PERFORCE change 91534 for review
Robert Watson
rwatson at FreeBSD.org
Sat Feb 11 01:23:15 GMT 2006
http://perforce.freebsd.org/chv.cgi?CH=91534
Change 91534 by rwatson at rwatson_zoo on 2006/02/11 01:22:44
First pass at integrating trustedbsd_mac up to current TrustedBSD
base HEAD.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/netinet/if_ether.c#31 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/igmp.c#18 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/in.c#24 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/in.h#22 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/in_gif.c#15 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/in_pcb.c#36 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/in_proto.c#21 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/in_var.h#13 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_carp.c#9 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_dummynet.c#31 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_dummynet.h#15 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_fastfwd.c#14 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_fw.h#21 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_fw2.c#38 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_fw_pfil.c#6 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_gre.c#15 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_gre.h#5 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_icmp.c#34 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_input.c#52 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_ipsec.c#1 branch
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_ipsec.h#1 branch
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_mroute.c#32 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_mroute.h#8 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_options.c#1 add
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_options.h#1 branch
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_output.c#46 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_var.h#28 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/libalias/libalias.3#2 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/raw_ip.c#44 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/tcp_input.c#60 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/tcp_output.c#32 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/tcp_sack.c#9 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/tcp_syncache.c#35 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/tcp_usrreq.c#31 integrate
.. //depot/projects/trustedbsd/mac/sys/netinet/udp_usrreq.c#43 integrate
Differences ...
==== //depot/projects/trustedbsd/mac/sys/netinet/if_ether.c#31 (text+ko) ====
@@ -27,7 +27,7 @@
* SUCH DAMAGE.
*
* @(#)if_ether.c 8.1 (Berkeley) 6/10/93
- * $FreeBSD: src/sys/netinet/if_ether.c,v 1.145 2005/11/08 12:05:57 glebius Exp $
+ * $FreeBSD: src/sys/netinet/if_ether.c,v 1.150 2006/01/31 21:29:41 thompsa Exp $
*/
/*
@@ -81,9 +81,9 @@
static int arpt_keep = (20*60); /* once resolved, good for 20 more minutes */
SYSCTL_INT(_net_link_ether_inet, OID_AUTO, prune_intvl, CTLFLAG_RW,
- &arpt_prune, 0, "");
+ &arpt_prune, 0, "ARP table prune interval in seconds");
SYSCTL_INT(_net_link_ether_inet, OID_AUTO, max_age, CTLFLAG_RW,
- &arpt_keep, 0, "");
+ &arpt_keep, 0, "ARP entry lifetime in seconds");
#define rt_expire rt_rmx.rmx_expire
@@ -106,11 +106,11 @@
static struct callout arp_callout;
SYSCTL_INT(_net_link_ether_inet, OID_AUTO, maxtries, CTLFLAG_RW,
- &arp_maxtries, 0, "");
+ &arp_maxtries, 0, "ARP resolution attempts before returning error");
SYSCTL_INT(_net_link_ether_inet, OID_AUTO, useloopback, CTLFLAG_RW,
- &useloopback, 0, "");
+ &useloopback, 0, "Use the loopback interface for local traffic");
SYSCTL_INT(_net_link_ether_inet, OID_AUTO, proxyall, CTLFLAG_RW,
- &arp_proxyall, 0, "");
+ &arp_proxyall, 0, "Enable proxy ARP for all suitable requests");
static void arp_init(void);
static void arp_rtrequest(int, struct rtentry *, struct rt_addrinfo *);
@@ -570,6 +570,7 @@
*/
static int log_arp_wrong_iface = 1;
static int log_arp_movements = 1;
+static int log_arp_permanent_modify = 1;
SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_wrong_iface, CTLFLAG_RW,
&log_arp_wrong_iface, 0,
@@ -577,6 +578,9 @@
SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_movements, CTLFLAG_RW,
&log_arp_movements, 0,
"log arp replies from MACs different than the one in the cache");
+SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_permanent_modify, CTLFLAG_RW,
+ &log_arp_permanent_modify, 0,
+ "log arp replies from MACs different than the one in the permanent arp entry");
/*
* XXX: mbufs here require explicit MAC labeling on output.
@@ -629,7 +633,8 @@
* XXX: This is really ugly!
*/
LIST_FOREACH(ia, INADDR_HASH(itaddr.s_addr), ia_hash) {
- if ((bridged || (ia->ia_ifp == ifp)) &&
+ if (((bridged && ia->ia_ifp->if_type != IFT_BRIDGE) ||
+ (ia->ia_ifp == ifp)) &&
itaddr.s_addr == ia->ia_addr.sin_addr.s_addr)
goto match;
#ifdef DEV_CARP
@@ -642,7 +647,8 @@
#endif
}
LIST_FOREACH(ia, INADDR_HASH(isaddr.s_addr), ia_hash)
- if ((bridged || (ia->ia_ifp == ifp)) &&
+ if (((bridged && ia->ia_ifp->if_type != IFT_BRIDGE) ||
+ (ia->ia_ifp == ifp)) &&
isaddr.s_addr == ia->ia_addr.sin_addr.s_addr)
goto match;
/*
@@ -723,12 +729,13 @@
ifp->if_addrlen, (u_char *)ar_sha(ah), ":",
ifp->if_xname);
} else {
- log(LOG_ERR,
- "arp: %*D attempts to modify permanent entry for %s on %s\n",
- ifp->if_addrlen, (u_char *)ar_sha(ah), ":",
- inet_ntoa(isaddr), ifp->if_xname);
- RT_UNLOCK(rt);
- goto reply;
+ RT_UNLOCK(rt);
+ if (log_arp_permanent_modify)
+ log(LOG_ERR, "arp: %*D attempts to modify "
+ "permanent entry for %s on %s\n",
+ ifp->if_addrlen, (u_char *)ar_sha(ah), ":",
+ inet_ntoa(isaddr), ifp->if_xname);
+ goto reply;
}
}
/*
==== //depot/projects/trustedbsd/mac/sys/netinet/igmp.c#18 (text+ko) ====
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*
* @(#)igmp.c 8.1 (Berkeley) 7/19/93
- * $FreeBSD: src/sys/netinet/igmp.c,v 1.50 2005/11/02 13:46:31 andre Exp $
+ * $FreeBSD: src/sys/netinet/igmp.c,v 1.51 2005/11/18 20:12:39 andre Exp $
*/
/*
@@ -65,6 +65,7 @@
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/ip_var.h>
+#include <netinet/ip_options.h>
#include <netinet/igmp.h>
#include <netinet/igmp_var.h>
==== //depot/projects/trustedbsd/mac/sys/netinet/in.c#24 (text+ko) ====
@@ -28,7 +28,7 @@
* SUCH DAMAGE.
*
* @(#)in.c 8.4 (Berkeley) 1/9/95
- * $FreeBSD: src/sys/netinet/in.c,v 1.92 2005/10/28 20:29:42 glebius Exp $
+ * $FreeBSD: src/sys/netinet/in.c,v 1.93 2006/01/24 16:19:31 andre Exp $
*/
#include "opt_carp.h"
@@ -479,7 +479,8 @@
s = splnet();
TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link);
TAILQ_REMOVE(&in_ifaddrhead, ia, ia_link);
- LIST_REMOVE(ia, ia_hash);
+ if (ia->ia_addr.sin_family == AF_INET)
+ LIST_REMOVE(ia, ia_hash);
IFAFREE(&ia->ia_ifa);
splx(s);
==== //depot/projects/trustedbsd/mac/sys/netinet/in.h#22 (text+ko) ====
@@ -27,7 +27,7 @@
* SUCH DAMAGE.
*
* @(#)in.h 8.3 (Berkeley) 1/3/94
- * $FreeBSD: src/sys/netinet/in.h,v 1.93 2005/09/26 20:25:16 andre Exp $
+ * $FreeBSD: src/sys/netinet/in.h,v 1.95 2005/12/20 09:38:03 delphij Exp $
*/
#ifndef _NETINET_IN_H_
@@ -228,6 +228,7 @@
#define IPPROTO_APES 99 /* any private encr. scheme */
#define IPPROTO_GMTP 100 /* GMTP*/
#define IPPROTO_IPCOMP 108 /* payload compression (IPComp) */
+#define IPPROTO_SCTP 132 /* SCTP */
/* 101-254: Partly Unassigned */
#define IPPROTO_PIM 103 /* Protocol Independent Mcast */
#define IPPROTO_CARP 112 /* CARP */
==== //depot/projects/trustedbsd/mac/sys/netinet/in_gif.c#15 (text+ko) ====
@@ -1,4 +1,4 @@
-/* $FreeBSD: src/sys/netinet/in_gif.c,v 1.32 2005/11/09 13:29:15 ru Exp $ */
+/* $FreeBSD: src/sys/netinet/in_gif.c,v 1.34 2006/01/30 08:39:09 glebius Exp $ */
/* $KAME: in_gif.c,v 1.54 2001/05/14 14:02:16 itojun Exp $ */
/*-
@@ -100,9 +100,12 @@
struct sockaddr_in *sin_src = (struct sockaddr_in *)sc->gif_psrc;
struct sockaddr_in *sin_dst = (struct sockaddr_in *)sc->gif_pdst;
struct ip iphdr; /* capsule IP header, host byte ordered */
+ struct etherip_header eiphdr;
int proto, error;
u_int8_t tos;
+ GIF_LOCK_ASSERT(sc);
+
if (sin_src == NULL || sin_dst == NULL ||
sin_src->sin_family != AF_INET ||
sin_dst->sin_family != AF_INET) {
@@ -142,6 +145,20 @@
break;
}
#endif /* INET6 */
+ case AF_LINK:
+ proto = IPPROTO_ETHERIP;
+ eiphdr.eip_ver = ETHERIP_VERSION & ETHERIP_VER_VERS_MASK;
+ eiphdr.eip_pad = 0;
+ /* prepend Ethernet-in-IP header */
+ M_PREPEND(m, sizeof(struct etherip_header), M_DONTWAIT);
+ if (m && m->m_len < sizeof(struct etherip_header))
+ m = m_pullup(m, sizeof(struct etherip_header));
+ if (m == NULL)
+ return ENOBUFS;
+ bcopy(&eiphdr, mtod(m, struct etherip_header *),
+ sizeof(struct etherip_header));
+ break;
+
default:
#ifdef DEBUG
printf("in_gif_output: warning: unknown family %d passed\n",
@@ -302,6 +319,10 @@
break;
}
#endif /* INET6 */
+ case IPPROTO_ETHERIP:
+ af = AF_LINK;
+ break;
+
default:
ipstat.ips_nogif++;
m_freem(m);
==== //depot/projects/trustedbsd/mac/sys/netinet/in_pcb.c#36 (text+ko) ====
@@ -27,7 +27,7 @@
* SUCH DAMAGE.
*
* @(#)in_pcb.c 8.4 (Berkeley) 5/24/95
- * $FreeBSD: src/sys/netinet/in_pcb.c,v 1.166 2005/07/19 12:24:27 rwatson Exp $
+ * $FreeBSD: src/sys/netinet/in_pcb.c,v 1.168 2006/02/04 07:59:17 ume Exp $
*/
#include "opt_ipsec.h"
@@ -169,12 +169,9 @@
* Allocate a PCB and associate it with the socket.
*/
int
-in_pcballoc(so, pcbinfo, type)
- struct socket *so;
- struct inpcbinfo *pcbinfo;
- const char *type;
+in_pcballoc(struct socket *so, struct inpcbinfo *pcbinfo, const char *type)
{
- register struct inpcb *inp;
+ struct inpcb *inp;
int error;
INP_INFO_WLOCK_ASSERT(pcbinfo);
@@ -226,10 +223,7 @@
}
int
-in_pcbbind(inp, nam, cred)
- register struct inpcb *inp;
- struct sockaddr *nam;
- struct ucred *cred;
+in_pcbbind(struct inpcb *inp, struct sockaddr *nam, struct ucred *cred)
{
int anonport, error;
@@ -264,12 +258,8 @@
* On error, the values of *laddrp and *lportp are not changed.
*/
int
-in_pcbbind_setup(inp, nam, laddrp, lportp, cred)
- struct inpcb *inp;
- struct sockaddr *nam;
- in_addr_t *laddrp;
- u_short *lportp;
- struct ucred *cred;
+in_pcbbind_setup(struct inpcb *inp, struct sockaddr *nam, in_addr_t *laddrp,
+ u_short *lportp, struct ucred *cred)
{
struct socket *so = inp->inp_socket;
unsigned short *lastport;
@@ -486,10 +476,7 @@
* then pick one.
*/
int
-in_pcbconnect(inp, nam, cred)
- register struct inpcb *inp;
- struct sockaddr *nam;
- struct ucred *cred;
+in_pcbconnect(struct inpcb *inp, struct sockaddr *nam, struct ucred *cred)
{
u_short lport, fport;
in_addr_t laddr, faddr;
@@ -548,15 +535,9 @@
* is set to NULL.
*/
int
-in_pcbconnect_setup(inp, nam, laddrp, lportp, faddrp, fportp, oinpp, cred)
- register struct inpcb *inp;
- struct sockaddr *nam;
- in_addr_t *laddrp;
- u_short *lportp;
- in_addr_t *faddrp;
- u_short *fportp;
- struct inpcb **oinpp;
- struct ucred *cred;
+in_pcbconnect_setup(struct inpcb *inp, struct sockaddr *nam,
+ in_addr_t *laddrp, u_short *lportp, in_addr_t *faddrp, u_short *fportp,
+ struct inpcb **oinpp, struct ucred *cred)
{
struct sockaddr_in *sin = (struct sockaddr_in *)nam;
struct in_ifaddr *ia;
@@ -689,8 +670,7 @@
}
void
-in_pcbdisconnect(inp)
- struct inpcb *inp;
+in_pcbdisconnect(struct inpcb *inp)
{
INP_INFO_WLOCK_ASSERT(inp->inp_pcbinfo);
@@ -707,8 +687,7 @@
}
void
-in_pcbdetach(inp)
- struct inpcb *inp;
+in_pcbdetach(struct inpcb *inp)
{
struct socket *so = inp->inp_socket;
struct inpcbinfo *ipi = inp->inp_pcbinfo;
@@ -739,9 +718,7 @@
}
struct sockaddr *
-in_sockaddr(port, addr_p)
- in_port_t port;
- struct in_addr *addr_p;
+in_sockaddr(in_port_t port, struct in_addr *addr_p)
{
struct sockaddr_in *sin;
@@ -764,12 +741,10 @@
* because there actually /is/ a programming error somewhere... XXX)
*/
int
-in_setsockaddr(so, nam, pcbinfo)
- struct socket *so;
- struct sockaddr **nam;
- struct inpcbinfo *pcbinfo;
+in_setsockaddr(struct socket *so, struct sockaddr **nam,
+ struct inpcbinfo *pcbinfo)
{
- register struct inpcb *inp;
+ struct inpcb *inp;
struct in_addr addr;
in_port_t port;
@@ -793,12 +768,10 @@
* The wrapper function will pass down the pcbinfo for this function to lock.
*/
int
-in_setpeeraddr(so, nam, pcbinfo)
- struct socket *so;
- struct sockaddr **nam;
- struct inpcbinfo *pcbinfo;
+in_setpeeraddr(struct socket *so, struct sockaddr **nam,
+ struct inpcbinfo *pcbinfo)
{
- register struct inpcb *inp;
+ struct inpcb *inp;
struct in_addr addr;
in_port_t port;
@@ -819,11 +792,8 @@
}
void
-in_pcbnotifyall(pcbinfo, faddr, errno, notify)
- struct inpcbinfo *pcbinfo;
- struct in_addr faddr;
- int errno;
- struct inpcb *(*notify)(struct inpcb *, int);
+in_pcbnotifyall(struct inpcbinfo *pcbinfo, struct in_addr faddr, int errno,
+ struct inpcb *(*notify)(struct inpcb *, int))
{
struct inpcb *inp, *ninp;
struct inpcbhead *head;
@@ -851,9 +821,7 @@
}
void
-in_pcbpurgeif0(pcbinfo, ifp)
- struct inpcbinfo *pcbinfo;
- struct ifnet *ifp;
+in_pcbpurgeif0(struct inpcbinfo *pcbinfo, struct ifnet *ifp)
{
struct inpcb *inp;
struct ip_moptions *imo;
@@ -895,15 +863,18 @@
/*
* Lookup a PCB based on the local address and port.
*/
+#define INP_LOOKUP_MAPPED_PCB_COST 3
struct inpcb *
-in_pcblookup_local(pcbinfo, laddr, lport_arg, wild_okay)
- struct inpcbinfo *pcbinfo;
- struct in_addr laddr;
- u_int lport_arg;
- int wild_okay;
+in_pcblookup_local(struct inpcbinfo *pcbinfo, struct in_addr laddr,
+ u_int lport_arg, int wild_okay)
{
- register struct inpcb *inp;
- int matchwild = 3, wildcard;
+ struct inpcb *inp;
+#ifdef INET6
+ int matchwild = 3 + INP_LOOKUP_MAPPED_PCB_COST;
+#else
+ int matchwild = 3;
+#endif
+ int wildcard;
u_short lport = lport_arg;
INP_INFO_WLOCK_ASSERT(pcbinfo);
@@ -960,6 +931,21 @@
#ifdef INET6
if ((inp->inp_vflag & INP_IPV4) == 0)
continue;
+ /*
+ * We never select the PCB that has
+ * INP_IPV6 flag and is bound to :: if
+ * we have another PCB which is bound
+ * to 0.0.0.0. If a PCB has the
+ * INP_IPV6 flag, then we set its cost
+ * higher than IPv4 only PCBs.
+ *
+ * Note that the case only happens
+ * when a socket is bound to ::, under
+ * the condition that the use of the
+ * mapped address is allowed.
+ */
+ if ((inp->inp_vflag & INP_IPV6) != 0)
+ wildcard += INP_LOOKUP_MAPPED_PCB_COST;
#endif
/*
* Clean out old time_wait sockets if they
@@ -996,21 +982,18 @@
return (match);
}
}
+#undef INP_LOOKUP_MAPPED_PCB_COST
/*
* Lookup PCB in hash list.
*/
struct inpcb *
-in_pcblookup_hash(pcbinfo, faddr, fport_arg, laddr, lport_arg, wildcard,
- ifp)
- struct inpcbinfo *pcbinfo;
- struct in_addr faddr, laddr;
- u_int fport_arg, lport_arg;
- int wildcard;
- struct ifnet *ifp;
+in_pcblookup_hash(struct inpcbinfo *pcbinfo, struct in_addr faddr,
+ u_int fport_arg, struct in_addr laddr, u_int lport_arg, int wildcard,
+ struct ifnet *ifp)
{
struct inpcbhead *head;
- register struct inpcb *inp;
+ struct inpcb *inp;
u_short fport = fport_arg, lport = lport_arg;
INP_INFO_RLOCK_ASSERT(pcbinfo);
@@ -1080,8 +1063,7 @@
* Insert PCB onto various hash lists.
*/
int
-in_pcbinshash(inp)
- struct inpcb *inp;
+in_pcbinshash(struct inpcb *inp)
{
struct inpcbhead *pcbhash;
struct inpcbporthead *pcbporthash;
@@ -1135,8 +1117,7 @@
* not change after in_pcbinshash() has been called.
*/
void
-in_pcbrehash(inp)
- struct inpcb *inp;
+in_pcbrehash(struct inpcb *inp)
{
struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
struct inpcbhead *head;
@@ -1162,8 +1143,7 @@
* Remove PCB from various lists.
*/
void
-in_pcbremlists(inp)
- struct inpcb *inp;
+in_pcbremlists(struct inpcb *inp)
{
struct inpcbinfo *pcbinfo = inp->inp_pcbinfo;
@@ -1190,8 +1170,7 @@
* label change into the in_pcb for the socket.
*/
void
-in_pcbsosetlabel(so)
- struct socket *so;
+in_pcbsosetlabel(struct socket *so)
{
#ifdef MAC
struct inpcb *inp;
@@ -1215,8 +1194,7 @@
*/
void
-ipport_tick(xtp)
- void *xtp;
+ipport_tick(void *xtp)
{
if (ipport_tcpallocs > ipport_tcplastcount + ipport_randomcps) {
ipport_stoprandom = ipport_randomtime;
==== //depot/projects/trustedbsd/mac/sys/netinet/in_proto.c#21 (text+ko) ====
@@ -27,7 +27,7 @@
* SUCH DAMAGE.
*
* @(#)in_proto.c 8.2 (Berkeley) 2/9/95
- * $FreeBSD: src/sys/netinet/in_proto.c,v 1.80 2005/11/09 13:29:15 ru Exp $
+ * $FreeBSD: src/sys/netinet/in_proto.c,v 1.81 2005/12/21 21:29:45 thompsa Exp $
*/
#include "opt_ipx.h"
@@ -260,6 +260,16 @@
{
.pr_type = SOCK_RAW,
.pr_domain = &inetdomain,
+ .pr_protocol = IPPROTO_ETHERIP,
+ .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR,
+ .pr_input = encap4_input,
+ .pr_ctloutput = rip_ctloutput,
+ .pr_init = encap_init,
+ .pr_usrreqs = &rip_usrreqs
+},
+{
+ .pr_type = SOCK_RAW,
+ .pr_domain = &inetdomain,
.pr_protocol = IPPROTO_GRE,
.pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR,
.pr_input = encap4_input,
==== //depot/projects/trustedbsd/mac/sys/netinet/in_var.h#13 (text+ko) ====
@@ -27,7 +27,7 @@
* SUCH DAMAGE.
*
* @(#)in_var.h 8.2 (Berkeley) 1/9/95
- * $FreeBSD: src/sys/netinet/in_var.h,v 1.55 2005/08/03 19:29:46 rwatson Exp $
+ * $FreeBSD: src/sys/netinet/in_var.h,v 1.56 2006/01/18 14:24:39 andre Exp $
*/
#ifndef _NETINET_IN_VAR_H_
@@ -242,7 +242,7 @@
void ip_input(struct mbuf *);
int in_ifadown(struct ifaddr *ifa, int);
void in_ifscrub(struct ifnet *, struct in_ifaddr *);
-int ip_fastforward(struct mbuf *);
+struct mbuf *ip_fastforward(struct mbuf *);
#endif /* _KERNEL */
==== //depot/projects/trustedbsd/mac/sys/netinet/ip_carp.c#9 (text+ko) ====
@@ -1,4 +1,4 @@
-/* $FreeBSD: src/sys/netinet/ip_carp.c,v 1.35 2005/11/08 20:08:34 thompsa Exp $ */
+/* $FreeBSD: src/sys/netinet/ip_carp.c,v 1.38 2005/11/17 12:56:40 glebius Exp $ */
/*
* Copyright (c) 2002 Michael Shalayeff. All rights reserved.
@@ -59,6 +59,7 @@
#include <net/iso88025.h>
#include <net/if.h>
#include <net/if_clone.h>
+#include <net/if_dl.h>
#include <net/if_types.h>
#include <net/route.h>
@@ -78,7 +79,6 @@
#include <netinet6/ip6_var.h>
#include <netinet6/scope6_var.h>
#include <netinet6/nd6.h>
-#include <net/if_dl.h>
#endif
#include <crypto/sha1.h>
@@ -1049,8 +1049,8 @@
if (ifa->ifa_addr->sa_family != AF_INET)
continue;
-/* arprequest(sc->sc_carpdev, &in, &in, IFP2ENADDR(sc->sc_ifp)); */
- arp_ifinit2(sc->sc_carpdev, ifa, IFP2ENADDR(sc->sc_ifp));
+/* arprequest(sc->sc_carpdev, &in, &in, IF_LLADDR(sc->sc_ifp)); */
+ arp_ifinit2(sc->sc_carpdev, ifa, IF_LLADDR(sc->sc_ifp));
DELAY(1000); /* XXX */
}
@@ -1145,7 +1145,7 @@
if (count == index) {
if (vh->sc_state ==
MASTER) {
- *enaddr = IFP2ENADDR(vh->sc_ifp);
+ *enaddr = IF_LLADDR(vh->sc_ifp);
CARP_UNLOCK(cif);
return (1);
} else {
@@ -1162,8 +1162,9 @@
TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) {
if ((SC2IFP(vh)->if_flags & IFF_UP) &&
(SC2IFP(vh)->if_drv_flags & IFF_DRV_RUNNING) &&
- ia->ia_ifp == SC2IFP(vh)) {
- *enaddr = IFP2ENADDR(vh->sc_ifp);
+ ia->ia_ifp == SC2IFP(vh) &&
+ vh->sc_state == MASTER) {
+ *enaddr = IF_LLADDR(vh->sc_ifp);
CARP_UNLOCK(cif);
return (1);
}
@@ -1187,7 +1188,8 @@
if (IN6_ARE_ADDR_EQUAL(taddr,
&ifatoia6(ifa)->ia_addr.sin6_addr) &&
(SC2IFP(vh)->if_flags & IFF_UP) &&
- (SC2IFP(vh)->if_drv_flags & IFF_DRV_RUNNING)) {
+ (SC2IFP(vh)->if_drv_flags & IFF_DRV_RUNNING) &&
+ vh->sc_state == MASTER) {
CARP_UNLOCK(cif);
return (ifa);
}
@@ -1219,14 +1221,14 @@
if (mtag == NULL) {
/* better a bit than nothing */
CARP_UNLOCK(cif);
- return (IFP2ENADDR(sc->sc_ifp));
+ return (IF_LLADDR(sc->sc_ifp));
}
bcopy(&ifp, (caddr_t)(mtag + 1),
sizeof(struct ifnet *));
m_tag_prepend(m, mtag);
CARP_UNLOCK(cif);
- return (IFP2ENADDR(sc->sc_ifp));
+ return (IF_LLADDR(sc->sc_ifp));
}
}
}
@@ -1251,7 +1253,7 @@
if ((SC2IFP(vh)->if_flags & IFF_UP) &&
(SC2IFP(vh)->if_drv_flags & IFF_DRV_RUNNING) &&
vh->sc_state == MASTER &&
- !bcmp(dhost, IFP2ENADDR(vh->sc_ifp), ETHER_ADDR_LEN)) {
+ !bcmp(dhost, IF_LLADDR(vh->sc_ifp), ETHER_ADDR_LEN)) {
CARP_UNLOCK(cif);
return (SC2IFP(vh));
}
@@ -1863,12 +1865,12 @@
return EEXIST;
}
sc->sc_vhid = carpr.carpr_vhid;
- IFP2ENADDR(sc->sc_ifp)[0] = 0;
- IFP2ENADDR(sc->sc_ifp)[1] = 0;
- IFP2ENADDR(sc->sc_ifp)[2] = 0x5e;
- IFP2ENADDR(sc->sc_ifp)[3] = 0;
- IFP2ENADDR(sc->sc_ifp)[4] = 1;
- IFP2ENADDR(sc->sc_ifp)[5] = sc->sc_vhid;
+ IF_LLADDR(sc->sc_ifp)[0] = 0;
+ IF_LLADDR(sc->sc_ifp)[1] = 0;
+ IF_LLADDR(sc->sc_ifp)[2] = 0x5e;
+ IF_LLADDR(sc->sc_ifp)[3] = 0;
+ IF_LLADDR(sc->sc_ifp)[4] = 1;
+ IF_LLADDR(sc->sc_ifp)[5] = sc->sc_vhid;
error--;
}
if (carpr.carpr_advbase > 0 || carpr.carpr_advskew > 0) {
==== //depot/projects/trustedbsd/mac/sys/netinet/ip_dummynet.c#31 (text+ko) ====
@@ -24,7 +24,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/sys/netinet/ip_dummynet.c,v 1.95 2005/09/27 18:10:42 mlaier Exp $
+ * $FreeBSD: src/sys/netinet/ip_dummynet.c,v 1.98 2006/02/03 11:38:19 glebius Exp $
*/
#define DUMMYNET_DEBUG
@@ -115,15 +115,20 @@
static struct dn_heap ready_heap, extract_heap, wfq_ready_heap ;
-static int heap_init(struct dn_heap *h, int size) ;
-static int heap_insert (struct dn_heap *h, dn_key key1, void *p);
-static void heap_extract(struct dn_heap *h, void *obj);
+static int heap_init(struct dn_heap *h, int size);
+static int heap_insert (struct dn_heap *h, dn_key key1, void *p);
+static void heap_extract(struct dn_heap *h, void *obj);
+static void transmit_event(struct dn_pipe *pipe, struct mbuf **head,
+ struct mbuf **tail);
+static void ready_event(struct dn_flow_queue *q, struct mbuf **head,
+ struct mbuf **tail);
+static void ready_event_wfq(struct dn_pipe *p, struct mbuf **head,
+ struct mbuf **tail);
-static void transmit_event(struct dn_pipe *pipe);
-static void ready_event(struct dn_flow_queue *q);
-
-static struct dn_pipe *all_pipes = NULL ; /* list of all pipes */
-static struct dn_flow_set *all_flow_sets = NULL ;/* list of all flow_sets */
+#define HASHSIZE 16
+#define HASH(num) ((((num) >> 8) ^ ((num) >> 4) ^ (num)) & 0x0f)
+static struct dn_pipe_head pipehash[HASHSIZE]; /* all pipes */
+static struct dn_flow_set_head flowsethash[HASHSIZE]; /* all flowsets */
static struct callout dn_timeout;
@@ -189,12 +194,11 @@
static void dummynet(void *);
static void dummynet_flush(void);
+static void dummynet_send(struct mbuf *);
void dummynet_drain(void);
static ip_dn_io_t dummynet_io;
static void dn_rule_delete(void *);
-int if_tx_rdy(struct ifnet *ifp);
-
/*
* Heap management functions.
*
@@ -436,89 +440,37 @@
* invocations of the procedures.
*/
static void
-transmit_event(struct dn_pipe *pipe)
+transmit_event(struct dn_pipe *pipe, struct mbuf **head, struct mbuf **tail)
{
- struct mbuf *m ;
- struct dn_pkt_tag *pkt ;
- struct ip *ip;
+ struct mbuf *m;
+ struct dn_pkt_tag *pkt;
- DUMMYNET_LOCK_ASSERT();
+ DUMMYNET_LOCK_ASSERT();
- while ( (m = pipe->head) ) {
- pkt = dn_tag_get(m);
- if ( !DN_KEY_LEQ(pkt->output_time, curr_time) )
- break;
- /*
- * first unlink, then call procedures, since ip_input() can invoke
- * ip_output() and viceversa, thus causing nested calls
- */
- pipe->head = m->m_nextpkt ;
- m->m_nextpkt = NULL;
+ while ((m = pipe->head) != NULL) {
+ pkt = dn_tag_get(m);
+ if (!DN_KEY_LEQ(pkt->output_time, curr_time))
+ break;
- /* XXX: drop the lock for now to avoid LOR's */
- DUMMYNET_UNLOCK();
- switch (pkt->dn_dir) {
- case DN_TO_IP_OUT:
- (void)ip_output(m, NULL, NULL, pkt->flags, NULL, NULL);
- break ;
+ pipe->head = m->m_nextpkt;
+ if (*tail != NULL)
+ (*tail)->m_nextpkt = m;
+ else
+ *head = m;
+ *tail = m;
+ }
+ if (*tail != NULL)
+ (*tail)->m_nextpkt = NULL;
- case DN_TO_IP_IN :
- ip = mtod(m, struct ip *);
- ip->ip_len = htons(ip->ip_len);
- ip->ip_off = htons(ip->ip_off);
- ip_input(m) ;
- break ;
-
-#ifdef INET6
- case DN_TO_IP6_IN:
- ip6_input(m) ;
- break ;
-
- case DN_TO_IP6_OUT:
- (void)ip6_output(m, NULL, NULL, pkt->flags, NULL, NULL, NULL);
- break ;
-#endif
-
- case DN_TO_IFB_FWD:
- if (bridge_dn_p != NULL)
- ((*bridge_dn_p)(m, pkt->ifp));
- else
- printf("dummynet: if_bridge not loaded\n");
-
- break;
-
- case DN_TO_ETH_DEMUX:
- /*
- * The Ethernet code assumes the Ethernet header is
- * contiguous in the first mbuf header. Insure this is true.
- */
- if (m->m_len < ETHER_HDR_LEN &&
- (m = m_pullup(m, ETHER_HDR_LEN)) == NULL) {
- printf("dummynet/ether: pullup fail, dropping pkt\n");
- break;
- }
- ether_demux(m->m_pkthdr.rcvif, m); /* which consumes the mbuf */
- break ;
-
- case DN_TO_ETH_OUT:
- ether_output_frame(pkt->ifp, m);
- break;
-
- default:
- printf("dummynet: bad switch %d!\n", pkt->dn_dir);
- m_freem(m);
- break ;
+ /* If there are leftover packets, put into the heap for next event. */
+ if ((m = pipe->head) != NULL) {
+ pkt = dn_tag_get(m);
+ /*
+ * XXX: Should check errors on heap_insert, by draining the
+ * whole pipe p and hoping in the future we are more successful.
+ */
+ heap_insert(&extract_heap, pkt->output_time, pipe);
}
- DUMMYNET_LOCK();
- }
- /* if there are leftover packets, put into the heap for next event */
- if ( (m = pipe->head) ) {
- pkt = dn_tag_get(m) ;
- /* XXX should check errors on heap_insert, by draining the
- * whole pipe p and hoping in the future we are more successful
- */
- heap_insert(&extract_heap, pkt->output_time, pipe ) ;
- }
}
/*
@@ -562,7 +514,7 @@
* if there are leftover packets reinsert the pkt in the scheduler.
*/
static void
-ready_event(struct dn_flow_queue *q)
+ready_event(struct dn_flow_queue *q, struct mbuf **head, struct mbuf **tail)
{
struct mbuf *pkt;
struct dn_pipe *p = q->fs->pipe ;
@@ -612,11 +564,11 @@
q->numbytes = 0;
}
/*
- * If the delay line was empty call transmit_event(p) now.
+ * If the delay line was empty call transmit_event() now.
* Otherwise, the scheduler will take care of it.
*/
if (p_was_empty)
- transmit_event(p);
+ transmit_event(p, head, tail);
}
/*
@@ -628,7 +580,7 @@
* there is an additional delay.
*/
static void
-ready_event_wfq(struct dn_pipe *p)
+ready_event_wfq(struct dn_pipe *p, struct mbuf **head, struct mbuf **tail)
{
int p_was_empty = (p->head == NULL) ;
struct dn_heap *sch = &(p->scheduler_heap);
@@ -736,11 +688,11 @@
*/
}
/*
- * If the delay line was empty call transmit_event(p) now.
+ * If the delay line was empty call transmit_event() now.
* Otherwise, the scheduler will take care of it.
*/
if (p_was_empty)
- transmit_event(p);
+ transmit_event(p, head, tail);
}
/*
@@ -750,11 +702,12 @@
static void
dummynet(void * __unused unused)
{
- void *p ; /* generic parameter to handler */
- struct dn_heap *h ;
+ struct mbuf *head = NULL, *tail = NULL;
+ struct dn_pipe *pipe;
struct dn_heap *heaps[3];
+ struct dn_heap *h;
+ void *p; /* generic parameter to handler */
int i;
- struct dn_pipe *pe ;
heaps[0] = &ready_heap ; /* fixed-rate queues */
heaps[1] = &wfq_ready_heap ; /* wfq queues */
@@ -771,63 +724,98 @@
p = h->p[0].object ; /* store a copy before heap_extract */
heap_extract(h, NULL); /* need to extract before processing */
if (i == 0)
- ready_event(p) ;
+ ready_event(p, &head, &tail);
else if (i == 1) {
struct dn_pipe *pipe = p;
if (pipe->if_name[0] != '\0')
printf("dummynet: bad ready_event_wfq for pipe %s\n",
pipe->if_name);
else
- ready_event_wfq(p) ;
+ ready_event_wfq(p, &head, &tail);
} else
- transmit_event(p);
+ transmit_event(p, &head, &tail);
}
}
- /* sweep pipes trying to expire idle flow_queues */
- for (pe = all_pipes; pe ; pe = pe->next )
- if (pe->idle_heap.elements > 0 &&
- DN_KEY_LT(pe->idle_heap.p[0].key, pe->V) ) {
- struct dn_flow_queue *q = pe->idle_heap.p[0].object ;
+ /* Sweep pipes trying to expire idle flow_queues. */
+ for (i = 0; i < HASHSIZE; i++)
+ SLIST_FOREACH(pipe, &pipehash[i], next)
+ if (pipe->idle_heap.elements > 0 &&
+ DN_KEY_LT(pipe->idle_heap.p[0].key, pipe->V) ) {
+ struct dn_flow_queue *q = pipe->idle_heap.p[0].object;
+
+ heap_extract(&(pipe->idle_heap), NULL);
+ q->S = q->F + 1; /* Mark timestamp as invalid. */
+ pipe->sum -= q->fs->weight;
+ }
- heap_extract(&(pe->idle_heap), NULL);
- q->S = q->F + 1 ; /* mark timestamp as invalid */
- pe->sum -= q->fs->weight ;
- }
DUMMYNET_UNLOCK();
+ if (head != NULL)
+ dummynet_send(head);
+
callout_reset(&dn_timeout, 1, dummynet, NULL);
}
-/*
- * called by an interface when tx_rdy occurs.
- */
>>> TRUNCATED FOR MAIL (1000 lines) <<<
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list