Author: bz
Date: Tue Jan 28 18:08:53 2020
New Revision: 357210
URL: https://svnweb.freebsd.org/changeset/base/357210
Log:
MFC r356527-356528:
vnet: virtualise more network stack sysctls.
Virtualise tcp_always_keepalive, TCP and UDP log_in_vain. All three are
set in the netoptions startup script, which we would love to run for VNETs
as well.
While virtualising the log_in_vain sysctls seems pointles at first for as
long as the kernel message buffer is not virtualised, it at least allows
an administrator to debug the base system or an individual jail if needed
without turning the logging on for all jails running on a system.
Run netoptions startup script in vnet jails.
People use rc.conf inside vnet jails to configure networking setups.
Presumably because some sysctl were not virtualised up until r356527 the
script was not run for vnet jails leaving the rc.conf options without
effect for non-obvious reasons. Run the netoptions startup script also
for VNET jails now to make the rc.conf options work.
PR: 243193
Modified:
stable/12/libexec/rc/rc.d/netoptions
stable/12/sys/dev/cxgbe/tom/t4_tom.c
stable/12/sys/netinet/tcp_input.c
stable/12/sys/netinet/tcp_stacks/rack.c
stable/12/sys/netinet/tcp_subr.c
stable/12/sys/netinet/tcp_timer.c
stable/12/sys/netinet/tcp_timer.h
stable/12/sys/netinet/tcp_var.h
stable/12/sys/netinet/udp_usrreq.c
stable/12/sys/netinet/udp_var.h
stable/12/sys/netinet6/udp6_usrreq.c
Directory Properties:
stable/12/ (props changed)
Modified: stable/12/libexec/rc/rc.d/netoptions
==============================================================================
--- stable/12/libexec/rc/rc.d/netoptions Tue Jan 28 18:04:17 2020
(r357209)
+++ stable/12/libexec/rc/rc.d/netoptions Tue Jan 28 18:08:53 2020
(r357210)
@@ -6,7 +6,7 @@
# PROVIDE: netoptions
# REQUIRE: FILESYSTEMS
# BEFORE: netif
-# KEYWORD: nojail
+# KEYWORD: nojailvnet
. /etc/rc.subr
. /etc/network.subr
Modified: stable/12/sys/dev/cxgbe/tom/t4_tom.c
==============================================================================
--- stable/12/sys/dev/cxgbe/tom/t4_tom.c Tue Jan 28 18:04:17 2020
(r357209)
+++ stable/12/sys/dev/cxgbe/tom/t4_tom.c Tue Jan 28 18:08:53 2020
(r357210)
@@ -1131,7 +1131,7 @@ init_conn_params(struct vi_info *vi , struct offload_s
cp->nagle = tp->t_flags & TF_NODELAY ? 0 : 1;
/* TCP Keepalive. */
- if (tcp_always_keepalive || so_options_get(so) & SO_KEEPALIVE)
+ if (V_tcp_always_keepalive || so_options_get(so) & SO_KEEPALIVE)
cp->keepalive = 1;
else
cp->keepalive = 0;
Modified: stable/12/sys/netinet/tcp_input.c
==============================================================================
--- stable/12/sys/netinet/tcp_input.c Tue Jan 28 18:04:17 2020
(r357209)
+++ stable/12/sys/netinet/tcp_input.c Tue Jan 28 18:08:53 2020
(r357210)
@@ -129,9 +129,9 @@ __FBSDID("$FreeBSD$");
const int tcprexmtthresh = 3;
-int tcp_log_in_vain = 0;
-SYSCTL_INT(_net_inet_tcp, OID_AUTO, log_in_vain, CTLFLAG_RW,
- &tcp_log_in_vain, 0,
+VNET_DEFINE(int, tcp_log_in_vain) = 0;
+SYSCTL_INT(_net_inet_tcp, OID_AUTO, log_in_vain, CTLFLAG_VNET | CTLFLAG_RW,
+ &VNET_NAME(tcp_log_in_vain), 0,
"Log all incoming TCP segments to closed ports");
VNET_DEFINE(int, blackhole) = 0;
@@ -886,8 +886,8 @@ findpcb:
* Log communication attempts to ports that are not
* in use.
*/
- if ((tcp_log_in_vain == 1 && (thflags & TH_SYN)) ||
- tcp_log_in_vain == 2) {
+ if ((V_tcp_log_in_vain == 1 && (thflags & TH_SYN)) ||
+ V_tcp_log_in_vain == 2) {
if ((s = tcp_log_vain(NULL, th, (void *)ip, ip6)))
log(LOG_INFO, "%s; %s: Connection attempt "
"to closed port\n", s, __func__);
Modified: stable/12/sys/netinet/tcp_stacks/rack.c
==============================================================================
--- stable/12/sys/netinet/tcp_stacks/rack.c Tue Jan 28 18:04:17 2020
(r357209)
+++ stable/12/sys/netinet/tcp_stacks/rack.c Tue Jan 28 18:08:53 2020
(r357210)
@@ -2357,7 +2357,7 @@ rack_start_hpts_timer(struct tcp_rack *rack, struct tc
*/
if ((hpts_timeout == 0) &&
(slot == 0)) {
- if ((tcp_always_keepalive || inp->inp_socket->so_options &
SO_KEEPALIVE) &&
+ if ((V_tcp_always_keepalive || inp->inp_socket->so_options &
SO_KEEPALIVE) &&
(tp->t_state <= TCPS_CLOSING)) {
/*
* Ok we have no timer (persists, rack, tlp, rxt or
@@ -2789,7 +2789,7 @@ rack_timeout_keepalive(struct tcpcb *tp, struct tcp_ra
TCPSTAT_INC(tcps_keeptimeo);
if (tp->t_state < TCPS_ESTABLISHED)
goto dropit;
- if ((tcp_always_keepalive || inp->inp_socket->so_options &
SO_KEEPALIVE) &&
+ if ((V_tcp_always_keepalive || inp->inp_socket->so_options &
SO_KEEPALIVE) &&
tp->t_state <= TCPS_CLOSING) {
if (ticks - tp->t_rcvtime >= TP_KEEPIDLE(tp) + TP_MAXIDLE(tp))
goto dropit;
@@ -6546,7 +6546,7 @@ rack_timer_audit(struct tcpcb *tp, struct tcp_rack *ra
* of nothing outstanding and the RXT up (and the hptsi
timer).
*/
return;
- } else if (((tcp_always_keepalive ||
+ } else if (((V_tcp_always_keepalive ||
rack->rc_inp->inp_socket->so_options &
SO_KEEPALIVE) &&
(tp->t_state <= TCPS_CLOSING)) &&
(tmr_up == PACE_TMR_KEEP) &&
@@ -6861,7 +6861,7 @@ rack_hpts_do_segment(struct mbuf *m, struct tcphdr *th
if (((rack->r_ctl.rc_hpts_flags & PACE_TMR_MASK) == 0) &&
(SEQ_GT(tp->snd_max, tp->snd_una) ||
(tp->t_flags & TF_DELACK) ||
- ((tcp_always_keepalive ||
rack->rc_inp->inp_socket->so_options & SO_KEEPALIVE) &&
+ ((V_tcp_always_keepalive ||
rack->rc_inp->inp_socket->so_options & SO_KEEPALIVE) &&
(tp->t_state <= TCPS_CLOSING)))) {
/* We could not send (probably in the hpts but stopped
the timer earlier)? */
if ((tp->snd_max == tp->snd_una) &&
Modified: stable/12/sys/netinet/tcp_subr.c
==============================================================================
--- stable/12/sys/netinet/tcp_subr.c Tue Jan 28 18:04:17 2020
(r357209)
+++ stable/12/sys/netinet/tcp_subr.c Tue Jan 28 18:08:53 2020
(r357210)
@@ -3108,7 +3108,7 @@ tcp_log_vain(struct in_conninfo *inc, struct tcphdr *t
{
/* Is logging enabled? */
- if (tcp_log_in_vain == 0)
+ if (V_tcp_log_in_vain == 0)
return (NULL);
return (tcp_log_addr(inc, th, ip4hdr, ip6hdr));
Modified: stable/12/sys/netinet/tcp_timer.c
==============================================================================
--- stable/12/sys/netinet/tcp_timer.c Tue Jan 28 18:04:17 2020
(r357209)
+++ stable/12/sys/netinet/tcp_timer.c Tue Jan 28 18:08:53 2020
(r357210)
@@ -125,9 +125,10 @@ SYSCTL_PROC(_net_inet_tcp, OID_AUTO, rexmit_slop, CTLT
&tcp_rexmit_slop, 0, sysctl_msec_to_ticks, "I",
"Retransmission Timer Slop");
-int tcp_always_keepalive = 1;
-SYSCTL_INT(_net_inet_tcp, OID_AUTO, always_keepalive, CTLFLAG_RW,
- &tcp_always_keepalive , 0, "Assume SO_KEEPALIVE on all TCP connections");
+VNET_DEFINE(int, tcp_always_keepalive) = 1;
+SYSCTL_INT(_net_inet_tcp, OID_AUTO, always_keepalive, CTLFLAG_VNET|CTLFLAG_RW,
+ &VNET_NAME(tcp_always_keepalive) , 0,
+ "Assume SO_KEEPALIVE on all TCP connections");
int tcp_fast_finwait2_recycle = 0;
SYSCTL_INT(_net_inet_tcp, OID_AUTO, fast_finwait2_recycle, CTLFLAG_RW,
@@ -431,7 +432,7 @@ tcp_timer_keep(void *xtp)
TCPSTAT_INC(tcps_keeptimeo);
if (tp->t_state < TCPS_ESTABLISHED)
goto dropit;
- if ((tcp_always_keepalive ||
+ if ((V_tcp_always_keepalive ||
inp->inp_socket->so_options & SO_KEEPALIVE) &&
tp->t_state <= TCPS_CLOSING) {
if (ticks - tp->t_rcvtime >= TP_KEEPIDLE(tp) + TP_MAXIDLE(tp))
Modified: stable/12/sys/netinet/tcp_timer.h
==============================================================================
--- stable/12/sys/netinet/tcp_timer.h Tue Jan 28 18:04:17 2020
(r357209)
+++ stable/12/sys/netinet/tcp_timer.h Tue Jan 28 18:08:53 2020
(r357210)
@@ -203,10 +203,11 @@ extern int tcp_backoff[];
extern int tcp_totbackoff;
extern int tcp_rexmit_drop_options;
-extern int tcp_always_keepalive;
extern int tcp_finwait2_timeout;
extern int tcp_fast_finwait2_recycle;
+VNET_DECLARE(int, tcp_always_keepalive);
+#define V_tcp_always_keepalive VNET(tcp_always_keepalive)
VNET_DECLARE(int, tcp_pmtud_blackhole_detect);
#define V_tcp_pmtud_blackhole_detect VNET(tcp_pmtud_blackhole_detect)
VNET_DECLARE(int, tcp_pmtud_blackhole_mss);
Modified: stable/12/sys/netinet/tcp_var.h
==============================================================================
--- stable/12/sys/netinet/tcp_var.h Tue Jan 28 18:04:17 2020
(r357209)
+++ stable/12/sys/netinet/tcp_var.h Tue Jan 28 18:08:53 2020
(r357210)
@@ -745,7 +745,8 @@ SYSCTL_DECL(_net_inet_tcp_sack);
MALLOC_DECLARE(M_TCPLOG);
#endif
-extern int tcp_log_in_vain;
+VNET_DECLARE(int, tcp_log_in_vain);
+#define V_tcp_log_in_vain VNET(tcp_log_in_vain)
/*
* Global TCP tunables shared between different stacks.
Modified: stable/12/sys/netinet/udp_usrreq.c
==============================================================================
--- stable/12/sys/netinet/udp_usrreq.c Tue Jan 28 18:04:17 2020
(r357209)
+++ stable/12/sys/netinet/udp_usrreq.c Tue Jan 28 18:08:53 2020
(r357210)
@@ -116,9 +116,9 @@ VNET_DEFINE(int, udp_cksum) = 1;
SYSCTL_INT(_net_inet_udp, UDPCTL_CHECKSUM, checksum, CTLFLAG_VNET | CTLFLAG_RW,
&VNET_NAME(udp_cksum), 0, "compute udp checksum");
-int udp_log_in_vain = 0;
-SYSCTL_INT(_net_inet_udp, OID_AUTO, log_in_vain, CTLFLAG_RW,
- &udp_log_in_vain, 0, "Log all incoming UDP packets");
+VNET_DEFINE(int, udp_log_in_vain) = 0;
+SYSCTL_INT(_net_inet_udp, OID_AUTO, log_in_vain, CTLFLAG_VNET | CTLFLAG_RW,
+ &VNET_NAME(udp_log_in_vain), 0, "Log all incoming UDP packets");
VNET_DEFINE(int, udp_blackhole) = 0;
SYSCTL_INT(_net_inet_udp, OID_AUTO, blackhole, CTLFLAG_VNET | CTLFLAG_RW,
@@ -688,7 +688,7 @@ udp_input(struct mbuf **mp, int *offp, int proto)
ip->ip_dst, uh->uh_dport, INPLOOKUP_WILDCARD |
INPLOOKUP_RLOCKPCB, ifp, m);
if (inp == NULL) {
- if (udp_log_in_vain) {
+ if (V_udp_log_in_vain) {
char src[INET_ADDRSTRLEN];
char dst[INET_ADDRSTRLEN];
Modified: stable/12/sys/netinet/udp_var.h
==============================================================================
--- stable/12/sys/netinet/udp_var.h Tue Jan 28 18:04:17 2020
(r357209)
+++ stable/12/sys/netinet/udp_var.h Tue Jan 28 18:08:53 2020
(r357210)
@@ -149,9 +149,10 @@ extern u_long udp_sendspace;
extern u_long udp_recvspace;
VNET_DECLARE(int, udp_cksum);
VNET_DECLARE(int, udp_blackhole);
+VNET_DECLARE(int, udp_log_in_vain);
#define V_udp_cksum VNET(udp_cksum)
#define V_udp_blackhole VNET(udp_blackhole)
-extern int udp_log_in_vain;
+#define V_udp_log_in_vain VNET(udp_log_in_vain)
static __inline struct inpcbinfo *
udp_get_inpcbinfo(int protocol)
Modified: stable/12/sys/netinet6/udp6_usrreq.c
==============================================================================
--- stable/12/sys/netinet6/udp6_usrreq.c Tue Jan 28 18:04:17 2020
(r357209)
+++ stable/12/sys/netinet6/udp6_usrreq.c Tue Jan 28 18:08:53 2020
(r357210)
@@ -483,7 +483,7 @@ udp6_input(struct mbuf **mp, int *offp, int proto)
INPLOOKUP_WILDCARD | INPLOOKUP_RLOCKPCB,
m->m_pkthdr.rcvif, m);
if (inp == NULL) {
- if (udp_log_in_vain) {
+ if (V_udp_log_in_vain) {
char ip6bufs[INET6_ADDRSTRLEN];
char ip6bufd[INET6_ADDRSTRLEN];
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "[email protected]"
