Date: Tue, 9 Mar 2021 08:54:01 GMT From: "Andrey V. Elsukov" <ae@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: fb827e006cec - stable/12 - ipfw: add IPv6 support for sockarg opcode. Message-ID: <202103090854.1298s10E057232@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/12 has been updated by ae: URL: https://cgit.FreeBSD.org/src/commit/?id=fb827e006cec095cbbec1811c9fb27722e76c6f6 commit fb827e006cec095cbbec1811c9fb27722e76c6f6 Author: Andrey V. Elsukov <ae@FreeBSD.org> AuthorDate: 2021-03-02 09:45:59 +0000 Commit: Andrey V. Elsukov <ae@FreeBSD.org> CommitDate: 2021-03-09 08:52:19 +0000 ipfw: add IPv6 support for sockarg opcode. Sponsored by: Yandex LLC (cherry picked from commit a9f7eba9597189c0e438f6986067d31dca1c53b0) --- sys/netpfil/ipfw/ip_fw2.c | 44 ++++++++++++++++++++++++++------------------ 1 file changed, 26 insertions(+), 18 deletions(-) diff --git a/sys/netpfil/ipfw/ip_fw2.c b/sys/netpfil/ipfw/ip_fw2.c index f639a3bfabbd..9d60b446dc73 100644 --- a/sys/netpfil/ipfw/ip_fw2.c +++ b/sys/netpfil/ipfw/ip_fw2.c @@ -2587,9 +2587,7 @@ do { \ #ifndef USERSPACE /* not supported in userspace */ struct inpcb *inp = args->inp; struct inpcbinfo *pi; - - if (is_ipv6) /* XXX can we remove this ? */ - break; + bool inp_locked = false; if (proto == IPPROTO_TCP) pi = &V_tcbinfo; @@ -2605,27 +2603,37 @@ do { \ * certainly be inp_user_cookie? */ - /* For incoming packet, lookup up the - inpcb using the src/dest ip/port tuple */ - if (inp == NULL) { - inp = in_pcblookup(pi, - src_ip, htons(src_port), - dst_ip, htons(dst_port), - INPLOOKUP_RLOCKPCB, NULL); - if (inp != NULL) { - tablearg = - inp->inp_socket->so_user_cookie; - if (tablearg) - match = 1; - INP_RUNLOCK(inp); - } - } else { + /* + * For incoming packet lookup the inpcb + * using the src/dest ip/port tuple. + */ + if (is_ipv4 && inp == NULL) { + inp = in_pcblookup(pi, + src_ip, htons(src_port), + dst_ip, htons(dst_port), + INPLOOKUP_RLOCKPCB, NULL); + inp_locked = true; + } +#ifdef INET6 + if (is_ipv6 && inp == NULL) { + inp = in6_pcblookup(pi, + &args->f_id.src_ip6, + htons(src_port), + &args->f_id.dst_ip6, + htons(dst_port), + INPLOOKUP_RLOCKPCB, NULL); + inp_locked = true; + } +#endif /* INET6 */ + if (inp != NULL) { if (inp->inp_socket) { tablearg = inp->inp_socket->so_user_cookie; if (tablearg) match = 1; } + if (inp_locked) + INP_RUNLOCK(inp); } #endif /* !USERSPACE */ break;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202103090854.1298s10E057232>