Index | Thread | Search

From:
Vitaliy Makkoveev <mvs@openbsd.org>
Subject:
Unlock IPCTL_ARPTIMEOUT case of ip_sysctl()
To:
Alexander Bluhm <bluhm@openbsd.org>, tech@openbsd.org
Date:
Tue, 15 Jul 2025 23:52:15 +0300

Download raw body.

Thread 
`arpt_keep' is already marked with [a], so use atomic_load_int() and
move the assignment out of netlock. Both arpresolve() and arpcache()
belong to different paths.

Index: sys/netinet/if_ether.c
===================================================================
RCS file: /cvs/src/sys/netinet/if_ether.c,v
retrieving revision 1.274
diff -u -p -r1.274 if_ether.c
--- sys/netinet/if_ether.c	8 Jul 2025 00:47:41 -0000	1.274
+++ sys/netinet/if_ether.c	15 Jul 2025 20:24:46 -0000
@@ -384,7 +384,7 @@ arpresolve(struct ifnet *ifp, struct rte
 
 		/* refresh ARP entry when timeout gets close */
 		if (rt->rt_expire != 0 &&
-		    rt->rt_expire - arpt_keep / 8 < uptime) {
+		    rt->rt_expire - atomic_load_int(&arpt_keep) / 8 < uptime) {
 
 			mtx_enter(&arp_mtx);
 			la = (struct llinfo_arp *)rt->rt_llinfo;
@@ -709,7 +709,7 @@ arpcache(struct ifnet *ifp, struct ether
 	sdl->sdl_alen = sizeof(ea->arp_sha);
 	memcpy(LLADDR(sdl), ea->arp_sha, sizeof(ea->arp_sha));
 	if (rt->rt_expire)
-		rt->rt_expire = uptime + arpt_keep;
+		rt->rt_expire = uptime + atomic_load_int(&arpt_keep);
 	rt->rt_flags &= ~RTF_REJECT;
 
 	/* Notify userland that an ARP resolution has been done. */
Index: sys/netinet/ip_input.c
===================================================================
RCS file: /cvs/src/sys/netinet/ip_input.c,v
retrieving revision 1.419
diff -u -p -r1.419 ip_input.c
--- sys/netinet/ip_input.c	15 Jul 2025 18:28:57 -0000	1.419
+++ sys/netinet/ip_input.c	15 Jul 2025 20:24:46 -0000
@@ -125,10 +125,10 @@ const struct sysctl_bounded_args ipctl_v
 	{ IPCTL_IPPORT_HILASTAUTO, &ipport_hilastauto, 0, 65535 },
 	{ IPCTL_IPPORT_MAXQUEUE, &ip_maxqueue, 0, 10000 },
 	{ IPCTL_MFORWARDING, &ipmforwarding, 0, 1 },
+	{ IPCTL_ARPTIMEOUT, &arpt_keep, 0, INT_MAX },
 };
 
 const struct sysctl_bounded_args ipctl_vars[] = {
-	{ IPCTL_ARPTIMEOUT, &arpt_keep, 0, INT_MAX },
 	{ IPCTL_ARPDOWN, &arpt_down, 0, INT_MAX },
 };
 #endif /* SMALL_KERNEL */
@@ -1845,6 +1845,7 @@ ip_sysctl(int *name, u_int namelen, void
 	case IPCTL_IPPORT_HILASTAUTO:
 	case IPCTL_IPPORT_MAXQUEUE:
 	case IPCTL_MFORWARDING:
+	case IPCTL_ARPTIMEOUT:
 		return (sysctl_bounded_arr(
 		    ipctl_vars_unlocked, nitems(ipctl_vars_unlocked),
 		    name, namelen, oldp, oldlenp, newp, newlen));