Index | Thread | Search

From:
Vitaliy Makkoveev <mvs@openbsd.org>
Subject:
Unlock IPCTL_ARPDOWN case of ip_sysctl()
To:
Alexander Bluhm <bluhm@openbsd.org>, tech@openbsd.org
Date:
Wed, 16 Jul 2025 01:45:40 +0300

Download raw body.

Thread 
The last one of `ipctl_vars'. Also was marked as [a], loaded only once
at arpresolve(), so just use atomic_load_int() to get value.

Index: sys/netinet/if_ether.c
===================================================================
RCS file: /cvs/src/sys/netinet/if_ether.c,v
retrieving revision 1.275
diff -u -p -r1.275 if_ether.c
--- sys/netinet/if_ether.c	15 Jul 2025 22:12:49 -0000	1.275
+++ sys/netinet/if_ether.c	15 Jul 2025 22:41:49 -0000
@@ -447,7 +447,7 @@ arpresolve(struct ifnet *ifp, struct rte
 				refresh = 1;
 			else {
 				reject = RTF_REJECT;
-				rt->rt_expire += arpt_down;
+				rt->rt_expire += atomic_load_int(&arpt_down);
 				la->la_asked = 0;
 				la->la_refreshed = 0;
 				atomic_sub_int(&la_hold_total,
Index: sys/netinet/ip_input.c
===================================================================
RCS file: /cvs/src/sys/netinet/ip_input.c,v
retrieving revision 1.420
diff -u -p -r1.420 ip_input.c
--- sys/netinet/ip_input.c	15 Jul 2025 22:12:49 -0000	1.420
+++ sys/netinet/ip_input.c	15 Jul 2025 22:41:49 -0000
@@ -111,7 +111,7 @@ int	ip_maxqueue = 300;			/* [a] */
 int	ip_frags = 0;				/* [q] */
 
 #ifndef SMALL_KERNEL
-const struct sysctl_bounded_args ipctl_vars_unlocked[] = {
+const struct sysctl_bounded_args ipctl_vars[] = {
 	{ IPCTL_FORWARDING, &ip_forwarding, 0, 2 },
 	{ IPCTL_SENDREDIRECTS, &ip_sendredirects, 0, 1 },
 	{ IPCTL_DIRECTEDBCAST, &ip_directedbcast, 0, 1 },
@@ -126,9 +126,6 @@ const struct sysctl_bounded_args ipctl_v
 	{ IPCTL_IPPORT_MAXQUEUE, &ip_maxqueue, 0, 10000 },
 	{ IPCTL_MFORWARDING, &ipmforwarding, 0, 1 },
 	{ IPCTL_ARPTIMEOUT, &arpt_keep, 0, INT_MAX },
-};
-
-const struct sysctl_bounded_args ipctl_vars[] = {
 	{ IPCTL_ARPDOWN, &arpt_down, 0, INT_MAX },
 };
 #endif /* SMALL_KERNEL */
@@ -1832,29 +1829,9 @@ ip_sysctl(int *name, u_int namelen, void
 		}
 
 		return (error);
-	case IPCTL_FORWARDING:
-	case IPCTL_SENDREDIRECTS:
-	case IPCTL_DIRECTEDBCAST:
-#ifdef MROUTING
-	case IPCTL_MRTPROTO:
-#endif
-	case IPCTL_DEFTTL:
-	case IPCTL_IPPORT_FIRSTAUTO:
-	case IPCTL_IPPORT_LASTAUTO:
-	case IPCTL_IPPORT_HIFIRSTAUTO:
-	case IPCTL_IPPORT_HILASTAUTO:
-	case IPCTL_IPPORT_MAXQUEUE:
-	case IPCTL_MFORWARDING:
-	case IPCTL_ARPTIMEOUT:
-		return (sysctl_bounded_arr(
-		    ipctl_vars_unlocked, nitems(ipctl_vars_unlocked),
-		    name, namelen, oldp, oldlenp, newp, newlen));
 	default:
-		NET_LOCK();
-		error = sysctl_bounded_arr(ipctl_vars, nitems(ipctl_vars),
-		    name, namelen, oldp, oldlenp, newp, newlen);
-		NET_UNLOCK();
-		return (error);
+		return (sysctl_bounded_arr(ipctl_vars, nitems(ipctl_vars),
+		    name, namelen, oldp, oldlenp, newp, newlen));
 	}
 	/* NOTREACHED */
 }