Date: Thu, 17 Jan 2013 22:11:27 +0100 From: Andre Oppermann <oppermann@networx.ch> To: "Stephen J. Kiernan" <stevek@juniper.net> Cc: freebsd-net@freebsd.org Subject: Re: Proposal for changes to network device drivers and network stack (RFC) Message-ID: <50F868FF.5060506@networx.ch> In-Reply-To: <f1d8693fa83965f0d4a485a2db7e603b@novexsolutions.com> References: <CC6EF6B2.1917A%anshukla@juniper.net> <f1d8693fa83965f0d4a485a2db7e603b@novexsolutions.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 17.01.2013 20:23, Stephen J. Kiernan wrote: > The network stack as a module patch has been separated out and can be found in the following location: > http://people.freebsd.org/~marcel/Juniper/netstack-v2.diff This is quite some work and a lot of changes which will a moment to review. Can you describe the concept and the terminology you're using here some more? What is a netstack module and what is its scope? How does it relate to VNET? What is an IOCGROUP? etc. All this is probably obvious to you but not yet for us. -- Andre > Details about these changes: > > 1. Network stack module support infrastructure > > kern/{kern_netstack.c,netstack_if.m,netstack.h} > > Network stack modules are declared using the NETSTACK_MODULE macro. > Netstack classes are expected to be singletons. Currently, only a single network stack is > allowed to be registered at a time. > > 2. Infrastructure to register UUID sources > > kern/kern_uuid.c > net/netuuid.c > sys/uuid.h: > > The uuid_node() function uses the node generated by first UUID source that returns with a > success code, otherwise it generates a random multicast address. > As part of these changes, selection of UUID based on MAC address has been moved to > net/netuuid.c and it is registered as a UUID source. > > 3. Infrastructure to register IOCGROUPs in order to handle group-specific socket ioctls > > kern/sys_socket.c,net/{if.c,route.c} > sys/socketvar.h > > This eliminates the explicit checks and calls for specific IOCGROUPs in soo_ioctl(). > > (Looking for comments about the naming, I'm not married to the name in any way and suggestions > for better names is welcome.) > > Currently, the interface ioctl ('i') and route ioctl ('r') calls are registered using > SO_IOCGROUP_SET. > > 4. Dynamically register the 'setfib' syscall > > kern/init_sysent.c > net/route.c > > Registration of 'setfib' is done from net/route.c::route_init() instead of having an explicit > entry in the sysent table. > > 5. Dynamically register SCTP syscalls > > kern/{init_sysent.c,uipc_syscalls.c} > compat/freebsd32/freebsd32_sysent.c > netinet/sctp_syscalls.c > sys/socketvar.h > > Dynamically register the SCTP syscalls "sctp_peeloff", "sctp_generic_sendmsg", > "sctp_generic_sendmsg_iov", and "sctp_generic_recvmsg" instead of having explicit entries in the > sysent and freebsd32_sysent tables. > > Moved implementation of said syscalls from kern/uipc_syscalls.c to a new file named > netinet/sctp_syscalls.c. > > Made getsock_cap() available outside of uipc_syscalls.c via socketvar.h (Junos network stack > needs it, so making it available.) > > 6. Changes to kern_proc.c > > kern/kern_prot.c,netinet/in_prot.c,sys/systm.h > > Moved cr_canseeinpcb() to new file netinet/in_prot.c, as it is network stack related and only > available when INET or INET6 is defined. > > Change the names for cr_seeotheruids() and cr_seeothergids() to cr_canseeotheruids() and > cr_canseeothergids(), repectively, and make them available outside of kern_prot.c. > > 7. Create a netstack module > > kern/{uipc_socket.c,vfs_default.c,vfs_export.c} > mk/bsd.own.mk > modules/netstack > net/{if_gre.c,netstack.c} > netpfil/ipfw/ip_fw2.c > netpfil/pf/pf_ioctl.c > netinet/ip_gre.c > > Add SCTP to the MK_*_SUPPORT variables that need to be set. > Add dependency on the netstack module. > Added vfs_stdcheckexp() to kern/vfs_default.c which calls the netstack vfs_stdcheckexp method. > Moved socket FIB assignment from the process to the netstack socreate method. > Moved VFS "export" handling to netstack methods and changed vfs_export() and vfs_setpublicfs() > to call the respective netstack methods. > > The netstack module includes INET, INET6, and SCTP support. > > Note: The only issue with including SCTP support, there is currently a dependency set on the > crypto module. This is because SCTP needs SHA1 and SHA2-256 support. However, this could be provided > by a number of different modules, so depending on crypto module might not be the best choice. > Any thoughts on this? > > 8. Remove SO_SETFIB processing from sosetop and move it to ctloutput functions > > kern/uipc_socket.c > net/route.[ch] > netinet/{ip_output.c,raw_ip.c} > netinet6/ip6_output.c > > Remove SO_SETFIB processing from sosetopt and move it instead to the ip_ctloutput(), > ip6_ctloutput(), and rip_ctloutput() functions. > Introduce the rtsosetfib() function to set so_fibnum, as appropriate. > The *_ctloutput functions call the RT_SOSETFIB macro in order to call rtsosetfib() only when > sockopt level is SOL_SOCKET and name is SO_SETFIB. > > 9. Define INET and INET6 in CFLAGS instead of relying on opt_inet.h and opt_inet6.h in modules > > modules/{carp,em,if_gre,ipdivert,ipfw,netstack,pf,pfsync,toecore}/Makefile > > Use CFLAGS to define INET and INET6 based on MK_INET_SUPPORT and MK_INET6_SUPPORT, > respectively, instead of relying on opt_inet.h and opt_inet6.h. > We need to do this in orer to be able to build NIC driver modules and the network stack as > modules when the base kernel does not have netstack compiled in. > > 10. Make accept filters part of the standard files > > conf/files > kern/{uipc_accf.c,uipc_socket.c} > netinet/in_proto.c > > Make accept filters part of the standard files, as they could be used by things other than INET > (and it eliminates a dependency on INET for uipc_socket.c) > Move net.inet.accf.unloadable to net.accf.unloadable > Add net.inet.accf node to in_proto.c in order to support existing accept filter sysctls. > > 11. Split IPv4 and IPv6-specific jail functions to netinet and netinet6, respectively. > > kern/kern_jail.c > netinet/in_jail.c > netinet6/in6_jail.c > sys/jail.h > > Split IPv4 and IPv6-specific functions from kern/kern_jail.c into netinet/in_jail.c and > netinet6/in6_jail.c, respectively. > > Change _prison_check_ipv[4|6]() to prison_check_ipv[4|6]_locked() and expose them via jail.h > Change qcmp_v[4|6]() to prison_qcmp_v[4|6] and expose them via jail.h > > -- > Stephen J. Kiernan > Juniper Networks, Inc. > stevek_at_juniper.net > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?50F868FF.5060506>