From owner-p4-projects@FreeBSD.ORG Wed Apr 16 13:18:24 2003 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 328F837B404; Wed, 16 Apr 2003 13:18:24 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C19E237B401 for ; Wed, 16 Apr 2003 13:18:23 -0700 (PDT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 64DEE43FE3 for ; Wed, 16 Apr 2003 13:18:23 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id h3GKIN0U004469 for ; Wed, 16 Apr 2003 13:18:23 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.6/8.12.6/Submit) id h3GKIMZt004466 for perforce@freebsd.org; Wed, 16 Apr 2003 13:18:22 -0700 (PDT) Date: Wed, 16 Apr 2003 13:18:22 -0700 (PDT) Message-Id: <200304162018.h3GKIMZt004466@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson To: Perforce Change Reviews Subject: PERFORCE change 29085 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Apr 2003 20:18:25 -0000 http://perforce.freebsd.org/chv.cgi?CH=29085 Change 29085 by rwatson@rwatson_tislabs on 2003/04/16 13:18:10 Since the introduction of TCP wait state reduction, tcp_twrespond() has pulled an mbuf from its hat without labeling it before sending, resulting in invariants violations in the MAC code. Add a commented out recommendation on how to address this, with some possible implementation (also commented out). Affected files ... .. //depot/projects/trustedbsd/mac/sys/netinet/tcp_subr.c#28 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/netinet/tcp_subr.c#28 (text+ko) ==== @@ -1683,6 +1683,18 @@ return (NULL); } +/* + * XXXMAC: Really, we need to pass in the mbuf we are responding to + * so that we have a label to assign to the outgoing packet here. + * Question: will one always be available? Should we pass in the + * socket in the twstart case? Perhaps: + * + * tcp_twrespond(struct tcptw *tw, struct socket *so, struct mbuf *m, + * int flags) + * + * Where one of the socket or mbuf must be non-NULL so as to provide + * a label. + */ int tcp_twrespond(struct tcptw *tw, int flags) { @@ -1703,6 +1715,15 @@ return (ENOBUFS); m->m_data += max_linkhdr; +#ifdef 0 +#ifdef MAC + if (so != NULL) + mac_create_mbuf_from_socket(so, m); + else + mac_create_mbuf_netlayer(msrc, m); +#endif +#endif + #ifdef INET6 if (isipv6) { hdrlen = sizeof(struct ip6_hdr) + sizeof(struct tcphdr);