#
333106 |
|
30-Apr-2018 |
royger |
MFC 270041:
net: move interface removal notification up in if_detach_internal
Requested by: dexuan
|
#
332332 |
|
09-Apr-2018 |
brooks |
MFC r332151:
ifconf(): correct handling of sockaddrs smaller than struct sockaddr.
Portable programs that use SIOCGIFCONF (e.g. traceroute) assume that each pseudo ifreq is of length MAX(sizeof(struct ifreq), sizeof(ifr_name) + ifr_addr.sa_len). For short sockaddrs we copied too much from the source sockaddr resulting in a heap leak.
I believe only one such sockaddr exists (struct sockaddr_sco which is 8 bytes) and it is unclear if such sockaddrs end up on interfaces in practice. If it did, the result would be an 8 byte heap leak on current architectures.
admbugs: 869 Reviewed by: kib Obtained from: CheriBSD Security: kernel heap leak Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D14981
|
#
332295 |
|
08-Apr-2018 |
brooks |
MFC r332087:
ifconf(): Always zero the whole struct ifreq.
The previous split of zeroing ifr_name and ifr_addr seperately is safe on current architectures, but would be unsafe if pointers were larger than 8 bytes. Combining the zeroing adds no real cost (a few instructions) and makes the security property easier to verify.
Reviewed by: kib, emaste Obtained from: CheriBSD Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D14912
|
#
329913 |
|
24-Feb-2018 |
eugen |
Fix after incomplete MFC r326012: correctly delete loopback route while removing interface address.
Reported by: Andreas Longwitz <longwitz@incore.de> Approved by: avg (mentor)
|
#
326012 |
|
20-Nov-2017 |
eugen |
MFC r325436: RTF_PINNED for an interface
Allow a process to assign an IP address to local ppp interface even if kernel routing table already has a route to the address in question installed by some routing daemon (PR 223129).
Also, allow loopback route deletion when stopping a VIMAGE jail (PR 222647).
PR: 222647, 223129 Reviewed by: gnn Approved by: mav (mentor) Differential Revision: https://reviews.freebsd.org/D12747
|
#
324462 |
|
10-Oct-2017 |
sephe |
MFC 323170
if: Add ioctls to get RSS key and hash type/function.
It will be needed by hn(4) to configure its RSS key and hash type/function in the transparent VF mode in order to match VF's RSS settings. The description of the transparent VF mode and the RSS hash value issue are here: https://svnweb.freebsd.org/base?view=revision&revision=322299 https://svnweb.freebsd.org/base?view=revision&revision=322485
These are generic enough to promise two independent IOCs instead of abusing SIOCGDRVSPEC.
Setting RSS key and hash type/function is a different story, which probably requires more discussion.
Comment about UDP_{IPV4,IPV6,IPV6_EX} were only in the patch in the review request; these hash types are standardized now.
Reviewed by: gallatin Sponsored by: Microsoft Differential Revision: https://reviews.freebsd.org/D12174
|
#
318430 |
|
17-May-2017 |
rpokala |
MFC r318160, 318176: Persistently store NIC's hardware MAC address, and add a way to retrive it
NOTE: Due to restructuring, the merges didn't apply cleanly; the resulting change is almost identical to what went into stable/11, but in some cases in different locations.
The MAC address reported by `ifconfig ${nic} ether' does not always match the address in the hardware, as reported by the driver during attach. In particular, NICs which are components of a lagg(4) interface all report the same MAC.
When attaching, the NIC driver passes the MAC address it read from the hardware as an argument to ether_ifattach(). Keep a second copy of it, and create ioctl(SIOCGHWADDR) to return it. Teach `ifconfig' to report it along with the active MAC address.
PR: 194386
|
#
314122 |
|
23-Feb-2017 |
dexuan |
MFC: r312687, r312916
Approved by: sephe (mentor)
r312687 ifnet: introduce event handlers for ifup/ifdown events
Hyper-V's NIC SR-IOV implementation needs a Hyper-V synthetic NIC and a VF NIC to work together, mainly to support seamless live migration.
When the VF device becomes UP (or DOWN), the synthetic NIC driver needs to switch the data path from the synthetic NIC to the VF (or the opposite).
So the synthetic NIC driver needs to know when a VF device is becoming UP or DOWN and hence the patch is made.
Reviewed by: sephe Approved by: sephe (mentor) Sponsored by: Microsoft Differential Revision: https://reviews.freebsd.org/D8963
r312916 ifnet: move the new ifnet_event EVENTHANDLER_DECLARE to net/if_var.h
Thank glebius for pointing this out: "The network stuff shall not be added to sys/eventhandler.h"
Reviewed by: David_A_Bright_DELL.com, sephe, glebius Approved by: sephe (mentor) Sponsored by: Microsoft Differential Revision: https://reviews.freebsd.org/D9345
|
#
314017 |
|
21-Feb-2017 |
sephe |
MFC 311475
if: Defer the if_up until the ifnet.if_ioctl is called.
This ensures the interface is initialized by the interface driver before it can be used by the rest of the system.
Reviewed by: jhb, karels, gnn Sponsored by: Microsoft Differential Revision: https://reviews.freebsd.org/D8905
|
#
307622 |
|
19-Oct-2016 |
sephe |
MFC 307078
ifnet: Use if_link_state snapshot to invoke ifnet_link_event
So that everyone in this task have consistent view of link state.
Reviewed by: ae Sponsored by: Microsoft Differential Revision: https://reviews.freebsd.org/D8214
|
#
301129 |
|
01-Jun-2016 |
n_hibma |
MFC 300670 (slightly adapted for 10-STABLE):
Change net.link.log_promisc_mode_change to a read-only tunable.
PR: 166255 Submitted by: eugen.grosbein.net Obtained from: hselasky
|
#
300488 |
|
23-May-2016 |
n_hibma |
MFC 299559:
Allow silencing of 'promiscuous mode enabled/disabled' messages.
|
#
300278 |
|
20-May-2016 |
truckman |
MFC r299865
When handling SIOCSIFNAME ensure that the new interface name is NUL terminated. Reject the rename attempt if the name is too long.
|
#
297825 |
|
11-Apr-2016 |
glebius |
Merge r285713 (by zec@) from head: Prevent null-pointer dereferencing.
|
#
294502 |
|
21-Jan-2016 |
bz |
MFC r292604:
If vnets are torn down while ifconfig runs an ioctl to say, destroy an epair(4), we may hit if_detach_internal() without holding a lock and by the time we aquire it the interface might be gone. We should not panic() in this case as it is our fault for not holding the lock all the way. It is not ideal to return silently without error to user space, but other callers will all ignore the return values so do not change the entire KPI for little benefit for now. The ifp will be dealt with one way or another still.
|
#
285824 |
|
23-Jul-2015 |
hrs |
MFC r279538:
Fix group membership of cloned interfaces when one is moved by if_vmove().
In if_vmove(), if_detach_internal() and if_attach_internal() were called in series to detach and reattach the interface. When detaching, if_delgroup() was called and the interface leaves all of the group membership. And then upon attachment, if_addgroup(ifp, IFG_ALL) was called and it joined only "all" group again.
This had a problem. Normally, a cloned interface automatically joins a group whose name is ifc_name of the cloner in addition to "all" upon creation. However, if_vmove() removed the membership and did not restore upon attachment.
Approved by: re (gjb)
|
#
283758 |
|
29-May-2015 |
erj |
MFC r281236 -- extended media types in if_media.h.
Approved by: jfv (mentor)
|
#
280256 |
|
19-Mar-2015 |
ae |
MFC r279920: Add if_input_default() method, that will be used for if_input initialization, when no input method specified before if_attach().
This prevents panics when if_input() method called directly e.g. from bpf(4) code.
PR: 192426
|
#
276124 |
|
23-Dec-2014 |
ae |
Add if_inc_counter() and if_get_counter_default() functions that do access to ifnet counters for code compatibility with FreeBSD 11.
This is direct commit to stable/10.
Discussed with: glebius@, arch@
|
#
274704 |
|
19-Nov-2014 |
hselasky |
MFC r274376: Fix some minor TSO issues: - Improve description of TSO limits. - Remove a not needed KASSERT() - Remove some not needed variable casts.
Sponsored by: Mellanox Technologies
|
#
274043 |
|
03-Nov-2014 |
hselasky |
MFC r271946 and r272595: Improve transmit sending offload, TSO, algorithm in general. This change allows all HCAs from Mellanox Technologies to function properly when TSO is enabled. See r271946 and r272595 for more details about this commit.
Sponsored by: Mellanox Technologies
|
#
269046 |
|
24-Jul-2014 |
kevlo |
MFC r268787:
Deprecate m_act. Use m_nextpkt always.
|
#
267193 |
|
06-Jun-2014 |
asomers |
MFC r264887
Fix host and network routes for new interfaces when net.add_addr_allfibs=0
sys/net/route.c In rtinit1, use the interface fib instead of the process fib. The latter wasn't very useful because ifconfig(8) is usually invoked with the default process fib. Changing ifconfig(8) to use setfib(2) would be redundant, because it already sets the interface fib.
tests/sys/netinet/fibs_test.sh Clear the expected ATF failure
sys/net/if.c Pass the interface fib in calls to rtrequest1_fib and rtalloc1_fib
sys/netinet/in.c sys/net/if_var.h Add a fibnum argument to ifa_switch_loopback_route, a subroutine of in_scrubprefix. Pass it the interface fib.
|
#
267186 |
|
06-Jun-2014 |
asomers |
MFC changes relating to running multiple interfaces on different fibs but with addresses on the same subnet.
MFC r266860
Fix unintended KBI change from r264905. Add _fib versions of ifa_ifwithnet() and ifa_ifwithdstaddr() The legacy functions will call the _fib() versions with RT_ALL_FIBS, preserving legacy behavior.
sys/net/if_var.h sys/net/if.c Add legacy-compatible functions as described above. Ensure legacy behavior when RT_ALL_FIBS is passed as fibnum.
sys/netinet/in_pcb.c sys/netinet/ip_output.c sys/netinet/ip_options.c sys/net/route.c sys/net/rtsock.c sys/netinet6/nd6.c Call with _fib() functions if we must use a specific fib, or the legacy functions otherwise.
tests/sys/netinet/fibs_test.sh tests/sys/netinet/udp_dontroute.c Improve the udp_dontroute test. The bug that this test exercises is that ifa_ifwithnet() will return the wrong address, if multiple interfaces have addresses on the same subnet but with different fibs. The previous version of the test only considered one possible failure mode: that ifa_ifwithnet_fib() might fail to find any suitable address at all. The new version also checks whether ifa_ifwithnet_fib() finds the correct address by checking where the ARP request goes.
MFC r264917
Style fixes, mostly trailing whitespace elimination. No functional change.
MFC r264905
Fix subnet and default routes on different FIBs on the same subnet.
These two bugs are closely related. The root cause is that ifa_ifwithnet does not consider FIBs when searching for an interface address.
sys/net/if_var.h sys/net/if.c Add a fib argument to ifa_ifwithnet and ifa_ifwithdstadddr. Those functions will only return an address whose interface fib equals the argument.
sys/net/route.c Update calls to ifa_ifwithnet and ifa_ifwithdstaddr with fib arguments.
sys/netinet/in.c Update in_addprefix to consider the interface fib when adding prefixes. This will prevent it from not adding a subnet route when one already exists on a different fib.
sys/net/rtsock.c sys/netinet/in_pcb.c sys/netinet/ip_output.c sys/netinet/ip_options.c sys/netinet6/nd6.c Add RT_DEFAULT_FIB arguments to ifa_ifwithdstaddr and ifa_ifwithnet. In some cases it there wasn't a clear specific fib number to use. In others, I was unable to test those functions so I chose RT_DEFAULT_FIB to minimize divergence from current behavior. I will fix some of the latter changes along with PR kern/187553.
tests/sys/netinet/fibs_test.sh tests/sys/netinet/udp_dontroute.c tests/sys/netinet/Makefile Revert r263738. The udp_dontroute test was right all along. However, bugs kern/187550 and kern/187553 cancelled each other out when it came to this test. Because of kern/187553, ifa_ifwithnet searched the default fib instead of the requested one, but because of kern/187550, there was an applicable subnet route on the default fib. The new test added in r263738 doesn't work right, however. I can verify with dtrace that ifa_ifwithnet returned the wrong address before I applied this commit, but route(8) miraculously found the correct interface to use anyway. I don't know how.
Clear expected failure messages for kern/187550 and kern/187552.
MFC r263738
tests/sys/netinet/Makefile tests/sys/netinet/fibs.sh Replace fibs:udp_dontroute with fibs:src_addr_selection_by_subnet. The original test was poorly written; it was actually testing kern/167947 instead of the desired kern/187553. The root cause of the bug is that ifa_ifwithnet did not have a fib argument. The new test more directly targets that behavior.
tests/sys/netinet/udp_dontroute.c Delete the auxilliary binary used by the old test
|
#
265414 |
|
06-May-2014 |
rmacklem |
MFC: r264630 For NFS mounts using rsize,wsize=65536 over TSO enabled network interfaces limited to 32 transmit segments, there are two known issues. The more serious one is that for an I/O of slightly less than 64K, the net device driver prepends an ethernet header, resulting in a TSO segment slightly larger than 64K. Since m_defrag() copies this into 33 mbuf clusters, the transmit fails with EFBIG. A tester indicated observing a similar failure using iSCSI.
The second less critical problem is that the network device driver must copy the mbuf chain via m_defrag() (m_collapse() is not sufficient), resulting in measurable overhead.
This patch reduces the default size of if_hw_tsomax slightly, so that the first issue is avoided. Fixing the second issue will require a way for the network device driver to inform tcp_output() that it is limited to 32 transmit segments.
|
#
285824 |
|
23-Jul-2015 |
hrs |
MFC r279538:
Fix group membership of cloned interfaces when one is moved by if_vmove().
In if_vmove(), if_detach_internal() and if_attach_internal() were called in series to detach and reattach the interface. When detaching, if_delgroup() was called and the interface leaves all of the group membership. And then upon attachment, if_addgroup(ifp, IFG_ALL) was called and it joined only "all" group again.
This had a problem. Normally, a cloned interface automatically joins a group whose name is ifc_name of the cloner in addition to "all" upon creation. However, if_vmove() removed the membership and did not restore upon attachment.
Approved by: re (gjb)
|
#
283758 |
|
29-May-2015 |
erj |
MFC r281236 -- extended media types in if_media.h.
Approved by: jfv (mentor)
|
#
280256 |
|
19-Mar-2015 |
ae |
MFC r279920: Add if_input_default() method, that will be used for if_input initialization, when no input method specified before if_attach().
This prevents panics when if_input() method called directly e.g. from bpf(4) code.
PR: 192426
|
#
276124 |
|
23-Dec-2014 |
ae |
Add if_inc_counter() and if_get_counter_default() functions that do access to ifnet counters for code compatibility with FreeBSD 11.
This is direct commit to stable/10.
Discussed with: glebius@, arch@
|
#
274704 |
|
19-Nov-2014 |
hselasky |
MFC r274376: Fix some minor TSO issues: - Improve description of TSO limits. - Remove a not needed KASSERT() - Remove some not needed variable casts.
Sponsored by: Mellanox Technologies
|
#
274043 |
|
03-Nov-2014 |
hselasky |
MFC r271946 and r272595: Improve transmit sending offload, TSO, algorithm in general. This change allows all HCAs from Mellanox Technologies to function properly when TSO is enabled. See r271946 and r272595 for more details about this commit.
Sponsored by: Mellanox Technologies
|
#
269046 |
|
24-Jul-2014 |
kevlo |
MFC r268787:
Deprecate m_act. Use m_nextpkt always.
|
#
267193 |
|
06-Jun-2014 |
asomers |
MFC r264887
Fix host and network routes for new interfaces when net.add_addr_allfibs=0
sys/net/route.c In rtinit1, use the interface fib instead of the process fib. The latter wasn't very useful because ifconfig(8) is usually invoked with the default process fib. Changing ifconfig(8) to use setfib(2) would be redundant, because it already sets the interface fib.
tests/sys/netinet/fibs_test.sh Clear the expected ATF failure
sys/net/if.c Pass the interface fib in calls to rtrequest1_fib and rtalloc1_fib
sys/netinet/in.c sys/net/if_var.h Add a fibnum argument to ifa_switch_loopback_route, a subroutine of in_scrubprefix. Pass it the interface fib.
|
#
267186 |
|
06-Jun-2014 |
asomers |
MFC changes relating to running multiple interfaces on different fibs but with addresses on the same subnet.
MFC r266860
Fix unintended KBI change from r264905. Add _fib versions of ifa_ifwithnet() and ifa_ifwithdstaddr() The legacy functions will call the _fib() versions with RT_ALL_FIBS, preserving legacy behavior.
sys/net/if_var.h sys/net/if.c Add legacy-compatible functions as described above. Ensure legacy behavior when RT_ALL_FIBS is passed as fibnum.
sys/netinet/in_pcb.c sys/netinet/ip_output.c sys/netinet/ip_options.c sys/net/route.c sys/net/rtsock.c sys/netinet6/nd6.c Call with _fib() functions if we must use a specific fib, or the legacy functions otherwise.
tests/sys/netinet/fibs_test.sh tests/sys/netinet/udp_dontroute.c Improve the udp_dontroute test. The bug that this test exercises is that ifa_ifwithnet() will return the wrong address, if multiple interfaces have addresses on the same subnet but with different fibs. The previous version of the test only considered one possible failure mode: that ifa_ifwithnet_fib() might fail to find any suitable address at all. The new version also checks whether ifa_ifwithnet_fib() finds the correct address by checking where the ARP request goes.
MFC r264917
Style fixes, mostly trailing whitespace elimination. No functional change.
MFC r264905
Fix subnet and default routes on different FIBs on the same subnet.
These two bugs are closely related. The root cause is that ifa_ifwithnet does not consider FIBs when searching for an interface address.
sys/net/if_var.h sys/net/if.c Add a fib argument to ifa_ifwithnet and ifa_ifwithdstadddr. Those functions will only return an address whose interface fib equals the argument.
sys/net/route.c Update calls to ifa_ifwithnet and ifa_ifwithdstaddr with fib arguments.
sys/netinet/in.c Update in_addprefix to consider the interface fib when adding prefixes. This will prevent it from not adding a subnet route when one already exists on a different fib.
sys/net/rtsock.c sys/netinet/in_pcb.c sys/netinet/ip_output.c sys/netinet/ip_options.c sys/netinet6/nd6.c Add RT_DEFAULT_FIB arguments to ifa_ifwithdstaddr and ifa_ifwithnet. In some cases it there wasn't a clear specific fib number to use. In others, I was unable to test those functions so I chose RT_DEFAULT_FIB to minimize divergence from current behavior. I will fix some of the latter changes along with PR kern/187553.
tests/sys/netinet/fibs_test.sh tests/sys/netinet/udp_dontroute.c tests/sys/netinet/Makefile Revert r263738. The udp_dontroute test was right all along. However, bugs kern/187550 and kern/187553 cancelled each other out when it came to this test. Because of kern/187553, ifa_ifwithnet searched the default fib instead of the requested one, but because of kern/187550, there was an applicable subnet route on the default fib. The new test added in r263738 doesn't work right, however. I can verify with dtrace that ifa_ifwithnet returned the wrong address before I applied this commit, but route(8) miraculously found the correct interface to use anyway. I don't know how.
Clear expected failure messages for kern/187550 and kern/187552.
MFC r263738
tests/sys/netinet/Makefile tests/sys/netinet/fibs.sh Replace fibs:udp_dontroute with fibs:src_addr_selection_by_subnet. The original test was poorly written; it was actually testing kern/167947 instead of the desired kern/187553. The root cause of the bug is that ifa_ifwithnet did not have a fib argument. The new test more directly targets that behavior.
tests/sys/netinet/udp_dontroute.c Delete the auxilliary binary used by the old test
|
#
265414 |
|
06-May-2014 |
rmacklem |
MFC: r264630 For NFS mounts using rsize,wsize=65536 over TSO enabled network interfaces limited to 32 transmit segments, there are two known issues. The more serious one is that for an I/O of slightly less than 64K, the net device driver prepends an ethernet header, resulting in a TSO segment slightly larger than 64K. Since m_defrag() copies this into 33 mbuf clusters, the transmit fails with EFBIG. A tester indicated observing a similar failure using iSCSI.
The second less critical problem is that the network device driver must copy the mbuf chain via m_defrag() (m_collapse() is not sufficient), resulting in measurable overhead.
This patch reduces the default size of if_hw_tsomax slightly, so that the first issue is avoided. Fixing the second issue will require a way for the network device driver to inform tcp_output() that it is limited to 32 transmit segments.
|