Date: Wed, 12 Mar 2014 14:29:08 +0000 (UTC) From: Gleb Smirnoff <glebius@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r263091 - in head/sys: netinet netinet6 Message-ID: <201403121429.s2CET8Hh038762@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: glebius Date: Wed Mar 12 14:29:08 2014 New Revision: 263091 URL: http://svnweb.freebsd.org/changeset/base/263091 Log: Since both netinet/ and netinet6/ call into netipsec/ and netpfil/, the protocol specific mbuf flags are shared between them. - Move all M_FOO definitions into a single place: netinet/in6.h, to avoid future clashes. - Resolve clash between M_DECRYPTED and M_SKIP_FIREWALL which resulted in a failure of operation of IPSEC and packet filters. Thanks to Nicolas and Georgios for all the hard work on bisecting, testing and finally finding the root of the problem. PR: kern/186755 PR: kern/185876 In collaboration with: Georgios Amanakis <gamanakis gmail.com> In collaboration with: Nicolas DEFFAYET <nicolas-ml deffayet.com> Sponsored by: Nginx, Inc. Modified: head/sys/netinet/ip_input.c head/sys/netinet/ip_var.h head/sys/netinet6/in6.h head/sys/netinet6/ip6_var.h Modified: head/sys/netinet/ip_input.c ============================================================================== --- head/sys/netinet/ip_input.c Wed Mar 12 12:27:13 2014 (r263090) +++ head/sys/netinet/ip_input.c Wed Mar 12 14:29:08 2014 (r263091) @@ -702,6 +702,7 @@ ours: * ip_reass() will return a different mbuf. */ if (ip->ip_off & htons(IP_MF | IP_OFFMASK)) { + /* XXXGL: shouldn't we save & set m_flags? */ m = ip_reass(m); if (m == NULL) return; @@ -794,6 +795,8 @@ SYSCTL_PROC(_net_inet_ip, OID_AUTO, maxf NULL, 0, sysctl_maxnipq, "I", "Maximum number of IPv4 fragment reassembly queue entries"); +#define M_IP_FRAG M_PROTO9 + /* * Take incoming datagram fragment and try to reassemble it into * whole datagram. If the argument is the first fragment or one Modified: head/sys/netinet/ip_var.h ============================================================================== --- head/sys/netinet/ip_var.h Wed Mar 12 12:27:13 2014 (r263090) +++ head/sys/netinet/ip_var.h Wed Mar 12 14:29:08 2014 (r263091) @@ -162,15 +162,6 @@ void kmod_ipstat_dec(int statnum); #define IP_ROUTETOIF SO_DONTROUTE /* 0x10 bypass routing tables */ #define IP_ALLOWBROADCAST SO_BROADCAST /* 0x20 can send broadcast packets */ -/* - * IPv4 protocol layer specific mbuf flags. - */ -#define M_FASTFWD_OURS M_PROTO1 /* changed dst to local */ -#define M_IP_NEXTHOP M_PROTO2 /* explicit ip nexthop */ -#define M_SKIP_FIREWALL M_PROTO3 /* skip firewall processing, - keep in sync with IP6 */ -#define M_IP_FRAG M_PROTO4 /* fragment reassembly */ - #ifdef __NO_STRICT_ALIGNMENT #define IP_HDR_ALIGNED_P(ip) 1 #else Modified: head/sys/netinet6/in6.h ============================================================================== --- head/sys/netinet6/in6.h Wed Mar 12 12:27:13 2014 (r263090) +++ head/sys/netinet6/in6.h Wed Mar 12 14:29:08 2014 (r263091) @@ -622,13 +622,18 @@ struct ip6_mtuinfo { #endif /* __BSD_VISIBLE */ /* - * Redefinition of mbuf flags + * Since both netinet/ and netinet6/ call into netipsec/ and netpfil/, + * the protocol specific mbuf flags are shared between them. */ -#define M_AUTHIPHDR M_PROTO2 -#define M_DECRYPTED M_PROTO3 -#define M_LOOP M_PROTO4 -#define M_AUTHIPDGM M_PROTO5 -#define M_RTALERT_MLD M_PROTO6 +#define M_FASTFWD_OURS M_PROTO1 /* changed dst to local */ +#define M_IP6_NEXTHOP M_PROTO2 /* explicit ip nexthop */ +#define M_IP_NEXTHOP M_PROTO2 /* explicit ip nexthop */ +#define M_SKIP_FIREWALL M_PROTO3 /* skip firewall processing */ +#define M_AUTHIPHDR M_PROTO4 +#define M_DECRYPTED M_PROTO5 +#define M_LOOP M_PROTO6 +#define M_AUTHIPDGM M_PROTO7 +#define M_RTALERT_MLD M_PROTO8 #ifdef _KERNEL struct cmsghdr; Modified: head/sys/netinet6/ip6_var.h ============================================================================== --- head/sys/netinet6/ip6_var.h Wed Mar 12 12:27:13 2014 (r263090) +++ head/sys/netinet6/ip6_var.h Wed Mar 12 14:29:08 2014 (r263091) @@ -293,13 +293,6 @@ struct ip6aux { #define IPV6_FORWARDING 0x02 /* most of IPv6 header exists */ #define IPV6_MINMTU 0x04 /* use minimum MTU (IPV6_USE_MIN_MTU) */ -/* - * IPv6 protocol layer specific mbuf flags. - */ -#define M_IP6_NEXTHOP M_PROTO2 /* explicit ip nexthop */ -#define M_SKIP_FIREWALL M_PROTO3 /* skip firewall processing, - keep in sync with IPv4 */ - #ifdef __NO_STRICT_ALIGNMENT #define IP6_HDR_ALIGNED_P(ip) 1 #else
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201403121429.s2CET8Hh038762>