Up to [local] / src / sys / net
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.35 / (download) - annotate - [select for diffs], Sat Dec 23 10:52:54 2023 UTC (5 months, 2 weeks ago) by bluhm
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
HEAD
Changes since 1.34: +2 -1 lines
Diff to previous 1.34 (colored)
Backout always allocate per-CPU statistics counters for network interface descriptor. It panics during attach of em(4) device at boot.
Revision 1.34 / (download) - annotate - [select for diffs], Fri Dec 22 23:01:50 2023 UTC (5 months, 2 weeks ago) by mvs
Branch: MAIN
Changes since 1.33: +1 -2 lines
Diff to previous 1.33 (colored)
Always allocate per-CPU statistics counters for network interface descriptor. We have the mess in network interface statistics. Only pseudo drivers do per-CPU counters allocation, all other network devices use the old `if_data'. The network stack partially uses per-CPU counters and partially use `if_data', but the protection is inconsistent: some times counters accessed with exclusive netlock, some times with shared netlock, some times with kernel lock, but without netlock, some times with another locks. To make network interfaces statistics more consistent, always allocate per-CPU counters at interface attachment time and use it instead of `if_data'. At this step only move counters allocation to the if_attach() internals. The `if_data' removal will be performed with the following diffs to make review and tests easier. ok bluhm
Revision 1.33 / (download) - annotate - [select for diffs], Tue May 16 14:32:54 2023 UTC (12 months, 3 weeks ago) by jan
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.32: +2 -2 lines
Diff to previous 1.32 (colored)
Use separate IFCAPs for LRO and TSO. This diff introduces separate capabilities for TCP offloading. We split this into LRO (large receive offloading) and TSO (TCP segmentation offloading). LRO can be turned on/off via tcprecvoffload option of ifconfig and is not inherited to sub interfaces. TSO is inherited by sub interfaces to signal this hardware offloading capability to the network stack. With tweaks from bluhm, claudio and dlg ok bluhm, claudio
Revision 1.32 / (download) - annotate - [select for diffs], Mon Feb 27 09:35:32 2023 UTC (15 months, 1 week ago) by jan
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.31: +3 -1 lines
Diff to previous 1.31 (colored)
Turn off TSO if interface is added to layer 2 devices. ok bluhm@, claudio@
Revision 1.31 / (download) - annotate - [select for diffs], Wed Jul 7 20:19:01 2021 UTC (2 years, 11 months ago) by sashan
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.30: +39 -6 lines
Diff to previous 1.30 (colored)
tell ether_input() to call pf_test() outside of smr_read sections, because smr_read sections don't play well with sleeping locks in pf(4). OK bluhm@
Revision 1.30 / (download) - annotate - [select for diffs], Wed Jun 2 01:37:10 2021 UTC (3 years ago) by dlg
Branch: MAIN
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)
only read the if_bpf pointer once.
Revision 1.29 / (download) - annotate - [select for diffs], Wed Jun 2 01:36:10 2021 UTC (3 years ago) by dlg
Branch: MAIN
Changes since 1.28: +15 -17 lines
Diff to previous 1.28 (colored)
tpmr_input is called in an smr crit section, so it doesnt need its own. this simplifies the code a little bit.
Revision 1.28 / (download) - annotate - [select for diffs], Wed Jun 2 01:30:30 2021 UTC (3 years ago) by dlg
Branch: MAIN
Changes since 1.27: +8 -6 lines
Diff to previous 1.27 (colored)
read the tpmr if_flags once in tpmr_input so link flags apply consistently. this avoids IFF_LINK1 getting set by another cpu halfway through tpmr_input. if LINK1 is not set when a packet enters a tpmr pair it skips ip/pf checks, but if it is then set then only pf is run against it. this way you either get the ip checks and pf when the packet enters and leaves tpmr, or you dont get the ip and pf checks at all.
Revision 1.27 / (download) - annotate - [select for diffs], Wed Jun 2 00:44:18 2021 UTC (3 years ago) by dlg
Branch: MAIN
Changes since 1.26: +32 -9 lines
Diff to previous 1.26 (colored)
use ipv4_check and ipv6_check to well, check ip headers before running pf. unlike bridge(4), these checks are only run when the packet is entering the veb/tpmr topology. the assumption is that only valid IP packets end up inside the topology so we don't have to check them when they're leaving. ok bluhm@ sashan@
Revision 1.26 / (download) - annotate - [select for diffs], Thu May 27 03:46:15 2021 UTC (3 years ago) by dlg
Branch: MAIN
Changes since 1.25: +3 -1 lines
Diff to previous 1.25 (colored)
ajacoutot says i missed copying some bits from bridge for divert-to.
Revision 1.25 / (download) - annotate - [select for diffs], Wed May 26 06:44:28 2021 UTC (3 years ago) by dlg
Branch: MAIN
Changes since 1.24: +11 -1 lines
Diff to previous 1.24 (colored)
add support for pf divert-to on tpmr, like what was done for veb(4). when a divert-to rule applies to a packet, pf doesnt take the packet away and shove it in the socket directly. pf marks the packet, and then ip (or ipv6) input processing looks at the mark and picks the local socket to queue it on. because tpmr operates at layer 2, ip input has no chance to look at the packet and let the divert socket steal it. bridge(4) and now veb(4) handle this by checking if the packet has the pf divert to mark set on it and calls ip input if it's set. this copies the semantic to tpmr.
Revision 1.24 / (download) - annotate - [select for diffs], Fri Mar 5 06:44:09 2021 UTC (3 years, 3 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.23: +4 -12 lines
Diff to previous 1.23 (colored)
pass the uint64_t dst ethernet address from ether_input to bridges. tested on amd64 and sparc64.
Revision 1.23 / (download) - annotate - [select for diffs], Fri Feb 26 02:09:45 2021 UTC (3 years, 3 months ago) by dlg
Branch: MAIN
Changes since 1.22: +5 -9 lines
Diff to previous 1.22 (colored)
tpmr can use the eth64 bits too.
Revision 1.22 / (download) - annotate - [select for diffs], Tue Jan 19 07:31:05 2021 UTC (3 years, 4 months ago) by mvs
Branch: MAIN
Changes since 1.21: +7 -11 lines
Diff to previous 1.21 (colored)
tpmr(4): convert ifunit() to if_unit(9) ok dlg@
Revision 1.21 / (download) - annotate - [select for diffs], Sat Dec 12 00:39:07 2020 UTC (3 years, 5 months ago) by dlg
Branch: MAIN
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)
call if_enqueue() to send a packet, not a member ports (*ifp->if_enqueue) the latter is too clever, and nothing else does it.
Revision 1.20 / (download) - annotate - [select for diffs], Fri Aug 21 22:59:27 2020 UTC (3 years, 9 months ago) by kn
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.19: +1 -2 lines
Diff to previous 1.19 (colored)
Leave default ifq_maxlen handling to ifq_init() Most clonable interface drivers (except bridge, enc, loop, pppx, switch, trunk and vlan) initialise the send queue's length to IFQ_MAXLEN during *_clone_create() even though ifq_init(), which is eventually called through if_attach(), does the same. Remove all early "ifq_set_maxlen(&ifq->if_snd, IFQ_MAXLEN);" lines to leave it to ifq_init() and have clonable drivers a tad more in sync. OK mvs
Revision 1.19 / (download) - annotate - [select for diffs], Wed Jul 29 12:07:58 2020 UTC (3 years, 10 months ago) by kn
Branch: MAIN
Changes since 1.18: +1 -5 lines
Diff to previous 1.18 (colored)
Remove SIOCSIFADDR It serves no purpose and is deprecated as per netintro(4). ifconfig(8) output improves as well: # ifconfig tpmr0 inet6 2001:db8::1 -ifconfig: SIOCAIFADDR: Address family not supported by protocol family +ifconfig: SIOCAIFADDR: Inappropriate ioctl for device OK dlg
Revision 1.18 / (download) - annotate - [select for diffs], Tue Jul 28 07:41:19 2020 UTC (3 years, 10 months ago) by kn
Branch: MAIN
Changes since 1.17: +51 -0 lines
Diff to previous 1.17 (colored)
Implement SIOCBRDGIFS, provide SIOCBRDGGRL stub Required for ifconfig(8) to print tpmr(4) members in bridge fashion. When copying out members, merely fill in the interface names and set IFBIF_SPAN such that ifconfig rightfully assumes no member does STP. As with switch(4), there are no rules but ifconfig requires an ioctl stub. Feedback OK dlg
Revision 1.17 / (download) - annotate - [select for diffs], Fri Jul 24 03:20:50 2020 UTC (3 years, 10 months ago) by kn
Branch: MAIN
Changes since 1.16: +1 -16 lines
Diff to previous 1.16 (colored)
Remove lacpmode and lacptimeout bits ifconfig(8) commands "lacptimeout 1" and "lacpmode active" error out with "ifconfig: Invalid option for trunk: tpmr0"; tpmr(4) has no mode or config, so these ioctls are inappropiate in the first place. Remove SIOCSTRUNKOPTS, SIOCGTRUNKOPTS stubs and now unused <net/if_trunk.h>. OK dlg
Revision 1.16 / (download) - annotate - [select for diffs], Fri Jul 24 00:45:40 2020 UTC (3 years, 10 months ago) by kn
Branch: MAIN
Changes since 1.15: +1 -35 lines
Diff to previous 1.15 (colored)
Remove trunkdev bits ifconfig(8) prints "trunk: trunkdev tpmrN" for member interfaces, which is misleading as tpmr(4) is being completed into a bridge-like interface. Remove SIOCGTRUNKPORT so tpmr(4) does not report members as trunk devices (next diff will implement SIOCBRDGIFS). OK dlg
Revision 1.15 / (download) - annotate - [select for diffs], Fri Jul 24 00:43:09 2020 UTC (3 years, 10 months ago) by kn
Branch: MAIN
Changes since 1.14: +1 -72 lines
Diff to previous 1.14 (colored)
Remove trunkproto bits ifconfig(8) prints "trunk: trunkproto none" for tpmr(4) which is useless as there is no configurable protocol in the first place. Remove SIOCSTRUNK and SIOCGTRUNK which were just simple stubs anyway. OK dlg
Revision 1.14 / (download) - annotate - [select for diffs], Wed Jul 22 04:08:46 2020 UTC (3 years, 10 months ago) by dlg
Branch: MAIN
Changes since 1.13: +22 -1 lines
Diff to previous 1.13 (colored)
filter vlan and svlan packets by default.
Revision 1.13 / (download) - annotate - [select for diffs], Wed Jul 22 02:43:06 2020 UTC (3 years, 10 months ago) by kn
Branch: MAIN
Changes since 1.12: +12 -11 lines
Diff to previous 1.12 (colored)
Change tpmr(4) from ifconfig [-]trunkport to add|del synopsis Unlike aggr(4) and trunk(4) for link aggregation, tpmr(4) bridges links similar to bridge(4) and switch(4), yet its ioctl(2) interface is that of an an aggregating interface. Change SIOCSTRUNKPORT and SIOCSTRUNKDELPORT to SIOCBRDGADD and SIOCBRDGDEL respectively and speak about members rather than ports in the manual to make ifconfig(8) accept "add" and "del" commands as expected. Status ioctls will follow such that "ifconfig tpmr" gets fixed accordingly. Discussed with dlg after mentioning the lack of aggr(4) and tpmr(4) documentation in ifconfig(8) which will follow as well after code cleanup. Feedback OK dlg
Revision 1.12 / (download) - annotate - [select for diffs], Wed Jul 22 00:48:29 2020 UTC (3 years, 10 months ago) by dlg
Branch: MAIN
Changes since 1.11: +53 -25 lines
Diff to previous 1.11 (colored)
register tpmr as a bridge port, not an input handler, on member ifaces. this is a step toward making all types of bridges coordinate their use of port interfaces, and is a step toward deprecating the interface input handler lists. it also moves tpmr away from the trunk ioctls it's currently (ab)using. this has been in snaps as part of a larger diff for over a week.
Revision 1.11 / (download) - annotate - [select for diffs], Fri Jul 10 13:26:42 2020 UTC (3 years, 11 months ago) by patrick
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)
Change users of IFQ_SET_MAXLEN() and IFQ_IS_EMPTY() to use the "new" API. ok dlg@ tobhe@
Revision 1.10 / (download) - annotate - [select for diffs], Sun Apr 12 06:56:37 2020 UTC (4 years, 2 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.9: +3 -1 lines
Diff to previous 1.9 (colored)
take NET_LOCK in tpmr_clone_destroy() before calling tpmr_p_dtor() tpmr_p_dtor() calls ifpromisc(), and ifpromisc() callers need to be holding NET_LOCK to make changes to if_flags and if_pcount, and before calling the interfaces ioctl to apply the flag change. found by hrvoje popovski who was testing tpmr with vlan interfaces. vlan(4) asserts that the net lock is held in it's ioctl path, which started this whole bug hunt. ok visa@ (who came up with a similar diff, which hrvoje tested)
Revision 1.9 / (download) - annotate - [select for diffs], Sat Apr 11 11:01:03 2020 UTC (4 years, 2 months ago) by dlg
Branch: MAIN
Changes since 1.8: +2 -2 lines
Diff to previous 1.8 (colored)
log() lines need \n too.
Revision 1.8 / (download) - annotate - [select for diffs], Sun Nov 10 10:03:28 2019 UTC (4 years, 7 months ago) by dlg
Branch: MAIN
Changes since 1.7: +8 -8 lines
Diff to previous 1.7 (colored)
whitespace tweaks, no functional change.
Revision 1.7 / (download) - annotate - [select for diffs], Thu Nov 7 08:07:17 2019 UTC (4 years, 7 months ago) by dlg
Branch: MAIN
Changes since 1.6: +4 -4 lines
Diff to previous 1.6 (colored)
move the port destructor calls in clone destroy back out of NET_LOCK. it's no longer necessary to hold NET_LOCK to call interface hook adds or dels now, but it is necessary not to hold NET_LOCK when calling some barrier functions. found by hrvoje popovski
Revision 1.6 / (download) - annotate - [select for diffs], Thu Nov 7 07:36:32 2019 UTC (4 years, 7 months ago) by dlg
Branch: MAIN
Changes since 1.5: +6 -5 lines
Diff to previous 1.5 (colored)
turn the linkstate hooks into a task list, like the detach hooks. this is largely mechanical, except for carp. this moves the addition of the carp link state hook after we're committed to using the new interface as a carpdev. because the add can't fail, we avoid a complicated unwind dance. also, this tweaks the carp linkstate hook so it only updates the relevant carp interface, not all of the carpdevs on the parent. hrvoje popovski has tested an early version of this diff and it's generally ok, but there's some splasserts that this diff fires that i'll fix in an upcoming diff. ok claudio@
Revision 1.5 / (download) - annotate - [select for diffs], Wed Nov 6 03:51:26 2019 UTC (4 years, 7 months ago) by dlg
Branch: MAIN
Changes since 1.4: +8 -8 lines
Diff to previous 1.4 (colored)
replace the hooks used with if_detachhooks with a task list. the main semantic change is that things registering detach hooks have to allocate and set a task structure that then gets added to the list. this means if the task is allocated up front (eg, as part of carps softc or bridges port structure), it avoids the possibility that adding a hook can fail. a lot of drivers weren't checking for failure, and unwinding state in the event of failure in other parts was error prone. while doing this i discovered that the list operations have to be in a particular order, but drivers weren't doing that consistently either. this diff wraps the list ops up so you have to seriously go out of your way to screw them up. ive also sprinkled some NET_ASSERT_LOCKED around the list operations so we can make sure there's no potential for the list to be corrupted, especially while it's being run. hrvoje popovski has tested this a bit, and some issues he discovered have been fixed. ok sashan@
Revision 1.4 / (download) - annotate - [select for diffs], Thu Sep 12 02:02:54 2019 UTC (4 years, 9 months ago) by dlg
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.3: +3 -1 lines
Diff to previous 1.3 (colored)
pf_test can return PF_PASS, but set the mbuf to NULL. check for this like every other caller to pf_test so we don't go on to pass NULL to m_prepend. that causes a fault. chris@ gave me an excellent bug report. -msave-args is pretty great.
Revision 1.3 / (download) - annotate - [select for diffs], Mon Aug 5 03:56:31 2019 UTC (4 years, 10 months ago) by dlg
Branch: MAIN
Changes since 1.2: +63 -4 lines
Diff to previous 1.2 (colored)
run pf against ip packets coming in and out of the two ports. the idea and a good chunk of the implementation is copied from bridge(4). note that IP packets inside "service delimited" traffic, ie, vlan, svlan, or bpe encapsulated traffic, are not considered IP and will therefore not be given to pf to look at. if you want to filter that you'll need to configure vlan/svlan/bpe interfaces to get past their headers, and then configure them with their own tpmrs. hopefully the interface input handlers were established in the right order.
Revision 1.2 / (download) - annotate - [select for diffs], Mon Aug 5 01:55:38 2019 UTC (4 years, 10 months ago) by dlg
Branch: MAIN
Changes since 1.1: +34 -1 lines
Diff to previous 1.1 (colored)
pay some lip service to TPMR compliance according to 802.1Q-2018 the spec says we should filter packets destined to a list of ethernet addresses. im currently interpreting "filter" as meaning dropping, which this diff does. however, one of the addresses to filter is the one lacp uses by default and not a lot of lacp implementations (read switches) support the configuration of a different address. i still need lacp to go over tpmr, and because i can't change the address, this diff also has a way to configure tpmr to still allow the packets through.
Revision 1.1 / (download) - annotate - [select for diffs], Thu Aug 1 03:05:46 2019 UTC (4 years, 10 months ago) by dlg
Branch: MAIN
add tpmr(4), a quick and dirty 802.1Q Two-Port MAC Relay implementation a TPMR is a simplified brigde (as supported by bridge(4)). it only supports two ports, and unconditionally forwards frames between them. this is unlike a real bridge which can support an arbitrary number of ports and implements a learning algorithm. i needed this to tunnel LACP between switches in a couple of data centers separated by an IP network. because bridge(4) implements an actual 802.1Q bridge, it eats packets that are supposed to be sent between bridges, such as spanning tree and LACP. TPMR according to the spec does a lot less of this, and is in fact documented in the spec as being able to support transport of LACP frames. tpmr(4) is actually a lot dumber and current does no filtering (except what you can do with BPF). because the forwarding path in tpmr(4) is so short and simple, it is relatively fast and can be used to isolate and help improve the relative performance of some parts of the system. i also have plans to use this for monitoring traffic without processing it. tpmr(4) implements the trunk(4) ioctls for managing configuration. the ifconfig output for trunk interfaces is a bit shorter and needs a lot less stuff faked to be useful. inside the kernel it appears as an IFT_BRIDGE interface (like bridge(4)). it generally just drops stuff unless it's between the ports it's managing. this has been in production at my work for a few days between some physical nics and etherip(4), and so far it has been really solid. hrvoje popovski has kicked the tyres too, but more from a performance point of view. ok claudio@ deraadt@