Commit Graph

797 Commits

Author SHA1 Message Date
Mark Murray
eb6bd5940f This file was a horrible mixture of styles old and new.
Apply style(9).
2001-06-16 10:47:34 +00:00
Jonathan Lemon
08aadfbb98 Do not perform arp send/resolve on an interface marked NOARP.
PR: 25006
MFC after: 2 weeks
2001-06-15 21:00:32 +00:00
Peter Wemm
65f1bb65fe Fix warning. s/char/unsigned char/ in "(char *)eth"
294: warning: ethernet address is not type unsigned char *
2001-06-15 07:34:29 +00:00
Peter Wemm
6cac567e1b Fix warning: 848: warning: label `nosupport' defined but not used 2001-06-15 07:33:09 +00:00
Peter Wemm
d490e63aa7 Fix warning; remove unused variable 2001-06-15 07:32:25 +00:00
Peter Wemm
bd1c51b1e7 Remove unused variable 2001-06-15 07:31:15 +00:00
Hajimu UMEMOTO
e22115bbf1 Make compilable. addlog(...) was replaced with log(-1, ...)
Reported by:	peter
2001-06-13 17:30:55 +00:00
Hajimu UMEMOTO
46f48be960 Restore the code wrongly nuked by previous commit.
Following changed was made by previous commit:

  - IPV6CP supporting in kernel level ppp from NetBSD.

Submitted by:	y.shirasaki@ntt.com
2001-06-12 08:52:54 +00:00
Hajimu UMEMOTO
3384154590 Sync with recent KAME.
This work was based on kame-20010528-freebsd43-snap.tgz and some
critical problem after the snap was out were fixed.
There are many many changes since last KAME merge.

TODO:
  - The definitions of SADB_* in sys/net/pfkeyv2.h are still different
    from RFC2407/IANA assignment because of binary compatibility
    issue.  It should be fixed under 5-CURRENT.
  - ip6po_m member of struct ip6_pktopts is no longer used.  But, it
    is still there because of binary compatibility issue.  It should
    be removed under 5-CURRENT.

Reviewed by:	itojun
Obtained from:	KAME
MFC after:	3 weeks
2001-06-11 12:39:29 +00:00
Peter Wemm
0978669829 "Fix" the previous initial attempt at fixing TUNABLE_INT(). This time
around, use a common function for looking up and extracting the tunables
from the kernel environment.  This saves duplicating the same function
over and over again.  This way typically has an overhead of 8 bytes + the
path string, versus about 26 bytes + the path string.
2001-06-08 05:24:21 +00:00
Peter Wemm
4422746fdf Back out part of my previous commit. This was a last minute change
and I botched testing.  This is a perfect example of how NOT to do
this sort of thing. :-(
2001-06-07 03:17:26 +00:00
Peter Wemm
81930014ef Make the TUNABLE_*() macros look and behave more consistantly like the
SYSCTL_*() macros.  TUNABLE_INT_DECL() was an odd name because it didn't
actually declare the int, which is what the name suggests it would do.
2001-06-06 22:17:08 +00:00
Ruslan Ermilov
ffdc316d48 When looking for an interface appropriate for the (new or changing)
route in ifa_ifwithroute(), as the last resort, look up the route to
the gateway, not destination (to derive the interface from).

PR:		kern/27852
Submitted by:	Iasen Kostoff <tbyte@tbyte.org>
MFC after:	2 weeks
2001-06-04 14:13:15 +00:00
Yaroslav Tykhiy
a98dc5e6a7 First, wrap the if_up() call into splimp()/splx() because
if_up() must be called at splnet or higher.
Second, set the IFF_RUNNING flag on an interface after its
resources (i.e. tunnel source and destination addresses)
have been set. Note that we don't set IFF_UP because it is
if_up()'s job to do that.

PR:		kern/27851
Submitted by:	Horacio J. PeÓa <horape@compendium.com.ar>
2001-06-03 17:31:11 +00:00
Brian Somers
51716196a4 Support /dev/tun cloning. Ansify if_tun.c while I'm there.
Only tun0 -> tun32767 may now be opened as struct ifnet's if_unit
is a short.

It's now possible to open /dev/tun and get a handle back for an available
tun device (use devname to find out what you got).

The implementation uses rman by popular demand (and against my judgement)
to track opened devices and uses the new dev_depends() to ensure that
all make_dev()d devices go away before the module is unloaded.

Reviewed by:	phk
2001-06-01 15:51:10 +00:00
Poul-Henning Kamp
419d8080a4 Currently, each wireless networking driver has it's own control program
despite the fact that most people want to set exactly the same settings
regardless of which card they have.  It has been repeatidly suggested
that this configuration should be done via ifconfig.  This patch
implements the required functionality in ifconfig and add support to the
wi and an drivers.  It also provides partial, untested support for the
awi driver.

PR:		25577
Submitted by:	Brooks Davis <brooks@one-eyed-alien.net>
2001-05-26 09:27:08 +00:00
Poul-Henning Kamp
d951f85b28 Make if_tun's clone create SI_CHEAPCLONE devices. 2001-05-25 13:32:53 +00:00
Duncan Barclay
d22e5c3d89 Add a couple more codes for upcoming raylink driver additions.
MFC after:	3 days
2001-05-17 21:37:41 +00:00
Bill Fenner
26e3096360 Get IP multicast working on VLAN devices:
- Allocate zeroed memory in ether_resolvemulti() to prevent equal() from
  comparing garbage and determining that two otherwise-equal sockaddr_dls
  are different.
- Fill in all required fields of the sockaddr_dl
- Actually copy the multicast address into the sockaddr_dl when calling
  if_addmulti()
- Don't claim that we don't have a way to resolve layer 3 addresses into
  layer 2 addresses; use the ethernet way.
2001-05-02 16:12:58 +00:00
Mark Murray
fb919e4d5a Undo part of the tangle of having sys/lock.h and sys/mutex.h included in
other "system" header files.

Also help the deprecation of lockmgr.h by making it a sub-include of
sys/lock.h and removing sys/lockmgr.h form kernel .c files.

Sort sys/*.h includes where possible in affected files.

OK'ed by:	bde (with reservations)
2001-05-01 08:13:21 +00:00
Bill Fenner
4f3c11a654 Better handling of ioctl(SIOCSIFFLAGS) failing in ifpromisc():
- Don't print the "promiscuous mode (enabled|disabled)" on failure
- Restore the reference count on failure
2001-04-27 22:20:22 +00:00
Brian Somers
395692dae2 Dont (ab)use drv2 to know if (si_flags & SI_NAMED) (pointed out by dd)
Call cdevsw_remove when we unload.
2001-04-17 09:59:34 +00:00
Joerg Wunsch
9a82806973 Move the decision whether we want to request authentication from our
peer out from sppp_lcp_open() to sppp_lcp_up().  For one, this makes
things look more symmetrical to sppp_lcp_close(), and somehow it also
just occurred to me that an Up event following the open caused the
value of the authentication option to be clobbered.
2001-04-08 20:29:09 +00:00
Garance A Drosehn
0832fc6494 Fix bpf devices so select() recognizes that they are always writable.
PR:		9355
Submitted by:	Bruce Evans <bde@zeta.org.au>
Reviewed by:	Garrett Rooney <rooneg@electricjellyfish.net>  (see pr :-)
2001-04-04 23:27:35 +00:00
Yaroslav Tykhiy
b7bffa713d Change the type of the VLAN interface from IFT_PROPVIRTUAL,
which was a temporary hack, to IFT_L2VLAN, which is the type
assigned by IANA.
2001-04-04 15:10:58 +00:00
Yaroslav Tykhiy
bcc4358845 Add recently assigned interface types.
Obtained from:	ftp://ftp.isi.edu/in-notes/iana/assignments/smi-numbers
2001-04-04 14:18:57 +00:00
Yaroslav Tykhiy
3f21587946 Sync up to NetBSD, Step 2:
Add the interface types 0x37 through 0xbd.

Obtained from:	NetBSD
2001-04-04 14:13:03 +00:00
Yaroslav Tykhiy
8fe3eb6443 Sync up to NetBSD again, Step 1:
* Set the CSRG SCCS ID to the revision this file is actually based on
  (the file itself has been updated to Lite2 in rev. 1.4).

* Fix some typos in comments.

* Add a comment to the trailing #endif according to style(9)
2001-04-04 14:04:52 +00:00
Brian Somers
fb45b6d4e3 Allow MOD_UNLOADs of if_tun, and handle event handler registration
failures in MOD_LOAD.

Dodge duplicate make_dev() calls by (ab)using dev->si_drv2 to
remember if we created the device node via a dev_clone callback
before the d_open call.
2001-04-03 01:22:15 +00:00
Brian Somers
2c514a3101 If ifpromisc() fails the SIOCSIFFLAGS ioctl, put ifp->if_flags
back the way we found them.
2001-04-02 21:49:40 +00:00
Brian Somers
9c36ab644e Return 0 and do nothing when we get a SIOCSIFFLAGS.
Without this, ifpromisc() always fails (after setting the IFF_PROMISC
bit in ifp->if_flags) and bpf never bothers to turn promiscuous mode off.

PR:	20188
2001-04-02 21:49:18 +00:00
Yaroslav Tykhiy
249932144b Fix a number of minor bugs in the VLAN code:
* Initialize the "struct sockaddr_dl sdl" correctly in vlan_setmulti().

  PR: kern/22181

* The driver used to call malloc(..., M_NOWAIT), but to not check the
  return value. Change malloc(..., M_NOWAIT) to malloc(..., M_WAITOK)
  because the corresponding part of code is called from the upper
  half of the kernel only.

  PR: kern/22181

* Make sure a parent interface is up and running before invoking
  its if_start() routine in order to avoid system panic.

  PR: kern/22179 kern/24741 i386/25478

* Do not copy all the flags from a parent mindlessly.

  PR: kern/22179

* Do not call if_down() on a parent interface if it's already down.
  Call if_down() at splimp because if_down() needs that.

  PR: kern/22179

Reviewed by: wollman
2001-03-28 15:52:12 +00:00
John Baldwin
f34fa851e0 Catch up to header include changes:
- <sys/mutex.h> now requires <sys/systm.h>
- <sys/mutex.h> and <sys/sx.h> now require <sys/lock.h>
2001-03-28 09:17:56 +00:00
John Baldwin
5e980e229f Use mtx_initiaalized() rather than violating the internals of the mutex
structure.
2001-03-28 09:04:25 +00:00
Yaroslav Tykhiy
ccb7cc8ddd Don't bypass notifying a corresponding interface
when leaving a link-layer multicast group.

PR:		kern/22176
Reviewed by:	wollman
2001-03-27 13:15:57 +00:00
Poul-Henning Kamp
f83880518b Send the remains (such as I have located) of "block major numbers" to
the bit-bucket.
2001-03-26 12:41:29 +00:00
Joerg Wunsch
728eb83bf2 This is another MFC candidate.
Fix a serious bug in sppp where anyone could obtain a successful PAP
authentication by supplying a null password.  I've only stumpled across
the PR while browsing for all sppp-related PRs.

Should we also file a security advisory for this?

PR:		21592
Submitted by:	<dli@3bc.de> Dirk Liebke
2001-03-25 09:53:07 +00:00
Joerg Wunsch
8d21ca78d9 (MFC candidate, see below).
When we get an Open event in stopped state, experience shows that this
is usually means we've somehow missed a previous Down event.  This has
occasionally bitten people for the IPCP layer with ISDN, apparently a
previously aborted IPCP negotiation must have caused this.  As a
bandaid, we quickly pretent a Down event by advancing to starting
state; this effectively implements the `restart' option mentioned in
RFC 1663.

While i'm not yet fully convinced this is the best thing to do (and is
fully compliant with RFC 1661), i've seen a number of reports here on
the German mailing lists where people have been bitten by the previous
behaviour which usually causes quickly looping ISDN reconnects (thus
loss of money...), and where just this patch fixes the problem.

For this, i'd even like to see it MFC'd if possible.

Submitted by:	Helmut Kreft <kreft@zeus.ai-lab.fh-furtwangen.de>
2001-03-23 19:51:12 +00:00
Matthew N. Dodd
0623d11f51 - Add iso88025_ifdetach().
- Add support for 802.2 type IPX frames.
- Cleanup iso88025_output() and iso88025_output() a bit.
2001-03-18 05:43:25 +00:00
Matthew N. Dodd
09efa444d5 - Define payload length constants for 4Mbps and 16Mbps.
- Use explicit sizes for header structure fields.
- Use __attribute__ ((__packed__)) for header structures.
- Define struct iso88025_rif; for future use.
- Prototype upcoming iso88025_ifdetach()
- Get rid of __P() constructs in prototypes.
2001-03-18 05:41:07 +00:00
Ruslan Ermilov
089cdfad78 net/route.c:
A route generated from an RTF_CLONING route had the RTF_WASCLONED flag
  set but did not have a reference to the parent route, as documented in
  the rtentry(9) manpage.  This prevented such routes from being deleted
  when their parent route is deleted.

  Now, for example, if you delete an IP address from a network interface,
  all ARP entries that were cloned from this interface route are flushed.

  This also has an impact on netstat(1) output.  Previously, dynamically
  created ARP cache entries (RTF_STATIC flag is unset) were displayed as
  part of the routing table display (-r).  Now, they are only printed if
  the -a option is given.

netinet/in.c, netinet/in_rmx.c:

  When address is removed from an interface, also delete all routes that
  point to this interface and address.  Previously, for example, if you
  changed the address on an interface, outgoing IP datagrams might still
  use the old address.  The only solution was to delete and re-add some
  routes.  (The problem is easily observed with the route(8) command.)

  Note, that if the socket was already bound to the local address before
  this address is removed, new datagrams generated from this socket will
  still be sent from the old address.

PR:		kern/20785, kern/21914
Reviewed by:	wollman (the idea)
2001-03-15 14:52:12 +00:00
Matthew N. Dodd
107010e9fe This include file has no business being here. 2001-03-15 03:38:20 +00:00
Bosko Milekic
fef5fd2315 Plug several mbuf leaks in error cases (in nd6)
Submitted by: jhay
2001-03-11 05:31:45 +00:00
Alfred Perlstein
95cbf4d3c0 Protect against negative numbers as well 2001-02-26 09:52:43 +00:00
Alfred Perlstein
a5700d6002 fix typo in comment 2001-02-26 09:13:42 +00:00
Alfred Perlstein
3c18a0cac9 Santize a size variable passed to kernel malloc.
Since we know there's always an upper bound we force that bound,
otherwise users can cause a panic via malloc getting hit with a
odd (huge or negative) amount of memory to allocate.

Tested by: kris
Pointed out by: Andrey Valyaev <dron@infosec.ru>
2001-02-26 09:07:55 +00:00
Robert Watson
91421ba234 o Move per-process jail pointer (p->pr_prison) to inside of the subject
credential structure, ucred (cr->cr_prison).
o Allow jail inheritence to be a function of credential inheritence.
o Abstract prison structure reference counting behind pr_hold() and
  pr_free(), invoked by the similarly named credential reference
  management functions, removing this code from per-ABI fork/exit code.
o Modify various jail() functions to use struct ucred arguments instead
  of struct proc arguments.
o Introduce jailed() function to determine if a credential is jailed,
  rather than directly checking pointers all over the place.
o Convert PRISON_CHECK() macro to prison_check() function.
o Move jail() function prototypes to jail.h.
o Emulate the P_JAILED flag in fill_kinfo_proc() and no longer set the
  flag in the process flags field itself.
o Eliminate that "const" qualifier from suser/p_can/etc to reflect
  mutex use.

Notes:

o Some further cleanup of the linux/jail code is still required.
o It's now possible to consider resolving some of the process vs
  credential based permission checking confusion in the socket code.
o Mutex protection of struct prison is still not present, and is
  required to protect the reference count plus some fields in the
  structure.

Reviewed by:	freebsd-arch
Obtained from:	TrustedBSD Project
2001-02-21 06:39:57 +00:00
Robert Watson
5be30b375e o Remove unnecessary jail() check in bpfopen() -- we limit device access
in jail using /dev namespace limits and mknod() limits, not by explicit
  checks in the device open code.
2001-02-21 05:34:34 +00:00
Mark Murray
10b1fde07f Insert entropy harvesting calls for network traffic. By
default, no entropy will be harvested.
2001-02-18 17:54:52 +00:00
Jonathan Lemon
e7bb21b3df Add mutexes to the entire bpf subsystem to make it MPSAFE.
Previously reviewed by: jhb, bde
2001-02-16 17:10:28 +00:00