svn commit: r187495 - head/sys/netgraph

Tue, 20 Jan 2009 14:26:36 -0800 

Author: mav
Date: Tue Jan 20 22:26:09 2009
New Revision: 187495
URL: http://svn.freebsd.org/changeset/base/187495

Log:
  Check for infinite recursion possible on some broken PPTP/L2TP/... VPN setups.
  Mark packets with mbuf_tag on first interface passage and drop on second.
  
  PR:           ports/129625, ports/125303,
  MFC after:    2 weeks

Modified:
  head/sys/netgraph/ng_iface.c
  head/sys/netgraph/ng_iface.h

Modified: head/sys/netgraph/ng_iface.c
==============================================================================
--- head/sys/netgraph/ng_iface.c        Tue Jan 20 22:17:05 2009        
(r187494)
+++ head/sys/netgraph/ng_iface.c        Tue Jan 20 22:26:09 2009        
(r187495)
@@ -356,6 +356,7 @@ static int
 ng_iface_output(struct ifnet *ifp, struct mbuf *m,
                struct sockaddr *dst, struct rtentry *rt0)
 {
+       struct m_tag *mtag;
        uint32_t af;
        int error;
 
@@ -366,6 +367,23 @@ ng_iface_output(struct ifnet *ifp, struc
                return (ENETDOWN);
        }
 
+       /* Protect from deadly infinite recursion. */
+       while ((mtag = m_tag_locate(m, MTAG_NGIF, MTAG_NGIF_CALLED, NULL))) {
+               if (*(struct ifnet **)(mtag + 1) == ifp) {
+                       log(LOG_NOTICE, "Loop detected on %s\n", ifp->if_xname);
+                       m_freem(m);
+                       return (EDEADLK);
+               }
+       }
+       mtag = m_tag_alloc(MTAG_NGIF, MTAG_NGIF_CALLED, sizeof(struct ifnet *),
+           M_NOWAIT);
+       if (mtag == NULL) {
+               m_freem(m);
+               return (ENOMEM);
+       }
+       *(struct ifnet **)(mtag + 1) = ifp;
+       m_tag_prepend(m, mtag);
+
        /* BPF writes need to be handled specially. */
        if (dst->sa_family == AF_UNSPEC) {
                bcopy(dst->sa_data, &af, sizeof(af));

Modified: head/sys/netgraph/ng_iface.h
==============================================================================
--- head/sys/netgraph/ng_iface.h        Tue Jan 20 22:17:05 2009        
(r187494)
+++ head/sys/netgraph/ng_iface.h        Tue Jan 20 22:26:09 2009        
(r187495)
@@ -72,4 +72,7 @@ enum {
        NGM_IFACE_GET_IFINDEX,
 };
 
+#define        MTAG_NGIF                       NGM_IFACE_COOKIE
+#define        MTAG_NGIF_CALLED                0 | MTAG_PERSISTENT
+
 #endif /* _NETGRAPH_NG_IFACE_H_ */
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to