Thu Apr 18 16:22:28 2024 UTC (21d)
Pull up following revision(s) (requested by knakahara in ticket #659):

	sys/netinet6/in6_ifattach.c: revision 1.122
	sys/netinet/sctp_asconf.c: revision 1.14
	sys/netinet6/nd6.c: revision 1.282

Fix invalid IPv6 route when ipsecif(4) is deleted tunnel.  Pointed out by ohishi@IIJ.
The pointed bug is fixed by modification in nd6_need_cache().
Others are similar bugs.


(martin)
diff -r1.12 -r1.12.28.1 src/sys/netinet/sctp_asconf.c
diff -r1.120 -r1.120.12.1 src/sys/netinet6/in6_ifattach.c
diff -r1.279.4.1 -r1.279.4.2 src/sys/netinet6/nd6.c
cvs diff -r1.12 -r1.12.28.1 src/sys/netinet/sctp_asconf.c (expand / switch to unified diff)

--- src/sys/netinet/sctp_asconf.c 2019/06/25 15:33:56 1.12
+++ src/sys/netinet/sctp_asconf.c 2024/04/18 16:22:28 1.12.28.1
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: sctp_asconf.c,v 1.12 2019/06/25 15:33:56 rjs Exp $ */ 1/* $NetBSD: sctp_asconf.c,v 1.12.28.1 2024/04/18 16:22:28 martin Exp $ */
2/* $KAME: sctp_asconf.c,v 1.25 2005/06/16 20:44:24 jinmei Exp $ */ 2/* $KAME: sctp_asconf.c,v 1.25 2005/06/16 20:44:24 jinmei Exp $ */
3 3
4/* 4/*
5 * Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc. 5 * Copyright (c) 2001, 2002, 2003, 2004 Cisco Systems, Inc.
6 * All rights reserved. 6 * All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
10 * are met: 10 * are met:
11 * 1. Redistributions of source code must retain the above copyright 11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer. 12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright 13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the 14 * notice, this list of conditions and the following disclaimer in the
@@ -20,27 +20,27 @@ @@ -20,27 +20,27 @@
20 * THIS SOFTWARE IS PROVIDED BY CISCO SYSTEMS AND CONTRIBUTORS ``AS IS'' AND 20 * THIS SOFTWARE IS PROVIDED BY CISCO SYSTEMS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL CISCO SYSTEMS OR CONTRIBUTORS BE LIABLE 23 * ARE DISCLAIMED. IN NO EVENT SHALL CISCO SYSTEMS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE. 30 * SUCH DAMAGE.
31 */ 31 */
32#include <sys/cdefs.h> 32#include <sys/cdefs.h>
33__KERNEL_RCSID(0, "$NetBSD: sctp_asconf.c,v 1.12 2019/06/25 15:33:56 rjs Exp $"); 33__KERNEL_RCSID(0, "$NetBSD: sctp_asconf.c,v 1.12.28.1 2024/04/18 16:22:28 martin Exp $");
34 34
35#ifdef _KERNEL_OPT 35#ifdef _KERNEL_OPT
36#include "opt_ipsec.h" 36#include "opt_ipsec.h"
37#include "opt_inet.h" 37#include "opt_inet.h"
38#include "opt_sctp.h" 38#include "opt_sctp.h"
39#endif /* _KERNEL_OPT */ 39#endif /* _KERNEL_OPT */
40 40
41#include <sys/param.h> 41#include <sys/param.h>
42#include <sys/systm.h> 42#include <sys/systm.h>
43#include <sys/malloc.h> 43#include <sys/malloc.h>
44#include <sys/mbuf.h> 44#include <sys/mbuf.h>
45#include <sys/socket.h> 45#include <sys/socket.h>
46#include <sys/socketvar.h> 46#include <sys/socketvar.h>
@@ -1530,26 +1530,27 @@ sctp_is_desired_interface_type(struct if @@ -1530,26 +1530,27 @@ sctp_is_desired_interface_type(struct if
1530 switch (ifa->ifa_ifp->if_type) { 1530 switch (ifa->ifa_ifp->if_type) {
1531 case IFT_ETHER: 1531 case IFT_ETHER:
1532 case IFT_ISO88023: 1532 case IFT_ISO88023:
1533 case IFT_ISO88025: 1533 case IFT_ISO88025:
1534 case IFT_STARLAN: 1534 case IFT_STARLAN:
1535 case IFT_P10: 1535 case IFT_P10:
1536 case IFT_P80: 1536 case IFT_P80:
1537 case IFT_HY: 1537 case IFT_HY:
1538 case IFT_FDDI: 1538 case IFT_FDDI:
1539 case IFT_PPP: 1539 case IFT_PPP:
1540 case IFT_XETHER: 1540 case IFT_XETHER:
1541 case IFT_SLIP: 1541 case IFT_SLIP:
1542 case IFT_GIF: 1542 case IFT_GIF:
 1543 case IFT_IPSEC:
1543 result = 1; 1544 result = 1;
1544 break; 1545 break;
1545 default: 1546 default:
1546#ifdef SCTP_DEBUG 1547#ifdef SCTP_DEBUG
1547 if (sctp_debug_on & SCTP_DEBUG_ASCONF1) { 1548 if (sctp_debug_on & SCTP_DEBUG_ASCONF1) {
1548 printf("ignoring interface type = %u\n", 1549 printf("ignoring interface type = %u\n",
1549 ifa->ifa_ifp->if_type); 1550 ifa->ifa_ifp->if_type);
1550 } 1551 }
1551#endif /* SCTP_DEBUG */ 1552#endif /* SCTP_DEBUG */
1552 result = 0; 1553 result = 0;
1553 } /* end switch */ 1554 } /* end switch */
1554 1555
1555 return (result); 1556 return (result);
cvs diff -r1.120 -r1.120.12.1 src/sys/netinet6/in6_ifattach.c (expand / switch to unified diff)

--- src/sys/netinet6/in6_ifattach.c 2021/05/17 04:07:43 1.120
+++ src/sys/netinet6/in6_ifattach.c 2024/04/18 16:22:28 1.120.12.1
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: in6_ifattach.c,v 1.120 2021/05/17 04:07:43 yamaguchi Exp $ */ 1/* $NetBSD: in6_ifattach.c,v 1.120.12.1 2024/04/18 16:22:28 martin Exp $ */
2/* $KAME: in6_ifattach.c,v 1.124 2001/07/18 08:32:51 jinmei Exp $ */ 2/* $KAME: in6_ifattach.c,v 1.124 2001/07/18 08:32:51 jinmei Exp $ */
3 3
4/* 4/*
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
6 * All rights reserved. 6 * All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
10 * are met: 10 * are met:
11 * 1. Redistributions of source code must retain the above copyright 11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer. 12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright 13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the 14 * notice, this list of conditions and the following disclaimer in the
@@ -21,27 +21,27 @@ @@ -21,27 +21,27 @@
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE. 30 * SUCH DAMAGE.
31 */ 31 */
32 32
33#include <sys/cdefs.h> 33#include <sys/cdefs.h>
34__KERNEL_RCSID(0, "$NetBSD: in6_ifattach.c,v 1.120 2021/05/17 04:07:43 yamaguchi Exp $"); 34__KERNEL_RCSID(0, "$NetBSD: in6_ifattach.c,v 1.120.12.1 2024/04/18 16:22:28 martin Exp $");
35 35
36#include <sys/param.h> 36#include <sys/param.h>
37#include <sys/systm.h> 37#include <sys/systm.h>
38#include <sys/kmem.h> 38#include <sys/kmem.h>
39#include <sys/socket.h> 39#include <sys/socket.h>
40#include <sys/sockio.h> 40#include <sys/sockio.h>
41#include <sys/kernel.h> 41#include <sys/kernel.h>
42#include <sys/syslog.h> 42#include <sys/syslog.h>
43#include <sys/md5.h> 43#include <sys/md5.h>
44#include <sys/socketvar.h> 44#include <sys/socketvar.h>
45#include <sys/cprng.h> 45#include <sys/cprng.h>
46 46
47#include <net/if.h> 47#include <net/if.h>
@@ -252,26 +252,27 @@ in6_get_hw_ifid(struct ifnet *ifp, struc @@ -252,26 +252,27 @@ in6_get_hw_ifid(struct ifnet *ifp, struc
252 return -1; 252 return -1;
253 253
254 memset(&in6->s6_addr[8], 0, 8); 254 memset(&in6->s6_addr[8], 0, 8);
255 in6->s6_addr[15] = addr[0]; 255 in6->s6_addr[15] = addr[0];
256 256
257 /* 257 /*
258 * due to insufficient bitwidth, we mark it local. 258 * due to insufficient bitwidth, we mark it local.
259 */ 259 */
260 in6->s6_addr[8] &= ~EUI64_GBIT; /* g bit to "individual" */ 260 in6->s6_addr[8] &= ~EUI64_GBIT; /* g bit to "individual" */
261 in6->s6_addr[8] |= EUI64_UBIT; /* u bit to "local" */ 261 in6->s6_addr[8] |= EUI64_UBIT; /* u bit to "local" */
262 break; 262 break;
263 263
264 case IFT_GIF: 264 case IFT_GIF:
 265 case IFT_IPSEC:
265#ifdef IFT_STF 266#ifdef IFT_STF
266 case IFT_STF: 267 case IFT_STF:
267#endif 268#endif
268 /* 269 /*
269 * RFC2893 says: "SHOULD use IPv4 address as ifid source". 270 * RFC2893 says: "SHOULD use IPv4 address as ifid source".
270 * however, IPv4 address is not very suitable as unique 271 * however, IPv4 address is not very suitable as unique
271 * identifier source (can be renumbered). 272 * identifier source (can be renumbered).
272 * we don't do this. 273 * we don't do this.
273 */ 274 */
274 return -1; 275 return -1;
275 276
276 default: 277 default:
277 return -1; 278 return -1;
cvs diff -r1.279.4.1 -r1.279.4.2 src/sys/netinet6/nd6.c (expand / switch to unified diff)

--- src/sys/netinet6/nd6.c 2023/12/10 13:06:16 1.279.4.1
+++ src/sys/netinet6/nd6.c 2024/04/18 16:22:28 1.279.4.2
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: nd6.c,v 1.279.4.1 2023/12/10 13:06:16 martin Exp $ */ 1/* $NetBSD: nd6.c,v 1.279.4.2 2024/04/18 16:22:28 martin Exp $ */
2/* $KAME: nd6.c,v 1.279 2002/06/08 11:16:51 itojun Exp $ */ 2/* $KAME: nd6.c,v 1.279 2002/06/08 11:16:51 itojun Exp $ */
3 3
4/* 4/*
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
6 * All rights reserved. 6 * All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
10 * are met: 10 * are met:
11 * 1. Redistributions of source code must retain the above copyright 11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer. 12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright 13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the 14 * notice, this list of conditions and the following disclaimer in the
@@ -21,27 +21,27 @@ @@ -21,27 +21,27 @@
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE. 30 * SUCH DAMAGE.
31 */ 31 */
32 32
33#include <sys/cdefs.h> 33#include <sys/cdefs.h>
34__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.279.4.1 2023/12/10 13:06:16 martin Exp $"); 34__KERNEL_RCSID(0, "$NetBSD: nd6.c,v 1.279.4.2 2024/04/18 16:22:28 martin Exp $");
35 35
36#ifdef _KERNEL_OPT 36#ifdef _KERNEL_OPT
37#include "opt_compat_netbsd.h" 37#include "opt_compat_netbsd.h"
38#include "opt_net_mpsafe.h" 38#include "opt_net_mpsafe.h"
39#endif 39#endif
40 40
41#include "bridge.h" 41#include "bridge.h"
42#include "carp.h" 42#include "carp.h"
43 43
44#include <sys/param.h> 44#include <sys/param.h>
45#include <sys/systm.h> 45#include <sys/systm.h>
46#include <sys/callout.h> 46#include <sys/callout.h>
47#include <sys/kmem.h> 47#include <sys/kmem.h>
@@ -1645,26 +1645,27 @@ nd6_need_cache(struct ifnet *ifp) @@ -1645,26 +1645,27 @@ nd6_need_cache(struct ifnet *ifp)
1645 /* 1645 /*
1646 * XXX: we currently do not make neighbor cache on any interface 1646 * XXX: we currently do not make neighbor cache on any interface
1647 * other than ARCnet, Ethernet, and GIF. 1647 * other than ARCnet, Ethernet, and GIF.
1648 * 1648 *
1649 * RFC2893 says: 1649 * RFC2893 says:
1650 * - unidirectional tunnels needs no ND 1650 * - unidirectional tunnels needs no ND
1651 */ 1651 */
1652 switch (ifp->if_type) { 1652 switch (ifp->if_type) {
1653 case IFT_ARCNET: 1653 case IFT_ARCNET:
1654 case IFT_ETHER: 1654 case IFT_ETHER:
1655 case IFT_IEEE1394: 1655 case IFT_IEEE1394:
1656 case IFT_CARP: 1656 case IFT_CARP:
1657 case IFT_GIF: /* XXX need more cases? */ 1657 case IFT_GIF: /* XXX need more cases? */
 1658 case IFT_IPSEC:
1658 case IFT_PPP: 1659 case IFT_PPP:
1659 case IFT_TUNNEL: 1660 case IFT_TUNNEL:
1660 return 1; 1661 return 1;
1661 default: 1662 default:
1662 return 0; 1663 return 0;
1663 } 1664 }
1664} 1665}
1665 1666
1666int 1667int
1667nd6_sysctl( 1668nd6_sysctl(
1668 int name, 1669 int name,
1669 void *oldp, /* syscall arg, need copyout */ 1670 void *oldp, /* syscall arg, need copyout */
1670 size_t *oldlenp, 1671 size_t *oldlenp,