diff options
author | Andrey V. Elsukov <ae@FreeBSD.org> | 2020-06-03 13:02:31 +0000 |
---|---|---|
committer | Andrey V. Elsukov <ae@FreeBSD.org> | 2020-06-03 13:02:31 +0000 |
commit | dd4490fdab598b56c40619e1bbb51b2da4420518 (patch) | |
tree | 47920abadf4288ebffb4fb58e422cebd3241cb4c /sys/net/if_ipsec.c | |
parent | 693d10a29176e9128d5d09bbd74c9205addc091b (diff) | |
download | src-dd4490fdab598b56c40619e1bbb51b2da4420518.tar.gz src-dd4490fdab598b56c40619e1bbb51b2da4420518.zip |
Add if_reassing method to all tunneling interfaces.
After r339550 tunneling interfaces have started handle appearing and
disappearing of ingress IP address on the host system.
When such interfaces are moving into VNET jail, they lose ability to
properly handle ifaddr_event_ext event. And this leads to need to
reconfigure tunnel to make it working again.
Since moving an interface into VNET jail leads to removing of all IP
addresses, it looks consistent, that tunnel configuration should also
be cleared. This is what will do if_reassing method.
Reported by: John W. O'Brien <john saltant com>
MFC after: 1 week
Notes
Notes:
svn path=/head/; revision=361749
Diffstat (limited to 'sys/net/if_ipsec.c')
-rw-r--r-- | sys/net/if_ipsec.c | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/sys/net/if_ipsec.c b/sys/net/if_ipsec.c index 737d840bbac7..d863b26eaff9 100644 --- a/sys/net/if_ipsec.c +++ b/sys/net/if_ipsec.c @@ -170,6 +170,9 @@ static int ipsec_set_addresses(struct ifnet *, struct sockaddr *, static int ipsec_set_reqid(struct ipsec_softc *, uint32_t); static void ipsec_set_running(struct ipsec_softc *); +#ifdef VIMAGE +static void ipsec_reassign(struct ifnet *, struct vnet *, char *); +#endif static void ipsec_srcaddr(void *, const struct sockaddr *, int); static int ipsec_ioctl(struct ifnet *, u_long, caddr_t); static int ipsec_transmit(struct ifnet *, struct mbuf *); @@ -201,12 +204,30 @@ ipsec_clone_create(struct if_clone *ifc, int unit, caddr_t params) ifp->if_transmit = ipsec_transmit; ifp->if_qflush = ipsec_qflush; ifp->if_output = ipsec_output; +#ifdef VIMAGE + ifp->if_reassign = ipsec_reassign; +#endif if_attach(ifp); bpfattach(ifp, DLT_NULL, sizeof(uint32_t)); return (0); } +#ifdef VIMAGE +static void +ipsec_reassign(struct ifnet *ifp, struct vnet *new_vnet __unused, + char *unused __unused) +{ + struct ipsec_softc *sc; + + sx_xlock(&ipsec_ioctl_sx); + sc = ifp->if_softc; + if (sc != NULL) + ipsec_delete_tunnel(sc); + sx_xunlock(&ipsec_ioctl_sx); +} +#endif /* VIMAGE */ + static void ipsec_clone_destroy(struct ifnet *ifp) { |