From nobody Fri May 10 14:13:01 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VbW7L0GDlz5JWx6; Fri, 10 May 2024 14:13:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4VbW7K6k76z4h93; Fri, 10 May 2024 14:13:01 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1715350382; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=gZOL8BwpNMijHH3atQr3pfAh6yWo3DGJYOZXk/nhzt0=; b=Eyde6KvA8k10pKTY6NjTAo0t11rxYLQYDWRDv5OjJampJRPa7cV2y9fJBOBB7BOVmoHpFi ws0tK6IRDzaiEZ7yhoDTIkZtm6R30IiQscYZgYk4gNpNmhD5h+b0E5eGLiSN40jZ79axqi n25ahXA565l6kuMaLgi2WOyw7kXT8OSTJ1k7+bq//J6cv+Gn+1GMymZX5M63BH+/wmzBXd cU49VrvdbCtFxG+uxuvcWaydajKDje54wa7vwztW5GuRqP7ZRXW9EMRLXbLezdlQepVRiv EtbUp7jDFAoRxBJkQGkIMitX50ewZuKE4hMq4xCuXrgyume5NuVzmy6J/qFHiA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1715350381; a=rsa-sha256; cv=none; b=XwnS/ISKLTUhlXzjRpmVZVxD7rq4bplRP2ZoIw/KpojFP0hVByXb6ZL5dy8w8LFrmSUBI+ 2fC7r83JS+/f3G1G2k4jWaUG5O0139Nd4taSrlP3KKsnXitmL3VVBxGq/xo9suwjqLKyLD x9bN8ZBYalOYX8/SiqpDMxmOL2e8M5itkVZ39n0objCYrh/lJLkeghBzarqoGh6t/5LeqX YT7Ktatvamd1w7HqjK9MhUbt/8h3HilD3ej5nEqV3G/kf6oXCtvgISz39PR2vDbqasjAsm DxM277cqBn1Z917Zkl5NZzJAZZbbQRMu0Z09LlptN8mLHOdFDydAZshD8uJoeA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1715350381; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=gZOL8BwpNMijHH3atQr3pfAh6yWo3DGJYOZXk/nhzt0=; b=yt77P/6vb0LgHgBd1/H7bKxLqD9gmx99/j2pXrsbGRSpFdP6sjRchM5n5xeG7EzZmdJhM2 aLy6F6pNBPveXn8nUa+/XdMXxvNxLqEDeeQxY+kow7lcECpn+zLX4KglaKpXZFVrcBQDlb mcXiQTWbG2E6T2yUnNgKpUC3gJMFG352KcasV3GuuRa8zXPX1vChvxh69a9GE3gJ3McF3d fTNQmiEskELQRwlfRqPyvvpGjg8QQdbdR1JpQ1VPQroq4bGZBisekwqvFzNTlwe+KEx1/1 69PolzGkRwaF0eNqB+GlM21Adfk1IxSzeoeGk8CA5HNibdBV/CHV8hDUTpvH3g== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4VbW7K6LF0zgZV; Fri, 10 May 2024 14:13:01 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 44AED1LP069289; Fri, 10 May 2024 14:13:01 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 44AED16F069286; Fri, 10 May 2024 14:13:01 GMT (envelope-from git) Date: Fri, 10 May 2024 14:13:01 GMT Message-Id: <202405101413.44AED16F069286@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Zhenlei Huang Subject: git: e57876309dbe - stable/13 - sys/net/if_bridge: support non-INET kernels List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: zlei X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: e57876309dbe0e1ba9fdacc01b8be444bf997996 Auto-Submitted: auto-generated The branch stable/13 has been updated by zlei: URL: https://cgit.FreeBSD.org/src/commit/?id=e57876309dbe0e1ba9fdacc01b8be444bf997996 commit e57876309dbe0e1ba9fdacc01b8be444bf997996 Author: Lexi Winter AuthorDate: 2024-04-23 21:12:57 +0000 Commit: Zhenlei Huang CommitDate: 2024-05-10 14:10:29 +0000 sys/net/if_bridge: support non-INET kernels Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/1159 (cherry picked from commit 65767e6126a7e92bc76561b4ffd005cf85ba525e) if_bridge: Minor style fixes And more comments on the #ifdef INET blocks to improve readability. While here, revert the order of two prototypes to produce minimal diff compared to stable branches. (cherry picked from commit 73585176ffd84c13d68cad67c2ca81643f09075c) (cherry picked from commit d45f1f5193420fac7f9a64c0455991a80e7cb89a) --- sys/net/if_bridge.c | 48 +++++++++++++++++++++++++++++++++--------------- 1 file changed, 33 insertions(+), 15 deletions(-) diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c index 82526d848f5e..6dea0f046bfb 100644 --- a/sys/net/if_bridge.c +++ b/sys/net/if_bridge.c @@ -407,12 +407,14 @@ static int bridge_ioctl_sproto(struct bridge_softc *, void *); static int bridge_ioctl_stxhc(struct bridge_softc *, void *); static int bridge_pfil(struct mbuf **, struct ifnet *, struct ifnet *, int); +#ifdef INET static int bridge_ip_checkbasic(struct mbuf **mp); +static int bridge_fragment(struct ifnet *, struct mbuf **mp, + struct ether_header *, int, struct llc *); +#endif /* INET */ #ifdef INET6 static int bridge_ip6_checkbasic(struct mbuf **mp); #endif /* INET6 */ -static int bridge_fragment(struct ifnet *, struct mbuf **mp, - struct ether_header *, int, struct llc *); static void bridge_linkstate(struct ifnet *ifp); static void bridge_linkcheck(struct bridge_softc *sc); @@ -3282,12 +3284,15 @@ bridge_state_change(struct ifnet *ifp, int state) static int bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir) { - int snap, error, i, hlen; + int snap, error, i; struct ether_header *eh1, eh2; - struct ip *ip; struct llc llc1; u_int16_t ether_type; pfil_return_t rv; +#ifdef INET + struct ip *ip = NULL; + int hlen = 0; +#endif snap = 0; error = -1; /* Default error if not error == 0 */ @@ -3328,31 +3333,36 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir) } /* - * If we're trying to filter bridge traffic, don't look at anything - * other than IP and ARP traffic. If the filter doesn't understand - * IPv6, don't allow IPv6 through the bridge either. This is lame - * since if we really wanted, say, an AppleTalk filter, we are hosed, - * but of course we don't have an AppleTalk filter to begin with. - * (Note that since pfil doesn't understand ARP it will pass *ALL* - * ARP traffic.) + * If we're trying to filter bridge traffic, only look at traffic for + * protocols available in the kernel (IPv4 and/or IPv6) to avoid + * passing traffic for an unsupported protocol to the filter. This is + * lame since if we really wanted, say, an AppleTalk filter, we are + * hosed, but of course we don't have an AppleTalk filter to begin + * with. (Note that since pfil doesn't understand ARP it will pass + * *ALL* ARP traffic.) */ switch (ether_type) { +#ifdef INET case ETHERTYPE_ARP: case ETHERTYPE_REVARP: if (V_pfil_ipfw_arp == 0) return (0); /* Automatically pass */ - break; + /* FALLTHROUGH */ case ETHERTYPE_IP: +#endif #ifdef INET6 case ETHERTYPE_IPV6: #endif /* INET6 */ break; + default: /* - * Check to see if the user wants to pass non-ip - * packets, these will not be checked by pfil(9) and - * passed unconditionally so the default is to drop. + * We get here if the packet isn't from a supported + * protocol. Check to see if the user wants to pass + * non-IP packets, these will not be checked by pfil(9) + * and passed unconditionally so the default is to + * drop. */ if (V_pfil_onlyip) goto bad; @@ -3384,9 +3394,11 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir) */ if (dir == PFIL_IN) { switch (ether_type) { +#ifdef INET case ETHERTYPE_IP: error = bridge_ip_checkbasic(mp); break; +#endif #ifdef INET6 case ETHERTYPE_IPV6: error = bridge_ip6_checkbasic(mp); @@ -3406,6 +3418,7 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir) */ rv = PFIL_PASS; switch (ether_type) { +#ifdef INET case ETHERTYPE_IP: /* * Run pfil on the member interface and the bridge, both can @@ -3460,6 +3473,7 @@ bridge_pfil(struct mbuf **mp, struct ifnet *bifp, struct ifnet *ifp, int dir) ip->ip_sum = in_cksum(*mp, hlen); break; +#endif /* INET */ #ifdef INET6 case ETHERTYPE_IPV6: if (V_pfil_bridge && dir == PFIL_OUT && bifp != NULL && (rv = @@ -3514,6 +3528,7 @@ bad: return (error); } +#ifdef INET /* * Perform basic checks on header size since * pfil assumes ip_input has already processed @@ -3614,6 +3629,7 @@ bad: *mp = m; return (-1); } +#endif /* INET */ #ifdef INET6 /* @@ -3669,6 +3685,7 @@ bad: } #endif /* INET6 */ +#ifdef INET /* * bridge_fragment: * @@ -3745,6 +3762,7 @@ dropit: } return (error); } +#endif /* INET */ static void bridge_linkstate(struct ifnet *ifp)