Page MenuHomeFreeBSD

ae (Andrey V. Elsukov)
User

Projects

User Details

User Since
Jun 4 2014, 7:25 AM (444 w, 2 d)

Recent Activity

Mon, Nov 28

ae accepted D37511: udp[6]_multi_input: Don't unlock freed inp..
Mon, Nov 28, 6:40 AM
ae accepted D37510: ether_demux: Defer stripping the Ethernet header..
Mon, Nov 28, 6:39 AM

Thu, Nov 17

ae committed rGfe9c4deda9d4: ixgbe: workaround errata about UDP frames with zero checksum (authored by ae).
ixgbe: workaround errata about UDP frames with zero checksum
Thu, Nov 17, 8:17 PM
ae committed rGdaf3d88ac184: ixgbe: workaround errata about UDP frames with zero checksum (authored by ae).
ixgbe: workaround errata about UDP frames with zero checksum
Thu, Nov 17, 8:16 PM

Thu, Nov 10

ae committed rG8526120ad41c: ixgbe: workaround errata about UDP frames with zero checksum (authored by ae).
ixgbe: workaround errata about UDP frames with zero checksum
Thu, Nov 10, 9:47 AM

Oct 6 2022

ae committed rGccd69bd573f1: Ignore IPv6 NA and drop IPv6 NS when BACKUP CARP address is used (authored by ae).
Ignore IPv6 NA and drop IPv6 NS when BACKUP CARP address is used
Oct 6 2022, 5:02 PM
ae closed D36649: Ignore IPv6 NAs and drop IPv6 NSs when BACKUP CARP address is used.
Oct 6 2022, 5:01 PM

Sep 21 2022

ae published D36649: Ignore IPv6 NAs and drop IPv6 NSs when BACKUP CARP address is used for review.
Sep 21 2022, 1:41 PM

Sep 16 2022

ae added a comment to D36510: ipsec: plug use-after-free of SAH.

I'll try to read the patch more carefully this weekend.

Sep 16 2022, 10:20 AM

Sep 13 2022

ae accepted D26719: setkey(8): Improve directions descriptions.
Sep 13 2022, 11:02 AM
ae added a comment to D36536: if_ipsec: use-after-free in ipsec_set_tunnel.

Thanks, the patch is correct.
But I think we need rework the code to avoid such problem in future, or maybe add some comment, or add inline function like this:

Sep 13 2022, 10:29 AM

Aug 22 2022

ae added a comment to D27191: ix(4): Report RX errors as sum of all RX error counters.

Can you take a look at the errata for 82599 that does report checksum error when card receives IPv4 UDP packets with zero checksum?
I found several discussion (on Opensense and FreeBSD forums) about this problem that appeared visible after this commit. Also, I found this PR. In our case we see noticeable RX errors on machines that handle SNMP traps.

Aug 22 2022, 12:02 PM

Aug 17 2022

ae accepted D36140: ipfw: make it possible to specify MTU for "unreach needfrag" action.
Aug 17 2022, 3:16 PM
ae accepted D36155: ipsec: use internal bitset of protocols that are last header.
Aug 17 2022, 2:46 PM
ae accepted D36155: ipsec: use internal bitset of protocols that are last header.
Aug 17 2022, 2:38 PM

Aug 15 2022

ae added a comment to D36140: ipfw: make it possible to specify MTU for "unreach needfrag" action.

Do you plan add similar support for IPv6? There is ICMP6_PACKET_TOO_BIG with the same meaning. But actually it is not unreach message, thus I'm not sure we should do it.

Aug 15 2022, 12:14 PM

Jul 14 2022

ae committed rGc31f8b7bd895: ipfw: add support radix tables and table lookup for MAC addresses (authored by smalukav_gmail.com).
ipfw: add support radix tables and table lookup for MAC addresses
Jul 14 2022, 1:07 PM

Jul 7 2022

ae accepted D35732: netinet6: fix interface handling for loopback traffic.

Good explanation. It would be nice to have something similar somewhere in comments.

Jul 7 2022, 12:29 PM

Jun 9 2022

ae abandoned D18581: Add ability to forward IPv4 packets trough IPv6 only router.

Superseded by D30398.

Jun 9 2022, 10:43 AM

Jun 4 2022

ae committed rG81cac3906eb9: ipfw: add support radix tables and table lookup for MAC addresses (authored by smalukav_gmail.com).
ipfw: add support radix tables and table lookup for MAC addresses
Jun 4 2022, 4:21 PM
ae closed D35103: ipfw: Support radix tables and table lookup for MAC addresses.
Jun 4 2022, 4:21 PM

May 19 2022

ae accepted D33405: Add IFNET_EVENT_UPDATE_BAUDRATE event and use it to update if_baudrate for vlan interfaces created on the LACP lagg..
May 19 2022, 9:34 AM

Apr 18 2022

ae committed rG836f54302e3f: ipfw: fix matching and setting DSCP value for IPv6 (authored by ae).
ipfw: fix matching and setting DSCP value for IPv6
Apr 18 2022, 9:17 AM
ae committed rG17c9c2049004: Fix ipfw fwd that doesn't work in some cases (authored by ae).
Fix ipfw fwd that doesn't work in some cases
Apr 18 2022, 9:11 AM

Apr 11 2022

ae closed D34732: Fix ipfw fwd that doesn't work in some cases.
Apr 11 2022, 11:26 AM
ae committed rG7d98cc096b99: Fix ipfw fwd that doesn't work in some cases (authored by ae).
Fix ipfw fwd that doesn't work in some cases
Apr 11 2022, 11:25 AM
ae committed rG4763c0aa68a7: ipfw: fix matching and setting DSCP value for IPv6 (authored by ae).
ipfw: fix matching and setting DSCP value for IPv6
Apr 11 2022, 10:31 AM
ae closed D34807: ipfw: fix matching and setting DSCP value for IPv6.
Apr 11 2022, 10:30 AM

Apr 6 2022

ae published D34807: ipfw: fix matching and setting DSCP value for IPv6 for review.
Apr 6 2022, 7:20 PM

Apr 4 2022

ae updated the summary of D34732: Fix ipfw fwd that doesn't work in some cases.
Apr 4 2022, 6:55 AM

Apr 1 2022

ae published D34732: Fix ipfw fwd that doesn't work in some cases for review.
Apr 1 2022, 1:55 PM

Mar 2 2022

ae added inline comments to D34340: ovpn: Introduce OpenVPN DCO support.
Mar 2 2022, 7:40 PM
ae added a comment to D34340: ovpn: Introduce OpenVPN DCO support.

There are several comments that don't match our style. Those, that are like:

Mar 2 2022, 7:22 PM

Feb 18 2022

ae accepted D34314: ipsec: sprinkle CURVNET_ASSERT_SET.
Feb 18 2022, 12:27 PM
ae accepted D34313: ipsec: extend vnet coverage in esp_input/output_cb.
Feb 18 2022, 11:52 AM

Jan 24 2022

ae added a comment to D33863: geom_part: auto commit after GEOM_PART has been automatically resized..

I think you can go through using of some sysctl/tunable first.
I.e. by default system will use old behavior, but you can change it for your system.

Jan 24 2022, 10:47 AM

Dec 14 2021

ae added a comment to D33227: syncache: accept packets with no SA when TCP_MD5SIG is set.
In D33227#755751, @bz wrote:

Because otherwise your listen socket cannot have protected and unprotected connections; 5 BGP speakers do MD5, 7 don't.
The socket option is the "turn the feature on", the SADB is your policy to whom you do MD5 and to whom you don't.

Dec 14 2021, 8:14 AM
ae added a comment to D33227: syncache: accept packets with no SA when TCP_MD5SIG is set.

I have no objection. Just a question. What is the reason behind the accepting of non-signed packets on the socket that we explicitly marked that it must use signatures?
I think this will lead to hiding misconfigurations from the user.

Dec 14 2021, 7:38 AM

Dec 13 2021

ae added a comment to D33405: Add IFNET_EVENT_UPDATE_BAUDRATE event and use it to update if_baudrate for vlan interfaces created on the LACP lagg..

I think the patch needs to be updated to reflect epoch related changes in the vlan code.
We use this patch. But I did not checked is it applicable to recent CURRENT or not.

Dec 13 2021, 7:18 AM

Dec 2 2021

ae accepted D33226: tcpmd5: return ENOENT when security association not found.
Dec 2 2021, 5:51 AM

Nov 24 2021

ae added a comment to D33100: ipsec: fix a panic with INVARIANTS.

This looks like leftover from D31271.

Nov 24 2021, 10:47 AM
ae added a reviewer for D33100: ipsec: fix a panic with INVARIANTS: wma.
Nov 24 2021, 10:45 AM

Nov 13 2021

ae accepted D32827: ipsec: fix edge case detection in key_getnewspid.
Nov 13 2021, 9:15 AM
ae accepted D32828: ipsec: make sure the lock allocated in key_newsav does not false-share.
Nov 13 2021, 9:10 AM

Nov 12 2021

ae committed rG80be188a8160: Fix the build after b3c1846830af71ee197dcfbdd9a6bea5980cbbdd (authored by ae).
Fix the build after b3c1846830af71ee197dcfbdd9a6bea5980cbbdd
Nov 12 2021, 1:00 PM
ae committed rGb3c1846830af: ip_divert: calculate delayed checksum for IPv6 adress family (authored by ae).
ip_divert: calculate delayed checksum for IPv6 adress family
Nov 12 2021, 12:22 PM
ae committed rGfaba420cb9b1: ip_divert: calculate delayed checksum for IPv6 adress family (authored by ae).
ip_divert: calculate delayed checksum for IPv6 adress family
Nov 12 2021, 12:21 PM

Nov 3 2021

ae accepted D32826: ipsec: serialize SPI allocation.
Nov 3 2021, 6:10 PM
ae added inline comments to D32826: ipsec: serialize SPI allocation.
Nov 3 2021, 5:02 PM
ae committed rG4a9e95286cac: ip_divert: calculate delayed checksum for IPv6 adress family (authored by ae).
ip_divert: calculate delayed checksum for IPv6 adress family
Nov 3 2021, 12:25 PM
ae closed D32807: Calculate delayed csums for IPv6 adress family in divert_packet.
Nov 3 2021, 12:25 PM
ae added a comment to D32810: Relase LLE table resources before ND6..
In D32810#740413, @bz wrote:

This leads to a lot of questions:
(a) can we check for the NULL pointer and gracefully handle it? Or at least add a KASSERT to document it?

Nov 3 2021, 6:45 AM

Nov 2 2021

ae published D32811: Add nd6_ifinfo() function to do basic checks to avoid NULL pointer dereference for review.
Nov 2 2021, 11:05 PM
ae added a reviewer for D32807: Calculate delayed csums for IPv6 adress family in divert_packet: donner.
Nov 2 2021, 10:17 PM
ae added reviewers for D32810: Relase LLE table resources before ND6.: network, melifaro.
Nov 2 2021, 10:13 PM
ae requested review of D32810: Relase LLE table resources before ND6..
Nov 2 2021, 10:13 PM
ae accepted D32719: udp_input: remove a BSD stack relict.
Nov 2 2021, 7:17 PM
ae published D32807: Calculate delayed csums for IPv6 adress family in divert_packet for review.
Nov 2 2021, 5:08 PM
ae published D32806: Do not fragment forwarded IPv6 datagrams that were send by dummynet for review.
Nov 2 2021, 4:57 PM

Oct 29 2021

ae added a comment to D32719: udp_input: remove a BSD stack relict.

It isn't write only variable. At line 501 original IP header can be changed, this variable keeps its copy.

Oct 29 2021, 8:25 PM

Oct 20 2021

ae added a comment to D32563: net: Allow binding of unspecified address without address existance.
In D32563#735219, @bz wrote:

Has anyone checked what this was before the epoch work came in?

Oct 20 2021, 10:23 AM
ae accepted D32563: net: Allow binding of unspecified address without address existance.
Oct 20 2021, 8:29 AM
ae accepted D32561: bpf: Fix the write filter.

LGTM.

Oct 20 2021, 7:57 AM

Oct 1 2021

ae accepted D31967: Allow the BPF to be select for EVFILT_WRITE with kqueue..
Oct 1 2021, 8:03 AM

Sep 21 2021

ae accepted D32007: ipsec: enter epoch before calling into ipsec_run_hhooks.

LGTM.

Sep 21 2021, 2:47 PM
ae added inline comments to D32007: ipsec: enter epoch before calling into ipsec_run_hhooks.
Sep 21 2021, 12:58 PM

Sep 17 2021

ae added inline comments to D31967: Allow the BPF to be select for EVFILT_WRITE with kqueue..
Sep 17 2021, 8:53 AM

Sep 10 2021

ae accepted D31890: ipsec: Validate the protocol identifier in ipsec4_ctlinput().
Sep 10 2021, 12:24 PM
ae committed rGfa9c65c7aa72: dtrace: fix ipfw_rule_info_t translator (authored by ae).
dtrace: fix ipfw_rule_info_t translator
Sep 10 2021, 10:41 AM
ae committed rGa83a49502989: dtrace: fix ipfw_rule_info_t translator (authored by ae).
dtrace: fix ipfw_rule_info_t translator
Sep 10 2021, 10:36 AM

Sep 6 2021

ae accepted D31824: lltable: do not require prefix lookup when checking lle allocation rules..
Sep 6 2021, 9:31 AM

Sep 3 2021

ae committed rG26302099fb91: ipfw_nat64: fix direct output mode (authored by ae).
ipfw_nat64: fix direct output mode
Sep 3 2021, 6:40 AM

Sep 2 2021

ae accepted D31785: DTrace ipfw: Follow struct ip_fw field change.

Ah, sorry, I committed the fix already..

Sep 2 2021, 1:43 PM
ae committed rG5c8e8e82aeaf: dtrace: fix ipfw_rule_info_t translator (authored by ae).
dtrace: fix ipfw_rule_info_t translator
Sep 2 2021, 1:41 PM

Aug 26 2021

ae closed D31680: Fix NAT64 direct output..
Aug 26 2021, 10:57 AM
ae committed rGda3a09d8941d: ipfw_nat64: fix direct output mode (authored by ae).
ipfw_nat64: fix direct output mode
Aug 26 2021, 10:57 AM

Aug 25 2021

ae published D31680: Fix NAT64 direct output. for review.
Aug 25 2021, 7:24 PM

Aug 24 2021

ae committed rG8d0ced747a02: ipfw: fix possible data race between jump cache reading and updating. (authored by ae).
ipfw: fix possible data race between jump cache reading and updating.
Aug 24 2021, 3:00 PM
ae committed rG304d3f32ba3b: ipfw: fix possible data race between jump cache reading and updating. (authored by ae).
ipfw: fix possible data race between jump cache reading and updating.
Aug 24 2021, 2:59 PM

Aug 17 2021

ae committed rG322e5efda857: ipfw: fix possible data race between jump cache reading and updating. (authored by ae).
ipfw: fix possible data race between jump cache reading and updating.
Aug 17 2021, 8:35 AM
ae closed D31484: Fix data race in jump cache read/update.
Aug 17 2021, 8:35 AM

Aug 13 2021

ae committed rG6144be57c0ab: Fix panic in IPv6 multicast code. (authored by ae).
Fix panic in IPv6 multicast code.
Aug 13 2021, 7:39 AM
ae committed rG40ec2323e689: Fix panic in IPv6 multicast code. (authored by ae).
Fix panic in IPv6 multicast code.
Aug 13 2021, 7:33 AM

Aug 6 2021

ae committed rGd477a7feed17: Fix panic in IPv6 multicast code. (authored by ae).
Fix panic in IPv6 multicast code.
Aug 6 2021, 10:01 AM
ae closed D31420: Fix panic in IPv6 multicast code.
Aug 6 2021, 10:01 AM

Aug 5 2021

ae published D31420: Fix panic in IPv6 multicast code for review.
Aug 5 2021, 9:00 AM

Jul 16 2021

ae accepted D31196: crypto: Constify all transform descriptors.
Jul 16 2021, 7:42 AM

Jul 15 2021

ae accepted D30992: ipsec: Handle ICMP NEEDFRAG message..
Jul 15 2021, 10:27 AM

Jul 5 2021

ae added inline comments to D30993: Check PMTU before sending a frame..
Jul 5 2021, 8:59 AM

Jun 28 2021

ae accepted D30916: ipsec: globalize lft zone and zero out buffers at allocation time.

I have no objection.

Jun 28 2021, 6:29 AM

Jun 16 2021

ae added a comment to D30764: ipfw: Update the pfil mbuf pointer in ipfw_check_frame().

p is a union of struct mbuf ** and void *. So wouldn't setting *p.m do the wrong thing if the packet is passed with PFIL_MEMPTR?

Jun 16 2021, 10:18 AM

Jun 15 2021

ae accepted D30764: ipfw: Update the pfil mbuf pointer in ipfw_check_frame().

I think we can set *p.m unconditionally, like we do in ipfw_check_packet().

Jun 15 2021, 11:21 AM

Jun 11 2021

ae abandoned D12041: direct vlan handling in mlx5en.

The intent of this review was show how we can reduce vlan handling call path. It is not targeted to be included in main stream.

Jun 11 2021, 2:49 PM

May 21 2021

ae added a comment to D29274: VNETify dummynet.
In D29274#682376, @kp wrote:

The locking Tom cites does still need to be fixed, but I think it's mostly okay. The only missing part is the protection of schedlist and aqmlist, and those will probably be better served by NET_EPOCH than by a separate lock. (Because taking the lock in find_sched_type() doesn't protect the struct dn_alg we return from being removed after we release the lock. Being inside NET_EPOCH and waiting to complete the unload until after NET_EPOCH_WAIT should be fine.)

I'll try to post a patch for that later today.

May 21 2021, 12:01 PM

May 17 2021

ae accepted D30313: dummynet: Remove unused code.

Just want to note, I'm sorry for long delay, I moved temporary to another project and dummynet overhaul is not done yet. But I plan to publish the code somewhere on guthub.

May 17 2021, 2:32 PM

May 11 2021

ae accepted D30208: sbin/ipfw: Allow tablearg as hostname.
May 11 2021, 8:41 AM
ae added a comment to D30164: sbin/ipfw: Fix parsing error in table based forward.

I meant the case fwd tableargs.home.lan:8000.

May 11 2021, 7:28 AM

May 10 2021

ae added a comment to D30164: sbin/ipfw: Fix parsing error in table based forward.

Replacing _substrcmp() with strncmp(,,8) breaks the case, when "tablearg" is part of hostname:port syntax.

May 10 2021, 9:51 PM

May 2 2021

ae accepted D30046: sbin/ipfw: Fix null pointer deference when printing counters.
May 2 2021, 12:54 PM

Apr 30 2021

ae accepted D30042: traceroute6: Properly calculate UDP checksum.
Apr 30 2021, 10:33 AM