Author: ae
Date: Mon May 13 20:17:55 2019
New Revision: 347549
URL: https://svnweb.freebsd.org/changeset/base/347549
Log:
Avoid possible recursion on BPF_LOCK() in bpfwrite().
Release BPF_LOCK() before invoking if_output() and if_input().
Also enter epoch section before releasing lock, this should prevent
access to ifnet that may be freed on interface detach.
Reported by: markj
Modified:
head/sys/net/bpf.c
Modified: head/sys/net/bpf.c
==============================================================================
--- head/sys/net/bpf.c Mon May 13 19:48:57 2019 (r347548)
+++ head/sys/net/bpf.c Mon May 13 20:17:55 2019 (r347549)
@@ -1257,6 +1257,9 @@ bpfwrite(struct cdev *dev, struct uio *uio, int ioflag
ro.ro_flags = RT_HAS_HEADER;
}
+ /* Avoid possible recursion on BPFD_LOCK(). */
+ NET_EPOCH_ENTER(et);
+ BPFD_UNLOCK(d);
error = (*ifp->if_output)(ifp, m, &dst, &ro);
if (error)
counter_u64_add(d->bd_wdcount, 1);
@@ -1267,8 +1270,8 @@ bpfwrite(struct cdev *dev, struct uio *uio, int ioflag
else
m_freem(mc);
}
+ NET_EPOCH_EXIT(et);
CURVNET_RESTORE();
- BPFD_UNLOCK(d);
bpfd_rele(d);
return (error);
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "[email protected]"
