From owner-svn-src-all@freebsd.org Tue May 19 18:35:09 2020 Return-Path: Delivered-To: svn-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 64BBE2F189B; Tue, 19 May 2020 18:35:09 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 49RPgx1z2fz3ygV; Tue, 19 May 2020 18:35:09 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 3EDD3F68B; Tue, 19 May 2020 18:35:09 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 04JIZ9Bu095875; Tue, 19 May 2020 18:35:09 GMT (envelope-from markj@FreeBSD.org) Received: (from markj@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 04JIZ8uF095871; Tue, 19 May 2020 18:35:08 GMT (envelope-from markj@FreeBSD.org) Message-Id: <202005191835.04JIZ8uF095871@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: markj set sender to markj@FreeBSD.org using -f From: Mark Johnston Date: Tue, 19 May 2020 18:35:08 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r361263 - in head/sys: netinet sys X-SVN-Group: head X-SVN-Commit-Author: markj X-SVN-Commit-Paths: in head/sys: netinet sys X-SVN-Commit-Revision: 361263 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 May 2020 18:35:09 -0000 Author: markj Date: Tue May 19 18:35:08 2020 New Revision: 361263 URL: https://svnweb.freebsd.org/changeset/base/361263 Log: Define a module version for accept filter modules. Otherwise accept filters compiled into the kernel do not preempt preloaded accept filter modules. Then, the preloaded file registers its accept filter module before the kernel, and the kernel's attempt fails since duplicate accept filter list entries are not permitted. This causes the preloaded file's module to be released, since module_register_init() does a lookup by name, so the preloaded file is unloaded, and the accept filter's callback points to random memory since preload_delete_name() unmaps the file on x86 as of r336505. Add a new ACCEPT_FILTER_DEFINE macro which wraps the accept filter and module definitions, and ensures that a module version is defined. PR: 245870 Reported by: Thomas von Dein MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Modified: head/sys/netinet/accf_data.c head/sys/netinet/accf_dns.c head/sys/netinet/accf_http.c head/sys/sys/socketvar.h Modified: head/sys/netinet/accf_data.c ============================================================================== --- head/sys/netinet/accf_data.c Tue May 19 18:34:50 2020 (r361262) +++ head/sys/netinet/accf_data.c Tue May 19 18:35:08 2020 (r361263) @@ -42,20 +42,7 @@ __FBSDID("$FreeBSD$"); static int sohasdata(struct socket *so, void *arg, int waitflag); -static struct accept_filter accf_data_filter = { - "dataready", - sohasdata, - NULL, - NULL -}; - -static moduledata_t accf_data_mod = { - "accf_data", - accept_filt_generic_mod_event, - &accf_data_filter -}; - -DECLARE_MODULE(accf_data, accf_data_mod, SI_SUB_DRIVERS, SI_ORDER_MIDDLE); +ACCEPT_FILTER_DEFINE(accf_data, "dataready", sohasdata, NULL, NULL, 1); static int sohasdata(struct socket *so, void *arg, int waitflag) Modified: head/sys/netinet/accf_dns.c ============================================================================== --- head/sys/netinet/accf_dns.c Tue May 19 18:34:50 2020 (r361262) +++ head/sys/netinet/accf_dns.c Tue May 19 18:35:08 2020 (r361263) @@ -41,6 +41,8 @@ /* check for full DNS request */ static int sohasdns(struct socket *so, void *arg, int waitflag); +ACCEPT_FILTER_DEFINE(accf_dns, "dnsready", sohasdns, NULL, NULL, 1); + struct packet { struct mbuf *m; /* Current mbuf. */ struct mbuf *n; /* nextpkt mbuf. */ @@ -55,21 +57,6 @@ struct packet { /* check we can skip over various parts of DNS request */ static int skippacket(struct sockbuf *sb); - -static struct accept_filter accf_dns_filter = { - "dnsready", - sohasdns, - NULL, - NULL -}; - -static moduledata_t accf_dns_mod = { - "accf_dns", - accept_filt_generic_mod_event, - &accf_dns_filter -}; - -DECLARE_MODULE(accf_dns, accf_dns_mod, SI_SUB_DRIVERS, SI_ORDER_MIDDLE); static int sohasdns(struct socket *so, void *arg, int waitflag) Modified: head/sys/netinet/accf_http.c ============================================================================== --- head/sys/netinet/accf_http.c Tue May 19 18:34:50 2020 (r361262) +++ head/sys/netinet/accf_http.c Tue May 19 18:35:08 2020 (r361263) @@ -54,29 +54,16 @@ static int mbufstrncmp(struct mbuf *m, struct mbuf *np /* socketbuffer is full */ static int sbfull(struct sockbuf *sb); -static struct accept_filter accf_http_filter = { - "httpready", - sohashttpget, - NULL, - NULL -}; +ACCEPT_FILTER_DEFINE(accf_http, "httpready", sohashttpget, NULL, NULL, 1); -static moduledata_t accf_http_mod = { - "accf_http", - accept_filt_generic_mod_event, - &accf_http_filter -}; - -DECLARE_MODULE(accf_http, accf_http_mod, SI_SUB_DRIVERS, SI_ORDER_MIDDLE); - static int parse_http_version = 1; static SYSCTL_NODE(_net_inet_accf, OID_AUTO, http, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "HTTP accept filter"); SYSCTL_INT(_net_inet_accf_http, OID_AUTO, parsehttpversion, CTLFLAG_RW, -&parse_http_version, 1, -"Parse http version so that non 1.x requests work"); + &parse_http_version, 1, + "Parse http version so that non 1.x requests work"); #ifdef ACCF_HTTP_DEBUG #define DPRINT(fmt, args...) \ Modified: head/sys/sys/socketvar.h ============================================================================== --- head/sys/sys/socketvar.h Tue May 19 18:34:50 2020 (r361262) +++ head/sys/sys/socketvar.h Tue May 19 18:35:08 2020 (r361263) @@ -335,6 +335,22 @@ struct accept_filter { SLIST_ENTRY(accept_filter) accf_next; }; +#define ACCEPT_FILTER_DEFINE(modname, filtname, cb, create, destroy, ver) \ + static struct accept_filter modname##_filter = { \ + .accf_name = filtname, \ + .accf_callback = cb, \ + .accf_create = create, \ + .accf_destroy = destroy, \ + }; \ + static moduledata_t modname##_mod = { \ + .name = __XSTRING(modname), \ + .evhand = accept_filt_generic_mod_event, \ + .priv = &modname##_filter, \ + }; \ + DECLARE_MODULE(modname, modname##_mod, SI_SUB_DRIVERS, \ + SI_ORDER_MIDDLE); \ + MODULE_VERSION(modname, 1) + #ifdef MALLOC_DECLARE MALLOC_DECLARE(M_ACCF); MALLOC_DECLARE(M_PCB);