From: Vitaliy Makkoveev <mvs@openbsd.org>
Subject: Unlock IPV6CTL_HDRNESTLIMIT case of ip6_sysctl()
To: Alexander Bluhm <bluhm@openbsd.org>, tech@openbsd.org
Date: Wed, 23 Jul 2025 23:08:48 +0300

`ip6_hdrnestlimit' loaded only once in ip_deliver(). In the
`ip6_hdrnestlimit' is null, the "(++nest > ip6_hdrnestlimit)" check will
be always true, so the check of `ip6_hdrnestlimit' against null could be
omitted.

Also unused in ramdisk.

Index: sys/netinet/ip_input.c
===================================================================
RCS file: /cvs/src/sys/netinet/ip_input.c,v
retrieving revision 1.422
diff -u -p -r1.422 ip_input.c
--- sys/netinet/ip_input.c	19 Jul 2025 16:40:40 -0000	1.422
+++ sys/netinet/ip_input.c	23 Jul 2025 20:03:08 -0000
@@ -788,7 +788,7 @@ ip_deliver(struct mbuf **mp, int *offp, 
 
 #ifdef INET6
 		if (af == AF_INET6 &&
-		    ip6_hdrnestlimit && (++nest > ip6_hdrnestlimit)) {
+		    (++nest > atomic_load_int(&ip6_hdrnestlimit))) {
 			ip6stat_inc(ip6s_toomanyhdr);
 			goto bad;
 		}
Index: sys/netinet6/in6_proto.c
===================================================================
RCS file: /cvs/src/sys/netinet6/in6_proto.c,v
retrieving revision 1.138
diff -u -p -r1.138 in6_proto.c
--- sys/netinet6/in6_proto.c	23 Jul 2025 18:58:38 -0000	1.138
+++ sys/netinet6/in6_proto.c	23 Jul 2025 20:03:08 -0000
@@ -357,7 +357,7 @@ int	ip6_defmcasthlim = IPV6_DEFAULT_MULT
 int	ip6_maxfragpackets = 200;	/* [a] */
 int	ip6_maxfrags = 200;
 int	ip6_log_interval = 5;	/* [a] */
-int	ip6_hdrnestlimit = 10;	/* appropriate? */
+int	ip6_hdrnestlimit = 10;	/* [a] appropriate? */
 int	ip6_dad_count = 1;	/* DupAddrDetectionTransmits */
 int	ip6_dad_pending;	/* number of currently running DADs */
 int	ip6_auto_flowlabel = 1;
Index: sys/netinet6/ip6_input.c
===================================================================
RCS file: /cvs/src/sys/netinet6/ip6_input.c,v
retrieving revision 1.282
diff -u -p -r1.282 ip6_input.c
--- sys/netinet6/ip6_input.c	23 Jul 2025 18:58:38 -0000	1.282
+++ sys/netinet6/ip6_input.c	23 Jul 2025 20:03:08 -0000
@@ -1449,10 +1449,10 @@ const struct sysctl_bounded_args ipv6ctl
 	{ IPV6CTL_DEFHLIM, &ip6_defhlim, 0, 255 },
 	{ IPV6CTL_MAXFRAGPACKETS, &ip6_maxfragpackets, 0, 1000 },
 	{ IPV6CTL_LOG_INTERVAL, &ip6_log_interval, 0, INT_MAX },
+	{ IPV6CTL_HDRNESTLIMIT, &ip6_hdrnestlimit, 0, 100 },
 };
 
 const struct sysctl_bounded_args ipv6ctl_vars[] = {
-	{ IPV6CTL_HDRNESTLIMIT, &ip6_hdrnestlimit, 0, 100 },
 	{ IPV6CTL_DAD_COUNT, &ip6_dad_count, 0, 10 },
 	{ IPV6CTL_AUTO_FLOWLABEL, &ip6_auto_flowlabel, 0, 1 },
 	{ IPV6CTL_DEFMCASTHLIM, &ip6_defmcasthlim, 0, 255 },
@@ -1572,6 +1572,7 @@ ip6_sysctl(int *name, u_int namelen, voi
 	case IPV6CTL_DEFHLIM:
 	case IPV6CTL_MAXFRAGPACKETS:
 	case IPV6CTL_LOG_INTERVAL:
+	case IPV6CTL_HDRNESTLIMIT:
 		return (sysctl_bounded_arr(
 		    ipv6ctl_vars_unlocked, nitems(ipv6ctl_vars_unlocked),
 		    name, namelen, oldp, oldlenp, newp, newlen));