Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 28 Nov 2014 20:39:35 +0000 (UTC)
From:      Cy Schubert <cy@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org
Subject:   svn commit: r275213 - stable/10/sys/contrib/ipfilter/netinet
Message-ID:  <201411282039.sASKdZSV014116@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: cy
Date: Fri Nov 28 20:39:35 2014
New Revision: 275213
URL: https://svnweb.freebsd.org/changeset/base/275213

Log:
  MFC r274744.
  
  Set the current vnet inside the ioctl handler for ipfilter.
  
  Without this fix, the vnet was NULL and would crash.
  This fix is similar to what was done inside the ioctl handler for PF.
  
  Tested by:
     (1) Boot a kernel with "options VIMAGE" enabled
     (2) Type:
  
     echo "map lo0 from 10.0.0.0/24 to ! 10.0.0.0/24 -> 127.0.0.1/32" > /etc/ipnat.rules ; service ipnat onerestart
  
  PR: 176992
  Differential Revision: https://reviews.freebsd.org/D1191

Modified:
  stable/10/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c
==============================================================================
--- stable/10/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c	Fri Nov 28 19:21:46 2014	(r275212)
+++ stable/10/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c	Fri Nov 28 20:39:35 2014	(r275213)
@@ -33,6 +33,9 @@ static const char rcsid[] = "@(#)$Id$";
 #include <sys/time.h>
 #include <sys/systm.h>
 # include <sys/dirent.h>
+#if defined(__FreeBSD_version) && (__FreeBSD_version >= 800000)
+#include <sys/jail.h>
+#endif
 # include <sys/mbuf.h>
 # include <sys/sockopt.h>
 #if !defined(__hpux)
@@ -52,6 +55,12 @@ static const char rcsid[] = "@(#)$Id$";
 #include <netinet/ip.h>
 #include <netinet/ip_var.h>
 #include <netinet/tcp.h>
+#if defined(__FreeBSD_version) && (__FreeBSD_version >= 800000)
+#include <net/vnet.h>
+#else
+#define CURVNET_SET(arg)
+#define CURVNET_RESTORE()
+#endif
 #if defined(__osf__)
 # include <netinet/tcp_timer.h>
 #endif
@@ -323,7 +332,9 @@ ipfioctl(dev, cmd, data, mode
 
 	SPL_NET(s);
 
+	CURVNET_SET(TD_TO_VNET(p));
 	error = ipf_ioctlswitch(&ipfmain, unit, data, cmd, mode, p->p_uid, p);
+	CURVNET_RESTORE();
 	if (error != -1) {
 		SPL_X(s);
 		return error;

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201411282039.sASKdZSV014116>