diff options
| author |   mpi <mpi@openbsd.org> | 2015-11-18 13:53:59 +0000 |
|---|---|---|
| committer | mpi <mpi@openbsd.org> | 2015-11-18 13:53:59 +0000 |
| commit | 691223e92b4fac0eff8a06dd178ea77fa4f0e67a (patch) | |
| tree | b928c64678d5c716f2ed4ee26cdd14b26c1729a4 | |
| parent | remove pledge_aftersyscall() prototype as the function was been removed. (diff) | |
| download | wireguard-openbsd-691223e92b4fac0eff8a06dd178ea77fa4f0e67a.tar.xz wireguard-openbsd-691223e92b4fac0eff8a06dd178ea77fa4f0e67a.zip | |
Make use of srp_enter()/srp_leave() in carp_iamatch() in preparation
for unlocking the ARP input path.
ok dlg@
| -rw-r--r-- | sys/netinet/if_ether.c | 31 | ||||
| -rw-r--r-- | sys/netinet/ip_carp.c | 18 | ||||
| -rw-r--r-- | sys/netinet/ip_carp.h | 4 |
3 files changed, 23 insertions, 30 deletions
diff --git a/sys/netinet/if_ether.c b/sys/netinet/if_ether.c index 644f673a31c..03f7c5562cb 100644 --- a/sys/netinet/if_ether.c +++ b/sys/netinet/if_ether.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_ether.c,v 1.186 2015/11/13 10:18:04 mpi Exp $ */ +/* $OpenBSD: if_ether.c,v 1.187 2015/11/18 13:53:59 mpi Exp $ */ /* $NetBSD: if_ether.c,v 1.31 1996/05/11 12:59:58 mycroft Exp $ */ /* @@ -493,7 +493,6 @@ in_arpinput(struct mbuf *m) { struct ether_arp *ea; struct ifnet *ifp; - struct arpcom *ac; struct ether_header *eh; struct llinfo_arp *la = NULL; struct rtentry *rt = NULL; @@ -502,10 +501,7 @@ in_arpinput(struct mbuf *m) struct sockaddr_in sin; struct in_addr isaddr, itaddr; struct mbuf *mh; - u_int8_t *enaddr = NULL; -#if NCARP > 0 - uint8_t *ethshost = NULL; -#endif + uint8_t enaddr[ETHER_ADDR_LEN]; char addr[INET_ADDRSTRLEN]; int op, changed = 0, target = 0; unsigned int len, rdomain; @@ -517,8 +513,6 @@ in_arpinput(struct mbuf *m) m_freem(m); return; } - ac = (struct arpcom *)ifp; - ea = mtod(m, struct ether_arp *); op = ntohs(ea->arp_op); if ((op != ARPOP_REQUEST) && (op != ARPOP_REPLY)) @@ -540,6 +534,10 @@ in_arpinput(struct mbuf *m) } } + memcpy(enaddr, LLADDR(ifp->if_sadl), ETHER_ADDR_LEN); + if (!memcmp(ea->arp_sha, enaddr, sizeof(ea->arp_sha))) + goto out; /* it's from me, ignore it. */ + /* Check target against our interface addresses. */ sin.sin_addr = itaddr; rt = rtalloc(sintosa(&sin), 0, rdomain); @@ -548,18 +546,13 @@ in_arpinput(struct mbuf *m) target = 1; rtfree(rt); rt = NULL; - + #if NCARP > 0 if (target && op == ARPOP_REQUEST && ifp->if_type == IFT_CARP && - !carp_iamatch(ifp, ðshost)) + !carp_iamatch(ifp, enaddr)) goto out; #endif - if (!enaddr) - enaddr = ac->ac_enaddr; - if (!memcmp(ea->arp_sha, enaddr, sizeof(ea->arp_sha))) - goto out; /* it's from me, ignore it. */ - /* Do we have an ARP cache for the sender? Create if we are target. */ rt = arplookup(isaddr.s_addr, target, 0, rdomain); @@ -670,13 +663,15 @@ out: if (target) { /* We are the target and already have all info for the reply */ memcpy(ea->arp_tha, ea->arp_sha, sizeof(ea->arp_sha)); - memcpy(ea->arp_sha, enaddr, sizeof(ea->arp_sha)); + memcpy(ea->arp_sha, LLADDR(ifp->if_sadl), sizeof(ea->arp_sha)); } else { rt = arplookup(itaddr.s_addr, 0, SIN_PROXY, rdomain); if (rt == NULL) goto out; +#if NCARP > 0 if (rt->rt_ifp->if_type == IFT_CARP && ifp->if_type != IFT_CARP) goto out; +#endif memcpy(ea->arp_tha, ea->arp_sha, sizeof(ea->arp_sha)); sdl = satosdl(rt->rt_gateway); memcpy(ea->arp_sha, LLADDR(sdl), sizeof(ea->arp_sha)); @@ -689,10 +684,6 @@ out: ea->arp_pro = htons(ETHERTYPE_IP); /* let's be sure! */ eh = (struct ether_header *)sa.sa_data; memcpy(eh->ether_dhost, ea->arp_tha, sizeof(eh->ether_dhost)); -#if NCARP > 0 - if (ethshost) - enaddr = ethshost; -#endif memcpy(eh->ether_shost, enaddr, sizeof(eh->ether_shost)); eh->ether_type = htons(ETHERTYPE_ARP); diff --git a/sys/netinet/ip_carp.c b/sys/netinet/ip_carp.c index 90ac78d5911..f8e7e66d7f6 100644 --- a/sys/netinet/ip_carp.c +++ b/sys/netinet/ip_carp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_carp.c,v 1.281 2015/11/12 05:46:45 dlg Exp $ */ +/* $OpenBSD: ip_carp.c,v 1.282 2015/11/18 13:53:59 mpi Exp $ */ /* * Copyright (c) 2002 Michael Shalayeff. All rights reserved. @@ -1318,23 +1318,25 @@ carp_update_lsmask(struct carp_softc *sc) } int -carp_iamatch(struct ifnet *ifp, uint8_t **ether_shost) +carp_iamatch(struct ifnet *ifp, uint8_t *enaddr) { struct carp_softc *sc = ifp->if_softc; - struct carp_vhost_entry *vhe = SRPL_FIRST_LOCKED(&sc->carp_vhosts); - - KERNEL_ASSERT_LOCKED(); /* touching carp_vhosts */ + struct carp_vhost_entry *vhe; + struct srpl_iter i; + int match = 0; + vhe = SRPL_ENTER(&sc->carp_vhosts, &i); /* head */ if (vhe->state == MASTER) { if (sc->sc_balancing == CARP_BAL_IPSTEALTH || sc->sc_balancing == CARP_BAL_IP) { struct arpcom *ac = (struct arpcom *)sc->sc_carpdev; - *ether_shost = ac->ac_enaddr; + memcpy(enaddr, ac->ac_enaddr, ETHER_ADDR_LEN); } - return (1); + match = 1; } + SRPL_LEAVE(&i, vhe); - return (0); + return (match); } #ifdef INET6 diff --git a/sys/netinet/ip_carp.h b/sys/netinet/ip_carp.h index dd6eb8755ac..fbf5f0673ef 100644 --- a/sys/netinet/ip_carp.h +++ b/sys/netinet/ip_carp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_carp.h,v 1.36 2015/11/02 15:05:23 mpi Exp $ */ +/* $OpenBSD: ip_carp.h,v 1.37 2015/11/18 13:53:59 mpi Exp $ */ /* * Copyright (c) 2002 Michael Shalayeff. All rights reserved. @@ -167,7 +167,7 @@ void carp_proto_input (struct mbuf *, ...); void carp_carpdev_state(void *); void carp_group_demote_adj(struct ifnet *, int, char *); int carp6_proto_input(struct mbuf **, int *, int); -int carp_iamatch(struct ifnet *, uint8_t **); +int carp_iamatch(struct ifnet *, uint8_t *); int carp_iamatch6(struct ifnet *); struct ifnet *carp_ourether(void *, u_int8_t *); int carp_output(struct ifnet *, struct mbuf *, struct sockaddr *, |