Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-5]: src/sys pullup from main trunc (approved by releng-1-5)
details: https://anonhg.NetBSD.org/src/rev/410730a08c4a
branches: netbsd-1-5
changeset: 488592:410730a08c4a
user: itojun <itojun%NetBSD.org@localhost>
date: Thu Jul 20 00:07:04 2000 +0000
description:
pullup from main trunc (approved by releng-1-5)
- add protection mechanism against ND cache corruption due to bad NUD hints.
this is part of:
sys/netinet/icmp6.h 1.9 -> 1.10
sys/netinet/tcp_input.c 1.111 -> 1.112
sys/netinet6/icmp6.c 1.34 -> 1.35
sys/netinet6/nd6.c 1.30 -> 1.31
sys/netinet6/nd6.h 1.14 -> 1.15
diffstat:
sys/netinet/icmp6.h | 12 +++++++++---
sys/netinet/tcp_input.c | 5 +++--
sys/netinet6/icmp6.c | 5 ++++-
sys/netinet6/nd6.c | 49 ++++++++++++++++++++++++++++++-------------------
sys/netinet6/nd6.h | 8 +++++---
5 files changed, 51 insertions(+), 28 deletions(-)
diffs (264 lines):
diff -r bbbaefdd1e19 -r 410730a08c4a sys/netinet/icmp6.h
--- a/sys/netinet/icmp6.h Wed Jul 19 19:22:36 2000 +0000
+++ b/sys/netinet/icmp6.h Thu Jul 20 00:07:04 2000 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: icmp6.h,v 1.9 2000/06/12 16:21:02 itojun Exp $ */
-/* $KAME: icmp6.h,v 1.17 2000/06/11 17:23:40 jinmei Exp $ */
+/* $NetBSD: icmp6.h,v 1.9.2.1 2000/07/20 00:07:04 itojun Exp $ */
+/* $KAME: icmp6.h,v 1.18 2000/07/03 02:51:08 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -555,7 +555,11 @@
#define ICMPV6CTL_ND6_USELOOPBACK 11
/*#define ICMPV6CTL_ND6_PROXYALL 12 obsoleted, do not reuse here */
#define ICMPV6CTL_NODEINFO 13
-#define ICMPV6CTL_MAXID 14
+#if 0 /*notyet*/
+#define ICMPV6CTL_ERRPPSLIMIT 14 /* ICMPv6 error pps limitation */
+#endif
+#define ICMPV6CTL_ND6_MAXNUDHINT 15
+#define ICMPV6CTL_MAXID 16
#define ICMPV6CTL_NAMES { \
{ 0, 0 }, \
@@ -572,6 +576,8 @@
{ "nd6_useloopback", CTLTYPE_INT }, \
{ 0, 0 }, \
{ "nodeinfo", CTLTYPE_INT }, \
+ { 0, 0 }, \
+ { "nd6_maxnudhint", CTLTYPE_INT }, \
}
#define RTF_PROBEMTU RTF_PROTO1
diff -r bbbaefdd1e19 -r 410730a08c4a sys/netinet/tcp_input.c
--- a/sys/netinet/tcp_input.c Wed Jul 19 19:22:36 2000 +0000
+++ b/sys/netinet/tcp_input.c Thu Jul 20 00:07:04 2000 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: tcp_input.c,v 1.108.4.2 2000/07/16 01:27:13 itojun Exp $ */
+/* $NetBSD: tcp_input.c,v 1.108.4.3 2000/07/20 00:07:04 itojun Exp $ */
/*
%%% portions-copyright-nrl-95
@@ -154,6 +154,7 @@
#include <netinet/in.h>
#endif
#include <netinet/ip6.h>
+#include <netinet6/ip6_var.h>
#include <netinet6/in6_pcb.h>
#include <netinet6/ip6_var.h>
#include <netinet6/in6_var.h>
@@ -206,7 +207,7 @@
do { \
if (tp && tp->t_in6pcb && tp->t_family == AF_INET6 \
&& tp->t_in6pcb->in6p_route.ro_rt) { \
- nd6_nud_hint(tp->t_in6pcb->in6p_route.ro_rt, NULL); \
+ nd6_nud_hint(tp->t_in6pcb->in6p_route.ro_rt, NULL, 0); \
} \
} while (0)
#else
diff -r bbbaefdd1e19 -r 410730a08c4a sys/netinet6/icmp6.c
--- a/sys/netinet6/icmp6.c Wed Jul 19 19:22:36 2000 +0000
+++ b/sys/netinet6/icmp6.c Thu Jul 20 00:07:04 2000 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: icmp6.c,v 1.33 2000/06/13 17:31:37 itojun Exp $ */
+/* $NetBSD: icmp6.c,v 1.33.2.1 2000/07/20 00:07:05 itojun Exp $ */
/* $KAME: icmp6.c,v 1.113 2000/06/12 09:24:41 itojun Exp $ */
/*
@@ -2607,6 +2607,9 @@
&nd6_useloopback);
case ICMPV6CTL_NODEINFO:
return sysctl_int(oldp, oldlenp, newp, newlen, &icmp6_nodeinfo);
+ case ICMPV6CTL_ND6_MAXNUDHINT:
+ return sysctl_int(oldp, oldlenp, newp, newlen,
+ &nd6_maxnudhint);
default:
return ENOPROTOOPT;
}
diff -r bbbaefdd1e19 -r 410730a08c4a sys/netinet6/nd6.c
--- a/sys/netinet6/nd6.c Wed Jul 19 19:22:36 2000 +0000
+++ b/sys/netinet6/nd6.c Thu Jul 20 00:07:04 2000 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: nd6.c,v 1.30 2000/05/19 01:40:19 itojun Exp $ */
-/* $KAME: nd6.c,v 1.63 2000/05/17 12:35:59 jinmei Exp $ */
+/* $NetBSD: nd6.c,v 1.30.4.1 2000/07/20 00:07:05 itojun Exp $ */
+/* $KAME: nd6.c,v 1.68 2000/07/02 14:48:02 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -91,6 +91,8 @@
/* preventing too many loops in ND option parsing */
int nd6_maxndopt = 10; /* max # of ND options allowed */
+int nd6_maxnudhint = 0; /* max # of subsequent upper layer hints */
+
/* for debugging? */
static int nd6_inuse, nd6_allocated;
@@ -225,8 +227,7 @@
*/
if (in6_maxmtu < ndi->linkmtu)
in6_maxmtu = ndi->linkmtu;
- }
- else
+ } else
in6_setmaxmtu();
}
}
@@ -467,8 +468,7 @@
nd6_ns_output(ifp, &dst->sin6_addr,
&dst->sin6_addr,
ln, 0);
- }
- else
+ } else
ln->ln_state = ND6_LLINFO_STALE; /* XXX */
break;
case ND6_LLINFO_PROBE:
@@ -497,8 +497,9 @@
t = TAILQ_NEXT(dr, dr_entry);
defrtrlist_del(dr);
dr = t;
- } else
+ } else {
dr = TAILQ_NEXT(dr, dr_entry);
+ }
}
pr = nd_prefix.lh_first;
while (pr) {
@@ -709,8 +710,7 @@
(struct llinfo_nd6 *)rt->rt_llinfo;
ln->ln_state = ND6_LLINFO_NOSTATE;
}
- }
- else
+ } else
return(NULL);
}
rt->rt_refcnt--;
@@ -875,9 +875,10 @@
* XXX cost-effective metods?
*/
void
-nd6_nud_hint(rt, dst6)
+nd6_nud_hint(rt, dst6, force)
struct rtentry *rt;
struct in6_addr *dst6;
+ int force;
{
struct llinfo_nd6 *ln;
long time_second = time.tv_sec;
@@ -893,11 +894,10 @@
return;
}
- if ((rt->rt_flags & RTF_GATEWAY)
- || (rt->rt_flags & RTF_LLINFO) == 0
- || !rt->rt_llinfo
- || !rt->rt_gateway
- || rt->rt_gateway->sa_family != AF_LINK) {
+ if ((rt->rt_flags & RTF_GATEWAY) != 0 ||
+ (rt->rt_flags & RTF_LLINFO) == 0 ||
+ !rt->rt_llinfo || !rt->rt_gateway ||
+ rt->rt_gateway->sa_family != AF_LINK) {
/* This is not a host route. */
return;
}
@@ -906,6 +906,16 @@
if (ln->ln_state < ND6_LLINFO_REACHABLE)
return;
+ /*
+ * if we get upper-layer reachability confirmation many times,
+ * it is possible we have false information.
+ */
+ if (!force) {
+ ln->ln_byhint++;
+ if (ln->ln_byhint > nd6_maxnudhint)
+ return;
+ }
+
ln->ln_state = ND6_LLINFO_REACHABLE;
if (ln->ln_expire)
ln->ln_expire = time_second +
@@ -1127,6 +1137,7 @@
* which is specified by ndp command.
*/
ln->ln_state = ND6_LLINFO_REACHABLE;
+ ln->ln_byhint = 0;
} else {
/*
* When req == RTM_RESOLVE, rt is created and
@@ -1151,6 +1162,7 @@
caddr_t macp = nd6_ifptomac(ifp);
ln->ln_expire = 0;
ln->ln_state = ND6_LLINFO_REACHABLE;
+ ln->ln_byhint = 0;
if (macp) {
Bcopy(macp, LLADDR(SDL(gate)), ifp->if_addrlen);
SDL(gate)->sdl_alen = ifp->if_addrlen;
@@ -1174,6 +1186,7 @@
} else if (rt->rt_flags & RTF_ANNOUNCE) {
ln->ln_expire = 0;
ln->ln_state = ND6_LLINFO_REACHABLE;
+ ln->ln_byhint = 0;
/* join solicited node multicast for proxy ND */
if (ifp->if_flags & IFF_MULTICAST) {
@@ -1313,8 +1326,7 @@
if (IN6_IS_ADDR_LINKLOCAL(&drl->defrouter[i].rtaddr)) {
/* XXX: need to this hack for KAME stack */
drl->defrouter[i].rtaddr.s6_addr16[1] = 0;
- }
- else
+ } else
log(LOG_ERR,
"default router list contains a "
"non-linklocal address(%s)\n",
@@ -1359,8 +1371,7 @@
if (IN6_IS_ADDR_LINKLOCAL(&RTRADDR)) {
/* XXX: hack for KAME */
RTRADDR.s6_addr16[1] = 0;
- }
- else
+ } else
log(LOG_ERR,
"a router(%s) advertises "
"a prefix with "
diff -r bbbaefdd1e19 -r 410730a08c4a sys/netinet6/nd6.h
--- a/sys/netinet6/nd6.h Wed Jul 19 19:22:36 2000 +0000
+++ b/sys/netinet6/nd6.h Thu Jul 20 00:07:04 2000 +0000
@@ -1,5 +1,5 @@
-/* $NetBSD: nd6.h,v 1.14 2000/05/19 01:40:19 itojun Exp $ */
-/* $KAME: nd6.h,v 1.21 2000/05/17 12:35:59 jinmei Exp $ */
+/* $NetBSD: nd6.h,v 1.14.4.1 2000/07/20 00:07:05 itojun Exp $ */
+/* $KAME: nd6.h,v 1.23 2000/06/04 12:54:57 itojun Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -50,6 +50,7 @@
u_long ln_expire; /* lifetime for NDP state transition */
short ln_state; /* reachability state */
short ln_router; /* 2^0: ND6 router bit */
+ int ln_byhint; /* # of times we made it reachable by UL hint */
};
#define ND6_LLINFO_NOSTATE -2
@@ -231,6 +232,7 @@
extern int nd6_umaxtries;
extern int nd6_mmaxtries;
extern int nd6_useloopback;
+extern int nd6_maxnudhint;
extern struct llinfo_nd6 llinfo_nd6;
extern struct nd_ifinfo *nd_ifinfo;
extern struct nd_drhead nd_defrouter;
@@ -279,7 +281,7 @@
void nd6_timer __P((void *));
void nd6_purge __P((struct ifnet *));
void nd6_free __P((struct rtentry *));
-void nd6_nud_hint __P((struct rtentry *, struct in6_addr *));
+void nd6_nud_hint __P((struct rtentry *, struct in6_addr *, int));
int nd6_resolve __P((struct ifnet *, struct rtentry *,
struct mbuf *, struct sockaddr *, u_char *));
void nd6_rtrequest __P((int, struct rtentry *, struct sockaddr *));
Home |
Main Index |
Thread Index |
Old Index