Various minor whitespace cleanups

Accumulated along the way.

kernel - Add per-process capability-based restrictions

* This new system allows userland to set capability restrictions which
turns off numerous kernel features and root accesses. These restricti

kernel - Add per-process capability-based restrictions

* This new system allows userland to set capability restrictions which
turns off numerous kernel features and root accesses. These restrictions
are inherited by sub-processes recursively. Once set, restrictions cannot
be removed.

Basic restrictions that mimic an unadorned jail can be enabled without
creating a jail, but generally speaking real security also requires
creating a chrooted filesystem topology, and a jail is still needed
to really segregate processes from each other. If you do so, however,
you can (for example) disable mount/umount and most global root-only
features.

* Add new system calls and a manual page for syscap_get(2) and syscap_set(2)

* Add sys/caps.h

* Add the "setcaps" userland utility and manual page.

* Remove priv.9 and the priv_check infrastructure, replacing it with
a newly designed caps infrastructure.

* The intention is to add path restriction lists and similar features to
improve jailess security in the near future, and to optimize the
priv_check code.

show more ...

network - Remove ip_len header-length adjustment

* This should remove the last main code path modifications to packet
mbuf contents. The IP header in the mbuf is now basically left alone
whenev

network - Remove ip_len header-length adjustment

* This should remove the last main code path modifications to packet
mbuf contents. The IP header in the mbuf is now basically left alone
whenever possible, bringing us in-line with FreeBSD and Linux and
removing cache-line bounces between cpus and between a cpu and the
related PCIe DMA.

* Do not adjust ip_len to remove the IP header length.

* Various protocol stacks do the subtraction themselves, when needed.

* Various bits of code that added the length back in to execute a function
then removed it again cleaned up.

* IP reassembly (in ip_input.c and pf_norm.c) cleaned up.

show more ...

network - Remove host-order translations of ipv4 ip_off and ip_len

* Do not translate ip_off and ip_len to host order and then back again
in the network stack. The fields are now left in network

network - Remove host-order translations of ipv4 ip_off and ip_len

* Do not translate ip_off and ip_len to host order and then back again
in the network stack. The fields are now left in network order.

show more ...

udp: Port IPPROTO_IP/IP_TOS cmsg support from FreeBSD.

udp: Port FreeBSD's IPPROTO_IP/IP_SENDSRCADDR.

Minor difference:
- Multicast src is not allowed.
- Always allow src, if it is same as inp_laddr and is not multicast.

While I'm here, fix datagram se

udp: Port FreeBSD's IPPROTO_IP/IP_SENDSRCADDR.

Minor difference:
- Multicast src is not allowed.
- Always allow src, if it is same as inp_laddr and is not multicast.

While I'm here, fix datagram sending for multicast bound and connected
UDP socket.

show more ...

jail - add jail.defaults.allow_listen_override (3)

* Normalize the nominal jail IP conversions to the system call
interface whenever it is convenient. Remove conversions that
were previously in

jail - add jail.defaults.allow_listen_override (3)

* Normalize the nominal jail IP conversions to the system call
interface whenever it is convenient. Remove conversions that
were previously in the udp and tcp connect and send code.

* Also do jail IP conversions in bind(), connect(), extconnect(),
sendto(), sendmsg(), recvfrom(), recvmsg().

* Refactor in_pcbladdr_find() to improve jail bindings, try to find
the correct interface IP to bind to. When a route is utilized,
iterate available interface IPs to locate a jail-acceptable IP
on the same interface.

show more ...

world/kernel: Use the powerof2() macro in various places.

socket: introduce SO_RERROR to detect receive buffer overflow

kernel receive buffers are initially of a limited size and
generally the network protocols that use them don't care
if a packet gets los

socket: introduce SO_RERROR to detect receive buffer overflow

kernel receive buffers are initially of a limited size and
generally the network protocols that use them don't care
if a packet gets lost.

However some users do care about lost messages even if not
baked into the protocol - such as consumers of route(4) to
track state.

POSIX states that read(2) can return an error of ENOBUFS so
return this error code when an overflow is detected.
Guard this with socket option SO_RERROR so that existing
applications which do not care can carry on not caring by
default.

Taken-from: NetBSD
Reviewed-by: sephe

show more ...

kernel - Replace kmalloc_cachealign() with kmalloc(... M_CACHEALIGN)

* Add M_CACHEALIGN, which ensures that the result is aligned to
a cache line.

* Remove kmalloc_cachealign(), replacing all use

kernel - Replace kmalloc_cachealign() with kmalloc(... M_CACHEALIGN)

* Add M_CACHEALIGN, which ensures that the result is aligned to
a cache line.

* Remove kmalloc_cachealign(), replacing all uses with kmalloc
using M_CACHEALIGN.

show more ...

kernel: Remove numerous #include <sys/thread2.h>.

Most of them were added when we converted spl*() calls to
crit_enter()/crit_exit(), almost 14 years ago. We can now
remove a good chunk of them agai

kernel: Remove numerous #include <sys/thread2.h>.

Most of them were added when we converted spl*() calls to
crit_enter()/crit_exit(), almost 14 years ago. We can now
remove a good chunk of them again for where crit_*() are
no longer used.

I had to adjust some files that were relying on thread2.h
or headers that it includes coming in via other headers
that it was removed from.

show more ...

Move jail staffs from <net/if.h> and <netinet/in.h> to <sys/jail.h>

* <net/if.h>: Move out prison_if() function prototype to <sys/jail.h>

* <netinet/in.h>: Move out prison_replace_wildcards() and p

Move jail staffs from <net/if.h> and <netinet/in.h> to <sys/jail.h>

* <net/if.h>: Move out prison_if() function prototype to <sys/jail.h>

* <netinet/in.h>: Move out prison_replace_wildcards() and prison_remote_ip()
function prototypes to <sys/jail.h>

* Include <sys/jail.h> header for those files in need of it

Obtained-from: FreeBSD (r72786)

show more ...

Remove IPsec and related code from the system.

It was unmaintained ever since we inherited it from FreeBSD 4.8.

In fact, we had two implementations from that time: IPSEC and FAST_IPSEC.
FAST_IPSEC

Remove IPsec and related code from the system.

It was unmaintained ever since we inherited it from FreeBSD 4.8.

In fact, we had two implementations from that time: IPSEC and FAST_IPSEC.
FAST_IPSEC is the implementation to which FreeBSD has moved since, but
it didn't even build in DragonFly.

Fixes for dports have been committed to DeltaPorts.

Requested-by: dillon
Dports-testing-and-fixing: zrj

show more ...

tcp/udp: Make sure hash size macro is powerof2

route: Routes should only be accessed from the first netisr_ncpus netisrs.

Replicate routes to the first netisr_ncpus CPUs, instead of all CPUs.

netisr: Simplify assertion related bits

inpcb: Simplify inpcb marker interface

udp: It only runs in the first netisr_ncpus netisrs.

inet: Local group index is not assigned in jail.

Dragonfly-bug: https://bugs.dragonflybsd.org/issues/3035

udp: Don't assume power of 2 netisrs.

inpcb: Add function to set inpcbinfo's portinfo.

This unbreaks inpcbinfo.portinfo_mask -> inpcbinfo.portinfo_cnt
conversion for divert inpcbs (unused by rip inpcbs).

inpcb: Don't rely on ncpus2 for local port allocation.

inpcb: Use netisr_ncpus for listing inpcbs.

libkern: Make inet_ntoa MPSAFE by passing string buffer to it.

ip: Set mbuf hash for output IP packets.

This paves the way to implement Flow-Queue-Codel.