/* * Copyright (c) 2004 The DragonFly Project. All rights reserved. * * Copyright (c) 1982, 1986, 1991, 1993 * The Regents of the University of California. All rights reserved. * (c) UNIX System Laboratories, Inc. * All or some portions of this file are derived from material licensed * to the University of California by American Telephone and Telegraph * Co. or Unix System Laboratories, Inc. and are reproduced herein with * the permission of UNIX System Laboratories, Inc. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * @(#)kern_subr.c 8.3 (Berkeley) 1/21/94 */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include /* * This implements additional functions used by pf which can not be ported * easyly. At this point it boils down to mostly the Net/OpenBSD hook * implementation. * * BEWARE: this is not locked! Required locking is done by the caller. */ void * hook_establish(struct hook_desc_head *head, int tail, void (*fn)(void *), void *arg) { struct hook_desc *hdp; hdp = kmalloc(sizeof (*hdp), M_DEVBUF, M_WAITOK); if (hdp == NULL) return (NULL); hdp->hd_fn = fn; hdp->hd_arg = arg; if (tail) TAILQ_INSERT_TAIL(head, hdp, hd_list); else TAILQ_INSERT_HEAD(head, hdp, hd_list); return (hdp); } void hook_disestablish(struct hook_desc_head *head, void *vhook) { struct hook_desc *hdp; #ifdef DIAGNOSTIC for (hdp = TAILQ_FIRST(head); hdp != NULL; hdp = TAILQ_NEXT(hdp, hd_list)) if (hdp == vhook) break; if (hdp == NULL) panic("hook_disestablish: hook not established"); #endif hdp = vhook; TAILQ_REMOVE(head, hdp, hd_list); kfree(hdp, M_DEVBUF); } /* * Run hooks. Startup hooks are invoked right after scheduler_start but * before root is mounted. Shutdown hooks are invoked immediately before the * system is halted or rebooted, i.e. after file systems unmounted, * after crash dump done, etc. */ void dohooks(struct hook_desc_head *head, int flags) { struct hook_desc *hdp; if ((flags & HOOK_REMOVE) == 0) { TAILQ_FOREACH(hdp, head, hd_list) { (*hdp->hd_fn)(hdp->hd_arg); } } else { while ((hdp = TAILQ_FIRST(head)) != NULL) { TAILQ_REMOVE(head, hdp, hd_list); (*hdp->hd_fn)(hdp->hd_arg); if ((flags & HOOK_FREE) != 0) kfree(hdp, M_DEVBUF); } } } /* * Following is where TCP initial sequence number generation occurs. * * There are two places where we must use initial sequence numbers: * 1. In SYN-ACK packets. * 2. In SYN packets. * * All ISNs for SYN-ACK packets are generated by the syncache. See * tcp_syncache.c for details. * * The ISNs in SYN packets must be monotonic; TIME_WAIT recycling * depends on this property. In addition, these ISNs should be * unguessable so as to prevent connection hijacking. To satisfy * the requirements of this situation, the algorithm outlined in * RFC 1948 is used, with only small modifications. * * Implementation details: * * Time is based off the system timer, and is corrected so that it * increases by one megabyte per second. This allows for proper * recycling on high speed LANs while still leaving over an hour * before rollover. * * As reading the *exact* system time is too expensive to be done * whenever setting up a TCP connection, we increment the time * offset in two ways. First, a small random positive increment * is added to isn_offset for each connection that is set up. * Second, the function tcp_isn_tick fires once per clock tick * and increments isn_offset as necessary so that sequence numbers * are incremented at approximately ISN_BYTES_PER_SECOND. The * random positive increments serve only to ensure that the same * exact sequence number is never sent out twice (as could otherwise * happen when a port is recycled in less than the system tick * interval.) * * net.inet.tcp.isn_reseed_interval controls the number of seconds * between seeding of isn_secret. This is normally set to zero, * as reseeding should not be necessary. * * Locking of the global variables isn_secret, isn_last_reseed, isn_offset, * isn_offset_old, and isn_ctx is performed using the TCP pcbinfo lock. In * general, this means holding an exclusive (write) lock. */ #define ISN_BYTES_PER_SECOND 1048576 #define ISN_STATIC_INCREMENT 4096 #define ISN_RANDOM_INCREMENT (4096 - 1) /* wrapper functions for pool_* */ void * pool_get(vm_zone_t *pp, int flags) { void *retval; retval = zalloc(*(pp)); if (flags & PR_ZERO) bzero(retval, (*pp)->zsize); return retval; }