From owner-svn-src-all@FreeBSD.ORG Thu Jul 31 16:43:57 2014 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0BBA581D; Thu, 31 Jul 2014 16:43:57 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D42ED289D; Thu, 31 Jul 2014 16:43:56 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s6VGhuPL086178; Thu, 31 Jul 2014 16:43:56 GMT (envelope-from smh@svn.freebsd.org) Received: (from smh@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id s6VGhucH086177; Thu, 31 Jul 2014 16:43:56 GMT (envelope-from smh@svn.freebsd.org) Message-Id: <201407311643.s6VGhucH086177@svn.freebsd.org> From: Steven Hartland Date: Thu, 31 Jul 2014 16:43:56 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r269340 - head/sys/netinet X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Jul 2014 16:43:57 -0000 Author: smh Date: Thu Jul 31 16:43:56 2014 New Revision: 269340 URL: http://svnweb.freebsd.org/changeset/base/269340 Log: Ensure that IP's added to CARP always use the CARP MAC Previously there was a race condition between the address addition and associating it with the CARP which resulted in the interface MAC, instead of the CARP MAC, being used for a brief amount of time. This caused "is using my IP address" warnings as well as data being sent to the wrong machine due to incorrect ARP entries being recorded by other devices on the network. Modified: head/sys/netinet/in.c Modified: head/sys/netinet/in.c ============================================================================== --- head/sys/netinet/in.c Thu Jul 31 16:17:30 2014 (r269339) +++ head/sys/netinet/in.c Thu Jul 31 16:43:56 2014 (r269340) @@ -407,6 +407,12 @@ in_aifaddr_ioctl(u_long cmd, caddr_t dat if (ifp->if_flags & IFF_LOOPBACK) ia->ia_dstaddr = ia->ia_addr; + if (vhid != 0) { + error = (*carp_attach_p)(&ia->ia_ifa, vhid); + if (error) + return (error); + } + /* if_addrhead is already referenced by ifa_alloc() */ IF_ADDR_WLOCK(ifp); TAILQ_INSERT_TAIL(&ifp->if_addrhead, ifa, ifa_link); @@ -418,12 +424,6 @@ in_aifaddr_ioctl(u_long cmd, caddr_t dat LIST_INSERT_HEAD(INADDR_HASH(ia->ia_addr.sin_addr.s_addr), ia, ia_hash); IN_IFADDR_WUNLOCK(); - if (vhid != 0) { - error = (*carp_attach_p)(&ia->ia_ifa, vhid); - if (error) - goto fail1; - } - /* * Give the interface a chance to initialize * if this is its first address, @@ -432,7 +432,7 @@ in_aifaddr_ioctl(u_long cmd, caddr_t dat if (ifp->if_ioctl != NULL) { error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia); if (error) - goto fail2; + goto fail1; } /* @@ -446,7 +446,7 @@ in_aifaddr_ioctl(u_long cmd, caddr_t dat error = in_addprefix(ia, flags); if (error) - goto fail2; + goto fail1; } /* @@ -464,7 +464,7 @@ in_aifaddr_ioctl(u_long cmd, caddr_t dat error = ifa_add_loopback_route((struct ifaddr *)ia, (struct sockaddr *)&ia->ia_addr); if (error) - goto fail3; + goto fail2; } else ifa_free(&eia->ia_ifa); } @@ -484,15 +484,14 @@ in_aifaddr_ioctl(u_long cmd, caddr_t dat return (error); -fail3: +fail2: if (vhid == 0) (void )in_scrubprefix(ia, LLE_STATIC); -fail2: +fail1: if (ia->ia_ifa.ifa_carp) (*carp_detach_p)(&ia->ia_ifa); -fail1: IF_ADDR_WLOCK(ifp); TAILQ_REMOVE(&ifp->if_addrhead, &ia->ia_ifa, ifa_link); IF_ADDR_WUNLOCK(ifp);