From 60299d873c4b49985abe58ba4eb1807d1e6152e5 Mon Sep 17 00:00:00 2001 From: David van Moolenbroek Date: Mon, 20 Feb 2017 14:07:55 +0000 Subject: [PATCH] etc/rc: start lwip service Change-Id: I10cfdcde490987b93c79532a2c53dda2307b83ce --- distrib/sets/lists/minix-base/mi | 1 + etc/Makefile | 2 +- etc/rs.lwip | 67 ++++++++++++++++++++++++++++++++ etc/usr/rc | 29 ++++++++++++++ 4 files changed, 98 insertions(+), 1 deletion(-) create mode 100755 etc/rs.lwip diff --git a/distrib/sets/lists/minix-base/mi b/distrib/sets/lists/minix-base/mi index 0ee5192a8..12b5a0142 100644 --- a/distrib/sets/lists/minix-base/mi +++ b/distrib/sets/lists/minix-base/mi @@ -172,6 +172,7 @@ ./etc/rc.subr minix-base ./etc/release minix-base ./etc/rs.inet minix-base obsolete +./etc/rs.lwip minix-base ./etc/rs.single minix-base ./etc/saslc.d minix-base crypto ./etc/saslc.d/postfix minix-base crypto diff --git a/etc/Makefile b/etc/Makefile index 8e8fc9358..9096b9c31 100644 --- a/etc/Makefile +++ b/etc/Makefile @@ -105,7 +105,7 @@ BIN1+= \ syslog.conf # MINIX-only files: BIN1+= boot.cfg.default rc.minix \ - rs.single termcap utmp + rs.lwip rs.single termcap utmp .else BIN1+= bootptab changelist csh.cshrc csh.login \ csh.logout daily daily.conf dm.conf envsys.conf floppytab ftpchroot \ diff --git a/etc/rs.lwip b/etc/rs.lwip new file mode 100755 index 000000000..01114542b --- /dev/null +++ b/etc/rs.lwip @@ -0,0 +1,67 @@ +#!/bin/sh + +# Recovery script for LWIP. Aside from restarting the LWIP service itself, the +# script aims to restart all of networking. This includes in particular any +# network daemons: these daemons typically have open (listening) sockets that +# will now have become invalid, and the daemons typically do not know how to +# deal with that. Unfortunately, there is no reliable way to determine the +# list of rc scripts that concern network daemons, so for now we hardcode a +# list of known ones here: this is the list of network-related rc.d scripts. +# FIXME: since we are not yet done importing etc/rc.d from NetBSD, this list is +# still incomplete and should be extended as more scripts are imported! +RC_SCRIPTS="dhclient dhcpcd dhcpd dhcrelay ftpd inetd named network rtadvd \ + sshd staticroute syslogd" + +exec < /dev/console +exec > /dev/console +exec 2> /dev/console + +export HOME=/ +export PATH=/sbin:/usr/sbin:/bin:/usr/bin + +. /etc/rc.subr +. /etc/rc.conf + +# Restart the LWIP service. + +# There is no need to shut down daemons before bringing back up the service. +# Note that "minix-service restart" does not do the same as these steps, and in +# fact breaks a proper LWIP restart. +restarts=$(grep restarts /proc/service/$1 | cut -d: -f2) +minix-service down "$1" +minix-service up /service/lwip -dev /dev/bpf -script /etc/rs.lwip \ + -restarts $(($restarts + 1)) + +# Reload TCP ISN, or make a new one if there is none. Do not save anything. +TCPISN_FILE=/usr/adm/tcpisn.dat +TCPISN_LEN=$(sysctl -n net.inet.tcp.isn_secret | awk '{print length/2}') +if [ ! -f $TCPISN_FILE ]; then TCPISN_FILE=/dev/random; fi +sysctl -qw net.inet.tcp.isn_secret=`dd if=$TCPISN_FILE bs=$TCPISN_LEN \ + count=1 2>/dev/null | hexdump -v -e '/1 "%02x"'` 2>/dev/null + +# Let LWIP find all network drivers before performing initialization. +sleep 1 + +# XXX temporary block until the networking rc scripts are fully imported! +exit 0 + +# Restart all network daemons. + +# Start with dhcpcd, which may be launched directly from ifconfig.if(5) scripts +# and therefore may not be enabled in, and thus stopped by, rc.d scripts below. +service dhcpcd onestop >/dev/null 2>&1 + +# Then stop and start all known network daemons using their rc.d scripts. +regex='/('"$(echo $RC_SCRIPTS | tr ' ' '|')"')$' +scripts=$(for rcd in ${rc_directories:-/etc/rc.d}; do + test -d ${rcd} && echo ${rcd}/*; done) +files=$(rcorder ${scripts} | grep -E "$regex") + +for _rc_elem in $(reverse_list $files); do + # We have already stopped dhcpcd if it was running, so skip it here. + [ $_rc_elem != /etc/rc.d/dhcpcd ] && run_rc_script $_rc_elem stop +done + +for _rc_elem in $files; do + run_rc_script $_rc_elem start +done diff --git a/etc/usr/rc b/etc/usr/rc index 9c375d326..d444adaf3 100644 --- a/etc/usr/rc +++ b/etc/usr/rc @@ -1,6 +1,7 @@ # /usr/etc/rc - continued system initialization. RANDOM_FILE=/usr/adm/random.dat +TCPISN_FILE=/usr/adm/tcpisn.dat LOCAL_FILE=/usr/etc/rc.local ARCH="`sysenv arch`" @@ -254,6 +255,34 @@ start) # pty needs to know the "tty" group ID up pty -dev /dev/ptmx -args "gid=`stat -f '%g' /dev/ptmx`" + # Start the LWIP service. + up lwip -dev /dev/bpf -script /etc/rs.lwip + + # Load stable seed for TCP Initial Sequence Number generation (RFC 6528). + # The idea here is that (especially) after a system crash, the seed stays + # the same, so as to make it unlikely that incoming packets for connections + # from before the crash are accepted on connections after the crash. + TCPISN_LEN=$(sysctl -n net.inet.tcp.isn_secret | awk '{print length/2}') + if [ ! -f $TCPISN_FILE ]; then + # If the /usr file system is read-only, we cannot create the file. In + # that case, we draw a temporary secret from the random service. + if grep ' \/usr .*rw.*' /etc/mtab >/dev/null; then + dd if=/dev/random of=$TCPISN_FILE bs=$TCPISN_LEN count=1 2>/dev/null + else + TCPISN_FILE=/dev/random + fi + fi + sysctl -qw net.inet.tcp.isn_secret=`dd if=$TCPISN_FILE bs=$TCPISN_LEN \ + count=1 2>/dev/null | hexdump -v -e '/1 "%02x"'` 2>/dev/null + + # LWIP does not block until all network drivers have fully initialized and + # reported back to LWIP. That may prevent proper configuration of the + # corresponding interfaces a bit later. Sleep up to five seconds waiting + # for all registered network drivers to initialize and report to LWIP. + for i in 1 2 3 4 5; do + [ $(sysctl -n minix.lwip.drivers.pending) -gt 0 ] && sleep 1 + done + up uds up -n ipc -- 2.44.0