summaryrefslogtreecommitdiffstats
path: root/sys/netmpls (follow)
Commit message (Collapse)AuthorAgeFilesLines
* spellingjsg2021-03-102-4/+4
| | | | ok gnezdo@ semarie@ mpi@
* Convert mpls_sysctl to sysctl_bounded_argsgnezdo2020-08-192-22/+9
| | | | OK claudio@
* Move range check inside sysctl_int_arrgnezdo2020-08-011-6/+3
| | | | | | | Range violations are now consistently reported as EOPNOTSUPP. Previously they were mixed with ENOPROTOOPT. OK kn@
* cleanup unused headers generated by configjsg2020-01-241-3/+1
| | | | ok tedu@ krw@ deraadt@
* Remove mpls_inkloop and the corresponding sysctl net.mpls.maxloop_inkernel.claudio2019-11-052-7/+4
| | | | | | The value is no longer needed since the MPLS code got refactored some time ago. Found by Thomas Habets (thomas (at) habets se)
* correct INET6 path in mpls_getttl() and avoid uninitialised variablejsg2019-09-031-2/+2
| | | | ok dlg@
* use m_getptr to get to the right mbuf and offset for the ttl in mpls_gettl.dlg2019-08-271-29/+27
| | | | | problem found by and this fix was tested by groos at xiplink dot com on bugs@
* Copy the user provided sockaddr into a normalized sockaddr in rtrequest()claudio2019-06-131-1/+2
| | | | | | | | | | before adding it to the routing table. The rtable code is doing memcmp() of those rt_dest sockaddrs so it is important that they are stored in a canonical form. To do this struct domain is extended to include the sockaddr size for this address family. OK bluhm@ anton@ Reported-by: syzbot+10fe9cd8d0211c562ead@syzkaller.appspotmail.com
* fix ipv4 checksum fixup; this trick requires an accumulator of exactly twice the checksum's widthprocter2019-02-081-2/+4
| | | | ok dlg@
* add some macros to help turn labels into shims and back again.dlg2019-01-301-1/+4
|
* check the result of rtalloc with rtisvalid instead of a compare with NULLdlg2019-01-291-3/+4
| | | | based on advice seen from mpi@
* use mpls_ip_adjttl and mpls_ip6_adjttl in mpe instead of rolling it again.dlg2019-01-272-46/+40
| | | | | | | | mpls_ip_adjttl now patches the checksum rather than check it and calculate it again. both mpls_ip_adjttl and mpls_ip6_adjttl now rely on the caller to check the sysctls for whether they should run or not, which paves the way for making it configurable in mpe via the tunnel ioctls.
* change how packets are pushed into mpe(4).dlg2019-01-272-14/+2
| | | | | | | mpe(4) adds itself ot the mpls rtable with RTF_LOCAL set, which pushes the packet through mpe_output, which sees RTF_LOCAL can calls mpe_input. this follows what mpw(4) does, and removes a special case in mpls_input.
* move the mpe_softc definition and mpe macros into the mpe driver.dlg2019-01-271-13/+1
|
* split off "local" input handlingdlg2019-01-271-1/+27
| | | | | | | | | | this means the current mpls header will be passed along with the mbuf for mpw to look at. right now this doesn't do anything, but it will allow for implementation of RFC 6391 (flow aware transport) and using the exp header for cos. when mpe gets moved to adding an RTF_LOCAL route, this will be used for cos and ttl handling.
* forgot to commit the tweaks to mpls_input when mpw became an ethernet ifacedlg2019-01-271-5/+3
| | | | | | | | | the input mechanism for mpw is now that it inserts a tag into the mpls table with RTF_LOCAL set. mpls_input falls through to calling the interface output routine (mpw_output in this case) which looks for that RTF_LOCAL and then calls mpw_input against that mbuf. ok claudio@ who is keep to apply this semantic to mpe
* check if the incoming ttl is <= 1 before decrementing it.dlg2019-01-261-3/+4
| | | | | | previously it would decrement the uint8_t ttl and then check if it was less than one, which let ttl 0 off the wire wrap to 255 (which is higher than 1).
* Retire dom_rtkeylen from struct domain. Nothing is using this anymore.claudio2018-11-191-2/+1
| | | | | It was used by the original patricia tree. OK mpi@
* Check that mpls has been enabled on the input interface, lost in rev 1.66jca2018-01-121-2/+7
| | | | While here fix under MPLS_DEBUG. ok dlg@
* fix some poop that snuck into the last commit.dlg2018-01-101-3/+5
| | | | noticed by bijanebrahimi at riseup dot net and confirmed by anton@
* make mpls_input take a struct ifnet *ifp argument.dlg2018-01-092-46/+20
| | | | | | | | | | | this makes it like all our other protocol family input functions. mpls_input always looks up the interface the mbuf was received on, but it's always called by code that already has a reference to that interface anyway. the result of this is a few less if_get/if_put calls. ok mpi@ bluhm@ visa@ claudio@
* Pullup the mbuf before accessing the version field in the IP header.bluhm2017-12-081-2/+10
| | | | | Fix the pullup length of the shim header in mpls_do_error(). issue reported by Maxime Villard; OK deraadt@ claudio@
* Use m_freem() in error case. Found by Maxime Villardclaudio2017-12-081-2/+2
| | | | OK bluhm@
* The adjttl functions use m_pullup(). In some cases m_pullup() can returnclaudio2017-12-081-15/+15
| | | | | | | a new mbuf chain and this chain needs to be returned to the caller else a use after free may happen. Issue reported by Maxime Villard OK bluhm@ deraadt@
* mpls_shim_pop() can return NULL. Check it else we end up dereferencing NULL.claudio2017-12-081-1/+7
| | | | | Issue reported by Maxime Villard OK bluhm@ deraadt@
* The per-interface mpls flag should also also be tested on input beforederaadt2017-12-081-14/+24
| | | | | | proceeding, as described in ifconfig documentation. Discussion with claudio. Related to a report from maxime. ok claudio bluhm
* Introduce ipv{4,6}_input(), two wrappers around IP queues.mpi2017-05-301-3/+15
| | | | | | | This will help transitionning to an un-KERNEL_LOCK()ed IP forwarding path. Disucssed with bluhm@, ok claudio@
* Convert domain declarations to C99 initializers.mpi2017-03-021-6/+6
| | | | ok dhill@, florian@, bluhm@
* Allow MPLS switching and VPLS across rdomains.renato2017-03-021-2/+2
| | | | OK claudio@ mpi@
* Remove mpls_raw_usrreq() prototype, that function is gone.claudio2017-02-281-4/+1
|
* Retire the AF_MPLS protosw struct. Nothing is using it and the code was superclaudio2017-02-274-88/+8
| | | | | | | basic anyway. Simplifies the code a lot also by calling the mpls sysctl no longer via the protosw but instead directly. OK mpi@ on a previous diff. Also tested by renato@ who actually found a bug which is now fixed.
* Return EOPNOTSUPP instead of calling a function to do only that.mpi2016-11-151-16/+2
| | | | ok phessler@
* Do not dereference ``rt->rt_ifa'' after calling rtfree(9).mpi2016-08-221-2/+3
| | | | | | | This could result in a use after free if the route entry was holding the last reference of the address descriptor. ok jca@, bluhm@, claudio@
* Revert the introduction of ``rt_addr''.mpi2016-07-111-2/+2
| | | | | | Being able to add route entries without configured addresses is a nice feature but this is not my fight. So I'd rather no add another pointer to ``struct rtentry'' if I'm not removing another one.
* Store the source address associated with a route in its own chunk ofmpi2016-06-141-2/+2
| | | | | | | | | memory. This will allow to unlink 'sruct rtentry' and 'struct ifaddr' to be able to add route entries without needing an address. ok sthen@, visa@, florian@
* There is no need to grab the KERNEL_LOCK here anymore. After discussion withclaudio2015-12-041-7/+1
| | | | dlg@ and mpi@
* Get rid of rt_mask() and stop allocating a "struct sockaddr" for everympi2015-12-031-2/+2
| | | | | | | | | | | | | route entry in ART. rt_plen() now represents the prefix length of a route entry and should be used instead. For now use a "struct sockaddr_in6" to represent the mask when needed, this should be then replaced by the prefix length and RTA_NETMASK only used for compatibility with userland. ok claudio@
* Oups, forgot in the tedu of RT_REPORT commitclaudio2015-12-021-3/+3
|
* Rework the MPLS handling. Remove the lookup loops since nothing is usingclaudio2015-12-023-228/+157
| | | | | | | | | them and they make everything so much harder with no gain. Remove the ifp argument from mpls_input since it is not needed. On the input side the lookup side is modified a bit when it comes to BOS handling. Tested in a L3VPN setup with ldpd and bgpd. Commiting now so we can move on with cleaning up rt_ifp usage. If this breaks L2VPN I will fix it once reported. OK mpi@
* No need for <net/if_types.h>mpi2015-11-241-2/+1
| | | | As a bonus this removes a "#if NCARP > 0", say yeah!
* rtfree(9) and rtalloc(9) no longer need to be called under KERNEL_LOCK.mpi2015-10-231-20/+7
|
* Initialize the routing table before domains.mpi2015-10-071-3/+3
| | | | | | | | | | | | | | | | | | | | | | | The routing table is not an optional component of the network stack and initializing it inside the "routing domain" requires some ugly introspection in the domain interface. This put the rtable* layer at the same level of the if* level. These two subsystem are organized around the two global data structure used in the network stack: - the global &ifnet list, to be used in process context only, and - the routing table which can be read in interrupt context. This change makes the rtable_* layer domain-aware and extends the "struct domain" such that INET, INET6 and MPLS can specify the length of the binary key used in lookups. This allows us to keep, or move towards, AF-free route and rtable layers. While here stop the madness and pass the size of the maximum key length in *byte* to rn_inithead0(). ok claudio@, mikeb@
* Always increment rt_use inside rtalloc(9) instead of doing it in somempi2015-09-232-5/+2
| | | | | | specific places. ok claudio@, benno@
* There's no point in abstracting ifp->if_output() as long as pf_test()mpi2015-09-132-4/+4
| | | | | | needs to see lo0 in the output path. ok claudio@
* Stop overwriting the rt_ifp pointer of RTF_LOCAL routes with lo0ifp.mpi2015-09-122-4/+4
| | | | | | | | | Use instead the RTF_LOCAL flag to loop local traffic back to the corresponding protocol queue. With this change rt_ifp is now always the same as rt_ifa->ifa_ifp. ok claudio@
* Use rtfree() instead of playing with the refcount directly. Some care isclaudio2015-09-121-6/+11
| | | | | | needed since rt0 as passed from the upper layer is freed by that layer. Also if_output does not free the rt so handle that as well. With and OK mpi@
* Make every subsystem using a radix tree call rn_init() and pass thempi2015-09-041-3/+2
| | | | | | | | | | | | | | | length of the key as argument. This way every consumer of the radix tree has a chance to explicitly initialize the shared data structures and no longer rely on another subsystem to do the initialization. As a bonus ``dom_maxrtkey'' is no longer used an die. ART kernels should now be fully usable because pf(4) and IPSEC properly initialized the radix tree. ok chris@, reyk@
* Use a global table for domains instead of building a list at run time.mpi2015-08-301-2/+2
| | | | | | | As a side effect there's no need to run if_attachdomain() after the list of domains has been built. ok claudio@, reyk@
* Don't use mpls_input() as input handler anymore and instead call itrzalamena2015-07-292-53/+26
| | | | | | directly. Also protect non mp-safe functions while at it. ok mpi@.
* Implemented MPLS pseudowire (mpw(4)) to be used with VPLS and VPWS.rzalamena2015-07-202-2/+24
| | | | ok mpi@, claudio@.
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.