CVS commit: [netbsd-9] src/sys/net
Module Name:src
Committed By: martin
Date: Mon Mar 11 19:30:06 UTC 2024
Modified Files:
src/sys/net [netbsd-9]: if_tun.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #1815):
sys/net/if_tun.c: revision 1.175
tun(4): Allow IPv6 packets with TUNSLMODE configured.
PR kern/58013
To generate a diff of this commit:
cvs rdiff -u -r1.156 -r1.156.2.1 src/sys/net/if_tun.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_tun.c
diff -u src/sys/net/if_tun.c:1.156 src/sys/net/if_tun.c:1.156.2.1
--- src/sys/net/if_tun.c:1.156 Fri Apr 26 08:38:25 2019
+++ src/sys/net/if_tun.c Mon Mar 11 19:30:06 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: if_tun.c,v 1.156 2019/04/26 08:38:25 pgoyette Exp $ */
+/* $NetBSD: if_tun.c,v 1.156.2.1 2024/03/11 19:30:06 martin Exp $ */
/*
* Copyright (c) 1988, Julian Onions
@@ -19,7 +19,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: if_tun.c,v 1.156 2019/04/26 08:38:25 pgoyette Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_tun.c,v 1.156.2.1 2024/03/11 19:30:06 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -586,9 +586,7 @@ tun_output(struct ifnet *ifp, struct mbu
goto out;
}
memcpy(mtod(m0, char *), dst, dst->sa_len);
- }
-
- if (tp->tun_flags & TUN_IFHEAD) {
+ } else if (tp->tun_flags & TUN_IFHEAD) {
/* Prepend the address family */
M_PREPEND(m0, sizeof(*af), M_DONTWAIT);
if (m0 == NULL) {
CVS commit: [netbsd-9] src/sys/net
Module Name:src Committed By: martin Date: Mon Mar 11 19:30:06 UTC 2024 Modified Files: src/sys/net [netbsd-9]: if_tun.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1815): sys/net/if_tun.c: revision 1.175 tun(4): Allow IPv6 packets with TUNSLMODE configured. PR kern/58013 To generate a diff of this commit: cvs rdiff -u -r1.156 -r1.156.2.1 src/sys/net/if_tun.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/net/npf
Module Name:src Committed By: martin Date: Wed Aug 23 18:22:51 UTC 2023 Modified Files: src/sys/net/npf [netbsd-9]: npf_ruleset.c Log Message: Pull up following revision(s) (requested by kardel in ticket #1725): sys/net/npf/npf_ruleset.c: revision 1.52 The analysis documented in PR misc/56990 is correct. Fix by not returning when encountering a ruleset rule. The code up to now would stop at any group rule. ruleset rules are marked as group rule and a dynamic rule. processing is only finished when a result is present AND we are looking at a plain group rule. To generate a diff of this commit: cvs rdiff -u -r1.48.2.3 -r1.48.2.4 src/sys/net/npf/npf_ruleset.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/net/npf
Module Name:src
Committed By: martin
Date: Wed Aug 23 18:22:51 UTC 2023
Modified Files:
src/sys/net/npf [netbsd-9]: npf_ruleset.c
Log Message:
Pull up following revision(s) (requested by kardel in ticket #1725):
sys/net/npf/npf_ruleset.c: revision 1.52
The analysis documented in PR misc/56990 is correct.
Fix by not returning when encountering a ruleset rule.
The code up to now would stop at any group rule.
ruleset rules are marked as group rule and a dynamic rule.
processing is only finished when a result is present AND
we are looking at a plain group rule.
To generate a diff of this commit:
cvs rdiff -u -r1.48.2.3 -r1.48.2.4 src/sys/net/npf/npf_ruleset.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/npf/npf_ruleset.c
diff -u src/sys/net/npf/npf_ruleset.c:1.48.2.3 src/sys/net/npf/npf_ruleset.c:1.48.2.4
--- src/sys/net/npf/npf_ruleset.c:1.48.2.3 Sat Jun 20 15:46:48 2020
+++ src/sys/net/npf/npf_ruleset.c Wed Aug 23 18:22:51 2023
@@ -34,7 +34,7 @@
#ifdef _KERNEL
#include
-__KERNEL_RCSID(0, "$NetBSD: npf_ruleset.c,v 1.48.2.3 2020/06/20 15:46:48 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_ruleset.c,v 1.48.2.4 2023/08/23 18:22:51 martin Exp $");
#include
#include
@@ -891,7 +891,7 @@ npf_ruleset_inspect(npf_cache_t *npc, co
KASSERT(n < skip_to);
/* Group is a barrier: return a matching if found any. */
- if ((attr & NPF_RULE_GROUP) != 0 && final_rl) {
+ if ((attr & NPF_DYNAMIC_GROUP) == NPF_RULE_GROUP && final_rl) {
break;
}
CVS commit: [netbsd-9] src/sys/net/npf
Module Name:src Committed By: martin Date: Mon Aug 21 12:20:07 UTC 2023 Modified Files: src/sys/net/npf [netbsd-9]: npf_tableset.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1718): sys/net/npf/npf_tableset.c: revision 1.41 npf(9): Drop table lock around copyout. It is forbidden to hold a spin lock around copyout, and t_lock is a spin lock. We need t_lock in order to iterate over the list of entries. However, during copyout itself, we only need to ensure that the object we're copying out isn't freed by npf_table_remove or npf_table_gc. Fortunately, the only caller of npf_table_list, npf_table_remove, and npf_table_gc is npfctl_table, and it serializes all of them by the npf config lock. So we can safely drop t_lock across copyout. PR kern/57136 PR kern/57181 To generate a diff of this commit: cvs rdiff -u -r1.33.2.2 -r1.33.2.3 src/sys/net/npf/npf_tableset.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/net/npf
Module Name:src
Committed By: martin
Date: Mon Aug 21 12:20:07 UTC 2023
Modified Files:
src/sys/net/npf [netbsd-9]: npf_tableset.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #1718):
sys/net/npf/npf_tableset.c: revision 1.41
npf(9): Drop table lock around copyout.
It is forbidden to hold a spin lock around copyout, and t_lock is a
spin lock.
We need t_lock in order to iterate over the list of entries.
However, during copyout itself, we only need to ensure that the
object we're copying out isn't freed by npf_table_remove or
npf_table_gc.
Fortunately, the only caller of npf_table_list, npf_table_remove, and
npf_table_gc is npfctl_table, and it serializes all of them by the
npf config lock. So we can safely drop t_lock across copyout.
PR kern/57136
PR kern/57181
To generate a diff of this commit:
cvs rdiff -u -r1.33.2.2 -r1.33.2.3 src/sys/net/npf/npf_tableset.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/npf/npf_tableset.c
diff -u src/sys/net/npf/npf_tableset.c:1.33.2.2 src/sys/net/npf/npf_tableset.c:1.33.2.3
--- src/sys/net/npf/npf_tableset.c:1.33.2.2 Sat Jun 20 15:46:47 2020
+++ src/sys/net/npf/npf_tableset.c Mon Aug 21 12:20:07 2023
@@ -46,7 +46,7 @@
#ifdef _KERNEL
#include
-__KERNEL_RCSID(0, "$NetBSD: npf_tableset.c,v 1.33.2.2 2020/06/20 15:46:47 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_tableset.c,v 1.33.2.3 2023/08/21 12:20:07 martin Exp $");
#include
#include
@@ -758,15 +758,17 @@ table_ent_copyout(const npf_addr_t *addr
}
static int
-table_generic_list(const npf_table_t *t, void *ubuf, size_t len)
+table_generic_list(npf_table_t *t, void *ubuf, size_t len)
{
npf_tblent_t *ent;
size_t off = 0;
int error = 0;
LIST_FOREACH(ent, >t_list, te_listent) {
+ mutex_exit(>t_lock);
error = table_ent_copyout(>te_addr,
ent->te_alen, ent->te_preflen, ubuf, len, );
+ mutex_enter(>t_lock);
if (error)
break;
}
CVS commit: [netbsd-9] src/sys/net
Module Name:src
Committed By: martin
Date: Fri Aug 4 14:57:52 UTC 2023
Modified Files:
src/sys/net [netbsd-9]: bpf.c
Log Message:
Apply patch, requested by ozaki-r in ticket #1708:
sys/net/bpf.c (apply patch)
bpf: allow to read with no filter (regressed at revision 1.213,
fixed differently in -current)
To generate a diff of this commit:
cvs rdiff -u -r1.229.2.2 -r1.229.2.3 src/sys/net/bpf.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/bpf.c
diff -u src/sys/net/bpf.c:1.229.2.2 src/sys/net/bpf.c:1.229.2.3
--- src/sys/net/bpf.c:1.229.2.2 Wed Feb 22 19:50:33 2023
+++ src/sys/net/bpf.c Fri Aug 4 14:57:52 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: bpf.c,v 1.229.2.2 2023/02/22 19:50:33 martin Exp $ */
+/* $NetBSD: bpf.c,v 1.229.2.3 2023/08/04 14:57:52 martin Exp $ */
/*
* Copyright (c) 1990, 1991, 1993
@@ -39,7 +39,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.229.2.2 2023/02/22 19:50:33 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.229.2.3 2023/08/04 14:57:52 martin Exp $");
#if defined(_KERNEL_OPT)
#include "opt_bpf.h"
@@ -1628,6 +1628,8 @@ bpf_deliver(struct bpf_if *bp, void *(*c
else
slen = bpf_filter_ext(NULL, filter->bf_insn,
);
+ } else {
+ slen = (u_int)-1; /* No filter means accept all */
}
if (!slen) {
CVS commit: [netbsd-9] src/sys/net
Module Name:src Committed By: martin Date: Fri Aug 4 14:57:52 UTC 2023 Modified Files: src/sys/net [netbsd-9]: bpf.c Log Message: Apply patch, requested by ozaki-r in ticket #1708: sys/net/bpf.c (apply patch) bpf: allow to read with no filter (regressed at revision 1.213, fixed differently in -current) To generate a diff of this commit: cvs rdiff -u -r1.229.2.2 -r1.229.2.3 src/sys/net/bpf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/net
Module Name:src
Committed By: martin
Date: Thu Jun 8 11:17:18 UTC 2023
Modified Files:
src/sys/net [netbsd-9]: route.c
Log Message:
Pull up following revision(s) (requested by ozaki-r in ticket #1642):
sys/net/route.c: revision 1.237
route: run workqueue kthreads with KERNEL_LOCK unless NET_MPSAFE
Without KERNEL_LOCK, rt_timer_work and rt_free_work can run in parallel
with other LWPs running in the network stack, which eventually results
in say use-after-free of a deleted route.
To generate a diff of this commit:
cvs rdiff -u -r1.219.2.3 -r1.219.2.4 src/sys/net/route.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/route.c
diff -u src/sys/net/route.c:1.219.2.3 src/sys/net/route.c:1.219.2.4
--- src/sys/net/route.c:1.219.2.3 Wed Feb 22 18:53:56 2023
+++ src/sys/net/route.c Thu Jun 8 11:17:18 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: route.c,v 1.219.2.3 2023/02/22 18:53:56 martin Exp $ */
+/* $NetBSD: route.c,v 1.219.2.4 2023/06/08 11:17:18 martin Exp $ */
/*-
* Copyright (c) 1998, 2008 The NetBSD Foundation, Inc.
@@ -97,7 +97,7 @@
#endif
#include
-__KERNEL_RCSID(0, "$NetBSD: route.c,v 1.219.2.3 2023/02/22 18:53:56 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: route.c,v 1.219.2.4 2023/06/08 11:17:18 martin Exp $");
#include
#ifdef RTFLUSH_DEBUG
@@ -229,12 +229,14 @@ static krwlock_t rt_lock __cacheline_al
#define RT_UNLOCK() rw_exit(_lock)
#define RT_WLOCKED() rw_write_held(_lock)
#define RT_ASSERT_WLOCK() KASSERT(rw_write_held(_lock))
+#define RT_WQ_FLAGS WQ_MPSAFE
#else
#define RT_RLOCK() do {} while (0)
#define RT_WLOCK() do {} while (0)
#define RT_UNLOCK() do {} while (0)
#define RT_WLOCKED() true
#define RT_ASSERT_WLOCK() do {} while (0)
+#define RT_WQ_FLAGS 0
#endif
static uint64_t rtcache_generation;
@@ -479,7 +481,7 @@ rt_init(void)
rt_psref_class = psref_class_create("rtentry", IPL_SOFTNET);
error = workqueue_create(_free_global.wq, "rt_free",
- rt_free_work, NULL, PRI_SOFTNET, IPL_SOFTNET, WQ_MPSAFE);
+ rt_free_work, NULL, PRI_SOFTNET, IPL_SOFTNET, RT_WQ_FLAGS);
if (error)
panic("%s: workqueue_create failed (%d)\n", __func__, error);
@@ -1802,7 +1804,7 @@ rt_timer_init(void)
LIST_INIT(_queue_head);
callout_init(_timer_ch, CALLOUT_MPSAFE);
error = workqueue_create(_timer_wq, "rt_timer",
- rt_timer_work, NULL, PRI_SOFTNET, IPL_SOFTNET, WQ_MPSAFE);
+ rt_timer_work, NULL, PRI_SOFTNET, IPL_SOFTNET, RT_WQ_FLAGS);
if (error)
panic("%s: workqueue_create failed (%d)\n", __func__, error);
callout_reset(_timer_ch, hz, rt_timer_timer, NULL);
CVS commit: [netbsd-9] src/sys/net
Module Name:src Committed By: martin Date: Thu Jun 8 11:17:18 UTC 2023 Modified Files: src/sys/net [netbsd-9]: route.c Log Message: Pull up following revision(s) (requested by ozaki-r in ticket #1642): sys/net/route.c: revision 1.237 route: run workqueue kthreads with KERNEL_LOCK unless NET_MPSAFE Without KERNEL_LOCK, rt_timer_work and rt_free_work can run in parallel with other LWPs running in the network stack, which eventually results in say use-after-free of a deleted route. To generate a diff of this commit: cvs rdiff -u -r1.219.2.3 -r1.219.2.4 src/sys/net/route.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/net/npf
Module Name:src
Committed By: martin
Date: Tue Mar 14 17:11:13 UTC 2023
Modified Files:
src/sys/net/npf [netbsd-9]: npf.h npf_mbuf.c npf_sendpkt.c
Log Message:
Pull up following revision(s) (requested by kardel in ticket #119):
sys/net/npf/npf_mbuf.c: revision 1.25
sys/net/npf/npf.h: revision 1.64
sys/net/npf/npf_sendpkt.c: revision 1.23
PR kern/56052:
allow block-return packets passed through without rule matching.
Included up-stream ashttps://github.com/rmind/npf/pull/115
To generate a diff of this commit:
cvs rdiff -u -r1.60.2.3 -r1.60.2.4 src/sys/net/npf/npf.h
cvs rdiff -u -r1.22.4.1 -r1.22.4.2 src/sys/net/npf/npf_mbuf.c
cvs rdiff -u -r1.21.4.1 -r1.21.4.2 src/sys/net/npf/npf_sendpkt.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/npf/npf.h
diff -u src/sys/net/npf/npf.h:1.60.2.3 src/sys/net/npf/npf.h:1.60.2.4
--- src/sys/net/npf/npf.h:1.60.2.3 Sat Jun 20 15:46:47 2020
+++ src/sys/net/npf/npf.h Tue Mar 14 17:11:13 2023
@@ -122,6 +122,7 @@ void * nbuf_ensure_writable(nbuf_t *, s
bool nbuf_cksum_barrier(nbuf_t *, int);
int nbuf_add_tag(nbuf_t *, uint32_t);
+int npf_mbuf_add_tag(nbuf_t *, struct mbuf *, uint32_t);
int nbuf_find_tag(nbuf_t *, uint32_t *);
/*
Index: src/sys/net/npf/npf_mbuf.c
diff -u src/sys/net/npf/npf_mbuf.c:1.22.4.1 src/sys/net/npf/npf_mbuf.c:1.22.4.2
--- src/sys/net/npf/npf_mbuf.c:1.22.4.1 Sat Jun 20 15:46:47 2020
+++ src/sys/net/npf/npf_mbuf.c Tue Mar 14 17:11:13 2023
@@ -36,7 +36,7 @@
#ifdef _KERNEL
#include
-__KERNEL_RCSID(0, "$NetBSD: npf_mbuf.c,v 1.22.4.1 2020/06/20 15:46:47 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_mbuf.c,v 1.22.4.2 2023/03/14 17:11:13 martin Exp $");
#include
#include
@@ -297,14 +297,13 @@ nbuf_cksum_barrier(nbuf_t *nbuf, int di)
}
/*
- * nbuf_add_tag: associate a tag with the network buffer.
+ * npf_mbuf_add_tag: associate a tag with the network buffer.
*
* => Returns 0 on success or error number on failure.
*/
int
-nbuf_add_tag(nbuf_t *nbuf, uint32_t val)
+npf_mbuf_add_tag(nbuf_t *nbuf, struct mbuf *m, uint32_t val)
{
- struct mbuf *m = nbuf->nb_mbuf0;
#ifdef _KERNEL
struct m_tag *mt;
uint32_t *dat;
@@ -328,6 +327,18 @@ nbuf_add_tag(nbuf_t *nbuf, uint32_t val)
}
/*
+ * nbuf_add_tag: associate a tag with the network buffer.
+ *
+ * => Returns 0 on success or error number on failure.
+ */
+int
+nbuf_add_tag(nbuf_t *nbuf, uint32_t val)
+{
+ struct mbuf *m = nbuf->nb_mbuf0;
+ return npf_mbuf_add_tag(nbuf, m, val);
+}
+
+/*
* nbuf_find_tag: find a tag associated with a network buffer.
*
* => Returns 0 on success or error number on failure.
Index: src/sys/net/npf/npf_sendpkt.c
diff -u src/sys/net/npf/npf_sendpkt.c:1.21.4.1 src/sys/net/npf/npf_sendpkt.c:1.21.4.2
--- src/sys/net/npf/npf_sendpkt.c:1.21.4.1 Sat Jun 20 15:46:47 2020
+++ src/sys/net/npf/npf_sendpkt.c Tue Mar 14 17:11:13 2023
@@ -33,7 +33,7 @@
#ifdef _KERNEL
#include
-__KERNEL_RCSID(0, "$NetBSD: npf_sendpkt.c,v 1.21.4.1 2020/06/20 15:46:47 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_sendpkt.c,v 1.21.4.2 2023/03/14 17:11:13 martin Exp $");
#include
#include
@@ -197,6 +197,9 @@ npf_return_tcp(npf_cache_t *npc)
}
}
+ /* don't look at our generated reject packets going out */
+ (void)npf_mbuf_add_tag(npc->npc_nbuf, m, NPF_NTAG_PASS);
+
/* Pass to IP layer. */
if (npf_iscached(npc, NPC_IP4)) {
return ip_output(m, NULL, NULL, IP_FORWARDING, NULL, NULL);
@@ -215,6 +218,9 @@ npf_return_icmp(const npf_cache_t *npc)
{
struct mbuf *m = nbuf_head_mbuf(npc->npc_nbuf);
+ /* don't look at our generated reject packets going out */
+ (void)nbuf_add_tag(npc->npc_nbuf, NPF_NTAG_PASS);
+
if (npf_iscached(npc, NPC_IP4)) {
icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_ADMIN_PROHIBIT, 0, 0);
return 0;
CVS commit: [netbsd-9] src/sys/net/npf
Module Name:src Committed By: martin Date: Tue Mar 14 17:11:13 UTC 2023 Modified Files: src/sys/net/npf [netbsd-9]: npf.h npf_mbuf.c npf_sendpkt.c Log Message: Pull up following revision(s) (requested by kardel in ticket #119): sys/net/npf/npf_mbuf.c: revision 1.25 sys/net/npf/npf.h: revision 1.64 sys/net/npf/npf_sendpkt.c: revision 1.23 PR kern/56052: allow block-return packets passed through without rule matching. Included up-stream ashttps://github.com/rmind/npf/pull/115 To generate a diff of this commit: cvs rdiff -u -r1.60.2.3 -r1.60.2.4 src/sys/net/npf/npf.h cvs rdiff -u -r1.22.4.1 -r1.22.4.2 src/sys/net/npf/npf_mbuf.c cvs rdiff -u -r1.21.4.1 -r1.21.4.2 src/sys/net/npf/npf_sendpkt.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/net
Module Name:src
Committed By: martin
Date: Wed Feb 22 19:50:33 UTC 2023
Modified Files:
src/sys/net [netbsd-9]: bpf.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #1605):
sys/net/bpf.c: revision 1.247 (manually merged)
bpf(4): Reject bogus timeout values before arithmetic overflows.
To generate a diff of this commit:
cvs rdiff -u -r1.229.2.1 -r1.229.2.2 src/sys/net/bpf.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/bpf.c
diff -u src/sys/net/bpf.c:1.229.2.1 src/sys/net/bpf.c:1.229.2.2
--- src/sys/net/bpf.c:1.229.2.1 Wed Oct 16 09:46:55 2019
+++ src/sys/net/bpf.c Wed Feb 22 19:50:33 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: bpf.c,v 1.229.2.1 2019/10/16 09:46:55 martin Exp $ */
+/* $NetBSD: bpf.c,v 1.229.2.2 2023/02/22 19:50:33 martin Exp $ */
/*
* Copyright (c) 1990, 1991, 1993
@@ -39,7 +39,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.229.2.1 2019/10/16 09:46:55 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.229.2.2 2023/02/22 19:50:33 martin Exp $");
#if defined(_KERNEL_OPT)
#include "opt_bpf.h"
@@ -1092,7 +1092,16 @@ bpf_ioctl(struct file *fp, u_long cmd, v
struct timeval *tv = addr;
/* Compute number of ticks. */
- d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick;
+ if (tv->tv_sec < 0 ||
+ tv->tv_usec < 0 || tv->tv_usec >= 100) {
+error = EINVAL;
+break;
+ } else if (tv->tv_sec > INT_MAX/hz - 1) {
+ d->bd_rtout = INT_MAX;
+ } else {
+d->bd_rtout = tv->tv_sec * hz
++ tv->tv_usec / tick;
+ }
if ((d->bd_rtout == 0) && (tv->tv_usec != 0))
d->bd_rtout = 1;
break;
@@ -1121,7 +1130,16 @@ bpf_ioctl(struct file *fp, u_long cmd, v
struct timeval50 *tv = addr;
/* Compute number of ticks. */
- d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick;
+ if (tv->tv_sec < 0 ||
+ tv->tv_usec < 0 || tv->tv_usec >= 100) {
+error = EINVAL;
+break;
+ } else if (tv->tv_sec > INT_MAX/hz - 1) {
+ d->bd_rtout = INT_MAX;
+ } else {
+ d->bd_rtout = tv->tv_sec * hz
++ tv->tv_usec / tick;
+ }
if ((d->bd_rtout == 0) && (tv->tv_usec != 0))
d->bd_rtout = 1;
break;
CVS commit: [netbsd-9] src/sys/net
Module Name:src Committed By: martin Date: Wed Feb 22 19:50:33 UTC 2023 Modified Files: src/sys/net [netbsd-9]: bpf.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1605): sys/net/bpf.c: revision 1.247 (manually merged) bpf(4): Reject bogus timeout values before arithmetic overflows. To generate a diff of this commit: cvs rdiff -u -r1.229.2.1 -r1.229.2.2 src/sys/net/bpf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/net
Module Name:src
Committed By: martin
Date: Wed Feb 22 18:53:56 UTC 2023
Modified Files:
src/sys/net [netbsd-9]: route.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #1602):
sys/net/route.c: revision 1.236
route(4): Work around deadlock in rt_free wait path.
PR kern/56844
To generate a diff of this commit:
cvs rdiff -u -r1.219.2.2 -r1.219.2.3 src/sys/net/route.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/route.c
diff -u src/sys/net/route.c:1.219.2.2 src/sys/net/route.c:1.219.2.3
--- src/sys/net/route.c:1.219.2.2 Thu Oct 3 17:12:53 2019
+++ src/sys/net/route.c Wed Feb 22 18:53:56 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: route.c,v 1.219.2.2 2019/10/03 17:12:53 martin Exp $ */
+/* $NetBSD: route.c,v 1.219.2.3 2023/02/22 18:53:56 martin Exp $ */
/*-
* Copyright (c) 1998, 2008 The NetBSD Foundation, Inc.
@@ -97,7 +97,7 @@
#endif
#include
-__KERNEL_RCSID(0, "$NetBSD: route.c,v 1.219.2.2 2019/10/03 17:12:53 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: route.c,v 1.219.2.3 2023/02/22 18:53:56 martin Exp $");
#include
#ifdef RTFLUSH_DEBUG
@@ -644,8 +644,17 @@ static bool
rt_wait_ok(void)
{
+ /*
+ * This originally returned !cpu_softintr_p(), but that doesn't
+ * work: the caller may hold a lock (probably softnet lock)
+ * that a softint is waiting for, in which case waiting here
+ * would cause a deadlock. See https://gnats.netbsd.org/56844
+ * for details. For now, until the locking paths are sorted
+ * out, we just disable the waiting option altogether and
+ * always defer to workqueue.
+ */
KASSERT(!cpu_intr_p());
- return !cpu_softintr_p();
+ return false;
}
void
CVS commit: [netbsd-9] src/sys/net
Module Name:src Committed By: martin Date: Wed Feb 22 18:53:56 UTC 2023 Modified Files: src/sys/net [netbsd-9]: route.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1602): sys/net/route.c: revision 1.236 route(4): Work around deadlock in rt_free wait path. PR kern/56844 To generate a diff of this commit: cvs rdiff -u -r1.219.2.2 -r1.219.2.3 src/sys/net/route.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/net
Module Name:src
Committed By: sborrill
Date: Wed May 4 15:08:47 UTC 2022
Modified Files:
src/sys/net [netbsd-9]: if_pppoe.c
Log Message:
Pull up the following revisions(s) (requested by martin in ticket #1442):
sys/net/if_pppoe.c: revision 1.179
pppoe(4): fix CVE-2022-29867 - discovery phase local network
mbuf corruption.
To generate a diff of this commit:
cvs rdiff -u -r1.147.4.1 -r1.147.4.2 src/sys/net/if_pppoe.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_pppoe.c
diff -u src/sys/net/if_pppoe.c:1.147.4.1 src/sys/net/if_pppoe.c:1.147.4.2
--- src/sys/net/if_pppoe.c:1.147.4.1 Thu Feb 13 19:40:05 2020
+++ src/sys/net/if_pppoe.c Wed May 4 15:08:47 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: if_pppoe.c,v 1.147.4.1 2020/02/13 19:40:05 martin Exp $ */
+/* $NetBSD: if_pppoe.c,v 1.147.4.2 2022/05/04 15:08:47 sborrill Exp $ */
/*
* Copyright (c) 2002, 2008 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.147.4.1 2020/02/13 19:40:05 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_pppoe.c,v 1.147.4.2 2022/05/04 15:08:47 sborrill Exp $");
#ifdef _KERNEL_OPT
#include "pppoe.h"
@@ -887,6 +887,10 @@ breakbreak:;
}
sc->sc_ac_cookie_len = ac_cookie_len;
memcpy(sc->sc_ac_cookie, ac_cookie, ac_cookie_len);
+ } else if (sc->sc_ac_cookie) {
+ free(sc->sc_ac_cookie, M_DEVBUF);
+ sc->sc_ac_cookie = NULL;
+ sc->sc_ac_cookie_len = 0;
}
if (relay_sid) {
if (sc->sc_relay_sid)
@@ -902,6 +906,10 @@ breakbreak:;
}
sc->sc_relay_sid_len = relay_sid_len;
memcpy(sc->sc_relay_sid, relay_sid, relay_sid_len);
+ } else if (sc->sc_relay_sid) {
+ free(sc->sc_relay_sid, M_DEVBUF);
+ sc->sc_relay_sid = NULL;
+ sc->sc_relay_sid_len = 0;
}
memcpy(>sc_dest, eh->ether_shost, sizeof sc->sc_dest);
callout_stop(>sc_timeout);
@@ -1324,6 +1332,9 @@ pppoe_get_mbuf(size_t len)
{
struct mbuf *m;
+ if (len + sizeof(struct ether_header) > MCLBYTES)
+ return NULL;
+
MGETHDR(m, M_DONTWAIT, MT_DATA);
if (m == NULL)
return NULL;
CVS commit: [netbsd-9] src/sys/net
Module Name:src Committed By: sborrill Date: Wed May 4 15:08:47 UTC 2022 Modified Files: src/sys/net [netbsd-9]: if_pppoe.c Log Message: Pull up the following revisions(s) (requested by martin in ticket #1442): sys/net/if_pppoe.c: revision 1.179 pppoe(4): fix CVE-2022-29867 - discovery phase local network mbuf corruption. To generate a diff of this commit: cvs rdiff -u -r1.147.4.1 -r1.147.4.2 src/sys/net/if_pppoe.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/net
Module Name:src Committed By: martin Date: Sat Jan 29 17:03:53 UTC 2022 Modified Files: src/sys/net [netbsd-9]: ppp_tty.c Log Message: Pull up following revision(s) (requested by msaitoh in ticket #1411): sys/net/ppp_tty.c: revision 1.68 sys/net/ppp_tty.c: revision 1.69 Use unsigned to avoid undefined behavior in pppasyncstart(). Use unsigned to avoid undefined behavior. Found by kUBSan. To generate a diff of this commit: cvs rdiff -u -r1.65 -r1.65.4.1 src/sys/net/ppp_tty.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/net/ppp_tty.c diff -u src/sys/net/ppp_tty.c:1.65 src/sys/net/ppp_tty.c:1.65.4.1 --- src/sys/net/ppp_tty.c:1.65 Thu Jan 24 09:31:09 2019 +++ src/sys/net/ppp_tty.c Sat Jan 29 17:03:53 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: ppp_tty.c,v 1.65 2019/01/24 09:31:09 knakahara Exp $ */ +/* $NetBSD: ppp_tty.c,v 1.65.4.1 2022/01/29 17:03:53 martin Exp $ */ /* Id: ppp_tty.c,v 1.3 1996/07/01 01:04:11 paulus Exp */ /* @@ -93,7 +93,7 @@ /* from NetBSD: if_ppp.c,v 1.15.2.2 1994/07/28 05:17:58 cgd Exp */ #include -__KERNEL_RCSID(0, "$NetBSD: ppp_tty.c,v 1.65 2019/01/24 09:31:09 knakahara Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ppp_tty.c,v 1.65.4.1 2022/01/29 17:03:53 martin Exp $"); #ifdef _KERNEL_OPT #include "ppp.h" @@ -181,7 +181,7 @@ static void pppdumpframe(struct ppp_soft /* * Does c need to be escaped? */ -#define ESCAPE_P(c) (sc->sc_asyncmap[(c) >> 5] & (1 << ((c) & 0x1F))) +#define ESCAPE_P(c) (sc->sc_asyncmap[(c) >> 5] & (1U << ((c) & 0x1F))) /* * Procedures for using an async tty interface for PPP. @@ -1021,7 +1021,7 @@ pppinput(int c, struct tty *tp) sc->sc_flags |= SC_RCV_B7_1; else sc->sc_flags |= SC_RCV_B7_0; -if (paritytab[c >> 5] & (1 << (c & 0x1F))) +if (paritytab[c >> 5] & (1U << (c & 0x1F))) sc->sc_flags |= SC_RCV_ODDP; else sc->sc_flags |= SC_RCV_EVNP; @@ -1102,7 +1102,7 @@ pppinput(int c, struct tty *tp) return 0; } -if (c < 0x20 && (sc->sc_rasyncmap & (1 << c))) +if (c < 0x20 && (sc->sc_rasyncmap & (1U << c))) return 0; s = spltty();
CVS commit: [netbsd-9] src/sys/net
Module Name:src Committed By: martin Date: Sat Jan 29 17:03:53 UTC 2022 Modified Files: src/sys/net [netbsd-9]: ppp_tty.c Log Message: Pull up following revision(s) (requested by msaitoh in ticket #1411): sys/net/ppp_tty.c: revision 1.68 sys/net/ppp_tty.c: revision 1.69 Use unsigned to avoid undefined behavior in pppasyncstart(). Use unsigned to avoid undefined behavior. Found by kUBSan. To generate a diff of this commit: cvs rdiff -u -r1.65 -r1.65.4.1 src/sys/net/ppp_tty.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/net
Module Name:src
Committed By: martin
Date: Mon Oct 25 18:11:02 UTC 2021
Modified Files:
src/sys/net [netbsd-9]: if_ethersubr.c
Log Message:
Pull up following revision(s) (requested by ryo in ticket #1369):
sys/net/if_ethersubr.c: revision 1.302
frame's vlan tag must be ntohs()'ed.
VLAN 0 Priority tag was misrecognized on non vlan-hwtagging interfaces.
To generate a diff of this commit:
cvs rdiff -u -r1.276.2.1 -r1.276.2.2 src/sys/net/if_ethersubr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_ethersubr.c
diff -u src/sys/net/if_ethersubr.c:1.276.2.1 src/sys/net/if_ethersubr.c:1.276.2.2
--- src/sys/net/if_ethersubr.c:1.276.2.1 Tue Oct 8 17:02:24 2019
+++ src/sys/net/if_ethersubr.c Mon Oct 25 18:11:02 2021
@@ -1,4 +1,4 @@
-/* $NetBSD: if_ethersubr.c,v 1.276.2.1 2019/10/08 17:02:24 martin Exp $ */
+/* $NetBSD: if_ethersubr.c,v 1.276.2.2 2021/10/25 18:11:02 martin Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -61,7 +61,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.276.2.1 2019/10/08 17:02:24 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.276.2.2 2021/10/25 18:11:02 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -727,7 +727,7 @@ ether_input(struct ifnet *ifp, struct mb
* type, and if IP or IPV6, let them deal with it.
*/
if (m->m_len >= sizeof(*evl) &&
- EVL_VLANOFTAG(evl->evl_tag) == 0) {
+ EVL_VLANOFTAG(ntohs(evl->evl_tag)) == 0) {
etype = ntohs(evl->evl_proto);
ehlen = sizeof(*evl);
if ((m->m_flags & M_PROMISC) == 0 &&
CVS commit: [netbsd-9] src/sys/net
Module Name:src Committed By: martin Date: Mon Oct 25 18:11:02 UTC 2021 Modified Files: src/sys/net [netbsd-9]: if_ethersubr.c Log Message: Pull up following revision(s) (requested by ryo in ticket #1369): sys/net/if_ethersubr.c: revision 1.302 frame's vlan tag must be ntohs()'ed. VLAN 0 Priority tag was misrecognized on non vlan-hwtagging interfaces. To generate a diff of this commit: cvs rdiff -u -r1.276.2.1 -r1.276.2.2 src/sys/net/if_ethersubr.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/net
Module Name:src Committed By: martin Date: Thu Nov 14 15:34:35 UTC 2019 Modified Files: src/sys/net [netbsd-9]: if_loop.c Log Message: Pull up following revision(s) (requested by msaitoh in ticket #424): sys/net/if_loop.c: revision 1.108 sys/net/if_loop.c: revision 1.109 Fix IP broadcast + checksum offload problem. When a machine sends a IP broadcast packet to an Ethernet interface that the checksum offload flags are set, the packet goes through ether_output() -> looutput() and the offload flags is cleared without calculating the checksum. And then, ip_input() calculate the packet's checksum because it's csum_flags is zero. It regard as bad checksum and it's dropped because the packet's ifp is s not lo0's. Fixes this bug by passing csum_flags as "calculated and good" when IN_LOOPBACK_NEED_CHECKSUM() is false. Advised by ryo@. This problem was seen when "routed -s" was used and the machine's interface's offload flags were set. bad checksum field of "netstat -s" was increased every 30 seconds. Fix comment. To generate a diff of this commit: cvs rdiff -u -r1.107 -r1.107.2.1 src/sys/net/if_loop.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/net
Module Name:src
Committed By: martin
Date: Thu Nov 14 15:34:35 UTC 2019
Modified Files:
src/sys/net [netbsd-9]: if_loop.c
Log Message:
Pull up following revision(s) (requested by msaitoh in ticket #424):
sys/net/if_loop.c: revision 1.108
sys/net/if_loop.c: revision 1.109
Fix IP broadcast + checksum offload problem.
When a machine sends a IP broadcast packet to an Ethernet interface that the
checksum offload flags are set, the packet goes through ether_output() ->
looutput() and the offload flags is cleared without calculating the checksum.
And then, ip_input() calculate the packet's checksum because it's csum_flags is
zero. It regard as bad checksum and it's dropped because the packet's ifp
is s not lo0's. Fixes this bug by passing csum_flags as "calculated and good"
when IN_LOOPBACK_NEED_CHECKSUM() is false. Advised by ryo@.
This problem was seen when "routed -s" was used and the machine's interface's
offload flags were set. bad checksum field of "netstat -s" was increased every
30 seconds.
Fix comment.
To generate a diff of this commit:
cvs rdiff -u -r1.107 -r1.107.2.1 src/sys/net/if_loop.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_loop.c
diff -u src/sys/net/if_loop.c:1.107 src/sys/net/if_loop.c:1.107.2.1
--- src/sys/net/if_loop.c:1.107 Fri Apr 26 08:38:25 2019
+++ src/sys/net/if_loop.c Thu Nov 14 15:34:35 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: if_loop.c,v 1.107 2019/04/26 08:38:25 pgoyette Exp $ */
+/* $NetBSD: if_loop.c,v 1.107.2.1 2019/11/14 15:34:35 martin Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -65,7 +65,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: if_loop.c,v 1.107 2019/04/26 08:38:25 pgoyette Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_loop.c,v 1.107.2.1 2019/11/14 15:34:35 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -321,8 +321,13 @@ looutput(struct ifnet *ifp, struct mbuf
KASSERT((csum_flags & ~(M_CSUM_IPv4|M_CSUM_UDPv4)) == 0);
if (csum_flags != 0 && IN_LOOPBACK_NEED_CHECKSUM(csum_flags)) {
in_undefer_cksum(m, 0, csum_flags);
+ m->m_pkthdr.csum_flags = 0;
+ } else {
+ /*
+ * Do nothing. Pass M_CSUM_IPv4 and M_CSUM_UDPv4 as
+ * they are to tell those are calculated and good.
+ */
}
- m->m_pkthdr.csum_flags = 0;
pktq = ip_pktq;
break;
#endif
@@ -333,8 +338,13 @@ looutput(struct ifnet *ifp, struct mbuf
if (csum_flags != 0 &&
IN6_LOOPBACK_NEED_CHECKSUM(csum_flags)) {
in6_undefer_cksum(m, 0, csum_flags);
+ m->m_pkthdr.csum_flags = 0;
+ } else {
+ /*
+ * Do nothing. Pass M_CSUM_UDPv6 as
+ * they are to tell those are calculated and good.
+ */
}
- m->m_pkthdr.csum_flags = 0;
m->m_flags |= M_LOOP;
pktq = ip6_pktq;
break;
CVS commit: [netbsd-9] src/sys/net
Module Name:src Committed By: martin Date: Wed Oct 23 19:28:49 UTC 2019 Modified Files: src/sys/net [netbsd-9]: if_vlan.c Log Message: Pull up following revision(s) (requested by ozaki-r in ticket #367): sys/net/if_vlan.c: revision 1.147 vlan: get rid of unnecessary if_ipackets++ in vlan_input It's done by if_input() below now. Pointed out by msaitoh@ To generate a diff of this commit: cvs rdiff -u -r1.141.2.1 -r1.141.2.2 src/sys/net/if_vlan.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/net
Module Name:src Committed By: martin Date: Wed Oct 23 19:28:49 UTC 2019 Modified Files: src/sys/net [netbsd-9]: if_vlan.c Log Message: Pull up following revision(s) (requested by ozaki-r in ticket #367): sys/net/if_vlan.c: revision 1.147 vlan: get rid of unnecessary if_ipackets++ in vlan_input It's done by if_input() below now. Pointed out by msaitoh@ To generate a diff of this commit: cvs rdiff -u -r1.141.2.1 -r1.141.2.2 src/sys/net/if_vlan.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/net/if_vlan.c diff -u src/sys/net/if_vlan.c:1.141.2.1 src/sys/net/if_vlan.c:1.141.2.2 --- src/sys/net/if_vlan.c:1.141.2.1 Sun Sep 1 11:07:06 2019 +++ src/sys/net/if_vlan.c Wed Oct 23 19:28:49 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: if_vlan.c,v 1.141.2.1 2019/09/01 11:07:06 martin Exp $ */ +/* $NetBSD: if_vlan.c,v 1.141.2.2 2019/10/23 19:28:49 martin Exp $ */ /* * Copyright (c) 2000, 2001 The NetBSD Foundation, Inc. @@ -78,7 +78,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: if_vlan.c,v 1.141.2.1 2019/09/01 11:07:06 martin Exp $"); +__KERNEL_RCSID(0, "$NetBSD: if_vlan.c,v 1.141.2.2 2019/10/23 19:28:49 martin Exp $"); #ifdef _KERNEL_OPT #include "opt_inet.h" @@ -1656,7 +1656,6 @@ vlan_input(struct ifnet *ifp, struct mbu } m_set_rcvif(m, >ifv_if); - ifv->ifv_if.if_ipackets++; if (pfil_run_hooks(ifp->if_pfil, , ifp, PFIL_IN) != 0) goto out;
CVS commit: [netbsd-9] src/sys/net
Module Name:src Committed By: martin Date: Wed Oct 16 09:46:55 UTC 2019 Modified Files: src/sys/net [netbsd-9]: bpf.c Log Message: Pull up following revision(s) (requested by maxv in ticket #335): sys/net/bpf.c: revision 1.230 sys/net/bpf.c: revision 1.231 Add KASSERT to catch bugs. Something tells me it could easily fire. - As I suspected, the KASSERT I added yesterday can fire if we try to process zero-sized packets. Skip them to prevent a type confusion that can trigger random page faults later. To generate a diff of this commit: cvs rdiff -u -r1.229 -r1.229.2.1 src/sys/net/bpf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/net
Module Name:src
Committed By: martin
Date: Wed Oct 16 09:46:55 UTC 2019
Modified Files:
src/sys/net [netbsd-9]: bpf.c
Log Message:
Pull up following revision(s) (requested by maxv in ticket #335):
sys/net/bpf.c: revision 1.230
sys/net/bpf.c: revision 1.231
Add KASSERT to catch bugs. Something tells me it could easily fire.
-
As I suspected, the KASSERT I added yesterday can fire if we try to process
zero-sized packets. Skip them to prevent a type confusion that can trigger
random page faults later.
To generate a diff of this commit:
cvs rdiff -u -r1.229 -r1.229.2.1 src/sys/net/bpf.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/bpf.c
diff -u src/sys/net/bpf.c:1.229 src/sys/net/bpf.c:1.229.2.1
--- src/sys/net/bpf.c:1.229 Wed Jul 10 17:55:33 2019
+++ src/sys/net/bpf.c Wed Oct 16 09:46:55 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: bpf.c,v 1.229 2019/07/10 17:55:33 maxv Exp $ */
+/* $NetBSD: bpf.c,v 1.229.2.1 2019/10/16 09:46:55 martin Exp $ */
/*
* Copyright (c) 1990, 1991, 1993
@@ -39,7 +39,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.229 2019/07/10 17:55:33 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.229.2.1 2019/10/16 09:46:55 martin Exp $");
#if defined(_KERNEL_OPT)
#include "opt_bpf.h"
@@ -1676,10 +1676,16 @@ _bpf_mtap(struct bpf_if *bp, struct mbuf
pktlen = m_length(m);
+ /* Skip zero-sized packets. */
+ if (__predict_false(pktlen == 0)) {
+ return;
+ }
+
if (pktlen == m->m_len) {
cpfn = (void *)memcpy;
marg = mtod(m, void *);
buflen = pktlen;
+ KASSERT(buflen != 0);
} else {
cpfn = bpf_mcpy;
marg = m;
CVS commit: [netbsd-9] src/sys/net
Module Name:src
Committed By: martin
Date: Tue Oct 8 17:02:25 UTC 2019
Modified Files:
src/sys/net [netbsd-9]: if_ethersubr.c
Log Message:
Pull up following revision(s) (requested by msaitoh in ticket #292):
sys/net/if_ethersubr.c: revision 1.277
sys/net/if_ethersubr.c: revision 1.278
Increment if_iqdrops when dropping an oversized frame.
-
Print oversized frame's message only when DIAGNOSTIC is set. The message
is not so important because we increment if_iqdrops now.
To generate a diff of this commit:
cvs rdiff -u -r1.276 -r1.276.2.1 src/sys/net/if_ethersubr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/if_ethersubr.c
diff -u src/sys/net/if_ethersubr.c:1.276 src/sys/net/if_ethersubr.c:1.276.2.1
--- src/sys/net/if_ethersubr.c:1.276 Wed Jul 17 03:26:24 2019
+++ src/sys/net/if_ethersubr.c Tue Oct 8 17:02:24 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: if_ethersubr.c,v 1.276 2019/07/17 03:26:24 msaitoh Exp $ */
+/* $NetBSD: if_ethersubr.c,v 1.276.2.1 2019/10/08 17:02:24 martin Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -61,7 +61,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.276 2019/07/17 03:26:24 msaitoh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_ethersubr.c,v 1.276.2.1 2019/10/08 17:02:24 martin Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -164,10 +164,12 @@ extern u_char aarp_org_code[3];
#include
#endif
+#ifdef DIAGNOSTIC
static struct timeval bigpktppslim_last;
static int bigpktppslim = 2; /* XXX */
static int bigpktpps_count;
static kmutex_t bigpktpps_lock __cacheline_aligned;
+#endif
const uint8_t etherbroadcastaddr[ETHER_ADDR_LEN] =
{ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
@@ -612,6 +614,7 @@ ether_input(struct ifnet *ifp, struct mb
*/
if (etype != ETHERTYPE_MPLS && m->m_pkthdr.len >
ETHER_MAX_FRAME(ifp, etype, m->m_flags & M_HASFCS)) {
+#ifdef DIAGNOSTIC
mutex_enter(_lock);
if (ppsratecheck(_last, _count,
bigpktppslim)) {
@@ -619,6 +622,8 @@ ether_input(struct ifnet *ifp, struct mb
ifp->if_xname, m->m_pkthdr.len);
}
mutex_exit(_lock);
+#endif
+ ifp->if_iqdrops++;
m_freem(m);
return;
}
@@ -1717,6 +1722,8 @@ void
etherinit(void)
{
+#ifdef DIAGNOSTIC
mutex_init(_lock, MUTEX_DEFAULT, IPL_NET);
+#endif
ether_sysctl_setup(NULL);
}
CVS commit: [netbsd-9] src/sys/net
Module Name:src Committed By: martin Date: Tue Oct 8 17:02:25 UTC 2019 Modified Files: src/sys/net [netbsd-9]: if_ethersubr.c Log Message: Pull up following revision(s) (requested by msaitoh in ticket #292): sys/net/if_ethersubr.c: revision 1.277 sys/net/if_ethersubr.c: revision 1.278 Increment if_iqdrops when dropping an oversized frame. - Print oversized frame's message only when DIAGNOSTIC is set. The message is not so important because we increment if_iqdrops now. To generate a diff of this commit: cvs rdiff -u -r1.276 -r1.276.2.1 src/sys/net/if_ethersubr.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/net
Module Name:src
Committed By: martin
Date: Thu Oct 3 17:12:53 UTC 2019
Modified Files:
src/sys/net [netbsd-9]: route.c
Log Message:
Pull up following revision(s) (requested by knakahara in ticket #272):
sys/net/route.c: revision 1.222
sys/net/route.c: revision 1.224
sys/net/route.c: revision 1.225
Stop passing a large const structure by value, in order to avoid
possible kernel stack overflow; const pointer is suffice here.
Pointed out by the lgtm bot and kamil.
OK ozaki-r
-
Fix a ifa_release() leak for a specific struct rt_addrinfo.
ok by ozaki-r@n.o
-
Revert route.c:r1.224 to fix net/arp/t_arp and net/ndp/t_ndp failure.
And refactor a little. Discussed with ozaki-r@n.o.
To generate a diff of this commit:
cvs rdiff -u -r1.219.2.1 -r1.219.2.2 src/sys/net/route.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/route.c
diff -u src/sys/net/route.c:1.219.2.1 src/sys/net/route.c:1.219.2.2
--- src/sys/net/route.c:1.219.2.1 Tue Sep 24 03:10:35 2019
+++ src/sys/net/route.c Thu Oct 3 17:12:53 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: route.c,v 1.219.2.1 2019/09/24 03:10:35 martin Exp $ */
+/* $NetBSD: route.c,v 1.219.2.2 2019/10/03 17:12:53 martin Exp $ */
/*-
* Copyright (c) 1998, 2008 The NetBSD Foundation, Inc.
@@ -97,7 +97,7 @@
#endif
#include
-__KERNEL_RCSID(0, "$NetBSD: route.c,v 1.219.2.1 2019/09/24 03:10:35 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: route.c,v 1.219.2.2 2019/10/03 17:12:53 martin Exp $");
#include
#ifdef RTFLUSH_DEBUG
@@ -1387,47 +1387,48 @@ rt_setgate(struct rtentry *rt, const str
}
static struct ifaddr *
-rt_update_get_ifa(const struct rt_addrinfo info, const struct rtentry *rt,
+rt_update_get_ifa(const struct rt_addrinfo *info, const struct rtentry *rt,
struct ifnet **ifp, struct psref *psref_ifp, struct psref *psref)
{
struct ifaddr *ifa = NULL;
*ifp = NULL;
- if (info.rti_info[RTAX_IFP] != NULL) {
- ifa = ifa_ifwithnet_psref(info.rti_info[RTAX_IFP], psref);
+ if (info->rti_info[RTAX_IFP] != NULL) {
+ ifa = ifa_ifwithnet_psref(info->rti_info[RTAX_IFP], psref);
if (ifa == NULL)
goto next;
*ifp = ifa->ifa_ifp;
if_acquire(*ifp, psref_ifp);
- if (info.rti_info[RTAX_IFA] == NULL &&
- info.rti_info[RTAX_GATEWAY] == NULL)
- goto next;
+ if (info->rti_info[RTAX_IFA] == NULL &&
+ info->rti_info[RTAX_GATEWAY] == NULL)
+ goto out;
ifa_release(ifa, psref);
- if (info.rti_info[RTAX_IFA] == NULL) {
+ if (info->rti_info[RTAX_IFA] == NULL) {
/* route change -ifp */
- ifa = ifaof_ifpforaddr_psref(info.rti_info[RTAX_GATEWAY],
- *ifp, psref);
+ ifa = ifaof_ifpforaddr_psref(
+ info->rti_info[RTAX_GATEWAY], *ifp, psref);
} else {
/* route change -ifp -ifa */
- ifa = ifa_ifwithaddr_psref(info.rti_info[RTAX_IFA], psref);
+ ifa = ifa_ifwithaddr_psref(info->rti_info[RTAX_IFA],
+ psref);
if (ifa != NULL)
goto out;
- ifa = ifaof_ifpforaddr_psref(info.rti_info[RTAX_IFA],
+ ifa = ifaof_ifpforaddr_psref(info->rti_info[RTAX_IFA],
*ifp, psref);
}
goto out;
}
next:
- if (info.rti_info[RTAX_IFA] != NULL) {
+ if (info->rti_info[RTAX_IFA] != NULL) {
/* route change -ifa */
- ifa = ifa_ifwithaddr_psref(info.rti_info[RTAX_IFA], psref);
+ ifa = ifa_ifwithaddr_psref(info->rti_info[RTAX_IFA], psref);
if (ifa != NULL)
goto out;
}
- if (info.rti_info[RTAX_GATEWAY] != NULL) {
+ if (info->rti_info[RTAX_GATEWAY] != NULL) {
/* route change */
ifa = ifa_ifwithroute_psref(rt->rt_flags, rt_getkey(rt),
- info.rti_info[RTAX_GATEWAY], psref);
+ info->rti_info[RTAX_GATEWAY], psref);
}
out:
if (ifa != NULL && *ifp == NULL) {
@@ -1487,7 +1488,7 @@ rt_update(struct rtentry *rt, struct rt_
* flags may also be different; ifp may be specified
* by ll sockaddr when protocol address is ambiguous
*/
- new_ifa = rt_update_get_ifa(*info, rt, _ifp, _new_ifp,
+ new_ifa = rt_update_get_ifa(info, rt, _ifp, _new_ifp,
_new_ifa);
if (new_ifa != NULL) {
ifa_release(ifa, _ifa);
CVS commit: [netbsd-9] src/sys/net
Module Name:src Committed By: martin Date: Thu Oct 3 17:12:53 UTC 2019 Modified Files: src/sys/net [netbsd-9]: route.c Log Message: Pull up following revision(s) (requested by knakahara in ticket #272): sys/net/route.c: revision 1.222 sys/net/route.c: revision 1.224 sys/net/route.c: revision 1.225 Stop passing a large const structure by value, in order to avoid possible kernel stack overflow; const pointer is suffice here. Pointed out by the lgtm bot and kamil. OK ozaki-r - Fix a ifa_release() leak for a specific struct rt_addrinfo. ok by ozaki-r@n.o - Revert route.c:r1.224 to fix net/arp/t_arp and net/ndp/t_ndp failure. And refactor a little. Discussed with ozaki-r@n.o. To generate a diff of this commit: cvs rdiff -u -r1.219.2.1 -r1.219.2.2 src/sys/net/route.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/net/npf
Module Name:src
Committed By: martin
Date: Wed Aug 7 08:28:37 UTC 2019
Modified Files:
src/sys/net/npf [netbsd-9]: npf.c npf_conn.c npf_conn.h
Log Message:
Pull up following revision(s) (requested by rmind in ticket #25):
sys/net/npf/npf_conn.h: revision 1.17
sys/net/npf/npf.c: revision 1.39
sys/net/npf/npf_conn.c: revision 1.28
sys/net/npf/npf_conn.c: revision 1.29
Introduce an npf_conn_destroy_idx() that can handle partially constructed
conn structures.
- npf_conn_init(): fix a race when initialising the G/C thread.
- Fix a bug when partially initialised connection is destroyed on error.
(from rmind@)
To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.38.2.1 src/sys/net/npf/npf.c
cvs rdiff -u -r1.27 -r1.27.2.1 src/sys/net/npf/npf_conn.c
cvs rdiff -u -r1.16 -r1.16.2.1 src/sys/net/npf/npf_conn.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/npf/npf.c
diff -u src/sys/net/npf/npf.c:1.38 src/sys/net/npf/npf.c:1.38.2.1
--- src/sys/net/npf/npf.c:1.38 Tue Jul 23 00:52:01 2019
+++ src/sys/net/npf/npf.c Wed Aug 7 08:28:37 2019
@@ -33,7 +33,7 @@
#ifdef _KERNEL
#include
-__KERNEL_RCSID(0, "$NetBSD: npf.c,v 1.38 2019/07/23 00:52:01 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf.c,v 1.38.2.1 2019/08/07 08:28:37 martin Exp $");
#include
#include
@@ -79,13 +79,17 @@ npf_create(int flags, const npf_mbufops_
npf_param_init(npf);
npf_state_sysinit(npf);
npf_ifmap_init(npf, ifops);
- npf_conn_init(npf, flags);
+ npf_conn_init(npf);
npf_portmap_init(npf);
npf_alg_init(npf);
npf_ext_init(npf);
/* Load an empty configuration. */
npf_config_init(npf);
+
+ if ((flags & NPF_NO_GC) == 0) {
+ npf_worker_register(npf, npf_conn_worker);
+ }
return npf;
}
Index: src/sys/net/npf/npf_conn.c
diff -u src/sys/net/npf/npf_conn.c:1.27 src/sys/net/npf/npf_conn.c:1.27.2.1
--- src/sys/net/npf/npf_conn.c:1.27 Tue Jul 23 00:52:01 2019
+++ src/sys/net/npf/npf_conn.c Wed Aug 7 08:28:37 2019
@@ -107,7 +107,7 @@
#ifdef _KERNEL
#include
-__KERNEL_RCSID(0, "$NetBSD: npf_conn.c,v 1.27 2019/07/23 00:52:01 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_conn.c,v 1.27.2.1 2019/08/07 08:28:37 martin Exp $");
#include
#include
@@ -149,7 +149,7 @@ static nvlist_t *npf_conn_export(npf_t *
*/
void
-npf_conn_init(npf_t *npf, int flags)
+npf_conn_init(npf_t *npf)
{
npf->conn_cache[0] = pool_cache_init(
offsetof(npf_conn_t, c_keys[NPF_CONNKEY_V4WORDS * 2]),
@@ -161,10 +161,6 @@ npf_conn_init(npf_t *npf, int flags)
mutex_init(>conn_lock, MUTEX_DEFAULT, IPL_NONE);
npf->conn_tracking = CONN_TRACKING_OFF;
npf->conn_db = npf_conndb_create();
-
- if ((flags & NPF_NO_GC) == 0) {
- npf_worker_register(npf, npf_conn_worker);
- }
npf_conndb_sysinit(npf);
}
@@ -429,6 +425,7 @@ npf_conn_establish(npf_cache_t *npc, int
con->c_proto = npc->npc_proto;
CTASSERT(sizeof(con->c_proto) >= sizeof(npc->npc_proto));
+ con->c_alen = alen;
/* Initialize the protocol state. */
if (!npf_state_init(npc, >c_state)) {
@@ -499,9 +496,7 @@ err:
void
npf_conn_destroy(npf_t *npf, npf_conn_t *con)
{
- const npf_connkey_t *key = npf_conn_getforwkey(con);
- const unsigned alen = NPF_CONNKEY_ALEN(key);
- const unsigned idx __unused = NPF_CONNCACHE(alen);
+ const unsigned idx __unused = NPF_CONNCACHE(con->c_alen);
KASSERT(con->c_refcnt == 0);
@@ -794,6 +789,7 @@ npf_conn_export(npf_t *npf, npf_conn_t *
fw = npf_conn_getforwkey(con);
alen = NPF_CONNKEY_ALEN(fw);
+ KASSERT(alen == con->c_alen);
bk = npf_conn_getbackkey(con, alen);
kdict = npf_connkey_export(fw);
Index: src/sys/net/npf/npf_conn.h
diff -u src/sys/net/npf/npf_conn.h:1.16 src/sys/net/npf/npf_conn.h:1.16.2.1
--- src/sys/net/npf/npf_conn.h:1.16 Tue Jul 23 00:52:01 2019
+++ src/sys/net/npf/npf_conn.h Wed Aug 7 08:28:37 2019
@@ -50,7 +50,8 @@ struct npf_conn {
* Protocol, address length, the interface ID (if zero,
* then the state is global) and connection flags.
*/
- unsigned c_proto;
+ uint16_t c_proto;
+ uint16_t c_alen;
unsigned c_ifid;
unsigned c_flags;
@@ -123,7 +124,7 @@ void npf_connkey_print(const npf_connke
/*
* Connection tracking interface.
*/
-void npf_conn_init(npf_t *, int);
+void npf_conn_init(npf_t *);
void npf_conn_fini(npf_t *);
void npf_conn_tracking(npf_t *, bool);
void npf_conn_load(npf_t *, npf_conndb_t *, bool);
CVS commit: [netbsd-9] src/sys/net/npf
Module Name:src Committed By: martin Date: Wed Aug 7 08:28:37 UTC 2019 Modified Files: src/sys/net/npf [netbsd-9]: npf.c npf_conn.c npf_conn.h Log Message: Pull up following revision(s) (requested by rmind in ticket #25): sys/net/npf/npf_conn.h: revision 1.17 sys/net/npf/npf.c: revision 1.39 sys/net/npf/npf_conn.c: revision 1.28 sys/net/npf/npf_conn.c: revision 1.29 Introduce an npf_conn_destroy_idx() that can handle partially constructed conn structures. - npf_conn_init(): fix a race when initialising the G/C thread. - Fix a bug when partially initialised connection is destroyed on error. (from rmind@) To generate a diff of this commit: cvs rdiff -u -r1.38 -r1.38.2.1 src/sys/net/npf/npf.c cvs rdiff -u -r1.27 -r1.27.2.1 src/sys/net/npf/npf_conn.c cvs rdiff -u -r1.16 -r1.16.2.1 src/sys/net/npf/npf_conn.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-9] src/sys/net
Module Name:src
Committed By: martin
Date: Sun Aug 4 11:40:11 UTC 2019
Modified Files:
src/sys/net [netbsd-9]: raw_usrreq.c
Log Message:
Pull up following revision(s) (requested by ozaki-r in ticket #7):
sys/net/raw_usrreq.c: revision 1.63
sys/net/raw_usrreq.c: revision 1.64
Fix typo (s/m_free/m_freem/)
This fixes PR kern/54419 "mbuf leak when deleting route" from sc dying.
-
Fix typo (s/m_free/m_freem/) (one more)
To generate a diff of this commit:
cvs rdiff -u -r1.62 -r1.62.4.1 src/sys/net/raw_usrreq.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/net/raw_usrreq.c
diff -u src/sys/net/raw_usrreq.c:1.62 src/sys/net/raw_usrreq.c:1.62.4.1
--- src/sys/net/raw_usrreq.c:1.62 Fri Sep 7 06:13:14 2018
+++ src/sys/net/raw_usrreq.c Sun Aug 4 11:40:11 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: raw_usrreq.c,v 1.62 2018/09/07 06:13:14 maxv Exp $ */
+/* $NetBSD: raw_usrreq.c,v 1.62.4.1 2019/08/04 11:40:11 martin Exp $ */
/*
* Copyright (c) 1980, 1986, 1993
@@ -36,7 +36,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: raw_usrreq.c,v 1.62 2018/09/07 06:13:14 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: raw_usrreq.c,v 1.62.4.1 2019/08/04 11:40:11 martin Exp $");
#include
#include
@@ -110,12 +110,12 @@ raw_input(struct mbuf *m0, struct sockpr
}
if (last != NULL) {
if (sbappendaddr(>so_rcv, src, m, NULL) == 0) {
- m_free(m);
+ m_freem(m);
soroverflow(last);
} else
sorwakeup(last);
} else {
- m_free(m);
+ m_freem(m);
}
}
CVS commit: [netbsd-9] src/sys/net
Module Name:src Committed By: martin Date: Sun Aug 4 11:40:11 UTC 2019 Modified Files: src/sys/net [netbsd-9]: raw_usrreq.c Log Message: Pull up following revision(s) (requested by ozaki-r in ticket #7): sys/net/raw_usrreq.c: revision 1.63 sys/net/raw_usrreq.c: revision 1.64 Fix typo (s/m_free/m_freem/) This fixes PR kern/54419 "mbuf leak when deleting route" from sc dying. - Fix typo (s/m_free/m_freem/) (one more) To generate a diff of this commit: cvs rdiff -u -r1.62 -r1.62.4.1 src/sys/net/raw_usrreq.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
