head 1.78; access; symbols netbsd-10-0-RELEASE:1.78 netbsd-10-0-RC6:1.78 netbsd-10-0-RC5:1.78 netbsd-10-0-RC4:1.78 netbsd-10-0-RC3:1.78 netbsd-10-0-RC2:1.78 thorpej-ifq:1.78.0.8 thorpej-ifq-base:1.78 thorpej-altq-separation:1.78.0.6 thorpej-altq-separation-base:1.78 netbsd-10-0-RC1:1.78 netbsd-10:1.78.0.4 netbsd-10-base:1.78 bouyer-sunxi-drm:1.78.0.2 bouyer-sunxi-drm-base:1.78 netbsd-9-3-RELEASE:1.76 thorpej-i2c-spi-conf2:1.77.0.22 thorpej-i2c-spi-conf2-base:1.77 thorpej-futex2:1.77.0.20 thorpej-futex2-base:1.77 thorpej-cfargs2:1.77.0.18 thorpej-cfargs2-base:1.77 cjep_sun2x-base1:1.77 cjep_sun2x:1.77.0.16 cjep_sun2x-base:1.77 cjep_staticlib_x-base1:1.77 netbsd-9-2-RELEASE:1.76 cjep_staticlib_x:1.77.0.14 cjep_staticlib_x-base:1.77 thorpej-i2c-spi-conf:1.77.0.12 thorpej-i2c-spi-conf-base:1.77 thorpej-cfargs:1.77.0.10 thorpej-cfargs-base:1.77 thorpej-futex:1.77.0.8 thorpej-futex-base:1.77 netbsd-9-1-RELEASE:1.76 bouyer-xenpvh-base2:1.77 phil-wifi-20200421:1.77 bouyer-xenpvh-base1:1.77 phil-wifi-20200411:1.77 bouyer-xenpvh:1.77.0.6 bouyer-xenpvh-base:1.77 is-mlppp:1.77.0.4 is-mlppp-base:1.77 phil-wifi-20200406:1.77 netbsd-8-2-RELEASE:1.49.2.3 ad-namecache-base3:1.77 netbsd-9-0-RELEASE:1.76 netbsd-9-0-RC2:1.76 ad-namecache-base2:1.77 ad-namecache-base1:1.77 ad-namecache:1.77.0.2 ad-namecache-base:1.77 netbsd-9-0-RC1:1.76 phil-wifi-20191119:1.77 netbsd-9:1.76.0.2 netbsd-9-base:1.76 phil-wifi-20190609:1.75 netbsd-8-1-RELEASE:1.49.2.3 netbsd-8-1-RC1:1.49.2.3 isaki-audio2:1.75.0.2 isaki-audio2-base:1.75 pgoyette-compat-merge-20190127:1.63.2.3 pgoyette-compat-20190127:1.74 pgoyette-compat-20190118:1.74 pgoyette-compat-1226:1.74 pgoyette-compat-1126:1.74 pgoyette-compat-1020:1.74 pgoyette-compat-0930:1.74 pgoyette-compat-0906:1.74 netbsd-7-2-RELEASE:1.31.2.2 pgoyette-compat-0728:1.74 netbsd-8-0-RELEASE:1.49.2.3 phil-wifi:1.74.0.2 phil-wifi-base:1.74 pgoyette-compat-0625:1.74 netbsd-8-0-RC2:1.49.2.3 pgoyette-compat-0521:1.74 pgoyette-compat-0502:1.70 pgoyette-compat-0422:1.66 netbsd-8-0-RC1:1.49.2.3 pgoyette-compat-0415:1.63 pgoyette-compat-0407:1.63 pgoyette-compat-0330:1.63 pgoyette-compat-0322:1.63 pgoyette-compat-0315:1.63 netbsd-7-1-2-RELEASE:1.31.10.2 pgoyette-compat:1.63.0.2 pgoyette-compat-base:1.63 netbsd-7-1-1-RELEASE:1.31 tls-maxphys-base-20171202:1.55 matt-nb8-mediatek:1.49.2.1.0.2 matt-nb8-mediatek-base:1.49.2.1 nick-nhusb-base-20170825:1.53 perseant-stdc-iso10646:1.53.0.2 perseant-stdc-iso10646-base:1.53 netbsd-8:1.49.0.2 netbsd-8-base:1.49 prg-localcount2-base3:1.49 prg-localcount2-base2:1.48 prg-localcount2-base1:1.48 prg-localcount2:1.48.0.2 prg-localcount2-base:1.48 pgoyette-localcount-20170426:1.48 bouyer-socketcan-base1:1.48 jdolecek-ncq:1.43.0.2 jdolecek-ncq-base:1.43 pgoyette-localcount-20170320:1.42 netbsd-7-1:1.31.0.10 netbsd-7-1-RELEASE:1.31 netbsd-7-1-RC2:1.31 nick-nhusb-base-20170204:1.42 netbsd-7-nhusb-base-20170116:1.31 bouyer-socketcan:1.42.0.4 bouyer-socketcan-base:1.42 pgoyette-localcount-20170107:1.42 netbsd-7-1-RC1:1.31 nick-nhusb-base-20161204:1.42 pgoyette-localcount-20161104:1.42 netbsd-7-0-2-RELEASE:1.31 nick-nhusb-base-20161004:1.42 localcount-20160914:1.42 netbsd-7-nhusb:1.31.0.8 netbsd-7-nhusb-base:1.31 pgoyette-localcount-20160806:1.42 pgoyette-localcount-20160726:1.42 pgoyette-localcount:1.42.0.2 pgoyette-localcount-base:1.42 nick-nhusb-base-20160907:1.42 nick-nhusb-base-20160529:1.38 netbsd-7-0-1-RELEASE:1.31 nick-nhusb-base-20160422:1.37 nick-nhusb-base-20160319:1.37 nick-nhusb-base-20151226:1.32 netbsd-7-0:1.31.0.6 netbsd-7-0-RELEASE:1.31 nick-nhusb-base-20150921:1.32 netbsd-7-0-RC3:1.31 netbsd-7-0-RC2:1.31 netbsd-7-0-RC1:1.31 nick-nhusb-base-20150606:1.32 nick-nhusb-base-20150406:1.32 nick-nhusb:1.31.0.4 nick-nhusb-base:1.31 netbsd-5-2-3-RELEASE:1.24 netbsd-5-1-5-RELEASE:1.24 netbsd-6-0-6-RELEASE:1.28 netbsd-6-1-5-RELEASE:1.28 netbsd-7:1.31.0.2 netbsd-7-base:1.31 yamt-pagecache-base9:1.29 yamt-pagecache-tag8:1.28 netbsd-6-1-4-RELEASE:1.28 netbsd-6-0-5-RELEASE:1.28 tls-earlyentropy:1.29.0.6 tls-earlyentropy-base:1.31 riastradh-xf86-video-intel-2-7-1-pre-2-21-15:1.29 riastradh-drm2-base3:1.29 netbsd-6-1-3-RELEASE:1.28 netbsd-6-0-4-RELEASE:1.28 netbsd-5-2-2-RELEASE:1.24 netbsd-5-1-4-RELEASE:1.24 netbsd-6-1-2-RELEASE:1.28 netbsd-6-0-3-RELEASE:1.28 netbsd-5-2-1-RELEASE:1.24 netbsd-5-1-3-RELEASE:1.24 rmind-smpnet-nbase:1.30 netbsd-6-1-1-RELEASE:1.28 riastradh-drm2-base2:1.29 riastradh-drm2-base1:1.29 riastradh-drm2:1.29.0.4 riastradh-drm2-base:1.29 rmind-smpnet:1.29.0.2 rmind-smpnet-base:1.30 netbsd-6-1:1.28.0.22 netbsd-6-0-2-RELEASE:1.28 netbsd-6-1-RELEASE:1.28 khorben-n900:1.28.0.20 netbsd-6-1-RC4:1.28 netbsd-6-1-RC3:1.28 agc-symver:1.28.0.18 agc-symver-base:1.28 netbsd-6-1-RC2:1.28 netbsd-6-1-RC1:1.28 yamt-pagecache-base8:1.28 netbsd-5-2:1.24.0.32 netbsd-6-0-1-RELEASE:1.28 yamt-pagecache-base7:1.28 netbsd-5-2-RELEASE:1.24 netbsd-5-2-RC1:1.24 matt-nb6-plus-nbase:1.28 yamt-pagecache-base6:1.28 netbsd-6-0:1.28.0.14 netbsd-6-0-RELEASE:1.28 netbsd-6-0-RC2:1.28 tls-maxphys:1.28.0.12 tls-maxphys-base:1.31 matt-nb6-plus:1.28.0.10 matt-nb6-plus-base:1.28 netbsd-6-0-RC1:1.28 jmcneill-usbmp-base10:1.28 yamt-pagecache-base5:1.28 jmcneill-usbmp-base9:1.28 yamt-pagecache-base4:1.28 jmcneill-usbmp-base8:1.28 jmcneill-usbmp-base7:1.28 jmcneill-usbmp-base6:1.28 jmcneill-usbmp-base5:1.28 jmcneill-usbmp-base4:1.28 jmcneill-usbmp-base3:1.28 jmcneill-usbmp-pre-base2:1.28 jmcneill-usbmp-base2:1.28 netbsd-6:1.28.0.8 netbsd-6-base:1.28 netbsd-5-1-2-RELEASE:1.24 netbsd-5-1-1-RELEASE:1.24 jmcneill-usbmp:1.28.0.6 jmcneill-usbmp-base:1.28 jmcneill-audiomp3:1.28.0.4 jmcneill-audiomp3-base:1.28 yamt-pagecache-base3:1.28 yamt-pagecache-base2:1.28 yamt-pagecache:1.28.0.2 yamt-pagecache-base:1.28 rmind-uvmplock-nbase:1.27 cherry-xenmp:1.26.0.2 cherry-xenmp-base:1.26 bouyer-quota2-nbase:1.26 bouyer-quota2:1.24.0.30 bouyer-quota2-base:1.24 jruoho-x86intr:1.24.0.28 jruoho-x86intr-base:1.24 matt-mips64-premerge-20101231:1.24 matt-nb5-mips64-premerge-20101231:1.24 matt-nb5-pq3:1.24.0.26 matt-nb5-pq3-base:1.24 netbsd-5-1:1.24.0.24 netbsd-5-1-RELEASE:1.24 uebayasi-xip-base4:1.24 uebayasi-xip-base3:1.24 yamt-nfs-mp-base11:1.24 netbsd-5-1-RC4:1.24 matt-nb5-mips64-k15:1.24 uebayasi-xip-base2:1.24 yamt-nfs-mp-base10:1.24 netbsd-5-1-RC3:1.24 netbsd-5-1-RC2:1.24 uebayasi-xip-base1:1.24 netbsd-5-1-RC1:1.24 rmind-uvmplock:1.24.0.22 rmind-uvmplock-base:1.27 yamt-nfs-mp-base9:1.24 uebayasi-xip:1.24.0.20 uebayasi-xip-base:1.24 netbsd-5-0-2-RELEASE:1.24 matt-nb5-mips64-premerge-20091211:1.24 matt-premerge-20091211:1.24 yamt-nfs-mp-base8:1.24 matt-nb5-mips64-u2-k2-k4-k7-k8-k9:1.24 matt-nb4-mips64-k7-u2a-k9b:1.24 matt-nb5-mips64-u1-k1-k5:1.24 yamt-nfs-mp-base7:1.24 matt-nb5-mips64:1.24.0.18 netbsd-5-0-1-RELEASE:1.24 jymxensuspend-base:1.24 yamt-nfs-mp-base6:1.24 yamt-nfs-mp-base5:1.24 yamt-nfs-mp-base4:1.24 jym-xensuspend-nbase:1.24 yamt-nfs-mp-base3:1.24 nick-hppapmap-base4:1.24 nick-hppapmap-base3:1.24 netbsd-5-0:1.24.0.16 netbsd-5-0-RELEASE:1.24 netbsd-5-0-RC4:1.24 netbsd-5-0-RC3:1.24 nick-hppapmap-base2:1.24 netbsd-5-0-RC2:1.24 jym-xensuspend:1.24.0.14 jym-xensuspend-base:1.24 netbsd-5-0-RC1:1.24 haad-dm-base2:1.24 haad-nbase2:1.24 ad-audiomp2:1.24.0.12 ad-audiomp2-base:1.24 netbsd-5:1.24.0.10 netbsd-5-base:1.24 nick-hppapmap:1.24.0.8 nick-hppapmap-base:1.24 matt-mips64-base2:1.24 matt-mips64:1.17.0.22 haad-dm-base1:1.24 wrstuden-revivesa-base-4:1.24 netbsd-4-0-1-RELEASE:1.14.2.2 wrstuden-revivesa-base-3:1.24 wrstuden-revivesa-base-2:1.24 wrstuden-fixsa-newbase:1.14.2.2 nick-csl-alignment-base5:1.17 haad-dm:1.24.0.6 haad-dm-base:1.24 wrstuden-revivesa-base-1:1.24 simonb-wapbl-nbase:1.24 yamt-pf42-base4:1.24 simonb-wapbl:1.24.0.4 simonb-wapbl-base:1.24 yamt-pf42-base3:1.24 hpcarm-cleanup-nbase:1.24 yamt-pf42-baseX:1.21 yamt-pf42-base2:1.24 yamt-nfs-mp-base2:1.24 wrstuden-revivesa:1.24.0.2 wrstuden-revivesa-base:1.24 yamt-nfs-mp:1.23.0.2 yamt-nfs-mp-base:1.23 yamt-pf42:1.21.0.8 yamt-pf42-base:1.21 ad-socklock-base1:1.21 yamt-lazymbuf-base15:1.21 yamt-lazymbuf-base14:1.21 keiichi-mipv6-nbase:1.21 mjf-devfs2:1.21.0.6 mjf-devfs2-base:1.24 nick-net80211-sync:1.21.0.4 nick-net80211-sync-base:1.21 keiichi-mipv6:1.21.0.2 keiichi-mipv6-base:1.21 bouyer-xeni386-merge1:1.20 matt-armv6-prevmlocking:1.17.16.1 wrstuden-fixsa-base-1:1.14.2.2 vmlocking2-base3:1.20 netbsd-4-0:1.14.2.2.0.4 netbsd-4-0-RELEASE:1.14.2.2 bouyer-xeni386-nbase:1.20 yamt-kmem-base3:1.20 cube-autoconf:1.20.0.6 cube-autoconf-base:1.20 yamt-kmem-base2:1.20 bouyer-xeni386:1.20.0.4 bouyer-xeni386-base:1.20 yamt-kmem:1.20.0.2 yamt-kmem-base:1.20 vmlocking2-base2:1.20 reinoud-bufcleanup-nbase:1.20 vmlocking2:1.18.0.4 vmlocking2-base1:1.18 netbsd-4-0-RC5:1.14.2.2 matt-nb4-arm:1.14.2.2.0.2 matt-nb4-arm-base:1.14.2.2 matt-armv6-nbase:1.21 jmcneill-base:1.18 netbsd-4-0-RC4:1.14.2.2 mjf-devfs:1.18.0.2 mjf-devfs-base:1.21 bouyer-xenamd64-base2:1.18 vmlocking-nbase:1.18 yamt-x86pmap-base4:1.17 bouyer-xenamd64:1.17.0.20 bouyer-xenamd64-base:1.18 netbsd-4-0-RC3:1.14.2.1 yamt-x86pmap-base3:1.17 yamt-x86pmap-base2:1.17 netbsd-4-0-RC2:1.14.2.1 yamt-x86pmap:1.17.0.18 yamt-x86pmap-base:1.17 netbsd-4-0-RC1:1.14.2.1 matt-armv6:1.17.0.16 matt-armv6-base:1.20 matt-mips64-base:1.17 jmcneill-pm:1.17.0.14 jmcneill-pm-base:1.20 hpcarm-cleanup:1.17.0.12 hpcarm-cleanup-base:1.21 nick-csl-alignment:1.17.0.10 nick-csl-alignment-base:1.17 netbsd-3-1-1-RELEASE:1.10 netbsd-3-0-3-RELEASE:1.10 yamt-idlelwp-base8:1.17 wrstuden-fixsa:1.14.0.4 wrstuden-fixsa-base:1.14.2.2 thorpej-atomic:1.17.0.8 thorpej-atomic-base:1.17 reinoud-bufcleanup:1.17.0.6 reinoud-bufcleanup-base:1.19 mjf-ufs-trans:1.17.0.4 mjf-ufs-trans-base:1.17 vmlocking:1.17.0.2 vmlocking-base:1.17 ad-audiomp:1.15.0.4 ad-audiomp-base:1.15 yamt-idlelwp:1.15.0.2 post-newlock2-merge:1.14 newlock2-nbase:1.14 yamt-splraiseipl-base5:1.14 yamt-splraiseipl-base4:1.14 yamt-splraiseipl-base3:1.14 abandoned-netbsd-4-base:1.12 abandoned-netbsd-4:1.12.0.18 netbsd-3-1:1.10.0.6 netbsd-3-1-RELEASE:1.10 netbsd-3-0-2-RELEASE:1.10 yamt-splraiseipl-base2:1.13 netbsd-3-1-RC4:1.10 yamt-splraiseipl:1.12.0.22 yamt-splraiseipl-base:1.12 netbsd-3-1-RC3:1.10 yamt-pdpolicy-base9:1.12 newlock2:1.12.0.20 newlock2-base:1.14 yamt-pdpolicy-base8:1.12 netbsd-3-1-RC2:1.10 netbsd-3-1-RC1:1.10 yamt-pdpolicy-base7:1.12 netbsd-4:1.14.0.2 netbsd-4-base:1.14 yamt-pdpolicy-base6:1.12 chap-midi-nbase:1.12 netbsd-3-0-1-RELEASE:1.10 gdamore-uart:1.12.0.16 gdamore-uart-base:1.12 simonb-timcounters-final:1.12 yamt-pdpolicy-base5:1.12 chap-midi:1.12.0.14 chap-midi-base:1.12 yamt-pdpolicy-base4:1.12 yamt-pdpolicy-base3:1.12 peter-altq-base:1.12 peter-altq:1.12.0.12 yamt-pdpolicy-base2:1.12 elad-kernelauth-base:1.12 elad-kernelauth:1.12.0.10 yamt-pdpolicy:1.12.0.8 yamt-pdpolicy-base:1.12 yamt-uio_vmspace-base5:1.12 simonb-timecounters:1.12.0.6 simonb-timecounters-base:1.12 rpaulo-netinet-merge-pcb:1.12.0.4 rpaulo-netinet-merge-pcb-base:1.12 yamt-uio_vmspace:1.12.0.2 netbsd-3-0:1.10.0.4 netbsd-3-0-RELEASE:1.10 netbsd-3-0-RC6:1.10 yamt-readahead-base3:1.11 netbsd-3-0-RC5:1.10 netbsd-3-0-RC4:1.10 netbsd-3-0-RC3:1.10 yamt-readahead-base2:1.11 netbsd-3-0-RC2:1.10 yamt-readahead-pervnode:1.11 yamt-readahead-perfile:1.11 yamt-readahead:1.11.0.8 yamt-readahead-base:1.11 netbsd-3-0-RC1:1.10 yamt-vop-base3:1.11 netbsd-2-0-3-RELEASE:1.9 netbsd-2-1:1.9.0.16 yamt-vop-base2:1.11 thorpej-vnode-attr:1.11.0.6 thorpej-vnode-attr-base:1.11 netbsd-2-1-RELEASE:1.9 yamt-vop:1.11.0.4 yamt-vop-base:1.11 netbsd-2-1-RC6:1.9 netbsd-2-1-RC5:1.9 netbsd-2-1-RC4:1.9 netbsd-2-1-RC3:1.9 netbsd-2-1-RC2:1.9 netbsd-2-1-RC1:1.9 yamt-lazymbuf:1.11.0.2 yamt-km-base4:1.10 netbsd-2-0-2-RELEASE:1.9 yamt-km-base3:1.10 netbsd-3:1.10.0.2 netbsd-3-base:1.10 yamt-km-base2:1.9 yamt-km:1.9.0.12 yamt-km-base:1.9 kent-audio2:1.9.0.10 kent-audio2-base:1.10 netbsd-2-0-1-RELEASE:1.9 kent-audio1-beforemerge:1.9 netbsd-2:1.9.0.8 netbsd-2-base:1.9 kent-audio1:1.9.0.6 kent-audio1-base:1.9 netbsd-2-0-RELEASE:1.9 netbsd-2-0-RC5:1.9 netbsd-2-0-RC4:1.9 netbsd-2-0-RC3:1.9 netbsd-2-0-RC2:1.9 netbsd-2-0-RC1:1.9 ktrace-lwp-base:1.11 ktrace-lwp:1.9.0.4 netbsd-2-0:1.9.0.2 netbsd-2-0-base:1.9; locks; strict; comment @ * @; 1.78 date 2022.05.22.11.39.08; author riastradh; state Exp; branches; next 1.77; commitid 7PAkk3nx3vXGP2FD; 1.77 date 2019.11.01.04.23.21; author knakahara; state Exp; branches; next 1.76; commitid QBOrTJYs5Http6JB; 1.76 date 2019.06.12.22.23.50; author christos; state Exp; branches; next 1.75; commitid b76Y1luO5sE1XWqB; 1.75 date 2019.01.27.02.08.48; author pgoyette; state Exp; branches; next 1.74; commitid ipPva1Pj3xTcBm9B; 1.74 date 2018.05.07.09.33.51; author maxv; state Exp; branches 1.74.2.1; next 1.73; commitid ZSMbKqzalkj8AlBA; 1.73 date 2018.05.07.09.25.04; author maxv; state Exp; branches; next 1.72; commitid ttTUVLDj4mxbxlBA; 1.72 date 2018.05.07.09.16.46; author maxv; state Exp; branches; next 1.71; commitid OsWrHU5hJELiulBA; 1.71 date 2018.05.07.09.08.06; author maxv; state Exp; branches; next 1.70; commitid yBvWYsTEaLzlrlBA; 1.70 date 2018.04.29.14.35.35; author maxv; state Exp; branches; next 1.69; commitid YIycOcjQBG2FvlAA; 1.69 date 2018.04.28.15.45.16; author maxv; state Exp; branches; next 1.68; commitid ySTKHiWT6KZtVdAA; 1.68 date 2018.04.24.08.07.06; author maxv; state Exp; branches; next 1.67; commitid O1I6cFGJgMnlwFzA; 1.67 date 2018.04.22.10.25.40; author maxv; state Exp; branches; next 1.66; commitid iSWgqcRzWc9RlqzA; 1.66 date 2018.04.19.08.27.39; author maxv; state Exp; branches; next 1.65; commitid ggkwBk57H1OiN1zA; 1.65 date 2018.04.19.08.16.44; author maxv; state Exp; branches; next 1.64; commitid GDtCk631xzYBJ1zA; 1.64 date 2018.04.18.06.43.10; author maxv; state Exp; branches; next 1.63; commitid QoaQh790Oa8xfTyA; 1.63 date 2018.02.15.10.41.51; author maxv; state Exp; branches 1.63.2.1; next 1.62; commitid CBKCrIAhLeBWyWqA; 1.62 date 2018.02.15.10.28.49; author maxv; state Exp; branches; next 1.61; commitid gXJohzGCpLMvuWqA; 1.61 date 2018.02.15.10.21.39; author maxv; state Exp; branches; next 1.60; commitid 3KzyVCm5h6R2sWqA; 1.60 date 2018.02.15.10.09.53; author maxv; state Exp; branches; next 1.59; commitid cSXYckYoAG91oWqA; 1.59 date 2018.02.15.10.04.43; author maxv; state Exp; branches; next 1.58; commitid 7N4SYm1zdk9dmWqA; 1.58 date 2018.01.24.14.39.14; author maxv; state Exp; branches; next 1.57; commitid XAmlm1skm84gA8oA; 1.57 date 2018.01.24.14.37.34; author maxv; state Exp; branches; next 1.56; commitid Y3VhQK46VibFz8oA; 1.56 date 2018.01.14.16.36.04; author maxv; state Exp; branches; next 1.55; commitid EgJuGOJFHCI2yRmA; 1.55 date 2017.11.15.10.42.41; author knakahara; state Exp; branches; next 1.54; commitid 11iqliCSvCpBw7fA; 1.54 date 2017.10.03.08.56.52; author ozaki-r; state Exp; branches; next 1.53; commitid gjLnaa9lvu91kA9A; 1.53 date 2017.07.14.12.26.26; author ozaki-r; state Exp; branches; next 1.52; commitid bcPl7uj03THk5cZz; 1.52 date 2017.07.14.01.24.23; author ozaki-r; state Exp; branches; next 1.51; commitid x1jhAJywpYtdq8Zz; 1.51 date 2017.07.12.07.00.40; author ozaki-r; state Exp; branches; next 1.50; commitid jKo2gzVlk92zlUYz; 1.50 date 2017.06.29.07.13.41; author ozaki-r; state Exp; branches; next 1.49; commitid PlPF4B5CXXfWPeXz; 1.49 date 2017.05.11.05.55.14; author ryo; state Exp; branches 1.49.2.1; next 1.48; commitid x7EBNRr9UEVFYVQz; 1.48 date 2017.04.19.03.39.14; author ozaki-r; state Exp; branches 1.48.2.1; next 1.47; commitid 0Vp26EUYDwuQV5Oz; 1.47 date 2017.04.18.05.26.42; author ozaki-r; state Exp; branches; next 1.46; commitid VBHrbI9Gu6MIyYNz; 1.46 date 2017.04.18.05.25.32; author ozaki-r; state Exp; branches; next 1.45; commitid aRA6uYMfzq2kyYNz; 1.45 date 2017.04.15.22.01.57; author christos; state Exp; branches; next 1.44; commitid N7hAjuKYuakR9GNz; 1.44 date 2017.04.14.22.35.05; author christos; state Exp; branches; next 1.43; commitid HrnAu2lCQznfnyNz; 1.43 date 2017.04.06.09.20.07; author ozaki-r; state Exp; branches; next 1.42; commitid 0wn868iaQHxIesMz; 1.42 date 2016.07.07.09.32.03; author ozaki-r; state Exp; branches 1.42.2.1 1.42.4.1; next 1.41; commitid 3AR5ZDxZPZbq4ndz; 1.41 date 2016.07.04.04.35.09; author knakahara; state Exp; branches; next 1.40; commitid rsIvHOhlqO0UwXcz; 1.40 date 2016.07.04.04.17.25; author knakahara; state Exp; branches; next 1.39; commitid rgxCbZ4Vbh6PqXcz; 1.39 date 2016.06.10.13.31.44; author ozaki-r; state Exp; branches; next 1.38; commitid efhXWOKJx879gV9z; 1.38 date 2016.05.12.02.24.17; author ozaki-r; state Exp; branches; next 1.37; commitid bXSu8U0Ul93Pt86z; 1.37 date 2016.01.26.06.00.10; author knakahara; state Exp; branches; next 1.36; commitid SU20Rgurt8t19pSy; 1.36 date 2016.01.26.05.58.06; author knakahara; state Exp; branches; next 1.35; commitid p7dUjlnOz4ua8pSy; 1.35 date 2016.01.22.23.27.12; author riastradh; state Exp; branches; next 1.34; commitid PmnbAsvcfBDz3ZRy; 1.34 date 2016.01.22.05.15.10; author riastradh; state Exp; branches; next 1.33; commitid t6GcoSmtdCiR0TRy; 1.33 date 2016.01.20.21.44.00; author riastradh; state Exp; branches; next 1.32; commitid S2fUd70hOsxHyIRy; 1.32 date 2015.03.27.07.47.10; author ozaki-r; state Exp; branches; next 1.31; commitid NrfrfZ26BqiNwdfy; 1.31 date 2014.06.05.23.48.17; author rmind; state Exp; branches 1.31.2.1 1.31.4.1 1.31.6.1 1.31.10.1; next 1.30; commitid P7hs4C9IyZuIkoDx; 1.30 date 2014.05.18.14.46.16; author rmind; state Exp; branches; next 1.29; commitid vElNFHEJ7uqPU1Bx; 1.29 date 2013.06.05.19.01.26; author christos; state Exp; branches 1.29.2.1 1.29.6.1; next 1.28; commitid dVYMu6whoO3QtsSw; 1.28 date 2011.07.17.20.54.54; author joerg; state Exp; branches 1.28.2.1 1.28.8.1 1.28.12.1 1.28.14.1 1.28.22.1; next 1.27; 1.27 date 2011.06.06.16.48.35; author drochner; state Exp; branches; next 1.26; 1.26 date 2011.02.18.20.40.58; author drochner; state Exp; branches 1.26.2.1; next 1.25; 1.25 date 2011.02.18.19.06.45; author drochner; state Exp; branches; next 1.24; 1.24 date 2008.04.27.12.58.48; author degroote; state Exp; branches 1.24.22.1 1.24.28.1 1.24.30.1; next 1.23; 1.23 date 2008.04.24.11.38.38; author ad; state Exp; branches 1.23.2.1; next 1.22; 1.22 date 2008.04.23.06.09.05; author thorpej; state Exp; branches; next 1.21; 1.21 date 2008.02.10.21.42.20; author degroote; state Exp; branches 1.21.6.1 1.21.8.1; next 1.20; 1.20 date 2007.12.07.19.46.18; author elad; state Exp; branches; next 1.19; 1.19 date 2007.12.04.10.28.45; author dyoung; state Exp; branches; next 1.18; 1.18 date 2007.10.28.15.48.23; author adrianp; state Exp; branches 1.18.2.1 1.18.4.1; next 1.17; 1.17 date 2007.03.04.21.17.56; author degroote; state Exp; branches 1.17.6.1 1.17.14.1 1.17.16.1 1.17.20.1; next 1.16; 1.16 date 2007.03.04.06.03.30; author christos; state Exp; branches; next 1.15; 1.15 date 2007.02.10.09.43.05; author degroote; state Exp; branches 1.15.2.1; next 1.14; 1.14 date 2006.11.16.01.33.49; author christos; state Exp; branches 1.14.2.1 1.14.4.1; next 1.13; 1.13 date 2006.10.13.20.53.59; author christos; state Exp; branches; next 1.12; 1.12 date 2005.12.11.12.25.06; author christos; state Exp; branches 1.12.20.1 1.12.22.1; next 1.11; 1.11 date 2005.06.06.06.06.50; author martin; state Exp; branches 1.11.2.1; next 1.10; 1.10 date 2005.02.26.22.45.13; author perry; state Exp; branches 1.10.2.1 1.10.4.1 1.10.6.1; next 1.9; 1.9 date 2004.03.17.00.21.43; author jonathan; state Exp; branches 1.9.2.1 1.9.4.1 1.9.8.1 1.9.10.1 1.9.12.1 1.9.16.1; next 1.8; 1.8 date 2004.01.16.11.06.27; author scw; state Exp; branches; next 1.7; 1.7 date 2003.11.17.21.34.27; author jonathan; state Exp; branches; next 1.6; 1.6 date 2003.11.14.07.15.28; author jonathan; state Exp; branches; next 1.5; 1.5 date 2003.10.06.22.05.15; author tls; state Exp; branches; next 1.4; 1.4 date 2003.09.12.11.21.00; author itojun; state Exp; branches; next 1.3; 1.3 date 2003.09.12.11.09.31; author itojun; state Exp; branches; next 1.2; 1.2 date 2003.08.20.22.33.41; author jonathan; state Exp; branches; next 1.1; 1.1 date 2003.08.13.20.06.52; author jonathan; state Exp; branches; next ; 1.74.2.1 date 2019.06.10.22.09.48; author christos; state Exp; branches; next 1.74.2.2; commitid jtc8rnCzWiEEHGqB; 1.74.2.2 date 2020.04.13.08.05.17; author martin; state Exp; branches; next ; commitid X01YhRUPVUDaec4C; 1.63.2.1 date 2018.04.22.07.20.28; author pgoyette; state Exp; branches; next 1.63.2.2; commitid W6xykws0Zbl4kpzA; 1.63.2.2 date 2018.05.02.07.20.24; author pgoyette; state Exp; branches; next 1.63.2.3; commitid o3kRuNRzl9360HAA; 1.63.2.3 date 2018.05.21.04.36.16; author pgoyette; state Exp; branches; next ; commitid X5L8kSrBWQcDt7DA; 1.49.2.1 date 2017.10.21.19.43.54; author snj; state Exp; branches; next 1.49.2.2; commitid oXGWsjkUnhTWjXbA; 1.49.2.2 date 2017.12.10.09.41.32; author snj; state Exp; branches; next 1.49.2.3; commitid dg6xdcf4JT9pnkiA; 1.49.2.3 date 2018.02.15.14.28.38; author martin; state Exp; branches; next ; commitid l8CPb8TvDPaNOXqA; 1.48.2.1 date 2017.05.19.00.22.58; author pgoyette; state Exp; branches; next ; commitid QNTxgGjVagwoSVRz; 1.42.2.1 date 2017.04.26.02.53.29; author pgoyette; state Exp; branches; next ; commitid ojV02aOSdzvBqZOz; 1.42.4.1 date 2017.04.21.16.54.06; author bouyer; state Exp; branches; next ; commitid dUG7nkTKALCadqOz; 1.31.2.1 date 2018.02.15.14.39.43; author martin; state Exp; branches; next 1.31.2.2; commitid tA0OsU3GKmeBSXqA; 1.31.2.2 date 2018.02.15.17.01.42; author martin; state Exp; branches; next ; commitid rvmY3nlNaqRiFYqA; 1.31.4.1 date 2015.04.06.15.18.23; author skrll; state Exp; branches; next 1.31.4.2; commitid pz01Zhy7RP6iGxgy; 1.31.4.2 date 2016.03.19.11.30.33; author skrll; state Exp; branches; next 1.31.4.3; commitid 2PHKtPSg1vDV9fZy; 1.31.4.3 date 2016.05.29.08.44.39; author skrll; state Exp; branches; next 1.31.4.4; commitid 8mlnPW6uSaJU1m8z; 1.31.4.4 date 2016.07.09.20.25.23; author skrll; state Exp; branches; next 1.31.4.5; commitid 6Uo6zNa4c5W4AGdz; 1.31.4.5 date 2017.08.28.17.53.13; author skrll; state Exp; branches; next ; commitid UQQpnjvcNkUZn05A; 1.31.6.1 date 2018.02.15.14.43.12; author martin; state Exp; branches; next 1.31.6.2; commitid DAZrUTVDiumNTXqA; 1.31.6.2 date 2018.02.15.17.52.52; author martin; state Exp; branches; next ; commitid q7YkyQlt1y7RWYqA; 1.31.10.1 date 2018.02.15.14.41.57; author martin; state Exp; branches; next 1.31.10.2; commitid GuUOtxBkwewmTXqA; 1.31.10.2 date 2018.02.15.17.51.38; author martin; state Exp; branches; next ; commitid R2jIEDQB6vWqWYqA; 1.29.2.1 date 2013.08.28.15.21.49; author rmind; state Exp; branches; next ; commitid 6VTytZQcOxQfze3x; 1.29.6.1 date 2014.08.10.06.56.34; author tls; state Exp; branches; next ; commitid EjsZm1tdjZ1ACMLx; 1.28.2.1 date 2014.05.22.11.41.10; author yamt; state Exp; branches; next ; commitid VUUXuyNWnt3AKwBx; 1.28.8.1 date 2018.02.15.14.49.00; author martin; state Exp; branches; next 1.28.8.2; commitid ju5CvYKKO2oMVXqA; 1.28.8.2 date 2018.03.13.17.18.15; author snj; state Exp; branches; next ; commitid zBsoXjVbilLaVjuA; 1.28.12.1 date 2013.06.23.06.20.26; author tls; state Exp; branches; next 1.28.12.2; commitid eVjr9caYRQbRGHUw; 1.28.12.2 date 2014.08.20.00.04.36; author tls; state Exp; branches; next 1.28.12.3; commitid jTnpym9Qu0o4R1Nx; 1.28.12.3 date 2017.12.03.11.39.05; author jdolecek; state Exp; branches; next ; commitid XcIYRZTAh1LmerhA; 1.28.14.1 date 2018.02.15.14.51.44; author martin; state Exp; branches; next 1.28.14.2; commitid fkd8UhsRd2lIWXqA; 1.28.14.2 date 2018.03.13.17.18.12; author snj; state Exp; branches; next ; commitid Hfplmxq5uqv9VjuA; 1.28.22.1 date 2018.02.15.14.50.17; author martin; state Exp; branches; next 1.28.22.2; commitid ARj32S5B8HtdWXqA; 1.28.22.2 date 2018.03.13.17.18.14; author snj; state Exp; branches; next ; commitid 0zu5Gho2jM2aVjuA; 1.26.2.1 date 2011.06.23.14.20.27; author cherry; state Exp; branches; next ; 1.24.22.1 date 2011.03.05.20.56.00; author rmind; state Exp; branches; next 1.24.22.2; 1.24.22.2 date 2011.06.12.00.24.31; author rmind; state Exp; branches; next ; 1.24.28.1 date 2011.06.06.09.10.01; author jruoho; state Exp; branches; next ; 1.24.30.1 date 2011.03.05.15.10.48; author bouyer; state Exp; branches; next ; 1.23.2.1 date 2008.05.16.02.25.45; author yamt; state Exp; branches; next ; 1.21.6.1 date 2008.06.02.13.24.28; author mjf; state Exp; branches; next ; 1.21.8.1 date 2008.05.18.12.35.40; author yamt; state Exp; branches; next ; 1.18.2.1 date 2007.12.08.18.21.19; author mjf; state Exp; branches; next 1.18.2.2; 1.18.2.2 date 2008.02.18.21.07.13; author mjf; state Exp; branches; next ; 1.18.4.1 date 2007.12.08.17.58.00; author ad; state Exp; branches; next ; 1.17.6.1 date 2007.12.09.16.04.07; author reinoud; state Exp; branches; next ; 1.17.14.1 date 2007.10.28.20.11.15; author joerg; state Exp; branches; next 1.17.14.2; 1.17.14.2 date 2007.12.09.19.38.40; author jmcneill; state Exp; branches; next ; 1.17.16.1 date 2007.11.06.23.34.14; author matt; state Exp; branches; next 1.17.16.2; 1.17.16.2 date 2008.01.09.01.57.43; author matt; state Exp; branches; next 1.17.16.3; 1.17.16.3 date 2008.03.23.02.05.07; author matt; state Exp; branches; next ; 1.17.20.1 date 2007.11.13.16.03.04; author bouyer; state Exp; branches; next ; 1.15.2.1 date 2007.03.12.06.00.12; author rmind; state Exp; branches; next ; 1.14.2.1 date 2007.05.24.19.13.12; author pavel; state Exp; branches; next 1.14.2.2; 1.14.2.2 date 2007.10.31.12.39.29; author liamjfoy; state Exp; branches; next ; 1.14.4.1 date 2007.06.04.01.54.28; author wrstuden; state Exp; branches; next 1.14.4.2; 1.14.4.2 date 2008.01.06.05.01.15; author wrstuden; state Exp; branches; next ; 1.12.20.1 date 2006.11.18.21.39.41; author ad; state Exp; branches; next ; 1.12.22.1 date 2006.10.22.06.07.39; author yamt; state Exp; branches; next 1.12.22.2; 1.12.22.2 date 2006.12.10.07.19.20; author yamt; state Exp; branches; next ; 1.11.2.1 date 2006.12.30.20.50.44; author yamt; state Exp; branches; next 1.11.2.2; 1.11.2.2 date 2007.02.26.09.11.57; author yamt; state Exp; branches; next 1.11.2.3; 1.11.2.3 date 2007.09.03.14.43.48; author yamt; state Exp; branches; next 1.11.2.4; 1.11.2.4 date 2007.11.15.11.45.17; author yamt; state Exp; branches; next 1.11.2.5; 1.11.2.5 date 2007.12.07.17.34.39; author yamt; state Exp; branches; next 1.11.2.6; 1.11.2.6 date 2008.01.21.09.47.27; author yamt; state Exp; branches; next 1.11.2.7; 1.11.2.7 date 2008.02.11.15.00.09; author yamt; state Exp; branches; next ; 1.10.2.1 date 2007.11.22.19.00.53; author bouyer; state Exp; branches; next ; 1.10.4.1 date 2007.11.22.19.01.37; author bouyer; state Exp; branches; next ; 1.10.6.1 date 2007.11.22.19.02.17; author bouyer; state Exp; branches; next ; 1.9.2.1 date 2007.12.01.17.33.15; author bouyer; state Exp; branches; next ; 1.9.4.1 date 2004.03.17.00.21.43; author skrll; state dead; branches; next 1.9.4.2; 1.9.4.2 date 2004.08.03.10.55.29; author skrll; state Exp; branches; next 1.9.4.3; 1.9.4.3 date 2004.09.18.14.55.32; author skrll; state Exp; branches; next 1.9.4.4; 1.9.4.4 date 2004.09.21.13.37.48; author skrll; state Exp; branches; next 1.9.4.5; 1.9.4.5 date 2005.03.04.16.53.44; author skrll; state Exp; branches; next 1.9.4.6; 1.9.4.6 date 2005.11.10.14.11.35; author skrll; state Exp; branches; next ; 1.9.8.1 date 2007.12.01.17.33.47; author bouyer; state Exp; branches; next ; 1.9.10.1 date 2005.04.29.11.29.35; author kent; state Exp; branches; next ; 1.9.12.1 date 2005.03.19.08.36.41; author yamt; state Exp; branches; next ; 1.9.16.1 date 2007.12.01.17.32.29; author bouyer; state Exp; branches; next ; desc @@ 1.78 log @netipsec: Nothing uses xf_zeroize return value. Nix it. @ text @/* $NetBSD: xform_ipip.c,v 1.77 2019/11/01 04:23:21 knakahara Exp $ */ /* $FreeBSD: xform_ipip.c,v 1.3.2.1 2003/01/24 05:11:36 sam Exp $ */ /* $OpenBSD: ip_ipip.c,v 1.25 2002/06/10 18:04:55 itojun Exp $ */ /* * The authors of this code are John Ioannidis (ji@@tla.org), * Angelos D. Keromytis (kermit@@csd.uch.gr) and * Niels Provos (provos@@physnet.uni-hamburg.de). * * The original version of this code was written by John Ioannidis * for BSD/OS in Athens, Greece, in November 1995. * * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996, * by Angelos D. Keromytis. * * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis * and Niels Provos. * * Additional features in 1999 by Angelos D. Keromytis. * * Copyright (C) 1995, 1996, 1997, 1998, 1999 by John Ioannidis, * Angelos D. Keromytis and Niels Provos. * Copyright (c) 2001, Angelos D. Keromytis. * * Permission to use, copy, and modify this software with or without fee * is hereby granted, provided that this entire notice is included in * all copies of any software which is or includes a copy or * modification of this software. * You may use this code under the GNU public license if you so wish. Please * contribute changes back to the authors under this freer than GPL license * so that we may further the use of strong encryption without limitations to * all. * * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR * PURPOSE. */ #include __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.77 2019/11/01 04:23:21 knakahara Exp $"); #if defined(_KERNEL_OPT) #include "opt_inet.h" #endif /* * IP-inside-IP processing. * * The input point is encapsw{4,6}, called via the encap callback. The * output point is ipip_output, called directly. XF_IP4 has no more * meaning here, ipe4_xformsw is dummy. */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef INET6 #include #include #include #include #endif #include #include /* XXX IPCOMP */ #define M_IPSEC (M_AUTHIPHDR|M_DECRYPTED) int ipip_spoofcheck = 1; percpu_t *ipipstat_percpu; static void _ipip_input(struct mbuf *, int); #ifdef INET6 static int ip4_input6(struct mbuf **m, int *offp, int proto, void *eparg __unused) { _ipip_input(*m, *offp); return IPPROTO_DONE; } #endif #ifdef INET static void ip4_input(struct mbuf *m, int off, int proto, void *eparg __unused) { _ipip_input(m, off); } #endif /* * _ipip_input gets called when we receive an IP{46} encapsulated packet, * because AH or ESP were being used in tunnel mode. */ static void _ipip_input(struct mbuf *m, int iphlen) { register struct sockaddr_in *sin; register struct ifnet *ifp; register struct ifaddr *ifa; pktqueue_t *pktq = NULL; struct ip *ip4 = NULL; #ifdef INET6 register struct sockaddr_in6 *sin6; struct ip6_hdr *ip6 = NULL; uint8_t itos; #endif uint8_t otos; uint8_t v; int hlen; IPIP_STATINC(IPIP_STAT_IPACKETS); m_copydata(m, 0, 1, &v); switch (v >> 4) { #ifdef INET case 4: hlen = sizeof(struct ip); break; #endif #ifdef INET6 case 6: hlen = sizeof(struct ip6_hdr); break; #endif default: DPRINTF("bad protocol version 0x%x (%u) " "for outer header\n", v, v>>4); IPIP_STATINC(IPIP_STAT_FAMILY); m_freem(m); return; } /* Bring the IP header in the first mbuf, if not there already */ if (m->m_len < hlen) { if ((m = m_pullup(m, hlen)) == NULL) { DPRINTF("m_pullup (1) failed\n"); IPIP_STATINC(IPIP_STAT_HDROPS); return; } } /* Keep outer ecn field. */ switch (v >> 4) { #ifdef INET case 4: otos = mtod(m, struct ip *)->ip_tos; break; #endif #ifdef INET6 case 6: otos = (ntohl(mtod(m, struct ip6_hdr *)->ip6_flow) >> 20) & 0xff; break; #endif default: panic("%s: impossible (1)", __func__); } /* Remove outer IP header */ m_adj(m, iphlen); /* Sanity check */ if (m->m_pkthdr.len < sizeof(struct ip)) { IPIP_STATINC(IPIP_STAT_HDROPS); m_freem(m); return; } m_copydata(m, 0, 1, &v); switch (v >> 4) { #ifdef INET case 4: hlen = sizeof(struct ip); pktq = ip_pktq; break; #endif #ifdef INET6 case 6: hlen = sizeof(struct ip6_hdr); pktq = ip6_pktq; break; #endif default: DPRINTF("bad protocol version %#x (%u) " "for inner header\n", v, v >> 4); IPIP_STATINC(IPIP_STAT_FAMILY); m_freem(m); return; } /* * Bring the inner IP header in the first mbuf, if not there already. */ if (m->m_len < hlen) { if ((m = m_pullup(m, hlen)) == NULL) { DPRINTF("m_pullup (2) failed\n"); IPIP_STATINC(IPIP_STAT_HDROPS); return; } } /* * RFC 1853 specifies that the inner TTL should not be touched on * decapsulation. There's no reason this comment should be here, but * this is as good as any a position. */ /* Some sanity checks in the inner IP header */ switch (v >> 4) { #ifdef INET case 4: ip4 = mtod(m, struct ip *); ip_ecn_egress(ip4_ipsec_ecn, &otos, &ip4->ip_tos); break; #endif #ifdef INET6 case 6: ip6 = mtod(m, struct ip6_hdr *); itos = (ntohl(ip6->ip6_flow) >> 20) & 0xff; ip_ecn_egress(ip6_ipsec_ecn, &otos, &itos); ip6->ip6_flow &= ~htonl(0xff << 20); ip6->ip6_flow |= htonl((uint32_t)itos << 20); break; #endif default: panic("%s: impossible (2)", __func__); } /* Check for local address spoofing. */ if ((m_get_rcvif_NOMPSAFE(m) == NULL || !(m_get_rcvif_NOMPSAFE(m)->if_flags & IFF_LOOPBACK)) && ipip_spoofcheck) { int s = pserialize_read_enter(); IFNET_READER_FOREACH(ifp) { IFADDR_READER_FOREACH(ifa, ifp) { #ifdef INET if (ip4) { if (ifa->ifa_addr->sa_family != AF_INET) continue; sin = (struct sockaddr_in *)ifa->ifa_addr; if (sin->sin_addr.s_addr == ip4->ip_src.s_addr) { pserialize_read_exit(s); IPIP_STATINC(IPIP_STAT_SPOOF); m_freem(m); return; } } #endif #ifdef INET6 if (ip6) { if (ifa->ifa_addr->sa_family != AF_INET6) continue; sin6 = (struct sockaddr_in6 *)ifa->ifa_addr; if (IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr, &ip6->ip6_src)) { pserialize_read_exit(s); IPIP_STATINC(IPIP_STAT_SPOOF); m_freem(m); return; } } #endif } } pserialize_read_exit(s); } /* Statistics: m->m_pkthdr.len is the length of the inner packet */ IPIP_STATADD(IPIP_STAT_IBYTES, m->m_pkthdr.len); /* * Interface pointer stays the same; if no IPsec processing has * been done (or will be done), this will point to a normal * interface. Otherwise, it'll point to an enc interface, which * will allow a packet filter to distinguish between secure and * untrusted packets. */ int s = splnet(); if (__predict_false(!pktq_enqueue(pktq, m, 0))) { IPIP_STATINC(IPIP_STAT_QFULL); m_freem(m); } splx(s); } int ipip_output(struct mbuf *m, struct secasvar *sav, struct mbuf **mp) { char buf[IPSEC_ADDRSTRLEN]; uint8_t tp, otos; struct secasindex *saidx; int error, iphlen; #ifdef INET uint8_t itos; struct ip *ipo; #endif #ifdef INET6 struct ip6_hdr *ip6, *ip6o; #endif KASSERT(sav != NULL); /* XXX Deal with empty TDB source/destination addresses. */ m_copydata(m, 0, 1, &tp); tp = (tp >> 4) & 0xff; /* Get the IP version number. */ saidx = &sav->sah->saidx; switch (saidx->dst.sa.sa_family) { #ifdef INET case AF_INET: if (saidx->src.sa.sa_family != AF_INET || saidx->src.sin.sin_addr.s_addr == INADDR_ANY || saidx->dst.sin.sin_addr.s_addr == INADDR_ANY) { DPRINTF("unspecified tunnel endpoint " "address in SA %s/%08lx\n", ipsec_address(&saidx->dst, buf, sizeof(buf)), (u_long)ntohl(sav->spi)); IPIP_STATINC(IPIP_STAT_UNSPEC); error = EINVAL; goto bad; } M_PREPEND(m, sizeof(struct ip), M_DONTWAIT); if (m == NULL) { DPRINTF("M_PREPEND failed\n"); IPIP_STATINC(IPIP_STAT_HDROPS); error = ENOBUFS; goto bad; } iphlen = sizeof(struct ip); ipo = mtod(m, struct ip *); ipo->ip_v = IPVERSION; ipo->ip_hl = 5; ipo->ip_len = htons(m->m_pkthdr.len); ipo->ip_ttl = ip_defttl; ipo->ip_sum = 0; ipo->ip_src = saidx->src.sin.sin_addr; ipo->ip_dst = saidx->dst.sin.sin_addr; ipo->ip_id = ip_newid(NULL); /* If the inner protocol is IP... */ if (tp == IPVERSION) { /* Save ECN notification */ m_copydata(m, sizeof(struct ip) + offsetof(struct ip, ip_tos), sizeof(uint8_t), &itos); ipo->ip_p = IPPROTO_IPIP; /* * We should be keeping tunnel soft-state and * send back ICMPs if needed. */ m_copydata(m, sizeof(struct ip) + offsetof(struct ip, ip_off), sizeof(uint16_t), &ipo->ip_off); ipo->ip_off &= ~ htons(IP_DF | IP_MF | IP_OFFMASK); } #ifdef INET6 else if (tp == (IPV6_VERSION >> 4)) { uint32_t itos32; /* Save ECN notification. */ m_copydata(m, sizeof(struct ip) + offsetof(struct ip6_hdr, ip6_flow), sizeof(uint32_t), &itos32); itos = ntohl(itos32) >> 20; ipo->ip_p = IPPROTO_IPV6; ipo->ip_off = 0; } #endif else { goto nofamily; } otos = 0; ip_ecn_ingress(ECN_ALLOWED, &otos, &itos); ipo->ip_tos = otos; break; #endif /* INET */ #ifdef INET6 case AF_INET6: if (IN6_IS_ADDR_UNSPECIFIED(&saidx->dst.sin6.sin6_addr) || saidx->src.sa.sa_family != AF_INET6 || IN6_IS_ADDR_UNSPECIFIED(&saidx->src.sin6.sin6_addr)) { DPRINTF("unspecified tunnel endpoint " "address in SA %s/%08lx\n", ipsec_address(&saidx->dst, buf, sizeof(buf)), (u_long)ntohl(sav->spi)); IPIP_STATINC(IPIP_STAT_UNSPEC); error = ENOBUFS; goto bad; } if (tp == (IPV6_VERSION >> 4)) { /* scoped address handling */ ip6 = mtod(m, struct ip6_hdr *); if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_src)) ip6->ip6_src.s6_addr16[1] = 0; if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_dst)) ip6->ip6_dst.s6_addr16[1] = 0; } M_PREPEND(m, sizeof(struct ip6_hdr), M_DONTWAIT); if (m == NULL) { DPRINTF("M_PREPEND failed\n"); IPIP_STATINC(IPIP_STAT_HDROPS); error = ENOBUFS; goto bad; } iphlen = sizeof(struct ip6_hdr); /* Initialize IPv6 header */ ip6o = mtod(m, struct ip6_hdr *); ip6o->ip6_flow = 0; ip6o->ip6_vfc &= ~IPV6_VERSION_MASK; ip6o->ip6_vfc |= IPV6_VERSION; ip6o->ip6_plen = htons(m->m_pkthdr.len - sizeof(*ip6o)); ip6o->ip6_hlim = ip_defttl; ip6o->ip6_dst = saidx->dst.sin6.sin6_addr; ip6o->ip6_src = saidx->src.sin6.sin6_addr; if (IN6_IS_SCOPE_LINKLOCAL(&ip6o->ip6_dst)) ip6o->ip6_dst.s6_addr16[1] = htons(saidx->dst.sin6.sin6_scope_id); if (IN6_IS_SCOPE_LINKLOCAL(&ip6o->ip6_src)) ip6o->ip6_src.s6_addr16[1] = htons(saidx->src.sin6.sin6_scope_id); #ifdef INET if (tp == IPVERSION) { /* Save ECN notification */ m_copydata(m, sizeof(struct ip6_hdr) + offsetof(struct ip, ip_tos), sizeof(uint8_t), &itos); /* This is really IPVERSION. */ ip6o->ip6_nxt = IPPROTO_IPIP; } else #endif if (tp == (IPV6_VERSION >> 4)) { uint32_t itos32; /* Save ECN notification. */ m_copydata(m, sizeof(struct ip6_hdr) + offsetof(struct ip6_hdr, ip6_flow), sizeof(uint32_t), &itos32); itos = ntohl(itos32) >> 20; ip6o->ip6_nxt = IPPROTO_IPV6; } else { goto nofamily; } otos = 0; ip_ecn_ingress(ECN_ALLOWED, &otos, &itos); ip6o->ip6_flow |= htonl((uint32_t)otos << 20); break; #endif /* INET6 */ default: nofamily: DPRINTF("unsupported protocol family %u\n", saidx->dst.sa.sa_family); IPIP_STATINC(IPIP_STAT_FAMILY); error = EAFNOSUPPORT; goto bad; } IPIP_STATINC(IPIP_STAT_OPACKETS); IPIP_STATADD(IPIP_STAT_OBYTES, m->m_pkthdr.len - iphlen); *mp = m; return 0; bad: if (m) m_freem(m); *mp = NULL; return error; } #ifdef INET static struct encapsw ipe4_encapsw = { .encapsw4 = { .pr_input = ip4_input, .pr_ctlinput = NULL, } }; #endif #ifdef INET6 static struct encapsw ipe4_encapsw6 = { .encapsw6 = { .pr_input = ip4_input6, .pr_ctlinput = NULL, } }; #endif /* * Check the encapsulated packet to see if we want it */ static int ipe4_encapcheck(struct mbuf *m, int off, int proto, void *arg) { /* * Only take packets coming from IPSEC tunnels; the rest * must be handled by the gif tunnel code. Note that we * also return a minimum priority when we want the packet * so any explicit gif tunnels take precedence. */ return ((m->m_flags & M_IPSEC) != 0 ? 1 : 0); } /* -------------------------------------------------------------------------- */ static int ipe4_init(struct secasvar *sav, const struct xformsw *xsp) { sav->tdb_xform = xsp; return 0; } static void ipe4_zeroize(struct secasvar *sav) { sav->tdb_xform = NULL; } static int ipe4_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) { /* This is a rather serious mistake, so no conditional printing. */ printf("should never be called\n"); if (m) m_freem(m); return EOPNOTSUPP; } static int ipe4_output(struct mbuf *m, const struct ipsecrequest *isr, struct secasvar *sav, int skip, int protoff, int flags) { panic("%s: should not have been called", __func__); } static struct xformsw ipe4_xformsw = { .xf_type = XF_IP4, .xf_flags = 0, .xf_name = "IPv4 Simple Encapsulation", .xf_init = ipe4_init, .xf_zeroize = ipe4_zeroize, .xf_input = ipe4_input, .xf_output = ipe4_output, .xf_next = NULL, }; /* -------------------------------------------------------------------------- */ void ipe4_attach(void) { ipipstat_percpu = percpu_alloc(sizeof(uint64_t) * IPIP_NSTATS); xform_register(&ipe4_xformsw); /* attach to encapsulation framework */ /* XXX save return cookie for detach on module remove */ encapinit(); /* This function is called before ifinit(). Who else gets lock? */ (void)encap_lock_enter(); /* ipe4_encapsw and ipe4_encapsw must be added atomically */ #ifdef INET (void)encap_attach_func(AF_INET, -1, ipe4_encapcheck, &ipe4_encapsw, NULL); #endif #ifdef INET6 (void)encap_attach_func(AF_INET6, -1, ipe4_encapcheck, &ipe4_encapsw6, NULL); #endif encap_lock_exit(); } @ 1.77 log @Fix ipsecif(4) IPV6_MINMTU does not work correctly. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.76 2019/06/12 22:23:50 christos Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.76 2019/06/12 22:23:50 christos Exp $"); d559 1 a559 1 static int a562 1 return 0; @ 1.76 log @make DPRINTF use varyadic cpp macros, and merge with IPSECLOG. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.75 2019/01/27 02:08:48 pgoyette Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.75 2019/01/27 02:08:48 pgoyette Exp $"); d578 1 a578 1 struct secasvar *sav, int skip, int protoff) @ 1.75 log @Merge the [pgoyette-compat] branch @ text @d1 1 a1 1 /* $NetBSD$ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.74 2018/05/07 09:33:51 maxv Exp $"); d150 2 a151 2 DPRINTF(("%s: bad protocol version 0x%x (%u) " "for outer header\n", __func__, v, v>>4)); d160 1 a160 1 DPRINTF(("%s: m_pullup (1) failed\n", __func__)); d208 2 a209 2 DPRINTF(("%s: bad protocol version %#x (%u) " "for inner header\n", __func__, v, v >> 4)); d220 1 a220 1 DPRINTF(("%s: m_pullup (2) failed\n", __func__)); d348 2 a349 2 DPRINTF(("%s: unspecified tunnel endpoint " "address in SA %s/%08lx\n", __func__, d351 1 a351 1 (u_long)ntohl(sav->spi))); d359 1 a359 1 DPRINTF(("%s: M_PREPEND failed\n", __func__)); d423 2 a424 2 DPRINTF(("%s: unspecified tunnel endpoint " "address in SA %s/%08lx\n", __func__, d426 1 a426 1 (u_long)ntohl(sav->spi))); d443 1 a443 1 DPRINTF(("%s: M_PREPEND failed\n", __func__)); d498 2 a499 2 DPRINTF(("%s: unsupported protocol family %u\n", __func__, saidx->dst.sa.sa_family)); d570 1 a570 1 printf("%s: should never be called\n", __func__); @ 1.74 log @Remove a dummy reference to XF_IP4, explain briefly why we don't use ipe4_xformsw, and remove unused includes. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.73 2018/05/07 09:25:04 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.73 2018/05/07 09:25:04 maxv Exp $"); @ 1.74.2.1 log @Sync with HEAD @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.75 2019/01/27 02:08:48 pgoyette Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.75 2019/01/27 02:08:48 pgoyette Exp $"); @ 1.74.2.2 log @Mostly merge changes from HEAD upto 20200411 @ text @d1 1 a1 1 /* $NetBSD$ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD$"); d150 2 a151 2 DPRINTF("bad protocol version 0x%x (%u) " "for outer header\n", v, v>>4); d160 1 a160 1 DPRINTF("m_pullup (1) failed\n"); d208 2 a209 2 DPRINTF("bad protocol version %#x (%u) " "for inner header\n", v, v >> 4); d220 1 a220 1 DPRINTF("m_pullup (2) failed\n"); d348 2 a349 2 DPRINTF("unspecified tunnel endpoint " "address in SA %s/%08lx\n", d351 1 a351 1 (u_long)ntohl(sav->spi)); d359 1 a359 1 DPRINTF("M_PREPEND failed\n"); d423 2 a424 2 DPRINTF("unspecified tunnel endpoint " "address in SA %s/%08lx\n", d426 1 a426 1 (u_long)ntohl(sav->spi)); d443 1 a443 1 DPRINTF("M_PREPEND failed\n"); d498 2 a499 2 DPRINTF("unsupported protocol family %u\n", saidx->dst.sa.sa_family); d570 1 a570 1 printf("should never be called\n"); d578 1 a578 1 struct secasvar *sav, int skip, int protoff, int flags) @ 1.73 log @Remove now unused 'isr', 'skip' and 'protoff' arguments from ipip_output. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.72 2018/05/07 09:16:46 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.72 2018/05/07 09:16:46 maxv Exp $"); a43 3 /* * IP-inside-IP processing */ d48 8 a58 1 #include a60 1 #include a62 2 #include #include @ 1.72 log @Remove unused 'mp' argument from all the xf_output functions. Also clean up xform.h a bit. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.71 2018/05/07 09:08:06 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.71 2018/05/07 09:08:06 maxv Exp $"); d319 1 a319 2 ipip_output(struct mbuf *m, const struct ipsecrequest *isr, struct secasvar *sav, struct mbuf **mp, int skip, int protoff) @ 1.71 log @Clarify IPIP: ipe4_xformsw is not allowed to call ipip_output, so replace the pointer by ipe4_output, which just panics. Group the ipe4_* functions together. Localify other functions. ok ozaki-r@@ @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.70 2018/04/29 14:35:35 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.70 2018/04/29 14:35:35 maxv Exp $"); d578 1 a578 1 struct secasvar *sav, struct mbuf **mp, int skip, int protoff) @ 1.70 log @Remove obsolete/dead code, the IP-in-IP encapsulation doesn't work this way anymore (XF_IP4 partly dropped by FAST_IPSEC). @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.69 2018/04/28 15:45:16 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.69 2018/04/28 15:45:16 maxv Exp $"); a92 2 void ipe4_attach(void); d96 1 a96 1 int d105 1 a105 1 void d518 34 d576 7 d590 1 a590 1 .xf_output = ipip_output, d594 1 a594 31 #ifdef INET static struct encapsw ipe4_encapsw = { .encapsw4 = { .pr_input = ip4_input, .pr_ctlinput = NULL, } }; #endif #ifdef INET6 static struct encapsw ipe4_encapsw6 = { .encapsw6 = { .pr_input = ip4_input6, .pr_ctlinput = NULL, } }; #endif /* * Check the encapsulated packet to see if we want it */ static int ipe4_encapcheck(struct mbuf *m, int off, int proto, void *arg) { /* * Only take packets coming from IPSEC tunnels; the rest * must be handled by the gif tunnel code. Note that we * also return a minimum priority when we want the packet * so any explicit gif tunnels take precedence. */ return ((m->m_flags & M_IPSEC) != 0 ? 1 : 0); } @ 1.69 log @Remove IPSEC_SPLASSERT_SOFTNET, it has always been a no-op. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.68 2018/04/24 08:07:06 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.68 2018/04/24 08:07:06 maxv Exp $"); a508 4 #if 0 if (sav->tdb_xform->xf_type == XF_IP4) tdb->tdb_cur_bytes += m->m_pkthdr.len - iphlen; #endif @ 1.68 log @Remove the M_AUTHIPDGM flag. It is equivalent to M_AUTHIPHDR, both are set in IPsec-AH, and they are always handled together. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.67 2018/04/22 10:25:40 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.67 2018/04/22 10:25:40 maxv Exp $"); a335 1 IPSEC_SPLASSERT_SOFTNET(__func__); @ 1.67 log @Rename ipip_allow->ipip_spoofcheck, and add net.inet.ipsec.ipip_spoofcheck. Makes it simpler, and also fixes PR/39919. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.66 2018/04/19 08:27:39 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.66 2018/04/19 08:27:39 maxv Exp $"); d88 1 a88 1 #define M_IPSEC (M_AUTHIPHDR|M_AUTHIPDGM|M_DECRYPTED) @ 1.66 log @Remove extra long file paths from the headers. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.65 2018/04/19 08:16:44 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.65 2018/04/19 08:16:44 maxv Exp $"); d90 1 a90 1 int ipip_allow = 0; d257 1 a257 1 ipip_allow != 2) { @ 1.65 log @Remove unused typedef, remove unused arguments from _ipip_input, sync comment with reality, and change panic message. @ text @d1 2 a2 2 /* $NetBSD: xform_ipip.c,v 1.64 2018/04/18 06:43:10 maxv Exp $ */ /* $FreeBSD: src/sys/netipsec/xform_ipip.c,v 1.3.2.1 2003/01/24 05:11:36 sam Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.64 2018/04/18 06:43:10 maxv Exp $"); @ 1.64 log @style @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.63 2018/02/15 10:41:51 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.63 2018/02/15 10:41:51 maxv Exp $"); a89 2 typedef void pr_in_input_t(struct mbuf *m, ...); d95 1 a95 1 static void _ipip_input(struct mbuf *m, int iphlen, struct ifnet *gifp); d101 1 a101 1 _ipip_input(*m, *offp, NULL); d110 1 a110 1 _ipip_input(m, off, NULL); d115 2 a116 4 * ipip_input gets called when we receive an IP{46} encapsulated packet, * either because we got it at a real interface, or because AH or ESP * were being used in tunnel mode (in which case the rcvif element will * contain the address of the encX interface associated with the tunnel). d119 1 a119 1 _ipip_input(struct mbuf *m, int iphlen, struct ifnet *gifp) d180 1 a180 1 panic("%s: unknown ip version %u (outer)", __func__, v >> 4); d251 1 a251 1 panic("%s: unknown ip version %u (inner)", __func__, v>>4); @ 1.63 log @Remove broken MROUTING code, rename ipo->ip4, and simplify. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.62 2018/02/15 10:28:49 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.62 2018/02/15 10:28:49 maxv Exp $"); d271 1 a271 1 sin = (struct sockaddr_in *) ifa->ifa_addr; d281 1 a281 1 #endif /* INET */ d289 1 a289 1 sin6 = (struct sockaddr_in6 *) ifa->ifa_addr; d299 1 a299 1 #endif /* INET6 */ d358 1 a358 1 (u_long) ntohl(sav->spi))); d414 1 a414 1 #endif /* INET6 */ d433 1 a433 1 (u_long) ntohl(sav->spi))); d482 1 a482 1 #endif /* INET */ d499 1 a499 1 ip6o->ip6_flow |= htonl((uint32_t) otos << 20); @ 1.63.2.1 log @Sync with HEAD @ text @d1 2 a2 2 /* $NetBSD: xform_ipip.c,v 1.66 2018/04/19 08:27:39 maxv Exp $ */ /* $FreeBSD: xform_ipip.c,v 1.3.2.1 2003/01/24 05:11:36 sam Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.66 2018/04/19 08:27:39 maxv Exp $"); d90 2 d97 1 a97 1 static void _ipip_input(struct mbuf *, int); d103 1 a103 1 _ipip_input(*m, *offp); d112 1 a112 1 _ipip_input(m, off); d117 4 a120 2 * _ipip_input gets called when we receive an IP{46} encapsulated packet, * because AH or ESP were being used in tunnel mode. d123 1 a123 1 _ipip_input(struct mbuf *m, int iphlen) d184 1 a184 1 panic("%s: impossible (1)", __func__); d255 1 a255 1 panic("%s: impossible (2)", __func__); d271 1 a271 1 sin = (struct sockaddr_in *)ifa->ifa_addr; d281 1 a281 1 #endif d289 1 a289 1 sin6 = (struct sockaddr_in6 *)ifa->ifa_addr; d299 1 a299 1 #endif d358 1 a358 1 (u_long)ntohl(sav->spi))); d414 1 a414 1 #endif d433 1 a433 1 (u_long)ntohl(sav->spi))); d482 1 a482 1 #endif d499 1 a499 1 ip6o->ip6_flow |= htonl((uint32_t)otos << 20); @ 1.63.2.2 log @Synch with HEAD @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.70 2018/04/29 14:35:35 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.70 2018/04/29 14:35:35 maxv Exp $"); d88 1 a88 1 #define M_IPSEC (M_AUTHIPHDR|M_DECRYPTED) d90 1 a90 1 int ipip_spoofcheck = 1; d257 1 a257 1 ipip_spoofcheck) { d336 1 d510 4 @ 1.63.2.3 log @Sync with HEAD @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.74 2018/05/07 09:33:51 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.74 2018/05/07 09:33:51 maxv Exp $"); d44 3 a50 8 /* * IP-inside-IP processing. * * The input point is encapsw{4,6}, called via the encap callback. The * output point is ipip_output, called directly. XF_IP4 has no more * meaning here, ipe4_xformsw is dummy. */ d54 1 d57 1 d60 2 d93 2 d98 1 a98 1 static int d107 1 a107 1 static void d321 2 a322 1 ipip_output(struct mbuf *m, struct secasvar *sav, struct mbuf **mp) a519 34 #ifdef INET static struct encapsw ipe4_encapsw = { .encapsw4 = { .pr_input = ip4_input, .pr_ctlinput = NULL, } }; #endif #ifdef INET6 static struct encapsw ipe4_encapsw6 = { .encapsw6 = { .pr_input = ip4_input6, .pr_ctlinput = NULL, } }; #endif /* * Check the encapsulated packet to see if we want it */ static int ipe4_encapcheck(struct mbuf *m, int off, int proto, void *arg) { /* * Only take packets coming from IPSEC tunnels; the rest * must be handled by the gif tunnel code. Note that we * also return a minimum priority when we want the packet * so any explicit gif tunnels take precedence. */ return ((m->m_flags & M_IPSEC) != 0 ? 1 : 0); } /* -------------------------------------------------------------------------- */ a543 7 static int ipe4_output(struct mbuf *m, const struct ipsecrequest *isr, struct secasvar *sav, int skip, int protoff) { panic("%s: should not have been called", __func__); } d551 1 a551 1 .xf_output = ipe4_output, d555 31 a585 1 /* -------------------------------------------------------------------------- */ @ 1.62 log @Fix the IPIP_STAT_IBYTES stats; we did m_adj(m, iphlen) which substracted iphlen, so no need to re-substract it again. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.61 2018/02/15 10:21:39 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.61 2018/02/15 10:21:39 maxv Exp $"); a76 4 #ifdef MROUTING #include #endif d129 1 a129 1 struct ip *ipo; a170 12 ipo = mtod(m, struct ip *); #ifdef MROUTING /* XXX: DEAD AND BROKEN! */ if (ipo->ip_v == IPVERSION && ipo->ip_p == IPPROTO_IPV4) { if (IN_MULTICAST(((struct ip *)((char *)ipo + iphlen))->ip_dst.s_addr)) { ipip_mroute_input(m, iphlen); return; } } #endif d175 1 a175 1 otos = ipo->ip_tos; d241 2 a242 2 ipo = mtod(m, struct ip *); ip_ecn_egress(ip4_ipsec_ecn, &otos, &ipo->ip_tos); a246 1 ipo = NULL; d251 1 a251 1 ip6->ip6_flow |= htonl((uint32_t) itos << 20); d266 1 a266 1 if (ipo) { d274 1 a274 1 ipo->ip_src.s_addr) { @ 1.61 log @dedup again @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.60 2018/02/15 10:09:53 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.60 2018/02/15 10:09:53 maxv Exp $"); d322 2 a323 2 /* Statistics */ IPIP_STATADD(IPIP_STAT_IBYTES, m->m_pkthdr.len - iphlen); @ 1.60 log @dedup @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.59 2018/02/15 10:04:43 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.59 2018/02/15 10:04:43 maxv Exp $"); d219 1 d225 1 a332 15 switch (v >> 4) { #ifdef INET case 4: pktq = ip_pktq; break; #endif #ifdef INET6 case 6: pktq = ip6_pktq; break; #endif default: panic("%s: should never reach here", __func__); } @ 1.59 log @Style and remove dead code. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.58 2018/01/24 14:39:14 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.58 2018/01/24 14:39:14 maxv Exp $"); d361 1 a361 1 int error; d402 2 a404 1 d486 2 d538 1 a538 1 error = EAFNOSUPPORT; /* XXX diffs from openbsd */ d543 1 a543 4 *mp = m; #ifdef INET if (saidx->dst.sa.sa_family == AF_INET) { d545 2 a546 3 if (sav->tdb_xform->xf_type == XF_IP4) tdb->tdb_cur_bytes += m->m_pkthdr.len - sizeof(struct ip); a547 16 IPIP_STATADD(IPIP_STAT_OBYTES, m->m_pkthdr.len - sizeof(struct ip)); } #endif /* INET */ #ifdef INET6 if (saidx->dst.sa.sa_family == AF_INET6) { #if 0 if (sav->tdb_xform->xf_type == XF_IP4) tdb->tdb_cur_bytes += m->m_pkthdr.len - sizeof(struct ip6_hdr); #endif IPIP_STATADD(IPIP_STAT_OBYTES, m->m_pkthdr.len - sizeof(struct ip6_hdr)); } #endif /* INET6 */ d549 1 @ 1.58 log @style @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.57 2018/01/24 14:37:34 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.57 2018/01/24 14:37:34 maxv Exp $"); d91 2 a92 1 typedef void pr_in_input_t (struct mbuf *m, ...); d94 1 a94 5 /* * We can control the acceptance of IP4 packets by altering the sysctl * net.inet.ipip.allow value. Zero means drop them, all else is acceptance. */ int ipip_allow = 0; d96 1 a98 10 #ifdef SYSCTL_DECL SYSCTL_DECL(_net_inet_ipip); SYSCTL_INT(_net_inet_ipip, OID_AUTO, ipip_allow, CTLFLAG_RW, &ipip_allow, 0, ""); SYSCTL_STRUCT(_net_inet_ipip, IPSECCTL_STATS, stats, CTLFLAG_RD, &ipipstat, ipipstat, ""); #endif a100 4 /* XXX IPCOMP */ #define M_IPSEC (M_AUTHIPHDR|M_AUTHIPDGM|M_DECRYPTED) a103 3 /* * Really only a wrapper for ipip_input(), for use with IPv6. */ a106 9 #if 0 /* If we do not accept IP-in-IP explicitly, drop. */ if (!ipip_allow && ((*m)->m_flags & M_IPSEC) == 0) { DPRINTF(("%s: dropped due to policy\n", __func__)); IPIP_STATINC(IPIP_STAT_PDROPS); m_freem(*m); return IPPROTO_DONE; } #endif d110 1 a110 1 #endif /* INET6 */ a112 3 /* * Really only a wrapper for ipip_input(), for use with IPv4. */ a115 11 #if 0 /* If we do not accept IP-in-IP explicitly, drop. */ if (!ipip_allow && (m->m_flags & M_IPSEC) == 0) { DPRINTF(("%s: dropped due to policy\n", __func__)); IPIP_STATINC(IPIP_STAT_PDROPS); m_freem(m); return; } #endif d118 1 a118 1 #endif /* INET */ d124 1 a124 1 * contain the address of the encX interface associated with the tunnel. a125 1 d152 1 a152 1 #endif /* INET */ d163 1 a163 1 return /* EAFNOSUPPORT */; d178 1 d180 2 a181 2 if (IN_MULTICAST(((struct ip *)((char *) ipo + iphlen))->ip_dst.s_addr)) { ipip_mroute_input (m, iphlen); d185 1 a185 1 #endif /* MROUTING */ d193 1 a193 1 #endif /* INET */ d220 1 a220 2 #endif /* INET */ d231 1 a231 1 return; /* EAFNOSUPPORT */ d258 1 a258 1 #endif /* INET */ d355 2 a356 8 ipip_output( struct mbuf *m, const struct ipsecrequest *isr, struct secasvar *sav, struct mbuf **mp, int skip, int protoff ) d365 1 a365 1 #endif /* INET */ d368 1 a368 1 #endif /* INET6 */ d395 1 a395 1 if (m == 0) { d478 1 a478 1 if (m == 0) { d510 8 a517 2 if (tp == (IPV6_VERSION >> 4)) { uint32_t itos32; d519 4 a522 10 /* Save ECN notification. */ m_copydata(m, sizeof(struct ip6_hdr) + offsetof(struct ip6_hdr, ip6_flow), sizeof(uint32_t), &itos32); itos = ntohl(itos32) >> 20; ip6o->ip6_nxt = IPPROTO_IPV6; } else { goto nofamily; } d550 1 a550 1 m->m_pkthdr.len - sizeof(struct ip)); d567 1 d572 1 a572 1 return (error); d590 1 a590 6 ipe4_input( struct mbuf *m, struct secasvar *sav, int skip, int protoff ) d631 1 a631 5 ipe4_encapcheck(struct mbuf *m, int off, int proto, void *arg ) d657 2 a658 2 (void) encap_attach_func(AF_INET, -1, ipe4_encapcheck, &ipe4_encapsw, NULL); d661 2 a662 2 (void) encap_attach_func(AF_INET6, -1, ipe4_encapcheck, &ipe4_encapsw6, NULL); @ 1.57 log @As I said in my last commit in this file, ipo should be set to NULL; otherwise the 'local address spoofing' check below is always wrong on IPv6. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.56 2018/01/14 16:36:04 maxv Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.56 2018/01/14 16:36:04 maxv Exp $"); d192 1 a192 1 case 4: d197 1 a197 1 case 6: d201 1 a201 1 default: d259 1 a259 1 case 4: d265 1 a265 1 case 6: d297 2 a298 2 case 4: ipo = mtod(m, struct ip *); d300 1 a300 1 break; d303 1 a303 1 case 6: d310 1 a310 1 break; @ 1.56 log @Fix use-after-free. There is a path where the mbuf gets pulled up without a proper mtod afterwards: 218 ipo = mtod(m, struct ip *); 281 m = m_pullup(m, hlen); 232 ipo->ip_src.s_addr Found by Mootja. Meanwhile it seems to me that 'ipo' should be set to NULL if the inner packet is IPv6, but I'll revisit that later. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.55 2017/11/15 10:42:41 knakahara Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.55 2017/11/15 10:42:41 knakahara Exp $"); d304 2 a305 2 ipo = mtod(m, struct ip *); ip6 = (struct ip6_hdr *)ipo; @ 1.55 log @Add argument to encapsw->pr_input() instead of m_tag. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.54 2017/10/03 08:56:52 ozaki-r Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.54 2017/10/03 08:56:52 ozaki-r Exp $"); d304 2 a305 1 ip6 = (struct ip6_hdr *) ipo; @ 1.54 log @Constify isr at many places (NFC) @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.53 2017/07/14 12:26:26 ozaki-r Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.53 2017/07/14 12:26:26 ozaki-r Exp $"); d124 1 a124 1 ip4_input6(struct mbuf **m, int *offp, int proto) d145 1 a145 1 ip4_input(struct mbuf *m, int off, int proto) @ 1.53 log @Prepare to stop using isr->sav isr is a shared resource and using isr->sav as a temporal storage for each packet processing is racy. And also having a reference from isr to sav makes the lifetime of sav non-deterministic; such a reference is removed when a packet is processed and isr->sav is overwritten by new one. Let's have a sav locally for each packet processing instead of using shared isr->sav. However this change doesn't stop using isr->sav yet because there are some users of isr->sav. isr->sav will be removed after the users find a way to not use isr->sav. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.52 2017/07/14 01:24:23 ozaki-r Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.52 2017/07/14 01:24:23 ozaki-r Exp $"); d399 1 a399 1 struct ipsecrequest *isr, @ 1.52 log @Pass sav directly to opencrypto callback In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.51 2017/07/12 07:00:40 ozaki-r Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.51 2017/07/12 07:00:40 ozaki-r Exp $"); d400 1 a406 1 struct secasvar *sav; d419 1 a419 3 KASSERT(isr->sav != NULL); sav = isr->sav; @ 1.51 log @Omit unnecessary NULL checks for sav->sah @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.50 2017/06/29 07:13:41 ozaki-r Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.50 2017/06/29 07:13:41 ozaki-r Exp $"); d406 1 a406 1 const struct secasvar *sav; d641 1 a641 1 const struct secasvar *sav, @ 1.50 log @Apply C99-style struct initialization to xformsw @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.49 2017/05/11 05:55:14 ryo Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.49 2017/05/11 05:55:14 ryo Exp $"); a421 1 KASSERT(sav->sah != NULL); @ 1.49 log @Make ipsec_address() and ipsec_logsastr() mpsafe. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.48 2017/04/19 03:39:14 ozaki-r Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.48 2017/04/19 03:39:14 ozaki-r Exp $"); d655 8 a662 3 XF_IP4, 0, "IPv4 Simple Encapsulation", ipe4_init, ipe4_zeroize, ipe4_input, ipip_output, NULL, @ 1.49.2.1 log @Pull up following revision(s) (requested by ozaki-r in ticket #300): crypto/dist/ipsec-tools/src/setkey/parse.y: 1.19 crypto/dist/ipsec-tools/src/setkey/token.l: 1.20 distrib/sets/lists/tests/mi: 1.754, 1.757, 1.759 doc/TODO.smpnet: 1.12-1.13 sys/net/pfkeyv2.h: 1.32 sys/net/raw_cb.c: 1.23-1.24, 1.28 sys/net/raw_cb.h: 1.28 sys/net/raw_usrreq.c: 1.57-1.58 sys/net/rtsock.c: 1.228-1.229 sys/netinet/in_proto.c: 1.125 sys/netinet/ip_input.c: 1.359-1.361 sys/netinet/tcp_input.c: 1.359-1.360 sys/netinet/tcp_output.c: 1.197 sys/netinet/tcp_var.h: 1.178 sys/netinet6/icmp6.c: 1.213 sys/netinet6/in6_proto.c: 1.119 sys/netinet6/ip6_forward.c: 1.88 sys/netinet6/ip6_input.c: 1.181-1.182 sys/netinet6/ip6_output.c: 1.193 sys/netinet6/ip6protosw.h: 1.26 sys/netipsec/ipsec.c: 1.100-1.122 sys/netipsec/ipsec.h: 1.51-1.61 sys/netipsec/ipsec6.h: 1.18-1.20 sys/netipsec/ipsec_input.c: 1.44-1.51 sys/netipsec/ipsec_netbsd.c: 1.41-1.45 sys/netipsec/ipsec_output.c: 1.49-1.64 sys/netipsec/ipsec_private.h: 1.5 sys/netipsec/key.c: 1.164-1.234 sys/netipsec/key.h: 1.20-1.32 sys/netipsec/key_debug.c: 1.18-1.21 sys/netipsec/key_debug.h: 1.9 sys/netipsec/keydb.h: 1.16-1.20 sys/netipsec/keysock.c: 1.59-1.62 sys/netipsec/keysock.h: 1.10 sys/netipsec/xform.h: 1.9-1.12 sys/netipsec/xform_ah.c: 1.55-1.74 sys/netipsec/xform_esp.c: 1.56-1.72 sys/netipsec/xform_ipcomp.c: 1.39-1.53 sys/netipsec/xform_ipip.c: 1.50-1.54 sys/netipsec/xform_tcp.c: 1.12-1.16 sys/rump/librump/rumpkern/Makefile.rumpkern: 1.170 sys/rump/librump/rumpnet/net_stub.c: 1.27 sys/sys/protosw.h: 1.67-1.68 tests/net/carp/t_basic.sh: 1.7 tests/net/if_gif/t_gif.sh: 1.11 tests/net/if_l2tp/t_l2tp.sh: 1.3 tests/net/ipsec/Makefile: 1.7-1.9 tests/net/ipsec/algorithms.sh: 1.5 tests/net/ipsec/common.sh: 1.4-1.6 tests/net/ipsec/t_ipsec_ah_keys.sh: 1.2 tests/net/ipsec/t_ipsec_esp_keys.sh: 1.2 tests/net/ipsec/t_ipsec_gif.sh: 1.6-1.7 tests/net/ipsec/t_ipsec_l2tp.sh: 1.6-1.7 tests/net/ipsec/t_ipsec_misc.sh: 1.8-1.18 tests/net/ipsec/t_ipsec_sockopt.sh: 1.1-1.2 tests/net/ipsec/t_ipsec_tcp.sh: 1.1-1.2 tests/net/ipsec/t_ipsec_transport.sh: 1.5-1.6 tests/net/ipsec/t_ipsec_tunnel.sh: 1.9 tests/net/ipsec/t_ipsec_tunnel_ipcomp.sh: 1.1-1.2 tests/net/ipsec/t_ipsec_tunnel_odd.sh: 1.3 tests/net/mcast/t_mcast.sh: 1.6 tests/net/net/t_ipaddress.sh: 1.11 tests/net/net_common.sh: 1.20 tests/net/npf/t_npf.sh: 1.3 tests/net/route/t_flags.sh: 1.20 tests/net/route/t_flags6.sh: 1.16 usr.bin/netstat/fast_ipsec.c: 1.22 Do m_pullup before mtod It may fix panicks of some tests on anita/sparc and anita/GuruPlug. --- KNF --- Enable DEBUG for babylon5 --- Apply C99-style struct initialization to xformsw --- Tweak outputs of netstat -s for IPsec - Get rid of "Fast" - Use ipsec and ipsec6 for titles to clarify protocol - Indent outputs of sub protocols Original outputs were organized like this: (Fast) IPsec: IPsec ah: IPsec esp: IPsec ipip: IPsec ipcomp: (Fast) IPsec: IPsec ah: IPsec esp: IPsec ipip: IPsec ipcomp: New outputs are organized like this: ipsec: ah: esp: ipip: ipcomp: ipsec6: ah: esp: ipip: ipcomp: --- Add test cases for IPComp --- Simplify IPSEC_OSTAT macro (NFC) --- KNF; replace leading whitespaces with hard tabs --- Introduce and use SADB_SASTATE_USABLE_P --- KNF --- Add update command for testing Updating an SA (SADB_UPDATE) requires that a process issuing SADB_UPDATE is the same as a process issued SADB_ADD (or SADB_GETSPI). This means that update command must be used with add command in a configuration of setkey. This usage is normally meaningless but useful for testing (and debugging) purposes. --- Add test cases for updating SA/SP The tests require newly-added udpate command of setkey. --- PR/52346: Frank Kardel: Fix checksumming for NAT-T See XXX for improvements. --- Remove codes for PACKET_TAG_IPSEC_IN_CRYPTO_DONE It seems that PACKET_TAG_IPSEC_IN_CRYPTO_DONE is for network adapters that have IPsec accelerators; a driver sets the mtag to a packet when its device has already encrypted the packet. Unfortunately no driver implements such offload features for long years and seems unlikely to implement them soon. (Note that neither FreeBSD nor Linux doesn't have such drivers.) Let's remove related (unused) codes and simplify the IPsec code. --- Fix usages of sadb_msg_errno --- Avoid updating sav directly On SADB_UPDATE a target sav was updated directly, which was unsafe. Instead allocate another sav, copy variables of the old sav to the new one and replace the old one with the new one. --- Simplify; we can assume sav->tdb_xform cannot be NULL while it's valid --- Rename key_alloc* functions (NFC) We shouldn't use the term "alloc" for functions that just look up data and actually don't allocate memory. --- Use explicit_memset to surely zero-clear key_auth and key_enc --- Make sure to clear keys on error paths of key_setsaval --- Add missing KEY_FREESAV --- Make sure a sav is inserted to a sah list after its initialization completes --- Remove unnecessary zero-clearing codes from key_setsaval key_setsaval is now used only for a newly-allocated sav. (It was used to reset variables of an existing sav.) --- Correct wrong assumption of sav->refcnt in key_delsah A sav in a list is basically not to be sav->refcnt == 0. And also KEY_FREESAV assumes sav->refcnt > 0. --- Let key_getsavbyspi take a reference of a returning sav --- Use time_mono_to_wall (NFC) --- Separate sending message routine (NFC) --- Simplify; remove unnecessary zero-clears key_freesaval is used only when a target sav is being destroyed. --- Omit NULL checks for sav->lft_c sav->lft_c can be NULL only when initializing or destroying sav. --- Omit unnecessary NULL checks for sav->sah --- Omit unnecessary check of sav->state key_allocsa_policy picks a sav of either MATURE or DYING so we don't need to check its state again. --- Simplify; omit unnecessary saidx passing - ipsec_nextisr returns a saidx but no caller uses it - key_checkrequest is passed a saidx but it can be gotton by another argument (isr) --- Fix splx isn't called on some error paths --- Fix header size calculation of esp where sav is NULL --- Fix header size calculation of ah in the case sav is NULL This fix was also needed for esp. --- Pass sav directly to opencrypto callback In a callback, use a passed sav as-is by default and look up a sav only if the passed sav is dead. --- Avoid examining freshness of sav on packet processing If a sav list is sorted (by lft_c->sadb_lifetime_addtime) in advance, we don't need to examine each sav and also don't need to delete one on the fly and send up a message. Fortunately every sav lists are sorted as we need. Added key_validate_savlist validates that each sav list is surely sorted (run only if DEBUG because it's not cheap). --- Add test cases for SAs with different SPIs --- Prepare to stop using isr->sav isr is a shared resource and using isr->sav as a temporal storage for each packet processing is racy. And also having a reference from isr to sav makes the lifetime of sav non-deterministic; such a reference is removed when a packet is processed and isr->sav is overwritten by new one. Let's have a sav locally for each packet processing instead of using shared isr->sav. However this change doesn't stop using isr->sav yet because there are some users of isr->sav. isr->sav will be removed after the users find a way to not use isr->sav. --- Fix wrong argument handling --- fix printf format. --- Don't validate sav lists of LARVAL or DEAD states We don't sort the lists so the validation will always fail. Fix PR kern/52405 --- Make sure to sort the list when changing the state by key_sa_chgstate --- Rename key_allocsa_policy to key_lookup_sa_bysaidx --- Separate test files --- Calculate ah_max_authsize on initialization as well as esp_max_ivlen --- Remove m_tag_find(PACKET_TAG_IPSEC_PENDING_TDB) because nobody sets the tag --- Restore a comment removed in previous The comment is valid for the below code. --- Make tests more stable sleep command seems to wait longer than expected on anita so use polling to wait for a state change. --- Add tests that explicitly delete SAs instead of waiting for expirations --- Remove invalid M_AUTHIPDGM check on ESP isr->sav M_AUTHIPDGM flag is set to a mbuf in ah_input_cb. An sav of ESP can have AH authentication as sav->tdb_authalgxform. However, in that case esp_input and esp_input_cb are used to do ESP decryption and AH authentication and M_AUTHIPDGM never be set to a mbuf. So checking M_AUTHIPDGM of a mbuf on isr->sav of ESP is meaningless. --- Look up sav instead of relying on unstable sp->req->sav This code is executed only in an error path so an additional lookup doesn't matter. --- Correct a comment --- Don't release sav if calling crypto_dispatch again --- Remove extra KEY_FREESAV from ipsec_process_done It should be done by the caller. --- Don't bother the case of crp->crp_buf == NULL in callbacks --- Hold a reference to an SP during opencrypto processing An SP has a list of isr (ipsecrequest) that represents a sequence of IPsec encryption/authentication processing. One isr corresponds to one opencrypto processing. The lifetime of an isr follows its SP. We pass an isr to a callback function of opencrypto to continue to a next encryption/authentication processing. However nobody guaranteed that the isr wasn't freed, i.e., its SP wasn't destroyed. In order to avoid such unexpected destruction of isr, hold a reference to its SP during opencrypto processing. --- Don't make SAs expired on tests that delete SAs explicitly --- Fix a debug message --- Dedup error paths (NFC) --- Use pool to allocate tdb_crypto For ESP and AH, we need to allocate an extra variable space in addition to struct tdb_crypto. The fixed size of pool items may be larger than an actual requisite size of a buffer, but still the performance improvement by replacing malloc with pool wins. --- Don't use unstable isr->sav for header size calculations We may need to optimize to not look up sav here for users that don't need to know an exact size of headers (e.g., TCP segmemt size caclulation). --- Don't use sp->req->sav when handling NAT-T ESP fragmentation In order to do this we need to look up a sav however an additional look-up degrades performance. A sav is later looked up in ipsec4_process_packet so delay the fragmentation check until then to avoid an extra look-up. --- Don't use key_lookup_sp that depends on unstable sp->req->sav It provided a fast look-up of SP. We will provide an alternative method in the future (after basic MP-ification finishes). --- Stop setting isr->sav on looking up sav in key_checkrequest --- Remove ipsecrequest#sav --- Stop setting mtag of PACKET_TAG_IPSEC_IN_DONE because there is no users anymore --- Skip ipsec_spi_*_*_preferred_new_timeout when running on qemu Probably due to PR 43997 --- Add localcount to rump kernels --- Remove unused macro --- Fix key_getcomb_setlifetime The fix adjusts a soft limit to be 80% of a corresponding hard limit. I'm not sure the fix is really correct though, at least the original code is wrong. A passed comb is zero-cleared before calling key_getcomb_setlifetime, so comb->sadb_comb_soft_addtime = comb->sadb_comb_soft_addtime * 80 / 100; is meaningless. --- Provide and apply key_sp_refcnt (NFC) It simplifies further changes. --- Fix indentation Pointed out by knakahara@@ --- Use pslist(9) for sptree --- Don't acquire global locks for IPsec if NET_MPSAFE Note that the change is just to make testing easy and IPsec isn't MP-safe yet. --- Let PF_KEY socks hold their own lock instead of softnet_lock Operations on SAD and SPD are executed via PF_KEY socks. The operations include deletions of SAs and SPs that will use synchronization mechanisms such as pserialize_perform to wait for references to SAs and SPs to be released. It is known that using such mechanisms with holding softnet_lock causes a dead lock. We should avoid the situation. --- Make IPsec SPD MP-safe We use localcount(9), not psref(9), to make the sptree and secpolicy (SP) entries MP-safe because SPs need to be referenced over opencrypto processing that executes a callback in a different context. SPs on sockets aren't managed by the sptree and can be destroyed in softint. localcount_drain cannot be used in softint so we delay the destruction of such SPs to a thread context. To do so, a list to manage such SPs is added (key_socksplist) and key_timehandler_spd deletes dead SPs in the list. For more details please read the locking notes in key.c. Proposed on tech-kern@@ and tech-net@@ --- Fix updating ipsec_used - key_update_used wasn't called in key_api_spddelete2 and key_api_spdflush - key_update_used wasn't called if an SP had been added/deleted but a reply to userland failed --- Fix updating ipsec_used; turn on when SPs on sockets are added --- Add missing IPsec policy checks to icmp6_rip6_input icmp6_rip6_input is quite similar to rip6_input and the same checks exist in rip6_input. --- Add test cases for setsockopt(IP_IPSEC_POLICY) --- Don't use KEY_NEWSP for dummy SP entries By the change KEY_NEWSP is now not called from softint anymore and we can use kmem_zalloc with KM_SLEEP for KEY_NEWSP. --- Comment out unused functions --- Add test cases that there are SPs but no relevant SAs --- Don't allow sav->lft_c to be NULL lft_c of an sav that was created by SADB_GETSPI could be NULL. --- Clean up clunky eval strings - Remove unnecessary \ at EOL - This allows to omit ; too - Remove unnecessary quotes for arguments of atf_set - Don't expand $DEBUG in eval - We expect it's expanded on execution Suggested by kre@@ --- Remove unnecessary KEY_FREESAV in an error path sav should be freed (unreferenced) by the caller. --- Use pslist(9) for sahtree --- Use pslist(9) for sah->savtree --- Rename local variable newsah to sah It may not be new. --- MP-ify SAD slightly - Introduce key_sa_mtx and use it for some list operations - Use pserialize for some list iterations --- Introduce KEY_SA_UNREF and replace KEY_FREESAV with it where sav will never be actually freed in the future KEY_SA_UNREF is still key_freesav so no functional change for now. This change reduces diff of further changes. --- Remove out-of-date log output Pointed out by riastradh@@ --- Use KDASSERT instead of KASSERT for mutex_ownable Because mutex_ownable is too heavy to run in a fast path even for DIAGNOSTIC + LOCKDEBUG. Suggested by riastradh@@ --- Assemble global lists and related locks into cache lines (NFCI) Also rename variable names from *tree to *list because they are just lists, not trees. Suggested by riastradh@@ --- Move locking notes --- Update the locking notes - Add locking order - Add locking notes for misc lists such as reglist - Mention pserialize, key_sp_ref and key_sp_unref on SP operations Requested by riastradh@@ --- Describe constraints of key_sp_ref and key_sp_unref Requested by riastradh@@ --- Hold key_sad.lock on SAVLIST_WRITER_INSERT_TAIL --- Add __read_mostly to key_psz Suggested by riastradh@@ --- Tweak wording (pserialize critical section => pserialize read section) Suggested by riastradh@@ --- Add missing mutex_exit --- Fix setkey -D -P outputs The outputs were tweaked (by me), but I forgot updating libipsec in my local ATF environment... --- MP-ify SAD (key_sad.sahlist and sah entries) localcount(9) is used to protect key_sad.sahlist and sah entries as well as SPD (and will be used for SAD sav). Please read the locking notes of SAD for more details. --- Introduce key_sa_refcnt and replace sav->refcnt with it (NFC) --- Destroy sav only in the loop for DEAD sav --- Fix KASSERT(solocked(sb->sb_so)) failure in sbappendaddr that is called eventually from key_sendup_mbuf If key_sendup_mbuf isn't passed a socket, the assertion fails. Originally in this case sb->sb_so was softnet_lock and callers held softnet_lock so the assertion was magically satisfied. Now sb->sb_so is key_so_mtx and also softnet_lock isn't always held by callers so the assertion can fail. Fix it by holding key_so_mtx if key_sendup_mbuf isn't passed a socket. Reported by knakahara@@ Tested by knakahara@@ and ozaki-r@@ --- Fix locking notes of SAD --- Fix deadlock between key_sendup_mbuf called from key_acquire and localcount_drain If we call key_sendup_mbuf from key_acquire that is called on packet processing, a deadlock can happen like this: - At key_acquire, a reference to an SP (and an SA) is held - key_sendup_mbuf will try to take key_so_mtx - Some other thread may try to localcount_drain to the SP with holding key_so_mtx in say key_api_spdflush - In this case localcount_drain never return because key_sendup_mbuf that has stuck on key_so_mtx never release a reference to the SP Fix the deadlock by deferring key_sendup_mbuf to the timer (key_timehandler). --- Fix that prev isn't cleared on retry --- Limit the number of mbufs queued for deferred key_sendup_mbuf It's easy to be queued hundreds of mbufs on the list under heavy network load. --- MP-ify SAD (savlist) localcount(9) is used to protect savlist of sah. The basic design is similar to MP-ifications of SPD and SAD sahlist. Please read the locking notes of SAD for more details. --- Simplify ipsec_reinject_ipstack (NFC) --- Add per-CPU rtcache to ipsec_reinject_ipstack It reduces route lookups and also reduces rtcache lock contentions when NET_MPSAFE is enabled. --- Use pool_cache(9) instead of pool(9) for tdb_crypto objects The change improves network throughput especially on multi-core systems. --- Update ipsec(4), opencrypto(9) and vlan(4) are now MP-safe. --- Write known issues on scalability --- Share a global dummy SP between PCBs It's never be changed so it can be pre-allocated and shared safely between PCBs. --- Fix race condition on the rawcb list shared by rtsock and keysock keysock now protects itself by its own mutex, which means that the rawcb list is protected by two different mutexes (keysock's one and softnet_lock for rtsock), of course it's useless. Fix the situation by having a discrete rawcb list for each. --- Use a dedicated mutex for rt_rawcb instead of softnet_lock if NET_MPSAFE --- fix localcount leak in sav. fixed by ozaki-r@@n.o. I commit on behalf of him. --- remove unnecessary comment. --- Fix deadlock between pserialize_perform and localcount_drain A typical ussage of localcount_drain looks like this: mutex_enter(&mtx); item = remove_from_list(); pserialize_perform(psz); localcount_drain(&item->localcount, &cv, &mtx); mutex_exit(&mtx); This sequence can cause a deadlock which happens for example on the following situation: - Thread A calls localcount_drain which calls xc_broadcast after releasing a specified mutex - Thread B enters the sequence and calls pserialize_perform with holding the mutex while pserialize_perform also calls xc_broadcast - Thread C (xc_thread) that calls an xcall callback of localcount_drain tries to hold the mutex xc_broadcast of thread B doesn't start until xc_broadcast of thread A finishes, which is a feature of xcall(9). This means that pserialize_perform never complete until xc_broadcast of thread A finishes. On the other hand, thread C that is a callee of xc_broadcast of thread A sticks on the mutex. Finally the threads block each other (A blocks B, B blocks C and C blocks A). A possible fix is to serialize executions of the above sequence by another mutex, but adding another mutex makes the code complex, so fix the deadlock by another way; the fix is to release the mutex before pserialize_perform and instead use a condvar to prevent pserialize_perform from being called simultaneously. Note that the deadlock has happened only if NET_MPSAFE is enabled. --- Add missing ifdef NET_MPSAFE --- Take softnet_lock on pr_input properly if NET_MPSAFE Currently softnet_lock is taken unnecessarily in some cases, e.g., icmp_input and encap4_input from ip_input, or not taken even if needed, e.g., udp_input and tcp_input from ipsec4_common_input_cb. Fix them. NFC if NET_MPSAFE is disabled (default). --- - sanitize key debugging so that we don't print extra newlines or unassociated debugging messages. - remove unused functions and make internal ones static - print information in one line per message --- humanize printing of ip addresses --- cast reduction, NFC. --- Fix typo in comment --- Pull out ipsec_fill_saidx_bymbuf (NFC) --- Don't abuse key_checkrequest just for looking up sav It does more than expected for example key_acquire. --- Fix SP is broken on transport mode isr->saidx was modified accidentally in ipsec_nextisr. Reported by christos@@ Helped investigations by christos@@ and knakahara@@ --- Constify isr at many places (NFC) --- Include socketvar.h for softnet_lock --- Fix buffer length for ipsec_logsastr @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.49 2017/05/11 05:55:14 ryo Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.49 2017/05/11 05:55:14 ryo Exp $"); d399 1 a399 2 const struct ipsecrequest *isr, struct secasvar *sav, d406 1 d419 4 a422 1 KASSERT(sav != NULL); d642 1 a642 1 struct secasvar *sav, d655 3 a657 8 .xf_type = XF_IP4, .xf_flags = 0, .xf_name = "IPv4 Simple Encapsulation", .xf_init = ipe4_init, .xf_zeroize = ipe4_zeroize, .xf_input = ipe4_input, .xf_output = ipip_output, .xf_next = NULL, @ 1.49.2.2 log @Pull up following revision(s) (requested by knakahara in ticket #419): sys/net/if_stf.c: revision 1.103 sys/net/if_stf.h: revision 1.8 sys/netinet/in_gif.c: revision 1.89 sys/netinet/in_gif.h: revision 1.17 sys/netinet/in_l2tp.c: revision 1.4 sys/netinet/ip_encap.c: revision 1.66 sys/netinet/ip_encap.h: revision 1.23 sys/netinet/ip_mroute.c: revision 1.148 sys/netinet6/in6_gif.c: revision 1.87 sys/netinet6/in6_gif.h: revision 1.16 sys/netinet6/in6_l2tp.c: revision 1.7 sys/netipsec/xform.h: revision 1.13 sys/netipsec/xform_ipip.c: revision 1.55 Add argument to encapsw->pr_input() instead of m_tag. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.49.2.1 2017/10/21 19:43:54 snj Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.49.2.1 2017/10/21 19:43:54 snj Exp $"); d124 1 a124 1 ip4_input6(struct mbuf **m, int *offp, int proto, void *eparg __unused) d145 1 a145 1 ip4_input(struct mbuf *m, int off, int proto, void *eparg __unused) @ 1.49.2.3 log @Pull up following revision(s) (requested by maxv in ticket #551): sys/netipsec/xform_ipip.c: revision 1.56-1.63 Fix use-after-free. There is a path where the mbuf gets pulled up without a proper mtod afterwards: 218 ipo = mtod(m, struct ip *); 281 m = m_pullup(m, hlen); 232 ipo->ip_src.s_addr Found by Mootja. Meanwhile it seems to me that 'ipo' should be set to NULL if the inner packet is IPv6, but I'll revisit that later. As I said in my last commit in this file, ipo should be set to NULL; otherwise the 'local address spoofing' check below is always wrong on IPv6. Style and remove dead code. dedup Fix the IPIP_STAT_IBYTES stats; we did m_adj(m, iphlen) which substracted iphlen, so no need to re-substract it again. Remove broken MROUTING code, rename ipo->ip4, and simplify. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.49.2.2 2017/12/10 09:41:32 snj Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.49.2.2 2017/12/10 09:41:32 snj Exp $"); d77 4 d91 1 a91 2 /* XXX IPCOMP */ #define M_IPSEC (M_AUTHIPHDR|M_AUTHIPDGM|M_DECRYPTED) d93 5 a97 1 typedef void pr_in_input_t(struct mbuf *m, ...); a98 1 int ipip_allow = 0; d101 10 d113 4 d120 3 d126 9 d138 1 a138 1 #endif d141 3 d147 11 d160 1 a160 1 #endif d166 1 a166 1 * contain the address of the encX interface associated with the tunnel). d168 1 d176 1 a176 1 struct ip *ip4 = NULL; d192 1 a192 1 case 4: d195 1 a195 1 #endif d197 1 a197 1 case 6: d201 1 a201 1 default: d206 1 a206 1 return; d218 11 d233 1 a233 1 otos = mtod(m, struct ip *)->ip_tos; d235 1 a235 1 #endif d259 1 a259 1 case 4: a260 1 pktq = ip_pktq; d262 2 a263 1 #endif d265 1 a265 1 case 6: a266 1 pktq = ip6_pktq; d274 1 a274 1 return; d297 5 a301 5 case 4: ip4 = mtod(m, struct ip *); ip_ecn_egress(ip4_ipsec_ecn, &otos, &ip4->ip_tos); break; #endif d303 2 a304 2 case 6: ip6 = mtod(m, struct ip6_hdr *); d308 2 a309 2 ip6->ip6_flow |= htonl((uint32_t)itos << 20); break; d323 1 a323 1 if (ip4) { d331 1 a331 1 ip4->ip_src.s_addr) { d362 2 a363 2 /* Statistics: m->m_pkthdr.len is the length of the inner packet */ IPIP_STATADD(IPIP_STAT_IBYTES, m->m_pkthdr.len); d373 15 d397 8 a404 2 ipip_output(struct mbuf *m, const struct ipsecrequest *isr, struct secasvar *sav, struct mbuf **mp, int skip, int protoff) d409 1 a409 1 int error, iphlen; d413 1 a413 1 #endif d416 1 a416 1 #endif d443 1 a443 1 if (m == NULL) { d450 1 a450 1 iphlen = sizeof(struct ip); a451 1 ipo = mtod(m, struct ip *); d526 1 a526 1 if (m == NULL) { a532 2 iphlen = sizeof(struct ip6_hdr); d558 2 a559 2 if (tp == (IPV6_VERSION >> 4)) { uint32_t itos32; d561 10 a570 10 /* Save ECN notification. */ m_copydata(m, sizeof(struct ip6_hdr) + offsetof(struct ip6_hdr, ip6_flow), sizeof(uint32_t), &itos32); itos = ntohl(itos32) >> 20; ip6o->ip6_nxt = IPPROTO_IPV6; } else { goto nofamily; } d583 1 a583 1 error = EAFNOSUPPORT; d588 4 a591 1 IPIP_STATADD(IPIP_STAT_OBYTES, m->m_pkthdr.len - iphlen); d593 3 a595 2 if (sav->tdb_xform->xf_type == XF_IP4) tdb->tdb_cur_bytes += m->m_pkthdr.len - iphlen; d597 16 a613 1 *mp = m; a614 1 d619 1 a619 1 return error; d637 6 a642 1 ipe4_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) d683 5 a687 1 ipe4_encapcheck(struct mbuf *m, int off, int proto, void *arg) d713 2 a714 2 (void)encap_attach_func(AF_INET, -1, ipe4_encapcheck, &ipe4_encapsw, NULL); d717 2 a718 2 (void)encap_attach_func(AF_INET6, -1, ipe4_encapcheck, &ipe4_encapsw6, NULL); @ 1.48 log @Retire ipsec_osdep.h We don't need to care other OSes (FreeBSD) anymore. Some macros are alive in ipsec_private.h. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.47 2017/04/18 05:26:42 ozaki-r Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.47 2017/04/18 05:26:42 ozaki-r Exp $"); d405 1 d438 1 a438 1 ipsec_address(&saidx->dst), d512 1 a512 1 ipsec_address(&saidx->dst), @ 1.48.2.1 log @Resolve conflicts from previous merge (all resulting from $NetBSD keywork expansion) @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.49 2017/05/11 05:55:14 ryo Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.49 2017/05/11 05:55:14 ryo Exp $"); a404 1 char buf[IPSEC_ADDRSTRLEN]; d437 1 a437 1 ipsec_address(&saidx->dst, buf, sizeof(buf)), d511 1 a511 1 ipsec_address(&saidx->dst, buf, sizeof(buf)), @ 1.47 log @Convert IPSEC_ASSERT to KASSERT or KASSERTMSG IPSEC_ASSERT just discarded specified message... @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.46 2017/04/18 05:25:32 ozaki-r Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.46 2017/04/18 05:25:32 ozaki-r Exp $"); a89 1 #include d479 1 a479 1 ipo->ip_off &= ~ IP_OFF_CONVERT(IP_DF | IP_MF | IP_OFFMASK); d695 1 a695 1 INITFN void a718 5 #ifdef SYSINIT SYSINIT(ipe4_xform_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_MIDDLE, ipe4_attach, NULL); #endif @ 1.46 log @Remove __FreeBSD__ and __NetBSD__ switches No functional changes (except for a debug printf). Note that there remain some __FreeBSD__ for sysctl knobs which counerparts to NetBSD don't exist. And ipsec_osdep.h isn't touched yet; tidying it up requires actual code changes. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.45 2017/04/15 22:01:57 christos Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.45 2017/04/15 22:01:57 christos Exp $"); d420 1 d422 1 a422 2 IPSEC_ASSERT(sav != NULL, ("%s: null SA", __func__)); IPSEC_ASSERT(sav->sah != NULL, ("%s: null SAH", __func__)); @ 1.45 log @cosmetic fixes: - __func__ in printfs - no space after sizeof - eliminate useless casts - u_intX_t -> uintX_t @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.44 2017/04/14 22:35:05 christos Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.44 2017/04/14 22:35:05 christos Exp $"); a48 4 #ifdef __FreeBSD__ #include "opt_inet6.h" #include "opt_random_ip_id.h" #endif /* __FreeBSD__ */ a69 3 #ifdef __FreeBSD__ #include #endif a83 3 # ifdef __FreeBSD__ # include # endif a91 3 #ifdef __FreeBSD__ typedef void pr_in_input_t (struct mbuf *, int, int); /* XXX FIX THIS */ #else a92 1 #endif a111 3 #ifdef __FreeBSD__ static #endif a461 2 #if defined(__NetBSD__) a462 5 #elif defined(RANDOM_IP_ID) ipo->ip_id = ip_randomid(); #else ipo->ip_id = htons(ip_id++); #endif @ 1.44 log @PR/52161: Ryota Ozaki: Fix AH tunnel ipsec for ipv6. Compute plen right, don't forget to subtract the ipv6 header length. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.43 2017/04/06 09:20:07 ozaki-r Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.43 2017/04/06 09:20:07 ozaki-r Exp $"); d147 1 a147 1 DPRINTF(("ip4_input6: dropped due to policy\n")); d169 1 a169 1 DPRINTF(("ip4_input: dropped due to policy\n")); d198 1 a198 1 u_int8_t itos; d200 2 a201 2 u_int8_t otos; u_int8_t v; d220 2 a221 2 DPRINTF(("_ipip_input: bad protocol version 0x%x (%u) " "for outer header\n", v, v>>4)); d230 1 a230 1 DPRINTF(("ipip_input: m_pullup (1) failed\n")); d260 1 a260 1 panic("ipip_input: unknown ip version %u (outer)", v>>4); d288 2 a289 2 DPRINTF(("_ipip_input: bad protocol version 0x%x (%u) " "for inner header\n", v, v>>4)); d300 1 a300 1 DPRINTF(("ipip_input: m_pullup (2) failed\n")); d326 1 a326 1 ip6->ip6_flow |= htonl((u_int32_t) itos << 20); d330 1 a330 1 panic("ipip_input: unknown ip version %u (inner)", v>>4); d403 1 a403 1 panic("ipip_input: should never reach here"); d424 1 a424 1 u_int8_t tp, otos; d428 1 a428 1 u_int8_t itos; d435 1 a435 1 IPSEC_SPLASSERT_SOFTNET("ipip_output"); d438 2 a439 2 IPSEC_ASSERT(sav != NULL, ("ipip_output: null SA")); IPSEC_ASSERT(sav->sah != NULL, ("ipip_output: null SAH")); d453 2 a454 2 DPRINTF(("ipip_output: unspecified tunnel endpoint " "address in SA %s/%08lx\n", d464 1 a464 1 DPRINTF(("ipip_output: M_PREPEND failed\n")); d493 1 a493 1 sizeof(u_int8_t), &itos); d503 1 a503 1 sizeof(u_int16_t), &ipo->ip_off); d508 1 a508 1 u_int32_t itos32; d513 1 a513 1 sizeof(u_int32_t), &itos32); d534 2 a535 2 DPRINTF(("ipip_output: unspecified tunnel endpoint " "address in SA %s/%08lx\n", d554 1 a554 1 DPRINTF(("ipip_output: M_PREPEND failed\n")); d578 1 a578 1 offsetof(struct ip, ip_tos), sizeof(u_int8_t), d586 1 a586 1 u_int32_t itos32; d591 1 a591 1 sizeof(u_int32_t), &itos32); d601 1 a601 1 ip6o->ip6_flow |= htonl((u_int32_t) otos << 20); d607 1 a607 1 DPRINTF(("ipip_output: unsupported protocol family %u\n", d672 1 a672 1 printf("ipe4_input: should never be called\n"); @ 1.43 log @Prepare netipsec for rump-ification - Include "opt_*.h" only if _KERNEL_OPT is defined - Allow encapinit to be called twice (by ifinit and ipe4_attach) - ifinit didn't call encapinit if IPSEC is enabled (ipe4_attach called it instead), however, on a rump kernel ipe4_attach may not be called even if IPSEC is enabled. So we need to allow ifinit to call it anyway - Setup sysctls in ipsec_attach explicitly instead of using SYSCTL_SETUP - Call ip6flow_invalidate_all in key_spdadd only if in6_present - It's possible that a rump kernel loads the ipsec library but not the inet6 library @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.42 2016/07/07 09:32:03 ozaki-r Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.42 2016/07/07 09:32:03 ozaki-r Exp $"); d565 1 a565 1 ip6o->ip6_plen = htons(m->m_pkthdr.len); @ 1.42 log @Switch the address list of intefaces to pslist(9) As usual, we leave the old list to avoid breaking kvm(3) users. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.41 2016/07/04 04:35:09 knakahara Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.41 2016/07/04 04:35:09 knakahara Exp $"); d47 1 d53 1 a53 1 @ 1.42.2.1 log @Sync with HEAD @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.48 2017/04/19 03:39:14 ozaki-r Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.48 2017/04/19 03:39:14 ozaki-r Exp $"); a46 1 #if defined(_KERNEL_OPT) d48 5 a52 1 #endif d73 3 d90 3 d99 1 d101 3 d105 1 d125 3 d146 1 a146 1 DPRINTF(("%s: dropped due to policy\n", __func__)); d168 1 a168 1 DPRINTF(("%s: dropped due to policy\n", __func__)); d197 1 a197 1 uint8_t itos; d199 2 a200 2 uint8_t otos; uint8_t v; d219 2 a220 2 DPRINTF(("%s: bad protocol version 0x%x (%u) " "for outer header\n", __func__, v, v>>4)); d229 1 a229 1 DPRINTF(("%s: m_pullup (1) failed\n", __func__)); d259 1 a259 1 panic("%s: unknown ip version %u (outer)", __func__, v >> 4); d287 2 a288 2 DPRINTF(("%s: bad protocol version %#x (%u) " "for inner header\n", __func__, v, v >> 4)); d299 1 a299 1 DPRINTF(("%s: m_pullup (2) failed\n", __func__)); d325 1 a325 1 ip6->ip6_flow |= htonl((uint32_t) itos << 20); d329 1 a329 1 panic("%s: unknown ip version %u (inner)", __func__, v>>4); d402 1 a402 1 panic("%s: should never reach here", __func__); d423 1 a423 1 uint8_t tp, otos; d427 1 a427 1 uint8_t itos; d434 1 a434 1 IPSEC_SPLASSERT_SOFTNET(__func__); a435 1 KASSERT(isr->sav != NULL); d437 2 a438 1 KASSERT(sav->sah != NULL); d452 2 a453 2 DPRINTF(("%s: unspecified tunnel endpoint " "address in SA %s/%08lx\n", __func__, d463 1 a463 1 DPRINTF(("%s: M_PREPEND failed\n", __func__)); d478 2 d481 5 d492 1 a492 1 sizeof(uint8_t), &itos); d502 2 a503 2 sizeof(uint16_t), &ipo->ip_off); ipo->ip_off &= ~ htons(IP_DF | IP_MF | IP_OFFMASK); d507 1 a507 1 uint32_t itos32; d512 1 a512 1 sizeof(uint32_t), &itos32); d533 2 a534 2 DPRINTF(("%s: unspecified tunnel endpoint " "address in SA %s/%08lx\n", __func__, d553 1 a553 1 DPRINTF(("%s: M_PREPEND failed\n", __func__)); d564 1 a564 1 ip6o->ip6_plen = htons(m->m_pkthdr.len - sizeof(*ip6o)); d577 1 a577 1 offsetof(struct ip, ip_tos), sizeof(uint8_t), d585 1 a585 1 uint32_t itos32; d590 1 a590 1 sizeof(uint32_t), &itos32); d600 1 a600 1 ip6o->ip6_flow |= htonl((uint32_t) otos << 20); d606 1 a606 1 DPRINTF(("%s: unsupported protocol family %u\n", __func__, d671 1 a671 1 printf("%s: should never be called\n", __func__); d719 1 a719 1 void d743 5 @ 1.42.4.1 log @Sync with HEAD @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.48 2017/04/19 03:39:14 ozaki-r Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.48 2017/04/19 03:39:14 ozaki-r Exp $"); a46 1 #if defined(_KERNEL_OPT) d48 5 a52 1 #endif d73 3 d90 3 d99 1 d101 3 d105 1 d125 3 d146 1 a146 1 DPRINTF(("%s: dropped due to policy\n", __func__)); d168 1 a168 1 DPRINTF(("%s: dropped due to policy\n", __func__)); d197 1 a197 1 uint8_t itos; d199 2 a200 2 uint8_t otos; uint8_t v; d219 2 a220 2 DPRINTF(("%s: bad protocol version 0x%x (%u) " "for outer header\n", __func__, v, v>>4)); d229 1 a229 1 DPRINTF(("%s: m_pullup (1) failed\n", __func__)); d259 1 a259 1 panic("%s: unknown ip version %u (outer)", __func__, v >> 4); d287 2 a288 2 DPRINTF(("%s: bad protocol version %#x (%u) " "for inner header\n", __func__, v, v >> 4)); d299 1 a299 1 DPRINTF(("%s: m_pullup (2) failed\n", __func__)); d325 1 a325 1 ip6->ip6_flow |= htonl((uint32_t) itos << 20); d329 1 a329 1 panic("%s: unknown ip version %u (inner)", __func__, v>>4); d402 1 a402 1 panic("%s: should never reach here", __func__); d423 1 a423 1 uint8_t tp, otos; d427 1 a427 1 uint8_t itos; d434 1 a434 1 IPSEC_SPLASSERT_SOFTNET(__func__); a435 1 KASSERT(isr->sav != NULL); d437 2 a438 1 KASSERT(sav->sah != NULL); d452 2 a453 2 DPRINTF(("%s: unspecified tunnel endpoint " "address in SA %s/%08lx\n", __func__, d463 1 a463 1 DPRINTF(("%s: M_PREPEND failed\n", __func__)); d478 2 d481 5 d492 1 a492 1 sizeof(uint8_t), &itos); d502 2 a503 2 sizeof(uint16_t), &ipo->ip_off); ipo->ip_off &= ~ htons(IP_DF | IP_MF | IP_OFFMASK); d507 1 a507 1 uint32_t itos32; d512 1 a512 1 sizeof(uint32_t), &itos32); d533 2 a534 2 DPRINTF(("%s: unspecified tunnel endpoint " "address in SA %s/%08lx\n", __func__, d553 1 a553 1 DPRINTF(("%s: M_PREPEND failed\n", __func__)); d564 1 a564 1 ip6o->ip6_plen = htons(m->m_pkthdr.len - sizeof(*ip6o)); d577 1 a577 1 offsetof(struct ip, ip_tos), sizeof(uint8_t), d585 1 a585 1 uint32_t itos32; d590 1 a590 1 sizeof(uint32_t), &itos32); d600 1 a600 1 ip6o->ip6_flow |= htonl((uint32_t) otos << 20); d606 1 a606 1 DPRINTF(("%s: unsupported protocol family %u\n", __func__, d671 1 a671 1 printf("%s: should never be called\n", __func__); d719 1 a719 1 void d743 5 @ 1.41 log @make encap_lock_{enter,exit} interruptable. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.40 2016/07/04 04:17:25 knakahara Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.40 2016/07/04 04:17:25 knakahara Exp $"); d338 1 a338 1 IFADDR_FOREACH(ifa, ifp) { @ 1.40 log @let gif(4) promise softint(9) contract (2/2) : ip_encap side The last commit does not care encaptab. This commit fixes encaptab race which is used not only gif(4). @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.39 2016/06/10 13:31:44 ozaki-r Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.39 2016/06/10 13:31:44 ozaki-r Exp $"); d728 4 a731 1 encap_lock_enter(); @ 1.39 log @Avoid storing a pointer of an interface in a mbuf Having a pointer of an interface in a mbuf isn't safe if we remove big kernel locks; an interface object (ifnet) can be destroyed anytime in any packet processing and accessing such object via a pointer is racy. Instead we have to get an object from the interface collection (ifindex2ifnet) via an interface index (if_index) that is stored to a mbuf instead of an pointer. The change provides two APIs: m_{get,put}_rcvif_psref that use psref(9) for sleep-able critical sections and m_{get,put}_rcvif that use pserialize(9) for other critical sections. The change also adds another API called m_get_rcvif_NOMPSAFE, that is NOT MP-safe and for transition moratorium, i.e., it is intended to be used for places where are not planned to be MP-ified soon. The change adds some overhead due to psref to performance sensitive paths, however the overhead is not serious, 2% down at worst. Proposed on tech-kern and tech-net. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.38 2016/05/12 02:24:17 ozaki-r Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.38 2016/05/12 02:24:17 ozaki-r Exp $"); d728 2 d738 1 @ 1.38 log @Protect ifnet list with psz and psref The change ensures that ifnet objects in the ifnet list aren't freed during list iterations by using pserialize(9) and psref(9). Note that the change adds a pslist(9) for ifnet but doesn't remove the original ifnet list (ifnet_list) to avoid breaking kvm(3) users. We shouldn't use the original list in the kernel anymore. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.37 2016/01/26 06:00:10 knakahara Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.37 2016/01/26 06:00:10 knakahara Exp $"); d333 2 a334 2 if ((m->m_pkthdr.rcvif == NULL || !(m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK)) && @ 1.37 log @eliminate variable argument in encapsw @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.36 2016/01/26 05:58:06 knakahara Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.36 2016/01/26 05:58:06 knakahara Exp $"); d336 2 a337 1 IFNET_FOREACH(ifp) { d349 1 d366 1 d376 1 @ 1.36 log @implement encapsw instead of protosw and uniform prototype. suggested and advised by riastradh@@n.o, thanks. BTW, It seems in_stf_input() had bugs... @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.35 2016/01/22 23:27:12 riastradh Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.35 2016/01/22 23:27:12 riastradh Exp $"); d162 1 a162 1 ip4_input(struct mbuf *m, ...) a163 2 va_list ap; int iphlen; a173 3 va_start(ap, m); iphlen = va_arg(ap, int); va_end(ap); d175 1 a175 1 _ipip_input(m, iphlen, NULL); @ 1.35 log @Back out previous change to introduce struct encapsw. This change was intended, but Nakahara-san had already made a better one locally! So I'll let him commit that one, and I'll try not to step on anyone's toes again. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.34 2016/01/22 05:15:10 riastradh Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.34 2016/01/22 05:15:10 riastradh Exp $"); d685 5 a689 17 PR_WRAP_CTLOUTPUT(rip_ctloutput) #define rip_ctloutput rip_ctloutput_wrapper extern struct domain inetdomain; static struct ipprotosw ipe4_protosw = { .pr_type = SOCK_RAW, .pr_domain = &inetdomain, .pr_protocol = IPPROTO_IPV4, .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = ip4_input, .pr_ctlinput = 0, .pr_ctloutput = rip_ctloutput, .pr_usrreqs = &rip_usrreqs, .pr_init = 0, .pr_fasttimo = 0, .pr_slowtimo = 0, .pr_drain = 0, d693 5 a697 17 PR_WRAP_CTLOUTPUT(rip6_ctloutput) #define rip6_ctloutput rip6_ctloutput_wrapper extern struct domain inet6domain; static struct ip6protosw ipe4_protosw6 = { .pr_type = SOCK_RAW, .pr_domain = &inet6domain, .pr_protocol = IPPROTO_IPV6, .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = ip4_input6, .pr_ctlinput = 0, .pr_ctloutput = rip6_ctloutput, .pr_usrreqs = &rip6_usrreqs, .pr_init = 0, .pr_fasttimo = 0, .pr_slowtimo = 0, .pr_drain = 0, d731 1 a731 1 ipe4_encapcheck, (struct protosw*) &ipe4_protosw, NULL); d735 1 a735 1 ipe4_encapcheck, (struct protosw*) &ipe4_protosw6, NULL); @ 1.34 log @Don't abuse struct protosw for ip_encap -- introduce struct encapsw. Mostly mechanical change to replace it, culling some now-needless boilerplate around all the users. This does not substantively change the ip_encap API or eliminate abuse of sketchy pointer casts -- that will come later, and will be easier now that it is not tangled up with struct protosw. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.33 2016/01/20 21:44:00 riastradh Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.33 2016/01/20 21:44:00 riastradh Exp $"); d59 1 d73 3 d94 1 d685 17 a701 3 static const struct encapsw ipe4_encapsw = { .en_input = ip4_input, .en_ctlinput = NULL, d705 17 a721 3 static const struct encapsw ipe4_encapsw6 = { .en_input = (void (*)(struct mbuf *, ...))ip4_input6, .en_ctlinput = NULL, d755 1 a755 1 ipe4_encapcheck, &ipe4_encapsw, NULL); d759 1 a759 1 ipe4_encapcheck, &ipe4_encapsw6, NULL); @ 1.33 log @Eliminate struct protosw::pr_output. You can't use this unless you know what it is a priori: the formal prototype is variadic, and the different instances (e.g., ip_output, route_output) have different real prototypes. Convert the only user of it, raw_send in net/raw_cb.c, to take an explicit callback argument. Convert the only instances of it, route_output and key_output, to such explicit callbacks for raw_send. Use assertions to make sure the conversion to explicit callbacks is warranted. Discussed on tech-net with no objections: https://mail-index.netbsd.org/tech-net/2016/01/16/msg005484.html @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.32 2015/03/27 07:47:10 ozaki-r Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.32 2015/03/27 07:47:10 ozaki-r Exp $"); a58 1 #include a71 3 #ifdef __FreeBSD__ #include #endif a89 1 #include d680 3 a682 17 PR_WRAP_CTLOUTPUT(rip_ctloutput) #define rip_ctloutput rip_ctloutput_wrapper extern struct domain inetdomain; static struct ipprotosw ipe4_protosw = { .pr_type = SOCK_RAW, .pr_domain = &inetdomain, .pr_protocol = IPPROTO_IPV4, .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = ip4_input, .pr_ctlinput = 0, .pr_ctloutput = rip_ctloutput, .pr_usrreqs = &rip_usrreqs, .pr_init = 0, .pr_fasttimo = 0, .pr_slowtimo = 0, .pr_drain = 0, d686 3 a688 17 PR_WRAP_CTLOUTPUT(rip6_ctloutput) #define rip6_ctloutput rip6_ctloutput_wrapper extern struct domain inet6domain; static struct ip6protosw ipe4_protosw6 = { .pr_type = SOCK_RAW, .pr_domain = &inet6domain, .pr_protocol = IPPROTO_IPV6, .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = ip4_input6, .pr_ctlinput = 0, .pr_ctloutput = rip6_ctloutput, .pr_usrreqs = &rip6_usrreqs, .pr_init = 0, .pr_fasttimo = 0, .pr_slowtimo = 0, .pr_drain = 0, d722 1 a722 1 ipe4_encapcheck, (struct protosw*) &ipe4_protosw, NULL); d726 1 a726 1 ipe4_encapcheck, (struct protosw*) &ipe4_protosw6, NULL); @ 1.32 log @Remove unnecessary ifdef IPSEC @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.31 2014/06/05 23:48:17 rmind Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.31 2014/06/05 23:48:17 rmind Exp $"); a694 1 .pr_output = 0, a714 1 .pr_output = 0, @ 1.31 log @- Implement pktqueue interface for lockless IP input queue. - Replace ipintrq and ip6intrq with the pktqueue mechanism. - Eliminate kernel-lock from ipintr() and ip6intr(). - Some preparation work to push softnet_lock out of ipintr(). Discussed on tech-net. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.30 2014/05/18 14:46:16 rmind Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.30 2014/05/18 14:46:16 rmind Exp $"); a648 1 #ifdef IPSEC a726 2 #endif /* IPSEC */ @ 1.31.6.1 log @Pull up following revision(s) (requested by maxv in ticket #1567): sys/netipsec/xform_ipip.c: revision 1.44 PR/52161: Ryota Ozaki: Fix AH tunnel ipsec for ipv6. Compute plen right, don't forget to subtract the ipv6 header length. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.31 2014/06/05 23:48:17 rmind Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.31 2014/06/05 23:48:17 rmind Exp $"); d565 1 a565 1 ip6o->ip6_plen = htons(m->m_pkthdr.len - sizeof(*ip6o)); @ 1.31.6.2 log @Pull up following revision(s) (requested by maxv in ticket #1569): sys/netipsec/xform_ah.c: revision 1.77, 1.81 (via patch) sys/netipsec/xform_esp.c: revision 1.73 (via patch) sys/netipsec/xform_ipip.c: revision 1.56, 1.57 (via patch) Fix use-after-free. There is a path where the mbuf gets pulled up without a proper mtod afterwards: 218 ipo = mtod(m, struct ip *); 281 m = m_pullup(m, hlen); 232 ipo->ip_src.s_addr Found by Mootja. Meanwhile it seems to me that 'ipo' should be set to NULL if the inner packet is IPv6, but I'll revisit that later. Reinforce and clarify. Add missing NULL check. Normally that's not triggerable remotely, since we are guaranteed that 8 bytes are valid at mbuf+skip. As I said in my last commit in this file, ipo should be set to NULL; otherwise the 'local address spoofing' check below is always wrong on IPv6. Make sure the Authentication Header fits the mbuf chain, otherwise panic. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.31.6.1 2018/02/15 14:43:12 martin Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.31.6.1 2018/02/15 14:43:12 martin Exp $"); d326 1 a326 2 ipo = NULL; ip6 = mtod(m, struct ip6_hdr *); @ 1.31.10.1 log @Pull up following revision(s) (requested by maxv in ticket #1567): sys/netipsec/xform_ipip.c: revision 1.44 PR/52161: Ryota Ozaki: Fix AH tunnel ipsec for ipv6. Compute plen right, don't forget to subtract the ipv6 header length. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.31 2014/06/05 23:48:17 rmind Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.31 2014/06/05 23:48:17 rmind Exp $"); d565 1 a565 1 ip6o->ip6_plen = htons(m->m_pkthdr.len - sizeof(*ip6o)); @ 1.31.10.2 log @Pull up following revision(s) (requested by maxv in ticket #1569): sys/netipsec/xform_ah.c: revision 1.77, 1.81 (via patch) sys/netipsec/xform_esp.c: revision 1.73 (via patch) sys/netipsec/xform_ipip.c: revision 1.56, 1.57 (via patch) Fix use-after-free. There is a path where the mbuf gets pulled up without a proper mtod afterwards: 218 ipo = mtod(m, struct ip *); 281 m = m_pullup(m, hlen); 232 ipo->ip_src.s_addr Found by Mootja. Meanwhile it seems to me that 'ipo' should be set to NULL if the inner packet is IPv6, but I'll revisit that later. Reinforce and clarify. Add missing NULL check. Normally that's not triggerable remotely, since we are guaranteed that 8 bytes are valid at mbuf+skip. As I said in my last commit in this file, ipo should be set to NULL; otherwise the 'local address spoofing' check below is always wrong on IPv6. Make sure the Authentication Header fits the mbuf chain, otherwise panic. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.31.10.1 2018/02/15 14:41:57 martin Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.31.10.1 2018/02/15 14:41:57 martin Exp $"); d326 1 a326 2 ipo = NULL; ip6 = mtod(m, struct ip6_hdr *); @ 1.31.2.1 log @Pull up following revision(s) (requested by maxv in ticket #1567): sys/netipsec/xform_ipip.c: revision 1.44 PR/52161: Ryota Ozaki: Fix AH tunnel ipsec for ipv6. Compute plen right, don't forget to subtract the ipv6 header length. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.31 2014/06/05 23:48:17 rmind Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.31 2014/06/05 23:48:17 rmind Exp $"); d565 1 a565 1 ip6o->ip6_plen = htons(m->m_pkthdr.len - sizeof(*ip6o)); @ 1.31.2.2 log @Pull up following revision(s) (requested by maxv in ticket #1569): sys/netipsec/xform_ah.c: revision 1.77, 1.81 (via patch) sys/netipsec/xform_esp.c: revision 1.73 (via patch) sys/netipsec/xform_ipip.c: revision 1.56, 1.57 (via patch) Fix use-after-free. There is a path where the mbuf gets pulled up without a proper mtod afterwards: 218 ipo = mtod(m, struct ip *); 281 m = m_pullup(m, hlen); 232 ipo->ip_src.s_addr Found by Mootja. Meanwhile it seems to me that 'ipo' should be set to NULL if the inner packet is IPv6, but I'll revisit that later. Reinforce and clarify. Add missing NULL check. Normally that's not triggerable remotely, since we are guaranteed that 8 bytes are valid at mbuf+skip. As I said in my last commit in this file, ipo should be set to NULL; otherwise the 'local address spoofing' check below is always wrong on IPv6. Make sure the Authentication Header fits the mbuf chain, otherwise panic. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.31.2.1 2018/02/15 14:39:43 martin Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.31.2.1 2018/02/15 14:39:43 martin Exp $"); d326 1 a326 2 ipo = NULL; ip6 = mtod(m, struct ip6_hdr *); @ 1.31.4.1 log @Sync with HEAD @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.32 2015/03/27 07:47:10 ozaki-r Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.32 2015/03/27 07:47:10 ozaki-r Exp $"); d649 1 d728 2 @ 1.31.4.2 log @Sync with HEAD @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.31.4.1 2015/04/06 15:18:23 skrll Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.31.4.1 2015/04/06 15:18:23 skrll Exp $"); d162 1 a162 1 ip4_input(struct mbuf *m, int off, int proto) d164 2 d176 3 d180 1 a180 1 _ipip_input(m, off, NULL); d685 18 a702 5 static struct encapsw ipe4_encapsw = { .encapsw4 = { .pr_input = ip4_input, .pr_ctlinput = NULL, } d706 18 a723 5 static struct encapsw ipe4_encapsw6 = { .encapsw6 = { .pr_input = ip4_input6, .pr_ctlinput = NULL, } d757 1 a757 1 ipe4_encapcheck, &ipe4_encapsw, NULL); d761 1 a761 1 ipe4_encapcheck, &ipe4_encapsw6, NULL); @ 1.31.4.3 log @Sync with HEAD @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.31.4.2 2016/03/19 11:30:33 skrll Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.31.4.2 2016/03/19 11:30:33 skrll Exp $"); d336 1 a336 2 int s = pserialize_read_enter(); IFNET_READER_FOREACH(ifp) { a347 1 pserialize_read_exit(s); a363 1 pserialize_read_exit(s); a372 1 pserialize_read_exit(s); @ 1.31.4.4 log @Sync with HEAD @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.31.4.3 2016/05/29 08:44:39 skrll Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.31.4.3 2016/05/29 08:44:39 skrll Exp $"); d333 2 a334 2 if ((m_get_rcvif_NOMPSAFE(m) == NULL || !(m_get_rcvif_NOMPSAFE(m)->if_flags & IFF_LOOPBACK)) && d338 1 a338 1 IFADDR_READER_FOREACH(ifa, ifp) { a727 5 encapinit(); /* This function is called before ifinit(). Who else gets lock? */ (void)encap_lock_enter(); /* ipe4_encapsw and ipe4_encapsw must be added atomically */ a735 1 encap_lock_exit(); @ 1.31.4.5 log @Sync with HEAD @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.31.4.4 2016/07/09 20:25:23 skrll Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.31.4.4 2016/07/09 20:25:23 skrll Exp $"); a46 1 #if defined(_KERNEL_OPT) d48 5 a52 1 #endif d73 3 d90 3 d99 1 d101 3 d105 1 d125 3 d146 1 a146 1 DPRINTF(("%s: dropped due to policy\n", __func__)); d168 1 a168 1 DPRINTF(("%s: dropped due to policy\n", __func__)); d197 1 a197 1 uint8_t itos; d199 2 a200 2 uint8_t otos; uint8_t v; d219 2 a220 2 DPRINTF(("%s: bad protocol version 0x%x (%u) " "for outer header\n", __func__, v, v>>4)); d229 1 a229 1 DPRINTF(("%s: m_pullup (1) failed\n", __func__)); d259 1 a259 1 panic("%s: unknown ip version %u (outer)", __func__, v >> 4); d287 2 a288 2 DPRINTF(("%s: bad protocol version %#x (%u) " "for inner header\n", __func__, v, v >> 4)); d299 1 a299 1 DPRINTF(("%s: m_pullup (2) failed\n", __func__)); d325 1 a325 1 ip6->ip6_flow |= htonl((uint32_t) itos << 20); d329 1 a329 1 panic("%s: unknown ip version %u (inner)", __func__, v>>4); d402 1 a402 1 panic("%s: should never reach here", __func__); a416 1 struct secasvar *sav, d422 2 a423 2 char buf[IPSEC_ADDRSTRLEN]; uint8_t tp, otos; d427 1 a427 1 uint8_t itos; d434 5 a438 2 IPSEC_SPLASSERT_SOFTNET(__func__); KASSERT(sav != NULL); d452 3 a454 3 DPRINTF(("%s: unspecified tunnel endpoint " "address in SA %s/%08lx\n", __func__, ipsec_address(&saidx->dst, buf, sizeof(buf)), d463 1 a463 1 DPRINTF(("%s: M_PREPEND failed\n", __func__)); d478 2 d481 5 d492 1 a492 1 sizeof(uint8_t), &itos); d502 2 a503 2 sizeof(uint16_t), &ipo->ip_off); ipo->ip_off &= ~ htons(IP_DF | IP_MF | IP_OFFMASK); d507 1 a507 1 uint32_t itos32; d512 1 a512 1 sizeof(uint32_t), &itos32); d533 3 a535 3 DPRINTF(("%s: unspecified tunnel endpoint " "address in SA %s/%08lx\n", __func__, ipsec_address(&saidx->dst, buf, sizeof(buf)), d553 1 a553 1 DPRINTF(("%s: M_PREPEND failed\n", __func__)); d564 1 a564 1 ip6o->ip6_plen = htons(m->m_pkthdr.len - sizeof(*ip6o)); d577 1 a577 1 offsetof(struct ip, ip_tos), sizeof(uint8_t), d585 1 a585 1 uint32_t itos32; d590 1 a590 1 sizeof(uint32_t), &itos32); d600 1 a600 1 ip6o->ip6_flow |= htonl((uint32_t) otos << 20); d606 1 a606 1 DPRINTF(("%s: unsupported protocol family %u\n", __func__, d665 1 a665 1 struct secasvar *sav, d671 1 a671 1 printf("%s: should never be called\n", __func__); d678 3 a680 8 .xf_type = XF_IP4, .xf_flags = 0, .xf_name = "IPv4 Simple Encapsulation", .xf_init = ipe4_init, .xf_zeroize = ipe4_zeroize, .xf_input = ipe4_input, .xf_output = ipip_output, .xf_next = NULL, d719 1 a719 1 void d743 5 @ 1.30 log @Add struct pr_usrreqs with a pr_generic function and prepare for the dismantling of pr_usrreq in the protocols; no functional change intended. PRU_ATTACH/PRU_DETACH changes will follow soon. Bump for struct protosw. Welcome to 6.99.62! @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.29 2013/06/05 19:01:26 christos Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.29 2013/06/05 19:01:26 christos Exp $"); d197 1 a197 1 struct ifqueue *ifq = NULL; a203 1 int isr; d394 1 a394 2 ifq = &ipintrq; isr = NETISR_IP; d399 1 a399 2 ifq = &ip6intrq; isr = NETISR_IPV6; d406 2 a407 1 if (!IF_HANDOFF(ifq, m, NULL)) { d409 1 a409 4 DPRINTF(("ipip_input: packet dropped because of full queue\n")); } else { schednetisr(isr); d411 1 @ 1.29 log @IPSEC has not come in two speeds for a long time now (IPSEC == kame, FAST_IPSEC). Make everything refer to IPSEC to avoid confusion. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.28 2011/07/17 20:54:54 joerg Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.28 2011/07/17 20:54:54 joerg Exp $"); a690 1 PR_WRAP_USRREQ(rip_usrreq) a691 1 #define rip_usrreq rip_usrreq_wrapper d703 1 a703 1 .pr_usrreq = rip_usrreq, a711 1 PR_WRAP_USRREQ(rip6_usrreq) a712 1 #define rip6_usrreq rip6_usrreq_wrapper d724 1 a724 1 .pr_usrreq = rip6_usrreq, @ 1.29.6.1 log @Rebase. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.31 2014/06/05 23:48:17 rmind Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.31 2014/06/05 23:48:17 rmind Exp $"); d197 1 a197 1 pktqueue_t *pktq = NULL; d204 1 d395 2 a396 1 pktq = ip_pktq; d401 2 a402 1 pktq = ip6_pktq; d409 1 a409 2 int s = splnet(); if (__predict_false(!pktq_enqueue(pktq, m, 0))) { d411 4 a414 1 m_freem(m); a415 1 splx(s); d691 1 d693 1 d705 1 a705 1 .pr_usrreqs = &rip_usrreqs, d714 1 d716 1 d728 1 a728 1 .pr_usrreqs = &rip6_usrreqs, @ 1.29.2.1 log @Checkpoint work in progress: - Initial split of the protocol user-request method into the following methods: pr_attach, pr_detach and pr_generic for old the pr_usrreq. - Adjust socreate(9) and sonewconn(9) to call pr_attach without the socket lock held (as a preparation for the locking scheme adjustment). - Adjust all pr_attach routines to assert that PCB is not set. - Sprinkle various comments, document some routines and their locking. - Remove M_PCB, replace with kmem(9). - Fix few bugs spotted on the way. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.29 2013/06/05 19:01:26 christos Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.29 2013/06/05 19:01:26 christos Exp $"); d691 1 d693 1 d705 1 a705 1 .pr_usrreqs = &rip_usrreqs, d714 1 d716 1 d728 1 a728 1 .pr_usrreqs = &rip6_usrreqs, @ 1.28 log @Retire varargs.h support. Move machine/stdarg.h logic into MI sys/stdarg.h and expect compiler to provide proper builtins, defaulting to the GCC interface. lint still has a special fallback. Reduce abuse of _BSD_VA_LIST_ by defining __va_list by default and derive va_list as required by standards. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.27 2011/06/06 16:48:35 drochner Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.27 2011/06/06 16:48:35 drochner Exp $"); d653 1 a653 1 #ifdef FAST_IPSEC d736 1 a736 1 #endif /* FAST_IPSEC */ @ 1.28.14.1 log @Pull up following revision(s) (requested by maxv in ticket #1529): sys/netipsec/xform_ipip.c: revision 1.44 via patch PR/52161: Ryota Ozaki: Fix AH tunnel ipsec for ipv6. Compute plen right, don't forget to subtract the ipv6 header length. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.28 2011/07/17 20:54:54 joerg Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.28 2011/07/17 20:54:54 joerg Exp $"); d569 1 a569 1 ip6o->ip6_plen = htons(m->m_pkthdr.len - sizeof(*ip6o)); @ 1.28.14.2 log @Pull up following revision(s) (requested by maxv in ticket #1532): sys/netipsec/xform_ah.c: 1.77 via patch sys/netipsec/xform_esp.c: 1.73 via patch sys/netipsec/xform_ipip.c: 1.56-1.57 via patch Reinforce and clarify. -- Add missing NULL check. Normally that's not triggerable remotely, since we are guaranteed that 8 bytes are valid at mbuf+skip. -- Fix use-after-free. There is a path where the mbuf gets pulled up without a proper mtod afterwards: 218 ipo = mtod(m, struct ip *); 281 m = m_pullup(m, hlen); 232 ipo->ip_src.s_addr Found by Mootja. Meanwhile it seems to me that 'ipo' should be set to NULL if the inner packet is IPv6, but I'll revisit that later. -- As I said in my last commit in this file, ipo should be set to NULL; otherwise the 'local address spoofing' check below is always wrong on IPv6. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.28.14.1 2018/02/15 14:51:44 martin Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.28.14.1 2018/02/15 14:51:44 martin Exp $"); d327 1 a327 2 ipo = NULL; ip6 = mtod(m, struct ip6_hdr *); @ 1.28.22.1 log @Pull up following revision(s) (requested by maxv in ticket #1529): sys/netipsec/xform_ipip.c: revision 1.44 via patch PR/52161: Ryota Ozaki: Fix AH tunnel ipsec for ipv6. Compute plen right, don't forget to subtract the ipv6 header length. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.28 2011/07/17 20:54:54 joerg Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.28 2011/07/17 20:54:54 joerg Exp $"); d569 1 a569 1 ip6o->ip6_plen = htons(m->m_pkthdr.len - sizeof(*ip6o)); @ 1.28.22.2 log @Pull up following revision(s) (requested by maxv in ticket #1532): sys/netipsec/xform_ah.c: 1.77 via patch sys/netipsec/xform_esp.c: 1.73 via patch sys/netipsec/xform_ipip.c: 1.56-1.57 via patch Reinforce and clarify. -- Add missing NULL check. Normally that's not triggerable remotely, since we are guaranteed that 8 bytes are valid at mbuf+skip. -- Fix use-after-free. There is a path where the mbuf gets pulled up without a proper mtod afterwards: 218 ipo = mtod(m, struct ip *); 281 m = m_pullup(m, hlen); 232 ipo->ip_src.s_addr Found by Mootja. Meanwhile it seems to me that 'ipo' should be set to NULL if the inner packet is IPv6, but I'll revisit that later. -- As I said in my last commit in this file, ipo should be set to NULL; otherwise the 'local address spoofing' check below is always wrong on IPv6. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.28.22.1 2018/02/15 14:50:17 martin Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.28.22.1 2018/02/15 14:50:17 martin Exp $"); d327 1 a327 2 ipo = NULL; ip6 = mtod(m, struct ip6_hdr *); @ 1.28.8.1 log @Pull up following revision(s) (requested by maxv in ticket #1529): sys/netipsec/xform_ipip.c: revision 1.44 via patch PR/52161: Ryota Ozaki: Fix AH tunnel ipsec for ipv6. Compute plen right, don't forget to subtract the ipv6 header length. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.28 2011/07/17 20:54:54 joerg Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.28 2011/07/17 20:54:54 joerg Exp $"); d569 1 a569 1 ip6o->ip6_plen = htons(m->m_pkthdr.len - sizeof(*ip6o)); @ 1.28.8.2 log @Pull up following revision(s) (requested by maxv in ticket #1532): sys/netipsec/xform_ah.c: 1.77 via patch sys/netipsec/xform_esp.c: 1.73 via patch sys/netipsec/xform_ipip.c: 1.56-1.57 via patch Reinforce and clarify. -- Add missing NULL check. Normally that's not triggerable remotely, since we are guaranteed that 8 bytes are valid at mbuf+skip. -- Fix use-after-free. There is a path where the mbuf gets pulled up without a proper mtod afterwards: 218 ipo = mtod(m, struct ip *); 281 m = m_pullup(m, hlen); 232 ipo->ip_src.s_addr Found by Mootja. Meanwhile it seems to me that 'ipo' should be set to NULL if the inner packet is IPv6, but I'll revisit that later. -- As I said in my last commit in this file, ipo should be set to NULL; otherwise the 'local address spoofing' check below is always wrong on IPv6. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.28.8.1 2018/02/15 14:49:00 martin Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.28.8.1 2018/02/15 14:49:00 martin Exp $"); d327 1 a327 2 ipo = NULL; ip6 = mtod(m, struct ip6_hdr *); @ 1.28.2.1 log @sync with head. for a reference, the tree before this commit was tagged as yamt-pagecache-tag8. this commit was splitted into small chunks to avoid a limitation of cvs. ("Protocol error: too many arguments") @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.28 2011/07/17 20:54:54 joerg Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.28 2011/07/17 20:54:54 joerg Exp $"); d653 1 a653 1 #ifdef IPSEC d736 1 a736 1 #endif /* IPSEC */ @ 1.28.12.1 log @resync from head @ text @d1 1 a1 1 /* $NetBSD$ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD$"); d653 1 a653 1 #ifdef IPSEC d736 1 a736 1 #endif /* IPSEC */ @ 1.28.12.2 log @Rebase to HEAD as of a few days ago. @ text @d197 1 a197 1 pktqueue_t *pktq = NULL; d204 1 d395 2 a396 1 pktq = ip_pktq; d401 2 a402 1 pktq = ip6_pktq; d409 1 a409 2 int s = splnet(); if (__predict_false(!pktq_enqueue(pktq, m, 0))) { d411 4 a414 1 m_freem(m); a415 1 splx(s); d691 1 d693 1 d705 1 a705 1 .pr_usrreqs = &rip_usrreqs, d714 1 d716 1 d728 1 a728 1 .pr_usrreqs = &rip6_usrreqs, @ 1.28.12.3 log @update from HEAD @ text @a46 1 #if defined(_KERNEL_OPT) d48 5 a52 1 #endif d73 3 d90 3 d99 1 d101 3 d105 1 d125 3 d141 1 a141 1 ip4_input6(struct mbuf **m, int *offp, int proto, void *eparg __unused) d146 1 a146 1 DPRINTF(("%s: dropped due to policy\n", __func__)); d162 1 a162 1 ip4_input(struct mbuf *m, int off, int proto, void *eparg __unused) d164 2 d170 1 a170 1 DPRINTF(("%s: dropped due to policy\n", __func__)); d176 3 d180 1 a180 1 _ipip_input(m, off, NULL); d202 1 a202 1 uint8_t itos; d204 2 a205 2 uint8_t otos; uint8_t v; d224 2 a225 2 DPRINTF(("%s: bad protocol version 0x%x (%u) " "for outer header\n", __func__, v, v>>4)); d234 1 a234 1 DPRINTF(("%s: m_pullup (1) failed\n", __func__)); d264 1 a264 1 panic("%s: unknown ip version %u (outer)", __func__, v >> 4); d292 2 a293 2 DPRINTF(("%s: bad protocol version %#x (%u) " "for inner header\n", __func__, v, v >> 4)); d304 1 a304 1 DPRINTF(("%s: m_pullup (2) failed\n", __func__)); d330 1 a330 1 ip6->ip6_flow |= htonl((uint32_t) itos << 20); d334 1 a334 1 panic("%s: unknown ip version %u (inner)", __func__, v>>4); d338 2 a339 2 if ((m_get_rcvif_NOMPSAFE(m) == NULL || !(m_get_rcvif_NOMPSAFE(m)->if_flags & IFF_LOOPBACK)) && d341 2 a342 3 int s = pserialize_read_enter(); IFNET_READER_FOREACH(ifp) { IFADDR_READER_FOREACH(ifa, ifp) { a352 1 pserialize_read_exit(s); a368 1 pserialize_read_exit(s); a377 1 pserialize_read_exit(s); d403 1 a403 1 panic("%s: should never reach here", __func__); d417 1 a417 2 const struct ipsecrequest *isr, struct secasvar *sav, d423 2 a424 2 char buf[IPSEC_ADDRSTRLEN]; uint8_t tp, otos; d428 1 a428 1 uint8_t itos; d435 5 a439 2 IPSEC_SPLASSERT_SOFTNET(__func__); KASSERT(sav != NULL); d453 3 a455 3 DPRINTF(("%s: unspecified tunnel endpoint " "address in SA %s/%08lx\n", __func__, ipsec_address(&saidx->dst, buf, sizeof(buf)), d464 1 a464 1 DPRINTF(("%s: M_PREPEND failed\n", __func__)); d479 2 d482 5 d493 1 a493 1 sizeof(uint8_t), &itos); d503 2 a504 2 sizeof(uint16_t), &ipo->ip_off); ipo->ip_off &= ~ htons(IP_DF | IP_MF | IP_OFFMASK); d508 1 a508 1 uint32_t itos32; d513 1 a513 1 sizeof(uint32_t), &itos32); d534 3 a536 3 DPRINTF(("%s: unspecified tunnel endpoint " "address in SA %s/%08lx\n", __func__, ipsec_address(&saidx->dst, buf, sizeof(buf)), d554 1 a554 1 DPRINTF(("%s: M_PREPEND failed\n", __func__)); d565 1 a565 1 ip6o->ip6_plen = htons(m->m_pkthdr.len - sizeof(*ip6o)); d578 1 a578 1 offsetof(struct ip, ip_tos), sizeof(uint8_t), d586 1 a586 1 uint32_t itos32; d591 1 a591 1 sizeof(uint32_t), &itos32); d601 1 a601 1 ip6o->ip6_flow |= htonl((uint32_t) otos << 20); d607 1 a607 1 DPRINTF(("%s: unsupported protocol family %u\n", __func__, d649 1 d667 1 a667 1 struct secasvar *sav, d673 1 a673 1 printf("%s: should never be called\n", __func__); d680 3 a682 8 .xf_type = XF_IP4, .xf_flags = 0, .xf_name = "IPv4 Simple Encapsulation", .xf_init = ipe4_init, .xf_zeroize = ipe4_zeroize, .xf_input = ipe4_input, .xf_output = ipip_output, .xf_next = NULL, d686 18 a703 5 static struct encapsw ipe4_encapsw = { .encapsw4 = { .pr_input = ip4_input, .pr_ctlinput = NULL, } d707 18 a724 5 static struct encapsw ipe4_encapsw6 = { .encapsw6 = { .pr_input = ip4_input6, .pr_ctlinput = NULL, } d728 2 d749 1 a749 1 void a757 5 encapinit(); /* This function is called before ifinit(). Who else gets lock? */ (void)encap_lock_enter(); /* ipe4_encapsw and ipe4_encapsw must be added atomically */ d760 1 a760 1 ipe4_encapcheck, &ipe4_encapsw, NULL); d764 1 a764 1 ipe4_encapcheck, &ipe4_encapsw6, NULL); a765 1 encap_lock_exit(); d767 5 @ 1.27 log @remove a limitation that inner and outer IP version must be equal for an ESP tunnel, and add some fixes which make v4-in-v6 work (v6 as inner protocol isn't ready, even v6-in-v6 can never have worked) being here, fix a statistics counter and kill an unused variable @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.26 2011/02/18 20:40:58 drochner Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.26 2011/02/18 20:40:58 drochner Exp $"); a100 2 #include @ 1.26 log @more "const" @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.25 2011/02/18 19:06:45 drochner Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.25 2011/02/18 19:06:45 drochner Exp $"); a205 1 u_int8_t nxt; a323 1 nxt = ipo->ip_p; a329 1 nxt = ip6->ip6_nxt; d549 8 a556 6 /* scoped address handling */ ip6 = mtod(m, struct ip6_hdr *); if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_src)) ip6->ip6_src.s6_addr16[1] = 0; if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_dst)) ip6->ip6_dst.s6_addr16[1] = 0; d575 4 d642 1 a642 1 IPIP_STATADD(IPIP_STAT_IBYTES, @ 1.26.2.1 log @Catchup with rmind-uvmplock merge. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.27 2011/06/06 16:48:35 drochner Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.27 2011/06/06 16:48:35 drochner Exp $"); d206 1 d325 1 d332 1 d552 6 a557 8 if (tp == (IPV6_VERSION >> 4)) { /* scoped address handling */ ip6 = mtod(m, struct ip6_hdr *); if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_src)) ip6->ip6_src.s6_addr16[1] = 0; if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_dst)) ip6->ip6_dst.s6_addr16[1] = 0; } a575 4 if (IN6_IS_SCOPE_LINKLOCAL(&ip6o->ip6_dst)) ip6o->ip6_dst.s6_addr16[1] = htons(saidx->dst.sin6.sin6_scope_id); if (IN6_IS_SCOPE_LINKLOCAL(&ip6o->ip6_src)) ip6o->ip6_src.s6_addr16[1] = htons(saidx->src.sin6.sin6_scope_id); d639 1 a639 1 IPIP_STATADD(IPIP_STAT_OBYTES, @ 1.25 log @sprinkle some "const", documenting that the SA is not supposed to change during an xform operation @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.24 2008/04/27 12:58:48 degroote Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.24 2008/04/27 12:58:48 degroote Exp $"); d654 1 a654 1 ipe4_init(struct secasvar *sav, struct xformsw *xsp) @ 1.24 log @Fix some fallout from socket locking patch : - {ah6,esp6}_ctlinput must return void* - use correct wrapper for rip_usrreq @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.23 2008/04/24 11:38:38 ad Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.23 2008/04/24 11:38:38 ad Exp $"); d432 1 a432 1 struct secasvar *sav; d670 1 a670 1 struct secasvar *sav, @ 1.24.28.1 log @Sync with HEAD. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.26 2011/02/18 20:40:58 drochner Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.26 2011/02/18 20:40:58 drochner Exp $"); d432 1 a432 1 const struct secasvar *sav; d654 1 a654 1 ipe4_init(struct secasvar *sav, const struct xformsw *xsp) d670 1 a670 1 const struct secasvar *sav, @ 1.24.22.1 log @sync with head @ text @d1 1 a1 1 /* $NetBSD$ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD$"); d432 1 a432 1 const struct secasvar *sav; d654 1 a654 1 ipe4_init(struct secasvar *sav, const struct xformsw *xsp) d670 1 a670 1 const struct secasvar *sav, @ 1.24.22.2 log @sync with head @ text @d206 1 d325 1 d332 1 d552 6 a557 8 if (tp == (IPV6_VERSION >> 4)) { /* scoped address handling */ ip6 = mtod(m, struct ip6_hdr *); if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_src)) ip6->ip6_src.s6_addr16[1] = 0; if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_dst)) ip6->ip6_dst.s6_addr16[1] = 0; } a575 4 if (IN6_IS_SCOPE_LINKLOCAL(&ip6o->ip6_dst)) ip6o->ip6_dst.s6_addr16[1] = htons(saidx->dst.sin6.sin6_scope_id); if (IN6_IS_SCOPE_LINKLOCAL(&ip6o->ip6_src)) ip6o->ip6_src.s6_addr16[1] = htons(saidx->src.sin6.sin6_scope_id); d639 1 a639 1 IPIP_STATADD(IPIP_STAT_OBYTES, @ 1.24.30.1 log @Sync with HEAD @ text @d1 1 a1 1 /* $NetBSD$ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD$"); d432 1 a432 1 const struct secasvar *sav; d654 1 a654 1 ipe4_init(struct secasvar *sav, const struct xformsw *xsp) d670 1 a670 1 const struct secasvar *sav, @ 1.23 log @Merge the socket locking patch: - Socket layer becomes MP safe. - Unix protocols become MP safe. - Allows protocol processing interrupts to safely block on locks. - Fixes a number of race conditions. With much feedback from matt@@ and plunky@@. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.22 2008/04/23 06:09:05 thorpej Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.22 2008/04/23 06:09:05 thorpej Exp $"); d690 1 a690 1 PR_WRAP_CTLOUTPUT(rip_usrreq) d713 1 a713 1 PR_WRAP_CTLOUTPUT(rip6_usrreq) @ 1.23.2.1 log @sync with head. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.23 2008/04/24 11:38:38 ad Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.23 2008/04/24 11:38:38 ad Exp $"); d690 1 a690 1 PR_WRAP_USRREQ(rip_usrreq) d713 1 a713 1 PR_WRAP_USRREQ(rip6_usrreq) @ 1.22 log @Make IPSEC and FAST_IPSEC stats per-cpu. Use and netstat_sysctl(). @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.21 2008/02/10 21:42:20 degroote Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.21 2008/02/10 21:42:20 degroote Exp $"); d689 5 d712 5 @ 1.21 log @Fix build of FAST_IPSEC after the change of ip_newid prototype @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.20 2007/12/07 19:46:18 elad Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.20 2007/12/07 19:46:18 elad Exp $"); d78 1 d114 2 a115 1 struct ipipstat ipipstat; d149 1 a149 1 ipipstat.ipips_pdrops++; d173 1 a173 1 ipipstat.ipips_pdrops++; d212 1 a212 1 ipipstat.ipips_ipackets++; d230 1 a230 1 ipipstat.ipips_family++; d239 1 a239 1 ipipstat.ipips_hdrops++; d276 1 a276 1 ipipstat.ipips_hdrops++; d298 1 a298 1 ipipstat.ipips_family++; d309 1 a309 1 ipipstat.ipips_hdrops++; d359 1 a359 1 ipipstat.ipips_spoof++; d375 1 a375 1 ipipstat.ipips_spoof++; d387 1 a387 1 ipipstat.ipips_ibytes += m->m_pkthdr.len - iphlen; d415 1 a415 1 ipipstat.ipips_qfull++; d466 1 a466 1 ipipstat.ipips_unspec++; d474 1 a474 1 ipipstat.ipips_hdrops++; d547 1 a547 1 ipipstat.ipips_unspec++; d562 1 a562 1 ipipstat.ipips_hdrops++; d612 1 a612 1 ipipstat.ipips_family++; d617 1 a617 1 ipipstat.ipips_opackets++; d627 2 a628 1 ipipstat.ipips_obytes += m->m_pkthdr.len - sizeof(struct ip); d639 2 a640 2 ipipstat.ipips_obytes += m->m_pkthdr.len - sizeof(struct ip6_hdr); d749 3 @ 1.21.6.1 log @Sync with HEAD. @ text @d1 1 a1 1 /* $NetBSD$ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD$"); a77 1 #include d113 1 a113 2 percpu_t *ipipstat_percpu; d147 1 a147 1 IPIP_STATINC(IPIP_STAT_PDROPS); d171 1 a171 1 IPIP_STATINC(IPIP_STAT_PDROPS); d210 1 a210 1 IPIP_STATINC(IPIP_STAT_IPACKETS); d228 1 a228 1 IPIP_STATINC(IPIP_STAT_FAMILY); d237 1 a237 1 IPIP_STATINC(IPIP_STAT_HDROPS); d274 1 a274 1 IPIP_STATINC(IPIP_STAT_HDROPS); d296 1 a296 1 IPIP_STATINC(IPIP_STAT_FAMILY); d307 1 a307 1 IPIP_STATINC(IPIP_STAT_HDROPS); d357 1 a357 1 IPIP_STATINC(IPIP_STAT_SPOOF); d373 1 a373 1 IPIP_STATINC(IPIP_STAT_SPOOF); d385 1 a385 1 IPIP_STATADD(IPIP_STAT_IBYTES, m->m_pkthdr.len - iphlen); d413 1 a413 1 IPIP_STATINC(IPIP_STAT_QFULL); d464 1 a464 1 IPIP_STATINC(IPIP_STAT_UNSPEC); d472 1 a472 1 IPIP_STATINC(IPIP_STAT_HDROPS); d545 1 a545 1 IPIP_STATINC(IPIP_STAT_UNSPEC); d560 1 a560 1 IPIP_STATINC(IPIP_STAT_HDROPS); d610 1 a610 1 IPIP_STATINC(IPIP_STAT_FAMILY); d615 1 a615 1 IPIP_STATINC(IPIP_STAT_OPACKETS); d625 1 a625 2 IPIP_STATADD(IPIP_STAT_OBYTES, m->m_pkthdr.len - sizeof(struct ip)); d636 2 a637 2 IPIP_STATADD(IPIP_STAT_IBYTES, m->m_pkthdr.len - sizeof(struct ip6_hdr)); a685 5 PR_WRAP_CTLOUTPUT(rip_ctloutput) PR_WRAP_USRREQ(rip_usrreq) #define rip_ctloutput rip_ctloutput_wrapper #define rip_usrreq rip_usrreq_wrapper a703 5 PR_WRAP_CTLOUTPUT(rip6_ctloutput) PR_WRAP_USRREQ(rip6_usrreq) #define rip6_ctloutput rip6_ctloutput_wrapper #define rip6_usrreq rip6_usrreq_wrapper a745 3 ipipstat_percpu = percpu_alloc(sizeof(uint64_t) * IPIP_NSTATS); @ 1.21.8.1 log @sync with head. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.21 2008/02/10 21:42:20 degroote Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.21 2008/02/10 21:42:20 degroote Exp $"); a77 1 #include d113 1 a113 2 percpu_t *ipipstat_percpu; d147 1 a147 1 IPIP_STATINC(IPIP_STAT_PDROPS); d171 1 a171 1 IPIP_STATINC(IPIP_STAT_PDROPS); d210 1 a210 1 IPIP_STATINC(IPIP_STAT_IPACKETS); d228 1 a228 1 IPIP_STATINC(IPIP_STAT_FAMILY); d237 1 a237 1 IPIP_STATINC(IPIP_STAT_HDROPS); d274 1 a274 1 IPIP_STATINC(IPIP_STAT_HDROPS); d296 1 a296 1 IPIP_STATINC(IPIP_STAT_FAMILY); d307 1 a307 1 IPIP_STATINC(IPIP_STAT_HDROPS); d357 1 a357 1 IPIP_STATINC(IPIP_STAT_SPOOF); d373 1 a373 1 IPIP_STATINC(IPIP_STAT_SPOOF); d385 1 a385 1 IPIP_STATADD(IPIP_STAT_IBYTES, m->m_pkthdr.len - iphlen); d413 1 a413 1 IPIP_STATINC(IPIP_STAT_QFULL); d464 1 a464 1 IPIP_STATINC(IPIP_STAT_UNSPEC); d472 1 a472 1 IPIP_STATINC(IPIP_STAT_HDROPS); d545 1 a545 1 IPIP_STATINC(IPIP_STAT_UNSPEC); d560 1 a560 1 IPIP_STATINC(IPIP_STAT_HDROPS); d610 1 a610 1 IPIP_STATINC(IPIP_STAT_FAMILY); d615 1 a615 1 IPIP_STATINC(IPIP_STAT_OPACKETS); d625 1 a625 2 IPIP_STATADD(IPIP_STAT_OBYTES, m->m_pkthdr.len - sizeof(struct ip)); d636 2 a637 2 IPIP_STATADD(IPIP_STAT_IBYTES, m->m_pkthdr.len - sizeof(struct ip6_hdr)); a685 5 PR_WRAP_CTLOUTPUT(rip_ctloutput) PR_WRAP_USRREQ(rip_usrreq) #define rip_ctloutput rip_ctloutput_wrapper #define rip_usrreq rip_usrreq_wrapper a703 5 PR_WRAP_CTLOUTPUT(rip6_ctloutput) PR_WRAP_USRREQ(rip6_usrreq) #define rip6_ctloutput rip6_ctloutput_wrapper #define rip6_usrreq rip6_usrreq_wrapper a745 3 ipipstat_percpu = percpu_alloc(sizeof(uint64_t) * IPIP_NSTATS); @ 1.20 log @Use struct initializers. No functional change. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.19 2007/12/04 10:28:45 dyoung Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.19 2007/12/04 10:28:45 dyoung Exp $"); d488 1 a488 1 ipo->ip_id = ip_newid(); @ 1.19 log @Use IFNET_FOREACH() and IFADDR_FOREACH(). @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.18 2007/10/28 15:48:23 adrianp Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.18 2007/10/28 15:48:23 adrianp Exp $"); d688 13 a700 4 SOCK_RAW, &inetdomain, IPPROTO_IPV4, PR_ATOMIC|PR_ADDR|PR_LASTHDR, ip4_input, 0, 0, rip_ctloutput, rip_usrreq, 0, 0, 0, 0, d706 13 a718 4 SOCK_RAW, &inet6domain, IPPROTO_IPV6,PR_ATOMIC|PR_ADDR|PR_LASTHDR, ip4_input6, 0, 0, rip6_ctloutput, rip6_usrreq, 0, 0, 0, 0, @ 1.18 log @The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed. Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@@ @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.17 2007/03/04 21:17:56 degroote Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.17 2007/03/04 21:17:56 degroote Exp $"); d345 2 a346 4 for (ifp = ifnet.tqh_first; ifp != 0; ifp = ifp->if_list.tqe_next) { for (ifa = ifp->if_addrlist.tqh_first; ifa != 0; ifa = ifa->ifa_list.tqe_next) { @ 1.18.2.1 log @Sync with HEAD. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.20 2007/12/07 19:46:18 elad Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.20 2007/12/07 19:46:18 elad Exp $"); d345 4 a348 2 IFNET_FOREACH(ifp) { IFADDR_FOREACH(ifa, ifp) { d690 4 a693 13 .pr_type = SOCK_RAW, .pr_domain = &inetdomain, .pr_protocol = IPPROTO_IPV4, .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = ip4_input, .pr_output = 0, .pr_ctlinput = 0, .pr_ctloutput = rip_ctloutput, .pr_usrreq = rip_usrreq, .pr_init = 0, .pr_fasttimo = 0, .pr_slowtimo = 0, .pr_drain = 0, d699 4 a702 13 .pr_type = SOCK_RAW, .pr_domain = &inet6domain, .pr_protocol = IPPROTO_IPV6, .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = ip4_input6, .pr_output = 0, .pr_ctlinput = 0, .pr_ctloutput = rip6_ctloutput, .pr_usrreq = rip6_usrreq, .pr_init = 0, .pr_fasttimo = 0, .pr_slowtimo = 0, .pr_drain = 0, @ 1.18.2.2 log @Sync with HEAD. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.21 2008/02/10 21:42:20 degroote Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.21 2008/02/10 21:42:20 degroote Exp $"); d488 1 a488 1 ipo->ip_id = ip_newid(NULL); @ 1.18.4.1 log @Sync with head. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.20 2007/12/07 19:46:18 elad Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.20 2007/12/07 19:46:18 elad Exp $"); d345 4 a348 2 IFNET_FOREACH(ifp) { IFADDR_FOREACH(ifa, ifp) { d690 4 a693 13 .pr_type = SOCK_RAW, .pr_domain = &inetdomain, .pr_protocol = IPPROTO_IPV4, .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = ip4_input, .pr_output = 0, .pr_ctlinput = 0, .pr_ctloutput = rip_ctloutput, .pr_usrreq = rip_usrreq, .pr_init = 0, .pr_fasttimo = 0, .pr_slowtimo = 0, .pr_drain = 0, d699 4 a702 13 .pr_type = SOCK_RAW, .pr_domain = &inet6domain, .pr_protocol = IPPROTO_IPV6, .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = ip4_input6, .pr_output = 0, .pr_ctlinput = 0, .pr_ctloutput = rip6_ctloutput, .pr_usrreq = rip6_usrreq, .pr_init = 0, .pr_fasttimo = 0, .pr_slowtimo = 0, .pr_drain = 0, @ 1.17 log @Remove useless cast Use NULL instead of (void*) 0 @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.16 2007/03/04 06:03:30 christos Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.16 2007/03/04 06:03:30 christos Exp $"); d513 1 a513 3 ipo->ip_off = ntohs(ipo->ip_off); ipo->ip_off &= ~(IP_DF | IP_MF | IP_OFFMASK); ipo->ip_off = htons(ipo->ip_off); @ 1.17.6.1 log @Pullup to HEAD @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.20 2007/12/07 19:46:18 elad Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.20 2007/12/07 19:46:18 elad Exp $"); d692 4 a695 13 .pr_type = SOCK_RAW, .pr_domain = &inetdomain, .pr_protocol = IPPROTO_IPV4, .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = ip4_input, .pr_output = 0, .pr_ctlinput = 0, .pr_ctloutput = rip_ctloutput, .pr_usrreq = rip_usrreq, .pr_init = 0, .pr_fasttimo = 0, .pr_slowtimo = 0, .pr_drain = 0, d701 4 a704 13 .pr_type = SOCK_RAW, .pr_domain = &inet6domain, .pr_protocol = IPPROTO_IPV6, .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = ip4_input6, .pr_output = 0, .pr_ctlinput = 0, .pr_ctloutput = rip6_ctloutput, .pr_usrreq = rip6_usrreq, .pr_init = 0, .pr_fasttimo = 0, .pr_slowtimo = 0, .pr_drain = 0, @ 1.17.20.1 log @Sync with HEAD @ text @d1 1 a1 1 /* $NetBSD$ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD$"); d513 3 a515 1 ipo->ip_off &= ~ IP_OFF_CONVERT(IP_DF | IP_MF | IP_OFFMASK); @ 1.17.16.1 log @sync with HEAD @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.18 2007/10/28 15:48:23 adrianp Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.18 2007/10/28 15:48:23 adrianp Exp $"); d513 3 a515 1 ipo->ip_off &= ~ IP_OFF_CONVERT(IP_DF | IP_MF | IP_OFFMASK); @ 1.17.16.2 log @sync with HEAD @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.17.16.1 2007/11/06 23:34:14 matt Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.17.16.1 2007/11/06 23:34:14 matt Exp $"); d345 4 a348 2 IFNET_FOREACH(ifp) { IFADDR_FOREACH(ifa, ifp) { d690 4 a693 13 .pr_type = SOCK_RAW, .pr_domain = &inetdomain, .pr_protocol = IPPROTO_IPV4, .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = ip4_input, .pr_output = 0, .pr_ctlinput = 0, .pr_ctloutput = rip_ctloutput, .pr_usrreq = rip_usrreq, .pr_init = 0, .pr_fasttimo = 0, .pr_slowtimo = 0, .pr_drain = 0, d699 4 a702 13 .pr_type = SOCK_RAW, .pr_domain = &inet6domain, .pr_protocol = IPPROTO_IPV6, .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = ip4_input6, .pr_output = 0, .pr_ctlinput = 0, .pr_ctloutput = rip6_ctloutput, .pr_usrreq = rip6_usrreq, .pr_init = 0, .pr_fasttimo = 0, .pr_slowtimo = 0, .pr_drain = 0, @ 1.17.16.3 log @sync with HEAD @ text @d1 1 a1 1 /* xform_ipip.c,v 1.17.16.2 2008/01/09 01:57:43 matt Exp */ d42 1 a42 1 __KERNEL_RCSID(0, "xform_ipip.c,v 1.17.16.2 2008/01/09 01:57:43 matt Exp"); d488 1 a488 1 ipo->ip_id = ip_newid(NULL); @ 1.17.14.1 log @Sync with HEAD. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.17 2007/03/04 21:17:56 degroote Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.17 2007/03/04 21:17:56 degroote Exp $"); d513 3 a515 1 ipo->ip_off &= ~ IP_OFF_CONVERT(IP_DF | IP_MF | IP_OFFMASK); @ 1.17.14.2 log @Sync with HEAD. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.20 2007/12/07 19:46:18 elad Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.20 2007/12/07 19:46:18 elad Exp $"); d345 4 a348 2 IFNET_FOREACH(ifp) { IFADDR_FOREACH(ifa, ifp) { d690 4 a693 13 .pr_type = SOCK_RAW, .pr_domain = &inetdomain, .pr_protocol = IPPROTO_IPV4, .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = ip4_input, .pr_output = 0, .pr_ctlinput = 0, .pr_ctloutput = rip_ctloutput, .pr_usrreq = rip_usrreq, .pr_init = 0, .pr_fasttimo = 0, .pr_slowtimo = 0, .pr_drain = 0, d699 4 a702 13 .pr_type = SOCK_RAW, .pr_domain = &inet6domain, .pr_protocol = IPPROTO_IPV6, .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = ip4_input6, .pr_output = 0, .pr_ctlinput = 0, .pr_ctloutput = rip6_ctloutput, .pr_usrreq = rip6_usrreq, .pr_init = 0, .pr_fasttimo = 0, .pr_slowtimo = 0, .pr_drain = 0, @ 1.16 log @Kill caddr_t; there will be some MI fallout, but it will be fixed shortly. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.15 2007/02/10 09:43:05 degroote Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.15 2007/02/10 09:43:05 degroote Exp $"); d502 1 a502 1 sizeof(u_int8_t), (void *) &itos); d512 1 a512 1 sizeof(u_int16_t), (void *) &ipo->ip_off); d524 1 a524 1 sizeof(u_int32_t), (void *) &itos32); d584 1 a584 1 (void *) &itos); d596 1 a596 1 sizeof(u_int32_t), (void *) &itos32); @ 1.15 log @Commit my SoC work Add ipv6 support for fast_ipsec Note that currently, packet with extensions headers are not correctly supported Change the ipcomp logic @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.14 2006/11/16 01:33:49 christos Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.14 2006/11/16 01:33:49 christos Exp $"); d502 1 a502 1 sizeof(u_int8_t), (caddr_t) &itos); d512 1 a512 1 sizeof(u_int16_t), (caddr_t) &ipo->ip_off); d524 1 a524 1 sizeof(u_int32_t), (caddr_t) &itos32); d584 1 a584 1 (caddr_t) &itos); d596 1 a596 1 sizeof(u_int32_t), (caddr_t) &itos32); @ 1.15.2.1 log @Sync with HEAD. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.15 2007/02/10 09:43:05 degroote Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.15 2007/02/10 09:43:05 degroote Exp $"); d502 1 a502 1 sizeof(u_int8_t), &itos); d512 1 a512 1 sizeof(u_int16_t), &ipo->ip_off); d524 1 a524 1 sizeof(u_int32_t), &itos32); d584 1 a584 1 &itos); d596 1 a596 1 sizeof(u_int32_t), &itos32); @ 1.14 log @__unused removal on arguments; approved by core. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.13 2006/10/13 20:53:59 christos Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.13 2006/10/13 20:53:59 christos Exp $"); d689 1 d691 2 a692 2 static struct ipprotosw ipe4_protosw[] = { { SOCK_RAW, &inetdomain, IPPROTO_IPV4, PR_ATOMIC|PR_ADDR|PR_LASTHDR, d696 2 a697 1 }, d699 7 a705 5 { SOCK_RAW, &inetdomain, IPPROTO_IPV6, PR_ATOMIC|PR_ADDR|PR_LASTHDR, ip4_input, 0, 0, rip_ctloutput, rip_usrreq, 0, 0, 0, 0, }, d707 2 a708 1 }; d735 1 d737 2 a738 1 ipe4_encapcheck, (struct protosw*) &ipe4_protosw[0], NULL); d741 1 a741 1 ipe4_encapcheck, (struct protosw*) &ipe4_protosw[1], NULL); a748 1 #endif /* FAST_IPSEC */ @ 1.14.4.1 log @Update to today's netbsd-4. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.14.2.1 2007/05/24 19:13:12 pavel Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.14.2.1 2007/05/24 19:13:12 pavel Exp $"); a688 1 #ifdef INET d690 2 a691 2 static struct ipprotosw ipe4_protosw = { SOCK_RAW, &inetdomain, IPPROTO_IPV4, PR_ATOMIC|PR_ADDR|PR_LASTHDR, d695 7 a701 1 }; a702 7 #ifdef INET6 extern struct domain inet6domain; static struct ip6protosw ipe4_protosw6 = { SOCK_RAW, &inet6domain, IPPROTO_IPV6,PR_ATOMIC|PR_ADDR|PR_LASTHDR, ip4_input6, 0, 0, rip6_ctloutput, rip6_usrreq, 0, 0, 0, 0, a703 3 #endif #endif /* FAST_IPSEC */ a729 1 #ifdef INET d731 1 a731 2 ipe4_encapcheck, (struct protosw*) &ipe4_protosw, NULL); #endif d734 1 a734 1 ipe4_encapcheck, (struct protosw*) &ipe4_protosw6, NULL); d742 1 @ 1.14.4.2 log @Catch up to netbsd-4.0 release. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.14.4.1 2007/06/04 01:54:28 wrstuden Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.14.4.1 2007/06/04 01:54:28 wrstuden Exp $"); d513 3 a515 1 ipo->ip_off &= ~ IP_OFF_CONVERT(IP_DF | IP_MF | IP_OFFMASK); @ 1.14.2.1 log @Pull up following revision(s) (requested by degroote in ticket #667): sys/netinet/tcp_input.c: revision 1.260 sys/netinet/tcp_output.c: revision 1.154 sys/netinet/tcp_subr.c: revision 1.210 sys/netinet6/icmp6.c: revision 1.129 sys/netinet6/in6_proto.c: revision 1.70 sys/netinet6/ip6_forward.c: revision 1.54 sys/netinet6/ip6_input.c: revision 1.94 sys/netinet6/ip6_output.c: revision 1.114 sys/netinet6/raw_ip6.c: revision 1.81 sys/netipsec/ipcomp_var.h: revision 1.4 sys/netipsec/ipsec.c: revision 1.26 via patch,1.31-1.32 sys/netipsec/ipsec6.h: revision 1.5 sys/netipsec/ipsec_input.c: revision 1.14 sys/netipsec/ipsec_netbsd.c: revision 1.18,1.26 sys/netipsec/ipsec_output.c: revision 1.21 via patch sys/netipsec/key.c: revision 1.33,1.44 sys/netipsec/xform_ipcomp.c: revision 1.9 sys/netipsec/xform_ipip.c: revision 1.15 sys/opencrypto/deflate.c: revision 1.8 Commit my SoC work Add ipv6 support for fast_ipsec Note that currently, packet with extensions headers are not correctly supported Change the ipcomp logic Add sysctl tree to modify the fast_ipsec options related to ipv6. Similar to the sysctl kame interface. Choose the good default policy, depending of the adress family of the desired policy Increase the refcount for the default ipv6 policy so nobody can reclaim it Always compute the sp index even if we don't have any sp in spd. It will let us to choose the right default policy (based on the adress family requested). While here, fix an error message Use dynamic array instead of an static array to decompress. It lets us to decompress any data, whatever is the radio decompressed data / compressed data. It fixes the last issues with fast_ipsec and ipcomp. While here, bzero -> memset, bcopy -> memcpy, FREE -> free Reviewed a long time ago by sam@@ @ text @d1 1 a1 1 /* $NetBSD$ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD$"); a688 1 #ifdef INET d690 2 a691 2 static struct ipprotosw ipe4_protosw = { SOCK_RAW, &inetdomain, IPPROTO_IPV4, PR_ATOMIC|PR_ADDR|PR_LASTHDR, d695 7 a701 1 }; a702 7 #ifdef INET6 extern struct domain inet6domain; static struct ip6protosw ipe4_protosw6 = { SOCK_RAW, &inet6domain, IPPROTO_IPV6,PR_ATOMIC|PR_ADDR|PR_LASTHDR, ip4_input6, 0, 0, rip6_ctloutput, rip6_usrreq, 0, 0, 0, 0, a703 3 #endif #endif /* FAST_IPSEC */ a729 1 #ifdef INET d731 1 a731 2 ipe4_encapcheck, (struct protosw*) &ipe4_protosw, NULL); #endif d734 1 a734 1 ipe4_encapcheck, (struct protosw*) &ipe4_protosw6, NULL); d742 1 @ 1.14.2.2 log @Pull up following revision(s) (requested by adrianp in ticket #964): sys/netipsec/xform_ah.c: revision 1.19 sys/netipsec/ipsec.c: revision 1.34 sys/netipsec/xform_ipip.c: revision 1.18 sys/netipsec/ipsec_output.c: revision 1.23 sys/netipsec/ipsec_osdep.h: revision 1.21 The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed. Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@ @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.14.2.1 2007/05/24 19:13:12 pavel Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.14.2.1 2007/05/24 19:13:12 pavel Exp $"); d513 3 a515 1 ipo->ip_off &= ~ IP_OFF_CONVERT(IP_DF | IP_MF | IP_OFFMASK); @ 1.13 log @more __unused @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.12 2005/12/11 12:25:06 christos Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.12 2005/12/11 12:25:06 christos Exp $"); d141 1 a141 1 ip4_input6(struct mbuf **m, int *offp, int proto __unused) d192 1 a192 1 _ipip_input(struct mbuf *m, int iphlen, struct ifnet *gifp __unused) d428 2 a429 2 int skip __unused, int protoff __unused d671 3 a673 3 struct secasvar *sav __unused, int skip __unused, int protoff __unused d710 3 a712 3 int off __unused, int proto __unused, void *arg __unused @ 1.12 log @merge ktrace-lwp. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.9.4.5 2005/11/10 14:11:35 skrll Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.9.4.5 2005/11/10 14:11:35 skrll Exp $"); d141 1 a141 1 ip4_input6(struct mbuf **m, int *offp, int proto) d192 1 a192 1 _ipip_input(struct mbuf *m, int iphlen, struct ifnet *gifp) d425 5 a429 5 struct mbuf *m, struct ipsecrequest *isr, struct mbuf **mp, int skip, int protoff d669 6 a674 1 ipe4_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) d686 1 d709 5 a713 1 ipe4_encapcheck(struct mbuf *m, int off, int proto, void *arg) @ 1.12.20.1 log @Sync with head. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.14 2006/11/16 01:33:49 christos Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.14 2006/11/16 01:33:49 christos Exp $"); d425 5 a429 5 struct mbuf *m, struct ipsecrequest *isr, struct mbuf **mp, int skip, int protoff d669 1 a669 6 ipe4_input( struct mbuf *m, struct secasvar *sav, int skip, int protoff ) a680 1 NULL, d703 1 a703 5 ipe4_encapcheck(struct mbuf *m, int off, int proto, void *arg ) @ 1.12.22.1 log @sync with head @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.12 2005/12/11 12:25:06 christos Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.12 2005/12/11 12:25:06 christos Exp $"); d141 1 a141 1 ip4_input6(struct mbuf **m, int *offp, int proto __unused) d192 1 a192 1 _ipip_input(struct mbuf *m, int iphlen, struct ifnet *gifp __unused) d425 5 a429 5 struct mbuf *m, struct ipsecrequest *isr, struct mbuf **mp, int skip __unused, int protoff __unused d669 1 a669 6 ipe4_input( struct mbuf *m, struct secasvar *sav __unused, int skip __unused, int protoff __unused ) a680 1 NULL, d703 1 a703 5 ipe4_encapcheck(struct mbuf *m, int off __unused, int proto __unused, void *arg __unused ) @ 1.12.22.2 log @sync with head. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.12.22.1 2006/10/22 06:07:39 yamt Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.12.22.1 2006/10/22 06:07:39 yamt Exp $"); d141 1 a141 1 ip4_input6(struct mbuf **m, int *offp, int proto) d192 1 a192 1 _ipip_input(struct mbuf *m, int iphlen, struct ifnet *gifp) d428 2 a429 2 int skip, int protoff d671 3 a673 3 struct secasvar *sav, int skip, int protoff d710 3 a712 3 int off, int proto, void *arg @ 1.11 log @Since we decided "const struct mbuf *" would not do the right thing (tm), remove ~all const from mbuf pointers. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.10 2005/02/26 22:45:13 perry Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.10 2005/02/26 22:45:13 perry Exp $"); @ 1.11.2.1 log @sync with head. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.11 2005/06/06 06:06:50 martin Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.11 2005/06/06 06:06:50 martin Exp $"); d425 5 a429 5 struct mbuf *m, struct ipsecrequest *isr, struct mbuf **mp, int skip, int protoff d669 1 a669 6 ipe4_input( struct mbuf *m, struct secasvar *sav, int skip, int protoff ) a680 1 NULL, d703 1 a703 5 ipe4_encapcheck(struct mbuf *m, int off, int proto, void *arg ) @ 1.11.2.2 log @sync with head. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.11.2.1 2006/12/30 20:50:44 yamt Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.11.2.1 2006/12/30 20:50:44 yamt Exp $"); a688 1 #ifdef INET d690 2 a691 2 static struct ipprotosw ipe4_protosw = { SOCK_RAW, &inetdomain, IPPROTO_IPV4, PR_ATOMIC|PR_ADDR|PR_LASTHDR, d695 7 a701 1 }; a702 7 #ifdef INET6 extern struct domain inet6domain; static struct ip6protosw ipe4_protosw6 = { SOCK_RAW, &inet6domain, IPPROTO_IPV6,PR_ATOMIC|PR_ADDR|PR_LASTHDR, ip4_input6, 0, 0, rip6_ctloutput, rip6_usrreq, 0, 0, 0, 0, a703 3 #endif #endif /* FAST_IPSEC */ a729 1 #ifdef INET d731 1 a731 2 ipe4_encapcheck, (struct protosw*) &ipe4_protosw, NULL); #endif d734 1 a734 1 ipe4_encapcheck, (struct protosw*) &ipe4_protosw6, NULL); d742 1 @ 1.11.2.3 log @sync with head. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.11.2.2 2007/02/26 09:11:57 yamt Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.11.2.2 2007/02/26 09:11:57 yamt Exp $"); d502 1 a502 1 sizeof(u_int8_t), &itos); d512 1 a512 1 sizeof(u_int16_t), &ipo->ip_off); d524 1 a524 1 sizeof(u_int32_t), &itos32); d584 1 a584 1 &itos); d596 1 a596 1 sizeof(u_int32_t), &itos32); @ 1.11.2.4 log @sync with head. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.11.2.3 2007/09/03 14:43:48 yamt Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.11.2.3 2007/09/03 14:43:48 yamt Exp $"); d513 3 a515 1 ipo->ip_off &= ~ IP_OFF_CONVERT(IP_DF | IP_MF | IP_OFFMASK); @ 1.11.2.5 log @sync with head @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.11.2.4 2007/11/15 11:45:17 yamt Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.11.2.4 2007/11/15 11:45:17 yamt Exp $"); d345 4 a348 2 IFNET_FOREACH(ifp) { IFADDR_FOREACH(ifa, ifp) { @ 1.11.2.6 log @sync with head @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.11.2.5 2007/12/07 17:34:39 yamt Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.11.2.5 2007/12/07 17:34:39 yamt Exp $"); d688 4 a691 13 .pr_type = SOCK_RAW, .pr_domain = &inetdomain, .pr_protocol = IPPROTO_IPV4, .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = ip4_input, .pr_output = 0, .pr_ctlinput = 0, .pr_ctloutput = rip_ctloutput, .pr_usrreq = rip_usrreq, .pr_init = 0, .pr_fasttimo = 0, .pr_slowtimo = 0, .pr_drain = 0, d697 4 a700 13 .pr_type = SOCK_RAW, .pr_domain = &inet6domain, .pr_protocol = IPPROTO_IPV6, .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = ip4_input6, .pr_output = 0, .pr_ctlinput = 0, .pr_ctloutput = rip6_ctloutput, .pr_usrreq = rip6_usrreq, .pr_init = 0, .pr_fasttimo = 0, .pr_slowtimo = 0, .pr_drain = 0, @ 1.11.2.7 log @sync with head. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.11.2.6 2008/01/21 09:47:27 yamt Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.11.2.6 2008/01/21 09:47:27 yamt Exp $"); d488 1 a488 1 ipo->ip_id = ip_newid(NULL); @ 1.10 log @nuke trailing whitespace @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.9 2004/03/17 00:21:43 jonathan Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.9 2004/03/17 00:21:43 jonathan Exp $"); d703 1 a703 1 ipe4_encapcheck(const struct mbuf *m, int off, int proto, void *arg) @ 1.10.6.1 log @Pull up following revision(s) (requested by adrianp in ticket #1878): sys/netipsec/xform_ah.c: revision 1.19 via patch sys/netipsec/ipsec.c: revision 1.34 via patch sys/netipsec/xform_ipip.c: revision 1.18 via patch sys/netipsec/ipsec_output.c: revision 1.23 via patch sys/netipsec/ipsec_osdep.h: revision 1.21 via patch The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed. Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@@ @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.10 2005/02/26 22:45:13 perry Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.10 2005/02/26 22:45:13 perry Exp $"); d513 3 a515 1 ipo->ip_off &= ~ IP_OFF_CONVERT(IP_DF | IP_MF | IP_OFFMASK); @ 1.10.4.1 log @Pull up following revision(s) (requested by adrianp in ticket #1878): sys/netipsec/xform_ah.c: revision 1.19 via patch sys/netipsec/ipsec.c: revision 1.34 via patch sys/netipsec/xform_ipip.c: revision 1.18 via patch sys/netipsec/ipsec_output.c: revision 1.23 via patch sys/netipsec/ipsec_osdep.h: revision 1.21 via patch The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed. Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@@ @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.10 2005/02/26 22:45:13 perry Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.10 2005/02/26 22:45:13 perry Exp $"); d513 3 a515 1 ipo->ip_off &= ~ IP_OFF_CONVERT(IP_DF | IP_MF | IP_OFFMASK); @ 1.10.2.1 log @Pull up following revision(s) (requested by adrianp in ticket #1878): sys/netipsec/xform_ah.c: revision 1.19 via patch sys/netipsec/ipsec.c: revision 1.34 via patch sys/netipsec/xform_ipip.c: revision 1.18 via patch sys/netipsec/ipsec_output.c: revision 1.23 via patch sys/netipsec/ipsec_osdep.h: revision 1.21 via patch The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed. Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@@ @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.10 2005/02/26 22:45:13 perry Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.10 2005/02/26 22:45:13 perry Exp $"); d513 3 a515 1 ipo->ip_off &= ~ IP_OFF_CONVERT(IP_DF | IP_MF | IP_OFFMASK); @ 1.9 log @sys/netinet6/ip6_ecn.h is reportedly a FreeBSD-ism; NetBSD has prototypes for the IPv6 ECN ingress/egress functions in sys/netinet/ip_ecn.h, inside an #ifdef INET6 wrapper. So, wrap sys/netipsec ocurrences of #include in #ifdef __FreeBSD__/#endif, until both camps can agree on this teensy little piece of namespace. Affects: ipsec_output.c xform_ah.c xform_esp.c xform_ipip.c @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.8 2004/01/16 11:06:27 scw Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.8 2004/01/16 11:06:27 scw Exp $"); d50 1 a50 1 #include "opt_random_ip_id.h" d489 1 a489 1 #if defined(__NetBSD__) @ 1.9.4.1 log @file xform_ipip.c was added on branch ktrace-lwp on 2004-08-03 10:55:29 +0000 @ text @d1 732 @ 1.9.4.2 log @Sync with HEAD @ text @a0 732 /* $NetBSD: xform_ipip.c,v 1.9.4.1 2004/08/03 10:55:29 skrll Exp $ */ /* $FreeBSD: src/sys/netipsec/xform_ipip.c,v 1.3.2.1 2003/01/24 05:11:36 sam Exp $ */ /* $OpenBSD: ip_ipip.c,v 1.25 2002/06/10 18:04:55 itojun Exp $ */ /* * The authors of this code are John Ioannidis (ji@@tla.org), * Angelos D. Keromytis (kermit@@csd.uch.gr) and * Niels Provos (provos@@physnet.uni-hamburg.de). * * The original version of this code was written by John Ioannidis * for BSD/OS in Athens, Greece, in November 1995. * * Ported to OpenBSD and NetBSD, with additional transforms, in December 1996, * by Angelos D. Keromytis. * * Additional transforms and features in 1997 and 1998 by Angelos D. Keromytis * and Niels Provos. * * Additional features in 1999 by Angelos D. Keromytis. * * Copyright (C) 1995, 1996, 1997, 1998, 1999 by John Ioannidis, * Angelos D. Keromytis and Niels Provos. * Copyright (c) 2001, Angelos D. Keromytis. * * Permission to use, copy, and modify this software with or without fee * is hereby granted, provided that this entire notice is included in * all copies of any software which is or includes a copy or * modification of this software. * You may use this code under the GNU public license if you so wish. Please * contribute changes back to the authors under this freer than GPL license * so that we may further the use of strong encryption without limitations to * all. * * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR * PURPOSE. */ #include __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.9.4.1 2004/08/03 10:55:29 skrll Exp $"); /* * IP-inside-IP processing */ #include "opt_inet.h" #ifdef __FreeBSD__ #include "opt_inet6.h" #include "opt_random_ip_id.h" #endif /* __FreeBSD__ */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef __FreeBSD__ #include #endif #include #include #include #ifdef MROUTING #include #endif #ifdef INET6 #include #include # ifdef __FreeBSD__ # include # endif #include #include #endif #include #include #include #include #ifdef __FreeBSD__ typedef void pr_in_input_t (struct mbuf *, int, int); /* XXX FIX THIS */ #else typedef void pr_in_input_t (struct mbuf *m, ...); #endif /* * We can control the acceptance of IP4 packets by altering the sysctl * net.inet.ipip.allow value. Zero means drop them, all else is acceptance. */ int ipip_allow = 0; struct ipipstat ipipstat; #ifdef SYSCTL_DECL SYSCTL_DECL(_net_inet_ipip); SYSCTL_INT(_net_inet_ipip, OID_AUTO, ipip_allow, CTLFLAG_RW, &ipip_allow, 0, ""); SYSCTL_STRUCT(_net_inet_ipip, IPSECCTL_STATS, stats, CTLFLAG_RD, &ipipstat, ipipstat, ""); #endif #ifdef __FreeBSD__ static #endif void ipe4_attach(void); /* XXX IPCOMP */ #define M_IPSEC (M_AUTHIPHDR|M_AUTHIPDGM|M_DECRYPTED) static void _ipip_input(struct mbuf *m, int iphlen, struct ifnet *gifp); #ifdef INET6 /* * Really only a wrapper for ipip_input(), for use with IPv6. */ int ip4_input6(struct mbuf **m, int *offp, int proto) { #if 0 /* If we do not accept IP-in-IP explicitly, drop. */ if (!ipip_allow && ((*m)->m_flags & M_IPSEC) == 0) { DPRINTF(("ip4_input6: dropped due to policy\n")); ipipstat.ipips_pdrops++; m_freem(*m); return IPPROTO_DONE; } #endif _ipip_input(*m, *offp, NULL); return IPPROTO_DONE; } #endif /* INET6 */ #ifdef INET /* * Really only a wrapper for ipip_input(), for use with IPv4. */ void ip4_input(struct mbuf *m, ...) { va_list ap; int iphlen; #if 0 /* If we do not accept IP-in-IP explicitly, drop. */ if (!ipip_allow && (m->m_flags & M_IPSEC) == 0) { DPRINTF(("ip4_input: dropped due to policy\n")); ipipstat.ipips_pdrops++; m_freem(m); return; } #endif va_start(ap, m); iphlen = va_arg(ap, int); va_end(ap); _ipip_input(m, iphlen, NULL); } #endif /* INET */ /* * ipip_input gets called when we receive an IP{46} encapsulated packet, * either because we got it at a real interface, or because AH or ESP * were being used in tunnel mode (in which case the rcvif element will * contain the address of the encX interface associated with the tunnel. */ static void _ipip_input(struct mbuf *m, int iphlen, struct ifnet *gifp) { register struct sockaddr_in *sin; register struct ifnet *ifp; register struct ifaddr *ifa; struct ifqueue *ifq = NULL; struct ip *ipo; #ifdef INET6 register struct sockaddr_in6 *sin6; struct ip6_hdr *ip6 = NULL; u_int8_t itos; #endif u_int8_t nxt; int isr; u_int8_t otos; u_int8_t v; int hlen; ipipstat.ipips_ipackets++; m_copydata(m, 0, 1, &v); switch (v >> 4) { #ifdef INET case 4: hlen = sizeof(struct ip); break; #endif /* INET */ #ifdef INET6 case 6: hlen = sizeof(struct ip6_hdr); break; #endif default: DPRINTF(("_ipip_input: bad protocol version 0x%x (%u) " "for outer header\n", v, v>>4)); ipipstat.ipips_family++; m_freem(m); return /* EAFNOSUPPORT */; } /* Bring the IP header in the first mbuf, if not there already */ if (m->m_len < hlen) { if ((m = m_pullup(m, hlen)) == NULL) { DPRINTF(("ipip_input: m_pullup (1) failed\n")); ipipstat.ipips_hdrops++; return; } } ipo = mtod(m, struct ip *); #ifdef MROUTING if (ipo->ip_v == IPVERSION && ipo->ip_p == IPPROTO_IPV4) { if (IN_MULTICAST(((struct ip *)((char *) ipo + iphlen))->ip_dst.s_addr)) { ipip_mroute_input (m, iphlen); return; } } #endif /* MROUTING */ /* Keep outer ecn field. */ switch (v >> 4) { #ifdef INET case 4: otos = ipo->ip_tos; break; #endif /* INET */ #ifdef INET6 case 6: otos = (ntohl(mtod(m, struct ip6_hdr *)->ip6_flow) >> 20) & 0xff; break; #endif default: panic("ipip_input: unknown ip version %u (outer)", v>>4); } /* Remove outer IP header */ m_adj(m, iphlen); /* Sanity check */ if (m->m_pkthdr.len < sizeof(struct ip)) { ipipstat.ipips_hdrops++; m_freem(m); return; } m_copydata(m, 0, 1, &v); switch (v >> 4) { #ifdef INET case 4: hlen = sizeof(struct ip); break; #endif /* INET */ #ifdef INET6 case 6: hlen = sizeof(struct ip6_hdr); break; #endif default: DPRINTF(("_ipip_input: bad protocol version 0x%x (%u) " "for inner header\n", v, v>>4)); ipipstat.ipips_family++; m_freem(m); return; /* EAFNOSUPPORT */ } /* * Bring the inner IP header in the first mbuf, if not there already. */ if (m->m_len < hlen) { if ((m = m_pullup(m, hlen)) == NULL) { DPRINTF(("ipip_input: m_pullup (2) failed\n")); ipipstat.ipips_hdrops++; return; } } /* * RFC 1853 specifies that the inner TTL should not be touched on * decapsulation. There's no reason this comment should be here, but * this is as good as any a position. */ /* Some sanity checks in the inner IP header */ switch (v >> 4) { #ifdef INET case 4: ipo = mtod(m, struct ip *); nxt = ipo->ip_p; ip_ecn_egress(ip4_ipsec_ecn, &otos, &ipo->ip_tos); break; #endif /* INET */ #ifdef INET6 case 6: ip6 = (struct ip6_hdr *) ipo; nxt = ip6->ip6_nxt; itos = (ntohl(ip6->ip6_flow) >> 20) & 0xff; ip_ecn_egress(ip6_ipsec_ecn, &otos, &itos); ip6->ip6_flow &= ~htonl(0xff << 20); ip6->ip6_flow |= htonl((u_int32_t) itos << 20); break; #endif default: panic("ipip_input: unknown ip version %u (inner)", v>>4); } /* Check for local address spoofing. */ if ((m->m_pkthdr.rcvif == NULL || !(m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK)) && ipip_allow != 2) { for (ifp = ifnet.tqh_first; ifp != 0; ifp = ifp->if_list.tqe_next) { for (ifa = ifp->if_addrlist.tqh_first; ifa != 0; ifa = ifa->ifa_list.tqe_next) { #ifdef INET if (ipo) { if (ifa->ifa_addr->sa_family != AF_INET) continue; sin = (struct sockaddr_in *) ifa->ifa_addr; if (sin->sin_addr.s_addr == ipo->ip_src.s_addr) { ipipstat.ipips_spoof++; m_freem(m); return; } } #endif /* INET */ #ifdef INET6 if (ip6) { if (ifa->ifa_addr->sa_family != AF_INET6) continue; sin6 = (struct sockaddr_in6 *) ifa->ifa_addr; if (IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr, &ip6->ip6_src)) { ipipstat.ipips_spoof++; m_freem(m); return; } } #endif /* INET6 */ } } } /* Statistics */ ipipstat.ipips_ibytes += m->m_pkthdr.len - iphlen; /* * Interface pointer stays the same; if no IPsec processing has * been done (or will be done), this will point to a normal * interface. Otherwise, it'll point to an enc interface, which * will allow a packet filter to distinguish between secure and * untrusted packets. */ switch (v >> 4) { #ifdef INET case 4: ifq = &ipintrq; isr = NETISR_IP; break; #endif #ifdef INET6 case 6: ifq = &ip6intrq; isr = NETISR_IPV6; break; #endif default: panic("ipip_input: should never reach here"); } if (!IF_HANDOFF(ifq, m, NULL)) { ipipstat.ipips_qfull++; DPRINTF(("ipip_input: packet dropped because of full queue\n")); } else { schednetisr(isr); } } int ipip_output( struct mbuf *m, struct ipsecrequest *isr, struct mbuf **mp, int skip, int protoff ) { struct secasvar *sav; u_int8_t tp, otos; struct secasindex *saidx; int error; #ifdef INET u_int8_t itos; struct ip *ipo; #endif /* INET */ #ifdef INET6 struct ip6_hdr *ip6, *ip6o; #endif /* INET6 */ IPSEC_SPLASSERT_SOFTNET("ipip_output"); sav = isr->sav; IPSEC_ASSERT(sav != NULL, ("ipip_output: null SA")); IPSEC_ASSERT(sav->sah != NULL, ("ipip_output: null SAH")); /* XXX Deal with empty TDB source/destination addresses. */ m_copydata(m, 0, 1, &tp); tp = (tp >> 4) & 0xff; /* Get the IP version number. */ saidx = &sav->sah->saidx; switch (saidx->dst.sa.sa_family) { #ifdef INET case AF_INET: if (saidx->src.sa.sa_family != AF_INET || saidx->src.sin.sin_addr.s_addr == INADDR_ANY || saidx->dst.sin.sin_addr.s_addr == INADDR_ANY) { DPRINTF(("ipip_output: unspecified tunnel endpoint " "address in SA %s/%08lx\n", ipsec_address(&saidx->dst), (u_long) ntohl(sav->spi))); ipipstat.ipips_unspec++; error = EINVAL; goto bad; } M_PREPEND(m, sizeof(struct ip), M_DONTWAIT); if (m == 0) { DPRINTF(("ipip_output: M_PREPEND failed\n")); ipipstat.ipips_hdrops++; error = ENOBUFS; goto bad; } ipo = mtod(m, struct ip *); ipo->ip_v = IPVERSION; ipo->ip_hl = 5; ipo->ip_len = htons(m->m_pkthdr.len); ipo->ip_ttl = ip_defttl; ipo->ip_sum = 0; ipo->ip_src = saidx->src.sin.sin_addr; ipo->ip_dst = saidx->dst.sin.sin_addr; #if defined(__NetBSD__) ipo->ip_id = ip_newid(); #elif defined(RANDOM_IP_ID) ipo->ip_id = ip_randomid(); #else ipo->ip_id = htons(ip_id++); #endif /* If the inner protocol is IP... */ if (tp == IPVERSION) { /* Save ECN notification */ m_copydata(m, sizeof(struct ip) + offsetof(struct ip, ip_tos), sizeof(u_int8_t), (caddr_t) &itos); ipo->ip_p = IPPROTO_IPIP; /* * We should be keeping tunnel soft-state and * send back ICMPs if needed. */ m_copydata(m, sizeof(struct ip) + offsetof(struct ip, ip_off), sizeof(u_int16_t), (caddr_t) &ipo->ip_off); ipo->ip_off = ntohs(ipo->ip_off); ipo->ip_off &= ~(IP_DF | IP_MF | IP_OFFMASK); ipo->ip_off = htons(ipo->ip_off); } #ifdef INET6 else if (tp == (IPV6_VERSION >> 4)) { u_int32_t itos32; /* Save ECN notification. */ m_copydata(m, sizeof(struct ip) + offsetof(struct ip6_hdr, ip6_flow), sizeof(u_int32_t), (caddr_t) &itos32); itos = ntohl(itos32) >> 20; ipo->ip_p = IPPROTO_IPV6; ipo->ip_off = 0; } #endif /* INET6 */ else { goto nofamily; } otos = 0; ip_ecn_ingress(ECN_ALLOWED, &otos, &itos); ipo->ip_tos = otos; break; #endif /* INET */ #ifdef INET6 case AF_INET6: if (IN6_IS_ADDR_UNSPECIFIED(&saidx->dst.sin6.sin6_addr) || saidx->src.sa.sa_family != AF_INET6 || IN6_IS_ADDR_UNSPECIFIED(&saidx->src.sin6.sin6_addr)) { DPRINTF(("ipip_output: unspecified tunnel endpoint " "address in SA %s/%08lx\n", ipsec_address(&saidx->dst), (u_long) ntohl(sav->spi))); ipipstat.ipips_unspec++; error = ENOBUFS; goto bad; } /* scoped address handling */ ip6 = mtod(m, struct ip6_hdr *); if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_src)) ip6->ip6_src.s6_addr16[1] = 0; if (IN6_IS_SCOPE_LINKLOCAL(&ip6->ip6_dst)) ip6->ip6_dst.s6_addr16[1] = 0; M_PREPEND(m, sizeof(struct ip6_hdr), M_DONTWAIT); if (m == 0) { DPRINTF(("ipip_output: M_PREPEND failed\n")); ipipstat.ipips_hdrops++; error = ENOBUFS; goto bad; } /* Initialize IPv6 header */ ip6o = mtod(m, struct ip6_hdr *); ip6o->ip6_flow = 0; ip6o->ip6_vfc &= ~IPV6_VERSION_MASK; ip6o->ip6_vfc |= IPV6_VERSION; ip6o->ip6_plen = htons(m->m_pkthdr.len); ip6o->ip6_hlim = ip_defttl; ip6o->ip6_dst = saidx->dst.sin6.sin6_addr; ip6o->ip6_src = saidx->src.sin6.sin6_addr; #ifdef INET if (tp == IPVERSION) { /* Save ECN notification */ m_copydata(m, sizeof(struct ip6_hdr) + offsetof(struct ip, ip_tos), sizeof(u_int8_t), (caddr_t) &itos); /* This is really IPVERSION. */ ip6o->ip6_nxt = IPPROTO_IPIP; } else #endif /* INET */ if (tp == (IPV6_VERSION >> 4)) { u_int32_t itos32; /* Save ECN notification. */ m_copydata(m, sizeof(struct ip6_hdr) + offsetof(struct ip6_hdr, ip6_flow), sizeof(u_int32_t), (caddr_t) &itos32); itos = ntohl(itos32) >> 20; ip6o->ip6_nxt = IPPROTO_IPV6; } else { goto nofamily; } otos = 0; ip_ecn_ingress(ECN_ALLOWED, &otos, &itos); ip6o->ip6_flow |= htonl((u_int32_t) otos << 20); break; #endif /* INET6 */ default: nofamily: DPRINTF(("ipip_output: unsupported protocol family %u\n", saidx->dst.sa.sa_family)); ipipstat.ipips_family++; error = EAFNOSUPPORT; /* XXX diffs from openbsd */ goto bad; } ipipstat.ipips_opackets++; *mp = m; #ifdef INET if (saidx->dst.sa.sa_family == AF_INET) { #if 0 if (sav->tdb_xform->xf_type == XF_IP4) tdb->tdb_cur_bytes += m->m_pkthdr.len - sizeof(struct ip); #endif ipipstat.ipips_obytes += m->m_pkthdr.len - sizeof(struct ip); } #endif /* INET */ #ifdef INET6 if (saidx->dst.sa.sa_family == AF_INET6) { #if 0 if (sav->tdb_xform->xf_type == XF_IP4) tdb->tdb_cur_bytes += m->m_pkthdr.len - sizeof(struct ip6_hdr); #endif ipipstat.ipips_obytes += m->m_pkthdr.len - sizeof(struct ip6_hdr); } #endif /* INET6 */ return 0; bad: if (m) m_freem(m); *mp = NULL; return (error); } #ifdef FAST_IPSEC static int ipe4_init(struct secasvar *sav, struct xformsw *xsp) { sav->tdb_xform = xsp; return 0; } static int ipe4_zeroize(struct secasvar *sav) { sav->tdb_xform = NULL; return 0; } static int ipe4_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) { /* This is a rather serious mistake, so no conditional printing. */ printf("ipe4_input: should never be called\n"); if (m) m_freem(m); return EOPNOTSUPP; } static struct xformsw ipe4_xformsw = { XF_IP4, 0, "IPv4 Simple Encapsulation", ipe4_init, ipe4_zeroize, ipe4_input, ipip_output, }; extern struct domain inetdomain; static struct ipprotosw ipe4_protosw[] = { { SOCK_RAW, &inetdomain, IPPROTO_IPV4, PR_ATOMIC|PR_ADDR|PR_LASTHDR, ip4_input, 0, 0, rip_ctloutput, rip_usrreq, 0, 0, 0, 0, }, #ifdef INET6 { SOCK_RAW, &inetdomain, IPPROTO_IPV6, PR_ATOMIC|PR_ADDR|PR_LASTHDR, ip4_input, 0, 0, rip_ctloutput, rip_usrreq, 0, 0, 0, 0, }, #endif }; /* * Check the encapsulated packet to see if we want it */ static int ipe4_encapcheck(const struct mbuf *m, int off, int proto, void *arg) { /* * Only take packets coming from IPSEC tunnels; the rest * must be handled by the gif tunnel code. Note that we * also return a minimum priority when we want the packet * so any explicit gif tunnels take precedence. */ return ((m->m_flags & M_IPSEC) != 0 ? 1 : 0); } INITFN void ipe4_attach(void) { xform_register(&ipe4_xformsw); /* attach to encapsulation framework */ /* XXX save return cookie for detach on module remove */ (void) encap_attach_func(AF_INET, -1, ipe4_encapcheck, (struct protosw*) &ipe4_protosw[0], NULL); #ifdef INET6 (void) encap_attach_func(AF_INET6, -1, ipe4_encapcheck, (struct protosw*) &ipe4_protosw[1], NULL); #endif } #ifdef SYSINIT SYSINIT(ipe4_xform_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_MIDDLE, ipe4_attach, NULL); #endif #endif /* FAST_IPSEC */ @ 1.9.4.3 log @Sync with HEAD. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.9.4.2 2004/09/18 14:55:32 skrll Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.9.4.2 2004/09/18 14:55:32 skrll Exp $"); @ 1.9.4.4 log @Fix the sync with head I botched. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.9.4.3 2004/09/21 13:37:48 skrll Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.9.4.3 2004/09/21 13:37:48 skrll Exp $"); @ 1.9.4.5 log @Sync with HEAD. Hi Perry! @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.9.4.4 2005/03/04 16:53:44 skrll Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.9.4.4 2005/03/04 16:53:44 skrll Exp $"); d50 1 a50 1 #include "opt_random_ip_id.h" d489 1 a489 1 #if defined(__NetBSD__) @ 1.9.4.6 log @Sync with HEAD. Here we go again... @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.9.4.5 2005/11/10 14:11:35 skrll Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.9.4.5 2005/11/10 14:11:35 skrll Exp $"); d703 1 a703 1 ipe4_encapcheck(struct mbuf *m, int off, int proto, void *arg) @ 1.9.8.1 log @Pull up following revision(s) (requested by adrianp in ticket #11395): sys/netipsec/xform_ah.c: revision 1.19 via patch sys/netipsec/ipsec.c: revision 1.34 via patch sys/netipsec/xform_ipip.c: revision 1.18 via patch sys/netipsec/ipsec_output.c: revision 1.23 via patch sys/netipsec/ipsec_osdep.h: revision 1.21 via patch The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed. Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@@ @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.9 2004/03/17 00:21:43 jonathan Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.9 2004/03/17 00:21:43 jonathan Exp $"); d513 3 a515 1 ipo->ip_off &= ~ IP_OFF_CONVERT(IP_DF | IP_MF | IP_OFFMASK); @ 1.9.2.1 log @Pull up following revision(s) (requested by adrianp in ticket #11395): sys/netipsec/xform_ah.c: revision 1.19 via patch sys/netipsec/ipsec.c: revision 1.34 via patch sys/netipsec/xform_ipip.c: revision 1.18 via patch sys/netipsec/ipsec_output.c: revision 1.23 via patch sys/netipsec/ipsec_osdep.h: revision 1.21 via patch The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed. Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@@ @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.9 2004/03/17 00:21:43 jonathan Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.9 2004/03/17 00:21:43 jonathan Exp $"); d513 3 a515 1 ipo->ip_off &= ~ IP_OFF_CONVERT(IP_DF | IP_MF | IP_OFFMASK); @ 1.9.16.1 log @Pull up following revision(s) (requested by adrianp in ticket #11395): sys/netipsec/xform_ah.c: revision 1.19 via patch sys/netipsec/ipsec.c: revision 1.34 via patch sys/netipsec/xform_ipip.c: revision 1.18 via patch sys/netipsec/ipsec_output.c: revision 1.23 via patch sys/netipsec/ipsec_osdep.h: revision 1.21 via patch The function ipsec4_get_ulp assumes that ip_off is in host order. This results in IPsec processing that is dependent on protocol and/or port can be bypassed. Bug report, analysis and initial fix from Karl Knutsson. Final patch and ok from degroote@@ @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.9 2004/03/17 00:21:43 jonathan Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.9 2004/03/17 00:21:43 jonathan Exp $"); d513 3 a515 1 ipo->ip_off &= ~ IP_OFF_CONVERT(IP_DF | IP_MF | IP_OFFMASK); @ 1.9.10.1 log @sync with -current @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.10 2005/02/26 22:45:13 perry Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.10 2005/02/26 22:45:13 perry Exp $"); d50 1 a50 1 #include "opt_random_ip_id.h" d489 1 a489 1 #if defined(__NetBSD__) @ 1.9.12.1 log @sync with head. xen and whitespace. xen part is not finished. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.9 2004/03/17 00:21:43 jonathan Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.9 2004/03/17 00:21:43 jonathan Exp $"); d50 1 a50 1 #include "opt_random_ip_id.h" d489 1 a489 1 #if defined(__NetBSD__) @ 1.8 log @Fix ipip_output() to always set *mp to NULL on failure, even if 'm' is NULL, otherwise ipsec4_process_packet() may try to m_freem() a bad pointer. In ipsec4_process_packet(), don't try to m_freem() 'm' twice; ipip_output() already did it. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.7 2003/11/17 21:34:27 jonathan Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.7 2003/11/17 21:34:27 jonathan Exp $"); d89 3 a91 1 #include @ 1.7 log @Revert the (default) ip_id algorithm to the pre-randomid algorithm, due to demonstrated low-period repeated IDs from the randomized IP_id code. Consensus is that the low-period repetition (much less than 2^15) is not suitable for general-purpose use. Allocators of new IPv4 IDs should now call the function ip_newid(). Randomized IP_ids is now a config-time option, "options RANDOM_IP_ID". ip_newid() can use ip_random-id()_IP_ID if and only if configured with RANDOM_IP_ID. A sysctl knob should be provided. This API may be reworked in the near future to support linear ip_id counters per (src,dst) IP-address pair. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.6 2003/11/14 07:15:28 jonathan Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.6 2003/11/14 07:15:28 jonathan Exp $"); a562 1 *mp = NULL; d646 2 a647 1 m_freem(m), *mp = NULL; @ 1.6 log @Use ip_randomid(), dependent on either __NetBSD__ preprocessor token or FreeBSD RANDOM_IP_ID config option. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.5 2003/10/06 22:05:15 tls Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.5 2003/10/06 22:05:15 tls Exp $"); d487 3 a489 1 #if defined(__NetBSD__) || defined(RANDOM_IP_ID) @ 1.5 log @Reversion of "netkey merge", part 2 (replacement of removed files in the repository by christos was part 1). netipsec should now be back as it was on 2003-09-11, with some very minor changes: 1) Some residual platform-dependent code was moved from ipsec.h to ipsec_osdep.h; without this, IPSEC_ASSERT() was multiply defined. ipsec.h now includes ipsec_osdep.h 2) itojun's renaming of netipsec/files.ipsec to netipsec/files.netipsec has been left in place (it's arguable which name is less confusing but the rename is pretty harmless). 3) Some #endif TOKEN has been replaced by #endif /* TOKEN */; #endif TOKEN is invalid and GCC 3 won't compile it. An i386 kernel with "options FAST_IPSEC" and "options OPENCRYPTO" now gets through "make depend" but fails to build with errors in ip_input.c. But it's better than it was (thank heaven for small favors). @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.2 2003/08/20 22:33:41 jonathan Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.2 2003/08/20 22:33:41 jonathan Exp $"); d487 1 a487 1 #ifdef RANDOM_IP_ID @ 1.4 log @merge netipsec/key* into netkey/key*. no need for both. change confusing filename @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.3 2003/09/12 11:09:31 itojun Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.3 2003/09/12 11:09:31 itojun Exp $"); d94 2 a95 2 #include #include d487 5 a491 1 ipo->ip_id = htons(ip_randomid()); @ 1.3 log @use ip_randomid @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.2 2003/08/20 22:33:41 jonathan Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.2 2003/08/20 22:33:41 jonathan Exp $"); d94 2 a95 2 #include #include @ 1.2 log @opt_inet6.h is FreeBSD-specific, so wrap it with #ifdef __FreeBSD__/#endif. @ text @d1 1 a1 1 /* $NetBSD: xform_ipip.c,v 1.1 2003/08/13 20:06:52 jonathan Exp $ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD: xform_ipip.c,v 1.1 2003/08/13 20:06:52 jonathan Exp $"); d487 1 a487 5 #ifdef RANDOM_IP_ID ipo->ip_id = ip_randomid(); #else ipo->ip_id = htons(ip_id++); #endif @ 1.1 log @Initial import of Sam Leffler's `Fast-IPsec' from FreeBSD 4. Fast-IPsec is a rework of the OpenBSD and KAME IPsec code, using the OpenCryptoFramework (and thus hardware crypto accelerators) and numerous detailed performance improvements. This import is (aside from SPL-level names) the FreeBSD source, imported ``as-is'' as a historical snapshot, for future maintenance and comparison against the FreeBSD source. For now, several minor kernel-API differences are hidden by macros a shim file, ipsec_osdep.h, which (aside from SPL names) can be targeted at either NetBSD or FreeBSD. @ text @d1 1 a1 1 /* $NetBSD:$ */ d42 1 a42 1 __KERNEL_RCSID(0, "$NetBSD:$"); d48 1 a49 1 #ifdef __FreeBSD__ @