522 Commits

Author SHA1 Message Date
Gleb Smirnoff
0306463aa0 Increase PPTP_MAX_TIMEOUT up to 3 seconds. 10 prooved too much for high packet
loss links, and 1 second appeared to be too small for high latency links.

If we will receive more complaints, we should make this parameter configurable.

PR:		kern/69536
Approved by:	archie, julian (mentor)
MFC after:	3 days
2004-09-06 19:53:58 +00:00
Robert Watson
42ec1da481 In FreeBSD 5.x, curthread is always defined, so we don't need to to test
and optionally use &thread0 if it's NULL.

Spotted by:	julian
2004-09-02 19:53:13 +00:00
Robert Watson
c6bfdc5d32 Acquire Giant arounds calls into the linker from Netgraph sockets.
We now no longer hold Giant in send(), so it isn't inheritted by the
linker, which calls into VFS.

Reported by:	glebius
Discussed with:	glebius, bz
2004-08-30 14:41:25 +00:00
Robert Watson
98f6a62499 Mark Netgraph TTY, KAME IPSEC, and IPX/SPX as requiring Giant for correct
operation using NET_NEEDS_GIANT().  This will result in a boot-time
restoration of Giant-enabled network operation, or run-time warning on
dynamic load (applicable only to the Netgraph component).  Additional
components will likely need to be marked with this in the future.
2004-08-28 15:24:53 +00:00
Andre Oppermann
3161f583ca Apply error and success logic consistently to the function netisr_queue() and
its users.

netisr_queue() now returns (0) on success and ERRNO on failure.  At the
moment ENXIO (netisr queue not functional) and ENOBUFS (netisr queue full)
are supported.

Previously it would return (1) on success but the return value of IF_HANDOFF()
was interpreted wrongly and (0) was actually returned on success.  Due to this
schednetisr() was never called to kick the scheduling of the isr.  However this
was masked by other normal packets coming through netisr_dispatch() causing the
dequeueing of waiting packets.

PR:		kern/70988
Found by:	MOROHOSHI Akihiko <moro@remus.dti.ne.jp>
MFC after:	3 days
2004-08-27 18:33:08 +00:00
Julian Elischer
f036d4081d Align netgraph message fields ready for 64-bit (and 128 bit :-) machines.
requires a recompile of netgraph users.
Also change the size of a field in the bluetooth code
that was waiting for the next change that needed recompiles so
it could piggyback its way in.

Submitted by:	jdp, maksim
MFC after:	2 days
2004-08-20 01:24:23 +00:00
Andre Oppermann
9b932e9e04 Convert ipfw to use PFIL_HOOKS. This is change is transparent to userland
and preserves the ipfw ABI.  The ipfw core packet inspection and filtering
functions have not been changed, only how ipfw is invoked is different.

However there are many changes how ipfw is and its add-on's are handled:

 In general ipfw is now called through the PFIL_HOOKS and most associated
 magic, that was in ip_input() or ip_output() previously, is now done in
 ipfw_check_[in|out]() in the ipfw PFIL handler.

 IPDIVERT is entirely handled within the ipfw PFIL handlers.  A packet to
 be diverted is checked if it is fragmented, if yes, ip_reass() gets in for
 reassembly.  If not, or all fragments arrived and the packet is complete,
 divert_packet is called directly.  For 'tee' no reassembly attempt is made
 and a copy of the packet is sent to the divert socket unmodified.  The
 original packet continues its way through ip_input/output().

 ipfw 'forward' is done via m_tag's.  The ipfw PFIL handlers tag the packet
 with the new destination sockaddr_in.  A check if the new destination is a
 local IP address is made and the m_flags are set appropriately.  ip_input()
 and ip_output() have some more work to do here.  For ip_input() the m_flags
 are checked and a packet for us is directly sent to the 'ours' section for
 further processing.  Destination changes on the input path are only tagged
 and the 'srcrt' flag to ip_forward() is set to disable destination checks
 and ICMP replies at this stage.  The tag is going to be handled on output.
 ip_output() again checks for m_flags and the 'ours' tag.  If found, the
 packet will be dropped back to the IP netisr where it is going to be picked
 up by ip_input() again and the directly sent to the 'ours' section.  When
 only the destination changes, the route's 'dst' is overwritten with the
 new destination from the forward m_tag.  Then it jumps back at the route
 lookup again and skips the firewall check because it has been marked with
 M_SKIP_FIREWALL.  ipfw 'forward' has to be compiled into the kernel with
 'option IPFIREWALL_FORWARD' to enable it.

 DUMMYNET is entirely handled within the ipfw PFIL handlers.  A packet for
 a dummynet pipe or queue is directly sent to dummynet_io().  Dummynet will
 then inject it back into ip_input/ip_output() after it has served its time.
 Dummynet packets are tagged and will continue from the next rule when they
 hit the ipfw PFIL handlers again after re-injection.

 BRIDGING and IPFW_ETHER are not changed yet and use ipfw_chk() directly as
 they did before.  Later this will be changed to dedicated ETHER PFIL_HOOKS.

More detailed changes to the code:

 conf/files
	Add netinet/ip_fw_pfil.c.

 conf/options
	Add IPFIREWALL_FORWARD option.

 modules/ipfw/Makefile
	Add ip_fw_pfil.c.

 net/bridge.c
	Disable PFIL_HOOKS if ipfw for bridging is active.  Bridging ipfw
	is still directly invoked to handle layer2 headers and packets would
	get a double ipfw when run through PFIL_HOOKS as well.

 netinet/ip_divert.c
	Removed divert_clone() function.  It is no longer used.

 netinet/ip_dummynet.[ch]
	Neither the route 'ro' nor the destination 'dst' need to be stored
	while in dummynet transit.  Structure members and associated macros
	are removed.

 netinet/ip_fastfwd.c
	Removed all direct ipfw handling code and replace it with the new
	'ipfw forward' handling code.

 netinet/ip_fw.h
	Removed 'ro' and 'dst' from struct ip_fw_args.

 netinet/ip_fw2.c
	(Re)moved some global variables and the module handling.

 netinet/ip_fw_pfil.c
	New file containing the ipfw PFIL handlers and module initialization.

 netinet/ip_input.c
	Removed all direct ipfw handling code and replace it with the new
	'ipfw forward' handling code.  ip_forward() does not longer require
	the 'next_hop' struct sockaddr_in argument.  Disable early checks
	if 'srcrt' is set.

 netinet/ip_output.c
	Removed all direct ipfw handling code and replace it with the new
	'ipfw forward' handling code.

 netinet/ip_var.h
	Add ip_reass() as general function.  (Used from ipfw PFIL handlers
	for IPDIVERT.)

 netinet/raw_ip.c
	Directly check if ipfw and dummynet control pointers are active.

 netinet/tcp_input.c
	Rework the 'ipfw forward' to local code to work with the new way of
	forward tags.

 netinet/tcp_sack.c
	Remove include 'opt_ipfw.h' which is not needed here.

 sys/mbuf.h
	Remove m_claim_next() macro which was exclusively for ipfw 'forward'
	and is no longer needed.

Approved by:	re (scottl)
2004-08-17 22:05:54 +00:00
Hartmut Brandt
a2931871f7 This is the netgraph node framework for the user side call control
node for ATM. This node implements the API to the signalling services.
2004-08-12 14:22:00 +00:00
Maksim Yevmenkin
b25877a384 Introduce ng_hci_inquiry_response structure and use it in the hccontrol(8) 2004-08-10 00:38:50 +00:00
Bjoern A. Zeeb
4807330cff Implement minimalistic L2TP sessions statistics and correct man page
for L2TP tunnel statistics (which do not take an argument sessionID).

Reviewed by:	archie
Approved by:	pjd (mentor)
2004-08-03 06:52:55 +00:00
Bjoern A. Zeeb
1e0313242d add a new control message to set sequence numbers on an uninitialized node.
Reviewed by:	archie
Approved by:	pjd (mentor)
2004-08-03 06:45:38 +00:00
Bjoern A. Zeeb
ddb7229415 Correct L2TP header offset handling:
- according to RFC2661 an offset size of 0 is allowed.
- when skipping offset padding do not forget to also skip
  the 2 octets of the offset size field.

Reviewed by:	archie
Approved by:	pjd (mentor)
2004-08-03 06:37:46 +00:00
Bjoern A. Zeeb
49728ffc2f Do not change link[n].conf.latency for internal usage but have
link[n].latency calculated from user supplied value.
This prevents repeated NGM_PPP_SET_CONFIG/NGM_PPP_GET_CONFIG
from failing because of link[n].conf.latency being out of range.

Reviewed by:	archie
Approved by:	pjd (mentor)
2004-08-03 06:34:55 +00:00
Gleb Smirnoff
c0451ac3d9 Another stupid error from my side. PPPOE_NONSTANDARD was first defined
in enum {}, and then redefined with #define.
No warnings from compiler, though.

Submitted by:	bz
Pointy hat to:	glebius
2004-08-01 20:39:33 +00:00
Gleb Smirnoff
6c97c0e45e Fix a stupid error in my previous commit, which broke operation
of many nodes.

Pointy hat to:	glebius
2004-07-31 21:32:55 +00:00
Gleb Smirnoff
bb3e8b0bd1 Address node in a less complex way.
Approved by:	julian (mentor)
2004-07-29 08:05:02 +00:00
Alexander Kabaev
445e045b0d Avoid casts as lvalues. 2004-07-28 06:59:55 +00:00
Gleb Smirnoff
7610f57454 When making a peer of unknown type framework tries to load module
using linker_load_module(). This works OK if NGM_MKPEER message came
from userland and we have process associated with thread. But when
NGM_MKPEER was queued because target node was busy, linker_load_module()
is called from netisr thread leading to panic.
To workaround that we do not load modules by framework, instead ng_socket
loads module (if this is required) before sending NGM_MKPEER.
However, the race condition between return from NgSendMsg() and actual
creation of node still exist and needs to be solved.

PR:		kern/62789
Approved by:	julian
2004-07-27 20:30:56 +00:00
Gleb Smirnoff
fdc755d162 When node is server serve both standard RFC2516 and non-standard 3Com
clients simultaneously. When node is client its mode is configured
with a control message.

sysctl net.graph.nonstandard_pppoe is deprecated but kept for
backward compatibility for some time.

Approved by:	julian
2004-07-27 19:47:13 +00:00
Julian Elischer
be4252b367 Slight cosmetic changes.
Also introduce a macro to be called by persistent nodes to signal their
persistence during shutdown to hide this mechanism from the node author.

Make node flags have a consistent style in naming.

Document the change.
2004-07-20 17:15:38 +00:00
Gleb Smirnoff
c1eec6c589 In ng_device_newhook():
- Return meaningful return errorcodes.
  - Free previously allocated connection in error cases.

In ng_device_rcvdata():
  - Return meaningful return errorcodes.
  - Detach mbuf from netgraph item, and free the item before
    doing any other actions that may return from method.
  - Do not call strange malloc() for buffer. [1]
  - In case of any error jump to end, where mbuf is freed.

In ng_device_disconnect():
  - Return meaningful return errorcodes.
  - Free disconnected connection.

style(9) in mentioned above functions:
  - Remove '/* NGD_DEBUG */', when only one line is ifdef'ed.
  - Remove extra braces to easier reading.
  - Add space after comma in function calls.

PR:		kern/41881 (part)
Reviewed by:	marks
Approved by:	julian (mentor)
2004-07-20 13:16:17 +00:00
Gleb Smirnoff
b3e3ef9836 1. Make ng_device.h system include. This fixes module build.
2. Sort includes, while here.
3. s/NULL/0/ in NG_SEND_MSG_HOOK(), since ng_ID_t is integer.

PR:		kern/41881 (part)
Reviewed by:	marks
Approved by:	julian (mentor)
2004-07-20 11:19:46 +00:00
Julian Elischer
505fad52f7 Reverse a lock/unlock pair that were the wrong way around in some code that
is obviously not run a lot. (but is in some test cases).
This code is not usually run because it covers a case that doesn't
happen a lot (removing a node that has data traversing it).
2004-07-18 22:57:46 +00:00
Gleb Smirnoff
8250de8330 Use qsort_r() instead of qsort() when sorting links by latency
This helps us to remove a global variable and a mutex protecting it.

Reviewed by:	rwatson
Approved by:	julian (mentor)
2004-07-16 00:07:44 +00:00
Poul-Henning Kamp
3e019deaed Do a pass over all modules in the kernel and make them return EOPNOTSUPP
for unknown events.

A number of modules return EINVAL in this instance, and I have left
those alone for now and instead taught MOD_QUIESCE to accept this
as "didn't do anything".
2004-07-15 08:26:07 +00:00
Robert Watson
6f7d64c44a Add a note indicating that the eh_prototype field used to construct
ethernet headers is unsynchronized.
2004-07-14 20:31:37 +00:00
Robert Watson
c61340f374 Add a mutex ng_tty_mtx to protect the global variable ngt_unit. Note
that the locking of globals here isn't complete, and there's also a
locking issue relating to calling into and out of the tty code.
2004-07-14 20:31:05 +00:00
Robert Watson
489264ddae Add ng_ppp_latencies_mtx, a global mutex to protect the latency list.
Note that the table is a hack, and so is this mutex.

Reviewed by:	glebius
2004-07-14 20:29:54 +00:00
Robert Watson
544fc3d562 Introduce a new mutex, ng_fec_mtx, to protect the global unit list to
synchronization allocation of FEC unit numbers.

Reviewed by:	glebius
2004-07-14 20:27:33 +00:00
Robert Watson
dffa5be1a4 Introduce a new mutex, ng_eiface_mtx, to protect the global unit list
lock used to synchronize allocation of unit numbers for new netgraph
ethernet interfaces.

Reviewed by:	glebius
2004-07-14 20:26:29 +00:00
Robert Watson
9a668fa4d8 Introduce a new mutex, ng_iface_mtx, to protect the global unit list
lock used to synchronize allocation of unit numbers for new netgraph
interfaces.

Reviewed by:	glebius
Tested by:	glebius
2004-07-14 20:24:21 +00:00
Robert Watson
943bb929af Introduce a global mtx 'ngsocketlist_mtx' to protect the global
ng_socket list during insert/delete.
2004-07-12 04:45:46 +00:00
Robert Watson
f011f4041a Mark 'makeup' in ng_frame_relay as const, as its values are immutable. 2004-07-12 04:35:42 +00:00
Marcel Moolenaar
f33ca0c961 Update for the KDB framework:
o  Call kdb_enter() instead of Debugger().
o  Change comments accordingly.
2004-07-10 21:45:58 +00:00
Stefan Farfeleder
5908d366fb Consistently use __inline instead of __inline__ as the former is an empty macro
in <sys/cdefs.h> for compilers without support for inline.
2004-07-04 16:11:03 +00:00
Julian Elischer
8ed370fd90 Remove the home-grown metadata facility in favour of the now generic
mbuf tags facility. Netgraph modules will all need a recompile.

Submitted by:	Gleb Smirnoff <glebius@cell.sick.ru>
2004-06-30 22:51:29 +00:00
Mark Santcroos
84333769ed Remove 3rd clause from the licence.
Approved by:	njl
2004-06-29 15:46:12 +00:00
Warner Losh
107af8f9eb MFp4: Last references to dev/usb/usbdevs.h converted. 2004-06-27 16:51:01 +00:00
Julian Elischer
3ca24c284d Having moved metadata usage to mbuf tags, remove code that supports
the old way of doing it.

Submitted by:	Gleb Smirnoff <glebius@cell.sick.ru>
2004-06-26 22:24:16 +00:00
Lukas Ertl
f3617a3396 Catch up with usbd_get_string_desc() change.
Spotted by:  Tai-hwa Liang <avatar@mmlab.cse.yzu.edu.tw>
2004-06-26 13:24:29 +00:00
Poul-Henning Kamp
4776c07426 Fix line discipline switching issues: If opening a new ldisc fails,
we have to revert to TTYDISC which we know will successfully open
rather than try the previous ldisc which might also fail to open.

Do not let ldisc implementations muck about with ->t_line, and remove
code which checks for reopens, it should never happen.

Move ldisc->l_hotchar to tty->t_hotchar and have ldisc implementation
initialize it in their open routines.  Reset to zero when we enter
TTYDISC.  ("no" should really be -1 since zero could be a valid
hotchar for certain old european mainframe protocols.)
2004-06-26 08:44:04 +00:00
Julian Elischer
1020444971 Not quite sure how that one got past me.. 2004-06-26 01:22:29 +00:00
Maksim Yevmenkin
21da572743 Add '#include <sys/mbuf.h>' to fix the kernel build. 2004-06-25 23:03:33 +00:00
Julian Elischer
601c644f46 oops from Gleb..
This shouldn't be visible from userland.

Submitted by:	Gleb Smirnoff <glebius@cell.sick.ru>
2004-06-25 22:59:59 +00:00
Julian Elischer
1cf3fa7934 Make the frameworkl responsible for not passing the nodes a NULL mbuf pointer.
this allows the nodes to not test for this..

Submitted by:	Gleb Smirnoff <glebius@cell.sick.ru>
2004-06-25 21:11:14 +00:00
Julian Elischer
327b288e5c Convert Netgraph to use mbuf tags to pass its meta information around.
Thanks to Sam for importing tags in a way that allowed this to be done.

Submitted by:	Gleb Smirnoff <glebius@cell.sick.ru>
Also allow the sr and ar drivers to create netgraph versions of their modules.
Document the change to the ksocket node.
2004-06-25 19:22:05 +00:00
Robert Watson
53f9c5e988 Clean up use of ng_hdhasb_mtx a little:
- Assert the mutex in NG_IDHASH_FIND() since the mutex is required to
  safely walk the node lists in the ng_ID_hash table.

- Acquire the ng_nodelist_mtx when walking ng_allnodes or ng_allhooks
  to generate state dump output from the netgraph sysctls.
2004-06-24 01:47:31 +00:00
Archie Cobbs
669bb973c4 Avoid calling bpf_filter() with len == 0, which causes a change in semantics
(it treats the buffer pointer as an mbuf pointer) and subsequent panic.

MFC after:	3 days
Reported by:	Tony Hariman <tony@cbn.net.id>
2004-06-23 02:37:10 +00:00
Brian Feldman
114bf09149 Fix a problem with multiple-delivery (i.e. broadcast) in ng_bridge.
Only the first link0..link$NLINKS hooks would be utilized, whereas
the link hooks may be connected sparsely.

Add a counter variable so that the link hook array is only traversed
while there is still work to do, but that it continues up to the end
if it has to.
2004-06-22 18:56:47 +00:00
Bill Paul
15a646e411 Remove one more unneeded reference to arpcom.ac_netgraph.
Tweak things so that ng_fec has a chance of working with things
other than ethernet. Use ifp->if_output of the underlying interfaces
and use IF_HANDOFF() rather than depending on ether_output() and
ether_output_frame() explicitly. Also, don't insist that underlying
devices be IFM_ETHER when checking their link states in the link
monitor code.

With these changes, I was able to create a two channel bundle
consisting of one ethernet interface and one 802.11 wireless
device (via ndis). Note that this only works because both devices
use the same if_output vector: ng_fec will not let you bundle
devices with different output vectors together (it really doesn't
make sense to do that).
2004-06-20 21:08:58 +00:00