aboutsummaryrefslogtreecommitdiff
path: root/sys/netinet6/nd6.c
Commit message (Collapse)AuthorAgeFilesLines
* fixed a memory leak when net.inet6.icmp6.nd6_maxqueuelen is greater than 1SUZUKI Shinsuke2006-03-241-4/+26
| | | | | | | | Obtained from: KAME MFC after: 3 days Notes: svn path=/head/; revision=157097
* avoided the use of purged address structure when an address becameHajimu UMEMOTO2006-02-121-2/+1
| | | | | | | | | | | | | | invalid in nd6_timer(). PR: kern/93170 Reported by: kris Submitted by: JINMEI Tatuya <jinmei__at__isl.rdc.toshiba.co.jp> Confirmed by: kris Obtained from: KAME MFC after: 2 days Notes: svn path=/head/; revision=155575
* fixed a compilation failure on amd64/sparc64/ia64SUZUKI Shinsuke2005-10-221-2/+4
| | | | | | | | Submitted by: max MFC after: 2 month Notes: svn path=/head/; revision=151546
* sync with KAME regarding NDPSUZUKI Shinsuke2005-10-211-209/+337
| | | | | | | | | | | | | | | - introduced fine-grain-timer to manage ND-caches and IPv6 Multicast-Listeners - supports Router-Preference <draft-ietf-ipv6-router-selection-07.txt> - better prefix lifetime management - more spec-comformant DAD advertisement - updated RFC/internet-draft revisions Obtained from: KAME Reviewed by: ume, gnn MFC after: 2 month Notes: svn path=/head/; revision=151539
* perform NUD on an IPv6-aware point-to-point interfaceSUZUKI Shinsuke2005-10-211-0/+2
| | | | | | | | Obtained from: KAME MFC after: 1 week Notes: svn path=/head/; revision=151537
* sync with KAME (nuked unused code, use NULL to denote a NULL pointer)SUZUKI Shinsuke2005-10-191-15/+0
| | | | | | | | Obtained from: KAME Reviewed by: ume, gnn Notes: svn path=/head/; revision=151479
* supported an ndp command suboption to disable IPv6 in the given interfaceSUZUKI Shinsuke2005-10-191-0/+6
| | | | | | | | | Obtained from: KAME Reviewd by: ume, gnn MFC after: 2 week Notes: svn path=/head/; revision=151474
* added an ioctl option in kernel so that ndp/rtadvd can change some ↵SUZUKI Shinsuke2005-10-191-0/+28
| | | | | | | | | | | NDP-related kernel variables based on their configurations (RFC2461 p.43 6.2.1 mandates this for IPv6 routers) Obtained from: KAME Reviewd by: ume, gnn MFC after: 2 weeks Notes: svn path=/head/; revision=151468
* sync with KAME in the following points:SUZUKI Shinsuke2005-10-191-44/+45
| | | | | | | | | | | | | | | - fixed typos - improved some comment descriptions - use NULL, instead of 0, to denote a NULL pointer - avoid embedding a magic number in the code - use nd6log() instead of log() to record NDP-specific logs - nuked an unnecessay white space Obtained from: KAME MFC after: 1 day Notes: svn path=/head/; revision=151465
* Add support for multicast to the bridge and allow inet6 addresses to beAndrew Thompson2005-09-061-0/+2
| | | | | | | | | | | | | | | | | | | assigned to the interface. IPv6 auto-configuration is disabled. An IPv6 link-local address has a link-local scope within one link, the spec is unclear for the bridge case and it may cause scope violation. An address can be assigned in the usual way; ifconfig bridge0 inet6 xxxx:... Tested by: bmah Reviewed by: ume (netinet6) Approved by: mlaier (mentor) MFC after: 1 week Notes: svn path=/head/; revision=149829
* - fix typo in comment.Hajimu UMEMOTO2005-08-121-2/+2
| | | | | | | | | | - nuke unused code. Submitted by: suz Obtained from: KAME Notes: svn path=/head/; revision=148987
* o Make rt_check() function more strict:Gleb Smirnoff2005-08-111-0/+6
| | | | | | | | | | | | | - rt0 passed to rt_check() must not be NULL, assert this. - rt returned by rt_check() must be valid locked rtentry, if no error occured. o Modify callers, so that they never pass NULL rt0 to rt_check(). Reviewed by: sam, ume (nd6.c) Notes: svn path=/head/; revision=148954
* In preparation for fixing races in ARP (and probably in otherGleb Smirnoff2005-08-091-0/+1
| | | | | | | L2/L3 mappings) make rt_check() return a locked rtentry. Notes: svn path=/head/; revision=148883
* - Use 'error' variable to store error value, instead of 'i'.Gleb Smirnoff2005-08-091-9/+6
| | | | | | | | | | | - Push 'i' into the only block where it is used. - Remove redundant check for rt being NULL. If rt_check() hasn't returned an error, then rt is valid. Reviewed by: gnn Notes: svn path=/head/; revision=148882
* scope cleanup. with this changeHajimu UMEMOTO2005-07-251-46/+49
| | | | | | | | | | | | | | | | | | | | | | - most of the kernel code will not care about the actual encoding of scope zone IDs and won't touch "s6_addr16[1]" directly. - similarly, most of the kernel code will not care about link-local scoped addresses as a special case. - scope boundary check will be stricter. For example, the current *BSD code allows a packet with src=::1 and dst=(some global IPv6 address) to be sent outside of the node, if the application do: s = socket(AF_INET6); bind(s, "::1"); sendto(s, some_global_IPv6_addr); This is clearly wrong, since ::1 is only meaningful within a single node, but the current implementation of the *BSD kernel cannot reject this attempt. Submitted by: JINMEI Tatuya <jinmei__at__isl.rdc.toshiba.co.jp> Obtained from: KAME Notes: svn path=/head/; revision=148385
* do not hardcode if_mtu values in here, except for IFT_{ARC,FDDI} -Hajimu UMEMOTO2005-07-201-15/+0
| | | | | | | | | | they need special handling. makes it possible to take advantage of 9k ether frames. Obtained from: NetBSD Notes: svn path=/head/; revision=148210
* Add CARP (Common Address Redundancy Protocol), which allows multipleGleb Smirnoff2005-02-221-0/+3
| | | | | | | | | | | | | | | | hosts to share an IP address, providing high availability and load balancing. Original work on CARP done by Michael Shalayeff, with many additions by Marco Pfatschbacher and Ryan McBride. FreeBSD port done solely by Max Laier. Patch by: mlaier Obtained from: OpenBSD (mickey, mcbride) Notes: svn path=/head/; revision=142215
* /* -> /*- for license, minor formatting changes, separate for KAMEWarner Losh2005-01-071-1/+1
| | | | Notes: svn path=/head/; revision=139826
* Prevent reentrancy of the IPv6 routing code (leading to crash withBrian Feldman2004-10-031-5/+26
| | | | | | | INVARIANTS on, who knows what with it off). Notes: svn path=/head/; revision=136076
* Call callout_init() on nd6_slowtimo_ch before setting it going; otherwise,Robert Watson2004-09-051-0/+1
| | | | | | | | | | the flags field will be improperly initialized resulting in inconsistent operation (sometimes with Giant, sometimes without, et al). RELENG_5 candidate. Notes: svn path=/head/; revision=134822
* Remove in6_prefix.[ch] and the contained router renumbering capability.Robert Watson2004-08-231-21/+0
| | | | | | | | | | | | | | | The prefix management code currently resides in nd6, leaving only the unused router renumbering capability in the in6_prefix files. Removing it will make it easier for us to provide locking for the remainder of IPv6 by reducing the number of objects requiring synchronized access. This functionality has also been removed from NetBSD and OpenBSD. Submitted by: George Neville-Neil <gnn at neville-neil.com> Discussed with/approved by: suz, keiichi at kame.net, core at kame.net Notes: svn path=/head/; revision=134188
* fix the change of interface in nd6_storelladdr for multicastLuigi Rizzo2004-04-261-5/+5
| | | | | | | | | addresses too. Reported by: Jun Kuriyama Notes: svn path=/head/; revision=128666
* This commit does two things:Luigi Rizzo2004-04-251-6/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. rt_check() cleanup: rt_check() is only necessary for some address families to gain access to the corresponding arp entry, so call it only in/near the *resolve() routines where it is actually used -- at the moment this is arpresolve(), nd6_storelladdr() (the call is embedded here), and atmresolve() (the call is just before atmresolve to reduce the number of changes). This change will make it a lot easier to decouple the arp table from the routing table. There is an extra call to rt_check() in if_iso88025subr.c to determine the routing info length. I have left it alone for the time being. The interface of arpresolve() and nd6_storelladdr() now changes slightly: + the 'rtentry' parameter (really a hint from the upper level layer) is now passed unchanged from *_output(), so it becomes the route to the final destination and not to the gateway. + the routines will return 0 if resolution is possible, non-zero otherwise. + arpresolve() returns EWOULDBLOCK in case the mbuf is being held waiting for an arp reply -- in this case the error code is masked in the caller so the upper layer protocol will not see a failure. 2. arpcom untangling Where possible, use 'struct ifnet' instead of 'struct arpcom' variables, and use the IFP2AC macro to access arpcom fields. This mostly affects the netatalk code. === Detailed changes: === net/if_arcsubr.c rt_check() cleanup, remove a useless variable net/if_atmsubr.c rt_check() cleanup net/if_ethersubr.c rt_check() cleanup, arpcom untangling net/if_fddisubr.c rt_check() cleanup, arpcom untangling net/if_iso88025subr.c rt_check() cleanup netatalk/aarp.c arpcom untangling, remove a block of duplicated code netatalk/at_extern.h arpcom untangling netinet/if_ether.c rt_check() cleanup (change arpresolve) netinet6/nd6.c rt_check() cleanup (change nd6_storelladdr) Notes: svn path=/head/; revision=128636
* Remove a tail-recursive call in nd6_output.Luigi Rizzo2004-04-191-5/+8
| | | | | | | | | This change is functionally identical to the original code, though I have no idea if that was correct in the first place (see comment in the commit). Notes: svn path=/head/; revision=128421
* Replace Bcopy/Bzero with 'the real thing' as in the rest of the file.Luigi Rizzo2004-04-181-2/+2
| | | | Notes: svn path=/head/; revision=128397
* protect access to ifnet structure with mutex.Hajimu UMEMOTO2004-01-281-0/+2
| | | | Notes: svn path=/head/; revision=125147
* - changed the logic in nd6_is_addr_neighbor(); check on-link prefixesHajimu UMEMOTO2003-12-081-17/+23
| | | | | | | | | | | | | | | | | (not interface addresses) to see if a given address is on-link. - skip offlink prefixes in neighbor determination in nd6_is_addr_neighbor. - in nd6_is_addr_neighbor, regarded every address as on-link when the default router list is empty. otherwise, we'd not be able make a neighbor cache for the address. this algorithm is applied to hosts only. - in nd6_is_addr_neighbor, check if the default interface is equal to the interface in question in addition to check if the default router list is empty. Obtained from: KAME Notes: svn path=/head/; revision=123296
* replace explicit changes to rt_refcnt by RT_ADDREF and RT_REMREFSam Leffler2003-11-081-2/+2
| | | | | | | | | | macros that expand to include assertions when the system is built with INVARIANTS Supported by: FreeBSD Foundation Notes: svn path=/head/; revision=122334
* - cleanup SP refcnt issue.Hajimu UMEMOTO2003-11-041-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - share policy-on-socket for listening socket. - don't copy policy-on-socket at all. secpolicy no longer contain spidx, which saves a lot of memory. - deep-copy pcb policy if it is an ipsec policy. assign ID field to all SPD entries. make it possible for racoon to grab SPD entry on pcb. - fixed the order of searching SA table for packets. - fixed to get a security association header. a mode is always needed to compare them. - fixed that the incorrect time was set to sadb_comb_{hard|soft}_usetime. - disallow port spec for tunnel mode policy (as we don't reassemble). - an user can define a policy-id. - clear enc/auth key before freeing. - fixed that the kernel crashed when key_spdacquire() was called because key_spdacquire() had been implemented imcopletely. - preparation for 64bit sequence number. - maintain ordered list of SA, based on SA id. - cleanup secasvar management; refcnt is key.c responsibility; alloc/free is keydb.c responsibility. - cleanup, avoid double-loop. - use hash for spi-based lookup. - mark persistent SP "persistent". XXX in theory refcnt should do the right thing, however, we have "spdflush" which would touch all SPs. another solution would be to de-register persistent SPs from sptree. - u_short -> u_int16_t - reduce kernel stack usage by auto variable secasindex. - clarify function name confusion. ipsec_*_policy -> ipsec_*_pcbpolicy. - avoid variable name confusion. (struct inpcbpolicy *)pcb_sp, spp (struct secpolicy **), sp (struct secpolicy *) - count number of ipsec encapsulations on ipsec4_output, so that we can tell ip_output() how to handle the packet further. - When the value of the ul_proto is ICMP or ICMPV6, the port field in "src" of the spidx specifies ICMP type, and the port field in "dst" of the spidx specifies ICMP code. - avoid from applying IPsec transport mode to the packets when the kernel forwards the packets. Tested by: nork Obtained from: KAME Notes: svn path=/head/; revision=122062
* Switch Advanced Sockets API for IPv6 from RFC2292 to RFC3542Hajimu UMEMOTO2003-10-241-38/+27
| | | | | | | | | | | | | (aka RFC2292bis). Though I believe this commit doesn't break backward compatibility againt existing binaries, it breaks backward compatibility of API. Now, the applications which use Advanced Sockets API such as telnet, ping6, mld6query and traceroute6 use RFC3542 API. Obtained from: KAME Notes: svn path=/head/; revision=121472
* correct linkmtu handling.Hajimu UMEMOTO2003-10-201-33/+22
| | | | | | | Obtained from: KAME Notes: svn path=/head/; revision=121283
* rtfree() must be called in lock context.Hajimu UMEMOTO2003-10-181-0/+1
| | | | | | | Reported by: jhay Notes: svn path=/head/; revision=121214
* - add dom_if{attach,detach} framework.Hajimu UMEMOTO2003-10-171-83/+63
| | | | | | | | | - transition to use ifp->if_afdata. Obtained from: KAME Notes: svn path=/head/; revision=121161
* MFp4: correct locking issues in nd6_lookupSam Leffler2003-10-141-1/+4
| | | | | | | Supported by: FreeBSD Foundation Notes: svn path=/head/; revision=121092
* nuke SCOPEDROUTING. Though it was there for a long time,Hajimu UMEMOTO2003-10-101-3/+0
| | | | | | | it was never enabled. Notes: svn path=/head/; revision=120971
* - typo in commentHajimu UMEMOTO2003-10-091-75/+56
| | | | | | | | | | | - style - ANSIfy (there is no functional change.) Obtained from: KAME Notes: svn path=/head/; revision=120941
* return(code) -> return (code)Hajimu UMEMOTO2003-10-061-28/+28
| | | | | | | (reduce diffs against KAME) Notes: svn path=/head/; revision=120856
* Locking for updates to routing table entries. Each rtentry gets a mutexSam Leffler2003-10-041-12/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | that covers updates to the contents. Note this is separate from holding a reference and/or locking the routing table itself. Other/related changes: o rtredirect loses the final parameter by which an rtentry reference may be returned; this was never used and added unwarranted complexity for locking. o minor style cleanups to routing code (e.g. ansi-fy function decls) o remove the logic to bump the refcnt on the parent of cloned routes, we assume the parent will remain as long as the clone; doing this avoids a circularity in locking during delete o convert some timeouts to MPSAFE callouts Notes: 1. rt_mtx in struct rtentry is guarded by #ifdef _KERNEL as user-level applications cannot/do-no know about mutex's. Doing this requires that the mutex be the last element in the structure. A better solution is to introduce an externalized version of struct rtentry but this is a major task because of the intertwining of rtentry and other data structures that are visible to user applications. 2. There are known LOR's that are expected to go away with forthcoming work to eliminate many held references. If not these will be resolved prior to release. 3. ATM changes are untested. Sponsored by: FreeBSD Foundation Obtained from: BSD/OS (partly) Notes: svn path=/head/; revision=120727
* Enable IPv6 for Token Ring.Matthew N. Dodd2003-09-141-0/+5
| | | | Notes: svn path=/head/; revision=120049
* introduced a flag bit "ND6_IFF_ACCEPT_RTADV" in the nd_ifinfo structure toHajimu UMEMOTO2003-08-051-1/+6
| | | | | | | | | | | | | | control whether to accept RAs per-interface basis. the new stuff ensures the backward compatibility; - the kernel does not accept RAs on any interfaces by default. - since the default value of the flag bit is on, the kernel accepts RAs on all interfaces when net.inet6.ip6.accept_rtadv is 1. Obtained from: KAME MFC after: 1 week Notes: svn path=/head/; revision=118498
* panic() doesn't need \nSUZUKI Shinsuke2003-04-291-7/+7
| | | | | | | | Obtained from: KAME MFC after: 2 days Notes: svn path=/head/; revision=114205
* Back out M_* changes, per decision of the TRB.Warner Losh2003-02-191-1/+1
| | | | | | | Approved by: trb Notes: svn path=/head/; revision=111119
* Consolidate MIN/MAX macros into one place (param.h).Alfred Perlstein2003-02-021-1/+0
| | | | | | | Submitted by: Hiten Pandya <hiten@unixdaemons.com> Notes: svn path=/head/; revision=110232
* Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.Alfred Perlstein2003-01-211-1/+1
| | | | | | | Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT. Notes: svn path=/head/; revision=109623
* Introduce support for Mandatory Access Control and extensibleRobert Watson2002-08-021-0/+5
| | | | | | | | | | | | | kernel access control. When generating nd6 output on an interface, label the packet appropriately. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=101240
* Correct timer management (deprecated) in nd6_timer.Hajimu UMEMOTO2002-04-241-2/+3
| | | | | | | | Obtained from: KAME MFC after: 3 days Notes: svn path=/head/; revision=95395
* just merged cosmetic changes from KAME to ease sync between KAME and FreeBSD.SUZUKI Shinsuke2002-04-191-42/+37
| | | | | | | | | | (based on freebsd4-snap-20020128) Reviewed by: ume MFC after: 1 week Notes: svn path=/head/; revision=95023
* Use <net/fddi.h> rather than <netinet/if_fddi.h>.Matthew N. Dodd2002-04-061-1/+1
| | | | Notes: svn path=/head/; revision=93920
* In nd6_lookup(), check if rt_llinfo is non-NULL to avoid returning anHajimu UMEMOTO2002-04-011-4/+9
| | | | | | | | | | entry that has the LLINFO flag but is not a neighbor cache entry. Obtained from: KAME MFC after: 1 week Notes: svn path=/head/; revision=93539
* - In nd6_rtrequest(), ignored a route when it is created by cloning andHajimu UMEMOTO2002-02-281-0/+21
| | | | | | | | | | | | | is not a neighbor. see comments for the detailed reason. - Rejected the process of nd6_rtrequest() when the request is RESOLVE and the interface does not need neighbor caches. Obtained from: KAME MFC After: 1 week Notes: svn path=/head/; revision=91491
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 15:33:27 +0000