CVS commit: [netbsd-8] src/sys/net
Module Name:src
Committed By: martin
Date: Mon Mar 11 19:31:31 UTC 2024
Modified Files:
src/sys/net [netbsd-8]: if_tun.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #1946):
sys/net/if_tun.c: revision 1.175
tun(4): Allow IPv6 packets with TUNSLMODE configured.
PR kern/58013
To generate a diff of this commit:
cvs rdiff -u -r1.139.2.4 -r1.139.2.5 src/sys/net/if_tun.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_tun.c
diff -u src/sys/net/if_tun.c:1.139.2.4 src/sys/net/if_tun.c:1.139.2.5
--- src/sys/net/if_tun.c:1.139.2.4 Wed Aug 15 12:07:30 2018
+++ src/sys/net/if_tun.c Mon Mar 11 19:31:31 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: if_tun.c,v 1.139.2.4 2018/08/15 12:07:30 martin Exp $ */
+/* $NetBSD: if_tun.c,v 1.139.2.5 2024/03/11 19:31:31 martin Exp $ */
/*
* Copyright (c) 1988, Julian Onions
@@ -19,7 +19,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: if_tun.c,v 1.139.2.4 2018/08/15 12:07:30 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_tun.c,v 1.139.2.5 2024/03/11 19:31:31 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -577,9 +577,7 @@ tun_output(struct ifnet *ifp, struct mbu
goto out;
}
memcpy(mtod(m0, char *), dst, dst->sa_len);
- }
-
- if (tp->tun_flags & TUN_IFHEAD) {
+ } else if (tp->tun_flags & TUN_IFHEAD) {
/* Prepend the address family */
M_PREPEND(m0, sizeof(*af), M_DONTWAIT);
if (m0 == NULL) {
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Mon Mar 11 19:31:31 UTC 2024 Modified Files: src/sys/net [netbsd-8]: if_tun.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1946): sys/net/if_tun.c: revision 1.175 tun(4): Allow IPv6 packets with TUNSLMODE configured. PR kern/58013 To generate a diff of this commit: cvs rdiff -u -r1.139.2.4 -r1.139.2.5 src/sys/net/if_tun.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net/npf
Module Name:src
Committed By: martin
Date: Wed Aug 23 18:25:04 UTC 2023
Modified Files:
src/sys/net/npf [netbsd-8]: npf_ruleset.c
Log Message:
Pull up following revision(s) (requested by kardel in ticket #1893):
sys/net/npf/npf_ruleset.c: revision 1.52
The analysis documented in PR misc/56990 is correct.
Fix by not returning when encountering a ruleset rule.
The code up to now would stop at any group rule.
ruleset rules are marked as group rule and a dynamic rule.
processing is only finished when a result is present AND
we are looking at a plain group rule.
To generate a diff of this commit:
cvs rdiff -u -r1.45 -r1.45.6.1 src/sys/net/npf/npf_ruleset.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/npf/npf_ruleset.c
diff -u src/sys/net/npf/npf_ruleset.c:1.45 src/sys/net/npf/npf_ruleset.c:1.45.6.1
--- src/sys/net/npf/npf_ruleset.c:1.45 Sun Jan 29 00:15:54 2017
+++ src/sys/net/npf/npf_ruleset.c Wed Aug 23 18:25:04 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: npf_ruleset.c,v 1.45 2017/01/29 00:15:54 christos Exp $ */
+/* $NetBSD: npf_ruleset.c,v 1.45.6.1 2023/08/23 18:25:04 martin Exp $ */
/*-
* Copyright (c) 2009-2015 The NetBSD Foundation, Inc.
@@ -35,7 +35,7 @@
#ifdef _KERNEL
#include
-__KERNEL_RCSID(0, "$NetBSD: npf_ruleset.c,v 1.45 2017/01/29 00:15:54 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_ruleset.c,v 1.45.6.1 2023/08/23 18:25:04 martin Exp $");
#include
#include
@@ -944,7 +944,7 @@ npf_ruleset_inspect(npf_cache_t *npc, co
KASSERT(n < skip_to);
/* Group is a barrier: return a matching if found any. */
- if ((attr & NPF_RULE_GROUP) != 0 && final_rl) {
+ if ((attr & NPF_DYNAMIC_GROUP) == NPF_RULE_GROUP && final_rl) {
break;
}
CVS commit: [netbsd-8] src/sys/net/npf
Module Name:src Committed By: martin Date: Wed Aug 23 18:25:04 UTC 2023 Modified Files: src/sys/net/npf [netbsd-8]: npf_ruleset.c Log Message: Pull up following revision(s) (requested by kardel in ticket #1893): sys/net/npf/npf_ruleset.c: revision 1.52 The analysis documented in PR misc/56990 is correct. Fix by not returning when encountering a ruleset rule. The code up to now would stop at any group rule. ruleset rules are marked as group rule and a dynamic rule. processing is only finished when a result is present AND we are looking at a plain group rule. To generate a diff of this commit: cvs rdiff -u -r1.45 -r1.45.6.1 src/sys/net/npf/npf_ruleset.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src
Committed By: martin
Date: Fri Aug 4 15:00:28 UTC 2023
Modified Files:
src/sys/net [netbsd-8]: bpf.c
Log Message:
Apply patch, requested by ozaki-r in ticket #1885:
sys/net/bpf.c (apply patch)
bpf: allow to read with no filter (regressed at revision 1.213,
fixed differently in -current)
To generate a diff of this commit:
cvs rdiff -u -r1.216.6.8 -r1.216.6.9 src/sys/net/bpf.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/bpf.c
diff -u src/sys/net/bpf.c:1.216.6.8 src/sys/net/bpf.c:1.216.6.9
--- src/sys/net/bpf.c:1.216.6.8 Wed Feb 22 19:51:47 2023
+++ src/sys/net/bpf.c Fri Aug 4 15:00:28 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: bpf.c,v 1.216.6.8 2023/02/22 19:51:47 martin Exp $ */
+/* $NetBSD: bpf.c,v 1.216.6.9 2023/08/04 15:00:28 martin Exp $ */
/*
* Copyright (c) 1990, 1991, 1993
@@ -39,7 +39,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.216.6.8 2023/02/22 19:51:47 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.216.6.9 2023/08/04 15:00:28 martin Exp $");
#if defined(_KERNEL_OPT)
#include "opt_bpf.h"
@@ -1605,6 +1605,8 @@ bpf_deliver(struct bpf_if *bp, void *(*c
else
slen = bpf_filter_ext(NULL, filter->bf_insn,
);
+ } else {
+ slen = (u_int)-1; /* No filter means accept all */
}
if (!slen) {
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Fri Aug 4 15:00:28 UTC 2023 Modified Files: src/sys/net [netbsd-8]: bpf.c Log Message: Apply patch, requested by ozaki-r in ticket #1885: sys/net/bpf.c (apply patch) bpf: allow to read with no filter (regressed at revision 1.213, fixed differently in -current) To generate a diff of this commit: cvs rdiff -u -r1.216.6.8 -r1.216.6.9 src/sys/net/bpf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Thu Jun 8 11:19:05 UTC 2023 Modified Files: src/sys/net [netbsd-8]: route.c Log Message: Pull up following revision(s) (requested by ozaki-r in ticket #1824): sys/net/route.c: revision 1.237 route: run workqueue kthreads with KERNEL_LOCK unless NET_MPSAFE Without KERNEL_LOCK, rt_timer_work and rt_free_work can run in parallel with other LWPs running in the network stack, which eventually results in say use-after-free of a deleted route. To generate a diff of this commit: cvs rdiff -u -r1.194.6.16 -r1.194.6.17 src/sys/net/route.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src
Committed By: martin
Date: Thu Jun 8 11:19:05 UTC 2023
Modified Files:
src/sys/net [netbsd-8]: route.c
Log Message:
Pull up following revision(s) (requested by ozaki-r in ticket #1824):
sys/net/route.c: revision 1.237
route: run workqueue kthreads with KERNEL_LOCK unless NET_MPSAFE
Without KERNEL_LOCK, rt_timer_work and rt_free_work can run in parallel
with other LWPs running in the network stack, which eventually results
in say use-after-free of a deleted route.
To generate a diff of this commit:
cvs rdiff -u -r1.194.6.16 -r1.194.6.17 src/sys/net/route.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/route.c
diff -u src/sys/net/route.c:1.194.6.16 src/sys/net/route.c:1.194.6.17
--- src/sys/net/route.c:1.194.6.16 Wed Feb 22 18:55:06 2023
+++ src/sys/net/route.c Thu Jun 8 11:19:05 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: route.c,v 1.194.6.16 2023/02/22 18:55:06 martin Exp $ */
+/* $NetBSD: route.c,v 1.194.6.17 2023/06/08 11:19:05 martin Exp $ */
/*-
* Copyright (c) 1998, 2008 The NetBSD Foundation, Inc.
@@ -97,7 +97,7 @@
#endif
#include
-__KERNEL_RCSID(0, "$NetBSD: route.c,v 1.194.6.16 2023/02/22 18:55:06 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: route.c,v 1.194.6.17 2023/06/08 11:19:05 martin Exp $");
#include
#ifdef RTFLUSH_DEBUG
@@ -229,12 +229,14 @@ static krwlock_t rt_lock __cacheline_al
#define RT_UNLOCK() rw_exit(_lock)
#define RT_WLOCKED() rw_write_held(_lock)
#define RT_ASSERT_WLOCK() KASSERT(rw_write_held(_lock))
+#define RT_WQ_FLAGS WQ_MPSAFE
#else
#define RT_RLOCK() do {} while (0)
#define RT_WLOCK() do {} while (0)
#define RT_UNLOCK() do {} while (0)
#define RT_WLOCKED() true
#define RT_ASSERT_WLOCK() do {} while (0)
+#define RT_WQ_FLAGS 0
#endif
static uint64_t rtcache_generation;
@@ -479,7 +481,7 @@ rt_init(void)
rt_psref_class = psref_class_create("rtentry", IPL_SOFTNET);
error = workqueue_create(_free_global.wq, "rt_free",
- rt_free_work, NULL, PRI_SOFTNET, IPL_SOFTNET, WQ_MPSAFE);
+ rt_free_work, NULL, PRI_SOFTNET, IPL_SOFTNET, RT_WQ_FLAGS);
if (error)
panic("%s: workqueue_create failed (%d)\n", __func__, error);
@@ -1802,7 +1804,7 @@ rt_timer_init(void)
LIST_INIT(_queue_head);
callout_init(_timer_ch, CALLOUT_MPSAFE);
error = workqueue_create(_timer_wq, "rt_timer",
- rt_timer_work, NULL, PRI_SOFTNET, IPL_SOFTNET, WQ_MPSAFE);
+ rt_timer_work, NULL, PRI_SOFTNET, IPL_SOFTNET, RT_WQ_FLAGS);
if (error)
panic("%s: workqueue_create failed (%d)\n", __func__, error);
callout_reset(_timer_ch, hz, rt_timer_timer, NULL);
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Wed Feb 22 19:51:47 UTC 2023 Modified Files: src/sys/net [netbsd-8]: bpf.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1802): sys/net/bpf.c: revision 1.247 (manually merged) bpf(4): Reject bogus timeout values before arithmetic overflows. To generate a diff of this commit: cvs rdiff -u -r1.216.6.7 -r1.216.6.8 src/sys/net/bpf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src
Committed By: martin
Date: Wed Feb 22 19:51:47 UTC 2023
Modified Files:
src/sys/net [netbsd-8]: bpf.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #1802):
sys/net/bpf.c: revision 1.247 (manually merged)
bpf(4): Reject bogus timeout values before arithmetic overflows.
To generate a diff of this commit:
cvs rdiff -u -r1.216.6.7 -r1.216.6.8 src/sys/net/bpf.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/bpf.c
diff -u src/sys/net/bpf.c:1.216.6.7 src/sys/net/bpf.c:1.216.6.8
--- src/sys/net/bpf.c:1.216.6.7 Sun Aug 4 11:19:03 2019
+++ src/sys/net/bpf.c Wed Feb 22 19:51:47 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: bpf.c,v 1.216.6.7 2019/08/04 11:19:03 martin Exp $ */
+/* $NetBSD: bpf.c,v 1.216.6.8 2023/02/22 19:51:47 martin Exp $ */
/*
* Copyright (c) 1990, 1991, 1993
@@ -39,7 +39,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.216.6.7 2019/08/04 11:19:03 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.216.6.8 2023/02/22 19:51:47 martin Exp $");
#if defined(_KERNEL_OPT)
#include "opt_bpf.h"
@@ -1091,7 +1091,16 @@ bpf_ioctl(struct file *fp, u_long cmd, v
struct timeval *tv = addr;
/* Compute number of ticks. */
- d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick;
+ if (tv->tv_sec < 0 ||
+ tv->tv_usec < 0 || tv->tv_usec >= 100) {
+error = EINVAL;
+break;
+ } else if (tv->tv_sec > INT_MAX/hz - 1) {
+ d->bd_rtout = INT_MAX;
+ } else {
+d->bd_rtout = tv->tv_sec * hz
++ tv->tv_usec / tick;
+ }
if ((d->bd_rtout == 0) && (tv->tv_usec != 0))
d->bd_rtout = 1;
break;
@@ -1120,7 +1129,16 @@ bpf_ioctl(struct file *fp, u_long cmd, v
struct timeval50 *tv = addr;
/* Compute number of ticks. */
- d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick;
+ if (tv->tv_sec < 0 ||
+ tv->tv_usec < 0 || tv->tv_usec >= 100) {
+error = EINVAL;
+break;
+ } else if (tv->tv_sec > INT_MAX/hz - 1) {
+ d->bd_rtout = INT_MAX;
+ } else {
+ d->bd_rtout = tv->tv_sec * hz
++ tv->tv_usec / tick;
+ }
if ((d->bd_rtout == 0) && (tv->tv_usec != 0))
d->bd_rtout = 1;
break;
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Wed Feb 22 18:55:07 UTC 2023 Modified Files: src/sys/net [netbsd-8]: route.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1801): sys/net/route.c: revision 1.236 route(4): Work around deadlock in rt_free wait path. PR kern/56844 To generate a diff of this commit: cvs rdiff -u -r1.194.6.15 -r1.194.6.16 src/sys/net/route.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src
Committed By: martin
Date: Wed Feb 22 18:55:07 UTC 2023
Modified Files:
src/sys/net [netbsd-8]: route.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #1801):
sys/net/route.c: revision 1.236
route(4): Work around deadlock in rt_free wait path.
PR kern/56844
To generate a diff of this commit:
cvs rdiff -u -r1.194.6.15 -r1.194.6.16 src/sys/net/route.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/route.c
diff -u src/sys/net/route.c:1.194.6.15 src/sys/net/route.c:1.194.6.16
--- src/sys/net/route.c:1.194.6.15 Fri Oct 4 11:26:35 2019
+++ src/sys/net/route.c Wed Feb 22 18:55:06 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: route.c,v 1.194.6.15 2019/10/04 11:26:35 martin Exp $ */
+/* $NetBSD: route.c,v 1.194.6.16 2023/02/22 18:55:06 martin Exp $ */
/*-
* Copyright (c) 1998, 2008 The NetBSD Foundation, Inc.
@@ -97,7 +97,7 @@
#endif
#include
-__KERNEL_RCSID(0, "$NetBSD: route.c,v 1.194.6.15 2019/10/04 11:26:35 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: route.c,v 1.194.6.16 2023/02/22 18:55:06 martin Exp $");
#include
#ifdef RTFLUSH_DEBUG
@@ -644,8 +644,17 @@ static bool
rt_wait_ok(void)
{
+ /*
+ * This originally returned !cpu_softintr_p(), but that doesn't
+ * work: the caller may hold a lock (probably softnet lock)
+ * that a softint is waiting for, in which case waiting here
+ * would cause a deadlock. See https://gnats.netbsd.org/56844
+ * for details. For now, until the locking paths are sorted
+ * out, we just disable the waiting option altogether and
+ * always defer to workqueue.
+ */
KASSERT(!cpu_intr_p());
- return !cpu_softintr_p();
+ return false;
}
void
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Mon Oct 10 16:09:13 UTC 2022 Modified Files: src/sys/net [netbsd-8]: if_ethersubr.c Log Message: Pull up following revision(s) (requested by msaitoh in ticket #1770): sys/net/if_ethersubr.c: revision 1.254 Fix a bug in the VLAN path: there's an inverted logic, the mbuf needs to be bigger than struct ether_vlan_header, not smaller. Meanwhile add a KASSERT in the LLC path. To generate a diff of this commit: cvs rdiff -u -r1.242.6.9 -r1.242.6.10 src/sys/net/if_ethersubr.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src
Committed By: martin
Date: Mon Oct 10 16:09:13 UTC 2022
Modified Files:
src/sys/net [netbsd-8]: if_ethersubr.c
Log Message:
Pull up following revision(s) (requested by msaitoh in ticket #1770):
sys/net/if_ethersubr.c: revision 1.254
Fix a bug in the VLAN path: there's an inverted logic, the mbuf needs to
be bigger than struct ether_vlan_header, not smaller.
Meanwhile add a KASSERT in the LLC path.
To generate a diff of this commit:
cvs rdiff -u -r1.242.6.9 -r1.242.6.10 src/sys/net/if_ethersubr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_ethersubr.c
diff -u src/sys/net/if_ethersubr.c:1.242.6.9 src/sys/net/if_ethersubr.c:1.242.6.10
--- src/sys/net/if_ethersubr.c:1.242.6.9 Wed Oct 27 18:52:51 2021
+++ src/sys/net/if_ethersubr.c Mon Oct 10 16:09:12 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: if_ethersubr.c,v 1.242.6.9 2021/10/27 18:52:51 martin Exp $ */
+/* $NetBSD: if_ethersubr.c,v 1.242.6.10 2022/10/10 16:09:12 martin Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -61,7 +61,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.242.6.9 2021/10/27 18:52:51 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.242.6.10 2022/10/10 16:09:12 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -706,7 +706,7 @@ ether_input(struct ifnet *ifp, struct mb
* just being used to store the priority. Extract the ether
* type, and if IP or IPV6, let them deal with it.
*/
- if (m->m_len <= sizeof(*evl)
+ if (m->m_len >= sizeof(*evl)
&& EVL_VLANOFTAG((ntohs(evl->evl_tag))) == 0) {
etype = ntohs(evl->evl_proto);
ehlen = sizeof(*evl);
@@ -841,11 +841,13 @@ ether_input(struct ifnet *ifp, struct mb
return;
}
} else {
+ KASSERT(ehlen == sizeof(*eh));
#if defined (LLC) || defined (NETATALK)
- if (m->m_len < ehlen + sizeof(struct llc)) {
+ if (m->m_len < sizeof(*eh) + sizeof(struct llc)) {
goto dropanyway;
}
l = (struct llc *)(eh+1);
+
switch (l->llc_dsap) {
#ifdef NETATALK
case LLC_SNAP_LSAP:
@@ -871,10 +873,10 @@ ether_input(struct ifnet *ifp, struct mb
sizeof(aarp_org_code)) == 0 &&
ntohs(l->llc_snap_ether_type) ==
ETHERTYPE_AARP) {
- m_adj( m, sizeof(struct ether_header)
+ m_adj(m, sizeof(struct ether_header)
+ sizeof(struct llc));
aarpinput(ifp, m); /* XXX */
-return;
+ return;
}
default:
CVS commit: [netbsd-8] src/sys/net
Module Name:src
Committed By: sborrill
Date: Wed May 4 15:36:35 UTC 2022
Modified Files:
src/sys/net [netbsd-8]: if_pppoe.c
Log Message:
Pull up the following revisions(s) (requested by martin in ticket #1740):
sys/net/if_pppoe.c: revision 1.179
pppoe(4): fix CVE-2022-29867 - discovery phase local network
mbuf corruption.
To generate a diff of this commit:
cvs rdiff -u -r1.125.6.10 -r1.125.6.11 src/sys/net/if_pppoe.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_pppoe.c
diff -u src/sys/net/if_pppoe.c:1.125.6.10 src/sys/net/if_pppoe.c:1.125.6.11
--- src/sys/net/if_pppoe.c:1.125.6.10 Thu Feb 13 19:37:39 2020
+++ src/sys/net/if_pppoe.c Wed May 4 15:36:35 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: if_pppoe.c,v 1.125.6.10 2020/02/13 19:37:39 martin Exp $ */
+/* $NetBSD: if_pppoe.c,v 1.125.6.11 2022/05/04 15:36:35 sborrill Exp $ */
/*-
* Copyright (c) 2002, 2008 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.125.6.10 2020/02/13 19:37:39 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.125.6.11 2022/05/04 15:36:35 sborrill Exp $");
#ifdef _KERNEL_OPT
#include "pppoe.h"
@@ -871,6 +871,10 @@ breakbreak:;
}
sc->sc_ac_cookie_len = ac_cookie_len;
memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len);
+ } else if (sc->sc_ac_cookie) {
+ free(sc->sc_ac_cookie, M_DEVBUF);
+ sc->sc_ac_cookie = NULL;
+ sc->sc_ac_cookie_len = 0;
}
if (relay_sid) {
if (sc->sc_relay_sid)
@@ -886,6 +890,10 @@ breakbreak:;
}
sc->sc_relay_sid_len = relay_sid_len;
memcpy(sc->sc_relay_sid, relay_sid, relay_sid_len);
+ } else if (sc->sc_relay_sid) {
+ free(sc->sc_relay_sid, M_DEVBUF);
+ sc->sc_relay_sid = NULL;
+ sc->sc_relay_sid_len = 0;
}
memcpy(>sc_dest, eh->ether_shost, sizeof sc->sc_dest);
callout_stop(>sc_timeout);
@@ -1313,6 +1321,9 @@ pppoe_get_mbuf(size_t len)
{
struct mbuf *m;
+ if (len + sizeof(struct ether_header) > MCLBYTES)
+ return NULL;
+
MGETHDR(m, M_DONTWAIT, MT_DATA);
if (m == NULL)
return NULL;
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: sborrill Date: Wed May 4 15:36:35 UTC 2022 Modified Files: src/sys/net [netbsd-8]: if_pppoe.c Log Message: Pull up the following revisions(s) (requested by martin in ticket #1740): sys/net/if_pppoe.c: revision 1.179 pppoe(4): fix CVE-2022-29867 - discovery phase local network mbuf corruption. To generate a diff of this commit: cvs rdiff -u -r1.125.6.10 -r1.125.6.11 src/sys/net/if_pppoe.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Sat Jan 29 17:05:45 UTC 2022 Modified Files: src/sys/net [netbsd-8]: ppp_tty.c Log Message: Pull up following revision(s) (requested by msaitoh in ticket #1727): sys/net/ppp_tty.c: revision 1.68 sys/net/ppp_tty.c: revision 1.69 Use unsigned to avoid undefined behavior in pppasyncstart(). Use unsigned to avoid undefined behavior. Found by kUBSan. To generate a diff of this commit: cvs rdiff -u -r1.63 -r1.63.8.1 src/sys/net/ppp_tty.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Sat Jan 29 17:05:45 UTC 2022 Modified Files: src/sys/net [netbsd-8]: ppp_tty.c Log Message: Pull up following revision(s) (requested by msaitoh in ticket #1727): sys/net/ppp_tty.c: revision 1.68 sys/net/ppp_tty.c: revision 1.69 Use unsigned to avoid undefined behavior in pppasyncstart(). Use unsigned to avoid undefined behavior. Found by kUBSan. To generate a diff of this commit: cvs rdiff -u -r1.63 -r1.63.8.1 src/sys/net/ppp_tty.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/net/ppp_tty.c diff -u src/sys/net/ppp_tty.c:1.63 src/sys/net/ppp_tty.c:1.63.8.1 --- src/sys/net/ppp_tty.c:1.63 Sun Oct 2 14:17:07 2016 +++ src/sys/net/ppp_tty.c Sat Jan 29 17:05:44 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: ppp_tty.c,v 1.63 2016/10/02 14:17:07 christos Exp $ */ +/* $NetBSD: ppp_tty.c,v 1.63.8.1 2022/01/29 17:05:44 martin Exp $ */ /* Id: ppp_tty.c,v 1.3 1996/07/01 01:04:11 paulus Exp */ /* @@ -93,7 +93,7 @@ /* from NetBSD: if_ppp.c,v 1.15.2.2 1994/07/28 05:17:58 cgd Exp */ #include -__KERNEL_RCSID(0, "$NetBSD: ppp_tty.c,v 1.63 2016/10/02 14:17:07 christos Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ppp_tty.c,v 1.63.8.1 2022/01/29 17:05:44 martin Exp $"); #ifdef _KERNEL_OPT #include "ppp.h" @@ -181,7 +181,7 @@ static void pppdumpframe(struct ppp_soft /* * Does c need to be escaped? */ -#define ESCAPE_P(c) (sc->sc_asyncmap[(c) >> 5] & (1 << ((c) & 0x1F))) +#define ESCAPE_P(c) (sc->sc_asyncmap[(c) >> 5] & (1U << ((c) & 0x1F))) /* * Procedures for using an async tty interface for PPP. @@ -1012,7 +1012,7 @@ pppinput(int c, struct tty *tp) sc->sc_flags |= SC_RCV_B7_1; else sc->sc_flags |= SC_RCV_B7_0; -if (paritytab[c >> 5] & (1 << (c & 0x1F))) +if (paritytab[c >> 5] & (1U << (c & 0x1F))) sc->sc_flags |= SC_RCV_ODDP; else sc->sc_flags |= SC_RCV_EVNP; @@ -1093,7 +1093,7 @@ pppinput(int c, struct tty *tp) return 0; } -if (c < 0x20 && (sc->sc_rasyncmap & (1 << c))) +if (c < 0x20 && (sc->sc_rasyncmap & (1U << c))) return 0; s = spltty();
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Wed Oct 27 18:52:51 UTC 2021 Modified Files: src/sys/net [netbsd-8]: if_ethersubr.c Log Message: Fix merge mishap from previous (ticket #1704) To generate a diff of this commit: cvs rdiff -u -r1.242.6.8 -r1.242.6.9 src/sys/net/if_ethersubr.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src
Committed By: martin
Date: Wed Oct 27 18:52:51 UTC 2021
Modified Files:
src/sys/net [netbsd-8]: if_ethersubr.c
Log Message:
Fix merge mishap from previous (ticket #1704)
To generate a diff of this commit:
cvs rdiff -u -r1.242.6.8 -r1.242.6.9 src/sys/net/if_ethersubr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_ethersubr.c
diff -u src/sys/net/if_ethersubr.c:1.242.6.8 src/sys/net/if_ethersubr.c:1.242.6.9
--- src/sys/net/if_ethersubr.c:1.242.6.8 Mon Oct 25 18:16:07 2021
+++ src/sys/net/if_ethersubr.c Wed Oct 27 18:52:51 2021
@@ -1,4 +1,4 @@
-/* $NetBSD: if_ethersubr.c,v 1.242.6.8 2021/10/25 18:16:07 martin Exp $ */
+/* $NetBSD: if_ethersubr.c,v 1.242.6.9 2021/10/27 18:52:51 martin Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -61,7 +61,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.242.6.8 2021/10/25 18:16:07 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.242.6.9 2021/10/27 18:52:51 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -707,7 +707,7 @@ ether_input(struct ifnet *ifp, struct mb
* type, and if IP or IPV6, let them deal with it.
*/
if (m->m_len <= sizeof(*evl)
- && EVL_VLANOFTAG((ntohs(evl->evl_tag)) == 0) {
+ && EVL_VLANOFTAG((ntohs(evl->evl_tag))) == 0) {
etype = ntohs(evl->evl_proto);
ehlen = sizeof(*evl);
if ((m->m_flags & M_PROMISC) == 0
CVS commit: [netbsd-8] src/sys/net
Module Name:src
Committed By: martin
Date: Mon Oct 25 18:16:07 UTC 2021
Modified Files:
src/sys/net [netbsd-8]: if_ethersubr.c
Log Message:
Pull up following revision(s) (requested by ryo in ticket #1704):
sys/net/if_ethersubr.c: revision 1.302
frame's vlan tag must be ntohs()'ed.
VLAN 0 Priority tag was misrecognized on non vlan-hwtagging interfaces.
To generate a diff of this commit:
cvs rdiff -u -r1.242.6.7 -r1.242.6.8 src/sys/net/if_ethersubr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_ethersubr.c
diff -u src/sys/net/if_ethersubr.c:1.242.6.7 src/sys/net/if_ethersubr.c:1.242.6.8
--- src/sys/net/if_ethersubr.c:1.242.6.7 Tue Oct 8 18:12:44 2019
+++ src/sys/net/if_ethersubr.c Mon Oct 25 18:16:07 2021
@@ -1,4 +1,4 @@
-/* $NetBSD: if_ethersubr.c,v 1.242.6.7 2019/10/08 18:12:44 martin Exp $ */
+/* $NetBSD: if_ethersubr.c,v 1.242.6.8 2021/10/25 18:16:07 martin Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -61,7 +61,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.242.6.7 2019/10/08 18:12:44 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.242.6.8 2021/10/25 18:16:07 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -707,7 +707,7 @@ ether_input(struct ifnet *ifp, struct mb
* type, and if IP or IPV6, let them deal with it.
*/
if (m->m_len <= sizeof(*evl)
- && EVL_VLANOFTAG(evl->evl_tag) == 0) {
+ && EVL_VLANOFTAG((ntohs(evl->evl_tag)) == 0) {
etype = ntohs(evl->evl_proto);
ehlen = sizeof(*evl);
if ((m->m_flags & M_PROMISC) == 0
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Mon Oct 25 18:16:07 UTC 2021 Modified Files: src/sys/net [netbsd-8]: if_ethersubr.c Log Message: Pull up following revision(s) (requested by ryo in ticket #1704): sys/net/if_ethersubr.c: revision 1.302 frame's vlan tag must be ntohs()'ed. VLAN 0 Priority tag was misrecognized on non vlan-hwtagging interfaces. To generate a diff of this commit: cvs rdiff -u -r1.242.6.7 -r1.242.6.8 src/sys/net/if_ethersubr.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src
Committed By: martin
Date: Thu Nov 14 16:00:51 UTC 2019
Modified Files:
src/sys/net [netbsd-8]: if_loop.c
Log Message:
Pull up the following revisions, requested by msaitoh in ticket #1438:
sys/net/if_loop.c 1.108-1.109 via patch
Fix a bug that an IP broadcast packet back to myself
is dropped as bad checksum when an interface's checksum
offload is set.
To generate a diff of this commit:
cvs rdiff -u -r1.94.6.4 -r1.94.6.5 src/sys/net/if_loop.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_loop.c
diff -u src/sys/net/if_loop.c:1.94.6.4 src/sys/net/if_loop.c:1.94.6.5
--- src/sys/net/if_loop.c:1.94.6.4 Tue Jan 2 10:20:33 2018
+++ src/sys/net/if_loop.c Thu Nov 14 16:00:51 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: if_loop.c,v 1.94.6.4 2018/01/02 10:20:33 snj Exp $ */
+/* $NetBSD: if_loop.c,v 1.94.6.5 2019/11/14 16:00:51 martin Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -65,7 +65,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: if_loop.c,v 1.94.6.4 2018/01/02 10:20:33 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_loop.c,v 1.94.6.5 2019/11/14 16:00:51 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -320,8 +320,13 @@ looutput(struct ifnet *ifp, struct mbuf
KASSERT((csum_flags & ~(M_CSUM_IPv4|M_CSUM_UDPv4)) == 0);
if (csum_flags != 0 && IN_LOOPBACK_NEED_CHECKSUM(csum_flags)) {
ip_undefer_csum(m, 0, csum_flags);
+ m->m_pkthdr.csum_flags = 0;
+ } else {
+ /*
+ * Do nothing. Pass M_CSUM_IPv4 and M_CSUM_UDPv4 as
+ * they are to tell those are calculated and good.
+ */
}
- m->m_pkthdr.csum_flags = 0;
pktq = ip_pktq;
break;
#endif
@@ -332,8 +337,13 @@ looutput(struct ifnet *ifp, struct mbuf
if (csum_flags != 0 &&
IN6_LOOPBACK_NEED_CHECKSUM(csum_flags)) {
ip6_undefer_csum(m, 0, csum_flags);
+ m->m_pkthdr.csum_flags = 0;
+ } else {
+ /*
+ * Do nothing. Pass M_CSUM_UDPv6 as
+ * they are to tell those are calculated and good.
+ */
}
- m->m_pkthdr.csum_flags = 0;
m->m_flags |= M_LOOP;
pktq = ip6_pktq;
break;
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Thu Nov 14 16:00:51 UTC 2019 Modified Files: src/sys/net [netbsd-8]: if_loop.c Log Message: Pull up the following revisions, requested by msaitoh in ticket #1438: sys/net/if_loop.c 1.108-1.109 via patch Fix a bug that an IP broadcast packet back to myself is dropped as bad checksum when an interface's checksum offload is set. To generate a diff of this commit: cvs rdiff -u -r1.94.6.4 -r1.94.6.5 src/sys/net/if_loop.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Wed Nov 13 12:53:35 UTC 2019 Modified Files: src/sys/net [netbsd-8]: if_vlan.c Log Message: Pull up following revision(s) (requested by yamaguchi in ticket #1434): sys/net/if_vlan.c: revision 1.148 Fix a bug that vlan(4) fragments IPv6 packets even the MTU > packet length. The bug is appeared when the mtu is increased on SIOCSETVLAN. >From t-kusaba@IIJ To generate a diff of this commit: cvs rdiff -u -r1.97.2.17 -r1.97.2.18 src/sys/net/if_vlan.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/net/if_vlan.c diff -u src/sys/net/if_vlan.c:1.97.2.17 src/sys/net/if_vlan.c:1.97.2.18 --- src/sys/net/if_vlan.c:1.97.2.17 Thu Oct 24 15:48:37 2019 +++ src/sys/net/if_vlan.c Wed Nov 13 12:53:34 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: if_vlan.c,v 1.97.2.17 2019/10/24 15:48:37 martin Exp $ */ +/* $NetBSD: if_vlan.c,v 1.97.2.18 2019/11/13 12:53:34 martin Exp $ */ /*- * Copyright (c) 2000, 2001 The NetBSD Foundation, Inc. @@ -78,7 +78,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: if_vlan.c,v 1.97.2.17 2019/10/24 15:48:37 martin Exp $"); +__KERNEL_RCSID(0, "$NetBSD: if_vlan.c,v 1.97.2.18 2019/11/13 12:53:34 martin Exp $"); #ifdef _KERNEL_OPT #include "opt_inet.h" @@ -119,6 +119,7 @@ __KERNEL_RCSID(0, "$NetBSD: if_vlan.c,v #ifdef INET6 #include #include +#include #endif #include "ioconf.h" @@ -520,6 +521,12 @@ vlan_config(struct ifvlan *ifv, struct i nmib->ifvm_p = p; nmib->ifvm_tag = vid; ifv->ifv_if.if_mtu = p->if_mtu - nmib->ifvm_mtufudge; +#ifdef INET6 + KERNEL_LOCK_UNLESS_NET_MPSAFE(); + if (in6_present) + nd6_setmtu(ifp); + KERNEL_UNLOCK_UNLESS_NET_MPSAFE(); +#endif ifv->ifv_if.if_flags = p->if_flags & (IFF_UP | IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST);
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Wed Nov 13 12:53:35 UTC 2019 Modified Files: src/sys/net [netbsd-8]: if_vlan.c Log Message: Pull up following revision(s) (requested by yamaguchi in ticket #1434): sys/net/if_vlan.c: revision 1.148 Fix a bug that vlan(4) fragments IPv6 packets even the MTU > packet length. The bug is appeared when the mtu is increased on SIOCSETVLAN. >From t-kusaba@IIJ To generate a diff of this commit: cvs rdiff -u -r1.97.2.17 -r1.97.2.18 src/sys/net/if_vlan.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Thu Oct 24 15:48:37 UTC 2019 Modified Files: src/sys/net [netbsd-8]: if_vlan.c Log Message: Pull up following revision(s) (requested by ozaki-r in ticket #1411): sys/net/if_vlan.c: revision 1.147 vlan: get rid of unnecessary if_ipackets++ in vlan_input It's done by if_input() below now. Pointed out by msaitoh@ To generate a diff of this commit: cvs rdiff -u -r1.97.2.16 -r1.97.2.17 src/sys/net/if_vlan.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Thu Oct 24 15:48:37 UTC 2019 Modified Files: src/sys/net [netbsd-8]: if_vlan.c Log Message: Pull up following revision(s) (requested by ozaki-r in ticket #1411): sys/net/if_vlan.c: revision 1.147 vlan: get rid of unnecessary if_ipackets++ in vlan_input It's done by if_input() below now. Pointed out by msaitoh@ To generate a diff of this commit: cvs rdiff -u -r1.97.2.16 -r1.97.2.17 src/sys/net/if_vlan.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/net/if_vlan.c diff -u src/sys/net/if_vlan.c:1.97.2.16 src/sys/net/if_vlan.c:1.97.2.17 --- src/sys/net/if_vlan.c:1.97.2.16 Mon Oct 22 07:41:12 2018 +++ src/sys/net/if_vlan.c Thu Oct 24 15:48:37 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: if_vlan.c,v 1.97.2.16 2018/10/22 07:41:12 martin Exp $ */ +/* $NetBSD: if_vlan.c,v 1.97.2.17 2019/10/24 15:48:37 martin Exp $ */ /*- * Copyright (c) 2000, 2001 The NetBSD Foundation, Inc. @@ -78,7 +78,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: if_vlan.c,v 1.97.2.16 2018/10/22 07:41:12 martin Exp $"); +__KERNEL_RCSID(0, "$NetBSD: if_vlan.c,v 1.97.2.17 2019/10/24 15:48:37 martin Exp $"); #ifdef _KERNEL_OPT #include "opt_inet.h" @@ -1622,7 +1622,6 @@ vlan_input(struct ifnet *ifp, struct mbu } m_set_rcvif(m, >ifv_if); - ifv->ifv_if.if_ipackets++; if (pfil_run_hooks(ifp->if_pfil, , ifp, PFIL_IN) != 0) goto out;
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Tue Oct 8 18:12:44 UTC 2019 Modified Files: src/sys/net [netbsd-8]: if_ethersubr.c Log Message: Pull up following revision(s) (requested by msaitoh in ticket #1402): sys/net/if_ethersubr.c: revision 1.277 Increment if_iqdrops when dropping an oversized frame. To generate a diff of this commit: cvs rdiff -u -r1.242.6.6 -r1.242.6.7 src/sys/net/if_ethersubr.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Tue Oct 8 18:12:44 UTC 2019 Modified Files: src/sys/net [netbsd-8]: if_ethersubr.c Log Message: Pull up following revision(s) (requested by msaitoh in ticket #1402): sys/net/if_ethersubr.c: revision 1.277 Increment if_iqdrops when dropping an oversized frame. To generate a diff of this commit: cvs rdiff -u -r1.242.6.6 -r1.242.6.7 src/sys/net/if_ethersubr.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/net/if_ethersubr.c diff -u src/sys/net/if_ethersubr.c:1.242.6.6 src/sys/net/if_ethersubr.c:1.242.6.7 --- src/sys/net/if_ethersubr.c:1.242.6.6 Tue Oct 8 18:09:41 2019 +++ src/sys/net/if_ethersubr.c Tue Oct 8 18:12:44 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: if_ethersubr.c,v 1.242.6.6 2019/10/08 18:09:41 martin Exp $ */ +/* $NetBSD: if_ethersubr.c,v 1.242.6.7 2019/10/08 18:12:44 martin Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -61,7 +61,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.242.6.6 2019/10/08 18:09:41 martin Exp $"); +__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.242.6.7 2019/10/08 18:12:44 martin Exp $"); #ifdef _KERNEL_OPT #include "opt_inet.h" @@ -603,6 +603,7 @@ ether_input(struct ifnet *ifp, struct mb ifp->if_xname, m->m_pkthdr.len); } mutex_exit(_lock); + ifp->if_iqdrops++; m_freem(m); return; }
CVS commit: [netbsd-8] src/sys/net
Module Name:src
Committed By: martin
Date: Tue Oct 8 18:09:41 UTC 2019
Modified Files:
src/sys/net [netbsd-8]: if_ethersubr.c
Log Message:
Pull up following revision(s) (requested by ozaki-r in ticket #1401):
sys/net/if_ethersubr.c: revision 1.255
Fix two bugs in altq_etherclassify. When scanning the mbuf chain we need
to make sure that m_next is not NULL, otherwise NULL deref. After that,
we must not touch m->m_pkthdr, given that 'm' may not be the first mbuf
of the chain anymore.
Declare mtop, and add a KASSERT to make sure it has M_PKTHDR set.
To generate a diff of this commit:
cvs rdiff -u -r1.242.6.5 -r1.242.6.6 src/sys/net/if_ethersubr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_ethersubr.c
diff -u src/sys/net/if_ethersubr.c:1.242.6.5 src/sys/net/if_ethersubr.c:1.242.6.6
--- src/sys/net/if_ethersubr.c:1.242.6.5 Tue Mar 13 15:40:25 2018
+++ src/sys/net/if_ethersubr.c Tue Oct 8 18:09:41 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: if_ethersubr.c,v 1.242.6.5 2018/03/13 15:40:25 martin Exp $ */
+/* $NetBSD: if_ethersubr.c,v 1.242.6.6 2019/10/08 18:09:41 martin Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -61,7 +61,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.242.6.5 2018/03/13 15:40:25 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.242.6.6 2019/10/08 18:09:41 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -463,10 +463,13 @@ void
altq_etherclassify(struct ifaltq *ifq, struct mbuf *m)
{
struct ether_header *eh;
+ struct mbuf *mtop = m;
uint16_t ether_type;
int hlen, af, hdrsize;
void *hdr;
+ KASSERT((mtop->m_flags & M_PKTHDR) != 0);
+
hlen = ETHER_HDR_LEN;
eh = mtod(m, struct ether_header *);
@@ -508,7 +511,10 @@ altq_etherclassify(struct ifaltq *ifq, s
while (m->m_len <= hlen) {
hlen -= m->m_len;
m = m->m_next;
+ if (m == NULL)
+ goto bad;
}
+
if (m->m_len < (hlen + hdrsize)) {
/*
* protocol header not in a single mbuf.
@@ -527,11 +533,12 @@ altq_etherclassify(struct ifaltq *ifq, s
hdr = mtod(m, void *);
- if (ALTQ_NEEDS_CLASSIFY(ifq))
- m->m_pkthdr.pattr_class =
+ if (ALTQ_NEEDS_CLASSIFY(ifq)) {
+ mtop->m_pkthdr.pattr_class =
(*ifq->altq_classify)(ifq->altq_clfier, m, af);
- m->m_pkthdr.pattr_af = af;
- m->m_pkthdr.pattr_hdr = hdr;
+ }
+ mtop->m_pkthdr.pattr_af = af;
+ mtop->m_pkthdr.pattr_hdr = hdr;
m->m_data -= hlen;
m->m_len += hlen;
@@ -539,9 +546,9 @@ altq_etherclassify(struct ifaltq *ifq, s
return;
bad:
- m->m_pkthdr.pattr_class = NULL;
- m->m_pkthdr.pattr_hdr = NULL;
- m->m_pkthdr.pattr_af = AF_UNSPEC;
+ mtop->m_pkthdr.pattr_class = NULL;
+ mtop->m_pkthdr.pattr_hdr = NULL;
+ mtop->m_pkthdr.pattr_af = AF_UNSPEC;
}
#endif /* ALTQ */
CVS commit: [netbsd-8] src/sys/net
Module Name:src
Committed By: martin
Date: Fri Oct 4 11:26:35 UTC 2019
Modified Files:
src/sys/net [netbsd-8]: route.c
Log Message:
Pull up following revision(s) (requested by rin in ticket #1398):
sys/net/route.c: revision 1.222
Stop passing a large const structure by value, in order to avoid
possible kernel stack overflow; const pointer is suffice here.
Pointed out by the lgtm bot and kamil.
OK ozaki-r
XXX
pullup to netbsd-9
To generate a diff of this commit:
cvs rdiff -u -r1.194.6.14 -r1.194.6.15 src/sys/net/route.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/route.c
diff -u src/sys/net/route.c:1.194.6.14 src/sys/net/route.c:1.194.6.15
--- src/sys/net/route.c:1.194.6.14 Tue Sep 24 18:27:09 2019
+++ src/sys/net/route.c Fri Oct 4 11:26:35 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: route.c,v 1.194.6.14 2019/09/24 18:27:09 martin Exp $ */
+/* $NetBSD: route.c,v 1.194.6.15 2019/10/04 11:26:35 martin Exp $ */
/*-
* Copyright (c) 1998, 2008 The NetBSD Foundation, Inc.
@@ -97,7 +97,7 @@
#endif
#include
-__KERNEL_RCSID(0, "$NetBSD: route.c,v 1.194.6.14 2019/09/24 18:27:09 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: route.c,v 1.194.6.15 2019/10/04 11:26:35 martin Exp $");
#include
#ifdef RTFLUSH_DEBUG
@@ -1387,47 +1387,48 @@ rt_setgate(struct rtentry *rt, const str
}
static struct ifaddr *
-rt_update_get_ifa(const struct rt_addrinfo info, const struct rtentry *rt,
+rt_update_get_ifa(const struct rt_addrinfo *info, const struct rtentry *rt,
struct ifnet **ifp, struct psref *psref_ifp, struct psref *psref)
{
struct ifaddr *ifa = NULL;
*ifp = NULL;
- if (info.rti_info[RTAX_IFP] != NULL) {
- ifa = ifa_ifwithnet_psref(info.rti_info[RTAX_IFP], psref);
+ if (info->rti_info[RTAX_IFP] != NULL) {
+ ifa = ifa_ifwithnet_psref(info->rti_info[RTAX_IFP], psref);
if (ifa == NULL)
goto next;
*ifp = ifa->ifa_ifp;
if_acquire(*ifp, psref_ifp);
- if (info.rti_info[RTAX_IFA] == NULL &&
- info.rti_info[RTAX_GATEWAY] == NULL)
+ if (info->rti_info[RTAX_IFA] == NULL &&
+ info->rti_info[RTAX_GATEWAY] == NULL)
goto next;
ifa_release(ifa, psref);
- if (info.rti_info[RTAX_IFA] == NULL) {
+ if (info->rti_info[RTAX_IFA] == NULL) {
/* route change -ifp */
- ifa = ifaof_ifpforaddr_psref(info.rti_info[RTAX_GATEWAY],
- *ifp, psref);
+ ifa = ifaof_ifpforaddr_psref(
+ info->rti_info[RTAX_GATEWAY], *ifp, psref);
} else {
/* route change -ifp -ifa */
- ifa = ifa_ifwithaddr_psref(info.rti_info[RTAX_IFA], psref);
+ ifa = ifa_ifwithaddr_psref(info->rti_info[RTAX_IFA],
+ psref);
if (ifa != NULL)
goto out;
- ifa = ifaof_ifpforaddr_psref(info.rti_info[RTAX_IFA],
+ ifa = ifaof_ifpforaddr_psref(info->rti_info[RTAX_IFA],
*ifp, psref);
}
goto out;
}
next:
- if (info.rti_info[RTAX_IFA] != NULL) {
+ if (info->rti_info[RTAX_IFA] != NULL) {
/* route change -ifa */
- ifa = ifa_ifwithaddr_psref(info.rti_info[RTAX_IFA], psref);
+ ifa = ifa_ifwithaddr_psref(info->rti_info[RTAX_IFA], psref);
if (ifa != NULL)
goto out;
}
- if (info.rti_info[RTAX_GATEWAY] != NULL) {
+ if (info->rti_info[RTAX_GATEWAY] != NULL) {
/* route change */
ifa = ifa_ifwithroute_psref(rt->rt_flags, rt_getkey(rt),
- info.rti_info[RTAX_GATEWAY], psref);
+ info->rti_info[RTAX_GATEWAY], psref);
}
out:
if (ifa != NULL && *ifp == NULL) {
@@ -1487,7 +1488,7 @@ rt_update(struct rtentry *rt, struct rt_
* flags may also be different; ifp may be specified
* by ll sockaddr when protocol address is ambiguous
*/
- new_ifa = rt_update_get_ifa(*info, rt, _ifp, _new_ifp,
+ new_ifa = rt_update_get_ifa(info, rt, _ifp, _new_ifp,
_new_ifa);
if (new_ifa != NULL) {
ifa_release(ifa, _ifa);
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Fri Oct 4 11:26:35 UTC 2019 Modified Files: src/sys/net [netbsd-8]: route.c Log Message: Pull up following revision(s) (requested by rin in ticket #1398): sys/net/route.c: revision 1.222 Stop passing a large const structure by value, in order to avoid possible kernel stack overflow; const pointer is suffice here. Pointed out by the lgtm bot and kamil. OK ozaki-r XXX pullup to netbsd-9 To generate a diff of this commit: cvs rdiff -u -r1.194.6.14 -r1.194.6.15 src/sys/net/route.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src
Committed By: martin
Date: Sun Aug 4 11:19:03 UTC 2019
Modified Files:
src/sys/net [netbsd-8]: bpf.c
Log Message:
Pull up following revision(s) (requested by maxv in ticket #1323):
sys/net/bpf.c: revision 1.229
Fix info leak: use kmem_zalloc, because we align the buffers, and the
otherwise uninitialized padding bytes get copied to userland in bpf_read().
To generate a diff of this commit:
cvs rdiff -u -r1.216.6.6 -r1.216.6.7 src/sys/net/bpf.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/bpf.c
diff -u src/sys/net/bpf.c:1.216.6.6 src/sys/net/bpf.c:1.216.6.7
--- src/sys/net/bpf.c:1.216.6.6 Tue May 15 13:48:37 2018
+++ src/sys/net/bpf.c Sun Aug 4 11:19:03 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: bpf.c,v 1.216.6.6 2018/05/15 13:48:37 martin Exp $ */
+/* $NetBSD: bpf.c,v 1.216.6.7 2019/08/04 11:19:03 martin Exp $ */
/*
* Copyright (c) 1990, 1991, 1993
@@ -39,7 +39,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.216.6.6 2018/05/15 13:48:37 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.216.6.7 2019/08/04 11:19:03 martin Exp $");
#if defined(_KERNEL_OPT)
#include "opt_bpf.h"
@@ -1969,10 +1969,10 @@ static int
bpf_allocbufs(struct bpf_d *d)
{
- d->bd_fbuf = kmem_alloc(d->bd_bufsize, KM_NOSLEEP);
+ d->bd_fbuf = kmem_zalloc(d->bd_bufsize, KM_NOSLEEP);
if (!d->bd_fbuf)
return (ENOBUFS);
- d->bd_sbuf = kmem_alloc(d->bd_bufsize, KM_NOSLEEP);
+ d->bd_sbuf = kmem_zalloc(d->bd_bufsize, KM_NOSLEEP);
if (!d->bd_sbuf) {
kmem_free(d->bd_fbuf, d->bd_bufsize);
return (ENOBUFS);
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Sun Aug 4 11:19:03 UTC 2019 Modified Files: src/sys/net [netbsd-8]: bpf.c Log Message: Pull up following revision(s) (requested by maxv in ticket #1323): sys/net/bpf.c: revision 1.229 Fix info leak: use kmem_zalloc, because we align the buffers, and the otherwise uninitialized padding bytes get copied to userland in bpf_read(). To generate a diff of this commit: cvs rdiff -u -r1.216.6.6 -r1.216.6.7 src/sys/net/bpf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Sun Aug 4 11:01:22 UTC 2019 Modified Files: src/sys/net [netbsd-8]: raw_usrreq.c Log Message: Pull up following revision(s) (requested by ozaki-r in ticket #1318): sys/net/raw_usrreq.c: revision 1.63 sys/net/raw_usrreq.c: revision 1.64 Fix typo (s/m_free/m_freem/) This fixes PR kern/54419 "mbuf leak when deleting route" from sc dying. - Fix typo (s/m_free/m_freem/) (one more) To generate a diff of this commit: cvs rdiff -u -r1.56.4.2 -r1.56.4.3 src/sys/net/raw_usrreq.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src
Committed By: martin
Date: Sun Aug 4 11:01:22 UTC 2019
Modified Files:
src/sys/net [netbsd-8]: raw_usrreq.c
Log Message:
Pull up following revision(s) (requested by ozaki-r in ticket #1318):
sys/net/raw_usrreq.c: revision 1.63
sys/net/raw_usrreq.c: revision 1.64
Fix typo (s/m_free/m_freem/)
This fixes PR kern/54419 "mbuf leak when deleting route" from sc dying.
-
Fix typo (s/m_free/m_freem/) (one more)
To generate a diff of this commit:
cvs rdiff -u -r1.56.4.2 -r1.56.4.3 src/sys/net/raw_usrreq.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/raw_usrreq.c
diff -u src/sys/net/raw_usrreq.c:1.56.4.2 src/sys/net/raw_usrreq.c:1.56.4.3
--- src/sys/net/raw_usrreq.c:1.56.4.2 Mon Apr 9 13:34:10 2018
+++ src/sys/net/raw_usrreq.c Sun Aug 4 11:01:22 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: raw_usrreq.c,v 1.56.4.2 2018/04/09 13:34:10 bouyer Exp $ */
+/* $NetBSD: raw_usrreq.c,v 1.56.4.3 2019/08/04 11:01:22 martin Exp $ */
/*
* Copyright (c) 1980, 1986, 1993
@@ -36,7 +36,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: raw_usrreq.c,v 1.56.4.2 2018/04/09 13:34:10 bouyer Exp $");
+__KERNEL_RCSID(0, "$NetBSD: raw_usrreq.c,v 1.56.4.3 2019/08/04 11:01:22 martin Exp $");
#include
#include
@@ -120,12 +120,12 @@ raw_input(struct mbuf *m0, ...)
}
if (last != NULL) {
if (sbappendaddr(>so_rcv, src, m, NULL) == 0) {
- m_free(m);
+ m_freem(m);
soroverflow(last);
} else
sorwakeup(last);
} else {
- m_free(m);
+ m_freem(m);
}
}
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Wed May 29 16:01:51 UTC 2019 Modified Files: src/sys/net [netbsd-8]: rtsock.c Log Message: Pull up following revision(s) (requested by ozaki-r in ticket #1276): sys/net/rtsock.c: revision 1.250 Don't take softnet_lock in sysctl_rtable Taking softnet_lock there can cause a deadlock with nfs sosend, so we don't. Having only KERNEL_LOCK is enough because now the routing table is protected by KERNEL_LOCK that was introduced by the fix for PR 53043. PR kern/54227 from Paul Ripke To generate a diff of this commit: cvs rdiff -u -r1.213.2.12 -r1.213.2.13 src/sys/net/rtsock.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/net
Module Name:src
Committed By: martin
Date: Wed May 29 16:01:51 UTC 2019
Modified Files:
src/sys/net [netbsd-8]: rtsock.c
Log Message:
Pull up following revision(s) (requested by ozaki-r in ticket #1276):
sys/net/rtsock.c: revision 1.250
Don't take softnet_lock in sysctl_rtable
Taking softnet_lock there can cause a deadlock with nfs sosend, so we don't.
Having only KERNEL_LOCK is enough because now the routing table is protected by
KERNEL_LOCK that was introduced by the fix for PR 53043.
PR kern/54227 from Paul Ripke
To generate a diff of this commit:
cvs rdiff -u -r1.213.2.12 -r1.213.2.13 src/sys/net/rtsock.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/rtsock.c
diff -u src/sys/net/rtsock.c:1.213.2.12 src/sys/net/rtsock.c:1.213.2.13
--- src/sys/net/rtsock.c:1.213.2.12 Thu Mar 7 16:59:10 2019
+++ src/sys/net/rtsock.c Wed May 29 16:01:51 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: rtsock.c,v 1.213.2.12 2019/03/07 16:59:10 martin Exp $ */
+/* $NetBSD: rtsock.c,v 1.213.2.13 2019/05/29 16:01:51 martin Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -61,7 +61,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: rtsock.c,v 1.213.2.12 2019/03/07 16:59:10 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: rtsock.c,v 1.213.2.13 2019/05/29 16:01:51 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -1873,7 +1873,7 @@ again:
w.w_needed = 0 - w.w_given;
w.w_where = where;
- SOFTNET_KERNEL_LOCK_UNLESS_NET_MPSAFE();
+ KERNEL_LOCK_UNLESS_NET_MPSAFE();
s = splsoftnet();
switch (w.w_op) {
@@ -1932,7 +1932,7 @@ again:
break;
}
splx(s);
- SOFTNET_KERNEL_UNLOCK_UNLESS_NET_MPSAFE();
+ KERNEL_UNLOCK_UNLESS_NET_MPSAFE();
/* check to see if we couldn't allocate memory with NOWAIT */
if (error == ENOBUFS && w.w_tmem == 0 && w.w_tmemneeded)
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Tue May 14 11:37:13 UTC 2019 Modified Files: src/sys/net [netbsd-8]: if_media.c Log Message: Pull up following revision(s) (requested by msaitoh in ticket #1266): sys/net/if_media.c: revision 1.42 (via patch) Add missing error check. To generate a diff of this commit: cvs rdiff -u -r1.32.6.2 -r1.32.6.3 src/sys/net/if_media.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/net/if_media.c diff -u src/sys/net/if_media.c:1.32.6.2 src/sys/net/if_media.c:1.32.6.3 --- src/sys/net/if_media.c:1.32.6.2 Tue Jan 2 10:20:33 2018 +++ src/sys/net/if_media.c Tue May 14 11:37:12 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: if_media.c,v 1.32.6.2 2018/01/02 10:20:33 snj Exp $ */ +/* $NetBSD: if_media.c,v 1.32.6.3 2019/05/14 11:37:12 martin Exp $ */ /*- * Copyright (c) 1998 The NetBSD Foundation, Inc. @@ -76,7 +76,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: if_media.c,v 1.32.6.2 2018/01/02 10:20:33 snj Exp $"); +__KERNEL_RCSID(0, "$NetBSD: if_media.c,v 1.32.6.3 2019/05/14 11:37:12 martin Exp $"); #include #include @@ -335,6 +335,9 @@ _ifmedia_ioctl(struct ifnet *ifp, struct : nwords; int *kptr = (int *)malloc(minwords * sizeof(int), M_TEMP, M_WAITOK); + + if (kptr == NULL) +return ENOMEM; /* * Get the media words from the interface's list. */
CVS commit: [netbsd-8] src/sys/net
Module Name:src Committed By: martin Date: Tue May 14 11:37:13 UTC 2019 Modified Files: src/sys/net [netbsd-8]: if_media.c Log Message: Pull up following revision(s) (requested by msaitoh in ticket #1266): sys/net/if_media.c: revision 1.42 (via patch) Add missing error check. To generate a diff of this commit: cvs rdiff -u -r1.32.6.2 -r1.32.6.3 src/sys/net/if_media.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Re: CVS commit: [netbsd-8] src/sys/net
I think you forgot something: Index: sys/net/if_vlan.c === RCS file: /cvsroot/src/sys/net/if_vlan.c,v retrieving revision 1.97.2.15 diff -u -r1.97.2.15 if_vlan.c --- sys/net/if_vlan.c 21 Oct 2018 11:55:54 - 1.97.2.15 +++ sys/net/if_vlan.c 21 Oct 2018 18:36:20 - @@ -161,6 +161,7 @@ * instead of direct dereference */ kmutex_t ifv_lock; /* writer lock for ifv_mib */ + pserialize_t ifv_psz; LIST_HEAD(__vlan_mchead, vlan_mc_entry) ifv_mc_listhead; LIST_ENTRY(ifvlan) ifv_list; -- Hisashi T Fujinaka - ht...@twofifty.com BSEE + BSChem + BAEnglish + MSCS + $2.50 = coffee
