PERFORCE change 52022 for review
Robert Watson
rwatson at FreeBSD.org
Sat May 1 03:28:51 GMT 2004
http://perforce.freebsd.org/chv.cgi?CH=52022
Change 52022 by rwatson at rwatson_tislabs on 2004/04/30 20:28:16
Apply changes from changeset 51880 to the TrustedBSD MAC branch
for testing prior to merge to the base FreeBSD tree:
In IP divert sockets, annotate that it would be preferable to use
the inpcb label to the socket label when sending an outgoing packet,
but don't change it for now because the inpcb isn't always used when
transmitting.
In raw sockets, assert the inpcb lock when sending with a raw
socket (it's always true, and also necessary). Re-code the MAC
Framework interaction here to use the inpcb rather than the socket
label to avoid interactions between inpcb and socket locking while
holding the inpcb lock.
In tcp_input(), assert the inpcb lock before checking with MAC that
the inpcb can receive the mbuf. This is redundant with a locking
assertion in the MAC Framework.
In tcp_output(), use the TCP inpcb rather than the socket to set
the label for a new mbuf. This avoids acquiring the socket lock
when we already hold the inpcb lock, which is sufficient.
In tcp_respond() and tcp_twrespond(), perform initial assertions
and setup of the inp pointer before starting to handle the packet.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/netinet/ip_divert.c#21 edit
.. //depot/projects/trustedbsd/mac/sys/netinet/raw_ip.c#31 edit
.. //depot/projects/trustedbsd/mac/sys/netinet/tcp_input.c#50 edit
.. //depot/projects/trustedbsd/mac/sys/netinet/tcp_output.c#22 edit
.. //depot/projects/trustedbsd/mac/sys/netinet/tcp_subr.c#43 edit
.. //depot/projects/trustedbsd/mac/sys/netinet/tcp_syncache.c#26 edit
.. //depot/projects/trustedbsd/mac/sys/netinet/udp_usrreq.c#30 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/netinet/ip_divert.c#21 (text+ko) ====
@@ -282,6 +282,9 @@
KASSERT(m->m_pkthdr.rcvif == NULL, ("rcvif not null"));
#ifdef MAC
+ /*
+ * XXXRW: perhaps should be mac_create_mbuf_from_inpcb()?
+ */
mac_create_mbuf_from_socket(so, m);
#endif
==== //depot/projects/trustedbsd/mac/sys/netinet/raw_ip.c#31 (text+ko) ====
@@ -145,6 +145,8 @@
{
int policyfail = 0;
+ INP_LOCK_ASSERT(last);
+
#if defined(IPSEC) || defined(FAST_IPSEC)
/* check AH/ESP integrity. */
if (ipsec4_in_reject(n, last)) {
@@ -244,9 +246,22 @@
struct inpcb *inp = sotoinpcb(so);
int flags = (so->so_options & SO_DONTROUTE) | IP_ALLOWBROADCAST;
+ /*
+ * XXXRW: Due to use of inp fields later in this function, the
+ * inp lock almost certainly needs to be held for the duration
+ * of the function, not just the MAC entry point.
+ */
#ifdef MAC
+ INP_LOCK(inp);
+ mac_create_mbuf_from_inpcb(inp, m);
+ INP_UNLOCK(inp);
+#if 0
+ /*
+ * XXXRW: Use inpcb instead.
+ */
mac_create_mbuf_from_socket(so, m);
#endif
+#endif
/*
* If the user handed us a complete IP packet, use it.
==== //depot/projects/trustedbsd/mac/sys/netinet/tcp_input.c#50 (text+ko) ====
@@ -751,6 +751,7 @@
tiwin = th->th_win;
#ifdef MAC
+ INP_LOCK_ASSERT(inp);
if (mac_check_inpcb_deliver(inp, m))
goto drop;
#endif
==== //depot/projects/trustedbsd/mac/sys/netinet/tcp_output.c#22 (text+ko) ====
@@ -696,8 +696,14 @@
}
m->m_pkthdr.rcvif = (struct ifnet *)0;
#ifdef MAC
+ /*
+ * XXX: use mac_create_mbuf_from_inpcb(inp, m) instead of socket.
+ */
+ mac_create_mbuf_from_inpcb(tp->t_inpcb, m);
+#if 0
mac_create_mbuf_from_socket(so, m);
#endif
+#endif
#ifdef INET6
if (isipv6) {
ip6 = mtod(m, struct ip6_hdr *);
==== //depot/projects/trustedbsd/mac/sys/netinet/tcp_subr.c#43 (text+ko) ====
@@ -402,7 +402,7 @@
int isipv6;
#endif /* INET6 */
int ipflags = 0;
- struct inpcb *inp = NULL;
+ struct inpcb *inp;
KASSERT(tp != NULL || m != NULL, ("tcp_respond: tp and m both NULL"));
@@ -417,6 +417,10 @@
KASSERT(inp != NULL, ("tcp control block w/o inpcb"));
INP_INFO_WLOCK_ASSERT(&tcbinfo);
INP_LOCK_ASSERT(inp);
+ } else
+ inp = NULL;
+
+ if (tp != NULL) {
if (!(flags & TH_RST)) {
win = sbspace(&inp->inp_socket->so_rcv);
if (win > (long)TCP_MAXWIN << tp->rcv_scale)
@@ -499,7 +503,14 @@
* Packet is associated with a socket, so allow the
* label of the response to reflect the socket label.
*/
+ INP_LOCK_ASSERT(inp);
+ mac_create_mbuf_from_inpcb(inp, m);
+#if 0
+ /*
+ * XXXRW: Use inpcb instead of socket here.
+ */
mac_create_mbuf_from_socket(inp->inp_socket, m);
+#endif
} else {
/*
* Packet is not associated with a socket, so possibly
==== //depot/projects/trustedbsd/mac/sys/netinet/tcp_syncache.c#26 (text+ko) ====
@@ -1129,8 +1129,15 @@
inp = sc->sc_tp->t_inpcb;
INP_LOCK(inp);
#ifdef MAC
+ /*
+ * XXXRW: Should be mac_create_mbuf_from_inpcb(inp, m) rather than
+ * from socket for locking reasons.
+ */
+ mac_create_mbuf_from_inpcb(inp, m);
+#if 0
mac_create_mbuf_from_socket(inp->inp_socket, m);
#endif
+#endif
#ifdef INET6
if (sc->sc_inc.inc_isipv6) {
==== //depot/projects/trustedbsd/mac/sys/netinet/udp_usrreq.c#30 (text+ko) ====
@@ -457,6 +457,8 @@
struct sockaddr *append_sa;
struct mbuf *opts = 0;
+ INP_LOCK_ASSERT(inp);
+
#if defined(IPSEC) || defined(FAST_IPSEC)
/* check AH/ESP integrity. */
if (ipsec4_in_reject(n, last)) {
@@ -734,8 +736,14 @@
INP_LOCK_ASSERT(inp);
#ifdef MAC
+ /*
+ * XXXRW: Use inpcb instead of socket.
+ */
+ mac_create_mbuf_from_inpcb(inp, m);
+#if 0
mac_create_mbuf_from_socket(inp->inp_socket, m);
#endif
+#endif
if (len + sizeof(struct udpiphdr) > IP_MAXPACKET) {
error = EMSGSIZE;
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list