diff options
| -rw-r--r-- | lib/libc/gen/sysctl.3 | 9 | ||||
| -rw-r--r-- | sys/netinet/icmp6.h | 7 | ||||
| -rw-r--r-- | sys/netinet6/in6.c | 4 | ||||
| -rw-r--r-- | sys/netinet6/nd6.c | 57 | ||||
| -rw-r--r-- | sys/netinet6/nd6.h | 4 |
5 files changed, 54 insertions, 27 deletions
diff --git a/lib/libc/gen/sysctl.3 b/lib/libc/gen/sysctl.3 index bb0317d7187..4bcb03b71a2 100644 --- a/lib/libc/gen/sysctl.3 +++ b/lib/libc/gen/sysctl.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sysctl.3,v 1.280 2017/07/13 17:17:27 florian Exp $ +.\" $OpenBSD: sysctl.3,v 1.281 2017/08/08 18:15:58 florian Exp $ .\" .\" Copyright (c) 1993 .\" The Regents of the University of California. All rights reserved. @@ -27,7 +27,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd $Mdocdate: July 13 2017 $ +.Dd $Mdocdate: August 8 2017 $ .Dt SYSCTL 3 .Os .Sh NAME @@ -1639,7 +1639,6 @@ The currently defined protocols and names are: .It icmp6 Ta nd6_delay Ta integer Ta yes .It icmp6 Ta nd6_maxnudhint Ta integer Ta yes .It icmp6 Ta nd6_mmaxtries Ta integer Ta yes -.It icmp6 Ta nd6_prune Ta integer Ta yes .It icmp6 Ta nd6_umaxtries Ta integer Ta yes .It icmp6 Ta redirtimeout Ta integer Ta yes .It ip6 Ta auto_flowlabel Ta integer Ta yes @@ -1718,10 +1717,6 @@ This variable specifies the constant in IPv6 neighbor discovery specification .Pq RFC 4861 . .Pp -.It Li icmp6.nd6_prune Pq Va net.inet6.icmp6.nd6_prune -This variable specifies the interval between IPv6 neighbor cache babysitting -in seconds. -.Pp .It Li icmp6.nd6_umaxtries Pq Va net.inet6.icmp6.nd6_umaxtries This variable specifies the .Dv MAX_UNICAST_SOLICIT diff --git a/sys/netinet/icmp6.h b/sys/netinet/icmp6.h index 1713f6c2125..f1fc64b3298 100644 --- a/sys/netinet/icmp6.h +++ b/sys/netinet/icmp6.h @@ -1,4 +1,4 @@ -/* $OpenBSD: icmp6.h,v 1.46 2017/08/03 17:36:06 florian Exp $ */ +/* $OpenBSD: icmp6.h,v 1.47 2017/08/08 18:15:58 florian Exp $ */ /* $KAME: icmp6.h,v 1.84 2003/04/23 10:26:51 itojun Exp $ */ /* @@ -502,7 +502,6 @@ struct icmp6stat { #define ICMPV6CTL_STATS 1 #define ICMPV6CTL_REDIRACCEPT 2 /* accept/process redirects */ #define ICMPV6CTL_REDIRTIMEOUT 3 /* redirect cache time */ -#define ICMPV6CTL_ND6_PRUNE 6 #define ICMPV6CTL_ND6_DELAY 8 #define ICMPV6CTL_ND6_UMAXTRIES 9 #define ICMPV6CTL_ND6_MMAXTRIES 10 @@ -521,7 +520,7 @@ struct icmp6stat { { "redirtimeout", CTLTYPE_INT }, \ { 0, 0 }, \ { 0, 0 }, \ - { "nd6_prune", CTLTYPE_INT }, \ + { 0, 0 }, \ { 0, 0 }, \ { "nd6_delay", CTLTYPE_INT }, \ { "nd6_umaxtries", CTLTYPE_INT }, \ @@ -543,7 +542,7 @@ struct icmp6stat { &icmp6_redirtimeout, \ NULL, \ NULL, \ - &nd6_prune, \ + NULL, \ NULL, \ &nd6_delay, \ &nd6_umaxtries, \ diff --git a/sys/netinet6/in6.c b/sys/netinet6/in6.c index cafdd9fe36f..ce28f466a5c 100644 --- a/sys/netinet6/in6.c +++ b/sys/netinet6/in6.c @@ -1,4 +1,4 @@ -/* $OpenBSD: in6.c,v 1.208 2017/08/06 08:15:58 florian Exp $ */ +/* $OpenBSD: in6.c,v 1.209 2017/08/08 18:15:58 florian Exp $ */ /* $KAME: in6.c,v 1.372 2004/06/14 08:14:21 itojun Exp $ */ /* @@ -686,6 +686,8 @@ in6_update_ifa(struct ifnet *ifp, struct in6_aliasreq *ifra, */ ia6->ia6_flags = ifra->ifra_flags; + nd6_expire_timer_update(ia6); + /* * We are done if we have simply modified an existing address. */ diff --git a/sys/netinet6/nd6.c b/sys/netinet6/nd6.c index 245b64c6155..1e2dfde283b 100644 --- a/sys/netinet6/nd6.c +++ b/sys/netinet6/nd6.c @@ -1,4 +1,4 @@ -/* $OpenBSD: nd6.c,v 1.213 2017/08/06 12:53:30 mpi Exp $ */ +/* $OpenBSD: nd6.c,v 1.214 2017/08/08 18:15:58 florian Exp $ */ /* $KAME: nd6.c,v 1.280 2002/06/08 19:52:07 itojun Exp $ */ /* @@ -45,6 +45,7 @@ #include <sys/ioctl.h> #include <sys/syslog.h> #include <sys/queue.h> +#include <sys/stdint.h> #include <sys/task.h> #include <net/if.h> @@ -66,7 +67,7 @@ #define ND6_RECALC_REACHTM_INTERVAL (60 * 120) /* 2 hours */ /* timer values */ -int nd6_prune = 1; /* walk list every 1 seconds */ +time_t nd6_expire_time = -1; /* at which time_uptime nd6_expire runs */ int nd6_delay = 5; /* delay first probe time 5 second */ int nd6_umaxtries = 3; /* maximum unicast query */ int nd6_mmaxtries = 3; /* maximum multicast query */ @@ -122,8 +123,6 @@ nd6_init(void) timeout_set_proc(&nd6_slowtimo_ch, nd6_slowtimo, NULL); timeout_add_sec(&nd6_slowtimo_ch, ND6_SLOWTIMER_INTERVAL); timeout_set(&nd6_expire_timeout, nd6_expire_timer, NULL); - timeout_add_sec(&nd6_expire_timeout, nd6_prune); - } struct nd_ifinfo * @@ -417,6 +416,44 @@ nd6_llinfo_timer(void *arg) NET_UNLOCK(s); } +void +nd6_expire_timer_update(struct in6_ifaddr *ia6) +{ + time_t expire_time = INT64_MAX; + int secs; + + KERNEL_ASSERT_LOCKED(); + + if (ia6->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME) + expire_time = ia6->ia6_lifetime.ia6t_expire; + + if (!(ia6->ia6_flags & IN6_IFF_DEPRECATED) && + ia6->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME && + expire_time > ia6->ia6_lifetime.ia6t_preferred) + expire_time = ia6->ia6_lifetime.ia6t_preferred; + + if (expire_time == INT64_MAX) + return; + + /* + * IFA6_IS_INVALID() and IFA6_IS_DEPRECATED() check for uptime + * greater than ia6t_expire or ia6t_preferred, not greater or equal. + * Schedule timeout one second later so that either IFA6_IS_INVALID() + * or IFA6_IS_DEPRECATED() is true. + */ + expire_time++; + + if (!timeout_pending(&nd6_expire_timeout) || nd6_expire_time > + expire_time) { + secs = expire_time - time_uptime; + if ( secs < 0) + secs = 0; + + timeout_add_sec(&nd6_expire_timeout, secs); + nd6_expire_time = expire_time; + } +} + /* * Expire interface addresses. */ @@ -429,8 +466,6 @@ nd6_expire(void *unused) KERNEL_LOCK(); NET_LOCK(s); - timeout_add_sec(&nd6_expire_timeout, nd6_prune); - TAILQ_FOREACH(ifp, &ifnet, if_list) { struct ifaddr *ifa, *nifa; struct in6_ifaddr *ia6; @@ -442,14 +477,10 @@ nd6_expire(void *unused) /* check address lifetime */ if (IFA6_IS_INVALID(ia6)) { in6_purgeaddr(&ia6->ia_ifa); - } else if (IFA6_IS_DEPRECATED(ia6)) { - ia6->ia6_flags |= IN6_IFF_DEPRECATED; } else { - /* - * A new RA might have made a deprecated address - * preferred. - */ - ia6->ia6_flags &= ~IN6_IFF_DEPRECATED; + if (IFA6_IS_DEPRECATED(ia6)) + ia6->ia6_flags |= IN6_IFF_DEPRECATED; + nd6_expire_timer_update(ia6); } } } diff --git a/sys/netinet6/nd6.h b/sys/netinet6/nd6.h index 3b08e2c5dfe..9196cb7fab7 100644 --- a/sys/netinet6/nd6.h +++ b/sys/netinet6/nd6.h @@ -1,4 +1,4 @@ -/* $OpenBSD: nd6.h,v 1.68 2017/07/12 16:53:58 florian Exp $ */ +/* $OpenBSD: nd6.h,v 1.69 2017/08/08 18:15:58 florian Exp $ */ /* $KAME: nd6.h,v 1.95 2002/06/08 11:31:06 itojun Exp $ */ /* @@ -138,7 +138,6 @@ struct llinfo_nd6 { (((MIN_RANDOM_FACTOR * (x >> 10)) + (arc4random() & \ ((MAX_RANDOM_FACTOR - MIN_RANDOM_FACTOR) * (x >> 10)))) /1000) -extern int nd6_prune; extern int nd6_delay; extern int nd6_umaxtries; extern int nd6_mmaxtries; @@ -208,6 +207,7 @@ void nd6_rs_input(struct mbuf *, int, int); int in6_ifdel(struct ifnet *, struct in6_addr *); void rt6_flush(struct in6_addr *, struct ifnet *); +void nd6_expire_timer_update(struct in6_ifaddr *); #endif /* _KERNEL */ #endif /* _NETINET6_ND6_H_ */ |