From nobody Sun Dec 26 19:07:06 2021
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 6F719191522A
	for <dev-commits-src-all@mlmmj.nyi.freebsd.org>; Sun, 26 Dec 2021 19:08:13 +0000 (UTC)
	(envelope-from jrtc27@jrtc27.com)
Received: from mail-wr1-f49.google.com (mail-wr1-f49.google.com [209.85.221.49])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4JMVgd1J9Sz3mBt
	for <dev-commits-src-all@freebsd.org>; Sun, 26 Dec 2021 19:08:13 +0000 (UTC)
	(envelope-from jrtc27@jrtc27.com)
Received: by mail-wr1-f49.google.com with SMTP id e5so28427324wrc.5
        for <dev-commits-src-all@freebsd.org>; Sun, 26 Dec 2021 11:08:13 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc
         :content-transfer-encoding:message-id:references:to;
        bh=aminno3gyolqHzcib9kO9EA6Mh/gzYRjQuxev0Lh7Qk=;
        b=st0WMSM09JVKDx2f408nuncSSnVeSQTgwnKOBLoo4I0dAf3f+PHYcvWk4E6oh+xckz
         qdZPtWhNu+ZdZpD+ytvmZy7i5UV+hy9a2BHdBTZNscfJq40dqKJl5OfaPphmXzb+BEXD
         tYYEGSdR1rb1Kspi+SKjnJJg3Ph2sjPEyLseanrV4+RySw7Vu4D3E4aCaZA/85pIvC7d
         9+vO63KYpSjwX0BhWY7lbGP79XNgqhkYJ4zUt6XxQ+0SrE3MDw3t9AAM8icO5lRcJtIF
         8E7Mj3HvYx9k5ca25pFT1jO+J08fpNpwKksTLkq8XDF6aRjAN6irbQ4dcJIcmH3b8O6F
         h9aA==
X-Gm-Message-State: AOAM533duVUisyMftJ49QZv7v7IbUhDTY06um7I4Yi6qpVBGPnBvQVHW
	zdUMi535Rk1+zG5Qrf7st22otw==
X-Google-Smtp-Source: ABdhPJycr4N6C7VkW3Cdow0TfL7NSfBO3WrROpOez/u821eSHIHmCorqBwMaJo+Qo4BSyKMjHZ7BiQ==
X-Received: by 2002:a5d:6a81:: with SMTP id s1mr10868120wru.36.1640545686181;
        Sun, 26 Dec 2021 11:08:06 -0800 (PST)
Received: from smtpclient.apple (global-5-141.nat-2.net.cam.ac.uk. [131.111.5.141])
        by smtp.gmail.com with ESMTPSA id k19sm16210410wmo.29.2021.12.26.11.08.05
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Sun, 26 Dec 2021 11:08:05 -0800 (PST)
Content-Type: text/plain;
	charset=utf-8
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-all@freebsd.org
X-BeenThere: dev-commits-src-all@freebsd.org
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\))
Subject: Re: git: eb8dcdeac22d - main - jail: network epoch protection for IP
 address lists
From: Jessica Clarke <jrtc27@freebsd.org>
In-Reply-To: <202112261846.1BQIkYd8075256@gitrepo.freebsd.org>
Date: Sun, 26 Dec 2021 19:07:06 +0000
Cc: "src-committers@freebsd.org" <src-committers@FreeBSD.org>,
 "dev-commits-src-all@freebsd.org" <dev-commits-src-all@FreeBSD.org>,
 "dev-commits-src-main@freebsd.org" <dev-commits-src-main@FreeBSD.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <04FFE80E-388E-4028-A6D8-FE6F725C1B5B@freebsd.org>
References: <202112261846.1BQIkYd8075256@gitrepo.freebsd.org>
To: Gleb Smirnoff <glebius@FreeBSD.org>
X-Mailer: Apple Mail (2.3654.120.0.1.13)
X-Rspamd-Queue-Id: 4JMVgd1J9Sz3mBt
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org;
	none
X-Spamd-Result: default: False [-4.00 / 15.00];
	 REPLY(-4.00)[]
X-ThisMailContainsUnwantedMimeParts: N

On 26 Dec 2021, at 18:46, Gleb Smirnoff <glebius@FreeBSD.org> wrote:
>=20
> The branch main has been updated by glebius:
>=20
> URL: =
https://cgit.FreeBSD.org/src/commit/?id=3Deb8dcdeac22daadbf07be81d7338e14e=
c4cc7d7f
>=20
> commit eb8dcdeac22daadbf07be81d7338e14ec4cc7d7f
> Author:     Gleb Smirnoff <glebius@FreeBSD.org>
> AuthorDate: 2021-12-26 18:45:50 +0000
> Commit:     Gleb Smirnoff <glebius@FreeBSD.org>
> CommitDate: 2021-12-26 18:45:50 +0000
>=20
>    jail: network epoch protection for IP address lists
>=20
>    Now struct prison has two pointers (IPv4 and IPv6) of struct
>    prison_ip type.  Each points into epoch context, address count
>    and variable size array of addresses.  These structures are
>    freed with network epoch deferred free and are not edited in
>    place, instead a new structure is allocated and set.
>=20
>    While here, the change also generalizes a lot (but not enough)
>    of IPv4 and IPv6 processing. E.g. address family agnostic helpers
>    for kern_jail_set() are provided, that reduce v4-v6 copy-paste.
>=20
>    The fast-path prison_check_ip[46]_locked() is also generalized
>    into prison_ip_check() that can be executed with network epoch
>    protection only.
>=20
>    Reviewed by:            jamie
>    Differential revision:  https://reviews.freebsd.org/D33339
> ---
> sys/kern/kern_jail.c    | 770 =
+++++++++++++++++++++++++++++++-----------------
> sys/netinet/in.c        |   2 +
> sys/netinet/in_jail.c   | 139 ++-------
> sys/netinet6/in6_jail.c | 133 ++-------
> sys/sys/jail.h          |  25 +-
> 5 files changed, 572 insertions(+), 497 deletions(-)
>=20
> diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c
> index e505e9bf1276..f1c81d8813bd 100644
> --- a/sys/kern/kern_jail.c
> +++ b/sys/kern/kern_jail.c
> @@ -45,6 +45,7 @@ __FBSDID("$FreeBSD$");
> #include <sys/osd.h>
> #include <sys/priv.h>
> #include <sys/proc.h>
> +#include <sys/epoch.h>
> #include <sys/taskqueue.h>
> #include <sys/fcntl.h>
> #include <sys/jail.h>
> @@ -531,15 +532,407 @@ sys_jail_set(struct thread *td, struct =
jail_set_args *uap)
> 	return (error);
> }
>=20
> +#if defined(INET) || defined(INET6)
> +typedef int prison_addr_cmp_t(const void *, const void *);
> +typedef bool prison_addr_valid_t(const void *);
> +static const struct pr_family {
> +	size_t			size;
> +	prison_addr_cmp_t	*cmp;
> +	prison_addr_valid_t	*valid;
> +	int			ip_flag;
> +} pr_families[PR_FAMILY_MAX] =3D {
> +#ifdef INET
> +	[PR_INET] =3D {
> +		.size =3D sizeof(struct in_addr),
> +		.cmp =3D prison_qcmp_v4,
> +		.valid =3D prison_valid_v4,
> +		.ip_flag =3D PR_IP4_USER,
> +	 },
> +#endif
> +#ifdef INET6
> +	[PR_INET6] =3D {
> +		.size =3D sizeof(struct in6_addr),
> +		.cmp =3D prison_qcmp_v6,
> +		.valid =3D prison_valid_v6,
> +		.ip_flag =3D PR_IP6_USER,
> +	},
> +#endif
> +};
> +
> +/*
> + * Network address lists (pr_addrs) allocation for jails.  The =
addresses
> + * are accessed locklessly by the network stack, thus need to be =
protected by
> + * the network epoch.
> + */
> +struct prison_ip {
> +	struct epoch_context ctx;
> +	uint32_t	ips;
> +#ifdef FUTURE_C
> +	union {
> +		struct in_addr pr_ip4[];
> +		struct in6_addr pr_ip6[];
> +	};
> +#else /* No future C :( */
> +#define	PR_IP(pip, i)	((const char *)((pip) + 1) + =
pr_families[af].size * (i))
> +#define	PR_IPD(pip, i)	((char *)((pip) + 1) + =
pr_families[af].size * (i))
> +#endif
> +};

You can make this work with a prison_ip base and prison_ipv[46] derived
structs.

As it stands this is quite gross, you=E2=80=99re assuming things about
alignment, and don=E2=80=99t even have a flexible char[] at the end to
represent the extra data.

Jess