From owner-svn-src-all@FreeBSD.ORG Tue Oct 7 14:05:04 2014 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E9751DA2; Tue, 7 Oct 2014 14:05:04 +0000 (UTC) Received: from mail.fer.hr (mail.fer.hr [161.53.72.233]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (Client CN "mail.fer.hr", Issuer "TERENA SSL CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7DA9238F; Tue, 7 Oct 2014 14:05:04 +0000 (UTC) Received: from x23 (31.147.124.153) by MAIL.fer.hr (161.53.72.233) with Microsoft SMTP Server (TLS) id 14.2.342.3; Tue, 7 Oct 2014 16:03:51 +0200 Date: Tue, 7 Oct 2014 16:04:05 +0200 From: Marko Zec To: "Andrey V. Elsukov" Subject: Re: svn commit: r272695 - head/sys/net Message-ID: <20141007160405.35f52792@x23> In-Reply-To: <201410071331.s97DV5hB088377@svn.freebsd.org> References: <201410071331.s97DV5hB088377@svn.freebsd.org> X-Mailer: Claws Mail 3.9.2 (GTK+ 2.24.19; amd64-portbld-freebsd9.1) MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Originating-IP: [31.147.124.153] Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Oct 2014 14:05:05 -0000 On Tue, 7 Oct 2014 13:31:05 +0000 "Andrey V. Elsukov" wrote: > Author: ae > Date: Tue Oct 7 13:31:04 2014 > New Revision: 272695 > URL: https://svnweb.freebsd.org/changeset/base/272695 > > Log: > Our packet filters use mbuf's rcvif pointer to determine incoming > interface. Change mbuf's rcvif to enc0 and restore it after pfil > processing. Will this work / was this tested with options VIMAGE, where m_pkthdr.rcvif->if_vnet will no longer match curvnet, except in vnet0? Marko > PR: 110959 > Sponsored by: Yandex LLC > > Modified: > head/sys/net/if_enc.c > > Modified: head/sys/net/if_enc.c > ============================================================================== > --- head/sys/net/if_enc.c Tue Oct 7 13:30:42 2014 > (r272694) +++ head/sys/net/if_enc.c Tue Oct 7 13:31:04 > 2014 (r272695) @@ -230,6 +230,7 @@ ipsec_filter(struct mbuf > **mp, int dir, { > int error, i; > struct ip *ip; > + struct ifnet *rcvif; > > KASSERT(encif != NULL, ("%s: encif is null", __func__)); > KASSERT(flags & (ENC_IN|ENC_OUT), > @@ -268,6 +269,8 @@ ipsec_filter(struct mbuf **mp, int dir, > } > > error = 0; > + rcvif = (*mp)->m_pkthdr.rcvif; > + (*mp)->m_pkthdr.rcvif = encif; > ip = mtod(*mp, struct ip *); > switch (ip->ip_v) { > #ifdef INET > @@ -298,6 +301,7 @@ ipsec_filter(struct mbuf **mp, int dir, > if (error != 0) > goto bad; > > + (*mp)->m_pkthdr.rcvif = rcvif; > return (error); > > bad: >