freebsd-nq/sys/netpfil/pf
Hans Petter Selasky 59854ecf55 Convert all IPv4 and IPv6 multicast memberships into using a STAILQ
instead of a linear array.

The multicast memberships for the inpcb structure are protected by a
non-sleepable lock, INP_WLOCK(), which needs to be dropped when
calling the underlying possibly sleeping if_ioctl() method. When using
a linear array to keep track of multicast memberships, the computed
memory location of the multicast filter may suddenly change, due to
concurrent insertion or removal of elements in the linear array. This
in turn leads to various invalid memory access issues and kernel
panics.

To avoid this problem, put all multicast memberships on a STAILQ based
list. Then the memory location of the IPv4 and IPv6 multicast filters
become fixed during their lifetime and use after free and memory leak
issues are easier to track, for example by: vmstat -m | grep multi

All list manipulation has been factored into inline functions
including some macros, to easily allow for a future hash-list
implementation, if needed.

This patch has been tested by pho@ .

Differential Revision: https://reviews.freebsd.org/D20080
Reviewed by:	markj @
MFC after:	1 week
Sponsored by:	Mellanox Technologies
2019-06-25 11:54:41 +00:00
..
if_pflog.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
if_pfsync.c Convert all IPv4 and IPv6 multicast memberships into using a STAILQ 2019-06-25 11:54:41 +00:00
in4_cksum.c SPDX: license IDs for some ISC-related files. 2017-12-08 15:57:29 +00:00
pf_altq.h Extended pf(4) ioctl interface and pfctl(8) to allow bandwidths of 2018-08-22 19:38:48 +00:00
pf_if.c Mechanical cleanup of epoch(9) usage in network stack. 2019-01-09 01:11:19 +00:00
pf_ioctl.c pf: No need to M_NOWAIT in DIOCRSETTFLAGS 2019-04-18 11:37:44 +00:00
pf_lb.c pf: Fix endless loop on NAT exhaustion with sticky-address 2018-12-12 20:15:06 +00:00
pf_mtag.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
pf_norm.c pf: IPv6 fragments with malformed extension headers could be erroneously passed by pf or cause a panic 2019-03-01 07:37:45 +00:00
pf_osfp.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
pf_ruleset.c sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
pf_table.c pf :Use counter(9) in pf tables. 2019-03-15 11:08:44 +00:00
pf.c Separate kernel crc32() implementation to its own header (gsb_crc32.h) and 2019-06-17 19:49:08 +00:00
pf.h netpfil: Introduce PFIL_FWD flag 2018-03-23 16:56:44 +00:00