Module Name: src
Committed By: riastradh
Date: Tue Oct 8 02:30:05 UTC 2024
Modified Files:
src/sys/netinet: udp_usrreq.c
src/sys/netinet6: udp6_usrreq.c
Log Message:
udp(4): Clarify udp4/6_espinudp and inp_overudp_cb return.
Cleanup to detect problems like this earlier:
PR kern/58688: userland panic of kernel via wg(4)
To generate a diff of this commit:
cvs rdiff -u -r1.265 -r1.266 src/sys/netinet/udp_usrreq.c
cvs rdiff -u -r1.155 -r1.156 src/sys/netinet6/udp6_usrreq.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet/udp_usrreq.c
diff -u src/sys/netinet/udp_usrreq.c:1.265 src/sys/netinet/udp_usrreq.c:1.266
--- src/sys/netinet/udp_usrreq.c:1.265 Fri Jul 5 04:31:54 2024
+++ src/sys/netinet/udp_usrreq.c Tue Oct 8 02:30:04 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: udp_usrreq.c,v 1.265 2024/07/05 04:31:54 rin Exp $ */
+/* $NetBSD: udp_usrreq.c,v 1.266 2024/10/08 02:30:04 riastradh Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -66,7 +66,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: udp_usrreq.c,v 1.265 2024/07/05 04:31:54 rin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: udp_usrreq.c,v 1.266 2024/10/08 02:30:04 riastradh Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -575,10 +575,12 @@ udp4_realinput(struct sockaddr_in *src,
if (inp->inp_flags & INP_ESPINUDP) {
switch (udp4_espinudp(mp, off)) {
case -1: /* Error, m was freed */
+ KASSERT(*mp == NULL);
rcvcnt = -1;
goto bad;
case 1: /* ESP over UDP */
+ KASSERT(*mp == NULL);
rcvcnt++;
goto bad;
@@ -599,6 +601,7 @@ udp4_realinput(struct sockaddr_in *src,
sintosa(src), inp->inp_overudp_arg);
switch (ret) {
case -1: /* Error, m was freed */
+ KASSERT(*mp == NULL);
rcvcnt = -1;
goto bad;
@@ -1258,7 +1261,7 @@ udp4_espinudp(struct mbuf **mp, int off)
if (m->m_len < minlen) {
if ((*mp = m_pullup(m, minlen)) == NULL) {
- return -1;
+ return -1; /* dropped */
}
m = *mp;
}
@@ -1270,15 +1273,15 @@ udp4_espinudp(struct mbuf **mp, int off)
if ((len == 1) && (*data == 0xff)) {
m_freem(m);
*mp = NULL; /* avoid any further processing by caller */
- return 1;
+ return 1; /* consumed */
}
/* Handle Non-ESP marker (32bit). If zero, then IKE. */
marker = (uint32_t *)data;
if (len <= sizeof(uint32_t))
- return 0;
+ return 0; /* passthrough */
if (marker[0] == 0)
- return 0;
+ return 0; /* passthrough */
/*
* Get the UDP ports. They are handled in network order
@@ -1323,7 +1326,8 @@ udp4_espinudp(struct mbuf **mp, int off)
if ((tag = m_tag_get(PACKET_TAG_IPSEC_NAT_T_PORTS,
sizeof(sport) + sizeof(dport), M_DONTWAIT)) == NULL) {
m_freem(m);
- return -1;
+ *mp = NULL;
+ return -1; /* dropped */
}
((u_int16_t *)(tag + 1))[0] = sport;
((u_int16_t *)(tag + 1))[1] = dport;
@@ -1336,7 +1340,7 @@ udp4_espinudp(struct mbuf **mp, int off)
/* We handled it, it shouldn't be handled by UDP */
*mp = NULL; /* avoid free by caller ... */
- return 1;
+ return 1; /* consumed */
}
#endif
Index: src/sys/netinet6/udp6_usrreq.c
diff -u src/sys/netinet6/udp6_usrreq.c:1.155 src/sys/netinet6/udp6_usrreq.c:1.156
--- src/sys/netinet6/udp6_usrreq.c:1.155 Fri Jul 5 04:31:54 2024
+++ src/sys/netinet6/udp6_usrreq.c Tue Oct 8 02:30:05 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: udp6_usrreq.c,v 1.155 2024/07/05 04:31:54 rin Exp $ */
+/* $NetBSD: udp6_usrreq.c,v 1.156 2024/10/08 02:30:05 riastradh Exp $ */
/* $KAME: udp6_usrreq.c,v 1.86 2001/05/27 17:33:00 itojun Exp $ */
/* $KAME: udp6_output.c,v 1.43 2001/10/15 09:19:52 itojun Exp $ */
@@ -63,7 +63,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: udp6_usrreq.c,v 1.155 2024/07/05 04:31:54 rin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: udp6_usrreq.c,v 1.156 2024/10/08 02:30:05 riastradh Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -525,10 +525,12 @@ udp6_realinput(int af, struct sockaddr_i
if (inp->inp_flags & IN6P_ESPINUDP) {
switch (udp6_espinudp(mp, off)) {
case -1: /* Error, m was freed */
+ KASSERT(*mp == NULL);
rcvcnt = -1;
goto bad;
case 1: /* ESP over UDP */
+ KASSERT(*mp == NULL);
rcvcnt++;
goto bad;
@@ -550,6 +552,7 @@ udp6_realinput(int af, struct sockaddr_i
sin6tosa(src), inp->inp_overudp_arg);
switch (ret) {
case -1: /* Error, m was freed */
+ KASSERT(*mp == NULL);
rcvcnt = -1;
goto bad;
@@ -564,6 +567,7 @@ udp6_realinput(int af, struct sockaddr_i
* Normal UDP processing will take place,
* m may have changed.
*/
+ m = *mp;
break;
}
}
@@ -1426,7 +1430,7 @@ udp6_espinudp(struct mbuf **mp, int off)
if (m->m_len < minlen) {
if ((*mp = m_pullup(m, minlen)) == NULL) {
- return -1;
+ return -1; /* dropped */
}
m = *mp;
}
@@ -1438,15 +1442,15 @@ udp6_espinudp(struct mbuf **mp, int off)
if ((len == 1) && (*(unsigned char *)data == 0xff)) {
m_freem(m);
*mp = NULL; /* avoid any further processing by caller ... */
- return 1;
+ return 1; /* consumed */
}
/* Handle Non-ESP marker (32bit). If zero, then IKE. */
marker = (uint32_t *)data;
if (len <= sizeof(uint32_t))
- return 0;
+ return 0; /* passthrough */
if (marker[0] == 0)
- return 0;
+ return 0; /* passthrough */
/*
* Get the UDP ports. They are handled in network
@@ -1491,7 +1495,8 @@ udp6_espinudp(struct mbuf **mp, int off)
if ((tag = m_tag_get(PACKET_TAG_IPSEC_NAT_T_PORTS,
sizeof(sport) + sizeof(dport), M_DONTWAIT)) == NULL) {
m_freem(m);
- return -1;
+ *mp = NULL;
+ return -1; /* dropped */
}
((u_int16_t *)(tag + 1))[0] = sport;
((u_int16_t *)(tag + 1))[1] = dport;
@@ -1504,7 +1509,7 @@ udp6_espinudp(struct mbuf **mp, int off)
/* We handled it, it shouldn't be handled by UDP */
*mp = NULL; /* avoid free by caller ... */
- return 1;
+ return 1; /* consumed */
}
#endif /* IPSEC */
