diff options
| author | asomers <asomers@FreeBSD.org> | 2014-05-29 21:03:49 +0000 |
|---|---|---|
| committer | asomers <asomers@FreeBSD.org> | 2014-05-29 21:03:49 +0000 |
| commit | 7ca8bf0f2c27a73f51aeaa039bf10ab3c6af198b (patch) | |
| tree | ed9260026601a89dc26686a804ac2c527bebd5a4 | |
| parent | 393fef9e249af24add064cdafb84b546ef5a40b7 (diff) | |
| download | FreeBSD-src-7ca8bf0f2c27a73f51aeaa039bf10ab3c6af198b.zip FreeBSD-src-7ca8bf0f2c27a73f51aeaa039bf10ab3c6af198b.tar.gz | |
Fix unintended KBI change from r264905. Add _fib versions of
ifa_ifwithnet() and ifa_ifwithdstaddr() The legacy functions will call the
_fib() versions with RT_ALL_FIBS, preserving legacy behavior.
sys/net/if_var.h
sys/net/if.c
Add legacy-compatible functions as described above. Ensure legacy
behavior when RT_ALL_FIBS is passed as fibnum.
sys/netinet/in_pcb.c
sys/netinet/ip_output.c
sys/netinet/ip_options.c
sys/net/route.c
sys/net/rtsock.c
sys/netinet6/nd6.c
Call with _fib() functions if we must use a specific fib, or the
legacy functions otherwise.
tests/sys/netinet/fibs_test.sh
tests/sys/netinet/udp_dontroute.c
Improve the udp_dontroute test. The bug that this test exercises is
that ifa_ifwithnet() will return the wrong address, if multiple
interfaces have addresses on the same subnet but with different
fibs. The previous version of the test only considered one possible
failure mode: that ifa_ifwithnet_fib() might fail to find any
suitable address at all. The new version also checks whether
ifa_ifwithnet_fib() finds the correct address by checking where the
ARP request goes.
Reported by: bz, hrs
Reviewed by: hrs
MFC after: 1 week
X-MFC-with: 264905
Sponsored by: Spectra Logic
| -rw-r--r-- | sys/net/if.c | 22 | ||||
| -rw-r--r-- | sys/net/if_var.h | 6 | ||||
| -rw-r--r-- | sys/net/route.c | 10 | ||||
| -rw-r--r-- | sys/net/rtsock.c | 3 | ||||
| -rw-r--r-- | sys/netinet/in_pcb.c | 11 | ||||
| -rw-r--r-- | sys/netinet/ip_options.c | 7 | ||||
| -rw-r--r-- | sys/netinet/ip_output.c | 9 | ||||
| -rw-r--r-- | sys/netinet6/nd6.c | 2 | ||||
| -rwxr-xr-x | tests/sys/netinet/fibs_test.sh | 28 | ||||
| -rw-r--r-- | tests/sys/netinet/udp_dontroute.c | 41 |
10 files changed, 92 insertions, 47 deletions
diff --git a/sys/net/if.c b/sys/net/if.c index 585269a..134a6d0 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -1650,7 +1650,7 @@ done: */ /*ARGSUSED*/ struct ifaddr * -ifa_ifwithdstaddr(struct sockaddr *addr, int fibnum) +ifa_ifwithdstaddr_fib(struct sockaddr *addr, int fibnum) { struct ifnet *ifp; struct ifaddr *ifa; @@ -1659,7 +1659,7 @@ ifa_ifwithdstaddr(struct sockaddr *addr, int fibnum) TAILQ_FOREACH(ifp, &V_ifnet, if_link) { if ((ifp->if_flags & IFF_POINTOPOINT) == 0) continue; - if ((ifp->if_fib != fibnum)) + if ((fibnum != RT_ALL_FIBS) && (ifp->if_fib != fibnum)) continue; IF_ADDR_RLOCK(ifp); TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { @@ -1680,12 +1680,19 @@ done: return (ifa); } +struct ifaddr * +ifa_ifwithdstaddr(struct sockaddr *addr) +{ + + return (ifa_ifwithdstaddr_fib(addr, RT_ALL_FIBS)); +} + /* * Find an interface on a specific network. If many, choice * is most specific found. */ struct ifaddr * -ifa_ifwithnet(struct sockaddr *addr, int ignore_ptp, int fibnum) +ifa_ifwithnet_fib(struct sockaddr *addr, int ignore_ptp, int fibnum) { struct ifnet *ifp; struct ifaddr *ifa; @@ -1711,7 +1718,7 @@ ifa_ifwithnet(struct sockaddr *addr, int ignore_ptp, int fibnum) */ IFNET_RLOCK_NOSLEEP(); TAILQ_FOREACH(ifp, &V_ifnet, if_link) { - if (ifp->if_fib != fibnum) + if ((fibnum != RT_ALL_FIBS) && (ifp->if_fib != fibnum)) continue; IF_ADDR_RLOCK(ifp); TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { @@ -1796,6 +1803,13 @@ done: return (ifa); } +struct ifaddr * +ifa_ifwithnet(struct sockaddr *addr, int ignore_ptp) +{ + + return (ifa_ifwithnet_fib(addr, ignore_ptp, RT_ALL_FIBS)); +} + /* * Find an interface address specific to an interface best matching * a given address. diff --git a/sys/net/if_var.h b/sys/net/if_var.h index c7d98a0..0e3225c 100644 --- a/sys/net/if_var.h +++ b/sys/net/if_var.h @@ -495,8 +495,10 @@ int ifa_switch_loopback_route(struct ifaddr *, struct sockaddr *, int fib); struct ifaddr *ifa_ifwithaddr(struct sockaddr *); int ifa_ifwithaddr_check(struct sockaddr *); struct ifaddr *ifa_ifwithbroadaddr(struct sockaddr *); -struct ifaddr *ifa_ifwithdstaddr(struct sockaddr *, int); -struct ifaddr *ifa_ifwithnet(struct sockaddr *, int, int); +struct ifaddr *ifa_ifwithdstaddr(struct sockaddr *); +struct ifaddr *ifa_ifwithdstaddr_fib(struct sockaddr *, int); +struct ifaddr *ifa_ifwithnet(struct sockaddr *, int); +struct ifaddr *ifa_ifwithnet_fib(struct sockaddr *, int, int); struct ifaddr *ifa_ifwithroute(int, struct sockaddr *, struct sockaddr *); struct ifaddr *ifa_ifwithroute_fib(int, struct sockaddr *, struct sockaddr *, u_int); struct ifaddr *ifaof_ifpforaddr(struct sockaddr *, struct ifnet *); diff --git a/sys/net/route.c b/sys/net/route.c index d6e6d93..83cc857 100644 --- a/sys/net/route.c +++ b/sys/net/route.c @@ -573,7 +573,7 @@ rtredirect_fib(struct sockaddr *dst, } /* verify the gateway is directly reachable */ - if ((ifa = ifa_ifwithnet(gateway, 0, fibnum)) == NULL) { + if ((ifa = ifa_ifwithnet_fib(gateway, 0, fibnum)) == NULL) { error = ENETUNREACH; goto out; } @@ -730,7 +730,7 @@ ifa_ifwithroute_fib(int flags, struct sockaddr *dst, struct sockaddr *gateway, */ ifa = NULL; if (flags & RTF_HOST) - ifa = ifa_ifwithdstaddr(dst, fibnum); + ifa = ifa_ifwithdstaddr_fib(dst, fibnum); if (ifa == NULL) ifa = ifa_ifwithaddr(gateway); } else { @@ -739,10 +739,10 @@ ifa_ifwithroute_fib(int flags, struct sockaddr *dst, struct sockaddr *gateway, * or host, the gateway may still be on the * other end of a pt to pt link. */ - ifa = ifa_ifwithdstaddr(gateway, fibnum); + ifa = ifa_ifwithdstaddr_fib(gateway, fibnum); } if (ifa == NULL) - ifa = ifa_ifwithnet(gateway, 0, fibnum); + ifa = ifa_ifwithnet_fib(gateway, 0, fibnum); if (ifa == NULL) { struct rtentry *rt = rtalloc1_fib(gateway, 0, RTF_RNH_LOCKED, fibnum); if (rt == NULL) @@ -856,7 +856,7 @@ rt_getifa_fib(struct rt_addrinfo *info, u_int fibnum) */ if (info->rti_ifp == NULL && ifpaddr != NULL && ifpaddr->sa_family == AF_LINK && - (ifa = ifa_ifwithnet(ifpaddr, 0, fibnum)) != NULL) { + (ifa = ifa_ifwithnet_fib(ifpaddr, 0, fibnum)) != NULL) { info->rti_ifp = ifa->ifa_ifp; ifa_free(ifa); } diff --git a/sys/net/rtsock.c b/sys/net/rtsock.c index 3a6afca..f745f69 100644 --- a/sys/net/rtsock.c +++ b/sys/net/rtsock.c @@ -752,8 +752,7 @@ route_output(struct mbuf *m, struct socket *so) rt->rt_ifp->if_type == IFT_PROPVIRTUAL) { struct ifaddr *ifa; - ifa = ifa_ifwithnet(info.rti_info[RTAX_DST], 1, - RT_DEFAULT_FIB); + ifa = ifa_ifwithnet(info.rti_info[RTAX_DST], 1); if (ifa != NULL) rt_maskedcopy(ifa->ifa_addr, &laddr, diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c index 970cc78..e8f5bb7 100644 --- a/sys/netinet/in_pcb.c +++ b/sys/netinet/in_pcb.c @@ -745,11 +745,9 @@ in_pcbladdr(struct inpcb *inp, struct in_addr *faddr, struct in_addr *laddr, struct in_ifaddr *ia; struct ifnet *ifp; - ia = ifatoia(ifa_ifwithdstaddr((struct sockaddr *)sin, - RT_DEFAULT_FIB)); + ia = ifatoia(ifa_ifwithdstaddr((struct sockaddr *)sin)); if (ia == NULL) - ia = ifatoia(ifa_ifwithnet((struct sockaddr *)sin, 0, - RT_DEFAULT_FIB)); + ia = ifatoia(ifa_ifwithnet((struct sockaddr *)sin, 0)); if (ia == NULL) { error = ENETUNREACH; goto done; @@ -864,10 +862,9 @@ in_pcbladdr(struct inpcb *inp, struct in_addr *faddr, struct in_addr *laddr, sain.sin_len = sizeof(struct sockaddr_in); sain.sin_addr.s_addr = faddr->s_addr; - ia = ifatoia(ifa_ifwithdstaddr(sintosa(&sain), RT_DEFAULT_FIB)); + ia = ifatoia(ifa_ifwithdstaddr(sintosa(&sain))); if (ia == NULL) - ia = ifatoia(ifa_ifwithnet(sintosa(&sain), 0, - RT_DEFAULT_FIB)); + ia = ifatoia(ifa_ifwithnet(sintosa(&sain), 0)); if (ia == NULL) ia = ifatoia(ifa_ifwithaddr(sintosa(&sain))); diff --git a/sys/netinet/ip_options.c b/sys/netinet/ip_options.c index fcec948..8911992 100644 --- a/sys/netinet/ip_options.c +++ b/sys/netinet/ip_options.c @@ -227,11 +227,8 @@ dropit: if (opt == IPOPT_SSRR) { #define INA struct in_ifaddr * #define SA struct sockaddr * - if ((ia = (INA)ifa_ifwithdstaddr((SA)&ipaddr, - RT_DEFAULT_FIB)) == NULL) { - ia = (INA)ifa_ifwithnet((SA)&ipaddr, 0, - RT_DEFAULT_FIB); - } + if ((ia = (INA)ifa_ifwithdstaddr((SA)&ipaddr)) == NULL) + ia = (INA)ifa_ifwithnet((SA)&ipaddr, 0); } else /* XXX MRT 0 for routing */ ia = ip_rtaddr(ipaddr.sin_addr, M_GETFIB(m)); diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c index a5eac1b..168fc98 100644 --- a/sys/netinet/ip_output.c +++ b/sys/netinet/ip_output.c @@ -233,8 +233,7 @@ again: */ if (flags & IP_SENDONES) { if ((ia = ifatoia(ifa_ifwithbroadaddr(sintosa(dst)))) == NULL && - (ia = ifatoia(ifa_ifwithdstaddr(sintosa(dst), - RT_DEFAULT_FIB))) == NULL) { + (ia = ifatoia(ifa_ifwithdstaddr(sintosa(dst)))) == NULL) { IPSTAT_INC(ips_noroute); error = ENETUNREACH; goto bad; @@ -245,10 +244,8 @@ again: ip->ip_ttl = 1; isbroadcast = 1; } else if (flags & IP_ROUTETOIF) { - if ((ia = ifatoia(ifa_ifwithdstaddr(sintosa(dst), - RT_DEFAULT_FIB))) == NULL && - (ia = ifatoia(ifa_ifwithnet(sintosa(dst), 0, - RT_DEFAULT_FIB))) == NULL) { + if ((ia = ifatoia(ifa_ifwithdstaddr(sintosa(dst)))) == NULL && + (ia = ifatoia(ifa_ifwithnet(sintosa(dst), 0))) == NULL) { IPSTAT_INC(ips_noroute); error = ENETUNREACH; goto bad; diff --git a/sys/netinet6/nd6.c b/sys/netinet6/nd6.c index 4318468..602e95e 100644 --- a/sys/netinet6/nd6.c +++ b/sys/netinet6/nd6.c @@ -945,7 +945,7 @@ nd6_is_new_addr_neighbor(struct sockaddr_in6 *addr, struct ifnet *ifp) * If the address is assigned on the node of the other side of * a p2p interface, the address should be a neighbor. */ - dstaddr = ifa_ifwithdstaddr((struct sockaddr *)addr, RT_DEFAULT_FIB); + dstaddr = ifa_ifwithdstaddr((struct sockaddr *)addr); if (dstaddr != NULL) { if (dstaddr->ifa_ifp == ifp) { ifa_free(dstaddr); diff --git a/tests/sys/netinet/fibs_test.sh b/tests/sys/netinet/fibs_test.sh index d8b18e2..72ebcfc 100755 --- a/tests/sys/netinet/fibs_test.sh +++ b/tests/sys/netinet/fibs_test.sh @@ -369,25 +369,38 @@ udp_dontroute_body() atf_expect_fail "kern/187553 Source address selection for UDP packets with SO_DONTROUTE uses the default FIB" # Configure the TAP interface to use an RFC5737 nonrouteable address # and a non-default fib - ADDR="192.0.2.2" + ADDR0="192.0.2.2" + ADDR1="192.0.2.3" SUBNET="192.0.2.0" MASK="24" # Use a different IP on the same subnet as the target TARGET="192.0.2.100" + SRCDIR=`atf_get_srcdir` # Check system configuration if [ 0 != `sysctl -n net.add_addr_allfibs` ]; then atf_skip "This test requires net.add_addr_allfibs=0" fi - get_fibs 1 + get_fibs 2 - # Configure a TAP interface - setup_tap ${FIB0} ${ADDR} ${MASK} + # Configure the TAP interfaces + setup_tap ${FIB0} ${ADDR0} ${MASK} + TARGET_TAP=${TAP} + setup_tap ${FIB1} ${ADDR1} ${MASK} # Send a UDP packet with SO_DONTROUTE. In the failure case, it will - # return ENETUNREACH - SRCDIR=`atf_get_srcdir` - atf_check -o ignore setfib ${FIB0} ${SRCDIR}/udp_dontroute ${TARGET} + # return ENETUNREACH, or send the packet to the wrong tap + atf_check -o ignore setfib ${FIB0} \ + ${SRCDIR}/udp_dontroute ${TARGET} /dev/${TARGET_TAP} + cleanup_tap + + # Repeat, but this time target the other tap + setup_tap ${FIB0} ${ADDR0} ${MASK} + setup_tap ${FIB1} ${ADDR1} ${MASK} + TARGET_TAP=${TAP} + + atf_check -o ignore setfib ${FIB1} \ + ${SRCDIR}/udp_dontroute ${TARGET} /dev/${TARGET_TAP} } udp_dontroute_cleanup() @@ -467,4 +480,5 @@ cleanup_tap() for TAPD in `cat "tap_devices_to_cleanup"`; do ifconfig ${TAPD} destroy done + rm "tap_devices_to_cleanup" } diff --git a/tests/sys/netinet/udp_dontroute.c b/tests/sys/netinet/udp_dontroute.c index 1e162a1..79421fd 100644 --- a/tests/sys/netinet/udp_dontroute.c +++ b/tests/sys/netinet/udp_dontroute.c @@ -39,9 +39,11 @@ #include <err.h> #include <errno.h> +#include <fcntl.h> #include <stdio.h> #include <stdlib.h> #include <string.h> +#include <unistd.h> /* * Sends a single UDP packet to the provided address, with SO_DONTROUTE set @@ -51,23 +53,31 @@ int main(int argc, char **argv) { struct sockaddr_in dst; - int s; + int s, t; int opt; int ret; - const char* buf = "Hello, World!"; + ssize_t len; + const char* sendbuf = "Hello, World!"; + const size_t buflen = 80; + char recvbuf[buflen]; - if (argc != 2) { - fprintf(stderr, "Usage: %s ip_address\n", argv[0]); + if (argc != 3) { + fprintf(stderr, "Usage: %s ip_address tapdev\n", argv[0]); exit(2); } + + t = open(argv[2], O_RDWR | O_NONBLOCK); + if (t < 0) + err(EXIT_FAILURE, "open"); + s = socket(PF_INET, SOCK_DGRAM, 0); if (s < 0) - err(errno, "socket"); + err(EXIT_FAILURE, "socket"); opt = 1; ret = setsockopt(s, SOL_SOCKET, SO_DONTROUTE, &opt, sizeof(opt)); if (ret == -1) - err(errno, "setsockopt(SO_DONTROUTE)"); + err(EXIT_FAILURE, "setsockopt(SO_DONTROUTE)"); dst.sin_len = sizeof(dst); dst.sin_family = AF_INET; @@ -77,10 +87,25 @@ main(int argc, char **argv) fprintf(stderr, "Invalid address: %s\n", argv[1]); exit(2); } - ret = sendto(s, buf, strlen(buf), 0, (struct sockaddr*)&dst, + ret = sendto(s, sendbuf, strlen(sendbuf), 0, (struct sockaddr*)&dst, dst.sin_len); if (ret == -1) - err(errno, "sendto"); + err(EXIT_FAILURE, "sendto"); + + /* Verify that the packet went to the desired tap device */ + + len = read(t, recvbuf, buflen); + if (len == 0) + errx(EXIT_FAILURE, "read returned EOF"); + else if (len < 0 && errno == EAGAIN) + errx(EXIT_FAILURE, "Did not receive any packets"); + else if (len < 0) + err(EXIT_FAILURE, "read"); + /* + * If read returned anything at all, consider it a success. The packet + * should be an Ethernet frame containing an ARP request for + * ip_address. We won't bother to decode it + */ return (0); } |
