From e3a7b0144b3435c676ce00e1ece5d8a58af6e48c Mon Sep 17 00:00:00 2001 From: bluhm Date: Sun, 21 Jan 2024 01:17:20 +0000 Subject: [PATCH] Assert that inpcb table has correct address family. Since inpcb tables for UDP and Raw IP have been split into IPv4 and IPv6, assert that INP_IPV6 flag is correct instead of checking it. While there, give the table variable a nicer name. OK sashan@ mvs@ --- sys/netinet/raw_ip.c | 8 +++----- sys/netinet/udp_usrreq.c | 36 +++++++++++++++++------------------- sys/netinet6/raw_ip6.c | 6 +++--- 3 files changed, 23 insertions(+), 27 deletions(-) diff --git a/sys/netinet/raw_ip.c b/sys/netinet/raw_ip.c index 1e7e20b8c1a..ae9ddb52185 100644 --- a/sys/netinet/raw_ip.c +++ b/sys/netinet/raw_ip.c @@ -1,4 +1,4 @@ -/* $OpenBSD: raw_ip.c,v 1.153 2023/12/15 00:24:56 bluhm Exp $ */ +/* $OpenBSD: raw_ip.c,v 1.154 2024/01/21 01:17:20 bluhm Exp $ */ /* $NetBSD: raw_ip.c,v 1.25 1996/02/18 18:58:33 christos Exp $ */ /* @@ -171,12 +171,10 @@ rip_input(struct mbuf **mp, int *offp, int proto, int af) rw_enter_write(&rawcbtable.inpt_notify); mtx_enter(&rawcbtable.inpt_mtx); TAILQ_FOREACH(inp, &rawcbtable.inpt_queue, inp_queue) { + KASSERT(!ISSET(inp->inp_flags, INP_IPV6)); + if (inp->inp_socket->so_rcv.sb_state & SS_CANTRCVMORE) continue; -#ifdef INET6 - if (inp->inp_flags & INP_IPV6) - continue; -#endif if (rtable_l2(inp->inp_rtableid) != rtable_l2(m->m_pkthdr.ph_rtableid)) continue; diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index 06a56ca35ad..1064f8bd2ae 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -1,4 +1,4 @@ -/* $OpenBSD: udp_usrreq.c,v 1.314 2024/01/19 02:24:07 bluhm Exp $ */ +/* $OpenBSD: udp_usrreq.c,v 1.315 2024/01/21 01:17:20 bluhm Exp $ */ /* $NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $ */ /* @@ -381,7 +381,7 @@ udp_input(struct mbuf **mp, int *offp, int proto, int af) if (m->m_flags & (M_BCAST|M_MCAST)) { SIMPLEQ_HEAD(, inpcb) inpcblist; - struct inpcbtable *tb; + struct inpcbtable *table; /* * Deliver a multicast or broadcast datagram to *all* sockets @@ -406,23 +406,21 @@ udp_input(struct mbuf **mp, int *offp, int proto, int af) SIMPLEQ_INIT(&inpcblist); #ifdef INET6 if (ip6) - tb = &udb6table; + table = &udb6table; else #endif - tb = &udbtable; + table = &udbtable; - rw_enter_write(&tb->inpt_notify); - mtx_enter(&tb->inpt_mtx); - TAILQ_FOREACH(inp, &tb->inpt_queue, inp_queue) { - if (inp->inp_socket->so_rcv.sb_state & SS_CANTRCVMORE) - continue; -#ifdef INET6 - /* table is per AF, panic if it does not match */ + rw_enter_write(&table->inpt_notify); + mtx_enter(&table->inpt_mtx); + TAILQ_FOREACH(inp, &table->inpt_queue, inp_queue) { if (ip6) KASSERT(ISSET(inp->inp_flags, INP_IPV6)); else KASSERT(!ISSET(inp->inp_flags, INP_IPV6)); -#endif + + if (inp->inp_socket->so_rcv.sb_state & SS_CANTRCVMORE) + continue; if (rtable_l2(inp->inp_rtableid) != rtable_l2(m->m_pkthdr.ph_rtableid)) continue; @@ -481,10 +479,10 @@ udp_input(struct mbuf **mp, int *offp, int proto, int af) SO_REUSEADDR)) == 0) break; } - mtx_leave(&tb->inpt_mtx); + mtx_leave(&table->inpt_mtx); if (SIMPLEQ_EMPTY(&inpcblist)) { - rw_exit_write(&tb->inpt_notify); + rw_exit_write(&table->inpt_notify); /* * No matching pcb found; discard datagram. @@ -509,7 +507,7 @@ udp_input(struct mbuf **mp, int *offp, int proto, int af) } in_pcbunref(inp); } - rw_exit_write(&tb->inpt_notify); + rw_exit_write(&table->inpt_notify); return IPPROTO_DONE; } @@ -1098,7 +1096,7 @@ release: int udp_attach(struct socket *so, int proto, int wait) { - struct inpcbtable *tb; + struct inpcbtable *table; int error; if (so->so_pcb != NULL) @@ -1110,11 +1108,11 @@ udp_attach(struct socket *so, int proto, int wait) NET_ASSERT_LOCKED(); #ifdef INET6 if (so->so_proto->pr_domain->dom_family == PF_INET6) - tb = &udb6table; + table = &udb6table; else #endif - tb = &udbtable; - if ((error = in_pcballoc(so, tb, wait))) + table = &udbtable; + if ((error = in_pcballoc(so, table, wait))) return error; #ifdef INET6 if (sotoinpcb(so)->inp_flags & INP_IPV6) diff --git a/sys/netinet6/raw_ip6.c b/sys/netinet6/raw_ip6.c index 6379e79476e..1b784248f3f 100644 --- a/sys/netinet6/raw_ip6.c +++ b/sys/netinet6/raw_ip6.c @@ -1,4 +1,4 @@ -/* $OpenBSD: raw_ip6.c,v 1.178 2023/12/15 00:24:56 bluhm Exp $ */ +/* $OpenBSD: raw_ip6.c,v 1.179 2024/01/21 01:17:20 bluhm Exp $ */ /* $KAME: raw_ip6.c,v 1.69 2001/03/04 15:55:44 itojun Exp $ */ /* @@ -183,14 +183,14 @@ rip6_input(struct mbuf **mp, int *offp, int proto, int af) rw_enter_write(&rawin6pcbtable.inpt_notify); mtx_enter(&rawin6pcbtable.inpt_mtx); TAILQ_FOREACH(inp, &rawin6pcbtable.inpt_queue, inp_queue) { + KASSERT(ISSET(inp->inp_flags, INP_IPV6)); + if (inp->inp_socket->so_rcv.sb_state & SS_CANTRCVMORE) continue; if (rtable_l2(inp->inp_rtableid) != rtable_l2(m->m_pkthdr.ph_rtableid)) continue; - if (!(inp->inp_flags & INP_IPV6)) - continue; if ((inp->inp_ipv6.ip6_nxt || proto == IPPROTO_ICMPV6) && inp->inp_ipv6.ip6_nxt != proto) continue; -- 2.20.1