On Fri, Mar 02, 2018 at 02:25:21PM +0100, Pierre Emeriaud wrote:
> panic: netlock: lock not held

> ifpromisc(ffff800021f85400,ffff8000005ae000) at ifpromisc+0xb3
> bpfioctl(ffffff027eb5fc18,ffffff027eb5fc18,ffffff02414ac4a0,20004269,ffffff02414ac4a0)
>  at bpfioctl+0x53c

I would say this is a missing netlock around ifpromisc() in bpfioctl().
And in the bpfclose() path it is also missing.

ok?

bluhm

Index: net/bpf.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/net/bpf.c,v
retrieving revision 1.168
diff -u -p -r1.168 bpf.c
--- net/bpf.c   19 Feb 2018 08:59:52 -0000      1.168
+++ net/bpf.c   2 Mar 2018 14:35:29 -0000
@@ -326,7 +326,9 @@ bpf_detachd(struct bpf_d *d)
 
                bpf_get(d);
                mtx_leave(&d->bd_mtx);
+               NET_LOCK();
                error = ifpromisc(bp->bif_ifp, 0);
+               NET_UNLOCK();
                mtx_enter(&d->bd_mtx);
                bpf_put(d);
 
@@ -794,7 +796,9 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t 
                } else if (d->bd_bif->bif_ifp != NULL) { 
                        if (d->bd_promisc == 0) {
                                MUTEX_ASSERT_UNLOCKED(&d->bd_mtx);
+                               NET_LOCK();
                                error = ifpromisc(d->bd_bif->bif_ifp, 1);
+                               NET_UNLOCK();
                                if (error == 0)
                                        d->bd_promisc = 1;
                        }

Reply via email to