X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/cc9f6e38162d3c1bf6ca97536c2477f476c8e01b..ff6e181ae92fc6f1e89841290f461d1f2f9badd9:/bsd/netinet/ip_input.c diff --git a/bsd/netinet/ip_input.c b/bsd/netinet/ip_input.c index 89f607747..354b504c0 100644 --- a/bsd/netinet/ip_input.c +++ b/bsd/netinet/ip_input.c @@ -3,19 +3,20 @@ * * @APPLE_LICENSE_HEADER_START@ * - * The contents of this file constitute Original Code as defined in and - * are subject to the Apple Public Source License Version 1.1 (the - * "License"). You may not use this file except in compliance with the - * License. Please obtain a copy of the License at - * http://www.apple.com/publicsource and read it before using this file. + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. * - * This Original Code and all software distributed under the License are - * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the - * License for the specific language governing rights and limitations - * under the License. + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. * * @APPLE_LICENSE_HEADER_END@ */ @@ -685,8 +686,10 @@ iphack: if (fr_checkp) { struct mbuf *m1 = m; - if (fr_checkp(ip, hlen, m->m_pkthdr.rcvif, 0, &m1) || !m1) + if (fr_checkp(ip, hlen, m->m_pkthdr.rcvif, 0, &m1) || !m1) { + lck_mtx_unlock(ip_mutex); return; + } ip = mtod(m = m1, struct ip *); } if (fw_enable && IPFW_LOADED) { @@ -700,22 +703,24 @@ iphack: #endif /* IPFIREWALL_FORWARD */ args.m = m; + lck_mtx_unlock(ip_mutex); + i = ip_fw_chk_ptr(&args); m = args.m; if ( (i & IP_FW_PORT_DENY_FLAG) || m == NULL) { /* drop */ if (m) - m_freem(m); - lck_mtx_unlock(ip_mutex); + m_freem(m); return; } ip = mtod(m, struct ip *); /* just in case m changed */ - if (i == 0 && args.next_hop == NULL) /* common case */ + if (i == 0 && args.next_hop == NULL) { /* common case */ + lck_mtx_lock(ip_mutex); goto pass; + } #if DUMMYNET if (DUMMYNET_LOADED && (i & IP_FW_PORT_DYNT_FLAG) != 0) { /* Send packet to the appropriate pipe */ - lck_mtx_unlock(ip_mutex); ip_dn_io_ptr(m, i&0xffff, DN_TO_IP_IN, &args); return; } @@ -723,19 +728,21 @@ iphack: #if IPDIVERT if (i != 0 && (i & IP_FW_PORT_DYNT_FLAG) == 0) { /* Divert or tee packet */ + lck_mtx_lock(ip_mutex); div_info = i; goto ours; } #endif #if IPFIREWALL_FORWARD - if (i == 0 && args.next_hop != NULL) + if (i == 0 && args.next_hop != NULL) { + lck_mtx_lock(ip_mutex); goto pass; + } #endif /* * if we get here, the packet must be dropped */ m_freem(m); - lck_mtx_unlock(ip_mutex); return; } pass: