Commit Graph

2073 Commits

Author SHA1 Message Date
Maksim Yevmenkin
7a9adfdd85 Do not call knlist_destroy() in tapclose(). Instead call it when device is
actually destroyed. Also move call to knlist_init() into tapcreate(). This
should fix panic described in kern/95357.

PR:			kern/95357
No response from:	freebsd-current@
MFC after:		3 days
2006-05-17 17:05:02 +00:00
Andrew Thompson
dc1b1b7b6a Fix style(9) nits, whitespace and parentheses. 2006-05-16 22:50:41 +00:00
Qing Li
e034e82c56 The current routing code allows insertion of indirect routes that have
gateways which are unreachable except through the default router. For
example, assuming there is a default route configured, and inserting
a route

	"route add 64.102.54.0/24 60.80.1.1"

is currently allowed even when 60.80.1.1 is only reachable through
the default route. However, an error is thrown when this route is
utilized, say,

	"ping 64.102.54.1"  will return an error

This type of route insertion should be disallowed becasue:

1) Let's say that somehow our code allowed this packet to flow to
   the default router, and the default router knows the next hop is
   60.80.1.1, then the question is why bother inserting this route in
   the 1st place, just simply use the default route.

2) Since we're not talking about source routing here, the default
   router could very well choose a different path than using 60.80.1.1
   for the next hop, again it defeats the purpose of adding this route.

Reviewed by:	ru, gnn, bz
Approved by:	andre
2006-05-16 19:11:11 +00:00
Daniel Hartmeier
2557a639a5 Recalculate IP checksum after running pfil hooks.
Reviewed by:	thompsa
Tested by:	Adam McDougall <mcdouga9@egr.msu.edu>
2006-05-15 11:49:01 +00:00
Max Laier
656faadcb8 Remove ip6fw. Since ipfw has full functional IPv6 support now and - in
contrast to ip6fw - is properly lockes, it is time to retire ip6fw.
2006-05-12 20:39:23 +00:00
John Baldwin
73dbd3da73 Remove various bits of conditional Alpha code and fixup a few comments. 2006-05-12 05:04:46 +00:00
Jeffrey Hsu
a393a28afa Correct test for fragmented packet. 2006-05-11 00:53:43 +00:00
Christian S.J. Peron
1fc9e38706 Pickup locks for the BPF interface structure. It's quite possible that
bpf(4) descriptors can be added and removed on this interface while we
are processing stats.

MFC after:	2 weeks
2006-05-07 03:21:43 +00:00
Bjoern A. Zeeb
ac4a76ebc9 In rtrequest and rtinit check for sa_len != 0 for the given
destination. These checks are needed so we do not install
a route looking like this:
(0)                192.0.2.200        UH       tun0 =>

When removing this route  the kernel will start to walk
the address space which looks like a hang on 64bit platforms
because it'll take ages while on 32bit you should see a panic
when kernel debugging options are turned on.

The problem is in rtrequest1:
	if (netmask) {
		rt_maskedcopy(dst, ndst, netmask);
	} else
		bcopy(dst, ndst, dst->sa_len);

In both cases the len might be 0 if the application forgot to
set it.  If so ndst will be all-zero  leading to above
mentioned strange routes.

This is an application error but we must not fail/hang/panic
because of this.

Looks ok:	gnn
No objections:	net@ (silence)
MFC after:	8 weeks
2006-05-04 18:33:37 +00:00
Andrew Thompson
7f87a57ca3 Add support for fragmenting ipv4 packets.
The packet filter may reassemble the ip fragments and return a packet that is
larger than the MTU of the sending interface. There is no check for DF or icmp
replies as we can only get a large packet to fragment by reassembling a
previous fragment, and this only happens after a call to pfil(9).

Obtained from:	OpenBSD (mostly)
Glanced at by:	mlaier
MFC after:	1 month
2006-04-29 05:37:25 +00:00
Robert Watson
e0cf89fc53 Use ANSI C function protypes and declarations for if_arcsubr.
MFC after:	1 month
2006-04-12 07:44:31 +00:00
Robert Watson
9d20951479 Correct an assertion in raw_uattach(): this is a library call that other
protocols invoke after allocating a PCB, so so_pcb should be non-NULL.
It is only used by the two IPSEC implementations, so I didn't hit it in
my testing.

Reported by:	pjd
MFC after:	3 months
2006-04-09 15:15:28 +00:00
Andre Oppermann
d214ccb6ba Undo damage from wrong MFC to HEAD.
Pointed out by:	jkim, remko
2006-04-04 20:20:51 +00:00
Andre Oppermann
bedf8e3354 MFC rev. 1.32: Add link status descriptions and related structures for userland
applications.

Approved by:	re
2006-04-04 20:02:51 +00:00
Robert Watson
0154484bef In raw and raw-derived socket types, maintain and enforce invariant that
the so_pcb pointer on the socket is always non-NULL.  This eliminates
countless unnecessary error checks, replacing them with assertions.

MFC after:	3 months
2006-04-01 15:55:44 +00:00
Robert Watson
bc725eafc7 Chance protocol switch method pru_detach() so that it returns void
rather than an error.  Detaches do not "fail", they other occur or
the protocol flags SS_PROTOREF to take ownership of the socket.

soclose() no longer looks at so_pcb to see if it's NULL, relying
entirely on the protocol to decide whether it's time to free the
socket or not using SS_PROTOREF.  so_pcb is now entirely owned and
managed by the protocol code.  Likewise, no longer test so_pcb in
other socket functions, such as soreceive(), which have no business
digging into protocol internals.

Protocol detach routines no longer try to free the socket on detach,
this is performed in the socket code if the protocol permits it.

In rts_detach(), no longer test for rp != NULL in detach, and
likewise in other protocols that don't permit a NULL so_pcb, reduce
the incidence of testing for it during detach.

netinet and netinet6 are not fully updated to this change, which
will be in an upcoming commit.  In their current state they may leak
memory or panic.

MFC after:	3 months
2006-04-01 15:42:02 +00:00
Robert Watson
ac45e92ff2 Change protocol switch pru_abort() API so that it returns void rather
than an int, as an error here is not meaningful.  Modify soabort() to
unconditionally free the socket on the return of pru_abort(), and
modify most protocols to no longer conditionally free the socket,
since the caller will do this.

This commit likely leaves parts of netinet and netinet6 in a situation
where they may panic or leak memory, as they have not are not fully
updated by this commit.  This will be corrected shortly in followup
commits to these components.

MFC after:      3 months
2006-04-01 15:15:05 +00:00
Robert Watson
a260bd4131 Add IFF_NEEDSGIANT to kernel PPP support. I have no idea why this wasn't
here, but it should have been.

MFC after:	3 days
2006-03-30 08:18:27 +00:00
Andrew Thompson
64cb85059e Assert that the mbuf is not shared to ensure problems like the last commit are
not reintroduced.
2006-03-26 20:52:47 +00:00
Roman Kurakin
5cb7f13aee m_dup () packet not m_copypacket () since we will modify it. For more
details see PR kern/94448.

PR:     kern/94448

Original patch: Eygene A. Ryabinkin <rea-fbsd at rea dot mbslab dot kiae dot ru>Final patch:    thompsa@
Tested by:      thompsa@, Eygene A. Ryabinkin

MFC after:      7 days
2006-03-23 22:57:10 +00:00
Gleb Smirnoff
93a69f5703 No direct call to carp_ifdetach() anymore. It is called by
event handler.

PR:		kern/82908
Submitted by:	Dan Lukes <dan obluda.cz>
2006-03-21 14:31:18 +00:00
Maksim Yevmenkin
a9e17e2e05 Add kqueue(2) support on if_tap(4) interfaces. While I'm here, replace
K&R style function declarations with ANSI style. Also fix endian bugs
accessing ioctl arguments that are passed by value.

PR:		kern/93897
Submitted by:	Vilmos Nebehaj < vili at huwico dot hu >
MFC after:	1 week
2006-03-16 18:22:01 +00:00
Andre Oppermann
e4bd8f103e Add link status descriptions and related structures for userland
applications.

Open[BGP|OSPF]D make use of this to determine the link status of
interfaces to make the right routing descisions.

Obtained from:	OpenBSD
MFC after:	3 days
2006-03-15 19:43:25 +00:00
Andre Oppermann
22cafcf0b8 - Fill in the correct rtm_index for RTM_ADD and RTM_CHANGE messages.
- Allow RTM_CHANGE to change a number of route flags as specified by
  RTF_FMASK.

- The unused rtm_use field in struct rt_msghdr is redesignated as
  rtm_fmask field to communicate route flag changes in RTM_CHANGE
  messages from userland.  The use count of a route was moved to
  rtm_rmx a long time ago.  For source code compatibility reasons
  a define of rtm_use to rtm_fmask is provided.

These changes faciliate running of multiple cooperating routing
daemons at the same time without causing undesired interference.
Open[BGP|OSPF]D make use of these features to have IGP routes
override EGP ones.

Obtained from:	OpenBSD (claudio@)
MFC after:	3 days
2006-03-15 19:39:09 +00:00
Ruslan Ermilov
ceec92fe5d Don't acquire a lock before calling vlan_unconfig().
This fixes a panic when doing "ifconfig ... -vlandev".

OK'ed by:	glebius
2006-03-09 14:42:51 +00:00
Andrew Thompson
e1457c3eb1 If we miss the LINK_UP event from the network interface then the bridge port
will remain in the disabled state until another link event happens in the
future (if at all). Add a timer to periodically check the interface state and
recover.

Reported by:	Nik Lam <freebsdnik j2d.lam.net.au>
MFC after:	3 days
2006-03-06 02:28:41 +00:00
Christian S.J. Peron
de572b371b Unbreak byte counters when network interfaces are in monitor mode by
re-organizing the monitor return logic. We perform interface monitoring
checks after we have determined if the CRC is still on the packet, if
it is, m_adj() is called which will adjust the packet length. This
ensures that we are not including CRC lengths in the byte counters for
each packet.

Discussed with:	andre, glebius
2006-03-03 17:21:08 +00:00
Andrew Thompson
158a726c96 Since we are using random ethernet addresses for the bridge, it is possible
that we might have address collisions, so make sure that this hardware address
isn't already in use on another bridge.

Submitted by:	csjp
MFC after:	1 month
2006-03-03 09:12:21 +00:00
Christian S.J. Peron
6f75ef188b Slightly re-worked bpf(4) code associated with bridging: if we have a
destination interface as a member of our bridge or this is a unicast packet,
push it through the bpf(4) machinery.

For broadcast or multicast packets, don't bother with the bpf(4) because it will
be re-injected into ether_input. We do this before we pass the packets through
the pfil(9) framework, as it is possible that pfil(9) will drop the packet or
possibly modify it, making it very difficult to debug firewall issues on the
bridge.

Further, implemented IFF_MONITOR for bridge interfaces. This does much the same
thing that it does for regular network interfaces: it pushes the packet to any
bpf(4) peers and then returns. This bypasses all of the bridge machinery,
saving mutex acquisitions, list traversals, and other operations performed by
the bridging code.

This change to the bridging code is useful in situations where individuals use a
bridge to multiplex RX/TX signals from two interfaces, as is required by some
network taps for de-multiplexing links and transmitting the RX/TX signals
out through two separate interfaces. This behaviour is quite common for network
taps monitoring links, especially for certain manufacturers.

Reviewed by:	thompsa
MFC after:	1 month
Sponsored by:	Seccuris Labs
2006-03-03 05:58:18 +00:00
Andrew Thompson
43dc0e8c41 Fix up the Bridge Identifier field in the BPDU packet.
- use the cu_bridge_id rather than the cu_rootid for the bridge address [1]
 - the memcmp return value is not signed so the wrong interface may have been
   selected
 - fix up the calculation of sc_bridge_id

PR:		kern/93909 [1]
MFC after:	3 days
2006-02-28 00:13:24 +00:00
Wojciech A. Koszek
51b4ccb464 This patch fixes a problem, which exists if you have IPSEC in your kernel
and want to have crypto support loaded as KLD. By moving zlib to separate
module and adding MODULE_DEPEND directives, it is possible to use such
configuration without complication. Otherwise, since IPSEC is linked with
zlib (just like crypto.ko) you'll get following error:

	interface zlib.1 already present in the KLD 'kernel'!

Approved by:	cognet (mentor)
2006-02-27 16:56:22 +00:00
Yaroslav Tykhiy
33499e2ae5 Don't to forget to unlock the rwlock on trunk before destroying it.
This should fix panic on "kldunload if_vlan" while vlanX are still there.

Reviewed by:	glebius
2006-02-24 17:25:16 +00:00
Gleb Smirnoff
a7c959fe18 Fix build. 2006-02-15 08:25:40 +00:00
Gleb Smirnoff
efd19b8fd0 - Introduce ifmedia_baudrate(), which returns correct baudrate of the
given media status. [1]
- Utilize ifmedia_baudrate() in miibus_statchg() to update ifp->if_baudrate.

Obtained from:	NetBSD [1]
2006-02-14 12:10:03 +00:00
Ed Maste
11edc47706 Bump the MODULE_VERSION for HEAD, as the vlan(4) API is different in
RELENG_6, and would require a lower version number.

Requested by:	glebius
Approved by:	rwatson (mentor)
2006-02-10 18:38:33 +00:00
Yaroslav Tykhiy
802dadcfeb Avoid frobbing IFF_UP at any cost (which is close to
zero in this case.)  A kernel driver has IFF_DRV_RUNNING
at its full disposal while IFF_UP may be toggled only by
humans or their daemonic deputies from the userland.

MFC after:	3 days
2006-02-10 11:01:10 +00:00
Ed Maste
7f8b993473 Add a MODULE_VERSION so that other modules (perhaps third-party) can
depend on this one.

Approved by:	rwatson (mentor)
2006-02-09 22:11:58 +00:00
Qing Li
6b7b44acd9 The code in rn_walktree_from() that checks if we backed up too far
did not stop at the right node. Change the backtracking check from
smaller-than to smaller-or-equal to prevent this from happening.
While here fix one additional problem where the insertion of the
default route traversed the entire tree.

PR:		kern/38752
Submitted by:	qingli (before I became committer)
Reviewed by:	andre
MFC after:	3 days
2006-02-07 20:25:39 +00:00
Qing Li
d03e5467a4 Remove two unnecessary type casts, of which both had a typo in
it anyways.

Approved by: andre
MFC after: 3 days
2006-02-07 20:09:02 +00:00
Oleg Bulyzhin
3ecf1851df Properly initialize args structure before passing it to ipfw_chk(): having
uninitialized args.inp is unhealthy for uid/gid/jail ipfw rules.

PR:		kern/92589
Approved by:	glebius (mentor)
MFC after:	1 week
2006-02-03 23:03:07 +00:00
Gleb Smirnoff
05a2398f32 In vlan_config() first call vlan_inithash(), then lock mutex, because
vlan_inithash() calls malloc(M_WAITOK).
2006-02-02 22:11:38 +00:00
Christian S.J. Peron
fa918e1ef7 define lock.h before rwlock.h for DEBUG_LOCKS 2006-02-02 20:33:10 +00:00
Paul Saab
19cf04981a Implement SIOCGIFCONF for 32bit binaries. 2006-02-02 19:58:37 +00:00
Christian S.J. Peron
f5cdbcf14c Use PFIL_HOOKED macros in if_bridge and pass the right argument to
rw_assert. This un-breaks the build.

Submitted by:	Kostik Belousov
Pointy hat to:	csjp
2006-02-02 16:41:20 +00:00
Christian S.J. Peron
604afec496 Somewhat re-factor the read/write locking mechanism associated with the packet
filtering mechanisms to use the new rwlock(9) locking API:

- Drop the variables stored in the phil_head structure which were specific to
  conditions and the home rolled read/write locking mechanism.
- Drop some includes which were used for condition variables
- Drop the inline functions, and convert them to macros. Also, move these
  macros into pfil.h
- Move pfil list locking macros intp phil.h as well
- Rename ph_busy_count to ph_nhooks. This variable will represent the number
  of IN/OUT hooks registered with the pfil head structure
- Define PFIL_HOOKED macro which evaluates to true if there are any
  hooks to be ran by pfil_run_hooks
- In the IP/IP6 stacks, change the ph_busy_count comparison to use the new
  PFIL_HOOKED macro.
- Drop optimization in pfil_run_hooks which checks to see if there are any
  hooks to be ran, and returns if not. This check is already performed by the
  IP stacks when they call:

        if (!PFIL_HOOKED(ph))
                goto skip_hooks;

- Drop in assertion which makes sure that the number of hooks never drops
  below 0 for good measure. This in theory should never happen, and if it
  does than there are problems somewhere
- Drop special logic around PFIL_WAITOK because rw_wlock(9) does not sleep
- Drop variables which support home rolled read/write locking mechanism from
  the IPFW firewall chain structure.
- Swap out the read/write firewall chain lock internal to use the rwlock(9)
  API instead of our home rolled version
- Convert the inlined functions to macros

Reviewed by:	mlaier, andre, glebius
Thanks to:	jhb for the new locking API
2006-02-02 03:13:16 +00:00
Andrew Thompson
6637e0f390 Fix two bugs with the bridge
- code expects memcmp() to return a signed value, our memcmp() returns 0 if
   args are equal and > 0 if not.

 - It's possible to hijack interface for static entry. If bridge recieves
   packet from interface marked as learning it will replace the bridge_rtnode
   entry for the source address even if such entry marked as static.

Submitted by:	Gleb Kurtsov <k-gleb yandex.ru>
MFC after:	3 days
2006-01-31 21:21:28 +00:00
Yaroslav Tykhiy
64a17d2e86 Set IFF_BROADCAST and IFF_MULTICAST on vlan interfaces from the
beginning and simply refuse to attach to a parent without either
flag.

Our network stack cannot handle well IFF_BROADCAST or IFF_MULTICAST
on an interface changing on the fly.  E.g., IP will or won't assign
a broadcast address to an interface and join the all-hosts multicast
group on it depending on its IFF_BROADCAST and IFF_MULTICAST settings.
Should the flags alter later, IP will miss the change and keep using
bogus settings.  This can lead to evil things like supplying an
invalid broadcast address or trying to leave a multicast group that
hasn't been joined.  So just avoid touching the flags since an
interface was created.  This has no practical purpose.

Discussed with:	-net, glebius, oleg
MFC after:	1 week
2006-01-31 16:41:05 +00:00
Gleb Smirnoff
75ee267c22 Merge the //depot/user/yar/vlan branch into CVS. It contains some collective
work by yar, thompsa and myself. The checksum offloading part also involves
work done by Mihail Balikov.

The most important changes:

o   Instead of global linked list of all vlan softc use a per-trunk
  hash. The size of hash is dynamically adjusted, depending on
  number of entries. This changes struct ifnet, replacing counter
  of vlans with a pointer to trunk structure. This change is an
  improvement for setups with big number of VLANs, several interfaces
  and several CPUs. It is a small regression for a setup with a single
  VLAN interface.
    An alternative to dynamic hash is a per-trunk static array with
  4096 entries, which is a compile time option - VLAN_ARRAY. In my
  experiments the array is not an improvement, probably because such
  a big trunk structure doesn't fit into CPU cache.
o   Introduce an UMA zone for VLAN tags. Since drivers depend on it,
  the zone is declared in kern_mbuf.c, not in optional vlan(4) driver.
  This change is a big improvement for any setup utilizing vlan(4).
o   Use rwlock(9) instead of mutex(9) for locking. We are the first
  ones to do this! :)
o   Some drivers can do hardware VLAN tagging + hardware checksum
  offloading. Add an infrastructure for this. Whenever vlan(4) is
  attached to a parent or parent configuration is changed, the flags
  on vlan(4) interface are updated.

In collaboration with:	yar, thompsa
In collaboration with:	Mihail Balikov <mihail.balikov interbgc.com>
2006-01-30 13:45:15 +00:00
Gleb Smirnoff
25af0bb50e Add some initial locking to gif(4). It doesn't covers the whole driver,
however IPv4-in-IPv4 tunnels are now stable on SMP. Details:

- Add per-softc mutex.
- Hold the mutex on output.

The main problem was the rtentry, placed in softc. It could be
freed by ip_output(). Meanwhile, another thread being in
in_gif_output() can read and write this rtentry.

Reported by:	many
Tested by:	Alexander Shiryaev <aixp mail.ru>
2006-01-30 08:39:09 +00:00
Colin Percival
02d4ab93fb Make sure buffers in if_bridge are fully initialized before copying
them to userland.

Security:	FreeBSD-SA-06:06.kmem
2006-01-25 10:00:40 +00:00
Yaroslav Tykhiy
83ec464f61 Be consistent in checking ifa->ifa_addr for NULL.
Found by:	Coverity Prevent (tm)
MFC after:	3 days
2006-01-23 10:30:34 +00:00
Bjoern A. Zeeb
3f2e28fe9f Fix stack corruptions on amd64.
Vararg functions have a different calling convention than regular
functions on amd64. Casting a varag function to a regular one to
match the function pointer declaration will hide the varargs from
the caller and we will end up with an incorrectly setup stack.

Entirely remove the varargs from these functions and change the
functions to match the declaration of the function pointers.
Remove the now unnecessary casts.

Lots of explanations and help from:     peter
Reviewed by:                            peter
PR:                                     amd64/89261
MFC after:                              6 days
2006-01-21 10:44:34 +00:00
Andre Oppermann
5d691e6da8 Return mbuf pointer or NULL from ip_fastforward() as the mbuf pointer
may have changed by m_pullup() during fastforward processing.

While this is a bug it is actually never triggered in real world
situations and it is not remotely exploitable.

Found by:	Coverity Prevent(tm)
Coverity ID:	CID780
Sponsored by:	TCP/IP Optimization Fundraise 2005
2006-01-18 14:24:39 +00:00
Andrew Thompson
7c2fb83a0b Add code that clears certain capabilities from the member interface, these are
restored when its removed from the bridge.

At the moment we only clear IFCAP_TXCSUM. Since a locally generated packet on
the bridge may be sent out any one or more interfaces it cant be assumed that
every card does hardware csums. Most bridges don't generate a lot of traffic
themselves so turning off offloading won't hurt, bridged packets are
unaffected.

Tested by:	Bruce Walker (bmw borderware.com)
MFC after:	5 days
2006-01-14 03:51:31 +00:00
Robert Watson
3208581a15 Check the right ifnet pointer to see if if_alloc() failed or not in
ef_clone(); we were testing the original ifnet, not the one allocated.

When aborting ef_clone() due to if_alloc() failing, free the allocated
efnet structure rather than leaking it.

Noticed by:	Coverity Prevent analysis tool
MFC after:	3 days
2006-01-13 23:24:09 +00:00
Robert Watson
ae7c484e82 When freeing the chain of if_ef devices on an aborted load, use
SLIST_FOREACH_SAFE() rather than SLIST_FOREACH(), as elements are
freed on each iteration of the loop.  This prevents use-after-free.

Noticed by:	Coverity Prevent analysis tool
MFC after:	3 days
2006-01-13 23:20:46 +00:00
Brooks Davis
118b438d73 Get rid of the bogus IFP2FC() macro and use IFP2FWC(). IFP2FC()
attempted to cast a struct ifnet to a struct fw_com which resulted in
data corruption.

PR:		kern/91307
Submitted by:	Alex Semenyaka <alex at semenyaka do ru>
MFC After:	6 days
2006-01-11 05:37:21 +00:00
Hartmut Brandt
154508976b Add a new leaf to the net.link.generic.ifdata.%d sysctl to retrieve
the name and unit number assigned by the driver. This is needed by
SNMP to find interfaces after they have been renamed.

MFC after:	4 weeks
2006-01-04 12:57:09 +00:00
Jung-uk Kim
142f81c25d Correctly check the filter length. I committed the wrong version.
Pointy hat to me.
2006-01-03 20:34:41 +00:00
Jung-uk Kim
dccb7faff6 - Explicitly validate an empty filter to match bpf_filter() comment[1].
- Do not use BPF JIT compiler for an empty filter.

[1] Pointed out by:	darrenr
2006-01-03 20:26:03 +00:00
Andrew Thompson
f0feaf4f19 Fix a brain-o in the last commit, the conditional was always false. 2006-01-02 23:02:43 +00:00
Andrew Thompson
94e45ae5e8 Reorganise bridge_rtupdate slightly to reduce duplication. 2006-01-02 22:44:54 +00:00
Andrew Thompson
ef9ac7c49a Reset the route expiry time on each update rather than always letting them get
GC'd and recreated.
2006-01-02 22:29:41 +00:00
Andrew Thompson
bc9f74c7cb It is better to use time_uptime here since it is monotonic.
Pointed out by:	glebius
2006-01-02 22:23:03 +00:00
Andrew Thompson
ec311647fb Minor whitespace cleanup. 2006-01-02 09:50:34 +00:00
Andrew Thompson
f595d62759 Read time_second directly rather than calling getmicrotime().
Obtained from:	DragonflyBSD
2006-01-02 09:36:53 +00:00
Andrew Thompson
a47f91cdc4 When pfil(9) is enabled the bridge only considers ETHERTYPE_ARP, ETHERTYPE_IP and
ETHERTYPE_IPV6 frames. Change this to be a sysctl knob so that is able to still
bridge non-IP packets if desired.

Also return early if all pfil_* sysctls are turned off, the user obviously does
not want to filter on the bridge.
2005-12-29 09:39:15 +00:00
Sam Leffler
a8af2cc7ce add a sysctl to turn debug msgs on/off when built with IFMEDIA_DEBUG 2005-12-25 23:28:23 +00:00
Oleg Bulyzhin
c54c76cc2f 1) remove useless check of loop_copy - corresponding code was removed in
rev. 1.70 five years ago.
2) convert loop_copy to "non-negative" flag

Approved by:	glebius (mentor)
MFC after:	2 weeks
2005-12-22 12:16:20 +00:00
Andrew Thompson
73ff045c57 Add RFC 3378 EtherIP support. This change makes it possible to add gif
interfaces to bridges, which will then send and receive IP protocol 97 packets.
Packets are Ethernet frames with an EtherIP header prepended.

Obtained from:	NetBSD
MFC after:	2 weeks
2005-12-21 21:29:45 +00:00
Andrew Thompson
1e4200620a As of r1.21 all broadcast packets are reprocessed by ether_input as arriving on
the bridge, this caused these packets to show up twice via bpf. Do not process
them twice with BPF_TAP.

MFC after:	3 days
2005-12-21 09:39:59 +00:00
Gleb Smirnoff
d147662cd3 - Fix VLAN_INPUT_TAG() macro, so that it doesn't touch mtag in
case if memory allocation failed.
- Remove fourth argument from VLAN_INPUT_TAG(), that was used
  incorrectly in almost all drivers. Indicate failure with
  mbuf value of NULL.

In collaboration with:	yongari, ru, sam
2005-12-18 18:24:27 +00:00
Andrew Thompson
9d5e4aa8b1 Use M_ZERO for the bridge_iflist to ensure there are no unexpected suprises. 2005-12-17 10:12:20 +00:00
Andrew Thompson
6b74382014 Minor whitespace cleanup. 2005-12-17 10:03:48 +00:00
Andrew Thompson
e0a87e8acd Change from a callback in if_ethersubr to using EVENTHANDLER in order to detach
span ports when they disappear. The span port does not have a pointer to the
softc so revert r1.31 and bring back the softc linked-list.

MFC after:	2 weeks
2005-12-17 06:33:51 +00:00
Andrew Thompson
7536320f62 It is not safe to use m_copypacket() here as the returned mbuf is readonly,
change to m_dup and keep the alignment on the layer3 header.

MFC after:	1 week
2005-12-15 19:34:39 +00:00
Andrew Thompson
91f6764e93 Add support for creating span ports so that one can snoop bridged traffic
from another interface/machine/network.

Obtained from:	OpenBSD
MFC after:	2 weeks
2005-12-14 02:52:13 +00:00
Jung-uk Kim
200bc1f049 Do not accept an empty bpf program. 2005-12-08 00:05:03 +00:00
Jung-uk Kim
848c454cc1 Add BPF Just-In-Time compiler support for ng_bpf(4).
The sysctl is changed from net.bpf.jitter.enable to net.bpf_jitter.enable
and this controls both bpf(4) and ng_bpf(4) now.
2005-12-07 21:30:47 +00:00
Jung-uk Kim
6a96c4832f s/M_WAITOK/M_NOWAIT/ while mutex is held.
Pointed out by:	csjp
2005-12-06 07:22:01 +00:00
Jung-uk Kim
ae275efcae Add experimental BPF Just-In-Time compiler for amd64 and i386.
Use the following kernel configuration option to enable:

	options BPF_JITTER

If you want to use bpf_filter() instead (e. g., debugging), do:

	sysctl net.bpf.jitter.enable=0

to turn it off.

Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is
partially supported because 1) no need, 2) avoid expensive m_copydata(9).

Obtained from:	WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
Ruslan Ermilov
3238c6bd33 Fix -Wundef from compiling the amd64 LINT. 2005-12-04 10:06:06 +00:00
Ruslan Ermilov
f4e9888107 Fix -Wundef. 2005-12-04 02:12:43 +00:00
Andrew Thompson
53b5c4604a The bridge is capable of sending broadcast packets so enable IFF_BROADCAST
Requested by:	des
2005-11-29 20:29:44 +00:00
Gleb Smirnoff
62f0bf3250 Take if_baudrate from the parent. This fixes problem with SNMP
daemons reporting zero speed for vlan(4) interfaces.
2005-11-28 12:46:35 +00:00
Ruslan Ermilov
434dbbb396 Fix the following bugs:
- In ifc_name2unit(), disallow leading zeroes in a unit.

  Exploit: ifconfig lo01 create

- In ifc_name2unit(), properly handle overflows.  Otherwise,
  either of two local panic()'s can occur, either because
  no interface with such a name could be found after it was
  successfully created, or because the code will bogusly
  assume that it's a wildcard (unit < 0 due to overflow).

  Exploit: ifconfig lo<overflowed_integer> create

- Previous revision made the following sequence trigger
  a KASSERT() failure in queue(3):

  Exploit: ifconfig lo0 destroy; ifconfig lo0 destroy

  This is because IFC_IFLIST_REMOVE() is always called
  before ifc->ifc_destroy() has been run, not accounting
  for the fact that the latter can fail and leave the
  interface operating (like is the case for "lo0").
  So we ended up calling LIST_REMOVE() twice.  We cannot
  defer IFC_IFLIST_REMOVE() until after a call to
  ifc->ifc_destroy() because the ifnet may have been
  removed and its memory has been freed, so recover from
  this by re-inserting the ifnet in the cloned interfaces
  list if ifc->ifc_destroy() indicates a failure.
2005-11-24 18:56:14 +00:00
Andre Oppermann
147f74d176 Purge layer specific mbuf flags on layer crossings to avoid confusing
upper or lower layers.

Sponsored by:	TCP/IP Optimization Fundraise 2005
2005-11-18 16:23:26 +00:00
Andrew Thompson
16e7e7d4bc Fix a second missed case where the refcount is not decremented.
MFC after:	3 days
2005-11-13 20:26:19 +00:00
Andrew Thompson
bb4b5f54a5 Fix a mbuf and refcnt leak in the broadcast code.
If the packet is rejected from pfil(9) then continue the loop rather than
returning, this means that we can still try to send it out the remaining
interfaces but more importantly the mbuf is freed and refcount decremented on
exit.
2005-11-13 19:36:59 +00:00
Ruslan Ermilov
4a0d6638b3 - Store pointer to the link-level address right in "struct ifnet"
rather than in ifindex_table[]; all (except one) accesses are
  through ifp anyway.  IF_LLADDR() works faster, and all (except
  one) ifaddr_byindex() users were converted to use ifp->if_addr.

- Stop storing a (pointer to) Ethernet address in "struct arpcom",
  and drop the IFP2ENADDR() macro; all users have been converted
  to use IF_LLADDR() instead.
2005-11-11 16:04:59 +00:00
Ruslan Ermilov
f0a2ef4889 Use the more appropriate ifnet_byindex() instead of ifaddr_byindex(). 2005-11-11 12:32:49 +00:00
Gleb Smirnoff
d314617e8a Force this interface to be RUNNING. 2005-11-11 11:17:57 +00:00
Ruslan Ermilov
d09ed26fd8 - Make IFP2ENADDR() a pointer to IF_LLADDR() rather than another
copy of Ethernet address.

- Change iso88025_ifattach() and fddi_ifattach() to accept MAC
  address as an argument, similar to ether_ifattach(), to make
  this work.
2005-11-11 07:36:14 +00:00
Ruslan Ermilov
303989a2f3 Use sparse initializers for "struct domain" and "struct protosw",
so they are easier to follow for the human being.
2005-11-09 13:29:16 +00:00
Andrew Thompson
4e7e0183e1 Move the cloned interface list management in to if_clone. For some drivers the
softc lists and associated mutex are now unused so these have been removed.

Calling if_clone_detach() will now destroy all the cloned interfaces for the
driver and in most cases is all thats needed to unload.

Idea by:	brooks
Reviewed by:	brooks
2005-11-08 20:08:34 +00:00
Gleb Smirnoff
6d3a3ab735 - Do not raise IFF_DRV_OACTIVE flag in vlan_start, because this
can lead to stalled interface
- Explain this fact in a comment.

Reviewed by:	rwatson, thompsa, yar
2005-11-06 19:43:04 +00:00
Andre Oppermann
34333b16cd Retire MT_HEADER mbuf type and change its users to use MT_DATA.
Having an additional MT_HEADER mbuf type is superfluous and redundant
as nothing depends on it.  It only adds a layer of confusion.  The
distinction between header mbuf's and data mbuf's is solely done
through the m->m_flags M_PKTHDR flag.

Non-native code is not changed in this commit.  For compatibility
MT_HEADER is mapped to MT_DATA.

Sponsored by:	TCP/IP Optimization Fundraise 2005
2005-11-02 13:46:32 +00:00
Andrew Thompson
1a2661371b If we have been called from ether_ifdetach() then do not try and clear the
promisc flag from the member interface, this is a no-op anyway since the
interface is disappearing. The driver may have already released
its resources such as miibus and this is likely to panic the kernel.

Submitted and tested by:	Wojciech A. Koszek
MFC after:			2 weeks
2005-10-23 22:30:07 +00:00
Christian S.J. Peron
57c1493b3a Before we export network interface data through the ifmibdata structure,
OR the flags bits with the driver managed status flags. This fixes an
issue where RUNNING flags would not be reported to processes, which
conflicts with the flags information provided by ifconfig(8).
2005-10-23 01:44:08 +00:00
Poul-Henning Kamp
2cccccddd4 Use new (inline) functions for calls into driver. 2005-10-16 20:44:18 +00:00
Andrew Thompson
4c84347939 Make four more functions static that were missed in the last commit. 2005-10-14 20:57:02 +00:00
Andrew Thompson
6b32f3d3f2 Change most of the bridge and stp funtions to static. This has highlighted
that the following funtions are not used, wrap in '#ifdef noused' for the
moment.

 bstp_enable_change_detection
 bstp_disable_change_detection
 bstp_set_bridge_priority
 bstp_set_port_priority
 bstp_set_path_cost
2005-10-14 10:38:12 +00:00
Andrew Thompson
fd6238a659 Further clean up the bridge hooks in if_ethersubr.c and ng_ether.c
- move the function pointer definitions to if_bridgevar.h
- move most of the logic to the new BRIDGE_INPUT and BRIDGE_OUTPUT macros
- remove unneeded functions from if_bridgevar.h and sort a little.
2005-10-14 02:38:47 +00:00
Andrew Thompson
20a65f37a0 From 101 ways to panic your kernel.
Use bridge_ifdetach() to notify the bridge that a member has been detached. The
bridge can then remove it from its interface list and not try to send out via a
dead pointer.
2005-10-13 23:05:55 +00:00
Julian Elischer
d0a2acd430 Consolidate two adjacent conditional blocks
I actually believe the code in question should be elsewhere (in the preceding
function).

MFC after:	1 week
2005-10-13 21:48:27 +00:00
Ruslan Ermilov
199474fd36 Remove a stale comment. 2005-10-13 17:26:14 +00:00
Andrew Thompson
9cff52f7f6 Clean up the if_bridge hooks a bit in if_ethersubr.c and ng_ether.c, move
the broadcast/multicast test to bridge_input().

Requested by:	glebius
2005-10-13 09:43:30 +00:00
Andrew Thompson
febd0759f3 Change the reference counting to count the number of cloned interfaces for each
cloner. This ensures that ifc->ifc_units is not prematurely freed in
if_clone_detach() before the clones are destroyed, resulting in memory modified
after free. This could be triggered with if_vlan.

Assert that all cloners have been destroyed when freeing the memory.

Change all simple cloners to destroy their clones with ifc_simple_destroy() on
module unload so the reference count is properly updated. This also cleans up
the interface destroy routines and allows future optimisation.

Discussed with:	brooks, pjd, -current
Reviewed by:	brooks
2005-10-12 19:52:16 +00:00
Warner Losh
680d937a4b Be pedantic here: We're converting from network byte order to host
byte order in these cases.  This is a nop in terms of the generated
code, but is logically incorrect.

PR: 73852
2005-10-12 19:12:46 +00:00
Andrew Thompson
8eb8e358a0 Do not unconditionally set a spanning tree port to forwarding as the link may be
down when we attach. We wont get updated until a linkstate change happens.

Go via bstp_ifupdstatus() which checks the media status first.
2005-10-11 02:58:32 +00:00
Gleb Smirnoff
6512768b89 A deja vu of:
http://lists.freebsd.org/pipermail/cvs-src/2004-October/033496.html

The same problem applies to if_bridge(4), too.

- Copy-and-paste the if_bridge(4) related block from
  if_ethersubr.c to ng_ether.c
- Add XXXs, so that copy-and-paste would be noticed by
  any future editors of this code.
- Also add XXXs near if_bridge(4) declarations.

Silence from:	thompsa
2005-10-07 14:14:47 +00:00
Tai-hwa Liang
11e0838887 Fixing a boot time panic(when if_fwip is compiled into kernel) by renaming
module name to something that wouldn't conflict with
sys/dev/firewire/firewire.c.

Submitted by:	Cai, Quanqing <caiquanqing at gmail dot com>
PR:		kern/82727
MFC after:	3 days
2005-10-06 07:09:34 +00:00
Andrew Thompson
64465c6bd3 Fix KASSERT function name in ether_output, use __func__ while I am here. 2005-10-06 01:21:40 +00:00
Gleb Smirnoff
f0796cd26c - Don't pollute opt_global.h with DEVICE_POLLING and introduce
opt_device_polling.h
- Include opt_device_polling.h into appropriate files.
- Embrace with HAVE_KERNEL_OPTION_HEADERS the include in the files that
  can be compiled as loadable modules.

Reviewed by:	bde
2005-10-05 10:09:17 +00:00
Christian S.J. Peron
cb1d4f92ec Protect PID initializations for statistics by the bpf descriptor
locks. Also while we are here, protect the bpf descriptor during
knlist_remove{add} operations.

Discussed with:	rwatson
2005-10-04 15:06:10 +00:00
Robert Watson
cea2165b10 Rename net.isr.enable to net.isr.dispatch.
No compatibility code is provided, as this will be the production name
as of 6.0.

MFC after:	3 days
Requested by:	scottl
2005-10-04 07:59:28 +00:00
Yaroslav Tykhiy
1cf236fb0c Improve handling flags that must be propagated
to the parent interface, such as IFF_PROMISC and
IFF_ALLMULTI.  In addition, vlan(4) gains ability
to migrate from one parent to another w/o losing
its own flags.

PR:		kern/81978
MFC after:	2 weeks
2005-10-03 02:24:21 +00:00
Yaroslav Tykhiy
b5c8bd5924 Clean up consistency checks in if_setflag():
. use KASSERT for all checks so that the source of an error can be detected;
. use __func__ instead of spelling function name each time;
. fix a typo.
2005-10-03 02:14:51 +00:00
Yaroslav Tykhiy
7aebc5e86e Log a message about entering or leaving permanently promiscuous mode,
as it is done for usual promiscuous mode already.  This info is important
because promiscuous mode in the hands of a malicious party can jeopardize
the whole network.
2005-10-03 01:47:43 +00:00
Andrew Thompson
d5edd47e8f Do not packet filter in the bridge_start() routine, locally generated packets
are already filtered by the higher layers.

Approved by:	mlaier (mentor)
MFC after:	3 days
2005-10-02 19:15:56 +00:00
Gleb Smirnoff
4092996774 Big polling(4) cleanup.
o Axe poll in trap.

o Axe IFF_POLLING flag from if_flags.

o Rework revision 1.21 (Giant removal), in such a way that
  poll_mtx is not dropped during call to polling handler.
  This fixes problem with idle polling.

o Make registration and deregistration from polling in a
  functional way, insted of next tick/interrupt.

o Obsolete kern.polling.enable. Polling is turned on/off
  with ifconfig.

Detailed kern_poll.c changes:
  - Remove polling handler flags, introduced in 1.21. The are not
    needed now.
  - Forget and do not check if_flags, if_capenable and if_drv_flags.
  - Call all registered polling handlers unconditionally.
  - Do not drop poll_mtx, when entering polling handlers.
  - In ether_poll() NET_LOCK_GIANT prior to locking poll_mtx.
  - In netisr_poll() axe the block, where polling code asks drivers
    to unregister.
  - In netisr_poll() and ether_poll() do polling always, if any
    handlers are present.
  - In ether_poll_[de]register() remove a lot of error hiding code. Assert
    that arguments are correct, instead.
  - In ether_poll_[de]register() use standard return values in case of
    error or success.
  - Introduce poll_switch() that is a sysctl handler for kern.polling.enable.
    poll_switch() goes through interface list and enabled/disables polling.
    A message that kern.polling.enable is deprecated is printed.

Detailed driver changes:
  - On attach driver announces IFCAP_POLLING in if_capabilities, but
    not in if_capenable.
  - On detach driver calls ether_poll_deregister() if polling is enabled.
  - In polling handler driver obtains its lock and checks IFF_DRV_RUNNING
    flag. If there is no, then unlocks and returns.
  - In ioctl handler driver checks for IFCAP_POLLING flag requested to
    be set or cleared. Driver first calls ether_poll_[de]register(), then
    obtains driver lock and [dis/en]ables interrupts.
  - In interrupt handler driver checks IFCAP_POLLING flag in if_capenable.
    If present, then returns.This is important to protect from spurious
    interrupts.

Reviewed by:	ru, sam, jhb
2005-10-01 18:56:19 +00:00
Max Laier
b6de9e91bd Remove bridge(4) from the tree. if_bridge(4) is a full functional
replacement and has additional features which make it superior.

Discussed on:	-arch
Reviewed by:	thompsa
X-MFC-after:	never (RELENG_6 as transition period)
2005-09-27 18:10:43 +00:00
Andrew Thompson
ef64cd1947 Fix an alignment panic my preserving the 2byte padding (ETHER_ALIGN) on our
copied mbuf, which keeps the IP header 32-bit aligned. This copied mbuf is
reinjected back into ether_input and off to the IP routines.

Reported and tested by:	Peter van Dijk
Approved by:		mlaier (mentor)
MFC after:		3 days
2005-09-22 01:46:11 +00:00
Gleb Smirnoff
2d7e9ead07 Several fixes to rt_setgate(), that fix problems with route changing:
- Rearrange code so that in a case of failure the affected
  route is not changed. Otherwise, a bogus rtentry will be
  left and later rt_check() can recurse on its lock. [1]
- Remove comment about protocol cloning.
- Fix two places where rtentry mutex was recursed on, because
  accessed via two different pointers, that were actually pointing
  to the same rtentry in some cases. [1]
- Return EADDRINUSE instead of bogus EDQUOT, in case when gateway
  uses the same route. [2]

Reported & tested by:	ps, Andrej Zverev <az inec.ru> [1]
PR:			kern/64090 [2]
2005-09-21 11:58:10 +00:00
Andre Oppermann
fe53256dc2 Use monotonic 'time_uptime' instead of 'time_second' as timebase
for rt->rt_rmx.rmx_expire.
2005-09-19 22:54:55 +00:00
Andre Oppermann
7ac9ac0b21 Use monotonic time_uptime instead of 'time_second' as timebase
for timeouts.
2005-09-19 22:27:07 +00:00
Gleb Smirnoff
a11faa9f8d Drop current rtentry lock before calling rt_getifa(). This fixes a LOR
and a possible recursive use of rtentry mutex.

PR:		kern/69356
Reviewed by:	sam
2005-09-19 16:27:22 +00:00
Robert Watson
b1c53bc9c0 Take a first cut at cleaning up ifnet removal and multicast socket
panics, which occur when stale ifnet pointers are left in struct
moptions hung off of inpcbs:

- Add in_ifdetach(), which matches in6_ifdetach(), and allows the
  protocol to perform early tear-down on the interface early in
  if_detach().

- Annotate that if_detach() needs careful consideration.

- Remove calls to in_pcbpurgeif0() in the handling of SIOCDIFADDR --
  this is not the place to detect interface removal!  This also
  removes what is basically a nasty (and now unnecessary) hack.

- Invoke in_pcbpurgeif0() from in_ifdetach(), in both raw and UDP
  IPv4 sockets.

It is now possible to run the msocket_ifnet_remove regression test
using HEAD without panicking.

MFC after:	3 days
2005-09-18 17:36:28 +00:00
Ruslan Ermilov
83908c6560 The arguments to printf() were swapped. 2005-09-16 20:38:33 +00:00
Yaroslav Tykhiy
ffdd61c31d Do assorted nitpicking in diagnostics while I'm here:
- Use __func__ consistently instead of copying function name
  to message strings.  Code tends to migrate around source files.
- DIAGNOSTIC is for information, INVARIANTS is for panics.
2005-09-16 12:24:28 +00:00
Yaroslav Tykhiy
14e9825634 It's nice to have relevant comments both in if {} and else {},
not in just one of them.
2005-09-16 11:58:58 +00:00
Yaroslav Tykhiy
f4ec4126bb Test the new M_VLANTAG packet flag before calling
m_tag_locate().  This adds little overhead of a simple
bitwise operation in case hardware VLAN acceleration
is on, yet saves the more expensive function call if
the acceleration is off.

Reviewed by:	ru, glebius
X-MFC-after:	6.0
2005-09-16 11:44:43 +00:00
Andre Oppermann
035ba19027 Undo a tad little optimization to bpf_mtap() introduced in rev. 1.95
which broke the correct handling of the BIOCGSEESENT flag in the bpf
listener.

PR:		kern/56441
Submitted by:	<vys at renet.ru>
MFC after:	3 days
2005-09-14 16:37:05 +00:00
Andre Oppermann
17a8471fcd Remove bogous semicolons at the end of the definitions of
'do { ... } while (0)' macros.

PR:		kern/83088
Sumbitted by:	<antoine.brodin at laposte.net>
2005-09-14 14:57:04 +00:00
Robert Watson
0a53be4671 In netkqfilter(), return EINVAL instead of 1 (EPERM) when a filter type
is requested on a network interface file descriptor that is non-applicable.

MFC after:	3 days
2005-09-12 19:26:03 +00:00
Craig Rodrigues
6a3d26b2b7 Forward declare z_errmsg with static linkage since it is defined
with static linkage later in the file.  Eliminates GCC 4.0 error.
2005-09-11 16:13:02 +00:00
Christian S.J. Peron
fe0fc7efe3 Protect interface and address lists using the appropriate mutex. These
locks were not aquired because the user buffers were not wired, thus it was
possible that that SYSCTL_OUT could sleep, causing a number of different
problems such as lock ordering issues and dead locks.

-Wire user supplied buffer to ensure SYSCTL_OUT will not sleep.
-Pickup ifnet locks to protect the list.
-Where applicable pickup address locks.
-Pickup radix node head locks.
-Remove splnet stubs
-Remove various comments about locking here, because they are no
 longer needed.

It is the hope that these changes will make sysctl_rtsock MP safe.

MFC after:	3 weeks
2005-09-10 15:12:24 +00:00
David E. O'Brien
5b1c0294e4 Forward declaring static variables as extern is invalid ISO-C. Now that
GCC can properly handle forward static declarations, do this properly.
2005-09-07 10:06:14 +00:00
Andrew Thompson
59280079d3 Add support for multicast to the bridge and allow inet6 addresses to be
assigned to the interface.

IPv6 auto-configuration is disabled. An IPv6 link-local address has a
link-local scope within one link, the spec is unclear for the bridge case and
it may cause scope violation.

An address can be assigned in the usual way;
  ifconfig bridge0 inet6 xxxx:...

Tested by:	bmah
Reviewed by:	ume (netinet6)
Approved by:	mlaier (mentor)
MFC after:	1 week
2005-09-06 21:11:59 +00:00
Christian S.J. Peron
b75a24a075 Instead of caching the PID which opened the bpf descriptor, continuously
refresh the PID which has the descriptor open. The PID is refreshed in various
operations like ioctl(2), kevent(2) or poll(2). This produces more accurate
information about current bpf consumers. While we are here remove the bd_pcomm
member of the bpf stats structure because now that we have an accurate PID we
can lookup the via the kern.proc.pid sysctl variable. This is the trick that
NetBSD decided to use to deal with this issue.

Special care needs to be taken when MFC'ing this change, as we have made a
change to the bpf stats structure. What will end up happening is we will leave
the pcomm structure but just mark it as being un-used. This way we keep the ABI
in tact.

MFC after:	1 month
Discussed with:	Rui Paulo < rpaulo at NetBSD dot org >
2005-09-05 23:08:04 +00:00
Sam Leffler
62313e4c3f reclaim sbuf and clear lock on error in ifconf
Submitted by:	Ted Unangst
Reviewed by:	rwatson
MFC after:	3 days
2005-09-04 17:32:47 +00:00
Yaroslav Tykhiy
eefbcf0e62 Use VLAN_TAG_VALUE() not only to read a dot1q tag
value from an m_tag, but also to set it.  This reduces
complex code duplication and improves its readability.

Alas, we shouldn't rename the macro to VLAN_TAG_LVALUE()
globally because that would cause pain for kernel module
port maintainers and vendors using FreeBSD as their codebase.
Added a clarifying comment instead.

Discussed with:	ru, glebius
X-MFC-After:	6.0-RELEASE (MFC is good just to reduce the diff)
2005-08-31 11:36:50 +00:00
Gleb Smirnoff
ba26134b19 Fix fallout from revision 1.77, mark outgoing packets with M_VLANTAG flag.
PR:		kern/80646
Reviewed by:	yar
MFC after:	3 days
2005-08-30 14:14:08 +00:00
Andrew Thompson
68e84b98b2 Fix a panic in softclock() if the interface is destroyed with a bpf consumer
attached.

This is caused by bpf_detachd clearing IFF_PROMISC on the interface which does
a SIOCSIFFLAGS ioctl. The problem here is that while the interface has been
stopped, IFF_UP has not been cleared so IFF_UP != IFF_DRV_RUNNING, this causes
the ioctl function to init() the interface which resets the callouts.

The destroy then completes and frees the softc but softclock will panic on a
dead callout pointer.

Ensure ifp->if_flags matches reality by clearing IFF_UP when we destroy.

Silence from:	rwatson
Approved by:	mlaier (mentor)
MFC after:	3 days
2005-08-27 01:17:42 +00:00
Robert Watson
7e994955ac De-spl parts of the routing socket code now generally protected
through locking; leave some spl references around code where there
are open questions about global variable references.  Also, add
an XXX regarding locking in sysctl.

MFC after:	3 days
2005-08-25 13:30:04 +00:00
Andrew Thompson
dba31bdea1 The mtu check in bridge_enqueue is bogus as the maximum Ethernet frame is
actually 1514, so comparing the mbuf length which includes the Ethernet header
to the interface MTU is wrong.

The check was a little over the top so just remove it.

Approved by:	mlaier (mentor)
MFC after:	3 days
2005-08-23 19:49:00 +00:00
Max Laier
0bdf5171c8 Don't loop back packets that have been routed by pf. This fixes an endless
loop where the same packet is sent over and over again.

Obtained from:	OpenBSD
Reported by:	Sergey Lapin
Tested by:	Sergey Lapin
MFC after:	7 days
2005-08-23 14:13:17 +00:00
Christian S.J. Peron
93e39f0b93 Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands
enhance the security of bpf(4) by further relinquishing the privilege of
the bpf(4) consumer (assuming the ioctl commands are being implemented).

Once BIOCLOCK is executed, the device becomes locked which prevents the
execution of ioctl(2) commands which can change the underly parameters of the
bpf(4) device. An example might be the setting of bpf(4) filter programs or
attaching to different network interfaces.

BIOCSETWF can be used to set write filters for outgoing packets. Currently if
a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used
as a raw socket, regardless of consumer's UID. Write filters give users the
ability to constrain which packets can be sent through the bpf(4) descriptor.

These features are currently implemented by a couple programs which came from
OpenBSD, such as the new dhclient and pflogd.

-Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify
 whether a read or write filter is to be set.
-Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the
 filter program on the mbuf data once we move the packet in from user-space.
-Rather than execute two uiomove operations, (one for the link header and the
 other for the packet data), execute one and manually copy the linker header
 into the sockaddr structure via bcopy.
-Restructure bpf_setf to compensate for write filters, as well as read.
-Adjust bpf(4) stats structures to include a bd_locked member.

It should be noted that the FreeBSD and OpenBSD implementations differ a bit in
the sense that we unconditionally enforce the lock, where OpenBSD enforces it
only if the calling credential is not root.

Idea from:	OpenBSD
Reviewed by:	mlaier
2005-08-22 19:35:48 +00:00
Christian S.J. Peron
4ddfb5312a Add missing braces around bpf_filter which were missed when I
merged the bpfstat code.

Pointed out by:	iedowse
Pointy hat to:	csjp
MFC after:	3 days
2005-08-18 22:30:52 +00:00
Andrew Thompson
23e7643185 Mark the callouts as MPSAFE as if_bridge has been giant-free since day 1.
Use the SMP friendly callout_init_mtx() while we are here.

Approved by:	mlaier (mentor)
MFC after:	3 days
2005-08-18 20:17:00 +00:00
Brooks Davis
dc7c539e33 When we started calling if_findindex() from if_alloc() with an empty
struct ifnet most of if_findindex() become a complex no-op.  Remove it
and replace it with a corrected version of the four line for loop it
devolved to plus some error handling.  This should probably be replaced
with subr_unit at some point.

Switch from checking ifaddr_byindex to ifnet_byindex when looking for
empty indexes.  Since we're doing this from if_alloc/if_free, we can
only be sure that ifnet_byindex will be correct.  This fixes panics when
loading the ef(4) module.  The panics were caused by the fact that
if_alloc was called four time before if_attach was called and thus
ifaddr_byindex was not set and the same unit was allocated again.  This
in turn caused the first if_attach to fail because the ifp was not the
one in ifnet_byindex(ifp->if_index).

Reported by:	"Wojciech A. Koszek" <dunstan at freebsd dot czest dot pl>
PR:		kern/84987
MFC After:	1 day
2005-08-18 18:36:40 +00:00
Brooks Davis
7cf30146f0 - Move IF_ADDR_LOCK_DESTROY(ifp) from if_free to if_free_type.
- Add a note that additions should be made to if_free_type and not
  if_free to help avoid this in the future.

This apparently fixes a use after free in if_bridge and may fix bugs
in other direct if_free_type consumers.

Reported by:	thompsa
2005-08-16 17:02:35 +00:00
Brooks Davis
f3447eb493 Vlan interfaces change their type after ether_ifattach() so we needs to
use if_free_type(ifp, IFT_ETHER) to delete them and stop leaking struct
arpcoms.

Reported by:	thompsa
MFC After:	3 days
2005-08-15 20:27:34 +00:00
Andrew Thompson
691cdb5351 Ensure that we are holding the lock when initialising the bridge interface. We
could initialise while unlocked if the bridge is not up when setting the inet
address, ether_ioctl() would call bridge_init.

Change it so bridge_init is always called unlocked and then locks before
calling bstp_initialization().

Reported by:    Michal Mertl
Approved by:    mlaier (mentor)
MFC after:      3 days
2005-08-15 02:54:29 +00:00
Andrew Thompson
a1c0fd4dee Ensure that we are holding the lock when initialising the bridge interface. We
could initialise while unlocked if the bridge is not up when setting the inet
address, ether_ioctl() would call bridge_init.

Change it so bridge_init is always called unlocked and then locks before
calling bstp_initialization().

Reported by:	Michal Mertl
Approved by:	mlaier (mentor)
MFC after:	3 days
2005-08-15 02:50:13 +00:00
Gleb Smirnoff
00ff5c4778 Axe ppp_for_tty(). Use tty->t_lsc pointer to store sc. This
also eliminates recursive use of ppp_softc_list_mtx.

PR:		kern/84686
Reviewed by:	phk
MFC after:	1 week
2005-08-12 08:27:15 +00:00
Gleb Smirnoff
791888619d o To prevent a race between RTM_DELETE message and
arptimer() deleting stale entry, we need to lock
  rtentry before unlocking radix head.

Reviewed by:	sam
2005-08-11 08:26:31 +00:00
Gleb Smirnoff
530f95fc08 o Make rt_check() function more strict:
- rt0 passed to rt_check() must not be NULL, assert this.
  - rt returned by rt_check() must be valid locked rtentry,
    if no error occured.
o Modify callers, so that they never pass NULL rt0
  to rt_check().

Reviewed by:	sam, ume (nd6.c)
2005-08-11 08:14:53 +00:00
Robert Watson
fc57457045 For each interface flag, indicate whether or not it is owned by the
device driver, owned by the network stack, or initialized by the device
driver before attach and read-only from then on.

Not all device drivers and network stack components currently follow
these rules, especially with respect to IFF_UP, and a few exceptions
with IFF_ALLMULTI.

MFC after:	7 days
2005-08-09 12:56:20 +00:00
Robert Watson
13f4c340ae Propagate rename of IFF_OACTIVE and IFF_RUNNING to IFF_DRV_OACTIVE and
IFF_DRV_RUNNING, as well as the move from ifnet.if_flags to
ifnet.if_drv_flags.  Device drivers are now responsible for
synchronizing access to these flags, as they are in if_drv_flags.  This
helps prevent races between the network stack and device driver in
maintaining the interface flags field.

Many __FreeBSD__ and __FreeBSD_version checks maintained and continued;
some less so.

Reviewed by:	pjd, bz
MFC after:	7 days
2005-08-09 10:20:02 +00:00
Robert Watson
292ee7be1c Rename IFF_RUNNING to IFF_DRV_RUNNING, IFF_OACTIVE to IFF_DRV_OACTIVE,
and move both flags from ifnet.if_flags to ifnet.if_drv_flags, making
and documenting the locking of these flags the responsibility of the
device driver, not the network stack.  The flags for these two fields
will be mutually exclusive so that they can be exposed to user space as
though they were stored in the same variable.

Provide #defines to provide the old names #ifndef _KERNEL, so that user
applications (such as ifconfig) can use the old flag names.  Using the
old names in a device driver will result in a compile error in order to
help device driver writers adopt the new model.

When exposing the interface flags to user space, via interface ioctls
or routing sockets, or the two fields together.  Since the driver flags
cannot currently be set for user space, no new logic is currently
required to handle this case.

Add some assertions that general purpose network stack routines, such
as if_setflags(), are not improperly used on driver-owned flags.

With this change, a large number of very minor network stack races are
closed, subject to correct device driver locking.  Most were likely
never triggered.

Driver sweep to follow; many thanks to pjd and bz for the line-by-line
review they gave this patch.

Reviewed by:	pjd, bz
MFC after:	7 days
2005-08-09 10:16:17 +00:00
Gleb Smirnoff
9bd8ca3014 In preparation for fixing races in ARP (and probably in other
L2/L3 mappings) make rt_check() return a locked rtentry.
2005-08-09 08:39:56 +00:00
Andrew Thompson
3155122ec2 Use m_copypacket() which is an optimization of the common case
m_copym(m, 0, M_COPYALL, how).

This is required for strict alignment architectures where we align the IP
header in the input path but m_copym() will create an unaligned copy in
bridge_broadcast(). m_copypacket() preserves alignment of the first mbuf.

Noticed by:	Petri Simolin
Approved by:	mlaier (mentor)
MFC after:	3 days
2005-08-08 22:21:55 +00:00
Robert Watson
6a113b3de7 Merge the dev_clone and dev_clone_cred event handlers into a single
event handler, dev_clone, which accepts a credential argument.
Implementors of the event can ignore it if they're not interested,
and most do.  This avoids having multiple event handler types and
fall-back/precedence logic in devfs.

This changes the kernel API for /dev cloning, and may affect third
party packages containg cloning kernel modules.

Requested by:	phk
MFC after:	3 days
2005-08-08 19:55:32 +00:00
Sam Leffler
456d182d5b destroy lock _before_ free'ing the structure it resides in 2005-08-06 18:42:01 +00:00
John Baldwin
6da3131abd Initialize the if_addr mutex in if_alloc() rather than waiting until
if_attach().  This allows ethernet drivers to use it in their routines
to program their MAC filters before ether_ifattach() is called (de(4) is
one such driver).  Also, the if_addr mutex is destroyed in if_free()
rather than if_detach(), so there was another potential bug in that a
driver that failed during attach and called if_free() without having
called ether_ifattach() would have tried to destroy an uninitialized mutex.

Reported by:	Holm Tiffe holm at freibergnet dot de
Discussed with:	rwatson
2005-08-04 14:39:47 +00:00
Robert Watson
c3b31afd92 Protect link layer network interface multicast address list manipulation
using ifp->if_addr_mtx:

- Initialize if_addr_mtx when ifnet is initialized.

- Destroy if_addr_mtx when ifnet is torn down.

- Rename ifmaof_ifpforaddr() to if_findmulti(); assert if_addr_mtx.
  Staticize.

- Extract ifmultiaddr allocation and initialization into if_allocmulti();
  accept a 'mflags' argument to indicate whether or not sleeping is
  permitted.  This centralizes error handling and address duplication.

- Extract ifmultiaddr tear-down and deallocation in if_freemulti().

- Re-structure if_addmulti() to hold if_addr_mtx around manipulation of
  the ifnet multicast address list and reference count manipulation.
  Make use of non-sleeping allocations.  Annotate the fact that we only
  generate routing socket events for explicit address addition, not
  implicit link layer address addition.

- Re-structure if_delmulti() to hold if_addr_mtx around manipulation of
  the ifnet multicast address list and reference count manipulation.
  Annotate the lack of a routing socket event for implicit link layer
  address removal.

- De-spl all and sundry.

Problem reported by:	Ed Maste <emaste at phaedrus dot sandvine dot ca>
MFC after:		1 week
2005-08-02 23:23:26 +00:00
Robert Watson
09df718e0e When allocating link layer ifnet address list entries in
ifp->if_resolvemulti(), do so with M_NOWAIT rather than M_WAITOK, so
that a mutex can be held over the call.  In the FDDI code, add a
missing M_ZERO.  Consumers are already aware that if_resolvemulti()
can fail.

MFC after:	1 week
2005-08-02 17:52:52 +00:00
Robert Watson
de6073aab0 Add if_addr_mtx to struct ifnet, a mutex to protect ifnet-related address
lists.  Add accessor macros.

This changes the size of struct ifnet, but ideally, all ifnet consumers
are now using if_alloc() to allocate these structures rather than
embedding them into device driver softc's, so this won't modify the
network device driver ABI.

MFC after:	1 week
2005-08-02 17:43:35 +00:00
Bjoern A. Zeeb
9e669156d4 Add support for IPv6 over GRE [1]. PR kern/80340 includes the
FreeBSD specific ip_newid() changes NetBSD does not have.
Correct handling of non AF_INET packets passed to bpf [2].

PR:		kern/80340[1], NetBSD PRs 29150[1], 30844[2]
Obtained from:	NetBSD ip_gre.c rev. 1.34,1.35, if_gre.c rev. 1.56
Submitted by:	Gert Doering <gert at greenie.muc.de>[2]
MFC after:	4 days
2005-08-01 08:14:21 +00:00
Christian S.J. Peron
422a63da6e Rather than hold a mutex over calls to SYSCTL_OUT allocate a
temporary buffer then pass the array to user-space once we have
dropped the lock.

While we are here, drop an assertion which could result in a
kernel panic under certain race conditions.

Pointed out by:	rwatson
2005-07-26 17:21:56 +00:00
Hajimu UMEMOTO
a1f7e5f8ee scope cleanup. with this change
- most of the kernel code will not care about the actual encoding of
  scope zone IDs and won't touch "s6_addr16[1]" directly.
- similarly, most of the kernel code will not care about link-local
  scoped addresses as a special case.
- scope boundary check will be stricter.  For example, the current
  *BSD code allows a packet with src=::1 and dst=(some global IPv6
  address) to be sent outside of the node, if the application do:
    s = socket(AF_INET6);
    bind(s, "::1");
    sendto(s, some_global_IPv6_addr);
  This is clearly wrong, since ::1 is only meaningful within a single
  node, but the current implementation of the *BSD kernel cannot
  reject this attempt.

Submitted by:	JINMEI Tatuya <jinmei__at__isl.rdc.toshiba.co.jp>
Obtained from:	KAME
2005-07-25 12:31:43 +00:00
Andrew Thompson
39bb2fca46 We check that all the member interfaces have the same MTU on attach to the
bridge but the interface can still be changed afterwards.

This falls under the 'dont do that' category but log an warning when INVARIANTS
is defined.

Approved by:	mlaier (mentor)
MFC after:	3 days
2005-07-25 02:22:37 +00:00
Christian S.J. Peron
69f7644bc9 Introduce new sysctl variable: net.bpf.stats. This sysctl variable can
be used to pass statistics regarding dropped, matched and received
packet counts from the kernel to user-space. While we are here
introduce a new counter for filtered or matched packets. We currently
keep track of packets received or dropped by the bpf device, but not
how many packets actually matched the bpf filter.

-Introduce net.bpf.stats sysctl OID
-Move sysctl variables after the function prototypes so we can
 reference bpf_stats_sysctl(9) without build errors.
-Introduce bpf descriptor counter which is used mainly for sizing
 of the xbpf_d array.
-Introduce a xbpf_d structure which will act as an external
 representation of the bpf_d structure.
-Add a the following members to the bpfd structure:

	bd_fcount	- Number of packets which matched bpf filter
	bd_pid		- PID which opened the bpf device
	bd_pcomm	- Process name which opened the device.

It should be noted that it's possible that the process which opened
the device could be long gone at the time of stats collection. An
example might be a process that opens the bpf device forks then exits
leaving the child process with the bpf fd.

Reviewed by:	mdodd
2005-07-24 17:21:17 +00:00
Robert Watson
638ccea02a Allocate one of the spare ifnet integer fields to hold if_drv_flags,
which in the future will hold IFF_OACTIVE and IFF_RUNNING, and have
its access synchronized by the device driver rather than the
protocol stack.  This will avoid potential races in the management
of flags in if_flags.

Discussed with:	various (scottl, jhb, ...)
MFC after:	1 week
2005-07-21 22:01:06 +00:00
Poul-Henning Kamp
514bcb8955 Add some KASSERTS to catch null pointers. 2005-07-21 09:00:51 +00:00
Andrew Thompson
12b47243c6 Clear the PROMISC flag from the vlan interface when we remove a member. We
checked for IFT_L2VLAN in bridge_ioctl_add() but not bridge_delete_member().

Approved by:	mlaier (mentor)
2005-07-20 19:42:51 +00:00
Robert Watson
2432c31c8b In multicast routines:
Compare pointers with NULL rather than treating them as booleans.

Compare pointers with NULL rather than 0 to make it more clear
they are pointers.

Assign pointers value of NULL rather than 0 to make it more clear
they are pointers.

MFC after:	3 days
2005-07-19 10:12:58 +00:00
Robert Watson
d8d5b10e84 Rename equal() macro to sa_equal(), which matches the definitions
of sa_equal() in other files, and makes it more clear what equal()
is comparing.

MFC after:	3 days
2005-07-19 10:03:47 +00:00
Robert Watson
f002340544 Lock down netnatm and mark as MPSAFE:
- Introduce a subsystem mutex, natm_mtx, manipulated with accessor macros
  NATM_LOCK_INIT(), NATM_LOCK(), NATM_UNLOCK(), NATM_LOCK_ASSERT().  It
  protects the consistency of pcb-related data structures.  Finer grained
  locking is possible, but should be done in the context of specific
  measurements (as very little work is done in netnatm -- most is in the
  ATM device driver or socket layer, so there's probably not much
  contention).

- Remove GIANT_REQUIRED, mark as NETISR_MPSAFE, remove
  NET_NEEDS_GIANT("netnatm").

- Conditionally acquire Giant when entering network interfaces for
  ifp->if_ioctl() using IFF_LOCKGIANT(ifp)/IFF_UNLOCKGIANT(ifp) in order
  to coexist with non-MPSAFE atm ifnet drivers..

- De-spl.

MFC after:	2 weeks
Reviewed by:	harti, bms (various versions)
2005-07-18 16:55:46 +00:00
George V. Neville-Neil
ba7be0a934 Fix for PR 82974. We were not checking that the route looked up in
the case of an RTM_CHANGE was specific, i.e. that it matched completely.  This
led to a route change of a non-existent route changing the default route
as the radix code would simply back track to that point and hand that
route back to the routing socket code.

PR: 82974
Reviewed by: Tai-hwa Liang <avatar@mmlab.cse.yzu.edu.tw>
             Ben Kaduk <minimarmot@gmail.com>
             Bjoern A. Zeeb <bzeeb-lists@lists.zabbadoz.net>
Obtained from:	OpenBSD with modifications.
MFC after: 2 weeks
2005-07-15 09:18:34 +00:00
Max Laier
52023244de Move eventhandler for 'ifnet_departure_event' at the end of the progress.
Some of the (IPv6) cleanup functions send packets to inform peers of the
departure.  These packets confused users of ifnet_departure_event (pf at the
moment).

PR:		kern/80627
Tested by:	Divacky Roman
MFC after:	1 week
2005-07-14 20:26:43 +00:00
Yaroslav Tykhiy
1a3b685942 MFp4:
- Introduce a helper function if_setflag() containing the code common
  to ifpromisc() and if_allmulti() instead of duplicating the code poorly,
  with different bugs.
- Call ifp->if_ioctl() in a consistent way: always use more compatible C
  syntax and check whether ifp->if_ioctl is not NULL prior to the call.

MFC after:	1 month
2005-07-14 13:56:51 +00:00
Andrew Thompson
489fc2258f Previously the bridge MTU was set to ETHERMTU and could not be changed. Since
we can only bridge interfaces with the same value it meant that all members had
to be set at ETHERMTU as well.

Allow the first member to be added to define the MTU for the bridge, the check
still applies to all additional members.

Print an informative message if the MTU is incorrect [1]

Requested by:	Niki Denev [1]
Approved by:	mlaier (mentor)
MFC after:	3 days
2005-07-13 20:40:19 +00:00
Sam Leffler
e0d80bffb5 additions from libpcap 0.9.1 release
Approved by:	re (scottl)
2005-07-11 03:16:23 +00:00
Andrew Thompson
ea32e73208 - Previously when broadcasting to N number of interfaces we would run pfil
hooks for each outgoing interface but also run pfil hooks _N times_ on the
  bridge interface. This is changed so pfil hooks are run once for the bridge
  interface (bridge0) and then only on the outgoing interfaces in the broadcast
  loop.

- Simplify bridge_enqueue() by moving bridge_pfil() to the callers.

- Check (inet6_pfil_hook.ph_busy_count >= 0), it may be possible to have a
  packet filter hooked for only ipv6 but we were only checking if ipv4 hooks
  were busy.

- Minor optimisation for null mbuf check after bridge_pfil(), move it into the
  if-block as it couldnt possibly be null outside.

Prodded by:	mlaier
Approved by:	re (scottl), mlaier (mentor)
2005-07-06 01:24:45 +00:00
Robert Watson
3c308b091f Eliminate MAC entry point mac_create_mbuf_from_mbuf(), which is
redundant with respect to existing mbuf copy label routines.  Expose
a new mac_copy_mbuf() routine at the top end of the Framework and
use that; use the existing mpo_copy_mbuf_label() routine on the
bottom end.

Obtained from:	TrustedBSD Project
Sponsored by:	SPARTA, SPAWAR
Approved by:	re (scottl)
2005-07-05 23:39:51 +00:00
Andrew Thompson
ede3a2773d Check the alignment of the IP header before passing the packet up to the
packet filter. This would cause a panic on architectures that require strict
alignment such as sparc64, ia64 and ppc.

This uses the code block from if_bridge and the newly added macro
IP_HDR_ALIGNED_P().

This /might/ be a temporary messure before all NIC drivers are educated
to align the header themself.

PR:		ia64/81284
Obtained from:	NetBSD (if_bridge)
Approved by:	re (dwhite), mlaier (mentor)
2005-07-03 18:24:03 +00:00
Andrew Thompson
2fcb030ad5 Check the alignment of the IP header before passing the packet up to the
packet filter. This would cause a panic on architectures that require strict
alignment such as sparc64 (tier1) and ia64/ppc (tier2).

This adds two new macros that check the alignment, these are compile time
dependent on __NO_STRICT_ALIGNMENT which is set for i386 and amd64 where
alignment isn't need so the cost is avoided.

 IP_HDR_ALIGNED_P()
 IP6_HDR_ALIGNED_P()

Move bridge_ip_checkbasic()/bridge_ip6_checkbasic() up so that the alignment
is checked for ipfw and dummynet too.

PR:		ia64/81284
Obtained from:	NetBSD
Approved by:	re (dwhite), mlaier (mentor)
2005-07-02 23:13:31 +00:00
Suleiman Souhlal
571dcd15e2 Fix the recent panics/LORs/hangs created by my kqueue commit by:
- Introducing the possibility of using locks different than mutexes
for the knlist locking. In order to do this, we add three arguments to
knlist_init() to specify the functions to use to lock, unlock and
check if the lock is owned. If these arguments are NULL, we assume
mtx_lock, mtx_unlock and mtx_owned, respectively.

- Using the vnode lock for the knlist locking, when doing kqueue operations
on a vnode. This way, we don't have to lock the vnode while holding a
mutex, in filt_vfsread.

Reviewed by:	jmg
Approved by:	re (scottl), scottl (mentor override)
Pointyhat to:	ssouhlal
Will be happy:	everyone
2005-07-01 16:28:32 +00:00
Gleb Smirnoff
82dd5411d9 Use m_uiotombuf() instead of own implementation. This is not just
a cosmetic change. m_uiotombuf() produces a packet header mbuf, while
original implementation did not. When kernel is compiled with MAC
support, headerless mbuf will cause panic.

Reported by:	Alexander Nikiforenko <asn rambler-co.ru>
Approved by:	re (scottl)
MFC After:	2 weeks
2005-07-01 15:22:47 +00:00
Andrew Thompson
49808fa4fc Sync if_bridge to NetBSD r1.31
Rename conflicting variables when handling SNAP Ethernet frames.

Obtained from:	NetBSD
Approved by:	mlaier (mentor)
Approved by:	re (blanket)
2005-06-29 19:23:32 +00:00
Qing Li
16a2e0a6c8 Require gateways for routes to be of the same address family as the
route itself.

It fixes a bug where an IPv4 route for example has an IPv6 gateway
specified:

     route add 10.1.1.1 -inet6 fe80::1%fxp0

     Destination  Gateway       Flags  Refs  Use  Netif Expire
     10.1.1.1     fe80::1%fxp0  UGHS   0     0    fxp0

The fix rejects these illegal combinations:

     route: writing to routing socket: Invalid argument
     add host 10.1.1.1: gateway fe80::1%fxp0: Invalid argument

Reviewed by:	KAME jinmei@isl.rdc.toshiba.co.jp
Reviewed by:	andre (mentor)
Approved by:	re
MFC after:	5
2005-06-28 23:32:22 +00:00
Bjoern A. Zeeb
066b192e3b Fix panic after ifnet changes in rev. 1.30. sc->sc_ifp is a
pointer now and needs to be allocated before using.

Reviewed by:	gnn
Approved by:	re (scottl), rwatson (mentor)
2005-06-28 06:55:45 +00:00
Andrew Thompson
ca6c404ce3 Fix a panic when bringing up the bridge interface. We were casting a ifnet
pointer to a softc which is no longer valid since the ifnet struct was split
out from the softc.

Approved by:	mlaier (mentor)
Approved by:	re (blanket)
2005-06-27 21:58:12 +00:00
David Malone
01399f34a5 Fix some long standing bugs in writing to the BPF device attached to
a DLT_NULL interface. In particular:

        1) Consistently use type u_int32_t for the header of a
           DLT_NULL device - it continues to represent the address
           family as always.
        2) In the DLT_NULL case get bpf_movein to store the u_int32_t
           in a sockaddr rather than in the mbuf, to be consistent
           with all the DLT types.
        3) Consequently fix a bug in bpf_movein/bpfwrite which
           only permitted packets up to 4 bytes less than the MTU
           to be written.
        4) Fix all DLT_NULL devices to have the code required to
           allow writing to their bpf devices.
        5) Move the code to allow writing to if_lo from if_simloop
           to looutput, because it only applies to DLT_NULL devices
           but was being applied to other devices that use if_simloop
           possibly incorrectly.

PR:		82157
Submitted by:	Matthew Luckie <mjl@luckie.org.nz>
Approved by:	re (scottl)
2005-06-26 18:11:11 +00:00
Brooks Davis
1436936ab0 Spelling/grammer fixes in comment.
Reported by:	Hans Petter Selasky <hselasky at c2i dot net>
Approved by:	re (ifnet blanked)
2005-06-17 17:19:34 +00:00
Brooks Davis
b03965ddca Initialze ifp->if_softc.
Submitted by:	ume
2005-06-13 17:17:07 +00:00
Brooks Davis
28ef2db496 Return NULL instead of a bogus pointer from if_alloc when if_com_alloc
fails.

Move detaching the ifnet from the ifindex_table into if_free so we can
both keep the sanity checks and actually delete the ifnets. [0]

Reported by:	gallatin [0]
Approved by:	re (blanket)
2005-06-12 00:53:03 +00:00
Andrew Thompson
e7acea8202 Catch up with the struct ifnet changes and use if_alloc().
Reviewed by:	brooks
Approved by:	mlaier (mentor)
2005-06-10 23:52:01 +00:00
Brooks Davis
fc74a9f93a Stop embedding struct ifnet at the top of driver softcs. Instead the
struct ifnet or the layer 2 common structure it was embedded in have
been replaced with a struct ifnet pointer to be filled by a call to the
new function, if_alloc(). The layer 2 common structure is also allocated
via if_alloc() based on the interface type. It is hung off the new
struct ifnet member, if_l2com.

This change removes the size of these structures from the kernel ABI and
will allow us to better manage them as interfaces come and go.

Other changes of note:
 - Struct arpcom is no longer referenced in normal interface code.
   Instead the Ethernet address is accessed via the IFP2ENADDR() macro.
   To enforce this ac_enaddr has been renamed to _ac_enaddr.
 - The second argument to ether_ifattach is now always the mac address
   from driver private storage rather than sometimes being ac_enaddr.

Reviewed by:	sobomax, sam
2005-06-10 16:49:24 +00:00
Max Laier
2c67c57c8b Add missing {} in last commit. 2005-06-10 15:53:21 +00:00
Andrew Thompson
c8b0129238 Add dummynet(4) support to if_bridge, this code is largely based on bridge.c.
This is the final piece to match bridge.c in functionality, we can now be a
drop-in replacement.

Approved by:	mlaier (mentor)
2005-06-10 01:25:22 +00:00
Hartmut Brandt
25029d6c31 When returing an RTM_GET message through the routing socket fill
in the rtm_index field whenever we have an interface pointer. This
is consistent with the RTM_GET messages returned by sysctl().
2005-06-09 12:20:50 +00:00
Andrew Thompson
82116c339c Bring in IPFW layer2 filtering from bridge.c, this allows Ethernet filtering
using the layer2, mac and mac-type keywords.

This is one of the last features that bridge.c has over if_bridge and gets us
very close to a full functional replacement.

Approved by:	mlaier (mentor)
2005-06-07 21:20:18 +00:00
Christian S.J. Peron
0eb206049e Change the maximum bpf program instruction limitation from being hard-
coded at 512 (BPF_MAXINSNS) to being tunable. This is useful for users
who wish to use complex or large bpf programs when filtering traffic.
For now we will default it to BPF_MAXINSNS. I have tested bpf programs
with well over 21,000 instructions without any problems.

Discussed with:	phk
2005-06-06 22:19:59 +00:00
Brooks Davis
9d80a3307a Send link state change notifications to /dev/devctl. This is needed to
start the OpenBSD dhclient when links come up.
2005-06-06 19:08:11 +00:00
Andrew Thompson
f2999b2fdf Change ipv6 packet filtering to match ipv4. It now checks pfil_member and
pfil_bridge to determine which interfaces to filter on.

Approved by:	mlaier (mentor)
2005-06-06 02:41:29 +00:00
Andrew Thompson
5a6530a38d Fix indentation of two comment blocks from the last commit.
Approved by:	mlaier (mentor)
2005-06-05 03:49:23 +00:00
Andrew Thompson
8f86751705 Add hooks into the networking layer to support if_bridge. This changes struct
ifnet so a buildworld is necessary.

Approved by:	mlaier (mentor)
Obtained from:	NetBSD
2005-06-05 03:13:13 +00:00
Andrew Thompson
31997bf223 Add if_bridge, which provides more advanced Ethernet bridging and 802.1d
spanning tree support.

Based on Jason Wright's bridge driver from OpenBSD, and modified by Jason R.
Thorpe in NetBSD.

Reviewed by:	mlaier, bms, green
Silence from:	-net
Approved by:	mlaier (mentor)
Obtained from:	NetBSD
2005-06-05 02:59:26 +00:00
Sam Leffler
f6f1669c0f integrate changes from libpcap-0.9.1-096
Reviewed by:	bms
2005-05-28 21:56:41 +00:00
Brooks Davis
dbf49e18bb Update refrenced URL for SNMP list of ifTypes to refer to iana.org
instead of a dead location on ftp.isi.edu.
2005-05-28 06:11:38 +00:00
Gleb Smirnoff
748741c7ae Plug mbuf leak, that I have introduced in 1.85. Also restore important comment
from if_ethersubr.c:1.178. While here adjust formatting, to make code more
readable.

Reported by:	Alexey Kamyshev, rwatson
2005-05-26 06:50:00 +00:00
Peter Edwards
45778b37b2 Separate out address-detaching part of if_detach into if_purgeaddrs,
so if_tap doesn't need to rely on locally-rolled code to do same.

The observable symptom of if_tap's bzero'ing the address details
was a crash in "ifconfig tap0" after an if_tap device was closed.

Reported By: Matti Saarinen (mjsaarin at cc dot helsinki dot fi)
2005-05-25 13:52:03 +00:00
Max Laier
d274e6b641 Fix semantics of ph_busy_count == -1 to pass instead of block.
PR:		kern/81128
Submitted by:	Joost Bekkers
MFC-after:	2 weeks
2005-05-23 17:07:16 +00:00
Colin Percival
fd94099ec2 If we are going to
1. Copy a NULL-terminated string into a fixed-length buffer, and
2. copyout that buffer to userland,
we really ought to
0. Zero the entire buffer
first.

Security: FreeBSD-SA-05:08.kmem
2005-05-06 02:50:00 +00:00
Maksim Yevmenkin
75ae257016 Change m_uiotombuf so it will accept offset at which data should be copied
to the mbuf. Offset cannot exceed MHLEN bytes. This is currently used to
fix Ethernet header alignment problem on alpha and sparc64. Also change all
users of m_uiotombuf to pass proper offset.

Reviewed by:	jmg, sam
Tested by:	Sten Spans "sten AT blinkenlights DOT nl"
MFC after:	1 week
2005-05-04 18:55:03 +00:00
Christian S.J. Peron
a3272e3ce3 -introduce net.bpf sysctl instead of the less intuitive debug.*
debug.bpf_bufsize is now net.bpf.bufsize
    debug.bpf_maxbufsize is now net.bpf.maxbufsize

-move function prototypes for bpf_drvinit and bpf_clone up to the
 top of the file with the others
-assert bpfd lock in catchpacket() and bpf_wakeup()

MFC after:	2 weeks
2005-05-04 03:09:28 +00:00
Gleb Smirnoff
984be3efbf - Call if_link_state_change() for each vlan, when link changes
on parent.
- Remove route.h include.
- Fix comment about MII.

Sponsored by:	Rambler
Reviewed by:	yar
2005-04-20 12:16:41 +00:00
Gleb Smirnoff
68a3482f69 Do not call all link state callbacks directly, but schedule
a taskqueue(9) task. This fixes LORs and adds possibility
to serve such events pseudorecursively, when link state
change of interface causes subsequent change on other
interfaces.

Sponsored by:	Rambler
Reviewed by:	sam, brooks, mux
2005-04-20 09:30:54 +00:00
Colin Percival
fbd24c5ed6 Zero the ifr.ifr_name buffer in ifconf() in order to avoid
accidental disclosure of kernel memory to userland.

Security:	FreeBSD-SA-05:04.ifconf
2005-04-15 01:52:40 +00:00
Matthew N. Dodd
f7251b07e2 Add #defines for control fields and address bits. 2005-04-13 08:14:14 +00:00
Matthew N. Dodd
b137ea624b Provide a sysctl (net.link.tap.user_open) to allow unpriviliged
acces to tap(4) device nodes based on file system permission.

Duplicate the 'debug.if_tap_debug' sysctl under the
'net.link.tap' hierarchy.
2005-04-13 00:30:19 +00:00
Poul-Henning Kamp
f4f6abcb4e Explicitly hold a reference to the cdev we have just cloned. This
closes the race where the cdev was reclaimed before it ever made it
back to devfs lookup.
2005-03-31 12:19:44 +00:00
Brian Feldman
4549709fb5 You must selwakeup{,pri}() when closing a selectable object or the
td->td_sel will get trashed and crash the system.  Fix BPF's mistake
in this area.

MFC after:	1 day
2005-03-27 23:16:17 +00:00
Sam Leffler
7a7fa27b23 rt_newaddrmsg will blow up if given something other than RTM_ADD
or RTM_DELETE; add an assertion, may want to do something more
heavyhanded in the future

Noticed by:	Coverity Prevent analysis tool
Reviewed by:	mdodd
2005-03-26 21:49:43 +00:00
Andrew Gallatin
f83935f874 Zero the reserved fields of the header, as per rfc 2734. This change
results in connectivty to MacOSX hosts via fwip.

Thanks to Apple's Arulchandran Paramasivam <arulchandranp@apple.com> for
letting us know what we were doing wrong.

Reviewed by: dfr
MFC After: 7 days
2005-03-25 16:05:42 +00:00
Matthew N. Dodd
96a205962e - Break after nested switch.
- Default returns an error.
2005-03-24 02:08:22 +00:00
Gleb Smirnoff
d4d2297060 ifma_protospec is a pointer. Use NULL when assigning or compating it. 2005-03-20 14:31:45 +00:00
Gleb Smirnoff
5515c2e793 Add a sysctl net.link.log_link_state_change, which allows to
suppress logging of interface link state changes.

Requested by:	sam, kan
2005-03-12 12:58:03 +00:00
Maxim Sobolev
5c16270365 When neither of supported frame type is enabled via kernel options enable
them all, otherwise the driver will be useless and will only confuse user
as manual page says nothing about the need to enable one of those frame
types explicitly in the kernel config.

PR:		kern/47152
Submitted by:	Andriy Gapon <avg@icyb.net.ua>
MFC after:	3 days
2005-03-06 23:03:58 +00:00
Maxim Sobolev
a10260280f Fix ef(4) driver when kernel compiled w/o IPX.
MFC after:	3 days
2005-03-06 22:59:40 +00:00
John-Mark Gurney
7819da7944 fix a bug where bpf would try to wakeup before updating the state.. This
was causing kqueue not to see the correct state and not wake up a process
that is waiting...

Submitted by:	nCircle Network Security, Inc.
2005-03-02 21:59:39 +00:00
Gleb Smirnoff
31199c8463 Use NET_CALLOUT_MPSAFE macro. 2005-03-01 12:01:17 +00:00
Gleb Smirnoff
3a84d72a78 Revert change to struct ifnet. Use ifnet pointer in softc. Embedding
ifnet into smth will soon be removed.

Requested by:	brooks
2005-03-01 10:59:14 +00:00
Robert Watson
a8e93fb7ec In bpf_setf(), protect against races between multiple user threads
attempting to change the BPF filter on a BPF descriptor at the same
time: retrieve the old filter pointer under the same locked region
as setting the new pointer.

MFC after:	3 days
2005-02-28 14:04:09 +00:00
Robert Watson
d1a67300e2 Update a comment describing bpf_iflist to indicate that the BPF interface
structures correspond to specific link layers, so the same network
interface may appear more than once.

MFC after:	3 days
2005-02-28 12:35:52 +00:00
Gleb Smirnoff
e8c34a71eb Remove carp_softc.sc_ifp member in favor of union pointers in struct ifnet.
Obtained from:	OpenBSD
2005-02-26 13:55:07 +00:00
Brooks Davis
bc9d299133 Change the definition of struct if_data's member ifi_epoch from wall
clock time to uptime because wall clock time may go backwards.

This is a change in the API which will impact SNMP agents who are using
ifi_epoch to set RFC2233's ifCounterDiscontinuityTime.  None are know to
exist today.  This will not impact applications that are using the
<index, epoch> tuple to verify interface uniqueness except that it
eliminates a race which could lead to a false assumption of uniqueness.

Because this is a behavior change, bump __FreeBSD_version.

Discussed with:	re (jhb, scottl)
MFC after:	3 days
Pointed out by:	pkh (way back at EuroBSDCon)
Pointy hat:	brooks
2005-02-25 19:46:41 +00:00
Maxim Konovalov
a6d008350d o Move ifcr_count sanity check up and reject negative values before we
panic at kmem_alloc() via malloc(9).

PR:		kern/77748
Submitted by:	Wojciech A. Koszek
OK'ed by:	brooks
Security:	local DoS, a sample code in the PR.
MFC after:	3 days
2005-02-24 13:14:41 +00:00
Gleb Smirnoff
58996b1337 Fix long lines in comment introduced in previous commit. 2005-02-24 10:15:50 +00:00
Sam Leffler
89bc9a3171 the rt parameter to ifa_rtrequest callbacks should always be non-null;
eliminate grauitous ptr checks that follow ptr deref's

Noticed by:	Coverity Prevent analysis tool
2005-02-24 01:34:01 +00:00
Sam Leffler
8d78bea456 eliminate dead code and collapse the remainder
Noticed by:	Coverity Prevent analysis tool
Reviewed by:	rwatson
2005-02-23 22:50:19 +00:00
Gleb Smirnoff
8b25904e36 Typo in comment. 2005-02-22 15:29:29 +00:00
Robert Watson
7e2041e0c4 When prepending an LCC SNAP header to an atalk outgoing ethernet packet,
allocate the additional mbuf (if needed) using a non-sleeping memory
allocation.

MFC after:	7 days
2005-02-22 15:03:25 +00:00
Gleb Smirnoff
4d96314f88 - In if_link_state_change() extract function body from if-block, to improve
readability.
- Call carp_carpdev_state() from if_link_state_change() if interface has
  associated CARP interface.

Sponsored by:	Rambler
2005-02-22 14:21:59 +00:00
Gleb Smirnoff
a97719482d Add CARP (Common Address Redundancy Protocol), which allows multiple
hosts to share an IP address, providing high availability and load
balancing.

Original work on CARP done by Michael Shalayeff, with many
additions by Marco Pfatschbacher and Ryan McBride.

FreeBSD port done solely by Max Laier.

Patch by:	mlaier
Obtained from:	OpenBSD (mickey, mcbride)
2005-02-22 13:04:05 +00:00
Ruslan Ermilov
6ee20ab521 Allocate the M_VLANTAG m_pkthdr flag, and use it to indicate that
a packet has VLAN mbuf tag attached.  This is faster to check than
m_tag_locate(), and allows us to use the tags in non-vlan(4) VLAN
producers.

The first argument to VLAN_OUTPUT_TAG() is now unused but retained
for backward compatibility.

While here, embellish a fix in rev. 1.174 of if_ethersubr.c -- it
now checks for packets with VLAN (mbuf) tags, and it should now
be possible to bridge(4) on vlan(4)'s whose parent interfaces
support VLAN decapsulation in hardware.

Reviewed by:	sam
2005-02-18 22:31:19 +00:00
Gleb Smirnoff
eb46c866bb Check for non-NULL ac_netgraph field in interface arpcom, instead of
checking global presence of ng_ether(4).

Reviewed by:	ru
2005-02-14 11:58:54 +00:00