[src/netbsd-2-0]: src/sys/sys Pull up revision 1.76 (requested by jonathan in...

[tron <tron%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/19efe5522461
branches:  netbsd-2-0
changeset: 561185:19efe5522461
user:      tron <tron%NetBSD.org@localhost>
date:      Sun May 30 07:02:37 2004 +0000

description:
Pull up revision 1.76 (requested by jonathan in ticket #405):
Rework to make  FAST_IPSEC PF_KEY dumps unicast and reliable:
Introduce new socket-layer function sbappendaddrchain() to
sys/kern/uipc_socket2.c: like sbappendaddr(), only takes a chain of
records and appends the entire chain in one pass. sbappendaddrchain()
also takes an `sbprio' argument, which indicates the caller requires
special `reliable' handling of the socket-buffer.  `sbprio' is
described in sys/sys/socketvar.h, although (for now) the different
levels are not yet implemented.
Rework sys/netipsec/key.c PF_KEY DUMP responses to build a chain of
mbuf records, one record per dump response. Unicast the entire chain
to the requestor, with all-or-none semantics.
Changed files;
        sys/socketvar.h kern/uipc_socket2.c netipsec/key.c
Reviewed by:
        Jason Thorpe, Thor Lancelot Simon, post to tech-kern.
Todo: request pullup to 2.0 branch.  Post-2.0, rework sysctl() API for
dumps to use new record-chain constructors. Actually implement
the distinct service levels in sbappendaddrchain() so we can use them
to make PF_KEY ACQUIRE messages more reliable.

diffstat:

 sys/sys/socketvar.h |  30 +++++++++++++++++++++++++++++-
 1 files changed, 29 insertions(+), 1 deletions(-)

diffs (51 lines):

diff -r 05b6c49216e2 -r 19efe5522461 sys/sys/socketvar.h
--- a/sys/sys/socketvar.h       Sun May 30 07:02:32 2004 +0000
+++ b/sys/sys/socketvar.h       Sun May 30 07:02:37 2004 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: socketvar.h,v 1.69 2004/03/17 09:58:15 yamt Exp $      */
+/*     $NetBSD: socketvar.h,v 1.69.2.1 2004/05/30 07:02:37 tron Exp $  */
 
 /*-
  * Copyright (c) 1982, 1986, 1990, 1993
@@ -284,6 +284,8 @@
 void   sbappendstream(struct sockbuf *, struct mbuf *);
 int    sbappendaddr(struct sockbuf *, struct sockaddr *, struct mbuf *,
            struct mbuf *);
+int    sbappendaddrchain(struct sockbuf *, const struct sockaddr *,
+            struct mbuf *, int);
 int    sbappendcontrol(struct sockbuf *, struct mbuf *, struct mbuf *);
 void   sbappendrecord(struct sockbuf *, struct mbuf *);
 void   sbcheck(struct sockbuf *);
@@ -352,6 +354,32 @@
 void   sokvafree(vaddr_t, vsize_t);
 void   soloanfree(struct mbuf *, caddr_t, size_t, void *);
 
+/*
+ * Values for socket-buffer-append priority argument to sbappendaddrchain().
+ * The following flags are reserved for future implementation:
+ *
+ *  SB_PRIO_NONE:  honour normal socket-buffer limits.
+ *
+ *  SB_PRIO_ONESHOT_OVERFLOW:  if the socket has any space,
+ *     deliver the entire chain. Intended for large requests
+ *      that should be delivered in their entirety, or not at all.
+ *
+ * SB_PRIO_OVERDRAFT:  allow a small (2*MLEN) overflow, over and
+ *     aboce normal socket limits. Intended messages indicating
+ *      buffer overflow in earlier normal/lower-priority messages .
+ *
+ * SB_PRIO_BESTEFFORT: Ignore  limits entirely.  Intended only for
+ *     kernel-generated messages to specially-marked scokets which
+ *     require "reliable" delivery, nd where the source socket/protocol
+ *     message generator enforce some hard limit (but possibly well
+ *     above kern.sbmax). It is entirely up to the in-kernel source to
+ *     avoid complete mbuf exhaustion or DoS scenarios.
+ */
+#define SB_PRIO_NONE           0
+#define SB_PRIO_ONESHOT_OVERFLOW 1
+#define SB_PRIO_OVERDRAFT      2
+#define SB_PRIO_BESTEFFORT     3
+
 #endif /* _KERNEL */
 
 #endif /* !_SYS_SOCKETVAR_H_ */