From owner-svn-src-stable-10@FreeBSD.ORG Tue Mar 18 16:56:06 2014 Return-Path: Delivered-To: svn-src-stable-10@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9FDB9578; Tue, 18 Mar 2014 16:56:06 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8AEECDCE; Tue, 18 Mar 2014 16:56:06 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s2IGu6X6045404; Tue, 18 Mar 2014 16:56:06 GMT (envelope-from glebius@svn.freebsd.org) Received: (from glebius@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s2IGu5E9045398; Tue, 18 Mar 2014 16:56:05 GMT (envelope-from glebius@svn.freebsd.org) Message-Id: <201403181656.s2IGu5E9045398@svn.freebsd.org> From: Gleb Smirnoff Date: Tue, 18 Mar 2014 16:56:05 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r263307 - in stable/10/sys: netinet netinet6 X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Mar 2014 16:56:06 -0000 Author: glebius Date: Tue Mar 18 16:56:05 2014 New Revision: 263307 URL: http://svnweb.freebsd.org/changeset/base/263307 Log: Merge r263091: fix mbuf flags clash that lead to failure of operation of IPSEC and packet filters. PR: kern/185876 PR: kern/186755 Modified: stable/10/sys/netinet/ip_input.c stable/10/sys/netinet/ip_var.h stable/10/sys/netinet6/in6.h stable/10/sys/netinet6/ip6_var.h Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/netinet/ip_input.c ============================================================================== --- stable/10/sys/netinet/ip_input.c Tue Mar 18 16:41:32 2014 (r263306) +++ stable/10/sys/netinet/ip_input.c Tue Mar 18 16:56:05 2014 (r263307) @@ -707,6 +707,7 @@ ours: * ip_reass() will return a different mbuf. */ if (ip->ip_off & htons(IP_MF | IP_OFFMASK)) { + /* XXXGL: shouldn't we save & set m_flags? */ m = ip_reass(m); if (m == NULL) return; @@ -799,6 +800,8 @@ SYSCTL_PROC(_net_inet_ip, OID_AUTO, maxf NULL, 0, sysctl_maxnipq, "I", "Maximum number of IPv4 fragment reassembly queue entries"); +#define M_IP_FRAG M_PROTO9 + /* * Take incoming datagram fragment and try to reassemble it into * whole datagram. If the argument is the first fragment or one Modified: stable/10/sys/netinet/ip_var.h ============================================================================== --- stable/10/sys/netinet/ip_var.h Tue Mar 18 16:41:32 2014 (r263306) +++ stable/10/sys/netinet/ip_var.h Tue Mar 18 16:56:05 2014 (r263307) @@ -162,15 +162,6 @@ void kmod_ipstat_dec(int statnum); #define IP_ROUTETOIF SO_DONTROUTE /* 0x10 bypass routing tables */ #define IP_ALLOWBROADCAST SO_BROADCAST /* 0x20 can send broadcast packets */ -/* - * IPv4 protocol layer specific mbuf flags. - */ -#define M_FASTFWD_OURS M_PROTO1 /* changed dst to local */ -#define M_IP_NEXTHOP M_PROTO2 /* explicit ip nexthop */ -#define M_SKIP_FIREWALL M_PROTO3 /* skip firewall processing, - keep in sync with IP6 */ -#define M_IP_FRAG M_PROTO4 /* fragment reassembly */ - #ifdef __NO_STRICT_ALIGNMENT #define IP_HDR_ALIGNED_P(ip) 1 #else Modified: stable/10/sys/netinet6/in6.h ============================================================================== --- stable/10/sys/netinet6/in6.h Tue Mar 18 16:41:32 2014 (r263306) +++ stable/10/sys/netinet6/in6.h Tue Mar 18 16:56:05 2014 (r263307) @@ -622,13 +622,18 @@ struct ip6_mtuinfo { #endif /* __BSD_VISIBLE */ /* - * Redefinition of mbuf flags + * Since both netinet/ and netinet6/ call into netipsec/ and netpfil/, + * the protocol specific mbuf flags are shared between them. */ -#define M_AUTHIPHDR M_PROTO2 -#define M_DECRYPTED M_PROTO3 -#define M_LOOP M_PROTO4 -#define M_AUTHIPDGM M_PROTO5 -#define M_RTALERT_MLD M_PROTO6 +#define M_FASTFWD_OURS M_PROTO1 /* changed dst to local */ +#define M_IP6_NEXTHOP M_PROTO2 /* explicit ip nexthop */ +#define M_IP_NEXTHOP M_PROTO2 /* explicit ip nexthop */ +#define M_SKIP_FIREWALL M_PROTO3 /* skip firewall processing */ +#define M_AUTHIPHDR M_PROTO4 +#define M_DECRYPTED M_PROTO5 +#define M_LOOP M_PROTO6 +#define M_AUTHIPDGM M_PROTO7 +#define M_RTALERT_MLD M_PROTO8 #ifdef _KERNEL struct cmsghdr; Modified: stable/10/sys/netinet6/ip6_var.h ============================================================================== --- stable/10/sys/netinet6/ip6_var.h Tue Mar 18 16:41:32 2014 (r263306) +++ stable/10/sys/netinet6/ip6_var.h Tue Mar 18 16:56:05 2014 (r263307) @@ -293,13 +293,6 @@ struct ip6aux { #define IPV6_FORWARDING 0x02 /* most of IPv6 header exists */ #define IPV6_MINMTU 0x04 /* use minimum MTU (IPV6_USE_MIN_MTU) */ -/* - * IPv6 protocol layer specific mbuf flags. - */ -#define M_IP6_NEXTHOP M_PROTO2 /* explicit ip nexthop */ -#define M_SKIP_FIREWALL M_PROTO3 /* skip firewall processing, - keep in sync with IPv4 */ - #ifdef __NO_STRICT_ALIGNMENT #define IP6_HDR_ALIGNED_P(ip) 1 #else