From nobody Wed May 08 11:19:57 2024 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VZCNZ1L8yz5KsvD; Wed, 08 May 2024 11:19:58 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4VZCNY5sMrz49Lk; Wed, 8 May 2024 11:19:57 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1715167197; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=oaWDFoI/4u79AwWqfpsX5XYy4hyAIvGjO9XlaggLDsc=; b=tWl39qWCxfp0M7+g700MYWshVDUhKWB5CaA9Aio7//ehVy6sg6At6OzV3/1XDB4T5aEyYF 1kQ5UvoS62WIjKm6tcCA4Rz3gzUHqtY6JDbfc/r5H2hmmzmIOwWQkAadwgsIDfZnlHgI73 P0hP+6CcTLdAMMEKqTfY0ltnKp9qLc3BCphzw0GfBbUBDC93wmwaJFmCASYiVaiMI+THIu L4qYousNrg0uMcF0JT2uivLSHbC4fWsG2Rm+q1d7msb973VW7KQPnyRtis4QjC506ohN8K Cha75J0e0fwA+yDODnjnWtSxGG06EY3uBpBo3QEDUFKpUhdeu7+rGwpF2VL01A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1715167197; a=rsa-sha256; cv=none; b=AUM2TI9gQKHd+nWDXQWWn/U1V4kIRmIbgQvhRaFcCxP0V8TMbpxJNwP6tZf/kh2yPnezxh J5e2bVjDqtxeaJLYUQ95DMIByy/Q6vlthj8Fn5kjZWo9ItCYLpL4NE60abjNAsMOQ13yLA U6haq3cnzrB8dWt2W5LN/2mnYqv/cWqBZ+Q6xCYQVXHWVXlHjNt8ILxk1/KO1b2+W+4HMo 1CPDuvjPCN10483OVqIqLrrpLTDeq4wPQChCMy8dkDCaC8i4Xs9o/PWCxAudTWihsMEWcj HmnfHHCCD15KrTYUzf70Pr9OTR4Uioc2ZHJNmnDd14yMghp596Jebf1MggxQ9w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1715167197; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=oaWDFoI/4u79AwWqfpsX5XYy4hyAIvGjO9XlaggLDsc=; b=dNlWMgWCu52Wzcjwpcgq6s3s3E9HKtjHJ7ypy1r+Yt9LFGcmGdFXSt9yjeiJQccbwbQhwW CSr2nd7ryvYy6MpTrIa1TsHkDB1PedP+OmoZBORW6098CqOJ26RbRsaV6IV8fdpyJCp+KV rs/zbi39dlZGjNpPvwLyYrj7G1E38z83atATotAQJ8iJ4LFEHDaFTUeHxts58Vz7lJ6qOE 2GiEsyjHHX8O3bxCOsfvRdcLF8llK7xji+asXnAppF/RdzpsnzRIJDbu0rMOIBtO2DEKqo ae6aVbXW6TTU/aget40/xmXDNKKpRsmOmzG5o/kIZmOFN75GJGVfJGx294NiwQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4VZCNY4gZszM6d; Wed, 8 May 2024 11:19:57 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 448BJvO4094664; Wed, 8 May 2024 11:19:57 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 448BJvWS094661; Wed, 8 May 2024 11:19:57 GMT (envelope-from git) Date: Wed, 8 May 2024 11:19:57 GMT Message-Id: <202405081119.448BJvWS094661@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Kristof Provost Subject: git: 601438fbfa8e - main - carp: refactor packet tagging for ether_output() List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 601438fbfa8e5aa47b6e3417b253c10cd9b34d1d Auto-Submitted: auto-generated The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=601438fbfa8e5aa47b6e3417b253c10cd9b34d1d commit 601438fbfa8e5aa47b6e3417b253c10cd9b34d1d Author: Gleb Smirnoff AuthorDate: 2024-04-30 02:36:42 +0000 Commit: Kristof Provost CommitDate: 2024-05-08 11:19:04 +0000 carp: refactor packet tagging for ether_output() - Separate HMAC preparation (CARP specific) from tagging. - In unicast mode (CARP specific) don't put tag at all. - Don't put pointer to software context into the tag. Putting just vhid, an integer value, is a safer design. Reviewed by: kp Differential Revision: https://reviews.freebsd.org/D45038 --- sys/netinet/ip_carp.c | 37 ++++++++++++++----------------------- 1 file changed, 14 insertions(+), 23 deletions(-) diff --git a/sys/netinet/ip_carp.c b/sys/netinet/ip_carp.c index de439df97c59..d7dd6ced2e44 100644 --- a/sys/netinet/ip_carp.c +++ b/sys/netinet/ip_carp.c @@ -1055,22 +1055,24 @@ carp_tag(struct carp_softc *sc, struct mbuf *m) struct m_tag *mtag; /* Tag packet for carp_output */ - if ((mtag = m_tag_get(PACKET_TAG_CARP, sizeof(struct carp_softc *), + if ((mtag = m_tag_get(PACKET_TAG_CARP, sizeof(sc->sc_vhid), M_NOWAIT)) == NULL) { m_freem(m); CARPSTATS_INC(carps_onomem); return (ENOMEM); } - bcopy(&sc, mtag + 1, sizeof(sc)); + bcopy(&sc->sc_vhid, mtag + 1, sizeof(sc->sc_vhid)); m_tag_prepend(m, mtag); return (0); } -static int +static void carp_prepare_ad(struct mbuf *m, struct carp_softc *sc, struct carp_header *ch) { + MPASS(sc->sc_version == CARP_VERSION_CARP); + if (sc->sc_init_counter) { /* this could also be seconds since unix epoch */ sc->sc_counter = arc4random(); @@ -1083,8 +1085,6 @@ carp_prepare_ad(struct mbuf *m, struct carp_softc *sc, struct carp_header *ch) ch->carp_counter[1] = htonl(sc->sc_counter&0xffffffff); carp_hmac_generate(sc, ch->carp_counter, ch->carp_md); - - return (carp_tag(sc, m)); } static inline void @@ -1273,7 +1273,9 @@ carp_send_ad_locked(struct carp_softc *sc) ch_ptr = (struct carp_header *)(&ip[1]); bcopy(&ch, ch_ptr, sizeof(ch)); - if (carp_prepare_ad(m, sc, ch_ptr)) + carp_prepare_ad(m, sc, ch_ptr); + if (IN_MULTICAST(ntohl(sc->sc_carpaddr.s_addr)) && + carp_tag(sc, m) != 0) goto resched; m->m_data += sizeof(*ip); @@ -1333,7 +1335,9 @@ carp_send_ad_locked(struct carp_softc *sc) ch_ptr = (struct carp_header *)(&ip6[1]); bcopy(&ch, ch_ptr, sizeof(ch)); - if (carp_prepare_ad(m, sc, ch_ptr)) + carp_prepare_ad(m, sc, ch_ptr); + if (IN6_IS_ADDR_MULTICAST(&sc->sc_carpaddr6) && + carp_tag(sc, m) != 0) goto resched; m->m_data += sizeof(*ip6); @@ -2019,7 +2023,7 @@ int carp_output(struct ifnet *ifp, struct mbuf *m, const struct sockaddr *sa) { struct m_tag *mtag; - struct carp_softc *sc; + int vhid; if (!sa) return (0); @@ -2041,20 +2045,7 @@ carp_output(struct ifnet *ifp, struct mbuf *m, const struct sockaddr *sa) if (mtag == NULL) return (0); - bcopy(mtag + 1, &sc, sizeof(sc)); - - switch (sa->sa_family) { - case AF_INET: - if (! IN_MULTICAST(ntohl(sc->sc_carpaddr.s_addr))) - return (0); - break; - case AF_INET6: - if (! IN6_IS_ADDR_MULTICAST(&sc->sc_carpaddr6)) - return (0); - break; - default: - panic("Unknown af"); - } + bcopy(mtag + 1, &vhid, sizeof(vhid)); /* Set the source MAC address to the Virtual Router MAC Address. */ switch (ifp->if_type) { @@ -2069,7 +2060,7 @@ carp_output(struct ifnet *ifp, struct mbuf *m, const struct sockaddr *sa) eh->ether_shost[2] = 0x5e; eh->ether_shost[3] = 0; eh->ether_shost[4] = 1; - eh->ether_shost[5] = sc->sc_vhid; + eh->ether_shost[5] = vhid; } break; default: