Date: Thu, 25 Dec 2008 11:32:38 +0000 (UTC) From: Robert Watson <rwatson@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r186493 - head/sys/kern Message-ID: <200812251132.mBPBWc4D012520@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rwatson Date: Thu Dec 25 11:32:38 2008 New Revision: 186493 URL: http://svn.freebsd.org/changeset/base/186493 Log: Following the recent security advisory, add a comment describing our invariants and approach for protocol switch methods in protsw_init(), and also some KASSERT's for non-domain init entries in protocol switch tables: pru_abort and pru_send must both be implemented. For now, leave those assertions #if 0'd, since there are a few protocols that violate them in non-harmful ways. Whether or not we should enforce pru_abort being implemented for non-stream protocols is an interesting question: currently abort is only invoked on stream sockets in situations where un-accepted sockets must be abruptly closed (i.e., close() on a listen socket with pending connections), but in principle it is useful for datagram sockets and most datagram socket types implement it. MFC after: 3 weeks Modified: head/sys/kern/uipc_domain.c Modified: head/sys/kern/uipc_domain.c ============================================================================== --- head/sys/kern/uipc_domain.c Thu Dec 25 10:18:35 2008 (r186492) +++ head/sys/kern/uipc_domain.c Thu Dec 25 11:32:38 2008 (r186493) @@ -110,6 +110,28 @@ protosw_init(struct protosw *pr) pr->pr_domain->dom_name, (int)(pr - pr->pr_domain->dom_protosw))); + /* + * Protocol switch methods fall into three categories: mandatory, + * mandatory but protosw_init() provides a default, and optional. + * + * For true protocols (i.e., pru_attach != NULL), KASSERT truly + * mandatory methods with no defaults, and initialize defaults for + * other mandatory methods if the protocol hasn't defined an + * implementation (NULL function pointer). + */ +#if 0 + if (pu->pru_attach != NULL) { + KASSERT(pu->pru_abort != NULL, + ("protosw_init: %ssw[%d] pru_abort NULL", + pr->pr_domain->dom_name, + (int)(pr - pr->pr_domain->dom_protosw))); + KASSERT(pu->pru_send != NULL, + ("protosw_init: %ssw[%d] pru_send NULL", + pr->pr_domain->dom_name, + (int)(pr - pr->pr_domain->dom_protosw))); + } +#endif + #define DEFAULT(foo, bar) if ((foo) == NULL) (foo) = (bar) DEFAULT(pu->pru_accept, pru_accept_notsupp); DEFAULT(pu->pru_bind, pru_bind_notsupp);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200812251132.mBPBWc4D012520>