Date: Sat, 11 Feb 2006 01:23:15 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 91534 for review Message-ID: <200602110123.k1B1NF9X077242@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=91534 Change 91534 by rwatson@rwatson_zoo on 2006/02/11 01:22:44 First pass at integrating trustedbsd_mac up to current TrustedBSD base HEAD. Affected files ... .. //depot/projects/trustedbsd/mac/sys/netinet/if_ether.c#31 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/igmp.c#18 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/in.c#24 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/in.h#22 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/in_gif.c#15 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/in_pcb.c#36 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/in_proto.c#21 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/in_var.h#13 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/ip_carp.c#9 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/ip_dummynet.c#31 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/ip_dummynet.h#15 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/ip_fastfwd.c#14 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/ip_fw.h#21 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/ip_fw2.c#38 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/ip_fw_pfil.c#6 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/ip_gre.c#15 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/ip_gre.h#5 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/ip_icmp.c#34 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/ip_input.c#52 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/ip_ipsec.c#1 branch .. //depot/projects/trustedbsd/mac/sys/netinet/ip_ipsec.h#1 branch .. //depot/projects/trustedbsd/mac/sys/netinet/ip_mroute.c#32 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/ip_mroute.h#8 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/ip_options.c#1 add .. //depot/projects/trustedbsd/mac/sys/netinet/ip_options.h#1 branch .. //depot/projects/trustedbsd/mac/sys/netinet/ip_output.c#46 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/ip_var.h#28 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/libalias/libalias.3#2 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/raw_ip.c#44 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/tcp_input.c#60 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/tcp_output.c#32 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/tcp_sack.c#9 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/tcp_syncache.c#35 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/tcp_usrreq.c#31 integrate .. //depot/projects/trustedbsd/mac/sys/netinet/udp_usrreq.c#43 integrate Differences ... ==== //depot/projects/trustedbsd/mac/sys/netinet/if_ether.c#31 (text+ko) ==== @@ -27,7 +27,7 @@ * SUCH DAMAGE. * * @(#)if_ether.c 8.1 (Berkeley) 6/10/93 - * $FreeBSD: src/sys/netinet/if_ether.c,v 1.145 2005/11/08 12:05:57 glebius Exp $ + * $FreeBSD: src/sys/netinet/if_ether.c,v 1.150 2006/01/31 21:29:41 thompsa Exp $ */ /* @@ -81,9 +81,9 @@ static int arpt_keep = (20*60); /* once resolved, good for 20 more minutes */ SYSCTL_INT(_net_link_ether_inet, OID_AUTO, prune_intvl, CTLFLAG_RW, - &arpt_prune, 0, ""); + &arpt_prune, 0, "ARP table prune interval in seconds"); SYSCTL_INT(_net_link_ether_inet, OID_AUTO, max_age, CTLFLAG_RW, - &arpt_keep, 0, ""); + &arpt_keep, 0, "ARP entry lifetime in seconds"); #define rt_expire rt_rmx.rmx_expire @@ -106,11 +106,11 @@ static struct callout arp_callout; SYSCTL_INT(_net_link_ether_inet, OID_AUTO, maxtries, CTLFLAG_RW, - &arp_maxtries, 0, ""); + &arp_maxtries, 0, "ARP resolution attempts before returning error"); SYSCTL_INT(_net_link_ether_inet, OID_AUTO, useloopback, CTLFLAG_RW, - &useloopback, 0, ""); + &useloopback, 0, "Use the loopback interface for local traffic"); SYSCTL_INT(_net_link_ether_inet, OID_AUTO, proxyall, CTLFLAG_RW, - &arp_proxyall, 0, ""); + &arp_proxyall, 0, "Enable proxy ARP for all suitable requests"); static void arp_init(void); static void arp_rtrequest(int, struct rtentry *, struct rt_addrinfo *); @@ -570,6 +570,7 @@ */ static int log_arp_wrong_iface = 1; static int log_arp_movements = 1; +static int log_arp_permanent_modify = 1; SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_wrong_iface, CTLFLAG_RW, &log_arp_wrong_iface, 0, @@ -577,6 +578,9 @@ SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_movements, CTLFLAG_RW, &log_arp_movements, 0, "log arp replies from MACs different than the one in the cache"); +SYSCTL_INT(_net_link_ether_inet, OID_AUTO, log_arp_permanent_modify, CTLFLAG_RW, + &log_arp_permanent_modify, 0, + "log arp replies from MACs different than the one in the permanent arp entry"); /* * XXX: mbufs here require explicit MAC labeling on output. @@ -629,7 +633,8 @@ * XXX: This is really ugly! */ LIST_FOREACH(ia, INADDR_HASH(itaddr.s_addr), ia_hash) { - if ((bridged || (ia->ia_ifp == ifp)) && + if (((bridged && ia->ia_ifp->if_type != IFT_BRIDGE) || + (ia->ia_ifp == ifp)) && itaddr.s_addr == ia->ia_addr.sin_addr.s_addr) goto match; #ifdef DEV_CARP @@ -642,7 +647,8 @@ #endif } LIST_FOREACH(ia, INADDR_HASH(isaddr.s_addr), ia_hash) - if ((bridged || (ia->ia_ifp == ifp)) && + if (((bridged && ia->ia_ifp->if_type != IFT_BRIDGE) || + (ia->ia_ifp == ifp)) && isaddr.s_addr == ia->ia_addr.sin_addr.s_addr) goto match; /* @@ -723,12 +729,13 @@ ifp->if_addrlen, (u_char *)ar_sha(ah), ":", ifp->if_xname); } else { - log(LOG_ERR, - "arp: %*D attempts to modify permanent entry for %s on %s\n", - ifp->if_addrlen, (u_char *)ar_sha(ah), ":", - inet_ntoa(isaddr), ifp->if_xname); - RT_UNLOCK(rt); - goto reply; + RT_UNLOCK(rt); + if (log_arp_permanent_modify) + log(LOG_ERR, "arp: %*D attempts to modify " + "permanent entry for %s on %s\n", + ifp->if_addrlen, (u_char *)ar_sha(ah), ":", + inet_ntoa(isaddr), ifp->if_xname); + goto reply; } } /* ==== //depot/projects/trustedbsd/mac/sys/netinet/igmp.c#18 (text+ko) ==== @@ -31,7 +31,7 @@ * SUCH DAMAGE. * * @(#)igmp.c 8.1 (Berkeley) 7/19/93 - * $FreeBSD: src/sys/netinet/igmp.c,v 1.50 2005/11/02 13:46:31 andre Exp $ + * $FreeBSD: src/sys/netinet/igmp.c,v 1.51 2005/11/18 20:12:39 andre Exp $ */ /* @@ -65,6 +65,7 @@ #include <netinet/in_systm.h> #include <netinet/ip.h> #include <netinet/ip_var.h> +#include <netinet/ip_options.h> #include <netinet/igmp.h> #include <netinet/igmp_var.h> ==== //depot/projects/trustedbsd/mac/sys/netinet/in.c#24 (text+ko) ==== @@ -28,7 +28,7 @@ * SUCH DAMAGE. * * @(#)in.c 8.4 (Berkeley) 1/9/95 - * $FreeBSD: src/sys/netinet/in.c,v 1.92 2005/10/28 20:29:42 glebius Exp $ + * $FreeBSD: src/sys/netinet/in.c,v 1.93 2006/01/24 16:19:31 andre Exp $ */ #include "opt_carp.h" @@ -479,7 +479,8 @@ s = splnet(); TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link); TAILQ_REMOVE(&in_ifaddrhead, ia, ia_link); - LIST_REMOVE(ia, ia_hash); + if (ia->ia_addr.sin_family == AF_INET) + LIST_REMOVE(ia, ia_hash); IFAFREE(&ia->ia_ifa); splx(s); ==== //depot/projects/trustedbsd/mac/sys/netinet/in.h#22 (text+ko) ==== @@ -27,7 +27,7 @@ * SUCH DAMAGE. * * @(#)in.h 8.3 (Berkeley) 1/3/94 - * $FreeBSD: src/sys/netinet/in.h,v 1.93 2005/09/26 20:25:16 andre Exp $ + * $FreeBSD: src/sys/netinet/in.h,v 1.95 2005/12/20 09:38:03 delphij Exp $ */ #ifndef _NETINET_IN_H_ @@ -228,6 +228,7 @@ #define IPPROTO_APES 99 /* any private encr. scheme */ #define IPPROTO_GMTP 100 /* GMTP*/ #define IPPROTO_IPCOMP 108 /* payload compression (IPComp) */ +#define IPPROTO_SCTP 132 /* SCTP */ /* 101-254: Partly Unassigned */ #define IPPROTO_PIM 103 /* Protocol Independent Mcast */ #define IPPROTO_CARP 112 /* CARP */ ==== //depot/projects/trustedbsd/mac/sys/netinet/in_gif.c#15 (text+ko) ==== @@ -1,4 +1,4 @@ -/* $FreeBSD: src/sys/netinet/in_gif.c,v 1.32 2005/11/09 13:29:15 ru Exp $ */ +/* $FreeBSD: src/sys/netinet/in_gif.c,v 1.34 2006/01/30 08:39:09 glebius Exp $ */ /* $KAME: in_gif.c,v 1.54 2001/05/14 14:02:16 itojun Exp $ */ /*- @@ -100,9 +100,12 @@ struct sockaddr_in *sin_src = (struct sockaddr_in *)sc->gif_psrc; struct sockaddr_in *sin_dst = (struct sockaddr_in *)sc->gif_pdst; struct ip iphdr; /* capsule IP header, host byte ordered */ + struct etherip_header eiphdr; int proto, error; u_int8_t tos; + GIF_LOCK_ASSERT(sc); + if (sin_src == NULL || sin_dst == NULL || sin_src->sin_family != AF_INET || sin_dst->sin_family != AF_INET) { @@ -142,6 +145,20 @@ break; } #endif /* INET6 */ + case AF_LINK: + proto = IPPROTO_ETHERIP; + eiphdr.eip_ver = ETHERIP_VERSION & ETHERIP_VER_VERS_MASK; + eiphdr.eip_pad = 0; + /* prepend Ethernet-in-IP header */ + M_PREPEND(m, sizeof(struct etherip_header), M_DONTWAIT); + if (m && m->m_len < sizeof(struct etherip_header)) + m = m_pullup(m, sizeof(struct etherip_header)); + if (m == NULL) + return ENOBUFS; + bcopy(&eiphdr, mtod(m, struct etherip_header *), + sizeof(struct etherip_header)); + break; + default: #ifdef DEBUG printf("in_gif_output: warning: unknown family %d passed\n", @@ -302,6 +319,10 @@ break; } #endif /* INET6 */ + case IPPROTO_ETHERIP: + af = AF_LINK; + break; + default: ipstat.ips_nogif++; m_freem(m); ==== //depot/projects/trustedbsd/mac/sys/netinet/in_pcb.c#36 (text+ko) ==== @@ -27,7 +27,7 @@ * SUCH DAMAGE. * * @(#)in_pcb.c 8.4 (Berkeley) 5/24/95 - * $FreeBSD: src/sys/netinet/in_pcb.c,v 1.166 2005/07/19 12:24:27 rwatson Exp $ + * $FreeBSD: src/sys/netinet/in_pcb.c,v 1.168 2006/02/04 07:59:17 ume Exp $ */ #include "opt_ipsec.h" @@ -169,12 +169,9 @@ * Allocate a PCB and associate it with the socket. */ int -in_pcballoc(so, pcbinfo, type) - struct socket *so; - struct inpcbinfo *pcbinfo; - const char *type; +in_pcballoc(struct socket *so, struct inpcbinfo *pcbinfo, const char *type) { - register struct inpcb *inp; + struct inpcb *inp; int error; INP_INFO_WLOCK_ASSERT(pcbinfo); @@ -226,10 +223,7 @@ } int -in_pcbbind(inp, nam, cred) - register struct inpcb *inp; - struct sockaddr *nam; - struct ucred *cred; +in_pcbbind(struct inpcb *inp, struct sockaddr *nam, struct ucred *cred) { int anonport, error; @@ -264,12 +258,8 @@ * On error, the values of *laddrp and *lportp are not changed. */ int -in_pcbbind_setup(inp, nam, laddrp, lportp, cred) - struct inpcb *inp; - struct sockaddr *nam; - in_addr_t *laddrp; - u_short *lportp; - struct ucred *cred; +in_pcbbind_setup(struct inpcb *inp, struct sockaddr *nam, in_addr_t *laddrp, + u_short *lportp, struct ucred *cred) { struct socket *so = inp->inp_socket; unsigned short *lastport; @@ -486,10 +476,7 @@ * then pick one. */ int -in_pcbconnect(inp, nam, cred) - register struct inpcb *inp; - struct sockaddr *nam; - struct ucred *cred; +in_pcbconnect(struct inpcb *inp, struct sockaddr *nam, struct ucred *cred) { u_short lport, fport; in_addr_t laddr, faddr; @@ -548,15 +535,9 @@ * is set to NULL. */ int -in_pcbconnect_setup(inp, nam, laddrp, lportp, faddrp, fportp, oinpp, cred) - register struct inpcb *inp; - struct sockaddr *nam; - in_addr_t *laddrp; - u_short *lportp; - in_addr_t *faddrp; - u_short *fportp; - struct inpcb **oinpp; - struct ucred *cred; +in_pcbconnect_setup(struct inpcb *inp, struct sockaddr *nam, + in_addr_t *laddrp, u_short *lportp, in_addr_t *faddrp, u_short *fportp, + struct inpcb **oinpp, struct ucred *cred) { struct sockaddr_in *sin = (struct sockaddr_in *)nam; struct in_ifaddr *ia; @@ -689,8 +670,7 @@ } void -in_pcbdisconnect(inp) - struct inpcb *inp; +in_pcbdisconnect(struct inpcb *inp) { INP_INFO_WLOCK_ASSERT(inp->inp_pcbinfo); @@ -707,8 +687,7 @@ } void -in_pcbdetach(inp) - struct inpcb *inp; +in_pcbdetach(struct inpcb *inp) { struct socket *so = inp->inp_socket; struct inpcbinfo *ipi = inp->inp_pcbinfo; @@ -739,9 +718,7 @@ } struct sockaddr * -in_sockaddr(port, addr_p) - in_port_t port; - struct in_addr *addr_p; +in_sockaddr(in_port_t port, struct in_addr *addr_p) { struct sockaddr_in *sin; @@ -764,12 +741,10 @@ * because there actually /is/ a programming error somewhere... XXX) */ int -in_setsockaddr(so, nam, pcbinfo) - struct socket *so; - struct sockaddr **nam; - struct inpcbinfo *pcbinfo; +in_setsockaddr(struct socket *so, struct sockaddr **nam, + struct inpcbinfo *pcbinfo) { - register struct inpcb *inp; + struct inpcb *inp; struct in_addr addr; in_port_t port; @@ -793,12 +768,10 @@ * The wrapper function will pass down the pcbinfo for this function to lock. */ int -in_setpeeraddr(so, nam, pcbinfo) - struct socket *so; - struct sockaddr **nam; - struct inpcbinfo *pcbinfo; +in_setpeeraddr(struct socket *so, struct sockaddr **nam, + struct inpcbinfo *pcbinfo) { - register struct inpcb *inp; + struct inpcb *inp; struct in_addr addr; in_port_t port; @@ -819,11 +792,8 @@ } void -in_pcbnotifyall(pcbinfo, faddr, errno, notify) - struct inpcbinfo *pcbinfo; - struct in_addr faddr; - int errno; - struct inpcb *(*notify)(struct inpcb *, int); +in_pcbnotifyall(struct inpcbinfo *pcbinfo, struct in_addr faddr, int errno, + struct inpcb *(*notify)(struct inpcb *, int)) { struct inpcb *inp, *ninp; struct inpcbhead *head; @@ -851,9 +821,7 @@ } void -in_pcbpurgeif0(pcbinfo, ifp) - struct inpcbinfo *pcbinfo; - struct ifnet *ifp; +in_pcbpurgeif0(struct inpcbinfo *pcbinfo, struct ifnet *ifp) { struct inpcb *inp; struct ip_moptions *imo; @@ -895,15 +863,18 @@ /* * Lookup a PCB based on the local address and port. */ +#define INP_LOOKUP_MAPPED_PCB_COST 3 struct inpcb * -in_pcblookup_local(pcbinfo, laddr, lport_arg, wild_okay) - struct inpcbinfo *pcbinfo; - struct in_addr laddr; - u_int lport_arg; - int wild_okay; +in_pcblookup_local(struct inpcbinfo *pcbinfo, struct in_addr laddr, + u_int lport_arg, int wild_okay) { - register struct inpcb *inp; - int matchwild = 3, wildcard; + struct inpcb *inp; +#ifdef INET6 + int matchwild = 3 + INP_LOOKUP_MAPPED_PCB_COST; +#else + int matchwild = 3; +#endif + int wildcard; u_short lport = lport_arg; INP_INFO_WLOCK_ASSERT(pcbinfo); @@ -960,6 +931,21 @@ #ifdef INET6 if ((inp->inp_vflag & INP_IPV4) == 0) continue; + /* + * We never select the PCB that has + * INP_IPV6 flag and is bound to :: if + * we have another PCB which is bound + * to 0.0.0.0. If a PCB has the + * INP_IPV6 flag, then we set its cost + * higher than IPv4 only PCBs. + * + * Note that the case only happens + * when a socket is bound to ::, under + * the condition that the use of the + * mapped address is allowed. + */ + if ((inp->inp_vflag & INP_IPV6) != 0) + wildcard += INP_LOOKUP_MAPPED_PCB_COST; #endif /* * Clean out old time_wait sockets if they @@ -996,21 +982,18 @@ return (match); } } +#undef INP_LOOKUP_MAPPED_PCB_COST /* * Lookup PCB in hash list. */ struct inpcb * -in_pcblookup_hash(pcbinfo, faddr, fport_arg, laddr, lport_arg, wildcard, - ifp) - struct inpcbinfo *pcbinfo; - struct in_addr faddr, laddr; - u_int fport_arg, lport_arg; - int wildcard; - struct ifnet *ifp; +in_pcblookup_hash(struct inpcbinfo *pcbinfo, struct in_addr faddr, + u_int fport_arg, struct in_addr laddr, u_int lport_arg, int wildcard, + struct ifnet *ifp) { struct inpcbhead *head; - register struct inpcb *inp; + struct inpcb *inp; u_short fport = fport_arg, lport = lport_arg; INP_INFO_RLOCK_ASSERT(pcbinfo); @@ -1080,8 +1063,7 @@ * Insert PCB onto various hash lists. */ int -in_pcbinshash(inp) - struct inpcb *inp; +in_pcbinshash(struct inpcb *inp) { struct inpcbhead *pcbhash; struct inpcbporthead *pcbporthash; @@ -1135,8 +1117,7 @@ * not change after in_pcbinshash() has been called. */ void -in_pcbrehash(inp) - struct inpcb *inp; +in_pcbrehash(struct inpcb *inp) { struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; struct inpcbhead *head; @@ -1162,8 +1143,7 @@ * Remove PCB from various lists. */ void -in_pcbremlists(inp) - struct inpcb *inp; +in_pcbremlists(struct inpcb *inp) { struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; @@ -1190,8 +1170,7 @@ * label change into the in_pcb for the socket. */ void -in_pcbsosetlabel(so) - struct socket *so; +in_pcbsosetlabel(struct socket *so) { #ifdef MAC struct inpcb *inp; @@ -1215,8 +1194,7 @@ */ void -ipport_tick(xtp) - void *xtp; +ipport_tick(void *xtp) { if (ipport_tcpallocs > ipport_tcplastcount + ipport_randomcps) { ipport_stoprandom = ipport_randomtime; ==== //depot/projects/trustedbsd/mac/sys/netinet/in_proto.c#21 (text+ko) ==== @@ -27,7 +27,7 @@ * SUCH DAMAGE. * * @(#)in_proto.c 8.2 (Berkeley) 2/9/95 - * $FreeBSD: src/sys/netinet/in_proto.c,v 1.80 2005/11/09 13:29:15 ru Exp $ + * $FreeBSD: src/sys/netinet/in_proto.c,v 1.81 2005/12/21 21:29:45 thompsa Exp $ */ #include "opt_ipx.h" @@ -260,6 +260,16 @@ { .pr_type = SOCK_RAW, .pr_domain = &inetdomain, + .pr_protocol = IPPROTO_ETHERIP, + .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, + .pr_input = encap4_input, + .pr_ctloutput = rip_ctloutput, + .pr_init = encap_init, + .pr_usrreqs = &rip_usrreqs +}, +{ + .pr_type = SOCK_RAW, + .pr_domain = &inetdomain, .pr_protocol = IPPROTO_GRE, .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = encap4_input, ==== //depot/projects/trustedbsd/mac/sys/netinet/in_var.h#13 (text+ko) ==== @@ -27,7 +27,7 @@ * SUCH DAMAGE. * * @(#)in_var.h 8.2 (Berkeley) 1/9/95 - * $FreeBSD: src/sys/netinet/in_var.h,v 1.55 2005/08/03 19:29:46 rwatson Exp $ + * $FreeBSD: src/sys/netinet/in_var.h,v 1.56 2006/01/18 14:24:39 andre Exp $ */ #ifndef _NETINET_IN_VAR_H_ @@ -242,7 +242,7 @@ void ip_input(struct mbuf *); int in_ifadown(struct ifaddr *ifa, int); void in_ifscrub(struct ifnet *, struct in_ifaddr *); -int ip_fastforward(struct mbuf *); +struct mbuf *ip_fastforward(struct mbuf *); #endif /* _KERNEL */ ==== //depot/projects/trustedbsd/mac/sys/netinet/ip_carp.c#9 (text+ko) ==== @@ -1,4 +1,4 @@ -/* $FreeBSD: src/sys/netinet/ip_carp.c,v 1.35 2005/11/08 20:08:34 thompsa Exp $ */ +/* $FreeBSD: src/sys/netinet/ip_carp.c,v 1.38 2005/11/17 12:56:40 glebius Exp $ */ /* * Copyright (c) 2002 Michael Shalayeff. All rights reserved. @@ -59,6 +59,7 @@ #include <net/iso88025.h> #include <net/if.h> #include <net/if_clone.h> +#include <net/if_dl.h> #include <net/if_types.h> #include <net/route.h> @@ -78,7 +79,6 @@ #include <netinet6/ip6_var.h> #include <netinet6/scope6_var.h> #include <netinet6/nd6.h> -#include <net/if_dl.h> #endif #include <crypto/sha1.h> @@ -1049,8 +1049,8 @@ if (ifa->ifa_addr->sa_family != AF_INET) continue; -/* arprequest(sc->sc_carpdev, &in, &in, IFP2ENADDR(sc->sc_ifp)); */ - arp_ifinit2(sc->sc_carpdev, ifa, IFP2ENADDR(sc->sc_ifp)); +/* arprequest(sc->sc_carpdev, &in, &in, IF_LLADDR(sc->sc_ifp)); */ + arp_ifinit2(sc->sc_carpdev, ifa, IF_LLADDR(sc->sc_ifp)); DELAY(1000); /* XXX */ } @@ -1145,7 +1145,7 @@ if (count == index) { if (vh->sc_state == MASTER) { - *enaddr = IFP2ENADDR(vh->sc_ifp); + *enaddr = IF_LLADDR(vh->sc_ifp); CARP_UNLOCK(cif); return (1); } else { @@ -1162,8 +1162,9 @@ TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) { if ((SC2IFP(vh)->if_flags & IFF_UP) && (SC2IFP(vh)->if_drv_flags & IFF_DRV_RUNNING) && - ia->ia_ifp == SC2IFP(vh)) { - *enaddr = IFP2ENADDR(vh->sc_ifp); + ia->ia_ifp == SC2IFP(vh) && + vh->sc_state == MASTER) { + *enaddr = IF_LLADDR(vh->sc_ifp); CARP_UNLOCK(cif); return (1); } @@ -1187,7 +1188,8 @@ if (IN6_ARE_ADDR_EQUAL(taddr, &ifatoia6(ifa)->ia_addr.sin6_addr) && (SC2IFP(vh)->if_flags & IFF_UP) && - (SC2IFP(vh)->if_drv_flags & IFF_DRV_RUNNING)) { + (SC2IFP(vh)->if_drv_flags & IFF_DRV_RUNNING) && + vh->sc_state == MASTER) { CARP_UNLOCK(cif); return (ifa); } @@ -1219,14 +1221,14 @@ if (mtag == NULL) { /* better a bit than nothing */ CARP_UNLOCK(cif); - return (IFP2ENADDR(sc->sc_ifp)); + return (IF_LLADDR(sc->sc_ifp)); } bcopy(&ifp, (caddr_t)(mtag + 1), sizeof(struct ifnet *)); m_tag_prepend(m, mtag); CARP_UNLOCK(cif); - return (IFP2ENADDR(sc->sc_ifp)); + return (IF_LLADDR(sc->sc_ifp)); } } } @@ -1251,7 +1253,7 @@ if ((SC2IFP(vh)->if_flags & IFF_UP) && (SC2IFP(vh)->if_drv_flags & IFF_DRV_RUNNING) && vh->sc_state == MASTER && - !bcmp(dhost, IFP2ENADDR(vh->sc_ifp), ETHER_ADDR_LEN)) { + !bcmp(dhost, IF_LLADDR(vh->sc_ifp), ETHER_ADDR_LEN)) { CARP_UNLOCK(cif); return (SC2IFP(vh)); } @@ -1863,12 +1865,12 @@ return EEXIST; } sc->sc_vhid = carpr.carpr_vhid; - IFP2ENADDR(sc->sc_ifp)[0] = 0; - IFP2ENADDR(sc->sc_ifp)[1] = 0; - IFP2ENADDR(sc->sc_ifp)[2] = 0x5e; - IFP2ENADDR(sc->sc_ifp)[3] = 0; - IFP2ENADDR(sc->sc_ifp)[4] = 1; - IFP2ENADDR(sc->sc_ifp)[5] = sc->sc_vhid; + IF_LLADDR(sc->sc_ifp)[0] = 0; + IF_LLADDR(sc->sc_ifp)[1] = 0; + IF_LLADDR(sc->sc_ifp)[2] = 0x5e; + IF_LLADDR(sc->sc_ifp)[3] = 0; + IF_LLADDR(sc->sc_ifp)[4] = 1; + IF_LLADDR(sc->sc_ifp)[5] = sc->sc_vhid; error--; } if (carpr.carpr_advbase > 0 || carpr.carpr_advskew > 0) { ==== //depot/projects/trustedbsd/mac/sys/netinet/ip_dummynet.c#31 (text+ko) ==== @@ -24,7 +24,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $FreeBSD: src/sys/netinet/ip_dummynet.c,v 1.95 2005/09/27 18:10:42 mlaier Exp $ + * $FreeBSD: src/sys/netinet/ip_dummynet.c,v 1.98 2006/02/03 11:38:19 glebius Exp $ */ #define DUMMYNET_DEBUG @@ -115,15 +115,20 @@ static struct dn_heap ready_heap, extract_heap, wfq_ready_heap ; -static int heap_init(struct dn_heap *h, int size) ; -static int heap_insert (struct dn_heap *h, dn_key key1, void *p); -static void heap_extract(struct dn_heap *h, void *obj); +static int heap_init(struct dn_heap *h, int size); +static int heap_insert (struct dn_heap *h, dn_key key1, void *p); +static void heap_extract(struct dn_heap *h, void *obj); +static void transmit_event(struct dn_pipe *pipe, struct mbuf **head, + struct mbuf **tail); +static void ready_event(struct dn_flow_queue *q, struct mbuf **head, + struct mbuf **tail); +static void ready_event_wfq(struct dn_pipe *p, struct mbuf **head, + struct mbuf **tail); -static void transmit_event(struct dn_pipe *pipe); -static void ready_event(struct dn_flow_queue *q); - -static struct dn_pipe *all_pipes = NULL ; /* list of all pipes */ -static struct dn_flow_set *all_flow_sets = NULL ;/* list of all flow_sets */ +#define HASHSIZE 16 +#define HASH(num) ((((num) >> 8) ^ ((num) >> 4) ^ (num)) & 0x0f) +static struct dn_pipe_head pipehash[HASHSIZE]; /* all pipes */ +static struct dn_flow_set_head flowsethash[HASHSIZE]; /* all flowsets */ static struct callout dn_timeout; @@ -189,12 +194,11 @@ static void dummynet(void *); static void dummynet_flush(void); +static void dummynet_send(struct mbuf *); void dummynet_drain(void); static ip_dn_io_t dummynet_io; static void dn_rule_delete(void *); -int if_tx_rdy(struct ifnet *ifp); - /* * Heap management functions. * @@ -436,89 +440,37 @@ * invocations of the procedures. */ static void -transmit_event(struct dn_pipe *pipe) +transmit_event(struct dn_pipe *pipe, struct mbuf **head, struct mbuf **tail) { - struct mbuf *m ; - struct dn_pkt_tag *pkt ; - struct ip *ip; + struct mbuf *m; + struct dn_pkt_tag *pkt; - DUMMYNET_LOCK_ASSERT(); + DUMMYNET_LOCK_ASSERT(); - while ( (m = pipe->head) ) { - pkt = dn_tag_get(m); - if ( !DN_KEY_LEQ(pkt->output_time, curr_time) ) - break; - /* - * first unlink, then call procedures, since ip_input() can invoke - * ip_output() and viceversa, thus causing nested calls - */ - pipe->head = m->m_nextpkt ; - m->m_nextpkt = NULL; + while ((m = pipe->head) != NULL) { + pkt = dn_tag_get(m); + if (!DN_KEY_LEQ(pkt->output_time, curr_time)) + break; - /* XXX: drop the lock for now to avoid LOR's */ - DUMMYNET_UNLOCK(); - switch (pkt->dn_dir) { - case DN_TO_IP_OUT: - (void)ip_output(m, NULL, NULL, pkt->flags, NULL, NULL); - break ; + pipe->head = m->m_nextpkt; + if (*tail != NULL) + (*tail)->m_nextpkt = m; + else + *head = m; + *tail = m; + } + if (*tail != NULL) + (*tail)->m_nextpkt = NULL; - case DN_TO_IP_IN : - ip = mtod(m, struct ip *); - ip->ip_len = htons(ip->ip_len); - ip->ip_off = htons(ip->ip_off); - ip_input(m) ; - break ; - -#ifdef INET6 - case DN_TO_IP6_IN: - ip6_input(m) ; - break ; - - case DN_TO_IP6_OUT: - (void)ip6_output(m, NULL, NULL, pkt->flags, NULL, NULL, NULL); - break ; -#endif - - case DN_TO_IFB_FWD: - if (bridge_dn_p != NULL) - ((*bridge_dn_p)(m, pkt->ifp)); - else - printf("dummynet: if_bridge not loaded\n"); - - break; - - case DN_TO_ETH_DEMUX: - /* - * The Ethernet code assumes the Ethernet header is - * contiguous in the first mbuf header. Insure this is true. - */ - if (m->m_len < ETHER_HDR_LEN && - (m = m_pullup(m, ETHER_HDR_LEN)) == NULL) { - printf("dummynet/ether: pullup fail, dropping pkt\n"); - break; - } - ether_demux(m->m_pkthdr.rcvif, m); /* which consumes the mbuf */ - break ; - - case DN_TO_ETH_OUT: - ether_output_frame(pkt->ifp, m); - break; - - default: - printf("dummynet: bad switch %d!\n", pkt->dn_dir); - m_freem(m); - break ; + /* If there are leftover packets, put into the heap for next event. */ + if ((m = pipe->head) != NULL) { + pkt = dn_tag_get(m); + /* + * XXX: Should check errors on heap_insert, by draining the + * whole pipe p and hoping in the future we are more successful. + */ + heap_insert(&extract_heap, pkt->output_time, pipe); } - DUMMYNET_LOCK(); - } - /* if there are leftover packets, put into the heap for next event */ - if ( (m = pipe->head) ) { - pkt = dn_tag_get(m) ; - /* XXX should check errors on heap_insert, by draining the - * whole pipe p and hoping in the future we are more successful - */ - heap_insert(&extract_heap, pkt->output_time, pipe ) ; - } } /* @@ -562,7 +514,7 @@ * if there are leftover packets reinsert the pkt in the scheduler. */ static void -ready_event(struct dn_flow_queue *q) +ready_event(struct dn_flow_queue *q, struct mbuf **head, struct mbuf **tail) { struct mbuf *pkt; struct dn_pipe *p = q->fs->pipe ; @@ -612,11 +564,11 @@ q->numbytes = 0; } /* - * If the delay line was empty call transmit_event(p) now. + * If the delay line was empty call transmit_event() now. * Otherwise, the scheduler will take care of it. */ if (p_was_empty) - transmit_event(p); + transmit_event(p, head, tail); } /* @@ -628,7 +580,7 @@ * there is an additional delay. */ static void -ready_event_wfq(struct dn_pipe *p) +ready_event_wfq(struct dn_pipe *p, struct mbuf **head, struct mbuf **tail) { int p_was_empty = (p->head == NULL) ; struct dn_heap *sch = &(p->scheduler_heap); @@ -736,11 +688,11 @@ */ } /* - * If the delay line was empty call transmit_event(p) now. + * If the delay line was empty call transmit_event() now. * Otherwise, the scheduler will take care of it. */ if (p_was_empty) - transmit_event(p); + transmit_event(p, head, tail); } /* @@ -750,11 +702,12 @@ static void dummynet(void * __unused unused) { - void *p ; /* generic parameter to handler */ - struct dn_heap *h ; + struct mbuf *head = NULL, *tail = NULL; + struct dn_pipe *pipe; struct dn_heap *heaps[3]; + struct dn_heap *h; + void *p; /* generic parameter to handler */ int i; - struct dn_pipe *pe ; heaps[0] = &ready_heap ; /* fixed-rate queues */ heaps[1] = &wfq_ready_heap ; /* wfq queues */ @@ -771,63 +724,98 @@ p = h->p[0].object ; /* store a copy before heap_extract */ heap_extract(h, NULL); /* need to extract before processing */ if (i == 0) - ready_event(p) ; + ready_event(p, &head, &tail); else if (i == 1) { struct dn_pipe *pipe = p; if (pipe->if_name[0] != '\0') printf("dummynet: bad ready_event_wfq for pipe %s\n", pipe->if_name); else - ready_event_wfq(p) ; + ready_event_wfq(p, &head, &tail); } else - transmit_event(p); + transmit_event(p, &head, &tail); } } - /* sweep pipes trying to expire idle flow_queues */ - for (pe = all_pipes; pe ; pe = pe->next ) - if (pe->idle_heap.elements > 0 && - DN_KEY_LT(pe->idle_heap.p[0].key, pe->V) ) { - struct dn_flow_queue *q = pe->idle_heap.p[0].object ; + /* Sweep pipes trying to expire idle flow_queues. */ + for (i = 0; i < HASHSIZE; i++) + SLIST_FOREACH(pipe, &pipehash[i], next) + if (pipe->idle_heap.elements > 0 && + DN_KEY_LT(pipe->idle_heap.p[0].key, pipe->V) ) { + struct dn_flow_queue *q = pipe->idle_heap.p[0].object; + + heap_extract(&(pipe->idle_heap), NULL); + q->S = q->F + 1; /* Mark timestamp as invalid. */ + pipe->sum -= q->fs->weight; + } - heap_extract(&(pe->idle_heap), NULL); - q->S = q->F + 1 ; /* mark timestamp as invalid */ - pe->sum -= q->fs->weight ; - } DUMMYNET_UNLOCK(); + if (head != NULL) + dummynet_send(head); + callout_reset(&dn_timeout, 1, dummynet, NULL); } -/* - * called by an interface when tx_rdy occurs. - */ >>> TRUNCATED FOR MAIL (1000 lines) <<<
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200602110123.k1B1NF9X077242>