Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 26 Sep 2016 10:28:54 -0300
From:      Renato Botelho <garga@FreeBSD.org>
To:        Kristof Provost <kp@FreeBSD.org>
Cc:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   Re: svn commit: r306289 - head/sys/net
Message-ID:  <625EA453-99E1-4A44-8810-99CAB2397662@FreeBSD.org>
In-Reply-To: <201609240709.u8O79hue048932@repo.freebsd.org>
References:  <201609240709.u8O79hue048932@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
> On 24 Sep 2016, at 04:09, Kristof Provost <kp@FreeBSD.org> wrote:
>=20
> Author: kp
> Date: Sat Sep 24 07:09:43 2016
> New Revision: 306289
> URL: https://svnweb.freebsd.org/changeset/base/306289
>=20
> Log:
>  bridge: Fix fragment handling and memory leak
>=20
>  Fragmented UDP and ICMP packets were corrupted if a firewall with =
reassembling
>  feature (like pf'scrub) is enabled on the bridge.  This patch fixes =
corrupted
>  packet problem and the panic (triggered easly with low RAM) as =
explain in PR
>  185633.
>=20
>  bridge_pfil and bridge_fragment relationship:
>=20
>  bridge_pfil() receive (IN direction) packets and sent it to the =
firewall The
>  firewall can be configured for reassembling fragmented packet (like =
pf'scrubing)
>  in one mbuf chain when bridge_pfil() need to send this reassembled =
packet to the
>  outgoing interface, it needs to re-fragment it by using =
bridge_fragment()
>  bridge_fragment() had to split this mbuf (using ip_fragment) first =
then
>  had to M_PREPEND each packet in the mbuf chain for adding Ethernet
>  header.
>=20
>  But M_PREPEND can sometime create a new mbuf on the begining of the =
mbuf chain,
>  then the "main" pointer of this mbuf chain should be updated and this =
case is
>  tottaly forgotten. The original bridge_fragment code (Revision =
158140,
>  2006 April 29) came from OpenBSD, and the call to bridge_enqueue was
>  embedded.  But on FreeBSD, bridge_enqueue() is done after =
bridge_fragment(),
>  then the original OpenBSD code can't work as-it of FreeBSD.
>=20
>  PR:		185633
>  Submitted by:	Olivier Cochard-Labb=C3=A9
>  Differential Revision:	https://reviews.freebsd.org/D7780


Kristof,

Do you hace plans to MFC it to stable/11 and stable/10?

--
Renato Botelho

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?625EA453-99E1-4A44-8810-99CAB2397662>