From owner-svn-src-head@FreeBSD.ORG Sun Apr 19 22:34:35 2009 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D00561065670; Sun, 19 Apr 2009 22:34:35 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id BE7258FC0A; Sun, 19 Apr 2009 22:34:35 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n3JMYZHT022514; Sun, 19 Apr 2009 22:34:35 GMT (envelope-from rwatson@svn.freebsd.org) Received: (from rwatson@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n3JMYZYa022513; Sun, 19 Apr 2009 22:34:35 GMT (envelope-from rwatson@svn.freebsd.org) Message-Id: <200904192234.n3JMYZYa022513@svn.freebsd.org> From: Robert Watson Date: Sun, 19 Apr 2009 22:34:35 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r191288 - head/sys/netinet X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Apr 2009 22:34:36 -0000 Author: rwatson Date: Sun Apr 19 22:34:35 2009 New Revision: 191288 URL: http://svn.freebsd.org/changeset/base/191288 Log: Lock the interface address list when searching for a matching interface by address, or when implementing 'me' rules on IPv6. Prefer the field name if_addrhead to the macro if_addrlist. MFC after: 2 weeks Modified: head/sys/netinet/ip_fw2.c Modified: head/sys/netinet/ip_fw2.c ============================================================================== --- head/sys/netinet/ip_fw2.c Sun Apr 19 22:29:16 2009 (r191287) +++ head/sys/netinet/ip_fw2.c Sun Apr 19 22:34:35 2009 (r191288) @@ -480,14 +480,17 @@ iface_match(struct ifnet *ifp, ipfw_insn } else { struct ifaddr *ia; - /* XXX lock? */ + IF_ADDR_LOCK(ifp); TAILQ_FOREACH(ia, &ifp->if_addrhead, ifa_link) { if (ia->ifa_addr->sa_family != AF_INET) continue; if (cmd->p.ip.s_addr == ((struct sockaddr_in *) - (ia->ifa_addr))->sin_addr.s_addr) + (ia->ifa_addr))->sin_addr.s_addr) { + IF_ADDR_UNLOCK(ifp); return(1); /* match */ + } } + IF_ADDR_UNLOCK(ifp); } return(0); /* no match, fail ... */ } @@ -589,17 +592,22 @@ search_ip6_addr_net (struct in6_addr * i struct in6_ifaddr *fdm; struct in6_addr copia; - TAILQ_FOREACH(mdc, &V_ifnet, if_link) - TAILQ_FOREACH(mdc2, &mdc->if_addrlist, ifa_list) { + TAILQ_FOREACH(mdc, &V_ifnet, if_link) { + IF_ADDR_LOCK(mdc); + TAILQ_FOREACH(mdc2, &mdc->if_addrhead, ifa_list) { if (mdc2->ifa_addr->sa_family == AF_INET6) { fdm = (struct in6_ifaddr *)mdc2; copia = fdm->ia_addr.sin6_addr; /* need for leaving scope_id in the sock_addr */ in6_clearscope(&copia); - if (IN6_ARE_ADDR_EQUAL(ip6_addr, &copia)) + if (IN6_ARE_ADDR_EQUAL(ip6_addr, &copia)) { + IF_ADDR_UNLOCK(mdc); return 1; + } } } + IF_ADDR_UNLOCK(mdc); + } return 0; }