Re: svn commit: r360068 - in head/sys: kern net sys
On 21 Apr 2020, at 4:34, Kyle Evans wrote:
On Mon, Apr 20, 2020 at 9:14 PM Kyle Evans wrote:
On Mon, Apr 20, 2020 at 8:15 PM Eric van Gyzen
wrote:
+ sz = asprintf(, M_TEMP, "%s-%s-%s", uuid, if_name(ifp),
+ jailname);
+ if (sz < 0) {
+ /* Fall back to a random mac address. */
I was wondering if it would be valuable to give this fall back
something
like:
printf("%s: unable to create fixed mac address; using
random
mac address", if_name(ifp));
This will only be printed in rare circumstances. But in that case
will
provide valuable information.
That would potentially be valuable, yes. On the other hand, we
traditionally
don???t sprinkle a lot of printf()s around in the kernel. This is
extremely
unlikely to happen, and if it does odds are attaching the
interface will
fail at an earlier or later point, you may struggle to pass
packets and run
into any number of other issues.
It???s also possible to diagnose absent the printf(), because the
MAC
address will be locally administered rather than within the
FreeBSD OUI.
So, in short: not a bad idea. You can argue it both ways, and I
find myself
(weakly) on the opposite side.
Would displaying the message only when verbose boot mode is enabled
be
a suitable compromise?
We could completely avoid the problems of dynamic allocation by
calling
SHA1Update three times, feeding each piece of data separately.
For bonus points, use a single char[] to save stack space, too.
Maybe
use a union, for legibility, and to ensure the proper size without
ugly
assertions.
To be honest, I'd be more inclined to just revert this part of it and
push it all back onto the stack. It's still < 512 bytes and pretty
much always called in short paths because it's generally only used
during initial creation of some ifnet; I found the concern about the
stack usage here, specifically, a bit dubious in the first place, and
this follow-up hasn't left me enjoying it any further.
Sorry, to clarify: I'm also pretty much OK with SHA1Update 3x if I'm
alone in the "don't really care about this particular stack usage"
camp, but I've found it useful that they're currently joined into a
single buffer as I've had occasion to dump it in the past to confirm
my understanding of the pedigree of the output, in case of, e.g.,
generated conflicts.
For what it’s worth, I’m in your camp: a few hundred bytes of stack
use doesn’t matter much here. Straightforward code is more important.
Best regards,
Kristof
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r360068 - in head/sys: kern net sys
On Mon, Apr 20, 2020 at 9:14 PM Kyle Evans wrote:
>
> On Mon, Apr 20, 2020 at 8:15 PM Eric van Gyzen wrote:
> >
> > + sz = asprintf(, M_TEMP, "%s-%s-%s", uuid, if_name(ifp),
> > + jailname);
> > + if (sz < 0) {
> > + /* Fall back to a random mac address. */
> > >>>
> > >>>
> > >>> I was wondering if it would be valuable to give this fall back something
> > >>> like:
> > >>>
> > >>> printf("%s: unable to create fixed mac address; using random
> > >>> mac address", if_name(ifp));
> > >>>
> > >>> This will only be printed in rare circumstances. But in that case will
> > >>> provide valuable information.
> > >>>
> > >> That would potentially be valuable, yes. On the other hand, we
> > >> traditionally
> > >> don???t sprinkle a lot of printf()s around in the kernel. This is
> > >> extremely
> > >> unlikely to happen, and if it does odds are attaching the interface will
> > >> fail at an earlier or later point, you may struggle to pass packets and
> > >> run
> > >> into any number of other issues.
> > >> It???s also possible to diagnose absent the printf(), because the MAC
> > >> address will be locally administered rather than within the FreeBSD OUI.
> > >>
> > >> So, in short: not a bad idea. You can argue it both ways, and I find
> > >> myself
> > >> (weakly) on the opposite side.
> > >
> > > Would displaying the message only when verbose boot mode is enabled be
> > > a suitable compromise?
> >
> > We could completely avoid the problems of dynamic allocation by calling
> > SHA1Update three times, feeding each piece of data separately.
> >
> > For bonus points, use a single char[] to save stack space, too. Maybe
> > use a union, for legibility, and to ensure the proper size without ugly
> > assertions.
> >
>
> To be honest, I'd be more inclined to just revert this part of it and
> push it all back onto the stack. It's still < 512 bytes and pretty
> much always called in short paths because it's generally only used
> during initial creation of some ifnet; I found the concern about the
> stack usage here, specifically, a bit dubious in the first place, and
> this follow-up hasn't left me enjoying it any further.
>
Sorry, to clarify: I'm also pretty much OK with SHA1Update 3x if I'm
alone in the "don't really care about this particular stack usage"
camp, but I've found it useful that they're currently joined into a
single buffer as I've had occasion to dump it in the past to confirm
my understanding of the pedigree of the output, in case of, e.g.,
generated conflicts.
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r360068 - in head/sys: kern net sys
On Mon, Apr 20, 2020 at 8:15 PM Eric van Gyzen wrote:
>
> + sz = asprintf(, M_TEMP, "%s-%s-%s", uuid, if_name(ifp),
> + jailname);
> + if (sz < 0) {
> + /* Fall back to a random mac address. */
> >>>
> >>>
> >>> I was wondering if it would be valuable to give this fall back something
> >>> like:
> >>>
> >>> printf("%s: unable to create fixed mac address; using random
> >>> mac address", if_name(ifp));
> >>>
> >>> This will only be printed in rare circumstances. But in that case will
> >>> provide valuable information.
> >>>
> >> That would potentially be valuable, yes. On the other hand, we
> >> traditionally
> >> don???t sprinkle a lot of printf()s around in the kernel. This is extremely
> >> unlikely to happen, and if it does odds are attaching the interface will
> >> fail at an earlier or later point, you may struggle to pass packets and run
> >> into any number of other issues.
> >> It???s also possible to diagnose absent the printf(), because the MAC
> >> address will be locally administered rather than within the FreeBSD OUI.
> >>
> >> So, in short: not a bad idea. You can argue it both ways, and I find myself
> >> (weakly) on the opposite side.
> >
> > Would displaying the message only when verbose boot mode is enabled be
> > a suitable compromise?
>
> We could completely avoid the problems of dynamic allocation by calling
> SHA1Update three times, feeding each piece of data separately.
>
> For bonus points, use a single char[] to save stack space, too. Maybe
> use a union, for legibility, and to ensure the proper size without ugly
> assertions.
>
To be honest, I'd be more inclined to just revert this part of it and
push it all back onto the stack. It's still < 512 bytes and pretty
much always called in short paths because it's generally only used
during initial creation of some ifnet; I found the concern about the
stack usage here, specifically, a bit dubious in the first place, and
this follow-up hasn't left me enjoying it any further.
Thanks,
Kyle Evans
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r360068 - in head/sys: kern net sys
+ sz = asprintf(, M_TEMP, "%s-%s-%s", uuid, if_name(ifp),
+ jailname);
+ if (sz < 0) {
+ /* Fall back to a random mac address. */
I was wondering if it would be valuable to give this fall back something
like:
printf("%s: unable to create fixed mac address; using random
mac address", if_name(ifp));
This will only be printed in rare circumstances. But in that case will
provide valuable information.
That would potentially be valuable, yes. On the other hand, we traditionally
don???t sprinkle a lot of printf()s around in the kernel. This is extremely
unlikely to happen, and if it does odds are attaching the interface will
fail at an earlier or later point, you may struggle to pass packets and run
into any number of other issues.
It???s also possible to diagnose absent the printf(), because the MAC
address will be locally administered rather than within the FreeBSD OUI.
So, in short: not a bad idea. You can argue it both ways, and I find myself
(weakly) on the opposite side.
Would displaying the message only when verbose boot mode is enabled be
a suitable compromise?
We could completely avoid the problems of dynamic allocation by calling
SHA1Update three times, feeding each piece of data separately.
For bonus points, use a single char[] to save stack space, too. Maybe
use a union, for legibility, and to ensure the proper size without ugly
assertions.
Eric
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r360068 - in head/sys: kern net sys
On Sun, Apr 19, 2020 at 04:19:06PM +0200, Kristof Provost wrote:
> On 19 Apr 2020, at 15:33, Ronald Klop wrote:
> > On Sat, 18 Apr 2020 09:50:30 +0200, Kristof Provost
> > wrote:
> >
> > > Author: kp
> > > Date: Sat Apr 18 07:50:30 2020
> > > New Revision: 360068
> > > URL: https://svnweb.freebsd.org/changeset/base/360068
> > >
> > > Log:
> > > ethersubr: Make the mac address generation more robust
> > > If we create two (vnet) jails and create a bridge interface in each
> > > we end up
> > > with the same mac address on both bridge interfaces.
> > > These very often conflicts, resulting in same mac address in both
> > > jails.
> > > Mitigate this problem by including the jail name in the mac address.
> > > Reviewed by: kevans, melifaro
> > > MFC after: 1 week
> > > Differential Revision: https://reviews.freebsd.org/D24383
> > >
> > > Modified:
> > > head/sys/kern/kern_jail.c
> > > head/sys/net/if_ethersubr.c
> > > head/sys/sys/jail.h
> > >
> > > Modified: head/sys/kern/kern_jail.c
> > > ==
> > > --- head/sys/kern/kern_jail.c Sat Apr 18 03:14:16 2020
> > > (r360067)
> > > +++ head/sys/kern/kern_jail.c Sat Apr 18 07:50:30 2020
> > > (r360068)
> > > @@ -2920,6 +2920,15 @@ getcredhostid(struct ucred *cred, unsigned
> > > long *hosti
> > > mtx_unlock(>cr_prison->pr_mtx);
> > > }
> > > +void
> > > +getjailname(struct ucred *cred, char *name, size_t len)
> > > +{
> > > +
> > > + mtx_lock(>cr_prison->pr_mtx);
> > > + strlcpy(name, cred->cr_prison->pr_name, len);
> > > + mtx_unlock(>cr_prison->pr_mtx);
> > > +}
> > > +
> > > #ifdef VIMAGE
> > > /*
> > > * Determine whether the prison represented by cred owns
> > >
> > > Modified: head/sys/net/if_ethersubr.c
> > > ==
> > > --- head/sys/net/if_ethersubr.c Sat Apr 18 03:14:16 2020
> > > (r360067)
> > > +++ head/sys/net/if_ethersubr.c Sat Apr 18 07:50:30 2020
> > > (r360068)
> > > @@ -1419,27 +1419,39 @@ ether_8021q_frame(struct mbuf **mp, struct
> > > ifnet *ife,
> > > /*
> > > * Allocate an address from the FreeBSD Foundation OUI. This uses a
> > > - * cryptographic hash function on the containing jail's UUID and
> > > the interface
> > > - * name to attempt to provide a unique but stable address.
> > > Pseudo-interfaces
> > > - * which require a MAC address should use this function to allocate
> > > - * non-locally-administered addresses.
> > > + * cryptographic hash function on the containing jail's name, UUID
> > > and the
> > > + * interface name to attempt to provide a unique but stable address.
> > > + * Pseudo-interfaces which require a MAC address should use this
> > > function to
> > > + * allocate non-locally-administered addresses.
> > > */
> > > void
> > > ether_gen_addr(struct ifnet *ifp, struct ether_addr *hwaddr)
> > > {
> > > -#define ETHER_GEN_ADDR_BUFSIZ HOSTUUIDLEN + IFNAMSIZ + 2
> > > SHA1_CTX ctx;
> > > - char buf[ETHER_GEN_ADDR_BUFSIZ];
> > > + char *buf;
> > > char uuid[HOSTUUIDLEN + 1];
> > > uint64_t addr;
> > > int i, sz;
> > > char digest[SHA1_RESULTLEN];
> > > + char jailname[MAXHOSTNAMELEN];
> > > getcredhostuuid(curthread->td_ucred, uuid, sizeof(uuid));
> > > - sz = snprintf(buf, ETHER_GEN_ADDR_BUFSIZ, "%s-%s", uuid,
> > > ifp->if_xname);
> > > + /* If each (vnet) jail would also have a unique hostuuid this
> > > would not
> > > + * be necessary. */
> > > + getjailname(curthread->td_ucred, jailname, sizeof(jailname));
> > > + sz = asprintf(, M_TEMP, "%s-%s-%s", uuid, if_name(ifp),
> > > + jailname);
> > > + if (sz < 0) {
> > > + /* Fall back to a random mac address. */
> >
> >
> > I was wondering if it would be valuable to give this fall back something
> > like:
> >
> >printf("%s: unable to create fixed mac address; using random
> > mac address", if_name(ifp));
> >
> > This will only be printed in rare circumstances. But in that case will
> > provide valuable information.
> >
> That would potentially be valuable, yes. On the other hand, we traditionally
> don???t sprinkle a lot of printf()s around in the kernel. This is extremely
> unlikely to happen, and if it does odds are attaching the interface will
> fail at an earlier or later point, you may struggle to pass packets and run
> into any number of other issues.
> It???s also possible to diagnose absent the printf(), because the MAC
> address will be locally administered rather than within the FreeBSD OUI.
>
> So, in short: not a bad idea. You can argue it both ways, and I find myself
> (weakly) on the opposite side.
Would displaying the message only when verbose boot mode is enabled be
a suitable compromise?
Thanks,
--
Shawn Webb
Cofounder / Security Engineer
HardenedBSD
GPG Key ID: 0xFF2E67A277F8E1FA
GPG Key Fingerprint: D206 BB45 15E0 9C49 0CF9 3633 C85B 0AF8 AB23 0FB2
Re: svn commit: r360068 - in head/sys: kern net sys
On 19 Apr 2020, at 15:33, Ronald Klop wrote:
On Sat, 18 Apr 2020 09:50:30 +0200, Kristof Provost
wrote:
Author: kp
Date: Sat Apr 18 07:50:30 2020
New Revision: 360068
URL: https://svnweb.freebsd.org/changeset/base/360068
Log:
ethersubr: Make the mac address generation more robust
If we create two (vnet) jails and create a bridge interface in each
we end up
with the same mac address on both bridge interfaces.
These very often conflicts, resulting in same mac address in both
jails.
Mitigate this problem by including the jail name in the mac address.
Reviewed by: kevans, melifaro
MFC after:1 week
Differential Revision:https://reviews.freebsd.org/D24383
Modified:
head/sys/kern/kern_jail.c
head/sys/net/if_ethersubr.c
head/sys/sys/jail.h
Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c Sat Apr 18 03:14:16 2020(r360067)
+++ head/sys/kern/kern_jail.c Sat Apr 18 07:50:30 2020(r360068)
@@ -2920,6 +2920,15 @@ getcredhostid(struct ucred *cred, unsigned
long *hosti
mtx_unlock(>cr_prison->pr_mtx);
}
+void
+getjailname(struct ucred *cred, char *name, size_t len)
+{
+
+ mtx_lock(>cr_prison->pr_mtx);
+ strlcpy(name, cred->cr_prison->pr_name, len);
+ mtx_unlock(>cr_prison->pr_mtx);
+}
+
#ifdef VIMAGE
/*
* Determine whether the prison represented by cred owns
Modified: head/sys/net/if_ethersubr.c
==
--- head/sys/net/if_ethersubr.c Sat Apr 18 03:14:16 2020(r360067)
+++ head/sys/net/if_ethersubr.c Sat Apr 18 07:50:30 2020(r360068)
@@ -1419,27 +1419,39 @@ ether_8021q_frame(struct mbuf **mp, struct
ifnet *ife,
/*
* Allocate an address from the FreeBSD Foundation OUI. This uses a
- * cryptographic hash function on the containing jail's UUID and the
interface
- * name to attempt to provide a unique but stable address.
Pseudo-interfaces
- * which require a MAC address should use this function to allocate
- * non-locally-administered addresses.
+ * cryptographic hash function on the containing jail's name, UUID
and the
+ * interface name to attempt to provide a unique but stable address.
+ * Pseudo-interfaces which require a MAC address should use this
function to
+ * allocate non-locally-administered addresses.
*/
void
ether_gen_addr(struct ifnet *ifp, struct ether_addr *hwaddr)
{
-#defineETHER_GEN_ADDR_BUFSIZ HOSTUUIDLEN + IFNAMSIZ + 2
SHA1_CTX ctx;
- char buf[ETHER_GEN_ADDR_BUFSIZ];
+ char *buf;
char uuid[HOSTUUIDLEN + 1];
uint64_t addr;
int i, sz;
char digest[SHA1_RESULTLEN];
+ char jailname[MAXHOSTNAMELEN];
getcredhostuuid(curthread->td_ucred, uuid, sizeof(uuid));
- sz = snprintf(buf, ETHER_GEN_ADDR_BUFSIZ, "%s-%s", uuid,
ifp->if_xname);
+ /* If each (vnet) jail would also have a unique hostuuid this would
not
+* be necessary. */
+ getjailname(curthread->td_ucred, jailname, sizeof(jailname));
+ sz = asprintf(, M_TEMP, "%s-%s-%s", uuid, if_name(ifp),
+ jailname);
+ if (sz < 0) {
+ /* Fall back to a random mac address. */
I was wondering if it would be valuable to give this fall back
something like:
printf("%s: unable to create fixed mac address; using
random mac address", if_name(ifp));
This will only be printed in rare circumstances. But in that case will
provide valuable information.
That would potentially be valuable, yes. On the other hand, we
traditionally don’t sprinkle a lot of printf()s around in the kernel.
This is extremely unlikely to happen, and if it does odds are attaching
the interface will fail at an earlier or later point, you may struggle
to pass packets and run into any number of other issues.
It’s also possible to diagnose absent the printf(), because the MAC
address will be locally administered rather than within the FreeBSD OUI.
So, in short: not a bad idea. You can argue it both ways, and I find
myself (weakly) on the opposite side.
Best regards,
Kristof
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r360068 - in head/sys: kern net sys
Nice feature. A question below.
On Sat, 18 Apr 2020 09:50:30 +0200, Kristof Provost wrote:
Author: kp
Date: Sat Apr 18 07:50:30 2020
New Revision: 360068
URL: https://svnweb.freebsd.org/changeset/base/360068
Log:
ethersubr: Make the mac address generation more robust
If we create two (vnet) jails and create a bridge interface in each we
end up
with the same mac address on both bridge interfaces.
These very often conflicts, resulting in same mac address in both
jails.
Mitigate this problem by including the jail name in the mac address.
Reviewed by: kevans, melifaro
MFC after:1 week
Differential Revision:https://reviews.freebsd.org/D24383
Modified:
head/sys/kern/kern_jail.c
head/sys/net/if_ethersubr.c
head/sys/sys/jail.h
Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c Sat Apr 18 03:14:16 2020(r360067)
+++ head/sys/kern/kern_jail.c Sat Apr 18 07:50:30 2020(r360068)
@@ -2920,6 +2920,15 @@ getcredhostid(struct ucred *cred, unsigned long
*hosti
mtx_unlock(>cr_prison->pr_mtx);
}
+void
+getjailname(struct ucred *cred, char *name, size_t len)
+{
+
+ mtx_lock(>cr_prison->pr_mtx);
+ strlcpy(name, cred->cr_prison->pr_name, len);
+ mtx_unlock(>cr_prison->pr_mtx);
+}
+
#ifdef VIMAGE
/*
* Determine whether the prison represented by cred owns
Modified: head/sys/net/if_ethersubr.c
==
--- head/sys/net/if_ethersubr.c Sat Apr 18 03:14:16 2020(r360067)
+++ head/sys/net/if_ethersubr.c Sat Apr 18 07:50:30 2020(r360068)
@@ -1419,27 +1419,39 @@ ether_8021q_frame(struct mbuf **mp, struct ifnet
*ife,
/*
* Allocate an address from the FreeBSD Foundation OUI. This uses a
- * cryptographic hash function on the containing jail's UUID and the
interface
- * name to attempt to provide a unique but stable address.
Pseudo-interfaces
- * which require a MAC address should use this function to allocate
- * non-locally-administered addresses.
+ * cryptographic hash function on the containing jail's name, UUID and
the
+ * interface name to attempt to provide a unique but stable address.
+ * Pseudo-interfaces which require a MAC address should use this
function to
+ * allocate non-locally-administered addresses.
*/
void
ether_gen_addr(struct ifnet *ifp, struct ether_addr *hwaddr)
{
-#defineETHER_GEN_ADDR_BUFSIZ HOSTUUIDLEN + IFNAMSIZ + 2
SHA1_CTX ctx;
- char buf[ETHER_GEN_ADDR_BUFSIZ];
+ char *buf;
char uuid[HOSTUUIDLEN + 1];
uint64_t addr;
int i, sz;
char digest[SHA1_RESULTLEN];
+ char jailname[MAXHOSTNAMELEN];
getcredhostuuid(curthread->td_ucred, uuid, sizeof(uuid));
- sz = snprintf(buf, ETHER_GEN_ADDR_BUFSIZ, "%s-%s", uuid,
ifp->if_xname);
+ /* If each (vnet) jail would also have a unique hostuuid this would not
+* be necessary. */
+ getjailname(curthread->td_ucred, jailname, sizeof(jailname));
+ sz = asprintf(, M_TEMP, "%s-%s-%s", uuid, if_name(ifp),
+ jailname);
+ if (sz < 0) {
+ /* Fall back to a random mac address. */
I was wondering if it would be valuable to give this fall back something
like:
printf("%s: unable to create fixed mac address; using random
mac address", if_name(ifp));
This will only be printed in rare circumstances. But in that case will
provide valuable information.
Regards,
Ronald.
+ arc4rand(hwaddr, sizeof(*hwaddr), 0);
+ hwaddr->octet[0] = 0x02;
+ return;
+ }
+
SHA1Init();
SHA1Update(, buf, sz);
SHA1Final(digest, );
+ free(buf, M_TEMP);
addr = ((digest[0] << 16) | (digest[1] << 8) | digest[2]) &
OUI_FREEBSD_GENERATED_MASK;
Modified: head/sys/sys/jail.h
==
--- head/sys/sys/jail.h Sat Apr 18 03:14:16 2020(r360067)
+++ head/sys/sys/jail.h Sat Apr 18 07:50:30 2020(r360068)
@@ -382,6 +382,7 @@ void getcredhostname(struct ucred *, char *, size_t);
void getcreddomainname(struct ucred *, char *, size_t);
void getcredhostuuid(struct ucred *, char *, size_t);
void getcredhostid(struct ucred *, unsigned long *);
+void getjailname(struct ucred *cred, char *name, size_t len);
void prison0_init(void);
int prison_allow(struct ucred *, unsigned);
int prison_check(struct ucred *cred1, struct ucred *cred2);
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send
svn commit: r360068 - in head/sys: kern net sys
Author: kp
Date: Sat Apr 18 07:50:30 2020
New Revision: 360068
URL: https://svnweb.freebsd.org/changeset/base/360068
Log:
ethersubr: Make the mac address generation more robust
If we create two (vnet) jails and create a bridge interface in each we end up
with the same mac address on both bridge interfaces.
These very often conflicts, resulting in same mac address in both jails.
Mitigate this problem by including the jail name in the mac address.
Reviewed by: kevans, melifaro
MFC after:1 week
Differential Revision:https://reviews.freebsd.org/D24383
Modified:
head/sys/kern/kern_jail.c
head/sys/net/if_ethersubr.c
head/sys/sys/jail.h
Modified: head/sys/kern/kern_jail.c
==
--- head/sys/kern/kern_jail.c Sat Apr 18 03:14:16 2020(r360067)
+++ head/sys/kern/kern_jail.c Sat Apr 18 07:50:30 2020(r360068)
@@ -2920,6 +2920,15 @@ getcredhostid(struct ucred *cred, unsigned long *hosti
mtx_unlock(>cr_prison->pr_mtx);
}
+void
+getjailname(struct ucred *cred, char *name, size_t len)
+{
+
+ mtx_lock(>cr_prison->pr_mtx);
+ strlcpy(name, cred->cr_prison->pr_name, len);
+ mtx_unlock(>cr_prison->pr_mtx);
+}
+
#ifdef VIMAGE
/*
* Determine whether the prison represented by cred owns
Modified: head/sys/net/if_ethersubr.c
==
--- head/sys/net/if_ethersubr.c Sat Apr 18 03:14:16 2020(r360067)
+++ head/sys/net/if_ethersubr.c Sat Apr 18 07:50:30 2020(r360068)
@@ -1419,27 +1419,39 @@ ether_8021q_frame(struct mbuf **mp, struct ifnet *ife,
/*
* Allocate an address from the FreeBSD Foundation OUI. This uses a
- * cryptographic hash function on the containing jail's UUID and the interface
- * name to attempt to provide a unique but stable address. Pseudo-interfaces
- * which require a MAC address should use this function to allocate
- * non-locally-administered addresses.
+ * cryptographic hash function on the containing jail's name, UUID and the
+ * interface name to attempt to provide a unique but stable address.
+ * Pseudo-interfaces which require a MAC address should use this function to
+ * allocate non-locally-administered addresses.
*/
void
ether_gen_addr(struct ifnet *ifp, struct ether_addr *hwaddr)
{
-#defineETHER_GEN_ADDR_BUFSIZ HOSTUUIDLEN + IFNAMSIZ + 2
SHA1_CTX ctx;
- char buf[ETHER_GEN_ADDR_BUFSIZ];
+ char *buf;
char uuid[HOSTUUIDLEN + 1];
uint64_t addr;
int i, sz;
char digest[SHA1_RESULTLEN];
+ char jailname[MAXHOSTNAMELEN];
getcredhostuuid(curthread->td_ucred, uuid, sizeof(uuid));
- sz = snprintf(buf, ETHER_GEN_ADDR_BUFSIZ, "%s-%s", uuid, ifp->if_xname);
+ /* If each (vnet) jail would also have a unique hostuuid this would not
+* be necessary. */
+ getjailname(curthread->td_ucred, jailname, sizeof(jailname));
+ sz = asprintf(, M_TEMP, "%s-%s-%s", uuid, if_name(ifp),
+ jailname);
+ if (sz < 0) {
+ /* Fall back to a random mac address. */
+ arc4rand(hwaddr, sizeof(*hwaddr), 0);
+ hwaddr->octet[0] = 0x02;
+ return;
+ }
+
SHA1Init();
SHA1Update(, buf, sz);
SHA1Final(digest, );
+ free(buf, M_TEMP);
addr = ((digest[0] << 16) | (digest[1] << 8) | digest[2]) &
OUI_FREEBSD_GENERATED_MASK;
Modified: head/sys/sys/jail.h
==
--- head/sys/sys/jail.h Sat Apr 18 03:14:16 2020(r360067)
+++ head/sys/sys/jail.h Sat Apr 18 07:50:30 2020(r360068)
@@ -382,6 +382,7 @@ void getcredhostname(struct ucred *, char *, size_t);
void getcreddomainname(struct ucred *, char *, size_t);
void getcredhostuuid(struct ucred *, char *, size_t);
void getcredhostid(struct ucred *, unsigned long *);
+void getjailname(struct ucred *cred, char *name, size_t len);
void prison0_init(void);
int prison_allow(struct ucred *, unsigned);
int prison_check(struct ucred *cred1, struct ucred *cred2);
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
