Mailing List Archive

The last one of `ipv6ctl_vars' variables. The sysctl(2) and IPv6 stack both allow negative value for unlimited queue, so use cached value and keep current behavior. We have no `ipv6ctl_vars' used in ramdisk, so exclude them from SMALL_KERNEL. Index: sys/netinet6/icmp6.c =================================================================== RCS file: /cvs/src/sys/netinet6/icmp6.c,v retrieving revision 1.270 diff -u -p -r1.270 icmp6.c --- sys/netinet6/icmp6.c 18 Jul 2025 08:39:14 -0000 1.270 +++ sys/netinet6/icmp6.c 26 Jul 2025 01:43:45 -0000 @@ -1292,6 +1292,7 @@ icmp6_redirect_input(struct mbuf *m, int struct sockaddr_in6 ssrc; unsigned long rtcount; struct rtentry *newrt = NULL; + int ip6_maxdynroutes_local = atomic_load_int(&ip6_maxdynroutes); /* * do not install redirect route, if the number of entries @@ -1300,7 +1301,8 @@ icmp6_redirect_input(struct mbuf *m, int * (there will be additional hops, though). */ rtcount = rt_timer_queue_count(&icmp6_redirect_timeout_q); - if (0 <= ip6_maxdynroutes && rtcount >= ip6_maxdynroutes) + if (ip6_maxdynroutes_local >= 0 && + rtcount >= ip6_maxdynroutes_local) goto freeit; bzero(&sdst, sizeof(sdst)); Index: sys/netinet6/in6_proto.c =================================================================== RCS file: /cvs/src/sys/netinet6/in6_proto.c,v retrieving revision 1.147 diff -u -p -r1.147 in6_proto.c --- sys/netinet6/in6_proto.c 26 Jul 2025 01:16:59 -0000 1.147 +++ sys/netinet6/in6_proto.c 26 Jul 2025 01:43:45 -0000 @@ -364,7 +364,7 @@ int ip6_auto_flowlabel = 1; /* [a] */ int ip6_use_deprecated = 1; /* [a] allow deprecated addr (RFC2462 5.5.4) */ int ip6_mcast_pmtu = 0; /* [a] enable pMTU discovery for multicast? */ int ip6_neighborgcthresh = 2048; /* [a] Threshold # of NDP entries for GC */ -int ip6_maxdynroutes = 4096; /* Max # of routes created via redirect */ +int ip6_maxdynroutes = 4096; /* [a] Max # of routes created via redirect */ time_t ip6_log_time = (time_t)0L; /* raw IP6 parameters */ Index: sys/netinet6/ip6_input.c =================================================================== RCS file: /cvs/src/sys/netinet6/ip6_input.c,v retrieving revision 1.292 diff -u -p -r1.292 ip6_input.c --- sys/netinet6/ip6_input.c 26 Jul 2025 01:16:59 -0000 1.292 +++ sys/netinet6/ip6_input.c 26 Jul 2025 01:43:45 -0000 @@ -1440,7 +1440,8 @@ const u_char inet6ctlerrmap[PRC_NCMDS] = extern int ip6_mrtproto; #endif -const struct sysctl_bounded_args ipv6ctl_vars_unlocked[] = { +#ifndef SMALL_KERNEL +const struct sysctl_bounded_args ipv6ctl_vars[] = { { IPV6CTL_FORWARDING, &ip6_forwarding, 0, 2 }, { IPV6CTL_SENDREDIRECTS, &ip6_sendredirects, 0, 1 }, { IPV6CTL_DAD_PENDING, &ip6_dad_pending, SYSCTL_INT_READONLY }, @@ -1459,13 +1460,9 @@ const struct sysctl_bounded_args ipv6ctl { IPV6CTL_MFORWARDING, &ip6_mforwarding, 0, 1 }, { IPV6CTL_MCAST_PMTU, &ip6_mcast_pmtu, 0, 1 }, { IPV6CTL_NEIGHBORGCTHRESH, &ip6_neighborgcthresh, -1, 5 * 2048 }, -}; - -const struct sysctl_bounded_args ipv6ctl_vars[] = { { IPV6CTL_MAXDYNROUTES, &ip6_maxdynroutes, -1, 5 * 4096 }, }; -#ifndef SMALL_KERNEL int ip6_sysctl_ip6stat(void *oldp, size_t *oldlenp, void *newp) { @@ -1501,13 +1498,13 @@ int ip6_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, size_t newlen) { - int error; - /* Almost all sysctl names at this level are terminal. */ if (namelen != 1 && name[0] != IPV6CTL_IFQUEUE) return (ENOTDIR); switch (name[0]) { + case IPV6CTL_SOIIKEY: + return (ip6_sysctl_soiikey(oldp, oldlenp, newp, newlen)); #ifndef SMALL_KERNEL case IPV6CTL_STATS: return (ip6_sysctl_ip6stat(oldp, oldlenp, newp)); @@ -1530,7 +1527,7 @@ ip6_sysctl(int *name, u_int namelen, voi return (EOPNOTSUPP); #endif case IPV6CTL_MTUDISCTIMEOUT: { - int oldval, newval; + int oldval, newval, error; oldval = newval = atomic_load_int(&ip6_mtudisc_timeout); error = sysctl_int_bounded(oldp, oldlenp, newp, newlen, @@ -1548,7 +1545,7 @@ ip6_sysctl(int *name, u_int namelen, voi return (sysctl_niq(name + 1, namelen - 1, oldp, oldlenp, newp, newlen, &ip6intrq)); case IPV6CTL_MULTIPATH: { - int oldval, newval; + int oldval, newval, error; oldval = newval = atomic_load_int(&ip6_multipath); error = sysctl_int_bounded(oldp, oldlenp, newp, newlen, @@ -1561,36 +1558,13 @@ ip6_sysctl(int *name, u_int namelen, voi return (error); } - case IPV6CTL_FORWARDING: - case IPV6CTL_SENDREDIRECTS: - case IPV6CTL_DAD_PENDING: -#ifdef MROUTING - case IPV6CTL_MRTPROTO: -#endif - case IPV6CTL_DEFHLIM: - case IPV6CTL_MAXFRAGPACKETS: - case IPV6CTL_LOG_INTERVAL: - case IPV6CTL_HDRNESTLIMIT: - case IPV6CTL_DAD_COUNT: - case IPV6CTL_AUTO_FLOWLABEL: - case IPV6CTL_DEFMCASTHLIM: - case IPV6CTL_USE_DEPRECATED: - case IPV6CTL_MAXFRAGS: - case IPV6CTL_MFORWARDING: - case IPV6CTL_MCAST_PMTU: - case IPV6CTL_NEIGHBORGCTHRESH: - return (sysctl_bounded_arr( - ipv6ctl_vars_unlocked, nitems(ipv6ctl_vars_unlocked), + default: + return (sysctl_bounded_arr(ipv6ctl_vars, nitems(ipv6ctl_vars), name, namelen, oldp, oldlenp, newp, newlen)); -#endif /* SMALL_KERNEL */ - case IPV6CTL_SOIIKEY: - return (ip6_sysctl_soiikey(oldp, oldlenp, newp, newlen)); +#else default: - NET_LOCK(); - error = sysctl_bounded_arr(ipv6ctl_vars, nitems(ipv6ctl_vars), - name, namelen, oldp, oldlenp, newp, newlen); - NET_UNLOCK(); - return (error); + return (EOPNOTSUPP); +#endif /* SMALL_KERNEL */ } /* NOTREACHED */ }

2025-07-26 01:54 Vitaliy Makkoveev:
Unlock IPV6CTL_MAXDYNROUTES case of ip6_sysctl()
- 2025-07-26 21:35 Alexander Bluhm:
  Unlock IPV6CTL_MAXDYNROUTES case of ip6_sysctl()