Date: Wed, 16 Apr 2003 13:18:22 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 29085 for review Message-ID: <200304162018.h3GKIMZt004466@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=29085 Change 29085 by rwatson@rwatson_tislabs on 2003/04/16 13:18:10 Since the introduction of TCP wait state reduction, tcp_twrespond() has pulled an mbuf from its hat without labeling it before sending, resulting in invariants violations in the MAC code. Add a commented out recommendation on how to address this, with some possible implementation (also commented out). Affected files ... .. //depot/projects/trustedbsd/mac/sys/netinet/tcp_subr.c#28 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/netinet/tcp_subr.c#28 (text+ko) ==== @@ -1683,6 +1683,18 @@ return (NULL); } +/* + * XXXMAC: Really, we need to pass in the mbuf we are responding to + * so that we have a label to assign to the outgoing packet here. + * Question: will one always be available? Should we pass in the + * socket in the twstart case? Perhaps: + * + * tcp_twrespond(struct tcptw *tw, struct socket *so, struct mbuf *m, + * int flags) + * + * Where one of the socket or mbuf must be non-NULL so as to provide + * a label. + */ int tcp_twrespond(struct tcptw *tw, int flags) { @@ -1703,6 +1715,15 @@ return (ENOBUFS); m->m_data += max_linkhdr; +#ifdef 0 +#ifdef MAC + if (so != NULL) + mac_create_mbuf_from_socket(so, m); + else + mac_create_mbuf_netlayer(msrc, m); +#endif +#endif + #ifdef INET6 if (isipv6) { hdrlen = sizeof(struct ip6_hdr) + sizeof(struct tcphdr);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200304162018.h3GKIMZt004466>