cmhi
/
f-stack
mirror of https://github.com/F-Stack/f-stack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Netgraph and ipfw for FreeBSD 13.0.

This commit is contained in:
fengbojiang 2021-10-12 18:59:42 +08:00
parent fae6b93557
commit da4b496cab
4 changed files with 273 additions and 248 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
freebsd/netpfil/ipfw/ip_fw2.c
View File

@ -609,7 +609,9 @@ ipfw_send_abort(struct mbuf *replyto, struct ipfw_flow_id *id, u_int32_t vtag,
} }
chunk->chunk_length = htons(sizeof(struct sctp_chunkhdr)); chunk->chunk_length = htons(sizeof(struct sctp_chunkhdr));
#ifndef FSTACK /* Not support sctp now */
sctp->checksum = sctp_calculate_cksum(m, hlen); sctp->checksum = sctp_calculate_cksum(m, hlen);
#endif
return (m); return (m);
} }
@ -3444,7 +3446,9 @@ vnet_ipfw_init(const void *unused)
#ifdef LINEAR_SKIPTO #ifdef LINEAR_SKIPTO
ipfw_init_skipto_cache(chain); ipfw_init_skipto_cache(chain);
#endif #endif
#ifndef FSTACK /* WITHOUT_BPF */
ipfw_bpf_init(first); ipfw_bpf_init(first);
#endif
/* First set up some values that are compile time options */ /* First set up some values that are compile time options */
V_ipfw_vnet_ready = 1; /* Open for business */ V_ipfw_vnet_ready = 1; /* Open for business */
@ -3514,7 +3518,9 @@ vnet_ipfw_uninit(const void *unused)
IPFW_LOCK_DESTROY(chain); IPFW_LOCK_DESTROY(chain);
ipfw_dyn_uninit(1); /* free the remaining parts */ ipfw_dyn_uninit(1); /* free the remaining parts */
ipfw_destroy_counters(); ipfw_destroy_counters();
#ifndef FSTACK /* WITHOUT_BPF */
ipfw_bpf_uninit(last); ipfw_bpf_uninit(last);
#endif
return (0); return (0);
} }

2
freebsd/netpfil/ipfw/ip_fw_log.c
View File

@ -106,6 +106,7 @@ ipfw_log(struct ip_fw_chain *chain, struct ip_fw *f, u_int hlen,
char action2[92], proto[128], fragment[32]; char action2[92], proto[128], fragment[32];
if (V_fw_verbose == 0) { if (V_fw_verbose == 0) {
#ifndef FSTACK /* WITHOUT_BPF */
if (args->flags & IPFW_ARGS_LENMASK) if (args->flags & IPFW_ARGS_LENMASK)
ipfw_bpf_tap(args->mem, IPFW_ARGS_LENGTH(args->flags)); ipfw_bpf_tap(args->mem, IPFW_ARGS_LENGTH(args->flags));
else if (args->flags & IPFW_ARGS_ETHER) else if (args->flags & IPFW_ARGS_ETHER)
@ -126,6 +127,7 @@ ipfw_log(struct ip_fw_chain *chain, struct ip_fw *f, u_int hlen,
ipfw_bpf_mtap2("DDDDDDSSSSSS\xff\xff", ipfw_bpf_mtap2("DDDDDDSSSSSS\xff\xff",
ETHER_HDR_LEN, args->m); ETHER_HDR_LEN, args->m);
} }
#endif
return; return;
} }
/* the old 'log' function */ /* the old 'log' function */

6
freebsd/sys/random.h
View File

@ -109,6 +109,7 @@ _Static_assert(ENTROPYSOURCE <= 32,
#define RANDOM_CACHED_BOOT_ENTROPY_MODULE "boot_entropy_cache" #define RANDOM_CACHED_BOOT_ENTROPY_MODULE "boot_entropy_cache"
#ifndef FSTACK
extern u_int hc_source_mask; extern u_int hc_source_mask;
void random_harvest_queue_(const void *, u_int, enum random_entropy_source); void random_harvest_queue_(const void *, u_int, enum random_entropy_source);
void random_harvest_fast_(const void *, u_int); void random_harvest_fast_(const void *, u_int);
@ -137,6 +138,11 @@ random_harvest_direct(const void *entropy, u_int size, enum random_entropy_sourc
if (hc_source_mask & (1 << origin)) if (hc_source_mask & (1 << origin))
random_harvest_direct_(entropy, size, origin); random_harvest_direct_(entropy, size, origin);
} }
#else
#define random_harvest_queue(a, b, c) do {} while (0)
#define random_harvest_fast(a, b, c) do {} while (0)
#define random_harvest_direct(a, b, c) do {} while (0)
#endif
void random_harvest_register_source(enum random_entropy_source); void random_harvest_register_source(enum random_entropy_source);
void random_harvest_deregister_source(enum random_entropy_source); void random_harvest_deregister_source(enum random_entropy_source);

53
lib/ff_ng_base.c
View File

@ -55,6 +55,7 @@
#include <sys/malloc.h> #include <sys/malloc.h>
#include <sys/mbuf.h> #include <sys/mbuf.h>
#include <sys/proc.h> #include <sys/proc.h>
#include <sys/epoch.h>
#include <sys/queue.h> #include <sys/queue.h>
#include <sys/refcount.h> #include <sys/refcount.h>
#include <sys/rwlock.h> #include <sys/rwlock.h>
@ -179,12 +180,12 @@ static struct rwlock ng_typelist_lock;
/* Hash related definitions. */ /* Hash related definitions. */
LIST_HEAD(nodehash, ng_node); LIST_HEAD(nodehash, ng_node);
static VNET_DEFINE(struct nodehash *, ng_ID_hash); VNET_DEFINE_STATIC(struct nodehash *, ng_ID_hash);
static VNET_DEFINE(u_long, ng_ID_hmask); VNET_DEFINE_STATIC(u_long, ng_ID_hmask);
static VNET_DEFINE(u_long, ng_nodes); VNET_DEFINE_STATIC(u_long, ng_nodes);
static VNET_DEFINE(struct nodehash *, ng_name_hash); VNET_DEFINE_STATIC(struct nodehash *, ng_name_hash);
static VNET_DEFINE(u_long, ng_name_hmask); VNET_DEFINE_STATIC(u_long, ng_name_hmask);
static VNET_DEFINE(u_long, ng_named_nodes); VNET_DEFINE_STATIC(u_long, ng_named_nodes);
#define V_ng_ID_hash VNET(ng_ID_hash) #define V_ng_ID_hash VNET(ng_ID_hash)
#define V_ng_ID_hmask VNET(ng_ID_hmask) #define V_ng_ID_hmask VNET(ng_ID_hmask)
#define V_ng_nodes VNET(ng_nodes) #define V_ng_nodes VNET(ng_nodes)
@ -381,7 +382,7 @@ ng_alloc_node(void)
#define TRAP_ERROR() #define TRAP_ERROR()
#endif #endif
static VNET_DEFINE(ng_ID_t, nextID) = 1; VNET_DEFINE_STATIC(ng_ID_t, nextID) = 1;
#define V_nextID VNET(nextID) #define V_nextID VNET(nextID)
#ifdef INVARIANTS #ifdef INVARIANTS
@ -1185,7 +1186,7 @@ ng_destroy_hook(hook_p hook)
/* /*
* Set the peer to point to ng_deadhook * Set the peer to point to ng_deadhook
* from this moment on we are effectively independent it. * from this moment on we are effectively independent it.
* send it an rmhook message of it's own. * send it an rmhook message of its own.
*/ */
peer->hk_peer = &ng_deadhook; /* They no longer know us */ peer->hk_peer = &ng_deadhook; /* They no longer know us */
hook->hk_peer = &ng_deadhook; /* Nor us, them */ hook->hk_peer = &ng_deadhook; /* Nor us, them */
@ -1582,7 +1583,6 @@ ng_mkpeer(node_p node, const char *name, const char *name2, char *type)
if ((error == 0) && hook2->hk_node->nd_type->connect) { if ((error == 0) && hook2->hk_node->nd_type->connect) {
error = (*hook2->hk_node->nd_type->connect) (hook2); error = (*hook2->hk_node->nd_type->connect) (hook2);
} }
/* /*
@ -2685,7 +2685,7 @@ ng_generic_msg(node_p here, item_p item, hook_p lasthook)
IDHASH_RLOCK(); IDHASH_RLOCK();
/* Get response struct. */ /* Get response struct. */
NG_MKRESPONSE(resp, msg, sizeof(*nl) + NG_MKRESPONSE(resp, msg, sizeof(*nl) +
(V_ng_nodes * sizeof(struct nodeinfo)), M_NOWAIT | M_ZERO); (V_ng_nodes * sizeof(struct nodeinfo)), M_NOWAIT);
if (resp == NULL) { if (resp == NULL) {
IDHASH_RUNLOCK(); IDHASH_RUNLOCK();
error = ENOMEM; error = ENOMEM;
@ -3029,7 +3029,7 @@ void
ng_free_item(item_p item) ng_free_item(item_p item)
{ {
/* /*
* The item may hold resources on it's own. We need to free * The item may hold resources on its own. We need to free
* these before we can free the item. What they are depends upon * these before we can free the item. What they are depends upon
* what kind of item it is. it is important that nodes zero * what kind of item it is. it is important that nodes zero
* out pointers to resources that they remove from the item * out pointers to resources that they remove from the item
@ -3190,12 +3190,10 @@ vnet_netgraph_uninit(const void *unused __unused)
/* Attempt to kill it only if it is a regular node */ /* Attempt to kill it only if it is a regular node */
if (node != NULL) { if (node != NULL) {
if (node == last_killed) { if (node == last_killed) {
/* This should never happen */
printf("ng node %s needs NGF_REALLY_DIE\n",
node->nd_name);
if (node->nd_flags & NGF_REALLY_DIE) if (node->nd_flags & NGF_REALLY_DIE)
panic("ng node %s won't die", panic("ng node %s won't die",
node->nd_name); node->nd_name);
/* The node persisted itself. Try again. */
node->nd_flags |= NGF_REALLY_DIE; node->nd_flags |= NGF_REALLY_DIE;
} }
ng_rmnode(node, NULL, NULL, 0); ng_rmnode(node, NULL, NULL, 0);
@ -3277,7 +3275,8 @@ static moduledata_t netgraph_mod = {
(NULL) (NULL)
}; };
DECLARE_MODULE(netgraph, netgraph_mod, SI_SUB_NETGRAPH, SI_ORDER_FIRST); DECLARE_MODULE(netgraph, netgraph_mod, SI_SUB_NETGRAPH, SI_ORDER_FIRST);
SYSCTL_NODE(_net, OID_AUTO, graph, CTLFLAG_RW, 0, "netgraph Family"); SYSCTL_NODE(_net, OID_AUTO, graph, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
"netgraph Family");
SYSCTL_INT(_net_graph, OID_AUTO, abi_version, CTLFLAG_RD, SYSCTL_NULL_INT_PTR, NG_ABI_VERSION,""); SYSCTL_INT(_net_graph, OID_AUTO, abi_version, CTLFLAG_RD, SYSCTL_NULL_INT_PTR, NG_ABI_VERSION,"");
SYSCTL_INT(_net_graph, OID_AUTO, msg_version, CTLFLAG_RD, SYSCTL_NULL_INT_PTR, NG_VERSION, ""); SYSCTL_INT(_net_graph, OID_AUTO, msg_version, CTLFLAG_RD, SYSCTL_NULL_INT_PTR, NG_VERSION, "");
@ -3411,8 +3410,10 @@ sysctl_debug_ng_dump_items(SYSCTL_HANDLER_ARGS)
return (0); return (0);
} }
SYSCTL_PROC(_debug, OID_AUTO, ng_dump_items, CTLTYPE_INT | CTLFLAG_RW, SYSCTL_PROC(_debug, OID_AUTO, ng_dump_items,
0, sizeof(int), sysctl_debug_ng_dump_items, "I", "Number of allocated items"); CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_NEEDGIANT, 0, sizeof(int),
sysctl_debug_ng_dump_items, "I",
"Number of allocated items");
#endif /* NETGRAPH_DEBUG */ #endif /* NETGRAPH_DEBUG */
#ifndef FSTACK #ifndef FSTACK
@ -3427,6 +3428,7 @@ static void
ngthread(void *arg) ngthread(void *arg)
{ {
for (;;) { for (;;) {
struct epoch_tracker et;
node_p node; node_p node;
/* Get node from the worklist. */ /* Get node from the worklist. */
@ -3447,6 +3449,7 @@ ngthread(void *arg)
* that lets us be sure that the node still exists. * that lets us be sure that the node still exists.
* Let the reference go at the last minute. * Let the reference go at the last minute.
*/ */
NET_EPOCH_ENTER(et);
for (;;) { for (;;) {
item_p item; item_p item;
int rw; int rw;
@ -3464,6 +3467,7 @@ ngthread(void *arg)
NG_NODE_UNREF(node); NG_NODE_UNREF(node);
} }
} }
NET_EPOCH_EXIT(et);
NG_NODE_UNREF(node); NG_NODE_UNREF(node);
CURVNET_RESTORE(); CURVNET_RESTORE();
} }
@ -3607,7 +3611,7 @@ ng_address_hook(node_p here, item_p item, hook_p hook, ng_ID_t retaddr)
ITEM_DEBUG_CHECKS; ITEM_DEBUG_CHECKS;
/* /*
* Quick sanity check.. * Quick sanity check..
* Since a hook holds a reference on it's node, once we know * Since a hook holds a reference on its node, once we know
* that the peer is still connected (even if invalid,) we know * that the peer is still connected (even if invalid,) we know
* that the peer node is present, though maybe invalid. * that the peer node is present, though maybe invalid.
*/ */
@ -3798,11 +3802,14 @@ ng_send_fn2(node_p node, hook_p hook, item_p pitem, ng_item_fn2 *fn, void *arg1,
static void static void
ng_callout_trampoline(void *arg) ng_callout_trampoline(void *arg)
{ {
struct epoch_tracker et;
item_p item = arg; item_p item = arg;
NET_EPOCH_ENTER(et);
CURVNET_SET(NGI_NODE(item)->nd_vnet); CURVNET_SET(NGI_NODE(item)->nd_vnet);
ng_snd_item(item, 0); ng_snd_item(item, 0);
CURVNET_RESTORE(); CURVNET_RESTORE();
NET_EPOCH_EXIT(et);
} }
int int
@ -3831,7 +3838,7 @@ ng_callout(struct callout *c, node_p node, hook_p hook, int ticks,
return (0); return (0);
} }
/* A special modified version of untimeout() */ /* A special modified version of callout_stop() */
int int
ng_uncallout(struct callout *c, node_p node) ng_uncallout(struct callout *c, node_p node)
{ {
@ -3845,7 +3852,7 @@ ng_uncallout(struct callout *c, node_p node)
item = c->c_arg; item = c->c_arg;
/* Do an extra check */ /* Do an extra check */
if ((rval > 0) && (c->c_func == &ng_callout_trampoline) && if ((rval > 0) && (c->c_func == &ng_callout_trampoline) &&
(NGI_NODE(item) == node)) { (item != NULL) && (NGI_NODE(item) == node)) {
/* /*
* We successfully removed it from the queue before it ran * We successfully removed it from the queue before it ran
* So now we need to unreference everything that was * So now we need to unreference everything that was
@ -3855,7 +3862,11 @@ ng_uncallout(struct callout *c, node_p node)
} }
c->c_arg = NULL; c->c_arg = NULL;
return (rval); /*
* Callers only want to know if the callout was cancelled and
* not draining or stopped.
*/
return (rval > 0);
} }
/* /*