /* acquiring list */ -static LIST_HEAD(_spacqtree, secspacq) spacqtree; /* SP acquiring list */ -#endif /* VIMAGE_GLOBALS */ +static VNET_DEFINE(u_int32_t, acq_seq) = 0; +#define V_acq_seq VNET_GET(acq_seq) + /* SPD */ +static VNET_DEFINE(LIST_HEAD(_sptree, secpolicy), sptree[IPSEC_DIR_MAX]); +#define V_sptree VNET_GET(sptree) static struct mtx sptree_lock; #define SPTREE_LOCK_INIT() \ mtx_init(&sptree_lock, "sptree", \ @@ -149,6 +153,8 @@ static struct mtx sptree_lock; #define SPTREE_UNLOCK() mtx_unlock(&sptree_lock) #define SPTREE_LOCK_ASSERT() mtx_assert(&sptree_lock, MA_OWNED) +static VNET_DEFINE(LIST_HEAD(_sahtree, secashead), sahtree); /* SAD */ +#define V_sahtree VNET_GET(sahtree) static struct mtx sahtree_lock; #define SAHTREE_LOCK_INIT() \ mtx_init(&sahtree_lock, "sahtree", \ @@ -159,6 +165,8 @@ static struct mtx sahtree_lock; #define SAHTREE_LOCK_ASSERT() mtx_assert(&sahtree_lock, MA_OWNED) /* registed list */ +static VNET_DEFINE(LIST_HEAD(_regtree, secreg), regtree[SADB_SATYPE_MAX + 1]); +#define V_regtree VNET_GET(regtree) static struct mtx regtree_lock; #define REGTREE_LOCK_INIT() \ mtx_init(®tree_lock, "regtree", "fast ipsec regtree", MTX_DEF) @@ -167,6 +175,8 @@ static struct mtx regtree_lock; #define REGTREE_UNLOCK() mtx_unlock(®tree_lock) #define REGTREE_LOCK_ASSERT() mtx_assert(®tree_lock, MA_OWNED) +static VNET_DEFINE(LIST_HEAD(_acqtree, secacq), acqtree); /* acquiring list */ +#define V_acqtree VNET_GET(acqtree) static struct mtx acq_lock; #define ACQ_LOCK_INIT() \ mtx_init(&acq_lock, "acqtree", "fast ipsec acquire list", MTX_DEF) @@ -175,6 +185,9 @@ static struct mtx acq_lock; #define ACQ_UNLOCK() mtx_unlock(&acq_lock) #define ACQ_LOCK_ASSERT() mtx_assert(&acq_lock, MA_OWNED) + /* SP acquiring list */ +static VNET_DEFINE(LIST_HEAD(_spacqtree, secspacq), spacqtree); +#define V_spacqtree VNET_GET(spacqtree) static struct mtx spacq_lock; #define SPACQ_LOCK_INIT() \ mtx_init(&spacq_lock, "spacqtree", \ @@ -257,56 +270,63 @@ static const int maxsize[] = { sizeof(struct sadb_x_nat_t_frag),/* SADB_X_EXT_NAT_T_FRAG */ }; +static VNET_DEFINE(int, ipsec_esp_keymin) = 256; +#define V_ipsec_esp_keymin VNET_GET(ipsec_esp_keymin) +static VNET_DEFINE(int, ipsec_esp_auth) = 0; +#define V_ipsec_esp_auth VNET_GET(ipsec_esp_auth) +static VNET_DEFINE(int, ipsec_ah_keymin) = 128; +#define V_ipsec_ah_keymin VNET_GET(ipsec_ah_keymin) + #ifdef SYSCTL_DECL SYSCTL_DECL(_net_key); #endif -SYSCTL_V_INT(V_NET, vnet_ipsec,_net_key, KEYCTL_DEBUG_LEVEL, debug, - CTLFLAG_RW, key_debug_level, 0, ""); +SYSCTL_VNET_INT(_net_key, KEYCTL_DEBUG_LEVEL, debug, + CTLFLAG_RW, &VNET_NAME(key_debug_level), 0, ""); /* max count of trial for the decision of spi value */ -SYSCTL_V_INT(V_NET, vnet_ipsec,_net_key, KEYCTL_SPI_TRY, spi_trycnt, - CTLFLAG_RW, key_spi_trycnt, 0, ""); +SYSCTL_VNET_INT(_net_key, KEYCTL_SPI_TRY, spi_trycnt, + CTLFLAG_RW, &VNET_NAME(key_spi_trycnt), 0, ""); /* minimum spi value to allocate automatically. */ -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_key, KEYCTL_SPI_MIN_VALUE, - spi_minval, CTLFLAG_RW, key_spi_minval, 0, ""); +SYSCTL_VNET_INT(_net_key, KEYCTL_SPI_MIN_VALUE, + spi_minval, CTLFLAG_RW, &VNET_NAME(key_spi_minval), 0, ""); /* maximun spi value to allocate automatically. */ -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_key, KEYCTL_SPI_MAX_VALUE, - spi_maxval, CTLFLAG_RW, key_spi_maxval, 0, ""); +SYSCTL_VNET_INT(_net_key, KEYCTL_SPI_MAX_VALUE, + spi_maxval, CTLFLAG_RW, &VNET_NAME(key_spi_maxval), 0, ""); /* interval to initialize randseed */ -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_key, KEYCTL_RANDOM_INT, - int_random, CTLFLAG_RW, key_int_random, 0, ""); +SYSCTL_VNET_INT(_net_key, KEYCTL_RANDOM_INT, + int_random, CTLFLAG_RW, &VNET_NAME(key_int_random), 0, ""); /* lifetime for larval SA */ -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_key, KEYCTL_LARVAL_LIFETIME, - larval_lifetime, CTLFLAG_RW, key_larval_lifetime, 0, ""); +SYSCTL_VNET_INT(_net_key, KEYCTL_LARVAL_LIFETIME, + larval_lifetime, CTLFLAG_RW, &VNET_NAME(key_larval_lifetime), 0, ""); /* counter for blocking to send SADB_ACQUIRE to IKEd */ -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_key, KEYCTL_BLOCKACQ_COUNT, - blockacq_count, CTLFLAG_RW, key_blockacq_count, 0, ""); +SYSCTL_VNET_INT(_net_key, KEYCTL_BLOCKACQ_COUNT, + blockacq_count, CTLFLAG_RW, &VNET_NAME(key_blockacq_count), 0, ""); /* lifetime for blocking to send SADB_ACQUIRE to IKEd */ -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_key, KEYCTL_BLOCKACQ_LIFETIME, - blockacq_lifetime, CTLFLAG_RW, key_blockacq_lifetime, 0, ""); +SYSCTL_VNET_INT(_net_key, KEYCTL_BLOCKACQ_LIFETIME, + blockacq_lifetime, CTLFLAG_RW, &VNET_NAME(key_blockacq_lifetime), 0, ""); /* ESP auth */ -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_key, KEYCTL_ESP_AUTH, esp_auth, - CTLFLAG_RW, ipsec_esp_auth, 0, ""); +SYSCTL_VNET_INT(_net_key, KEYCTL_ESP_AUTH, esp_auth, + CTLFLAG_RW, &VNET_NAME(ipsec_esp_auth), 0, ""); /* minimum ESP key length */ -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_key, KEYCTL_ESP_KEYMIN, - esp_keymin, CTLFLAG_RW, ipsec_esp_keymin, 0, ""); +SYSCTL_VNET_INT(_net_key, KEYCTL_ESP_KEYMIN, + esp_keymin, CTLFLAG_RW, &VNET_NAME(ipsec_esp_keymin), 0, ""); /* minimum AH key length */ -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_key, KEYCTL_AH_KEYMIN, ah_keymin, - CTLFLAG_RW, ipsec_ah_keymin, 0, ""); +SYSCTL_VNET_INT(_net_key, KEYCTL_AH_KEYMIN, ah_keymin, + CTLFLAG_RW, &VNET_NAME(ipsec_ah_keymin), 0, ""); /* perfered old SA rather than new SA */ -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_key, KEYCTL_PREFERED_OLDSA, - preferred_oldsa, CTLFLAG_RW, key_preferred_oldsa, 0, ""); +SYSCTL_VNET_INT(_net_key, KEYCTL_PREFERED_OLDSA, + preferred_oldsa, CTLFLAG_RW, &VNET_NAME(key_preferred_oldsa), 0, ""); #define __LIST_CHAINED(elm) \ (!((elm)->chain.le_next == NULL && (elm)->chain.le_prev == NULL)) @@ -579,7 +599,6 @@ key_addref(struct secpolicy *sp) int key_havesp(u_int dir) { - INIT_VNET_IPSEC(curvnet); return (dir == IPSEC_DIR_INBOUND || dir == IPSEC_DIR_OUTBOUND ? LIST_FIRST(&V_sptree[dir]) != NULL : 1); @@ -595,7 +614,6 @@ key_havesp(u_int dir) struct secpolicy * key_allocsp(struct secpolicyindex *spidx, u_int dir, const char* where, int tag) { - INIT_VNET_IPSEC(curvnet); struct secpolicy *sp; IPSEC_ASSERT(spidx != NULL, ("null spidx")); @@ -652,7 +670,6 @@ key_allocsp2(u_int32_t spi, u_int dir, const char* where, int tag) { - INIT_VNET_IPSEC(curvnet); struct secpolicy *sp; IPSEC_ASSERT(dst != NULL, ("null dst")); @@ -715,7 +732,6 @@ key_gettunnel(const struct sockaddr *osrc, const struct sockaddr *idst, const char* where, int tag) { - INIT_VNET_IPSEC(curvnet); struct secpolicy *sp; const int dir = IPSEC_DIR_INBOUND; struct ipsecrequest *r1, *r2, *p; @@ -791,7 +807,6 @@ done: int key_checkrequest(struct ipsecrequest *isr, const struct secasindex *saidx) { - INIT_VNET_IPSEC(curvnet); u_int level; int error; @@ -887,7 +902,6 @@ static struct secasvar * key_allocsa_policy(const struct secasindex *saidx) { #define N(a) _ARRAYLEN(a) - INIT_VNET_IPSEC(curvnet); struct secashead *sah; struct secasvar *sav; u_int stateidx, arraysize; @@ -935,7 +949,6 @@ key_allocsa_policy(const struct secasindex *saidx) static struct secasvar * key_do_allocsa_policy(struct secashead *sah, u_int state) { - INIT_VNET_IPSEC(curvnet); struct secasvar *sav, *nextsav, *candidate, *d; /* initilize */ @@ -1081,7 +1094,6 @@ key_allocsa( u_int32_t spi, const char* where, int tag) { - INIT_VNET_IPSEC(curvnet); struct secashead *sah; struct secasvar *sav; u_int stateidx, arraysize, state; @@ -1160,7 +1172,6 @@ done: void _key_freesp(struct secpolicy **spp, const char* where, int tag) { - INIT_VNET_IPSEC(curvnet); struct secpolicy *sp = *spp; IPSEC_ASSERT(sp != NULL, ("null sp")); @@ -1186,7 +1197,6 @@ _key_freesp(struct secpolicy **spp, const char* where, int tag) void key_freeso(struct socket *so) { - INIT_VNET_IPSEC(curvnet); IPSEC_ASSERT(so != NULL, ("null so")); switch (so->so_proto->pr_domain->dom_family) { @@ -1237,7 +1247,6 @@ key_freesp_so(struct secpolicy **sp) void key_freesav(struct secasvar **psav, const char* where, int tag) { - INIT_VNET_IPSEC(curvnet); struct secasvar *sav = *psav; IPSEC_ASSERT(sav != NULL, ("null sav")); @@ -1296,7 +1305,6 @@ key_delsp(struct secpolicy *sp) static struct secpolicy * key_getsp(struct secpolicyindex *spidx) { - INIT_VNET_IPSEC(curvnet); struct secpolicy *sp; IPSEC_ASSERT(spidx != NULL, ("null spidx")); @@ -1323,7 +1331,6 @@ key_getsp(struct secpolicyindex *spidx) static struct secpolicy * key_getspbyid(u_int32_t id) { - INIT_VNET_IPSEC(curvnet); struct secpolicy *sp; SPTREE_LOCK(); @@ -1353,7 +1360,6 @@ done: struct secpolicy * key_newsp(const char* where, int tag) { - INIT_VNET_IPSEC(curvnet); struct secpolicy *newsp = NULL; newsp = (struct secpolicy *) @@ -1388,7 +1394,6 @@ key_msg2sp(xpl0, len, error) size_t len; int *error; { - INIT_VNET_IPSEC(curvnet); struct secpolicy *newsp; IPSEC_ASSERT(xpl0 != NULL, ("null xpl0")); @@ -1786,7 +1791,6 @@ key_spdadd(so, m, mhp) struct mbuf *m; const struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); struct sadb_address *src0, *dst0; struct sadb_x_policy *xpl0, *xpl; struct sadb_lifetime *lft = NULL; @@ -2019,7 +2023,6 @@ key_spdadd(so, m, mhp) static u_int32_t key_getnewspid() { - INIT_VNET_IPSEC(curvnet); u_int32_t newid = 0; int count = V_key_spi_trycnt; /* XXX */ struct secpolicy *sp; @@ -2061,7 +2064,6 @@ key_spddelete(so, m, mhp) struct mbuf *m; const struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); struct sadb_address *src0, *dst0; struct sadb_x_policy *xpl0; struct secpolicyindex spidx; @@ -2170,7 +2172,6 @@ key_spddelete2(so, m, mhp) struct mbuf *m; const struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); u_int32_t id; struct secpolicy *sp; @@ -2263,7 +2264,6 @@ key_spdget(so, m, mhp) struct mbuf *m; const struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); u_int32_t id; struct secpolicy *sp; struct mbuf *n; @@ -2315,7 +2315,6 @@ int key_spdacquire(sp) struct secpolicy *sp; { - INIT_VNET_IPSEC(curvnet); struct mbuf *result = NULL, *m; struct secspacq *newspacq; @@ -2378,7 +2377,6 @@ key_spdflush(so, m, mhp) struct mbuf *m; const struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); struct sadb_msg *newmsg; struct secpolicy *sp; u_int dir; @@ -2431,7 +2429,6 @@ key_spddump(so, m, mhp) struct mbuf *m; const struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); struct secpolicy *sp; int cnt; u_int dir; @@ -2704,7 +2701,6 @@ static struct secashead * key_newsah(saidx) struct secasindex *saidx; { - INIT_VNET_IPSEC(curvnet); struct secashead *newsah; IPSEC_ASSERT(saidx != NULL, ("null saidx")); @@ -2733,7 +2729,6 @@ static void key_delsah(sah) struct secashead *sah; { - INIT_VNET_IPSEC(curvnet); struct secasvar *sav, *nextsav; u_int stateidx; int zombie = 0; @@ -2795,7 +2790,6 @@ key_newsav(m, mhp, sah, errp, where, tag) const char* where; int tag; { - INIT_VNET_IPSEC(curvnet); struct secasvar *newsav; const struct sadb_sa *xsa; @@ -2962,7 +2956,6 @@ static struct secashead * key_getsah(saidx) struct secasindex *saidx; { - INIT_VNET_IPSEC(curvnet); struct secashead *sah; SAHTREE_LOCK(); @@ -2989,7 +2982,6 @@ key_checkspidup(saidx, spi) struct secasindex *saidx; u_int32_t spi; { - INIT_VNET_IPSEC(curvnet); struct secashead *sah; struct secasvar *sav; @@ -3026,7 +3018,6 @@ key_getsavbyspi(sah, spi) struct secashead *sah; u_int32_t spi; { - INIT_VNET_IPSEC(curvnet); struct secasvar *sav; u_int stateidx, state; @@ -3070,7 +3061,6 @@ key_setsaval(sav, m, mhp) struct mbuf *m; const struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); int error = 0; IPSEC_ASSERT(m != NULL, ("null mbuf")); @@ -3306,7 +3296,6 @@ key_setsaval(sav, m, mhp) static int key_mature(struct secasvar *sav) { - INIT_VNET_IPSEC(curvnet); int error; /* check SPI value */ @@ -3782,7 +3771,6 @@ key_setsadbxport(u_int16_t port, u_int16_t type) u_int16_t key_portfromsaddr(struct sockaddr *sa) { - INIT_VNET_IPSEC(curvnet); switch (sa->sa_family) { #ifdef INET @@ -3807,7 +3795,6 @@ key_portfromsaddr(struct sockaddr *sa) static void key_porttosaddr(struct sockaddr *sa, u_int16_t port) { - INIT_VNET_IPSEC(curvnet); switch (sa->sa_family) { #ifdef INET @@ -3868,7 +3855,6 @@ struct seckey * key_dup_keymsg(const struct sadb_key *src, u_int len, struct malloc_type *type) { - INIT_VNET_IPSEC(curvnet); struct seckey *dst; dst = (struct seckey *)malloc(sizeof(struct seckey), type, M_NOWAIT); if (dst != NULL) { @@ -3902,7 +3888,6 @@ static struct seclifetime * key_dup_lifemsg(const struct sadb_lifetime *src, struct malloc_type *type) { - INIT_VNET_IPSEC(curvnet); struct seclifetime *dst = NULL; dst = (struct seclifetime *)malloc(sizeof(struct seclifetime), @@ -3928,7 +3913,6 @@ key_ismyaddr(sa) struct sockaddr *sa; { #ifdef INET - INIT_VNET_INET(curvnet); struct sockaddr_in *sin; struct in_ifaddr *ia; #endif @@ -3976,7 +3960,6 @@ static int key_ismyaddr6(sin6) struct sockaddr_in6 *sin6; { - INIT_VNET_INET6(curvnet); struct in6_ifaddr *ia; #if 0 struct in6_multi *in6m; @@ -4325,7 +4308,6 @@ key_bbcmp(const void *a1, const void *a2, u_int bits) static void key_flush_spd(time_t now) { - INIT_VNET_IPSEC(curvnet); static u_int16_t sptree_scangen = 0; u_int16_t gen = sptree_scangen++; struct secpolicy *sp; @@ -4373,7 +4355,6 @@ restart: static void key_flush_sad(time_t now) { - INIT_VNET_IPSEC(curvnet); struct secashead *sah, *nextsah; struct secasvar *sav, *nextsav; @@ -4511,7 +4492,6 @@ key_flush_sad(time_t now) static void key_flush_acq(time_t now) { - INIT_VNET_IPSEC(curvnet); struct secacq *acq, *nextacq; /* ACQ tree */ @@ -4530,7 +4510,6 @@ key_flush_acq(time_t now) static void key_flush_spacq(time_t now) { - INIT_VNET_IPSEC(curvnet); struct secspacq *acq, *nextacq; /* SP ACQ tree */ @@ -4678,7 +4657,6 @@ key_getspi(so, m, mhp) struct mbuf *m; const struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); struct sadb_address *src0, *dst0; struct secasindex saidx; struct secashead *newsah; @@ -4913,7 +4891,6 @@ key_do_getnewspi(spirange, saidx) struct sadb_spirange *spirange; struct secasindex *saidx; { - INIT_VNET_IPSEC(curvnet); u_int32_t newspi; u_int32_t min, max; int count = V_key_spi_trycnt; @@ -4995,7 +4972,6 @@ key_update(so, m, mhp) struct mbuf *m; const struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); struct sadb_sa *sa0; struct sadb_address *src0, *dst0; #ifdef IPSEC_NAT_T @@ -5286,7 +5262,6 @@ key_add(so, m, mhp) struct mbuf *m; const struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); struct sadb_sa *sa0; struct sadb_address *src0, *dst0; #ifdef IPSEC_NAT_T @@ -5501,7 +5476,6 @@ key_setident(sah, m, mhp) struct mbuf *m; const struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); const struct sadb_ident *idsrc, *iddst; int idsrclen, iddstlen; @@ -5624,7 +5598,6 @@ key_delete(so, m, mhp) struct mbuf *m; const struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); struct sadb_sa *sa0; struct sadb_address *src0, *dst0; struct secasindex saidx; @@ -5770,7 +5743,6 @@ static int key_delete_all(struct socket *so, struct mbuf *m, const struct sadb_msghdr *mhp, u_int16_t proto) { - INIT_VNET_IPSEC(curvnet); struct sadb_address *src0, *dst0; struct secasindex saidx; struct secashead *sah; @@ -5894,7 +5866,6 @@ key_get(so, m, mhp) struct mbuf *m; const struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); struct sadb_sa *sa0; struct sadb_address *src0, *dst0; struct secasindex saidx; @@ -6037,7 +6008,6 @@ key_getcomb_setlifetime(comb) static struct mbuf * key_getcomb_esp() { - INIT_VNET_IPSEC(curvnet); struct sadb_comb *comb; struct enc_xform *algo; struct mbuf *result = NULL, *m, *n; @@ -6116,7 +6086,6 @@ key_getsizes_ah( u_int16_t* min, u_int16_t* max) { - INIT_VNET_IPSEC(curvnet); *min = *max = ah->keysize; if (ah->keysize == 0) { @@ -6142,7 +6111,6 @@ key_getsizes_ah( static struct mbuf * key_getcomb_ah() { - INIT_VNET_IPSEC(curvnet); struct sadb_comb *comb; struct auth_hash *algo; struct mbuf *m; @@ -6303,7 +6271,6 @@ key_getprop(saidx) static int key_acquire(const struct secasindex *saidx, struct secpolicy *sp) { - INIT_VNET_IPSEC(curvnet); struct mbuf *result = NULL, *m; struct secacq *newacq; u_int8_t satype; @@ -6474,7 +6441,6 @@ key_acquire(const struct secasindex *saidx, struct secpolicy *sp) static struct secacq * key_newacq(const struct secasindex *saidx) { - INIT_VNET_IPSEC(curvnet); struct secacq *newacq; /* get new entry */ @@ -6501,7 +6467,6 @@ key_newacq(const struct secasindex *saidx) static struct secacq * key_getacq(const struct secasindex *saidx) { - INIT_VNET_IPSEC(curvnet); struct secacq *acq; ACQ_LOCK(); @@ -6518,7 +6483,6 @@ static struct secacq * key_getacqbyseq(seq) u_int32_t seq; { - INIT_VNET_IPSEC(curvnet); struct secacq *acq; ACQ_LOCK(); @@ -6535,7 +6499,6 @@ static struct secspacq * key_newspacq(spidx) struct secpolicyindex *spidx; { - INIT_VNET_IPSEC(curvnet); struct secspacq *acq; /* get new entry */ @@ -6562,7 +6525,6 @@ static struct secspacq * key_getspacq(spidx) struct secpolicyindex *spidx; { - INIT_VNET_IPSEC(curvnet); struct secspacq *acq; SPACQ_LOCK(); @@ -6597,7 +6559,6 @@ key_acquire2(so, m, mhp) struct mbuf *m; const struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); const struct sadb_address *src0, *dst0; struct secasindex saidx; struct secashead *sah; @@ -6756,7 +6717,6 @@ key_register(so, m, mhp) struct mbuf *m; const struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); struct secreg *reg, *newreg = 0; IPSEC_ASSERT(so != NULL, ("null socket")); @@ -6911,7 +6871,6 @@ key_register(so, m, mhp) void key_freereg(struct socket *so) { - INIT_VNET_IPSEC(curvnet); struct secreg *reg; int i; @@ -7087,7 +7046,6 @@ key_flush(so, m, mhp) struct mbuf *m; const struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); struct sadb_msg *newmsg; struct secashead *sah, *nextsah; struct secasvar *sav, *nextsav; @@ -7171,7 +7129,6 @@ key_dump(so, m, mhp) struct mbuf *m; const struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); struct secashead *sah; struct secasvar *sav; u_int16_t proto; @@ -7352,7 +7309,6 @@ key_parse(m, so) struct mbuf *m; struct socket *so; { - INIT_VNET_IPSEC(curvnet); struct sadb_msg *msg; struct sadb_msghdr mh; u_int orglen; @@ -7624,7 +7580,6 @@ key_align(m, mhp) struct mbuf *m; struct sadb_msghdr *mhp; { - INIT_VNET_IPSEC(curvnet); struct mbuf *n; struct sadb_ext *ext; size_t off, end; @@ -7792,26 +7747,8 @@ key_validate_ext(ext, len) void key_init(void) { - INIT_VNET_IPSEC(curvnet); int i; - V_key_debug_level = 0; - V_key_spi_trycnt = 1000; - V_key_spi_minval = 0x100; - V_key_spi_maxval = 0x0fffffff; /* XXX */ - V_policy_id = 0; - V_key_int_random = 60; /*interval to initialize randseed,1(m)*/ - V_key_larval_lifetime = 30; /* interval to expire acquiring, 30(s)*/ - V_key_blockacq_count = 10; /* counter for blocking SADB_ACQUIRE.*/ - V_key_blockacq_lifetime = 20; /* lifetime for blocking SADB_ACQUIRE.*/ - V_key_preferred_oldsa = 1; /* preferred old sa rather than new sa*/ - - V_acq_seq = 0; - - V_ipsec_esp_keymin = 256; - V_ipsec_esp_auth = 0; - V_ipsec_ah_keymin = 128; - for (i = 0; i < IPSEC_DIR_MAX; i++) LIST_INIT(&V_sptree[i]); @@ -7850,7 +7787,6 @@ key_init(void) void key_destroy(void) { - INIT_VNET_IPSEC(curvnet); struct secpolicy *sp, *nextsp; struct secspacq *acq, *nextacq; struct secashead *sah, *nextsah; @@ -7984,7 +7920,6 @@ void key_sa_routechange(dst) struct sockaddr *dst; { - INIT_VNET_IPSEC(curvnet); struct secashead *sah; struct route *ro; diff --git a/sys/netipsec/key_debug.c b/sys/netipsec/key_debug.c index a13a88ac1a85..da5dd7599674 100644 --- a/sys/netipsec/key_debug.c +++ b/sys/netipsec/key_debug.c @@ -44,9 +44,9 @@ #include #endif #include -#include #include +#include #include #include diff --git a/sys/netipsec/key_debug.h b/sys/netipsec/key_debug.h index 6ca0fe2b4460..3082cc3be04a 100644 --- a/sys/netipsec/key_debug.h +++ b/sys/netipsec/key_debug.h @@ -56,7 +56,8 @@ #define KEYDEBUG(lev,arg) \ do { if ((V_key_debug_level & (lev)) == (lev)) { arg; } } while (0) -extern u_int32_t key_debug_level; +VNET_DECLARE(u_int32_t, key_debug_level); +#define V_key_debug_level VNET_GET(key_debug_level) #endif /*_KERNEL*/ struct sadb_msg; diff --git a/sys/netipsec/keysock.c b/sys/netipsec/keysock.c index bb7cb00a910e..1c79421bb9fb 100644 --- a/sys/netipsec/keysock.c +++ b/sys/netipsec/keysock.c @@ -67,22 +67,25 @@ #include -#ifdef VIMAGE_GLOBALS -static struct key_cb key_cb; -struct pfkeystat pfkeystat; -#endif +struct key_cb { + int key_count; + int any_count; +}; +static VNET_DEFINE(struct key_cb, key_cb); +#define V_key_cb VNET_GET(key_cb) -static struct sockaddr key_src = { 2, PF_KEY }; +static struct sockaddr key_src = { 2, PF_KEY, }; static int key_sendup0 __P((struct rawcb *, struct mbuf *, int)); +VNET_DEFINE(struct pfkeystat, pfkeystat); + /* * key_output() */ int key_output(struct mbuf *m, struct socket *so) { - INIT_VNET_IPSEC(curvnet); struct sadb_msg *msg; int len, error = 0; @@ -136,7 +139,6 @@ key_sendup0(rp, m, promisc) struct mbuf *m; int promisc; { - INIT_VNET_IPSEC(curvnet); int error; if (promisc) { @@ -181,7 +183,6 @@ key_sendup(so, msg, len, target) u_int len; int target; /*target of the resulting message*/ { - INIT_VNET_IPSEC(curvnet); struct mbuf *m, *n, *mprev; int tlen; @@ -270,8 +271,6 @@ key_sendup_mbuf(so, m, target) struct mbuf *m; int target; { - INIT_VNET_NET(curvnet); - INIT_VNET_IPSEC(curvnet); struct mbuf *n; struct keycb *kp; int sendup; @@ -389,7 +388,6 @@ key_abort(struct socket *so) static int key_attach(struct socket *so, int proto, struct thread *td) { - INIT_VNET_IPSEC(curvnet); struct keycb *kp; int error; @@ -464,7 +462,6 @@ key_connect(struct socket *so, struct sockaddr *nam, struct thread *td) static void key_detach(struct socket *so) { - INIT_VNET_IPSEC(curvnet); struct keycb *kp = (struct keycb *)sotorawcb(so); KASSERT(kp != NULL, ("key_detach: kp == NULL")); @@ -567,10 +564,8 @@ struct protosw keysw[] = { static void key_init0(void) { - INIT_VNET_IPSEC(curvnet); bzero((caddr_t)&V_key_cb, sizeof(V_key_cb)); - ipsec_init(); key_init(); } diff --git a/sys/netipsec/keysock.h b/sys/netipsec/keysock.h index 1097206eb25b..bcc274b5788e 100644 --- a/sys/netipsec/keysock.h +++ b/sys/netipsec/keysock.h @@ -58,11 +58,6 @@ struct pfkeystat { u_quad_t sockerr; /* # of socket related errors */ }; -struct key_cb { - int key_count; - int any_count; -}; - #define KEY_SENDUP_ONE 0 #define KEY_SENDUP_ALL 1 #define KEY_SENDUP_REGISTERED 2 @@ -74,7 +69,8 @@ struct keycb { int kp_registered; /* registered socket */ }; -extern struct pfkeystat pfkeystat; +VNET_DECLARE(struct pfkeystat, pfkeystat); +#define V_pfkeystat VNET_GET(pfkeystat) extern int key_output(struct mbuf *m, struct socket *so); extern int key_usrreq __P((struct socket *, diff --git a/sys/netipsec/vipsec.h b/sys/netipsec/vipsec.h deleted file mode 100644 index 4a643e5e0238..000000000000 --- a/sys/netipsec/vipsec.h +++ /dev/null @@ -1,184 +0,0 @@ -/* - * Copyright (c) 2007-2008 University of Zagreb - * Copyright (c) 2007-2008 FreeBSD Foundation - * - * This software was developed by the University of Zagreb and the - * FreeBSD Foundation under sponsorship by the Stichting NLnet and the - * FreeBSD Foundation. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#ifndef _NETIPSEC_VIPSEC_H_ -#define _NETIPSEC_VIPSEC_H_ - -#include - -#include -#include - -#include -#include -#include -#include -#include -#include - -struct vnet_ipsec { - int _ipsec_debug; - struct ipsecstat _ipsec4stat; - struct secpolicy _ip4_def_policy; - - int _ip4_esp_trans_deflev; - int _ip4_esp_net_deflev; - int _ip4_ah_trans_deflev; - int _ip4_ah_net_deflev; - int _ip4_ah_offsetmask; - int _ip4_ipsec_dfbit; - int _ip4_ipsec_ecn; - int _ip4_ipsec_filtertunnel; - int _ip4_esp_randpad; - - int _ipsec_replay; - int _ipsec_integrity; - int _crypto_support; - - u_int32_t _key_debug_level; - u_int _key_spi_trycnt; - u_int32_t _key_spi_minval; - u_int32_t _key_spi_maxval; - u_int32_t _policy_id; - u_int _key_int_random; - u_int _key_larval_lifetime; - int _key_blockacq_count; - int _key_blockacq_lifetime; - int _key_preferred_oldsa; - u_int32_t _acq_seq; - - int _esp_enable; - struct espstat _espstat; - int _esp_max_ivlen; - int _ipsec_esp_keymin; - int _ipsec_esp_auth; - int _ipsec_ah_keymin; - int _ipip_allow; - struct ipipstat _ipipstat; - - struct ipsecstat _ipsec6stat; - int _ip6_esp_trans_deflev; - int _ip6_esp_net_deflev; - int _ip6_ah_trans_deflev; - int _ip6_ah_net_deflev; - int _ip6_ipsec_ecn; - int _ip6_ipsec6_filtertunnel; - - int _ah_enable; - int _ah_cleartos; - struct ahstat _ahstat; - - int _ipcomp_enable; - struct ipcompstat _ipcompstat; - - struct pfkeystat _pfkeystat; - struct key_cb _key_cb; - LIST_HEAD(, secpolicy) _sptree[IPSEC_DIR_MAX]; - LIST_HEAD(, secashead) _sahtree; - LIST_HEAD(, secreg) _regtree[SADB_SATYPE_MAX + 1]; - LIST_HEAD(, secacq) _acqtree; - LIST_HEAD(, secspacq) _spacqtree; -}; - -/* Size guard. See sys/vimage.h. */ -VIMAGE_CTASSERT(SIZEOF_vnet_ipsec, sizeof(struct vnet_ipsec)); - -#ifndef VIMAGE -#ifndef VIMAGE_GLOBALS -extern struct vnet_ipsec vnet_ipsec_0; -#endif -#endif - -/* - * Symbol translation macros - */ -#define INIT_VNET_IPSEC(vnet) \ - INIT_FROM_VNET(vnet, VNET_MOD_IPSEC, struct vnet_ipsec, vnet_ipsec) - -#define VNET_IPSEC(sym) VSYM(vnet_ipsec, sym) - -#define V_acq_seq VNET_IPSEC(acq_seq) -#define V_acqtree VNET_IPSEC(acqtree) -#define V_ah_cleartos VNET_IPSEC(ah_cleartos) -#define V_ah_enable VNET_IPSEC(ah_enable) -#define V_ahstat VNET_IPSEC(ahstat) -#define V_crypto_support VNET_IPSEC(crypto_support) -#define V_esp_enable VNET_IPSEC(esp_enable) -#define V_esp_max_ivlen VNET_IPSEC(esp_max_ivlen) -#define V_espstat VNET_IPSEC(espstat) -#define V_ip4_ah_net_deflev VNET_IPSEC(ip4_ah_net_deflev) -#define V_ip4_ah_offsetmask VNET_IPSEC(ip4_ah_offsetmask) -#define V_ip4_ah_trans_deflev VNET_IPSEC(ip4_ah_trans_deflev) -#define V_ip4_def_policy VNET_IPSEC(ip4_def_policy) -#define V_ip4_esp_net_deflev VNET_IPSEC(ip4_esp_net_deflev) -#define V_ip4_esp_randpad VNET_IPSEC(ip4_esp_randpad) -#define V_ip4_esp_trans_deflev VNET_IPSEC(ip4_esp_trans_deflev) -#define V_ip4_ipsec_dfbit VNET_IPSEC(ip4_ipsec_dfbit) -#define V_ip4_ipsec_ecn VNET_IPSEC(ip4_ipsec_ecn) -#define V_ip4_ipsec_filtertunnel VNET_IPSEC(ip4_ipsec_filtertunnel) -#define V_ip6_ah_net_deflev VNET_IPSEC(ip6_ah_net_deflev) -#define V_ip6_ah_trans_deflev VNET_IPSEC(ip6_ah_trans_deflev) -#define V_ip6_esp_net_deflev VNET_IPSEC(ip6_esp_net_deflev) -#define V_ip6_esp_randpad VNET_IPSEC(ip6_esp_randpad) -#define V_ip6_esp_trans_deflev VNET_IPSEC(ip6_esp_trans_deflev) -#define V_ip6_ipsec_ecn VNET_IPSEC(ip6_ipsec_ecn) -#define V_ip6_ipsec6_filtertunnel VNET_IPSEC(ip6_ipsec6_filtertunnel) -#define V_ipcomp_enable VNET_IPSEC(ipcomp_enable) -#define V_ipcompstat VNET_IPSEC(ipcompstat) -#define V_ipip_allow VNET_IPSEC(ipip_allow) -#define V_ipipstat VNET_IPSEC(ipipstat) -#define V_ipsec4stat VNET_IPSEC(ipsec4stat) -#define V_ipsec6stat VNET_IPSEC(ipsec6stat) -#define V_ipsec_ah_keymin VNET_IPSEC(ipsec_ah_keymin) -#define V_ipsec_debug VNET_IPSEC(ipsec_debug) -#define V_ipsec_esp_auth VNET_IPSEC(ipsec_esp_auth) -#define V_ipsec_esp_keymin VNET_IPSEC(ipsec_esp_keymin) -#define V_ipsec_integrity VNET_IPSEC(ipsec_integrity) -#define V_ipsec_replay VNET_IPSEC(ipsec_replay) -#define V_key_blockacq_count VNET_IPSEC(key_blockacq_count) -#define V_key_blockacq_lifetime VNET_IPSEC(key_blockacq_lifetime) -#define V_key_cb VNET_IPSEC(key_cb) -#define V_key_debug_level VNET_IPSEC(key_debug_level) -#define V_key_int_random VNET_IPSEC(key_int_random) -#define V_key_larval_lifetime VNET_IPSEC(key_larval_lifetime) -#define V_key_preferred_oldsa VNET_IPSEC(key_preferred_oldsa) -#define V_key_spi_maxval VNET_IPSEC(key_spi_maxval) -#define V_key_spi_minval VNET_IPSEC(key_spi_minval) -#define V_key_spi_trycnt VNET_IPSEC(key_spi_trycnt) -#define V_pfkeystat VNET_IPSEC(pfkeystat) -#define V_policy_id VNET_IPSEC(policy_id) -#define V_regtree VNET_IPSEC(regtree) -#define V_sahtree VNET_IPSEC(sahtree) -#define V_spacqtree VNET_IPSEC(spacqtree) -#define V_sptree VNET_IPSEC(sptree) - -#endif /* !_NETIPSEC_VIPSEC_H_ */ diff --git a/sys/netipsec/xform_ah.c b/sys/netipsec/xform_ah.c index 07d7001b6fde..658c92cf377a 100644 --- a/sys/netipsec/xform_ah.c +++ b/sys/netipsec/xform_ah.c @@ -49,6 +49,7 @@ #include #include +#include #include #include @@ -73,17 +74,6 @@ #include -static int ah_iattach(const void *); - -#ifndef VIMAGE_GLOBALS -static const vnet_modinfo_t vnet_ah_modinfo = { - .vmi_id = VNET_MOD_AH, - .vmi_name = "ipsec_ah", - .vmi_dependson = VNET_MOD_IPSEC, - .vmi_iattach = ah_iattach -}; -#endif /* !VIMAGE_GLOBALS */ - /* * Return header size in bytes. The old protocol did not support * the replay counter; the new protocol always includes the counter. @@ -99,19 +89,17 @@ static const vnet_modinfo_t vnet_ah_modinfo = { #define AUTHSIZE(sav) \ ((sav->flags & SADB_X_EXT_OLD) ? 16 : AH_HMAC_HASHLEN) -#ifdef VIMAGE_GLOBALS -int ah_enable; -int ah_cleartos; -struct ahstat ahstat; -#endif +VNET_DEFINE(int, ah_enable) = 1; /* control flow of packets with AH */ +VNET_DEFINE(int, ah_cleartos) = 1; /* clear ip_tos when doing AH calc */ +VNET_DEFINE(struct ahstat, ahstat); SYSCTL_DECL(_net_inet_ah); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet_ah, OID_AUTO, - ah_enable, CTLFLAG_RW, ah_enable, 0, ""); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet_ah, OID_AUTO, - ah_cleartos, CTLFLAG_RW, ah_cleartos, 0, ""); -SYSCTL_V_STRUCT(V_NET, vnet_ipsec, _net_inet_ah, IPSECCTL_STATS, - stats, CTLFLAG_RD, ahstat, ahstat, ""); +SYSCTL_VNET_INT(_net_inet_ah, OID_AUTO, + ah_enable, CTLFLAG_RW, &VNET_NAME(ah_enable), 0, ""); +SYSCTL_VNET_INT(_net_inet_ah, OID_AUTO, + ah_cleartos, CTLFLAG_RW, &VNET_NAME(ah_cleartos), 0, ""); +SYSCTL_VNET_STRUCT(_net_inet_ah, IPSECCTL_STATS, + stats, CTLFLAG_RD, &VNET_NAME(ahstat), ahstat, ""); static unsigned char ipseczeroes[256]; /* larger than an ip6 extension hdr */ @@ -173,7 +161,6 @@ ah_hdrsiz(struct secasvar *sav) int ah_init0(struct secasvar *sav, struct xformsw *xsp, struct cryptoini *cria) { - INIT_VNET_IPSEC(curvnet); struct auth_hash *thash; int keylen; @@ -228,7 +215,6 @@ ah_init0(struct secasvar *sav, struct xformsw *xsp, struct cryptoini *cria) static int ah_init(struct secasvar *sav, struct xformsw *xsp) { - INIT_VNET_IPSEC(curvnet); struct cryptoini cria; int error; @@ -263,7 +249,6 @@ ah_zeroize(struct secasvar *sav) static int ah_massage_headers(struct mbuf **m0, int proto, int skip, int alg, int out) { - INIT_VNET_IPSEC(curvnet); struct mbuf *m = *m0; unsigned char *ptr; int off, count; @@ -568,7 +553,6 @@ ah_massage_headers(struct mbuf **m0, int proto, int skip, int alg, int out) static int ah_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) { - INIT_VNET_IPSEC(curvnet); struct auth_hash *ahx; struct tdb_ident *tdbi; struct tdb_crypto *tc; @@ -738,7 +722,6 @@ ah_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) static int ah_input_cb(struct cryptop *crp) { - INIT_VNET_IPSEC(curvnet); int rplen, error, skip, protoff; unsigned char calc[AH_ALEN_MAX]; struct mbuf *m; @@ -901,7 +884,6 @@ ah_output( int skip, int protoff) { - INIT_VNET_IPSEC(curvnet); struct secasvar *sav; struct auth_hash *ahx; struct cryptodesc *crda; @@ -1128,7 +1110,6 @@ bad: static int ah_output_cb(struct cryptop *crp) { - INIT_VNET_IPSEC(curvnet); int skip, protoff, error; struct tdb_crypto *tc; struct ipsecrequest *isr; @@ -1232,21 +1213,6 @@ ah_attach(void) { xform_register(&ah_xformsw); -#ifndef VIMAGE_GLOBALS - vnet_mod_register(&vnet_ah_modinfo); -#else - ah_iattach(NULL); -#endif } -static int -ah_iattach(const void *unused __unused) -{ - INIT_VNET_IPSEC(curvnet); - - V_ah_enable = 1; /* control flow of packets with AH */ - V_ah_cleartos = 1; /* clear ip_tos when doing AH calc */ - - return (0); -} SYSINIT(ah_xform_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_MIDDLE, ah_attach, NULL); diff --git a/sys/netipsec/xform_esp.c b/sys/netipsec/xform_esp.c index 6508c14701d4..afb9d2d57fc3 100644 --- a/sys/netipsec/xform_esp.c +++ b/sys/netipsec/xform_esp.c @@ -49,6 +49,7 @@ #include #include +#include #include #include @@ -76,30 +77,21 @@ #include #include -#ifdef VIMAGE_GLOBALS -struct espstat espstat; -static int esp_max_ivlen; /* max iv length over all algorithms */ -int esp_enable; -#endif +VNET_DEFINE(int, esp_enable) = 1; +VNET_DEFINE(struct espstat, espstat); SYSCTL_DECL(_net_inet_esp); -SYSCTL_V_INT(V_NET, vnet_ipsec,_net_inet_esp, OID_AUTO, - esp_enable, CTLFLAG_RW, esp_enable, 0, ""); -SYSCTL_V_STRUCT(V_NET, vnet_ipsec, _net_inet_esp, IPSECCTL_STATS, - stats, CTLFLAG_RD, espstat, espstat, ""); +SYSCTL_VNET_INT(_net_inet_esp, OID_AUTO, + esp_enable, CTLFLAG_RW, &VNET_NAME(esp_enable), 0, ""); +SYSCTL_VNET_STRUCT(_net_inet_esp, IPSECCTL_STATS, + stats, CTLFLAG_RD, &VNET_NAME(espstat), espstat, ""); + +/* max iv length over all algorithms */ +static VNET_DEFINE(int, esp_max_ivlen) = 0; +#define V_esp_max_ivlen VNET_GET(esp_max_ivlen) static int esp_input_cb(struct cryptop *op); static int esp_output_cb(struct cryptop *crp); -static int esp_iattach(const void *); - -#ifndef VIMAGE_GLOBALS -static const vnet_modinfo_t vnet_esp_modinfo = { - .vmi_id = VNET_MOD_ESP, - .vmi_name = "ipsec_esp", - .vmi_dependson = VNET_MOD_IPSEC, - .vmi_iattach = esp_iattach -}; -#endif /* !VIMAGE_GLOBALS */ /* * NB: this is public for use by the PF_KEY support. @@ -134,7 +126,6 @@ esp_algorithm_lookup(int alg) size_t esp_hdrsiz(struct secasvar *sav) { - INIT_VNET_IPSEC(curvnet); size_t size; if (sav != NULL) { @@ -169,7 +160,6 @@ esp_hdrsiz(struct secasvar *sav) static int esp_init(struct secasvar *sav, struct xformsw *xsp) { - INIT_VNET_IPSEC(curvnet); struct enc_xform *txform; struct cryptoini cria, crie; int keylen; @@ -280,7 +270,6 @@ esp_zeroize(struct secasvar *sav) static int esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) { - INIT_VNET_IPSEC(curvnet); struct auth_hash *esph; struct enc_xform *espx; struct tdb_ident *tdbi; @@ -463,7 +452,6 @@ esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) static int esp_input_cb(struct cryptop *crp) { - INIT_VNET_IPSEC(curvnet); u_int8_t lastthree[3], aalg[AH_HMAC_HASHLEN]; int hlen, skip, protoff, error; struct mbuf *m; @@ -667,7 +655,6 @@ esp_output( int protoff ) { - INIT_VNET_IPSEC(curvnet); struct enc_xform *espx; struct auth_hash *esph; int hlen, rlen, plen, padding, blks, alen, i, roff; @@ -898,7 +885,6 @@ bad: static int esp_output_cb(struct cryptop *crp) { - INIT_VNET_IPSEC(curvnet); struct tdb_crypto *tc; struct ipsecrequest *isr; struct secasvar *sav; @@ -1000,27 +986,10 @@ static struct xformsw esp_xformsw = { static void esp_attach(void) { - - xform_register(&esp_xformsw); -#ifndef VIMAGE_GLOBALS - vnet_mod_register(&vnet_esp_modinfo); -#else - esp_iattach(NULL); -#endif -} - -static int -esp_iattach(const void *unused __unused) -{ - INIT_VNET_IPSEC(curvnet); - #define MAXIV(xform) \ if (xform.blocksize > V_esp_max_ivlen) \ V_esp_max_ivlen = xform.blocksize \ - V_esp_enable = 1; - V_esp_max_ivlen = 0; - MAXIV(enc_xform_des); /* SADB_EALG_DESCBC */ MAXIV(enc_xform_3des); /* SADB_EALG_3DESCBC */ MAXIV(enc_xform_rijndael128); /* SADB_X_EALG_AES */ @@ -1029,8 +998,8 @@ esp_iattach(const void *unused __unused) MAXIV(enc_xform_skipjack); /* SADB_X_EALG_SKIPJACK */ MAXIV(enc_xform_null); /* SADB_EALG_NULL */ MAXIV(enc_xform_camellia); /* SADB_X_EALG_CAMELLIACBC */ -#undef MAXIV - return (0); + xform_register(&esp_xformsw); +#undef MAXIV } SYSINIT(esp_xform_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_MIDDLE, esp_attach, NULL); diff --git a/sys/netipsec/xform_ipcomp.c b/sys/netipsec/xform_ipcomp.c index 8e2f1c42bb30..2ea83e095d36 100644 --- a/sys/netipsec/xform_ipcomp.c +++ b/sys/netipsec/xform_ipcomp.c @@ -49,6 +49,8 @@ #include #include +#include + #include #include @@ -67,29 +69,25 @@ #include #include -#ifdef VIMAGE_GLOBALS -int ipcomp_enable; -struct ipcompstat ipcompstat; -#endif +VNET_DEFINE(int, ipcomp_enable) = 0; +VNET_DEFINE(struct ipcompstat, ipcompstat); SYSCTL_DECL(_net_inet_ipcomp); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet_ipcomp, OID_AUTO, - ipcomp_enable, CTLFLAG_RW, ipcomp_enable, 0, ""); -SYSCTL_V_STRUCT(V_NET, vnet_ipsec, _net_inet_ipcomp, IPSECCTL_STATS, - stats, CTLFLAG_RD, ipcompstat, ipcompstat, ""); +SYSCTL_VNET_INT(_net_inet_ipcomp, OID_AUTO, + ipcomp_enable, CTLFLAG_RW, &VNET_NAME(ipcomp_enable), 0, ""); +SYSCTL_VNET_STRUCT(_net_inet_ipcomp, IPSECCTL_STATS, + stats, CTLFLAG_RD, &VNET_NAME(ipcompstat), ipcompstat, ""); static int ipcomp_input_cb(struct cryptop *crp); static int ipcomp_output_cb(struct cryptop *crp); -static int ipcomp_iattach(const void *); -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE static const vnet_modinfo_t vnet_ipcomp_modinfo = { .vmi_id = VNET_MOD_IPCOMP, .vmi_name = "ipsec_ipcomp", .vmi_dependson = VNET_MOD_IPSEC, - .vmi_iattach = ipcomp_iattach }; -#endif /* !VIMAGE_GLOBALS */ +#endif struct comp_algo * ipcomp_algorithm_lookup(int alg) @@ -109,7 +107,6 @@ ipcomp_algorithm_lookup(int alg) static int ipcomp_init(struct secasvar *sav, struct xformsw *xsp) { - INIT_VNET_IPSEC(curvnet); struct comp_algo *tcomp; struct cryptoini cric; @@ -150,7 +147,6 @@ ipcomp_zeroize(struct secasvar *sav) static int ipcomp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) { - INIT_VNET_IPSEC(curvnet); struct tdb_crypto *tc; struct cryptodesc *crdc; struct cryptop *crp; @@ -221,7 +217,6 @@ ipcomp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) static int ipcomp_input_cb(struct cryptop *crp) { - INIT_VNET_IPSEC(curvnet); struct cryptodesc *crd; struct tdb_crypto *tc; int skip, protoff; @@ -342,7 +337,6 @@ ipcomp_output( int protoff ) { - INIT_VNET_IPSEC(curvnet); struct secasvar *sav; struct comp_algo *ipcompx; int error, ralen, hlen, maxpacketsize, roff; @@ -501,7 +495,6 @@ bad: static int ipcomp_output_cb(struct cryptop *crp) { - INIT_VNET_IPSEC(curvnet); struct tdb_crypto *tc; struct ipsecrequest *isr; struct secasvar *sav; @@ -611,19 +604,9 @@ ipcomp_attach(void) { xform_register(&ipcomp_xformsw); -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_register(&vnet_ipcomp_modinfo); -#else - ipcomp_iattach(NULL); #endif } -static int -ipcomp_iattach(const void *unused __unused) -{ - INIT_VNET_IPSEC(curvnet); - - V_ipcomp_enable = 0; - return (0); -} SYSINIT(ipcomp_xform_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_MIDDLE, ipcomp_attach, NULL); diff --git a/sys/netipsec/xform_ipip.c b/sys/netipsec/xform_ipip.c index d9cf8c6fe299..8de23ec99d7d 100644 --- a/sys/netipsec/xform_ipip.c +++ b/sys/netipsec/xform_ipip.c @@ -68,7 +68,6 @@ #ifdef MROUTING #include #endif -#include #include #include @@ -92,31 +91,27 @@ * We can control the acceptance of IP4 packets by altering the sysctl * net.inet.ipip.allow value. Zero means drop them, all else is acceptance. */ -#ifdef VIMAGE_GLOBALS -int ipip_allow; -struct ipipstat ipipstat; -#endif +VNET_DEFINE(int, ipip_allow) = 0; +VNET_DEFINE(struct ipipstat, ipipstat); SYSCTL_DECL(_net_inet_ipip); -SYSCTL_V_INT(V_NET, vnet_ipsec, _net_inet_ipip, OID_AUTO, - ipip_allow, CTLFLAG_RW, ipip_allow, 0, ""); -SYSCTL_V_STRUCT(V_NET, vnet_ipsec, _net_inet_ipip, IPSECCTL_STATS, - stats, CTLFLAG_RD, ipipstat, ipipstat, ""); +SYSCTL_VNET_INT(_net_inet_ipip, OID_AUTO, + ipip_allow, CTLFLAG_RW, &VNET_NAME(ipip_allow), 0, ""); +SYSCTL_VNET_STRUCT(_net_inet_ipip, IPSECCTL_STATS, + stats, CTLFLAG_RD, &VNET_NAME(ipipstat), ipipstat, ""); /* XXX IPCOMP */ #define M_IPSEC (M_AUTHIPHDR|M_AUTHIPDGM|M_DECRYPTED) static void _ipip_input(struct mbuf *m, int iphlen, struct ifnet *gifp); -static int ipe4_iattach(const void *); -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE static const vnet_modinfo_t vnet_ipip_modinfo = { .vmi_id = VNET_MOD_IPIP, .vmi_name = "ipsec_ipip", .vmi_dependson = VNET_MOD_IPSEC, - .vmi_iattach = ipe4_iattach }; -#endif /* !VIMAGE_GLOBALS */ +#endif #ifdef INET6 /* @@ -169,8 +164,6 @@ ip4_input(struct mbuf *m, int off) static void _ipip_input(struct mbuf *m, int iphlen, struct ifnet *gifp) { - INIT_VNET_NET(curvnet); - INIT_VNET_IPSEC(curvnet); #ifdef INET register struct sockaddr_in *sin; #endif @@ -424,10 +417,6 @@ ipip_output( int protoff ) { - INIT_VNET_IPSEC(curvnet); -#ifdef INET - INIT_VNET_INET(curvnet); -#endif /* INET */ struct secasvar *sav; u_int8_t tp, otos; struct secasindex *saidx; @@ -708,15 +697,6 @@ ipe4_encapcheck(const struct mbuf *m, int off, int proto, void *arg) return ((m->m_flags & M_IPSEC) != 0 ? 1 : 0); } -static int -ipe4_iattach(const void *unused __unused) -{ - INIT_VNET_IPSEC(curvnet); - - V_ipip_allow = 0; - return (0); -} - static void ipe4_attach(void) { @@ -730,10 +710,8 @@ ipe4_attach(void) (void) encap_attach_func(AF_INET6, -1, ipe4_encapcheck, (struct protosw *)&ipe6_protosw, NULL); #endif -#ifndef VIMAGE_GLOBALS +#ifdef VIMAGE vnet_mod_register(&vnet_ipip_modinfo); -#else - ipe4_iattach(NULL); #endif } SYSINIT(ipe4_xform_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_MIDDLE, ipe4_attach, NULL); diff --git a/sys/netipsec/xform_tcp.c b/sys/netipsec/xform_tcp.c index 35a4d43636b0..1fad954681ad 100644 --- a/sys/netipsec/xform_tcp.c +++ b/sys/netipsec/xform_tcp.c @@ -49,6 +49,8 @@ #include #include +#include + #include #include @@ -83,7 +85,6 @@ static int tcpsignature_init(struct secasvar *sav, struct xformsw *xsp) { - INIT_VNET_IPSEC(curvnet); int keylen; if (sav->spi != htonl(TCP_SIG_SPI)) { diff --git a/sys/nfsclient/bootp_subr.c b/sys/nfsclient/bootp_subr.c index 4a4847acc203..ea6c02b4cf94 100644 --- a/sys/nfsclient/bootp_subr.c +++ b/sys/nfsclient/bootp_subr.c @@ -358,7 +358,6 @@ bootpboot_p_tree(struct radix_node *rn) void bootpboot_p_rtlist(void) { - INIT_VNET_NET(curvnet); struct radix_node_head *rnh; printf("Routing table:\n"); @@ -387,7 +386,6 @@ bootpboot_p_if(struct ifnet *ifp, struct ifaddr *ifa) void bootpboot_p_iflist(void) { - INIT_VNET_NET(curvnet); struct ifnet *ifp; struct ifaddr *ifa; @@ -1597,7 +1595,6 @@ bootpc_decode_reply(struct nfsv3_diskless *nd, struct bootpc_ifcontext *ifctx, void bootpc_init(void) { - INIT_VNET_NET(curvnet); struct bootpc_ifcontext *ifctx, *nctx; /* Interface BOOTP contexts */ struct bootpc_globalcontext *gctx; /* Global BOOTP context */ struct ifnet *ifp; diff --git a/sys/nfsclient/nfs_diskless.c b/sys/nfsclient/nfs_diskless.c index ba7a7a1b784c..e3e758bef66f 100644 --- a/sys/nfsclient/nfs_diskless.c +++ b/sys/nfsclient/nfs_diskless.c @@ -149,7 +149,6 @@ nfs_parse_options(const char *envopts, struct nfs_args *nd) void nfs_setup_diskless(void) { - INIT_VNET_NET(curvnet); struct nfs_diskless *nd = &nfs_diskless; struct ifnet *ifp; struct ifaddr *ifa; diff --git a/sys/nfsclient/nfs_vnops.c b/sys/nfsclient/nfs_vnops.c index 07a79043681d..d6448369b205 100644 --- a/sys/nfsclient/nfs_vnops.c +++ b/sys/nfsclient/nfs_vnops.c @@ -82,7 +82,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include @@ -1553,7 +1552,6 @@ again: *tl = txdr_unsigned(NFSV3CREATE_EXCLUSIVE); tl = nfsm_build(u_int32_t *, NFSX_V3CREATEVERF); #ifdef INET - INIT_VNET_INET(curvnet); IN_IFADDR_RLOCK(); if (!TAILQ_EMPTY(&V_in_ifaddrhead)) *tl++ = IA_SIN(TAILQ_FIRST(&V_in_ifaddrhead))->sin_addr.s_addr; diff --git a/sys/sys/param.h b/sys/sys/param.h index dffedb227aeb..c2c5e2825b28 100644 --- a/sys/sys/param.h +++ b/sys/sys/param.h @@ -58,7 +58,7 @@ * in the range 5 to 9. */ #undef __FreeBSD_version -#define __FreeBSD_version 800103 /* Master, propagated to newvers */ +#define __FreeBSD_version 800104 /* Master, propagated to newvers */ #ifndef LOCORE #include diff --git a/sys/sys/pcpu.h b/sys/sys/pcpu.h index 66af3c7ad3cd..8c0e0d55a950 100644 --- a/sys/sys/pcpu.h +++ b/sys/sys/pcpu.h @@ -183,6 +183,7 @@ extern struct cpuhead cpuhead; #ifndef curthread #define curthread PCPU_GET(curthread) #endif +#define curvidata PCPU_GET(vidata) /* * Machine dependent callouts. cpu_pcpu_init() is responsible for diff --git a/sys/sys/sysctl.h b/sys/sys/sysctl.h index ca7fafeb56b4..0d7e39791a63 100644 --- a/sys/sys/sysctl.h +++ b/sys/sys/sysctl.h @@ -163,8 +163,6 @@ struct sysctl_oid { const char *oid_fmt; int oid_refcnt; const char *oid_descr; - short oid_v_subs; - short oid_v_mod; }; #define SYSCTL_IN(r, p, l) (r->newfunc)(r, p, l) @@ -182,12 +180,6 @@ int sysctl_dpcpu_int(SYSCTL_HANDLER_ARGS); int sysctl_dpcpu_long(SYSCTL_HANDLER_ARGS); int sysctl_dpcpu_quad(SYSCTL_HANDLER_ARGS); -#ifdef VIMAGE -int sysctl_handle_v_int(SYSCTL_HANDLER_ARGS); -int sysctl_handle_v_string(SYSCTL_HANDLER_ARGS); -int sysctl_handle_v_opaque(SYSCTL_HANDLER_ARGS); -#endif - /* * These functions are used to add/remove an oid from the mib. */ @@ -232,27 +224,6 @@ TAILQ_HEAD(sysctl_ctx_list, sysctl_ctx_entry); a1, a2, #name, handler, fmt, 0, __DESCR(descr) }; \ DATA_SET(sysctl_set, sysctl__##parent##_##name) -#ifdef VIMAGE -#define SYSCTL_V_OID(subs, mod, parent, nbr, name, kind, a1, a2, \ - handler, fmt, descr) \ - static struct sysctl_oid sysctl__##parent##_##name = { \ - &sysctl_##parent##_children, { 0 }, nbr, kind, \ - (void *) offsetof(struct mod, _##a1), a2, #name, \ - handler, fmt, 0, __DESCR(descr), subs, V_MOD_##mod }; \ - DATA_SET(sysctl_set, sysctl__##parent##_##name) -#else -#ifdef VIMAGE_GLOBALS -#define SYSCTL_V_OID(subs, mod, parent, nbr, name, kind, a1, a2, \ - handler, fmt, descr) \ - SYSCTL_OID(parent, nbr, name, kind, &a1, a2, handler, fmt, descr) -#else -#define SYSCTL_V_OID(subs, mod, parent, nbr, name, kind, a1, a2, \ - handler, fmt, descr) \ - SYSCTL_OID(parent, nbr, name, kind, & mod ## _0._ ## a1, a2, \ - handler, fmt, descr) -#endif -#endif - #define SYSCTL_ADD_OID(ctx, parent, nbr, name, kind, a1, a2, handler, fmt, descr) \ sysctl_add_oid(ctx, parent, nbr, name, kind, a1, a2, handler, fmt, __DESCR(descr)) @@ -271,22 +242,6 @@ TAILQ_HEAD(sysctl_ctx_list, sysctl_ctx_entry); SYSCTL_OID(parent, nbr, name, CTLTYPE_STRING|(access), \ arg, len, sysctl_handle_string, "A", descr) -#ifdef VIMAGE -#define SYSCTL_V_STRING(subs, mod, parent, nbr, name, access, sym, len, descr) \ - SYSCTL_V_OID(subs, mod, parent, nbr, name, CTLTYPE_STRING|(access), \ - sym, len, sysctl_handle_v_string, "A", descr) -#else -#ifdef VIMAGE_GLOBALS -#define SYSCTL_V_STRING(subs, mod, parent, nbr, name, access, sym, len, descr) \ - SYSCTL_OID(parent, nbr, name, CTLTYPE_STRING|(access), \ - &sym, len, sysctl_handle_string, "A", descr) -#else -#define SYSCTL_V_STRING(subs, mod, parent, nbr, name, access, sym, len, descr) \ - SYSCTL_OID(parent, nbr, name, CTLTYPE_STRING|(access), \ - & mod ## _0._ ## sym, len, sysctl_handle_string, "A", descr) -#endif -#endif - #define SYSCTL_ADD_STRING(ctx, parent, nbr, name, access, arg, len, descr) \ sysctl_add_oid(ctx, parent, nbr, name, CTLTYPE_STRING|(access), \ arg, len, sysctl_handle_string, "A", __DESCR(descr)) @@ -296,23 +251,6 @@ TAILQ_HEAD(sysctl_ctx_list, sysctl_ctx_entry); SYSCTL_OID(parent, nbr, name, CTLTYPE_INT|CTLFLAG_MPSAFE|(access), \ ptr, val, sysctl_handle_int, "I", descr) -#ifdef VIMAGE -#define SYSCTL_V_INT(subs, mod, parent, nbr, name, access, sym, val, descr) \ - SYSCTL_V_OID(subs, mod, parent, nbr, name, \ - CTLTYPE_INT|CTLFLAG_MPSAFE|(access), \ - sym, val, sysctl_handle_v_int, "I", descr) -#else -#ifdef VIMAGE_GLOBALS -#define SYSCTL_V_INT(subs, mod, parent, nbr, name, access, sym, val, descr) \ - SYSCTL_OID(parent, nbr, name, CTLTYPE_INT|CTLFLAG_MPSAFE|(access), \ - &sym, val, sysctl_handle_int, "I", descr) -#else -#define SYSCTL_V_INT(subs, mod, parent, nbr, name, access, sym, val, descr) \ - SYSCTL_OID(parent, nbr, name, CTLTYPE_INT|CTLFLAG_MPSAFE|(access), \ - & mod ## _0._ ## sym, val, sysctl_handle_int, "I", descr) -#endif -#endif - #define SYSCTL_ADD_INT(ctx, parent, nbr, name, access, ptr, val, descr) \ sysctl_add_oid(ctx, parent, nbr, name, CTLTYPE_INT|CTLFLAG_MPSAFE|(access), \ ptr, val, sysctl_handle_int, "I", __DESCR(descr)) @@ -322,23 +260,6 @@ TAILQ_HEAD(sysctl_ctx_list, sysctl_ctx_entry); SYSCTL_OID(parent, nbr, name, CTLTYPE_UINT|CTLFLAG_MPSAFE|(access), \ ptr, val, sysctl_handle_int, "IU", descr) -#ifdef VIMAGE -#define SYSCTL_V_UINT(subs, mod, parent, nbr, name, access, sym, val, descr) \ - SYSCTL_V_OID(subs, mod, parent, nbr, name, \ - CTLTYPE_UINT|CTLFLAG_MPSAFE|(access), \ - sym, val, sysctl_handle_v_int, "IU", descr) -#else -#ifdef VIMAGE_GLOBALS -#define SYSCTL_V_UINT(subs, mod, parent, nbr, name, access, sym, val, descr) \ - SYSCTL_OID(parent, nbr, name, CTLTYPE_UINT|CTLFLAG_MPSAFE|(access), \ - &sym, val, sysctl_handle_int, "IU", descr) -#else -#define SYSCTL_V_UINT(subs, mod, parent, nbr, name, access, sym, val, descr) \ - SYSCTL_OID(parent, nbr, name, CTLTYPE_UINT|CTLFLAG_MPSAFE|(access), \ - & mod ## _0._ ## sym, val, sysctl_handle_int, "IU", descr) -#endif -#endif - #define SYSCTL_ADD_UINT(ctx, parent, nbr, name, access, ptr, val, descr) \ sysctl_add_oid(ctx, parent, nbr, name, CTLTYPE_UINT|CTLFLAG_MPSAFE|(access), \ ptr, val, sysctl_handle_int, "IU", __DESCR(descr)) @@ -401,28 +322,6 @@ TAILQ_HEAD(sysctl_ctx_list, sysctl_ctx_entry); ptr, sizeof(struct type), sysctl_handle_opaque, \ "S," #type, descr) -#ifdef VIMAGE -#define SYSCTL_V_STRUCT(subs, mod, parent, nbr, name, access, sym, \ - type, descr) \ - SYSCTL_V_OID(subs, mod, parent, nbr, name, CTLTYPE_OPAQUE|(access), \ - sym, sizeof(struct type), sysctl_handle_v_opaque, \ - "S," #type, descr) -#else -#ifdef VIMAGE_GLOBALS -#define SYSCTL_V_STRUCT(subs, mod, parent, nbr, name, access, sym, \ - type, descr) \ - SYSCTL_OID(parent, nbr, name, CTLTYPE_OPAQUE|(access), \ - &sym, sizeof(struct type), sysctl_handle_opaque, \ - "S," #type, descr) -#else -#define SYSCTL_V_STRUCT(subs, mod, parent, nbr, name, access, sym, \ - type, descr) \ - SYSCTL_OID(parent, nbr, name, CTLTYPE_OPAQUE|(access), \ - & mod ## _0._ ## sym, sizeof(struct type), \ - sysctl_handle_opaque, "S," #type, descr) -#endif -#endif - #define SYSCTL_ADD_STRUCT(ctx, parent, nbr, name, access, ptr, type, descr) \ sysctl_add_oid(ctx, parent, nbr, name, CTLTYPE_OPAQUE|(access), \ ptr, sizeof(struct type), sysctl_handle_opaque, "S," #type, __DESCR(descr)) @@ -432,11 +331,6 @@ TAILQ_HEAD(sysctl_ctx_list, sysctl_ctx_entry); SYSCTL_OID(parent, nbr, name, (access), \ ptr, arg, handler, fmt, descr) -#define SYSCTL_V_PROC(subs, mod, parent, nbr, name, access, sym, arg, \ - handler, fmt, descr) \ - SYSCTL_V_OID(subs, mod, parent, nbr, name, (access), \ - sym, arg, handler, fmt, descr) - #define SYSCTL_ADD_PROC(ctx, parent, nbr, name, access, ptr, arg, handler, fmt, descr) \ sysctl_add_oid(ctx, parent, nbr, name, (access), \ ptr, arg, handler, fmt, __DESCR(descr)) @@ -447,33 +341,6 @@ TAILQ_HEAD(sysctl_ctx_list, sysctl_ctx_entry); */ #define FEATURE(name, desc) \ SYSCTL_INT(_kern_features, OID_AUTO, name, CTLFLAG_RD, 0, 1, desc) - -/* - * Resolve void *arg1 in a proper virtualization container. - */ -#ifdef VIMAGE -#define SYSCTL_RESOLVE_V_ARG1() do { \ - char *cp; \ - switch (oidp->oid_v_subs) { \ - case V_GLOBAL: \ - /* do nothing - this is NOT a virtualized variable! */ \ - break; \ - case V_NET: \ - cp = (char *) \ - TD_TO_VNET(req->td)->mod_data[oidp->oid_v_mod]; \ - arg1 = cp + (size_t) arg1; \ - break; \ - case V_PROCG: \ - cp = (char *) TD_TO_VPROCG(curthread); \ - arg1 = cp + (size_t) arg1; \ - break; \ - default: \ - panic("unsupported module id %d", oidp->oid_v_subs); \ - } \ -} while (0) -#else -#define SYSCTL_RESOLVE_V_ARG1() -#endif #endif /* _KERNEL */ diff --git a/sys/sys/vimage.h b/sys/sys/vimage.h index 9f6ab462a1a7..cc0d63dacc02 100644 --- a/sys/sys/vimage.h +++ b/sys/sys/vimage.h @@ -61,10 +61,6 @@ struct vi_req { #ifdef _KERNEL -#if defined(VIMAGE) && defined(VIMAGE_GLOBALS) -#error "You cannot have both option VIMAGE and option VIMAGE_GLOBALS!" -#endif - #ifdef INVARIANTS #define VNET_DEBUG #endif @@ -80,14 +76,7 @@ struct thread; typedef int vnet_attach_fn(const void *); typedef int vnet_detach_fn(const void *); -#ifndef VIMAGE_GLOBALS - -struct vnet_symmap { - char *name; - size_t offset; - size_t size; -}; -typedef struct vnet_symmap vnet_symmap_t; +#ifdef VIMAGE struct vnet_modinfo { u_int vmi_id; @@ -95,8 +84,6 @@ struct vnet_modinfo { char *vmi_name; vnet_attach_fn *vmi_iattach; vnet_detach_fn *vmi_idetach; - size_t vmi_size; - struct vnet_symmap *vmi_symmap; }; typedef struct vnet_modinfo vnet_modinfo_t; @@ -134,7 +121,7 @@ struct vnet_modlink { #define VNET_MOD_AH 25 #define VNET_MOD_IPCOMP 26 #define VNET_MOD_GIF 27 -#define VNET_MOD_ARP 28 + /* 28 */ #define VNET_MOD_FLOWTABLE 29 #define VNET_MOD_LOIF 30 #define VNET_MOD_DOMAIN 31 @@ -146,20 +133,6 @@ struct vnet_modlink { #define V_NET 1 #define V_PROCG 2 -/* Name mappings for minor module IDs in vimage sysctl virtualization. */ -#define V_MOD_vnet_net VNET_MOD_NET -#define V_MOD_vnet_netgraph VNET_MOD_NETGRAPH -#define V_MOD_vnet_inet VNET_MOD_INET -#define V_MOD_vnet_inet6 VNET_MOD_INET6 -#define V_MOD_vnet_ipfw VNET_MOD_IPFW -#define V_MOD_vnet_pf VNET_MOD_PF -#define V_MOD_vnet_gif VNET_MOD_GIF -#define V_MOD_vnet_ipsec VNET_MOD_IPSEC -#define V_MOD_vnet_rtable VNET_MOD_RTABLE - -#define V_MOD_vprocg 0 /* no minor module ids like in vnet */ - -int vi_symlookup(struct kld_sym_lookup *, char *); int vi_td_ioctl(u_long, struct vi_req *, struct thread *); int vi_if_move(struct thread *, struct ifnet *, char *, int, struct vi_req *); @@ -171,34 +144,10 @@ void vnet_mod_deregister(const struct vnet_modinfo *); void vnet_mod_deregister_multi(const struct vnet_modinfo *, void *, char *); struct vnet *vnet_alloc(void); void vnet_destroy(struct vnet *); +void vnet_foreach(void (*vnet_foreach_fn)(struct vnet *, void *), + void *arg); -#endif /* !VIMAGE_GLOBALS */ - -#ifdef VIMAGE_GLOBALS -#define VSYM(base, sym) (sym) -#else /* !VIMAGE_GLOBALS */ -#ifdef VIMAGE -#define VSYM(base, sym) ((base)->_ ## sym) -#else /* !VIMAGE */ -#define VSYM(base, sym) (base ## _0._ ## sym) #endif /* VIMAGE */ -#endif /* VIMAGE_GLOBALS */ - -#ifndef VIMAGE_GLOBALS -#ifdef VIMAGE -/* - * Casted NULL hack is needed for harvesting sizeofs() of fields inside - * struct vnet_* containers at compile time. - */ -#define VNET_SYMMAP(mod, name) \ - { #name, offsetof(struct vnet_ ## mod, _ ## name), \ - sizeof(((struct vnet_ ## mod *) NULL)->_ ## name) } -#else /* !VIMAGE */ -#define VNET_SYMMAP(mod, name) \ - { #name, (size_t) &(vnet_ ## mod ## _0._ ## name), \ - sizeof(vnet_ ## mod ## _0._ ## name) } -#endif /* VIMAGE */ -#define VNET_SYMMAP_END { NULL, 0 } struct vimage { LIST_ENTRY(vimage) vi_le; /* all vimage list */ @@ -213,11 +162,12 @@ struct vimage { }; struct vnet { - void *mod_data[VNET_MOD_MAX]; LIST_ENTRY(vnet) vnet_le; /* all vnets list */ u_int vnet_magic_n; u_int ifcnt; u_int sockcnt; + void *vnet_data_mem; + uintptr_t vnet_data_base; }; struct vprocg { @@ -232,7 +182,6 @@ extern struct vimage_list_head vimage_head; #else /* !VIMAGE */ extern struct vprocg vprocg_0; #endif /* VIMAGE */ -#endif /* !VIMAGE_GLOBALS */ #define curvnet curthread->td_vnet @@ -288,22 +237,6 @@ extern struct vprocg vprocg_0; #define CURVNET_RESTORE() #endif /* !VIMAGE */ -#ifdef VIMAGE -#ifdef VNET_DEBUG -#define INIT_FROM_VNET(vnet, modindex, modtype, sym) \ - if (vnet == NULL || vnet != curvnet) \ - panic("in %s:%d %s()\n vnet=%p curvnet=%p", \ - __FILE__, __LINE__, __FUNCTION__, \ - vnet, curvnet); \ - modtype *sym = (vnet)->mod_data[modindex]; -#else /* !VNET_DEBUG */ -#define INIT_FROM_VNET(vnet, modindex, modtype, sym) \ - modtype *sym = (vnet)->mod_data[modindex]; -#endif /* !VNET_DEBUG */ -#else /* !VIMAGE */ -#define INIT_FROM_VNET(vnet, modindex, modtype, sym) -#endif /* VIMAGE */ - #ifdef VIMAGE LIST_HEAD(vnet_list_head, vnet); extern struct vnet_list_head vnet_head; @@ -347,137 +280,14 @@ extern struct vprocg_list_head vprocg_head; #define TD_TO_VNET(td) NULL #define P_TO_VIMAGE(p) NULL #define P_TO_VNET(p) NULL -#ifdef VIMAGE_GLOBALS -#define TD_TO_VPROCG(td) NULL -#define P_TO_VPROCG(p) NULL -#else /* !VIMAGE_GLOBALS */ #define TD_TO_VPROCG(td) &vprocg_0 #define P_TO_VPROCG(p) &vprocg_0 -#endif /* VIMAGE_GLOBALS */ #endif /* VIMAGE */ /* Non-VIMAGE null-macros */ #define VNET_LIST_RLOCK() #define VNET_LIST_RUNLOCK() -/* XXX those defines bellow should probably go into vprocg.h and vcpu.h */ -#define VPROCG(sym) VSYM(vprocg, sym) - -/* - * Size-guards for the vimage structures. - * If you need to update the values you MUST increment __FreeBSD_version. - * See description further down to see how to get the new values. - */ -#ifdef __amd64__ -#define SIZEOF_vnet_net 156 -#define SIZEOF_vnet_inet 4424 -#define SIZEOF_vnet_inet6 8808 -#define SIZEOF_vnet_ipsec 31160 -#endif -#ifdef __arm__ -#define SIZEOF_vnet_net 72 -#define SIZEOF_vnet_inet 2616 -#define SIZEOF_vnet_inet6 8524 -#define SIZEOF_vnet_ipsec 1 -#endif -#ifdef __i386__ /* incl. pc98 */ -#define SIZEOF_vnet_net 72 -#define SIZEOF_vnet_inet 2612 -#define SIZEOF_vnet_inet6 8512 -#define SIZEOF_vnet_ipsec 31024 -#endif -#ifdef __ia64__ -#define SIZEOF_vnet_net 156 -#define SIZEOF_vnet_inet 4424 -#define SIZEOF_vnet_inet6 8808 -#define SIZEOF_vnet_ipsec 31160 -#endif -#ifdef __mips__ -#define SIZEOF_vnet_net 72 -#define SIZEOF_vnet_inet 2648 -#define SIZEOF_vnet_inet6 8544 -#define SIZEOF_vnet_ipsec 1 -#endif -#ifdef __powerpc__ -#define SIZEOF_vnet_net 72 -#define SIZEOF_vnet_inet 2640 -#define SIZEOF_vnet_inet6 8520 -#define SIZEOF_vnet_ipsec 31048 -#endif -#ifdef __sparc64__ /* incl. sun4v */ -#define SIZEOF_vnet_net 156 -#define SIZEOF_vnet_inet 4424 -#define SIZEOF_vnet_inet6 8808 -#define SIZEOF_vnet_ipsec 31160 -#endif - -#ifndef SIZEOF_vnet_net -#error "SIZEOF_vnet_net no defined for this architecture." -#endif -#ifndef SIZEOF_vnet_inet -#error "SIZEOF_vnet_inet no defined for this architecture." -#endif -#ifndef SIZEOF_vnet_inet6 -#error "SIZEOF_vnet_inet6 no defined for this architecture." -#endif -#ifndef SIZEOF_vnet_ipsec -#error "SIZEOF_vnet_ipsec no defined for this architecture." -#endif - -/* - * x must be a positive integer constant (expected value), - * y must be compile-time evaluated to a positive integer, - * e.g. CTASSERT_EQUAL(FOO_EXPECTED_SIZE, sizeof (struct foo)); - * One needs to compile with -Wuninitialized and thus at least -O - * for this to trigger and -Werror if it should be fatal. - */ -#define CTASSERT_EQUAL(x, y) \ - static int __attribute__((__used__)) \ - __attribute__((__section__(".debug_ctassert_equal"))) \ - __CONCAT(__ctassert_equal_at_line_, __LINE__)(void); \ - \ - static int __attribute__((__used__)) \ - __attribute__((__section__(".debug_ctassert_equal"))) \ - __CONCAT(__ctassert_equal_at_line_, __LINE__)(void) \ - { \ - int __CONCAT(__CONCAT(__expected_, x), \ - _but_got)[(y) + (x)]; \ - __CONCAT(__CONCAT(__expected_, x), _but_got)[(x)] = 1; \ - return (__CONCAT(__CONCAT(__expected_, x), \ - _but_got)[(y)]); \ - } \ - struct __hack - -/* - * x shall be the expected value (SIZEOF_vnet_* from above) - * and y shall be the real size (sizeof(struct vnet_*)). - * If you run into the CTASSERT() you want to compile a universe - * with COPTFLAGS+="-O -Wuninitialized -DVIMAGE_CHECK_SIZES". - * This should give you the errors for the proper values defined above. - * Make sure to re-run universe with the proper values afterwards - - * -DMAKE_JUST_KERNELS should be enough. - * - * Note: - * CTASSERT() takes precedence in the current FreeBSD world thus the - * CTASSERT_EQUAL() will not neccessarily trigger if one uses both. - * But as CTASSERT_EQUAL() needs special compile time options, we - * want the default case to be backed by CTASSERT(). - */ -#if 0 -#ifndef VIMAGE_CTASSERT -#ifdef VIMAGE_CHECK_SIZES -#define VIMAGE_CTASSERT(x, y) \ - CTASSERT_EQUAL(x, y) -#else -#define VIMAGE_CTASSERT(x, y) \ - CTASSERT_EQUAL(x, y); \ - CTASSERT(x == 0 || x == y) -#endif -#endif -#else -#define VIMAGE_CTASSERT(x, y) struct __hack -#endif - #endif /* _KERNEL */ #endif /* !_SYS_VIMAGE_H_ */