svn commit: r307082 - in head: . sys/amd64/conf sys/arm/conf sys/arm64/conf sys/conf sys/i386/conf sys/mips/conf sys/modules/cc sys/modules/khelp sys/netinet sys/netinet/tcp_stacks sys/pc98/conf sy...

Shawn Webb shawn.webb at hardenedbsd.org
Sat Oct 15 00:01:23 UTC 2016 

On Wed, Oct 12, 2016 at 02:16:42AM +0000, Jonathan T. Looney wrote:
> Author: jtl
> Date: Wed Oct 12 02:16:42 2016
> New Revision: 307082
> URL: https://svnweb.freebsd.org/changeset/base/307082
> 
> Log:
>   In the TCP stack, the hhook(9) framework provides hooks for kernel modules
>   to add actions that run when a TCP frame is sent or received on a TCP
>   session in the ESTABLISHED state. In the base tree, this functionality is
>   only used for the h_ertt module, which is used by the cc_cdg, cc_chd, cc_hd,
>   and cc_vegas congestion control modules.
>   
>   Presently, we incur overhead to check for hooks each time a TCP frame is
>   sent or received on an ESTABLISHED TCP session.
>   
>   This change adds a new compile-time option (TCP_HHOOK) to determine whether
>   to include the hhook(9) framework for TCP. To retain backwards
>   compatibility, I added the TCP_HHOOK option to every configuration file that
>   already defined "options INET". (Therefore, this patch introduces no
>   functional change. In order to see a functional difference, you need to
>   compile a custom kernel without the TCP_HHOOK option.) This change will
>   allow users to easily exclude this functionality from their kernel, should
>   they wish to do so.
>   
>   Note that any users who use a custom kernel configuration and use one of the
>   congestion control modules listed above will need to add the TCP_HHOOK
>   option to their kernel configuration.
>   
>   Reviewed by:	rrs, lstewart, hiren (previous version), sjg (makefiles only)
>   Sponsored by:	Netflix
>   Differential Revision:	https://reviews.freebsd.org/D8185

This commit breaks the build when VNET is enabled. Attached is a
candidate patch to fix.

If the patch doesn't make it to the list, I've pasted it here:
http://ix.io/1wbE

Thanks,

-- 
Shawn Webb
Cofounder and Security Engineer
HardenedBSD

GPG Key ID:          0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89  3D9E 6A84 658F 5245 6EEE
-------------- next part --------------
diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c
index b8c9ff0..e69c3d4 100644
--- a/sys/netinet/tcp_subr.c
+++ b/sys/netinet/tcp_subr.c
@@ -742,7 +742,10 @@ tcp_init(void)
 static void
 tcp_destroy(void *unused __unused)
 {
-	int error, n;
+	int n;
+#ifdef TCP_HHOOK
+	int error;
+#endif
 
 	/*
 	 * All our processes are gone, all our sockets should be cleaned
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-src-all/attachments/20161014/fab2400d/attachment.sig>

More information about the svn-src-all mailing list