aboutsummaryrefslogtreecommitdiff
path: root/sys/netinet/in.c
Commit message (Collapse)AuthorAgeFilesLines
* Sweep kernel replacing suser(9) calls with priv(9) calls, assigningRobert Watson2006-11-061-7/+29
| | | | | | | | | | | | | | | | specific privilege names to a broad range of privileges. These may require some future tweaking. Sponsored by: nCircle Network Security, Inc. Obtained from: TrustedBSD Project Discussed on: arch@ Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri, Alex Lyashkov <umka at sevcity dot net>, Skip Ford <skip dot ford at verizon dot net>, Antoine Brodin <antoine dot brodin at laposte dot net> Notes: svn path=/head/; revision=164033
* The IPv4 code should clean up multicast group state when an interfaceBruce M Simpson2006-09-281-2/+31
| | | | | | | | | | | | | | | goes away. Without this change, it leaks in_multi (and often ether_multi state) if many clonable interfaces are created and destroyed in quick succession. The concept of this fix is borrowed from KAME. Detailed information about this behaviour, as well as test cases, are available in the PR. PR: kern/78227 MFC after: 1 week Notes: svn path=/head/; revision=162718
* In in_control() remove the temporary in_ifaddr structure from theAndre Oppermann2006-01-241-1/+2
| | | | | | | | | | | | ia_hash only if it actually is an AF_INET address. All other places test for sa_family == AF_INET but this one. PR: kern/92091 Submitted by: Seth Kingsley <sethk-at-meowfishies.com> MFC after: 3 days Notes: svn path=/head/; revision=154777
* First fill in structure with valid values, and only then attach itGleb Smirnoff2005-10-281-2/+2
| | | | | | | | | to the global list. Reviewed by: rwatson Notes: svn path=/head/; revision=151824
* In in_addprefix() compare not only route addresses, but their masks,Gleb Smirnoff2005-10-221-8/+13
| | | | | | | | | | | too. This fixes problem when connected prefixes overlap. Obtained from: OpenBSD (rev. 1.40 by claudio); [ I came to this fix myself, and then found out that OpenBSD had already fixed it the same way.] Notes: svn path=/head/; revision=151555
* Unlock Giant symmetrically with respect to lock acquire order as that'sRobert Watson2005-10-031-1/+1
| | | | | | | | | | generally nicer. Spotted by: johan MFC after: 1 week Notes: svn path=/head/; revision=150853
* Acquire Giant conditionally in in_addmulti() and in_delmulti() based onRobert Watson2005-10-031-0/+9
| | | | | | | | | | | | | | whether the interface being accessed is IFF_NEEDSGIANT or not. This avoids lock order reversals when calling into the interface ioctl handler, which could potentially lead to deadlock. The long term solution is to eliminate non-MPSAFE network drivers. Discussed with: jhb MFC after: 1 week Notes: svn path=/head/; revision=150852
* Take a first cut at cleaning up ifnet removal and multicast socketRobert Watson2005-09-181-8/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | panics, which occur when stale ifnet pointers are left in struct moptions hung off of inpcbs: - Add in_ifdetach(), which matches in6_ifdetach(), and allows the protocol to perform early tear-down on the interface early in if_detach(). - Annotate that if_detach() needs careful consideration. - Remove calls to in_pcbpurgeif0() in the handling of SIOCDIFADDR -- this is not the place to detect interface removal! This also removes what is basically a nasty (and now unnecessary) hack. - Invoke in_pcbpurgeif0() from in_ifdetach(), in both raw and UDP IPv4 sockets. It is now possible to run the msocket_ifnet_remove regression test using HEAD without panicking. MFC after: 3 days Notes: svn path=/head/; revision=150296
* In order to support CARP interfaces kernel was taught to handle moreGleb Smirnoff2005-08-181-2/+12
| | | | | | | | | | | | | | | | than one interface in one subnet. However, some userland apps rely on the believe that this configuration is impossible. Add a sysctl switch net.inet.ip.same_prefix_carp_only. If the switch is on, then kernel will refuse to add an additional interface to already connected subnet unless the interface is CARP. Default value is off. PR: bin/82306 In collaboration with: mlaier Notes: svn path=/head/; revision=149221
* Introduce in_multi_mtx, which will protect IPv4-layer multicast addressRobert Watson2005-08-031-10/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | lists, as well as accessor macros. For now, this is a recursive mutex due code sequences where IPv4 multicast calls into IGMP calls into ip_output(), which then tests for a multicast forwarding case. For support macros in in_var.h to check multicast address lists, assert that in_multi_mtx is held. Acquire in_multi_mtx around iteration over the IPv4 multicast address lists, such as in ip_input() and ip_output(). Acquire in_multi_mtx when manipulating the IPv4 layer multicast addresses, as well as over the manipulation of ifnet multicast address lists in order to keep the two layers in sync. Lock down accesses to IPv4 multicast addresses in IGMP, or assert the lock when performing IGMP join/leave events. Eliminate spl's associated with IPv4 multicast addresses, portions of IGMP that weren't previously expunged by IGMP locking. Add in_multi_mtx, igmp_mtx, and if_addr_mtx lock order to hard-coded lock order in WITNESS, in that order. Problem reported by: Ed Maste <emaste at phaedrus dot sandvine dot ca> MFC after: 10 days Notes: svn path=/head/; revision=148682
* Use IFF_LOCKGIANT/IFF_UNLOCKGIANT around calls to the interfaceIan Dowse2005-06-021-14/+26
| | | | | | | | | if_ioctl routine. This should fix a number of code paths through soo_ioctl() that could call into Giant-locked network drivers without first acquiring Giant. Notes: svn path=/head/; revision=146883
* ifma_protospec is a pointer. Use NULL when assigning or compating it.Gleb Smirnoff2005-03-201-2/+2
| | | | Notes: svn path=/head/; revision=143881
* Remove a workaround from previos revision. It proved to be incorrect.Gleb Smirnoff2005-03-201-7/+16
| | | | | | | | | | | Add two another workarounds for carp(4) interfaces: - do not add connected route when address is assigned to carp(4) interface - do not add connected route when other interface goes down Embrace workarounds with #ifdef DEV_CARP Notes: svn path=/head/; revision=143868
* Add antifootshooting workaround, which will make all routes "connected"Gleb Smirnoff2005-03-101-0/+6
| | | | | | | | to carp(4) interfaces host routes. This prevents a problem, when connected network is routed to carp(4) interface. Notes: svn path=/head/; revision=143374
* /* -> /*- for license, minor formatting changesWarner Losh2005-01-071-1/+1
| | | | Notes: svn path=/head/; revision=139823
* Fix host route addition for more than one address to a loopback interfaceMax Laier2004-11-171-1/+1
| | | | | | | | | | | after allowing more than one address with the same prefix. Reported by: Vladimir Grebenschikov <vova NO fbsd SPAM ru> Submitted by: ru (also NetBSD rev. 1.83) Pointyhat to: mlaier Notes: svn path=/head/; revision=137833
* Merge copyright notices.Max Laier2004-11-131-28/+1
| | | | | | | Requested by: njl Notes: svn path=/head/; revision=137668
* Change the way we automatically add prefix routes when adding a new address.Max Laier2004-11-121-27/+147
| | | | | | | | | | | | | | | | | | | This makes it possible to have more than one address with the same prefix. The first address added is used for the route. On deletion of an address with IFA_ROUTE set, we try to find a "fallback" address and hand over the route if possible. I plan to MFC this in 4 weeks, hence I keep the - now obsolete - argument to in_ifscrub as it must be considered KAPI as it is not static in in.c. I will clean this after the MFC. Discussed on: arch, net Tested by: many testers of the CARP patches Nits from: ru, Andrea Campi <andrea+freebsd_arch webcom it> Obtained from: WIDE via OpenBSD MFC after: 1 month Notes: svn path=/head/; revision=137628
* White space cleanup for netinet before branch:Robert Watson2004-08-161-3/+3
| | | | | | | | | | | | | | - Trailing tab/space cleanup - Remove spurious spaces between or before tabs This change avoids touching files that Andre likely has in his working set for PFIL hooks changes for IPFW/DUMMYNET. Approved by: re (scottl) Submitted by: Xin LI <delphij@frontfree.net> Notes: svn path=/head/; revision=133874
* Add the function in_localip() which returns 1 if an internet address is forAndre Oppermann2004-08-111-0/+17
| | | | | | | the local host and configured on one of its interfaces. Notes: svn path=/head/; revision=133486
* Remove advertising clause from University of California Regent'sWarner Losh2004-04-071-4/+0
| | | | | | | | | | license, per letter dated July 22, 1999 and email from Peter Wemm, Alan Cox and Robert Watson. Approved by: core, peter, alc, rwatson Notes: svn path=/head/; revision=128019
* Bring eventhandler callbacks for pf.Max Laier2004-02-261-0/+5
| | | | | | | | | | | This enables pf to track dynamic address changes on interfaces (dailup) with the "on (<ifname>)"-syntax. This also brings hooks in anticipation of tracking cloned interfaces, which will be in future versions of pf. Approved by: bms(mentor) Notes: svn path=/head/; revision=126264
* Document the net.inet.ip.subnets_are_local sysctl.Ruslan Ermilov2003-12-301-1/+1
| | | | Notes: svn path=/head/; revision=123998
* Correct rev 1.56 which (incorrectly) reversed the test used toSam Leffler2003-11-031-1/+1
| | | | | | | | | decide if in_pcbpurgeif0 should be invoked. Supported by: FreeBSD Foundation Notes: svn path=/head/; revision=121922
* Back out M_* changes, per decision of the TRB.Warner Losh2003-02-191-2/+2
| | | | | | | Approved by: trb Notes: svn path=/head/; revision=111119
* Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.Alfred Perlstein2003-01-211-2/+2
| | | | | | | Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT. Notes: svn path=/head/; revision=109623
* Lock up ifaddr reference counts.Jeffrey Hsu2002-12-181-3/+5
| | | | Notes: svn path=/head/; revision=108033
* Remove unused and incorrectly maintained variable "in_interfaces"Poul-Henning Kamp2002-12-171-4/+0
| | | | Notes: svn path=/head/; revision=107983
* fixed a kernel crash by "ifconfig stf0 inet 1.2.3.4"SUZUKI Shinsuke2002-10-221-5/+9
| | | | | | | MFC after: 1 week Notes: svn path=/head/; revision=105748
* Lock up inpcb.Jeffrey Hsu2002-06-101-2/+2
| | | | | | | Submitted by: Jennifer Yang <yangjihui@yahoo.com> Notes: svn path=/head/; revision=98102
* Remove the code that masks an EEXIST returned from rtinit() whenBrian Somers2002-04-101-4/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | calling ioctl(SIOC[AS]IFADDR). This allows the following: ifconfig xx0 inet 1.2.3.1 netmask 0xffffff00 ifconfig xx0 inet 1.2.3.17 netmask 0xfffffff0 alias ifconfig xx0 inet 1.2.3.25 netmask 0xfffffff8 alias ifconfig xx0 inet 1.2.3.26 netmask 0xffffffff alias but would (given the above) reject this: ifconfig xx0 inet 1.2.3.27 netmask 0xfffffff8 alias due to the conflicting netmasks. I would assert that it's wrong to mask the EEXIST returned from rtinit() as in the above scenario, the deletion of the 1.2.3.25 address will leave the 1.2.3.27 address as unroutable as it was in the first place. Offered for review on: -arch, -net Discussed with: stephen macmanus <stephenm@bayarea.net> MFC after: 3 weeks Notes: svn path=/head/; revision=94327
* Don't add host routes for interface addresses of 0.0.0.0/8 -> 0.255.255.255.Brian Somers2002-04-101-6/+18
| | | | | | | | | | | | | This change allows bootp to work with more than one interface, at the expense of some rather ``wrong'' looking code. I plan to MFC this in place of luigi's recent #ifdef BOOTP stuff that was committed to this file in -stable, as that's slightly more wrong that this is. Offered for review on: -arch, -net MFC after: 2 weeks Notes: svn path=/head/; revision=94326
* Change the suser() API to take advantage of td_ucred as well as do aJohn Baldwin2002-04-011-3/+3
| | | | | | | | | | | | | | | general cleanup of the API. The entire API now consists of two functions similar to the pre-KSE API. The suser() function takes a thread pointer as its only argument. The td_ucred member of this thread must be valid so the only valid thread pointers are curthread and a few kernel threads such as thread0. The suser_cred() function takes a pointer to a struct ucred as its first argument and an integer flag as its second argument. The flag is currently only used for the PRISON_ROOT flag. Discussed on: smp@ Notes: svn path=/head/; revision=93593
* Remove __P.Alfred Perlstein2002-03-191-8/+8
| | | | Notes: svn path=/head/; revision=92723
* During SIOCAIFADDR, if in_ifinit() fails and we've already added anBrian Somers2001-11-301-24/+39
| | | | | | | | | | | | | interface address, blow the address away again before returning the error. In in_ifinit(), if we get an error from rtinit() and we've also got a destination address, return the error rather than masking EEXISTS. Failing to create a host route when configuring an interface should be treated as an error. Notes: svn path=/head/; revision=87124
* Make sure the netmask always has an address family. This fixes LinuxDag-Erling Smørgrav2001-10-301-3/+4
| | | | | | | | | | | | ifconfig, which expects the address returned by the SIOCGIFNETMASK ioctl to have a valid sa_family. Similar changes may be necessary for IPv6. While we're here, get rid of an unnecessary temp variable. MFC after: 2 weeks Notes: svn path=/head/; revision=85740
* in_ifinit apparently can be used to rewrite an ip address; recalculateJonathan Lemon2001-10-011-1/+5
| | | | | | | | | the correct hash bucket for the entry. Submitted by: iedowse (with some munging by me) Notes: svn path=/head/; revision=84317
* Add a hash table that contains the list of internet addresses, and useJonathan Lemon2001-09-291-13/+19
| | | | | | | | this in place of the in_ifaddr list when appropriate. This improves performance on hosts which have a large number of IP aliases. Notes: svn path=/head/; revision=84102
* KSE Milestone 2Julian Elischer2001-09-121-11/+11
| | | | | | | | | | | | | | | | | Note ALL MODULES MUST BE RECOMPILED make the kernel aware that there are smaller units of scheduling than the process. (but only allow one thread per process at this time). This is functionally equivalent to teh previousl -current except that there is a thread associated with each process. Sorry john! (your next MFC will be a doosie!) Reviewed by: peter@freebsd.org, dillon@freebsd.org X-MFC after: ha ha ha ha Notes: svn path=/head/; revision=83366
* Wrap array accesses in macros, which also happen to be lvalues:Jonathan Lemon2001-09-061-1/+1
| | | | | | | | | | ifnet_addrs[i - 1] -> ifaddr_byindex(i) ifindex2ifnet[i] -> ifnet_byindex(i) This is intended to ease the conversion to SMPng. Notes: svn path=/head/; revision=83130
* When running aplication joined multicast address,Hajimu UMEMOTO2001-08-041-0/+12
| | | | | | | | | | | | | | | | | removing network card, and kill aplication. imo_membership[].inm_ifp refer interface pointer after removing interface. When kill aplication, release socket,and imo_membership. imo_membership use already not exist interface pointer. Then, kernel panic. PR: 29345 Submitted by: Inoue Yuichi <inoue@nd.net.fujitsu.co.jp> Obtained from: KAME MFC after: 3 days Notes: svn path=/head/; revision=81127
* Sync with recent KAME.Hajimu UMEMOTO2001-06-111-20/+3
| | | | | | | | | | | | | | | | | | | | | This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks Notes: svn path=/head/; revision=78064
* In in_ifadown(), differentiate between whether the interface goesRuslan Ermilov2001-05-111-1/+1
| | | | | | | | | | down or interface address is deleted. Only delete static routes in the latter case. Reported by: Alexander Leidinger <Alexander@leidinger.net> Notes: svn path=/head/; revision=76469
* <sys/queue.h> makeover.Poul-Henning Kamp2001-03-161-6/+3
| | | | Notes: svn path=/head/; revision=74362
* net/route.c:Ruslan Ermilov2001-03-151-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A route generated from an RTF_CLONING route had the RTF_WASCLONED flag set but did not have a reference to the parent route, as documented in the rtentry(9) manpage. This prevented such routes from being deleted when their parent route is deleted. Now, for example, if you delete an IP address from a network interface, all ARP entries that were cloned from this interface route are flushed. This also has an impact on netstat(1) output. Previously, dynamically created ARP cache entries (RTF_STATIC flag is unset) were displayed as part of the routing table display (-r). Now, they are only printed if the -a option is given. netinet/in.c, netinet/in_rmx.c: When address is removed from an interface, also delete all routes that point to this interface and address. Previously, for example, if you changed the address on an interface, outgoing IP datagrams might still use the old address. The only solution was to delete and re-add some routes. (The problem is easily observed with the route(8) command.) Note, that if the socket was already bound to the local address before this address is removed, new datagrams generated from this socket will still be sent from the old address. PR: kern/20785, kern/21914 Reviewed by: wollman (the idea) Notes: svn path=/head/; revision=74299
* Another round of the <sys/queue.h> FOREACH transmogriffer.Poul-Henning Kamp2001-02-041-2/+1
| | | | | | | | Created with: sed(1) Reviewed by: md5(1) Notes: svn path=/head/; revision=72012
* Mechanical change to use <sys/queue.h> macro API instead ofPoul-Henning Kamp2001-02-041-9/+9
| | | | | | | | | | fondling implementation details. Created with: sed(1) Reviewed by: md5(1) Notes: svn path=/head/; revision=71999
* Convert more malloc+bzero to malloc+M_ZERO.David Malone2000-12-081-4/+3
| | | | | | | | Submitted by: josh@zipperup.org Submitted by: Robert Drehmel <robd@gmx.net> Notes: svn path=/head/; revision=69781
* Move suser() and suser_xxx() prototypes and a related #define fromPoul-Henning Kamp2000-10-291-1/+0
| | | | | | | | | | | | <sys/proc.h> to <sys/systm.h>. Correctly document the #includes needed in the manpage. Add one now needed #include of <sys/systm.h>. Remove the consequent 48 unused #includes of <sys/proc.h>. Notes: svn path=/head/; revision=67893
* Fixed a missing splx() in if_addmulti(). Was broken in rev.1.28.Bruce Evans2000-08-191-1/+3
| | | | Notes: svn path=/head/; revision=64853
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-17 21:42:32 +0000