commit b4429953783603f55d850daab6324d99da2923a5 Author: Ryota Ozaki Date: Wed Nov 15 10:20:01 2017 +0900 Hold KERNEL_LOCK on if_ioctl selectively based on IFEF_MPSAFE diff --git a/sys/kern/sys_socket.c b/sys/kern/sys_socket.c index 595fe89f2af..e4271ce4c07 100644 --- a/sys/kern/sys_socket.c +++ b/sys/kern/sys_socket.c @@ -197,14 +197,18 @@ soo_ioctl(file_t *fp, u_long cmd, void *data) * interface and routing ioctls should have a * different entry since a socket's unnecessary */ - KERNEL_LOCK(1, NULL); if (IOCGROUP(cmd) == 'i') + /* + * KERNEL_LOCK will be held later if if_ioctl() of the + * interface isn't MP-safe. + */ error = ifioctl(so, cmd, data, curlwp); else { + KERNEL_LOCK(1, NULL); error = (*so->so_proto->pr_usrreqs->pr_ioctl)(so, cmd, data, NULL); + KERNEL_UNLOCK_ONE(NULL); } - KERNEL_UNLOCK_ONE(NULL); break; } diff --git a/sys/net/if.c b/sys/net/if.c index b4f0bf76b70..d37a316f60f 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -2765,6 +2765,11 @@ ifioctl_common(struct ifnet *ifp, u_long cmd, void *data) return 0; case SIOCSIFFLAGS: ifr = data; + /* + * If if_is_mpsafe(ifp), KERNEL_LOCK isn't held here, but if_up + * and if_down aren't MP-safe yet, so we must hold the lock. + */ + KERNEL_LOCK_IF_IFP_MPSAFE(ifp); if (ifp->if_flags & IFF_UP && (ifr->ifr_flags & IFF_UP) == 0) { s = splsoftnet(); if_down(ifp); @@ -2775,6 +2780,7 @@ ifioctl_common(struct ifnet *ifp, u_long cmd, void *data) if_up(ifp); splx(s); } + KERNEL_UNLOCK_IF_IFP_MPSAFE(ifp); ifp->if_flags = (ifp->if_flags & IFF_CANTCHANGE) | (ifr->ifr_flags &~ IFF_CANTCHANGE); break; @@ -2846,8 +2852,10 @@ ifioctl_common(struct ifnet *ifp, u_long cmd, void *data) * If the link MTU changed, do network layer specific procedure. */ #ifdef INET6 + KERNEL_LOCK_UNLESS_NET_MPSAFE(); if (in6_present) nd6_setmtu(ifp); + KERNEL_UNLOCK_UNLESS_NET_MPSAFE(); #endif return ENETRESET; default: @@ -2991,11 +2999,13 @@ doifioctl(struct socket *so, u_long cmd, void *data, struct lwp *l) return error; } } + KERNEL_LOCK_UNLESS_NET_MPSAFE(); mutex_enter(&if_clone_mtx); r = (cmd == SIOCIFCREATE) ? if_clone_create(ifr->ifr_name) : if_clone_destroy(ifr->ifr_name); mutex_exit(&if_clone_mtx); + KERNEL_UNLOCK_UNLESS_NET_MPSAFE(); curlwp_bindx(bound); return r; @@ -3053,6 +3063,7 @@ doifioctl(struct socket *so, u_long cmd, void *data, struct lwp *l) oif_flags = ifp->if_flags; + KERNEL_LOCK_UNLESS_IFP_MPSAFE(ifp); mutex_enter(ifp->if_ioctl_lock); error = (*ifp->if_ioctl)(ifp, cmd, data); @@ -3083,6 +3094,7 @@ doifioctl(struct socket *so, u_long cmd, void *data, struct lwp *l) #endif mutex_exit(ifp->if_ioctl_lock); + KERNEL_UNLOCK_UNLESS_IFP_MPSAFE(ifp); out: if_put(ifp, &psref); curlwp_bindx(bound); diff --git a/sys/net/if.h b/sys/net/if.h index 8d2190c0ac6..0b0d2f54cbc 100644 --- a/sys/net/if.h +++ b/sys/net/if.h @@ -441,6 +441,16 @@ if_is_link_state_changeable(struct ifnet *ifp) return ((ifp->if_extflags & IFEF_NO_LINK_STATE_CHANGE) == 0); } +#define KERNEL_LOCK_IF_IFP_MPSAFE(ifp) \ + do { if (if_is_mpsafe(ifp)) { KERNEL_LOCK(1, NULL); } } while (0) +#define KERNEL_UNLOCK_IF_IFP_MPSAFE(ifp) \ + do { if (if_is_mpsafe(ifp)) { KERNEL_UNLOCK_ONE(NULL); } } while (0) + +#define KERNEL_LOCK_UNLESS_IFP_MPSAFE(ifp) \ + do { if (!if_is_mpsafe(ifp)) { KERNEL_LOCK(1, NULL); } } while (0) +#define KERNEL_UNLOCK_UNLESS_IFP_MPSAFE(ifp) \ + do { if (!if_is_mpsafe(ifp)) { KERNEL_UNLOCK_ONE(NULL); } } while (0) + #ifdef _KERNEL_OPT #include "opt_net_mpsafe.h" #endif diff --git a/sys/net/if_media.c b/sys/net/if_media.c index 5b5718de069..385a40b60c8 100644 --- a/sys/net/if_media.c +++ b/sys/net/if_media.c @@ -225,8 +225,8 @@ ifmedia_set(struct ifmedia *ifm, int target) /* * Device-independent media ioctl support function. */ -int -ifmedia_ioctl(struct ifnet *ifp, struct ifreq *ifr, struct ifmedia *ifm, +static int +_ifmedia_ioctl(struct ifnet *ifp, struct ifreq *ifr, struct ifmedia *ifm, u_long cmd) { struct ifmedia_entry *match; @@ -360,6 +360,22 @@ ifmedia_ioctl(struct ifnet *ifp, struct ifreq *ifr, struct ifmedia *ifm, return error; } +int +ifmedia_ioctl(struct ifnet *ifp, struct ifreq *ifr, struct ifmedia *ifm, + u_long cmd) +{ + int e; + + /* + * If if_is_mpsafe(ifp), KERNEL_LOCK isn't held here, but _ifmedia_ioctl + * isn't MP-safe yet, so we must hold the lock. + */ + KERNEL_LOCK_IF_IFP_MPSAFE(ifp); + e = _ifmedia_ioctl(ifp, ifr, ifm, cmd); + KERNEL_UNLOCK_IF_IFP_MPSAFE(ifp); + return e; +} + /* * Find media entry matching a given ifm word. */ diff --git a/sys/net/if_vlan.c b/sys/net/if_vlan.c index bb68304c0f6..299ff117e7b 100644 --- a/sys/net/if_vlan.c +++ b/sys/net/if_vlan.c @@ -245,6 +245,16 @@ struct if_clone vlan_cloner = /* Used to pad ethernet frames with < ETHER_MIN_LEN bytes */ static char vlan_zero_pad_buff[ETHER_MIN_LEN]; +static inline int +vlan_safe_ifpromisc(struct ifnet *ifp, int pswitch) +{ + int e; + KERNEL_LOCK_UNLESS_NET_MPSAFE(); + e = ifpromisc(ifp, pswitch); + KERNEL_UNLOCK_UNLESS_NET_MPSAFE(); + return e; +} + void vlanattach(int n) { @@ -611,13 +621,15 @@ vlan_unconfig_locked(struct ifvlan *ifv, struct ifvlan_linkmib *nmib) kmem_free(omib, sizeof(*omib)); #ifdef INET6 + KERNEL_LOCK_UNLESS_NET_MPSAFE(); /* To delete v6 link local addresses */ if (in6_present) in6_ifdetach(ifp); + KERNEL_UNLOCK_UNLESS_NET_MPSAFE(); #endif if ((ifp->if_flags & IFF_PROMISC) != 0) - ifpromisc(ifp, 0); + vlan_safe_ifpromisc(ifp, 0); if_down(ifp); ifp->if_flags &= ~(IFF_UP|IFF_RUNNING); ifp->if_capabilities = 0; @@ -833,13 +845,13 @@ vlan_set_promisc(struct ifnet *ifp) if ((ifp->if_flags & IFF_PROMISC) != 0) { if ((ifv->ifv_flags & IFVF_PROMISC) == 0) { - error = ifpromisc(mib->ifvm_p, 1); + error = vlan_safe_ifpromisc(mib->ifvm_p, 1); if (error == 0) ifv->ifv_flags |= IFVF_PROMISC; } } else { if ((ifv->ifv_flags & IFVF_PROMISC) != 0) { - error = ifpromisc(mib->ifvm_p, 0); + error = vlan_safe_ifpromisc(mib->ifvm_p, 0); if (error == 0) ifv->ifv_flags &= ~IFVF_PROMISC; } @@ -916,7 +928,7 @@ vlan_ioctl(struct ifnet *ifp, u_long cmd, void *data) if (mib->ifvm_p != NULL && (ifp->if_flags & IFF_PROMISC) != 0) - error = ifpromisc(mib->ifvm_p, 0); + error = vlan_safe_ifpromisc(mib->ifvm_p, 0); vlan_putref_linkmib(mib, &psref); curlwp_bindx(bound); @@ -1113,7 +1125,10 @@ vlan_ether_addmulti(struct ifvlan *ifv, struct ifreq *ifr) LIST_INSERT_HEAD(&ifv->ifv_mc_listhead, mc, mc_entries); mib = ifv->ifv_mib; + + KERNEL_LOCK_UNLESS_IFP_MPSAFE(mib->ifvm_p); error = if_mcast_op(mib->ifvm_p, SIOCADDMULTI, sa); + KERNEL_UNLOCK_UNLESS_IFP_MPSAFE(mib->ifvm_p); if (error != 0) goto ioctl_failed;