CVS commit: src/sys/net

[Ryota Ozaki]

Module Name:    src
Committed By:   ozaki-r
Date:           Tue Jul 10 01:23:13 UTC 2018

Modified Files:
        src/sys/net: if_llatbl.c

Log Message:
Don't overwrite an existing llentry on RTM_ADD to avoid race conditions

Reported and tested by christos@


To generate a diff of this commit:
cvs rdiff -u -r1.27 -r1.28 src/sys/net/if_llatbl.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/net/if_llatbl.c
diff -u src/sys/net/if_llatbl.c:1.27 src/sys/net/if_llatbl.c:1.28
--- src/sys/net/if_llatbl.c:1.27	Tue Jun  5 01:25:59 2018
+++ src/sys/net/if_llatbl.c	Tue Jul 10 01:23:13 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: if_llatbl.c,v 1.27 2018/06/05 01:25:59 nonaka Exp $	*/
+/*	$NetBSD: if_llatbl.c,v 1.28 2018/07/10 01:23:13 ozaki-r Exp $	*/
 /*
  * Copyright (c) 2004 Luigi Rizzo, Alessandro Cerri. All rights reserved.
  * Copyright (c) 2004-2008 Qing Li. All rights reserved.
@@ -672,7 +672,7 @@ lla_rt_output(const u_char rtm_type, con
 
 		/* Add static LLE */
 		IF_AFDATA_WLOCK(ifp);
-		lle = lla_lookup(llt, 0, dst);
+		lle = lla_lookup(llt, LLE_EXCLUSIVE, dst);
 
 		/* Cannot overwrite an existing static entry */
 		if (lle != NULL &&
@@ -684,8 +684,18 @@ lla_rt_output(const u_char rtm_type, con
 			error = EEXIST;
 			goto out;
 		}
-		if (lle != NULL)
-			LLE_RUNLOCK(lle);
+
+		/*
+		 * We can't overwrite an existing entry to avoid race
+		 * conditions so remove it first.
+		 */
+		if (lle != NULL) {
+			size_t pkts_dropped = llentry_free(lle);
+			if (dst->sa_family == AF_INET) {
+				arp_stat_add(ARP_STAT_DFRDROPPED,
+				    (uint64_t)pkts_dropped);
+			}
+		}
 
 		lle = lla_create(llt, 0, dst, rt);
 		if (lle == NULL) {