svn commit: r185628 - user/kmacy/HEAD_fast_multi_xmit/sys/netinet6
Kip Macy
kmacy at FreeBSD.org
Thu Dec 4 23:41:54 PST 2008
Author: kmacy
Date: Fri Dec 5 07:41:53 2008
New Revision: 185628
URL: http://svn.freebsd.org/changeset/base/185628
Log:
IFC 184756:185625 part 3
Modified:
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/dest6.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/frag6.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/icmp6.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_gif.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_ifattach.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_pcb.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_pcb.h
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_proto.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_rmx.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_src.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/ip6_forward.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/ip6_input.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/ip6_ipsec.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/ip6_mroute.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/ip6_output.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/mld6.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/nd6.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/nd6_nbr.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/nd6_rtr.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/raw_ip6.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/route6.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/scope6.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/udp6_usrreq.c
user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/vinet6.h
Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/dest6.c
==============================================================================
--- user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/dest6.c Fri Dec 5 07:40:52 2008 (r185627)
+++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/dest6.c Fri Dec 5 07:41:53 2008 (r185628)
@@ -55,6 +55,7 @@ __FBSDID("$FreeBSD$");
#include <netinet/ip6.h>
#include <netinet6/ip6_var.h>
#include <netinet/icmp6.h>
+#include <netinet6/vinet6.h>
/*
* Destination options header processing.
Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/frag6.c
==============================================================================
--- user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/frag6.c Fri Dec 5 07:40:52 2008 (r185627)
+++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/frag6.c Fri Dec 5 07:41:53 2008 (r185628)
@@ -57,6 +57,7 @@ __FBSDID("$FreeBSD$");
#include <netinet/icmp6.h>
#include <netinet/in_systm.h> /* for ECN definitions */
#include <netinet/ip.h> /* for ECN definitions */
+#include <netinet6/vinet6.h>
#include <security/mac/mac_framework.h>
@@ -77,9 +78,11 @@ static struct mtx ip6qlock;
/*
* These fields all protected by ip6qlock.
*/
+#ifdef VIMAGE_GLOBALS
static u_int frag6_nfragpackets;
static u_int frag6_nfrags;
static struct ip6q ip6q; /* ip6 reassemble queue */
+#endif
#define IP6Q_LOCK_INIT() mtx_init(&ip6qlock, "ip6qlock", NULL, MTX_DEF);
#define IP6Q_LOCK() mtx_lock(&ip6qlock)
Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/icmp6.c
==============================================================================
--- user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/icmp6.c Fri Dec 5 07:40:52 2008 (r185627)
+++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/icmp6.c Fri Dec 5 07:41:53 2008 (r185628)
@@ -87,6 +87,7 @@ __FBSDID("$FreeBSD$");
#include <net/if_dl.h>
#include <net/if_types.h>
#include <net/route.h>
+#include <net/vnet.h>
#include <netinet/in.h>
#include <netinet/in_pcb.h>
@@ -94,6 +95,8 @@ __FBSDID("$FreeBSD$");
#include <netinet/ip6.h>
#include <netinet/icmp6.h>
#include <netinet/tcp_var.h>
+#include <netinet/vinet.h>
+
#include <netinet6/in6_ifattach.h>
#include <netinet6/in6_pcb.h>
#include <netinet6/ip6protosw.h>
@@ -101,6 +104,7 @@ __FBSDID("$FreeBSD$");
#include <netinet6/scope6_var.h>
#include <netinet6/mld6_var.h>
#include <netinet6/nd6.h>
+#include <netinet6/vinet6.h>
#ifdef IPSEC
#include <netipsec/ipsec.h>
@@ -109,15 +113,17 @@ __FBSDID("$FreeBSD$");
extern struct domain inet6domain;
-struct icmp6stat icmp6stat;
-
+#ifdef VIMAGE_GLOBALS
extern struct inpcbinfo ripcbinfo;
extern struct inpcbhead ripcb;
extern int icmp6errppslim;
-static int icmp6errpps_count = 0;
-static struct timeval icmp6errppslim_last;
extern int icmp6_nodeinfo;
+struct icmp6stat icmp6stat;
+static int icmp6errpps_count;
+static struct timeval icmp6errppslim_last;
+#endif
+
static void icmp6_errcount(struct icmp6errstat *, int, int);
static int icmp6_rip6_input(struct mbuf **, int);
static int icmp6_ratelimit(const struct in6_addr *, const int, const int);
@@ -138,6 +144,8 @@ icmp6_init(void)
{
INIT_VNET_INET6(curvnet);
+ V_icmp6errpps_count = 0;
+
mld6_init();
}
Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6.c
==============================================================================
--- user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6.c Fri Dec 5 07:40:52 2008 (r185627)
+++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6.c Fri Dec 5 07:41:53 2008 (r185628)
@@ -84,6 +84,7 @@ __FBSDID("$FreeBSD$");
#include <net/if_types.h>
#include <net/route.h>
#include <net/if_dl.h>
+#include <net/vnet.h>
#include <netinet/in.h>
#include <netinet/in_var.h>
@@ -100,6 +101,7 @@ __FBSDID("$FreeBSD$");
#include <netinet6/in6_ifattach.h>
#include <netinet6/scope6_var.h>
#include <netinet6/in6_pcb.h>
+#include <netinet6/vinet6.h>
MALLOC_DEFINE(M_IP6MADDR, "in6_multi", "internet multicast address");
Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_gif.c
==============================================================================
--- user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_gif.c Fri Dec 5 07:40:52 2008 (r185627)
+++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_gif.c Fri Dec 5 07:41:53 2008 (r185628)
@@ -66,6 +66,7 @@ __FBSDID("$FreeBSD$");
#include <netinet/ip_ecn.h>
#ifdef INET6
#include <netinet6/ip6_ecn.h>
+#include <netinet6/vinet6.h>
#endif
#include <net/if_gif.h>
Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_ifattach.c
==============================================================================
--- user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_ifattach.c Fri Dec 5 07:40:52 2008 (r185627)
+++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_ifattach.c Fri Dec 5 07:41:53 2008 (r185628)
@@ -46,11 +46,13 @@ __FBSDID("$FreeBSD$");
#include <net/if_dl.h>
#include <net/if_types.h>
#include <net/route.h>
+#include <net/vnet.h>
#include <netinet/in.h>
#include <netinet/in_var.h>
#include <netinet/if_ether.h>
#include <netinet/in_pcb.h>
+#include <netinet/vinet.h>
#include <netinet/ip6.h>
#include <netinet6/ip6_var.h>
@@ -60,19 +62,14 @@ __FBSDID("$FreeBSD$");
#include <netinet6/ip6_var.h>
#include <netinet6/nd6.h>
#include <netinet6/scope6_var.h>
+#include <netinet6/vinet6.h>
-unsigned long in6_maxmtu = 0;
-
-#ifdef IP6_AUTO_LINKLOCAL
-int ip6_auto_linklocal = IP6_AUTO_LINKLOCAL;
-#else
-int ip6_auto_linklocal = 1; /* enable by default */
-#endif
-
+#ifdef VIMAGE_GLOBALS
+unsigned long in6_maxmtu;
+int ip6_auto_linklocal;
struct callout in6_tmpaddrtimer_ch;
-
-extern struct inpcbinfo udbinfo;
extern struct inpcbinfo ripcbinfo;
+#endif
static int get_rand_ifid(struct ifnet *, struct in6_addr *);
static int generate_tmp_ifid(u_int8_t *, const u_int8_t *, u_int8_t *);
Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_pcb.c
==============================================================================
--- user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_pcb.c Fri Dec 5 07:40:52 2008 (r185627)
+++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_pcb.c Fri Dec 5 07:41:53 2008 (r185628)
@@ -96,18 +96,14 @@ __FBSDID("$FreeBSD$");
#include <netinet/tcp_var.h>
#include <netinet/ip6.h>
#include <netinet/ip_var.h>
+#include <netinet/vinet.h>
#include <netinet6/ip6_var.h>
#include <netinet6/nd6.h>
#include <netinet/in_pcb.h>
#include <netinet6/in6_pcb.h>
#include <netinet6/scope6_var.h>
-
-#ifdef IPSEC
-#include <netipsec/ipsec.h>
-#include <netipsec/ipsec6.h>
-#include <netipsec/key.h>
-#endif /* IPSEC */
+#include <netinet6/vinet6.h>
#include <security/mac/mac_framework.h>
@@ -149,6 +145,10 @@ in6_pcbbind(register struct inpcb *inp,
if ((error = sa6_embedscope(sin6, V_ip6_use_defzone)) != 0)
return(error);
+ if (prison_local_ip6(cred, &sin6->sin6_addr,
+ ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0)
+ return (EINVAL);
+
lport = sin6->sin6_port;
if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) {
/*
@@ -223,6 +223,9 @@ in6_pcbbind(register struct inpcb *inp,
return (EADDRINUSE);
}
}
+ if (prison_local_ip6(cred, &sin6->sin6_addr,
+ ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0)
+ return (EADDRNOTAVAIL);
t = in6_pcblookup_local(pcbinfo, &sin6->sin6_addr,
lport, wild, cred);
if (t && (reuseport & ((t->inp_vflag & INP_TIMEWAIT) ?
@@ -255,6 +258,9 @@ in6_pcbbind(register struct inpcb *inp,
}
inp->in6p_laddr = sin6->sin6_addr;
}
+ if (prison_local_ip6(cred, &inp->in6p_laddr,
+ ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0)
+ return (EINVAL);
if (lport == 0) {
int e;
if ((e = in6_pcbsetport(&inp->in6p_laddr, inp, cred)) != 0)
@@ -314,6 +320,8 @@ in6_pcbladdr(register struct inpcb *inp,
if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr))
sin6->sin6_addr = in6addr_loopback;
}
+ if (prison_remote_ip6(inp->inp_cred, &sin6->sin6_addr) != 0)
+ return (EADDRNOTAVAIL);
/*
* XXX: in6_selectsrc might replace the bound local address
@@ -410,45 +418,6 @@ in6_pcbdisconnect(struct inpcb *inp)
in_pcbrehash(inp);
}
-void
-in6_pcbdetach(struct inpcb *inp)
-{
-
- KASSERT(inp->inp_socket != NULL, ("in6_pcbdetach: inp_socket == NULL"));
- inp->inp_socket->so_pcb = NULL;
- inp->inp_socket = NULL;
-}
-
-void
-in6_pcbfree(struct inpcb *inp)
-{
- struct inpcbinfo *ipi = inp->inp_pcbinfo;
-
- KASSERT(inp->inp_socket == NULL, ("in6_pcbfree: inp_socket != NULL"));
- INP_INFO_WLOCK_ASSERT(inp->inp_pcbinfo);
- INP_WLOCK_ASSERT(inp);
-
-#ifdef IPSEC
- if (inp->in6p_sp != NULL)
- ipsec6_delete_pcbpolicy(inp);
-#endif /* IPSEC */
- inp->inp_gencnt = ++ipi->ipi_gencnt;
- in_pcbremlists(inp);
- ip6_freepcbopts(inp->in6p_outputopts);
- ip6_freemoptions(inp->in6p_moptions);
- /* Check and free IPv4 related resources in case of mapped addr */
- if (inp->inp_options)
- (void)m_free(inp->inp_options);
- if (inp->inp_moptions != NULL)
- inp_freemoptions(inp->inp_moptions);
- inp->inp_vflag = 0;
-#ifdef MAC
- mac_inpcb_destroy(inp);
-#endif
- INP_WUNLOCK(inp);
- uma_zfree(ipi->ipi_zone, inp);
-}
-
struct sockaddr *
in6_sockaddr(in_port_t port, struct in6_addr *addr_p)
{
@@ -694,15 +663,16 @@ in6_pcblookup_local(struct inpcbinfo *pc
head = &pcbinfo->ipi_hashbase[INP_PCBHASH(INADDR_ANY, lport,
0, pcbinfo->ipi_hashmask)];
LIST_FOREACH(inp, head, inp_hash) {
+ /* XXX inp locking */
if ((inp->inp_vflag & INP_IPV6) == 0)
continue;
if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) &&
IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr) &&
inp->inp_lport == lport) {
- /*
- * Found.
- */
- return (inp);
+ /* Found. */
+ if (cred == NULL ||
+ inp->inp_cred->cr_prison == cred->cr_prison)
+ return (inp);
}
}
/*
@@ -732,6 +702,10 @@ in6_pcblookup_local(struct inpcbinfo *pc
*/
LIST_FOREACH(inp, &phd->phd_pcblist, inp_portlist) {
wildcard = 0;
+ if (cred != NULL &&
+ inp->inp_cred->cr_prison != cred->cr_prison)
+ continue;
+ /* XXX inp locking */
if ((inp->inp_vflag & INP_IPV6) == 0)
continue;
if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr))
@@ -741,7 +715,7 @@ in6_pcblookup_local(struct inpcbinfo *pc
if (IN6_IS_ADDR_UNSPECIFIED(laddr))
wildcard++;
else if (!IN6_ARE_ADDR_EQUAL(
- &inp->in6p_laddr, laddr))
+ &inp->in6p_laddr, laddr))
continue;
} else {
if (!IN6_IS_ADDR_UNSPECIFIED(laddr))
@@ -750,9 +724,8 @@ in6_pcblookup_local(struct inpcbinfo *pc
if (wildcard < matchwild) {
match = inp;
matchwild = wildcard;
- if (matchwild == 0) {
+ if (matchwild == 0)
break;
- }
}
}
}
@@ -835,11 +808,11 @@ in6_rtchange(struct inpcb *inp, int errn
*/
struct inpcb *
in6_pcblookup_hash(struct inpcbinfo *pcbinfo, struct in6_addr *faddr,
- u_int fport_arg, struct in6_addr *laddr, u_int lport_arg,
- int wildcard, struct ifnet *ifp)
+ u_int fport_arg, struct in6_addr *laddr, u_int lport_arg, int wildcard,
+ struct ifnet *ifp)
{
struct inpcbhead *head;
- register struct inpcb *inp;
+ struct inpcb *inp, *tmpinp;
u_short fport = fport_arg, lport = lport_arg;
int faith;
@@ -853,10 +826,12 @@ in6_pcblookup_hash(struct inpcbinfo *pcb
/*
* First look for an exact match.
*/
+ tmpinp = NULL;
head = &pcbinfo->ipi_hashbase[
INP_PCBHASH(faddr->s6_addr32[3] /* XXX */, lport, fport,
pcbinfo->ipi_hashmask)];
LIST_FOREACH(inp, head, inp_hash) {
+ /* XXX inp locking */
if ((inp->inp_vflag & INP_IPV6) == 0)
continue;
if (IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, faddr) &&
@@ -864,32 +839,79 @@ in6_pcblookup_hash(struct inpcbinfo *pcb
inp->inp_fport == fport &&
inp->inp_lport == lport) {
/*
- * Found.
+ * XXX We should be able to directly return
+ * the inp here, without any checks.
+ * Well unless both bound with SO_REUSEPORT?
*/
- return (inp);
+ if (jailed(inp->inp_cred))
+ return (inp);
+ if (tmpinp == NULL)
+ tmpinp = inp;
}
}
- if (wildcard) {
- struct inpcb *local_wild = NULL;
+ if (tmpinp != NULL)
+ return (tmpinp);
+
+ /*
+ * Then look for a wildcard match, if requested.
+ */
+ if (wildcard == INPLOOKUP_WILDCARD) {
+ struct inpcb *local_wild = NULL, *local_exact = NULL;
+ struct inpcb *jail_wild = NULL;
+ int injail;
+ /*
+ * Order of socket selection - we always prefer jails.
+ * 1. jailed, non-wild.
+ * 2. jailed, wild.
+ * 3. non-jailed, non-wild.
+ * 4. non-jailed, wild.
+ */
head = &pcbinfo->ipi_hashbase[INP_PCBHASH(INADDR_ANY, lport,
0, pcbinfo->ipi_hashmask)];
LIST_FOREACH(inp, head, inp_hash) {
+ /* XXX inp locking */
if ((inp->inp_vflag & INP_IPV6) == 0)
continue;
- if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) &&
- inp->inp_lport == lport) {
- if (faith && (inp->inp_flags & INP_FAITH) == 0)
+
+ if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) ||
+ inp->inp_lport != lport) {
+ continue;
+ }
+
+ /* XXX inp locking */
+ if (faith && (inp->inp_flags & INP_FAITH) == 0)
+ continue;
+
+ injail = jailed(inp->inp_cred);
+ if (injail) {
+ if (!prison_check_ip6(inp->inp_cred, laddr))
+ continue;
+ } else {
+ if (local_exact != NULL)
continue;
- if (IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr,
- laddr))
+ }
+
+ if (IN6_ARE_ADDR_EQUAL(&inp->in6p_laddr, laddr)) {
+ if (injail)
return (inp);
- else if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr))
+ else
+ local_exact = inp;
+ } else if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) {
+ if (injail)
+ jail_wild = inp;
+ else
local_wild = inp;
}
- }
- return (local_wild);
- }
+ } /* LIST_FOREACH */
+
+ if (jail_wild != NULL)
+ return (jail_wild);
+ if (local_exact != NULL)
+ return (local_exact);
+ if (local_wild != NULL)
+ return (local_wild);
+ } /* if (wildcard == INPLOOKUP_WILDCARD) */
/*
* Not found.
Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_pcb.h
==============================================================================
--- user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_pcb.h Fri Dec 5 07:40:52 2008 (r185627)
+++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_pcb.h Fri Dec 5 07:41:53 2008 (r185628)
@@ -73,9 +73,7 @@ void in6_pcbpurgeif0 __P((struct inpcbin
void in6_losing __P((struct inpcb *));
int in6_pcbbind __P((struct inpcb *, struct sockaddr *, struct ucred *));
int in6_pcbconnect __P((struct inpcb *, struct sockaddr *, struct ucred *));
-void in6_pcbdetach __P((struct inpcb *));
void in6_pcbdisconnect __P((struct inpcb *));
-void in6_pcbfree __P((struct inpcb *));
int in6_pcbladdr __P((struct inpcb *, struct sockaddr *,
struct in6_addr **));
struct inpcb *
Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_proto.c
==============================================================================
--- user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_proto.c Fri Dec 5 07:40:52 2008 (r185627)
+++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_proto.c Fri Dec 5 07:41:53 2008 (r185628)
@@ -128,6 +128,7 @@ __FBSDID("$FreeBSD$");
#endif /* IPSEC */
#include <netinet6/ip6protosw.h>
+#include <netinet6/vinet6.h>
/*
* TCP/IP protocol family: IP6, ICMP6, UDP, TCP.
@@ -368,73 +369,56 @@ DOMAIN_SET(inet6);
/*
* Internet configuration info
*/
-#ifndef IPV6FORWARDING
-#ifdef GATEWAY6
-#define IPV6FORWARDING 1 /* forward IP6 packets not for us */
-#else
-#define IPV6FORWARDING 0 /* don't forward IP6 packets not for us */
-#endif /* GATEWAY6 */
-#endif /* !IPV6FORWARDING */
-
-#ifndef IPV6_SENDREDIRECTS
-#define IPV6_SENDREDIRECTS 1
+#ifdef VIMAGE_GLOBALS
+int ip6_forwarding;
+int ip6_sendredirects;
+int ip6_defhlim;
+int ip6_defmcasthlim;
+int ip6_accept_rtadv;
+int ip6_maxfragpackets;
+int ip6_maxfrags;
+int ip6_log_interval;
+int ip6_hdrnestlimit;
+int ip6_dad_count;
+int ip6_auto_flowlabel;
+int ip6_use_deprecated;
+int ip6_rr_prune;
+int ip6_mcast_pmtu;
+int ip6_v6only;
+int ip6_keepfaith;
+time_t ip6_log_time;
+int ip6stealth;
+int nd6_onlink_ns_rfc4861;
#endif
-int ip6_forwarding = IPV6FORWARDING; /* act as router? */
-int ip6_sendredirects = IPV6_SENDREDIRECTS;
-int ip6_defhlim = IPV6_DEFHLIM;
-int ip6_defmcasthlim = IPV6_DEFAULT_MULTICAST_HOPS;
-int ip6_accept_rtadv = 0; /* "IPV6FORWARDING ? 0 : 1" is dangerous */
-int ip6_maxfragpackets; /* initialized in frag6.c:frag6_init() */
-int ip6_maxfrags; /* initialized in frag6.c:frag6_init() */
-int ip6_log_interval = 5;
-int ip6_hdrnestlimit = 15; /* How many header options will we process? */
-int ip6_dad_count = 1; /* DupAddrDetectionTransmits */
-int ip6_auto_flowlabel = 1;
-int ip6_gif_hlim = 0;
-int ip6_use_deprecated = 1; /* allow deprecated addr (RFC2462 5.5.4) */
-int ip6_rr_prune = 5; /* router renumbering prefix
- * walk list every 5 sec. */
-int ip6_mcast_pmtu = 0; /* enable pMTU discovery for multicast? */
-int ip6_v6only = 1;
-
-int ip6_keepfaith = 0;
-time_t ip6_log_time = (time_t)0L;
-#ifdef IPSTEALTH
-int ip6stealth = 0;
-#endif
-int nd6_onlink_ns_rfc4861 = 0; /* allow 'on-link' nd6 NS (as in RFC 4861) */
-
+#ifdef VIMAGE_GLOBALS
/* icmp6 */
/*
* BSDI4 defines these variables in in_proto.c...
* XXX: what if we don't define INET? Should we define pmtu6_expire
* or so? (jinmei at kame.net 19990310)
*/
-int pmtu_expire = 60*10;
-int pmtu_probe = 60*2;
+int pmtu_expire;
+int pmtu_probe;
/* raw IP6 parameters */
/*
* Nominal space allocated to a raw ip socket.
*/
-#define RIPV6SNDQ 8192
-#define RIPV6RCVQ 8192
-
-u_long rip6_sendspace = RIPV6SNDQ;
-u_long rip6_recvspace = RIPV6RCVQ;
+u_long rip6_sendspace;
+u_long rip6_recvspace;
/* ICMPV6 parameters */
-int icmp6_rediraccept = 1; /* accept and process redirects */
-int icmp6_redirtimeout = 10 * 60; /* 10 minutes */
-int icmp6errppslim = 100; /* 100pps */
+int icmp6_rediraccept;
+int icmp6_redirtimeout;
+int icmp6errppslim;
/* control how to respond to NI queries */
-int icmp6_nodeinfo = (ICMP6_NODEINFO_FQDNOK|ICMP6_NODEINFO_NODEADDROK);
+int icmp6_nodeinfo;
/* UDP on IP6 parameters */
-int udp6_sendspace = 9216; /* really max datagram size */
-int udp6_recvspace = 40 * (1024 + sizeof(struct sockaddr_in6));
- /* 40 1K datagrams */
+int udp6_sendspace;
+int udp6_recvspace;
+#endif /* VIMAGE_GLOBALS */
/*
* sysctl related items.
@@ -580,6 +564,6 @@ SYSCTL_V_INT(V_NET, vnet_inet6, _net_ine
SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_DEBUG,
nd6_debug, CTLFLAG_RW, nd6_debug, 0, "");
-SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_ONLINKNSRFC4861,
- nd6_onlink_ns_rfc4861, CTLFLAG_RW, &nd6_onlink_ns_rfc4861, 0,
+SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_ONLINKNSRFC4861,
+ nd6_onlink_ns_rfc4861, CTLFLAG_RW, nd6_onlink_ns_rfc4861, 0,
"Accept 'on-link' nd6 NS in compliance with RFC 4861.");
Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_rmx.c
==============================================================================
--- user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_rmx.c Fri Dec 5 07:40:52 2008 (r185627)
+++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_rmx.c Fri Dec 5 07:41:53 2008 (r185628)
@@ -89,6 +89,8 @@ __FBSDID("$FreeBSD$");
#include <net/if.h>
#include <net/route.h>
+#include <net/vnet.h>
+
#include <netinet/in.h>
#include <netinet/ip_var.h>
#include <netinet/in_var.h>
@@ -98,6 +100,7 @@ __FBSDID("$FreeBSD$");
#include <netinet/icmp6.h>
#include <netinet6/nd6.h>
+#include <netinet6/vinet6.h>
#include <netinet/tcp.h>
#include <netinet/tcp_seq.h>
@@ -219,20 +222,20 @@ in6_matroute(void *v_arg, struct radix_n
SYSCTL_DECL(_net_inet6_ip6);
-static int rtq_reallyold6 = 60*60;
- /* one hour is ``really old'' */
-SYSCTL_INT(_net_inet6_ip6, IPV6CTL_RTEXPIRE, rtexpire,
- CTLFLAG_RW, &rtq_reallyold6 , 0, "");
-
-static int rtq_minreallyold6 = 10;
- /* never automatically crank down to less */
-SYSCTL_INT(_net_inet6_ip6, IPV6CTL_RTMINEXPIRE, rtminexpire,
- CTLFLAG_RW, &rtq_minreallyold6 , 0, "");
-
-static int rtq_toomany6 = 128;
- /* 128 cached routes is ``too many'' */
-SYSCTL_INT(_net_inet6_ip6, IPV6CTL_RTMAXCACHE, rtmaxcache,
- CTLFLAG_RW, &rtq_toomany6 , 0, "");
+#ifdef VIMAGE_GLOBALS
+static int rtq_reallyold6;
+static int rtq_minreallyold6;
+static int rtq_toomany6;
+#endif
+
+SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_RTEXPIRE,
+ rtexpire, CTLFLAG_RW, rtq_reallyold6 , 0, "");
+
+SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_RTMINEXPIRE,
+ rtminexpire, CTLFLAG_RW, rtq_minreallyold6 , 0, "");
+
+SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_RTMAXCACHE,
+ rtmaxcache, CTLFLAG_RW, rtq_toomany6 , 0, "");
/*
@@ -324,8 +327,10 @@ in6_rtqkill(struct radix_node *rn, void
}
#define RTQ_TIMEOUT 60*10 /* run no less than once every ten minutes */
-static int rtq_timeout6 = RTQ_TIMEOUT;
+#ifdef VIMAGE_GLOBALS
+static int rtq_timeout6;
static struct callout rtq_timer6;
+#endif
static void
in6_rtqtimo(void *rock)
@@ -387,7 +392,9 @@ struct mtuex_arg {
struct radix_node_head *rnh;
time_t nextstop;
};
+#ifdef VIMAGE_GLOBALS
static struct callout rtq_mtutimer;
+#endif
static int
in6_mtuexpire(struct radix_node *rn, void *rock)
@@ -478,6 +485,11 @@ in6_inithead(void **head, int off)
if (off == 0) /* See above */
return 1; /* only do the rest for the real thing */
+ V_rtq_reallyold6 = 60*60; /* one hour is ``really old'' */
+ V_rtq_minreallyold6 = 10; /* never automatically crank down to less */
+ V_rtq_toomany6 = 128; /* 128 cached routes is ``too many'' */
+ V_rtq_timeout6 = RTQ_TIMEOUT;
+
rnh = *head;
rnh->rnh_addaddr = in6_addroute;
rnh->rnh_matchaddr = in6_matroute;
Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_src.c
==============================================================================
--- user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_src.c Fri Dec 5 07:40:52 2008 (r185627)
+++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/in6_src.c Fri Dec 5 07:41:53 2008 (r185628)
@@ -80,6 +80,7 @@ __FBSDID("$FreeBSD$");
#include <sys/sysctl.h>
#include <sys/errno.h>
#include <sys/time.h>
+#include <sys/jail.h>
#include <sys/kernel.h>
#include <sys/sx.h>
#include <sys/vimage.h>
@@ -98,12 +99,15 @@ __FBSDID("$FreeBSD$");
#include <netinet/ip_var.h>
#include <netinet/udp.h>
#include <netinet/udp_var.h>
+#include <netinet/vinet.h>
+
#include <netinet6/in6_var.h>
#include <netinet/ip6.h>
#include <netinet6/in6_pcb.h>
#include <netinet6/ip6_var.h>
#include <netinet6/scope6_var.h>
#include <netinet6/nd6.h>
+#include <netinet6/vinet6.h>
static struct mtx addrsel_lock;
#define ADDRSEL_LOCK_INIT() mtx_init(&addrsel_lock, "addrsel_lock", NULL, MTX_DEF)
@@ -119,9 +123,11 @@ static struct sx addrsel_sxlock;
#define ADDRSEL_XUNLOCK() sx_xunlock(&addrsel_sxlock)
#define ADDR_LABEL_NOTAPP (-1)
-struct in6_addrpolicy defaultaddrpolicy;
-int ip6_prefer_tempaddr = 0;
+#ifdef VIMAGE_GLOBALS
+struct in6_addrpolicy defaultaddrpolicy;
+int ip6_prefer_tempaddr;
+#endif
static int selectroute __P((struct sockaddr_in6 *, struct ip6_pktopts *,
struct ip6_moptions *, struct route_in6 *, struct ifnet **,
@@ -233,6 +239,11 @@ in6_selectsrc(struct sockaddr_in6 *dstso
if (*errorp != 0)
return (NULL);
}
+ if (cred != NULL && prison_local_ip6(cred, &srcsock.sin6_addr,
+ (inp != NULL && (inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0) {
+ *errorp = EADDRNOTAVAIL;
+ return (NULL);
+ }
ia6 = (struct in6_ifaddr *)ifa_ifwithaddr((struct sockaddr *)(&srcsock));
if (ia6 == NULL ||
@@ -250,6 +261,11 @@ in6_selectsrc(struct sockaddr_in6 *dstso
* Otherwise, if the socket has already bound the source, just use it.
*/
if (inp != NULL && !IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) {
+ if (cred != NULL && prison_local_ip6(cred, &inp->in6p_laddr,
+ ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0) {
+ *errorp = EADDRNOTAVAIL;
+ return (NULL);
+ }
return (&inp->in6p_laddr);
}
@@ -301,6 +317,12 @@ in6_selectsrc(struct sockaddr_in6 *dstso
if (!V_ip6_use_deprecated && IFA6_IS_DEPRECATED(ia))
continue;
+ if (cred != NULL &&
+ prison_local_ip6(cred, &ia->ia_addr.sin6_addr,
+ (inp != NULL &&
+ (inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0)
+ continue;
+
/* Rule 1: Prefer same address */
if (IN6_ARE_ADDR_EQUAL(&dst, &ia->ia_addr.sin6_addr)) {
ia_best = ia;
@@ -460,7 +482,6 @@ selectroute(struct sockaddr_in6 *dstsock
struct ifnet **retifp, struct rtentry **retrt, int clone,
int norouteok)
{
- INIT_VNET_NET(curvnet);
INIT_VNET_INET6(curvnet);
int error = 0;
struct ifnet *ifp = NULL;
@@ -783,6 +804,10 @@ in6_pcbsetport(struct in6_addr *laddr, s
INP_INFO_WLOCK_ASSERT(pcbinfo);
INP_WLOCK_ASSERT(inp);
+ if (prison_local_ip6(cred, laddr,
+ ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)) != 0)
+ return(EINVAL);
+
/* XXX: this is redundant when called from in6_pcbbind */
if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0)
wild = INPLOOKUP_WILDCARD;
@@ -875,6 +900,8 @@ addrsel_policy_init(void)
ADDRSEL_SXLOCK_INIT();
INIT_VNET_INET6(curvnet);
+ V_ip6_prefer_tempaddr = 0;
+
init_policy_queue();
/* initialize the "last resort" policy */
@@ -972,7 +999,9 @@ struct addrsel_policyent {
TAILQ_HEAD(addrsel_policyhead, addrsel_policyent);
+#ifdef VIMAGE_GLOBALS
struct addrsel_policyhead addrsel_policytab;
+#endif
static void
init_policy_queue(void)
Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/ip6_forward.c
==============================================================================
--- user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/ip6_forward.c Fri Dec 5 07:40:52 2008 (r185627)
+++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/ip6_forward.c Fri Dec 5 07:41:53 2008 (r185628)
@@ -65,6 +65,7 @@ __FBSDID("$FreeBSD$");
#include <netinet6/scope6_var.h>
#include <netinet/icmp6.h>
#include <netinet6/nd6.h>
+#include <netinet6/vinet6.h>
#include <netinet/in_pcb.h>
@@ -76,7 +77,9 @@ __FBSDID("$FreeBSD$");
#include <netinet6/ip6protosw.h>
+#ifdef VIMAGE_GLOBALS
struct route_in6 ip6_forward_rt;
+#endif
/*
* Forward a packet. If some error occurs return the sender
Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/ip6_input.c
==============================================================================
--- user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/ip6_input.c Fri Dec 5 07:40:52 2008 (r185627)
+++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/ip6_input.c Fri Dec 5 07:41:53 2008 (r185628)
@@ -88,12 +88,14 @@ __FBSDID("$FreeBSD$");
#include <net/route.h>
#include <net/netisr.h>
#include <net/pfil.h>
+#include <net/vnet.h>
#include <netinet/in.h>
#include <netinet/in_systm.h>
#ifdef INET
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
+#include <netinet/vinet.h>
#endif /* INET */
#include <netinet/ip6.h>
#include <netinet6/in6_var.h>
@@ -103,6 +105,7 @@ __FBSDID("$FreeBSD$");
#include <netinet6/scope6_var.h>
#include <netinet6/in6_ifattach.h>
#include <netinet6/nd6.h>
+#include <netinet6/vinet6.h>
#ifdef IPSEC
#include <netipsec/ipsec.h>
@@ -116,21 +119,34 @@ extern struct domain inet6domain;
u_char ip6_protox[IPPROTO_MAX];
static struct ifqueue ip6intrq;
-static int ip6qmaxlen = IFQ_MAXLEN;
+
+#ifdef VIMAGE_GLOBALS
+static int ip6qmaxlen;
struct in6_ifaddr *in6_ifaddr;
+struct ip6stat ip6stat;
+#endif
extern struct callout in6_tmpaddrtimer_ch;
+extern int dad_init;
+extern int pmtu_expire;
+extern int pmtu_probe;
+extern u_long rip6_sendspace;
+extern u_long rip6_recvspace;
+extern int icmp6errppslim;
+extern int icmp6_nodeinfo;
+extern int udp6_sendspace;
+extern int udp6_recvspace;
+
+#ifdef VIMAGE_GLOBALS
int ip6_forward_srcrt; /* XXX */
int ip6_sourcecheck; /* XXX */
int ip6_sourcecheck_interval; /* XXX */
-
int ip6_ours_check_algorithm;
+#endif
struct pfil_head inet6_pfil_hook;
-struct ip6stat ip6stat;
-
static void ip6_init2(void *);
static struct ip6aux *ip6_setdstifaddr(struct mbuf *, struct in6_ifaddr *);
static int ip6_hopopts_input(u_int32_t *, u_int32_t *, struct mbuf **, int *);
@@ -149,6 +165,72 @@ ip6_init(void)
struct ip6protosw *pr;
int i;
+ V_ip6qmaxlen = IFQ_MAXLEN;
+ V_in6_maxmtu = 0;
+#ifdef IP6_AUTO_LINKLOCAL
+ V_ip6_auto_linklocal = IP6_AUTO_LINKLOCAL;
+#else
+ V_ip6_auto_linklocal = 1; /* enable by default */
+#endif
+
+#ifndef IPV6FORWARDING
+#ifdef GATEWAY6
+#define IPV6FORWARDING 1 /* forward IP6 packets not for us */
+#else
+#define IPV6FORWARDING 0 /* don't forward IP6 packets not for us */
+#endif /* GATEWAY6 */
+#endif /* !IPV6FORWARDING */
+
+#ifndef IPV6_SENDREDIRECTS
+#define IPV6_SENDREDIRECTS 1
+#endif
+
+ V_ip6_forwarding = IPV6FORWARDING; /* act as router? */
+ V_ip6_sendredirects = IPV6_SENDREDIRECTS;
+ V_ip6_defhlim = IPV6_DEFHLIM;
+ V_ip6_defmcasthlim = IPV6_DEFAULT_MULTICAST_HOPS;
+ V_ip6_accept_rtadv = 0; /* "IPV6FORWARDING ? 0 : 1" is dangerous */
+ V_ip6_log_interval = 5;
+ V_ip6_hdrnestlimit = 15; /* How many header options will we process? */
+ V_ip6_dad_count = 1; /* DupAddrDetectionTransmits */
+ V_ip6_auto_flowlabel = 1;
+ V_ip6_use_deprecated = 1;/* allow deprecated addr (RFC2462 5.5.4) */
+ V_ip6_rr_prune = 5; /* router renumbering prefix
+ * walk list every 5 sec. */
+ V_ip6_mcast_pmtu = 0; /* enable pMTU discovery for multicast? */
+ V_ip6_v6only = 1;
+ V_ip6_keepfaith = 0;
+ V_ip6_log_time = (time_t)0L;
+#ifdef IPSTEALTH
+ V_ip6stealth = 0;
+#endif
+ V_nd6_onlink_ns_rfc4861 = 0; /* allow 'on-link' nd6 NS (RFC 4861) */
+
+ V_pmtu_expire = 60*10;
+ V_pmtu_probe = 60*2;
+
+ /* raw IP6 parameters */
+ /*
+ * Nominal space allocated to a raw ip socket.
+ */
+#define RIPV6SNDQ 8192
+#define RIPV6RCVQ 8192
+ V_rip6_sendspace = RIPV6SNDQ;
+ V_rip6_recvspace = RIPV6RCVQ;
+
+ /* ICMPV6 parameters */
+ V_icmp6_rediraccept = 1; /* accept and process redirects */
+ V_icmp6_redirtimeout = 10 * 60; /* 10 minutes */
+ V_icmp6errppslim = 100; /* 100pps */
+ /* control how to respond to NI queries */
+ V_icmp6_nodeinfo = (ICMP6_NODEINFO_FQDNOK|ICMP6_NODEINFO_NODEADDROK);
+
+ /* UDP on IP6 parameters */
+ V_udp6_sendspace = 9216; /* really max datagram size */
+ V_udp6_recvspace = 40 * (1024 + sizeof(struct sockaddr_in6));
+ /* 40 1K datagrams */
+ V_dad_init = 0;
+
#ifdef DIAGNOSTIC
if (sizeof(struct protosw) != sizeof(struct ip6protosw))
panic("sizeof(protosw) != sizeof(ip6protosw)");
Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/ip6_ipsec.c
==============================================================================
--- user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/ip6_ipsec.c Fri Dec 5 07:40:52 2008 (r185627)
+++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/ip6_ipsec.c Fri Dec 5 07:41:53 2008 (r185628)
@@ -72,6 +72,7 @@ __FBSDID("$FreeBSD$");
#include <netinet6/ip6_ipsec.h>
#include <netinet6/ip6_var.h>
+#include <netinet6/vinet6.h>
extern struct protosw inet6sw[];
Modified: user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/ip6_mroute.c
==============================================================================
--- user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/ip6_mroute.c Fri Dec 5 07:40:52 2008 (r185627)
+++ user/kmacy/HEAD_fast_multi_xmit/sys/netinet6/ip6_mroute.c Fri Dec 5 07:41:53 2008 (r185628)
@@ -107,10 +107,12 @@ __FBSDID("$FreeBSD$");
#include <net/if_types.h>
#include <net/raw_cb.h>
#include <net/route.h>
+#include <net/vnet.h>
#include <netinet/in.h>
#include <netinet/in_var.h>
#include <netinet/icmp6.h>
+#include <netinet/vinet.h>
#include <netinet/ip6.h>
#include <netinet6/ip6_var.h>
@@ -120,6 +122,7 @@ __FBSDID("$FreeBSD$");
#include <netinet6/ip6protosw.h>
#include <netinet6/pim6.h>
#include <netinet6/pim6_var.h>
+#include <netinet6/vinet6.h>
static MALLOC_DEFINE(M_MRTABLE6, "mf6c", "multicast forwarding cache entry");
@@ -129,6 +132,7 @@ static MALLOC_DEFINE(M_MRTABLE6, "mf6c",
static int ip6_mdq(struct mbuf *, struct ifnet *, struct mf6c *);
static void phyint_send(struct ip6_hdr *, struct mif6 *, struct mbuf *);
+static void pim6_init(void);
static int set_pim6(int *);
static int socket_send __P((struct socket *, struct mbuf *,
struct sockaddr_in6 *));
@@ -146,10 +150,13 @@ struct ip6protosw in6_pim_protosw = {
.pr_input = pim6_input,
.pr_output = rip6_output,
.pr_ctloutput = rip6_ctloutput,
+ .pr_init = pim6_init,
.pr_usrreqs = &rip6_usrreqs
};
-static int ip6_mrouter_ver = 0;
+#ifdef VIMAGE_GLOBALS
+static int ip6_mrouter_ver;
+#endif
SYSCTL_DECL(_net_inet6);
SYSCTL_DECL(_net_inet6_ip6);
@@ -177,7 +184,9 @@ SYSCTL_OPAQUE(_net_inet6_ip6, OID_AUTO,
"Multicast Interfaces (struct mif[MAXMIFS], netinet6/ip6_mroute.h)");
#ifdef MRT6DEBUG
+#ifdef VIMAGE_GLOBALS
static u_int mrt6debug = 0; /* debug level */
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-user
mailing list