From nobody@FreeBSD.org  Wed Jun  4 19:23:25 2008
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B76CF1065672
	for <freebsd-gnats-submit@FreeBSD.org>; Wed,  4 Jun 2008 19:23:25 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 9CB208FC17
	for <freebsd-gnats-submit@FreeBSD.org>; Wed,  4 Jun 2008 19:23:25 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.2/8.14.2) with ESMTP id m54JNP7a057598
	for <freebsd-gnats-submit@FreeBSD.org>; Wed, 4 Jun 2008 19:23:25 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.2/8.14.1/Submit) id m54JNPET057597;
	Wed, 4 Jun 2008 19:23:25 GMT
	(envelope-from nobody)
Message-Id: <200806041923.m54JNPET057597@www.freebsd.org>
Date: Wed, 4 Jun 2008 19:23:25 GMT
From: Scott Aitchison <saitchison@borderware.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: INP_PORTHIGH and INP_ONESBCAST share same value
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         124282
>Category:       kern
>Synopsis:       [libc] socket(2): INP_PORTHIGH and INP_ONESBCAST share same value
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    rwatson
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Jun 04 19:30:01 UTC 2008
>Closed-Date:    Thu Mar 26 23:15:39 UTC 2009
>Last-Modified:  Thu Mar 26 23:15:39 UTC 2009
>Originator:     Scott Aitchison
>Release:        6.3-STABLE i386
>Organization:
BorderWare Technologies
>Environment:
FreeBSD rush.borderware.com 6.3-RELEASE FreeBSD 6.3-RELEASE #1: Tue Jan 29 14:58:12 EST 2008     root@rush.borderware.com:/usr/obj/usr/src/sys/RUSH  i386
>Description:
If IP_PORTRANGE_HIGH is set as a socket option, it will set INP_PORTHIGH
on inp_flags.  However, since INP_ONESBCAST is the same value and is also
set in inp_flags, this will cause some problems with UDP checksums on these
sockets.

This was fixed previously in kern/87306, however it was reintroduced in
kern/99558

>How-To-Repeat:
Call setsockopt() with IP_PORTRANGE_HIGH on a UDP socket.  Send traffic
through socket.
>Fix:


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-net 
Responsible-Changed-By: brucec 
Responsible-Changed-When: Mon Mar 23 21:45:54 UTC 2009 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=124282 
Responsible-Changed-From-To: freebsd-net->rwatson 
Responsible-Changed-By: bz 
Responsible-Changed-When: Tue Mar 24 07:12:57 UTC 2009 
Responsible-Changed-Why:  
Robert has fixed this in HEAD already. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=124282 
State-Changed-From-To: open->patched 
State-Changed-By: rwatson 
State-Changed-When: Tue Mar 24 16:11:49 UTC 2009 
State-Changed-Why:  
Per Bjoern's comments, this is fixed in 8.x, and I plan to MFC for 7.2. 
I will follow up on this PR once it's merged.  Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=124282 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/124282: commit references a PR
Date: Thu, 26 Mar 2009 22:54:36 +0000 (UTC)

 Author: rwatson
 Date: Thu Mar 26 22:54:19 2009
 New Revision: 190457
 URL: http://svn.freebsd.org/changeset/base/190457
 
 Log:
   r189615:
   
     Remove now-unused INP_UNMAPPABLEOPTS.
   
     Discussd with: bz
   
   r189637:
   
     Avoid use of IPv6  macro aliases to inpcb fields and inp_flags; we don't
     remove their defintions as some third-party tools may use them (such as
     net-snmp), unlike in the 8.x change.
   
     References to in6p_lport and in6_fport in sockstat are also replaced with
     normal inp_lport and inp_fport references.
   
     Reviewed by:   bz
   
   r189848:
   
     Correct a number of evolved problems with inp_vflag and inp_flags:
     certain flags that should have been in inp_flags ended up in inp_vflag,
     meaning that they were inconsistently locked, and in one case,
     interpreted.  Move the following flags from inp_vflag to gaps in the
     inp_flags space (and clean up the inp_flags constants to make gaps
     more obvious to future takers):
   
       INP_TIMEWAIT
       INP_SOCKREF
       INP_ONESBCAST
       INP_DROPPED
   
     Some aspects of this change have no effect on kernel ABI at all, as these
     are UDP/TCP/IP-internal uses; however, netstat and sockstat detect
     INP_TIMEWAIT when listing TCP sockets, so any MFC will need to take this
     into account.
   
     MFC after:      1 week (or after dependencies are MFC'd)
     Reviewed by:    bz
   
   Note that this change requires netstat, systat, and sockstat to be
   recompiled in order to properly print TIMEWAIT connection state; this
   minor API change (documented in UPDATING) is considered worth it in
   order to fix the above bugs.  This change fixes the INP_ONESBCAST bug
   describted in kern/124282 by disambiguating flag use.
   
   Approved by:    re (kib)
   PR:             kern/124282
   r189637 discussed with:	pav
 
 Modified:
   stable/7/UPDATING
   stable/7/sys/   (props changed)
   stable/7/sys/contrib/pf/   (props changed)
   stable/7/sys/dev/ath/ath_hal/   (props changed)
   stable/7/sys/dev/cxgb/   (props changed)
   stable/7/sys/netinet/in_pcb.c
   stable/7/sys/netinet/in_pcb.h
   stable/7/sys/netinet/tcp_input.c
   stable/7/sys/netinet/tcp_subr.c
   stable/7/sys/netinet/tcp_timer.c
   stable/7/sys/netinet/tcp_timewait.c
   stable/7/sys/netinet/tcp_usrreq.c
   stable/7/sys/netinet6/in6_pcb.c
   stable/7/usr.bin/netstat/   (props changed)
   stable/7/usr.bin/netstat/inet.c
   stable/7/usr.bin/sockstat/   (props changed)
   stable/7/usr.bin/sockstat/sockstat.c
   stable/7/usr.bin/systat/   (props changed)
   stable/7/usr.bin/systat/netstat.c
 
 Modified: stable/7/UPDATING
 ==============================================================================
 --- stable/7/UPDATING	Thu Mar 26 21:29:38 2009	(r190456)
 +++ stable/7/UPDATING	Thu Mar 26 22:54:19 2009	(r190457)
 @@ -8,6 +8,11 @@ Items affecting the ports and packages s
  /usr/ports/UPDATING.  Please read that file before running
  portupgrade.
  
 +20090326:
 +	Following bug-fixes to TCP connection state flags, netstat, systat,
 +	and sockstat will need to be rebuilt in order to properly print
 +	connections in the TIMEWAIT state.
 +
  20090318:
  	Change IPv6 ephemeral port allocation from sequential to
  	random allocation, like IPv4 has done for more than four years.
 
 Modified: stable/7/sys/netinet/in_pcb.c
 ==============================================================================
 --- stable/7/sys/netinet/in_pcb.c	Thu Mar 26 21:29:38 2009	(r190456)
 +++ stable/7/sys/netinet/in_pcb.c	Thu Mar 26 22:54:19 2009	(r190457)
 @@ -358,7 +358,7 @@ in_pcbbind_setup(struct inpcb *inp, stru
  	 * This entire block sorely needs a rewrite.
  	 */
  				if (t &&
 -				    ((t->inp_vflag & INP_TIMEWAIT) == 0) &&
 +				    ((t->inp_flags & INP_TIMEWAIT) == 0) &&
  				    (so->so_type != SOCK_STREAM ||
  				     ntohl(t->inp_faddr.s_addr) == INADDR_ANY) &&
  				    (ntohl(sin->sin_addr.s_addr) != INADDR_ANY ||
 @@ -371,7 +371,7 @@ in_pcbbind_setup(struct inpcb *inp, stru
  			}
  			t = in_pcblookup_local(pcbinfo, sin->sin_addr,
  			    lport, wild, cred);
 -			if (t && (t->inp_vflag & INP_TIMEWAIT)) {
 +			if (t && (t->inp_flags & INP_TIMEWAIT)) {
  				/*
  				 * XXXRW: If an incpb has had its timewait
  				 * state recycled, we treat the address as
 @@ -954,7 +954,7 @@ in_pcbdrop(struct inpcb *inp)
  	INP_INFO_WLOCK_ASSERT(inp->inp_pcbinfo);
  	INP_WLOCK_ASSERT(inp);
  
 -	inp->inp_vflag |= INP_DROPPED;
 +	inp->inp_flags |= INP_DROPPED;
  	if (inp->inp_flags & INP_INHASHLIST) {
  		struct inpcbport *phd = inp->inp_phd;
  
 @@ -1746,6 +1746,22 @@ db_print_inpflags(int inp_flags)
  		db_printf("%sIN6P_AUTOFLOWLABEL", comma ? ", " : "");
  		comma = 1;
  	}
 +	if (inp_flags & INP_TIMEWAIT) {
 +		db_printf("%sINP_TIMEWAIT", comma ? ", " : "");
 +		comma  = 1;
 +	}
 +	if (inp_flags & INP_ONESBCAST) {
 +		db_printf("%sINP_ONESBCAST", comma ? ", " : "");
 +		comma  = 1;
 +	}
 +	if (inp_flags & INP_DROPPED) {
 +		db_printf("%sINP_DROPPED", comma ? ", " : "");
 +		comma  = 1;
 +	}
 +	if (inp_flags & INP_SOCKREF) {
 +		db_printf("%sINP_SOCKREF", comma ? ", " : "");
 +		comma  = 1;
 +	}
  	if (inp_flags & IN6P_RFC2292) {
  		db_printf("%sIN6P_RFC2292", comma ? ", " : "");
  		comma = 1;
 @@ -1774,22 +1790,6 @@ db_print_inpvflag(u_char inp_vflag)
  		db_printf("%sINP_IPV6PROTO", comma ? ", " : "");
  		comma  = 1;
  	}
 -	if (inp_vflag & INP_TIMEWAIT) {
 -		db_printf("%sINP_TIMEWAIT", comma ? ", " : "");
 -		comma  = 1;
 -	}
 -	if (inp_vflag & INP_ONESBCAST) {
 -		db_printf("%sINP_ONESBCAST", comma ? ", " : "");
 -		comma  = 1;
 -	}
 -	if (inp_vflag & INP_DROPPED) {
 -		db_printf("%sINP_DROPPED", comma ? ", " : "");
 -		comma  = 1;
 -	}
 -	if (inp_vflag & INP_SOCKREF) {
 -		db_printf("%sINP_SOCKREF", comma ? ", " : "");
 -		comma  = 1;
 -	}
  }
  
  void
 
 Modified: stable/7/sys/netinet/in_pcb.h
 ==============================================================================
 --- stable/7/sys/netinet/in_pcb.h	Thu Mar 26 21:29:38 2009	(r190456)
 +++ stable/7/sys/netinet/in_pcb.h	Thu Mar 26 22:54:19 2009	(r190457)
 @@ -416,38 +416,38 @@ void 	inp_4tuple_get(struct inpcb *inp, 
  #define	INP_IPV4	0x1
  #define	INP_IPV6	0x2
  #define	INP_IPV6PROTO	0x4		/* opened under IPv6 protocol */
 -#define	INP_TIMEWAIT	0x8		/* inpcb in TIMEWAIT, ppcb is tcptw */
 -#define	INP_ONESBCAST	0x10		/* send all-ones broadcast */
 -#define	INP_DROPPED	0x20		/* protocol drop flag */
 -#define	INP_SOCKREF	0x40		/* strong socket reference */
  
  /*
   * Flags for inp_flag.
   */
 -#define	INP_RECVOPTS		0x01	/* receive incoming IP options */
 -#define	INP_RECVRETOPTS		0x02	/* receive IP options for reply */
 -#define	INP_RECVDSTADDR		0x04	/* receive IP dst address */
 -#define	INP_HDRINCL		0x08	/* user supplies entire IP header */
 -#define	INP_HIGHPORT		0x10	/* user wants "high" port binding */
 -#define	INP_LOWPORT		0x20	/* user wants "low" port binding */
 -#define	INP_ANONPORT		0x40	/* port chosen for user */
 -#define	INP_RECVIF		0x80	/* receive incoming interface */
 -#define	INP_MTUDISC		0x100	/* user can do MTU discovery */
 -#define	INP_FAITH		0x200	/* accept FAITH'ed connections */
 -#define	INP_RECVTTL		0x400	/* receive incoming IP TTL */
 -#define	INP_DONTFRAG		0x800	/* don't fragment packet */
 -#define	INP_INHASHLIST		0x2000	/* in_pcbinshash() has been called */
 -
 -#define IN6P_IPV6_V6ONLY	0x008000 /* restrict AF_INET6 socket for v6 */
 -
 -#define	IN6P_PKTINFO		0x010000 /* receive IP6 dst and I/F */
 -#define	IN6P_HOPLIMIT		0x020000 /* receive hoplimit */
 -#define	IN6P_HOPOPTS		0x040000 /* receive hop-by-hop options */
 -#define	IN6P_DSTOPTS		0x080000 /* receive dst options after rthdr */
 -#define	IN6P_RTHDR		0x100000 /* receive routing header */
 -#define	IN6P_RTHDRDSTOPTS	0x200000 /* receive dstoptions before rthdr */
 -#define	IN6P_TCLASS		0x400000 /* receive traffic class value */
 -#define	IN6P_AUTOFLOWLABEL	0x800000 /* attach flowlabel automatically */
 +#define	INP_RECVOPTS		0x00000001 /* receive incoming IP options */
 +#define	INP_RECVRETOPTS		0x00000002 /* receive IP options for reply */
 +#define	INP_RECVDSTADDR		0x00000004 /* receive IP dst address */
 +#define	INP_HDRINCL		0x00000008 /* user supplies entire IP header */
 +#define	INP_HIGHPORT		0x00000010 /* user wants "high" port binding */
 +#define	INP_LOWPORT		0x00000020 /* user wants "low" port binding */
 +#define	INP_ANONPORT		0x00000040 /* port chosen for user */
 +#define	INP_RECVIF		0x00000080 /* receive incoming interface */
 +#define	INP_MTUDISC		0x00000100 /* user can do MTU discovery */
 +#define	INP_FAITH		0x00000200 /* accept FAITH'ed connections */
 +#define	INP_RECVTTL		0x00000400 /* receive incoming IP TTL */
 +#define	INP_DONTFRAG		0x00000800 /* don't fragment packet */
 +#define	INP_NONLOCALOK		0x00001000 /* Allow bind to spoof any address */
 +					/* - requires options IP_NONLOCALBIND */
 +#define	INP_INHASHLIST		0x00002000 /* in_pcbinshash() has been called */
 +#define	IN6P_IPV6_V6ONLY	0x00008000 /* restrict AF_INET6 socket for v6 */
 +#define	IN6P_PKTINFO		0x00010000 /* receive IP6 dst and I/F */
 +#define	IN6P_HOPLIMIT		0x00020000 /* receive hoplimit */
 +#define	IN6P_HOPOPTS		0x00040000 /* receive hop-by-hop options */
 +#define	IN6P_DSTOPTS		0x00080000 /* receive dst options after rthdr */
 +#define	IN6P_RTHDR		0x00100000 /* receive routing header */
 +#define	IN6P_RTHDRDSTOPTS	0x00200000 /* receive dstoptions before rthdr */
 +#define	IN6P_TCLASS		0x00400000 /* receive traffic class value */
 +#define	IN6P_AUTOFLOWLABEL	0x00800000 /* attach flowlabel automatically */
 +#define	INP_TIMEWAIT		0x01000000 /* in TIMEWAIT, ppcb is tcptw */
 +#define	INP_ONESBCAST		0x02000000 /* send all-ones broadcast */
 +#define	INP_DROPPED		0x04000000 /* protocol drop flag */
 +#define	INP_SOCKREF		0x08000000 /* strong socket reference */
  #define	IN6P_RFC2292		0x40000000 /* used RFC2292 API on the socket */
  #define	IN6P_MTU		0x80000000 /* receive path MTU */
  
 @@ -457,8 +457,6 @@ void 	inp_4tuple_get(struct inpcb *inp, 
  				 IN6P_DSTOPTS|IN6P_RTHDR|IN6P_RTHDRDSTOPTS|\
  				 IN6P_TCLASS|IN6P_AUTOFLOWLABEL|IN6P_RFC2292|\
  				 IN6P_MTU)
 -#define	INP_UNMAPPABLEOPTS	(IN6P_HOPOPTS|IN6P_DSTOPTS|IN6P_RTHDR|\
 -				 IN6P_TCLASS|IN6P_AUTOFLOWLABEL)
  
   /* for KAME src sync over BSD*'s */
  #define	IN6P_HIGHPORT		INP_HIGHPORT
 
 Modified: stable/7/sys/netinet/tcp_input.c
 ==============================================================================
 --- stable/7/sys/netinet/tcp_input.c	Thu Mar 26 21:29:38 2009	(r190456)
 +++ stable/7/sys/netinet/tcp_input.c	Thu Mar 26 22:54:19 2009	(r190457)
 @@ -511,7 +511,7 @@ findpcb:
  	 * was a legitimate new connection attempt the old INPCB gets
  	 * removed and we can try again to find a listening socket.
  	 */
 -	if (inp->inp_vflag & INP_TIMEWAIT) {
 +	if (inp->inp_flags & INP_TIMEWAIT) {
  		if (thflags & TH_SYN)
  			tcp_dooptions(&to, optp, optlen, TO_SYN);
  		/*
 
 Modified: stable/7/sys/netinet/tcp_subr.c
 ==============================================================================
 --- stable/7/sys/netinet/tcp_subr.c	Thu Mar 26 21:29:38 2009	(r190456)
 +++ stable/7/sys/netinet/tcp_subr.c	Thu Mar 26 22:54:19 2009	(r190457)
 @@ -781,10 +781,10 @@ tcp_close(struct tcpcb *tp)
  	KASSERT(inp->inp_socket != NULL, ("tcp_close: inp_socket NULL"));
  	so = inp->inp_socket;
  	soisdisconnected(so);
 -	if (inp->inp_vflag & INP_SOCKREF) {
 +	if (inp->inp_flags & INP_SOCKREF) {
  		KASSERT(so->so_state & SS_PROTOREF,
  		    ("tcp_close: !SS_PROTOREF"));
 -		inp->inp_vflag &= ~INP_SOCKREF;
 +		inp->inp_flags &= ~INP_SOCKREF;
  		INP_WUNLOCK(inp);
  		ACCEPT_LOCK();
  		SOCK_LOCK(so);
 @@ -814,7 +814,7 @@ tcp_drain(void)
  	 */
  		INP_INFO_RLOCK(&tcbinfo);
  		LIST_FOREACH(inpb, tcbinfo.ipi_listhead, inp_list) {
 -			if (inpb->inp_vflag & INP_TIMEWAIT)
 +			if (inpb->inp_flags & INP_TIMEWAIT)
  				continue;
  			INP_WLOCK(inpb);
  			if ((tcpb = intotcpcb(inpb)) != NULL) {
 @@ -850,8 +850,8 @@ tcp_notify(struct inpcb *inp, int error)
  	INP_INFO_WLOCK_ASSERT(&tcbinfo);
  	INP_WLOCK_ASSERT(inp);
  
 -	if ((inp->inp_vflag & INP_TIMEWAIT) ||
 -	    (inp->inp_vflag & INP_DROPPED))
 +	if ((inp->inp_flags & INP_TIMEWAIT) ||
 +	    (inp->inp_flags & INP_DROPPED))
  		return (inp);
  
  	tp = intotcpcb(inp);
 @@ -950,7 +950,7 @@ tcp_pcblist(SYSCTL_HANDLER_ARGS)
  			 * TCP state changes, is not quite right, but for
  			 * now, better than nothing.
  			 */
 -			if (inp->inp_vflag & INP_TIMEWAIT) {
 +			if (inp->inp_flags & INP_TIMEWAIT) {
  				if (intotw(inp) != NULL)
  					error = cr_cansee(req->td->td_ucred,
  					    intotw(inp)->tw_cred);
 @@ -981,7 +981,7 @@ tcp_pcblist(SYSCTL_HANDLER_ARGS)
  			inp_ppcb = inp->inp_ppcb;
  			if (inp_ppcb == NULL)
  				bzero((char *) &xt.xt_tp, sizeof xt.xt_tp);
 -			else if (inp->inp_vflag & INP_TIMEWAIT) {
 +			else if (inp->inp_flags & INP_TIMEWAIT) {
  				bzero((char *) &xt.xt_tp, sizeof xt.xt_tp);
  				xt.xt_tp.t_state = TCPS_TIME_WAIT;
  			} else
 @@ -1176,8 +1176,8 @@ tcp_ctlinput(int cmd, struct sockaddr *s
  		    ip->ip_src, th->th_sport, 0, NULL);
  		if (inp != NULL)  {
  			INP_WLOCK(inp);
 -			if (!(inp->inp_vflag & INP_TIMEWAIT) &&
 -			    !(inp->inp_vflag & INP_DROPPED) &&
 +			if (!(inp->inp_flags & INP_TIMEWAIT) &&
 +			    !(inp->inp_flags & INP_DROPPED) &&
  			    !(inp->inp_socket == NULL)) {
  				icmp_tcp_seq = htonl(th->th_seq);
  				tp = intotcpcb(inp);
 @@ -1448,8 +1448,8 @@ tcp_drop_syn_sent(struct inpcb *inp, int
  	INP_INFO_WLOCK_ASSERT(&tcbinfo);
  	INP_WLOCK_ASSERT(inp);
  
 -	if ((inp->inp_vflag & INP_TIMEWAIT) ||
 -	    (inp->inp_vflag & INP_DROPPED))
 +	if ((inp->inp_flags & INP_TIMEWAIT) ||
 +	    (inp->inp_flags & INP_DROPPED))
  		return (inp);
  
  	tp = intotcpcb(inp);
 @@ -1482,8 +1482,8 @@ tcp_mtudisc(struct inpcb *inp, int errno
  #endif /* INET6 */
  
  	INP_WLOCK_ASSERT(inp);
 -	if ((inp->inp_vflag & INP_TIMEWAIT) ||
 -	    (inp->inp_vflag & INP_DROPPED))
 +	if ((inp->inp_flags & INP_TIMEWAIT) ||
 +	    (inp->inp_flags & INP_DROPPED))
  		return (inp);
  
  	tp = intotcpcb(inp);
 @@ -2108,7 +2108,7 @@ sysctl_drop(SYSCTL_HANDLER_ARGS)
  	}
  	if (inp != NULL) {
  		INP_WLOCK(inp);
 -		if (inp->inp_vflag & INP_TIMEWAIT) {
 +		if (inp->inp_flags & INP_TIMEWAIT) {
  			/*
  			 * XXXRW: There currently exists a state where an
  			 * inpcb is present, but its timewait state has been
 @@ -2120,7 +2120,7 @@ sysctl_drop(SYSCTL_HANDLER_ARGS)
  				tcp_twclose(tw, 0);
  			else
  				INP_WUNLOCK(inp);
 -		} else if (!(inp->inp_vflag & INP_DROPPED) &&
 +		} else if (!(inp->inp_flags & INP_DROPPED) &&
  			   !(inp->inp_socket->so_options & SO_ACCEPTCONN)) {
  			tp = intotcpcb(inp);
  			tp = tcp_drop(tp, ECONNABORTED);
 
 Modified: stable/7/sys/netinet/tcp_timer.c
 ==============================================================================
 --- stable/7/sys/netinet/tcp_timer.c	Thu Mar 26 21:29:38 2009	(r190456)
 +++ stable/7/sys/netinet/tcp_timer.c	Thu Mar 26 22:54:19 2009	(r190457)
 @@ -168,7 +168,7 @@ tcp_timer_delack(void *xtp)
  	}
  	INP_WLOCK(inp);
  	INP_INFO_RUNLOCK(&tcbinfo);
 -	if ((inp->inp_vflag & INP_DROPPED) || callout_pending(&tp->t_timers->tt_delack)
 +	if ((inp->inp_flags & INP_DROPPED) || callout_pending(&tp->t_timers->tt_delack)
  	    || !callout_active(&tp->t_timers->tt_delack)) {
  		INP_WUNLOCK(inp);
  		return;
 @@ -210,7 +210,7 @@ tcp_timer_2msl(void *xtp)
  	}
  	INP_WLOCK(inp);
  	tcp_free_sackholes(tp);
 -	if ((inp->inp_vflag & INP_DROPPED) || callout_pending(&tp->t_timers->tt_2msl) ||
 +	if ((inp->inp_flags & INP_DROPPED) || callout_pending(&tp->t_timers->tt_2msl) ||
  	    !callout_active(&tp->t_timers->tt_2msl)) {
  		INP_WUNLOCK(tp->t_inpcb);
  		INP_INFO_WUNLOCK(&tcbinfo);
 @@ -277,7 +277,7 @@ tcp_timer_keep(void *xtp)
  		return;
  	}
  	INP_WLOCK(inp);
 -	if ((inp->inp_vflag & INP_DROPPED) || callout_pending(&tp->t_timers->tt_keep)
 +	if ((inp->inp_flags & INP_DROPPED) || callout_pending(&tp->t_timers->tt_keep)
  	    || !callout_active(&tp->t_timers->tt_keep)) {
  		INP_WUNLOCK(inp);
  		INP_INFO_WUNLOCK(&tcbinfo);
 @@ -367,7 +367,7 @@ tcp_timer_persist(void *xtp)
  		return;
  	}
  	INP_WLOCK(inp);
 -	if ((inp->inp_vflag & INP_DROPPED) || callout_pending(&tp->t_timers->tt_persist)
 +	if ((inp->inp_flags & INP_DROPPED) || callout_pending(&tp->t_timers->tt_persist)
  	    || !callout_active(&tp->t_timers->tt_persist)) {
  		INP_WUNLOCK(inp);
  		INP_INFO_WUNLOCK(&tcbinfo);
 @@ -436,7 +436,7 @@ tcp_timer_rexmt(void * xtp)
  		return;
  	}
  	INP_WLOCK(inp);
 -	if ((inp->inp_vflag & INP_DROPPED) || callout_pending(&tp->t_timers->tt_rexmt)
 +	if ((inp->inp_flags & INP_DROPPED) || callout_pending(&tp->t_timers->tt_rexmt)
  	    || !callout_active(&tp->t_timers->tt_rexmt)) {
  		INP_WUNLOCK(inp);
  		INP_INFO_WUNLOCK(&tcbinfo);
 
 Modified: stable/7/sys/netinet/tcp_timewait.c
 ==============================================================================
 --- stable/7/sys/netinet/tcp_timewait.c	Thu Mar 26 21:29:38 2009	(r190456)
 +++ stable/7/sys/netinet/tcp_timewait.c	Thu Mar 26 22:54:19 2009	(r190457)
 @@ -256,17 +256,17 @@ tcp_twstart(struct tcpcb *tp)
  	if (acknow)
  		tcp_twrespond(tw, TH_ACK);
  	inp->inp_ppcb = tw;
 -	inp->inp_vflag |= INP_TIMEWAIT;
 +	inp->inp_flags |= INP_TIMEWAIT;
  	tcp_tw_2msl_reset(tw, 0);
  
  	/*
  	 * If the inpcb owns the sole reference to the socket, then we can
  	 * detach and free the socket as it is not needed in time wait.
  	 */
 -	if (inp->inp_vflag & INP_SOCKREF) {
 +	if (inp->inp_flags & INP_SOCKREF) {
  		KASSERT(so->so_state & SS_PROTOREF,
  		    ("tcp_twstart: !SS_PROTOREF"));
 -		inp->inp_vflag &= ~INP_SOCKREF;
 +		inp->inp_flags &= ~INP_SOCKREF;
  		INP_WUNLOCK(inp);
  		ACCEPT_LOCK();
  		SOCK_LOCK(so);
 @@ -466,7 +466,7 @@ tcp_twclose(struct tcptw *tw, int reuse)
  	 *     notify the socket layer.
  	 */
  	inp = tw->tw_inpcb;
 -	KASSERT((inp->inp_vflag & INP_TIMEWAIT), ("tcp_twclose: !timewait"));
 +	KASSERT((inp->inp_flags & INP_TIMEWAIT), ("tcp_twclose: !timewait"));
  	KASSERT(intotw(inp) == tw, ("tcp_twclose: inp_ppcb != tw"));
  	INP_INFO_WLOCK_ASSERT(&tcbinfo);	/* tcp_tw_2msl_stop(). */
  	INP_WLOCK_ASSERT(inp);
 @@ -484,8 +484,8 @@ tcp_twclose(struct tcptw *tw, int reuse)
  		 * in which case another reference exists (XXXRW: think
  		 * about this more), and we don't need to take action.
  		 */
 -		if (inp->inp_vflag & INP_SOCKREF) {
 -			inp->inp_vflag &= ~INP_SOCKREF;
 +		if (inp->inp_flags & INP_SOCKREF) {
 +			inp->inp_flags &= ~INP_SOCKREF;
  			INP_WUNLOCK(inp);
  			ACCEPT_LOCK();
  			SOCK_LOCK(so);
 
 Modified: stable/7/sys/netinet/tcp_usrreq.c
 ==============================================================================
 --- stable/7/sys/netinet/tcp_usrreq.c	Thu Mar 26 21:29:38 2009	(r190456)
 +++ stable/7/sys/netinet/tcp_usrreq.c	Thu Mar 26 22:54:19 2009	(r190457)
 @@ -164,7 +164,7 @@ tcp_detach(struct socket *so, struct inp
  
  	tp = intotcpcb(inp);
  
 -	if (inp->inp_vflag & INP_TIMEWAIT) {
 +	if (inp->inp_flags & INP_TIMEWAIT) {
  		/*
  		 * There are two cases to handle: one in which the time wait
  		 * state is being discarded (INP_DROPPED), and one in which
 @@ -177,7 +177,7 @@ tcp_detach(struct socket *so, struct inp
  		 *
  		 * XXXRW: Would it be cleaner to free the tcptw here?
  		 */
 -		if (inp->inp_vflag & INP_DROPPED) {
 +		if (inp->inp_flags & INP_DROPPED) {
  			KASSERT(tp == NULL, ("tcp_detach: INP_TIMEWAIT && "
  			    "INP_DROPPED && tp != NULL"));
  			in_pcbdetach(inp);
 @@ -196,7 +196,7 @@ tcp_detach(struct socket *so, struct inp
  		 *
  		 * XXXRW: Does the second case still occur?
  		 */
 -		if (inp->inp_vflag & INP_DROPPED ||
 +		if (inp->inp_flags & INP_DROPPED ||
  		    tp->t_state < TCPS_SYN_SENT) {
  			tcp_discardcb(tp);
  			in_pcbdetach(inp);
 @@ -255,7 +255,7 @@ tcp_usr_bind(struct socket *so, struct s
  	inp = sotoinpcb(so);
  	KASSERT(inp != NULL, ("tcp_usr_bind: inp == NULL"));
  	INP_WLOCK(inp);
 -	if (inp->inp_vflag & (INP_TIMEWAIT | INP_DROPPED)) {
 +	if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {
  		error = EINVAL;
  		goto out;
  	}
 @@ -295,7 +295,7 @@ tcp6_usr_bind(struct socket *so, struct 
  	inp = sotoinpcb(so);
  	KASSERT(inp != NULL, ("tcp6_usr_bind: inp == NULL"));
  	INP_WLOCK(inp);
 -	if (inp->inp_vflag & (INP_TIMEWAIT | INP_DROPPED)) {
 +	if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {
  		error = EINVAL;
  		goto out;
  	}
 @@ -341,7 +341,7 @@ tcp_usr_listen(struct socket *so, int ba
  	inp = sotoinpcb(so);
  	KASSERT(inp != NULL, ("tcp_usr_listen: inp == NULL"));
  	INP_WLOCK(inp);
 -	if (inp->inp_vflag & (INP_TIMEWAIT | INP_DROPPED)) {
 +	if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {
  		error = EINVAL;
  		goto out;
  	}
 @@ -378,7 +378,7 @@ tcp6_usr_listen(struct socket *so, int b
  	inp = sotoinpcb(so);
  	KASSERT(inp != NULL, ("tcp6_usr_listen: inp == NULL"));
  	INP_WLOCK(inp);
 -	if (inp->inp_vflag & (INP_TIMEWAIT | INP_DROPPED)) {
 +	if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {
  		error = EINVAL;
  		goto out;
  	}
 @@ -438,7 +438,7 @@ tcp_usr_connect(struct socket *so, struc
  	inp = sotoinpcb(so);
  	KASSERT(inp != NULL, ("tcp_usr_connect: inp == NULL"));
  	INP_WLOCK(inp);
 -	if (inp->inp_vflag & (INP_TIMEWAIT | INP_DROPPED)) {
 +	if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {
  		error = EINVAL;
  		goto out;
  	}
 @@ -479,7 +479,7 @@ tcp6_usr_connect(struct socket *so, stru
  	inp = sotoinpcb(so);
  	KASSERT(inp != NULL, ("tcp6_usr_connect: inp == NULL"));
  	INP_WLOCK(inp);
 -	if (inp->inp_vflag & (INP_TIMEWAIT | INP_DROPPED)) {
 +	if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {
  		error = EINVAL;
  		goto out;
  	}
 @@ -544,7 +544,7 @@ tcp_usr_disconnect(struct socket *so)
  	inp = sotoinpcb(so);
  	KASSERT(inp != NULL, ("tcp_usr_disconnect: inp == NULL"));
  	INP_WLOCK(inp);
 -	if (inp->inp_vflag & (INP_TIMEWAIT | INP_DROPPED)) {
 +	if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {
  		error = ECONNRESET;
  		goto out;
  	}
 @@ -580,7 +580,7 @@ tcp_usr_accept(struct socket *so, struct
  	KASSERT(inp != NULL, ("tcp_usr_accept: inp == NULL"));
  	INP_INFO_RLOCK(&tcbinfo);
  	INP_WLOCK(inp);
 -	if (inp->inp_vflag & (INP_TIMEWAIT | INP_DROPPED)) {
 +	if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {
  		error = ECONNABORTED;
  		goto out;
  	}
 @@ -623,7 +623,7 @@ tcp6_usr_accept(struct socket *so, struc
  	inp = sotoinpcb(so);
  	KASSERT(inp != NULL, ("tcp6_usr_accept: inp == NULL"));
  	INP_WLOCK(inp);
 -	if (inp->inp_vflag & (INP_TIMEWAIT | INP_DROPPED)) {
 +	if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {
  		error = ECONNABORTED;
  		goto out;
  	}
 @@ -672,7 +672,7 @@ tcp_usr_shutdown(struct socket *so)
  	inp = sotoinpcb(so);
  	KASSERT(inp != NULL, ("inp == NULL"));
  	INP_WLOCK(inp);
 -	if (inp->inp_vflag & (INP_TIMEWAIT | INP_DROPPED)) {
 +	if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {
  		error = ECONNRESET;
  		goto out;
  	}
 @@ -680,7 +680,7 @@ tcp_usr_shutdown(struct socket *so)
  	TCPDEBUG1();
  	socantsendmore(so);
  	tcp_usrclosed(tp);
 -	if (!(inp->inp_vflag & INP_DROPPED))
 +	if (!(inp->inp_flags & INP_DROPPED))
  		error = tcp_output_disconnect(tp);
  
  out:
 @@ -705,7 +705,7 @@ tcp_usr_rcvd(struct socket *so, int flag
  	inp = sotoinpcb(so);
  	KASSERT(inp != NULL, ("tcp_usr_rcvd: inp == NULL"));
  	INP_WLOCK(inp);
 -	if (inp->inp_vflag & (INP_TIMEWAIT | INP_DROPPED)) {
 +	if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {
  		error = ECONNRESET;
  		goto out;
  	}
 @@ -755,7 +755,7 @@ tcp_usr_send(struct socket *so, int flag
  	inp = sotoinpcb(so);
  	KASSERT(inp != NULL, ("tcp_usr_send: inp == NULL"));
  	INP_WLOCK(inp);
 -	if (inp->inp_vflag & (INP_TIMEWAIT | INP_DROPPED)) {
 +	if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {
  		if (control)
  			m_freem(control);
  		if (m)
 @@ -813,7 +813,7 @@ tcp_usr_send(struct socket *so, int flag
  			INP_INFO_WUNLOCK(&tcbinfo);
  			headlocked = 0;
  		}
 -		if (!(inp->inp_vflag & INP_DROPPED)) {
 +		if (!(inp->inp_flags & INP_DROPPED)) {
  			if (flags & PRUS_MORETOCOME)
  				tp->t_flags |= TF_MORETOCOME;
  			error = tcp_output_send(tp);
 @@ -900,18 +900,18 @@ tcp_usr_abort(struct socket *so)
  	/*
  	 * If we still have full TCP state, and we're not dropped, drop.
  	 */
 -	if (!(inp->inp_vflag & INP_TIMEWAIT) &&
 -	    !(inp->inp_vflag & INP_DROPPED)) {
 +	if (!(inp->inp_flags & INP_TIMEWAIT) &&
 +	    !(inp->inp_flags & INP_DROPPED)) {
  		tp = intotcpcb(inp);
  		TCPDEBUG1();
  		tcp_drop(tp, ECONNABORTED);
  		TCPDEBUG2(PRU_ABORT);
  	}
 -	if (!(inp->inp_vflag & INP_DROPPED)) {
 +	if (!(inp->inp_flags & INP_DROPPED)) {
  		SOCK_LOCK(so);
  		so->so_state |= SS_PROTOREF;
  		SOCK_UNLOCK(so);
 -		inp->inp_vflag |= INP_SOCKREF;
 +		inp->inp_flags |= INP_SOCKREF;
  	}
  	INP_WUNLOCK(inp);
  	INP_INFO_WUNLOCK(&tcbinfo);
 @@ -939,18 +939,18 @@ tcp_usr_close(struct socket *so)
  	 * If we still have full TCP state, and we're not dropped, initiate
  	 * a disconnect.
  	 */
 -	if (!(inp->inp_vflag & INP_TIMEWAIT) &&
 -	    !(inp->inp_vflag & INP_DROPPED)) {
 +	if (!(inp->inp_flags & INP_TIMEWAIT) &&
 +	    !(inp->inp_flags & INP_DROPPED)) {
  		tp = intotcpcb(inp);
  		TCPDEBUG1();
  		tcp_disconnect(tp);
  		TCPDEBUG2(PRU_CLOSE);
  	}
 -	if (!(inp->inp_vflag & INP_DROPPED)) {
 +	if (!(inp->inp_flags & INP_DROPPED)) {
  		SOCK_LOCK(so);
  		so->so_state |= SS_PROTOREF;
  		SOCK_UNLOCK(so);
 -		inp->inp_vflag |= INP_SOCKREF;
 +		inp->inp_flags |= INP_SOCKREF;
  	}
  	INP_WUNLOCK(inp);
  	INP_INFO_WUNLOCK(&tcbinfo);
 @@ -970,7 +970,7 @@ tcp_usr_rcvoob(struct socket *so, struct
  	inp = sotoinpcb(so);
  	KASSERT(inp != NULL, ("tcp_usr_rcvoob: inp == NULL"));
  	INP_WLOCK(inp);
 -	if (inp->inp_vflag & (INP_TIMEWAIT | INP_DROPPED)) {
 +	if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {
  		error = ECONNRESET;
  		goto out;
  	}
 @@ -1221,7 +1221,7 @@ tcp_fill_info(struct tcpcb *tp, struct t
   */
  #define INP_WLOCK_RECHECK(inp) do {					\
  	INP_WLOCK(inp);							\
 -	if (inp->inp_vflag & (INP_TIMEWAIT | INP_DROPPED)) {		\
 +	if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {		\
  		INP_WUNLOCK(inp);					\
  		return (ECONNRESET);					\
  	}								\
 @@ -1254,7 +1254,7 @@ tcp_ctloutput(struct socket *so, struct 
  #endif
  		return (error);
  	}
 -	if (inp->inp_vflag & (INP_TIMEWAIT | INP_DROPPED)) {
 +	if (inp->inp_flags & (INP_TIMEWAIT | INP_DROPPED)) {
  		INP_WUNLOCK(inp);
  		return (ECONNRESET);
  	}
 @@ -1490,7 +1490,7 @@ tcp_disconnect(struct tcpcb *tp)
  		soisdisconnecting(so);
  		sbflush(&so->so_rcv);
  		tcp_usrclosed(tp);
 -		if (!(inp->inp_vflag & INP_DROPPED))
 +		if (!(inp->inp_flags & INP_DROPPED))
  			tcp_output_disconnect(tp);
  	}
  }
 
 Modified: stable/7/sys/netinet6/in6_pcb.c
 ==============================================================================
 --- stable/7/sys/netinet6/in6_pcb.c	Thu Mar 26 21:29:38 2009	(r190456)
 +++ stable/7/sys/netinet6/in6_pcb.c	Thu Mar 26 22:54:19 2009	(r190457)
 @@ -191,7 +191,7 @@ in6_pcbbind(register struct inpcb *inp, 
  				    &sin6->sin6_addr, lport,
  				    INPLOOKUP_WILDCARD, cred);
  				if (t &&
 -				    ((t->inp_vflag & INP_TIMEWAIT) == 0) &&
 +				    ((t->inp_flags & INP_TIMEWAIT) == 0) &&
  				    (so->so_type != SOCK_STREAM ||
  				     IN6_IS_ADDR_UNSPECIFIED(&t->in6p_faddr)) &&
  				    (!IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr) ||
 @@ -209,7 +209,7 @@ in6_pcbbind(register struct inpcb *inp, 
  					    sin.sin_addr, lport,
  					    INPLOOKUP_WILDCARD, cred);
  					if (t &&
 -					    ((t->inp_vflag &
 +					    ((t->inp_flags &
  					      INP_TIMEWAIT) == 0) &&
  					    (so->so_type != SOCK_STREAM ||
  					     ntohl(t->inp_faddr.s_addr) ==
 @@ -221,7 +221,7 @@ in6_pcbbind(register struct inpcb *inp, 
  			}
  			t = in6_pcblookup_local(pcbinfo, &sin6->sin6_addr,
  			    lport, wild, cred);
 -			if (t && (reuseport & ((t->inp_vflag & INP_TIMEWAIT) ?
 +			if (t && (reuseport & ((t->inp_flags & INP_TIMEWAIT) ?
  			    intotw(t)->tw_so_options :
  			    t->inp_socket->so_options)) == 0)
  				return (EADDRINUSE);
 @@ -232,7 +232,7 @@ in6_pcbbind(register struct inpcb *inp, 
  				in6_sin6_2_sin(&sin, sin6);
  				t = in_pcblookup_local(pcbinfo, sin.sin_addr,
  				    lport, wild, cred);
 -				if (t && t->inp_vflag & INP_TIMEWAIT) {
 +				if (t && t->inp_flags & INP_TIMEWAIT) {
  					if ((reuseport &
  					    intotw(t)->tw_so_options) == 0 &&
  					    (ntohl(t->inp_laddr.s_addr) !=
 
 Modified: stable/7/usr.bin/netstat/inet.c
 ==============================================================================
 --- stable/7/usr.bin/netstat/inet.c	Thu Mar 26 21:29:38 2009	(r190456)
 +++ stable/7/usr.bin/netstat/inet.c	Thu Mar 26 22:54:19 2009	(r190457)
 @@ -255,7 +255,7 @@ pcblist_kvm(u_long off, char **bufp, int
  		if (istcp) {
  			if (inp->inp_ppcb == NULL)
  				bzero(&xt.xt_tp, sizeof xt.xt_tp);
 -			else if (inp->inp_vflag & INP_TIMEWAIT) {
 +			else if (inp->inp_flags & INP_TIMEWAIT) {
  				bzero(&xt.xt_tp, sizeof xt.xt_tp);
  				xt.xt_tp.t_state = TCPS_TIME_WAIT;
  			} else
 
 Modified: stable/7/usr.bin/sockstat/sockstat.c
 ==============================================================================
 --- stable/7/usr.bin/sockstat/sockstat.c	Thu Mar 26 21:29:38 2009	(r190456)
 +++ stable/7/usr.bin/sockstat/sockstat.c	Thu Mar 26 22:54:19 2009	(r190457)
 @@ -343,8 +343,8 @@ gather_inet(int proto)
  			    (inp->inp_fport != 0 && !opt_c))
  				continue;
  		} else if (inp->inp_vflag & INP_IPV6) {
 -			if ((inp->in6p_fport == 0 && !opt_l) ||
 -			    (inp->in6p_fport != 0 && !opt_c))
 +			if ((inp->inp_fport == 0 && !opt_l) ||
 +			    (inp->inp_fport != 0 && !opt_c))
  				continue;
  		} else {
  			if (opt_v)
 @@ -364,9 +364,9 @@ gather_inet(int proto)
  		} else if (inp->inp_vflag & INP_IPV6) {
  			sock->family = AF_INET6;
  			sockaddr(&sock->laddr, sock->family,
 -			    &inp->in6p_laddr, inp->in6p_lport);
 +			    &inp->in6p_laddr, inp->inp_lport);
  			sockaddr(&sock->faddr, sock->family,
 -			    &inp->in6p_faddr, inp->in6p_fport);
 +			    &inp->in6p_faddr, inp->inp_fport);
  		}
  		sock->vflag = inp->inp_vflag;
  		sock->protoname = protoname;
 
 Modified: stable/7/usr.bin/systat/netstat.c
 ==============================================================================
 --- stable/7/usr.bin/systat/netstat.c	Thu Mar 26 21:29:38 2009	(r190456)
 +++ stable/7/usr.bin/systat/netstat.c	Thu Mar 26 22:54:19 2009	(r190457)
 @@ -223,7 +223,7 @@ again:
  		if (nports && !checkport(&inpcb))
  			continue;
  		if (istcp) {
 -			if (inpcb.inp_vflag & INP_TIMEWAIT) {
 +			if (inpcb.inp_flags & INP_TIMEWAIT) {
  				bzero(&sockb, sizeof(sockb));
  				enter_kvm(&inpcb, &sockb, TCPS_TIME_WAIT,
  					 "tcp");
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: patched->closed 
State-Changed-By: rwatson 
State-Changed-When: Thu Mar 26 23:14:20 UTC 2009 
State-Changed-Why:  
Close as this is now believed fixed; the fix should appear in FreeBSD 
7.2.  if you experience further problems, please follow up on the PR 
and I will investigate.  Thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=124282 
>Unformatted:
