Date: Sat, 13 Jun 2015 19:39:59 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-net@FreeBSD.org Subject: [Bug 200323] BPF userland misuse can crash the system Message-ID: <bug-200323-2472-PbgXKKToUA@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-200323-2472@https.bugs.freebsd.org/bugzilla/> References: <bug-200323-2472@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D200323 --- Comment #1 from Ermal Lu=C3=A7i <eri@pfsense.org> --- This patch fixes the issue and the issue seems to a locked LLE which does n= ot allow BPF to sleep when it needs to. +diff --git a/sys/netinet/if_ether.c b/sys/netinet/if_ether.c +index baa9c26..f31576d 100644 +--- a/sys/netinet/if_ether.c ++++ b/sys/netinet/if_ether.c +@@ -353,6 +353,10 @@ retry: + if ((la->la_flags & LLE_VALID) && + ((la->la_flags & LLE_STATIC) || la->la_expire > time_uptime)) { + bcopy(&la->ll_addr, desten, ifp->if_addrlen); ++ if (flags & LLE_EXCLUSIVE) ++ LLE_WUNLOCK(la); ++ else ++ LLE_RUNLOCK(la); + /* + * If entry has an expiry time and it is approaching, + * see if we need to send an ARP request within this +@@ -365,8 +369,7 @@ retry: + } +=20 + *lle =3D la; +- error =3D 0; +- goto done; ++ return (0); + } +=20 + if (la->la_flags & LLE_STATIC) { /* should not happen! */ --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-200323-2472-PbgXKKToUA>