diff options
| author | glebius <glebius@FreeBSD.org> | 2014-03-18 16:56:05 +0000 |
|---|---|---|
| committer | glebius <glebius@FreeBSD.org> | 2014-03-18 16:56:05 +0000 |
| commit | ad70c4103e84f504930151e4d7bf3c71e3c2bd9d (patch) | |
| tree | f6d1e3578eb825c0176231d011344bde8c79efb1 | |
| parent | 5e93044a78ce49826d02c59307c02d95ba564da8 (diff) | |
| download | FreeBSD-src-ad70c4103e84f504930151e4d7bf3c71e3c2bd9d.zip FreeBSD-src-ad70c4103e84f504930151e4d7bf3c71e3c2bd9d.tar.gz | |
Merge r263091: fix mbuf flags clash that lead to failure of operation
of IPSEC and packet filters.
PR: kern/185876
PR: kern/186755
| -rw-r--r-- | sys/netinet/ip_input.c | 3 | ||||
| -rw-r--r-- | sys/netinet/ip_var.h | 9 | ||||
| -rw-r--r-- | sys/netinet6/in6.h | 19 | ||||
| -rw-r--r-- | sys/netinet6/ip6_var.h | 7 |
4 files changed, 15 insertions, 23 deletions
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index cde30ee..49281d5 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -707,6 +707,7 @@ ours: * ip_reass() will return a different mbuf. */ if (ip->ip_off & htons(IP_MF | IP_OFFMASK)) { + /* XXXGL: shouldn't we save & set m_flags? */ m = ip_reass(m); if (m == NULL) return; @@ -799,6 +800,8 @@ SYSCTL_PROC(_net_inet_ip, OID_AUTO, maxfragpackets, CTLTYPE_INT|CTLFLAG_RW, NULL, 0, sysctl_maxnipq, "I", "Maximum number of IPv4 fragment reassembly queue entries"); +#define M_IP_FRAG M_PROTO9 + /* * Take incoming datagram fragment and try to reassemble it into * whole datagram. If the argument is the first fragment or one diff --git a/sys/netinet/ip_var.h b/sys/netinet/ip_var.h index 519f9cd..b2251ac 100644 --- a/sys/netinet/ip_var.h +++ b/sys/netinet/ip_var.h @@ -162,15 +162,6 @@ void kmod_ipstat_dec(int statnum); #define IP_ROUTETOIF SO_DONTROUTE /* 0x10 bypass routing tables */ #define IP_ALLOWBROADCAST SO_BROADCAST /* 0x20 can send broadcast packets */ -/* - * IPv4 protocol layer specific mbuf flags. - */ -#define M_FASTFWD_OURS M_PROTO1 /* changed dst to local */ -#define M_IP_NEXTHOP M_PROTO2 /* explicit ip nexthop */ -#define M_SKIP_FIREWALL M_PROTO3 /* skip firewall processing, - keep in sync with IP6 */ -#define M_IP_FRAG M_PROTO4 /* fragment reassembly */ - #ifdef __NO_STRICT_ALIGNMENT #define IP_HDR_ALIGNED_P(ip) 1 #else diff --git a/sys/netinet6/in6.h b/sys/netinet6/in6.h index 07ba290..f7d7e76 100644 --- a/sys/netinet6/in6.h +++ b/sys/netinet6/in6.h @@ -622,13 +622,18 @@ struct ip6_mtuinfo { #endif /* __BSD_VISIBLE */ /* - * Redefinition of mbuf flags - */ -#define M_AUTHIPHDR M_PROTO2 -#define M_DECRYPTED M_PROTO3 -#define M_LOOP M_PROTO4 -#define M_AUTHIPDGM M_PROTO5 -#define M_RTALERT_MLD M_PROTO6 + * Since both netinet/ and netinet6/ call into netipsec/ and netpfil/, + * the protocol specific mbuf flags are shared between them. + */ +#define M_FASTFWD_OURS M_PROTO1 /* changed dst to local */ +#define M_IP6_NEXTHOP M_PROTO2 /* explicit ip nexthop */ +#define M_IP_NEXTHOP M_PROTO2 /* explicit ip nexthop */ +#define M_SKIP_FIREWALL M_PROTO3 /* skip firewall processing */ +#define M_AUTHIPHDR M_PROTO4 +#define M_DECRYPTED M_PROTO5 +#define M_LOOP M_PROTO6 +#define M_AUTHIPDGM M_PROTO7 +#define M_RTALERT_MLD M_PROTO8 #ifdef _KERNEL struct cmsghdr; diff --git a/sys/netinet6/ip6_var.h b/sys/netinet6/ip6_var.h index 1c22cc9..70e487e 100644 --- a/sys/netinet6/ip6_var.h +++ b/sys/netinet6/ip6_var.h @@ -293,13 +293,6 @@ struct ip6aux { #define IPV6_FORWARDING 0x02 /* most of IPv6 header exists */ #define IPV6_MINMTU 0x04 /* use minimum MTU (IPV6_USE_MIN_MTU) */ -/* - * IPv6 protocol layer specific mbuf flags. - */ -#define M_IP6_NEXTHOP M_PROTO2 /* explicit ip nexthop */ -#define M_SKIP_FIREWALL M_PROTO3 /* skip firewall processing, - keep in sync with IPv4 */ - #ifdef __NO_STRICT_ALIGNMENT #define IP6_HDR_ALIGNED_P(ip) 1 #else |
