svn commit: r214250 - in head/sys: netinet netinet6 netipsec
Bjoern A. Zeeb
bz at FreeBSD.org
Sat Oct 23 20:35:41 UTC 2010
Author: bz
Date: Sat Oct 23 20:35:40 2010
New Revision: 214250
URL: http://svn.freebsd.org/changeset/base/214250
Log:
Make the IPsec SADB embedded route cache a union to be able to hold both the
legacy and IPv6 route destination address.
Previously in case of IPv6, there was a memory overwrite due to not enough
space for the IPv6 address.
PR: kern/122565
MFC After: 2 weeks
Modified:
head/sys/netinet/ip_ipsec.c
head/sys/netinet6/ip6_ipsec.c
head/sys/netipsec/ipsec_output.c
head/sys/netipsec/key.c
head/sys/netipsec/keydb.h
Modified: head/sys/netinet/ip_ipsec.c
==============================================================================
--- head/sys/netinet/ip_ipsec.c Sat Oct 23 16:59:39 2010 (r214249)
+++ head/sys/netinet/ip_ipsec.c Sat Oct 23 20:35:40 2010 (r214250)
@@ -239,7 +239,7 @@ ip_ipsec_mtu(struct mbuf *m, int mtu)
if (sp->req != NULL &&
sp->req->sav != NULL &&
sp->req->sav->sah != NULL) {
- ro = &sp->req->sav->sah->sa_route;
+ ro = &sp->req->sav->sah->route_cache.sa_route;
if (ro->ro_rt && ro->ro_rt->rt_ifp) {
mtu =
ro->ro_rt->rt_rmx.rmx_mtu ?
Modified: head/sys/netinet6/ip6_ipsec.c
==============================================================================
--- head/sys/netinet6/ip6_ipsec.c Sat Oct 23 16:59:39 2010 (r214249)
+++ head/sys/netinet6/ip6_ipsec.c Sat Oct 23 20:35:40 2010 (r214250)
@@ -366,7 +366,7 @@ ip6_ipsec_mtu(struct mbuf *m)
if (sp->req != NULL &&
sp->req->sav != NULL &&
sp->req->sav->sah != NULL) {
- ro = &sp->req->sav->sah->sa_route;
+ ro = &sp->req->sav->sah->route_cache.sa_route;
if (ro->ro_rt && ro->ro_rt->rt_ifp) {
mtu =
ro->ro_rt->rt_rmx.rmx_mtu ?
Modified: head/sys/netipsec/ipsec_output.c
==============================================================================
--- head/sys/netipsec/ipsec_output.c Sat Oct 23 16:59:39 2010 (r214249)
+++ head/sys/netipsec/ipsec_output.c Sat Oct 23 20:35:40 2010 (r214250)
@@ -829,7 +829,8 @@ ipsec6_output_tunnel(struct ipsec_output
}
ip6 = mtod(m, struct ip6_hdr *);
- state->ro = &isr->sav->sah->sa_route;
+ state->ro =
+ (struct route *)&isr->sav->sah->route_cache.sin6_route;
state->dst = (struct sockaddr *)&state->ro->ro_dst;
dst6 = (struct sockaddr_in6 *)state->dst;
if (state->ro->ro_rt
Modified: head/sys/netipsec/key.c
==============================================================================
--- head/sys/netipsec/key.c Sat Oct 23 16:59:39 2010 (r214249)
+++ head/sys/netipsec/key.c Sat Oct 23 20:35:40 2010 (r214250)
@@ -2758,9 +2758,9 @@ key_delsah(sah)
/* remove from tree of SA index */
if (__LIST_CHAINED(sah))
LIST_REMOVE(sah, chain);
- if (sah->sa_route.ro_rt) {
- RTFREE(sah->sa_route.ro_rt);
- sah->sa_route.ro_rt = (struct rtentry *)NULL;
+ if (sah->route_cache.sa_route.ro_rt) {
+ RTFREE(sah->route_cache.sa_route.ro_rt);
+ sah->route_cache.sa_route.ro_rt = (struct rtentry *)NULL;
}
free(sah, M_IPSEC_SAH);
}
@@ -7925,7 +7925,7 @@ key_sa_routechange(dst)
SAHTREE_LOCK();
LIST_FOREACH(sah, &V_sahtree, chain) {
- ro = &sah->sa_route;
+ ro = &sah->route_cache.sa_route;
if (ro->ro_rt && dst->sa_len == ro->ro_dst.sa_len
&& bcmp(dst, &ro->ro_dst, dst->sa_len) == 0) {
RTFREE(ro->ro_rt);
Modified: head/sys/netipsec/keydb.h
==============================================================================
--- head/sys/netipsec/keydb.h Sat Oct 23 16:59:39 2010 (r214249)
+++ head/sys/netipsec/keydb.h Sat Oct 23 20:35:40 2010 (r214250)
@@ -85,6 +85,12 @@ struct seclifetime {
u_int64_t usetime;
};
+union sa_route_union {
+ struct route sa_route;
+ struct route sin_route; /* Duplicate for consistency. */
+ struct route_in6 sin6_route;
+};
+
/* Security Association Data Base */
struct secashead {
LIST_ENTRY(secashead) chain;
@@ -100,7 +106,7 @@ struct secashead {
/* SA chain */
/* The first of this list is newer SA */
- struct route sa_route; /* route cache */
+ union sa_route_union route_cache;
};
struct xformsw;
More information about the svn-src-head
mailing list