From f1f0123e88adadd09a074577a66eedcdcfa047bc Mon Sep 17 00:00:00 2001
From: dwmalone <dwmalone@FreeBSD.org>
Date: Sun, 26 Jun 2005 18:11:11 +0000
Subject: Fix some long standing bugs in writing to the BPF device attached to
 a DLT_NULL interface. In particular:

        1) Consistently use type u_int32_t for the header of a
           DLT_NULL device - it continues to represent the address
           family as always.
        2) In the DLT_NULL case get bpf_movein to store the u_int32_t
           in a sockaddr rather than in the mbuf, to be consistent
           with all the DLT types.
        3) Consequently fix a bug in bpf_movein/bpfwrite which
           only permitted packets up to 4 bytes less than the MTU
           to be written.
        4) Fix all DLT_NULL devices to have the code required to
           allow writing to their bpf devices.
        5) Move the code to allow writing to if_lo from if_simloop
           to looutput, because it only applies to DLT_NULL devices
           but was being applied to other devices that use if_simloop
           possibly incorrectly.

PR:		82157
Submitted by:	Matthew Luckie <mjl@luckie.org.nz>
Approved by:	re (scottl)
---
 sys/net/if_gif.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'sys/net/if_gif.c')

diff --git a/sys/net/if_gif.c b/sys/net/if_gif.c
index 4c243b6..3291321 100644
--- a/sys/net/if_gif.c
+++ b/sys/net/if_gif.c
@@ -179,7 +179,7 @@ gifattach0(sc)
 	GIF2IFP(sc)->if_output = gif_output;
 	GIF2IFP(sc)->if_snd.ifq_maxlen = IFQ_MAXLEN;
 	if_attach(GIF2IFP(sc));
-	bpfattach(GIF2IFP(sc), DLT_NULL, sizeof(u_int));
+	bpfattach(GIF2IFP(sc), DLT_NULL, sizeof(u_int32_t));
 	if (ng_gif_attach_p != NULL)
 		(*ng_gif_attach_p)(GIF2IFP(sc));
 }
@@ -348,6 +348,7 @@ gif_output(ifp, m, dst, rt)
 	struct m_tag *mtag;
 	int error = 0;
 	int gif_called;
+	u_int32_t af;
 
 #ifdef MAC
 	error = mac_check_ifnet_transmit(ifp, m);
@@ -404,8 +405,14 @@ gif_output(ifp, m, dst, rt)
 		goto end;
 	}
 
+	/* BPF writes need to be handled specially. */
+	if (dst->sa_family == AF_UNSPEC) {
+		bcopy(dst->sa_data, &af, sizeof(af));
+		dst->sa_family = af;
+	}
+
 	if (ifp->if_bpf) {
-		u_int32_t af = dst->sa_family;
+		af = dst->sa_family;
 		bpf_mtap2(ifp->if_bpf, &af, sizeof(af), m);
 	}
 	ifp->if_opackets++;	
-- 
cgit v1.1