From lahey@users.isi.deterlab.net  Thu Dec 21 11:49:03 2006
Return-Path: <lahey@users.isi.deterlab.net>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id DDF2A16A415
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 21 Dec 2006 11:49:03 +0000 (UTC)
	(envelope-from lahey@users.isi.deterlab.net)
Received: from users.isi.deterlab.net (users.isi.deterlab.net [206.117.25.49])
	by mx1.freebsd.org (Postfix) with ESMTP id A263E13C46F
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 21 Dec 2006 11:49:03 +0000 (UTC)
	(envelope-from lahey@users.isi.deterlab.net)
Received: from users.isi.deterlab.net (localhost.isi.deterlab.net [127.0.0.1])
	by users.isi.deterlab.net (8.13.6/8.13.6) with ESMTP id kBL2piPs075905
	for <FreeBSD-gnats-submit@freebsd.org>; Wed, 20 Dec 2006 18:51:44 -0800 (PST)
	(envelope-from lahey@users.isi.deterlab.net)
Received: (from lahey@localhost)
	by users.isi.deterlab.net (8.13.6/8.13.6/Submit) id kBL2pibx075904;
	Wed, 20 Dec 2006 18:51:44 -0800 (PST)
	(envelope-from lahey)
Message-Id: <200612210251.kBL2pibx075904@users.isi.deterlab.net>
Date: Wed, 20 Dec 2006 18:51:44 -0800 (PST)
From: Kevin Lahey <lahey@isi.edu>
Reply-To: Kevin Lahey <lahey@isi.edu>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: [patch] ng_ksocket fails to clear multicast flag on mbuf before passing to stack
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         106999
>Category:       kern
>Synopsis:       [netgraph] [patch] ng_ksocket fails to clear multicast flag on mbuf before passing to stack
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    bms
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Dec 21 11:50:18 GMT 2006
>Closed-Date:    Sun Mar 04 14:54:25 GMT 2007
>Last-Modified:  Sun Mar  4 15:00:12 GMT 2007
>Originator:     Kevin Lahey
>Release:        FreeBSD 6.1
>Organization:
ISI
>Environment:
System:  FreeBSD myboss.elab-tunnel1.detertest.isi.deterlab.net 6.1-RELEASE-p3 FreeBSD 6.1-RELEASE-p3 #0: Tue Aug  8 15:35:11 PDT 2006     root@bpc034:/usr/src/sys/i386/compile/TESTBED  i386

>Description:
I used netgraph to encapsulate an incoming Ethernet frame in UDP and 
send it off to a remote host.  When a multicast Ethernet frame was 
encapsulated in UDP, the Ethernet destination on the resulting packet 
was a multicast address, rather than the correct Ethernet address of 
the default router.  That is:

Original:      [UES:MED][IP Payload]
Encapsulated:  [UES2:MED2][IP][UDP][UES:MED][IP Payload]

UES, UES2 = Unicast Ethernet Source (both different)
MED, MED2 = Multicast Ethernet Destination (both different)
(And, yeah, the IP destination of the encapsulation was *not* multicast)

It appears that ng_ksocket doesn't strip off the mbuf flags on the
incoming mbufs before handing off to the regular network stack.
These flags are obeyed when the encapsulated packet is sent out,
resulting in a bogus Ethernet destination address derived from the
IP destination, rather than from the ARP table.

It looks like ng_ksocket got completely replumbed in -current, so
this probably might have been fixed already.

>How-To-Repeat:
	Here's the script I use to build the tunnel:  

  kldload /boot/kernel/{netgraph,ng_ksocket,ng_eiface,ng_socket,if_bridge}.ko
  
  # Originally from Keith Sklower
  
  ngctl -n self -f /dev/stdin << EOF
  mkpeer eiface dummy ether
  name self:dummy eif
  EOF
  
  # Need a gap to set up eif before creating more goop
  ngctl -f /dev/stdin << EOF
  mkpeer eif: ksocket ether inet/dgram/udp
  name eif:ether ksoc
  msg ksoc: bind inet/0.0.0.0:30000
  msg ksoc: connect inet/192.168.1.188:30000
  EOF
  
  ifconfig em4 up mtu 1500
  ifconfig ngeth0 link 00:14:22:23:89:28 up mtu 1500
  ifconfig bridge0 create
  ifconfig bridge0 addm em4 addm ngeth0 up

Send in a multicast Ethernet packet and watch the fireworks.
(Admittedly, the packet that screwed me up was a STP packet which
I probably *don't* want to forward, but...)
>Fix:


--- /share/freebsd/6.1/src/sys/netgraph/ng_ksocket.c	Fri Feb 24 03:23:05 2006
+++ ./ng_ksocket.c	Fri Dec 15 17:23:24 2006
@@ -919,6 +919,11 @@
 	    (stag->id == NG_NODE_ID(node) || stag->id == 0))
 		sa = &stag->sa;
 
+	/* Turn off any possibly bogus flags in the mbuf */
+
+	if (m->m_flags | (M_BCAST | M_MCAST))
+		m->m_flags &= (~(M_BCAST | M_MCAST));
+
 	/* Send packet */
 	error = (*so->so_proto->pr_usrreqs->pru_sosend)(so, sa, 0, m, 0, 0, td);
 

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-net 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Sat Dec 23 16:14:38 UTC 2006 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=106999 
Responsible-Changed-From-To: freebsd-net->bms 
Responsible-Changed-By: bms 
Responsible-Changed-When: Fri Feb 9 02:39:10 UTC 2007 
Responsible-Changed-Why:  
I'll take this 

http://www.freebsd.org/cgi/query-pr.cgi?pr=106999 

From: Bruce M Simpson <bms@incunabulum.net>
To: freebsd-gnats-submit@FreeBSD.org
Cc: Kevin Lahey <lahey@isi.edu>, Gleb Smirnoff <glebius@FreeBSD.org>
Subject: Re: kern/106999: [netgraph] [patch] ng_ksocket fails to clear multicast
 flag on mbuf before passing to stack
Date: Fri, 09 Feb 2007 02:41:03 +0000

 This is a multi-part message in MIME format.
 --------------060904090602090008030805
 Content-Type: text/plain; charset=ISO-8859-1; format=flowed
 Content-Transfer-Encoding: 7bit
 
 How about this?
 
 BMS
 
 
 --------------060904090602090008030805
 Content-Type: text/x-patch;
  name="106999.diff"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline;
  filename="106999.diff"
 
 Index: ng_ksocket.c
 ===================================================================
 RCS file: /home/ncvs/src/sys/netgraph/ng_ksocket.c,v
 retrieving revision 1.59
 diff -u -p -r1.59 ng_ksocket.c
 --- ng_ksocket.c	24 Jul 2006 15:20:07 -0000	1.59
 +++ ng_ksocket.c	9 Feb 2007 02:38:25 -0000
 @@ -919,6 +919,9 @@ ng_ksocket_rcvdata(hook_p hook, item_p i
  	    (stag->id == NG_NODE_ID(node) || stag->id == 0))
  		sa = &stag->sa;
  
 +	/* Reset layer specific mbuf flags to avoid confusing upper layers. */
 +	m->m_flags &= ~(M_PROTOFLAGS|M_BCAST|M_MCAST);
 +
  	/* Send packet */
  	error = sosend(so, sa, 0, m, 0, 0, td);
  
 
 --------------060904090602090008030805--

From: Bruce M Simpson <bms@incunabulum.net>
To: Kevin Lahey <lahey@ISI.EDU>
Cc: freebsd-gnats-submit@FreeBSD.org, 
 Gleb Smirnoff <glebius@FreeBSD.org>
Subject: Re: kern/106999: [netgraph] [patch] ng_ksocket fails to clear multicast
 flag on mbuf before passing to stack
Date: Fri, 09 Feb 2007 03:35:15 +0000

 Kevin Lahey wrote:
 > On Fri, 09 Feb 2007 02:41:03 +0000
 > Bruce M Simpson <bms@incunabulum.net> wrote:
 >
 >   
 >> +	/* Reset layer specific mbuf flags to avoid confusing upper layers. */
 >> +	m->m_flags &= ~(M_PROTOFLAGS|M_BCAST|M_MCAST);
 >>     
 >
 > Looks okay to me, although, of course, M_PROTOFLAGS isn't available in
 > my 6.1 source tree... :-)
 Ok, that is probably a product of cleaning up the layering. The 
 M_BCAST/M_MCAST flags should certainly go in. I was thinking of 
 introducing M_PROMISC from NetBSD to solve certain other problems.
 
 I see Robert touched this file because of the socket layer rewrite. I 
 will most likely just check this in in the AM (I'm in London, up late).
 
 BMS

From: Kevin Lahey <lahey@ISI.EDU>
To: Bruce M Simpson <bms@incunabulum.net>
Cc: freebsd-gnats-submit@FreeBSD.org, Kevin Lahey <lahey@ISI.EDU>,
        Gleb
 Smirnoff <glebius@FreeBSD.org>
Subject: Re: kern/106999: [netgraph] [patch] ng_ksocket fails to clear
 multicast flag on mbuf before passing to stack
Date: Thu, 8 Feb 2007 19:28:06 -0800

 On Fri, 09 Feb 2007 02:41:03 +0000
 Bruce M Simpson <bms@incunabulum.net> wrote:
 
 > +	/* Reset layer specific mbuf flags to avoid confusing upper layers. */
 > +	m->m_flags &= ~(M_PROTOFLAGS|M_BCAST|M_MCAST);
 
 Looks okay to me, although, of course, M_PROTOFLAGS isn't available in
 my 6.1 source tree... :-)
 
 Thanks,
 
 Kevin
 lahey@isi.edu
State-Changed-From-To: open->patched 
State-Changed-By: bms 
State-Changed-When: Fri Feb 9 12:35:42 UTC 2007 
State-Changed-Why:  
committed to HEAD pending MFC. thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=106999 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/106999: commit references a PR
Date: Fri,  9 Feb 2007 12:35:39 +0000 (UTC)

 bms         2007-02-09 12:35:30 UTC
 
   FreeBSD src repository
 
   Modified files:
     sys/netgraph         ng_ksocket.c 
   Log:
   In the output path, mask off M_BCAST|M_MCAST so as to prevent incorrect
   addressing if a packet is later re-encapsulated and sent to a
   non-broadcast, non-multicast destination after being received on the
   ng_ksocket input hook.
   
   PR:             106999
   Submitted by:   Kevin Lahey
   MFC after:      4 weeks
   
   Revision  Changes    Path
   1.60      +3 -0      src/sys/netgraph/ng_ksocket.c
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: patched->closed 
State-Changed-By: bms 
State-Changed-When: Sun Mar 4 14:54:17 UTC 2007 
State-Changed-Why:  
MFC 

http://www.freebsd.org/cgi/query-pr.cgi?pr=106999 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/106999: commit references a PR
Date: Sun,  4 Mar 2007 14:54:08 +0000 (UTC)

 bms         2007-03-04 14:54:02 UTC
 
   FreeBSD src repository
 
   Modified files:        (Branch: RELENG_6)
     sys/netgraph         ng_ksocket.c 
   Log:
   MFC rev 1.60:
     In the output path, mask off M_BCAST|M_MCAST so as to prevent incorrect
     addressing if a packet is later re-encapsulated and sent to a
     non-broadcast, non-multicast destination after being received on the
     ng_ksocket input hook.
   
   These mbuf flags should not be set on the mbuf packet header chain until
   the data thus sent re-enters ip_output() by way of the pru_sosend callback
   anyway.
   
   PR:             106999
   Tested by:      ume
   Submitted by:   Kevin Lahey
   
   Revision  Changes    Path
   1.55.2.4  +3 -0      src/sys/netgraph/ng_ksocket.c
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
