ip_mroute: Make the routing socket private

I have some patches which make ip_mroute and ip6_mroute multi-FIB-aware.
This enables running per-FIB routing daemons, each of which has a
separate routing

ip_mroute: Make the routing socket private

I have some patches which make ip_mroute and ip6_mroute multi-FIB-aware.
This enables running per-FIB routing daemons, each of which has a
separate routing socket.

Several places in the network stack check whether multicast routing is
configured by checking whether the multicast routing socket is non-NULL.
This doesn't directly translate in my proposed scheme, as each FIB would
have its own socket. I'd like to modify the ip(6)_mroute code to store
all state, including the socket, in a per-FIB structure. So, take a
step towards that and 1) hide the socket, 2) add a boolean flag which
indicates whether a multicast router is registered.

Reviewed by: pouria, zlei, glebius, adrian
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D55236

show more ...

ip_mroute: Use a local variable to store a VIF pointer

This is cleaner and will make it a bit easier to add some more
indirection to the VIF table, specifically, to add per-FIB tables.

No functiona

ip_mroute: Use a local variable to store a VIF pointer

This is cleaner and will make it a bit easier to add some more
indirection to the VIF table, specifically, to add per-FIB tables.

No functional change intended.

Reviewed by: glebius
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D55057

show more ...

ip_mroute: Make privilege checking more consistent

- The v6 socket option and ioctl handlers had no privilege checks at
all. The socket options, I believe, can only be reached via a raw
socket,

ip_mroute: Make privilege checking more consistent

- The v6 socket option and ioctl handlers had no privilege checks at
all. The socket options, I believe, can only be reached via a raw
socket, but a jailed root user with a raw socket shouldn't be able to
configure multicast routing in a non-VNET jail. The ioctls can only
be used to fetch stats.
- Delete a bogus comment in X_mrt_ioctl(), one can issue multicast
routing ioctls against any socket. Note that the call path is
soo_ioctl()->rtioctl_fib()->mrt_ioctl().

I think all of the mroute privilege checks should be done within the
ip(6)_mroute code, but let's first make the v4 and v6 modules
consistent.

Reviewed by: glebius
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D54982

show more ...

ip_mroute: Convert to using a regular mutex

The multicast routing code was using spin mutexes for packet counting,
but there is no reason to use them instead of regular mutexes, given
that none of t

ip_mroute: Convert to using a regular mutex

The multicast routing code was using spin mutexes for packet counting,
but there is no reason to use them instead of regular mutexes, given
that none of this code runs in an interrupt context. Convert to using
default mutexes.

Reviewed by: glebius
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D54603

show more ...

ip_mroute: EVENTHANDLER_REGISTER does not fail

No functional change intended.

MFC after: 1 week
Sponsored by: Stormshield
Sponsored by: Klara, Inc.

netinet: Remove left-over sys/cdefs.h

These were for $FreeBSD$ that was removed a while ago, but these
includes didn't get swept up in that. Remove them all now.

Sponsored by: Netflix
MFC After:

netinet: Remove left-over sys/cdefs.h

These were for $FreeBSD$ that was removed a while ago, but these
includes didn't get swept up in that. Remove them all now.

Sponsored by: Netflix
MFC After: 2 weeks

show more ...

netinet: allow per protocol random IP id control, single out IPSEC

A globally enabled random IP id generation maybe useful in most IP
contexts, but it may be unnecessary in the case of IPsec encapsu

netinet: allow per protocol random IP id control, single out IPSEC

A globally enabled random IP id generation maybe useful in most IP
contexts, but it may be unnecessary in the case of IPsec encapsulated
packets because IPsec can be configured to use anti-replay windows.

This commit adds a new net.inet.ipsec.random_id sysctl to control whether
or not IPsec packets should use random IP id generation.

Rest of the protocols/modules are still controlled by the global
net.inet.ip.random_id, but can be easily augmented with a knob.

Reviewed by: glebius
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D49164

show more ...

mroute: fix a sysctl vs teardown race

Sponsored by: Rubicon Communications, LLC ("Netgate")

mroute: serialize parallel teardown of the same vnet

Otherwise 2 threads calling here can crash the kernel.

Sponsored by: Rubicon Communications, LLC ("Netgate")

netinet*: Add assertions for some places that don't support M_EXTPG mbufs

Found while auditing calls to M_WRITABLE to see if M_EXTPG could be
removed from its checks.

Reviewed by: gallatin
Differen

netinet*: Add assertions for some places that don't support M_EXTPG mbufs

Found while auditing calls to M_WRITABLE to see if M_EXTPG could be
removed from its checks.

Reviewed by: gallatin
Differential Revision: https://reviews.freebsd.org/D46785

show more ...

ip_mroute: Use NET_EPOCH_WAIT() macro

This makes it easier to grep the usage.

Reviewed by: kp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D45715

ip_mroute: allow MRT_DEL_MFC even if there are pending upcalls

In del_mfc() we try to find the forwarding entry, but that fails to find
the entry if mfc_stall_ring is not empty.

We should find the

ip_mroute: allow MRT_DEL_MFC even if there are pending upcalls

In del_mfc() we try to find the forwarding entry, but that fails to find
the entry if mfc_stall_ring is not empty.

We should find the entry anyway, and destroy it (and any pending
messages) on delete.

Reviewed by: glebius
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D43031

show more ...

sys: Remove ancient SCCS tags.

Remove ancient SCCS tags from the tree, automated scripting, with two
minor fixup to keep things compiling. All the common forms in the tree
were removed with a perl s

sys: Remove ancient SCCS tags.

Remove ancient SCCS tags from the tree, automated scripting, with two
minor fixup to keep things compiling. All the common forms in the tree
were removed with a perl script.

Sponsored by: Netflix

show more ...

ip_mroute: handle V_mfchashtbl allocation failure

We allocate V_mfchashtbl with HASH_NOWAIT (which maps to M_NOWAIT), so
this allocation may fail. As we didn't handle that failure we could end
up de

ip_mroute: handle V_mfchashtbl allocation failure

We allocate V_mfchashtbl with HASH_NOWAIT (which maps to M_NOWAIT), so
this allocation may fail. As we didn't handle that failure we could end
up dereferencing a NULL pointer later (e.g. during X_ip_mrouter_done()).

Do the obvious thing and fail out if we cannot allocate the table.

See also: https://redmine.pfsense.org/issues/14917
Sponsored by: Rubicon Communications, LLC ("Netgate")

show more ...

ip_mroute: Fix sysctl knobs

The loader tunable `net.inet.ip.mfchashsize` does not have corresponding
sysctl MIB entry. Just add it.

While here, the sysctl variable `net.inet.pim.squelch_wholepkt` i

ip_mroute: Fix sysctl knobs

The loader tunable `net.inet.ip.mfchashsize` does not have corresponding
sysctl MIB entry. Just add it.

While here, the sysctl variable `net.inet.pim.squelch_wholepkt` is actually
a loader tunable. Add sysctl flag CTLFLAG_TUN to it so that `sysctl -T`
will report it correctly.

Reviewed by: kp
Fixes: 443fc3176dee Introduce a number of changes to the MROUTING code
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D41997

show more ...

sys: Remove $FreeBSD$: one-line .c pattern

Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/

mroute: avoid calling if_allmulti with the lock held

Avoid locking issues when if_allmulti() calls the driver's if_ioctl,
because that may acquire sleepable locks (while we hold a non-sleepable
rwlo

mroute: avoid calling if_allmulti with the lock held

Avoid locking issues when if_allmulti() calls the driver's if_ioctl,
because that may acquire sleepable locks (while we hold a non-sleepable
rwlock).

Fortunately there's no pressing need to hold the mroute lock while we
do this, so we can postpone the call slightly, until after we've
released the lock.

This avoids the following WITNESS warning (with iflib drivers):

lock order reversal: (sleepable after non-sleepable)
1st 0xffffffff82f64960 IPv4 multicast forwarding (IPv4 multicast forwarding, rw) @ /usr/src/sys/netinet/ip_mroute.c:1050
2nd 0xfffff8000480f180 iflib ctx lock (iflib ctx lock, sx) @ /usr/src/sys/net/iflib.c:4525
lock order IPv4 multicast forwarding -> iflib ctx lock attempted at:
#0 0xffffffff80bbd6ce at witness_checkorder+0xbbe
#1 0xffffffff80b56d10 at _sx_xlock+0x60
#2 0xffffffff80c9ce5c at iflib_if_ioctl+0x2dc
#3 0xffffffff80c7c395 at if_setflag+0xe5
#4 0xffffffff82f60a0e at del_vif_locked+0x9e
#5 0xffffffff82f5f0d5 at X_ip_mrouter_set+0x265
#6 0xffffffff80bfd402 at sosetopt+0xc2
#7 0xffffffff80c02105 at kern_setsockopt+0xa5
#8 0xffffffff80c02054 at sys_setsockopt+0x24
#9 0xffffffff81046be8 at amd64_syscall+0x138
#10 0xffffffff8101930b at fast_syscall_common+0xf8

See also: https://redmine.pfsense.org/issues/12079
Reviewed by: mjg
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D41209

show more ...

ip_mroute: Delete unreachable code

As the flag M_WAITOK is passed to ip_encap_attach(), then the function
will never return NULL, and the following code within NULL check branch
will be unreachable.

ip_mroute: Delete unreachable code

As the flag M_WAITOK is passed to ip_encap_attach(), then the function
will never return NULL, and the following code within NULL check branch
will be unreachable.

No functional change intended.

Reviewed by: kp
Fixes: 6d8fdfa9d5e7d Rework IP encapsulation handling code
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D39746

show more ...

mroute: partially sanitize the file

There is rampant inconsistent formatting all around, make it mostly
style(9)-conformant.

While here:
- drop malloc casts
- rename a rw lock from mroute_mtx to mr

mroute: partially sanitize the file

There is rampant inconsistent formatting all around, make it mostly
style(9)-conformant.

While here:
- drop malloc casts
- rename a rw lock from mroute_mtx to mroute_lock
- replace NOTREACHED comment with __assert_unreachable

Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D38652

show more ...

IfAPI: Explicitly include <net/if_private.h> in netstack

Summary:
In preparation of making if_t completely opaque outside of the netstack,
explicitly include the header. <net/if_var.h> will stop in

IfAPI: Explicitly include <net/if_private.h> in netstack

Summary:
In preparation of making if_t completely opaque outside of the netstack,
explicitly include the header. <net/if_var.h> will stop including the
header in the future.

Sponsored by: Juniper Networks, Inc.
Reviewed by: glebius, melifaro
Differential Revision: https://reviews.freebsd.org/D38200

show more ...

raw ip: fix regression with multicast and RSVP

With 61f7427f02a raw sockets protosw has wildcard pr_protocol. Protocol
of a specific pcb is stored in inp_ip_p.

Reviewed by: karels
Reported by: k

raw ip: fix regression with multicast and RSVP

With 61f7427f02a raw sockets protosw has wildcard pr_protocol. Protocol
of a specific pcb is stored in inp_ip_p.

Reviewed by: karels
Reported by: karels
Differential revision: https://reviews.freebsd.org/D36429
Fixes: 61f7427f02a307d28af674a12c45dd546e3898e4

show more ...

IPv4 multicast: fix LOR in shutdown path

X_ip_mrouter_done() was calling the interface ioctl routines via
if_allmulti() while holding a write lock. However, some interface
ioctl routines, including

IPv4 multicast: fix LOR in shutdown path

X_ip_mrouter_done() was calling the interface ioctl routines via
if_allmulti() while holding a write lock. However, some interface
ioctl routines, including em/iflib and tap, use sxlocks, which are
not permitted while holding a non-sleepable lock, and this elicits
a warning from WITNESS. Fix the locking issue by recording the
affected interface pointers in a malloc'ed array, and call
if_allmulti() on each after dropping the rwlock.

Reviewed by: bz
Differential Revision: https://reviews.freebsd.org/D34845

show more ...

IPv4 multicast: fix netstat -g

The vif structure includes fields at the end which are #ifdef KERNEL,
causing a mismatch between the structure sizes between kernel and
user level. netstat -g failed

IPv4 multicast: fix netstat -g

The vif structure includes fields at the end which are #ifdef KERNEL,
causing a mismatch between the structure sizes between kernel and
user level. netstat -g failed with an ENOMEM on the sysctl to fetch
the vif table. Change the vif sysctl code in ip_mroute to copy out
only the user-level-visible portion of each table entry.

Reviewed by: bz, wma
Differential Revision: https://reviews.freebsd.org/D34627

show more ...

Enter epoch when addding IPv4 multicast forwarding cache entry

The code path from the IPv4 multicast setsockopt could call ip_output()
without entering an epoch. Specifically, the MRT_ADD_MFC setbs

Enter epoch when addding IPv4 multicast forwarding cache entry

The code path from the IPv4 multicast setsockopt could call ip_output()
without entering an epoch. Specifically, the MRT_ADD_MFC setbsocopt
would call add_mfc(), which in turn called ip_mdq() to send queued
packets. This resulted in an epoch assert failure in ip_output().
Enter an epoch in add_mfc(), and add some epoch asserts to check
for similar failures.

Reviewed by: kp, bz, wma, cy
Differential Revision: https://reviews.freebsd.org/D34624

show more ...

ip_mroute: split mrouter interface deactivation and if_free

Move if_free outside MRW_LOCK. This will silence LOR message
which might appere during deinitialization.