aboutsummaryrefslogtreecommitdiff
path: root/sys/netgraph/ng_socket.c
Commit message (Collapse)AuthorAgeFilesLines
* sys: use our nitems() macro when param.h is available.Pedro F. Giffuni2016-04-211-1/+1
| | | | | | | | | This should cover all the remaining cases in the kernel. Discussed in: freebsd-current Notes: svn path=/head/; revision=298431
* sys/net* : for pointers replace 0 with NULL.Pedro F. Giffuni2016-04-151-2/+2
| | | | | | | | | Mostly cosmetical, no functional change. Found with devel/coccinelle. Notes: svn path=/head/; revision=298075
* Fix multiple incorrect SYSCTL arguments in the kernel:Hans Petter Selasky2014-10-211-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Wrong integer type was specified. - Wrong or missing "access" specifier. The "access" specifier sometimes included the SYSCTL type, which it should not, except for procedural SYSCTL nodes. - Logical OR where binary OR was expected. - Properly assert the "access" argument passed to all SYSCTL macros, using the CTASSERT macro. This applies to both static- and dynamically created SYSCTLs. - Properly assert the the data type for both static and dynamic SYSCTLs. In the case of static SYSCTLs we only assert that the data pointed to by the SYSCTL data pointer has the correct size, hence there is no easy way to assert types in the C language outside a C-function. - Rewrote some code which doesn't pass a constant "access" specifier when creating dynamic SYSCTL nodes, which is now a requirement. - Updated "EXAMPLES" section in SYSCTL manual page. MFC after: 3 days Sponsored by: Mellanox Technologies Notes: svn path=/head/; revision=273377
* Use NG_WAITOK as ng_package_msg() argument instead of M_WAITOK.Alexander Motin2014-05-221-1/+1
| | | | | | | Submitted by: Dmitry Luhtionov <dmitryluhtionov@gmail.com> Notes: svn path=/head/; revision=266536
* In ng_getsockaddr() allocate memory prior to obtaining lock.Gleb Smirnoff2012-02-161-11/+8
| | | | | | | Reported & tested by: Mykola Dzham <i levsha.me> Notes: svn path=/head/; revision=231823
* No need to optimise for a node with no hooks, my braino.Gleb Smirnoff2012-02-131-5/+2
| | | | Notes: svn path=/head/; revision=231585
* Provide a findhook method for ng_socket(4). The node stores aGleb Smirnoff2012-01-231-2/+101
| | | | | | | | | | | | | | | | | | | | hash with names of its hooks. It starts with size of 16, and grows when number of hooks reaches twice the current size. A failure to grow (memory is allocated with M_NOWAIT) isn't fatal, however. I used standard hash(9) function for the hash. With 25000 hooks named in the mpd (ports/net/mpd5) manner of "b%u", the distributions is the following: 72.1% entries consist of one element, 22.1% consist of two, 5.2% consist of three and 0.6% of four. Speedup in a synthetic test that creates 25000 hooks and then runs through a long cyclce dereferencing them in a random order is over 25 times. Notes: svn path=/head/; revision=230487
* In ng_socket(4) expose less kernel internals to userland. This commitGleb Smirnoff2012-01-231-3/+16
| | | | | | | breaks ABI, but makes probability of ABI breakage in future less. Notes: svn path=/head/; revision=230481
* Remove some disabled NOTYET code. Probability of enabling it is low,Gleb Smirnoff2012-01-161-78/+0
| | | | | | | if anyone wants, he/she can take it from svn. Notes: svn path=/head/; revision=230213
* Mark all SYSCTL_NODEs static that have no corresponding SYSCTL_DECLs.Ed Schouten2011-11-071-2/+2
| | | | | | | | | The SYSCTL_NODE macro defines a list that stores all child-elements of that node. If there's no SYSCTL_DECL macro anywhere else, there's no reason why it shouldn't be static. Notes: svn path=/head/; revision=227309
* Mark MALLOC_DEFINEs static that have no corresponding MALLOC_DECLAREs.Ed Schouten2011-11-071-2/+2
| | | | | | | This means that their use is restricted to a single C file. Notes: svn path=/head/; revision=227293
* Second-to-last commit implementing Capsicum capabilities in the FreeBSDRobert Watson2011-08-111-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | kernel for FreeBSD 9.0: Add a new capability mask argument to fget(9) and friends, allowing system call code to declare what capabilities are required when an integer file descriptor is converted into an in-kernel struct file *. With options CAPABILITIES compiled into the kernel, this enforces capability protection; without, this change is effectively a no-op. Some cases require special handling, such as mmap(2), which must preserve information about the maximum rights at the time of mapping in the memory map so that they can later be enforced in mprotect(2) -- this is done by narrowing the rights in the existing max_protection field used for similar purposes with file permissions. In namei(9), we assert that the code is not reached from within capability mode, as we're not yet ready to enforce namespace capabilities there. This will follow in a later commit. Update two capability names: CAP_EVENT and CAP_KEVENT become CAP_POST_KEVENT and CAP_POLL_KEVENT to more accurately indicate what they represent. Approved by: re (bz) Submitted by: jonathan Sponsored by: Google Inc Notes: svn path=/head/; revision=224778
* In ng_attach_cntl() first allocate things that may fail, and thenGleb Smirnoff2011-07-141-16/+15
| | | | | | | | | | do the rest of initialization. This simplifies code and fixes a double free in failure scenario. Reviewed by: bz Notes: svn path=/head/; revision=224031
* sysctl(9) cleanup checkpoint: amd64 GENERIC builds cleanly.Matthew D Fleming2011-01-121-2/+2
| | | | | | | Commit the netgraph piece. Notes: svn path=/head/; revision=217320
* When calling panic(), always pass a format string.Rui Paulo2010-10-131-1/+1
| | | | Notes: svn path=/head/; revision=213794
* Fix a race between ngs_rcvmsg() and soclose() which closes the controlAttilio Rao2010-05-191-6/+26
| | | | | | | | | | | | | | | | socket while it is still in use. priv->ctlsock is checked at the top of the function but without any lock held, which means the control socket state may certainly change. Add a similar protection to ngs_shutdown() even if a race is unlikely to be experienced there. Sponsored by: Sandvine Incorporated Obtained from: Nima Misaghian @ Sandvine Incorporated <nmisaghian at sandvine dot com> MFC after: 10 days Notes: svn path=/head/; revision=208300
* Now fix functionality of 'netstat -f netgraph' that hasn't workedGleb Smirnoff2010-03-121-0/+3
| | | | | | | | | | | | | | | starting from netgraph import in 1999. netstat(8) used pointer to node as node address, oops. That didn't work, we need the node ID in brackets to successfully address a node. We can't look into ng_node, due to inability to include netgraph/netgraph.h in userland code. So let the node make a hint for a userland, storing the node ID in its private data. MFC after: 2 weeks Notes: svn path=/head/; revision=205083
* Fix 'netstat -f netgraph', which I had broken in r163463 ling timeGleb Smirnoff2010-03-121-0/+18
| | | | | | | | | | ago in 2006. This linked list is actually needed for userland. PR: kern/140446 Submitted by: Adrian Steinmann <ast marabu.ch> Notes: svn path=/head/; revision=205082
* Introduce and use a sysinit-based initialization scheme for virtualRobert Watson2009-07-231-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | network stacks, VNET_SYSINIT: - Add VNET_SYSINIT and VNET_SYSUNINIT macros to declare events that will occur each time a network stack is instantiated and destroyed. In the !VIMAGE case, these are simply mapped into regular SYSINIT/SYSUNINIT. For the VIMAGE case, we instead use SYSINIT's to track their order and properties on registration, using them for each vnet when created/ destroyed, or immediately on module load for already-started vnets. - Remove vnet_modinfo mechanism that existed to serve this purpose previously, as well as its dependency scheme: we now just use the SYSINIT ordering scheme. - Implement VNET_DOMAIN_SET() to allow protocol domains to declare that they want init functions to be called for each virtual network stack rather than just once at boot, compiling down to DOMAIN_SET() in the non-VIMAGE case. - Walk all virtualized kernel subsystems and make use of these instead of modinfo or DOMAIN_SET() for init/uninit events. In some cases, convert modular components from using modevent to using sysinit (where appropriate). In some cases, do minor rejuggling of SYSINIT ordering to make room for or better manage events. Portions submitted by: jhb (VNET_SYSINIT), bz (cleanup) Discussed with: jhb, bz, julian, zec Reviewed by: bz Approved by: re (VIMAGE blanket) Notes: svn path=/head/; revision=195837
* Remove unused variable.Alexander Motin2008-11-221-3/+2
| | | | | | | | Found with: Coverity Prevent(tm) CID: 3682 Notes: svn path=/head/; revision=185183
* Improve apply callback error reporting:Alexander Motin2008-03-111-1/+1
| | | | | | | | | | | | | | Before this patch callback returned result of the last finished call chain. Now it returns last nonzero result from all call chain results in this request. As soon as this improvement gives reliable error reporting, it is now possible to remove dirty workaround in ng_socket, made to return ENOBUFS error statuses of request-response operations. That workaround was responsible for returning ENOBUFS errors to completely unrelated requests working at the same time on socket. Notes: svn path=/head/; revision=177071
* Remove explicit locking of struct file.Jeff Roberson2007-12-301-1/+1
| | | | | | | | | | | | | | | | - Introduce a finit() which is used to initailize the fields of struct file in such a way that the ops vector is only valid after the data, type, and flags are valid. - Protect f_flag and f_count with atomic operations. - Remove the global list of all files and associated accounting. - Rewrite the unp garbage collection such that it no longer requires the global list of all files and instead uses a list of all unp sockets. - Mark sockets in the accept queue so we don't incorrectly gc them. Tested by: kris, pho Notes: svn path=/head/; revision=174988
* Implement new apply callback mechanism to handle item forwarding.Alexander Motin2007-10-191-12/+13
| | | | | | | | | | | When item forwarded refence counter is incremented, when item processed, counter decremented. When counter reaches zero, apply handler is getting called. Now it allows to report right connect() call status from user-level at the right time. Notes: svn path=/head/; revision=172806
* Reduce network stack oddness: implement .pru_sockaddr and .pru_peeraddrRobert Watson2007-05-111-3/+3
| | | | | | | | | | | protocol entry points using functions named proto_getsockaddr and proto_getpeeraddr rather than proto_setsockaddr and proto_setpeeraddr. While it's true that sockaddrs are allocated and set, the net effect is to retrieve (get) the socket address or peer address from a socket, not set it, so align names to that intent. Notes: svn path=/head/; revision=169462
* Sweep kernel replacing suser(9) calls with priv(9) calls, assigningRobert Watson2006-11-061-2/+5
| | | | | | | | | | | | | | | | specific privilege names to a broad range of privileges. These may require some future tweaking. Sponsored by: nCircle Network Security, Inc. Obtained from: TrustedBSD Project Discussed on: arch@ Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri, Alex Lyashkov <umka at sevcity dot net>, Skip Ford <skip dot ford at verizon dot net>, Antoine Brodin <antoine dot brodin at laposte dot net> Notes: svn path=/head/; revision=164033
* Check pointer before dereferencing.Gleb Smirnoff2006-10-181-1/+2
| | | | | | | | Reported by: Coverity CID: 1556 Notes: svn path=/head/; revision=163475
* Some clenaup of ngs_rcvmsg():Gleb Smirnoff2006-10-171-60/+46
| | | | | | | | | | - Inline ship_msg() into ngs_rcvmsg(). - Plug memory leak in case if no control socket present. - Remove malloc() and allocate the sockaddr on stack. - style(9). Notes: svn path=/head/; revision=163468
* Some cleanup and small changes:Gleb Smirnoff2006-10-171-121/+74
| | | | | | | | | | | | | - Use malloc() and free() instead of MALLOC() and FREE() macros. - Do not check malloc results if M_WAITOK was used. - Remove linked list of all netgraph sockets. It isn't needed. - Use ng_findhook() instead of searching the list ourselves. - Use NG_WAITOK in syscalls. - Remove unneeded includes. - style(9) Notes: svn path=/head/; revision=163463
* Change semantics of socket close and detach. Add a new protocol switchRobert Watson2006-07-211-0/+4
| | | | | | | | | | | | | | | | | | | | | | function, pru_close, to notify protocols that the file descriptor or other consumer of a socket is closing the socket. pru_abort is now a notification of close also, and no longer detaches. pru_detach is no longer used to notify of close, and will be called during socket tear-down by sofree() when all references to a socket evaporate after an earlier call to abort or close the socket. This means detach is now an unconditional teardown of a socket, whereas previously sockets could persist after detach of the protocol retained a reference. This faciliates sharing mutexes between layers of the network stack as the mutex is required during the checking and removal of references at the head of sofree(). With this change, pru_detach can now assume that the mutex will no longer be required by the socket layer after completion, whereas before this was not necessarily true. Reviewed by: gnn Notes: svn path=/head/; revision=160549
* Use kern_kldload() and kern_kldunload() to load and unload modules whenJohn Baldwin2006-06-131-6/+5
| | | | | | | | | | | we intend for the user to be able to unload them later via kldunload(2) instead of calling linker_load_module() and then directly adjusting the ref count on the linker file structure. This makes the resulting consumer code simpler and cleaner and better hides the linker internals making it possible to sanely lock the linker. Notes: svn path=/head/; revision=159590
* Remove unneeded check.Gleb Smirnoff2006-05-161-4/+0
| | | | | | | Coverity ID: 445 Notes: svn path=/head/; revision=158646
* Do not leak kernel memory in case if userland has been compiledGleb Smirnoff2006-05-161-0/+1
| | | | | | | | | against older NG_VERSION. Coverity ID: 1131 Notes: svn path=/head/; revision=158643
* Correct assertion in ng_detach().Robert Watson2006-04-061-1/+1
| | | | | | | | Submitted by: tegge MFC after: 3 months Notes: svn path=/head/; revision=157558
* Chance protocol switch method pru_detach() so that it returns voidRobert Watson2006-04-011-8/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | rather than an error. Detaches do not "fail", they other occur or the protocol flags SS_PROTOREF to take ownership of the socket. soclose() no longer looks at so_pcb to see if it's NULL, relying entirely on the protocol to decide whether it's time to free the socket or not using SS_PROTOREF. so_pcb is now entirely owned and managed by the protocol code. Likewise, no longer test so_pcb in other socket functions, such as soreceive(), which have no business digging into protocol internals. Protocol detach routines no longer try to free the socket on detach, this is performed in the socket code if the protocol permits it. In rts_detach(), no longer test for rp != NULL in detach, and likewise in other protocols that don't permit a NULL so_pcb, reduce the incidence of testing for it during detach. netinet and netinet6 are not fully updated to this change, which will be in an upcoming commit. In their current state they may leak memory or panic. MFC after: 3 months Notes: svn path=/head/; revision=157370
* Use sparse initializers for "struct domain" and "struct protosw",Ruslan Ermilov2005-11-091-33/+18
| | | | | | | so they are easier to follow for the human being. Notes: svn path=/head/; revision=152242
* Fix several races between socket closure and node/hookGleb Smirnoff2005-11-021-77/+97
| | | | | | | | | | | | | | | | destruction: - Backout 1.62, since it doesn't fix all possible problems. - Upon node creation, put an additional reference on node. - Add a mutex and refcounter to struct ngsock. Netgraph node, control socket and data socket all count as references. - Introduce ng_socket_free_priv() which removes one reference from ngsock, and frees it when all references has gone. - No direct pointers between pcbs and node, all pointing is done via struct ngsock and protected with mutex. Notes: svn path=/head/; revision=151975
* When message can't fit into socket receive buffer return ENOBUFSGleb Smirnoff2005-09-121-2/+3
| | | | | | | | | to userland program instead of letting it wait until end of days. PR: kern/85907 Notes: svn path=/head/; revision=150042
* Fix missing '=' in structure initialization.David E. O'Brien2005-07-231-1/+1
| | | | Notes: svn path=/head/; revision=148351
* In the splnet times, netgraph was functional and synchronous. Nowadays,Gleb Smirnoff2005-07-051-1/+44
| | | | | | | | | | | | | | | | | | | | | | | | | an item may be queued and processed later. While this is OK for mbufs, this is a problem for control messages. In the framework: - Add optional callback function pointer to an item. When item gets applied the callback is executed from ng_apply_item(). - Add new flag NG_PROGRESS. If this flag is supplied, then return EINPROGRESS instead of 0 in case if item failed to deliver synchronously and was queued. - Honor NG_PROGRESS in ng_snd_item(). In ng_socket: - When userland sends control message add callback to the item. - If ng_snd_item() returns EINPROGRESS, then sleep. This change fixes possible races in ngctl(8) scripts. Reviewed by: julian Approved by: re (scottl) Notes: svn path=/head/; revision=147774
* Fix use of uninitialized variable len in ngd_send.Bjoern A. Zeeb2005-05-281-3/+7
| | | | | | | | | | | | Note: len gets intialized to 0 for sap == NULL case only to make compiler on amd64 happy. This has nothing todo with the former uninitialized use of len in sap != NULL case. Reviewed by: glebius Approved by: pjd (mentor) Notes: svn path=/head/; revision=146718
* Remove local error variable, which leads to hiding error from returnGleb Smirnoff2005-05-231-1/+0
| | | | | | | | | | | value. PR: kern/81371 Submitted by: Wojciech A. Koszek MFC after: 1 week Notes: svn path=/head/; revision=146545
* - Unwind NG_SEND_MSG_PATH() macro and merge it with already unwindedGleb Smirnoff2005-05-171-27/+25
| | | | | | | | version under TRACE_MESSAGES. - Pass NG_WAITOK flag to ng_package_data() in unwinded macro. Notes: svn path=/head/; revision=146317
* - Fix build with TRACE_MESSAGES on.Gleb Smirnoff2005-05-161-41/+42
| | | | | | | | | - Reformat code under TRACE_MESSAGES to make it more readable. - Move linker hackery out of #ifdef. - Break long lines in linker hackery block. Notes: svn path=/head/; revision=146296
* Close race between node being shutdown and socket being detached. ToGleb Smirnoff2005-05-161-7/+27
| | | | | | | | | | do this, obtain netgraph locking in detach method via ng_send_fn1(). Reviewed by: julian MFC after: 2 weeks Notes: svn path=/head/; revision=146290
* Catch up with new ng_package_data(). Use NG_WAITOK on userlandGleb Smirnoff2005-05-161-1/+1
| | | | | | | path. Notes: svn path=/head/; revision=146284
* Create a per-module mutex on MOD_LOAD, and destroy it on MOD_UNLOAD.Ruslan Ermilov2005-02-051-1/+2
| | | | | | | | | (This fixes witness_destroy() panic after module unload.) OK'ed by: rwatson, julian Notes: svn path=/head/; revision=141341
* Do check that version of a message from userland matches ours.Gleb Smirnoff2005-02-041-0/+5
| | | | | | | MFC after: 3 days Notes: svn path=/head/; revision=141308
* - Fix build with TRACE_MESSAGES definedGleb Smirnoff2005-02-041-2/+2
| | | | | | | - Remove extra parenthesis Notes: svn path=/head/; revision=141286
* /* -> /*- for license, minor formatting changesWarner Losh2005-01-071-1/+3
| | | | Notes: svn path=/head/; revision=139823
* Move ng_socket and ng_btsocket initialization to SI_SUB_PROTO_DOMAIN as theyMax Laier2004-11-301-1/+1
| | | | | | | | | | | | | | | | | | call net_add_domain(). Calling this function too early (or late) breaks assertations about the global domains list. Actually it should be forbidden to call net_add_domain() outside of SI_SUB_PROTO_DOMAIN completely as there are many places where we traverse the domains list unprotected, but for now we allow late calls (mostly to support netgraph). In order to really fix this we have to lock the domains list in all places or find another way to ensure that we can safely walk the list while another thread might be adding a new domain. Spotted by: se Reviewed by: julian, glebius PR: kern/73321 (partly) Notes: svn path=/head/; revision=138238
generated by cgit v1.3 (git 2.53.0) at 2026-05-30 12:04:09 +0000