Index | Thread | Search

From:
Alexander Bluhm <bluhm@openbsd.org>
Subject:
Re: Unlock ICMPV6CTL_ND6_DELAY case of icmp6_sysctl()
To:
Vitaliy Makkoveev <mvs@openbsd.org>
Cc:
tech@openbsd.org
Date:
Sat, 2 Aug 2025 13:39:36 +0200

Download raw body.

Thread 
On Sat, Aug 02, 2025 at 02:23:25PM +0300, Vitaliy Makkoveev wrote:
> `nd6_delay' loaded only once in nd6_resolve().

OK bluhm@

> Index: sys/netinet6/icmp6.c
> ===================================================================
> RCS file: /cvs/src/sys/netinet6/icmp6.c,v
> retrieving revision 1.272
> diff -u -p -r1.272 icmp6.c
> --- sys/netinet6/icmp6.c	2 Aug 2025 09:03:54 -0000	1.272
> +++ sys/netinet6/icmp6.c	2 Aug 2025 11:18:33 -0000
> @@ -1774,8 +1774,11 @@ icmp6_mtudisc_timeout(struct rtentry *rt
>  }
>  
>  #ifndef SMALL_KERNEL
> -const struct sysctl_bounded_args icmpv6ctl_vars[] = {
> +const struct sysctl_bounded_args icmpv6ctl_vars_unlocked[] = {
>  	{ ICMPV6CTL_ND6_DELAY, &nd6_delay, 0, INT_MAX },
> +};
> +
> +const struct sysctl_bounded_args icmpv6ctl_vars[] = {
>  	{ ICMPV6CTL_ND6_UMAXTRIES, &nd6_umaxtries, 0, INT_MAX },
>  	{ ICMPV6CTL_ND6_MMAXTRIES, &nd6_mmaxtries, 0, INT_MAX },
>  	{ ICMPV6CTL_ERRPPSLIMIT, &icmp6errppslim, -1, 1000 },
> @@ -1841,6 +1844,12 @@ icmp6_sysctl(int *name, u_int namelen, v
>  	case ICMPV6CTL_ND6_QUEUED:
>  		error = sysctl_rdint(oldp, oldlenp, newp,
>  		    atomic_load_int(&ln_hold_total));
> +		break;
> +
> +	case ICMPV6CTL_ND6_DELAY:
> +		error = sysctl_bounded_arr(icmpv6ctl_vars_unlocked,
> +		    nitems(icmpv6ctl_vars_unlocked), name, namelen,
> +		    oldp, oldlenp, newp, newlen);
>  		break;
>  
>  	default:
> Index: sys/netinet6/nd6.c
> ===================================================================
> RCS file: /cvs/src/sys/netinet6/nd6.c,v
> retrieving revision 1.293
> diff -u -p -r1.293 nd6.c
> --- sys/netinet6/nd6.c	26 Jul 2025 01:16:59 -0000	1.293
> +++ sys/netinet6/nd6.c	2 Aug 2025 11:18:33 -0000
> @@ -75,7 +75,7 @@
>  /* timer values */
>  int	nd6_timer_next	= -1;	/* at which uptime nd6_timer runs */
>  time_t	nd6_expire_next	= -1;	/* at which uptime nd6_expire runs */
> -int	nd6_delay	= 5;	/* delay first probe time 5 second */
> +int	nd6_delay	= 5;	/* [a] delay first probe time 5 second */
>  int	nd6_umaxtries	= 3;	/* maximum unicast query */
>  int	nd6_mmaxtries	= 3;	/* maximum multicast query */
>  int	nd6_gctimer	= (60 * 60 * 24); /* 1 day: garbage collection timer */
> @@ -1307,7 +1307,7 @@ nd6_resolve(struct ifnet *ifp, struct rt
>  	if (ln->ln_state == ND6_LLINFO_STALE) {
>  		ln->ln_asked = 0;
>  		ln->ln_state = ND6_LLINFO_DELAY;
> -		nd6_llinfo_settimer(ln, nd6_delay);
> +		nd6_llinfo_settimer(ln, atomic_load_int(&nd6_delay));
>  	}
>  
>  	/*