From owner-svn-src-stable@FreeBSD.ORG Sat Nov 6 15:56:44 2010 Return-Path: Delivered-To: svn-src-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C7316106564A; Sat, 6 Nov 2010 15:56:44 +0000 (UTC) (envelope-from bz@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id B47918FC16; Sat, 6 Nov 2010 15:56:44 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id oA6FuiSp036251; Sat, 6 Nov 2010 15:56:44 GMT (envelope-from bz@svn.freebsd.org) Received: (from bz@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id oA6FuiHb036245; Sat, 6 Nov 2010 15:56:44 GMT (envelope-from bz@svn.freebsd.org) Message-Id: <201011061556.oA6FuiHb036245@svn.freebsd.org> From: "Bjoern A. Zeeb" Date: Sat, 6 Nov 2010 15:56:44 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org X-SVN-Group: stable-7 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r214891 - in stable/7/sys: netinet netinet6 netipsec X-BeenThere: svn-src-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for all the -stable branches of the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 06 Nov 2010 15:56:45 -0000 Author: bz Date: Sat Nov 6 15:56:44 2010 New Revision: 214891 URL: http://svn.freebsd.org/changeset/base/214891 Log: MFC r214250: Make the IPsec SADB embedded route cache a union to be able to hold both the legacy and IPv6 route destination address. Previously in case of IPv6, there was a memory overwrite due to not enough space for the IPv6 address. PR: kern/122565 Modified: stable/7/sys/netinet/ip_ipsec.c stable/7/sys/netinet6/ip6_ipsec.c stable/7/sys/netipsec/ipsec_output.c stable/7/sys/netipsec/key.c stable/7/sys/netipsec/keydb.h Directory Properties: stable/7/sys/ (props changed) stable/7/sys/cddl/contrib/opensolaris/ (props changed) stable/7/sys/contrib/dev/acpica/ (props changed) stable/7/sys/contrib/pf/ (props changed) Modified: stable/7/sys/netinet/ip_ipsec.c ============================================================================== --- stable/7/sys/netinet/ip_ipsec.c Sat Nov 6 15:49:59 2010 (r214890) +++ stable/7/sys/netinet/ip_ipsec.c Sat Nov 6 15:56:44 2010 (r214891) @@ -220,7 +220,7 @@ ip_ipsec_mtu(struct mbuf *m, int mtu) if (sp->req != NULL && sp->req->sav != NULL && sp->req->sav->sah != NULL) { - ro = &sp->req->sav->sah->sa_route; + ro = &sp->req->sav->sah->route_cache.sa_route; if (ro->ro_rt && ro->ro_rt->rt_ifp) { mtu = ro->ro_rt->rt_rmx.rmx_mtu ? Modified: stable/7/sys/netinet6/ip6_ipsec.c ============================================================================== --- stable/7/sys/netinet6/ip6_ipsec.c Sat Nov 6 15:49:59 2010 (r214890) +++ stable/7/sys/netinet6/ip6_ipsec.c Sat Nov 6 15:56:44 2010 (r214891) @@ -346,7 +346,7 @@ ip6_ipsec_mtu(struct mbuf *m) if (sp->req != NULL && sp->req->sav != NULL && sp->req->sav->sah != NULL) { - ro = &sp->req->sav->sah->sa_route; + ro = &sp->req->sav->sah->route_cache.sa_route; if (ro->ro_rt && ro->ro_rt->rt_ifp) { mtu = ro->ro_rt->rt_rmx.rmx_mtu ? Modified: stable/7/sys/netipsec/ipsec_output.c ============================================================================== --- stable/7/sys/netipsec/ipsec_output.c Sat Nov 6 15:49:59 2010 (r214890) +++ stable/7/sys/netipsec/ipsec_output.c Sat Nov 6 15:56:44 2010 (r214891) @@ -773,7 +773,8 @@ ipsec6_output_tunnel(struct ipsec_output } ip6 = mtod(m, struct ip6_hdr *); - state->ro = &isr->sav->sah->sa_route; + state->ro = + (struct route *)&isr->sav->sah->route_cache.sin6_route; state->dst = (struct sockaddr *)&state->ro->ro_dst; dst6 = (struct sockaddr_in6 *)state->dst; if (state->ro->ro_rt Modified: stable/7/sys/netipsec/key.c ============================================================================== --- stable/7/sys/netipsec/key.c Sat Nov 6 15:49:59 2010 (r214890) +++ stable/7/sys/netipsec/key.c Sat Nov 6 15:56:44 2010 (r214891) @@ -2674,9 +2674,9 @@ key_delsah(sah) /* remove from tree of SA index */ if (__LIST_CHAINED(sah)) LIST_REMOVE(sah, chain); - if (sah->sa_route.ro_rt) { - RTFREE(sah->sa_route.ro_rt); - sah->sa_route.ro_rt = (struct rtentry *)NULL; + if (sah->route_cache.sa_route.ro_rt) { + RTFREE(sah->route_cache.sa_route.ro_rt); + sah->route_cache.sa_route.ro_rt = (struct rtentry *)NULL; } free(sah, M_IPSEC_SAH); } @@ -7196,7 +7196,7 @@ key_sa_routechange(dst) SAHTREE_LOCK(); LIST_FOREACH(sah, &sahtree, chain) { - ro = &sah->sa_route; + ro = &sah->route_cache.sa_route; if (ro->ro_rt && dst->sa_len == ro->ro_dst.sa_len && bcmp(dst, &ro->ro_dst, dst->sa_len) == 0) { RTFREE(ro->ro_rt); Modified: stable/7/sys/netipsec/keydb.h ============================================================================== --- stable/7/sys/netipsec/keydb.h Sat Nov 6 15:49:59 2010 (r214890) +++ stable/7/sys/netipsec/keydb.h Sat Nov 6 15:56:44 2010 (r214891) @@ -85,6 +85,12 @@ struct seclifetime { u_int64_t usetime; }; +union sa_route_union { + struct route sa_route; + struct route sin_route; /* Duplicate for consistency. */ + struct route_in6 sin6_route; +}; + /* Security Association Data Base */ struct secashead { LIST_ENTRY(secashead) chain; @@ -100,7 +106,7 @@ struct secashead { /* SA chain */ /* The first of this list is newer SA */ - struct route sa_route; /* route cache */ + union sa_route_union route_cache; }; struct xformsw;