From owner-dev-commits-src-all@freebsd.org Fri Feb 12 01:59:08 2021 Return-Path: Delivered-To: dev-commits-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3ADEB53FAB8; Fri, 12 Feb 2021 01:59:08 +0000 (UTC) (envelope-from mjguzik@gmail.com) Received: from mail-wr1-x42f.google.com (mail-wr1-x42f.google.com [IPv6:2a00:1450:4864:20::42f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DcGrX0dnKz3l9M; Fri, 12 Feb 2021 01:59:07 +0000 (UTC) (envelope-from mjguzik@gmail.com) Received: by mail-wr1-x42f.google.com with SMTP id v1so2604773wrd.6; Thu, 11 Feb 2021 17:59:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=6fKf8kGpJLFUSm3yifAdgsuZiQ+lxAT36SNHIAGRm+M=; b=RrLDNw2NG+/D2UeiunXc7ZBGuXKr6lr4WUBJIEsPTL2oQk4hXmdHad716R6BI6gMCF n8BQbDz77GxI5alSVi9+d4u+7fqnwbH5EwRcXHWRFJzl/CuiHVxNIFLA7YC3ywH93CGB 0kfvQ6WcISZXct8qOQVPti+6eagVWMbGA/p+ogjYS/Ol0yFWKVuM0LofHBxKUg7aabsi DQc06FKGSic/G+h9TRsZB+YBXkyB0FdP7H/btjJVQS4TUt9khMK7SucCbW8fxQUgR0un w3TSwRpJZDOH2tMgh8mJxhwAyMZlb9bFNDFtrcYAPuykar4e1d2ty+/rQ1zSzyoJ6x3i DPDg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=6fKf8kGpJLFUSm3yifAdgsuZiQ+lxAT36SNHIAGRm+M=; b=VxWrtzJPqgpYn0t6Z5U+gxaNfCjw1ZLuXrtmMW8s582Ao2/i/7grb5jaICX/5haPQ0 1riQrQX8UNP9p9s7VwhNpg9IfkP3q9haKEAYXHKXEVEDgBoZ3uoN+0vXNCSvD+KqYwnX jNvktdtt4fYhQsd1ZS2BS14WmFNFkil/bY9ubf6PIqV+pyFG7x4NkJC3VwFKIuC/LfXT lcoKnz7cKJe/zpUPUNORKPbDXOlwoK9GeZzSL+OwIzEX7NTuonCDvH4yoKdLBZWGEBHC Ol9UnEKShu7l8ZC3bYeXRoynVp/bpicHdlUk33CxBHdpCxOn6emtm07RLaGw34hbiIzS cNrA== X-Gm-Message-State: AOAM531c8PefQHvA9d9zycwRJ6+7owgOpguPLQi4ZfSW8IYi+eICHzOP EfWC1jefd5WyVQ4e8Hny5GYv2oMZes93klG9YfD8iu448r4= X-Google-Smtp-Source: ABdhPJzaPDwIVaWIYVonwDv3W8BkQ5uJIrH/93FBcRWQ8sdUDOLNv8OV6NY1rgFS4dgMkS4yZj0louOzRGxMfsz4tGk= X-Received: by 2002:a5d:5248:: with SMTP id k8mr667807wrc.17.1613095146833; Thu, 11 Feb 2021 17:59:06 -0800 (PST) MIME-Version: 1.0 Received: by 2002:a5d:464c:0:0:0:0:0 with HTTP; Thu, 11 Feb 2021 17:59:05 -0800 (PST) In-Reply-To: <202102112310.11BNABTx015766@gitrepo.freebsd.org> References: <202102112310.11BNABTx015766@gitrepo.freebsd.org> From: Mateusz Guzik Date: Fri, 12 Feb 2021 02:59:05 +0100 Message-ID: Subject: Re: git: 145bf6c0af48 - main - Fix blackhole/reject routes. To: "Alexander V. Chernikov" Cc: src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 4DcGrX0dnKz3l9M X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-BeenThere: dev-commits-src-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commit messages for all branches of the src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Feb 2021 01:59:08 -0000 This breaks building a kernel with INET6 for me, I presume it will also break LINT-NOINET On 2/12/21, Alexander V. Chernikov wrote: > The branch main has been updated by melifaro: > > URL: > https://cgit.FreeBSD.org/src/commit/?id=145bf6c0af48b89f13465e145f4516de37c31d85 > > commit 145bf6c0af48b89f13465e145f4516de37c31d85 > Author: Alexander V. Chernikov > AuthorDate: 2021-02-08 23:29:05 +0000 > Commit: Alexander V. Chernikov > CommitDate: 2021-02-11 23:08:55 +0000 > > Fix blackhole/reject routes. > > Traditionally *BSD routing stack required to supply some > interface data for blackhole/reject routes. This lead to > varieties of hacks in routing daemons when inserting such routes. > With the recent routeing stack changes, gateway sockaddr without > RTF_GATEWAY started to be treated differently, purely as link > identifier. > > This change broke net/bird, which installs blackhole routes with > 127.0.0.1 gateway without RTF_GATEWAY flags. > > Fix this by automatically constructing necessary gateway data at > rtsock level if RTF_REJECT/RTF_BLACKHOLE is set. > > Reported by: Marek Zarychta > Reviewed by: donner > MFC after: 1 week > --- > sys/net/rtsock.c | 58 > ++++++++++++++++++++++++++++++++++++++++++++++++++++++-- > 1 file changed, 56 insertions(+), 2 deletions(-) > > diff --git a/sys/net/rtsock.c b/sys/net/rtsock.c > index ba1182d55439..f67252f9fd5f 100644 > --- a/sys/net/rtsock.c > +++ b/sys/net/rtsock.c > @@ -562,6 +562,50 @@ rtm_get_jailed(struct rt_addrinfo *info, struct ifnet > *ifp, > return (0); > } > > +static int > +fill_blackholeinfo(struct rt_addrinfo *info, union sockaddr_union *saun) > +{ > + struct ifaddr *ifa; > + sa_family_t saf; > + > + if (V_loif == NULL) { > + printf("Unable to add blackhole/reject nhop without loopback"); > + return (ENOTSUP); > + } > + info->rti_ifp = V_loif; > + > + saf = info->rti_info[RTAX_DST]->sa_family; > + > + CK_STAILQ_FOREACH(ifa, &info->rti_ifp->if_addrhead, ifa_link) { > + if (ifa->ifa_addr->sa_family == saf) { > + info->rti_ifa = ifa; > + break; > + } > + } > + if (info->rti_ifa == NULL) > + return (ENOTSUP); > + > + bzero(saun, sizeof(union sockaddr_union)); > + switch (saf) { > + case AF_INET: > + saun->sin.sin_family = AF_INET; > + saun->sin.sin_len = sizeof(struct sockaddr_in); > + saun->sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); > + break; > + case AF_INET6: > + saun->sin6.sin6_family = AF_INET6; > + saun->sin6.sin6_len = sizeof(struct sockaddr_in6); > + saun->sin6.sin6_addr = in6addr_loopback; > + break; > + default: > + return (ENOTSUP); > + } > + info->rti_info[RTAX_GATEWAY] = &saun->sa; > + info->rti_flags |= RTF_GATEWAY; > + > + return (0); > +} > + > /* > * Fills in @info based on userland-provided @rtm message. > * > @@ -944,7 +988,6 @@ route_output(struct mbuf *m, struct socket *so, ...) > #endif > int alloc_len = 0, len, error = 0, fibnum; > sa_family_t saf = AF_UNSPEC; > - struct walkarg w; > struct rib_cmd_info rc; > struct nhop_object *nh; > > @@ -972,7 +1015,6 @@ route_output(struct mbuf *m, struct socket *so, ...) > > m_copydata(m, 0, len, (caddr_t)rtm); > bzero(&info, sizeof(info)); > - bzero(&w, sizeof(w)); > nh = NULL; > > if (rtm->rtm_version != RTM_VERSION) { > @@ -1004,6 +1046,18 @@ route_output(struct mbuf *m, struct socket *so, ...) > goto flush; > } > > + union sockaddr_union gw_saun; > + int blackhole_flags = rtm->rtm_flags & (RTF_BLACKHOLE|RTF_REJECT); > + if (blackhole_flags != 0) { > + if (blackhole_flags != (RTF_BLACKHOLE | RTF_REJECT)) > + error = fill_blackholeinfo(&info, &gw_saun); > + else > + error = EINVAL; > + if (error != 0) > + senderr(error); > + /* TODO: rebuild rtm from scratch */ > + } > + > switch (rtm->rtm_type) { > case RTM_ADD: > case RTM_CHANGE: > _______________________________________________ > dev-commits-src-all@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all > To unsubscribe, send any mail to > "dev-commits-src-all-unsubscribe@freebsd.org" > -- Mateusz Guzik