On 20/02/19(Wed) 14:44, David Gwynne wrote: > Index: sys/net/if.c > =================================================================== > RCS file: /cvs/src/sys/net/if.c,v > retrieving revision 1.571 > diff -u -p -r1.571 if.c > --- sys/net/if.c 9 Jan 2019 01:14:21 -0000 1.571 > +++ sys/net/if.c 20 Feb 2019 04:35:42 -0000 > @@ -2143,6 +2143,25 @@ ifioctl(struct socket *so, u_long cmd, c > NET_UNLOCK(); > break; > > + case SIOCSETMPWCFG: > + case SIOCSPWE3CTRLWORD: > + case SIOCSPWE3FAT: > + case SIOCSPWE3NEIGHBOR: > + case SIOCDPWE3NEIGHBOR: > + if ((error = suser(p)) != 0) > + break; > + /* FALLTHROUGH */ > + case SIOCGETMPWCFG: > + case SIOCGPWE3CTRLWORD: > + case SIOCGPWE3FAT: > + case SIOCGPWE3NEIGHBOR: > + if_ref(ifp); > + KERNEL_UNLOCK(); > + error = ((*ifp->if_ioctl)(ifp, cmd, data)); > + KERNEL_LOCK(); > + if_put(ifp);
Why are you referencing the `ifp' and grabbing the KERNEL_LOCK() (recursively)?
