From owner-cvs-all@FreeBSD.ORG Thu Feb 2 16:55:48 2006 Return-Path: X-Original-To: cvs-all@FreeBSD.org Delivered-To: cvs-all@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 40A7B16A423 for ; Thu, 2 Feb 2006 16:55:48 +0000 (GMT) (envelope-from csjp@FreeBSD.org) Received: from ems01.seccuris.com (ems01.seccuris.com [204.112.0.35]) by mx1.FreeBSD.org (Postfix) with SMTP id 39BBB43D45 for ; Thu, 2 Feb 2006 16:55:47 +0000 (GMT) (envelope-from csjp@FreeBSD.org) Received: (qmail 4482 invoked by uid 0); 2 Feb 2006 16:59:55 -0000 Received: from unknown (HELO ?192.168.11.101?) (unknown) by unknown with SMTP; 2 Feb 2006 16:59:55 -0000 Message-ID: <43E23991.4080108@FreeBSD.org> Date: Thu, 02 Feb 2006 10:55:45 -0600 From: "Christian S.J. Peron" User-Agent: Mozilla Thunderbird 1.0.7 (Macintosh/20050923) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Michal Mertl References: <200602020313.k123DGFl029834@repoman.freebsd.org> <1138898295.10021.0.camel@genius.i.cz> In-Reply-To: <1138898295.10021.0.camel@genius.i.cz> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Andrew Thompson , cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/net pfil.c pfil.h src/sys/netinet ip_fastfwd.c ip_fw2.c ip_input.c ip_output.c src/sys/netinet6 ip6_forward.c ip6_input.c ip6_output.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Feb 2006 16:55:48 -0000 Michal Mertl wrote: >Christian S.J. Peron wrote: > > >>csjp 2006-02-02 03:13:16 UTC >> >> FreeBSD src repository >> >> Modified files: >> sys/net pfil.c pfil.h >> sys/netinet ip_fastfwd.c ip_fw2.c ip_input.c >> ip_output.c >> sys/netinet6 ip6_forward.c ip6_input.c ip6_output.c >> Log: >>.... >> >> > >I think you broke if_bridge(4) and also debug kernel build. Patches for >both bugs are attached. > > >Michal > > >------------------------------------------------------------------------ > >Index: if_bridge.c >=================================================================== >RCS file: /home/fcvs/cvs/src/sys/net/if_bridge.c,v >retrieving revision 1.52 >diff -u -r1.52 if_bridge.c >--- if_bridge.c 31 Jan 2006 21:21:28 -0000 1.52 >+++ if_bridge.c 2 Feb 2006 12:30:37 -0000 >@@ -1531,9 +1531,9 @@ > return; > } > >- if (inet_pfil_hook.ph_busy_count >= 0 >+ if (PFIL_HOOKED(&inet_pfil_hook) > #ifdef INET6 >- || inet6_pfil_hook.ph_busy_count >= 0 >+ || PFIL_HOOKED(&inet6_pfil_hook) > #endif > ) { > if (bridge_pfil(&m, sc->sc_ifp, ifp, PFIL_OUT) != 0) >@@ -1800,9 +1800,9 @@ > } > > /* run the packet filter */ >- if (inet_pfil_hook.ph_busy_count >= 0 >+ if (PFIL_HOOKED(&inet_pfil_hook) > #ifdef INET6 >- || inet6_pfil_hook.ph_busy_count >= 0 >+ || PFIL_HOOKED(&inet6_pfil_hook) > #endif > ) { > BRIDGE_UNLOCK(sc); >@@ -1857,9 +1857,9 @@ > > BRIDGE_UNLOCK(sc); > >- if (inet_pfil_hook.ph_busy_count >= 0 >+ if (PFIL_HOOKED(&inet_pfil_hook) > #ifdef INET6 >- || inet6_pfil_hook.ph_busy_count >= 0 >+ || PFIL_HOOKED(&inet6_pfil_hook) > #endif > ) { > if (bridge_pfil(&m, sc->sc_ifp, dst_if, PFIL_OUT) != 0) >@@ -2055,9 +2055,10 @@ > } > > /* Filter on the bridge interface before broadcasting */ >- if (runfilt && (inet_pfil_hook.ph_busy_count >= 0 >+ if (runfilt && >+ (PFIL_HOOKED(&inet_pfil_hook) > #ifdef INET6 >- || inet6_pfil_hook.ph_busy_count >= 0 >+ || PFIL_HOOKED(&inet6_pfil_hook) > #endif > )) { > if (bridge_pfil(&m, sc->sc_ifp, NULL, PFIL_OUT) != 0) >@@ -2102,9 +2103,10 @@ > * pointer so we do not redundantly filter on the bridge for > * each interface we broadcast on. > */ >- if (runfilt && (inet_pfil_hook.ph_busy_count >= 0 >+ if (runfilt && >+ (PFIL_HOOKED(&inet_pfil_hook) > #ifdef INET6 >- || inet6_pfil_hook.ph_busy_count >= 0 >+ || PFIL_HOOKED(&inet6_pfil_hook) > #endif > )) { > if (bridge_pfil(&mc, NULL, dst_if, PFIL_OUT) != 0) > > >------------------------------------------------------------------------ > >Index: ip_fw2.c >=================================================================== >RCS file: /home/fcvs/cvs/src/sys/netinet/ip_fw2.c,v >retrieving revision 1.125 >diff -u -r1.125 ip_fw2.c >--- ip_fw2.c 2 Feb 2006 03:13:15 -0000 1.125 >+++ ip_fw2.c 2 Feb 2006 13:06:31 -0000 >@@ -1,5 +1,5 @@ > /*- >- * Copyright (c) 2002 Luigi Rizzo, Universita` di Pisa >+ * cOPYright (c) 2002 Luigi Rizzo, Universita` di Pisa > * > * Redistribution and use in source and binary forms, with or without > * modification, are permitted provided that the following conditions >@@ -139,7 +139,7 @@ > rw_init(&(_chain)->rwmtx, "IPFW static rules") > #define IPFW_LOCK_DESTROY(_chain) rw_destroy(&(_chain)->rwmtx) > #define IPFW_WLOCK_ASSERT(_chain) do { \ >- rw_assert(rw, RA_WLOCKED); \ >+ rw_assert(&(_chain)->rwmtx, RA_WLOCKED); \ > NET_ASSERT_GIANT(); \ > } while (0) > > > I must have missed the bridge stuff when I committed the PFIL_HOOKED macros, sorry for the inconvinience! -- Christian S.J. Peron csjp@FreeBSD.ORG FreeBSD Committer FreeBSD Security Team