Hello! On Tue, 29 Aug 2006, Ian FREISLICH wrote: > 2589 case O_IP_SRC_ME: > 2590 if (is_ipv4) { > 2591 struct ifnet *tif; > 2592 > 2593 INADDR_TO_IFP(src_ip, tif); > 2594 match = (tif != NULL); > 2595 } Looks like a lack of the proper locking against IP address addition/removal. These (O_IP_SRC_ME/O_IP_DST_ME), as well as matching of interface by IP address in the iface_match(): /* XXX lock? */ TAILQ_FOREACH(ia, &ifp->if_addrhead, ifa_link) { if (ia->ifa_addr == NULL) continue; are worrying for these races exist since version 1.1 of the ip_fw2.c for more than 4 years! Alas I'm not an expert in kernel locking, that's why I don't know how to correctly lock these places. Sincerely, Dmitry -- Atlantis ISP, System Administrator e-mail: dmitry_at_atlantis.dp.ua nic-hdl: LYNX-RIPEReceived on Tue Aug 29 2006 - 07:00:12 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:59 UTC