diff options
author | Gleb Smirnoff <glebius@FreeBSD.org> | 2021-10-08 19:56:24 +0000 |
---|---|---|
committer | Gleb Smirnoff <glebius@FreeBSD.org> | 2021-10-13 17:04:46 +0000 |
commit | 2144431c11529d1107f4440a5fe57559fb20002c (patch) | |
tree | 1f6dcd9f4a6e3bd0abc7f0f706488406733c52a4 /sys/netinet/in_mcast.c | |
parent | 03d5820f738de130b2feb66833f18741b7f92a14 (diff) | |
download | src-2144431c11529d1107f4440a5fe57559fb20002c.tar.gz src-2144431c11529d1107f4440a5fe57559fb20002c.zip |
Remove in_ifaddr_lock acquisiton to access in_ifaddrhead.
An IPv4 address is embedded into an ifaddr which is freed
via epoch. And the in_ifaddrhead is already a CK list. Use
the network epoch to protect against use after free.
Next step would be to CK-ify the in_addr hash and get rid of the...
Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D32434
Diffstat (limited to 'sys/netinet/in_mcast.c')
-rw-r--r-- | sys/netinet/in_mcast.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/sys/netinet/in_mcast.c b/sys/netinet/in_mcast.c index f0827fcf3451..ad2d7af799a5 100644 --- a/sys/netinet/in_mcast.c +++ b/sys/netinet/in_mcast.c @@ -1752,7 +1752,6 @@ inp_get_source_filters(struct inpcb *inp, struct sockopt *sopt) int inp_getmoptions(struct inpcb *inp, struct sockopt *sopt) { - struct rm_priotracker in_ifa_tracker; struct ip_mreqn mreqn; struct ip_moptions *imo; struct ifnet *ifp; @@ -1795,7 +1794,7 @@ inp_getmoptions(struct inpcb *inp, struct sockopt *sopt) mreqn.imr_ifindex = ifp->if_index; NET_EPOCH_ENTER(et); - IFP_TO_IA(ifp, ia, &in_ifa_tracker); + IFP_TO_IA(ifp, ia); if (ia != NULL) mreqn.imr_address = IA_SIN(ia)->sin_addr; @@ -1887,6 +1886,7 @@ inp_lookup_mcast_ifp(const struct inpcb *inp, struct ifnet *ifp; struct nhop_object *nh; + NET_EPOCH_ASSERT(); KASSERT(inp != NULL, ("%s: inp must not be NULL", __func__)); KASSERT(gsin->sin_family == AF_INET, ("%s: not AF_INET", __func__)); KASSERT(IN_MULTICAST(ntohl(gsin->sin_addr.s_addr)), @@ -1909,7 +1909,6 @@ inp_lookup_mcast_ifp(const struct inpcb *inp, struct ifnet *mifp; mifp = NULL; - IN_IFADDR_RLOCK(&in_ifa_tracker); CK_STAILQ_FOREACH(ia, &V_in_ifaddrhead, ia_link) { mifp = ia->ia_ifp; if (!(mifp->if_flags & IFF_LOOPBACK) && @@ -1919,7 +1918,6 @@ inp_lookup_mcast_ifp(const struct inpcb *inp, break; } } - IN_IFADDR_RUNLOCK(&in_ifa_tracker); } } |