CVS commit: [netbsd-8] src/sys/net

["Martin Husemann" <martin%netbsd.org@localhost>]

Module Name:    src
Committed By:   martin
Date:           Wed Aug 15 12:07:30 UTC 2018

Modified Files:
        src/sys/net [netbsd-8]: if_tun.c

Log Message:
Pull up following revision(s) (requested by ozaki-r in ticket #974):

        sys/net/if_tun.c: revision 1.145
        sys/net/if_tun.c: revision 1.146

tun: fix locking against myself

filt_tunread is called with tun_lock held from tun_output (via tun_output =>
selnotify => knote), so we must not take tun_lock in filt_tunread.  The bug
is triggered only if a tun is used through kqueue.

Found by k-goda@IIJ

Fix tun(4) kevent locking

filt_tunread gets called in two contexts:
- by calls to selnotify in if_tun.c (or knote, as the case may be,
  but not here), in which case tp->tun_lock is held; and
- by internal logic in kevent, in which tp->tun_lock is not held.

The standard convention to discriminate between these two cases is by
setting the kernel-only NOTE_SUBMIT bit in the hint to selnotify or
knote; then in filt_*:

        if (hint & NOTE_SUBMIT)
                KASSERT(mutex_owned(&tp->tun_lock));
        else
                mutex_enter(&tp->tun_lock);
        ...
        if (hint & NOTE_SUBMIT)
                KASSERT(mutex_owned(&tp->tun_lock));
        else
                mutex_exit(&tp->tun_lock);

Pointed out by and patch from riastradh@
Tested by ozaki-r@ (only the former path)


To generate a diff of this commit:
cvs rdiff -u -r1.139.2.3 -r1.139.2.4 src/sys/net/if_tun.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.