Date: Wed, 21 Mar 2007 19:14:53 GMT From: John Baldwin <jhb@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 116274 for review Message-ID: <200703211914.l2LJErCw090214@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=116274 Change 116274 by jhb@jhb_mutex on 2007/03/21 19:14:12 IFC @116273 Affected files ... .. //depot/projects/smpng/sys/dev/iwi/if_iwi.c#27 integrate .. //depot/projects/smpng/sys/netinet/tcp_input.c#99 integrate .. //depot/projects/smpng/sys/netinet/tcp_output.c#45 integrate Differences ... ==== //depot/projects/smpng/sys/dev/iwi/if_iwi.c#27 (text+ko) ==== @@ -27,7 +27,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/dev/iwi/if_iwi.c,v 1.51 2007/03/11 22:39:13 sam Exp $"); +__FBSDID("$FreeBSD: src/sys/dev/iwi/if_iwi.c,v 1.52 2007/03/21 18:40:31 jhb Exp $"); /*- * Intel(R) PRO/Wireless 2200BG/2225BG/2915ABG driver @@ -3093,7 +3093,7 @@ static int iwi_init_fw_dma(struct iwi_softc *sc, int size) { - if (sc->fw_dma_size > size) + if (sc->fw_dma_size >= size) return 0; if (bus_dma_tag_create(bus_get_dma_tag(sc->sc_dev), 4, 0, BUS_SPACE_MAXADDR_32BIT, BUS_SPACE_MAXADDR, NULL, NULL, ==== //depot/projects/smpng/sys/netinet/tcp_input.c#99 (text+ko) ==== @@ -27,10 +27,10 @@ * SUCH DAMAGE. * * @(#)tcp_input.c 8.12 (Berkeley) 5/24/95 - * $FreeBSD: src/sys/netinet/tcp_input.c,v 1.320 2007/03/21 18:25:28 andre Exp $ + * $FreeBSD: src/sys/netinet/tcp_input.c,v 1.324 2007/03/21 18:56:03 andre Exp $ */ -#include "opt_ipfw.h" /* for ipfw_fwd */ +#include "opt_ipfw.h" /* for ipfw_fwd */ #include "opt_inet.h" #include "opt_inet6.h" #include "opt_ipsec.h" @@ -106,11 +106,11 @@ static int tcp_log_in_vain = 0; SYSCTL_INT(_net_inet_tcp, OID_AUTO, log_in_vain, CTLFLAG_RW, - &tcp_log_in_vain, 0, "Log all incoming TCP connections"); + &tcp_log_in_vain, 0, "Log all incoming TCP segments to closed ports"); static int blackhole = 0; SYSCTL_INT(_net_inet_tcp, OID_AUTO, blackhole, CTLFLAG_RW, - &blackhole, 0, "Do not send RST when dropping refused connections"); + &blackhole, 0, "Do not send RST on segments to closed ports"); int tcp_delack_enabled = 1; SYSCTL_INT(_net_inet_tcp, OID_AUTO, delayed_ack, CTLFLAG_RW, @@ -617,14 +617,7 @@ th->th_urp = ntohs(th->th_urp); /* - * Delay dropping TCP, IP headers, IPv6 ext headers, and TCP options, - * until after ip6_savecontrol() is called and before other functions - * which don't want those proto headers. - * Because ip6_savecontrol() is going to parse the mbuf to - * search for data to be passed up to user-land, it wants mbuf - * parameters to be unchanged. - * XXX: the call of ip6_savecontrol() has been obsoleted based on - * latest version of the advanced API (20020110). + * Delay dropping TCP, IP headers, IPv6 ext headers, and TCP options. */ drop_hdrlen = off0 + off; @@ -664,8 +657,9 @@ } /* Remove the tag from the packet. We don't need it anymore. */ m_tag_delete(m, fwd_tag); - } else { + } else #endif /* IPFIREWALL_FORWARD */ + { if (isipv6) { #ifdef INET6 inp = in6_pcblookup_hash(&tcbinfo, @@ -680,9 +674,7 @@ ip->ip_dst, th->th_dport, INPLOOKUP_WILDCARD, m->m_pkthdr.rcvif); -#ifdef IPFIREWALL_FORWARD } -#endif /* IPFIREWALL_FORWARD */ #if defined(IPSEC) || defined(FAST_IPSEC) #ifdef INET6 @@ -704,62 +696,49 @@ #endif /*IPSEC || FAST_IPSEC*/ /* - * If the state is CLOSED (i.e., TCB does not exist) then - * all data in the incoming segment is discarded. - * If the TCB exists but is in CLOSED state, it is embryonic, - * but should either do a listen or a connect soon. + * If the INPCB does not exist then all data in the incoming + * segment is discarded and an appropriate RST is sent back. */ if (inp == NULL) { - if (tcp_log_in_vain) { -#ifdef INET6 + /* + * Log communication attempts to ports that are not + * in use. + */ + if ((tcp_log_in_vain == 1 && (thflags & TH_SYN)) || + tcp_log_in_vain == 2) { +#ifndef INET6 + char dbuf[4*sizeof "123"], sbuf[4*sizeof "123"]; +#else char dbuf[INET6_ADDRSTRLEN+2], sbuf[INET6_ADDRSTRLEN+2]; -#else - char dbuf[4*sizeof "123"], sbuf[4*sizeof "123"]; -#endif - if (isipv6) { -#ifdef INET6 strcpy(dbuf, "["); - strcpy(sbuf, "["); strcat(dbuf, ip6_sprintf(ip6buf, &ip6->ip6_dst)); + strcat(dbuf, "]"); + strcpy(sbuf, "["); strcat(sbuf, ip6_sprintf(ip6buf, &ip6->ip6_src)); - strcat(dbuf, "]"); strcat(sbuf, "]"); -#endif - } else { + } else +#endif /* INET6 */ + { strcpy(dbuf, inet_ntoa(ip->ip_dst)); strcpy(sbuf, inet_ntoa(ip->ip_src)); } - switch (tcp_log_in_vain) { - case 1: - if ((thflags & TH_SYN) == 0) - break; - /* FALLTHROUGH */ - case 2: - log(LOG_INFO, - "Connection attempt to TCP %s:%d " - "from %s:%d flags:0x%02x\n", - dbuf, ntohs(th->th_dport), sbuf, - ntohs(th->th_sport), thflags); - break; - default: - break; - } + log(LOG_INFO, + "Connection attempt to TCP %s:%d " + "from %s:%d flags:0x%02x\n", + dbuf, ntohs(th->th_dport), sbuf, + ntohs(th->th_sport), thflags); } - if (blackhole) { - switch (blackhole) { - case 1: - if (thflags & TH_SYN) - goto drop; - break; - case 2: - goto drop; - default: - goto drop; - } - } + /* + * When blackholing do not respond with a RST but + * completely ignore the segment and drop it. + */ + if ((blackhole == 1 && (thflags & TH_SYN)) || + blackhole == 2) + goto drop; + rstreason = BANDLIM_RST_CLOSEDPORT; goto dropwithreset; } @@ -776,21 +755,26 @@ goto drop; } + /* + * A previous connection in TIMEWAIT state is supposed to catch + * stray or duplicate segments arriving late. If this segment + * was a legitimate new connection attempt the old INPCB gets + * removed and we can try again to find a listening socket. + */ if (inp->inp_vflag & INP_TIMEWAIT) { - /* - * The only option of relevance is TOF_CC, and only if - * present in a SYN segment. See tcp_timewait(). - */ if (thflags & TH_SYN) tcp_dooptions(&to, optp, optlen, TO_SYN); if (tcp_timewait(inp, &to, th, m, tlen)) goto findpcb; - /* - * tcp_timewait unlocks inp. - */ + /* tcp_timewait unlocks inp. */ INP_INFO_WUNLOCK(&tcbinfo); return; } + /* + * The TCPCB may no longer exist if the connection is winding + * down or it is in the CLOSED state. Either way we drop the + * segment and send an appropriate response. + */ tp = intotcpcb(inp); if (tp == 0) { INP_UNLOCK(inp); @@ -817,13 +801,16 @@ tcp_savetcp = *th; } #endif + /* + * When the socket is accepting connections (the INPCB is in LISTEN + * state) we look into the SYN cache if this is a new connection + * attempt or the completion of a previous one. + */ if (so->so_options & SO_ACCEPTCONN) { struct in_conninfo inc; bzero(&inc, sizeof(inc)); -#ifdef INET6 inc.inc_isipv6 = isipv6; -#endif if (isipv6) { inc.inc6_faddr = ip6->ip6_src; inc.inc6_laddr = ip6->ip6_dst; @@ -949,21 +936,12 @@ } #endif /* + * Basic sanity checks on incoming SYN requests: + * + * Don't bother responding if the destination was a + * broadcast according to RFC1122 4.2.3.10, p. 104. + * * If it is from this socket, drop it, it must be forged. - * Don't bother responding if the destination was a broadcast. - */ - if (th->th_dport == th->th_sport) { - if (isipv6) { - if (IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, - &ip6->ip6_src)) - goto drop; - } else { - if (ip->ip_dst.s_addr == ip->ip_src.s_addr) - goto drop; - } - } - /* - * RFC1122 4.2.3.10, p. 104: discard bcast/mcast SYN * * Note that it is quite possible to receive unicast * link-layer packets with a broadcast IP address. Use @@ -972,10 +950,18 @@ if (m->m_flags & (M_BCAST|M_MCAST)) goto drop; if (isipv6) { +#ifdef INET6 + if (th->th_dport == th->th_sport && + IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, &ip6->ip6_src)) + goto drop; if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) || IN6_IS_ADDR_MULTICAST(&ip6->ip6_src)) goto drop; +#endif } else { + if (th->th_dport == th->th_sport && + ip->ip_dst.s_addr == ip->ip_src.s_addr) + goto drop; if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr)) || IN_MULTICAST(ntohl(ip->ip_src.s_addr)) || ip->ip_src.s_addr == htonl(INADDR_BROADCAST) || @@ -983,8 +969,8 @@ goto drop; } /* - * SYN appears to be valid; create compressed TCP state - * for syncache, or perform t/tcp connection. + * SYN appears to be valid. Create compressed TCP state + * for syncache. */ if (so->so_qlen <= so->so_qlimit) { #ifdef TCPDEBUG @@ -994,47 +980,18 @@ #endif tcp_dooptions(&to, optp, optlen, TO_SYN); if (!syncache_add(&inc, &to, th, inp, &so, m)) - goto drop; /* XXX: does not happen */ - if (so == NULL) { - /* - * Entry added to syncache, mbuf used to - * send SYN,ACK packet. Everything unlocked - * already. - */ - return; - } - panic("T/TCP not supported at the moment"); -#if 0 /* T/TCP */ + goto drop; /* - * Segment passed TAO tests. - * XXX: Can't happen at the moment. + * Entry added to syncache, mbuf used to + * send SYN-ACK packet. Everything unlocked + * already. */ - INP_UNLOCK(inp); - inp = sotoinpcb(so); - INP_LOCK(inp); - tp = intotcpcb(inp); - tp->t_starttime = ticks; - tp->t_state = TCPS_ESTABLISHED; - - /* - * T/TCP logic: - * If there is a FIN or if there is data, then - * delay SYN,ACK(SYN) in the hope of piggy-backing - * it on a response segment. Otherwise must send - * ACK now in case the other side is slow starting. - */ - if (thflags & TH_FIN || tlen != 0) - tp->t_flags |= (TF_DELACK | TF_NEEDSYN); - else - tp->t_flags |= (TF_ACKNOW | TF_NEEDSYN); - tiwin = th->th_win << tp->snd_scale; - tcpstat.tcps_connects++; - soisconnected(so); - goto trimthenstep6; -#endif /* T/TCP */ + return; } + /* Catch all. Everthing that makes it down here is junk. */ goto drop; } + after_listen: KASSERT(headlocked, ("tcp_input: after_listen: head not locked")); INP_LOCK_ASSERT(inp); @@ -1481,9 +1438,6 @@ tp->t_state = TCPS_SYN_RECEIVED; } -#if 0 /* T/TCP */ -trimthenstep6: -#endif KASSERT(headlocked, ("tcp_input: trimthenstep6: head not " "locked")); INP_LOCK_ASSERT(inp); ==== //depot/projects/smpng/sys/netinet/tcp_output.c#45 (text+ko) ==== @@ -27,7 +27,7 @@ * SUCH DAMAGE. * * @(#)tcp_output.c 8.4 (Berkeley) 5/24/95 - * $FreeBSD: src/sys/netinet/tcp_output.c,v 1.128 2007/03/19 18:42:27 andre Exp $ + * $FreeBSD: src/sys/netinet/tcp_output.c,v 1.129 2007/03/21 19:04:07 andre Exp $ */ #include "opt_inet.h" @@ -717,7 +717,7 @@ if (len + optlen + ipoptlen > tp->t_maxopd) { flags &= ~TH_FIN; if (tso) { - if (len > TCP_MAXWIN - hdrlen) { + if (len > TCP_MAXWIN - hdrlen - optlen) { len = TCP_MAXWIN - hdrlen - optlen; len = len - (len % (tp->t_maxopd - optlen)); sendalot = 1;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200703211914.l2LJErCw090214>