summaryrefslogtreecommitdiffstats
path: root/sys/net/if_pflow.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Use FNONBLOCK instead of SS_NBIO to check/indicate that the I/O modempi2018-07-301-6/+6
| | | | | | | | | | | | | for sockets is non-blocking. This allows us to G/C SS_NBIO. Having to keep the two flags in sync in a mp-safe way is complicated. This change introduce a behavior change in sosplice(), it can now always block. However this should not matter much due to the socket lock being taken beforhand. ok bluhm@, benno@, visa@
* use 'switch' rathan than an if-else construct to match on the netflow version to in pflow_get_mbuf(),jasper2018-07-161-3/+8
| | | | | | to match the rest of the file ok benno@ florian@
* Pass the socket to sounlock(), this prepare the terrain for per-socketmpi2018-06-061-2/+2
| | | | | | locking. ok visa@, bluhm@
* Remove almost unused `flags' argument of suser().mpi2018-02-191-2/+2
| | | | | | | The account flag `ASU' will no longer be set but that makes suser() mpsafe since it no longer mess with a per-process field. No objection from millert@, ok tedu@, bluhm@
* Creating a cloned interface could return ENOMEM due to temporarybluhm2018-01-091-6/+2
| | | | | | memory shortage. As it is invoked from a system call, it should not fail and wait instead. OK visa@ mpi@
* - add one more softnet taskqsashan2017-10-311-5/+5
| | | | | | | NOTE: code still runs with single softnet task. change definition of SOFTNET_TASKS in net/if.c, if you want to have more than one softnet task OK mpi@, OK phessler@
* If you use sys/param.h, you don't need sys/types.hderaadt2017-09-081-3/+2
|
* Use the NET_LOCK() macro instead of handrolling it.mpi2017-08-121-6/+4
| | | | Tested by Hrvoje Popovski.
* Remove NET_LOCK()'s argument.mpi2017-08-111-7/+6
| | | | Tested by Hrvoje Popovski, ok bluhm@
* Move the solock()/sounlock() dance outside of sobind().mpi2017-08-101-1/+4
| | | | ok phessler@, visa@, bluhm@
* Use mbuf_queue to properly serialize access to pflow output queue.visa2017-05-311-10/+12
| | | | Input from mpi@, jmatthew@; OK mpi@, henning@, benno@
* remove no longer needed splnet/splx.benno2017-05-301-8/+4
| | | | ok florian@
* fix previous as noted by mpi, thx florianbenno2017-05-271-2/+3
|
* move sending of pflow packet into a task, seperated from the databenno2017-05-271-45/+40
| | | | | collection by a mbuf queue. with help from mpi@ ok florian@
* Enable the NET_LOCK(), take 3.mpi2017-05-151-1/+7
| | | | | | Recursions are still marked as XXXSMP. ok deraadt@, bluhm@
* Revert the NET_LOCK() and bring back pf's contention lock for release.mpi2017-03-171-7/+1
| | | | | | | | | For the moment the NET_LOCK() is always taken by threads running under KERNEL_LOCK(). That means it doesn't buy us anything except a possible deadlock that we did not spot. So make sure this doesn't happen, we'll have plenty of time in the next release cycle to stress test it. ok visa@
* Revert "Release the NET_LOCK() before entering per-driver ioctl() routine".mpi2017-02-161-1/+4
| | | | | | | | | | | | | | | This is most likely to be the cause of the deadlock seen by port builders since it's the only changed that happened after a2k17. Instead bring back pirofti@ original hack to release the NET_LOCK() inside iwm(4) and iwn(4). This fixes some splassert reported by bluhm@ Deadlock reported by naddy@ and rpe@ and ajacoutot@ confirmed the deadlock has been introduced post a2k17. Tested by and ok tb@
* No longer need to unlock the netlock since the upper layer is doing it.mpi2017-02-071-4/+1
| | | | Found by Hrvoje Popovski.
* Enable the NET_LOCK(), take 2.mpi2017-01-251-1/+7
| | | | | | Recursions are currently known and marked a XXXSMP. Please report any assert to bugs@
* A space here, a space there. Soon we're talking real whitespacekrw2017-01-241-3/+3
| | | | rectification.
* Flag pseudo-interfaces as such in order to call add_net_randomness()mpi2017-01-231-1/+2
| | | | | | | | | only once per packet. Fix a regression introduced when if_input() started to be called by every pseudo-driver. ok claudio@, dlg@
* No need to handle SIOCAIFADDR in drivers, it's never passed down tompi2017-01-201-2/+1
| | | | | | them. ok claudio@
* Allow changing of sender ip/port without switching address family.florian2017-01-181-36/+27
| | | | | With this regress tests pass again. OK benno
* Allow changing of receiver ip/port without switching address family.florian2017-01-181-17/+20
| | | | OK benno
* Move the logic for SIOCSETPFLOW in a helper function to help withmpi2017-01-031-154/+152
| | | | | | upcoming locking. ok visa@, bluhm@
* Change NET_LOCK()/NET_UNLOCK() to be simple wrappers aroundmpi2016-12-291-10/+1
| | | | | | | | | | | splsoftnet()/splx() until the known issues are fixed. In other words, stop using a rwlock since it creates a deadlock when chrome is used. Issue reported by Dimitris Papastamos and kettenis@ ok visa@
* Remove the netlock workaround since if_detach is doing it for us now.mikeb2016-12-211-4/+1
| | | | ok mpi, bluhm
* Release the NET_LOCK() before calling any socket function since it ismpi2016-12-201-1/+13
| | | | | | | | | not recursive. This is temporary until all recursions are found and can be addressed in a correct way. With inputs from bluhm@
* Convert timeouts that need a process context to timeout_set_proc(9).mpi2016-10-041-5/+6
| | | | | | | The current reason is that rtalloc_mpath(9) inside ip_output() might end up inserting a RTF_CLONED route and that require a write lock. ok kettenis@, bluhm@
* Make if_output() return EAFNOSUPPORT instead of just dropping packetskrw2016-04-291-2/+12
| | | | | | and pretending the output succeeded. Packets are still dropped! Idea from jsg@ following same change to bridge(4). ok mpi@
* IPv6 transport for pflow data.florian2015-10-031-37/+135
| | | | | Input deraadt@ Bug fix & OK benno@
* Call socreate(9) only when we have a destination ip and port.florian2015-09-121-58/+44
| | | | | | | Call sobind(9) only when we have a source ip. With this we can treat sc->so != NULL as a flag if the interface is in state IFF_RUNNING. Input & OK bluhm@, OK benno@
* size for free()florian2015-09-091-2/+2
| | | | OK semarie@, deraadt@
* pflow_flush() still needs sc->send_nam; free it later.florian2015-09-041-2/+2
|
* Fix an mbuf use-after-fruit in pflow_clone_create().mpi2015-09-041-2/+2
| | | | | | | Issue reported by semarie@ on bugs@ who also isolated the use-after-fruit to pflow(4) using dlg@'s tracing mbuf diff. Inputs from and ok florian@, semarie@, benno@
* We don't do 'ARGSUSED' anymoreflorian2015-07-211-2/+1
|
* use curproc instead of proc0florian2015-07-211-5/+3
| | | | pointed out by and OK bluhm@
* Use the kernel socket interface (sosend(9) etc) instead of shovingflorian2015-07-201-128/+96
| | | | | | | packets directly into the network stack with ip_output(). The locking is intentionally left as is and will be improved in another commit. Input / OK bluhm@, OK benno@
* add missing malloc checkflorian2015-07-161-3/+6
| | | | OK benno@
* Store a unique ID, an interface index, rather than a pointer to thempi2015-06-161-2/+2
| | | | | | | | | | | | | | | receiving interface in the packet header of every mbuf. The interface pointer should now be retrieved when necessary with if_get(). If a NULL pointer is returned by if_get(), the interface has probably been destroy/removed and the mbuf should be freed. Such mechanism will simplify garbage collection of mbufs and limit problems with dangling ifp pointers. Tested by jmatthew@ and krw@, discussed with many. ok mikeb@, bluhm@, dlg@
* Introduce unhandled_af() for cases where code conditionally doesjsg2015-06-071-3/+3
| | | | | | | | | | | something based on an address family and later assumes one of the paths was taken. This was initially just calls to panic until guenther suggested a function to reduce the amount of strings needed. This reduces the amount of noise with static analysers and acts as a sanity check. ok guenther@ bluhm@
* unifdef INET in net code as a precursor to removing the pretend option.tedu2014-12-191-3/+1
| | | | | long live the one true internet. ok henning mikeb
* Yet more #include de-duplication.krw2014-11-201-2/+1
| | | | ok deraadt@ tedu@
* move arc4random prototype to systm.h. more appropriate for most codetedu2014-11-181-2/+1
| | | | to include that than rdnvar.h. ok deraadt dlg
* Bring IPFIX sequence numbers in line with the RFC; originalblambert2014-08-131-3/+7
| | | | | | diff from benno@. ok benno@, florian@
* Fewer <netinet/in_systm.h> !mpi2014-07-221-2/+1
|
* add a size argument to free. will be used soon, but for now default to 0.tedu2014-07-121-3/+3
| | | | after discussions with beck deraadt kettenis.
* ip_output() using varargs always struck me as bizarre, esp since it's onlyhenning2014-04-211-2/+3
| | | | | | ever used to pass on uint32 (for ipsec). stop that madness and just pass the uint32, 0 in all cases but the two that pass the ipsec flowinfo. ok deraadt reyk guenther
* "struct pkthdr" holds a routing table ID, not a routing domain one.mpi2014-04-141-2/+2
| | | | | | | | | | | | | | Avoid the confusion by using an appropriate name for the variable. Note that since routing domain IDs are a subset of the set of routing table IDs, the following idiom is correct: rtableid = rdomain But to get the routing domain ID corresponding to a given routing table ID, you must call rtable_l2(9). claudio@ likes it, ok mikeb@
* Kill pflowproto 9, it's unfixable post 2038, a better, standardizedflorian2014-03-291-440/+13
| | | | | | option is pflowproto 10. Also it duplicates a lot of code from pflowproto 10 and will get in the way in the future. OK benno@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.