summaryrefslogtreecommitdiffstats
path: root/sys/netinet6/ip6_input.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* spellingjsg2021-03-101-2/+2
| | | | ok gnezdo@ semarie@ mpi@
* we don't have to cast to caddr_t when calling m_copydata anymore.dlg2021-02-251-9/+9
| | | | | | | | | | | | | | | | the first cut of this diff was made with coccinelle using this spatch: @rule@ type caddr_t; expression m, off, len, cp; @@ -m_copydata(m, off, len, (caddr_t)cp) +m_copydata(m, off, len, cp) i had fix it's opinionated idea of formatting by hand though, so i'm not sure it was worth it. ok deraadt@ bluhm@
* Replace sysctl_rdint with sysctl_bounded_args entries in net.inet*gnezdo2020-11-161-6/+9
|
* Convert ip6_sysctl to sysctl_bounded_argsgnezdo2020-08-241-4/+21
| | | | Tighter limits and OK by sashan
* No longer prevent TCP connections to IPv6 anycast addresses.florian2020-08-081-3/+1
| | | | | | | | | | | | | | | | | | | | RFC 4291 dropped this requirement from RFC 3513: o An anycast address must not be used as the source address of an IPv6 packet. And from that requirement draft-itojun-ipv6-tcp-to-anycast rightly concluded that TCP connections must be prevented. The draft also states: The proposed method MUST be removed when one of the following events happens in the future: o Restriction imposed on IPv6 anycast address is loosened, so that anycast address can be placed into source address field of the IPv6 header[...] OK jca
* Move range check inside sysctl_int_arrgnezdo2020-08-011-9/+6
| | | | | | | Range violations are now consistently reported as EOPNOTSUPP. Previously they were mixed with ENOPROTOOPT. OK kn@
* Do sanity checks in ip6_pullexthdr() preventing a panic in m_copydata(9).mpi2020-05-061-1/+7
| | | | | | | | | | | | An invalid/corrupted hop6 option in rip6_input()/ip6_savecontrol() could lead m_copydata(9)s' check to trigger a panic. Fix from maxv@NetBSD where the problem was also reported by syzkaller. Reported-by: syzbot+3b07b3511b4ceb8bf1e2@syzkaller.appspotmail.com Reported-by: syzbot+7ee0eb2691d507fcad2e@syzkaller.appspotmail.com ok sashan@, dlg@, claudio@, deraadt@
* Stop processing packets under non-exclusive (read) netlock.mpi2020-04-121-3/+3
| | | | | | | | | | | | Prevent concurrency in the socket layer which is not ready for that. Two recent data corruptions in pfsync(4) and the socket layer pointed out that, at least, tun(4) was incorrectly using NET_RUNLOCK(). Until we find a way in software to avoid future mistakes and to make sure that only the softnet thread and some ioctls are safe to use a read version of the lock, put everything back to the exclusive version. ok stsp@, visa@
* The loopback check in ip6_input_if() was needless. The ::1 destinationbluhm2019-12-301-7/+1
| | | | | | | | address is in the routing table and will be identified as any other local address. There is no reason to handle ::1 source address special. Better use the generic IPv6 input path. Kame has removed the special code in their revision 1.189 commit. OK sashan@
* fix broken tree. sorry for inconveniences.sashan2019-12-231-3/+3
|
* rdr-to with loopback destination should work even thoughsashan2019-12-231-2/+3
| | | | | | IP forwarding is disabled. Issue reported by Daniel Jakots (danj@) OK bluhm@
* Make sure packet destination address matches interface address,sashan2019-12-081-1/+26
| | | | | | | | | where such packet is bound to. This check is enforced if and only IP forwarding is disabled. Change discussed with bluhm@, claudio@, deraadt@, markus@, tobhe@ OK bluhm@, claudio@, tobhe@
* add __func__ to panic() and printf() calls in sys/netinet6/*nayden2019-11-291-3/+3
| | | | ok benno@ mortimer@
* Remove support for semantically opace interface identifiers (RFC 7217)florian2019-08-211-12/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | for IPv6 link local addresses. Some hosting and VM providers route customer IPv6 prefixes to link local addresses derived from ethernet MAC addresses (RFC 2464). This leads to hard to debug IPv6 connectivity problems and is probably not worth the effort. RFC 7721 lists 4 weaknesses: 3.1. Correlation of Activities over Time & 3.2. Location Tracking These are still possible with RFC 7217 addresses for an adversary connected to the same layer 2 network (think conference wifi). Since the link local prefix stays the same (fe80::/64) the link local addresses do not change between different networks. An adversary on the same layer 2 network can probably track ethernet MAC addresses via different means, too. 3.3. Address Scanning & 3.4. Device-Specific Vulnerability Exploitation These now become possible, however, as noted above a layer 2 adversary was probably able to do this via different means. People concerned with these weaknesses are advised to use ifconfig lladdr random. OK benno input & OK kn
* When we needed the kernel lock for local IP packet delivery, mpi@bluhm2019-08-061-44/+3
| | | | | | | | | | | introduced a queue to grab the lock for multiple packets. Now we have only netlock for both IP and protocol input. So the queue is not necessary anymore. It just switches CPU and decreases performance. So remove the inet and inet6 ip queue for local packets. To get TCP running on loopback, we have to queue once between TCP input and output of the two sockets. So use the loopback queue in looutput() unconditionally. OK visa@
* use m_microtime instead of microtime for SO_TIMESTAMP socketopt handlingdlg2019-06-101-2/+2
| | | | | | drivers can set ph_timestamp when packets are received by the hardware, which should be more accurate and cheaper than getting the clock when the packet is queued on the socket.
* M_LEADINGSPACE() and M_TRAILINGSPACE() are just wrappers forclaudio2018-11-091-2/+2
| | | | | | m_leadingspace() and m_trailingspace(). Convert all callers to call directly the functions and remove the defines. OK krw@, mpi@
* All places that call carp_lsdrop() use the interface pointer already.bluhm2018-05-211-5/+4
| | | | | | | | It does not make sense to call if_get() again, just pass ifp as parameter. Move the IFT_CARP check into the function instead of doing it everywhere. Replace the inverted match variable logic with simple returns. OK mpi@ friehm@
* Remove almost unused `flags' argument of suser().mpi2018-02-191-2/+2
| | | | | | | The account flag `ASU' will no longer be set but that makes suser() mpsafe since it no longer mess with a per-process field. No objection from millert@, ok tedu@, bluhm@
* Use IP6_SOIIKEY_LEN instead of hardcoded value.mpi2018-02-121-2/+2
| | | | from semarie@, ok benno@
* Implement RFC 7217: "A Method for Generating Semantically Opaqueflorian2018-02-101-1/+36
| | | | | | | | | | | | Interface Identifiers with IPv6 Stateless Address Autoconfiguration." "An IPv6 address configured using this method is stable within each subnet, but the corresponding Interface Identifier changes when the host moves from one network to another. This method is meant to be an alternative to generating Interface Identifiers based on hardware addresses." OK naddy, sthen
* The function ip6_get_prevhdr() did return a pointer into a mbuf.bluhm2018-02-011-25/+19
| | | | | | It was not guaranteed that the mbuf data was not somewhere else in the chain. So return an offset and do a proper mbuf pulldown. found by Maxime Villard; from NetBSD; with markus@; OK deraadt@
* Constify protocol tables and remove an assert now that ip_deliver() ismpi2017-11-231-2/+2
| | | | | | mp-safe. ok bluhm@, visa@
* Sprinkle some NET_ASSERT_LOCKED(), const and co to prepare runningmpi2017-11-201-2/+2
| | | | | | pr_input handlers without KERNEL_LOCK(). ok visa@
* Introduce a reader version of the NET_LOCK().mpi2017-11-101-3/+3
| | | | | | | | This will be used to first allow read-only ioctl(2) to be executed while the softnet taskq is running. Then it will allows us to execute multiple softnet taskq in parallel. Tested by Hrvoje Popovski, ok kettenis@, sashan@, visa@, tb@
* Fix typo in previous resulting in a NULL dereference.mpi2017-11-011-2/+2
|
* - add one more softnet taskqsashan2017-10-311-2/+2
| | | | | | | NOTE: code still runs with single softnet task. change definition of SOFTNET_TASKS in net/if.c, if you want to have more than one softnet task OK mpi@, OK phessler@
* Stop grabbing the KERNEL_LOCK() in network tasks when `ipsec_in_use'mpi2017-10-261-26/+1
| | | | | | | | | is set. Accesses to IPsec global data structure are now serialized by the NET_LOCK(). Tested by many, ok visa@, bluhm@
* Setting the IPV6_MINMTU flag in the call to ip6_output() was movedbluhm2017-10-181-1/+8
| | | | | | | from icmp6_reflect() to ip6_send_dispatch() when ip6_send() was introduced. Move the comment that explains this flag also to the place where it is used. from sashan@
* Reduces the scope of the NET_LOCK() in sysctl(2) path.mpi2017-10-091-10/+23
| | | | | | Exposes per-CPU counters to real parrallelism. ok visa@, bluhm@, jca@
* Prevent a race against ipsec_in_use.mpi2017-08-221-2/+5
| | | | | | Problem reported and fix tested by Hrvoje Popovski. ok bluhm@, visa@
* Remove NET_LOCK()'s argument.mpi2017-08-111-4/+3
| | | | Tested by Hrvoje Popovski, ok bluhm@
* Increase the limit of the IP protocol queues from 256 to 2048 mbufs.bluhm2017-08-081-2/+2
| | | | | | The interface congestion algorithm kills performance at this place, with the large queues it never triggers. OK mpi@ claudio@
* We do have SO_TIMESTAMP since some time and there is other code in theflorian2017-08-041-3/+1
| | | | | kernel that uses it without the #ifdef guard. OK bluhm
* The IP in IP input function strips the outer header and reinsertsbluhm2017-07-051-66/+19
| | | | | | | | | | | | | | | the inner IP packet into the internet queue. The IPv6 local delivery code has a loop to deal with header chains. The idea is to use this loop and avoid the queueing and rescheduling. The IPsec packet will be processed in a single flow. Merge the IP deliver loop from both IP versions into a single ip_deliver() function that can handle both addresss families. This allows to process an IP in IP header like a normal extension header. If af != AF_UNSPEC, we are already in a deliver loop and have the kernel look. Then we can just return the next protocol. Otherwise we enqueue. The dequeue thread has the kernel lock and starts an IP delivery loop. OK mpi@
* Convert ip6_input() to a pr_input style function. Goal is to processbluhm2017-06-271-39/+65
| | | | | IPsec packets without additional enqueueing. OK mpi@
* When dealing with mbuf pointers passed down as function parameters,bluhm2017-06-191-2/+2
| | | | | | | bugs could easily result in use-after-free or double free. Introduce m_freemp() which automatically resets the pointer before freeing it. So we have less dangling pointers in the kernel. OK krw@ mpi@ claudio@
* The IP multicast forward functions return an errno, call the variablebluhm2017-06-191-8/+14
| | | | | | error. Make the ip_mforward() return value consistent. Simplify the caller logic in ipv6_input() like in IPv4. OK mpi@
* Move IPv4 & IPv6 incoming/forwarding path, PIPEX ppp processing andmpi2017-05-311-18/+41
| | | | | | | | | | | | | | | | | | | | | IPv4 & IPv6 dispatch functions outside the KERNEL_LOCK(). We currently rely on the NET_LOCK() serializing access to most global data structures for that. IP input queues are no longer used in the forwarding case. They still exist as boundary between the network and transport layers because TCP/UDP & friends still need the KERNEL_LOCK(). Since we do not want to grab the NET_LOCK() for every packet, the softnet thread will do it once before processing a batch. That means the L2 processing path, which is currently running without lock, will now run with the NET_LOCK(). IPsec isn't ready to run without KERNEL_LOCK(), so the softnet thread will grab the KERNEL_LOCK() as soon as ``ipsec_in_use'' is set. Tested by Hrvoje Popovski. ok visa@, bluhm@, henning@
* Carp balancing ip does not work since there is a mac filter infriehm2017-05-301-4/+4
| | | | | | | ether_input(). Now we use mbuf tags instead of modifying the MAC address. ok mpi@
* Introduce ipv{4,6}_input(), two wrappers around IP queues.mpi2017-05-301-1/+7
| | | | | | | This will help transitionning to an un-KERNEL_LOCK()ed IP forwarding path. Disucssed with bluhm@, ok claudio@
* Per-interface list of addresses, both multicast and unicast, arempi2017-05-291-3/+2
| | | | | | | | | | | | | currently protected by the NET_LOCK(). They are not accessed in the hot path, so protecting them with a mutex could be an option. However since we're now going to run with a NET_LOCK() for some time, assert that it is held. IPsec is not yet ready to run without KERNEL_LOCK(), so assert it is held, even in the forwarding path. Tested by sthen@, ok visa@, claudio@, bluhm@
* Rename ip_local() to ip_deliver() and give it the same parametersbluhm2017-05-281-19/+17
| | | | | | | as the pr_input functions. Add an assert that IPv4 delivery ends in IP proto done to assure that IPv4 protocol functions work like IPv6. OK mpi@
* Bump the right counters. One of these was caught by clang because of akettenis2017-05-231-3/+3
| | | | | | mismatched enum. ok bluhm@
* Move IPsec forward and local policy check functions to ipsec_input.cbluhm2017-05-221-4/+3
| | | | | and give them better names. input and OK mikeb@
* Use the IPsec policy check from IPv4 also when doing local deliverybluhm2017-05-221-1/+13
| | | | | in ip6_local() to our IPv6 stack. OK mikeb@
* Use the IPsec policy check from ipv4_input() also when forwardingbluhm2017-05-121-1/+19
| | | | | in ip6_input(). While there avoid an ugly #ifdef in ipv4_input(). OK mikeb@
* Fix white spaces and wrap long line. No binary change.bluhm2017-05-111-6/+6
|
* Added initial IPv6 multicast routing support for multiple rdomains:rzalamena2017-05-081-2/+2
| | | | | | | | * don't share mifs (multicast interface) between rdomains * allow multiple routing sockets connected at the same time if they are in different rdomains. ok bluhm@
* Pass down the address family through the pr_input calls. Thisbluhm2017-04-141-2/+3
| | | | | allows to simplify code used for both IPv4 and IPv6. OK mikeb@ deraadt@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.