Re: git: e3044071dec1 - main - in6p_set_multicast_if(): fix malloc(M_WAITOK) with epoch

In reply to: Hans Petter Selasky : "Re: git: e3044071dec1 - main - in6p_set_multicast_if(): fix malloc(M_WAITOK) with epoch"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Gleb Smirnoff <glebius_at_freebsd.org>
Date: Tue, 07 Dec 2021 23:13:17 UTC

On Tue, Dec 07, 2021 at 08:36:58AM +0100, Hans Petter Selasky wrote:
H> > --- a/sys/netinet6/in6_mcast.c
H> > +++ b/sys/netinet6/in6_mcast.c
H> > @@ -2454,9 +2454,9 @@ in6p_set_multicast_if(struct inpcb *inp, struct sockopt *sopt)
H> >   			return (EADDRNOTAVAIL);
H> >   		}
H> >   	}
H> > +	NET_EPOCH_EXIT(et);	/* XXXGL: unsafe ifp */
H> >   	imo = in6p_findmoptions(inp);
H> > -	imo->im6o_multicast_ifp = ifp;	/* XXXGL: reference?! */
H> > -	NET_EPOCH_EXIT(et);
H> > +	imo->im6o_multicast_ifp = ifp;
H> >   	INP_WUNLOCK(inp);
H> >   
H> >   	return (0);
H> > 
H> 
H> You can ref the ifp before the EPOCH exit?

Sure. The code should use ifnet_byindex_ref().

Note that d74b7baeb0d4 was a sweep commit to "cover" all
unsafe uses of ifnet_byindex().  It was not my intent to
fix all of them, but rather mark them with a comment
and put NET_EPOCH_ASSERT() inside ifnet_byindex() to prevent
future unsafe calls.

-- 
Gleb Smirnoff