| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
m_leadingspace() and m_trailingspace(). Convert all callers to call
directly the functions and remove the defines.
OK krw@, mpi@
|
| |
|
|
|
|
|
|
| |
It does not make sense to call if_get() again, just pass ifp as
parameter. Move the IFT_CARP check into the function instead of
doing it everywhere. Replace the inverted match variable logic
with simple returns.
OK mpi@ friehm@
|
| |
|
|
|
|
|
| |
The account flag `ASU' will no longer be set but that makes suser()
mpsafe since it no longer mess with a per-process field.
No objection from millert@, ok tedu@, bluhm@
|
| |
|
|
| |
from semarie@, ok benno@
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Interface Identifiers with IPv6 Stateless Address Autoconfiguration."
"An IPv6 address configured using this method is stable within each
subnet, but the corresponding Interface Identifier changes when the
host moves from one network to another. This method is meant to be an
alternative to generating Interface Identifiers based on hardware
addresses."
OK naddy, sthen
|
| |
|
|
|
|
| |
It was not guaranteed that the mbuf data was not somewhere else in
the chain. So return an offset and do a proper mbuf pulldown.
found by Maxime Villard; from NetBSD; with markus@; OK deraadt@
|
| |
|
|
|
|
| |
mp-safe.
ok bluhm@, visa@
|
| |
|
|
|
|
| |
pr_input handlers without KERNEL_LOCK().
ok visa@
|
| |
|
|
|
|
|
|
| |
This will be used to first allow read-only ioctl(2) to be executed while
the softnet taskq is running. Then it will allows us to execute multiple
softnet taskq in parallel.
Tested by Hrvoje Popovski, ok kettenis@, sashan@, visa@, tb@
|
| | |
|
| |
|
|
|
|
|
| |
NOTE: code still runs with single softnet task. change definition of
SOFTNET_TASKS in net/if.c, if you want to have more than one softnet task
OK mpi@, OK phessler@
|
| |
|
|
|
|
|
|
|
| |
is set.
Accesses to IPsec global data structure are now serialized by the
NET_LOCK().
Tested by many, ok visa@, bluhm@
|
| |
|
|
|
|
|
| |
from icmp6_reflect() to ip6_send_dispatch() when ip6_send() was
introduced. Move the comment that explains this flag also to the
place where it is used.
from sashan@
|
| |
|
|
|
|
| |
Exposes per-CPU counters to real parrallelism.
ok visa@, bluhm@, jca@
|
| |
|
|
|
|
| |
Problem reported and fix tested by Hrvoje Popovski.
ok bluhm@, visa@
|
| |
|
|
| |
Tested by Hrvoje Popovski, ok bluhm@
|
| |
|
|
|
|
| |
The interface congestion algorithm kills performance at this place,
with the large queues it never triggers.
OK mpi@ claudio@
|
| |
|
|
|
| |
kernel that uses it without the #ifdef guard.
OK bluhm
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the inner IP packet into the internet queue. The IPv6 local delivery
code has a loop to deal with header chains. The idea is to use
this loop and avoid the queueing and rescheduling. The IPsec packet
will be processed in a single flow.
Merge the IP deliver loop from both IP versions into a single
ip_deliver() function that can handle both addresss families. This
allows to process an IP in IP header like a normal extension header.
If af != AF_UNSPEC, we are already in a deliver loop and have the
kernel look. Then we can just return the next protocol. Otherwise
we enqueue. The dequeue thread has the kernel lock and starts an
IP delivery loop.
OK mpi@
|
| |
|
|
|
| |
IPsec packets without additional enqueueing.
OK mpi@
|
| |
|
|
|
|
|
| |
bugs could easily result in use-after-free or double free. Introduce
m_freemp() which automatically resets the pointer before freeing
it. So we have less dangling pointers in the kernel.
OK krw@ mpi@ claudio@
|
| |
|
|
|
|
| |
error. Make the ip_mforward() return value consistent. Simplify
the caller logic in ipv6_input() like in IPv4.
OK mpi@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
IPv4 & IPv6 dispatch functions outside the KERNEL_LOCK().
We currently rely on the NET_LOCK() serializing access to most global
data structures for that. IP input queues are no longer used in the
forwarding case. They still exist as boundary between the network and
transport layers because TCP/UDP & friends still need the KERNEL_LOCK().
Since we do not want to grab the NET_LOCK() for every packet, the
softnet thread will do it once before processing a batch. That means
the L2 processing path, which is currently running without lock, will
now run with the NET_LOCK().
IPsec isn't ready to run without KERNEL_LOCK(), so the softnet thread
will grab the KERNEL_LOCK() as soon as ``ipsec_in_use'' is set.
Tested by Hrvoje Popovski.
ok visa@, bluhm@, henning@
|
| |
|
|
|
|
|
| |
ether_input(). Now we use mbuf tags instead of modifying the MAC
address.
ok mpi@
|
| |
|
|
|
|
|
| |
This will help transitionning to an un-KERNEL_LOCK()ed IP
forwarding path.
Disucssed with bluhm@, ok claudio@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
currently protected by the NET_LOCK().
They are not accessed in the hot path, so protecting them with a
mutex could be an option. However since we're now going to run
with a NET_LOCK() for some time, assert that it is held.
IPsec is not yet ready to run without KERNEL_LOCK(), so assert it
is held, even in the forwarding path.
Tested by sthen@, ok visa@, claudio@, bluhm@
|
| |
|
|
|
|
|
| |
as the pr_input functions. Add an assert that IPv4 delivery ends
in IP proto done to assure that IPv4 protocol functions work like
IPv6.
OK mpi@
|
| |
|
|
|
|
| |
mismatched enum.
ok bluhm@
|
| |
|
|
|
| |
and give them better names.
input and OK mikeb@
|
| |
|
|
|
| |
in ip6_local() to our IPv6 stack.
OK mikeb@
|
| |
|
|
|
| |
in ip6_input(). While there avoid an ugly #ifdef in ipv4_input().
OK mikeb@
|
| | |
|
| |
|
|
|
|
|
|
| |
* don't share mifs (multicast interface) between rdomains
* allow multiple routing sockets connected at the same time if they are
in different rdomains.
ok bluhm@
|
| |
|
|
|
| |
allows to simplify code used for both IPv4 and IPv6.
OK mikeb@ deraadt@
|
| |
|
|
| |
ok deraadt@
|
| |
|
|
| |
ok bluhm@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
forwarding path.
Rename ip6_ours() in ip6_local() as this function dispatches packets
to the upper layer.
Introduce ip6_ours() and get rid of 'goto hbhcheck'. This function
will be later used to enqueue local packets.
As a bonus this reduces differences with IPv4.
Inputs and ok bluhm@
|
| |
|
|
|
|
| |
it in ipsec_common_input_cb() instead. The code that was copied
to ah6_input_cb() is now in ip6_ours() so we can call it directly.
OK mpi@
|
| |
|
|
| |
OK mpi@
|
| |
|
|
|
|
|
| |
This makes the API simpler, and is probably more useful than spreading
counters memory other several types, making it harder to track.
Prodded by mpi, ok mpi@ stsp@
|
| |
|
|
|
|
|
|
|
| |
Try to follow the existing examples. Some notes:
- don't implement counters_dec() yet, which could be used in two
similar chunks of code. Let's see if there are more users first.
- stop incrementing IPv6-specific mbuf stats, IPv4 has no equivalent.
Input from mpi@, ok bluhm@ mpi@
|
| |
|
|
|
|
|
| |
to get rid of struct ip6protosw and some wrapper functions. It is
more consistent to have less different structures. The divert_input
functions cannot be called anyway, so remove them.
OK visa@ mpi@
|
| |
|
|
|
| |
only once during init.
OK mpi@
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
softnet assert failures. It is better to place the lock into
net_sysctl() where all the protocol sysctls are called via pr_sysctl.
As calling sysctl(2) is in the slow path, doing fine grained locking
has no benefit. Many sysctl cases copy out a struct. Having a
lock around that keeps the struct consistent. Put assertions in
the protocol sysctls that need it.
OK mpi@
|
| |
|
|
|
|
|
|
|
|
|
| |
of the network stack that are not yet ready to be executed in parallel or
where new sleeping points are not possible.
This first pass replace all the entry points leading to ip_output(). This
is done to not introduce new sleeping points when trying to acquire ART's
write lock, needed when a new L2 entry is created via the RT_RESOLVE.
Inputs from and ok bluhm@, ok dlg@
|
| |
|
|
|
|
|
| |
It's one more step towards splitting ip6_input() in two and it reduces
differences with v4.
ok bluhm@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to stop abusing lo0 for all rdomains, a new loopback interface
will be created every time a rdomain is created. The unit number will
be the same as the rdomain, i.e. lo1 will be attached to rdomain 1.
If this loopback interface is already in use it wont be possible to create
the corresponding rdomain.
In order to know which lo(4) interface is attached to a rdomain, its index
is stored in the rtable/rdomain map.
This is a long overdue since the introduction of rtable/rdomain. It also
fixes a recent regression due to resetting the rdomain of an incoming
packet reported by semarie@, Andreas Bartelt and Nils Frohberg.
ok claudio@
|
| |
|
|
|
|
| |
A single forwarding cache is not the answer. The answer is 42... err PF!
ok bluhm@
|
| |
|
|
|
|
|
| |
(we got lucky before, because the variable that used to be checked was
always available)
OK bluhm@
|
claudio
bluhm
mpi
florian
sashan
friehm
kettenis
rzalamena
dhill
jca
phessler