d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix unintended KBI change from r264905. Add _fib versions of

Browse Source 
ifa_ifwithnet() and ifa_ifwithdstaddr()  The legacy functions will call the
_fib() versions with RT_ALL_FIBS, preserving legacy behavior.

sys/net/if_var.h
sys/net/if.c
	Add legacy-compatible functions as described above.  Ensure legacy
	behavior when RT_ALL_FIBS is passed as fibnum.

sys/netinet/in_pcb.c
sys/netinet/ip_output.c
sys/netinet/ip_options.c
sys/net/route.c
sys/net/rtsock.c
sys/netinet6/nd6.c
	Call with _fib() functions if we must use a specific fib, or the
	legacy functions otherwise.

tests/sys/netinet/fibs_test.sh
tests/sys/netinet/udp_dontroute.c
	Improve the udp_dontroute test.  The bug that this test exercises is
	that ifa_ifwithnet() will return the wrong address, if multiple
	interfaces have addresses on the same subnet but with different
	fibs.  The previous version of the test only considered one possible
	failure mode: that ifa_ifwithnet_fib() might fail to find any
	suitable address at all.  The new version also checks whether
	ifa_ifwithnet_fib() finds the correct address by checking where the
	ARP request goes.

Reported by:	bz, hrs
Reviewed by:	hrs
MFC after:	1 week
X-MFC-with:	264905
Sponsored by:	Spectra Logic
This commit is contained in:
Alan Somers 2014-05-29 21:03:49 +00:00
parent da4d5bb79b
commit 2f308a343f
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=266860
10 changed files with 92 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
sys/net/if.c
View File

@ -1650,7 +1650,7 @@ ifa_ifwithbroadaddr(struct sockaddr *addr)
*/ */
/*ARGSUSED*/ /*ARGSUSED*/
struct ifaddr * struct ifaddr *
ifa_ifwithdstaddr(struct sockaddr *addr, int fibnum) ifa_ifwithdstaddr_fib(struct sockaddr *addr, int fibnum)
{ {
struct ifnet *ifp; struct ifnet *ifp;
struct ifaddr *ifa; struct ifaddr *ifa;
@ -1659,7 +1659,7 @@ ifa_ifwithdstaddr(struct sockaddr *addr, int fibnum)
TAILQ_FOREACH(ifp, &V_ifnet, if_link) { TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
if ((ifp->if_flags & IFF_POINTOPOINT) == 0) if ((ifp->if_flags & IFF_POINTOPOINT) == 0)
continue; continue;
if ((ifp->if_fib != fibnum)) if ((fibnum != RT_ALL_FIBS) && (ifp->if_fib != fibnum))
continue; continue;
IF_ADDR_RLOCK(ifp); IF_ADDR_RLOCK(ifp);
TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
@ -1680,12 +1680,19 @@ ifa_ifwithdstaddr(struct sockaddr *addr, int fibnum)
return (ifa); return (ifa);
} }
struct ifaddr *
ifa_ifwithdstaddr(struct sockaddr *addr)
{
return (ifa_ifwithdstaddr_fib(addr, RT_ALL_FIBS));
}
/* /*
* Find an interface on a specific network. If many, choice * Find an interface on a specific network. If many, choice
* is most specific found. * is most specific found.
*/ */
struct ifaddr * struct ifaddr *
ifa_ifwithnet(struct sockaddr *addr, int ignore_ptp, int fibnum) ifa_ifwithnet_fib(struct sockaddr *addr, int ignore_ptp, int fibnum)
{ {
struct ifnet *ifp; struct ifnet *ifp;
struct ifaddr *ifa; struct ifaddr *ifa;
@ -1711,7 +1718,7 @@ ifa_ifwithnet(struct sockaddr *addr, int ignore_ptp, int fibnum)
*/ */
IFNET_RLOCK_NOSLEEP(); IFNET_RLOCK_NOSLEEP();
TAILQ_FOREACH(ifp, &V_ifnet, if_link) { TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
if (ifp->if_fib != fibnum) if ((fibnum != RT_ALL_FIBS) && (ifp->if_fib != fibnum))
continue; continue;
IF_ADDR_RLOCK(ifp); IF_ADDR_RLOCK(ifp);
TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
@ -1796,6 +1803,13 @@ next: continue;
return (ifa); return (ifa);
} }
struct ifaddr *
ifa_ifwithnet(struct sockaddr *addr, int ignore_ptp)
{
return (ifa_ifwithnet_fib(addr, ignore_ptp, RT_ALL_FIBS));
}
/* /*
* Find an interface address specific to an interface best matching * Find an interface address specific to an interface best matching
* a given address. * a given address.

6
sys/net/if_var.h
View File

@ -495,8 +495,10 @@ int ifa_switch_loopback_route(struct ifaddr *, struct sockaddr *, int fib);
struct ifaddr *ifa_ifwithaddr(struct sockaddr *); struct ifaddr *ifa_ifwithaddr(struct sockaddr *);
int ifa_ifwithaddr_check(struct sockaddr *); int ifa_ifwithaddr_check(struct sockaddr *);
struct ifaddr *ifa_ifwithbroadaddr(struct sockaddr *); struct ifaddr *ifa_ifwithbroadaddr(struct sockaddr *);
struct ifaddr *ifa_ifwithdstaddr(struct sockaddr *, int); struct ifaddr *ifa_ifwithdstaddr(struct sockaddr *);
struct ifaddr *ifa_ifwithnet(struct sockaddr *, int, int); struct ifaddr *ifa_ifwithdstaddr_fib(struct sockaddr *, int);
struct ifaddr *ifa_ifwithnet(struct sockaddr *, int);
struct ifaddr *ifa_ifwithnet_fib(struct sockaddr *, int, int);
struct ifaddr *ifa_ifwithroute(int, struct sockaddr *, struct sockaddr *); struct ifaddr *ifa_ifwithroute(int, struct sockaddr *, struct sockaddr *);
struct ifaddr *ifa_ifwithroute_fib(int, struct sockaddr *, struct sockaddr *, u_int); struct ifaddr *ifa_ifwithroute_fib(int, struct sockaddr *, struct sockaddr *, u_int);
struct ifaddr *ifaof_ifpforaddr(struct sockaddr *, struct ifnet *); struct ifaddr *ifaof_ifpforaddr(struct sockaddr *, struct ifnet *);

10
sys/net/route.c
View File

@ -573,7 +573,7 @@ rtredirect_fib(struct sockaddr *dst,
} }
/* verify the gateway is directly reachable */ /* verify the gateway is directly reachable */
if ((ifa = ifa_ifwithnet(gateway, 0, fibnum)) == NULL) { if ((ifa = ifa_ifwithnet_fib(gateway, 0, fibnum)) == NULL) {
error = ENETUNREACH; error = ENETUNREACH;
goto out; goto out;
} }
@ -730,7 +730,7 @@ ifa_ifwithroute_fib(int flags, struct sockaddr *dst, struct sockaddr *gateway,
*/ */
ifa = NULL; ifa = NULL;
if (flags & RTF_HOST) if (flags & RTF_HOST)
ifa = ifa_ifwithdstaddr(dst, fibnum); ifa = ifa_ifwithdstaddr_fib(dst, fibnum);
if (ifa == NULL) if (ifa == NULL)
ifa = ifa_ifwithaddr(gateway); ifa = ifa_ifwithaddr(gateway);
} else { } else {
@ -739,10 +739,10 @@ ifa_ifwithroute_fib(int flags, struct sockaddr *dst, struct sockaddr *gateway,
* or host, the gateway may still be on the * or host, the gateway may still be on the
* other end of a pt to pt link. * other end of a pt to pt link.
*/ */
ifa = ifa_ifwithdstaddr(gateway, fibnum); ifa = ifa_ifwithdstaddr_fib(gateway, fibnum);
} }
if (ifa == NULL) if (ifa == NULL)
ifa = ifa_ifwithnet(gateway, 0, fibnum); ifa = ifa_ifwithnet_fib(gateway, 0, fibnum);
if (ifa == NULL) { if (ifa == NULL) {
struct rtentry *rt = rtalloc1_fib(gateway, 0, RTF_RNH_LOCKED, fibnum); struct rtentry *rt = rtalloc1_fib(gateway, 0, RTF_RNH_LOCKED, fibnum);
if (rt == NULL) if (rt == NULL)
@ -856,7 +856,7 @@ rt_getifa_fib(struct rt_addrinfo *info, u_int fibnum)
*/ */
if (info->rti_ifp == NULL && ifpaddr != NULL && if (info->rti_ifp == NULL && ifpaddr != NULL &&
ifpaddr->sa_family == AF_LINK && ifpaddr->sa_family == AF_LINK &&
(ifa = ifa_ifwithnet(ifpaddr, 0, fibnum)) != NULL) { (ifa = ifa_ifwithnet_fib(ifpaddr, 0, fibnum)) != NULL) {
info->rti_ifp = ifa->ifa_ifp; info->rti_ifp = ifa->ifa_ifp;
ifa_free(ifa); ifa_free(ifa);
} }

3
sys/net/rtsock.c
View File

@ -752,8 +752,7 @@ route_output(struct mbuf *m, struct socket *so)
rt->rt_ifp->if_type == IFT_PROPVIRTUAL) { rt->rt_ifp->if_type == IFT_PROPVIRTUAL) {
struct ifaddr *ifa; struct ifaddr *ifa;
ifa = ifa_ifwithnet(info.rti_info[RTAX_DST], 1, ifa = ifa_ifwithnet(info.rti_info[RTAX_DST], 1);
RT_DEFAULT_FIB);
if (ifa != NULL) if (ifa != NULL)
rt_maskedcopy(ifa->ifa_addr, rt_maskedcopy(ifa->ifa_addr,
&laddr, &laddr,

11
sys/netinet/in_pcb.c
View File

@ -745,11 +745,9 @@ in_pcbladdr(struct inpcb *inp, struct in_addr *faddr, struct in_addr *laddr,
struct in_ifaddr *ia; struct in_ifaddr *ia;
struct ifnet *ifp; struct ifnet *ifp;
ia = ifatoia(ifa_ifwithdstaddr((struct sockaddr *)sin, ia = ifatoia(ifa_ifwithdstaddr((struct sockaddr *)sin));
RT_DEFAULT_FIB));
if (ia == NULL) if (ia == NULL)
ia = ifatoia(ifa_ifwithnet((struct sockaddr *)sin, 0, ia = ifatoia(ifa_ifwithnet((struct sockaddr *)sin, 0));
RT_DEFAULT_FIB));
if (ia == NULL) { if (ia == NULL) {
error = ENETUNREACH; error = ENETUNREACH;
goto done; goto done;
@ -864,10 +862,9 @@ in_pcbladdr(struct inpcb *inp, struct in_addr *faddr, struct in_addr *laddr,
sain.sin_len = sizeof(struct sockaddr_in); sain.sin_len = sizeof(struct sockaddr_in);
sain.sin_addr.s_addr = faddr->s_addr; sain.sin_addr.s_addr = faddr->s_addr;
ia = ifatoia(ifa_ifwithdstaddr(sintosa(&sain), RT_DEFAULT_FIB)); ia = ifatoia(ifa_ifwithdstaddr(sintosa(&sain)));
if (ia == NULL) if (ia == NULL)
ia = ifatoia(ifa_ifwithnet(sintosa(&sain), 0, ia = ifatoia(ifa_ifwithnet(sintosa(&sain), 0));
RT_DEFAULT_FIB));
if (ia == NULL) if (ia == NULL)
ia = ifatoia(ifa_ifwithaddr(sintosa(&sain))); ia = ifatoia(ifa_ifwithaddr(sintosa(&sain)));

7
sys/netinet/ip_options.c
View File

@ -227,11 +227,8 @@ ip_dooptions(struct mbuf *m, int pass)
if (opt == IPOPT_SSRR) { if (opt == IPOPT_SSRR) {
#define INA struct in_ifaddr * #define INA struct in_ifaddr *
#define SA struct sockaddr * #define SA struct sockaddr *
if ((ia = (INA)ifa_ifwithdstaddr((SA)&ipaddr, if ((ia = (INA)ifa_ifwithdstaddr((SA)&ipaddr)) == NULL)
RT_DEFAULT_FIB)) == NULL) { ia = (INA)ifa_ifwithnet((SA)&ipaddr, 0);
ia = (INA)ifa_ifwithnet((SA)&ipaddr, 0,
RT_DEFAULT_FIB);
}
} else } else
/* XXX MRT 0 for routing */ /* XXX MRT 0 for routing */
ia = ip_rtaddr(ipaddr.sin_addr, M_GETFIB(m)); ia = ip_rtaddr(ipaddr.sin_addr, M_GETFIB(m));

9
sys/netinet/ip_output.c
View File

@ -233,8 +233,7 @@ ip_output(struct mbuf *m, struct mbuf *opt, struct route *ro, int flags,
*/ */
if (flags & IP_SENDONES) { if (flags & IP_SENDONES) {
if ((ia = ifatoia(ifa_ifwithbroadaddr(sintosa(dst)))) == NULL && if ((ia = ifatoia(ifa_ifwithbroadaddr(sintosa(dst)))) == NULL &&
(ia = ifatoia(ifa_ifwithdstaddr(sintosa(dst), (ia = ifatoia(ifa_ifwithdstaddr(sintosa(dst)))) == NULL) {
RT_DEFAULT_FIB))) == NULL) {
IPSTAT_INC(ips_noroute); IPSTAT_INC(ips_noroute);
error = ENETUNREACH; error = ENETUNREACH;
goto bad; goto bad;
@ -245,10 +244,8 @@ ip_output(struct mbuf *m, struct mbuf *opt, struct route *ro, int flags,
ip->ip_ttl = 1; ip->ip_ttl = 1;
isbroadcast = 1; isbroadcast = 1;
} else if (flags & IP_ROUTETOIF) { } else if (flags & IP_ROUTETOIF) {
if ((ia = ifatoia(ifa_ifwithdstaddr(sintosa(dst), if ((ia = ifatoia(ifa_ifwithdstaddr(sintosa(dst)))) == NULL &&
RT_DEFAULT_FIB))) == NULL && (ia = ifatoia(ifa_ifwithnet(sintosa(dst), 0))) == NULL) {
(ia = ifatoia(ifa_ifwithnet(sintosa(dst), 0,
RT_DEFAULT_FIB))) == NULL) {
IPSTAT_INC(ips_noroute); IPSTAT_INC(ips_noroute);
error = ENETUNREACH; error = ENETUNREACH;
goto bad; goto bad;

2
sys/netinet6/nd6.c
View File

@ -945,7 +945,7 @@ nd6_is_new_addr_neighbor(struct sockaddr_in6 *addr, struct ifnet *ifp)
* If the address is assigned on the node of the other side of * If the address is assigned on the node of the other side of
* a p2p interface, the address should be a neighbor. * a p2p interface, the address should be a neighbor.
*/ */
dstaddr = ifa_ifwithdstaddr((struct sockaddr *)addr, RT_DEFAULT_FIB); dstaddr = ifa_ifwithdstaddr((struct sockaddr *)addr);
if (dstaddr != NULL) { if (dstaddr != NULL) {
if (dstaddr->ifa_ifp == ifp) { if (dstaddr->ifa_ifp == ifp) {
ifa_free(dstaddr); ifa_free(dstaddr);

28
tests/sys/netinet/fibs_test.sh
View File

@ -369,25 +369,38 @@ udp_dontroute_body()
atf_expect_fail "kern/187553 Source address selection for UDP packets with SO_DONTROUTE uses the default FIB" atf_expect_fail "kern/187553 Source address selection for UDP packets with SO_DONTROUTE uses the default FIB"
# Configure the TAP interface to use an RFC5737 nonrouteable address # Configure the TAP interface to use an RFC5737 nonrouteable address
# and a non-default fib # and a non-default fib
ADDR="192.0.2.2" ADDR0="192.0.2.2"
ADDR1="192.0.2.3"
SUBNET="192.0.2.0" SUBNET="192.0.2.0"
MASK="24" MASK="24"
# Use a different IP on the same subnet as the target # Use a different IP on the same subnet as the target
TARGET="192.0.2.100" TARGET="192.0.2.100"
SRCDIR=`atf_get_srcdir`
# Check system configuration # Check system configuration
if [ 0 != `sysctl -n net.add_addr_allfibs` ]; then if [ 0 != `sysctl -n net.add_addr_allfibs` ]; then
atf_skip "This test requires net.add_addr_allfibs=0" atf_skip "This test requires net.add_addr_allfibs=0"
fi fi
get_fibs 1 get_fibs 2
# Configure a TAP interface # Configure the TAP interfaces
setup_tap ${FIB0} ${ADDR} ${MASK} setup_tap ${FIB0} ${ADDR0} ${MASK}
TARGET_TAP=${TAP}
setup_tap ${FIB1} ${ADDR1} ${MASK}
# Send a UDP packet with SO_DONTROUTE. In the failure case, it will # Send a UDP packet with SO_DONTROUTE. In the failure case, it will
# return ENETUNREACH # return ENETUNREACH, or send the packet to the wrong tap
SRCDIR=`atf_get_srcdir` atf_check -o ignore setfib ${FIB0} \
atf_check -o ignore setfib ${FIB0} ${SRCDIR}/udp_dontroute ${TARGET} ${SRCDIR}/udp_dontroute ${TARGET} /dev/${TARGET_TAP}
cleanup_tap
# Repeat, but this time target the other tap
setup_tap ${FIB0} ${ADDR0} ${MASK}
setup_tap ${FIB1} ${ADDR1} ${MASK}
TARGET_TAP=${TAP}
atf_check -o ignore setfib ${FIB1} \
${SRCDIR}/udp_dontroute ${TARGET} /dev/${TARGET_TAP}
} }
udp_dontroute_cleanup() udp_dontroute_cleanup()
@ -467,4 +480,5 @@ cleanup_tap()
for TAPD in `cat "tap_devices_to_cleanup"`; do for TAPD in `cat "tap_devices_to_cleanup"`; do
ifconfig ${TAPD} destroy ifconfig ${TAPD} destroy
done done
rm "tap_devices_to_cleanup"
} }

41
tests/sys/netinet/udp_dontroute.c
View File

@ -39,9 +39,11 @@
#include <err.h> #include <err.h>
#include <errno.h> #include <errno.h>
#include <fcntl.h>
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <unistd.h>
/* /*
* Sends a single UDP packet to the provided address, with SO_DONTROUTE set * Sends a single UDP packet to the provided address, with SO_DONTROUTE set
@ -51,23 +53,31 @@ int
main(int argc, char **argv) main(int argc, char **argv)
{ {
struct sockaddr_in dst; struct sockaddr_in dst;
int s; int s, t;
int opt; int opt;
int ret; int ret;
const char* buf = "Hello, World!"; ssize_t len;
const char* sendbuf = "Hello, World!";
const size_t buflen = 80;
char recvbuf[buflen];
if (argc != 2) { if (argc != 3) {
fprintf(stderr, "Usage: %s ip_address\n", argv[0]); fprintf(stderr, "Usage: %s ip_address tapdev\n", argv[0]);
exit(2); exit(2);
} }
t = open(argv[2], O_RDWR | O_NONBLOCK);
if (t < 0)
err(EXIT_FAILURE, "open");
s = socket(PF_INET, SOCK_DGRAM, 0); s = socket(PF_INET, SOCK_DGRAM, 0);
if (s < 0) if (s < 0)
err(errno, "socket"); err(EXIT_FAILURE, "socket");
opt = 1; opt = 1;
ret = setsockopt(s, SOL_SOCKET, SO_DONTROUTE, &opt, sizeof(opt)); ret = setsockopt(s, SOL_SOCKET, SO_DONTROUTE, &opt, sizeof(opt));
if (ret == -1) if (ret == -1)
err(errno, "setsockopt(SO_DONTROUTE)"); err(EXIT_FAILURE, "setsockopt(SO_DONTROUTE)");
dst.sin_len = sizeof(dst); dst.sin_len = sizeof(dst);
dst.sin_family = AF_INET; dst.sin_family = AF_INET;
@ -77,10 +87,25 @@ main(int argc, char **argv)
fprintf(stderr, "Invalid address: %s\n", argv[1]); fprintf(stderr, "Invalid address: %s\n", argv[1]);
exit(2); exit(2);
} }
ret = sendto(s, buf, strlen(buf), 0, (struct sockaddr*)&dst, ret = sendto(s, sendbuf, strlen(sendbuf), 0, (struct sockaddr*)&dst,
dst.sin_len); dst.sin_len);
if (ret == -1) if (ret == -1)
err(errno, "sendto"); err(EXIT_FAILURE, "sendto");
/* Verify that the packet went to the desired tap device */
len = read(t, recvbuf, buflen);
if (len == 0)
errx(EXIT_FAILURE, "read returned EOF");
else if (len < 0 && errno == EAGAIN)
errx(EXIT_FAILURE, "Did not receive any packets");
else if (len < 0)
err(EXIT_FAILURE, "read");
/*
* If read returned anything at all, consider it a success. The packet
* should be an Ethernet frame containing an ARP request for
* ip_address. We won't bother to decode it
*/
return (0); return (0);
} }