Fix route leak in ip input.

In previous commit when refactoring the route cache, a rtfree() has
been forgotten. For each forwarded packet the reference counter
of the route entry was increased. Th

Fix route leak in ip input.

In previous commit when refactoring the route cache, a rtfree() has
been forgotten. For each forwarded packet the reference counter
of the route entry was increased. This eventually leads to an
integer overflow and triggers kassert.

reported by and OK jan@

show more ...

Use route cache function in IP input.

Instaed of passing a struct rtentry from ip_input() to ip_forward()
and then embed it into a struct route for ip_output(), start with
struct route and pass it a

Use route cache function in IP input.

Instaed of passing a struct rtentry from ip_input() to ip_forward()
and then embed it into a struct route for ip_output(), start with
struct route and pass it along. Then the route cache is used
consistently. Also the route cache hit and missed counters should
reflect reality after this commit.

There is a small difference in the code. in_ouraddr() checks for
NULL and not rtisvalid(). Previous discussion showed that the route
RTF_UP flag should only be considered for multipath routing.
Otherwise it does not mean anything. Especially the local and
broadcast check in in_ouraddr() should not be affected by interface
link status.

When doing cache lookups, route must be valid, but after rtalloc_mpath()
lookup, use any route that route_mpath() returns.

OK claudio@

show more ...

Run raw IP input in parallel.

Running raw IPv4 input with shared net lock in parallel is less
complex than UDP. Especially there is no socket splicing.

New ip_deliver() may run with shared or excl

Run raw IP input in parallel.

Running raw IPv4 input with shared net lock in parallel is less
complex than UDP. Especially there is no socket splicing.

New ip_deliver() may run with shared or exclusive net lock. The
last parameter indicates the mode. If is is running with shared
netlock and encounters a protocol that needs exclusive lock, the
packet is queued. Old ip_ours() always queued the packet. Now it
calls ip_deliver() with shared net lock, and if that cannot handle
the packet completely, the packet is queued and later processed
with exclusive net lock.

In case of an IPv6 header chain, that switches from shared to
exclusive processing, the next protocol and mbuf offset are stored
in a mbuf tag.

OK mvs@

show more ...

Cleanup IP input, forward, output.

Before changing the routing code, get IPv4 and IPv6 input, forward,
and output in a similar shape. Remove inconsistencies.

OK claudio@

Make the route cache aware of multipath routing.

Pass source address to route_cache() and store it in struct route.
Cached multipath routes are only valid if source address matches.
If sysctl multip

Make the route cache aware of multipath routing.

Pass source address to route_cache() and store it in struct route.
Cached multipath routes are only valid if source address matches.
If sysctl multipath changes, increase route generation number.

OK claudio@

show more ...

Rename all in6p local variables to inp.

There exists no struct in6pcb in OpenBSD, this was an old kame idea.
Calling the local variable in6p does not make sense, it is actually
a struct inpcb. Also

Rename all in6p local variables to inp.

There exists no struct in6pcb in OpenBSD, this was an old kame idea.
Calling the local variable in6p does not make sense, it is actually
a struct inpcb. Also in6p is not used consistently in inet6 code.
Having the same convention for IPv4 and IPv6 is less confusing.

OK sashan@ mvs@

show more ...

Allow counters_read(9) to take an optional scratch buffer.

Using a scratch buffer makes it possible to take a consistent snapshot of
per-CPU counters without having to allocate memory.

Makes ddb(4)

Allow counters_read(9) to take an optional scratch buffer.

Using a scratch buffer makes it possible to take a consistent snapshot of
per-CPU counters without having to allocate memory.

Makes ddb(4) show uvmexp command work in OOM situations.

ok kn@, mvs@, cheloha@

show more ...

Use shared net lock for ip_send() and ip6_send().

When called with NULL options, ip_output() and ip6_output() are MP
safe. Convert exclusive to shared net lock in send dispatch.

OK mpi@

Remove ip_local() and ip6_local(). After moving the IPv4 fragment
reassembly and IPv6 hob-by-hob header chain processing out of
ip_local() and ip6_local(), they are almost empty stubs. The check
fo

Remove ip_local() and ip6_local(). After moving the IPv4 fragment
reassembly and IPv6 hob-by-hob header chain processing out of
ip_local() and ip6_local(), they are almost empty stubs. The check
for local deliver loop in ip_ours() and ip6_ours() is sufficient.
Recover mbuf offset and next protocol directly in ipintr() and
ip6intr().
OK mvs@

show more ...

Run IPv6 hop-by-hop options processing in parallel. The ip6_hbhchcheck()
code is MP safe and moves from ip6_local() to ip6_ours(). If there
are any options, store the chain offset and next protocol

Run IPv6 hop-by-hop options processing in parallel. The ip6_hbhchcheck()
code is MP safe and moves from ip6_local() to ip6_ours(). If there
are any options, store the chain offset and next protocol in a mbuf
tag. When dequeuing without tag, it is a regular IPv6 header. As
mbuf tags degrade performance, use them only if a hop-by-hop header
is present. Such packets are rare and pf drops them by default.
OK mvs@

show more ...

There are some places in ip and ip6 input where operations fail due
to out of memory. Use a generic idropped counter for those.
OK mvs@

At successful return ip6_check_rh0hdr() keeps *offp unmodified.
The IPv6 routing header type 0 check should modify *offp only in
case of an error, so that the generated icmp6 packet has the correct
p

At successful return ip6_check_rh0hdr() keeps *offp unmodified.
The IPv6 routing header type 0 check should modify *offp only in
case of an error, so that the generated icmp6 packet has the correct
pointer.
OK sashan@

show more ...

Clean up the netlock macros. Merge NET_RLOCK_IN_SOFTNET and
NET_RLOCK_IN_IOCTL, which have the same implementation. The R and
W are hard to see, call the new macro NET_LOCK_SHARED. Rename the
oppo

Clean up the netlock macros. Merge NET_RLOCK_IN_SOFTNET and
NET_RLOCK_IN_IOCTL, which have the same implementation. The R and
W are hard to see, call the new macro NET_LOCK_SHARED. Rename the
opposite assertion from NET_ASSERT_WLOCKED to NET_ASSERT_LOCKED_EXCLUSIVE.
Update some outdated comments about net locking.
OK mpi@ mvs@

show more ...

Fix assertion for write netlock in rip6_input(). ip6_input() has
shared net lock. ip_deliver() needs exclusive net lock. Instead
of calling ip_deliver() directly, use ip6_ours() to queue the packe

Fix assertion for write netlock in rip6_input(). ip6_input() has
shared net lock. ip_deliver() needs exclusive net lock. Instead
of calling ip_deliver() directly, use ip6_ours() to queue the packet.
Move the write lock assertion into ip_deliver() to catch such bugs
earlier.
The assertion was only triggered with IPv6 multicast forwarding or
router alert hop by hop option. Found by regress test.
OK kn@ mvs@

show more ...

Pass a pointer to mbuf pointer further down into ip6_process_hopopts()
and ip6_unknown_opt(). Instead of having dangling pointer in caller,
use m_freemp() to set mbuf to NULL.
OK sashan@

Pass down the pointer to mbuf pointer into ip6_hbhchcheck(). This
allows to set the mbuf to NULL and keep it consistent in the caller,
instead of having dangling pointer after free.
OK sashan@

The ip6_hbhchcheck() function never reads the nxtp parameter, it
only sets its value. It is more obvious to return the next protocol
or IPPROTO_DONE to signal error. All IP protocol functions do th

The ip6_hbhchcheck() function never reads the nxtp parameter, it
only sets its value. It is more obvious to return the next protocol
or IPPROTO_DONE to signal error. All IP protocol functions do that.
OK sashan@ florian@

show more ...

Use static objects for struct rttimer_queue instead of dynamically
allocate them.

Currently there are 6 rttimer_queues and not many more will follow. So
change rt_timer_queue_create() to rt_timer_qu

Use static objects for struct rttimer_queue instead of dynamically
allocate them.

Currently there are 6 rttimer_queues and not many more will follow. So
change rt_timer_queue_create() to rt_timer_queue_init() which now takes
a struct rttimer_queue * as argument which will be initialized.
Since this changes the gloabl vars from pointer to struct adjust other
callers as well.
OK bluhm@

show more ...

Move rttimer callback function from the rttimer itself to rttimer_queue.
All users use the same callback per queue so that makes sense.
Also replace rt_timer_queue_destroy() with rt_timer_queue_flush

Move rttimer callback function from the rttimer itself to rttimer_queue.
All users use the same callback per queue so that makes sense.
Also replace rt_timer_queue_destroy() with rt_timer_queue_flush().
OK bluhm@

show more ...

In the multicast router code don't allocate a rt timer queue for each
rdomain. The rttimer API is rtable/rdomain aware and so there is no need
to have so many queues.
Also init the two queues (one fo

In the multicast router code don't allocate a rt timer queue for each
rdomain. The rttimer API is rtable/rdomain aware and so there is no need
to have so many queues.
Also init the two queues (one for IPv4 and one for IPv6) early on. This
will allow the rttable code to become simpler.
OK bluhm@

show more ...

Decouple IP input and forwarding from protocol input. This allows
to have parallel IP processing while the upper layers are still not
MP safe. Introduce ip_ours() that enqueues the packets and ipin

Decouple IP input and forwarding from protocol input. This allows
to have parallel IP processing while the upper layers are still not
MP safe. Introduce ip_ours() that enqueues the packets and ipintr()
that dequeues and processes them with an exclusive netlock.
Note that we still have only one softnet task. Running IP processing
on multiple CPU will be the next step.
lots of testing Hrvoje Popovski; OK sashan@

show more ...

Route timeout was a mixture of int, u_int and long. Use type int
for timeout, add sysctl bounds checking between 0 and max int, and
use time_t for absolute times.

Some code assumes that the route t

Route timeout was a mixture of int, u_int and long. Use type int
for timeout, add sysctl bounds checking between 0 and max int, and
use time_t for absolute times.

Some code assumes that the route timeout queue can be NULL and at
some places this was checked. Better make sure that all queues
always exist. The pool_get for struct rttimer_queue is only called
from initialization and from syscall, so PR_WAITOK is possible.

Keep the special hack when ip_mtudisc is set to 0. Destroy the
queue and generate an empty one.

If redirect timeout is 0, it should not time out. Check the value
in IPv6 to make the behavior like IPv4.

Sysctl net.inet6.icmp6.redirtimeout had no effect as the queue
timeout was not modified. Make icmp6_sysctl() look like icmp_sysctl().

OK claudio@

show more ...

Delete unnecessary #includes of <netinet6/ip6protosw.h>: some never
needed it and some no longer need it after moving the externs from
there to <sys/protosw.h>

ok jsg@

spelling
ok jmc@ reads ok tb@

For a long time ip_ours() and ip6_ours() are calling ip_deliver()
without kernel lock. Unlock the two callers in ip6_input_if() that
have been forgotten.
OK mvs@ kn@