svn commit: r356527 - in head/sys: dev/cxgbe/tom netinet netinet/tcp_stacks netinet6
Bjoern A. Zeeb
bz at FreeBSD.org
Wed Jan 8 23:30:29 UTC 2020
Author: bz
Date: Wed Jan 8 23:30:26 2020
New Revision: 356527
URL: https://svnweb.freebsd.org/changeset/base/356527
Log:
vnet: virtualise more network stack sysctls.
Virtualise tcp_always_keepalive, TCP and UDP log_in_vain. All three are
set in the netoptions startup script, which we would love to run for VNETs
as well [1].
While virtualising the log_in_vain sysctls seems pointles at first for as
long as the kernel message buffer is not virtualised, it at least allows
an administrator to debug the base system or an individual jail if needed
without turning the logging on for all jails running on a system.
PR: 243193 [1]
MFC after: 2 weeks
Modified:
head/sys/dev/cxgbe/tom/t4_tom.c
head/sys/netinet/tcp_input.c
head/sys/netinet/tcp_stacks/bbr.c
head/sys/netinet/tcp_stacks/rack.c
head/sys/netinet/tcp_subr.c
head/sys/netinet/tcp_timer.c
head/sys/netinet/tcp_timer.h
head/sys/netinet/tcp_var.h
head/sys/netinet/udp_usrreq.c
head/sys/netinet/udp_var.h
head/sys/netinet6/udp6_usrreq.c
Modified: head/sys/dev/cxgbe/tom/t4_tom.c
==============================================================================
--- head/sys/dev/cxgbe/tom/t4_tom.c Wed Jan 8 23:06:13 2020 (r356526)
+++ head/sys/dev/cxgbe/tom/t4_tom.c Wed Jan 8 23:30:26 2020 (r356527)
@@ -1146,7 +1146,7 @@ init_conn_params(struct vi_info *vi , struct offload_s
cp->nagle = tp->t_flags & TF_NODELAY ? 0 : 1;
/* TCP Keepalive. */
- if (tcp_always_keepalive || so_options_get(so) & SO_KEEPALIVE)
+ if (V_tcp_always_keepalive || so_options_get(so) & SO_KEEPALIVE)
cp->keepalive = 1;
else
cp->keepalive = 0;
Modified: head/sys/netinet/tcp_input.c
==============================================================================
--- head/sys/netinet/tcp_input.c Wed Jan 8 23:06:13 2020 (r356526)
+++ head/sys/netinet/tcp_input.c Wed Jan 8 23:30:26 2020 (r356527)
@@ -132,9 +132,9 @@ __FBSDID("$FreeBSD$");
const int tcprexmtthresh = 3;
-int tcp_log_in_vain = 0;
-SYSCTL_INT(_net_inet_tcp, OID_AUTO, log_in_vain, CTLFLAG_RW,
- &tcp_log_in_vain, 0,
+VNET_DEFINE(int, tcp_log_in_vain) = 0;
+SYSCTL_INT(_net_inet_tcp, OID_AUTO, log_in_vain, CTLFLAG_VNET | CTLFLAG_RW,
+ &VNET_NAME(tcp_log_in_vain), 0,
"Log all incoming TCP segments to closed ports");
VNET_DEFINE(int, blackhole) = 0;
@@ -892,8 +892,8 @@ findpcb:
* Log communication attempts to ports that are not
* in use.
*/
- if ((tcp_log_in_vain == 1 && (thflags & TH_SYN)) ||
- tcp_log_in_vain == 2) {
+ if ((V_tcp_log_in_vain == 1 && (thflags & TH_SYN)) ||
+ V_tcp_log_in_vain == 2) {
if ((s = tcp_log_vain(NULL, th, (void *)ip, ip6)))
log(LOG_INFO, "%s; %s: Connection attempt "
"to closed port\n", s, __func__);
Modified: head/sys/netinet/tcp_stacks/bbr.c
==============================================================================
--- head/sys/netinet/tcp_stacks/bbr.c Wed Jan 8 23:06:13 2020 (r356526)
+++ head/sys/netinet/tcp_stacks/bbr.c Wed Jan 8 23:30:26 2020 (r356527)
@@ -835,7 +835,7 @@ bbr_start_hpts_timer(struct tcp_bbr *bbr, struct tcpcb
*/
if ((hpts_timeout == 0) &&
(slot == 0)) {
- if ((tcp_always_keepalive || inp->inp_socket->so_options & SO_KEEPALIVE) &&
+ if ((V_tcp_always_keepalive || inp->inp_socket->so_options & SO_KEEPALIVE) &&
(tp->t_state <= TCPS_CLOSING)) {
/*
* Ok we have no timer (persists, rack, tlp, rxt or
@@ -998,7 +998,7 @@ bbr_timer_audit(struct tcpcb *tp, struct tcp_bbr *bbr,
* (and the hptsi timer).
*/
return;
- } else if (((tcp_always_keepalive ||
+ } else if (((V_tcp_always_keepalive ||
inp->inp_socket->so_options & SO_KEEPALIVE) &&
(tp->t_state <= TCPS_CLOSING)) &&
(tmr_up == PACE_TMR_KEEP) &&
@@ -4919,7 +4919,7 @@ bbr_timeout_keepalive(struct tcpcb *tp, struct tcp_bbr
TCPSTAT_INC(tcps_keeptimeo);
if (tp->t_state < TCPS_ESTABLISHED)
goto dropit;
- if ((tcp_always_keepalive || inp->inp_socket->so_options & SO_KEEPALIVE) &&
+ if ((V_tcp_always_keepalive || inp->inp_socket->so_options & SO_KEEPALIVE) &&
tp->t_state <= TCPS_CLOSING) {
if (ticks - tp->t_rcvtime >= TP_KEEPIDLE(tp) + TP_MAXIDLE(tp))
goto dropit;
@@ -11790,7 +11790,7 @@ bbr_do_segment_nounlock(struct mbuf *m, struct tcphdr
((bbr->r_ctl.rc_hpts_flags & PACE_TMR_MASK) == 0) &&
(SEQ_GT(tp->snd_max, tp->snd_una) ||
(tp->t_flags & TF_DELACK) ||
- ((tcp_always_keepalive || bbr->rc_inp->inp_socket->so_options & SO_KEEPALIVE) &&
+ ((V_tcp_always_keepalive || bbr->rc_inp->inp_socket->so_options & SO_KEEPALIVE) &&
(tp->t_state <= TCPS_CLOSING)))) {
/*
* We could not send (probably in the hpts but
Modified: head/sys/netinet/tcp_stacks/rack.c
==============================================================================
--- head/sys/netinet/tcp_stacks/rack.c Wed Jan 8 23:06:13 2020 (r356526)
+++ head/sys/netinet/tcp_stacks/rack.c Wed Jan 8 23:30:26 2020 (r356527)
@@ -2450,7 +2450,7 @@ rack_start_hpts_timer(struct tcp_rack *rack, struct tc
*/
if ((hpts_timeout == 0) &&
(slot == 0)) {
- if ((tcp_always_keepalive || inp->inp_socket->so_options & SO_KEEPALIVE) &&
+ if ((V_tcp_always_keepalive || inp->inp_socket->so_options & SO_KEEPALIVE) &&
(tp->t_state <= TCPS_CLOSING)) {
/*
* Ok we have no timer (persists, rack, tlp, rxt or
@@ -3022,7 +3022,7 @@ rack_timeout_keepalive(struct tcpcb *tp, struct tcp_ra
TCPSTAT_INC(tcps_keeptimeo);
if (tp->t_state < TCPS_ESTABLISHED)
goto dropit;
- if ((tcp_always_keepalive || inp->inp_socket->so_options & SO_KEEPALIVE) &&
+ if ((V_tcp_always_keepalive || inp->inp_socket->so_options & SO_KEEPALIVE) &&
tp->t_state <= TCPS_CLOSING) {
if (ticks - tp->t_rcvtime >= TP_KEEPIDLE(tp) + TP_MAXIDLE(tp))
goto dropit;
@@ -7576,7 +7576,7 @@ rack_timer_audit(struct tcpcb *tp, struct tcp_rack *ra
* of nothing outstanding and the RXT up (and the hptsi timer).
*/
return;
- } else if (((tcp_always_keepalive ||
+ } else if (((V_tcp_always_keepalive ||
rack->rc_inp->inp_socket->so_options & SO_KEEPALIVE) &&
(tp->t_state <= TCPS_CLOSING)) &&
(tmr_up == PACE_TMR_KEEP) &&
@@ -7867,7 +7867,7 @@ rack_do_segment_nounlock(struct mbuf *m, struct tcphdr
((rack->r_ctl.rc_hpts_flags & PACE_TMR_MASK) == 0) &&
(SEQ_GT(tp->snd_max, tp->snd_una) ||
(tp->t_flags & TF_DELACK) ||
- ((tcp_always_keepalive || rack->rc_inp->inp_socket->so_options & SO_KEEPALIVE) &&
+ ((V_tcp_always_keepalive || rack->rc_inp->inp_socket->so_options & SO_KEEPALIVE) &&
(tp->t_state <= TCPS_CLOSING)))) {
/* We could not send (probably in the hpts but stopped the timer earlier)? */
if ((tp->snd_max == tp->snd_una) &&
Modified: head/sys/netinet/tcp_subr.c
==============================================================================
--- head/sys/netinet/tcp_subr.c Wed Jan 8 23:06:13 2020 (r356526)
+++ head/sys/netinet/tcp_subr.c Wed Jan 8 23:30:26 2020 (r356527)
@@ -3283,7 +3283,7 @@ tcp_log_vain(struct in_conninfo *inc, struct tcphdr *t
{
/* Is logging enabled? */
- if (tcp_log_in_vain == 0)
+ if (V_tcp_log_in_vain == 0)
return (NULL);
return (tcp_log_addr(inc, th, ip4hdr, ip6hdr));
Modified: head/sys/netinet/tcp_timer.c
==============================================================================
--- head/sys/netinet/tcp_timer.c Wed Jan 8 23:06:13 2020 (r356526)
+++ head/sys/netinet/tcp_timer.c Wed Jan 8 23:30:26 2020 (r356527)
@@ -125,9 +125,10 @@ SYSCTL_PROC(_net_inet_tcp, OID_AUTO, rexmit_slop, CTLT
&tcp_rexmit_slop, 0, sysctl_msec_to_ticks, "I",
"Retransmission Timer Slop");
-int tcp_always_keepalive = 1;
-SYSCTL_INT(_net_inet_tcp, OID_AUTO, always_keepalive, CTLFLAG_RW,
- &tcp_always_keepalive , 0, "Assume SO_KEEPALIVE on all TCP connections");
+VNET_DEFINE(int, tcp_always_keepalive) = 1;
+SYSCTL_INT(_net_inet_tcp, OID_AUTO, always_keepalive, CTLFLAG_VNET|CTLFLAG_RW,
+ &VNET_NAME(tcp_always_keepalive) , 0,
+ "Assume SO_KEEPALIVE on all TCP connections");
int tcp_fast_finwait2_recycle = 0;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, fast_finwait2_recycle, CTLFLAG_RW,
@@ -431,7 +432,7 @@ tcp_timer_keep(void *xtp)
TCPSTAT_INC(tcps_keeptimeo);
if (tp->t_state < TCPS_ESTABLISHED)
goto dropit;
- if ((tcp_always_keepalive ||
+ if ((V_tcp_always_keepalive ||
inp->inp_socket->so_options & SO_KEEPALIVE) &&
tp->t_state <= TCPS_CLOSING) {
if (ticks - tp->t_rcvtime >= TP_KEEPIDLE(tp) + TP_MAXIDLE(tp))
Modified: head/sys/netinet/tcp_timer.h
==============================================================================
--- head/sys/netinet/tcp_timer.h Wed Jan 8 23:06:13 2020 (r356526)
+++ head/sys/netinet/tcp_timer.h Wed Jan 8 23:30:26 2020 (r356527)
@@ -203,10 +203,11 @@ extern int tcp_backoff[];
extern int tcp_totbackoff;
extern int tcp_rexmit_drop_options;
-extern int tcp_always_keepalive;
extern int tcp_finwait2_timeout;
extern int tcp_fast_finwait2_recycle;
+VNET_DECLARE(int, tcp_always_keepalive);
+#define V_tcp_always_keepalive VNET(tcp_always_keepalive)
VNET_DECLARE(int, tcp_pmtud_blackhole_detect);
#define V_tcp_pmtud_blackhole_detect VNET(tcp_pmtud_blackhole_detect)
VNET_DECLARE(int, tcp_pmtud_blackhole_mss);
Modified: head/sys/netinet/tcp_var.h
==============================================================================
--- head/sys/netinet/tcp_var.h Wed Jan 8 23:06:13 2020 (r356526)
+++ head/sys/netinet/tcp_var.h Wed Jan 8 23:30:26 2020 (r356527)
@@ -767,7 +767,8 @@ SYSCTL_DECL(_net_inet_tcp_sack);
MALLOC_DECLARE(M_TCPLOG);
#endif
-extern int tcp_log_in_vain;
+VNET_DECLARE(int, tcp_log_in_vain);
+#define V_tcp_log_in_vain VNET(tcp_log_in_vain)
/*
* Global TCP tunables shared between different stacks.
Modified: head/sys/netinet/udp_usrreq.c
==============================================================================
--- head/sys/netinet/udp_usrreq.c Wed Jan 8 23:06:13 2020 (r356526)
+++ head/sys/netinet/udp_usrreq.c Wed Jan 8 23:30:26 2020 (r356527)
@@ -116,9 +116,9 @@ VNET_DEFINE(int, udp_cksum) = 1;
SYSCTL_INT(_net_inet_udp, UDPCTL_CHECKSUM, checksum, CTLFLAG_VNET | CTLFLAG_RW,
&VNET_NAME(udp_cksum), 0, "compute udp checksum");
-int udp_log_in_vain = 0;
-SYSCTL_INT(_net_inet_udp, OID_AUTO, log_in_vain, CTLFLAG_RW,
- &udp_log_in_vain, 0, "Log all incoming UDP packets");
+VNET_DEFINE(int, udp_log_in_vain) = 0;
+SYSCTL_INT(_net_inet_udp, OID_AUTO, log_in_vain, CTLFLAG_VNET | CTLFLAG_RW,
+ &VNET_NAME(udp_log_in_vain), 0, "Log all incoming UDP packets");
VNET_DEFINE(int, udp_blackhole) = 0;
SYSCTL_INT(_net_inet_udp, OID_AUTO, blackhole, CTLFLAG_VNET | CTLFLAG_RW,
@@ -686,7 +686,7 @@ udp_input(struct mbuf **mp, int *offp, int proto)
ip->ip_dst, uh->uh_dport, INPLOOKUP_WILDCARD |
INPLOOKUP_RLOCKPCB, ifp, m);
if (inp == NULL) {
- if (udp_log_in_vain) {
+ if (V_udp_log_in_vain) {
char src[INET_ADDRSTRLEN];
char dst[INET_ADDRSTRLEN];
Modified: head/sys/netinet/udp_var.h
==============================================================================
--- head/sys/netinet/udp_var.h Wed Jan 8 23:06:13 2020 (r356526)
+++ head/sys/netinet/udp_var.h Wed Jan 8 23:30:26 2020 (r356527)
@@ -149,9 +149,10 @@ extern u_long udp_sendspace;
extern u_long udp_recvspace;
VNET_DECLARE(int, udp_cksum);
VNET_DECLARE(int, udp_blackhole);
+VNET_DECLARE(int, udp_log_in_vain);
#define V_udp_cksum VNET(udp_cksum)
#define V_udp_blackhole VNET(udp_blackhole)
-extern int udp_log_in_vain;
+#define V_udp_log_in_vain VNET(udp_log_in_vain)
static __inline struct inpcbinfo *
udp_get_inpcbinfo(int protocol)
Modified: head/sys/netinet6/udp6_usrreq.c
==============================================================================
--- head/sys/netinet6/udp6_usrreq.c Wed Jan 8 23:06:13 2020 (r356526)
+++ head/sys/netinet6/udp6_usrreq.c Wed Jan 8 23:30:26 2020 (r356527)
@@ -481,7 +481,7 @@ udp6_input(struct mbuf **mp, int *offp, int proto)
INPLOOKUP_WILDCARD | INPLOOKUP_RLOCKPCB,
m->m_pkthdr.rcvif, m);
if (inp == NULL) {
- if (udp_log_in_vain) {
+ if (V_udp_log_in_vain) {
char ip6bufs[INET6_ADDRSTRLEN];
char ip6bufd[INET6_ADDRSTRLEN];
More information about the svn-src-head
mailing list