Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 31 Jan 2009 12:48:09 +0000 (UTC)
From:      Alexander Motin <mav@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org
Subject:   svn commit: r187955 - stable/7/sys/netgraph
Message-ID:  <200901311248.n0VCm90N025084@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: mav
Date: Sat Jan 31 12:48:09 2009
New Revision: 187955
URL: http://svn.freebsd.org/changeset/base/187955

Log:
  MFC rev. 187495
  
  Check for infinite recursion possible on some broken PPTP/L2TP/... VPN setups.
  Mark packets with mbuf_tag on first interface passage and drop on second.
  
  PR:		ports/129625, ports/125303

Modified:
  stable/7/sys/netgraph/ng_iface.c
  stable/7/sys/netgraph/ng_iface.h

Modified: stable/7/sys/netgraph/ng_iface.c
==============================================================================
--- stable/7/sys/netgraph/ng_iface.c	Sat Jan 31 12:44:20 2009	(r187954)
+++ stable/7/sys/netgraph/ng_iface.c	Sat Jan 31 12:48:09 2009	(r187955)
@@ -353,6 +353,7 @@ static int
 ng_iface_output(struct ifnet *ifp, struct mbuf *m,
 		struct sockaddr *dst, struct rtentry *rt0)
 {
+	struct m_tag *mtag;
 	uint32_t af;
 	int error;
 
@@ -363,6 +364,23 @@ ng_iface_output(struct ifnet *ifp, struc
 		return (ENETDOWN);
 	}
 
+	/* Protect from deadly infinite recursion. */
+	while ((mtag = m_tag_locate(m, MTAG_NGIF, MTAG_NGIF_CALLED, NULL))) {
+		if (*(struct ifnet **)(mtag + 1) == ifp) {
+			log(LOG_NOTICE, "Loop detected on %s\n", ifp->if_xname);
+			m_freem(m);
+			return (EDEADLK);
+		}
+	}
+	mtag = m_tag_alloc(MTAG_NGIF, MTAG_NGIF_CALLED, sizeof(struct ifnet *),
+	    M_NOWAIT);
+	if (mtag == NULL) {
+		m_freem(m);
+		return (ENOMEM);
+	}
+	*(struct ifnet **)(mtag + 1) = ifp;
+	m_tag_prepend(m, mtag);
+
 	/* BPF writes need to be handled specially. */
 	if (dst->sa_family == AF_UNSPEC) {
 		bcopy(dst->sa_data, &af, sizeof(af));

Modified: stable/7/sys/netgraph/ng_iface.h
==============================================================================
--- stable/7/sys/netgraph/ng_iface.h	Sat Jan 31 12:44:20 2009	(r187954)
+++ stable/7/sys/netgraph/ng_iface.h	Sat Jan 31 12:48:09 2009	(r187955)
@@ -72,4 +72,7 @@ enum {
 	NGM_IFACE_GET_IFINDEX,
 };
 
+#define	MTAG_NGIF			NGM_IFACE_COOKIE
+#define	MTAG_NGIF_CALLED		0 | MTAG_PERSISTENT
+
 #endif /* _NETGRAPH_NG_IFACE_H_ */

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200901311248.n0VCm90N025084>