From owner-svn-src-stable@FreeBSD.ORG Thu Sep 17 13:42:00 2009 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2B21F1065696; Thu, 17 Sep 2009 13:42:00 +0000 (UTC) (envelope-from bms@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 163F48FC13; Thu, 17 Sep 2009 13:42:00 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n8HDfxCn058752; Thu, 17 Sep 2009 13:41:59 GMT (envelope-from bms@svn.freebsd.org) Received: (from bms@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id n8HDfxSK058750; Thu, 17 Sep 2009 13:41:59 GMT (envelope-from bms@svn.freebsd.org) Message-Id: <200909171341.n8HDfxSK058750@svn.freebsd.org> From: Bruce M Simpson Date: Thu, 17 Sep 2009 13:41:59 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r197280 - in stable/8/sys: . amd64/include/xen cddl/contrib/opensolaris contrib/dev/acpica contrib/pf dev/ciss dev/xen/xenpci netinet X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Sep 2009 13:42:00 -0000 Author: bms Date: Thu Sep 17 13:41:59 2009 New Revision: 197280 URL: http://svn.freebsd.org/changeset/base/197280 Log: MFC revs 197129,197130,197132: Fixes to mcast userland API. -- Fix an API issue in leave processing for IPv4 multicast groups. * Do not assume that the group lookup performed by imo_match_group() is valid when ifp is NULL in this case. * Instead, return EADDRNOTAVAIL if the ifp cannot be resolved for the membership we are being asked to leave. Caveat user: * The way IPv4 multicast memberships are implemented in the inpcb layer at the moment, has the side-effect that struct ip_moptions will still hold the membership, under the old ifp, until ip_freemoptions() is called for the parent inpcb. * The underlying issue is: the inpcb layer does not get notification of ifp being detached going away in a thread-safe manner. This is non-trivial to fix. -- Fix an obvious logic error in the IPv4 multicast leave processing, where the filter mode vector was not updated correctly after the leave. -- Tighten input checking in inp_join_group(): * Don't try to use the source address, when its family is unspecified. * If we get a join without a source, on an existing inclusive mode group, this is an error, as it would change the filter mode. Fix a problem with the handling of in_mfilter for new memberships: * Do not rely on imf being NULL; it is explicitly initialized to a non-NULL pointer when constructing a membership. * Explicitly initialize *imf to EX mode when the source address is unspecified. This fixes a problem with in_mfilter slot recycling in the join path. -- Don't allow joins w/o source on an existing group. This is almost always pilot error. We don't need to check for group filter UNDEFINED state at t1, because we only ever allocate filters with their groups, so we unconditionally reject such calls with EINVAL. Trying to change the active filter mode w/o going through IP_MSFILTER is also disallowed. Deals with the case described in PR 137164 upfront, cumulative with the fix in svn rev 197132 which only calls imo_match_source() if the source address family was not unspecified. -- Revision 197136 has a text conflict, however it is a comment only change. PR: 137164, 138689, 138690, 138691 Submitted by: Stef Walter (with fixups) Approved by: re (kib) Modified: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) stable/8/sys/dev/ciss/ (props changed) stable/8/sys/dev/xen/xenpci/ (props changed) stable/8/sys/netinet/in_mcast.c Modified: stable/8/sys/netinet/in_mcast.c ============================================================================== --- stable/8/sys/netinet/in_mcast.c Thu Sep 17 13:33:40 2009 (r197279) +++ stable/8/sys/netinet/in_mcast.c Thu Sep 17 13:41:59 2009 (r197280) @@ -1957,11 +1957,6 @@ inp_join_group(struct inpcb *inp, struct if (ifp == NULL || (ifp->if_flags & IFF_MULTICAST) == 0) return (EADDRNOTAVAIL); - /* - * MCAST_JOIN_SOURCE on an exclusive membership is an error. - * On an existing inclusive membership, it just adds the - * source to the filter list. - */ imo = inp_findmoptions(inp); idx = imo_match_group(imo, ifp, &gsa->sa); if (idx == -1) { @@ -1969,15 +1964,33 @@ inp_join_group(struct inpcb *inp, struct } else { inm = imo->imo_membership[idx]; imf = &imo->imo_mfilters[idx]; - if (ssa->ss.ss_family != AF_UNSPEC && - imf->imf_st[1] != MCAST_INCLUDE) { - error = EINVAL; - goto out_inp_locked; - } - lims = imo_match_source(imo, idx, &ssa->sa); - if (lims != NULL) { - error = EADDRNOTAVAIL; - goto out_inp_locked; + if (ssa->ss.ss_family != AF_UNSPEC) { + /* + * MCAST_JOIN_SOURCE on an exclusive membership + * is an error. On an existing inclusive membership, + * it just adds the source to the filter list. + */ + if (imf->imf_st[1] != MCAST_INCLUDE) { + error = EINVAL; + goto out_inp_locked; + } + /* Throw out duplicates. */ + lims = imo_match_source(imo, idx, &ssa->sa); + if (lims != NULL) { + error = EADDRNOTAVAIL; + goto out_inp_locked; + } + } else { + /* + * MCAST_JOIN_GROUP on an existing inclusive + * membership is an error; if you want to change + * filter mode, you must use the userland API + * setsourcefilter(). + */ + if (imf->imf_st[1] == MCAST_INCLUDE) { + error = EINVAL; + goto out_inp_locked; + } } } @@ -2010,7 +2023,8 @@ inp_join_group(struct inpcb *inp, struct /* * Graft new source into filter list for this inpcb's * membership of the group. The in_multi may not have - * been allocated yet if this is a new membership. + * been allocated yet if this is a new membership, however, + * the in_mfilter slot will be allocated and must be initialized. */ if (ssa->ss.ss_family != AF_UNSPEC) { /* Membership starts in IN mode */ @@ -2027,6 +2041,12 @@ inp_join_group(struct inpcb *inp, struct error = ENOMEM; goto out_imo_free; } + } else { + /* No address specified; Membership starts in EX mode */ + if (is_new) { + CTR1(KTR_IGMPV3, "%s: new join w/o source", __func__); + imf_init(imf, MCAST_UNDEFINED, MCAST_EXCLUDE); + } } /* @@ -2189,6 +2209,9 @@ inp_leave_group(struct inpcb *inp, struc if (!IN_MULTICAST(ntohl(gsa->sin.sin_addr.s_addr))) return (EINVAL); + if (ifp == NULL) + return (EADDRNOTAVAIL); + /* * Find the membership in the membership array. */ @@ -2275,9 +2298,11 @@ out_imf_rollback: imf_reap(imf); if (is_final) { - /* Remove the gap in the membership array. */ - for (++idx; idx < imo->imo_num_memberships; ++idx) + /* Remove the gap in the membership and filter array. */ + for (++idx; idx < imo->imo_num_memberships; ++idx) { imo->imo_membership[idx-1] = imo->imo_membership[idx]; + imo->imo_mfilters[idx-1] = imo->imo_mfilters[idx]; + } imo->imo_num_memberships--; }