git: net: Reimplement packet loop detection based on mbuf tags
Aaron LI
aly at crater.dragonflybsd.org
Wed Feb 28 07:53:09 PST 2024
commit b44c913f6ebc2ff5523e1bf83880522a3bded4fe
Author: Aaron LI <aly at aaronly.me>
Date: Wed Feb 28 22:50:43 2024 +0800
net: Reimplement packet loop detection based on mbuf tags
The original naive implementation based on mbuf 'm_pkthdr.loop_cnt' was
flawed:
* There were likely some code paths that allocated mbufs failed to
initialize the 'loop_cnt' to be zero. This caused unwanted packet
drops in gif(4), as reported by Kyle Butt (iteratee).
* The 'loop_cnt' was system-wide and thus cannot distinguish between the
nesting of specific drivers. For example, it would break an actually
valid setup that makes use of both gif(4) and gre(4).
As a result, follow the FreeBSD's way and reimplement the packet loop
detection based on mbuf tags. Each driver is allocated a unique mbuf
tag cookie, and thus a unique mbuf tag will be created to track the
nesting level of each driver.
The if_tunnel_check_nesting() was derived from FreeBSD but I changed it
to use only one mbuf tag for each cookie (i.e., driver). Although it
can no longer directly detect that a packet loops through the same
interface, it would still be prevented as that would lead to infinite
recursions.
Update gif(4), gre(4) and wg(4) to use the new loop detection facility.
Bump __DragonFly_version as well.
Reported-by: Kyle Butt (iteratee)
Summary of changes:
sys/kern/uipc_mbuf.c | 1 -
sys/net/gif/if_gif.c | 15 +++++----------
sys/net/gre/if_gre.c | 12 ++++--------
sys/net/if.c | 37 +++++++++++++++++++++++++++++++++++++
sys/net/if_var.h | 3 ++-
sys/net/wg/if_wg.c | 5 ++++-
sys/sys/param.h | 4 +++-
7 files changed, 55 insertions(+), 22 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b44c913f6ebc2ff5523e1bf83880522a3bded4fe
--
DragonFly BSD source repository
More information about the Commits
mailing list