[src/trunk]: src/sys/net Prevent if_detach() from crashing while it walks the...

[dyoung <dyoung%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/9cb30d3eec5d
branches:  trunk
changeset: 755359:9cb30d3eec5d
user:      dyoung <dyoung%NetBSD.org@localhost>
date:      Wed Jun 02 23:41:14 2010 +0000

description:
Prevent if_detach() from crashing while it walks the routing table
to find and unlink routes that reference the detached ifnet: make
if_rt_walktree() return ERESTART whenever it has deleted a route.
Whenever rt_walktree() returns ERESTART, if_detach() restarts it.

I believe that this fix resembles one by Jonathan Kollasch or by someone
else, which has languished in a PR for too long.  Sorry!

Tested by me and by Jeff Rizzo.

XXX It's supposed to be safe for rn_walktree() to apply to the routing
XXX table a routine that may delete routes.  Why isn't it safe in
XXX practice?

diffstat:

 sys/net/if.c |  12 +++++++-----
 1 files changed, 7 insertions(+), 5 deletions(-)

diffs (40 lines):

diff -r 96c06ae0106f -r 9cb30d3eec5d sys/net/if.c
--- a/sys/net/if.c      Wed Jun 02 19:47:34 2010 +0000
+++ b/sys/net/if.c      Wed Jun 02 23:41:14 2010 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: if.c,v 1.242 2010/01/28 14:12:11 mbalmer Exp $ */
+/*     $NetBSD: if.c,v 1.243 2010/06/02 23:41:14 dyoung Exp $  */
 
 /*-
  * Copyright (c) 1999, 2000, 2001, 2008 The NetBSD Foundation, Inc.
@@ -90,7 +90,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.242 2010/01/28 14:12:11 mbalmer Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.243 2010/06/02 23:41:14 dyoung Exp $");
 
 #include "opt_inet.h"
 
@@ -792,8 +792,10 @@
        if_free_sadl(ifp);
 
        /* Walk the routing table looking for stragglers. */
-       for (i = 0; i <= AF_MAX; i++)
-               (void)rt_walktree(i, if_rt_walktree, ifp);
+       for (i = 0; i <= AF_MAX; i++) {
+               while (rt_walktree(i, if_rt_walktree, ifp) == ERESTART)
+                       ;
+       }
 
        DOMAIN_FOREACH(dp) {
                if (dp->dom_ifdetach != NULL && ifp->if_afdata[dp->dom_family])
@@ -904,7 +906,7 @@
        if (error != 0)
                printf("%s: warning: unable to delete rtentry @ %p, "
                    "error = %d\n", ifp->if_xname, rt, error);
-       return 0;
+       return ERESTART;
 }
 
 /*