aboutsummaryrefslogtreecommitdiff
path: root/sys/netipsec
diff options
context:
space:
mode:
authorBjoern A. Zeeb <bz@FreeBSD.org>2019-11-15 21:44:17 +0000
committerBjoern A. Zeeb <bz@FreeBSD.org>2019-11-15 21:44:17 +0000
commit63abacc204f75d91d2a15b07a6d803a69a772697 (patch)
tree24cd0e67c14d1dfffbc2bd4b620685c030032cc5 /sys/netipsec
parenta61b5cfbbfd54c51c9ba6cc9aa19907911fb3aa9 (diff)
downloadsrc-63abacc204f75d91d2a15b07a6d803a69a772697.tar.gz
src-63abacc204f75d91d2a15b07a6d803a69a772697.zip
netinet*: replace IP6_EXTHDR_GET()
In a few places we have IP6_EXTHDR_GET() left in upper layer protocols. The IP6_EXTHDR_GET() macro might perform an m_pulldown() in case the data fragment is not contiguous. Convert these last remaining instances into m_pullup()s instead. In CARP, for example, we will a few lines later call m_pullup() anyway, the IPsec code coming from OpenBSD would otherwise have done the m_pullup() and are copying the data a bit later anyway, so pulling it in seems no better or worse. Note: this leaves very few m_pulldown() cases behind in the tree and we might want to consider removing them as well to make mbuf management easier again on a path to variable size mbufs, especially given m_pulldown() still has an issue not re-checking M_WRITEABLE(). Reviewed by: gallatin MFC after: 8 weeks Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D22335
Notes
Notes: svn path=/head/; revision=354749
Diffstat (limited to 'sys/netipsec')
-rw-r--r--sys/netipsec/xform_ah.c6
-rw-r--r--sys/netipsec/xform_esp.c11
2 files changed, 12 insertions, 5 deletions
diff --git a/sys/netipsec/xform_ah.c b/sys/netipsec/xform_ah.c
index eddc682d772b..2215d4f1c408 100644
--- a/sys/netipsec/xform_ah.c
+++ b/sys/netipsec/xform_ah.c
@@ -575,14 +575,14 @@ ah_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff)
/* Figure out header size. */
rplen = HDRSIZE(sav);
- /* XXX don't pullup, just copy header */
- IP6_EXTHDR_GET(ah, struct newah *, m, skip, rplen);
- if (ah == NULL) {
+ m = m_pullup(m, skip + rplen);
+ if (m == NULL) {
DPRINTF(("ah_input: cannot pullup header\n"));
AHSTAT_INC(ahs_hdrops); /*XXX*/
error = ENOBUFS;
goto bad;
}
+ ah = (struct newah *)(mtod(m, caddr_t) + skip);
/* Check replay window, if applicable. */
SECASVAR_LOCK(sav);
diff --git a/sys/netipsec/xform_esp.c b/sys/netipsec/xform_esp.c
index 18bd926c5b5f..3b5394243c8b 100644
--- a/sys/netipsec/xform_esp.c
+++ b/sys/netipsec/xform_esp.c
@@ -307,8 +307,15 @@ esp_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff)
ESPSTAT_INC(esps_badilen);
goto bad;
}
- /* XXX don't pullup, just copy header */
- IP6_EXTHDR_GET(esp, struct newesp *, m, skip, sizeof (struct newesp));
+
+ m = m_pullup(m, skip + sizeof(*esp));
+ if (m == NULL) {
+ DPRINTF(("%s: cannot pullup header\n", __func__));
+ ESPSTAT_INC(esps_hdrops); /*XXX*/
+ error = ENOBUFS;
+ goto bad;
+ }
+ esp = (struct newesp *)(mtod(m, caddr_t) + skip);
esph = sav->tdb_authalgxform;
espx = sav->tdb_encalgxform;