git: 145bf6c0af48 - main - Fix blackhole/reject routes.
Brandon Bergren
bdragon at FreeBSD.org
Fri Feb 12 17:16:29 UTC 2021
This actually directly breaks the mips and mips64 builds because the MALTA and MALTA64 kernels do not have INET6 enabled.
On Thu, Feb 11, 2021, at 7:59 PM, Mateusz Guzik wrote:
> I mean *without* INET6
>
> On 2/12/21, Mateusz Guzik <mjguzik at gmail.com> wrote:
> > This breaks building a kernel with INET6 for me, I presume it will
> > also break LINT-NOINET
> >
> > On 2/12/21, Alexander V. Chernikov <melifaro at freebsd.org> wrote:
> >> The branch main has been updated by melifaro:
> >>
> >> URL:
> >> https://cgit.FreeBSD.org/src/commit/?id=145bf6c0af48b89f13465e145f4516de37c31d85
> >>
> >> commit 145bf6c0af48b89f13465e145f4516de37c31d85
> >> Author: Alexander V. Chernikov <melifaro at FreeBSD.org>
> >> AuthorDate: 2021-02-08 23:29:05 +0000
> >> Commit: Alexander V. Chernikov <melifaro at FreeBSD.org>
> >> CommitDate: 2021-02-11 23:08:55 +0000
> >>
> >> Fix blackhole/reject routes.
> >>
> >> Traditionally *BSD routing stack required to supply some
> >> interface data for blackhole/reject routes. This lead to
> >> varieties of hacks in routing daemons when inserting such routes.
> >> With the recent routeing stack changes, gateway sockaddr without
> >> RTF_GATEWAY started to be treated differently, purely as link
> >> identifier.
> >>
> >> This change broke net/bird, which installs blackhole routes with
> >> 127.0.0.1 gateway without RTF_GATEWAY flags.
> >>
> >> Fix this by automatically constructing necessary gateway data at
> >> rtsock level if RTF_REJECT/RTF_BLACKHOLE is set.
> >>
> >> Reported by: Marek Zarychta <zarychtam at plan-b.pwste.edu.pl>
> >> Reviewed by: donner
> >> MFC after: 1 week
> >> ---
> >> sys/net/rtsock.c | 58
> >> ++++++++++++++++++++++++++++++++++++++++++++++++++++++--
> >> 1 file changed, 56 insertions(+), 2 deletions(-)
> >>
> >> diff --git a/sys/net/rtsock.c b/sys/net/rtsock.c
> >> index ba1182d55439..f67252f9fd5f 100644
> >> --- a/sys/net/rtsock.c
> >> +++ b/sys/net/rtsock.c
> >> @@ -562,6 +562,50 @@ rtm_get_jailed(struct rt_addrinfo *info, struct
> >> ifnet
> >> *ifp,
> >> return (0);
> >> }
> >>
> >> +static int
> >> +fill_blackholeinfo(struct rt_addrinfo *info, union sockaddr_union *saun)
> >> +{
> >> + struct ifaddr *ifa;
> >> + sa_family_t saf;
> >> +
> >> + if (V_loif == NULL) {
> >> + printf("Unable to add blackhole/reject nhop without loopback");
> >> + return (ENOTSUP);
> >> + }
> >> + info->rti_ifp = V_loif;
> >> +
> >> + saf = info->rti_info[RTAX_DST]->sa_family;
> >> +
> >> + CK_STAILQ_FOREACH(ifa, &info->rti_ifp->if_addrhead, ifa_link) {
> >> + if (ifa->ifa_addr->sa_family == saf) {
> >> + info->rti_ifa = ifa;
> >> + break;
> >> + }
> >> + }
> >> + if (info->rti_ifa == NULL)
> >> + return (ENOTSUP);
> >> +
> >> + bzero(saun, sizeof(union sockaddr_union));
> >> + switch (saf) {
> >> + case AF_INET:
> >> + saun->sin.sin_family = AF_INET;
> >> + saun->sin.sin_len = sizeof(struct sockaddr_in);
> >> + saun->sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
> >> + break;
> >> + case AF_INET6:
> >> + saun->sin6.sin6_family = AF_INET6;
> >> + saun->sin6.sin6_len = sizeof(struct sockaddr_in6);
> >> + saun->sin6.sin6_addr = in6addr_loopback;
> >> + break;
> >> + default:
> >> + return (ENOTSUP);
> >> + }
> >> + info->rti_info[RTAX_GATEWAY] = &saun->sa;
> >> + info->rti_flags |= RTF_GATEWAY;
> >> +
> >> + return (0);
> >> +}
> >> +
> >> /*
> >> * Fills in @info based on userland-provided @rtm message.
> >> *
> >> @@ -944,7 +988,6 @@ route_output(struct mbuf *m, struct socket *so, ...)
> >> #endif
> >> int alloc_len = 0, len, error = 0, fibnum;
> >> sa_family_t saf = AF_UNSPEC;
> >> - struct walkarg w;
> >> struct rib_cmd_info rc;
> >> struct nhop_object *nh;
> >>
> >> @@ -972,7 +1015,6 @@ route_output(struct mbuf *m, struct socket *so, ...)
> >>
> >> m_copydata(m, 0, len, (caddr_t)rtm);
> >> bzero(&info, sizeof(info));
> >> - bzero(&w, sizeof(w));
> >> nh = NULL;
> >>
> >> if (rtm->rtm_version != RTM_VERSION) {
> >> @@ -1004,6 +1046,18 @@ route_output(struct mbuf *m, struct socket *so,
> >> ...)
> >> goto flush;
> >> }
> >>
> >> + union sockaddr_union gw_saun;
> >> + int blackhole_flags = rtm->rtm_flags & (RTF_BLACKHOLE|RTF_REJECT);
> >> + if (blackhole_flags != 0) {
> >> + if (blackhole_flags != (RTF_BLACKHOLE | RTF_REJECT))
> >> + error = fill_blackholeinfo(&info, &gw_saun);
> >> + else
> >> + error = EINVAL;
> >> + if (error != 0)
> >> + senderr(error);
> >> + /* TODO: rebuild rtm from scratch */
> >> + }
> >> +
> >> switch (rtm->rtm_type) {
> >> case RTM_ADD:
> >> case RTM_CHANGE:
> >> _______________________________________________
> >> dev-commits-src-all at freebsd.org mailing list
> >> https://lists.freebsd.org/mailman/listinfo/dev-commits-src-all
> >> To unsubscribe, send any mail to
> >> "dev-commits-src-all-unsubscribe at freebsd.org"
> >>
> >
> >
> > --
> > Mateusz Guzik <mjguzik gmail.com>
> >
>
>
> --
> Mateusz Guzik <mjguzik gmail.com>
>
--
Brandon Bergren
bdragon at FreeBSD.org
More information about the dev-commits-src-all
mailing list