svn commit: r332886 - head/sys/netinet6
Andrey V. Elsukov
ae at FreeBSD.org
Mon Apr 23 12:20:08 UTC 2018
Author: ae
Date: Mon Apr 23 12:20:07 2018
New Revision: 332886
URL: https://svnweb.freebsd.org/changeset/base/332886
Log:
icmp6_reflect() sends ICMPv6 message with new IPv6 header. So, it is
considered as originated by our host packet. And thus rcvif should be
NULL, since it is used by ipfw(4) to determine that packet was originated
from this host. Some of icmp6_reflect() consumers reuse mbuf and m_pkthdr
without resetting rcvif pointer. To avoid this always reset m_pkthdr.rcvif
pointer to NULL in icmp6_reflect(). Also remove such line and comment
describing this from icmp6_error(), since it does not longer matters.
PR: 227674
Reported by: eugen
MFC after: 1 week
Modified:
head/sys/netinet6/icmp6.c
Modified: head/sys/netinet6/icmp6.c
==============================================================================
--- head/sys/netinet6/icmp6.c Mon Apr 23 10:35:00 2018 (r332885)
+++ head/sys/netinet6/icmp6.c Mon Apr 23 12:20:07 2018 (r332886)
@@ -383,15 +383,6 @@ icmp6_error(struct mbuf *m, int type, int code, int pa
icmp6->icmp6_code = code;
icmp6->icmp6_pptr = htonl((u_int32_t)param);
- /*
- * icmp6_reflect() is designed to be in the input path.
- * icmp6_error() can be called from both input and output path,
- * and if we are in output path rcvif could contain bogus value.
- * clear m->m_pkthdr.rcvif for safety, we should have enough scope
- * information in ip header (nip6).
- */
- m->m_pkthdr.rcvif = NULL;
-
ICMP6STAT_INC(icp6s_outhist[type]);
icmp6_reflect(m, sizeof(struct ip6_hdr)); /* header order: IPv6 - ICMPv6 */
@@ -2183,7 +2174,7 @@ icmp6_reflect(struct mbuf *m, size_t off)
*/
m->m_flags &= ~(M_BCAST|M_MCAST);
-
+ m->m_pkthdr.rcvif = NULL;
ip6_output(m, NULL, NULL, 0, NULL, &outif, NULL);
if (outif)
icmp6_ifoutstat_inc(outif, type, code);
More information about the svn-src-all
mailing list