FreeBSD source tree https://cgit-dev.freebsd.org/src/atom?h=releng%2F7.0 2008-06-19T06:36:10Z 2008-06-19T06:36:10Z Colin Percival cperciva@FreeBSD.org 2008-06-19T06:36:10Z urn:sha1:eaa7871ca9ac6101afca4257b22287b138a6f399 Errata: FreeBSD-EN-08:02.tcp Approved by: so (cperciva) 2008-02-02T12:44:14Z Robert Watson rwatson@FreeBSD.org 2008-02-02T12:44:14Z urn:sha1:f9c29669241f2305720f8edb8814e83bd539ee7a sctp_input.c:1.67, sctp_peeloff.c:1.17, sctputil.c:1.73, socketvar.h:1.161 from HEAD to RELENG_7_0: Correct two problems relating to sorflush(), which is called to flush read socket buffers in shutdown() and close(): - Call socantrcvmore() before sblock() to dislodge any threads that might be sleeping (potentially indefinitely) while holding sblock(), such as a thread blocked in recv(). - Flag the sblock() call as non-interruptible so that a signal delivered to the thread calling sorflush() doesn't cause sblock() to fail. The sblock() is required to ensure that all other socket consumer threads have, in fact, left, and do not enter, the socket buffer until we're done flushin it. To implement the latter, change the 'flags' argument to sblock() to accept two flags, SBL_WAIT and SBL_NOINTR, rather than one M_WAITOK flag. When SBL_NOINTR is set, it forces a non-interruptible sx acquisition, regardless of the setting of the disposition of SB_NOINTR on the socket buffer; without this change it would be possible for another thread to clear SB_NOINTR between when the socket buffer mutex is released and sblock() is invoked. Reviewed by: bz, kmacy, rrs Reported by: Jos Backus <jos at catnook dot com> Approved by: re (kensmith) 2008-01-31T17:21:50Z Randall Stewart rrs@FreeBSD.org 2008-01-31T17:21:50Z urn:sha1:b59b1224233d488d5dc9ad5b218a486edaca527f a socket is closed as it gets auth'd data in. (sctp_auth.c) - Reverts the priority back to 0, do not change prioritys (sctp_bsd_addr.c) - Fixes a wrap error in calculation of gap ack segments that wrap the TSN number. (sctp_indata.c) - Fixes a comment, and also moves a lock up to cover the pulling of the VRF from the inp structure. (sctp_pcb.c) Approved by: re@freebsd.org (Ken Smith) 2008-01-28T17:44:30Z Robert Watson rwatson@FreeBSD.org 2008-01-28T17:44:30Z urn:sha1:f0b5521fbb377907005e7eb8555e0ab0faf8c55c RELENG_7_0: Hide ipfw internal data structures behind IPFW_INTERNAL rather than exposing them to all consumers of ip_fw.h. These structures are used in both ipfw(8) and ipfw(4), but not part of the user<->kernel interface for other applications to use, rather, shared implementation. Reported by: Paul Vixie <paul at vix dot com> Approved by: re (kensmith) 2008-01-26T13:57:33Z Robert Watson rwatson@FreeBSD.org 2008-01-26T13:57:33Z urn:sha1:be7a7240c480a750837eb5d51521369bc51ccfcf tcp_usrreq.c:1.130 removed tcbinfo locking from tcp_usr_accept(), which while in principle a good idea, opened us up to a race inherrent to the syncache's direct insertion of incoming TCP connections into the "completed connection" listen queue, as it transpires that the socket is inserted before the inpcb is fully filled in by syncache_expand(). The bug manifested with the occasional returning of 0.0.0.0:0 in the address returned by the accept() system call, which occurred if accept managed to execute tcp_usr_accept() before syncache_expand() had copied the endpoint addresses into inpcb connection state. Re-add tcbinfo locking around the address copyout, which has the effect of delaying the copy until syncache_expand() has finished running, as it is run while the tcbinfo lock is held. This is undesirable in that it increases contention on tcbinfo further, but a more significant change will be required to how the syncache inserts new sockets in order to fix this and keep more granular locking here. In particular, either more state needs to be passed into sonewconn() so that pru_attach() can fill in the fields *before* the socket is inserted, or the socket needs to be inserted in the incomplete connection queue until it is actually ready to be used. Reported by: glebius (and kris) Tested by: glebius Approved by: re (kensmith) 2007-12-29T15:07:54Z Randall Stewart rrs@FreeBSD.org 2007-12-29T15:07:54Z urn:sha1:50c731d76d8041ecc62cfe8f34213aef735bf1c5 Approved by: re@freebsd.org(gnn) 2007-12-22T20:54:46Z Robert Watson rwatson@FreeBSD.org 2007-12-22T20:54:46Z urn:sha1:8ddae67c7db125351140ba6834c1798d3d7d65e9 When IPSEC fails to allocate policy state for an inpcb, and MAC is in use, free the MAC label on the inpcb before freeing the inpcb. Submitted by: tanyong <tanyong at ercist dot iscas dot ac dot cn>, zhouzhouyi Approved by: re (kensmith) 2007-12-20T12:34:32Z Ruslan Ermilov ru@FreeBSD.org 2007-12-20T12:34:32Z urn:sha1:d832e0e8ec0bd3f6ca1c934dbc3e20949cfb6889 Approved by: re (kensmith) 2007-12-19T08:10:30Z Guido van Rooij guido@FreeBSD.org 2007-12-19T08:10:30Z urn:sha1:483a6b10beaa1c585563d64f01ef57827e027804 Approved by: re@freebsd.org 2007-12-09T20:23:47Z Randall Stewart rrs@FreeBSD.org 2007-12-09T20:23:47Z urn:sha1:d451c79512a4d42f21a89def232de04bb5874e7b sending, once the locks are all unlocked to do the copy's in, its possible that other events could then raise the number of bytes outstanding pushing it so not all the message would fit. This would then cause us to send only part of the message. This fix makes it so we keep a "reserved" amount that can be kept in mind when making calculations to send. - rcv msg args with a NULL/NULL for to/tolen will return an error incorrectly for the 1-2-1 model. - We were not doing 0 len return correctly and not setting socantrcv() more correctly. Previouly we "fixed" this area by taking out the socantrcv() since we then could not get the data out. The correct fix is to still flag the socket but alow a by-pass route to continue to read until all data is consumed. - Fix the initial buf calculation to be more friendly, calc is the same but we use different variable to make it easier amongst the different code versions. - Signedness issue with one of the new var's (this is an issue mainly in apple but with the right -Wall it could effect us too). - optimize the initialization of the SB max variables. - Missing lock(s) when sending data and moving it to the outqueue. - If a mbuf alloc fails during moving to outqueue the reassembly of the old mbuf chain was incorrect. - some_taken becomes a counter in sctputil.c instead of a set to 1. - Fix a panic to be only under invarients and have a proper recovery in reading messages. - msg_flags needed to be set to the value collected not or'd. - More fixes for lock misses on the transfer of data to the sent_queue. Sometimes I wonder why any code ever works :-) - Fix the pad of the last mbuf routine, It was working improperly on non-4 byte aligned chunks which could cause memory overruns. Approved by: re@freebsd.org(gnn)