summaryrefslogtreecommitdiffstats
path: root/sys/net/rtsock.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Push kernel lock down to rt_setsource() to make `ifa' dereference safe.mvs2021-03-261-3/+10
| | | | | | | | | | | Netlock doesn't make sense here because ifa_ifwithaddr() holds kernel lock while performs lists walkthrough. This was made to decrease the future diff for PF_ROUTE sockets unlocking. This time kernel lock is still held while we perform rt_setsource(). ok mpi@
* Like in the sysctl case include the ifp_sadl as RTA_IFP address in RTM_IFINFOclaudio2021-03-181-3/+6
| | | | | | messages. This way userland can detect if the lladdr of an interface was changed. OK florian@ bluhm@
* Rework route_input() and rtm_sendup(). While we perform foreach loopmvs2021-02-271-32/+12
| | | | | | | | | | | | | in route_input() we drop solock() after we checked socket state. We pass mbuf(9) to this socket at next loops, while it referenced as `last'. Socket's state could be changed by concurrent thread while it's not locked. Since we perform socket's checks and output in same iteration, the logic which prevents mbuf(9) chain copy for the last socket in list was removed. ok bluhm@ claudio@
* we don't have to cast to caddr_t when calling m_copydata anymore.dlg2021-02-251-2/+2
| | | | | | | | | | | | | | | | the first cut of this diff was made with coccinelle using this spatch: @rule@ type caddr_t; expression m, off, len, cp; @@ -m_copydata(m, off, len, (caddr_t)cp) +m_copydata(m, off, len, cp) i had fix it's opinionated idea of formatting by hand though, so i'm not sure it was worth it. ok deraadt@ bluhm@
* Simplify error path in in route_attach(). We always call it in threadmvs2021-02-151-10/+4
| | | | | | | context so we always have `curproc' Also protocol control block is not required for soreserve() so we can do it before `rop' allocation. ok bluhm@
* Rework source IP address setting.denis2020-11-071-2/+45
| | | | | | | | - Move most of the processing out of rtable.c (reasonnable tb@, ok bluhm@) - Remove memory allocation, store pointer to existing ifaddr - Fix tunnel interface handling looks fine mpi@
* Add feature to force the selection of source IP addressdenis2020-10-291-8/+71
| | | | | | | Based/previous work on an idea from deraadt@ Input from claudio@, djm@, deraadt@, sthen@ OK deraadt@
* Fix declaration of `routedomain'. It's not external here.mvs2020-09-231-2/+2
| | | | "Correct" by deraadt@
* Document locks which protect `rtpcb' struct members.mvs2020-09-221-8/+13
| | | | ok mpi@
* Add a ROUTE_FLAGFILTER socket option for routing sockets, allowingjmatthew2020-08-131-4/+19
| | | | | | | | filtering out messages for routes with flags matching any bit in a mask. This allows routing daemons to opt out of receiving messages for L2 and broadcast route entries, which they currently discard. ok dlg@ sthen@ deraadt@
* kernel: use gettime(9)/getuptime(9) in lieu of time_second(9)/time_uptime(9)cheloha2020-06-241-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | time_second(9) and time_uptime(9) are widely used in the kernel to quickly get the system UTC or system uptime as a time_t. However, time_t is 64-bit everywhere, so it is not generally safe to use them on 32-bit platforms: you have a split-read problem if your hardware cannot perform atomic 64-bit reads. This patch replaces time_second(9) with gettime(9), a safer successor interface, throughout the kernel. Similarly, time_uptime(9) is replaced with getuptime(9). There is a performance cost on 32-bit platforms in exchange for eliminating the split-read problem: instead of two register reads you now have a lockless read loop to pull the values from the timehands. This is really not *too* bad in the grand scheme of things, but compared to what we were doing before it is several times slower. There is no performance cost on 64-bit (__LP64__) platforms. With input from visa@, dlg@, and tedu@. Several bugs squashed by visa@. ok kettenis@
* Remove redundant 'NULL' check for 'rtm'.tobhe2020-03-241-9/+7
| | | | | | CID 1453252 ok claudio@ mpi@
* If the RTM_PROPOSAL is a solicitation proposal forward the request toclaudio2019-11-241-1/+14
| | | | | | all interfaces. Most handlers will ignore it but at least umb(4) will send a response back. OK florian@
* The DNS proposal list can (soon) be empty to signal a withdraw, relaxflorian2019-11-221-4/+3
| | | | | the size constraint to allow this to pass through the kernel. Looks good to deraadt@
* Add rtm_proposal, a function to send out RTM_PROPOSAL messages from theclaudio2019-11-221-1/+25
| | | | | kernel. Will be used to have umb(4) inform unwind(8) about DNS changes. OK bluhm@ tested by florian@ and deraadt@
* Pull break into ifdef; noticed by bluhm who also OK'ed the previousflorian2019-11-061-2/+2
| | | | commit.
* Fix RTA_DNS checks:florian2019-11-061-4/+32
| | | | | | | | | Do not overwrite the address family, we need to know if this is IPv4 or IPv6 to parse the message. Nameservers are IP addresses, not NUL-terminated strings. Check that the length is a multiple of the length of an IP address. OK krw
* Do more sanity checks when accepting socket addresses in routingbluhm2019-09-231-1/+109
| | | | | | | | | messages from user land. Inspect length field early in rtm_xaddrs(). Strings must be NUL terminated. The socket address type and length depend on the routing message type. Currently checks are not super strict to avoid too much user land fallout. OK mpi@ Reported-by: syzbot+638dbf7851da8e255af5@syzkaller.appspotmail.com
* Fix white spaces and wrap long lines.bluhm2019-08-281-12/+8
|
* In rev 1.273 RTM_LOCK has been removed from net/rtsock.c. Sincebluhm2019-08-281-109/+104
| | | | | | then the big switch in rtm_output() has RTM_CHANGE as a unique case. Remove redundant checks of rtm_type within this case. OK kn@
* Convert struct rtpcb malloc(9) to pool_get(9). PCB for routingbluhm2019-07-171-4/+8
| | | | | | | | | socket is only used in process context, so pass PR_WAITOK to pool_init(9). The possible sleep in pool_put(9) should not hurt as route_detach() is only called by soclose(9). As both pr_attach() and pr_detach() are always called with kernel lock, PR_RWLOCK is not needed. OK mpi@
* Prevent recursions by not deleting entries inside rtable_walk(9).mpi2019-06-211-3/+4
| | | | | | | | | | | | | | | rtable_walk(9) now passes a routing entry back to the caller when a non zero value is returned and if it asked for it. This allows us to call rtdeletemsg()/rtrequest_delete() from the caller without creating a recursion because of rtflushclone(). Multicast code hasn't been adapted and is still possibly creating recursions. However multicast route entries aren't cloned so if a recursion exists it isn't because of rtflushclone(). Fix stack exhaustion triggered by the use of "-msave-args". Issue reported by Dániel Lévai on bugs@ confirmed by and ok bluhm@.
* Remove workaround and return EINVAL when userland sends routing messagesclaudio2019-06-051-10/+3
| | | | | with bad address flags. OK bluhm@ sthen@
* Make rt_mpls_set() be more strict in what it accepts. Also ensure thatclaudio2019-05-111-7/+8
| | | | | | | | | | the RTF_MPLS can't be toggled without rt_mpls_set() being called. While RTF_MPLS is part of RTF_FMASK it should be excluded from the flags and mask when they are applied to the route since toggling it requires a call to rt_mpls_set(). OK bluhm@ Reported-by: syzbot+86344a9e31c27aa6f15b@syzkaller.appspotmail.com
* Broken userland software sets address bit in routing message withoutbluhm2019-04-051-4/+11
| | | | | | | | providing a corresponding socket address. A stricter kernel check returns EINVAL and the software does not work anymore. Relax the check for OpenBSD 6.5 release so we have more time to find and fix bugs in ports afterwards. This is a temporary workaround. analysis sthen@; OK claudio@ jca@
* Add a more strict rtm_hdrlen size check. Make sure that at leastclaudio2019-03-311-14/+28
| | | | | | | | struct rt_msghdr bytes are passed in. Also return a failure from rtm_xaddrs() if rti_addrs has bad flags or run out of space. Ok bluhm@ Reported-by: syzbot+18fd599cf8e14c507115@syzkaller.appspotmail.com
* Fix kernel info leak in routing message.bluhm2019-02-081-2/+3
| | | | from NetBSD; OK deraadt@ visa@
* Avoid an mbuf double free in the oob soreceive() path. In thebluhm2019-02-041-7/+8
| | | | | | | | | | usrreq functions move the mbuf m_freem() logic to the release block instead of distributing it over the switch statement. Then the goto release in the initial check, whether the pcb still exists, will not free the mbuf for the PRU_RCVD, PRU_RVCOOB, PRU_SENSE command. OK claudio@ mpi@ visa@ Reported-by: syzbot+8e7997d4036ae523c79c@syzkaller.appspotmail.com
* Convert to timeout_add_msec instead of counting ticks.claudio2018-12-201-3/+3
| | | | OK visa@ bluhm@ kn@
* Add new routing socket message RTM_80211INFO to provide details ofkrw2018-11-121-1/+28
| | | | | | | | | 802.11 interface state changes (e.g. SSID) to interested parties. Original diff from phessler@. Many suggestions and tweaks from claudio@, stsp@, anton@. ok claudio@ stsp@ anton@ phessler@
* Remove net/raw_cb.h from includes and replace the RAWSNDQ, RAWRCVQ withclaudio2018-07-101-3/+5
| | | | | protocol specific ones. OK mpi@
* After removing raw_usrreq() from route and pfkey, the global sockaddrbluhm2018-07-101-2/+2
| | | | | variables can be delared constant. OK claudio@ mpi@
* Inline the raw_usrreq() function into route_usrreq(). This simplifies theclaudio2018-07-091-17/+63
| | | | | | route code since there is no more special wrapping needed and in some places the PRU cases get easier because route(4) for example always connected. OK bluhm@ henning@ mpi@
* fix comment: s/always send/always sent/sthen2018-07-051-2/+2
|
* RTM_BFD route messages are also a special case. suggested by claudio@,benno2018-07-051-1/+2
| | | | ok phessler@
* not all route messages have a priority. Move the priority filter checkbenno2018-07-051-4/+4
| | | | | where it belongs. Problem spotted by by remi@ ok sthen@ claudio@ krw@
* Retire support for unused RTM_LOCK messages, it's redundant w/ RTM_CHANGE.mpi2018-07-011-7/+1
| | | | ok tb@, sthen@
* Factorize MPLS setup/teardown into two functions.mpi2018-06-251-38/+10
| | | | ok claudio@
* Push the NET_LOCK() down in rtm_output().mpi2018-06-251-11/+36
| | | | ok tb@, visa@
* Rename routing & pfkey tables for coherency with other PCB tables.mpi2018-06-111-46/+46
| | | | ok claudio@
* Push the KERNEL_LOCK() inside route_input().mpi2018-06-111-24/+50
| | | | ok visa@, tb@
* Prefix fields of pfkey & routing PCBs, part 2, no functionnal change.mpi2018-06-061-37/+38
| | | | ok tb@
* Prefix fields of pfkey & routing PCBs, no functionnal change.mpi2018-06-061-26/+26
| | | | ok visa@, tb@
* Asseert that a pfkey or routing socket is referenced by a `fp' insteadmpi2018-06-061-2/+2
| | | | | | | | | | | | | of calling sofree(), when its PCB is detached. This is different from TCP which does not always detach `inpcb's from sockets. In the pfkey & routing case caling sofree() there is a noop whereas for TCP it's needed to free closed connections. Having fewer sofree() makes it easier to understand the code and move the locks down. ok visa@
* Use a SRP list to protect pfkeyv2 sockets, thus removing the need tompi2018-05-141-11/+8
| | | | | | | | grab the KERNEL_LOCK() when delivering messages. This is the same solution already used by routing sockets. ok claudio@, visa@
* Introduce rtm_sendup() a function to deliver routing messages to ampi2018-05-081-33/+34
| | | | | | | | | socket receive buffer. It is modelled after pfkey_sendup() as both will need the same MP treatment. ok tb@, bluhm@, visa@
* Remove unused rtentry parameter.florian2018-04-241-2/+2
| | | | | Input bluhm OK benno, kn, claudio
* Remove almost unused `flags' argument of suser().mpi2018-02-191-2/+2
| | | | | | | The account flag `ASU' will no longer be set but that makes suser() mpsafe since it no longer mess with a per-process field. No objection from millert@, ok tedu@, bluhm@
* Add a ROUTE_PRIOFILTER socket option for roueing sockets thatbenno2018-02-111-2/+20
| | | | | | | allows filtering on the priority of the route. All routes up to the specified value will be passed. ok claudio, ok henning previous version, feedback and manpage from sthen.
* Make the routing socket more MP save by using a SRPL list for the pcb list.claudio2018-02-081-56/+65
| | | | | Still needs the big kernel lock but this is another step in the right direction. With and OK mpi@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.