svn commit: r275741 - stable/9/sys/contrib/ipfilter/netinet

Craig Rodrigues rodrigc at FreeBSD.org
Sat Dec 13 04:50:15 UTC 2014 

Author: rodrigc
Date: Sat Dec 13 04:50:14 2014
New Revision: 275741
URL: https://svnweb.freebsd.org/changeset/base/275741

Log:
  Merge r275213.
  
  Set the current vnet inside the ioctl handler for ipfilter.
  
  Without this fix, the vnet was NULL and would crash.
  This fix is similar to what was done inside the ioctl handler for PF.
  
  Tested by:
     (1) Boot a kernel with "options VIMAGE" enabled
     (2) Type:
  
     echo "map lo0 from 10.0.0.0/24 to ! 10.0.0.0/24 -> 127.0.0.1/32" > /etc/ipnat.rules ; service ipnat onerestart
  
  PR: 176992
  Differential Revision: https://reviews.freebsd.org/D1191

Modified:
  stable/9/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c
Directory Properties:
  stable/9/   (props changed)
  stable/9/sys/   (props changed)

Modified: stable/9/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c
==============================================================================
--- stable/9/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c	Sat Dec 13 02:08:18 2014	(r275740)
+++ stable/9/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c	Sat Dec 13 04:50:14 2014	(r275741)
@@ -47,11 +47,12 @@ static const char rcsid[] = "@(#)$Id: ip
 #endif
 #include <sys/time.h>
 #include <sys/systm.h>
-#if (__FreeBSD_version >= 300000)
 # include <sys/dirent.h>
-#else
-# include <sys/dir.h>
+#if defined(__FreeBSD_version) && (__FreeBSD_version >= 800000)
+#include <sys/jail.h>
 #endif
+# include <sys/mbuf.h>
+# include <sys/sockopt.h>
 #if !defined(__hpux)
 # include <sys/mbuf.h>
 #endif
@@ -86,6 +87,12 @@ static const char rcsid[] = "@(#)$Id: ip
 #include <netinet/ip.h>
 #include <netinet/ip_var.h>
 #include <netinet/tcp.h>
+#if defined(__FreeBSD_version) && (__FreeBSD_version >= 800000)
+#include <net/vnet.h>
+#else
+#define CURVNET_SET(arg)
+#define CURVNET_RESTORE()
+#endif
 #if defined(__osf__)
 # include <netinet/tcp_timer.h>
 #endif
@@ -362,7 +369,9 @@ int mode;
 
 	SPL_NET(s);
 
+	CURVNET_SET(TD_TO_VNET(p));
 	error = fr_ioctlswitch(unit, data, cmd, mode, p->p_uid, p);
+	CURVNET_RESTORE();
 	if (error != -1) {
 		SPL_X(s);
 		return error;

More information about the svn-src-stable-9 mailing list