svn commit: r241923 - in head/sys: netinet netipsec

2012-10-23 Thread Gleb Smirnoff 
Author: glebius
Date: Tue Oct 23 08:33:13 2012
New Revision: 241923
URL: http://svn.freebsd.org/changeset/base/241923

Log:
Do not reduce ip_len by size of IP header in the ip_input()
  before passing a packet to protocol input routines.
For several protocols this mean that now protocol needs to
  do subtraction itself, and for another half this means that
  we do not need to add header length back to the packet.
  
Make ip_stripoptions() to adjust ip_len, since now we enter
  this function with a packet header whose ip_len does represent
  length of entire packet, not payload only.

Modified:
  head/sys/netinet/igmp.c
  head/sys/netinet/ip_icmp.c
  head/sys/netinet/ip_input.c
  head/sys/netinet/ip_options.c
  head/sys/netinet/raw_ip.c
  head/sys/netinet/sctp_input.c
  head/sys/netinet/tcp_input.c
  head/sys/netinet/udp_usrreq.c
  head/sys/netipsec/xform_ah.c

Modified: head/sys/netinet/igmp.c
==
--- head/sys/netinet/igmp.c Tue Oct 23 08:22:01 2012(r241922)
+++ head/sys/netinet/igmp.c Tue Oct 23 08:33:13 2012(r241923)
@@ -1442,7 +1442,7 @@ igmp_input(struct mbuf *m, int off)
 
ip = mtod(m, struct ip *);
iphlen = off;
-   igmplen = ntohs(ip-ip_len);
+   igmplen = ntohs(ip-ip_len) - off;
 
/*
 * Validate lengths.

Modified: head/sys/netinet/ip_icmp.c
==
--- head/sys/netinet/ip_icmp.c  Tue Oct 23 08:22:01 2012(r241922)
+++ head/sys/netinet/ip_icmp.c  Tue Oct 23 08:33:13 2012(r241923)
@@ -359,7 +359,7 @@ icmp_input(struct mbuf *m, int off)
struct ip *ip = mtod(m, struct ip *);
struct sockaddr_in icmpsrc, icmpdst, icmpgw;
int hlen = off;
-   int icmplen = ntohs(ip-ip_len);
+   int icmplen = ntohs(ip-ip_len) - off;
int i, code;
void (*ctlfunc)(int, struct sockaddr *, void *);
int fibnum;
@@ -592,8 +592,6 @@ icmp_input(struct mbuf *m, int off)
}
ifa_free(ia-ia_ifa);
 reflect:
-   /* Since ip_input() deducts this. */
-   ip-ip_len = htons(ntohs(ip-ip_len) + hlen);
ICMPSTAT_INC(icps_reflect);
ICMPSTAT_INC(icps_outhist[icp-icmp_type]);
icmp_reflect(m);

Modified: head/sys/netinet/ip_input.c
==
--- head/sys/netinet/ip_input.c Tue Oct 23 08:22:01 2012(r241922)
+++ head/sys/netinet/ip_input.c Tue Oct 23 08:33:13 2012(r241923)
@@ -731,12 +731,6 @@ ours:
ip_len = ntohs(ip-ip_len);
}
 
-   /*
-* Further protocols expect the packet length to be w/o the
-* IP header.
-*/
-   ip-ip_len = htons(ip_len - hlen);
-
 #ifdef IPSEC
/*
 * enforce IPsec policy checking if we are seeing last header.

Modified: head/sys/netinet/ip_options.c
==
--- head/sys/netinet/ip_options.c   Tue Oct 23 08:22:01 2012
(r241922)
+++ head/sys/netinet/ip_options.c   Tue Oct 23 08:33:13 2012
(r241923)
@@ -470,7 +470,7 @@ ip_stripoptions(struct mbuf *m)
m-m_len -= olen;
if (m-m_flags  M_PKTHDR)
m-m_pkthdr.len -= olen;
-   ip-ip_v = IPVERSION;
+   ip-ip_len = htons(ntohs(ip-ip_len) - olen);
ip-ip_hl = sizeof(struct ip)  2;
 }
 

Modified: head/sys/netinet/raw_ip.c
==
--- head/sys/netinet/raw_ip.c   Tue Oct 23 08:22:01 2012(r241922)
+++ head/sys/netinet/raw_ip.c   Tue Oct 23 08:33:13 2012(r241923)
@@ -287,12 +287,9 @@ rip_input(struct mbuf *m, int off)
 
ifp = m-m_pkthdr.rcvif;
/*
-* Add back the IP header length which was
-* removed by ip_input().  Raw sockets do
-* not modify the packet except for some
-* byte order swaps.
+* Applications on raw sockets expect host byte order.
 */
-   ip-ip_len = ntohs(ip-ip_len) + off;
+   ip-ip_len = ntohs(ip-ip_len);
ip-ip_off = ntohs(ip-ip_off);
 
hash = INP_PCBHASH_RAW(proto, ip-ip_src.s_addr,
@@ -506,7 +503,8 @@ rip_output(struct mbuf *m, struct socket
ip-ip_id = ip_newid();
 
/*
-* Applications on raw sockets expect host byte order.
+* Applications on raw sockets pass us packets
+* in host byte order.
 */
ip-ip_len = htons(ip-ip_len);
ip-ip_off = htons(ip-ip_off);

Modified: head/sys/netinet/sctp_input.c
==
--- head/sys/netinet/sctp_input.c   Tue Oct 23 08:22:01 2012
(r241922)
+++ head/sys/netinet/sctp_input.c

Re: svn commit: r241923 - in head/sys: netinet netipsec

2012-10-23 Thread Andre Oppermann 

On 23.10.2012 10:33, Gleb Smirnoff wrote:

Author: glebius
Date: Tue Oct 23 08:33:13 2012
New Revision: 241923
URL: http://svn.freebsd.org/changeset/base/241923

Log:
 Do not reduce ip_len by size of IP header in the ip_input()
   before passing a packet to protocol input routines.
 For several protocols this mean that now protocol needs to
   do subtraction itself, and for another half this means that
   we do not need to add header length back to the packet.


Yay! More Mammoth shit getting washed away! ;)

Please add an entry to UPDATING as the convention of of ip_len
subtraction has been there since forever. That makes it easier
to discover for third parties writing code.

--
Andre

___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

Re: svn commit: r241923 - in head/sys: netinet netipsec

2012-10-23 Thread Gleb Smirnoff 
On Tue, Oct 23, 2012 at 11:12:00AM +0200, Andre Oppermann wrote:
A On 23.10.2012 10:33, Gleb Smirnoff wrote:
A  Author: glebius
A  Date: Tue Oct 23 08:33:13 2012
A  New Revision: 241923
A  URL: http://svn.freebsd.org/changeset/base/241923
A 
A  Log:
A   Do not reduce ip_len by size of IP header in the ip_input()
A before passing a packet to protocol input routines.
A   For several protocols this mean that now protocol needs to
A do subtraction itself, and for another half this means that
A we do not need to add header length back to the packet.
A 
A Yay! More Mammoth shit getting washed away! ;)
A 
A Please add an entry to UPDATING as the convention of of ip_len
A subtraction has been there since forever. That makes it easier
A to discover for third parties writing code.

Not sure it worth. Never heard of any loadable protocol outside
of tree.

Those loadable protocols that we have in tree (carp, divert) do
not look at ip_len.

-- 
Totus tuus, Glebius.
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

Re: svn commit: r241923 - in head/sys: netinet netipsec

2012-10-23 Thread Garrett Cooper 
On Tue, Oct 23, 2012 at 3:16 AM, Gleb Smirnoff gleb...@freebsd.org wrote:
 On Tue, Oct 23, 2012 at 11:12:00AM +0200, Andre Oppermann wrote:
 A On 23.10.2012 10:33, Gleb Smirnoff wrote:
 A  Author: glebius
 A  Date: Tue Oct 23 08:33:13 2012
 A  New Revision: 241923
 A  URL: http://svn.freebsd.org/changeset/base/241923
 A 
 A  Log:
 A   Do not reduce ip_len by size of IP header in the ip_input()
 A before passing a packet to protocol input routines.
 A   For several protocols this mean that now protocol needs to
 A do subtraction itself, and for another half this means that
 A we do not need to add header length back to the packet.
 A
 A Yay! More Mammoth shit getting washed away! ;)
 A
 A Please add an entry to UPDATING as the convention of of ip_len
 A subtraction has been there since forever. That makes it easier
 A to discover for third parties writing code.

 Not sure it worth. Never heard of any loadable protocol outside
 of tree.

 Those loadable protocols that we have in tree (carp, divert) do
 not look at ip_len.

I would follow Andre's advice. People can get clever when
developing under a tight deadline, which can result in interesting
breakage.
Thanks!
-Garrett
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org