Home | History | Annotate | Download | only in netinet6
History log of /src/sys/netinet6/in6_l2tp.c
RevisionDateAuthorComments
 1.23  01-Sep-2023  andvar fix typos in comments, mainly s/innner/inner/.
 1.22  07-Dec-2022  knakahara gif(4), ipsec(4) and l2tp(4) use encap_attach_addr().
 1.21  19-Feb-2021  christos - Make ALIGNED_POINTER use __alignof(t) instead of sizeof(t). This is more
correct because it works with non-primitive types and provides the ABI
alignment for the type the compiler will use.
- Remove all the *_HDR_ALIGNMENT macros and asserts
- Replace POINTER_ALIGNED_P with ACCESSIBLE_POINTER which is identical to
ALIGNED_POINTER, but returns that the pointer is always aligned if the
CPU supports unaligned accesses.
[ as proposed in tech-kern ]
 1.20  14-Feb-2021  christos - centralize header align and pullup into a single inline function
- use a single macro to align pointers and expose the alignment, instead
of hard-coding 3 in 1/2 the macros.
- fix an issue in the ipv6 lt2p where it was aligning for ipv4 and pulling
for ipv6.
 1.19  29-Jan-2020  thorpej branches: 1.19.6;
Adopt <net/if_stats.h>.
 1.18  19-Sep-2019  knakahara branches: 1.18.2;
Avoid having a rtcache directly in a percpu storage for tunnel protocols.

percpu(9) has a certain memory storage for each CPU and provides it by the piece
to users. If the storages went short, percpu(9) enlarges them by allocating new
larger memory areas, replacing old ones with them and destroying the old ones.
A percpu storage referenced by a pointer gotten via percpu_getref can be
destroyed by the mechanism after a running thread sleeps even if percpu_putref
has not been called.

Using rtcache, i.e., packet processing, typically involves sleepable operations
such as rwlock so we must avoid dereferencing a rtcache that is directly stored
in a percpu storage during packet processing. Address this situation by having
just a pointer to a rtcache in a percpu storage instead.

Reviewed by ozaki-r@ and yamaguchi@
 1.17  03-Sep-2018  knakahara branches: 1.17.4;
fix: l2tp(4) cannot receive packets after reset session without reset tunnel. Pointed out by k-goda@IIJ

When the following operations are done after established session, the l2tp0
cannot receive packets until done deletetunnel && tunnel "src" "dst".
 1.16  21-Jun-2018  knakahara branches: 1.16.2;
sbappendaddr() is required any lock. Currently, softnet_lock is appropriate.

When rip_input() is called as inetsw[].pr_input, rip_iput() is always called
with holding softnet_lock, that is, in case of !defined(NET_MPSAFE) it is
acquired in ipintr(), otherwise(defined(NET_MPSAFE)) it is acquire in
PR_WRAP_INPUT macro.
However, some function calls rip_input() directly without holding softnet_lock.
That causes assertion failure in sbappendaddr().
rip6_input() and icmp6_rip6_input() are also required softnet_lock for the same
reason.
 1.15  27-Apr-2018  knakahara Fix LOCKDEBUG kernel panic when many(about 200) tunnel interfaces is created.

The tunnel interfaces are gif(4), l2tp(4), and ipsecif(4). They use mutex
itself in percpu area. When percpu_cpu_enlarge() run, the address of the
mutex in percpu area becomes different from the address which lockdebug
saved. That can cause "already initialized" false detection.
 1.14  26-Jan-2018  maxv branches: 1.14.2;
Several fixes in L2TP:

* l2tp_input(): use m_copydata, and ensure there is enough space in the
chain. Otherwise overflow.

* l2tp_tcpmss_clamp(): ensure there is enough space in the chain.

* in_l2tp_output(): don't check 'sc' against NULL, it can't be NULL.

* in_l2tp_input(): no need to call m_pullup since we use m_copydata.
Just check the space in the chain.

* in_l2tp_input(): if there is a cookie, make sure the chain has enough
space.

* in6_l2tp_input(): same changes as in_l2tp_input().

Ok knakahara@
 1.13  25-Jan-2018  maxv Style, reduce the indentation level when possible, and add a missing NULL
check after M_PREPEND.
 1.12  18-Dec-2017  knakahara fix mbuf leaks. pointed out and suggested by kre@n.o, thanks.
 1.11  18-Dec-2017  knakahara backout wrong fix again, sorry.
 1.10  15-Dec-2017  knakahara Fix pullup'ed mbuf leaks. The match function just requires enough mbuf length.

XXX need pullup-8
 1.9  15-Dec-2017  knakahara backout wrong fix as it causes atf net/ipsec/t_ipsec_l2tp failures.
 1.8  11-Dec-2017  knakahara fix pullup'ed mbuf leaks. pointed out by maxv@n.o, thanks.

XXX need pullup-8
 1.7  15-Nov-2017  knakahara branches: 1.7.2;
Add argument to encapsw->pr_input() instead of m_tag.
 1.6  11-Jul-2017  knakahara branches: 1.6.4;
l2tp(4): fix mbuf leak when tunnel nested over the limit

XXX need pullup -8 branch
 1.5  04-Apr-2017  knakahara branches: 1.5.4; 1.5.8;
fix module build
 1.4  04-Apr-2017  sevan Revert change to allow builds to continue until the missing vlan.h file is committed.
https://mail-index.netbsd.org/source-changes/2017/04/04/msg083283.html
 1.3  04-Apr-2017  knakahara remove unnecessary if_vlanvar.h. add missing include "vlan.h".

pointed out by s-yamaguchi@IIJ, thanks.
 1.2  30-Mar-2017  knakahara remove duplicated validation. That is already done in l2tp_lookup_session_ref().

pointed out by s-yamaguchi@IIJ, thanks.
 1.1  16-Feb-2017  knakahara branches: 1.1.2;
add missing files.
 1.1.2.3  26-Apr-2017  pgoyette Sync with HEAD
 1.1.2.2  20-Mar-2017  pgoyette Sync with HEAD
 1.1.2.1  16-Feb-2017  pgoyette file in6_l2tp.c was added on branch pgoyette-localcount on 2017-03-20 06:57:51 +0000
 1.5.8.8  24-Sep-2019  martin Pull up following revision(s) (requested by knakahara in ticket #1385):

sys/net/if.c 1.461
sys/net/if.h 1.277
sys/net/if_gif.c 1.149
sys/net/if_gif.h 1.33
sys/net/if_ipsec.c 1.19,1.20,1.24
sys/net/if_ipsec.h 1.5
sys/net/if_l2tp.c 1.33,1.36-1.39
sys/net/if_l2tp.h 1.7,1.8
sys/net/route.c 1.220,1.221
sys/net/route.h 1.125
sys/netinet/in_gif.c 1.95
sys/netinet/in_l2tp.c 1.17
sys/netinet/ip_input.c 1.391,1.392
sys/netinet/wqinput.c 1.6
sys/netinet6/in6_gif.c 1.94
sys/netinet6/in6_l2tp.c 1.18
sys/netinet6/ip6_forward.c 1.97
sys/netinet6/ip6_input.c 1.210,1.211
sys/netipsec/ipsec_output.c 1.82,1.83 (patched)
sys/netipsec/ipsecif.c 1.12,1.13,1.15,1.17 (patched)
sys/netipsec/key.c 1.259,1.260

ipsecif(4) support input drop packet counter.

ipsecif(4) should not increment drop counter by errors not related to if_snd. Pointed out by ozaki-r@n.o, thanks.
Remove unnecessary addresses in PF_KEY message.

MOBIKE Extensions for PF_KEY draft-schilcher-mobike-pfkey-extension-01.txt says
 1.5.8.7  10-Sep-2018  martin Pull up following revision(s) (requested by knakahara in ticket #1018):

sys/netinet6/in6_l2tp.c: revision 1.17
sys/netinet/in_l2tp.c: revision 1.16

fix: l2tp(4) cannot receive packets after reset session without reset tunnel. Pointed out by k-goda@IIJ

When the following operations are done after established session, the l2tp0
cannot receive packets until done deletetunnel && tunnel "src" "dst".
 1.5.8.6  13-Jul-2018  martin Pull up following revision(s) via patch (requested by knakahara in ticket #905):

sys/netinet/ip_mroute.c: revision 1.160
sys/netinet6/in6_l2tp.c: revision 1.16
sys/net/if.h: revision 1.263
sys/netinet/in_l2tp.c: revision 1.15
sys/netinet/ip_icmp.c: revision 1.172
sys/netinet/igmp.c: revision 1.68
sys/netinet/ip_encap.c: revision 1.69
sys/netinet6/ip6_mroute.c: revision 1.129

sbappendaddr() is required any lock. Currently, softnet_lock is appropriate.

When rip_input() is called as inetsw[].pr_input, rip_iput() is always called
with holding softnet_lock, that is, in case of !defined(NET_MPSAFE) it is
acquired in ipintr(), otherwise(defined(NET_MPSAFE)) it is acquire in
PR_WRAP_INPUT macro.

However, some function calls rip_input() directly without holding softnet_lock.
That causes assertion failure in sbappendaddr().
rip6_input() and icmp6_rip6_input() are also required softnet_lock for the same
reason.
 1.5.8.5  17-May-2018  martin Pull up following revision(s) (requested by knakahara in ticket #829):

sys/net/if_l2tp.c: revision 1.24
sys/net/if_ipsec.c: revision 1.13
sys/net/if_gif.h: revision 1.31
sys/netipsec/ipsecif.c: revision 1.8
sys/net/if_gif.c: revision 1.140
sys/netinet6/in6_l2tp.c: revision 1.15
sys/net/if_ipsec.h: revision 1.3
sys/netinet6/in6_gif.c: revision 1.92
sys/net/if_l2tp.h: revision 1.5
sys/netinet/in_l2tp.c: revision 1.13
sys/netinet/in_gif.c: revision 1.93

Fix LOCKDEBUG kernel panic when many(about 200) tunnel interfaces is created.

The tunnel interfaces are gif(4), l2tp(4), and ipsecif(4). They use mutex
itself in percpu area. When percpu_cpu_enlarge() run, the address of the
mutex in percpu area becomes different from the address which lockdebug
saved. That can cause "already initialized" false detection.
 1.5.8.4  08-Mar-2018  martin Pull up following revision(s) (requested by knakahara in ticket #614):
sys/net/if_l2tp.c: revision 1.20
sys/netinet6/in6_l2tp.c: revision 1.13
sys/netinet6/in6_l2tp.c: revision 1.14
sys/net/if_l2tp.h: revision 1.3
sys/net/if_l2tp.c: revision 1.13
sys/netinet/in_l2tp.c: revision 1.10
sys/net/if_l2tp.c: revision 1.18
sys/netinet/in_l2tp.c: revision 1.11
sys/net/if_l2tp.c: revision 1.19
sys/netinet/in_l2tp.c: revision 1.12

If if_attach() failed in the attach function, return. Add comments about if_initialize().
suggested by ozaki-r@n.o.

Fix null deref, m could be NULL if M_PREPEND fails.

style

Style, reduce the indentation level when possible, and add a missing NULL
check after M_PREPEND.

Several fixes in L2TP:
* l2tp_input(): use m_copydata, and ensure there is enough space in the
chain. Otherwise overflow.
* l2tp_tcpmss_clamp(): ensure there is enough space in the chain.
* in_l2tp_output(): don't check 'sc' against NULL, it can't be NULL.
* in_l2tp_input(): no need to call m_pullup since we use m_copydata.
Just check the space in the chain.
* in_l2tp_input(): if there is a cookie, make sure the chain has enough
space.
* in6_l2tp_input(): same changes as in_l2tp_input().
Ok knakahara@

Use MH_ALIGN instead, ok knakahara@.
 1.5.8.3  02-Jan-2018  snj Pull up following revision(s) (requested by knakahara in ticket #461):
sys/netinet/in_l2tp.c: revision 1.9
sys/netinet6/in6_l2tp.c: revision 1.12
fix mbuf leaks. pointed out and suggested by kre@n.o, thanks.
 1.5.8.2  10-Dec-2017  snj Pull up following revision(s) (requested by knakahara in ticket #419):
sys/net/if_stf.c: revision 1.103
sys/net/if_stf.h: revision 1.8
sys/netinet/in_gif.c: revision 1.89
sys/netinet/in_gif.h: revision 1.17
sys/netinet/in_l2tp.c: revision 1.4
sys/netinet/ip_encap.c: revision 1.66
sys/netinet/ip_encap.h: revision 1.23
sys/netinet/ip_mroute.c: revision 1.148
sys/netinet6/in6_gif.c: revision 1.87
sys/netinet6/in6_gif.h: revision 1.16
sys/netinet6/in6_l2tp.c: revision 1.7
sys/netipsec/xform.h: revision 1.13
sys/netipsec/xform_ipip.c: revision 1.55
Add argument to encapsw->pr_input() instead of m_tag.
 1.5.8.1  12-Jul-2017  martin Pull up following revision(s) (requested by knakahara in ticket #121):
sys/netinet6/in6_l2tp.c: revision 1.6
sys/netinet/in_l2tp.c: revision 1.3
l2tp(4): fix mbuf leak when tunnel nested over the limit
XXX need pullup -8 branch
 1.5.4.2  21-Apr-2017  bouyer Sync with HEAD
 1.5.4.1  04-Apr-2017  bouyer file in6_l2tp.c was added on branch bouyer-socketcan on 2017-04-21 16:54:06 +0000
 1.6.4.2  28-Aug-2017  skrll Sync with HEAD
 1.6.4.1  11-Jul-2017  skrll file in6_l2tp.c was added on branch nick-nhusb on 2017-08-28 17:53:12 +0000
 1.7.2.2  03-Dec-2017  jdolecek update from HEAD
 1.7.2.1  15-Nov-2017  jdolecek file in6_l2tp.c was added on branch tls-maxphys on 2017-12-03 11:39:04 +0000
 1.14.2.3  06-Sep-2018  pgoyette Sync with HEAD

Resolve a couple of conflicts (result of the uimin/uimax changes)
 1.14.2.2  25-Jun-2018  pgoyette Sync with HEAD
 1.14.2.1  02-May-2018  pgoyette Synch with HEAD
 1.16.2.3  13-Apr-2020  martin Mostly merge changes from HEAD upto 20200411
 1.16.2.2  08-Apr-2020  martin Merge changes from current as of 20200406
 1.16.2.1  10-Jun-2019  christos Sync with HEAD
 1.17.4.1  24-Sep-2019  martin Pull up following revision(s) (requested by ozaki-r in ticket #238):

sys/netipsec/ipsec_output.c: revision 1.83
sys/net/route.h: revision 1.125
sys/netinet6/ip6_input.c: revision 1.210
sys/netinet6/ip6_input.c: revision 1.211
sys/net/if.c: revision 1.461
sys/net/if_gif.h: revision 1.33
sys/net/route.c: revision 1.220
sys/net/route.c: revision 1.221
sys/net/if.h: revision 1.277
sys/netinet6/ip6_forward.c: revision 1.97
sys/netinet/wqinput.c: revision 1.6
sys/net/if_ipsec.h: revision 1.5
sys/netinet6/in6_l2tp.c: revision 1.18
sys/netinet6/in6_gif.c: revision 1.94
sys/net/if_l2tp.h: revision 1.7
sys/net/if_gif.c: revision 1.149
sys/net/if_l2tp.h: revision 1.8
sys/netinet/in_gif.c: revision 1.95
sys/netinet/in_l2tp.c: revision 1.17
sys/netipsec/ipsecif.c: revision 1.17
sys/net/if_ipsec.c: revision 1.24
sys/net/if_l2tp.c: revision 1.37
sys/netinet/ip_input.c: revision 1.391
sys/net/if_l2tp.c: revision 1.38
sys/netinet/ip_input.c: revision 1.392
sys/net/if_l2tp.c: revision 1.39

Avoid having a rtcache directly in a percpu storage

percpu(9) has a certain memory storage for each CPU and provides it by the piece
to users. If the storages went short, percpu(9) enlarges them by allocating new
larger memory areas, replacing old ones with them and destroying the old ones.

A percpu storage referenced by a pointer gotten via percpu_getref can be
destroyed by the mechanism after a running thread sleeps even if percpu_putref
has not been called.

Using rtcache, i.e., packet processing, typically involves sleepable operations
such as rwlock so we must avoid dereferencing a rtcache that is directly stored
in a percpu storage during packet processing. Address this situation by having
just a pointer to a rtcache in a percpu storage instead.
Reviewed by knakahara@ and yamaguchi@

-

wqinput: avoid having struct wqinput_worklist directly in a percpu storage

percpu(9) has a certain memory storage for each CPU and provides it by the piece
to users. If the storages went short, percpu(9) enlarges them by allocating new
larger memory areas, replacing old ones with them and destroying the old ones.

A percpu storage referenced by a pointer gotten via percpu_getref can be
destroyed by the mechanism after a running thread sleeps even if percpu_putref
has not been called.

Input handlers of wqinput normally involves sleepable operations so we must
avoid dereferencing a percpu data (struct wqinput_worklist) after executing
an input handler. Address this situation by having just a pointer to the data
in a percpu storage instead.
Reviewed by knakahara@ and yamaguchi@

-

Add missing #include <sys/kmem.h>

-

Divide Tx context of l2tp(4) to improve performance.

It seems l2tp(4) call path is too long for instruction cache. So, dividing
l2tp(4) Tx context improves CPU use efficiency.

After this commit, l2tp(4) throughput gains 10% on my machine(Atom C3000).

-

Apply some missing changes lost on the previous commit

-

Avoid having a rtcache directly in a percpu storage for tunnel protocols.
percpu(9) has a certain memory storage for each CPU and provides it by the piece
to users. If the storages went short, percpu(9) enlarges them by allocating new
larger memory areas, replacing old ones with them and destroying the old ones.

A percpu storage referenced by a pointer gotten via percpu_getref can be
destroyed by the mechanism after a running thread sleeps even if percpu_putref
has not been called.

Using rtcache, i.e., packet processing, typically involves sleepable operations
such as rwlock so we must avoid dereferencing a rtcache that is directly stored
in a percpu storage during packet processing. Address this situation by having
just a pointer to a rtcache in a percpu storage instead.

Reviewed by ozaki-r@ and yamaguchi@

-

l2tp(4): avoid having struct ifqueue directly in a percpu storage.
percpu(9) has a certain memory storage for each CPU and provides it by the piece
to users. If the storages went short, percpu(9) enlarges them by allocating new
larger memory areas, replacing old ones with them and destroying the old ones.

A percpu storage referenced by a pointer gotten via percpu_getref can be
destroyed by the mechanism after a running thread sleeps even if percpu_putref
has not been called.

Tx processing of l2tp(4) uses normally involves sleepable operations so we
must avoid dereferencing a percpu data (struct ifqueue) after executing Tx
processing. Address this situation by having just a pointer to the data in
a percpu storage instead.

Reviewed by ozaki-r@ and yamaguchi@
 1.18.2.1  29-Feb-2020  ad Sync with head.
 1.19.6.1  03-Apr-2021  thorpej Sync with HEAD.

RSS XML Feed