On 17.01.2013 20:23, Stephen J. Kiernan wrote:
The network stack as a module patch has been separated out and can be found in
the following location:
http://people.freebsd.org/~marcel/Juniper/netstack-v2.diff
This is quite some work and a lot of changes which will a moment to review.
Can you describe the concept and the terminology you're using here some more?
What is a netstack module and what is its scope? How does it relate to VNET?
What is an IOCGROUP? etc. All this is probably obvious to you but not yet for
us.
--
Andre
Details about these changes:
1. Network stack module support infrastructure
kern/{kern_netstack.c,netstack_if.m,netstack.h}
Network stack modules are declared using the NETSTACK_MODULE macro.
Netstack classes are expected to be singletons. Currently, only a single
network stack is
allowed to be registered at a time.
2. Infrastructure to register UUID sources
kern/kern_uuid.c
net/netuuid.c
sys/uuid.h:
The uuid_node() function uses the node generated by first UUID source that
returns with a
success code, otherwise it generates a random multicast address.
As part of these changes, selection of UUID based on MAC address has been
moved to
net/netuuid.c and it is registered as a UUID source.
3. Infrastructure to register IOCGROUPs in order to handle group-specific
socket ioctls
kern/sys_socket.c,net/{if.c,route.c}
sys/socketvar.h
This eliminates the explicit checks and calls for specific IOCGROUPs in
soo_ioctl().
(Looking for comments about the naming, I'm not married to the name in any
way and suggestions
for better names is welcome.)
Currently, the interface ioctl ('i') and route ioctl ('r') calls are
registered using
SO_IOCGROUP_SET.
4. Dynamically register the 'setfib' syscall
kern/init_sysent.c
net/route.c
Registration of 'setfib' is done from net/route.c::route_init() instead of
having an explicit
entry in the sysent table.
5. Dynamically register SCTP syscalls
kern/{init_sysent.c,uipc_syscalls.c}
compat/freebsd32/freebsd32_sysent.c
netinet/sctp_syscalls.c
sys/socketvar.h
Dynamically register the SCTP syscalls "sctp_peeloff",
"sctp_generic_sendmsg",
"sctp_generic_sendmsg_iov", and "sctp_generic_recvmsg" instead of having
explicit entries in the
sysent and freebsd32_sysent tables.
Moved implementation of said syscalls from kern/uipc_syscalls.c to a new
file named
netinet/sctp_syscalls.c.
Made getsock_cap() available outside of uipc_syscalls.c via socketvar.h
(Junos network stack
needs it, so making it available.)
6. Changes to kern_proc.c
kern/kern_prot.c,netinet/in_prot.c,sys/systm.h
Moved cr_canseeinpcb() to new file netinet/in_prot.c, as it is network
stack related and only
available when INET or INET6 is defined.
Change the names for cr_seeotheruids() and cr_seeothergids() to
cr_canseeotheruids() and
cr_canseeothergids(), repectively, and make them available outside of
kern_prot.c.
7. Create a netstack module
kern/{uipc_socket.c,vfs_default.c,vfs_export.c}
mk/bsd.own.mk
modules/netstack
net/{if_gre.c,netstack.c}
netpfil/ipfw/ip_fw2.c
netpfil/pf/pf_ioctl.c
netinet/ip_gre.c
Add SCTP to the MK_*_SUPPORT variables that need to be set.
Add dependency on the netstack module.
Added vfs_stdcheckexp() to kern/vfs_default.c which calls the netstack
vfs_stdcheckexp method.
Moved socket FIB assignment from the process to the netstack socreate
method.
Moved VFS "export" handling to netstack methods and changed vfs_export()
and vfs_setpublicfs()
to call the respective netstack methods.
The netstack module includes INET, INET6, and SCTP support.
Note: The only issue with including SCTP support, there is currently a
dependency set on the
crypto module. This is because SCTP needs SHA1 and SHA2-256 support. However,
this could be provided
by a number of different modules, so depending on crypto module might not be
the best choice.
Any thoughts on this?
8. Remove SO_SETFIB processing from sosetop and move it to ctloutput functions
kern/uipc_socket.c
net/route.[ch]
netinet/{ip_output.c,raw_ip.c}
netinet6/ip6_output.c
Remove SO_SETFIB processing from sosetopt and move it instead to the
ip_ctloutput(),
ip6_ctloutput(), and rip_ctloutput() functions.
Introduce the rtsosetfib() function to set so_fibnum, as appropriate.
The *_ctloutput functions call the RT_SOSETFIB macro in order to call
rtsosetfib() only when
sockopt level is SOL_SOCKET and name is SO_SETFIB.
9. Define INET and INET6 in CFLAGS instead of relying on opt_inet.h and
opt_inet6.h in modules
modules/{carp,em,if_gre,ipdivert,ipfw,netstack,pf,pfsync,toecore}/Makefile
Use CFLAGS to define INET and INET6 based on MK_INET_SUPPORT and
MK_INET6_SUPPORT,
respectively, instead of relying on opt_inet.h and opt_inet6.h.
We need to do this in orer to be able to build NIC driver modules and the
network stack as
modules when the base kernel does not have netstack compiled in.
10. Make accept filters part of the standard files
conf/files
kern/{uipc_accf.c,uipc_socket.c}
netinet/in_proto.c
Make accept filters part of the standard files, as they could be used by
things other than INET
(and it eliminates a dependency on INET for uipc_socket.c)
Move net.inet.accf.unloadable to net.accf.unloadable
Add net.inet.accf node to in_proto.c in order to support existing accept
filter sysctls.
11. Split IPv4 and IPv6-specific jail functions to netinet and netinet6,
respectively.
kern/kern_jail.c
netinet/in_jail.c
netinet6/in6_jail.c
sys/jail.h
Split IPv4 and IPv6-specific functions from kern/kern_jail.c into
netinet/in_jail.c and
netinet6/in6_jail.c, respectively.
Change _prison_check_ipv[4|6]() to prison_check_ipv[4|6]_locked() and
expose them via jail.h
Change qcmp_v[4|6]() to prison_qcmp_v[4|6] and expose them via jail.h
--
Stephen J. Kiernan
Juniper Networks, Inc.
stevek_at_juniper.net
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
