svn commit: r315956 - in head/sys: netinet netinet6
Mike Karels
karels at FreeBSD.org
Sat Mar 25 15:06:30 UTC 2017
Author: karels
Date: Sat Mar 25 15:06:28 2017
New Revision: 315956
URL: https://svnweb.freebsd.org/changeset/base/315956
Log:
Fix reference count leak with L2 caching.
ip_forward, TCP/IPv6, and probably SCTP leaked references to L2 cache
entry because they used their own routes on the stack, not in_pcb routes.
The original model for route caching was callers that provided a route
structure to ip{,6}input() would keep the route, and this model was used
for L2 caching as well. Instead, change L2 caching to be done by default
only when using a route structure in the in_pcb; the pcb deallocation
code frees L2 as well as L3 cacches. A separate change will add route
caching to TCP/IPv6.
Another suggestion was to have the transport protocols indicate willingness
to use L2 caching, but this approach keeps the changes in the network
level
Reviewed by: ae gnn
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D10059
and those below, will be ignored--
> Description of fields to fill in above: 76 columns --|
> PR: If and which Problem Report is related.
> Submitted by: If someone else sent in the change.
> Reported by: If someone else reported the issue.
> Reviewed by: If someone else reviewed your modification.
> Approved by: If you needed approval for this commit.
> Obtained from: If the change is from a third party.
> MFC after: N [day[s]|week[s]|month[s]]. Request a reminder email.
> MFH: Ports tree branch name. Request approval for merge.
> Relnotes: Set to 'yes' for mention in release notes.
> Security: Vulnerability reference (one per line) or description.
> Sponsored by: If the change was sponsored by an organization.
> Differential Revision: https://reviews.freebsd.org/D### (*full* phabric URL needed).
> Empty fields above will be automatically removed.
M netinet/in_pcb.c
M netinet/ip_output.c
M netinet6/ip6_output.c
Modified:
head/sys/netinet/in_pcb.c
head/sys/netinet/ip_output.c
head/sys/netinet6/ip6_output.c
Modified: head/sys/netinet/in_pcb.c
==============================================================================
--- head/sys/netinet/in_pcb.c Sat Mar 25 14:28:20 2017 (r315955)
+++ head/sys/netinet/in_pcb.c Sat Mar 25 15:06:28 2017 (r315956)
@@ -328,6 +328,12 @@ in_pcballoc(struct socket *so, struct in
#endif
inp->inp_gencnt = ++pcbinfo->ipi_gencnt;
refcount_init(&inp->inp_refcount, 1); /* Reference from inpcbinfo */
+
+ /*
+ * Routes in inpcb's can cache L2 as well; they are guaranteed
+ * to be cleaned up.
+ */
+ inp->inp_route.ro_flags = RT_LLE_CACHE;
INP_LIST_WUNLOCK(pcbinfo);
#if defined(IPSEC) || defined(IPSEC_SUPPORT) || defined(MAC)
out:
Modified: head/sys/netinet/ip_output.c
==============================================================================
--- head/sys/netinet/ip_output.c Sat Mar 25 14:28:20 2017 (r315955)
+++ head/sys/netinet/ip_output.c Sat Mar 25 15:06:28 2017 (r315956)
@@ -242,8 +242,7 @@ ip_output(struct mbuf *m, struct mbuf *o
if (ro == NULL) {
ro = &iproute;
bzero(ro, sizeof (*ro));
- } else
- ro->ro_flags |= RT_LLE_CACHE;
+ }
#ifdef FLOWTABLE
if (ro->ro_rt == NULL)
Modified: head/sys/netinet6/ip6_output.c
==============================================================================
--- head/sys/netinet6/ip6_output.c Sat Mar 25 14:28:20 2017 (r315955)
+++ head/sys/netinet6/ip6_output.c Sat Mar 25 15:06:28 2017 (r315956)
@@ -494,8 +494,7 @@ ip6_output(struct mbuf *m0, struct ip6_p
if (ro == NULL) {
ro = &ip6route;
bzero((caddr_t)ro, sizeof(*ro));
- } else
- ro->ro_flags |= RT_LLE_CACHE;
+ }
ro_pmtu = ro;
if (opt && opt->ip6po_rthdr)
ro = &opt->ip6po_route;
More information about the svn-src-all
mailing list