| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
to "orphans" hook as well.
Approved by: re (kib)
Notes:
svn path=/stable/7/; revision=202932
|
| |
|
|
|
|
|
|
|
|
|
| |
- Turn the third (islocked) argument of the knote call into flags parameter.
Introduce the new flag KNF_NOKQLOCK to allow event callers to be called
without KQ_LOCK mtx held.
- Modify VFS knote calls to always use KNF_NOKQLOCK flag. This is required
for ZFS as its getattr implementation may sleep.
Notes:
svn path=/stable/7/; revision=195586
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix infinite loop in ng_iface, that happens when packet passes out via
two different ng interfaces sequentially due to tunnelling.
PR: kern/134557
Submitted by: Mikolaj Golub
Notes:
svn path=/stable/7/; revision=195336
|
| |
|
|
|
|
|
|
|
| |
Mark ng_ether node hooks as HI_STACK. It is usually the last point when
netgraph may unroll the call stack, and I have found that in some cases 2K
guarantied there for i386 may be not enough for NIC driver and BPF.
Notes:
svn path=/stable/7/; revision=195232
|
| |
|
|
|
|
|
|
| |
Make it simpler to build netgraph modules outside of the kernel source
tree. This change follows similar ones in the device tree.
Notes:
svn path=/stable/7/; revision=194270
|
| |
|
|
|
|
|
|
|
|
| |
Fix copy-paste bug in NGM_NETFLOW_SETCONFIG argument size verification.
PR: kern/134220
Submitted by: Eugene Mychlo
Notes:
svn path=/stable/7/; revision=192415
|
| |
|
|
|
|
|
|
|
| |
To avoid one doubtless netgraph SMP scalability limitation point, switch
node queues processing from single swi:net thread to several specialized
threads.
Notes:
svn path=/stable/7/; revision=190175
|
| |
|
|
|
|
|
| |
Allow unprivileged users to run l2ping(8).
Notes:
svn path=/stable/7/; revision=189425
|
| |
|
|
|
|
|
|
|
| |
Update comment. soalloc() is no longer performing M_WAITOK memory allocations.
Submitted by: ru
Notes:
svn path=/stable/7/; revision=188547
|
| |
|
|
|
|
|
|
| |
Change message severity level from WARN to INFO. This should reduce
amount of messages sent to syslog
Notes:
svn path=/stable/7/; revision=188401
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Properly return error code to the caller. This should fix the following
panic in ng_l2cap(4).
panic: ng_l2cap_l2ca_con_req: ubt0l2cap - could not find connection!
While i'm here get rid of few goto's.
Notes:
svn path=/stable/7/; revision=188400
|
| |
|
|
|
|
|
|
|
| |
Remove strict limitation on minimal multilink MRRU. RFC claims that MRRU
of 1500 must be supported, but allows smaller values to be negotiated.
Enforce specified MRRU for outgoing frames.
Notes:
svn path=/stable/7/; revision=187982
|
| |
|
|
|
|
|
|
|
|
| |
Check for infinite recursion possible on some broken PPTP/L2TP/... VPN setups.
Mark packets with mbuf_tag on first interface passage and drop on second.
PR: ports/129625, ports/125303
Notes:
svn path=/stable/7/; revision=187955
|
| |
|
|
|
|
|
|
| |
If source mbuf chain consists of only one mbuf, use it directly as source
buffer to avoid extra copying.
Notes:
svn path=/stable/7/; revision=187954
|
| |
|
|
|
|
|
|
|
| |
Use m_unshare()+m_copyback() instead of m_freem()+m_devget() to keep
original mbuf chain headers. It can be less efficient in some cases, but it
looks better then mess of copying headers into the nonempty chain.
Notes:
svn path=/stable/7/; revision=187953
|
| |
|
|
|
|
|
|
|
| |
Mark ng_vjc node as FORCE_WRITER to protect slcompress state.
I think it can be the reason of livelock in netgraph reported by some
mpd users.
Notes:
svn path=/stable/7/; revision=187051
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We can't implicitly trust the hook on NGQF_FN/NGQF_FN2 processing in
ng_apply_item(). There are possible (and I have got one) use-after-free
class panics because of it.
If hook is specified, require it to be valid at the apply time. The only
exceptions are the internal ng_con_part2(), ng_con_part3() and
ng_rmhook_part2() functions which are specially made to work with invalid
hooks.
Notes:
svn path=/stable/7/; revision=186976
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add ability to generate egress netflow instead or in addition to ingress.
Use mbuf tagging for accounted packets to not account packets twice when
both ingress and egress netflow enabled.
To keep compatibility new "setconfig" message added to control new
functionality. By default node works as before, doing only ingress
accounting without using mbuf tags.
Reviewed by: glebius
Notes:
svn path=/stable/7/; revision=186973
|
| |
|
|
|
|
|
|
|
|
| |
Remove unused variable.
Found with: Coverity Prevent(tm)
CID: 3682
Notes:
svn path=/stable/7/; revision=186971
|
| |
|
|
|
|
|
|
|
|
| |
Fix typo. Clear session stats instead of config and part of stats.
Found with: Coverity Prevent(tm)
CID: 2472
Notes:
svn path=/stable/7/; revision=186970
|
| |
|
|
|
|
|
|
|
|
| |
Remove unneeded NULL check. At first msg can't be null here and and at second
NG_FREE_MSG() also checks it.
Found with: Coverity Prevent(tm)
Notes:
svn path=/stable/7/; revision=186969
|
| |
|
|
|
|
|
|
|
|
|
| |
Carefully handle memory errors to keep peers compression/encryption state
consistent. There are some cases reported where peers fatally getting out
of sync without any visible reason. I hope this solve the problem.
Unroll two loops of SHA1Update(). 60 bytes of static memory is not a price.
Notes:
svn path=/stable/7/; revision=186859
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove netatm from HEAD as it is not MPSAFE and relies on the now removed
NET_NEEDS_GIANT. netatm has been disconnected from the build for ten
months in HEAD/RELENG_7. Specifics:
- netatm include files
- netatm command line management tools
- libatm
- ATM parts in rescue and sysinstall
- sample configuration files and documents
- kernel support as a module or in NOTES
- netgraph wrapper nodes for netatm
- ctags data for netatm.
- netatm-specific device drivers.
Reviewed by: bz
Discussed with: bms, bz, harti
MFC discussed with: des, peter
Notes:
svn path=/stable/7/; revision=182526
|
| |
|
|
|
|
|
|
|
| |
Don't use memcpy() to copy several bytes.
Store IDs is host order. It is not so important to bloat code for it.
Combine m_adj() and M_PREPEND() into single M_PREPEND().
Notes:
svn path=/stable/7/; revision=182181
|
| |
|
|
|
|
|
|
|
| |
Implement ratelimiting for debug messages. For now, allow at most
one message per second. In the future might add a sysctl knob for
each socket family to fine tune this.
Notes:
svn path=/stable/7/; revision=181441
|
| |
|
|
|
|
|
| |
Increase maximum input queue size limit for raw Bluetooth HCI sockets.
Notes:
svn path=/stable/7/; revision=181310
|
| |
|
|
|
|
|
|
|
|
|
| |
See the commit message for
http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/net/route.c
version 1.129 (svn change # 178888) for more info.
Obtained from: Ironport (Cisco Systems)
Notes:
svn path=/stable/7/; revision=180774
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Rewrite node's r/w/q-lock semantics using only atomics instead of mutex
and atomics combination. Mutex is now used only for queue protection.
Also avoid unneded extra swi scheduling calls.
Add memory barriers to the node locking operations.
Add some comments.
Notes:
svn path=/stable/7/; revision=180035
|
| |
|
|
|
|
|
|
|
| |
Pass really available buffer size to libalias instead of MCLBYTES constant.
MCLBYTES constant were used with believe that m_megapullup() always moves
date into a fresh cluster that may become not so.
Notes:
svn path=/stable/7/; revision=179953
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use separate UMA zone for data items allocation. It is a partial
rev. 1.149 rework.
It allows to save several percents of CPU time on SMP by using UMA's
internal per-CPU allocation limits instead of own global variable
each time updated with atomics.
Also it restores NG_WAITOK flag processing.
PR: kern/123741
Notes:
svn path=/stable/7/; revision=179068
|
| |
|
|
|
|
|
|
| |
Replace callout_init(..., 1) with callout_init(..., CALLOUT_MPSAFE) for
better grep-compliance and to standardize with the rest of the kernel.
Notes:
svn path=/stable/7/; revision=179044
|
| |
|
|
|
|
|
|
|
|
|
| |
rev. 1.151: Remove impossible (hk_peer == NULL) check.
rev. 1.152: Remove ng_setisr() call from ng_dequeue().
rev. 1.153: There is no need to erase hook->hk_node before freeing hook.
rev. 1.154: Use new atomic_fetchadd() primitive instead of looping atomic_cmpset().
rev. 1.158: ng_address_hook() microoptimization.
Notes:
svn path=/stable/7/; revision=178326
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- Switch from timeval to bintime, to use 1/(2^20) of seconds instead of
microseconds. It allows to use bit shifts instead of some heavy 64bit
mul/div math operations.
- Account all node stats at the shape mode.
- Do not check destination hook presence, it will be done by netgraph.
- Use u_int instead of int in some places to simplify type conversions.
- Use NG_SEND_DATA_ONLY() macro instead of selfmade equivalent.
Notes:
svn path=/stable/7/; revision=177838
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
uart_dev_at91usart.c:1.13, scsi_low.h:1.9, subr_ntoskrnl.c:1.94,
OsdDebug.c:1.14, dcons_os.c:1.20, ofw_consle.c:1.37,
dev/sio.c:1.473, syscons.c:1.454, uart_core.c:1.23,
union_subr.c:1.96, i386/machdep.c:1.664, i386/mp_watchdog.c:1.6,
ia64/machdep.c:1.228, kern_clock.c:1.206, kern_shutdown.c:1.186,
subr_kdb.c:1.25, subr_witness.c:1.239, vfs_subr.c:1.711,
ng_base.c:1.140, cbus/sio.c:1.247, pc98/machdep.c:1.399,
aim/machdep.c:1.107, pswitch.c:1.7, mac_test.c:19.3,
psycho.c:1.73, sparc64/machdep.c:1.140, sparc64/trap.c:1.89,
hvcons.c:1.7, sun4v/machdep.c:1.17, sun4v/trap.c:1.17, kdb.h:1.6
from HEAD to RELENG_7:
Add a new 'why' argument to kdb_enter(), and a set of constants to use
for that argument. This will allow DDB to detect the broad category of
reason why the debugger has been entered, which it can use for the
purposes of deciding which DDB script to run.
Assign approximate why values to all current consumers of the
kdb_enter() interface.
For ABI/KPI reasons, the MFC creates a new function, kdb_enter_why(),
with the new argument, updating existing consumers to use that,
preserving kdb_enter() with the current argument, and wrapping it around
kdb_enter_why().
Notes:
svn path=/stable/7/; revision=177734
|
| |
|
|
|
|
|
|
|
|
| |
Rewrite node to support multiple hooks, alike to ng_l2tp, to use one pair
of pptpgre and ksocket nodes for all calls between two peers. This patch
modifies node's API by adding new "session_%04x" hook names support, while
keeping backward compatibility.
Notes:
svn path=/stable/7/; revision=177733
|
| |
|
|
|
|
|
|
|
| |
Add session ID hashing to speedup incoming packets dispatch in case
of many connections working via the same tunnel. For example, in case
of full "client <-> LAC <-> LNS" setup.
Notes:
svn path=/stable/7/; revision=177354
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Improve apply callback error reporting:
Before this patch callback returned result of the last finished call chain.
Now it returns last nonzero result from all call chain results in this request.
As soon as this improvement gives reliable error reporting, it is now possible
to remove dirty workaround in ng_socket, made to return ENOBUFS error statuses
of request-response operations. That workaround was responsible for returning
ENOBUFS errors to completely unrelated requests working at the same time
on socket.
Notes:
svn path=/stable/7/; revision=177281
|
| |
|
|
|
|
|
|
|
|
| |
To avoid control data losses, do not acknowledge recieving of control packet
if netgraph reported error while delivering to destination.
Reset 'next send' counter to the last requested by peer on ack timeout,
to resend all subsequest packets after lost one again without additional hints.
Notes:
svn path=/stable/7/; revision=177066
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Send only one incoming notification at a time to reduce queue
trashing and improve performance.
Remove waitflag argument from ng_ksocket_incoming2(), it means nothing
as function call was queued by netgraph.
Remove node validity check, as node validity guarantied by netgraph.
Update comments.
Notes:
svn path=/stable/7/; revision=177065
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Implement 128 items node name hash for faster name search.
Increase node ID hash size from 32 to 128 items.
Increase default queue items allocation limit from 512 to 4096 items
to avoid terrible unpredicted effects for netgraph operation of their
exhaustion while allocating control messages.
Add separate configurable 512 items limit for data items allocation
for DoS/overload protection.
Notes:
svn path=/stable/7/; revision=177001
|
| |
|
|
|
|
|
|
|
|
|
| |
Make session ID generator to use session ID hash.
Make session ID generator thread-safe.
Use more compact LIST instead of TAILQ for session hash.
Add all listening hooks into LIST to simplify searches.
Use ng_findhook() instead of own equal implementation.
Notes:
svn path=/stable/7/; revision=176913
|
| |
|
|
|
|
|
| |
Submitted by: Vadim Goncharov <vadim_nuclight@mail.ru>
Notes:
svn path=/stable/7/; revision=176912
|
| |
|
|
|
|
|
| |
Fix incorrect constant used in rev. 1.146 that broke node writer locking.
Notes:
svn path=/stable/7/; revision=176591
|
| |
|
|
|
|
|
| |
Fix shutdown bug made by previous commit.
Notes:
svn path=/stable/7/; revision=176529
|
| |
|
|
|
|
|
|
| |
Add option to set packets per second limits instead of default
bits per second ones.
Notes:
svn path=/stable/7/; revision=176067
|
| |
|
|
|
|
|
| |
Do not use bcmp() to compare two bytes with constants.
Notes:
svn path=/stable/7/; revision=176066
|
| |
|
|
|
|
|
|
|
| |
Implement stack protection based on GET_STACK_USAGE() macro.
This fixes system panics possible with complicated netgraph setups
and allows to avoid unneded extra queueing for stack unwrapping.
Notes:
svn path=/stable/7/; revision=176064
|
| |
|
|
|
|
|
|
|
| |
Implement stack protection based on GET_STACK_USAGE() macro.
This fixes system panics possible with complicated netgraph setups
and allows to avoid unneded extra queueing for stack unwrapping.
Notes:
svn path=/stable/7/; revision=176062
|
| |
|
|
|
|
|
|
|
|
| |
- Avoid data copying when it is possible. bpf_filter() is able to work
directly on mbuf chain
- Prepare hooks direct pointers on setup to avoid heavy ng_findhook() calls
during operarion.
Notes:
svn path=/stable/7/; revision=176005
|
| |
|
|
|
|
|
|
|
| |
Move all possible node logic out of the rcvdata() function
to the newhook()/disconnect().
Unify function names with other nodes.
Notes:
svn path=/stable/7/; revision=176003
|
