> On 7 Apr 2020, at 17:43, Martin Pieuchot <m...@openbsd.org> wrote:
>
> On 07/04/20(Tue) 17:14, Vitaliy Makkoveev wrote:
>> As Claudio Jeker noticed, NET_LOCK() can release KERNEL_LOCK(). pppx(4)
>> code has some NET_LOCK() dances which make it unsafe. [...]
>
> The easiest way to fix that is to move if_detach() out of pppx_if_destroy().
pppxioctl() is under KERNEL_LOCK(). pppxioctl() holds NET_LOCK() it’s whole
runtime. So your suggestion is (pseudo code):
KERNEL_LOCK();
pppx_ioctl()
{
NET_LOCK();
switch() {
case PIPEXDSESSION:
NET_UNLOCK();
/*
* KERNEL_LOCK() can be released here and concurrent
* thread with PIPEXDSESSION case will enter here
*/
if_detach();
NET_LOCK();
pppx_if_destroy();
break;
}
NET_UNLOCK();
}
KERNEL_UNLOCK();
I understood well?
>
> It generally makes sense to call if_detach() first then free/close the
> descriptor of a driver. However some drivers have callbacks and in that
> case you might want to teardown those first then call if_detach().
>
> if_detach() will require the NET_LOCK() for some time. However
> pseudo-driver should start protecting their own data structure with
> different locks.
>