Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-8]: src Pull up following revision(s) (requested by ozaki-r in ti...
details: https://anonhg.NetBSD.org/src/rev/b9fadf61c6fc
branches: netbsd-8
changeset: 434023:b9fadf61c6fc
user: snj <snj%NetBSD.org@localhost>
date: Wed Jun 21 18:14:34 2017 +0000
description:
Pull up following revision(s) (requested by ozaki-r in ticket #51):
sys/netinet/tcp_input.c: revision 1.358
tests/net/ipsec/t_ipsec_misc.sh: revision 1.7
Fix KASSERT in tcp_input
inp can be NULL when receiving an IPv4 packet on an IPv4-mapped IPv6
address. In that case KASSERT(sotoinpcb(so) == inp) always fails.
Should fix PR kern/52304 (at least it fixes the same panic as the
report)
--
Add test cases of TCP/IPsec on an IPv4-mapped IPv6 address
It reproduces the same panic reported in PR kern/52304
(but not sure that its cause is also same).
diffstat:
sys/netinet/tcp_input.c | 12 +++++-
tests/net/ipsec/t_ipsec_misc.sh | 65 ++++++++++++++++++++++++++++++++++++----
2 files changed, 67 insertions(+), 10 deletions(-)
diffs (153 lines):
diff -r d1ebefec8c69 -r b9fadf61c6fc sys/netinet/tcp_input.c
--- a/sys/netinet/tcp_input.c Wed Jun 21 18:12:40 2017 +0000
+++ b/sys/netinet/tcp_input.c Wed Jun 21 18:14:34 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: tcp_input.c,v 1.357 2017/04/20 08:46:07 ozaki-r Exp $ */
+/* $NetBSD: tcp_input.c,v 1.357.4.1 2017/06/21 18:14:34 snj Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@@ -148,7 +148,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: tcp_input.c,v 1.357 2017/04/20 08:46:07 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: tcp_input.c,v 1.357.4.1 2017/06/21 18:14:34 snj Exp $");
#ifdef _KERNEL_OPT
#include "opt_inet.h"
@@ -1835,7 +1835,13 @@
switch (af) {
#ifdef INET
case AF_INET:
- KASSERT(sotoinpcb(so) == inp);
+ /*
+ * inp can be NULL when
+ * receiving an IPv4 packet on
+ * an IPv4-mapped IPv6 address.
+ */
+ KASSERT(inp == NULL ||
+ sotoinpcb(so) == inp);
if (!ipsec4_in_reject(m, inp))
break;
IPSEC_STATINC(
diff -r d1ebefec8c69 -r b9fadf61c6fc tests/net/ipsec/t_ipsec_misc.sh
--- a/tests/net/ipsec/t_ipsec_misc.sh Wed Jun 21 18:12:40 2017 +0000
+++ b/tests/net/ipsec/t_ipsec_misc.sh Wed Jun 21 18:14:34 2017 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: t_ipsec_misc.sh,v 1.6 2017/06/01 03:56:47 ozaki-r Exp $
+# $NetBSD: t_ipsec_misc.sh,v 1.6.2.1 2017/06/21 18:14:34 snj Exp $
#
# Copyright (c) 2017 Internet Initiative Japan Inc.
# All rights reserved.
@@ -313,22 +313,23 @@
test_tcp()
{
- local proto=$1
+ local local_proto=$1
local ip_local=$2
- local ip_peer=$3
+ local peer_proto=$3
+ local ip_peer=$4
local port=1234
local file_send=./file.send
local file_recv=./file.recv
local opts=
- if [ $proto = ipv4 ]; then
+ if [ $local_proto = ipv4 ]; then
opts="-N -w 3 -4"
else
opts="-N -w 3 -6"
fi
# Start nc server
- start_nc_server $SOCK_PEER $port $file_recv $proto
+ start_nc_server $SOCK_PEER $port $file_recv $peer_proto
export RUMP_SERVER=$SOCK_LOCAL
# Send a file to the server
@@ -371,7 +372,7 @@
extract_new_packets $BUS > $outfile
- test_tcp ipv4 $ip_local $ip_peer
+ test_tcp ipv4 $ip_local ipv4 $ip_peer
extract_new_packets $BUS > $outfile
$DEBUG && cat $outfile
@@ -415,7 +416,54 @@
extract_new_packets $BUS > $outfile
- test_tcp ipv6 $ip_local $ip_peer
+ test_tcp ipv6 $ip_local ipv6 $ip_peer
+
+ extract_new_packets $BUS > $outfile
+ $DEBUG && cat $outfile
+
+ if [ $proto != none ]; then
+ atf_check -s exit:0 \
+ -o match:"$ip_local > $ip_peer: $proto_cap" \
+ cat $outfile
+ atf_check -s exit:0 \
+ -o match:"$ip_peer > $ip_local: $proto_cap" \
+ cat $outfile
+ fi
+}
+
+test_tcp_ipv4mappedipv6()
+{
+ local proto=$1
+ local algo=$2
+ local ip_local=10.0.0.1
+ local ip_peer=10.0.0.2
+ local ip6_peer=::ffff:10.0.0.2
+ local algo_args="$(generate_algo_args $proto $algo)"
+ local proto_cap=$(echo $proto | tr 'a-z' 'A-Z')
+ local outfile=./out
+
+ rump_server_crypto_start $SOCK_LOCAL netipsec
+ rump_server_crypto_start $SOCK_PEER netipsec netinet6
+ rump_server_add_iface $SOCK_LOCAL shmif0 $BUS
+ rump_server_add_iface $SOCK_PEER shmif0 $BUS
+
+ export RUMP_SERVER=$SOCK_LOCAL
+ atf_check -s exit:0 rump.ifconfig shmif0 $ip_local/24
+ atf_check -s exit:0 rump.ifconfig -w 10
+
+ export RUMP_SERVER=$SOCK_PEER
+ atf_check -s exit:0 -o ignore rump.sysctl -w net.inet6.ip6.v6only=0
+ atf_check -s exit:0 rump.ifconfig shmif0 $ip_peer/24
+ atf_check -s exit:0 rump.ifconfig shmif0 inet6 $ip6_peer/96
+ atf_check -s exit:0 rump.ifconfig -w 10
+
+ if [ $proto != none ]; then
+ setup_sasp $proto "$algo_args" $ip_local $ip_peer 100
+ fi
+
+ extract_new_packets $BUS > $outfile
+
+ test_tcp ipv4 $ip_local ipv6 $ip_peer
extract_new_packets $BUS > $outfile
$DEBUG && cat $outfile
@@ -473,14 +521,17 @@
add_test_lifetime ipv6 esp $algo
add_test_tcp ipv4 esp $algo
add_test_tcp ipv6 esp $algo
+ add_test_tcp ipv4mappedipv6 esp $algo
done
for algo in $AH_AUTHENTICATION_ALGORITHMS_MINIMUM; do
add_test_lifetime ipv4 ah $algo
add_test_lifetime ipv6 ah $algo
add_test_tcp ipv4 ah $algo
add_test_tcp ipv6 ah $algo
+ add_test_tcp ipv4mappedipv6 ah $algo
done
add_test_tcp ipv4 none
add_test_tcp ipv6 none
+ add_test_tcp ipv4mappedipv6 none
}
Home |
Main Index |
Thread Index |
Old Index