svn commit: r263091 - in head/sys: netinet netinet6

Wed, 12 Mar 2014 07:29:33 -0700 

Author: glebius
Date: Wed Mar 12 14:29:08 2014
New Revision: 263091
URL: http://svnweb.freebsd.org/changeset/base/263091

Log:
  Since both netinet/ and netinet6/ call into netipsec/ and netpfil/,
  the protocol specific mbuf flags are shared between them.
  
  - Move all M_FOO definitions into a single place: netinet/in6.h, to
    avoid future  clashes.
  - Resolve clash between M_DECRYPTED and M_SKIP_FIREWALL which resulted
    in a failure of operation of IPSEC and packet filters.
  
  Thanks to Nicolas and Georgios for all the hard work on bisecting,
  testing and finally finding the root of the problem.
  
  PR:                   kern/186755
  PR:                   kern/185876
  In collaboration with:        Georgios Amanakis <gamanakis gmail.com>
  In collaboration with:        Nicolas DEFFAYET <nicolas-ml deffayet.com>
  Sponsored by:         Nginx, Inc.

Modified:
  head/sys/netinet/ip_input.c
  head/sys/netinet/ip_var.h
  head/sys/netinet6/in6.h
  head/sys/netinet6/ip6_var.h

Modified: head/sys/netinet/ip_input.c
==============================================================================
--- head/sys/netinet/ip_input.c Wed Mar 12 12:27:13 2014        (r263090)
+++ head/sys/netinet/ip_input.c Wed Mar 12 14:29:08 2014        (r263091)
@@ -702,6 +702,7 @@ ours:
         * ip_reass() will return a different mbuf.
         */
        if (ip->ip_off & htons(IP_MF | IP_OFFMASK)) {
+               /* XXXGL: shouldn't we save & set m_flags? */
                m = ip_reass(m);
                if (m == NULL)
                        return;
@@ -794,6 +795,8 @@ SYSCTL_PROC(_net_inet_ip, OID_AUTO, maxf
     NULL, 0, sysctl_maxnipq, "I",
     "Maximum number of IPv4 fragment reassembly queue entries");
 
+#define        M_IP_FRAG       M_PROTO9
+
 /*
  * Take incoming datagram fragment and try to reassemble it into
  * whole datagram.  If the argument is the first fragment or one

Modified: head/sys/netinet/ip_var.h
==============================================================================
--- head/sys/netinet/ip_var.h   Wed Mar 12 12:27:13 2014        (r263090)
+++ head/sys/netinet/ip_var.h   Wed Mar 12 14:29:08 2014        (r263091)
@@ -162,15 +162,6 @@ void       kmod_ipstat_dec(int statnum);
 #define IP_ROUTETOIF           SO_DONTROUTE    /* 0x10 bypass routing tables */
 #define IP_ALLOWBROADCAST      SO_BROADCAST    /* 0x20 can send broadcast 
packets */
 
-/*
- * IPv4 protocol layer specific mbuf flags.
- */
-#define        M_FASTFWD_OURS          M_PROTO1        /* changed dst to local 
*/
-#define        M_IP_NEXTHOP            M_PROTO2        /* explicit ip nexthop 
*/
-#define        M_SKIP_FIREWALL         M_PROTO3        /* skip firewall 
processing,
-                                                  keep in sync with IP6 */
-#define        M_IP_FRAG               M_PROTO4        /* fragment reassembly 
*/
-
 #ifdef __NO_STRICT_ALIGNMENT
 #define IP_HDR_ALIGNED_P(ip)   1
 #else

Modified: head/sys/netinet6/in6.h
==============================================================================
--- head/sys/netinet6/in6.h     Wed Mar 12 12:27:13 2014        (r263090)
+++ head/sys/netinet6/in6.h     Wed Mar 12 14:29:08 2014        (r263091)
@@ -622,13 +622,18 @@ struct ip6_mtuinfo {
 #endif /* __BSD_VISIBLE */
 
 /*
- * Redefinition of mbuf flags
+ * Since both netinet/ and netinet6/ call into netipsec/ and netpfil/,
+ * the protocol specific mbuf flags are shared between them.
  */
-#define        M_AUTHIPHDR     M_PROTO2
-#define        M_DECRYPTED     M_PROTO3
-#define        M_LOOP          M_PROTO4
-#define        M_AUTHIPDGM     M_PROTO5
-#define        M_RTALERT_MLD   M_PROTO6
+#define        M_FASTFWD_OURS          M_PROTO1        /* changed dst to local 
*/
+#define        M_IP6_NEXTHOP           M_PROTO2        /* explicit ip nexthop 
*/
+#define        M_IP_NEXTHOP            M_PROTO2        /* explicit ip nexthop 
*/
+#define        M_SKIP_FIREWALL         M_PROTO3        /* skip firewall 
processing */
+#define        M_AUTHIPHDR             M_PROTO4
+#define        M_DECRYPTED             M_PROTO5
+#define        M_LOOP                  M_PROTO6
+#define        M_AUTHIPDGM             M_PROTO7
+#define        M_RTALERT_MLD           M_PROTO8
 
 #ifdef _KERNEL
 struct cmsghdr;

Modified: head/sys/netinet6/ip6_var.h
==============================================================================
--- head/sys/netinet6/ip6_var.h Wed Mar 12 12:27:13 2014        (r263090)
+++ head/sys/netinet6/ip6_var.h Wed Mar 12 14:29:08 2014        (r263091)
@@ -293,13 +293,6 @@ struct ip6aux {
 #define        IPV6_FORWARDING         0x02    /* most of IPv6 header exists */
 #define        IPV6_MINMTU             0x04    /* use minimum MTU 
(IPV6_USE_MIN_MTU) */
 
-/*
- * IPv6 protocol layer specific mbuf flags.
- */
-#define        M_IP6_NEXTHOP           M_PROTO2        /* explicit ip nexthop 
*/
-#define        M_SKIP_FIREWALL         M_PROTO3        /* skip firewall 
processing,
-                                                  keep in sync with IPv4 */
-
 #ifdef __NO_STRICT_ALIGNMENT
 #define IP6_HDR_ALIGNED_P(ip)  1
 #else
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Reply via email to