Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 20 Jan 2009 22:26:09 +0000 (UTC)
From:      Alexander Motin <mav@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r187495 - head/sys/netgraph
Message-ID:  <200901202226.n0KMQ9wI058610@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: mav
Date: Tue Jan 20 22:26:09 2009
New Revision: 187495
URL: http://svn.freebsd.org/changeset/base/187495

Log:
  Check for infinite recursion possible on some broken PPTP/L2TP/... VPN setups.
  Mark packets with mbuf_tag on first interface passage and drop on second.
  
  PR:		ports/129625, ports/125303,
  MFC after:	2 weeks

Modified:
  head/sys/netgraph/ng_iface.c
  head/sys/netgraph/ng_iface.h

Modified: head/sys/netgraph/ng_iface.c
==============================================================================
--- head/sys/netgraph/ng_iface.c	Tue Jan 20 22:17:05 2009	(r187494)
+++ head/sys/netgraph/ng_iface.c	Tue Jan 20 22:26:09 2009	(r187495)
@@ -356,6 +356,7 @@ static int
 ng_iface_output(struct ifnet *ifp, struct mbuf *m,
 		struct sockaddr *dst, struct rtentry *rt0)
 {
+	struct m_tag *mtag;
 	uint32_t af;
 	int error;
 
@@ -366,6 +367,23 @@ ng_iface_output(struct ifnet *ifp, struc
 		return (ENETDOWN);
 	}
 
+	/* Protect from deadly infinite recursion. */
+	while ((mtag = m_tag_locate(m, MTAG_NGIF, MTAG_NGIF_CALLED, NULL))) {
+		if (*(struct ifnet **)(mtag + 1) == ifp) {
+			log(LOG_NOTICE, "Loop detected on %s\n", ifp->if_xname);
+			m_freem(m);
+			return (EDEADLK);
+		}
+	}
+	mtag = m_tag_alloc(MTAG_NGIF, MTAG_NGIF_CALLED, sizeof(struct ifnet *),
+	    M_NOWAIT);
+	if (mtag == NULL) {
+		m_freem(m);
+		return (ENOMEM);
+	}
+	*(struct ifnet **)(mtag + 1) = ifp;
+	m_tag_prepend(m, mtag);
+
 	/* BPF writes need to be handled specially. */
 	if (dst->sa_family == AF_UNSPEC) {
 		bcopy(dst->sa_data, &af, sizeof(af));

Modified: head/sys/netgraph/ng_iface.h
==============================================================================
--- head/sys/netgraph/ng_iface.h	Tue Jan 20 22:17:05 2009	(r187494)
+++ head/sys/netgraph/ng_iface.h	Tue Jan 20 22:26:09 2009	(r187495)
@@ -72,4 +72,7 @@ enum {
 	NGM_IFACE_GET_IFINDEX,
 };
 
+#define	MTAG_NGIF			NGM_IFACE_COOKIE
+#define	MTAG_NGIF_CALLED		0 | MTAG_PERSISTENT
+
 #endif /* _NETGRAPH_NG_IFACE_H_ */

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200901202226.n0KMQ9wI058610>