d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix unintended KBI change from r264905. Add _fib versions of

Browse Source 
ifa_ifwithnet() and ifa_ifwithdstaddr()  The legacy functions will call the
_fib() versions with RT_ALL_FIBS, preserving legacy behavior.

sys/net/if_var.h
sys/net/if.c
	Add legacy-compatible functions as described above.  Ensure legacy
	behavior when RT_ALL_FIBS is passed as fibnum.

sys/netinet/in_pcb.c
sys/netinet/ip_output.c
sys/netinet/ip_options.c
sys/net/route.c
sys/net/rtsock.c
sys/netinet6/nd6.c
	Call with _fib() functions if we must use a specific fib, or the
	legacy functions otherwise.

tests/sys/netinet/fibs_test.sh
tests/sys/netinet/udp_dontroute.c
	Improve the udp_dontroute test.  The bug that this test exercises is
	that ifa_ifwithnet() will return the wrong address, if multiple
	interfaces have addresses on the same subnet but with different
	fibs.  The previous version of the test only considered one possible
	failure mode: that ifa_ifwithnet_fib() might fail to find any
	suitable address at all.  The new version also checks whether
	ifa_ifwithnet_fib() finds the correct address by checking where the
	ARP request goes.

Reported by:	bz, hrs
Reviewed by:	hrs
MFC after:	1 week
X-MFC-with:	264905
Sponsored by:	Spectra Logic
This commit is contained in:
Alan Somers 2014-05-29 21:03:49 +00:00
parent da4d5bb79b
commit 2f308a343f
10 changed files with 92 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
sys/net/if.c
View File

@ -1650,7 +1650,7 @@ ifa_ifwithbroadaddr(struct sockaddr *addr)
*/
/*ARGSUSED*/
struct ifaddr *
ifa_ifwithdstaddr(struct sockaddr *addr, int fibnum)
ifa_ifwithdstaddr_fib(struct sockaddr *addr, int fibnum)
{
struct ifnet *ifp;
struct ifaddr *ifa;
@ -1659,7 +1659,7 @@ ifa_ifwithdstaddr(struct sockaddr *addr, int fibnum)
TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
if ((ifp->if_flags & IFF_POINTOPOINT) == 0)
continue;
if ((ifp->if_fib != fibnum))
if ((fibnum != RT_ALL_FIBS) && (ifp->if_fib != fibnum))
continue;
IF_ADDR_RLOCK(ifp);
TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
@ -1680,12 +1680,19 @@ ifa_ifwithdstaddr(struct sockaddr *addr, int fibnum)
return (ifa);
}
struct ifaddr *
ifa_ifwithdstaddr(struct sockaddr *addr)
{
return (ifa_ifwithdstaddr_fib(addr, RT_ALL_FIBS));
}
/*
* Find an interface on a specific network. If many, choice
* is most specific found.
*/
struct ifaddr *
ifa_ifwithnet(struct sockaddr *addr, int ignore_ptp, int fibnum)
ifa_ifwithnet_fib(struct sockaddr *addr, int ignore_ptp, int fibnum)
{
struct ifnet *ifp;
struct ifaddr *ifa;
@ -1711,7 +1718,7 @@ ifa_ifwithnet(struct sockaddr *addr, int ignore_ptp, int fibnum)
*/
IFNET_RLOCK_NOSLEEP();
TAILQ_FOREACH(ifp, &V_ifnet, if_link) {
if (ifp->if_fib != fibnum)
if ((fibnum != RT_ALL_FIBS) && (ifp->if_fib != fibnum))
continue;
IF_ADDR_RLOCK(ifp);
TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
@ -1796,6 +1803,13 @@ next: continue;
return (ifa);
}
struct ifaddr *
ifa_ifwithnet(struct sockaddr *addr, int ignore_ptp)
{
return (ifa_ifwithnet_fib(addr, ignore_ptp, RT_ALL_FIBS));
}
/*
* Find an interface address specific to an interface best matching
* a given address.

6
sys/net/if_var.h
View File

@ -495,8 +495,10 @@ int ifa_switch_loopback_route(struct ifaddr *, struct sockaddr *, int fib);
struct ifaddr *ifa_ifwithaddr(struct sockaddr *);
int ifa_ifwithaddr_check(struct sockaddr *);
struct ifaddr *ifa_ifwithbroadaddr(struct sockaddr *);
struct ifaddr *ifa_ifwithdstaddr(struct sockaddr *, int);
struct ifaddr *ifa_ifwithnet(struct sockaddr *, int, int);
struct ifaddr *ifa_ifwithdstaddr(struct sockaddr *);
struct ifaddr *ifa_ifwithdstaddr_fib(struct sockaddr *, int);
struct ifaddr *ifa_ifwithnet(struct sockaddr *, int);
struct ifaddr *ifa_ifwithnet_fib(struct sockaddr *, int, int);
struct ifaddr *ifa_ifwithroute(int, struct sockaddr *, struct sockaddr *);
struct ifaddr *ifa_ifwithroute_fib(int, struct sockaddr *, struct sockaddr *, u_int);
struct ifaddr *ifaof_ifpforaddr(struct sockaddr *, struct ifnet *);

10
sys/net/route.c
View File

@ -573,7 +573,7 @@ rtredirect_fib(struct sockaddr *dst,
}
/* verify the gateway is directly reachable */
if ((ifa = ifa_ifwithnet(gateway, 0, fibnum)) == NULL) {
if ((ifa = ifa_ifwithnet_fib(gateway, 0, fibnum)) == NULL) {
error = ENETUNREACH;
goto out;
}
@ -730,7 +730,7 @@ ifa_ifwithroute_fib(int flags, struct sockaddr *dst, struct sockaddr *gateway,
*/
ifa = NULL;
if (flags & RTF_HOST)
ifa = ifa_ifwithdstaddr(dst, fibnum);
ifa = ifa_ifwithdstaddr_fib(dst, fibnum);
if (ifa == NULL)
ifa = ifa_ifwithaddr(gateway);
} else {
@ -739,10 +739,10 @@ ifa_ifwithroute_fib(int flags, struct sockaddr *dst, struct sockaddr *gateway,
* or host, the gateway may still be on the
* other end of a pt to pt link.
*/
ifa = ifa_ifwithdstaddr(gateway, fibnum);
ifa = ifa_ifwithdstaddr_fib(gateway, fibnum);
}
if (ifa == NULL)
ifa = ifa_ifwithnet(gateway, 0, fibnum);
ifa = ifa_ifwithnet_fib(gateway, 0, fibnum);
if (ifa == NULL) {
struct rtentry *rt = rtalloc1_fib(gateway, 0, RTF_RNH_LOCKED, fibnum);
if (rt == NULL)
@ -856,7 +856,7 @@ rt_getifa_fib(struct rt_addrinfo *info, u_int fibnum)
*/
if (info->rti_ifp == NULL && ifpaddr != NULL &&
ifpaddr->sa_family == AF_LINK &&
(ifa = ifa_ifwithnet(ifpaddr, 0, fibnum)) != NULL) {
(ifa = ifa_ifwithnet_fib(ifpaddr, 0, fibnum)) != NULL) {
info->rti_ifp = ifa->ifa_ifp;
ifa_free(ifa);
}

3
sys/net/rtsock.c
View File

@ -752,8 +752,7 @@ route_output(struct mbuf *m, struct socket *so)
rt->rt_ifp->if_type == IFT_PROPVIRTUAL) {
struct ifaddr *ifa;
ifa = ifa_ifwithnet(info.rti_info[RTAX_DST], 1,
RT_DEFAULT_FIB);
ifa = ifa_ifwithnet(info.rti_info[RTAX_DST], 1);
if (ifa != NULL)
rt_maskedcopy(ifa->ifa_addr,
&laddr,

11
sys/netinet/in_pcb.c
View File

@ -745,11 +745,9 @@ in_pcbladdr(struct inpcb *inp, struct in_addr *faddr, struct in_addr *laddr,
struct in_ifaddr *ia;
struct ifnet *ifp;
ia = ifatoia(ifa_ifwithdstaddr((struct sockaddr *)sin,
RT_DEFAULT_FIB));
ia = ifatoia(ifa_ifwithdstaddr((struct sockaddr *)sin));
if (ia == NULL)
ia = ifatoia(ifa_ifwithnet((struct sockaddr *)sin, 0,
RT_DEFAULT_FIB));
ia = ifatoia(ifa_ifwithnet((struct sockaddr *)sin, 0));
if (ia == NULL) {
error = ENETUNREACH;
goto done;
@ -864,10 +862,9 @@ in_pcbladdr(struct inpcb *inp, struct in_addr *faddr, struct in_addr *laddr,
sain.sin_len = sizeof(struct sockaddr_in);
sain.sin_addr.s_addr = faddr->s_addr;
ia = ifatoia(ifa_ifwithdstaddr(sintosa(&sain), RT_DEFAULT_FIB));
ia = ifatoia(ifa_ifwithdstaddr(sintosa(&sain)));
if (ia == NULL)
ia = ifatoia(ifa_ifwithnet(sintosa(&sain), 0,
RT_DEFAULT_FIB));
ia = ifatoia(ifa_ifwithnet(sintosa(&sain), 0));
if (ia == NULL)
ia = ifatoia(ifa_ifwithaddr(sintosa(&sain)));

7
sys/netinet/ip_options.c
View File

@ -227,11 +227,8 @@ ip_dooptions(struct mbuf *m, int pass)
if (opt == IPOPT_SSRR) {
#define INA struct in_ifaddr *
#define SA struct sockaddr *
if ((ia = (INA)ifa_ifwithdstaddr((SA)&ipaddr,
RT_DEFAULT_FIB)) == NULL) {
ia = (INA)ifa_ifwithnet((SA)&ipaddr, 0,
RT_DEFAULT_FIB);
}
if ((ia = (INA)ifa_ifwithdstaddr((SA)&ipaddr)) == NULL)
ia = (INA)ifa_ifwithnet((SA)&ipaddr, 0);
} else
/* XXX MRT 0 for routing */
ia = ip_rtaddr(ipaddr.sin_addr, M_GETFIB(m));

9
sys/netinet/ip_output.c
View File

@ -233,8 +233,7 @@ ip_output(struct mbuf *m, struct mbuf *opt, struct route *ro, int flags,
*/
if (flags & IP_SENDONES) {
if ((ia = ifatoia(ifa_ifwithbroadaddr(sintosa(dst)))) == NULL &&
(ia = ifatoia(ifa_ifwithdstaddr(sintosa(dst),
RT_DEFAULT_FIB))) == NULL) {
(ia = ifatoia(ifa_ifwithdstaddr(sintosa(dst)))) == NULL) {
IPSTAT_INC(ips_noroute);
error = ENETUNREACH;
goto bad;
@ -245,10 +244,8 @@ ip_output(struct mbuf *m, struct mbuf *opt, struct route *ro, int flags,
ip->ip_ttl = 1;
isbroadcast = 1;
} else if (flags & IP_ROUTETOIF) {
if ((ia = ifatoia(ifa_ifwithdstaddr(sintosa(dst),
RT_DEFAULT_FIB))) == NULL &&
(ia = ifatoia(ifa_ifwithnet(sintosa(dst), 0,
RT_DEFAULT_FIB))) == NULL) {
if ((ia = ifatoia(ifa_ifwithdstaddr(sintosa(dst)))) == NULL &&
(ia = ifatoia(ifa_ifwithnet(sintosa(dst), 0))) == NULL) {
IPSTAT_INC(ips_noroute);
error = ENETUNREACH;
goto bad;

2
sys/netinet6/nd6.c
View File

@ -945,7 +945,7 @@ nd6_is_new_addr_neighbor(struct sockaddr_in6 *addr, struct ifnet *ifp)
* If the address is assigned on the node of the other side of
* a p2p interface, the address should be a neighbor.
*/
dstaddr = ifa_ifwithdstaddr((struct sockaddr *)addr, RT_DEFAULT_FIB);
dstaddr = ifa_ifwithdstaddr((struct sockaddr *)addr);
if (dstaddr != NULL) {
if (dstaddr->ifa_ifp == ifp) {
ifa_free(dstaddr);

28
tests/sys/netinet/fibs_test.sh
View File

@ -369,25 +369,38 @@ udp_dontroute_body()
atf_expect_fail "kern/187553 Source address selection for UDP packets with SO_DONTROUTE uses the default FIB"
# Configure the TAP interface to use an RFC5737 nonrouteable address
# and a non-default fib
ADDR="192.0.2.2"
ADDR0="192.0.2.2"
ADDR1="192.0.2.3"
SUBNET="192.0.2.0"
MASK="24"
# Use a different IP on the same subnet as the target
TARGET="192.0.2.100"
SRCDIR=`atf_get_srcdir`
# Check system configuration
if [ 0 != `sysctl -n net.add_addr_allfibs` ]; then
atf_skip "This test requires net.add_addr_allfibs=0"
fi
get_fibs 1
get_fibs 2
# Configure a TAP interface
setup_tap ${FIB0} ${ADDR} ${MASK}
# Configure the TAP interfaces
setup_tap ${FIB0} ${ADDR0} ${MASK}
TARGET_TAP=${TAP}
setup_tap ${FIB1} ${ADDR1} ${MASK}
# Send a UDP packet with SO_DONTROUTE. In the failure case, it will
# return ENETUNREACH
SRCDIR=`atf_get_srcdir`
atf_check -o ignore setfib ${FIB0} ${SRCDIR}/udp_dontroute ${TARGET}
# return ENETUNREACH, or send the packet to the wrong tap
atf_check -o ignore setfib ${FIB0} \
${SRCDIR}/udp_dontroute ${TARGET} /dev/${TARGET_TAP}
cleanup_tap
# Repeat, but this time target the other tap
setup_tap ${FIB0} ${ADDR0} ${MASK}
setup_tap ${FIB1} ${ADDR1} ${MASK}
TARGET_TAP=${TAP}
atf_check -o ignore setfib ${FIB1} \
${SRCDIR}/udp_dontroute ${TARGET} /dev/${TARGET_TAP}
}
udp_dontroute_cleanup()
@ -467,4 +480,5 @@ cleanup_tap()
for TAPD in `cat "tap_devices_to_cleanup"`; do
ifconfig ${TAPD} destroy
done
rm "tap_devices_to_cleanup"
}

41
tests/sys/netinet/udp_dontroute.c
View File

@ -39,9 +39,11 @@
#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
/*
* Sends a single UDP packet to the provided address, with SO_DONTROUTE set
@ -51,23 +53,31 @@ int
main(int argc, char **argv)
{
struct sockaddr_in dst;
int s;
int s, t;
int opt;
int ret;
const char* buf = "Hello, World!";
ssize_t len;
const char* sendbuf = "Hello, World!";
const size_t buflen = 80;
char recvbuf[buflen];
if (argc != 2) {
fprintf(stderr, "Usage: %s ip_address\n", argv[0]);
if (argc != 3) {
fprintf(stderr, "Usage: %s ip_address tapdev\n", argv[0]);
exit(2);
}
t = open(argv[2], O_RDWR | O_NONBLOCK);
if (t < 0)
err(EXIT_FAILURE, "open");
s = socket(PF_INET, SOCK_DGRAM, 0);
if (s < 0)
err(errno, "socket");
err(EXIT_FAILURE, "socket");
opt = 1;
ret = setsockopt(s, SOL_SOCKET, SO_DONTROUTE, &opt, sizeof(opt));
if (ret == -1)
err(errno, "setsockopt(SO_DONTROUTE)");
err(EXIT_FAILURE, "setsockopt(SO_DONTROUTE)");
dst.sin_len = sizeof(dst);
dst.sin_family = AF_INET;
@ -77,10 +87,25 @@ main(int argc, char **argv)
fprintf(stderr, "Invalid address: %s\n", argv[1]);
exit(2);
}
ret = sendto(s, buf, strlen(buf), 0, (struct sockaddr*)&dst,
ret = sendto(s, sendbuf, strlen(sendbuf), 0, (struct sockaddr*)&dst,
dst.sin_len);
if (ret == -1)
err(errno, "sendto");
err(EXIT_FAILURE, "sendto");
/* Verify that the packet went to the desired tap device */
len = read(t, recvbuf, buflen);
if (len == 0)
errx(EXIT_FAILURE, "read returned EOF");
else if (len < 0 && errno == EAGAIN)
errx(EXIT_FAILURE, "Did not receive any packets");
else if (len < 0)
err(EXIT_FAILURE, "read");
/*
* If read returned anything at all, consider it a success. The packet
* should be an Ethernet frame containing an ARP request for
* ip_address. We won't bother to decode it
*/
return (0);
}