PERFORCE change 29098 for review
Robert Watson
rwatson at FreeBSD.org
Wed Apr 16 22:25:04 GMT 2003
http://perforce.freebsd.org/chv.cgi?CH=29098
Change 29098 by rwatson at rwatson_tislabs on 2003/04/16 15:24:52
Add socket and mbuf arguments to tcp_twrespond(): this guarantees us
a source of a label for use when generating a TCP packet. This
prevent panics due to a lack of a useful label in the resulting
mbuf.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/netinet/tcp_input.c#37 edit
.. //depot/projects/trustedbsd/mac/sys/netinet/tcp_subr.c#30 edit
.. //depot/projects/trustedbsd/mac/sys/netinet/tcp_var.h#11 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/netinet/tcp_input.c#37 (text+ko) ====
@@ -2931,7 +2931,7 @@
*/
if (thflags != TH_ACK || tlen != 0 ||
th->th_seq != tw->rcv_nxt || th->th_ack != tw->snd_nxt)
- tcp_twrespond(tw, TH_ACK);
+ tcp_twrespond(tw, NULL, m, TH_ACK);
goto drop;
reset:
==== //depot/projects/trustedbsd/mac/sys/netinet/tcp_subr.c#30 (text+ko) ====
@@ -1648,16 +1648,16 @@
}
tcp_discardcb(tp);
so = inp->inp_socket;
- so->so_pcb = NULL;
tw->tw_cred = crhold(so->so_cred);
tw->tw_so_options = so->so_options;
+ if (acknow)
+ tcp_twrespond(tw, so, NULL, TH_ACK);
+ so->so_pcb = NULL;
sotryfree(so);
inp->inp_socket = NULL;
inp->inp_ppcb = (caddr_t)tw;
inp->inp_vflag |= INP_TIMEWAIT;
tcp_timer_2msl_reset(tw, tw_time);
- if (acknow)
- tcp_twrespond(tw, TH_ACK);
INP_UNLOCK(inp);
}
@@ -1684,19 +1684,12 @@
}
/*
- * XXXMAC: Really, we need to pass in the mbuf we are responding to
- * so that we have a label to assign to the outgoing packet here.
- * Question: will one always be available? Should we pass in the
- * socket in the twstart case? Perhaps:
- *
- * tcp_twrespond(struct tcptw *tw, struct socket *so, struct mbuf *m,
- * int flags)
- *
- * Where one of the socket or mbuf must be non-NULL so as to provide
- * a label.
+ * One of so and msrc must be non-NULL for use by the MAC Framework to
+ * construct a label for ay resulting packet.
*/
int
-tcp_twrespond(struct tcptw *tw, int flags)
+tcp_twrespond(struct tcptw *tw, struct socket *so, struct mbuf *msrc,
+ int flags)
{
struct inpcb *inp = tw->tw_inpcb;
struct tcphdr *th;
@@ -1710,19 +1703,20 @@
int isipv6 = inp->inp_inc.inc_isipv6;
#endif
+ KASSERT(so != NULL || msrc != NULL,
+ ("tcp_twrespond: so and msrc NULL"));
+
m = m_gethdr(M_DONTWAIT, MT_HEADER);
if (m == NULL)
return (ENOBUFS);
m->m_data += max_linkhdr;
-#if 0
#ifdef MAC
if (so != NULL)
mac_create_mbuf_from_socket(so, m);
else
mac_create_mbuf_netlayer(msrc, m);
#endif
-#endif
#ifdef INET6
if (isipv6) {
==== //depot/projects/trustedbsd/mac/sys/netinet/tcp_var.h#11 (text+ko) ====
@@ -490,7 +490,7 @@
tcp_quench(struct inpcb *, int);
void tcp_respond(struct tcpcb *, void *,
struct tcphdr *, struct mbuf *, tcp_seq, tcp_seq, int);
-int tcp_twrespond(struct tcptw *, int);
+int tcp_twrespond(struct tcptw *, struct socket *, struct mbuf *, int);
struct rtentry *
tcp_rtlookup(struct in_conninfo *);
void tcp_setpersist(struct tcpcb *);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list