Formally, there are 12 bits for TCP header flags.
Use the accessor functions in more (kernel) places.
No functional change.
Reviewed By: cc, #transport, cy, glebius, #iflib, kbowling
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D47063
This is an interim robustness improvement; further improvements as
described in the PR and/or Phabricator review are still needed.
PR: 267334
Reported by: Robert Morris <rtm@lcs.mit.edu>
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D37229
In general, in the direct dispatch case netgraph only enters the net
epoch to send data messages, but this was inconsistent with the netgraph
thread, which also entered the net epoch to send fn and fn2 messages to
nodes. Some handlers, e.g., ng_bridge_newhook(), may sleep, and so
cannot be called in epoch context; the netgraph tests occasionally panic
due to this problem.
Make ngthread() consistent with the direct dispatch path.
Discussed with: afedorov (in D44615)
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Attempt to initialize FreeBSD bluetooth stack while such a device is in
bootloader mode locks the adapter hardly so it requires power on/off
cycle to restore.
This change blocks ng_ubt attachment unless operational firmware is
loaded thus preventing the lock up.
Sponsored by: Future Crew LLC
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D46738
If Intel firmware is already in operational mode at boot that takes
place at warm boot, BT adaptor can generate extra HCI events which
interferes with firmware mode detection logic. Ignore them.
Sponsored by: Future Crew LLC
MFC after: 1 month
Reviewed by: bz
Differential Revision: https://reviews.freebsd.org/D46736
The function ng_ipfw_input() used to enjoy implicit
32->16 bits truncation of its second argument.
Make it explicit to recover from the breakage.
PR: 281082
Reported by: Ruben van Staveren <ruben@verweg.com>
Tested by: Ruben van Staveren <ruben@verweg.com>
MFC after: 3 days
Fixes: 20e1f207cc
gcc -Wmemset-elt-size diagnosed this. The code was only initializing
the first 1/sizeof(long) bytes. On 64-bit systems, this would mean only
events up to 0x20 were initialized.
This effectively reverses the security policy for some events with
higher ids, now permitting them on unprivileged sockets. Two that are
defined are NG_HCI_EVENT_LE (0x3e) and NG_HCI_EVENT_BT_LOGO (0xfe).
PR: 280039
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D45707
Change 4787572d05 made if_alloc_domain() never fail, then also do the
wrappers if_alloc(), if_alloc_dev(), and if_gethandle().
No functional change intended.
Reviewed by: kp, imp, glebius, stevek
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D45740
This is the behavior described in the man page.
Signed-off-by: Martin Vahlensieck <git@academicsolutions.ch>
Discussed with: glebius
Reviewed by: markj
MFC after: 2 weeks
Pull Request: https://github.com/freebsd/freebsd-src/pull/1181
ng_btsocket_hci_raw_send() wasn't verifying that the destination address
specified by sendto() is large enough to fill a struct sockaddr_hci.
Thus, when copying the socket address into an mbuf,
ng_btsocket_hci_raw_send() may read past the end of the input sockaddr
while copying.
In practice this is effectively harmless since
ng_btsocket_hci_raw_output() only uses the address to identify a
netgraph node.
Reported by: Oliver Sieber <oliver@secfault-security.com>
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
The pseudo_AF_HDRCMPLT check is already being done in if_loop and
just needed to be ported over to if_ic, if_wg, if_disc, if_gif,
if_gre, if_me, if_tuntap and ng_iface. This is needed in order to
allow these interfaces to work properly with e.g., tcpreplay.
PR: 256587
Reviewed by: markj
MFC after: 2 weeks
Pull Request: https://github.com/freebsd/freebsd-src/pull/876
EEXIST is possible in a race condition.
Inspired by: ffc72591b1 (Don't worry if a module is already loaded ...)
Reviewed by: glebius
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D44633
This will allow a userland machinery that orchestrates a bridge (e.g. a
jail or vm manager) to not double the number allocation logic. See bug
278130 for longer description and examples.
Reviewed by: glebius, afedorov
Differential Revision: https://reviews.freebsd.org/D44615
PR: 278130
Update all remaining references to the struct tcphdr th_x2 field.
This completes the compatibilty of various aspects with AccECN
(TH_AE), after the internal ipfw "re-checksum required" was moved
to use the TH_RES1 flag.
No functional change.
Reviewed By: tuexen, #transport, glebius
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D43172
Just like it was done for accept(2) in cfb1e92912, use same approach
for two simplier syscalls that return socket addresses. Although,
these two syscalls aren't performance critical, this change generalizes
some code between 3 syscalls trimming code size.
Following example of accept(2), provide VNET-aware and INVARIANT-checking
wrappers sopeeraddr() and sosockaddr() around protosw methods.
Reviewed by: tuexen
Differential Revision: https://reviews.freebsd.org/D42694
Let the accept functions provide stack memory for protocols to fill it in.
Generic code should provide sockaddr_storage, specialized code may provide
smaller structure.
While rewriting accept(2) make 'addrlen' a true in/out parameter, reporting
required length in case if provided length was insufficient. Our manual
page accept(2) and POSIX don't explicitly require that, but one can read
the text as they do. Linux also does that. Update tests accordingly.
Reviewed by: rscheff, tuexen, zlei, dchagin
Differential Revision: https://reviews.freebsd.org/D42635
The ng_socket(4) node already writes more than declared size of the
struct at least in the in ng_getsockaddr(). Make size match size of
a node name. The value is pasted instead of including ng_message.h
into ng_socket.h. This is external API and we want to keep it stable
even if NG_NODESIZ is redefined in a kernel build.
Reviewed by: afedorov
Differential Revision: https://reviews.freebsd.org/D42690
Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.
Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/
Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/
Remove /\n+#if.*\n#endif.*\n+/
Remove /^#if.*\n#endif.*\n/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/
Sponsored by: Netflix
- Provide listen upcall and set it on NGM_KSOCKET_LISTEN
- Mask EWOULDBLOCK on NGM_KSOCKET_ACCEPT
Reviewed by: afedorov
Differential Revision: https://reviews.freebsd.org/D42637
PR: 272319
PR: 275106
Fixes: 779f106aa1
Note: imho, the proper solution would be to guarantee that upcalls
won't ever be called after soclose(), but this isn't the case, yet.
This change at least makes the node work the way it always worked.
Reviewed by: afedorov
Differential Revision: https://reviews.freebsd.org/D42636
PR: 272319
PR: 275106
Fixes: 779f106aa1
A ng_eiface instance may be on lease to a different vnet while
remaining tied to its parent vnet. In such circumstances, before
injecting mbufs into netgraph, curvnet must be set to that of the
ng_eiface's netgraph node. Mark the vnet transition as QUIET,
since otherwise it would be recorded as a curvnet recursion when
ng_eiface's ifnet resides in the same (parent) vnet as its
netgraph node.
PR: 274028
Reported by: Dancho Penev <dpslavov@hotmail.com>
MFC after: 1 week
After removing the -FreeBSD and -NetBSD, we're left with a nuber of
BSD-2-Clause AND BSD-2-Clause, so tidy that up.
Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix
The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.
Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix
This standalone module is the last vestage of ATM support in the tree so
send it on its way.
Reviewed by: manu, emaste
Relnotes: yes
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D38880
Most ATM support was removed prior to FreeBSD 12. The netgraph support
was kept as it was less intrusive, but it is presumed to be unused.
Reviewed by: manu
Relnotes: yes
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D38879
With the deprecation of NgATM, ng_atmllc is the last vestage of ATM
support so deprecate it too.
MFC after: 3 days
Relnotes: yes
Reviewed by: manu, emaste
Differential Revision: https://reviews.freebsd.org/D38878
