Date: Thu, 25 Sep 2008 11:55:23 GMT From: Marko Zec <zec@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 150429 for review Message-ID: <200809251155.m8PBtNrn052210@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=150429 Change 150429 by zec@zec_tpx32 on 2008/09/25 11:55:09 Integrate from vimage-commit2. Affected files ... .. //depot/projects/vimage/src/sys/compat/linux/linux_socket.c#11 integrate .. //depot/projects/vimage/src/sys/compat/svr4/svr4_sockio.c#7 integrate .. //depot/projects/vimage/src/sys/contrib/pf/net/pf.c#15 integrate .. //depot/projects/vimage/src/sys/contrib/pf/net/pf_if.c#10 integrate .. //depot/projects/vimage/src/sys/contrib/pf/net/pf_ioctl.c#16 integrate .. //depot/projects/vimage/src/sys/contrib/pf/net/pfvar.h#7 integrate .. //depot/projects/vimage/src/sys/dev/cxgb/ulp/tom/cxgb_cpl_io.c#13 integrate .. //depot/projects/vimage/src/sys/kern/kern_xxx.c#11 integrate .. //depot/projects/vimage/src/sys/net/bridgestp.c#13 integrate .. //depot/projects/vimage/src/sys/net/if.c#38 integrate .. //depot/projects/vimage/src/sys/net/if_bridge.c#17 integrate .. //depot/projects/vimage/src/sys/net/if_gif.h#6 integrate .. //depot/projects/vimage/src/sys/net/if_spppsubr.c#9 integrate .. //depot/projects/vimage/src/sys/net/if_var.h#17 integrate .. //depot/projects/vimage/src/sys/net/route.c#26 integrate .. //depot/projects/vimage/src/sys/net/vnet.h#12 integrate .. //depot/projects/vimage/src/sys/netgraph/netgraph.h#10 integrate .. //depot/projects/vimage/src/sys/netgraph/ng_eiface.c#14 integrate .. //depot/projects/vimage/src/sys/netgraph/ng_iface.c#11 integrate .. //depot/projects/vimage/src/sys/netgraph/vnetgraph.h#9 delete .. //depot/projects/vimage/src/sys/netinet/igmp.c#17 integrate .. //depot/projects/vimage/src/sys/netinet/in.h#6 integrate .. //depot/projects/vimage/src/sys/netinet/in_mcast.c#11 integrate .. //depot/projects/vimage/src/sys/netinet/in_pcb.c#31 integrate .. //depot/projects/vimage/src/sys/netinet/ip6.h#4 integrate .. //depot/projects/vimage/src/sys/netinet/ip_divert.c#14 integrate .. //depot/projects/vimage/src/sys/netinet/ip_fw.h#15 integrate .. //depot/projects/vimage/src/sys/netinet/ip_fw2.c#44 integrate .. //depot/projects/vimage/src/sys/netinet/ip_icmp.c#17 integrate .. //depot/projects/vimage/src/sys/netinet/ip_input.c#34 integrate .. //depot/projects/vimage/src/sys/netinet/ip_mroute.c#13 integrate .. //depot/projects/vimage/src/sys/netinet/tcp_input.c#35 integrate .. //depot/projects/vimage/src/sys/netinet/tcp_offload.c#8 integrate .. //depot/projects/vimage/src/sys/netinet/tcp_output.c#23 integrate .. //depot/projects/vimage/src/sys/netinet/tcp_subr.c#51 integrate .. //depot/projects/vimage/src/sys/netinet/tcp_syncache.c#40 integrate .. //depot/projects/vimage/src/sys/netinet/tcp_timewait.c#17 integrate .. //depot/projects/vimage/src/sys/netinet/tcp_usrreq.c#23 integrate .. //depot/projects/vimage/src/sys/netinet/vinet.h#28 integrate .. //depot/projects/vimage/src/sys/netinet6/in6_rmx.c#20 integrate .. //depot/projects/vimage/src/sys/netinet6/in6_src.c#21 integrate .. //depot/projects/vimage/src/sys/netinet6/ip6_input.c#34 integrate .. //depot/projects/vimage/src/sys/netinet6/nd6.c#31 integrate .. //depot/projects/vimage/src/sys/netinet6/nd6_nbr.c#20 integrate .. //depot/projects/vimage/src/sys/netinet6/nd6_rtr.c#18 integrate .. //depot/projects/vimage/src/sys/netinet6/raw_ip6.c#23 integrate .. //depot/projects/vimage/src/sys/netinet6/scope6.c#16 integrate .. //depot/projects/vimage/src/sys/netinet6/vinet6.h#20 integrate .. //depot/projects/vimage/src/sys/netipsec/ipsec_output.c#17 integrate .. //depot/projects/vimage/src/sys/netipsec/key.c#22 integrate .. //depot/projects/vimage/src/sys/netipsec/keysock.c#13 integrate .. //depot/projects/vimage/src/sys/netipsec/vipsec.h#13 integrate .. //depot/projects/vimage/src/sys/netipsec/xform_esp.c#15 integrate .. //depot/projects/vimage/src/sys/sys/sysctl.h#25 integrate .. //depot/projects/vimage/src/sys/sys/vimage.h#65 integrate Differences ... ==== //depot/projects/vimage/src/sys/compat/linux/linux_socket.c#11 (text+ko) ==== ==== //depot/projects/vimage/src/sys/compat/svr4/svr4_sockio.c#7 (text+ko) ==== ==== //depot/projects/vimage/src/sys/contrib/pf/net/pf.c#15 (text+ko) ==== ==== //depot/projects/vimage/src/sys/contrib/pf/net/pf_if.c#10 (text+ko) ==== @@ -126,6 +126,7 @@ pfi_initialize(void) { INIT_VNET_NET(curvnet); + if (pfi_all != NULL) /* already initialized */ return; ==== //depot/projects/vimage/src/sys/contrib/pf/net/pf_ioctl.c#16 (text+ko) ==== @@ -3708,6 +3708,7 @@ struct inpcb *inp) { INIT_VNET_NET(curvnet); + /* * IPv6 is not affected by ip_len/ip_off byte order changes. */ ==== //depot/projects/vimage/src/sys/contrib/pf/net/pfvar.h#7 (text+ko) ==== @@ -1867,9 +1867,9 @@ /* * Symbol translation macros */ -#define INIT_VNET_PF(vnet) \ +#define INIT_VNET_PF(vnet) \ INIT_FROM_VNET(vnet, VNET_MOD_PF, struct vnet_pf, vnet_pf) -#define VNET_PF(sym) VSYM(vnet_pf, sym) +#define VNET_PF(sym) VSYM(vnet_pf, sym) #endif /* _NET_PFVAR_H_ */ ==== //depot/projects/vimage/src/sys/dev/cxgb/ulp/tom/cxgb_cpl_io.c#13 (text+ko) ==== ==== //depot/projects/vimage/src/sys/kern/kern_xxx.c#11 (text+ko) ==== ==== //depot/projects/vimage/src/sys/net/bridgestp.c#13 (text+ko) ==== ==== //depot/projects/vimage/src/sys/net/if.c#38 (text+ko) ==== @@ -201,6 +201,7 @@ void ifnet_setbyindex(u_short idx, struct ifnet *ifp) { + INIT_VNET_NET(curvnet); INIT_VNET_NET(curvnet); IFNET_WLOCK_ASSERT(); @@ -211,6 +212,7 @@ struct ifaddr * ifaddr_byindex(u_short idx) { + INIT_VNET_NET(curvnet); struct ifaddr *ifa; IFNET_RLOCK(); @@ -234,6 +236,7 @@ static void ifdev_setbyindex(u_short idx, struct cdev *cdev) { + INIT_VNET_NET(curvnet); INIT_VNET_NET(curvnet); IFNET_WLOCK(); ==== //depot/projects/vimage/src/sys/net/if_bridge.c#17 (text+ko) ==== @@ -3044,6 +3044,7 @@ if (IPFW_LOADED && pfil_ipfw != 0 && dir == PFIL_OUT && ifp != NULL) { INIT_VNET_IPFW(curvnet); + error = -1; args.rule = ip_dn_claim_rule(*mp); if (args.rule != NULL && V_fw_one_pass) @@ -3379,6 +3380,7 @@ bridge_fragment(struct ifnet *ifp, struct mbuf *m, struct ether_header *eh, int snap, struct llc *llc) { + INIT_VNET_INET(curvnet); struct mbuf *m0; struct ip *ip; int error = -1; ==== //depot/projects/vimage/src/sys/net/if_gif.h#6 (text+ko) ==== @@ -114,10 +114,10 @@ * Virtualization support */ -#define INIT_VNET_GIF(vnet) \ +#define INIT_VNET_GIF(vnet) \ INIT_FROM_VNET(vnet, VNET_MOD_GIF, struct vnet_gif, vnet_gif) -#define VNET_GIF(sym) VSYM(vnet_gif, sym) +#define VNET_GIF(sym) VSYM(vnet_gif, sym) struct vnet_gif { LIST_HEAD(, gif_softc) _gif_softc_list; @@ -127,11 +127,11 @@ int _ip6_gif_hlim; }; -#define V_gif_softc_list VNET_GIF(gif_softc_list) -#define V_max_gif_nesting VNET_GIF(max_gif_nesting) -#define V_parallel_tunnels VNET_GIF(parallel_tunnels) -#define V_ip_gif_ttl VNET_GIF(ip_gif_ttl) -#define V_ip6_gif_hlim VNET_GIF(ip6_gif_hlim) +#define V_gif_softc_list VNET_GIF(gif_softc_list) +#define V_max_gif_nesting VNET_GIF(max_gif_nesting) +#define V_parallel_tunnels VNET_GIF(parallel_tunnels) +#define V_ip_gif_ttl VNET_GIF(ip_gif_ttl) +#define V_ip6_gif_hlim VNET_GIF(ip6_gif_hlim) #endif /* _KERNEL */ ==== //depot/projects/vimage/src/sys/net/if_spppsubr.c#9 (text+ko) ==== ==== //depot/projects/vimage/src/sys/net/if_var.h#17 (text+ko) ==== @@ -722,6 +722,8 @@ int ether_poll_deregister(struct ifnet *ifp); #endif /* DEVICE_POLLING */ +#include <net/vnet.h> + #endif /* _KERNEL */ #endif /* !_NET_IF_VAR_H_ */ ==== //depot/projects/vimage/src/sys/net/route.c#26 (text+ko) ==== @@ -303,6 +303,7 @@ rtalloc1_fib(struct sockaddr *dst, int report, u_long ignflags, u_int fibnum) { + INIT_VNET_NET(curvnet); struct radix_node_head *rnh; INIT_VNET_NET(curvnet); struct rtentry *rt; ==== //depot/projects/vimage/src/sys/net/vnet.h#12 (text+ko) ==== @@ -26,12 +26,13 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. + * + * $FreeBSD$ */ #ifndef _NET_VNET_H_ #define _NET_VNET_H_ - #ifdef VIMAGE #include "opt_route.h" @@ -44,14 +45,6 @@ #include <net/route.h> #include <net/raw_cb.h> - -/* calculate this the same as in route.c */ -#ifndef ROUTETABLES - #define RT_MAXFIBS 1 -#else - #define RT_MAXFIBS 16 -#endif - struct vnet_net { int _if_index; struct ifindex_entry *_ifindex_table; @@ -78,23 +71,23 @@ /* * Symbol translation macros */ -#define INIT_VNET_NET(vnet) \ +#define INIT_VNET_NET(vnet) \ INIT_FROM_VNET(vnet, VNET_MOD_NET, struct vnet_net, vnet_net) -#define VNET_NET(sym) VSYM(vnet_net, sym) +#define VNET_NET(sym) VSYM(vnet_net, sym) -#define V_if_index VNET_NET(if_index) -#define V_ifindex_table VNET_NET(ifindex_table) -#define V_ifnet VNET_NET(ifnet) -#define V_ifg_head VNET_NET(ifg_head) -#define V_if_indexlim VNET_NET(if_indexlim) -#define V_ifklist VNET_NET(ifklist) -#define V_rtstat VNET_NET(rtstat) -#define V_rt_tables VNET_NET(rt_tables) -#define V_rttrash VNET_NET(rttrash) -#define V_loif VNET_NET(loif) -#define V_lo_list VNET_NET(lo_list) -#define V_rawcb_list VNET_NET(rawcb_list) -#define V_ether_ipfw VNET_NET(ether_ipfw) +#define V_ether_ipfw VNET_NET(ether_ipfw) +#define V_if_index VNET_NET(if_index) +#define V_if_indexlim VNET_NET(if_indexlim) +#define V_ifg_head VNET_NET(ifg_head) +#define V_ifindex_table VNET_NET(ifindex_table) +#define V_ifklist VNET_NET(ifklist) +#define V_ifnet VNET_NET(ifnet) +#define V_lo_list VNET_NET(lo_list) +#define V_loif VNET_NET(loif) +#define V_rawcb_list VNET_NET(rawcb_list) +#define V_rt_tables VNET_NET(rt_tables) +#define V_rtstat VNET_NET(rtstat) +#define V_rttrash VNET_NET(rttrash) #endif /* !_NET_VNET_H_ */ ==== //depot/projects/vimage/src/sys/netgraph/netgraph.h#10 (text+ko) ==== @@ -1185,4 +1185,23 @@ #define NGI_GET_META(i,m) #define ng_copy_meta(meta) NULL +/* Hash related definitions */ +#define NG_ID_HASH_SIZE 128 /* most systems wont need even this many */ + +/* Virtualization macros */ +#define INIT_VNET_NETGRAPH(vnet) \ + INIT_FROM_VNET(vnet, VNET_MOD_NETGRAPH, \ + struct vnet_netgraph, vnet_netgraph) + +#define VNET_NETGRAPH(sym) VSYM(vnet_netgraph, sym) + +/* Symbol translation macros */ +#define V_nextID VNET_NETGRAPH(nextID) +#define V_ng_ID_hash VNET_NETGRAPH(ng_ID_hash) +#define V_ng_eiface_unit VNET_NETGRAPH(ng_eiface_unit) +#define V_ng_iface_unit VNET_NETGRAPH(ng_iface_unit) +#define V_ng_name_hash VNET_NETGRAPH(ng_name_hash) +#define V_ng_nodelist VNET_NETGRAPH(ng_nodelist) +#define V_ng_wormhole_unit VNET_NETGRAPH(ng_wormhole_unit) + #endif /* _NETGRAPH_NETGRAPH_H_ */ ==== //depot/projects/vimage/src/sys/netgraph/ng_eiface.c#14 (text+ko) ==== @@ -570,6 +570,10 @@ const priv_p priv = NG_NODE_PRIVATE(node); struct ifnet *const ifp = priv->ifp; + /* + * the ifnet may be in a different vnet than the netgraph node, + * hence we have to change the current vnet context here. + */ CURVNET_SET_QUIET(ifp->if_vnet); ether_ifdetach(ifp); if_free(ifp); ==== //depot/projects/vimage/src/sys/netgraph/ng_iface.c#11 (text+ko) ==== @@ -818,6 +818,10 @@ INIT_VNET_NETGRAPH(curvnet); const priv_p priv = NG_NODE_PRIVATE(node); + /* + * The ifnet may be in a different vnet than the netgraph node, + * hence we have to change the current vnet context here. + */ CURVNET_SET_QUIET(priv->ifp->if_vnet); bpfdetach(priv->ifp); if_detach(priv->ifp); ==== //depot/projects/vimage/src/sys/netinet/igmp.c#17 (text+ko) ==== ==== //depot/projects/vimage/src/sys/netinet/in.h#6 (text+ko) ==== @@ -743,4 +743,8 @@ #undef __KAME_NETINET_IN_H_INCLUDED_ #endif +#ifdef _KERNEL +#include <netinet/vinet.h> +#endif + #endif /* !_NETINET_IN_H_*/ ==== //depot/projects/vimage/src/sys/netinet/in_mcast.c#11 (text+ko) ==== ==== //depot/projects/vimage/src/sys/netinet/in_pcb.c#31 (text+ko) ==== ==== //depot/projects/vimage/src/sys/netinet/ip6.h#4 (text+ko) ==== @@ -346,6 +346,9 @@ } \ } \ } while (/*CONSTCOND*/ 0) + +#include <netinet6/vinet6.h> + #endif /*_KERNEL*/ #endif /* not _NETINET_IP6_H_ */ ==== //depot/projects/vimage/src/sys/netinet/ip_divert.c#14 (text+ko) ==== @@ -189,6 +189,7 @@ div_input(struct mbuf *m, int off) { INIT_VNET_INET(curvnet); + V_ipstat.ips_noproto++; m_freem(m); } @@ -561,6 +562,7 @@ struct mbuf *control, struct thread *td) { INIT_VNET_INET(so->so_vnet); + /* Packet must have a header (but that's about it) */ if (m->m_len < sizeof (struct ip) && (m = m_pullup(m, sizeof (struct ip))) == 0) { ==== //depot/projects/vimage/src/sys/netinet/ip_fw.h#15 (text+ko) ==== @@ -28,8 +28,6 @@ #ifndef _IPFW2_H #define _IPFW2_H -#include <sys/rwlock.h> -#include <net/radix.h> /* * The default rule number. By the design of ip_fw, the default rule * is the last one, so its number can also serve as the highest number @@ -560,34 +558,6 @@ */ #ifdef _KERNEL -/* - * Data structure to cache our ucred related - * information. This structure only gets used if - * the user specified UID/GID based constraints in - * a firewall rule. - */ -struct ip_fw_ugid { - gid_t fw_groups[NGROUPS]; - int fw_ngroups; - uid_t fw_uid; - int fw_prid; -}; - -#define IPFW_TABLES_MAX 128 -struct ip_fw_chain { - struct ip_fw *rules; /* list of rules */ - struct ip_fw *reap; /* list of rules to reap */ - LIST_HEAD(, cfg_nat) nat; /* list of nat entries */ - struct radix_node_head *tables[IPFW_TABLES_MAX]; - struct rwlock rwmtx; -}; - -struct table_entry { - struct radix_node rn[2]; - struct sockaddr_in addr, mask; - u_int32_t value; -}; - /* Return values from ipfw_chk() */ enum { IP_FW_PASS = 0, @@ -674,6 +644,14 @@ #ifdef IPFW_INTERNAL +#define IPFW_TABLES_MAX 128 +struct ip_fw_chain { + struct ip_fw *rules; /* list of rules */ + struct ip_fw *reap; /* list of rules to reap */ + LIST_HEAD(, cfg_nat) nat; /* list of nat entries */ + struct radix_node_head *tables[IPFW_TABLES_MAX]; + struct rwlock rwmtx; +}; #define IPFW_LOCK_INIT(_chain) \ rw_init(&(_chain)->rwmtx, "IPFW static rules") #define IPFW_LOCK_DESTROY(_chain) rw_destroy(&(_chain)->rwmtx) @@ -704,19 +682,16 @@ int _fw_one_pass; int _fw_enable; int _fw6_enable; - u_int32_t _set_disable; int _fw_deny_unknown_exthdrs; int _fw_verbose; int _verbose_limit; int _fw_debug; int _autoinc_step; - ipfw_dyn_rule **_ipfw_dyn_v; struct ip_fw_chain _layer3_chain; u_int32_t _dyn_buckets; u_int32_t _curr_dyn_buckets; - u_int32_t _dyn_ack_lifetime; u_int32_t _dyn_syn_lifetime; u_int32_t _dyn_fin_lifetime; @@ -730,9 +705,7 @@ u_int32_t _static_len; u_int32_t _dyn_count; u_int32_t _dyn_max; - u_int64_t _norule_counter; - struct callout _ipfw_timeout; eventhandler_tag _ifaddr_event_tag; }; @@ -741,41 +714,40 @@ /* * Symbol translation macros */ - -#define INIT_VNET_IPFW(vnet) \ +#define INIT_VNET_IPFW(vnet) \ INIT_FROM_VNET(vnet, VNET_MOD_IPFW, struct vnet_ipfw, vnet_ipfw) -#define VNET_IPFW(sym) VSYM(vnet_ipfw, sym) +#define VNET_IPFW(sym) VSYM(vnet_ipfw, sym) -#define V_fw_one_pass VNET_IPFW(fw_one_pass) -#define V_fw_enable VNET_IPFW(fw_enable) -#define V_fw6_enable VNET_IPFW(fw6_enable) -#define V_set_disable VNET_IPFW(set_disable) -#define V_fw_deny_unknown_exthdrs VNET_IPFW(fw_deny_unknown_exthdrs) -#define V_fw_verbose VNET_IPFW(fw_verbose) -#define V_verbose_limit VNET_IPFW(verbose_limit) -#define V_fw_debug VNET_IPFW(fw_debug) -#define V_autoinc_step VNET_IPFW(autoinc_step) -#define V_ipfw_dyn_v VNET_IPFW(ipfw_dyn_v) -#define V_layer3_chain VNET_IPFW(layer3_chain) -#define V_dyn_buckets VNET_IPFW(dyn_buckets) -#define V_curr_dyn_buckets VNET_IPFW(curr_dyn_buckets) -#define V_dyn_ack_lifetime VNET_IPFW(dyn_ack_lifetime) -#define V_dyn_syn_lifetime VNET_IPFW(dyn_syn_lifetime) -#define V_dyn_fin_lifetime VNET_IPFW(dyn_fin_lifetime) -#define V_dyn_rst_lifetime VNET_IPFW(dyn_rst_lifetime) -#define V_dyn_udp_lifetime VNET_IPFW(dyn_udp_lifetime) -#define V_dyn_short_lifetime VNET_IPFW(dyn_short_lifetime) -#define V_dyn_keepalive_interval VNET_IPFW(dyn_keepalive_interval) -#define V_dyn_keepalive_period VNET_IPFW(dyn_keepalive_period) -#define V_dyn_keepalive VNET_IPFW(dyn_keepalive) -#define V_static_count VNET_IPFW(static_count) -#define V_static_len VNET_IPFW(static_len) -#define V_dyn_count VNET_IPFW(dyn_count) -#define V_dyn_max VNET_IPFW(dyn_max) -#define V_norule_counter VNET_IPFW(norule_counter) -#define V_ipfw_timeout VNET_IPFW(ipfw_timeout) -#define V_ifaddr_event_tag VNET_IPFW(ifaddr_event_tag) +#define V_fw_one_pass VNET_IPFW(fw_one_pass) +#define V_fw_enable VNET_IPFW(fw_enable) +#define V_fw6_enable VNET_IPFW(fw6_enable) +#define V_set_disable VNET_IPFW(set_disable) +#define V_fw_deny_unknown_exthdrs VNET_IPFW(fw_deny_unknown_exthdrs) +#define V_fw_verbose VNET_IPFW(fw_verbose) +#define V_verbose_limit VNET_IPFW(verbose_limit) +#define V_fw_debug VNET_IPFW(fw_debug) +#define V_autoinc_step VNET_IPFW(autoinc_step) +#define V_ipfw_dyn_v VNET_IPFW(ipfw_dyn_v) +#define V_layer3_chain VNET_IPFW(layer3_chain) +#define V_dyn_buckets VNET_IPFW(dyn_buckets) +#define V_curr_dyn_buckets VNET_IPFW(curr_dyn_buckets) +#define V_dyn_ack_lifetime VNET_IPFW(dyn_ack_lifetime) +#define V_dyn_syn_lifetime VNET_IPFW(dyn_syn_lifetime) +#define V_dyn_fin_lifetime VNET_IPFW(dyn_fin_lifetime) +#define V_dyn_rst_lifetime VNET_IPFW(dyn_rst_lifetime) +#define V_dyn_udp_lifetime VNET_IPFW(dyn_udp_lifetime) +#define V_dyn_short_lifetime VNET_IPFW(dyn_short_lifetime) +#define V_dyn_keepalive_interval VNET_IPFW(dyn_keepalive_interval) +#define V_dyn_keepalive_period VNET_IPFW(dyn_keepalive_period) +#define V_dyn_keepalive VNET_IPFW(dyn_keepalive) +#define V_static_count VNET_IPFW(static_count) +#define V_static_len VNET_IPFW(static_len) +#define V_dyn_count VNET_IPFW(dyn_count) +#define V_dyn_max VNET_IPFW(dyn_max) +#define V_norule_counter VNET_IPFW(norule_counter) +#define V_ipfw_timeout VNET_IPFW(ipfw_timeout) +#define V_ifaddr_event_tag VNET_IPFW(ifaddr_event_tag) #endif /* _KERNEL */ #endif /* _IPFW2_H */ ==== //depot/projects/vimage/src/sys/netinet/ip_fw2.c#44 (text+ko) ==== @@ -4187,8 +4187,8 @@ static int ipfw_ctl(struct sockopt *sopt) { +#define RULE_MAXSIZE (256*sizeof(u_int32_t)) INIT_VNET_IPFW(curvnet); -#define RULE_MAXSIZE (256*sizeof(u_int32_t)) int error; size_t size; struct ip_fw *buf, *rule; ==== //depot/projects/vimage/src/sys/netinet/ip_icmp.c#17 (text+ko) ==== @@ -45,12 +45,10 @@ #include <sys/sysctl.h> #include <sys/vimage.h> -#include <net/vnet.h> #include <net/if.h> #include <net/if_types.h> #include <net/route.h> -#include <netinet/vinet.h> #include <netinet/in.h> #include <netinet/in_pcb.h> #include <netinet/in_systm.h> @@ -79,50 +77,47 @@ * host table maintenance routines. */ -#ifndef VIMAGE struct icmpstat icmpstat; -static int icmpmaskrepl = 0; -static u_int icmpmaskfake = 0; -static int drop_redirect = 0; -static int log_redirect = 0; -static int icmplim = 200; -static int icmplim_output = 1; -static char reply_src[IFNAMSIZ]; -static int icmp_rfi = 0; -static int icmp_quotelen = 8; -static int icmpbmcastecho = 0; -#endif SYSCTL_V_STRUCT(V_NET, vnet_inet, _net_inet_icmp, ICMPCTL_STATS, stats, CTLFLAG_RW, icmpstat, icmpstat, ""); +static int icmpmaskrepl = 0; SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, ICMPCTL_MASKREPL, maskrepl, CTLFLAG_RW, icmpmaskrepl, 0, "Reply to ICMP Address Mask Request packets."); +static u_int icmpmaskfake = 0; SYSCTL_V_UINT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, maskfake, CTLFLAG_RW, icmpmaskfake, 0, "Fake reply to ICMP Address Mask Request packets."); +static int drop_redirect = 0; SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, drop_redirect, CTLFLAG_RW, drop_redirect, 0, "Ignore ICMP redirects"); +static int log_redirect = 0; SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, log_redirect, CTLFLAG_RW, log_redirect, 0, "Log ICMP redirects to the console"); +static int icmplim = 200; SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, ICMPCTL_ICMPLIM, icmplim, CTLFLAG_RW, icmplim, 0, "Maximum number of ICMP responses per second"); +static int icmplim_output = 1; SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, icmplim_output, CTLFLAG_RW, icmplim_output, 0, "Enable rate limiting of ICMP responses"); +static char reply_src[IFNAMSIZ]; SYSCTL_V_STRING(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, reply_src, CTLFLAG_RW, reply_src, IFNAMSIZ, "icmp reply source for non-local packets."); +static int icmp_rfi = 0; SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, reply_from_interface, CTLFLAG_RW, icmp_rfi, 0, "ICMP reply from incoming interface for " "non-local packets"); +static int icmp_quotelen = 8; SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, quotelen, CTLFLAG_RW, icmp_quotelen, 0, "Number of bytes from original packet to " "quote in ICMP reply"); @@ -130,6 +125,8 @@ /* * ICMP broadcast echo sysctl */ + +static int icmpbmcastecho = 0; SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_icmp, OID_AUTO, bmcastecho, CTLFLAG_RW, icmpbmcastecho, 0, ""); ==== //depot/projects/vimage/src/sys/netinet/ip_input.c#34 (text+ko) ==== ==== //depot/projects/vimage/src/sys/netinet/ip_mroute.c#13 (text+ko) ==== @@ -3044,6 +3044,7 @@ ip_mroute_modevent(module_t mod, int type, void *unused) { INIT_VNET_INET(curvnet); + switch (type) { case MOD_LOAD: MROUTER_LOCK_INIT(); ==== //depot/projects/vimage/src/sys/netinet/tcp_input.c#35 (text+ko) ==== ==== //depot/projects/vimage/src/sys/netinet/tcp_offload.c#8 (text+ko) ==== ==== //depot/projects/vimage/src/sys/netinet/tcp_output.c#23 (text+ko) ==== ==== //depot/projects/vimage/src/sys/netinet/tcp_subr.c#51 (text+ko) ==== @@ -76,7 +76,7 @@ #endif #include <netinet/in_var.h> #include <netinet/ip_var.h> -#ifdef IET6 +#ifdef INET6 #include <netinet6/ip6_var.h> #include <netinet6/scope6_var.h> #include <netinet6/nd6.h> @@ -160,7 +160,7 @@ static int sysctl_net_inet_tcp_mss_v6_check(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(TD_TO_VNET(curthread)); + INIT_VNET_INET(curvnet); int error, new; new = V_tcp_v6mssdflt; @@ -718,7 +718,6 @@ tcp_newtcpcb(struct inpcb *inp) { INIT_VNET_INET(inp->inp_vnet); - struct tcpcb_mem *tm; struct tcpcb *tp; #ifdef INET6 ==== //depot/projects/vimage/src/sys/netinet/tcp_syncache.c#40 (text+ko) ==== ==== //depot/projects/vimage/src/sys/netinet/tcp_timewait.c#17 (text+ko) ==== ==== //depot/projects/vimage/src/sys/netinet/tcp_usrreq.c#23 (text+ko) ==== @@ -1100,10 +1100,10 @@ { struct inpcb *inp = tp->t_inpcb, *oinp; struct socket *so = inp->inp_socket; + INIT_VNET_INET(so->so_vnet); struct in_addr laddr; u_short lport; int error; - INIT_VNET_INET(so->so_vnet); INP_INFO_WLOCK_ASSERT(&V_tcbinfo); INP_WLOCK_ASSERT(inp); @@ -1156,10 +1156,10 @@ { struct inpcb *inp = tp->t_inpcb, *oinp; struct socket *so = inp->inp_socket; + INIT_VNET_INET(so->so_vnet); struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; struct in6_addr *addr6; int error; - INIT_VNET_INET(so->so_vnet); INP_INFO_WLOCK_ASSERT(&V_tcbinfo); INP_WLOCK_ASSERT(inp); ==== //depot/projects/vimage/src/sys/netinet/vinet.h#28 (text+ko) ==== @@ -26,6 +26,8 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. + * + * $FreeBSD$ */ #ifndef _NETINET_VINET_H_ @@ -196,134 +198,134 @@ /* * Symbol translation macros */ -#define INIT_VNET_INET(vnet) \ +#define INIT_VNET_INET(vnet) \ INIT_FROM_VNET(vnet, VNET_MOD_INET, struct vnet_inet, vnet_inet) -#define VNET_INET(sym) VSYM(vnet_inet, sym) +#define VNET_INET(sym) VSYM(vnet_inet, sym) + +#define V_arp_maxtries VNET_INET(arp_maxtries) +#define V_arp_proxyall VNET_INET(arp_proxyall) +#define V_arpt_keep VNET_INET(arpt_keep) +#define V_arpt_prune VNET_INET(arpt_prune) +#define V_blackhole VNET_INET(blackhole) +#define V_divcb VNET_INET(divcb) +#define V_divcbinfo VNET_INET(divcbinfo) +#define V_drop_redirect VNET_INET(drop_redirect) +#define V_drop_synfin VNET_INET(drop_synfin) +#define V_icmp_may_rst VNET_INET(icmp_may_rst) +#define V_icmp_quotelen VNET_INET(icmp_quotelen) +#define V_icmp_rfi VNET_INET(icmp_rfi) +#define V_icmpbmcastecho VNET_INET(icmpbmcastecho) +#define V_icmplim VNET_INET(icmplim) +#define V_icmplim_output VNET_INET(icmplim_output) +#define V_icmpmaskfake VNET_INET(icmpmaskfake) +#define V_icmpmaskrepl VNET_INET(icmpmaskrepl) +#define V_icmpstat VNET_INET(icmpstat) +#define V_igmpstat VNET_INET(igmpstat) +#define V_in_ifaddrhashtbl VNET_INET(in_ifaddrhashtbl) +#define V_in_ifaddrhead VNET_INET(in_ifaddrhead) +#define V_in_ifaddrhmask VNET_INET(in_ifaddrhmask) +#define V_in_multihead VNET_INET(in_multihead) +#define V_ip_checkinterface VNET_INET(ip_checkinterface) +#define V_ip_defttl VNET_INET(ip_defttl) +#define V_ip_do_randomid VNET_INET(ip_do_randomid) +#define V_ip_id VNET_INET(ip_id) +#define V_ip_keepfaith VNET_INET(ip_keepfaith) +#define V_ip_mrouter VNET_INET(ip_mrouter) +#define V_ip_rsvp_on VNET_INET(ip_rsvp_on) +#define V_ip_rsvpd VNET_INET(ip_rsvpd) +#define V_ip_sendsourcequench VNET_INET(ip_sendsourcequench) +#define V_ipfastforward_active VNET_INET(ipfastforward_active) +#define V_ipforwarding VNET_INET(ipforwarding) +#define V_ipport_firstauto VNET_INET(ipport_firstauto) +#define V_ipport_hifirstauto VNET_INET(ipport_hifirstauto) +#define V_ipport_hilastauto VNET_INET(ipport_hilastauto) +#define V_ipport_lastauto VNET_INET(ipport_lastauto) +#define V_ipport_lowfirstauto VNET_INET(ipport_lowfirstauto) +#define V_ipport_lowlastauto VNET_INET(ipport_lowlastauto) +#define V_ipport_randomcps VNET_INET(ipport_randomcps) +#define V_ipport_randomized VNET_INET(ipport_randomized) +#define V_ipport_randomtime VNET_INET(ipport_randomtime) +#define V_ipport_reservedhigh VNET_INET(ipport_reservedhigh) +#define V_ipport_reservedlow VNET_INET(ipport_reservedlow) +#define V_ipport_stoprandom VNET_INET(ipport_stoprandom) +#define V_ipport_tcpallocs VNET_INET(ipport_tcpallocs) +#define V_ipport_tcplastcount VNET_INET(ipport_tcplastcount) +#define V_ipq VNET_INET(ipq) +#define V_ipq_zone VNET_INET(ipq_zone) +#define V_ipsendredirects VNET_INET(ipsendredirects) +#define V_ipstat VNET_INET(ipstat) +#define V_ipstealth VNET_INET(ipstealth) +#define V_isn_ctx VNET_INET(isn_ctx) +#define V_isn_last_reseed VNET_INET(isn_last_reseed) +#define V_isn_offset VNET_INET(isn_offset) +#define V_isn_offset_old VNET_INET(isn_offset_old) +#define V_isn_secret VNET_INET(isn_secret) +#define V_llinfo_arp VNET_INET(llinfo_arp) +#define V_log_redirect VNET_INET(log_redirect) +#define V_maxfragsperpacket VNET_INET(maxfragsperpacket) +#define V_maxnipq VNET_INET(maxnipq) +#define V_nipq VNET_INET(nipq) +#define V_nolocaltimewait VNET_INET(nolocaltimewait) +#define V_path_mtu_discovery VNET_INET(path_mtu_discovery) +#define V_reply_src VNET_INET(reply_src) +#define V_ripcb VNET_INET(ripcb) +#define V_ripcbinfo VNET_INET(ripcbinfo) +#define V_router_info_head VNET_INET(router_info_head) +#define V_rsvp_on VNET_INET(rsvp_on) +#define V_rtq_minreallyold VNET_INET(rtq_minreallyold) +#define V_rtq_reallyold VNET_INET(rtq_reallyold) +#define V_rtq_timeout VNET_INET(rtq_timeout) +#define V_rtq_timer VNET_INET(rtq_timer) +#define V_rtq_toomany VNET_INET(rtq_toomany) +#define V_sameprefixcarponly VNET_INET(sameprefixcarponly) +#define V_ss_fltsz VNET_INET(ss_fltsz) +#define V_ss_fltsz_local VNET_INET(ss_fltsz_local) +#define V_subnetsarelocal VNET_INET(subnetsarelocal) +#define V_tcb VNET_INET(tcb) +#define V_tcbinfo VNET_INET(tcbinfo) +#define V_tcp_autorcvbuf_inc VNET_INET(tcp_autorcvbuf_inc) +#define V_tcp_autorcvbuf_max VNET_INET(tcp_autorcvbuf_max) +#define V_tcp_autosndbuf_inc VNET_INET(tcp_autosndbuf_inc) +#define V_tcp_autosndbuf_max VNET_INET(tcp_autosndbuf_max) +#define V_tcp_delack_enabled VNET_INET(tcp_delack_enabled) +#define V_tcp_do_autorcvbuf VNET_INET(tcp_do_autorcvbuf) +#define V_tcp_do_autosndbuf VNET_INET(tcp_do_autosndbuf) +#define V_tcp_do_ecn VNET_INET(tcp_do_ecn) +#define V_tcp_do_newreno VNET_INET(tcp_do_newreno) +#define V_tcp_do_rfc1323 VNET_INET(tcp_do_rfc1323) +#define V_tcp_do_rfc3042 VNET_INET(tcp_do_rfc3042) +#define V_tcp_do_rfc3390 VNET_INET(tcp_do_rfc3390) +#define V_tcp_do_sack VNET_INET(tcp_do_sack) +#define V_tcp_do_tso VNET_INET(tcp_do_tso) +#define V_tcp_ecn_maxretries VNET_INET(tcp_ecn_maxretries) +#define V_tcp_hc_callout VNET_INET(tcp_hc_callout) +#define V_tcp_hostcache VNET_INET(tcp_hostcache) +#define V_tcp_inflight_enable VNET_INET(tcp_inflight_enable) +#define V_tcp_inflight_max VNET_INET(tcp_inflight_max) +#define V_tcp_inflight_min VNET_INET(tcp_inflight_min) +#define V_tcp_inflight_rttthresh VNET_INET(tcp_inflight_rttthresh) +#define V_tcp_inflight_stab VNET_INET(tcp_inflight_stab) +#define V_tcp_insecure_rst VNET_INET(tcp_insecure_rst) +#define V_tcp_isn_reseed_interval VNET_INET(tcp_isn_reseed_interval) +#define V_tcp_minmss VNET_INET(tcp_minmss) +#define V_tcp_mssdflt VNET_INET(tcp_mssdflt) +#define V_tcp_reass_maxqlen VNET_INET(tcp_reass_maxqlen) +#define V_tcp_reass_maxseg VNET_INET(tcp_reass_maxseg) +#define V_tcp_reass_overflows VNET_INET(tcp_reass_overflows) +#define V_tcp_reass_qsize VNET_INET(tcp_reass_qsize) +#define V_tcp_sack_globalholes VNET_INET(tcp_sack_globalholes) +#define V_tcp_sack_globalmaxholes VNET_INET(tcp_sack_globalmaxholes) +#define V_tcp_sack_maxholes VNET_INET(tcp_sack_maxholes) +#define V_tcp_sc_rst_sock_fail VNET_INET(tcp_sc_rst_sock_fail) +#define V_tcp_syncache VNET_INET(tcp_syncache) +#define V_tcp_v6mssdflt VNET_INET(tcp_v6mssdflt) +#define V_tcpstat VNET_INET(tcpstat) +#define V_twq_2msl VNET_INET(twq_2msl) +#define V_udb VNET_INET(udb) +#define V_udbinfo VNET_INET(udbinfo) +#define V_udp_blackhole VNET_INET(udp_blackhole) +#define V_udpstat VNET_INET(udpstat) +#define V_useloopback VNET_INET(useloopback) -#define V_in_ifaddrhead VNET_INET(in_ifaddrhead) -#define V_in_ifaddrhashtbl VNET_INET(in_ifaddrhashtbl) -#define V_in_ifaddrhmask VNET_INET(in_ifaddrhmask) -#define V_in_multihead VNET_INET(in_multihead) -#define V_llinfo_arp VNET_INET(llinfo_arp) -#define V_arpt_prune VNET_INET(arpt_prune) -#define V_arpt_keep VNET_INET(arpt_keep) -#define V_arp_maxtries VNET_INET(arp_maxtries) -#define V_useloopback VNET_INET(useloopback) -#define V_arp_proxyall VNET_INET(arp_proxyall) -#define V_subnetsarelocal VNET_INET(subnetsarelocal) -#define V_sameprefixcarponly VNET_INET(sameprefixcarponly) -#define V_ipforwarding VNET_INET(ipforwarding) -#define V_ipstealth VNET_INET(ipstealth) -#define V_ipfastforward_active VNET_INET(ipfastforward_active) -#define V_ipsendredirects VNET_INET(ipsendredirects) -#define V_ip_defttl VNET_INET(ip_defttl) -#define V_ip_keepfaith VNET_INET(ip_keepfaith) -#define V_ip_sendsourcequench VNET_INET(ip_sendsourcequench) -#define V_ip_id VNET_INET(ip_id) -#define V_ip_do_randomid VNET_INET(ip_do_randomid) -#define V_ip_checkinterface VNET_INET(ip_checkinterface) -#define V_ipq VNET_INET(ipq) -#define V_ipq_zone VNET_INET(ipq_zone) -#define V_nipq VNET_INET(nipq) -#define V_maxnipq VNET_INET(maxnipq) -#define V_maxfragsperpacket VNET_INET(maxfragsperpacket) -#define V_tcb VNET_INET(tcb) -#define V_tcbinfo VNET_INET(tcbinfo) -#define V_tcpstat VNET_INET(tcpstat) -#define V_twq_2msl VNET_INET(twq_2msl) -#define V_tcp_hostcache VNET_INET(tcp_hostcache) -#define V_tcp_hc_callout VNET_INET(tcp_hc_callout) -#define V_tcp_syncache VNET_INET(tcp_syncache) -#define V_tcp_sc_rst_sock_fail VNET_INET(tcp_sc_rst_sock_fail) -#define V_tcp_mssdflt VNET_INET(tcp_mssdflt) -#define V_tcp_v6mssdflt VNET_INET(tcp_v6mssdflt) -#define V_tcp_minmss VNET_INET(tcp_minmss) -#define V_tcp_do_rfc1323 VNET_INET(tcp_do_rfc1323) -#define V_icmp_may_rst VNET_INET(icmp_may_rst) -#define V_tcp_isn_reseed_interval VNET_INET(tcp_isn_reseed_interval) -#define V_tcp_inflight_enable VNET_INET(tcp_inflight_enable) -#define V_tcp_inflight_rttthresh VNET_INET(tcp_inflight_rttthresh) -#define V_tcp_inflight_min VNET_INET(tcp_inflight_min) -#define V_tcp_inflight_max VNET_INET(tcp_inflight_max) -#define V_tcp_inflight_stab VNET_INET(tcp_inflight_stab) -#define V_nolocaltimewait VNET_INET(nolocaltimewait) -#define V_path_mtu_discovery VNET_INET(path_mtu_discovery) -#define V_ss_fltsz VNET_INET(ss_fltsz) -#define V_ss_fltsz_local VNET_INET(ss_fltsz_local) -#define V_tcp_do_newreno VNET_INET(tcp_do_newreno) -#define V_tcp_do_tso VNET_INET(tcp_do_tso) -#define V_tcp_do_autosndbuf VNET_INET(tcp_do_autosndbuf) -#define V_tcp_autosndbuf_inc VNET_INET(tcp_autosndbuf_inc) -#define V_tcp_autosndbuf_max VNET_INET(tcp_autosndbuf_max) -#define V_tcp_do_sack VNET_INET(tcp_do_sack) -#define V_tcp_sack_maxholes VNET_INET(tcp_sack_maxholes) -#define V_tcp_sack_globalmaxholes VNET_INET(tcp_sack_globalmaxholes) -#define V_tcp_sack_globalholes VNET_INET(tcp_sack_globalholes) -#define V_blackhole VNET_INET(blackhole) -#define V_tcp_delack_enabled VNET_INET(tcp_delack_enabled) -#define V_drop_synfin VNET_INET(drop_synfin) -#define V_tcp_do_rfc3042 VNET_INET(tcp_do_rfc3042) -#define V_tcp_do_rfc3390 VNET_INET(tcp_do_rfc3390) -#define V_tcp_do_ecn VNET_INET(tcp_do_ecn) -#define V_tcp_ecn_maxretries VNET_INET(tcp_ecn_maxretries) -#define V_tcp_insecure_rst VNET_INET(tcp_insecure_rst) -#define V_tcp_do_autorcvbuf VNET_INET(tcp_do_autorcvbuf) -#define V_tcp_autorcvbuf_inc VNET_INET(tcp_autorcvbuf_inc) -#define V_tcp_autorcvbuf_max VNET_INET(tcp_autorcvbuf_max) -#define V_tcp_reass_maxseg VNET_INET(tcp_reass_maxseg) -#define V_tcp_reass_qsize VNET_INET(tcp_reass_qsize) -#define V_tcp_reass_maxqlen VNET_INET(tcp_reass_maxqlen) -#define V_tcp_reass_overflows VNET_INET(tcp_reass_overflows) -/* pf needs to get to these (!?) */ -#define V_isn_secret VNET_INET(isn_secret) -#define V_isn_last_reseed VNET_INET(isn_last_reseed) -#define V_isn_offset VNET_INET(isn_offset) -#define V_isn_offset_old VNET_INET(isn_offset_old) -#define V_isn_ctx VNET_INET(isn_ctx) -#define V_udb VNET_INET(udb) -#define V_udbinfo VNET_INET(udbinfo) -#define V_udpstat VNET_INET(udpstat) -#define V_udp_blackhole VNET_INET(udp_blackhole) -#define V_ripcb VNET_INET(ripcb) -#define V_ripcbinfo VNET_INET(ripcbinfo) -#define V_ip_mrouter VNET_INET(ip_mrouter) -#define V_rsvp_on VNET_INET(rsvp_on) -#define V_ip_rsvp_on VNET_INET(ip_rsvp_on) -#define V_ip_rsvpd VNET_INET(ip_rsvpd) -#define V_icmpstat VNET_INET(icmpstat) -#define V_ipstat VNET_INET(ipstat) -#define V_igmpstat VNET_INET(igmpstat) -#define V_router_info_head VNET_INET(router_info_head) -#define V_rtq_timeout VNET_INET(rtq_timeout) -#define V_rtq_reallyold VNET_INET(rtq_reallyold) -#define V_rtq_minreallyold VNET_INET(rtq_minreallyold) -#define V_rtq_toomany VNET_INET(rtq_toomany) -#define V_rtq_timer VNET_INET(rtq_timer) -#define V_ipport_lowfirstauto VNET_INET(ipport_lowfirstauto) -#define V_ipport_lowlastauto VNET_INET(ipport_lowlastauto) >>> TRUNCATED FOR MAIL (1000 lines) <<<
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200809251155.m8PBtNrn052210>