Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 13 Mar 2021 20:26:07 GMT
From:      "Alexander V. Chernikov" <melifaro@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: 3489286a5f36 - stable/13 - Fix blackhole/reject routes.
Message-ID:  <202103132026.12DKQ704079620@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by melifaro:

URL: https://cgit.FreeBSD.org/src/commit/?id=3489286a5f368e7fcf11a9691f9bb5df77abe9a3

commit 3489286a5f368e7fcf11a9691f9bb5df77abe9a3
Author:     Alexander V. Chernikov <melifaro@FreeBSD.org>
AuthorDate: 2021-02-08 23:29:05 +0000
Commit:     Alexander V. Chernikov <melifaro@FreeBSD.org>
CommitDate: 2021-03-13 20:18:17 +0000

    Fix blackhole/reject routes.
    
    Traditionally *BSD routing stack required to supply some
     interface data for blackhole/reject routes. This lead to
     varieties of hacks in routing daemons when inserting such routes.
    With the recent routeing stack changes, gateway sockaddr without
     RTF_GATEWAY started to be treated differently, purely as link
     identifier.
    
    This change broke net/bird, which installs blackhole routes with
     127.0.0.1 gateway without RTF_GATEWAY flags.
    
    Fix this by automatically constructing necessary gateway data at
     rtsock level if RTF_REJECT/RTF_BLACKHOLE is set.
    
    Reported by:    Marek Zarychta <zarychtam at plan-b.pwste.edu.pl>
    Reviewed by:    donner
    
    (cherry picked from commit 145bf6c0af48b89f13465e145f4516de37c31d85)
---
 sys/net/rtsock.c | 58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 56 insertions(+), 2 deletions(-)

diff --git a/sys/net/rtsock.c b/sys/net/rtsock.c
index 09d31f8f8076..8230ae5618e3 100644
--- a/sys/net/rtsock.c
+++ b/sys/net/rtsock.c
@@ -564,6 +564,50 @@ rtm_get_jailed(struct rt_addrinfo *info, struct ifnet *ifp,
 	return (0);
 }
 
+static int
+fill_blackholeinfo(struct rt_addrinfo *info, union sockaddr_union *saun)
+{
+	struct ifaddr *ifa;
+	sa_family_t saf;
+
+	if (V_loif == NULL) {
+		printf("Unable to add blackhole/reject nhop without loopback");
+		return (ENOTSUP);
+	}
+	info->rti_ifp = V_loif;
+
+	saf = info->rti_info[RTAX_DST]->sa_family;
+
+	CK_STAILQ_FOREACH(ifa, &info->rti_ifp->if_addrhead, ifa_link) {
+		if (ifa->ifa_addr->sa_family == saf) {
+			info->rti_ifa = ifa;
+			break;
+		}
+	}
+	if (info->rti_ifa == NULL)
+		return (ENOTSUP);
+
+	bzero(saun, sizeof(union sockaddr_union));
+	switch (saf) {
+	case AF_INET:
+		saun->sin.sin_family = AF_INET;
+		saun->sin.sin_len = sizeof(struct sockaddr_in);
+		saun->sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
+		break;
+	case AF_INET6:
+		saun->sin6.sin6_family = AF_INET6;
+		saun->sin6.sin6_len = sizeof(struct sockaddr_in6);
+		saun->sin6.sin6_addr = in6addr_loopback;
+		break;
+	default:
+		return (ENOTSUP);
+	}
+	info->rti_info[RTAX_GATEWAY] = &saun->sa;
+	info->rti_flags |= RTF_GATEWAY;
+
+	return (0);
+}
+
 /*
  * Fills in @info based on userland-provided @rtm message.
  *
@@ -949,7 +993,6 @@ route_output(struct mbuf *m, struct socket *so, ...)
 #endif
 	int alloc_len = 0, len, error = 0, fibnum;
 	sa_family_t saf = AF_UNSPEC;
-	struct walkarg w;
 	struct rib_cmd_info rc;
 	struct nhop_object *nh;
 
@@ -977,7 +1020,6 @@ route_output(struct mbuf *m, struct socket *so, ...)
 
 	m_copydata(m, 0, len, (caddr_t)rtm);
 	bzero(&info, sizeof(info));
-	bzero(&w, sizeof(w));
 	nh = NULL;
 
 	if (rtm->rtm_version != RTM_VERSION) {
@@ -1009,6 +1051,18 @@ route_output(struct mbuf *m, struct socket *so, ...)
 		goto flush;
 	}
 
+	union sockaddr_union gw_saun;
+	int blackhole_flags = rtm->rtm_flags & (RTF_BLACKHOLE|RTF_REJECT);
+	if (blackhole_flags != 0) {
+		if (blackhole_flags != (RTF_BLACKHOLE | RTF_REJECT))
+			error = fill_blackholeinfo(&info, &gw_saun);
+		else
+			error = EINVAL;
+		if (error != 0)
+			senderr(error);
+		/* TODO: rebuild rtm from scratch */
+	}
+
 	switch (rtm->rtm_type) {
 	case RTM_ADD:
 	case RTM_CHANGE:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202103132026.12DKQ704079620>