From nobody Sun Dec 12 18:11:09 2021
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id CFF8418E7E6F;
	Sun, 12 Dec 2021 18:11:09 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4JBt4F3msXz3j9h;
	Sun, 12 Dec 2021 18:11:09 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 56EB225B07;
	Sun, 12 Dec 2021 18:11:09 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 1BCIB9Gl063849;
	Sun, 12 Dec 2021 18:11:09 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 1BCIB9El063847;
	Sun, 12 Dec 2021 18:11:09 GMT
	(envelope-from git)
Date: Sun, 12 Dec 2021 18:11:09 GMT
Message-Id: <202112121811.1BCIB9El063847@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Kristof Provost <kp@FreeBSD.org>
Subject: git: d41caea44ba9 - stable/12 - if_pflog: fix packet length
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kp
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: d41caea44ba9f676b72d9a27d53de520ef61e196
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1639332669;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=0/4o1PNSA0TZZ/5LHq2W8QoC4HBIQ0+BFOvwtQdZwec=;
	b=V8Hd+LZ18q1d4mVsNHVMwAuTBwM/mlgeSVgNdcqcTbnRn1KJkylMPTEhoHWepTfYyQvATl
	e78VVfoTVCOESZoKweB0kBvRELu1UfTVoJXbMug/q4DDcYoNJIsBPnILM19xAildDhrVXA
	/TMuWavDsXtg74pohtCpMAR6+gE1oYLzdiiLrGP6T4qUASuWnUV6jn0FN22dKoZnRmWv3K
	6OVfMRmXDZ8FCWG2WmV70XZ+/LLHD/pv8K7kSyO5o26ukDRWavnHhBfu6OZneOfVG4e6Yl
	Mr/SFzQeItNQZso+GIS9lS6AhnhbQhzt0bORhcKo6xsiKzxg/UUqNEa98Ww5Pw==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1639332669; a=rsa-sha256; cv=none;
	b=V0EyBZC+NL3ebGXQQCS+VYphtTkETIxnlQlby8KHhp4h8d/OQgIobJv5xT/SgWtGNBndK5
	sHe4+gSd36MnSwIkQdrsCQZWhvLDt6ehVFB6PaaA5dz/ThyYBGw+vZEUWQdwo+6eLlcbr5
	MSReVwYocM1YEN9ozvaqsbSTrSgVdWX8A44IrXsA1id/hw3HqoIL8ZoToikITeOXoQvCGV
	oga4lEALVF9ZQ3eeaUQMV4ltgs347R5i9tqP8kkEGC9XReoOMdi/HSzaMdyft/sowztRbI
	MU4lgbhxK+TwQA9db9JPsrCHgRFLv4Wa4Y6WMV7S5oNZ2u2TXu3rFMsDQCj5nA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch stable/12 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=d41caea44ba9f676b72d9a27d53de520ef61e196

commit d41caea44ba9f676b72d9a27d53de520ef61e196
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2021-12-02 07:22:34 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2021-12-11 09:38:55 +0000

    if_pflog: fix packet length
    
    There were two issues with the new pflog packet length.
    The first is that the length is expected to be a multiple of
    sizeof(long), but we'd assumed it had to be a multiple of
    sizeof(uint32_t).
    
    The second is that there's some broken software out there (such as
    Wireshark) that makes incorrect assumptions about the amount of padding.
    That is, Wireshark assumes there's always three bytes of padding, rather
    than however much is needed to get to a multiple of sizeof(long).
    
    Fix this by adding extra padding, and a fake field to maintain
    Wireshark's assumption.
    
    Reported by:    Ozkan KIRIK <ozkan.kirik@gmail.com>
    Tested by:      Ozkan KIRIK <ozkan.kirik@gmail.com>
    MFC after:      1 week
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    Differential Revision:  https://reviews.freebsd.org/D33236
    
    (cherry picked from commit 6d4baa0d011cb3e78b4b08415568e71c0aab00fe)
---
 sys/net/if_pflog.h        | 8 ++++++--
 sys/netpfil/pf/if_pflog.c | 2 +-
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/sys/net/if_pflog.h b/sys/net/if_pflog.h
index c77d8da1440a..93a69a2bb3a5 100644
--- a/sys/net/if_pflog.h
+++ b/sys/net/if_pflog.h
@@ -31,6 +31,8 @@
 #ifndef _NET_IF_PFLOG_H_
 #define	_NET_IF_PFLOG_H_
 
+#include <net/bpf.h>
+
 #define	PFLOGIFS_MAX	16
 
 #define	PFLOG_RULESET_NAME_SIZE	16
@@ -51,11 +53,13 @@ struct pfloghdr {
 	u_int8_t	dir;
 	u_int8_t	pad[3];
 	u_int32_t	ridentifier;
+	u_int8_t	reserve;	/* Appease broken software like Wireshark. */
+	u_int8_t	pad2[3];
 };
 
-#define	PFLOG_HDRLEN		sizeof(struct pfloghdr)
+#define	PFLOG_HDRLEN		BPF_WORDALIGN(offsetof(struct pfloghdr, pad2))
 /* minus pad, also used as a signature */
-#define	PFLOG_REAL_HDRLEN	offsetof(struct pfloghdr, pad)
+#define	PFLOG_REAL_HDRLEN	offsetof(struct pfloghdr, pad2)
 
 #ifdef _KERNEL
 struct pf_rule;
diff --git a/sys/netpfil/pf/if_pflog.c b/sys/netpfil/pf/if_pflog.c
index 4853c1301d6f..261c9f2a4087 100644
--- a/sys/netpfil/pf/if_pflog.c
+++ b/sys/netpfil/pf/if_pflog.c
@@ -215,7 +215,7 @@ pflog_packet(struct pfi_kkif *kif, struct mbuf *m, sa_family_t af, u_int8_t dir,
 		return (0);
 
 	bzero(&hdr, sizeof(hdr));
-	hdr.length = PFLOG_HDRLEN;
+	hdr.length = PFLOG_REAL_HDRLEN;
 	hdr.af = af;
 	hdr.action = rm->action;
 	hdr.reason = reason;