Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 23 May 2012 22:14:42 +0200
From:      Daniel Hartmeier <daniel@benzedrine.cx>
To:        Joerg Pulz <Joerg.Pulz@frm2.tum.de>
Cc:        freebsd-pf@freebsd.org
Subject:   Re: kern/168190: [pf] panic when using pf and route-to (maybe: bad fragment handling?)
Message-ID:  <20120523201442.GG29536@insomnia.benzedrine.cx>
In-Reply-To: <201205231950.q4NJo4m1088701@freefall.freebsd.org>
References:  <201205231950.q4NJo4m1088701@freefall.freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, May 23, 2012 at 07:50:04PM +0000, Joerg Pulz wrote:

>  system was running for about a day with your patch with many users using 
>  it. It panic'ed some minutes ago.
>  System configuration is still the same, no other patches, no changed 
>  interface settings or removed/changed kernel options.
>  
>  Here is the kgdb(1) output with "m" and "ifp" listed.
>  I hope this helps to get closer to the source of the problem.
>  
>  Let me know if you need more output.

Great, that should bring us closer to the cause!

I'd say one of the pfil hooks is leaving the mbuf in the wrong byte
order.

You have ipfilter and ipfw compiled into the kernel, but are their
modules loaded?

I extended the patch to add more checks, in ipfilter and ipfw as well,
if you can run this up to another panic, we might clearly identify the
responsible hook.

I'll study the trace in the meantime, maybe more can be deduced already
:)

Kind regards,
Daniel


Index: sys/sys/mbuf.h
===================================================================
RCS file: /home/ncvs/src/sys/sys/mbuf.h,v
retrieving revision 1.242.2.1
diff -u -r1.242.2.1 mbuf.h
--- sys/sys/mbuf.h	23 Sep 2011 00:51:37 -0000	1.242.2.1
+++ sys/sys/mbuf.h	23 May 2012 06:50:14 -0000
@@ -824,6 +824,22 @@
 /* Compatibility with 4.3. */
 #define	m_copy(m, o, l)	m_copym((m), (o), (l), M_DONTWAIT)
 
+#define ASSERT_NET_BYTE_ORDER(m) do {					\
+	struct ip *ip = mtod((m), struct ip *);				\
+	if (ip->ip_len != htons(ip->ip_len) &&				\
+	    ip->ip_len == (m)->m_pkthdr.len)				\
+		panic("%s:%d ASSERT_NET_BYTE_ORDER %d %d", __func__,	\
+		    __LINE__, (int)ip->ip_len, (int)htons(ip->ip_len));	\
+} while(0)
+
+#define ASSERT_HOST_BYTE_ORDER(m) do {					\
+	struct ip *ip = mtod((m), struct ip *);				\
+	if (ip->ip_len != htons(ip->ip_len) &&				\
+	    ntohs(ip->ip_len) == (m)->m_pkthdr.len)			\
+		panic("%s:%d ASSERT_HOST_BYTE_ORDER %d %d", __func__,	\
+		    __LINE__, (int)ip->ip_len, (int)htons(ip->ip_len));	\
+} while(0)
+
 extern int		max_datalen;	/* MHLEN - max_hdr */
 extern int		max_hdr;	/* Largest link + protocol header */
 extern int		max_linkhdr;	/* Largest link-level header */
Index: sys/contrib/ipfilter/netinet/fil.c
===================================================================
RCS file: /home/ncvs/src/sys/contrib/ipfilter/netinet/fil.c,v
retrieving revision 1.57.4.1
diff -u -r1.57.4.1 fil.c
--- sys/contrib/ipfilter/netinet/fil.c	23 Sep 2011 00:51:37 -0000	1.57.4.1
+++ sys/contrib/ipfilter/netinet/fil.c	23 May 2012 13:49:39 -0000
@@ -2445,6 +2445,7 @@
 	fin->fin_qpi = qpi;
 # else /* MENTAT */
 
+	ASSERT_HOST_BYTE_ORDER(*mp);
 	m = *mp;
 
 #  if defined(M_MCAST)
@@ -2519,6 +2520,7 @@
 #endif
 	}
 
+	ASSERT_HOST_BYTE_ORDER(m);
 	if (fr_makefrip(hlen, ip, fin) == -1) {
 		pass = FR_BLOCK|FR_NOMATCH;
 		goto finished;
@@ -2784,6 +2786,8 @@
 		ip->ip_off = ntohs(ip->ip_off);
 	}
 # endif
+	if (*mp != NULL)
+		ASSERT_HOST_BYTE_ORDER(*mp);
 	return (FR_ISPASS(pass)) ? 0 : fin->fin_error;
 #else /* _KERNEL */
 	FR_VERBOSE(("fin_flx %#x pass %#x ", fin->fin_flx, pass));
@@ -2955,6 +2959,7 @@
 #ifdef	USE_INET6
 	if (IP_V(ip) == 4) {
 #endif
+		ASSERT_HOST_BYTE_ORDER(m);
 		hlen = IP_HL(ip) << 2;
 		slen = l3len - hlen;
 		sum = htons((u_short)l4proto);
Index: sys/contrib/ipfilter/netinet/ip_fil_freebsd.c
===================================================================
RCS file: /home/ncvs/src/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c,v
retrieving revision 1.20.4.1
diff -u -r1.20.4.1 ip_fil_freebsd.c
--- sys/contrib/ipfilter/netinet/ip_fil_freebsd.c	23 Sep 2011 00:51:37 -0000	1.20.4.1
+++ sys/contrib/ipfilter/netinet/ip_fil_freebsd.c	23 May 2012 06:33:23 -0000
@@ -183,6 +183,7 @@
 fr_check_wrapper(void *arg, struct mbuf **mp, struct ifnet *ifp, int dir)
 {
 	struct ip *ip = mtod(*mp, struct ip *);
+	ASSERT_HOST_BYTE_ORDER(*mp);
 	return fr_check(ip, ip->ip_hl << 2, ifp, (dir == PFIL_OUT), mp);
 }
 
Index: sys/contrib/pf/net/pf.c
===================================================================
RCS file: /home/ncvs/src/sys/contrib/pf/net/pf.c,v
retrieving revision 1.78.2.6
diff -u -r1.78.2.6 pf.c
--- sys/contrib/pf/net/pf.c	29 Feb 2012 09:47:26 -0000	1.78.2.6
+++ sys/contrib/pf/net/pf.c	23 May 2012 09:22:10 -0000
@@ -2560,6 +2560,7 @@
 	case AF_INET:
 #ifdef __FreeBSD__
 		/* icmp_error() expects host byte ordering */
+		ASSERT_NET_BYTE_ORDER(m0);
 		ip = mtod(m0, struct ip *);
 		NTOHS(ip->ip_len);
 		NTOHS(ip->ip_off);
@@ -5894,6 +5895,8 @@
 	    (dir != PF_IN && dir != PF_OUT) || oifp == NULL)
 		panic("pf_route: invalid parameters");
 
+	ASSERT_NET_BYTE_ORDER(*m);
+
 #ifdef __FreeBSD__
 	if (pd->pf_mtag->routed++ > 3) {
 #else
@@ -5977,6 +5980,7 @@
 
 	if (oifp != ifp) {
 #ifdef __FreeBSD__
+		ASSERT_NET_BYTE_ORDER(m0);
 		PF_UNLOCK();
 		if (pf_test(PF_OUT, ifp, &m0, NULL, NULL) != PF_PASS) {
 			PF_LOCK();
@@ -5998,6 +6002,7 @@
 			goto bad;
 		}
 		ip = mtod(m0, struct ip *);
+		ASSERT_NET_BYTE_ORDER(m0);
 	}
 
 #ifdef __FreeBSD__
@@ -6008,6 +6013,7 @@
 		/*
 		 * XXX: in_delayed_cksum assumes HBO for ip->ip_len (at least)
 		 */
+		ASSERT_NET_BYTE_ORDER(m0);
 		NTOHS(ip->ip_len);
 		NTOHS(ip->ip_off);	/* XXX: needed? */
 		in_delayed_cksum(m0);
@@ -6017,6 +6023,8 @@
 	}
 	m0->m_pkthdr.csum_flags &= ifp->if_hwassist;
 
+	ASSERT_NET_BYTE_ORDER(m0);
+
 	if (ntohs(ip->ip_len) <= ifp->if_mtu ||
 	    (ifp->if_hwassist & CSUM_FRAGMENT &&
 	    ((ip->ip_off & htons(IP_DF)) == 0))) {
@@ -6104,6 +6112,7 @@
 		if (r->rt != PF_DUPTO) {
 #ifdef __FreeBSD__
 			/* icmp_error() expects host byte ordering */
+			ASSERT_NET_BYTE_ORDER(m0);
 			NTOHS(ip->ip_len);
 			NTOHS(ip->ip_off);
 			PF_UNLOCK();
@@ -6124,6 +6133,7 @@
 	/*
 	 * XXX: is cheaper + less error prone than own function
 	 */
+	ASSERT_NET_BYTE_ORDER(m0);
 	NTOHS(ip->ip_len);
 	NTOHS(ip->ip_off);
 	error = ip_fragment(ip, &m0, ifp->if_mtu, ifp->if_hwassist, sw_csum);
@@ -6672,6 +6682,8 @@
 #endif /* DIAGNOSTIC */
 #endif
 
+	ASSERT_NET_BYTE_ORDER(m);
+
 	if (m->m_pkthdr.len < (int)sizeof(*h)) {
 		action = PF_DROP;
 		REASON_SET(&reason, PFRES_SHORT);
Index: sys/contrib/pf/net/pf_ioctl.c
===================================================================
RCS file: /home/ncvs/src/sys/contrib/pf/net/pf_ioctl.c,v
retrieving revision 1.50.2.4
diff -u -r1.50.2.4 pf_ioctl.c
--- sys/contrib/pf/net/pf_ioctl.c	29 Feb 2012 09:47:26 -0000	1.50.2.4
+++ sys/contrib/pf/net/pf_ioctl.c	22 May 2012 14:37:44 -0000
@@ -4121,6 +4121,7 @@
 
 	if ((*m)->m_pkthdr.len >= (int)sizeof(struct ip)) {
 		/* if m_pkthdr.len is less than ip header, pf will handle. */
+		ASSERT_HOST_BYTE_ORDER(*m);
 		h = mtod(*m, struct ip *);
 		HTONS(h->ip_len);
 		HTONS(h->ip_off);
@@ -4134,6 +4135,7 @@
 	}
 	if (*m != NULL) {
 		/* pf_test can change ip header location */
+		ASSERT_NET_BYTE_ORDER(*m);
 		h = mtod(*m, struct ip *);
 		NTOHS(h->ip_len);
 		NTOHS(h->ip_off);
@@ -4163,6 +4165,7 @@
 	}
 	if ((*m)->m_pkthdr.len >= (int)sizeof(*h)) {
 		/* if m_pkthdr.len is less than ip header, pf will handle. */
+		ASSERT_HOST_BYTE_ORDER(*m);
 		h = mtod(*m, struct ip *);
 		HTONS(h->ip_len);
 		HTONS(h->ip_off);
@@ -4176,6 +4179,7 @@
 	}
 	if (*m != NULL) {
 		/* pf_test can change ip header location */
+		ASSERT_NET_BYTE_ORDER(*m);
 		h = mtod(*m, struct ip *);
 		NTOHS(h->ip_len);
 		NTOHS(h->ip_off);
Index: sys/contrib/pf/net/pf_norm.c
===================================================================
RCS file: /home/ncvs/src/sys/contrib/pf/net/pf_norm.c,v
retrieving revision 1.21.2.2
diff -u -r1.21.2.2 pf_norm.c
--- sys/contrib/pf/net/pf_norm.c	29 Feb 2012 09:47:26 -0000	1.21.2.2
+++ sys/contrib/pf/net/pf_norm.c	22 May 2012 14:41:02 -0000
@@ -1190,6 +1190,8 @@
 	if (hlen < (int)sizeof(struct ip))
 		goto drop;
 
+	ASSERT_NET_BYTE_ORDER(m);
+
 	if (hlen > ntohs(h->ip_len))
 		goto drop;
 
Index: sys/net/if_bridge.c
===================================================================
RCS file: /home/ncvs/src/sys/net/if_bridge.c,v
retrieving revision 1.144.2.2
diff -u -r1.144.2.2 if_bridge.c
--- sys/net/if_bridge.c	17 Mar 2012 12:11:53 -0000	1.144.2.2
+++ sys/net/if_bridge.c	22 May 2012 14:44:14 -0000
@@ -3142,6 +3142,7 @@
 		 */
 		ip = mtod(*mp, struct ip *);
 
+		ASSERT_NET_BYTE_ORDER(*mp);
 		ip->ip_len = ntohs(ip->ip_len);
 		ip->ip_off = ntohs(ip->ip_off);
 
@@ -3195,6 +3196,7 @@
 			if (ip == NULL)
 				goto bad;
 		}
+		ASSERT_HOST_BYTE_ORDER(*mp);
 		ip->ip_len = htons(ip->ip_len);
 		ip->ip_off = htons(ip->ip_off);
 		ip->ip_sum = 0;
@@ -3332,6 +3334,7 @@
 	}
 
 	/* Retrieve the packet length. */
+	ASSERT_NET_BYTE_ORDER(m);
 	len = ntohs(ip->ip_len);
 
 	/*
Index: sys/net/if_enc.c
===================================================================
RCS file: /home/ncvs/src/sys/net/if_enc.c,v
retrieving revision 1.17.2.1
diff -u -r1.17.2.1 if_enc.c
--- sys/net/if_enc.c	23 Sep 2011 00:51:37 -0000	1.17.2.1
+++ sys/net/if_enc.c	22 May 2012 14:43:27 -0000
@@ -274,6 +274,7 @@
 			 * before calling the firewall, swap fields the same as
 			 * IP does. here we assume the header is contiguous
 			 */
+			ASSERT_NET_BYTE_ORDER(*mp);
 			ip->ip_len = ntohs(ip->ip_len);
 			ip->ip_off = ntohs(ip->ip_off);
 
@@ -284,6 +285,7 @@
 				break;
 
 			/* restore byte ordering */
+			ASSERT_HOST_BYTE_ORDER(*mp);
 			ip = mtod(*mp, struct ip *);
 			ip->ip_len = htons(ip->ip_len);
 			ip->ip_off = htons(ip->ip_off);
Index: sys/net/pfil.c
===================================================================
RCS file: /home/ncvs/src/sys/net/pfil.c,v
retrieving revision 1.19.2.1
diff -u -r1.19.2.1 pfil.c
--- sys/net/pfil.c	23 Sep 2011 00:51:37 -0000	1.19.2.1
+++ sys/net/pfil.c	22 May 2012 14:49:24 -0000
@@ -46,6 +46,8 @@
 
 #include <net/if.h>
 #include <net/pfil.h>
+#include <netinet/in.h>
+#include <netinet/ip.h>
 
 static struct mtx pfil_global_lock;
 
@@ -79,10 +81,12 @@
 	for (pfh = pfil_hook_get(dir, ph); pfh != NULL;
 	     pfh = TAILQ_NEXT(pfh, pfil_link)) {
 		if (pfh->pfil_func != NULL) {
+			ASSERT_HOST_BYTE_ORDER(m);
 			rv = (*pfh->pfil_func)(pfh->pfil_arg, &m, ifp, dir,
 			    inp);
 			if (rv != 0 || m == NULL)
 				break;
+			ASSERT_HOST_BYTE_ORDER(m);
 		}
 	}
 	PFIL_RUNLOCK(ph, &rmpt);
Index: sys/netgraph/ng_ipfw.c
===================================================================
RCS file: /home/ncvs/src/sys/netgraph/ng_ipfw.c,v
retrieving revision 1.21.2.1
diff -u -r1.21.2.1 ng_ipfw.c
--- sys/netgraph/ng_ipfw.c	23 Sep 2011 00:51:37 -0000	1.21.2.1
+++ sys/netgraph/ng_ipfw.c	23 May 2012 13:57:52 -0000
@@ -268,6 +268,7 @@
 		switch (ip->ip_v) {
 #ifdef INET
 		case IPVERSION:
+			ASSERT_NET_BYTE_ORDER(m);
 			SET_HOST_IPLEN(ip);
 			return (ip_output(m, NULL, NULL, IP_FORWARDING,
 			    NULL, NULL));
Index: sys/netinet/ip_divert.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ip_divert.c,v
retrieving revision 1.173.2.1
diff -u -r1.173.2.1 ip_divert.c
--- sys/netinet/ip_divert.c	23 Sep 2011 00:51:37 -0000	1.173.2.1
+++ sys/netinet/ip_divert.c	22 May 2012 14:27:15 -0000
@@ -207,6 +207,7 @@
 	    (m = m_pullup(m, sizeof(struct ip))) == 0)
 		return;
 	ip = mtod(m, struct ip *);
+	ASSERT_NET_BYTE_ORDER(m);
 
 	/* Delayed checksums are currently not compatible with divert. */
 	if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA) {
@@ -396,6 +397,7 @@
 			/* Convert fields to host order for ip_output() */
 			ip->ip_len = ntohs(ip->ip_len);
 			ip->ip_off = ntohs(ip->ip_off);
+			ASSERT_HOST_BYTE_ORDER(m);
 			break;
 #ifdef INET6
 		case IPV6_VERSION >> 4:
Index: sys/netinet/ip_fastfwd.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ip_fastfwd.c,v
retrieving revision 1.57.2.1
diff -u -r1.57.2.1 ip_fastfwd.c
--- sys/netinet/ip_fastfwd.c	23 Sep 2011 00:51:37 -0000	1.57.2.1
+++ sys/netinet/ip_fastfwd.c	22 May 2012 14:46:00 -0000
@@ -179,6 +179,7 @@
 
 	M_ASSERTVALID(m);
 	M_ASSERTPKTHDR(m);
+	ASSERT_NET_BYTE_ORDER(m);
 
 	bzero(&ro, sizeof(ro));
 
@@ -343,6 +344,7 @@
 	/*
 	 * Convert to host representation
 	 */
+	ASSERT_NET_BYTE_ORDER(m);
 	ip->ip_len = ntohs(ip->ip_len);
 	ip->ip_off = ntohs(ip->ip_off);
 
@@ -361,6 +363,7 @@
 
 	M_ASSERTVALID(m);
 	M_ASSERTPKTHDR(m);
+	ASSERT_HOST_BYTE_ORDER(m);
 
 	ip = mtod(m, struct ip *);	/* m may have changed by pfil hook */
 	dest.s_addr = ip->ip_dst.s_addr;
@@ -442,12 +445,14 @@
 	if (!PFIL_HOOKED(&V_inet_pfil_hook))
 		goto passout;
 
+	ASSERT_HOST_BYTE_ORDER(m);
 	if (pfil_run_hooks(&V_inet_pfil_hook, &m, ifp, PFIL_OUT, NULL) || m == NULL) {
 		goto drop;
 	}
 
 	M_ASSERTVALID(m);
 	M_ASSERTPKTHDR(m);
+	ASSERT_HOST_BYTE_ORDER(m);
 
 	ip = mtod(m, struct ip *);
 	dest.s_addr = ip->ip_dst.s_addr;
@@ -511,6 +516,7 @@
 		goto consumed;
 	}
 
+	ASSERT_HOST_BYTE_ORDER(m);
 #ifndef ALTQ
 	/*
 	 * Check if there is enough space in the interface queue
Index: sys/netinet/ip_icmp.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ip_icmp.c,v
retrieving revision 1.145.2.2
diff -u -r1.145.2.2 ip_icmp.c
--- sys/netinet/ip_icmp.c	19 Mar 2012 20:49:16 -0000	1.145.2.2
+++ sys/netinet/ip_icmp.c	22 May 2012 14:31:17 -0000
@@ -185,6 +185,7 @@
 	unsigned icmplen, icmpelen, nlen;
 
 	KASSERT((u_int)type <= ICMP_MAXTYPE, ("%s: illegal ICMP type", __func__));
+	ASSERT_HOST_BYTE_ORDER(n);
 #ifdef ICMPPRINTFS
 	if (icmpprintfs)
 		printf("icmp_error(%p, %x, %d)\n", oip, type, code);
@@ -336,6 +337,7 @@
 	void (*ctlfunc)(int, struct sockaddr *, void *);
 	int fibnum;
 
+	ASSERT_HOST_BYTE_ORDER(m);
 	/*
 	 * Locate icmp structure in mbuf, and check
 	 * that not corrupted and of at least minimum length.
@@ -866,6 +868,7 @@
 	register int hlen;
 	register struct icmp *icp;
 
+	ASSERT_HOST_BYTE_ORDER(m);
 	hlen = ip->ip_hl << 2;
 	m->m_data += hlen;
 	m->m_len -= hlen;
Index: sys/netinet/ip_input.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ip_input.c,v
retrieving revision 1.393.2.3
diff -u -r1.393.2.3 ip_input.c
--- sys/netinet/ip_input.c	19 Mar 2012 20:49:16 -0000	1.393.2.3
+++ sys/netinet/ip_input.c	22 May 2012 14:23:45 -0000
@@ -385,6 +385,7 @@
 	struct in_addr odst;			/* original dst address */
 
 	M_ASSERTPKTHDR(m);
+	ASSERT_NET_BYTE_ORDER(m);
 
 	if (m->m_flags & M_FASTFWD_OURS) {
 		/*
@@ -467,6 +468,7 @@
 		goto bad;
 	}
 	ip->ip_off = ntohs(ip->ip_off);
+	ASSERT_HOST_BYTE_ORDER(m);
 
 	/*
 	 * Check that the amount of data in the buffers
@@ -1371,6 +1373,7 @@
 	struct route ro;
 	int error, type = 0, code = 0, mtu = 0;
 
+	ASSERT_HOST_BYTE_ORDER(m);
 	if (m->m_flags & (M_BCAST|M_MCAST) || in_canforward(ip->ip_dst) == 0) {
 		IPSTAT_INC(ips_cantforward);
 		m_freem(m);
Index: sys/netinet/ip_ipsec.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ip_ipsec.c,v
retrieving revision 1.28.2.1
diff -u -r1.28.2.1 ip_ipsec.c
--- sys/netinet/ip_ipsec.c	23 Sep 2011 00:51:37 -0000	1.28.2.1
+++ sys/netinet/ip_ipsec.c	22 May 2012 14:25:41 -0000
@@ -346,6 +346,7 @@
 			(*m)->m_pkthdr.csum_flags &= ~CSUM_SCTP;
 		}
 #endif
+		ASSERT_HOST_BYTE_ORDER(*m);
 		ip->ip_len = htons(ip->ip_len);
 		ip->ip_off = htons(ip->ip_off);
 
Index: sys/netinet/ip_mroute.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ip_mroute.c,v
retrieving revision 1.161.2.2
diff -u -r1.161.2.2 ip_mroute.c
--- sys/netinet/ip_mroute.c	28 Mar 2012 12:45:35 -0000	1.161.2.2
+++ sys/netinet/ip_mroute.c	22 May 2012 14:32:54 -0000
@@ -1496,6 +1496,7 @@
     vifi_t vifi;
     int plen = ip->ip_len;
 
+    ASSERT_HOST_BYTE_ORDER(m);
     VIF_LOCK_ASSERT();
 
     /*
@@ -2375,6 +2376,8 @@
     struct mbuf *mb_copy = NULL;
     int mtu;
 
+    ASSERT_HOST_BYTE_ORDER(m);
+
     /* Take care of delayed checksums */
     if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA) {
 	in_delayed_cksum(m);
Index: sys/netinet/ip_output.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ip_output.c,v
retrieving revision 1.329.2.2
diff -u -r1.329.2.2 ip_output.c
--- sys/netinet/ip_output.c	10 Nov 2011 20:28:30 -0000	1.329.2.2
+++ sys/netinet/ip_output.c	22 May 2012 14:47:14 -0000
@@ -133,6 +133,7 @@
 	int no_route_but_check_spd = 0;
 #endif
 	M_ASSERTPKTHDR(m);
+	ASSERT_HOST_BYTE_ORDER(m);
 
 	if (inp != NULL) {
 		INP_LOCK_ASSERT(inp);
@@ -434,6 +435,8 @@
 		}
 	}
 
+	ASSERT_HOST_BYTE_ORDER(m);
+
 	/*
 	 * Verify that we have any chance at all of being able to queue the
 	 * packet or packet fragments, unless ALTQ is enabled on the given
@@ -505,6 +508,7 @@
 
 	/* Run through list of hooks for output packets. */
 	odst.s_addr = ip->ip_dst.s_addr;
+	ASSERT_HOST_BYTE_ORDER(m);
 	error = pfil_run_hooks(&V_inet_pfil_hook, &m, ifp, PFIL_OUT, inp);
 	if (error != 0 || m == NULL)
 		goto done;
@@ -596,6 +600,7 @@
 	 * If small enough for interface, or the interface will take
 	 * care of the fragmentation for us, we can just send directly.
 	 */
+	ASSERT_HOST_BYTE_ORDER(m);
 	if (ip->ip_len <= mtu ||
 	    (m->m_pkthdr.csum_flags & ifp->if_hwassist & CSUM_TSO) != 0 ||
 	    ((ip->ip_off & IP_DF) == 0 && (ifp->if_hwassist & CSUM_FRAGMENT))) {
@@ -628,6 +633,7 @@
 		 * to avoid confusing lower layers.
 		 */
 		m->m_flags &= ~(M_PROTOFLAGS);
+		ASSERT_NET_BYTE_ORDER(m);
 		error = (*ifp->if_output)(ifp, m,
 		    		(struct sockaddr *)dst, ro);
 		goto done;
@@ -716,6 +722,8 @@
 	if (len < 8)
 		return EMSGSIZE;
 
+	ASSERT_HOST_BYTE_ORDER(m0);
+
 	/*
 	 * If the interface will not calculate checksums on
 	 * fragmented packets, then do it here.
Index: sys/netinet/ipfw/ip_dn_io.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ipfw/ip_dn_io.c,v
retrieving revision 1.14.2.1
diff -u -r1.14.2.1 ip_dn_io.c
--- sys/netinet/ipfw/ip_dn_io.c	23 Sep 2011 00:51:37 -0000	1.14.2.1
+++ sys/netinet/ipfw/ip_dn_io.c	23 May 2012 06:26:56 -0000
@@ -650,6 +650,7 @@
 			tag->m_tag_id = 0;
 		}
 
+		ASSERT_NET_BYTE_ORDER(m);
 		switch (dst) {
 		case DIR_OUT:
 			SET_HOST_IPLEN(mtod(m, struct ip *));
Index: sys/netinet/ipfw/ip_fw2.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ipfw/ip_fw2.c,v
retrieving revision 1.66.2.5
diff -u -r1.66.2.5 ip_fw2.c
--- sys/netinet/ipfw/ip_fw2.c	23 Apr 2012 07:15:15 -0000	1.66.2.5
+++ sys/netinet/ipfw/ip_fw2.c	23 May 2012 06:26:04 -0000
@@ -942,6 +942,8 @@
 	if (m->m_flags & M_SKIP_FIREWALL || (! V_ipfw_vnet_ready))
 		return (IP_FW_PASS);	/* accept */
 
+	ASSERT_NET_BYTE_ORDER(m);
+
 	dst_ip.s_addr = 0;		/* make sure it is initialized */
 	src_ip.s_addr = 0;		/* make sure it is initialized */
 	pktlen = m->m_pkthdr.len;
@@ -2411,6 +2413,7 @@
 				 * ip_reass() expects len & off in host
 				 * byte order.
 				 */
+				ASSERT_NET_BYTE_ORDER(m);
 				SET_HOST_IPLEN(ip);
 
 				args->m = m = ip_reass(m);
@@ -2433,6 +2436,7 @@
 					ip->ip_sum = in_cksum(m, hlen);
 				    retval = IP_FW_REASS;
 				    set_match(args, f_pos, chain);
+				    ASSERT_NET_BYTE_ORDER(m);
 				}
 				done = 1;	/* exit outer loop */
 				break;
Index: sys/netinet/ipfw/ip_fw_pfil.c
===================================================================
RCS file: /home/ncvs/src/sys/netinet/ipfw/ip_fw_pfil.c,v
retrieving revision 1.24.2.3
diff -u -r1.24.2.3 ip_fw_pfil.c
--- sys/netinet/ipfw/ip_fw_pfil.c	6 Nov 2011 17:31:57 -0000	1.24.2.3
+++ sys/netinet/ipfw/ip_fw_pfil.c	23 May 2012 13:30:55 -0000
@@ -110,6 +110,7 @@
 	int ipfw;
 	int ret;
 
+	ASSERT_HOST_BYTE_ORDER(*m0);
 	/* all the processing now uses ip_len in net format */
 	if (mtod(*m0, struct ip *)->ip_v == 4)
 		SET_NET_IPLEN(mtod(*m0, struct ip *));
@@ -119,6 +120,7 @@
 	bzero(&args, sizeof(args));
 
 again:
+	ASSERT_NET_BYTE_ORDER(*m0);
 	/*
 	 * extract and remove the tag if present. If we are left
 	 * with onepass, optimize the outgoing path.
@@ -130,6 +132,7 @@
 		if (args.rule.info & IPFW_ONEPASS) {
 			if (mtod(*m0, struct ip *)->ip_v == 4)
 				SET_HOST_IPLEN(mtod(*m0, struct ip *));
+			ASSERT_HOST_BYTE_ORDER(*m0);
 			return (0);
 		}
 	}
@@ -273,8 +276,10 @@
 			FREE_PKT(*m0);
 		*m0 = NULL;
 	}
-	if (*m0 && mtod(*m0, struct ip *)->ip_v == 4)
+	if (*m0 && mtod(*m0, struct ip *)->ip_v == 4) {
 		SET_HOST_IPLEN(mtod(*m0, struct ip *));
+		ASSERT_HOST_BYTE_ORDER(*m0);
+	}
 	return ret;
 }
 
@@ -292,6 +297,7 @@
 	struct ip *ip = mtod(*m0, struct ip *);
 	struct m_tag *tag;
 
+	ASSERT_NET_BYTE_ORDER(*m0);
 	/* Cloning needed for tee? */
 	if (tee == 0) {
 		clone = *m0;	/* use the original mbuf */
Index: sys/netipsec/ipsec_output.c
===================================================================
RCS file: /home/ncvs/src/sys/netipsec/ipsec_output.c,v
retrieving revision 1.33.2.2
diff -u -r1.33.2.2 ipsec_output.c
--- sys/netipsec/ipsec_output.c	29 Feb 2012 09:47:26 -0000	1.33.2.2
+++ sys/netipsec/ipsec_output.c	23 May 2012 14:03:44 -0000
@@ -205,6 +205,7 @@
 		ip = mtod(m, struct ip *);
 		ip->ip_len = ntohs(ip->ip_len);
 		ip->ip_off = ntohs(ip->ip_off);
+		ASSERT_HOST_BYTE_ORDER(m);
 
 #ifdef IPSEC_NAT_T
 		/*
Index: sys/netipsec/xform_ah.c
===================================================================
RCS file: /home/ncvs/src/sys/netipsec/xform_ah.c,v
retrieving revision 1.28.2.1
diff -u -r1.28.2.1 xform_ah.c
--- sys/netipsec/xform_ah.c	23 Sep 2011 00:51:37 -0000	1.28.2.1
+++ sys/netipsec/xform_ah.c	23 May 2012 14:05:17 -0000
@@ -322,6 +322,7 @@
 			else
 				ip->ip_off = 0;
 		}
+		ASSERT_NET_BYTE_ORDER(m);
 
 		ptr = mtod(m, unsigned char *) + sizeof(struct ip);
 



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120523201442.GG29536>