re: kern/43541: Unaligned access in pf_normalize_tcpopt()

To: matthew green <mrg%eterna.com.au@localhost>
Subject: re: kern/43541: Unaligned access in pf_normalize_tcpopt()
From: Hisashi T Fujinaka <htodd%twofifty.com@localhost>
Date: Mon, 28 Jun 2010 16:01:12 -0700 (PDT)

I've switched to a sparc64 system and had a hard time causing the hang,
so I think I better ask for this to be closed. I still have the old
system, but I'm not sure how I'd trigger this.

Thanks.

On Tue, 29 Jun 2010, matthew green wrote:


i wonder if this is the same problem as reported in:

 port-sparc/40629: kernel panic under high network load using pf (and ipv6)

hisashi, can you try the patch in this PR for your problem?
(included below again.)


.mrg.


Index: sys/dist/pf/net/pf_norm.c
===================================================================
--- sys/dist/pf/net/pf_norm.c
+++ sys/dist/pf/net/pf_norm.c   (working copy)
@@ -1878,7 +1878,7 @@
pf_normalize_tcpopt(struct pf_rule *r, struct mbuf *m, struct tcphdr *th,
    int off)
{
-       u_int16_t       *mss;
+       u_int16_t        mss;
        int              thoff;
        int              opt, cnt, optlen = 0;
        int              rewrite = 0;
@@ -1903,11 +1903,12 @@
                }
                switch (opt) {
                case TCPOPT_MAXSEG:
-                       mss = (u_int16_t *)(optp + 2);
-                       if ((ntohs(*mss)) > r->max_mss) {
+                       mss = (optp[2] << 8) | optp[3];
+                       if (mss > r->max_mss) {
                                th->th_sum = pf_cksum_fixup(th->th_sum,
-                                   *mss, htons(r->max_mss), 0);
-                               *mss = htons(r->max_mss);
+                                   htons(mss), htons(r->max_mss), 0);
+                               optp[2] = (u_char)(r->max_mss >> 8) & 0xff;
+                               optp[3] = (u_char)(r->max_mss) & 0xff;
                                rewrite = 1;
                        }
                        break;


--
Hisashi T Fujinaka - htodd%twofifty.com@localhost
BSEE(6/86) + BSChem(3/95) + BAEnglish(8/95) + MSCS(8/03) + $2.50 = latte

References:
- re: kern/43541: Unaligned access in pf_normalize_tcpopt()
  - From: matthew green

Prev by Date: Re: kern/36958 (the system panics when an active union mount is unmounted)
Next by Date: re: kern/43541: Unaligned access in pf_normalize_tcpopt()
Previous by Thread: re: kern/43541: Unaligned access in pf_normalize_tcpopt()
Next by Thread: re: kern/43541: Unaligned access in pf_normalize_tcpopt()
Indexes:

Home | Main Index | Thread Index | Old Index