RFC: bsd_tcp patch on in.c

RFC: bsd_tcp patch on in.c

[Lambrecht Jürgen]

Hello,

The patch below we already use since 2006.
We had problems with the TCP/IP stack directly after booting because it 
already received packets before being initialized completely.
Here our CVS log:

move
     splx(s);
from line 682 to line 739
so that tcp/ip stack has started up before the ethernet driver is released
(else the not-ready stack will already receive packets)

Do you agree this is a valid patch?
--------------------------------------------------------------------------------

Index: net/bsd_tcpip/current/src/sys/netinet/in.c
===================================================================
RCS file: /cvs/ecos/ecos-opt/net/net/bsd_tcpip/current/src/sys/netinet/in.c,v
retrieving revision 1.4
diff -u -5 -p -r1.4 in.c
--- net/bsd_tcpip/current/src/sys/netinet/in.c  29 Jan 2009 17:49:56 -0000      1.4
+++ net/bsd_tcpip/current/src/sys/netinet/in.c  27 Jun 2013 11:03:38 -0000
@@ -675,11 +675,10 @@ in_ifinit(ifp, ia, sin, scrub)
             (error = (*ifp->if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia))) {
                 splx(s);
                 ia->ia_addr = oldaddr;
                 return (error);
         }
-       splx(s);
         if (scrub) {
                 ia->ia_ifa.ifa_addr = (struct sockaddr *)&oldaddr;
                 in_ifscrub(ifp, ia);
                 ia->ia_ifa.ifa_addr = (struct sockaddr *)&ia->ia_addr;
         }
@@ -733,10 +732,11 @@ in_ifinit(ifp, ia, sin, scrub)
                 struct in_addr addr;

                 addr.s_addr = htonl(INADDR_ALLHOSTS_GROUP);
                 in_addmulti(&addr, ifp);
         }
+       splx(s);
         return (error);
  }


  /*
--------------------------------------------------------------------------------
Kind regards,
Jürgen

-- 
Jürgen Lambrecht
R&D Associate
Mobile: +32 499 644 531
Tel: +32 (0)51 303045    Fax: +32 (0)51 310670
http://www.televic-rail.com
Televic Rail NV - Leo Bekaertlaan 1 - 8870 Izegem - Belgium
Company number 0825.539.581 - RPR Kortrijk

RE: RFC: bsd_tcp patch on in.c

[Bernd Edlinger]

Hi Jürgen,


> The patch below we already use since 2006.
> We had problems with the TCP/IP stack directly after booting because it
> already received packets before being initialized completely.
> Here our CVS log:
>
> move
> splx(s);
> from line 682 to line 739
> so that tcp/ip stack has started up before the ethernet driver is released
> (else the not-ready stack will already receive packets)
>
> Do you agree this is a valid patch?

that is hard to tell - probably it is not necessary to lock anything here,
especially because the in_control() does many things
with the  in_ifaddrhead list, without any lock. It just locks when it
adds/removes entries from that list, which is really the bare minimum.


I had similar problems however: an ICMP packet arriving while there
was zero interface addresses registered. => NULL pointer access in sys/netinet/ip_icmp.c
see the hunk at ip_icmp.c, lines 651-656. This means that the packet may
arrive well before in_ifinit is called. Even before line 293 of in.c enters the address to the list:
this place is locked with splnet however.


That null pointer access became only apparent after I changed the MMU to exclude page zero,
because usually the arm processor would silently allow read accesses to the ISR table.


See my patch at  http://bugs.ecos.sourceware.org/show_bug.cgi?id=1001649 for details
on  "MMU: added Access Protection against NULL-Pointer accesses".
Before I had invented that patch it was really hard to find such hideous bugs.


Regards
Bernd Edlinger