On Fri, May 09, 2025 at 03:19:51PM +0300, Vitaliy Makkoveev wrote:
> Atomically accessed integer. sysctl_securelevel_int() is mp-safe.

Both reads of ip_dosourceroute might happen while the same packet
is processed.  I could not find or imagine any bad behavior.

OK bluhm@

> Index: sys/netinet/ip_input.c
> ===================================================================
> RCS file: /cvs/src/sys/netinet/ip_input.c,v
> retrieving revision 1.406
> diff -u -p -r1.406 ip_input.c
> --- sys/netinet/ip_input.c	9 May 2025 14:43:47 -0000	1.406
> +++ sys/netinet/ip_input.c	9 May 2025 20:16:49 -0000
> @@ -95,7 +95,7 @@ int	ip_forwarding = 0;			/* [a] */
>  int	ipmforwarding = 0;
>  int	ipmultipath = 0;
>  int	ip_sendredirects = 1;			/* [a] */
> -int	ip_dosourceroute = 0;
> +int	ip_dosourceroute = 0;			/* [a] */
>  int	ip_defttl = IPDEFTTL;
>  int	ip_mtudisc = 1;
>  int	ip_mtudisc_timeout = IPMTUDISCTIMEOUT;
> @@ -1241,7 +1241,7 @@ ip_dooptions(struct mbuf *m, struct ifne
>  		 */
>  		case IPOPT_LSRR:
>  		case IPOPT_SSRR:
> -			if (!ip_dosourceroute) {
> +			if (atomic_load_int(&ip_dosourceroute) == 0) {
>  				type = ICMP_UNREACH;
>  				code = ICMP_UNREACH_SRCFAIL;
>  				goto bad;
> @@ -1463,7 +1463,7 @@ ip_srcroute(struct mbuf *m0)
>  	struct ip_srcrt *isr;
>  	struct m_tag *mtag;
>  
> -	if (!ip_dosourceroute)
> +	if (atomic_load_int(&ip_dosourceroute) == 0)
>  		return (NULL);
>  
>  	mtag = m_tag_find(m0, PACKET_TAG_SRCROUTE, NULL);
> @@ -1736,11 +1736,8 @@ ip_sysctl(int *name, u_int namelen, void
>  
>  	switch (name[0]) {
>  	case IPCTL_SOURCEROUTE:
> -		NET_LOCK();
> -		error = sysctl_securelevel_int(oldp, oldlenp, newp, newlen,
> -		    &ip_dosourceroute);
> -		NET_UNLOCK();
> -		return (error);
> +		return (sysctl_securelevel_int(oldp, oldlenp, newp, newlen,
> +		    &ip_dosourceroute));
>  	case IPCTL_MTUDISC:
>  		NET_LOCK();
>  		error = sysctl_int(oldp, oldlenp, newp, newlen, &ip_mtudisc);