From owner-dev-commits-src-branches@freebsd.org Mon May 24 14:06:02 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 64BEF63506F; Mon, 24 May 2021 14:06:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FpfBf2BfDz3pgc; Mon, 24 May 2021 14:06:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2C90A3258; Mon, 24 May 2021 14:06:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14OE62xO093231; Mon, 24 May 2021 14:06:02 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14OE62TL093230; Mon, 24 May 2021 14:06:02 GMT (envelope-from git) Date: Mon, 24 May 2021 14:06:02 GMT Message-Id: <202105241406.14OE62TL093230@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: f1119657d82e - stable/13 - linux: Fix a mistake in commit fb58045145 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: f1119657d82ee8c7c7d3fb624d6e98927e459402 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 May 2021 14:06:02 -0000 The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=f1119657d82ee8c7c7d3fb624d6e98927e459402 commit f1119657d82ee8c7c7d3fb624d6e98927e459402 Author: Mark Johnston AuthorDate: 2021-05-17 02:17:53 +0000 Commit: Mark Johnston CommitDate: 2021-05-24 14:05:43 +0000 linux: Fix a mistake in commit fb58045145 The change to futex_andl_smap() should have ordered stac before the load from a user address, otherwise it does not fix anything. Fixes: fb58045145 ("linux: Fix SMAP-enabled futex routines") Sponsored by: The FreeBSD Foundation (cherry picked from commit 60cb98a1bd2e4ea8fda532261f7211f5d4eba9c0) --- sys/amd64/linux32/linux32_support.s | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/amd64/linux32/linux32_support.s b/sys/amd64/linux32/linux32_support.s index f3ec3bd8c776..da076010c13c 100644 --- a/sys/amd64/linux32/linux32_support.s +++ b/sys/amd64/linux32/linux32_support.s @@ -168,8 +168,8 @@ ENTRY(futex_andl_smap) movq $VM_MAXUSER_ADDRESS-4,%rax cmpq %rax,%rsi ja futex_fault - movl (%rsi),%eax stac + movl (%rsi),%eax 1: movl %eax,%ecx andl %edi,%ecx #ifdef SMP From owner-dev-commits-src-branches@freebsd.org Mon May 24 14:06:21 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 438FE63555F; Mon, 24 May 2021 14:06:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FpfC10jSMz3q0v; Mon, 24 May 2021 14:06:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 01E6B399A; Mon, 24 May 2021 14:06:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14OE6KBf093365; Mon, 24 May 2021 14:06:20 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14OE6Kvo093364; Mon, 24 May 2021 14:06:20 GMT (envelope-from git) Date: Mon, 24 May 2021 14:06:20 GMT Message-Id: <202105241406.14OE6Kvo093364@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: ef46ce0e29ac - stable/12 - linux: Fix a mistake in commit fb58045145 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: ef46ce0e29ac89daabe3e65efacd57eff02172c1 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 May 2021 14:06:21 -0000 The branch stable/12 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=ef46ce0e29ac89daabe3e65efacd57eff02172c1 commit ef46ce0e29ac89daabe3e65efacd57eff02172c1 Author: Mark Johnston AuthorDate: 2021-05-17 02:17:53 +0000 Commit: Mark Johnston CommitDate: 2021-05-24 14:06:16 +0000 linux: Fix a mistake in commit fb58045145 The change to futex_andl_smap() should have ordered stac before the load from a user address, otherwise it does not fix anything. Fixes: fb58045145 ("linux: Fix SMAP-enabled futex routines") Sponsored by: The FreeBSD Foundation (cherry picked from commit 60cb98a1bd2e4ea8fda532261f7211f5d4eba9c0) --- sys/amd64/linux32/linux32_support.s | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/amd64/linux32/linux32_support.s b/sys/amd64/linux32/linux32_support.s index f3ec3bd8c776..da076010c13c 100644 --- a/sys/amd64/linux32/linux32_support.s +++ b/sys/amd64/linux32/linux32_support.s @@ -168,8 +168,8 @@ ENTRY(futex_andl_smap) movq $VM_MAXUSER_ADDRESS-4,%rax cmpq %rax,%rsi ja futex_fault - movl (%rsi),%eax stac + movl (%rsi),%eax 1: movl %eax,%ecx andl %edi,%ecx #ifdef SMP From owner-dev-commits-src-branches@freebsd.org Mon May 24 14:43:54 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2F018636407; Mon, 24 May 2021 14:43:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fpg2K60FNz4dtZ; Mon, 24 May 2021 14:43:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id AC0DC40BE; Mon, 24 May 2021 14:43:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14OEhrC6045374; Mon, 24 May 2021 14:43:53 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14OEhr0l045373; Mon, 24 May 2021 14:43:53 GMT (envelope-from git) Date: Mon, 24 May 2021 14:43:53 GMT Message-Id: <202105241443.14OEhr0l045373@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Alexander Motin Subject: git: 22d8055aa216 - stable/13 - mpr/mps(4): Make device mapping some more robust. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mav X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 22d8055aa216b2e39ec48ddaeab31d542fb96bee Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 May 2021 14:43:54 -0000 The branch stable/13 has been updated by mav: URL: https://cgit.FreeBSD.org/src/commit/?id=22d8055aa216b2e39ec48ddaeab31d542fb96bee commit 22d8055aa216b2e39ec48ddaeab31d542fb96bee Author: Alexander Motin AuthorDate: 2021-04-24 03:18:01 +0000 Commit: Alexander Motin CommitDate: 2021-05-24 14:43:39 +0000 mpr/mps(4): Make device mapping some more robust. Allow new enclosure to replace previously existing one if there is no completely unused table entry, same as it is done for devices. If we can not process DPM due to corruption -- wipe it and restart from scratch. Otherwise I don't see a way to recover persistence if something go wrong and there is no BIOS to recover it for us. Together this solves a problem that appeared when 9300-8i firmware update to 16.00.10.00 somehow switched its mapping mode from Device Persistence to Enclosure/Slot without wiping the DPM table. It made HBA completely unusable, since overflowed and conflicting mapping table was unable to map any of enclosures and so devices. Also while there make some enclosure mapping errors more informative. MFC after: 1 month Sponsored by: iXsystems, Inc. (cherry picked from commit b99419aee49e2cc53747730be4d0ec4f9b330eb2) --- sys/dev/mpr/mpr_mapping.c | 71 ++++++++++++++++++++++++++++++----------------- sys/dev/mps/mps_mapping.c | 39 +++++++++++++++++--------- 2 files changed, 71 insertions(+), 39 deletions(-) diff --git a/sys/dev/mpr/mpr_mapping.c b/sys/dev/mpr/mpr_mapping.c index ef97080fb175..6c191672c24e 100644 --- a/sys/dev/mpr/mpr_mapping.c +++ b/sys/dev/mpr/mpr_mapping.c @@ -1213,9 +1213,10 @@ _mapping_get_dev_info(struct mpr_softc *sc, phy_change->is_processed = 1; mpr_dprint(sc, MPR_ERROR | MPR_MAPPING, "%s: " "failed to add the device with handle " - "0x%04x because the enclosure is not in " - "the mapping table\n", __func__, - phy_change->dev_handle); + "0x%04x because enclosure handle 0x%04x " + "is not in the mapping table\n", __func__, + phy_change->dev_handle, + topo_change->enc_handle); continue; } if (!((phy_change->device_info & @@ -1368,9 +1369,10 @@ _mapping_get_pcie_dev_info(struct mpr_softc *sc, port_change->is_processed = 1; mpr_dprint(sc, MPR_ERROR | MPR_MAPPING, "%s: " "failed to add the device with handle " - "0x%04x because the enclosure is not in " - "the mapping table\n", __func__, - port_change->dev_handle); + "0x%04x because enclosure handle 0x%04x " + "is not in the mapping table\n", __func__, + port_change->dev_handle, + topo_change->enc_handle); continue; } if (!(port_change->device_info & @@ -1609,9 +1611,10 @@ _mapping_add_new_device(struct mpr_softc *sc, phy_change->is_processed = 1; mpr_dprint(sc, MPR_ERROR | MPR_MAPPING, "%s: " "failed to add the device with handle " - "0x%04x because the enclosure is not in " - "the mapping table\n", __func__, - phy_change->dev_handle); + "0x%04x because enclosure handle 0x%04x " + "is not in the mapping table\n", __func__, + phy_change->dev_handle, + topo_change->enc_handle); continue; } @@ -1865,9 +1868,10 @@ _mapping_add_new_pcie_device(struct mpr_softc *sc, port_change->is_processed = 1; mpr_dprint(sc, MPR_ERROR | MPR_MAPPING, "%s: " "failed to add the device with handle " - "0x%04x because the enclosure is not in " - "the mapping table\n", __func__, - port_change->dev_handle); + "0x%04x because enclosure handle 0x%04x " + "is not in the mapping table\n", __func__, + port_change->dev_handle, + topo_change->enc_handle); continue; } @@ -2205,7 +2209,7 @@ mpr_mapping_free_memory(struct mpr_softc *sc) free(sc->dpm_pg0, M_MPR); } -static bool +static void _mapping_process_dpm_pg0(struct mpr_softc *sc) { u8 missing_cnt, enc_idx; @@ -2331,8 +2335,8 @@ _mapping_process_dpm_pg0(struct mpr_softc *sc) MPR_DPM_BAD_IDX) { mpr_dprint(sc, MPR_ERROR | MPR_MAPPING, "%s: Conflict in mapping table for " - " enclosure %d\n", __func__, - enc_idx); + "enclosure %d device %d\n", + __func__, enc_idx, map_idx); goto fail; } physical_id = @@ -2371,20 +2375,26 @@ _mapping_process_dpm_pg0(struct mpr_softc *sc) mt_entry->device_info = MPR_DEV_RESERVED; } } /*close the loop for DPM table */ - return (true); + return; fail: + mpr_dprint(sc, MPR_ERROR | MPR_MAPPING, "%s: " + "Wiping DPM to start from scratch\n", __func__); + dpm_entry = (Mpi2DriverMap0Entry_t *) ((uint8_t *) sc->dpm_pg0 + + sizeof(MPI2_CONFIG_EXTENDED_PAGE_HEADER)); + bzero(dpm_entry, sizeof(Mpi2DriverMap0Entry_t) * sc->max_dpm_entries); for (entry_num = 0; entry_num < sc->max_dpm_entries; entry_num++) { + sc->dpm_flush_entry[entry_num] = 1; sc->dpm_entry_used[entry_num] = 0; /* * for IR firmware, it may be necessary to wipe out * sc->mapping_table volumes tooi */ } + _mapping_flush_dpm_pages(sc); for (enc_idx = 0; enc_idx < sc->num_enc_table_entries; enc_idx++) _mapping_clear_enc_entry(sc->enclosure_table + enc_idx); sc->num_enc_table_entries = 0; - return (false); } /* @@ -2624,10 +2634,8 @@ retry_read_dpm: } } - if (sc->is_dpm_enable) { - if (!_mapping_process_dpm_pg0(sc)) - sc->is_dpm_enable = 0; - } + if (sc->is_dpm_enable) + _mapping_process_dpm_pg0(sc); if (! sc->is_dpm_enable) { mpr_dprint(sc, MPR_MAPPING, "%s: DPM processing is disabled. " "Device mappings will not persist across reboots or " @@ -2823,14 +2831,24 @@ mpr_mapping_enclosure_dev_status_change_event(struct mpr_softc *sc, * and the enclosure has enough space in the Mapping * Table to map its devices. */ - enc_idx = sc->num_enc_table_entries; - if (enc_idx >= sc->max_enclosures) { + if (sc->num_enc_table_entries < sc->max_enclosures) { + enc_idx = sc->num_enc_table_entries; + sc->num_enc_table_entries++; + } else { + enc_idx = _mapping_get_high_missing_et_idx(sc); + if (enc_idx != MPR_ENCTABLE_BAD_IDX) { + et_entry = &sc->enclosure_table[enc_idx]; + _mapping_add_to_removal_table(sc, + et_entry->dpm_entry_num); + _mapping_clear_enc_entry(et_entry); + } + } + if (enc_idx == MPR_ENCTABLE_BAD_IDX) { mpr_dprint(sc, MPR_ERROR | MPR_MAPPING, "%s: " "Enclosure cannot be added to mapping " "table because it's full.\n", __func__); goto out; } - sc->num_enc_table_entries++; et_entry = &sc->enclosure_table[enc_idx]; et_entry->enc_handle = le16toh(event_data-> EnclosureHandle); @@ -2857,8 +2875,9 @@ mpr_mapping_enclosure_dev_status_change_event(struct mpr_softc *sc, le16toh(event_data->EnclosureHandle)); if (enc_idx == MPR_ENCTABLE_BAD_IDX) { mpr_dprint(sc, MPR_ERROR | MPR_MAPPING, "%s: Cannot " - "unmap enclosure %d because it has already been " - "deleted.\n", __func__, enc_idx); + "unmap enclosure with handle 0x%04x because it " + "has already been deleted.\n", __func__, + le16toh(event_data->EnclosureHandle)); goto out; } et_entry = &sc->enclosure_table[enc_idx]; diff --git a/sys/dev/mps/mps_mapping.c b/sys/dev/mps/mps_mapping.c index 71cdb399c271..9e1e0726c574 100644 --- a/sys/dev/mps/mps_mapping.c +++ b/sys/dev/mps/mps_mapping.c @@ -1175,9 +1175,10 @@ _mapping_get_dev_info(struct mps_softc *sc, phy_change->is_processed = 1; mps_dprint(sc, MPS_ERROR | MPS_MAPPING, "%s: " "failed to add the device with handle " - "0x%04x because the enclosure is not in " - "the mapping table\n", __func__, - phy_change->dev_handle); + "0x%04x because enclosure handle 0x%04x " + "is not in the mapping table\n", __func__, + phy_change->dev_handle, + topo_change->enc_handle); continue; } if (!((phy_change->device_info & @@ -1420,9 +1421,10 @@ _mapping_add_new_device(struct mps_softc *sc, phy_change->is_processed = 1; mps_dprint(sc, MPS_ERROR | MPS_MAPPING, "%s: " "failed to add the device with handle " - "0x%04x because the enclosure is not in " - "the mapping table\n", __func__, - phy_change->dev_handle); + "0x%04x because enclosure handle 0x%04x " + "is not in the mapping table\n", __func__, + phy_change->dev_handle, + topo_change->enc_handle); continue; } @@ -1884,8 +1886,8 @@ _mapping_process_dpm_pg0(struct mps_softc *sc) MPS_DPM_BAD_IDX) { mps_dprint(sc, MPS_ERROR | MPS_MAPPING, "%s: Conflict in mapping table for " - " enclosure %d\n", __func__, - enc_idx); + "enclosure %d device %d\n", + __func__, enc_idx, map_idx); break; } physical_id = @@ -2359,14 +2361,24 @@ mps_mapping_enclosure_dev_status_change_event(struct mps_softc *sc, * and the enclosure has enough space in the Mapping * Table to map its devices. */ - enc_idx = sc->num_enc_table_entries; - if (enc_idx >= sc->max_enclosures) { + if (sc->num_enc_table_entries < sc->max_enclosures) { + enc_idx = sc->num_enc_table_entries; + sc->num_enc_table_entries++; + } else { + enc_idx = _mapping_get_high_missing_et_idx(sc); + if (enc_idx != MPS_ENCTABLE_BAD_IDX) { + et_entry = &sc->enclosure_table[enc_idx]; + _mapping_add_to_removal_table(sc, + et_entry->dpm_entry_num); + _mapping_clear_enc_entry(et_entry); + } + } + if (enc_idx == MPS_ENCTABLE_BAD_IDX) { mps_dprint(sc, MPS_ERROR | MPS_MAPPING, "%s: " "Enclosure cannot be added to mapping " "table because it's full.\n", __func__); goto out; } - sc->num_enc_table_entries++; et_entry = &sc->enclosure_table[enc_idx]; et_entry->enc_handle = le16toh(event_data-> EnclosureHandle); @@ -2393,8 +2405,9 @@ mps_mapping_enclosure_dev_status_change_event(struct mps_softc *sc, le16toh(event_data->EnclosureHandle)); if (enc_idx == MPS_ENCTABLE_BAD_IDX) { mps_dprint(sc, MPS_ERROR | MPS_MAPPING, "%s: Cannot " - "unmap enclosure %d because it has already been " - "deleted.\n", __func__, enc_idx); + "unmap enclosure with handle 0x%04x because it " + "has already been deleted.\n", __func__, + le16toh(event_data->EnclosureHandle)); goto out; } et_entry = &sc->enclosure_table[enc_idx]; From owner-dev-commits-src-branches@freebsd.org Mon May 24 15:41:02 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D157863738A; Mon, 24 May 2021 15:41:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FphJG5N7Mz3L3W; Mon, 24 May 2021 15:41:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A0A684BFC; Mon, 24 May 2021 15:41:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14OFf2bn023824; Mon, 24 May 2021 15:41:02 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14OFf2dI023823; Mon, 24 May 2021 15:41:02 GMT (envelope-from git) Date: Mon, 24 May 2021 15:41:02 GMT Message-Id: <202105241541.14OFf2dI023823@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 31424ca0a1d0 - stable/13 - pf: Set the pfik_group for userspace MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 31424ca0a1d02d10011f2d3c32d49c8e8a3e7c96 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 May 2021 15:41:02 -0000 The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=31424ca0a1d02d10011f2d3c32d49c8e8a3e7c96 commit 31424ca0a1d02d10011f2d3c32d49c8e8a3e7c96 Author: Kristof Provost AuthorDate: 2021-05-16 06:50:17 +0000 Commit: Kristof Provost CommitDate: 2021-05-24 15:38:22 +0000 pf: Set the pfik_group for userspace Userspace relies on this pointer to work out if the kif is a group or not. It can't use it for anything else, because it's a pointer to a kernel address. Substitute 0xfeedc0de for 'true', so that we don't leak kernel memory addresses to userspace. PR: 255852 Reviewed by: donner MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D30284 (cherry picked from commit d69cc040147284c414dfd1c9f498dcc7c8291a8b) --- sys/netpfil/pf/pf_if.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/sys/netpfil/pf/pf_if.c b/sys/netpfil/pf/pf_if.c index 4630098221c8..3c9b53daa28c 100644 --- a/sys/netpfil/pf/pf_if.c +++ b/sys/netpfil/pf/pf_if.c @@ -831,6 +831,14 @@ pf_kkif_to_kif(const struct pfi_kkif *kkif, struct pfi_kif *kif) kif->pfik_flags = kkif->pfik_flags; kif->pfik_tzero = kkif->pfik_tzero; kif->pfik_rulerefs = kkif->pfik_rulerefs; + /* + * Userspace relies on this pointer to decide if this is a group or + * not. We don't want to share the actual pointer, because it's + * useless to userspace and leaks kernel memory layout information. + * So instead we provide 0xfeedcode as 'true' and NULL as 'false'. + */ + kif->pfik_group = + kkif->pfik_group ? (struct ifg_group *)0xfeedc0de : NULL; } void From owner-dev-commits-src-branches@freebsd.org Mon May 24 15:41:04 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5F86E63738C; Mon, 24 May 2021 15:41:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FphJJ0RQMz3Kmp; Mon, 24 May 2021 15:41:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id CA4764BFD; Mon, 24 May 2021 15:41:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14OFf3MD023935; Mon, 24 May 2021 15:41:03 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14OFf3dt023934; Mon, 24 May 2021 15:41:03 GMT (envelope-from git) Date: Mon, 24 May 2021 15:41:03 GMT Message-Id: <202105241541.14OFf3dt023934@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: b34127064fde - stable/12 - pf: Set the pfik_group for userspace MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: b34127064fde4d144b6d63dce0eada01563bc562 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 May 2021 15:41:04 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=b34127064fde4d144b6d63dce0eada01563bc562 commit b34127064fde4d144b6d63dce0eada01563bc562 Author: Kristof Provost AuthorDate: 2021-05-16 06:50:17 +0000 Commit: Kristof Provost CommitDate: 2021-05-24 15:40:28 +0000 pf: Set the pfik_group for userspace Userspace relies on this pointer to work out if the kif is a group or not. It can't use it for anything else, because it's a pointer to a kernel address. Substitute 0xfeedc0de for 'true', so that we don't leak kernel memory addresses to userspace. PR: 255852 Reviewed by: donner MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D30284 (cherry picked from commit d69cc040147284c414dfd1c9f498dcc7c8291a8b) --- sys/netpfil/pf/pf_if.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/sys/netpfil/pf/pf_if.c b/sys/netpfil/pf/pf_if.c index 656cdfab6018..9c10be3b3b77 100644 --- a/sys/netpfil/pf/pf_if.c +++ b/sys/netpfil/pf/pf_if.c @@ -817,6 +817,14 @@ pf_kkif_to_kif(const struct pfi_kkif *kkif, struct pfi_kif *kif) kif->pfik_flags = kkif->pfik_flags; kif->pfik_tzero = kkif->pfik_tzero; kif->pfik_rulerefs = kkif->pfik_rulerefs; + /* + * Userspace relies on this pointer to decide if this is a group or + * not. We don't want to share the actual pointer, because it's + * useless to userspace and leaks kernel memory layout information. + * So instead we provide 0xfeedcode as 'true' and NULL as 'false'. + */ + kif->pfik_group = + kkif->pfik_group ? (struct ifg_group *)0xfeedc0de : NULL; } void From owner-dev-commits-src-branches@freebsd.org Mon May 24 15:41:04 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 65CBF636E68; Mon, 24 May 2021 15:41:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FphJH6MXMz3KvH; Mon, 24 May 2021 15:41:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BB3C34D91; Mon, 24 May 2021 15:41:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14OFf3C6023895; Mon, 24 May 2021 15:41:03 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14OFf3h1023888; Mon, 24 May 2021 15:41:03 GMT (envelope-from git) Date: Mon, 24 May 2021 15:41:03 GMT Message-Id: <202105241541.14OFf3h1023888@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 25fa4b8e668f - stable/13 - pf tests: More set skip on tests MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 25fa4b8e668fed449e4c52f2a9be134c067d749c Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 May 2021 15:41:04 -0000 The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=25fa4b8e668fed449e4c52f2a9be134c067d749c commit 25fa4b8e668fed449e4c52f2a9be134c067d749c Author: Kristof Provost AuthorDate: 2021-05-16 06:51:54 +0000 Commit: Kristof Provost CommitDate: 2021-05-24 15:38:22 +0000 pf tests: More set skip on tests Test the specific case reported in PR 255852. Clearing the skip flag on groups was broken because pfctl couldn't work out if a kif was a group or not, because the kernel no longer set the pfik_group pointer. PR: 255852 MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D30285 (cherry picked from commit 45db38554517c7e1b0cc0265113c22f92a0eb494) --- tests/sys/netpfil/pf/set_skip.sh | 46 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/tests/sys/netpfil/pf/set_skip.sh b/tests/sys/netpfil/pf/set_skip.sh index 95c6b6f77825..ce7b1900ae00 100644 --- a/tests/sys/netpfil/pf/set_skip.sh +++ b/tests/sys/netpfil/pf/set_skip.sh @@ -117,9 +117,55 @@ set_skip_dynamic_cleanup() pft_cleanup } +atf_test_case "pr255852" "cleanup" +pr255852_head() +{ + atf_set descr "PR 255852" + atf_set require.user root +} + +pr255852_body() +{ + pft_init + + epair=$(vnet_mkepair) + + ifconfig ${epair}a 192.0.2.1/24 up + + vnet_mkjail alcatraz ${epair}b + jexec alcatraz ifconfig lo0 127.0.0.1/8 up + jexec alcatraz ifconfig ${epair}b 192.0.2.2/24 up + + # Sanity check + atf_check -s exit:0 -o ignore ping -c 1 192.0.2.2 + + jexec alcatraz pfctl -e + pft_set_rules alcatraz "set skip on { lo0, epair }" \ + "block" + jexec alcatraz pfctl -vsI + + # We're skipping on epair, so this should work + atf_check -s exit:0 -o ignore ping -c 1 192.0.2.2 + + # Note: flushing avoid the issue + pft_set_rules noflush alcatraz "set skip on { lo0 }" \ + "block" + + jexec alcatraz pfctl -vsI + + # No longer skipping, so this should fail + atf_check -s exit:2 -o ignore ping -c 1 -t 1 192.0.2.2 +} + +pr255852_cleanup() +{ + pft_cleanup +} + atf_init_test_cases() { atf_add_test_case "set_skip_group" atf_add_test_case "set_skip_group_lo" atf_add_test_case "set_skip_dynamic" + atf_add_test_case "pr255852" } From owner-dev-commits-src-branches@freebsd.org Mon May 24 15:41:05 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9D5DF636E6A; Mon, 24 May 2021 15:41:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FphJK0cGrz3L1T; Mon, 24 May 2021 15:41:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D984C4C2D; Mon, 24 May 2021 15:41:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14OFf4fl023974; Mon, 24 May 2021 15:41:04 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14OFf4ev023972; Mon, 24 May 2021 15:41:04 GMT (envelope-from git) Date: Mon, 24 May 2021 15:41:04 GMT Message-Id: <202105241541.14OFf4ev023972@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 137c43e13edb - stable/13 - dummynet: Remove unused code MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 137c43e13edb1e9530c14697c4154ff6bca94414 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 May 2021 15:41:05 -0000 The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=137c43e13edb1e9530c14697c4154ff6bca94414 commit 137c43e13edb1e9530c14697c4154ff6bca94414 Author: Kristof Provost AuthorDate: 2021-05-17 11:41:39 +0000 Commit: Kristof Provost CommitDate: 2021-05-24 15:38:22 +0000 dummynet: Remove unused code We never set 'busy' and never dequeue from the pending mq. Remove this code. Reviewed by: ae MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30313 (cherry picked from commit 02c44f40f984951fe34a1c5a43f40ff8147c52ca) --- sys/netpfil/ipfw/ip_dn_io.c | 8 -------- sys/netpfil/ipfw/ip_dn_private.h | 7 ------- 2 files changed, 15 deletions(-) diff --git a/sys/netpfil/ipfw/ip_dn_io.c b/sys/netpfil/ipfw/ip_dn_io.c index b439d2679f3c..4a65bd0ef798 100644 --- a/sys/netpfil/ipfw/ip_dn_io.c +++ b/sys/netpfil/ipfw/ip_dn_io.c @@ -870,14 +870,6 @@ dummynet_io(struct mbuf **m0, struct ip_fw_args *fwa) /* we could actually tag outside the lock, but who cares... */ if (tag_mbuf(m, dir, fwa)) goto dropit; - if (dn_cfg.busy) { - /* if the upper half is busy doing something expensive, - * lets queue the packet and move forward - */ - mq_append(&dn_cfg.pending, m); - m = *m0 = NULL; /* consumed */ - goto done; /* already active, nothing to do */ - } /* XXX locate_flowset could be optimised with a direct ref. */ fs = dn_ht_find(dn_cfg.fshash, fs_id, 0, NULL); if (fs == NULL) diff --git a/sys/netpfil/ipfw/ip_dn_private.h b/sys/netpfil/ipfw/ip_dn_private.h index 6e48bc5116a7..e6e699bf35b2 100644 --- a/sys/netpfil/ipfw/ip_dn_private.h +++ b/sys/netpfil/ipfw/ip_dn_private.h @@ -171,13 +171,6 @@ struct dn_parms { int init_done; - /* if the upper half is busy doing something long, - * can set the busy flag and we will enqueue packets in - * a queue for later processing. - */ - int busy; - struct mq pending; - #ifdef _KERNEL /* * This file is normally used in the kernel, unless we do From owner-dev-commits-src-branches@freebsd.org Mon May 24 15:41:08 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1682E636FD0; Mon, 24 May 2021 15:41:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FphJL4Q1Wz3L5m; Mon, 24 May 2021 15:41:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 134CF45FC; Mon, 24 May 2021 15:41:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14OFf5W3024015; Mon, 24 May 2021 15:41:05 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14OFf513024010; Mon, 24 May 2021 15:41:05 GMT (envelope-from git) Date: Mon, 24 May 2021 15:41:05 GMT Message-Id: <202105241541.14OFf513024010@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: a1e6442cbf36 - stable/12 - dummynet: Remove unused code MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: a1e6442cbf365cae458c5579bfefd68852922bf8 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 May 2021 15:41:08 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=a1e6442cbf365cae458c5579bfefd68852922bf8 commit a1e6442cbf365cae458c5579bfefd68852922bf8 Author: Kristof Provost AuthorDate: 2021-05-17 11:41:39 +0000 Commit: Kristof Provost CommitDate: 2021-05-24 15:40:28 +0000 dummynet: Remove unused code We never set 'busy' and never dequeue from the pending mq. Remove this code. Reviewed by: ae MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30313 (cherry picked from commit 02c44f40f984951fe34a1c5a43f40ff8147c52ca) --- sys/netpfil/ipfw/ip_dn_io.c | 8 -------- sys/netpfil/ipfw/ip_dn_private.h | 7 ------- 2 files changed, 15 deletions(-) diff --git a/sys/netpfil/ipfw/ip_dn_io.c b/sys/netpfil/ipfw/ip_dn_io.c index f746023db53c..56a7aa5c4c0c 100644 --- a/sys/netpfil/ipfw/ip_dn_io.c +++ b/sys/netpfil/ipfw/ip_dn_io.c @@ -859,14 +859,6 @@ dummynet_io(struct mbuf **m0, int dir, struct ip_fw_args *fwa) /* we could actually tag outside the lock, but who cares... */ if (tag_mbuf(m, dir, fwa)) goto dropit; - if (dn_cfg.busy) { - /* if the upper half is busy doing something expensive, - * lets queue the packet and move forward - */ - mq_append(&dn_cfg.pending, m); - m = *m0 = NULL; /* consumed */ - goto done; /* already active, nothing to do */ - } /* XXX locate_flowset could be optimised with a direct ref. */ fs = dn_ht_find(dn_cfg.fshash, fs_id, 0, NULL); if (fs == NULL) diff --git a/sys/netpfil/ipfw/ip_dn_private.h b/sys/netpfil/ipfw/ip_dn_private.h index b655a91fe758..86dd5a8a0cbb 100644 --- a/sys/netpfil/ipfw/ip_dn_private.h +++ b/sys/netpfil/ipfw/ip_dn_private.h @@ -171,13 +171,6 @@ struct dn_parms { int init_done; - /* if the upper half is busy doing something long, - * can set the busy flag and we will enqueue packets in - * a queue for later processing. - */ - int busy; - struct mq pending; - #ifdef _KERNEL /* * This file is normally used in the kernel, unless we do From owner-dev-commits-src-branches@freebsd.org Mon May 24 15:41:06 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A2399636EE1; Mon, 24 May 2021 15:41:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FphJK2zzwz3Kl0; Mon, 24 May 2021 15:41:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E0CEA4D92; Mon, 24 May 2021 15:41:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14OFf4QP023973; Mon, 24 May 2021 15:41:04 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14OFf45r023970; Mon, 24 May 2021 15:41:04 GMT (envelope-from git) Date: Mon, 24 May 2021 15:41:04 GMT Message-Id: <202105241541.14OFf45r023970@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: b780106bba6a - stable/12 - pf tests: More set skip on tests MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: b780106bba6ae8f0259c4d134908787ba58eac5b Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 May 2021 15:41:06 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=b780106bba6ae8f0259c4d134908787ba58eac5b commit b780106bba6ae8f0259c4d134908787ba58eac5b Author: Kristof Provost AuthorDate: 2021-05-16 06:51:54 +0000 Commit: Kristof Provost CommitDate: 2021-05-24 15:40:28 +0000 pf tests: More set skip on tests Test the specific case reported in PR 255852. Clearing the skip flag on groups was broken because pfctl couldn't work out if a kif was a group or not, because the kernel no longer set the pfik_group pointer. PR: 255852 MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D30285 (cherry picked from commit 45db38554517c7e1b0cc0265113c22f92a0eb494) --- tests/sys/netpfil/pf/set_skip.sh | 46 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/tests/sys/netpfil/pf/set_skip.sh b/tests/sys/netpfil/pf/set_skip.sh index 67ccff70a750..064f85cbc5af 100755 --- a/tests/sys/netpfil/pf/set_skip.sh +++ b/tests/sys/netpfil/pf/set_skip.sh @@ -92,9 +92,55 @@ set_skip_dynamic_cleanup() pft_cleanup } +atf_test_case "pr255852" "cleanup" +pr255852_head() +{ + atf_set descr "PR 255852" + atf_set require.user root +} + +pr255852_body() +{ + pft_init + + epair=$(vnet_mkepair) + + ifconfig ${epair}a 192.0.2.1/24 up + + vnet_mkjail alcatraz ${epair}b + jexec alcatraz ifconfig lo0 127.0.0.1/8 up + jexec alcatraz ifconfig ${epair}b 192.0.2.2/24 up + + # Sanity check + atf_check -s exit:0 -o ignore ping -c 1 192.0.2.2 + + jexec alcatraz pfctl -e + pft_set_rules alcatraz "set skip on { lo0, epair }" \ + "block" + jexec alcatraz pfctl -vsI + + # We're skipping on epair, so this should work + atf_check -s exit:0 -o ignore ping -c 1 192.0.2.2 + + # Note: flushing avoid the issue + pft_set_rules noflush alcatraz "set skip on { lo0 }" \ + "block" + + jexec alcatraz pfctl -vsI + + # No longer skipping, so this should fail + atf_check -s exit:2 -o ignore ping -c 1 -t 1 192.0.2.2 +} + +pr255852_cleanup() +{ + pft_cleanup +} + atf_init_test_cases() { atf_add_test_case "set_skip_group" atf_add_test_case "set_skip_group_lo" atf_add_test_case "set_skip_dynamic" + atf_add_test_case "pr255852" } From owner-dev-commits-src-branches@freebsd.org Mon May 24 16:44:47 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0B9946386B5; Mon, 24 May 2021 16:44:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fpjjp5JK4z4Vpb; Mon, 24 May 2021 16:44:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9AA1F5B22; Mon, 24 May 2021 16:44:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14OGikUf005476; Mon, 24 May 2021 16:44:46 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14OGik70005475; Mon, 24 May 2021 16:44:46 GMT (envelope-from git) Date: Mon, 24 May 2021 16:44:46 GMT Message-Id: <202105241644.14OGik70005475@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 12801198b8a5 - stable/12 - netpfil tests: Add missing copyright & license statements MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 12801198b8a5894baaab5ed3cde5bc45c3a89e7c Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 May 2021 16:44:47 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=12801198b8a5894baaab5ed3cde5bc45c3a89e7c commit 12801198b8a5894baaab5ed3cde5bc45c3a89e7c Author: Kristof Provost AuthorDate: 2019-10-29 09:47:12 +0000 Commit: Kristof Provost CommitDate: 2021-05-24 15:52:53 +0000 netpfil tests: Add missing copyright & license statements (cherry picked from commit 65d553b0f055e192b80217632a91833c9f509ccf) --- tests/sys/netpfil/common/pft_ping.py | 26 ++++++++++++++++++++++++++ tests/sys/netpfil/common/sniffer.py | 26 ++++++++++++++++++++++++++ tests/sys/netpfil/pf/CVE-2019-5597.py | 25 +++++++++++++++++++++++++ tests/sys/netpfil/pf/CVE-2019-5598.py | 25 +++++++++++++++++++++++++ tests/sys/netpfil/pf/anchor.sh | 25 +++++++++++++++++++++++++ tests/sys/netpfil/pf/echo_inetd.conf | 25 +++++++++++++++++++++++++ tests/sys/netpfil/pf/forward.sh | 25 +++++++++++++++++++++++++ tests/sys/netpfil/pf/fragmentation.sh | 25 +++++++++++++++++++++++++ tests/sys/netpfil/pf/icmp.sh | 25 +++++++++++++++++++++++++ tests/sys/netpfil/pf/names.sh | 25 +++++++++++++++++++++++++ tests/sys/netpfil/pf/nat.sh | 25 +++++++++++++++++++++++++ tests/sys/netpfil/pf/pass_block.sh | 25 +++++++++++++++++++++++++ tests/sys/netpfil/pf/pfsync.sh | 25 +++++++++++++++++++++++++ tests/sys/netpfil/pf/rdr.sh | 25 +++++++++++++++++++++++++ tests/sys/netpfil/pf/route_to.sh | 25 +++++++++++++++++++++++++ tests/sys/netpfil/pf/set_skip.sh | 25 +++++++++++++++++++++++++ tests/sys/netpfil/pf/set_tos.sh | 25 +++++++++++++++++++++++++ tests/sys/netpfil/pf/synproxy.sh | 25 +++++++++++++++++++++++++ tests/sys/netpfil/pf/utils.subr | 24 ++++++++++++++++++++++++ 19 files changed, 476 insertions(+) diff --git a/tests/sys/netpfil/common/pft_ping.py b/tests/sys/netpfil/common/pft_ping.py index a0ca66742f77..fa0ba6c4c1fc 100644 --- a/tests/sys/netpfil/common/pft_ping.py +++ b/tests/sys/netpfil/common/pft_ping.py @@ -1,4 +1,30 @@ #!/usr/bin/env python +# +# SPDX-License-Identifier: BSD-2-Clause +# +# Copyright (c) 2017 Kristof Provost +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# import argparse import logging diff --git a/tests/sys/netpfil/common/sniffer.py b/tests/sys/netpfil/common/sniffer.py index c71f6e1f5729..58df32cce276 100644 --- a/tests/sys/netpfil/common/sniffer.py +++ b/tests/sys/netpfil/common/sniffer.py @@ -1,4 +1,30 @@ # $FreeBSD$ +# +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2017 Kristof Provost +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# import threading import scapy.all as sp diff --git a/tests/sys/netpfil/pf/CVE-2019-5597.py b/tests/sys/netpfil/pf/CVE-2019-5597.py index 6ba56e33ff91..f53fff32ce19 100644 --- a/tests/sys/netpfil/pf/CVE-2019-5597.py +++ b/tests/sys/netpfil/pf/CVE-2019-5597.py @@ -1,4 +1,29 @@ #!/usr/bin/env python +# +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2019 Synacktiv +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. import random import logging diff --git a/tests/sys/netpfil/pf/CVE-2019-5598.py b/tests/sys/netpfil/pf/CVE-2019-5598.py index 5e997a34f9be..6eb8e7862b6b 100644 --- a/tests/sys/netpfil/pf/CVE-2019-5598.py +++ b/tests/sys/netpfil/pf/CVE-2019-5598.py @@ -1,4 +1,29 @@ #!/usr/bin/env python +# +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2019 Kristof Provost +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. import argparse import logging diff --git a/tests/sys/netpfil/pf/anchor.sh b/tests/sys/netpfil/pf/anchor.sh index 93a7d62c7918..7427c07dd17b 100755 --- a/tests/sys/netpfil/pf/anchor.sh +++ b/tests/sys/netpfil/pf/anchor.sh @@ -1,4 +1,29 @@ # $FreeBSD$ +# +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2018 Kristof Provost +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. . $(atf_get_srcdir)/utils.subr diff --git a/tests/sys/netpfil/pf/echo_inetd.conf b/tests/sys/netpfil/pf/echo_inetd.conf index bacad82e8bb1..f5e287b64445 100644 --- a/tests/sys/netpfil/pf/echo_inetd.conf +++ b/tests/sys/netpfil/pf/echo_inetd.conf @@ -1,4 +1,29 @@ # $FreeBSD$ +# +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2019 Kristof Provost +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. echo stream tcp nowait root internal echo stream tcp6 nowait root internal diff --git a/tests/sys/netpfil/pf/forward.sh b/tests/sys/netpfil/pf/forward.sh index 5cb22e9c1384..7d5bde00d137 100755 --- a/tests/sys/netpfil/pf/forward.sh +++ b/tests/sys/netpfil/pf/forward.sh @@ -1,4 +1,29 @@ # $FreeBSD$ +# +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2017 Kristof Provost +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. . $(atf_get_srcdir)/utils.subr diff --git a/tests/sys/netpfil/pf/fragmentation.sh b/tests/sys/netpfil/pf/fragmentation.sh index 1be6a3bc17cd..fe92a2ec88e3 100755 --- a/tests/sys/netpfil/pf/fragmentation.sh +++ b/tests/sys/netpfil/pf/fragmentation.sh @@ -1,4 +1,29 @@ # $FreeBSD$ +# +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2017 Kristof Provost +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. . $(atf_get_srcdir)/utils.subr diff --git a/tests/sys/netpfil/pf/icmp.sh b/tests/sys/netpfil/pf/icmp.sh index fbb62da09efd..65a3d91297bd 100755 --- a/tests/sys/netpfil/pf/icmp.sh +++ b/tests/sys/netpfil/pf/icmp.sh @@ -1,4 +1,29 @@ # $FreeBSD$ +# +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2019 Kristof Provost +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. . $(atf_get_srcdir)/utils.subr diff --git a/tests/sys/netpfil/pf/names.sh b/tests/sys/netpfil/pf/names.sh index 039383a191b4..b2102d644312 100755 --- a/tests/sys/netpfil/pf/names.sh +++ b/tests/sys/netpfil/pf/names.sh @@ -1,4 +1,29 @@ # $FreeBSD$ +# +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2018 Kristof Provost +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. . $(atf_get_srcdir)/utils.subr diff --git a/tests/sys/netpfil/pf/nat.sh b/tests/sys/netpfil/pf/nat.sh index 99a0ca870c85..3fabb32db80f 100755 --- a/tests/sys/netpfil/pf/nat.sh +++ b/tests/sys/netpfil/pf/nat.sh @@ -1,4 +1,29 @@ # $FreeBSD$ +# +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2018 Kristof Provost +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. . $(atf_get_srcdir)/utils.subr diff --git a/tests/sys/netpfil/pf/pass_block.sh b/tests/sys/netpfil/pf/pass_block.sh index e6087320c43b..90f71a29c51b 100755 --- a/tests/sys/netpfil/pf/pass_block.sh +++ b/tests/sys/netpfil/pf/pass_block.sh @@ -1,4 +1,29 @@ # $FreeBSD$ +# +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2018 Kristof Provost +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. . $(atf_get_srcdir)/utils.subr diff --git a/tests/sys/netpfil/pf/pfsync.sh b/tests/sys/netpfil/pf/pfsync.sh index 8b94f6dee29f..a6fc7ec9f7e9 100755 --- a/tests/sys/netpfil/pf/pfsync.sh +++ b/tests/sys/netpfil/pf/pfsync.sh @@ -1,4 +1,29 @@ # $FreeBSD$ +# +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2018 Orange Business Services +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. . $(atf_get_srcdir)/utils.subr diff --git a/tests/sys/netpfil/pf/rdr.sh b/tests/sys/netpfil/pf/rdr.sh index 845ca2d05c95..983abe054a35 100755 --- a/tests/sys/netpfil/pf/rdr.sh +++ b/tests/sys/netpfil/pf/rdr.sh @@ -1,4 +1,29 @@ # $FreeBSD$ +# +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2018 Kristof Provost +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. . $(atf_get_srcdir)/utils.subr diff --git a/tests/sys/netpfil/pf/route_to.sh b/tests/sys/netpfil/pf/route_to.sh index 33c180ce82cf..59b16e35ee6f 100755 --- a/tests/sys/netpfil/pf/route_to.sh +++ b/tests/sys/netpfil/pf/route_to.sh @@ -1,4 +1,29 @@ # $FreeBSD$ +# +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2018 Kristof Provost +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. . $(atf_get_srcdir)/utils.subr diff --git a/tests/sys/netpfil/pf/set_skip.sh b/tests/sys/netpfil/pf/set_skip.sh index 064f85cbc5af..ce7b1900ae00 100755 --- a/tests/sys/netpfil/pf/set_skip.sh +++ b/tests/sys/netpfil/pf/set_skip.sh @@ -1,4 +1,29 @@ # $FreeBSD$ +# +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2018 Kristof Provost +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. . $(atf_get_srcdir)/utils.subr diff --git a/tests/sys/netpfil/pf/set_tos.sh b/tests/sys/netpfil/pf/set_tos.sh index 4f92456cf40d..55d0059aa133 100755 --- a/tests/sys/netpfil/pf/set_tos.sh +++ b/tests/sys/netpfil/pf/set_tos.sh @@ -1,4 +1,29 @@ # $FreeBSD$ +# +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2017 Kristof Provost +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. . $(atf_get_srcdir)/utils.subr diff --git a/tests/sys/netpfil/pf/synproxy.sh b/tests/sys/netpfil/pf/synproxy.sh index 6203723adbe8..aedbb8885129 100755 --- a/tests/sys/netpfil/pf/synproxy.sh +++ b/tests/sys/netpfil/pf/synproxy.sh @@ -1,4 +1,29 @@ # $FreeBSD$ +# +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2018 Kristof Provost +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. . $(atf_get_srcdir)/utils.subr diff --git a/tests/sys/netpfil/pf/utils.subr b/tests/sys/netpfil/pf/utils.subr index 34236335d44a..62e85d5cc463 100644 --- a/tests/sys/netpfil/pf/utils.subr +++ b/tests/sys/netpfil/pf/utils.subr @@ -1,6 +1,30 @@ # $FreeBSD$ # Utility functions ## +# SPDX-License-Identifier: BSD-2-Clause-FreeBSD +# +# Copyright (c) 2017 Kristof Provost +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. . $(atf_get_srcdir)/../../common/vnet.subr From owner-dev-commits-src-branches@freebsd.org Mon May 24 16:44:47 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id DE7556380B4; Mon, 24 May 2021 16:44:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fpjjq5rnVz4Vgp; Mon, 24 May 2021 16:44:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id AE76C5A2C; Mon, 24 May 2021 16:44:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14OGil8E005502; Mon, 24 May 2021 16:44:47 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14OGilXD005501; Mon, 24 May 2021 16:44:47 GMT (envelope-from git) Date: Mon, 24 May 2021 16:44:47 GMT Message-Id: <202105241644.14OGilXD005501@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 621562a0a05f - stable/12 - pf tests: Explicitly ask for python3 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 621562a0a05fcb569fe40548448774ac03396b8a Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 May 2021 16:44:48 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=621562a0a05fcb569fe40548448774ac03396b8a commit 621562a0a05fcb569fe40548448774ac03396b8a Author: Kristof Provost AuthorDate: 2021-02-17 10:45:54 +0000 Commit: Kristof Provost CommitDate: 2021-05-24 16:00:38 +0000 pf tests: Explicitly ask for python3 If we install the scapy package (which we do list as a dependency) we don't automatically install python (but we do have python3). MFC after: 1 week Sponsored by: Rubicon Communications, LLC (“Netgate”’) (cherry picked from commit 4a7d84058d88244c405fc0b73d6985681eb661f5) --- tests/sys/netpfil/common/pft_ping.py | 2 +- tests/sys/netpfil/pf/CVE-2019-5597.py | 2 +- tests/sys/netpfil/pf/CVE-2019-5598.py | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/sys/netpfil/common/pft_ping.py b/tests/sys/netpfil/common/pft_ping.py index fa0ba6c4c1fc..badc451b9d57 100644 --- a/tests/sys/netpfil/common/pft_ping.py +++ b/tests/sys/netpfil/common/pft_ping.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/env python3 # # SPDX-License-Identifier: BSD-2-Clause # diff --git a/tests/sys/netpfil/pf/CVE-2019-5597.py b/tests/sys/netpfil/pf/CVE-2019-5597.py index f53fff32ce19..1b25809cbedf 100644 --- a/tests/sys/netpfil/pf/CVE-2019-5597.py +++ b/tests/sys/netpfil/pf/CVE-2019-5597.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/env python3 # # SPDX-License-Identifier: BSD-2-Clause-FreeBSD # diff --git a/tests/sys/netpfil/pf/CVE-2019-5598.py b/tests/sys/netpfil/pf/CVE-2019-5598.py index 6eb8e7862b6b..603a1aef376f 100644 --- a/tests/sys/netpfil/pf/CVE-2019-5598.py +++ b/tests/sys/netpfil/pf/CVE-2019-5598.py @@ -1,4 +1,4 @@ -#!/usr/bin/env python +#!/usr/bin/env python3 # # SPDX-License-Identifier: BSD-2-Clause-FreeBSD # From owner-dev-commits-src-branches@freebsd.org Tue May 25 05:42:18 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7E49A644AA5; Tue, 25 May 2021 05:42:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fq2yy36z7z3F85; Tue, 25 May 2021 05:42:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 53FA81848B; Tue, 25 May 2021 05:42:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14P5gIRC036416; Tue, 25 May 2021 05:42:18 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14P5gIuO036415; Tue, 25 May 2021 05:42:18 GMT (envelope-from git) Date: Tue, 25 May 2021 05:42:18 GMT Message-Id: <202105250542.14P5gIuO036415@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: 72fe4684e01b - stable/13 - ipfw.8: Fix table example MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 72fe4684e01b0059104de5e6300515f3702ad87c Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2021 05:42:18 -0000 The branch stable/13 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=72fe4684e01b0059104de5e6300515f3702ad87c commit 72fe4684e01b0059104de5e6300515f3702ad87c Author: Lutz Donnerhacke AuthorDate: 2021-05-10 18:31:52 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-25 05:41:37 +0000 ipfw.8: Fix table example Fix some erronous lines in the example section. PR: 248943 Submitted by: Jose Luis Duran Reviewers: ae, manpages (gbe) Differential Revision: https://reviews.freebsd.org/D30191 (cherry picked from commit 802637be06457c7593692bdf79f8466fa5f54d4a) --- sbin/ipfw/ipfw.8 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/sbin/ipfw/ipfw.8 b/sbin/ipfw/ipfw.8 index d2c4885bc119..ef718c247896 100644 --- a/sbin/ipfw/ipfw.8 +++ b/sbin/ipfw/ipfw.8 @@ -1,7 +1,7 @@ .\" .\" $FreeBSD$ .\" -.Dd August 21, 2020 +.Dd May 11, 2021 .Dt IPFW 8 .Os .Sh NAME @@ -4451,11 +4451,11 @@ Using the .Cm fwd action, the table entries may include hostnames and IP addresses. .Pp -.Dl "ipfw table T2 create type addr ftype ip" +.Dl "ipfw table T2 create type addr valtype ipv4" .Dl "ipfw table T2 add 192.168.2.0/24 10.23.2.1" -.Dl "ipfw table T21 add 192.168.0.0/27 router1.dmz" +.Dl "ipfw table T2 add 192.168.0.0/27 router1.dmz" .Dl "..." -.Dl "ipfw add 100 fwd tablearg ip from any to table(1)" +.Dl "ipfw add 100 fwd tablearg ip from any to 'table(T2)'" .Pp In the following example per-interface firewall is created: .Pp From owner-dev-commits-src-branches@freebsd.org Tue May 25 05:46:51 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 28737644E9D; Tue, 25 May 2021 05:46:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fq34C0S5mz3FcZ; Tue, 25 May 2021 05:46:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id EBD7918160; Tue, 25 May 2021 05:46:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14P5koeB037612; Tue, 25 May 2021 05:46:50 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14P5koMY037611; Tue, 25 May 2021 05:46:50 GMT (envelope-from git) Date: Tue, 25 May 2021 05:46:50 GMT Message-Id: <202105250546.14P5koMY037611@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: 86f699f4a360 - stable/12 - ipfw.8: Fix table example MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 86f699f4a360c58e2441856052421dbb45991f23 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2021 05:46:51 -0000 The branch stable/12 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=86f699f4a360c58e2441856052421dbb45991f23 commit 86f699f4a360c58e2441856052421dbb45991f23 Author: Lutz Donnerhacke AuthorDate: 2021-05-10 18:31:52 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-25 05:46:32 +0000 ipfw.8: Fix table example Fix some erronous lines in the example section. PR: 248943 Submitted by: Jose Luis Duran Reviewers: ae, manpages (gbe) Differential Revision: https://reviews.freebsd.org/D30191 (cherry picked from commit 802637be06457c7593692bdf79f8466fa5f54d4a) --- sbin/ipfw/ipfw.8 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/sbin/ipfw/ipfw.8 b/sbin/ipfw/ipfw.8 index d2c4885bc119..ef718c247896 100644 --- a/sbin/ipfw/ipfw.8 +++ b/sbin/ipfw/ipfw.8 @@ -1,7 +1,7 @@ .\" .\" $FreeBSD$ .\" -.Dd August 21, 2020 +.Dd May 11, 2021 .Dt IPFW 8 .Os .Sh NAME @@ -4451,11 +4451,11 @@ Using the .Cm fwd action, the table entries may include hostnames and IP addresses. .Pp -.Dl "ipfw table T2 create type addr ftype ip" +.Dl "ipfw table T2 create type addr valtype ipv4" .Dl "ipfw table T2 add 192.168.2.0/24 10.23.2.1" -.Dl "ipfw table T21 add 192.168.0.0/27 router1.dmz" +.Dl "ipfw table T2 add 192.168.0.0/27 router1.dmz" .Dl "..." -.Dl "ipfw add 100 fwd tablearg ip from any to table(1)" +.Dl "ipfw add 100 fwd tablearg ip from any to 'table(T2)'" .Pp In the following example per-interface firewall is created: .Pp From owner-dev-commits-src-branches@freebsd.org Tue May 25 05:49:55 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 475B464496E; Tue, 25 May 2021 05:49:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fq37l1Z60z3HJZ; Tue, 25 May 2021 05:49:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1E10A1844F; Tue, 25 May 2021 05:49:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14P5ntbQ037929; Tue, 25 May 2021 05:49:55 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14P5nt2d037928; Tue, 25 May 2021 05:49:55 GMT (envelope-from git) Date: Tue, 25 May 2021 05:49:55 GMT Message-Id: <202105250549.14P5nt2d037928@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: 0f6a5de5c7f0 - stable/11 - ipfw.8: Fix table example MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/11 X-Git-Reftype: branch X-Git-Commit: 0f6a5de5c7f05ac7ed660459944118c9386b2f09 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2021 05:49:55 -0000 The branch stable/11 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=0f6a5de5c7f05ac7ed660459944118c9386b2f09 commit 0f6a5de5c7f05ac7ed660459944118c9386b2f09 Author: Lutz Donnerhacke AuthorDate: 2021-05-10 18:31:52 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-25 05:49:12 +0000 ipfw.8: Fix table example Fix some erronous lines in the example section. PR: 248943 Submitted by: Jose Luis Duran Reviewers: ae, manpages (gbe) Differential Revision: https://reviews.freebsd.org/D30191 (cherry picked from commit 802637be06457c7593692bdf79f8466fa5f54d4a) --- sbin/ipfw/ipfw.8 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/sbin/ipfw/ipfw.8 b/sbin/ipfw/ipfw.8 index 3f92bd4d759a..4cdd7b63849f 100644 --- a/sbin/ipfw/ipfw.8 +++ b/sbin/ipfw/ipfw.8 @@ -1,7 +1,7 @@ .\" .\" $FreeBSD$ .\" -.Dd June 21, 2019 +.Dd May 11, 2021 .Dt IPFW 8 .Os .Sh NAME @@ -4400,11 +4400,11 @@ Using the .Cm fwd action, the table entries may include hostnames and IP addresses. .Pp -.Dl "ipfw table T2 create type addr ftype ip" +.Dl "ipfw table T2 create type addr valtype ipv4" .Dl "ipfw table T2 add 192.168.2.0/24 10.23.2.1" -.Dl "ipfw table T21 add 192.168.0.0/27 router1.dmz" +.Dl "ipfw table T2 add 192.168.0.0/27 router1.dmz" .Dl "..." -.Dl "ipfw add 100 fwd tablearg ip from any to table(1)" +.Dl "ipfw add 100 fwd tablearg ip from any to 'table(T2)'" .Pp In the following example per-interface firewall is created: .Pp From owner-dev-commits-src-branches@freebsd.org Tue May 25 07:31:03 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 32E2C645E69; Tue, 25 May 2021 07:31:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fq5NR0Z57z4dQp; Tue, 25 May 2021 07:31:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id EF4AB196BE; Tue, 25 May 2021 07:31:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14P7V2u6082575; Tue, 25 May 2021 07:31:02 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14P7V2hH082574; Tue, 25 May 2021 07:31:02 GMT (envelope-from git) Date: Tue, 25 May 2021 07:31:02 GMT Message-Id: <202105250731.14P7V2hH082574@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: 4abc8e0a7335 - stable/13 - ttydev_write: prevent stops while terminal is busied MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 4abc8e0a7335e2e79e3bb03eaed660ddc9c72bba Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2021 07:31:03 -0000 The branch stable/13 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=4abc8e0a7335e2e79e3bb03eaed660ddc9c72bba commit 4abc8e0a7335e2e79e3bb03eaed660ddc9c72bba Author: Konstantin Belousov AuthorDate: 2021-05-13 01:35:06 +0000 Commit: Konstantin Belousov CommitDate: 2021-05-25 07:15:51 +0000 ttydev_write: prevent stops while terminal is busied PR: 255816 (cherry picked from commit 8cf912b017a04a2eec01fbaa1f7b9ef556403ede) --- sys/kern/tty.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sys/kern/tty.c b/sys/kern/tty.c index 00b4df675311..8700eb8f9ef1 100644 --- a/sys/kern/tty.c +++ b/sys/kern/tty.c @@ -525,7 +525,7 @@ static int ttydev_write(struct cdev *dev, struct uio *uio, int ioflag) { struct tty *tp = dev->si_drv1; - int error; + int defer, error; error = ttydev_enter(tp); if (error) @@ -549,7 +549,9 @@ ttydev_write(struct cdev *dev, struct uio *uio, int ioflag) } tp->t_flags |= TF_BUSY_OUT; + defer = sigdeferstop(SIGDEFERSTOP_ERESTART); error = ttydisc_write(tp, uio, ioflag); + sigallowstop(defer); tp->t_flags &= ~TF_BUSY_OUT; cv_signal(&tp->t_outserwait); } From owner-dev-commits-src-branches@freebsd.org Tue May 25 07:31:04 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 77EA66462CD; Tue, 25 May 2021 07:31:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fq5NS1ZGZz4dDX; Tue, 25 May 2021 07:31:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1D5AB1967D; Tue, 25 May 2021 07:31:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14P7V4S6082596; Tue, 25 May 2021 07:31:04 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14P7V4NE082595; Tue, 25 May 2021 07:31:04 GMT (envelope-from git) Date: Tue, 25 May 2021 07:31:04 GMT Message-Id: <202105250731.14P7V4NE082595@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: b1304759ec58 - stable/13 - kern_descrip.c: Style MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: b1304759ec5897f56626a8b81b3e4b8a78e47b89 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2021 07:31:04 -0000 The branch stable/13 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=b1304759ec5897f56626a8b81b3e4b8a78e47b89 commit b1304759ec5897f56626a8b81b3e4b8a78e47b89 Author: Konstantin Belousov AuthorDate: 2021-05-14 23:22:22 +0000 Commit: Konstantin Belousov CommitDate: 2021-05-25 07:15:51 +0000 kern_descrip.c: Style (cherry picked from commit 70c05850e276624bb3eb928fa52160712909ec7b) --- sys/kern/kern_descrip.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c index 30ac40ffe296..168bddda9c45 100644 --- a/sys/kern/kern_descrip.c +++ b/sys/kern/kern_descrip.c @@ -4405,17 +4405,20 @@ kern_proc_filedesc_out(struct proc *p, struct sbuf *sb, ssize_t maxlen, /* working directory */ if (pwd->pwd_cdir != NULL) { vrefact(pwd->pwd_cdir); - export_vnode_to_sb(pwd->pwd_cdir, KF_FD_TYPE_CWD, FREAD, efbuf); + export_vnode_to_sb(pwd->pwd_cdir, KF_FD_TYPE_CWD, + FREAD, efbuf); } /* root directory */ if (pwd->pwd_rdir != NULL) { vrefact(pwd->pwd_rdir); - export_vnode_to_sb(pwd->pwd_rdir, KF_FD_TYPE_ROOT, FREAD, efbuf); + export_vnode_to_sb(pwd->pwd_rdir, KF_FD_TYPE_ROOT, + FREAD, efbuf); } /* jail directory */ if (pwd->pwd_jdir != NULL) { vrefact(pwd->pwd_jdir); - export_vnode_to_sb(pwd->pwd_jdir, KF_FD_TYPE_JAIL, FREAD, efbuf); + export_vnode_to_sb(pwd->pwd_jdir, KF_FD_TYPE_JAIL, + FREAD, efbuf); } } PWDDESC_XUNLOCK(pdp); From owner-dev-commits-src-branches@freebsd.org Tue May 25 07:45:40 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 45518646C03; Tue, 25 May 2021 07:45:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fq5jJ1WH4z4j8M; Tue, 25 May 2021 07:45:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1CCDB19BED; Tue, 25 May 2021 07:45:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14P7jedp098295; Tue, 25 May 2021 07:45:40 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14P7jePY098294; Tue, 25 May 2021 07:45:40 GMT (envelope-from git) Date: Tue, 25 May 2021 07:45:40 GMT Message-Id: <202105250745.14P7jePY098294@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: c66c9ae5dc4b - stable/12 - ttydev_write: prevent stops while terminal is busied MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: c66c9ae5dc4b11de990fd50627f62398ec88e8d1 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2021 07:45:40 -0000 The branch stable/12 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=c66c9ae5dc4b11de990fd50627f62398ec88e8d1 commit c66c9ae5dc4b11de990fd50627f62398ec88e8d1 Author: Konstantin Belousov AuthorDate: 2021-05-13 01:35:06 +0000 Commit: Konstantin Belousov CommitDate: 2021-05-25 07:32:13 +0000 ttydev_write: prevent stops while terminal is busied PR: 255816 (cherry picked from commit 8cf912b017a04a2eec01fbaa1f7b9ef556403ede) --- sys/kern/tty.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sys/kern/tty.c b/sys/kern/tty.c index eea5d1b26ddd..f80ffd4921e6 100644 --- a/sys/kern/tty.c +++ b/sys/kern/tty.c @@ -515,7 +515,7 @@ static int ttydev_write(struct cdev *dev, struct uio *uio, int ioflag) { struct tty *tp = dev->si_drv1; - int error; + int defer, error; error = ttydev_enter(tp); if (error) @@ -539,7 +539,9 @@ ttydev_write(struct cdev *dev, struct uio *uio, int ioflag) } tp->t_flags |= TF_BUSY_OUT; + defer = sigdeferstop(SIGDEFERSTOP_ERESTART); error = ttydisc_write(tp, uio, ioflag); + sigallowstop(defer); tp->t_flags &= ~TF_BUSY_OUT; cv_signal(&tp->t_outserwait); } From owner-dev-commits-src-branches@freebsd.org Tue May 25 13:28:17 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7D31064CB86; Tue, 25 May 2021 13:28:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FqFJd38DBz4Zpm; Tue, 25 May 2021 13:28:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 54D021E683; Tue, 25 May 2021 13:28:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14PDSHK4053068; Tue, 25 May 2021 13:28:17 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14PDSHhI053067; Tue, 25 May 2021 13:28:17 GMT (envelope-from git) Date: Tue, 25 May 2021 13:28:17 GMT Message-Id: <202105251328.14PDSHhI053067@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: e53b671b4f75 - stable/13 - socket: Release cred reference later in sodealloc() MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: e53b671b4f75fe86ace1cb78566ccdbdb56aad01 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2021 13:28:17 -0000 The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=e53b671b4f75fe86ace1cb78566ccdbdb56aad01 commit e53b671b4f75fe86ace1cb78566ccdbdb56aad01 Author: Lv Yunlong AuthorDate: 2021-05-18 19:23:15 +0000 Commit: Mark Johnston CommitDate: 2021-05-25 13:26:00 +0000 socket: Release cred reference later in sodealloc() We dereference so->so_cred to update the per-uid socket buffer accounting, so the crfree() call must be deferred until after that point. PR: 255869 (cherry picked from commit b295c5ddcef4744ef7044d2327b4258b6ad055f0) --- sys/kern/uipc_socket.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c index 7f06b51cf096..3436004b53a6 100644 --- a/sys/kern/uipc_socket.c +++ b/sys/kern/uipc_socket.c @@ -475,7 +475,6 @@ sodealloc(struct socket *so) #endif hhook_run_socket(so, NULL, HHOOK_SOCKET_CLOSE); - crfree(so->so_cred); khelp_destroy_osd(&so->osd); if (SOLISTENING(so)) { if (so->sol_accept_filter != NULL) @@ -492,6 +491,7 @@ sodealloc(struct socket *so) SOCKBUF_LOCK_DESTROY(&so->so_snd); SOCKBUF_LOCK_DESTROY(&so->so_rcv); } + crfree(so->so_cred); mtx_destroy(&so->so_lock); uma_zfree(socket_zone, so); } From owner-dev-commits-src-branches@freebsd.org Tue May 25 13:28:18 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B186164C4F6; Tue, 25 May 2021 13:28:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FqFJf4VVRz4Zk0; Tue, 25 May 2021 13:28:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 75BEE1E162; Tue, 25 May 2021 13:28:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14PDSIG3053089; Tue, 25 May 2021 13:28:18 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14PDSIKV053088; Tue, 25 May 2021 13:28:18 GMT (envelope-from git) Date: Tue, 25 May 2021 13:28:18 GMT Message-Id: <202105251328.14PDSIKV053088@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: b14db362bbd2 - stable/13 - dummynet: Fix mbuf tag allocation failure handling MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: b14db362bbd20e5a3d97d121c403b72473fdc733 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2021 13:28:18 -0000 The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=b14db362bbd20e5a3d97d121c403b72473fdc733 commit b14db362bbd20e5a3d97d121c403b72473fdc733 Author: Mark Johnston AuthorDate: 2021-05-18 19:22:21 +0000 Commit: Mark Johnston CommitDate: 2021-05-25 13:26:09 +0000 dummynet: Fix mbuf tag allocation failure handling PR: 255875, 255878, 255879, 255880 Reviewed by: donner, kp Sponsored by: The FreeBSD Foundation (cherry picked from commit c4a6258d70f73c27d8f0c6233edbcc609791806b) --- sys/netpfil/ipfw/dn_aqm_codel.c | 4 +--- sys/netpfil/ipfw/dn_aqm_pie.c | 6 +++--- sys/netpfil/ipfw/dn_sched_fq_codel.c | 4 +--- sys/netpfil/ipfw/dn_sched_fq_pie.c | 6 +++--- 4 files changed, 8 insertions(+), 12 deletions(-) diff --git a/sys/netpfil/ipfw/dn_aqm_codel.c b/sys/netpfil/ipfw/dn_aqm_codel.c index 4b921f0f52c8..a1f90461ecab 100644 --- a/sys/netpfil/ipfw/dn_aqm_codel.c +++ b/sys/netpfil/ipfw/dn_aqm_codel.c @@ -256,10 +256,8 @@ aqm_codel_enqueue(struct dn_queue *q, struct mbuf *m) if (mtag == NULL) mtag = m_tag_alloc(MTAG_ABI_COMPAT, DN_AQM_MTAG_TS, sizeof(aqm_time_t), M_NOWAIT); - if (mtag == NULL) { - m_freem(m); + if (mtag == NULL) goto drop; - } *(aqm_time_t *)(mtag + 1) = AQM_UNOW; m_tag_prepend(m, mtag); diff --git a/sys/netpfil/ipfw/dn_aqm_pie.c b/sys/netpfil/ipfw/dn_aqm_pie.c index abd5bbf0eb9a..2d5d500e275c 100644 --- a/sys/netpfil/ipfw/dn_aqm_pie.c +++ b/sys/netpfil/ipfw/dn_aqm_pie.c @@ -542,11 +542,11 @@ aqm_pie_enqueue(struct dn_queue *q, struct mbuf* m) mtag = m_tag_alloc(MTAG_ABI_COMPAT, DN_AQM_MTAG_TS, sizeof(aqm_time_t), M_NOWAIT); if (mtag == NULL) { - m_freem(m); t = DROP; + } else { + *(aqm_time_t *)(mtag + 1) = AQM_UNOW; + m_tag_prepend(m, mtag); } - *(aqm_time_t *)(mtag + 1) = AQM_UNOW; - m_tag_prepend(m, mtag); } if (t != DROP) { diff --git a/sys/netpfil/ipfw/dn_sched_fq_codel.c b/sys/netpfil/ipfw/dn_sched_fq_codel.c index 5580dd91bbfe..bc61be867d36 100644 --- a/sys/netpfil/ipfw/dn_sched_fq_codel.c +++ b/sys/netpfil/ipfw/dn_sched_fq_codel.c @@ -189,10 +189,8 @@ codel_enqueue(struct fq_codel_flow *q, struct mbuf *m, struct fq_codel_si *si) if (mtag == NULL) mtag = m_tag_alloc(MTAG_ABI_COMPAT, DN_AQM_MTAG_TS, sizeof(aqm_time_t), M_NOWAIT); - if (mtag == NULL) { - m_freem(m); + if (mtag == NULL) goto drop; - } *(aqm_time_t *)(mtag + 1) = AQM_UNOW; m_tag_prepend(m, mtag); diff --git a/sys/netpfil/ipfw/dn_sched_fq_pie.c b/sys/netpfil/ipfw/dn_sched_fq_pie.c index 257dada44345..809ca2b5f4e8 100644 --- a/sys/netpfil/ipfw/dn_sched_fq_pie.c +++ b/sys/netpfil/ipfw/dn_sched_fq_pie.c @@ -734,11 +734,11 @@ pie_enqueue(struct fq_pie_flow *q, struct mbuf* m, struct fq_pie_si *si) mtag = m_tag_alloc(MTAG_ABI_COMPAT, DN_AQM_MTAG_TS, sizeof(aqm_time_t), M_NOWAIT); if (mtag == NULL) { - m_freem(m); t = DROP; + } else { + *(aqm_time_t *)(mtag + 1) = AQM_UNOW; + m_tag_prepend(m, mtag); } - *(aqm_time_t *)(mtag + 1) = AQM_UNOW; - m_tag_prepend(m, mtag); } if (t != DROP) { From owner-dev-commits-src-branches@freebsd.org Tue May 25 13:29:15 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3B6BB64CAAE; Tue, 25 May 2021 13:29:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FqFKl0BNgz4b0t; Tue, 25 May 2021 13:29:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8074E1E4C3; Tue, 25 May 2021 13:29:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14PDTEHH053347; Tue, 25 May 2021 13:29:14 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14PDTE6Z053346; Tue, 25 May 2021 13:29:14 GMT (envelope-from git) Date: Tue, 25 May 2021 13:29:14 GMT Message-Id: <202105251329.14PDTE6Z053346@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 3a84efbedca5 - stable/12 - socket: Release cred reference later in sodealloc() MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 3a84efbedca5c8c45e40bdcaa4e1ae0e15fff94d Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2021 13:29:15 -0000 The branch stable/12 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=3a84efbedca5c8c45e40bdcaa4e1ae0e15fff94d commit 3a84efbedca5c8c45e40bdcaa4e1ae0e15fff94d Author: Lv Yunlong AuthorDate: 2021-05-18 19:23:15 +0000 Commit: Mark Johnston CommitDate: 2021-05-25 13:28:54 +0000 socket: Release cred reference later in sodealloc() We dereference so->so_cred to update the per-uid socket buffer accounting, so the crfree() call must be deferred until after that point. PR: 255869 (cherry picked from commit b295c5ddcef4744ef7044d2327b4258b6ad055f0) --- sys/kern/uipc_socket.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c index ab05da880e46..dd028c660d2b 100644 --- a/sys/kern/uipc_socket.c +++ b/sys/kern/uipc_socket.c @@ -467,7 +467,6 @@ sodealloc(struct socket *so) #endif hhook_run_socket(so, NULL, HHOOK_SOCKET_CLOSE); - crfree(so->so_cred); khelp_destroy_osd(&so->osd); if (SOLISTENING(so)) { if (so->sol_accept_filter != NULL) @@ -484,6 +483,7 @@ sodealloc(struct socket *so) SOCKBUF_LOCK_DESTROY(&so->so_snd); SOCKBUF_LOCK_DESTROY(&so->so_rcv); } + crfree(so->so_cred); mtx_destroy(&so->so_lock); uma_zfree(socket_zone, so); } From owner-dev-commits-src-branches@freebsd.org Tue May 25 13:29:17 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2B0DA64C67B; Tue, 25 May 2021 13:29:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FqFKm1kP3z4b37; Tue, 25 May 2021 13:29:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A1E7E1E4C4; Tue, 25 May 2021 13:29:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14PDTFuW053368; Tue, 25 May 2021 13:29:15 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14PDTF1m053367; Tue, 25 May 2021 13:29:15 GMT (envelope-from git) Date: Tue, 25 May 2021 13:29:15 GMT Message-Id: <202105251329.14PDTF1m053367@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 419a11681c22 - stable/12 - dummynet: Fix mbuf tag allocation failure handling MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 419a11681c22ce12d3b9a4ab9ab45ff6b7c4ce83 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2021 13:29:17 -0000 The branch stable/12 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=419a11681c22ce12d3b9a4ab9ab45ff6b7c4ce83 commit 419a11681c22ce12d3b9a4ab9ab45ff6b7c4ce83 Author: Mark Johnston AuthorDate: 2021-05-18 19:22:21 +0000 Commit: Mark Johnston CommitDate: 2021-05-25 13:29:00 +0000 dummynet: Fix mbuf tag allocation failure handling PR: 255875, 255878, 255879, 255880 Reviewed by: donner, kp Sponsored by: The FreeBSD Foundation (cherry picked from commit c4a6258d70f73c27d8f0c6233edbcc609791806b) --- sys/netpfil/ipfw/dn_aqm_codel.c | 4 +--- sys/netpfil/ipfw/dn_aqm_pie.c | 6 +++--- sys/netpfil/ipfw/dn_sched_fq_codel.c | 4 +--- sys/netpfil/ipfw/dn_sched_fq_pie.c | 6 +++--- 4 files changed, 8 insertions(+), 12 deletions(-) diff --git a/sys/netpfil/ipfw/dn_aqm_codel.c b/sys/netpfil/ipfw/dn_aqm_codel.c index a095b33b0833..8e90dcdb1e5b 100644 --- a/sys/netpfil/ipfw/dn_aqm_codel.c +++ b/sys/netpfil/ipfw/dn_aqm_codel.c @@ -253,10 +253,8 @@ aqm_codel_enqueue(struct dn_queue *q, struct mbuf *m) if (mtag == NULL) mtag = m_tag_alloc(MTAG_ABI_COMPAT, DN_AQM_MTAG_TS, sizeof(aqm_time_t), M_NOWAIT); - if (mtag == NULL) { - m_freem(m); + if (mtag == NULL) goto drop; - } *(aqm_time_t *)(mtag + 1) = AQM_UNOW; m_tag_prepend(m, mtag); diff --git a/sys/netpfil/ipfw/dn_aqm_pie.c b/sys/netpfil/ipfw/dn_aqm_pie.c index c306a4caac9d..e106fd0121f3 100644 --- a/sys/netpfil/ipfw/dn_aqm_pie.c +++ b/sys/netpfil/ipfw/dn_aqm_pie.c @@ -543,11 +543,11 @@ aqm_pie_enqueue(struct dn_queue *q, struct mbuf* m) mtag = m_tag_alloc(MTAG_ABI_COMPAT, DN_AQM_MTAG_TS, sizeof(aqm_time_t), M_NOWAIT); if (mtag == NULL) { - m_freem(m); t = DROP; + } else { + *(aqm_time_t *)(mtag + 1) = AQM_UNOW; + m_tag_prepend(m, mtag); } - *(aqm_time_t *)(mtag + 1) = AQM_UNOW; - m_tag_prepend(m, mtag); } if (t != DROP) { diff --git a/sys/netpfil/ipfw/dn_sched_fq_codel.c b/sys/netpfil/ipfw/dn_sched_fq_codel.c index 44610aaf9740..d2fe6a76f1cc 100644 --- a/sys/netpfil/ipfw/dn_sched_fq_codel.c +++ b/sys/netpfil/ipfw/dn_sched_fq_codel.c @@ -187,10 +187,8 @@ codel_enqueue(struct fq_codel_flow *q, struct mbuf *m, struct fq_codel_si *si) if (mtag == NULL) mtag = m_tag_alloc(MTAG_ABI_COMPAT, DN_AQM_MTAG_TS, sizeof(aqm_time_t), M_NOWAIT); - if (mtag == NULL) { - m_freem(m); + if (mtag == NULL) goto drop; - } *(aqm_time_t *)(mtag + 1) = AQM_UNOW; m_tag_prepend(m, mtag); diff --git a/sys/netpfil/ipfw/dn_sched_fq_pie.c b/sys/netpfil/ipfw/dn_sched_fq_pie.c index 2f61ca3de94e..c791ee333bc6 100644 --- a/sys/netpfil/ipfw/dn_sched_fq_pie.c +++ b/sys/netpfil/ipfw/dn_sched_fq_pie.c @@ -736,11 +736,11 @@ pie_enqueue(struct fq_pie_flow *q, struct mbuf* m, struct fq_pie_si *si) mtag = m_tag_alloc(MTAG_ABI_COMPAT, DN_AQM_MTAG_TS, sizeof(aqm_time_t), M_NOWAIT); if (mtag == NULL) { - m_freem(m); t = DROP; + } else { + *(aqm_time_t *)(mtag + 1) = AQM_UNOW; + m_tag_prepend(m, mtag); } - *(aqm_time_t *)(mtag + 1) = AQM_UNOW; - m_tag_prepend(m, mtag); } if (t != DROP) { From owner-dev-commits-src-branches@freebsd.org Tue May 25 14:13:34 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A13D464D16C; Tue, 25 May 2021 14:13:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FqGJt49GDz4s6R; Tue, 25 May 2021 14:13:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7741F1EB5B; Tue, 25 May 2021 14:13:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14PEDYWP020020; Tue, 25 May 2021 14:13:34 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14PEDYbu020019; Tue, 25 May 2021 14:13:34 GMT (envelope-from git) Date: Tue, 25 May 2021 14:13:34 GMT Message-Id: <202105251413.14PEDYbu020019@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Tai-hwa Liang Subject: git: 34033bc5b9fa - stable/10 - if_firewire: fixing panic upon packet reception for VNET build MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: avatar X-Git-Repository: src X-Git-Refname: refs/heads/stable/10 X-Git-Reftype: branch X-Git-Commit: 34033bc5b9fa8eaf3b12759227bf6f82328e5f00 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2021 14:13:34 -0000 The branch stable/10 has been updated by avatar: URL: https://cgit.FreeBSD.org/src/commit/?id=34033bc5b9fa8eaf3b12759227bf6f82328e5f00 commit 34033bc5b9fa8eaf3b12759227bf6f82328e5f00 Author: Tai-hwa Liang AuthorDate: 2021-04-10 15:32:27 +0000 Commit: Tai-hwa Liang CommitDate: 2021-05-17 10:29:12 +0000 if_firewire: fixing panic upon packet reception for VNET build netisr_dispatch_src() needs valid VNET pointer or firewire_input() will panic when receiving a packet. Reviewed by: glebius MFC after: 2 weeks (cherry picked from commit d9b61e7153c64b141436b4d9619b166c6d35a0a6) --- sys/net/if_fwsubr.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sys/net/if_fwsubr.c b/sys/net/if_fwsubr.c index ba26cb40f621..c85ffd02b351 100644 --- a/sys/net/if_fwsubr.c +++ b/sys/net/if_fwsubr.c @@ -628,7 +628,9 @@ firewire_input(struct ifnet *ifp, struct mbuf *m, uint16_t src) } M_SETFIB(m, ifp->if_fib); + CURVNET_SET_QUIET(ifp->if_vnet); netisr_dispatch(isr, m); + CURVNET_RESTORE(); } int From owner-dev-commits-src-branches@freebsd.org Tue May 25 14:13:35 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C0AC764D890; Tue, 25 May 2021 14:13:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FqGJv50M6z4s8f; Tue, 25 May 2021 14:13:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 930271EBEA; Tue, 25 May 2021 14:13:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14PEDZWX020041; Tue, 25 May 2021 14:13:35 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14PEDZqh020040; Tue, 25 May 2021 14:13:35 GMT (envelope-from git) Date: Tue, 25 May 2021 14:13:35 GMT Message-Id: <202105251413.14PEDZqh020040@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Tai-hwa Liang Subject: git: 28cce1d5b5f5 - stable/10 - arp(8): fixing the deletion failure of IEEE1394 associated addresses MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: avatar X-Git-Repository: src X-Git-Refname: refs/heads/stable/10 X-Git-Reftype: branch X-Git-Commit: 28cce1d5b5f5636459f6fa4b99d32139af8ecd2b Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 May 2021 14:13:35 -0000 The branch stable/10 has been updated by avatar: URL: https://cgit.FreeBSD.org/src/commit/?id=28cce1d5b5f5636459f6fa4b99d32139af8ecd2b commit 28cce1d5b5f5636459f6fa4b99d32139af8ecd2b Author: Tai-hwa Liang AuthorDate: 2021-04-12 06:27:03 +0000 Commit: Tai-hwa Liang CommitDate: 2021-05-17 10:29:37 +0000 arp(8): fixing the deletion failure of IEEE1394 associated addresses Without this, 'arp -d ${IEEE1394_ADDRESS}' gives the following error: arp: delete: cannot locate 10.0.0.71 Reviewed by: glebius MFC after: 2 weeks (cherry picked from commit a0d6d0d0b9aba6d4c025b2f2807e7c4b4c4b2415) --- usr.sbin/arp/arp.c | 1 + 1 file changed, 1 insertion(+) diff --git a/usr.sbin/arp/arp.c b/usr.sbin/arp/arp.c index 2d2fe893c0d7..58b16c698d07 100644 --- a/usr.sbin/arp/arp.c +++ b/usr.sbin/arp/arp.c @@ -281,6 +281,7 @@ valid_type(int type) switch (type) { case IFT_ETHER: case IFT_FDDI: + case IFT_IEEE1394: case IFT_INFINIBAND: case IFT_ISO88023: case IFT_ISO88024: From owner-dev-commits-src-branches@freebsd.org Wed May 26 01:50:06 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6C400630F80; Wed, 26 May 2021 01:50:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FqYmZ2Nqmz3H0J; Wed, 26 May 2021 01:50:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 3A6343CB; Wed, 26 May 2021 01:50:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14Q1o6LF042739; Wed, 26 May 2021 01:50:06 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14Q1o66L042735; Wed, 26 May 2021 01:50:06 GMT (envelope-from git) Date: Wed, 26 May 2021 01:50:06 GMT Message-Id: <202105260150.14Q1o66L042735@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 544b5d24828e - stable/13 - Fix mbuf leaks in various pru_send implementations MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 544b5d24828e249c84bc79b83ac6e9d4dbbc83ca Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 01:50:06 -0000 The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=544b5d24828e249c84bc79b83ac6e9d4dbbc83ca commit 544b5d24828e249c84bc79b83ac6e9d4dbbc83ca Author: Mark Johnston AuthorDate: 2021-05-12 13:39:36 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 01:49:53 +0000 Fix mbuf leaks in various pru_send implementations The various protocol implementations are not very consistent about freeing mbufs in error paths. In general, all protocols must free both "m" and "control" upon an error, except if PRUS_NOTREADY is specified (this is only implemented by TCP and unix(4) and requires further work not handled in this diff), in which case "control" still must be freed. This diff plugs various leaks in the pru_send implementations. Reviewed by: tuexen Sponsored by: The FreeBSD Foundation (cherry picked from commit d8acd2681bcfb2ff7eb154df82f268b1cb191b4c) --- sys/kern/uipc_socket.c | 6 +++- sys/netinet/ip_divert.c | 2 ++ sys/netinet/raw_ip.c | 19 +++++++---- sys/netinet/tcp_usrreq.c | 77 ++++++++++++++++++--------------------------- sys/netinet/udp_usrreq.c | 1 + sys/netinet6/raw_ip6.c | 40 ++++++++++++----------- sys/netinet6/sctp6_usrreq.c | 25 +++++++++++++++ sys/netinet6/send.c | 3 ++ 8 files changed, 100 insertions(+), 73 deletions(-) diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c index 3436004b53a6..77ce876fd20f 100644 --- a/sys/kern/uipc_socket.c +++ b/sys/kern/uipc_socket.c @@ -3735,7 +3735,11 @@ pru_send_notsupp(struct socket *so, int flags, struct mbuf *m, struct sockaddr *addr, struct mbuf *control, struct thread *td) { - return EOPNOTSUPP; + if (control != NULL) + m_freem(control); + if ((flags & PRUS_NOTREADY) == 0) + m_freem(m); + return (EOPNOTSUPP); } int diff --git a/sys/netinet/ip_divert.c b/sys/netinet/ip_divert.c index f83a42cb36c9..77a4bfcd08ac 100644 --- a/sys/netinet/ip_divert.c +++ b/sys/netinet/ip_divert.c @@ -677,6 +677,8 @@ div_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, if (m->m_len < sizeof (struct ip) && (m = m_pullup(m, sizeof (struct ip))) == NULL) { KMOD_IPSTAT_INC(ips_toosmall); + if (control != NULL) + m_freem(control); m_freem(m); return EINVAL; } diff --git a/sys/netinet/raw_ip.c b/sys/netinet/raw_ip.c index 89ab6a6bbdad..1db73a6da68c 100644 --- a/sys/netinet/raw_ip.c +++ b/sys/netinet/raw_ip.c @@ -1077,13 +1077,18 @@ rip_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, inp = sotoinpcb(so); KASSERT(inp != NULL, ("rip_send: inp == NULL")); + if (control != NULL) { + m_freem(control); + control = NULL; + } + /* * Note: 'dst' reads below are unlocked. */ if (so->so_state & SS_ISCONNECTED) { if (nam) { - m_freem(m); - return (EISCONN); + error = EISCONN; + goto release; } dst = inp->inp_faddr.s_addr; /* Unlocked read. */ } else { @@ -1094,13 +1099,15 @@ rip_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, error = EAFNOSUPPORT; else if (nam->sa_len != sizeof(struct sockaddr_in)) error = EINVAL; - if (error != 0) { - m_freem(m); - return (error); - } + if (error != 0) + goto release; dst = ((struct sockaddr_in *)nam)->sin_addr.s_addr; } return (rip_output(m, so, dst)); + +release: + m_freem(m); + return (error); } #endif /* INET */ diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c index 8c2a4c85d4d2..7132349dbba7 100644 --- a/sys/netinet/tcp_usrreq.c +++ b/sys/netinet/tcp_usrreq.c @@ -993,21 +993,31 @@ tcp_usr_send(struct socket *so, int flags, struct mbuf *m, if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) { if (control) m_freem(control); + /* * In case of PRUS_NOTREADY, tcp_usr_ready() is responsible * for freeing memory. */ - if (m && (flags & PRUS_NOTREADY) == 0) + if ((flags & PRUS_NOTREADY) == 0) m_freem(m); error = ECONNRESET; goto out; } + if (control != NULL) { + /* TCP doesn't do control messages (rights, creds, etc) */ + if (control->m_len) { + m_freem(control); + m_freem(m); + error = EINVAL; + goto out; + } + m_freem(control); /* empty control, just free it */ + control = NULL; + } tp = intotcpcb(inp); if (flags & PRUS_OOB) { if ((error = tcp_pru_options_support(tp, PRUS_OOB)) != 0) { - if (control) - m_freem(control); - if (m && (flags & PRUS_NOTREADY) == 0) + if ((flags & PRUS_NOTREADY) == 0) m_freem(m); goto out; } @@ -1019,33 +1029,28 @@ tcp_usr_send(struct socket *so, int flags, struct mbuf *m, case AF_INET: sinp = (struct sockaddr_in *)nam; if (sinp->sin_len != sizeof(struct sockaddr_in)) { - if (m) - m_freem(m); + m_freem(m); error = EINVAL; goto out; } if ((inp->inp_vflag & INP_IPV6) != 0) { - if (m) - m_freem(m); + m_freem(m); error = EAFNOSUPPORT; goto out; } if (IN_MULTICAST(ntohl(sinp->sin_addr.s_addr))) { - if (m) - m_freem(m); + m_freem(m); error = EAFNOSUPPORT; goto out; } if (ntohl(sinp->sin_addr.s_addr) == INADDR_BROADCAST) { - if (m) - m_freem(m); + m_freem(m); error = EACCES; goto out; } if ((error = prison_remote_ip4(td->td_ucred, &sinp->sin_addr))) { - if (m) - m_freem(m); + m_freem(m); goto out; } #ifdef INET6 @@ -1060,20 +1065,17 @@ tcp_usr_send(struct socket *so, int flags, struct mbuf *m, sin6 = (struct sockaddr_in6 *)nam; if (sin6->sin6_len != sizeof(*sin6)) { - if (m) - m_freem(m); + m_freem(m); error = EINVAL; goto out; } if ((inp->inp_vflag & INP_IPV6PROTO) == 0) { - if (m != NULL) - m_freem(m); + m_freem(m); error = EAFNOSUPPORT; goto out; } if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { - if (m) - m_freem(m); + m_freem(m); error = EAFNOSUPPORT; goto out; } @@ -1081,14 +1083,12 @@ tcp_usr_send(struct socket *so, int flags, struct mbuf *m, #ifdef INET if ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0) { error = EINVAL; - if (m) - m_freem(m); + m_freem(m); goto out; } if ((inp->inp_vflag & INP_IPV4) == 0) { error = EAFNOSUPPORT; - if (m) - m_freem(m); + m_freem(m); goto out; } restoreflags = true; @@ -1098,27 +1098,23 @@ tcp_usr_send(struct socket *so, int flags, struct mbuf *m, if (IN_MULTICAST( ntohl(sinp->sin_addr.s_addr))) { error = EAFNOSUPPORT; - if (m) - m_freem(m); + m_freem(m); goto out; } if ((error = prison_remote_ip4(td->td_ucred, &sinp->sin_addr))) { - if (m) - m_freem(m); + m_freem(m); goto out; } isipv6 = 0; #else /* !INET */ error = EAFNOSUPPORT; - if (m) - m_freem(m); + m_freem(m); goto out; #endif /* INET */ } else { if ((inp->inp_vflag & INP_IPV6) == 0) { - if (m) - m_freem(m); + m_freem(m); error = EAFNOSUPPORT; goto out; } @@ -1127,8 +1123,7 @@ tcp_usr_send(struct socket *so, int flags, struct mbuf *m, inp->inp_inc.inc_flags |= INC_ISIPV6; if ((error = prison_remote_ip6(td->td_ucred, &sin6->sin6_addr))) { - if (m) - m_freem(m); + m_freem(m); goto out; } isipv6 = 1; @@ -1137,23 +1132,11 @@ tcp_usr_send(struct socket *so, int flags, struct mbuf *m, } #endif /* INET6 */ default: - if (m) - m_freem(m); + m_freem(m); error = EAFNOSUPPORT; goto out; } } - if (control) { - /* TCP doesn't do control messages (rights, creds, etc) */ - if (control->m_len) { - m_freem(control); - if (m) - m_freem(m); - error = EINVAL; - goto out; - } - m_freem(control); /* empty control, just free it */ - } if (!(flags & PRUS_OOB)) { sbappendstream(&so->so_snd, m, flags); if (nam && tp->t_state < TCPS_SYN_SENT) { diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index 16ae0a89bb15..62a07701df6c 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -1273,6 +1273,7 @@ udp_output(struct inpcb *inp, struct mbuf *m, struct sockaddr *addr, break; } m_freem(control); + control = NULL; } if (error) goto release; diff --git a/sys/netinet6/raw_ip6.c b/sys/netinet6/raw_ip6.c index 3d2af6e5c9e6..a369abb04bfc 100644 --- a/sys/netinet6/raw_ip6.c +++ b/sys/netinet6/raw_ip6.c @@ -867,7 +867,7 @@ rip6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, struct inpcb *inp; struct sockaddr_in6 tmp; struct sockaddr_in6 *dst; - int ret; + int error; inp = sotoinpcb(so); KASSERT(inp != NULL, ("rip6_send: inp == NULL")); @@ -876,8 +876,8 @@ rip6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, /* Unlocked read. */ if (so->so_state & SS_ISCONNECTED) { if (nam) { - m_freem(m); - return (EISCONN); + error = EISCONN; + goto release; } /* XXX */ bzero(&tmp, sizeof(tmp)); @@ -889,18 +889,15 @@ rip6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, INP_RUNLOCK(inp); dst = &tmp; } else { - if (nam == NULL) { - m_freem(m); - return (ENOTCONN); - } - if (nam->sa_family != AF_INET6) { - m_freem(m); - return (EAFNOSUPPORT); - } - if (nam->sa_len != sizeof(struct sockaddr_in6)) { - m_freem(m); - return (EINVAL); - } + error = 0; + if (nam == NULL) + error = ENOTCONN; + else if (nam->sa_family != AF_INET6) + error = EAFNOSUPPORT; + else if (nam->sa_len != sizeof(struct sockaddr_in6)) + error = EINVAL; + if (error != 0) + goto release; tmp = *(struct sockaddr_in6 *)nam; dst = &tmp; @@ -914,12 +911,17 @@ rip6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, "unspec. Assume AF_INET6\n"); dst->sin6_family = AF_INET6; } else if (dst->sin6_family != AF_INET6) { - m_freem(m); - return(EAFNOSUPPORT); + error = EAFNOSUPPORT; + goto release; } } - ret = rip6_output(m, so, dst, control); - return (ret); + return (rip6_output(m, so, dst, control)); + +release: + if (control != NULL) + m_freem(control); + m_freem(m); + return (error); } struct pr_usrreqs rip6_usrreqs = { diff --git a/sys/netinet6/sctp6_usrreq.c b/sys/netinet6/sctp6_usrreq.c index 1030fe1bbb68..3be7a3e25de8 100644 --- a/sys/netinet6/sctp6_usrreq.c +++ b/sys/netinet6/sctp6_usrreq.c @@ -713,6 +713,11 @@ sctp6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *addr, #ifdef INET case AF_INET: if (addr->sa_len != sizeof(struct sockaddr_in)) { + if (control) { + SCTP_RELEASE_PKT(control); + control = NULL; + } + SCTP_RELEASE_PKT(m); SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL); return (EINVAL); } @@ -721,12 +726,22 @@ sctp6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *addr, #ifdef INET6 case AF_INET6: if (addr->sa_len != sizeof(struct sockaddr_in6)) { + if (control) { + SCTP_RELEASE_PKT(control); + control = NULL; + } + SCTP_RELEASE_PKT(m); SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL); return (EINVAL); } break; #endif default: + if (control) { + SCTP_RELEASE_PKT(control); + control = NULL; + } + SCTP_RELEASE_PKT(m); SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL); return (EINVAL); } @@ -738,10 +753,20 @@ sctp6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *addr, * v4 addr or v4-mapped addr */ if (addr->sa_family == AF_INET) { + if (control) { + SCTP_RELEASE_PKT(control); + control = NULL; + } + SCTP_RELEASE_PKT(m); SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL); return (EINVAL); } if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { + if (control) { + SCTP_RELEASE_PKT(control); + control = NULL; + } + SCTP_RELEASE_PKT(m); SCTP_LTRACE_ERR_RET(inp, NULL, NULL, SCTP_FROM_SCTP6_USRREQ, EINVAL); return (EINVAL); } diff --git a/sys/netinet6/send.c b/sys/netinet6/send.c index 816f4d2b6541..0a2b3c65aab4 100644 --- a/sys/netinet6/send.c +++ b/sys/netinet6/send.c @@ -252,8 +252,11 @@ send_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, m = NULL; err: + if (control != NULL) + m_freem(control); if (m != NULL) m_freem(m); + return (error); } From owner-dev-commits-src-branches@freebsd.org Wed May 26 12:06:04 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6C49A63B22F; Wed, 26 May 2021 12:06:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FqqRJ2fCyz4q5y; Wed, 26 May 2021 12:06:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 42E9E10767; Wed, 26 May 2021 12:06:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QC64QH064709; Wed, 26 May 2021 12:06:04 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QC64Yv064708; Wed, 26 May 2021 12:06:04 GMT (envelope-from git) Date: Wed, 26 May 2021 12:06:04 GMT Message-Id: <202105261206.14QC64Yv064708@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: 00ecc359009e - stable/13 - alc(4): add support for Mikrotik 10/25G NIC MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 00ecc359009e345f3abc666138792abd545e90f7 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 12:06:04 -0000 The branch stable/13 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=00ecc359009e345f3abc666138792abd545e90f7 commit 00ecc359009e345f3abc666138792abd545e90f7 Author: Konstantin Belousov AuthorDate: 2021-05-19 22:14:18 +0000 Commit: Konstantin Belousov CommitDate: 2021-05-26 11:30:36 +0000 alc(4): add support for Mikrotik 10/25G NIC PR: 256000 (cherry picked from commit 77b637338a3656d4ccedb9798a3f98ac283962f4) --- sys/dev/alc/if_alc.c | 16 ++++++++++++++-- sys/dev/alc/if_alcreg.h | 8 ++++++++ sys/dev/alc/if_alcvar.h | 3 ++- 3 files changed, 24 insertions(+), 3 deletions(-) diff --git a/sys/dev/alc/if_alc.c b/sys/dev/alc/if_alc.c index 255fea53acfa..eb906d60bcbe 100644 --- a/sys/dev/alc/if_alc.c +++ b/sys/dev/alc/if_alc.c @@ -1438,6 +1438,8 @@ alc_attach(device_t dev) case DEVICEID_ATHEROS_AR8151: case DEVICEID_ATHEROS_AR8151_V2: sc->alc_flags |= ALC_FLAG_APS; + if (CSR_READ_4(sc, ALC_MT_MAGIC) == MT_MAGIC) + sc->alc_flags |= ALC_FLAG_MT; /* FALLTHROUGH */ default: break; @@ -1977,6 +1979,8 @@ alc_dma_alloc(struct alc_softc *sc) int error, i; lowaddr = BUS_SPACE_MAXADDR; + if (sc->alc_flags & ALC_FLAG_MT) + lowaddr = BUS_SPACE_MAXSIZE_32BIT; again: /* Create parent DMA tag. */ error = bus_dma_tag_create( @@ -2219,7 +2223,7 @@ again: error = bus_dma_tag_create( bus_get_dma_tag(sc->alc_dev), /* parent */ 1, 0, /* alignment, boundary */ - BUS_SPACE_MAXADDR, /* lowaddr */ + lowaddr, /* lowaddr */ BUS_SPACE_MAXADDR, /* highaddr */ NULL, NULL, /* filter, filterarg */ BUS_SPACE_MAXSIZE_32BIT, /* maxsize */ @@ -3339,6 +3343,11 @@ alc_intr(void *arg) sc = (struct alc_softc *)arg; + if (sc->alc_flags & ALC_FLAG_MT) { + taskqueue_enqueue(sc->alc_tq, &sc->alc_int_task); + return (FILTER_HANDLED); + } + status = CSR_READ_4(sc, ALC_INTR_STATUS); if ((status & ALC_INTRS) == 0) return (FILTER_STRAY); @@ -3416,7 +3425,10 @@ alc_int_task(void *arg, int pending) done: if ((ifp->if_drv_flags & IFF_DRV_RUNNING) != 0) { /* Re-enable interrupts if we're running. */ - CSR_WRITE_4(sc, ALC_INTR_STATUS, 0x7FFFFFFF); + if (sc->alc_flags & ALC_FLAG_MT) + CSR_WRITE_4(sc, ALC_INTR_STATUS, 0); + else + CSR_WRITE_4(sc, ALC_INTR_STATUS, 0x7FFFFFFF); } ALC_UNLOCK(sc); } diff --git a/sys/dev/alc/if_alcreg.h b/sys/dev/alc/if_alcreg.h index 3b4ee133b01a..7668f0960d9f 100644 --- a/sys/dev/alc/if_alcreg.h +++ b/sys/dev/alc/if_alcreg.h @@ -1121,6 +1121,14 @@ #define MII_EXT_ANEG_NLP78 0x8027 #define ANEG_NLP78_120M_DEFAULT 0x8A05 +#define ALC_MT_MAGIC 0x1F00 +#define ALC_MT_MODE 0x1F04 +#define ALC_MT_SPEED 0x1F08 +#define ALC_MT_VERSION 0x1F0C + +#define MT_MAGIC 0xaabb1234 +#define MT_MODE_4Q BIT(0) + /* Statistics counters collected by the MAC. */ struct smb { /* Rx stats. */ diff --git a/sys/dev/alc/if_alcvar.h b/sys/dev/alc/if_alcvar.h index 8dea20196dae..926c80021858 100644 --- a/sys/dev/alc/if_alcvar.h +++ b/sys/dev/alc/if_alcvar.h @@ -239,6 +239,7 @@ struct alc_softc { #define ALC_FLAG_LINK_WAR 0x4000 #define ALC_FLAG_E2X00 0x8000 #define ALC_FLAG_LINK 0x10000 +#define ALC_FLAG_MT 0x20000 struct callout alc_tick_ch; struct alc_hw_stats alc_stats; @@ -284,6 +285,6 @@ do { \ #define ALC_TX_TIMEOUT 5 #define ALC_RESET_TIMEOUT 100 #define ALC_TIMEOUT 1000 -#define ALC_PHY_TIMEOUT 1000 +#define ALC_PHY_TIMEOUT 10000 #endif /* _IF_ALCVAR_H */ From owner-dev-commits-src-branches@freebsd.org Wed May 26 12:08:21 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 19C7563B0E7; Wed, 26 May 2021 12:08:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FqqTx0967z4q8Z; Wed, 26 May 2021 12:08:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E25E510769; Wed, 26 May 2021 12:08:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QC8K0L065007; Wed, 26 May 2021 12:08:20 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QC8K6u065006; Wed, 26 May 2021 12:08:20 GMT (envelope-from git) Date: Wed, 26 May 2021 12:08:20 GMT Message-Id: <202105261208.14QC8K6u065006@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: fcb09b40339d - stable/12 - alc(4): add support for Mikrotik 10/25G NIC MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: fcb09b40339d10b06e11863096bcc6d2576e807f Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 12:08:21 -0000 The branch stable/12 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=fcb09b40339d10b06e11863096bcc6d2576e807f commit fcb09b40339d10b06e11863096bcc6d2576e807f Author: Konstantin Belousov AuthorDate: 2021-05-19 22:14:18 +0000 Commit: Konstantin Belousov CommitDate: 2021-05-26 12:06:35 +0000 alc(4): add support for Mikrotik 10/25G NIC PR: 256000 (cherry picked from commit 77b637338a3656d4ccedb9798a3f98ac283962f4) --- sys/dev/alc/if_alc.c | 16 ++++++++++++++-- sys/dev/alc/if_alcreg.h | 8 ++++++++ sys/dev/alc/if_alcvar.h | 3 ++- 3 files changed, 24 insertions(+), 3 deletions(-) diff --git a/sys/dev/alc/if_alc.c b/sys/dev/alc/if_alc.c index 1bafdab235d0..8a01f551fd6c 100644 --- a/sys/dev/alc/if_alc.c +++ b/sys/dev/alc/if_alc.c @@ -1438,6 +1438,8 @@ alc_attach(device_t dev) case DEVICEID_ATHEROS_AR8151: case DEVICEID_ATHEROS_AR8151_V2: sc->alc_flags |= ALC_FLAG_APS; + if (CSR_READ_4(sc, ALC_MT_MAGIC) == MT_MAGIC) + sc->alc_flags |= ALC_FLAG_MT; /* FALLTHROUGH */ default: break; @@ -1977,6 +1979,8 @@ alc_dma_alloc(struct alc_softc *sc) int error, i; lowaddr = BUS_SPACE_MAXADDR; + if (sc->alc_flags & ALC_FLAG_MT) + lowaddr = BUS_SPACE_MAXSIZE_32BIT; again: /* Create parent DMA tag. */ error = bus_dma_tag_create( @@ -2219,7 +2223,7 @@ again: error = bus_dma_tag_create( bus_get_dma_tag(sc->alc_dev), /* parent */ 1, 0, /* alignment, boundary */ - BUS_SPACE_MAXADDR, /* lowaddr */ + lowaddr, /* lowaddr */ BUS_SPACE_MAXADDR, /* highaddr */ NULL, NULL, /* filter, filterarg */ BUS_SPACE_MAXSIZE_32BIT, /* maxsize */ @@ -3339,6 +3343,11 @@ alc_intr(void *arg) sc = (struct alc_softc *)arg; + if (sc->alc_flags & ALC_FLAG_MT) { + taskqueue_enqueue(sc->alc_tq, &sc->alc_int_task); + return (FILTER_HANDLED); + } + status = CSR_READ_4(sc, ALC_INTR_STATUS); if ((status & ALC_INTRS) == 0) return (FILTER_STRAY); @@ -3416,7 +3425,10 @@ alc_int_task(void *arg, int pending) done: if ((ifp->if_drv_flags & IFF_DRV_RUNNING) != 0) { /* Re-enable interrupts if we're running. */ - CSR_WRITE_4(sc, ALC_INTR_STATUS, 0x7FFFFFFF); + if (sc->alc_flags & ALC_FLAG_MT) + CSR_WRITE_4(sc, ALC_INTR_STATUS, 0); + else + CSR_WRITE_4(sc, ALC_INTR_STATUS, 0x7FFFFFFF); } ALC_UNLOCK(sc); } diff --git a/sys/dev/alc/if_alcreg.h b/sys/dev/alc/if_alcreg.h index 3b4ee133b01a..7668f0960d9f 100644 --- a/sys/dev/alc/if_alcreg.h +++ b/sys/dev/alc/if_alcreg.h @@ -1121,6 +1121,14 @@ #define MII_EXT_ANEG_NLP78 0x8027 #define ANEG_NLP78_120M_DEFAULT 0x8A05 +#define ALC_MT_MAGIC 0x1F00 +#define ALC_MT_MODE 0x1F04 +#define ALC_MT_SPEED 0x1F08 +#define ALC_MT_VERSION 0x1F0C + +#define MT_MAGIC 0xaabb1234 +#define MT_MODE_4Q BIT(0) + /* Statistics counters collected by the MAC. */ struct smb { /* Rx stats. */ diff --git a/sys/dev/alc/if_alcvar.h b/sys/dev/alc/if_alcvar.h index 8dea20196dae..926c80021858 100644 --- a/sys/dev/alc/if_alcvar.h +++ b/sys/dev/alc/if_alcvar.h @@ -239,6 +239,7 @@ struct alc_softc { #define ALC_FLAG_LINK_WAR 0x4000 #define ALC_FLAG_E2X00 0x8000 #define ALC_FLAG_LINK 0x10000 +#define ALC_FLAG_MT 0x20000 struct callout alc_tick_ch; struct alc_hw_stats alc_stats; @@ -284,6 +285,6 @@ do { \ #define ALC_TX_TIMEOUT 5 #define ALC_RESET_TIMEOUT 100 #define ALC_TIMEOUT 1000 -#define ALC_PHY_TIMEOUT 1000 +#define ALC_PHY_TIMEOUT 10000 #endif /* _IF_ALCVAR_H */ From owner-dev-commits-src-branches@freebsd.org Wed May 26 19:28:43 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 00AA6644846; Wed, 26 May 2021 19:28:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr1G26Z4Zz4Y9H; Wed, 26 May 2021 19:28:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C9BD216AB3; Wed, 26 May 2021 19:28:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QJSg2b059532; Wed, 26 May 2021 19:28:42 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QJSgsM059531; Wed, 26 May 2021 19:28:42 GMT (envelope-from git) Date: Wed, 26 May 2021 19:28:42 GMT Message-Id: <202105261928.14QJSgsM059531@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 6bbde34ae608 - stable/13 - amd64: clear PSL.AC in the right frame MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 6bbde34ae6088285af9d1cc587249c3e7a0159a9 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 19:28:43 -0000 The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=6bbde34ae6088285af9d1cc587249c3e7a0159a9 commit 6bbde34ae6088285af9d1cc587249c3e7a0159a9 Author: Konstantin Belousov AuthorDate: 2021-05-22 19:48:36 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 19:18:41 +0000 amd64: clear PSL.AC in the right frame If copyin family of routines fault, kernel does clear PSL.AC on the fault entry, but the AC flag of the faulted frame is kept intact. Since onfault handler is effectively jump, AC survives until syscall exit. Reported by: m00nbsd, via Sony Reviewed by: markj Sponsored by: The FreeBSD Foundation admbugs: 975 (cherry picked from commit 91aae953cb807d6fb7a70782b323bf9beb60d7c9) --- sys/amd64/amd64/support.S | 18 ++++++++++++------ sys/amd64/linux/linux_support.s | 5 ++++- sys/amd64/linux32/linux32_support.s | 5 ++++- 3 files changed, 20 insertions(+), 8 deletions(-) diff --git a/sys/amd64/amd64/support.S b/sys/amd64/amd64/support.S index 4c0f7da87ef8..9272870e9c5e 100644 --- a/sys/amd64/amd64/support.S +++ b/sys/amd64/amd64/support.S @@ -919,9 +919,11 @@ ENTRY(copyin_smap_erms) END(copyin_smap_erms) ALIGN_TEXT - /* Trap entry clears PSL.AC */ copy_fault: - movq $0,PCB_ONFAULT(%r11) + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movq $0,PCB_ONFAULT(%r11) movl $EFAULT,%eax POP_FRAME_POINTER ret @@ -1358,9 +1360,11 @@ ENTRY(subyte_smap) END(subyte_smap) ALIGN_TEXT - /* Fault entry clears PSL.AC */ fusufault: - movq PCPU(CURPCB),%rcx + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movq PCPU(CURPCB),%rcx xorl %eax,%eax movq %rax,PCB_ONFAULT(%rcx) decq %rax @@ -1443,8 +1447,10 @@ ENTRY(copyinstr_smap) END(copyinstr_smap) cpystrflt: - /* Fault entry clears PSL.AC */ - movl $EFAULT,%eax + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movl $EFAULT,%eax cpystrflt_x: /* set *lencopied and return %eax */ movq $0,PCB_ONFAULT(%r9) diff --git a/sys/amd64/linux/linux_support.s b/sys/amd64/linux/linux_support.s index 45eb565f667d..bb1c218bdf89 100644 --- a/sys/amd64/linux/linux_support.s +++ b/sys/amd64/linux/linux_support.s @@ -34,7 +34,10 @@ #include "assym.inc" futex_fault: - movq $0,PCB_ONFAULT(%r8) + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movq $0,PCB_ONFAULT(%r8) movl $-EFAULT,%eax ret diff --git a/sys/amd64/linux32/linux32_support.s b/sys/amd64/linux32/linux32_support.s index da076010c13c..86f3d11b552b 100644 --- a/sys/amd64/linux32/linux32_support.s +++ b/sys/amd64/linux32/linux32_support.s @@ -34,7 +34,10 @@ #include "assym.inc" futex_fault: - movq $0,PCB_ONFAULT(%r8) + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movq $0,PCB_ONFAULT(%r8) movl $-EFAULT,%eax ret From owner-dev-commits-src-branches@freebsd.org Wed May 26 19:28:44 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2F3026449A3; Wed, 26 May 2021 19:28:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr1G40fyVz4Y9L; Wed, 26 May 2021 19:28:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id F1AE616833; Wed, 26 May 2021 19:28:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QJShQr059553; Wed, 26 May 2021 19:28:43 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QJShD9059552; Wed, 26 May 2021 19:28:43 GMT (envelope-from git) Date: Wed, 26 May 2021 19:28:43 GMT Message-Id: <202105261928.14QJShD9059552@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 876ffe28796c - stable/13 - amd64/linux*: add required header to get the constant value MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 876ffe28796c4a81fbedcdaa4d7e4527cd1c79c5 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 19:28:44 -0000 The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=876ffe28796c4a81fbedcdaa4d7e4527cd1c79c5 commit 876ffe28796c4a81fbedcdaa4d7e4527cd1c79c5 Author: Konstantin Belousov AuthorDate: 2021-05-25 22:19:44 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 19:18:54 +0000 amd64/linux*: add required header to get the constant value Otherwise asm silently interpret it as the external global symbol. Reported by: bz Sponsored by: The FreeBSD Foundation Fixes: 91aae953cb80 (cherry picked from commit a59f0285377aa3d61cccda64e9ade126ecb3d2d9) --- sys/amd64/linux/linux_support.s | 1 + sys/amd64/linux32/linux32_support.s | 1 + 2 files changed, 2 insertions(+) diff --git a/sys/amd64/linux/linux_support.s b/sys/amd64/linux/linux_support.s index bb1c218bdf89..79e361867f1d 100644 --- a/sys/amd64/linux/linux_support.s +++ b/sys/amd64/linux/linux_support.s @@ -30,6 +30,7 @@ #include "linux_assym.h" /* system definitions */ #include /* miscellaneous asm macros */ +#include #include "assym.inc" diff --git a/sys/amd64/linux32/linux32_support.s b/sys/amd64/linux32/linux32_support.s index 86f3d11b552b..2e2dbca4e24b 100644 --- a/sys/amd64/linux32/linux32_support.s +++ b/sys/amd64/linux32/linux32_support.s @@ -30,6 +30,7 @@ #include "linux32_assym.h" /* system definitions */ #include /* miscellaneous asm macros */ +#include #include "assym.inc" From owner-dev-commits-src-branches@freebsd.org Wed May 26 19:29:11 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id F37BF644B33; Wed, 26 May 2021 19:29:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr1Gb5sN2z4YCW; Wed, 26 May 2021 19:29:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D732416933; Wed, 26 May 2021 19:29:10 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QJTAEM059714; Wed, 26 May 2021 19:29:10 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QJTAZ4059713; Wed, 26 May 2021 19:29:10 GMT (envelope-from git) Date: Wed, 26 May 2021 19:29:10 GMT Message-Id: <202105261929.14QJTAZ4059713@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 4590f0345956 - stable/12 - amd64: clear PSL.AC in the right frame MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 4590f0345956329d414611c6cee300f486732b53 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 19:29:12 -0000 The branch stable/12 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=4590f0345956329d414611c6cee300f486732b53 commit 4590f0345956329d414611c6cee300f486732b53 Author: Konstantin Belousov AuthorDate: 2021-05-22 19:48:36 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 19:29:06 +0000 amd64: clear PSL.AC in the right frame If copyin family of routines fault, kernel does clear PSL.AC on the fault entry, but the AC flag of the faulted frame is kept intact. Since onfault handler is effectively jump, AC survives until syscall exit. Reported by: m00nbsd, via Sony Reviewed by: markj Sponsored by: The FreeBSD Foundation admbugs: 975 (cherry picked from commit 91aae953cb807d6fb7a70782b323bf9beb60d7c9) --- sys/amd64/amd64/support.S | 18 ++++++++++++------ sys/amd64/linux/linux_support.s | 5 ++++- sys/amd64/linux32/linux32_support.s | 5 ++++- 3 files changed, 20 insertions(+), 8 deletions(-) diff --git a/sys/amd64/amd64/support.S b/sys/amd64/amd64/support.S index 58bf5f7303ec..906e52b81db7 100644 --- a/sys/amd64/amd64/support.S +++ b/sys/amd64/amd64/support.S @@ -868,9 +868,11 @@ ENTRY(copyin_smap_erms) END(copyin_smap_erms) ALIGN_TEXT - /* Trap entry clears PSL.AC */ copy_fault: - movq $0,PCB_ONFAULT(%r11) + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movq $0,PCB_ONFAULT(%r11) movl $EFAULT,%eax POP_FRAME_POINTER ret @@ -1311,9 +1313,11 @@ ENTRY(subyte_smap) END(subyte_smap) ALIGN_TEXT - /* Fault entry clears PSL.AC */ fusufault: - movq PCPU(CURPCB),%rcx + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movq PCPU(CURPCB),%rcx xorl %eax,%eax movq %rax,PCB_ONFAULT(%rcx) decq %rax @@ -1396,8 +1400,10 @@ ENTRY(copyinstr_smap) END(copyinstr_smap) cpystrflt: - /* Fault entry clears PSL.AC */ - movl $EFAULT,%eax + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movl $EFAULT,%eax cpystrflt_x: /* set *lencopied and return %eax */ movq $0,PCB_ONFAULT(%r9) diff --git a/sys/amd64/linux/linux_support.s b/sys/amd64/linux/linux_support.s index 45eb565f667d..bb1c218bdf89 100644 --- a/sys/amd64/linux/linux_support.s +++ b/sys/amd64/linux/linux_support.s @@ -34,7 +34,10 @@ #include "assym.inc" futex_fault: - movq $0,PCB_ONFAULT(%r8) + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movq $0,PCB_ONFAULT(%r8) movl $-EFAULT,%eax ret diff --git a/sys/amd64/linux32/linux32_support.s b/sys/amd64/linux32/linux32_support.s index da076010c13c..86f3d11b552b 100644 --- a/sys/amd64/linux32/linux32_support.s +++ b/sys/amd64/linux32/linux32_support.s @@ -34,7 +34,10 @@ #include "assym.inc" futex_fault: - movq $0,PCB_ONFAULT(%r8) + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movq $0,PCB_ONFAULT(%r8) movl $-EFAULT,%eax ret From owner-dev-commits-src-branches@freebsd.org Wed May 26 19:29:12 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2CF58644BC8; Wed, 26 May 2021 19:29:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr1Gc0ptMz4Y9s; Wed, 26 May 2021 19:29:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id ED8DB1636E; Wed, 26 May 2021 19:29:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QJTBbB059735; Wed, 26 May 2021 19:29:11 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QJTBwa059734; Wed, 26 May 2021 19:29:11 GMT (envelope-from git) Date: Wed, 26 May 2021 19:29:11 GMT Message-Id: <202105261929.14QJTBwa059734@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: b25bb7786164 - stable/12 - amd64/linux*: add required header to get the constant value MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: b25bb77861640456a77fbf6f34cac4a3b69f0e5f Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 19:29:12 -0000 The branch stable/12 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=b25bb77861640456a77fbf6f34cac4a3b69f0e5f commit b25bb77861640456a77fbf6f34cac4a3b69f0e5f Author: Konstantin Belousov AuthorDate: 2021-05-25 22:19:44 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 19:29:06 +0000 amd64/linux*: add required header to get the constant value Otherwise asm silently interpret it as the external global symbol. Reported by: bz Sponsored by: The FreeBSD Foundation Fixes: 91aae953cb80 (cherry picked from commit a59f0285377aa3d61cccda64e9ade126ecb3d2d9) --- sys/amd64/linux/linux_support.s | 1 + sys/amd64/linux32/linux32_support.s | 1 + 2 files changed, 2 insertions(+) diff --git a/sys/amd64/linux/linux_support.s b/sys/amd64/linux/linux_support.s index bb1c218bdf89..79e361867f1d 100644 --- a/sys/amd64/linux/linux_support.s +++ b/sys/amd64/linux/linux_support.s @@ -30,6 +30,7 @@ #include "linux_assym.h" /* system definitions */ #include /* miscellaneous asm macros */ +#include #include "assym.inc" diff --git a/sys/amd64/linux32/linux32_support.s b/sys/amd64/linux32/linux32_support.s index 86f3d11b552b..2e2dbca4e24b 100644 --- a/sys/amd64/linux32/linux32_support.s +++ b/sys/amd64/linux32/linux32_support.s @@ -30,6 +30,7 @@ #include "linux32_assym.h" /* system definitions */ #include /* miscellaneous asm macros */ +#include #include "assym.inc" From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:37:25 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D5FAC645D82; Wed, 26 May 2021 20:37:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2nK5L55z4gkq; Wed, 26 May 2021 20:37:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9650A177A3; Wed, 26 May 2021 20:37:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKbPY0054147; Wed, 26 May 2021 20:37:25 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKbP7i054146; Wed, 26 May 2021 20:37:25 GMT (envelope-from git) Date: Wed, 26 May 2021 20:37:25 GMT Message-Id: <202105262037.14QKbP7i054146@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: bec0d2c9c841 - stable/13 - libradius: Fix input validation bugs MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: bec0d2c9c8413707b0fff8e65fb96aa53f149be3 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:37:25 -0000 The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=bec0d2c9c8413707b0fff8e65fb96aa53f149be3 commit bec0d2c9c8413707b0fff8e65fb96aa53f149be3 Author: Mark Johnston AuthorDate: 2021-05-25 17:59:09 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 19:45:31 +0000 libradius: Fix input validation bugs Approved by: so Security: FreeBSD-SA-21:12.libradius Security: CVE-2021-29629 Sponsored by: The FreeBSD Foundation (cherry picked from commit e73975dc321a9ccbbbd65b609aa386b187dad2c1) --- lib/libradius/radlib.c | 54 ++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 39 insertions(+), 15 deletions(-) diff --git a/lib/libradius/radlib.c b/lib/libradius/radlib.c index e01c486a1ba6..18aee8b53024 100644 --- a/lib/libradius/radlib.c +++ b/lib/libradius/radlib.c @@ -187,7 +187,7 @@ is_valid_response(struct rad_handle *h, int srv, MD5_CTX ctx; unsigned char md5[MD5_DIGEST_LENGTH]; const struct rad_server *srvp; - int len; + int alen, len; #ifdef WITH_SSL HMAC_CTX *hctx; u_char resp[MSGSIZE], md[EVP_MAX_MD_SIZE]; @@ -206,8 +206,8 @@ is_valid_response(struct rad_handle *h, int srv, /* Check the message length */ if (h->in_len < POS_ATTRS) return 0; - len = h->in[POS_LENGTH] << 8 | h->in[POS_LENGTH+1]; - if (len > h->in_len) + len = (h->in[POS_LENGTH] << 8) | h->in[POS_LENGTH + 1]; + if (len < POS_ATTRS || len > h->in_len) return 0; /* Check the response authenticator */ @@ -233,9 +233,16 @@ is_valid_response(struct rad_handle *h, int srv, /* Search and verify the Message-Authenticator */ hctx = HMAC_CTX_new(); while (pos < len - 2) { - if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) { - /* zero fill the Message-Authenticator */ + if (h->in[pos + 1] != MD5_DIGEST_LENGTH + 2) { + HMAC_CTX_free(hctx); + return 0; + } + if (len - pos < MD5_DIGEST_LENGTH + 2) { + HMAC_CTX_free(hctx); + return 0; + } + memset(&resp[pos + 2], 0, MD5_DIGEST_LENGTH); HMAC_Init_ex(hctx, srvp->secret, @@ -255,7 +262,12 @@ is_valid_response(struct rad_handle *h, int srv, } break; } - pos += h->in[pos + 1]; + alen = h->in[pos + 1]; + if (alen < 2) { + HMAC_CTX_free(hctx); + return 0; + } + pos += alen; } HMAC_CTX_free(hctx); } @@ -272,7 +284,7 @@ is_valid_request(struct rad_handle *h) MD5_CTX ctx; unsigned char md5[MD5_DIGEST_LENGTH]; const struct rad_server *srvp; - int len; + int alen, len; #ifdef WITH_SSL HMAC_CTX *hctx; u_char resp[MSGSIZE], md[EVP_MAX_MD_SIZE]; @@ -285,8 +297,8 @@ is_valid_request(struct rad_handle *h) /* Check the message length */ if (h->in_len < POS_ATTRS) return (0); - len = h->in[POS_LENGTH] << 8 | h->in[POS_LENGTH+1]; - if (len > h->in_len) + len = (h->in[POS_LENGTH] << 8) | h->in[POS_LENGTH + 1]; + if (len < POS_ATTRS || len > h->in_len) return (0); if (h->in[POS_CODE] != RAD_ACCESS_REQUEST) { @@ -307,7 +319,18 @@ is_valid_request(struct rad_handle *h) pos = POS_ATTRS; hctx = HMAC_CTX_new(); while (pos < len - 2) { + alen = h->in[pos + 1]; + if (alen < 2) + return (0); if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) { + if (len - pos < MD5_DIGEST_LENGTH + 2) { + HMAC_CTX_free(hctx); + return (0); + } + if (alen < MD5_DIGEST_LENGTH + 2) { + HMAC_CTX_free(hctx); + return (0); + } memcpy(resp, h->in, MSGSIZE); /* zero fill the Request-Authenticator */ if (h->in[POS_CODE] != RAD_ACCESS_REQUEST) @@ -327,7 +350,7 @@ is_valid_request(struct rad_handle *h) } break; } - pos += h->in[pos + 1]; + pos += alen; } HMAC_CTX_free(hctx); #endif @@ -929,9 +952,9 @@ rad_cvt_string(const void *data, size_t len) * returns -1. */ int -rad_get_attr(struct rad_handle *h, const void **value, size_t *len) +rad_get_attr(struct rad_handle *h, const void **value, size_t *lenp) { - int type; + int len, type; if (h->in_pos >= h->in_len) return 0; @@ -940,13 +963,14 @@ rad_get_attr(struct rad_handle *h, const void **value, size_t *len) return -1; } type = h->in[h->in_pos++]; - *len = h->in[h->in_pos++] - 2; - if (h->in_pos + (int)*len > h->in_len) { + len = h->in[h->in_pos++]; + if (len < 2 || h->in_pos + len > h->in_len) { generr(h, "Malformed attribute in response"); return -1; } + *lenp = len; *value = &h->in[h->in_pos]; - h->in_pos += *len; + h->in_pos += len; return type; } From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:37:42 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C885D645E0D; Wed, 26 May 2021 20:37:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2nf5HdSz4gZS; Wed, 26 May 2021 20:37:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9CEAC17999; Wed, 26 May 2021 20:37:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKbgib054332; Wed, 26 May 2021 20:37:42 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKbgUg054331; Wed, 26 May 2021 20:37:42 GMT (envelope-from git) Date: Wed, 26 May 2021 20:37:42 GMT Message-Id: <202105262037.14QKbgUg054331@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: a8a91efa74e0 - releng/13.0 - mpt(4): Remove incorrect S/G segments limits. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.0 X-Git-Reftype: branch X-Git-Commit: a8a91efa74e09f35ecde161f6bb18f10e28efddf Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:37:42 -0000 The branch releng/13.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=a8a91efa74e09f35ecde161f6bb18f10e28efddf commit a8a91efa74e09f35ecde161f6bb18f10e28efddf Author: Alexander Motin AuthorDate: 2021-04-17 14:41:35 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 19:29:54 +0000 mpt(4): Remove incorrect S/G segments limits. First, two of those four checks are unreachable. Second, I don't believe there should be ">=" instead of ">". Third, bus_dma(9) already returns the same EFBIG if ">". This fixes false I/O errors in worst S/G cases with maxphys >= 2MB. Approved by: so Security: EN-21:13.mpt MFC after: 1 week (cherry picked from commit 0f29396e493bd87ffa6a63fcb602b12e79d21a1e) (cherry picked from commit f0077b4c1dcfa7eda6efadf197e8423fe002ac5d) --- sys/dev/mpt/mpt_cam.c | 20 -------------------- 1 file changed, 20 deletions(-) diff --git a/sys/dev/mpt/mpt_cam.c b/sys/dev/mpt/mpt_cam.c index 90c84eee2442..64776d673674 100644 --- a/sys/dev/mpt/mpt_cam.c +++ b/sys/dev/mpt/mpt_cam.c @@ -1292,10 +1292,6 @@ mpt_execute_req_a64(void *arg, bus_dma_segment_t *dm_segs, int nseg, int error) hdrp = req->req_vbuf; mpt_off = req->req_vbuf; - if (error == 0 && ((uint32_t)nseg) >= mpt->max_seg_cnt) { - error = EFBIG; - } - if (error == 0) { switch (hdrp->Function) { case MPI_FUNCTION_SCSI_IO_REQUEST: @@ -1315,12 +1311,6 @@ mpt_execute_req_a64(void *arg, bus_dma_segment_t *dm_segs, int nseg, int error) } } - if (error == 0 && ((uint32_t)nseg) >= mpt->max_seg_cnt) { - error = EFBIG; - mpt_prt(mpt, "segment count %d too large (max %u)\n", - nseg, mpt->max_seg_cnt); - } - bad: if (error != 0) { if (error != EFBIG && error != ENOMEM) { @@ -1694,10 +1684,6 @@ mpt_execute_req(void *arg, bus_dma_segment_t *dm_segs, int nseg, int error) hdrp = req->req_vbuf; mpt_off = req->req_vbuf; - if (error == 0 && ((uint32_t)nseg) >= mpt->max_seg_cnt) { - error = EFBIG; - } - if (error == 0) { switch (hdrp->Function) { case MPI_FUNCTION_SCSI_IO_REQUEST: @@ -1716,12 +1702,6 @@ mpt_execute_req(void *arg, bus_dma_segment_t *dm_segs, int nseg, int error) } } - if (error == 0 && ((uint32_t)nseg) >= mpt->max_seg_cnt) { - error = EFBIG; - mpt_prt(mpt, "segment count %d too large (max %u)\n", - nseg, mpt->max_seg_cnt); - } - bad: if (error != 0) { if (error != EFBIG && error != ENOMEM) { From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:37:44 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 77A11645CAE; Wed, 26 May 2021 20:37:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2ng6jWpz4gXY; Wed, 26 May 2021 20:37:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id CA4B9175D1; Wed, 26 May 2021 20:37:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKbhTY054359; Wed, 26 May 2021 20:37:43 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKbhwD054358; Wed, 26 May 2021 20:37:43 GMT (envelope-from git) Date: Wed, 26 May 2021 20:37:43 GMT Message-Id: <202105262037.14QKbhwD054358@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: fc7402d50da8 - releng/13.0 - pms(4): Do not return CAM_REQ_CMP on errors. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.0 X-Git-Reftype: branch X-Git-Commit: fc7402d50da8e072ded892d7ac024d939bc11fae Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:37:45 -0000 The branch releng/13.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=fc7402d50da8e072ded892d7ac024d939bc11fae commit fc7402d50da8e072ded892d7ac024d939bc11fae Author: Alexander Motin AuthorDate: 2021-04-16 19:16:09 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 19:30:13 +0000 pms(4): Do not return CAM_REQ_CMP on errors. It is a direct request for data corruptions, one report of which we have received. I am very surprised that only one. Approved by: so Security: EN-21:14.pms MFC after: 1 week Sponsored by: iXsystems, Inc. (cherry picked from commit 8434a65ce49bd6bc6779f0e57b0ce0f4bc46f48e) (cherry picked from commit 4bc708e1e87b493551fc286e25477490b1a75b99) --- sys/dev/pms/freebsd/driver/ini/src/agtiapi.c | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/sys/dev/pms/freebsd/driver/ini/src/agtiapi.c b/sys/dev/pms/freebsd/driver/ini/src/agtiapi.c index 69f488c4199b..4ce32d0ce6c0 100644 --- a/sys/dev/pms/freebsd/driver/ini/src/agtiapi.c +++ b/sys/dev/pms/freebsd/driver/ini/src/agtiapi.c @@ -2629,9 +2629,11 @@ static void agtiapi_PrepareSGListCB( void *arg, { AGTIAPI_PRINTK("agtiapi_PrepareSGListCB: error status 0x%x\n", error); bus_dmamap_unload(pmcsc->buffer_dmat, pccb->CCB_dmamap); - bus_dmamap_destroy(pmcsc->buffer_dmat, pccb->CCB_dmamap); agtiapi_FreeCCB(pmcsc, pccb); - ccb->ccb_h.status = CAM_REQ_CMP; + if (error == EFBIG) + ccb->ccb_h.status = CAM_REQ_TOO_BIG; + else + ccb->ccb_h.status = CAM_REQ_CMP_ERR; xpt_done(ccb); return; } @@ -2643,9 +2645,8 @@ static void agtiapi_PrepareSGListCB( void *arg, " AGTIAPI_MAX_DMA_SEGS %d\n", nsegs, AGTIAPI_MAX_DMA_SEGS ); bus_dmamap_unload(pmcsc->buffer_dmat, pccb->CCB_dmamap); - bus_dmamap_destroy(pmcsc->buffer_dmat, pccb->CCB_dmamap); agtiapi_FreeCCB(pmcsc, pccb); - ccb->ccb_h.status = CAM_REQ_CMP; + ccb->ccb_h.status = CAM_REQ_TOO_BIG; xpt_done(ccb); return; } @@ -3689,9 +3690,11 @@ static void agtiapi_PrepareSMPSGListCB( void *arg, AGTIAPI_PRINTK( "agtiapi_PrepareSMPSGListCB: error status 0x%x\n", error ); bus_dmamap_unload( pmcsc->buffer_dmat, pccb->CCB_dmamap ); - bus_dmamap_destroy( pmcsc->buffer_dmat, pccb->CCB_dmamap ); agtiapi_FreeCCB( pmcsc, pccb ); - ccb->ccb_h.status = CAM_REQ_CMP; + if (error == EFBIG) + ccb->ccb_h.status = CAM_REQ_TOO_BIG; + else + ccb->ccb_h.status = CAM_REQ_CMP_ERR; xpt_done( ccb ); return; } @@ -3703,9 +3706,8 @@ static void agtiapi_PrepareSMPSGListCB( void *arg, "AGTIAPI_MAX_DMA_SEGS %d\n", nsegs, AGTIAPI_MAX_DMA_SEGS ); bus_dmamap_unload( pmcsc->buffer_dmat, pccb->CCB_dmamap ); - bus_dmamap_destroy( pmcsc->buffer_dmat, pccb->CCB_dmamap ); agtiapi_FreeCCB( pmcsc, pccb ); - ccb->ccb_h.status = CAM_REQ_CMP; + ccb->ccb_h.status = CAM_REQ_TOO_BIG; xpt_done( ccb ); return; } @@ -4410,7 +4412,7 @@ static int agtiapi_QueueSMP(struct agtiapi_softc *pmcsc, union ccb * ccb) if ((pccb = agtiapi_GetCCB(pmcsc)) == NULL) { AGTIAPI_PRINTK("agtiapi_QueueSMP: GetCCB ERROR\n"); - ccb->ccb_h.status = CAM_REQ_CMP; + ccb->ccb_h.status = CAM_REQ_CMP_ERR; xpt_done(ccb); return tiBusy; } From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:37:46 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1BD226458C5; Wed, 26 May 2021 20:37:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2nj6q4lz4gRM; Wed, 26 May 2021 20:37:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 09AF717A0F; Wed, 26 May 2021 20:37:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKbis2054381; Wed, 26 May 2021 20:37:44 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKbiio054380; Wed, 26 May 2021 20:37:44 GMT (envelope-from git) Date: Wed, 26 May 2021 20:37:44 GMT Message-Id: <202105262037.14QKbiio054380@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: b62d492067ba - releng/13.0 - pms(4): Limit maximum I/O size to 256KB instead of 1MB. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.0 X-Git-Reftype: branch X-Git-Commit: b62d492067ba38b93200e77bca69e89a9e887eb4 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:37:46 -0000 The branch releng/13.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=b62d492067ba38b93200e77bca69e89a9e887eb4 commit b62d492067ba38b93200e77bca69e89a9e887eb4 Author: Alexander Motin AuthorDate: 2021-04-16 19:39:01 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 19:30:23 +0000 pms(4): Limit maximum I/O size to 256KB instead of 1MB. There is a weird limit of AGTIAPI_MAX_DMA_SEGS (128) S/G segments per I/O since the initial driver import. I don't know why it was added, can only guess some hardware limitation, but in worst case it means maximum I/O size of 508KB. Respect it to be safe, rounding to 256KB. Approved by: so Security: EN-21:14.pms MFC after: 1 week Sponsored by: iXsystems, Inc. (cherry picked from commit 3e347834200b5d91a33384e696793e4ac20a44d4) (cherry picked from commit 6514cb18d94e9ab46406b7077d207c8b1a551e6e) --- sys/dev/pms/freebsd/driver/ini/src/agdef.h | 2 +- sys/dev/pms/freebsd/driver/ini/src/agtiapi.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/sys/dev/pms/freebsd/driver/ini/src/agdef.h b/sys/dev/pms/freebsd/driver/ini/src/agdef.h index 4c2ba2867f5f..b58741a434c7 100644 --- a/sys/dev/pms/freebsd/driver/ini/src/agdef.h +++ b/sys/dev/pms/freebsd/driver/ini/src/agdef.h @@ -62,7 +62,7 @@ EW 09-17-2004 1.0.0 Constant definitions #define AGTIAPI_MAX_DEVICE_7H 256 /*Max devices per channel in 7H */ #define AGTIAPI_MAX_DEVICE_8H 512 /*Max devices per channel in 8H*/ #define AGTIAPI_MAX_CAM_Q_DEPTH 1024 -#define AGTIAPI_NSEGS (btoc(maxphys) + 1) +#define AGTIAPI_NSEGS (MIN(btoc(maxphys), 64) + 1) /* ** Adapter specific defines */ diff --git a/sys/dev/pms/freebsd/driver/ini/src/agtiapi.c b/sys/dev/pms/freebsd/driver/ini/src/agtiapi.c index 4ce32d0ce6c0..a2b20c9e9264 100644 --- a/sys/dev/pms/freebsd/driver/ini/src/agtiapi.c +++ b/sys/dev/pms/freebsd/driver/ini/src/agtiapi.c @@ -1834,7 +1834,7 @@ static void agtiapi_cam_action( struct cam_sim *sim, union ccb * ccb ) cpi->max_target = maxTargets - 1; cpi->max_lun = AGTIAPI_MAX_LUN; /* Max supported I/O size, in bytes. */ - cpi->maxio = ulmin(1024 * 1024, maxphys); + cpi->maxio = ctob(AGTIAPI_NSEGS - 1); cpi->initiator_id = 255; strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN); strlcpy(cpi->hba_vid, "PMC", HBA_IDLEN); From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:37:47 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D94D2645CB9; Wed, 26 May 2021 20:37:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2nk1pCfz4gZX; Wed, 26 May 2021 20:37:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0F6A417A10; Wed, 26 May 2021 20:37:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKbjGW054402; Wed, 26 May 2021 20:37:45 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKbjv5054401; Wed, 26 May 2021 20:37:45 GMT (envelope-from git) Date: Wed, 26 May 2021 20:37:45 GMT Message-Id: <202105262037.14QKbjv5054401@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 22b58630d6ba - releng/13.0 - divert: Fix mbuf ownership confusion in div_output() MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.0 X-Git-Reftype: branch X-Git-Commit: 22b58630d6ba256242a4622c70c2f68ca6892de2 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:37:47 -0000 The branch releng/13.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=22b58630d6ba256242a4622c70c2f68ca6892de2 commit 22b58630d6ba256242a4622c70c2f68ca6892de2 Author: Mark Johnston AuthorDate: 2021-05-07 18:27:58 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 19:30:51 +0000 divert: Fix mbuf ownership confusion in div_output() div_output_outbound() and div_output_inbound() relied on the caller to free the mbuf if an error occurred. However, this is contrary to the semantics of their callees, ip_output(), ip6_output() and netisr_queue_src(), which always consume the mbuf. So, if one of these functions returned an error, that would get propagated up to div_output(), resulting in a double free. Fix the problem by making div_output_outbound() and div_output_inbound() responsible for freeing the mbuf in all cases. Approved by: so Security: EN-21:12.divert Reported by: Michael Schmiedgen Tested by: Michael Schmiedgen Reviewed by: donner Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D30129 (cherry picked from commit a1fadf7de25b973a308b86d04c4ada4fa8be193f) (cherry picked from commit eafeee082c50850c2577f4fce0eaa7acb034f565) --- sys/netinet/ip_divert.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/sys/netinet/ip_divert.c b/sys/netinet/ip_divert.c index 65f1d263b5fa..6e38740fe263 100644 --- a/sys/netinet/ip_divert.c +++ b/sys/netinet/ip_divert.c @@ -392,17 +392,13 @@ div_output(struct socket *so, struct mbuf *m, struct sockaddr_in *sin, } NET_EPOCH_EXIT(et); - if (error != 0) - m_freem(m); - return (error); } /* * Sends mbuf @m to the wire via ip[6]_output(). * - * Returns 0 on success, @m is consumed. - * On failure, returns error code. It is caller responsibility to free @m. + * Returns 0 on success or an errno value on failure. @m is always consumed. */ static int div_output_outbound(int family, struct socket *so, struct mbuf *m) @@ -425,6 +421,7 @@ div_output_outbound(int family, struct socket *so, struct mbuf *m) inp->inp_options != NULL) || ((u_short)ntohs(ip->ip_len) > m->m_pkthdr.len)) { INP_RUNLOCK(inp); + m_freem(m); return (EINVAL); } break; @@ -436,6 +433,7 @@ div_output_outbound(int family, struct socket *so, struct mbuf *m) /* Don't allow packet length sizes that will crash */ if (((u_short)ntohs(ip6->ip6_plen) > m->m_pkthdr.len)) { INP_RUNLOCK(inp); + m_freem(m); return (EINVAL); } break; @@ -475,6 +473,7 @@ div_output_outbound(int family, struct socket *so, struct mbuf *m) options = m_dup(inp->inp_options, M_NOWAIT); if (options == NULL) { INP_RUNLOCK(inp); + m_freem(m); return (ENOBUFS); } } @@ -502,8 +501,7 @@ div_output_outbound(int family, struct socket *so, struct mbuf *m) /* * Schedules mbuf @m for local processing via IPv4/IPv6 netisr queue. * - * Returns 0 on success, @m is consumed. - * Returns error code on failure. It is caller responsibility to free @m. + * Returns 0 on success or an errno value on failure. @m is always consumed. */ static int div_output_inbound(int family, struct socket *so, struct mbuf *m, @@ -523,8 +521,10 @@ div_output_inbound(int family, struct socket *so, struct mbuf *m, bzero(sin->sin_zero, sizeof(sin->sin_zero)); sin->sin_port = 0; ifa = ifa_ifwithaddr((struct sockaddr *) sin); - if (ifa == NULL) + if (ifa == NULL) { + m_freem(m); return (EADDRNOTAVAIL); + } m->m_pkthdr.rcvif = ifa->ifa_ifp; } #ifdef MAC @@ -550,6 +550,7 @@ div_output_inbound(int family, struct socket *so, struct mbuf *m, break; #endif default: + m_freem(m); return (EINVAL); } From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:37:49 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 734FE645876; Wed, 26 May 2021 20:37:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2nm1Jdhz4gqn; Wed, 26 May 2021 20:37:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5964417731; Wed, 26 May 2021 20:37:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKblY7054423; Wed, 26 May 2021 20:37:47 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKbl1O054422; Wed, 26 May 2021 20:37:47 GMT (envelope-from git) Date: Wed, 26 May 2021 20:37:47 GMT Message-Id: <202105262037.14QKbl1O054422@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: c69096577383 - releng/13.0 - amd64: clear PSL.AC in the right frame MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.0 X-Git-Reftype: branch X-Git-Commit: c690965773831b46f84a242b417372fc499302b4 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:37:49 -0000 The branch releng/13.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=c690965773831b46f84a242b417372fc499302b4 commit c690965773831b46f84a242b417372fc499302b4 Author: Konstantin Belousov AuthorDate: 2021-05-22 19:48:36 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 19:31:22 +0000 amd64: clear PSL.AC in the right frame If copyin family of routines fault, kernel does clear PSL.AC on the fault entry, but the AC flag of the faulted frame is kept intact. Since onfault handler is effectively jump, AC survives until syscall exit. Approved by: so Security: FreeBSD-SA-21:11.smap Security: CVE-2021-29628 Reported by: m00nbsd, via Sony Reviewed by: markj Sponsored by: The FreeBSD Foundation admbugs: 975 (cherry picked from commit 91aae953cb807d6fb7a70782b323bf9beb60d7c9) (cherry picked from commit 6bbde34ae6088285af9d1cc587249c3e7a0159a9) --- sys/amd64/amd64/support.S | 18 ++++++++++++------ sys/amd64/linux/linux_support.s | 5 ++++- sys/amd64/linux32/linux32_support.s | 5 ++++- 3 files changed, 20 insertions(+), 8 deletions(-) diff --git a/sys/amd64/amd64/support.S b/sys/amd64/amd64/support.S index b623fba277db..7963071303b7 100644 --- a/sys/amd64/amd64/support.S +++ b/sys/amd64/amd64/support.S @@ -853,9 +853,11 @@ ENTRY(copyin_smap_erms) END(copyin_smap_erms) ALIGN_TEXT - /* Trap entry clears PSL.AC */ copy_fault: - movq $0,PCB_ONFAULT(%r11) + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movq $0,PCB_ONFAULT(%r11) movl $EFAULT,%eax POP_FRAME_POINTER ret @@ -1292,9 +1294,11 @@ ENTRY(subyte_smap) END(subyte_smap) ALIGN_TEXT - /* Fault entry clears PSL.AC */ fusufault: - movq PCPU(CURPCB),%rcx + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movq PCPU(CURPCB),%rcx xorl %eax,%eax movq %rax,PCB_ONFAULT(%rcx) decq %rax @@ -1377,8 +1381,10 @@ ENTRY(copyinstr_smap) END(copyinstr_smap) cpystrflt: - /* Fault entry clears PSL.AC */ - movl $EFAULT,%eax + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movl $EFAULT,%eax cpystrflt_x: /* set *lencopied and return %eax */ movq $0,PCB_ONFAULT(%r9) diff --git a/sys/amd64/linux/linux_support.s b/sys/amd64/linux/linux_support.s index 391f76414f22..2de778e151bf 100644 --- a/sys/amd64/linux/linux_support.s +++ b/sys/amd64/linux/linux_support.s @@ -34,7 +34,10 @@ #include "assym.inc" futex_fault: - movq $0,PCB_ONFAULT(%r8) + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movq $0,PCB_ONFAULT(%r8) movl $-EFAULT,%eax ret diff --git a/sys/amd64/linux32/linux32_support.s b/sys/amd64/linux32/linux32_support.s index 981bba9f5821..7ff3e2293f6e 100644 --- a/sys/amd64/linux32/linux32_support.s +++ b/sys/amd64/linux32/linux32_support.s @@ -34,7 +34,10 @@ #include "assym.inc" futex_fault: - movq $0,PCB_ONFAULT(%r8) + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movq $0,PCB_ONFAULT(%r8) movl $-EFAULT,%eax ret From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:37:51 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0DE0B645CCA; Wed, 26 May 2021 20:37:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2np5DPmz4gny; Wed, 26 May 2021 20:37:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8D14117A11; Wed, 26 May 2021 20:37:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKbn5m054465; Wed, 26 May 2021 20:37:49 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKbnl5054464; Wed, 26 May 2021 20:37:49 GMT (envelope-from git) Date: Wed, 26 May 2021 20:37:49 GMT Message-Id: <202105262037.14QKbnl5054464@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 6fe25201ea62 - releng/13.0 - virtio_pci_legacy: Use the table BAR and PBA BAR from MSI-X cap MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.0 X-Git-Reftype: branch X-Git-Commit: 6fe25201ea624180130c08590e0566fc9e238570 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:37:51 -0000 The branch releng/13.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=6fe25201ea624180130c08590e0566fc9e238570 commit 6fe25201ea624180130c08590e0566fc9e238570 Author: Ka Ho Ng AuthorDate: 2021-03-20 07:40:52 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 20:32:40 +0000 virtio_pci_legacy: Use the table BAR and PBA BAR from MSI-X cap The MSI-X resource shouldn't be assumed to be always on BAR1. The Virtio v1.1 Spec did not specify that MSI-X table and PBA BAR has to be BAR1 either. Approved by: so Security: EN-21:15.virtio Reported by: Yuan Rui Reviewed by: bryanv, jhb Approved by: philip (mentor) Differential Revision: https://reviews.freebsd.org/D28817 (cherry picked from commit faf9a4e9142a02c289ee543a6091bd4b925c6a63) (cherry picked from commit 98740ead97c60caca1d7cb3e996108c75f499beb) --- sys/dev/virtio/pci/virtio_pci_legacy.c | 74 +++++++++++++++++++++++++++------- 1 file changed, 60 insertions(+), 14 deletions(-) diff --git a/sys/dev/virtio/pci/virtio_pci_legacy.c b/sys/dev/virtio/pci/virtio_pci_legacy.c index 22e369097e2e..d74983099110 100644 --- a/sys/dev/virtio/pci/virtio_pci_legacy.c +++ b/sys/dev/virtio/pci/virtio_pci_legacy.c @@ -60,7 +60,8 @@ struct vtpci_legacy_softc { device_t vtpci_dev; struct vtpci_common vtpci_common; struct resource *vtpci_res; - struct resource *vtpci_msix_res; + struct resource *vtpci_msix_table_res; + struct resource *vtpci_msix_pba_res; }; static int vtpci_legacy_probe(device_t); @@ -97,6 +98,8 @@ static void vtpci_legacy_notify_vq(device_t, uint16_t, bus_size_t); static void vtpci_legacy_read_dev_config(device_t, bus_size_t, void *, int); static void vtpci_legacy_write_dev_config(device_t, bus_size_t, void *, int); +static bool vtpci_legacy_setup_msix(struct vtpci_legacy_softc *sc); +static void vtpci_legacy_teardown_msix(struct vtpci_legacy_softc *sc); static int vtpci_legacy_alloc_resources(struct vtpci_legacy_softc *); static void vtpci_legacy_free_resources(struct vtpci_legacy_softc *); @@ -232,6 +235,13 @@ vtpci_legacy_attach(device_t dev) return (error); } + if (vtpci_is_msix_available(&sc->vtpci_common) && + !vtpci_legacy_setup_msix(sc)) { + device_printf(dev, "cannot setup MSI-x resources\n"); + error = ENXIO; + goto fail; + } + vtpci_legacy_reset(sc); /* Tell the host we've noticed this device. */ @@ -265,6 +275,7 @@ vtpci_legacy_detach(device_t dev) return (error); vtpci_legacy_reset(sc); + vtpci_legacy_teardown_msix(sc); vtpci_legacy_free_resources(sc); return (0); @@ -539,6 +550,54 @@ vtpci_legacy_write_dev_config(device_t dev, bus_size_t offset, } } +static bool +vtpci_legacy_setup_msix(struct vtpci_legacy_softc *sc) +{ + device_t dev; + int rid, table_rid; + + dev = sc->vtpci_dev; + + rid = table_rid = pci_msix_table_bar(dev); + if (rid != PCIR_BAR(0)) { + sc->vtpci_msix_table_res = bus_alloc_resource_any( + dev, SYS_RES_MEMORY, &rid, RF_ACTIVE); + if (sc->vtpci_msix_table_res == NULL) + return (false); + } + + rid = pci_msix_pba_bar(dev); + if (rid != table_rid && rid != PCIR_BAR(0)) { + sc->vtpci_msix_pba_res = bus_alloc_resource_any( + dev, SYS_RES_MEMORY, &rid, RF_ACTIVE); + if (sc->vtpci_msix_pba_res == NULL) + return (false); + } + + return (true); +} + +static void +vtpci_legacy_teardown_msix(struct vtpci_legacy_softc *sc) +{ + device_t dev; + + dev = sc->vtpci_dev; + + if (sc->vtpci_msix_pba_res != NULL) { + bus_release_resource(dev, SYS_RES_MEMORY, + rman_get_rid(sc->vtpci_msix_pba_res), + sc->vtpci_msix_pba_res); + sc->vtpci_msix_pba_res = NULL; + } + if (sc->vtpci_msix_table_res != NULL) { + bus_release_resource(dev, SYS_RES_MEMORY, + rman_get_rid(sc->vtpci_msix_table_res), + sc->vtpci_msix_table_res); + sc->vtpci_msix_table_res = NULL; + } +} + static int vtpci_legacy_alloc_resources(struct vtpci_legacy_softc *sc) { @@ -552,13 +611,6 @@ vtpci_legacy_alloc_resources(struct vtpci_legacy_softc *sc) &rid, RF_ACTIVE)) == NULL) return (ENXIO); - if (vtpci_is_msix_available(&sc->vtpci_common)) { - rid = PCIR_BAR(1); - if ((sc->vtpci_msix_res = bus_alloc_resource_any(dev, - SYS_RES_MEMORY, &rid, RF_ACTIVE)) == NULL) - return (ENXIO); - } - return (0); } @@ -569,12 +621,6 @@ vtpci_legacy_free_resources(struct vtpci_legacy_softc *sc) dev = sc->vtpci_dev; - if (sc->vtpci_msix_res != NULL) { - bus_release_resource(dev, SYS_RES_MEMORY, PCIR_BAR(1), - sc->vtpci_msix_res); - sc->vtpci_msix_res = NULL; - } - if (sc->vtpci_res != NULL) { bus_release_resource(dev, SYS_RES_IOPORT, PCIR_BAR(0), sc->vtpci_res); From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:37:49 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id F19CF645CC8; Wed, 26 May 2021 20:37:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2nm63TXz4gg6; Wed, 26 May 2021 20:37:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 635E4174F4; Wed, 26 May 2021 20:37:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKbmZR054444; Wed, 26 May 2021 20:37:48 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKbmZD054443; Wed, 26 May 2021 20:37:48 GMT (envelope-from git) Date: Wed, 26 May 2021 20:37:48 GMT Message-Id: <202105262037.14QKbmZD054443@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: f32130a1955e - releng/13.0 - amd64/linux*: add required header to get the constant value MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.0 X-Git-Reftype: branch X-Git-Commit: f32130a1955e40476fc3c15e4d32e80e32b7c42c Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:37:50 -0000 The branch releng/13.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=f32130a1955e40476fc3c15e4d32e80e32b7c42c commit f32130a1955e40476fc3c15e4d32e80e32b7c42c Author: Konstantin Belousov AuthorDate: 2021-05-25 22:19:44 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 19:31:50 +0000 amd64/linux*: add required header to get the constant value Otherwise asm silently interpret it as the external global symbol. Approved by: so Security: FreeBSD-SA-21:11.smap Security: CVE-2021-29628 Reported by: bz Sponsored by: The FreeBSD Foundation Fixes: 91aae953cb80 (cherry picked from commit a59f0285377aa3d61cccda64e9ade126ecb3d2d9) (cherry picked from commit 876ffe28796c4a81fbedcdaa4d7e4527cd1c79c5) --- sys/amd64/linux/linux_support.s | 1 + sys/amd64/linux32/linux32_support.s | 1 + 2 files changed, 2 insertions(+) diff --git a/sys/amd64/linux/linux_support.s b/sys/amd64/linux/linux_support.s index 2de778e151bf..4826cbed0ef2 100644 --- a/sys/amd64/linux/linux_support.s +++ b/sys/amd64/linux/linux_support.s @@ -30,6 +30,7 @@ #include "linux_assym.h" /* system definitions */ #include /* miscellaneous asm macros */ +#include #include "assym.inc" diff --git a/sys/amd64/linux32/linux32_support.s b/sys/amd64/linux32/linux32_support.s index 7ff3e2293f6e..e035b4f156b4 100644 --- a/sys/amd64/linux32/linux32_support.s +++ b/sys/amd64/linux32/linux32_support.s @@ -30,6 +30,7 @@ #include "linux32_assym.h" /* system definitions */ #include /* miscellaneous asm macros */ +#include #include "assym.inc" From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:37:52 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D5B32645D9B; Wed, 26 May 2021 20:37:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2np6ttKz4gqs; Wed, 26 May 2021 20:37:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A3F9B17A12; Wed, 26 May 2021 20:37:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKboL4054492; Wed, 26 May 2021 20:37:50 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKboQI054491; Wed, 26 May 2021 20:37:50 GMT (envelope-from git) Date: Wed, 26 May 2021 20:37:50 GMT Message-Id: <202105262037.14QKboQI054491@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 61acb3179a90 - releng/13.0 - virtio_pci_legacy: Allow memory space for configuration MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.0 X-Git-Reftype: branch X-Git-Commit: 61acb3179a90a93ecb2fe9230986069712f918df Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:37:52 -0000 The branch releng/13.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=61acb3179a90a93ecb2fe9230986069712f918df commit 61acb3179a90a93ecb2fe9230986069712f918df Author: Ka Ho Ng AuthorDate: 2021-03-20 07:40:55 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 20:32:40 +0000 virtio_pci_legacy: Allow memory space for configuration For guests running under some kind of VMMs, configuration structure is available in memory space but not I/O space. Approved by: so Security: EN-21:15.virtio Reported by: Yuan Rui Reviewed by: rpokala, bryanv, jhb Approved by: philip (mentor) Differential Revision: https://reviews.freebsd.org/D28818 (cherry picked from commit cf5d1112408ddef3fdff8212599727c49ba90fa4) (cherry picked from commit 2e107638eac2a721bc024314ae79d4688edfc130) --- sys/dev/virtio/pci/virtio_pci_legacy.c | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/sys/dev/virtio/pci/virtio_pci_legacy.c b/sys/dev/virtio/pci/virtio_pci_legacy.c index d74983099110..a17dd22aa953 100644 --- a/sys/dev/virtio/pci/virtio_pci_legacy.c +++ b/sys/dev/virtio/pci/virtio_pci_legacy.c @@ -59,6 +59,7 @@ __FBSDID("$FreeBSD$"); struct vtpci_legacy_softc { device_t vtpci_dev; struct vtpci_common vtpci_common; + int vtpci_res_type; struct resource *vtpci_res; struct resource *vtpci_msix_table_res; struct resource *vtpci_msix_pba_res; @@ -231,7 +232,7 @@ vtpci_legacy_attach(device_t dev) error = vtpci_legacy_alloc_resources(sc); if (error) { - device_printf(dev, "cannot map I/O space\n"); + device_printf(dev, "cannot map I/O space nor memory space\n"); return (error); } @@ -601,14 +602,25 @@ vtpci_legacy_teardown_msix(struct vtpci_legacy_softc *sc) static int vtpci_legacy_alloc_resources(struct vtpci_legacy_softc *sc) { + const int res_types[] = { SYS_RES_IOPORT, SYS_RES_MEMORY }; device_t dev; - int rid; + int rid, i; dev = sc->vtpci_dev; - rid = PCIR_BAR(0); - if ((sc->vtpci_res = bus_alloc_resource_any(dev, SYS_RES_IOPORT, - &rid, RF_ACTIVE)) == NULL) + /* + * Most hypervisors export the common configuration structure in IO + * space, but some use memory space; try both. + */ + for (i = 0; nitems(res_types); i++) { + rid = PCIR_BAR(0); + sc->vtpci_res_type = res_types[i]; + sc->vtpci_res = bus_alloc_resource_any(dev, res_types[i], &rid, + RF_ACTIVE); + if (sc->vtpci_res != NULL) + break; + } + if (sc->vtpci_res == NULL) return (ENXIO); return (0); @@ -622,7 +634,7 @@ vtpci_legacy_free_resources(struct vtpci_legacy_softc *sc) dev = sc->vtpci_dev; if (sc->vtpci_res != NULL) { - bus_release_resource(dev, SYS_RES_IOPORT, PCIR_BAR(0), + bus_release_resource(dev, sc->vtpci_res_type, PCIR_BAR(0), sc->vtpci_res); sc->vtpci_res = NULL; } From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:37:56 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4AC79645D9C; Wed, 26 May 2021 20:37:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2nt41Gdz4gZv; Wed, 26 May 2021 20:37:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1483E174F5; Wed, 26 May 2021 20:37:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKbrOX054561; Wed, 26 May 2021 20:37:53 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKbrPS054560; Wed, 26 May 2021 20:37:53 GMT (envelope-from git) Date: Wed, 26 May 2021 20:37:53 GMT Message-Id: <202105262037.14QKbrPS054560@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 8023e729a521 - releng/13.0 - Add UPDATING entries and bump version MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.0 X-Git-Reftype: branch X-Git-Commit: 8023e729a52192f89e539de760df194a70a91fda Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:37:57 -0000 The branch releng/13.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=8023e729a52192f89e539de760df194a70a91fda commit 8023e729a52192f89e539de760df194a70a91fda Author: Mark Johnston AuthorDate: 2021-05-26 20:23:45 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 20:36:52 +0000 Add UPDATING entries and bump version Approved by: so --- UPDATING | 23 +++++++++++++++++++++++ sys/conf/newvers.sh | 2 +- 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/UPDATING b/UPDATING index 0e6c4df32190..fe5eef74243c 100644 --- a/UPDATING +++ b/UPDATING @@ -11,6 +11,29 @@ handbook: Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before running portupgrade. +20210526: + 13.0-RELEASE-p1 FreeBSD-EN-21:12.divert + FreeBSD-EN-21:13.mpt + FreeBSD-EN-21:14.pms + FreeBSD-EN-21:15.virtio + FreeBSD-EN-21:16.bc + FreeBSD-SA-21:11.smap + FreeBSD-SA-21:12.libradius + + Kernel double free when transmitting on a divert socket [FreeBSD-EN-21:12.divert] + + mpt(4) I/O errors with a large maxphys value [FreeBSD-EN-21:13.mpt] + + pms(4) data corruption [FreeBSD-EN-21:14.pms] + + virtio(4) device probing fails [FreeBSD-EN-21:15.virtio] + + dc update [FreeBSD-EN-21:16.bc] + + SMAP bypass [FreeBSD-SA-21:11.smap] + + Missing message validation in libradius(3) [FreeBSD-SA-21:12.libradius] + 20210413: 13.0-RELEASE. diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index 306e11fda092..e763d92f274c 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -54,7 +54,7 @@ TYPE="FreeBSD" REVISION="13.0" -BRANCH="RELEASE" +BRANCH="RELEASE-p1" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:37:53 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 075E96458D2; Wed, 26 May 2021 20:37:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2nr29Rgz4gRS; Wed, 26 May 2021 20:37:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D36991799A; Wed, 26 May 2021 20:37:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKbpSv054513; Wed, 26 May 2021 20:37:51 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKbpOF054512; Wed, 26 May 2021 20:37:51 GMT (envelope-from git) Date: Wed, 26 May 2021 20:37:51 GMT Message-Id: <202105262037.14QKbpOF054512@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 312510880e2e - releng/13.0 - bc: Fix stack handling in the "P" command implementation MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.0 X-Git-Reftype: branch X-Git-Commit: 312510880e2e638a1fe68771c40392f4237582f3 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:37:53 -0000 The branch releng/13.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=312510880e2e638a1fe68771c40392f4237582f3 commit 312510880e2e638a1fe68771c40392f4237582f3 Author: Mark Johnston AuthorDate: 2021-05-26 20:11:57 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 20:32:40 +0000 bc: Fix stack handling in the "P" command implementation Approved by: so Security: EN-21:16.bc Submitted by: se --- contrib/bc/src/program.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/contrib/bc/src/program.c b/contrib/bc/src/program.c index d4e386d4ac1b..14a886d0daa3 100644 --- a/contrib/bc/src/program.c +++ b/contrib/bc/src/program.c @@ -1440,6 +1440,8 @@ static void bc_program_printStream(BcProgram *p) { size_t idx = (r->t == BC_RESULT_STR) ? r->d.loc.loc : n->scale; bc_program_printChars(*((char**) bc_vec_item(p->strs, idx))); } + + bc_vec_pop(&p->results); } static void bc_program_nquit(BcProgram *p, uchar inst) { From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:37:54 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E22226458D5; Wed, 26 May 2021 20:37:54 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2ns5MS2z4gRZ; Wed, 26 May 2021 20:37:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 111831781B; Wed, 26 May 2021 20:37:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKbqox054536; Wed, 26 May 2021 20:37:52 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKbqZH054535; Wed, 26 May 2021 20:37:52 GMT (envelope-from git) Date: Wed, 26 May 2021 20:37:52 GMT Message-Id: <202105262037.14QKbqZH054535@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 7d900abe6269 - releng/13.0 - libradius: Fix input validation bugs MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.0 X-Git-Reftype: branch X-Git-Commit: 7d900abe6269af09d63746ceebe008e49454535e Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:37:55 -0000 The branch releng/13.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=7d900abe6269af09d63746ceebe008e49454535e commit 7d900abe6269af09d63746ceebe008e49454535e Author: Mark Johnston AuthorDate: 2021-05-25 17:59:09 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 20:36:29 +0000 libradius: Fix input validation bugs Approved by: so Security: FreeBSD-SA-21:12.libradius Security: CVE-2021-29629 Sponsored by: The FreeBSD Foundation (cherry picked from commit 8d5c7813061dfa0b187500dfe3aeea7a28181c13) (cherry picked from commit bec0d2c9c8413707b0fff8e65fb96aa53f149be3) --- lib/libradius/radlib.c | 54 ++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 39 insertions(+), 15 deletions(-) diff --git a/lib/libradius/radlib.c b/lib/libradius/radlib.c index e01c486a1ba6..18aee8b53024 100644 --- a/lib/libradius/radlib.c +++ b/lib/libradius/radlib.c @@ -187,7 +187,7 @@ is_valid_response(struct rad_handle *h, int srv, MD5_CTX ctx; unsigned char md5[MD5_DIGEST_LENGTH]; const struct rad_server *srvp; - int len; + int alen, len; #ifdef WITH_SSL HMAC_CTX *hctx; u_char resp[MSGSIZE], md[EVP_MAX_MD_SIZE]; @@ -206,8 +206,8 @@ is_valid_response(struct rad_handle *h, int srv, /* Check the message length */ if (h->in_len < POS_ATTRS) return 0; - len = h->in[POS_LENGTH] << 8 | h->in[POS_LENGTH+1]; - if (len > h->in_len) + len = (h->in[POS_LENGTH] << 8) | h->in[POS_LENGTH + 1]; + if (len < POS_ATTRS || len > h->in_len) return 0; /* Check the response authenticator */ @@ -233,9 +233,16 @@ is_valid_response(struct rad_handle *h, int srv, /* Search and verify the Message-Authenticator */ hctx = HMAC_CTX_new(); while (pos < len - 2) { - if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) { - /* zero fill the Message-Authenticator */ + if (h->in[pos + 1] != MD5_DIGEST_LENGTH + 2) { + HMAC_CTX_free(hctx); + return 0; + } + if (len - pos < MD5_DIGEST_LENGTH + 2) { + HMAC_CTX_free(hctx); + return 0; + } + memset(&resp[pos + 2], 0, MD5_DIGEST_LENGTH); HMAC_Init_ex(hctx, srvp->secret, @@ -255,7 +262,12 @@ is_valid_response(struct rad_handle *h, int srv, } break; } - pos += h->in[pos + 1]; + alen = h->in[pos + 1]; + if (alen < 2) { + HMAC_CTX_free(hctx); + return 0; + } + pos += alen; } HMAC_CTX_free(hctx); } @@ -272,7 +284,7 @@ is_valid_request(struct rad_handle *h) MD5_CTX ctx; unsigned char md5[MD5_DIGEST_LENGTH]; const struct rad_server *srvp; - int len; + int alen, len; #ifdef WITH_SSL HMAC_CTX *hctx; u_char resp[MSGSIZE], md[EVP_MAX_MD_SIZE]; @@ -285,8 +297,8 @@ is_valid_request(struct rad_handle *h) /* Check the message length */ if (h->in_len < POS_ATTRS) return (0); - len = h->in[POS_LENGTH] << 8 | h->in[POS_LENGTH+1]; - if (len > h->in_len) + len = (h->in[POS_LENGTH] << 8) | h->in[POS_LENGTH + 1]; + if (len < POS_ATTRS || len > h->in_len) return (0); if (h->in[POS_CODE] != RAD_ACCESS_REQUEST) { @@ -307,7 +319,18 @@ is_valid_request(struct rad_handle *h) pos = POS_ATTRS; hctx = HMAC_CTX_new(); while (pos < len - 2) { + alen = h->in[pos + 1]; + if (alen < 2) + return (0); if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) { + if (len - pos < MD5_DIGEST_LENGTH + 2) { + HMAC_CTX_free(hctx); + return (0); + } + if (alen < MD5_DIGEST_LENGTH + 2) { + HMAC_CTX_free(hctx); + return (0); + } memcpy(resp, h->in, MSGSIZE); /* zero fill the Request-Authenticator */ if (h->in[POS_CODE] != RAD_ACCESS_REQUEST) @@ -327,7 +350,7 @@ is_valid_request(struct rad_handle *h) } break; } - pos += h->in[pos + 1]; + pos += alen; } HMAC_CTX_free(hctx); #endif @@ -929,9 +952,9 @@ rad_cvt_string(const void *data, size_t len) * returns -1. */ int -rad_get_attr(struct rad_handle *h, const void **value, size_t *len) +rad_get_attr(struct rad_handle *h, const void **value, size_t *lenp) { - int type; + int len, type; if (h->in_pos >= h->in_len) return 0; @@ -940,13 +963,14 @@ rad_get_attr(struct rad_handle *h, const void **value, size_t *len) return -1; } type = h->in[h->in_pos++]; - *len = h->in[h->in_pos++] - 2; - if (h->in_pos + (int)*len > h->in_len) { + len = h->in[h->in_pos++]; + if (len < 2 || h->in_pos + len > h->in_len) { generr(h, "Malformed attribute in response"); return -1; } + *lenp = len; *value = &h->in[h->in_pos]; - h->in_pos += *len; + h->in_pos += len; return type; } From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:38:07 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2E55A645F85; Wed, 26 May 2021 20:38:07 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2p66ChHz4gjD; Wed, 26 May 2021 20:38:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 04B15177A4; Wed, 26 May 2021 20:38:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKc4JU054769; Wed, 26 May 2021 20:38:04 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKc4uJ054768; Wed, 26 May 2021 20:38:04 GMT (envelope-from git) Date: Wed, 26 May 2021 20:38:04 GMT Message-Id: <202105262038.14QKc4uJ054768@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 83280d17fccf - stable/12 - libradius: Fix input validation bugs MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 83280d17fccff2db7d79c7f38e80ec29078ef35e Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:38:07 -0000 The branch stable/12 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=83280d17fccff2db7d79c7f38e80ec29078ef35e commit 83280d17fccff2db7d79c7f38e80ec29078ef35e Author: Mark Johnston AuthorDate: 2021-05-25 17:59:09 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 20:35:31 +0000 libradius: Fix input validation bugs Approved by: so Security: FreeBSD-SA-21:12.libradius Security: CVE-2021-29629 Sponsored by: The FreeBSD Foundation (cherry picked from commit 8d5c7813061dfa0b187500dfe3aeea7a28181c13) --- lib/libradius/radlib.c | 54 ++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 39 insertions(+), 15 deletions(-) diff --git a/lib/libradius/radlib.c b/lib/libradius/radlib.c index 3b6460e26f0d..a70c8c62a9e7 100644 --- a/lib/libradius/radlib.c +++ b/lib/libradius/radlib.c @@ -187,7 +187,7 @@ is_valid_response(struct rad_handle *h, int srv, MD5_CTX ctx; unsigned char md5[MD5_DIGEST_LENGTH]; const struct rad_server *srvp; - int len; + int alen, len; #ifdef WITH_SSL HMAC_CTX *hctx; u_char resp[MSGSIZE], md[EVP_MAX_MD_SIZE]; @@ -206,8 +206,8 @@ is_valid_response(struct rad_handle *h, int srv, /* Check the message length */ if (h->in_len < POS_ATTRS) return 0; - len = h->in[POS_LENGTH] << 8 | h->in[POS_LENGTH+1]; - if (len > h->in_len) + len = (h->in[POS_LENGTH] << 8) | h->in[POS_LENGTH + 1]; + if (len < POS_ATTRS || len > h->in_len) return 0; /* Check the response authenticator */ @@ -233,9 +233,16 @@ is_valid_response(struct rad_handle *h, int srv, /* Search and verify the Message-Authenticator */ hctx = HMAC_CTX_new(); while (pos < len - 2) { - if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) { - /* zero fill the Message-Authenticator */ + if (h->in[pos + 1] != MD5_DIGEST_LENGTH + 2) { + HMAC_CTX_free(hctx); + return 0; + } + if (len - pos < MD5_DIGEST_LENGTH + 2) { + HMAC_CTX_free(hctx); + return 0; + } + memset(&resp[pos + 2], 0, MD5_DIGEST_LENGTH); HMAC_Init_ex(hctx, srvp->secret, @@ -255,7 +262,12 @@ is_valid_response(struct rad_handle *h, int srv, } break; } - pos += h->in[pos + 1]; + alen = h->in[pos + 1]; + if (alen < 2) { + HMAC_CTX_free(hctx); + return 0; + } + pos += alen; } HMAC_CTX_free(hctx); } @@ -272,7 +284,7 @@ is_valid_request(struct rad_handle *h) MD5_CTX ctx; unsigned char md5[MD5_DIGEST_LENGTH]; const struct rad_server *srvp; - int len; + int alen, len; #ifdef WITH_SSL HMAC_CTX *hctx; u_char resp[MSGSIZE], md[EVP_MAX_MD_SIZE]; @@ -285,8 +297,8 @@ is_valid_request(struct rad_handle *h) /* Check the message length */ if (h->in_len < POS_ATTRS) return (0); - len = h->in[POS_LENGTH] << 8 | h->in[POS_LENGTH+1]; - if (len > h->in_len) + len = (h->in[POS_LENGTH] << 8) | h->in[POS_LENGTH + 1]; + if (len < POS_ATTRS || len > h->in_len) return (0); if (h->in[POS_CODE] != RAD_ACCESS_REQUEST) { @@ -307,7 +319,18 @@ is_valid_request(struct rad_handle *h) pos = POS_ATTRS; hctx = HMAC_CTX_new(); while (pos < len - 2) { + alen = h->in[pos + 1]; + if (alen < 2) + return (0); if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) { + if (len - pos < MD5_DIGEST_LENGTH + 2) { + HMAC_CTX_free(hctx); + return (0); + } + if (alen < MD5_DIGEST_LENGTH + 2) { + HMAC_CTX_free(hctx); + return (0); + } memcpy(resp, h->in, MSGSIZE); /* zero fill the Request-Authenticator */ if (h->in[POS_CODE] != RAD_ACCESS_REQUEST) @@ -327,7 +350,7 @@ is_valid_request(struct rad_handle *h) } break; } - pos += h->in[pos + 1]; + pos += alen; } HMAC_CTX_free(hctx); #endif @@ -929,9 +952,9 @@ rad_cvt_string(const void *data, size_t len) * returns -1. */ int -rad_get_attr(struct rad_handle *h, const void **value, size_t *len) +rad_get_attr(struct rad_handle *h, const void **value, size_t *lenp) { - int type; + int len, type; if (h->in_pos >= h->in_len) return 0; @@ -940,13 +963,14 @@ rad_get_attr(struct rad_handle *h, const void **value, size_t *len) return -1; } type = h->in[h->in_pos++]; - *len = h->in[h->in_pos++] - 2; - if (h->in_pos + (int)*len > h->in_len) { + len = h->in[h->in_pos++]; + if (len < 2 || h->in_pos + len > h->in_len) { generr(h, "Malformed attribute in response"); return -1; } + *lenp = len; *value = &h->in[h->in_pos]; - h->in_pos += *len; + h->in_pos += len; return type; } From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:38:20 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 02C78646086; Wed, 26 May 2021 20:38:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2pM6F9Kz4gdQ; Wed, 26 May 2021 20:38:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B8F8B1762E; Wed, 26 May 2021 20:38:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKcInO054932; Wed, 26 May 2021 20:38:18 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKcIc8054931; Wed, 26 May 2021 20:38:18 GMT (envelope-from git) Date: Wed, 26 May 2021 20:38:18 GMT Message-Id: <202105262038.14QKcIc8054931@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 71c7f71de578 - releng/12.2 - aesni: Avoid modifying session keys in hmac_update() MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/12.2 X-Git-Reftype: branch X-Git-Commit: 71c7f71de5789daff5bc6dedba82544fa97eec84 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:38:20 -0000 The branch releng/12.2 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=71c7f71de5789daff5bc6dedba82544fa97eec84 commit 71c7f71de5789daff5bc6dedba82544fa97eec84 Author: Mark Johnston AuthorDate: 2021-04-27 00:04:25 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 19:36:30 +0000 aesni: Avoid modifying session keys in hmac_update() Otherwise aesni_process() is not thread-safe for AES+SHA-HMAC transforms, since hmac_update() updates the caller-supplied key directly to create the derived key. Use a buffer on the stack to store a copy of the key used for computing inner and outer digests. This is a direct commit to stable/12 as the bug is not present in later branches. Approved by: so Security: EN-21:11.aesni Reviewed by: kib (cherry picked from commit 62e32cf9140e6c13663dcd69ec3b3c7ca4579782) --- sys/crypto/aesni/aesni.c | 18 ++++++++++-------- sys/crypto/aesni/aesni.h | 6 ++++-- 2 files changed, 14 insertions(+), 10 deletions(-) diff --git a/sys/crypto/aesni/aesni.c b/sys/crypto/aesni/aesni.c index 76e637861879..594aa59b7046 100644 --- a/sys/crypto/aesni/aesni.c +++ b/sys/crypto/aesni/aesni.c @@ -655,10 +655,10 @@ hmac_internal(void *ctx, uint32_t *res, { size_t i; - for (i = 0; i < 64; i++) + for (i = 0; i < AESNI_SHA_BLOCK_LEN; i++) key[i] ^= xorbyte; - update(ctx, key, 64); - for (i = 0; i < 64; i++) + update(ctx, key, AESNI_SHA_BLOCK_LEN); + for (i = 0; i < AESNI_SHA_BLOCK_LEN; i++) key[i] ^= xorbyte; crypto_apply(crpflags, __DECONST(void *, buf), off, buflen, @@ -883,6 +883,7 @@ aesni_cipher_mac(struct aesni_session *ses, struct cryptodesc *crd, struct SHA256Context sha2 __aligned(16); struct sha1_ctxt sha1 __aligned(16); } sctx; + uint8_t hmac_key[AESNI_SHA_BLOCK_LEN] __aligned(16); uint32_t res[SHA2_256_HASH_LEN / sizeof(uint32_t)]; int hashlen, error; void *ctx; @@ -946,15 +947,16 @@ aesni_cipher_mac(struct aesni_session *ses, struct cryptodesc *crd, } if (hmac) { + memcpy(hmac_key, ses->hmac_key, AESNI_SHA_BLOCK_LEN); + /* Inner hash: (K ^ IPAD) || data */ InitFn(ctx); - hmac_internal(ctx, res, UpdateFn, FinalizeFn, ses->hmac_key, - 0x36, crp->crp_buf, crd->crd_skip, crd->crd_len, - crp->crp_flags); + hmac_internal(ctx, res, UpdateFn, FinalizeFn, hmac_key, 0x36, + crp->crp_buf, crd->crd_skip, crd->crd_len, crp->crp_flags); /* Outer hash: (K ^ OPAD) || inner hash */ InitFn(ctx); - hmac_internal(ctx, res, UpdateFn, FinalizeFn, ses->hmac_key, - 0x5C, res, 0, hashlen, 0); + hmac_internal(ctx, res, UpdateFn, FinalizeFn, hmac_key, 0x5C, + res, 0, hashlen, 0); } else { InitFn(ctx); crypto_apply(crp->crp_flags, crp->crp_buf, crd->crd_skip, diff --git a/sys/crypto/aesni/aesni.h b/sys/crypto/aesni/aesni.h index eeb5b4361879..d1e7abaa6062 100644 --- a/sys/crypto/aesni/aesni.h +++ b/sys/crypto/aesni/aesni.h @@ -52,12 +52,14 @@ #define AES256_ROUNDS 14 #define AES_SCHED_LEN ((AES256_ROUNDS + 1) * AES_BLOCK_LEN) +/* SHA1, SHA2-224 and SHA2-256 only. */ +#define AESNI_SHA_BLOCK_LEN 64 + struct aesni_session { uint8_t enc_schedule[AES_SCHED_LEN] __aligned(16); uint8_t dec_schedule[AES_SCHED_LEN] __aligned(16); uint8_t xts_schedule[AES_SCHED_LEN] __aligned(16); - /* Same as the SHA256 Blocksize. */ - uint8_t hmac_key[SHA1_BLOCK_LEN] __aligned(16); + uint8_t hmac_key[AESNI_SHA_BLOCK_LEN]; int algo; int rounds; /* uint8_t *ses_ictx; */ From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:38:20 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 25D58645EB2; Wed, 26 May 2021 20:38:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2pN011tz4ggj; Wed, 26 May 2021 20:38:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C36E617A13; Wed, 26 May 2021 20:38:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKcJl5054959; Wed, 26 May 2021 20:38:19 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKcJ96054958; Wed, 26 May 2021 20:38:19 GMT (envelope-from git) Date: Wed, 26 May 2021 20:38:19 GMT Message-Id: <202105262038.14QKcJ96054958@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: bf30c74e5a2a - releng/12.2 - pms(4): Do not return CAM_REQ_CMP on errors. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/12.2 X-Git-Reftype: branch X-Git-Commit: bf30c74e5a2a3be431f16961c5ac1c9340e8e045 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:38:20 -0000 The branch releng/12.2 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=bf30c74e5a2a3be431f16961c5ac1c9340e8e045 commit bf30c74e5a2a3be431f16961c5ac1c9340e8e045 Author: Alexander Motin AuthorDate: 2021-04-16 19:16:09 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 19:37:18 +0000 pms(4): Do not return CAM_REQ_CMP on errors. It is a direct request for data corruptions, one report of which we have received. I am very surprised that only one. Approved by: so Security: EN-21:14.pms MFC after: 1 week Sponsored by: iXsystems, Inc. (cherry picked from commit 8434a65ce49bd6bc6779f0e57b0ce0f4bc46f48e) (cherry picked from commit 320fd259c69ef16e9b8d64424f66eeed8ddc3c77) --- sys/dev/pms/freebsd/driver/ini/src/agtiapi.c | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/sys/dev/pms/freebsd/driver/ini/src/agtiapi.c b/sys/dev/pms/freebsd/driver/ini/src/agtiapi.c index ef7dc19c05ce..535e60cb5bce 100644 --- a/sys/dev/pms/freebsd/driver/ini/src/agtiapi.c +++ b/sys/dev/pms/freebsd/driver/ini/src/agtiapi.c @@ -2628,9 +2628,11 @@ static void agtiapi_PrepareSGListCB( void *arg, { AGTIAPI_PRINTK("agtiapi_PrepareSGListCB: error status 0x%x\n", error); bus_dmamap_unload(pmcsc->buffer_dmat, pccb->CCB_dmamap); - bus_dmamap_destroy(pmcsc->buffer_dmat, pccb->CCB_dmamap); agtiapi_FreeCCB(pmcsc, pccb); - ccb->ccb_h.status = CAM_REQ_CMP; + if (error == EFBIG) + ccb->ccb_h.status = CAM_REQ_TOO_BIG; + else + ccb->ccb_h.status = CAM_REQ_CMP_ERR; xpt_done(ccb); return; } @@ -2642,9 +2644,8 @@ static void agtiapi_PrepareSGListCB( void *arg, " AGTIAPI_MAX_DMA_SEGS %d\n", nsegs, AGTIAPI_MAX_DMA_SEGS ); bus_dmamap_unload(pmcsc->buffer_dmat, pccb->CCB_dmamap); - bus_dmamap_destroy(pmcsc->buffer_dmat, pccb->CCB_dmamap); agtiapi_FreeCCB(pmcsc, pccb); - ccb->ccb_h.status = CAM_REQ_CMP; + ccb->ccb_h.status = CAM_REQ_TOO_BIG; xpt_done(ccb); return; } @@ -3688,9 +3689,11 @@ static void agtiapi_PrepareSMPSGListCB( void *arg, AGTIAPI_PRINTK( "agtiapi_PrepareSMPSGListCB: error status 0x%x\n", error ); bus_dmamap_unload( pmcsc->buffer_dmat, pccb->CCB_dmamap ); - bus_dmamap_destroy( pmcsc->buffer_dmat, pccb->CCB_dmamap ); agtiapi_FreeCCB( pmcsc, pccb ); - ccb->ccb_h.status = CAM_REQ_CMP; + if (error == EFBIG) + ccb->ccb_h.status = CAM_REQ_TOO_BIG; + else + ccb->ccb_h.status = CAM_REQ_CMP_ERR; xpt_done( ccb ); return; } @@ -3702,9 +3705,8 @@ static void agtiapi_PrepareSMPSGListCB( void *arg, "AGTIAPI_MAX_DMA_SEGS %d\n", nsegs, AGTIAPI_MAX_DMA_SEGS ); bus_dmamap_unload( pmcsc->buffer_dmat, pccb->CCB_dmamap ); - bus_dmamap_destroy( pmcsc->buffer_dmat, pccb->CCB_dmamap ); agtiapi_FreeCCB( pmcsc, pccb ); - ccb->ccb_h.status = CAM_REQ_CMP; + ccb->ccb_h.status = CAM_REQ_TOO_BIG; xpt_done( ccb ); return; } @@ -4409,7 +4411,7 @@ static int agtiapi_QueueSMP(struct agtiapi_softc *pmcsc, union ccb * ccb) if ((pccb = agtiapi_GetCCB(pmcsc)) == NULL) { AGTIAPI_PRINTK("agtiapi_QueueSMP: GetCCB ERROR\n"); - ccb->ccb_h.status = CAM_REQ_CMP; + ccb->ccb_h.status = CAM_REQ_CMP_ERR; xpt_done(ccb); return tiBusy; } From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:38:25 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 125876458EA; Wed, 26 May 2021 20:38:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2pS58BPz4grk; Wed, 26 May 2021 20:38:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 28A6D177A5; Wed, 26 May 2021 20:38:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKcLq2055002; Wed, 26 May 2021 20:38:21 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKcLj4055001; Wed, 26 May 2021 20:38:21 GMT (envelope-from git) Date: Wed, 26 May 2021 20:38:21 GMT Message-Id: <202105262038.14QKcLj4055001@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: bc74f783f9af - releng/12.2 - amd64/linux*: add required header to get the constant value MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/12.2 X-Git-Reftype: branch X-Git-Commit: bc74f783f9af4ae611abeb79533a18c274b87005 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:38:26 -0000 The branch releng/12.2 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=bc74f783f9af4ae611abeb79533a18c274b87005 commit bc74f783f9af4ae611abeb79533a18c274b87005 Author: Konstantin Belousov AuthorDate: 2021-05-25 22:19:44 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 19:38:41 +0000 amd64/linux*: add required header to get the constant value Otherwise asm silently interpret it as the external global symbol. Approved by: so Security: FreeBSD-SA-21:11.smap Security: CVE-2021-29628 Reported by: bz Sponsored by: The FreeBSD Foundation Fixes: 91aae953cb80 (cherry picked from commit a59f0285377aa3d61cccda64e9ade126ecb3d2d9) (cherry picked from commit b25bb77861640456a77fbf6f34cac4a3b69f0e5f) --- sys/amd64/linux/linux_support.s | 1 + sys/amd64/linux32/linux32_support.s | 1 + 2 files changed, 2 insertions(+) diff --git a/sys/amd64/linux/linux_support.s b/sys/amd64/linux/linux_support.s index 2de778e151bf..4826cbed0ef2 100644 --- a/sys/amd64/linux/linux_support.s +++ b/sys/amd64/linux/linux_support.s @@ -30,6 +30,7 @@ #include "linux_assym.h" /* system definitions */ #include /* miscellaneous asm macros */ +#include #include "assym.inc" diff --git a/sys/amd64/linux32/linux32_support.s b/sys/amd64/linux32/linux32_support.s index 7ff3e2293f6e..e035b4f156b4 100644 --- a/sys/amd64/linux32/linux32_support.s +++ b/sys/amd64/linux32/linux32_support.s @@ -30,6 +30,7 @@ #include "linux32_assym.h" /* system definitions */ #include /* miscellaneous asm macros */ +#include #include "assym.inc" From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:38:26 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C9D6A645DC8; Wed, 26 May 2021 20:38:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2pS6jbFz4grm; Wed, 26 May 2021 20:38:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 56173177A6; Wed, 26 May 2021 20:38:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKcO5W055044; Wed, 26 May 2021 20:38:24 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKcOGU055043; Wed, 26 May 2021 20:38:24 GMT (envelope-from git) Date: Wed, 26 May 2021 20:38:24 GMT Message-Id: <202105262038.14QKcOGU055043@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: f5ddeabc08e7 - releng/12.2 - Add UPDATING entries and bump version MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/12.2 X-Git-Reftype: branch X-Git-Commit: f5ddeabc08e7f8a1c371dc1803c02d4a415817f1 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:38:26 -0000 The branch releng/12.2 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=f5ddeabc08e7f8a1c371dc1803c02d4a415817f1 commit f5ddeabc08e7f8a1c371dc1803c02d4a415817f1 Author: Mark Johnston AuthorDate: 2021-05-26 20:23:58 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 20:36:18 +0000 Add UPDATING entries and bump version Approved by: so --- UPDATING | 13 +++++++++++++ sys/conf/newvers.sh | 2 +- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/UPDATING b/UPDATING index 898bd853fe9a..d4d236cb8395 100644 --- a/UPDATING +++ b/UPDATING @@ -16,6 +16,19 @@ from older versions of FreeBSD, try WITHOUT_CLANG and WITH_GCC to bootstrap to the tip of head, and then rebuild without this option. The bootstrap process from older version of current across the gcc/clang cutover is a bit fragile. +20210526: p7 FreeBSD-EN-21:11.aesni + FreeBSD-EN-21:14.pms + FreeBSD-SA-21:11.smap + FreeBSD-SA-21:12.libradius + + Race condition in aesni(4) encrypt-then-auth operations [FreeBSD-EN-21:11.aesni] + + pms(4) data corruption [FreeBSD-EN-21:14.pms] + + SMAP bypass [FreeBSD-SA-21:11.smap] + + Missing message validation in libradius(3) [FreeBSD-SA-21:12.libradius] + 20210406: p6 FreeBSD-EN-21:09.pf FreeBSD-EN-21:10.lldb FreeBSD-SA-21:08.vm diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index 51990433f5e6..db48e3ee749b 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -49,7 +49,7 @@ TYPE="FreeBSD" REVISION="12.2" -BRANCH="RELEASE-p6" +BRANCH="RELEASE-p7" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:38:25 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0E1D1645E56; Wed, 26 May 2021 20:38:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2pR0KRjz4gtx; Wed, 26 May 2021 20:38:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DFA4A175D2; Wed, 26 May 2021 20:38:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKcK5I054981; Wed, 26 May 2021 20:38:20 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKcKto054980; Wed, 26 May 2021 20:38:20 GMT (envelope-from git) Date: Wed, 26 May 2021 20:38:20 GMT Message-Id: <202105262038.14QKcKto054980@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: bb4435255df5 - releng/12.2 - amd64: clear PSL.AC in the right frame MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/12.2 X-Git-Reftype: branch X-Git-Commit: bb4435255df53118082b3567db6da100962b3822 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:38:25 -0000 The branch releng/12.2 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=bb4435255df53118082b3567db6da100962b3822 commit bb4435255df53118082b3567db6da100962b3822 Author: Konstantin Belousov AuthorDate: 2021-05-22 19:48:36 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 19:38:13 +0000 amd64: clear PSL.AC in the right frame If copyin family of routines fault, kernel does clear PSL.AC on the fault entry, but the AC flag of the faulted frame is kept intact. Since onfault handler is effectively jump, AC survives until syscall exit. Approved by: so Security: FreeBSD-SA-21:11.smap Security: CVE-2021-29628 Reported by: m00nbsd, via Sony Reviewed by: markj Sponsored by: The FreeBSD Foundation admbugs: 975 (cherry picked from commit 91aae953cb807d6fb7a70782b323bf9beb60d7c9) (cherry picked from commit 4590f0345956329d414611c6cee300f486732b53) --- sys/amd64/amd64/support.S | 18 ++++++++++++------ sys/amd64/linux/linux_support.s | 5 ++++- sys/amd64/linux32/linux32_support.s | 5 ++++- 3 files changed, 20 insertions(+), 8 deletions(-) diff --git a/sys/amd64/amd64/support.S b/sys/amd64/amd64/support.S index f4d3f5c124c5..023ca66f0883 100644 --- a/sys/amd64/amd64/support.S +++ b/sys/amd64/amd64/support.S @@ -868,9 +868,11 @@ ENTRY(copyin_smap_erms) END(copyin_smap_erms) ALIGN_TEXT - /* Trap entry clears PSL.AC */ copy_fault: - movq $0,PCB_ONFAULT(%r11) + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movq $0,PCB_ONFAULT(%r11) movl $EFAULT,%eax POP_FRAME_POINTER ret @@ -1311,9 +1313,11 @@ ENTRY(subyte_smap) END(subyte_smap) ALIGN_TEXT - /* Fault entry clears PSL.AC */ fusufault: - movq PCPU(CURPCB),%rcx + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movq PCPU(CURPCB),%rcx xorl %eax,%eax movq %rax,PCB_ONFAULT(%rcx) decq %rax @@ -1396,8 +1400,10 @@ ENTRY(copyinstr_smap) END(copyinstr_smap) cpystrflt: - /* Fault entry clears PSL.AC */ - movl $EFAULT,%eax + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movl $EFAULT,%eax cpystrflt_x: /* set *lencopied and return %eax */ movq $0,PCB_ONFAULT(%r9) diff --git a/sys/amd64/linux/linux_support.s b/sys/amd64/linux/linux_support.s index 391f76414f22..2de778e151bf 100644 --- a/sys/amd64/linux/linux_support.s +++ b/sys/amd64/linux/linux_support.s @@ -34,7 +34,10 @@ #include "assym.inc" futex_fault: - movq $0,PCB_ONFAULT(%r8) + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movq $0,PCB_ONFAULT(%r8) movl $-EFAULT,%eax ret diff --git a/sys/amd64/linux32/linux32_support.s b/sys/amd64/linux32/linux32_support.s index 981bba9f5821..7ff3e2293f6e 100644 --- a/sys/amd64/linux32/linux32_support.s +++ b/sys/amd64/linux32/linux32_support.s @@ -34,7 +34,10 @@ #include "assym.inc" futex_fault: - movq $0,PCB_ONFAULT(%r8) + testl $CPUID_STDEXT_SMAP,cpu_stdext_feature(%rip) + je 1f + clac +1: movq $0,PCB_ONFAULT(%r8) movl $-EFAULT,%eax ret From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:38:25 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5EA9B645DC6; Wed, 26 May 2021 20:38:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2pS5Mg2z4gps; Wed, 26 May 2021 20:38:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 41AAD174F7; Wed, 26 May 2021 20:38:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKcNxo055023; Wed, 26 May 2021 20:38:23 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKcNO9055022; Wed, 26 May 2021 20:38:23 GMT (envelope-from git) Date: Wed, 26 May 2021 20:38:23 GMT Message-Id: <202105262038.14QKcNO9055022@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 92c9af72676d - releng/12.2 - libradius: Fix input validation bugs MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/12.2 X-Git-Reftype: branch X-Git-Commit: 92c9af72676dba7eddac1172d48b150718e60cc4 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:38:26 -0000 The branch releng/12.2 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=92c9af72676dba7eddac1172d48b150718e60cc4 commit 92c9af72676dba7eddac1172d48b150718e60cc4 Author: Mark Johnston AuthorDate: 2021-05-25 17:59:09 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 20:36:03 +0000 libradius: Fix input validation bugs Approved by: so Security: FreeBSD-SA-21:12.libradius Security: CVE-2021-29629 Sponsored by: The FreeBSD Foundation (cherry picked from commit 8d5c7813061dfa0b187500dfe3aeea7a28181c13) (cherry picked from commit 83280d17fccff2db7d79c7f38e80ec29078ef35e) --- lib/libradius/radlib.c | 54 ++++++++++++++++++++++++++++++++++++-------------- 1 file changed, 39 insertions(+), 15 deletions(-) diff --git a/lib/libradius/radlib.c b/lib/libradius/radlib.c index 3b6460e26f0d..a70c8c62a9e7 100644 --- a/lib/libradius/radlib.c +++ b/lib/libradius/radlib.c @@ -187,7 +187,7 @@ is_valid_response(struct rad_handle *h, int srv, MD5_CTX ctx; unsigned char md5[MD5_DIGEST_LENGTH]; const struct rad_server *srvp; - int len; + int alen, len; #ifdef WITH_SSL HMAC_CTX *hctx; u_char resp[MSGSIZE], md[EVP_MAX_MD_SIZE]; @@ -206,8 +206,8 @@ is_valid_response(struct rad_handle *h, int srv, /* Check the message length */ if (h->in_len < POS_ATTRS) return 0; - len = h->in[POS_LENGTH] << 8 | h->in[POS_LENGTH+1]; - if (len > h->in_len) + len = (h->in[POS_LENGTH] << 8) | h->in[POS_LENGTH + 1]; + if (len < POS_ATTRS || len > h->in_len) return 0; /* Check the response authenticator */ @@ -233,9 +233,16 @@ is_valid_response(struct rad_handle *h, int srv, /* Search and verify the Message-Authenticator */ hctx = HMAC_CTX_new(); while (pos < len - 2) { - if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) { - /* zero fill the Message-Authenticator */ + if (h->in[pos + 1] != MD5_DIGEST_LENGTH + 2) { + HMAC_CTX_free(hctx); + return 0; + } + if (len - pos < MD5_DIGEST_LENGTH + 2) { + HMAC_CTX_free(hctx); + return 0; + } + memset(&resp[pos + 2], 0, MD5_DIGEST_LENGTH); HMAC_Init_ex(hctx, srvp->secret, @@ -255,7 +262,12 @@ is_valid_response(struct rad_handle *h, int srv, } break; } - pos += h->in[pos + 1]; + alen = h->in[pos + 1]; + if (alen < 2) { + HMAC_CTX_free(hctx); + return 0; + } + pos += alen; } HMAC_CTX_free(hctx); } @@ -272,7 +284,7 @@ is_valid_request(struct rad_handle *h) MD5_CTX ctx; unsigned char md5[MD5_DIGEST_LENGTH]; const struct rad_server *srvp; - int len; + int alen, len; #ifdef WITH_SSL HMAC_CTX *hctx; u_char resp[MSGSIZE], md[EVP_MAX_MD_SIZE]; @@ -285,8 +297,8 @@ is_valid_request(struct rad_handle *h) /* Check the message length */ if (h->in_len < POS_ATTRS) return (0); - len = h->in[POS_LENGTH] << 8 | h->in[POS_LENGTH+1]; - if (len > h->in_len) + len = (h->in[POS_LENGTH] << 8) | h->in[POS_LENGTH + 1]; + if (len < POS_ATTRS || len > h->in_len) return (0); if (h->in[POS_CODE] != RAD_ACCESS_REQUEST) { @@ -307,7 +319,18 @@ is_valid_request(struct rad_handle *h) pos = POS_ATTRS; hctx = HMAC_CTX_new(); while (pos < len - 2) { + alen = h->in[pos + 1]; + if (alen < 2) + return (0); if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) { + if (len - pos < MD5_DIGEST_LENGTH + 2) { + HMAC_CTX_free(hctx); + return (0); + } + if (alen < MD5_DIGEST_LENGTH + 2) { + HMAC_CTX_free(hctx); + return (0); + } memcpy(resp, h->in, MSGSIZE); /* zero fill the Request-Authenticator */ if (h->in[POS_CODE] != RAD_ACCESS_REQUEST) @@ -327,7 +350,7 @@ is_valid_request(struct rad_handle *h) } break; } - pos += h->in[pos + 1]; + pos += alen; } HMAC_CTX_free(hctx); #endif @@ -929,9 +952,9 @@ rad_cvt_string(const void *data, size_t len) * returns -1. */ int -rad_get_attr(struct rad_handle *h, const void **value, size_t *len) +rad_get_attr(struct rad_handle *h, const void **value, size_t *lenp) { - int type; + int len, type; if (h->in_pos >= h->in_len) return 0; @@ -940,13 +963,14 @@ rad_get_attr(struct rad_handle *h, const void **value, size_t *len) return -1; } type = h->in[h->in_pos++]; - *len = h->in[h->in_pos++] - 2; - if (h->in_pos + (int)*len > h->in_len) { + len = h->in[h->in_pos++]; + if (len < 2 || h->in_pos + len > h->in_len) { generr(h, "Malformed attribute in response"); return -1; } + *lenp = len; *value = &h->in[h->in_pos]; - h->in_pos += *len; + h->in_pos += len; return type; } From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:39:44 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1DC22646260; Wed, 26 May 2021 20:39:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2qz3SMZz4hR3; Wed, 26 May 2021 20:39:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1E80B174F8; Wed, 26 May 2021 20:39:43 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKdgTD055292; Wed, 26 May 2021 20:39:42 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKdgVR055291; Wed, 26 May 2021 20:39:42 GMT (envelope-from git) Date: Wed, 26 May 2021 20:39:42 GMT Message-Id: <202105262039.14QKdgVR055291@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 5e90dfc54f86 - stable/11 - libradius: Fix input validation bugs MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/11 X-Git-Reftype: branch X-Git-Commit: 5e90dfc54f864651fd98087c6e1f1cbce203b20c Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:39:44 -0000 The branch stable/11 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=5e90dfc54f864651fd98087c6e1f1cbce203b20c commit 5e90dfc54f864651fd98087c6e1f1cbce203b20c Author: Mark Johnston AuthorDate: 2021-05-25 17:59:09 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 20:38:54 +0000 libradius: Fix input validation bugs Approved by: so Security: FreeBSD-SA-21:12.libradius Security: CVE-2021-29629 Sponsored by: The FreeBSD Foundation (cherry picked from commit 8d5c7813061dfa0b187500dfe3aeea7a28181c13) --- lib/libradius/radlib.c | 44 +++++++++++++++++++++++++++++--------------- 1 file changed, 29 insertions(+), 15 deletions(-) diff --git a/lib/libradius/radlib.c b/lib/libradius/radlib.c index 55c6f5cb04a1..acca95da6f66 100644 --- a/lib/libradius/radlib.c +++ b/lib/libradius/radlib.c @@ -186,7 +186,7 @@ is_valid_response(struct rad_handle *h, int srv, MD5_CTX ctx; unsigned char md5[MD5_DIGEST_LENGTH]; const struct rad_server *srvp; - int len; + int alen, len; #ifdef WITH_SSL HMAC_CTX hctx; u_char resp[MSGSIZE], md[EVP_MAX_MD_SIZE]; @@ -205,8 +205,8 @@ is_valid_response(struct rad_handle *h, int srv, /* Check the message length */ if (h->in_len < POS_ATTRS) return 0; - len = h->in[POS_LENGTH] << 8 | h->in[POS_LENGTH+1]; - if (len > h->in_len) + len = (h->in[POS_LENGTH] << 8) | h->in[POS_LENGTH + 1]; + if (len < POS_ATTRS || len > h->in_len) return 0; /* Check the response authenticator */ @@ -231,9 +231,12 @@ is_valid_response(struct rad_handle *h, int srv, /* Search and verify the Message-Authenticator */ while (pos < len - 2) { - if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) { - /* zero fill the Message-Authenticator */ + if (h->in[pos + 1] != MD5_DIGEST_LENGTH + 2) + return 0; + if (len - pos < MD5_DIGEST_LENGTH + 2) + return 0; + memset(&resp[pos + 2], 0, MD5_DIGEST_LENGTH); HMAC_CTX_init(&hctx); @@ -253,7 +256,10 @@ is_valid_response(struct rad_handle *h, int srv, return 0; break; } - pos += h->in[pos + 1]; + alen = h->in[pos + 1]; + if (alen < 2) + return 0; + pos += alen; } } #endif @@ -269,7 +275,7 @@ is_valid_request(struct rad_handle *h) MD5_CTX ctx; unsigned char md5[MD5_DIGEST_LENGTH]; const struct rad_server *srvp; - int len; + int alen, len; #ifdef WITH_SSL HMAC_CTX hctx; u_char resp[MSGSIZE], md[EVP_MAX_MD_SIZE]; @@ -282,8 +288,8 @@ is_valid_request(struct rad_handle *h) /* Check the message length */ if (h->in_len < POS_ATTRS) return (0); - len = h->in[POS_LENGTH] << 8 | h->in[POS_LENGTH+1]; - if (len > h->in_len) + len = (h->in[POS_LENGTH] << 8) | h->in[POS_LENGTH + 1]; + if (len < POS_ATTRS || len > h->in_len) return (0); if (h->in[POS_CODE] != RAD_ACCESS_REQUEST) { @@ -303,7 +309,14 @@ is_valid_request(struct rad_handle *h) /* Search and verify the Message-Authenticator */ pos = POS_ATTRS; while (pos < len - 2) { + alen = h->in[pos + 1]; + if (alen < 2) + return (0); if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) { + if (len - pos < MD5_DIGEST_LENGTH + 2) + return (0); + if (alen < MD5_DIGEST_LENGTH + 2) + return (0); memcpy(resp, h->in, MSGSIZE); /* zero fill the Request-Authenticator */ if (h->in[POS_CODE] != RAD_ACCESS_REQUEST) @@ -323,7 +336,7 @@ is_valid_request(struct rad_handle *h) return (0); break; } - pos += h->in[pos + 1]; + pos += alen; } #endif return (1); @@ -924,9 +937,9 @@ rad_cvt_string(const void *data, size_t len) * returns -1. */ int -rad_get_attr(struct rad_handle *h, const void **value, size_t *len) +rad_get_attr(struct rad_handle *h, const void **value, size_t *lenp) { - int type; + int len, type; if (h->in_pos >= h->in_len) return 0; @@ -935,13 +948,14 @@ rad_get_attr(struct rad_handle *h, const void **value, size_t *len) return -1; } type = h->in[h->in_pos++]; - *len = h->in[h->in_pos++] - 2; - if (h->in_pos + (int)*len > h->in_len) { + len = h->in[h->in_pos++]; + if (len < 2 || h->in_pos + len > h->in_len) { generr(h, "Malformed attribute in response"); return -1; } + *lenp = len; *value = &h->in[h->in_pos]; - h->in_pos += *len; + h->in_pos += len; return type; } From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:40:13 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 658586465AA; Wed, 26 May 2021 20:40:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2rY28g7z4hPX; Wed, 26 May 2021 20:40:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id AF5D6177A9; Wed, 26 May 2021 20:40:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKeCEP059463; Wed, 26 May 2021 20:40:12 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKeCFX059457; Wed, 26 May 2021 20:40:12 GMT (envelope-from git) Date: Wed, 26 May 2021 20:40:12 GMT Message-Id: <202105262040.14QKeCFX059457@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 4027ac420dab - releng/11.4 - libradius: Fix input validation bugs MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/11.4 X-Git-Reftype: branch X-Git-Commit: 4027ac420dab08abe2882db0cd6fd7ed8762071f Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:40:13 -0000 The branch releng/11.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=4027ac420dab08abe2882db0cd6fd7ed8762071f commit 4027ac420dab08abe2882db0cd6fd7ed8762071f Author: Mark Johnston AuthorDate: 2021-05-25 17:59:09 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 20:39:59 +0000 libradius: Fix input validation bugs Approved by: so Security: FreeBSD-SA-21:12.libradius Security: CVE-2021-29629 Sponsored by: The FreeBSD Foundation (cherry picked from commit 8d5c7813061dfa0b187500dfe3aeea7a28181c13) (cherry picked from commit 5e90dfc54f864651fd98087c6e1f1cbce203b20c) --- lib/libradius/radlib.c | 44 +++++++++++++++++++++++++++++--------------- 1 file changed, 29 insertions(+), 15 deletions(-) diff --git a/lib/libradius/radlib.c b/lib/libradius/radlib.c index 55c6f5cb04a1..acca95da6f66 100644 --- a/lib/libradius/radlib.c +++ b/lib/libradius/radlib.c @@ -186,7 +186,7 @@ is_valid_response(struct rad_handle *h, int srv, MD5_CTX ctx; unsigned char md5[MD5_DIGEST_LENGTH]; const struct rad_server *srvp; - int len; + int alen, len; #ifdef WITH_SSL HMAC_CTX hctx; u_char resp[MSGSIZE], md[EVP_MAX_MD_SIZE]; @@ -205,8 +205,8 @@ is_valid_response(struct rad_handle *h, int srv, /* Check the message length */ if (h->in_len < POS_ATTRS) return 0; - len = h->in[POS_LENGTH] << 8 | h->in[POS_LENGTH+1]; - if (len > h->in_len) + len = (h->in[POS_LENGTH] << 8) | h->in[POS_LENGTH + 1]; + if (len < POS_ATTRS || len > h->in_len) return 0; /* Check the response authenticator */ @@ -231,9 +231,12 @@ is_valid_response(struct rad_handle *h, int srv, /* Search and verify the Message-Authenticator */ while (pos < len - 2) { - if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) { - /* zero fill the Message-Authenticator */ + if (h->in[pos + 1] != MD5_DIGEST_LENGTH + 2) + return 0; + if (len - pos < MD5_DIGEST_LENGTH + 2) + return 0; + memset(&resp[pos + 2], 0, MD5_DIGEST_LENGTH); HMAC_CTX_init(&hctx); @@ -253,7 +256,10 @@ is_valid_response(struct rad_handle *h, int srv, return 0; break; } - pos += h->in[pos + 1]; + alen = h->in[pos + 1]; + if (alen < 2) + return 0; + pos += alen; } } #endif @@ -269,7 +275,7 @@ is_valid_request(struct rad_handle *h) MD5_CTX ctx; unsigned char md5[MD5_DIGEST_LENGTH]; const struct rad_server *srvp; - int len; + int alen, len; #ifdef WITH_SSL HMAC_CTX hctx; u_char resp[MSGSIZE], md[EVP_MAX_MD_SIZE]; @@ -282,8 +288,8 @@ is_valid_request(struct rad_handle *h) /* Check the message length */ if (h->in_len < POS_ATTRS) return (0); - len = h->in[POS_LENGTH] << 8 | h->in[POS_LENGTH+1]; - if (len > h->in_len) + len = (h->in[POS_LENGTH] << 8) | h->in[POS_LENGTH + 1]; + if (len < POS_ATTRS || len > h->in_len) return (0); if (h->in[POS_CODE] != RAD_ACCESS_REQUEST) { @@ -303,7 +309,14 @@ is_valid_request(struct rad_handle *h) /* Search and verify the Message-Authenticator */ pos = POS_ATTRS; while (pos < len - 2) { + alen = h->in[pos + 1]; + if (alen < 2) + return (0); if (h->in[pos] == RAD_MESSAGE_AUTHENTIC) { + if (len - pos < MD5_DIGEST_LENGTH + 2) + return (0); + if (alen < MD5_DIGEST_LENGTH + 2) + return (0); memcpy(resp, h->in, MSGSIZE); /* zero fill the Request-Authenticator */ if (h->in[POS_CODE] != RAD_ACCESS_REQUEST) @@ -323,7 +336,7 @@ is_valid_request(struct rad_handle *h) return (0); break; } - pos += h->in[pos + 1]; + pos += alen; } #endif return (1); @@ -924,9 +937,9 @@ rad_cvt_string(const void *data, size_t len) * returns -1. */ int -rad_get_attr(struct rad_handle *h, const void **value, size_t *len) +rad_get_attr(struct rad_handle *h, const void **value, size_t *lenp) { - int type; + int len, type; if (h->in_pos >= h->in_len) return 0; @@ -935,13 +948,14 @@ rad_get_attr(struct rad_handle *h, const void **value, size_t *len) return -1; } type = h->in[h->in_pos++]; - *len = h->in[h->in_pos++] - 2; - if (h->in_pos + (int)*len > h->in_len) { + len = h->in[h->in_pos++]; + if (len < 2 || h->in_pos + len > h->in_len) { generr(h, "Malformed attribute in response"); return -1; } + *lenp = len; *value = &h->in[h->in_pos]; - h->in_pos += *len; + h->in_pos += len; return type; } From owner-dev-commits-src-branches@freebsd.org Wed May 26 20:40:16 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 92691646539; Wed, 26 May 2021 20:40:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr2rb1jWzz4hZl; Wed, 26 May 2021 20:40:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BF71617A14; Wed, 26 May 2021 20:40:13 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14QKeDKg059961; Wed, 26 May 2021 20:40:13 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14QKeD0x059955; Wed, 26 May 2021 20:40:13 GMT (envelope-from git) Date: Wed, 26 May 2021 20:40:13 GMT Message-Id: <202105262040.14QKeD0x059955@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: a4deddc0de32 - releng/11.4 - Add UPDATING entries and bump version MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/releng/11.4 X-Git-Reftype: branch X-Git-Commit: a4deddc0de32efbd718f06f01fa7dae1d67d625b Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 May 2021 20:40:16 -0000 The branch releng/11.4 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=a4deddc0de32efbd718f06f01fa7dae1d67d625b commit a4deddc0de32efbd718f06f01fa7dae1d67d625b Author: Mark Johnston AuthorDate: 2021-05-26 20:01:50 +0000 Commit: Mark Johnston CommitDate: 2021-05-26 20:40:09 +0000 Add UPDATING entries and bump version Approved by: so --- UPDATING | 4 ++++ sys/conf/newvers.sh | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/UPDATING b/UPDATING index c9f01e72a4ba..a3b23454db4b 100644 --- a/UPDATING +++ b/UPDATING @@ -16,6 +16,10 @@ from older versions of FreeBSD, try WITHOUT_CLANG and WITH_GCC to bootstrap to the tip of head, and then rebuild without this option. The bootstrap process from older version of current across the gcc/clang cutover is a bit fragile. +20210526: p10 FreeBSD-SA-21:12.libradius + + Missing message validation in libradius(3) [FreeBSD-SA-21:12.libradius] + 20210406: p9 FreeBSD-SA-21:08.vm FreeBSD-SA-21:10.jail_mount diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index 095499d9ea62..c01f16587f3c 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -44,7 +44,7 @@ TYPE="FreeBSD" REVISION="11.4" -BRANCH="RELEASE-p9" +BRANCH="RELEASE-p10" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi From owner-dev-commits-src-branches@freebsd.org Thu May 27 00:33:38 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 73416649AC4; Thu, 27 May 2021 00:33:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr81t2pzlz53Yw; Thu, 27 May 2021 00:33:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 480D61A950; Thu, 27 May 2021 00:33:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14R0XcLg072591; Thu, 27 May 2021 00:33:38 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14R0XcET072590; Thu, 27 May 2021 00:33:38 GMT (envelope-from git) Date: Thu, 27 May 2021 00:33:38 GMT Message-Id: <202105270033.14R0XcET072590@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: 2585f892e016 - stable/13 - kldxref: do not error out if specified path is not directory, for -d mode MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 2585f892e0167a10e7840e97e52bfed0382e40db Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 00:33:38 -0000 The branch stable/13 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=2585f892e0167a10e7840e97e52bfed0382e40db commit 2585f892e0167a10e7840e97e52bfed0382e40db Author: Konstantin Belousov AuthorDate: 2021-05-20 19:12:11 +0000 Commit: Konstantin Belousov CommitDate: 2021-05-27 00:33:10 +0000 kldxref: do not error out if specified path is not directory, for -d mode (cherry picked from commit d7751071bc41c63c5dadd81ef4b0a26748d8f9b0) --- usr.sbin/kldxref/kldxref.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.sbin/kldxref/kldxref.c b/usr.sbin/kldxref/kldxref.c index e1996862119a..7a4d704356b8 100644 --- a/usr.sbin/kldxref/kldxref.c +++ b/usr.sbin/kldxref/kldxref.c @@ -716,7 +716,7 @@ main(int argc, char *argv[]) if (stat(argv[0], &sb) != 0) err(1, "%s", argv[0]); - if ((sb.st_mode & S_IFDIR) == 0) { + if ((sb.st_mode & S_IFDIR) == 0 && !dflag) { errno = ENOTDIR; err(1, "%s", argv[0]); } From owner-dev-commits-src-branches@freebsd.org Thu May 27 00:34:20 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 75960649EF6; Thu, 27 May 2021 00:34:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr82h2wWqz53XJ; Thu, 27 May 2021 00:34:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4CAD21AC1F; Thu, 27 May 2021 00:34:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14R0YKx7072751; Thu, 27 May 2021 00:34:20 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14R0YKIp072750; Thu, 27 May 2021 00:34:20 GMT (envelope-from git) Date: Thu, 27 May 2021 00:34:20 GMT Message-Id: <202105270034.14R0YKIp072750@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: 5a9058c1460d - stable/12 - kldxref: do not error out if specified path is not directory, for -d mode MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 5a9058c1460d7e76588eeef409cb40af6216b4bb Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 00:34:20 -0000 The branch stable/12 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=5a9058c1460d7e76588eeef409cb40af6216b4bb commit 5a9058c1460d7e76588eeef409cb40af6216b4bb Author: Konstantin Belousov AuthorDate: 2021-05-20 19:12:11 +0000 Commit: Konstantin Belousov CommitDate: 2021-05-27 00:33:55 +0000 kldxref: do not error out if specified path is not directory, for -d mode (cherry picked from commit d7751071bc41c63c5dadd81ef4b0a26748d8f9b0) --- usr.sbin/kldxref/kldxref.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.sbin/kldxref/kldxref.c b/usr.sbin/kldxref/kldxref.c index c70405962dd8..03892635a0f5 100644 --- a/usr.sbin/kldxref/kldxref.c +++ b/usr.sbin/kldxref/kldxref.c @@ -711,7 +711,7 @@ main(int argc, char *argv[]) if (stat(argv[0], &sb) != 0) err(1, "%s", argv[0]); - if ((sb.st_mode & S_IFDIR) == 0) { + if ((sb.st_mode & S_IFDIR) == 0 && !dflag) { errno = ENOTDIR; err(1, "%s", argv[0]); } From owner-dev-commits-src-branches@freebsd.org Thu May 27 00:48:06 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0CCCD64A313; Thu, 27 May 2021 00:48:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fr8LY70rkz54P7; Thu, 27 May 2021 00:48:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D86741A3FE; Thu, 27 May 2021 00:48:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14R0m5p9087086; Thu, 27 May 2021 00:48:05 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14R0m5du087085; Thu, 27 May 2021 00:48:05 GMT (envelope-from git) Date: Thu, 27 May 2021 00:48:05 GMT Message-Id: <202105270048.14R0m5du087085@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: bdbb0f056593 - stable/13 - hda: correct comment about Asus laptop digital mics MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: bdbb0f0565932726b218caa1d4c59687e8e2282c Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 00:48:06 -0000 The branch stable/13 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=bdbb0f0565932726b218caa1d4c59687e8e2282c commit bdbb0f0565932726b218caa1d4c59687e8e2282c Author: Philippe Michaud-Boudreault AuthorDate: 2021-05-19 14:32:25 +0000 Commit: Ed Maste CommitDate: 2021-05-27 00:47:14 +0000 hda: correct comment about Asus laptop digital mics Reported in review D30333 MFC after: 1 week (cherry picked from commit 5d698386fbfe166df72a17712ffde8cefeecefab) --- sys/dev/sound/pci/hda/hdaa_patches.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/sys/dev/sound/pci/hda/hdaa_patches.c b/sys/dev/sound/pci/hda/hdaa_patches.c index 755f2aef461b..590c9e4d46fb 100644 --- a/sys/dev/sound/pci/hda/hdaa_patches.c +++ b/sys/dev/sound/pci/hda/hdaa_patches.c @@ -808,10 +808,10 @@ hdaa_patch_direct(struct hdaa_devinfo *devinfo) subid == 0x834a1043 || subid == 0x83981043 || subid == 0x83ce1043) { /* - * The ditital mics on some Asus laptops produce + * The digital mics on some Asus laptops produce * differential signals instead of expected stereo. - * That results in silence if downmix it to mono. - * To workaround, make codec to handle signal as mono. + * That results in silence if downmixing to mono. + * To workaround, make codec handle the signal as mono. */ val = hdaa_read_coef(dev, 0x20, 0x07); hdaa_write_coef(dev, 0x20, 0x07, val|0x80); From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:21 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9CFC0637FD1; Thu, 27 May 2021 10:20:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP2s3x9mz4rsM; Thu, 27 May 2021 10:20:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6EA4222616; Thu, 27 May 2021 10:20:21 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKLNZ054890; Thu, 27 May 2021 10:20:21 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKLQE054884; Thu, 27 May 2021 10:20:21 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:21 GMT Message-Id: <202105271020.14RAKLQE054884@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: c5bc18c83645 - stable/12 - pfctl: Ensure parent queue is configured for FAIRQ MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: c5bc18c83645ceeb4cd8470ce4c5d2165207b9f4 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:21 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=c5bc18c83645ceeb4cd8470ce4c5d2165207b9f4 commit c5bc18c83645ceeb4cd8470ce4c5d2165207b9f4 Author: Kristof Provost AuthorDate: 2021-05-18 16:22:13 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:05:12 +0000 pfctl: Ensure parent queue is configured for FAIRQ We failed to account for the FAIRQ scheduler in expand_altq(), which led it to be set up without its parent queue. MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30347 (cherry picked from commit dc784287967d45ab681dc51e9e20b78c8c535834) --- sbin/pfctl/parse.y | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index 903bbd47d660..06d972556195 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -5099,7 +5099,8 @@ expand_altq(struct pf_altq *a, struct node_if *interfaces, } if (pa.scheduler == ALTQT_CBQ || - pa.scheduler == ALTQT_HFSC) { + pa.scheduler == ALTQT_HFSC || + pa.scheduler == ALTQT_FAIRQ) { /* now create a root queue */ memset(&pb, 0, sizeof(struct pf_altq)); if (strlcpy(qname, "root_", sizeof(qname)) >= @@ -5130,7 +5131,8 @@ expand_altq(struct pf_altq *a, struct node_if *interfaces, if (n == NULL) err(1, "expand_altq: calloc"); if (pa.scheduler == ALTQT_CBQ || - pa.scheduler == ALTQT_HFSC) + pa.scheduler == ALTQT_HFSC || + pa.scheduler == ALTQT_FAIRQ) if (strlcpy(n->parent, qname, sizeof(n->parent)) >= sizeof(n->parent)) From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:23 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0A2B76382A3; Thu, 27 May 2021 10:20:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP2t4qT1z4rts; Thu, 27 May 2021 10:20:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8A22F222D9; Thu, 27 May 2021 10:20:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKMrT055104; Thu, 27 May 2021 10:20:22 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKM1P055103; Thu, 27 May 2021 10:20:22 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:22 GMT Message-Id: <202105271020.14RAKM1P055103@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: bc6cf5a56207 - stable/12 - pf: Add DIOCGETSTATENV MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: bc6cf5a56207a4ea929846d97a374a2ebf1703e5 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:23 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=bc6cf5a56207a4ea929846d97a374a2ebf1703e5 commit bc6cf5a56207a4ea929846d97a374a2ebf1703e5 Author: Kristof Provost AuthorDate: 2021-05-05 12:33:55 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:05:35 +0000 pf: Add DIOCGETSTATENV Add DIOCGETSTATENV, an nvlist-based alternative to DIOCGETSTATE. MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30242 (cherry picked from commit 1732afaa0dae9d844e341f2c1d6ed4b79c403bfb) --- share/man/man4/pf.4 | 4 +- sys/net/pfvar.h | 1 + sys/netpfil/pf/pf_ioctl.c | 226 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 229 insertions(+), 2 deletions(-) diff --git a/share/man/man4/pf.4 b/share/man/man4/pf.4 index 2fb132203908..24843535c924 100644 --- a/share/man/man4/pf.4 +++ b/share/man/man4/pf.4 @@ -326,14 +326,14 @@ struct pfioc_state { struct pfsync_state state; }; .Ed -.It Dv DIOCGETSTATE Fa "struct pfioc_state *ps" +.It Dv DIOCGETSTATENV Fa "struct pfioc_nv *nv" Extract the entry identified by the .Va id and .Va creatorid fields of the .Va state -structure from the state table. +nvlist from the state table. .It Dv DIOCKILLSTATES Fa "struct pfioc_state_kill *psk" Remove matching entries from the state table. This ioctl returns the number of killed states in diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index fda0cc57681d..5acefd631e3d 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -1256,6 +1256,7 @@ struct pfioc_iface { #define DIOCCLRSTATES _IOWR('D', 18, struct pfioc_state_kill) #define DIOCCLRSTATESNV _IOWR('D', 18, struct pfioc_nv) #define DIOCGETSTATE _IOWR('D', 19, struct pfioc_state) +#define DIOCGETSTATENV _IOWR('D', 19, struct pfioc_nv) #define DIOCSETSTATUSIF _IOWR('D', 20, struct pfioc_if) #define DIOCGETSTATUS _IOWR('D', 21, struct pf_status) #define DIOCCLRSTATUS _IO ('D', 22) diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index d676bc7ec9c1..431032f6c6e0 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -208,6 +208,7 @@ static int pf_killstates_row(struct pf_kstate_kill *, struct pf_idhash *); static int pf_killstates_nv(struct pfioc_nv *); static int pf_clearstates_nv(struct pfioc_nv *); +static int pf_getstate(struct pfioc_nv *); static int pf_clear_tables(void); static void pf_clear_srcnodes(struct pf_ksrc_node *); static void pf_kill_srcnodes(struct pfioc_src_node_kill *); @@ -2609,6 +2610,157 @@ errout: return (error); } +static nvlist_t * +pf_state_key_to_nvstate_key(const struct pf_state_key *key) +{ + nvlist_t *nvl, *tmp; + + nvl = nvlist_create(0); + if (nvl == NULL) + return (NULL); + + for (int i = 0; i < 2; i++) { + tmp = pf_addr_to_nvaddr(&key->addr[i]); + if (tmp == NULL) + goto errout; + nvlist_append_nvlist_array(nvl, "addr", tmp); + nvlist_append_number_array(nvl, "port", key->port[i]); + } + nvlist_add_number(nvl, "af", key->af); + nvlist_add_number(nvl, "proto", key->proto); + + return (nvl); + +errout: + nvlist_destroy(nvl); + return (NULL); +} + +static nvlist_t * +pf_state_scrub_to_nvstate_scrub(const struct pf_state_scrub *scrub) +{ + nvlist_t *nvl; + + nvl = nvlist_create(0); + if (nvl == NULL) + return (NULL); + + nvlist_add_bool(nvl, "timestamp", scrub->pfss_flags & PFSS_TIMESTAMP); + nvlist_add_number(nvl, "ttl", scrub->pfss_ttl); + nvlist_add_number(nvl, "ts_mod", scrub->pfss_ts_mod); + + return (nvl); +} + +static nvlist_t * +pf_state_peer_to_nvstate_peer(const struct pf_state_peer *peer) +{ + nvlist_t *nvl, *tmp; + + nvl = nvlist_create(0); + if (nvl == NULL) + return (NULL); + + if (peer->scrub) { + tmp = pf_state_scrub_to_nvstate_scrub(peer->scrub); + if (tmp == NULL) + goto errout; + nvlist_add_nvlist(nvl, "scrub", tmp); + } + + nvlist_add_number(nvl, "seqlo", peer->seqlo); + nvlist_add_number(nvl, "seqhi", peer->seqhi); + nvlist_add_number(nvl, "seqdiff", peer->seqdiff); + nvlist_add_number(nvl, "max_win", peer->max_win); + nvlist_add_number(nvl, "mss", peer->mss); + nvlist_add_number(nvl, "state", peer->state); + nvlist_add_number(nvl, "wscale", peer->wscale); + + return (nvl); + +errout: + nvlist_destroy(nvl); + return (NULL); +} + + +static nvlist_t * +pf_state_to_nvstate(const struct pf_state *s) +{ + nvlist_t *nvl, *tmp; + uint32_t expire, flags = 0; + + nvl = nvlist_create(0); + if (nvl == NULL) + return (NULL); + + nvlist_add_number(nvl, "id", s->id); + nvlist_add_string(nvl, "ifname", s->kif->pfik_name); + + tmp = pf_state_key_to_nvstate_key(s->key[PF_SK_STACK]); + if (tmp == NULL) + goto errout; + nvlist_add_nvlist(nvl, "stack_key", tmp); + + tmp = pf_state_key_to_nvstate_key(s->key[PF_SK_WIRE]); + if (tmp == NULL) + goto errout; + nvlist_add_nvlist(nvl, "wire_key", tmp); + + tmp = pf_state_peer_to_nvstate_peer(&s->src); + if (tmp == NULL) + goto errout; + nvlist_add_nvlist(nvl, "src", tmp); + + tmp = pf_state_peer_to_nvstate_peer(&s->dst); + if (tmp == NULL) + goto errout; + nvlist_add_nvlist(nvl, "dst", tmp); + + tmp = pf_addr_to_nvaddr(&s->rt_addr); + if (tmp == NULL) + goto errout; + nvlist_add_nvlist(nvl, "rt_addr", tmp); + + nvlist_add_number(nvl, "rule", s->rule.ptr ? s->rule.ptr->nr : -1); + nvlist_add_number(nvl, "anchor", + s->anchor.ptr ? s->anchor.ptr->nr : -1); + nvlist_add_number(nvl, "nat_rule", + s->nat_rule.ptr ? s->nat_rule.ptr->nr : -1); + nvlist_add_number(nvl, "creation", s->creation); + + expire = pf_state_expires(s); + if (expire <= time_uptime) + expire = 0; + else + expire = expire - time_uptime; + nvlist_add_number(nvl, "expire", expire); + + for (int i = 0; i < 2; i++) { + nvlist_append_number_array(nvl, "packets", + counter_u64_fetch(s->packets[i])); + nvlist_append_number_array(nvl, "bytes", + counter_u64_fetch(s->bytes[i])); + } + + nvlist_add_number(nvl, "creatorid", s->creatorid); + nvlist_add_number(nvl, "direction", s->direction); + nvlist_add_number(nvl, "log", s->log); + nvlist_add_number(nvl, "state_flags", s->state_flags); + nvlist_add_number(nvl, "timeout", s->timeout); + if (s->src_node) + flags |= PFSYNC_FLAG_SRCNODE; + if (s->nat_src_node) + flags |= PFSYNC_FLAG_NATSRCNODE; + nvlist_add_number(nvl, "sync_flags", flags); + + return (nvl); + +errout: + nvlist_destroy(nvl); + return (NULL); +} + static int pf_ioctl_addrule(struct pf_krule *rule, uint32_t ticket, uint32_t pool_ticket, const char *anchor, const char *anchor_call, @@ -2790,6 +2942,7 @@ pfioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags, struct thread *td case DIOCGETADDRS: case DIOCGETADDR: case DIOCGETSTATE: + case DIOCGETSTATENV: case DIOCSETSTATUSIF: case DIOCGETSTATUS: case DIOCCLRSTATUS: @@ -2845,6 +2998,7 @@ pfioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags, struct thread *td case DIOCGETADDRS: case DIOCGETADDR: case DIOCGETSTATE: + case DIOCGETSTATENV: case DIOCGETSTATUS: case DIOCGETSTATES: case DIOCGETTIMEOUT: @@ -3516,6 +3670,11 @@ DIOCCHANGERULE_error: break; } + case DIOCGETSTATENV: { + error = pf_getstate((struct pfioc_nv *)addr); + break; + } + case DIOCGETSTATES: { struct pfioc_states *ps = (struct pfioc_states *)addr; struct pf_state *s; @@ -5699,12 +5858,79 @@ pf_clearstates_nv(struct pfioc_nv *nv) error = copyout(nvlpacked, nv->data, nv->len); +#undef ERROUT on_error: nvlist_destroy(nvl); free(nvlpacked, M_TEMP); return (error); } +static int +pf_getstate(struct pfioc_nv *nv) +{ + nvlist_t *nvl = NULL, *nvls; + void *nvlpacked = NULL; + struct pf_state *s = NULL; + int error = 0; + uint64_t id, creatorid; + +#define ERROUT(x) ERROUT_FUNCTION(errout, x) + + if (nv->len > pf_ioctl_maxcount) + ERROUT(ENOMEM); + + nvlpacked = malloc(nv->len, M_TEMP, M_WAITOK); + if (nvlpacked == NULL) + ERROUT(ENOMEM); + + error = copyin(nv->data, nvlpacked, nv->len); + if (error) + ERROUT(error); + + nvl = nvlist_unpack(nvlpacked, nv->len, 0); + if (nvl == NULL) + ERROUT(EBADMSG); + + PFNV_CHK(pf_nvuint64(nvl, "id", &id)); + PFNV_CHK(pf_nvuint64(nvl, "creatorid", &creatorid)); + + s = pf_find_state_byid(id, creatorid); + if (s == NULL) + ERROUT(ENOENT); + + free(nvlpacked, M_TEMP); + nvlpacked = NULL; + nvlist_destroy(nvl); + nvl = nvlist_create(0); + if (nvl == NULL) + ERROUT(ENOMEM); + + nvls = pf_state_to_nvstate(s); + if (nvls == NULL) + ERROUT(ENOMEM); + + nvlist_add_nvlist(nvl, "state", nvls); + + nvlpacked = nvlist_pack(nvl, &nv->len); + if (nvlpacked == NULL) + ERROUT(ENOMEM); + + if (nv->size == 0) + ERROUT(0); + else if (nv->size < nv->len) + ERROUT(ENOSPC); + + error = copyout(nvlpacked, nv->data, nv->len); + +#undef ERROUT +errout: + if (s != NULL) + PF_STATE_UNLOCK(s); + free(nvlpacked, M_TEMP); + nvlist_destroy(nvl); + return (error); +} + /* * XXX - Check for version missmatch!!! */ From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:25 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4736D6382A6; Thu, 27 May 2021 10:20:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP2x09KGz4rXY; Thu, 27 May 2021 10:20:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BE0942253D; Thu, 27 May 2021 10:20:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKOPN055154; Thu, 27 May 2021 10:20:24 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKO6j055153; Thu, 27 May 2021 10:20:24 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:24 GMT Message-Id: <202105271020.14RAKO6j055153@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 68e0c911c7aa - stable/12 - pfctl: Use DIOCGETSTATESNV MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 68e0c911c7aa6a8f9de1158e5b270259ad61e304 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:25 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=68e0c911c7aa6a8f9de1158e5b270259ad61e304 commit 68e0c911c7aa6a8f9de1158e5b270259ad61e304 Author: Kristof Provost AuthorDate: 2021-05-10 14:51:38 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:06:03 +0000 pfctl: Use DIOCGETSTATESNV Migrate to using the new nvlist-based DIOCGETSTATESNV call to obtain the states list. MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30244 (cherry picked from commit bc941291473d8a2164e4ffc3f3e7e6a356cbe747) --- lib/libpfctl/libpfctl.c | 173 ++++++++++++++++++++++++++++++++++++++++++++ lib/libpfctl/libpfctl.h | 60 +++++++++++++++ sbin/pfctl/pf_print_state.c | 82 ++++++++++----------- sbin/pfctl/pfctl.c | 49 ++++--------- sbin/pfctl/pfctl.h | 4 +- 5 files changed, 289 insertions(+), 79 deletions(-) diff --git a/lib/libpfctl/libpfctl.c b/lib/libpfctl/libpfctl.c index 8271d9bab3df..6a6ecd8fb136 100644 --- a/lib/libpfctl/libpfctl.c +++ b/lib/libpfctl/libpfctl.c @@ -627,6 +627,179 @@ pfctl_nv_add_state_cmp(nvlist_t *nvl, const char *name, nvlist_add_nvlist(nvl, name, nv); } +static void +pf_nvstate_scrub_to_state_scrub(const nvlist_t *nvl, + struct pfctl_state_scrub *scrub) +{ + bzero(scrub, sizeof(*scrub)); + + scrub->timestamp = nvlist_get_bool(nvl, "timestamp"); + scrub->ttl = nvlist_get_number(nvl, "ttl"); + scrub->ts_mod = nvlist_get_number(nvl, "ts_mod"); +} + +static void +pf_nvstate_peer_to_state_peer(const nvlist_t *nvl, + struct pfctl_state_peer *peer) +{ + bzero(peer, sizeof(*peer)); + + if (nvlist_exists_nvlist(nvl, "scrub")) { + peer->scrub = malloc(sizeof(*peer->scrub)); + pf_nvstate_scrub_to_state_scrub( + nvlist_get_nvlist(nvl, "scrub"), + peer->scrub); + } + + peer->seqlo = nvlist_get_number(nvl, "seqlo"); + peer->seqhi = nvlist_get_number(nvl, "seqhi"); + peer->seqdiff = nvlist_get_number(nvl, "seqdiff"); + peer->max_win = nvlist_get_number(nvl, "max_win"); + peer->mss = nvlist_get_number(nvl, "mss"); + peer->state = nvlist_get_number(nvl, "state"); + peer->wscale = nvlist_get_number(nvl, "wscale"); +} + +static void +pf_nvstate_key_to_state_key(const nvlist_t *nvl, struct pfctl_state_key *key) +{ + const nvlist_t * const *tmp; + size_t count; + + bzero(key, sizeof(*key)); + + tmp = nvlist_get_nvlist_array(nvl, "addr", &count); + assert(count == 2); + + for (int i = 0; i < 2; i++) + pf_nvaddr_to_addr(tmp[i], &key->addr[i]); + + pf_nvuint_16_array(nvl, "port", 2, key->port, NULL); + + key->af = nvlist_get_number(nvl, "af"); + key->proto = nvlist_get_number(nvl, "proto"); +} + +static void +pf_nvstate_to_state(const nvlist_t *nvl, struct pfctl_state *s) +{ + bzero(s, sizeof(*s)); + + s->id = nvlist_get_number(nvl, "id"); + s->creatorid = nvlist_get_number(nvl, "creatorid"); + s->direction = nvlist_get_number(nvl, "direction"); + + pf_nvstate_peer_to_state_peer(nvlist_get_nvlist(nvl, "src"), &s->src); + pf_nvstate_peer_to_state_peer(nvlist_get_nvlist(nvl, "dst"), &s->dst); + + pf_nvstate_key_to_state_key(nvlist_get_nvlist(nvl, "stack_key"), + &s->key[0]); + pf_nvstate_key_to_state_key(nvlist_get_nvlist(nvl, "wire_key"), + &s->key[1]); + + strlcpy(s->ifname, nvlist_get_string(nvl, "ifname"), + sizeof(s->ifname)); + + pf_nvaddr_to_addr(nvlist_get_nvlist(nvl, "rt_addr"), &s->rt_addr); + s->rule = nvlist_get_number(nvl, "rule"); + s->anchor = nvlist_get_number(nvl, "anchor"); + s->nat_rule = nvlist_get_number(nvl, "nat_rule"); + s->creation = nvlist_get_number(nvl, "creation"); + s->expire = nvlist_get_number(nvl, "expire"); + + pf_nvuint_64_array(nvl, "packets", 2, s->packets, NULL); + pf_nvuint_64_array(nvl, "bytes", 2, s->bytes, NULL); + + s->log = nvlist_get_number(nvl, "log"); + s->state_flags = nvlist_get_number(nvl, "state_flags"); + s->timeout = nvlist_get_number(nvl, "timeout"); + s->sync_flags = nvlist_get_number(nvl, "sync_flags"); +} + +int +pfctl_get_states(int dev, struct pfctl_states *states) +{ + struct pfioc_nv nv; + nvlist_t *nvl; + const nvlist_t * const *slist; + size_t found_count; + + bzero(states, sizeof(*states)); + TAILQ_INIT(&states->states); + + /* Just enough to get a number, and we'll grow from there. */ + nv.data = malloc(64); + nv.len = nv.size = 64; + + for (;;) { + if (ioctl(dev, DIOCGETSTATESNV, &nv)) { + free(nv.data); + return (errno); + } + + nvl = nvlist_unpack(nv.data, nv.len, 0); + if (nvl == NULL) { + free(nv.data); + return (EIO); + } + + states->count = nvlist_get_number(nvl, "count"); + + /* Are there any states? */ + if (states->count == 0) + break; + + if (nvlist_exists_nvlist_array(nvl, "states")) + slist = nvlist_get_nvlist_array(nvl, "states", &found_count); + else + found_count = 0; + + if (found_count < states->count) { + size_t new_size = nv.size + + (nv.size * states->count / (found_count + 1) * 2); + + /* Our buffer is too small. Estimate what we need based + * on how many states fit in the previous allocation + * and how many states there are. Doubled for margin. + * */ + nv.data = realloc(nv.data, new_size); + nv.size = new_size; + + if (nv.data == NULL) + return (ENOMEM); + continue; + } + + for (size_t i = 0; i < found_count; i++) { + struct pfctl_state *s = malloc(sizeof(*s)); + if (s == NULL) { + pfctl_free_states(states); + nvlist_destroy(nvl); + free(nv.data); + return (ENOMEM); + } + + pf_nvstate_to_state(slist[i], s); + TAILQ_INSERT_TAIL(&states->states, s, entry); + } + break; + } + + return (0); +} + +void +pfctl_free_states(struct pfctl_states *states) +{ + struct pfctl_state *s, *tmp; + + TAILQ_FOREACH_SAFE(s, &states->states, entry, tmp) { + free(s); + } + + bzero(states, sizeof(*states)); +} + static int _pfctl_clear_states(int dev, const struct pfctl_kill *kill, unsigned int *killed, uint64_t ioctlval) diff --git a/lib/libpfctl/libpfctl.h b/lib/libpfctl/libpfctl.h index 7a1e02f3d01b..05447b5d8673 100644 --- a/lib/libpfctl/libpfctl.h +++ b/lib/libpfctl/libpfctl.h @@ -197,6 +197,64 @@ struct pfctl_kill { bool kill_match; }; +struct pfctl_state_scrub { + bool timestamp; + uint8_t ttl; + uint32_t ts_mod; +}; + +struct pfctl_state_peer { + struct pfctl_state_scrub *scrub; + uint32_t seqlo; + uint32_t seqhi; + uint32_t seqdiff; + uint16_t max_win; + uint16_t mss; + uint8_t state; + uint8_t wscale; +}; + +struct pfctl_state_key { + struct pf_addr addr[2]; + uint16_t port[2]; + sa_family_t af; + uint8_t proto; +}; + +struct pfctl_state { + TAILQ_ENTRY(pfctl_state) entry; + + uint64_t id; + uint32_t creatorid; + uint8_t direction; + + struct pfctl_state_peer src; + struct pfctl_state_peer dst; + + uint32_t rule; + uint32_t anchor; + uint32_t nat_rule; + struct pf_addr rt_addr; + struct pfctl_state_key key[2]; /* addresses stack and wire */ + char ifname[IFNAMSIZ]; + uint64_t packets[2]; + uint64_t bytes[2]; + uint32_t creation; + uint32_t expire; + uint32_t pfsync_time; + uint16_t tag; + uint8_t log; + uint8_t state_flags; + uint8_t timeout; + uint32_t sync_flags; +}; + +TAILQ_HEAD(pfctl_statelist, pfctl_state); +struct pfctl_states { + struct pfctl_statelist states; + size_t count; +}; + int pfctl_get_rule(int dev, u_int32_t nr, u_int32_t ticket, const char *anchor, u_int32_t ruleset, struct pfctl_rule *rule, char *anchor_call); @@ -207,6 +265,8 @@ int pfctl_add_rule(int dev, const struct pfctl_rule *r, const char *anchor, const char *anchor_call, u_int32_t ticket, u_int32_t pool_ticket); int pfctl_set_keepcounters(int dev, bool keep); +int pfctl_get_states(int dev, struct pfctl_states *states); +void pfctl_free_states(struct pfctl_states *states); int pfctl_clear_states(int dev, const struct pfctl_kill *kill, unsigned int *killed); int pfctl_kill_states(int dev, const struct pfctl_kill *kill, diff --git a/sbin/pfctl/pf_print_state.c b/sbin/pfctl/pf_print_state.c index e2f9d6efe609..7119308d195b 100644 --- a/sbin/pfctl/pf_print_state.c +++ b/sbin/pfctl/pf_print_state.c @@ -196,25 +196,27 @@ print_host(struct pf_addr *addr, u_int16_t port, sa_family_t af, int opts) } void -print_seq(struct pfsync_state_peer *p) +print_seq(struct pfctl_state_peer *p) { if (p->seqdiff) - printf("[%u + %u](+%u)", ntohl(p->seqlo), - ntohl(p->seqhi) - ntohl(p->seqlo), ntohl(p->seqdiff)); + printf("[%u + %u](+%u)", p->seqlo, + p->seqhi - p->seqlo, p->seqdiff); else - printf("[%u + %u]", ntohl(p->seqlo), - ntohl(p->seqhi) - ntohl(p->seqlo)); + printf("[%u + %u]", p->seqlo, + p->seqhi - p->seqlo); } void -print_state(struct pfsync_state *s, int opts) +print_state(struct pfctl_state *s, int opts) { - struct pfsync_state_peer *src, *dst; - struct pfsync_state_key *key, *sk, *nk; + struct pfctl_state_peer *src, *dst; + struct pfctl_state_key *key, *sk, *nk; struct protoent *p; int min, sec; + sa_family_t af; + uint8_t proto; #ifndef __NO_STRICT_ALIGNMENT - struct pfsync_state_key aligned_key[2]; + struct pfctl_state_key aligned_key[2]; bcopy(&s->key, aligned_key, sizeof(aligned_key)); key = aligned_key; @@ -222,48 +224,51 @@ print_state(struct pfsync_state *s, int opts) key = s->key; #endif + af = s->key[PF_SK_WIRE].af; + proto = s->key[PF_SK_WIRE].proto; + if (s->direction == PF_OUT) { src = &s->src; dst = &s->dst; sk = &key[PF_SK_STACK]; nk = &key[PF_SK_WIRE]; - if (s->proto == IPPROTO_ICMP || s->proto == IPPROTO_ICMPV6) + if (proto == IPPROTO_ICMP || proto == IPPROTO_ICMPV6) sk->port[0] = nk->port[0]; } else { src = &s->dst; dst = &s->src; sk = &key[PF_SK_WIRE]; nk = &key[PF_SK_STACK]; - if (s->proto == IPPROTO_ICMP || s->proto == IPPROTO_ICMPV6) + if (proto == IPPROTO_ICMP || proto == IPPROTO_ICMPV6) sk->port[1] = nk->port[1]; } printf("%s ", s->ifname); - if ((p = getprotobynumber(s->proto)) != NULL) + if ((p = getprotobynumber(proto)) != NULL) printf("%s ", p->p_name); else - printf("%u ", s->proto); + printf("%u ", proto); - print_host(&nk->addr[1], nk->port[1], s->af, opts); - if (PF_ANEQ(&nk->addr[1], &sk->addr[1], s->af) || + print_host(&nk->addr[1], nk->port[1], af, opts); + if (PF_ANEQ(&nk->addr[1], &sk->addr[1], af) || nk->port[1] != sk->port[1]) { printf(" ("); - print_host(&sk->addr[1], sk->port[1], s->af, opts); + print_host(&sk->addr[1], sk->port[1], af, opts); printf(")"); } if (s->direction == PF_OUT) printf(" -> "); else printf(" <- "); - print_host(&nk->addr[0], nk->port[0], s->af, opts); - if (PF_ANEQ(&nk->addr[0], &sk->addr[0], s->af) || + print_host(&nk->addr[0], nk->port[0], af, opts); + if (PF_ANEQ(&nk->addr[0], &sk->addr[0], af) || nk->port[0] != sk->port[0]) { printf(" ("); - print_host(&sk->addr[0], sk->port[0], s->af, opts); + print_host(&sk->addr[0], sk->port[0], af, opts); printf(")"); } printf(" "); - if (s->proto == IPPROTO_TCP) { + if (proto == IPPROTO_TCP) { if (src->state <= TCPS_TIME_WAIT && dst->state <= TCPS_TIME_WAIT) printf(" %s:%s\n", tcpstates[src->state], @@ -290,16 +295,16 @@ print_state(struct pfsync_state *s, int opts) dst->wscale & PF_WSCALE_MASK); printf("\n"); } - } else if (s->proto == IPPROTO_UDP && src->state < PFUDPS_NSTATES && + } else if (proto == IPPROTO_UDP && src->state < PFUDPS_NSTATES && dst->state < PFUDPS_NSTATES) { const char *states[] = PFUDPS_NAMES; printf(" %s:%s\n", states[src->state], states[dst->state]); #ifndef INET6 - } else if (s->proto != IPPROTO_ICMP && src->state < PFOTHERS_NSTATES && + } else if (proto != IPPROTO_ICMP && src->state < PFOTHERS_NSTATES && dst->state < PFOTHERS_NSTATES) { #else - } else if (s->proto != IPPROTO_ICMP && s->proto != IPPROTO_ICMPV6 && + } else if (proto != IPPROTO_ICMP && proto != IPPROTO_ICMPV6 && src->state < PFOTHERS_NSTATES && dst->state < PFOTHERS_NSTATES) { #endif /* XXX ICMP doesn't really have state levels */ @@ -311,10 +316,8 @@ print_state(struct pfsync_state *s, int opts) } if (opts & PF_OPT_VERBOSE) { - u_int64_t packets[2]; - u_int64_t bytes[2]; - u_int32_t creation = ntohl(s->creation); - u_int32_t expire = ntohl(s->expire); + u_int32_t creation = s->creation; + u_int32_t expire = s->expire; sec = creation % 60; creation /= 60; @@ -327,19 +330,15 @@ print_state(struct pfsync_state *s, int opts) expire /= 60; printf(", expires in %.2u:%.2u:%.2u", expire, min, sec); - bcopy(s->packets[0], &packets[0], sizeof(u_int64_t)); - bcopy(s->packets[1], &packets[1], sizeof(u_int64_t)); - bcopy(s->bytes[0], &bytes[0], sizeof(u_int64_t)); - bcopy(s->bytes[1], &bytes[1], sizeof(u_int64_t)); printf(", %ju:%ju pkts, %ju:%ju bytes", - (uintmax_t )be64toh(packets[0]), - (uintmax_t )be64toh(packets[1]), - (uintmax_t )be64toh(bytes[0]), - (uintmax_t )be64toh(bytes[1])); - if (ntohl(s->anchor) != -1) - printf(", anchor %u", ntohl(s->anchor)); - if (ntohl(s->rule) != -1) - printf(", rule %u", ntohl(s->rule)); + s->packets[0], + s->packets[1], + s->bytes[0], + s->bytes[1]); + if (s->anchor != -1) + printf(", anchor %u", s->anchor); + if (s->rule != -1) + printf(", rule %u", s->rule); if (s->state_flags & PFSTATE_SLOPPY) printf(", sloppy"); if (s->sync_flags & PFSYNC_FLAG_SRCNODE) @@ -352,10 +351,9 @@ print_state(struct pfsync_state *s, int opts) u_int64_t id; bcopy(&s->id, &id, sizeof(u_int64_t)); - printf(" id: %016jx creatorid: %08x", - (uintmax_t )be64toh(id), ntohl(s->creatorid)); + printf(" id: %016jx creatorid: %08x", id, s->creatorid); printf(" gateway: "); - print_host(&s->rt_addr, 0, s->af, opts); + print_host(&s->rt_addr, 0, af, opts); printf("\n"); } } diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c index fd937cac9f63..f82d75198d61 100644 --- a/sbin/pfctl/pfctl.c +++ b/sbin/pfctl/pfctl.c @@ -1237,48 +1237,27 @@ done: int pfctl_show_states(int dev, const char *iface, int opts) { - struct pfioc_states ps; - struct pfsync_state *p; - char *inbuf = NULL, *newinbuf = NULL; - unsigned int len = 0; - int i, dotitle = (opts & PF_OPT_SHOWALL); + struct pfctl_states states; + struct pfctl_state *s; + int dotitle = (opts & PF_OPT_SHOWALL); - memset(&ps, 0, sizeof(ps)); - for (;;) { - ps.ps_len = len; - if (len) { - newinbuf = realloc(inbuf, len); - if (newinbuf == NULL) - err(1, "realloc"); - ps.ps_buf = inbuf = newinbuf; - } - if (ioctl(dev, DIOCGETSTATES, &ps) < 0) { - warn("DIOCGETSTATES"); - free(inbuf); - return (-1); - } - if (ps.ps_len + sizeof(struct pfioc_states) < len) - break; - if (len == 0 && ps.ps_len == 0) - goto done; - if (len == 0 && ps.ps_len != 0) - len = ps.ps_len; - if (ps.ps_len == 0) - goto done; /* no states */ - len *= 2; - } - p = ps.ps_states; - for (i = 0; i < ps.ps_len; i += sizeof(*p), p++) { - if (iface != NULL && strcmp(p->ifname, iface)) + memset(&states, 0, sizeof(states)); + + if (pfctl_get_states(dev, &states)) + return (-1); + + TAILQ_FOREACH(s, &states.states, entry) { + if (iface != NULL && strcmp(s->ifname, iface)) continue; if (dotitle) { pfctl_print_title("STATES:"); dotitle = 0; } - print_state(p, opts); + print_state(s, opts); } -done: - free(inbuf); + + pfctl_free_states(&states); + return (0); } diff --git a/sbin/pfctl/pfctl.h b/sbin/pfctl/pfctl.h index 93b3af083b5f..f8ff5012e01b 100644 --- a/sbin/pfctl/pfctl.h +++ b/sbin/pfctl/pfctl.h @@ -120,8 +120,8 @@ char *rate2str(double); void print_addr(struct pf_addr_wrap *, sa_family_t, int); void print_host(struct pf_addr *, u_int16_t p, sa_family_t, int); -void print_seq(struct pfsync_state_peer *); -void print_state(struct pfsync_state *, int); +void print_seq(struct pfctl_state_peer *); +void print_state(struct pfctl_state *, int); int unmask(struct pf_addr *, sa_family_t); int pfctl_cmdline_symset(char *); From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:24 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A39116383C3; Thu, 27 May 2021 10:20:24 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP2v6kdVz4rkF; Thu, 27 May 2021 10:20:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BA9732258E; Thu, 27 May 2021 10:20:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKNtb055125; Thu, 27 May 2021 10:20:23 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKN7E055124; Thu, 27 May 2021 10:20:23 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:23 GMT Message-Id: <202105271020.14RAKN7E055124@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: f8b887607cb5 - stable/12 - pf: Add DIOCGETSTATESNV MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: f8b887607cb5c0458aa0cdbafce3f9966f43c9ed Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:24 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=f8b887607cb5c0458aa0cdbafce3f9966f43c9ed commit f8b887607cb5c0458aa0cdbafce3f9966f43c9ed Author: Kristof Provost AuthorDate: 2021-05-05 19:00:16 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:05:53 +0000 pf: Add DIOCGETSTATESNV Add DIOCGETSTATESNV, an nvlist-based alternative to DIOCGETSTATES. MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30243 (cherry picked from commit 0592a4c83d67547644763fb023abd5eb28e57f92) --- share/man/man4/pf.4 | 71 ++++++++++++++++++++++++++++++++----------- sys/net/pfvar.h | 1 + sys/netpfil/pf/pf_ioctl.c | 76 +++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 130 insertions(+), 18 deletions(-) diff --git a/share/man/man4/pf.4 b/share/man/man4/pf.4 index 24843535c924..133e4d300043 100644 --- a/share/man/man4/pf.4 +++ b/share/man/man4/pf.4 @@ -415,30 +415,65 @@ Set the debug level. enum { PF_DEBUG_NONE, PF_DEBUG_URGENT, PF_DEBUG_MISC, PF_DEBUG_NOISY }; .Ed -.It Dv DIOCGETSTATES Fa "struct pfioc_states *ps" +.It Dv DIOCGETSTATESNV Fa "struct pfioc_nv *nv" Get state table entries. .Bd -literal -struct pfioc_states { - int ps_len; - union { - caddr_t psu_buf; - struct pf_state *psu_states; - } ps_u; -#define ps_buf ps_u.psu_buf -#define ps_states ps_u.psu_states +nvlist pf_state_key { + nvlist pf_addr addr[2]; + number port[2]; + number af; + number proto; +}; + +nvlist pf_state_scrub { + bool timestamp; + number ttl; + number ts_mod; +}; + +nvlist pf_state_peer { + nvlist pf_state_scrub scrub; + number seqlo; + number seqhi; + number seqdiff; + number max_win; + number mss; + number state; + number wscale; +}; + +nvlist pf_state { + number id; + string ifname; + nvlist pf_state_key stack_key; + nvlist pf_state_key wire_key; + nvlist pf_state_peer src; + nvlist pf_state_peer dst; + nvlist pf_addr rt_addr; + number rule; + number anchor; + number nat_rule; + number expire; + number packets[2]; + number bytes[2]; + number creatorid; + number direction; + number log; + number state_flags; + number timeout; + number sync_flags; +}; + +nvlist pf_states { + number count; + nvlist pf_state states[]; }; .Ed .Pp If -.Va ps_len -is non-zero on entry, as many states as possible that can fit into this -size will be copied into the supplied buffer -.Va ps_states . -On exit, -.Va ps_len -is always set to the total size required to hold all state table entries -(i.e., it is set to -.Li sizeof(struct pf_state) * nr ) . +.Va pfioc_nv.size +is insufficiently large, as many states as possible that can fit into this +size will be copied into the supplied buffer. .It Dv DIOCCHANGERULE Fa "struct pfioc_rule *pcr" Add or remove the .Va rule diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 5acefd631e3d..41aba842e480 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -1263,6 +1263,7 @@ struct pfioc_iface { #define DIOCNATLOOK _IOWR('D', 23, struct pfioc_natlook) #define DIOCSETDEBUG _IOWR('D', 24, u_int32_t) #define DIOCGETSTATES _IOWR('D', 25, struct pfioc_states) +#define DIOCGETSTATESNV _IOWR('D', 25, struct pfioc_nv) #define DIOCCHANGERULE _IOWR('D', 26, struct pfioc_rule) /* XXX cut 26 - 28 */ #define DIOCSETTIMEOUT _IOWR('D', 29, struct pfioc_tm) diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index 431032f6c6e0..53423fb75202 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -209,6 +209,7 @@ static int pf_killstates_row(struct pf_kstate_kill *, static int pf_killstates_nv(struct pfioc_nv *); static int pf_clearstates_nv(struct pfioc_nv *); static int pf_getstate(struct pfioc_nv *); +static int pf_getstates(struct pfioc_nv *); static int pf_clear_tables(void); static void pf_clear_srcnodes(struct pf_ksrc_node *); static void pf_kill_srcnodes(struct pfioc_src_node_kill *); @@ -2949,6 +2950,7 @@ pfioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags, struct thread *td case DIOCNATLOOK: case DIOCSETDEBUG: case DIOCGETSTATES: + case DIOCGETSTATESNV: case DIOCGETTIMEOUT: case DIOCCLRRULECTRS: case DIOCGETLIMIT: @@ -3001,6 +3003,7 @@ pfioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags, struct thread *td case DIOCGETSTATENV: case DIOCGETSTATUS: case DIOCGETSTATES: + case DIOCGETSTATESNV: case DIOCGETTIMEOUT: case DIOCGETLIMIT: case DIOCGETALTQSV0: @@ -3722,6 +3725,11 @@ DIOCGETSTATES_full: break; } + case DIOCGETSTATESNV: { + error = pf_getstates((struct pfioc_nv *)addr); + break; + } + case DIOCGETSTATUS: { struct pf_status *s = (struct pf_status *)addr; @@ -5931,6 +5939,74 @@ errout: return (error); } +static int +pf_getstates(struct pfioc_nv *nv) +{ + nvlist_t *nvl = NULL, *nvls; + void *nvlpacked = NULL; + struct pf_state *s = NULL; + int error = 0; + uint64_t count = 0; + +#define ERROUT(x) ERROUT_FUNCTION(errout, x) + + nvl = nvlist_create(0); + if (nvl == NULL) + ERROUT(ENOMEM); + + nvlist_add_number(nvl, "count", uma_zone_get_cur(V_pf_state_z)); + + for (int i = 0; i < pf_hashmask; i++) { + struct pf_idhash *ih = &V_pf_idhash[i]; + + PF_HASHROW_LOCK(ih); + LIST_FOREACH(s, &ih->states, entry) { + if (s->timeout == PFTM_UNLINKED) + continue; + + nvls = pf_state_to_nvstate(s); + if (nvls == NULL) { + PF_HASHROW_UNLOCK(ih); + ERROUT(ENOMEM); + } + if ((nvlist_size(nvl) + nvlist_size(nvls)) > nv->size) { + /* We've run out of room for more states. */ + nvlist_destroy(nvls); + PF_HASHROW_UNLOCK(ih); + goto DIOCGETSTATESNV_full; + } + nvlist_append_nvlist_array(nvl, "states", nvls); + count++; + } + PF_HASHROW_UNLOCK(ih); + } + + /* We've managed to put them all the available space. Let's make sure + * 'count' matches our array (that's racy, because we don't hold a lock + * over all states, only over each row individually. */ + (void)nvlist_take_number(nvl, "count"); + nvlist_add_number(nvl, "count", count); + +DIOCGETSTATESNV_full: + + nvlpacked = nvlist_pack(nvl, &nv->len); + if (nvlpacked == NULL) + ERROUT(ENOMEM); + + if (nv->size == 0) + ERROUT(0); + else if (nv->size < nv->len) + ERROUT(ENOSPC); + + error = copyout(nvlpacked, nv->data, nv->len); + +#undef ERROUT +errout: + free(nvlpacked, M_TEMP); + nvlist_destroy(nvl); + return (error); +} + /* * XXX - Check for version missmatch!!! */ From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:27 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 68CE2638613; Thu, 27 May 2021 10:20:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP2x5wMjz4rkM; Thu, 27 May 2021 10:20:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 47ECC22617; Thu, 27 May 2021 10:20:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKPMC055259; Thu, 27 May 2021 10:20:25 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKP8R055258; Thu, 27 May 2021 10:20:25 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:25 GMT Message-Id: <202105271020.14RAKP8R055258@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 47a3d57efdb8 - stable/13 - pfctl: Ensure parent queue is configured for FAIRQ MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 47a3d57efdb83b36985a5864af49c0261a2f40e8 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:27 -0000 The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=47a3d57efdb83b36985a5864af49c0261a2f40e8 commit 47a3d57efdb83b36985a5864af49c0261a2f40e8 Author: Kristof Provost AuthorDate: 2021-05-18 16:22:13 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:03:42 +0000 pfctl: Ensure parent queue is configured for FAIRQ We failed to account for the FAIRQ scheduler in expand_altq(), which led it to be set up without its parent queue. MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30347 (cherry picked from commit dc784287967d45ab681dc51e9e20b78c8c535834) --- sbin/pfctl/parse.y | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y index 6acfefbf5ad3..4448a8255ce1 100644 --- a/sbin/pfctl/parse.y +++ b/sbin/pfctl/parse.y @@ -5107,7 +5107,8 @@ expand_altq(struct pf_altq *a, struct node_if *interfaces, } if (pa.scheduler == ALTQT_CBQ || - pa.scheduler == ALTQT_HFSC) { + pa.scheduler == ALTQT_HFSC || + pa.scheduler == ALTQT_FAIRQ) { /* now create a root queue */ memset(&pb, 0, sizeof(struct pf_altq)); if (strlcpy(qname, "root_", sizeof(qname)) >= @@ -5138,7 +5139,8 @@ expand_altq(struct pf_altq *a, struct node_if *interfaces, if (n == NULL) err(1, "expand_altq: calloc"); if (pa.scheduler == ALTQT_CBQ || - pa.scheduler == ALTQT_HFSC) + pa.scheduler == ALTQT_HFSC || + pa.scheduler == ALTQT_FAIRQ) if (strlcpy(n->parent, qname, sizeof(n->parent)) >= sizeof(n->parent)) From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:28 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8CA4C637FDB; Thu, 27 May 2021 10:20:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP2z73Dgz4s10; Thu, 27 May 2021 10:20:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9402F2258F; Thu, 27 May 2021 10:20:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKRrB055343; Thu, 27 May 2021 10:20:27 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKRJQ055342; Thu, 27 May 2021 10:20:27 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:27 GMT Message-Id: <202105271020.14RAKRJQ055342@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: def59341c938 - stable/13 - pf: Add DIOCGETSTATESNV MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: def59341c9384923f49ee05312733195e6476f9b Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:28 -0000 The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=def59341c9384923f49ee05312733195e6476f9b commit def59341c9384923f49ee05312733195e6476f9b Author: Kristof Provost AuthorDate: 2021-05-05 19:00:16 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:05:50 +0000 pf: Add DIOCGETSTATESNV Add DIOCGETSTATESNV, an nvlist-based alternative to DIOCGETSTATES. MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30243 (cherry picked from commit 0592a4c83d67547644763fb023abd5eb28e57f92) --- share/man/man4/pf.4 | 71 ++++++++++++++++++++++++++++++++----------- sys/net/pfvar.h | 1 + sys/netpfil/pf/pf_ioctl.c | 76 +++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 130 insertions(+), 18 deletions(-) diff --git a/share/man/man4/pf.4 b/share/man/man4/pf.4 index 24843535c924..133e4d300043 100644 --- a/share/man/man4/pf.4 +++ b/share/man/man4/pf.4 @@ -415,30 +415,65 @@ Set the debug level. enum { PF_DEBUG_NONE, PF_DEBUG_URGENT, PF_DEBUG_MISC, PF_DEBUG_NOISY }; .Ed -.It Dv DIOCGETSTATES Fa "struct pfioc_states *ps" +.It Dv DIOCGETSTATESNV Fa "struct pfioc_nv *nv" Get state table entries. .Bd -literal -struct pfioc_states { - int ps_len; - union { - caddr_t psu_buf; - struct pf_state *psu_states; - } ps_u; -#define ps_buf ps_u.psu_buf -#define ps_states ps_u.psu_states +nvlist pf_state_key { + nvlist pf_addr addr[2]; + number port[2]; + number af; + number proto; +}; + +nvlist pf_state_scrub { + bool timestamp; + number ttl; + number ts_mod; +}; + +nvlist pf_state_peer { + nvlist pf_state_scrub scrub; + number seqlo; + number seqhi; + number seqdiff; + number max_win; + number mss; + number state; + number wscale; +}; + +nvlist pf_state { + number id; + string ifname; + nvlist pf_state_key stack_key; + nvlist pf_state_key wire_key; + nvlist pf_state_peer src; + nvlist pf_state_peer dst; + nvlist pf_addr rt_addr; + number rule; + number anchor; + number nat_rule; + number expire; + number packets[2]; + number bytes[2]; + number creatorid; + number direction; + number log; + number state_flags; + number timeout; + number sync_flags; +}; + +nvlist pf_states { + number count; + nvlist pf_state states[]; }; .Ed .Pp If -.Va ps_len -is non-zero on entry, as many states as possible that can fit into this -size will be copied into the supplied buffer -.Va ps_states . -On exit, -.Va ps_len -is always set to the total size required to hold all state table entries -(i.e., it is set to -.Li sizeof(struct pf_state) * nr ) . +.Va pfioc_nv.size +is insufficiently large, as many states as possible that can fit into this +size will be copied into the supplied buffer. .It Dv DIOCCHANGERULE Fa "struct pfioc_rule *pcr" Add or remove the .Va rule diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 25b66f1277dc..c4508062c1ec 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -1262,6 +1262,7 @@ struct pfioc_iface { #define DIOCNATLOOK _IOWR('D', 23, struct pfioc_natlook) #define DIOCSETDEBUG _IOWR('D', 24, u_int32_t) #define DIOCGETSTATES _IOWR('D', 25, struct pfioc_states) +#define DIOCGETSTATESNV _IOWR('D', 25, struct pfioc_nv) #define DIOCCHANGERULE _IOWR('D', 26, struct pfioc_rule) /* XXX cut 26 - 28 */ #define DIOCSETTIMEOUT _IOWR('D', 29, struct pfioc_tm) diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index 982e7ac0caea..ebbfc2360c47 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -209,6 +209,7 @@ static int pf_killstates_row(struct pf_kstate_kill *, static int pf_killstates_nv(struct pfioc_nv *); static int pf_clearstates_nv(struct pfioc_nv *); static int pf_getstate(struct pfioc_nv *); +static int pf_getstates(struct pfioc_nv *); static int pf_clear_tables(void); static void pf_clear_srcnodes(struct pf_ksrc_node *); static void pf_kill_srcnodes(struct pfioc_src_node_kill *); @@ -2948,6 +2949,7 @@ pfioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags, struct thread *td case DIOCNATLOOK: case DIOCSETDEBUG: case DIOCGETSTATES: + case DIOCGETSTATESNV: case DIOCGETTIMEOUT: case DIOCCLRRULECTRS: case DIOCGETLIMIT: @@ -3000,6 +3002,7 @@ pfioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags, struct thread *td case DIOCGETSTATENV: case DIOCGETSTATUS: case DIOCGETSTATES: + case DIOCGETSTATESNV: case DIOCGETTIMEOUT: case DIOCGETLIMIT: case DIOCGETALTQSV0: @@ -3709,6 +3712,11 @@ DIOCGETSTATES_full: break; } + case DIOCGETSTATESNV: { + error = pf_getstates((struct pfioc_nv *)addr); + break; + } + case DIOCGETSTATUS: { struct pf_status *s = (struct pf_status *)addr; @@ -5916,6 +5924,74 @@ errout: return (error); } +static int +pf_getstates(struct pfioc_nv *nv) +{ + nvlist_t *nvl = NULL, *nvls; + void *nvlpacked = NULL; + struct pf_state *s = NULL; + int error = 0; + uint64_t count = 0; + +#define ERROUT(x) ERROUT_FUNCTION(errout, x) + + nvl = nvlist_create(0); + if (nvl == NULL) + ERROUT(ENOMEM); + + nvlist_add_number(nvl, "count", uma_zone_get_cur(V_pf_state_z)); + + for (int i = 0; i < pf_hashmask; i++) { + struct pf_idhash *ih = &V_pf_idhash[i]; + + PF_HASHROW_LOCK(ih); + LIST_FOREACH(s, &ih->states, entry) { + if (s->timeout == PFTM_UNLINKED) + continue; + + nvls = pf_state_to_nvstate(s); + if (nvls == NULL) { + PF_HASHROW_UNLOCK(ih); + ERROUT(ENOMEM); + } + if ((nvlist_size(nvl) + nvlist_size(nvls)) > nv->size) { + /* We've run out of room for more states. */ + nvlist_destroy(nvls); + PF_HASHROW_UNLOCK(ih); + goto DIOCGETSTATESNV_full; + } + nvlist_append_nvlist_array(nvl, "states", nvls); + count++; + } + PF_HASHROW_UNLOCK(ih); + } + + /* We've managed to put them all the available space. Let's make sure + * 'count' matches our array (that's racy, because we don't hold a lock + * over all states, only over each row individually. */ + (void)nvlist_take_number(nvl, "count"); + nvlist_add_number(nvl, "count", count); + +DIOCGETSTATESNV_full: + + nvlpacked = nvlist_pack(nvl, &nv->len); + if (nvlpacked == NULL) + ERROUT(ENOMEM); + + if (nv->size == 0) + ERROUT(0); + else if (nv->size < nv->len) + ERROUT(ENOSPC); + + error = copyout(nvlpacked, nv->data, nv->len); + +#undef ERROUT +errout: + free(nvlpacked, M_TEMP); + nvlist_destroy(nvl); + return (error); +} + /* * XXX - Check for version missmatch!!! */ From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:37 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 86C236383F5; Thu, 27 May 2021 10:20:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP3827m8z4rvn; Thu, 27 May 2021 10:20:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1CC3622592; Thu, 27 May 2021 10:20:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKXaH055614; Thu, 27 May 2021 10:20:33 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKWeS055613; Thu, 27 May 2021 10:20:32 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:32 GMT Message-Id: <202105271020.14RAKWeS055613@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: a4ceb1e192e6 - stable/13 - pfctl: Fix crash on ALTQ configuration MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: a4ceb1e192e66b1f38e712bb777014a977f8f3fe Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:37 -0000 The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=a4ceb1e192e66b1f38e712bb777014a977f8f3fe commit a4ceb1e192e66b1f38e712bb777014a977f8f3fe Author: Kristof Provost AuthorDate: 2021-05-18 13:03:01 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:09:55 +0000 pfctl: Fix crash on ALTQ configuration The following config could crash pfctl: altq on igb0 fairq bandwidth 1Gb queue { qLink } queue qLink fairq(default) That happens because when we're parsing the parent queue (on igb0) it doesn't have a parent, and the check in eval_pfqueue_fairq() checks pa->parent rather than parent. This was changed in eval_pfqueue_hfsc() in 1d34c9dac8624c5c315ae39ad3ae8e5879b23256, but not for fairq. Reviewed by: pkelsey MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30346 (cherry picked from commit 26705a39e51eaf5b32efa98fb86df2d4ecfbdc61) --- sbin/pfctl/pfctl_altq.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sbin/pfctl/pfctl_altq.c b/sbin/pfctl/pfctl_altq.c index f23fe057f703..8067b0598361 100644 --- a/sbin/pfctl/pfctl_altq.c +++ b/sbin/pfctl/pfctl_altq.c @@ -872,7 +872,7 @@ eval_pfqueue_fairq(struct pfctl *pf __unused, struct pf_altq *pa, opts = &pa->pq_u.fairq_opts; - if (pa->parent == NULL) { + if (parent == NULL) { /* root queue */ opts->lssc_m1 = pa->ifbandwidth; opts->lssc_m2 = pa->ifbandwidth; From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:28 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4FA5D6382B1; Thu, 27 May 2021 10:20:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP2y1bQPz4rbT; Thu, 27 May 2021 10:20:26 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DD4732253E; Thu, 27 May 2021 10:20:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKPZD055280; Thu, 27 May 2021 10:20:25 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKP63055279; Thu, 27 May 2021 10:20:25 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:25 GMT Message-Id: <202105271020.14RAKP63055279@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 7c15871eff23 - stable/12 - pf: Track the original kif for floating states MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 7c15871eff2341da68fa5c88fe64d1f386f13c89 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:28 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=7c15871eff2341da68fa5c88fe64d1f386f13c89 commit 7c15871eff2341da68fa5c88fe64d1f386f13c89 Author: Kristof Provost AuthorDate: 2021-05-12 11:24:57 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:06:17 +0000 pf: Track the original kif for floating states Track (and display) the interface that created a state, even if it's a floating state (and thus uses virtual interface 'all'). MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30245 (cherry picked from commit d0fdf2b28f9b981d2cb98e9da8a715e046ef1e92) --- lib/libpfctl/libpfctl.c | 2 ++ lib/libpfctl/libpfctl.h | 1 + sbin/pfctl/pf_print_state.c | 5 ++++- sys/net/pfvar.h | 2 ++ sys/netpfil/pf/if_pfsync.c | 2 +- sys/netpfil/pf/pf.c | 7 ++++--- sys/netpfil/pf/pf_ioctl.c | 1 + 7 files changed, 15 insertions(+), 5 deletions(-) diff --git a/lib/libpfctl/libpfctl.c b/lib/libpfctl/libpfctl.c index 6a6ecd8fb136..e207a55a8673 100644 --- a/lib/libpfctl/libpfctl.c +++ b/lib/libpfctl/libpfctl.c @@ -699,6 +699,8 @@ pf_nvstate_to_state(const nvlist_t *nvl, struct pfctl_state *s) strlcpy(s->ifname, nvlist_get_string(nvl, "ifname"), sizeof(s->ifname)); + strlcpy(s->orig_ifname, nvlist_get_string(nvl, "orig_ifname"), + sizeof(s->orig_ifname)); pf_nvaddr_to_addr(nvlist_get_nvlist(nvl, "rt_addr"), &s->rt_addr); s->rule = nvlist_get_number(nvl, "rule"); diff --git a/lib/libpfctl/libpfctl.h b/lib/libpfctl/libpfctl.h index 05447b5d8673..a54ee9db6ec7 100644 --- a/lib/libpfctl/libpfctl.h +++ b/lib/libpfctl/libpfctl.h @@ -237,6 +237,7 @@ struct pfctl_state { struct pf_addr rt_addr; struct pfctl_state_key key[2]; /* addresses stack and wire */ char ifname[IFNAMSIZ]; + char orig_ifname[IFNAMSIZ]; uint64_t packets[2]; uint64_t bytes[2]; uint32_t creation; diff --git a/sbin/pfctl/pf_print_state.c b/sbin/pfctl/pf_print_state.c index 7119308d195b..b1f0079154cf 100644 --- a/sbin/pfctl/pf_print_state.c +++ b/sbin/pfctl/pf_print_state.c @@ -352,9 +352,12 @@ print_state(struct pfctl_state *s, int opts) bcopy(&s->id, &id, sizeof(u_int64_t)); printf(" id: %016jx creatorid: %08x", id, s->creatorid); - printf(" gateway: "); + printf(" gateway: "); print_host(&s->rt_addr, 0, af, opts); printf("\n"); + + if (strcmp(s->ifname, s->orig_ifname) != 0) + printf(" origif: %s\n", s->orig_ifname); } } diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 41aba842e480..c7890b99e05a 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -522,6 +522,7 @@ struct pf_state { struct pf_addr rt_addr; struct pf_state_key *key[2]; /* addresses stack and wire */ struct pfi_kkif *kif; + struct pfi_kkif *orig_kif; /* The real kif, even if we're a floating state (i.e. if == V_pfi_all). */ struct pfi_kkif *rt_kif; struct pf_ksrc_node *src_node; struct pf_ksrc_node *nat_src_node; @@ -1474,6 +1475,7 @@ extern int pf_unlink_state(struct pf_state *, u_int); #define PF_ENTER_LOCKED 0x00000001 #define PF_RETURN_LOCKED 0x00000002 extern int pf_state_insert(struct pfi_kkif *, + struct pfi_kkif *, struct pf_state_key *, struct pf_state_key *, struct pf_state *); diff --git a/sys/netpfil/pf/if_pfsync.c b/sys/netpfil/pf/if_pfsync.c index bc1dcd02f36c..528195bddec1 100644 --- a/sys/netpfil/pf/if_pfsync.c +++ b/sys/netpfil/pf/if_pfsync.c @@ -594,7 +594,7 @@ pfsync_state_import(struct pfsync_state *sp, u_int8_t flags) if (!(flags & PFSYNC_SI_IOCTL)) st->state_flags |= PFSTATE_NOSYNC; - if ((error = pf_state_insert(kif, skw, sks, st)) != 0) + if ((error = pf_state_insert(kif, kif, skw, sks, st)) != 0) goto cleanup_state; /* XXX when we have nat_rule/anchors, use STATE_INC_COUNTERS */ diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 736d41203874..9eb8c2f54c42 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -1263,8 +1263,8 @@ pf_state_key_clone(struct pf_state_key *orig) } int -pf_state_insert(struct pfi_kkif *kif, struct pf_state_key *skw, - struct pf_state_key *sks, struct pf_state *s) +pf_state_insert(struct pfi_kkif *kif, struct pfi_kkif *orig_kif, + struct pf_state_key *skw, struct pf_state_key *sks, struct pf_state *s) { struct pf_idhash *ih; struct pf_state *cur; @@ -1277,6 +1277,7 @@ pf_state_insert(struct pfi_kkif *kif, struct pf_state_key *skw, KASSERT(s->refs == 0, ("%s: state not pristine", __func__)); s->kif = kif; + s->orig_kif = orig_kif; if (s->id == 0 && s->creatorid == 0) { /* XXX: should be atomic, but probability of collision low */ @@ -3877,7 +3878,7 @@ pf_create_state(struct pf_krule *r, struct pf_krule *nr, struct pf_krule *a, __func__, nr, sk, nk)); /* Swap sk/nk for PF_OUT. */ - if (pf_state_insert(BOUND_IFACE(r, kif), + if (pf_state_insert(BOUND_IFACE(r, kif), kif, (pd->dir == PF_IN) ? sk : nk, (pd->dir == PF_IN) ? nk : sk, s)) { if (pd->proto == IPPROTO_TCP) diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index 53423fb75202..4f7767773037 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -2697,6 +2697,7 @@ pf_state_to_nvstate(const struct pf_state *s) nvlist_add_number(nvl, "id", s->id); nvlist_add_string(nvl, "ifname", s->kif->pfik_name); + nvlist_add_string(nvl, "orig_ifname", s->orig_kif->pfik_name); tmp = pf_state_key_to_nvstate_key(s->key[PF_SK_STACK]); if (tmp == NULL) From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:28 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1761C638575; Thu, 27 May 2021 10:20:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP2z0xSXz4rqj; Thu, 27 May 2021 10:20:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 044B1222DA; Thu, 27 May 2021 10:20:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKQt4055322; Thu, 27 May 2021 10:20:26 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKQEG055321; Thu, 27 May 2021 10:20:26 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:26 GMT Message-Id: <202105271020.14RAKQEG055321@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: b8c1a98438c0 - stable/12 - pf: Support killing floating states by interface MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: b8c1a98438c0b6b36063a5a17a2fd625738bb9e0 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:28 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=b8c1a98438c0b6b36063a5a17a2fd625738bb9e0 commit b8c1a98438c0b6b36063a5a17a2fd625738bb9e0 Author: Kristof Provost AuthorDate: 2021-05-13 07:51:28 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:09:21 +0000 pf: Support killing floating states by interface Floating states get assigned to interface 'all' (V_pfi_all), so when we try to flush all states for an interface states originally created through this interface are not flushed. Only if-bound states can be flushed in this way. Given that we track the original interface we can check if the state's interface is 'all', and if so compare to the orig_if instead. MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30246 (cherry picked from commit b62489cc92edbec318fb6c57cdc02b5e3cfa3a67) --- sys/netpfil/pf/pf_ioctl.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index 4f7767773037..42429972fe53 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -2447,10 +2447,14 @@ pf_killstates_row(struct pf_kstate_kill *psk, struct pf_idhash *ih) int idx, killed = 0; unsigned int dir; u_int16_t srcport, dstport; + struct pfi_kkif *kif; relock_DIOCKILLSTATES: PF_HASHROW_LOCK(ih); LIST_FOREACH(s, &ih->states, entry) { + /* For floating states look at the original kif. */ + kif = s->kif == V_pfi_all ? s->orig_kif : s->kif; + sk = s->key[PF_SK_WIRE]; if (s->direction == PF_OUT) { srcaddr = &sk->addr[1]; @@ -2499,7 +2503,7 @@ relock_DIOCKILLSTATES: continue; if (psk->psk_ifname[0] && strcmp(psk->psk_ifname, - s->kif->pfik_name)) + kif->pfik_name)) continue; if (psk->psk_kill_match) { @@ -5677,6 +5681,7 @@ pf_clear_states(const struct pf_kstate_kill *kill) { struct pf_state_key_cmp match_key; struct pf_state *s; + struct pfi_kkif *kif; int idx; unsigned int killed = 0, dir; @@ -5686,9 +5691,12 @@ pf_clear_states(const struct pf_kstate_kill *kill) relock_DIOCCLRSTATES: PF_HASHROW_LOCK(ih); LIST_FOREACH(s, &ih->states, entry) { + /* For floating states look at the original kif. */ + kif = s->kif == V_pfi_all ? s->orig_kif : s->kif; + if (kill->psk_ifname[0] && strcmp(kill->psk_ifname, - s->kif->pfik_name)) + kif->pfik_name)) continue; if (kill->psk_kill_match) { From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:30 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E70E163861F; Thu, 27 May 2021 10:20:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP305NGKz4s3F; Thu, 27 May 2021 10:20:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 20160223A1; Thu, 27 May 2021 10:20:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKSfm055368; Thu, 27 May 2021 10:20:28 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKSgp055367; Thu, 27 May 2021 10:20:28 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:28 GMT Message-Id: <202105271020.14RAKSgp055367@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 4e7aa605e57a - stable/12 - pf tests: Test the ability to kill floating states by interface MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 4e7aa605e57aa33147d482f04dee028ffbe38825 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:31 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=4e7aa605e57aa33147d482f04dee028ffbe38825 commit 4e7aa605e57aa33147d482f04dee028ffbe38825 Author: Kristof Provost AuthorDate: 2021-05-13 08:04:20 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:09:45 +0000 pf tests: Test the ability to kill floating states by interface Reviewed by: eri MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30247 (cherry picked from commit 7bd7933f9a4f1757fdefeee2e1ac8b8c4d299fc3) --- tests/sys/netpfil/pf/killstate.sh | 60 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) diff --git a/tests/sys/netpfil/pf/killstate.sh b/tests/sys/netpfil/pf/killstate.sh index 131b6268daf7..b811befc08c5 100644 --- a/tests/sys/netpfil/pf/killstate.sh +++ b/tests/sys/netpfil/pf/killstate.sh @@ -375,6 +375,65 @@ match_cleanup() pft_cleanup } +atf_test_case "interface" "cleanup" +interface_head() +{ + atf_set descr 'Test killing states based on interface' + atf_set require.user root + atf_set require.progs scapy +} + +interface_body() +{ + pft_init + + epair=$(vnet_mkepair) + ifconfig ${epair}a 192.0.2.1/24 up + + vnet_mkjail alcatraz ${epair}b + jexec alcatraz ifconfig ${epair}b 192.0.2.2/24 up + jexec alcatraz pfctl -e + + pft_set_rules alcatraz "block all" \ + "pass in proto icmp" + + # Sanity check & establish state + # Note: use pft_ping so we always use the same ID, so pf considers all + # echo requests part of the same flow. + atf_check -s exit:0 -o ignore ${common_dir}/pft_ping.py \ + --sendif ${epair}a \ + --to 192.0.2.2 \ + --replyif ${epair}a + + # Change rules to now deny the ICMP traffic + pft_set_rules noflush alcatraz "block all" + + # Established state means we can still ping alcatraz + atf_check -s exit:0 -o ignore ${common_dir}/pft_ping.py \ + --sendif ${epair}a \ + --to 192.0.2.2 \ + --replyif ${epair}a + + # Flushing states on a different interface doesn't affect our state + jexec alcatraz pfctl -i ${epair}a -Fs + atf_check -s exit:0 -o ignore ${common_dir}/pft_ping.py \ + --sendif ${epair}a \ + --to 192.0.2.2 \ + --replyif ${epair}a + + # Flushing on the correct interface does (even with floating states) + jexec alcatraz pfctl -i ${epair}b -Fs + atf_check -s exit:1 -o ignore ${common_dir}/pft_ping.py \ + --sendif ${epair}a \ + --to 192.0.2.2 \ + --replyif ${epair}a +} + +interface_cleanup() +{ + pft_cleanup +} + atf_init_test_cases() { atf_add_test_case "v4" @@ -382,4 +441,5 @@ atf_init_test_cases() atf_add_test_case "multilabel" atf_add_test_case "gateway" atf_add_test_case "match" + atf_add_test_case "interface" } From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:31 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 129CA6382B5; Thu, 27 May 2021 10:20:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP320mdsz4rvR; Thu, 27 May 2021 10:20:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B2B8D223A2; Thu, 27 May 2021 10:20:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKTQG055434; Thu, 27 May 2021 10:20:29 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKTf0055433; Thu, 27 May 2021 10:20:29 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:29 GMT Message-Id: <202105271020.14RAKTf0055433@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 48d771e579d5 - stable/13 - pf: Track the original kif for floating states MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 48d771e579d5e651acbe47fb57c360939197d42f Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:31 -0000 The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=48d771e579d5e651acbe47fb57c360939197d42f commit 48d771e579d5e651acbe47fb57c360939197d42f Author: Kristof Provost AuthorDate: 2021-05-12 11:24:57 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:06:14 +0000 pf: Track the original kif for floating states Track (and display) the interface that created a state, even if it's a floating state (and thus uses virtual interface 'all'). MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30245 (cherry picked from commit d0fdf2b28f9b981d2cb98e9da8a715e046ef1e92) --- lib/libpfctl/libpfctl.c | 2 ++ lib/libpfctl/libpfctl.h | 1 + sbin/pfctl/pf_print_state.c | 5 ++++- sys/net/pfvar.h | 2 ++ sys/netpfil/pf/if_pfsync.c | 2 +- sys/netpfil/pf/pf.c | 7 ++++--- sys/netpfil/pf/pf_ioctl.c | 1 + 7 files changed, 15 insertions(+), 5 deletions(-) diff --git a/lib/libpfctl/libpfctl.c b/lib/libpfctl/libpfctl.c index 6a6ecd8fb136..e207a55a8673 100644 --- a/lib/libpfctl/libpfctl.c +++ b/lib/libpfctl/libpfctl.c @@ -699,6 +699,8 @@ pf_nvstate_to_state(const nvlist_t *nvl, struct pfctl_state *s) strlcpy(s->ifname, nvlist_get_string(nvl, "ifname"), sizeof(s->ifname)); + strlcpy(s->orig_ifname, nvlist_get_string(nvl, "orig_ifname"), + sizeof(s->orig_ifname)); pf_nvaddr_to_addr(nvlist_get_nvlist(nvl, "rt_addr"), &s->rt_addr); s->rule = nvlist_get_number(nvl, "rule"); diff --git a/lib/libpfctl/libpfctl.h b/lib/libpfctl/libpfctl.h index 05447b5d8673..a54ee9db6ec7 100644 --- a/lib/libpfctl/libpfctl.h +++ b/lib/libpfctl/libpfctl.h @@ -237,6 +237,7 @@ struct pfctl_state { struct pf_addr rt_addr; struct pfctl_state_key key[2]; /* addresses stack and wire */ char ifname[IFNAMSIZ]; + char orig_ifname[IFNAMSIZ]; uint64_t packets[2]; uint64_t bytes[2]; uint32_t creation; diff --git a/sbin/pfctl/pf_print_state.c b/sbin/pfctl/pf_print_state.c index 7119308d195b..b1f0079154cf 100644 --- a/sbin/pfctl/pf_print_state.c +++ b/sbin/pfctl/pf_print_state.c @@ -352,9 +352,12 @@ print_state(struct pfctl_state *s, int opts) bcopy(&s->id, &id, sizeof(u_int64_t)); printf(" id: %016jx creatorid: %08x", id, s->creatorid); - printf(" gateway: "); + printf(" gateway: "); print_host(&s->rt_addr, 0, af, opts); printf("\n"); + + if (strcmp(s->ifname, s->orig_ifname) != 0) + printf(" origif: %s\n", s->orig_ifname); } } diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index c4508062c1ec..00db46521148 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -522,6 +522,7 @@ struct pf_state { struct pf_addr rt_addr; struct pf_state_key *key[2]; /* addresses stack and wire */ struct pfi_kkif *kif; + struct pfi_kkif *orig_kif; /* The real kif, even if we're a floating state (i.e. if == V_pfi_all). */ struct pfi_kkif *rt_kif; struct pf_ksrc_node *src_node; struct pf_ksrc_node *nat_src_node; @@ -1473,6 +1474,7 @@ extern int pf_unlink_state(struct pf_state *, u_int); #define PF_ENTER_LOCKED 0x00000001 #define PF_RETURN_LOCKED 0x00000002 extern int pf_state_insert(struct pfi_kkif *, + struct pfi_kkif *, struct pf_state_key *, struct pf_state_key *, struct pf_state *); diff --git a/sys/netpfil/pf/if_pfsync.c b/sys/netpfil/pf/if_pfsync.c index 96813fd11dc3..3514c922c361 100644 --- a/sys/netpfil/pf/if_pfsync.c +++ b/sys/netpfil/pf/if_pfsync.c @@ -593,7 +593,7 @@ pfsync_state_import(struct pfsync_state *sp, u_int8_t flags) if (!(flags & PFSYNC_SI_IOCTL)) st->state_flags |= PFSTATE_NOSYNC; - if ((error = pf_state_insert(kif, skw, sks, st)) != 0) + if ((error = pf_state_insert(kif, kif, skw, sks, st)) != 0) goto cleanup_state; /* XXX when we have nat_rule/anchors, use STATE_INC_COUNTERS */ diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 815b847b6355..bcc9780cfa9d 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -1263,8 +1263,8 @@ pf_state_key_clone(struct pf_state_key *orig) } int -pf_state_insert(struct pfi_kkif *kif, struct pf_state_key *skw, - struct pf_state_key *sks, struct pf_state *s) +pf_state_insert(struct pfi_kkif *kif, struct pfi_kkif *orig_kif, + struct pf_state_key *skw, struct pf_state_key *sks, struct pf_state *s) { struct pf_idhash *ih; struct pf_state *cur; @@ -1277,6 +1277,7 @@ pf_state_insert(struct pfi_kkif *kif, struct pf_state_key *skw, KASSERT(s->refs == 0, ("%s: state not pristine", __func__)); s->kif = kif; + s->orig_kif = orig_kif; if (s->id == 0 && s->creatorid == 0) { /* XXX: should be atomic, but probability of collision low */ @@ -3877,7 +3878,7 @@ pf_create_state(struct pf_krule *r, struct pf_krule *nr, struct pf_krule *a, __func__, nr, sk, nk)); /* Swap sk/nk for PF_OUT. */ - if (pf_state_insert(BOUND_IFACE(r, kif), + if (pf_state_insert(BOUND_IFACE(r, kif), kif, (pd->dir == PF_IN) ? sk : nk, (pd->dir == PF_IN) ? nk : sk, s)) { if (pd->proto == IPPROTO_TCP) diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index ebbfc2360c47..678cfbb7aa63 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -2696,6 +2696,7 @@ pf_state_to_nvstate(const struct pf_state *s) nvlist_add_number(nvl, "id", s->id); nvlist_add_string(nvl, "ifname", s->kif->pfik_name); + nvlist_add_string(nvl, "orig_ifname", s->orig_kif->pfik_name); tmp = pf_state_key_to_nvstate_key(s->key[PF_SK_STACK]); if (tmp == NULL) From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:35 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id F15F36385A2; Thu, 27 May 2021 10:20:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP346hynz4rt0; Thu, 27 May 2021 10:20:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7D6DF22591; Thu, 27 May 2021 10:20:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKVgp055497; Thu, 27 May 2021 10:20:31 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKVIk055496; Thu, 27 May 2021 10:20:31 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:31 GMT Message-Id: <202105271020.14RAKVIk055496@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: c3e4b38f4932 - stable/12 - pf: fix ioctl() memory leak MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: c3e4b38f4932d0ce457508b3893324a520e0dc30 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:35 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=c3e4b38f4932d0ce457508b3893324a520e0dc30 commit c3e4b38f4932d0ce457508b3893324a520e0dc30 Author: Kristof Provost AuthorDate: 2021-05-24 06:32:16 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 10:09:04 +0000 pf: fix ioctl() memory leak When we create an nvlist and insert it into another nvlist we must remember to destroy it. The nvlist_add_nvlist() function makes a copy, just like nvlist_add_string() makes a copy of the string. If we don't we're leaking memory on every (nvlist-based) ioctl() call. While here remove two redundant 'break' statements. PR: 255971 MFC after: 3 days Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit 4483fb47735c29408c72045469c9c4b3e549668b) --- sys/netpfil/pf/pf_ioctl.c | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index 42429972fe53..7f72d95e3c84 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -1783,6 +1783,7 @@ pf_pool_to_nvpool(const struct pf_kpool *pool) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "counter", tmp); + nvlist_destroy(tmp); nvlist_add_number(nvl, "tblidx", pool->tblidx); pf_uint16_array_nv(nvl, "proxy_port", pool->proxy_port, 2); @@ -1792,6 +1793,7 @@ pf_pool_to_nvpool(const struct pf_kpool *pool) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "mape", tmp); + nvlist_destroy(tmp); return (nvl); @@ -1863,10 +1865,12 @@ pf_addr_wrap_to_nvaddr_wrap(const struct pf_addr_wrap *addr) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "addr", tmp); + nvlist_destroy(tmp); tmp = pf_addr_to_nvaddr(&addr->v.a.mask); if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "mask", tmp); + nvlist_destroy(tmp); return (nvl); @@ -1931,6 +1935,7 @@ pf_rule_addr_to_nvrule_addr(const struct pf_rule_addr *addr) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "addr", tmp); + nvlist_destroy(tmp); pf_uint16_array_nv(nvl, "port", addr->port, 2); nvlist_add_number(nvl, "neg", addr->neg); nvlist_add_number(nvl, "port_op", addr->port_op); @@ -2156,6 +2161,7 @@ pf_divert_to_nvdivert(const struct pf_krule *rule) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "addr", tmp); + nvlist_destroy(tmp); nvlist_add_number(nvl, "port", rule->divert.port); return (nvl); @@ -2179,10 +2185,12 @@ pf_krule_to_nvrule(const struct pf_krule *rule) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "src", tmp); + nvlist_destroy(tmp); tmp = pf_rule_addr_to_nvrule_addr(&rule->dst); if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "dst", tmp); + nvlist_destroy(tmp); for (int i = 0; i < PF_SKIP_COUNT; i++) { nvlist_append_number_array(nvl, "skip", @@ -2204,6 +2212,7 @@ pf_krule_to_nvrule(const struct pf_krule *rule) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "rpool", tmp); + nvlist_destroy(tmp); nvlist_add_number(nvl, "evaluations", counter_u64_fetch(rule->evaluations)); @@ -2249,10 +2258,12 @@ pf_krule_to_nvrule(const struct pf_krule *rule) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "uid", tmp); + nvlist_destroy(tmp); tmp = pf_rule_uid_to_nvrule_uid((const struct pf_rule_uid *)&rule->gid); if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "gid", tmp); + nvlist_destroy(tmp); nvlist_add_number(nvl, "rule_flag", rule->rule_flag); nvlist_add_number(nvl, "action", rule->action); @@ -2289,6 +2300,7 @@ pf_krule_to_nvrule(const struct pf_krule *rule) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "divert", tmp); + nvlist_destroy(tmp); return (nvl); @@ -2671,6 +2683,7 @@ pf_state_peer_to_nvstate_peer(const struct pf_state_peer *peer) if (tmp == NULL) goto errout; nvlist_add_nvlist(nvl, "scrub", tmp); + nvlist_destroy(tmp); } nvlist_add_number(nvl, "seqlo", peer->seqlo); @@ -2707,26 +2720,31 @@ pf_state_to_nvstate(const struct pf_state *s) if (tmp == NULL) goto errout; nvlist_add_nvlist(nvl, "stack_key", tmp); + nvlist_destroy(tmp); tmp = pf_state_key_to_nvstate_key(s->key[PF_SK_WIRE]); if (tmp == NULL) goto errout; nvlist_add_nvlist(nvl, "wire_key", tmp); + nvlist_destroy(tmp); tmp = pf_state_peer_to_nvstate_peer(&s->src); if (tmp == NULL) goto errout; nvlist_add_nvlist(nvl, "src", tmp); + nvlist_destroy(tmp); tmp = pf_state_peer_to_nvstate_peer(&s->dst); if (tmp == NULL) goto errout; nvlist_add_nvlist(nvl, "dst", tmp); + nvlist_destroy(tmp); tmp = pf_addr_to_nvaddr(&s->rt_addr); if (tmp == NULL) goto errout; nvlist_add_nvlist(nvl, "rt_addr", tmp); + nvlist_destroy(tmp); nvlist_add_number(nvl, "rule", s->rule.ptr ? s->rule.ptr->nr : -1); nvlist_add_number(nvl, "anchor", @@ -3328,7 +3346,6 @@ DIOCADDRULENV_error: ruleset->rules[rs_num].active.ticket) { PF_RULES_WUNLOCK(); ERROUT(EBUSY); - break; } if ((error = nvlist_error(nvl))) { @@ -3342,7 +3359,6 @@ DIOCADDRULENV_error: if (rule == NULL) { PF_RULES_WUNLOCK(); ERROUT(EBUSY); - break; } nvrule = pf_krule_to_nvrule(rule); @@ -3355,6 +3371,7 @@ DIOCADDRULENV_error: } nvlist_add_number(nvl, "nr", nr); nvlist_add_nvlist(nvl, "rule", nvrule); + nvlist_destroy(nvrule); nvrule = NULL; if (pf_kanchor_nvcopyout(ruleset, rule, nvl)) { PF_RULES_WUNLOCK(); @@ -5927,6 +5944,7 @@ pf_getstate(struct pfioc_nv *nv) ERROUT(ENOMEM); nvlist_add_nvlist(nvl, "state", nvls); + nvlist_destroy(nvls); nvlpacked = nvlist_pack(nvl, &nv->len); if (nvlpacked == NULL) From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:28 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6320F6383D1; Thu, 27 May 2021 10:20:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP2y5gRjz4s0w; Thu, 27 May 2021 10:20:26 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6C47A224A2; Thu, 27 May 2021 10:20:26 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKQi8055301; Thu, 27 May 2021 10:20:26 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKQwE055300; Thu, 27 May 2021 10:20:26 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:26 GMT Message-Id: <202105271020.14RAKQwE055300@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 70762ee0f20c - stable/13 - pf: Add DIOCGETSTATENV MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 70762ee0f20c0d654a2e50767147cacad92ea6fc Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:29 -0000 The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=70762ee0f20c0d654a2e50767147cacad92ea6fc commit 70762ee0f20c0d654a2e50767147cacad92ea6fc Author: Kristof Provost AuthorDate: 2021-05-05 12:33:55 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:04:36 +0000 pf: Add DIOCGETSTATENV Add DIOCGETSTATENV, an nvlist-based alternative to DIOCGETSTATE. MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30242 (cherry picked from commit 1732afaa0dae9d844e341f2c1d6ed4b79c403bfb) --- share/man/man4/pf.4 | 4 +- sys/net/pfvar.h | 1 + sys/netpfil/pf/pf_ioctl.c | 226 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 229 insertions(+), 2 deletions(-) diff --git a/share/man/man4/pf.4 b/share/man/man4/pf.4 index 2fb132203908..24843535c924 100644 --- a/share/man/man4/pf.4 +++ b/share/man/man4/pf.4 @@ -326,14 +326,14 @@ struct pfioc_state { struct pfsync_state state; }; .Ed -.It Dv DIOCGETSTATE Fa "struct pfioc_state *ps" +.It Dv DIOCGETSTATENV Fa "struct pfioc_nv *nv" Extract the entry identified by the .Va id and .Va creatorid fields of the .Va state -structure from the state table. +nvlist from the state table. .It Dv DIOCKILLSTATES Fa "struct pfioc_state_kill *psk" Remove matching entries from the state table. This ioctl returns the number of killed states in diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index 628eae10040b..25b66f1277dc 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -1255,6 +1255,7 @@ struct pfioc_iface { #define DIOCCLRSTATES _IOWR('D', 18, struct pfioc_state_kill) #define DIOCCLRSTATESNV _IOWR('D', 18, struct pfioc_nv) #define DIOCGETSTATE _IOWR('D', 19, struct pfioc_state) +#define DIOCGETSTATENV _IOWR('D', 19, struct pfioc_nv) #define DIOCSETSTATUSIF _IOWR('D', 20, struct pfioc_if) #define DIOCGETSTATUS _IOWR('D', 21, struct pf_status) #define DIOCCLRSTATUS _IO ('D', 22) diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index 81f766a5c1ab..982e7ac0caea 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -208,6 +208,7 @@ static int pf_killstates_row(struct pf_kstate_kill *, struct pf_idhash *); static int pf_killstates_nv(struct pfioc_nv *); static int pf_clearstates_nv(struct pfioc_nv *); +static int pf_getstate(struct pfioc_nv *); static int pf_clear_tables(void); static void pf_clear_srcnodes(struct pf_ksrc_node *); static void pf_kill_srcnodes(struct pfioc_src_node_kill *); @@ -2608,6 +2609,157 @@ errout: return (error); } +static nvlist_t * +pf_state_key_to_nvstate_key(const struct pf_state_key *key) +{ + nvlist_t *nvl, *tmp; + + nvl = nvlist_create(0); + if (nvl == NULL) + return (NULL); + + for (int i = 0; i < 2; i++) { + tmp = pf_addr_to_nvaddr(&key->addr[i]); + if (tmp == NULL) + goto errout; + nvlist_append_nvlist_array(nvl, "addr", tmp); + nvlist_append_number_array(nvl, "port", key->port[i]); + } + nvlist_add_number(nvl, "af", key->af); + nvlist_add_number(nvl, "proto", key->proto); + + return (nvl); + +errout: + nvlist_destroy(nvl); + return (NULL); +} + +static nvlist_t * +pf_state_scrub_to_nvstate_scrub(const struct pf_state_scrub *scrub) +{ + nvlist_t *nvl; + + nvl = nvlist_create(0); + if (nvl == NULL) + return (NULL); + + nvlist_add_bool(nvl, "timestamp", scrub->pfss_flags & PFSS_TIMESTAMP); + nvlist_add_number(nvl, "ttl", scrub->pfss_ttl); + nvlist_add_number(nvl, "ts_mod", scrub->pfss_ts_mod); + + return (nvl); +} + +static nvlist_t * +pf_state_peer_to_nvstate_peer(const struct pf_state_peer *peer) +{ + nvlist_t *nvl, *tmp; + + nvl = nvlist_create(0); + if (nvl == NULL) + return (NULL); + + if (peer->scrub) { + tmp = pf_state_scrub_to_nvstate_scrub(peer->scrub); + if (tmp == NULL) + goto errout; + nvlist_add_nvlist(nvl, "scrub", tmp); + } + + nvlist_add_number(nvl, "seqlo", peer->seqlo); + nvlist_add_number(nvl, "seqhi", peer->seqhi); + nvlist_add_number(nvl, "seqdiff", peer->seqdiff); + nvlist_add_number(nvl, "max_win", peer->max_win); + nvlist_add_number(nvl, "mss", peer->mss); + nvlist_add_number(nvl, "state", peer->state); + nvlist_add_number(nvl, "wscale", peer->wscale); + + return (nvl); + +errout: + nvlist_destroy(nvl); + return (NULL); +} + + +static nvlist_t * +pf_state_to_nvstate(const struct pf_state *s) +{ + nvlist_t *nvl, *tmp; + uint32_t expire, flags = 0; + + nvl = nvlist_create(0); + if (nvl == NULL) + return (NULL); + + nvlist_add_number(nvl, "id", s->id); + nvlist_add_string(nvl, "ifname", s->kif->pfik_name); + + tmp = pf_state_key_to_nvstate_key(s->key[PF_SK_STACK]); + if (tmp == NULL) + goto errout; + nvlist_add_nvlist(nvl, "stack_key", tmp); + + tmp = pf_state_key_to_nvstate_key(s->key[PF_SK_WIRE]); + if (tmp == NULL) + goto errout; + nvlist_add_nvlist(nvl, "wire_key", tmp); + + tmp = pf_state_peer_to_nvstate_peer(&s->src); + if (tmp == NULL) + goto errout; + nvlist_add_nvlist(nvl, "src", tmp); + + tmp = pf_state_peer_to_nvstate_peer(&s->dst); + if (tmp == NULL) + goto errout; + nvlist_add_nvlist(nvl, "dst", tmp); + + tmp = pf_addr_to_nvaddr(&s->rt_addr); + if (tmp == NULL) + goto errout; + nvlist_add_nvlist(nvl, "rt_addr", tmp); + + nvlist_add_number(nvl, "rule", s->rule.ptr ? s->rule.ptr->nr : -1); + nvlist_add_number(nvl, "anchor", + s->anchor.ptr ? s->anchor.ptr->nr : -1); + nvlist_add_number(nvl, "nat_rule", + s->nat_rule.ptr ? s->nat_rule.ptr->nr : -1); + nvlist_add_number(nvl, "creation", s->creation); + + expire = pf_state_expires(s); + if (expire <= time_uptime) + expire = 0; + else + expire = expire - time_uptime; + nvlist_add_number(nvl, "expire", expire); + + for (int i = 0; i < 2; i++) { + nvlist_append_number_array(nvl, "packets", + counter_u64_fetch(s->packets[i])); + nvlist_append_number_array(nvl, "bytes", + counter_u64_fetch(s->bytes[i])); + } + + nvlist_add_number(nvl, "creatorid", s->creatorid); + nvlist_add_number(nvl, "direction", s->direction); + nvlist_add_number(nvl, "log", s->log); + nvlist_add_number(nvl, "state_flags", s->state_flags); + nvlist_add_number(nvl, "timeout", s->timeout); + if (s->src_node) + flags |= PFSYNC_FLAG_SRCNODE; + if (s->nat_src_node) + flags |= PFSYNC_FLAG_NATSRCNODE; + nvlist_add_number(nvl, "sync_flags", flags); + + return (nvl); + +errout: + nvlist_destroy(nvl); + return (NULL); +} + static int pf_ioctl_addrule(struct pf_krule *rule, uint32_t ticket, uint32_t pool_ticket, const char *anchor, const char *anchor_call, @@ -2789,6 +2941,7 @@ pfioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags, struct thread *td case DIOCGETADDRS: case DIOCGETADDR: case DIOCGETSTATE: + case DIOCGETSTATENV: case DIOCSETSTATUSIF: case DIOCGETSTATUS: case DIOCCLRSTATUS: @@ -2844,6 +2997,7 @@ pfioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags, struct thread *td case DIOCGETADDRS: case DIOCGETADDR: case DIOCGETSTATE: + case DIOCGETSTATENV: case DIOCGETSTATUS: case DIOCGETSTATES: case DIOCGETTIMEOUT: @@ -3504,6 +3658,11 @@ DIOCCHANGERULE_error: break; } + case DIOCGETSTATENV: { + error = pf_getstate((struct pfioc_nv *)addr); + break; + } + case DIOCGETSTATES: { struct pfioc_states *ps = (struct pfioc_states *)addr; struct pf_state *s; @@ -5684,12 +5843,79 @@ pf_clearstates_nv(struct pfioc_nv *nv) error = copyout(nvlpacked, nv->data, nv->len); +#undef ERROUT on_error: nvlist_destroy(nvl); free(nvlpacked, M_TEMP); return (error); } +static int +pf_getstate(struct pfioc_nv *nv) +{ + nvlist_t *nvl = NULL, *nvls; + void *nvlpacked = NULL; + struct pf_state *s = NULL; + int error = 0; + uint64_t id, creatorid; + +#define ERROUT(x) ERROUT_FUNCTION(errout, x) + + if (nv->len > pf_ioctl_maxcount) + ERROUT(ENOMEM); + + nvlpacked = malloc(nv->len, M_TEMP, M_WAITOK); + if (nvlpacked == NULL) + ERROUT(ENOMEM); + + error = copyin(nv->data, nvlpacked, nv->len); + if (error) + ERROUT(error); + + nvl = nvlist_unpack(nvlpacked, nv->len, 0); + if (nvl == NULL) + ERROUT(EBADMSG); + + PFNV_CHK(pf_nvuint64(nvl, "id", &id)); + PFNV_CHK(pf_nvuint64(nvl, "creatorid", &creatorid)); + + s = pf_find_state_byid(id, creatorid); + if (s == NULL) + ERROUT(ENOENT); + + free(nvlpacked, M_TEMP); + nvlpacked = NULL; + nvlist_destroy(nvl); + nvl = nvlist_create(0); + if (nvl == NULL) + ERROUT(ENOMEM); + + nvls = pf_state_to_nvstate(s); + if (nvls == NULL) + ERROUT(ENOMEM); + + nvlist_add_nvlist(nvl, "state", nvls); + + nvlpacked = nvlist_pack(nvl, &nv->len); + if (nvlpacked == NULL) + ERROUT(ENOMEM); + + if (nv->size == 0) + ERROUT(0); + else if (nv->size < nv->len) + ERROUT(ENOSPC); + + error = copyout(nvlpacked, nv->data, nv->len); + +#undef ERROUT +errout: + if (s != NULL) + PF_STATE_UNLOCK(s); + free(nvlpacked, M_TEMP); + nvlist_destroy(nvl); + return (error); +} + /* * XXX - Check for version missmatch!!! */ From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:39 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5A52D6385A8; Thu, 27 May 2021 10:20:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP393NV9z4s62; Thu, 27 May 2021 10:20:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 3645A224A3; Thu, 27 May 2021 10:20:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKYU1055641; Thu, 27 May 2021 10:20:34 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKYiU055640; Thu, 27 May 2021 10:20:34 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:34 GMT Message-Id: <202105271020.14RAKYiU055640@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 2f0a80794895 - stable/13 - pfctl tests: Test fairq configuration MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 2f0a80794895a67c8b5882144c8b1e41c4fa8688 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:39 -0000 The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=2f0a80794895a67c8b5882144c8b1e41c4fa8688 commit 2f0a80794895a67c8b5882144c8b1e41c4fa8688 Author: Kristof Provost AuthorDate: 2021-05-19 07:52:50 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:10:53 +0000 pfctl tests: Test fairq configuration We used to have a bug where pfctl could crash setting fairq queues. Test this case and ensure it does not crash pfctl. Reviewed by: donner MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30348 (cherry picked from commit 9938fcaa6565a660c555a0e9c712842ba1a2d31c) --- sbin/pfctl/tests/files/pf1006.in | 2 ++ sbin/pfctl/tests/files/pf1006.ok | 2 ++ sbin/pfctl/tests/pfctl_test_list.inc | 1 + 3 files changed, 5 insertions(+) diff --git a/sbin/pfctl/tests/files/pf1006.in b/sbin/pfctl/tests/files/pf1006.in new file mode 100644 index 000000000000..b50c16994cfc --- /dev/null +++ b/sbin/pfctl/tests/files/pf1006.in @@ -0,0 +1,2 @@ +altq on igb0 fairq bandwidth 1Gb queue { qLink } +queue qLink fairq(default) diff --git a/sbin/pfctl/tests/files/pf1006.ok b/sbin/pfctl/tests/files/pf1006.ok new file mode 100644 index 000000000000..be44b765c2e9 --- /dev/null +++ b/sbin/pfctl/tests/files/pf1006.ok @@ -0,0 +1,2 @@ +altq on igb0 fairq bandwidth 1Gb tbrsize 36000 queue { qLink } +queue qLink fairq( default ) diff --git a/sbin/pfctl/tests/pfctl_test_list.inc b/sbin/pfctl/tests/pfctl_test_list.inc index 337dff640f42..060a6019d05c 100644 --- a/sbin/pfctl/tests/pfctl_test_list.inc +++ b/sbin/pfctl/tests/pfctl_test_list.inc @@ -116,3 +116,4 @@ PFCTL_TEST(1002, "Set timeout interval") PFCTL_TEST(1003, "ALTQ") PFCTL_TEST(1004, "ALTQ with Codel") PFCTL_TEST(1005, "PR 231323") +PFCTL_TEST(1006, "pfctl crashes with certain fairq configurations") From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:40 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D8DD66383F8; Thu, 27 May 2021 10:20:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP384vV6z4rxy; Thu, 27 May 2021 10:20:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 059FD22619; Thu, 27 May 2021 10:20:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKVxa055518; Thu, 27 May 2021 10:20:31 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKVjg055517; Thu, 27 May 2021 10:20:31 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:31 GMT Message-Id: <202105271020.14RAKVjg055517@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 3c790f9e1d54 - stable/13 - pf tests: Test the ability to kill floating states by interface MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 3c790f9e1d54ed57f09358216464ec80cab8f131 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:41 -0000 The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=3c790f9e1d54ed57f09358216464ec80cab8f131 commit 3c790f9e1d54ed57f09358216464ec80cab8f131 Author: Kristof Provost AuthorDate: 2021-05-13 08:04:20 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:09:40 +0000 pf tests: Test the ability to kill floating states by interface Reviewed by: eri MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30247 (cherry picked from commit 7bd7933f9a4f1757fdefeee2e1ac8b8c4d299fc3) --- tests/sys/netpfil/pf/killstate.sh | 60 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) diff --git a/tests/sys/netpfil/pf/killstate.sh b/tests/sys/netpfil/pf/killstate.sh index ec01910f0867..b3d94a245548 100644 --- a/tests/sys/netpfil/pf/killstate.sh +++ b/tests/sys/netpfil/pf/killstate.sh @@ -447,6 +447,65 @@ match_cleanup() pft_cleanup } +atf_test_case "interface" "cleanup" +interface_head() +{ + atf_set descr 'Test killing states based on interface' + atf_set require.user root + atf_set require.progs scapy +} + +interface_body() +{ + pft_init + + epair=$(vnet_mkepair) + ifconfig ${epair}a 192.0.2.1/24 up + + vnet_mkjail alcatraz ${epair}b + jexec alcatraz ifconfig ${epair}b 192.0.2.2/24 up + jexec alcatraz pfctl -e + + pft_set_rules alcatraz "block all" \ + "pass in proto icmp" + + # Sanity check & establish state + # Note: use pft_ping so we always use the same ID, so pf considers all + # echo requests part of the same flow. + atf_check -s exit:0 -o ignore ${common_dir}/pft_ping.py \ + --sendif ${epair}a \ + --to 192.0.2.2 \ + --replyif ${epair}a + + # Change rules to now deny the ICMP traffic + pft_set_rules noflush alcatraz "block all" + + # Established state means we can still ping alcatraz + atf_check -s exit:0 -o ignore ${common_dir}/pft_ping.py \ + --sendif ${epair}a \ + --to 192.0.2.2 \ + --replyif ${epair}a + + # Flushing states on a different interface doesn't affect our state + jexec alcatraz pfctl -i ${epair}a -Fs + atf_check -s exit:0 -o ignore ${common_dir}/pft_ping.py \ + --sendif ${epair}a \ + --to 192.0.2.2 \ + --replyif ${epair}a + + # Flushing on the correct interface does (even with floating states) + jexec alcatraz pfctl -i ${epair}b -Fs + atf_check -s exit:1 -o ignore ${common_dir}/pft_ping.py \ + --sendif ${epair}a \ + --to 192.0.2.2 \ + --replyif ${epair}a +} + +interface_cleanup() +{ + pft_cleanup +} + atf_init_test_cases() { atf_add_test_case "v4" @@ -455,4 +514,5 @@ atf_init_test_cases() atf_add_test_case "multilabel" atf_add_test_case "gateway" atf_add_test_case "match" + atf_add_test_case "interface" } From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:33 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id AEA556386A8; Thu, 27 May 2021 10:20:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP332SS1z4s18; Thu, 27 May 2021 10:20:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6471422590; Thu, 27 May 2021 10:20:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKUbJ055455; Thu, 27 May 2021 10:20:30 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKUeM055454; Thu, 27 May 2021 10:20:30 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:30 GMT Message-Id: <202105271020.14RAKUeM055454@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 1f22359d3ff2 - stable/12 - pfctl tests: Test fairq configuration MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 1f22359d3ff22fe919cf3965eb32ece5de1be3c1 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:34 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=1f22359d3ff22fe919cf3965eb32ece5de1be3c1 commit 1f22359d3ff22fe919cf3965eb32ece5de1be3c1 Author: Kristof Provost AuthorDate: 2021-05-19 07:52:50 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 10:09:04 +0000 pfctl tests: Test fairq configuration We used to have a bug where pfctl could crash setting fairq queues. Test this case and ensure it does not crash pfctl. Reviewed by: donner MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30348 (cherry picked from commit 9938fcaa6565a660c555a0e9c712842ba1a2d31c) --- sbin/pfctl/tests/files/pf1006.in | 2 ++ sbin/pfctl/tests/files/pf1006.ok | 2 ++ sbin/pfctl/tests/files/pfctl_test_descr.sh | 1 + sbin/pfctl/tests/pfctl_test.sh | 2 +- 4 files changed, 6 insertions(+), 1 deletion(-) diff --git a/sbin/pfctl/tests/files/pf1006.in b/sbin/pfctl/tests/files/pf1006.in new file mode 100644 index 000000000000..b50c16994cfc --- /dev/null +++ b/sbin/pfctl/tests/files/pf1006.in @@ -0,0 +1,2 @@ +altq on igb0 fairq bandwidth 1Gb queue { qLink } +queue qLink fairq(default) diff --git a/sbin/pfctl/tests/files/pf1006.ok b/sbin/pfctl/tests/files/pf1006.ok new file mode 100644 index 000000000000..be44b765c2e9 --- /dev/null +++ b/sbin/pfctl/tests/files/pf1006.ok @@ -0,0 +1,2 @@ +altq on igb0 fairq bandwidth 1Gb tbrsize 36000 queue { qLink } +queue qLink fairq( default ) diff --git a/sbin/pfctl/tests/files/pfctl_test_descr.sh b/sbin/pfctl/tests/files/pfctl_test_descr.sh index 1f164c8c2596..e26e7bbf943c 100755 --- a/sbin/pfctl/tests/files/pfctl_test_descr.sh +++ b/sbin/pfctl/tests/files/pfctl_test_descr.sh @@ -80,3 +80,4 @@ pf1002_descr () { echo "Set timeout interval" ; } pf1003_descr () { echo "ALTQ" ; } pf1004_descr () { echo "ALTQ with Codel" ; } pf1005_descr () { echo "PR 231323" ; } +pf1006_descr () { echo "pfctl crashes with certain fairq configurations" ; } diff --git a/sbin/pfctl/tests/pfctl_test.sh b/sbin/pfctl/tests/pfctl_test.sh index 23cc755f5db7..b231170afb2c 100755 --- a/sbin/pfctl/tests/pfctl_test.sh +++ b/sbin/pfctl/tests/pfctl_test.sh @@ -22,7 +22,7 @@ pftests="0001 0002 0003 0004 0005 0006 0007 0008 0009 0010 0011 0012 0032 0034 0035 0038 0039 0040 0041 0047 0048 0049 0050 0052 0053 0055 0056 0057 0060 0061 0065 0067 0069 0070 0071 0072 0074 0075 0077 0078 0079 0081 0082 0084 0085 0087 0088 0089 0090 0091 0092 0094 0095 0096 -0097 0098 0100 0101 0102 0104 1001 1002 1003 1004 1005" +0097 0098 0100 0101 0102 0104 1001 1002 1003 1004 1005 1006" . $(atf_get_srcdir)/files/pfctl_test_descr.sh From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:31 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 572F56386A7; Thu, 27 May 2021 10:20:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP315q1Fz4rvN; Thu, 27 May 2021 10:20:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 45C6322618; Thu, 27 May 2021 10:20:29 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKT4a055413; Thu, 27 May 2021 10:20:29 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKTdM055412; Thu, 27 May 2021 10:20:29 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:29 GMT Message-Id: <202105271020.14RAKTdM055412@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: b0829ddddb86 - stable/12 - pfctl: Fix crash on ALTQ configuration MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: b0829ddddb86931a623d6c701b85ecbc3b36bba9 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:34 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=b0829ddddb86931a623d6c701b85ecbc3b36bba9 commit b0829ddddb86931a623d6c701b85ecbc3b36bba9 Author: Kristof Provost AuthorDate: 2021-05-18 13:03:01 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:09:58 +0000 pfctl: Fix crash on ALTQ configuration The following config could crash pfctl: altq on igb0 fairq bandwidth 1Gb queue { qLink } queue qLink fairq(default) That happens because when we're parsing the parent queue (on igb0) it doesn't have a parent, and the check in eval_pfqueue_fairq() checks pa->parent rather than parent. This was changed in eval_pfqueue_hfsc() in 1d34c9dac8624c5c315ae39ad3ae8e5879b23256, but not for fairq. Reviewed by: pkelsey MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30346 (cherry picked from commit 26705a39e51eaf5b32efa98fb86df2d4ecfbdc61) --- sbin/pfctl/pfctl_altq.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sbin/pfctl/pfctl_altq.c b/sbin/pfctl/pfctl_altq.c index f23fe057f703..8067b0598361 100644 --- a/sbin/pfctl/pfctl_altq.c +++ b/sbin/pfctl/pfctl_altq.c @@ -872,7 +872,7 @@ eval_pfqueue_fairq(struct pfctl *pf __unused, struct pf_altq *pa, opts = &pa->pq_u.fairq_opts; - if (pa->parent == NULL) { + if (parent == NULL) { /* root queue */ opts->lssc_m1 = pa->ifbandwidth; opts->lssc_m2 = pa->ifbandwidth; From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:30 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 48CF36386A4; Thu, 27 May 2021 10:20:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP311K43z4rxb; Thu, 27 May 2021 10:20:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9735C22734; Thu, 27 May 2021 10:20:28 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKSb5055392; Thu, 27 May 2021 10:20:28 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKSNq055391; Thu, 27 May 2021 10:20:28 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:28 GMT Message-Id: <202105271020.14RAKSNq055391@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 59f8fc3fbf70 - stable/13 - pfctl: Use DIOCGETSTATESNV MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 59f8fc3fbf70d866ee20f0e37dcae0efcdace554 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:30 -0000 The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=59f8fc3fbf70d866ee20f0e37dcae0efcdace554 commit 59f8fc3fbf70d866ee20f0e37dcae0efcdace554 Author: Kristof Provost AuthorDate: 2021-05-10 14:51:38 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:06:00 +0000 pfctl: Use DIOCGETSTATESNV Migrate to using the new nvlist-based DIOCGETSTATESNV call to obtain the states list. MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30244 (cherry picked from commit bc941291473d8a2164e4ffc3f3e7e6a356cbe747) --- lib/libpfctl/libpfctl.c | 173 ++++++++++++++++++++++++++++++++++++++++++++ lib/libpfctl/libpfctl.h | 60 +++++++++++++++ sbin/pfctl/pf_print_state.c | 82 ++++++++++----------- sbin/pfctl/pfctl.c | 49 ++++--------- sbin/pfctl/pfctl.h | 4 +- 5 files changed, 289 insertions(+), 79 deletions(-) diff --git a/lib/libpfctl/libpfctl.c b/lib/libpfctl/libpfctl.c index 8271d9bab3df..6a6ecd8fb136 100644 --- a/lib/libpfctl/libpfctl.c +++ b/lib/libpfctl/libpfctl.c @@ -627,6 +627,179 @@ pfctl_nv_add_state_cmp(nvlist_t *nvl, const char *name, nvlist_add_nvlist(nvl, name, nv); } +static void +pf_nvstate_scrub_to_state_scrub(const nvlist_t *nvl, + struct pfctl_state_scrub *scrub) +{ + bzero(scrub, sizeof(*scrub)); + + scrub->timestamp = nvlist_get_bool(nvl, "timestamp"); + scrub->ttl = nvlist_get_number(nvl, "ttl"); + scrub->ts_mod = nvlist_get_number(nvl, "ts_mod"); +} + +static void +pf_nvstate_peer_to_state_peer(const nvlist_t *nvl, + struct pfctl_state_peer *peer) +{ + bzero(peer, sizeof(*peer)); + + if (nvlist_exists_nvlist(nvl, "scrub")) { + peer->scrub = malloc(sizeof(*peer->scrub)); + pf_nvstate_scrub_to_state_scrub( + nvlist_get_nvlist(nvl, "scrub"), + peer->scrub); + } + + peer->seqlo = nvlist_get_number(nvl, "seqlo"); + peer->seqhi = nvlist_get_number(nvl, "seqhi"); + peer->seqdiff = nvlist_get_number(nvl, "seqdiff"); + peer->max_win = nvlist_get_number(nvl, "max_win"); + peer->mss = nvlist_get_number(nvl, "mss"); + peer->state = nvlist_get_number(nvl, "state"); + peer->wscale = nvlist_get_number(nvl, "wscale"); +} + +static void +pf_nvstate_key_to_state_key(const nvlist_t *nvl, struct pfctl_state_key *key) +{ + const nvlist_t * const *tmp; + size_t count; + + bzero(key, sizeof(*key)); + + tmp = nvlist_get_nvlist_array(nvl, "addr", &count); + assert(count == 2); + + for (int i = 0; i < 2; i++) + pf_nvaddr_to_addr(tmp[i], &key->addr[i]); + + pf_nvuint_16_array(nvl, "port", 2, key->port, NULL); + + key->af = nvlist_get_number(nvl, "af"); + key->proto = nvlist_get_number(nvl, "proto"); +} + +static void +pf_nvstate_to_state(const nvlist_t *nvl, struct pfctl_state *s) +{ + bzero(s, sizeof(*s)); + + s->id = nvlist_get_number(nvl, "id"); + s->creatorid = nvlist_get_number(nvl, "creatorid"); + s->direction = nvlist_get_number(nvl, "direction"); + + pf_nvstate_peer_to_state_peer(nvlist_get_nvlist(nvl, "src"), &s->src); + pf_nvstate_peer_to_state_peer(nvlist_get_nvlist(nvl, "dst"), &s->dst); + + pf_nvstate_key_to_state_key(nvlist_get_nvlist(nvl, "stack_key"), + &s->key[0]); + pf_nvstate_key_to_state_key(nvlist_get_nvlist(nvl, "wire_key"), + &s->key[1]); + + strlcpy(s->ifname, nvlist_get_string(nvl, "ifname"), + sizeof(s->ifname)); + + pf_nvaddr_to_addr(nvlist_get_nvlist(nvl, "rt_addr"), &s->rt_addr); + s->rule = nvlist_get_number(nvl, "rule"); + s->anchor = nvlist_get_number(nvl, "anchor"); + s->nat_rule = nvlist_get_number(nvl, "nat_rule"); + s->creation = nvlist_get_number(nvl, "creation"); + s->expire = nvlist_get_number(nvl, "expire"); + + pf_nvuint_64_array(nvl, "packets", 2, s->packets, NULL); + pf_nvuint_64_array(nvl, "bytes", 2, s->bytes, NULL); + + s->log = nvlist_get_number(nvl, "log"); + s->state_flags = nvlist_get_number(nvl, "state_flags"); + s->timeout = nvlist_get_number(nvl, "timeout"); + s->sync_flags = nvlist_get_number(nvl, "sync_flags"); +} + +int +pfctl_get_states(int dev, struct pfctl_states *states) +{ + struct pfioc_nv nv; + nvlist_t *nvl; + const nvlist_t * const *slist; + size_t found_count; + + bzero(states, sizeof(*states)); + TAILQ_INIT(&states->states); + + /* Just enough to get a number, and we'll grow from there. */ + nv.data = malloc(64); + nv.len = nv.size = 64; + + for (;;) { + if (ioctl(dev, DIOCGETSTATESNV, &nv)) { + free(nv.data); + return (errno); + } + + nvl = nvlist_unpack(nv.data, nv.len, 0); + if (nvl == NULL) { + free(nv.data); + return (EIO); + } + + states->count = nvlist_get_number(nvl, "count"); + + /* Are there any states? */ + if (states->count == 0) + break; + + if (nvlist_exists_nvlist_array(nvl, "states")) + slist = nvlist_get_nvlist_array(nvl, "states", &found_count); + else + found_count = 0; + + if (found_count < states->count) { + size_t new_size = nv.size + + (nv.size * states->count / (found_count + 1) * 2); + + /* Our buffer is too small. Estimate what we need based + * on how many states fit in the previous allocation + * and how many states there are. Doubled for margin. + * */ + nv.data = realloc(nv.data, new_size); + nv.size = new_size; + + if (nv.data == NULL) + return (ENOMEM); + continue; + } + + for (size_t i = 0; i < found_count; i++) { + struct pfctl_state *s = malloc(sizeof(*s)); + if (s == NULL) { + pfctl_free_states(states); + nvlist_destroy(nvl); + free(nv.data); + return (ENOMEM); + } + + pf_nvstate_to_state(slist[i], s); + TAILQ_INSERT_TAIL(&states->states, s, entry); + } + break; + } + + return (0); +} + +void +pfctl_free_states(struct pfctl_states *states) +{ + struct pfctl_state *s, *tmp; + + TAILQ_FOREACH_SAFE(s, &states->states, entry, tmp) { + free(s); + } + + bzero(states, sizeof(*states)); +} + static int _pfctl_clear_states(int dev, const struct pfctl_kill *kill, unsigned int *killed, uint64_t ioctlval) diff --git a/lib/libpfctl/libpfctl.h b/lib/libpfctl/libpfctl.h index 7a1e02f3d01b..05447b5d8673 100644 --- a/lib/libpfctl/libpfctl.h +++ b/lib/libpfctl/libpfctl.h @@ -197,6 +197,64 @@ struct pfctl_kill { bool kill_match; }; +struct pfctl_state_scrub { + bool timestamp; + uint8_t ttl; + uint32_t ts_mod; +}; + +struct pfctl_state_peer { + struct pfctl_state_scrub *scrub; + uint32_t seqlo; + uint32_t seqhi; + uint32_t seqdiff; + uint16_t max_win; + uint16_t mss; + uint8_t state; + uint8_t wscale; +}; + +struct pfctl_state_key { + struct pf_addr addr[2]; + uint16_t port[2]; + sa_family_t af; + uint8_t proto; +}; + +struct pfctl_state { + TAILQ_ENTRY(pfctl_state) entry; + + uint64_t id; + uint32_t creatorid; + uint8_t direction; + + struct pfctl_state_peer src; + struct pfctl_state_peer dst; + + uint32_t rule; + uint32_t anchor; + uint32_t nat_rule; + struct pf_addr rt_addr; + struct pfctl_state_key key[2]; /* addresses stack and wire */ + char ifname[IFNAMSIZ]; + uint64_t packets[2]; + uint64_t bytes[2]; + uint32_t creation; + uint32_t expire; + uint32_t pfsync_time; + uint16_t tag; + uint8_t log; + uint8_t state_flags; + uint8_t timeout; + uint32_t sync_flags; +}; + +TAILQ_HEAD(pfctl_statelist, pfctl_state); +struct pfctl_states { + struct pfctl_statelist states; + size_t count; +}; + int pfctl_get_rule(int dev, u_int32_t nr, u_int32_t ticket, const char *anchor, u_int32_t ruleset, struct pfctl_rule *rule, char *anchor_call); @@ -207,6 +265,8 @@ int pfctl_add_rule(int dev, const struct pfctl_rule *r, const char *anchor, const char *anchor_call, u_int32_t ticket, u_int32_t pool_ticket); int pfctl_set_keepcounters(int dev, bool keep); +int pfctl_get_states(int dev, struct pfctl_states *states); +void pfctl_free_states(struct pfctl_states *states); int pfctl_clear_states(int dev, const struct pfctl_kill *kill, unsigned int *killed); int pfctl_kill_states(int dev, const struct pfctl_kill *kill, diff --git a/sbin/pfctl/pf_print_state.c b/sbin/pfctl/pf_print_state.c index e2f9d6efe609..7119308d195b 100644 --- a/sbin/pfctl/pf_print_state.c +++ b/sbin/pfctl/pf_print_state.c @@ -196,25 +196,27 @@ print_host(struct pf_addr *addr, u_int16_t port, sa_family_t af, int opts) } void -print_seq(struct pfsync_state_peer *p) +print_seq(struct pfctl_state_peer *p) { if (p->seqdiff) - printf("[%u + %u](+%u)", ntohl(p->seqlo), - ntohl(p->seqhi) - ntohl(p->seqlo), ntohl(p->seqdiff)); + printf("[%u + %u](+%u)", p->seqlo, + p->seqhi - p->seqlo, p->seqdiff); else - printf("[%u + %u]", ntohl(p->seqlo), - ntohl(p->seqhi) - ntohl(p->seqlo)); + printf("[%u + %u]", p->seqlo, + p->seqhi - p->seqlo); } void -print_state(struct pfsync_state *s, int opts) +print_state(struct pfctl_state *s, int opts) { - struct pfsync_state_peer *src, *dst; - struct pfsync_state_key *key, *sk, *nk; + struct pfctl_state_peer *src, *dst; + struct pfctl_state_key *key, *sk, *nk; struct protoent *p; int min, sec; + sa_family_t af; + uint8_t proto; #ifndef __NO_STRICT_ALIGNMENT - struct pfsync_state_key aligned_key[2]; + struct pfctl_state_key aligned_key[2]; bcopy(&s->key, aligned_key, sizeof(aligned_key)); key = aligned_key; @@ -222,48 +224,51 @@ print_state(struct pfsync_state *s, int opts) key = s->key; #endif + af = s->key[PF_SK_WIRE].af; + proto = s->key[PF_SK_WIRE].proto; + if (s->direction == PF_OUT) { src = &s->src; dst = &s->dst; sk = &key[PF_SK_STACK]; nk = &key[PF_SK_WIRE]; - if (s->proto == IPPROTO_ICMP || s->proto == IPPROTO_ICMPV6) + if (proto == IPPROTO_ICMP || proto == IPPROTO_ICMPV6) sk->port[0] = nk->port[0]; } else { src = &s->dst; dst = &s->src; sk = &key[PF_SK_WIRE]; nk = &key[PF_SK_STACK]; - if (s->proto == IPPROTO_ICMP || s->proto == IPPROTO_ICMPV6) + if (proto == IPPROTO_ICMP || proto == IPPROTO_ICMPV6) sk->port[1] = nk->port[1]; } printf("%s ", s->ifname); - if ((p = getprotobynumber(s->proto)) != NULL) + if ((p = getprotobynumber(proto)) != NULL) printf("%s ", p->p_name); else - printf("%u ", s->proto); + printf("%u ", proto); - print_host(&nk->addr[1], nk->port[1], s->af, opts); - if (PF_ANEQ(&nk->addr[1], &sk->addr[1], s->af) || + print_host(&nk->addr[1], nk->port[1], af, opts); + if (PF_ANEQ(&nk->addr[1], &sk->addr[1], af) || nk->port[1] != sk->port[1]) { printf(" ("); - print_host(&sk->addr[1], sk->port[1], s->af, opts); + print_host(&sk->addr[1], sk->port[1], af, opts); printf(")"); } if (s->direction == PF_OUT) printf(" -> "); else printf(" <- "); - print_host(&nk->addr[0], nk->port[0], s->af, opts); - if (PF_ANEQ(&nk->addr[0], &sk->addr[0], s->af) || + print_host(&nk->addr[0], nk->port[0], af, opts); + if (PF_ANEQ(&nk->addr[0], &sk->addr[0], af) || nk->port[0] != sk->port[0]) { printf(" ("); - print_host(&sk->addr[0], sk->port[0], s->af, opts); + print_host(&sk->addr[0], sk->port[0], af, opts); printf(")"); } printf(" "); - if (s->proto == IPPROTO_TCP) { + if (proto == IPPROTO_TCP) { if (src->state <= TCPS_TIME_WAIT && dst->state <= TCPS_TIME_WAIT) printf(" %s:%s\n", tcpstates[src->state], @@ -290,16 +295,16 @@ print_state(struct pfsync_state *s, int opts) dst->wscale & PF_WSCALE_MASK); printf("\n"); } - } else if (s->proto == IPPROTO_UDP && src->state < PFUDPS_NSTATES && + } else if (proto == IPPROTO_UDP && src->state < PFUDPS_NSTATES && dst->state < PFUDPS_NSTATES) { const char *states[] = PFUDPS_NAMES; printf(" %s:%s\n", states[src->state], states[dst->state]); #ifndef INET6 - } else if (s->proto != IPPROTO_ICMP && src->state < PFOTHERS_NSTATES && + } else if (proto != IPPROTO_ICMP && src->state < PFOTHERS_NSTATES && dst->state < PFOTHERS_NSTATES) { #else - } else if (s->proto != IPPROTO_ICMP && s->proto != IPPROTO_ICMPV6 && + } else if (proto != IPPROTO_ICMP && proto != IPPROTO_ICMPV6 && src->state < PFOTHERS_NSTATES && dst->state < PFOTHERS_NSTATES) { #endif /* XXX ICMP doesn't really have state levels */ @@ -311,10 +316,8 @@ print_state(struct pfsync_state *s, int opts) } if (opts & PF_OPT_VERBOSE) { - u_int64_t packets[2]; - u_int64_t bytes[2]; - u_int32_t creation = ntohl(s->creation); - u_int32_t expire = ntohl(s->expire); + u_int32_t creation = s->creation; + u_int32_t expire = s->expire; sec = creation % 60; creation /= 60; @@ -327,19 +330,15 @@ print_state(struct pfsync_state *s, int opts) expire /= 60; printf(", expires in %.2u:%.2u:%.2u", expire, min, sec); - bcopy(s->packets[0], &packets[0], sizeof(u_int64_t)); - bcopy(s->packets[1], &packets[1], sizeof(u_int64_t)); - bcopy(s->bytes[0], &bytes[0], sizeof(u_int64_t)); - bcopy(s->bytes[1], &bytes[1], sizeof(u_int64_t)); printf(", %ju:%ju pkts, %ju:%ju bytes", - (uintmax_t )be64toh(packets[0]), - (uintmax_t )be64toh(packets[1]), - (uintmax_t )be64toh(bytes[0]), - (uintmax_t )be64toh(bytes[1])); - if (ntohl(s->anchor) != -1) - printf(", anchor %u", ntohl(s->anchor)); - if (ntohl(s->rule) != -1) - printf(", rule %u", ntohl(s->rule)); + s->packets[0], + s->packets[1], + s->bytes[0], + s->bytes[1]); + if (s->anchor != -1) + printf(", anchor %u", s->anchor); + if (s->rule != -1) + printf(", rule %u", s->rule); if (s->state_flags & PFSTATE_SLOPPY) printf(", sloppy"); if (s->sync_flags & PFSYNC_FLAG_SRCNODE) @@ -352,10 +351,9 @@ print_state(struct pfsync_state *s, int opts) u_int64_t id; bcopy(&s->id, &id, sizeof(u_int64_t)); - printf(" id: %016jx creatorid: %08x", - (uintmax_t )be64toh(id), ntohl(s->creatorid)); + printf(" id: %016jx creatorid: %08x", id, s->creatorid); printf(" gateway: "); - print_host(&s->rt_addr, 0, s->af, opts); + print_host(&s->rt_addr, 0, af, opts); printf("\n"); } } diff --git a/sbin/pfctl/pfctl.c b/sbin/pfctl/pfctl.c index fd937cac9f63..f82d75198d61 100644 --- a/sbin/pfctl/pfctl.c +++ b/sbin/pfctl/pfctl.c @@ -1237,48 +1237,27 @@ done: int pfctl_show_states(int dev, const char *iface, int opts) { - struct pfioc_states ps; - struct pfsync_state *p; - char *inbuf = NULL, *newinbuf = NULL; - unsigned int len = 0; - int i, dotitle = (opts & PF_OPT_SHOWALL); + struct pfctl_states states; + struct pfctl_state *s; + int dotitle = (opts & PF_OPT_SHOWALL); - memset(&ps, 0, sizeof(ps)); - for (;;) { - ps.ps_len = len; - if (len) { - newinbuf = realloc(inbuf, len); - if (newinbuf == NULL) - err(1, "realloc"); - ps.ps_buf = inbuf = newinbuf; - } - if (ioctl(dev, DIOCGETSTATES, &ps) < 0) { - warn("DIOCGETSTATES"); - free(inbuf); - return (-1); - } - if (ps.ps_len + sizeof(struct pfioc_states) < len) - break; - if (len == 0 && ps.ps_len == 0) - goto done; - if (len == 0 && ps.ps_len != 0) - len = ps.ps_len; - if (ps.ps_len == 0) - goto done; /* no states */ - len *= 2; - } - p = ps.ps_states; - for (i = 0; i < ps.ps_len; i += sizeof(*p), p++) { - if (iface != NULL && strcmp(p->ifname, iface)) + memset(&states, 0, sizeof(states)); + + if (pfctl_get_states(dev, &states)) + return (-1); + + TAILQ_FOREACH(s, &states.states, entry) { + if (iface != NULL && strcmp(s->ifname, iface)) continue; if (dotitle) { pfctl_print_title("STATES:"); dotitle = 0; } - print_state(p, opts); + print_state(s, opts); } -done: - free(inbuf); + + pfctl_free_states(&states); + return (0); } diff --git a/sbin/pfctl/pfctl.h b/sbin/pfctl/pfctl.h index 93b3af083b5f..f8ff5012e01b 100644 --- a/sbin/pfctl/pfctl.h +++ b/sbin/pfctl/pfctl.h @@ -120,8 +120,8 @@ char *rate2str(double); void print_addr(struct pf_addr_wrap *, sa_family_t, int); void print_host(struct pf_addr *, u_int16_t p, sa_family_t, int); -void print_seq(struct pfsync_state_peer *); -void print_state(struct pfsync_state *, int); +void print_seq(struct pfctl_state_peer *); +void print_state(struct pfctl_state *, int); int unmask(struct pf_addr *, sa_family_t); int pfctl_cmdline_symset(char *); From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:35 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 46CF26383EE; Thu, 27 May 2021 10:20:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP346n9Fz4sBf; Thu, 27 May 2021 10:20:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E0EA3223A3; Thu, 27 May 2021 10:20:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKUWZ055476; Thu, 27 May 2021 10:20:30 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKU9B055475; Thu, 27 May 2021 10:20:30 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:30 GMT Message-Id: <202105271020.14RAKU9B055475@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: f9baaca0f847 - stable/13 - pf: Support killing floating states by interface MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: f9baaca0f847698b27f86a527438eaf18b9cb92b Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:35 -0000 The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=f9baaca0f847698b27f86a527438eaf18b9cb92b commit f9baaca0f847698b27f86a527438eaf18b9cb92b Author: Kristof Provost AuthorDate: 2021-05-13 07:51:28 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:08:29 +0000 pf: Support killing floating states by interface Floating states get assigned to interface 'all' (V_pfi_all), so when we try to flush all states for an interface states originally created through this interface are not flushed. Only if-bound states can be flushed in this way. Given that we track the original interface we can check if the state's interface is 'all', and if so compare to the orig_if instead. MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D30246 (cherry picked from commit b62489cc92edbec318fb6c57cdc02b5e3cfa3a67) --- sys/netpfil/pf/pf_ioctl.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index 678cfbb7aa63..849662a23aa5 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -2446,10 +2446,14 @@ pf_killstates_row(struct pf_kstate_kill *psk, struct pf_idhash *ih) int idx, killed = 0; unsigned int dir; u_int16_t srcport, dstport; + struct pfi_kkif *kif; relock_DIOCKILLSTATES: PF_HASHROW_LOCK(ih); LIST_FOREACH(s, &ih->states, entry) { + /* For floating states look at the original kif. */ + kif = s->kif == V_pfi_all ? s->orig_kif : s->kif; + sk = s->key[PF_SK_WIRE]; if (s->direction == PF_OUT) { srcaddr = &sk->addr[1]; @@ -2498,7 +2502,7 @@ relock_DIOCKILLSTATES: continue; if (psk->psk_ifname[0] && strcmp(psk->psk_ifname, - s->kif->pfik_name)) + kif->pfik_name)) continue; if (psk->psk_kill_match) { @@ -5662,6 +5666,7 @@ pf_clear_states(const struct pf_kstate_kill *kill) { struct pf_state_key_cmp match_key; struct pf_state *s; + struct pfi_kkif *kif; int idx; unsigned int killed = 0, dir; @@ -5671,9 +5676,12 @@ pf_clear_states(const struct pf_kstate_kill *kill) relock_DIOCCLRSTATES: PF_HASHROW_LOCK(ih); LIST_FOREACH(s, &ih->states, entry) { + /* For floating states look at the original kif. */ + kif = s->kif == V_pfi_all ? s->orig_kif : s->kif; + if (kill->psk_ifname[0] && strcmp(kill->psk_ifname, - s->kif->pfik_name)) + kif->pfik_name)) continue; if (kill->psk_kill_match) { From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:20:39 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7D2016386AC; Thu, 27 May 2021 10:20:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrP3B0xXnz4sCK; Thu, 27 May 2021 10:20:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 66213224A4; Thu, 27 May 2021 10:20:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAKZXX055662; Thu, 27 May 2021 10:20:35 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAKZcN055661; Thu, 27 May 2021 10:20:35 GMT (envelope-from git) Date: Thu, 27 May 2021 10:20:35 GMT Message-Id: <202105271020.14RAKZcN055661@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: ff4447ac31ca - stable/13 - pf: fix ioctl() memory leak MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: ff4447ac31ca1ee54ac7e2a01ba11c3bc8cafdca Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:20:39 -0000 The branch stable/13 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=ff4447ac31ca1ee54ac7e2a01ba11c3bc8cafdca commit ff4447ac31ca1ee54ac7e2a01ba11c3bc8cafdca Author: Kristof Provost AuthorDate: 2021-05-24 06:32:16 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 07:12:03 +0000 pf: fix ioctl() memory leak When we create an nvlist and insert it into another nvlist we must remember to destroy it. The nvlist_add_nvlist() function makes a copy, just like nvlist_add_string() makes a copy of the string. If we don't we're leaking memory on every (nvlist-based) ioctl() call. While here remove two redundant 'break' statements. PR: 255971 MFC after: 3 days Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit 4483fb47735c29408c72045469c9c4b3e549668b) --- sys/netpfil/pf/pf_ioctl.c | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index 849662a23aa5..ea4924e2dd41 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -1782,6 +1782,7 @@ pf_pool_to_nvpool(const struct pf_kpool *pool) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "counter", tmp); + nvlist_destroy(tmp); nvlist_add_number(nvl, "tblidx", pool->tblidx); pf_uint16_array_nv(nvl, "proxy_port", pool->proxy_port, 2); @@ -1791,6 +1792,7 @@ pf_pool_to_nvpool(const struct pf_kpool *pool) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "mape", tmp); + nvlist_destroy(tmp); return (nvl); @@ -1862,10 +1864,12 @@ pf_addr_wrap_to_nvaddr_wrap(const struct pf_addr_wrap *addr) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "addr", tmp); + nvlist_destroy(tmp); tmp = pf_addr_to_nvaddr(&addr->v.a.mask); if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "mask", tmp); + nvlist_destroy(tmp); return (nvl); @@ -1930,6 +1934,7 @@ pf_rule_addr_to_nvrule_addr(const struct pf_rule_addr *addr) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "addr", tmp); + nvlist_destroy(tmp); pf_uint16_array_nv(nvl, "port", addr->port, 2); nvlist_add_number(nvl, "neg", addr->neg); nvlist_add_number(nvl, "port_op", addr->port_op); @@ -2155,6 +2160,7 @@ pf_divert_to_nvdivert(const struct pf_krule *rule) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "addr", tmp); + nvlist_destroy(tmp); nvlist_add_number(nvl, "port", rule->divert.port); return (nvl); @@ -2178,10 +2184,12 @@ pf_krule_to_nvrule(const struct pf_krule *rule) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "src", tmp); + nvlist_destroy(tmp); tmp = pf_rule_addr_to_nvrule_addr(&rule->dst); if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "dst", tmp); + nvlist_destroy(tmp); for (int i = 0; i < PF_SKIP_COUNT; i++) { nvlist_append_number_array(nvl, "skip", @@ -2203,6 +2211,7 @@ pf_krule_to_nvrule(const struct pf_krule *rule) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "rpool", tmp); + nvlist_destroy(tmp); nvlist_add_number(nvl, "evaluations", counter_u64_fetch(rule->evaluations)); @@ -2248,10 +2257,12 @@ pf_krule_to_nvrule(const struct pf_krule *rule) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "uid", tmp); + nvlist_destroy(tmp); tmp = pf_rule_uid_to_nvrule_uid((const struct pf_rule_uid *)&rule->gid); if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "gid", tmp); + nvlist_destroy(tmp); nvlist_add_number(nvl, "rule_flag", rule->rule_flag); nvlist_add_number(nvl, "action", rule->action); @@ -2288,6 +2299,7 @@ pf_krule_to_nvrule(const struct pf_krule *rule) if (tmp == NULL) goto error; nvlist_add_nvlist(nvl, "divert", tmp); + nvlist_destroy(tmp); return (nvl); @@ -2670,6 +2682,7 @@ pf_state_peer_to_nvstate_peer(const struct pf_state_peer *peer) if (tmp == NULL) goto errout; nvlist_add_nvlist(nvl, "scrub", tmp); + nvlist_destroy(tmp); } nvlist_add_number(nvl, "seqlo", peer->seqlo); @@ -2706,26 +2719,31 @@ pf_state_to_nvstate(const struct pf_state *s) if (tmp == NULL) goto errout; nvlist_add_nvlist(nvl, "stack_key", tmp); + nvlist_destroy(tmp); tmp = pf_state_key_to_nvstate_key(s->key[PF_SK_WIRE]); if (tmp == NULL) goto errout; nvlist_add_nvlist(nvl, "wire_key", tmp); + nvlist_destroy(tmp); tmp = pf_state_peer_to_nvstate_peer(&s->src); if (tmp == NULL) goto errout; nvlist_add_nvlist(nvl, "src", tmp); + nvlist_destroy(tmp); tmp = pf_state_peer_to_nvstate_peer(&s->dst); if (tmp == NULL) goto errout; nvlist_add_nvlist(nvl, "dst", tmp); + nvlist_destroy(tmp); tmp = pf_addr_to_nvaddr(&s->rt_addr); if (tmp == NULL) goto errout; nvlist_add_nvlist(nvl, "rt_addr", tmp); + nvlist_destroy(tmp); nvlist_add_number(nvl, "rule", s->rule.ptr ? s->rule.ptr->nr : -1); nvlist_add_number(nvl, "anchor", @@ -3317,7 +3335,6 @@ DIOCADDRULENV_error: ruleset->rules[rs_num].active.ticket) { PF_RULES_WUNLOCK(); ERROUT(EBUSY); - break; } if ((error = nvlist_error(nvl))) { @@ -3331,7 +3348,6 @@ DIOCADDRULENV_error: if (rule == NULL) { PF_RULES_WUNLOCK(); ERROUT(EBUSY); - break; } nvrule = pf_krule_to_nvrule(rule); @@ -3344,6 +3360,7 @@ DIOCADDRULENV_error: } nvlist_add_number(nvl, "nr", nr); nvlist_add_nvlist(nvl, "rule", nvrule); + nvlist_destroy(nvrule); nvrule = NULL; if (pf_kanchor_nvcopyout(ruleset, rule, nvl)) { PF_RULES_WUNLOCK(); @@ -5912,6 +5929,7 @@ pf_getstate(struct pfioc_nv *nv) ERROUT(ENOMEM); nvlist_add_nvlist(nvl, "state", nvls); + nvlist_destroy(nvls); nvlpacked = nvlist_pack(nvl, &nv->len); if (nvlpacked == NULL) From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:57:00 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 890BC639EC3; Thu, 27 May 2021 10:57:00 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrPs83RSjz4vnL; Thu, 27 May 2021 10:57:00 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5CF5922E12; Thu, 27 May 2021 10:57:00 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAv0o1099938; Thu, 27 May 2021 10:57:00 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAv0Ll099937; Thu, 27 May 2021 10:57:00 GMT (envelope-from git) Date: Thu, 27 May 2021 10:57:00 GMT Message-Id: <202105271057.14RAv0Ll099937@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: 53ccd9249502 - stable/13 - netgraph/ng_bridge: learn MACs via control message MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 53ccd9249502d0bbc3a0b5b8db8ef6a2050a4d24 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:57:00 -0000 The branch stable/13 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=53ccd9249502d0bbc3a0b5b8db8ef6a2050a4d24 commit 53ccd9249502d0bbc3a0b5b8db8ef6a2050a4d24 Author: Lutz Donnerhacke AuthorDate: 2021-05-04 20:14:59 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-27 10:55:29 +0000 netgraph/ng_bridge: learn MACs via control message Add a new control message to move ethernet addresses to a given link in ng_bridge(4). Send this message instead of doing the work directly. This decouples the read-only activity from the modification under a more strict writer lock. Decoupling the work is a prerequisite for multithreaded operation. Approved by: manpages (bcr), kp (earlier version) Differential Revision: https://reviews.freebsd.org/D28516 (cherry picked from commit b1bd44732d8332930dc6a17092f47a201caff1ef) --- share/man/man4/ng_bridge.4 | 21 +++++++++++++- sys/netgraph/ng_bridge.c | 69 ++++++++++++++++++++++++++++++++++++++++------ sys/netgraph/ng_bridge.h | 11 ++++++++ 3 files changed, 91 insertions(+), 10 deletions(-) diff --git a/share/man/man4/ng_bridge.4 b/share/man/man4/ng_bridge.4 index be128d62c938..216dea3c392a 100644 --- a/share/man/man4/ng_bridge.4 +++ b/share/man/man4/ng_bridge.4 @@ -34,7 +34,7 @@ .\" .\" $FreeBSD$ .\" -.Dd February 6, 2021 +.Dd February 17, 2021 .Dt NG_BRIDGE 4 .Os .Sh NAME @@ -214,6 +214,25 @@ Returns the current host mapping table used to direct packets, in a .Vt "struct ng_bridge_host_ary" . .It Dv NGM_BRIDGE_SET_PERSISTENT Pq Ar setpersistent This command sets the persistent flag on the node, and takes no arguments. +.It Dv NGM_BRIDGE_MOVE_HOST Pq Ar movehost +This command takes a +.Vt "struct ng_bridge_move_host" +as an argument. +It assigns the MAC +.Va addr +to the +.Va hook , +which must not be assigned yet. +If the +.Va hook +is the empty string, the incoming hook of the control message is +used as fallback. +.Bd -literal -offset 0n +struct ng_bridge_move_host { + u_char addr[ETHER_ADDR_LEN]; /* ethernet address */ + char hook[NG_HOOKSIZ]; /* link where addr can be found */ +}; +.Ed .El .Sh SHUTDOWN This node shuts down upon receipt of a diff --git a/sys/netgraph/ng_bridge.c b/sys/netgraph/ng_bridge.c index c97aac24cba6..fe6a6753318a 100644 --- a/sys/netgraph/ng_bridge.c +++ b/sys/netgraph/ng_bridge.c @@ -234,6 +234,13 @@ static const struct ng_parse_type ng_bridge_stats_type = { &ng_parse_struct_type, &ng_bridge_stats_type_fields }; +/* Parse type for struct ng_bridge_move_host */ +static const struct ng_parse_struct_field ng_bridge_move_host_type_fields[] + = NG_BRIDGE_MOVE_HOST_TYPE_INFO(&ng_parse_enaddr_type); +static const struct ng_parse_type ng_bridge_move_host_type = { + &ng_parse_struct_type, + &ng_bridge_move_host_type_fields +}; /* List of commands and how to convert arguments to/from ASCII */ static const struct ng_cmdlist ng_bridge_cmdlist[] = { @@ -293,6 +300,13 @@ static const struct ng_cmdlist ng_bridge_cmdlist[] = { NULL, NULL }, + { + NGM_BRIDGE_COOKIE, + NGM_BRIDGE_MOVE_HOST, + "movehost", + &ng_bridge_move_host_type, + NULL + }, { 0 } }; @@ -670,6 +684,32 @@ ng_bridge_rcvmsg(node_p node, item_p item, hook_p lasthook) priv->persistent = 1; break; } + case NGM_BRIDGE_MOVE_HOST: + { + struct ng_bridge_move_host *mh; + hook_p hook; + struct ng_bridge_host *host; + + if (msg->header.arglen < sizeof(*mh)) { + error = EINVAL; + break; + } + mh = (struct ng_bridge_move_host *)msg->data; + hook = (mh->hook[0] == 0) + ? lasthook + : ng_findhook(node, mh->hook); + if (hook == NULL) { + error = ENOENT; + break; + } + host = ng_bridge_get(priv, mh->addr); + if (host != NULL) { + error = EADDRINUSE; + break; + } + error = ng_bridge_put(priv, mh->addr, NG_HOOK_PRIVATE(hook)); + break; + } default: error = EINVAL; break; @@ -884,12 +924,26 @@ ng_bridge_rcvdata(hook_p hook, item_p item) host->age = 0; } } else if (ctx.incoming->learnMac) { - if (!ng_bridge_put(priv, eh->ether_shost, ctx.incoming)) { + struct ng_mesg *msg; + struct ng_bridge_move_host *mh; + int error = 0; + + NG_MKMESSAGE(msg, NGM_BRIDGE_COOKIE, NGM_BRIDGE_MOVE_HOST, + sizeof(*mh), M_NOWAIT); + if (msg == NULL) { counter_u64_add(ctx.incoming->stats.memoryFailures, 1); NG_FREE_ITEM(item); NG_FREE_M(ctx.m); return (ENOMEM); } + mh = (struct ng_bridge_move_host *)msg->data; + strncpy(mh->hook, NG_HOOK_NAME(ctx.incoming->hook), + sizeof(mh->hook)); + memcpy(mh->addr, eh->ether_shost, sizeof(mh->addr)); + NG_SEND_MSG_ID(error, node, msg, NG_NODE_ID(node), + NG_NODE_ID(node)); + if (error) + counter_u64_add(ctx.incoming->stats.memoryFailures, 1); } /* Run packet through ipfw processing, if enabled */ @@ -1033,8 +1087,7 @@ ng_bridge_get(priv_cp priv, const u_char *addr) /* * Add a new host entry to the table. This assumes the host doesn't - * already exist in the table. Returns 1 on success, 0 if there - * was a memory allocation failure. + * already exist in the table. Returns 0 on success. */ static int ng_bridge_put(priv_p priv, const u_char *addr, link_p link) @@ -1044,16 +1097,14 @@ ng_bridge_put(priv_p priv, const u_char *addr, link_p link) #ifdef INVARIANTS /* Assert that entry does not already exist in hashtable */ - SLIST_FOREACH(host, &priv->tab[bucket], next) { - KASSERT(!ETHER_EQUAL(host->addr, addr), - ("%s: entry %6D exists in table", __func__, addr, ":")); - } + KASSERT(ng_bridge_get(priv, addr) == NULL, + ("%s: entry %6D exists in table", __func__, addr, ":")); #endif /* Allocate and initialize new hashtable entry */ host = malloc(sizeof(*host), M_NETGRAPH_BRIDGE, M_NOWAIT); if (host == NULL) - return (0); + return (ENOMEM); bcopy(addr, host->addr, ETHER_ADDR_LEN); host->link = link; host->staleness = 0; @@ -1065,7 +1116,7 @@ ng_bridge_put(priv_p priv, const u_char *addr, link_p link) /* Resize table if necessary */ ng_bridge_rehash(priv); - return (1); + return (0); } /* diff --git a/sys/netgraph/ng_bridge.h b/sys/netgraph/ng_bridge.h index f8eb0ca8a7da..4fb3e124637e 100644 --- a/sys/netgraph/ng_bridge.h +++ b/sys/netgraph/ng_bridge.h @@ -183,6 +183,16 @@ struct ng_bridge_host_tbl_ary { }; #endif /* NGM_BRIDGE_TABLE_ABI */ +struct ng_bridge_move_host { + u_char addr[ETHER_ADDR_LEN]; /* ethernet address */ + char hook[NG_HOOKSIZ]; /* link where addr can be found */ +}; +/* Keep this in sync with the above structure definition */ +#define NG_BRIDGE_MOVE_HOST_TYPE_INFO(entype) { \ + { "addr", (entype) }, \ + { "hook", &ng_parse_hookbuf_type }, \ +} + /* Netgraph control messages */ enum { NGM_BRIDGE_SET_CONFIG = 1, /* set node configuration */ @@ -193,6 +203,7 @@ enum { NGM_BRIDGE_GETCLR_STATS, /* atomically get & clear link stats */ NGM_BRIDGE_GET_TABLE, /* get link table */ NGM_BRIDGE_SET_PERSISTENT, /* set persistent mode */ + NGM_BRIDGE_MOVE_HOST, /* move a host to a link */ }; #endif /* _NETGRAPH_NG_BRIDGE_H_ */ From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:57:01 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BA270639A66; Thu, 27 May 2021 10:57:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrPs94Lz8z3Bmd; Thu, 27 May 2021 10:57:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7EEFE22E13; Thu, 27 May 2021 10:57:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAv1ou099959; Thu, 27 May 2021 10:57:01 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAv1Rs099958; Thu, 27 May 2021 10:57:01 GMT (envelope-from git) Date: Thu, 27 May 2021 10:57:01 GMT Message-Id: <202105271057.14RAv1Rs099958@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: cab6109379ce - stable/13 - netgraph/ng_bridge: move MACs via control message MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: cab6109379ce206bfe8e9f8495cdf3579fa097e2 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:57:01 -0000 The branch stable/13 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=cab6109379ce206bfe8e9f8495cdf3579fa097e2 commit cab6109379ce206bfe8e9f8495cdf3579fa097e2 Author: Lutz Donnerhacke AuthorDate: 2021-02-09 13:28:48 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-27 10:55:37 +0000 netgraph/ng_bridge: move MACs via control message Use the new control message to move ethernet addresses from a link to a new link in ng_bridge(4). Send this message instead of doing the work directly requires to move the loop detection into the control message processing. This will delay the loop detection by a few frames. This decouples the read-only activity from the modification under a more strict writer lock. Reviewed by: manpages (gbe) Differential Revision: https://reviews.freebsd.org/D28559 (cherry picked from commit f6e0c471691e0005e450ec968a9fa3b5346a3c45) --- share/man/man4/ng_bridge.4 | 13 ++++-- sys/netgraph/ng_bridge.c | 112 ++++++++++++++++++++------------------------- 2 files changed, 59 insertions(+), 66 deletions(-) diff --git a/share/man/man4/ng_bridge.4 b/share/man/man4/ng_bridge.4 index 216dea3c392a..f83bacecce40 100644 --- a/share/man/man4/ng_bridge.4 +++ b/share/man/man4/ng_bridge.4 @@ -34,7 +34,7 @@ .\" .\" $FreeBSD$ .\" -.Dd February 17, 2021 +.Dd May 13, 2021 .Dt NG_BRIDGE 4 .Os .Sh NAME @@ -221,12 +221,19 @@ as an argument. It assigns the MAC .Va addr to the -.Va hook , -which must not be assigned yet. +.Va hook . If the .Va hook is the empty string, the incoming hook of the control message is used as fallback. +.Pp +If necessary, the MAC is removed from the currently assigned hook and +moved to the new one. +If the MAC is moved faster than +.Va minStableAge , +the hook is considered as a loop and will block traffic for +.Va loopTimeout +seconds. .Bd -literal -offset 0n struct ng_bridge_move_host { u_char addr[ETHER_ADDR_LEN]; /* ethernet address */ diff --git a/sys/netgraph/ng_bridge.c b/sys/netgraph/ng_bridge.c index fe6a6753318a..98706cee3a61 100644 --- a/sys/netgraph/ng_bridge.c +++ b/sys/netgraph/ng_bridge.c @@ -103,7 +103,7 @@ struct ng_bridge_link_kernel_stats { counter_u64_t xmitMulticasts; /* multicast pkts xmit'd on link */ counter_u64_t xmitBroadcasts; /* broadcast pkts xmit'd on link */ counter_u64_t loopDrops; /* pkts dropped due to loopback */ - counter_u64_t loopDetects; /* number of loop detections */ + u_int64_t loopDetects; /* number of loop detections */ counter_u64_t memoryFailures; /* times couldn't get mem or mbuf */ }; @@ -420,7 +420,6 @@ ng_bridge_newhook(node_p node, hook_p hook, const char *name) link->stats.xmitMulticasts = counter_u64_alloc(M_WAITOK); link->stats.xmitBroadcasts = counter_u64_alloc(M_WAITOK); link->stats.loopDrops = counter_u64_alloc(M_WAITOK); - link->stats.loopDetects = counter_u64_alloc(M_WAITOK); link->stats.memoryFailures = counter_u64_alloc(M_WAITOK); link->hook = hook; @@ -456,7 +455,7 @@ static void ng_bridge_clear_link_stats(struct ng_bridge_link_kernel_stats * p) counter_u64_zero(p->xmitMulticasts); counter_u64_zero(p->xmitBroadcasts); counter_u64_zero(p->loopDrops); - counter_u64_zero(p->loopDetects); + p->loopDetects = 0; counter_u64_zero(p->memoryFailures); }; @@ -642,7 +641,7 @@ ng_bridge_rcvmsg(node_p node, item_p item, hook_p lasthook) FETCH(xmitMulticasts); FETCH(xmitBroadcasts); FETCH(loopDrops); - FETCH(loopDetects); + rs->loopDetects = link->stats.loopDetects; FETCH(memoryFailures); #undef FETCH } @@ -688,7 +687,6 @@ ng_bridge_rcvmsg(node_p node, item_p item, hook_p lasthook) { struct ng_bridge_move_host *mh; hook_p hook; - struct ng_bridge_host *host; if (msg->header.arglen < sizeof(*mh)) { error = EINVAL; @@ -702,11 +700,6 @@ ng_bridge_rcvmsg(node_p node, item_p item, hook_p lasthook) error = ENOENT; break; } - host = ng_bridge_get(priv, mh->addr); - if (host != NULL) { - error = EADDRINUSE; - break; - } error = ng_bridge_put(priv, mh->addr, NG_HOOK_PRIVATE(hook)); break; } @@ -859,7 +852,7 @@ ng_bridge_rcvdata(hook_p hook, item_p item) counter_u64_add(ctx.incoming->stats.loopDrops, 1); NG_FREE_ITEM(item); NG_FREE_M(ctx.m); - return (ELOOP); /* XXX is this an appropriate error? */ + return (ELOOP); } /* Update stats */ @@ -874,56 +867,15 @@ ng_bridge_rcvdata(hook_p hook, item_p item) } /* Look up packet's source Ethernet address in hashtable */ - if ((host = ng_bridge_get(priv, eh->ether_shost)) != NULL) { + if ((host = ng_bridge_get(priv, eh->ether_shost)) != NULL) /* Update time since last heard from this host. * This is safe without locking, because it's * the only operation during shared access. */ host->staleness = 0; - /* Did host jump to a different link? */ - if (host->link != ctx.incoming) { - /* - * If the host's old link was recently established - * on the old link and it's already jumped to a new - * link, declare a loopback condition. - */ - if (host->age < priv->conf.minStableAge) { - /* Log the problem */ - if (priv->conf.debugLevel >= 2) { - struct ifnet *ifp = ctx.m->m_pkthdr.rcvif; - char suffix[32]; - - if (ifp != NULL) - snprintf(suffix, sizeof(suffix), - " (%s)", ifp->if_xname); - else - *suffix = '\0'; - log(LOG_WARNING, "ng_bridge: %s:" - " loopback detected on %s%s\n", - ng_bridge_nodename(node), - NG_HOOK_NAME(hook), suffix); - } - - /* Mark link as linka non grata */ - ctx.incoming->loopCount = priv->conf.loopTimeout; - counter_u64_add(ctx.incoming->stats.loopDetects, 1); - - /* Forget all hosts on this link */ - ng_bridge_remove_hosts(priv, ctx.incoming); - - /* Drop packet */ - counter_u64_add(ctx.incoming->stats.loopDrops, 1); - NG_FREE_ITEM(item); - NG_FREE_M(ctx.m); - return (ELOOP); /* XXX appropriate? */ - } - - /* Move host over to new link */ - host->link = ctx.incoming; - host->age = 0; - } - } else if (ctx.incoming->learnMac) { + if ((host == NULL && ctx.incoming->learnMac) || + (host != NULL && host->link != ctx.incoming)) { struct ng_mesg *msg; struct ng_bridge_move_host *mh; int error = 0; @@ -946,6 +898,16 @@ ng_bridge_rcvdata(hook_p hook, item_p item) counter_u64_add(ctx.incoming->stats.memoryFailures, 1); } + if (host != NULL && host->link != ctx.incoming) { + if (host->age < priv->conf.minStableAge) { + /* Drop packet on instable links */ + counter_u64_add(ctx.incoming->stats.loopDrops, 1); + NG_FREE_ITEM(item); + NG_FREE_M(ctx.m); + return (ELOOP); + } + } + /* Run packet through ipfw processing, if enabled */ #if 0 if (priv->conf.ipfw[linkNum] && V_fw_enable && V_ip_fw_chk_ptr != NULL) { @@ -1044,7 +1006,6 @@ ng_bridge_disconnect(hook_p hook) counter_u64_free(link->stats.xmitMulticasts); counter_u64_free(link->stats.xmitBroadcasts); counter_u64_free(link->stats.loopDrops); - counter_u64_free(link->stats.loopDetects); counter_u64_free(link->stats.memoryFailures); free(link, M_NETGRAPH_BRIDGE); priv->numLinks--; @@ -1086,8 +1047,8 @@ ng_bridge_get(priv_cp priv, const u_char *addr) } /* - * Add a new host entry to the table. This assumes the host doesn't - * already exist in the table. Returns 0 on success. + * Add a host entry to the table. If it already exists, move it + * to the new link. Returns 0 on success. */ static int ng_bridge_put(priv_p priv, const u_char *addr, link_p link) @@ -1095,11 +1056,36 @@ ng_bridge_put(priv_p priv, const u_char *addr, link_p link) const int bucket = HASH(addr, priv->hashMask); struct ng_bridge_host *host; -#ifdef INVARIANTS - /* Assert that entry does not already exist in hashtable */ - KASSERT(ng_bridge_get(priv, addr) == NULL, - ("%s: entry %6D exists in table", __func__, addr, ":")); -#endif + if ((host = ng_bridge_get(priv, addr)) != NULL) { + /* Host already on the correct link? */ + if (host->link == link) + return 0; + + /* Move old host over to new link */ + if (host->age >= priv->conf.minStableAge) { + host->link = link; + host->age = 0; + return (0); + } + /* + * If the host was recently moved to the old link and + * it's now jumping to a new link, declare a loopback + * condition. + */ + if (priv->conf.debugLevel >= 2) + log(LOG_WARNING, "ng_bridge: %s:" + " loopback detected on %s\n", + ng_bridge_nodename(priv->node), + NG_HOOK_NAME(link->hook)); + + /* Mark link as linka non grata */ + link->loopCount = priv->conf.loopTimeout; + link->stats.loopDetects++; + + /* Forget all hosts on this link */ + ng_bridge_remove_hosts(priv, link); + return (ELOOP); + } /* Allocate and initialize new hashtable entry */ host = malloc(sizeof(*host), M_NETGRAPH_BRIDGE, M_NOWAIT); From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:57:03 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 167C7639CF2; Thu, 27 May 2021 10:57:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrPsB5kmpz4vw0; Thu, 27 May 2021 10:57:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9F13922ADD; Thu, 27 May 2021 10:57:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAv2L4099987; Thu, 27 May 2021 10:57:02 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAv2Zs099986; Thu, 27 May 2021 10:57:02 GMT (envelope-from git) Date: Thu, 27 May 2021 10:57:02 GMT Message-Id: <202105271057.14RAv2Zs099986@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: fb5e2f4d613e - stable/13 - netgraph/ng_bridge: become SMP aware MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: fb5e2f4d613eee6839f25084fdcf078081c080bc Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:57:03 -0000 The branch stable/13 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=fb5e2f4d613eee6839f25084fdcf078081c080bc commit fb5e2f4d613eee6839f25084fdcf078081c080bc Author: Lutz Donnerhacke AuthorDate: 2021-01-12 21:28:29 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-27 10:55:44 +0000 netgraph/ng_bridge: become SMP aware The node ng_bridge underwent a lot of changes in the last few months. All those steps were necessary to distinguish between structure modifying and read-only data transport paths. Now it's done, the node can perform frame forwarding on multiple cores in parallel. Differential Revision: https://reviews.freebsd.org/D28123 (cherry picked from commit 9674c2e68c613757ddf5a8780743842b5ac4d74f) --- sys/netgraph/ng_bridge.c | 9 --------- 1 file changed, 9 deletions(-) diff --git a/sys/netgraph/ng_bridge.c b/sys/netgraph/ng_bridge.c index 98706cee3a61..0bed50fc240b 100644 --- a/sys/netgraph/ng_bridge.c +++ b/sys/netgraph/ng_bridge.c @@ -351,15 +351,6 @@ ng_bridge_constructor(node_p node) priv->conf.minStableAge = DEFAULT_MIN_STABLE_AGE; priv->sendUnknown = 1; /* classic bridge */ - /* - * This node has all kinds of stuff that could be screwed by SMP. - * Until it gets it's own internal protection, we go through in - * single file. This could hurt a machine bridging between two - * GB ethernets so it should be fixed. - * When it's fixed the process SHOULD NOT SLEEP, spinlocks please! - * (and atomic ops ) - */ - NG_NODE_FORCE_WRITER(node); NG_NODE_SET_PRIVATE(node, priv); priv->node = node; From owner-dev-commits-src-branches@freebsd.org Thu May 27 10:57:03 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EBBC9639EC8; Thu, 27 May 2021 10:57:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrPsC66W6z4vsp; Thu, 27 May 2021 10:57:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B1CD422F92; Thu, 27 May 2021 10:57:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RAv3jc000109; Thu, 27 May 2021 10:57:03 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RAv34W000108; Thu, 27 May 2021 10:57:03 GMT (envelope-from git) Date: Thu, 27 May 2021 10:57:03 GMT Message-Id: <202105271057.14RAv34W000108@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: 7fd88ba72eb3 - stable/13 - netgraph/ng_bridge: Avoid cache thrashing MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 7fd88ba72eb353c9dd43063f5faea019ad5b0ea9 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 10:57:04 -0000 The branch stable/13 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=7fd88ba72eb353c9dd43063f5faea019ad5b0ea9 commit 7fd88ba72eb353c9dd43063f5faea019ad5b0ea9 Author: Lutz Donnerhacke AuthorDate: 2021-02-11 22:59:11 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-27 10:55:52 +0000 netgraph/ng_bridge: Avoid cache thrashing Hint the compiler, that this update is needed at most once per second. Only in this case the memory line needs to be written. This will reduce the amount of cache trashing during forward of most frames. Suggested by: zec Approved by: zec Differential Revision: https://reviews.freebsd.org/D28601 (cherry picked from commit 4dfe70fdbda05453e824bc9edfc0d09eab7b2929) --- sys/netgraph/ng_bridge.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sys/netgraph/ng_bridge.c b/sys/netgraph/ng_bridge.c index 0bed50fc240b..baedeb911e6d 100644 --- a/sys/netgraph/ng_bridge.c +++ b/sys/netgraph/ng_bridge.c @@ -863,7 +863,8 @@ ng_bridge_rcvdata(hook_p hook, item_p item) * This is safe without locking, because it's * the only operation during shared access. */ - host->staleness = 0; + if (__predict_false(host->staleness > 0)) + host->staleness = 0; if ((host == NULL && ctx.incoming->learnMac) || (host != NULL && host->link != ctx.incoming)) { From owner-dev-commits-src-branches@freebsd.org Thu May 27 11:07:46 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E246763A43A; Thu, 27 May 2021 11:07:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrQ5Z62Xpz3C89; Thu, 27 May 2021 11:07:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B323222DB8; Thu, 27 May 2021 11:07:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RB7khH013954; Thu, 27 May 2021 11:07:46 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RB7k0K013953; Thu, 27 May 2021 11:07:46 GMT (envelope-from git) Date: Thu, 27 May 2021 11:07:46 GMT Message-Id: <202105271107.14RB7k0K013953@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: d9a06ae65043 - stable/12 - netgraph/ng_bridge: learn MACs via control message MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: d9a06ae65043b6a21cb816ed10d26cb947876d67 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 11:07:46 -0000 The branch stable/12 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=d9a06ae65043b6a21cb816ed10d26cb947876d67 commit d9a06ae65043b6a21cb816ed10d26cb947876d67 Author: Lutz Donnerhacke AuthorDate: 2021-05-04 20:14:59 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-27 11:00:17 +0000 netgraph/ng_bridge: learn MACs via control message Add a new control message to move ethernet addresses to a given link in ng_bridge(4). Send this message instead of doing the work directly. This decouples the read-only activity from the modification under a more strict writer lock. Decoupling the work is a prerequisite for multithreaded operation. Approved by: manpages (bcr), kp (earlier version) Differential Revision: https://reviews.freebsd.org/D28516 (cherry picked from commit b1bd44732d8332930dc6a17092f47a201caff1ef) --- share/man/man4/ng_bridge.4 | 21 +++++++++++++- sys/netgraph/ng_bridge.c | 69 ++++++++++++++++++++++++++++++++++++++++------ sys/netgraph/ng_bridge.h | 11 ++++++++ 3 files changed, 91 insertions(+), 10 deletions(-) diff --git a/share/man/man4/ng_bridge.4 b/share/man/man4/ng_bridge.4 index 1451773711e9..e3f406c3f437 100644 --- a/share/man/man4/ng_bridge.4 +++ b/share/man/man4/ng_bridge.4 @@ -34,7 +34,7 @@ .\" .\" $FreeBSD$ .\" -.Dd February 6, 2021 +.Dd February 17, 2021 .Dt NG_BRIDGE 4 .Os .Sh NAME @@ -214,6 +214,25 @@ Returns the current host mapping table used to direct packets, in a .Dv "struct ng_bridge_host_ary" . .It Dv NGM_BRIDGE_SET_PERSISTENT Pq Ic setpersistent This command sets the persistent flag on the node, and takes no arguments. +.It Dv NGM_BRIDGE_MOVE_HOST Pq Ar movehost +This command takes a +.Vt "struct ng_bridge_move_host" +as an argument. +It assigns the MAC +.Va addr +to the +.Va hook , +which must not be assigned yet. +If the +.Va hook +is the empty string, the incoming hook of the control message is +used as fallback. +.Bd -literal -offset 0n +struct ng_bridge_move_host { + u_char addr[ETHER_ADDR_LEN]; /* ethernet address */ + char hook[NG_HOOKSIZ]; /* link where addr can be found */ +}; +.Ed .El .Sh SHUTDOWN This node shuts down upon receipt of a diff --git a/sys/netgraph/ng_bridge.c b/sys/netgraph/ng_bridge.c index 3243319c99e8..0d5e2ffb196d 100644 --- a/sys/netgraph/ng_bridge.c +++ b/sys/netgraph/ng_bridge.c @@ -234,6 +234,13 @@ static const struct ng_parse_type ng_bridge_stats_type = { &ng_parse_struct_type, &ng_bridge_stats_type_fields }; +/* Parse type for struct ng_bridge_move_host */ +static const struct ng_parse_struct_field ng_bridge_move_host_type_fields[] + = NG_BRIDGE_MOVE_HOST_TYPE_INFO(&ng_parse_enaddr_type); +static const struct ng_parse_type ng_bridge_move_host_type = { + &ng_parse_struct_type, + &ng_bridge_move_host_type_fields +}; /* List of commands and how to convert arguments to/from ASCII */ static const struct ng_cmdlist ng_bridge_cmdlist[] = { @@ -293,6 +300,13 @@ static const struct ng_cmdlist ng_bridge_cmdlist[] = { NULL, NULL }, + { + NGM_BRIDGE_COOKIE, + NGM_BRIDGE_MOVE_HOST, + "movehost", + &ng_bridge_move_host_type, + NULL + }, { 0 } }; @@ -669,6 +683,32 @@ ng_bridge_rcvmsg(node_p node, item_p item, hook_p lasthook) priv->persistent = 1; break; } + case NGM_BRIDGE_MOVE_HOST: + { + struct ng_bridge_move_host *mh; + hook_p hook; + struct ng_bridge_host *host; + + if (msg->header.arglen < sizeof(*mh)) { + error = EINVAL; + break; + } + mh = (struct ng_bridge_move_host *)msg->data; + hook = (mh->hook[0] == 0) + ? lasthook + : ng_findhook(node, mh->hook); + if (hook == NULL) { + error = ENOENT; + break; + } + host = ng_bridge_get(priv, mh->addr); + if (host != NULL) { + error = EADDRINUSE; + break; + } + error = ng_bridge_put(priv, mh->addr, NG_HOOK_PRIVATE(hook)); + break; + } default: error = EINVAL; break; @@ -885,12 +925,26 @@ ng_bridge_rcvdata(hook_p hook, item_p item) host->age = 0; } } else if (ctx.incoming->learnMac) { - if (!ng_bridge_put(priv, eh->ether_shost, ctx.incoming)) { + struct ng_mesg *msg; + struct ng_bridge_move_host *mh; + int error = 0; + + NG_MKMESSAGE(msg, NGM_BRIDGE_COOKIE, NGM_BRIDGE_MOVE_HOST, + sizeof(*mh), M_NOWAIT); + if (msg == NULL) { counter_u64_add(ctx.incoming->stats.memoryFailures, 1); NG_FREE_ITEM(item); NG_FREE_M(ctx.m); return (ENOMEM); } + mh = (struct ng_bridge_move_host *)msg->data; + strncpy(mh->hook, NG_HOOK_NAME(ctx.incoming->hook), + sizeof(mh->hook)); + memcpy(mh->addr, eh->ether_shost, sizeof(mh->addr)); + NG_SEND_MSG_ID(error, node, msg, NG_NODE_ID(node), + NG_NODE_ID(node)); + if (error) + counter_u64_add(ctx.incoming->stats.memoryFailures, 1); } /* Run packet through ipfw processing, if enabled */ @@ -1035,8 +1089,7 @@ ng_bridge_get(priv_cp priv, const u_char *addr) /* * Add a new host entry to the table. This assumes the host doesn't - * already exist in the table. Returns 1 on success, 0 if there - * was a memory allocation failure. + * already exist in the table. Returns 0 on success. */ static int ng_bridge_put(priv_p priv, const u_char *addr, link_p link) @@ -1046,16 +1099,14 @@ ng_bridge_put(priv_p priv, const u_char *addr, link_p link) #ifdef INVARIANTS /* Assert that entry does not already exist in hashtable */ - SLIST_FOREACH(host, &priv->tab[bucket], next) { - KASSERT(!ETHER_EQUAL(host->addr, addr), - ("%s: entry %6D exists in table", __func__, addr, ":")); - } + KASSERT(ng_bridge_get(priv, addr) == NULL, + ("%s: entry %6D exists in table", __func__, addr, ":")); #endif /* Allocate and initialize new hashtable entry */ host = malloc(sizeof(*host), M_NETGRAPH_BRIDGE, M_NOWAIT); if (host == NULL) - return (0); + return (ENOMEM); bcopy(addr, host->addr, ETHER_ADDR_LEN); host->link = link; host->staleness = 0; @@ -1067,7 +1118,7 @@ ng_bridge_put(priv_p priv, const u_char *addr, link_p link) /* Resize table if necessary */ ng_bridge_rehash(priv); - return (1); + return (0); } /* diff --git a/sys/netgraph/ng_bridge.h b/sys/netgraph/ng_bridge.h index 790e9c5da11e..7d9c1a22bb6e 100644 --- a/sys/netgraph/ng_bridge.h +++ b/sys/netgraph/ng_bridge.h @@ -183,6 +183,16 @@ struct ng_bridge_host_tbl_ary { }; #endif /* NGM_BRIDGE_TABLE_ABI */ +struct ng_bridge_move_host { + u_char addr[ETHER_ADDR_LEN]; /* ethernet address */ + char hook[NG_HOOKSIZ]; /* link where addr can be found */ +}; +/* Keep this in sync with the above structure definition */ +#define NG_BRIDGE_MOVE_HOST_TYPE_INFO(entype) { \ + { "addr", (entype) }, \ + { "hook", &ng_parse_hookbuf_type }, \ +} + /* Netgraph control messages */ enum { NGM_BRIDGE_SET_CONFIG = 1, /* set node configuration */ @@ -193,6 +203,7 @@ enum { NGM_BRIDGE_GETCLR_STATS, /* atomically get & clear link stats */ NGM_BRIDGE_GET_TABLE, /* get link table */ NGM_BRIDGE_SET_PERSISTENT, /* set persistent mode */ + NGM_BRIDGE_MOVE_HOST, /* move a host to a link */ }; #endif /* _NETGRAPH_NG_BRIDGE_H_ */ From owner-dev-commits-src-branches@freebsd.org Thu May 27 11:07:48 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0A571639B28; Thu, 27 May 2021 11:07:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrQ5b6hsHz3CDf; Thu, 27 May 2021 11:07:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id CC15422E31; Thu, 27 May 2021 11:07:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RB7l6h013975; Thu, 27 May 2021 11:07:47 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RB7lJ2013974; Thu, 27 May 2021 11:07:47 GMT (envelope-from git) Date: Thu, 27 May 2021 11:07:47 GMT Message-Id: <202105271107.14RB7lJ2013974@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: 6d7b0f3fe9b5 - stable/12 - netgraph/ng_bridge: move MACs via control message MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 6d7b0f3fe9b5cd41fa8404a70d34701400487e2b Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 11:07:48 -0000 The branch stable/12 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=6d7b0f3fe9b5cd41fa8404a70d34701400487e2b commit 6d7b0f3fe9b5cd41fa8404a70d34701400487e2b Author: Lutz Donnerhacke AuthorDate: 2021-02-09 13:28:48 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-27 11:04:39 +0000 netgraph/ng_bridge: move MACs via control message Use the new control message to move ethernet addresses from a link to a new link in ng_bridge(4). Send this message instead of doing the work directly requires to move the loop detection into the control message processing. This will delay the loop detection by a few frames. This decouples the read-only activity from the modification under a more strict writer lock. Reviewed by: manpages (gbe) Differential Revision: https://reviews.freebsd.org/D28559 (cherry picked from commit f6e0c471691e0005e450ec968a9fa3b5346a3c45) --- share/man/man4/ng_bridge.4 | 13 ++++-- sys/netgraph/ng_bridge.c | 114 +++++++++++++++++++-------------------------- 2 files changed, 59 insertions(+), 68 deletions(-) diff --git a/share/man/man4/ng_bridge.4 b/share/man/man4/ng_bridge.4 index e3f406c3f437..0387157f0622 100644 --- a/share/man/man4/ng_bridge.4 +++ b/share/man/man4/ng_bridge.4 @@ -34,7 +34,7 @@ .\" .\" $FreeBSD$ .\" -.Dd February 17, 2021 +.Dd May 13, 2021 .Dt NG_BRIDGE 4 .Os .Sh NAME @@ -221,12 +221,19 @@ as an argument. It assigns the MAC .Va addr to the -.Va hook , -which must not be assigned yet. +.Va hook . If the .Va hook is the empty string, the incoming hook of the control message is used as fallback. +.Pp +If necessary, the MAC is removed from the currently assigned hook and +moved to the new one. +If the MAC is moved faster than +.Va minStableAge , +the hook is considered as a loop and will block traffic for +.Va loopTimeout +seconds. .Bd -literal -offset 0n struct ng_bridge_move_host { u_char addr[ETHER_ADDR_LEN]; /* ethernet address */ diff --git a/sys/netgraph/ng_bridge.c b/sys/netgraph/ng_bridge.c index 0d5e2ffb196d..17e840a06289 100644 --- a/sys/netgraph/ng_bridge.c +++ b/sys/netgraph/ng_bridge.c @@ -103,7 +103,7 @@ struct ng_bridge_link_kernel_stats { counter_u64_t xmitMulticasts; /* multicast pkts xmit'd on link */ counter_u64_t xmitBroadcasts; /* broadcast pkts xmit'd on link */ counter_u64_t loopDrops; /* pkts dropped due to loopback */ - counter_u64_t loopDetects; /* number of loop detections */ + u_int64_t loopDetects; /* number of loop detections */ counter_u64_t memoryFailures; /* times couldn't get mem or mbuf */ }; @@ -420,7 +420,6 @@ ng_bridge_newhook(node_p node, hook_p hook, const char *name) link->stats.xmitMulticasts = counter_u64_alloc(M_WAITOK); link->stats.xmitBroadcasts = counter_u64_alloc(M_WAITOK); link->stats.loopDrops = counter_u64_alloc(M_WAITOK); - link->stats.loopDetects = counter_u64_alloc(M_WAITOK); link->stats.memoryFailures = counter_u64_alloc(M_WAITOK); link->hook = hook; @@ -456,7 +455,7 @@ static void ng_bridge_clear_link_stats(struct ng_bridge_link_kernel_stats * p) counter_u64_zero(p->xmitMulticasts); counter_u64_zero(p->xmitBroadcasts); counter_u64_zero(p->loopDrops); - counter_u64_zero(p->loopDetects); + p->loopDetects = 0; counter_u64_zero(p->memoryFailures); }; @@ -641,7 +640,7 @@ ng_bridge_rcvmsg(node_p node, item_p item, hook_p lasthook) FETCH(xmitMulticasts); FETCH(xmitBroadcasts); FETCH(loopDrops); - FETCH(loopDetects); + rs->loopDetects = link->stats.loopDetects; FETCH(memoryFailures); #undef FETCH } @@ -687,7 +686,6 @@ ng_bridge_rcvmsg(node_p node, item_p item, hook_p lasthook) { struct ng_bridge_move_host *mh; hook_p hook; - struct ng_bridge_host *host; if (msg->header.arglen < sizeof(*mh)) { error = EINVAL; @@ -701,11 +699,6 @@ ng_bridge_rcvmsg(node_p node, item_p item, hook_p lasthook) error = ENOENT; break; } - host = ng_bridge_get(priv, mh->addr); - if (host != NULL) { - error = EADDRINUSE; - break; - } error = ng_bridge_put(priv, mh->addr, NG_HOOK_PRIVATE(hook)); break; } @@ -858,7 +851,7 @@ ng_bridge_rcvdata(hook_p hook, item_p item) counter_u64_add(ctx.incoming->stats.loopDrops, 1); NG_FREE_ITEM(item); NG_FREE_M(ctx.m); - return (ELOOP); /* XXX is this an appropriate error? */ + return (ELOOP); } /* Update stats */ @@ -873,58 +866,15 @@ ng_bridge_rcvdata(hook_p hook, item_p item) } /* Look up packet's source Ethernet address in hashtable */ - if ((host = ng_bridge_get(priv, eh->ether_shost)) != NULL) { + if ((host = ng_bridge_get(priv, eh->ether_shost)) != NULL) /* Update time since last heard from this host. * This is safe without locking, because it's * the only operation during shared access. */ host->staleness = 0; - /* Did host jump to a different link? */ - if (host->link != ctx.incoming) { - - /* - * If the host's old link was recently established - * on the old link and it's already jumped to a new - * link, declare a loopback condition. - */ - if (host->age < priv->conf.minStableAge) { - - /* Log the problem */ - if (priv->conf.debugLevel >= 2) { - struct ifnet *ifp = ctx.m->m_pkthdr.rcvif; - char suffix[32]; - - if (ifp != NULL) - snprintf(suffix, sizeof(suffix), - " (%s)", ifp->if_xname); - else - *suffix = '\0'; - log(LOG_WARNING, "ng_bridge: %s:" - " loopback detected on %s%s\n", - ng_bridge_nodename(node), - NG_HOOK_NAME(hook), suffix); - } - - /* Mark link as linka non grata */ - ctx.incoming->loopCount = priv->conf.loopTimeout; - counter_u64_add(ctx.incoming->stats.loopDetects, 1); - - /* Forget all hosts on this link */ - ng_bridge_remove_hosts(priv, ctx.incoming); - - /* Drop packet */ - counter_u64_add(ctx.incoming->stats.loopDrops, 1); - NG_FREE_ITEM(item); - NG_FREE_M(ctx.m); - return (ELOOP); /* XXX appropriate? */ - } - - /* Move host over to new link */ - host->link = ctx.incoming; - host->age = 0; - } - } else if (ctx.incoming->learnMac) { + if ((host == NULL && ctx.incoming->learnMac) || + (host != NULL && host->link != ctx.incoming)) { struct ng_mesg *msg; struct ng_bridge_move_host *mh; int error = 0; @@ -947,6 +897,16 @@ ng_bridge_rcvdata(hook_p hook, item_p item) counter_u64_add(ctx.incoming->stats.memoryFailures, 1); } + if (host != NULL && host->link != ctx.incoming) { + if (host->age < priv->conf.minStableAge) { + /* Drop packet on instable links */ + counter_u64_add(ctx.incoming->stats.loopDrops, 1); + NG_FREE_ITEM(item); + NG_FREE_M(ctx.m); + return (ELOOP); + } + } + /* Run packet through ipfw processing, if enabled */ #if 0 if (priv->conf.ipfw[linkNum] && V_fw_enable && V_ip_fw_chk_ptr != NULL) { @@ -1046,7 +1006,6 @@ ng_bridge_disconnect(hook_p hook) counter_u64_free(link->stats.xmitMulticasts); counter_u64_free(link->stats.xmitBroadcasts); counter_u64_free(link->stats.loopDrops); - counter_u64_free(link->stats.loopDetects); counter_u64_free(link->stats.memoryFailures); free(link, M_NETGRAPH_BRIDGE); priv->numLinks--; @@ -1088,8 +1047,8 @@ ng_bridge_get(priv_cp priv, const u_char *addr) } /* - * Add a new host entry to the table. This assumes the host doesn't - * already exist in the table. Returns 0 on success. + * Add a host entry to the table. If it already exists, move it + * to the new link. Returns 0 on success. */ static int ng_bridge_put(priv_p priv, const u_char *addr, link_p link) @@ -1097,11 +1056,36 @@ ng_bridge_put(priv_p priv, const u_char *addr, link_p link) const int bucket = HASH(addr, priv->hashMask); struct ng_bridge_host *host; -#ifdef INVARIANTS - /* Assert that entry does not already exist in hashtable */ - KASSERT(ng_bridge_get(priv, addr) == NULL, - ("%s: entry %6D exists in table", __func__, addr, ":")); -#endif + if ((host = ng_bridge_get(priv, addr)) != NULL) { + /* Host already on the correct link? */ + if (host->link == link) + return 0; + + /* Move old host over to new link */ + if (host->age >= priv->conf.minStableAge) { + host->link = link; + host->age = 0; + return (0); + } + /* + * If the host was recently moved to the old link and + * it's now jumping to a new link, declare a loopback + * condition. + */ + if (priv->conf.debugLevel >= 2) + log(LOG_WARNING, "ng_bridge: %s:" + " loopback detected on %s\n", + ng_bridge_nodename(priv->node), + NG_HOOK_NAME(link->hook)); + + /* Mark link as linka non grata */ + link->loopCount = priv->conf.loopTimeout; + link->stats.loopDetects++; + + /* Forget all hosts on this link */ + ng_bridge_remove_hosts(priv, link); + return (ELOOP); + } /* Allocate and initialize new hashtable entry */ host = malloc(sizeof(*host), M_NETGRAPH_BRIDGE, M_NOWAIT); From owner-dev-commits-src-branches@freebsd.org Thu May 27 11:07:49 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8427763A1E9; Thu, 27 May 2021 11:07:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrQ5d0twVz3C10; Thu, 27 May 2021 11:07:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id EF1D223204; Thu, 27 May 2021 11:07:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RB7mkK013996; Thu, 27 May 2021 11:07:48 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RB7mZV013995; Thu, 27 May 2021 11:07:48 GMT (envelope-from git) Date: Thu, 27 May 2021 11:07:48 GMT Message-Id: <202105271107.14RB7mZV013995@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: 069a2d01ccf2 - stable/12 - netgraph/ng_bridge: become SMP aware MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 069a2d01ccf2cb964cca8e4b0b500d5b88f7b1c2 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 11:07:49 -0000 The branch stable/12 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=069a2d01ccf2cb964cca8e4b0b500d5b88f7b1c2 commit 069a2d01ccf2cb964cca8e4b0b500d5b88f7b1c2 Author: Lutz Donnerhacke AuthorDate: 2021-01-12 21:28:29 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-27 11:04:52 +0000 netgraph/ng_bridge: become SMP aware The node ng_bridge underwent a lot of changes in the last few months. All those steps were necessary to distinguish between structure modifying and read-only data transport paths. Now it's done, the node can perform frame forwarding on multiple cores in parallel. Differential Revision: https://reviews.freebsd.org/D28123 (cherry picked from commit 9674c2e68c613757ddf5a8780743842b5ac4d74f) --- sys/netgraph/ng_bridge.c | 9 --------- 1 file changed, 9 deletions(-) diff --git a/sys/netgraph/ng_bridge.c b/sys/netgraph/ng_bridge.c index 17e840a06289..66dcf03acf2e 100644 --- a/sys/netgraph/ng_bridge.c +++ b/sys/netgraph/ng_bridge.c @@ -351,15 +351,6 @@ ng_bridge_constructor(node_p node) priv->conf.minStableAge = DEFAULT_MIN_STABLE_AGE; priv->sendUnknown = 1; /* classic bridge */ - /* - * This node has all kinds of stuff that could be screwed by SMP. - * Until it gets it's own internal protection, we go through in - * single file. This could hurt a machine bridging between two - * GB ethernets so it should be fixed. - * When it's fixed the process SHOULD NOT SLEEP, spinlocks please! - * (and atomic ops ) - */ - NG_NODE_FORCE_WRITER(node); NG_NODE_SET_PRIVATE(node, priv); priv->node = node; From owner-dev-commits-src-branches@freebsd.org Thu May 27 11:07:50 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4690363A143; Thu, 27 May 2021 11:07:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrQ5f18Wbz3C13; Thu, 27 May 2021 11:07:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0FD4C23118; Thu, 27 May 2021 11:07:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RB7ncL014024; Thu, 27 May 2021 11:07:49 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RB7nOJ014023; Thu, 27 May 2021 11:07:49 GMT (envelope-from git) Date: Thu, 27 May 2021 11:07:49 GMT Message-Id: <202105271107.14RB7nOJ014023@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: 83a8e97fd3c2 - stable/12 - netgraph/ng_bridge: Avoid cache thrashing MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 83a8e97fd3c27e9a4a03823705074a0471d0b6cc Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 11:07:50 -0000 The branch stable/12 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=83a8e97fd3c27e9a4a03823705074a0471d0b6cc commit 83a8e97fd3c27e9a4a03823705074a0471d0b6cc Author: Lutz Donnerhacke AuthorDate: 2021-02-11 22:59:11 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-27 11:05:00 +0000 netgraph/ng_bridge: Avoid cache thrashing Hint the compiler, that this update is needed at most once per second. Only in this case the memory line needs to be written. This will reduce the amount of cache trashing during forward of most frames. Suggested by: zec Approved by: zec Differential Revision: https://reviews.freebsd.org/D28601 (cherry picked from commit 4dfe70fdbda05453e824bc9edfc0d09eab7b2929) --- sys/netgraph/ng_bridge.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sys/netgraph/ng_bridge.c b/sys/netgraph/ng_bridge.c index 66dcf03acf2e..5a8c1731aa3f 100644 --- a/sys/netgraph/ng_bridge.c +++ b/sys/netgraph/ng_bridge.c @@ -862,7 +862,8 @@ ng_bridge_rcvdata(hook_p hook, item_p item) * This is safe without locking, because it's * the only operation during shared access. */ - host->staleness = 0; + if (__predict_false(host->staleness > 0)) + host->staleness = 0; if ((host == NULL && ctx.incoming->learnMac) || (host != NULL && host->link != ctx.incoming)) { From owner-dev-commits-src-branches@freebsd.org Thu May 27 13:06:03 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 568FD63CD98; Thu, 27 May 2021 13:06:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrSk31nhCz3P3c; Thu, 27 May 2021 13:06:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 195DF249F9; Thu, 27 May 2021 13:06:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RD62uq074735; Thu, 27 May 2021 13:06:02 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RD62Xu074734; Thu, 27 May 2021 13:06:02 GMT (envelope-from git) Date: Thu, 27 May 2021 13:06:02 GMT Message-Id: <202105271306.14RD62Xu074734@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 640c2ff8ae9b - stable/13 - ufs: Avoid M_WAITOK allocations when building a dirhash MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 640c2ff8ae9bdbad91aa25094123bb97e5a92bbf Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 13:06:03 -0000 The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=640c2ff8ae9bdbad91aa25094123bb97e5a92bbf commit 640c2ff8ae9bdbad91aa25094123bb97e5a92bbf Author: Don Morris AuthorDate: 2021-05-20 14:54:38 +0000 Commit: Mark Johnston CommitDate: 2021-05-27 13:05:50 +0000 ufs: Avoid M_WAITOK allocations when building a dirhash At this point the directory's vnode lock is held, so blocking while waiting for free pages makes the system more susceptible to deadlock in low memory conditions. This is particularly problematic on NUMA systems as UMA currently implements a strict first-touch policy. ufsdirhash_build() already uses M_NOWAIT for other allocations and already handled failures for the block array allocation, so just convert to M_NOWAIT. PR: 253992 Reviewed by: markj, mckusick, vangyzen (cherry picked from commit f17a5900850b4d449a91cbe9c61dfb62373c3cd1) --- sys/ufs/ufs/ufs_dirhash.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sys/ufs/ufs/ufs_dirhash.c b/sys/ufs/ufs/ufs_dirhash.c index 13094b5a1c97..d1e1bed0bde4 100644 --- a/sys/ufs/ufs/ufs_dirhash.c +++ b/sys/ufs/ufs/ufs_dirhash.c @@ -108,7 +108,7 @@ static uma_zone_t ufsdirhash_zone; #define DIRHASHLIST_LOCK() mtx_lock(&ufsdirhash_mtx) #define DIRHASHLIST_UNLOCK() mtx_unlock(&ufsdirhash_mtx) -#define DIRHASH_BLKALLOC_WAITOK() uma_zalloc(ufsdirhash_zone, M_WAITOK) +#define DIRHASH_BLKALLOC() uma_zalloc(ufsdirhash_zone, M_NOWAIT) #define DIRHASH_BLKFREE(ptr) uma_zfree(ufsdirhash_zone, (ptr)) #define DIRHASH_ASSERT_LOCKED(dh) \ sx_assert(&(dh)->dh_lock, SA_LOCKED) @@ -425,7 +425,7 @@ ufsdirhash_build(struct inode *ip) if (dh->dh_blkfree == NULL) goto fail; for (i = 0; i < narrays; i++) { - if ((dh->dh_hash[i] = DIRHASH_BLKALLOC_WAITOK()) == NULL) + if ((dh->dh_hash[i] = DIRHASH_BLKALLOC()) == NULL) goto fail; for (j = 0; j < DH_NBLKOFF; j++) dh->dh_hash[i][j] = DIRHASH_EMPTY; From owner-dev-commits-src-branches@freebsd.org Thu May 27 13:06:44 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id DC89B63CF89; Thu, 27 May 2021 13:06:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrSkr5xfsz3P1b; Thu, 27 May 2021 13:06:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B424024573; Thu, 27 May 2021 13:06:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RD6iHl074901; Thu, 27 May 2021 13:06:44 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RD6iSO074900; Thu, 27 May 2021 13:06:44 GMT (envelope-from git) Date: Thu, 27 May 2021 13:06:44 GMT Message-Id: <202105271306.14RD6iSO074900@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: 8340548bc84b - stable/12 - ufs: Avoid M_WAITOK allocations when building a dirhash MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 8340548bc84bf1cbfa678febb08e0aa0293fd935 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 13:06:44 -0000 The branch stable/12 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=8340548bc84bf1cbfa678febb08e0aa0293fd935 commit 8340548bc84bf1cbfa678febb08e0aa0293fd935 Author: Don Morris AuthorDate: 2021-05-20 14:54:38 +0000 Commit: Mark Johnston CommitDate: 2021-05-27 13:06:15 +0000 ufs: Avoid M_WAITOK allocations when building a dirhash At this point the directory's vnode lock is held, so blocking while waiting for free pages makes the system more susceptible to deadlock in low memory conditions. This is particularly problematic on NUMA systems as UMA currently implements a strict first-touch policy. ufsdirhash_build() already uses M_NOWAIT for other allocations and already handled failures for the block array allocation, so just convert to M_NOWAIT. PR: 253992 Reviewed by: markj, mckusick, vangyzen (cherry picked from commit f17a5900850b4d449a91cbe9c61dfb62373c3cd1) --- sys/ufs/ufs/ufs_dirhash.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sys/ufs/ufs/ufs_dirhash.c b/sys/ufs/ufs/ufs_dirhash.c index 2f1174d33657..b219d16642c6 100644 --- a/sys/ufs/ufs/ufs_dirhash.c +++ b/sys/ufs/ufs/ufs_dirhash.c @@ -108,7 +108,7 @@ static uma_zone_t ufsdirhash_zone; #define DIRHASHLIST_LOCK() mtx_lock(&ufsdirhash_mtx) #define DIRHASHLIST_UNLOCK() mtx_unlock(&ufsdirhash_mtx) -#define DIRHASH_BLKALLOC_WAITOK() uma_zalloc(ufsdirhash_zone, M_WAITOK) +#define DIRHASH_BLKALLOC() uma_zalloc(ufsdirhash_zone, M_NOWAIT) #define DIRHASH_BLKFREE(ptr) uma_zfree(ufsdirhash_zone, (ptr)) #define DIRHASH_ASSERT_LOCKED(dh) \ sx_assert(&(dh)->dh_lock, SA_LOCKED) @@ -425,7 +425,7 @@ ufsdirhash_build(struct inode *ip) if (dh->dh_blkfree == NULL) goto fail; for (i = 0; i < narrays; i++) { - if ((dh->dh_hash[i] = DIRHASH_BLKALLOC_WAITOK()) == NULL) + if ((dh->dh_hash[i] = DIRHASH_BLKALLOC()) == NULL) goto fail; for (j = 0; j < DH_NBLKOFF; j++) dh->dh_hash[i][j] = DIRHASH_EMPTY; From owner-dev-commits-src-branches@freebsd.org Thu May 27 13:41:16 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0401B63D1F3; Thu, 27 May 2021 13:41:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrTVg6Y3bz3hZt; Thu, 27 May 2021 13:41:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C979325125; Thu, 27 May 2021 13:41:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RDfFla023848; Thu, 27 May 2021 13:41:15 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RDfFkf023847; Thu, 27 May 2021 13:41:15 GMT (envelope-from git) Date: Thu, 27 May 2021 13:41:15 GMT Message-Id: <202105271341.14RDfFkf023847@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mitchell Horne Subject: git: 5500a15642f7 - stable/13 - build(7): use a more relevant example for PORTS_MODULES MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mhorne X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 5500a15642f7ea5f0cd01009c7db310ad8fee8b0 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 13:41:16 -0000 The branch stable/13 has been updated by mhorne: URL: https://cgit.FreeBSD.org/src/commit/?id=5500a15642f7ea5f0cd01009c7db310ad8fee8b0 commit 5500a15642f7ea5f0cd01009c7db310ad8fee8b0 Author: Mitchell Horne AuthorDate: 2021-05-15 14:14:52 +0000 Commit: Mitchell Horne CommitDate: 2021-05-27 13:40:05 +0000 build(7): use a more relevant example for PORTS_MODULES emulators/kqemu-kmod no longer exists in the ports tree. Reviewed by: imp, bcr Differential Revision: https://reviews.freebsd.org/D30261 (cherry picked from commit 7fbc0c98a8efaef86d72759372ec7746d929302e) --- share/man/man7/build.7 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/share/man/man7/build.7 b/share/man/man7/build.7 index 72a1dc3078d1..bad3da789e5a 100644 --- a/share/man/man7/build.7 +++ b/share/man/man7/build.7 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 12, 2020 +.Dd May 15, 2021 .Dt BUILD 7 .Os .Sh NAME @@ -600,7 +600,7 @@ and .Cm installkernel process. .Bd -literal -offset indent -make PORTS_MODULES=emulators/kqemu-kmod kernel +make PORTS_MODULES=emulators/virtualbox-ose-kmod kernel .Ed .It Va SRCCONF Specify a file to override the default From owner-dev-commits-src-branches@freebsd.org Thu May 27 13:41:17 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 484EB63D1FB; Thu, 27 May 2021 13:41:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrTVj0k93z3hRh; Thu, 27 May 2021 13:41:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id F40ED25206; Thu, 27 May 2021 13:41:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RDfGkU023876; Thu, 27 May 2021 13:41:16 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RDfGp6023875; Thu, 27 May 2021 13:41:16 GMT (envelope-from git) Date: Thu, 27 May 2021 13:41:16 GMT Message-Id: <202105271341.14RDfGp6023875@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mitchell Horne Subject: git: 608c12291c4a - stable/13 - scsi(4): fix "NMVe" typo MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mhorne X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 608c12291c4a91e50444b437a5e6610994d3c574 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 13:41:17 -0000 The branch stable/13 has been updated by mhorne: URL: https://cgit.FreeBSD.org/src/commit/?id=608c12291c4a91e50444b437a5e6610994d3c574 commit 608c12291c4a91e50444b437a5e6610994d3c574 Author: Mitchell Horne AuthorDate: 2021-05-21 14:50:15 +0000 Commit: Mitchell Horne CommitDate: 2021-05-27 13:40:40 +0000 scsi(4): fix "NMVe" typo (cherry picked from commit 788401188f950001cd9796cdcea9a7e5f92050ab) --- share/man/man4/scsi.4 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/share/man/man4/scsi.4 b/share/man/man4/scsi.4 index b2ed3a7eb5e5..d3f92fd6b8bb 100644 --- a/share/man/man4/scsi.4 +++ b/share/man/man4/scsi.4 @@ -56,7 +56,7 @@ subsystem provides a uniform and modular system for the implementation of drivers to control various .Tn SCSI , .Tn ATA , -.Tn NMVe , +.Tn NVMe , and .Tn MMC / SD devices, and to utilize different From owner-dev-commits-src-branches@freebsd.org Thu May 27 13:45:45 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C0BCB63DC16; Thu, 27 May 2021 13:45:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrTbs54vHz3jCt; Thu, 27 May 2021 13:45:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9617B24EF3; Thu, 27 May 2021 13:45:45 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RDjjC6027492; Thu, 27 May 2021 13:45:45 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RDjjcZ027491; Thu, 27 May 2021 13:45:45 GMT (envelope-from git) Date: Thu, 27 May 2021 13:45:45 GMT Message-Id: <202105271345.14RDjjcZ027491@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mitchell Horne Subject: git: 11129e433794 - stable/12 - build(7): use a more relevant example for PORTS_MODULES MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mhorne X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 11129e433794a0deed28c6d2fb012ccadd81da0c Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 13:45:45 -0000 The branch stable/12 has been updated by mhorne: URL: https://cgit.FreeBSD.org/src/commit/?id=11129e433794a0deed28c6d2fb012ccadd81da0c commit 11129e433794a0deed28c6d2fb012ccadd81da0c Author: Mitchell Horne AuthorDate: 2021-05-15 14:14:52 +0000 Commit: Mitchell Horne CommitDate: 2021-05-27 13:44:58 +0000 build(7): use a more relevant example for PORTS_MODULES emulators/kqemu-kmod no longer exists in the ports tree. Reviewed by: imp, bcr Differential Revision: https://reviews.freebsd.org/D30261 (cherry picked from commit 7fbc0c98a8efaef86d72759372ec7746d929302e) --- share/man/man7/build.7 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/share/man/man7/build.7 b/share/man/man7/build.7 index 8a698611ebd4..8537f191571e 100644 --- a/share/man/man7/build.7 +++ b/share/man/man7/build.7 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 3, 2020 +.Dd May 15, 2021 .Dt BUILD 7 .Os .Sh NAME @@ -580,7 +580,7 @@ and .Cm installkernel process. .Bd -literal -offset indent -make PORTS_MODULES=emulators/kqemu-kmod kernel +make PORTS_MODULES=emulators/virtualbox-ose-kmod kernel .Ed .It Va SRCCONF Specify a file to override the default From owner-dev-commits-src-branches@freebsd.org Thu May 27 13:45:46 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EFAD563D8E7; Thu, 27 May 2021 13:45:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrTbt6GGwz3j4N; Thu, 27 May 2021 13:45:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B9AA425297; Thu, 27 May 2021 13:45:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RDjktJ027513; Thu, 27 May 2021 13:45:46 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RDjkcB027512; Thu, 27 May 2021 13:45:46 GMT (envelope-from git) Date: Thu, 27 May 2021 13:45:46 GMT Message-Id: <202105271345.14RDjkcB027512@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mitchell Horne Subject: git: 4234e5ee7644 - stable/12 - scsi(4): fix "NMVe" typo MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mhorne X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 4234e5ee7644d610d061eb33515a2a4a88e2b7a1 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 13:45:47 -0000 The branch stable/12 has been updated by mhorne: URL: https://cgit.FreeBSD.org/src/commit/?id=4234e5ee7644d610d061eb33515a2a4a88e2b7a1 commit 4234e5ee7644d610d061eb33515a2a4a88e2b7a1 Author: Mitchell Horne AuthorDate: 2021-05-21 14:50:15 +0000 Commit: Mitchell Horne CommitDate: 2021-05-27 13:45:30 +0000 scsi(4): fix "NMVe" typo (cherry picked from commit 788401188f950001cd9796cdcea9a7e5f92050ab) --- share/man/man4/scsi.4 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/share/man/man4/scsi.4 b/share/man/man4/scsi.4 index 60f66eca4185..4b2bba2d141f 100644 --- a/share/man/man4/scsi.4 +++ b/share/man/man4/scsi.4 @@ -56,7 +56,7 @@ subsystem provides a uniform and modular system for the implementation of drivers to control various .Tn SCSI , .Tn ATA , -.Tn NMVe , +.Tn NVMe , and .Tn MMC / SD devices, and to utilize different From owner-dev-commits-src-branches@freebsd.org Thu May 27 18:46:09 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D4C6C642746; Thu, 27 May 2021 18:46:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrcGT5TWDz4ggR; Thu, 27 May 2021 18:46:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A44071289; Thu, 27 May 2021 18:46:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RIk94Q024971; Thu, 27 May 2021 18:46:09 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RIk9BT024970; Thu, 27 May 2021 18:46:09 GMT (envelope-from git) Date: Thu, 27 May 2021 18:46:09 GMT Message-Id: <202105271846.14RIk9BT024970@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Dimitry Andric Subject: git: ee5326013093 - stable/12 - Merge a bunch of googletest build improvements MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: dim X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: ee5326013093ddf50cae165e66dda9d8ac092d97 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 18:46:09 -0000 The branch stable/12 has been updated by dim: URL: https://cgit.FreeBSD.org/src/commit/?id=ee5326013093ddf50cae165e66dda9d8ac092d97 commit ee5326013093ddf50cae165e66dda9d8ac092d97 Author: Dimitry Andric AuthorDate: 2021-05-27 18:45:13 +0000 Commit: Dimitry Andric CommitDate: 2021-05-27 18:45:13 +0000 Merge a bunch of googletest build improvements googletest: pick from upstream: Don't allow signed/unsigned wchar_t in gcc 9 and later Pick 711fccf8317b4fb7adc21c00fc1e20823c5d875f from upstream googletest: Don't allow signed/unsigned wchar_t in gcc 9 and later Upstream pull request: https://github.com/google/googletest/pull/2270 Sponsored by: Dell EMC Isilon (cherry picked from commit f157ca4696f5922275d5d451736005b9332eb136) Major improvement to build parallelism for googletest internal tests Currently the googletest internal tests build after the matching library. However, each of these is serialized at the top level makefile. Additionally some of the tests (e.g. the gmock-matches-test) take up to 90 seconds to build with clang -O2. Having to wait for this test to complete before continuing to the next directory seriously slows down the parllelism of a -j32 build. Before this change running `make -C lib/googletest -j32 -s` in buildenv took 202 seconds, now it's 153 due to improved parallelism. Reviewed By: emaste (no objection) Differential Revision: https://reviews.freebsd.org/D26748 (cherry picked from commit 2ed3236082a4473c1da8f72c1ebc071a7b54321f) Enable SUBDIR_PARALLEL for lib/googletest This saves a few seconds in a parallel build since we can build the gtest_main and gmock subdirectories in parallel. Reviewed By: ngie Differential Revision: https://reviews.freebsd.org/D26760 (cherry picked from commit 4fa4bd6312cbeebda23a80feb77f29691af0cd7b) Significantly reduce compile time for googletest internal tests Clang's optimizer spends a really long time on these tests at -O2, so we now use -O0 instead. This reduces the -j32 time for lib/googletest/test from 131s to 29s. Using -O0 also reduces the disk usage from 144MB (at -O2) / 92MB (at -O1) to 82MB. Reviewed By: ngie, dim Differential Revision: https://reviews.freebsd.org/D26751 (cherry picked from commit 433f33d285eee7cd6a822b9d833a537dfc808634) --- .../include/gmock/internal/gmock-internal-utils.h | 5 ++++- lib/googletest/Makefile | 8 ++++++-- lib/googletest/gmock/Makefile | 3 --- lib/googletest/gmock_main/Makefile | 3 --- lib/googletest/gtest/Makefile | 3 --- lib/googletest/gtest_main/Makefile | 3 --- lib/googletest/tests/Makefile | 6 ++++++ lib/googletest/tests/Makefile.inc | 18 ++++++++++++++++++ lib/googletest/{gmock/tests => tests/gmock}/Makefile | 0 .../{gmock_main/tests => tests/gmock_main}/Makefile | 0 lib/googletest/{gtest/tests => tests/gtest}/Makefile | 0 .../{gtest_main/tests => tests/gtest_main}/Makefile | 0 12 files changed, 34 insertions(+), 15 deletions(-) diff --git a/contrib/googletest/googlemock/include/gmock/internal/gmock-internal-utils.h b/contrib/googletest/googlemock/include/gmock/internal/gmock-internal-utils.h index db64c65cbb8a..989b804acf32 100644 --- a/contrib/googletest/googlemock/include/gmock/internal/gmock-internal-utils.h +++ b/contrib/googletest/googlemock/include/gmock/internal/gmock-internal-utils.h @@ -125,8 +125,11 @@ struct LinkedPtrLessThan { // // To gcc, // wchar_t == signed wchar_t != unsigned wchar_t == unsigned int +// +// gcc-9 appears to treat signed/unsigned wchar_t as ill-formed +// regardless of the signage of its underlying type. #ifdef __GNUC__ -#if !defined(__WCHAR_UNSIGNED__) +#if !defined(__WCHAR_UNSIGNED__) && (__GNUC__ < 9) // signed/unsigned wchar_t are valid types. # define GMOCK_HAS_SIGNED_WCHAR_T_ 1 #endif diff --git a/lib/googletest/Makefile b/lib/googletest/Makefile index b45985177f83..47d4939f2166 100644 --- a/lib/googletest/Makefile +++ b/lib/googletest/Makefile @@ -3,12 +3,16 @@ .include SUBDIR+= gtest -SUBDIR+= .WAIT SUBDIR+= gmock -SUBDIR+= .WAIT SUBDIR+= gmock_main SUBDIR+= gtest_main SUBDIR.${MK_TESTS}+= tests +SUBDIR_DEPEND_gtest_main= gtest +SUBDIR_DEPEND_gmock= gtest +SUBDIR_DEPEND_gmock_main= gmock +SUBDIR_DEPEND_tests= gmock_main +SUBDIR_PARALLEL= + .include diff --git a/lib/googletest/gmock/Makefile b/lib/googletest/gmock/Makefile index 8eb9fb99a368..d5a71d3c33a6 100644 --- a/lib/googletest/gmock/Makefile +++ b/lib/googletest/gmock/Makefile @@ -42,7 +42,4 @@ INTERNAL_CUSTOM_INCS+= gmock/internal/custom/gmock-generated-actions.h SRCS+= gmock-all.cc -HAS_TESTS= -SUBDIR.${MK_TESTS}+= tests - .include diff --git a/lib/googletest/gmock_main/Makefile b/lib/googletest/gmock_main/Makefile index a2ecab10d586..238f342d55eb 100644 --- a/lib/googletest/gmock_main/Makefile +++ b/lib/googletest/gmock_main/Makefile @@ -19,7 +19,4 @@ LDFLAGS+= -L${LIBGMOCKDIR} SRCS+= gmock_main.cc -HAS_TESTS= -SUBDIR.${MK_TESTS}+= tests - .include diff --git a/lib/googletest/gtest/Makefile b/lib/googletest/gtest/Makefile index b580c33eb45a..ed3786d5075d 100644 --- a/lib/googletest/gtest/Makefile +++ b/lib/googletest/gtest/Makefile @@ -47,7 +47,4 @@ SRCS+= gtest-all.cc LIBADD+= pthread -HAS_TESTS= -SUBDIR.${MK_TESTS}+= tests - .include diff --git a/lib/googletest/gtest_main/Makefile b/lib/googletest/gtest_main/Makefile index 1499482d878a..dc102ed8a6e0 100644 --- a/lib/googletest/gtest_main/Makefile +++ b/lib/googletest/gtest_main/Makefile @@ -17,7 +17,4 @@ LDFLAGS+= -L${LIBGTESTDIR} SRCS+= gtest_main.cc -HAS_TESTS= -SUBDIR.${MK_TESTS}+= tests - .include diff --git a/lib/googletest/tests/Makefile b/lib/googletest/tests/Makefile index 3b3078f8612a..1df9936ff6cf 100644 --- a/lib/googletest/tests/Makefile +++ b/lib/googletest/tests/Makefile @@ -3,4 +3,10 @@ .PATH: ${SRCTOP}/tests KYUAFILE= yes +# Note: we start the gmock_main and gmock tests first since those take up to +# 60 seconds to build, so starting them late seriously reduces build parallism. +SUBDIR= gmock_main gmock gtest_main gtest + +SUBDIR_PARALLEL= + .include diff --git a/lib/googletest/tests/Makefile.inc b/lib/googletest/tests/Makefile.inc new file mode 100644 index 000000000000..667b5c102930 --- /dev/null +++ b/lib/googletest/tests/Makefile.inc @@ -0,0 +1,18 @@ +# $FreeBSD$ + +.include "../Makefile.inc" +# Keep the existing tests directory structure (with subdirs per component) +# rather than installing all of them to /usr/tests/lib/googletest +TESTSDIR= ${TESTSBASE}/lib/googletest/${.CURDIR:T} + +# Clang's optimizer spends a really long time on these tests at -O2. Changing +# -O2 to -O1 reduces the -j32 time for lib/googletest/test from 131s to 71s. +# Using -O0 further reduces the time to 29s, and also reduces the disk usage +# from 144MB (at -O2) / 92MB (at -O1) to 82MB, so we use -O0. +# Note: Building without debug info saves about 10-15% of the build time, so we +# only enable debug info if DEBUG_FLAGS is not empty (71s -> 64s at -O1 and -j32). +CFLAGS.clang+= -O0 +.if empty(DEBUG_FLAGS) +MK_DEBUG_FILES:=no +CFLAGS.clang+= -g0 +.endif diff --git a/lib/googletest/gmock/tests/Makefile b/lib/googletest/tests/gmock/Makefile similarity index 100% rename from lib/googletest/gmock/tests/Makefile rename to lib/googletest/tests/gmock/Makefile diff --git a/lib/googletest/gmock_main/tests/Makefile b/lib/googletest/tests/gmock_main/Makefile similarity index 100% rename from lib/googletest/gmock_main/tests/Makefile rename to lib/googletest/tests/gmock_main/Makefile diff --git a/lib/googletest/gtest/tests/Makefile b/lib/googletest/tests/gtest/Makefile similarity index 100% rename from lib/googletest/gtest/tests/Makefile rename to lib/googletest/tests/gtest/Makefile diff --git a/lib/googletest/gtest_main/tests/Makefile b/lib/googletest/tests/gtest_main/Makefile similarity index 100% rename from lib/googletest/gtest_main/tests/Makefile rename to lib/googletest/tests/gtest_main/Makefile From owner-dev-commits-src-branches@freebsd.org Thu May 27 21:06:30 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4F6466451E4; Thu, 27 May 2021 21:06:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrgNQ1rw9z4shw; Thu, 27 May 2021 21:06:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 242B22C7B; Thu, 27 May 2021 21:06:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RL6UM9011821; Thu, 27 May 2021 21:06:30 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RL6Urn011820; Thu, 27 May 2021 21:06:30 GMT (envelope-from git) Date: Thu, 27 May 2021 21:06:30 GMT Message-Id: <202105272106.14RL6Urn011820@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: 4b82cd36457d - stable/12 - pf tests: Install common test code MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 4b82cd36457d5340e3f81ddf650d7621ab4f1070 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 21:06:30 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=4b82cd36457d5340e3f81ddf650d7621ab4f1070 commit 4b82cd36457d5340e3f81ddf650d7621ab4f1070 Author: Kristof Provost AuthorDate: 2021-05-27 20:45:10 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 21:05:49 +0000 pf tests: Install common test code (Direct commit to stable/12) --- tests/sys/netpfil/Makefile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/sys/netpfil/Makefile b/tests/sys/netpfil/Makefile index 434c5532b63e..2fb3b1447f10 100644 --- a/tests/sys/netpfil/Makefile +++ b/tests/sys/netpfil/Makefile @@ -4,6 +4,8 @@ TESTSDIR= ${TESTSBASE}/sys/netpfil +TESTS_SUBDIRS+= common + .if ${MK_PF} != "no" TESTS_SUBDIRS+= pf .endif From owner-dev-commits-src-branches@freebsd.org Thu May 27 21:06:31 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9F8206456F6; Thu, 27 May 2021 21:06:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrgNR2YCrz4shy; Thu, 27 May 2021 21:06:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 365D32FE7; Thu, 27 May 2021 21:06:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14RL6VEG011842; Thu, 27 May 2021 21:06:31 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14RL6VWC011841; Thu, 27 May 2021 21:06:31 GMT (envelope-from git) Date: Thu, 27 May 2021 21:06:31 GMT Message-Id: <202105272106.14RL6VWC011841@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kristof Provost Subject: git: d86ad92464a3 - stable/12 - pft_test.py: Support --replyif MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: d86ad92464a3424dcfb5b10a205ef2d267e2dbc1 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 May 2021 21:06:31 -0000 The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=d86ad92464a3424dcfb5b10a205ef2d267e2dbc1 commit d86ad92464a3424dcfb5b10a205ef2d267e2dbc1 Author: Kristof Provost AuthorDate: 2021-01-28 10:02:20 +0000 Commit: Kristof Provost CommitDate: 2021-05-27 21:06:18 +0000 pft_test.py: Support --replyif Partial cherry-picks from: (cherry picked from commit cd579b6fba46b9f5005358d1e82def7b26703224) (cherry picked from commit 6b52139eb8e8eda0ea263b24735556194f918642) --- tests/sys/netpfil/common/pft_ping.py | 84 ++++++++++++++++++++++++++++++++++++ tests/sys/netpfil/common/sniffer.py | 7 ++- 2 files changed, 89 insertions(+), 2 deletions(-) diff --git a/tests/sys/netpfil/common/pft_ping.py b/tests/sys/netpfil/common/pft_ping.py index badc451b9d57..ff4f19f43af7 100644 --- a/tests/sys/netpfil/common/pft_ping.py +++ b/tests/sys/netpfil/common/pft_ping.py @@ -36,6 +36,27 @@ from sniffer import Sniffer PAYLOAD_MAGIC = bytes.fromhex('42c0ffee') +dup_found = 0 + +def check_dup(args, packet): + """ + Verify that this is an ICMP packet, and that we only see one + """ + global dup_found + + icmp = packet.getlayer(sp.ICMP) + if not icmp: + return False + + raw = packet.getlayer(sp.Raw) + if not raw: + return False + if raw.load != PAYLOAD_MAGIC: + return False + + dup_found = dup_found + 1 + return False + def check_ping_request(args, packet): if args.ip6: return check_ping6_request(args, packet) @@ -96,6 +117,35 @@ def check_ping6_request(args, packet): return True +def check_ping_reply(args, packet): + return check_ping4_reply(args, packet) + +def check_ping4_reply(args, packet): + """ + Check that this is a reply to the ping request we sent + """ + dst_ip = args.to[0] + + ip = packet.getlayer(sp.IP) + if not ip: + return False + if ip.src != dst_ip: + return False + + icmp = packet.getlayer(sp.ICMP) + if not icmp: + return False + if sp.icmptypes[icmp.type] != 'echo-reply': + return False + + raw = packet.getlayer(sp.Raw) + if not raw: + return False + if raw.load != PAYLOAD_MAGIC: + return False + + return True + def ping(send_if, dst_ip, args): ether = sp.Ether() ip = sp.IP(dst=dst_ip) @@ -105,6 +155,9 @@ def ping(send_if, dst_ip, args): if args.send_tos: ip.tos = int(args.send_tos[0]) + if args.fromaddr: + ip.src = args.fromaddr[0] + req = ether / ip / icmp / raw sp.sendp(req, iface=send_if, verbose=False) @@ -113,6 +166,9 @@ def ping6(send_if, dst_ip, args): ip6 = sp.IPv6(dst=dst_ip) icmp = sp.ICMPv6EchoRequest(data=sp.raw(PAYLOAD_MAGIC)) + if args.fromaddr: + ip.src = args.fromaddr[0] + req = ether / ip6 / icmp sp.sendp(req, iface=send_if, verbose=False) @@ -170,12 +226,18 @@ def main(): required=True, help='The interface through which the packet(s) will be sent') parser.add_argument('--recvif', nargs=1, + help='The interface on which to expect the ICMP echo request') + parser.add_argument('--replyif', nargs=1, help='The interface on which to expect the ICMP echo response') + parser.add_argument('--checkdup', nargs=1, + help='The interface on which to expect the duplicated ICMP packets') parser.add_argument('--ip6', action='store_true', help='Use IPv6') parser.add_argument('--to', nargs=1, required=True, help='The destination IP address for the ICMP echo request') + parser.add_argument('--fromaddr', nargs=1, + help='The source IP address for the ICMP echo request') # TCP options parser.add_argument('--tcpsyn', action='store_true', @@ -204,6 +266,15 @@ def main(): sniffer = Sniffer(args, checkfn) + replysniffer = None + if not args.replyif is None: + checkfn=check_ping_reply + replysniffer = Sniffer(args, checkfn, recvif=args.replyif[0]) + + dupsniffer = None + if args.checkdup is not None: + dupsniffer = Sniffer(args, check_dup, recvif=args.checkdup[0]) + if args.tcpsyn: tcpsyn(args.sendif[0], args.to[0], args) else: @@ -212,6 +283,11 @@ def main(): else: ping(args.sendif[0], args.to[0], args) + if dupsniffer: + dupsniffer.join() + if dup_found != 1: + sys.exit(1) + if sniffer: sniffer.join() @@ -220,5 +296,13 @@ def main(): else: sys.exit(1) + if replysniffer: + replysniffer.join() + + if replysniffer.foundCorrectPacket: + sys.exit(0) + else: + sys.exit(1) + if __name__ == '__main__': main() diff --git a/tests/sys/netpfil/common/sniffer.py b/tests/sys/netpfil/common/sniffer.py index 58df32cce276..200ac750dd7f 100644 --- a/tests/sys/netpfil/common/sniffer.py +++ b/tests/sys/netpfil/common/sniffer.py @@ -30,11 +30,14 @@ import threading import scapy.all as sp class Sniffer(threading.Thread): - def __init__(self, args, check_function): + def __init__(self, args, check_function, recvif=None): threading.Thread.__init__(self) self._args = args - self._recvif = args.recvif[0] + if recvif is not None: + self._recvif = recvif + else: + self._recvif = args.recvif[0] self._check_function = check_function self.foundCorrectPacket = False From owner-dev-commits-src-branches@freebsd.org Fri May 28 05:28:31 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BC96964BFE3; Fri, 28 May 2021 05:28:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrtWg4wBGz3std; Fri, 28 May 2021 05:28:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8D89B116F9; Fri, 28 May 2021 05:28:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14S5SVS1075588; Fri, 28 May 2021 05:28:31 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14S5SVJQ075587; Fri, 28 May 2021 05:28:31 GMT (envelope-from git) Date: Fri, 28 May 2021 05:28:31 GMT Message-Id: <202105280528.14S5SVJQ075587@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kevin Bowling Subject: git: 1567ceeb09c4 - stable/13 - ixgbe: Clean up unneeded set in ixgbe_if_multi_set MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kbowling X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 1567ceeb09c4ca96201b814f8458a18dc053a206 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 May 2021 05:28:31 -0000 The branch stable/13 has been updated by kbowling (ports committer): URL: https://cgit.FreeBSD.org/src/commit/?id=1567ceeb09c4ca96201b814f8458a18dc053a206 commit 1567ceeb09c4ca96201b814f8458a18dc053a206 Author: Kevin Bowling AuthorDate: 2021-04-19 19:22:22 +0000 Commit: Kevin Bowling CommitDate: 2021-05-28 05:27:44 +0000 ixgbe: Clean up unneeded set in ixgbe_if_multi_set We don't need to set the bits here since the if/else if/else statements fully cover setting these bit pairs. Reported by: markj Reviewed by: markj, erj Approved by: #intel_networking MFC aftter: 1 week Differential Revision: https://reviews.freebsd.org/D29827 (cherry picked from commit deecaa144526a5d001aeb99149e2139601388427) --- sys/dev/ixgbe/if_ix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/dev/ixgbe/if_ix.c b/sys/dev/ixgbe/if_ix.c index 43c9d9c72b9a..49d55d39300a 100644 --- a/sys/dev/ixgbe/if_ix.c +++ b/sys/dev/ixgbe/if_ix.c @@ -3367,7 +3367,7 @@ ixgbe_if_multi_set(if_ctx_t ctx) adapter); fctrl = IXGBE_READ_REG(&adapter->hw, IXGBE_FCTRL); - fctrl |= (IXGBE_FCTRL_UPE | IXGBE_FCTRL_MPE); + if (ifp->if_flags & IFF_PROMISC) fctrl |= (IXGBE_FCTRL_UPE | IXGBE_FCTRL_MPE); else if (mcnt >= MAX_NUM_MULTICAST_ADDRESSES || From owner-dev-commits-src-branches@freebsd.org Fri May 28 05:29:27 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E74EE64C303; Fri, 28 May 2021 05:29:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrtXl6DW1z3sdG; Fri, 28 May 2021 05:29:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BDEDD11977; Fri, 28 May 2021 05:29:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14S5TRts075762; Fri, 28 May 2021 05:29:27 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14S5TR5o075761; Fri, 28 May 2021 05:29:27 GMT (envelope-from git) Date: Fri, 28 May 2021 05:29:27 GMT Message-Id: <202105280529.14S5TR5o075761@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kevin Bowling Subject: git: d88c3f9f0f48 - stable/12 - ixgbe: Clean up unneeded set in ixgbe_if_multi_set MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kbowling X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: d88c3f9f0f484f4f664f5785e9a1286a85a3e267 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 May 2021 05:29:28 -0000 The branch stable/12 has been updated by kbowling (ports committer): URL: https://cgit.FreeBSD.org/src/commit/?id=d88c3f9f0f484f4f664f5785e9a1286a85a3e267 commit d88c3f9f0f484f4f664f5785e9a1286a85a3e267 Author: Kevin Bowling AuthorDate: 2021-04-19 19:22:22 +0000 Commit: Kevin Bowling CommitDate: 2021-05-28 05:29:17 +0000 ixgbe: Clean up unneeded set in ixgbe_if_multi_set We don't need to set the bits here since the if/else if/else statements fully cover setting these bit pairs. Reported by: markj Reviewed by: markj, erj Approved by: #intel_networking MFC aftter: 1 week Differential Revision: https://reviews.freebsd.org/D29827 (cherry picked from commit deecaa144526a5d001aeb99149e2139601388427) --- sys/dev/ixgbe/if_ix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/dev/ixgbe/if_ix.c b/sys/dev/ixgbe/if_ix.c index b987369aefde..63eb1e4caa48 100644 --- a/sys/dev/ixgbe/if_ix.c +++ b/sys/dev/ixgbe/if_ix.c @@ -3273,7 +3273,7 @@ ixgbe_if_multi_set(if_ctx_t ctx) mcnt = if_multi_apply(iflib_get_ifp(ctx), ixgbe_mc_filter_apply, adapter); fctrl = IXGBE_READ_REG(&adapter->hw, IXGBE_FCTRL); - fctrl |= (IXGBE_FCTRL_UPE | IXGBE_FCTRL_MPE); + if (ifp->if_flags & IFF_PROMISC) fctrl |= (IXGBE_FCTRL_UPE | IXGBE_FCTRL_MPE); else if (mcnt >= MAX_NUM_MULTICAST_ADDRESSES || From owner-dev-commits-src-branches@freebsd.org Fri May 28 05:38:20 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0599064C41B; Fri, 28 May 2021 05:38:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Frtkz6X9dz3tKP; Fri, 28 May 2021 05:38:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id C8CD911D20; Fri, 28 May 2021 05:38:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14S5cJGF088676; Fri, 28 May 2021 05:38:19 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14S5cJDG088675; Fri, 28 May 2021 05:38:19 GMT (envelope-from git) Date: Fri, 28 May 2021 05:38:19 GMT Message-Id: <202105280538.14S5cJDG088675@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kevin Bowling Subject: git: 938b01476a3c - stable/13 - e1000: Correct promisc multicast filter handling MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kbowling X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 938b01476a3c0a3c75a0fd263238729b6a38360a Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 May 2021 05:38:20 -0000 The branch stable/13 has been updated by kbowling (ports committer): URL: https://cgit.FreeBSD.org/src/commit/?id=938b01476a3c0a3c75a0fd263238729b6a38360a commit 938b01476a3c0a3c75a0fd263238729b6a38360a Author: Kevin Bowling AuthorDate: 2021-04-16 23:15:50 +0000 Commit: Kevin Bowling CommitDate: 2021-05-28 05:30:03 +0000 e1000: Correct promisc multicast filter handling There are a number of issues in the e1000 multicast filter handling that have been present for a long time. Take the updated approach from ixgbe(4) which does not have the issues. The issues are outlined in the PR, in particular this solves crossing over and under the hardware's filter limit, not programming the hardware filter when we are above its limit, disabling SBP (show bad packets) when the tunable is enabled and exiting promiscuous mode, and an off-by-one error in the em_copy_maddr function. PR: 140647 Reported by: jtl Reviewed by: markj MFC after: 1 month Differential Revision: https://reviews.freebsd.org/D29789 (cherry picked from commit 4b38eed76da9c36f09bff33b5cf15687cd99016f) --- sys/dev/e1000/if_em.c | 62 +++++++++++++++++++++++---------------------------- 1 file changed, 28 insertions(+), 34 deletions(-) diff --git a/sys/dev/e1000/if_em.c b/sys/dev/e1000/if_em.c index 35cedc6dd5c7..2e9ac31589cd 100644 --- a/sys/dev/e1000/if_em.c +++ b/sys/dev/e1000/if_em.c @@ -317,7 +317,6 @@ static int em_enable_phy_wakeup(struct adapter *); static void em_disable_aspm(struct adapter *); int em_intr(void *arg); -static void em_disable_promisc(if_ctx_t ctx); /* MSI-X handlers */ static int em_if_msix_intr_assign(if_ctx_t, int); @@ -1658,11 +1657,20 @@ static int em_if_set_promisc(if_ctx_t ctx, int flags) { struct adapter *adapter = iflib_get_softc(ctx); + struct ifnet *ifp = iflib_get_ifp(ctx); u32 reg_rctl; - - em_disable_promisc(ctx); + int mcnt = 0; reg_rctl = E1000_READ_REG(&adapter->hw, E1000_RCTL); + reg_rctl &= ~(E1000_RCTL_SBP | E1000_RCTL_UPE); + if (flags & IFF_ALLMULTI) + mcnt = MAX_NUM_MULTICAST_ADDRESSES; + else + mcnt = min(if_llmaddr_count(ifp), MAX_NUM_MULTICAST_ADDRESSES); + + if (mcnt < MAX_NUM_MULTICAST_ADDRESSES) + reg_rctl &= (~E1000_RCTL_MPE); + E1000_WRITE_REG(&adapter->hw, E1000_RCTL, reg_rctl); if (flags & IFF_PROMISC) { reg_rctl |= (E1000_RCTL_UPE | E1000_RCTL_MPE); @@ -1678,37 +1686,15 @@ em_if_set_promisc(if_ctx_t ctx, int flags) return (0); } -static void -em_disable_promisc(if_ctx_t ctx) -{ - struct adapter *adapter = iflib_get_softc(ctx); - struct ifnet *ifp = iflib_get_ifp(ctx); - u32 reg_rctl; - int mcnt = 0; - - reg_rctl = E1000_READ_REG(&adapter->hw, E1000_RCTL); - reg_rctl &= (~E1000_RCTL_UPE); - if (if_getflags(ifp) & IFF_ALLMULTI) - mcnt = MAX_NUM_MULTICAST_ADDRESSES; - else - mcnt = if_llmaddr_count(ifp); - /* Don't disable if in MAX groups */ - if (mcnt < MAX_NUM_MULTICAST_ADDRESSES) - reg_rctl &= (~E1000_RCTL_MPE); - reg_rctl &= (~E1000_RCTL_SBP); - E1000_WRITE_REG(&adapter->hw, E1000_RCTL, reg_rctl); -} - - static u_int -em_copy_maddr(void *arg, struct sockaddr_dl *sdl, u_int cnt) +em_copy_maddr(void *arg, struct sockaddr_dl *sdl, u_int idx) { u8 *mta = arg; - if (cnt == MAX_NUM_MULTICAST_ADDRESSES) - return (1); + if (idx == MAX_NUM_MULTICAST_ADDRESSES) + return (0); - bcopy(LLADDR(sdl), &mta[cnt * ETHER_ADDR_LEN], ETHER_ADDR_LEN); + bcopy(LLADDR(sdl), &mta[idx * ETHER_ADDR_LEN], ETHER_ADDR_LEN); return (1); } @@ -1719,14 +1705,13 @@ em_copy_maddr(void *arg, struct sockaddr_dl *sdl, u_int cnt) * This routine is called whenever multicast address list is updated. * **********************************************************************/ - static void em_if_multi_set(if_ctx_t ctx) { struct adapter *adapter = iflib_get_softc(ctx); struct ifnet *ifp = iflib_get_ifp(ctx); - u32 reg_rctl = 0; u8 *mta; /* Multicast array memory */ + u32 reg_rctl = 0; int mcnt = 0; IOCTL_DEBUGOUT("em_set_multi: begin"); @@ -1746,11 +1731,20 @@ em_if_multi_set(if_ctx_t ctx) mcnt = if_foreach_llmaddr(ifp, em_copy_maddr, mta); - if (mcnt >= MAX_NUM_MULTICAST_ADDRESSES) { - reg_rctl = E1000_READ_REG(&adapter->hw, E1000_RCTL); + reg_rctl = E1000_READ_REG(&adapter->hw, E1000_RCTL); + + if (if_getflags(ifp) & IFF_PROMISC) + reg_rctl |= (E1000_RCTL_UPE | E1000_RCTL_MPE); + else if (mcnt >= MAX_NUM_MULTICAST_ADDRESSES || + if_getflags(ifp) & IFF_ALLMULTI) { reg_rctl |= E1000_RCTL_MPE; - E1000_WRITE_REG(&adapter->hw, E1000_RCTL, reg_rctl); + reg_rctl &= ~E1000_RCTL_UPE; } else + reg_rctl &= ~(E1000_RCTL_UPE | E1000_RCTL_MPE); + + E1000_WRITE_REG(&adapter->hw, E1000_RCTL, reg_rctl); + + if (mcnt < MAX_NUM_MULTICAST_ADDRESSES) e1000_update_mc_addr_list(&adapter->hw, mta, mcnt); if (adapter->hw.mac.type == e1000_82542 && From owner-dev-commits-src-branches@freebsd.org Fri May 28 05:46:46 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 715ED64C2BC; Fri, 28 May 2021 05:46:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Frtwk2pX6z3tfc; Fri, 28 May 2021 05:46:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 40BE812145; Fri, 28 May 2021 05:46:46 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14S5kkhx002628; Fri, 28 May 2021 05:46:46 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14S5kkVd002627; Fri, 28 May 2021 05:46:46 GMT (envelope-from git) Date: Fri, 28 May 2021 05:46:46 GMT Message-Id: <202105280546.14S5kkVd002627@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kevin Bowling Subject: git: 60b1634944ed - stable/12 - e1000: Improve device name strings MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kbowling X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 60b1634944ed4c19c1db5d1c5f9ed9c83ed6585b Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 May 2021 05:46:46 -0000 The branch stable/12 has been updated by kbowling (ports committer): URL: https://cgit.FreeBSD.org/src/commit/?id=60b1634944ed4c19c1db5d1c5f9ed9c83ed6585b commit 60b1634944ed4c19c1db5d1c5f9ed9c83ed6585b Author: Kevin Bowling AuthorDate: 2021-04-21 05:27:48 +0000 Commit: Kevin Bowling CommitDate: 2021-05-28 05:46:06 +0000 e1000: Improve device name strings This is just clerical work to ease bug triage and may be used to set expectations around the ability for anyone in the community to perform testing and development on older parts (this driver covers over 20 years of silicon) Reviewed by: erj Approved by: markj Sponsored by: Pink Floyd - Any Colour You Like (in kind) Differential Revision: https://reviews.freebsd.org/D29872 (cherry picked from commit 0f6bea61edb4d055fe6e340aab3685054a582020) --- sys/dev/e1000/if_em.c | 366 +++++++++++++++++++++++++------------------------- 1 file changed, 183 insertions(+), 183 deletions(-) diff --git a/sys/dev/e1000/if_em.c b/sys/dev/e1000/if_em.c index ce60b1f5d437..f284de275066 100644 --- a/sys/dev/e1000/if_em.c +++ b/sys/dev/e1000/if_em.c @@ -51,195 +51,195 @@ char em_driver_version[] = "7.6.1-k"; static pci_vendor_info_t em_vendor_info_array[] = { - /* Intel(R) PRO/1000 Network Connection - Legacy em*/ - PVID(0x8086, E1000_DEV_ID_82540EM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82540EM_LOM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82540EP, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82540EP_LOM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82540EP_LP, "Intel(R) PRO/1000 Network Connection"), - - PVID(0x8086, E1000_DEV_ID_82541EI, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82541ER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82541ER_LOM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82541EI_MOBILE, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82541GI, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82541GI_LF, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82541GI_MOBILE, "Intel(R) PRO/1000 Network Connection"), - - PVID(0x8086, E1000_DEV_ID_82542, "Intel(R) PRO/1000 Network Connection"), - - PVID(0x8086, E1000_DEV_ID_82543GC_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82543GC_COPPER, "Intel(R) PRO/1000 Network Connection"), - - PVID(0x8086, E1000_DEV_ID_82544EI_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82544EI_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82544GC_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82544GC_LOM, "Intel(R) PRO/1000 Network Connection"), - - PVID(0x8086, E1000_DEV_ID_82545EM_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82545EM_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82545GM_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82545GM_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82545GM_SERDES, "Intel(R) PRO/1000 Network Connection"), - - PVID(0x8086, E1000_DEV_ID_82546EB_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82546EB_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82546EB_QUAD_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82546GB_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82546GB_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82546GB_SERDES, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82546GB_PCIE, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82546GB_QUAD_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82546GB_QUAD_COPPER_KSP3, "Intel(R) PRO/1000 Network Connection"), - - PVID(0x8086, E1000_DEV_ID_82547EI, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82547EI_MOBILE, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82547GI, "Intel(R) PRO/1000 Network Connection"), - - /* Intel(R) PRO/1000 Network Connection - em */ - PVID(0x8086, E1000_DEV_ID_82571EB_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82571EB_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82571EB_SERDES, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82571EB_SERDES_DUAL, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82571EB_SERDES_QUAD, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82571EB_QUAD_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82571EB_QUAD_COPPER_LP, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82571EB_QUAD_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82571PT_QUAD_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82572EI, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82572EI_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82572EI_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82572EI_SERDES, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82573E, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82573E_IAMT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82573L, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82583V, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_80003ES2LAN_COPPER_SPT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_80003ES2LAN_SERDES_SPT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_80003ES2LAN_COPPER_DPT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_80003ES2LAN_SERDES_DPT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH8_IGP_M_AMT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH8_IGP_AMT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH8_IGP_C, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH8_IFE, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH8_IFE_GT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH8_IFE_G, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH8_IGP_M, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH8_82567V_3, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_IGP_M_AMT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_IGP_AMT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_IGP_C, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_IGP_M, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_IGP_M_V, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_IFE, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_IFE_GT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_IFE_G, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_BM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82574L, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82574LA, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH10_R_BM_LM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH10_R_BM_LF, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH10_R_BM_V, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH10_D_BM_LM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH10_D_BM_LF, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH10_D_BM_V, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_M_HV_LM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_M_HV_LC, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_D_HV_DM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_D_HV_DC, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH2_LV_LM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH2_LV_V, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_LPT_I217_LM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_LPT_I217_V, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_LPTLP_I218_LM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_LPTLP_I218_V, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_I218_LM2, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_I218_V2, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_I218_LM3, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_I218_V3, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_LM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_V, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_LM2, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_V2, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_LBG_I219_LM3, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_LM4, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_V4, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_LM5, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_V5, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CNP_I219_LM6, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CNP_I219_V6, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CNP_I219_LM7, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CNP_I219_V7, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_ICP_I219_LM8, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_ICP_I219_V8, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_ICP_I219_LM9, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_ICP_I219_V9, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_LM10, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_V10, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_LM11, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_V11, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_LM12, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_V12, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_LM13, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_V13, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_LM14, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_V14, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_LM15, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_V15, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_ADL_I219_LM16, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_ADL_I219_V16, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_ADL_I219_LM17, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_ADL_I219_V17, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_MTP_I219_LM18, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_MTP_I219_V18, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_MTP_I219_LM19, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_MTP_I219_V19, "Intel(R) PRO/1000 Network Connection"), + /* Intel(R) - lem-class legacy devices */ + PVID(0x8086, E1000_DEV_ID_82540EM, "Intel(R) Legacy PRO/1000 MT 82540EM"), + PVID(0x8086, E1000_DEV_ID_82540EM_LOM, "Intel(R) Legacy PRO/1000 MT 82540EM (LOM)"), + PVID(0x8086, E1000_DEV_ID_82540EP, "Intel(R) Legacy PRO/1000 MT 82540EP"), + PVID(0x8086, E1000_DEV_ID_82540EP_LOM, "Intel(R) Legacy PRO/1000 MT 82540EP (LOM)"), + PVID(0x8086, E1000_DEV_ID_82540EP_LP, "Intel(R) Legacy PRO/1000 MT 82540EP (Mobile)"), + + PVID(0x8086, E1000_DEV_ID_82541EI, "Intel(R) Legacy PRO/1000 MT 82541EI (Copper)"), + PVID(0x8086, E1000_DEV_ID_82541ER, "Intel(R) Legacy PRO/1000 82541ER"), + PVID(0x8086, E1000_DEV_ID_82541ER_LOM, "Intel(R) Legacy PRO/1000 MT 82541ER"), + PVID(0x8086, E1000_DEV_ID_82541EI_MOBILE, "Intel(R) Legacy PRO/1000 MT 82541EI (Mobile)"), + PVID(0x8086, E1000_DEV_ID_82541GI, "Intel(R) Legacy PRO/1000 MT 82541GI"), + PVID(0x8086, E1000_DEV_ID_82541GI_LF, "Intel(R) Legacy PRO/1000 GT 82541PI"), + PVID(0x8086, E1000_DEV_ID_82541GI_MOBILE, "Intel(R) Legacy PRO/1000 MT 82541GI (Mobile)"), + + PVID(0x8086, E1000_DEV_ID_82542, "Intel(R) Legacy PRO/1000 82542 (Fiber)"), + + PVID(0x8086, E1000_DEV_ID_82543GC_FIBER, "Intel(R) Legacy PRO/1000 F 82543GC (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82543GC_COPPER, "Intel(R) Legacy PRO/1000 T 82543GC (Copper)"), + + PVID(0x8086, E1000_DEV_ID_82544EI_COPPER, "Intel(R) Legacy PRO/1000 XT 82544EI (Copper)"), + PVID(0x8086, E1000_DEV_ID_82544EI_FIBER, "Intel(R) Legacy PRO/1000 XF 82544EI (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82544GC_COPPER, "Intel(R) Legacy PRO/1000 T 82544GC (Copper)"), + PVID(0x8086, E1000_DEV_ID_82544GC_LOM, "Intel(R) Legacy PRO/1000 XT 82544GC (LOM)"), + + PVID(0x8086, E1000_DEV_ID_82545EM_COPPER, "Intel(R) Legacy PRO/1000 MT 82545EM (Copper)"), + PVID(0x8086, E1000_DEV_ID_82545EM_FIBER, "Intel(R) Legacy PRO/1000 MF 82545EM (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82545GM_COPPER, "Intel(R) Legacy PRO/1000 MT 82545GM (Copper)"), + PVID(0x8086, E1000_DEV_ID_82545GM_FIBER, "Intel(R) Legacy PRO/1000 MF 82545GM (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82545GM_SERDES, "Intel(R) Legacy PRO/1000 MB 82545GM (SERDES)"), + + PVID(0x8086, E1000_DEV_ID_82546EB_COPPER, "Intel(R) Legacy PRO/1000 MT 82546EB (Copper)"), + PVID(0x8086, E1000_DEV_ID_82546EB_FIBER, "Intel(R) Legacy PRO/1000 MF 82546EB (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82546EB_QUAD_COPPER, "Intel(R) Legacy PRO/1000 MT 82546EB (Quad Copper"), + PVID(0x8086, E1000_DEV_ID_82546GB_COPPER, "Intel(R) Legacy PRO/1000 MT 82546GB (Copper)"), + PVID(0x8086, E1000_DEV_ID_82546GB_FIBER, "Intel(R) Legacy PRO/1000 MF 82546GB (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82546GB_SERDES, "Intel(R) Legacy PRO/1000 MB 82546GB (SERDES)"), + PVID(0x8086, E1000_DEV_ID_82546GB_PCIE, "Intel(R) Legacy PRO/1000 P 82546GB (PCIe)"), + PVID(0x8086, E1000_DEV_ID_82546GB_QUAD_COPPER, "Intel(R) Legacy PRO/1000 GT 82546GB (Quad Copper)"), + PVID(0x8086, E1000_DEV_ID_82546GB_QUAD_COPPER_KSP3, "Intel(R) Legacy PRO/1000 GT 82546GB (Quad Copper)"), + + PVID(0x8086, E1000_DEV_ID_82547EI, "Intel(R) Legacy PRO/1000 CT 82547EI"), + PVID(0x8086, E1000_DEV_ID_82547EI_MOBILE, "Intel(R) Legacy PRO/1000 CT 82547EI (Mobile)"), + PVID(0x8086, E1000_DEV_ID_82547GI, "Intel(R) Legacy PRO/1000 CT 82547GI"), + + /* Intel(R) - em-class devices */ + PVID(0x8086, E1000_DEV_ID_82571EB_COPPER, "Intel(R) PRO/1000 PT 82571EB/82571GB (Copper)"), + PVID(0x8086, E1000_DEV_ID_82571EB_FIBER, "Intel(R) PRO/1000 PF 82571EB/82571GB (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82571EB_SERDES, "Intel(R) PRO/1000 PB 82571EB (SERDES)"), + PVID(0x8086, E1000_DEV_ID_82571EB_SERDES_DUAL, "Intel(R) PRO/1000 82571EB (Dual Mezzanine)"), + PVID(0x8086, E1000_DEV_ID_82571EB_SERDES_QUAD, "Intel(R) PRO/1000 82571EB (Quad Mezzanine)"), + PVID(0x8086, E1000_DEV_ID_82571EB_QUAD_COPPER, "Intel(R) PRO/1000 PT 82571EB/82571GB (Quad Copper)"), + PVID(0x8086, E1000_DEV_ID_82571EB_QUAD_COPPER_LP, "Intel(R) PRO/1000 PT 82571EB/82571GB (Quad Copper)"), + PVID(0x8086, E1000_DEV_ID_82571EB_QUAD_FIBER, "Intel(R) PRO/1000 PF 82571EB (Quad Fiber)"), + PVID(0x8086, E1000_DEV_ID_82571PT_QUAD_COPPER, "Intel(R) PRO/1000 PT 82571PT (Quad Copper)"), + PVID(0x8086, E1000_DEV_ID_82572EI, "Intel(R) PRO/1000 PT 82572EI (Copper)"), + PVID(0x8086, E1000_DEV_ID_82572EI_COPPER, "Intel(R) PRO/1000 PT 82572EI (Copper)"), + PVID(0x8086, E1000_DEV_ID_82572EI_FIBER, "Intel(R) PRO/1000 PF 82572EI (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82572EI_SERDES, "Intel(R) PRO/1000 82572EI (SERDES)"), + PVID(0x8086, E1000_DEV_ID_82573E, "Intel(R) PRO/1000 82573E (Copper)"), + PVID(0x8086, E1000_DEV_ID_82573E_IAMT, "Intel(R) PRO/1000 82573E AMT (Copper)"), + PVID(0x8086, E1000_DEV_ID_82573L, "Intel(R) PRO/1000 82573L"), + PVID(0x8086, E1000_DEV_ID_82583V, "Intel(R) 82583V"), + PVID(0x8086, E1000_DEV_ID_80003ES2LAN_COPPER_SPT, "Intel(R) 80003ES2LAN (Copper)"), + PVID(0x8086, E1000_DEV_ID_80003ES2LAN_SERDES_SPT, "Intel(R) 80003ES2LAN (SERDES)"), + PVID(0x8086, E1000_DEV_ID_80003ES2LAN_COPPER_DPT, "Intel(R) 80003ES2LAN (Dual Copper)"), + PVID(0x8086, E1000_DEV_ID_80003ES2LAN_SERDES_DPT, "Intel(R) 80003ES2LAN (Dual SERDES)"), + PVID(0x8086, E1000_DEV_ID_ICH8_IGP_M_AMT, "Intel(R) 82566MM ICH8 AMT (Mobile)"), + PVID(0x8086, E1000_DEV_ID_ICH8_IGP_AMT, "Intel(R) 82566DM ICH8 AMT"), + PVID(0x8086, E1000_DEV_ID_ICH8_IGP_C, "Intel(R) 82566DC ICH8"), + PVID(0x8086, E1000_DEV_ID_ICH8_IFE, "Intel(R) 82562V ICH8"), + PVID(0x8086, E1000_DEV_ID_ICH8_IFE_GT, "Intel(R) 82562GT ICH8"), + PVID(0x8086, E1000_DEV_ID_ICH8_IFE_G, "Intel(R) 82562G ICH8"), + PVID(0x8086, E1000_DEV_ID_ICH8_IGP_M, "Intel(R) 82566MC ICH8"), + PVID(0x8086, E1000_DEV_ID_ICH8_82567V_3, "Intel(R) 82567V-3 ICH8"), + PVID(0x8086, E1000_DEV_ID_ICH9_IGP_M_AMT, "Intel(R) 82567LM ICH9 AMT"), + PVID(0x8086, E1000_DEV_ID_ICH9_IGP_AMT, "Intel(R) 82566DM-2 ICH9 AMT"), + PVID(0x8086, E1000_DEV_ID_ICH9_IGP_C, "Intel(R) 82566DC-2 ICH9"), + PVID(0x8086, E1000_DEV_ID_ICH9_IGP_M, "Intel(R) 82567LF ICH9"), + PVID(0x8086, E1000_DEV_ID_ICH9_IGP_M_V, "Intel(R) 82567V ICH9"), + PVID(0x8086, E1000_DEV_ID_ICH9_IFE, "Intel(R) 82562V-2 ICH9"), + PVID(0x8086, E1000_DEV_ID_ICH9_IFE_GT, "Intel(R) 82562GT-2 ICH9"), + PVID(0x8086, E1000_DEV_ID_ICH9_IFE_G, "Intel(R) 82562G-2 ICH9"), + PVID(0x8086, E1000_DEV_ID_ICH9_BM, "Intel(R) 82567LM-4 ICH9"), + PVID(0x8086, E1000_DEV_ID_82574L, "Intel(R) Gigabit CT 82574L"), + PVID(0x8086, E1000_DEV_ID_82574LA, "Intel(R) 82574L-Apple"), + PVID(0x8086, E1000_DEV_ID_ICH10_R_BM_LM, "Intel(R) 82567LM-2 ICH10"), + PVID(0x8086, E1000_DEV_ID_ICH10_R_BM_LF, "Intel(R) 82567LF-2 ICH10"), + PVID(0x8086, E1000_DEV_ID_ICH10_R_BM_V, "Intel(R) 82567V-2 ICH10"), + PVID(0x8086, E1000_DEV_ID_ICH10_D_BM_LM, "Intel(R) 82567LM-3 ICH10"), + PVID(0x8086, E1000_DEV_ID_ICH10_D_BM_LF, "Intel(R) 82567LF-3 ICH10"), + PVID(0x8086, E1000_DEV_ID_ICH10_D_BM_V, "Intel(R) 82567V-4 ICH10"), + PVID(0x8086, E1000_DEV_ID_PCH_M_HV_LM, "Intel(R) 82577LM"), + PVID(0x8086, E1000_DEV_ID_PCH_M_HV_LC, "Intel(R) 82577LC"), + PVID(0x8086, E1000_DEV_ID_PCH_D_HV_DM, "Intel(R) 82578DM"), + PVID(0x8086, E1000_DEV_ID_PCH_D_HV_DC, "Intel(R) 82578DC"), + PVID(0x8086, E1000_DEV_ID_PCH2_LV_LM, "Intel(R) 82579LM"), + PVID(0x8086, E1000_DEV_ID_PCH2_LV_V, "Intel(R) 82579V"), + PVID(0x8086, E1000_DEV_ID_PCH_LPT_I217_LM, "Intel(R) I217-LM LPT"), + PVID(0x8086, E1000_DEV_ID_PCH_LPT_I217_V, "Intel(R) I217-V LPT"), + PVID(0x8086, E1000_DEV_ID_PCH_LPTLP_I218_LM, "Intel(R) I218-LM LPTLP"), + PVID(0x8086, E1000_DEV_ID_PCH_LPTLP_I218_V, "Intel(R) I218-V LPTLP"), + PVID(0x8086, E1000_DEV_ID_PCH_I218_LM2, "Intel(R) I218-LM (2)"), + PVID(0x8086, E1000_DEV_ID_PCH_I218_V2, "Intel(R) I218-V (2)"), + PVID(0x8086, E1000_DEV_ID_PCH_I218_LM3, "Intel(R) I218-LM (3)"), + PVID(0x8086, E1000_DEV_ID_PCH_I218_V3, "Intel(R) I218-V (3)"), + PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_LM, "Intel(R) I219-LM SPT"), + PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_V, "Intel(R) I219-V SPT"), + PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_LM2, "Intel(R) I219-LM SPT-H(2)"), + PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_V2, "Intel(R) I219-V SPT-H(2)"), + PVID(0x8086, E1000_DEV_ID_PCH_LBG_I219_LM3, "Intel(R) I219-LM LBG(3)"), + PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_LM4, "Intel(R) I219-LM SPT(4)"), + PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_V4, "Intel(R) I219-V SPT(4)"), + PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_LM5, "Intel(R) I219-LM SPT(5)"), + PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_V5, "Intel(R) I219-V SPT(5)"), + PVID(0x8086, E1000_DEV_ID_PCH_CNP_I219_LM6, "Intel(R) I219-LM CNP(6)"), + PVID(0x8086, E1000_DEV_ID_PCH_CNP_I219_V6, "Intel(R) I219-V CNP(6)"), + PVID(0x8086, E1000_DEV_ID_PCH_CNP_I219_LM7, "Intel(R) I219-LM CNP(7)"), + PVID(0x8086, E1000_DEV_ID_PCH_CNP_I219_V7, "Intel(R) I219-V CNP(7)"), + PVID(0x8086, E1000_DEV_ID_PCH_ICP_I219_LM8, "Intel(R) I219-LM ICP(8)"), + PVID(0x8086, E1000_DEV_ID_PCH_ICP_I219_V8, "Intel(R) I219-V ICP(8)"), + PVID(0x8086, E1000_DEV_ID_PCH_ICP_I219_LM9, "Intel(R) I219-LM ICP(9)"), + PVID(0x8086, E1000_DEV_ID_PCH_ICP_I219_V9, "Intel(R) I219-V ICP(9)"), + PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_LM10, "Intel(R) I219-LM CMP(10)"), + PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_V10, "Intel(R) I219-V CMP(10)"), + PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_LM11, "Intel(R) I219-LM CMP(11)"), + PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_V11, "Intel(R) I219-V CMP(11)"), + PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_LM12, "Intel(R) I219-LM CMP(12)"), + PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_V12, "Intel(R) I219-V CMP(12)"), + PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_LM13, "Intel(R) I219-LM TGP(13)"), + PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_V13, "Intel(R) I219-V TGP(13)"), + PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_LM14, "Intel(R) I219-LM TGP(14)"), + PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_V14, "Intel(R) I219-V GTP(14)"), + PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_LM15, "Intel(R) I219-LM TGP(15)"), + PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_V15, "Intel(R) I219-V TGP(15)"), + PVID(0x8086, E1000_DEV_ID_PCH_ADL_I219_LM16, "Intel(R) I219-LM ADL(16)"), + PVID(0x8086, E1000_DEV_ID_PCH_ADL_I219_V16, "Intel(R) I219-V ADL(16)"), + PVID(0x8086, E1000_DEV_ID_PCH_ADL_I219_LM17, "Intel(R) I219-LM ADL(17)"), + PVID(0x8086, E1000_DEV_ID_PCH_ADL_I219_V17, "Intel(R) I219-V ADL(17)"), + PVID(0x8086, E1000_DEV_ID_PCH_MTP_I219_LM18, "Intel(R) I219-LM MTP(18)"), + PVID(0x8086, E1000_DEV_ID_PCH_MTP_I219_V18, "Intel(R) I219-V MTP(18)"), + PVID(0x8086, E1000_DEV_ID_PCH_MTP_I219_LM19, "Intel(R) I219-LM MTP(19)"), + PVID(0x8086, E1000_DEV_ID_PCH_MTP_I219_V19, "Intel(R) I219-V MTP(19)"), /* required last entry */ PVID_END }; static pci_vendor_info_t igb_vendor_info_array[] = { - /* Intel(R) PRO/1000 Network Connection - igb */ - PVID(0x8086, E1000_DEV_ID_82575EB_COPPER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82575EB_FIBER_SERDES, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82575GB_QUAD_COPPER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576_NS, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576_NS_SERDES, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576_FIBER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576_SERDES, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576_SERDES_QUAD, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576_QUAD_COPPER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576_QUAD_COPPER_ET2, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576_VF, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82580_COPPER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82580_FIBER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82580_SERDES, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82580_SGMII, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82580_COPPER_DUAL, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82580_QUAD_FIBER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_DH89XXCC_SERDES, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_DH89XXCC_SGMII, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_DH89XXCC_SFP, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_DH89XXCC_BACKPLANE, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I350_COPPER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I350_FIBER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I350_SERDES, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I350_SGMII, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I350_VF, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I210_COPPER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I210_COPPER_IT, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I210_COPPER_OEM1, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I210_COPPER_FLASHLESS, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I210_SERDES_FLASHLESS, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I210_FIBER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I210_SERDES, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I210_SGMII, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I211_COPPER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I354_BACKPLANE_1GBPS, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I354_BACKPLANE_2_5GBPS, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I354_SGMII, "Intel(R) PRO/1000 PCI-Express Network Driver"), + /* Intel(R) - igb-class devices */ + PVID(0x8086, E1000_DEV_ID_82575EB_COPPER, "Intel(R) PRO/1000 82575EB (Copper)"), + PVID(0x8086, E1000_DEV_ID_82575EB_FIBER_SERDES, "Intel(R) PRO/1000 82575EB (SERDES)"), + PVID(0x8086, E1000_DEV_ID_82575GB_QUAD_COPPER, "Intel(R) PRO/1000 VT 82575GB (Quad Copper)"), + PVID(0x8086, E1000_DEV_ID_82576, "Intel(R) PRO/1000 82576"), + PVID(0x8086, E1000_DEV_ID_82576_NS, "Intel(R) PRO/1000 82576NS"), + PVID(0x8086, E1000_DEV_ID_82576_NS_SERDES, "Intel(R) PRO/1000 82576NS (SERDES)"), + PVID(0x8086, E1000_DEV_ID_82576_FIBER, "Intel(R) PRO/1000 EF 82576 (Dual Fiber)"), + PVID(0x8086, E1000_DEV_ID_82576_SERDES, "Intel(R) PRO/1000 82576 (Dual SERDES)"), + PVID(0x8086, E1000_DEV_ID_82576_SERDES_QUAD, "Intel(R) PRO/1000 ET 82576 (Quad SERDES)"), + PVID(0x8086, E1000_DEV_ID_82576_QUAD_COPPER, "Intel(R) PRO/1000 ET 82576 (Quad Copper)"), + PVID(0x8086, E1000_DEV_ID_82576_QUAD_COPPER_ET2, "Intel(R) PRO/1000 ET(2) 82576 (Quad Copper)"), + PVID(0x8086, E1000_DEV_ID_82576_VF, "Intel(R) PRO/1000 82576 Virtual Function"), + PVID(0x8086, E1000_DEV_ID_82580_COPPER, "Intel(R) I340 82580 (Copper)"), + PVID(0x8086, E1000_DEV_ID_82580_FIBER, "Intel(R) I340 82580 (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82580_SERDES, "Intel(R) I340 82580 (SERDES)"), + PVID(0x8086, E1000_DEV_ID_82580_SGMII, "Intel(R) I340 82580 (SGMII)"), + PVID(0x8086, E1000_DEV_ID_82580_COPPER_DUAL, "Intel(R) I340-T2 82580 (Dual Copper)"), + PVID(0x8086, E1000_DEV_ID_82580_QUAD_FIBER, "Intel(R) I340-F4 82580 (Quad Fiber)"), + PVID(0x8086, E1000_DEV_ID_DH89XXCC_SERDES, "Intel(R) DH89XXCC (SERDES)"), + PVID(0x8086, E1000_DEV_ID_DH89XXCC_SGMII, "Intel(R) I347-AT4 DH89XXCC"), + PVID(0x8086, E1000_DEV_ID_DH89XXCC_SFP, "Intel(R) DH89XXCC (SFP)"), + PVID(0x8086, E1000_DEV_ID_DH89XXCC_BACKPLANE, "Intel(R) DH89XXCC (Backplane)"), + PVID(0x8086, E1000_DEV_ID_I350_COPPER, "Intel(R) I350 (Copper)"), + PVID(0x8086, E1000_DEV_ID_I350_FIBER, "Intel(R) I350 (Fiber)"), + PVID(0x8086, E1000_DEV_ID_I350_SERDES, "Intel(R) I350 (SERDES)"), + PVID(0x8086, E1000_DEV_ID_I350_SGMII, "Intel(R) I350 (SGMII)"), + PVID(0x8086, E1000_DEV_ID_I350_VF, "Intel(R) I350 Virtual Function"), + PVID(0x8086, E1000_DEV_ID_I210_COPPER, "Intel(R) I210 (Copper)"), + PVID(0x8086, E1000_DEV_ID_I210_COPPER_IT, "Intel(R) I210 IT (Copper)"), + PVID(0x8086, E1000_DEV_ID_I210_COPPER_OEM1, "Intel(R) I210 (OEM)"), + PVID(0x8086, E1000_DEV_ID_I210_COPPER_FLASHLESS, "Intel(R) I210 Flashless (Copper)"), + PVID(0x8086, E1000_DEV_ID_I210_SERDES_FLASHLESS, "Intel(R) I210 Flashless (SERDES)"), + PVID(0x8086, E1000_DEV_ID_I210_FIBER, "Intel(R) I210 (Fiber)"), + PVID(0x8086, E1000_DEV_ID_I210_SERDES, "Intel(R) I210 (SERDES)"), + PVID(0x8086, E1000_DEV_ID_I210_SGMII, "Intel(R) I210 (SGMII)"), + PVID(0x8086, E1000_DEV_ID_I211_COPPER, "Intel(R) I211 (Copper)"), + PVID(0x8086, E1000_DEV_ID_I354_BACKPLANE_1GBPS, "Intel(R) I354 (1.0 GbE Backplane)"), + PVID(0x8086, E1000_DEV_ID_I354_BACKPLANE_2_5GBPS, "Intel(R) I354 (2.5 GbE Backplane)"), + PVID(0x8086, E1000_DEV_ID_I354_SGMII, "Intel(R) I354 (SGMII)"), /* required last entry */ PVID_END }; From owner-dev-commits-src-branches@freebsd.org Fri May 28 05:50:48 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0CC2164C731; Fri, 28 May 2021 05:50:48 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Frv1M701rz3tq7; Fri, 28 May 2021 05:50:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D87AD12012; Fri, 28 May 2021 05:50:47 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14S5olxP011396; Fri, 28 May 2021 05:50:47 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14S5oldM011395; Fri, 28 May 2021 05:50:47 GMT (envelope-from git) Date: Fri, 28 May 2021 05:50:47 GMT Message-Id: <202105280550.14S5oldM011395@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kevin Bowling Subject: git: e09d1b7ec466 - stable/13 - e1000: Improve device name strings MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kbowling X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: e09d1b7ec46623194fd1bc838e788b6290e492c0 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 May 2021 05:50:48 -0000 The branch stable/13 has been updated by kbowling (ports committer): URL: https://cgit.FreeBSD.org/src/commit/?id=e09d1b7ec46623194fd1bc838e788b6290e492c0 commit e09d1b7ec46623194fd1bc838e788b6290e492c0 Author: Kevin Bowling AuthorDate: 2021-04-21 05:27:48 +0000 Commit: Kevin Bowling CommitDate: 2021-05-28 05:45:36 +0000 e1000: Improve device name strings This is just clerical work to ease bug triage and may be used to set expectations around the ability for anyone in the community to perform testing and development on older parts (this driver covers over 20 years of silicon) Reviewed by: erj Approved by: markj Sponsored by: Pink Floyd - Any Colour You Like (in kind) Differential Revision: https://reviews.freebsd.org/D29872 (cherry picked from commit 0f6bea61edb4d055fe6e340aab3685054a582020) --- sys/dev/e1000/if_em.c | 366 +++++++++++++++++++++++++------------------------- 1 file changed, 183 insertions(+), 183 deletions(-) diff --git a/sys/dev/e1000/if_em.c b/sys/dev/e1000/if_em.c index 2e9ac31589cd..f7dab611c13f 100644 --- a/sys/dev/e1000/if_em.c +++ b/sys/dev/e1000/if_em.c @@ -51,195 +51,195 @@ char em_driver_version[] = "7.6.1-k"; static pci_vendor_info_t em_vendor_info_array[] = { - /* Intel(R) PRO/1000 Network Connection - Legacy em*/ - PVID(0x8086, E1000_DEV_ID_82540EM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82540EM_LOM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82540EP, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82540EP_LOM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82540EP_LP, "Intel(R) PRO/1000 Network Connection"), - - PVID(0x8086, E1000_DEV_ID_82541EI, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82541ER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82541ER_LOM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82541EI_MOBILE, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82541GI, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82541GI_LF, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82541GI_MOBILE, "Intel(R) PRO/1000 Network Connection"), - - PVID(0x8086, E1000_DEV_ID_82542, "Intel(R) PRO/1000 Network Connection"), - - PVID(0x8086, E1000_DEV_ID_82543GC_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82543GC_COPPER, "Intel(R) PRO/1000 Network Connection"), - - PVID(0x8086, E1000_DEV_ID_82544EI_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82544EI_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82544GC_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82544GC_LOM, "Intel(R) PRO/1000 Network Connection"), - - PVID(0x8086, E1000_DEV_ID_82545EM_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82545EM_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82545GM_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82545GM_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82545GM_SERDES, "Intel(R) PRO/1000 Network Connection"), - - PVID(0x8086, E1000_DEV_ID_82546EB_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82546EB_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82546EB_QUAD_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82546GB_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82546GB_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82546GB_SERDES, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82546GB_PCIE, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82546GB_QUAD_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82546GB_QUAD_COPPER_KSP3, "Intel(R) PRO/1000 Network Connection"), - - PVID(0x8086, E1000_DEV_ID_82547EI, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82547EI_MOBILE, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82547GI, "Intel(R) PRO/1000 Network Connection"), - - /* Intel(R) PRO/1000 Network Connection - em */ - PVID(0x8086, E1000_DEV_ID_82571EB_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82571EB_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82571EB_SERDES, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82571EB_SERDES_DUAL, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82571EB_SERDES_QUAD, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82571EB_QUAD_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82571EB_QUAD_COPPER_LP, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82571EB_QUAD_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82571PT_QUAD_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82572EI, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82572EI_COPPER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82572EI_FIBER, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82572EI_SERDES, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82573E, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82573E_IAMT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82573L, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82583V, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_80003ES2LAN_COPPER_SPT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_80003ES2LAN_SERDES_SPT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_80003ES2LAN_COPPER_DPT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_80003ES2LAN_SERDES_DPT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH8_IGP_M_AMT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH8_IGP_AMT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH8_IGP_C, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH8_IFE, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH8_IFE_GT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH8_IFE_G, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH8_IGP_M, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH8_82567V_3, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_IGP_M_AMT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_IGP_AMT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_IGP_C, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_IGP_M, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_IGP_M_V, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_IFE, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_IFE_GT, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_IFE_G, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH9_BM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82574L, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_82574LA, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH10_R_BM_LM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH10_R_BM_LF, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH10_R_BM_V, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH10_D_BM_LM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH10_D_BM_LF, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_ICH10_D_BM_V, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_M_HV_LM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_M_HV_LC, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_D_HV_DM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_D_HV_DC, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH2_LV_LM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH2_LV_V, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_LPT_I217_LM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_LPT_I217_V, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_LPTLP_I218_LM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_LPTLP_I218_V, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_I218_LM2, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_I218_V2, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_I218_LM3, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_I218_V3, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_LM, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_V, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_LM2, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_V2, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_LBG_I219_LM3, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_LM4, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_V4, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_LM5, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_V5, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CNP_I219_LM6, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CNP_I219_V6, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CNP_I219_LM7, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CNP_I219_V7, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_ICP_I219_LM8, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_ICP_I219_V8, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_ICP_I219_LM9, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_ICP_I219_V9, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_LM10, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_V10, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_LM11, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_V11, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_LM12, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_V12, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_LM13, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_V13, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_LM14, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_V14, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_LM15, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_V15, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_ADL_I219_LM16, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_ADL_I219_V16, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_ADL_I219_LM17, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_ADL_I219_V17, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_MTP_I219_LM18, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_MTP_I219_V18, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_MTP_I219_LM19, "Intel(R) PRO/1000 Network Connection"), - PVID(0x8086, E1000_DEV_ID_PCH_MTP_I219_V19, "Intel(R) PRO/1000 Network Connection"), + /* Intel(R) - lem-class legacy devices */ + PVID(0x8086, E1000_DEV_ID_82540EM, "Intel(R) Legacy PRO/1000 MT 82540EM"), + PVID(0x8086, E1000_DEV_ID_82540EM_LOM, "Intel(R) Legacy PRO/1000 MT 82540EM (LOM)"), + PVID(0x8086, E1000_DEV_ID_82540EP, "Intel(R) Legacy PRO/1000 MT 82540EP"), + PVID(0x8086, E1000_DEV_ID_82540EP_LOM, "Intel(R) Legacy PRO/1000 MT 82540EP (LOM)"), + PVID(0x8086, E1000_DEV_ID_82540EP_LP, "Intel(R) Legacy PRO/1000 MT 82540EP (Mobile)"), + + PVID(0x8086, E1000_DEV_ID_82541EI, "Intel(R) Legacy PRO/1000 MT 82541EI (Copper)"), + PVID(0x8086, E1000_DEV_ID_82541ER, "Intel(R) Legacy PRO/1000 82541ER"), + PVID(0x8086, E1000_DEV_ID_82541ER_LOM, "Intel(R) Legacy PRO/1000 MT 82541ER"), + PVID(0x8086, E1000_DEV_ID_82541EI_MOBILE, "Intel(R) Legacy PRO/1000 MT 82541EI (Mobile)"), + PVID(0x8086, E1000_DEV_ID_82541GI, "Intel(R) Legacy PRO/1000 MT 82541GI"), + PVID(0x8086, E1000_DEV_ID_82541GI_LF, "Intel(R) Legacy PRO/1000 GT 82541PI"), + PVID(0x8086, E1000_DEV_ID_82541GI_MOBILE, "Intel(R) Legacy PRO/1000 MT 82541GI (Mobile)"), + + PVID(0x8086, E1000_DEV_ID_82542, "Intel(R) Legacy PRO/1000 82542 (Fiber)"), + + PVID(0x8086, E1000_DEV_ID_82543GC_FIBER, "Intel(R) Legacy PRO/1000 F 82543GC (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82543GC_COPPER, "Intel(R) Legacy PRO/1000 T 82543GC (Copper)"), + + PVID(0x8086, E1000_DEV_ID_82544EI_COPPER, "Intel(R) Legacy PRO/1000 XT 82544EI (Copper)"), + PVID(0x8086, E1000_DEV_ID_82544EI_FIBER, "Intel(R) Legacy PRO/1000 XF 82544EI (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82544GC_COPPER, "Intel(R) Legacy PRO/1000 T 82544GC (Copper)"), + PVID(0x8086, E1000_DEV_ID_82544GC_LOM, "Intel(R) Legacy PRO/1000 XT 82544GC (LOM)"), + + PVID(0x8086, E1000_DEV_ID_82545EM_COPPER, "Intel(R) Legacy PRO/1000 MT 82545EM (Copper)"), + PVID(0x8086, E1000_DEV_ID_82545EM_FIBER, "Intel(R) Legacy PRO/1000 MF 82545EM (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82545GM_COPPER, "Intel(R) Legacy PRO/1000 MT 82545GM (Copper)"), + PVID(0x8086, E1000_DEV_ID_82545GM_FIBER, "Intel(R) Legacy PRO/1000 MF 82545GM (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82545GM_SERDES, "Intel(R) Legacy PRO/1000 MB 82545GM (SERDES)"), + + PVID(0x8086, E1000_DEV_ID_82546EB_COPPER, "Intel(R) Legacy PRO/1000 MT 82546EB (Copper)"), + PVID(0x8086, E1000_DEV_ID_82546EB_FIBER, "Intel(R) Legacy PRO/1000 MF 82546EB (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82546EB_QUAD_COPPER, "Intel(R) Legacy PRO/1000 MT 82546EB (Quad Copper"), + PVID(0x8086, E1000_DEV_ID_82546GB_COPPER, "Intel(R) Legacy PRO/1000 MT 82546GB (Copper)"), + PVID(0x8086, E1000_DEV_ID_82546GB_FIBER, "Intel(R) Legacy PRO/1000 MF 82546GB (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82546GB_SERDES, "Intel(R) Legacy PRO/1000 MB 82546GB (SERDES)"), + PVID(0x8086, E1000_DEV_ID_82546GB_PCIE, "Intel(R) Legacy PRO/1000 P 82546GB (PCIe)"), + PVID(0x8086, E1000_DEV_ID_82546GB_QUAD_COPPER, "Intel(R) Legacy PRO/1000 GT 82546GB (Quad Copper)"), + PVID(0x8086, E1000_DEV_ID_82546GB_QUAD_COPPER_KSP3, "Intel(R) Legacy PRO/1000 GT 82546GB (Quad Copper)"), + + PVID(0x8086, E1000_DEV_ID_82547EI, "Intel(R) Legacy PRO/1000 CT 82547EI"), + PVID(0x8086, E1000_DEV_ID_82547EI_MOBILE, "Intel(R) Legacy PRO/1000 CT 82547EI (Mobile)"), + PVID(0x8086, E1000_DEV_ID_82547GI, "Intel(R) Legacy PRO/1000 CT 82547GI"), + + /* Intel(R) - em-class devices */ + PVID(0x8086, E1000_DEV_ID_82571EB_COPPER, "Intel(R) PRO/1000 PT 82571EB/82571GB (Copper)"), + PVID(0x8086, E1000_DEV_ID_82571EB_FIBER, "Intel(R) PRO/1000 PF 82571EB/82571GB (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82571EB_SERDES, "Intel(R) PRO/1000 PB 82571EB (SERDES)"), + PVID(0x8086, E1000_DEV_ID_82571EB_SERDES_DUAL, "Intel(R) PRO/1000 82571EB (Dual Mezzanine)"), + PVID(0x8086, E1000_DEV_ID_82571EB_SERDES_QUAD, "Intel(R) PRO/1000 82571EB (Quad Mezzanine)"), + PVID(0x8086, E1000_DEV_ID_82571EB_QUAD_COPPER, "Intel(R) PRO/1000 PT 82571EB/82571GB (Quad Copper)"), + PVID(0x8086, E1000_DEV_ID_82571EB_QUAD_COPPER_LP, "Intel(R) PRO/1000 PT 82571EB/82571GB (Quad Copper)"), + PVID(0x8086, E1000_DEV_ID_82571EB_QUAD_FIBER, "Intel(R) PRO/1000 PF 82571EB (Quad Fiber)"), + PVID(0x8086, E1000_DEV_ID_82571PT_QUAD_COPPER, "Intel(R) PRO/1000 PT 82571PT (Quad Copper)"), + PVID(0x8086, E1000_DEV_ID_82572EI, "Intel(R) PRO/1000 PT 82572EI (Copper)"), + PVID(0x8086, E1000_DEV_ID_82572EI_COPPER, "Intel(R) PRO/1000 PT 82572EI (Copper)"), + PVID(0x8086, E1000_DEV_ID_82572EI_FIBER, "Intel(R) PRO/1000 PF 82572EI (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82572EI_SERDES, "Intel(R) PRO/1000 82572EI (SERDES)"), + PVID(0x8086, E1000_DEV_ID_82573E, "Intel(R) PRO/1000 82573E (Copper)"), + PVID(0x8086, E1000_DEV_ID_82573E_IAMT, "Intel(R) PRO/1000 82573E AMT (Copper)"), + PVID(0x8086, E1000_DEV_ID_82573L, "Intel(R) PRO/1000 82573L"), + PVID(0x8086, E1000_DEV_ID_82583V, "Intel(R) 82583V"), + PVID(0x8086, E1000_DEV_ID_80003ES2LAN_COPPER_SPT, "Intel(R) 80003ES2LAN (Copper)"), + PVID(0x8086, E1000_DEV_ID_80003ES2LAN_SERDES_SPT, "Intel(R) 80003ES2LAN (SERDES)"), + PVID(0x8086, E1000_DEV_ID_80003ES2LAN_COPPER_DPT, "Intel(R) 80003ES2LAN (Dual Copper)"), + PVID(0x8086, E1000_DEV_ID_80003ES2LAN_SERDES_DPT, "Intel(R) 80003ES2LAN (Dual SERDES)"), + PVID(0x8086, E1000_DEV_ID_ICH8_IGP_M_AMT, "Intel(R) 82566MM ICH8 AMT (Mobile)"), + PVID(0x8086, E1000_DEV_ID_ICH8_IGP_AMT, "Intel(R) 82566DM ICH8 AMT"), + PVID(0x8086, E1000_DEV_ID_ICH8_IGP_C, "Intel(R) 82566DC ICH8"), + PVID(0x8086, E1000_DEV_ID_ICH8_IFE, "Intel(R) 82562V ICH8"), + PVID(0x8086, E1000_DEV_ID_ICH8_IFE_GT, "Intel(R) 82562GT ICH8"), + PVID(0x8086, E1000_DEV_ID_ICH8_IFE_G, "Intel(R) 82562G ICH8"), + PVID(0x8086, E1000_DEV_ID_ICH8_IGP_M, "Intel(R) 82566MC ICH8"), + PVID(0x8086, E1000_DEV_ID_ICH8_82567V_3, "Intel(R) 82567V-3 ICH8"), + PVID(0x8086, E1000_DEV_ID_ICH9_IGP_M_AMT, "Intel(R) 82567LM ICH9 AMT"), + PVID(0x8086, E1000_DEV_ID_ICH9_IGP_AMT, "Intel(R) 82566DM-2 ICH9 AMT"), + PVID(0x8086, E1000_DEV_ID_ICH9_IGP_C, "Intel(R) 82566DC-2 ICH9"), + PVID(0x8086, E1000_DEV_ID_ICH9_IGP_M, "Intel(R) 82567LF ICH9"), + PVID(0x8086, E1000_DEV_ID_ICH9_IGP_M_V, "Intel(R) 82567V ICH9"), + PVID(0x8086, E1000_DEV_ID_ICH9_IFE, "Intel(R) 82562V-2 ICH9"), + PVID(0x8086, E1000_DEV_ID_ICH9_IFE_GT, "Intel(R) 82562GT-2 ICH9"), + PVID(0x8086, E1000_DEV_ID_ICH9_IFE_G, "Intel(R) 82562G-2 ICH9"), + PVID(0x8086, E1000_DEV_ID_ICH9_BM, "Intel(R) 82567LM-4 ICH9"), + PVID(0x8086, E1000_DEV_ID_82574L, "Intel(R) Gigabit CT 82574L"), + PVID(0x8086, E1000_DEV_ID_82574LA, "Intel(R) 82574L-Apple"), + PVID(0x8086, E1000_DEV_ID_ICH10_R_BM_LM, "Intel(R) 82567LM-2 ICH10"), + PVID(0x8086, E1000_DEV_ID_ICH10_R_BM_LF, "Intel(R) 82567LF-2 ICH10"), + PVID(0x8086, E1000_DEV_ID_ICH10_R_BM_V, "Intel(R) 82567V-2 ICH10"), + PVID(0x8086, E1000_DEV_ID_ICH10_D_BM_LM, "Intel(R) 82567LM-3 ICH10"), + PVID(0x8086, E1000_DEV_ID_ICH10_D_BM_LF, "Intel(R) 82567LF-3 ICH10"), + PVID(0x8086, E1000_DEV_ID_ICH10_D_BM_V, "Intel(R) 82567V-4 ICH10"), + PVID(0x8086, E1000_DEV_ID_PCH_M_HV_LM, "Intel(R) 82577LM"), + PVID(0x8086, E1000_DEV_ID_PCH_M_HV_LC, "Intel(R) 82577LC"), + PVID(0x8086, E1000_DEV_ID_PCH_D_HV_DM, "Intel(R) 82578DM"), + PVID(0x8086, E1000_DEV_ID_PCH_D_HV_DC, "Intel(R) 82578DC"), + PVID(0x8086, E1000_DEV_ID_PCH2_LV_LM, "Intel(R) 82579LM"), + PVID(0x8086, E1000_DEV_ID_PCH2_LV_V, "Intel(R) 82579V"), + PVID(0x8086, E1000_DEV_ID_PCH_LPT_I217_LM, "Intel(R) I217-LM LPT"), + PVID(0x8086, E1000_DEV_ID_PCH_LPT_I217_V, "Intel(R) I217-V LPT"), + PVID(0x8086, E1000_DEV_ID_PCH_LPTLP_I218_LM, "Intel(R) I218-LM LPTLP"), + PVID(0x8086, E1000_DEV_ID_PCH_LPTLP_I218_V, "Intel(R) I218-V LPTLP"), + PVID(0x8086, E1000_DEV_ID_PCH_I218_LM2, "Intel(R) I218-LM (2)"), + PVID(0x8086, E1000_DEV_ID_PCH_I218_V2, "Intel(R) I218-V (2)"), + PVID(0x8086, E1000_DEV_ID_PCH_I218_LM3, "Intel(R) I218-LM (3)"), + PVID(0x8086, E1000_DEV_ID_PCH_I218_V3, "Intel(R) I218-V (3)"), + PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_LM, "Intel(R) I219-LM SPT"), + PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_V, "Intel(R) I219-V SPT"), + PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_LM2, "Intel(R) I219-LM SPT-H(2)"), + PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_V2, "Intel(R) I219-V SPT-H(2)"), + PVID(0x8086, E1000_DEV_ID_PCH_LBG_I219_LM3, "Intel(R) I219-LM LBG(3)"), + PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_LM4, "Intel(R) I219-LM SPT(4)"), + PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_V4, "Intel(R) I219-V SPT(4)"), + PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_LM5, "Intel(R) I219-LM SPT(5)"), + PVID(0x8086, E1000_DEV_ID_PCH_SPT_I219_V5, "Intel(R) I219-V SPT(5)"), + PVID(0x8086, E1000_DEV_ID_PCH_CNP_I219_LM6, "Intel(R) I219-LM CNP(6)"), + PVID(0x8086, E1000_DEV_ID_PCH_CNP_I219_V6, "Intel(R) I219-V CNP(6)"), + PVID(0x8086, E1000_DEV_ID_PCH_CNP_I219_LM7, "Intel(R) I219-LM CNP(7)"), + PVID(0x8086, E1000_DEV_ID_PCH_CNP_I219_V7, "Intel(R) I219-V CNP(7)"), + PVID(0x8086, E1000_DEV_ID_PCH_ICP_I219_LM8, "Intel(R) I219-LM ICP(8)"), + PVID(0x8086, E1000_DEV_ID_PCH_ICP_I219_V8, "Intel(R) I219-V ICP(8)"), + PVID(0x8086, E1000_DEV_ID_PCH_ICP_I219_LM9, "Intel(R) I219-LM ICP(9)"), + PVID(0x8086, E1000_DEV_ID_PCH_ICP_I219_V9, "Intel(R) I219-V ICP(9)"), + PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_LM10, "Intel(R) I219-LM CMP(10)"), + PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_V10, "Intel(R) I219-V CMP(10)"), + PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_LM11, "Intel(R) I219-LM CMP(11)"), + PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_V11, "Intel(R) I219-V CMP(11)"), + PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_LM12, "Intel(R) I219-LM CMP(12)"), + PVID(0x8086, E1000_DEV_ID_PCH_CMP_I219_V12, "Intel(R) I219-V CMP(12)"), + PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_LM13, "Intel(R) I219-LM TGP(13)"), + PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_V13, "Intel(R) I219-V TGP(13)"), + PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_LM14, "Intel(R) I219-LM TGP(14)"), + PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_V14, "Intel(R) I219-V GTP(14)"), + PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_LM15, "Intel(R) I219-LM TGP(15)"), + PVID(0x8086, E1000_DEV_ID_PCH_TGP_I219_V15, "Intel(R) I219-V TGP(15)"), + PVID(0x8086, E1000_DEV_ID_PCH_ADL_I219_LM16, "Intel(R) I219-LM ADL(16)"), + PVID(0x8086, E1000_DEV_ID_PCH_ADL_I219_V16, "Intel(R) I219-V ADL(16)"), + PVID(0x8086, E1000_DEV_ID_PCH_ADL_I219_LM17, "Intel(R) I219-LM ADL(17)"), + PVID(0x8086, E1000_DEV_ID_PCH_ADL_I219_V17, "Intel(R) I219-V ADL(17)"), + PVID(0x8086, E1000_DEV_ID_PCH_MTP_I219_LM18, "Intel(R) I219-LM MTP(18)"), + PVID(0x8086, E1000_DEV_ID_PCH_MTP_I219_V18, "Intel(R) I219-V MTP(18)"), + PVID(0x8086, E1000_DEV_ID_PCH_MTP_I219_LM19, "Intel(R) I219-LM MTP(19)"), + PVID(0x8086, E1000_DEV_ID_PCH_MTP_I219_V19, "Intel(R) I219-V MTP(19)"), /* required last entry */ PVID_END }; static pci_vendor_info_t igb_vendor_info_array[] = { - /* Intel(R) PRO/1000 Network Connection - igb */ - PVID(0x8086, E1000_DEV_ID_82575EB_COPPER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82575EB_FIBER_SERDES, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82575GB_QUAD_COPPER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576_NS, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576_NS_SERDES, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576_FIBER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576_SERDES, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576_SERDES_QUAD, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576_QUAD_COPPER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576_QUAD_COPPER_ET2, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82576_VF, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82580_COPPER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82580_FIBER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82580_SERDES, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82580_SGMII, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82580_COPPER_DUAL, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_82580_QUAD_FIBER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_DH89XXCC_SERDES, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_DH89XXCC_SGMII, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_DH89XXCC_SFP, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_DH89XXCC_BACKPLANE, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I350_COPPER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I350_FIBER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I350_SERDES, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I350_SGMII, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I350_VF, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I210_COPPER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I210_COPPER_IT, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I210_COPPER_OEM1, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I210_COPPER_FLASHLESS, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I210_SERDES_FLASHLESS, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I210_FIBER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I210_SERDES, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I210_SGMII, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I211_COPPER, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I354_BACKPLANE_1GBPS, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I354_BACKPLANE_2_5GBPS, "Intel(R) PRO/1000 PCI-Express Network Driver"), - PVID(0x8086, E1000_DEV_ID_I354_SGMII, "Intel(R) PRO/1000 PCI-Express Network Driver"), + /* Intel(R) - igb-class devices */ + PVID(0x8086, E1000_DEV_ID_82575EB_COPPER, "Intel(R) PRO/1000 82575EB (Copper)"), + PVID(0x8086, E1000_DEV_ID_82575EB_FIBER_SERDES, "Intel(R) PRO/1000 82575EB (SERDES)"), + PVID(0x8086, E1000_DEV_ID_82575GB_QUAD_COPPER, "Intel(R) PRO/1000 VT 82575GB (Quad Copper)"), + PVID(0x8086, E1000_DEV_ID_82576, "Intel(R) PRO/1000 82576"), + PVID(0x8086, E1000_DEV_ID_82576_NS, "Intel(R) PRO/1000 82576NS"), + PVID(0x8086, E1000_DEV_ID_82576_NS_SERDES, "Intel(R) PRO/1000 82576NS (SERDES)"), + PVID(0x8086, E1000_DEV_ID_82576_FIBER, "Intel(R) PRO/1000 EF 82576 (Dual Fiber)"), + PVID(0x8086, E1000_DEV_ID_82576_SERDES, "Intel(R) PRO/1000 82576 (Dual SERDES)"), + PVID(0x8086, E1000_DEV_ID_82576_SERDES_QUAD, "Intel(R) PRO/1000 ET 82576 (Quad SERDES)"), + PVID(0x8086, E1000_DEV_ID_82576_QUAD_COPPER, "Intel(R) PRO/1000 ET 82576 (Quad Copper)"), + PVID(0x8086, E1000_DEV_ID_82576_QUAD_COPPER_ET2, "Intel(R) PRO/1000 ET(2) 82576 (Quad Copper)"), + PVID(0x8086, E1000_DEV_ID_82576_VF, "Intel(R) PRO/1000 82576 Virtual Function"), + PVID(0x8086, E1000_DEV_ID_82580_COPPER, "Intel(R) I340 82580 (Copper)"), + PVID(0x8086, E1000_DEV_ID_82580_FIBER, "Intel(R) I340 82580 (Fiber)"), + PVID(0x8086, E1000_DEV_ID_82580_SERDES, "Intel(R) I340 82580 (SERDES)"), + PVID(0x8086, E1000_DEV_ID_82580_SGMII, "Intel(R) I340 82580 (SGMII)"), + PVID(0x8086, E1000_DEV_ID_82580_COPPER_DUAL, "Intel(R) I340-T2 82580 (Dual Copper)"), + PVID(0x8086, E1000_DEV_ID_82580_QUAD_FIBER, "Intel(R) I340-F4 82580 (Quad Fiber)"), + PVID(0x8086, E1000_DEV_ID_DH89XXCC_SERDES, "Intel(R) DH89XXCC (SERDES)"), + PVID(0x8086, E1000_DEV_ID_DH89XXCC_SGMII, "Intel(R) I347-AT4 DH89XXCC"), + PVID(0x8086, E1000_DEV_ID_DH89XXCC_SFP, "Intel(R) DH89XXCC (SFP)"), + PVID(0x8086, E1000_DEV_ID_DH89XXCC_BACKPLANE, "Intel(R) DH89XXCC (Backplane)"), + PVID(0x8086, E1000_DEV_ID_I350_COPPER, "Intel(R) I350 (Copper)"), + PVID(0x8086, E1000_DEV_ID_I350_FIBER, "Intel(R) I350 (Fiber)"), + PVID(0x8086, E1000_DEV_ID_I350_SERDES, "Intel(R) I350 (SERDES)"), + PVID(0x8086, E1000_DEV_ID_I350_SGMII, "Intel(R) I350 (SGMII)"), + PVID(0x8086, E1000_DEV_ID_I350_VF, "Intel(R) I350 Virtual Function"), + PVID(0x8086, E1000_DEV_ID_I210_COPPER, "Intel(R) I210 (Copper)"), + PVID(0x8086, E1000_DEV_ID_I210_COPPER_IT, "Intel(R) I210 IT (Copper)"), + PVID(0x8086, E1000_DEV_ID_I210_COPPER_OEM1, "Intel(R) I210 (OEM)"), + PVID(0x8086, E1000_DEV_ID_I210_COPPER_FLASHLESS, "Intel(R) I210 Flashless (Copper)"), + PVID(0x8086, E1000_DEV_ID_I210_SERDES_FLASHLESS, "Intel(R) I210 Flashless (SERDES)"), + PVID(0x8086, E1000_DEV_ID_I210_FIBER, "Intel(R) I210 (Fiber)"), + PVID(0x8086, E1000_DEV_ID_I210_SERDES, "Intel(R) I210 (SERDES)"), + PVID(0x8086, E1000_DEV_ID_I210_SGMII, "Intel(R) I210 (SGMII)"), + PVID(0x8086, E1000_DEV_ID_I211_COPPER, "Intel(R) I211 (Copper)"), + PVID(0x8086, E1000_DEV_ID_I354_BACKPLANE_1GBPS, "Intel(R) I354 (1.0 GbE Backplane)"), + PVID(0x8086, E1000_DEV_ID_I354_BACKPLANE_2_5GBPS, "Intel(R) I354 (2.5 GbE Backplane)"), + PVID(0x8086, E1000_DEV_ID_I354_SGMII, "Intel(R) I354 (SGMII)"), /* required last entry */ PVID_END }; From owner-dev-commits-src-branches@freebsd.org Fri May 28 05:50:49 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4FABA64C3FB; Fri, 28 May 2021 05:50:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Frv1P1BZHz3tq9; Fri, 28 May 2021 05:50:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1008011DE1; Fri, 28 May 2021 05:50:49 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14S5omLY011419; Fri, 28 May 2021 05:50:48 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14S5omPw011418; Fri, 28 May 2021 05:50:48 GMT (envelope-from git) Date: Fri, 28 May 2021 05:50:48 GMT Message-Id: <202105280550.14S5omPw011418@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kevin Bowling Subject: git: 1fb96c59b4ce - stable/13 - e1000: Rework em_msi_link interrupt filter MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kbowling X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 1fb96c59b4ce265ea94eddef5a97c7c075ceaec5 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 May 2021 05:50:49 -0000 The branch stable/13 has been updated by kbowling (ports committer): URL: https://cgit.FreeBSD.org/src/commit/?id=1fb96c59b4ce265ea94eddef5a97c7c075ceaec5 commit 1fb96c59b4ce265ea94eddef5a97c7c075ceaec5 Author: Kevin Bowling AuthorDate: 2021-04-25 08:22:23 +0000 Commit: Kevin Bowling CommitDate: 2021-05-28 05:50:07 +0000 e1000: Rework em_msi_link interrupt filter * Fix 82574 Link Status Changes, carrying the OTHER mask bit around as needed. * Move igb-class LSC re-arming out of FAST back into the handler. * Clarify spurious/other interrupt re-arms in FAST. In MSI-X mode, 82574 and igb-class devices use an interrupt filter to handle Link Status Changes. We want to do LSC re-arms in the handler to take advantage of autoclear (EIAC) single shot behavior. 82574 uses 'Other' in ICR and IMS for LSC interrupt types when in MSI-X mode, so we need to set and re-arm the 'Other' bit during attach and after ICR reads in the FAST handler if not an LSC or after handling on LSC due to autoclearing. This work was primarily done to address the referenced PR, but inspired some clarification and improvement for igb-class devices once the intentions of previous bug fix attempts became clearer. PR: 211219 Reported by: Alexey Tested by: kbowling (I210 lagg), markj (I210) Approved by: markj MFC after: 1 month Differential Revision: https://reviews.freebsd.org/D29943 (cherry picked from commit eea55de7b10808b86277d7fdbed2d05d3c6db1b2) --- sys/dev/e1000/if_em.c | 41 ++++++++++++++++++++++++----------------- sys/dev/e1000/if_em.h | 2 -- 2 files changed, 24 insertions(+), 19 deletions(-) diff --git a/sys/dev/e1000/if_em.c b/sys/dev/e1000/if_em.c index f7dab611c13f..c9a6648b34a0 100644 --- a/sys/dev/e1000/if_em.c +++ b/sys/dev/e1000/if_em.c @@ -1504,6 +1504,7 @@ em_msix_link(void *arg) { struct adapter *adapter = arg; u32 reg_icr; + bool notlink = false; ++adapter->link_irq; MPASS(adapter->hw.back != NULL); @@ -1512,15 +1513,19 @@ em_msix_link(void *arg) if (reg_icr & E1000_ICR_RXO) adapter->rx_overruns++; - if (reg_icr & (E1000_ICR_RXSEQ | E1000_ICR_LSC)) { + if (reg_icr & (E1000_ICR_RXSEQ | E1000_ICR_LSC)) em_handle_link(adapter->ctx); - } else if (adapter->hw.mac.type == e1000_82574) { - /* Only re-arm 82574 if em_if_update_admin_status() won't. */ - E1000_WRITE_REG(&adapter->hw, E1000_IMS, EM_MSIX_LINK | - E1000_IMS_LSC); - } + else + notlink = true; - if (adapter->hw.mac.type == e1000_82574) { + /* Re-arm for other/spurious interrupts */ + if (notlink && adapter->hw.mac.type >= igb_mac_min) { + E1000_WRITE_REG(&adapter->hw, E1000_IMS, E1000_IMS_LSC); + E1000_WRITE_REG(&adapter->hw, E1000_EIMS, adapter->link_mask); + } else if (adapter->hw.mac.type == e1000_82574) { + if (notlink) + E1000_WRITE_REG(&adapter->hw, E1000_IMS, E1000_IMS_LSC | + E1000_IMS_OTHER); /* * Because we must read the ICR for this interrupt it may * clear other causes using autoclear, for this reason we @@ -1528,10 +1533,6 @@ em_msix_link(void *arg) */ if (reg_icr) E1000_WRITE_REG(&adapter->hw, E1000_ICS, adapter->ims); - } else { - /* Re-arm unconditionally */ - E1000_WRITE_REG(&adapter->hw, E1000_IMS, E1000_IMS_LSC); - E1000_WRITE_REG(&adapter->hw, E1000_EIMS, adapter->link_mask); } return (FILTER_HANDLED); @@ -1876,10 +1877,13 @@ em_if_update_admin_status(if_ctx_t ctx) if (hw->mac.type < em_mac_min) lem_smartspeed(adapter); - else if (hw->mac.type == e1000_82574 && + else if (hw->mac.type >= igb_mac_min && + adapter->intr_type == IFLIB_INTR_MSIX) { + E1000_WRITE_REG(&adapter->hw, E1000_IMS, E1000_IMS_LSC); + E1000_WRITE_REG(&adapter->hw, E1000_EIMS, adapter->link_mask); + } else if (hw->mac.type == e1000_82574 && adapter->intr_type == IFLIB_INTR_MSIX) - E1000_WRITE_REG(&adapter->hw, E1000_IMS, EM_MSIX_LINK | - E1000_IMS_LSC); + E1000_WRITE_REG(hw, E1000_IMS, E1000_IMS_LSC | E1000_IMS_OTHER); } static void @@ -2091,7 +2095,10 @@ em_if_msix_intr_assign(if_ctx_t ctx, int msix) if (adapter->hw.mac.type < igb_mac_min) { adapter->ivars |= (8 | rx_vectors) << 16; adapter->ivars |= 0x80000000; + /* Enable the "Other" interrupt type for link status change */ + adapter->ims |= E1000_IMS_OTHER; } + return (0); fail: iflib_irq_free(ctx, &adapter->irq); @@ -3474,8 +3481,8 @@ em_if_intr_enable(if_ctx_t ctx) struct e1000_hw *hw = &adapter->hw; u32 ims_mask = IMS_ENABLE_MASK; - if (hw->mac.type == e1000_82574) { - E1000_WRITE_REG(hw, EM_EIAC, EM_MSIX_MASK); + if (adapter->intr_type == IFLIB_INTR_MSIX) { + E1000_WRITE_REG(hw, EM_EIAC, adapter->ims); ims_mask |= adapter->ims; } E1000_WRITE_REG(hw, E1000_IMS, ims_mask); @@ -3487,7 +3494,7 @@ em_if_intr_disable(if_ctx_t ctx) struct adapter *adapter = iflib_get_softc(ctx); struct e1000_hw *hw = &adapter->hw; - if (hw->mac.type == e1000_82574) + if (adapter->intr_type == IFLIB_INTR_MSIX) E1000_WRITE_REG(hw, EM_EIAC, 0); E1000_WRITE_REG(hw, E1000_IMC, 0xffffffff); } diff --git a/sys/dev/e1000/if_em.h b/sys/dev/e1000/if_em.h index d685b4aedc26..b1f179a3842e 100644 --- a/sys/dev/e1000/if_em.h +++ b/sys/dev/e1000/if_em.h @@ -341,8 +341,6 @@ #define EM_VFTA_SIZE 128 #define EM_TSO_SIZE 65535 #define EM_TSO_SEG_SIZE 4096 /* Max dma segment size */ -#define EM_MSIX_MASK 0x01F00000 /* For 82574 use */ -#define EM_MSIX_LINK 0x01000000 /* For 82574 use */ #define ETH_ZLEN 60 #define EM_CSUM_OFFLOAD (CSUM_IP | CSUM_IP_UDP | CSUM_IP_TCP) /* Offload bits in mbuf flag */ #define IGB_CSUM_OFFLOAD (CSUM_IP | CSUM_IP_UDP | CSUM_IP_TCP | \ From owner-dev-commits-src-branches@freebsd.org Fri May 28 05:51:59 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B332764C2D8; Fri, 28 May 2021 05:51:59 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Frv2l4gqRz3tvp; Fri, 28 May 2021 05:51:59 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7E6EE12026; Fri, 28 May 2021 05:51:59 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14S5pxZJ014765; Fri, 28 May 2021 05:51:59 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14S5pxBa014764; Fri, 28 May 2021 05:51:59 GMT (envelope-from git) Date: Fri, 28 May 2021 05:51:59 GMT Message-Id: <202105280551.14S5pxBa014764@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kevin Bowling Subject: git: 166ad86c33ba - stable/12 - e1000: Rework em_msi_link interrupt filter MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kbowling X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 166ad86c33ba4ca1a1b235913a9ae553ebf6a425 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 May 2021 05:51:59 -0000 The branch stable/12 has been updated by kbowling (ports committer): URL: https://cgit.FreeBSD.org/src/commit/?id=166ad86c33ba4ca1a1b235913a9ae553ebf6a425 commit 166ad86c33ba4ca1a1b235913a9ae553ebf6a425 Author: Kevin Bowling AuthorDate: 2021-04-25 08:22:23 +0000 Commit: Kevin Bowling CommitDate: 2021-05-28 05:51:46 +0000 e1000: Rework em_msi_link interrupt filter * Fix 82574 Link Status Changes, carrying the OTHER mask bit around as needed. * Move igb-class LSC re-arming out of FAST back into the handler. * Clarify spurious/other interrupt re-arms in FAST. In MSI-X mode, 82574 and igb-class devices use an interrupt filter to handle Link Status Changes. We want to do LSC re-arms in the handler to take advantage of autoclear (EIAC) single shot behavior. 82574 uses 'Other' in ICR and IMS for LSC interrupt types when in MSI-X mode, so we need to set and re-arm the 'Other' bit during attach and after ICR reads in the FAST handler if not an LSC or after handling on LSC due to autoclearing. This work was primarily done to address the referenced PR, but inspired some clarification and improvement for igb-class devices once the intentions of previous bug fix attempts became clearer. PR: 211219 Reported by: Alexey Tested by: kbowling (I210 lagg), markj (I210) Approved by: markj MFC after: 1 month Differential Revision: https://reviews.freebsd.org/D29943 (cherry picked from commit eea55de7b10808b86277d7fdbed2d05d3c6db1b2) --- sys/dev/e1000/if_em.c | 41 ++++++++++++++++++++++++----------------- sys/dev/e1000/if_em.h | 2 -- 2 files changed, 24 insertions(+), 19 deletions(-) diff --git a/sys/dev/e1000/if_em.c b/sys/dev/e1000/if_em.c index f284de275066..819ae802e654 100644 --- a/sys/dev/e1000/if_em.c +++ b/sys/dev/e1000/if_em.c @@ -1508,6 +1508,7 @@ em_msix_link(void *arg) { struct adapter *adapter = arg; u32 reg_icr; + bool notlink = false; ++adapter->link_irq; MPASS(adapter->hw.back != NULL); @@ -1516,15 +1517,19 @@ em_msix_link(void *arg) if (reg_icr & E1000_ICR_RXO) adapter->rx_overruns++; - if (reg_icr & (E1000_ICR_RXSEQ | E1000_ICR_LSC)) { + if (reg_icr & (E1000_ICR_RXSEQ | E1000_ICR_LSC)) em_handle_link(adapter->ctx); - } else if (adapter->hw.mac.type == e1000_82574) { - /* Only re-arm 82574 if em_if_update_admin_status() won't. */ - E1000_WRITE_REG(&adapter->hw, E1000_IMS, EM_MSIX_LINK | - E1000_IMS_LSC); - } + else + notlink = true; - if (adapter->hw.mac.type == e1000_82574) { + /* Re-arm for other/spurious interrupts */ + if (notlink && adapter->hw.mac.type >= igb_mac_min) { + E1000_WRITE_REG(&adapter->hw, E1000_IMS, E1000_IMS_LSC); + E1000_WRITE_REG(&adapter->hw, E1000_EIMS, adapter->link_mask); + } else if (adapter->hw.mac.type == e1000_82574) { + if (notlink) + E1000_WRITE_REG(&adapter->hw, E1000_IMS, E1000_IMS_LSC | + E1000_IMS_OTHER); /* * Because we must read the ICR for this interrupt it may * clear other causes using autoclear, for this reason we @@ -1532,10 +1537,6 @@ em_msix_link(void *arg) */ if (reg_icr) E1000_WRITE_REG(&adapter->hw, E1000_ICS, adapter->ims); - } else { - /* Re-arm unconditionally */ - E1000_WRITE_REG(&adapter->hw, E1000_IMS, E1000_IMS_LSC); - E1000_WRITE_REG(&adapter->hw, E1000_EIMS, adapter->link_mask); } return (FILTER_HANDLED); @@ -1872,10 +1873,13 @@ em_if_update_admin_status(if_ctx_t ctx) if (hw->mac.type < em_mac_min) lem_smartspeed(adapter); - else if (hw->mac.type == e1000_82574 && + else if (hw->mac.type >= igb_mac_min && + adapter->intr_type == IFLIB_INTR_MSIX) { + E1000_WRITE_REG(&adapter->hw, E1000_IMS, E1000_IMS_LSC); + E1000_WRITE_REG(&adapter->hw, E1000_EIMS, adapter->link_mask); + } else if (hw->mac.type == e1000_82574 && adapter->intr_type == IFLIB_INTR_MSIX) - E1000_WRITE_REG(&adapter->hw, E1000_IMS, EM_MSIX_LINK | - E1000_IMS_LSC); + E1000_WRITE_REG(hw, E1000_IMS, E1000_IMS_LSC | E1000_IMS_OTHER); } static void @@ -2087,7 +2091,10 @@ em_if_msix_intr_assign(if_ctx_t ctx, int msix) if (adapter->hw.mac.type < igb_mac_min) { adapter->ivars |= (8 | rx_vectors) << 16; adapter->ivars |= 0x80000000; + /* Enable the "Other" interrupt type for link status change */ + adapter->ims |= E1000_IMS_OTHER; } + return (0); fail: iflib_irq_free(ctx, &adapter->irq); @@ -3476,8 +3483,8 @@ em_if_intr_enable(if_ctx_t ctx) struct e1000_hw *hw = &adapter->hw; u32 ims_mask = IMS_ENABLE_MASK; - if (hw->mac.type == e1000_82574) { - E1000_WRITE_REG(hw, EM_EIAC, EM_MSIX_MASK); + if (adapter->intr_type == IFLIB_INTR_MSIX) { + E1000_WRITE_REG(hw, EM_EIAC, adapter->ims); ims_mask |= adapter->ims; } E1000_WRITE_REG(hw, E1000_IMS, ims_mask); @@ -3489,7 +3496,7 @@ em_if_intr_disable(if_ctx_t ctx) struct adapter *adapter = iflib_get_softc(ctx); struct e1000_hw *hw = &adapter->hw; - if (hw->mac.type == e1000_82574) + if (adapter->intr_type == IFLIB_INTR_MSIX) E1000_WRITE_REG(hw, EM_EIAC, 0); E1000_WRITE_REG(hw, E1000_IMC, 0xffffffff); } diff --git a/sys/dev/e1000/if_em.h b/sys/dev/e1000/if_em.h index efad9251105b..7ef97274191b 100644 --- a/sys/dev/e1000/if_em.h +++ b/sys/dev/e1000/if_em.h @@ -342,8 +342,6 @@ #define EM_VFTA_SIZE 128 #define EM_TSO_SIZE 65535 #define EM_TSO_SEG_SIZE 4096 /* Max dma segment size */ -#define EM_MSIX_MASK 0x01F00000 /* For 82574 use */ -#define EM_MSIX_LINK 0x01000000 /* For 82574 use */ #define ETH_ZLEN 60 #define ETH_ADDR_LEN 6 #define EM_CSUM_OFFLOAD (CSUM_IP | CSUM_IP_UDP | CSUM_IP_TCP) /* Offload bits in mbuf flag */ From owner-dev-commits-src-branches@freebsd.org Fri May 28 05:54:03 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5EC3964CB75; Fri, 28 May 2021 05:54:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Frv572BNdz3vDy; Fri, 28 May 2021 05:54:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 334AB12297; Fri, 28 May 2021 05:54:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14S5s3UK015972; Fri, 28 May 2021 05:54:03 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14S5s3WP015971; Fri, 28 May 2021 05:54:03 GMT (envelope-from git) Date: Fri, 28 May 2021 05:54:03 GMT Message-Id: <202105280554.14S5s3WP015971@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kevin Bowling Subject: git: 756d0964179a - stable/13 - ixgbe: Improve device name strings MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kbowling X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 756d0964179aef8ccf87bd68ebd7ccb8257adacf Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 May 2021 05:54:03 -0000 The branch stable/13 has been updated by kbowling (ports committer): URL: https://cgit.FreeBSD.org/src/commit/?id=756d0964179aef8ccf87bd68ebd7ccb8257adacf commit 756d0964179aef8ccf87bd68ebd7ccb8257adacf Author: Kevin Bowling AuthorDate: 2021-04-21 02:35:14 +0000 Commit: Kevin Bowling CommitDate: 2021-05-28 05:53:23 +0000 ixgbe: Improve device name strings This is just clerical work to ease bug triage and may be used to set expectations around the ability for anyone in the community to perform testing and development on older parts. Approved by: erj MFC after: 1 month Differential Revision: https://reviews.freebsd.org/D29876 (cherry picked from commit fdbcd35a75e596a78b4c0330eaded476eaa14797) --- sys/dev/ixgbe/if_ix.c | 88 +++++++++++++++++++++++++------------------------- sys/dev/ixgbe/if_ixv.c | 10 +++--- 2 files changed, 49 insertions(+), 49 deletions(-) diff --git a/sys/dev/ixgbe/if_ix.c b/sys/dev/ixgbe/if_ix.c index 49d55d39300a..fbe4f1df38ca 100644 --- a/sys/dev/ixgbe/if_ix.c +++ b/sys/dev/ixgbe/if_ix.c @@ -61,50 +61,50 @@ char ixgbe_driver_version[] = "4.0.1-k"; ************************************************************************/ static pci_vendor_info_t ixgbe_vendor_info_array[] = { - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598AF_DUAL_PORT, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598AF_SINGLE_PORT, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598EB_CX4, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598AT, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598AT2, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598_DA_DUAL_PORT, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598_CX4_DUAL_PORT, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598EB_XF_LR, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598_SR_DUAL_PORT_EM, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598EB_SFP_LOM, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_KX4, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_KX4_MEZZ, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_SFP, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_XAUI_LOM, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_CX4, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_T3_LOM, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_COMBO_BACKPLANE, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_BACKPLANE_FCOE, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_SFP_SF2, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_SFP_FCOE, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599EN_SFP, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_SFP_SF_QP, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_QSFP_SF_QP, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X540T, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X540T1, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550T, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550T1, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_KR, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_KX4, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_10G_T, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_1G_T, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_SFP, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_KR, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_KR_L, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_SFP, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_SFP_N, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_SGMII, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_SGMII_L, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_10G_T, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_1G_T, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_1G_T_L, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X540_BYPASS, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_BYPASS, "Intel(R) PRO/10GbE PCI-Express Network Driver"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598AF_DUAL_PORT, "Intel(R) 82598EB AF (Dual Fiber)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598AF_SINGLE_PORT, "Intel(R) 82598EB AF (Fiber)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598EB_CX4, "Intel(R) 82598EB AT (CX4)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598AT, "Intel(R) 82598EB AT"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598AT2, "Intel(R) 82598EB AT2"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598, "Intel(R) 82598"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598_DA_DUAL_PORT, "Intel(R) 82598EB AF DA (Dual Fiber)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598_CX4_DUAL_PORT, "Intel(R) 82598EB AT (Dual CX4)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598EB_XF_LR, "Intel(R) 82598EB AF (Dual Fiber LR)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598_SR_DUAL_PORT_EM, "Intel(R) 82598EB AF (Dual Fiber SR)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598EB_SFP_LOM, "Intel(R) 82598EB LOM"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_KX4, "Intel(R) X520 82599 (KX4)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_KX4_MEZZ, "Intel(R) X520 82599 (KX4 Mezzanine)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_SFP, "Intel(R) X520 82599ES (SFI/SFP+)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_XAUI_LOM, "Intel(R) X520 82599 (XAUI/BX4)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_CX4, "Intel(R) X520 82599 (Dual CX4)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_T3_LOM, "Intel(R) X520-T 82599 LOM"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_COMBO_BACKPLANE, "Intel(R) X520 82599 (Combined Backplane)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_BACKPLANE_FCOE, "Intel(R) X520 82599 (Backplane w/FCoE)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_SFP_SF2, "Intel(R) X520 82599 (Dual SFP+)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_SFP_FCOE, "Intel(R) X520 82599 (Dual SFP+ w/FCoE)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599EN_SFP, "Intel(R) X520-1 82599EN (SFP+)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_SFP_SF_QP, "Intel(R) X520-4 82599 (Quad SFP+)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_QSFP_SF_QP, "Intel(R) X520-Q1 82599 (QSFP+)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X540T, "Intel(R) X540-AT2"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X540T1, "Intel(R) X540-T1"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550T, "Intel(R) X550-T2"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550T1, "Intel(R) X550-T1"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_KR, "Intel(R) X552 (KR Backplane)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_KX4, "Intel(R) X552 (KX4 Backplane)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_10G_T, "Intel(R) X552/X557-AT (10GBASE-T)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_1G_T, "Intel(R) X552 (1000BASE-T)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_SFP, "Intel(R) X552 (SFP+)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_KR, "Intel(R) X553 (KR Backplane)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_KR_L, "Intel(R) X553 L (KR Backplane)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_SFP, "Intel(R) X553 (SFP+)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_SFP_N, "Intel(R) X553 N (SFP+)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_SGMII, "Intel(R) X553 (1GbE SGMII)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_SGMII_L, "Intel(R) X553 L (1GbE SGMII)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_10G_T, "Intel(R) X553/X557-AT (10GBASE-T)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_1G_T, "Intel(R) X553 (1GbE)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_1G_T_L, "Intel(R) X553 L (1GbE)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X540_BYPASS, "Intel(R) X540-T2 (Bypass)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_BYPASS, "Intel(R) X520 82599 (Bypass)"), /* required last entry */ PVID_END }; diff --git a/sys/dev/ixgbe/if_ixv.c b/sys/dev/ixgbe/if_ixv.c index ee139430d42b..9744a3347cec 100644 --- a/sys/dev/ixgbe/if_ixv.c +++ b/sys/dev/ixgbe/if_ixv.c @@ -59,11 +59,11 @@ char ixv_driver_version[] = "2.0.1-k"; ************************************************************************/ static pci_vendor_info_t ixv_vendor_info_array[] = { - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_VF, "Intel(R) PRO/10GbE Virtual Function Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X540_VF, "Intel(R) PRO/10GbE Virtual Function Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550_VF, "Intel(R) PRO/10GbE Virtual Function Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_VF, "Intel(R) PRO/10GbE Virtual Function Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_VF, "Intel(R) PRO/10GbE Virtual Function Network Driver"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_VF, "Intel(R) X520 82599 Virtual Function"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X540_VF, "Intel(R) X540 Virtual Function"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550_VF, "Intel(R) X550 Virtual Function"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_VF, "Intel(R) X552 Virtual Function"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_VF, "Intel(R) X553 Virtual Function"), /* required last entry */ PVID_END }; From owner-dev-commits-src-branches@freebsd.org Fri May 28 05:55:01 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id F1FED64C7F7; Fri, 28 May 2021 05:55:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Frv6F54nPz3v8c; Fri, 28 May 2021 05:55:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9757711E58; Fri, 28 May 2021 05:55:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14S5t1QY016332; Fri, 28 May 2021 05:55:01 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14S5t1qI016331; Fri, 28 May 2021 05:55:01 GMT (envelope-from git) Date: Fri, 28 May 2021 05:55:01 GMT Message-Id: <202105280555.14S5t1qI016331@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kevin Bowling Subject: git: 3532515277d8 - stable/12 - ixgbe: Improve device name strings MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kbowling X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 3532515277d807ef1c921551c6febbaffb36b37f Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 May 2021 05:55:02 -0000 The branch stable/12 has been updated by kbowling (ports committer): URL: https://cgit.FreeBSD.org/src/commit/?id=3532515277d807ef1c921551c6febbaffb36b37f commit 3532515277d807ef1c921551c6febbaffb36b37f Author: Kevin Bowling AuthorDate: 2021-04-21 02:35:14 +0000 Commit: Kevin Bowling CommitDate: 2021-05-28 05:54:24 +0000 ixgbe: Improve device name strings This is just clerical work to ease bug triage and may be used to set expectations around the ability for anyone in the community to perform testing and development on older parts. Approved by: erj MFC after: 1 month Differential Revision: https://reviews.freebsd.org/D29876 (cherry picked from commit fdbcd35a75e596a78b4c0330eaded476eaa14797) --- sys/dev/ixgbe/if_ix.c | 88 +++++++++++++++++++++++++------------------------- sys/dev/ixgbe/if_ixv.c | 10 +++--- 2 files changed, 49 insertions(+), 49 deletions(-) diff --git a/sys/dev/ixgbe/if_ix.c b/sys/dev/ixgbe/if_ix.c index 63eb1e4caa48..144204f98fdc 100644 --- a/sys/dev/ixgbe/if_ix.c +++ b/sys/dev/ixgbe/if_ix.c @@ -61,50 +61,50 @@ char ixgbe_driver_version[] = "4.0.1-k"; ************************************************************************/ static pci_vendor_info_t ixgbe_vendor_info_array[] = { - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598AF_DUAL_PORT, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598AF_SINGLE_PORT, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598EB_CX4, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598AT, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598AT2, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598_DA_DUAL_PORT, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598_CX4_DUAL_PORT, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598EB_XF_LR, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598_SR_DUAL_PORT_EM, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598EB_SFP_LOM, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_KX4, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_KX4_MEZZ, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_SFP, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_XAUI_LOM, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_CX4, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_T3_LOM, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_COMBO_BACKPLANE, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_BACKPLANE_FCOE, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_SFP_SF2, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_SFP_FCOE, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599EN_SFP, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_SFP_SF_QP, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_QSFP_SF_QP, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X540T, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X540T1, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550T, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550T1, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_KR, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_KX4, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_10G_T, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_1G_T, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_SFP, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_KR, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_KR_L, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_SFP, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_SFP_N, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_SGMII, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_SGMII_L, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_10G_T, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_1G_T, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_1G_T_L, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X540_BYPASS, "Intel(R) PRO/10GbE PCI-Express Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_BYPASS, "Intel(R) PRO/10GbE PCI-Express Network Driver"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598AF_DUAL_PORT, "Intel(R) 82598EB AF (Dual Fiber)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598AF_SINGLE_PORT, "Intel(R) 82598EB AF (Fiber)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598EB_CX4, "Intel(R) 82598EB AT (CX4)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598AT, "Intel(R) 82598EB AT"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598AT2, "Intel(R) 82598EB AT2"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598, "Intel(R) 82598"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598_DA_DUAL_PORT, "Intel(R) 82598EB AF DA (Dual Fiber)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598_CX4_DUAL_PORT, "Intel(R) 82598EB AT (Dual CX4)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598EB_XF_LR, "Intel(R) 82598EB AF (Dual Fiber LR)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598_SR_DUAL_PORT_EM, "Intel(R) 82598EB AF (Dual Fiber SR)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82598EB_SFP_LOM, "Intel(R) 82598EB LOM"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_KX4, "Intel(R) X520 82599 (KX4)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_KX4_MEZZ, "Intel(R) X520 82599 (KX4 Mezzanine)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_SFP, "Intel(R) X520 82599ES (SFI/SFP+)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_XAUI_LOM, "Intel(R) X520 82599 (XAUI/BX4)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_CX4, "Intel(R) X520 82599 (Dual CX4)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_T3_LOM, "Intel(R) X520-T 82599 LOM"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_COMBO_BACKPLANE, "Intel(R) X520 82599 (Combined Backplane)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_BACKPLANE_FCOE, "Intel(R) X520 82599 (Backplane w/FCoE)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_SFP_SF2, "Intel(R) X520 82599 (Dual SFP+)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_SFP_FCOE, "Intel(R) X520 82599 (Dual SFP+ w/FCoE)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599EN_SFP, "Intel(R) X520-1 82599EN (SFP+)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_SFP_SF_QP, "Intel(R) X520-4 82599 (Quad SFP+)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_QSFP_SF_QP, "Intel(R) X520-Q1 82599 (QSFP+)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X540T, "Intel(R) X540-AT2"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X540T1, "Intel(R) X540-T1"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550T, "Intel(R) X550-T2"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550T1, "Intel(R) X550-T1"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_KR, "Intel(R) X552 (KR Backplane)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_KX4, "Intel(R) X552 (KX4 Backplane)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_10G_T, "Intel(R) X552/X557-AT (10GBASE-T)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_1G_T, "Intel(R) X552 (1000BASE-T)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_SFP, "Intel(R) X552 (SFP+)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_KR, "Intel(R) X553 (KR Backplane)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_KR_L, "Intel(R) X553 L (KR Backplane)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_SFP, "Intel(R) X553 (SFP+)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_SFP_N, "Intel(R) X553 N (SFP+)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_SGMII, "Intel(R) X553 (1GbE SGMII)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_SGMII_L, "Intel(R) X553 L (1GbE SGMII)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_10G_T, "Intel(R) X553/X557-AT (10GBASE-T)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_1G_T, "Intel(R) X553 (1GbE)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_1G_T_L, "Intel(R) X553 L (1GbE)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X540_BYPASS, "Intel(R) X540-T2 (Bypass)"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_BYPASS, "Intel(R) X520 82599 (Bypass)"), /* required last entry */ PVID_END }; diff --git a/sys/dev/ixgbe/if_ixv.c b/sys/dev/ixgbe/if_ixv.c index 808771cb1e62..8a242b9b8cba 100644 --- a/sys/dev/ixgbe/if_ixv.c +++ b/sys/dev/ixgbe/if_ixv.c @@ -59,11 +59,11 @@ char ixv_driver_version[] = "2.0.1-k"; ************************************************************************/ static pci_vendor_info_t ixv_vendor_info_array[] = { - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_VF, "Intel(R) PRO/10GbE Virtual Function Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X540_VF, "Intel(R) PRO/10GbE Virtual Function Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550_VF, "Intel(R) PRO/10GbE Virtual Function Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_VF, "Intel(R) PRO/10GbE Virtual Function Network Driver"), - PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_VF, "Intel(R) PRO/10GbE Virtual Function Network Driver"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_82599_VF, "Intel(R) X520 82599 Virtual Function"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X540_VF, "Intel(R) X540 Virtual Function"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550_VF, "Intel(R) X550 Virtual Function"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_X_VF, "Intel(R) X552 Virtual Function"), + PVID(IXGBE_INTEL_VENDOR_ID, IXGBE_DEV_ID_X550EM_A_VF, "Intel(R) X553 Virtual Function"), /* required last entry */ PVID_END }; From owner-dev-commits-src-branches@freebsd.org Fri May 28 06:14:27 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A262064CF1E; Fri, 28 May 2021 06:14:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FrvXg3nbBz3wGY; Fri, 28 May 2021 06:14:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 698121257C; Fri, 28 May 2021 06:14:27 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14S6ER15043744; Fri, 28 May 2021 06:14:27 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14S6ER4e043743; Fri, 28 May 2021 06:14:27 GMT (envelope-from git) Date: Fri, 28 May 2021 06:14:27 GMT Message-Id: <202105280614.14S6ER4e043743@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Kevin Bowling Subject: git: ab177386aa87 - stable/12 - e1000: Correct promisc multicast filter handling MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kbowling X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: ab177386aa8790c66826be227a1d9e6b482444bb Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 May 2021 06:14:27 -0000 The branch stable/12 has been updated by kbowling (ports committer): URL: https://cgit.FreeBSD.org/src/commit/?id=ab177386aa8790c66826be227a1d9e6b482444bb commit ab177386aa8790c66826be227a1d9e6b482444bb Author: Kevin Bowling AuthorDate: 2021-04-16 23:15:50 +0000 Commit: Kevin Bowling CommitDate: 2021-05-28 06:10:48 +0000 e1000: Correct promisc multicast filter handling There are a number of issues in the e1000 multicast filter handling that have been present for a long time. Take the updated approach from ixgbe(4) which does not have the issues. The issues are outlined in the PR, in particular this solves crossing over and under the hardware's filter limit, not programming the hardware filter when we are above its limit, disabling SBP (show bad packets) when the tunable is enabled and exiting promiscuous mode, and an off-by-one error in the em_copy_maddr function. PR: 140647 Reported by: jtl Reviewed by: markj MFC after: 1 month Differential Revision: https://reviews.freebsd.org/D29789 (cherry picked from commit 4b38eed76da9c36f09bff33b5cf15687cd99016f) --- sys/dev/e1000/if_em.c | 54 +++++++++++++++++++++++---------------------------- 1 file changed, 24 insertions(+), 30 deletions(-) diff --git a/sys/dev/e1000/if_em.c b/sys/dev/e1000/if_em.c index 819ae802e654..afafeed7602f 100644 --- a/sys/dev/e1000/if_em.c +++ b/sys/dev/e1000/if_em.c @@ -317,7 +317,6 @@ static int em_enable_phy_wakeup(struct adapter *); static void em_disable_aspm(struct adapter *); int em_intr(void *arg); -static void em_disable_promisc(if_ctx_t ctx); /* MSI-X handlers */ static int em_if_msix_intr_assign(if_ctx_t, int); @@ -1662,11 +1661,20 @@ static int em_if_set_promisc(if_ctx_t ctx, int flags) { struct adapter *adapter = iflib_get_softc(ctx); + struct ifnet *ifp = iflib_get_ifp(ctx); u32 reg_rctl; - - em_disable_promisc(ctx); + int mcnt = 0; reg_rctl = E1000_READ_REG(&adapter->hw, E1000_RCTL); + reg_rctl &= ~(E1000_RCTL_SBP | E1000_RCTL_UPE); + if (flags & IFF_ALLMULTI) + mcnt = MAX_NUM_MULTICAST_ADDRESSES; + else + mcnt = if_multiaddr_count(ifp, MAX_NUM_MULTICAST_ADDRESSES); + + if (mcnt < MAX_NUM_MULTICAST_ADDRESSES) + reg_rctl &= (~E1000_RCTL_MPE); + E1000_WRITE_REG(&adapter->hw, E1000_RCTL, reg_rctl); if (flags & IFF_PROMISC) { reg_rctl |= (E1000_RCTL_UPE | E1000_RCTL_MPE); @@ -1682,42 +1690,19 @@ em_if_set_promisc(if_ctx_t ctx, int flags) return (0); } -static void -em_disable_promisc(if_ctx_t ctx) -{ - struct adapter *adapter = iflib_get_softc(ctx); - struct ifnet *ifp = iflib_get_ifp(ctx); - u32 reg_rctl; - int mcnt = 0; - - reg_rctl = E1000_READ_REG(&adapter->hw, E1000_RCTL); - reg_rctl &= (~E1000_RCTL_UPE); - if (if_getflags(ifp) & IFF_ALLMULTI) - mcnt = MAX_NUM_MULTICAST_ADDRESSES; - else - mcnt = if_multiaddr_count(ifp, MAX_NUM_MULTICAST_ADDRESSES); - /* Don't disable if in MAX groups */ - if (mcnt < MAX_NUM_MULTICAST_ADDRESSES) - reg_rctl &= (~E1000_RCTL_MPE); - reg_rctl &= (~E1000_RCTL_SBP); - E1000_WRITE_REG(&adapter->hw, E1000_RCTL, reg_rctl); -} - - /********************************************************************* * Multicast Update * * This routine is called whenever multicast address list is updated. * **********************************************************************/ - static void em_if_multi_set(if_ctx_t ctx) { struct adapter *adapter = iflib_get_softc(ctx); struct ifnet *ifp = iflib_get_ifp(ctx); - u32 reg_rctl = 0; u8 *mta; /* Multicast array memory */ + u32 reg_rctl = 0; int mcnt = 0; IOCTL_DEBUGOUT("em_set_multi: begin"); @@ -1737,11 +1722,20 @@ em_if_multi_set(if_ctx_t ctx) if_multiaddr_array(ifp, mta, &mcnt, MAX_NUM_MULTICAST_ADDRESSES); - if (mcnt >= MAX_NUM_MULTICAST_ADDRESSES) { - reg_rctl = E1000_READ_REG(&adapter->hw, E1000_RCTL); + reg_rctl = E1000_READ_REG(&adapter->hw, E1000_RCTL); + + if (if_getflags(ifp) & IFF_PROMISC) + reg_rctl |= (E1000_RCTL_UPE | E1000_RCTL_MPE); + else if (mcnt >= MAX_NUM_MULTICAST_ADDRESSES || + if_getflags(ifp) & IFF_ALLMULTI) { reg_rctl |= E1000_RCTL_MPE; - E1000_WRITE_REG(&adapter->hw, E1000_RCTL, reg_rctl); + reg_rctl &= ~E1000_RCTL_UPE; } else + reg_rctl &= ~(E1000_RCTL_UPE | E1000_RCTL_MPE); + + E1000_WRITE_REG(&adapter->hw, E1000_RCTL, reg_rctl); + + if (mcnt < MAX_NUM_MULTICAST_ADDRESSES) e1000_update_mc_addr_list(&adapter->hw, mta, mcnt); if (adapter->hw.mac.type == e1000_82542 && From owner-dev-commits-src-branches@freebsd.org Fri May 28 12:07:53 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BAAFB6521FD; Fri, 28 May 2021 12:07:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fs3NT4vcNz3C4q; Fri, 28 May 2021 12:07:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8D21A166E4; Fri, 28 May 2021 12:07:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14SC7rkR012948; Fri, 28 May 2021 12:07:53 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14SC7rLf012947; Fri, 28 May 2021 12:07:53 GMT (envelope-from git) Date: Fri, 28 May 2021 12:07:53 GMT Message-Id: <202105281207.14SC7rLf012947@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: 4f2efb2ff471 - stable/13 - ldconfig(8): update manpage to reality MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 4f2efb2ff471fd4cbf7d4b236243d75b2c14da99 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 May 2021 12:07:53 -0000 The branch stable/13 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=4f2efb2ff471fd4cbf7d4b236243d75b2c14da99 commit 4f2efb2ff471fd4cbf7d4b236243d75b2c14da99 Author: Konstantin Belousov AuthorDate: 2021-05-15 05:12:35 +0000 Commit: Konstantin Belousov CommitDate: 2021-05-28 12:04:52 +0000 ldconfig(8): update manpage to reality (cherry picked from commit a19e14ca2d36aa9d5bd392881abd85bf9e2e89ad) --- sbin/ldconfig/ldconfig.8 | 114 +++++++++++++++++++---------------------------- 1 file changed, 47 insertions(+), 67 deletions(-) diff --git a/sbin/ldconfig/ldconfig.8 b/sbin/ldconfig/ldconfig.8 index 9a1463be1ad4..63e2271b7cd5 100644 --- a/sbin/ldconfig/ldconfig.8 +++ b/sbin/ldconfig/ldconfig.8 @@ -1,6 +1,11 @@ .\" .\" Copyright (c) 1993 Paul Kranenburg .\" All rights reserved. +.\" Copyright (c) 2021 The FreeBSD Foundation, Inc. +.\" +.\" Portions of this documentation were written by +.\" Konstantin Belousov under sponsorship +.\" from the FreeBSD Foundation. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -29,36 +34,40 @@ .\" .\" $FreeBSD$ .\" -.Dd December 31, 2020 +.Dd May 15, 2021 .Dt LDCONFIG 8 .Os .Sh NAME .Nm ldconfig -.Nd configure the shared library cache +.Nd configure the dynamic linker search path for shared libraries .Sh SYNOPSIS .Nm .Op Fl 32 -.Op Fl elf .Op Fl Rimrsv .Op Fl f Ar hints_file .Op Ar directory | Ar .Sh DESCRIPTION -The .Nm -utility is used to prepare a set of -.Dq hints -for use by the dynamic linker -to facilitate quick lookup of shared libraries available in multiple -directories. -It scans a set of built-in system directories and any +utility is used to configure the set of paths used by the dynamic linker +.Xr ld-elf.so.1 1 +when searching for shared libraries. +The dynamic linker looks for libraries in a set of built-in system directories +and any directories specified in the hints file. +This obviates the need for storing search paths within the executable, +see the +.Fl rpath +option for the static linker +.Xr ld 1 . +.Pp +The hints file is maintained by +.Nm . +The .Ar directories -specified on the command line (in the given order) looking for -shared libraries and stores the results in a system file to forestall -the overhead that would otherwise result from the directory search -operations the dynamic linker would have to perform to load the -required shared libraries. +list to be stored in the hints file is supplied on the command line. .Pp -Alternatively, +Alternatively to the +.Ar directories +list on the command line, .Ar files may be specified; these are expected to contain directories to scan for shared libraries. @@ -67,9 +76,6 @@ line. Blank lines and lines starting with the comment character .Ql \&# are ignored. -Filenames must conform to the -.Pa lib*.so.[0-9] -pattern in order to be added to the hints file. .Pp For security reasons, directories which are world or group-writable or which are not owned by root produce warning messages and are skipped, unless @@ -77,16 +83,10 @@ the .Fl i option is present. .Pp -The shared libraries which are found will be automatically available for loading -if needed by the program being prepared for execution. -This obviates the need -for storing search paths within the executable. -.Pp The .Ev LD_LIBRARY_PATH -environment variable can be used to override the use of -directories (or the order thereof) from the cache or to specify additional -directories where shared libraries might be found. +environment variable can be used to specify additional +shared library search directories. .Ev LD_LIBRARY_PATH is a .Sq \&: @@ -99,10 +99,6 @@ equivalent of the switch of .Xr ld 1 . .Pp -The -.Nm -utility is typically run as part of the boot sequence. -.Pp The following options are recognized by .Nm : .Bl -tag -width indent @@ -112,12 +108,10 @@ on 64-bit systems that support running 32-bit binaries. .It Fl elf Ignored for backwards compatibility. .It Fl R -Rescan the previously configured directories. -This opens the previous hints -file and fetches the directory list from the header. -Any additional pathnames -on the command line are also processed. -This is the default action when no parameters are given. +Appends pathnames on the command line to the directory list from +the hints file. +.Pp +This is the default action when no options are given. .It Fl f Ar hints_file Read and/or update the specified hints file, instead of the standard file. This option is provided primarily for testing. @@ -125,19 +119,15 @@ This option is provided primarily for testing. Run in insecure mode. The security checks will not be performed. .It Fl m -Instead of replacing the contents of the hints file -with those found in the directories specified, -.Dq merge -in new entries. -Directories recorded in the hints file by previous runs of -.Nm -are also rescanned for new shared libraries. +Instead of replacing the list of the directories to search with the +directories specified on the command line, merge existing list +with the specified directories, and write the result to the hints file. .It Fl r -List the current contents of the hints file +List the current list of the directories from the hints file on the standard output. The hints file is not modified. -The list of -directories stored in the hints file is included. +.Pp +Scan and print all libraries found on the directories list. .It Fl s Do not scan the built-in system directory .Pq Dq /usr/lib @@ -151,40 +141,31 @@ space of .Ev set-user-Id programs. Whenever such a program is run by any user except the owner of the program, -the dynamic linker -will only load shared libraries from the hints -file. +the dynamic linker will only load shared libraries from paths found in +the hints file. In particular, the .Ev LD_LIBRARY_PATH is not used to search for libraries. -Thus, the role of +Thus, .Nm -is dual. -In addition to building a set of hints for quick lookup, it also serves to -specify the trusted collection of directories from which shared objects can -be safely loaded. +serves to specify the trusted collection of directories from which +shared objects can be safely loaded. .Sh FILES .Bl -tag -width /var/run/ld-elf.so.hintsxxx -compact -.It Pa /var/run/ld.so.hints -Standard hints file for the a.out dynamic linker. .It Pa /var/run/ld-elf.so.hints Standard hints file for the ELF dynamic linker. -.It Pa /etc/ld.so.conf -Conventional configuration file containing directory names for -invocations with -.Fl aout . .It Pa /etc/ld-elf.so.conf Conventional configuration file containing directory names for invocations with .Fl elf . .It Pa /var/run/ld-elf32.so.hints -.It Pa /var/run/ld32.so.hints Conventional configuration files containing directory names for invocations with .Fl 32 . .El .Sh SEE ALSO .Xr ld 1 , +.Xr ld-elf.so.1 , .Xr link 5 .Sh HISTORY A @@ -192,8 +173,7 @@ A utility first appeared in SunOS 4.0, it appeared in its current form in .Fx 1.1 . -.Sh BUGS -Some security checks (for example, verifying root ownership of -added directories) are not performed when -.Fl aout -is specified. +.Pp +The name 'hints file' is historic from the times when the file also contained +hints to the dynamic linker. +This functionality is not provided for ELF. From owner-dev-commits-src-branches@freebsd.org Fri May 28 13:44:04 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2DC14653C3B; Fri, 28 May 2021 13:44:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fs5WS0fCNz3LXb; Fri, 28 May 2021 13:44:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id F26B918486; Fri, 28 May 2021 13:44:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14SDi3f4045268; Fri, 28 May 2021 13:44:03 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14SDi37O045267; Fri, 28 May 2021 13:44:03 GMT (envelope-from git) Date: Fri, 28 May 2021 13:44:03 GMT Message-Id: <202105281344.14SDi37O045267@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Nathan Whitehorn Subject: git: 4aaf6dd0a6b1 - stable/13 - Fix scripted installs on EFI systems using ZFS root with zfsboot. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: nwhitehorn X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 4aaf6dd0a6b11accf34ca999465c34e29153680f Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 May 2021 13:44:04 -0000 The branch stable/13 has been updated by nwhitehorn: URL: https://cgit.FreeBSD.org/src/commit/?id=4aaf6dd0a6b11accf34ca999465c34e29153680f commit 4aaf6dd0a6b11accf34ca999465c34e29153680f Author: Nathan Whitehorn AuthorDate: 2021-05-14 12:30:41 +0000 Commit: Nathan Whitehorn CommitDate: 2021-05-28 13:43:35 +0000 Fix scripted installs on EFI systems using ZFS root with zfsboot. Unlike attended installations, scripted installs did not mount non-ZFS partitions when ZFS root (via zfsboot) was selected. Since this included the ESP, the EFI loader was not installed. Copy logic from the attended-install path to make this work. PR: 255824, 255081 MFC after: 1 week Obtained from: Mark Huizer (cherry picked from commit 34766aa8cb514472c571f8b0e90e833833acef51) --- usr.sbin/bsdinstall/scripts/script | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/usr.sbin/bsdinstall/scripts/script b/usr.sbin/bsdinstall/scripts/script index 1d8e52a9d6d3..6a03e88bba39 100755 --- a/usr.sbin/bsdinstall/scripts/script +++ b/usr.sbin/bsdinstall/scripts/script @@ -111,8 +111,8 @@ if [ "$ZFSBOOT_DISKS" ]; then bsdinstall zfsboot else bsdinstall scriptedpart "$PARTITIONS" - bsdinstall mount fi +bsdinstall mount # Unpack distributions bsdinstall checksum @@ -163,9 +163,8 @@ fi bsdinstall entropy if [ "$ZFSBOOT_DISKS" ]; then zpool export $ZFSBOOT_POOL_NAME -else - bsdinstall umount fi +bsdinstall umount f_dprintf "Installation Completed at %s" "$( date )" From owner-dev-commits-src-branches@freebsd.org Fri May 28 17:00:56 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1BC6C65691C; Fri, 28 May 2021 17:00:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fs9tc0B6Pz3pBc; Fri, 28 May 2021 17:00:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DEAAC1A97F; Fri, 28 May 2021 17:00:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14SH0tlU019806; Fri, 28 May 2021 17:00:55 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14SH0tII019805; Fri, 28 May 2021 17:00:55 GMT (envelope-from git) Date: Fri, 28 May 2021 17:00:55 GMT Message-Id: <202105281700.14SH0tII019805@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: f9972532343b - stable/13 - libradius: Fix attribute length validation in rad_get_attr(3) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: f9972532343bb1eb101bf7afef2966972eea3b5e Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 May 2021 17:00:56 -0000 The branch stable/13 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=f9972532343bb1eb101bf7afef2966972eea3b5e commit f9972532343bb1eb101bf7afef2966972eea3b5e Author: Mark Johnston AuthorDate: 2021-05-28 14:41:43 +0000 Commit: Mark Johnston CommitDate: 2021-05-28 17:00:19 +0000 libradius: Fix attribute length validation in rad_get_attr(3) The length of the attribute header needs to be excluded when comparing the attribute length against the length of the packet. Otherwise, validation may incorrectly fail when fetching the final attribute in a message. Fixes: 8d5c78130 ("libradius: Fix input validation bugs") Reported by: Peter Eriksson Tested by: Peter Eriksson Sponsored by: The FreeBSD Foundation (cherry picked from commit 6bb5699d2b59491097bc21ffa3c097cdd4853f89) --- lib/libradius/radlib.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/libradius/radlib.c b/lib/libradius/radlib.c index 18aee8b53024..4d21887c4ee2 100644 --- a/lib/libradius/radlib.c +++ b/lib/libradius/radlib.c @@ -964,7 +964,12 @@ rad_get_attr(struct rad_handle *h, const void **value, size_t *lenp) } type = h->in[h->in_pos++]; len = h->in[h->in_pos++]; - if (len < 2 || h->in_pos + len > h->in_len) { + if (len < 2) { + generr(h, "Malformed attribute in response"); + return -1; + } + len -= 2; + if (h->in_pos + len > h->in_len) { generr(h, "Malformed attribute in response"); return -1; } From owner-dev-commits-src-branches@freebsd.org Fri May 28 17:01:16 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id DA0C4656A1A; Fri, 28 May 2021 17:01:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fs9v05rgyz3pVl; Fri, 28 May 2021 17:01:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A3EE21AE04; Fri, 28 May 2021 17:01:16 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14SH1Gd4020087; Fri, 28 May 2021 17:01:16 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14SH1GeN020086; Fri, 28 May 2021 17:01:16 GMT (envelope-from git) Date: Fri, 28 May 2021 17:01:16 GMT Message-Id: <202105281701.14SH1GeN020086@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: f146c0338c6c - stable/12 - libradius: Fix attribute length validation in rad_get_attr(3) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: f146c0338c6cba4b782877d6185c99cb6e45d6ec Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 May 2021 17:01:16 -0000 The branch stable/12 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=f146c0338c6cba4b782877d6185c99cb6e45d6ec commit f146c0338c6cba4b782877d6185c99cb6e45d6ec Author: Mark Johnston AuthorDate: 2021-05-28 14:41:43 +0000 Commit: Mark Johnston CommitDate: 2021-05-28 17:01:06 +0000 libradius: Fix attribute length validation in rad_get_attr(3) The length of the attribute header needs to be excluded when comparing the attribute length against the length of the packet. Otherwise, validation may incorrectly fail when fetching the final attribute in a message. Fixes: 8d5c78130 ("libradius: Fix input validation bugs") Reported by: Peter Eriksson Tested by: Peter Eriksson Sponsored by: The FreeBSD Foundation (cherry picked from commit 6bb5699d2b59491097bc21ffa3c097cdd4853f89) --- lib/libradius/radlib.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/libradius/radlib.c b/lib/libradius/radlib.c index a70c8c62a9e7..c9711d2e6296 100644 --- a/lib/libradius/radlib.c +++ b/lib/libradius/radlib.c @@ -964,7 +964,12 @@ rad_get_attr(struct rad_handle *h, const void **value, size_t *lenp) } type = h->in[h->in_pos++]; len = h->in[h->in_pos++]; - if (len < 2 || h->in_pos + len > h->in_len) { + if (len < 2) { + generr(h, "Malformed attribute in response"); + return -1; + } + len -= 2; + if (h->in_pos + len > h->in_len) { generr(h, "Malformed attribute in response"); return -1; } From owner-dev-commits-src-branches@freebsd.org Fri May 28 17:01:31 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A66C8656AC2; Fri, 28 May 2021 17:01:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Fs9vH0djCz3pWP; Fri, 28 May 2021 17:01:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id E10C01AE08; Fri, 28 May 2021 17:01:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14SH1UaU020327; Fri, 28 May 2021 17:01:30 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14SH1UZJ020326; Fri, 28 May 2021 17:01:30 GMT (envelope-from git) Date: Fri, 28 May 2021 17:01:30 GMT Message-Id: <202105281701.14SH1UZJ020326@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Mark Johnston Subject: git: dbb3df26a8a3 - stable/11 - libradius: Fix attribute length validation in rad_get_attr(3) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: markj X-Git-Repository: src X-Git-Refname: refs/heads/stable/11 X-Git-Reftype: branch X-Git-Commit: dbb3df26a8a3e1343b42844a6a6e3e9adf49ca8c Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 May 2021 17:01:31 -0000 The branch stable/11 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=dbb3df26a8a3e1343b42844a6a6e3e9adf49ca8c commit dbb3df26a8a3e1343b42844a6a6e3e9adf49ca8c Author: Mark Johnston AuthorDate: 2021-05-28 14:41:43 +0000 Commit: Mark Johnston CommitDate: 2021-05-28 17:00:37 +0000 libradius: Fix attribute length validation in rad_get_attr(3) The length of the attribute header needs to be excluded when comparing the attribute length against the length of the packet. Otherwise, validation may incorrectly fail when fetching the final attribute in a message. Fixes: 8d5c78130 ("libradius: Fix input validation bugs") Reported by: Peter Eriksson Tested by: Peter Eriksson Sponsored by: The FreeBSD Foundation (cherry picked from commit 6bb5699d2b59491097bc21ffa3c097cdd4853f89) --- lib/libradius/radlib.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/libradius/radlib.c b/lib/libradius/radlib.c index acca95da6f66..e679b95089b0 100644 --- a/lib/libradius/radlib.c +++ b/lib/libradius/radlib.c @@ -949,7 +949,12 @@ rad_get_attr(struct rad_handle *h, const void **value, size_t *lenp) } type = h->in[h->in_pos++]; len = h->in[h->in_pos++]; - if (len < 2 || h->in_pos + len > h->in_len) { + if (len < 2) { + generr(h, "Malformed attribute in response"); + return -1; + } + len -= 2; + if (h->in_pos + len > h->in_len) { generr(h, "Malformed attribute in response"); return -1; } From owner-dev-commits-src-branches@freebsd.org Sat May 29 03:50:15 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6EDCF638036; Sat, 29 May 2021 03:50:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FsSHq2RBCz3QtV; Sat, 29 May 2021 03:50:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 3BBDB233DE; Sat, 29 May 2021 03:50:15 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14T3oFti070657; Sat, 29 May 2021 03:50:15 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14T3oF2P070648; Sat, 29 May 2021 03:50:15 GMT (envelope-from git) Date: Sat, 29 May 2021 03:50:15 GMT Message-Id: <202105290350.14T3oF2P070648@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Jessica Clarke Subject: git: ddd0a8bffe35 - stable/13 - .github: Attempt to un-break Clang 9 action MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jrtc27 X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: ddd0a8bffe35fce60e71147d3789564ad1997ba3 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 May 2021 03:50:15 -0000 The branch stable/13 has been updated by jrtc27: URL: https://cgit.FreeBSD.org/src/commit/?id=ddd0a8bffe35fce60e71147d3789564ad1997ba3 commit ddd0a8bffe35fce60e71147d3789564ad1997ba3 Author: Jessica Clarke AuthorDate: 2021-05-29 03:36:36 +0000 Commit: Jessica Clarke CommitDate: 2021-05-29 03:38:07 +0000 .github: Attempt to un-break Clang 9 action GitHub removed Clang 9 from the 20.04 image[1], breaking this build. Thus, manually add the specific versioned packages we need for the Ubuntu jobs to ensure they're installed. Note that we don't do the same for macOS, as Homebrew does not allow multiple llvm@N to co-exist, giving an error if you attempt to install a second one. In practice we don't actually use the compiler field here for anything other than the build name, it's only the cross-bindir that matters, so when it eventually moves to 12 the name will get confusing but the job will still work. MFC after: immediately [1] https://github.com/actions/virtual-environments/commit/15a610677be406d250c1f6732b03c8b87e693a0a (cherry picked from commit e5f5b6a75c0aa0f51a399e2002d15b51211630b5) --- .github/workflows/cross-bootstrap-tools.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cross-bootstrap-tools.yml b/.github/workflows/cross-bootstrap-tools.yml index f002cb0fbbe2..22aa1065d44b 100644 --- a/.github/workflows/cross-bootstrap-tools.yml +++ b/.github/workflows/cross-bootstrap-tools.yml @@ -18,11 +18,11 @@ jobs: - os: ubuntu-20.04 compiler: clang-9 cross-bindir: /usr/lib/llvm-9/bin - pkgs: bmake libarchive-dev + pkgs: bmake libarchive-dev clang-9 lld-9 - os: ubuntu-20.04 compiler: clang-10 cross-bindir: /usr/lib/llvm-10/bin - pkgs: bmake libarchive-dev + pkgs: bmake libarchive-dev clang-10 lld-10 - os: macOS-latest compiler: clang-11 pkgs: bmake libarchive From owner-dev-commits-src-branches@freebsd.org Sat May 29 12:17:32 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A896563FC05; Sat, 29 May 2021 12:17:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FsgY84PF5z4mcQ; Sat, 29 May 2021 12:17:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7ECFD1F46; Sat, 29 May 2021 12:17:32 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14TCHWTq044525; Sat, 29 May 2021 12:17:32 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14TCHW3i044524; Sat, 29 May 2021 12:17:32 GMT (envelope-from git) Date: Sat, 29 May 2021 12:17:32 GMT Message-Id: <202105291217.14TCHW3i044524@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: dfdd29b6083c - stable/13 - vn_need_pageq_flush(): simplify MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: dfdd29b6083c1941b7a9579baf5fe08a0438aa8f Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 May 2021 12:17:32 -0000 The branch stable/13 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=dfdd29b6083c1941b7a9579baf5fe08a0438aa8f commit dfdd29b6083c1941b7a9579baf5fe08a0438aa8f Author: Konstantin Belousov AuthorDate: 2021-05-21 07:34:27 +0000 Commit: Konstantin Belousov CommitDate: 2021-05-29 11:48:09 +0000 vn_need_pageq_flush(): simplify (cherry picked from commit d713bf79273ad928f591dee2f8a553487e515e9b) --- sys/kern/vfs_subr.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/sys/kern/vfs_subr.c b/sys/kern/vfs_subr.c index 270dab02bf39..ee570f216b40 100644 --- a/sys/kern/vfs_subr.c +++ b/sys/kern/vfs_subr.c @@ -5122,14 +5122,10 @@ int vn_need_pageq_flush(struct vnode *vp) { struct vm_object *obj; - int need; - MPASS(mtx_owned(VI_MTX(vp))); - need = 0; - if ((obj = vp->v_object) != NULL && (vp->v_vflag & VV_NOSYNC) == 0 && - vm_object_mightbedirty(obj)) - need = 1; - return (need); + obj = vp->v_object; + return (obj != NULL && (vp->v_vflag & VV_NOSYNC) == 0 && + vm_object_mightbedirty(obj)); } /* From owner-dev-commits-src-branches@freebsd.org Sat May 29 12:17:33 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id CA41A63FBBD; Sat, 29 May 2021 12:17:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FsgY94nRbz4mg0; Sat, 29 May 2021 12:17:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8B3BA1E78; Sat, 29 May 2021 12:17:33 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14TCHXU5044546; Sat, 29 May 2021 12:17:33 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14TCHX1L044545; Sat, 29 May 2021 12:17:33 GMT (envelope-from git) Date: Sat, 29 May 2021 12:17:33 GMT Message-Id: <202105291217.14TCHX1L044545@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: 67e2940b2973 - stable/13 - nullfs: dirty v_object must imply the need for inactivation MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 67e2940b2973d2d37c6a3886f1755d54917fa972 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 May 2021 12:17:34 -0000 The branch stable/13 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=67e2940b2973d2d37c6a3886f1755d54917fa972 commit 67e2940b2973d2d37c6a3886f1755d54917fa972 Author: Konstantin Belousov AuthorDate: 2021-05-21 07:30:19 +0000 Commit: Konstantin Belousov CommitDate: 2021-05-29 11:48:09 +0000 nullfs: dirty v_object must imply the need for inactivation (cherry picked from commit 42881526d401e7a9c09241e392b7ffa18cfe11d6) --- sys/fs/nullfs/null_vnops.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/fs/nullfs/null_vnops.c b/sys/fs/nullfs/null_vnops.c index 607755fd62d9..3b4e30d8a499 100644 --- a/sys/fs/nullfs/null_vnops.c +++ b/sys/fs/nullfs/null_vnops.c @@ -818,7 +818,7 @@ static int null_need_inactive(struct vop_need_inactive_args *ap) { - return (null_want_recycle(ap->a_vp)); + return (null_want_recycle(ap->a_vp) || vn_need_pageq_flush(ap->a_vp)); } /* From owner-dev-commits-src-branches@freebsd.org Sat May 29 13:13:04 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3244F640424; Sat, 29 May 2021 13:13:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FshnD0tGNz4tb1; Sat, 29 May 2021 13:13:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 058A429F1; Sat, 29 May 2021 13:13:04 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14TDD3gL023931; Sat, 29 May 2021 13:13:03 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14TDD3Q5023930; Sat, 29 May 2021 13:13:03 GMT (envelope-from git) Date: Sat, 29 May 2021 13:13:03 GMT Message-Id: <202105291313.14TDD3Q5023930@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: 738ebfa0f6b4 - stable/13 - libalias: Style cleanup MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 738ebfa0f6b420523c49b8c774ad0c07bd335313 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 May 2021 13:13:04 -0000 The branch stable/13 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=738ebfa0f6b420523c49b8c774ad0c07bd335313 commit 738ebfa0f6b420523c49b8c774ad0c07bd335313 Author: Lutz Donnerhacke AuthorDate: 2021-05-14 13:08:08 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-29 13:08:02 +0000 libalias: Style cleanup libalias is a convolut of various coding styles modified by a series of different editors enforcing interesting convetions on spacing and comments. This patch is a baseline to start with a perfomance rework of libalias. Upcoming patches should be focus on the code, not on the style. That's why most annoying style errors should be fixed beforehand. Reviewed by: hselasky Discussed by: emaste Differential Revision: https://reviews.freebsd.org/D30259 (cherry picked from commit effc8e57fbf03d7f1423c662caf2b63f0d1d21a9) At some places the ASSERT was inserted before variable declarations are finished. This is fixed now. Reported by: kib Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D30282 (cherry picked from commit 2e6b07866f9e1520626a1523f6609cc411bdda1c) --- sys/netinet/libalias/alias.c | 379 ++++++++++++++++----------------- sys/netinet/libalias/alias.h | 44 ++-- sys/netinet/libalias/alias_db.c | 414 +++++++++++++++++------------------- sys/netinet/libalias/alias_dummy.c | 15 +- sys/netinet/libalias/alias_ftp.c | 68 +++--- sys/netinet/libalias/alias_irc.c | 52 +++-- sys/netinet/libalias/alias_local.h | 178 +++++++--------- sys/netinet/libalias/alias_mod.c | 2 - sys/netinet/libalias/alias_nbt.c | 253 ++++++++++------------ sys/netinet/libalias/alias_pptp.c | 84 ++++---- sys/netinet/libalias/alias_proxy.c | 271 ++++++++++++----------- sys/netinet/libalias/alias_sctp.c | 138 ++++++------ sys/netinet/libalias/alias_sctp.h | 26 +-- sys/netinet/libalias/alias_skinny.c | 30 ++- sys/netinet/libalias/alias_smedia.c | 91 ++++---- sys/netinet/libalias/alias_util.c | 30 +-- 16 files changed, 975 insertions(+), 1100 deletions(-) diff --git a/sys/netinet/libalias/alias.c b/sys/netinet/libalias/alias.c index 900731fcbec6..0e2756affcb4 100644 --- a/sys/netinet/libalias/alias.c +++ b/sys/netinet/libalias/alias.c @@ -146,7 +146,7 @@ __FBSDID("$FreeBSD$"); #include "alias_mod.h" #endif -/* +/* * Define libalias SYSCTL Node */ #ifdef SYSCTL_NODE @@ -192,7 +192,6 @@ static void TcpMonitorOut(u_char, struct alias_link *); static void TcpMonitorIn(u_char th_flags, struct alias_link *lnk) { - switch (GetStateIn(lnk)) { case ALIAS_TCP_STATE_NOT_CONNECTED: if (th_flags & TH_RST) @@ -210,7 +209,6 @@ TcpMonitorIn(u_char th_flags, struct alias_link *lnk) static void TcpMonitorOut(u_char th_flags, struct alias_link *lnk) { - switch (GetStateOut(lnk)) { case ALIAS_TCP_STATE_NOT_CONNECTED: if (th_flags & TH_RST) @@ -285,21 +283,20 @@ static int UdpAliasOut(struct libalias *, struct ip *, int, int create); static int TcpAliasIn(struct libalias *, struct ip *); static int TcpAliasOut(struct libalias *, struct ip *, int, int create); -static int -IcmpAliasIn1(struct libalias *la, struct ip *pip) -{ - - LIBALIAS_LOCK_ASSERT(la); /* De-alias incoming echo and timestamp replies. Alias incoming echo and timestamp requests. */ +static int +IcmpAliasIn1(struct libalias *la, struct ip *pip) +{ struct alias_link *lnk; struct icmp *ic; + LIBALIAS_LOCK_ASSERT(la); ic = (struct icmp *)ip_next(pip); -/* Get source address from ICMP data field and restore original data */ + /* Get source address from ICMP data field and restore original data */ lnk = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1); if (lnk != NULL) { u_short original_id; @@ -307,15 +304,15 @@ IcmpAliasIn1(struct libalias *la, struct ip *pip) original_id = GetOriginalPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = ic->icmp_id; accumulate -= original_id; ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); -/* Put original sequence number back in */ + /* Put original sequence number back in */ ic->icmp_id = original_id; -/* Put original address back into IP header */ + /* Put original address back into IP header */ { struct in_addr original_address; @@ -330,21 +327,20 @@ IcmpAliasIn1(struct libalias *la, struct ip *pip) return (PKT_ALIAS_IGNORED); } -static int -IcmpAliasIn2(struct libalias *la, struct ip *pip) -{ - - LIBALIAS_LOCK_ASSERT(la); /* Alias incoming ICMP error messages containing IP header and first 64 bits of datagram. */ +static int +IcmpAliasIn2(struct libalias *la, struct ip *pip) +{ struct ip *ip; struct icmp *ic, *ic2; struct udphdr *ud; struct tcphdr *tc; struct alias_link *lnk; + LIBALIAS_LOCK_ASSERT(la); ic = (struct icmp *)ip_next(pip); ip = &ic->icmp_ip; @@ -377,7 +373,7 @@ IcmpAliasIn2(struct libalias *la, struct ip *pip) original_address = GetOriginalAddress(lnk); original_port = GetOriginalPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = twowords(&ip->ip_src); accumulate -= twowords(&original_address); accumulate += ud->uh_sport; @@ -388,13 +384,14 @@ IcmpAliasIn2(struct libalias *la, struct ip *pip) accumulate2 -= ip->ip_sum; ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum); -/* Un-alias address in IP header */ + /* Un-alias address in IP header */ DifferentialChecksum(&pip->ip_sum, &original_address, &pip->ip_dst, 2); pip->ip_dst = original_address; -/* Un-alias address and port number of original IP packet -fragment contained in ICMP data section */ + /* Un-alias address and port number of + * original IP packet fragment contained + * in ICMP data section */ ip->ip_src = original_address; ud->uh_sport = original_port; } else if (ip->ip_p == IPPROTO_ICMP) { @@ -405,7 +402,7 @@ fragment contained in ICMP data section */ original_address = GetOriginalAddress(lnk); original_id = GetOriginalPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = twowords(&ip->ip_src); accumulate -= twowords(&original_address); accumulate += ic2->icmp_id; @@ -416,13 +413,13 @@ fragment contained in ICMP data section */ accumulate2 -= ip->ip_sum; ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum); -/* Un-alias address in IP header */ + /* Un-alias address in IP header */ DifferentialChecksum(&pip->ip_sum, &original_address, &pip->ip_dst, 2); pip->ip_dst = original_address; -/* Un-alias address of original IP packet and sequence number of - embedded ICMP datagram */ + /* Un-alias address of original IP packet and + * sequence number of embedded ICMP datagram */ ip->ip_src = original_address; ic2->icmp_id = original_id; } @@ -444,7 +441,7 @@ IcmpAliasIn(struct libalias *la, struct ip *pip) if (dlen < ICMP_MINLEN) return (PKT_ALIAS_IGNORED); -/* Return if proxy-only mode is enabled */ + /* Return if proxy-only mode is enabled */ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) return (PKT_ALIAS_OK); @@ -475,20 +472,20 @@ IcmpAliasIn(struct libalias *la, struct ip *pip) return (iresult); } -static int -IcmpAliasOut1(struct libalias *la, struct ip *pip, int create) -{ /* Alias outgoing echo and timestamp requests. De-alias outgoing echo and timestamp replies. */ +static int +IcmpAliasOut1(struct libalias *la, struct ip *pip, int create) +{ struct alias_link *lnk; struct icmp *ic; LIBALIAS_LOCK_ASSERT(la); ic = (struct icmp *)ip_next(pip); -/* Save overwritten data for when echo packet returns */ + /* Save overwritten data for when echo packet returns */ lnk = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, create); if (lnk != NULL) { u_short alias_id; @@ -496,15 +493,15 @@ IcmpAliasOut1(struct libalias *la, struct ip *pip, int create) alias_id = GetAliasPort(lnk); -/* Since data field is being modified, adjust ICMP checksum */ + /* Since data field is being modified, adjust ICMP checksum */ accumulate = ic->icmp_id; accumulate -= alias_id; ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); -/* Alias sequence number */ + /* Alias sequence number */ ic->icmp_id = alias_id; -/* Change source address */ + /* Change source address */ { struct in_addr alias_address; @@ -519,13 +516,13 @@ IcmpAliasOut1(struct libalias *la, struct ip *pip, int create) return (PKT_ALIAS_IGNORED); } -static int -IcmpAliasOut2(struct libalias *la, struct ip *pip) -{ /* Alias outgoing ICMP error messages containing IP header and first 64 bits of datagram. */ +static int +IcmpAliasOut2(struct libalias *la, struct ip *pip) +{ struct ip *ip; struct icmp *ic, *ic2; struct udphdr *ud; @@ -565,24 +562,24 @@ IcmpAliasOut2(struct libalias *la, struct ip *pip) alias_address = GetAliasAddress(lnk); alias_port = GetAliasPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = twowords(&ip->ip_dst); accumulate -= twowords(&alias_address); accumulate += ud->uh_dport; accumulate -= alias_port; ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); -/* - * Alias address in IP header if it comes from the host - * the original TCP/UDP packet was destined for. - */ + /* + * Alias address in IP header if it comes from the host + * the original TCP/UDP packet was destined for. + */ if (pip->ip_src.s_addr == ip->ip_dst.s_addr) { DifferentialChecksum(&pip->ip_sum, &alias_address, &pip->ip_src, 2); pip->ip_src = alias_address; } -/* Alias address and port number of original IP packet -fragment contained in ICMP data section */ + /* Alias address and port number of original IP packet + * fragment contained in ICMP data section */ ip->ip_dst = alias_address; ud->uh_dport = alias_port; } else if (ip->ip_p == IPPROTO_ICMP) { @@ -593,24 +590,24 @@ fragment contained in ICMP data section */ alias_address = GetAliasAddress(lnk); alias_id = GetAliasPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = twowords(&ip->ip_dst); accumulate -= twowords(&alias_address); accumulate += ic2->icmp_id; accumulate -= alias_id; ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); -/* - * Alias address in IP header if it comes from the host - * the original ICMP message was destined for. - */ + /* + * Alias address in IP header if it comes from the host + * the original ICMP message was destined for. + */ if (pip->ip_src.s_addr == ip->ip_dst.s_addr) { DifferentialChecksum(&pip->ip_sum, &alias_address, &pip->ip_src, 2); pip->ip_src = alias_address; } -/* Alias address of original IP packet and sequence number of - embedded ICMP datagram */ + /* Alias address of original IP packet and + * sequence number of embedded ICMP datagram */ ip->ip_dst = alias_address; ic2->icmp_id = alias_id; } @@ -628,7 +625,7 @@ IcmpAliasOut(struct libalias *la, struct ip *pip, int create) LIBALIAS_LOCK_ASSERT(la); (void)create; -/* Return if proxy-only mode is enabled */ + /* Return if proxy-only mode is enabled */ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) return (PKT_ALIAS_OK); @@ -655,20 +652,20 @@ IcmpAliasOut(struct libalias *la, struct ip *pip, int create) return (iresult); } -static int -ProtoAliasIn(struct libalias *la, struct in_addr ip_src, - struct ip *pip, u_char ip_p, u_short *ip_sum) -{ /* Handle incoming IP packets. The only thing which is done in this case is to alias the dest IP address of the packet to our inside machine. */ +static int +ProtoAliasIn(struct libalias *la, struct in_addr ip_src, + struct ip *pip, u_char ip_p, u_short *ip_sum) +{ struct alias_link *lnk; LIBALIAS_LOCK_ASSERT(la); -/* Return if proxy-only mode is enabled */ + /* Return if proxy-only mode is enabled */ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) return (PKT_ALIAS_OK); @@ -678,7 +675,7 @@ ProtoAliasIn(struct libalias *la, struct in_addr ip_src, original_address = GetOriginalAddress(lnk); -/* Restore original IP address */ + /* Restore original IP address */ DifferentialChecksum(ip_sum, &original_address, &pip->ip_dst, 2); pip->ip_dst = original_address; @@ -688,20 +685,20 @@ ProtoAliasIn(struct libalias *la, struct in_addr ip_src, return (PKT_ALIAS_IGNORED); } -static int -ProtoAliasOut(struct libalias *la, struct ip *pip, - struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create) -{ /* Handle outgoing IP packets. The only thing which is done in this case is to alias the source IP address of the packet. */ +static int +ProtoAliasOut(struct libalias *la, struct ip *pip, + struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create) +{ struct alias_link *lnk; LIBALIAS_LOCK_ASSERT(la); -/* Return if proxy-only mode is enabled */ + /* Return if proxy-only mode is enabled */ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) return (PKT_ALIAS_OK); @@ -714,7 +711,7 @@ ProtoAliasOut(struct libalias *la, struct ip *pip, alias_address = GetAliasAddress(lnk); -/* Change source address */ + /* Change source address */ DifferentialChecksum(ip_sum, &alias_address, &pip->ip_src, 2); pip->ip_src = alias_address; @@ -753,8 +750,8 @@ UdpAliasIn(struct libalias *la, struct ip *pip) int accumulate; int error; struct alias_data ad = { - .lnk = lnk, - .oaddr = &original_address, + .lnk = lnk, + .oaddr = &original_address, .aaddr = &alias_address, .aport = &alias_port, .sport = &ud->uh_sport, @@ -769,46 +766,48 @@ UdpAliasIn(struct libalias *la, struct ip *pip) ud->uh_dport = GetOriginalPort(lnk); proxy_port = GetProxyPort(lnk); - /* Walk out chain. */ + /* Walk out chain. */ error = find_handler(IN, UDP, la, pip, &ad); /* If we cannot figure out the packet, ignore it. */ if (error < 0) return (PKT_ALIAS_IGNORED); -/* If UDP checksum is not zero, then adjust since destination port */ -/* is being unaliased and destination address is being altered. */ + /* If UDP checksum is not zero, then adjust since + * destination port is being unaliased and + * destination address is being altered. */ if (ud->uh_sum != 0) { accumulate = alias_port; accumulate -= ud->uh_dport; accumulate += twowords(&alias_address); accumulate -= twowords(&original_address); -/* If this is a proxy packet, modify checksum because of source change.*/ - if (proxy_port != 0) { - accumulate += ud->uh_sport; - accumulate -= proxy_port; - } + /* If this is a proxy packet, modify checksum + * because of source change.*/ + if (proxy_port != 0) { + accumulate += ud->uh_sport; + accumulate -= proxy_port; + } - if (proxy_address.s_addr != 0) { + if (proxy_address.s_addr != 0) { accumulate += twowords(&pip->ip_src); accumulate -= twowords(&proxy_address); - } + } ADJUST_CHECKSUM(accumulate, ud->uh_sum); } -/* XXX: Could the two if's below be concatenated to one ? */ -/* Restore source port and/or address in case of proxying*/ - if (proxy_port != 0) - ud->uh_sport = proxy_port; + /* XXX: Could the two if's below be concatenated to one ? */ + /* Restore source port and/or address in case of proxying*/ + if (proxy_port != 0) + ud->uh_sport = proxy_port; - if (proxy_address.s_addr != 0) { - DifferentialChecksum(&pip->ip_sum, - &proxy_address, &pip->ip_src, 2); - pip->ip_src = proxy_address; - } + if (proxy_address.s_addr != 0) { + DifferentialChecksum(&pip->ip_sum, + &proxy_address, &pip->ip_src, 2); + pip->ip_src = proxy_address; + } -/* Restore original IP address */ + /* Restore original IP address */ DifferentialChecksum(&pip->ip_sum, &original_address, &pip->ip_dst, 2); pip->ip_dst = original_address; @@ -833,7 +832,7 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) LIBALIAS_LOCK_ASSERT(la); -/* Return if proxy-only mode is enabled and not proxyrule found.*/ + /* Return if proxy-only mode is enabled and not proxyrule found.*/ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2); if (dlen < sizeof(struct udphdr)) return (PKT_ALIAS_IGNORED); @@ -842,34 +841,33 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) if (dlen < ntohs(ud->uh_ulen)) return (PKT_ALIAS_IGNORED); - proxy_type = ProxyCheck(la, &proxy_server_address, - &proxy_server_port, pip->ip_src, pip->ip_dst, - ud->uh_dport, pip->ip_p); + proxy_type = ProxyCheck(la, &proxy_server_address, &proxy_server_port, + pip->ip_src, pip->ip_dst, ud->uh_dport, pip->ip_p); if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)) return (PKT_ALIAS_OK); -/* If this is a transparent proxy, save original destination, - * then alter the destination and adjust checksums */ + /* If this is a transparent proxy, save original destination, + * then alter the destination and adjust checksums */ dest_port = ud->uh_dport; dest_address = pip->ip_dst; if (proxy_type != 0) { - int accumulate; + int accumulate; accumulate = twowords(&pip->ip_dst); accumulate -= twowords(&proxy_server_address); - ADJUST_CHECKSUM(accumulate, pip->ip_sum); + ADJUST_CHECKSUM(accumulate, pip->ip_sum); if (ud->uh_sum != 0) { accumulate = twowords(&pip->ip_dst); accumulate -= twowords(&proxy_server_address); - accumulate += ud->uh_dport; - accumulate -= proxy_server_port; - ADJUST_CHECKSUM(accumulate, ud->uh_sum); + accumulate += ud->uh_dport; + accumulate -= proxy_server_port; + ADJUST_CHECKSUM(accumulate, ud->uh_sum); } - pip->ip_dst = proxy_server_address; - ud->uh_dport = proxy_server_port; + pip->ip_dst = proxy_server_address; + ud->uh_dport = proxy_server_port; } lnk = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst, ud->uh_sport, ud->uh_dport, @@ -878,7 +876,7 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) u_short alias_port; struct in_addr alias_address; struct alias_data ad = { - .lnk = lnk, + .lnk = lnk, .oaddr = NULL, .aaddr = &alias_address, .aport = &alias_port, @@ -887,24 +885,24 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) .maxpktsize = 0 }; -/* Save original destination address, if this is a proxy packet. - * Also modify packet to include destination encoding. This may - * change the size of IP header. */ + /* Save original destination address, if this is a proxy packet. + * Also modify packet to include destination encoding. This may + * change the size of IP header. */ if (proxy_type != 0) { - SetProxyPort(lnk, dest_port); - SetProxyAddress(lnk, dest_address); - ProxyModify(la, lnk, pip, maxpacketsize, proxy_type); - ud = (struct udphdr *)ip_next(pip); - } + SetProxyPort(lnk, dest_port); + SetProxyAddress(lnk, dest_address); + ProxyModify(la, lnk, pip, maxpacketsize, proxy_type); + ud = (struct udphdr *)ip_next(pip); + } alias_address = GetAliasAddress(lnk); alias_port = GetAliasPort(lnk); - /* Walk out chain. */ + /* Walk out chain. */ error = find_handler(OUT, UDP, la, pip, &ad); -/* If UDP checksum is not zero, adjust since source port is */ -/* being aliased and source address is being altered */ + /* If UDP checksum is not zero, adjust since source port is */ + /* being aliased and source address is being altered */ if (ud->uh_sum != 0) { int accumulate; @@ -914,10 +912,10 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) accumulate -= twowords(&alias_address); ADJUST_CHECKSUM(accumulate, ud->uh_sum); } -/* Put alias port in UDP header */ + /* Put alias port in UDP header */ ud->uh_sport = alias_port; -/* Change source address */ + /* Change source address */ DifferentialChecksum(&pip->ip_sum, &alias_address, &pip->ip_src, 2); pip->ip_src = alias_address; @@ -953,14 +951,14 @@ TcpAliasIn(struct libalias *la, struct ip *pip) u_short proxy_port; int accumulate, error; - /* - * The init of MANY vars is a bit below, but aliashandlepptpin + /* + * The init of MANY vars is a bit below, but aliashandlepptpin * seems to need the destination port that came within the * packet and not the original one looks below [*]. */ struct alias_data ad = { - .lnk = lnk, + .lnk = lnk, .oaddr = NULL, .aaddr = NULL, .aport = NULL, @@ -969,7 +967,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip) .maxpktsize = 0 }; - /* Walk out chain. */ + /* Walk out chain. */ error = find_handler(IN, TCP, la, pip, &ad); alias_address = GetAliasAddress(lnk); @@ -979,8 +977,8 @@ TcpAliasIn(struct libalias *la, struct ip *pip) tc->th_dport = GetOriginalPort(lnk); proxy_port = GetProxyPort(lnk); - /* - * Look above, if anyone is going to add find_handler AFTER + /* + * Look above, if anyone is going to add find_handler AFTER * this aliashandlepptpin/point, please redo alias_data too. * Uncommenting the piece here below should be enough. */ @@ -994,22 +992,22 @@ TcpAliasIn(struct libalias *la, struct ip *pip) .dport = &ud->uh_dport, .maxpktsize = 0 }; - + /* Walk out chain. */ error = find_handler(la, pip, &ad); if (error == EHDNOF) printf("Protocol handler not found\n"); #endif -/* Adjust TCP checksum since destination port is being unaliased */ -/* and destination port is being altered. */ + /* Adjust TCP checksum since destination port is being + * unaliased and destination port is being altered. */ accumulate = alias_port; accumulate -= tc->th_dport; accumulate += twowords(&alias_address); accumulate -= twowords(&original_address); -/* If this is a proxy, then modify the TCP source port and - checksum accumulation */ + /* If this is a proxy, then modify the TCP source port + * and checksum accumulation */ if (proxy_port != 0) { accumulate += tc->th_sport; tc->th_sport = proxy_port; @@ -1017,7 +1015,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip) accumulate += twowords(&pip->ip_src); accumulate -= twowords(&proxy_address); } -/* See if ACK number needs to be modified */ + /* See if ACK number needs to be modified */ if (GetAckModified(lnk) == 1) { int delta; @@ -1031,13 +1029,13 @@ TcpAliasIn(struct libalias *la, struct ip *pip) } ADJUST_CHECKSUM(accumulate, tc->th_sum); -/* Restore original IP address */ + /* Restore original IP address */ accumulate = twowords(&pip->ip_dst); pip->ip_dst = original_address; accumulate -= twowords(&pip->ip_dst); -/* If this is a transparent proxy packet, then modify the source - address */ + /* If this is a transparent proxy packet, + * then modify the source address */ if (proxy_address.s_addr != 0) { accumulate += twowords(&pip->ip_src); pip->ip_src = proxy_address; @@ -1045,7 +1043,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip) } ADJUST_CHECKSUM(accumulate, pip->ip_sum); -/* Monitor TCP connection state */ + /* Monitor TCP connection state */ tc = (struct tcphdr *)ip_next(pip); TcpMonitorIn(tc->th_flags, lnk); @@ -1074,8 +1072,8 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) tc = (struct tcphdr *)ip_next(pip); if (create) - proxy_type = ProxyCheck(la, &proxy_server_address, - &proxy_server_port, pip->ip_src, pip->ip_dst, + proxy_type = ProxyCheck(la, &proxy_server_address, + &proxy_server_port, pip->ip_src, pip->ip_dst, tc->th_dport, pip->ip_p); else proxy_type = 0; @@ -1083,8 +1081,8 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)) return (PKT_ALIAS_OK); -/* If this is a transparent proxy, save original destination, - then alter the destination and adjust checksums */ + /* If this is a transparent proxy, save original destination, + * then alter the destination and adjust checksums */ dest_port = tc->th_dport; dest_address = pip->ip_dst; if (proxy_type != 0) { @@ -1112,7 +1110,7 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) struct in_addr alias_address; int accumulate; struct alias_data ad = { - .lnk = lnk, + .lnk = lnk, .oaddr = NULL, .aaddr = &alias_address, .aport = &alias_port, @@ -1121,38 +1119,38 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) .maxpktsize = maxpacketsize }; -/* Save original destination address, if this is a proxy packet. - Also modify packet to include destination encoding. This may - change the size of IP header. */ + /* Save original destination address, if this is a proxy packet. + * Also modify packet to include destination + * encoding. This may change the size of IP header. */ if (proxy_type != 0) { SetProxyPort(lnk, dest_port); SetProxyAddress(lnk, dest_address); ProxyModify(la, lnk, pip, maxpacketsize, proxy_type); tc = (struct tcphdr *)ip_next(pip); } -/* Get alias address and port */ + /* Get alias address and port */ alias_port = GetAliasPort(lnk); alias_address = GetAliasAddress(lnk); -/* Monitor TCP connection state */ + /* Monitor TCP connection state */ tc = (struct tcphdr *)ip_next(pip); TcpMonitorOut(tc->th_flags, lnk); - - /* Walk out chain. */ + + /* Walk out chain. */ error = find_handler(OUT, TCP, la, pip, &ad); -/* Adjust TCP checksum since source port is being aliased */ -/* and source address is being altered */ + /* Adjust TCP checksum since source port is being aliased + * and source address is being altered */ accumulate = tc->th_sport; tc->th_sport = alias_port; accumulate -= tc->th_sport; accumulate += twowords(&pip->ip_src); accumulate -= twowords(&alias_address); -/* Modify sequence number if necessary */ + /* Modify sequence number if necessary */ if (GetAckModified(lnk) == 1) { int delta; - + tc = (struct tcphdr *)ip_next(pip); delta = GetDeltaSeqOut(tc->th_seq, lnk); if (delta != 0) { @@ -1163,7 +1161,7 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) } ADJUST_CHECKSUM(accumulate, tc->th_sum); -/* Change source address */ + /* Change source address */ accumulate = twowords(&pip->ip_src); pip->ip_src = alias_address; accumulate -= twowords(&pip->ip_src); @@ -1259,7 +1257,7 @@ LibAliasSaveFragment(struct libalias *la, void *ptr) return (iresult); } -void * +void * LibAliasGetFragment(struct libalias *la, void *ptr) { struct alias_link *lnk; @@ -1273,7 +1271,7 @@ LibAliasGetFragment(struct libalias *la, void *ptr) GetFragmentPtr(lnk, &fptr); SetFragmentPtr(lnk, NULL); SetExpire(lnk, 0); /* Deletes link */ - } else + } else fptr = NULL; LIBALIAS_UNLOCK(la); @@ -1281,11 +1279,9 @@ LibAliasGetFragment(struct libalias *la, void *ptr) } void -LibAliasFragmentIn(struct libalias *la, void *ptr, /* Points to correctly - * de-aliased header - * fragment */ - void *ptr_fragment /* Points to fragment which must be - * de-aliased */ +LibAliasFragmentIn(struct libalias *la, + void *ptr, /* Points to correctly de-aliased header fragment */ + void *ptr_fragment /* fragment which must be de-aliased */ ) { struct ip *pip; @@ -1305,10 +1301,10 @@ LibAliasFragmentIn(struct libalias *la, void *ptr, /* Points to correctly /* Local prototypes */ static int LibAliasOutLocked(struct libalias *la, struct ip *pip, - int maxpacketsize, int create); + int maxpacketsize, int create); static int LibAliasInLocked(struct libalias *la, struct ip *pip, - int maxpacketsize); + int maxpacketsize); int LibAliasIn(struct libalias *la, void *ptr, int maxpacketsize) @@ -1340,7 +1336,7 @@ LibAliasInLocked(struct libalias *la, struct ip *pip, int maxpacketsize) /* Defense against mangled packets */ if (ntohs(pip->ip_len) > maxpacketsize || (pip->ip_hl << 2) > maxpacketsize) { - iresult = PKT_ALIAS_IGNORED; + iresult = PKT_ALIAS_IGNORED; goto getout; } @@ -1358,30 +1354,30 @@ LibAliasInLocked(struct libalias *la, struct ip *pip, int maxpacketsize) break; #ifdef _KERNEL case IPPROTO_SCTP: - iresult = SctpAlias(la, pip, SN_TO_LOCAL); + iresult = SctpAlias(la, pip, SN_TO_LOCAL); break; #endif - case IPPROTO_GRE: { + case IPPROTO_GRE: { int error; struct alias_data ad = { - .lnk = NULL, - .oaddr = NULL, + .lnk = NULL, + .oaddr = NULL, .aaddr = NULL, .aport = NULL, .sport = NULL, .dport = NULL, - .maxpktsize = 0 + .maxpktsize = 0 }; - - /* Walk out chain. */ + + /* Walk out chain. */ error = find_handler(IN, IP, la, pip, &ad); - if (error == 0) + if (error == 0) iresult = PKT_ALIAS_OK; else iresult = ProtoAliasIn(la, pip->ip_src, pip, pip->ip_p, &pip->ip_sum); + break; } - break; default: iresult = ProtoAliasIn(la, pip->ip_src, pip, pip->ip_p, &pip->ip_sum); @@ -1449,10 +1445,10 @@ LibAliasOutTry(struct libalias *la, void *ptr, int maxpacketsize, int create) } static int -LibAliasOutLocked(struct libalias *la, struct ip *pip, /* valid IP packet */ - int maxpacketsize, /* How much the packet data may grow (FTP - * and IRC inline changes) */ - int create /* Create new entries ? */ +LibAliasOutLocked(struct libalias *la, + struct ip *pip, /* valid IP packet */ + int maxpacketsize, /* How much the packet data may grow (FTP and IRC inline changes) */ + int create /* Create new entries ? */ ) { int iresult; @@ -1512,29 +1508,29 @@ LibAliasOutLocked(struct libalias *la, struct ip *pip, /* valid IP packet */ break; #ifdef _KERNEL case IPPROTO_SCTP: - iresult = SctpAlias(la, pip, SN_TO_GLOBAL); + iresult = SctpAlias(la, pip, SN_TO_GLOBAL); break; #endif case IPPROTO_GRE: { int error; struct alias_data ad = { - .lnk = NULL, - .oaddr = NULL, + .lnk = NULL, + .oaddr = NULL, .aaddr = NULL, .aport = NULL, .sport = NULL, .dport = NULL, - .maxpktsize = 0 + .maxpktsize = 0 }; - /* Walk out chain. */ + /* Walk out chain. */ error = find_handler(OUT, IP, la, pip, &ad); if (error == 0) - iresult = PKT_ALIAS_OK; - else + iresult = PKT_ALIAS_OK; + else iresult = ProtoAliasOut(la, pip, pip->ip_dst, pip->ip_p, &pip->ip_sum, create); + break; } - break; default: iresult = ProtoAliasOut(la, pip, pip->ip_dst, pip->ip_p, &pip->ip_sum, create); @@ -1550,8 +1546,9 @@ getout: } int -LibAliasUnaliasOut(struct libalias *la, void *ptr, /* valid IP packet */ - int maxpacketsize /* for error checking */ +LibAliasUnaliasOut(struct libalias *la, + void *ptr, /* valid IP packet */ + int maxpacketsize /* for error checking */ ) { struct ip *pip; @@ -1623,7 +1620,6 @@ LibAliasUnaliasOut(struct libalias *la, void *ptr, /* valid IP packet */ tc->th_sport = original_port; iresult = PKT_ALIAS_OK; - } else if (pip->ip_p == IPPROTO_ICMP) { int accumulate; struct in_addr original_address; @@ -1653,7 +1649,6 @@ LibAliasUnaliasOut(struct libalias *la, void *ptr, /* valid IP packet */ getout: LIBALIAS_UNLOCK(la); return (iresult); - } #ifndef _KERNEL @@ -1673,8 +1668,8 @@ LibAliasRefreshModules(void) for (;;) { fgets(buf, 256, fd); - if (feof(fd)) - break; *** 4313 LINES SKIPPED *** From owner-dev-commits-src-branches@freebsd.org Sat May 29 13:13:05 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4D28B6400F7; Sat, 29 May 2021 13:13:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FshnF1dlzz4tXr; Sat, 29 May 2021 13:13:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1FCB129F2; Sat, 29 May 2021 13:13:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14TDD5Qf023954; Sat, 29 May 2021 13:13:05 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14TDD5q7023952; Sat, 29 May 2021 13:13:05 GMT (envelope-from git) Date: Sat, 29 May 2021 13:13:05 GMT Message-Id: <202105291313.14TDD5q7023952@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: cfeeb57166d9 - stable/13 - test/libalias: Tests for instantiation and outgoing NAT MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: cfeeb57166d9ef3dfd5823b31fc0bcfb24fe147e Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 May 2021 13:13:05 -0000 The branch stable/13 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=cfeeb57166d9ef3dfd5823b31fc0bcfb24fe147e commit cfeeb57166d9ef3dfd5823b31fc0bcfb24fe147e Author: Lutz Donnerhacke AuthorDate: 2021-05-16 21:37:37 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-29 13:09:55 +0000 test/libalias: Tests for instantiation and outgoing NAT In order to modify libalias for performance, the existing functionality must not change. Enforce this. Testing LibAliasOut functionality. This concentrates the typical use case of initiating data transfers from the inside. Provide a exhaustive test for the data structure in order to check for performance improvements. In order to compare upcoming changes for their effectivness, measure performance by counting opertions and the runtime of each operation over the time. Accumulate all tests in a single instance, so make it complicated over the time. If you wait long enough, you will notice the expiry of old flows. Reviewed by: kp Differential Revision: https://reviews.freebsd.org/D30307 Differential Revision: https://reviews.freebsd.org/D30335 Differential Revision: https://reviews.freebsd.org/D30379 (cherry picked from commit 7fd8baee756efa18b6bbb17cbf3a652eb2058d87) (cherry picked from commit c1fbb54f4b100d576da7ab065d1887a21f691936) (cherry picked from commit 33c1bdfc3e098862100bab7a8dc729d8c78ffa7c) --- tests/sys/netinet/Makefile | 2 + tests/sys/netinet/libalias/1_instance.c | 119 +++++++++ tests/sys/netinet/libalias/2_natout.c | 414 ++++++++++++++++++++++++++++++++ tests/sys/netinet/libalias/Makefile | 31 +++ tests/sys/netinet/libalias/perf.c | 231 ++++++++++++++++++ tests/sys/netinet/libalias/util.c | 114 +++++++++ tests/sys/netinet/libalias/util.h | 62 +++++ 7 files changed, 973 insertions(+) diff --git a/tests/sys/netinet/Makefile b/tests/sys/netinet/Makefile index 7dd21c3545b5..a053ec711fff 100644 --- a/tests/sys/netinet/Makefile +++ b/tests/sys/netinet/Makefile @@ -5,6 +5,8 @@ PACKAGE= tests TESTSDIR= ${TESTSBASE}/sys/netinet BINDIR= ${TESTSDIR} +TESTS_SUBDIRS+= libalias + ATF_TESTS_C= ip_reass_test \ so_reuseport_lb_test \ socket_afinet \ diff --git a/tests/sys/netinet/libalias/1_instance.c b/tests/sys/netinet/libalias/1_instance.c new file mode 100644 index 000000000000..842acb41bb90 --- /dev/null +++ b/tests/sys/netinet/libalias/1_instance.c @@ -0,0 +1,119 @@ +/* + * SPDX-License-Identifier: BSD-3-Clause + * + * Copyright 2021 Lutz Donnerhacke + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +#include +#include +#include +#include + +#include "util.h" + +ATF_TC(2_destroynull); +ATF_TC_HEAD(2_destroynull, env) +{ + atf_tc_set_md_var(env, "descr", "Destroy the NULL instance"); +} +ATF_TC_BODY(2_destroynull, dummy) +{ + atf_tc_expect_death("Code expects valid pointer."); + LibAliasUninit(NULL); +} + +ATF_TC(1_singleinit); +ATF_TC_HEAD(1_singleinit, env) +{ + atf_tc_set_md_var(env, "descr", "Create an instance"); +} +ATF_TC_BODY(1_singleinit, dummy) +{ + struct libalias *la; + + la = LibAliasInit(NULL); + ATF_CHECK_MSG(la != NULL, "Creating an instance failed."); + LibAliasUninit(la); +} + +ATF_TC(3_multiinit); +ATF_TC_HEAD(3_multiinit, env) +{ + atf_tc_set_md_var(env, "descr", "Recreate an instance multiple times"); +} +ATF_TC_BODY(3_multiinit, dummy) +{ + struct libalias *la; + int i; + + la = LibAliasInit(NULL); + for(i = 1; i < 30; i++) { + struct libalias *lo = la; + + la = LibAliasInit(la); + ATF_CHECK_MSG(la == lo, "Recreating moved the instance around: %d", i); + } + LibAliasUninit(la); +} + +ATF_TC(4_multiinstance); +ATF_TC_HEAD(4_multiinstance, env) +{ + atf_tc_set_md_var(env, "descr", "Create and destoy multiple instances."); +} +ATF_TC_BODY(4_multiinstance, dummy) +{ + struct libalias *la[300]; + int const num_instances = sizeof(la) / sizeof(*la); + int i; + + for (i = 0; i < num_instances; i++) { + la[i] = LibAliasInit(NULL); + ATF_CHECK_MSG(la[i] != NULL, "Creating instance %d failed.", i); + } + + qsort(la, num_instances, sizeof(*la), randcmp); + + for (i = 0; i < num_instances; i++) + LibAliasUninit(la[i]); +} + +ATF_TP_ADD_TCS(instance) +{ + /* Use "dd if=/dev/random bs=2 count=1 | od -x" to reproduce */ + srand(0x5ac4); + + ATF_TP_ADD_TC(instance, 2_destroynull); + ATF_TP_ADD_TC(instance, 1_singleinit); + ATF_TP_ADD_TC(instance, 3_multiinit); + ATF_TP_ADD_TC(instance, 4_multiinstance); + + return atf_no_error(); +} diff --git a/tests/sys/netinet/libalias/2_natout.c b/tests/sys/netinet/libalias/2_natout.c new file mode 100644 index 000000000000..1eeeac2ef868 --- /dev/null +++ b/tests/sys/netinet/libalias/2_natout.c @@ -0,0 +1,414 @@ +/* + * SPDX-License-Identifier: BSD-3-Clause + * + * Copyright 2021 Lutz Donnerhacke + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +#include +#include +#include +#include + +#include "util.h" + +/* common ip ranges */ +static struct in_addr masq = { htonl(0x01020304) }; +static struct in_addr pub = { htonl(0x0102dead) }; +static struct in_addr prv1 = { htonl(0x0a00dead) }; +static struct in_addr prv2 = { htonl(0xac10dead) }; +static struct in_addr prv3 = { htonl(0xc0a8dead) }; +static struct in_addr cgn = { htonl(0x6440dead) }; +static struct in_addr ext = { htonl(0x12345678) }; + +#define NAT_CHECK(pip, src, msq) do { \ + int res; \ + int len = ntohs(pip->ip_len); \ + struct in_addr dst = pip->ip_dst; \ + pip->ip_src = src; \ + res = LibAliasOut(la, pip, len); \ + ATF_CHECK_MSG(res == PKT_ALIAS_OK, \ + ">%d< not met PKT_ALIAS_OK", res); \ + ATF_CHECK(addr_eq(msq, pip->ip_src)); \ + ATF_CHECK(addr_eq(dst, pip->ip_dst)); \ +} while(0) + +#define NAT_FAIL(pip, src, dst) do { \ + int res; \ + int len = ntohs(pip->ip_len); \ + pip->ip_src = src; \ + pip->ip_dst = dst; \ + res = LibAliasOut(la, pip, len); \ + ATF_CHECK_MSG(res != PKT_ALIAS_OK), \ + ">%d< not met !PKT_ALIAS_OK", res); \ + ATF_CHECK(addr_eq(src, pip->ip_src)); \ + ATF_CHECK(addr_eq(dst, pip->ip_dst)); \ +} while(0) + +#define UNNAT_CHECK(pip, src, dst, rel) do { \ + int res; \ + int len = ntohs(pip->ip_len); \ + pip->ip_src = src; \ + pip->ip_dst = dst; \ + res = LibAliasIn(la, pip, len); \ + ATF_CHECK_MSG(res == PKT_ALIAS_OK, \ + ">%d< not met PKT_ALIAS_OK", res); \ + ATF_CHECK(addr_eq(src, pip->ip_src)); \ + ATF_CHECK(addr_eq(rel, pip->ip_dst)); \ +} while(0) + +#define UNNAT_FAIL(pip, src, dst) do { \ + int res; \ + int len = ntohs(pip->ip_len); \ + pip->ip_src = src; \ + pip->ip_dst = dst; \ + res = LibAliasIn(la, pip, len); \ + ATF_CHECK_MSG(res != PKT_ALIAS_OK, \ + ">%d< not met !PKT_ALIAS_OK", res); \ + ATF_CHECK(addr_eq(src, pip->ip_src)); \ + ATF_CHECK(addr_eq(dst, pip->ip_dst)); \ +} while(0) + +ATF_TC_WITHOUT_HEAD(1_simplemasq); +ATF_TC_BODY(1_simplemasq, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *pip; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, 0, ~0); + + pip = ip_packet(prv1, ext, 254, 64); + NAT_CHECK(pip, prv1, masq); + NAT_CHECK(pip, prv2, masq); + NAT_CHECK(pip, prv3, masq); + NAT_CHECK(pip, cgn, masq); + NAT_CHECK(pip, pub, masq); + + free(pip); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(2_unregistered); +ATF_TC_BODY(2_unregistered, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *pip; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, PKT_ALIAS_UNREGISTERED_ONLY, ~0); + + pip = ip_packet(prv1, ext, 254, 64); + NAT_CHECK(pip, prv1, masq); + NAT_CHECK(pip, prv2, masq); + NAT_CHECK(pip, prv3, masq); + NAT_CHECK(pip, cgn, cgn); + NAT_CHECK(pip, pub, pub); + + /* + * State is only for new connections + * Because they are now active, + * the mode setting should be ignored + */ + LibAliasSetMode(la, 0, PKT_ALIAS_UNREGISTERED_ONLY); + NAT_CHECK(pip, prv1, masq); + NAT_CHECK(pip, prv2, masq); + NAT_CHECK(pip, prv3, masq); + NAT_CHECK(pip, cgn, cgn); + NAT_CHECK(pip, pub, pub); + + free(pip); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(3_cgn); +ATF_TC_BODY(3_cgn, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *pip; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, PKT_ALIAS_UNREGISTERED_CGN, ~0); + + pip = ip_packet(prv1, ext, 254, 64); + NAT_CHECK(pip, prv1, masq); + NAT_CHECK(pip, prv2, masq); + NAT_CHECK(pip, prv3, masq); + NAT_CHECK(pip, cgn, masq); + NAT_CHECK(pip, pub, pub); + + /* + * State is only for new connections + * Because they are now active, + * the mode setting should be ignored + */ + LibAliasSetMode(la, 0, PKT_ALIAS_UNREGISTERED_CGN); + NAT_CHECK(pip, prv1, masq); + NAT_CHECK(pip, prv2, masq); + NAT_CHECK(pip, prv3, masq); + NAT_CHECK(pip, cgn, masq); + NAT_CHECK(pip, pub, pub); + + free(pip); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(4_udp); +ATF_TC_BODY(4_udp, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *po, *pi; + struct udphdr *ui, *uo; + uint16_t sport = 0x1234; + uint16_t dport = 0x5678; + uint16_t aport; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, 0, ~0); + + /* Query from prv1 */ + po = ip_packet(prv1, ext, 0, 64); + uo = set_udp(po, sport, dport); + NAT_CHECK(po, prv1, masq); + ATF_CHECK(uo->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(po->ip_dst, ext)); + aport = ntohs(uo->uh_sport); + /* should use a different external port */ + ATF_CHECK(aport != sport); + + /* Response */ + pi = ip_packet(po->ip_dst, po->ip_src, 0, 64); + ui = set_udp(pi, ntohs(uo->uh_dport), ntohs(uo->uh_sport)); + UNNAT_CHECK(pi, ext, masq, prv1); + ATF_CHECK(ui->uh_sport == htons(dport)); + ATF_CHECK(ui->uh_dport == htons(sport)); + + /* Query from different source with same ports */ + uo = set_udp(po, sport, dport); + NAT_CHECK(po, prv2, masq); + ATF_CHECK(uo->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(po->ip_dst, ext)); + /* should use a different external port */ + ATF_CHECK(uo->uh_sport != htons(aport)); + + /* Response to prv2 */ + ui->uh_dport = uo->uh_sport; + UNNAT_CHECK(pi, ext, masq, prv2); + ATF_CHECK(ui->uh_sport == htons(dport)); + ATF_CHECK(ui->uh_dport == htons(sport)); + + /* Response to prv1 again */ + ui->uh_dport = htons(aport); + UNNAT_CHECK(pi, ext, masq, prv1); + ATF_CHECK(ui->uh_sport == htons(dport)); + ATF_CHECK(ui->uh_dport == htons(sport)); + + free(pi); + free(po); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(5_sameport); +ATF_TC_BODY(5_sameport, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *p; + struct udphdr *u; + uint16_t sport = 0x1234; + uint16_t dport = 0x5678; + uint16_t aport; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, PKT_ALIAS_SAME_PORTS, ~0); + + /* Query from prv1 */ + p = ip_packet(prv1, ext, 0, 64); + u = set_udp(p, sport, dport); + NAT_CHECK(p, prv1, masq); + ATF_CHECK(u->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(p->ip_dst, ext)); + aport = ntohs(u->uh_sport); + /* should use the same external port */ + ATF_CHECK(aport == sport); + + /* Query from different source with same ports */ + u = set_udp(p, sport, dport); + NAT_CHECK(p, prv2, masq); + ATF_CHECK(u->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(p->ip_dst, ext)); + /* should use a different external port */ + ATF_CHECK(u->uh_sport != htons(aport)); + + free(p); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(6_cleartable); +ATF_TC_BODY(6_cleartable, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *po, *pi; + struct udphdr *ui, *uo; + uint16_t sport = 0x1234; + uint16_t dport = 0x5678; + uint16_t aport; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, PKT_ALIAS_RESET_ON_ADDR_CHANGE, ~0); + LibAliasSetMode(la, PKT_ALIAS_SAME_PORTS, PKT_ALIAS_SAME_PORTS); + LibAliasSetMode(la, PKT_ALIAS_DENY_INCOMING, PKT_ALIAS_DENY_INCOMING); + + /* Query from prv1 */ + po = ip_packet(prv1, ext, 0, 64); + uo = set_udp(po, sport, dport); + NAT_CHECK(po, prv1, masq); + ATF_CHECK(uo->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(po->ip_dst, ext)); + aport = ntohs(uo->uh_sport); + /* should use the same external port */ + ATF_CHECK(aport == sport); + + /* Response */ + pi = ip_packet(po->ip_dst, po->ip_src, 0, 64); + ui = set_udp(pi, ntohs(uo->uh_dport), ntohs(uo->uh_sport)); + UNNAT_CHECK(pi, ext, masq, prv1); + ATF_CHECK(ui->uh_sport == htons(dport)); + ATF_CHECK(ui->uh_dport == htons(sport)); + + /* clear table by keeping the address */ + LibAliasSetAddress(la, ext); + LibAliasSetAddress(la, masq); + + /* Response to prv1 again -> DENY_INCOMING */ + ui->uh_dport = htons(aport); + UNNAT_FAIL(pi, ext, masq); + + /* Query from different source with same ports */ + uo = set_udp(po, sport, dport); + NAT_CHECK(po, prv2, masq); + ATF_CHECK(uo->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(po->ip_dst, ext)); + /* should use the same external port, because it's free */ + ATF_CHECK(uo->uh_sport == htons(aport)); + + /* Response to prv2 */ + ui->uh_dport = uo->uh_sport; + UNNAT_CHECK(pi, ext, masq, prv2); + ATF_CHECK(ui->uh_sport == htons(dport)); + ATF_CHECK(ui->uh_dport == htons(sport)); + + free(pi); + free(po); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(7_stress); +ATF_TC_BODY(7_stress, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *p; + struct udphdr *u; + struct { + struct in_addr src, dst; + uint16_t sport, dport, aport; + } *batch; + size_t const batch_size = 12000; + size_t const rounds = 25; + size_t i, j; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + + p = ip_packet(prv1, ext, 0, 64); + u = set_udp(p, 0, 0); + + batch = calloc(batch_size, sizeof(*batch)); + ATF_REQUIRE(batch != NULL); + for (j = 0; j < rounds; j++) { + for (i = 0; i < batch_size; i++) { + struct in_addr s, d; + switch (i&3) { + case 0: s = prv1; d = ext; break; + case 1: s = prv2; d = pub; break; + case 2: s = prv3; d = ext; break; + case 3: s = cgn; d = pub; break; + } + s.s_addr &= htonl(0xffff0000); + d.s_addr &= htonl(0xffff0000); + batch[i].src.s_addr = s.s_addr | htonl(rand_range(0, 0xffff)); + batch[i].dst.s_addr = d.s_addr | htonl(rand_range(0, 0xffff)); + batch[i].sport = rand_range(1000, 60000); + batch[i].dport = rand_range(1000, 60000); + } + + for (i = 0; i < batch_size; i++) { + p->ip_dst = batch[i].dst; + u = set_udp(p, batch[i].sport, batch[i].dport); + NAT_CHECK(p, batch[i].src, masq); + ATF_CHECK(u->uh_dport == htons(batch[i].dport)); + ATF_CHECK(addr_eq(p->ip_dst, batch[i].dst)); + batch[i].aport = htons(u->uh_sport); + } + + qsort(batch, batch_size, sizeof(*batch), randcmp); + + for (i = 0; i < batch_size; i++) { + u = set_udp(p, batch[i].dport, batch[i].aport); + UNNAT_CHECK(p, batch[i].dst, masq, batch[i].src); + ATF_CHECK(u->uh_dport == htons(batch[i].sport)); + ATF_CHECK(u->uh_sport == htons(batch[i].dport)); + } + } + + free(batch); + free(p); + LibAliasUninit(la); +} + +ATF_TP_ADD_TCS(natout) +{ + /* Use "dd if=/dev/random bs=2 count=1 | od -x" to reproduce */ + srand(0x0b61); + + ATF_TP_ADD_TC(natout, 1_simplemasq); + ATF_TP_ADD_TC(natout, 2_unregistered); + ATF_TP_ADD_TC(natout, 3_cgn); + ATF_TP_ADD_TC(natout, 4_udp); + ATF_TP_ADD_TC(natout, 5_sameport); + ATF_TP_ADD_TC(natout, 6_cleartable); + ATF_TP_ADD_TC(natout, 7_stress); + + return atf_no_error(); +} diff --git a/tests/sys/netinet/libalias/Makefile b/tests/sys/netinet/libalias/Makefile new file mode 100644 index 000000000000..6ee2fc0e0e1f --- /dev/null +++ b/tests/sys/netinet/libalias/Makefile @@ -0,0 +1,31 @@ +# $FreeBSD$ + +PACKAGE= tests + +TESTSDIR= ${TESTSBASE}/sys/netinet/libalias +BINDIR= ${TESTSDIR} + +ATF_TESTS_C+= 1_instance \ + 2_natout \ + +PROGS+= perf + +LIBADD+= alias + +SRCS.1_instance=1_instance.c util.c +SRCS.2_natout= 2_natout.c util.c +SRCS.perf= perf.c util.c + +.include + +# +# Testing during development +# +test: all + cd ${.OBJDIR}; kyua test + +report: + cd ${.OBJDIR}; kyua report + +report-v: + cd ${.OBJDIR}; kyua report --verbose diff --git a/tests/sys/netinet/libalias/perf.c b/tests/sys/netinet/libalias/perf.c new file mode 100644 index 000000000000..365b8f2e9fcc --- /dev/null +++ b/tests/sys/netinet/libalias/perf.c @@ -0,0 +1,231 @@ +/* + * SPDX-License-Identifier: BSD-3-Clause + * + * Copyright 2021 Lutz Donnerhacke + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +#include +#include +#include +#include +#include "util.h" +#include + +/* common ip ranges */ +static struct in_addr masq = { htonl(0x01020304) }; +static struct in_addr prv = { htonl(0x0a000000) }; +static struct in_addr ext = { htonl(0x12000000) }; + +#define timevalcmp(tv, uv, cmp) \ + (((tv).tv_sec == (uv).tv_sec) \ + ? ((tv).tv_usec cmp (uv).tv_usec) \ + : ((tv).tv_sec cmp (uv).tv_sec)) + +#define timevaldiff(n, o) (float) \ + (((n).tv_sec - (o).tv_sec)*1000000l + \ + ((n).tv_usec - (o).tv_usec)) + +int main(int argc, char ** argv) +{ + struct libalias *la; + struct timeval timeout; + struct ip *p; + struct udphdr *u; + struct { + struct in_addr src, dst; + uint16_t sport, dport, aport; + } *batch; + struct { + unsigned long ok, fail; + } nat, unnat, random, attack; + int max_seconds, batch_size, random_size, attack_length, round, cnt; + + if(argc != 5 || + 0 > (max_seconds = atoi(argv[1])) || + 0 >= (batch_size = atoi(argv[2])) || + 0 >= (random_size = atoi(argv[3])) || + 0 >= (attack_length = atoi(argv[4]))) { + printf("Usage: %s max_seconds batch_size random_size attack_length\n", argv[0]); + return 1; + } + if (NULL == (la = LibAliasInit(NULL))) { + perror("LibAliasInit"); + return -1; + } + + bzero(&nat, sizeof(nat)); + bzero(&unnat, sizeof(unnat)); + bzero(&random, sizeof(random)); + bzero(&attack, sizeof(attack)); + + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, PKT_ALIAS_DENY_INCOMING, PKT_ALIAS_DENY_INCOMING); + + prv.s_addr &= htonl(0xffff0000); + ext.s_addr &= htonl(0xffff0000); + + p = ip_packet(prv, ext, 0, 64); + u = set_udp(p, 0, 0); + + if (NULL == (batch = calloc(batch_size, sizeof(*batch)))) { + perror("calloc(batch)"); + return -1; + } + + gettimeofday(&timeout, NULL); + timeout.tv_sec += max_seconds; + + printf("RND SECND NAT RND ATT UNA\n"); + for (round = 0; ; round++) { + int i, res; + struct timeval now, start; + + printf("%3d ", round+1); + + gettimeofday(&start, NULL); + printf("%5.1f ", max_seconds - timevaldiff(timeout, start)/1000000.0f); + for (cnt = i = 0; i < batch_size; i++, cnt++) { + batch[i].src.s_addr = prv.s_addr | htonl(rand_range(0, 0xffff)); + batch[i].dst.s_addr = ext.s_addr | htonl(rand_range(0, 0xffff)); + batch[i].sport = rand_range(1000, 60000); + batch[i].dport = rand_range(1000, 60000); + + p->ip_src = batch[i].src; + p->ip_dst = batch[i].dst; + u = set_udp(p, batch[i].sport, batch[i].dport); + + res = LibAliasOut(la, p, 64); + batch[i].aport = htons(u->uh_sport); + + if (res == PKT_ALIAS_OK && + u->uh_dport == htons(batch[i].dport) && + addr_eq(p->ip_dst, batch[i].dst) && + addr_eq(p->ip_src, masq)) + nat.ok++; + else + nat.fail++; + + gettimeofday(&now, NULL); + if(timevalcmp(now, timeout, >=)) + goto out; + } + if (cnt > 0) + printf("%3.0f ", timevaldiff(now, start) / cnt); + + start = now; + for (cnt = i = 0; i < random_size; i++, cnt++) { + p->ip_src.s_addr = ext.s_addr & htonl(0xfff00000); + p->ip_src.s_addr |= htonl(rand_range(0, 0xffff)); + p->ip_dst = masq; + u = set_udp(p, rand_range(1, 0xffff), rand_range(1, 0xffff)); + + res = LibAliasIn(la, p, 64); + + if (res == PKT_ALIAS_OK) + random.ok++; + else + random.fail++; + + gettimeofday(&now, NULL); + if(timevalcmp(now, timeout, >=)) + goto out; + } + if (cnt > 0) + printf("%3.0f ", timevaldiff(now, start) / cnt); + + start = now; + p->ip_src.s_addr = ext.s_addr & htonl(0xfff00000); + p->ip_src.s_addr |= htonl(rand_range(0, 0xffff)); + p->ip_dst = masq; + u = set_udp(p, rand_range(1, 0xffff), rand_range(1, 0xffff)); + for (cnt = i = 0; i < attack_length; i++, cnt++) { + res = LibAliasIn(la, p, 64); + + if (res == PKT_ALIAS_OK) + attack.ok++; + else + attack.fail++; + + gettimeofday(&now, NULL); + if(timevalcmp(now, timeout, >=)) + goto out; + } + if (cnt > 0) + printf("%3.0f ", timevaldiff(now, start) / cnt); + + qsort(batch, batch_size, sizeof(*batch), randcmp); + + gettimeofday(&start, NULL); + for (cnt = i = 0; i < batch_size; i++, cnt++) { + p->ip_src = batch[i].dst; + p->ip_dst = masq; + u = set_udp(p, batch[i].dport, batch[i].aport); + + res = LibAliasIn(la, p, 64); + batch[i].aport = htons(u->uh_sport); + + if (res == PKT_ALIAS_OK && + u->uh_sport == htons(batch[i].dport) && + u->uh_dport == htons(batch[i].sport) && + addr_eq(p->ip_dst, batch[i].src) && + addr_eq(p->ip_src, batch[i].dst)) + unnat.ok++; + else + unnat.fail++; + + gettimeofday(&now, NULL); + if(timevalcmp(now, timeout, >=)) + goto out; + } + if (cnt > 0) + printf("%3.0f\n", timevaldiff(now, start) / cnt); + } +out: + printf("\n\n"); + free(batch); + free(p); + LibAliasUninit(la); + + printf("Results\n"); + printf(" Rounds : %7u\n", round); + printf(" NAT ok : %7lu\n", nat.ok); + printf(" NAT fail: %7lu\n", nat.fail); + printf(" UNNAT ok : %7lu\n", unnat.ok); + printf(" UNNAT fail: %7lu\n", unnat.fail); + printf("RANDOM ok : %7lu\n", random.ok); + printf("RANDOM fail: %7lu\n", random.fail); + printf("ATTACK ok : %7lu\n", attack.ok); + printf("ATTACK fail: %7lu\n", attack.fail); + printf(" -------------------\n"); + printf(" Total: %7lu\n", + nat.ok + nat.fail + unnat.ok + unnat.fail + + random.ok + random.fail + attack.ok + attack.fail); + return (0); +} diff --git a/tests/sys/netinet/libalias/util.c b/tests/sys/netinet/libalias/util.c new file mode 100644 index 000000000000..df2e320a4eba --- /dev/null +++ b/tests/sys/netinet/libalias/util.c @@ -0,0 +1,114 @@ +/* + * SPDX-License-Identifier: BSD-3-Clause + * + * Copyright 2021 Lutz Donnerhacke + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +#include +#include + +#include + +#include "util.h" + +#define REQUIRE(x) do { \ + if (!(x)) { \ + fprintf(stderr, "Failed in %s %s:%d.\n",\ + __FUNCTION__, __FILE__, __LINE__); \ + exit(-1); \ + } \ +} while(0) + +int +randcmp(const void *a, const void *b) +{ + int res, r = rand(); + + (void)a; + (void)b; + res = (r/4 < RAND_MAX/9) ? 1 + : (r/5 < RAND_MAX/9) ? 0 + : -1; + return (res); +} + +void +hexdump(void *p, size_t len) +{ + size_t i; + unsigned char *c = p; + + for (i = 0; i < len; i++) { + printf(" %02x", c[i]); + switch (i & 0xf) { + case 0xf: printf("\n"); break; + case 0x7: printf(" "); break; + default: break; + } + } + if ((i & 0xf) != 0x0) + printf("\n"); +} + +struct ip * +ip_packet(struct in_addr src, struct in_addr dst, u_char protocol, size_t len) +{ + struct ip * p; + + REQUIRE(len >= 64 && len <= IP_MAXPACKET); + + p = calloc(1, len); + REQUIRE(p != NULL); + + p->ip_v = IPVERSION; + p->ip_hl = sizeof(*p)/4; + p->ip_len = htons(len); + p->ip_ttl = IPDEFTTL; + p->ip_src = src; + p->ip_dst = dst; + p->ip_p = protocol; + REQUIRE(p->ip_hl == 5); + + return (p); +} + +struct udphdr * +set_udp(struct ip *p, u_short sport, u_short dport) { + uint32_t *up = (void *)p; + struct udphdr *u = (void *)&(up[p->ip_hl]); *** 77 LINES SKIPPED *** From owner-dev-commits-src-branches@freebsd.org Sat May 29 13:35:34 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3AA8B640CB3; Sat, 29 May 2021 13:35:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FsjHB15NDz4vQg; Sat, 29 May 2021 13:35:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0A1F73224; Sat, 29 May 2021 13:35:34 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14TDZXmo049931; Sat, 29 May 2021 13:35:33 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14TDZXM1049930; Sat, 29 May 2021 13:35:33 GMT (envelope-from git) Date: Sat, 29 May 2021 13:35:33 GMT Message-Id: <202105291335.14TDZXM1049930@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: fb70e02fafc1 - stable/12 - test/libalias: Tests for instantiation and outgoing NAT MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: fb70e02fafc1bb029fa17ac0aa0d1e7cbc4a5b81 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 May 2021 13:35:34 -0000 The branch stable/12 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=fb70e02fafc1bb029fa17ac0aa0d1e7cbc4a5b81 commit fb70e02fafc1bb029fa17ac0aa0d1e7cbc4a5b81 Author: Lutz Donnerhacke AuthorDate: 2021-05-16 21:37:37 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-29 13:34:53 +0000 test/libalias: Tests for instantiation and outgoing NAT In order to modify libalias for performance, the existing functionality must not change. Enforce this. Testing LibAliasOut functionality. This concentrates the typical use case of initiating data transfers from the inside. Provide a exhaustive test for the data structure in order to check for performance improvements. In order to compare upcoming changes for their effectivness, measure performance by counting opertions and the runtime of each operation over the time. Accumulate all tests in a single instance, so make it complicated over the time. If you wait long enough, you will notice the expiry of old flows. Reviewed by: kp Differential Revision: https://reviews.freebsd.org/D30307 Differential Revision: https://reviews.freebsd.org/D30335 Differential Revision: https://reviews.freebsd.org/D30379 (cherry picked from commit 7fd8baee756efa18b6bbb17cbf3a652eb2058d87) (cherry picked from commit c1fbb54f4b100d576da7ab065d1887a21f691936) (cherry picked from commit 33c1bdfc3e098862100bab7a8dc729d8c78ffa7c) --- tests/sys/netinet/Makefile | 2 + tests/sys/netinet/libalias/1_instance.c | 119 +++++++++ tests/sys/netinet/libalias/2_natout.c | 414 ++++++++++++++++++++++++++++++++ tests/sys/netinet/libalias/Makefile | 31 +++ tests/sys/netinet/libalias/perf.c | 231 ++++++++++++++++++ tests/sys/netinet/libalias/util.c | 114 +++++++++ tests/sys/netinet/libalias/util.h | 62 +++++ 7 files changed, 973 insertions(+) diff --git a/tests/sys/netinet/Makefile b/tests/sys/netinet/Makefile index c02698ba11eb..f92c47b136db 100644 --- a/tests/sys/netinet/Makefile +++ b/tests/sys/netinet/Makefile @@ -3,6 +3,8 @@ TESTSDIR= ${TESTSBASE}/sys/netinet BINDIR= ${TESTSDIR} +TESTS_SUBDIRS+= libalias + ATF_TESTS_C= ip_reass_test \ so_reuseport_lb_test diff --git a/tests/sys/netinet/libalias/1_instance.c b/tests/sys/netinet/libalias/1_instance.c new file mode 100644 index 000000000000..842acb41bb90 --- /dev/null +++ b/tests/sys/netinet/libalias/1_instance.c @@ -0,0 +1,119 @@ +/* + * SPDX-License-Identifier: BSD-3-Clause + * + * Copyright 2021 Lutz Donnerhacke + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +#include +#include +#include +#include + +#include "util.h" + +ATF_TC(2_destroynull); +ATF_TC_HEAD(2_destroynull, env) +{ + atf_tc_set_md_var(env, "descr", "Destroy the NULL instance"); +} +ATF_TC_BODY(2_destroynull, dummy) +{ + atf_tc_expect_death("Code expects valid pointer."); + LibAliasUninit(NULL); +} + +ATF_TC(1_singleinit); +ATF_TC_HEAD(1_singleinit, env) +{ + atf_tc_set_md_var(env, "descr", "Create an instance"); +} +ATF_TC_BODY(1_singleinit, dummy) +{ + struct libalias *la; + + la = LibAliasInit(NULL); + ATF_CHECK_MSG(la != NULL, "Creating an instance failed."); + LibAliasUninit(la); +} + +ATF_TC(3_multiinit); +ATF_TC_HEAD(3_multiinit, env) +{ + atf_tc_set_md_var(env, "descr", "Recreate an instance multiple times"); +} +ATF_TC_BODY(3_multiinit, dummy) +{ + struct libalias *la; + int i; + + la = LibAliasInit(NULL); + for(i = 1; i < 30; i++) { + struct libalias *lo = la; + + la = LibAliasInit(la); + ATF_CHECK_MSG(la == lo, "Recreating moved the instance around: %d", i); + } + LibAliasUninit(la); +} + +ATF_TC(4_multiinstance); +ATF_TC_HEAD(4_multiinstance, env) +{ + atf_tc_set_md_var(env, "descr", "Create and destoy multiple instances."); +} +ATF_TC_BODY(4_multiinstance, dummy) +{ + struct libalias *la[300]; + int const num_instances = sizeof(la) / sizeof(*la); + int i; + + for (i = 0; i < num_instances; i++) { + la[i] = LibAliasInit(NULL); + ATF_CHECK_MSG(la[i] != NULL, "Creating instance %d failed.", i); + } + + qsort(la, num_instances, sizeof(*la), randcmp); + + for (i = 0; i < num_instances; i++) + LibAliasUninit(la[i]); +} + +ATF_TP_ADD_TCS(instance) +{ + /* Use "dd if=/dev/random bs=2 count=1 | od -x" to reproduce */ + srand(0x5ac4); + + ATF_TP_ADD_TC(instance, 2_destroynull); + ATF_TP_ADD_TC(instance, 1_singleinit); + ATF_TP_ADD_TC(instance, 3_multiinit); + ATF_TP_ADD_TC(instance, 4_multiinstance); + + return atf_no_error(); +} diff --git a/tests/sys/netinet/libalias/2_natout.c b/tests/sys/netinet/libalias/2_natout.c new file mode 100644 index 000000000000..1eeeac2ef868 --- /dev/null +++ b/tests/sys/netinet/libalias/2_natout.c @@ -0,0 +1,414 @@ +/* + * SPDX-License-Identifier: BSD-3-Clause + * + * Copyright 2021 Lutz Donnerhacke + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +#include +#include +#include +#include + +#include "util.h" + +/* common ip ranges */ +static struct in_addr masq = { htonl(0x01020304) }; +static struct in_addr pub = { htonl(0x0102dead) }; +static struct in_addr prv1 = { htonl(0x0a00dead) }; +static struct in_addr prv2 = { htonl(0xac10dead) }; +static struct in_addr prv3 = { htonl(0xc0a8dead) }; +static struct in_addr cgn = { htonl(0x6440dead) }; +static struct in_addr ext = { htonl(0x12345678) }; + +#define NAT_CHECK(pip, src, msq) do { \ + int res; \ + int len = ntohs(pip->ip_len); \ + struct in_addr dst = pip->ip_dst; \ + pip->ip_src = src; \ + res = LibAliasOut(la, pip, len); \ + ATF_CHECK_MSG(res == PKT_ALIAS_OK, \ + ">%d< not met PKT_ALIAS_OK", res); \ + ATF_CHECK(addr_eq(msq, pip->ip_src)); \ + ATF_CHECK(addr_eq(dst, pip->ip_dst)); \ +} while(0) + +#define NAT_FAIL(pip, src, dst) do { \ + int res; \ + int len = ntohs(pip->ip_len); \ + pip->ip_src = src; \ + pip->ip_dst = dst; \ + res = LibAliasOut(la, pip, len); \ + ATF_CHECK_MSG(res != PKT_ALIAS_OK), \ + ">%d< not met !PKT_ALIAS_OK", res); \ + ATF_CHECK(addr_eq(src, pip->ip_src)); \ + ATF_CHECK(addr_eq(dst, pip->ip_dst)); \ +} while(0) + +#define UNNAT_CHECK(pip, src, dst, rel) do { \ + int res; \ + int len = ntohs(pip->ip_len); \ + pip->ip_src = src; \ + pip->ip_dst = dst; \ + res = LibAliasIn(la, pip, len); \ + ATF_CHECK_MSG(res == PKT_ALIAS_OK, \ + ">%d< not met PKT_ALIAS_OK", res); \ + ATF_CHECK(addr_eq(src, pip->ip_src)); \ + ATF_CHECK(addr_eq(rel, pip->ip_dst)); \ +} while(0) + +#define UNNAT_FAIL(pip, src, dst) do { \ + int res; \ + int len = ntohs(pip->ip_len); \ + pip->ip_src = src; \ + pip->ip_dst = dst; \ + res = LibAliasIn(la, pip, len); \ + ATF_CHECK_MSG(res != PKT_ALIAS_OK, \ + ">%d< not met !PKT_ALIAS_OK", res); \ + ATF_CHECK(addr_eq(src, pip->ip_src)); \ + ATF_CHECK(addr_eq(dst, pip->ip_dst)); \ +} while(0) + +ATF_TC_WITHOUT_HEAD(1_simplemasq); +ATF_TC_BODY(1_simplemasq, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *pip; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, 0, ~0); + + pip = ip_packet(prv1, ext, 254, 64); + NAT_CHECK(pip, prv1, masq); + NAT_CHECK(pip, prv2, masq); + NAT_CHECK(pip, prv3, masq); + NAT_CHECK(pip, cgn, masq); + NAT_CHECK(pip, pub, masq); + + free(pip); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(2_unregistered); +ATF_TC_BODY(2_unregistered, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *pip; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, PKT_ALIAS_UNREGISTERED_ONLY, ~0); + + pip = ip_packet(prv1, ext, 254, 64); + NAT_CHECK(pip, prv1, masq); + NAT_CHECK(pip, prv2, masq); + NAT_CHECK(pip, prv3, masq); + NAT_CHECK(pip, cgn, cgn); + NAT_CHECK(pip, pub, pub); + + /* + * State is only for new connections + * Because they are now active, + * the mode setting should be ignored + */ + LibAliasSetMode(la, 0, PKT_ALIAS_UNREGISTERED_ONLY); + NAT_CHECK(pip, prv1, masq); + NAT_CHECK(pip, prv2, masq); + NAT_CHECK(pip, prv3, masq); + NAT_CHECK(pip, cgn, cgn); + NAT_CHECK(pip, pub, pub); + + free(pip); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(3_cgn); +ATF_TC_BODY(3_cgn, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *pip; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, PKT_ALIAS_UNREGISTERED_CGN, ~0); + + pip = ip_packet(prv1, ext, 254, 64); + NAT_CHECK(pip, prv1, masq); + NAT_CHECK(pip, prv2, masq); + NAT_CHECK(pip, prv3, masq); + NAT_CHECK(pip, cgn, masq); + NAT_CHECK(pip, pub, pub); + + /* + * State is only for new connections + * Because they are now active, + * the mode setting should be ignored + */ + LibAliasSetMode(la, 0, PKT_ALIAS_UNREGISTERED_CGN); + NAT_CHECK(pip, prv1, masq); + NAT_CHECK(pip, prv2, masq); + NAT_CHECK(pip, prv3, masq); + NAT_CHECK(pip, cgn, masq); + NAT_CHECK(pip, pub, pub); + + free(pip); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(4_udp); +ATF_TC_BODY(4_udp, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *po, *pi; + struct udphdr *ui, *uo; + uint16_t sport = 0x1234; + uint16_t dport = 0x5678; + uint16_t aport; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, 0, ~0); + + /* Query from prv1 */ + po = ip_packet(prv1, ext, 0, 64); + uo = set_udp(po, sport, dport); + NAT_CHECK(po, prv1, masq); + ATF_CHECK(uo->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(po->ip_dst, ext)); + aport = ntohs(uo->uh_sport); + /* should use a different external port */ + ATF_CHECK(aport != sport); + + /* Response */ + pi = ip_packet(po->ip_dst, po->ip_src, 0, 64); + ui = set_udp(pi, ntohs(uo->uh_dport), ntohs(uo->uh_sport)); + UNNAT_CHECK(pi, ext, masq, prv1); + ATF_CHECK(ui->uh_sport == htons(dport)); + ATF_CHECK(ui->uh_dport == htons(sport)); + + /* Query from different source with same ports */ + uo = set_udp(po, sport, dport); + NAT_CHECK(po, prv2, masq); + ATF_CHECK(uo->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(po->ip_dst, ext)); + /* should use a different external port */ + ATF_CHECK(uo->uh_sport != htons(aport)); + + /* Response to prv2 */ + ui->uh_dport = uo->uh_sport; + UNNAT_CHECK(pi, ext, masq, prv2); + ATF_CHECK(ui->uh_sport == htons(dport)); + ATF_CHECK(ui->uh_dport == htons(sport)); + + /* Response to prv1 again */ + ui->uh_dport = htons(aport); + UNNAT_CHECK(pi, ext, masq, prv1); + ATF_CHECK(ui->uh_sport == htons(dport)); + ATF_CHECK(ui->uh_dport == htons(sport)); + + free(pi); + free(po); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(5_sameport); +ATF_TC_BODY(5_sameport, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *p; + struct udphdr *u; + uint16_t sport = 0x1234; + uint16_t dport = 0x5678; + uint16_t aport; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, PKT_ALIAS_SAME_PORTS, ~0); + + /* Query from prv1 */ + p = ip_packet(prv1, ext, 0, 64); + u = set_udp(p, sport, dport); + NAT_CHECK(p, prv1, masq); + ATF_CHECK(u->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(p->ip_dst, ext)); + aport = ntohs(u->uh_sport); + /* should use the same external port */ + ATF_CHECK(aport == sport); + + /* Query from different source with same ports */ + u = set_udp(p, sport, dport); + NAT_CHECK(p, prv2, masq); + ATF_CHECK(u->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(p->ip_dst, ext)); + /* should use a different external port */ + ATF_CHECK(u->uh_sport != htons(aport)); + + free(p); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(6_cleartable); +ATF_TC_BODY(6_cleartable, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *po, *pi; + struct udphdr *ui, *uo; + uint16_t sport = 0x1234; + uint16_t dport = 0x5678; + uint16_t aport; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, PKT_ALIAS_RESET_ON_ADDR_CHANGE, ~0); + LibAliasSetMode(la, PKT_ALIAS_SAME_PORTS, PKT_ALIAS_SAME_PORTS); + LibAliasSetMode(la, PKT_ALIAS_DENY_INCOMING, PKT_ALIAS_DENY_INCOMING); + + /* Query from prv1 */ + po = ip_packet(prv1, ext, 0, 64); + uo = set_udp(po, sport, dport); + NAT_CHECK(po, prv1, masq); + ATF_CHECK(uo->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(po->ip_dst, ext)); + aport = ntohs(uo->uh_sport); + /* should use the same external port */ + ATF_CHECK(aport == sport); + + /* Response */ + pi = ip_packet(po->ip_dst, po->ip_src, 0, 64); + ui = set_udp(pi, ntohs(uo->uh_dport), ntohs(uo->uh_sport)); + UNNAT_CHECK(pi, ext, masq, prv1); + ATF_CHECK(ui->uh_sport == htons(dport)); + ATF_CHECK(ui->uh_dport == htons(sport)); + + /* clear table by keeping the address */ + LibAliasSetAddress(la, ext); + LibAliasSetAddress(la, masq); + + /* Response to prv1 again -> DENY_INCOMING */ + ui->uh_dport = htons(aport); + UNNAT_FAIL(pi, ext, masq); + + /* Query from different source with same ports */ + uo = set_udp(po, sport, dport); + NAT_CHECK(po, prv2, masq); + ATF_CHECK(uo->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(po->ip_dst, ext)); + /* should use the same external port, because it's free */ + ATF_CHECK(uo->uh_sport == htons(aport)); + + /* Response to prv2 */ + ui->uh_dport = uo->uh_sport; + UNNAT_CHECK(pi, ext, masq, prv2); + ATF_CHECK(ui->uh_sport == htons(dport)); + ATF_CHECK(ui->uh_dport == htons(sport)); + + free(pi); + free(po); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(7_stress); +ATF_TC_BODY(7_stress, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *p; + struct udphdr *u; + struct { + struct in_addr src, dst; + uint16_t sport, dport, aport; + } *batch; + size_t const batch_size = 12000; + size_t const rounds = 25; + size_t i, j; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + + p = ip_packet(prv1, ext, 0, 64); + u = set_udp(p, 0, 0); + + batch = calloc(batch_size, sizeof(*batch)); + ATF_REQUIRE(batch != NULL); + for (j = 0; j < rounds; j++) { + for (i = 0; i < batch_size; i++) { + struct in_addr s, d; + switch (i&3) { + case 0: s = prv1; d = ext; break; + case 1: s = prv2; d = pub; break; + case 2: s = prv3; d = ext; break; + case 3: s = cgn; d = pub; break; + } + s.s_addr &= htonl(0xffff0000); + d.s_addr &= htonl(0xffff0000); + batch[i].src.s_addr = s.s_addr | htonl(rand_range(0, 0xffff)); + batch[i].dst.s_addr = d.s_addr | htonl(rand_range(0, 0xffff)); + batch[i].sport = rand_range(1000, 60000); + batch[i].dport = rand_range(1000, 60000); + } + + for (i = 0; i < batch_size; i++) { + p->ip_dst = batch[i].dst; + u = set_udp(p, batch[i].sport, batch[i].dport); + NAT_CHECK(p, batch[i].src, masq); + ATF_CHECK(u->uh_dport == htons(batch[i].dport)); + ATF_CHECK(addr_eq(p->ip_dst, batch[i].dst)); + batch[i].aport = htons(u->uh_sport); + } + + qsort(batch, batch_size, sizeof(*batch), randcmp); + + for (i = 0; i < batch_size; i++) { + u = set_udp(p, batch[i].dport, batch[i].aport); + UNNAT_CHECK(p, batch[i].dst, masq, batch[i].src); + ATF_CHECK(u->uh_dport == htons(batch[i].sport)); + ATF_CHECK(u->uh_sport == htons(batch[i].dport)); + } + } + + free(batch); + free(p); + LibAliasUninit(la); +} + +ATF_TP_ADD_TCS(natout) +{ + /* Use "dd if=/dev/random bs=2 count=1 | od -x" to reproduce */ + srand(0x0b61); + + ATF_TP_ADD_TC(natout, 1_simplemasq); + ATF_TP_ADD_TC(natout, 2_unregistered); + ATF_TP_ADD_TC(natout, 3_cgn); + ATF_TP_ADD_TC(natout, 4_udp); + ATF_TP_ADD_TC(natout, 5_sameport); + ATF_TP_ADD_TC(natout, 6_cleartable); + ATF_TP_ADD_TC(natout, 7_stress); + + return atf_no_error(); +} diff --git a/tests/sys/netinet/libalias/Makefile b/tests/sys/netinet/libalias/Makefile new file mode 100644 index 000000000000..6ee2fc0e0e1f --- /dev/null +++ b/tests/sys/netinet/libalias/Makefile @@ -0,0 +1,31 @@ +# $FreeBSD$ + +PACKAGE= tests + +TESTSDIR= ${TESTSBASE}/sys/netinet/libalias +BINDIR= ${TESTSDIR} + +ATF_TESTS_C+= 1_instance \ + 2_natout \ + +PROGS+= perf + +LIBADD+= alias + +SRCS.1_instance=1_instance.c util.c +SRCS.2_natout= 2_natout.c util.c +SRCS.perf= perf.c util.c + +.include + +# +# Testing during development +# +test: all + cd ${.OBJDIR}; kyua test + +report: + cd ${.OBJDIR}; kyua report + +report-v: + cd ${.OBJDIR}; kyua report --verbose diff --git a/tests/sys/netinet/libalias/perf.c b/tests/sys/netinet/libalias/perf.c new file mode 100644 index 000000000000..365b8f2e9fcc --- /dev/null +++ b/tests/sys/netinet/libalias/perf.c @@ -0,0 +1,231 @@ +/* + * SPDX-License-Identifier: BSD-3-Clause + * + * Copyright 2021 Lutz Donnerhacke + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +#include +#include +#include +#include +#include "util.h" +#include + +/* common ip ranges */ +static struct in_addr masq = { htonl(0x01020304) }; +static struct in_addr prv = { htonl(0x0a000000) }; +static struct in_addr ext = { htonl(0x12000000) }; + +#define timevalcmp(tv, uv, cmp) \ + (((tv).tv_sec == (uv).tv_sec) \ + ? ((tv).tv_usec cmp (uv).tv_usec) \ + : ((tv).tv_sec cmp (uv).tv_sec)) + +#define timevaldiff(n, o) (float) \ + (((n).tv_sec - (o).tv_sec)*1000000l + \ + ((n).tv_usec - (o).tv_usec)) + +int main(int argc, char ** argv) +{ + struct libalias *la; + struct timeval timeout; + struct ip *p; + struct udphdr *u; + struct { + struct in_addr src, dst; + uint16_t sport, dport, aport; + } *batch; + struct { + unsigned long ok, fail; + } nat, unnat, random, attack; + int max_seconds, batch_size, random_size, attack_length, round, cnt; + + if(argc != 5 || + 0 > (max_seconds = atoi(argv[1])) || + 0 >= (batch_size = atoi(argv[2])) || + 0 >= (random_size = atoi(argv[3])) || + 0 >= (attack_length = atoi(argv[4]))) { + printf("Usage: %s max_seconds batch_size random_size attack_length\n", argv[0]); + return 1; + } + if (NULL == (la = LibAliasInit(NULL))) { + perror("LibAliasInit"); + return -1; + } + + bzero(&nat, sizeof(nat)); + bzero(&unnat, sizeof(unnat)); + bzero(&random, sizeof(random)); + bzero(&attack, sizeof(attack)); + + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, PKT_ALIAS_DENY_INCOMING, PKT_ALIAS_DENY_INCOMING); + + prv.s_addr &= htonl(0xffff0000); + ext.s_addr &= htonl(0xffff0000); + + p = ip_packet(prv, ext, 0, 64); + u = set_udp(p, 0, 0); + + if (NULL == (batch = calloc(batch_size, sizeof(*batch)))) { + perror("calloc(batch)"); + return -1; + } + + gettimeofday(&timeout, NULL); + timeout.tv_sec += max_seconds; + + printf("RND SECND NAT RND ATT UNA\n"); + for (round = 0; ; round++) { + int i, res; + struct timeval now, start; + + printf("%3d ", round+1); + + gettimeofday(&start, NULL); + printf("%5.1f ", max_seconds - timevaldiff(timeout, start)/1000000.0f); + for (cnt = i = 0; i < batch_size; i++, cnt++) { + batch[i].src.s_addr = prv.s_addr | htonl(rand_range(0, 0xffff)); + batch[i].dst.s_addr = ext.s_addr | htonl(rand_range(0, 0xffff)); + batch[i].sport = rand_range(1000, 60000); + batch[i].dport = rand_range(1000, 60000); + + p->ip_src = batch[i].src; + p->ip_dst = batch[i].dst; + u = set_udp(p, batch[i].sport, batch[i].dport); + + res = LibAliasOut(la, p, 64); + batch[i].aport = htons(u->uh_sport); + + if (res == PKT_ALIAS_OK && + u->uh_dport == htons(batch[i].dport) && + addr_eq(p->ip_dst, batch[i].dst) && + addr_eq(p->ip_src, masq)) + nat.ok++; + else + nat.fail++; + + gettimeofday(&now, NULL); + if(timevalcmp(now, timeout, >=)) + goto out; + } + if (cnt > 0) + printf("%3.0f ", timevaldiff(now, start) / cnt); + + start = now; + for (cnt = i = 0; i < random_size; i++, cnt++) { + p->ip_src.s_addr = ext.s_addr & htonl(0xfff00000); + p->ip_src.s_addr |= htonl(rand_range(0, 0xffff)); + p->ip_dst = masq; + u = set_udp(p, rand_range(1, 0xffff), rand_range(1, 0xffff)); + + res = LibAliasIn(la, p, 64); + + if (res == PKT_ALIAS_OK) + random.ok++; + else + random.fail++; + + gettimeofday(&now, NULL); + if(timevalcmp(now, timeout, >=)) + goto out; + } + if (cnt > 0) + printf("%3.0f ", timevaldiff(now, start) / cnt); + + start = now; + p->ip_src.s_addr = ext.s_addr & htonl(0xfff00000); + p->ip_src.s_addr |= htonl(rand_range(0, 0xffff)); + p->ip_dst = masq; + u = set_udp(p, rand_range(1, 0xffff), rand_range(1, 0xffff)); + for (cnt = i = 0; i < attack_length; i++, cnt++) { + res = LibAliasIn(la, p, 64); + + if (res == PKT_ALIAS_OK) + attack.ok++; + else + attack.fail++; + + gettimeofday(&now, NULL); + if(timevalcmp(now, timeout, >=)) + goto out; + } + if (cnt > 0) + printf("%3.0f ", timevaldiff(now, start) / cnt); + + qsort(batch, batch_size, sizeof(*batch), randcmp); + + gettimeofday(&start, NULL); + for (cnt = i = 0; i < batch_size; i++, cnt++) { + p->ip_src = batch[i].dst; + p->ip_dst = masq; + u = set_udp(p, batch[i].dport, batch[i].aport); + + res = LibAliasIn(la, p, 64); + batch[i].aport = htons(u->uh_sport); + + if (res == PKT_ALIAS_OK && + u->uh_sport == htons(batch[i].dport) && + u->uh_dport == htons(batch[i].sport) && + addr_eq(p->ip_dst, batch[i].src) && + addr_eq(p->ip_src, batch[i].dst)) + unnat.ok++; + else + unnat.fail++; + + gettimeofday(&now, NULL); + if(timevalcmp(now, timeout, >=)) + goto out; + } + if (cnt > 0) + printf("%3.0f\n", timevaldiff(now, start) / cnt); + } +out: + printf("\n\n"); + free(batch); + free(p); + LibAliasUninit(la); + + printf("Results\n"); + printf(" Rounds : %7u\n", round); + printf(" NAT ok : %7lu\n", nat.ok); + printf(" NAT fail: %7lu\n", nat.fail); + printf(" UNNAT ok : %7lu\n", unnat.ok); + printf(" UNNAT fail: %7lu\n", unnat.fail); + printf("RANDOM ok : %7lu\n", random.ok); + printf("RANDOM fail: %7lu\n", random.fail); + printf("ATTACK ok : %7lu\n", attack.ok); + printf("ATTACK fail: %7lu\n", attack.fail); + printf(" -------------------\n"); + printf(" Total: %7lu\n", + nat.ok + nat.fail + unnat.ok + unnat.fail + + random.ok + random.fail + attack.ok + attack.fail); + return (0); +} diff --git a/tests/sys/netinet/libalias/util.c b/tests/sys/netinet/libalias/util.c new file mode 100644 index 000000000000..df2e320a4eba --- /dev/null +++ b/tests/sys/netinet/libalias/util.c @@ -0,0 +1,114 @@ +/* + * SPDX-License-Identifier: BSD-3-Clause + * + * Copyright 2021 Lutz Donnerhacke + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +#include +#include + +#include + +#include "util.h" + +#define REQUIRE(x) do { \ + if (!(x)) { \ + fprintf(stderr, "Failed in %s %s:%d.\n",\ + __FUNCTION__, __FILE__, __LINE__); \ + exit(-1); \ + } \ +} while(0) + +int +randcmp(const void *a, const void *b) +{ + int res, r = rand(); + + (void)a; + (void)b; + res = (r/4 < RAND_MAX/9) ? 1 + : (r/5 < RAND_MAX/9) ? 0 + : -1; + return (res); +} + +void +hexdump(void *p, size_t len) +{ + size_t i; + unsigned char *c = p; + + for (i = 0; i < len; i++) { + printf(" %02x", c[i]); + switch (i & 0xf) { + case 0xf: printf("\n"); break; + case 0x7: printf(" "); break; + default: break; + } + } + if ((i & 0xf) != 0x0) + printf("\n"); +} + +struct ip * +ip_packet(struct in_addr src, struct in_addr dst, u_char protocol, size_t len) +{ + struct ip * p; + + REQUIRE(len >= 64 && len <= IP_MAXPACKET); + + p = calloc(1, len); + REQUIRE(p != NULL); + + p->ip_v = IPVERSION; + p->ip_hl = sizeof(*p)/4; + p->ip_len = htons(len); + p->ip_ttl = IPDEFTTL; + p->ip_src = src; + p->ip_dst = dst; + p->ip_p = protocol; + REQUIRE(p->ip_hl == 5); + + return (p); +} + +struct udphdr * +set_udp(struct ip *p, u_short sport, u_short dport) { + uint32_t *up = (void *)p; + struct udphdr *u = (void *)&(up[p->ip_hl]); *** 77 LINES SKIPPED *** From owner-dev-commits-src-branches@freebsd.org Sat May 29 13:42:23 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id AF274640FDB; Sat, 29 May 2021 13:42:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FsjR34bnBz3Cgw; Sat, 29 May 2021 13:42:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 867D43309; Sat, 29 May 2021 13:42:23 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14TDgNJh063351; Sat, 29 May 2021 13:42:23 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14TDgNGj063350; Sat, 29 May 2021 13:42:23 GMT (envelope-from git) Date: Sat, 29 May 2021 13:42:23 GMT Message-Id: <202105291342.14TDgNGj063350@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: b4b99d2333fa - stable/11 - test/libalias: Tests for instantiation and outgoing NAT MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/11 X-Git-Reftype: branch X-Git-Commit: b4b99d2333faeb6ba383dcabde5d0e4c90cf23de Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 May 2021 13:42:23 -0000 The branch stable/11 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=b4b99d2333faeb6ba383dcabde5d0e4c90cf23de commit b4b99d2333faeb6ba383dcabde5d0e4c90cf23de Author: Lutz Donnerhacke AuthorDate: 2021-05-16 21:37:37 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-29 13:41:43 +0000 test/libalias: Tests for instantiation and outgoing NAT In order to modify libalias for performance, the existing functionality must not change. Enforce this. Testing LibAliasOut functionality. This concentrates the typical use case of initiating data transfers from the inside. Provide a exhaustive test for the data structure in order to check for performance improvements. In order to compare upcoming changes for their effectivness, measure performance by counting opertions and the runtime of each operation over the time. Accumulate all tests in a single instance, so make it complicated over the time. If you wait long enough, you will notice the expiry of old flows. Reviewed by: kp Differential Revision: https://reviews.freebsd.org/D30307 Differential Revision: https://reviews.freebsd.org/D30335 Differential Revision: https://reviews.freebsd.org/D30379 (cherry picked from commit 7fd8baee756efa18b6bbb17cbf3a652eb2058d87) (cherry picked from commit c1fbb54f4b100d576da7ab065d1887a21f691936) (cherry picked from commit 33c1bdfc3e098862100bab7a8dc729d8c78ffa7c) --- tests/sys/netinet/Makefile | 2 + tests/sys/netinet/libalias/1_instance.c | 119 +++++++++ tests/sys/netinet/libalias/2_natout.c | 414 ++++++++++++++++++++++++++++++++ tests/sys/netinet/libalias/Makefile | 31 +++ tests/sys/netinet/libalias/perf.c | 231 ++++++++++++++++++ tests/sys/netinet/libalias/util.c | 114 +++++++++ tests/sys/netinet/libalias/util.h | 62 +++++ 7 files changed, 973 insertions(+) diff --git a/tests/sys/netinet/Makefile b/tests/sys/netinet/Makefile index 9e1150ebf61b..0f0ab5f28170 100644 --- a/tests/sys/netinet/Makefile +++ b/tests/sys/netinet/Makefile @@ -3,6 +3,8 @@ TESTSDIR= ${TESTSBASE}/sys/netinet BINDIR= ${TESTSDIR} +TESTS_SUBDIRS+= libalias + ATF_TESTS_SH= fibs_test PROGS= udp_dontroute tcp_user_cookie diff --git a/tests/sys/netinet/libalias/1_instance.c b/tests/sys/netinet/libalias/1_instance.c new file mode 100644 index 000000000000..842acb41bb90 --- /dev/null +++ b/tests/sys/netinet/libalias/1_instance.c @@ -0,0 +1,119 @@ +/* + * SPDX-License-Identifier: BSD-3-Clause + * + * Copyright 2021 Lutz Donnerhacke + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +#include +#include +#include +#include + +#include "util.h" + +ATF_TC(2_destroynull); +ATF_TC_HEAD(2_destroynull, env) +{ + atf_tc_set_md_var(env, "descr", "Destroy the NULL instance"); +} +ATF_TC_BODY(2_destroynull, dummy) +{ + atf_tc_expect_death("Code expects valid pointer."); + LibAliasUninit(NULL); +} + +ATF_TC(1_singleinit); +ATF_TC_HEAD(1_singleinit, env) +{ + atf_tc_set_md_var(env, "descr", "Create an instance"); +} +ATF_TC_BODY(1_singleinit, dummy) +{ + struct libalias *la; + + la = LibAliasInit(NULL); + ATF_CHECK_MSG(la != NULL, "Creating an instance failed."); + LibAliasUninit(la); +} + +ATF_TC(3_multiinit); +ATF_TC_HEAD(3_multiinit, env) +{ + atf_tc_set_md_var(env, "descr", "Recreate an instance multiple times"); +} +ATF_TC_BODY(3_multiinit, dummy) +{ + struct libalias *la; + int i; + + la = LibAliasInit(NULL); + for(i = 1; i < 30; i++) { + struct libalias *lo = la; + + la = LibAliasInit(la); + ATF_CHECK_MSG(la == lo, "Recreating moved the instance around: %d", i); + } + LibAliasUninit(la); +} + +ATF_TC(4_multiinstance); +ATF_TC_HEAD(4_multiinstance, env) +{ + atf_tc_set_md_var(env, "descr", "Create and destoy multiple instances."); +} +ATF_TC_BODY(4_multiinstance, dummy) +{ + struct libalias *la[300]; + int const num_instances = sizeof(la) / sizeof(*la); + int i; + + for (i = 0; i < num_instances; i++) { + la[i] = LibAliasInit(NULL); + ATF_CHECK_MSG(la[i] != NULL, "Creating instance %d failed.", i); + } + + qsort(la, num_instances, sizeof(*la), randcmp); + + for (i = 0; i < num_instances; i++) + LibAliasUninit(la[i]); +} + +ATF_TP_ADD_TCS(instance) +{ + /* Use "dd if=/dev/random bs=2 count=1 | od -x" to reproduce */ + srand(0x5ac4); + + ATF_TP_ADD_TC(instance, 2_destroynull); + ATF_TP_ADD_TC(instance, 1_singleinit); + ATF_TP_ADD_TC(instance, 3_multiinit); + ATF_TP_ADD_TC(instance, 4_multiinstance); + + return atf_no_error(); +} diff --git a/tests/sys/netinet/libalias/2_natout.c b/tests/sys/netinet/libalias/2_natout.c new file mode 100644 index 000000000000..1eeeac2ef868 --- /dev/null +++ b/tests/sys/netinet/libalias/2_natout.c @@ -0,0 +1,414 @@ +/* + * SPDX-License-Identifier: BSD-3-Clause + * + * Copyright 2021 Lutz Donnerhacke + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +#include +#include +#include +#include + +#include "util.h" + +/* common ip ranges */ +static struct in_addr masq = { htonl(0x01020304) }; +static struct in_addr pub = { htonl(0x0102dead) }; +static struct in_addr prv1 = { htonl(0x0a00dead) }; +static struct in_addr prv2 = { htonl(0xac10dead) }; +static struct in_addr prv3 = { htonl(0xc0a8dead) }; +static struct in_addr cgn = { htonl(0x6440dead) }; +static struct in_addr ext = { htonl(0x12345678) }; + +#define NAT_CHECK(pip, src, msq) do { \ + int res; \ + int len = ntohs(pip->ip_len); \ + struct in_addr dst = pip->ip_dst; \ + pip->ip_src = src; \ + res = LibAliasOut(la, pip, len); \ + ATF_CHECK_MSG(res == PKT_ALIAS_OK, \ + ">%d< not met PKT_ALIAS_OK", res); \ + ATF_CHECK(addr_eq(msq, pip->ip_src)); \ + ATF_CHECK(addr_eq(dst, pip->ip_dst)); \ +} while(0) + +#define NAT_FAIL(pip, src, dst) do { \ + int res; \ + int len = ntohs(pip->ip_len); \ + pip->ip_src = src; \ + pip->ip_dst = dst; \ + res = LibAliasOut(la, pip, len); \ + ATF_CHECK_MSG(res != PKT_ALIAS_OK), \ + ">%d< not met !PKT_ALIAS_OK", res); \ + ATF_CHECK(addr_eq(src, pip->ip_src)); \ + ATF_CHECK(addr_eq(dst, pip->ip_dst)); \ +} while(0) + +#define UNNAT_CHECK(pip, src, dst, rel) do { \ + int res; \ + int len = ntohs(pip->ip_len); \ + pip->ip_src = src; \ + pip->ip_dst = dst; \ + res = LibAliasIn(la, pip, len); \ + ATF_CHECK_MSG(res == PKT_ALIAS_OK, \ + ">%d< not met PKT_ALIAS_OK", res); \ + ATF_CHECK(addr_eq(src, pip->ip_src)); \ + ATF_CHECK(addr_eq(rel, pip->ip_dst)); \ +} while(0) + +#define UNNAT_FAIL(pip, src, dst) do { \ + int res; \ + int len = ntohs(pip->ip_len); \ + pip->ip_src = src; \ + pip->ip_dst = dst; \ + res = LibAliasIn(la, pip, len); \ + ATF_CHECK_MSG(res != PKT_ALIAS_OK, \ + ">%d< not met !PKT_ALIAS_OK", res); \ + ATF_CHECK(addr_eq(src, pip->ip_src)); \ + ATF_CHECK(addr_eq(dst, pip->ip_dst)); \ +} while(0) + +ATF_TC_WITHOUT_HEAD(1_simplemasq); +ATF_TC_BODY(1_simplemasq, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *pip; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, 0, ~0); + + pip = ip_packet(prv1, ext, 254, 64); + NAT_CHECK(pip, prv1, masq); + NAT_CHECK(pip, prv2, masq); + NAT_CHECK(pip, prv3, masq); + NAT_CHECK(pip, cgn, masq); + NAT_CHECK(pip, pub, masq); + + free(pip); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(2_unregistered); +ATF_TC_BODY(2_unregistered, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *pip; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, PKT_ALIAS_UNREGISTERED_ONLY, ~0); + + pip = ip_packet(prv1, ext, 254, 64); + NAT_CHECK(pip, prv1, masq); + NAT_CHECK(pip, prv2, masq); + NAT_CHECK(pip, prv3, masq); + NAT_CHECK(pip, cgn, cgn); + NAT_CHECK(pip, pub, pub); + + /* + * State is only for new connections + * Because they are now active, + * the mode setting should be ignored + */ + LibAliasSetMode(la, 0, PKT_ALIAS_UNREGISTERED_ONLY); + NAT_CHECK(pip, prv1, masq); + NAT_CHECK(pip, prv2, masq); + NAT_CHECK(pip, prv3, masq); + NAT_CHECK(pip, cgn, cgn); + NAT_CHECK(pip, pub, pub); + + free(pip); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(3_cgn); +ATF_TC_BODY(3_cgn, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *pip; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, PKT_ALIAS_UNREGISTERED_CGN, ~0); + + pip = ip_packet(prv1, ext, 254, 64); + NAT_CHECK(pip, prv1, masq); + NAT_CHECK(pip, prv2, masq); + NAT_CHECK(pip, prv3, masq); + NAT_CHECK(pip, cgn, masq); + NAT_CHECK(pip, pub, pub); + + /* + * State is only for new connections + * Because they are now active, + * the mode setting should be ignored + */ + LibAliasSetMode(la, 0, PKT_ALIAS_UNREGISTERED_CGN); + NAT_CHECK(pip, prv1, masq); + NAT_CHECK(pip, prv2, masq); + NAT_CHECK(pip, prv3, masq); + NAT_CHECK(pip, cgn, masq); + NAT_CHECK(pip, pub, pub); + + free(pip); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(4_udp); +ATF_TC_BODY(4_udp, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *po, *pi; + struct udphdr *ui, *uo; + uint16_t sport = 0x1234; + uint16_t dport = 0x5678; + uint16_t aport; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, 0, ~0); + + /* Query from prv1 */ + po = ip_packet(prv1, ext, 0, 64); + uo = set_udp(po, sport, dport); + NAT_CHECK(po, prv1, masq); + ATF_CHECK(uo->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(po->ip_dst, ext)); + aport = ntohs(uo->uh_sport); + /* should use a different external port */ + ATF_CHECK(aport != sport); + + /* Response */ + pi = ip_packet(po->ip_dst, po->ip_src, 0, 64); + ui = set_udp(pi, ntohs(uo->uh_dport), ntohs(uo->uh_sport)); + UNNAT_CHECK(pi, ext, masq, prv1); + ATF_CHECK(ui->uh_sport == htons(dport)); + ATF_CHECK(ui->uh_dport == htons(sport)); + + /* Query from different source with same ports */ + uo = set_udp(po, sport, dport); + NAT_CHECK(po, prv2, masq); + ATF_CHECK(uo->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(po->ip_dst, ext)); + /* should use a different external port */ + ATF_CHECK(uo->uh_sport != htons(aport)); + + /* Response to prv2 */ + ui->uh_dport = uo->uh_sport; + UNNAT_CHECK(pi, ext, masq, prv2); + ATF_CHECK(ui->uh_sport == htons(dport)); + ATF_CHECK(ui->uh_dport == htons(sport)); + + /* Response to prv1 again */ + ui->uh_dport = htons(aport); + UNNAT_CHECK(pi, ext, masq, prv1); + ATF_CHECK(ui->uh_sport == htons(dport)); + ATF_CHECK(ui->uh_dport == htons(sport)); + + free(pi); + free(po); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(5_sameport); +ATF_TC_BODY(5_sameport, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *p; + struct udphdr *u; + uint16_t sport = 0x1234; + uint16_t dport = 0x5678; + uint16_t aport; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, PKT_ALIAS_SAME_PORTS, ~0); + + /* Query from prv1 */ + p = ip_packet(prv1, ext, 0, 64); + u = set_udp(p, sport, dport); + NAT_CHECK(p, prv1, masq); + ATF_CHECK(u->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(p->ip_dst, ext)); + aport = ntohs(u->uh_sport); + /* should use the same external port */ + ATF_CHECK(aport == sport); + + /* Query from different source with same ports */ + u = set_udp(p, sport, dport); + NAT_CHECK(p, prv2, masq); + ATF_CHECK(u->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(p->ip_dst, ext)); + /* should use a different external port */ + ATF_CHECK(u->uh_sport != htons(aport)); + + free(p); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(6_cleartable); +ATF_TC_BODY(6_cleartable, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *po, *pi; + struct udphdr *ui, *uo; + uint16_t sport = 0x1234; + uint16_t dport = 0x5678; + uint16_t aport; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, PKT_ALIAS_RESET_ON_ADDR_CHANGE, ~0); + LibAliasSetMode(la, PKT_ALIAS_SAME_PORTS, PKT_ALIAS_SAME_PORTS); + LibAliasSetMode(la, PKT_ALIAS_DENY_INCOMING, PKT_ALIAS_DENY_INCOMING); + + /* Query from prv1 */ + po = ip_packet(prv1, ext, 0, 64); + uo = set_udp(po, sport, dport); + NAT_CHECK(po, prv1, masq); + ATF_CHECK(uo->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(po->ip_dst, ext)); + aport = ntohs(uo->uh_sport); + /* should use the same external port */ + ATF_CHECK(aport == sport); + + /* Response */ + pi = ip_packet(po->ip_dst, po->ip_src, 0, 64); + ui = set_udp(pi, ntohs(uo->uh_dport), ntohs(uo->uh_sport)); + UNNAT_CHECK(pi, ext, masq, prv1); + ATF_CHECK(ui->uh_sport == htons(dport)); + ATF_CHECK(ui->uh_dport == htons(sport)); + + /* clear table by keeping the address */ + LibAliasSetAddress(la, ext); + LibAliasSetAddress(la, masq); + + /* Response to prv1 again -> DENY_INCOMING */ + ui->uh_dport = htons(aport); + UNNAT_FAIL(pi, ext, masq); + + /* Query from different source with same ports */ + uo = set_udp(po, sport, dport); + NAT_CHECK(po, prv2, masq); + ATF_CHECK(uo->uh_dport == htons(dport)); + ATF_CHECK(addr_eq(po->ip_dst, ext)); + /* should use the same external port, because it's free */ + ATF_CHECK(uo->uh_sport == htons(aport)); + + /* Response to prv2 */ + ui->uh_dport = uo->uh_sport; + UNNAT_CHECK(pi, ext, masq, prv2); + ATF_CHECK(ui->uh_sport == htons(dport)); + ATF_CHECK(ui->uh_dport == htons(sport)); + + free(pi); + free(po); + LibAliasUninit(la); +} + +ATF_TC_WITHOUT_HEAD(7_stress); +ATF_TC_BODY(7_stress, dummy) +{ + struct libalias *la = LibAliasInit(NULL); + struct ip *p; + struct udphdr *u; + struct { + struct in_addr src, dst; + uint16_t sport, dport, aport; + } *batch; + size_t const batch_size = 12000; + size_t const rounds = 25; + size_t i, j; + + ATF_REQUIRE(la != NULL); + LibAliasSetAddress(la, masq); + + p = ip_packet(prv1, ext, 0, 64); + u = set_udp(p, 0, 0); + + batch = calloc(batch_size, sizeof(*batch)); + ATF_REQUIRE(batch != NULL); + for (j = 0; j < rounds; j++) { + for (i = 0; i < batch_size; i++) { + struct in_addr s, d; + switch (i&3) { + case 0: s = prv1; d = ext; break; + case 1: s = prv2; d = pub; break; + case 2: s = prv3; d = ext; break; + case 3: s = cgn; d = pub; break; + } + s.s_addr &= htonl(0xffff0000); + d.s_addr &= htonl(0xffff0000); + batch[i].src.s_addr = s.s_addr | htonl(rand_range(0, 0xffff)); + batch[i].dst.s_addr = d.s_addr | htonl(rand_range(0, 0xffff)); + batch[i].sport = rand_range(1000, 60000); + batch[i].dport = rand_range(1000, 60000); + } + + for (i = 0; i < batch_size; i++) { + p->ip_dst = batch[i].dst; + u = set_udp(p, batch[i].sport, batch[i].dport); + NAT_CHECK(p, batch[i].src, masq); + ATF_CHECK(u->uh_dport == htons(batch[i].dport)); + ATF_CHECK(addr_eq(p->ip_dst, batch[i].dst)); + batch[i].aport = htons(u->uh_sport); + } + + qsort(batch, batch_size, sizeof(*batch), randcmp); + + for (i = 0; i < batch_size; i++) { + u = set_udp(p, batch[i].dport, batch[i].aport); + UNNAT_CHECK(p, batch[i].dst, masq, batch[i].src); + ATF_CHECK(u->uh_dport == htons(batch[i].sport)); + ATF_CHECK(u->uh_sport == htons(batch[i].dport)); + } + } + + free(batch); + free(p); + LibAliasUninit(la); +} + +ATF_TP_ADD_TCS(natout) +{ + /* Use "dd if=/dev/random bs=2 count=1 | od -x" to reproduce */ + srand(0x0b61); + + ATF_TP_ADD_TC(natout, 1_simplemasq); + ATF_TP_ADD_TC(natout, 2_unregistered); + ATF_TP_ADD_TC(natout, 3_cgn); + ATF_TP_ADD_TC(natout, 4_udp); + ATF_TP_ADD_TC(natout, 5_sameport); + ATF_TP_ADD_TC(natout, 6_cleartable); + ATF_TP_ADD_TC(natout, 7_stress); + + return atf_no_error(); +} diff --git a/tests/sys/netinet/libalias/Makefile b/tests/sys/netinet/libalias/Makefile new file mode 100644 index 000000000000..6ee2fc0e0e1f --- /dev/null +++ b/tests/sys/netinet/libalias/Makefile @@ -0,0 +1,31 @@ +# $FreeBSD$ + +PACKAGE= tests + +TESTSDIR= ${TESTSBASE}/sys/netinet/libalias +BINDIR= ${TESTSDIR} + +ATF_TESTS_C+= 1_instance \ + 2_natout \ + +PROGS+= perf + +LIBADD+= alias + +SRCS.1_instance=1_instance.c util.c +SRCS.2_natout= 2_natout.c util.c +SRCS.perf= perf.c util.c + +.include + +# +# Testing during development +# +test: all + cd ${.OBJDIR}; kyua test + +report: + cd ${.OBJDIR}; kyua report + +report-v: + cd ${.OBJDIR}; kyua report --verbose diff --git a/tests/sys/netinet/libalias/perf.c b/tests/sys/netinet/libalias/perf.c new file mode 100644 index 000000000000..365b8f2e9fcc --- /dev/null +++ b/tests/sys/netinet/libalias/perf.c @@ -0,0 +1,231 @@ +/* + * SPDX-License-Identifier: BSD-3-Clause + * + * Copyright 2021 Lutz Donnerhacke + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +#include +#include +#include +#include +#include "util.h" +#include + +/* common ip ranges */ +static struct in_addr masq = { htonl(0x01020304) }; +static struct in_addr prv = { htonl(0x0a000000) }; +static struct in_addr ext = { htonl(0x12000000) }; + +#define timevalcmp(tv, uv, cmp) \ + (((tv).tv_sec == (uv).tv_sec) \ + ? ((tv).tv_usec cmp (uv).tv_usec) \ + : ((tv).tv_sec cmp (uv).tv_sec)) + +#define timevaldiff(n, o) (float) \ + (((n).tv_sec - (o).tv_sec)*1000000l + \ + ((n).tv_usec - (o).tv_usec)) + +int main(int argc, char ** argv) +{ + struct libalias *la; + struct timeval timeout; + struct ip *p; + struct udphdr *u; + struct { + struct in_addr src, dst; + uint16_t sport, dport, aport; + } *batch; + struct { + unsigned long ok, fail; + } nat, unnat, random, attack; + int max_seconds, batch_size, random_size, attack_length, round, cnt; + + if(argc != 5 || + 0 > (max_seconds = atoi(argv[1])) || + 0 >= (batch_size = atoi(argv[2])) || + 0 >= (random_size = atoi(argv[3])) || + 0 >= (attack_length = atoi(argv[4]))) { + printf("Usage: %s max_seconds batch_size random_size attack_length\n", argv[0]); + return 1; + } + if (NULL == (la = LibAliasInit(NULL))) { + perror("LibAliasInit"); + return -1; + } + + bzero(&nat, sizeof(nat)); + bzero(&unnat, sizeof(unnat)); + bzero(&random, sizeof(random)); + bzero(&attack, sizeof(attack)); + + LibAliasSetAddress(la, masq); + LibAliasSetMode(la, PKT_ALIAS_DENY_INCOMING, PKT_ALIAS_DENY_INCOMING); + + prv.s_addr &= htonl(0xffff0000); + ext.s_addr &= htonl(0xffff0000); + + p = ip_packet(prv, ext, 0, 64); + u = set_udp(p, 0, 0); + + if (NULL == (batch = calloc(batch_size, sizeof(*batch)))) { + perror("calloc(batch)"); + return -1; + } + + gettimeofday(&timeout, NULL); + timeout.tv_sec += max_seconds; + + printf("RND SECND NAT RND ATT UNA\n"); + for (round = 0; ; round++) { + int i, res; + struct timeval now, start; + + printf("%3d ", round+1); + + gettimeofday(&start, NULL); + printf("%5.1f ", max_seconds - timevaldiff(timeout, start)/1000000.0f); + for (cnt = i = 0; i < batch_size; i++, cnt++) { + batch[i].src.s_addr = prv.s_addr | htonl(rand_range(0, 0xffff)); + batch[i].dst.s_addr = ext.s_addr | htonl(rand_range(0, 0xffff)); + batch[i].sport = rand_range(1000, 60000); + batch[i].dport = rand_range(1000, 60000); + + p->ip_src = batch[i].src; + p->ip_dst = batch[i].dst; + u = set_udp(p, batch[i].sport, batch[i].dport); + + res = LibAliasOut(la, p, 64); + batch[i].aport = htons(u->uh_sport); + + if (res == PKT_ALIAS_OK && + u->uh_dport == htons(batch[i].dport) && + addr_eq(p->ip_dst, batch[i].dst) && + addr_eq(p->ip_src, masq)) + nat.ok++; + else + nat.fail++; + + gettimeofday(&now, NULL); + if(timevalcmp(now, timeout, >=)) + goto out; + } + if (cnt > 0) + printf("%3.0f ", timevaldiff(now, start) / cnt); + + start = now; + for (cnt = i = 0; i < random_size; i++, cnt++) { + p->ip_src.s_addr = ext.s_addr & htonl(0xfff00000); + p->ip_src.s_addr |= htonl(rand_range(0, 0xffff)); + p->ip_dst = masq; + u = set_udp(p, rand_range(1, 0xffff), rand_range(1, 0xffff)); + + res = LibAliasIn(la, p, 64); + + if (res == PKT_ALIAS_OK) + random.ok++; + else + random.fail++; + + gettimeofday(&now, NULL); + if(timevalcmp(now, timeout, >=)) + goto out; + } + if (cnt > 0) + printf("%3.0f ", timevaldiff(now, start) / cnt); + + start = now; + p->ip_src.s_addr = ext.s_addr & htonl(0xfff00000); + p->ip_src.s_addr |= htonl(rand_range(0, 0xffff)); + p->ip_dst = masq; + u = set_udp(p, rand_range(1, 0xffff), rand_range(1, 0xffff)); + for (cnt = i = 0; i < attack_length; i++, cnt++) { + res = LibAliasIn(la, p, 64); + + if (res == PKT_ALIAS_OK) + attack.ok++; + else + attack.fail++; + + gettimeofday(&now, NULL); + if(timevalcmp(now, timeout, >=)) + goto out; + } + if (cnt > 0) + printf("%3.0f ", timevaldiff(now, start) / cnt); + + qsort(batch, batch_size, sizeof(*batch), randcmp); + + gettimeofday(&start, NULL); + for (cnt = i = 0; i < batch_size; i++, cnt++) { + p->ip_src = batch[i].dst; + p->ip_dst = masq; + u = set_udp(p, batch[i].dport, batch[i].aport); + + res = LibAliasIn(la, p, 64); + batch[i].aport = htons(u->uh_sport); + + if (res == PKT_ALIAS_OK && + u->uh_sport == htons(batch[i].dport) && + u->uh_dport == htons(batch[i].sport) && + addr_eq(p->ip_dst, batch[i].src) && + addr_eq(p->ip_src, batch[i].dst)) + unnat.ok++; + else + unnat.fail++; + + gettimeofday(&now, NULL); + if(timevalcmp(now, timeout, >=)) + goto out; + } + if (cnt > 0) + printf("%3.0f\n", timevaldiff(now, start) / cnt); + } +out: + printf("\n\n"); + free(batch); + free(p); + LibAliasUninit(la); + + printf("Results\n"); + printf(" Rounds : %7u\n", round); + printf(" NAT ok : %7lu\n", nat.ok); + printf(" NAT fail: %7lu\n", nat.fail); + printf(" UNNAT ok : %7lu\n", unnat.ok); + printf(" UNNAT fail: %7lu\n", unnat.fail); + printf("RANDOM ok : %7lu\n", random.ok); + printf("RANDOM fail: %7lu\n", random.fail); + printf("ATTACK ok : %7lu\n", attack.ok); + printf("ATTACK fail: %7lu\n", attack.fail); + printf(" -------------------\n"); + printf(" Total: %7lu\n", + nat.ok + nat.fail + unnat.ok + unnat.fail + + random.ok + random.fail + attack.ok + attack.fail); + return (0); +} diff --git a/tests/sys/netinet/libalias/util.c b/tests/sys/netinet/libalias/util.c new file mode 100644 index 000000000000..df2e320a4eba --- /dev/null +++ b/tests/sys/netinet/libalias/util.c @@ -0,0 +1,114 @@ +/* + * SPDX-License-Identifier: BSD-3-Clause + * + * Copyright 2021 Lutz Donnerhacke + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ +#include +#include + +#include + +#include "util.h" + +#define REQUIRE(x) do { \ + if (!(x)) { \ + fprintf(stderr, "Failed in %s %s:%d.\n",\ + __FUNCTION__, __FILE__, __LINE__); \ + exit(-1); \ + } \ +} while(0) + +int +randcmp(const void *a, const void *b) +{ + int res, r = rand(); + + (void)a; + (void)b; + res = (r/4 < RAND_MAX/9) ? 1 + : (r/5 < RAND_MAX/9) ? 0 + : -1; + return (res); +} + +void +hexdump(void *p, size_t len) +{ + size_t i; + unsigned char *c = p; + + for (i = 0; i < len; i++) { + printf(" %02x", c[i]); + switch (i & 0xf) { + case 0xf: printf("\n"); break; + case 0x7: printf(" "); break; + default: break; + } + } + if ((i & 0xf) != 0x0) + printf("\n"); +} + +struct ip * +ip_packet(struct in_addr src, struct in_addr dst, u_char protocol, size_t len) +{ + struct ip * p; + + REQUIRE(len >= 64 && len <= IP_MAXPACKET); + + p = calloc(1, len); + REQUIRE(p != NULL); + + p->ip_v = IPVERSION; + p->ip_hl = sizeof(*p)/4; + p->ip_len = htons(len); + p->ip_ttl = IPDEFTTL; + p->ip_src = src; + p->ip_dst = dst; + p->ip_p = protocol; + REQUIRE(p->ip_hl == 5); + + return (p); +} + +struct udphdr * +set_udp(struct ip *p, u_short sport, u_short dport) { + uint32_t *up = (void *)p; + struct udphdr *u = (void *)&(up[p->ip_hl]); *** 77 LINES SKIPPED *** From owner-dev-commits-src-branches@freebsd.org Sat May 29 20:31:31 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 97A2B647908; Sat, 29 May 2021 20:31:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FstW73tm2z4bF9; Sat, 29 May 2021 20:31:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6DF06107FE; Sat, 29 May 2021 20:31:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14TKVVdr005904; Sat, 29 May 2021 20:31:31 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14TKVV8C005903; Sat, 29 May 2021 20:31:31 GMT (envelope-from git) Date: Sat, 29 May 2021 20:31:31 GMT Message-Id: <202105292031.14TKVV8C005903@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: 1d2ac87f1f85 - stable/11 - Revert "test/libalias: Tests for instantiation and outgoing NAT" MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/11 X-Git-Reftype: branch X-Git-Commit: 1d2ac87f1f8596b2b2ac08cd9e715e5278f27486 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 May 2021 20:31:31 -0000 The branch stable/11 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=1d2ac87f1f8596b2b2ac08cd9e715e5278f27486 commit 1d2ac87f1f8596b2b2ac08cd9e715e5278f27486 Author: Lutz Donnerhacke AuthorDate: 2021-05-29 20:26:59 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-29 20:26:59 +0000 Revert "test/libalias: Tests for instantiation and outgoing NAT" 11-STABLE to too different. libalias misses to many patches to keep in touch with the planned improvement. Even the tests infrastructure needs adjustments to prevent build (install) failures. This reverts commit b4b99d2333faeb6ba383dcabde5d0e4c90cf23de. --- tests/sys/netinet/Makefile | 2 - tests/sys/netinet/libalias/1_instance.c | 119 --------- tests/sys/netinet/libalias/2_natout.c | 414 -------------------------------- tests/sys/netinet/libalias/Makefile | 31 --- tests/sys/netinet/libalias/perf.c | 231 ------------------ tests/sys/netinet/libalias/util.c | 114 --------- tests/sys/netinet/libalias/util.h | 62 ----- 7 files changed, 973 deletions(-) diff --git a/tests/sys/netinet/Makefile b/tests/sys/netinet/Makefile index 0f0ab5f28170..9e1150ebf61b 100644 --- a/tests/sys/netinet/Makefile +++ b/tests/sys/netinet/Makefile @@ -3,8 +3,6 @@ TESTSDIR= ${TESTSBASE}/sys/netinet BINDIR= ${TESTSDIR} -TESTS_SUBDIRS+= libalias - ATF_TESTS_SH= fibs_test PROGS= udp_dontroute tcp_user_cookie diff --git a/tests/sys/netinet/libalias/1_instance.c b/tests/sys/netinet/libalias/1_instance.c deleted file mode 100644 index 842acb41bb90..000000000000 --- a/tests/sys/netinet/libalias/1_instance.c +++ /dev/null @@ -1,119 +0,0 @@ -/* - * SPDX-License-Identifier: BSD-3-Clause - * - * Copyright 2021 Lutz Donnerhacke - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS - * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR - * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -#include -#include -#include -#include - -#include "util.h" - -ATF_TC(2_destroynull); -ATF_TC_HEAD(2_destroynull, env) -{ - atf_tc_set_md_var(env, "descr", "Destroy the NULL instance"); -} -ATF_TC_BODY(2_destroynull, dummy) -{ - atf_tc_expect_death("Code expects valid pointer."); - LibAliasUninit(NULL); -} - -ATF_TC(1_singleinit); -ATF_TC_HEAD(1_singleinit, env) -{ - atf_tc_set_md_var(env, "descr", "Create an instance"); -} -ATF_TC_BODY(1_singleinit, dummy) -{ - struct libalias *la; - - la = LibAliasInit(NULL); - ATF_CHECK_MSG(la != NULL, "Creating an instance failed."); - LibAliasUninit(la); -} - -ATF_TC(3_multiinit); -ATF_TC_HEAD(3_multiinit, env) -{ - atf_tc_set_md_var(env, "descr", "Recreate an instance multiple times"); -} -ATF_TC_BODY(3_multiinit, dummy) -{ - struct libalias *la; - int i; - - la = LibAliasInit(NULL); - for(i = 1; i < 30; i++) { - struct libalias *lo = la; - - la = LibAliasInit(la); - ATF_CHECK_MSG(la == lo, "Recreating moved the instance around: %d", i); - } - LibAliasUninit(la); -} - -ATF_TC(4_multiinstance); -ATF_TC_HEAD(4_multiinstance, env) -{ - atf_tc_set_md_var(env, "descr", "Create and destoy multiple instances."); -} -ATF_TC_BODY(4_multiinstance, dummy) -{ - struct libalias *la[300]; - int const num_instances = sizeof(la) / sizeof(*la); - int i; - - for (i = 0; i < num_instances; i++) { - la[i] = LibAliasInit(NULL); - ATF_CHECK_MSG(la[i] != NULL, "Creating instance %d failed.", i); - } - - qsort(la, num_instances, sizeof(*la), randcmp); - - for (i = 0; i < num_instances; i++) - LibAliasUninit(la[i]); -} - -ATF_TP_ADD_TCS(instance) -{ - /* Use "dd if=/dev/random bs=2 count=1 | od -x" to reproduce */ - srand(0x5ac4); - - ATF_TP_ADD_TC(instance, 2_destroynull); - ATF_TP_ADD_TC(instance, 1_singleinit); - ATF_TP_ADD_TC(instance, 3_multiinit); - ATF_TP_ADD_TC(instance, 4_multiinstance); - - return atf_no_error(); -} diff --git a/tests/sys/netinet/libalias/2_natout.c b/tests/sys/netinet/libalias/2_natout.c deleted file mode 100644 index 1eeeac2ef868..000000000000 --- a/tests/sys/netinet/libalias/2_natout.c +++ /dev/null @@ -1,414 +0,0 @@ -/* - * SPDX-License-Identifier: BSD-3-Clause - * - * Copyright 2021 Lutz Donnerhacke - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS - * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR - * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -#include -#include -#include -#include - -#include "util.h" - -/* common ip ranges */ -static struct in_addr masq = { htonl(0x01020304) }; -static struct in_addr pub = { htonl(0x0102dead) }; -static struct in_addr prv1 = { htonl(0x0a00dead) }; -static struct in_addr prv2 = { htonl(0xac10dead) }; -static struct in_addr prv3 = { htonl(0xc0a8dead) }; -static struct in_addr cgn = { htonl(0x6440dead) }; -static struct in_addr ext = { htonl(0x12345678) }; - -#define NAT_CHECK(pip, src, msq) do { \ - int res; \ - int len = ntohs(pip->ip_len); \ - struct in_addr dst = pip->ip_dst; \ - pip->ip_src = src; \ - res = LibAliasOut(la, pip, len); \ - ATF_CHECK_MSG(res == PKT_ALIAS_OK, \ - ">%d< not met PKT_ALIAS_OK", res); \ - ATF_CHECK(addr_eq(msq, pip->ip_src)); \ - ATF_CHECK(addr_eq(dst, pip->ip_dst)); \ -} while(0) - -#define NAT_FAIL(pip, src, dst) do { \ - int res; \ - int len = ntohs(pip->ip_len); \ - pip->ip_src = src; \ - pip->ip_dst = dst; \ - res = LibAliasOut(la, pip, len); \ - ATF_CHECK_MSG(res != PKT_ALIAS_OK), \ - ">%d< not met !PKT_ALIAS_OK", res); \ - ATF_CHECK(addr_eq(src, pip->ip_src)); \ - ATF_CHECK(addr_eq(dst, pip->ip_dst)); \ -} while(0) - -#define UNNAT_CHECK(pip, src, dst, rel) do { \ - int res; \ - int len = ntohs(pip->ip_len); \ - pip->ip_src = src; \ - pip->ip_dst = dst; \ - res = LibAliasIn(la, pip, len); \ - ATF_CHECK_MSG(res == PKT_ALIAS_OK, \ - ">%d< not met PKT_ALIAS_OK", res); \ - ATF_CHECK(addr_eq(src, pip->ip_src)); \ - ATF_CHECK(addr_eq(rel, pip->ip_dst)); \ -} while(0) - -#define UNNAT_FAIL(pip, src, dst) do { \ - int res; \ - int len = ntohs(pip->ip_len); \ - pip->ip_src = src; \ - pip->ip_dst = dst; \ - res = LibAliasIn(la, pip, len); \ - ATF_CHECK_MSG(res != PKT_ALIAS_OK, \ - ">%d< not met !PKT_ALIAS_OK", res); \ - ATF_CHECK(addr_eq(src, pip->ip_src)); \ - ATF_CHECK(addr_eq(dst, pip->ip_dst)); \ -} while(0) - -ATF_TC_WITHOUT_HEAD(1_simplemasq); -ATF_TC_BODY(1_simplemasq, dummy) -{ - struct libalias *la = LibAliasInit(NULL); - struct ip *pip; - - ATF_REQUIRE(la != NULL); - LibAliasSetAddress(la, masq); - LibAliasSetMode(la, 0, ~0); - - pip = ip_packet(prv1, ext, 254, 64); - NAT_CHECK(pip, prv1, masq); - NAT_CHECK(pip, prv2, masq); - NAT_CHECK(pip, prv3, masq); - NAT_CHECK(pip, cgn, masq); - NAT_CHECK(pip, pub, masq); - - free(pip); - LibAliasUninit(la); -} - -ATF_TC_WITHOUT_HEAD(2_unregistered); -ATF_TC_BODY(2_unregistered, dummy) -{ - struct libalias *la = LibAliasInit(NULL); - struct ip *pip; - - ATF_REQUIRE(la != NULL); - LibAliasSetAddress(la, masq); - LibAliasSetMode(la, PKT_ALIAS_UNREGISTERED_ONLY, ~0); - - pip = ip_packet(prv1, ext, 254, 64); - NAT_CHECK(pip, prv1, masq); - NAT_CHECK(pip, prv2, masq); - NAT_CHECK(pip, prv3, masq); - NAT_CHECK(pip, cgn, cgn); - NAT_CHECK(pip, pub, pub); - - /* - * State is only for new connections - * Because they are now active, - * the mode setting should be ignored - */ - LibAliasSetMode(la, 0, PKT_ALIAS_UNREGISTERED_ONLY); - NAT_CHECK(pip, prv1, masq); - NAT_CHECK(pip, prv2, masq); - NAT_CHECK(pip, prv3, masq); - NAT_CHECK(pip, cgn, cgn); - NAT_CHECK(pip, pub, pub); - - free(pip); - LibAliasUninit(la); -} - -ATF_TC_WITHOUT_HEAD(3_cgn); -ATF_TC_BODY(3_cgn, dummy) -{ - struct libalias *la = LibAliasInit(NULL); - struct ip *pip; - - ATF_REQUIRE(la != NULL); - LibAliasSetAddress(la, masq); - LibAliasSetMode(la, PKT_ALIAS_UNREGISTERED_CGN, ~0); - - pip = ip_packet(prv1, ext, 254, 64); - NAT_CHECK(pip, prv1, masq); - NAT_CHECK(pip, prv2, masq); - NAT_CHECK(pip, prv3, masq); - NAT_CHECK(pip, cgn, masq); - NAT_CHECK(pip, pub, pub); - - /* - * State is only for new connections - * Because they are now active, - * the mode setting should be ignored - */ - LibAliasSetMode(la, 0, PKT_ALIAS_UNREGISTERED_CGN); - NAT_CHECK(pip, prv1, masq); - NAT_CHECK(pip, prv2, masq); - NAT_CHECK(pip, prv3, masq); - NAT_CHECK(pip, cgn, masq); - NAT_CHECK(pip, pub, pub); - - free(pip); - LibAliasUninit(la); -} - -ATF_TC_WITHOUT_HEAD(4_udp); -ATF_TC_BODY(4_udp, dummy) -{ - struct libalias *la = LibAliasInit(NULL); - struct ip *po, *pi; - struct udphdr *ui, *uo; - uint16_t sport = 0x1234; - uint16_t dport = 0x5678; - uint16_t aport; - - ATF_REQUIRE(la != NULL); - LibAliasSetAddress(la, masq); - LibAliasSetMode(la, 0, ~0); - - /* Query from prv1 */ - po = ip_packet(prv1, ext, 0, 64); - uo = set_udp(po, sport, dport); - NAT_CHECK(po, prv1, masq); - ATF_CHECK(uo->uh_dport == htons(dport)); - ATF_CHECK(addr_eq(po->ip_dst, ext)); - aport = ntohs(uo->uh_sport); - /* should use a different external port */ - ATF_CHECK(aport != sport); - - /* Response */ - pi = ip_packet(po->ip_dst, po->ip_src, 0, 64); - ui = set_udp(pi, ntohs(uo->uh_dport), ntohs(uo->uh_sport)); - UNNAT_CHECK(pi, ext, masq, prv1); - ATF_CHECK(ui->uh_sport == htons(dport)); - ATF_CHECK(ui->uh_dport == htons(sport)); - - /* Query from different source with same ports */ - uo = set_udp(po, sport, dport); - NAT_CHECK(po, prv2, masq); - ATF_CHECK(uo->uh_dport == htons(dport)); - ATF_CHECK(addr_eq(po->ip_dst, ext)); - /* should use a different external port */ - ATF_CHECK(uo->uh_sport != htons(aport)); - - /* Response to prv2 */ - ui->uh_dport = uo->uh_sport; - UNNAT_CHECK(pi, ext, masq, prv2); - ATF_CHECK(ui->uh_sport == htons(dport)); - ATF_CHECK(ui->uh_dport == htons(sport)); - - /* Response to prv1 again */ - ui->uh_dport = htons(aport); - UNNAT_CHECK(pi, ext, masq, prv1); - ATF_CHECK(ui->uh_sport == htons(dport)); - ATF_CHECK(ui->uh_dport == htons(sport)); - - free(pi); - free(po); - LibAliasUninit(la); -} - -ATF_TC_WITHOUT_HEAD(5_sameport); -ATF_TC_BODY(5_sameport, dummy) -{ - struct libalias *la = LibAliasInit(NULL); - struct ip *p; - struct udphdr *u; - uint16_t sport = 0x1234; - uint16_t dport = 0x5678; - uint16_t aport; - - ATF_REQUIRE(la != NULL); - LibAliasSetAddress(la, masq); - LibAliasSetMode(la, PKT_ALIAS_SAME_PORTS, ~0); - - /* Query from prv1 */ - p = ip_packet(prv1, ext, 0, 64); - u = set_udp(p, sport, dport); - NAT_CHECK(p, prv1, masq); - ATF_CHECK(u->uh_dport == htons(dport)); - ATF_CHECK(addr_eq(p->ip_dst, ext)); - aport = ntohs(u->uh_sport); - /* should use the same external port */ - ATF_CHECK(aport == sport); - - /* Query from different source with same ports */ - u = set_udp(p, sport, dport); - NAT_CHECK(p, prv2, masq); - ATF_CHECK(u->uh_dport == htons(dport)); - ATF_CHECK(addr_eq(p->ip_dst, ext)); - /* should use a different external port */ - ATF_CHECK(u->uh_sport != htons(aport)); - - free(p); - LibAliasUninit(la); -} - -ATF_TC_WITHOUT_HEAD(6_cleartable); -ATF_TC_BODY(6_cleartable, dummy) -{ - struct libalias *la = LibAliasInit(NULL); - struct ip *po, *pi; - struct udphdr *ui, *uo; - uint16_t sport = 0x1234; - uint16_t dport = 0x5678; - uint16_t aport; - - ATF_REQUIRE(la != NULL); - LibAliasSetAddress(la, masq); - LibAliasSetMode(la, PKT_ALIAS_RESET_ON_ADDR_CHANGE, ~0); - LibAliasSetMode(la, PKT_ALIAS_SAME_PORTS, PKT_ALIAS_SAME_PORTS); - LibAliasSetMode(la, PKT_ALIAS_DENY_INCOMING, PKT_ALIAS_DENY_INCOMING); - - /* Query from prv1 */ - po = ip_packet(prv1, ext, 0, 64); - uo = set_udp(po, sport, dport); - NAT_CHECK(po, prv1, masq); - ATF_CHECK(uo->uh_dport == htons(dport)); - ATF_CHECK(addr_eq(po->ip_dst, ext)); - aport = ntohs(uo->uh_sport); - /* should use the same external port */ - ATF_CHECK(aport == sport); - - /* Response */ - pi = ip_packet(po->ip_dst, po->ip_src, 0, 64); - ui = set_udp(pi, ntohs(uo->uh_dport), ntohs(uo->uh_sport)); - UNNAT_CHECK(pi, ext, masq, prv1); - ATF_CHECK(ui->uh_sport == htons(dport)); - ATF_CHECK(ui->uh_dport == htons(sport)); - - /* clear table by keeping the address */ - LibAliasSetAddress(la, ext); - LibAliasSetAddress(la, masq); - - /* Response to prv1 again -> DENY_INCOMING */ - ui->uh_dport = htons(aport); - UNNAT_FAIL(pi, ext, masq); - - /* Query from different source with same ports */ - uo = set_udp(po, sport, dport); - NAT_CHECK(po, prv2, masq); - ATF_CHECK(uo->uh_dport == htons(dport)); - ATF_CHECK(addr_eq(po->ip_dst, ext)); - /* should use the same external port, because it's free */ - ATF_CHECK(uo->uh_sport == htons(aport)); - - /* Response to prv2 */ - ui->uh_dport = uo->uh_sport; - UNNAT_CHECK(pi, ext, masq, prv2); - ATF_CHECK(ui->uh_sport == htons(dport)); - ATF_CHECK(ui->uh_dport == htons(sport)); - - free(pi); - free(po); - LibAliasUninit(la); -} - -ATF_TC_WITHOUT_HEAD(7_stress); -ATF_TC_BODY(7_stress, dummy) -{ - struct libalias *la = LibAliasInit(NULL); - struct ip *p; - struct udphdr *u; - struct { - struct in_addr src, dst; - uint16_t sport, dport, aport; - } *batch; - size_t const batch_size = 12000; - size_t const rounds = 25; - size_t i, j; - - ATF_REQUIRE(la != NULL); - LibAliasSetAddress(la, masq); - - p = ip_packet(prv1, ext, 0, 64); - u = set_udp(p, 0, 0); - - batch = calloc(batch_size, sizeof(*batch)); - ATF_REQUIRE(batch != NULL); - for (j = 0; j < rounds; j++) { - for (i = 0; i < batch_size; i++) { - struct in_addr s, d; - switch (i&3) { - case 0: s = prv1; d = ext; break; - case 1: s = prv2; d = pub; break; - case 2: s = prv3; d = ext; break; - case 3: s = cgn; d = pub; break; - } - s.s_addr &= htonl(0xffff0000); - d.s_addr &= htonl(0xffff0000); - batch[i].src.s_addr = s.s_addr | htonl(rand_range(0, 0xffff)); - batch[i].dst.s_addr = d.s_addr | htonl(rand_range(0, 0xffff)); - batch[i].sport = rand_range(1000, 60000); - batch[i].dport = rand_range(1000, 60000); - } - - for (i = 0; i < batch_size; i++) { - p->ip_dst = batch[i].dst; - u = set_udp(p, batch[i].sport, batch[i].dport); - NAT_CHECK(p, batch[i].src, masq); - ATF_CHECK(u->uh_dport == htons(batch[i].dport)); - ATF_CHECK(addr_eq(p->ip_dst, batch[i].dst)); - batch[i].aport = htons(u->uh_sport); - } - - qsort(batch, batch_size, sizeof(*batch), randcmp); - - for (i = 0; i < batch_size; i++) { - u = set_udp(p, batch[i].dport, batch[i].aport); - UNNAT_CHECK(p, batch[i].dst, masq, batch[i].src); - ATF_CHECK(u->uh_dport == htons(batch[i].sport)); - ATF_CHECK(u->uh_sport == htons(batch[i].dport)); - } - } - - free(batch); - free(p); - LibAliasUninit(la); -} - -ATF_TP_ADD_TCS(natout) -{ - /* Use "dd if=/dev/random bs=2 count=1 | od -x" to reproduce */ - srand(0x0b61); - - ATF_TP_ADD_TC(natout, 1_simplemasq); - ATF_TP_ADD_TC(natout, 2_unregistered); - ATF_TP_ADD_TC(natout, 3_cgn); - ATF_TP_ADD_TC(natout, 4_udp); - ATF_TP_ADD_TC(natout, 5_sameport); - ATF_TP_ADD_TC(natout, 6_cleartable); - ATF_TP_ADD_TC(natout, 7_stress); - - return atf_no_error(); -} diff --git a/tests/sys/netinet/libalias/Makefile b/tests/sys/netinet/libalias/Makefile deleted file mode 100644 index 6ee2fc0e0e1f..000000000000 --- a/tests/sys/netinet/libalias/Makefile +++ /dev/null @@ -1,31 +0,0 @@ -# $FreeBSD$ - -PACKAGE= tests - -TESTSDIR= ${TESTSBASE}/sys/netinet/libalias -BINDIR= ${TESTSDIR} - -ATF_TESTS_C+= 1_instance \ - 2_natout \ - -PROGS+= perf - -LIBADD+= alias - -SRCS.1_instance=1_instance.c util.c -SRCS.2_natout= 2_natout.c util.c -SRCS.perf= perf.c util.c - -.include - -# -# Testing during development -# -test: all - cd ${.OBJDIR}; kyua test - -report: - cd ${.OBJDIR}; kyua report - -report-v: - cd ${.OBJDIR}; kyua report --verbose diff --git a/tests/sys/netinet/libalias/perf.c b/tests/sys/netinet/libalias/perf.c deleted file mode 100644 index 365b8f2e9fcc..000000000000 --- a/tests/sys/netinet/libalias/perf.c +++ /dev/null @@ -1,231 +0,0 @@ -/* - * SPDX-License-Identifier: BSD-3-Clause - * - * Copyright 2021 Lutz Donnerhacke - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS - * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR - * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -#include -#include -#include -#include -#include "util.h" -#include - -/* common ip ranges */ -static struct in_addr masq = { htonl(0x01020304) }; -static struct in_addr prv = { htonl(0x0a000000) }; -static struct in_addr ext = { htonl(0x12000000) }; - -#define timevalcmp(tv, uv, cmp) \ - (((tv).tv_sec == (uv).tv_sec) \ - ? ((tv).tv_usec cmp (uv).tv_usec) \ - : ((tv).tv_sec cmp (uv).tv_sec)) - -#define timevaldiff(n, o) (float) \ - (((n).tv_sec - (o).tv_sec)*1000000l + \ - ((n).tv_usec - (o).tv_usec)) - -int main(int argc, char ** argv) -{ - struct libalias *la; - struct timeval timeout; - struct ip *p; - struct udphdr *u; - struct { - struct in_addr src, dst; - uint16_t sport, dport, aport; - } *batch; - struct { - unsigned long ok, fail; - } nat, unnat, random, attack; - int max_seconds, batch_size, random_size, attack_length, round, cnt; - - if(argc != 5 || - 0 > (max_seconds = atoi(argv[1])) || - 0 >= (batch_size = atoi(argv[2])) || - 0 >= (random_size = atoi(argv[3])) || - 0 >= (attack_length = atoi(argv[4]))) { - printf("Usage: %s max_seconds batch_size random_size attack_length\n", argv[0]); - return 1; - } - if (NULL == (la = LibAliasInit(NULL))) { - perror("LibAliasInit"); - return -1; - } - - bzero(&nat, sizeof(nat)); - bzero(&unnat, sizeof(unnat)); - bzero(&random, sizeof(random)); - bzero(&attack, sizeof(attack)); - - LibAliasSetAddress(la, masq); - LibAliasSetMode(la, PKT_ALIAS_DENY_INCOMING, PKT_ALIAS_DENY_INCOMING); - - prv.s_addr &= htonl(0xffff0000); - ext.s_addr &= htonl(0xffff0000); - - p = ip_packet(prv, ext, 0, 64); - u = set_udp(p, 0, 0); - - if (NULL == (batch = calloc(batch_size, sizeof(*batch)))) { - perror("calloc(batch)"); - return -1; - } - - gettimeofday(&timeout, NULL); - timeout.tv_sec += max_seconds; - - printf("RND SECND NAT RND ATT UNA\n"); - for (round = 0; ; round++) { - int i, res; - struct timeval now, start; - - printf("%3d ", round+1); - - gettimeofday(&start, NULL); - printf("%5.1f ", max_seconds - timevaldiff(timeout, start)/1000000.0f); - for (cnt = i = 0; i < batch_size; i++, cnt++) { - batch[i].src.s_addr = prv.s_addr | htonl(rand_range(0, 0xffff)); - batch[i].dst.s_addr = ext.s_addr | htonl(rand_range(0, 0xffff)); - batch[i].sport = rand_range(1000, 60000); - batch[i].dport = rand_range(1000, 60000); - - p->ip_src = batch[i].src; - p->ip_dst = batch[i].dst; - u = set_udp(p, batch[i].sport, batch[i].dport); - - res = LibAliasOut(la, p, 64); - batch[i].aport = htons(u->uh_sport); - - if (res == PKT_ALIAS_OK && - u->uh_dport == htons(batch[i].dport) && - addr_eq(p->ip_dst, batch[i].dst) && - addr_eq(p->ip_src, masq)) - nat.ok++; - else - nat.fail++; - - gettimeofday(&now, NULL); - if(timevalcmp(now, timeout, >=)) - goto out; - } - if (cnt > 0) - printf("%3.0f ", timevaldiff(now, start) / cnt); - - start = now; - for (cnt = i = 0; i < random_size; i++, cnt++) { - p->ip_src.s_addr = ext.s_addr & htonl(0xfff00000); - p->ip_src.s_addr |= htonl(rand_range(0, 0xffff)); - p->ip_dst = masq; - u = set_udp(p, rand_range(1, 0xffff), rand_range(1, 0xffff)); - - res = LibAliasIn(la, p, 64); - - if (res == PKT_ALIAS_OK) - random.ok++; - else - random.fail++; - - gettimeofday(&now, NULL); - if(timevalcmp(now, timeout, >=)) - goto out; - } - if (cnt > 0) - printf("%3.0f ", timevaldiff(now, start) / cnt); - - start = now; - p->ip_src.s_addr = ext.s_addr & htonl(0xfff00000); - p->ip_src.s_addr |= htonl(rand_range(0, 0xffff)); - p->ip_dst = masq; - u = set_udp(p, rand_range(1, 0xffff), rand_range(1, 0xffff)); - for (cnt = i = 0; i < attack_length; i++, cnt++) { - res = LibAliasIn(la, p, 64); - - if (res == PKT_ALIAS_OK) - attack.ok++; - else - attack.fail++; - - gettimeofday(&now, NULL); - if(timevalcmp(now, timeout, >=)) - goto out; - } - if (cnt > 0) - printf("%3.0f ", timevaldiff(now, start) / cnt); - - qsort(batch, batch_size, sizeof(*batch), randcmp); - - gettimeofday(&start, NULL); - for (cnt = i = 0; i < batch_size; i++, cnt++) { - p->ip_src = batch[i].dst; - p->ip_dst = masq; - u = set_udp(p, batch[i].dport, batch[i].aport); - - res = LibAliasIn(la, p, 64); - batch[i].aport = htons(u->uh_sport); - - if (res == PKT_ALIAS_OK && - u->uh_sport == htons(batch[i].dport) && - u->uh_dport == htons(batch[i].sport) && - addr_eq(p->ip_dst, batch[i].src) && - addr_eq(p->ip_src, batch[i].dst)) - unnat.ok++; - else - unnat.fail++; - - gettimeofday(&now, NULL); - if(timevalcmp(now, timeout, >=)) - goto out; - } - if (cnt > 0) - printf("%3.0f\n", timevaldiff(now, start) / cnt); - } -out: - printf("\n\n"); - free(batch); - free(p); - LibAliasUninit(la); - - printf("Results\n"); - printf(" Rounds : %7u\n", round); - printf(" NAT ok : %7lu\n", nat.ok); - printf(" NAT fail: %7lu\n", nat.fail); - printf(" UNNAT ok : %7lu\n", unnat.ok); - printf(" UNNAT fail: %7lu\n", unnat.fail); - printf("RANDOM ok : %7lu\n", random.ok); - printf("RANDOM fail: %7lu\n", random.fail); - printf("ATTACK ok : %7lu\n", attack.ok); - printf("ATTACK fail: %7lu\n", attack.fail); - printf(" -------------------\n"); - printf(" Total: %7lu\n", - nat.ok + nat.fail + unnat.ok + unnat.fail + - random.ok + random.fail + attack.ok + attack.fail); - return (0); -} diff --git a/tests/sys/netinet/libalias/util.c b/tests/sys/netinet/libalias/util.c deleted file mode 100644 index df2e320a4eba..000000000000 --- a/tests/sys/netinet/libalias/util.c +++ /dev/null @@ -1,114 +0,0 @@ -/* - * SPDX-License-Identifier: BSD-3-Clause - * - * Copyright 2021 Lutz Donnerhacke - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * 3. Neither the name of the copyright holder nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND - * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, - * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS - * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED - * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR - * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF - * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -#include -#include - -#include - -#include "util.h" - -#define REQUIRE(x) do { \ - if (!(x)) { \ - fprintf(stderr, "Failed in %s %s:%d.\n",\ - __FUNCTION__, __FILE__, __LINE__); \ - exit(-1); \ - } \ -} while(0) - -int -randcmp(const void *a, const void *b) -{ - int res, r = rand(); - - (void)a; - (void)b; - res = (r/4 < RAND_MAX/9) ? 1 - : (r/5 < RAND_MAX/9) ? 0 - : -1; - return (res); -} - -void -hexdump(void *p, size_t len) -{ - size_t i; - unsigned char *c = p; - - for (i = 0; i < len; i++) { - printf(" %02x", c[i]); - switch (i & 0xf) { - case 0xf: printf("\n"); break; - case 0x7: printf(" "); break; - default: break; - } - } - if ((i & 0xf) != 0x0) - printf("\n"); -} - -struct ip * -ip_packet(struct in_addr src, struct in_addr dst, u_char protocol, size_t len) -{ - struct ip * p; - - REQUIRE(len >= 64 && len <= IP_MAXPACKET); - - p = calloc(1, len); - REQUIRE(p != NULL); - - p->ip_v = IPVERSION; - p->ip_hl = sizeof(*p)/4; - p->ip_len = htons(len); - p->ip_ttl = IPDEFTTL; - p->ip_src = src; - p->ip_dst = dst; - p->ip_p = protocol; - REQUIRE(p->ip_hl == 5); - - return (p); -} - -struct udphdr * -set_udp(struct ip *p, u_short sport, u_short dport) { - uint32_t *up = (void *)p; - struct udphdr *u = (void *)&(up[p->ip_hl]); - int payload = ntohs(p->ip_len) - 4*p->ip_hl; - - REQUIRE(payload >= (int)sizeof(*u)); - p->ip_p = IPPROTO_UDP; - u->uh_sport = htons(sport); - u->uh_dport = htons(dport); - u->uh_ulen = htons(payload); - return (u); -} diff --git a/tests/sys/netinet/libalias/util.h b/tests/sys/netinet/libalias/util.h deleted file mode 100644 index f441aea49cfb..000000000000 --- a/tests/sys/netinet/libalias/util.h +++ /dev/null @@ -1,62 +0,0 @@ -/* - * SPDX-License-Identifier: BSD-3-Clause *** 60 LINES SKIPPED *** From owner-dev-commits-src-branches@freebsd.org Sun May 30 01:10:36 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 228CE64B373; Sun, 30 May 2021 01:10:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ft0j80VnVz4tLt; Sun, 30 May 2021 01:10:36 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id ED740147F3; Sun, 30 May 2021 01:10:35 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14U1AZWH074420; Sun, 30 May 2021 01:10:35 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14U1AZ8S074419; Sun, 30 May 2021 01:10:35 GMT (envelope-from git) Date: Sun, 30 May 2021 01:10:35 GMT Message-Id: <202105300110.14U1AZ8S074419@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: 2e170ce65b10 - stable/13 - Add support for Gemini Lake LPSS UARTs. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 2e170ce65b10e4a06345df561535677413bb723c Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 01:10:36 -0000 The branch stable/13 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=2e170ce65b10e4a06345df561535677413bb723c commit 2e170ce65b10e4a06345df561535677413bb723c Author: Konstantin Belousov AuthorDate: 2021-05-23 16:38:54 +0000 Commit: Konstantin Belousov CommitDate: 2021-05-30 00:44:45 +0000 Add support for Gemini Lake LPSS UARTs. PR: 256101 (cherry picked from commit eaf00819bcfa90ab7ac8af324826eb985197d8c8) --- sys/dev/uart/uart_bus_pci.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/sys/dev/uart/uart_bus_pci.c b/sys/dev/uart/uart_bus_pci.c index 707b82dc078b..f7e9bd6ac401 100644 --- a/sys/dev/uart/uart_bus_pci.c +++ b/sys/dev/uart/uart_bus_pci.c @@ -145,6 +145,14 @@ static const struct pci_id pci_ns8250_ids[] = { { 0x8086, 0x2a07, 0xffff, 0, "Intel AMT - PM965/GM965 KT Controller", 0x10 }, { 0x8086, 0x2a47, 0xffff, 0, "Mobile 4 Series Chipset KT Controller", 0x10 }, { 0x8086, 0x2e17, 0xffff, 0, "4 Series Chipset Serial KT Controller", 0x10 }, +{ 0x8086, 0x31bc, 0xffff, 0, "Intel Gemini Lake SIO/LPSS UART 0", 0x10, + 24 * DEFAULT_RCLK, 2 }, +{ 0x8086, 0x31be, 0xffff, 0, "Intel Gemini Lake SIO/LPSS UART 1", 0x10, + 24 * DEFAULT_RCLK, 2 }, +{ 0x8086, 0x31c0, 0xffff, 0, "Intel Gemini Lake SIO/LPSS UART 2", 0x10, + 24 * DEFAULT_RCLK, 2 }, +{ 0x8086, 0x31ee, 0xffff, 0, "Intel Gemini Lake SIO/LPSS UART 3", 0x10, + 24 * DEFAULT_RCLK, 2 }, { 0x8086, 0x3b67, 0xffff, 0, "5 Series/3400 Series Chipset KT Controller", 0x10 }, { 0x8086, 0x5abc, 0xffff, 0, "Intel Apollo Lake SIO/LPSS UART 0", 0x10, From owner-dev-commits-src-branches@freebsd.org Sun May 30 01:11:39 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id CA5E864BE55; Sun, 30 May 2021 01:11:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ft0kM5S0Hz4tTd; Sun, 30 May 2021 01:11:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A3AFC144B8; Sun, 30 May 2021 01:11:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14U1Bdr2078665; Sun, 30 May 2021 01:11:39 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14U1Bd0i078664; Sun, 30 May 2021 01:11:39 GMT (envelope-from git) Date: Sun, 30 May 2021 01:11:39 GMT Message-Id: <202105300111.14U1Bd0i078664@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Konstantin Belousov Subject: git: 5d6806ffd66e - stable/12 - Add support for Gemini Lake LPSS UARTs. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kib X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 5d6806ffd66e1b028f19e5c87fc601566be7906c Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 01:11:39 -0000 The branch stable/12 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=5d6806ffd66e1b028f19e5c87fc601566be7906c commit 5d6806ffd66e1b028f19e5c87fc601566be7906c Author: Konstantin Belousov AuthorDate: 2021-05-23 16:38:54 +0000 Commit: Konstantin Belousov CommitDate: 2021-05-30 01:10:48 +0000 Add support for Gemini Lake LPSS UARTs. PR: 256101 (cherry picked from commit eaf00819bcfa90ab7ac8af324826eb985197d8c8) --- sys/dev/uart/uart_bus_pci.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/sys/dev/uart/uart_bus_pci.c b/sys/dev/uart/uart_bus_pci.c index 4de2299488cf..e41602a72f38 100644 --- a/sys/dev/uart/uart_bus_pci.c +++ b/sys/dev/uart/uart_bus_pci.c @@ -145,6 +145,14 @@ static const struct pci_id pci_ns8250_ids[] = { { 0x8086, 0x2a07, 0xffff, 0, "Intel AMT - PM965/GM965 KT Controller", 0x10 }, { 0x8086, 0x2a47, 0xffff, 0, "Mobile 4 Series Chipset KT Controller", 0x10 }, { 0x8086, 0x2e17, 0xffff, 0, "4 Series Chipset Serial KT Controller", 0x10 }, +{ 0x8086, 0x31bc, 0xffff, 0, "Intel Gemini Lake SIO/LPSS UART 0", 0x10, + 24 * DEFAULT_RCLK, 2 }, +{ 0x8086, 0x31be, 0xffff, 0, "Intel Gemini Lake SIO/LPSS UART 1", 0x10, + 24 * DEFAULT_RCLK, 2 }, +{ 0x8086, 0x31c0, 0xffff, 0, "Intel Gemini Lake SIO/LPSS UART 2", 0x10, + 24 * DEFAULT_RCLK, 2 }, +{ 0x8086, 0x31ee, 0xffff, 0, "Intel Gemini Lake SIO/LPSS UART 3", 0x10, + 24 * DEFAULT_RCLK, 2 }, { 0x8086, 0x3b67, 0xffff, 0, "5 Series/3400 Series Chipset KT Controller", 0x10 }, { 0x8086, 0x5abc, 0xffff, 0, "Intel Apollo Lake SIO/LPSS UART 0", 0x10, From owner-dev-commits-src-branches@freebsd.org Sun May 30 10:31:08 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 39DE4652D61; Sun, 30 May 2021 10:31:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FtF7w1C1Hz4Z5N; Sun, 30 May 2021 10:31:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 113F01B7BD; Sun, 30 May 2021 10:31:08 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14UAV7Hm014685; Sun, 30 May 2021 10:31:07 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14UAV7Yu014684; Sun, 30 May 2021 10:31:07 GMT (envelope-from git) Date: Sun, 30 May 2021 10:31:07 GMT Message-Id: <202105301031.14UAV7Yu014684@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: "Alexander V. Chernikov" Subject: git: f27929552140 - stable/13 - Fix panic when trying to delete non-existent gateway in multipath route. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: melifaro X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: f279295521400a36626ea367e83e432f5e99238f Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 10:31:08 -0000 The branch stable/13 has been updated by melifaro: URL: https://cgit.FreeBSD.org/src/commit/?id=f279295521400a36626ea367e83e432f5e99238f commit f279295521400a36626ea367e83e432f5e99238f Author: Alexander V. Chernikov AuthorDate: 2021-05-07 20:36:50 +0000 Commit: Alexander V. Chernikov CommitDate: 2021-05-30 10:30:45 +0000 Fix panic when trying to delete non-existent gateway in multipath route. IF non-existend gateway was specified, the code responsible for calculating an updated nexthop group, returned the same already-used nexthop group. After the route table update, the operation result contained the same old & new nexthop groups. Thus, the code responsible for decomposing the notification to the list of simple nexthop-level notifications, was not able to find any differences. As a result, it hasn't updated any of the "simple" notification fields, resulting in empty rtentry pointer. This empty pointer was the direct reason of a panic. Fix the problem by returning ESRCH when the new nexthop group is the same as the old one after applying gateway filter. Reported by: Michael PR: 255665 --- sys/net/route/mpath_ctl.c | 11 ++++++++--- sys/net/route/nhgrp_ctl.c | 6 +++--- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/sys/net/route/mpath_ctl.c b/sys/net/route/mpath_ctl.c index 5632750f466d..8351437e34c6 100644 --- a/sys/net/route/mpath_ctl.c +++ b/sys/net/route/mpath_ctl.c @@ -181,10 +181,15 @@ del_route_mpath(struct rib_head *rh, struct rt_addrinfo *info, if ((info->rti_info[RTAX_GATEWAY] == NULL) && (info->rti_filter == NULL)) return (ESRCH); - error = nhgrp_get_filtered_group(rh, nhg, gw_filter_func, (void *)&ri, - &rnd); - if (error == 0) + error = nhgrp_get_filtered_group(rh, nhg, gw_filter_func, (void *)&ri, &rnd); + if (error == 0) { + if (rnd.rnd_nhgrp == nhg) { + /* No gateway match, unreference new group and return. */ + nhop_free_any(rnd.rnd_nhop); + return (ESRCH); + } error = change_route_nhop(rh, rt, info, &rnd, rc); + } return (error); } diff --git a/sys/net/route/nhgrp_ctl.c b/sys/net/route/nhgrp_ctl.c index 49866499ac86..9f1f3a5b4bc4 100644 --- a/sys/net/route/nhgrp_ctl.c +++ b/sys/net/route/nhgrp_ctl.c @@ -578,9 +578,9 @@ nhgrp_get_group(struct rib_head *rh, struct weightened_nhop *wn, int num_nhops, } /* - * Creates new nexthop group based on @src group with the nexthops defined in bitmask - * @nhop_mask removed. - * Returns referenced nexthop group or NULL on failure. + * Creates new nexthop group based on @src group without the nexthops + * chosen by @flt_func. + * Returns 0 on success, storring the reference nhop group/object in @rnd. */ int nhgrp_get_filtered_group(struct rib_head *rh, const struct nhgrp_object *src, From owner-dev-commits-src-branches@freebsd.org Sun May 30 10:31:09 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 730DE652EAC; Sun, 30 May 2021 10:31:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FtF7x2GFGz4Z5S; Sun, 30 May 2021 10:31:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2BF601B7BE; Sun, 30 May 2021 10:31:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14UAV9FH014706; Sun, 30 May 2021 10:31:09 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14UAV9Vm014705; Sun, 30 May 2021 10:31:09 GMT (envelope-from git) Date: Sun, 30 May 2021 10:31:09 GMT Message-Id: <202105301031.14UAV9Vm014705@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: "Alexander V. Chernikov" Subject: git: d40def01a4f4 - stable/13 - Fix a use after free in update_rtm_from_rc(). MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: melifaro X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: d40def01a4f4fed65329f4a74792cad3134eeb29 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 10:31:09 -0000 The branch stable/13 has been updated by melifaro: URL: https://cgit.FreeBSD.org/src/commit/?id=d40def01a4f4fed65329f4a74792cad3134eeb29 commit d40def01a4f4fed65329f4a74792cad3134eeb29 Author: Alexander V. Chernikov AuthorDate: 2021-05-14 16:03:08 +0000 Commit: Alexander V. Chernikov CommitDate: 2021-05-30 10:30:53 +0000 Fix a use after free in update_rtm_from_rc(). update_rtm_from_rc() calls update_rtm_from_info() internally. The latter one may update provided prtm pointer with a new rtm. Reassign rtm from prtm afeter calling update_rtm_from_info() to avoid touching the freed rtm. PR: 255871 Submitted by: lylgood@foxmail.com --- sys/net/rtsock.c | 1 + 1 file changed, 1 insertion(+) diff --git a/sys/net/rtsock.c b/sys/net/rtsock.c index 6930bd167ac1..3cb645f42e4c 100644 --- a/sys/net/rtsock.c +++ b/sys/net/rtsock.c @@ -976,6 +976,7 @@ update_rtm_from_rc(struct rt_addrinfo *info, struct rt_msghdr **prtm, if ((error = update_rtm_from_info(info, prtm, alloc_len)) != 0) return (error); + rtm = *prtm; rtm->rtm_flags = rc->rc_rt->rte_flags | nhop_get_rtflags(nh); if (rtm->rtm_flags & RTF_GWFLAG_COMPAT) rtm->rtm_flags = RTF_GATEWAY | From owner-dev-commits-src-branches@freebsd.org Sun May 30 13:50:25 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 986086560B9; Sun, 30 May 2021 13:50:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FtKYs3rlBz4n3f; Sun, 30 May 2021 13:50:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 669F41E0F1; Sun, 30 May 2021 13:50:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14UDoPp6077832; Sun, 30 May 2021 13:50:25 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14UDoPdr077831; Sun, 30 May 2021 13:50:25 GMT (envelope-from git) Date: Sun, 30 May 2021 13:50:25 GMT Message-Id: <202105301350.14UDoPdr077831@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: 16adf789ba68 - stable/13 - libalias: replace placeholder with static constant MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 16adf789ba6812ab47edcd3dc8cbff0742220ffc Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 13:50:25 -0000 The branch stable/13 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=16adf789ba6812ab47edcd3dc8cbff0742220ffc commit 16adf789ba6812ab47edcd3dc8cbff0742220ffc Author: Lutz Donnerhacke AuthorDate: 2021-05-13 21:47:57 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-30 13:49:14 +0000 libalias: replace placeholder with static constant The field nullAddress in struct libalias is never set and never used. It exists as a placeholder for an unused argument only. Reviewed by: hselasky Differential Revision: https://reviews.freebsd.org/D30253 (cherry picked from commit 189f8eea138a78b09c9f19114b1362b0df1cf87d) (cherry picked from commit b03a41befeaf17ef25da96fc7bc2dc19c9a6b253) --- sys/netinet/libalias/alias_db.c | 23 +++++++++++++---------- sys/netinet/libalias/alias_local.h | 2 -- 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/sys/netinet/libalias/alias_db.c b/sys/netinet/libalias/alias_db.c index cd29c16ac945..7a84cf310d5a 100644 --- a/sys/netinet/libalias/alias_db.c +++ b/sys/netinet/libalias/alias_db.c @@ -224,6 +224,9 @@ static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead); #define NO_DEST_PORT 1 #define NO_SRC_PORT 1 +/* Matches any/unknown address in FindLinkIn/Out() and AddLink(). */ +static struct in_addr const ANY_ADDR = { INADDR_ANY }; + /* Data Structures The fundamental data structure used in this program is @@ -1111,12 +1114,12 @@ _FindLinkOut(struct libalias *la, struct in_addr src_addr, lnk = _FindLinkOut(la, src_addr, dst_addr, src_port, 0, link_type, 0); if (lnk == NULL) - lnk = _FindLinkOut(la, src_addr, la->nullAddress, src_port, + lnk = _FindLinkOut(la, src_addr, ANY_ADDR, src_port, dst_port, link_type, 0); } if (lnk == NULL && (dst_port != 0 || dst_addr.s_addr != INADDR_ANY)) { - lnk = _FindLinkOut(la, src_addr, la->nullAddress, src_port, 0, + lnk = _FindLinkOut(la, src_addr, ANY_ADDR, src_port, 0, link_type, 0); } if (lnk != NULL) { @@ -1152,7 +1155,7 @@ FindLinkOut(struct libalias *la, struct in_addr src_addr, */ if (la->aliasAddress.s_addr != INADDR_ANY && src_addr.s_addr == la->aliasAddress.s_addr) { - lnk = _FindLinkOut(la, la->nullAddress, dst_addr, src_port, dst_port, + lnk = _FindLinkOut(la, ANY_ADDR, dst_addr, src_port, dst_port, link_type, replace_partial_links); } } @@ -1294,7 +1297,7 @@ FindLinkIn(struct libalias *la, struct in_addr dst_addr, */ if (la->aliasAddress.s_addr != INADDR_ANY && alias_addr.s_addr == la->aliasAddress.s_addr) { - lnk = _FindLinkIn(la, dst_addr, la->nullAddress, dst_port, alias_port, + lnk = _FindLinkIn(la, dst_addr, ANY_ADDR, dst_port, alias_port, link_type, replace_partial_links); } } @@ -1376,7 +1379,7 @@ FindFragmentIn1(struct libalias *la, struct in_addr dst_addr, LINK_FRAGMENT_ID, 0); if (lnk == NULL) { - lnk = AddLink(la, la->nullAddress, dst_addr, alias_addr, + lnk = AddLink(la, ANY_ADDR, dst_addr, alias_addr, NO_SRC_PORT, NO_DEST_PORT, ip_id, LINK_FRAGMENT_ID); } @@ -1399,7 +1402,7 @@ AddFragmentPtrLink(struct libalias *la, struct in_addr dst_addr, u_short ip_id) { LIBALIAS_LOCK_ASSERT(la); - return AddLink(la, la->nullAddress, dst_addr, la->nullAddress, + return AddLink(la, ANY_ADDR, dst_addr, ANY_ADDR, NO_SRC_PORT, NO_DEST_PORT, ip_id, LINK_FRAGMENT_PTR); } @@ -1409,7 +1412,7 @@ FindFragmentPtr(struct libalias *la, struct in_addr dst_addr, u_short ip_id) { LIBALIAS_LOCK_ASSERT(la); - return FindLinkIn(la, dst_addr, la->nullAddress, + return FindLinkIn(la, dst_addr, ANY_ADDR, NO_DEST_PORT, ip_id, LINK_FRAGMENT_PTR, 0); } @@ -1669,7 +1672,7 @@ FindOriginalAddress(struct libalias *la, struct in_addr alias_addr) struct alias_link *lnk; LIBALIAS_LOCK_ASSERT(la); - lnk = FindLinkIn(la, la->nullAddress, alias_addr, + lnk = FindLinkIn(la, ANY_ADDR, alias_addr, 0, 0, LINK_ADDR, 0); if (lnk == NULL) { la->newDefaultLink = 1; @@ -1701,7 +1704,7 @@ FindAliasAddress(struct libalias *la, struct in_addr original_addr) struct alias_link *lnk; LIBALIAS_LOCK_ASSERT(la); - lnk = FindLinkOut(la, original_addr, la->nullAddress, + lnk = FindLinkOut(la, original_addr, ANY_ADDR, 0, 0, LINK_ADDR, 0); if (lnk == NULL) { return (la->aliasAddress.s_addr != INADDR_ANY) ? @@ -2317,7 +2320,7 @@ LibAliasRedirectAddr(struct libalias *la, struct in_addr src_addr, struct alias_link *lnk; LIBALIAS_LOCK(la); - lnk = AddLink(la, src_addr, la->nullAddress, alias_addr, + lnk = AddLink(la, src_addr, ANY_ADDR, alias_addr, 0, 0, 0, LINK_ADDR); diff --git a/sys/netinet/libalias/alias_local.h b/sys/netinet/libalias/alias_local.h index e6374a72ef75..63bfd857f14f 100644 --- a/sys/netinet/libalias/alias_local.h +++ b/sys/netinet/libalias/alias_local.h @@ -89,8 +89,6 @@ struct libalias { /* IP address incoming packets are sent to * if no aliasing link already exists */ struct in_addr targetAddress; - /* Used as a dummy parameter for some function calls */ - struct in_addr nullAddress; /* Lookup table of pointers to chains of link records. * Each link record is doubly indexed into input and * output lookup tables. */ From owner-dev-commits-src-branches@freebsd.org Sun May 30 13:58:50 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4B1F96560F7; Sun, 30 May 2021 13:58:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FtKlZ1XvLz4pBh; Sun, 30 May 2021 13:58:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1D5ED1DED3; Sun, 30 May 2021 13:58:50 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14UDwolu083110; Sun, 30 May 2021 13:58:50 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14UDwo7o083109; Sun, 30 May 2021 13:58:50 GMT (envelope-from git) Date: Sun, 30 May 2021 13:58:50 GMT Message-Id: <202105301358.14UDwo7o083109@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: c737affe7cb0 - stable/12 - tests/libalias: Reduce stress MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: c737affe7cb01880bb71bbdd545c0c7a45803755 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 13:58:50 -0000 The branch stable/12 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=c737affe7cb01880bb71bbdd545c0c7a45803755 commit c737affe7cb01880bb71bbdd545c0c7a45803755 Author: Lutz Donnerhacke AuthorDate: 2021-05-23 20:41:26 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-30 13:58:15 +0000 tests/libalias: Reduce stress Due to the new, external performance test utility, the regular test suite can reduce the stress test to a fair amount of activity. (cherry picked from commit a660948b7b2d875591aba3713620424c51330038) --- tests/sys/netinet/libalias/2_natout.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/sys/netinet/libalias/2_natout.c b/tests/sys/netinet/libalias/2_natout.c index 1eeeac2ef868..5b3e9a906bf5 100644 --- a/tests/sys/netinet/libalias/2_natout.c +++ b/tests/sys/netinet/libalias/2_natout.c @@ -344,7 +344,7 @@ ATF_TC_BODY(7_stress, dummy) struct in_addr src, dst; uint16_t sport, dport, aport; } *batch; - size_t const batch_size = 12000; + size_t const batch_size = 1200; size_t const rounds = 25; size_t i, j; From owner-dev-commits-src-branches@freebsd.org Sun May 30 14:01:11 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3603C656497; Sun, 30 May 2021 14:01:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FtKpH14p4z4pZs; Sun, 30 May 2021 14:01:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0D6ED1E2BD; Sun, 30 May 2021 14:01:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14UE1A03095581; Sun, 30 May 2021 14:01:10 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14UE1AEQ095580; Sun, 30 May 2021 14:01:10 GMT (envelope-from git) Date: Sun, 30 May 2021 14:01:10 GMT Message-Id: <202105301401.14UE1AEQ095580@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: 43acee0cdd59 - stable/13 - tests/libalias: Reduce stress MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 43acee0cdd597bd6b69ed9915d851987b7d5a600 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 14:01:11 -0000 The branch stable/13 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=43acee0cdd597bd6b69ed9915d851987b7d5a600 commit 43acee0cdd597bd6b69ed9915d851987b7d5a600 Author: Lutz Donnerhacke AuthorDate: 2021-05-23 20:41:26 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-30 14:00:54 +0000 tests/libalias: Reduce stress Due to the new, external performance test utility, the regular test suite can reduce the stress test to a fair amount of activity. (cherry picked from commit a660948b7b2d875591aba3713620424c51330038) --- tests/sys/netinet/libalias/2_natout.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/sys/netinet/libalias/2_natout.c b/tests/sys/netinet/libalias/2_natout.c index 1eeeac2ef868..5b3e9a906bf5 100644 --- a/tests/sys/netinet/libalias/2_natout.c +++ b/tests/sys/netinet/libalias/2_natout.c @@ -344,7 +344,7 @@ ATF_TC_BODY(7_stress, dummy) struct in_addr src, dst; uint16_t sport, dport, aport; } *batch; - size_t const batch_size = 12000; + size_t const batch_size = 1200; size_t const rounds = 25; size_t i, j; From owner-dev-commits-src-branches@freebsd.org Sun May 30 14:34:30 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4259765692F; Sun, 30 May 2021 14:34:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FtLXk18TFz4sDT; Sun, 30 May 2021 14:34:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0F9DE1E830; Sun, 30 May 2021 14:34:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14UEYUxn036261; Sun, 30 May 2021 14:34:30 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14UEYTA1036260; Sun, 30 May 2021 14:34:29 GMT (envelope-from git) Date: Sun, 30 May 2021 14:34:29 GMT Message-Id: <202105301434.14UEYTA1036260@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: 41301f352de6 - stable/12 - libalias: Fix -Wcast-align compiler warnings MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 41301f352de65fcc3db5cc0364ca6cec07a8f7b0 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 14:34:30 -0000 The branch stable/12 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=41301f352de65fcc3db5cc0364ca6cec07a8f7b0 commit 41301f352de65fcc3db5cc0364ca6cec07a8f7b0 Author: Alex Richardson AuthorDate: 2021-01-19 11:32:32 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-30 14:31:38 +0000 libalias: Fix -Wcast-align compiler warnings This fixes -Wcast-align warnings caused by the underaligned `struct ip`. This also silences them in the public functions by changing the function signature from char * to void *. This is source and binary compatible and avoids the -Wcast-align warning. Reviewed By: ae, gbe (manpages) Differential Revision: https://reviews.freebsd.org/D27882 --- sys/netinet/libalias/alias.c | 102 ++++++++++++++++++------------------- sys/netinet/libalias/alias.h | 14 ++--- sys/netinet/libalias/alias_db.c | 4 +- sys/netinet/libalias/alias_local.h | 4 +- sys/netinet/libalias/alias_proxy.c | 2 +- sys/netinet/libalias/libalias.3 | 16 +++--- 6 files changed, 69 insertions(+), 73 deletions(-) diff --git a/sys/netinet/libalias/alias.c b/sys/netinet/libalias/alias.c index 59e20d0470df..50545fbc037b 100644 --- a/sys/netinet/libalias/alias.c +++ b/sys/netinet/libalias/alias.c @@ -279,9 +279,9 @@ static int IcmpAliasOut2(struct libalias *, struct ip *); static int IcmpAliasOut(struct libalias *, struct ip *, int create); static int ProtoAliasIn(struct libalias *la, struct in_addr ip_src, - struct in_addr *ip_dst, u_char ip_p, u_short *ip_sum); -static int ProtoAliasOut(struct libalias *la, struct in_addr *ip_src, - struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, + struct ip *pip, u_char ip_p, u_short *ip_sum); +static int ProtoAliasOut(struct libalias *la, struct ip *pip, + struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create); static int UdpAliasIn(struct libalias *, struct ip *); @@ -665,8 +665,8 @@ IcmpAliasOut(struct libalias *la, struct ip *pip, int create) } static int -ProtoAliasIn(struct libalias *la, struct in_addr ip_src, - struct in_addr *ip_dst, u_char ip_p, u_short *ip_sum) +ProtoAliasIn(struct libalias *la, struct in_addr ip_src, + struct ip *pip, u_char ip_p, u_short *ip_sum) { /* Handle incoming IP packets. The @@ -681,7 +681,7 @@ ProtoAliasIn(struct libalias *la, struct in_addr ip_src, if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) return (PKT_ALIAS_OK); - lnk = FindProtoIn(la, ip_src, *ip_dst, ip_p); + lnk = FindProtoIn(la, ip_src, pip->ip_dst, ip_p); if (lnk != NULL) { struct in_addr original_address; @@ -689,8 +689,8 @@ ProtoAliasIn(struct libalias *la, struct in_addr ip_src, /* Restore original IP address */ DifferentialChecksum(ip_sum, - &original_address, ip_dst, 2); - *ip_dst = original_address; + &original_address, &pip->ip_dst, 2); + pip->ip_dst = original_address; return (PKT_ALIAS_OK); } @@ -698,7 +698,7 @@ ProtoAliasIn(struct libalias *la, struct in_addr ip_src, } static int -ProtoAliasOut(struct libalias *la, struct in_addr *ip_src, +ProtoAliasOut(struct libalias *la, struct ip *pip, struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create) { /* @@ -717,7 +717,7 @@ ProtoAliasOut(struct libalias *la, struct in_addr *ip_src, if (!create) return (PKT_ALIAS_IGNORED); - lnk = FindProtoOut(la, *ip_src, ip_dst, ip_p); + lnk = FindProtoOut(la, pip->ip_src, ip_dst, ip_p); if (lnk != NULL) { struct in_addr alias_address; @@ -725,8 +725,8 @@ ProtoAliasOut(struct libalias *la, struct in_addr *ip_src, /* Change source address */ DifferentialChecksum(ip_sum, - &alias_address, ip_src, 2); - *ip_src = alias_address; + &alias_address, &pip->ip_src, 2); + pip->ip_src = alias_address; return (PKT_ALIAS_OK); } @@ -1201,26 +1201,26 @@ saved and recalled when a header fragment is seen. */ /* Local prototypes */ -static int FragmentIn(struct libalias *la, struct in_addr ip_src, - struct in_addr *ip_dst, u_short ip_id, u_short *ip_sum); -static int FragmentOut(struct libalias *, struct in_addr *ip_src, +static int FragmentIn(struct libalias *la, struct in_addr ip_src, + struct ip *pip, u_short ip_id, u_short *ip_sum); +static int FragmentOut(struct libalias *, struct ip *pip, u_short *ip_sum); static int -FragmentIn(struct libalias *la, struct in_addr ip_src, struct in_addr *ip_dst, +FragmentIn(struct libalias *la, struct in_addr ip_src, struct ip *pip, u_short ip_id, u_short *ip_sum) { struct alias_link *lnk; LIBALIAS_LOCK_ASSERT(la); - lnk = FindFragmentIn2(la, ip_src, *ip_dst, ip_id); + lnk = FindFragmentIn2(la, ip_src, pip->ip_dst, ip_id); if (lnk != NULL) { struct in_addr original_address; GetFragmentAddr(lnk, &original_address); DifferentialChecksum(ip_sum, - &original_address, ip_dst, 2); - *ip_dst = original_address; + &original_address, &pip->ip_dst, 2); + pip->ip_dst = original_address; return (PKT_ALIAS_OK); } @@ -1228,15 +1228,15 @@ FragmentIn(struct libalias *la, struct in_addr ip_src, struct in_addr *ip_dst, } static int -FragmentOut(struct libalias *la, struct in_addr *ip_src, u_short *ip_sum) +FragmentOut(struct libalias *la, struct ip *pip, u_short *ip_sum) { struct in_addr alias_address; LIBALIAS_LOCK_ASSERT(la); - alias_address = FindAliasAddress(la, *ip_src); + alias_address = FindAliasAddress(la, pip->ip_src); DifferentialChecksum(ip_sum, - &alias_address, ip_src, 2); - *ip_src = alias_address; + &alias_address, &pip->ip_src, 2); + pip->ip_src = alias_address; return (PKT_ALIAS_OK); } @@ -1259,7 +1259,7 @@ FragmentOut(struct libalias *la, struct in_addr *ip_src, u_short *ip_sum) */ int -LibAliasSaveFragment(struct libalias *la, char *ptr) +LibAliasSaveFragment(struct libalias *la, void *ptr) { int iresult; struct alias_link *lnk; @@ -1277,11 +1277,11 @@ LibAliasSaveFragment(struct libalias *la, char *ptr) return (iresult); } -char * -LibAliasGetFragment(struct libalias *la, char *ptr) +void * +LibAliasGetFragment(struct libalias *la, void *ptr) { struct alias_link *lnk; - char *fptr; + void *fptr; struct ip *pip; LIBALIAS_LOCK(la); @@ -1299,10 +1299,10 @@ LibAliasGetFragment(struct libalias *la, char *ptr) } void -LibAliasFragmentIn(struct libalias *la, char *ptr, /* Points to correctly +LibAliasFragmentIn(struct libalias *la, void *ptr, /* Points to correctly * de-aliased header * fragment */ - char *ptr_fragment /* Points to fragment which must be + void *ptr_fragment /* Points to fragment which must be * de-aliased */ ) { @@ -1322,39 +1322,37 @@ LibAliasFragmentIn(struct libalias *la, char *ptr, /* Points to correctly /* Local prototypes */ static int -LibAliasOutLocked(struct libalias *la, char *ptr, +LibAliasOutLocked(struct libalias *la, struct ip *pip, int maxpacketsize, int create); static int -LibAliasInLocked(struct libalias *la, char *ptr, +LibAliasInLocked(struct libalias *la, struct ip *pip, int maxpacketsize); int -LibAliasIn(struct libalias *la, char *ptr, int maxpacketsize) +LibAliasIn(struct libalias *la, void *ptr, int maxpacketsize) { int res; LIBALIAS_LOCK(la); - res = LibAliasInLocked(la, ptr, maxpacketsize); + res = LibAliasInLocked(la, (struct ip *)ptr, maxpacketsize); LIBALIAS_UNLOCK(la); return (res); } static int -LibAliasInLocked(struct libalias *la, char *ptr, int maxpacketsize) +LibAliasInLocked(struct libalias *la, struct ip *pip, int maxpacketsize) { struct in_addr alias_addr; - struct ip *pip; int iresult; if (la->packetAliasMode & PKT_ALIAS_REVERSE) { la->packetAliasMode &= ~PKT_ALIAS_REVERSE; - iresult = LibAliasOutLocked(la, ptr, maxpacketsize, 1); + iresult = LibAliasOutLocked(la, pip, maxpacketsize, 1); la->packetAliasMode |= PKT_ALIAS_REVERSE; goto getout; } HouseKeeping(la); ClearCheckNewLink(la); - pip = (struct ip *)ptr; alias_addr = pip->ip_dst; /* Defense against mangled packets */ @@ -1398,12 +1396,12 @@ LibAliasInLocked(struct libalias *la, char *ptr, int maxpacketsize) if (error == 0) iresult = PKT_ALIAS_OK; else - iresult = ProtoAliasIn(la, pip->ip_src, - &pip->ip_dst, pip->ip_p, &pip->ip_sum); + iresult = ProtoAliasIn(la, pip->ip_src, + pip, pip->ip_p, &pip->ip_sum); } break; default: - iresult = ProtoAliasIn(la, pip->ip_src, &pip->ip_dst, + iresult = ProtoAliasIn(la, pip->ip_src, pip, pip->ip_p, &pip->ip_sum); break; } @@ -1420,7 +1418,7 @@ LibAliasInLocked(struct libalias *la, char *ptr, int maxpacketsize) } } } else { - iresult = FragmentIn(la, pip->ip_src, &pip->ip_dst, pip->ip_id, + iresult = FragmentIn(la, pip->ip_src, pip, pip->ip_id, &pip->ip_sum); } @@ -1449,29 +1447,29 @@ getout: #define UNREG_ADDR_CGN_UPPER 0x647fffff int -LibAliasOut(struct libalias *la, char *ptr, int maxpacketsize) +LibAliasOut(struct libalias *la, void *ptr, int maxpacketsize) { int res; LIBALIAS_LOCK(la); - res = LibAliasOutLocked(la, ptr, maxpacketsize, 1); + res = LibAliasOutLocked(la, (struct ip *)ptr, maxpacketsize, 1); LIBALIAS_UNLOCK(la); return (res); } int -LibAliasOutTry(struct libalias *la, char *ptr, int maxpacketsize, int create) +LibAliasOutTry(struct libalias *la, void *ptr, int maxpacketsize, int create) { int res; LIBALIAS_LOCK(la); - res = LibAliasOutLocked(la, ptr, maxpacketsize, create); + res = LibAliasOutLocked(la, (struct ip *)ptr, maxpacketsize, create); LIBALIAS_UNLOCK(la); return (res); } static int -LibAliasOutLocked(struct libalias *la, char *ptr, /* valid IP packet */ +LibAliasOutLocked(struct libalias *la, struct ip *pip, /* valid IP packet */ int maxpacketsize, /* How much the packet data may grow (FTP * and IRC inline changes) */ int create /* Create new entries ? */ @@ -1479,17 +1477,15 @@ LibAliasOutLocked(struct libalias *la, char *ptr, /* valid IP packet */ { int iresult; struct in_addr addr_save; - struct ip *pip; if (la->packetAliasMode & PKT_ALIAS_REVERSE) { la->packetAliasMode &= ~PKT_ALIAS_REVERSE; - iresult = LibAliasInLocked(la, ptr, maxpacketsize); + iresult = LibAliasInLocked(la, pip, maxpacketsize); la->packetAliasMode |= PKT_ALIAS_REVERSE; goto getout; } HouseKeeping(la); ClearCheckNewLink(la); - pip = (struct ip *)ptr; /* Defense against mangled packets */ if (ntohs(pip->ip_len) > maxpacketsize @@ -1555,17 +1551,17 @@ LibAliasOutLocked(struct libalias *la, char *ptr, /* valid IP packet */ if (error == 0) iresult = PKT_ALIAS_OK; else - iresult = ProtoAliasOut(la, &pip->ip_src, + iresult = ProtoAliasOut(la, pip, pip->ip_dst, pip->ip_p, &pip->ip_sum, create); } break; default: - iresult = ProtoAliasOut(la, &pip->ip_src, + iresult = ProtoAliasOut(la, pip, pip->ip_dst, pip->ip_p, &pip->ip_sum, create); break; } } else { - iresult = FragmentOut(la, &pip->ip_src, &pip->ip_sum); + iresult = FragmentOut(la, pip, &pip->ip_sum); } SetDefaultAliasAddress(la, addr_save); @@ -1574,7 +1570,7 @@ getout: } int -LibAliasUnaliasOut(struct libalias *la, char *ptr, /* valid IP packet */ +LibAliasUnaliasOut(struct libalias *la, void *ptr, /* valid IP packet */ int maxpacketsize /* for error checking */ ) { diff --git a/sys/netinet/libalias/alias.h b/sys/netinet/libalias/alias.h index c252c823ced8..e712fb41628c 100644 --- a/sys/netinet/libalias/alias.h +++ b/sys/netinet/libalias/alias.h @@ -94,10 +94,10 @@ unsigned int void LibAliasUninit(struct libalias *); /* Packet Handling functions. */ -int LibAliasIn (struct libalias *, char *_ptr, int _maxpacketsize); -int LibAliasOut(struct libalias *, char *_ptr, int _maxpacketsize); -int LibAliasOutTry(struct libalias *, char *_ptr, int _maxpacketsize, int _create); -int LibAliasUnaliasOut(struct libalias *, char *_ptr, int _maxpacketsize); +int LibAliasIn (struct libalias *, void *_ptr, int _maxpacketsize); +int LibAliasOut(struct libalias *, void *_ptr, int _maxpacketsize); +int LibAliasOutTry(struct libalias *, void *_ptr, int _maxpacketsize, int _create); +int LibAliasUnaliasOut(struct libalias *, void *_ptr, int _maxpacketsize); /* Port and address redirection functions. */ @@ -120,9 +120,9 @@ LibAliasRedirectProto(struct libalias *, struct in_addr _src_addr, unsigned char _proto); /* Fragment Handling functions. */ -void LibAliasFragmentIn(struct libalias *, char *_ptr, char *_ptr_fragment); -char *LibAliasGetFragment(struct libalias *, char *_ptr); -int LibAliasSaveFragment(struct libalias *, char *_ptr); +void LibAliasFragmentIn(struct libalias *, void *_ptr, void *_ptr_fragment); +void *LibAliasGetFragment(struct libalias *, void *_ptr); +int LibAliasSaveFragment(struct libalias *, void *_ptr); /* Miscellaneous functions. */ int LibAliasCheckNewLink(struct libalias *); diff --git a/sys/netinet/libalias/alias_db.c b/sys/netinet/libalias/alias_db.c index 9eb6901ed5bc..4569a9dec122 100644 --- a/sys/netinet/libalias/alias_db.c +++ b/sys/netinet/libalias/alias_db.c @@ -1797,14 +1797,14 @@ GetFragmentAddr(struct alias_link *lnk, struct in_addr *src_addr) void -SetFragmentPtr(struct alias_link *lnk, char *fptr) +SetFragmentPtr(struct alias_link *lnk, void *fptr) { lnk->data.frag_ptr = fptr; } void -GetFragmentPtr(struct alias_link *lnk, char **fptr) +GetFragmentPtr(struct alias_link *lnk, void **fptr) { *fptr = lnk->data.frag_ptr; } diff --git a/sys/netinet/libalias/alias_local.h b/sys/netinet/libalias/alias_local.h index 94eb26978658..d6fe21869f1e 100644 --- a/sys/netinet/libalias/alias_local.h +++ b/sys/netinet/libalias/alias_local.h @@ -327,8 +327,8 @@ FindNewPortGroup(struct libalias *la, struct in_addr _dst_addr, struct in_addr _ u_char _proto, u_char _align); void GetFragmentAddr(struct alias_link *_lnk, struct in_addr *_src_addr); void SetFragmentAddr(struct alias_link *_lnk, struct in_addr _src_addr); -void GetFragmentPtr(struct alias_link *_lnk, char **_fptr); -void SetFragmentPtr(struct alias_link *_lnk, char *fptr); +void GetFragmentPtr(struct alias_link *_lnk, void **_fptr); +void SetFragmentPtr(struct alias_link *_lnk, void *fptr); void SetStateIn(struct alias_link *_lnk, int _state); void SetStateOut(struct alias_link *_lnk, int _state); int GetStateIn (struct alias_link *_lnk); diff --git a/sys/netinet/libalias/alias_proxy.c b/sys/netinet/libalias/alias_proxy.c index a7b6b0371d01..ef2c8ee3e0ac 100644 --- a/sys/netinet/libalias/alias_proxy.c +++ b/sys/netinet/libalias/alias_proxy.c @@ -388,7 +388,7 @@ ProxyEncodeIpHeader(struct ip *pip, #define OPTION_LEN_BYTES 8 #define OPTION_LEN_INT16 4 #define OPTION_LEN_INT32 2 - u_char option[OPTION_LEN_BYTES]; + _Alignas(_Alignof(u_short)) u_char option[OPTION_LEN_BYTES]; #ifdef LIBALIAS_DEBUG fprintf(stdout, " ip cksum 1 = %x\n", (u_int) IpChecksum(pip)); diff --git a/sys/netinet/libalias/libalias.3 b/sys/netinet/libalias/libalias.3 index fe85730f095d..79b0dd15db97 100644 --- a/sys/netinet/libalias/libalias.3 +++ b/sys/netinet/libalias/libalias.3 @@ -25,7 +25,7 @@ .\" .\" $FreeBSD$ .\" -.Dd December 25, 2013 +.Dd January 1, 2020 .Dt LIBALIAS 3 .Os .Sh NAME @@ -311,7 +311,7 @@ comprise the minimal set of functions needed for a basic IP masquerading implementation. .Pp .Ft int -.Fn LibAliasIn "struct libalias *" "char *buffer" "int maxpacketsize" +.Fn LibAliasIn "struct libalias *" "void *buffer" "int maxpacketsize" .Bd -ragged -offset indent An incoming packet coming from a remote machine to the local network is de-aliased by this function. @@ -352,7 +352,7 @@ An internal error within the packet aliasing engine occurred. .Ed .Pp .Ft int -.Fn LibAliasOut "struct libalias *" "char *buffer" "int maxpacketsize" +.Fn LibAliasOut "struct libalias *" "void *buffer" "int maxpacketsize" .Bd -ragged -offset indent An outgoing packet coming from the local network to a remote machine is aliased by this function. @@ -770,7 +770,7 @@ Fragments which arrive before the header are saved and then retrieved once the header fragment has been resolved. .Pp .Ft int -.Fn LibAliasSaveFragment "struct libalias *" "char *ptr" +.Fn LibAliasSaveFragment "struct libalias *" "void *ptr" .Bd -ragged -offset indent When .Fn LibAliasIn @@ -794,8 +794,8 @@ if it was successful and if there was an error. .Ed .Pp -.Ft char * -.Fn LibAliasGetFragment "struct libalias *" "char *buffer" +.Ft void * +.Fn LibAliasGetFragment "struct libalias *" "void *buffer" .Bd -ragged -offset indent This function can be used to retrieve fragment pointers saved by .Fn LibAliasSaveFragment . @@ -816,7 +816,7 @@ available, at which time it returns .Ed .Pp .Ft void -.Fn LibAliasFragmentIn "struct libalias *" "char *header" "char *fragment" +.Fn LibAliasFragmentIn "struct libalias *" "void *header" "void *fragment" .Bd -ragged -offset indent When a fragment is retrieved with .Fn LibAliasGetFragment , @@ -896,7 +896,7 @@ will return zero. .Ed .Pp .Ft int -.Fn LibAliasUnaliasOut "struct libalias *" "char *buffer" "int maxpacketsize" +.Fn LibAliasUnaliasOut "struct libalias *" "void *buffer" "int maxpacketsize" .Bd -ragged -offset indent An outgoing packet, which has already been aliased, has its private address/port information restored by this function. From owner-dev-commits-src-branches@freebsd.org Sun May 30 14:34:31 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 657DE656B17; Sun, 30 May 2021 14:34:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FtLXl28YJz4sZt; Sun, 30 May 2021 14:34:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 319391E831; Sun, 30 May 2021 14:34:31 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14UEYVvT036282; Sun, 30 May 2021 14:34:31 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14UEYVWS036281; Sun, 30 May 2021 14:34:31 GMT (envelope-from git) Date: Sun, 30 May 2021 14:34:31 GMT Message-Id: <202105301434.14UEYVWS036281@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: 21d91f53d793 - stable/12 - libalias: Fix remaining compiler warnings MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 21d91f53d793890fd403907717ee12286956bba5 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 14:34:31 -0000 The branch stable/12 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=21d91f53d793890fd403907717ee12286956bba5 commit 21d91f53d793890fd403907717ee12286956bba5 Author: Alex Richardson AuthorDate: 2021-01-19 11:32:32 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-30 14:31:41 +0000 libalias: Fix remaining compiler warnings This fixes some sign-compare warnings and adds a missing static to a variable declaration. Differential Revision: https://reviews.freebsd.org/D27883 --- sys/netinet/libalias/alias.c | 15 +++++++++------ sys/netinet/libalias/alias_mod.c | 2 +- 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/sys/netinet/libalias/alias.c b/sys/netinet/libalias/alias.c index 50545fbc037b..f9261e394157 100644 --- a/sys/netinet/libalias/alias.c +++ b/sys/netinet/libalias/alias.c @@ -442,7 +442,8 @@ static int IcmpAliasIn(struct libalias *la, struct ip *pip) { struct icmp *ic; - int dlen, iresult; + int iresult; + size_t dlen; LIBALIAS_LOCK_ASSERT(la); @@ -469,7 +470,7 @@ IcmpAliasIn(struct libalias *la, struct ip *pip) case ICMP_TIMXCEED: case ICMP_PARAMPROB: if (dlen < ICMP_ADVLENMIN || - dlen < ICMP_ADVLEN(ic)) + dlen < (size_t)ICMP_ADVLEN(ic)) return (PKT_ALIAS_IGNORED); iresult = IcmpAliasIn2(la, pip); break; @@ -739,7 +740,7 @@ UdpAliasIn(struct libalias *la, struct ip *pip) { struct udphdr *ud; struct alias_link *lnk; - int dlen; + size_t dlen; LIBALIAS_LOCK_ASSERT(la); @@ -838,7 +839,8 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) u_short dest_port; u_short proxy_server_port; int proxy_type; - int dlen, error; + int error; + size_t dlen; LIBALIAS_LOCK_ASSERT(la); @@ -943,7 +945,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip) { struct tcphdr *tc; struct alias_link *lnk; - int dlen; + size_t dlen; LIBALIAS_LOCK_ASSERT(la); @@ -1068,9 +1070,10 @@ TcpAliasIn(struct libalias *la, struct ip *pip) static int TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) { - int dlen, proxy_type, error; + int proxy_type, error; u_short dest_port; u_short proxy_server_port; + size_t dlen; struct in_addr dest_address; struct in_addr proxy_server_address; struct tcphdr *tc; diff --git a/sys/netinet/libalias/alias_mod.c b/sys/netinet/libalias/alias_mod.c index 8f1071ebc79e..835d76cf5152 100644 --- a/sys/netinet/libalias/alias_mod.c +++ b/sys/netinet/libalias/alias_mod.c @@ -129,7 +129,7 @@ first_handler(void) #ifndef _KERNEL /* Dll manipulation code - this code is not thread safe... */ -SLIST_HEAD(dll_chain, dll) dll_chain = SLIST_HEAD_INITIALIZER(dll_chain); +static SLIST_HEAD(dll_chain, dll) dll_chain = SLIST_HEAD_INITIALIZER(dll_chain); int attach_dll(struct dll *p) { From owner-dev-commits-src-branches@freebsd.org Sun May 30 14:36:38 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 85CA4656D99; Sun, 30 May 2021 14:36:38 +0000 (UTC) (envelope-from lutz@iks-jena.de) Received: from annwfn.iks-jena.de (annwfn.iks-jena.de [IPv6:2001:4bd8::19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FtLb71Bpzz4sWM; Sun, 30 May 2021 14:36:34 +0000 (UTC) (envelope-from lutz@iks-jena.de) X-SMTP-Sender: IPv6:2001:4bd8:0:666:248:54ff:fe12:ee3f Received: from belenus.iks-jena.de (belenus.iks-jena.de [IPv6:2001:4bd8:0:666:248:54ff:fe12:ee3f]) by annwfn.iks-jena.de (8.15.2/8.15.2) with ESMTPS id 14UEaNu5012069 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sun, 30 May 2021 16:36:23 +0200 X-MSA-Host: belenus.iks-jena.de Received: (from lutz@localhost) by belenus.iks-jena.de (8.14.3/8.14.1/Submit) id 14UEaNvB019570; Sun, 30 May 2021 16:36:23 +0200 Date: Sun, 30 May 2021 16:36:23 +0200 From: Lutz Donnerhacke To: Lutz Donnerhacke Cc: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: Re: git: 21d91f53d793 - stable/12 - libalias: Fix remaining compiler warnings Message-ID: <20210530143623.GB19533@belenus.iks-jena.de> References: <202105301434.14UEYVWS036281@gitrepo.freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <202105301434.14UEYVWS036281@gitrepo.freebsd.org> X-message-flag: Please send plain text messages only. Thank you. User-Agent: Mutt/1.5.17 (2007-11-01) X-Rspamd-Queue-Id: 4FtLb71Bpzz4sWM X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 14:36:38 -0000 On Sun, May 30, 2021 at 02:34:31PM +0000, Lutz Donnerhacke wrote: > The branch stable/12 has been updated by donner: I need to MFC them to stable/12 in order to MFC other developments. From owner-dev-commits-src-branches@freebsd.org Sun May 30 19:26:30 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B2961632F52; Sun, 30 May 2021 19:26:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FtT1f4BNyz3kgX; Sun, 30 May 2021 19:26:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 77116227D3; Sun, 30 May 2021 19:26:30 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14UJQUuN021298; Sun, 30 May 2021 19:26:30 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14UJQUah021297; Sun, 30 May 2021 19:26:30 GMT (envelope-from git) Date: Sun, 30 May 2021 19:26:30 GMT Message-Id: <202105301926.14UJQUah021297@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: 8e77442a5a53 - stable/12 - liblias: clean up empty lines in .c and .h files MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 8e77442a5a53450d509004c7b09ccc0b82f4eaca Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 19:26:30 -0000 The branch stable/12 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=8e77442a5a53450d509004c7b09ccc0b82f4eaca commit 8e77442a5a53450d509004c7b09ccc0b82f4eaca Author: Mateusz Guzik AuthorDate: 2021-05-30 19:12:53 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-30 19:16:30 +0000 liblias: clean up empty lines in .c and .h files Partial apply of a huge commit to libalias only (cherry picked from commit 662c13053f4bf2d6245ba7e2b66c10d1cd5c1fb9) --- sys/netinet/libalias/alias.c | 25 ------------ sys/netinet/libalias/alias.h | 1 - sys/netinet/libalias/alias_db.c | 79 +++---------------------------------- sys/netinet/libalias/alias_dummy.c | 3 +- sys/netinet/libalias/alias_ftp.c | 2 - sys/netinet/libalias/alias_irc.c | 1 - sys/netinet/libalias/alias_local.h | 9 ++--- sys/netinet/libalias/alias_nbt.c | 9 ++--- sys/netinet/libalias/alias_pptp.c | 5 +-- sys/netinet/libalias/alias_proxy.c | 8 ---- sys/netinet/libalias/alias_sctp.c | 10 ----- sys/netinet/libalias/alias_sctp.h | 8 ---- sys/netinet/libalias/alias_skinny.c | 3 +- sys/netinet/libalias/alias_smedia.c | 11 +----- sys/netinet/libalias/alias_util.c | 1 - 15 files changed, 17 insertions(+), 158 deletions(-) diff --git a/sys/netinet/libalias/alias.c b/sys/netinet/libalias/alias.c index f9261e394157..4dfe65d29f6a 100644 --- a/sys/netinet/libalias/alias.c +++ b/sys/netinet/libalias/alias.c @@ -188,7 +188,6 @@ static void TcpMonitorIn(u_char, struct alias_link *); static void TcpMonitorOut(u_char, struct alias_link *); - static void TcpMonitorIn(u_char th_flags, struct alias_link *lnk) { @@ -225,10 +224,6 @@ TcpMonitorOut(u_char th_flags, struct alias_link *lnk) } } - - - - /* Protocol Specific Packet Aliasing Routines IcmpAliasIn(), IcmpAliasIn1(), IcmpAliasIn2() @@ -268,7 +263,6 @@ All packets go through the aliasing mechanism, whether they come from the gateway machine or other machines on a local area network. */ - /* Local prototypes */ static int IcmpAliasIn1(struct libalias *, struct ip *); static int IcmpAliasIn2(struct libalias *, struct ip *); @@ -290,7 +284,6 @@ static int UdpAliasOut(struct libalias *, struct ip *, int, int create); static int TcpAliasIn(struct libalias *, struct ip *); static int TcpAliasOut(struct libalias *, struct ip *, int, int create); - static int IcmpAliasIn1(struct libalias *la, struct ip *pip) { @@ -437,7 +430,6 @@ fragment contained in ICMP data section */ return (PKT_ALIAS_IGNORED); } - static int IcmpAliasIn(struct libalias *la, struct ip *pip) { @@ -482,7 +474,6 @@ IcmpAliasIn(struct libalias *la, struct ip *pip) return (iresult); } - static int IcmpAliasOut1(struct libalias *la, struct ip *pip, int create) { @@ -527,7 +518,6 @@ IcmpAliasOut1(struct libalias *la, struct ip *pip, int create) return (PKT_ALIAS_IGNORED); } - static int IcmpAliasOut2(struct libalias *la, struct ip *pip) { @@ -628,7 +618,6 @@ fragment contained in ICMP data section */ return (PKT_ALIAS_IGNORED); } - static int IcmpAliasOut(struct libalias *la, struct ip *pip, int create) { @@ -734,7 +723,6 @@ ProtoAliasOut(struct libalias *la, struct ip *pip, return (PKT_ALIAS_IGNORED); } - static int UdpAliasIn(struct libalias *la, struct ip *pip) { @@ -938,8 +926,6 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) return (PKT_ALIAS_IGNORED); } - - static int TcpAliasIn(struct libalias *la, struct ip *pip) { @@ -1187,9 +1173,6 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) return (PKT_ALIAS_IGNORED); } - - - /* Fragment Handling FragmentIn() @@ -1244,11 +1227,6 @@ FragmentOut(struct libalias *la, struct ip *pip, u_short *ip_sum) return (PKT_ALIAS_OK); } - - - - - /* Outside World Access PacketAliasSaveFragment() @@ -1429,8 +1407,6 @@ getout: return (iresult); } - - /* Unregistered address ranges */ /* 10.0.0.0 -> 10.255.255.255 */ @@ -1648,7 +1624,6 @@ LibAliasUnaliasOut(struct libalias *la, void *ptr, /* valid IP packet */ iresult = PKT_ALIAS_OK; } else if (pip->ip_p == IPPROTO_ICMP) { - int accumulate; struct in_addr original_address; u_short original_id; diff --git a/sys/netinet/libalias/alias.h b/sys/netinet/libalias/alias.h index e712fb41628c..91351a9eb8b9 100644 --- a/sys/netinet/libalias/alias.h +++ b/sys/netinet/libalias/alias.h @@ -145,7 +145,6 @@ struct mbuf *m_megapullup(struct mbuf *, int); * Mode flags and other constants. */ - /* Mode flags, set using PacketAliasSetMode() */ /* diff --git a/sys/netinet/libalias/alias_db.c b/sys/netinet/libalias/alias_db.c index 4569a9dec122..d444858c6cfc 100644 --- a/sys/netinet/libalias/alias_db.c +++ b/sys/netinet/libalias/alias_db.c @@ -48,7 +48,6 @@ __FBSDID("$FreeBSD$"); there is an incomplete connection, in which case the link can be deleted after a certain amount of time. - Initial version: August, 1996 (cjm) Version 1.4: September 16, 1996 (cjm) @@ -178,7 +177,6 @@ __FBSDID("$FreeBSD$"); static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead); - /* Constants (note: constants are also defined near relevant functions or structs) @@ -219,7 +217,6 @@ static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead) #define TCP_EXPIRE_CONNECTED 86400 #endif - /* Dummy port number codes used for FindLinkIn/Out() and AddLink(). These constants can be anything except zero, which indicates an unknown port number. */ @@ -227,8 +224,6 @@ static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead) #define NO_DEST_PORT 1 #define NO_SRC_PORT 1 - - /* Data Structures The fundamental data structure used in this program is @@ -383,7 +378,6 @@ Miscellaneous: ShowAliasStats() -- send alias statistics to a monitor file */ - /* Local prototypes */ static u_int StartPointIn(struct in_addr, u_short, int); @@ -422,7 +416,6 @@ StartPointIn(struct in_addr alias_addr, return (n % LINK_TABLE_IN_SIZE); } - static u_int StartPointOut(struct in_addr src_addr, struct in_addr dst_addr, u_short src_port, u_short dst_port, int link_type) @@ -440,7 +433,6 @@ StartPointOut(struct in_addr src_addr, struct in_addr dst_addr, return (n % LINK_TABLE_OUT_SIZE); } - static int SeqDiff(u_long x, u_long y) { @@ -460,7 +452,7 @@ static void AliasLog(char *str, const char *format, ...) { va_list ap; - + va_start(ap, format); vsnprintf(str, LIBALIAS_BUF_SIZE, format, ap); va_end(ap); @@ -470,7 +462,7 @@ static void AliasLog(FILE *stream, const char *format, ...) { va_list ap; - + va_start(ap, format); vfprintf(stream, format, ap); va_end(ap); @@ -513,7 +505,6 @@ void SctpShowAliasStats(struct libalias *la) ShowAliasStats(la); } - /* Internal routines for finding, deleting and adding links Port Allocation: @@ -557,7 +548,6 @@ static struct alias_link * static struct alias_link * FindLinkIn (struct libalias *, struct in_addr, struct in_addr, u_short, u_short, int, int); - #define ALIAS_PORT_BASE 0x08000 #define ALIAS_PORT_MASK 0x07fff #define ALIAS_PORT_MASK_EVEN 0x07ffe @@ -627,7 +617,6 @@ GetNewPort(struct libalias *la, struct alias_link *lnk, int alias_port_param) return (-1); } - /* Port number search */ for (i = 0; i < max_trials; i++) { int go_ahead; @@ -781,7 +770,6 @@ FindNewPortGroup(struct libalias *la, port_sys = ntohs(src_port); } else { - /* First trial and all subsequent are random. */ if (align == FIND_EVEN_ALIAS_BASE) port_sys = arc4random() & ALIAS_PORT_MASK_EVEN; @@ -793,7 +781,6 @@ FindNewPortGroup(struct libalias *la, /* Port number search */ for (i = 0; i < max_trials; i++) { - struct alias_link *search_result; for (j = 0; j < port_count; j++) @@ -842,7 +829,6 @@ CleanupAliasData(struct libalias *la) la->cleanupIndex = 0; } - static void IncrementalCleanup(struct libalias *la) { @@ -935,7 +921,6 @@ DeleteLink(struct alias_link *lnk) } } - struct alias_link * AddLink(struct libalias *la, struct in_addr src_addr, struct in_addr dst_addr, struct in_addr alias_addr, u_short src_port, u_short dst_port, @@ -1180,7 +1165,6 @@ FindLinkOut(struct libalias *la, struct in_addr src_addr, return (lnk); } - static struct alias_link * _FindLinkIn(struct libalias *la, struct in_addr dst_addr, struct in_addr alias_addr, @@ -1255,8 +1239,6 @@ _FindLinkIn(struct libalias *la, struct in_addr dst_addr, } } - - if (lnk_fully_specified != NULL) { lnk_fully_specified->timestamp = la->timeStamp; lnk = lnk_fully_specified; @@ -1326,9 +1308,6 @@ FindLinkIn(struct libalias *la, struct in_addr dst_addr, return (lnk); } - - - /* External routines for finding/adding links -- "external" means outside alias_db.c, but within alias*.c -- @@ -1345,7 +1324,6 @@ FindLinkIn(struct libalias *la, struct in_addr dst_addr, (prototypes in alias_local.h) */ - struct alias_link * FindIcmpIn(struct libalias *la, struct in_addr dst_addr, struct in_addr alias_addr, @@ -1369,7 +1347,6 @@ FindIcmpIn(struct libalias *la, struct in_addr dst_addr, return (lnk); } - struct alias_link * FindIcmpOut(struct libalias *la, struct in_addr src_addr, struct in_addr dst_addr, @@ -1393,7 +1370,6 @@ FindIcmpOut(struct libalias *la, struct in_addr src_addr, return (lnk); } - struct alias_link * FindFragmentIn1(struct libalias *la, struct in_addr dst_addr, struct in_addr alias_addr, @@ -1414,21 +1390,19 @@ FindFragmentIn1(struct libalias *la, struct in_addr dst_addr, return (lnk); } - struct alias_link * FindFragmentIn2(struct libalias *la, struct in_addr dst_addr, /* Doesn't add a link if * one */ struct in_addr alias_addr, /* is not found. */ u_short ip_id) { - + LIBALIAS_LOCK_ASSERT(la); return FindLinkIn(la, dst_addr, alias_addr, NO_DEST_PORT, ip_id, LINK_FRAGMENT_ID, 0); } - struct alias_link * AddFragmentPtrLink(struct libalias *la, struct in_addr dst_addr, u_short ip_id) @@ -1440,7 +1414,6 @@ AddFragmentPtrLink(struct libalias *la, struct in_addr dst_addr, LINK_FRAGMENT_PTR); } - struct alias_link * FindFragmentPtr(struct libalias *la, struct in_addr dst_addr, u_short ip_id) @@ -1452,7 +1425,6 @@ FindFragmentPtr(struct libalias *la, struct in_addr dst_addr, LINK_FRAGMENT_PTR, 0); } - struct alias_link * FindProtoIn(struct libalias *la, struct in_addr dst_addr, struct in_addr alias_addr, @@ -1476,7 +1448,6 @@ FindProtoIn(struct libalias *la, struct in_addr dst_addr, return (lnk); } - struct alias_link * FindProtoOut(struct libalias *la, struct in_addr src_addr, struct in_addr dst_addr, @@ -1500,7 +1471,6 @@ FindProtoOut(struct libalias *la, struct in_addr src_addr, return (lnk); } - struct alias_link * FindUdpTcpIn(struct libalias *la, struct in_addr dst_addr, struct in_addr alias_addr, @@ -1540,7 +1510,6 @@ FindUdpTcpIn(struct libalias *la, struct in_addr dst_addr, return (lnk); } - struct alias_link * FindUdpTcpOut(struct libalias *la, struct in_addr src_addr, struct in_addr dst_addr, @@ -1578,7 +1547,6 @@ FindUdpTcpOut(struct libalias *la, struct in_addr src_addr, return (lnk); } - struct alias_link * AddPptp(struct libalias *la, struct in_addr src_addr, struct in_addr dst_addr, @@ -1595,7 +1563,6 @@ AddPptp(struct libalias *la, struct in_addr src_addr, return (lnk); } - struct alias_link * FindPptpOutByCallId(struct libalias *la, struct in_addr src_addr, struct in_addr dst_addr, @@ -1616,7 +1583,6 @@ FindPptpOutByCallId(struct libalias *la, struct in_addr src_addr, return (lnk); } - struct alias_link * FindPptpOutByPeerCallId(struct libalias *la, struct in_addr src_addr, struct in_addr dst_addr, @@ -1637,7 +1603,6 @@ FindPptpOutByPeerCallId(struct libalias *la, struct in_addr src_addr, return (lnk); } - struct alias_link * FindPptpInByCallId(struct libalias *la, struct in_addr dst_addr, struct in_addr alias_addr, @@ -1658,7 +1623,6 @@ FindPptpInByCallId(struct libalias *la, struct in_addr dst_addr, return (lnk); } - struct alias_link * FindPptpInByPeerCallId(struct libalias *la, struct in_addr dst_addr, struct in_addr alias_addr, @@ -1671,11 +1635,9 @@ FindPptpInByPeerCallId(struct libalias *la, struct in_addr dst_addr, 0 /* any */ , alias_call_id, LINK_PPTP, 0); - return (lnk); } - struct alias_link * FindRtspOut(struct libalias *la, struct in_addr src_addr, struct in_addr dst_addr, @@ -1712,7 +1674,6 @@ FindRtspOut(struct libalias *la, struct in_addr src_addr, return (lnk); } - struct in_addr FindOriginalAddress(struct libalias *la, struct in_addr alias_addr) { @@ -1745,7 +1706,6 @@ FindOriginalAddress(struct libalias *la, struct in_addr alias_addr) } } - struct in_addr FindAliasAddress(struct libalias *la, struct in_addr original_addr) { @@ -1766,7 +1726,6 @@ FindAliasAddress(struct libalias *la, struct in_addr original_addr) } } - /* External routines for getting or changing link data (external to alias_db.c, but internal to alias*.c) @@ -1781,35 +1740,30 @@ FindAliasAddress(struct libalias *la, struct in_addr original_addr) SetDestCallId() */ - void SetFragmentAddr(struct alias_link *lnk, struct in_addr src_addr) { lnk->data.frag_addr = src_addr; } - void GetFragmentAddr(struct alias_link *lnk, struct in_addr *src_addr) { *src_addr = lnk->data.frag_addr; } - void SetFragmentPtr(struct alias_link *lnk, void *fptr) { lnk->data.frag_ptr = fptr; } - void GetFragmentPtr(struct alias_link *lnk, void **fptr) { *fptr = lnk->data.frag_ptr; } - void SetStateIn(struct alias_link *lnk, int state) { @@ -1835,7 +1789,6 @@ SetStateIn(struct alias_link *lnk, int state) lnk->data.tcp->state.in = state; } - void SetStateOut(struct alias_link *lnk, int state) { @@ -1861,7 +1814,6 @@ SetStateOut(struct alias_link *lnk, int state) lnk->data.tcp->state.out = state; } - int GetStateIn(struct alias_link *lnk) { @@ -1869,7 +1821,6 @@ GetStateIn(struct alias_link *lnk) return (lnk->data.tcp->state.in); } - int GetStateOut(struct alias_link *lnk) { @@ -1877,7 +1828,6 @@ GetStateOut(struct alias_link *lnk) return (lnk->data.tcp->state.out); } - struct in_addr GetOriginalAddress(struct alias_link *lnk) { @@ -1887,14 +1837,12 @@ GetOriginalAddress(struct alias_link *lnk) return (lnk->src_addr); } - struct in_addr GetDestAddress(struct alias_link *lnk) { return (lnk->dst_addr); } - struct in_addr GetAliasAddress(struct alias_link *lnk) { @@ -1904,16 +1852,14 @@ GetAliasAddress(struct alias_link *lnk) return (lnk->alias_addr); } - struct in_addr GetDefaultAliasAddress(struct libalias *la) { - + LIBALIAS_LOCK_ASSERT(la); return (la->aliasAddress); } - void SetDefaultAliasAddress(struct libalias *la, struct in_addr alias_addr) { @@ -1922,14 +1868,12 @@ SetDefaultAliasAddress(struct libalias *la, struct in_addr alias_addr) la->aliasAddress = alias_addr; } - u_short GetOriginalPort(struct alias_link *lnk) { return (lnk->src_port); } - u_short GetAliasPort(struct alias_link *lnk) { @@ -1952,35 +1896,30 @@ SetAckModified(struct alias_link *lnk) lnk->data.tcp->state.ack_modified = 1; } - struct in_addr GetProxyAddress(struct alias_link *lnk) { return (lnk->proxy_addr); } - void SetProxyAddress(struct alias_link *lnk, struct in_addr addr) { lnk->proxy_addr = addr; } - u_short GetProxyPort(struct alias_link *lnk) { return (lnk->proxy_port); } - void SetProxyPort(struct alias_link *lnk, u_short port) { lnk->proxy_port = port; } - int GetAckModified(struct alias_link *lnk) { @@ -2129,7 +2068,7 @@ SetExpire(struct alias_link *lnk, int expire) void ClearCheckNewLink(struct libalias *la) { - + LIBALIAS_LOCK_ASSERT(la); la->newDefaultLink = 0; } @@ -2160,7 +2099,6 @@ SetDestCallId(struct alias_link *lnk, u_int16_t cid) la->deleteAllLinks = 0; } - /* Miscellaneous Functions HouseKeeping() @@ -2417,7 +2355,6 @@ LibAliasRedirectAddr(struct libalias *la, struct in_addr src_addr, return (lnk); } - /* Mark the aliasing link dynamic */ int LibAliasRedirectDynamic(struct libalias *la, struct alias_link *lnk) @@ -2437,7 +2374,6 @@ LibAliasRedirectDynamic(struct libalias *la, struct alias_link *lnk) return (res); } - void LibAliasRedirectDelete(struct libalias *la, struct alias_link *lnk) { @@ -2451,7 +2387,6 @@ LibAliasRedirectDelete(struct libalias *la, struct alias_link *lnk) LIBALIAS_UNLOCK(la); } - void LibAliasSetAddress(struct libalias *la, struct in_addr addr) { @@ -2465,7 +2400,6 @@ LibAliasSetAddress(struct libalias *la, struct in_addr addr) LIBALIAS_UNLOCK(la); } - void LibAliasSetAliasPortRange(struct libalias *la, u_short port_low, u_short port_high) @@ -2640,7 +2574,6 @@ getout: return (res); } - int LibAliasCheckNewLink(struct libalias *la) { @@ -2652,7 +2585,6 @@ LibAliasCheckNewLink(struct libalias *la) return (res); } - #ifndef NO_FW_PUNCH /***************** @@ -2738,7 +2670,6 @@ fill_rule(void *buf, int bufsize, int rulenum, static void ClearAllFWHoles(struct libalias *la); - #define fw_setfield(la, field, num) \ do { \ (field)[(num) - la->fireWallBaseNum] = 1; \ diff --git a/sys/netinet/libalias/alias_dummy.c b/sys/netinet/libalias/alias_dummy.c index 084436cc4ea1..375dbc9f5b4c 100644 --- a/sys/netinet/libalias/alias_dummy.c +++ b/sys/netinet/libalias/alias_dummy.c @@ -90,7 +90,7 @@ fingerprint(struct libalias *la, struct alias_data *ah) static int protohandler(struct libalias *la, struct ip *pip, struct alias_data *ah) { - + AliasHandleDummy(la, pip, ah); return (0); } @@ -152,4 +152,3 @@ AliasHandleDummy(struct libalias *la, struct ip *ip, struct alias_data *ah) { ; /* Dummy. */ } - diff --git a/sys/netinet/libalias/alias_ftp.c b/sys/netinet/libalias/alias_ftp.c index f8e0a703345d..e74093f6e5dd 100644 --- a/sys/netinet/libalias/alias_ftp.c +++ b/sys/netinet/libalias/alias_ftp.c @@ -46,7 +46,6 @@ __FBSDID("$FreeBSD$"); changes of sequence and acknowledgment numbers, since the client machine is totally unaware of the modification to the TCP stream. - References: RFC 959, RFC 2428. Initial version: August, 1996 (cjm) @@ -140,7 +139,6 @@ protohandler_out(struct libalias *la, struct ip *pip, struct alias_data *ah) return (0); } - static int protohandler_in(struct libalias *la, struct ip *pip, struct alias_data *ah) { diff --git a/sys/netinet/libalias/alias_irc.c b/sys/netinet/libalias/alias_irc.c index d44aaf16fc7b..ed8e9a95926d 100644 --- a/sys/netinet/libalias/alias_irc.c +++ b/sys/netinet/libalias/alias_irc.c @@ -349,7 +349,6 @@ lCTCP_START: struct alias_link *dcc_lnk; struct in_addr destaddr; - true_port = htons(org_port); true_addr.s_addr = htonl(org_addr); destaddr.s_addr = 0; diff --git a/sys/netinet/libalias/alias_local.h b/sys/netinet/libalias/alias_local.h index d6fe21869f1e..ba128638c1fe 100644 --- a/sys/netinet/libalias/alias_local.h +++ b/sys/netinet/libalias/alias_local.h @@ -127,7 +127,7 @@ struct libalias { int deleteAllLinks; /* If equal to zero, DeleteLink() */ /* will not remove permanent links */ - + /* log descriptor */ #ifdef _KERNEL char *logDesc; @@ -176,10 +176,10 @@ struct libalias { #ifdef _KERNEL /* timing queue for keeping track of association timeouts */ struct sctp_nat_timer sctpNatTimer; - + /* size of hash table used in this instance */ u_int sctpNatTableSize; - + /* * local look up table sorted by l_vtag/l_port */ @@ -188,7 +188,7 @@ struct libalias { * global look up table sorted by g_vtag/g_port */ LIST_HEAD(sctpNatTableG, sctp_nat_assoc) *sctpTableGlobal; - + /* * avoid races in libalias: every public function has to use it. */ @@ -236,7 +236,6 @@ struct libalias { } \ } while (0) - /* Prototypes */ /* diff --git a/sys/netinet/libalias/alias_nbt.c b/sys/netinet/libalias/alias_nbt.c index 5a747f0507d3..e29dc4789248 100644 --- a/sys/netinet/libalias/alias_nbt.c +++ b/sys/netinet/libalias/alias_nbt.c @@ -94,7 +94,7 @@ fingerprint1(struct libalias *la, struct alias_data *ah) static int protohandler1(struct libalias *la, struct ip *pip, struct alias_data *ah) { - + return (AliasHandleUdpNbt(la, pip, ah->lnk, ah->aaddr, *ah->aport)); } @@ -114,7 +114,7 @@ fingerprint2(struct libalias *la, struct alias_data *ah) static int protohandler2in(struct libalias *la, struct ip *pip, struct alias_data *ah) { - + AliasHandleUdpNbtNS(la, pip, ah->lnk, ah->aaddr, ah->aport, ah->oaddr, ah->dport); return (0); @@ -123,7 +123,7 @@ protohandler2in(struct libalias *la, struct ip *pip, struct alias_data *ah) static int protohandler2out(struct libalias *la, struct ip *pip, struct alias_data *ah) { - + return (AliasHandleUdpNbtNS(la, pip, ah->lnk, &pip->ip_src, ah->sport, ah->aaddr, ah->aport)); } @@ -227,7 +227,6 @@ typedef struct { #define ACT_ERR 0x6 #define CFT_ERR 0x7 - #ifdef LIBALIAS_DEBUG static void PrintRcode(u_char rcode) @@ -248,13 +247,11 @@ PrintRcode(u_char rcode) printf("\nName in conflict error.\n"); default: printf("\n?%c?=%0x\n", '?', rcode); - } } #endif - /* Handling Name field */ static u_char * AliasHandleName(u_char * p, char *pmax) diff --git a/sys/netinet/libalias/alias_pptp.c b/sys/netinet/libalias/alias_pptp.c index 897eb74900aa..b28462ce5f75 100644 --- a/sys/netinet/libalias/alias_pptp.c +++ b/sys/netinet/libalias/alias_pptp.c @@ -100,7 +100,7 @@ fingerprintgre(struct libalias *la, struct alias_data *ah) static int protohandlerin(struct libalias *la, struct ip *pip, struct alias_data *ah) { - + AliasHandlePptpIn(la, pip, ah->lnk); return (0); } @@ -108,7 +108,7 @@ protohandlerin(struct libalias *la, struct ip *pip, struct alias_data *ah) static int protohandlerout(struct libalias *la, struct ip *pip, struct alias_data *ah) { - + AliasHandlePptpOut(la, pip, ah->lnk); return (0); } @@ -295,7 +295,6 @@ typedef struct pptpCallIds *PptpCallId; static PptpCallId AliasVerifyPptp(struct ip *, u_int16_t *); - static void AliasHandlePptpOut(struct libalias *la, struct ip *pip, /* IP packet to examine/patch */ diff --git a/sys/netinet/libalias/alias_proxy.c b/sys/netinet/libalias/alias_proxy.c index ef2c8ee3e0ac..79d9db82914c 100644 --- a/sys/netinet/libalias/alias_proxy.c +++ b/sys/netinet/libalias/alias_proxy.c @@ -50,11 +50,9 @@ __FBSDID("$FreeBSD$"); Rules are stored in a linear linked list, so lookup efficiency won't be too good for large lists. - Initial development: April, 1998 (cjm) */ - /* System includes */ #ifdef _KERNEL #include @@ -113,14 +111,10 @@ struct proxy_entry { struct proxy_entry *last; }; - - /* File scope variables */ - - /* Local (static) functions: IpMask() -- Utility function for creating IP @@ -452,7 +446,6 @@ ProxyEncodeIpHeader(struct ip *pip, #endif } - /* Functions by other packet alias source files ProxyCheck() -- Checks whether an outgoing packet should @@ -520,7 +513,6 @@ ProxyModify(struct libalias *la, struct alias_link *lnk, } } - /* Public API functions */ diff --git a/sys/netinet/libalias/alias_sctp.c b/sys/netinet/libalias/alias_sctp.c index dd9b97b57475..103932480f67 100644 --- a/sys/netinet/libalias/alias_sctp.c +++ b/sys/netinet/libalias/alias_sctp.c @@ -149,7 +149,6 @@ static void sctp_RmTimeOut(struct libalias *la, struct sctp_nat_assoc *assoc); static void sctp_ResetTimeOut(struct libalias *la, struct sctp_nat_assoc *assoc, int newexp); void sctp_CheckTimers(struct libalias *la); - /* Logging Functions */ static void logsctperror(char* errormsg, uint32_t vtag, int error, int direction); static void logsctpparse(int direction, struct sctp_nat_msg *sm); @@ -242,7 +241,6 @@ static MALLOC_DEFINE(M_SCTPNAT, "sctpnat", "sctp nat dbs"); #define SN_SCTP_ASCONF 0x0100 /**< a packet containing an ASCONF chunk */ #define SN_SCTP_ASCONFACK 0x0200 /**< a packet containing an ASCONF-ACK chunk */ #define SN_SCTP_OTHER 0xFFFF /**< a packet containing a chunk that is not of interest */ - /** @} * @defgroup state_machine SCTP NAT State Machine * @@ -254,7 +252,6 @@ static MALLOC_DEFINE(M_SCTPNAT, "sctpnat", "sctp nat dbs"); #define SN_UP 0x0100 /**< Association in UP state */ #define SN_CL 0x1000 /**< Closing state */ #define SN_RM 0x2000 /**< Removing state */ - /** @} * @defgroup Logging Logging Functionality * @@ -269,7 +266,6 @@ static MALLOC_DEFINE(M_SCTPNAT, "sctpnat", "sctp nat dbs"); #define SN_LOG_DEBUG_MAX 5 #define SN_LOG(level, action) if (sysctl_log_level >= level) { action; } /**< Perform log action ONLY if the current log level meets the specified log level */ - /** @} * @defgroup Hash Hash Table Macros and Functions * @@ -291,7 +287,6 @@ static MALLOC_DEFINE(M_SCTPNAT, "sctpnat", "sctp nat dbs"); #define SN_ADD_CLASH 1 /**< Clash when trying to add the assoc. info to the table */ #define SN_TABLE_HASH(vtag, port, size) (((u_int) vtag + (u_int) port) % (u_int) size) /**< Calculate the hash table lookup position */ - /** @} * @defgroup Timer Timer Queue Macros and Functions *** 205 LINES SKIPPED *** From owner-dev-commits-src-branches@freebsd.org Sun May 30 19:38:22 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4C231633155; Sun, 30 May 2021 19:38:22 +0000 (UTC) (envelope-from lutz@iks-jena.de) Received: from annwfn.iks-jena.de (annwfn.iks-jena.de [IPv6:2001:4bd8::19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4FtTHK74Cqz3lGP; Sun, 30 May 2021 19:38:21 +0000 (UTC) (envelope-from lutz@iks-jena.de) X-SMTP-Sender: IPv6:2001:4bd8:0:666:248:54ff:fe12:ee3f Received: from belenus.iks-jena.de (belenus.iks-jena.de [IPv6:2001:4bd8:0:666:248:54ff:fe12:ee3f]) by annwfn.iks-jena.de (8.15.2/8.15.2) with ESMTPS id 14UJcBbI018891 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sun, 30 May 2021 21:38:12 +0200 X-MSA-Host: belenus.iks-jena.de Received: (from lutz@localhost) by belenus.iks-jena.de (8.14.3/8.14.1/Submit) id 14UJcBCN025642; Sun, 30 May 2021 21:38:11 +0200 Date: Sun, 30 May 2021 21:38:11 +0200 From: Lutz Donnerhacke To: Lutz Donnerhacke Cc: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: Re: git: 8e77442a5a53 - stable/12 - liblias: clean up empty lines in .c and .h files Message-ID: <20210530193811.GA25440@belenus.iks-jena.de> References: <202105301926.14UJQUah021297@gitrepo.freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <202105301926.14UJQUah021297@gitrepo.freebsd.org> X-message-flag: Please send plain text messages only. Thank you. User-Agent: Mutt/1.5.17 (2007-11-01) X-Rspamd-Queue-Id: 4FtTHK74Cqz3lGP X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 19:38:22 -0000 On Sun, May 30, 2021 at 07:26:30PM +0000, Lutz Donnerhacke wrote: > The branch stable/12 has been updated by donner: > > URL: https://cgit.FreeBSD.org/src/commit/?id=8e77442a5a53450d509004c7b09ccc0b82f4eaca > > commit 8e77442a5a53450d509004c7b09ccc0b82f4eaca > Author: Mateusz Guzik > AuthorDate: 2021-05-30 19:12:53 +0000 > Commit: Lutz Donnerhacke > CommitDate: 2021-05-30 19:16:30 +0000 > > liblias: clean up empty lines in .c and .h files > > Partial apply of a huge commit to libalias only > (cherry picked from commit 662c13053f4bf2d6245ba7e2b66c10d1cd5c1fb9) The whole commit is not applicable without an absurd amount of additional work. That's why only the subset of files was allowed to be modified by this cherry pick. If somebody will later apply the whole commit to stable/12, git should automatically notice the partial applied changes and will not complain. From owner-dev-commits-src-branches@freebsd.org Sun May 30 20:04:41 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 42B95634460; Sun, 30 May 2021 20:04:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FtTsh4Dm0z3nTH; Sun, 30 May 2021 20:04:40 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6CFBF22F33; Sun, 30 May 2021 20:04:38 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14UK4cEo077754; Sun, 30 May 2021 20:04:38 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14UK4c8c077753; Sun, 30 May 2021 20:04:38 GMT (envelope-from git) Date: Sun, 30 May 2021 20:04:38 GMT Message-Id: <202105302004.14UK4c8c077753@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: 0742d99f5387 - stable/12 - libalias: Style cleanup MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 0742d99f53872df1a3f14e7a584e94aa5ba6daf6 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 20:04:41 -0000 The branch stable/12 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=0742d99f53872df1a3f14e7a584e94aa5ba6daf6 commit 0742d99f53872df1a3f14e7a584e94aa5ba6daf6 Author: Lutz Donnerhacke AuthorDate: 2021-05-14 13:08:08 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-30 20:03:40 +0000 libalias: Style cleanup libalias is a convolut of various coding styles modified by a series of different editors enforcing interesting convetions on spacing and comments. This patch is a baseline to start with a perfomance rework of libalias. Upcoming patches should be focus on the code, not on the style. That's why most annoying style errors should be fixed beforehand. Reviewed by: hselasky Discussed by: emaste Differential Revision: https://reviews.freebsd.org/D30259 (cherry picked from commit effc8e57fbf03d7f1423c662caf2b63f0d1d21a9) At some places the ASSERT was inserted before variable declarations are finished. This is fixed now. Reported by: kib Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D30282 (cherry picked from commit 2e6b07866f9e1520626a1523f6609cc411bdda1c) --- sys/netinet/libalias/alias.c | 379 ++++++++++++++++----------------- sys/netinet/libalias/alias.h | 44 ++-- sys/netinet/libalias/alias_db.c | 413 +++++++++++++++++------------------- sys/netinet/libalias/alias_dummy.c | 15 +- sys/netinet/libalias/alias_ftp.c | 68 +++--- sys/netinet/libalias/alias_irc.c | 52 +++-- sys/netinet/libalias/alias_local.h | 178 +++++++--------- sys/netinet/libalias/alias_mod.c | 2 - sys/netinet/libalias/alias_nbt.c | 253 ++++++++++------------ sys/netinet/libalias/alias_pptp.c | 84 ++++---- sys/netinet/libalias/alias_proxy.c | 271 ++++++++++++----------- sys/netinet/libalias/alias_sctp.c | 138 ++++++------ sys/netinet/libalias/alias_sctp.h | 26 +-- sys/netinet/libalias/alias_skinny.c | 30 ++- sys/netinet/libalias/alias_smedia.c | 91 ++++---- sys/netinet/libalias/alias_util.c | 30 +-- 16 files changed, 975 insertions(+), 1099 deletions(-) diff --git a/sys/netinet/libalias/alias.c b/sys/netinet/libalias/alias.c index 4dfe65d29f6a..8a18c61b452e 100644 --- a/sys/netinet/libalias/alias.c +++ b/sys/netinet/libalias/alias.c @@ -146,7 +146,7 @@ __FBSDID("$FreeBSD$"); #include "alias_mod.h" #endif -/* +/* * Define libalias SYSCTL Node */ #ifdef SYSCTL_NODE @@ -191,7 +191,6 @@ static void TcpMonitorOut(u_char, struct alias_link *); static void TcpMonitorIn(u_char th_flags, struct alias_link *lnk) { - switch (GetStateIn(lnk)) { case ALIAS_TCP_STATE_NOT_CONNECTED: if (th_flags & TH_RST) @@ -209,7 +208,6 @@ TcpMonitorIn(u_char th_flags, struct alias_link *lnk) static void TcpMonitorOut(u_char th_flags, struct alias_link *lnk) { - switch (GetStateOut(lnk)) { case ALIAS_TCP_STATE_NOT_CONNECTED: if (th_flags & TH_RST) @@ -284,21 +282,20 @@ static int UdpAliasOut(struct libalias *, struct ip *, int, int create); static int TcpAliasIn(struct libalias *, struct ip *); static int TcpAliasOut(struct libalias *, struct ip *, int, int create); -static int -IcmpAliasIn1(struct libalias *la, struct ip *pip) -{ - - LIBALIAS_LOCK_ASSERT(la); /* De-alias incoming echo and timestamp replies. Alias incoming echo and timestamp requests. */ +static int +IcmpAliasIn1(struct libalias *la, struct ip *pip) +{ struct alias_link *lnk; struct icmp *ic; + LIBALIAS_LOCK_ASSERT(la); ic = (struct icmp *)ip_next(pip); -/* Get source address from ICMP data field and restore original data */ + /* Get source address from ICMP data field and restore original data */ lnk = FindIcmpIn(la, pip->ip_src, pip->ip_dst, ic->icmp_id, 1); if (lnk != NULL) { u_short original_id; @@ -306,15 +303,15 @@ IcmpAliasIn1(struct libalias *la, struct ip *pip) original_id = GetOriginalPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = ic->icmp_id; accumulate -= original_id; ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); -/* Put original sequence number back in */ + /* Put original sequence number back in */ ic->icmp_id = original_id; -/* Put original address back into IP header */ + /* Put original address back into IP header */ { struct in_addr original_address; @@ -329,21 +326,20 @@ IcmpAliasIn1(struct libalias *la, struct ip *pip) return (PKT_ALIAS_IGNORED); } -static int -IcmpAliasIn2(struct libalias *la, struct ip *pip) -{ - - LIBALIAS_LOCK_ASSERT(la); /* Alias incoming ICMP error messages containing IP header and first 64 bits of datagram. */ +static int +IcmpAliasIn2(struct libalias *la, struct ip *pip) +{ struct ip *ip; struct icmp *ic, *ic2; struct udphdr *ud; struct tcphdr *tc; struct alias_link *lnk; + LIBALIAS_LOCK_ASSERT(la); ic = (struct icmp *)ip_next(pip); ip = &ic->icmp_ip; @@ -376,7 +372,7 @@ IcmpAliasIn2(struct libalias *la, struct ip *pip) original_address = GetOriginalAddress(lnk); original_port = GetOriginalPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = twowords(&ip->ip_src); accumulate -= twowords(&original_address); accumulate += ud->uh_sport; @@ -387,13 +383,14 @@ IcmpAliasIn2(struct libalias *la, struct ip *pip) accumulate2 -= ip->ip_sum; ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum); -/* Un-alias address in IP header */ + /* Un-alias address in IP header */ DifferentialChecksum(&pip->ip_sum, &original_address, &pip->ip_dst, 2); pip->ip_dst = original_address; -/* Un-alias address and port number of original IP packet -fragment contained in ICMP data section */ + /* Un-alias address and port number of + * original IP packet fragment contained + * in ICMP data section */ ip->ip_src = original_address; ud->uh_sport = original_port; } else if (ip->ip_p == IPPROTO_ICMP) { @@ -404,7 +401,7 @@ fragment contained in ICMP data section */ original_address = GetOriginalAddress(lnk); original_id = GetOriginalPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = twowords(&ip->ip_src); accumulate -= twowords(&original_address); accumulate += ic2->icmp_id; @@ -415,13 +412,13 @@ fragment contained in ICMP data section */ accumulate2 -= ip->ip_sum; ADJUST_CHECKSUM(accumulate2, ic->icmp_cksum); -/* Un-alias address in IP header */ + /* Un-alias address in IP header */ DifferentialChecksum(&pip->ip_sum, &original_address, &pip->ip_dst, 2); pip->ip_dst = original_address; -/* Un-alias address of original IP packet and sequence number of - embedded ICMP datagram */ + /* Un-alias address of original IP packet and + * sequence number of embedded ICMP datagram */ ip->ip_src = original_address; ic2->icmp_id = original_id; } @@ -443,7 +440,7 @@ IcmpAliasIn(struct libalias *la, struct ip *pip) if (dlen < ICMP_MINLEN) return (PKT_ALIAS_IGNORED); -/* Return if proxy-only mode is enabled */ + /* Return if proxy-only mode is enabled */ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) return (PKT_ALIAS_OK); @@ -474,20 +471,20 @@ IcmpAliasIn(struct libalias *la, struct ip *pip) return (iresult); } -static int -IcmpAliasOut1(struct libalias *la, struct ip *pip, int create) -{ /* Alias outgoing echo and timestamp requests. De-alias outgoing echo and timestamp replies. */ +static int +IcmpAliasOut1(struct libalias *la, struct ip *pip, int create) +{ struct alias_link *lnk; struct icmp *ic; LIBALIAS_LOCK_ASSERT(la); ic = (struct icmp *)ip_next(pip); -/* Save overwritten data for when echo packet returns */ + /* Save overwritten data for when echo packet returns */ lnk = FindIcmpOut(la, pip->ip_src, pip->ip_dst, ic->icmp_id, create); if (lnk != NULL) { u_short alias_id; @@ -495,15 +492,15 @@ IcmpAliasOut1(struct libalias *la, struct ip *pip, int create) alias_id = GetAliasPort(lnk); -/* Since data field is being modified, adjust ICMP checksum */ + /* Since data field is being modified, adjust ICMP checksum */ accumulate = ic->icmp_id; accumulate -= alias_id; ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); -/* Alias sequence number */ + /* Alias sequence number */ ic->icmp_id = alias_id; -/* Change source address */ + /* Change source address */ { struct in_addr alias_address; @@ -518,13 +515,13 @@ IcmpAliasOut1(struct libalias *la, struct ip *pip, int create) return (PKT_ALIAS_IGNORED); } -static int -IcmpAliasOut2(struct libalias *la, struct ip *pip) -{ /* Alias outgoing ICMP error messages containing IP header and first 64 bits of datagram. */ +static int +IcmpAliasOut2(struct libalias *la, struct ip *pip) +{ struct ip *ip; struct icmp *ic, *ic2; struct udphdr *ud; @@ -564,24 +561,24 @@ IcmpAliasOut2(struct libalias *la, struct ip *pip) alias_address = GetAliasAddress(lnk); alias_port = GetAliasPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = twowords(&ip->ip_dst); accumulate -= twowords(&alias_address); accumulate += ud->uh_dport; accumulate -= alias_port; ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); -/* - * Alias address in IP header if it comes from the host - * the original TCP/UDP packet was destined for. - */ + /* + * Alias address in IP header if it comes from the host + * the original TCP/UDP packet was destined for. + */ if (pip->ip_src.s_addr == ip->ip_dst.s_addr) { DifferentialChecksum(&pip->ip_sum, &alias_address, &pip->ip_src, 2); pip->ip_src = alias_address; } -/* Alias address and port number of original IP packet -fragment contained in ICMP data section */ + /* Alias address and port number of original IP packet + * fragment contained in ICMP data section */ ip->ip_dst = alias_address; ud->uh_dport = alias_port; } else if (ip->ip_p == IPPROTO_ICMP) { @@ -592,24 +589,24 @@ fragment contained in ICMP data section */ alias_address = GetAliasAddress(lnk); alias_id = GetAliasPort(lnk); -/* Adjust ICMP checksum */ + /* Adjust ICMP checksum */ accumulate = twowords(&ip->ip_dst); accumulate -= twowords(&alias_address); accumulate += ic2->icmp_id; accumulate -= alias_id; ADJUST_CHECKSUM(accumulate, ic->icmp_cksum); -/* - * Alias address in IP header if it comes from the host - * the original ICMP message was destined for. - */ + /* + * Alias address in IP header if it comes from the host + * the original ICMP message was destined for. + */ if (pip->ip_src.s_addr == ip->ip_dst.s_addr) { DifferentialChecksum(&pip->ip_sum, &alias_address, &pip->ip_src, 2); pip->ip_src = alias_address; } -/* Alias address of original IP packet and sequence number of - embedded ICMP datagram */ + /* Alias address of original IP packet and + * sequence number of embedded ICMP datagram */ ip->ip_dst = alias_address; ic2->icmp_id = alias_id; } @@ -627,7 +624,7 @@ IcmpAliasOut(struct libalias *la, struct ip *pip, int create) LIBALIAS_LOCK_ASSERT(la); (void)create; -/* Return if proxy-only mode is enabled */ + /* Return if proxy-only mode is enabled */ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) return (PKT_ALIAS_OK); @@ -654,20 +651,20 @@ IcmpAliasOut(struct libalias *la, struct ip *pip, int create) return (iresult); } -static int -ProtoAliasIn(struct libalias *la, struct in_addr ip_src, - struct ip *pip, u_char ip_p, u_short *ip_sum) -{ /* Handle incoming IP packets. The only thing which is done in this case is to alias the dest IP address of the packet to our inside machine. */ +static int +ProtoAliasIn(struct libalias *la, struct in_addr ip_src, + struct ip *pip, u_char ip_p, u_short *ip_sum) +{ struct alias_link *lnk; LIBALIAS_LOCK_ASSERT(la); -/* Return if proxy-only mode is enabled */ + /* Return if proxy-only mode is enabled */ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) return (PKT_ALIAS_OK); @@ -677,7 +674,7 @@ ProtoAliasIn(struct libalias *la, struct in_addr ip_src, original_address = GetOriginalAddress(lnk); -/* Restore original IP address */ + /* Restore original IP address */ DifferentialChecksum(ip_sum, &original_address, &pip->ip_dst, 2); pip->ip_dst = original_address; @@ -687,20 +684,20 @@ ProtoAliasIn(struct libalias *la, struct in_addr ip_src, return (PKT_ALIAS_IGNORED); } -static int -ProtoAliasOut(struct libalias *la, struct ip *pip, - struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create) -{ /* Handle outgoing IP packets. The only thing which is done in this case is to alias the source IP address of the packet. */ +static int +ProtoAliasOut(struct libalias *la, struct ip *pip, + struct in_addr ip_dst, u_char ip_p, u_short *ip_sum, int create) +{ struct alias_link *lnk; LIBALIAS_LOCK_ASSERT(la); -/* Return if proxy-only mode is enabled */ + /* Return if proxy-only mode is enabled */ if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY) return (PKT_ALIAS_OK); @@ -713,7 +710,7 @@ ProtoAliasOut(struct libalias *la, struct ip *pip, alias_address = GetAliasAddress(lnk); -/* Change source address */ + /* Change source address */ DifferentialChecksum(ip_sum, &alias_address, &pip->ip_src, 2); pip->ip_src = alias_address; @@ -752,8 +749,8 @@ UdpAliasIn(struct libalias *la, struct ip *pip) int accumulate; int error; struct alias_data ad = { - .lnk = lnk, - .oaddr = &original_address, + .lnk = lnk, + .oaddr = &original_address, .aaddr = &alias_address, .aport = &alias_port, .sport = &ud->uh_sport, @@ -768,46 +765,48 @@ UdpAliasIn(struct libalias *la, struct ip *pip) ud->uh_dport = GetOriginalPort(lnk); proxy_port = GetProxyPort(lnk); - /* Walk out chain. */ + /* Walk out chain. */ error = find_handler(IN, UDP, la, pip, &ad); /* If we cannot figure out the packet, ignore it. */ if (error < 0) return (PKT_ALIAS_IGNORED); -/* If UDP checksum is not zero, then adjust since destination port */ -/* is being unaliased and destination address is being altered. */ + /* If UDP checksum is not zero, then adjust since + * destination port is being unaliased and + * destination address is being altered. */ if (ud->uh_sum != 0) { accumulate = alias_port; accumulate -= ud->uh_dport; accumulate += twowords(&alias_address); accumulate -= twowords(&original_address); -/* If this is a proxy packet, modify checksum because of source change.*/ - if (proxy_port != 0) { - accumulate += ud->uh_sport; - accumulate -= proxy_port; - } + /* If this is a proxy packet, modify checksum + * because of source change.*/ + if (proxy_port != 0) { + accumulate += ud->uh_sport; + accumulate -= proxy_port; + } - if (proxy_address.s_addr != 0) { + if (proxy_address.s_addr != 0) { accumulate += twowords(&pip->ip_src); accumulate -= twowords(&proxy_address); - } + } ADJUST_CHECKSUM(accumulate, ud->uh_sum); } -/* XXX: Could the two if's below be concatenated to one ? */ -/* Restore source port and/or address in case of proxying*/ - if (proxy_port != 0) - ud->uh_sport = proxy_port; + /* XXX: Could the two if's below be concatenated to one ? */ + /* Restore source port and/or address in case of proxying*/ + if (proxy_port != 0) + ud->uh_sport = proxy_port; - if (proxy_address.s_addr != 0) { - DifferentialChecksum(&pip->ip_sum, - &proxy_address, &pip->ip_src, 2); - pip->ip_src = proxy_address; - } + if (proxy_address.s_addr != 0) { + DifferentialChecksum(&pip->ip_sum, + &proxy_address, &pip->ip_src, 2); + pip->ip_src = proxy_address; + } -/* Restore original IP address */ + /* Restore original IP address */ DifferentialChecksum(&pip->ip_sum, &original_address, &pip->ip_dst, 2); pip->ip_dst = original_address; @@ -832,7 +831,7 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) LIBALIAS_LOCK_ASSERT(la); -/* Return if proxy-only mode is enabled and not proxyrule found.*/ + /* Return if proxy-only mode is enabled and not proxyrule found.*/ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2); if (dlen < sizeof(struct udphdr)) return (PKT_ALIAS_IGNORED); @@ -841,34 +840,33 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) if (dlen < ntohs(ud->uh_ulen)) return (PKT_ALIAS_IGNORED); - proxy_type = ProxyCheck(la, &proxy_server_address, - &proxy_server_port, pip->ip_src, pip->ip_dst, - ud->uh_dport, pip->ip_p); + proxy_type = ProxyCheck(la, &proxy_server_address, &proxy_server_port, + pip->ip_src, pip->ip_dst, ud->uh_dport, pip->ip_p); if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)) return (PKT_ALIAS_OK); -/* If this is a transparent proxy, save original destination, - * then alter the destination and adjust checksums */ + /* If this is a transparent proxy, save original destination, + * then alter the destination and adjust checksums */ dest_port = ud->uh_dport; dest_address = pip->ip_dst; if (proxy_type != 0) { - int accumulate; + int accumulate; accumulate = twowords(&pip->ip_dst); accumulate -= twowords(&proxy_server_address); - ADJUST_CHECKSUM(accumulate, pip->ip_sum); + ADJUST_CHECKSUM(accumulate, pip->ip_sum); if (ud->uh_sum != 0) { accumulate = twowords(&pip->ip_dst); accumulate -= twowords(&proxy_server_address); - accumulate += ud->uh_dport; - accumulate -= proxy_server_port; - ADJUST_CHECKSUM(accumulate, ud->uh_sum); + accumulate += ud->uh_dport; + accumulate -= proxy_server_port; + ADJUST_CHECKSUM(accumulate, ud->uh_sum); } - pip->ip_dst = proxy_server_address; - ud->uh_dport = proxy_server_port; + pip->ip_dst = proxy_server_address; + ud->uh_dport = proxy_server_port; } lnk = FindUdpTcpOut(la, pip->ip_src, pip->ip_dst, ud->uh_sport, ud->uh_dport, @@ -877,7 +875,7 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) u_short alias_port; struct in_addr alias_address; struct alias_data ad = { - .lnk = lnk, + .lnk = lnk, .oaddr = NULL, .aaddr = &alias_address, .aport = &alias_port, @@ -886,24 +884,24 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) .maxpktsize = 0 }; -/* Save original destination address, if this is a proxy packet. - * Also modify packet to include destination encoding. This may - * change the size of IP header. */ + /* Save original destination address, if this is a proxy packet. + * Also modify packet to include destination encoding. This may + * change the size of IP header. */ if (proxy_type != 0) { - SetProxyPort(lnk, dest_port); - SetProxyAddress(lnk, dest_address); - ProxyModify(la, lnk, pip, maxpacketsize, proxy_type); - ud = (struct udphdr *)ip_next(pip); - } + SetProxyPort(lnk, dest_port); + SetProxyAddress(lnk, dest_address); + ProxyModify(la, lnk, pip, maxpacketsize, proxy_type); + ud = (struct udphdr *)ip_next(pip); + } alias_address = GetAliasAddress(lnk); alias_port = GetAliasPort(lnk); - /* Walk out chain. */ + /* Walk out chain. */ error = find_handler(OUT, UDP, la, pip, &ad); -/* If UDP checksum is not zero, adjust since source port is */ -/* being aliased and source address is being altered */ + /* If UDP checksum is not zero, adjust since source port is */ + /* being aliased and source address is being altered */ if (ud->uh_sum != 0) { int accumulate; @@ -913,10 +911,10 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) accumulate -= twowords(&alias_address); ADJUST_CHECKSUM(accumulate, ud->uh_sum); } -/* Put alias port in UDP header */ + /* Put alias port in UDP header */ ud->uh_sport = alias_port; -/* Change source address */ + /* Change source address */ DifferentialChecksum(&pip->ip_sum, &alias_address, &pip->ip_src, 2); pip->ip_src = alias_address; @@ -952,14 +950,14 @@ TcpAliasIn(struct libalias *la, struct ip *pip) u_short proxy_port; int accumulate, error; - /* - * The init of MANY vars is a bit below, but aliashandlepptpin + /* + * The init of MANY vars is a bit below, but aliashandlepptpin * seems to need the destination port that came within the * packet and not the original one looks below [*]. */ struct alias_data ad = { - .lnk = lnk, + .lnk = lnk, .oaddr = NULL, .aaddr = NULL, .aport = NULL, @@ -968,7 +966,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip) .maxpktsize = 0 }; - /* Walk out chain. */ + /* Walk out chain. */ error = find_handler(IN, TCP, la, pip, &ad); alias_address = GetAliasAddress(lnk); @@ -978,8 +976,8 @@ TcpAliasIn(struct libalias *la, struct ip *pip) tc->th_dport = GetOriginalPort(lnk); proxy_port = GetProxyPort(lnk); - /* - * Look above, if anyone is going to add find_handler AFTER + /* + * Look above, if anyone is going to add find_handler AFTER * this aliashandlepptpin/point, please redo alias_data too. * Uncommenting the piece here below should be enough. */ @@ -993,22 +991,22 @@ TcpAliasIn(struct libalias *la, struct ip *pip) .dport = &ud->uh_dport, .maxpktsize = 0 }; - + /* Walk out chain. */ error = find_handler(la, pip, &ad); if (error == EHDNOF) printf("Protocol handler not found\n"); #endif -/* Adjust TCP checksum since destination port is being unaliased */ -/* and destination port is being altered. */ + /* Adjust TCP checksum since destination port is being + * unaliased and destination port is being altered. */ accumulate = alias_port; accumulate -= tc->th_dport; accumulate += twowords(&alias_address); accumulate -= twowords(&original_address); -/* If this is a proxy, then modify the TCP source port and - checksum accumulation */ + /* If this is a proxy, then modify the TCP source port + * and checksum accumulation */ if (proxy_port != 0) { accumulate += tc->th_sport; tc->th_sport = proxy_port; @@ -1016,7 +1014,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip) accumulate += twowords(&pip->ip_src); accumulate -= twowords(&proxy_address); } -/* See if ACK number needs to be modified */ + /* See if ACK number needs to be modified */ if (GetAckModified(lnk) == 1) { int delta; @@ -1030,13 +1028,13 @@ TcpAliasIn(struct libalias *la, struct ip *pip) } ADJUST_CHECKSUM(accumulate, tc->th_sum); -/* Restore original IP address */ + /* Restore original IP address */ accumulate = twowords(&pip->ip_dst); pip->ip_dst = original_address; accumulate -= twowords(&pip->ip_dst); -/* If this is a transparent proxy packet, then modify the source - address */ + /* If this is a transparent proxy packet, + * then modify the source address */ if (proxy_address.s_addr != 0) { accumulate += twowords(&pip->ip_src); pip->ip_src = proxy_address; @@ -1044,7 +1042,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip) } ADJUST_CHECKSUM(accumulate, pip->ip_sum); -/* Monitor TCP connection state */ + /* Monitor TCP connection state */ tc = (struct tcphdr *)ip_next(pip); TcpMonitorIn(tc->th_flags, lnk); @@ -1073,8 +1071,8 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) tc = (struct tcphdr *)ip_next(pip); if (create) - proxy_type = ProxyCheck(la, &proxy_server_address, - &proxy_server_port, pip->ip_src, pip->ip_dst, + proxy_type = ProxyCheck(la, &proxy_server_address, + &proxy_server_port, pip->ip_src, pip->ip_dst, tc->th_dport, pip->ip_p); else proxy_type = 0; @@ -1082,8 +1080,8 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) if (proxy_type == 0 && (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)) return (PKT_ALIAS_OK); -/* If this is a transparent proxy, save original destination, - then alter the destination and adjust checksums */ + /* If this is a transparent proxy, save original destination, + * then alter the destination and adjust checksums */ dest_port = tc->th_dport; dest_address = pip->ip_dst; if (proxy_type != 0) { @@ -1111,7 +1109,7 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) struct in_addr alias_address; int accumulate; struct alias_data ad = { - .lnk = lnk, + .lnk = lnk, .oaddr = NULL, .aaddr = &alias_address, .aport = &alias_port, @@ -1120,38 +1118,38 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) .maxpktsize = maxpacketsize }; -/* Save original destination address, if this is a proxy packet. - Also modify packet to include destination encoding. This may - change the size of IP header. */ + /* Save original destination address, if this is a proxy packet. + * Also modify packet to include destination + * encoding. This may change the size of IP header. */ if (proxy_type != 0) { SetProxyPort(lnk, dest_port); SetProxyAddress(lnk, dest_address); ProxyModify(la, lnk, pip, maxpacketsize, proxy_type); tc = (struct tcphdr *)ip_next(pip); } -/* Get alias address and port */ + /* Get alias address and port */ alias_port = GetAliasPort(lnk); alias_address = GetAliasAddress(lnk); -/* Monitor TCP connection state */ + /* Monitor TCP connection state */ tc = (struct tcphdr *)ip_next(pip); TcpMonitorOut(tc->th_flags, lnk); - - /* Walk out chain. */ + + /* Walk out chain. */ error = find_handler(OUT, TCP, la, pip, &ad); -/* Adjust TCP checksum since source port is being aliased */ -/* and source address is being altered */ + /* Adjust TCP checksum since source port is being aliased + * and source address is being altered */ accumulate = tc->th_sport; tc->th_sport = alias_port; accumulate -= tc->th_sport; accumulate += twowords(&pip->ip_src); accumulate -= twowords(&alias_address); -/* Modify sequence number if necessary */ + /* Modify sequence number if necessary */ if (GetAckModified(lnk) == 1) { int delta; - + tc = (struct tcphdr *)ip_next(pip); delta = GetDeltaSeqOut(tc->th_seq, lnk); if (delta != 0) { @@ -1162,7 +1160,7 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create) } ADJUST_CHECKSUM(accumulate, tc->th_sum); -/* Change source address */ + /* Change source address */ accumulate = twowords(&pip->ip_src); pip->ip_src = alias_address; accumulate -= twowords(&pip->ip_src); @@ -1258,7 +1256,7 @@ LibAliasSaveFragment(struct libalias *la, void *ptr) return (iresult); } -void * +void * LibAliasGetFragment(struct libalias *la, void *ptr) { struct alias_link *lnk; @@ -1272,7 +1270,7 @@ LibAliasGetFragment(struct libalias *la, void *ptr) GetFragmentPtr(lnk, &fptr); SetFragmentPtr(lnk, NULL); SetExpire(lnk, 0); /* Deletes link */ - } else + } else fptr = NULL; LIBALIAS_UNLOCK(la); @@ -1280,11 +1278,9 @@ LibAliasGetFragment(struct libalias *la, void *ptr) } void -LibAliasFragmentIn(struct libalias *la, void *ptr, /* Points to correctly - * de-aliased header - * fragment */ - void *ptr_fragment /* Points to fragment which must be - * de-aliased */ +LibAliasFragmentIn(struct libalias *la, + void *ptr, /* Points to correctly de-aliased header fragment */ + void *ptr_fragment /* fragment which must be de-aliased */ ) { struct ip *pip; @@ -1304,10 +1300,10 @@ LibAliasFragmentIn(struct libalias *la, void *ptr, /* Points to correctly /* Local prototypes */ static int LibAliasOutLocked(struct libalias *la, struct ip *pip, - int maxpacketsize, int create); + int maxpacketsize, int create); static int LibAliasInLocked(struct libalias *la, struct ip *pip, - int maxpacketsize); + int maxpacketsize); int LibAliasIn(struct libalias *la, void *ptr, int maxpacketsize) @@ -1339,7 +1335,7 @@ LibAliasInLocked(struct libalias *la, struct ip *pip, int maxpacketsize) /* Defense against mangled packets */ if (ntohs(pip->ip_len) > maxpacketsize || (pip->ip_hl << 2) > maxpacketsize) { - iresult = PKT_ALIAS_IGNORED; + iresult = PKT_ALIAS_IGNORED; goto getout; } @@ -1357,30 +1353,30 @@ LibAliasInLocked(struct libalias *la, struct ip *pip, int maxpacketsize) break; #ifdef _KERNEL case IPPROTO_SCTP: - iresult = SctpAlias(la, pip, SN_TO_LOCAL); + iresult = SctpAlias(la, pip, SN_TO_LOCAL); break; #endif - case IPPROTO_GRE: { + case IPPROTO_GRE: { int error; struct alias_data ad = { - .lnk = NULL, - .oaddr = NULL, + .lnk = NULL, + .oaddr = NULL, .aaddr = NULL, .aport = NULL, .sport = NULL, .dport = NULL, - .maxpktsize = 0 + .maxpktsize = 0 }; - - /* Walk out chain. */ + + /* Walk out chain. */ error = find_handler(IN, IP, la, pip, &ad); - if (error == 0) + if (error == 0) iresult = PKT_ALIAS_OK; else iresult = ProtoAliasIn(la, pip->ip_src, pip, pip->ip_p, &pip->ip_sum); + break; } - break; default: iresult = ProtoAliasIn(la, pip->ip_src, pip, pip->ip_p, &pip->ip_sum); @@ -1448,10 +1444,10 @@ LibAliasOutTry(struct libalias *la, void *ptr, int maxpacketsize, int create) } static int -LibAliasOutLocked(struct libalias *la, struct ip *pip, /* valid IP packet */ - int maxpacketsize, /* How much the packet data may grow (FTP - * and IRC inline changes) */ - int create /* Create new entries ? */ +LibAliasOutLocked(struct libalias *la, + struct ip *pip, /* valid IP packet */ + int maxpacketsize, /* How much the packet data may grow (FTP and IRC inline changes) */ + int create /* Create new entries ? */ ) { int iresult; @@ -1511,29 +1507,29 @@ LibAliasOutLocked(struct libalias *la, struct ip *pip, /* valid IP packet */ break; #ifdef _KERNEL case IPPROTO_SCTP: - iresult = SctpAlias(la, pip, SN_TO_GLOBAL); + iresult = SctpAlias(la, pip, SN_TO_GLOBAL); break; #endif case IPPROTO_GRE: { int error; struct alias_data ad = { - .lnk = NULL, - .oaddr = NULL, + .lnk = NULL, + .oaddr = NULL, .aaddr = NULL, .aport = NULL, .sport = NULL, .dport = NULL, - .maxpktsize = 0 + .maxpktsize = 0 }; - /* Walk out chain. */ + /* Walk out chain. */ error = find_handler(OUT, IP, la, pip, &ad); if (error == 0) - iresult = PKT_ALIAS_OK; - else + iresult = PKT_ALIAS_OK; + else iresult = ProtoAliasOut(la, pip, pip->ip_dst, pip->ip_p, &pip->ip_sum, create); + break; } - break; default: iresult = ProtoAliasOut(la, pip, pip->ip_dst, pip->ip_p, &pip->ip_sum, create); @@ -1549,8 +1545,9 @@ getout: } int -LibAliasUnaliasOut(struct libalias *la, void *ptr, /* valid IP packet */ - int maxpacketsize /* for error checking */ +LibAliasUnaliasOut(struct libalias *la, + void *ptr, /* valid IP packet */ + int maxpacketsize /* for error checking */ ) { struct ip *pip; @@ -1622,7 +1619,6 @@ LibAliasUnaliasOut(struct libalias *la, void *ptr, /* valid IP packet */ tc->th_sport = original_port; iresult = PKT_ALIAS_OK; - } else if (pip->ip_p == IPPROTO_ICMP) { int accumulate; struct in_addr original_address; @@ -1652,7 +1648,6 @@ LibAliasUnaliasOut(struct libalias *la, void *ptr, /* valid IP packet */ getout: LIBALIAS_UNLOCK(la); return (iresult); - } #ifndef _KERNEL @@ -1672,8 +1667,8 @@ LibAliasRefreshModules(void) for (;;) { fgets(buf, 256, fd); - if (feof(fd)) - break; *** 4308 LINES SKIPPED *** From owner-dev-commits-src-branches@freebsd.org Sun May 30 20:04:42 2021 Return-Path: Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 007CA6341EE; Sun, 30 May 2021 20:04:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4FtTsj25mPz3nG9; Sun, 30 May 2021 20:04:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8C81922F34; Sun, 30 May 2021 20:04:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 14UK4dBK077796; Sun, 30 May 2021 20:04:39 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 14UK4dIQ077795; Sun, 30 May 2021 20:04:39 GMT (envelope-from git) Date: Sun, 30 May 2021 20:04:39 GMT Message-Id: <202105302004.14UK4dIQ077795@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Lutz Donnerhacke Subject: git: 6a1b3e91539d - stable/12 - libalias: replace placeholder with static constant MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: donner X-Git-Repository: src X-Git-Refname: refs/heads/stable/12 X-Git-Reftype: branch X-Git-Commit: 6a1b3e91539d56ff476c12e88ece9a2e9c365463 Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-branches@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commits to the stable branches of the FreeBSD src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 May 2021 20:04:42 -0000 The branch stable/12 has been updated by donner: URL: https://cgit.FreeBSD.org/src/commit/?id=6a1b3e91539d56ff476c12e88ece9a2e9c365463 commit 6a1b3e91539d56ff476c12e88ece9a2e9c365463 Author: Lutz Donnerhacke AuthorDate: 2021-05-13 21:47:57 +0000 Commit: Lutz Donnerhacke CommitDate: 2021-05-30 20:03:43 +0000 libalias: replace placeholder with static constant The field nullAddress in struct libalias is never set and never used. It exists as a placeholder for an unused argument only. Reviewed by: hselasky Differential Revision: https://reviews.freebsd.org/D30253 (cherry picked from commit 189f8eea138a78b09c9f19114b1362b0df1cf87d) (cherry picked from commit b03a41befeaf17ef25da96fc7bc2dc19c9a6b253) --- sys/netinet/libalias/alias_db.c | 23 +++++++++++++---------- sys/netinet/libalias/alias_local.h | 2 -- 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/sys/netinet/libalias/alias_db.c b/sys/netinet/libalias/alias_db.c index cc4b4877c58d..ff3072473d67 100644 --- a/sys/netinet/libalias/alias_db.c +++ b/sys/netinet/libalias/alias_db.c @@ -224,6 +224,9 @@ static LIST_HEAD(, libalias) instancehead = LIST_HEAD_INITIALIZER(instancehead); #define NO_DEST_PORT 1 #define NO_SRC_PORT 1 +/* Matches any/unknown address in FindLinkIn/Out() and AddLink(). */ +static struct in_addr const ANY_ADDR = { INADDR_ANY }; + /* Data Structures The fundamental data structure used in this program is @@ -1111,12 +1114,12 @@ _FindLinkOut(struct libalias *la, struct in_addr src_addr, lnk = _FindLinkOut(la, src_addr, dst_addr, src_port, 0, link_type, 0); if (lnk == NULL) - lnk = _FindLinkOut(la, src_addr, la->nullAddress, src_port, + lnk = _FindLinkOut(la, src_addr, ANY_ADDR, src_port, dst_port, link_type, 0); } if (lnk == NULL && (dst_port != 0 || dst_addr.s_addr != INADDR_ANY)) { - lnk = _FindLinkOut(la, src_addr, la->nullAddress, src_port, 0, + lnk = _FindLinkOut(la, src_addr, ANY_ADDR, src_port, 0, link_type, 0); } if (lnk != NULL) { @@ -1152,7 +1155,7 @@ FindLinkOut(struct libalias *la, struct in_addr src_addr, */ if (la->aliasAddress.s_addr != INADDR_ANY && src_addr.s_addr == la->aliasAddress.s_addr) { - lnk = _FindLinkOut(la, la->nullAddress, dst_addr, src_port, dst_port, + lnk = _FindLinkOut(la, ANY_ADDR, dst_addr, src_port, dst_port, link_type, replace_partial_links); } } @@ -1294,7 +1297,7 @@ FindLinkIn(struct libalias *la, struct in_addr dst_addr, */ if (la->aliasAddress.s_addr != INADDR_ANY && alias_addr.s_addr == la->aliasAddress.s_addr) { - lnk = _FindLinkIn(la, dst_addr, la->nullAddress, dst_port, alias_port, + lnk = _FindLinkIn(la, dst_addr, ANY_ADDR, dst_port, alias_port, link_type, replace_partial_links); } } @@ -1376,7 +1379,7 @@ FindFragmentIn1(struct libalias *la, struct in_addr dst_addr, LINK_FRAGMENT_ID, 0); if (lnk == NULL) { - lnk = AddLink(la, la->nullAddress, dst_addr, alias_addr, + lnk = AddLink(la, ANY_ADDR, dst_addr, alias_addr, NO_SRC_PORT, NO_DEST_PORT, ip_id, LINK_FRAGMENT_ID); } @@ -1399,7 +1402,7 @@ AddFragmentPtrLink(struct libalias *la, struct in_addr dst_addr, u_short ip_id) { LIBALIAS_LOCK_ASSERT(la); - return AddLink(la, la->nullAddress, dst_addr, la->nullAddress, + return AddLink(la, ANY_ADDR, dst_addr, ANY_ADDR, NO_SRC_PORT, NO_DEST_PORT, ip_id, LINK_FRAGMENT_PTR); } @@ -1409,7 +1412,7 @@ FindFragmentPtr(struct libalias *la, struct in_addr dst_addr, u_short ip_id) { LIBALIAS_LOCK_ASSERT(la); - return FindLinkIn(la, dst_addr, la->nullAddress, + return FindLinkIn(la, dst_addr, ANY_ADDR, NO_DEST_PORT, ip_id, LINK_FRAGMENT_PTR, 0); } @@ -1669,7 +1672,7 @@ FindOriginalAddress(struct libalias *la, struct in_addr alias_addr) struct alias_link *lnk; LIBALIAS_LOCK_ASSERT(la); - lnk = FindLinkIn(la, la->nullAddress, alias_addr, + lnk = FindLinkIn(la, ANY_ADDR, alias_addr, 0, 0, LINK_ADDR, 0); if (lnk == NULL) { la->newDefaultLink = 1; @@ -1701,7 +1704,7 @@ FindAliasAddress(struct libalias *la, struct in_addr original_addr) struct alias_link *lnk; LIBALIAS_LOCK_ASSERT(la); - lnk = FindLinkOut(la, original_addr, la->nullAddress, + lnk = FindLinkOut(la, original_addr, ANY_ADDR, 0, 0, LINK_ADDR, 0); if (lnk == NULL) { return (la->aliasAddress.s_addr != INADDR_ANY) ? @@ -2317,7 +2320,7 @@ LibAliasRedirectAddr(struct libalias *la, struct in_addr src_addr, struct alias_link *lnk; LIBALIAS_LOCK(la); - lnk = AddLink(la, src_addr, la->nullAddress, alias_addr, + lnk = AddLink(la, src_addr, ANY_ADDR, alias_addr, 0, 0, 0, LINK_ADDR); diff --git a/sys/netinet/libalias/alias_local.h b/sys/netinet/libalias/alias_local.h index e6374a72ef75..63bfd857f14f 100644 --- a/sys/netinet/libalias/alias_local.h +++ b/sys/netinet/libalias/alias_local.h @@ -89,8 +89,6 @@ struct libalias { /* IP address incoming packets are sent to * if no aliasing link already exists */ struct in_addr targetAddress; - /* Used as a dummy parameter for some function calls */ - struct in_addr nullAddress; /* Lookup table of pointers to chains of link records. * Each link record is doubly indexed into input and * output lookup tables. */