freebsd-nq/sys
Matt Joras 16cf6bdbb6 Wrap a vlan's parent's if_output in a separate function.
When a vlan interface is created, its if_output is set directly to the
parent interface's if_output. This is fine in the normal case but has an
unfortunate consequence if you end up with a certain combination of vlan
and lagg interfaces.

Consider you have a lagg interface with a single laggport member. When
an interface is added to a lagg its if_output is set to
lagg_port_output, which blackholes traffic from the normal networking
stack but not certain frames from BPF (pseudo_AF_HDRCMPLT). If you now
create a vlan with the laggport member (not the lagg interface) as its
parent, its if_output is set to lagg_port_output as well. While this is
confusing conceptually and likely represents a misconfigured system, it
is not itself a problem. The problem arises when you then remove the
lagg interface. Doing this resets the if_output of the laggport member
back to its original state, but the vlan's if_output is left pointing to
lagg_port_output. This gives rise to the possibility that the system
will panic when e.g. bpf is used to send any frames on the vlan
interface.

Fix this by creating a new function, vlan_output, which simply wraps the
parent's current if_output. That way when the parent's if_output is
restored there is no stale usage of lagg_port_output.

Reviewed by:	rstone
Differential Revision:	D21209
2019-08-30 20:19:43 +00:00
..
amd64 Simplify bhyve vlapic ESR logic. 2019-08-29 18:23:38 +00:00
arm exynos5: avoid NULL deref in error case 2019-08-30 00:36:17 +00:00
arm64 Centralize __pcpu definitions. 2019-08-29 07:25:27 +00:00
bsm
cam Take proper lock in ses_setphyspath_callback(). 2019-08-29 17:02:02 +00:00
cddl Rework v_object lifecycle for vnodes. 2019-08-29 07:50:25 +00:00
compat Change locking requirements for VOP_UNSET_TEXT(). 2019-08-18 20:24:52 +00:00
conf Add kernel-side support for in-kernel TLS. 2019-08-27 00:01:56 +00:00
contrib Document ipf_nat_hashtab_add() return codes. 2019-08-28 04:55:17 +00:00
crypto Stop using des_cblock * for arguments to DES functions. 2019-08-26 17:25:07 +00:00
ddb proc: eliminate the zombproc list 2019-08-28 16:18:23 +00:00
dev Properly check for an interrupted cv_wait_sig(). 2019-08-30 15:40:31 +00:00
dts dtso: allwinner: Add an overlay for H3 thermal node 2019-08-24 13:26:34 +00:00
fs nullfs: use VOP_NEED_INACTIVE 2019-08-30 00:30:03 +00:00
gdb Fix i386 build after r351368 2019-08-22 04:31:07 +00:00
geom geom_uzip(4), mkuzip(8): Add Zstd image mode 2019-08-13 23:32:56 +00:00
gnu arm: dts: am33xx: Fix the region for uart0 2019-08-07 13:11:53 +00:00
i386 Remove useless redefinition of NSFBUFS in i386/vm_machdep.c. 2019-08-29 07:34:14 +00:00
isa
kern vfs: tidy up assertions in vfs_subr 2019-08-30 00:45:53 +00:00
kgssapi Stop using des_cblock * for arguments to DES functions. 2019-08-26 17:25:07 +00:00
libkern Remove zlib 1.0.4 from kernel. 2019-08-25 17:13:00 +00:00
mips Centralize __pcpu definitions. 2019-08-29 07:25:27 +00:00
modules Add kernel-side support for in-kernel TLS. 2019-08-27 00:01:56 +00:00
net Wrap a vlan's parent's if_output in a separate function. 2019-08-30 20:19:43 +00:00
net80211 Enhance the comment ieee80211_add_channel() to avoid a 2019-06-10 14:31:18 +00:00
netgraph avoid holding PCB mutex during copyin/copyout() 2019-08-30 16:35:31 +00:00
netinet Add kernel-side support for in-kernel TLS. 2019-08-27 00:01:56 +00:00
netinet6 Add kernel-side support for in-kernel TLS. 2019-08-27 00:01:56 +00:00
netipsec Add missing new line in several log messages. 2019-08-09 08:58:09 +00:00
netpfil Fix rule truncation on external action module unloading. 2019-08-15 13:44:33 +00:00
netsmb Stop using des_cblock * for arguments to DES functions. 2019-08-26 17:25:07 +00:00
nfs
nfsclient
nfsserver
nlm
ofed OFED: Fix accidental double-copy of rdma_sdp.h in r351176 2019-08-18 04:19:41 +00:00
opencrypto Adjust the deprecated warnings for /dev/crypto to be less noisy. 2019-08-27 21:29:37 +00:00
powerpc Centralize __pcpu definitions. 2019-08-29 07:25:27 +00:00
riscv Centralize __pcpu definitions. 2019-08-29 07:25:27 +00:00
rpc Avoid relying on header pollution from sys/refcount.h. 2019-07-29 20:26:01 +00:00
security vm_map_simplify_entry considers merging an entry with its two 2019-08-25 07:06:51 +00:00
sparc64 Centralize __pcpu definitions. 2019-08-29 07:25:27 +00:00
sys Allow mbuf queues to be unlimited. 2019-08-30 00:03:41 +00:00
teken Attempt to complete fixing programmable function keys for syscons. 2019-02-20 02:14:41 +00:00
tests Regularize the Netflix copyright 2019-02-04 21:28:25 +00:00
tools Add SDIO support. 2019-06-08 16:26:56 +00:00
ufs Rework v_object lifecycle for vnodes. 2019-08-29 07:50:25 +00:00
vm Rework v_object lifecycle for vnodes. 2019-08-29 07:50:25 +00:00
x86 Move phys_avail definition into MI code. It is consumed in the MI layer and 2019-08-16 00:45:14 +00:00
xdr
xen xen: introduce a new way to setup event channel upcall 2019-01-30 11:34:52 +00:00
Makefile