The global array of interfaces is accessed in the input path and need
the NET_LOCK().
Ok?
Index: net/if_enc.c
===================================================================
RCS file: /cvs/src/sys/net/if_enc.c,v
retrieving revision 1.67
diff -u -p -r1.67 if_enc.c
--- net/if_enc.c 23 Jan 2017 11:37:29 -0000 1.67
+++ net/if_enc.c 26 May 2017 15:10:31 -0000
@@ -72,7 +72,7 @@ enc_clone_create(struct if_clone *ifc, i
struct ifnet *ifp;
struct ifnet **new;
size_t newlen;
- int error;
+ int s, error;
if (unit > ENC_MAX_UNITS)
return (EINVAL);
@@ -111,8 +111,10 @@ enc_clone_create(struct if_clone *ifc, i
#if NBPFILTER > 0
bpfattach(&ifp->if_bpf, ifp, DLT_ENC, ENC_HDRLEN);
#endif
-
- if ((error = enc_setif(ifp, 0)) != 0) {
+ NET_LOCK(s);
+ error = enc_setif(ifp, 0);
+ if (error != 0) {
+ NET_UNLOCK(s);
if_detach(ifp);
free(sc, M_DEVBUF, 0);
return (error);
@@ -120,8 +122,10 @@ enc_clone_create(struct if_clone *ifc, i
if (unit == 0 || unit > enc_max_unit) {
if ((new = mallocarray(unit + 1, sizeof(struct ifnet *),
- M_DEVBUF, M_NOWAIT|M_ZERO)) == NULL)
+ M_DEVBUF, M_NOWAIT|M_ZERO)) == NULL) {
+ NET_UNLOCK(s);
return (ENOBUFS);
+ }
newlen = sizeof(struct ifnet *) * (unit + 1);
if (enc_allifps != NULL) {
@@ -133,6 +137,7 @@ enc_clone_create(struct if_clone *ifc, i
enc_max_unit = unit;
}
enc_allifps[unit] = ifp;
+ NET_UNLOCK(s);
return (0);
}
@@ -147,12 +152,13 @@ enc_clone_destroy(struct ifnet *ifp)
if (sc->sc_unit == 0)
return (EPERM);
- s = splnet();
+ NET_LOCK(s);
enc_allifps[sc->sc_unit] = NULL;
enc_unsetif(ifp);
+ NET_UNLOCK(s);
+
if_detach(ifp);
free(sc, M_DEVBUF, 0);
- splx(s);
return (0);
}
@@ -229,8 +235,8 @@ enc_getif(u_int id, u_int unit)
return (enc_ifps[id]);
}
-struct ifaddr
-*enc_getifa(u_int id, u_int unit)
+struct ifaddr *
+enc_getifa(u_int id, u_int unit)
{
struct ifnet *ifp;
struct enc_softc *sc;
@@ -247,6 +253,8 @@ enc_setif(struct ifnet *ifp, u_int id)
{
struct ifnet **new;
size_t newlen;
+
+ NET_ASSERT_LOCKED();
enc_unsetif(ifp);
