Netgraph and ipfw for FreeBSD 13.0.

This commit is contained in:
fengbojiang 2021-10-12 18:59:42 +08:00
parent 992d05d4ec
commit 8640edf1d9
4 changed files with 273 additions and 248 deletions

View File

@ -609,7 +609,9 @@ ipfw_send_abort(struct mbuf *replyto, struct ipfw_flow_id *id, u_int32_t vtag,
}
chunk->chunk_length = htons(sizeof(struct sctp_chunkhdr));
#ifndef FSTACK /* Not support sctp now */
sctp->checksum = sctp_calculate_cksum(m, hlen);
#endif
return (m);
}
@ -3444,7 +3446,9 @@ vnet_ipfw_init(const void *unused)
#ifdef LINEAR_SKIPTO
ipfw_init_skipto_cache(chain);
#endif
#ifndef FSTACK /* WITHOUT_BPF */
ipfw_bpf_init(first);
#endif
/* First set up some values that are compile time options */
V_ipfw_vnet_ready = 1; /* Open for business */
@ -3514,7 +3518,9 @@ vnet_ipfw_uninit(const void *unused)
IPFW_LOCK_DESTROY(chain);
ipfw_dyn_uninit(1); /* free the remaining parts */
ipfw_destroy_counters();
#ifndef FSTACK /* WITHOUT_BPF */
ipfw_bpf_uninit(last);
#endif
return (0);
}

View File

@ -106,6 +106,7 @@ ipfw_log(struct ip_fw_chain *chain, struct ip_fw *f, u_int hlen,
char action2[92], proto[128], fragment[32];
if (V_fw_verbose == 0) {
#ifndef FSTACK /* WITHOUT_BPF */
if (args->flags & IPFW_ARGS_LENMASK)
ipfw_bpf_tap(args->mem, IPFW_ARGS_LENGTH(args->flags));
else if (args->flags & IPFW_ARGS_ETHER)
@ -126,6 +127,7 @@ ipfw_log(struct ip_fw_chain *chain, struct ip_fw *f, u_int hlen,
ipfw_bpf_mtap2("DDDDDDSSSSSS\xff\xff",
ETHER_HDR_LEN, args->m);
}
#endif
return;
}
/* the old 'log' function */

View File

@ -109,6 +109,7 @@ _Static_assert(ENTROPYSOURCE <= 32,
#define RANDOM_CACHED_BOOT_ENTROPY_MODULE "boot_entropy_cache"
#ifndef FSTACK
extern u_int hc_source_mask;
void random_harvest_queue_(const void *, u_int, enum random_entropy_source);
void random_harvest_fast_(const void *, u_int);
@ -137,6 +138,11 @@ random_harvest_direct(const void *entropy, u_int size, enum random_entropy_sourc
if (hc_source_mask & (1 << origin))
random_harvest_direct_(entropy, size, origin);
}
#else
#define random_harvest_queue(a, b, c) do {} while (0)
#define random_harvest_fast(a, b, c) do {} while (0)
#define random_harvest_direct(a, b, c) do {} while (0)
#endif
void random_harvest_register_source(enum random_entropy_source);
void random_harvest_deregister_source(enum random_entropy_source);

View File

@ -55,6 +55,7 @@
#include <sys/malloc.h>
#include <sys/mbuf.h>
#include <sys/proc.h>
#include <sys/epoch.h>
#include <sys/queue.h>
#include <sys/refcount.h>
#include <sys/rwlock.h>
@ -179,12 +180,12 @@ static struct rwlock ng_typelist_lock;
/* Hash related definitions. */
LIST_HEAD(nodehash, ng_node);
static VNET_DEFINE(struct nodehash *, ng_ID_hash);
static VNET_DEFINE(u_long, ng_ID_hmask);
static VNET_DEFINE(u_long, ng_nodes);
static VNET_DEFINE(struct nodehash *, ng_name_hash);
static VNET_DEFINE(u_long, ng_name_hmask);
static VNET_DEFINE(u_long, ng_named_nodes);
VNET_DEFINE_STATIC(struct nodehash *, ng_ID_hash);
VNET_DEFINE_STATIC(u_long, ng_ID_hmask);
VNET_DEFINE_STATIC(u_long, ng_nodes);
VNET_DEFINE_STATIC(struct nodehash *, ng_name_hash);
VNET_DEFINE_STATIC(u_long, ng_name_hmask);
VNET_DEFINE_STATIC(u_long, ng_named_nodes);
#define V_ng_ID_hash VNET(ng_ID_hash)
#define V_ng_ID_hmask VNET(ng_ID_hmask)
#define V_ng_nodes VNET(ng_nodes)
@ -381,7 +382,7 @@ ng_alloc_node(void)
#define TRAP_ERROR()
#endif
static VNET_DEFINE(ng_ID_t, nextID) = 1;
VNET_DEFINE_STATIC(ng_ID_t, nextID) = 1;
#define V_nextID VNET(nextID)
#ifdef INVARIANTS
@ -1185,7 +1186,7 @@ ng_destroy_hook(hook_p hook)
/*
* Set the peer to point to ng_deadhook
* from this moment on we are effectively independent it.
* send it an rmhook message of it's own.
* send it an rmhook message of its own.
*/
peer->hk_peer = &ng_deadhook; /* They no longer know us */
hook->hk_peer = &ng_deadhook; /* Nor us, them */
@ -1582,7 +1583,6 @@ ng_mkpeer(node_p node, const char *name, const char *name2, char *type)
if ((error == 0) && hook2->hk_node->nd_type->connect) {
error = (*hook2->hk_node->nd_type->connect) (hook2);
}
/*
@ -2685,7 +2685,7 @@ ng_generic_msg(node_p here, item_p item, hook_p lasthook)
IDHASH_RLOCK();
/* Get response struct. */
NG_MKRESPONSE(resp, msg, sizeof(*nl) +
(V_ng_nodes * sizeof(struct nodeinfo)), M_NOWAIT | M_ZERO);
(V_ng_nodes * sizeof(struct nodeinfo)), M_NOWAIT);
if (resp == NULL) {
IDHASH_RUNLOCK();
error = ENOMEM;
@ -3029,7 +3029,7 @@ void
ng_free_item(item_p item)
{
/*
* The item may hold resources on it's own. We need to free
* The item may hold resources on its own. We need to free
* these before we can free the item. What they are depends upon
* what kind of item it is. it is important that nodes zero
* out pointers to resources that they remove from the item
@ -3190,12 +3190,10 @@ vnet_netgraph_uninit(const void *unused __unused)
/* Attempt to kill it only if it is a regular node */
if (node != NULL) {
if (node == last_killed) {
/* This should never happen */
printf("ng node %s needs NGF_REALLY_DIE\n",
node->nd_name);
if (node->nd_flags & NGF_REALLY_DIE)
panic("ng node %s won't die",
node->nd_name);
/* The node persisted itself. Try again. */
node->nd_flags |= NGF_REALLY_DIE;
}
ng_rmnode(node, NULL, NULL, 0);
@ -3277,7 +3275,8 @@ static moduledata_t netgraph_mod = {
(NULL)
};
DECLARE_MODULE(netgraph, netgraph_mod, SI_SUB_NETGRAPH, SI_ORDER_FIRST);
SYSCTL_NODE(_net, OID_AUTO, graph, CTLFLAG_RW, 0, "netgraph Family");
SYSCTL_NODE(_net, OID_AUTO, graph, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
"netgraph Family");
SYSCTL_INT(_net_graph, OID_AUTO, abi_version, CTLFLAG_RD, SYSCTL_NULL_INT_PTR, NG_ABI_VERSION,"");
SYSCTL_INT(_net_graph, OID_AUTO, msg_version, CTLFLAG_RD, SYSCTL_NULL_INT_PTR, NG_VERSION, "");
@ -3411,8 +3410,10 @@ sysctl_debug_ng_dump_items(SYSCTL_HANDLER_ARGS)
return (0);
}
SYSCTL_PROC(_debug, OID_AUTO, ng_dump_items, CTLTYPE_INT | CTLFLAG_RW,
0, sizeof(int), sysctl_debug_ng_dump_items, "I", "Number of allocated items");
SYSCTL_PROC(_debug, OID_AUTO, ng_dump_items,
CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, 0, sizeof(int),
sysctl_debug_ng_dump_items, "I",
"Number of allocated items");
#endif /* NETGRAPH_DEBUG */
#ifndef FSTACK
@ -3427,6 +3428,7 @@ static void
ngthread(void *arg)
{
for (;;) {
struct epoch_tracker et;
node_p node;
/* Get node from the worklist. */
@ -3447,6 +3449,7 @@ ngthread(void *arg)
* that lets us be sure that the node still exists.
* Let the reference go at the last minute.
*/
NET_EPOCH_ENTER(et);
for (;;) {
item_p item;
int rw;
@ -3464,6 +3467,7 @@ ngthread(void *arg)
NG_NODE_UNREF(node);
}
}
NET_EPOCH_EXIT(et);
NG_NODE_UNREF(node);
CURVNET_RESTORE();
}
@ -3607,7 +3611,7 @@ ng_address_hook(node_p here, item_p item, hook_p hook, ng_ID_t retaddr)
ITEM_DEBUG_CHECKS;
/*
* Quick sanity check..
* Since a hook holds a reference on it's node, once we know
* Since a hook holds a reference on its node, once we know
* that the peer is still connected (even if invalid,) we know
* that the peer node is present, though maybe invalid.
*/
@ -3798,11 +3802,14 @@ ng_send_fn2(node_p node, hook_p hook, item_p pitem, ng_item_fn2 *fn, void *arg1,
static void
ng_callout_trampoline(void *arg)
{
struct epoch_tracker et;
item_p item = arg;
NET_EPOCH_ENTER(et);
CURVNET_SET(NGI_NODE(item)->nd_vnet);
ng_snd_item(item, 0);
CURVNET_RESTORE();
NET_EPOCH_EXIT(et);
}
int
@ -3831,7 +3838,7 @@ ng_callout(struct callout *c, node_p node, hook_p hook, int ticks,
return (0);
}
/* A special modified version of untimeout() */
/* A special modified version of callout_stop() */
int
ng_uncallout(struct callout *c, node_p node)
{
@ -3845,7 +3852,7 @@ ng_uncallout(struct callout *c, node_p node)
item = c->c_arg;
/* Do an extra check */
if ((rval > 0) && (c->c_func == &ng_callout_trampoline) &&
(NGI_NODE(item) == node)) {
(item != NULL) && (NGI_NODE(item) == node)) {
/*
* We successfully removed it from the queue before it ran
* So now we need to unreference everything that was
@ -3855,7 +3862,11 @@ ng_uncallout(struct callout *c, node_p node)
}
c->c_arg = NULL;
return (rval);
/*
* Callers only want to know if the callout was cancelled and
* not draining or stopped.
*/
return (rval > 0);
}
/*