cinap_lenrek [Sat, 30 Mar 2019 08:17:46 +0000 (09:17 +0100)]
dtracy: avoid dmachlock() race
between being commited to a machno and having acquired the lock, the
scheduler could come in an schedule us on a different processor. the
solution is to have dtmachlock() take a special -1 argument to mean
"current mach" and return the actual mach number after the lock has
been acquired and interrupts being disabled.
cinap_lenrek [Sat, 30 Mar 2019 04:50:14 +0000 (05:50 +0100)]
dist/mkfile: aux/stub -d /n/src9/usr to avoid overbinding /usr in case /n/src9 an / alias
when /n/src9 is an alias for / (bind / /n/src9), then the bind
from /sys/lib/dist/usr on /n/src9/usr would also overbind
/usr and potentially make the build target file inaccessible.
the solution is to run aux/stub -d /n/src9/usr.
this works as aux/stub mounts itself on /n/src9, so the bind
for /n/src9/usr will not override /usr in the root filesystem
but the stub directory from aux/stub.
cinap_lenrek [Sun, 17 Mar 2019 04:44:55 +0000 (05:44 +0100)]
ip/ipconfig: use defaults for loopback
- do not write /net/ndb for loopback medium unless -p is specified
- use defmask() instead of hardcoded /64 for v6 to get correct /128 mask for ::1
- only do duplicate address detection on ethernet
- increase buffer size to support up to 4096 bit RSA keys
- handle PMTUDiscovery option and respond to pmtu probes
- handle port in Address option
- wlock(&netlk) before closing udpfd to sync with writers
- move default subnet handling out of gethost()
cinap_lenrek [Thu, 7 Mar 2019 21:39:50 +0000 (22:39 +0100)]
devip: ignore the evil bit in fragment info field
using ~IP_DF mask to select offset and "more fragments" bits
includes the evil bit 15. so instead define a constant IP_FO
for the fragment offset bits and use (IP_MF|IP_FO). that way
the evil bit gets ignored and doesnt cause any useless calls
to ipreassemble().
only try listen/dial on udp when IndirectData/TcpOnly is not
enabled.
add support for scipts:
host-up
host-down
tinc-up
tinc-down
subnet-up
subnet-down
when dialing udp connection, only switch when there is no
other udp connection active. when we receive an authenticated
message, we switch to that connection immidiately.
cinap_lenrek [Mon, 4 Mar 2019 02:05:30 +0000 (03:05 +0100)]
devip: fix fragment forwarding
unfraglen() had the side effect that it would always copy the
nexthdr field from the fragment header to the previous nexthdr
field. this is fine when we reassemble packets but breaks
fragments that we want to just forward unchanged.
cinap_lenrek [Sun, 3 Mar 2019 17:56:18 +0000 (18:56 +0100)]
devip: simplify ip reassembly functions, getting rid of Ipfrag.hlen
given that we now keep the block size consistent with the
ip packet size, the variable header part of the ip packet
is just: BLEN(bp) - fp->flen == fp->hlen.
fix bug in ip6reassemble() in the non-fragmented case:
reload ih after ip header was moved before writing ih->ploadlen.
cinap_lenrek [Sun, 3 Mar 2019 04:25:00 +0000 (05:25 +0100)]
devip: fix ip fragmentation handling issues with header options
some protocols assume that Ip4hdr.length[] and Ip6hdr.ploadlen[]
are valid and not out of range within the block but this has
not been verified. also, the ipv4 and ipv6 headers can have variable
length options, which was not considered in the fragmentation and
reassembly code.
to make this sane, ipiput4() and ipiput6() now verify that everything
is in range and trims to block to the expected size before it does
any further processing. now blocklen() and Ip4hdr.length[] are conistent.
ipoput4() and ipoput6() are simpler now, as they can rely on
blocklen() only, not having a special routing case.
ip fragmentation reassembly has to consider that fragments could
arrive with different ip header options, so we store the header+option
size in new Ipfrag.hlen field.
unfraglen() has to make sure not to run past the buffer, and hadle
the case when it encounters multiple fragment headers.
cinap_lenrek [Fri, 1 Mar 2019 00:43:55 +0000 (01:43 +0100)]
lib9p: fix zero msize abort() due to unknown version (thanks kivik)
kivik wrote:
I've found a nasty bug in lib9p handling of Tversion
messages, where an invalid version string in the request
leads to servers abort()ing the spaceship.
To reproduce:
; ramfs -S ram
; aux/9pcon /srv/ram
Tversion ~0 DIE
The issue lies in sversion() where in case an invalid
version string is received we respond right away with
ofcall.version="unknown"; however, we fail to set the
ofcall.msize, which at this point is cleared to 0. This
causes the convS2M call in respond() to fail and abort being
called.