Commit Graph

1410 Commits

Author SHA1 Message Date
rwatson
1d1b2c7f35 Lock down if_tun global variables using a new mutex, tunmtx. As with
other pseudo-interfaces, break out tear-down of a softc into a
separate tun_destroy() function, and invoke that from the module
unloader.  Hold tunmtx across manipulations of the global softc list.
2004-03-29 18:42:51 +00:00
rwatson
8a581b46e3 Modify BPF descriptor assertions to assert Giant when a BPF descriptor
lock is asserted and running non-MPSAFE.
2004-03-29 00:33:39 +00:00
rwatson
aaf338640e Lock down global variables in if_gre:
- Add gre_mtx to protect global softc list.
- Hold gre_mtx over various list operations (insert, delete).
- Centralize if_gre interface teardown in gre_destroy(), and call this
  from modevent unload and gre_clone_destroy().
- Export gre_mtx to ip_gre.c, which walks the gre list to look up gre
  interfaces during encapsulation.  Add a wonking comment on how we need
  some sort of drain/reference count mechanism to keep gre references
  alive while in use and simultaneous destroy.

This commit does not lockdown softc data, which follows in a future
commit.
2004-03-22 16:04:43 +00:00
rwatson
3932567f6a Lock down global variables in if_gif:
- Add gif_mtx, which protects globals.
- Hold gif_mtx around manipulation of gif_softc_list.
- Abstract gif destruction code into gif_destroy(), which tears down
  a softc after it's been removed from the global list by either module
  unload or clone destroy.
- Lock gif_called, even though we know gif_called is broken with reentrant
  network processing.
- Document an event ordering problem in gif_set_tunnel() that will need
  to be fixed.

gif_softc fields not locked down in this commit.
2004-03-22 15:43:14 +00:00
rwatson
23a7b8ad4d Move "called", a static function variable used to detect recursive
processing with gif interfaces, to a global variable named "gif_called".
Add an annotation that this approach will not work with a reentrant
network stack, and that we should instead use packet tags to detect
excessive recursive processing.
2004-03-22 14:24:26 +00:00
mdodd
49f091a529 MAC addresses are 8 bits in ARCNET. Adjust bcopy(). 2004-03-22 03:52:51 +00:00
mdodd
83103b2b69 - Correct variable name.
- Correct unnecessary use of htons().

Reported by:	many.
2004-03-21 17:27:41 +00:00
mdodd
f7356ef2fa Handle AF_ARP. 2004-03-21 06:34:34 +00:00
rwatson
7bdc346d08 Correct a bug introduced with the recent clone API chang: when the clone
event handler for if_tap fails, make sure to clean up clone state to
prevent a clone memory leak.
2004-03-18 14:18:51 +00:00
rwatson
54eb0efc53 sAdd a comment indicating why there continues to be a race condition in
the tap driver, even with Giant over the cdev operation vector, due to
a non-atomic test-and-set of the si_drv1 field in the dev_t.  This bug
exists with Giant under high memory pressure, as malloc() may sleep
in tapcreate(), but is less likely to occur.  The resolution will
probably be to cover si_drv1 using the global tapmtx since no softc is
available, but I need to think about this problem more generally
across a range of drivers using si_drv1 in combination with SI_CHEAPCLONE
to defer expensive allocation to open().

Correct what appears to be a bug in the original if_tap implementation,
in which tapopen() will panic if a tap device instance is opened more
than once due to an incorrect assertion -- only triggered if INVARIANTS
is compiled in (i.e., when built into a kernel).  Return EBUSY instead.

Expand mtx_lock() coverage using tp->tap_mtx to include tp->ether_addr.
2004-03-18 09:55:11 +00:00
rwatson
131892ca17 Remove tun_proc; replace with tun_pid. tun_proc pointer may be stale
as the process that opens tun_softc can exit before the file
descriptor is closed.

Taiwan experience provided by:	keichii
Crashing breakers provided by:	Chia-liang Kao <clkao@clkao.org>
2004-03-17 01:12:09 +00:00
rwatson
90c4d019f1 Add tap_mtx to tap_softc in order to protect per-softc variables
(tap_pid, tap_flags).  if_tap should now be entirely MPSAFE.

Committed from:			Bamboo house by ocean in Taiwan
Tropical paradise provided by:	Chia-liang Kao <clkao@clkao.org>
2004-03-17 01:09:59 +00:00
rwatson
420f21f752 Lock down global variables in if_tap (primarily, the tap softc list);
add tapmtx, which protects globale variables.

Notes:

- The EBUSY check in MOD_UNLOAD may be subject to a race.  Moving the
  event handler unregister inside the mutex grab may prevent that race.

- Locking of global variables safely is now possible because tapclones
  is only modified when the module is loading or unloading, thanks to
  phk's recent chang to clone_setup().

- softc locking to follow.
2004-03-15 01:52:00 +00:00
mdodd
5c1fa8d5da Announce ethernet MAC addresss in ether_ifattach(). 2004-03-14 07:12:25 +00:00
mdodd
07e9f5afca Handle AF_ARP in *_output()
Obtained from:	NetBSD
2004-03-14 05:24:54 +00:00
rwatson
066f7934c6 Compare spppq to NULL instead of using spppq as a boolean. 2004-03-14 01:32:44 +00:00
rwatson
48af8aa9c0 Constify interactive_ports, as its value is static, and therefore doesn't
require synchronization.
2004-03-13 06:16:59 +00:00
rwatson
8a06745b20 Remove stale (unused) unit variables from if_tun and if_tap softc's. 2004-03-13 05:51:06 +00:00
rwatson
b39582afd3 Constify iso88025_broadcastaddr to make it clear no explicit
synchronization is required.
2004-03-13 05:46:26 +00:00
brooks
d90c60e2d6 Don't allow interfaces to be renamed to the empty string.
While I'm here, errors aren't bools.

Pointed out by:	hmp
2004-03-13 02:35:03 +00:00
brooks
cb7aea29b8 Remove if_withname. It came in with the KAME import, but never got
used.  Should someone need its functionality, it's a really expensive
implementation of:
	ifnet_byindex(sdl->sdl_index)

Reviewed by:    bde, ume
2004-03-13 02:31:40 +00:00
phk
fdd216910f Add clone_setup() function rather than rely on lazy initialization.
Requested by:	rwatson
2004-03-11 12:58:55 +00:00
phk
87be713f99 Fix handling of tap/vmnet flag in relation to cloning and properly enforce
largest supported unit number for this device driver.

Reported by:	Kaho Toshikazu <kaho@easy.es.tuat.ac.jp>
2004-03-10 08:02:29 +00:00
rwatson
b6f84aeea9 Const-poison ethernet and FDDI broadcast address constants, as they
are accessed read-only.
2004-03-09 23:55:59 +00:00
rwatson
19c49ad2c7 Introduce stf_mtx to protect global softc list in if_stf. Add
stf_destroy() to handle the common softc destruction path for the
two destruction sources: interface cloning destroy, and module
unload.

NOTE: sc_ro, the cached route for stf conversion, is not synchronized
against concurrent access in this change, that will follow in a future
change.

Reviewed by:	pjd
2004-03-09 20:29:19 +00:00
rwatson
63f793ca24 Introduce faith_mtx to protect the if_faith global softc list.
Push if_faith softc destruction logic into faith_destroy() so that
it can be called after softc list removal in both the clone destroy
and module unload paths.
2004-03-09 19:23:06 +00:00
rwatson
c02494f647 Introduce lo_mtx to protect the global loopback softc list. I'm not
really sure why we have a softc list for if_loop, given that it
can't be unloaded, but that's an issue to revisit in the future as
corrupting the softc list would still cause panics.

Reviewed by:	benno
2004-03-09 17:27:48 +00:00
rwatson
2895d8d1ea Introduce disc_mtx to protect the global softc list in if_disc.
Since there are two destroy paths for if_disc interfaces --
module unload and cloan interface destroy, create a new utility
function disc_destroy(), which is callded on a softc after it
has been removed from the global softc list; the cloaner and
module unload entry paths will both remove it before calling
disc_destroy().

Reviewed by:	pjd
2004-03-09 16:31:19 +00:00
rwatson
a99c4f7687 Const-poison ip_stf_ttl to make it clear that the variable is not
modified at run-time.
2004-03-07 05:15:42 +00:00
mlaier
a32329ae33 Two minor follow-ups on the MT_TAG removal:
ifp is now passed explicitly to ether_demux; no need to look it up again.
Make mtag a global var in ip_input.

Noticed by:	rwatson
Approved by:	bms(mentor)
2004-03-02 14:37:23 +00:00
rwatson
b0b5f961bd Rename dup_sockaddr() to sodupsockaddr() for consistency with other
functions in kern_socket.c.

Rename the "canwait" field to "mflags" and pass M_WAITOK and M_NOWAIT
in from the caller context rather than "1" or "0".

Correct mflags pass into mac_init_socket() from previous commit to not
include M_ZERO.

Submitted by:	sam
2004-03-01 03:14:23 +00:00
rwatson
c1b863ca38 Define BPFD_LOCK_ASSERT() to assert the BPF descriptor lock.
Assert the BPF descriptor lock in the MAC calls referencing live
BPF descriptors.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, McAfee Research
2004-02-29 15:33:56 +00:00
rwatson
d108afc2e8 Grab Giant after MAC processing on outgoing packets being sent via
BPF.  Grab the BPF descriptor lock before entering MAC since the MAC
Framework references BPF descriptor fields, including the BPF
descriptor label.

Submitted by:	sam
2004-02-29 15:32:33 +00:00
mlaier
d937176b34 Bring eventhandler callbacks for pf.
This enables pf to track dynamic address changes on interfaces (dailup) with
the "on (<ifname>)"-syntax. This also brings hooks in anticipation of
tracking cloned interfaces, which will be in future versions of pf.

Approved by: bms(mentor)
2004-02-26 04:27:55 +00:00
mlaier
428f1c9a0f Tweak existing header and other build infrastructure to be able to build
pf/pflog/pfsync as modules. Do not list them in NOTES or modules/Makefile
(i.e. do not connect it to any (automatic) builds - yet).

Approved by: bms(mentor)
2004-02-26 03:53:54 +00:00
mlaier
1504165dce Re-remove MT_TAGs. The problems with dummynet have been fixed now.
Tested by: -current, bms(mentor), me
Approved by: bms(mentor), sam
2004-02-25 19:55:29 +00:00
bde
244945ffaa Don't set d_flags twice. The second setting clobbered D_NOGIANT. 2004-02-24 04:35:44 +00:00
phk
ad925439e0 Device megapatch 4/6:
Introduce d_version field in struct cdevsw, this must always be
initialized to D_VERSION.

Flip sense of D_NOGIANT flag to D_NEEDGIANT, this involves removing
four D_NOGIANT flags and adding 145 D_NEEDGIANT flags.
2004-02-21 21:10:55 +00:00
phk
32b7c9a433 Device megapatch 2/6:
This commit adds a couple of functions for pseudodrivers to use for
implementing cloning in a manner we will be able to lock down (shortly).

Basically what happens is that pseudo drivers get a way to ask for
"give me the dev_t with this unit number" or alternatively "give
me a dev_t with the lowest guaranteed free unit number" (there is
unfortunately a lot of non-POLA in the exact numeric value of this
number, just live with it for now)

Managing the unit number space this way removes the need to use
rman(9) to do so in the drivers this greatly simplifies the code in
the drivers because even using rman(9) they still needed to manage
their dev_t's anyway.

I have taken the if_tun, if_tap, snp and nmdm drivers through the
mill, partly because they (ab)used makedev(), but mostly because
together they represent three different problems for device-cloning:

if_tun and snp is the plain case: just give me a device.

if_tap has two kinds of devices, with a flag for device type.

nmdm has paired devices (ala pty) can you can clone either of them.
2004-02-21 20:29:52 +00:00
phk
df397dedea Device megapatch 1/6:
Free approx 86 major numbers with a mostly automatically generated patch.

A number of strategic drivers have been left behind by caution, and a few
because they still (ab)use their major number.
2004-02-21 19:42:58 +00:00
yar
c018b8a86e Minor beautifications related to style(9) and code consistency.
No functional changes.
2004-02-21 12:56:09 +00:00
yar
3325da8ccd Improve the SIOCSIFCAP handler a bit:
- allow for ifp->if_ioctl being NULL, as the rest of ifioctl() does;
- give the interface driver a chance to report a error to the caller;
- don't forget to update ifp->if_lastchange upon successful modification
  of interface operation parameters.
2004-02-21 12:48:25 +00:00
mlaier
60723c3260 Backout MT_TAG removal (i.e. bring back MT_TAGs) for now, as dummynet is
not working properly with the patch in place.

Approved by: bms(mentor)
2004-02-18 00:04:52 +00:00
des
e54c8a0746 Random style fixes and a comment update. No functional changes. 2004-02-16 18:19:15 +00:00
dwmalone
58ec0542c4 Return EACCES rather than ENOBUFS if ipfw blocks a packet on the
way out at layer 2.

PR:		62385
Submitted by:	Oleg Bulyzhin <oleg@rinet.ru>
Approved by:	luigi
MFC after:	1 week
2004-02-15 21:27:27 +00:00
mlaier
da4d773b12 This set of changes eliminates the use of MT_TAG "pseudo mbufs", replacing
them mostly with packet tags (one case is handled by using an mbuf flag
since the linkage between "caller" and "callee" is direct and there's no
need to incur the overhead of a packet tag).

This is (mostly) work from: sam

Silence from: -arch
Approved by: bms(mentor), sam, rwatson
2004-02-13 19:14:16 +00:00
bms
903cdeea1a Initial import of RFC 2385 (TCP-MD5) digest support.
This is the first of two commits; bringing in the kernel support first.
This can be enabled by compiling a kernel with options TCP_SIGNATURE
and FAST_IPSEC.

For the uninitiated, this is a TCP option which provides for a means of
authenticating TCP sessions which came into being before IPSEC. It is
still relevant today, however, as it is used by many commercial router
vendors, particularly with BGP, and as such has become a requirement for
interconnect at many major Internet points of presence.

Several parts of the TCP and IP headers, including the segment payload,
are digested with MD5, including a shared secret. The PF_KEY interface
is used to manage the secrets using security associations in the SADB.

There is a limitation here in that as there is no way to map a TCP flow
per-port back to an SPI without polluting tcpcb or using the SPD; the
code to do the latter is unstable at this time. Therefore this code only
supports per-host keying granularity.

Whilst FAST_IPSEC is mutually exclusive with KAME IPSEC (and thus IPv6),
TCP_SIGNATURE applies only to IPv4. For the vast majority of prospective
users of this feature, this will not pose any problem.

This implementation is output-only; that is, the option is honoured when
responding to a host initiating a TCP session, but no effort is made
[yet] to authenticate inbound traffic. This is, however, sufficient to
interwork with Cisco equipment.

Tested with a Cisco 2501 running IOS 12.0(27), and Quagga 0.96.4 with
local patches. Patches for tcpdump to validate TCP-MD5 sessions are also
available from me upon request.

Sponsored by:	sentex.net
2004-02-11 04:26:04 +00:00
brooks
4f14e0fa86 Add the kernel side of network interface renaming support.
The basic process is to send a routing socket announcement that the
interface has departed, change if_xname, update the sockaddr_dl
associated with the interface, and announce the arrival of the interface
on the routing socket.

As part of this change, ifunit() is greatly simplified by testing
if_xname directly.  if_clone_destroy() now uses if_dname to look up the
cloner for the interface and if_dunit to identify the unit number.

Reviewed by:	ru, sam (concept)
		Vincent Jardin <vjardin AT free.fr>
		Max Laier <max AT love2party.net>
2004-02-04 02:54:25 +00:00
brooks
091c7e4af0 More macro cleanup. Use the system roundup2() macro instead of making
our own ROUNDUP() macro.

Suggested by:	bde
2004-02-02 21:55:34 +00:00
sobomax
2b5008cb00 Remove NetBSD'isms (add FreeBSD'isms?), which makes gre(4) working again. 2004-01-30 09:03:01 +00:00