Commit Graph

1105 Commits

Author SHA1 Message Date
marius
b8d578077a Rewrite nd6_sysctl_{d,p}rlist() to avoid misaligned accesses to char arrays
casted to structs by getting rid of these buffers entirely. In r169832, it
was tried to paper over this issue by 32-bit aligning the buffers. Depending
on compiler optimizations that still was insufficient for 64-bit architectures
with strong alignment requirements though.
While at it, add comments regarding the total lack of locking in this area.

Tested by:	bz
Reviewed by:	bz (slightly earlier version), yongari (earlier version)
MFC after:	1 week
2012-05-20 05:12:31 +00:00
tuexen
442f3db615 Missed to commit this in r235414.
MFC after: 3 days
2012-05-13 19:25:21 +00:00
tuexen
abe6735879 Use ECONNABORTED in cases where the ABORT was sent to the peer.
MFC after: 3 days
2012-05-13 16:56:16 +00:00
tuexen
b3431e25a4 Provide in the association change notification the received ABORT chunk
if case of SCTP_COMM_LOST or SCTP_CANT_STR_ASSOC as required by RFC 6458.

MFC after: 3 days
2012-05-12 20:11:35 +00:00
glebius
348e8ce8be in6_pcblookup_local() still can return a pcb with NULL
inp_socket. To avoid panic, do not dereference inp_socket,
but obtain reuse port option from inp_flags2, like this
is done after next call to in_pcblookup_local() a few lines
down below.

Submitted by:	rwatson
2012-03-21 08:43:38 +00:00
tuexen
52199a8cf4 Clean up, no functional change.
MFC after: 3 days.
2012-03-15 14:22:05 +00:00
bz
b70c7f1db8 In nd6_options() ignore the RFC 6106 options completely rather than printing
them if nd6_debug is enabled as unknown.  Leave a comment about the RFC4191
option as I am undecided so far.

Discussed with:	hrs
MFC after:	3 days
2012-03-04 18:51:45 +00:00
hrs
c2fcac3f88 Allow to configure net.inet6.ip6.{accept_rtadv,no_radr} by the loader tunables
as well because they have to be configured before interface initialization for
AF_INET6.
2012-03-02 07:23:28 +00:00
hrs
ae62f802c7 Remove a redundant check. 2012-03-02 07:22:04 +00:00
bz
9eb6f57f87 In selectroute() add a missing fibnum argument to an in6_rtalloc()
call in an #if 0 section.

In in6_selecthlim() optimize a case where in6p cannot be NULL due to an
earlier check.

More consistently use u_int instead of int for fibnum function arguments.

Sponsored by:	Cisco Systems, Inc.
MFC after:	3 days
2012-02-24 20:06:04 +00:00
kmacy
a99e9d281d When using flowtable llentrys can outlive the interface with which they're associated
at which the lle_tbl pointer points to freed memory and the llt_free pointer is no longer
valid.

Move the free pointer in to the llentry itself and update the initalization sites.

MFC after:	2 weeks
2012-02-23 18:21:37 +00:00
tuexen
01e294b2fd Remove two clang warnings.
MFC after: 1 month.
2012-02-18 16:06:15 +00:00
bz
dcdb23291f Merge multi-FIB IPv6 support from projects/multi-fibv6/head/:
Extend the so far IPv4-only support for multiple routing tables (FIBs)
introduced in r178888 to IPv6 providing feature parity.

This includes an extended rtalloc(9) KPI for IPv6, the necessary
adjustments to the network stack, and user land support as in netstat.

Sponsored by:	Cisco Systems, Inc.
Reviewed by:	melifaro (basically)
MFC after:	10 days
2012-02-17 02:39:58 +00:00
glebius
b1246dbed6 Remove casts from inet6 address testing macros, thus preserving
qualifier from original argument.

Obtained from:	NetBSD, r. 1.67
Submitted by:	maxim
2012-01-26 12:04:19 +00:00
pluknet
cf0bd26fe1 Remove unused variable.
The actual ia6->ia6_lifetime access is hidden in
IFA6_IS_INVALID/IFA6_IS_DEPRECATED macros since a long time ago
(see netinet6/nd6.c, r1.104 of KAME for the reference).

MFC after:	3 days
2012-01-25 08:53:42 +00:00
bz
e59c01b14f Plug a possible ifa_ref leak in case of premature return from in6_purgeaddr().
Reviewed by:	rwatson
MFC after:	3 days
2012-01-24 13:57:30 +00:00
pluknet
728e6ff16e Remove the stale XXX rt_newaddrmsg comment.
A routing socket message is generated since r192282.

Reviewed by:	bz
MFC after:	3 days
2012-01-24 09:51:42 +00:00
bz
e8bf125640 Remove unnecessary line break.
MFC after:	3 days
2012-01-24 06:21:38 +00:00
bz
a8d3ef905d Clean up some #endif comments removing from short sections. Add #endif
comments to longer, also refining strange ones.

Properly use #ifdef rather than #if defined() where possible.  Four
#if defined(PCBGROUP) occurances (netinet and netinet6) were ignored to
avoid conflicts with eventually upcoming changes for RSS.

Reported by:	bde (most)
Reviewed by:	bde
MFC after:	3 days
2012-01-22 02:13:19 +00:00
tuexen
bddf5b6a08 Small cleanup, no functional change. 2012-01-15 14:03:05 +00:00
tuexen
ebc0602463 Add an SCTP sysctl "blackhole", similar to the one for TCP.
If set to 1, no ABORT is sent back in response to an incoming
INIT. If set to 2, no ABORT is sent back in response to
an out of the blue packet. If set to 0 (the default), ABORTs
are sent.
Discussed with rrs@.

MFC after: 1 month.
2012-01-08 09:56:24 +00:00
jhb
4ef366671a Convert all users of IF_ADDR_LOCK to use new locking macros that specify
either a read lock or write lock.

Reviewed by:	bz
MFC after:	2 weeks
2012-01-05 19:00:36 +00:00
bz
bfb18e3280 Mark a couple of file local functions static and stop exporting them.
MFC after:	1 week
2012-01-05 01:14:35 +00:00
bz
e889f6860b Convert an #ifdef DIAGNOSTIC if/panic to a KASSERT.
MFC after:	1 week
2012-01-05 01:13:25 +00:00
jhb
4e0513fc73 Use the mli_relinmhead list normally used to defer calls to
in6m_release_locked() to defer calls to mld_v1_transmit_report() until
after the IF_ADDR_LOCK is dropped.  This removes a race where the lock
is dropped and reacquired while attempting to walk an interface's
address list.

Reviewed by:	bz
MFC after:	1 week
2012-01-04 13:35:20 +00:00
glebius
2886f1415c Use correct locking when traversing interface address list.
Reviewed by:	bz
2012-01-04 07:01:23 +00:00
jhb
66d3d3405c When cancelling multicast timers on an interface, don't release the
reference on a group in the leaving state while iterating over the loop.
Instead, use the same approach used in igmp_ifdetach() and mld_ifdetach()
of placing the groups to free on pending release list and then releasing
the references after dropping the IF_ADDR_LOCK.  This closes an ugly race
where the code was dropping the lock in the middle of iterating over the
list.  It also fixes some additional potential use-after-free bugs since
the cancellation routine also applied other changes to the group after
dropping the reference.  Now those changes are performed before the
reference is dropped and the group is potentially freed.

Prodded to fix by:	glebius
Reviewed by:	bz
MFC after:	1 week
2012-01-03 20:34:52 +00:00
jhb
badf97ee75 Grab a reference on the matching interface address (ifa) in the handling
of the SIOC[DG]LIFADDR icotls before dropping the IF_ADDR_LOCK() and
release the reference after using it.  This prevents the address from
being potentially freed out from under the ioctl handler.

Reviewed by:	bz
MFC after:	1 week
2012-01-03 19:44:36 +00:00
jhb
dd61fe0873 Use TAILQ_FOREACH() instead of TAILQ_FOREACH_SAFE() for some loops that
do not modify the queues they iterate over.

Submitted by:	glebius
2012-01-03 16:22:29 +00:00
bz
ea62212755 Remove an uneeded inpcb forward declaration and align the function
declaration following to match the style in the rest of the file.

MFC after:	3 days
2012-01-02 13:03:13 +00:00
bz
55bd70ed9a Remove a declaration to a non-existent function.
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2011-12-31 16:19:22 +00:00
jhb
7a0151720c Use queue(3) macros instead of home-rolled versions in several places in
the INET6 code.  This includes retiring the 'ndpr_next' and 'pfr_next'
macros.

Submitted by:	pluknet (earlier version)
Reviewed by:	pluknet
2011-12-29 18:25:18 +00:00
tuexen
b9ef107414 Address issues found by clang. While there, fix also some style
issues.

MFC after: 3 months.
2011-12-27 10:16:24 +00:00
jhb
f3f015b978 Fix a bug where TAILQ_FIRST(&V_ifnet) was accessed without holding the
proper lock.

Reviewed by:	bz
MFC after:	1 week
2011-12-24 18:11:54 +00:00
glebius
653f8c5e71 Provide ABI compatibility shim to enable configuring of addresses
with ifconfig(8) prior to r228571.

Requested by:	brooks
2011-12-21 12:39:08 +00:00
maxim
330e98b5de o Convert IPv6 read-only stats sysctls to the read-write ones.
o Teach netstat(1) -z to reset these stats sysctls.

PR:		bin/153206
Reviewed by:	glebuis
Sponsored by:	NGINX, Inc.
MFC after:	1 month
2011-12-19 05:50:34 +00:00
tuexen
3a4d069b21 Fix unused parameter warnings.
While there, fix some whitespace issues.

MFC after: 3 months.
2011-12-17 19:21:40 +00:00
glebius
27a36f6ac8 A major overhaul of the CARP implementation. The ip_carp.c was started
from scratch, copying needed functionality from the old implemenation
on demand, with a thorough review of all code. The main change is that
interface layer has been removed from the CARP. Now redundant addresses
are configured exactly on the interfaces, they run on.

The CARP configuration itself is, as before, configured and read via
SIOCSVH/SIOCGVH ioctls. A new prefix created with SIOCAIFADDR or
SIOCAIFADDR_IN6 may now be configured to a particular virtual host id,
which makes the prefix redundant.

ifconfig(8) semantics has been changed too: now one doesn't need
to clone carpXX interface, he/she should directly configure a vhid
on a Ethernet interface.

To supply vhid data from the kernel to an application the getifaddrs(8)
function had been changed to pass ifam_data with each address. [1]

The new implementation definitely closes all PRs related to carp(4)
being an interface, and may close several others. It also allows
to run a single redundant IP per interface.

Big thanks to Bjoern Zeeb for his help with inet6 part of patch, for
idea on using ifam_data and for several rounds of reviewing!

PR:		kern/117000, kern/126945, kern/126714, kern/120130, kern/117448
Reviewed by:	bz
Submitted by:	bz [1]
2011-12-16 12:16:56 +00:00
glebius
c9b9c0a5a3 Fix double free.
PR:		kern/163089
Submitted by:	Herbie Robinson <Herbie.Robinson stratus.com>
2011-12-07 13:37:42 +00:00
bz
2c9fd688ff Return the correct value for the IPV6_MULTICAST_HOPS getsockopt() call.
Submitted by:	rpaulo
MFC after:	3 days
2011-11-13 02:32:10 +00:00
qingli
3b996bbc11 A default route learned from the RAs could be deleted manually
after its installation. This removal may be accidental and can
prevent the default route from being installed in the future if
the associated default router has the best preference. The cause
is the lack of status update in the default router on the state
of its route installation in the kernel FIB. This patch fixes
the described problem.

Reviewed by:	hrs, discussed with hrs
MFC after:	5 days
2011-11-11 23:22:38 +00:00
trociny
e290adc1a6 Fix false positive EADDRINUSE that could be returned by bind, due to
the typo made in r227207.

Reported by:	kib
Tested by:	kib
2011-11-11 14:09:09 +00:00
ed
0c56cf839d Mark all SYSCTL_NODEs static that have no corresponding SYSCTL_DECLs.
The SYSCTL_NODE macro defines a list that stores all child-elements of
that node. If there's no SYSCTL_DECL macro anywhere else, there's no
reason why it shouldn't be static.
2011-11-07 15:43:11 +00:00
glebius
599a401646 In icmp6_redirect_input:
- Assert that we got a valid mbuf with rcvif pointer. [1]
- Use __func__ in logging.

Submitted by:	prabhakar lakhera <prabhakar.lakhera gmail.com> [1]
Submitted by:	Kristof Provost <kristof sigsegv.be> [1]
2011-11-07 14:22:18 +00:00
ed
e97eae1577 Mark MALLOC_DEFINEs static that have no corresponding MALLOC_DECLAREs.
This means that their use is restricted to a single C file.
2011-11-07 06:44:47 +00:00
trociny
f9135967f2 Cache SO_REUSEPORT socket option in inpcb-layer in order to avoid
inp_socket->so_options dereference when we may not acquire the lock on
the inpcb.

This fixes the crash due to NULL pointer dereference in
in_pcbbind_setup() when inp_socket->so_options in a pcb returned by
in_pcblookup_local() was checked.

Reported by:	dave jones <s.dave.jones@gmail.com>, Arnaud Lacombe <lacombar@gmail.com>
Suggested by:	rwatson
Glanced by:	rwatson
Tested by:	dave jones <s.dave.jones@gmail.com>
2011-11-06 10:47:20 +00:00
trociny
ddbde914da Before dereferencing intotw() check for NULL, the same way as it is
done for in_pcb (see r157474).

MFC after:	1 week
2011-11-06 09:29:52 +00:00
pluknet
494eaea7b0 Remove a couple of write-only variables. 2011-11-03 09:09:05 +00:00
qingli
4fd26a87dc The code change made in r226040 was incomplete and resulted in
routes such as fe80::1%lo0 no being installed. This patch completes
the original intended fix.

Reviewed by:	hrs, bz
MFC after:	3 days
2011-10-16 22:24:04 +00:00
qingli
dd2b5b91eb The IPv6 code was influx at the time of r196865 due to the L2/L3
separation rewrite changes. r196865 was committed to fix a scope
violation problem in the following test scenario:

  box-1# ifconfig em0 inet6 2001:db8:1:: prefixlen 64 anycast
  box-1# ifconfig em1 inet6 2001:db8:2::1 prefixlen 64

  box-2# ifconfig re0 inet6 2001:db8:1::6 prefixlen 64

  em0 and re0 are on the same link.

  box-2# ping6 2001:db8:1::
  PING6(56=40+8+8 bytes) 2001:db8:1::6 --> 2001:db8:1::

the ICMPv6 response should have a source address of em1, which
is 2001:db8:2::1, not the link-local address of em0.

That code is no longer necessary and breaks the IPv6-Ready logo
testing, so revert it now.

Reviewed by:	hrs
MFC after:	3 days
2011-10-16 22:15:13 +00:00