Date: Mon, 2 Jan 2006 05:41:34 GMT From: Warner Losh <imp@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 89032 for review Message-ID: <200601020541.k025fY34036727@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=89032 Change 89032 by imp@imp_harmony on 2006/01/02 05:41:32 IFC @89031 Affected files ... .. //depot/projects/arm/src/sys/alpha/alpha/cpuconf.c#2 integrate .. //depot/projects/arm/src/sys/alpha/include/_types.h#3 integrate .. //depot/projects/arm/src/sys/amd64/amd64/identcpu.c#4 integrate .. //depot/projects/arm/src/sys/amd64/include/_types.h#5 integrate .. //depot/projects/arm/src/sys/arm/arm/identcpu.c#4 integrate .. //depot/projects/arm/src/sys/arm/include/_types.h#3 integrate .. //depot/projects/arm/src/sys/conf/NOTES#10 integrate .. //depot/projects/arm/src/sys/conf/files#11 integrate .. //depot/projects/arm/src/sys/conf/options#10 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/fil.c#4 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_auth.c#4 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_compat.h#4 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_fil.h#4 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c#2 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_frag.c#3 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_frag.h#3 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_ftp_pxy.c#3 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_htable.c#2 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_htable.h#2 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_ipsec_pxy.c#3 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_irc_pxy.c#2 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_log.c#4 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_lookup.c#2 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_lookup.h#2 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_nat.c#3 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_nat.h#3 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_netbios_pxy.c#3 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_pool.c#2 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_pool.h#2 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_pptp_pxy.c#2 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_proxy.c#3 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_proxy.h#3 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_raudio_pxy.c#3 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_rcmd_pxy.c#3 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_rpcb_pxy.c#2 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_scan.c#2 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_scan.h#2 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_state.c#3 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_state.h#3 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_sync.c#2 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ip_sync.h#2 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/ipl.h#3 integrate .. //depot/projects/arm/src/sys/contrib/ipfilter/netinet/mlfk_ipl.c#4 integrate .. //depot/projects/arm/src/sys/dev/ata/ata-chipset.c#7 integrate .. //depot/projects/arm/src/sys/dev/cardbus/cardbus.c#6 integrate .. //depot/projects/arm/src/sys/dev/cardbus/cardbus_cis.c#4 integrate .. //depot/projects/arm/src/sys/dev/cardbus/cardbus_device.c#1 branch .. //depot/projects/arm/src/sys/dev/cardbus/cardbusvar.h#3 integrate .. //depot/projects/arm/src/sys/dev/pccbb/pccbb.c#4 integrate .. //depot/projects/arm/src/sys/dev/pci/pci.c#6 integrate .. //depot/projects/arm/src/sys/dev/pci/pci_private.h#4 integrate .. //depot/projects/arm/src/sys/dev/pci/pcireg.h#4 integrate .. //depot/projects/arm/src/sys/dev/pci/pcivar.h#4 integrate .. //depot/projects/arm/src/sys/dev/sound/pcm/ac97.c#5 integrate .. //depot/projects/arm/src/sys/dev/sound/pcm/channel.c#3 integrate .. //depot/projects/arm/src/sys/dev/sound/pcm/dsp.c#4 integrate .. //depot/projects/arm/src/sys/dev/sound/usb/uaudio.c#4 integrate .. //depot/projects/arm/src/sys/dev/usb/if_cdce.c#2 integrate .. //depot/projects/arm/src/sys/dev/usb/ugraphire_rdesc.h#2 integrate .. //depot/projects/arm/src/sys/dev/usb/uhid.c#3 integrate .. //depot/projects/arm/src/sys/dev/usb/ums.c#3 integrate .. //depot/projects/arm/src/sys/dev/usb/usb.h#2 integrate .. //depot/projects/arm/src/sys/dev/usb/usb_quirks.c#5 integrate .. //depot/projects/arm/src/sys/dev/usb/usbdevs#7 integrate .. //depot/projects/arm/src/sys/dev/usb/uscanner.c#2 integrate .. //depot/projects/arm/src/sys/dev/usb/uxb360gp_rdesc.h#1 branch .. //depot/projects/arm/src/sys/gnu/fs/ext2fs/ext2_vnops.c#2 integrate .. //depot/projects/arm/src/sys/i386/i386/genassym.c#4 integrate .. //depot/projects/arm/src/sys/i386/i386/identcpu.c#6 integrate .. //depot/projects/arm/src/sys/i386/i386/swtch.s#4 integrate .. //depot/projects/arm/src/sys/i386/include/_types.h#5 integrate .. //depot/projects/arm/src/sys/i386/include/pcb.h#3 integrate .. //depot/projects/arm/src/sys/ia64/ia64/machdep.c#5 integrate .. //depot/projects/arm/src/sys/ia64/include/_types.h#3 integrate .. //depot/projects/arm/src/sys/kern/kern_malloc.c#4 integrate .. //depot/projects/arm/src/sys/kern/kern_proc.c#4 integrate .. //depot/projects/arm/src/sys/kern/kern_synch.c#4 integrate .. //depot/projects/arm/src/sys/kern/subr_kobj.c#3 integrate .. //depot/projects/arm/src/sys/kern/subr_witness.c#6 integrate .. //depot/projects/arm/src/sys/kern/vfs_bio.c#5 integrate .. //depot/projects/arm/src/sys/kern/vfs_subr.c#6 integrate .. //depot/projects/arm/src/sys/modules/cardbus/Makefile#2 integrate .. //depot/projects/arm/src/sys/net/if_bridge.c#5 integrate .. //depot/projects/arm/src/sys/net80211/ieee80211.c#5 integrate .. //depot/projects/arm/src/sys/net80211/ieee80211_var.h#5 integrate .. //depot/projects/arm/src/sys/pc98/include/_types.h#2 integrate .. //depot/projects/arm/src/sys/powerpc/conf/NOTES#2 integrate .. //depot/projects/arm/src/sys/powerpc/include/profile.h#3 integrate .. //depot/projects/arm/src/sys/powerpc/powerpc/machdep.c#5 integrate .. //depot/projects/arm/src/sys/security/mac_biba/mac_biba.c#3 integrate .. //depot/projects/arm/src/sys/sparc64/sparc64/identcpu.c#2 integrate .. //depot/projects/arm/src/sys/sparc64/sparc64/pmap.c#5 integrate .. //depot/projects/arm/src/sys/sys/copyright.h#2 integrate .. //depot/projects/arm/src/sys/sys/malloc.h#3 integrate .. //depot/projects/arm/src/sys/sys/param.h#8 integrate .. //depot/projects/arm/src/sys/sys/systm.h#7 integrate .. //depot/projects/arm/src/sys/vm/memguard.c#2 integrate .. //depot/projects/arm/src/sys/vm/memguard.h#2 integrate .. //depot/projects/arm/src/sys/vm/vm_contig.c#3 integrate .. //depot/projects/arm/src/sys/vm/vm_fault.c#5 integrate .. //depot/projects/arm/src/sys/vm/vm_object.c#4 integrate .. //depot/projects/arm/src/sys/vm/vm_page.c#5 integrate .. //depot/projects/arm/src/sys/vm/vm_page.h#3 integrate .. //depot/projects/arm/src/sys/vm/vm_pageout.c#3 integrate .. //depot/projects/arm/src/sys/vm/vm_pageq.c#3 integrate .. //depot/projects/arm/src/sys/vm/vm_zeroidle.c#3 integrate Differences ... ==== //depot/projects/arm/src/sys/alpha/alpha/cpuconf.c#2 (text+ko) ==== @@ -31,7 +31,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/alpha/alpha/cpuconf.c,v 1.18 2005/01/05 20:05:48 imp Exp $"); +__FBSDID("$FreeBSD: src/sys/alpha/alpha/cpuconf.c,v 1.19 2005/12/31 14:39:18 netchild Exp $"); #include "opt_cpu.h" @@ -171,6 +171,13 @@ }; int napi_cpuinit = (sizeof(api_cpuinit) / sizeof(api_cpuinit[0])); +void setPQL2(int *const size, int *const ways); + +void +setPQL2(int *const size, int *const ways) +{ + return; +} void platform_not_configured(int cputype) ==== //depot/projects/arm/src/sys/alpha/include/_types.h#3 (text+ko) ==== @@ -33,7 +33,7 @@ * * From: @(#)ansi.h 8.2 (Berkeley) 1/4/94 * From: @(#)types.h 8.3 (Berkeley) 1/5/94 - * $FreeBSD: src/sys/alpha/include/_types.h,v 1.6 2005/03/02 21:33:20 joerg Exp $ + * $FreeBSD: src/sys/alpha/include/_types.h,v 1.7 2006/01/01 20:59:27 imp Exp $ */ #ifndef _MACHINE__TYPES_H_ @@ -43,6 +43,8 @@ #error this file needs sys/cdefs.h as a prerequisite #endif +#define __PCI_REROUTE_INTERRUPT + /* * Basic types upon which most other types are built. */ ==== //depot/projects/arm/src/sys/amd64/amd64/identcpu.c#4 (text+ko) ==== @@ -39,7 +39,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/amd64/amd64/identcpu.c,v 1.141 2005/11/17 02:32:39 obrien Exp $"); +__FBSDID("$FreeBSD: src/sys/amd64/amd64/identcpu.c,v 1.143 2006/01/01 05:35:57 netchild Exp $"); #include "opt_cpu.h" @@ -69,6 +69,8 @@ static void print_AMD_info(void); static void print_AMD_assoc(int i); +void setPQL2(int *const size, int *const ways); +static void setPQL2_AMD(int *const size, int *const ways); int cpu_class; char machine[] = "amd64"; @@ -93,6 +95,9 @@ { "Sledgehammer", CPUCLASS_K8 }, /* CPU_SLEDGEHAMMER */ }; +extern int pq_l2size; +extern int pq_l2nways; + void printcpuinfo(void) { @@ -526,3 +531,30 @@ print_AMD_l2_assoc((regs[2] >> 12) & 0x0f); } } + +static void +setPQL2_AMD(int *const size, int *const ways) +{ + if (cpu_exthigh >= 0x80000006) { + u_int regs[4]; + + do_cpuid(0x80000006, regs); + *size = regs[2] >> 16; + *ways = (regs[2] >> 12) & 0x0f; + switch (*ways) { + case 0: /* disabled/not present */ + case 15: /* fully associative */ + default: *ways = 1; break; /* reserved configuration */ + case 4: *ways = 4; break; + case 6: *ways = 8; break; + case 8: *ways = 16; break; + } + } +} + +void +setPQL2(int *const size, int *const ways) +{ + if (strcmp(cpu_vendor, "AuthenticAMD") == 0) + setPQL2_AMD(size, ways); +} ==== //depot/projects/arm/src/sys/amd64/include/_types.h#5 (text+ko) ==== @@ -33,7 +33,7 @@ * * From: @(#)ansi.h 8.2 (Berkeley) 1/4/94 * From: @(#)types.h 8.3 (Berkeley) 1/5/94 - * $FreeBSD: src/sys/amd64/include/_types.h,v 1.9 2005/07/02 23:13:30 thompsa Exp $ + * $FreeBSD: src/sys/amd64/include/_types.h,v 1.10 2006/01/01 20:59:27 imp Exp $ */ #ifndef _MACHINE__TYPES_H_ @@ -44,6 +44,8 @@ #endif #define __NO_STRICT_ALIGNMENT +#define __HAVE_ACPI +#define __PCI_REROUTE_INTERRUPT /* * Basic types upon which most other types are built. ==== //depot/projects/arm/src/sys/arm/arm/identcpu.c#4 (text+ko) ==== @@ -42,7 +42,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/arm/arm/identcpu.c,v 1.5 2005/11/21 19:06:25 cognet Exp $"); +__FBSDID("$FreeBSD: src/sys/arm/arm/identcpu.c,v 1.6 2005/12/31 14:39:18 netchild Exp $"); #include <sys/systm.h> #include <sys/param.h> #include <sys/malloc.h> @@ -298,6 +298,15 @@ "**unknown 15**", }; +void setPQL2(int *const size, int *const ways); + +void +setPQL2(int *const size, int *const ways) +{ + return; +} + + extern int ctrl; void identify_arm_cpu(void) ==== //depot/projects/arm/src/sys/arm/include/_types.h#3 (text+ko) ==== @@ -33,7 +33,7 @@ * * From: @(#)ansi.h 8.2 (Berkeley) 1/4/94 * From: @(#)types.h 8.3 (Berkeley) 1/5/94 - * $FreeBSD: src/sys/arm/include/_types.h,v 1.6 2005/03/02 21:33:22 joerg Exp $ + * $FreeBSD: src/sys/arm/include/_types.h,v 1.7 2006/01/01 20:59:27 imp Exp $ */ #ifndef _MACHINE__TYPES_H_ @@ -43,6 +43,8 @@ #error this file needs sys/cdefs.h as a prerequisite #endif +#define __PCI_REROUTE_INTERRUPT + /* * Basic types upon which most other types are built. */ ==== //depot/projects/arm/src/sys/conf/NOTES#10 (text+ko) ==== @@ -1,4 +1,4 @@ -# $FreeBSD: src/sys/conf/NOTES,v 1.1339 2005/12/21 15:49:50 ru Exp $ +# $FreeBSD: src/sys/conf/NOTES,v 1.1341 2005/12/31 14:39:19 netchild Exp $ # # NOTES -- Lines that can be cut/pasted into kernel and hints configs. # @@ -111,14 +111,8 @@ options BLKDEV_IOSIZE=8192 # Options for the VM subsystem -# L2 cache size (in KB) can be specified in PQ_CACHESIZE -options PQ_CACHESIZE=512 # color for 512k cache # Deprecated options supported for backwards compatibility #options PQ_NOOPT # No coloring -#options PQ_LARGECACHE # color for 512k cache -#options PQ_HUGECACHE # color for 1024k cache -#options PQ_MEDIUMCACHE # color for 256k cache -#options PQ_NORMALCACHE # color for 64k cache # This allows you to actually store this configuration file into # the kernel binary itself, where it may be later read by saying: @@ -409,7 +403,7 @@ # # RESTARTABLE_PANICS allows one to continue from a panic as if it were -# a call to the debugger via the Debugger() function instead. It is only +# a call to the debugger to continue from a panic as instead. It is only # useful if a kernel debugger is present. To restart from a panic, reset # the panicstr variable to NULL and continue execution. This option is # for development use only and should NOT be used in production systems @@ -435,6 +429,9 @@ # with the 'options' line, while the hwpmc device can be either compiled # in or loaded as a loadable kernel module. # +# Additional configuration options may be required on specific architectures, +# please see hwpmc(4). + device hwpmc # Driver (also a loadable module) options HWPMC_HOOKS # Other necessary kernel hooks ==== //depot/projects/arm/src/sys/conf/files#11 (text+ko) ==== @@ -1,4 +1,4 @@ -# $FreeBSD: src/sys/conf/files,v 1.1079 2005/12/21 15:49:50 ru Exp $ +# $FreeBSD: src/sys/conf/files,v 1.1080 2005/12/29 01:43:46 imp Exp $ # # The long compile-with and dependency lines are required because of # limitations in config: backslash-newline doesn't work in strings, and @@ -489,6 +489,7 @@ dev/buslogic/bt_pci.c optional bt pci dev/cardbus/cardbus.c optional cardbus dev/cardbus/cardbus_cis.c optional cardbus +dev/cardbus/cardbus_device.c optional cardbus dev/ciss/ciss.c optional ciss dev/cm/smc90cx6.c optional cm dev/cnw/if_cnw.c optional cnw pccard ==== //depot/projects/arm/src/sys/conf/options#10 (text+ko) ==== @@ -1,4 +1,4 @@ -# $FreeBSD: src/sys/conf/options,v 1.521 2005/12/12 10:15:11 ru Exp $ +# $FreeBSD: src/sys/conf/options,v 1.522 2005/12/31 14:39:19 netchild Exp $ # # On the handling of kernel options # @@ -524,11 +524,6 @@ MALLOC_MAKE_FAILURES opt_vm.h MALLOC_PROFILE opt_vm.h PQ_NOOPT opt_vmpage.h -PQ_NORMALCACHE opt_vmpage.h -PQ_MEDIUMCACHE opt_vmpage.h -PQ_LARGECACHE opt_vmpage.h -PQ_HUGECACHE opt_vmpage.h -PQ_CACHESIZE opt_vmpage.h # The MemGuard replacement allocator used for tamper-after-free detection DEBUG_MEMGUARD opt_vm.h ==== //depot/projects/arm/src/sys/contrib/ipfilter/netinet/fil.c#4 (text+ko) ==== @@ -1,4 +1,4 @@ -/* $FreeBSD: src/sys/contrib/ipfilter/netinet/fil.c,v 1.47 2005/12/04 10:06:02 ru Exp $ */ +/* $FreeBSD: src/sys/contrib/ipfilter/netinet/fil.c,v 1.48 2005/12/30 11:32:22 guido Exp $ */ /* * Copyright (C) 1993-2003 by Darren Reed. @@ -34,7 +34,9 @@ #else # include <sys/ioctl.h> #endif -#include <sys/fcntl.h> +#if !defined(_AIX51) +# include <sys/fcntl.h> +#endif #if defined(_KERNEL) # include <sys/systm.h> # include <sys/file.h> @@ -74,6 +76,9 @@ # include <net/af.h> #endif #if !defined(_KERNEL) && defined(__FreeBSD__) +# if (__FreeBSD_version >= 504000) +# undef _RADIX_H_ +# endif # include "radix_ipf.h" #endif #include <net/route.h> @@ -88,7 +93,7 @@ # include <netinet/in_var.h> #endif #include <netinet/tcp.h> -#if !defined(__sgi) || defined(_KERNEL) +#if (!defined(__sgi) && !defined(AIX)) || defined(_KERNEL) # include <netinet/udp.h> # include <netinet/ip_icmp.h> #endif @@ -136,7 +141,7 @@ #if !defined(lint) static const char sccsid[] = "@(#)fil.c 1.36 6/5/96 (C) 1993-2000 Darren Reed"; -static const char rcsid[] = "@(#)$FreeBSD: src/sys/contrib/ipfilter/netinet/fil.c,v 1.47 2005/12/04 10:06:02 ru Exp $"; +static const char rcsid[] = "@(#)$FreeBSD: src/sys/contrib/ipfilter/netinet/fil.c,v 1.48 2005/12/30 11:32:22 guido Exp $"; /* static const char rcsid[] = "@(#)Id: fil.c,v 2.243.2.57 2005/03/28 10:47:50 darrenr Exp"; */ #endif @@ -176,6 +181,7 @@ u_short fr_ip_id = 0; int fr_chksrc = 0; /* causes a system crash if enabled */ int fr_minttl = 4; +int fr_icmpminfragmtu = 68; u_long fr_frouteok[2] = {0, 0}; u_long fr_userifqs = 0; u_long fr_badcoalesces[2] = {0, 0}; @@ -221,6 +227,7 @@ static ipfunc_t fr_findfunc __P((ipfunc_t)); static frentry_t *fr_firewall __P((fr_info_t *, u_32_t *)); static int fr_funcinit __P((frentry_t *fr)); +static INLINE void frpr_ah __P((fr_info_t *)); static INLINE void frpr_esp __P((fr_info_t *)); static INLINE void frpr_gre __P((fr_info_t *)); static INLINE void frpr_udp __P((fr_info_t *)); @@ -229,15 +236,15 @@ static INLINE void frpr_ipv4hdr __P((fr_info_t *)); static INLINE int frpr_pullup __P((fr_info_t *, int)); static INLINE void frpr_short __P((fr_info_t *, int)); -static INLINE void frpr_tcpcommon __P((fr_info_t *)); -static INLINE void frpr_udpcommon __P((fr_info_t *)); -static INLINE int fr_updateipid __P((fr_info_t *)); +static INLINE int frpr_tcpcommon __P((fr_info_t *)); +static INLINE int frpr_udpcommon __P((fr_info_t *)); +static int fr_updateipid __P((fr_info_t *)); #ifdef IPFILTER_LOOKUP static int fr_grpmapinit __P((frentry_t *fr)); static INLINE void *fr_resolvelookup __P((u_int, u_int, lookupfunc_t *)); #endif static void frsynclist __P((frentry_t *, void *)); -static ipftuneable_t *fr_findtunebyname __P((char *)); +static ipftuneable_t *fr_findtunebyname __P((const char *)); static ipftuneable_t *fr_findtunebycookie __P((void *, void **)); @@ -280,6 +287,7 @@ { IPPROTO_AH, 0x000020 }, { IPPROTO_NONE, 0x000040 }, { IPPROTO_DSTOPTS, 0x000080 }, + { IPPROTO_MOBILITY, 0x000100 }, { 0, 0 } }; #endif @@ -331,15 +339,20 @@ * adding more code to a growing switch statement. */ #ifdef USE_INET6 +static INLINE int frpr_ah6 __P((fr_info_t *)); +static INLINE void frpr_esp6 __P((fr_info_t *)); +static INLINE void frpr_gre6 __P((fr_info_t *)); static INLINE void frpr_udp6 __P((fr_info_t *)); static INLINE void frpr_tcp6 __P((fr_info_t *)); static INLINE void frpr_icmp6 __P((fr_info_t *)); -static INLINE void frpr_ipv6hdr __P((fr_info_t *)); +static INLINE int frpr_ipv6hdr __P((fr_info_t *)); static INLINE void frpr_short6 __P((fr_info_t *, int)); static INLINE int frpr_hopopts6 __P((fr_info_t *)); +static INLINE int frpr_mobility6 __P((fr_info_t *)); static INLINE int frpr_routing6 __P((fr_info_t *)); static INLINE int frpr_dstopts6 __P((fr_info_t *)); -static INLINE int frpr_fragment6 __P((fr_info_t *)); +static INLINE void frpr_fragment6 __P((fr_info_t *)); +static INLINE int frpr_ipv6exthdr __P((fr_info_t *, int, int)); /* ------------------------------------------------------------------------ */ @@ -352,37 +365,32 @@ /* for IPv6 and marks the packet with FI_SHORT if so. See function comment */ /* for frpr_short() for more details. */ /* ------------------------------------------------------------------------ */ -static INLINE void frpr_short6(fin, min) +static INLINE void frpr_short6(fin, xmin) fr_info_t *fin; -int min; +int xmin; { - fr_ip_t *fi = &fin->fin_fi; - int off; - off = fin->fin_off; - if (off == 0) { - if (fin->fin_plen < fin->fin_hlen + min) - fi->fi_flx |= FI_SHORT; - } else if (off < min) { - fi->fi_flx |= FI_SHORT; - } + if (fin->fin_dlen < xmin) + fin->fin_flx |= FI_SHORT; } /* ------------------------------------------------------------------------ */ /* Function: frpr_ipv6hdr */ -/* Returns: void */ +/* Returns: int - 0 = IPv6 packet intact, -1 = packet lost */ /* Parameters: fin(I) - pointer to packet information */ /* */ /* IPv6 Only */ /* Copy values from the IPv6 header into the fr_info_t struct and call the */ -/* per-protocol analyzer if it exists. */ +/* per-protocol analyzer if it exists. In validating the packet, a protocol*/ +/* analyzer may pullup or free the packet itself so we need to be vigiliant */ +/* of that possibility arising. */ /* ------------------------------------------------------------------------ */ -static INLINE void frpr_ipv6hdr(fin) +static INLINE int frpr_ipv6hdr(fin) fr_info_t *fin; { - int p, go = 1, i, hdrcount, coalesced; ip6_t *ip6 = (ip6_t *)fin->fin_ip; + int p, go = 1, i, hdrcount; fr_ip_t *fi = &fin->fin_fi; fin->fin_off = 0; @@ -392,7 +400,6 @@ fi->fi_secmsk = 0; fi->fi_auth = 0; - coalesced = (fin->fin_flx & FI_COALESCE) ? 1 : 0; p = ip6->ip6_nxt; fi->fi_ttl = ip6->ip6_hlim; fi->fi_src.in6 = ip6->ip6_src; @@ -419,48 +426,35 @@ break; case IPPROTO_GRE : - frpr_gre(fin); + frpr_gre6(fin); go = 0; break; case IPPROTO_HOPOPTS : - /* - * Actually, hop by hop header is only allowed right - * after IPv6 header! - */ - if (hdrcount != 0) - fin->fin_flx |= FI_BAD; + p = frpr_hopopts6(fin); + break; - if (coalesced == 0) { - coalesced = fr_coalesce(fin); - if (coalesced != 1) - return; - } - p = frpr_hopopts6(fin); + case IPPROTO_MOBILITY : + p = frpr_mobility6(fin); break; case IPPROTO_DSTOPTS : - if (coalesced == 0) { - coalesced = fr_coalesce(fin); - if (coalesced != 1) - return; - } p = frpr_dstopts6(fin); break; case IPPROTO_ROUTING : - if (coalesced == 0) { - coalesced = fr_coalesce(fin); - if (coalesced != 1) - return; - } p = frpr_routing6(fin); break; + case IPPROTO_AH : + p = frpr_ah6(fin); + break; + case IPPROTO_ESP : - frpr_esp(fin); - /*FALLTHROUGH*/ - case IPPROTO_AH : + frpr_esp6(fin); + go = 0; + break; + case IPPROTO_IPV6 : for (i = 0; ip6exthdr[i].ol_bit != 0; i++) if (ip6exthdr[i].ol_val == p) { @@ -475,12 +469,8 @@ break; case IPPROTO_FRAGMENT : - if (coalesced == 0) { - coalesced = fr_coalesce(fin); - if (coalesced != 1) - return; - } - p = frpr_fragment6(fin); + frpr_fragment6(fin); + go = 0; break; default : @@ -494,9 +484,9 @@ * extension headers (go != 0), the entire header may not have * been pulled up when the code gets to this point. This is * only done for "go != 0" because the other header handlers - * will all pullup their complete header and the other - * indicator of an incomplete header is that this eas just an - * extension header. + * will all pullup their complete header. The other indicator + * of an incomplete packet is that this was just an extension + * header. */ if ((go != 0) && (p != IPPROTO_NONE) && (frpr_pullup(fin, 0) == -1)) { @@ -505,19 +495,32 @@ } } fi->fi_p = p; + + /* + * Some of the above functions, like frpr_esp6(), can call fr_pullup + * and destroy whatever packet was here. The caller of this function + * expects us to return -1 if there is a problem with fr_pullup. + */ + if (fin->fin_m == NULL) + return -1; + + return 0; } /* ------------------------------------------------------------------------ */ -/* Function: frpr_hopopts6 */ +/* Function: frpr_ipv6exthdr */ /* Returns: int - value of the next header or IPPROTO_NONE if error */ -/* Parameters: fin(I) - pointer to packet information */ +/* Parameters: fin(I) - pointer to packet information */ +/* multiple(I) - flag indicating yes/no if multiple occurances */ +/* of this extension header are allowed. */ +/* proto(I) - protocol number for this extension header */ /* */ /* IPv6 Only */ -/* This is function checks pending hop by hop options extension header */ /* ------------------------------------------------------------------------ */ -static INLINE int frpr_hopopts6(fin) +static INLINE int frpr_ipv6exthdr(fin, multiple, proto) fr_info_t *fin; +int multiple, proto; { struct ip6_ext *hdr; u_short shift; @@ -542,8 +545,15 @@ } for (i = 0; ip6exthdr[i].ol_bit != 0; i++) - if (ip6exthdr[i].ol_val == IPPROTO_HOPOPTS) { - fin->fin_optmsk |= ip6exthdr[i].ol_bit; + if (ip6exthdr[i].ol_val == proto) { + /* + * Most IPv6 extension headers are only allowed once. + */ + if ((multiple == 0) && + ((fin->fin_optmsk & ip6exthdr[i].ol_bit) != 0)) + fin->fin_flx |= FI_BAD; + else + fin->fin_optmsk |= ip6exthdr[i].ol_bit; break; } @@ -555,6 +565,36 @@ /* ------------------------------------------------------------------------ */ +/* Function: frpr_hopopts6 */ +/* Returns: int - value of the next header or IPPROTO_NONE if error */ +/* Parameters: fin(I) - pointer to packet information */ +/* */ +/* IPv6 Only */ +/* This is function checks pending hop by hop options extension header */ +/* ------------------------------------------------------------------------ */ +static INLINE int frpr_hopopts6(fin) +fr_info_t *fin; +{ + return frpr_ipv6exthdr(fin, 0, IPPROTO_HOPOPTS); +} + + +/* ------------------------------------------------------------------------ */ +/* Function: frpr_mobility6 */ +/* Returns: int - value of the next header or IPPROTO_NONE if error */ +/* Parameters: fin(I) - pointer to packet information */ +/* */ +/* IPv6 Only */ +/* This is function checks the IPv6 mobility extension header */ +/* ------------------------------------------------------------------------ */ +static INLINE int frpr_mobility6(fin) +fr_info_t *fin; +{ + return frpr_ipv6exthdr(fin, 0, IPPROTO_MOBILITY); +} + + +/* ------------------------------------------------------------------------ */ /* Function: frpr_routing6 */ /* Returns: int - value of the next header or IPPROTO_NONE if error */ /* Parameters: fin(I) - pointer to packet information */ @@ -566,100 +606,67 @@ fr_info_t *fin; { struct ip6_ext *hdr; - u_short shift; - int i; + int shift; - fin->fin_flx |= FI_V6EXTHDR; - - /* 8 is default length of extension hdr */ - if ((fin->fin_dlen - 8) < 0) { - fin->fin_flx |= FI_SHORT; + if (frpr_ipv6exthdr(fin, 0, IPPROTO_ROUTING) == IPPROTO_NONE) return IPPROTO_NONE; - } - if (frpr_pullup(fin, 8) == -1) - return IPPROTO_NONE; hdr = fin->fin_dp; - shift = 8 + (hdr->ip6e_len << 3); /* * Nasty extension header length? */ - if ((shift > fin->fin_dlen) || (shift < sizeof(struct ip6_hdr)) || + if ((shift < sizeof(struct ip6_hdr)) || ((shift - sizeof(struct ip6_hdr)) & 15)) { fin->fin_flx |= FI_BAD; + /* + * Compensate for the changes made in frpr_ipv6exthdr() + */ + fin->fin_dlen += shift; + fin->fin_dp = (char *)fin->fin_dp - shift; return IPPROTO_NONE; } - for (i = 0; ip6exthdr[i].ol_bit != 0; i++) - if (ip6exthdr[i].ol_val == IPPROTO_ROUTING) { - fin->fin_optmsk |= ip6exthdr[i].ol_bit; - break; - } - - fin->fin_dp = (char *)fin->fin_dp + shift; - fin->fin_dlen -= shift; - return hdr->ip6e_nxt; } /* ------------------------------------------------------------------------ */ /* Function: frpr_fragment6 */ -/* Returns: int - value of the next header or IPPROTO_NONE if error */ +/* Returns: void */ /* Parameters: fin(I) - pointer to packet information */ /* */ /* IPv6 Only */ /* Examine the IPv6 fragment header and extract fragment offset information.*/ +/* */ +/* We don't know where the transport layer header (or whatever is next is), */ +/* as it could be behind destination options (amongst others). Because */ +/* there is no fragment cache, there is no knowledge about whether or not an*/ +/* upper layer header has been seen (or where it ends) and thus we are not */ +/* able to continue processing beyond this header with any confidence. */ /* ------------------------------------------------------------------------ */ -static INLINE int frpr_fragment6(fin) +static INLINE void frpr_fragment6(fin) fr_info_t *fin; { struct ip6_frag *frag; - struct ip6_ext *hdr; - int i; - fin->fin_flx |= (FI_FRAG|FI_V6EXTHDR); + fin->fin_flx |= FI_FRAG; - /* 8 is default length of extension hdr */ - if ((fin->fin_dlen - 8) < 0) { - fin->fin_flx |= FI_SHORT; - return IPPROTO_NONE; - } - - /* - * Only one frgament header is allowed per IPv6 packet but it need - * not be the first nor last (not possible in some cases.) - */ - for (i = 0; ip6exthdr[i].ol_bit != 0; i++) - if (ip6exthdr[i].ol_val == IPPROTO_FRAGMENT) - break; - - if (fin->fin_optmsk & ip6exthdr[i].ol_bit) { - fin->fin_flx |= FI_BAD; - return IPPROTO_NONE; - } - - fin->fin_optmsk |= ip6exthdr[i].ol_bit; + if (frpr_ipv6exthdr(fin, 0, IPPROTO_FRAGMENT) == IPPROTO_NONE) + return; if (frpr_pullup(fin, sizeof(*frag)) == -1) - return IPPROTO_NONE; - hdr = fin->fin_dp; + return; + frag = fin->fin_dp; /* - * Length must be zero, i.e. it has no length. + * Fragment but no fragmentation info set? Bad packet... */ - if (hdr->ip6e_len != 0) { + if (frag->ip6f_offlg == 0) { fin->fin_flx |= FI_BAD; - return IPPROTO_NONE; - } - - if ((int)(fin->fin_dlen - sizeof(*frag)) < 0) { - fin->fin_flx |= FI_SHORT; - return IPPROTO_NONE; + return; } - frag = fin->fin_dp; fin->fin_off = frag->ip6f_offlg & IP6F_OFF_MASK; fin->fin_off <<= 3; if (fin->fin_off != 0) @@ -667,8 +674,6 @@ fin->fin_dp = (char *)fin->fin_dp + sizeof(*frag); fin->fin_dlen -= sizeof(*frag); - - return frag->ip6f_nxt; } @@ -684,34 +689,7 @@ static INLINE int frpr_dstopts6(fin) fr_info_t *fin; { - struct ip6_ext *hdr; - u_short shift; - int i; - - /* 8 is default length of extension hdr */ - if ((fin->fin_dlen - 8) < 0) { - fin->fin_flx |= FI_SHORT; - return IPPROTO_NONE; - } - - if (frpr_pullup(fin, 8) == -1) - return IPPROTO_NONE; - hdr = fin->fin_dp; - - shift = 8 + (hdr->ip6e_len << 3); - if (shift > fin->fin_dlen) { /* Nasty extension header length? */ - fin->fin_flx |= FI_BAD; - return IPPROTO_NONE; - } - - for (i = 0; ip6exthdr[i].ol_bit != 0; i++) - if (ip6exthdr[i].ol_val == IPPROTO_DSTOPTS) - break; - fin->fin_optmsk |= ip6exthdr[i].ol_bit; - fin->fin_dp = (char *)fin->fin_dp + shift; - fin->fin_dlen -= shift; - - return hdr->ip6e_nxt; + return frpr_ipv6exthdr(fin, 1, IPPROTO_DSTOPTS); } @@ -761,7 +739,7 @@ } } - frpr_short(fin, minicmpsz); + frpr_short6(fin, minicmpsz); } @@ -772,16 +750,16 @@ /* */ /* IPv6 Only */ /* Analyse the packet for IPv6/UDP properties. */ +/* Is not expected to be called for fragmented packets. */ /* ------------------------------------------------------------------------ */ static INLINE void frpr_udp6(fin) fr_info_t *fin; { - fr_checkv6sum(fin); + frpr_short6(fin, sizeof(struct udphdr)); - frpr_short(fin, sizeof(struct udphdr)); - - frpr_udpcommon(fin); + if (frpr_udpcommon(fin) == 0) + fr_checkv6sum(fin); } @@ -792,16 +770,86 @@ /* */ /* IPv6 Only */ /* Analyse the packet for IPv6/TCP properties. */ +/* Is not expected to be called for fragmented packets. */ /* ------------------------------------------------------------------------ */ static INLINE void frpr_tcp6(fin) fr_info_t *fin; { - fr_checkv6sum(fin); + frpr_short6(fin, sizeof(struct tcphdr)); + + if (frpr_tcpcommon(fin) == 0) + fr_checkv6sum(fin); +} + + +/* ------------------------------------------------------------------------ */ +/* Function: frpr_esp6 */ +/* Returns: void */ +/* Parameters: fin(I) - pointer to packet information */ +/* */ +/* IPv6 Only */ +/* Analyse the packet for ESP properties. */ +/* The minimum length is taken to be the SPI (32bits) plus a tail (32bits) */ +/* even though the newer ESP packets must also have a sequence number that */ +/* is 32bits as well, it is not possible(?) to determine the version from a */ +/* simple packet header. */ +/* ------------------------------------------------------------------------ */ +static INLINE void frpr_esp6(fin) +fr_info_t *fin; +{ + + frpr_short6(fin, sizeof(grehdr_t)); + + (void) frpr_pullup(fin, 8); +} + + +/* ------------------------------------------------------------------------ */ +/* Function: frpr_ah6 */ +/* Returns: void */ +/* Parameters: fin(I) - pointer to packet information */ +/* */ +/* IPv6 Only */ +/* Analyse the packet for AH properties. */ +/* The minimum length is taken to be the combination of all fields in the */ +/* header being present and no authentication data (null algorithm used.) */ +/* ------------------------------------------------------------------------ */ +static INLINE int frpr_ah6(fin) +fr_info_t *fin; +{ + authhdr_t *ah; + + frpr_short6(fin, 12); + + if (frpr_pullup(fin, sizeof(*ah)) == -1) + return IPPROTO_NONE; + + ah = (authhdr_t *)fin->fin_dp; + return ah->ah_next; +} + + +/* ------------------------------------------------------------------------ */ +/* Function: frpr_gre6 */ +/* Returns: void */ +/* Parameters: fin(I) - pointer to packet information */ +/* */ +/* Analyse the packet for GRE properties. */ +/* ------------------------------------------------------------------------ */ +static INLINE void frpr_gre6(fin) >>> TRUNCATED FOR MAIL (1000 lines) <<<
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200601020541.k025fY34036727>