On Tue, Aug 12, 2008 at 04:15:21PM +0200, Ed Schouten wrote: > Hello all, > > * Bruce Evans <[EMAIL PROTECTED]> wrote: > > I checked that bpf panics (even under UP) due to the obvious bugs in > > its d_close(): > > > > # Generate lots of network activity using something like: > > sysctl net.inet.icmp.icmplim=0; ping -fq localhost & > > > > # Race to panic eventually: > > while :; do tcpdump -i lo0 & sleep 0.001; revoke /dev/bpf0 > > > > Most or all device drivers have obvious bugs in their d_close(); bpf > > is just a bit easier to understand and more likely to cause a panic > > than most device drivers, since it is simple and frees resources. A > > panic is very likely when si_drv1 is freed, and si_drv1 is only locked > > accidentally. > > I remember I once warned people about this on the lists. It seems the > cdevpriv API is protected against this, so the following patch turns BPF > into a single device node, which can handle revoke() calls properly. > > I wrote this patch a month ago, but eventually I didn't commit this. I > think I should, though. > > http://80386.nl/files/bpf-cdevpriv.diff
Did you tested cdevpriv'ed bpf against revoke ?
pgpBPQb6U0pm8.pgp
Description: PGP signature
