Module Name: src
Committed By: martin
Date: Tue Sep 24 18:27:10 UTC 2019
Modified Files:
src/sys/net [netbsd-8]: if.c if.h if_gif.c if_gif.h if_ipsec.c
if_ipsec.h if_l2tp.c if_l2tp.h route.c route.h
src/sys/netinet [netbsd-8]: in_gif.c in_l2tp.c ip_input.c wqinput.c
src/sys/netinet6 [netbsd-8]: in6_gif.c in6_l2tp.c ip6_forward.c
ip6_input.c
src/sys/netipsec [netbsd-8]: ipsec_output.c ipsecif.c key.c
Log Message:
Pull up following revision(s) (requested by knakahara in ticket #1385):
sys/net/if.c 1.461
sys/net/if.h 1.277
sys/net/if_gif.c 1.149
sys/net/if_gif.h 1.33
sys/net/if_ipsec.c 1.19,1.20,1.24
sys/net/if_ipsec.h 1.5
sys/net/if_l2tp.c 1.33,1.36-1.39
sys/net/if_l2tp.h 1.7,1.8
sys/net/route.c 1.220,1.221
sys/net/route.h 1.125
sys/netinet/in_gif.c 1.95
sys/netinet/in_l2tp.c 1.17
sys/netinet/ip_input.c 1.391,1.392
sys/netinet/wqinput.c 1.6
sys/netinet6/in6_gif.c 1.94
sys/netinet6/in6_l2tp.c 1.18
sys/netinet6/ip6_forward.c 1.97
sys/netinet6/ip6_input.c 1.210,1.211
sys/netipsec/ipsec_output.c 1.82,1.83 (patched)
sys/netipsec/ipsecif.c 1.12,1.13,1.15,1.17 (patched)
sys/netipsec/key.c 1.259,1.260
ipsecif(4) support input drop packet counter.
ipsecif(4) should not increment drop counter by errors not related to if_snd.
Pointed out by ozaki-r@n.o, thanks.
Remove unnecessary addresses in PF_KEY message.
MOBIKE Extensions for PF_KEY draft-schilcher-mobike-pfkey-extension-01.txt says
====================
5. SPD Update
// snip
SADB_X_SPDADD:
// snip
sadb_x_ipsecrequest_reqid:
An ID for that SA can be passed to the kernel in the
sadb_x_ipsecrequest_reqid field.
If tunnel mode is specified, the sadb_x_ipsecrequest structure is
followed by two sockaddr structures that define the tunnel
endpoint addresses. In the case that transport mode is used, no
additional addresses are specified.
====================
see: <a rel="nofollow"
href="https://tools.ietf.org/html/draft-schilcher-mobike-pfkey-extension-01";>https://tools.ietf.org/html/draft-schilcher-mobike-pfkey-extension-01</a>
ipsecif(4) uses transport mode, so it should not add addresses.
ipsecif(4) supports multiple peers in the same NAPT.
E.g. ipsec0 connects between NetBSD_A and NetBSD_B, ipsec1 connects
NetBSD_A and NetBSD_C at the following figure.
+----------+
+----| NetBSD_B |
+----------+ +------+ | +----------+
| NetBSD_A |--- ... ---| NAPT |---+
+----------+ +------+ | +----------+
+----| NetBSD_C |
+----------+
Add ATF later.
l2tp(4): fix output bytes counter. Pointed by k-goda@IIJ, thanks.
remove a variable which is no longer used.
l2tp: initialize mowner variables for MBUFTRACE
Avoid having a rtcache directly in a percpu storage
percpu(9) has a certain memory storage for each CPU and provides it by the piece
to users. If the storages went short, percpu(9) enlarges them by allocating new
larger memory areas, replacing old ones with them and destroying the old ones.
A percpu storage referenced by a pointer gotten via percpu_getref can be
destroyed by the mechanism after a running thread sleeps even if percpu_putref
has not been called.
Using rtcache, i.e., packet processing, typically involves sleepable operations
such as rwlock so we must avoid dereferencing a rtcache that is directly stored
in a percpu storage during packet processing. Address this situation by having
just a pointer to a rtcache in a percpu storage instead.
Reviewed by knakahara@ and yamaguchi@
wqinput: avoid having struct wqinput_worklist directly in a percpu storage
percpu(9) has a certain memory storage for each CPU and provides it by the piece
to users. If the storages went short, percpu(9) enlarges them by allocating new
larger memory areas, replacing old ones with them and destroying the old ones.
A percpu storage referenced by a pointer gotten via percpu_getref can be
destroyed by the mechanism after a running thread sleeps even if percpu_putref
has not been called.
Input handlers of wqinput normally involves sleepable operations so we must
avoid dereferencing a percpu data (struct wqinput_worklist) after executing
an input handler. Address this situation by having just a pointer to the data
in a percpu storage instead.
Reviewed by knakahara@ and yamaguchi@
Add missing #include <sys/kmem.h>
Divide Tx context of l2tp(4) to improve performance.
It seems l2tp(4) call path is too long for instruction cache. So, dividing
l2tp(4) Tx context improves CPU use efficiency.
After this commit, l2tp(4) throughput gains 10% on my machine(Atom C3000).
Apply some missing changes lost on the previous commit
Avoid having a rtcache directly in a percpu storage for tunnel protocols.
percpu(9) has a certain memory storage for each CPU and provides it by the piece
to users. If the storages went short, percpu(9) enlarges them by allocating new
larger memory areas, replacing old ones with them and destroying the old ones.
A percpu storage referenced by a pointer gotten via percpu_getref can be
destroyed by the mechanism after a running thread sleeps even if percpu_putref
has not been called.
Using rtcache, i.e., packet processing, typically involves sleepable operations
such as rwlock so we must avoid dereferencing a rtcache that is directly stored
in a percpu storage during packet processing. Address this situation by having
just a pointer to a rtcache in a percpu storage instead.
Reviewed by ozaki-r@ and yamaguchi@
l2tp(4): avoid having struct ifqueue directly in a percpu storage.
percpu(9) has a certain memory storage for each CPU and provides it by the piece
to users. If the storages went short, percpu(9) enlarges them by allocating new
larger memory areas, replacing old ones with them and destroying the old ones.
A percpu storage referenced by a pointer gotten via percpu_getref can be
destroyed by the mechanism after a running thread sleeps even if percpu_putref
has not been called.
Tx processing of l2tp(4) uses normally involves sleepable operations so we
must avoid dereferencing a percpu data (struct ifqueue) after executing Tx
processing. Address this situation by having just a pointer to the data in
a percpu storage instead.
Reviewed by ozaki-r@ and yamaguchi@
To generate a diff of this commit:
cvs rdiff -u -r1.394.2.17 -r1.394.2.18 src/sys/net/if.c
cvs rdiff -u -r1.239.2.7 -r1.239.2.8 src/sys/net/if.h
cvs rdiff -u -r1.126.2.14 -r1.126.2.15 src/sys/net/if_gif.c
cvs rdiff -u -r1.25.8.4 -r1.25.8.5 src/sys/net/if_gif.h
cvs rdiff -u -r1.3.2.11 -r1.3.2.12 src/sys/net/if_ipsec.c
cvs rdiff -u -r1.1.2.4 -r1.1.2.5 src/sys/net/if_ipsec.h
cvs rdiff -u -r1.11.2.10 -r1.11.2.11 src/sys/net/if_l2tp.c
cvs rdiff -u -r1.2.2.3 -r1.2.2.4 src/sys/net/if_l2tp.h
cvs rdiff -u -r1.194.6.13 -r1.194.6.14 src/sys/net/route.c
cvs rdiff -u -r1.112.4.5 -r1.112.4.6 src/sys/net/route.h
cvs rdiff -u -r1.87.8.5 -r1.87.8.6 src/sys/netinet/in_gif.c
cvs rdiff -u -r1.2.8.7 -r1.2.8.8 src/sys/netinet/in_l2tp.c
cvs rdiff -u -r1.355.2.7 -r1.355.2.8 src/sys/netinet/ip_input.c
cvs rdiff -u -r1.3.2.1 -r1.3.2.2 src/sys/netinet/wqinput.c
cvs rdiff -u -r1.85.6.6 -r1.85.6.7 src/sys/netinet6/in6_gif.c
cvs rdiff -u -r1.5.8.7 -r1.5.8.8 src/sys/netinet6/in6_l2tp.c
cvs rdiff -u -r1.87.2.3 -r1.87.2.4 src/sys/netinet6/ip6_forward.c
cvs rdiff -u -r1.178.2.8 -r1.178.2.9 src/sys/netinet6/ip6_input.c
cvs rdiff -u -r1.48.2.3 -r1.48.2.4 src/sys/netipsec/ipsec_output.c
cvs rdiff -u -r1.1.2.8 -r1.1.2.9 src/sys/netipsec/ipsecif.c
cvs rdiff -u -r1.163.2.13 -r1.163.2.14 src/sys/netipsec/key.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
