ok mvs@
> On 25 Dec 2021, at 01:17, Alexander Bluhm <alexander.bl...@gmx.net> wrote:
>
> Hi,
>
> ip_deliver() has been called without kernel lock from ip_ours() and
> ip6_ours() for a long time. It looks like these two callers in ip6
> input were forgotten to be unlocked.
>
> ok?
>
> bluhm
>
> Index: netinet6/ip6_input.c
> ===================================================================
> RCS file: /data/mirror/openbsd/cvs/src/sys/netinet6/ip6_input.c,v
> retrieving revision 1.237
> diff -u -p -r1.237 ip6_input.c
> --- netinet6/ip6_input.c 3 Jun 2021 04:47:54 -0000 1.237
> +++ netinet6/ip6_input.c 24 Dec 2021 14:18:08 -0000
> @@ -404,12 +404,9 @@ ip6_input_if(struct mbuf **mp, int *offp
> }
>
> if (ours) {
> - if (af == AF_UNSPEC) {
> - KERNEL_LOCK();
> + if (af == AF_UNSPEC)
> nxt = ip_deliver(mp, offp, nxt,
> AF_INET6);
> - KERNEL_UNLOCK();
> - }
> goto out;
> }
> goto bad;
> @@ -508,11 +505,8 @@ ip6_input_if(struct mbuf **mp, int *offp
> goto out;
>
> if (ours) {
> - if (af == AF_UNSPEC) {
> - KERNEL_LOCK();
> + if (af == AF_UNSPEC)
> nxt = ip_deliver(mp, offp, nxt, AF_INET6);
> - KERNEL_UNLOCK();
> - }
> goto out;
> }
>
>
