Date: Wed, 15 Aug 2018 16:12:13 +0000 (UTC) From: Luiz Otavio O Souza <loos@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r337855 - stable/11/sys/net Message-ID: <201808151612.w7FGCD0e021405@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: loos Date: Wed Aug 15 16:12:13 2018 New Revision: 337855 URL: https://svnweb.freebsd.org/changeset/base/337855 Log: MFC r312953: The stf(4) interface name does not conform with the default naming convention for interfaces, because only one stf(4) interface can exist in the system. This disallow the use of unit numbers different than 0, however, it is possible to create the clone without specify the unit number (wildcard). In the wildcard case we must update the interface name before return. This fix an infinite recursion in pf code that keeps track of network interfaces and groups: 1 - a group for the cloned type of the interface is added (stf in this case); 2 - the system will now try to add an interface named stf (instead of stf0) to stf group; 3 - when pfi_kif_attach() tries to search for an already existing 'stf' interface, the 'stf' group is returned and thus the group is added as an interface of itself; This will now cause a crash at the first attempt to traverse the groups which the stf interface belongs (which loops over itself). Obtained from: pfSense Sponsored by: Rubicon Communications, LLC (Netgate) Modified: stable/11/sys/net/if_stf.c Directory Properties: stable/11/ (props changed) Modified: stable/11/sys/net/if_stf.c ============================================================================== --- stable/11/sys/net/if_stf.c Wed Aug 15 15:44:30 2018 (r337854) +++ stable/11/sys/net/if_stf.c Wed Aug 15 16:12:13 2018 (r337855) @@ -202,10 +202,16 @@ stf_clone_match(struct if_clone *ifc, const char *name static int stf_clone_create(struct if_clone *ifc, char *name, size_t len, caddr_t params) { - int err, unit; + char *dp; + int err, unit, wildcard; struct stf_softc *sc; struct ifnet *ifp; + err = ifc_name2unit(name, &unit); + if (err != 0) + return (err); + wildcard = (unit < 0); + /* * We can only have one unit, but since unit allocation is * already locked, we use it to keep from allocating extra @@ -229,7 +235,20 @@ stf_clone_create(struct if_clone *ifc, char *name, siz /* * Set the name manually rather then using if_initname because * we don't conform to the default naming convention for interfaces. + * In the wildcard case, we need to update the name. */ + if (wildcard) { + for (dp = name; *dp != '\0'; dp++); + if (snprintf(dp, len - (dp-name), "%d", unit) > + len - (dp-name) - 1) { + /* + * This can only be a programmer error and + * there's no straightforward way to recover if + * it happens. + */ + panic("if_clone_create(): interface name too long"); + } + } strlcpy(ifp->if_xname, name, IFNAMSIZ); ifp->if_dname = stfname; ifp->if_dunit = IF_DUNIT_NONE;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201808151612.w7FGCD0e021405>