CVS commit: src/sys/netinet6

[Andrius Varanavicius]

Module Name:src
Committed By:   andvar
Date:   Sat May 11 06:54:17 UTC 2024

Modified Files:
src/sys/netinet6: scope6_var.h

Log Message:
s/embbeded/embedded/.


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/sys/netinet6/scope6_var.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/scope6_var.h
diff -u src/sys/netinet6/scope6_var.h:1.5 src/sys/netinet6/scope6_var.h:1.6
--- src/sys/netinet6/scope6_var.h:1.5	Tue Jun 16 17:12:18 2020
+++ src/sys/netinet6/scope6_var.h	Sat May 11 06:54:17 2024
@@ -51,7 +51,7 @@
  *  ^  ^^  |
  *  |  ||  |
  *no conversion  parseparse  embed
- *  |   embeddedembbeded  ID
+ *  |   embeddedembedded  ID
  *  |  ID  ID(if necessary)
  *  |  ||  |
  *  v  ||  v

CVS commit: src/sys/netinet6

[Andrius Varanavicius]

Module Name:src
Committed By:   andvar
Date:   Sat May 11 06:54:17 UTC 2024

Modified Files:
src/sys/netinet6: scope6_var.h

Log Message:
s/embbeded/embedded/.


To generate a diff of this commit:
cvs rdiff -u -r1.5 -r1.6 src/sys/netinet6/scope6_var.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Fri Apr 19 05:04:06 UTC 2024

Modified Files:
src/sys/netinet6: frag6.c

Log Message:
frag6: fix calculation of fragment length

Because of the miscalculation, 32 bytes fragmented IPv6 packets
have been wrongly dropped.

See https://mail-index.netbsd.org/tech-net/2024/04/14/msg008741.html
for more details.

Patch from Yasuyuki KOZAKAI (with minor tweaks)


To generate a diff of this commit:
cvs rdiff -u -r1.77 -r1.78 src/sys/netinet6/frag6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/frag6.c
diff -u src/sys/netinet6/frag6.c:1.77 src/sys/netinet6/frag6.c:1.78
--- src/sys/netinet6/frag6.c:1.77	Tue Aug 29 17:01:35 2023
+++ src/sys/netinet6/frag6.c	Fri Apr 19 05:04:06 2024
@@ -1,4 +1,4 @@
-/*	$NetBSD: frag6.c,v 1.77 2023/08/29 17:01:35 christos Exp $	*/
+/*	$NetBSD: frag6.c,v 1.78 2024/04/19 05:04:06 ozaki-r Exp $	*/
 /*	$KAME: frag6.c,v 1.40 2002/05/27 21:40:31 itojun Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: frag6.c,v 1.77 2023/08/29 17:01:35 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: frag6.c,v 1.78 2024/04/19 05:04:06 ozaki-r Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_net_mpsafe.h"
@@ -206,9 +206,10 @@ frag6_input(struct mbuf **mp, int *offp,
 	 * sizeof(struct ip6_frag) == 8
 	 * sizeof(struct ip6_hdr) = 40
 	 */
-	if ((ip6f->ip6f_offlg & IP6F_MORE_FRAG) &&
-	(((ntohs(ip6->ip6_plen) - offset) == 0) ||
-	 ((ntohs(ip6->ip6_plen) - offset) & 0x7) != 0)) {
+	frgpartlen = sizeof(struct ip6_hdr) + ntohs(ip6->ip6_plen) - offset
+	- sizeof(struct ip6_frag);
+	if ((frgpartlen == 0) ||
+	((ip6f->ip6f_offlg & IP6F_MORE_FRAG) && (frgpartlen & 0x7) != 0)) {
 		icmp6_error(m, ICMP6_PARAM_PROB, ICMP6_PARAMPROB_HEADER,
 		offsetof(struct ip6_hdr, ip6_plen));
 		in6_ifstat_inc(dstifp, ifs6_reass_fail);
@@ -316,7 +317,6 @@ frag6_input(struct mbuf **mp, int *offp,
 	 * in size. If it would exceed, discard the fragment and return an
 	 * ICMP error.
 	 */
-	frgpartlen = sizeof(struct ip6_hdr) + ntohs(ip6->ip6_plen) - offset;
 	if (q6->ip6q_unfrglen >= 0) {
 		/* The 1st fragment has already arrived. */
 		if (q6->ip6q_unfrglen + fragoff + frgpartlen > IPV6_MAXPACKET) {

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Fri Apr 19 05:04:06 UTC 2024

Modified Files:
src/sys/netinet6: frag6.c

Log Message:
frag6: fix calculation of fragment length

Because of the miscalculation, 32 bytes fragmented IPv6 packets
have been wrongly dropped.

See https://mail-index.netbsd.org/tech-net/2024/04/14/msg008741.html
for more details.

Patch from Yasuyuki KOZAKAI (with minor tweaks)


To generate a diff of this commit:
cvs rdiff -u -r1.77 -r1.78 src/sys/netinet6/frag6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Taylor R Campbell]

Module Name:src
Committed By:   riastradh
Date:   Fri Apr 19 00:55:35 UTC 2024

Modified Files:
src/sys/netinet6: ip6_output.c

Log Message:
ip6_output: Initialize plen for ip6_hopopts_input.

This funny little block in ip6_process_hopopts assumes it is
initialized as and behaves differently depending on whether it's zero
or not:

https://nxr.netbsd.org/xref/src/sys/netinet6/ip6_input.c?r=1.227#976

In the other call site, it is initialized to ip6->ip6_plen:

https://nxr.netbsd.org/xref/src/sys/netinet6/ip6_input.c?r=1.227#561

Reported-by: syzbot+587e3b707bdfe5332...@syzkaller.appspotmail.com
https://syzkaller.appspot.com/bug?extid=587e3b707bdfe533283f


To generate a diff of this commit:
cvs rdiff -u -r1.234 -r1.235 src/sys/netinet6/ip6_output.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/ip6_output.c
diff -u src/sys/netinet6/ip6_output.c:1.234 src/sys/netinet6/ip6_output.c:1.235
--- src/sys/netinet6/ip6_output.c:1.234	Thu Aug  3 05:45:36 2023
+++ src/sys/netinet6/ip6_output.c	Fri Apr 19 00:55:35 2024
@@ -1,4 +1,4 @@
-/*	$NetBSD: ip6_output.c,v 1.234 2023/08/03 05:45:36 ozaki-r Exp $	*/
+/*	$NetBSD: ip6_output.c,v 1.235 2024/04/19 00:55:35 riastradh Exp $	*/
 /*	$KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.234 2023/08/03 05:45:36 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.235 2024/04/19 00:55:35 riastradh Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -754,7 +754,7 @@ ip6_output(
 	 * XXX Is this really necessary?
 	 */
 	if (ip6->ip6_nxt == IPPROTO_HOPOPTS) {
-		u_int32_t dummy1; /* XXX unused */
+		u_int32_t dummy1 = 0; /* XXX unused */
 		u_int32_t dummy2; /* XXX unused */
 		int hoff = sizeof(struct ip6_hdr);
 

CVS commit: src/sys/netinet6

[Taylor R Campbell]

Module Name:src
Committed By:   riastradh
Date:   Fri Apr 19 00:55:35 UTC 2024

Modified Files:
src/sys/netinet6: ip6_output.c

Log Message:
ip6_output: Initialize plen for ip6_hopopts_input.

This funny little block in ip6_process_hopopts assumes it is
initialized as and behaves differently depending on whether it's zero
or not:

https://nxr.netbsd.org/xref/src/sys/netinet6/ip6_input.c?r=1.227#976

In the other call site, it is initialized to ip6->ip6_plen:

https://nxr.netbsd.org/xref/src/sys/netinet6/ip6_input.c?r=1.227#561

Reported-by: syzbot+587e3b707bdfe5332...@syzkaller.appspotmail.com
https://syzkaller.appspot.com/bug?extid=587e3b707bdfe533283f


To generate a diff of this commit:
cvs rdiff -u -r1.234 -r1.235 src/sys/netinet6/ip6_output.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Taylor R Campbell]

Module Name:src
Committed By:   riastradh
Date:   Fri Mar  1 23:50:28 UTC 2024

Modified Files:
src/sys/netinet6: in6.c

Log Message:
netinet6: Avoid NPD on `ifconfig ifN inet6 ... pltime 0 vltime 0'.

PR kern/53922


To generate a diff of this commit:
cvs rdiff -u -r1.291 -r1.292 src/sys/netinet6/in6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/in6.c
diff -u src/sys/netinet6/in6.c:1.291 src/sys/netinet6/in6.c:1.292
--- src/sys/netinet6/in6.c:1.291	Sat Dec  9 15:21:02 2023
+++ src/sys/netinet6/in6.c	Fri Mar  1 23:50:27 2024
@@ -1,4 +1,4 @@
-/*	$NetBSD: in6.c,v 1.291 2023/12/09 15:21:02 pgoyette Exp $	*/
+/*	$NetBSD: in6.c,v 1.292 2024/03/01 23:50:27 riastradh Exp $	*/
 /*	$KAME: in6.c,v 1.198 2001/07/18 09:12:38 itojun Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.291 2023/12/09 15:21:02 pgoyette Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.292 2024/03/01 23:50:27 riastradh Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -726,7 +726,14 @@ in6_control1(struct socket *so, u_long c
 		int s = splsoftnet();
 		error = in6_update_ifa1(ifp, ifra, , , 0);
 		splx(s);
-		if (error)
+		/*
+		 * in6_update_ifa1 doesn't create the address if its
+		 * valid lifetime (vltime) is zero, since we would just
+		 * delete the address immediately in that case anyway.
+		 * So it may succeed but return null ia.  In that case,
+		 * nothing left to do.
+		 */
+		if (error || ia == NULL)
 			break;
 		pfil_run_addrhooks(if_pfil, cmd, >ia_ifa);
 		break;

CVS commit: src/sys/netinet6

[Taylor R Campbell]

Module Name:src
Committed By:   riastradh
Date:   Fri Mar  1 23:50:28 UTC 2024

Modified Files:
src/sys/netinet6: in6.c

Log Message:
netinet6: Avoid NPD on `ifconfig ifN inet6 ... pltime 0 vltime 0'.

PR kern/53922


To generate a diff of this commit:
cvs rdiff -u -r1.291 -r1.292 src/sys/netinet6/in6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Michael van Elst]

Module Name:src
Committed By:   mlelstv
Date:   Sat Feb 24 21:41:13 UTC 2024

Modified Files:
src/sys/netinet6: icmp6.c raw_ip6.c

Log Message:
Deliver timestamps also to raw sockets.
Fixes PR 57955


To generate a diff of this commit:
cvs rdiff -u -r1.255 -r1.256 src/sys/netinet6/icmp6.c
cvs rdiff -u -r1.183 -r1.184 src/sys/netinet6/raw_ip6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Michael van Elst]

Module Name:src
Committed By:   mlelstv
Date:   Sat Feb 24 21:41:13 UTC 2024

Modified Files:
src/sys/netinet6: icmp6.c raw_ip6.c

Log Message:
Deliver timestamps also to raw sockets.
Fixes PR 57955


To generate a diff of this commit:
cvs rdiff -u -r1.255 -r1.256 src/sys/netinet6/icmp6.c
cvs rdiff -u -r1.183 -r1.184 src/sys/netinet6/raw_ip6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/icmp6.c
diff -u src/sys/netinet6/icmp6.c:1.255 src/sys/netinet6/icmp6.c:1.256
--- src/sys/netinet6/icmp6.c:1.255	Sat Dec  9 15:21:02 2023
+++ src/sys/netinet6/icmp6.c	Sat Feb 24 21:41:13 2024
@@ -1,4 +1,4 @@
-/*	$NetBSD: icmp6.c,v 1.255 2023/12/09 15:21:02 pgoyette Exp $	*/
+/*	$NetBSD: icmp6.c,v 1.256 2024/02/24 21:41:13 mlelstv Exp $	*/
 /*	$KAME: icmp6.c,v 1.217 2001/06/20 15:03:29 jinmei Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: icmp6.c,v 1.255 2023/12/09 15:21:02 pgoyette Exp $");
+__KERNEL_RCSID(0, "$NetBSD: icmp6.c,v 1.256 2024/02/24 21:41:13 mlelstv Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_compat_netbsd.h"
@@ -1987,7 +1987,8 @@ icmp6_rip6_input(struct mbuf **mp, int o
 		}
 #endif
 		else if ((n = m_copypacket(m, M_DONTWAIT)) != NULL) {
-			if (last->inp_flags & IN6P_CONTROLOPTS)
+			if (last->inp_flags & IN6P_CONTROLOPTS ||
+			SOOPT_TIMESTAMP(last->inp_socket->so_options))
 ip6_savecontrol(last, , ip6, n);
 			/* strip intermediate headers */
 			m_adj(n, off);
@@ -2014,7 +2015,8 @@ icmp6_rip6_input(struct mbuf **mp, int o
 	} else
 #endif
 	if (last) {
-		if (last->inp_flags & IN6P_CONTROLOPTS)
+		if (last->inp_flags & IN6P_CONTROLOPTS ||
+		SOOPT_TIMESTAMP(last->inp_socket->so_options))
 			ip6_savecontrol(last, , ip6, m);
 		/* strip intermediate headers */
 		m_adj(m, off);

Index: src/sys/netinet6/raw_ip6.c
diff -u src/sys/netinet6/raw_ip6.c:1.183 src/sys/netinet6/raw_ip6.c:1.184
--- src/sys/netinet6/raw_ip6.c:1.183	Wed Mar 22 03:17:18 2023
+++ src/sys/netinet6/raw_ip6.c	Sat Feb 24 21:41:13 2024
@@ -1,4 +1,4 @@
-/*	$NetBSD: raw_ip6.c,v 1.183 2023/03/22 03:17:18 ozaki-r Exp $	*/
+/*	$NetBSD: raw_ip6.c,v 1.184 2024/02/24 21:41:13 mlelstv Exp $	*/
 /*	$KAME: raw_ip6.c,v 1.82 2001/07/23 18:57:56 jinmei Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: raw_ip6.c,v 1.183 2023/03/22 03:17:18 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: raw_ip6.c,v 1.184 2024/02/24 21:41:13 mlelstv Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_ipsec.h"
@@ -140,7 +140,8 @@ rip6_sbappendaddr(struct inpcb *last, st
 {
 	struct mbuf *opts = NULL;
 
-	if (last->inp_flags & IN6P_CONTROLOPTS)
+	if (last->inp_flags & IN6P_CONTROLOPTS ||
+	SOOPT_TIMESTAMP(last->inp_socket->so_options))
 		ip6_savecontrol(last, , ip6, n);
 
 	m_adj(n, hlen);

CVS commit: src/sys/netinet6

[Paul Goyette]

Module Name:src
Committed By:   pgoyette
Date:   Thu Dec  7 16:47:44 UTC 2023

Modified Files:
src/sys/netinet6: in6.c

Log Message:
Identify the need to rework the COMPAT_* code to be more
module-aware.

This is an XXX comment block only, NFCI.


To generate a diff of this commit:
cvs rdiff -u -r1.289 -r1.290 src/sys/netinet6/in6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/in6.c
diff -u src/sys/netinet6/in6.c:1.289 src/sys/netinet6/in6.c:1.290
--- src/sys/netinet6/in6.c:1.289	Thu Aug  3 05:44:22 2023
+++ src/sys/netinet6/in6.c	Thu Dec  7 16:47:44 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: in6.c,v 1.289 2023/08/03 05:44:22 ozaki-r Exp $	*/
+/*	$NetBSD: in6.c,v 1.290 2023/12/07 16:47:44 pgoyette Exp $	*/
 /*	$KAME: in6.c,v 1.198 2001/07/18 09:12:38 itojun Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.289 2023/08/03 05:44:22 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.290 2023/12/07 16:47:44 pgoyette Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -105,6 +105,17 @@ __KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.28
 #include 
 #include 
 
+/* XXX
+ *
+ * The COMPAT_* code here, along with call-sites in nd6.c and
+ * icmp6.c, needs to be reworked to use compat hooks.  As it
+ * stands right now, the compat code only gets built if it is
+ * iincluded in the kernel at build time;  building and loading
+ * compat_* modules will not include this compat code!
+ *
+ * XXX
+ */
+
 #ifdef COMPAT_50
 #include 
 #endif

CVS commit: src/sys/netinet6

[Paul Goyette]

Module Name:src
Committed By:   pgoyette
Date:   Thu Dec  7 16:47:44 UTC 2023

Modified Files:
src/sys/netinet6: in6.c

Log Message:
Identify the need to rework the COMPAT_* code to be more
module-aware.

This is an XXX comment block only, NFCI.


To generate a diff of this commit:
cvs rdiff -u -r1.289 -r1.290 src/sys/netinet6/in6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[SAITOH Masanobu]

Module Name:src
Committed By:   msaitoh
Date:   Wed Oct 11 09:13:51 UTC 2023

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
s/Neighour/Neighbor/ in comment. No functional change.


To generate a diff of this commit:
cvs rdiff -u -r1.279 -r1.280 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[SAITOH Masanobu]

Module Name:src
Committed By:   msaitoh
Date:   Wed Oct 11 09:13:51 UTC 2023

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
s/Neighour/Neighbor/ in comment. No functional change.


To generate a diff of this commit:
cvs rdiff -u -r1.279 -r1.280 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/nd6.c
diff -u src/sys/netinet6/nd6.c:1.279 src/sys/netinet6/nd6.c:1.280
--- src/sys/netinet6/nd6.c:1.279	Thu Sep  1 18:32:17 2022
+++ src/sys/netinet6/nd6.c	Wed Oct 11 09:13:51 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6.c,v 1.279 2022/09/01 18:32:17 riastradh Exp $	*/
+/*	$NetBSD: nd6.c,v 1.280 2023/10/11 09:13:51 msaitoh Exp $	*/
 /*	$KAME: nd6.c,v 1.279 2002/06/08 11:16:51 itojun Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.279 2022/09/01 18:32:17 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.280 2023/10/11 09:13:51 msaitoh Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_compat_netbsd.h"
@@ -1224,7 +1224,7 @@ nd6_ioctl(u_long cmd, void *data, struct
 		OND.flags = ifndi->flags;
 		break;
 	case OSIOCSIFINFO_IN6_90:
-		/* Allow userland to set Neighour Unreachability Detection
+		/* Allow userland to set Neighbor Unreachability Detection
 		 * timers. */
 		if (OND.chlim != 0)
 			ifndi->chlim = OND.chlim;
@@ -1250,7 +1250,7 @@ nd6_ioctl(u_long cmd, void *data, struct
 		ND.flags = ifndi->flags;
 		break;
 	case SIOCSIFINFO_IN6:
-		/* Allow userland to set Neighour Unreachability Detection
+		/* Allow userland to set Neighbor Unreachability Detection
 		 * timers. */
 		if (ND.chlim != 0)
 			ifndi->chlim = ND.chlim;

CVS commit: src/sys/netinet6

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Tue Aug 29 17:01:35 UTC 2023

Modified Files:
src/sys/netinet6: frag6.c

Log Message:
Add a check for FreeBSD-SA-23:06.ipv6, although it is not reproducible for us.
factor out code copied 3 times (and now would have been a 4th)


To generate a diff of this commit:
cvs rdiff -u -r1.76 -r1.77 src/sys/netinet6/frag6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/frag6.c
diff -u src/sys/netinet6/frag6.c:1.76 src/sys/netinet6/frag6.c:1.77
--- src/sys/netinet6/frag6.c:1.76	Fri Oct 21 05:21:17 2022
+++ src/sys/netinet6/frag6.c	Tue Aug 29 13:01:35 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: frag6.c,v 1.76 2022/10/21 09:21:17 ozaki-r Exp $	*/
+/*	$NetBSD: frag6.c,v 1.77 2023/08/29 17:01:35 christos Exp $	*/
 /*	$KAME: frag6.c,v 1.40 2002/05/27 21:40:31 itojun Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: frag6.c,v 1.76 2022/10/21 09:21:17 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: frag6.c,v 1.77 2023/08/29 17:01:35 christos Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_net_mpsafe.h"
@@ -120,6 +120,15 @@ frag6_init(void)
 	mutex_init(_lock, MUTEX_DEFAULT, IPL_NONE);
 }
 
+static void
+frag6_dropfrag(struct ip6q *q6)
+{
+	frag6_remque(q6);
+	frag6_nfrags -= q6->ip6q_nfrag;
+	kmem_intr_free(q6, sizeof(*q6));
+	frag6_nfragpackets--;
+}
+
 /*
  * IPv6 fragment input.
  *
@@ -456,8 +465,13 @@ insert:
 	/* adjust offset to point where the original next header starts */
 	offset = ip6af->ip6af_offset - sizeof(struct ip6_frag);
 	kmem_intr_free(ip6af, sizeof(struct ip6asfrag));
+	next += offset - sizeof(struct ip6_hdr);
+	if ((u_int)next > IPV6_MAXPACKET) {
+		frag6_dropfrag(q6);
+		goto dropfrag;
+	}
 	ip6 = mtod(m, struct ip6_hdr *);
-	ip6->ip6_plen = htons(next + offset - sizeof(struct ip6_hdr));
+	ip6->ip6_plen = htons(next);
 	ip6->ip6_src = q6->ip6q_src;
 	ip6->ip6_dst = q6->ip6q_dst;
 	nxt = q6->ip6q_nxt;
@@ -472,20 +486,14 @@ insert:
 	} else {
 		/* this comes with no copy if the boundary is on cluster */
 		if ((t = m_split(m, offset, M_DONTWAIT)) == NULL) {
-			frag6_remque(q6);
-			frag6_nfrags -= q6->ip6q_nfrag;
-			kmem_intr_free(q6, sizeof(struct ip6q));
-			frag6_nfragpackets--;
+			frag6_dropfrag(q6);
 			goto dropfrag;
 		}
 		m_adj(t, sizeof(struct ip6_frag));
 		m_cat(m, t);
 	}
 
-	frag6_remque(q6);
-	frag6_nfrags -= q6->ip6q_nfrag;
-	kmem_intr_free(q6, sizeof(struct ip6q));
-	frag6_nfragpackets--;
+	frag6_dropfrag(q6);
 
 	{
 		KASSERT(m->m_flags & M_PKTHDR);
@@ -585,10 +593,7 @@ frag6_freef(struct ip6q *q6)
 		kmem_intr_free(af6, sizeof(struct ip6asfrag));
 	}
 
-	frag6_remque(q6);
-	frag6_nfrags -= q6->ip6q_nfrag;
-	kmem_intr_free(q6, sizeof(struct ip6q));
-	frag6_nfragpackets--;
+	frag6_dropfrag(q6);
 }
 
 /*

CVS commit: src/sys/netinet6

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Tue Aug 29 17:01:35 UTC 2023

Modified Files:
src/sys/netinet6: frag6.c

Log Message:
Add a check for FreeBSD-SA-23:06.ipv6, although it is not reproducible for us.
factor out code copied 3 times (and now would have been a 4th)


To generate a diff of this commit:
cvs rdiff -u -r1.76 -r1.77 src/sys/netinet6/frag6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Thu Aug  3 05:45:36 UTC 2023

Modified Files:
src/sys/netinet6: ip6_output.c

Log Message:
in6: don't send any IPv6 packets over a disabled interface


To generate a diff of this commit:
cvs rdiff -u -r1.233 -r1.234 src/sys/netinet6/ip6_output.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/ip6_output.c
diff -u src/sys/netinet6/ip6_output.c:1.233 src/sys/netinet6/ip6_output.c:1.234
--- src/sys/netinet6/ip6_output.c:1.233	Mon Mar 20 09:15:52 2023
+++ src/sys/netinet6/ip6_output.c	Thu Aug  3 05:45:36 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: ip6_output.c,v 1.233 2023/03/20 09:15:52 ozaki-r Exp $	*/
+/*	$NetBSD: ip6_output.c,v 1.234 2023/08/03 05:45:36 ozaki-r Exp $	*/
 /*	$KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.233 2023/03/20 09:15:52 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.234 2023/08/03 05:45:36 ozaki-r Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -171,6 +171,12 @@ ip6_if_output(struct ifnet * const ifp, 
 		}
 	}
 
+	/* discard the packet if IPv6 operation is disabled on the interface */
+	if ((ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)) {
+		m_freem(m);
+		return ENETDOWN; /* better error? */
+	}
+
 	if ((ifp->if_flags & IFF_LOOPBACK) != 0)
 		error = if_output_lock(ifp, origifp, m, sin6tocsa(dst), rt);
 	else

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Thu Aug  3 05:45:36 UTC 2023

Modified Files:
src/sys/netinet6: ip6_output.c

Log Message:
in6: don't send any IPv6 packets over a disabled interface


To generate a diff of this commit:
cvs rdiff -u -r1.233 -r1.234 src/sys/netinet6/ip6_output.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Thu Aug  3 05:44:22 UTC 2023

Modified Files:
src/sys/netinet6: in6.c

Log Message:
in6: clear ND6_IFF_IFDISABLED to allow DAD again on link-up


To generate a diff of this commit:
cvs rdiff -u -r1.288 -r1.289 src/sys/netinet6/in6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Thu Aug  3 05:44:22 UTC 2023

Modified Files:
src/sys/netinet6: in6.c

Log Message:
in6: clear ND6_IFF_IFDISABLED to allow DAD again on link-up


To generate a diff of this commit:
cvs rdiff -u -r1.288 -r1.289 src/sys/netinet6/in6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/in6.c
diff -u src/sys/netinet6/in6.c:1.288 src/sys/netinet6/in6.c:1.289
--- src/sys/netinet6/in6.c:1.288	Mon Oct 24 14:15:19 2022
+++ src/sys/netinet6/in6.c	Thu Aug  3 05:44:22 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: in6.c,v 1.288 2022/10/24 14:15:19 msaitoh Exp $	*/
+/*	$NetBSD: in6.c,v 1.289 2023/08/03 05:44:22 ozaki-r Exp $	*/
 /*	$KAME: in6.c,v 1.198 2001/07/18 09:12:38 itojun Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.288 2022/10/24 14:15:19 msaitoh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.289 2023/08/03 05:44:22 ozaki-r Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -2293,6 +2293,10 @@ in6_if_link_down(struct ifnet *ifp)
 	}
 	pserialize_read_exit(s);
 	curlwp_bindx(bound);
+
+	/* Clear ND6_IFF_IFDISABLED to allow DAD again on link-up. */
+	if (ifp->if_afdata[AF_INET6] != NULL)
+		ND_IFINFO(ifp)->flags &= ~ND6_IFF_IFDISABLED;
 }
 
 void

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Thu Aug  3 04:24:55 UTC 2023

Modified Files:
src/sys/netinet6: in6_src.c

Log Message:
in6: add missing rtcache_unref to in6_selectroute

By default, this issue is harmless.  However, if NET_MPSAFE
is enabled, it could eventually lead to a kernel panic.


To generate a diff of this commit:
cvs rdiff -u -r1.91 -r1.92 src/sys/netinet6/in6_src.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/in6_src.c
diff -u src/sys/netinet6/in6_src.c:1.91 src/sys/netinet6/in6_src.c:1.92
--- src/sys/netinet6/in6_src.c:1.91	Fri Nov  4 09:01:53 2022
+++ src/sys/netinet6/in6_src.c	Thu Aug  3 04:24:55 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: in6_src.c,v 1.91 2022/11/04 09:01:53 ozaki-r Exp $	*/
+/*	$NetBSD: in6_src.c,v 1.92 2023/08/03 04:24:55 ozaki-r Exp $	*/
 /*	$KAME: in6_src.c,v 1.159 2005/10/19 01:40:32 t-momose Exp $	*/
 
 /*
@@ -66,7 +66,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: in6_src.c,v 1.91 2022/11/04 09:01:53 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in6_src.c,v 1.92 2023/08/03 04:24:55 ozaki-r Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -709,6 +709,7 @@ in6_selectroute(struct sockaddr_in6 *dst
 			if (count_discard)
 in6_ifstat_inc(rt->rt_ifp, ifs6_out_discard);
 			error = EHOSTUNREACH;
+			rtcache_unref(rt, *ro);
 			rt = NULL;
 		}
 	}

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Thu Aug  3 04:24:55 UTC 2023

Modified Files:
src/sys/netinet6: in6_src.c

Log Message:
in6: add missing rtcache_unref to in6_selectroute

By default, this issue is harmless.  However, if NET_MPSAFE
is enabled, it could eventually lead to a kernel panic.


To generate a diff of this commit:
cvs rdiff -u -r1.91 -r1.92 src/sys/netinet6/in6_src.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Frank Kardel]

Module Name:src
Committed By:   kardel
Date:   Wed Mar 29 13:01:44 UTC 2023

Modified Files:
src/sys/netinet6: nd6_nbr.c

Log Message:
use carp mac address when replying to neighbor solicitations referring
to carp interface addresses.
unconfuses commercial routers


To generate a diff of this commit:
cvs rdiff -u -r1.182 -r1.183 src/sys/netinet6/nd6_nbr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/nd6_nbr.c
diff -u src/sys/netinet6/nd6_nbr.c:1.182 src/sys/netinet6/nd6_nbr.c:1.183
--- src/sys/netinet6/nd6_nbr.c:1.182	Mon Aug  2 12:56:25 2021
+++ src/sys/netinet6/nd6_nbr.c	Wed Mar 29 13:01:44 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6_nbr.c,v 1.182 2021/08/02 12:56:25 andvar Exp $	*/
+/*	$NetBSD: nd6_nbr.c,v 1.183 2023/03/29 13:01:44 kardel Exp $	*/
 /*	$KAME: nd6_nbr.c,v 1.61 2001/02/10 16:06:14 jinmei Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: nd6_nbr.c,v 1.182 2021/08/02 12:56:25 andvar Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6_nbr.c,v 1.183 2023/03/29 13:01:44 kardel Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -100,7 +100,7 @@ static int dad_maxtry = 15;	/* max # of 
 void
 nd6_ns_input(struct mbuf *m, int off, int icmp6len)
 {
-	struct ifnet *ifp;
+	struct ifnet *ifp, *ifpc;
 	struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
 	struct nd_neighbor_solicit *nd_ns;
 	struct in6_addr saddr6 = ip6->ip6_src;
@@ -116,10 +116,11 @@ nd6_ns_input(struct mbuf *m, int off, in
 	union nd_opts ndopts;
 	const struct sockaddr_dl *proxydl = NULL;
 	struct psref psref;
+	struct psref psref_c;
 	struct psref psref_ia;
 	char ip6buf[INET6_ADDRSTRLEN], ip6buf2[INET6_ADDRSTRLEN];
 
-	ifp = m_get_rcvif_psref(m, );
+	ifp = ifpc = m_get_rcvif_psref(m, );
 	if (ifp == NULL)
 		goto freeit;
 
@@ -224,8 +225,15 @@ nd6_ns_input(struct mbuf *m, int off, in
 	if (ifp->if_carp && ifp->if_type != IFT_CARP) {
 		int s = pserialize_read_enter();
 		ifa = carp_iamatch6(ifp->if_carp, );
-		if (ifa != NULL)
+		if (ifa != NULL) {
 			ifa_acquire(ifa, _ia);
+			if (ifa->ifa_ifp && ifa->ifa_ifp != ifp) {
+ifpc = ifa->ifa_ifp;
+if_acquire(ifpc, _c);
+			}
+		}
+		
+		
 		pserialize_read_exit(s);
 	} else
 		ifa = NULL;
@@ -350,14 +358,14 @@ nd6_ns_input(struct mbuf *m, int off, in
 		in6_all = in6addr_linklocal_allnodes;
 		if (in6_setscope(_all, ifp, NULL) != 0)
 			goto bad;
-		nd6_na_output(ifp, _all, ,
+		nd6_na_output(ifpc, _all, ,
 		((anycast || proxy || !tlladdr) ? 0 : ND_NA_FLAG_OVERRIDE) |
 		(ip6_forwarding ? ND_NA_FLAG_ROUTER : 0),
 		tlladdr, (const struct sockaddr *)proxydl);
 		goto freeit;
 	}
 
-	nd6_cache_lladdr(ifp, , lladdr, lladdrlen, ND_NEIGHBOR_SOLICIT, 0);
+	nd6_cache_lladdr(ifpc, , lladdr, lladdrlen, ND_NEIGHBOR_SOLICIT, 0);
 
 	nd6_na_output(ifp, , ,
 	((anycast || proxy || !tlladdr) ? 0 : ND_NA_FLAG_OVERRIDE) |
@@ -366,6 +374,9 @@ nd6_ns_input(struct mbuf *m, int off, in
  freeit:
 	ifa_release(ifa, _ia);
 	m_put_rcvif_psref(ifp, );
+	if (ifp != ifpc)
+		if_put(ifpc, _c);
+
 	m_freem(m);
 	return;
 

CVS commit: src/sys/netinet6

[Frank Kardel]

Module Name:src
Committed By:   kardel
Date:   Wed Mar 29 13:01:44 UTC 2023

Modified Files:
src/sys/netinet6: nd6_nbr.c

Log Message:
use carp mac address when replying to neighbor solicitations referring
to carp interface addresses.
unconfuses commercial routers


To generate a diff of this commit:
cvs rdiff -u -r1.182 -r1.183 src/sys/netinet6/nd6_nbr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Wed Mar 22 03:17:18 UTC 2023

Modified Files:
src/sys/netinet6: raw_ip6.c

Log Message:
in6: make sure a user-specified checksum field is within a packet

>From OpenBSD


To generate a diff of this commit:
cvs rdiff -u -r1.182 -r1.183 src/sys/netinet6/raw_ip6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/raw_ip6.c
diff -u src/sys/netinet6/raw_ip6.c:1.182 src/sys/netinet6/raw_ip6.c:1.183
--- src/sys/netinet6/raw_ip6.c:1.182	Fri Nov  4 09:01:53 2022
+++ src/sys/netinet6/raw_ip6.c	Wed Mar 22 03:17:18 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: raw_ip6.c,v 1.182 2022/11/04 09:01:53 ozaki-r Exp $	*/
+/*	$NetBSD: raw_ip6.c,v 1.183 2023/03/22 03:17:18 ozaki-r Exp $	*/
 /*	$KAME: raw_ip6.c,v 1.82 2001/07/23 18:57:56 jinmei Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: raw_ip6.c,v 1.182 2022/11/04 09:01:53 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: raw_ip6.c,v 1.183 2023/03/22 03:17:18 ozaki-r Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_ipsec.h"
@@ -202,7 +202,16 @@ rip6_input(struct mbuf **mp, int *offp, 
 			continue;
 		if (in6p_cksum(inp) != -1) {
 			RIP6_STATINC(RIP6_STAT_ISUM);
-			if (in6_cksum(m, proto, *offp,
+			/*
+			 * Although in6_cksum() does not need the position of
+			 * the checksum field for verification, enforce that it
+			 * is located within the packet.  Userland has given
+			 * a checksum offset, a packet too short for that is
+			 * invalid.  Avoid overflow with user supplied offset.
+			 */
+			if (m->m_pkthdr.len < *offp + 2 ||
+			m->m_pkthdr.len - *offp - 2 < in6p_cksum(inp) ||
+			in6_cksum(m, proto, *offp,
 			m->m_pkthdr.len - *offp)) {
 RIP6_STATINC(RIP6_STAT_BADSUM);
 continue;
@@ -470,7 +479,7 @@ rip6_output(struct mbuf *m, struct socke
 			off = offsetof(struct icmp6_hdr, icmp6_cksum);
 		else
 			off = in6p_cksum(inp);
-		if (plen < off + 1) {
+		if (plen < 2 || plen - 2 < off) {
 			error = EINVAL;
 			goto bad;
 		}

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Wed Mar 22 03:17:18 UTC 2023

Modified Files:
src/sys/netinet6: raw_ip6.c

Log Message:
in6: make sure a user-specified checksum field is within a packet

>From OpenBSD


To generate a diff of this commit:
cvs rdiff -u -r1.182 -r1.183 src/sys/netinet6/raw_ip6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Mon Mar 20 09:15:52 UTC 2023

Modified Files:
src/sys/netinet6: ip6_output.c

Log Message:
in6: reject setting negative values but -1 via setsockopt(IPV6_CHECKSUM)

Same as OpenBSD.


To generate a diff of this commit:
cvs rdiff -u -r1.232 -r1.233 src/sys/netinet6/ip6_output.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/ip6_output.c
diff -u src/sys/netinet6/ip6_output.c:1.232 src/sys/netinet6/ip6_output.c:1.233
--- src/sys/netinet6/ip6_output.c:1.232	Fri Jan 27 09:33:43 2023
+++ src/sys/netinet6/ip6_output.c	Mon Mar 20 09:15:52 2023
@@ -1,4 +1,4 @@
-/*	$NetBSD: ip6_output.c,v 1.232 2023/01/27 09:33:43 ozaki-r Exp $	*/
+/*	$NetBSD: ip6_output.c,v 1.233 2023/03/20 09:15:52 ozaki-r Exp $	*/
 /*	$KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.232 2023/01/27 09:33:43 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.233 2023/03/20 09:15:52 ozaki-r Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -1984,8 +1984,12 @@ ip6_raw_ctloutput(int op, struct socket 
 			error = sockopt_getint(sopt, );
 			if (error)
 break;
-			if ((optval % 2) != 0) {
-/* the API assumes even offset values */
+			if (optval < -1 ||
+			(optval > 0 && (optval % 2) != 0)) {
+/*
+ * The API assumes non-negative even offset
+ * values or -1 as a special value.
+ */
 error = EINVAL;
 			} else if (so->so_proto->pr_protocol ==
 			IPPROTO_ICMPV6) {

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Mon Mar 20 09:15:52 UTC 2023

Modified Files:
src/sys/netinet6: ip6_output.c

Log Message:
in6: reject setting negative values but -1 via setsockopt(IPV6_CHECKSUM)

Same as OpenBSD.


To generate a diff of this commit:
cvs rdiff -u -r1.232 -r1.233 src/sys/netinet6/ip6_output.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[SAITOH Masanobu]

Module Name:src
Committed By:   msaitoh
Date:   Thu Dec 22 02:52:35 UTC 2022

Modified Files:
src/sys/netinet6: in6_ifattach.c

Log Message:
Fix typo in comment (s/mut be/msut be/). No functional change.


To generate a diff of this commit:
cvs rdiff -u -r1.120 -r1.121 src/sys/netinet6/in6_ifattach.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/in6_ifattach.c
diff -u src/sys/netinet6/in6_ifattach.c:1.120 src/sys/netinet6/in6_ifattach.c:1.121
--- src/sys/netinet6/in6_ifattach.c:1.120	Mon May 17 04:07:43 2021
+++ src/sys/netinet6/in6_ifattach.c	Thu Dec 22 02:52:35 2022
@@ -1,4 +1,4 @@
-/*	$NetBSD: in6_ifattach.c,v 1.120 2021/05/17 04:07:43 yamaguchi Exp $	*/
+/*	$NetBSD: in6_ifattach.c,v 1.121 2022/12/22 02:52:35 msaitoh Exp $	*/
 /*	$KAME: in6_ifattach.c,v 1.124 2001/07/18 08:32:51 jinmei Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: in6_ifattach.c,v 1.120 2021/05/17 04:07:43 yamaguchi Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in6_ifattach.c,v 1.121 2022/12/22 02:52:35 msaitoh Exp $");
 
 #include 
 #include 
@@ -443,7 +443,7 @@ in6_ifattach_linklocal(struct ifnet *ifp
 }
 
 /*
- * ifp - mut be IFT_LOOP
+ * ifp - must be IFT_LOOP
  */
 
 static int

CVS commit: src/sys/netinet6

[SAITOH Masanobu]

Module Name:src
Committed By:   msaitoh
Date:   Thu Dec 22 02:52:35 UTC 2022

Modified Files:
src/sys/netinet6: in6_ifattach.c

Log Message:
Fix typo in comment (s/mut be/msut be/). No functional change.


To generate a diff of this commit:
cvs rdiff -u -r1.120 -r1.121 src/sys/netinet6/in6_ifattach.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[SAITOH Masanobu]

Module Name:src
Committed By:   msaitoh
Date:   Mon Oct 24 14:15:19 UTC 2022

Modified Files:
src/sys/netinet6: in6.c

Log Message:
Clear saved_flags to avoid compile error on some archs.


To generate a diff of this commit:
cvs rdiff -u -r1.287 -r1.288 src/sys/netinet6/in6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/in6.c
diff -u src/sys/netinet6/in6.c:1.287 src/sys/netinet6/in6.c:1.288
--- src/sys/netinet6/in6.c:1.287	Mon Oct 24 01:54:19 2022
+++ src/sys/netinet6/in6.c	Mon Oct 24 14:15:19 2022
@@ -1,4 +1,4 @@
-/*	$NetBSD: in6.c,v 1.287 2022/10/24 01:54:19 knakahara Exp $	*/
+/*	$NetBSD: in6.c,v 1.288 2022/10/24 14:15:19 msaitoh Exp $	*/
 /*	$KAME: in6.c,v 1.198 2001/07/18 09:12:38 itojun Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.287 2022/10/24 01:54:19 knakahara Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.288 2022/10/24 14:15:19 msaitoh Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -1067,7 +1067,7 @@ in6_update_ifa1(struct ifnet *ifp, struc
 	char ip6buf[INET6_ADDRSTRLEN];
 	bool addrmaskNotChanged = false;
 	bool send_rtm_newaddr = (ip6_param_rt_msg == 1);
-	int saved_flags;
+	int saved_flags = 0;
 
 	KASSERT((iap == NULL && psref == NULL) ||
 	(iap != NULL && psref != NULL));

CVS commit: src/sys/netinet6

[SAITOH Masanobu]

Module Name:src
Committed By:   msaitoh
Date:   Mon Oct 24 14:15:19 UTC 2022

Modified Files:
src/sys/netinet6: in6.c

Log Message:
Clear saved_flags to avoid compile error on some archs.


To generate a diff of this commit:
cvs rdiff -u -r1.287 -r1.288 src/sys/netinet6/in6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Fri Oct 21 09:21:17 UTC 2022

Modified Files:
src/sys/netinet6: frag6.c

Log Message:
frag6: don't use spin mutex for frag6_lock

frag6_lock is held during sending a packet (icmp6_error), so we must
not use a spin mutex because we can acquire sleep locks on sending
a packet.

Also we don't need to use spin mutex for frag6_lock anymore because
frag6_lock is now not used from hardware interrupt context.


To generate a diff of this commit:
cvs rdiff -u -r1.75 -r1.76 src/sys/netinet6/frag6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Fri Oct 21 09:21:17 UTC 2022

Modified Files:
src/sys/netinet6: frag6.c

Log Message:
frag6: don't use spin mutex for frag6_lock

frag6_lock is held during sending a packet (icmp6_error), so we must
not use a spin mutex because we can acquire sleep locks on sending
a packet.

Also we don't need to use spin mutex for frag6_lock anymore because
frag6_lock is now not used from hardware interrupt context.


To generate a diff of this commit:
cvs rdiff -u -r1.75 -r1.76 src/sys/netinet6/frag6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/frag6.c
diff -u src/sys/netinet6/frag6.c:1.75 src/sys/netinet6/frag6.c:1.76
--- src/sys/netinet6/frag6.c:1.75	Wed Nov 13 02:51:22 2019
+++ src/sys/netinet6/frag6.c	Fri Oct 21 09:21:17 2022
@@ -1,4 +1,4 @@
-/*	$NetBSD: frag6.c,v 1.75 2019/11/13 02:51:22 ozaki-r Exp $	*/
+/*	$NetBSD: frag6.c,v 1.76 2022/10/21 09:21:17 ozaki-r Exp $	*/
 /*	$KAME: frag6.c,v 1.40 2002/05/27 21:40:31 itojun Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: frag6.c,v 1.75 2019/11/13 02:51:22 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: frag6.c,v 1.76 2022/10/21 09:21:17 ozaki-r Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_net_mpsafe.h"
@@ -117,7 +117,7 @@ frag6_init(void)
 {
 
 	ip6q.ip6q_next = ip6q.ip6q_prev = 
-	mutex_init(_lock, MUTEX_DEFAULT, IPL_NET);
+	mutex_init(_lock, MUTEX_DEFAULT, IPL_NONE);
 }
 
 /*

CVS commit: src/sys/netinet6

[Taylor R Campbell]

Module Name:src
Committed By:   riastradh
Date:   Thu Sep  1 18:32:17 UTC 2022

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
nd6: Take ifnet psref around cprng_fast in nd6_slowtimo.

This may sleep on an adpative mutex, the global entropy lock, so
pserialize is forbidden.


To generate a diff of this commit:
cvs rdiff -u -r1.278 -r1.279 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/nd6.c
diff -u src/sys/netinet6/nd6.c:1.278 src/sys/netinet6/nd6.c:1.279
--- src/sys/netinet6/nd6.c:1.278	Fri Dec 31 12:41:50 2021
+++ src/sys/netinet6/nd6.c	Thu Sep  1 18:32:17 2022
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6.c,v 1.278 2021/12/31 12:41:50 andvar Exp $	*/
+/*	$NetBSD: nd6.c,v 1.279 2022/09/01 18:32:17 riastradh Exp $	*/
 /*	$KAME: nd6.c,v 1.279 2002/06/08 11:16:51 itojun Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.278 2021/12/31 12:41:50 andvar Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.279 2022/09/01 18:32:17 riastradh Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_compat_netbsd.h"
@@ -1534,6 +1534,7 @@ nd6_slowtimo(void *ignored_arg)
 {
 	struct nd_kifinfo *ndi;
 	struct ifnet *ifp;
+	struct psref psref;
 	int s;
 
 	SOFTNET_KERNEL_LOCK_UNLESS_NET_MPSAFE();
@@ -1545,6 +1546,8 @@ nd6_slowtimo(void *ignored_arg)
 		ndi = ND_IFINFO(ifp);
 		if (ndi->basereachable && /* already initialized */
 		(ndi->recalctm -= ND6_SLOWTIMER_INTERVAL) <= 0) {
+			if_acquire(ifp, );
+			pserialize_read_exit(s);
 			/*
 			 * Since reachable time rarely changes by router
 			 * advertisements, we SHOULD insure that a new random
@@ -1553,6 +1556,8 @@ nd6_slowtimo(void *ignored_arg)
 			 */
 			ndi->recalctm = nd6_recalc_reachtm_interval;
 			ndi->reachable = ND_COMPUTE_RTIME(ndi->basereachable);
+			s = pserialize_read_enter();
+			if_release(ifp, );
 		}
 	}
 	pserialize_read_exit(s);

CVS commit: src/sys/netinet6

[Taylor R Campbell]

Module Name:src
Committed By:   riastradh
Date:   Thu Sep  1 18:32:17 UTC 2022

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
nd6: Take ifnet psref around cprng_fast in nd6_slowtimo.

This may sleep on an adpative mutex, the global entropy lock, so
pserialize is forbidden.


To generate a diff of this commit:
cvs rdiff -u -r1.278 -r1.279 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Kengo NAKAHARA]

Module Name:src
Committed By:   knakahara
Date:   Wed Jun 15 04:31:22 UTC 2022

Modified Files:
src/sys/netinet6: in6_pcb.h

Log Message:
in6p_hash isn't used, either.


To generate a diff of this commit:
cvs rdiff -u -r1.52 -r1.53 src/sys/netinet6/in6_pcb.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/in6_pcb.h
diff -u src/sys/netinet6/in6_pcb.h:1.52 src/sys/netinet6/in6_pcb.h:1.53
--- src/sys/netinet6/in6_pcb.h:1.52	Tue Sep  8 14:12:57 2020
+++ src/sys/netinet6/in6_pcb.h	Wed Jun 15 04:31:22 2022
@@ -1,4 +1,4 @@
-/*	$NetBSD: in6_pcb.h,v 1.52 2020/09/08 14:12:57 christos Exp $	*/
+/*	$NetBSD: in6_pcb.h,v 1.53 2022/06/15 04:31:22 knakahara Exp $	*/
 /*	$KAME: in6_pcb.h,v 1.45 2001/02/09 05:59:46 itojun Exp $	*/
 
 /*
@@ -79,7 +79,6 @@ struct icmp6_filter;
 
 struct	in6pcb {
 	struct inpcb_hdr in6p_head;
-#define in6p_hash	 in6p_head.inph_hash
 #define in6p_queue	 in6p_head.inph_queue
 #define in6p_af		 in6p_head.inph_af
 #define in6p_ppcb	 in6p_head.inph_ppcb

CVS commit: src/sys/netinet6

[Kengo NAKAHARA]

Module Name:src
Committed By:   knakahara
Date:   Wed Jun 15 04:31:22 UTC 2022

Modified Files:
src/sys/netinet6: in6_pcb.h

Log Message:
in6p_hash isn't used, either.


To generate a diff of this commit:
cvs rdiff -u -r1.52 -r1.53 src/sys/netinet6/in6_pcb.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Andrius Varanavicius]

Module Name:src
Committed By:   andvar
Date:   Fri Dec 31 12:41:50 UTC 2021

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
s/quetion/question/


To generate a diff of this commit:
cvs rdiff -u -r1.277 -r1.278 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/nd6.c
diff -u src/sys/netinet6/nd6.c:1.277 src/sys/netinet6/nd6.c:1.278
--- src/sys/netinet6/nd6.c:1.277	Tue Aug 17 09:43:21 2021
+++ src/sys/netinet6/nd6.c	Fri Dec 31 12:41:50 2021
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6.c,v 1.277 2021/08/17 09:43:21 ozaki-r Exp $	*/
+/*	$NetBSD: nd6.c,v 1.278 2021/12/31 12:41:50 andvar Exp $	*/
 /*	$KAME: nd6.c,v 1.279 2002/06/08 11:16:51 itojun Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.277 2021/08/17 09:43:21 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.278 2021/12/31 12:41:50 andvar Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_compat_netbsd.h"
@@ -1458,7 +1458,7 @@ nd6_cache_lladdr(
 	 * - If lladdr exist, set IsRouter.  This means (1-5).
 	 * - If it is old entry (!newentry), set IsRouter.  This means (7).
 	 * So, based on the spec, in (1-5) and (7) cases we must set IsRouter.
-	 * A quetion arises for (1) case.  (1) case has no lladdr in the
+	 * A question arises for (1) case.  (1) case has no lladdr in the
 	 * neighbor cache, this is similar to (6).
 	 * This case is rare but we figured that we MUST NOT set IsRouter.
 	 *

CVS commit: src/sys/netinet6

[Andrius Varanavicius]

Module Name:src
Committed By:   andvar
Date:   Fri Dec 31 12:41:50 UTC 2021

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
s/quetion/question/


To generate a diff of this commit:
cvs rdiff -u -r1.277 -r1.278 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Tue Sep 21 15:08:45 UTC 2021

Modified Files:
src/sys/netinet6: raw_ip6.c

Log Message:
don't opencode kauth_cred_get()


To generate a diff of this commit:
cvs rdiff -u -r1.175 -r1.176 src/sys/netinet6/raw_ip6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/raw_ip6.c
diff -u src/sys/netinet6/raw_ip6.c:1.175 src/sys/netinet6/raw_ip6.c:1.176
--- src/sys/netinet6/raw_ip6.c:1.175	Mon Feb 25 01:49:44 2019
+++ src/sys/netinet6/raw_ip6.c	Tue Sep 21 11:08:44 2021
@@ -1,4 +1,4 @@
-/*	$NetBSD: raw_ip6.c,v 1.175 2019/02/25 06:49:44 maxv Exp $	*/
+/*	$NetBSD: raw_ip6.c,v 1.176 2021/09/21 15:08:44 christos Exp $	*/
 /*	$KAME: raw_ip6.c,v 1.82 2001/07/23 18:57:56 jinmei Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: raw_ip6.c,v 1.175 2019/02/25 06:49:44 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: raw_ip6.c,v 1.176 2021/09/21 15:08:44 christos Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_ipsec.h"
@@ -586,7 +586,7 @@ rip6_attach(struct socket *so, int proto
 	KASSERT(sotoin6pcb(so) == NULL);
 	sosetlock(so);
 
-	error = kauth_authorize_network(curlwp->l_cred,
+	error = kauth_authorize_network(kauth_cred_get(),
 	KAUTH_NETWORK_SOCKET, KAUTH_REQ_NETWORK_SOCKET_RAWSOCK,
 	KAUTH_ARG(AF_INET6),
 	KAUTH_ARG(SOCK_RAW),

CVS commit: src/sys/netinet6

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Tue Sep 21 15:08:45 UTC 2021

Modified Files:
src/sys/netinet6: raw_ip6.c

Log Message:
don't opencode kauth_cred_get()


To generate a diff of this commit:
cvs rdiff -u -r1.175 -r1.176 src/sys/netinet6/raw_ip6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Tue Sep 21 15:07:43 UTC 2021

Modified Files:
src/sys/netinet6: ip6_output.c

Log Message:
don't opencode kauth_cred_get()


To generate a diff of this commit:
cvs rdiff -u -r1.228 -r1.229 src/sys/netinet6/ip6_output.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/ip6_output.c
diff -u src/sys/netinet6/ip6_output.c:1.228 src/sys/netinet6/ip6_output.c:1.229
--- src/sys/netinet6/ip6_output.c:1.228	Tue Aug 17 18:00:32 2021
+++ src/sys/netinet6/ip6_output.c	Tue Sep 21 11:07:43 2021
@@ -1,4 +1,4 @@
-/*	$NetBSD: ip6_output.c,v 1.228 2021/08/17 22:00:32 andvar Exp $	*/
+/*	$NetBSD: ip6_output.c,v 1.229 2021/09/21 15:07:43 christos Exp $	*/
 /*	$KAME: ip6_output.c,v 1.172 2001/03/25 09:55:56 itojun Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.228 2021/08/17 22:00:32 andvar Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_output.c,v 1.229 2021/09/21 15:07:43 christos Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -1361,7 +1361,8 @@ ip6_ctloutput(int op, struct socket *so,
 		case IPV6_RECVHOPOPTS:
 		case IPV6_RECVDSTOPTS:
 		case IPV6_RECVRTHDRDSTOPTS:
-			error = kauth_authorize_network(kauth_cred_get(),
+			error = kauth_authorize_network(
+			kauth_cred_get(),
 			KAUTH_NETWORK_IPV6, KAUTH_REQ_NETWORK_IPV6_HOPBYHOP,
 			NULL, NULL, NULL);
 			if (error)
@@ -1612,8 +1613,8 @@ else 	\
  * Check super-user privilege.
  * See comments for IPV6_RECVHOPOPTS.
  */
-error =
-kauth_authorize_network(kauth_cred_get(),
+error = kauth_authorize_network(
+kauth_cred_get(),
 KAUTH_NETWORK_IPV6,
 KAUTH_REQ_NETWORK_IPV6_HOPBYHOP, NULL,
 NULL, NULL);
@@ -1622,8 +1623,8 @@ else 	\
 OPTSET2292(IN6P_HOPOPTS);
 break;
 			case IPV6_2292DSTOPTS:
-error =
-kauth_authorize_network(kauth_cred_get(),
+error = kauth_authorize_network(
+kauth_cred_get(),
 KAUTH_NETWORK_IPV6,
 KAUTH_REQ_NETWORK_IPV6_HOPBYHOP, NULL,
 NULL, NULL);
@@ -2358,7 +2359,8 @@ ip6_get_membership(const struct sockopt 
 		 * all multicast addresses. Only super user is allowed
 		 * to do this.
 		 */
-		if (kauth_authorize_network(curlwp->l_cred, KAUTH_NETWORK_IPV6,
+		if (kauth_authorize_network(kauth_cred_get(),
+		KAUTH_NETWORK_IPV6,
 		KAUTH_REQ_NETWORK_IPV6_JOIN_MULTICAST, NULL, NULL, NULL))
 			return EACCES;
 	} else if (IN6_IS_ADDR_V4MAPPED(ia)) {
@@ -2973,7 +2975,8 @@ ip6_setpktopt(int optname, u_char *buf, 
 	case IPV6_2292NEXTHOP:
 #endif
 	case IPV6_NEXTHOP:
-		error = kauth_authorize_network(cred, KAUTH_NETWORK_IPV6,
+		error = kauth_authorize_network(cred,
+		KAUTH_NETWORK_IPV6,
 		KAUTH_REQ_NETWORK_IPV6_HOPBYHOP, NULL, NULL, NULL);
 		if (error)
 			return (error);
@@ -3031,7 +3034,8 @@ ip6_setpktopt(int optname, u_char *buf, 
 		 * options, since per-option restriction has too much
 		 * overhead.
 		 */
-		error = kauth_authorize_network(cred, KAUTH_NETWORK_IPV6,
+		error = kauth_authorize_network(cred,
+		KAUTH_NETWORK_IPV6,
 		KAUTH_REQ_NETWORK_IPV6_HOPBYHOP, NULL, NULL, NULL);
 		if (error)
 			return (error);
@@ -3069,7 +3073,8 @@ ip6_setpktopt(int optname, u_char *buf, 
 		int destlen;
 
 		/* XXX: see the comment for IPV6_HOPOPTS */
-		error = kauth_authorize_network(cred, KAUTH_NETWORK_IPV6,
+		error = kauth_authorize_network(cred,
+		KAUTH_NETWORK_IPV6,
 		KAUTH_REQ_NETWORK_IPV6_HOPBYHOP, NULL, NULL, NULL);
 		if (error)
 			return (error);

CVS commit: src/sys/netinet6

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Tue Sep 21 15:07:43 UTC 2021

Modified Files:
src/sys/netinet6: ip6_output.c

Log Message:
don't opencode kauth_cred_get()


To generate a diff of this commit:
cvs rdiff -u -r1.228 -r1.229 src/sys/netinet6/ip6_output.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Tue Sep 21 15:06:21 UTC 2021

Modified Files:
src/sys/netinet6: in6.c

Log Message:
don't opencode kauth_cred_get()


To generate a diff of this commit:
cvs rdiff -u -r1.282 -r1.283 src/sys/netinet6/in6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/in6.c
diff -u src/sys/netinet6/in6.c:1.282 src/sys/netinet6/in6.c:1.283
--- src/sys/netinet6/in6.c:1.282	Tue Sep 29 15:33:36 2020
+++ src/sys/netinet6/in6.c	Tue Sep 21 11:06:21 2021
@@ -1,4 +1,4 @@
-/*	$NetBSD: in6.c,v 1.282 2020/09/29 19:33:36 roy Exp $	*/
+/*	$NetBSD: in6.c,v 1.283 2021/09/21 15:06:21 christos Exp $	*/
 /*	$KAME: in6.c,v 1.198 2001/07/18 09:12:38 itojun Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.282 2020/09/29 19:33:36 roy Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in6.c,v 1.283 2021/09/21 15:06:21 christos Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -757,7 +757,7 @@ in6_control(struct socket *so, u_long cm
 	case SIOCAADDRCTL_POLICY:
 	case SIOCDADDRCTL_POLICY:
 
-		if (kauth_authorize_network(curlwp->l_cred,
+		if (kauth_authorize_network(kauth_cred_get(),
 		KAUTH_NETWORK_SOCKET,
 		KAUTH_REQ_NETWORK_SOCKET_SETPRIV,
 		so, NULL, NULL))

CVS commit: src/sys/netinet6

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Tue Sep 21 15:06:21 UTC 2021

Modified Files:
src/sys/netinet6: in6.c

Log Message:
don't opencode kauth_cred_get()


To generate a diff of this commit:
cvs rdiff -u -r1.282 -r1.283 src/sys/netinet6/in6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Re: CVS commit: src/sys/netinet6

[Thomas Klausner]

On Fri, Apr 24, 2020 at 05:36:55PM +, Jonathan A. Kollasch wrote:
> Module Name:  src
> Committed By: jakllsch
> Date: Fri Apr 24 17:36:55 UTC 2020
> 
> Modified Files:
>   src/sys/netinet6: in6_proto.c
> 
> Log Message:
> Fill in .pr_usrreqs for SOCK_SEQPACKET and SOCK_STREAM variants of SCTP too.
> 
> This should allow these socket types of SCTP to operate on IPv6 family
> sockets, as .pr_usrreqs must not be NULL for socreate() to succeed.

Thanks for this fix!

The one test program I know for sctp now gets further but fails in
setsockopt (with a basically GENERIC/amd64 5.99.57 kernel).

Test program:

hg clone http://www.freediameter.net/hg/freeDiameter
cd freeDiameter
mkdir build
cd build
cmake ..
make
./tests/testsctp

gives:
09:53:15  FATAL! sctp.c:101: CHECK FAILED : fd_sctp_client( _socket, 0, 
TEST_PORT,  ) == 2d != 0

Line 101 is
CHECK_SYS(  setsockopt(sk, IPPROTO_SCTP, SCTP_RTOINFO, 
, sizeof(rtoinfo))  );

Cheers,
 Thomas

Re: CVS commit: src/sys/netinet6

[Roy Marples]

On 22/04/2020 20:32, Roy Marples wrote:

Module Name:src
Committed By:   roy
Date:   Wed Apr 22 19:32:11 UTC 2020

Modified Files:
src/sys/netinet6: nd6_nbr.c

Log Message:
inet6: nd6_na_input() now considers ln_state <= ND6_LLINFO_INCOMPLETE

Otherwise if ln_state != ND6_LLINFO_INCOMPLETE and the is no lladdr
and this message was solicited then ln_state is set to ND6_LLINFO_REACHABLE
which could then cause a panic in nd6_resolve().
If ln_state > ND6_LLINFO_INCOMPLETE then it's assumed we have a lladdr.

Potentially this could have been triggered by the introduction of
ND6_LLINFO_PURGE in nd6.c r1.143 but also by the re-introduction of
ND6_LLINFO_INCOMPLETE in nd6.c r1.263.


I meant ND6_LLINFO_WAITDELETE, not ND6_LLINFO_INCOMPLETE here.


Depending on the timing, it's technically possible to receive such
a message after the llentry is created with ND6_LLINFO_NOSTATE.


To generate a diff of this commit:
cvs rdiff -u -r1.177 -r1.178 src/sys/netinet6/nd6_nbr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Re: CVS commit: src/sys/netinet6

[Robert Elz]

Now that's a simpler fix than I imagined it would be...

kre

CVS commit: src/sys/netinet6

[Maxime Villard]

Module Name:src
Committed By:   maxv
Date:   Tue Nov 12 08:11:55 UTC 2019

Modified Files:
src/sys/netinet6: ip6_input.c

Log Message:
Add more checks in ip6_pullexthdr, to prevent a panic in m_copydata. The
Rip6 entry point could see a garbage Hop6 option.

Not a big issue, since it's a clean panic only triggerable if the socket
has the IN6P_DSTOPTS/IN6P_RTHDR option.

Reported-by: syzbot+3b07b3511b4ceb8bf...@syzkaller.appspotmail.com


To generate a diff of this commit:
cvs rdiff -u -r1.214 -r1.215 src/sys/netinet6/ip6_input.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/ip6_input.c
diff -u src/sys/netinet6/ip6_input.c:1.214 src/sys/netinet6/ip6_input.c:1.215
--- src/sys/netinet6/ip6_input.c:1.214	Fri Oct 18 04:33:53 2019
+++ src/sys/netinet6/ip6_input.c	Tue Nov 12 08:11:55 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: ip6_input.c,v 1.214 2019/10/18 04:33:53 ozaki-r Exp $	*/
+/*	$NetBSD: ip6_input.c,v 1.215 2019/11/12 08:11:55 maxv Exp $	*/
 /*	$KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.214 2019/10/18 04:33:53 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.215 2019/11/12 08:11:55 maxv Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_gateway.h"
@@ -1056,6 +1056,8 @@ ip6_savecontrol(struct in6pcb *in6p, str
 #define IS2292(x, y)	(y)
 #endif
 
+	KASSERT(m->m_flags & M_PKTHDR);
+
 	if (SOOPT_TIMESTAMP(so->so_options))
 		mp = sbsavetimestamp(so->so_options, mp);
 
@@ -1297,12 +1299,18 @@ ip6_pullexthdr(struct mbuf *m, size_t of
 	size_t elen;
 	struct mbuf *n;
 
+	if (off + sizeof(ip6e) > m->m_pkthdr.len)
+		return NULL;
+
 	m_copydata(m, off, sizeof(ip6e), (void *));
 	if (nxt == IPPROTO_AH)
 		elen = (ip6e.ip6e_len + 2) << 2;
 	else
 		elen = (ip6e.ip6e_len + 1) << 3;
 
+	if (off + elen > m->m_pkthdr.len)
+		return NULL;
+
 	MGET(n, M_DONTWAIT, MT_DATA);
 	if (n && elen >= MLEN) {
 		MCLGET(n, M_DONTWAIT);

CVS commit: src/sys/netinet6

[Maxime Villard]

Module Name:src
Committed By:   maxv
Date:   Tue Nov 12 08:11:55 UTC 2019

Modified Files:
src/sys/netinet6: ip6_input.c

Log Message:
Add more checks in ip6_pullexthdr, to prevent a panic in m_copydata. The
Rip6 entry point could see a garbage Hop6 option.

Not a big issue, since it's a clean panic only triggerable if the socket
has the IN6P_DSTOPTS/IN6P_RTHDR option.

Reported-by: syzbot+3b07b3511b4ceb8bf...@syzkaller.appspotmail.com


To generate a diff of this commit:
cvs rdiff -u -r1.214 -r1.215 src/sys/netinet6/ip6_input.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Fri Oct 18 04:33:53 UTC 2019

Modified Files:
src/sys/netinet6: in6_ifattach.c in6_var.h ip6_input.c

Log Message:
in6: reset the temporary address timer on a change of the interval period


To generate a diff of this commit:
cvs rdiff -u -r1.116 -r1.117 src/sys/netinet6/in6_ifattach.c
cvs rdiff -u -r1.101 -r1.102 src/sys/netinet6/in6_var.h
cvs rdiff -u -r1.213 -r1.214 src/sys/netinet6/ip6_input.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Fri Oct 18 04:33:53 UTC 2019

Modified Files:
src/sys/netinet6: in6_ifattach.c in6_var.h ip6_input.c

Log Message:
in6: reset the temporary address timer on a change of the interval period


To generate a diff of this commit:
cvs rdiff -u -r1.116 -r1.117 src/sys/netinet6/in6_ifattach.c
cvs rdiff -u -r1.101 -r1.102 src/sys/netinet6/in6_var.h
cvs rdiff -u -r1.213 -r1.214 src/sys/netinet6/ip6_input.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/in6_ifattach.c
diff -u src/sys/netinet6/in6_ifattach.c:1.116 src/sys/netinet6/in6_ifattach.c:1.117
--- src/sys/netinet6/in6_ifattach.c:1.116	Wed Oct 16 07:40:40 2019
+++ src/sys/netinet6/in6_ifattach.c	Fri Oct 18 04:33:53 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: in6_ifattach.c,v 1.116 2019/10/16 07:40:40 ozaki-r Exp $	*/
+/*	$NetBSD: in6_ifattach.c,v 1.117 2019/10/18 04:33:53 ozaki-r Exp $	*/
 /*	$KAME: in6_ifattach.c,v 1.124 2001/07/18 08:32:51 jinmei Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: in6_ifattach.c,v 1.116 2019/10/16 07:40:40 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in6_ifattach.c,v 1.117 2019/10/18 04:33:53 ozaki-r Exp $");
 
 #include 
 #include 
@@ -75,7 +75,6 @@ static int get_ifid(struct ifnet *, stru
 static int in6_ifattach_linklocal(struct ifnet *, struct ifnet *);
 static int in6_ifattach_loopback(struct ifnet *);
 
-static void in6_tmpaddrtimer_schedule(void);
 static void in6_tmpaddrtimer(void *);
 
 #define EUI64_GBIT	0x01
@@ -861,7 +860,7 @@ in6_tmpaddrtimer_init(void)
 	in6_tmpaddrtimer_schedule();
 }
 
-static void
+void
 in6_tmpaddrtimer_schedule(void)
 {
 

Index: src/sys/netinet6/in6_var.h
diff -u src/sys/netinet6/in6_var.h:1.101 src/sys/netinet6/in6_var.h:1.102
--- src/sys/netinet6/in6_var.h:1.101	Wed Oct 16 07:40:40 2019
+++ src/sys/netinet6/in6_var.h	Fri Oct 18 04:33:53 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: in6_var.h,v 1.101 2019/10/16 07:40:40 ozaki-r Exp $	*/
+/*	$NetBSD: in6_var.h,v 1.102 2019/10/18 04:33:53 ozaki-r Exp $	*/
 /*	$KAME: in6_var.h,v 1.81 2002/06/08 11:16:51 itojun Exp $	*/
 
 /*
@@ -734,6 +734,8 @@ struct in6pcb;
 
 void	in6_sysctl_multicast_setup(struct sysctllog **);
 
+void	in6_tmpaddrtimer_schedule(void);
+
 #endif /* _KERNEL */
 
 #endif /* !_NETINET6_IN6_VAR_H_ */

Index: src/sys/netinet6/ip6_input.c
diff -u src/sys/netinet6/ip6_input.c:1.213 src/sys/netinet6/ip6_input.c:1.214
--- src/sys/netinet6/ip6_input.c:1.213	Wed Oct 16 07:41:28 2019
+++ src/sys/netinet6/ip6_input.c	Fri Oct 18 04:33:53 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: ip6_input.c,v 1.213 2019/10/16 07:41:28 ozaki-r Exp $	*/
+/*	$NetBSD: ip6_input.c,v 1.214 2019/10/18 04:33:53 ozaki-r Exp $	*/
 /*	$KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.213 2019/10/16 07:41:28 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.214 2019/10/18 04:33:53 ozaki-r Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_gateway.h"
@@ -1550,6 +1550,8 @@ sysctl_net_inet6_ip6_temppltime(SYSCTLFN
 
 	ip6_temp_preferred_lifetime = pltime;
 
+	in6_tmpaddrtimer_schedule();
+
 	return 0;
 }
 

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Wed Oct 16 07:40:40 UTC 2019

Modified Files:
src/sys/netinet6: in6_ifattach.c in6_ifattach.h in6_var.h ip6_input.c

Log Message:
Reorganize in6_tmpaddrtimer stuffs

- Move the related functions to where in6_tmpaddrtimer_ch exists
- Hide global variable in6_tmpaddrtimer_ch
- Rename ip6_init2 to in6_tmpaddrtimer_init
- Reduce callers of callout_reset
- Use callout_schedule


To generate a diff of this commit:
cvs rdiff -u -r1.115 -r1.116 src/sys/netinet6/in6_ifattach.c
cvs rdiff -u -r1.13 -r1.14 src/sys/netinet6/in6_ifattach.h
cvs rdiff -u -r1.100 -r1.101 src/sys/netinet6/in6_var.h
cvs rdiff -u -r1.211 -r1.212 src/sys/netinet6/ip6_input.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Wed Oct 16 07:41:28 UTC 2019

Modified Files:
src/sys/netinet6: ip6_input.c

Log Message:
Validate ip6_temp_preferred_lifetime (net.inet6.ip6.temppltime) on a change

ip6_temp_preferred_lifetime is used to calculate an interval period to
regenerate temporary addresse by
  TEMP_PREFERRED_LIFETIME - REGEN_ADVANCE - DESYNC_FACTOR
as per RFC 3041 3.5.  So it must be greater than (REGEN_ADVANCE +
DESYNC_FACTOR), otherwise it will be negative and go wrong, for example
KASSERT(to_ticks >= 0) in callout_schedule_locked fails.


To generate a diff of this commit:
cvs rdiff -u -r1.212 -r1.213 src/sys/netinet6/ip6_input.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Wed Oct 16 07:40:40 UTC 2019

Modified Files:
src/sys/netinet6: in6_ifattach.c in6_ifattach.h in6_var.h ip6_input.c

Log Message:
Reorganize in6_tmpaddrtimer stuffs

- Move the related functions to where in6_tmpaddrtimer_ch exists
- Hide global variable in6_tmpaddrtimer_ch
- Rename ip6_init2 to in6_tmpaddrtimer_init
- Reduce callers of callout_reset
- Use callout_schedule


To generate a diff of this commit:
cvs rdiff -u -r1.115 -r1.116 src/sys/netinet6/in6_ifattach.c
cvs rdiff -u -r1.13 -r1.14 src/sys/netinet6/in6_ifattach.h
cvs rdiff -u -r1.100 -r1.101 src/sys/netinet6/in6_var.h
cvs rdiff -u -r1.211 -r1.212 src/sys/netinet6/ip6_input.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/in6_ifattach.c
diff -u src/sys/netinet6/in6_ifattach.c:1.115 src/sys/netinet6/in6_ifattach.c:1.116
--- src/sys/netinet6/in6_ifattach.c:1.115	Tue May  1 07:21:39 2018
+++ src/sys/netinet6/in6_ifattach.c	Wed Oct 16 07:40:40 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: in6_ifattach.c,v 1.115 2018/05/01 07:21:39 maxv Exp $	*/
+/*	$NetBSD: in6_ifattach.c,v 1.116 2019/10/16 07:40:40 ozaki-r Exp $	*/
 /*	$KAME: in6_ifattach.c,v 1.124 2001/07/18 08:32:51 jinmei Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: in6_ifattach.c,v 1.115 2018/05/01 07:21:39 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: in6_ifattach.c,v 1.116 2019/10/16 07:40:40 ozaki-r Exp $");
 
 #include 
 #include 
@@ -63,7 +63,7 @@ unsigned long in6_maxmtu = 0;
 
 int ip6_auto_linklocal = 1;	/* enable by default */
 
-callout_t in6_tmpaddrtimer_ch;
+static callout_t in6_tmpaddrtimer_ch;
 
 
 #if 0
@@ -75,6 +75,9 @@ static int get_ifid(struct ifnet *, stru
 static int in6_ifattach_linklocal(struct ifnet *, struct ifnet *);
 static int in6_ifattach_loopback(struct ifnet *);
 
+static void in6_tmpaddrtimer_schedule(void);
+static void in6_tmpaddrtimer(void *);
+
 #define EUI64_GBIT	0x01
 #define EUI64_UBIT	0x02
 #define EUI64_TO_IFID(in6)	do {(in6)->s6_addr[8] ^= EUI64_UBIT; } while (/*CONSTCOND*/ 0)
@@ -849,6 +852,25 @@ in6_get_tmpifid(struct ifnet *ifp, u_int
 }
 
 void
+in6_tmpaddrtimer_init(void)
+{
+
+	/* timer for regeneration of temporary addresses randomize ID */
+	callout_init(_tmpaddrtimer_ch, CALLOUT_MPSAFE);
+	callout_setfunc(_tmpaddrtimer_ch, in6_tmpaddrtimer, NULL);
+	in6_tmpaddrtimer_schedule();
+}
+
+static void
+in6_tmpaddrtimer_schedule(void)
+{
+
+	callout_schedule(_tmpaddrtimer_ch,
+	(ip6_temp_preferred_lifetime - ip6_desync_factor -
+	ip6_temp_regen_advance) * hz);
+}
+
+static void
 in6_tmpaddrtimer(void *ignored_arg)
 {
 	struct nd_ifinfo *ndi;
@@ -860,9 +882,7 @@ in6_tmpaddrtimer(void *ignored_arg)
 	mutex_enter(softnet_lock);
 	KERNEL_LOCK(1, NULL);
 
-	callout_reset(_tmpaddrtimer_ch,
-	(ip6_temp_preferred_lifetime - ip6_desync_factor -
-	ip6_temp_regen_advance) * hz, in6_tmpaddrtimer, NULL);
+	in6_tmpaddrtimer_schedule();
 
 	memset(nullbuf, 0, sizeof(nullbuf));
 	s = pserialize_read_enter();

Index: src/sys/netinet6/in6_ifattach.h
diff -u src/sys/netinet6/in6_ifattach.h:1.13 src/sys/netinet6/in6_ifattach.h:1.14
--- src/sys/netinet6/in6_ifattach.h:1.13	Sat Sep 19 13:11:02 2009
+++ src/sys/netinet6/in6_ifattach.h	Wed Oct 16 07:40:40 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: in6_ifattach.h,v 1.13 2009/09/19 13:11:02 christos Exp $	*/
+/*	$NetBSD: in6_ifattach.h,v 1.14 2019/10/16 07:40:40 ozaki-r Exp $	*/
 /*	$KAME: in6_ifattach.h,v 1.8 2000/04/12 03:51:30 itojun Exp $	*/
 
 /*
@@ -37,7 +37,6 @@
 void in6_ifattach(struct ifnet *, struct ifnet *);
 void in6_ifdetach(struct ifnet *);
 int in6_get_tmpifid(struct ifnet *, u_int8_t *, const u_int8_t *, int);
-void in6_tmpaddrtimer(void *);
 int in6_get_hw_ifid(struct ifnet *, struct in6_addr *);
 int in6_nigroup(struct ifnet *, const char *, int, struct sockaddr_in6 *);
 #endif /* _KERNEL */

Index: src/sys/netinet6/in6_var.h
diff -u src/sys/netinet6/in6_var.h:1.100 src/sys/netinet6/in6_var.h:1.101
--- src/sys/netinet6/in6_var.h:1.100	Tue May 29 04:38:29 2018
+++ src/sys/netinet6/in6_var.h	Wed Oct 16 07:40:40 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: in6_var.h,v 1.100 2018/05/29 04:38:29 ozaki-r Exp $	*/
+/*	$NetBSD: in6_var.h,v 1.101 2019/10/16 07:40:40 ozaki-r Exp $	*/
 /*	$KAME: in6_var.h,v 1.81 2002/06/08 11:16:51 itojun Exp $	*/
 
 /*
@@ -584,7 +584,6 @@ extern const struct in6_addr zeroin6_add
 extern const u_char inet6ctlerrmap[];
 extern unsigned long in6_maxmtu;
 extern bool in6_present;
-extern callout_t in6_tmpaddrtimer_ch;
 
 /*
  * Macro for finding the internet address structure (in6_ifaddr) corresponding
@@ -680,6 +679,7 @@ do {	\
 #endif
 
 void	in6_init(void);
+void	in6_tmpaddrtimer_init(void);
 
 void	in6_multi_lock(int);
 void	in6_multi_unlock(void);

Index: src/sys/netinet6/ip6_input.c
diff -u src/sys/netinet6/ip6_input.c:1.211 src/sys/netinet6/ip6_input.c:1.212
--- 

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Wed Oct 16 07:41:28 UTC 2019

Modified Files:
src/sys/netinet6: ip6_input.c

Log Message:
Validate ip6_temp_preferred_lifetime (net.inet6.ip6.temppltime) on a change

ip6_temp_preferred_lifetime is used to calculate an interval period to
regenerate temporary addresse by
  TEMP_PREFERRED_LIFETIME - REGEN_ADVANCE - DESYNC_FACTOR
as per RFC 3041 3.5.  So it must be greater than (REGEN_ADVANCE +
DESYNC_FACTOR), otherwise it will be negative and go wrong, for example
KASSERT(to_ticks >= 0) in callout_schedule_locked fails.


To generate a diff of this commit:
cvs rdiff -u -r1.212 -r1.213 src/sys/netinet6/ip6_input.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/ip6_input.c
diff -u src/sys/netinet6/ip6_input.c:1.212 src/sys/netinet6/ip6_input.c:1.213
--- src/sys/netinet6/ip6_input.c:1.212	Wed Oct 16 07:40:40 2019
+++ src/sys/netinet6/ip6_input.c	Wed Oct 16 07:41:28 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: ip6_input.c,v 1.212 2019/10/16 07:40:40 ozaki-r Exp $	*/
+/*	$NetBSD: ip6_input.c,v 1.213 2019/10/16 07:41:28 ozaki-r Exp $	*/
 /*	$KAME: ip6_input.c,v 1.188 2001/03/29 05:34:31 itojun Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.212 2019/10/16 07:40:40 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip6_input.c,v 1.213 2019/10/16 07:41:28 ozaki-r Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_gateway.h"
@@ -1531,6 +1531,28 @@ sysctl_net_inet6_ip6_stats(SYSCTLFN_ARGS
 	return (NETSTAT_SYSCTL(ip6stat_percpu, IP6_NSTATS));
 }
 
+static int
+sysctl_net_inet6_ip6_temppltime(SYSCTLFN_ARGS)
+{
+	int error;
+	uint32_t pltime;
+	struct sysctlnode node;
+
+	node = *rnode;
+	node.sysctl_data = 
+	pltime = ip6_temp_preferred_lifetime;
+	error = sysctl_lookup(SYSCTLFN_CALL());
+	if (error || newp == NULL)
+		return error;
+
+	if (pltime <= (MAX_TEMP_DESYNC_FACTOR + TEMPADDR_REGEN_ADVANCE))
+		return EINVAL;
+
+	ip6_temp_preferred_lifetime = pltime;
+
+	return 0;
+}
+
 static void
 sysctl_net_inet6_ip6_setup(struct sysctllog **clog)
 {
@@ -1742,7 +1764,7 @@ sysctl_net_inet6_ip6_setup(struct sysctl
 		   CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
 		   CTLTYPE_INT, "temppltime",
 		   SYSCTL_DESCR("preferred lifetime of a temporary address"),
-		   NULL, 0, _temp_preferred_lifetime, 0,
+		   sysctl_net_inet6_ip6_temppltime, 0, NULL, 0,
 		   CTL_NET, PF_INET6, IPPROTO_IPV6,
 		   CTL_CREATE, CTL_EOL);
 	sysctl_createv(clog, 0, NULL, NULL,

CVS commit: src/sys/netinet6

[Valeriy E. Ushakov]

Module Name:src
Committed By:   uwe
Date:   Sun Oct  6 02:30:58 UTC 2019

Modified Files:
src/sys/netinet6: icmp6.c

Log Message:
icmp6_notify_error - fix ctlfunc typedef to match pr_ctlinput,
drop the cast that is no longer necessary.


To generate a diff of this commit:
cvs rdiff -u -r1.242 -r1.243 src/sys/netinet6/icmp6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/icmp6.c
diff -u src/sys/netinet6/icmp6.c:1.242 src/sys/netinet6/icmp6.c:1.243
--- src/sys/netinet6/icmp6.c:1.242	Sat Dec 22 14:07:54 2018
+++ src/sys/netinet6/icmp6.c	Sun Oct  6 02:30:58 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: icmp6.c,v 1.242 2018/12/22 14:07:54 maxv Exp $	*/
+/*	$NetBSD: icmp6.c,v 1.243 2019/10/06 02:30:58 uwe Exp $	*/
 /*	$KAME: icmp6.c,v 1.217 2001/06/20 15:03:29 jinmei Exp $	*/
 
 /*
@@ -62,7 +62,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: icmp6.c,v 1.242 2018/12/22 14:07:54 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: icmp6.c,v 1.243 2019/10/06 02:30:58 uwe Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -950,7 +950,7 @@ icmp6_notify_error(struct mbuf *m, int o
 
 	/* Detect the upper level protocol */
 	{
-		void (*ctlfunc)(int, struct sockaddr *, void *);
+		void *(*ctlfunc)(int, const struct sockaddr *, void *);
 		u_int8_t nxt = eip6->ip6_nxt;
 		int eoff = off + sizeof(struct icmp6_hdr) +
 			sizeof(struct ip6_hdr);
@@ -1077,8 +1077,7 @@ icmp6_notify_error(struct mbuf *m, int o
 			ip6cp.ip6c_cmdarg = (void *)
 		}
 
-		ctlfunc = (void (*)(int, struct sockaddr *, void *))
-		(inet6sw[ip6_protox[nxt]].pr_ctlinput);
+		ctlfunc = inet6sw[ip6_protox[nxt]].pr_ctlinput;
 		if (ctlfunc) {
 			(void)(*ctlfunc)(code, sin6tosa(), );
 		}

CVS commit: src/sys/netinet6

[Valeriy E. Ushakov]

Module Name:src
Committed By:   uwe
Date:   Sun Oct  6 02:30:58 UTC 2019

Modified Files:
src/sys/netinet6: icmp6.c

Log Message:
icmp6_notify_error - fix ctlfunc typedef to match pr_ctlinput,
drop the cast that is no longer necessary.


To generate a diff of this commit:
cvs rdiff -u -r1.242 -r1.243 src/sys/netinet6/icmp6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Kamil Rytarowski]

Module Name:src
Committed By:   kamil
Date:   Mon Sep 23 23:12:47 UTC 2019

Modified Files:
src/sys/netinet6: scope6.c

Log Message:
Remove __noubsan from in6_clearscope()

The alignment issues for x86 should be handled by
 - src/sys/arch/amd64/include/types.h r. 1.62 and
 - src/sys/arch/i386/include/types.h r. 1.90


To generate a diff of this commit:
cvs rdiff -u -r1.21 -r1.22 src/sys/netinet6/scope6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Kamil Rytarowski]

Module Name:src
Committed By:   kamil
Date:   Mon Sep 23 23:12:47 UTC 2019

Modified Files:
src/sys/netinet6: scope6.c

Log Message:
Remove __noubsan from in6_clearscope()

The alignment issues for x86 should be handled by
 - src/sys/arch/amd64/include/types.h r. 1.62 and
 - src/sys/arch/i386/include/types.h r. 1.90


To generate a diff of this commit:
cvs rdiff -u -r1.21 -r1.22 src/sys/netinet6/scope6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/scope6.c
diff -u src/sys/netinet6/scope6.c:1.21 src/sys/netinet6/scope6.c:1.22
--- src/sys/netinet6/scope6.c:1.21	Fri Sep 20 14:53:24 2019
+++ src/sys/netinet6/scope6.c	Mon Sep 23 23:12:47 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: scope6.c,v 1.21 2019/09/20 14:53:24 kamil Exp $	*/
+/*	$NetBSD: scope6.c,v 1.22 2019/09/23 23:12:47 kamil Exp $	*/
 /*	$KAME$	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: scope6.c,v 1.21 2019/09/20 14:53:24 kamil Exp $");
+__KERNEL_RCSID(0, "$NetBSD: scope6.c,v 1.22 2019/09/23 23:12:47 kamil Exp $");
 
 #include 
 #include 
@@ -472,7 +472,6 @@ in6_getscopename(const struct in6_addr *
  * Just clear the embedded scope identifier.  Return 0 if the original address
  * is intact; return non 0 if the address is modified.
  */
-__noubsan
 int
 in6_clearscope(struct in6_addr *in6)
 {

CVS commit: src/sys/netinet6

[Kamil Rytarowski]

Module Name:src
Committed By:   kamil
Date:   Fri Sep 20 14:53:24 UTC 2019

Modified Files:
src/sys/netinet6: scope6.c

Log Message:
Decorate in6_clearscope() with __noubsan

sys/netinet6/scope6.c:480:6,
member access within misaligned address 0x9457bc441286 for type
'struct in6_addr' which requires 4 byte alignment

This issue is caused by accessing non-__packed struct in __packed.
This is a[always?] false-positive reported by the sanitizer and there is no
clear non-invasive approach to handle this, without changing ABI of long
term existing code.

Reported-by: syzbot+b53a9bcf030288081...@syzkaller.appspotmail.com


To generate a diff of this commit:
cvs rdiff -u -r1.20 -r1.21 src/sys/netinet6/scope6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/scope6.c
diff -u src/sys/netinet6/scope6.c:1.20 src/sys/netinet6/scope6.c:1.21
--- src/sys/netinet6/scope6.c:1.20	Tue May  1 07:21:39 2018
+++ src/sys/netinet6/scope6.c	Fri Sep 20 14:53:24 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: scope6.c,v 1.20 2018/05/01 07:21:39 maxv Exp $	*/
+/*	$NetBSD: scope6.c,v 1.21 2019/09/20 14:53:24 kamil Exp $	*/
 /*	$KAME$	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: scope6.c,v 1.20 2018/05/01 07:21:39 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: scope6.c,v 1.21 2019/09/20 14:53:24 kamil Exp $");
 
 #include 
 #include 
@@ -472,6 +472,7 @@ in6_getscopename(const struct in6_addr *
  * Just clear the embedded scope identifier.  Return 0 if the original address
  * is intact; return non 0 if the address is modified.
  */
+__noubsan
 int
 in6_clearscope(struct in6_addr *in6)
 {

CVS commit: src/sys/netinet6

[Kamil Rytarowski]

Module Name:src
Committed By:   kamil
Date:   Fri Sep 20 14:53:24 UTC 2019

Modified Files:
src/sys/netinet6: scope6.c

Log Message:
Decorate in6_clearscope() with __noubsan

sys/netinet6/scope6.c:480:6,
member access within misaligned address 0x9457bc441286 for type
'struct in6_addr' which requires 4 byte alignment

This issue is caused by accessing non-__packed struct in __packed.
This is a[always?] false-positive reported by the sanitizer and there is no
clear non-invasive approach to handle this, without changing ABI of long
term existing code.

Reported-by: syzbot+b53a9bcf030288081...@syzkaller.appspotmail.com


To generate a diff of this commit:
cvs rdiff -u -r1.20 -r1.21 src/sys/netinet6/scope6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Wed Sep 18 08:18:05 UTC 2019

Modified Files:
src/sys/netinet6: nd6_nbr.c

Log Message:
nd6: remove extra pserialize_read_exit


To generate a diff of this commit:
cvs rdiff -u -r1.172 -r1.173 src/sys/netinet6/nd6_nbr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/nd6_nbr.c
diff -u src/sys/netinet6/nd6_nbr.c:1.172 src/sys/netinet6/nd6_nbr.c:1.173
--- src/sys/netinet6/nd6_nbr.c:1.172	Sun Sep  1 18:54:38 2019
+++ src/sys/netinet6/nd6_nbr.c	Wed Sep 18 08:18:05 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6_nbr.c,v 1.172 2019/09/01 18:54:38 roy Exp $	*/
+/*	$NetBSD: nd6_nbr.c,v 1.173 2019/09/18 08:18:05 ozaki-r Exp $	*/
 /*	$KAME: nd6_nbr.c,v 1.61 2001/02/10 16:06:14 jinmei Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: nd6_nbr.c,v 1.172 2019/09/01 18:54:38 roy Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6_nbr.c,v 1.173 2019/09/18 08:18:05 ozaki-r Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -494,7 +494,6 @@ nd6_ns_output(struct ifnet *ifp, const s
 "determined: dst=%s, error=%d\n",
 IN6_PRINT(ip6buf, _sa.sin6_addr),
 error);
-pserialize_read_exit(s);
 goto bad;
 			}
 			src = _in;

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Wed Sep 18 08:18:05 UTC 2019

Modified Files:
src/sys/netinet6: nd6_nbr.c

Log Message:
nd6: remove extra pserialize_read_exit


To generate a diff of this commit:
cvs rdiff -u -r1.172 -r1.173 src/sys/netinet6/nd6_nbr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Kamil Rytarowski]

Module Name:src
Committed By:   kamil
Date:   Thu Sep  5 20:17:27 UTC 2019

Modified Files:
src/sys/netinet6: in6.h

Log Message:
Revert regression introduced in in6.h r. 1.95


revision 1.95
date: 2019-05-28 05:56:46 +0200;  author: kamil;  state: Exp;  lines: +2 -2;  
commitid: YrUzDYl5zfcjiVoB;
Decorate struct in6_addr with the __packed attribute

This avoids undefined behavior when accessing misaligned pointers.

Detected by kUBSan.

Patch by Akul Pillai.


This change caused regression in at least qemu and addresses potential binary 
ABI breakage.

Fixes PR/54523 by 


To generate a diff of this commit:
cvs rdiff -u -r1.95 -r1.96 src/sys/netinet6/in6.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/in6.h
diff -u src/sys/netinet6/in6.h:1.95 src/sys/netinet6/in6.h:1.96
--- src/sys/netinet6/in6.h:1.95	Tue May 28 03:56:46 2019
+++ src/sys/netinet6/in6.h	Thu Sep  5 20:17:27 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: in6.h,v 1.95 2019/05/28 03:56:46 kamil Exp $	*/
+/*	$NetBSD: in6.h,v 1.96 2019/09/05 20:17:27 kamil Exp $	*/
 /*	$KAME: in6.h,v 1.83 2001/03/29 02:55:07 jinmei Exp $	*/
 
 /*
@@ -126,7 +126,7 @@ struct in6_addr {
 		__uint16_t  __u6_addr16[8];
 		uint32_t  __u6_addr32[4];
 	} __u6_addr;			/* 128-bit IP6 address */
-} __packed;
+};
 
 #define s6_addr   __u6_addr.__u6_addr8
 #ifdef _KERNEL	/* XXX nonstandard */

CVS commit: src/sys/netinet6

[Kamil Rytarowski]

Module Name:src
Committed By:   kamil
Date:   Thu Sep  5 20:17:27 UTC 2019

Modified Files:
src/sys/netinet6: in6.h

Log Message:
Revert regression introduced in in6.h r. 1.95


revision 1.95
date: 2019-05-28 05:56:46 +0200;  author: kamil;  state: Exp;  lines: +2 -2;  
commitid: YrUzDYl5zfcjiVoB;
Decorate struct in6_addr with the __packed attribute

This avoids undefined behavior when accessing misaligned pointers.

Detected by kUBSan.

Patch by Akul Pillai.


This change caused regression in at least qemu and addresses potential binary 
ABI breakage.

Fixes PR/54523 by 


To generate a diff of this commit:
cvs rdiff -u -r1.95 -r1.96 src/sys/netinet6/in6.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Roy Marples]

Module Name:src
Committed By:   roy
Date:   Sun Sep  1 19:26:22 UTC 2019

Modified Files:
src/sys/netinet6: nd6.c nd6.h

Log Message:
inet6: Re-introduce ND6_LLINFO_WAITDELETE so we can return EHOSTDOWN

Once we've sent nd6_mmaxtries NS messages, send RTM_MISS and move to the
ND6_LLINFO_WAITDELETE state rather than freeing the llentry right away.
Wait for a probe cycle and then free the llentry.

If a connection attempts to re-use the llentry during ND6_LLINFO_WAITDELETE,
return EHOSTDOWN (or EHOSTUNREACH if a gateway) to match inet behaviour.
Continue to ND6_LLINFO_INCOMPLETE and send another NS probe in hope of a
reply. Rinse and repeat.

This reverts part of nd6.c r1.14 - an 18 year old commit!


To generate a diff of this commit:
cvs rdiff -u -r1.262 -r1.263 src/sys/netinet6/nd6.c
cvs rdiff -u -r1.86 -r1.87 src/sys/netinet6/nd6.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Roy Marples]

Module Name:src
Committed By:   roy
Date:   Sun Sep  1 19:26:22 UTC 2019

Modified Files:
src/sys/netinet6: nd6.c nd6.h

Log Message:
inet6: Re-introduce ND6_LLINFO_WAITDELETE so we can return EHOSTDOWN

Once we've sent nd6_mmaxtries NS messages, send RTM_MISS and move to the
ND6_LLINFO_WAITDELETE state rather than freeing the llentry right away.
Wait for a probe cycle and then free the llentry.

If a connection attempts to re-use the llentry during ND6_LLINFO_WAITDELETE,
return EHOSTDOWN (or EHOSTUNREACH if a gateway) to match inet behaviour.
Continue to ND6_LLINFO_INCOMPLETE and send another NS probe in hope of a
reply. Rinse and repeat.

This reverts part of nd6.c r1.14 - an 18 year old commit!


To generate a diff of this commit:
cvs rdiff -u -r1.262 -r1.263 src/sys/netinet6/nd6.c
cvs rdiff -u -r1.86 -r1.87 src/sys/netinet6/nd6.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/nd6.c
diff -u src/sys/netinet6/nd6.c:1.262 src/sys/netinet6/nd6.c:1.263
--- src/sys/netinet6/nd6.c:1.262	Sun Sep  1 18:54:38 2019
+++ src/sys/netinet6/nd6.c	Sun Sep  1 19:26:21 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6.c,v 1.262 2019/09/01 18:54:38 roy Exp $	*/
+/*	$NetBSD: nd6.c,v 1.263 2019/09/01 19:26:21 roy Exp $	*/
 /*	$KAME: nd6.c,v 1.279 2002/06/08 11:16:51 itojun Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.262 2019/09/01 18:54:38 roy Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.263 2019/09/01 19:26:21 roy Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_net_mpsafe.h"
@@ -480,9 +480,14 @@ nd6_llinfo_timer(void *arg)
 	ndi = ND_IFINFO(ifp);
 
 	switch (ln->ln_state) {
+	case ND6_LLINFO_WAITDELETE:
+		LLE_REMREF(ln);
+		nd6_free(ln, 0);
+		ln = NULL;
+		break;
+
 	case ND6_LLINFO_INCOMPLETE:
-		if (ln->ln_asked < nd6_mmaxtries) {
-			ln->ln_asked++;
+		if (ln->ln_asked++ < nd6_mmaxtries) {
 			send_ns = true;
 			break;
 		}
@@ -506,9 +511,17 @@ nd6_llinfo_timer(void *arg)
 		sockaddr_in6_init(, taddr6, 0, 0, 0);
 		rt_clonedmsg(RTM_MISS, sin6tosa(), NULL, ifp);
 
-		LLE_REMREF(ln);
-		nd6_free(ln, 0);
-		ln = NULL;
+		/*
+		 * Move to the ND6_LLINFO_WAITDELETE state for another
+		 * interval at which point the llentry will be freed
+		 * unless it's attempted to be used again and we'll
+		 * resend NS again, rinse and repeat.
+		 */
+		ln->ln_state = ND6_LLINFO_WAITDELETE;
+		if (ln->ln_asked == nd6_mmaxtries)
+			nd6_llinfo_settimer(ln, ndi->retrans * hz / 1000);
+		else
+			send_ns = true;
 		break;
 
 	case ND6_LLINFO_REACHABLE:
@@ -2312,6 +2325,7 @@ nd6_resolve(struct ifnet *ifp, const str
 	struct llentry *ln = NULL;
 	bool created = false;
 	const struct sockaddr_in6 *dst = satocsin6(_dst);
+	int error;
 
 	/* discard the packet if IPv6 operation is disabled on the interface */
 	if ((ND_IFINFO(ifp)->flags & ND6_IFF_IFDISABLED)) {
@@ -2406,7 +2420,8 @@ nd6_resolve(struct ifnet *ifp, const str
 	 * does not exceed nd6_maxqueuelen.  When it exceeds nd6_maxqueuelen,
 	 * the oldest packet in the queue will be removed.
 	 */
-	if (ln->ln_state == ND6_LLINFO_NOSTATE)
+	if (ln->ln_state == ND6_LLINFO_NOSTATE ||
+	ln->ln_state == ND6_LLINFO_WAITDELETE)
 		ln->ln_state = ND6_LLINFO_INCOMPLETE;
 	if (ln->ln_hold) {
 		struct mbuf *m_hold;
@@ -2430,6 +2445,12 @@ nd6_resolve(struct ifnet *ifp, const str
 		ln->ln_hold = m;
 	}
 
+	if (ln->ln_asked >= nd6_mmaxtries)
+		error = (rt != NULL && rt->rt_flags & RTF_GATEWAY) ?
+		EHOSTUNREACH : EHOSTDOWN;
+	else
+		error = EWOULDBLOCK;
+
 	/*
 	 * If there has been no NS for the neighbor after entering the
 	 * INCOMPLETE state, send the first solicitation.
@@ -2448,7 +2469,7 @@ nd6_resolve(struct ifnet *ifp, const str
 	if (created)
 		nd6_gc_neighbors(LLTABLE6(ifp), >sin6_addr);
 
-	return EWOULDBLOCK;
+	return error;
 }
 
 int

Index: src/sys/netinet6/nd6.h
diff -u src/sys/netinet6/nd6.h:1.86 src/sys/netinet6/nd6.h:1.87
--- src/sys/netinet6/nd6.h:1.86	Tue Mar  6 10:57:00 2018
+++ src/sys/netinet6/nd6.h	Sun Sep  1 19:26:21 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6.h,v 1.86 2018/03/06 10:57:00 roy Exp $	*/
+/*	$NetBSD: nd6.h,v 1.87 2019/09/01 19:26:21 roy Exp $	*/
 /*	$KAME: nd6.h,v 1.95 2002/06/08 11:31:06 itojun Exp $	*/
 
 /*
@@ -38,14 +38,7 @@
 
 #define ND6_LLINFO_PURGE	-3
 #define ND6_LLINFO_NOSTATE	-2
-/*
- * We don't need the WAITDELETE state any more, but we keep the definition
- * in a comment line instead of removing it. This is necessary to avoid
- * unintentionally reusing the value for another purpose, which might
- * affect backward compatibility with old applications.
- * (2711 jin...@kame.net)
- */
-/* #define ND6_LLINFO_WAITDELETE	-1 */
+#define ND6_LLINFO_WAITDELETE	-1
 #define ND6_LLINFO_INCOMPLETE	0
 #define ND6_LLINFO_REACHABLE	1
 #define ND6_LLINFO_STALE	2

CVS commit: src/sys/netinet6

[Roy Marples]

Module Name:src
Committed By:   roy
Date:   Sat Aug 31 01:49:46 UTC 2019

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
inet6: don't set an invalid lladdr in nd6_free()

We don't want to announce that we've deleted a hwaddr of all zeros.


To generate a diff of this commit:
cvs rdiff -u -r1.260 -r1.261 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Roy Marples]

Module Name:src
Committed By:   roy
Date:   Sat Aug 31 01:49:46 UTC 2019

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
inet6: don't set an invalid lladdr in nd6_free()

We don't want to announce that we've deleted a hwaddr of all zeros.


To generate a diff of this commit:
cvs rdiff -u -r1.260 -r1.261 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/nd6.c
diff -u src/sys/netinet6/nd6.c:1.260 src/sys/netinet6/nd6.c:1.261
--- src/sys/netinet6/nd6.c:1.260	Tue Aug 27 21:11:26 2019
+++ src/sys/netinet6/nd6.c	Sat Aug 31 01:49:45 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6.c,v 1.260 2019/08/27 21:11:26 roy Exp $	*/
+/*	$NetBSD: nd6.c,v 1.261 2019/08/31 01:49:45 roy Exp $	*/
 /*	$KAME: nd6.c,v 1.279 2002/06/08 11:16:51 itojun Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.260 2019/08/27 21:11:26 roy Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.261 2019/08/31 01:49:45 roy Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_net_mpsafe.h"
@@ -1192,6 +1192,7 @@ nd6_free(struct llentry *ln, int gc)
 	struct ifnet *ifp;
 	struct in6_addr *in6;
 	struct sockaddr_in6 sin6;
+	const char *lladdr;
 
 	KASSERT(ln != NULL);
 	LLE_WLOCK_ASSERT(ln);
@@ -1282,8 +1283,8 @@ nd6_free(struct llentry *ln, int gc)
 	}
 
 	sockaddr_in6_init(, in6, 0, 0, 0);
-	rt_clonedmsg(RTM_DELETE, sin6tosa(),
-	(const uint8_t *)>ll_addr, ifp);
+	lladdr = ln->la_flags & LLE_VALID ? (const char *)>ll_addr : NULL;
+	rt_clonedmsg(RTM_DELETE, sin6tosa(), lladdr, ifp);
 
 	/*
 	 * Save to unlock. We still hold an extra reference and will not

CVS commit: src/sys/netinet6

[Roy Marples]

Module Name:src
Committed By:   roy
Date:   Thu Aug 29 16:26:43 UTC 2019

Modified Files:
src/sys/netinet6: nd6_nbr.c

Log Message:
Userland really has no business with NA messages.
However, RFC 4861 6.2.5 only says departing routers
*SHOULD* send RA with lifetime of zero and *MUST*
send all subsequent NA messages if the router flag
unset.

To help userland avoid the expensive process of
parsing NA messages, send RTM_CHANGE without a
lladdr in the gateway.
This is different from the intial RTM_ADD also
without a lladdr in the gateway and RTM_DELETE.


To generate a diff of this commit:
cvs rdiff -u -r1.169 -r1.170 src/sys/netinet6/nd6_nbr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Roy Marples]

Module Name:src
Committed By:   roy
Date:   Thu Aug 29 16:26:43 UTC 2019

Modified Files:
src/sys/netinet6: nd6_nbr.c

Log Message:
Userland really has no business with NA messages.
However, RFC 4861 6.2.5 only says departing routers
*SHOULD* send RA with lifetime of zero and *MUST*
send all subsequent NA messages if the router flag
unset.

To help userland avoid the expensive process of
parsing NA messages, send RTM_CHANGE without a
lladdr in the gateway.
This is different from the intial RTM_ADD also
without a lladdr in the gateway and RTM_DELETE.


To generate a diff of this commit:
cvs rdiff -u -r1.169 -r1.170 src/sys/netinet6/nd6_nbr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/nd6_nbr.c
diff -u src/sys/netinet6/nd6_nbr.c:1.169 src/sys/netinet6/nd6_nbr.c:1.170
--- src/sys/netinet6/nd6_nbr.c:1.169	Thu Aug 29 14:28:06 2019
+++ src/sys/netinet6/nd6_nbr.c	Thu Aug 29 16:26:43 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6_nbr.c,v 1.169 2019/08/29 14:28:06 roy Exp $	*/
+/*	$NetBSD: nd6_nbr.c,v 1.170 2019/08/29 16:26:43 roy Exp $	*/
 /*	$KAME: nd6_nbr.c,v 1.61 2001/02/10 16:06:14 jinmei Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: nd6_nbr.c,v 1.169 2019/08/29 14:28:06 roy Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6_nbr.c,v 1.170 2019/08/29 16:26:43 roy Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -854,10 +854,27 @@ nd6_na_input(struct mbuf *m, int off, in
 			 * Remove the sender from the Default Router List and
 			 * update the Destination Cache entries.
 			 */
+			const struct in6_addr *in6 = >r_l3addr.addr6;
 			struct nd_defrouter *dr;
-			const struct in6_addr *in6;
+			struct sockaddr_in6 sin6;
 
-			in6 = >r_l3addr.addr6;
+			/*
+			 * Userland really has no business with NA messages.
+			 * However, RFC 4861 6.2.5 only says departing routers
+			 * *SHOULD* send RA with lifetime of zero and *MUST*
+			 * send all subsequent NA messages if the router flag
+			 * unset.
+			 *
+			 * To help userland avoid the expensive process of
+			 * parsing NA messages, send RTM_CHANGE without a
+			 * lladdr in the gateway.
+			 * This is different from the intial RTM_ADD also
+			 * without a lladdr in the gateway and RTM_DELETE.
+			 */
+			sockaddr_in6_init(, in6, 0, 0, 0);
+			rt_clonedmsg(RTM_CHANGE, sin6tosa(), NULL,
+			ln->lle_tbl->llt_ifp);
+			rt_announce = true;
 
 			ND6_WLOCK();
 			dr = nd6_defrouter_lookup(in6, ln->lle_tbl->llt_ifp);
@@ -887,8 +904,9 @@ nd6_na_input(struct mbuf *m, int off, in
 	if (rt_announce) {
 		struct sockaddr_in6 sin6;
 
-		sockaddr_in6_init(, , 0, 0, 0);
-		rt_clonedmsg(RTM_CHANGE, sin6tosa(), lladdr, ifp);
+		sockaddr_in6_init(, >r_l3addr.addr6, 0, 0, 0);
+		rt_clonedmsg(RTM_CHANGE, sin6tosa(),
+		(char *)>ll_addr, ln->lle_tbl->llt_ifp);
 	}
 
  freeit:

CVS commit: src/sys/netinet6

[Roy Marples]

Module Name:src
Committed By:   roy
Date:   Thu Aug 29 14:28:06 UTC 2019

Modified Files:
src/sys/netinet6: nd6_nbr.c

Log Message:
more bool


To generate a diff of this commit:
cvs rdiff -u -r1.168 -r1.169 src/sys/netinet6/nd6_nbr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/nd6_nbr.c
diff -u src/sys/netinet6/nd6_nbr.c:1.168 src/sys/netinet6/nd6_nbr.c:1.169
--- src/sys/netinet6/nd6_nbr.c:1.168	Thu Aug 29 14:26:55 2019
+++ src/sys/netinet6/nd6_nbr.c	Thu Aug 29 14:28:06 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6_nbr.c,v 1.168 2019/08/29 14:26:55 roy Exp $	*/
+/*	$NetBSD: nd6_nbr.c,v 1.169 2019/08/29 14:28:06 roy Exp $	*/
 /*	$KAME: nd6_nbr.c,v 1.61 2001/02/10 16:06:14 jinmei Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: nd6_nbr.c,v 1.168 2019/08/29 14:26:55 roy Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6_nbr.c,v 1.169 2019/08/29 14:28:06 roy Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -735,7 +735,7 @@ nd6_na_input(struct mbuf *m, int off, in
 	if (ln == NULL)
 		goto freeit;
 
-	rt_announce = 0;
+	rt_announce = false;
 	if (ln->ln_state == ND6_LLINFO_INCOMPLETE) {
 		/*
 		 * If the link-layer has address, and no lladdr option came,
@@ -749,7 +749,7 @@ nd6_na_input(struct mbuf *m, int off, in
 		 */
 		memcpy(>ll_addr, lladdr, ifp->if_addrlen);
 		ln->la_flags |= LLE_VALID;
-		rt_announce = 1;
+		rt_announce = true;
 		if (is_solicited) {
 			ln->ln_state = ND6_LLINFO_REACHABLE;
 			ln->ln_byhint = 0;

CVS commit: src/sys/netinet6

[Roy Marples]

Module Name:src
Committed By:   roy
Date:   Thu Aug 29 14:28:06 UTC 2019

Modified Files:
src/sys/netinet6: nd6_nbr.c

Log Message:
more bool


To generate a diff of this commit:
cvs rdiff -u -r1.168 -r1.169 src/sys/netinet6/nd6_nbr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Roy Marples]

Module Name:src
Committed By:   roy
Date:   Thu Aug 29 14:26:55 UTC 2019

Modified Files:
src/sys/netinet6: nd6_nbr.c

Log Message:
inet6: change rt_announce and llchange to bool in nd6_na_input()


To generate a diff of this commit:
cvs rdiff -u -r1.167 -r1.168 src/sys/netinet6/nd6_nbr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/nd6_nbr.c
diff -u src/sys/netinet6/nd6_nbr.c:1.167 src/sys/netinet6/nd6_nbr.c:1.168
--- src/sys/netinet6/nd6_nbr.c:1.167	Thu Aug 22 21:22:50 2019
+++ src/sys/netinet6/nd6_nbr.c	Thu Aug 29 14:26:55 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6_nbr.c,v 1.167 2019/08/22 21:22:50 roy Exp $	*/
+/*	$NetBSD: nd6_nbr.c,v 1.168 2019/08/29 14:26:55 roy Exp $	*/
 /*	$KAME: nd6_nbr.c,v 1.61 2001/02/10 16:06:14 jinmei Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: nd6_nbr.c,v 1.167 2019/08/22 21:22:50 roy Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6_nbr.c,v 1.168 2019/08/29 14:26:55 roy Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -611,7 +611,7 @@ nd6_na_input(struct mbuf *m, int off, in
 	struct llentry *ln = NULL;
 	union nd_opts ndopts;
 	struct sockaddr_in6 ssin6;
-	int rt_announce;
+	bool rt_announce;
 	bool checklink = false;
 	struct psref psref;
 	struct psref psref_ia;
@@ -770,21 +770,21 @@ nd6_na_input(struct mbuf *m, int off, in
 			checklink = true;
 		}
 	} else {
-		int llchange;
+		bool llchange;
 
 		/*
 		 * Check if the link-layer address has changed or not.
 		 */
 		if (lladdr == NULL)
-			llchange = 0;
+			llchange = false;
 		else {
 			if (ln->la_flags & LLE_VALID) {
 if (memcmp(lladdr, >ll_addr, ifp->if_addrlen))
-	llchange = rt_announce = 1;
+	llchange = rt_announce = true;
 else
-	llchange = 0;
+	llchange = false;
 			} else
-llchange = rt_announce = 1;
+llchange = rt_announce = true;
 		}
 
 		/*

CVS commit: src/sys/netinet6

[Roy Marples]

Module Name:src
Committed By:   roy
Date:   Thu Aug 29 14:26:55 UTC 2019

Modified Files:
src/sys/netinet6: nd6_nbr.c

Log Message:
inet6: change rt_announce and llchange to bool in nd6_na_input()


To generate a diff of this commit:
cvs rdiff -u -r1.167 -r1.168 src/sys/netinet6/nd6_nbr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Re: CVS commit: src/sys/netinet6

[Hisashi T Fujinaka]

On Wed, 28 Aug 2019, Roy Marples wrote:


On 27/08/2019 22:17, Hisashi T Fujinaka wrote:

Is this necessary for -9 too?


Pretty much every BSD with IPv6.

I'll submit a PR for -9 in day or so.
I need to work this and a few other recent changes for -8 and maybe -7 also.


Cool. Thanks for all the effort!

--
Hisashi T Fujinaka - ht...@twofifty.com
BSEE + BSChem + BAEnglish + MSCS + $2.50 = coffee

Re: CVS commit: src/sys/netinet6

[Roy Marples]

On 27/08/2019 22:17, Hisashi T Fujinaka wrote:

Is this necessary for -9 too?


Pretty much every BSD with IPv6.

I'll submit a PR for -9 in day or so.
I need to work this and a few other recent changes for -8 and maybe -7 also.

Roy

Re: CVS commit: src/sys/netinet6

[Hisashi T Fujinaka]

Is this necessary for -9 too?

On Tue, 27 Aug 2019, Roy Marples wrote:


Module Name:src
Committed By:   roy
Date:   Tue Aug 27 21:11:26 UTC 2019

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
inet6: nd6_free assumes all routers are processed by kernel RA

This hasn't been the case for a long time if you're a dhcpcd
user with a default config. As such, it's possible for the default
IPv6 router as set by dhcpcd could be erroneously gc'ed by nd6_free.

This reduces the scope of the ND6_WLOCK taken as well as fixing an
issue where we write to ln->ln_state without a lock being held.


To generate a diff of this commit:
cvs rdiff -u -r1.259 -r1.260 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.



--
Hisashi T Fujinaka - ht...@twofifty.com
BSEE + BSChem + BAEnglish + MSCS + $2.50 = coffee

CVS commit: src/sys/netinet6

[Roy Marples]

Module Name:src
Committed By:   roy
Date:   Tue Aug 27 21:11:26 UTC 2019

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
inet6: nd6_free assumes all routers are processed by kernel RA

This hasn't been the case for a long time if you're a dhcpcd
user with a default config. As such, it's possible for the default
IPv6 router as set by dhcpcd could be erroneously gc'ed by nd6_free.

This reduces the scope of the ND6_WLOCK taken as well as fixing an
issue where we write to ln->ln_state without a lock being held.


To generate a diff of this commit:
cvs rdiff -u -r1.259 -r1.260 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/nd6.c
diff -u src/sys/netinet6/nd6.c:1.259 src/sys/netinet6/nd6.c:1.260
--- src/sys/netinet6/nd6.c:1.259	Thu Aug 22 21:22:50 2019
+++ src/sys/netinet6/nd6.c	Tue Aug 27 21:11:26 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6.c,v 1.259 2019/08/22 21:22:50 roy Exp $	*/
+/*	$NetBSD: nd6.c,v 1.260 2019/08/27 21:11:26 roy Exp $	*/
 /*	$KAME: nd6.c,v 1.279 2002/06/08 11:16:51 itojun Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.259 2019/08/22 21:22:50 roy Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.260 2019/08/27 21:11:26 roy Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_net_mpsafe.h"
@@ -1189,7 +1189,6 @@ nd6_is_addr_neighbor(const struct sockad
 static void
 nd6_free(struct llentry *ln, int gc)
 {
-	struct nd_defrouter *dr;
 	struct ifnet *ifp;
 	struct in6_addr *in6;
 	struct sockaddr_in6 sin6;
@@ -1204,81 +1203,70 @@ nd6_free(struct llentry *ln, int gc)
 	 * even though it is not harmful, it was not really necessary.
 	 */
 
-	if (!ip6_forwarding) {
-		ND6_WLOCK();
-		dr = nd6_defrouter_lookup(in6, ifp);
-
-		if (dr != NULL && dr->expire &&
-		ln->ln_state == ND6_LLINFO_STALE && gc) {
+	if (!ip6_forwarding && ln->ln_router) {
+		if (ln->ln_state == ND6_LLINFO_STALE && gc) {
 			/*
 			 * If the reason for the deletion is just garbage
-			 * collection, and the neighbor is an active default
+			 * collection, and the neighbor is an active
 			 * router, do not delete it.  Instead, reset the GC
 			 * timer using the router's lifetime.
-			 * Simply deleting the entry would affect default
+			 * Simply deleting the entry may affect default
 			 * router selection, which is not necessarily a good
 			 * thing, especially when we're using router preference
 			 * values.
 			 * XXX: the check for ln_state would be redundant,
 			 *  but we intentionally keep it just in case.
 			 */
-			if (dr->expire > time_uptime)
+			if (ln->ln_expire > time_uptime)
 nd6_llinfo_settimer(ln,
-(dr->expire - time_uptime) * hz);
+(ln->ln_expire - time_uptime) * hz);
 			else
 nd6_llinfo_settimer(ln, nd6_gctimer * hz);
-			ND6_UNLOCK();
 			LLE_WUNLOCK(ln);
 			return;
 		}
 
-		if (ln->ln_router || dr) {
-			/*
-			 * We need to unlock to avoid a LOR with nd6_rt_flush()
-			 * with the rnh and for the calls to
-			 * nd6_pfxlist_onlink_check() and nd6_defrouter_select() in the
-			 * block further down for calls into nd6_lookup().
-			 * We still hold a ref.
-			 */
-			LLE_WUNLOCK(ln);
-
-			/*
-			 * nd6_rt_flush must be called whether or not the neighbor
-			 * is in the Default Router List.
-			 * See a corresponding comment in nd6_na_input().
-			 */
-			nd6_rt_flush(in6, ifp);
-		}
+		ND6_WLOCK();
 
-		if (dr) {
-			/*
-			 * Unreachablity of a router might affect the default
-			 * router selection and on-link detection of advertised
-			 * prefixes.
-			 */
+		/*
+		 * We need to unlock to avoid a LOR with nd6_rt_flush()
+		 * with the rnh and for the calls to
+		 * nd6_pfxlist_onlink_check() and nd6_defrouter_select() in the
+		 * block further down for calls into nd6_lookup().
+		 * We still hold a ref.
+		 *
+		 * Temporarily fake the state to choose a new default
+		 * router and to perform on-link determination of
+		 * prefixes correctly.
+		 * Below the state will be set correctly,
+		 * or the entry itself will be deleted.
+		 */
+		ln->ln_state = ND6_LLINFO_INCOMPLETE;
+		LLE_WUNLOCK(ln);
 
-			/*
-			 * Temporarily fake the state to choose a new default
-			 * router and to perform on-link determination of
-			 * prefixes correctly.
-			 * Below the state will be set correctly,
-			 * or the entry itself will be deleted.
-			 */
-			ln->ln_state = ND6_LLINFO_INCOMPLETE;
+		/*
+		 * nd6_rt_flush must be called whether or not the neighbor
+		 * is in the Default Router List.
+		 * See a corresponding comment in nd6_na_input().
+		 */
+		nd6_rt_flush(in6, ifp);
 
-			/*
-			 * Since nd6_defrouter_select() does not affect the
-			 * on-link determination and MIP6 needs the check
-			 * before the default router selection, we perform
-			 * the check now.
-			 */
-			nd6_pfxlist_onlink_check();
+		/*
+		 * Unreachablity of a router might affect the default
+		 * router selection 

CVS commit: src/sys/netinet6

[Roy Marples]

Module Name:src
Committed By:   roy
Date:   Tue Aug 27 21:11:26 UTC 2019

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
inet6: nd6_free assumes all routers are processed by kernel RA

This hasn't been the case for a long time if you're a dhcpcd
user with a default config. As such, it's possible for the default
IPv6 router as set by dhcpcd could be erroneously gc'ed by nd6_free.

This reduces the scope of the ND6_WLOCK taken as well as fixing an
issue where we write to ln->ln_state without a lock being held.


To generate a diff of this commit:
cvs rdiff -u -r1.259 -r1.260 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Roy Marples]

Module Name:src
Committed By:   roy
Date:   Thu Aug 22 21:22:50 UTC 2019

Modified Files:
src/sys/netinet6: nd6.c nd6_nbr.c

Log Message:
nd6: notify userland of neighbour lla updates once more

XXX pullup -8 -9


To generate a diff of this commit:
cvs rdiff -u -r1.258 -r1.259 src/sys/netinet6/nd6.c
cvs rdiff -u -r1.166 -r1.167 src/sys/netinet6/nd6_nbr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Roy Marples]

Module Name:src
Committed By:   roy
Date:   Thu Aug 22 21:22:50 UTC 2019

Modified Files:
src/sys/netinet6: nd6.c nd6_nbr.c

Log Message:
nd6: notify userland of neighbour lla updates once more

XXX pullup -8 -9


To generate a diff of this commit:
cvs rdiff -u -r1.258 -r1.259 src/sys/netinet6/nd6.c
cvs rdiff -u -r1.166 -r1.167 src/sys/netinet6/nd6_nbr.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/nd6.c
diff -u src/sys/netinet6/nd6.c:1.258 src/sys/netinet6/nd6.c:1.259
--- src/sys/netinet6/nd6.c:1.258	Thu Aug 22 21:14:46 2019
+++ src/sys/netinet6/nd6.c	Thu Aug 22 21:22:50 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6.c,v 1.258 2019/08/22 21:14:46 roy Exp $	*/
+/*	$NetBSD: nd6.c,v 1.259 2019/08/22 21:22:50 roy Exp $	*/
 /*	$KAME: nd6.c,v 1.279 2002/06/08 11:16:51 itojun Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.258 2019/08/22 21:14:46 roy Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.259 2019/08/22 21:22:50 roy Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_net_mpsafe.h"
@@ -1192,6 +1192,7 @@ nd6_free(struct llentry *ln, int gc)
 	struct nd_defrouter *dr;
 	struct ifnet *ifp;
 	struct in6_addr *in6;
+	struct sockaddr_in6 sin6;
 
 	KASSERT(ln != NULL);
 	LLE_WLOCK_ASSERT(ln);
@@ -1293,6 +1294,10 @@ nd6_free(struct llentry *ln, int gc)
 			LLE_WLOCK(ln);
 	}
 
+	sockaddr_in6_init(, in6, 0, 0, 0);
+	rt_clonedmsg(RTM_DELETE, sin6tosa(),
+	(const uint8_t *)>ll_addr, ifp);
+
 	/*
 	 * Save to unlock. We still hold an extra reference and will not
 	 * free(9) in llentry_free() if someone else holds one as well.
@@ -2225,11 +2230,13 @@ nd6_cache_lladdr(
 		break;
 	}
 
-#if 0
-	/* XXX should we send rtmsg as it used to be? */
-	if (do_update)
-		rt_newmsg(RTM_CHANGE, rt);  /* tell user process */
-#endif
+	if (do_update) {
+		struct sockaddr_in6 sin6;
+
+		sockaddr_in6_init(, from, 0, 0, 0);
+		rt_clonedmsg(is_newentry ? RTM_ADD : RTM_CHANGE,
+		sin6tosa(), lladdr, ifp);
+	}
 
 	if (ln != NULL) {
 		router = ln->ln_router;

Index: src/sys/netinet6/nd6_nbr.c
diff -u src/sys/netinet6/nd6_nbr.c:1.166 src/sys/netinet6/nd6_nbr.c:1.167
--- src/sys/netinet6/nd6_nbr.c:1.166	Mon Apr 29 16:12:30 2019
+++ src/sys/netinet6/nd6_nbr.c	Thu Aug 22 21:22:50 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6_nbr.c,v 1.166 2019/04/29 16:12:30 roy Exp $	*/
+/*	$NetBSD: nd6_nbr.c,v 1.167 2019/08/22 21:22:50 roy Exp $	*/
 /*	$KAME: nd6_nbr.c,v 1.61 2001/02/10 16:06:14 jinmei Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: nd6_nbr.c,v 1.166 2019/04/29 16:12:30 roy Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6_nbr.c,v 1.167 2019/08/22 21:22:50 roy Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_inet.h"
@@ -883,11 +883,13 @@ nd6_na_input(struct mbuf *m, int off, in
 	 */
 	ln->ln_asked = 0;
 	nd6_llinfo_release_pkts(ln, ifp);
-	/* FIXME */
-#if 0
-	if (rt_announce) /* tell user process about any new lladdr */
-		rt_newmsg(RTM_CHANGE, rt);
-#endif
+
+	if (rt_announce) {
+		struct sockaddr_in6 sin6;
+
+		sockaddr_in6_init(, , 0, 0, 0);
+		rt_clonedmsg(RTM_CHANGE, sin6tosa(), lladdr, ifp);
+	}
 
  freeit:
 	if (ln != NULL)

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Wed Aug 14 08:34:44 UTC 2019

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
Add missing IFNET_LOCK for regen_tmpaddr

Reported by ryo@


To generate a diff of this commit:
cvs rdiff -u -r1.256 -r1.257 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/nd6.c
diff -u src/sys/netinet6/nd6.c:1.256 src/sys/netinet6/nd6.c:1.257
--- src/sys/netinet6/nd6.c:1.256	Fri Jul 26 10:18:42 2019
+++ src/sys/netinet6/nd6.c	Wed Aug 14 08:34:44 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6.c,v 1.256 2019/07/26 10:18:42 christos Exp $	*/
+/*	$NetBSD: nd6.c,v 1.257 2019/08/14 08:34:44 ozaki-r Exp $	*/
 /*	$KAME: nd6.c,v 1.279 2002/06/08 11:16:51 itojun Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.256 2019/07/26 10:18:42 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.257 2019/08/14 08:34:44 ozaki-r Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_net_mpsafe.h"
@@ -666,8 +666,12 @@ nd6_timer_work(struct work *wk, void *ar
 			if (ip6_use_tempaddr &&
 			(ia6->ia6_flags & IN6_IFF_TEMPORARY) != 0 &&
 			(oldflags & IN6_IFF_DEPRECATED) == 0) {
+int ret;
 
-if (regen_tmpaddr(ia6) == 0) {
+IFNET_LOCK(ia6->ia_ifa.ifa_ifp);
+ret = regen_tmpaddr(ia6);
+IFNET_UNLOCK(ia6->ia_ifa.ifa_ifp);
+if (ret == 0) {
 	/*
 	 * A new temporary address is
 	 * generated.

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Wed Aug 14 08:34:44 UTC 2019

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
Add missing IFNET_LOCK for regen_tmpaddr

Reported by ryo@


To generate a diff of this commit:
cvs rdiff -u -r1.256 -r1.257 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Mon Aug  5 10:25:41 UTC 2019

Modified Files:
src/sys/netinet6: in6_offload.h

Log Message:
add forward decl


To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 src/sys/netinet6/in6_offload.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Mon Aug  5 10:25:41 UTC 2019

Modified Files:
src/sys/netinet6: in6_offload.h

Log Message:
add forward decl


To generate a diff of this commit:
cvs rdiff -u -r1.10 -r1.11 src/sys/netinet6/in6_offload.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/in6_offload.h
diff -u src/sys/netinet6/in6_offload.h:1.10 src/sys/netinet6/in6_offload.h:1.11
--- src/sys/netinet6/in6_offload.h:1.10	Tue Dec 11 20:40:20 2018
+++ src/sys/netinet6/in6_offload.h	Mon Aug  5 06:25:41 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: in6_offload.h,v 1.10 2018/12/12 01:40:20 rin Exp $	*/
+/*	$NetBSD: in6_offload.h,v 1.11 2019/08/05 10:25:41 christos Exp $	*/
 
 /*
  * Copyright (c)2005, 2006 YAMAMOTO Takashi,
@@ -33,6 +33,7 @@
  * Subroutines to do software-only equivalent of h/w offloading.
  */
 struct mbuf *tcp6_segment(struct mbuf *, int);
+struct sockaddr_in6;
 int ip6_tso_output(struct ifnet *, struct ifnet *, struct mbuf *,
 const struct sockaddr_in6 *, struct rtentry *);
 void in6_undefer_cksum(struct mbuf *, size_t, int);

CVS commit: src/sys/netinet6

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Fri Jul 26 10:18:42 UTC 2019

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
Decrease the reference count before freeing, so that the entries actually
get free'd. (Ryota Ozaki)


To generate a diff of this commit:
cvs rdiff -u -r1.255 -r1.256 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Fri Jul 26 10:18:42 UTC 2019

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
Decrease the reference count before freeing, so that the entries actually
get free'd. (Ryota Ozaki)


To generate a diff of this commit:
cvs rdiff -u -r1.255 -r1.256 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/nd6.c
diff -u src/sys/netinet6/nd6.c:1.255 src/sys/netinet6/nd6.c:1.256
--- src/sys/netinet6/nd6.c:1.255	Fri Jun 28 02:45:16 2019
+++ src/sys/netinet6/nd6.c	Fri Jul 26 06:18:42 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6.c,v 1.255 2019/06/28 06:45:16 ozaki-r Exp $	*/
+/*	$NetBSD: nd6.c,v 1.256 2019/07/26 10:18:42 christos Exp $	*/
 /*	$KAME: nd6.c,v 1.279 2002/06/08 11:16:51 itojun Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.255 2019/06/28 06:45:16 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.256 2019/07/26 10:18:42 christos Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_net_mpsafe.h"
@@ -497,6 +497,7 @@ nd6_llinfo_timer(void *arg)
 ln->ln_hold = m0;
 clear_llinfo_pqueue(ln);
  			}
+			LLE_REMREF(ln);
 			nd6_free(ln, 0);
 			ln = NULL;
 			if (m != NULL) {
@@ -516,6 +517,7 @@ nd6_llinfo_timer(void *arg)
 	case ND6_LLINFO_STALE:
 		/* Garbage Collection(RFC 2461 5.3) */
 		if (!ND6_LLINFO_PERMANENT(ln)) {
+			LLE_REMREF(ln);
 			nd6_free(ln, 1);
 			ln = NULL;
 		}
@@ -539,6 +541,7 @@ nd6_llinfo_timer(void *arg)
 			daddr6 = >r_l3addr.addr6;
 			send_ns = true;
 		} else {
+			LLE_REMREF(ln);
 			nd6_free(ln, 0);
 			ln = NULL;
 		}

CVS commit: src/sys/netinet6

[Ryota Ozaki]

Module Name:src
Committed By:   ozaki-r
Date:   Fri Jun 28 06:45:16 UTC 2019

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
nd6: restore a missing reachability confirmation

On sending a packet over a STALE cache, the cache should be tried a reachability
confirmation, which is described in RFC 2461/4861 7.3.3.  On the fast path in
nd6_resolve, however, the treatment for STALE caches has been skipped
accidentally.  So STALE caches never be back to the REACHABLE state.

To fix the issue, branch to the fast path only when the cache entry is the
REACHABLE state and leave other caches to the slow path that includes the
treatment.  To this end we need to allow to return a link-layer address if a
valid address is available on the slow path too, which is the same behavior as
FreeBSD and OpenBSD.


To generate a diff of this commit:
cvs rdiff -u -r1.254 -r1.255 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Kamil Rytarowski]

Module Name:src
Committed By:   kamil
Date:   Tue May 28 03:56:46 UTC 2019

Modified Files:
src/sys/netinet6: in6.h

Log Message:
Decorate struct in6_addr with the __packed attribute

This avoids undefined behavior when accessing misaligned pointers.

Detected by kUBSan.

Patch by Akul Pillai.


To generate a diff of this commit:
cvs rdiff -u -r1.94 -r1.95 src/sys/netinet6/in6.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Kamil Rytarowski]

Module Name:src
Committed By:   kamil
Date:   Tue May 28 03:56:46 UTC 2019

Modified Files:
src/sys/netinet6: in6.h

Log Message:
Decorate struct in6_addr with the __packed attribute

This avoids undefined behavior when accessing misaligned pointers.

Detected by kUBSan.

Patch by Akul Pillai.


To generate a diff of this commit:
cvs rdiff -u -r1.94 -r1.95 src/sys/netinet6/in6.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/in6.h
diff -u src/sys/netinet6/in6.h:1.94 src/sys/netinet6/in6.h:1.95
--- src/sys/netinet6/in6.h:1.94	Mon Dec 10 16:28:52 2018
+++ src/sys/netinet6/in6.h	Tue May 28 03:56:46 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: in6.h,v 1.94 2018/12/10 16:28:52 christos Exp $	*/
+/*	$NetBSD: in6.h,v 1.95 2019/05/28 03:56:46 kamil Exp $	*/
 /*	$KAME: in6.h,v 1.83 2001/03/29 02:55:07 jinmei Exp $	*/
 
 /*
@@ -126,7 +126,7 @@ struct in6_addr {
 		__uint16_t  __u6_addr16[8];
 		uint32_t  __u6_addr32[4];
 	} __u6_addr;			/* 128-bit IP6 address */
-};
+} __packed;
 
 #define s6_addr   __u6_addr.__u6_addr8
 #ifdef _KERNEL	/* XXX nonstandard */

CVS commit: src/sys/netinet6

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Mon May 13 02:03:07 UTC 2019

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
print the name of the interface that was disabled.


To generate a diff of this commit:
cvs rdiff -u -r1.253 -r1.254 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

CVS commit: src/sys/netinet6

[Christos Zoulas]

Module Name:src
Committed By:   christos
Date:   Mon May 13 02:03:07 UTC 2019

Modified Files:
src/sys/netinet6: nd6.c

Log Message:
print the name of the interface that was disabled.


To generate a diff of this commit:
cvs rdiff -u -r1.253 -r1.254 src/sys/netinet6/nd6.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: src/sys/netinet6/nd6.c
diff -u src/sys/netinet6/nd6.c:1.253 src/sys/netinet6/nd6.c:1.254
--- src/sys/netinet6/nd6.c:1.253	Mon Apr 29 07:57:22 2019
+++ src/sys/netinet6/nd6.c	Sun May 12 22:03:07 2019
@@ -1,4 +1,4 @@
-/*	$NetBSD: nd6.c,v 1.253 2019/04/29 11:57:22 roy Exp $	*/
+/*	$NetBSD: nd6.c,v 1.254 2019/05/13 02:03:07 christos Exp $	*/
 /*	$KAME: nd6.c,v 1.279 2002/06/08 11:16:51 itojun Exp $	*/
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include 
-__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.253 2019/04/29 11:57:22 roy Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.254 2019/05/13 02:03:07 christos Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_net_mpsafe.h"
@@ -1794,9 +1794,9 @@ nd6_ioctl(u_long cmd, void *data, struct
 
 			if (duplicated_linklocal) {
 ND.flags |= ND6_IFF_IFDISABLED;
-log(LOG_ERR, "Cannot enable an interface"
+log(LOG_ERR, "%s: Cannot enable an interface"
 " with a link-local address marked"
-" duplicate.\n");
+" duplicate.\n", if_name(ifp));
 			} else {
 ND_IFINFO(ifp)->flags &= ~ND6_IFF_IFDISABLED;
 if (ifp->if_flags & IFF_UP)

Re: CVS commit: src/sys/netinet6

[Ryota Ozaki]

On Tue, May 29, 2018 at 6:10 PM Patrick Welche  wrote:

> Module Name:src
> Committed By:   prlw1
> Date:   Tue May 29 09:10:39 UTC 2018

> Modified Files:
>  src/sys/netinet6: in6.c

> Log Message:
> Mark in6m as used for non-DIAGNOSTIC builds.

Oops! Thank you for the fix.

   ozaki-r

Re: CVS commit: src/sys/netinet6

[Robert Swindells]

m...@netbsd.org wrote:
>Module Name:src
>Committed By:   maxv
>Date:   Tue Jan 30 15:54:03 UTC 2018
>
>Modified Files:
>src/sys/netinet6: in6.h ip6_input.c ip6_var.h
>
>Log Message:
>Style, localify, remove dead code, and fix typos. No functional change.

Please could we make ip6_nexthdr() global again ?

It will be used by MobileIPv6.

Robert Swindells

Re: CVS commit: src/sys/netinet6

[Ryota Ozaki]

On Thu, Jan 11, 2018 at 2:07 PM, Ryota Ozaki  wrote:
> Hi,
>
> I'm going to change to use callout_stop because it seems using it
> is almost harmless in practical. See the below explanation (tl;dr).

Eventually we found a possible way to use callout_stop for (MP-)safe
destruction of callout. Please move to
https://mail-index.netbsd.org/tech-kern/2018/01/12/msg022925.html

Thanks,
  ozaki-r

Re: CVS commit: src/sys/netinet6

[Ryota Ozaki]

Hi,

I'm going to change to use callout_stop because it seems using it
is almost harmless in practical. See the below explanation (tl;dr).


I investigated how using callout_stop affects and figured out
it can be problematic but the probability is quite low.
(That's why NetBSD 7 and earlier using callout_stop have worked
without any problems until now.)

The issue of using callout_stop (not callout_halt) is that
callout_stop doesn't wait for the running(*) callout handler to
finish. In DAD cases, DAD-related data (struct dadq, dp) are
freed after callout_stop so the callout handler could
use-after-free it. However, the handler doesn't access dp where
callout_stop is called; the handler is passed ifa (not dp) and
it looks up dp by ifa (**). At the point that callout_stop is
called, the target dp is removed from the global list and the
handler fails to look up and returns with doing nothing.

(*) If the callout is scheduled but the handler isn't dispatched
  when calling callout_stop, it's just canceled.
(**) dp has a pointer to ifa (dp->dad_ifa)

One issue is on using a passed ifa. It can be a dangling pointer
during executing the callout handler because the handler doesn't
guarantee that the ifa isn't freed. Fortunately the handler uses
the ifa only as an address (to look up dp), which is harmless.
One possible problem of touching an ifa which may point a freed
memory area is when the area is reused as another ifa (ifa~).
In that case a wrong dp that points ifa~ can be looked up in the
callout handler, which causes unexpected behaviors.

I estimate that that happens in theory but is unlikely to happen
in practical. Am I wrong?


Note that of course I agree that using callout_halt is the way
to go (actually it's used in the NET_MPSAFE case) and using
callout_stop is just a temporal solution.

  ozaki-r

Re: CVS commit: src/sys/netinet6

[Roy Marples]

On 27/12/2017 09:08, Ryota Ozaki wrote:

There are other paths. nd6_dad_stop is called from in6_purgeaddr,
in6_if_link_down and nd6_ioctl. nd6_dad_duplicated is called nd6_dad_timer,
nd6_dad_ns_input and nd6_dad_na_input.


I added the below assertion in my local repository and found
arp_dad_stoptimer is the same situation as nd6_dad_stoptimer :-/


Probably because I based the arp code on the nd6 code :)
As it was ancient, I assumed it Just Worked.

Roy