svn commit: r253210 - in head/sys: conf netinet

Mikolaj Golub trociny at
Thu Jul 11 20:36:25 UTC 2013

Hi, Andre

On Thu, Jul 11, 2013 at 03:29:25PM +0000, Andre Oppermann wrote:
> Author: andre
> Date: Thu Jul 11 15:29:25 2013
> New Revision: 253210
> URL:
> Log:
>   Improve SYN cookies by encoding the MSS, WSCALE (window scaling) and SACK
>   information into the ISN (initial sequence number) without the additional
>   use of timestamp bits and switching to the very fast and cryptographically
>   strong SipHash-2-4 MAC hash algorithm to protect the SYN cookie against
>   forgeries.

It fails to build with VIMAGE:

cc  -c -O2 -pipe -fno-strict-aliasing  -std=c99 -g -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes  -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual  -Wundef -Wno-pointer-sign -fformat-extensions  -Wmissing-include-dirs -fdiagnostics-show-option  -Wno-error-tautological-compare -Wno-error-empty-body  -Wno-error-parentheses-equality  -nostdinc  -I. -I/home/golub/freebsd/base/head/sys -I/home/golub/freebsd/base/head/sys/contrib/altq -I/home/golub/freebsd/base/head/sys/contrib/libfdt -D_KERNEL -DHAVE_KERNEL_OPTION_HEADERS -include opt_global.h  -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -mno-aes -mno-avx -mcmodel=kernel -mno-red-zone -mno-mmx -mno-sse -msoft-float  -fno-asynchronous-unwind-tables -ffreestanding -fstack-protector -Werror  /home/golub/freebsd/base/head/sys/netinet/tcp_syncache.c
/home/golub/freebsd/base/head/sys/netinet/tcp_syncache.c:266:17: error: no member named 'vnet' in
      'struct tcp_syncache'
        V_tcp_syncache.vnet = curvnet;
        ~~~~~~~~~~~~~~ ^
/home/golub/freebsd/base/head/sys/netinet/tcp_syncache.c:438:27: error: no member named 'vnet' in
      'struct tcp_syncache'
                    ~~~~~~~~~~~  ^

> Modified: head/sys/netinet/tcp_syncache.h
> ==============================================================================
>  struct tcp_syncache {
> @@ -115,6 +118,19 @@ struct tcp_syncache {
>  	u_int	cache_limit;
>  	u_int	rexmt_limit;
>  	u_int	hash_secret;
> +	struct vnet *sch_vnet;

I think you meant here:

+	struct vnet *vnet;

Mikolaj Golub

More information about the svn-src-head mailing list