Date: Thu, 02 Feb 2006 10:55:45 -0600 From: "Christian S.J. Peron" <csjp@FreeBSD.org> To: Michal Mertl <michal.mertl@i.cz> Cc: Andrew Thompson <thompsa@freebsd.org>, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/net pfil.c pfil.h src/sys/netinet ip_fastfwd.c ip_fw2.c ip_input.c ip_output.c src/sys/netinet6 ip6_forward.c ip6_input.c ip6_output.c Message-ID: <43E23991.4080108@FreeBSD.org> In-Reply-To: <1138898295.10021.0.camel@genius.i.cz> References: <200602020313.k123DGFl029834@repoman.freebsd.org> <1138898295.10021.0.camel@genius.i.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
Michal Mertl wrote: >Christian S.J. Peron wrote: > > >>csjp 2006-02-02 03:13:16 UTC >> >> FreeBSD src repository >> >> Modified files: >> sys/net pfil.c pfil.h >> sys/netinet ip_fastfwd.c ip_fw2.c ip_input.c >> ip_output.c >> sys/netinet6 ip6_forward.c ip6_input.c ip6_output.c >> Log: >>.... >> >> > >I think you broke if_bridge(4) and also debug kernel build. Patches for >both bugs are attached. > > >Michal > > >------------------------------------------------------------------------ > >Index: if_bridge.c >=================================================================== >RCS file: /home/fcvs/cvs/src/sys/net/if_bridge.c,v >retrieving revision 1.52 >diff -u -r1.52 if_bridge.c >--- if_bridge.c 31 Jan 2006 21:21:28 -0000 1.52 >+++ if_bridge.c 2 Feb 2006 12:30:37 -0000 >@@ -1531,9 +1531,9 @@ > return; > } > >- if (inet_pfil_hook.ph_busy_count >= 0 >+ if (PFIL_HOOKED(&inet_pfil_hook) > #ifdef INET6 >- || inet6_pfil_hook.ph_busy_count >= 0 >+ || PFIL_HOOKED(&inet6_pfil_hook) > #endif > ) { > if (bridge_pfil(&m, sc->sc_ifp, ifp, PFIL_OUT) != 0) >@@ -1800,9 +1800,9 @@ > } > > /* run the packet filter */ >- if (inet_pfil_hook.ph_busy_count >= 0 >+ if (PFIL_HOOKED(&inet_pfil_hook) > #ifdef INET6 >- || inet6_pfil_hook.ph_busy_count >= 0 >+ || PFIL_HOOKED(&inet6_pfil_hook) > #endif > ) { > BRIDGE_UNLOCK(sc); >@@ -1857,9 +1857,9 @@ > > BRIDGE_UNLOCK(sc); > >- if (inet_pfil_hook.ph_busy_count >= 0 >+ if (PFIL_HOOKED(&inet_pfil_hook) > #ifdef INET6 >- || inet6_pfil_hook.ph_busy_count >= 0 >+ || PFIL_HOOKED(&inet6_pfil_hook) > #endif > ) { > if (bridge_pfil(&m, sc->sc_ifp, dst_if, PFIL_OUT) != 0) >@@ -2055,9 +2055,10 @@ > } > > /* Filter on the bridge interface before broadcasting */ >- if (runfilt && (inet_pfil_hook.ph_busy_count >= 0 >+ if (runfilt && >+ (PFIL_HOOKED(&inet_pfil_hook) > #ifdef INET6 >- || inet6_pfil_hook.ph_busy_count >= 0 >+ || PFIL_HOOKED(&inet6_pfil_hook) > #endif > )) { > if (bridge_pfil(&m, sc->sc_ifp, NULL, PFIL_OUT) != 0) >@@ -2102,9 +2103,10 @@ > * pointer so we do not redundantly filter on the bridge for > * each interface we broadcast on. > */ >- if (runfilt && (inet_pfil_hook.ph_busy_count >= 0 >+ if (runfilt && >+ (PFIL_HOOKED(&inet_pfil_hook) > #ifdef INET6 >- || inet6_pfil_hook.ph_busy_count >= 0 >+ || PFIL_HOOKED(&inet6_pfil_hook) > #endif > )) { > if (bridge_pfil(&mc, NULL, dst_if, PFIL_OUT) != 0) > > >------------------------------------------------------------------------ > >Index: ip_fw2.c >=================================================================== >RCS file: /home/fcvs/cvs/src/sys/netinet/ip_fw2.c,v >retrieving revision 1.125 >diff -u -r1.125 ip_fw2.c >--- ip_fw2.c 2 Feb 2006 03:13:15 -0000 1.125 >+++ ip_fw2.c 2 Feb 2006 13:06:31 -0000 >@@ -1,5 +1,5 @@ > /*- >- * Copyright (c) 2002 Luigi Rizzo, Universita` di Pisa >+ * cOPYright (c) 2002 Luigi Rizzo, Universita` di Pisa > * > * Redistribution and use in source and binary forms, with or without > * modification, are permitted provided that the following conditions >@@ -139,7 +139,7 @@ > rw_init(&(_chain)->rwmtx, "IPFW static rules") > #define IPFW_LOCK_DESTROY(_chain) rw_destroy(&(_chain)->rwmtx) > #define IPFW_WLOCK_ASSERT(_chain) do { \ >- rw_assert(rw, RA_WLOCKED); \ >+ rw_assert(&(_chain)->rwmtx, RA_WLOCKED); \ > NET_ASSERT_GIANT(); \ > } while (0) > > > I must have missed the bridge stuff when I committed the PFIL_HOOKED macros, sorry for the inconvinience! -- Christian S.J. Peron csjp@FreeBSD.ORG FreeBSD Committer FreeBSD Security Team
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43E23991.4080108>