aboutsummaryrefslogtreecommitdiff
path: root/sys/netinet/raw_ip.c
Commit message (Collapse)AuthorAgeFilesLines
* Rename mac_check_socket_receive() to mac_check_socket_deliver() so thatRobert Watson2002-08-151-2/+2
| | | | | | | | | | | we can use the names _receive() and _send() for the receive() and send() checks. Rename related constants, policy implementations, etc. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=101934
* Add mac.h -- raw_ip.c was depending on nested inclusion of mac.h whichRobert Watson2002-08-151-0/+1
| | | | | | | | | | | is no longer present. Pointed out by: bmilekic Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=101919
* Introduce support for Mandatory Access Control and extensibleRobert Watson2002-07-311-17/+41
| | | | | | | | | | | | | | | | | | kernel access control. Instrument the raw IP socket code for packet generation and delivery: label outgoing mbufs with the label of the socket, and check the socket and mbuf labels before permitting delivery to a socket, permitting MAC policies to selectively allow delivery of raw IP mbufs to various raw IP sockets that may be open. Restructure the policy checking code to compose IPsec and MAC results in a more readable manner. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=101103
* Remember to initialize the control block head mutex.Jeffrey Hsu2002-06-111-0/+1
| | | | Notes: svn path=/head/; revision=98115
* Lock up inpcb.Jeffrey Hsu2002-06-101-2/+23
| | | | | | | Submitted by: Jennifer Yang <yangjihui@yahoo.com> Notes: svn path=/head/; revision=98102
* Back out my lats commit of locking down a socket, it conflicts with hsu's work.Seigo Tanimura2002-05-311-43/+9
| | | | | | | Requested by: hsu Notes: svn path=/head/; revision=97658
* Lock down a socket, milestone 1.Seigo Tanimura2002-05-201-9/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | o Add a mutex (sb_mtx) to struct sockbuf. This protects the data in a socket buffer. The mutex in the receive buffer also protects the data in struct socket. o Determine the lock strategy for each members in struct socket. o Lock down the following members: - so_count - so_options - so_linger - so_state o Remove *_locked() socket APIs. Make the following socket APIs touching the members above now require a locked socket: - sodisconnect() - soisconnected() - soisconnecting() - soisdisconnected() - soisdisconnecting() - sofree() - soref() - sorele() - sorwakeup() - sotryfree() - sowakeup() - sowwakeup() Reviewed by: alfred Notes: svn path=/head/; revision=96972
* Revert the change of #includes in sys/filedesc.h and sys/socketvar.h.Seigo Tanimura2002-04-301-2/+5
| | | | | | | | | | | | | Requested by: bde Since locking sigio_lock is usually followed by calling pgsigio(), move the declaration of sigio_lock and the definitions of SIGIO_*() to sys/signalvar.h. While I am here, sort include files alphabetically, where possible. Notes: svn path=/head/; revision=95759
* Change the suser() API to take advantage of td_ucred as well as do aJohn Baldwin2002-04-011-1/+1
| | | | | | | | | | | | | | | general cleanup of the API. The entire API now consists of two functions similar to the pre-KSE API. The suser() function takes a thread pointer as its only argument. The td_ucred member of this thread must be valid so the only valid thread pointers are curthread and a few kernel threads such as thread0. The suser_cred() function takes a pointer to a struct ucred as its first argument and an integer flag as its second argument. The flag is currently only used for the PRISON_ROOT flag. Discussed on: smp@ Notes: svn path=/head/; revision=93593
* Merge from TrustedBSD MAC branch:Robert Watson2002-03-221-2/+2
| | | | | | | | | | | | | | | | | Move the network code from using cr_cansee() to check whether a socket is visible to a requesting credential to using a new function, cr_canseesocket(), which accepts a subject credential and object socket. Implement cr_canseesocket() so that it does a prison check, a uid check, and add a comment where shortly a MAC hook will go. This will allow MAC policies to seperately instrument the visibility of sockets from the visibility of processes. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=92976
* Switch vm_zone.h with uma.h. Change over to uma interfaces.Jeff Roberson2002-03-201-3/+4
| | | | Notes: svn path=/head/; revision=92760
* Simple p_ucred -> td_ucred changes to start using the per-thread ucredJohn Baldwin2002-02-271-1/+1
| | | | | | | reference. Notes: svn path=/head/; revision=91406
* Restore the ability to use IP_FW_ADD with setsockopt(2) that gotRuslan Ermilov2001-11-261-0/+1
| | | | | | | | | | broken in revision 1.86. This broke natd(8)'s -punch_fw option. Reported by: Daniel Rock <D.Rock@t-online.de>, setantae <setantae@submonkey.net> Notes: svn path=/head/; revision=86910
* o Replace reference to 'struct proc' with 'struct thread' in 'structRobert Watson2001-11-081-1/+1
| | | | | | | | | | | | | | | | | | sysctl_req', which describes in-progress sysctl requests. This permits sysctl handlers to have access to the current thread, permitting work on implementing td->td_ucred, migration of suser() to using struct thread to derive the appropriate ucred, and allowing struct thread to be passed down to other code, such as network code where td is not currently available (and curproc is used). o Note: netncp and netsmb are not updated to reflect this change, as they are not currently KSE-adapted. Reviewed by: julian Obtained from: TrustedBSD Project Notes: svn path=/head/; revision=86183
* MFS: sync the ipfw/dummynet/bridge code with the one recently mergedLuigi Rizzo2001-11-041-16/+13
| | | | | | | into stable (mostly , but not only, formatting and comments changes). Notes: svn path=/head/; revision=86047
* - Combine kern.ps_showallprocs and kern.ipc.showallsockets intoRobert Watson2001-10-091-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | a single kern.security.seeotheruids_permitted, describes as: "Unprivileged processes may see subjects/objects with different real uid" NOTE: kern.ps_showallprocs exists in -STABLE, and therefore there is an API change. kern.ipc.showallsockets does not. - Check kern.security.seeotheruids_permitted in cr_cansee(). - Replace visibility calls to socheckuid() with cr_cansee() (retain the change to socheckuid() in ipfw, where it is used for rule-matching). - Remove prison_unpcb() and make use of cr_cansee() against the UNIX domain socket credential instead of comparing root vnodes for the UDS and the process. This allows multiple jails to share the same chroot() and not see each others UNIX domain sockets. - Remove unused socheckproc(). Now that cr_cansee() is used universally for socket visibility, a variety of policies are more consistently enforced, including uid-based restrictions and jail-based restrictions. This also better-supports the introduction of additional MAC models. Reviewed by: ps, billf Obtained from: TrustedBSD Project Notes: svn path=/head/; revision=84736
* Only allow users to see their own socket connections ifPaul Saab2001-10-051-1/+6
| | | | | | | | | | | | kern.ipc.showallsockets is set to 0. Submitted by: billf (with modifications by me) Inspired by: Dave McKay (aka pm aka Packet Magnet) Reviewed by: peter MFC after: 2 weeks Notes: svn path=/head/; revision=84527
* Make it so dummynet and bridge can be loaded as modules.Paul Saab2001-10-051-9/+7
| | | | | | | Submitted by: billf Notes: svn path=/head/; revision=84516
* KSE Milestone 2Julian Elischer2001-09-121-6/+6
| | | | | | | | | | | | | | | | | Note ALL MODULES MUST BE RECOMPILED make the kernel aware that there are smaller units of scheduling than the process. (but only allow one thread per process at this time). This is functionally equivalent to teh previousl -current except that there is a thread associated with each process. Sorry john! (your next MFC will be a doosie!) Reviewed by: peter@freebsd.org, dillon@freebsd.org X-MFC after: ha ha ha ha Notes: svn path=/head/; revision=83366
* Patches from Keiichi SHIMA <keiichi@iij.ad.jp>Julian Elischer2001-09-031-2/+3
| | | | | | | | | to make ip use the standard protosw structure again. Obtained from: Well, KAME I guess. Notes: svn path=/head/; revision=82884
* move ipsec security policy allocation into in_pcballoc, beforeHajimu UMEMOTO2001-07-261-7/+0
| | | | | | | | | | | making pcbs available to the outside world. otherwise, we will see inpcb without ipsec security policy attached (-> panic() in ipsec.c). Obtained from: KAME MFC after: 3 days Notes: svn path=/head/; revision=80406
* Sync with recent KAME.Hajimu UMEMOTO2001-06-111-4/+25
| | | | | | | | | | | | | | | | | | | | | This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks Notes: svn path=/head/; revision=78064
* Add ``options RANDOM_IP_ID'' which randomizes the ID field of IP packets.Kris Kennaway2001-06-011-0/+5
| | | | | | | | | | | | This closes a minor information leak which allows a remote observer to determine the rate at which the machine is generating packets, since the default behaviour is to increment a counter for each packet sent. Reviewed by: -net Obtained from: OpenBSD Notes: svn path=/head/; revision=77574
* In in_ifadown(), differentiate between whether the interface goesRuslan Ermilov2001-05-111-1/+1
| | | | | | | | | | down or interface address is deleted. Only delete static routes in the latter case. Reported by: Alexander Leidinger <Alexander@leidinger.net> Notes: svn path=/head/; revision=76469
* <sys/queue.h> makeover.Poul-Henning Kamp2001-03-161-4/+2
| | | | Notes: svn path=/head/; revision=74362
* Make it possible to use IP_TTL and IP_TOS setsockopt(2) optionsRuslan Ermilov2001-03-091-2/+3
| | | | | | | | | | | | on certain types of SOCK_RAW sockets. Also, use the ip.ttl MIB variable instead of MAXTTL constant as the default time-to-live value for outgoing IP packets all over the place, as we already do this for TCP and UDP. Reviewed by: wollman Notes: svn path=/head/; revision=74024
* Mechanical change to use <sys/queue.h> macro API instead ofPoul-Henning Kamp2001-02-041-6/+6
| | | | | | | | | | fondling implementation details. Created with: sed(1) Reviewed by: md5(1) Notes: svn path=/head/; revision=71999
* * Rename M_WAIT mbuf subsystem flag to M_TRYWAIT.Bosko Milekic2000-12-211-1/+1
| | | | | | | | | | | | | | | | | | | | | This is because calls with M_WAIT (now M_TRYWAIT) may not wait forever when nothing is available for allocation, and may end up returning NULL. Hopefully we now communicate more of the right thing to developers and make it very clear that it's necessary to check whether calls with M_(TRY)WAIT also resulted in a failed allocation. M_TRYWAIT basically means "try harder, block if necessary, but don't necessarily wait forever." The time spent blocking is tunable with the kern.ipc.mbuf_wait sysctl. M_WAIT is now deprecated but still defined for the next little while. * Fix a typo in a comment in mbuf.h * Fix some code that was actually passing the mbuf subsystem's M_WAIT to malloc(). Made it pass M_WAITOK instead. If we were ever to redefine the value of the M_WAIT flag, this could have became a big problem. Notes: svn path=/head/; revision=70254
* Move suser() and suser_xxx() prototypes and a related #define fromPoul-Henning Kamp2000-10-291-1/+0
| | | | | | | | | | | | <sys/proc.h> to <sys/systm.h>. Correctly document the #includes needed in the manpage. Add one now needed #include of <sys/systm.h>. Remove the consequent 48 unused #includes of <sys/proc.h>. Notes: svn path=/head/; revision=67893
* Allow for IP_FW_ADD to be used in getsockopt(2) incarnation asRuslan Ermilov2000-10-121-0/+1
| | | | | | | | | | well, in which case return the rule number back into userland. PR: bin/18351 Reviewed by: archie, luigi Notes: svn path=/head/; revision=67003
* Follow BSD/OS and NetBSD, keep the ip_id field in network order all the time.Ruslan Ermilov2000-09-141-1/+1
| | | | | | | Requested by: wollman Notes: svn path=/head/; revision=65837
* Fixed broken ICMP error generation, unified conversion of IP headerRuslan Ermilov2000-09-011-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fields between host and network byte order. The details: o icmp_error() now does not add IP header length. This fixes the problem when icmp_error() is called from ip_forward(). In this case the ip_len of the original IP datagram returned with ICMP error was wrong. o icmp_error() expects all three fields, ip_len, ip_id and ip_off in host byte order, so DTRT and convert these fields back to network byte order before sending a message. This fixes the problem described in PR 16240 and PR 20877 (ip_id field was returned in host byte order). o ip_ttl decrement operation in ip_forward() was moved down to make sure that it does not corrupt the copy of original IP datagram passed later to icmp_error(). o A copy of original IP datagram in ip_forward() was made a read-write, independent copy. This fixes the problem I first reported to Garrett Wollman and Bill Fenner and later put in audit trail of PR 16240: ip_output() (not always) converts fields of original datagram to network byte order, but because copy (mcopy) and its original (m) most likely share the same mbuf cluster, ip_output()'s manipulations on original also corrupted the copy. o ip_output() now expects all three fields, ip_len, ip_off and (what is significant) ip_id in host byte order. It was a headache for years that ip_id was handled differently. The only compatibility issue here is the raw IP socket interface with IP_HDRINCL socket option set and a non-zero ip_id field, but ip.4 manual page was unclear on whether in this case ip_id field should be in host or network byte order. Notes: svn path=/head/; revision=65327
* sync with kame tree as of july00. tons of bug fixes/improvements.Jun-ichiro itojun Hagino2000-07-041-3/+2
| | | | | | | | | | API changes: - additional IPv6 ioctls - IPsec PF_KEY API was changed, it is mandatory to upgrade setkey(8). (also syntax change) Notes: svn path=/head/; revision=62587
* Previous commit changing SYSCTL_HANDLER_ARGS violated KNF.Poul-Henning Kamp2000-07-041-1/+1
| | | | | | | Pointed out by: bde Notes: svn path=/head/; revision=62573
* Style police catches up with rev 1.26 of src/sys/sys/sysctl.h:Poul-Henning Kamp2000-07-031-1/+1
| | | | | | | | | | | Sanitize SYSCTL_HANDLER_ARGS so that simplistic tools can grog our sources: -sysctl_vm_zone SYSCTL_HANDLER_ARGS +sysctl_vm_zone (SYSCTL_HANDLER_ARGS) Notes: svn path=/head/; revision=62454
* IPSEC support in the kernel.Yoshinobu Inoue1999-12-221-8/+33
| | | | | | | | | | | pr_input() routines prototype is also changed to support IPSEC and IPV6 chained protocol headers. Reviewed by: freebsd-arch, cvs-committers Obtained from: KAME project Notes: svn path=/head/; revision=55009
* M_PREPEND-related cleanups (unregisterifying struct mbuf *s).Brian Feldman1999-12-191-1/+1
| | | | Notes: svn path=/head/; revision=54799
* KAME netinet6 basic part(no IPsec,no V6 Multicast Forwarding, no UDP/TCPYoshinobu Inoue1999-11-221-8/+8
| | | | | | | | | | | | | for IPv6 yet) With this patch, you can assigne IPv6 addr automatically, and can reply to IPv6 ping. Reviewed by: freebsd-arch, cvs-committers Obtained from: KAME project Notes: svn path=/head/; revision=53541
* $Id$ -> $FreeBSD$Peter Wemm1999-08-281-1/+1
| | | | Notes: svn path=/head/; revision=50477
* Make ipfw's logging more dynamic. Now, log will use the default limitBrian Feldman1999-08-011-1/+2
| | | | | | | | | | | | | | | | _or_ you may specify "log logamount number" to set logging specifically the rule. In addition, "ipfw resetlog" has been added, which will reset the logging counters on any/all rule(s). ipfw resetlog does not affect the packet/byte counters (as ipfw reset does), and is the only "set" command that can be run at securelevel >= 3. This should address complaints about not being able to set logging amounts, not being able to restart logging at a high securelevel, and not being able to just reset logging without resetting all of the counters in a rule. Notes: svn path=/head/; revision=49350
* Add sysctl descriptions to many SYSCTL_XXXsBill Fumerola1999-05-031-5/+5
| | | | | | | | | | PR: kern/11197 Submitted by: Adrian Chadd <adrian@FreeBSD.org> Reviewed by: billf(spelling/style/minor nits) Looked at by: bde(style) Notes: svn path=/head/; revision=46381
* Suser() simplification:Poul-Henning Kamp1999-04-271-2/+2
| | | | | | | | | | | | | | | | | | | | | | 1: s/suser/suser_xxx/ 2: Add new function: suser(struct proc *), prototyped in <sys/proc.h>. 3: s/suser_xxx(\([a-zA-Z0-9_]*\)->p_ucred, \&\1->p_acflag)/suser(\1)/ The remaining suser_xxx() calls will be scrutinized and dealt with later. There may be some unneeded #include <sys/cred.h>, but they are left as an exercise for Bruce. More changes to the suser() API will come along with the "jail" code. Notes: svn path=/head/; revision=46112
* Tidy up some stray / unused stuff in the IPFW package and friends.Peter Wemm1999-04-201-23/+1
| | | | | | | | | | | - unifdef -DCOMPAT_IPFW (this was on by default already) - remove traces of in-kernel ip_nat package, it was never committed. - Make IPFW and DUMMYNET initialize themselves rather than depend on compiled-in hooks in ip_init(). This means they initialize the same way both in-kernel and as kld modules. (IPFW initializes now :-) Notes: svn path=/head/; revision=45869
* Last bits (i think) of dummynet for -current.Luigi Rizzo1998-12-141-1/+23
| | | | Notes: svn path=/head/; revision=41793
* Yow! Completely change the way socket options are handled, eliminatingGarrett Wollman1998-08-231-82/+108
| | | | | | | | | another specialized mbuf type in the process. Also clean up some of the cruft surrounding IPFW, multicast routing, RSVP, and other ill-explored corners. Notes: svn path=/head/; revision=38482
* Convert socket structures to be type-stable and add a version number.Garrett Wollman1998-05-151-2/+88
| | | | | | | | | | | | | | | | | | | | | | Define a parameter which indicates the maximum number of sockets in a system, and use this to size the zone allocators used for sockets and for certain PCBs. Convert PF_LOCAL PCB structures to be type-stable and add a version number. Define an external format for infomation about socket structures and use it in several places. Define a mechanism to get all PF_LOCAL and PF_INET PCB lists through sysctl(3) without blocking network interrupts for an unreasonable length of time. This probably still has some bugs and/or race conditions, but it seems to work well enough on my machines. It is now possible for `netstat' to get almost all of its information via the sysctl(3) interface rather than reading kmem (changes to follow). Notes: svn path=/head/; revision=36079
* Fixed style bugs (mostly) in previous commit.Bruce Evans1998-03-281-2/+3
| | | | Notes: svn path=/head/; revision=34923
* Use the zone allocator to allocate inpcbs and tcpcbs. Each protocol createsGarrett Wollman1998-03-241-1/+4
| | | | | | | | | | | its own zone; this is used particularly by TCP which allocates both inpcb and tcpcb in a single allocation. (Some hackery ensures that the tcpcb is reasonably aligned.) Also keep track of the number of pcbs of each type allocated, and keep a generation count (instance version number) for future use. Notes: svn path=/head/; revision=34881
* Improved connection establishment performance by doing local port lookups viaDavid Greenman1998-01-271-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a hashed port list. In the new scheme, in_pcblookup() goes away and is replaced by a new routine, in_pcblookup_local() for doing the local port check. Note that this implementation is space inefficient in that the PCB struct is now too large to fit into 128 bytes. I might deal with this in the future by using the new zone allocator, but I wanted these changes to be extensively tested in their current form first. Also: 1) Fixed off-by-one errors in the port lookup loops in in_pcbbind(). 2) Got rid of some unneeded rehashing. Adding a new routine, in_pcbinshash() to do the initialial hash insertion. 3) Renamed in_pcblookuphash() to in_pcblookup_hash() for easier readability. 4) Added a new routine, in_pcbremlists() to remove the PCB from the various hash lists. 5) Added/deleted comments where appropriate. 6) Removed unnecessary splnet() locking. In general, the PCB functions should be called at splnet()...there are unfortunately a few exceptions, however. 7) Reorganized a few structs for better cache line behavior. 8) Killed my TCP_ACK_HACK kludge. It may come back in a different form in the future, however. These changes have been tested on wcarchive for more than a month. In tests done here, connection establishment overhead is reduced by more than 50 times, thus getting rid of one of the major networking scalability problems. Still to do: make tcp_fastimo/tcp_slowtimo scale well for systems with a large number of connections. tcp_fastimo is easy; tcp_slowtimo is difficult. WARNING: Anything that knows about inpcb and tcpcb structs will have to be recompiled; at the very least, this includes netstat(1). Notes: svn path=/head/; revision=32821
* Call in_pcballoc() at splnet(). As near as I can tell, this won't fixDavid Greenman1997-12-181-4/+9
| | | | | | | | any instability problems, but it was wrong nonetheless and will be required in an upcoming round of PCB changes. Notes: svn path=/head/; revision=31838
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-22 03:22:28 +0000