[src/trunk]: src/sys/net/npf NPF: set the connection flags atomically in the ...

[rmind <rmind%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/c8b938cc64be
branches:  trunk
changeset: 335002:c8b938cc64be
user:      rmind <rmind%NetBSD.org@localhost>
date:      Sat Dec 20 16:19:43 2014 +0000

description:
NPF: set the connection flags atomically in the post-creation logic and
fix a tiny race condition window.  Might fix PR/49488.

diffstat:

 sys/net/npf/npf_conn.c |  8 ++++----
 sys/net/npf/npf_conn.h |  4 ++--
 sys/net/npf/npf_nat.c  |  8 ++++----
 3 files changed, 10 insertions(+), 10 deletions(-)

diffs (83 lines):

diff -r 2a99265aa39f -r c8b938cc64be sys/net/npf/npf_conn.c
--- a/sys/net/npf/npf_conn.c    Sat Dec 20 13:16:04 2014 +0000
+++ b/sys/net/npf/npf_conn.c    Sat Dec 20 16:19:43 2014 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: npf_conn.c,v 1.13 2014/11/30 00:40:55 rmind Exp $      */
+/*     $NetBSD: npf_conn.c,v 1.14 2014/12/20 16:19:43 rmind Exp $      */
 
 /*-
  * Copyright (c) 2014 Mindaugas Rasiukevicius <rmind at netbsd org>
@@ -99,7 +99,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: npf_conn.c,v 1.13 2014/11/30 00:40:55 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_conn.c,v 1.14 2014/12/20 16:19:43 rmind Exp $");
 
 #include <sys/param.h>
 #include <sys/types.h>
@@ -660,7 +660,7 @@
         * If rproc is set, the caller transfers its reference to us,
         * which will be released on npf_conn_destroy().
         */
-       con->c_flags |= CONN_PASS;
+       atomic_or_uint(&con->c_flags, CONN_PASS);
        con->c_rproc = rp;
 }
 
@@ -673,7 +673,7 @@
 {
        if ((con->c_flags & (CONN_ACTIVE | CONN_EXPIRE)) == 0) {
                /* Activate: after this, connection is globally visible. */
-               con->c_flags |= CONN_ACTIVE;
+               atomic_or_uint(&con->c_flags, CONN_ACTIVE);
        }
        KASSERT(con->c_refcnt > 0);
        atomic_dec_uint(&con->c_refcnt);
diff -r 2a99265aa39f -r c8b938cc64be sys/net/npf/npf_conn.h
--- a/sys/net/npf/npf_conn.h    Sat Dec 20 13:16:04 2014 +0000
+++ b/sys/net/npf/npf_conn.h    Sat Dec 20 16:19:43 2014 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: npf_conn.h,v 1.7 2014/11/30 00:40:55 rmind Exp $       */
+/*     $NetBSD: npf_conn.h,v 1.8 2014/12/20 16:19:43 rmind Exp $       */
 
 /*-
  * Copyright (c) 2009-2014 The NetBSD Foundation, Inc.
@@ -47,7 +47,7 @@
 #include <sys/rbtree.h>
 
 /*
- * See npf_conn_key() function for the description key layout.
+ * See npf_conn_conkey() function for the key layout description.
  */
 #define        NPF_CONN_NKEYWORDS      (2 + ((sizeof(npf_addr_t) * 2) >> 2))
 #define        NPF_CONN_MAXKEYLEN      (NPF_CONN_NKEYWORDS * sizeof(uint32_t))
diff -r 2a99265aa39f -r c8b938cc64be sys/net/npf/npf_nat.c
--- a/sys/net/npf/npf_nat.c     Sat Dec 20 13:16:04 2014 +0000
+++ b/sys/net/npf/npf_nat.c     Sat Dec 20 16:19:43 2014 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: npf_nat.c,v 1.37 2014/11/30 01:37:53 rmind Exp $       */
+/*     $NetBSD: npf_nat.c,v 1.38 2014/12/20 16:19:43 rmind Exp $       */
 
 /*-
  * Copyright (c) 2014 Mindaugas Rasiukevicius <rmind at netbsd org>
@@ -71,7 +71,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: npf_nat.c,v 1.37 2014/11/30 01:37:53 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_nat.c,v 1.38 2014/12/20 16:19:43 rmind Exp $");
 
 #include <sys/param.h>
 #include <sys/types.h>
@@ -914,8 +914,8 @@
 
        np = nt->nt_natpolicy;
        memcpy(&ip, &np->n_taddr, sizeof(ip));
-       printf("\tNATP(%p): type %d flags 0x%x taddr %s tport %d\n",
-           np, np->n_type, np->n_flags, inet_ntoa(ip), np->n_tport);
+       printf("\tNATP(%p): type %d flags 0x%x taddr %s tport %d\n", np,
+           np->n_type, np->n_flags, inet_ntoa(ip), ntohs(np->n_tport));
        memcpy(&ip, &nt->nt_oaddr, sizeof(ip));
        printf("\tNAT: original address %s oport %d tport %d\n",
            inet_ntoa(ip), ntohs(nt->nt_oport), ntohs(nt->nt_tport));