mrt_rtwalk_mfcsysctl() performs read-only access to protected data, so
rtable_walk() could be called with shared netlock.
Index: sys/netinet/ip_input.c
===================================================================
RCS file: /cvs/src/sys/netinet/ip_input.c,v
retrieving revision 1.384
diff -u -p -r1.384 ip_input.c
--- sys/netinet/ip_input.c 16 May 2023 19:36:00 -0000 1.384
+++ sys/netinet/ip_input.c 17 May 2023 09:59:16 -0000
@@ -1712,10 +1712,7 @@ ip_sysctl(int *name, u_int namelen, void
case IPCTL_MRTMFC:
if (newp)
return (EPERM);
- NET_LOCK();
- error = mrt_sysctl_mfc(oldp, oldlenp);
- NET_UNLOCK();
- return (error);
+ return (mrt_sysctl_mfc(oldp, oldlenp));
case IPCTL_MRTVIF:
if (newp)
return (EPERM);
Index: sys/netinet/ip_mroute.c
===================================================================
RCS file: /cvs/src/sys/netinet/ip_mroute.c,v
retrieving revision 1.138
diff -u -p -r1.138 ip_mroute.c
--- sys/netinet/ip_mroute.c 19 Apr 2023 20:03:51 -0000 1.138
+++ sys/netinet/ip_mroute.c 17 May 2023 09:59:16 -0000
@@ -479,10 +479,12 @@ mrt_sysctl_mfc(void *oldp, size_t *oldle
msa.msa_len = *oldlenp;
msa.msa_needed = 0;
+ NET_LOCK_SHARED();
for (rtableid = 0; rtableid <= RT_TABLEID_MAX; rtableid++) {
rtable_walk(rtableid, AF_INET, NULL, mrt_rtwalk_mfcsysctl,
&msa);
}
+ NET_UNLOCK_SHARED();
if (msa.msa_minfos != NULL && msa.msa_needed > 0 &&
(error = copyout(msa.msa_minfos, oldp, msa.msa_needed)) != 0) {
