d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Step 1.5 of importing the network stack virtualization infrastructure

Browse Source 
from the vimage project, as per plan established at devsummit 08/08:
http://wiki.freebsd.org/Image/Notes200808DevSummit

Introduce INIT_VNET_*() initializer macros, VNET_FOREACH() iterator
macros, and CURVNET_SET() context setting macros, all currently
resolving to NOPs.

Prepare for virtualization of selected SYSCTL objects by introducing a
family of SYSCTL_V_*() macros, currently resolving to their global
counterparts, i.e. SYSCTL_V_INT() == SYSCTL_INT().

Move selected #defines from sys/sys/vimage.h to newly introduced header
files specific to virtualized subsystems (sys/net/vnet.h,
sys/netinet/vinet.h etc.).

All the changes are verified to have zero functional impact at this
point in time by doing MD5 comparision between pre- and post-change
object files(*).

(*) netipsec/keysock.c did not validate depending on compile time options.

Implemented by:	julian, bz, brooks, zec
Reviewed by:	julian, bz, brooks, kris, rwatson, ...
Approved by:	julian (mentor)
Obtained from:	//depot/projects/vimage-commit2/...
X-MFC after:	never
Sponsored by:	NLnet Foundation, The FreeBSD Foundation
This commit is contained in:
zec 2008-10-02 15:37:58 +00:00
parent e682bfadb0
commit 8797d4caec
125 changed files with 2724 additions and 897 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sys/compat/linprocfs/linprocfs.c
View File

@ -1001,6 +1001,7 @@ linprocfs_doprocmaps(PFS_FILL_ARGS)
static int
linprocfs_donetdev(PFS_FILL_ARGS)
{
INIT_VNET_NET(TD_TO_VNET(curthread));
char ifname[16]; /* XXX LINUX_IFNAMSIZ */
struct ifnet *ifp;

3
sys/compat/linux/linux_ioctl.c
View File

@ -2051,6 +2051,7 @@ linux_ioctl_console(struct thread *td, struct linux_ioctl_args *args)
int
linux_ifname(struct ifnet *ifp, char *buffer, size_t buflen)
{
INIT_VNET_NET(ifp->if_vnet);
struct ifnet *ifscan;
int ethno;
@ -2084,6 +2085,7 @@ linux_ifname(struct ifnet *ifp, char *buffer, size_t buflen)
static struct ifnet *
ifname_linux_to_bsd(const char *lxname, char *bsdname)
{
INIT_VNET_NET(TD_TO_VNET(curthread));
struct ifnet *ifp;
int len, unit;
char *ep;
@ -2124,6 +2126,7 @@ ifname_linux_to_bsd(const char *lxname, char *bsdname)
static int
linux_ifconf(struct thread *td, struct ifconf *uifc)
{
INIT_VNET_NET(TD_TO_VNET(td));
#ifdef COMPAT_LINUX32
struct l_ifconf ifc;
#else

1
sys/compat/linux/linux_misc.c
View File

@ -707,6 +707,7 @@ linux_times(struct thread *td, struct linux_times_args *args)
int
linux_newuname(struct thread *td, struct linux_newuname_args *args)
{
INIT_VPROCG(TD_TO_VPROCG(td));
struct l_new_utsname utsname;
char osname[LINUX_MAX_UTSNAME];
char osrelease[LINUX_MAX_UTSNAME];

3
sys/compat/linux/linux_socket.c
View File

@ -546,6 +546,9 @@ struct linux_socket_args {
static int
linux_socket(struct thread *td, struct linux_socket_args *args)
{
#ifdef INET6
INIT_VNET_INET6(curvnet);
#endif
struct socket_args /* {
int domain;
int type;

1
sys/compat/svr4/svr4_sockio.c
View File

@ -88,6 +88,7 @@ svr4_sock_ioctl(fp, td, retval, fd, cmd, data)
switch (cmd) {
case SVR4_SIOCGIFNUM:
{
INIT_VNET_NET(curvnet);
struct ifnet *ifp;
struct ifaddr *ifa;
int ifnum = 0;

5
sys/contrib/ipfilter/netinet/ip_auth.c
View File

@ -70,6 +70,11 @@ struct file;
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#if !defined(_KERNEL) && defined(__FreeBSD_version) && \
__FreeBSD_version >= 800049
# define V_ip_do_randomid ip_do_randomid
# define V_ip_id ip_id
#endif
#if !defined(_KERNEL) && !defined(__osf__) && !defined(__sgi)
# define KERNEL
# define _KERNEL

18
sys/contrib/pf/net/pf.c
View File

@ -1759,6 +1759,7 @@ pf_send_tcp(const struct pf_rule *r, sa_family_t af,
u_int8_t flags, u_int16_t win, u_int16_t mss, u_int8_t ttl, int tag,
u_int16_t rtag, struct ether_header *eh, struct ifnet *ifp)
{
INIT_VNET_INET(curvnet);
struct mbuf *m;
int len, tlen;
#ifdef INET
@ -2922,6 +2923,7 @@ pf_socket_lookup(int direction, struct pf_pdesc *pd, struct inpcb *inp_arg)
pf_socket_lookup(int direction, struct pf_pdesc *pd)
#endif
{
INIT_VNET_INET(curvnet);
struct pf_addr *saddr, *daddr;
u_int16_t sport, dport;
#ifdef __FreeBSD__
@ -3101,6 +3103,7 @@ pf_get_wscale(struct mbuf *m, int off, u_int16_t th_off, sa_family_t af)
u_int16_t
pf_get_mss(struct mbuf *m, int off, u_int16_t th_off, sa_family_t af)
{
INIT_VNET_INET(curvnet);
int hlen;
u_int8_t hdr[60];
u_int8_t *opt, optlen;
@ -3140,6 +3143,7 @@ u_int16_t
pf_calc_mss(struct pf_addr *addr, sa_family_t af, u_int16_t offer)
{
#ifdef INET
INIT_VNET_INET(curvnet);
struct sockaddr_in *dst;
struct route ro;
#endif /* INET */
@ -3242,6 +3246,7 @@ pf_test_tcp(struct pf_rule **rm, struct pf_state **sm, int direction,
struct ifqueue *ifq)
#endif
{
INIT_VNET_INET(curvnet);
struct pf_rule *nr = NULL;
struct pf_addr *saddr = pd->src, *daddr = pd->dst;
struct tcphdr *th = pd->hdr.tcp;
@ -6096,6 +6101,7 @@ void
pf_route(struct mbuf **m, struct pf_rule *r, int dir, struct ifnet *oifp,
struct pf_state *s, struct pf_pdesc *pd)
{
INIT_VNET_INET(curvnet);
struct mbuf *m0, *m1;
struct route iproute;
struct route *ro = NULL;
@ -6633,18 +6639,30 @@ pf_check_proto_cksum(struct mbuf *m, int off, int len, u_int8_t p, sa_family_t a
if (sum) {
switch (p) {
case IPPROTO_TCP:
{
INIT_VNET_INET(curvnet);
V_tcpstat.tcps_rcvbadsum++;
break;
}
case IPPROTO_UDP:
{
INIT_VNET_INET(curvnet);
V_udpstat.udps_badsum++;
break;
}
case IPPROTO_ICMP:
{
INIT_VNET_INET(curvnet);
V_icmpstat.icps_checksum++;
break;
}
#ifdef INET6
case IPPROTO_ICMPV6:
{
INIT_VNET_INET6(curvnet);
V_icmp6stat.icp6s_checksum++;
break;
}
#endif /* INET6 */
}
return (1);

2
sys/contrib/pf/net/pf_if.c
View File

@ -122,6 +122,8 @@ RB_GENERATE(pfi_ifhead, pfi_kif, pfik_tree, pfi_if_compare);
void
pfi_initialize(void)
{
INIT_VNET_NET(curvnet);
if (pfi_all != NULL) /* already initialized */
return;

2
sys/contrib/pf/net/pf_ioctl.c
View File

@ -3704,6 +3704,8 @@ static int
pf_check6_in(void *arg, struct mbuf **m, struct ifnet *ifp, int dir,
struct inpcb *inp)
{
INIT_VNET_NET(curvnet);
/*
* IPv6 is not affected by ip_len/ip_off byte order changes.
*/

1
sys/contrib/pf/net/pf_subr.c
View File

@ -123,6 +123,7 @@ static MD5_CTX isn_ctx;
u_int32_t
pf_new_isn(struct pf_state *s)
{
INIT_VNET_INET(curvnet);
u_int32_t md5_buffer[4];
u_int32_t new_isn;
struct pf_state_host *src, *dst;

7
sys/contrib/pf/net/pfvar.h
View File

@ -1855,5 +1855,12 @@ int pf_osfp_match(struct pf_osfp_enlist *, pf_osfp_t);
struct pf_os_fingerprint *
pf_osfp_validate(void);
/*
* Symbol translation macros
*/
#define INIT_VNET_PF(vnet) \
INIT_FROM_VNET(vnet, VNET_MOD_PF, struct vnet_pf, vnet_pf)
#define VNET_PF(sym) VSYM(vnet_pf, sym)
#endif /* _NET_PFVAR_H_ */

4
sys/contrib/rdma/rdma_cma.c
View File

@ -48,6 +48,7 @@ __FBSDID("$FreeBSD$");
#include <sys/syslog.h>
#include <sys/vimage.h>
#include <net/if.h>
#include <netinet/in.h>
#include <netinet/in_pcb.h>
@ -1947,6 +1948,7 @@ err1:
static int cma_alloc_any_port(struct kvl *ps, struct rdma_id_private *id_priv)
{
INIT_VNET_INET(curvnet);
struct rdma_bind_list *bind_list;
int port, ret;
@ -1991,6 +1993,7 @@ err1:
static int cma_use_port(struct kvl *ps, struct rdma_id_private *id_priv)
{
INIT_VNET_INET(curvnet);
struct rdma_id_private *cur_id;
struct sockaddr_in *sin, *cur_sin;
struct rdma_bind_list *bind_list;
@ -2910,6 +2913,7 @@ static void cma_remove_one(struct ib_device *device)
static int cma_init(void)
{
INIT_VNET_INET(curvnet);
int ret;
LIST_INIT(&listen_any_list);

11
sys/dev/cxgb/ulp/iw_cxgb/iw_cxgb.c
View File

@ -212,6 +212,7 @@ ifaddr_event_handler(void *arg, struct ifnet *ifp)
static int
iwch_init_module(void)
{
VNET_ITERATOR_DECL(vnet_iter);
int err;
struct ifnet *ifp;
@ -233,9 +234,15 @@ iwch_init_module(void)
/* Register existing TOE interfaces by walking the ifnet chain */
IFNET_RLOCK();
TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
(void)ifaddr_event_handler(NULL, ifp);
VNET_LIST_RLOCK();
VNET_FOREACH(vnet_iter) {
CURVNET_SET(vnet_iter); /* XXX CURVNET_SET_QUIET() ? */
INIT_VNET_NET(vnet_iter);
TAILQ_FOREACH(ifp, &V_ifnet, if_link)
(void)ifaddr_event_handler(NULL, ifp);
CURVNET_RESTORE();
}
VNET_LIST_RUNLOCK();
IFNET_RUNLOCK();
return 0;
}

4
sys/dev/cxgb/ulp/tom/cxgb_cpl_io.c
View File

@ -276,6 +276,7 @@ mk_tid_release(struct mbuf *m, const struct toepcb *toep, unsigned int tid)
static inline void
make_tx_data_wr(struct socket *so, struct mbuf *m, int len, struct mbuf *tail)
{
INIT_VNET_INET(so->so_vnet);
struct tcpcb *tp = so_sototcpcb(so);
struct toepcb *toep = tp->t_toe;
struct tx_data_wr *req;
@ -1220,6 +1221,7 @@ install_offload_ops(struct socket *so)
static __inline int
select_rcv_wscale(int space)
{
INIT_VNET_INET(so->so_vnet);
int wscale = 0;
if (space > MAX_RCV_WND)
@ -1237,6 +1239,7 @@ select_rcv_wscale(int space)
static unsigned long
select_rcv_wnd(struct toedev *dev, struct socket *so)
{
INIT_VNET_INET(so->so_vnet);
struct tom_data *d = TOM_DATA(dev);
unsigned int wnd;
unsigned int max_rcv_wnd;
@ -3783,6 +3786,7 @@ fixup_and_send_ofo(struct toepcb *toep)
static void
socket_act_establish(struct socket *so, struct mbuf *m)
{
INIT_VNET_INET(so->so_vnet);
struct cpl_act_establish *req = cplhdr(m);
u32 rcv_isn = ntohl(req->rcv_isn); /* real RCV_ISN + 1 */
struct tcpcb *tp = so_sototcpcb(so);

2
sys/dev/firewire/firewire.c
View File

@ -703,7 +703,7 @@ fw_reset_crom(struct firewire_comm *fc)
crom_add_simple_text(src, root, &buf->vendor, "FreeBSD Project");
crom_add_entry(root, CSRKEY_HW, __FreeBSD_version);
#endif
crom_add_simple_text(src, root, &buf->hw, V_hostname);
crom_add_simple_text(src, root, &buf->hw, G_hostname);
}
/*

2
sys/fs/cd9660/cd9660_rrip.c
View File

@ -114,6 +114,7 @@ cd9660_rrip_slink(p,ana)
ISO_RRIP_SLINK *p;
ISO_RRIP_ANALYZE *ana;
{
INIT_VPROCG(TD_TO_VPROCG(curthread));
ISO_RRIP_SLINK_COMPONENT *pcomp;
ISO_RRIP_SLINK_COMPONENT *pcompe;
int len, wlen, cont;
@ -224,6 +225,7 @@ cd9660_rrip_altname(p,ana)
ISO_RRIP_ALTNAME *p;
ISO_RRIP_ANALYZE *ana;
{
INIT_VPROCG(TD_TO_VPROCG(curthread));
char *inbuf;
int wlen;
int cont;

1
sys/kern/kern_jail.c
View File

@ -475,6 +475,7 @@ jailed(struct ucred *cred)
void
getcredhostname(struct ucred *cred, char *buf, size_t size)
{
INIT_VPROCG(cred->cr_vimage->v_procg);
if (jailed(cred)) {
mtx_lock(&cred->cr_prison->pr_mtx);

9
sys/kern/kern_mib.c
View File

@ -207,7 +207,9 @@ static char machine_arch[] = MACHINE_ARCH;
SYSCTL_STRING(_hw, HW_MACHINE_ARCH, machine_arch, CTLFLAG_RD,
machine_arch, 0, "System architecture");
#ifndef VIMAGE
char hostname[MAXHOSTNAMELEN];
#endif
/*
* This mutex is used to protect the hostname and domainname variables, and
@ -219,6 +221,7 @@ MTX_SYSINIT(hostname_mtx, &hostname_mtx, "hostname", MTX_DEF);
static int
sysctl_hostname(SYSCTL_HANDLER_ARGS)
{
INIT_VPROCG(TD_TO_VPROCG(req->td));
struct prison *pr;
char tmphostname[MAXHOSTNAMELEN];
int error;
@ -345,7 +348,9 @@ SYSCTL_PROC(_kern, OID_AUTO, conftxt, CTLTYPE_STRING|CTLFLAG_RW,
0, 0, sysctl_kern_config, "", "Kernel configuration file");
#endif
#ifndef VIMAGE
char domainname[MAXHOSTNAMELEN]; /* Protected by hostname_mtx. */
#endif
static int
sysctl_domainname(SYSCTL_HANDLER_ARGS)
@ -354,13 +359,13 @@ sysctl_domainname(SYSCTL_HANDLER_ARGS)
int error;
mtx_lock(&hostname_mtx);
bcopy(domainname, tmpdomainname, MAXHOSTNAMELEN);
bcopy(V_domainname, tmpdomainname, MAXHOSTNAMELEN);
mtx_unlock(&hostname_mtx);
error = sysctl_handle_string(oidp, tmpdomainname,
sizeof tmpdomainname, req);
if (req->newptr != NULL && error == 0) {
mtx_lock(&hostname_mtx);
bcopy(tmpdomainname, domainname, MAXHOSTNAMELEN);
bcopy(tmpdomainname, V_domainname, MAXHOSTNAMELEN);
mtx_unlock(&hostname_mtx);
}
return (error);

1
sys/kern/kern_uuid.c
View File

@ -88,6 +88,7 @@ MTX_SYSINIT(uuid_lock, &uuid_mutex, "UUID generator mutex lock", MTX_DEF);
static void
uuid_node(uint16_t *node)
{
INIT_VNET_NET(curvnet);
struct ifnet *ifp;
struct ifaddr *ifa;
struct sockaddr_dl *sdl;

4
sys/kern/kern_xxx.c
View File

@ -246,6 +246,7 @@ getdomainname(td, uap)
struct thread *td;
struct getdomainname_args *uap;
{
INIT_VPROCG(TD_TO_VPROCG(td));
char tmpdomainname[MAXHOSTNAMELEN];
int domainnamelen;
@ -271,6 +272,7 @@ setdomainname(td, uap)
struct thread *td;
struct setdomainname_args *uap;
{
INIT_VPROCG(TD_TO_VPROCG(td));
char tmpdomainname[MAXHOSTNAMELEN];
int error, domainnamelen;
@ -284,7 +286,7 @@ setdomainname(td, uap)
if (error == 0) {
tmpdomainname[domainnamelen] = 0;
mtx_lock(&hostname_mtx);
bcopy(tmpdomainname, V_domainname, sizeof(domainname));
bcopy(tmpdomainname, V_domainname, sizeof(V_domainname));
mtx_unlock(&hostname_mtx);
}
return (error);

1
sys/net/bridgestp.c
View File

@ -2017,6 +2017,7 @@ bstp_same_bridgeid(uint64_t id1, uint64_t id2)
void
bstp_reinit(struct bstp_state *bs)
{
INIT_VNET_NET(curvnet);
struct bstp_port *bp;
struct ifnet *ifp, *mif;
u_char *e_addr;

46
sys/net/if.c
View File

@ -168,6 +168,7 @@ MALLOC_DEFINE(M_IFMADDR, "ether_multi", "link-level multicast address");
struct ifnet *
ifnet_byindex(u_short idx)
{
INIT_VNET_NET(curvnet);
struct ifnet *ifp;
IFNET_RLOCK();
@ -179,6 +180,7 @@ ifnet_byindex(u_short idx)
static void
ifnet_setbyindex(u_short idx, struct ifnet *ifp)
{
INIT_VNET_NET(curvnet);
IFNET_WLOCK_ASSERT();
@ -188,6 +190,7 @@ ifnet_setbyindex(u_short idx, struct ifnet *ifp)
struct ifaddr *
ifaddr_byindex(u_short idx)
{
INIT_VNET_NET(curvnet);
struct ifaddr *ifa;
IFNET_RLOCK();
@ -199,6 +202,7 @@ ifaddr_byindex(u_short idx)
struct cdev *
ifdev_byindex(u_short idx)
{
INIT_VNET_NET(curvnet);
struct cdev *cdev;
IFNET_RLOCK();
@ -210,6 +214,7 @@ ifdev_byindex(u_short idx)
static void
ifdev_setbyindex(u_short idx, struct cdev *cdev)
{
INIT_VNET_NET(curvnet);
IFNET_WLOCK();
V_ifindex_table[idx].ife_dev = cdev;
@ -279,6 +284,7 @@ netioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag, struct thread *td
static int
netkqfilter(struct cdev *dev, struct knote *kn)
{
INIT_VNET_NET(curvnet);
struct knlist *klist;
struct ifnet *ifp;
int idx;
@ -348,6 +354,7 @@ filt_netdev(struct knote *kn, long hint)
static void
if_init(void *dummy __unused)
{
INIT_VNET_NET(curvnet);
IFNET_LOCK_INIT();
TAILQ_INIT(&V_ifnet);
@ -362,6 +369,7 @@ if_init(void *dummy __unused)
static void
if_grow(void)
{
INIT_VNET_NET(curvnet);
u_int n;
struct ifindex_entry *e;
@ -383,6 +391,7 @@ if_grow(void)
struct ifnet*
if_alloc(u_char type)
{
INIT_VNET_NET(curvnet);
struct ifnet *ifp;
ifp = malloc(sizeof(struct ifnet), M_IFNET, M_WAITOK|M_ZERO);
@ -445,6 +454,7 @@ if_free(struct ifnet *ifp)
void
if_free_type(struct ifnet *ifp, u_char type)
{
INIT_VNET_NET(curvnet); /* ifp->if_vnet can be NULL here ! */
if (ifp != ifnet_byindex(ifp->if_index)) {
if_printf(ifp, "%s: value was not if_alloced, skipping\n",
@ -482,6 +492,7 @@ if_free_type(struct ifnet *ifp, u_char type)
void
if_attach(struct ifnet *ifp)
{
INIT_VNET_NET(curvnet);
unsigned socksize, ifasize;
int namelen, masklen;
struct sockaddr_dl *sdl;
@ -595,6 +606,7 @@ if_attach(struct ifnet *ifp)
static void
if_attachdomain(void *dummy)
{
INIT_VNET_NET(curvnet);
struct ifnet *ifp;
int s;
@ -705,6 +717,7 @@ if_purgemaddrs(struct ifnet *ifp)
void
if_detach(struct ifnet *ifp)
{
INIT_VNET_NET(ifp->if_vnet);
struct ifaddr *ifa;
struct radix_node_head *rnh;
int s;
@ -820,6 +833,7 @@ if_detach(struct ifnet *ifp)
int
if_addgroup(struct ifnet *ifp, const char *groupname)
{
INIT_VNET_NET(ifp->if_vnet);
struct ifg_list *ifgl;
struct ifg_group *ifg = NULL;
struct ifg_member *ifgm;
@ -889,6 +903,7 @@ if_addgroup(struct ifnet *ifp, const char *groupname)
int
if_delgroup(struct ifnet *ifp, const char *groupname)
{
INIT_VNET_NET(ifp->if_vnet);
struct ifg_list *ifgl;
struct ifg_member *ifgm;
@ -978,6 +993,7 @@ if_getgroup(struct ifgroupreq *data, struct ifnet *ifp)
static int
if_getgroupmembers(struct ifgroupreq *data)
{
INIT_VNET_NET(curvnet);
struct ifgroupreq *ifgr = data;
struct ifg_group *ifg;
struct ifg_member *ifgm;
@ -1087,6 +1103,7 @@ if_rtdel(struct radix_node *rn, void *arg)
struct ifaddr *
ifa_ifwithaddr(struct sockaddr *addr)
{
INIT_VNET_NET(curvnet);
struct ifnet *ifp;
struct ifaddr *ifa;
@ -1117,6 +1134,7 @@ done:
struct ifaddr *
ifa_ifwithbroadaddr(struct sockaddr *addr)
{
INIT_VNET_NET(curvnet);
struct ifnet *ifp;
struct ifaddr *ifa;
@ -1144,6 +1162,7 @@ done:
struct ifaddr *
ifa_ifwithdstaddr(struct sockaddr *addr)
{
INIT_VNET_NET(curvnet);
struct ifnet *ifp;
struct ifaddr *ifa;
@ -1172,6 +1191,7 @@ done:
struct ifaddr *
ifa_ifwithnet(struct sockaddr *addr)
{
INIT_VNET_NET(curvnet);
struct ifnet *ifp;
struct ifaddr *ifa;
struct ifaddr *ifa_maybe = (struct ifaddr *) 0;
@ -1415,6 +1435,7 @@ do_link_state_change(void *arg, int pending)
struct ifnet *ifp = (struct ifnet *)arg;
int link_state = ifp->if_link_state;
int link;
CURVNET_SET(ifp->if_vnet);
/* Notify that the link state has changed. */
rt_ifmsg(ifp);
@ -1451,6 +1472,7 @@ do_link_state_change(void *arg, int pending)
if (log_link_state_change)
log(LOG_NOTICE, "%s: link state changed to %s\n", ifp->if_xname,
(link_state == LINK_STATE_UP) ? "UP" : "DOWN" );
CURVNET_RESTORE();
}
/*
@ -1513,16 +1535,24 @@ if_qflush(struct ifaltq *ifq)
static void
if_slowtimo(void *arg)
{
VNET_ITERATOR_DECL(vnet_iter);
struct ifnet *ifp;
int s = splimp();
IFNET_RLOCK();
TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
if (ifp->if_timer == 0 || --ifp->if_timer)
continue;
if (ifp->if_watchdog)
(*ifp->if_watchdog)(ifp);
VNET_LIST_RLOCK();
VNET_FOREACH(vnet_iter) {
CURVNET_SET(vnet_iter);
INIT_VNET_NET(vnet_iter);
TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
if (ifp->if_timer == 0 || --ifp->if_timer)
continue;
if (ifp->if_watchdog)
(*ifp->if_watchdog)(ifp);
}
CURVNET_RESTORE();
}
VNET_LIST_RUNLOCK();
IFNET_RUNLOCK();
splx(s);
timeout(if_slowtimo, (void *)0, hz / IFNET_SLOWHZ);
@ -1535,6 +1565,7 @@ if_slowtimo(void *arg)
struct ifnet *
ifunit(const char *name)
{
INIT_VNET_NET(curvnet);
struct ifnet *ifp;
IFNET_RLOCK();
@ -2107,6 +2138,7 @@ ifpromisc(struct ifnet *ifp, int pswitch)
static int
ifconf(u_long cmd, caddr_t data)
{
INIT_VNET_NET(curvnet);
struct ifconf *ifc = (struct ifconf *)data;
#ifdef __amd64__
struct ifconf32 *ifc32 = (struct ifconf32 *)data;
@ -2466,6 +2498,7 @@ if_delmulti(struct ifnet *ifp, struct sockaddr *sa)
int lastref;
#ifdef INVARIANTS
struct ifnet *oifp;
INIT_VNET_NET(ifp->if_vnet);
IFNET_RLOCK();
TAILQ_FOREACH(oifp, &V_ifnet, if_link)
@ -2510,6 +2543,9 @@ if_delmulti(struct ifnet *ifp, struct sockaddr *sa)
void
if_delmulti_ifma(struct ifmultiaddr *ifma)
{
#ifdef DIAGNOSTIC
INIT_VNET_NET(curvnet);
#endif
struct ifnet *ifp;
int lastref;

5
sys/net/if_bridge.c
View File

@ -3039,6 +3039,8 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir)
}
if (IPFW_LOADED && pfil_ipfw != 0 && dir == PFIL_OUT && ifp != NULL) {
INIT_VNET_IPFW(curvnet);
error = -1;
args.rule = ip_dn_claim_rule(*mp);
if (args.rule != NULL && V_fw_one_pass)
@ -3223,6 +3225,7 @@ bad:
static int
bridge_ip_checkbasic(struct mbuf **mp)
{
INIT_VNET_INET(curvnet);
struct mbuf *m = *mp;
struct ip *ip;
int len, hlen;
@ -3318,6 +3321,7 @@ bad:
static int
bridge_ip6_checkbasic(struct mbuf **mp)
{
INIT_VNET_INET6(curvnet);
struct mbuf *m = *mp;
struct ip6_hdr *ip6;
@ -3372,6 +3376,7 @@ static int
bridge_fragment(struct ifnet *ifp, struct mbuf *m, struct ether_header *eh,
int snap, struct llc *llc)
{
INIT_VNET_INET(curvnet);
struct mbuf *m0;
struct ip *ip;
int error = -1;

52
sys/net/if_ef.c
View File

@ -484,43 +484,51 @@ ef_clone(struct ef_link *efl, int ft)
static int
ef_load(void)
{
VNET_ITERATOR_DECL(vnet_iter);
struct ifnet *ifp;
struct efnet *efp;
struct ef_link *efl = NULL, *efl_temp;
int error = 0, d;
IFNET_RLOCK();
TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
if (ifp->if_type != IFT_ETHER) continue;
EFDEBUG("Found interface %s\n", ifp->if_xname);
efl = (struct ef_link*)malloc(sizeof(struct ef_link),
M_IFADDR, M_WAITOK | M_ZERO);
if (efl == NULL) {
error = ENOMEM;
break;
}
VNET_LIST_RLOCK();
VNET_FOREACH(vnet_iter) {
CURVNET_SET(vnet_iter);
INIT_VNET_NET(vnet_iter);
IFNET_RLOCK();
TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
if (ifp->if_type != IFT_ETHER) continue;
EFDEBUG("Found interface %s\n", ifp->if_xname);
efl = (struct ef_link*)malloc(sizeof(struct ef_link),
M_IFADDR, M_WAITOK | M_ZERO);
if (efl == NULL) {
error = ENOMEM;
break;
}
efl->el_ifp = ifp;
efl->el_ifp = ifp;
#ifdef ETHER_II
error = ef_clone(efl, ETHER_FT_EII);
if (error) break;
error = ef_clone(efl, ETHER_FT_EII);
if (error) break;
#endif
#ifdef ETHER_8023
error = ef_clone(efl, ETHER_FT_8023);
if (error) break;
error = ef_clone(efl, ETHER_FT_8023);
if (error) break;
#endif
#ifdef ETHER_8022
error = ef_clone(efl, ETHER_FT_8022);
if (error) break;
error = ef_clone(efl, ETHER_FT_8022);
if (error) break;
#endif
#ifdef ETHER_SNAP
error = ef_clone(efl, ETHER_FT_SNAP);
if (error) break;
error = ef_clone(efl, ETHER_FT_SNAP);
if (error) break;
#endif
efcount++;
SLIST_INSERT_HEAD(&efdev, efl, el_next);
efcount++;
SLIST_INSERT_HEAD(&efdev, efl, el_next);
}
IFNET_RUNLOCK();
CURVNET_RESTORE();
}
IFNET_RUNLOCK();
VNET_LIST_RUNLOCK();
if (error) {
if (efl)
SLIST_INSERT_HEAD(&efdev, efl, el_next);

7
sys/net/if_ethersubr.c
View File

@ -393,6 +393,7 @@ ether_output_frame(struct ifnet *ifp, struct mbuf *m)
{
int error;
#if defined(INET) || defined(INET6)
INIT_VNET_NET(ifp->if_vnet);
struct ip_fw *rule = ip_dn_claim_rule(m);
if (IPFW_LOADED && V_ether_ipfw != 0) {
@ -424,6 +425,7 @@ int
ether_ipfw_chk(struct mbuf **m0, struct ifnet *dst,
struct ip_fw **rule, int shared)
{
INIT_VNET_IPFW(dst->if_vnet);
struct ether_header *eh;
struct ether_header save_eh;
struct mbuf *m;
@ -716,6 +718,7 @@ ether_demux(struct ifnet *ifp, struct mbuf *m)
KASSERT(ifp != NULL, ("%s: NULL interface pointer", __func__));
#if defined(INET) || defined(INET6)
INIT_VNET_NET(ifp->if_vnet);
/*
* Allow dummynet and/or ipfw to claim the frame.
* Do not do this for PROMISC frames in case we are re-entered.
@ -937,8 +940,8 @@ ether_ifdetach(struct ifnet *ifp)
SYSCTL_DECL(_net_link);
SYSCTL_NODE(_net_link, IFT_ETHER, ether, CTLFLAG_RW, 0, "Ethernet");
#if defined(INET) || defined(INET6)
SYSCTL_INT(_net_link_ether, OID_AUTO, ipfw, CTLFLAG_RW,
&ether_ipfw,0,"Pass ether pkts through firewall");
SYSCTL_V_INT(V_NET, vnet_net, _net_link_ether, OID_AUTO, ipfw, CTLFLAG_RW,
ether_ipfw, 0, "Pass ether pkts through firewall");
#endif
#if 0

1
sys/net/if_faith.c
View File

@ -324,6 +324,7 @@ static int
faithprefix(in6)
struct in6_addr *in6;
{
INIT_VNET_INET6(curvnet);
struct rtentry *rt;
struct sockaddr_in6 sin6;
int ret;

19
sys/net/if_gif.c
View File

@ -123,9 +123,17 @@ SYSCTL_NODE(_net_link, IFT_GIF, gif, CTLFLAG_RW, 0,
*/
#define MAX_GIF_NEST 1
#endif
#ifndef VIMAGE
static int max_gif_nesting = MAX_GIF_NEST;
SYSCTL_INT(_net_link_gif, OID_AUTO, max_nesting, CTLFLAG_RW,
&max_gif_nesting, 0, "Max nested tunnels");
#endif
SYSCTL_V_INT(V_NET, vnet_gif, _net_link_gif, OID_AUTO, max_nesting,
CTLFLAG_RW, max_gif_nesting, 0, "Max nested tunnels");
#ifdef INET6
SYSCTL_DECL(_net_inet6_ip6);
SYSCTL_V_INT(V_NET, vnet_gif, _net_inet6_ip6, IPV6CTL_GIF_HLIM,
gifhlim, CTLFLAG_RW, ip6_gif_hlim, 0, "");
#endif
/*
* By default, we disallow creation of multiple tunnels between the same
@ -137,8 +145,8 @@ static int parallel_tunnels = 1;
#else
static int parallel_tunnels = 0;
#endif
SYSCTL_INT(_net_link_gif, OID_AUTO, parallel_tunnels, CTLFLAG_RW,
&parallel_tunnels, 0, "Allow parallel tunnels?");
SYSCTL_V_INT(V_NET, vnet_gif, _net_link_gif, OID_AUTO, parallel_tunnels,
CTLFLAG_RW, parallel_tunnels, 0, "Allow parallel tunnels?");
/* copy from src/sys/net/if_ethersubr.c */
static const u_char etherbroadcastaddr[ETHER_ADDR_LEN] =
@ -154,6 +162,7 @@ gif_clone_create(ifc, unit, params)
int unit;
caddr_t params;
{
INIT_VNET_GIF(curvnet);
struct gif_softc *sc;
sc = malloc(sizeof(struct gif_softc), M_GIF, M_WAITOK | M_ZERO);
@ -364,6 +373,7 @@ gif_output(ifp, m, dst, rt)
struct sockaddr *dst;
struct rtentry *rt; /* added in net2 */
{
INIT_VNET_GIF(ifp->if_vnet);
struct gif_softc *sc = ifp->if_softc;
struct m_tag *mtag;
int error = 0;
@ -854,6 +864,7 @@ gif_set_tunnel(ifp, src, dst)
struct sockaddr *src;
struct sockaddr *dst;
{
INIT_VNET_GIF(ifp->if_vnet);
struct gif_softc *sc = ifp->if_softc;
struct gif_softc *sc2;
struct sockaddr *osrc, *odst, *sa;

24
sys/net/if_gif.h
View File

@ -110,6 +110,30 @@ int gif_set_tunnel(struct ifnet *, struct sockaddr *, struct sockaddr *);
void gif_delete_tunnel(struct ifnet *);
int gif_encapcheck(const struct mbuf *, int, int, void *);
/*
* Virtualization support
*/
#ifdef VIMAGE
struct vnet_gif {
LIST_HEAD(, gif_softc) _gif_softc_list;
int _max_gif_nesting;
int _parallel_tunnels;
int _ip_gif_ttl;
int _ip6_gif_hlim;
};
#endif
#define INIT_VNET_GIF(vnet) \
INIT_FROM_VNET(vnet, VNET_MOD_GIF, struct vnet_gif, vnet_gif)
#define VNET_GIF(sym) VSYM(vnet_gif, sym)
#define V_gif_softc_list VNET_GIF(gif_softc_list)
#define V_max_gif_nesting VNET_GIF(max_gif_nesting)
#define V_parallel_tunnels VNET_GIF(parallel_tunnels)
#define V_ip_gif_ttl VNET_GIF(ip_gif_ttl)
#define V_ip6_gif_hlim VNET_GIF(ip6_gif_hlim)
#endif /* _KERNEL */
#endif /* _NET_IF_GIF_H_ */

3
sys/net/if_gre.c
View File

@ -241,6 +241,9 @@ static int
gre_output(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst,
struct rtentry *rt)
{
#ifdef INET6
INIT_VNET_INET(ifp->if_vnet);
#endif
int error = 0;
struct gre_softc *sc = ifp->if_softc;
struct greip *gh;

2
sys/net/if_loop.c
View File

@ -115,6 +115,7 @@ lo_clone_destroy(struct ifnet *ifp)
static int
lo_clone_create(struct if_clone *ifc, int unit, caddr_t params)
{
INIT_VNET_NET(curvnet);
struct ifnet *ifp;
ifp = if_alloc(IFT_LOOP);
@ -214,6 +215,7 @@ looutput(struct ifnet *ifp, struct mbuf *m, struct sockaddr *dst,
int
if_simloop(struct ifnet *ifp, struct mbuf *m, int af, int hlen)
{
INIT_VNET_NET(ifp->if_vnet);
int isr;
M_ASSERTPKTHDR(m);

7
sys/net/if_mib.c
View File

@ -65,12 +65,15 @@
SYSCTL_DECL(_net_link_generic);
SYSCTL_NODE(_net_link_generic, IFMIB_SYSTEM, system, CTLFLAG_RW, 0,
"Variables global to all interfaces");
SYSCTL_INT(_net_link_generic_system, IFMIB_IFCOUNT, ifcount, CTLFLAG_RD,
&if_index, 0, "Number of configured interfaces");
SYSCTL_V_INT(V_NET, vnet_net, _net_link_generic_system, IFMIB_IFCOUNT,
ifcount, CTLFLAG_RD, if_index, 0,
"Number of configured interfaces");
static int
sysctl_ifdata(SYSCTL_HANDLER_ARGS) /* XXX bad syntax! */
{
INIT_VNET_NET(curvnet);
int *name = (int *)arg1;
int error;
u_int namelen = arg2;

1
sys/net/if_spppsubr.c
View File

@ -4875,6 +4875,7 @@ sppp_get_ip_addrs(struct sppp *sp, u_long *src, u_long *dst, u_long *srcmask)
static void
sppp_set_ip_addr(struct sppp *sp, u_long src)
{
INIT_VNET_INET(curvnet);
STDDCL;
struct ifaddr *ifa;
struct sockaddr_in *si;

2
sys/net/if_stf.c
View File

@ -375,6 +375,7 @@ static struct in6_ifaddr *
stf_getsrcifa6(ifp)
struct ifnet *ifp;
{
INIT_VNET_INET(ifp->if_vnet);
struct ifaddr *ia;
struct in_ifaddr *ia4;
struct sockaddr_in6 *sin6;
@ -584,6 +585,7 @@ stf_checkaddr4(sc, in, inifp)
struct in_addr *in;
struct ifnet *inifp; /* incoming interface */
{
INIT_VNET_INET(curvnet);
struct in_ifaddr *ia4;
/*

9
sys/net/if_tun.c
View File

@ -43,6 +43,7 @@
#include <sys/uio.h>
#include <sys/malloc.h>
#include <sys/random.h>
#include <sys/vimage.h>
#include <net/if.h>
#include <net/if_clone.h>
@ -224,6 +225,7 @@ tunclone(void *arg, struct ucred *cred, char *name, int namelen,
else
append_unit = 0;
CURVNET_SET(TD_TO_VNET(curthread));
/* find any existing device, or allocate new unit number */
i = clone_create(&tunclones, &tun_cdevsw, &u, dev, 0);
if (i) {
@ -242,6 +244,7 @@ tunclone(void *arg, struct ucred *cred, char *name, int namelen,
}
if_clone_create(name, namelen, NULL);
CURVNET_RESTORE();
}
static void
@ -253,6 +256,7 @@ tun_destroy(struct tun_softc *tp)
KASSERT((tp->tun_flags & TUN_OPEN) == 0,
("tununits is out of sync - unit %d", TUN2IFP(tp)->if_dunit));
CURVNET_SET(TUN2IFP(tp)->if_vnet);
dev = tp->tun_dev;
bpfdetach(TUN2IFP(tp));
if_detach(TUN2IFP(tp));
@ -261,6 +265,7 @@ tun_destroy(struct tun_softc *tp)
knlist_destroy(&tp->tun_rsel.si_note);
mtx_destroy(&tp->tun_mtx);
free(tp, M_TUN);
CURVNET_RESTORE();
}
static void
@ -447,6 +452,7 @@ tunclose(struct cdev *dev, int foo, int bar, struct thread *td)
/*
* junk all pending output
*/
CURVNET_SET(ifp->if_vnet);
s = splimp();
IFQ_PURGE(&ifp->if_snd);
splx(s);
@ -476,6 +482,7 @@ tunclose(struct cdev *dev, int foo, int bar, struct thread *td)
ifp->if_drv_flags &= ~IFF_DRV_RUNNING;
splx(s);
}
CURVNET_RESTORE();
funsetown(&tp->tun_sigio);
selwakeuppri(&tp->tun_rsel, PZERO + 1);
@ -924,7 +931,9 @@ tunwrite(struct cdev *dev, struct uio *uio, int flag)
random_harvest(m, 16, 3, 0, RANDOM_NET);
ifp->if_ibytes += m->m_pkthdr.len;
ifp->if_ipackets++;
CURVNET_SET(ifp->if_vnet);
netisr_dispatch(isr, m);
CURVNET_RESTORE();
return (0);
}

2
sys/net/if_var.h
View File

@ -713,6 +713,8 @@ int ether_poll_register(poll_handler_t *h, struct ifnet *ifp);
int ether_poll_deregister(struct ifnet *ifp);
#endif /* DEVICE_POLLING */
#include <net/vnet.h>
#endif /* _KERNEL */
#endif /* !_NET_IF_VAR_H_ */

4
sys/net/if_vlan.c
View File

@ -422,6 +422,8 @@ vlan_setmulti(struct ifnet *ifp)
sc = ifp->if_softc;
ifp_p = PARENT(sc);
CURVNET_SET_QUIET(ifp_p->if_vnet);
bzero((char *)&sdl, sizeof(sdl));
sdl.sdl_len = sizeof(sdl);
sdl.sdl_family = AF_LINK;
@ -456,6 +458,7 @@ vlan_setmulti(struct ifnet *ifp)
return (error);
}
CURVNET_RESTORE();
return (0);
}
@ -573,6 +576,7 @@ MODULE_DEPEND(if_vlan, miibus, 1, 1, 1);
static struct ifnet *
vlan_clone_match_ethertag(struct if_clone *ifc, const char *name, int *tag)
{
INIT_VNET_NET(curvnet);
const char *cp;
struct ifnet *ifp;
int t = 0;

2
sys/net/raw_cb.c
View File

@ -44,6 +44,7 @@
#include <sys/systm.h>
#include <sys/vimage.h>
#include <net/if.h>
#include <net/raw_cb.h>
/*
@ -75,6 +76,7 @@ SYSCTL_ULONG(_net_raw, OID_AUTO, recvspace, CTLFLAG_RW, &raw_recvspace, 0,
int
raw_attach(struct socket *so, int proto)
{
INIT_VNET_NET(so->so_vnet);
struct rawcb *rp = sotorawcb(so);
int error;

3
sys/net/raw_usrreq.c
View File

@ -46,6 +46,7 @@
#include <sys/systm.h>
#include <sys/vimage.h>
#include <net/if.h>
#include <net/raw_cb.h>
MTX_SYSINIT(rawcb_mtx, &rawcb_mtx, "rawcb", MTX_DEF);
@ -56,6 +57,7 @@ MTX_SYSINIT(rawcb_mtx, &rawcb_mtx, "rawcb", MTX_DEF);
void
raw_init(void)
{
INIT_VNET_NET(curvnet);
LIST_INIT(&V_rawcb_list);
}
@ -70,6 +72,7 @@ raw_init(void)
void
raw_input(struct mbuf *m0, struct sockproto *proto, struct sockaddr *src)
{
INIT_VNET_NET(curvnet);
struct rawcb *rp;
struct mbuf *m = m0;
struct socket *last;

7
sys/net/route.c
View File

@ -257,6 +257,7 @@ struct rtentry *
rtalloc1_fib(struct sockaddr *dst, int report, u_long ignflags,
u_int fibnum)
{
INIT_VNET_NET(curvnet);
struct radix_node_head *rnh;
struct rtentry *rt;
struct radix_node *rn;
@ -362,6 +363,7 @@ rtalloc1_fib(struct sockaddr *dst, int report, u_long ignflags,
void
rtfree(struct rtentry *rt)
{
INIT_VNET_NET(curvnet);
struct radix_node_head *rnh;
KASSERT(rt != NULL,("%s: NULL rt", __func__));
@ -462,6 +464,7 @@ rtredirect_fib(struct sockaddr *dst,
struct sockaddr *src,
u_int fibnum)
{
INIT_VNET_NET(curvnet);
struct rtentry *rt, *rt0 = NULL;
int error = 0;
short *stat = NULL;
@ -768,6 +771,7 @@ rt_getifa_fib(struct rt_addrinfo *info, u_int fibnum)
int
rtexpunge(struct rtentry *rt)
{
INIT_VNET_NET(curvnet);
struct radix_node *rn;
struct radix_node_head *rnh;
struct ifaddr *ifa;
@ -859,6 +863,7 @@ int
rtrequest1_fib(int req, struct rt_addrinfo *info, struct rtentry **ret_nrt,
u_int fibnum)
{
INIT_VNET_NET(curvnet);
int error = 0;
register struct rtentry *rt;
register struct radix_node *rn;
@ -1289,6 +1294,7 @@ delete_rt:
int
rt_setgate(struct rtentry *rt, struct sockaddr *dst, struct sockaddr *gate)
{
INIT_VNET_NET(curvnet);
/* XXX dst may be overwritten, can we move this to below */
struct radix_node_head *rnh =
V_rt_tables[rt->rt_fibnum][dst->sa_family];
@ -1431,6 +1437,7 @@ rt_maskedcopy(struct sockaddr *src, struct sockaddr *dst, struct sockaddr *netma
static inline int
rtinit1(struct ifaddr *ifa, int cmd, int flags, int fibnum)
{
INIT_VNET_NET(curvnet);
struct sockaddr *dst;
struct sockaddr *netmask;
struct rtentry *rt = NULL;

5
sys/net/rtsock.c
View File

@ -314,6 +314,7 @@ static int
route_output(struct mbuf *m, struct socket *so)
{
#define sa_equal(a1, a2) (bcmp((a1), (a2), (a1)->sa_len) == 0)
INIT_VNET_NET(so->so_vnet);
struct rt_msghdr *rtm = NULL;
struct rtentry *rt = NULL;
struct radix_node_head *rnh;
@ -1075,6 +1076,7 @@ rt_ifannouncemsg(struct ifnet *ifp, int what)
static void
rt_dispatch(struct mbuf *m, const struct sockaddr *sa)
{
INIT_VNET_NET(curvnet);
struct m_tag *tag;
/*
@ -1138,6 +1140,7 @@ sysctl_dumpentry(struct radix_node *rn, void *vw)
static int
sysctl_iflist(int af, struct walkarg *w)
{
INIT_VNET_NET(curvnet);
struct ifnet *ifp;
struct ifaddr *ifa;
struct rt_addrinfo info;
@ -1198,6 +1201,7 @@ done:
int
sysctl_ifmalist(int af, struct walkarg *w)
{
INIT_VNET_NET(curvnet);
struct ifnet *ifp;
struct ifmultiaddr *ifma;
struct rt_addrinfo info;
@ -1247,6 +1251,7 @@ done:
static int
sysctl_rtsock(SYSCTL_HANDLER_ARGS)
{
INIT_VNET_NET(curvnet);
int *name = (int *)arg1;
u_int namelen = arg2;
struct radix_node_head *rnh;

93
sys/net/vnet.h Normal file
View File

@ -0,0 +1,93 @@
/*-
* Copyright (c) 2006-2008 University of Zagreb
* Copyright (c) 2006-2008 FreeBSD Foundation
*
* This software was developed by the University of Zagreb and the
* FreeBSD Foundation under sponsorship by the Stichting NLnet and the
* FreeBSD Foundation.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $FreeBSD$
*/
#ifndef _NET_VNET_H_
#define _NET_VNET_H_
#ifdef VIMAGE
#include "opt_route.h"
#include <sys/proc.h>
#include <sys/protosw.h>
#include <sys/socket.h>
#include <net/if.h>
#include <net/if_var.h>
#include <net/route.h>
#include <net/raw_cb.h>
struct vnet_net {
int _if_index;
struct ifindex_entry *_ifindex_table;
struct ifnethead _ifnet;
struct ifgrouphead _ifg_head;
int _if_indexlim;
struct knlist _ifklist;
struct rtstat _rtstat;
struct radix_node_head *_rt_tables[RT_MAXFIBS][AF_MAX+1];
int _rttrash;
struct ifnet *_loif;
LIST_HEAD(, lo_softc) _lo_list;
LIST_HEAD(, rawcb) _rawcb_list;
int _ether_ipfw;
};
#endif
/*
* Symbol translation macros
*/
#define INIT_VNET_NET(vnet) \
INIT_FROM_VNET(vnet, VNET_MOD_NET, struct vnet_net, vnet_net)
#define VNET_NET(sym) VSYM(vnet_net, sym)
#define V_ether_ipfw VNET_NET(ether_ipfw)
#define V_if_index VNET_NET(if_index)
#define V_if_indexlim VNET_NET(if_indexlim)
#define V_ifg_head VNET_NET(ifg_head)
#define V_ifindex_table VNET_NET(ifindex_table)
#define V_ifklist VNET_NET(ifklist)
#define V_ifnet VNET_NET(ifnet)
#define V_lo_list VNET_NET(lo_list)
#define V_loif VNET_NET(loif)
#define V_rawcb_list VNET_NET(rawcb_list)
#define V_rt_tables VNET_NET(rt_tables)
#define V_rtstat VNET_NET(rtstat)
#define V_rttrash VNET_NET(rttrash)
#endif /* !_NET_VNET_H_ */

33
sys/net80211/ieee80211_ddb.c
View File

@ -189,6 +189,7 @@ DB_SHOW_COMMAND(com, db_show_com)
DB_SHOW_ALL_COMMAND(vaps, db_show_all_vaps)
{
VNET_ITERATOR_DECL(vnet_iter);
const struct ifnet *ifp;
int i, showall = 0;
@ -199,21 +200,25 @@ DB_SHOW_ALL_COMMAND(vaps, db_show_all_vaps)
break;
}
TAILQ_FOREACH(ifp, &V_ifnet, if_list)
if (ifp->if_type == IFT_IEEE80211) {
const struct ieee80211com *ic = ifp->if_l2com;
VNET_FOREACH(vnet_iter) {
INIT_VNET_NET(vnet_iter);
TAILQ_FOREACH(ifp, &V_ifnet, if_list)
if (ifp->if_type == IFT_IEEE80211) {
const struct ieee80211com *ic = ifp->if_l2com;
if (!showall) {
const struct ieee80211vap *vap;
db_printf("%s: com %p vaps:",
ifp->if_xname, ic);
TAILQ_FOREACH(vap, &ic->ic_vaps, iv_next)
db_printf(" %s(%p)",
vap->iv_ifp->if_xname, vap);
db_printf("\n");
} else
_db_show_com(ic, 1, 1, 1);
}
if (!showall) {
const struct ieee80211vap *vap;
db_printf("%s: com %p vaps:",
ifp->if_xname, ic);
TAILQ_FOREACH(vap, &ic->ic_vaps,
iv_next)
db_printf(" %s(%p)",
vap->iv_ifp->if_xname, vap);
db_printf("\n");
} else
_db_show_com(ic, 1, 1, 1);
}
}
}
static void

27
sys/netgraph/atm/ng_atm.c
View File

@ -1379,6 +1379,7 @@ ng_atm_constructor(node_p nodep)
static int
ng_atm_mod_event(module_t mod, int event, void *data)
{
VNET_ITERATOR_DECL(vnet_iter);
struct ifnet *ifp;
int error = 0;
@ -1402,10 +1403,17 @@ ng_atm_mod_event(module_t mod, int event, void *data)
ng_atm_event_p = ng_atm_event;
/* Create nodes for existing ATM interfaces */
TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
if (ifp->if_type == IFT_ATM)
ng_atm_attach(ifp);
VNET_LIST_RLOCK();
VNET_FOREACH(vnet_iter) {
CURVNET_SET_QUIET(vnet_iter);
INIT_VNET_NET(vnet_iter);
TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
if (ifp->if_type == IFT_ATM)
ng_atm_attach(ifp);
}
CURVNET_RESTORE();
}
VNET_LIST_RUNLOCK();
IFNET_RUNLOCK();
break;
@ -1419,10 +1427,17 @@ ng_atm_mod_event(module_t mod, int event, void *data)
ng_atm_input_orphan_p = NULL;
ng_atm_event_p = NULL;
TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
if (ifp->if_type == IFT_ATM)
ng_atm_detach(ifp);
VNET_LIST_RLOCK();
VNET_FOREACH(vnet_iter) {
CURVNET_SET_QUIET(vnet_iter);
INIT_VNET_NET(vnet_iter);
TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
if (ifp->if_type == IFT_ATM)
ng_atm_detach(ifp);
}
CURVNET_RESTORE();
}
VNET_LIST_RUNLOCK();
IFNET_RUNLOCK();
break;

19
sys/netgraph/netgraph.h
View File

@ -1184,4 +1184,23 @@ typedef void *meta_p;
#define NGI_GET_META(i,m)
#define ng_copy_meta(meta) NULL
/* Hash related definitions */
#define NG_ID_HASH_SIZE 128 /* most systems wont need even this many */
/* Virtualization macros */
#define INIT_VNET_NETGRAPH(vnet) \
INIT_FROM_VNET(vnet, VNET_MOD_NETGRAPH, \
struct vnet_netgraph, vnet_netgraph)
#define VNET_NETGRAPH(sym) VSYM(vnet_netgraph, sym)
/* Symbol translation macros */
#define V_nextID VNET_NETGRAPH(nextID)
#define V_ng_ID_hash VNET_NETGRAPH(ng_ID_hash)
#define V_ng_eiface_unit VNET_NETGRAPH(ng_eiface_unit)
#define V_ng_iface_unit VNET_NETGRAPH(ng_iface_unit)
#define V_ng_name_hash VNET_NETGRAPH(ng_name_hash)
#define V_ng_nodelist VNET_NETGRAPH(ng_nodelist)
#define V_ng_wormhole_unit VNET_NETGRAPH(ng_wormhole_unit)
#endif /* _NETGRAPH_NETGRAPH_H_ */

6
sys/netgraph/ng_base.c
View File

@ -167,7 +167,6 @@ static struct mtx ng_typelist_mtx;
/* Hash related definitions */
/* XXX Don't need to initialise them because it's a LIST */
#define NG_ID_HASH_SIZE 128 /* most systems wont need even this many */
static LIST_HEAD(, ng_node) ng_ID_hash[NG_ID_HASH_SIZE];
static struct mtx ng_idhash_mtx;
/* Method to find a node.. used twice so do it here */
@ -612,6 +611,7 @@ ng_make_node(const char *typename, node_p *nodepp)
int
ng_make_node_common(struct ng_type *type, node_p *nodepp)
{
INIT_VNET_NETGRAPH(curvnet);
node_p node;
/* Require the node type to have been already installed */
@ -793,6 +793,7 @@ ng_unref_node(node_p node)
static node_p
ng_ID2noderef(ng_ID_t ID)
{
INIT_VNET_NETGRAPH(curvnet);
node_p node;
mtx_lock(&ng_idhash_mtx);
NG_IDHASH_FIND(ID, node);
@ -818,6 +819,7 @@ ng_node2ID(node_p node)
int
ng_name_node(node_p node, const char *name)
{
INIT_VNET_NETGRAPH(curvnet);
int i, hash;
node_p node2;
@ -868,6 +870,7 @@ ng_name_node(node_p node, const char *name)
node_p
ng_name2noderef(node_p here, const char *name)
{
INIT_VNET_NETGRAPH(curvnet);
node_p node;
ng_ID_t temp;
int hash;
@ -2430,6 +2433,7 @@ ng_apply_item(node_p node, item_p item, int rw)
static int
ng_generic_msg(node_p here, item_p item, hook_p lasthook)
{
INIT_VNET_NETGRAPH(curvnet);
int error = 0;
struct ng_mesg *msg;
struct ng_mesg *resp = NULL;

8
sys/netgraph/ng_eiface.c
View File

@ -333,6 +333,7 @@ ng_eiface_print_ioctl(struct ifnet *ifp, int command, caddr_t data)
static int
ng_eiface_constructor(node_p node)
{
INIT_VNET_NETGRAPH(curvnet);
struct ifnet *ifp;
priv_p priv;
u_char eaddr[6] = {0,0,0,0,0,0};
@ -545,11 +546,18 @@ ng_eiface_rcvdata(hook_p hook, item_p item)
static int
ng_eiface_rmnode(node_p node)
{
INIT_VNET_NETGRAPH(curvnet);
const priv_p priv = NG_NODE_PRIVATE(node);
struct ifnet *const ifp = priv->ifp;
/*
* the ifnet may be in a different vnet than the netgraph node,
* hence we have to change the current vnet context here.
*/
CURVNET_SET_QUIET(ifp->if_vnet);
ether_ifdetach(ifp);
if_free(ifp);
CURVNET_RESTORE();
free_unr(V_ng_eiface_unit, priv->unit);
FREE(priv, M_NETGRAPH);
NG_NODE_SET_PRIVATE(node, NULL);

14
sys/netgraph/ng_gif.c
View File

@ -541,6 +541,7 @@ ng_gif_disconnect(hook_p hook)
static int
ng_gif_mod_event(module_t mod, int event, void *data)
{
VNET_ITERATOR_DECL(vnet_iter);
struct ifnet *ifp;
int error = 0;
int s;
@ -561,10 +562,17 @@ ng_gif_mod_event(module_t mod, int event, void *data)
/* Create nodes for any already-existing gif interfaces */
IFNET_RLOCK();
TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
if (ifp->if_type == IFT_GIF)
ng_gif_attach(ifp);
VNET_LIST_RLOCK();
VNET_FOREACH(vnet_iter) {
CURVNET_SET_QUIET(vnet_iter); /* XXX revisit quiet */
INIT_VNET_NET(curvnet);
TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
if (ifp->if_type == IFT_GIF)
ng_gif_attach(ifp);
}
CURVNET_RESTORE();
}
VNET_LIST_RUNLOCK();
IFNET_RUNLOCK();
break;

8
sys/netgraph/ng_iface.c
View File

@ -506,6 +506,7 @@ ng_iface_print_ioctl(struct ifnet *ifp, int command, caddr_t data)
static int
ng_iface_constructor(node_p node)
{
INIT_VNET_NETGRAPH(curvnet);
struct ifnet *ifp;
priv_p priv;
@ -766,11 +767,18 @@ ng_iface_rcvdata(hook_p hook, item_p item)
static int
ng_iface_shutdown(node_p node)
{
INIT_VNET_NETGRAPH(curvnet);
const priv_p priv = NG_NODE_PRIVATE(node);
/*
* The ifnet may be in a different vnet than the netgraph node,
* hence we have to change the current vnet context here.
*/
CURVNET_SET_QUIET(priv->ifp->if_vnet);
bpfdetach(priv->ifp);
if_detach(priv->ifp);
if_free(priv->ifp);
CURVNET_RESTORE();
priv->ifp = NULL;
free_unr(V_ng_iface_unit, priv->unit);
FREE(priv, M_NETGRAPH_IFACE);

21
sys/netinet/if_ether.c
View File

@ -104,12 +104,15 @@ static int arp_maxtries = 5;
static int useloopback = 1; /* use loopback interface for local traffic */
static int arp_proxyall = 0;
SYSCTL_INT(_net_link_ether_inet, OID_AUTO, maxtries, CTLFLAG_RW,
&arp_maxtries, 0, "ARP resolution attempts before returning error");
SYSCTL_INT(_net_link_ether_inet, OID_AUTO, useloopback, CTLFLAG_RW,
&useloopback, 0, "Use the loopback interface for local traffic");
SYSCTL_INT(_net_link_ether_inet, OID_AUTO, proxyall, CTLFLAG_RW,
&arp_proxyall, 0, "Enable proxy ARP for all suitable requests");
SYSCTL_V_INT(V_NET, vnet_inet, _net_link_ether_inet, OID_AUTO, maxtries,
CTLFLAG_RW, arp_maxtries, 0,
"ARP resolution attempts before returning error");
SYSCTL_V_INT(V_NET, vnet_inet, _net_link_ether_inet, OID_AUTO, useloopback,
CTLFLAG_RW, useloopback, 0,
"Use the loopback interface for local traffic");
SYSCTL_V_INT(V_NET, vnet_inet, _net_link_ether_inet, OID_AUTO, proxyall,
CTLFLAG_RW, arp_proxyall, 0,
"Enable proxy ARP for all suitable requests");
static void arp_init(void);
static void arp_rtrequest(int, struct rtentry *, struct rt_addrinfo *);
@ -150,6 +153,8 @@ arptimer(void *arg)
static void
arp_rtrequest(int req, struct rtentry *rt, struct rt_addrinfo *info)
{
INIT_VNET_NET(curvnet);
INIT_VNET_INET(curvnet);
struct sockaddr *gate;
struct llinfo_arp *la;
static struct sockaddr_dl null_sdl = {sizeof(null_sdl), AF_LINK};
@ -361,6 +366,7 @@ int
arpresolve(struct ifnet *ifp, struct rtentry *rt0, struct mbuf *m,
struct sockaddr *dst, u_char *desten)
{
INIT_VNET_INET(ifp->if_vnet);
struct llinfo_arp *la = NULL;
struct rtentry *rt = NULL;
struct sockaddr_dl *sdl;
@ -613,7 +619,8 @@ in_arpinput(struct mbuf *m)
sin.sin_len = sizeof(struct sockaddr_in);
sin.sin_family = AF_INET;
sin.sin_addr.s_addr = 0;
INIT_VNET_INET(ifp->if_vnet);
if (ifp->if_bridge)
bridged = 1;
if (ifp->if_type == IFT_BRIDGE)

55
sys/netinet/igmp.c
View File

@ -82,8 +82,8 @@ static void igmp_sendpkt(struct in_multi *, int, unsigned long);
static struct igmpstat igmpstat;
SYSCTL_STRUCT(_net_inet_igmp, IGMPCTL_STATS, stats, CTLFLAG_RW, &igmpstat,
igmpstat, "");
SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_igmp, IGMPCTL_STATS,
stats, CTLFLAG_RW, igmpstat, igmpstat, "");
/*
* igmp_mtx protects all mutable global variables in igmp.c, as well as the
@ -116,6 +116,7 @@ static struct route igmprt;
void
igmp_init(void)
{
INIT_VNET_INET(curvnet);
struct ipoption *ra;
/*
@ -145,6 +146,7 @@ igmp_init(void)
static struct router_info *
find_rti(struct ifnet *ifp)
{
INIT_VNET_INET(ifp->if_vnet);
struct router_info *rti;
mtx_assert(&igmp_mtx, MA_OWNED);
@ -183,6 +185,7 @@ igmp_input(register struct mbuf *m, int off)
struct in_multistep step;
struct router_info *rti;
int timer; /** timer value in the igmp query header **/
INIT_VNET_INET(ifp->if_vnet);
++V_igmpstat.igps_rcv_total;
@ -410,6 +413,7 @@ igmp_leavegroup(struct in_multi *inm)
void
igmp_fasttimo(void)
{
VNET_ITERATOR_DECL(vnet_iter);
register struct in_multi *inm;
struct in_multistep step;
@ -423,35 +427,50 @@ igmp_fasttimo(void)
IN_MULTI_LOCK();
igmp_timers_are_running = 0;
IN_FIRST_MULTI(step, inm);
while (inm != NULL) {
if (inm->inm_timer == 0) {
/* do nothing */
} else if (--inm->inm_timer == 0) {
igmp_sendpkt(inm, inm->inm_rti->rti_type, 0);
inm->inm_state = IGMP_IREPORTEDLAST;
} else {
igmp_timers_are_running = 1;
VNET_LIST_RLOCK();
VNET_FOREACH(vnet_iter) {
CURVNET_SET(vnet_iter);
INIT_VNET_INET(vnet_iter);
IN_FIRST_MULTI(step, inm);
while (inm != NULL) {
if (inm->inm_timer == 0) {
/* do nothing */
} else if (--inm->inm_timer == 0) {
igmp_sendpkt(inm, inm->inm_rti->rti_type, 0);
inm->inm_state = IGMP_IREPORTEDLAST;
} else {
igmp_timers_are_running = 1;
}
IN_NEXT_MULTI(step, inm);
}
IN_NEXT_MULTI(step, inm);
CURVNET_RESTORE();
}
VNET_LIST_RUNLOCK();
IN_MULTI_UNLOCK();
}
void
igmp_slowtimo(void)
{
VNET_ITERATOR_DECL(vnet_iter);
struct router_info *rti;
IGMP_PRINTF("[igmp.c,_slowtimo] -- > entering \n");
mtx_lock(&igmp_mtx);
SLIST_FOREACH(rti, &V_router_info_head, rti_list) {
if (rti->rti_type == IGMP_V1_ROUTER) {
rti->rti_time++;
if (rti->rti_time >= IGMP_AGE_THRESHOLD)
rti->rti_type = IGMP_V2_ROUTER;
VNET_LIST_RLOCK();
VNET_FOREACH(vnet_iter) {
CURVNET_SET(vnet_iter);
INIT_VNET_INET(vnet_iter);
SLIST_FOREACH(rti, &V_router_info_head, rti_list) {
if (rti->rti_type == IGMP_V1_ROUTER) {
rti->rti_time++;
if (rti->rti_time >= IGMP_AGE_THRESHOLD)
rti->rti_type = IGMP_V2_ROUTER;
}
}
CURVNET_RESTORE();
}
VNET_LIST_RUNLOCK();
mtx_unlock(&igmp_mtx);
IGMP_PRINTF("[igmp.c,_slowtimo] -- > exiting \n");
}
@ -459,6 +478,8 @@ igmp_slowtimo(void)
static void
igmp_sendpkt(struct in_multi *inm, int type, unsigned long addr)
{
INIT_VNET_NET(curvnet);
INIT_VNET_INET(curvnet);
struct mbuf *m;
struct igmp *igmp;
struct ip *ip;

17
sys/netinet/in.c
View File

@ -67,11 +67,12 @@ static int in_ifinit(struct ifnet *,
static void in_purgemaddrs(struct ifnet *);
static int subnetsarelocal = 0;
SYSCTL_INT(_net_inet_ip, OID_AUTO, subnets_are_local, CTLFLAG_RW,
&subnetsarelocal, 0, "Treat all subnets as directly connected");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, subnets_are_local,
CTLFLAG_RW, subnetsarelocal, 0,
"Treat all subnets as directly connected");
static int sameprefixcarponly = 0;
SYSCTL_INT(_net_inet_ip, OID_AUTO, same_prefix_carp_only, CTLFLAG_RW,
&sameprefixcarponly, 0,
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, same_prefix_carp_only,
CTLFLAG_RW, sameprefixcarponly, 0,
"Refuse to create same prefixes on different interfaces");
extern struct inpcbinfo ripcbinfo;
@ -86,6 +87,7 @@ extern struct inpcbinfo udbinfo;
int
in_localaddr(struct in_addr in)
{
INIT_VNET_INET(curvnet);
register u_long i = ntohl(in.s_addr);
register struct in_ifaddr *ia;
@ -108,6 +110,7 @@ in_localaddr(struct in_addr in)
int
in_localip(struct in_addr in)
{
INIT_VNET_INET(curvnet);
struct in_ifaddr *ia;
LIST_FOREACH(ia, INADDR_HASH(in.s_addr), ia_hash) {
@ -200,6 +203,7 @@ int
in_control(struct socket *so, u_long cmd, caddr_t data, struct ifnet *ifp,
struct thread *td)
{
INIT_VNET_INET(curvnet); /* both so and ifp can be NULL here! */
register struct ifreq *ifr = (struct ifreq *)data;
register struct in_ifaddr *ia = 0, *iap;
register struct ifaddr *ifa;
@ -708,6 +712,7 @@ static int
in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin,
int scrub)
{
INIT_VNET_INET(ifp->if_vnet);
register u_long i = ntohl(sin->sin_addr.s_addr);
struct sockaddr_in oldaddr;
int s = splimp(), flags = RTF_UP, error = 0;
@ -810,6 +815,7 @@ in_ifinit(struct ifnet *ifp, struct in_ifaddr *ia, struct sockaddr_in *sin,
static int
in_addprefix(struct in_ifaddr *target, int flags)
{
INIT_VNET_INET(curvnet);
struct in_ifaddr *ia;
struct in_addr prefix, mask, p, m;
int error;
@ -870,6 +876,7 @@ in_addprefix(struct in_ifaddr *target, int flags)
static int
in_scrubprefix(struct in_ifaddr *target)
{
INIT_VNET_INET(curvnet);
struct in_ifaddr *ia;
struct in_addr prefix, mask, p;
int error;
@ -976,6 +983,7 @@ in_broadcast(struct in_addr in, struct ifnet *ifp)
static void
in_purgemaddrs(struct ifnet *ifp)
{
INIT_VNET_INET(ifp->if_vnet);
struct in_multi *inm;
struct in_multi *oinm;
@ -998,6 +1006,7 @@ in_purgemaddrs(struct ifnet *ifp)
void
in_ifdetach(struct ifnet *ifp)
{
INIT_VNET_INET(ifp->if_vnet);
in_pcbpurgeif0(&V_ripcbinfo, ifp);
in_pcbpurgeif0(&V_udbinfo, ifp);

4
sys/netinet/in.h
View File

@ -743,4 +743,8 @@ void in_ifdetach(struct ifnet *);
#undef __KAME_NETINET_IN_H_INCLUDED_
#endif
#ifdef _KERNEL
#include <netinet/vinet.h>
#endif
#endif /* !_NETINET_IN_H_*/

8
sys/netinet/in_gif.c
View File

@ -45,7 +45,6 @@ __FBSDID("$FreeBSD$");
#include <sys/kernel.h>
#include <sys/sysctl.h>
#include <sys/protosw.h>
#include <sys/malloc.h>
#include <sys/vimage.h>
@ -87,12 +86,13 @@ struct protosw in_gif_protosw = {
};
static int ip_gif_ttl = GIF_TTL;
SYSCTL_INT(_net_inet_ip, IPCTL_GIF_TTL, gifttl, CTLFLAG_RW,
&ip_gif_ttl, 0, "");
SYSCTL_V_INT(V_NET, vnet_gif, _net_inet_ip, IPCTL_GIF_TTL, gifttl,
CTLFLAG_RW, ip_gif_ttl, 0, "");
int
in_gif_output(struct ifnet *ifp, int family, struct mbuf *m)
{
INIT_VNET_GIF(ifp->if_vnet);
struct gif_softc *sc = ifp->if_softc;
struct sockaddr_in *dst = (struct sockaddr_in *)&sc->gif_ro.ro_dst;
struct sockaddr_in *sin_src = (struct sockaddr_in *)sc->gif_psrc;
@ -242,6 +242,7 @@ in_gif_output(struct ifnet *ifp, int family, struct mbuf *m)
void
in_gif_input(struct mbuf *m, int off)
{
INIT_VNET_INET(curvnet);
struct ifnet *gifp = NULL;
struct gif_softc *sc;
struct ip *ip;
@ -336,6 +337,7 @@ in_gif_input(struct mbuf *m, int off)
static int
gif_validate4(const struct ip *ip, struct gif_softc *sc, struct ifnet *ifp)
{
INIT_VNET_INET(curvnet);
struct sockaddr_in *src, *dst;
struct in_ifaddr *ia4;

11
sys/netinet/in_mcast.c
View File

@ -311,6 +311,7 @@ imo_match_source(struct ip_moptions *imo, size_t gidx, struct sockaddr *src)
struct in_multi *
in_addmulti(struct in_addr *ap, struct ifnet *ifp)
{
INIT_VNET_INET(ifp->if_vnet);
struct in_multi *inm;
inm = NULL;
@ -463,6 +464,8 @@ in_delmulti_locked(struct in_multi *inm)
static int
inp_change_source_filter(struct inpcb *inp, struct sockopt *sopt)
{
INIT_VNET_NET(curvnet);
INIT_VNET_INET(curvnet);
struct group_source_req gsr;
sockunion_t *gsa, *ssa;
struct ifnet *ifp;
@ -752,6 +755,7 @@ inp_freemoptions(struct ip_moptions *imo)
static int
inp_get_source_filters(struct inpcb *inp, struct sockopt *sopt)
{
INIT_VNET_NET(curvnet);
struct __msfilterreq msfr;
sockunion_t *gsa;
struct ifnet *ifp;
@ -849,6 +853,7 @@ inp_get_source_filters(struct inpcb *inp, struct sockopt *sopt)
int
inp_getmoptions(struct inpcb *inp, struct sockopt *sopt)
{
INIT_VNET_INET(curvnet);
struct ip_mreqn mreqn;
struct ip_moptions *imo;
struct ifnet *ifp;
@ -955,6 +960,8 @@ inp_getmoptions(struct inpcb *inp, struct sockopt *sopt)
static int
inp_join_group(struct inpcb *inp, struct sockopt *sopt)
{
INIT_VNET_NET(curvnet);
INIT_VNET_INET(curvnet);
struct group_source_req gsr;
sockunion_t *gsa, *ssa;
struct ifnet *ifp;
@ -1211,6 +1218,8 @@ out_locked:
static int
inp_leave_group(struct inpcb *inp, struct sockopt *sopt)
{
INIT_VNET_NET(curvnet);
INIT_VNET_INET(curvnet);
struct group_source_req gsr;
struct ip_mreq_source mreqs;
sockunion_t *gsa, *ssa;
@ -1399,6 +1408,7 @@ out_locked:
static int
inp_set_multicast_if(struct inpcb *inp, struct sockopt *sopt)
{
INIT_VNET_NET(curvnet);
struct in_addr addr;
struct ip_mreqn mreqn;
struct ifnet *ifp;
@ -1467,6 +1477,7 @@ inp_set_multicast_if(struct inpcb *inp, struct sockopt *sopt)
static int
inp_set_source_filters(struct inpcb *inp, struct sockopt *sopt)
{
INIT_VNET_NET(curvnet);
struct __msfilterreq msfr;
sockunion_t *gsa;
struct ifnet *ifp;

82
sys/netinet/in_pcb.c
View File

@ -136,30 +136,37 @@ sysctl_net_ipport_check(SYSCTL_HANDLER_ARGS)
SYSCTL_NODE(_net_inet_ip, IPPROTO_IP, portrange, CTLFLAG_RW, 0, "IP Ports");
SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, lowfirst, CTLTYPE_INT|CTLFLAG_RW,
&ipport_lowfirstauto, 0, &sysctl_net_ipport_check, "I", "");
SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, lowlast, CTLTYPE_INT|CTLFLAG_RW,
&ipport_lowlastauto, 0, &sysctl_net_ipport_check, "I", "");
SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, first, CTLTYPE_INT|CTLFLAG_RW,
&ipport_firstauto, 0, &sysctl_net_ipport_check, "I", "");
SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, last, CTLTYPE_INT|CTLFLAG_RW,
&ipport_lastauto, 0, &sysctl_net_ipport_check, "I", "");
SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, hifirst, CTLTYPE_INT|CTLFLAG_RW,
&ipport_hifirstauto, 0, &sysctl_net_ipport_check, "I", "");
SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, hilast, CTLTYPE_INT|CTLFLAG_RW,
&ipport_hilastauto, 0, &sysctl_net_ipport_check, "I", "");
SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, reservedhigh,
CTLFLAG_RW|CTLFLAG_SECURE, &ipport_reservedhigh, 0, "");
SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, reservedlow,
CTLFLAG_RW|CTLFLAG_SECURE, &ipport_reservedlow, 0, "");
SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, randomized, CTLFLAG_RW,
&ipport_randomized, 0, "Enable random port allocation");
SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, randomcps, CTLFLAG_RW,
&ipport_randomcps, 0, "Maximum number of random port "
"allocations before switching to a sequental one");
SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, randomtime, CTLFLAG_RW,
&ipport_randomtime, 0, "Minimum time to keep sequental port "
"allocation before switching to a random one");
SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO,
lowfirst, CTLTYPE_INT|CTLFLAG_RW, ipport_lowfirstauto, 0,
&sysctl_net_ipport_check, "I", "");
SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO,
lowlast, CTLTYPE_INT|CTLFLAG_RW, ipport_lowlastauto, 0,
&sysctl_net_ipport_check, "I", "");
SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO,
first, CTLTYPE_INT|CTLFLAG_RW, ipport_firstauto, 0,
&sysctl_net_ipport_check, "I", "");
SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO,
last, CTLTYPE_INT|CTLFLAG_RW, ipport_lastauto, 0,
&sysctl_net_ipport_check, "I", "");
SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO,
hifirst, CTLTYPE_INT|CTLFLAG_RW, ipport_hifirstauto, 0,
&sysctl_net_ipport_check, "I", "");
SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO,
hilast, CTLTYPE_INT|CTLFLAG_RW, ipport_hilastauto, 0,
&sysctl_net_ipport_check, "I", "");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO,
reservedhigh, CTLFLAG_RW|CTLFLAG_SECURE, ipport_reservedhigh, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, reservedlow,
CTLFLAG_RW|CTLFLAG_SECURE, ipport_reservedlow, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, randomized,
CTLFLAG_RW, ipport_randomized, 0, "Enable random port allocation");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, randomcps,
CTLFLAG_RW, ipport_randomcps, 0, "Maximum number of random port "
"allocations before switching to a sequental one");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip_portrange, OID_AUTO, randomtime,
CTLFLAG_RW, ipport_randomtime, 0,
"Minimum time to keep sequental port "
"allocation before switching to a random one");
/*
* in_pcb.c: manage the Protocol Control Blocks.
@ -176,6 +183,9 @@ SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, randomtime, CTLFLAG_RW,
int
in_pcballoc(struct socket *so, struct inpcbinfo *pcbinfo)
{
#ifdef INET6
INIT_VNET_INET6(curvnet);
#endif
struct inpcb *inp;
int error;
@ -270,6 +280,7 @@ int
in_pcbbind_setup(struct inpcb *inp, struct sockaddr *nam, in_addr_t *laddrp,
u_short *lportp, struct ucred *cred)
{
INIT_VNET_INET(inp->inp_vnet);
struct socket *so = inp->inp_socket;
unsigned short *lastport;
struct sockaddr_in *sin;
@ -543,6 +554,7 @@ in_pcbconnect_setup(struct inpcb *inp, struct sockaddr *nam,
in_addr_t *laddrp, u_short *lportp, in_addr_t *faddrp, u_short *fportp,
struct inpcb **oinpp, struct ucred *cred)
{
INIT_VNET_INET(inp->inp_vnet);
struct sockaddr_in *sin = (struct sockaddr_in *)nam;
struct in_ifaddr *ia;
struct sockaddr_in sa;
@ -1223,13 +1235,22 @@ in_pcbsosetlabel(struct socket *so)
void
ipport_tick(void *xtp)
{
VNET_ITERATOR_DECL(vnet_iter);
if (V_ipport_tcpallocs <= V_ipport_tcplastcount + V_ipport_randomcps) {
if (V_ipport_stoprandom > 0)
V_ipport_stoprandom--;
} else
V_ipport_stoprandom = V_ipport_randomtime;
V_ipport_tcplastcount = V_ipport_tcpallocs;
VNET_LIST_RLOCK();
VNET_FOREACH(vnet_iter) {
CURVNET_SET(vnet_iter); /* XXX appease INVARIANTS here */
INIT_VNET_INET(vnet_iter);
if (V_ipport_tcpallocs <=
V_ipport_tcplastcount + V_ipport_randomcps) {
if (V_ipport_stoprandom > 0)
V_ipport_stoprandom--;
} else
V_ipport_stoprandom = V_ipport_randomtime;
V_ipport_tcplastcount = V_ipport_tcpallocs;
CURVNET_RESTORE();
}
VNET_LIST_RUNLOCK();
callout_reset(&ipport_tick_callout, hz, ipport_tick, NULL);
}
@ -1280,6 +1301,7 @@ inp_unlock_assert(struct inpcb *inp)
void
inp_apply_all(void (*func)(struct inpcb *, void *), void *arg)
{
INIT_VNET_INET(curvnet);
struct inpcb *inp;
INP_INFO_RLOCK(&V_tcbinfo);

46
sys/netinet/in_rmx.c
View File

@ -152,17 +152,19 @@ in_matroute(void *v_arg, struct radix_node_head *head)
}
static int rtq_reallyold = 60*60; /* one hour is "really old" */
SYSCTL_INT(_net_inet_ip, IPCTL_RTEXPIRE, rtexpire, CTLFLAG_RW,
&rtq_reallyold, 0, "Default expiration time on dynamically learned routes");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_RTEXPIRE, rtexpire,
CTLFLAG_RW, rtq_reallyold, 0,
"Default expiration time on dynamically learned routes");
static int rtq_minreallyold = 10; /* never automatically crank down to less */
SYSCTL_INT(_net_inet_ip, IPCTL_RTMINEXPIRE, rtminexpire, CTLFLAG_RW,
&rtq_minreallyold, 0,
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_RTMINEXPIRE,
rtminexpire, CTLFLAG_RW, rtq_minreallyold, 0,
"Minimum time to attempt to hold onto dynamically learned routes");
static int rtq_toomany = 128; /* 128 cached routes is "too many" */
SYSCTL_INT(_net_inet_ip, IPCTL_RTMAXCACHE, rtmaxcache, CTLFLAG_RW,
&rtq_toomany, 0, "Upper limit on dynamically learned routes");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_RTMAXCACHE,
rtmaxcache, CTLFLAG_RW, rtq_toomany, 0,
"Upper limit on dynamically learned routes");
/*
* On last reference drop, mark the route as belong to us so that it can be
@ -171,6 +173,7 @@ SYSCTL_INT(_net_inet_ip, IPCTL_RTMAXCACHE, rtmaxcache, CTLFLAG_RW,
static void
in_clsroute(struct radix_node *rn, struct radix_node_head *head)
{
INIT_VNET_INET(curvnet);
struct rtentry *rt = (struct rtentry *)rn;
RT_LOCK_ASSERT(rt);
@ -216,6 +219,7 @@ struct rtqk_arg {
static int
in_rtqkill(struct radix_node *rn, void *rock)
{
INIT_VNET_INET(curvnet);
struct rtqk_arg *ap = rock;
struct rtentry *rt = (struct rtentry *)rn;
int err;
@ -323,21 +327,29 @@ in_rtqtimo_one(void *rock)
void
in_rtqdrain(void)
{
VNET_ITERATOR_DECL(vnet_iter);
struct radix_node_head *rnh;
struct rtqk_arg arg;
int fibnum;
for ( fibnum = 0; fibnum < rt_numfibs; fibnum++) {
rnh = V_rt_tables[fibnum][AF_INET];
arg.found = arg.killed = 0;
arg.rnh = rnh;
arg.nextstop = 0;
arg.draining = 1;
arg.updating = 0;
RADIX_NODE_HEAD_LOCK(rnh);
rnh->rnh_walktree(rnh, in_rtqkill, &arg);
RADIX_NODE_HEAD_UNLOCK(rnh);
VNET_LIST_RLOCK();
VNET_FOREACH(vnet_iter) {
CURVNET_SET(vnet_iter);
INIT_VNET_NET(vnet_iter);
for ( fibnum = 0; fibnum < rt_numfibs; fibnum++) {
rnh = V_rt_tables[fibnum][AF_INET];
arg.found = arg.killed = 0;
arg.rnh = rnh;
arg.nextstop = 0;
arg.draining = 1;
arg.updating = 0;
RADIX_NODE_HEAD_LOCK(rnh);
rnh->rnh_walktree(rnh, in_rtqkill, &arg);
RADIX_NODE_HEAD_UNLOCK(rnh);
}
CURVNET_RESTORE();
}
VNET_LIST_RUNLOCK();
}
static int _in_rt_was_here;
@ -347,6 +359,7 @@ static int _in_rt_was_here;
int
in_inithead(void **head, int off)
{
INIT_VNET_INET(curvnet);
struct radix_node_head *rnh;
/* XXX MRT
@ -416,6 +429,7 @@ in_ifadownkill(struct radix_node *rn, void *xap)
int
in_ifadown(struct ifaddr *ifa, int delete)
{
INIT_VNET_NET(curvnet);
struct in_ifadown_arg arg;
struct radix_node_head *rnh;
int fibnum;

3
sys/netinet/ip6.h
View File

@ -346,6 +346,9 @@ do { \
} \
} \
} while (/*CONSTCOND*/ 0)
#include <netinet6/vinet6.h>
#endif /*_KERNEL*/
#endif /* not _NETINET_IP6_H_ */

3
sys/netinet/ip_carp.c
View File

@ -914,6 +914,7 @@ carp_send_ad_locked(struct carp_softc *sc)
ch.carp_cksum = 0;
#ifdef INET
INIT_VNET_INET(curvnet);
if (sc->sc_ia) {
struct ip *ip;
@ -1452,6 +1453,7 @@ carp_multicast6_cleanup(struct carp_softc *sc)
static int
carp_set_addr(struct carp_softc *sc, struct sockaddr_in *sin)
{
INIT_VNET_INET(curvnet);
struct ifnet *ifp;
struct carp_if *cif;
struct in_ifaddr *ia, *ia_if;
@ -1617,6 +1619,7 @@ carp_del_addr(struct carp_softc *sc, struct sockaddr_in *sin)
static int
carp_set_addr6(struct carp_softc *sc, struct sockaddr_in6 *sin6)
{
INIT_VNET_INET6(curvnet);
struct ifnet *ifp;
struct carp_if *cif;
struct in6_ifaddr *ia, *ia_if;

10
sys/netinet/ip_divert.c
View File

@ -148,6 +148,7 @@ div_inpcb_fini(void *mem, int size)
void
div_init(void)
{
INIT_VNET_INET(curvnet);
INP_INFO_LOCK_INIT(&V_divcbinfo, "div");
LIST_INIT(&V_divcb);
@ -175,6 +176,8 @@ div_init(void)
void
div_input(struct mbuf *m, int off)
{
INIT_VNET_INET(curvnet);
V_ipstat.ips_noproto++;
m_freem(m);
}
@ -188,6 +191,7 @@ div_input(struct mbuf *m, int off)
static void
divert_packet(struct mbuf *m, int incoming)
{
INIT_VNET_INET(curvnet);
struct ip *ip;
struct inpcb *inp;
struct socket *sa;
@ -304,6 +308,7 @@ static int
div_output(struct socket *so, struct mbuf *m, struct sockaddr_in *sin,
struct mbuf *control)
{
INIT_VNET_INET(curvnet);
struct m_tag *mtag;
struct divert_tag *dt;
int error = 0;
@ -456,6 +461,7 @@ cantsend:
static int
div_attach(struct socket *so, int proto, struct thread *td)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
int error;
@ -487,6 +493,7 @@ div_attach(struct socket *so, int proto, struct thread *td)
static void
div_detach(struct socket *so)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
inp = sotoinpcb(so);
@ -501,6 +508,7 @@ div_detach(struct socket *so)
static int
div_bind(struct socket *so, struct sockaddr *nam, struct thread *td)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
int error;
@ -541,6 +549,8 @@ static int
div_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam,
struct mbuf *control, struct thread *td)
{
INIT_VNET_INET(so->so_vnet);
/* Packet must have a header (but that's about it) */
if (m->m_len < sizeof (struct ip) &&
(m = m_pullup(m, sizeof (struct ip))) == 0) {

6
sys/netinet/ip_fastfwd.c
View File

@ -107,12 +107,13 @@ __FBSDID("$FreeBSD$");
#include <machine/in_cksum.h>
static int ipfastforward_active = 0;
SYSCTL_INT(_net_inet_ip, OID_AUTO, fastforwarding, CTLFLAG_RW,
&ipfastforward_active, 0, "Enable fast IP forwarding");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, fastforwarding,
CTLFLAG_RW, ipfastforward_active, 0, "Enable fast IP forwarding");
static struct sockaddr_in *
ip_findroute(struct route *ro, struct in_addr dest, struct mbuf *m)
{
INIT_VNET_INET(curvnet);
struct sockaddr_in *dst;
struct rtentry *rt;
@ -156,6 +157,7 @@ ip_findroute(struct route *ro, struct in_addr dest, struct mbuf *m)
struct mbuf *
ip_fastforward(struct mbuf *m)
{
INIT_VNET_INET(curvnet);
struct ip *ip;
struct mbuf *m0 = NULL;
struct route ro;

81
sys/netinet/ip_fw.h
View File

@ -630,14 +630,20 @@ int ipfw_chk(struct ip_fw_args *);
int ipfw_init(void);
void ipfw_destroy(void);
#ifdef NOTYET
void ipfw_nat_destroy(void);
#endif
typedef int ip_fw_ctl_t(struct sockopt *);
extern ip_fw_ctl_t *ip_fw_ctl_ptr;
#ifndef VIMAGE
extern int fw_one_pass;
extern int fw_enable;
#ifdef INET6
extern int fw6_enable;
#endif
#endif
/* For kernel ipfw_ether and ipfw_bridge. */
typedef int ip_fw_chk_t(struct ip_fw_args *args);
@ -675,5 +681,80 @@ typedef int ipfw_nat_t(struct ip_fw_args *, struct cfg_nat *, struct mbuf *);
typedef int ipfw_nat_cfg_t(struct sockopt *);
#endif
/*
* Stack virtualization support.
*/
#ifdef VIMAGE
struct vnet_ipfw {
int _fw_one_pass;
int _fw_enable;
int _fw6_enable;
u_int32_t _set_disable;
int _fw_deny_unknown_exthdrs;
int _fw_verbose;
int _verbose_limit;
int _fw_debug;
int _autoinc_step;
ipfw_dyn_rule **_ipfw_dyn_v;
struct ip_fw_chain _layer3_chain;
u_int32_t _dyn_buckets;
u_int32_t _curr_dyn_buckets;
u_int32_t _dyn_ack_lifetime;
u_int32_t _dyn_syn_lifetime;
u_int32_t _dyn_fin_lifetime;
u_int32_t _dyn_rst_lifetime;
u_int32_t _dyn_udp_lifetime;
u_int32_t _dyn_short_lifetime;
u_int32_t _dyn_keepalive_interval;
u_int32_t _dyn_keepalive_period;
u_int32_t _dyn_keepalive;
u_int32_t _static_count;
u_int32_t _static_len;
u_int32_t _dyn_count;
u_int32_t _dyn_max;
u_int64_t _norule_counter;
struct callout _ipfw_timeout;
eventhandler_tag _ifaddr_event_tag;
};
#endif
/*
* Symbol translation macros
*/
#define INIT_VNET_IPFW(vnet) \
INIT_FROM_VNET(vnet, VNET_MOD_IPFW, struct vnet_ipfw, vnet_ipfw)
#define VNET_IPFW(sym) VSYM(vnet_ipfw, sym)
#define V_fw_one_pass VNET_IPFW(fw_one_pass)
#define V_fw_enable VNET_IPFW(fw_enable)
#define V_fw6_enable VNET_IPFW(fw6_enable)
#define V_set_disable VNET_IPFW(set_disable)
#define V_fw_deny_unknown_exthdrs VNET_IPFW(fw_deny_unknown_exthdrs)
#define V_fw_verbose VNET_IPFW(fw_verbose)
#define V_verbose_limit VNET_IPFW(verbose_limit)
#define V_fw_debug VNET_IPFW(fw_debug)
#define V_autoinc_step VNET_IPFW(autoinc_step)
#define V_ipfw_dyn_v VNET_IPFW(ipfw_dyn_v)
#define V_layer3_chain VNET_IPFW(layer3_chain)
#define V_dyn_buckets VNET_IPFW(dyn_buckets)
#define V_curr_dyn_buckets VNET_IPFW(curr_dyn_buckets)
#define V_dyn_ack_lifetime VNET_IPFW(dyn_ack_lifetime)
#define V_dyn_syn_lifetime VNET_IPFW(dyn_syn_lifetime)
#define V_dyn_fin_lifetime VNET_IPFW(dyn_fin_lifetime)
#define V_dyn_rst_lifetime VNET_IPFW(dyn_rst_lifetime)
#define V_dyn_udp_lifetime VNET_IPFW(dyn_udp_lifetime)
#define V_dyn_short_lifetime VNET_IPFW(dyn_short_lifetime)
#define V_dyn_keepalive_interval VNET_IPFW(dyn_keepalive_interval)
#define V_dyn_keepalive_period VNET_IPFW(dyn_keepalive_period)
#define V_dyn_keepalive VNET_IPFW(dyn_keepalive)
#define V_static_count VNET_IPFW(static_count)
#define V_static_len VNET_IPFW(static_len)
#define V_dyn_count VNET_IPFW(dyn_count)
#define V_dyn_max VNET_IPFW(dyn_max)
#define V_norule_counter VNET_IPFW(norule_counter)
#define V_ipfw_timeout VNET_IPFW(ipfw_timeout)
#define V_ifaddr_event_tag VNET_IPFW(ifaddr_event_tag)
#endif /* _KERNEL */
#endif /* _IPFW2_H */

92
sys/netinet/ip_fw2.c
View File

@ -163,20 +163,19 @@ extern int ipfw_chg_hook(SYSCTL_HANDLER_ARGS);
#ifdef SYSCTL_NODE
SYSCTL_NODE(_net_inet_ip, OID_AUTO, fw, CTLFLAG_RW, 0, "Firewall");
SYSCTL_PROC(_net_inet_ip_fw, OID_AUTO, enable,
CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE3, &fw_enable, 0,
SYSCTL_V_PROC(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, enable,
CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE3, fw_enable, 0,
ipfw_chg_hook, "I", "Enable ipfw");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, autoinc_step, CTLFLAG_RW,
&autoinc_step, 0, "Rule number autincrement step");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, one_pass,
CTLFLAG_RW | CTLFLAG_SECURE3,
&fw_one_pass, 0,
SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, autoinc_step,
CTLFLAG_RW, autoinc_step, 0, "Rule number autincrement step");
SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, one_pass,
CTLFLAG_RW | CTLFLAG_SECURE3, fw_one_pass, 0,
"Only do a single pass through ipfw when using dummynet(4)");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, debug, CTLFLAG_RW,
&fw_debug, 0, "Enable printing of debug ip_fw statements");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, verbose,
SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, debug, CTLFLAG_RW,
fw_debug, 0, "Enable printing of debug ip_fw statements");
SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, verbose,
CTLFLAG_RW | CTLFLAG_SECURE3,
&fw_verbose, 0, "Log matches to ipfw rules");
fw_verbose, 0, "Log matches to ipfw rules");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, verbose_limit, CTLFLAG_RW,
&verbose_limit, 0, "Set upper limit of matches of ipfw rules logged");
SYSCTL_UINT(_net_inet_ip_fw, OID_AUTO, default_rule, CTLFLAG_RD,
@ -259,30 +258,32 @@ static u_int32_t static_len; /* size in bytes of static rules */
static u_int32_t dyn_count; /* # of dynamic rules */
static u_int32_t dyn_max = 4096; /* max # of dynamic rules */
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_buckets, CTLFLAG_RW,
&dyn_buckets, 0, "Number of dyn. buckets");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, curr_dyn_buckets, CTLFLAG_RD,
&curr_dyn_buckets, 0, "Current Number of dyn. buckets");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_count, CTLFLAG_RD,
&dyn_count, 0, "Number of dyn. rules");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_max, CTLFLAG_RW,
&dyn_max, 0, "Max number of dyn. rules");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, static_count, CTLFLAG_RD,
&static_count, 0, "Number of static rules");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_ack_lifetime, CTLFLAG_RW,
&dyn_ack_lifetime, 0, "Lifetime of dyn. rules for acks");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_syn_lifetime, CTLFLAG_RW,
&dyn_syn_lifetime, 0, "Lifetime of dyn. rules for syn");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_fin_lifetime, CTLFLAG_RW,
&dyn_fin_lifetime, 0, "Lifetime of dyn. rules for fin");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_rst_lifetime, CTLFLAG_RW,
&dyn_rst_lifetime, 0, "Lifetime of dyn. rules for rst");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_udp_lifetime, CTLFLAG_RW,
&dyn_udp_lifetime, 0, "Lifetime of dyn. rules for UDP");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_short_lifetime, CTLFLAG_RW,
&dyn_short_lifetime, 0, "Lifetime of dyn. rules for other situations");
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, dyn_keepalive, CTLFLAG_RW,
&dyn_keepalive, 0, "Enable keepalives for dyn. rules");
SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_buckets,
CTLFLAG_RW, dyn_buckets, 0, "Number of dyn. buckets");
SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, curr_dyn_buckets,
CTLFLAG_RD, curr_dyn_buckets, 0, "Current Number of dyn. buckets");
SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_count,
CTLFLAG_RD, dyn_count, 0, "Number of dyn. rules");
SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_max,
CTLFLAG_RW, dyn_max, 0, "Max number of dyn. rules");
SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, static_count,
CTLFLAG_RD, static_count, 0, "Number of static rules");
SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_ack_lifetime,
CTLFLAG_RW, dyn_ack_lifetime, 0, "Lifetime of dyn. rules for acks");
SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_syn_lifetime,
CTLFLAG_RW, dyn_syn_lifetime, 0, "Lifetime of dyn. rules for syn");
SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_fin_lifetime,
CTLFLAG_RW, dyn_fin_lifetime, 0, "Lifetime of dyn. rules for fin");
SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_rst_lifetime,
CTLFLAG_RW, dyn_rst_lifetime, 0, "Lifetime of dyn. rules for rst");
SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_udp_lifetime,
CTLFLAG_RW, dyn_udp_lifetime, 0, "Lifetime of dyn. rules for UDP");
SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_short_lifetime,
CTLFLAG_RW, dyn_short_lifetime, 0,
"Lifetime of dyn. rules for other situations");
SYSCTL_V_INT(V_NET, vnet_ipfw, _net_inet_ip_fw, OID_AUTO, dyn_keepalive,
CTLFLAG_RW, dyn_keepalive, 0, "Enable keepalives for dyn. rules");
#ifdef INET6
/*
@ -566,6 +567,7 @@ flow6id_match( int curr_flow, ipfw_insn_u32 *cmd )
static int
search_ip6_addr_net (struct in6_addr * ip6_addr)
{
INIT_VNET_NET(curvnet);
struct ifnet *mdc;
struct ifaddr *mdc2;
struct in6_ifaddr *fdm;
@ -757,6 +759,7 @@ ipfw_log(struct ip_fw *f, u_int hlen, struct ip_fw_args *args,
struct mbuf *m, struct ifnet *oif, u_short offset, uint32_t tablearg,
struct ip *ip)
{
INIT_VNET_IPFW(curvnet);
struct ether_header *eh = args->eh;
char *action;
int limit_reached = 0;
@ -1027,6 +1030,7 @@ ipfw_log(struct ip_fw *f, u_int hlen, struct ip_fw_args *args,
static __inline int
hash_packet(struct ipfw_flow_id *id)
{
INIT_VNET_IPFW(curvnet);
u_int32_t i;
#ifdef INET6
@ -1078,6 +1082,7 @@ hash_packet(struct ipfw_flow_id *id)
static void
remove_dyn_rule(struct ip_fw *rule, ipfw_dyn_rule *keep_me)
{
INIT_VNET_IPFW(curvnet);
static u_int32_t last_remove = 0;
#define FORCE (keep_me == NULL)
@ -1148,6 +1153,7 @@ static ipfw_dyn_rule *
lookup_dyn_rule_locked(struct ipfw_flow_id *pkt, int *match_direction,
struct tcphdr *tcp)
{
INIT_VNET_IPFW(curvnet);
/*
* stateful ipfw extensions.
* Lookup into dynamic session queue
@ -1304,6 +1310,7 @@ lookup_dyn_rule(struct ipfw_flow_id *pkt, int *match_direction,
static void
realloc_dynamic_table(void)
{
INIT_VNET_IPFW(curvnet);
IPFW_DYN_LOCK_ASSERT();
/*
@ -1343,6 +1350,7 @@ realloc_dynamic_table(void)
static ipfw_dyn_rule *
add_dyn_rule(struct ipfw_flow_id *id, u_int8_t dyn_type, struct ip_fw *rule)
{
INIT_VNET_IPFW(curvnet);
ipfw_dyn_rule *r;
int i;
@ -1398,6 +1406,7 @@ add_dyn_rule(struct ipfw_flow_id *id, u_int8_t dyn_type, struct ip_fw *rule)
static ipfw_dyn_rule *
lookup_dyn_parent(struct ipfw_flow_id *pkt, struct ip_fw *rule)
{
INIT_VNET_IPFW(curvnet);
ipfw_dyn_rule *q;
int i;
@ -1441,6 +1450,7 @@ static int
install_state(struct ip_fw *rule, ipfw_insn_limit *cmd,
struct ip_fw_args *args, uint32_t tablearg)
{
INIT_VNET_IPFW(curvnet);
static int last_log;
ipfw_dyn_rule *q;
struct in_addr da;
@ -1602,6 +1612,7 @@ static struct mbuf *
send_pkt(struct mbuf *replyto, struct ipfw_flow_id *id, u_int32_t seq,
u_int32_t ack, int flags)
{
INIT_VNET_INET(curvnet);
struct mbuf *m;
struct ip *ip;
struct tcphdr *tcp;
@ -1778,6 +1789,7 @@ static int
add_table_entry(struct ip_fw_chain *ch, uint16_t tbl, in_addr_t addr,
uint8_t mlen, uint32_t value)
{
INIT_VNET_IPFW(curvnet);
struct radix_node_head *rnh;
struct table_entry *ent;
@ -1982,6 +1994,7 @@ check_uidgid(ipfw_insn_u32 *insn, int proto, struct ifnet *oif,
u_int16_t src_port, struct ip_fw_ugid *ugp, int *ugid_lookupp,
struct inpcb *inp)
{
INIT_VNET_INET(curvnet);
struct inpcbinfo *pi;
int wildcard;
struct inpcb *pcb;
@ -2099,6 +2112,9 @@ check_uidgid(ipfw_insn_u32 *insn, int proto, struct ifnet *oif,
int
ipfw_chk(struct ip_fw_args *args)
{
INIT_VNET_INET(curvnet);
INIT_VNET_IPFW(curvnet);
/*
* Local variables holding state during the processing of a packet:
*
@ -3408,6 +3424,7 @@ flush_rule_ptrs(struct ip_fw_chain *chain)
static int
add_rule(struct ip_fw_chain *chain, struct ip_fw *input_rule)
{
INIT_VNET_IPFW(curvnet);
struct ip_fw *rule, *f, *prev;
int l = RULESIZE(input_rule);
@ -3493,6 +3510,7 @@ static struct ip_fw *
remove_rule(struct ip_fw_chain *chain, struct ip_fw *rule,
struct ip_fw *prev)
{
INIT_VNET_IPFW(curvnet);
struct ip_fw *n;
int l = RULESIZE(rule);
@ -3707,6 +3725,7 @@ clear_counters(struct ip_fw *rule, int log_only)
static int
zero_entry(struct ip_fw_chain *chain, u_int32_t arg, int log_only)
{
INIT_VNET_IPFW(curvnet);
struct ip_fw *rule;
char *msg;
@ -4074,6 +4093,7 @@ bad_size:
static size_t
ipfw_getrules(struct ip_fw_chain *chain, void *buf, size_t space)
{
INIT_VNET_IPFW(curvnet);
char *bp = buf;
char *ep = bp + space;
struct ip_fw *rule;
@ -4156,6 +4176,7 @@ static int
ipfw_ctl(struct sockopt *sopt)
{
#define RULE_MAXSIZE (256*sizeof(u_int32_t))
INIT_VNET_IPFW(curvnet);
int error;
size_t size;
struct ip_fw *buf, *rule;
@ -4495,6 +4516,7 @@ done:
int
ipfw_init(void)
{
INIT_VNET_IPFW(curvnet);
struct ip_fw default_rule;
int error;

8
sys/netinet/ip_fw_nat.c
View File

@ -82,6 +82,7 @@ extern ipfw_nat_cfg_t *ipfw_nat_get_log_ptr;
static void
ifaddr_change(void *arg __unused, struct ifnet *ifp)
{
INIT_VNET_IPFW(curvnet);
struct cfg_nat *ptr;
struct ifaddr *ifa;
@ -109,6 +110,7 @@ ifaddr_change(void *arg __unused, struct ifnet *ifp)
static void
flush_nat_ptrs(const int i)
{
INIT_VNET_IPFW(curvnet);
struct ip_fw *rule;
IPFW_WLOCK_ASSERT(&V_layer3_chain);
@ -404,6 +406,7 @@ ipfw_nat(struct ip_fw_args *args, struct cfg_nat *t, struct mbuf *m)
static int
ipfw_nat_cfg(struct sockopt *sopt)
{
INIT_VNET_IPFW(curvnet);
struct cfg_nat *ptr, *ser_n;
char *buf;
@ -474,6 +477,7 @@ ipfw_nat_cfg(struct sockopt *sopt)
static int
ipfw_nat_del(struct sockopt *sopt)
{
INIT_VNET_IPFW(curvnet);
struct cfg_nat *ptr;
int i;
@ -496,6 +500,7 @@ ipfw_nat_del(struct sockopt *sopt)
static int
ipfw_nat_get_cfg(struct sockopt *sopt)
{
INIT_VNET_IPFW(curvnet);
uint8_t *data;
struct cfg_nat *n;
struct cfg_redir *r;
@ -550,6 +555,7 @@ nospace:
static int
ipfw_nat_get_log(struct sockopt *sopt)
{
INIT_VNET_IPFW(curvnet);
uint8_t *data;
struct cfg_nat *ptr;
int i, size, cnt, sof;
@ -584,6 +590,7 @@ ipfw_nat_get_log(struct sockopt *sopt)
static void
ipfw_nat_init(void)
{
INIT_VNET_IPFW(curvnet);
IPFW_WLOCK(&V_layer3_chain);
/* init ipfw hooks */
@ -600,6 +607,7 @@ ipfw_nat_init(void)
static void
ipfw_nat_destroy(void)
{
INIT_VNET_IPFW(curvnet);
struct ip_fw *rule;
struct cfg_nat *ptr, *ptr_temp;

82
sys/netinet/ip_icmp.c
View File

@ -78,45 +78,48 @@ __FBSDID("$FreeBSD$");
*/
struct icmpstat icmpstat;
SYSCTL_STRUCT(_net_inet_icmp, ICMPCTL_STATS, stats, CTLFLAG_RW,
&icmpstat, icmpstat, "");
SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_icmp, ICMPCTL_STATS, stats,
CTLFLAG_RW, icmpstat, icmpstat, "");
static int icmpmaskrepl = 0;
SYSCTL_INT(_net_inet_icmp, ICMPCTL_MASKREPL, maskrepl, CTLFLAG_RW,
&icmpmaskrepl, 0, "Reply to ICMP Address Mask Request packets.");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, ICMPCTL_MASKREPL, maskrepl,
CTLFLAG_RW, icmpmaskrepl, 0,
"Reply to ICMP Address Mask Request packets.");
static u_int icmpmaskfake = 0;
SYSCTL_UINT(_net_inet_icmp, OID_AUTO, maskfake, CTLFLAG_RW,
&icmpmaskfake, 0, "Fake reply to ICMP Address Mask Request packets.");
SYSCTL_V_UINT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, maskfake, CTLFLAG_RW,
icmpmaskfake, 0, "Fake reply to ICMP Address Mask Request packets.");
static int drop_redirect = 0;
SYSCTL_INT(_net_inet_icmp, OID_AUTO, drop_redirect, CTLFLAG_RW,
&drop_redirect, 0, "Ignore ICMP redirects");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, drop_redirect,
CTLFLAG_RW, drop_redirect, 0, "Ignore ICMP redirects");
static int log_redirect = 0;
SYSCTL_INT(_net_inet_icmp, OID_AUTO, log_redirect, CTLFLAG_RW,
&log_redirect, 0, "Log ICMP redirects to the console");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, log_redirect,
CTLFLAG_RW, log_redirect, 0, "Log ICMP redirects to the console");
static int icmplim = 200;
SYSCTL_INT(_net_inet_icmp, ICMPCTL_ICMPLIM, icmplim, CTLFLAG_RW,
&icmplim, 0, "Maximum number of ICMP responses per second");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, ICMPCTL_ICMPLIM, icmplim,
CTLFLAG_RW, icmplim, 0, "Maximum number of ICMP responses per second");
static int icmplim_output = 1;
SYSCTL_INT(_net_inet_icmp, OID_AUTO, icmplim_output, CTLFLAG_RW,
&icmplim_output, 0, "Enable rate limiting of ICMP responses");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, icmplim_output,
CTLFLAG_RW, icmplim_output, 0,
"Enable rate limiting of ICMP responses");
static char reply_src[IFNAMSIZ];
SYSCTL_STRING(_net_inet_icmp, OID_AUTO, reply_src, CTLFLAG_RW,
&reply_src, IFNAMSIZ, "icmp reply source for non-local packets.");
SYSCTL_V_STRING(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, reply_src,
CTLFLAG_RW, reply_src, IFNAMSIZ,
"icmp reply source for non-local packets.");
static int icmp_rfi = 0;
SYSCTL_INT(_net_inet_icmp, OID_AUTO, reply_from_interface, CTLFLAG_RW,
&icmp_rfi, 0, "ICMP reply from incoming interface for "
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, reply_from_interface,
CTLFLAG_RW, icmp_rfi, 0, "ICMP reply from incoming interface for "
"non-local packets");
static int icmp_quotelen = 8;
SYSCTL_INT(_net_inet_icmp, OID_AUTO, quotelen, CTLFLAG_RW,
&icmp_quotelen, 0, "Number of bytes from original packet to "
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, quotelen, CTLFLAG_RW,
icmp_quotelen, 0, "Number of bytes from original packet to "
"quote in ICMP reply");
/*
@ -124,8 +127,8 @@ SYSCTL_INT(_net_inet_icmp, OID_AUTO, quotelen, CTLFLAG_RW,
*/
static int icmpbmcastecho = 0;
SYSCTL_INT(_net_inet_icmp, OID_AUTO, bmcastecho, CTLFLAG_RW,
&icmpbmcastecho, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, bmcastecho,
CTLFLAG_RW, icmpbmcastecho, 0, "");
#ifdef ICMPPRINTFS
@ -144,6 +147,7 @@ extern struct protosw inetsw[];
void
icmp_error(struct mbuf *n, int type, int code, n_long dest, int mtu)
{
INIT_VNET_INET(curvnet);
register struct ip *oip = mtod(n, struct ip *), *nip;
register unsigned oiphlen = oip->ip_hl << 2;
register struct icmp *icp;
@ -207,9 +211,9 @@ icmp_error(struct mbuf *n, int type, int code, n_long dest, int mtu)
if (n->m_len < oiphlen + tcphlen &&
((n = m_pullup(n, oiphlen + tcphlen)) == NULL))
goto freeit;
icmpelen = max(tcphlen, min(icmp_quotelen, oip->ip_len - oiphlen));
icmpelen = max(tcphlen, min(V_icmp_quotelen, oip->ip_len - oiphlen));
} else
stdreply: icmpelen = max(8, min(icmp_quotelen, oip->ip_len - oiphlen));
stdreply: icmpelen = max(8, min(V_icmp_quotelen, oip->ip_len - oiphlen));
icmplen = min(oiphlen + icmpelen, nlen);
if (icmplen < sizeof(struct ip))
@ -292,6 +296,7 @@ freeit:
void
icmp_input(struct mbuf *m, int off)
{
INIT_VNET_INET(curvnet);
struct icmp *icp;
struct in_ifaddr *ia;
struct ip *ip = mtod(m, struct ip *);
@ -462,7 +467,7 @@ icmp_input(struct mbuf *m, int off)
break;
case ICMP_ECHO:
if (!icmpbmcastecho
if (!V_icmpbmcastecho
&& (m->m_flags & (M_MCAST | M_BCAST)) != 0) {
V_icmpstat.icps_bmcastecho++;
break;
@ -474,7 +479,7 @@ icmp_input(struct mbuf *m, int off)
goto reflect;
case ICMP_TSTAMP:
if (!icmpbmcastecho
if (!V_icmpbmcastecho
&& (m->m_flags & (M_MCAST | M_BCAST)) != 0) {
V_icmpstat.icps_bmcasttstamp++;
break;
@ -492,7 +497,7 @@ icmp_input(struct mbuf *m, int off)
goto reflect;
case ICMP_MASKREQ:
if (icmpmaskrepl == 0)
if (V_icmpmaskrepl == 0)
break;
/*
* We are not able to respond with all ones broadcast
@ -517,10 +522,10 @@ icmp_input(struct mbuf *m, int off)
if (ia->ia_ifp == 0)
break;
icp->icmp_type = ICMP_MASKREPLY;
if (icmpmaskfake == 0)
if (V_icmpmaskfake == 0)
icp->icmp_mask = ia->ia_sockmask.sin_addr.s_addr;
else
icp->icmp_mask = icmpmaskfake;
icp->icmp_mask = V_icmpmaskfake;
if (ip->ip_src.s_addr == 0) {
if (ia->ia_ifp->if_flags & IFF_BROADCAST)
ip->ip_src = satosin(&ia->ia_broadaddr)->sin_addr;
@ -535,7 +540,7 @@ reflect:
return;
case ICMP_REDIRECT:
if (log_redirect) {
if (V_log_redirect) {
u_long src, dst, gw;
src = ntohl(ip->ip_src.s_addr);
@ -554,7 +559,7 @@ reflect:
* RFC1812 says we must ignore ICMP redirects if we
* are acting as router.
*/
if (drop_redirect || V_ipforwarding)
if (V_drop_redirect || V_ipforwarding)
break;
if (code > 3)
goto badcode;
@ -622,6 +627,7 @@ freeit:
static void
icmp_reflect(struct mbuf *m)
{
INIT_VNET_INET(curvnet);
struct ip *ip = mtod(m, struct ip *);
struct ifaddr *ifa;
struct ifnet *ifn;
@ -672,7 +678,7 @@ icmp_reflect(struct mbuf *m)
* doesn't have a suitable IP address, the normal selection
* criteria apply.
*/
if (icmp_rfi && m->m_pkthdr.rcvif != NULL) {
if (V_icmp_rfi && m->m_pkthdr.rcvif != NULL) {
TAILQ_FOREACH(ifa, &m->m_pkthdr.rcvif->if_addrhead, ifa_link) {
if (ifa->ifa_addr->sa_family != AF_INET)
continue;
@ -686,7 +692,7 @@ icmp_reflect(struct mbuf *m)
* net.inet.icmp.reply_src (default not set). Otherwise continue
* with normal source selection.
*/
if (reply_src[0] != '\0' && (ifn = ifunit(reply_src))) {
if (V_reply_src[0] != '\0' && (ifn = ifunit(V_reply_src))) {
TAILQ_FOREACH(ifa, &ifn->if_addrhead, ifa_link) {
if (ifa->ifa_addr->sa_family != AF_INET)
continue;
@ -889,6 +895,8 @@ ip_next_mtu(int mtu, int dir)
int
badport_bandlim(int which)
{
INIT_VNET_INET(curvnet);
#define N(a) (sizeof (a) / sizeof (a[0]))
static struct rate {
const char *type;
@ -906,20 +914,20 @@ badport_bandlim(int which)
/*
* Return ok status if feature disabled or argument out of range.
*/
if (icmplim > 0 && (u_int) which < N(rates)) {
if (V_icmplim > 0 && (u_int) which < N(rates)) {
struct rate *r = &rates[which];
int opps = r->curpps;
if (!ppsratecheck(&r->lasttime, &r->curpps, icmplim))
if (!ppsratecheck(&r->lasttime, &r->curpps, V_icmplim))
return -1; /* discard packet */
/*
* If we've dropped below the threshold after having
* rate-limited traffic print the message. This preserves
* the previous behaviour at the expense of added complexity.
*/
if (icmplim_output && opps > icmplim)
if (V_icmplim_output && opps > V_icmplim)
printf("Limiting %s from %d to %d packets/sec\n",
r->type, opps, icmplim);
r->type, opps, V_icmplim);
}
return 0; /* okay to send packet */
#undef N

138
sys/netinet/ip_input.c
View File

@ -92,31 +92,32 @@ CTASSERT(sizeof(struct ip) == 20);
int rsvp_on = 0;
int ipforwarding = 0;
SYSCTL_INT(_net_inet_ip, IPCTL_FORWARDING, forwarding, CTLFLAG_RW,
&ipforwarding, 0, "Enable IP forwarding between interfaces");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_FORWARDING,
forwarding, CTLFLAG_RW, ipforwarding, 0,
"Enable IP forwarding between interfaces");
static int ipsendredirects = 1; /* XXX */
SYSCTL_INT(_net_inet_ip, IPCTL_SENDREDIRECTS, redirect, CTLFLAG_RW,
&ipsendredirects, 0, "Enable sending IP redirects");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_SENDREDIRECTS,
redirect, CTLFLAG_RW, ipsendredirects, 0,
"Enable sending IP redirects");
int ip_defttl = IPDEFTTL;
SYSCTL_INT(_net_inet_ip, IPCTL_DEFTTL, ttl, CTLFLAG_RW,
&ip_defttl, 0, "Maximum TTL on IP packets");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_DEFTTL,
ttl, CTLFLAG_RW, ip_defttl, 0, "Maximum TTL on IP packets");
static int ip_keepfaith = 0;
SYSCTL_INT(_net_inet_ip, IPCTL_KEEPFAITH, keepfaith, CTLFLAG_RW,
&ip_keepfaith, 0,
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, IPCTL_KEEPFAITH,
keepfaith, CTLFLAG_RW, ip_keepfaith, 0,
"Enable packet capture for FAITH IPv4->IPv6 translater daemon");
static int ip_sendsourcequench = 0;
SYSCTL_INT(_net_inet_ip, OID_AUTO, sendsourcequench, CTLFLAG_RW,
&ip_sendsourcequench, 0,
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO,
sendsourcequench, CTLFLAG_RW, ip_sendsourcequench, 0,
"Enable the transmission of source quench packets");
int ip_do_randomid = 0;
SYSCTL_INT(_net_inet_ip, OID_AUTO, random_id, CTLFLAG_RW,
&ip_do_randomid, 0,
"Assign random ip_id values");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, random_id,
CTLFLAG_RW, ip_do_randomid, 0, "Assign random ip_id values");
/*
* XXX - Setting ip_checkinterface mostly implements the receive side of
@ -132,8 +133,9 @@ SYSCTL_INT(_net_inet_ip, OID_AUTO, random_id, CTLFLAG_RW,
* packets for those addresses are received.
*/
static int ip_checkinterface = 0;
SYSCTL_INT(_net_inet_ip, OID_AUTO, check_interface, CTLFLAG_RW,
&ip_checkinterface, 0, "Verify packet arrives on correct interface");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO,
check_interface, CTLFLAG_RW, ip_checkinterface, 0,
"Verify packet arrives on correct interface");
struct pfil_head inet_pfil_hook; /* Packet filter hooks */
@ -154,8 +156,8 @@ SYSCTL_INT(_net_inet_ip, IPCTL_INTRQDROPS, intr_queue_drops, CTLFLAG_RD,
"Number of packets dropped from the IP input queue");
struct ipstat ipstat;
SYSCTL_STRUCT(_net_inet_ip, IPCTL_STATS, stats, CTLFLAG_RW,
&ipstat, ipstat, "IP statistics (struct ipstat, netinet/ip_var.h)");
SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_ip, IPCTL_STATS, stats, CTLFLAG_RW,
ipstat, ipstat, "IP statistics (struct ipstat, netinet/ip_var.h)");
/*
* IP datagram reassembly.
@ -180,12 +182,13 @@ static void ipq_zone_change(void *);
static int maxnipq; /* Administrative limit on # reass queues. */
static int nipq = 0; /* Total # of reass queues */
SYSCTL_INT(_net_inet_ip, OID_AUTO, fragpackets, CTLFLAG_RD,
&nipq, 0, "Current number of IPv4 fragment reassembly queue entries");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, fragpackets,
CTLFLAG_RD, nipq, 0,
"Current number of IPv4 fragment reassembly queue entries");
static int maxfragsperpacket;
SYSCTL_INT(_net_inet_ip, OID_AUTO, maxfragsperpacket, CTLFLAG_RW,
&maxfragsperpacket, 0,
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, maxfragsperpacket,
CTLFLAG_RW, maxfragsperpacket, 0,
"Maximum number of IPv4 fragments allowed per packet");
struct callout ipport_tick_callout;
@ -197,8 +200,8 @@ SYSCTL_INT(_net_inet_ip, IPCTL_DEFMTU, mtu, CTLFLAG_RW,
#ifdef IPSTEALTH
int ipstealth = 0;
SYSCTL_INT(_net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW,
&ipstealth, 0, "IP stealth mode, no TTL decrementation on forwarding");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_ip, OID_AUTO, stealth, CTLFLAG_RW,
ipstealth, 0, "IP stealth mode, no TTL decrementation on forwarding");
#endif
/*
@ -218,6 +221,7 @@ static void ip_freef(struct ipqhead *, struct ipq *);
void
ip_init(void)
{
INIT_VNET_INET(curvnet);
struct protosw *pr;
int i;
@ -289,6 +293,7 @@ ip_fini(void *xtp)
void
ip_input(struct mbuf *m)
{
INIT_VNET_INET(curvnet);
struct ip *ip = NULL;
struct in_ifaddr *ia = NULL;
struct ifaddr *ifa;
@ -681,6 +686,7 @@ bad:
static void
maxnipq_update(void)
{
INIT_VNET_INET(curvnet);
/*
* -1 for unlimited allocation.
@ -704,6 +710,7 @@ maxnipq_update(void)
static void
ipq_zone_change(void *tag)
{
INIT_VNET_INET(curvnet);
if (V_maxnipq > 0 && V_maxnipq < (nmbclusters / 32)) {
V_maxnipq = nmbclusters / 32;
@ -714,6 +721,7 @@ ipq_zone_change(void *tag)
static int
sysctl_maxnipq(SYSCTL_HANDLER_ARGS)
{
INIT_VNET_INET(curvnet);
int error, i;
i = V_maxnipq;
@ -749,6 +757,7 @@ SYSCTL_PROC(_net_inet_ip, OID_AUTO, maxfragpackets, CTLTYPE_INT|CTLFLAG_RW,
struct mbuf *
ip_reass(struct mbuf *m)
{
INIT_VNET_INET(curvnet);
struct ip *ip;
struct mbuf *p, *q, *nq, *t;
struct ipq *fp = NULL;
@ -1064,6 +1073,7 @@ done:
static void
ip_freef(struct ipqhead *fhp, struct ipq *fp)
{
INIT_VNET_INET(curvnet);
struct mbuf *q;
IPQ_LOCK_ASSERT();
@ -1086,36 +1096,47 @@ ip_freef(struct ipqhead *fhp, struct ipq *fp)
void
ip_slowtimo(void)
{
VNET_ITERATOR_DECL(vnet_iter);
struct ipq *fp;
int i;
IPQ_LOCK();
for (i = 0; i < IPREASS_NHASH; i++) {
for(fp = TAILQ_FIRST(&V_ipq[i]); fp;) {
struct ipq *fpp;
fpp = fp;
fp = TAILQ_NEXT(fp, ipq_list);
if(--fpp->ipq_ttl == 0) {
V_ipstat.ips_fragtimeout += fpp->ipq_nfrags;
ip_freef(&V_ipq[i], fpp);
}
}
}
/*
* If we are over the maximum number of fragments
* (due to the limit being lowered), drain off
* enough to get down to the new limit.
*/
if (V_maxnipq >= 0 && V_nipq > V_maxnipq) {
VNET_LIST_RLOCK();
VNET_FOREACH(vnet_iter) {
CURVNET_SET(vnet_iter);
INIT_VNET_INET(vnet_iter);
for (i = 0; i < IPREASS_NHASH; i++) {
while (V_nipq > V_maxnipq && !TAILQ_EMPTY(&V_ipq[i])) {
V_ipstat.ips_fragdropped +=
TAILQ_FIRST(&V_ipq[i])->ipq_nfrags;
ip_freef(&V_ipq[i], TAILQ_FIRST(&V_ipq[i]));
for(fp = TAILQ_FIRST(&V_ipq[i]); fp;) {
struct ipq *fpp;
fpp = fp;
fp = TAILQ_NEXT(fp, ipq_list);
if(--fpp->ipq_ttl == 0) {
V_ipstat.ips_fragtimeout +=
fpp->ipq_nfrags;
ip_freef(&V_ipq[i], fpp);
}
}
}
/*
* If we are over the maximum number of fragments
* (due to the limit being lowered), drain off
* enough to get down to the new limit.
*/
if (V_maxnipq >= 0 && V_nipq > V_maxnipq) {
for (i = 0; i < IPREASS_NHASH; i++) {
while (V_nipq > V_maxnipq &&
!TAILQ_EMPTY(&V_ipq[i])) {
V_ipstat.ips_fragdropped +=
TAILQ_FIRST(&V_ipq[i])->ipq_nfrags;
ip_freef(&V_ipq[i],
TAILQ_FIRST(&V_ipq[i]));
}
}
}
CURVNET_RESTORE();
}
VNET_LIST_RUNLOCK();
IPQ_UNLOCK();
}
@ -1125,16 +1146,24 @@ ip_slowtimo(void)
void
ip_drain(void)
{
VNET_ITERATOR_DECL(vnet_iter);
int i;
IPQ_LOCK();
for (i = 0; i < IPREASS_NHASH; i++) {
while(!TAILQ_EMPTY(&V_ipq[i])) {
V_ipstat.ips_fragdropped +=
TAILQ_FIRST(&V_ipq[i])->ipq_nfrags;
ip_freef(&V_ipq[i], TAILQ_FIRST(&V_ipq[i]));
VNET_LIST_RLOCK();
VNET_FOREACH(vnet_iter) {
CURVNET_SET(vnet_iter);
INIT_VNET_INET(vnet_iter);
for (i = 0; i < IPREASS_NHASH; i++) {
while(!TAILQ_EMPTY(&V_ipq[i])) {
V_ipstat.ips_fragdropped +=
TAILQ_FIRST(&V_ipq[i])->ipq_nfrags;
ip_freef(&V_ipq[i], TAILQ_FIRST(&V_ipq[i]));
}
}
CURVNET_RESTORE();
}
VNET_LIST_RUNLOCK();
IPQ_UNLOCK();
in_rtqdrain();
}
@ -1251,6 +1280,7 @@ u_char inetctlerrmap[PRC_NCMDS] = {
void
ip_forward(struct mbuf *m, int srcrt)
{
INIT_VNET_INET(curvnet);
struct ip *ip = mtod(m, struct ip *);
struct in_ifaddr *ia = NULL;
struct mbuf *mcopy;
@ -1466,6 +1496,8 @@ void
ip_savecontrol(struct inpcb *inp, struct mbuf **mp, struct ip *ip,
struct mbuf *m)
{
INIT_VNET_NET(inp->inp_vnet);
if (inp->inp_socket->so_options & (SO_BINTIME | SO_TIMESTAMP)) {
struct bintime bt;
@ -1564,6 +1596,8 @@ struct socket *ip_rsvpd;
int
ip_rsvp_init(struct socket *so)
{
INIT_VNET_INET(so->so_vnet);
if (so->so_type != SOCK_RAW ||
so->so_proto->pr_protocol != IPPROTO_RSVP)
return EOPNOTSUPP;
@ -1587,6 +1621,8 @@ ip_rsvp_init(struct socket *so)
int
ip_rsvp_done(void)
{
INIT_VNET_INET(curvnet);
V_ip_rsvpd = NULL;
/*
* This may seem silly, but we need to be sure we don't over-decrement
@ -1602,6 +1638,8 @@ ip_rsvp_done(void)
void
rsvp_input(struct mbuf *m, int off) /* XXX must fixup manually */
{
INIT_VNET_INET(curvnet);
if (rsvp_input_p) { /* call the real one if loaded */
rsvp_input_p(m, off);
return;

3
sys/netinet/ip_ipsec.c
View File

@ -94,6 +94,8 @@ int
ip_ipsec_fwd(struct mbuf *m)
{
#ifdef IPSEC
INIT_VNET_INET(curvnet);
INIT_VNET_IPSEC(curvnet);
struct m_tag *mtag;
struct tdb_ident *tdbi;
struct secpolicy *sp;
@ -141,6 +143,7 @@ ip_ipsec_input(struct mbuf *m)
{
struct ip *ip = mtod(m, struct ip *);
#ifdef IPSEC
INIT_VNET_IPSEC(curvnet);
struct m_tag *mtag;
struct tdb_ident *tdbi;
struct secpolicy *sp;

15
sys/netinet/ip_mroute.c
View File

@ -422,6 +422,7 @@ mfc_find(in_addr_t o, in_addr_t g)
static int
X_ip_mrouter_set(struct socket *so, struct sockopt *sopt)
{
INIT_VNET_INET(curvnet);
int error, optval;
vifi_t vifi;
struct vifctl vifc;
@ -646,6 +647,7 @@ ip_mrouter_reset(void)
static void
if_detached_event(void *arg __unused, struct ifnet *ifp)
{
INIT_VNET_INET(curvnet);
vifi_t vifi;
int i;
struct mfc *mfc;
@ -709,6 +711,8 @@ if_detached_event(void *arg __unused, struct ifnet *ifp)
static int
ip_mrouter_init(struct socket *so, int version)
{
INIT_VNET_INET(curvnet);
if (mrtdebug)
log(LOG_DEBUG, "ip_mrouter_init: so_type = %d, pr_protocol = %d\n",
so->so_type, so->so_proto->pr_protocol);
@ -755,6 +759,7 @@ ip_mrouter_init(struct socket *so, int version)
static int
X_ip_mrouter_done(void)
{
INIT_VNET_INET(curvnet);
vifi_t vifi;
int i;
struct ifnet *ifp;
@ -1286,6 +1291,7 @@ static int
X_ip_mforward(struct ip *ip, struct ifnet *ifp, struct mbuf *m,
struct ip_moptions *imo)
{
INIT_VNET_INET(curvnet);
struct mfc *rt;
int error;
vifi_t vifi;
@ -1590,6 +1596,7 @@ expire_upcalls(void *unused)
static int
ip_mdq(struct mbuf *m, struct ifnet *ifp, struct mfc *rt, vifi_t xmt_vif)
{
INIT_VNET_INET(curvnet);
struct ip *ip = mtod(m, struct ip *);
vifi_t vifi;
int plen = ip->ip_len;
@ -1801,6 +1808,7 @@ send_packet(struct vif *vifp, struct mbuf *m)
static int
X_ip_rsvp_vif(struct socket *so, struct sockopt *sopt)
{
INIT_VNET_INET(curvnet);
int error, vifi;
if (so->so_type != SOCK_RAW || so->so_proto->pr_protocol != IPPROTO_RSVP)
@ -1855,6 +1863,7 @@ X_ip_rsvp_vif(struct socket *so, struct sockopt *sopt)
static void
X_ip_rsvp_force_done(struct socket *so)
{
INIT_VNET_INET(curvnet);
int vifi;
/* Don't bother if it is not the right type of socket. */
@ -1885,6 +1894,7 @@ X_ip_rsvp_force_done(struct socket *so)
static void
X_rsvp_input(struct mbuf *m, int off)
{
INIT_VNET_INET(curvnet);
int vifi;
struct ip *ip = mtod(m, struct ip *);
struct sockaddr_in rsvp_src = { sizeof rsvp_src, AF_INET };
@ -2286,6 +2296,7 @@ bw_meter_prepare_upcall(struct bw_meter *x, struct timeval *nowp)
static void
bw_upcalls_send(void)
{
INIT_VNET_INET(curvnet);
struct mbuf *m;
int len = bw_upcalls_n * sizeof(bw_upcalls[0]);
struct sockaddr_in k_igmpsrc = { sizeof k_igmpsrc, AF_INET };
@ -2646,6 +2657,7 @@ static int
pim_register_send_upcall(struct ip *ip, struct vif *vifp,
struct mbuf *mb_copy, struct mfc *rt)
{
INIT_VNET_INET(curvnet);
struct mbuf *mb_first;
int len = ntohs(ip->ip_len);
struct igmpmsg *im;
@ -2700,6 +2712,7 @@ static int
pim_register_send_rp(struct ip *ip, struct vif *vifp, struct mbuf *mb_copy,
struct mfc *rt)
{
INIT_VNET_INET(curvnet);
struct mbuf *mb_first;
struct ip *ip_outer;
struct pim_encap_pimhdr *pimhdr;
@ -3029,6 +3042,8 @@ pim_input_to_daemon:
static int
ip_mroute_modevent(module_t mod, int type, void *unused)
{
INIT_VNET_INET(curvnet);
switch (type) {
case MOD_LOAD:
MROUTER_LOCK_INIT();

1
sys/netinet/ip_options.c
View File

@ -98,6 +98,7 @@ static void save_rte(struct mbuf *m, u_char *, struct in_addr);
int
ip_dooptions(struct mbuf *m, int pass)
{
INIT_VNET_INET(curvnet);
struct ip *ip = mtod(m, struct ip *);
u_char *cp;
struct in_ifaddr *ia;

3
sys/netinet/ip_output.c
View File

@ -109,6 +109,8 @@ int
ip_output(struct mbuf *m, struct mbuf *opt, struct route *ro, int flags,
struct ip_moptions *imo, struct inpcb *inp)
{
INIT_VNET_NET(curvnet);
INIT_VNET_INET(curvnet);
struct ip *ip;
struct ifnet *ifp = NULL; /* keep compiler happy */
struct mbuf *m0;
@ -626,6 +628,7 @@ int
ip_fragment(struct ip *ip, struct mbuf **m_frag, int mtu,
u_long if_hwassist_flags, int sw_csum)
{
INIT_VNET_INET(curvnet);
int error = 0;
int hlen = ip->ip_hl << 2;
int len = (mtu - hlen) & ~7; /* size of payload in each fragment */

15
sys/netinet/raw_ip.c
View File

@ -158,6 +158,7 @@ rip_delhash(struct inpcb *inp)
static void
rip_zone_change(void *tag)
{
INIT_VNET_INET(curvnet);
uma_zone_set_max(V_ripcbinfo.ipi_zone, maxsockets);
}
@ -174,6 +175,7 @@ rip_inpcb_init(void *mem, int size, int flags)
void
rip_init(void)
{
INIT_VNET_INET(curvnet);
INP_INFO_LOCK_INIT(&V_ripcbinfo, "rip");
LIST_INIT(&V_ripcb);
@ -240,6 +242,7 @@ rip_append(struct inpcb *last, struct ip *ip, struct mbuf *n,
void
rip_input(struct mbuf *m, int off)
{
INIT_VNET_INET(curvnet);
struct ip *ip = mtod(m, struct ip *);
int proto = ip->ip_p;
struct inpcb *inp, *last;
@ -333,6 +336,7 @@ rip_input(struct mbuf *m, int off)
int
rip_output(struct mbuf *m, struct socket *so, u_long dst)
{
INIT_VNET_INET(so->so_vnet);
struct ip *ip;
int error;
struct inpcb *inp = sotoinpcb(so);
@ -598,6 +602,7 @@ rip_ctloutput(struct socket *so, struct sockopt *sopt)
void
rip_ctlinput(int cmd, struct sockaddr *sa, void *vip)
{
INIT_VNET_INET(curvnet);
struct in_ifaddr *ia;
struct ifnet *ifp;
int err;
@ -656,6 +661,7 @@ SYSCTL_ULONG(_net_inet_raw, OID_AUTO, recvspace, CTLFLAG_RW,
static int
rip_attach(struct socket *so, int proto, struct thread *td)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
int error;
@ -689,6 +695,7 @@ rip_attach(struct socket *so, int proto, struct thread *td)
static void
rip_detach(struct socket *so)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
inp = sotoinpcb(so);
@ -728,6 +735,7 @@ rip_dodisconnect(struct socket *so, struct inpcb *inp)
static void
rip_abort(struct socket *so)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
inp = sotoinpcb(so);
@ -743,6 +751,7 @@ rip_abort(struct socket *so)
static void
rip_close(struct socket *so)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
inp = sotoinpcb(so);
@ -758,6 +767,7 @@ rip_close(struct socket *so)
static int
rip_disconnect(struct socket *so)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
if ((so->so_state & SS_ISCONNECTED) == 0)
@ -777,6 +787,8 @@ rip_disconnect(struct socket *so)
static int
rip_bind(struct socket *so, struct sockaddr *nam, struct thread *td)
{
INIT_VNET_NET(so->so_vnet);
INIT_VNET_INET(so->so_vnet);
struct sockaddr_in *addr = (struct sockaddr_in *)nam;
struct inpcb *inp;
@ -813,6 +825,8 @@ rip_bind(struct socket *so, struct sockaddr *nam, struct thread *td)
static int
rip_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
{
INIT_VNET_NET(so->so_vnet);
INIT_VNET_INET(so->so_vnet);
struct sockaddr_in *addr = (struct sockaddr_in *)nam;
struct inpcb *inp;
@ -883,6 +897,7 @@ rip_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam,
static int
rip_pcblist(SYSCTL_HANDLER_ARGS)
{
INIT_VNET_INET(curvnet);
int error, i, n;
struct inpcb *inp, **inp_list;
inp_gen_t gencnt;

43
sys/netinet/tcp_hostcache.c
View File

@ -158,26 +158,32 @@ static void tcp_hc_purge(void *);
SYSCTL_NODE(_net_inet_tcp, OID_AUTO, hostcache, CTLFLAG_RW, 0,
"TCP Host cache");
SYSCTL_INT(_net_inet_tcp_hostcache, OID_AUTO, cachelimit, CTLFLAG_RDTUN,
&tcp_hostcache.cache_limit, 0, "Overall entry limit for hostcache");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, cachelimit,
CTLFLAG_RDTUN, tcp_hostcache.cache_limit, 0,
"Overall entry limit for hostcache");
SYSCTL_INT(_net_inet_tcp_hostcache, OID_AUTO, hashsize, CTLFLAG_RDTUN,
&tcp_hostcache.hashsize, 0, "Size of TCP hostcache hashtable");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, hashsize,
CTLFLAG_RDTUN, tcp_hostcache.hashsize, 0,
"Size of TCP hostcache hashtable");
SYSCTL_INT(_net_inet_tcp_hostcache, OID_AUTO, bucketlimit, CTLFLAG_RDTUN,
&tcp_hostcache.bucket_limit, 0, "Per-bucket hash limit for hostcache");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, bucketlimit,
CTLFLAG_RDTUN, tcp_hostcache.bucket_limit, 0,
"Per-bucket hash limit for hostcache");
SYSCTL_INT(_net_inet_tcp_hostcache, OID_AUTO, count, CTLFLAG_RD,
&tcp_hostcache.cache_count, 0, "Current number of entries in hostcache");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, count,
CTLFLAG_RD, tcp_hostcache.cache_count, 0,
"Current number of entries in hostcache");
SYSCTL_INT(_net_inet_tcp_hostcache, OID_AUTO, expire, CTLFLAG_RW,
&tcp_hostcache.expire, 0, "Expire time of TCP hostcache entries");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, expire,
CTLFLAG_RW, tcp_hostcache.expire, 0,
"Expire time of TCP hostcache entries");
SYSCTL_INT(_net_inet_tcp_hostcache, OID_AUTO, prune, CTLFLAG_RW,
&tcp_hostcache.prune, 0, "Time between purge runs");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, prune,
CTLFLAG_RW, tcp_hostcache.prune, 0, "Time between purge runs");
SYSCTL_INT(_net_inet_tcp_hostcache, OID_AUTO, purge, CTLFLAG_RW,
&tcp_hostcache.purgeall, 0, "Expire all entires on next purge run");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_hostcache, OID_AUTO, purge,
CTLFLAG_RW, tcp_hostcache.purgeall, 0,
"Expire all entires on next purge run");
SYSCTL_PROC(_net_inet_tcp_hostcache, OID_AUTO, list,
CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_SKIP, 0, 0,
@ -204,6 +210,7 @@ static MALLOC_DEFINE(M_HOSTCACHE, "hostcache", "TCP hostcache");
void
tcp_hc_init(void)
{
INIT_VNET_INET(curvnet);
int i;
/*
@ -271,6 +278,7 @@ tcp_hc_init(void)
static struct hc_metrics *
tcp_hc_lookup(struct in_conninfo *inc)
{
INIT_VNET_INET(curvnet);
int hash;
struct hc_head *hc_head;
struct hc_metrics *hc_entry;
@ -326,6 +334,7 @@ tcp_hc_lookup(struct in_conninfo *inc)
static struct hc_metrics *
tcp_hc_insert(struct in_conninfo *inc)
{
INIT_VNET_INET(curvnet);
int hash;
struct hc_head *hc_head;
struct hc_metrics *hc_entry;
@ -416,6 +425,7 @@ tcp_hc_insert(struct in_conninfo *inc)
void
tcp_hc_get(struct in_conninfo *inc, struct hc_metrics_lite *hc_metrics_lite)
{
INIT_VNET_INET(curvnet);
struct hc_metrics *hc_entry;
/*
@ -456,6 +466,7 @@ tcp_hc_get(struct in_conninfo *inc, struct hc_metrics_lite *hc_metrics_lite)
u_long
tcp_hc_getmtu(struct in_conninfo *inc)
{
INIT_VNET_INET(curvnet);
struct hc_metrics *hc_entry;
u_long mtu;
@ -478,6 +489,7 @@ tcp_hc_getmtu(struct in_conninfo *inc)
void
tcp_hc_updatemtu(struct in_conninfo *inc, u_long mtu)
{
INIT_VNET_INET(curvnet);
struct hc_metrics *hc_entry;
/*
@ -517,6 +529,7 @@ tcp_hc_updatemtu(struct in_conninfo *inc, u_long mtu)
void
tcp_hc_update(struct in_conninfo *inc, struct hc_metrics_lite *hcml)
{
INIT_VNET_INET(curvnet);
struct hc_metrics *hc_entry;
hc_entry = tcp_hc_lookup(inc);
@ -597,6 +610,7 @@ tcp_hc_update(struct in_conninfo *inc, struct hc_metrics_lite *hcml)
static int
sysctl_tcp_hc_list(SYSCTL_HANDLER_ARGS)
{
INIT_VNET_INET(curvnet);
int bufsize;
int linesize = 128;
char *p, *buf;
@ -659,6 +673,7 @@ sysctl_tcp_hc_list(SYSCTL_HANDLER_ARGS)
static void
tcp_hc_purge(void *arg)
{
INIT_VNET_INET(curvnet);
struct hc_metrics *hc_entry, *hc_next;
int all = (intptr_t)arg;
int i;

64
sys/netinet/tcp_input.c
View File

@ -100,60 +100,63 @@ __FBSDID("$FreeBSD$");
static const int tcprexmtthresh = 3;
struct tcpstat tcpstat;
SYSCTL_STRUCT(_net_inet_tcp, TCPCTL_STATS, stats, CTLFLAG_RW,
&tcpstat , tcpstat, "TCP statistics (struct tcpstat, netinet/tcp_var.h)");
SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_tcp, TCPCTL_STATS, stats,
CTLFLAG_RW, tcpstat , tcpstat,
"TCP statistics (struct tcpstat, netinet/tcp_var.h)");
int tcp_log_in_vain = 0;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, log_in_vain, CTLFLAG_RW,
&tcp_log_in_vain, 0, "Log all incoming TCP segments to closed ports");
static int blackhole = 0;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, blackhole, CTLFLAG_RW,
&blackhole, 0, "Do not send RST on segments to closed ports");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, blackhole, CTLFLAG_RW,
blackhole, 0, "Do not send RST on segments to closed ports");
int tcp_delack_enabled = 1;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, delayed_ack, CTLFLAG_RW,
&tcp_delack_enabled, 0,
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, delayed_ack,
CTLFLAG_RW, tcp_delack_enabled, 0,
"Delay ACK to try and piggyback it onto a data packet");
static int drop_synfin = 0;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, drop_synfin, CTLFLAG_RW,
&drop_synfin, 0, "Drop TCP packets with SYN+FIN set");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, drop_synfin,
CTLFLAG_RW, drop_synfin, 0, "Drop TCP packets with SYN+FIN set");
static int tcp_do_rfc3042 = 1;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, rfc3042, CTLFLAG_RW,
&tcp_do_rfc3042, 0, "Enable RFC 3042 (Limited Transmit)");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, rfc3042, CTLFLAG_RW,
tcp_do_rfc3042, 0, "Enable RFC 3042 (Limited Transmit)");
static int tcp_do_rfc3390 = 1;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, rfc3390, CTLFLAG_RW,
&tcp_do_rfc3390, 0,
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, rfc3390, CTLFLAG_RW,
tcp_do_rfc3390, 0,
"Enable RFC 3390 (Increasing TCP's Initial Congestion Window)");
int tcp_do_ecn = 0;
int tcp_ecn_maxretries = 1;
SYSCTL_NODE(_net_inet_tcp, OID_AUTO, ecn, CTLFLAG_RW, 0, "TCP ECN");
SYSCTL_INT(_net_inet_tcp_ecn, OID_AUTO, enable, CTLFLAG_RW,
&tcp_do_ecn, 0, "TCP ECN support");
SYSCTL_INT(_net_inet_tcp_ecn, OID_AUTO, maxretries, CTLFLAG_RW,
&tcp_ecn_maxretries, 0, "Max retries before giving up on ECN");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_ecn, OID_AUTO, enable,
CTLFLAG_RW, tcp_do_ecn, 0, "TCP ECN support");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_ecn, OID_AUTO, maxretries,
CTLFLAG_RW, tcp_ecn_maxretries, 0, "Max retries before giving up on ECN");
static int tcp_insecure_rst = 0;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, insecure_rst, CTLFLAG_RW,
&tcp_insecure_rst, 0,
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, insecure_rst,
CTLFLAG_RW, tcp_insecure_rst, 0,
"Follow the old (insecure) criteria for accepting RST packets");
int tcp_do_autorcvbuf = 1;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, recvbuf_auto, CTLFLAG_RW,
&tcp_do_autorcvbuf, 0, "Enable automatic receive buffer sizing");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, recvbuf_auto,
CTLFLAG_RW, tcp_do_autorcvbuf, 0,
"Enable automatic receive buffer sizing");
int tcp_autorcvbuf_inc = 16*1024;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, recvbuf_inc, CTLFLAG_RW,
&tcp_autorcvbuf_inc, 0,
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, recvbuf_inc,
CTLFLAG_RW, tcp_autorcvbuf_inc, 0,
"Incrementor step size of automatic receive buffer");
int tcp_autorcvbuf_max = 256*1024;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, recvbuf_max, CTLFLAG_RW,
&tcp_autorcvbuf_max, 0, "Max size of automatic receive buffer");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, recvbuf_max,
CTLFLAG_RW, tcp_autorcvbuf_max, 0,
"Max size of automatic receive buffer");
struct inpcbhead tcb;
#define tcb6 tcb /* for KAME src sync over BSD*'s */
@ -225,6 +228,7 @@ do { \
int
tcp6_input(struct mbuf **mp, int *offp, int proto)
{
INIT_VNET_INET6(curvnet);
struct mbuf *m = *mp;
struct in6_ifaddr *ia6;
@ -252,6 +256,13 @@ tcp6_input(struct mbuf **mp, int *offp, int proto)
void
tcp_input(struct mbuf *m, int off0)
{
INIT_VNET_INET(curvnet);
#ifdef INET6
INIT_VNET_INET6(curvnet);
#endif
#ifdef IPSEC
INIT_VNET_IPSEC(curvnet);
#endif
struct tcphdr *th;
struct ip *ip = NULL;
struct ipovly *ipov;
@ -921,6 +932,7 @@ static void
tcp_do_segment(struct mbuf *m, struct tcphdr *th, struct socket *so,
struct tcpcb *tp, int drop_hdrlen, int tlen, uint8_t iptos)
{
INIT_VNET_INET(tp->t_vnet);
int thflags, acked, ourfinisacked, needoutput = 0;
int headlocked = 1;
int rstreason, todrop, win;
@ -2585,6 +2597,7 @@ drop:
static void
tcp_dooptions(struct tcpopt *to, u_char *cp, int cnt, int flags)
{
INIT_VNET_INET(curvnet);
int opt, optlen;
to->to_flags = 0;
@ -2712,6 +2725,7 @@ tcp_pulloutofband(struct socket *so, struct tcphdr *th, struct mbuf *m,
static void
tcp_xmit_timer(struct tcpcb *tp, int rtt)
{
INIT_VNET_INET(tp->t_inpcb->inp_vnet);
int delta;
INP_WLOCK_ASSERT(tp->t_inpcb);
@ -2817,6 +2831,7 @@ tcp_xmit_timer(struct tcpcb *tp, int rtt)
void
tcp_mss_update(struct tcpcb *tp, int offer, struct hc_metrics_lite *metricptr)
{
INIT_VNET_INET(tp->t_inpcb->inp_vnet);
int mss;
u_long maxmtu;
struct inpcb *inp = tp->t_inpcb;
@ -3100,6 +3115,7 @@ tcp_mss(struct tcpcb *tp, int offer)
int
tcp_mssopt(struct in_conninfo *inc)
{
INIT_VNET_INET(curvnet);
int mss = 0;
u_long maxmtu = 0;
u_long thcmtu = 0;

3
sys/netinet/tcp_offload.c
View File

@ -107,6 +107,7 @@ fail:
void
tcp_offload_twstart(struct tcpcb *tp)
{
INIT_VNET_INET(curvnet);
INP_INFO_WLOCK(&V_tcbinfo);
INP_WLOCK(tp->t_inpcb);
@ -117,6 +118,7 @@ tcp_offload_twstart(struct tcpcb *tp)
struct tcpcb *
tcp_offload_close(struct tcpcb *tp)
{
INIT_VNET_INET(curvnet);
INP_INFO_WLOCK(&V_tcbinfo);
INP_WLOCK(tp->t_inpcb);
@ -131,6 +133,7 @@ tcp_offload_close(struct tcpcb *tp)
struct tcpcb *
tcp_offload_drop(struct tcpcb *tp, int error)
{
INIT_VNET_INET(curvnet);
INP_INFO_WLOCK(&V_tcbinfo);
INP_WLOCK(tp->t_inpcb);

39
sys/netinet/tcp_output.c
View File

@ -88,36 +88,41 @@ extern struct mbuf *m_copypack();
#endif
int path_mtu_discovery = 1;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, path_mtu_discovery, CTLFLAG_RW,
&path_mtu_discovery, 1, "Enable Path MTU Discovery");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, path_mtu_discovery,
CTLFLAG_RW, path_mtu_discovery, 1, "Enable Path MTU Discovery");
int ss_fltsz = 1;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, slowstart_flightsize, CTLFLAG_RW,
&ss_fltsz, 1, "Slow start flight size");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO,
slowstart_flightsize, CTLFLAG_RW,
ss_fltsz, 1, "Slow start flight size");
int ss_fltsz_local = 4;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, local_slowstart_flightsize, CTLFLAG_RW,
&ss_fltsz_local, 1, "Slow start flight size for local networks");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO,
local_slowstart_flightsize, CTLFLAG_RW,
ss_fltsz_local, 1, "Slow start flight size for local networks");
int tcp_do_newreno = 1;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, newreno, CTLFLAG_RW,
&tcp_do_newreno, 0, "Enable NewReno Algorithms");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, newreno, CTLFLAG_RW,
tcp_do_newreno, 0, "Enable NewReno Algorithms");
int tcp_do_tso = 1;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, tso, CTLFLAG_RW,
&tcp_do_tso, 0, "Enable TCP Segmentation Offload");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, tso, CTLFLAG_RW,
tcp_do_tso, 0, "Enable TCP Segmentation Offload");
int tcp_do_autosndbuf = 1;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, sendbuf_auto, CTLFLAG_RW,
&tcp_do_autosndbuf, 0, "Enable automatic send buffer sizing");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, sendbuf_auto,
CTLFLAG_RW,
tcp_do_autosndbuf, 0, "Enable automatic send buffer sizing");
int tcp_autosndbuf_inc = 8*1024;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, sendbuf_inc, CTLFLAG_RW,
&tcp_autosndbuf_inc, 0, "Incrementor step size of automatic send buffer");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, sendbuf_inc,
CTLFLAG_RW, tcp_autosndbuf_inc, 0,
"Incrementor step size of automatic send buffer");
int tcp_autosndbuf_max = 256*1024;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, sendbuf_max, CTLFLAG_RW,
&tcp_autosndbuf_max, 0, "Max size of automatic send buffer");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, sendbuf_max,
CTLFLAG_RW, tcp_autosndbuf_max, 0,
"Max size of automatic send buffer");
/*
@ -126,6 +131,7 @@ SYSCTL_INT(_net_inet_tcp, OID_AUTO, sendbuf_max, CTLFLAG_RW,
int
tcp_output(struct tcpcb *tp)
{
INIT_VNET_INET(tp->t_inpcb->inp_vnet);
struct socket *so = tp->t_inpcb->inp_socket;
long len, recwin, sendwin;
int off, flags, error;
@ -1318,6 +1324,7 @@ tcp_setpersist(struct tcpcb *tp)
int
tcp_addoptions(struct tcpopt *to, u_char *optp)
{
INIT_VNET_INET(curvnet);
u_int mask, optlen = 0;
for (mask = 1; mask < TOF_MAXOPT; mask <<= 1) {

19
sys/netinet/tcp_reass.c
View File

@ -78,29 +78,30 @@ SYSCTL_NODE(_net_inet_tcp, OID_AUTO, reass, CTLFLAG_RW, 0,
"TCP Segment Reassembly Queue");
static int tcp_reass_maxseg = 0;
SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLFLAG_RDTUN,
&tcp_reass_maxseg, 0,
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_reass, OID_AUTO, maxsegments,
CTLFLAG_RDTUN, tcp_reass_maxseg, 0,
"Global maximum number of TCP Segments in Reassembly Queue");
int tcp_reass_qsize = 0;
SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, cursegments, CTLFLAG_RD,
&tcp_reass_qsize, 0,
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_reass, OID_AUTO, cursegments,
CTLFLAG_RD, tcp_reass_qsize, 0,
"Global number of TCP Segments currently in Reassembly Queue");
static int tcp_reass_maxqlen = 48;
SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, maxqlen, CTLFLAG_RW,
&tcp_reass_maxqlen, 0,
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_reass, OID_AUTO, maxqlen,
CTLFLAG_RW, tcp_reass_maxqlen, 0,
"Maximum number of TCP Segments per individual Reassembly Queue");
static int tcp_reass_overflows = 0;
SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, overflows, CTLFLAG_RD,
&tcp_reass_overflows, 0,
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_reass, OID_AUTO, overflows,
CTLFLAG_RD, tcp_reass_overflows, 0,
"Global number of TCP Segment Reassembly Queue Overflows");
/* Initialize TCP reassembly queue */
static void
tcp_reass_zone_change(void *tag)
{
INIT_VNET_INET(curvnet);
V_tcp_reass_maxseg = nmbclusters / 16;
uma_zone_set_max(tcp_reass_zone, V_tcp_reass_maxseg);
@ -111,6 +112,7 @@ uma_zone_t tcp_reass_zone;
void
tcp_reass_init(void)
{
INIT_VNET_INET(curvnet);
V_tcp_reass_maxseg = nmbclusters / 16;
TUNABLE_INT_FETCH("net.inet.tcp.reass.maxsegments",
@ -125,6 +127,7 @@ tcp_reass_init(void)
int
tcp_reass(struct tcpcb *tp, struct tcphdr *th, int *tlenp, struct mbuf *m)
{
INIT_VNET_INET(curvnet);
struct tseg_qent *q;
struct tseg_qent *p = NULL;
struct tseg_qent *nq;

18
sys/netinet/tcp_sack.c
View File

@ -126,23 +126,23 @@ extern struct uma_zone *sack_hole_zone;
SYSCTL_NODE(_net_inet_tcp, OID_AUTO, sack, CTLFLAG_RW, 0, "TCP SACK");
int tcp_do_sack = 1;
SYSCTL_INT(_net_inet_tcp_sack, OID_AUTO, enable, CTLFLAG_RW,
&tcp_do_sack, 0, "Enable/Disable TCP SACK support");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_sack, OID_AUTO, enable,
CTLFLAG_RW, tcp_do_sack, 0, "Enable/Disable TCP SACK support");
TUNABLE_INT("net.inet.tcp.sack.enable", &tcp_do_sack);
static int tcp_sack_maxholes = 128;
SYSCTL_INT(_net_inet_tcp_sack, OID_AUTO, maxholes, CTLFLAG_RW,
&tcp_sack_maxholes, 0,
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_sack, OID_AUTO, maxholes,
CTLFLAG_RW, tcp_sack_maxholes, 0,
"Maximum number of TCP SACK holes allowed per connection");
static int tcp_sack_globalmaxholes = 65536;
SYSCTL_INT(_net_inet_tcp_sack, OID_AUTO, globalmaxholes, CTLFLAG_RW,
&tcp_sack_globalmaxholes, 0,
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_sack, OID_AUTO, globalmaxholes,
CTLFLAG_RW, tcp_sack_globalmaxholes, 0,
"Global maximum number of TCP SACK holes");
static int tcp_sack_globalholes = 0;
SYSCTL_INT(_net_inet_tcp_sack, OID_AUTO, globalholes, CTLFLAG_RD,
&tcp_sack_globalholes, 0,
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_sack, OID_AUTO, globalholes,
CTLFLAG_RD, tcp_sack_globalholes, 0,
"Global number of TCP SACK holes currently allocated");
/*
@ -253,6 +253,7 @@ tcp_clean_sackreport(struct tcpcb *tp)
static struct sackhole *
tcp_sackhole_alloc(struct tcpcb *tp, tcp_seq start, tcp_seq end)
{
INIT_VNET_INET(tp->t_inpcb->inp_vnet);
struct sackhole *hole;
if (tp->snd_numholes >= V_tcp_sack_maxholes ||
@ -281,6 +282,7 @@ tcp_sackhole_alloc(struct tcpcb *tp, tcp_seq start, tcp_seq end)
static void
tcp_sackhole_free(struct tcpcb *tp, struct sackhole *hole)
{
INIT_VNET_INET(tp->t_vnet);
uma_zfree(sack_hole_zone, hole);

95
sys/netinet/tcp_subr.c
View File

@ -119,6 +119,7 @@ int tcp_v6mssdflt = TCP6_MSS;
static int
sysctl_net_inet_tcp_mss_check(SYSCTL_HANDLER_ARGS)
{
INIT_VNET_INET(TD_TO_VNET(curthread));
int error, new;
new = V_tcp_mssdflt;
@ -140,6 +141,7 @@ SYSCTL_PROC(_net_inet_tcp, TCPCTL_MSSDFLT, mssdflt, CTLTYPE_INT|CTLFLAG_RW,
static int
sysctl_net_inet_tcp_mss_v6_check(SYSCTL_HANDLER_ARGS)
{
INIT_VNET_INET6(TD_TO_VNET(curthread));
int error, new;
new = V_tcp_v6mssdflt;
@ -167,12 +169,13 @@ SYSCTL_PROC(_net_inet_tcp, TCPCTL_V6MSSDFLT, v6mssdflt, CTLTYPE_INT|CTLFLAG_RW,
* checking. This setting prevents us from sending too small packets.
*/
int tcp_minmss = TCP_MINMSS;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, minmss, CTLFLAG_RW,
&tcp_minmss , 0, "Minmum TCP Maximum Segment Size");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, minmss,
CTLFLAG_RW, tcp_minmss , 0, "Minmum TCP Maximum Segment Size");
int tcp_do_rfc1323 = 1;
SYSCTL_INT(_net_inet_tcp, TCPCTL_DO_RFC1323, rfc1323, CTLFLAG_RW,
&tcp_do_rfc1323, 0, "Enable rfc1323 (high performance TCP) extensions");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, TCPCTL_DO_RFC1323, rfc1323,
CTLFLAG_RW, tcp_do_rfc1323, 0,
"Enable rfc1323 (high performance TCP) extensions");
static int tcp_log_debug = 0;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, log_debug, CTLFLAG_RW,
@ -183,21 +186,21 @@ SYSCTL_INT(_net_inet_tcp, OID_AUTO, tcbhashsize, CTLFLAG_RDTUN,
&tcp_tcbhashsize, 0, "Size of TCP control-block hashtable");
static int do_tcpdrain = 1;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, do_tcpdrain, CTLFLAG_RW,
&do_tcpdrain, 0,
SYSCTL_INT(_net_inet_tcp, OID_AUTO, do_tcpdrain, CTLFLAG_RW, &do_tcpdrain, 0,
"Enable tcp_drain routine for extra help when low on mbufs");
SYSCTL_INT(_net_inet_tcp, OID_AUTO, pcbcount, CTLFLAG_RD,
&tcbinfo.ipi_count, 0, "Number of active PCBs");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, pcbcount,
CTLFLAG_RD, tcbinfo.ipi_count, 0, "Number of active PCBs");
static int icmp_may_rst = 1;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, icmp_may_rst, CTLFLAG_RW,
&icmp_may_rst, 0,
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, icmp_may_rst,
CTLFLAG_RW, icmp_may_rst, 0,
"Certain ICMP unreachable messages may abort connections in SYN_SENT");
static int tcp_isn_reseed_interval = 0;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, isn_reseed_interval, CTLFLAG_RW,
&tcp_isn_reseed_interval, 0, "Seconds between reseeding of ISN secret");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, isn_reseed_interval,
CTLFLAG_RW, tcp_isn_reseed_interval, 0,
"Seconds between reseeding of ISN secret");
/*
* TCP bandwidth limiting sysctls. Note that the default lower bound of
@ -208,8 +211,9 @@ SYSCTL_NODE(_net_inet_tcp, OID_AUTO, inflight, CTLFLAG_RW, 0,
"TCP inflight data limiting");
static int tcp_inflight_enable = 1;
SYSCTL_INT(_net_inet_tcp_inflight, OID_AUTO, enable, CTLFLAG_RW,
&tcp_inflight_enable, 0, "Enable automatic TCP inflight data limiting");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_inflight, OID_AUTO, enable,
CTLFLAG_RW, tcp_inflight_enable, 0,
"Enable automatic TCP inflight data limiting");
static int tcp_inflight_debug = 0;
SYSCTL_INT(_net_inet_tcp_inflight, OID_AUTO, debug, CTLFLAG_RW,
@ -221,16 +225,17 @@ SYSCTL_PROC(_net_inet_tcp_inflight, OID_AUTO, rttthresh, CTLTYPE_INT|CTLFLAG_RW,
"RTT threshold below which inflight will deactivate itself");
static int tcp_inflight_min = 6144;
SYSCTL_INT(_net_inet_tcp_inflight, OID_AUTO, min, CTLFLAG_RW,
&tcp_inflight_min, 0, "Lower-bound for TCP inflight window");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_inflight, OID_AUTO, min,
CTLFLAG_RW, tcp_inflight_min, 0, "Lower-bound for TCP inflight window");
static int tcp_inflight_max = TCP_MAXWIN << TCP_MAX_WINSHIFT;
SYSCTL_INT(_net_inet_tcp_inflight, OID_AUTO, max, CTLFLAG_RW,
&tcp_inflight_max, 0, "Upper-bound for TCP inflight window");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_inflight, OID_AUTO, max,
CTLFLAG_RW, tcp_inflight_max, 0, "Upper-bound for TCP inflight window");
static int tcp_inflight_stab = 20;
SYSCTL_INT(_net_inet_tcp_inflight, OID_AUTO, stab, CTLFLAG_RW,
&tcp_inflight_stab, 0, "Inflight Algorithm Stabilization 20 = 2 packets");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_inflight, OID_AUTO, stab,
CTLFLAG_RW, tcp_inflight_stab, 0,
"Inflight Algorithm Stabilization 20 = 2 packets");
uma_zone_t sack_hole_zone;
@ -291,6 +296,7 @@ tcp_inpcb_init(void *mem, int size, int flags)
void
tcp_init(void)
{
INIT_VNET_INET(curvnet);
int hashsize = TCBHASHSIZE;
tcp_delacktime = TCPTV_DELACK;
@ -450,6 +456,7 @@ void
tcp_respond(struct tcpcb *tp, void *ipgen, struct tcphdr *th, struct mbuf *m,
tcp_seq ack, tcp_seq seq, int flags)
{
INIT_VNET_INET(curvnet);
int tlen;
int win = 0;
struct ip *ip;
@ -620,6 +627,7 @@ tcp_respond(struct tcpcb *tp, void *ipgen, struct tcphdr *th, struct mbuf *m,
struct tcpcb *
tcp_newtcpcb(struct inpcb *inp)
{
INIT_VNET_INET(inp->inp_vnet);
struct tcpcb_mem *tm;
struct tcpcb *tp;
#ifdef INET6
@ -683,6 +691,7 @@ tcp_newtcpcb(struct inpcb *inp)
struct tcpcb *
tcp_drop(struct tcpcb *tp, int errno)
{
INIT_VNET_INET(tp->t_inpcb->inp_vnet);
struct socket *so = tp->t_inpcb->inp_socket;
INP_INFO_WLOCK_ASSERT(&V_tcbinfo);
@ -703,6 +712,7 @@ tcp_drop(struct tcpcb *tp, int errno)
void
tcp_discardcb(struct tcpcb *tp)
{
INIT_VNET_INET(tp->t_vnet);
struct tseg_qent *q;
struct inpcb *inp = tp->t_inpcb;
struct socket *so = inp->inp_socket;
@ -804,6 +814,7 @@ tcp_discardcb(struct tcpcb *tp)
struct tcpcb *
tcp_close(struct tcpcb *tp)
{
INIT_VNET_INET(tp->t_inpcb->inp_vnet);
struct inpcb *inp = tp->t_inpcb;
struct socket *so;
@ -835,8 +846,15 @@ tcp_close(struct tcpcb *tp)
void
tcp_drain(void)
{
VNET_ITERATOR_DECL(vnet_iter);
if (do_tcpdrain) {
if (!do_tcpdrain)
return;
VNET_LIST_RLOCK();
VNET_FOREACH(vnet_iter) {
CURVNET_SET(vnet_iter);
INIT_VNET_INET(vnet_iter);
struct inpcb *inpb;
struct tcpcb *tcpb;
struct tseg_qent *te;
@ -868,7 +886,9 @@ tcp_drain(void)
INP_WUNLOCK(inpb);
}
INP_INFO_RUNLOCK(&V_tcbinfo);
CURVNET_RESTORE();
}
VNET_LIST_RUNLOCK();
}
/*
@ -926,6 +946,7 @@ tcp_notify(struct inpcb *inp, int error)
static int
tcp_pcblist(SYSCTL_HANDLER_ARGS)
{
INIT_VNET_INET(curvnet);
int error, i, m, n, pcb_count;
struct inpcb *inp, **inp_list;
inp_gen_t gencnt;
@ -1062,6 +1083,7 @@ SYSCTL_PROC(_net_inet_tcp, TCPCTL_PCBLIST, pcblist, CTLFLAG_RD, 0, 0,
static int
tcp_getcred(SYSCTL_HANDLER_ARGS)
{
INIT_VNET_INET(curvnet);
struct xucred xuc;
struct sockaddr_in addrs[2];
struct inpcb *inp;
@ -1104,6 +1126,8 @@ SYSCTL_PROC(_net_inet_tcp, OID_AUTO, getcred,
static int
tcp6_getcred(SYSCTL_HANDLER_ARGS)
{
INIT_VNET_INET(curvnet);
INIT_VNET_INET6(curvnet);
struct xucred xuc;
struct sockaddr_in6 addrs[2];
struct inpcb *inp;
@ -1167,6 +1191,7 @@ SYSCTL_PROC(_net_inet6_tcp6, OID_AUTO, getcred,
void
tcp_ctlinput(int cmd, struct sockaddr *sa, void *vip)
{
INIT_VNET_INET(curvnet);
struct ip *ip = vip;
struct tcphdr *th;
struct in_addr faddr;
@ -1286,6 +1311,7 @@ tcp_ctlinput(int cmd, struct sockaddr *sa, void *vip)
void
tcp6_ctlinput(int cmd, struct sockaddr *sa, void *d)
{
INIT_VNET_INET(curvnet);
struct tcphdr th;
struct inpcb *(*notify)(struct inpcb *, int) = tcp_notify;
struct ip6_hdr *ip6;
@ -1414,6 +1440,7 @@ static MD5_CTX isn_ctx;
tcp_seq
tcp_new_isn(struct tcpcb *tp)
{
INIT_VNET_INET(tp->t_vnet);
u_int32_t md5_buffer[4];
tcp_seq new_isn;
@ -1464,15 +1491,24 @@ tcp_new_isn(struct tcpcb *tp)
static void
tcp_isn_tick(void *xtp)
{
VNET_ITERATOR_DECL(vnet_iter);
u_int32_t projected_offset;
ISN_LOCK();
projected_offset = V_isn_offset_old + ISN_BYTES_PER_SECOND / 100;
VNET_LIST_RLOCK();
VNET_FOREACH(vnet_iter) {
CURVNET_SET(vnet_iter); /* XXX appease INVARIANTS */
INIT_VNET_INET(curvnet);
projected_offset =
V_isn_offset_old + ISN_BYTES_PER_SECOND / 100;
if (SEQ_GT(projected_offset, V_isn_offset))
V_isn_offset = projected_offset;
if (SEQ_GT(projected_offset, V_isn_offset))
V_isn_offset = projected_offset;
V_isn_offset_old = V_isn_offset;
V_isn_offset_old = V_isn_offset;
CURVNET_RESTORE();
}
VNET_LIST_RUNLOCK();
callout_reset(&isn_callout, hz/100, tcp_isn_tick, NULL);
ISN_UNLOCK();
}
@ -1485,6 +1521,9 @@ tcp_isn_tick(void *xtp)
struct inpcb *
tcp_drop_syn_sent(struct inpcb *inp, int errno)
{
#ifdef INVARIANTS
INIT_VNET_INET(inp->inp_vnet);
#endif
struct tcpcb *tp;
INP_INFO_WLOCK_ASSERT(&V_tcbinfo);
@ -1514,6 +1553,7 @@ tcp_drop_syn_sent(struct inpcb *inp, int errno)
struct inpcb *
tcp_mtudisc(struct inpcb *inp, int errno)
{
INIT_VNET_INET(inp->inp_vnet);
struct tcpcb *tp;
struct socket *so;
@ -1720,6 +1760,7 @@ ipsec_hdrsiz_tcp(struct tcpcb *tp)
void
tcp_xmit_bandwidth_limit(struct tcpcb *tp, tcp_seq ack_seq)
{
INIT_VNET_INET(tp->t_vnet);
u_long bw;
u_long bwnd;
int save_ticks;
@ -2008,6 +2049,10 @@ tcp_signature_compute(struct mbuf *m, int _unused, int len, int optlen,
static int
sysctl_drop(SYSCTL_HANDLER_ARGS)
{
INIT_VNET_INET(curvnet);
#ifdef INET6
INIT_VNET_INET6(curvnet);
#endif
/* addrs[0] is a foreign socket, addrs[1] is a local one. */
struct sockaddr_storage addrs[2];
struct inpcb *inp;

49
sys/netinet/tcp_syncache.c
View File

@ -146,24 +146,30 @@ static struct tcp_syncache tcp_syncache;
SYSCTL_NODE(_net_inet_tcp, OID_AUTO, syncache, CTLFLAG_RW, 0, "TCP SYN cache");
SYSCTL_INT(_net_inet_tcp_syncache, OID_AUTO, bucketlimit, CTLFLAG_RDTUN,
&tcp_syncache.bucket_limit, 0, "Per-bucket hash limit for syncache");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO,
bucketlimit, CTLFLAG_RDTUN,
tcp_syncache.bucket_limit, 0, "Per-bucket hash limit for syncache");
SYSCTL_INT(_net_inet_tcp_syncache, OID_AUTO, cachelimit, CTLFLAG_RDTUN,
&tcp_syncache.cache_limit, 0, "Overall entry limit for syncache");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO,
cachelimit, CTLFLAG_RDTUN,
tcp_syncache.cache_limit, 0, "Overall entry limit for syncache");
SYSCTL_INT(_net_inet_tcp_syncache, OID_AUTO, count, CTLFLAG_RD,
&tcp_syncache.cache_count, 0, "Current number of entries in syncache");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO,
count, CTLFLAG_RD,
tcp_syncache.cache_count, 0, "Current number of entries in syncache");
SYSCTL_INT(_net_inet_tcp_syncache, OID_AUTO, hashsize, CTLFLAG_RDTUN,
&tcp_syncache.hashsize, 0, "Size of TCP syncache hashtable");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO,
hashsize, CTLFLAG_RDTUN,
tcp_syncache.hashsize, 0, "Size of TCP syncache hashtable");
SYSCTL_INT(_net_inet_tcp_syncache, OID_AUTO, rexmtlimit, CTLFLAG_RW,
&tcp_syncache.rexmt_limit, 0, "Limit on SYN/ACK retransmissions");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO,
rexmtlimit, CTLFLAG_RW,
tcp_syncache.rexmt_limit, 0, "Limit on SYN/ACK retransmissions");
int tcp_sc_rst_sock_fail = 1;
SYSCTL_INT(_net_inet_tcp_syncache, OID_AUTO, rst_on_sock_fail, CTLFLAG_RW,
&tcp_sc_rst_sock_fail, 0, "Send reset on socket allocation failure");
SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_syncache, OID_AUTO,
rst_on_sock_fail, CTLFLAG_RW,
tcp_sc_rst_sock_fail, 0, "Send reset on socket allocation failure");
static MALLOC_DEFINE(M_SYNCACHE, "syncache", "TCP syncache");
@ -198,6 +204,8 @@ static MALLOC_DEFINE(M_SYNCACHE, "syncache", "TCP syncache");
static void
syncache_free(struct syncache *sc)
{
INIT_VNET_INET(curvnet);
if (sc->sc_ipopts)
(void) m_free(sc->sc_ipopts);
if (sc->sc_cred)
@ -212,6 +220,7 @@ syncache_free(struct syncache *sc)
void
syncache_init(void)
{
INIT_VNET_INET(curvnet);
int i;
V_tcp_syncache.cache_count = 0;
@ -265,6 +274,7 @@ syncache_init(void)
static void
syncache_insert(struct syncache *sc, struct syncache_head *sch)
{
INIT_VNET_INET(sch->sch_vnet);
struct syncache *sc2;
SCH_LOCK(sch);
@ -303,6 +313,7 @@ syncache_insert(struct syncache *sc, struct syncache_head *sch)
static void
syncache_drop(struct syncache *sc, struct syncache_head *sch)
{
INIT_VNET_INET(sch->sch_vnet);
SCH_LOCK_ASSERT(sch);
@ -343,6 +354,7 @@ static void
syncache_timer(void *xsch)
{
struct syncache_head *sch = (struct syncache_head *)xsch;
INIT_VNET_INET(sch->sch_vnet);
struct syncache *sc, *nsc;
int tick = ticks;
char *s;
@ -404,6 +416,7 @@ syncache_timer(void *xsch)
struct syncache *
syncache_lookup(struct in_conninfo *inc, struct syncache_head **schp)
{
INIT_VNET_INET(curvnet);
struct syncache *sc;
struct syncache_head *sch;
@ -451,6 +464,7 @@ syncache_lookup(struct in_conninfo *inc, struct syncache_head **schp)
void
syncache_chkrst(struct in_conninfo *inc, struct tcphdr *th)
{
INIT_VNET_INET(curvnet);
struct syncache *sc;
struct syncache_head *sch;
char *s = NULL;
@ -525,6 +539,7 @@ done:
void
syncache_badack(struct in_conninfo *inc)
{
INIT_VNET_INET(curvnet);
struct syncache *sc;
struct syncache_head *sch;
@ -540,6 +555,7 @@ syncache_badack(struct in_conninfo *inc)
void
syncache_unreach(struct in_conninfo *inc, struct tcphdr *th)
{
INIT_VNET_INET(curvnet);
struct syncache *sc;
struct syncache_head *sch;
@ -576,6 +592,7 @@ done:
static struct socket *
syncache_socket(struct syncache *sc, struct socket *lso, struct mbuf *m)
{
INIT_VNET_INET(lso->so_vnet);
struct inpcb *inp = NULL;
struct socket *so;
struct tcpcb *tp;
@ -788,6 +805,7 @@ int
syncache_expand(struct in_conninfo *inc, struct tcpopt *to, struct tcphdr *th,
struct socket **lsop, struct mbuf *m)
{
INIT_VNET_INET(curvnet);
struct syncache *sc;
struct syncache_head *sch;
struct syncache scs;
@ -933,6 +951,7 @@ _syncache_add(struct in_conninfo *inc, struct tcpopt *to, struct tcphdr *th,
struct inpcb *inp, struct socket **lsop, struct mbuf *m,
struct toe_usrreqs *tu, void *toepcb)
{
INIT_VNET_INET(inp->inp_vnet);
struct tcpcb *tp;
struct socket *so;
struct syncache *sc = NULL;
@ -1231,6 +1250,7 @@ done:
static int
syncache_respond(struct syncache *sc)
{
INIT_VNET_INET(curvnet);
struct ip *ip = NULL;
struct mbuf *m;
struct tcphdr *th;
@ -1400,6 +1420,7 @@ tcp_offload_syncache_add(struct in_conninfo *inc, struct tcpopt *to,
struct tcphdr *th, struct inpcb *inp, struct socket **lsop,
struct toe_usrreqs *tu, void *toepcb)
{
INIT_VNET_INET(curvnet);
INP_INFO_WLOCK(&V_tcbinfo);
INP_WLOCK(inp);
@ -1488,6 +1509,7 @@ static void
syncookie_generate(struct syncache_head *sch, struct syncache *sc,
u_int32_t *flowlabel)
{
INIT_VNET_INET(curvnet);
MD5_CTX ctx;
u_int32_t md5_buffer[MD5_DIGEST_LENGTH / sizeof(u_int32_t)];
u_int32_t data;
@ -1563,6 +1585,7 @@ syncookie_lookup(struct in_conninfo *inc, struct syncache_head *sch,
struct syncache *sc, struct tcpopt *to, struct tcphdr *th,
struct socket *so)
{
INIT_VNET_INET(curvnet);
MD5_CTX ctx;
u_int32_t md5_buffer[MD5_DIGEST_LENGTH / sizeof(u_int32_t)];
u_int32_t data = 0;
@ -1670,6 +1693,7 @@ syncookie_lookup(struct in_conninfo *inc, struct syncache_head *sch,
int
syncache_pcbcount(void)
{
INIT_VNET_INET(curvnet);
struct syncache_head *sch;
int count, i;
@ -1693,6 +1717,7 @@ syncache_pcbcount(void)
int
syncache_pcblist(struct sysctl_req *req, int max_pcbs, int *pcbs_exported)
{
INIT_VNET_INET(curvnet);
struct xtcpcb xt;
struct syncache *sc;
struct syncache_head *sch;

42
sys/netinet/tcp_timer.c
View File

@ -124,11 +124,19 @@ int tcp_maxidle;
void
tcp_slowtimo(void)
{
VNET_ITERATOR_DECL(vnet_iter);
tcp_maxidle = tcp_keepcnt * tcp_keepintvl;
INP_INFO_WLOCK(&V_tcbinfo);
(void) tcp_tw_2msl_scan(0);
INP_INFO_WUNLOCK(&V_tcbinfo);
VNET_LIST_RLOCK();
VNET_FOREACH(vnet_iter) {
CURVNET_SET(vnet_iter);
INIT_VNET_INET(vnet_iter);
tcp_maxidle = tcp_keepcnt * tcp_keepintvl;
INP_INFO_WLOCK(&V_tcbinfo);
(void) tcp_tw_2msl_scan(0);
INP_INFO_WUNLOCK(&V_tcbinfo);
CURVNET_RESTORE();
}
VNET_LIST_RUNLOCK();
}
int tcp_syn_backoff[TCP_MAXRXTSHIFT + 1] =
@ -152,6 +160,8 @@ tcp_timer_delack(void *xtp)
{
struct tcpcb *tp = xtp;
struct inpcb *inp;
CURVNET_SET(tp->t_vnet);
INIT_VNET_INET(tp->t_vnet);
INP_INFO_RLOCK(&V_tcbinfo);
inp = tp->t_inpcb;
@ -165,6 +175,7 @@ tcp_timer_delack(void *xtp)
if (inp == NULL) {
tcp_timer_race++;
INP_INFO_RUNLOCK(&V_tcbinfo);
CURVNET_RESTORE();
return;
}
INP_WLOCK(inp);
@ -172,6 +183,7 @@ tcp_timer_delack(void *xtp)
if ((inp->inp_vflag & INP_DROPPED) || callout_pending(&tp->t_timers->tt_delack)
|| !callout_active(&tp->t_timers->tt_delack)) {
INP_WUNLOCK(inp);
CURVNET_RESTORE();
return;
}
callout_deactivate(&tp->t_timers->tt_delack);
@ -180,6 +192,7 @@ tcp_timer_delack(void *xtp)
V_tcpstat.tcps_delack++;
(void) tcp_output(tp);
INP_WUNLOCK(inp);
CURVNET_RESTORE();
}
void
@ -187,6 +200,8 @@ tcp_timer_2msl(void *xtp)
{
struct tcpcb *tp = xtp;
struct inpcb *inp;
CURVNET_SET(tp->t_vnet);
INIT_VNET_INET(tp->t_vnet);
#ifdef TCPDEBUG
int ostate;
@ -207,6 +222,7 @@ tcp_timer_2msl(void *xtp)
if (inp == NULL) {
tcp_timer_race++;
INP_INFO_WUNLOCK(&V_tcbinfo);
CURVNET_RESTORE();
return;
}
INP_WLOCK(inp);
@ -215,6 +231,7 @@ tcp_timer_2msl(void *xtp)
!callout_active(&tp->t_timers->tt_2msl)) {
INP_WUNLOCK(tp->t_inpcb);
INP_INFO_WUNLOCK(&V_tcbinfo);
CURVNET_RESTORE();
return;
}
callout_deactivate(&tp->t_timers->tt_2msl);
@ -250,6 +267,7 @@ tcp_timer_2msl(void *xtp)
if (tp != NULL)
INP_WUNLOCK(inp);
INP_INFO_WUNLOCK(&V_tcbinfo);
CURVNET_RESTORE();
}
void
@ -258,6 +276,8 @@ tcp_timer_keep(void *xtp)
struct tcpcb *tp = xtp;
struct tcptemp *t_template;
struct inpcb *inp;
CURVNET_SET(tp->t_vnet);
INIT_VNET_INET(tp->t_vnet);
#ifdef TCPDEBUG
int ostate;
@ -275,6 +295,7 @@ tcp_timer_keep(void *xtp)
if (inp == NULL) {
tcp_timer_race++;
INP_INFO_WUNLOCK(&V_tcbinfo);
CURVNET_RESTORE();
return;
}
INP_WLOCK(inp);
@ -282,6 +303,7 @@ tcp_timer_keep(void *xtp)
|| !callout_active(&tp->t_timers->tt_keep)) {
INP_WUNLOCK(inp);
INP_INFO_WUNLOCK(&V_tcbinfo);
CURVNET_RESTORE();
return;
}
callout_deactivate(&tp->t_timers->tt_keep);
@ -327,6 +349,7 @@ tcp_timer_keep(void *xtp)
#endif
INP_WUNLOCK(inp);
INP_INFO_WUNLOCK(&V_tcbinfo);
CURVNET_RESTORE();
return;
dropit:
@ -341,6 +364,7 @@ dropit:
if (tp != NULL)
INP_WUNLOCK(tp->t_inpcb);
INP_INFO_WUNLOCK(&V_tcbinfo);
CURVNET_RESTORE();
}
void
@ -348,6 +372,8 @@ tcp_timer_persist(void *xtp)
{
struct tcpcb *tp = xtp;
struct inpcb *inp;
CURVNET_SET(tp->t_vnet);
INIT_VNET_INET(tp->t_vnet);
#ifdef TCPDEBUG
int ostate;
@ -365,6 +391,7 @@ tcp_timer_persist(void *xtp)
if (inp == NULL) {
tcp_timer_race++;
INP_INFO_WUNLOCK(&V_tcbinfo);
CURVNET_RESTORE();
return;
}
INP_WLOCK(inp);
@ -372,6 +399,7 @@ tcp_timer_persist(void *xtp)
|| !callout_active(&tp->t_timers->tt_persist)) {
INP_WUNLOCK(inp);
INP_INFO_WUNLOCK(&V_tcbinfo);
CURVNET_RESTORE();
return;
}
callout_deactivate(&tp->t_timers->tt_persist);
@ -407,12 +435,15 @@ out:
if (tp != NULL)
INP_WUNLOCK(inp);
INP_INFO_WUNLOCK(&V_tcbinfo);
CURVNET_RESTORE();
}
void
tcp_timer_rexmt(void * xtp)
{
struct tcpcb *tp = xtp;
CURVNET_SET(tp->t_vnet);
INIT_VNET_INET(tp->t_vnet);
int rexmt;
int headlocked;
struct inpcb *inp;
@ -434,6 +465,7 @@ tcp_timer_rexmt(void * xtp)
if (inp == NULL) {
tcp_timer_race++;
INP_INFO_WUNLOCK(&V_tcbinfo);
CURVNET_RESTORE();
return;
}
INP_WLOCK(inp);
@ -441,6 +473,7 @@ tcp_timer_rexmt(void * xtp)
|| !callout_active(&tp->t_timers->tt_rexmt)) {
INP_WUNLOCK(inp);
INP_INFO_WUNLOCK(&V_tcbinfo);
CURVNET_RESTORE();
return;
}
callout_deactivate(&tp->t_timers->tt_rexmt);
@ -564,6 +597,7 @@ out:
INP_WUNLOCK(inp);
if (headlocked)
INP_INFO_WUNLOCK(&V_tcbinfo);
CURVNET_RESTORE();
}
void

14
sys/netinet/tcp_timewait.c
View File

@ -110,6 +110,7 @@ static void tcp_tw_2msl_stop(struct tcptw *);
static int
tcptw_auto_size(void)
{
INIT_VNET_INET(curvnet);
int halfrange;
/*
@ -162,6 +163,7 @@ tcp_tw_zone_change(void)
void
tcp_tw_init(void)
{
INIT_VNET_INET(curvnet);
tcptw_zone = uma_zcreate("tcptw", sizeof(struct tcptw),
NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE);
@ -181,6 +183,9 @@ tcp_tw_init(void)
void
tcp_twstart(struct tcpcb *tp)
{
#if defined(INVARIANTS) || defined(INVARIANT_SUPPORT)
INIT_VNET_INET(tp->t_vnet);
#endif
struct tcptw *tw;
struct inpcb *inp = tp->t_inpcb;
int acknow;
@ -296,6 +301,7 @@ tcp_twstart(struct tcpcb *tp)
int
tcp_twrecycleable(struct tcptw *tw)
{
INIT_VNET_INET(curvnet);
tcp_seq new_iss = tw->iss;
tcp_seq new_irs = tw->irs;
@ -318,6 +324,9 @@ int
tcp_twcheck(struct inpcb *inp, struct tcpopt *to, struct tcphdr *th,
struct mbuf *m, int tlen)
{
#if defined(INVARIANTS) || defined(INVARIANT_SUPPORT)
INIT_VNET_INET(curvnet);
#endif
struct tcptw *tw;
int thflags;
tcp_seq seq;
@ -454,6 +463,7 @@ drop:
void
tcp_twclose(struct tcptw *tw, int reuse)
{
INIT_VNET_INET(curvnet);
struct socket *so;
struct inpcb *inp;
@ -521,6 +531,7 @@ tcp_twclose(struct tcptw *tw, int reuse)
int
tcp_twrespond(struct tcptw *tw, int flags)
{
INIT_VNET_INET(curvnet);
struct inpcb *inp = tw->tw_inpcb;
struct tcphdr *th;
struct mbuf *m;
@ -614,6 +625,7 @@ tcp_twrespond(struct tcptw *tw, int flags)
static void
tcp_tw_2msl_reset(struct tcptw *tw, int rearm)
{
INIT_VNET_INET(curvnet);
INP_INFO_WLOCK_ASSERT(&V_tcbinfo);
INP_WLOCK_ASSERT(tw->tw_inpcb);
@ -626,6 +638,7 @@ tcp_tw_2msl_reset(struct tcptw *tw, int rearm)
static void
tcp_tw_2msl_stop(struct tcptw *tw)
{
INIT_VNET_INET(curvnet);
INP_INFO_WLOCK_ASSERT(&V_tcbinfo);
TAILQ_REMOVE(&V_twq_2msl, tw, tw_2msl);
@ -634,6 +647,7 @@ tcp_tw_2msl_stop(struct tcptw *tw)
struct tcptw *
tcp_tw_2msl_scan(int reuse)
{
INIT_VNET_INET(curvnet);
struct tcptw *tw;
INP_INFO_WLOCK_ASSERT(&V_tcbinfo);

26
sys/netinet/tcp_usrreq.c
View File

@ -159,6 +159,9 @@ tcp_detach(struct socket *so, struct inpcb *inp)
#ifdef INET6
int isipv6 = INP_CHECK_SOCKAF(so, AF_INET6) != 0;
#endif
#ifdef INVARIANTS
INIT_VNET_INET(so->so_vnet);
#endif
INP_INFO_WLOCK_ASSERT(&V_tcbinfo);
INP_WLOCK_ASSERT(inp);
@ -249,6 +252,7 @@ tcp_detach(struct socket *so, struct inpcb *inp)
static void
tcp_usr_detach(struct socket *so)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
inp = sotoinpcb(so);
@ -267,6 +271,7 @@ tcp_usr_detach(struct socket *so)
static int
tcp_usr_bind(struct socket *so, struct sockaddr *nam, struct thread *td)
{
INIT_VNET_INET(so->so_vnet);
int error = 0;
struct inpcb *inp;
struct tcpcb *tp = NULL;
@ -307,6 +312,7 @@ out:
static int
tcp6_usr_bind(struct socket *so, struct sockaddr *nam, struct thread *td)
{
INIT_VNET_INET(so->so_vnet);
int error = 0;
struct inpcb *inp;
struct tcpcb *tp = NULL;
@ -365,6 +371,7 @@ out:
static int
tcp_usr_listen(struct socket *so, int backlog, struct thread *td)
{
INIT_VNET_INET(so->so_vnet);
int error = 0;
struct inpcb *inp;
struct tcpcb *tp = NULL;
@ -402,6 +409,7 @@ out:
static int
tcp6_usr_listen(struct socket *so, int backlog, struct thread *td)
{
INIT_VNET_INET(so->so_vnet);
int error = 0;
struct inpcb *inp;
struct tcpcb *tp = NULL;
@ -449,6 +457,7 @@ out:
static int
tcp_usr_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
{
INIT_VNET_INET(so->so_vnet);
int error = 0;
struct inpcb *inp;
struct tcpcb *tp = NULL;
@ -491,6 +500,7 @@ out:
static int
tcp6_usr_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
{
INIT_VNET_INET(so->so_vnet);
int error = 0;
struct inpcb *inp;
struct tcpcb *tp = NULL;
@ -563,6 +573,7 @@ out:
static int
tcp_usr_disconnect(struct socket *so)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
struct tcpcb *tp = NULL;
int error = 0;
@ -594,6 +605,7 @@ out:
static int
tcp_usr_accept(struct socket *so, struct sockaddr **nam)
{
INIT_VNET_INET(so->so_vnet);
int error = 0;
struct inpcb *inp = NULL;
struct tcpcb *tp = NULL;
@ -691,6 +703,7 @@ out:
static int
tcp_usr_shutdown(struct socket *so)
{
INIT_VNET_INET(so->so_vnet);
int error = 0;
struct inpcb *inp;
struct tcpcb *tp = NULL;
@ -757,6 +770,7 @@ static int
tcp_usr_send(struct socket *so, int flags, struct mbuf *m,
struct sockaddr *nam, struct mbuf *control, struct thread *td)
{
INIT_VNET_INET(so->so_vnet);
int error = 0;
struct inpcb *inp;
struct tcpcb *tp = NULL;
@ -912,6 +926,7 @@ out:
static void
tcp_usr_abort(struct socket *so)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
struct tcpcb *tp = NULL;
TCPDEBUG0;
@ -950,6 +965,7 @@ tcp_usr_abort(struct socket *so)
static void
tcp_usr_close(struct socket *so)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
struct tcpcb *tp = NULL;
TCPDEBUG0;
@ -1082,6 +1098,7 @@ tcp_connect(struct tcpcb *tp, struct sockaddr *nam, struct thread *td)
{
struct inpcb *inp = tp->t_inpcb, *oinp;
struct socket *so = inp->inp_socket;
INIT_VNET_INET(so->so_vnet);
struct in_addr laddr;
u_short lport;
int error;
@ -1137,6 +1154,7 @@ tcp6_connect(struct tcpcb *tp, struct sockaddr *nam, struct thread *td)
{
struct inpcb *inp = tp->t_inpcb, *oinp;
struct socket *so = inp->inp_socket;
INIT_VNET_INET(so->so_vnet);
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam;
struct in6_addr *addr6;
int error;
@ -1258,6 +1276,7 @@ tcp_fill_info(struct tcpcb *tp, struct tcp_info *ti)
int
tcp_ctloutput(struct socket *so, struct sockopt *sopt)
{
INIT_VNET_INET(so->so_vnet);
int error, opt, optval;
struct inpcb *inp;
struct tcpcb *tp;
@ -1445,6 +1464,7 @@ SYSCTL_ULONG(_net_inet_tcp, TCPCTL_RECVSPACE, recvspace, CTLFLAG_RW,
static int
tcp_attach(struct socket *so)
{
INIT_VNET_INET(so->so_vnet);
struct tcpcb *tp;
struct inpcb *inp;
int error;
@ -1509,6 +1529,9 @@ tcp_disconnect(struct tcpcb *tp)
{
struct inpcb *inp = tp->t_inpcb;
struct socket *so = inp->inp_socket;
#ifdef INVARIANTS
INIT_VNET_INET(so->so_vnet);
#endif
INP_INFO_WLOCK_ASSERT(&V_tcbinfo);
INP_WLOCK_ASSERT(inp);
@ -1547,6 +1570,9 @@ tcp_disconnect(struct tcpcb *tp)
static void
tcp_usrclosed(struct tcpcb *tp)
{
#ifdef INVARIANTS
INIT_VNET_INET(tp->t_inpcb->inp_vnet);
#endif
INP_INFO_WLOCK_ASSERT(&V_tcbinfo);
INP_WLOCK_ASSERT(tp->t_inpcb);

20
sys/netinet/udp_usrreq.c
View File

@ -137,8 +137,9 @@ struct inpcbinfo udbinfo;
#endif
struct udpstat udpstat; /* from udp_var.h */
SYSCTL_STRUCT(_net_inet_udp, UDPCTL_STATS, stats, CTLFLAG_RW, &udpstat,
udpstat, "UDP statistics (struct udpstat, netinet/udp_var.h)");
SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_udp, UDPCTL_STATS, stats,
CTLFLAG_RW, udpstat, udpstat,
"UDP statistics (struct udpstat, netinet/udp_var.h)");
static void udp_detach(struct socket *so);
static int udp_output(struct inpcb *, struct mbuf *, struct sockaddr *,
@ -164,6 +165,7 @@ udp_inpcb_init(void *mem, int size, int flags)
void
udp_init(void)
{
INIT_VNET_INET(curvnet);
INP_INFO_LOCK_INIT(&V_udbinfo, "udp");
LIST_INIT(&V_udb);
@ -202,6 +204,7 @@ udp_append(struct inpcb *inp, struct ip *ip, struct mbuf *n, int off,
#ifdef IPSEC
/* Check AH/ESP integrity. */
if (ipsec4_in_reject(n, inp)) {
INIT_VNET_IPSEC(curvnet);
m_freem(n);
V_ipsec4stat.in_polvio++;
return;
@ -237,6 +240,7 @@ udp_append(struct inpcb *inp, struct ip *ip, struct mbuf *n, int off,
so = inp->inp_socket;
SOCKBUF_LOCK(&so->so_rcv);
if (sbappendaddr_locked(&so->so_rcv, append_sa, n, opts) == 0) {
INIT_VNET_INET(so->so_vnet);
SOCKBUF_UNLOCK(&so->so_rcv);
m_freem(n);
if (opts)
@ -249,6 +253,7 @@ udp_append(struct inpcb *inp, struct ip *ip, struct mbuf *n, int off,
void
udp_input(struct mbuf *m, int off)
{
INIT_VNET_INET(curvnet);
int iphlen = off;
struct ip *ip;
struct udphdr *uh;
@ -586,6 +591,7 @@ udp_notify(struct inpcb *inp, int errno)
void
udp_ctlinput(int cmd, struct sockaddr *sa, void *vip)
{
INIT_VNET_INET(curvnet);
struct ip *ip = vip;
struct udphdr *uh;
struct in_addr faddr;
@ -632,6 +638,7 @@ udp_ctlinput(int cmd, struct sockaddr *sa, void *vip)
static int
udp_pcblist(SYSCTL_HANDLER_ARGS)
{
INIT_VNET_INET(curvnet);
int error, i, n;
struct inpcb *inp, **inp_list;
inp_gen_t gencnt;
@ -730,6 +737,7 @@ SYSCTL_PROC(_net_inet_udp, UDPCTL_PCBLIST, pcblist, CTLFLAG_RD, 0, 0,
static int
udp_getcred(SYSCTL_HANDLER_ARGS)
{
INIT_VNET_INET(curvnet);
struct xucred xuc;
struct sockaddr_in addrs[2];
struct inpcb *inp;
@ -772,6 +780,7 @@ static int
udp_output(struct inpcb *inp, struct mbuf *m, struct sockaddr *addr,
struct mbuf *control, struct thread *td)
{
INIT_VNET_INET(inp->inp_vnet);
struct udpiphdr *ui;
int len = m->m_pkthdr.len;
struct in_addr faddr, laddr;
@ -1081,6 +1090,7 @@ release:
static void
udp_abort(struct socket *so)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
inp = sotoinpcb(so);
@ -1099,6 +1109,7 @@ udp_abort(struct socket *so)
static int
udp_attach(struct socket *so, int proto, struct thread *td)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
int error;
@ -1125,6 +1136,7 @@ udp_attach(struct socket *so, int proto, struct thread *td)
static int
udp_bind(struct socket *so, struct sockaddr *nam, struct thread *td)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
int error;
@ -1141,6 +1153,7 @@ udp_bind(struct socket *so, struct sockaddr *nam, struct thread *td)
static void
udp_close(struct socket *so)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
inp = sotoinpcb(so);
@ -1159,6 +1172,7 @@ udp_close(struct socket *so)
static int
udp_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
int error;
struct sockaddr_in *sin;
@ -1186,6 +1200,7 @@ udp_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
static void
udp_detach(struct socket *so)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
inp = sotoinpcb(so);
@ -1202,6 +1217,7 @@ udp_detach(struct socket *so)
static int
udp_disconnect(struct socket *so)
{
INIT_VNET_INET(so->so_vnet);
struct inpcb *inp;
inp = sotoinpcb(so);

331
sys/netinet/vinet.h Normal file
View File

@ -0,0 +1,331 @@
/*-
* Copyright (c) 2006-2008 University of Zagreb
* Copyright (c) 2006-2008 FreeBSD Foundation
*
* This software was developed by the University of Zagreb and the
* FreeBSD Foundation under sponsorship by the Stichting NLnet and the
* FreeBSD Foundation.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $FreeBSD$
*/
#ifndef _NETINET_VINET_H_
#define _NETINET_VINET_H_
#ifdef VIMAGE
#include <sys/socketvar.h>
#include <sys/sysctl.h>
#include <sys/md5.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#include <netinet/in_var.h>
#include <netinet/in_pcb.h>
#include <netinet/ip_var.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
#include <netinet/icmp_var.h>
#include <netinet/igmp_var.h>
#include <netinet/tcp.h>
#include <netinet/tcp_var.h>
#include <netinet/tcp_hostcache.h>
#include <netinet/tcp_syncache.h>
#include <netinet/udp.h>
#include <netinet/udp_var.h>
struct vnet_inet {
struct in_ifaddrhashhead *_in_ifaddrhashtbl;
struct in_ifaddrhead _in_ifaddrhead;
u_long _in_ifaddrhmask;
struct in_multihead _in_multihead;
int _arpt_keep;
int _arp_maxtries;
int _useloopback;
int _arp_proxyall;
int _subnetsarelocal;
int _sameprefixcarponly;
int _ipforwarding;
int _ipstealth;
int _ipfastforward_active;
int _ipsendredirects;
int _ip_defttl;
int _ip_keepfaith;
int _ip_sendsourcequench;
int _ip_do_randomid;
int _ip_checkinterface;
u_short _ip_id;
uma_zone_t _ipq_zone;
int _nipq; /* Total # of reass queues */
int _maxnipq; /* Admin. limit on # reass queues. */
int _maxfragsperpacket;
TAILQ_HEAD(ipqhead, ipq) _ipq[IPREASS_NHASH];
struct inpcbhead _tcb; /* head of queue of active tcpcb's */
struct inpcbinfo _tcbinfo;
struct tcpstat _tcpstat; /* tcp statistics */
struct tcp_hostcache _tcp_hostcache;
struct callout _tcp_hc_callout;
struct tcp_syncache _tcp_syncache;
struct inpcbhead _divcb;
struct inpcbinfo _divcbinfo;
TAILQ_HEAD(, tcptw) _twq_2msl;
int _tcp_sc_rst_sock_fail;
int _tcp_mssdflt;
int _tcp_v6mssdflt;
int _tcp_minmss;
int _tcp_do_rfc1323;
int _icmp_may_rst;
int _tcp_isn_reseed_interval;
int _tcp_inflight_enable;
int _tcp_inflight_rttthresh;
int _tcp_inflight_min;
int _tcp_inflight_max;
int _tcp_inflight_stab;
int _nolocaltimewait;
int _path_mtu_discovery;
int _ss_fltsz;
int _ss_fltsz_local;
int _tcp_do_newreno;
int _tcp_do_tso;
int _tcp_do_autosndbuf;
int _tcp_autosndbuf_inc;
int _tcp_autosndbuf_max;
int _tcp_do_sack;
int _tcp_sack_maxholes;
int _tcp_sack_globalmaxholes;
int _tcp_sack_globalholes;
int _blackhole;
int _tcp_delack_enabled;
int _drop_synfin;
int _tcp_do_rfc3042;
int _tcp_do_rfc3390;
int _tcp_do_ecn;
int _tcp_ecn_maxretries;
int _tcp_insecure_rst;
int _tcp_do_autorcvbuf;
int _tcp_autorcvbuf_inc;
int _tcp_autorcvbuf_max;
int _tcp_reass_maxseg;
int _tcp_reass_qsize;
int _tcp_reass_maxqlen;
int _tcp_reass_overflows;
u_char _isn_secret[32];
int _isn_last_reseed;
u_int32_t _isn_offset;
u_int32_t _isn_offset_old;
MD5_CTX _isn_ctx;
struct inpcbhead _udb;
struct inpcbinfo _udbinfo;
struct udpstat _udpstat;
int _udp_blackhole;
struct inpcbhead _ripcb;
struct inpcbinfo _ripcbinfo;
struct socket *_ip_mrouter;
struct socket *_ip_rsvpd;
int _ip_rsvp_on;
int _rsvp_on;
struct icmpstat _icmpstat;
struct ipstat _ipstat;
struct igmpstat _igmpstat;
SLIST_HEAD(, router_info) _router_info_head;
int _rtq_timeout;
int _rtq_reallyold;
int _rtq_minreallyold;
int _rtq_toomany;
struct callout _rtq_timer;
int _ipport_lowfirstauto;
int _ipport_lowlastauto;
int _ipport_firstauto;
int _ipport_lastauto;
int _ipport_hifirstauto;
int _ipport_hilastauto;
int _ipport_reservedhigh;
int _ipport_reservedlow;
int _ipport_randomized;
int _ipport_randomcps;
int _ipport_randomtime;
int _ipport_stoprandom;
int _ipport_tcpallocs;
int _ipport_tcplastcount;
int _icmpmaskrepl;
u_int _icmpmaskfake;
int _drop_redirect;
int _log_redirect;
int _icmplim;
int _icmplim_output;
char _reply_src[IFNAMSIZ];
int _icmp_rfi;
int _icmp_quotelen;
int _icmpbmcastecho;
};
#endif
/*
* Symbol translation macros
*/
#define INIT_VNET_INET(vnet) \
INIT_FROM_VNET(vnet, VNET_MOD_INET, struct vnet_inet, vnet_inet)
#define VNET_INET(sym) VSYM(vnet_inet, sym)
#define V_arp_maxtries VNET_INET(arp_maxtries)
#define V_arp_proxyall VNET_INET(arp_proxyall)
#define V_arpt_keep VNET_INET(arpt_keep)
#define V_arpt_prune VNET_INET(arpt_prune)
#define V_blackhole VNET_INET(blackhole)
#define V_divcb VNET_INET(divcb)
#define V_divcbinfo VNET_INET(divcbinfo)
#define V_drop_redirect VNET_INET(drop_redirect)
#define V_drop_synfin VNET_INET(drop_synfin)
#define V_icmp_may_rst VNET_INET(icmp_may_rst)
#define V_icmp_quotelen VNET_INET(icmp_quotelen)
#define V_icmp_rfi VNET_INET(icmp_rfi)
#define V_icmpbmcastecho VNET_INET(icmpbmcastecho)
#define V_icmplim VNET_INET(icmplim)
#define V_icmplim_output VNET_INET(icmplim_output)
#define V_icmpmaskfake VNET_INET(icmpmaskfake)
#define V_icmpmaskrepl VNET_INET(icmpmaskrepl)
#define V_icmpstat VNET_INET(icmpstat)
#define V_igmpstat VNET_INET(igmpstat)
#define V_in_ifaddrhashtbl VNET_INET(in_ifaddrhashtbl)
#define V_in_ifaddrhead VNET_INET(in_ifaddrhead)
#define V_in_ifaddrhmask VNET_INET(in_ifaddrhmask)
#define V_in_multihead VNET_INET(in_multihead)
#define V_ip_checkinterface VNET_INET(ip_checkinterface)
#define V_ip_defttl VNET_INET(ip_defttl)
#define V_ip_do_randomid VNET_INET(ip_do_randomid)
#define V_ip_id VNET_INET(ip_id)
#define V_ip_keepfaith VNET_INET(ip_keepfaith)
#define V_ip_mrouter VNET_INET(ip_mrouter)
#define V_ip_rsvp_on VNET_INET(ip_rsvp_on)
#define V_ip_rsvpd VNET_INET(ip_rsvpd)
#define V_ip_sendsourcequench VNET_INET(ip_sendsourcequench)
#define V_ipfastforward_active VNET_INET(ipfastforward_active)
#define V_ipforwarding VNET_INET(ipforwarding)
#define V_ipport_firstauto VNET_INET(ipport_firstauto)
#define V_ipport_hifirstauto VNET_INET(ipport_hifirstauto)
#define V_ipport_hilastauto VNET_INET(ipport_hilastauto)
#define V_ipport_lastauto VNET_INET(ipport_lastauto)
#define V_ipport_lowfirstauto VNET_INET(ipport_lowfirstauto)
#define V_ipport_lowlastauto VNET_INET(ipport_lowlastauto)
#define V_ipport_randomcps VNET_INET(ipport_randomcps)
#define V_ipport_randomized VNET_INET(ipport_randomized)
#define V_ipport_randomtime VNET_INET(ipport_randomtime)
#define V_ipport_reservedhigh VNET_INET(ipport_reservedhigh)
#define V_ipport_reservedlow VNET_INET(ipport_reservedlow)
#define V_ipport_stoprandom VNET_INET(ipport_stoprandom)
#define V_ipport_tcpallocs VNET_INET(ipport_tcpallocs)
#define V_ipport_tcplastcount VNET_INET(ipport_tcplastcount)
#define V_ipq VNET_INET(ipq)
#define V_ipq_zone VNET_INET(ipq_zone)
#define V_ipsendredirects VNET_INET(ipsendredirects)
#define V_ipstat VNET_INET(ipstat)
#define V_ipstealth VNET_INET(ipstealth)
#define V_isn_ctx VNET_INET(isn_ctx)
#define V_isn_last_reseed VNET_INET(isn_last_reseed)
#define V_isn_offset VNET_INET(isn_offset)
#define V_isn_offset_old VNET_INET(isn_offset_old)
#define V_isn_secret VNET_INET(isn_secret)
#define V_llinfo_arp VNET_INET(llinfo_arp)
#define V_log_redirect VNET_INET(log_redirect)
#define V_maxfragsperpacket VNET_INET(maxfragsperpacket)
#define V_maxnipq VNET_INET(maxnipq)
#define V_nipq VNET_INET(nipq)
#define V_nolocaltimewait VNET_INET(nolocaltimewait)
#define V_path_mtu_discovery VNET_INET(path_mtu_discovery)
#define V_reply_src VNET_INET(reply_src)
#define V_ripcb VNET_INET(ripcb)
#define V_ripcbinfo VNET_INET(ripcbinfo)
#define V_router_info_head VNET_INET(router_info_head)
#define V_rsvp_on VNET_INET(rsvp_on)
#define V_rtq_minreallyold VNET_INET(rtq_minreallyold)
#define V_rtq_reallyold VNET_INET(rtq_reallyold)
#define V_rtq_timeout VNET_INET(rtq_timeout)
#define V_rtq_timer VNET_INET(rtq_timer)
#define V_rtq_toomany VNET_INET(rtq_toomany)
#define V_sameprefixcarponly VNET_INET(sameprefixcarponly)
#define V_ss_fltsz VNET_INET(ss_fltsz)
#define V_ss_fltsz_local VNET_INET(ss_fltsz_local)
#define V_subnetsarelocal VNET_INET(subnetsarelocal)
#define V_tcb VNET_INET(tcb)
#define V_tcbinfo VNET_INET(tcbinfo)
#define V_tcp_autorcvbuf_inc VNET_INET(tcp_autorcvbuf_inc)
#define V_tcp_autorcvbuf_max VNET_INET(tcp_autorcvbuf_max)
#define V_tcp_autosndbuf_inc VNET_INET(tcp_autosndbuf_inc)
#define V_tcp_autosndbuf_max VNET_INET(tcp_autosndbuf_max)
#define V_tcp_delack_enabled VNET_INET(tcp_delack_enabled)
#define V_tcp_do_autorcvbuf VNET_INET(tcp_do_autorcvbuf)
#define V_tcp_do_autosndbuf VNET_INET(tcp_do_autosndbuf)
#define V_tcp_do_ecn VNET_INET(tcp_do_ecn)
#define V_tcp_do_newreno VNET_INET(tcp_do_newreno)
#define V_tcp_do_rfc1323 VNET_INET(tcp_do_rfc1323)
#define V_tcp_do_rfc3042 VNET_INET(tcp_do_rfc3042)
#define V_tcp_do_rfc3390 VNET_INET(tcp_do_rfc3390)
#define V_tcp_do_sack VNET_INET(tcp_do_sack)
#define V_tcp_do_tso VNET_INET(tcp_do_tso)
#define V_tcp_ecn_maxretries VNET_INET(tcp_ecn_maxretries)
#define V_tcp_hc_callout VNET_INET(tcp_hc_callout)
#define V_tcp_hostcache VNET_INET(tcp_hostcache)
#define V_tcp_inflight_enable VNET_INET(tcp_inflight_enable)
#define V_tcp_inflight_max VNET_INET(tcp_inflight_max)
#define V_tcp_inflight_min VNET_INET(tcp_inflight_min)
#define V_tcp_inflight_rttthresh VNET_INET(tcp_inflight_rttthresh)
#define V_tcp_inflight_stab VNET_INET(tcp_inflight_stab)
#define V_tcp_insecure_rst VNET_INET(tcp_insecure_rst)
#define V_tcp_isn_reseed_interval VNET_INET(tcp_isn_reseed_interval)
#define V_tcp_minmss VNET_INET(tcp_minmss)
#define V_tcp_mssdflt VNET_INET(tcp_mssdflt)
#define V_tcp_reass_maxqlen VNET_INET(tcp_reass_maxqlen)
#define V_tcp_reass_maxseg VNET_INET(tcp_reass_maxseg)
#define V_tcp_reass_overflows VNET_INET(tcp_reass_overflows)
#define V_tcp_reass_qsize VNET_INET(tcp_reass_qsize)
#define V_tcp_sack_globalholes VNET_INET(tcp_sack_globalholes)
#define V_tcp_sack_globalmaxholes VNET_INET(tcp_sack_globalmaxholes)
#define V_tcp_sack_maxholes VNET_INET(tcp_sack_maxholes)
#define V_tcp_sc_rst_sock_fail VNET_INET(tcp_sc_rst_sock_fail)
#define V_tcp_syncache VNET_INET(tcp_syncache)
#define V_tcp_v6mssdflt VNET_INET(tcp_v6mssdflt)
#define V_tcpstat VNET_INET(tcpstat)
#define V_twq_2msl VNET_INET(twq_2msl)
#define V_udb VNET_INET(udb)
#define V_udbinfo VNET_INET(udbinfo)
#define V_udp_blackhole VNET_INET(udp_blackhole)
#define V_udpstat VNET_INET(udpstat)
#define V_useloopback VNET_INET(useloopback)
#endif /* !_NETINET_VINET_H_ */

1
sys/netinet6/dest6.c
View File

@ -62,6 +62,7 @@ __FBSDID("$FreeBSD$");
int
dest6_input(struct mbuf **mp, int *offp, int proto)
{
INIT_VNET_INET6(curvnet);
struct mbuf *m = *mp;
int off = *offp, dstoptlen, optlen;
struct ip6_dest *dstopts;

66
sys/netinet6/frag6.c
View File

@ -91,6 +91,7 @@ static MALLOC_DEFINE(M_FTABLE, "fragment", "fragment reassembly header");
static void
frag6_change(void *tag)
{
INIT_VNET_INET6(curvnet);
V_ip6_maxfragpackets = nmbclusters / 4;
V_ip6_maxfrags = nmbclusters / 4;
@ -99,6 +100,7 @@ frag6_change(void *tag)
void
frag6_init(void)
{
INIT_VNET_INET6(curvnet);
V_ip6_maxfragpackets = nmbclusters / 4;
V_ip6_maxfrags = nmbclusters / 4;
@ -145,6 +147,7 @@ frag6_init(void)
int
frag6_input(struct mbuf **mp, int *offp, int proto)
{
INIT_VNET_INET6(curvnet);
struct mbuf *m = *mp, *t;
struct ip6_hdr *ip6;
struct ip6_frag *ip6f;
@ -586,6 +589,7 @@ insert:
void
frag6_freef(struct ip6q *q6)
{
INIT_VNET_INET6(curvnet);
struct ip6asfrag *af6, *down6;
IP6Q_LOCK_ASSERT();
@ -682,31 +686,39 @@ frag6_remque(struct ip6q *p6)
void
frag6_slowtimo(void)
{
VNET_ITERATOR_DECL(vnet_iter);
struct ip6q *q6;
IP6Q_LOCK();
q6 = V_ip6q.ip6q_next;
if (q6)
while (q6 != &V_ip6q) {
--q6->ip6q_ttl;
q6 = q6->ip6q_next;
if (q6->ip6q_prev->ip6q_ttl == 0) {
V_ip6stat.ip6s_fragtimeout++;
/* XXX in6_ifstat_inc(ifp, ifs6_reass_fail) */
frag6_freef(q6->ip6q_prev);
VNET_LIST_RLOCK();
VNET_FOREACH(vnet_iter) {
CURVNET_SET(vnet_iter);
INIT_VNET_INET6(vnet_iter);
q6 = V_ip6q.ip6q_next;
if (q6)
while (q6 != &V_ip6q) {
--q6->ip6q_ttl;
q6 = q6->ip6q_next;
if (q6->ip6q_prev->ip6q_ttl == 0) {
V_ip6stat.ip6s_fragtimeout++;
/* XXX in6_ifstat_inc(ifp, ifs6_reass_fail) */
frag6_freef(q6->ip6q_prev);
}
}
/*
* If we are over the maximum number of fragments
* (due to the limit being lowered), drain off
* enough to get down to the new limit.
*/
while (V_frag6_nfragpackets > (u_int)V_ip6_maxfragpackets &&
V_ip6q.ip6q_prev) {
V_ip6stat.ip6s_fragoverflow++;
/* XXX in6_ifstat_inc(ifp, ifs6_reass_fail) */
frag6_freef(V_ip6q.ip6q_prev);
}
/*
* If we are over the maximum number of fragments
* (due to the limit being lowered), drain off
* enough to get down to the new limit.
*/
while (V_frag6_nfragpackets > (u_int)V_ip6_maxfragpackets &&
V_ip6q.ip6q_prev) {
V_ip6stat.ip6s_fragoverflow++;
/* XXX in6_ifstat_inc(ifp, ifs6_reass_fail) */
frag6_freef(V_ip6q.ip6q_prev);
CURVNET_RESTORE();
}
VNET_LIST_RUNLOCK();
IP6Q_UNLOCK();
#if 0
@ -732,13 +744,21 @@ frag6_slowtimo(void)
void
frag6_drain(void)
{
VNET_ITERATOR_DECL(vnet_iter);
if (IP6Q_TRYLOCK() == 0)
return;
while (V_ip6q.ip6q_next != &V_ip6q) {
V_ip6stat.ip6s_fragdropped++;
/* XXX in6_ifstat_inc(ifp, ifs6_reass_fail) */
frag6_freef(V_ip6q.ip6q_next);
VNET_LIST_RLOCK();
VNET_FOREACH(vnet_iter) {
CURVNET_SET(vnet_iter);
INIT_VNET_INET6(vnet_iter);
while (V_ip6q.ip6q_next != &V_ip6q) {
V_ip6stat.ip6s_fragdropped++;
/* XXX in6_ifstat_inc(ifp, ifs6_reass_fail) */
frag6_freef(V_ip6q.ip6q_next);
}
CURVNET_RESTORE();
}
VNET_LIST_RUNLOCK();
IP6Q_UNLOCK();
}

19
sys/netinet6/icmp6.c
View File

@ -136,6 +136,7 @@ static int icmp6_notify_error(struct mbuf **, int, int, int);
void
icmp6_init(void)
{
INIT_VNET_INET6(curvnet);
mld6_init();
}
@ -204,6 +205,7 @@ void
icmp6_error2(struct mbuf *m, int type, int code, int param,
struct ifnet *ifp)
{
INIT_VNET_INET6(curvnet);
struct ip6_hdr *ip6;
if (ifp == NULL)
@ -235,6 +237,7 @@ icmp6_error2(struct mbuf *m, int type, int code, int param,
void
icmp6_error(struct mbuf *m, int type, int code, int param)
{
INIT_VNET_INET6(curvnet);
struct ip6_hdr *oip6, *nip6;
struct icmp6_hdr *icmp6;
u_int preplen;
@ -389,6 +392,8 @@ icmp6_error(struct mbuf *m, int type, int code, int param)
int
icmp6_input(struct mbuf **mp, int *offp, int proto)
{
INIT_VNET_INET6(curvnet);
INIT_VPROCG(TD_TO_VPROCG(curthread)); /* XXX V_hostname needs this */
struct mbuf *m = *mp, *n;
struct ip6_hdr *ip6, *nip6;
struct icmp6_hdr *icmp6, *nicmp6;
@ -862,6 +867,7 @@ icmp6_input(struct mbuf **mp, int *offp, int proto)
static int
icmp6_notify_error(struct mbuf **mp, int off, int icmp6len, int code)
{
INIT_VNET_INET6(curvnet);
struct mbuf *m = *mp;
struct icmp6_hdr *icmp6;
struct ip6_hdr *eip6;
@ -1093,6 +1099,7 @@ icmp6_notify_error(struct mbuf **mp, int off, int icmp6len, int code)
void
icmp6_mtudisc_update(struct ip6ctlparam *ip6cp, int validated)
{
INIT_VNET_INET6(curvnet);
struct in6_addr *dst = ip6cp->ip6c_finaldst;
struct icmp6_hdr *icmp6 = ip6cp->ip6c_icmp6;
struct mbuf *m = ip6cp->ip6c_m; /* will be necessary for scope issue */
@ -1158,6 +1165,8 @@ icmp6_mtudisc_update(struct ip6ctlparam *ip6cp, int validated)
static struct mbuf *
ni6_input(struct mbuf *m, int off)
{
INIT_VNET_INET6(curvnet);
INIT_VPROCG(TD_TO_VPROCG(curthread)); /* XXX V_hostname needs this */
struct icmp6_nodeinfo *ni6, *nni6;
struct mbuf *n = NULL;
u_int16_t qtype;
@ -1643,6 +1652,8 @@ static int
ni6_addrs(struct icmp6_nodeinfo *ni6, struct mbuf *m, struct ifnet **ifpp,
struct in6_addr *subj)
{
INIT_VNET_NET(curvnet);
INIT_VNET_INET6(curvnet);
struct ifnet *ifp;
struct in6_ifaddr *ifa6;
struct ifaddr *ifa;
@ -1734,6 +1745,8 @@ static int
ni6_store_addrs(struct icmp6_nodeinfo *ni6, struct icmp6_nodeinfo *nni6,
struct ifnet *ifp0, int resid)
{
INIT_VNET_NET(curvnet);
INIT_VNET_INET6(curvnet);
struct ifnet *ifp = ifp0 ? ifp0 : TAILQ_FIRST(&V_ifnet);
struct in6_ifaddr *ifa6;
struct ifaddr *ifa;
@ -1873,6 +1886,8 @@ ni6_store_addrs(struct icmp6_nodeinfo *ni6, struct icmp6_nodeinfo *nni6,
static int
icmp6_rip6_input(struct mbuf **mp, int off)
{
INIT_VNET_INET(curvnet);
INIT_VNET_INET6(curvnet);
struct mbuf *m = *mp;
struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
struct in6pcb *in6p;
@ -2033,6 +2048,7 @@ icmp6_rip6_input(struct mbuf **mp, int off)
void
icmp6_reflect(struct mbuf *m, size_t off)
{
INIT_VNET_INET6(curvnet);
struct ip6_hdr *ip6;
struct icmp6_hdr *icmp6;
struct in6_ifaddr *ia;
@ -2212,6 +2228,7 @@ icmp6_redirect_diag(struct in6_addr *src6, struct in6_addr *dst6,
void
icmp6_redirect_input(struct mbuf *m, int off)
{
INIT_VNET_INET6(curvnet);
struct ifnet *ifp;
struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
struct nd_redirect *nd_rd;
@ -2419,6 +2436,7 @@ icmp6_redirect_input(struct mbuf *m, int off)
void
icmp6_redirect_output(struct mbuf *m0, struct rtentry *rt)
{
INIT_VNET_INET6(curvnet);
struct ifnet *ifp; /* my outgoing interface */
struct in6_addr *ifp_ll6;
struct in6_addr *router_ll6;
@ -2785,6 +2803,7 @@ static int
icmp6_ratelimit(const struct in6_addr *dst, const int type,
const int code)
{
INIT_VNET_INET6(curvnet);
int ret;
ret = 0; /* okay to send */

10
sys/netinet6/in6.c
View File

@ -231,6 +231,7 @@ in6_ifaddloop(struct ifaddr *ifa)
void
in6_ifremloop(struct ifaddr *ifa)
{
INIT_VNET_INET6(curvnet);
struct in6_ifaddr *ia;
struct rtentry *rt;
int ia_count = 0;
@ -322,6 +323,7 @@ int
in6_control(struct socket *so, u_long cmd, caddr_t data,
struct ifnet *ifp, struct thread *td)
{
INIT_VNET_INET6(curvnet);
struct in6_ifreq *ifr = (struct in6_ifreq *)data;
struct in6_ifaddr *ia = NULL;
struct in6_aliasreq *ifra = (struct in6_aliasreq *)data;
@ -795,6 +797,8 @@ int
in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra,
struct in6_ifaddr *ia, int flags)
{
INIT_VNET_INET6(ifp->if_vnet);
INIT_VPROCG(TD_TO_VPROCG(curthread)); /* XXX V_hostname needs this */
int error = 0, hostIsNew = 0, plen = -1;
struct in6_ifaddr *oia;
struct sockaddr_in6 dst6;
@ -1323,6 +1327,7 @@ in6_purgeaddr(struct ifaddr *ifa)
static void
in6_unlink_ifa(struct in6_ifaddr *ia, struct ifnet *ifp)
{
INIT_VNET_INET6(ifp->if_vnet);
struct in6_ifaddr *oia;
int s = splnet();
@ -1890,6 +1895,7 @@ ip6_sprintf(char *ip6buf, const struct in6_addr *addr)
int
in6_localaddr(struct in6_addr *in6)
{
INIT_VNET_INET6(curvnet);
struct in6_ifaddr *ia;
if (IN6_IS_ADDR_LOOPBACK(in6) || IN6_IS_ADDR_LINKLOCAL(in6))
@ -1908,6 +1914,7 @@ in6_localaddr(struct in6_addr *in6)
int
in6_is_addr_deprecated(struct sockaddr_in6 *sa6)
{
INIT_VNET_INET6(curvnet);
struct in6_ifaddr *ia;
for (ia = V_in6_ifaddr; ia; ia = ia->ia_next) {
@ -2000,6 +2007,7 @@ in6_prefixlen2mask(struct in6_addr *maskp, int len)
struct in6_ifaddr *
in6_ifawithifp(struct ifnet *ifp, struct in6_addr *dst)
{
INIT_VNET_INET6(curvnet);
int dst_scope = in6_addrscope(dst), blen = -1, tlen;
struct ifaddr *ifa;
struct in6_ifaddr *besta = 0;
@ -2148,6 +2156,8 @@ in6if_do_dad(struct ifnet *ifp)
void
in6_setmaxmtu(void)
{
INIT_VNET_NET(curvnet);
INIT_VNET_INET6(curvnet);
unsigned long maxmtu = 0;
struct ifnet *ifp;

2
sys/netinet6/in6_gif.c
View File

@ -87,6 +87,7 @@ in6_gif_output(struct ifnet *ifp,
int family, /* family of the packet to be encapsulate */
struct mbuf *m)
{
INIT_VNET_GIF(ifp->if_vnet);
struct gif_softc *sc = ifp->if_softc;
struct sockaddr_in6 *dst = (struct sockaddr_in6 *)&sc->gif_ro6.ro_dst;
struct sockaddr_in6 *sin6_src = (struct sockaddr_in6 *)sc->gif_psrc;
@ -246,6 +247,7 @@ in6_gif_output(struct ifnet *ifp,
int
in6_gif_input(struct mbuf **mp, int *offp, int proto)
{
INIT_VNET_INET6(curvnet);
struct mbuf *m = *mp;
struct ifnet *gifp = NULL;
struct gif_softc *sc;

12
sys/netinet6/in6_ifattach.c
View File

@ -104,6 +104,7 @@ static void in6_purgemaddrs(struct ifnet *);
static int
get_rand_ifid(struct ifnet *ifp, struct in6_addr *in6)
{
INIT_VPROCG(TD_TO_VPROCG(curthread)); /* XXX V_hostname needs this */
MD5_CTX ctxt;
u_int8_t digest[16];
int hostnamelen;
@ -139,6 +140,7 @@ get_rand_ifid(struct ifnet *ifp, struct in6_addr *in6)
static int
generate_tmp_ifid(u_int8_t *seed0, const u_int8_t *seed1, u_int8_t *ret)
{
INIT_VNET_INET6(curvnet);
MD5_CTX ctxt;
u_int8_t seed[16], digest[16], nullbuf[8];
u_int32_t val32;
@ -358,6 +360,8 @@ static int
get_ifid(struct ifnet *ifp0, struct ifnet *altifp,
struct in6_addr *in6)
{
INIT_VNET_NET(ifp0->if_vnet);
INIT_VNET_INET6(ifp0->if_vnet);
struct ifnet *ifp;
/* first, try to get it from the interface itself */
@ -421,6 +425,7 @@ success:
static int
in6_ifattach_linklocal(struct ifnet *ifp, struct ifnet *altifp)
{
INIT_VNET_INET6(curvnet);
struct in6_ifaddr *ia;
struct in6_aliasreq ifra;
struct nd_prefixctl pr0;
@ -537,6 +542,7 @@ in6_ifattach_linklocal(struct ifnet *ifp, struct ifnet *altifp)
static int
in6_ifattach_loopback(struct ifnet *ifp)
{
INIT_VNET_INET6(curvnet);
struct in6_aliasreq ifra;
int error;
@ -648,6 +654,7 @@ in6_nigroup(struct ifnet *ifp, const char *name, int namelen,
void
in6_ifattach(struct ifnet *ifp, struct ifnet *altifp)
{
INIT_VNET_INET6(ifp->if_vnet);
struct in6_ifaddr *ia;
struct in6_addr in6;
@ -730,6 +737,9 @@ statinit:
void
in6_ifdetach(struct ifnet *ifp)
{
INIT_VNET_NET(ifp->if_vnet);
INIT_VNET_INET(ifp->if_vnet);
INIT_VNET_INET6(ifp->if_vnet);
struct in6_ifaddr *ia, *oia;
struct ifaddr *ifa, *next;
struct rtentry *rt;
@ -865,6 +875,8 @@ in6_get_tmpifid(struct ifnet *ifp, u_int8_t *retbuf,
void
in6_tmpaddrtimer(void *ignored_arg)
{
INIT_VNET_NET(curvnet);
INIT_VNET_INET6(curvnet);
struct nd_ifinfo *ndi;
u_int8_t nullbuf[8];
struct ifnet *ifp;

3
sys/netinet6/in6_pcb.c
View File

@ -117,6 +117,8 @@ int
in6_pcbbind(register struct inpcb *inp, struct sockaddr *nam,
struct ucred *cred)
{
INIT_VNET_INET6(inp->inp_vnet);
INIT_VNET_INET(inp->inp_vnet);
struct socket *so = inp->inp_socket;
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)NULL;
struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
@ -284,6 +286,7 @@ int
in6_pcbladdr(register struct inpcb *inp, struct sockaddr *nam,
struct in6_addr **plocal_addr6)
{
INIT_VNET_INET6(inp->inp_vnet);
register struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam;
int error = 0;
struct ifnet *ifp = NULL;

159
sys/netinet6/in6_proto.c
View File

@ -458,6 +458,7 @@ SYSCTL_NODE(_net_inet6, IPPROTO_ESP, ipsec6, CTLFLAG_RW, 0, "IPSEC6");
static int
sysctl_ip6_temppltime(SYSCTL_HANDLER_ARGS)
{
INIT_VNET_INET6(curvnet);
int error = 0;
int old;
@ -477,6 +478,7 @@ sysctl_ip6_temppltime(SYSCTL_HANDLER_ARGS)
static int
sysctl_ip6_tempvltime(SYSCTL_HANDLER_ARGS)
{
INIT_VNET_INET6(curvnet);
int error = 0;
int old;
@ -492,91 +494,92 @@ sysctl_ip6_tempvltime(SYSCTL_HANDLER_ARGS)
return (error);
}
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_FORWARDING,
forwarding, CTLFLAG_RW, &ip6_forwarding, 0, "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_SENDREDIRECTS,
redirect, CTLFLAG_RW, &ip6_sendredirects, 0, "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DEFHLIM,
hlim, CTLFLAG_RW, &ip6_defhlim, 0, "");
SYSCTL_STRUCT(_net_inet6_ip6, IPV6CTL_STATS, stats, CTLFLAG_RD,
&ip6stat, ip6stat, "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MAXFRAGPACKETS,
maxfragpackets, CTLFLAG_RW, &ip6_maxfragpackets, 0, "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_ACCEPT_RTADV,
accept_rtadv, CTLFLAG_RW, &ip6_accept_rtadv, 0, "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_KEEPFAITH,
keepfaith, CTLFLAG_RW, &ip6_keepfaith, 0, "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_LOG_INTERVAL,
log_interval, CTLFLAG_RW, &ip6_log_interval, 0, "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_HDRNESTLIMIT,
hdrnestlimit, CTLFLAG_RW, &ip6_hdrnestlimit, 0, "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DAD_COUNT,
dad_count, CTLFLAG_RW, &ip6_dad_count, 0, "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_AUTO_FLOWLABEL,
auto_flowlabel, CTLFLAG_RW, &ip6_auto_flowlabel, 0, "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_DEFMCASTHLIM,
defmcasthlim, CTLFLAG_RW, &ip6_defmcasthlim, 0, "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_GIF_HLIM,
gifhlim, CTLFLAG_RW, &ip6_gif_hlim, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_FORWARDING,
forwarding, CTLFLAG_RW, ip6_forwarding, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_SENDREDIRECTS,
redirect, CTLFLAG_RW, ip6_sendredirects, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_DEFHLIM,
hlim, CTLFLAG_RW, ip6_defhlim, 0, "");
SYSCTL_V_STRUCT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_STATS, stats,
CTLFLAG_RD, ip6stat, ip6stat, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_MAXFRAGPACKETS,
maxfragpackets, CTLFLAG_RW, ip6_maxfragpackets, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_ACCEPT_RTADV,
accept_rtadv, CTLFLAG_RW, ip6_accept_rtadv, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_KEEPFAITH,
keepfaith, CTLFLAG_RW, ip6_keepfaith, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_LOG_INTERVAL,
log_interval, CTLFLAG_RW, ip6_log_interval, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_HDRNESTLIMIT,
hdrnestlimit, CTLFLAG_RW, ip6_hdrnestlimit, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_DAD_COUNT,
dad_count, CTLFLAG_RW, ip6_dad_count, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_AUTO_FLOWLABEL,
auto_flowlabel, CTLFLAG_RW, ip6_auto_flowlabel, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_DEFMCASTHLIM,
defmcasthlim, CTLFLAG_RW, ip6_defmcasthlim, 0, "");
SYSCTL_STRING(_net_inet6_ip6, IPV6CTL_KAME_VERSION,
kame_version, CTLFLAG_RD, __KAME_VERSION, 0, "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USE_DEPRECATED,
use_deprecated, CTLFLAG_RW, &ip6_use_deprecated, 0, "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_RR_PRUNE,
rr_prune, CTLFLAG_RW, &ip6_rr_prune, 0, "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USETEMPADDR,
use_tempaddr, CTLFLAG_RW, &ip6_use_tempaddr, 0, "");
SYSCTL_OID(_net_inet6_ip6, IPV6CTL_TEMPPLTIME, temppltime,
CTLTYPE_INT|CTLFLAG_RW, &ip6_temp_preferred_lifetime, 0,
sysctl_ip6_temppltime, "I", "");
SYSCTL_OID(_net_inet6_ip6, IPV6CTL_TEMPVLTIME, tempvltime,
CTLTYPE_INT|CTLFLAG_RW, &ip6_temp_valid_lifetime, 0,
sysctl_ip6_tempvltime, "I", "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_V6ONLY,
v6only, CTLFLAG_RW, &ip6_v6only, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_USE_DEPRECATED,
use_deprecated, CTLFLAG_RW, ip6_use_deprecated, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_RR_PRUNE,
rr_prune, CTLFLAG_RW, ip6_rr_prune, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_USETEMPADDR,
use_tempaddr, CTLFLAG_RW, ip6_use_tempaddr, 0, "");
SYSCTL_V_OID(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_TEMPPLTIME, temppltime,
CTLTYPE_INT|CTLFLAG_RW, ip6_temp_preferred_lifetime, 0,
sysctl_ip6_temppltime, "I", "");
SYSCTL_V_OID(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_TEMPVLTIME, tempvltime,
CTLTYPE_INT|CTLFLAG_RW, ip6_temp_valid_lifetime, 0,
sysctl_ip6_tempvltime, "I", "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_V6ONLY,
v6only, CTLFLAG_RW, ip6_v6only, 0, "");
#ifndef VIMAGE
TUNABLE_INT("net.inet6.ip6.auto_linklocal", &ip6_auto_linklocal);
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_AUTO_LINKLOCAL,
auto_linklocal, CTLFLAG_RW, &ip6_auto_linklocal, 0, "");
SYSCTL_STRUCT(_net_inet6_ip6, IPV6CTL_RIP6STATS, rip6stats, CTLFLAG_RD,
&rip6stat, rip6stat, "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_PREFER_TEMPADDR,
prefer_tempaddr, CTLFLAG_RW, &ip6_prefer_tempaddr, 0, "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_USE_DEFAULTZONE,
use_defaultzone, CTLFLAG_RW, &ip6_use_defzone, 0,"");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MAXFRAGS,
maxfrags, CTLFLAG_RW, &ip6_maxfrags, 0, "");
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_MCAST_PMTU,
mcast_pmtu, CTLFLAG_RW, &ip6_mcast_pmtu, 0, "");
#endif
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_AUTO_LINKLOCAL,
auto_linklocal, CTLFLAG_RW, ip6_auto_linklocal, 0, "");
SYSCTL_V_STRUCT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_RIP6STATS,
rip6stats, CTLFLAG_RD, rip6stat, rip6stat, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_PREFER_TEMPADDR,
prefer_tempaddr, CTLFLAG_RW, ip6_prefer_tempaddr, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_USE_DEFAULTZONE,
use_defaultzone, CTLFLAG_RW, ip6_use_defzone, 0,"");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_MAXFRAGS,
maxfrags, CTLFLAG_RW, ip6_maxfrags, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_MCAST_PMTU,
mcast_pmtu, CTLFLAG_RW, ip6_mcast_pmtu, 0, "");
#ifdef IPSTEALTH
SYSCTL_INT(_net_inet6_ip6, IPV6CTL_STEALTH, stealth, CTLFLAG_RW,
&ip6stealth, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_STEALTH,
stealth, CTLFLAG_RW, ip6stealth, 0, "");
#endif
/* net.inet6.icmp6 */
SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_REDIRACCEPT,
rediraccept, CTLFLAG_RW, &icmp6_rediraccept, 0, "");
SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_REDIRTIMEOUT,
redirtimeout, CTLFLAG_RW, &icmp6_redirtimeout, 0, "");
SYSCTL_STRUCT(_net_inet6_icmp6, ICMPV6CTL_STATS, stats, CTLFLAG_RD,
&icmp6stat, icmp6stat, "");
SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_PRUNE,
nd6_prune, CTLFLAG_RW, &nd6_prune, 0, "");
SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_DELAY,
nd6_delay, CTLFLAG_RW, &nd6_delay, 0, "");
SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_UMAXTRIES,
nd6_umaxtries, CTLFLAG_RW, &nd6_umaxtries, 0, "");
SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_MMAXTRIES,
nd6_mmaxtries, CTLFLAG_RW, &nd6_mmaxtries, 0, "");
SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_USELOOPBACK,
nd6_useloopback, CTLFLAG_RW, &nd6_useloopback, 0, "");
SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_NODEINFO,
nodeinfo, CTLFLAG_RW, &icmp6_nodeinfo, 0, "");
SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ERRPPSLIMIT,
errppslimit, CTLFLAG_RW, &icmp6errppslim, 0, "");
SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_MAXNUDHINT,
nd6_maxnudhint, CTLFLAG_RW, &nd6_maxnudhint, 0, "");
SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_DEBUG,
nd6_debug, CTLFLAG_RW, &nd6_debug, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_REDIRACCEPT,
rediraccept, CTLFLAG_RW, icmp6_rediraccept, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_REDIRTIMEOUT,
redirtimeout, CTLFLAG_RW, icmp6_redirtimeout, 0, "");
SYSCTL_V_STRUCT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_STATS,
stats, CTLFLAG_RD, icmp6stat, icmp6stat, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_PRUNE,
nd6_prune, CTLFLAG_RW, nd6_prune, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_DELAY,
nd6_delay, CTLFLAG_RW, nd6_delay, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_UMAXTRIES,
nd6_umaxtries, CTLFLAG_RW, nd6_umaxtries, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_MMAXTRIES,
nd6_mmaxtries, CTLFLAG_RW, nd6_mmaxtries, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_USELOOPBACK,
nd6_useloopback, CTLFLAG_RW, nd6_useloopback, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_NODEINFO,
nodeinfo, CTLFLAG_RW, icmp6_nodeinfo, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ERRPPSLIMIT,
errppslimit, CTLFLAG_RW, icmp6errppslim, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_MAXNUDHINT,
nd6_maxnudhint, CTLFLAG_RW, nd6_maxnudhint, 0, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_DEBUG,
nd6_debug, CTLFLAG_RW, nd6_debug, 0, "");
SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_ONLINKNSRFC4861,
nd6_onlink_ns_rfc4861, CTLFLAG_RW, &nd6_onlink_ns_rfc4861, 0,
"Accept 'on-link' nd6 NS in compliance with RFC 4861.");

12
sys/netinet6/in6_rmx.c
View File

@ -242,6 +242,7 @@ SYSCTL_INT(_net_inet6_ip6, IPV6CTL_RTMAXCACHE, rtmaxcache,
static void
in6_clsroute(struct radix_node *rn, struct radix_node_head *head)
{
INIT_VNET_INET6(curvnet);
struct rtentry *rt = (struct rtentry *)rn;
RT_LOCK_ASSERT(rt);
@ -286,6 +287,7 @@ struct rtqk_arg {
static int
in6_rtqkill(struct radix_node *rn, void *rock)
{
INIT_VNET_INET6(curvnet);
struct rtqk_arg *ap = rock;
struct rtentry *rt = (struct rtentry *)rn;
int err;
@ -328,6 +330,9 @@ static struct callout rtq_timer6;
static void
in6_rtqtimo(void *rock)
{
CURVNET_SET_QUIET((struct vnet *) rock);
INIT_VNET_NET((struct vnet *) rock);
INIT_VNET_INET6((struct vnet *) rock);
struct radix_node_head *rnh = rock;
struct rtqk_arg arg;
struct timeval atv;
@ -372,6 +377,7 @@ in6_rtqtimo(void *rock)
atv.tv_usec = 0;
atv.tv_sec = arg.nextstop - time_uptime;
callout_reset(&V_rtq_timer6, tvtohz(&atv), in6_rtqtimo, rock);
CURVNET_RESTORE();
}
/*
@ -410,6 +416,9 @@ in6_mtuexpire(struct radix_node *rn, void *rock)
static void
in6_mtutimo(void *rock)
{
CURVNET_SET_QUIET((struct vnet *) rock);
INIT_VNET_NET((struct vnet *) rock);
INIT_VNET_INET6((struct vnet *) rock);
struct radix_node_head *rnh = rock;
struct mtuex_arg arg;
struct timeval atv;
@ -428,12 +437,14 @@ in6_mtutimo(void *rock)
atv.tv_sec = 30;
}
callout_reset(&V_rtq_mtutimer, tvtohz(&atv), in6_mtutimo, rock);
CURVNET_RESTORE();
}
#if 0
void
in6_rtqdrain(void)
{
INIT_VNET_NET(curvnet);
struct radix_node_head *rnh = V_rt_tables[AF_INET6];
struct rtqk_arg arg;
@ -458,6 +469,7 @@ in6_rtqdrain(void)
int
in6_inithead(void **head, int off)
{
INIT_VNET_INET6(curvnet);
struct radix_node_head *rnh;
if (!rn_inithead(head, offsetof(struct sockaddr_in6, sin6_addr) << 3))

12
sys/netinet6/in6_src.c
View File

@ -174,6 +174,7 @@ in6_selectsrc(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts,
struct inpcb *inp, struct route_in6 *ro, struct ucred *cred,
struct ifnet **ifpp, int *errorp)
{
INIT_VNET_INET6(curvnet);
struct in6_addr dst;
struct ifnet *ifp = NULL;
struct in6_ifaddr *ia = NULL, *ia_best = NULL;
@ -456,6 +457,8 @@ selectroute(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts,
struct ifnet **retifp, struct rtentry **retrt, int clone,
int norouteok)
{
INIT_VNET_NET(curvnet);
INIT_VNET_INET6(curvnet);
int error = 0;
struct ifnet *ifp = NULL;
struct rtentry *rt = NULL;
@ -735,6 +738,7 @@ in6_selectroute(struct sockaddr_in6 *dstsock, struct ip6_pktopts *opts,
int
in6_selecthlim(struct in6pcb *in6p, struct ifnet *ifp)
{
INIT_VNET_INET6(curvnet);
if (in6p && in6p->in6p_hops >= 0)
return (in6p->in6p_hops);
@ -767,6 +771,7 @@ in6_selecthlim(struct in6pcb *in6p, struct ifnet *ifp)
int
in6_pcbsetport(struct in6_addr *laddr, struct inpcb *inp, struct ucred *cred)
{
INIT_VNET_INET(curvnet);
struct socket *so = inp->inp_socket;
u_int16_t lport = 0, first, last, *lastport;
int count, error = 0, wild = 0;
@ -863,6 +868,7 @@ addrsel_policy_init(void)
{
ADDRSEL_LOCK_INIT();
ADDRSEL_SXLOCK_INIT();
INIT_VNET_INET6(curvnet);
init_policy_queue();
@ -874,6 +880,7 @@ addrsel_policy_init(void)
static struct in6_addrpolicy *
lookup_addrsel_policy(struct sockaddr_in6 *key)
{
INIT_VNET_INET6(curvnet);
struct in6_addrpolicy *match = NULL;
ADDRSEL_LOCK();
@ -965,6 +972,7 @@ struct addrsel_policyhead addrsel_policytab;
static void
init_policy_queue(void)
{
INIT_VNET_INET6(curvnet);
TAILQ_INIT(&V_addrsel_policytab);
}
@ -972,6 +980,7 @@ init_policy_queue(void)
static int
add_addrsel_policyent(struct in6_addrpolicy *newpolicy)
{
INIT_VNET_INET6(curvnet);
struct addrsel_policyent *new, *pol;
MALLOC(new, struct addrsel_policyent *, sizeof(*new), M_IFADDR,
@ -1007,6 +1016,7 @@ add_addrsel_policyent(struct in6_addrpolicy *newpolicy)
static int
delete_addrsel_policyent(struct in6_addrpolicy *key)
{
INIT_VNET_INET6(curvnet);
struct addrsel_policyent *pol;
ADDRSEL_XLOCK();
@ -1038,6 +1048,7 @@ static int
walk_addrsel_policy(int (*callback)(struct in6_addrpolicy *, void *),
void *w)
{
INIT_VNET_INET6(curvnet);
struct addrsel_policyent *pol;
int error = 0;
@ -1066,6 +1077,7 @@ dump_addrsel_policyent(struct in6_addrpolicy *pol, void *arg)
static struct in6_addrpolicy *
match_addrsel_policy(struct sockaddr_in6 *key)
{
INIT_VNET_INET6(curvnet);
struct addrsel_policyent *pent;
struct in6_addrpolicy *bestpol = NULL, *pol;
int matchlen, bestmatchlen = -1;

2
sys/netinet6/ip6_forward.c
View File

@ -93,6 +93,7 @@ struct route_in6 ip6_forward_rt;
void
ip6_forward(struct mbuf *m, int srcrt)
{
INIT_VNET_INET6(curvnet);
struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
struct sockaddr_in6 *dst = NULL;
struct rtentry *rt = NULL;
@ -102,6 +103,7 @@ ip6_forward(struct mbuf *m, int srcrt)
u_int32_t inzone, outzone;
struct in6_addr src_in6, dst_in6;
#ifdef IPSEC
INIT_VNET_IPSEC(curvnet);
struct secpolicy *sp = NULL;
int ipsecrt = 0;
#endif

7
sys/netinet6/ip6_input.c
View File

@ -145,6 +145,7 @@ static struct mbuf *ip6_pullexthdr(struct mbuf *, size_t, int);
void
ip6_init(void)
{
INIT_VNET_INET6(curvnet);
struct ip6protosw *pr;
int i;
@ -192,6 +193,7 @@ ip6_init(void)
static void
ip6_init2(void *dummy)
{
INIT_VNET_INET6(curvnet);
/* nd6_timer_init */
callout_init(&V_nd6_timer_ch, 0);
@ -214,6 +216,8 @@ extern struct route_in6 ip6_forward_rt;
void
ip6_input(struct mbuf *m)
{
INIT_VNET_NET(curvnet);
INIT_VNET_INET6(curvnet);
struct ip6_hdr *ip6;
int off = sizeof(struct ip6_hdr), nest;
u_int32_t plen;
@ -813,6 +817,7 @@ static int
ip6_hopopts_input(u_int32_t *plenp, u_int32_t *rtalertp,
struct mbuf **mp, int *offp)
{
INIT_VNET_INET6(curvnet);
struct mbuf *m = *mp;
int off = *offp, hbhlen;
struct ip6_hbh *hbh;
@ -868,6 +873,7 @@ int
ip6_process_hopopts(struct mbuf *m, u_int8_t *opthead, int hbhlen,
u_int32_t *rtalertp, u_int32_t *plenp)
{
INIT_VNET_INET6(curvnet);
struct ip6_hdr *ip6;
int optlen = 0;
u_int8_t *opt = opthead;
@ -1000,6 +1006,7 @@ ip6_process_hopopts(struct mbuf *m, u_int8_t *opthead, int hbhlen,
int
ip6_unknown_opt(u_int8_t *optp, struct mbuf *m, int off)
{
INIT_VNET_INET6(curvnet);
struct ip6_hdr *ip6;
switch (IP6OPT_TYPE(*optp)) {

3
sys/netinet6/ip6_ipsec.c
View File

@ -103,6 +103,8 @@ int
ip6_ipsec_fwd(struct mbuf *m)
{
#ifdef IPSEC
INIT_VNET_INET6(curvnet);
INIT_VNET_IPSEC(curvnet);
struct m_tag *mtag;
struct tdb_ident *tdbi;
struct secpolicy *sp;
@ -148,6 +150,7 @@ int
ip6_ipsec_input(struct mbuf *m, int nxt)
{
#ifdef IPSEC
INIT_VNET_IPSEC(curvnet);
struct m_tag *mtag;
struct tdb_ident *tdbi;
struct secpolicy *sp;

10
sys/netinet6/ip6_mroute.c
View File

@ -376,6 +376,7 @@ X_ip6_mrouter_set(struct socket *so, struct sockopt *sopt)
int
X_ip6_mrouter_get(struct socket *so, struct sockopt *sopt)
{
INIT_VNET_INET6(curvnet);
int error = 0;
if (so != ip6_mrouter)
@ -452,6 +453,7 @@ get_mif6_cnt(struct sioc_mif_req6 *req)
static int
set_pim6(int *i)
{
INIT_VNET_INET6(curvnet);
if ((*i != 1) && (*i != 0))
return (EINVAL);
@ -466,6 +468,8 @@ set_pim6(int *i)
static int
ip6_mrouter_init(struct socket *so, int v, int cmd)
{
INIT_VNET_INET6(curvnet);
#ifdef MRT6DEBUG
if (V_mrt6debug)
log(LOG_DEBUG,
@ -509,6 +513,7 @@ ip6_mrouter_init(struct socket *so, int v, int cmd)
int
X_ip6_mrouter_done(void)
{
INIT_VNET_INET6(curvnet);
mifi_t mifi;
int i;
struct mf6c *rt;
@ -601,6 +606,7 @@ static struct sockaddr_in6 sin6 = { sizeof(sin6), AF_INET6 };
static int
add_m6if(struct mif6ctl *mifcp)
{
INIT_VNET_NET(curvnet);
struct mif6 *mifp;
struct ifnet *ifp;
int error, s;
@ -1002,6 +1008,7 @@ socket_send(struct socket *s, struct mbuf *mm, struct sockaddr_in6 *src)
int
X_ip6_mforward(struct ip6_hdr *ip6, struct ifnet *ifp, struct mbuf *m)
{
INIT_VNET_INET6(curvnet);
struct mf6c *rt;
struct mif6 *mifp;
struct mbuf *mm;
@ -1327,6 +1334,7 @@ expire_upcalls(void *unused)
static int
ip6_mdq(struct mbuf *m, struct ifnet *ifp, struct mf6c *rt)
{
INIT_VNET_INET6(curvnet);
struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
mifi_t mifi, iif;
struct mif6 *mifp;
@ -1505,6 +1513,7 @@ ip6_mdq(struct mbuf *m, struct ifnet *ifp, struct mf6c *rt)
static void
phyint_send(struct ip6_hdr *ip6, struct mif6 *mifp, struct mbuf *m)
{
INIT_VNET_INET6(curvnet);
struct mbuf *mb_copy;
struct ifnet *ifp = mifp->m6_ifp;
int error = 0;
@ -1692,6 +1701,7 @@ register_send(struct ip6_hdr *ip6, struct mif6 *mif, struct mbuf *m)
int
pim6_input(struct mbuf **mp, int *offp, int proto)
{
INIT_VNET_INET6(curvnet);
struct pim *pim; /* pointer to a pim struct */
struct ip6_hdr *ip6;
int pimlen;

7
sys/netinet6/ip6_output.c
View File

@ -189,6 +189,8 @@ ip6_output(struct mbuf *m0, struct ip6_pktopts *opt,
struct route_in6 *ro, int flags, struct ip6_moptions *im6o,
struct ifnet **ifpp, struct inpcb *inp)
{
INIT_VNET_NET(curvnet);
INIT_VNET_INET6(curvnet);
struct ip6_hdr *ip6, *mhip6;
struct ifnet *ifp, *origifp;
struct mbuf *m = m0;
@ -2420,6 +2422,8 @@ ip6_freepcbopts(struct ip6_pktopts *pktopt)
static int
ip6_setmoptions(int optname, struct ip6_moptions **im6op, struct mbuf *m)
{
INIT_VNET_NET(curvnet);
INIT_VNET_INET6(curvnet);
int error = 0;
u_int loop, ifindex;
struct ipv6_mreq *mreq;
@ -2721,6 +2725,7 @@ ip6_setmoptions(int optname, struct ip6_moptions **im6op, struct mbuf *m)
static int
ip6_getmoptions(int optname, struct ip6_moptions *im6o, struct mbuf **mp)
{
INIT_VNET_INET6(curvnet);
u_int *hlim, *loop, *ifindex;
*mp = m_get(M_WAIT, MT_HEADER); /* XXX */
@ -2850,6 +2855,8 @@ static int
ip6_setpktopt(int optname, u_char *buf, int len, struct ip6_pktopts *opt,
struct ucred *cred, int sticky, int cmsg, int uproto)
{
INIT_VNET_NET(curvnet);
INIT_VNET_INET6(curvnet);
int minmtupolicy, preftemp;
int error;

3
sys/netinet6/mld6.c
View File

@ -115,6 +115,7 @@ static u_long mld_timerresid(struct in6_multi *);
void
mld6_init(void)
{
INIT_VNET_INET6(curvnet);
static u_int8_t hbh_buf[8];
struct ip6_hbh *hbh = (struct ip6_hbh *)hbh_buf;
u_int16_t rtalert_code = htons((u_int16_t)IP6OPT_RTALERT_MLD);
@ -268,6 +269,7 @@ mld6_stop_listening(struct in6_multi *in6m)
void
mld6_input(struct mbuf *m, int off)
{
INIT_VNET_INET6(curvnet);
struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
struct mld_hdr *mldh;
struct ifnet *ifp = m->m_pkthdr.rcvif;
@ -438,6 +440,7 @@ mld6_input(struct mbuf *m, int off)
static void
mld6_sendpkt(struct in6_multi *in6m, int type, const struct in6_addr *dst)
{
INIT_VNET_INET6(curvnet);
struct mbuf *mh, *md;
struct mld_hdr *mldh;
struct ip6_hdr *ip6;

34
sys/netinet6/nd6.c
View File

@ -125,6 +125,7 @@ extern struct callout in6_tmpaddrtimer_ch;
void
nd6_init(void)
{
INIT_VNET_INET6(curvnet);
static int nd6_init_done = 0;
int i;
@ -198,6 +199,7 @@ nd6_setmtu(struct ifnet *ifp)
void
nd6_setmtu0(struct ifnet *ifp, struct nd_ifinfo *ndi)
{
INIT_VNET_INET6(ifp->if_vnet);
u_int32_t omaxmtu;
omaxmtu = ndi->maxmtu;
@ -307,6 +309,7 @@ nd6_option(union nd_opts *ndopts)
int
nd6_options(union nd_opts *ndopts)
{
INIT_VNET_INET6(curvnet);
struct nd_opt_hdr *nd_opt;
int i = 0;
@ -432,6 +435,9 @@ nd6_llinfo_timer(void *arg)
panic("ln->ln_rt->rt_ifp == NULL");
ndi = ND_IFINFO(ifp);
CURVNET_SET(ifp->if_vnet);
INIT_VNET_INET6(curvnet);
/* sanity check */
if (rt->rt_llinfo && (struct llinfo_nd6 *)rt->rt_llinfo != ln)
panic("rt_llinfo(%p) is not equal to ln(%p)",
@ -522,6 +528,7 @@ nd6_llinfo_timer(void *arg)
}
break;
}
CURVNET_RESTORE();
}
@ -529,8 +536,10 @@ nd6_llinfo_timer(void *arg)
* ND6 timer routine to expire default route list and prefix list
*/
void
nd6_timer(void *ignored_arg)
nd6_timer(void *arg)
{
CURVNET_SET_QUIET((struct vnet *) arg);
INIT_VNET_INET6((struct vnet *) arg);
int s;
struct nd_defrouter *dr;
struct nd_prefix *pr;
@ -650,6 +659,7 @@ nd6_timer(void *ignored_arg)
pr = pr->ndpr_next;
}
splx(s);
CURVNET_RESTORE();
}
/*
@ -724,6 +734,7 @@ regen_tmpaddr(struct in6_ifaddr *ia6)
void
nd6_purge(struct ifnet *ifp)
{
INIT_VNET_INET6(ifp->if_vnet);
struct llinfo_nd6 *ln, *nln;
struct nd_defrouter *dr, *ndr;
struct nd_prefix *pr, *npr;
@ -811,6 +822,7 @@ nd6_purge(struct ifnet *ifp)
struct rtentry *
nd6_lookup(struct in6_addr *addr6, int create, struct ifnet *ifp)
{
INIT_VNET_INET6(curvnet);
struct rtentry *rt;
struct sockaddr_in6 sin6;
char ip6buf[INET6_ADDRSTRLEN];
@ -916,6 +928,7 @@ nd6_lookup(struct in6_addr *addr6, int create, struct ifnet *ifp)
static int
nd6_is_new_addr_neighbor(struct sockaddr_in6 *addr, struct ifnet *ifp)
{
INIT_VNET_INET6(ifp->if_vnet);
struct nd_prefix *pr;
struct ifaddr *dstaddr;
@ -1013,6 +1026,7 @@ nd6_is_addr_neighbor(struct sockaddr_in6 *addr, struct ifnet *ifp)
static struct llinfo_nd6 *
nd6_free(struct rtentry *rt, int gc)
{
INIT_VNET_INET6(curvnet);
struct llinfo_nd6 *ln = (struct llinfo_nd6 *)rt->rt_llinfo, *next;
struct in6_addr in6 = ((struct sockaddr_in6 *)rt_key(rt))->sin6_addr;
struct nd_defrouter *dr;
@ -1122,6 +1136,7 @@ nd6_free(struct rtentry *rt, int gc)
void
nd6_nud_hint(struct rtentry *rt, struct in6_addr *dst6, int force)
{
INIT_VNET_INET6(curvnet);
struct llinfo_nd6 *ln;
/*
@ -1175,6 +1190,8 @@ nd6_rtrequest(int req, struct rtentry *rt, struct rt_addrinfo *info)
static struct sockaddr_dl null_sdl = {sizeof(null_sdl), AF_LINK};
struct ifnet *ifp = rt->rt_ifp;
struct ifaddr *ifa;
INIT_VNET_NET(ifp->if_vnet);
INIT_VNET_INET6(ifp->if_vnet);
RT_LOCK_ASSERT(rt);
@ -1415,6 +1432,7 @@ nd6_rtrequest(int req, struct rtentry *rt, struct rt_addrinfo *info)
int
nd6_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp)
{
INIT_VNET_INET6(ifp->if_vnet);
struct in6_drlist *drl = (struct in6_drlist *)data;
struct in6_oprlist *oprl = (struct in6_oprlist *)data;
struct in6_ndireq *ndi = (struct in6_ndireq *)data;
@ -1653,6 +1671,7 @@ struct rtentry *
nd6_cache_lladdr(struct ifnet *ifp, struct in6_addr *from, char *lladdr,
int lladdrlen, int type, int code)
{
INIT_VNET_INET6(curvnet);
struct rtentry *rt = NULL;
struct llinfo_nd6 *ln = NULL;
int is_newentry;
@ -1883,8 +1902,11 @@ fail:
}
static void
nd6_slowtimo(void *ignored_arg)
nd6_slowtimo(void *arg)
{
CURVNET_SET((struct vnet *) arg);
INIT_VNET_NET((struct vnet *) arg);
INIT_VNET_INET6((struct vnet *) arg);
struct nd_ifinfo *nd6if;
struct ifnet *ifp;
@ -1907,6 +1929,7 @@ nd6_slowtimo(void *ignored_arg)
}
}
IFNET_RUNLOCK();
CURVNET_RESTORE();
}
#define senderr(e) { error = (e); goto bad;}
@ -1914,6 +1937,7 @@ int
nd6_output(struct ifnet *ifp, struct ifnet *origifp, struct mbuf *m0,
struct sockaddr_in6 *dst, struct rtentry *rt0)
{
INIT_VNET_INET6(curvnet);
struct mbuf *m = m0;
struct rtentry *rt = rt0;
struct sockaddr_in6 *gw6 = NULL;
@ -2264,12 +2288,13 @@ SYSCTL_NODE(_net_inet6_icmp6, ICMPV6CTL_ND6_DRLIST, nd6_drlist,
CTLFLAG_RD, nd6_sysctl_drlist, "");
SYSCTL_NODE(_net_inet6_icmp6, ICMPV6CTL_ND6_PRLIST, nd6_prlist,
CTLFLAG_RD, nd6_sysctl_prlist, "");
SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_MAXQLEN, nd6_maxqueuelen,
CTLFLAG_RW, &nd6_maxqueuelen, 1, "");
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_MAXQLEN,
nd6_maxqueuelen, CTLFLAG_RW, nd6_maxqueuelen, 1, "");
static int
nd6_sysctl_drlist(SYSCTL_HANDLER_ARGS)
{
INIT_VNET_INET6(curvnet);
int error;
char buf[1024] __aligned(4);
struct in6_defrouter *d, *de;
@ -2310,6 +2335,7 @@ nd6_sysctl_drlist(SYSCTL_HANDLER_ARGS)
static int
nd6_sysctl_prlist(SYSCTL_HANDLER_ARGS)
{
INIT_VNET_INET6(curvnet);
int error;
char buf[1024] __aligned(4);
struct in6_prefix *p, *pe;

Some files were not shown because too many files have changed in this diff Show More