netbsd-bugs: kern/3189: bpfattach can hang the system

Subject: kern/3189: bpfattach can hang the system
To: None <gnats-bugs@gnats.netbsd.org>
From: None <Jean-Luc.Richier@imag.fr>
List: netbsd-bugs
Date: 02/05/1997 14:18:01

>Number:         3189
>Category:       kern
>Synopsis:       bpfattach can hang the system
>Confidential:   yes
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people (Kernel Bug People)
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Wed Feb  5 05:35:01 1997
>Last-Modified:
>Originator:     Jean-Luc Richier
>Organization:
	
>Release:        1.2
>Environment:
System: NetBSD ganesha.imag.fr 1.2 NetBSD 1.2 (GANESHAv6-multihomed) #3: Wed Feb 5 11:29:38 MET 1997 root@ganesha.imag.fr:/usr/src/sys/arch/sparc/compile/GANESHAv6-multihomed sparc


>Description:
While working on the IPv6 extensions for NetBSD and FreeBSD,
I discovered a problem with bpfattach behaviour. 
If one tries to make extensions to NetBSD, this behaviour raise problems.
Therefore I suggest corrections to the base distribution code.

If the ifattach function is called while a bpf filter is open, the system
hangs 

>How-To-Repeat:
  - Make a modfication in the system which allows to configure a new driver at
    any time (In my case, it is a dynamic modification of the number of IPv6
    tunnel drivers)
  - open bpf filters, for example run ``rarpd -a''
  - configure a new driver
  - some seconds later, the system will hang

>Fix:
############### DIFF suggested for NETBSD 1.2 ##############
*** sys/net/bpf.c.DIST	Tue May  7 07:26:02 1996
--- sys/net/bpf.c	Tue Feb  4 20:26:00 1997
***************
*** 1260,1265 ****
--- 1260,1266 ----
  {
  	struct bpf_if *bp;
  	int i;
+ 	static int already = 0;
  #if BSD < 199103
  	static struct bpf_if bpf_ifs[NBPFILTER];
  	static int bpfifno;
***************
*** 1292,1300 ****
  	/*
  	 * Mark all the descriptors free if this hasn't been done.
  	 */
! 	if (!D_ISFREE(&bpf_dtab[0]))
  		for (i = 0; i < NBPFILTER; ++i)
  			D_MARKFREE(&bpf_dtab[i]);
  
  #if 0
  	printf("bpf: %s attached\n", ifp->if_xname);
--- 1293,1303 ----
  	/*
  	 * Mark all the descriptors free if this hasn't been done.
  	 */
! 	if(!already) {
! 		already = 1;
  		for (i = 0; i < NBPFILTER; ++i)
  			D_MARKFREE(&bpf_dtab[i]);
+ 	}
  
  #if 0
  	printf("bpf: %s attached\n", ifp->if_xname);
>Audit-Trail:
>Unformatted: