tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]


On Fri, May 11, 2018 at 6:41 PM Ryota Ozaki <> wrote:

> On Fri, May 11, 2018 at 3:53 PM Michael van Elst <>

> > A traditional ethernet driver receives input via an interrupt routine
> > and passes packets to ether_input(). The data is protected by disabling
> > the receive interrupt.

> > In multiprocessor land, the same is achieved by also acquiring the
> > big kernel lock.

> > Current code however queues incoming packets in a percpuq and passes
> > things through a softint tagged as MPSAFE. The softint handler is
> > ether_input without holding the kernel lock.

> > There is another unprotected path in bpf_write calling into the
> > _if_input vector directly without locking (bpf device is tagged MPSAFE)
> > and without disabling interrupts.

> > Did I miss something?

> You're right.

> Not holding KERNEL_LOCK in ether_input can be problematic if we use
> CARP and/or AGR (and NETATALK) that are not MP-safe. Also calling
> _if_ipnput without splsoftnet from bpf_write is problematic as you said.

> The following patch should fix the issue:

I committed the patch with the same fix for ether_input from bridge_output.


Home | Main Index | Thread Index | Old Index