CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Tue Nov 21 06:49:56 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Provide a function to call MGETHDR and MCLGET The change fixes two usages of MGETHDR that don't check whether a mbuf is really allocated before passing it to MCLGET. To generate a diff of this commit: cvs rdiff -u -r1.235 -r1.236 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src
Module Name:src Committed By: ozaki-r Date: Mon Nov 20 09:01:20 UTC 2017 Modified Files: src/doc: TODO.smpnet src/sys/netinet6: in6_src.c Log Message: Mention IPv6 address selection policy isn't MP-safe yet Though it's not a problem until a policy is set. To generate a diff of this commit: cvs rdiff -u -r1.16 -r1.17 src/doc/TODO.smpnet cvs rdiff -u -r1.81 -r1.82 src/sys/netinet6/in6_src.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys
Module Name:src Committed By: ozaki-r Date: Fri Nov 17 09:26:36 UTC 2017 Modified Files: src/sys/kern: subr_localcount.c src/sys/sys: localcount.h Log Message: Implement a debugging facility (overflow/underflow detection) for localcount We cannot get an accurate count from a localcount instance because it consists of per-cpu counters and we have no way to sum them up atomically. So we cannot detect counter overflow/underflow as we can do on a normal refcount. The facility adds an atomic counter to each localcount instance to enable the validations. The counter ups and downs in synchronization with the per-CPU counters. The counter is used iff both DEBUG and LOCKDEBUG are enabled in the kernel. Discussed on tech-kern@ To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/sys/kern/subr_localcount.c cvs rdiff -u -r1.4 -r1.5 src/sys/sys/localcount.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/net
Module Name:src Committed By: ozaki-r Date: Fri Nov 17 07:52:07 UTC 2017 Modified Files: src/sys/net: if_bridge.c Log Message: Add missing IFEF_NO_LINK_STATE_CHANGE to bridge To generate a diff of this commit: cvs rdiff -u -r1.140 -r1.141 src/sys/net/if_bridge.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys
Module Name:src Committed By: ozaki-r Date: Fri Nov 17 07:37:12 UTC 2017 Modified Files: src/sys/net: bpf.c if.c if.h if_loop.c if_pppoe.c rtsock.c src/sys/net/npf: npf_os.c src/sys/netinet: if_arp.c igmp.c in.c ip_flow.c ip_input.c ip_output.c src/sys/netinet6: frag6.c in6.c ip6_flow.c ip6_input.c mld6.c nd6.c nd6_nbr.c src/sys/netipsec: ipsec_output.c Log Message: Provide macros for softnet_lock and KERNEL_LOCK hiding NET_MPSAFE switch It reduces C&P codes such as "#ifndef NET_MPSAFE KERNEL_LOCK(1, NULL); ..." scattered all over the source code and makes it easy to identify remaining KERNEL_LOCK and/or softnet_lock that are held even if NET_MPSAFE. No functional change To generate a diff of this commit: cvs rdiff -u -r1.218 -r1.219 src/sys/net/bpf.c cvs rdiff -u -r1.396 -r1.397 src/sys/net/if.c cvs rdiff -u -r1.242 -r1.243 src/sys/net/if.h cvs rdiff -u -r1.98 -r1.99 src/sys/net/if_loop.c cvs rdiff -u -r1.131 -r1.132 src/sys/net/if_pppoe.c cvs rdiff -u -r1.229 -r1.230 src/sys/net/rtsock.c cvs rdiff -u -r1.7 -r1.8 src/sys/net/npf/npf_os.c cvs rdiff -u -r1.254 -r1.255 src/sys/netinet/if_arp.c cvs rdiff -u -r1.64 -r1.65 src/sys/netinet/igmp.c cvs rdiff -u -r1.209 -r1.210 src/sys/netinet/in.c cvs rdiff -u -r1.80 -r1.81 src/sys/netinet/ip_flow.c cvs rdiff -u -r1.361 -r1.362 src/sys/netinet/ip_input.c cvs rdiff -u -r1.284 -r1.285 src/sys/netinet/ip_output.c cvs rdiff -u -r1.60 -r1.61 src/sys/netinet6/frag6.c cvs rdiff -u -r1.250 -r1.251 src/sys/netinet6/in6.c cvs rdiff -u -r1.34 -r1.35 src/sys/netinet6/ip6_flow.c cvs rdiff -u -r1.182 -r1.183 src/sys/netinet6/ip6_input.c cvs rdiff -u -r1.89 -r1.90 src/sys/netinet6/mld6.c cvs rdiff -u -r1.238 -r1.239 src/sys/netinet6/nd6.c cvs rdiff -u -r1.138 -r1.139 src/sys/netinet6/nd6_nbr.c cvs rdiff -u -r1.64 -r1.65 src/sys/netipsec/ipsec_output.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/sys
Module Name:src Committed By: ozaki-r Date: Thu Nov 16 10:40:30 UTC 2017 Modified Files: src/sys/sys: param.h Log Message: Bump kernel version for IFEF_MPSAFE Welcome to 8.99.7 To generate a diff of this commit: cvs rdiff -u -r1.551 -r1.552 src/sys/sys/param.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys
Module Name:src Committed By: ozaki-r Date: Thu Nov 16 03:07:18 UTC 2017 Modified Files: src/sys/arch/arm/sunxi: sunxi_emac.c src/sys/dev/ic: dwc_gmac.c src/sys/dev/pci: if_wm.c src/sys/dev/pci/ixgbe: ixgbe.c ixv.c src/sys/net: if.h if_bridge.c if_ethersubr.c if_gif.c if_l2tp.c if_loop.c if_pppoe.c if_vlan.c src/sys/netcan: if_canloop.c src/sys/netinet: ip_carp.c Log Message: Unify IFEF_*_MPSAFE into IFEF_MPSAFE There are already two flags for if_output and if_start, however, it seems such MPSAFE flags are eventually needed for all if_XXX operations. Having discrete flags for each operation is wasteful of if_extflags bits. So let's unify the flags into one: IFEF_MPSAFE. Fortunately IFEF_*_MPSAFE flags have never been included in any releases, so we can change them without breaking backward compatibility of the releases (though the kernel version of -current should be bumped). Note that if an interface have both MP-safe and non-MP-safe operations at a time, we have to set the IFEF_MPSAFE flag and let callees of non-MP-safe opeartions take the kernel lock. Proposed on tech-kern@ and tech-net@ To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/sys/arch/arm/sunxi/sunxi_emac.c cvs rdiff -u -r1.42 -r1.43 src/sys/dev/ic/dwc_gmac.c cvs rdiff -u -r1.542 -r1.543 src/sys/dev/pci/if_wm.c cvs rdiff -u -r1.111 -r1.112 src/sys/dev/pci/ixgbe/ixgbe.c cvs rdiff -u -r1.73 -r1.74 src/sys/dev/pci/ixgbe/ixv.c cvs rdiff -u -r1.241 -r1.242 src/sys/net/if.h cvs rdiff -u -r1.139 -r1.140 src/sys/net/if_bridge.c cvs rdiff -u -r1.245 -r1.246 src/sys/net/if_ethersubr.c cvs rdiff -u -r1.131 -r1.132 src/sys/net/if_gif.c cvs rdiff -u -r1.14 -r1.15 src/sys/net/if_l2tp.c cvs rdiff -u -r1.97 -r1.98 src/sys/net/if_loop.c cvs rdiff -u -r1.130 -r1.131 src/sys/net/if_pppoe.c cvs rdiff -u -r1.106 -r1.107 src/sys/net/if_vlan.c cvs rdiff -u -r1.2 -r1.3 src/sys/netcan/if_canloop.c cvs rdiff -u -r1.91 -r1.92 src/sys/netinet/ip_carp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netinet
Module Name:src Committed By: ozaki-r Date: Wed Nov 15 09:56:31 UTC 2017 Modified Files: src/sys/netinet: tcp_input.c Log Message: Convert SYN_CACHE_TIMER_ARM macro to static inline function (NFC) To generate a diff of this commit: cvs rdiff -u -r1.362 -r1.363 src/sys/netinet/tcp_input.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netinet
Module Name:src Committed By: ozaki-r Date: Wed Nov 15 09:55:22 UTC 2017 Modified Files: src/sys/netinet: tcp_input.c tcp_var.h Log Message: Make syn_cache_timer static To generate a diff of this commit: cvs rdiff -u -r1.361 -r1.362 src/sys/netinet/tcp_input.c cvs rdiff -u -r1.180 -r1.181 src/sys/netinet/tcp_var.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netinet
Module Name:src Committed By: ozaki-r Date: Wed Nov 15 09:54:18 UTC 2017 Modified Files: src/sys/netinet: tcp_input.c Log Message: Reduce return points (NFC) To generate a diff of this commit: cvs rdiff -u -r1.360 -r1.361 src/sys/netinet/tcp_input.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/net
Module Name:src Committed By: ozaki-r Date: Wed Nov 15 06:17:41 UTC 2017 Modified Files: src/sys/net: if_bridge.c Log Message: Mark callouts of bridge CALLOUT_MPSAFE To generate a diff of this commit: cvs rdiff -u -r1.138 -r1.139 src/sys/net/if_bridge.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/net
Module Name:src Committed By: ozaki-r Date: Wed Nov 15 04:08:02 UTC 2017 Modified Files: src/sys/net: if_loop.c Log Message: Don't take KERNEL_LOCK in looutput if NET_MPSAFE We can perhaps get rid of KERNEL_LOCK from looutput, but for now keep it for safe. To generate a diff of this commit: cvs rdiff -u -r1.96 -r1.97 src/sys/net/if_loop.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netinet6
Module Name:src Committed By: ozaki-r Date: Fri Nov 10 07:27:57 UTC 2017 Modified Files: src/sys/netinet6: in6_ifattach.c Log Message: Use psref instead of pserialize because that code is sleepable To generate a diff of this commit: cvs rdiff -u -r1.112 -r1.113 src/sys/netinet6/in6_ifattach.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netinet6
Module Name:src Committed By: ozaki-r Date: Fri Nov 10 07:25:39 UTC 2017 Modified Files: src/sys/netinet6: nd6.c Log Message: Use psref instead of pserialize because that code is sleepable To generate a diff of this commit: cvs rdiff -u -r1.237 -r1.238 src/sys/netinet6/nd6.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys
Module Name:src Committed By: ozaki-r Date: Fri Nov 10 07:24:28 UTC 2017 Modified Files: src/sys/net: if_llatbl.c if_llatbl.h src/sys/netinet: if_arp.c in.c src/sys/netinet6: in6.c nd6.c Log Message: Fix a deadlock between a route update and lltable It happens because rtalloc1 is called from lltable with holding IF_AFDATA_WLOCK. If a route update is in action, rtalloc1 would wait for its completion with holding IF_AFDATA_WLOCK. At the same moment, a softint (e.g., arpintr) may try to take IF_AFDATA_WLOCK and get stuck on it. Unfortunately the stuck softint prevents the route update from progressing because the route update calls psref_target_destroy that needs the softint to complete. A resource allocation graph of the senario looks like this: route update =(psref_target_destroy)=> softint => IF_AFDATA_WLOCK =(rt_update_wait)=> route update Fix the deadlock by pulling rtalloc1 out of the lltable codes inside IF_AFDATA_WLOCK. Note that the deadlock happens only if NET_MPSAFE is enabled. To generate a diff of this commit: cvs rdiff -u -r1.21 -r1.22 src/sys/net/if_llatbl.c cvs rdiff -u -r1.12 -r1.13 src/sys/net/if_llatbl.h cvs rdiff -u -r1.253 -r1.254 src/sys/netinet/if_arp.c cvs rdiff -u -r1.208 -r1.209 src/sys/netinet/in.c cvs rdiff -u -r1.249 -r1.250 src/sys/netinet6/in6.c cvs rdiff -u -r1.236 -r1.237 src/sys/netinet6/nd6.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys
Module Name:src Committed By: ozaki-r Date: Fri Nov 10 07:15:32 UTC 2017 Modified Files: src/sys/netinet: in.c src/sys/netinet6: in6.c Log Message: Remove redundant KASSERTMSG The function is static, has just one caller and the caller does the same check. To generate a diff of this commit: cvs rdiff -u -r1.207 -r1.208 src/sys/netinet/in.c cvs rdiff -u -r1.248 -r1.249 src/sys/netinet6/in6.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/net/ipsec
Module Name:src Committed By: ozaki-r Date: Thu Nov 9 04:51:07 UTC 2017 Modified Files: src/tests/net/ipsec: t_ipsec_misc.sh Log Message: Dedup some checks And the change a bit optimizes checks of SA expirations, which may shorten testing time. To generate a diff of this commit: cvs rdiff -u -r1.21 -r1.22 src/tests/net/ipsec/t_ipsec_misc.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/net/ipsec
Module Name:src Committed By: ozaki-r Date: Thu Nov 9 04:50:37 UTC 2017 Modified Files: src/tests/net/ipsec: t_ipsec_misc.sh Log Message: "Mark key_timehandler_ch callout as MP-safe" change needs one more sec to make lifetime tests stable To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/tests/net/ipsec/t_ipsec_misc.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Wed Nov 8 10:35:30 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Mark key_timehandler_ch callout as MP-safe (just forgot to do so) To generate a diff of this commit: cvs rdiff -u -r1.234 -r1.235 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/net
Module Name:src Committed By: ozaki-r Date: Tue Nov 7 09:17:06 UTC 2017 Modified Files: src/tests/net: net_common.sh Log Message: Stop using bpfjit Because most architectures don't support it and npf still works without it. To generate a diff of this commit: cvs rdiff -u -r1.23 -r1.24 src/tests/net/net_common.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/net/ndp
Module Name:src Committed By: ozaki-r Date: Tue Nov 7 02:19:23 UTC 2017 Modified Files: src/tests/net/ndp: t_ra.sh Log Message: Let rtadvd not use syslog for logging Thanks to christos@ now rtadvd can log via stderr instead of syslog by -D option. Address PR bin/52701 To generate a diff of this commit: cvs rdiff -u -r1.30 -r1.31 src/tests/net/ndp/t_ra.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/net/ndp
Module Name:src Committed By: ozaki-r Date: Mon Nov 6 10:51:40 UTC 2017 Modified Files: src/tests/net/ndp: t_ra.sh Log Message: Kill rtadvd surely even if the tests fail in the middle It may help PR bin/52701. To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/tests/net/ndp/t_ra.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netinet6
Module Name:src Committed By: ozaki-r Date: Sun Nov 5 07:03:37 UTC 2017 Modified Files: src/sys/netinet6: icmp6.c raw_ip6.c Log Message: Fix usages of ipsec_used If IPsec isn't used, we must go back to the normal path. PR kern/52659 To generate a diff of this commit: cvs rdiff -u -r1.213 -r1.214 src/sys/netinet6/icmp6.c cvs rdiff -u -r1.157 -r1.158 src/sys/netinet6/raw_ip6.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/net
Module Name:src Committed By: ozaki-r Date: Mon Oct 30 16:01:19 UTC 2017 Modified Files: src/sys/net: if_l2tp.c if_tap.c if_tun.c if_vlan.c Log Message: Set IFEF_NO_LINK_STATE_CHANGE flag to pseudo devices that don't use if_link_state_change To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/sys/net/if_l2tp.c cvs rdiff -u -r1.100 -r1.101 src/sys/net/if_tap.c cvs rdiff -u -r1.140 -r1.141 src/sys/net/if_tun.c cvs rdiff -u -r1.105 -r1.106 src/sys/net/if_vlan.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src
Module Name:src Committed By: ozaki-r Date: Mon Oct 30 15:59:24 UTC 2017 Modified Files: src/distrib/sets/lists/debug: mi src/distrib/sets/lists/tests: mi src/tests/net: net_common.sh src/tests/net/ipsec: Makefile Added Files: src/tests/net/ipsec: natt_terminator.c t_ipsec_natt.sh Log Message: Add test cases of NAT-T (transport mode) A small C program is added to make a special socket (UDP_ENCAP_ESPINUDP) and keep it to handle UDP-encapsulated ESP packets. To generate a diff of this commit: cvs rdiff -u -r1.227 -r1.228 src/distrib/sets/lists/debug/mi cvs rdiff -u -r1.764 -r1.765 src/distrib/sets/lists/tests/mi cvs rdiff -u -r1.22 -r1.23 src/tests/net/net_common.sh cvs rdiff -u -r1.9 -r1.10 src/tests/net/ipsec/Makefile cvs rdiff -u -r0 -r1.1 src/tests/net/ipsec/natt_terminator.c \ src/tests/net/ipsec/t_ipsec_natt.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.sbin/npf/npfctl
Module Name:src Committed By: ozaki-r Date: Mon Oct 30 04:53:43 UTC 2017 Modified Files: src/usr.sbin/npf/npfctl: npfctl.c Log Message: Fix showing translated port (ntohs-ed twice wrongly) To generate a diff of this commit: cvs rdiff -u -r1.53 -r1.54 src/usr.sbin/npf/npfctl/npfctl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/net/npf
Module Name:src Committed By: ozaki-r Date: Mon Oct 30 03:02:35 UTC 2017 Modified Files: src/sys/net/npf: npf_ctl.c Log Message: Fix npfclt reload on rump kernels It fails because npfctl cannot get an errno when it calls ioctl to the (rump) kernel; npfctl (libnpf) expects that an errno is returned via proplib, however, the rump library of npf doesn't so. It happens because of mishandlings of complicate npf kernel options. PR kern/52643 To generate a diff of this commit: cvs rdiff -u -r1.48 -r1.49 src/sys/net/npf/npf_ctl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/net/ipsec
Module Name:src Committed By: ozaki-r Date: Fri Oct 27 04:31:50 UTC 2017 Modified Files: src/tests/net/ipsec: algorithms.sh Log Message: Handle esp-udp for NAT-T To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/tests/net/ipsec/algorithms.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/doc
Module Name:src Committed By: ozaki-r Date: Wed Oct 25 07:35:40 UTC 2017 Modified Files: src/doc: TODO.smpnet Log Message: Mention ec_multi* To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 src/doc/TODO.smpnet Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/net
Module Name:src Committed By: ozaki-r Date: Wed Oct 25 04:33:15 UTC 2017 Modified Files: src/sys/net: if_bridge.c Log Message: Remove unnecessary splsoftnet To generate a diff of this commit: cvs rdiff -u -r1.137 -r1.138 src/sys/net/if_bridge.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/net
Module Name:src Committed By: ozaki-r Date: Wed Oct 25 04:17:34 UTC 2017 Modified Files: src/sys/net: if_bridge.c Log Message: Don't free sc_rthash twice To generate a diff of this commit: cvs rdiff -u -r1.136 -r1.137 src/sys/net/if_bridge.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/librumphijack
Module Name:src Committed By: ozaki-r Date: Mon Oct 23 06:52:17 UTC 2017 Modified Files: src/lib/librumphijack: hijack.c Log Message: Provide better debug messages for ioctl To generate a diff of this commit: cvs rdiff -u -r1.123 -r1.124 src/lib/librumphijack/hijack.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/net/ipsec
Module Name:src Committed By: ozaki-r Date: Fri Oct 20 03:45:47 UTC 2017 Modified Files: src/tests/net/ipsec: t_ipsec_misc.sh Log Message: Add test cases for one SP with multiple SAs These are for a bug reported recently which modifies SPs accidentally. To generate a diff of this commit: cvs rdiff -u -r1.19 -r1.20 src/tests/net/ipsec/t_ipsec_misc.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/net
Module Name:src Committed By: ozaki-r Date: Fri Oct 20 03:45:02 UTC 2017 Modified Files: src/tests/net: net_common.sh Log Message: Suppress name resolution To generate a diff of this commit: cvs rdiff -u -r1.21 -r1.22 src/tests/net/net_common.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/net/ipsec
Module Name:src Committed By: ozaki-r Date: Fri Oct 20 03:43:51 UTC 2017 Modified Files: src/tests/net/ipsec: common.sh t_ipsec_misc.sh Log Message: Fix incomplete SP setups To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/tests/net/ipsec/common.sh cvs rdiff -u -r1.18 -r1.19 src/tests/net/ipsec/t_ipsec_misc.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/net
Module Name:src Committed By: ozaki-r Date: Fri Oct 20 03:42:53 UTC 2017 Modified Files: src/tests/net: net_common.sh Log Message: Show packet counters To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/tests/net/net_common.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/net
Module Name:src Committed By: ozaki-r Date: Thu Oct 19 01:57:15 UTC 2017 Modified Files: src/sys/net: bpf.c Log Message: Turn on D_MPSAFE flag of bpf_cdevsw that is already MP-safe Pointed out by k-goda@IIJ To generate a diff of this commit: cvs rdiff -u -r1.216 -r1.217 src/sys/net/bpf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Tue Oct 17 07:23:08 UTC 2017 Modified Files: src/sys/netipsec: ipsec.c Log Message: Fix buffer length for ipsec_logsastr To generate a diff of this commit: cvs rdiff -u -r1.121 -r1.122 src/sys/netipsec/ipsec.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.sbin/inetd
Module Name:src Committed By: ozaki-r Date: Tue Oct 17 07:13:19 UTC 2017 Modified Files: src/usr.sbin/inetd: inetd.c Log Message: Don't setup SPs if no policy sepecifier is specified We expect that SPs are set up iff some policy sepecifier(s) are specified. Found on investigating an issue reported by Robert Swindells To generate a diff of this commit: cvs rdiff -u -r1.123 -r1.124 src/usr.sbin/inetd/inetd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/doc
Module Name:src Committed By: ozaki-r Date: Thu Oct 12 03:31:39 UTC 2017 Modified Files: src/doc: TODO.smpnet Log Message: Mention NOMPSAFE To generate a diff of this commit: cvs rdiff -u -r1.14 -r1.15 src/doc/TODO.smpnet Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/doc
Module Name:src Committed By: ozaki-r Date: Thu Oct 12 03:07:39 UTC 2017 Modified Files: src/doc: CHANGES.prev Log Message: Mention MP-ifications of bpf, vlan, opencrypto and ipsec To generate a diff of this commit: cvs rdiff -u -r1.135 -r1.136 src/doc/CHANGES.prev Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/net
Module Name:src Committed By: ozaki-r Date: Thu Oct 12 02:40:59 UTC 2017 Modified Files: src/sys/net: if_vlan.c Log Message: Set IFEF_START_MPSAFE by default Because vlan_start is already MP-safe, there is no reason to not do so. Acked by s-yamaguchi@IIJ To generate a diff of this commit: cvs rdiff -u -r1.102 -r1.103 src/sys/net/if_vlan.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netinet6
Module Name:src Committed By: ozaki-r Date: Thu Oct 5 03:42:14 UTC 2017 Modified Files: src/sys/netinet6: nd6.c Log Message: Add missing NULL check PR kern/52554 To generate a diff of this commit: cvs rdiff -u -r1.235 -r1.236 src/sys/netinet6/nd6.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/sys
Module Name:src Committed By: ozaki-r Date: Wed Oct 4 02:25:07 UTC 2017 Modified Files: src/sys/sys: protosw.h Log Message: Include socketvar.h for softnet_lock To generate a diff of this commit: cvs rdiff -u -r1.67 -r1.68 src/sys/sys/protosw.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Tue Oct 3 08:56:52 UTC 2017 Modified Files: src/sys/netipsec: ipsec.h ipsec6.h ipsec_output.c key.c key.h xform.h xform_ah.c xform_esp.c xform_ipcomp.c xform_ipip.c xform_tcp.c Log Message: Constify isr at many places (NFC) To generate a diff of this commit: cvs rdiff -u -r1.60 -r1.61 src/sys/netipsec/ipsec.h cvs rdiff -u -r1.19 -r1.20 src/sys/netipsec/ipsec6.h cvs rdiff -u -r1.63 -r1.64 src/sys/netipsec/ipsec_output.c cvs rdiff -u -r1.233 -r1.234 src/sys/netipsec/key.c cvs rdiff -u -r1.31 -r1.32 src/sys/netipsec/key.h cvs rdiff -u -r1.11 -r1.12 src/sys/netipsec/xform.h cvs rdiff -u -r1.73 -r1.74 src/sys/netipsec/xform_ah.c cvs rdiff -u -r1.71 -r1.72 src/sys/netipsec/xform_esp.c cvs rdiff -u -r1.52 -r1.53 src/sys/netipsec/xform_ipcomp.c cvs rdiff -u -r1.53 -r1.54 src/sys/netipsec/xform_ipip.c cvs rdiff -u -r1.15 -r1.16 src/sys/netipsec/xform_tcp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Tue Oct 3 08:34:28 UTC 2017 Modified Files: src/sys/netipsec: ipsec_output.c key.c key.h Log Message: Fix SP is broken on transport mode isr->saidx was modified accidentally in ipsec_nextisr. Reported by christos@ Helped investigations by christos@ and knakahara@ To generate a diff of this commit: cvs rdiff -u -r1.62 -r1.63 src/sys/netipsec/ipsec_output.c cvs rdiff -u -r1.232 -r1.233 src/sys/netipsec/key.c cvs rdiff -u -r1.30 -r1.31 src/sys/netipsec/key.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Tue Oct 3 08:25:21 UTC 2017 Modified Files: src/sys/netipsec: ipsec.c ipsec.h ipsec_output.c key.c key.h Log Message: Don't abuse key_checkrequest just for looking up sav It does more than expected for example key_acquire. To generate a diff of this commit: cvs rdiff -u -r1.120 -r1.121 src/sys/netipsec/ipsec.c cvs rdiff -u -r1.59 -r1.60 src/sys/netipsec/ipsec.h cvs rdiff -u -r1.61 -r1.62 src/sys/netipsec/ipsec_output.c cvs rdiff -u -r1.231 -r1.232 src/sys/netipsec/key.c cvs rdiff -u -r1.29 -r1.30 src/sys/netipsec/key.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Tue Oct 3 07:32:53 UTC 2017 Modified Files: src/sys/netipsec: ipsec_output.c Log Message: Pull out ipsec_fill_saidx_bymbuf (NFC) To generate a diff of this commit: cvs rdiff -u -r1.60 -r1.61 src/sys/netipsec/ipsec_output.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/net
Module Name:src Committed By: ozaki-r Date: Mon Oct 2 07:40:25 UTC 2017 Modified Files: src/sys/net: if_bridge.c Log Message: Add curlwp_bind to bridge_input for psref It can be called in a thread context via tap (tap_dev_write). Fix PR kern/52587 To generate a diff of this commit: cvs rdiff -u -r1.134 -r1.135 src/sys/net/if_bridge.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/arch/x86/include
Module Name:src Committed By: ozaki-r Date: Fri Sep 29 03:17:18 UTC 2017 Modified Files: src/sys/arch/x86/include: pmap.h Log Message: Fix build sys/arch/x86/x86/cpu.c:920:20: error: 'pmap_largepages' undeclared (first use in this function) smp_data.large = (pmap_largepages != 0); ^ To generate a diff of this commit: cvs rdiff -u -r1.67 -r1.68 src/sys/arch/x86/include/pmap.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys
Module Name:src Committed By: ozaki-r Date: Wed Sep 27 10:05:05 UTC 2017 Modified Files: src/sys/netinet: in_proto.c ip_input.c src/sys/netinet6: in6_proto.c ip6_input.c ip6protosw.h src/sys/sys: protosw.h Log Message: Take softnet_lock on pr_input properly if NET_MPSAFE Currently softnet_lock is taken unnecessarily in some cases, e.g., icmp_input and encap4_input from ip_input, or not taken even if needed, e.g., udp_input and tcp_input from ipsec4_common_input_cb. Fix them. NFC if NET_MPSAFE is disabled (default). To generate a diff of this commit: cvs rdiff -u -r1.124 -r1.125 src/sys/netinet/in_proto.c cvs rdiff -u -r1.360 -r1.361 src/sys/netinet/ip_input.c cvs rdiff -u -r1.118 -r1.119 src/sys/netinet6/in6_proto.c cvs rdiff -u -r1.181 -r1.182 src/sys/netinet6/ip6_input.c cvs rdiff -u -r1.25 -r1.26 src/sys/netinet6/ip6protosw.h cvs rdiff -u -r1.66 -r1.67 src/sys/sys/protosw.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Wed Sep 27 09:55:53 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Add missing ifdef NET_MPSAFE To generate a diff of this commit: cvs rdiff -u -r1.226 -r1.227 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Wed Sep 27 07:27:29 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Fix deadlock between pserialize_perform and localcount_drain A typical ussage of localcount_drain looks like this: mutex_enter(&mtx); item = remove_from_list(); pserialize_perform(psz); localcount_drain(&item->localcount, &cv, &mtx); mutex_exit(&mtx); This sequence can cause a deadlock which happens for example on the following situation: - Thread A calls localcount_drain which calls xc_broadcast after releasing a specified mutex - Thread B enters the sequence and calls pserialize_perform with holding the mutex while pserialize_perform also calls xc_broadcast - Thread C (xc_thread) that calls an xcall callback of localcount_drain tries to hold the mutex xc_broadcast of thread B doesn't start until xc_broadcast of thread A finishes, which is a feature of xcall(9). This means that pserialize_perform never complete until xc_broadcast of thread A finishes. On the other hand, thread C that is a callee of xc_broadcast of thread A sticks on the mutex. Finally the threads block each other (A blocks B, B blocks C and C blocks A). A possible fix is to serialize executions of the above sequence by another mutex, but adding another mutex makes the code complex, so fix the deadlock by another way; the fix is to release the mutex before pserialize_perform and instead use a condvar to prevent pserialize_perform from being called simultaneously. Note that the deadlock has happened only if NET_MPSAFE is enabled. To generate a diff of this commit: cvs rdiff -u -r1.225 -r1.226 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/net
Module Name:src Committed By: ozaki-r Date: Mon Sep 25 04:15:33 UTC 2017 Modified Files: src/sys/net: route.c Log Message: Synchronize on rtcache_generation with rtlock It's racy if NET_MPSAFE is enabled. Pointed out by joerg@ To generate a diff of this commit: cvs rdiff -u -r1.200 -r1.201 src/sys/net/route.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/net
Module Name:src Committed By: ozaki-r Date: Mon Sep 25 01:57:54 UTC 2017 Modified Files: src/sys/net: raw_usrreq.c rtsock.c Log Message: Use a dedicated mutex for rt_rawcb instead of softnet_lock if NET_MPSAFE To generate a diff of this commit: cvs rdiff -u -r1.57 -r1.58 src/sys/net/raw_usrreq.c cvs rdiff -u -r1.228 -r1.229 src/sys/net/rtsock.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys
Module Name:src Committed By: ozaki-r Date: Mon Sep 25 01:56:22 UTC 2017 Modified Files: src/sys/net: raw_cb.c raw_cb.h raw_usrreq.c rtsock.c src/sys/netipsec: keysock.c Log Message: Fix race condition on the rawcb list shared by rtsock and keysock keysock now protects itself by its own mutex, which means that the rawcb list is protected by two different mutexes (keysock's one and softnet_lock for rtsock), of course it's useless. Fix the situation by having a discrete rawcb list for each. To generate a diff of this commit: cvs rdiff -u -r1.23 -r1.24 src/sys/net/raw_cb.c cvs rdiff -u -r1.27 -r1.28 src/sys/net/raw_cb.h cvs rdiff -u -r1.56 -r1.57 src/sys/net/raw_usrreq.c cvs rdiff -u -r1.227 -r1.228 src/sys/net/rtsock.c cvs rdiff -u -r1.60 -r1.61 src/sys/netipsec/keysock.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/net
Module Name:src Committed By: ozaki-r Date: Fri Sep 22 05:05:32 UTC 2017 Modified Files: src/sys/net: route.c Log Message: Remove the global lock for rtcache Thanks to removal of LIST_ENTRY of struct route, rtcaches are accessed only by their users. And in existing usages a rtcache is guranteed to be not accessed simultaneously. So the rtcache framework doesn't need any exclusion controls in itself. To generate a diff of this commit: cvs rdiff -u -r1.199 -r1.200 src/sys/net/route.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/sys
Module Name:src Committed By: ozaki-r Date: Thu Sep 21 07:22:03 UTC 2017 Modified Files: src/sys/sys: param.h Log Message: Dump the kernel version for the latest change of struct route Welcome to 8.99.3 To generate a diff of this commit: cvs rdiff -u -r1.545 -r1.546 src/sys/sys/param.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys
Module Name:src Committed By: ozaki-r Date: Thu Sep 21 07:15:35 UTC 2017 Modified Files: src/sys/net: route.c route.h src/sys/netatalk: at_proto.c src/sys/netinet: in_proto.c src/sys/netinet6: in6_proto.c src/sys/netmpls: mpls_proto.c src/sys/netnatm: natm_proto.c src/sys/rump/net/lib/libsockin: sockin.c src/sys/sys: domain.h Log Message: Invalidate rtcache based on a global generation counter The change introduces a global generation counter that is incremented when any routes have been added or deleted. When a rtcache caches a rtentry into itself, it also stores a snapshot of the generation counter. If the snapshot equals to the global counter, the cache is still valid, otherwise invalidated. One drawback of the change is that all rtcaches of all protocol families are invalidated when any routes of any protocol families are added or deleted. If that matters, we should have separate generation counters based on protocol families. This change removes LIST_ENTRY from struct route, which fixes a part of PR kern/52515. To generate a diff of this commit: cvs rdiff -u -r1.198 -r1.199 src/sys/net/route.c cvs rdiff -u -r1.113 -r1.114 src/sys/net/route.h cvs rdiff -u -r1.21 -r1.22 src/sys/netatalk/at_proto.c cvs rdiff -u -r1.123 -r1.124 src/sys/netinet/in_proto.c cvs rdiff -u -r1.117 -r1.118 src/sys/netinet6/in6_proto.c cvs rdiff -u -r1.30 -r1.31 src/sys/netmpls/mpls_proto.c cvs rdiff -u -r1.17 -r1.18 src/sys/netnatm/natm_proto.c cvs rdiff -u -r1.64 -r1.65 src/sys/rump/net/lib/libsockin/sockin.c cvs rdiff -u -r1.32 -r1.33 src/sys/sys/domain.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/net
Module Name:src Committed By: ozaki-r Date: Thu Sep 21 04:44:32 UTC 2017 Modified Files: src/sys/net: route.c Log Message: Remove unnecessary NULL check of rt_ifp It's always non-NULL. To generate a diff of this commit: cvs rdiff -u -r1.197 -r1.198 src/sys/net/route.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src
Module Name:src Committed By: ozaki-r Date: Wed Sep 20 09:36:20 UTC 2017 Modified Files: src/distrib/sets/lists/tests: mi src/tests/net/route: Makefile Added Files: src/tests/net/route: t_rtcache.sh Log Message: Add tests of rtcache invalidation To generate a diff of this commit: cvs rdiff -u -r1.761 -r1.762 src/distrib/sets/lists/tests/mi cvs rdiff -u -r1.5 -r1.6 src/tests/net/route/Makefile cvs rdiff -u -r0 -r1.1 src/tests/net/route/t_rtcache.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Tue Sep 19 02:44:14 UTC 2017 Modified Files: src/sys/netipsec: ipsec.c Log Message: Share a global dummy SP between PCBs It's never be changed so it can be pre-allocated and shared safely between PCBs. To generate a diff of this commit: cvs rdiff -u -r1.118 -r1.119 src/sys/netipsec/ipsec.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/doc
Module Name:src Committed By: ozaki-r Date: Thu Aug 10 09:26:55 UTC 2017 Modified Files: src/doc: TODO.smpnet Log Message: Write known issues on scalability To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/doc/TODO.smpnet Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/doc
Module Name:src Committed By: ozaki-r Date: Thu Aug 10 09:08:54 UTC 2017 Modified Files: src/doc: TODO.smpnet Log Message: Update ipsec(4), opencrypto(9) and vlan(4) are now MP-safe. To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/doc/TODO.smpnet Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Thu Aug 10 06:33:51 UTC 2017 Modified Files: src/sys/netipsec: xform_ah.c xform_esp.c xform_ipcomp.c Log Message: Use pool_cache(9) instead of pool(9) for tdb_crypto objects The change improves network throughput especially on multi-core systems. To generate a diff of this commit: cvs rdiff -u -r1.72 -r1.73 src/sys/netipsec/xform_ah.c cvs rdiff -u -r1.70 -r1.71 src/sys/netipsec/xform_esp.c cvs rdiff -u -r1.51 -r1.52 src/sys/netipsec/xform_ipcomp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Thu Aug 10 06:11:24 UTC 2017 Modified Files: src/sys/netipsec: ipsec.c ipsec.h ipsec_output.c Log Message: Add per-CPU rtcache to ipsec_reinject_ipstack It reduces route lookups and also reduces rtcache lock contentions when NET_MPSAFE is enabled. To generate a diff of this commit: cvs rdiff -u -r1.117 -r1.118 src/sys/netipsec/ipsec.c cvs rdiff -u -r1.58 -r1.59 src/sys/netipsec/ipsec.h cvs rdiff -u -r1.59 -r1.60 src/sys/netipsec/ipsec_output.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Thu Aug 10 06:09:00 UTC 2017 Modified Files: src/sys/netipsec: ipsec_output.c Log Message: Simplify ipsec_reinject_ipstack (NFC) To generate a diff of this commit: cvs rdiff -u -r1.58 -r1.59 src/sys/netipsec/ipsec_output.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Wed Aug 9 09:48:11 UTC 2017 Modified Files: src/sys/netipsec: key.c key.h keydb.h xform_ah.c xform_esp.c xform_ipcomp.c Log Message: MP-ify SAD (savlist) localcount(9) is used to protect savlist of sah. The basic design is similar to MP-ifications of SPD and SAD sahlist. Please read the locking notes of SAD for more details. To generate a diff of this commit: cvs rdiff -u -r1.222 -r1.223 src/sys/netipsec/key.c cvs rdiff -u -r1.28 -r1.29 src/sys/netipsec/key.h cvs rdiff -u -r1.19 -r1.20 src/sys/netipsec/keydb.h cvs rdiff -u -r1.71 -r1.72 src/sys/netipsec/xform_ah.c cvs rdiff -u -r1.69 -r1.70 src/sys/netipsec/xform_esp.c cvs rdiff -u -r1.50 -r1.51 src/sys/netipsec/xform_ipcomp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Wed Aug 9 08:30:54 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Limit the number of mbufs queued for deferred key_sendup_mbuf It's easy to be queued hundreds of mbufs on the list under heavy network load. To generate a diff of this commit: cvs rdiff -u -r1.221 -r1.222 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Wed Aug 9 06:04:41 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Fix that prev isn't cleared on retry To generate a diff of this commit: cvs rdiff -u -r1.220 -r1.221 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Wed Aug 9 04:29:36 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Fix deadlock between key_sendup_mbuf called from key_acquire and localcount_drain If we call key_sendup_mbuf from key_acquire that is called on packet processing, a deadlock can happen like this: - At key_acquire, a reference to an SP (and an SA) is held - key_sendup_mbuf will try to take key_so_mtx - Some other thread may try to localcount_drain to the SP with holding key_so_mtx in say key_api_spdflush - In this case localcount_drain never return because key_sendup_mbuf that has stuck on key_so_mtx never release a reference to the SP Fix the deadlock by deferring key_sendup_mbuf to the timer (key_timehandler). To generate a diff of this commit: cvs rdiff -u -r1.219 -r1.220 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Wed Aug 9 03:41:11 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Fix locking notes of SAD To generate a diff of this commit: cvs rdiff -u -r1.218 -r1.219 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Tue Aug 8 10:41:33 UTC 2017 Modified Files: src/sys/netipsec: keysock.c Log Message: Fix KASSERT(solocked(sb->sb_so)) failure in sbappendaddr that is called eventually from key_sendup_mbuf If key_sendup_mbuf isn't passed a socket, the assertion fails. Originally in this case sb->sb_so was softnet_lock and callers held softnet_lock so the assertion was magically satisfied. Now sb->sb_so is key_so_mtx and also softnet_lock isn't always held by callers so the assertion can fail. Fix it by holding key_so_mtx if key_sendup_mbuf isn't passed a socket. Reported by knakahara@ Tested by knakahara@ and ozaki-r@ To generate a diff of this commit: cvs rdiff -u -r1.59 -r1.60 src/sys/netipsec/keysock.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Tue Aug 8 08:24:34 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Destroy sav only in the loop for DEAD sav To generate a diff of this commit: cvs rdiff -u -r1.217 -r1.218 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Tue Aug 8 08:23:10 UTC 2017 Modified Files: src/sys/netipsec: key.c key.h key_debug.c Log Message: Introduce key_sa_refcnt and replace sav->refcnt with it (NFC) To generate a diff of this commit: cvs rdiff -u -r1.216 -r1.217 src/sys/netipsec/key.c cvs rdiff -u -r1.27 -r1.28 src/sys/netipsec/key.h cvs rdiff -u -r1.19 -r1.20 src/sys/netipsec/key_debug.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Tue Aug 8 04:17:34 UTC 2017 Modified Files: src/sys/netipsec: key.c keydb.h Log Message: MP-ify SAD (key_sad.sahlist and sah entries) localcount(9) is used to protect key_sad.sahlist and sah entries as well as SPD (and will be used for SAD sav). Please read the locking notes of SAD for more details. To generate a diff of this commit: cvs rdiff -u -r1.215 -r1.216 src/sys/netipsec/key.c cvs rdiff -u -r1.18 -r1.19 src/sys/netipsec/keydb.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/net/ipsec
Module Name:src Committed By: ozaki-r Date: Tue Aug 8 02:27:03 UTC 2017 Modified Files: src/tests/net/ipsec: common.sh Log Message: Fix setkey -D -P outputs The outputs were tweaked (by me), but I forgot updating libipsec in my local ATF environment... To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/tests/net/ipsec/common.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Tue Aug 8 01:56:49 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Add missing mutex_exit To generate a diff of this commit: cvs rdiff -u -r1.214 -r1.215 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Tue Aug 8 01:56:10 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Tweak wording (pserialize critical section => pserialize read section) Suggested by riastradh@ To generate a diff of this commit: cvs rdiff -u -r1.213 -r1.214 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Tue Aug 8 01:55:17 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Add __read_mostly to key_psz Suggested by riastradh@ To generate a diff of this commit: cvs rdiff -u -r1.212 -r1.213 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Mon Aug 7 07:45:45 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Hold key_sad.lock on SAVLIST_WRITER_INSERT_TAIL To generate a diff of this commit: cvs rdiff -u -r1.211 -r1.212 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Mon Aug 7 03:30:46 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Describe constraints of key_sp_ref and key_sp_unref Requested by riastradh@ To generate a diff of this commit: cvs rdiff -u -r1.210 -r1.211 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Mon Aug 7 03:28:31 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Update the locking notes - Add locking order - Add locking notes for misc lists such as reglist - Mention pserialize, key_sp_ref and key_sp_unref on SP operations Requested by riastradh@ To generate a diff of this commit: cvs rdiff -u -r1.209 -r1.210 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Mon Aug 7 03:22:33 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Move locking notes To generate a diff of this commit: cvs rdiff -u -r1.208 -r1.209 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Mon Aug 7 03:21:59 UTC 2017 Modified Files: src/sys/netipsec: key.c keydb.h Log Message: Assemble global lists and related locks into cache lines (NFCI) Also rename variable names from *tree to *list because they are just lists, not trees. Suggested by riastradh@ To generate a diff of this commit: cvs rdiff -u -r1.207 -r1.208 src/sys/netipsec/key.c cvs rdiff -u -r1.17 -r1.18 src/sys/netipsec/keydb.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Mon Aug 7 03:20:02 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Use KDASSERT instead of KASSERT for mutex_ownable Because mutex_ownable is too heavy to run in a fast path even for DIAGNOSTIC + LOCKDEBUG. Suggested by riastradh@ To generate a diff of this commit: cvs rdiff -u -r1.206 -r1.207 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Mon Aug 7 03:18:32 UTC 2017 Modified Files: src/sys/netipsec: ipsec.c Log Message: Remove out-of-date log output Pointed out by riastradh@ To generate a diff of this commit: cvs rdiff -u -r1.116 -r1.117 src/sys/netipsec/ipsec.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys
Module Name:src Committed By: ozaki-r Date: Thu Aug 3 06:32:51 UTC 2017 Modified Files: src/sys/netinet: tcp_input.c tcp_output.c src/sys/netipsec: ipsec.c ipsec_input.c ipsec_netbsd.c ipsec_output.c key.c key.h xform_ah.c xform_esp.c xform_ipcomp.c Log Message: Introduce KEY_SA_UNREF and replace KEY_FREESAV with it where sav will never be actually freed in the future KEY_SA_UNREF is still key_freesav so no functional change for now. This change reduces diff of further changes. To generate a diff of this commit: cvs rdiff -u -r1.359 -r1.360 src/sys/netinet/tcp_input.c cvs rdiff -u -r1.196 -r1.197 src/sys/netinet/tcp_output.c cvs rdiff -u -r1.115 -r1.116 src/sys/netipsec/ipsec.c cvs rdiff -u -r1.50 -r1.51 src/sys/netipsec/ipsec_input.c cvs rdiff -u -r1.44 -r1.45 src/sys/netipsec/ipsec_netbsd.c cvs rdiff -u -r1.57 -r1.58 src/sys/netipsec/ipsec_output.c cvs rdiff -u -r1.205 -r1.206 src/sys/netipsec/key.c cvs rdiff -u -r1.26 -r1.27 src/sys/netipsec/key.h cvs rdiff -u -r1.70 -r1.71 src/sys/netipsec/xform_ah.c cvs rdiff -u -r1.68 -r1.69 src/sys/netipsec/xform_esp.c cvs rdiff -u -r1.49 -r1.50 src/sys/netipsec/xform_ipcomp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Thu Aug 3 06:31:58 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: MP-ify SAD slightly - Introduce key_sa_mtx and use it for some list operations - Use pserialize for some list iterations To generate a diff of this commit: cvs rdiff -u -r1.204 -r1.205 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Thu Aug 3 06:31:16 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Rename local variable newsah to sah It may not be new. To generate a diff of this commit: cvs rdiff -u -r1.203 -r1.204 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Thu Aug 3 06:30:40 UTC 2017 Modified Files: src/sys/netipsec: key.c keydb.h Log Message: Use pslist(9) for sah->savtree To generate a diff of this commit: cvs rdiff -u -r1.202 -r1.203 src/sys/netipsec/key.c cvs rdiff -u -r1.16 -r1.17 src/sys/netipsec/keydb.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Thu Aug 3 06:30:04 UTC 2017 Modified Files: src/sys/netipsec: key.c keydb.h Log Message: Use pslist(9) for sahtree To generate a diff of this commit: cvs rdiff -u -r1.201 -r1.202 src/sys/netipsec/key.c cvs rdiff -u -r1.15 -r1.16 src/sys/netipsec/keydb.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Thu Aug 3 04:42:26 UTC 2017 Modified Files: src/sys/netipsec: ipsec_input.c Log Message: Remove unnecessary KEY_FREESAV in an error path sav should be freed (unreferenced) by the caller. To generate a diff of this commit: cvs rdiff -u -r1.49 -r1.50 src/sys/netipsec/ipsec_input.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/net
Module Name:src Committed By: ozaki-r Date: Thu Aug 3 03:16:27 UTC 2017 Modified Files: src/tests/net/carp: t_basic.sh src/tests/net/if_gif: t_gif.sh src/tests/net/if_l2tp: t_l2tp.sh src/tests/net/ipsec: t_ipsec_ah_keys.sh t_ipsec_esp_keys.sh t_ipsec_gif.sh t_ipsec_l2tp.sh t_ipsec_misc.sh t_ipsec_sockopt.sh t_ipsec_tcp.sh t_ipsec_transport.sh t_ipsec_tunnel.sh t_ipsec_tunnel_ipcomp.sh t_ipsec_tunnel_odd.sh src/tests/net/mcast: t_mcast.sh src/tests/net/net: t_ipaddress.sh src/tests/net/npf: t_npf.sh src/tests/net/route: t_flags.sh t_flags6.sh Log Message: Clean up clunky eval strings - Remove unnecessary \ at EOL - This allows to omit ; too - Remove unnecessary quotes for arguments of atf_set - Don't expand $DEBUG in eval - We expect it's expanded on execution Suggested by kre@ To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/tests/net/carp/t_basic.sh cvs rdiff -u -r1.10 -r1.11 src/tests/net/if_gif/t_gif.sh cvs rdiff -u -r1.2 -r1.3 src/tests/net/if_l2tp/t_l2tp.sh cvs rdiff -u -r1.1 -r1.2 src/tests/net/ipsec/t_ipsec_ah_keys.sh \ src/tests/net/ipsec/t_ipsec_esp_keys.sh \ src/tests/net/ipsec/t_ipsec_sockopt.sh src/tests/net/ipsec/t_ipsec_tcp.sh \ src/tests/net/ipsec/t_ipsec_tunnel_ipcomp.sh cvs rdiff -u -r1.6 -r1.7 src/tests/net/ipsec/t_ipsec_gif.sh \ src/tests/net/ipsec/t_ipsec_l2tp.sh cvs rdiff -u -r1.17 -r1.18 src/tests/net/ipsec/t_ipsec_misc.sh cvs rdiff -u -r1.5 -r1.6 src/tests/net/ipsec/t_ipsec_transport.sh cvs rdiff -u -r1.8 -r1.9 src/tests/net/ipsec/t_ipsec_tunnel.sh cvs rdiff -u -r1.2 -r1.3 src/tests/net/ipsec/t_ipsec_tunnel_odd.sh cvs rdiff -u -r1.5 -r1.6 src/tests/net/mcast/t_mcast.sh cvs rdiff -u -r1.10 -r1.11 src/tests/net/net/t_ipaddress.sh cvs rdiff -u -r1.2 -r1.3 src/tests/net/npf/t_npf.sh cvs rdiff -u -r1.19 -r1.20 src/tests/net/route/t_flags.sh cvs rdiff -u -r1.15 -r1.16 src/tests/net/route/t_flags6.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Thu Aug 3 03:12:02 UTC 2017 Modified Files: src/sys/netipsec: key.c Log Message: Don't allow sav->lft_c to be NULL lft_c of an sav that was created by SADB_GETSPI could be NULL. To generate a diff of this commit: cvs rdiff -u -r1.200 -r1.201 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/net/ipsec
Module Name:src Committed By: ozaki-r Date: Wed Aug 2 06:30:00 UTC 2017 Modified Files: src/tests/net/ipsec: common.sh t_ipsec_misc.sh Log Message: Add test cases that there are SPs but no relevant SAs To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/tests/net/ipsec/common.sh cvs rdiff -u -r1.16 -r1.17 src/tests/net/ipsec/t_ipsec_misc.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Wed Aug 2 04:03:29 UTC 2017 Modified Files: src/sys/netipsec: ipsec.c Log Message: Comment out unused functions To generate a diff of this commit: cvs rdiff -u -r1.114 -r1.115 src/sys/netipsec/ipsec.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netipsec
Module Name:src Committed By: ozaki-r Date: Wed Aug 2 03:45:57 UTC 2017 Modified Files: src/sys/netipsec: ipsec.c key.c Log Message: Don't use KEY_NEWSP for dummy SP entries By the change KEY_NEWSP is now not called from softint anymore and we can use kmem_zalloc with KM_SLEEP for KEY_NEWSP. To generate a diff of this commit: cvs rdiff -u -r1.113 -r1.114 src/sys/netipsec/ipsec.c cvs rdiff -u -r1.199 -r1.200 src/sys/netipsec/key.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src
Module Name:src Committed By: ozaki-r Date: Wed Aug 2 02:19:57 UTC 2017 Modified Files: src/distrib/sets/lists/tests: mi src/tests/net/ipsec: Makefile Added Files: src/tests/net/ipsec: t_ipsec_sockopt.sh Log Message: Add test cases for setsockopt(IP_IPSEC_POLICY) To generate a diff of this commit: cvs rdiff -u -r1.758 -r1.759 src/distrib/sets/lists/tests/mi cvs rdiff -u -r1.8 -r1.9 src/tests/net/ipsec/Makefile cvs rdiff -u -r0 -r1.1 src/tests/net/ipsec/t_ipsec_sockopt.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/netinet6
Module Name:src Committed By: ozaki-r Date: Wed Aug 2 02:18:17 UTC 2017 Modified Files: src/sys/netinet6: icmp6.c Log Message: Add missing IPsec policy checks to icmp6_rip6_input icmp6_rip6_input is quite similar to rip6_input and the same checks exist in rip6_input. To generate a diff of this commit: cvs rdiff -u -r1.212 -r1.213 src/sys/netinet6/icmp6.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.