| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
Technically the whole point of the stoeplitz API is that it's symmetric,
meaning that the order of addresses and ports doesn't matter and will produce
the same hash value.
Coverity CID 1501717
ok dlg@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
drivers that implement rss and multiple rings depend on the symmetric
toeplitz code, and use it to generate a key that decides with rx
ring a packet lands on. if the toeplitz code is enabled, this diff
has the pcb and tcp layer use the toeplitz code to generate a flowid
for packets they send, which in turn is used to pick a tx ring.
because the nic and the stack use the same key, the tx and rx sides
end up with the same hash/flowid. at the very least this means that
the same rx and tx queue pair on a particular nic are used for both
sides of the connection. as the stack becomes more parallel, it
will also help keep both sides of the tcp connection processing in
the one place.
|
| |
|
|
| |
ok benno@ mortimer@
|
| |
|
|
|
|
| |
this also brings them in line with the AF_INET equivalents.
ok visa@ bluhm@
|
| |
|
|
|
|
|
| |
in raw IP delivery and UDP broadcast loops. There inpcbtable_mtx
is held and sorwakeup() is called within the loop. As sowakeup()
grabs the kernel lock, we have a lock ordering problem.
found by Hrvoje Popovski; OK deraadt@ mpi@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
for netstat -a. Introduce a global mutex that protects the tables
and hashes for the internet PCBs. To detect detached PCB, set its
inp_socket field to NULL. This has to be protected by a per PCB
mutex. The protocol pointer has to be protected by the mutex as
netstat uses it.
Always take the kernel lock in in_pcbnotifyall() and in6_pcbnotify()
before the table mutex to avoid lock ordering problems in the notify
functions.
OK visa@
|
| |
|
|
|
| |
what FreeBSD does. Remove old #if 0 version of inet6ctlerrmap.
OK mpi@
|
| |
|
|
|
|
|
|
|
| |
in6_pcb.c consistent, to ease comparing the code. Move all inet6
functions to in6_. Bring functions in both source files in same
order. Cleanup the include section. Now in_pcb.c is a superset
of in6_pcb.c. The latter contains all the special implementations.
Just moving arround, no code change intended.
OK mpi@
|
| |
|
|
|
| |
in_pcbconnect() to avoid the address family maze in syn_cache_get().
input claudio@; OK mpi@
|
| |
|
|
| |
OK tb@ visa@
|
| |
|
|
|
| |
functions.
discussed with and OK mpi@ visa@
|
| |
|
|
| |
OK visa@ mpi@
|
| |
|
|
|
|
|
| |
in common checks for unix, inet, inet6 instead of partial checks
here and there. Some checks are already done at a higher layer,
but better be paranoid with user input.
OK claudio@ millert@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
of src/dst ip/port is unique for TCP. But if the socket is not
bound, the automatic bind by connect happens after the check. If
the socket has the SO_REUSEADDR flag, in_pcbbind() may select an
existing local port. Then we had two colliding TCP PCBs. This
resulted in a packet storm of ACK packets on loopback. The softnet
task was constantly holding the netlock and has a high priority,
so the system hung.
Do the in_pcbhashlookup() again after in_pcbbind(). This creates
sporadic "connect: Address already in use" errors instead of a hang.
bug report and testing Olivier Antoine; OK mpi@
|
| |
|
|
|
| |
this is done during bind(2) in in6_pcbaddrisavail().
OK mpi@
|
| |
|
|
|
| |
need netlock. Remove the obsolete splnet.
OK mpi@
|
| | |
|
| |
|
|
|
|
| |
Reported by Heiko on bugs@.
ok stsp@, claudio@
|
| |
|
|
|
|
| |
convert in_selectsrc() prototype to match.
Ok bluhm@ mpi@.
|
| | |
|
| |
|
|
|
|
| |
to get rid of the now useless foreign address and ports parameters.
ok mpi@
|
| |
|
|
|
|
| |
Kill old comments while at it.
Ok mpi@ bluhm@
|
| |
|
|
|
|
| |
broad search and in_pcbconnect() already uses in_pcbhashlookup().
ok bluhm@ mpi@ jca@
|
| |
|
|
|
|
| |
in6_pcbbind() into in_pcbbind().
Ok jca@ mpi@
|
| |
|
|
|
|
|
| |
checking for source availability in udp6_output(); This time with
all the files.
Ok jca@ bluhm@
|
| |
|
|
| |
Spotted by deraadt@
|
| |
|
|
|
|
| |
checking for source availability in udp6_output().
Ok jca@ bluhm@
|
| |
|
|
| |
ok mpi@ bluhm@
|
| |
|
|
|
|
| |
regression observed on avahi.
ok benno@
|
| |
|
|
| |
ok sthen@
|
| |
|
|
|
|
|
|
| |
Appart from the usual inet6 axe murdering exercise to keep you fit, this
allows us to get rid of a lot of layer violation due to the use of per-
ifp variables to store the current hop limit.
Imputs from bluhm@, ok phessler@, florian@, bluhm@
|
| |
|
|
|
|
|
|
|
| |
socket(). Without pledge, all other socket behaviours become permitted,
except this one case: connect/send* only works to *:53. In pledge mode,
a very few are further restricted. Some backwards compatibility for
the dnssocket/dnsconnect calls will remain in the tree temporarily so
that people can build through the transition.
ok tedu guenther semarie
|
| |
|
|
|
|
| |
While here add two missing ``rtableid'' checks in in6_selectsrc().
ok bluhm@
|
| |
|
|
| |
ok mpi@
|
| |
|
|
|
|
|
| |
SS_DNS tagged socket which has limited functionality (for example, you
cannot accept on them...) The libc resolver will switch to using these,
therefore pledge can identify a DNS transaction better.
ok tedu guenther kettenis beck and others
|
| |
|
|
|
|
|
| |
all the ports in the range portfirst .. portlast
are in use.
ok millert@, mpi@
|
| |
|
|
|
|
| |
strict than anticipated. It allows a programmer to pledge/promise/covenant
that their program will operate within an easily defined subset of the
Unix environment, or it pays the price.
|
| |
|
|
|
|
| |
in in_pcbbind() and in6_pcbsetport()
ok claudio@, with input from David Hill
|
| |
|
|
|
|
| |
layer because the strings select the right options. Mechanical
conversion.
ok guenther
|
| |
|
|
| |
ok deraadt@ miod@
|
| |
|
|
|
|
|
|
|
| |
In all but two calls NULL is passed and in the other 2 cases the ifp
is only used to maybe feed it to in6_selecthlim() to select the hoplimit
for the link. Since in6_embedscope() only works on link-local addresses
it does not matter what hop limit we select since the destination is
directly reachable.
OK florian@ mpi@
|
| |
|
|
|
| |
the 3rd argument of in6_recoverscope() and make it return void.
OK dlg@ mikeb@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The pathlist is a whitelist of dirs and files; anything else returns ENOENT.
Recommendation is to use a narrowly defined list. Also add TAME_FATTR, which
permits explicit change operations against "struct stat" fields. Some
other TAME_ flags are refined slightly.
Not cranking libc now, since nothing commited in base uses this and the
timing is uncomfortable for others. Discussed with many; thanks for a
few bug fixes from semarie, doug, guenther.
ok guenther
|
| |
|
|
|
|
| |
operating model". This is the kernel component; various changes should
proceed in-tree for a while before userland programs start using it.
ok miod, discussions and help from many
|
| | |
|
| |
|
|
| |
ok mikeb@, krw@, bluhm@, tedu@
|
| |
|
|
| |
to include that than rdnvar.h. ok deraadt dlg
|
| | |
|
| | |
|
| | |
|
patrick
dlg
nayden
bluhm
vgross
mpi
jca
deraadt
guenther
claudio
krw
tedu