Re: Assertion failure when adding point-to-point routes to interfaces in rdomain with deleted loopback

Thu, 14 Jun 2018 05:39:02 -0700 

On 06/06/18(Wed) 16:21, multiplexd wrote:
> >Synopsis:      Assertion failure when adding point-to-point routes to 
> >interfaces in rdomain with deleted loopback
> >Category:      Reliability
> >Environment:
>         System      : OpenBSD 6.3
>         Details     : OpenBSD 6.3 (GENERIC) #3: Thu May 17 23:54:13 CEST 2018
>                          
> r...@syspatch-63-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
> 
>         Architecture: OpenBSD.amd64
>         Machine     : amd64 (see Description)
> >Description:
> 
> Adding a route to a point-to-point interface such as gre(4) or tun(4) where 
> the interface is in a
> non-default rdomain and the loopback device for the given rdomain has been 
> destroyed will trigger a
> kernel assertion failure, causing a system crash.
> 
> This issue has been observed and reproduced on both an amd64 system (virtual 
> machine on a Debian 9
> host) and a macppc system (iBook G4).
> 
> >How-To-Repeat:
> 
> 1) Create a new loopback device in a non-default rdomain. Example:
> 
>         # ifconfig lo2 rdomain 2
> 
> 2) The following two steps can be performed in any order.
>   2a) Create a point-to-point interface. The following example creates a new 
> tun(4) interface,
>       though this has also been reproduced with a gre(4) interface.
> 
>         # ifconfig tun0 rdomain 2
> 
>   2b) Delete the loopback device associated with the rdomain.
> 
>         # ifconfig lo2 -rdomain destroy
> 
> 3) Add a route to the point-to-point interface, e.g.
> 
>         # ifconfig tun0 inet 192.168.200.1 192.168.200.2
> 
>    The system will crash and drop to a ddb(4) prompt.
> 
> An example session is shown below:
> 
> bsd00# ifconfig lo2 rdomain 2
> bsd00# ifconfig tun0 rdomain 2
> bsd00# ifconfig lo2 -rdomain destroy
> bsd00# ifconfig tun0 inet 192.168.200.1 192.168.200.2
> panic: kernel diagnostic assertion "lo0ifp != NULL" failed: file 
> "/usr/src/sys/net/if.c", line 1483

Thanks for the report, could you try the diff below?

Index: net/if.c
===================================================================
RCS file: /cvs/src/sys/net/if.c,v
retrieving revision 1.554
diff -u -p -r1.554 if.c
--- net/if.c    30 May 2018 22:20:41 -0000      1.554
+++ net/if.c    14 Jun 2018 12:36:20 -0000
@@ -1765,9 +1765,11 @@ if_setrdomain(struct ifnet *ifp, int rdo
        if (rdomain != rtable_l2(rdomain))
                return (EINVAL);
 
-       /* remove all routing entries when switching domains */
-       /* XXX this is a bit ugly */
        if (rdomain != ifp->if_rdomain) {
+               if ((ifp->if_flags & IFF_LOOPBACK) &&
+                   (ifp->if_index == rtable_loindex(ifp->if_rdomain)))
+                       return (EPERM);
+
                s = splnet();
                /*
                 * We are tearing down the world.

Reply via email to