Bug 222512

Summary: [netgraph] ng_con_nodes calls ng_findhook() on unprotected node2
Product: Base System Reporter: Andriy Gapon <avg>
Component: kernAssignee: Eugene Grosbein <eugen>
Status: Open ---    
Severity: Affects Only Me CC: eugen, mav
Priority: ---    
Version: CURRENT   
Hardware: Any   
OS: Any   

Description Andriy Gapon freebsd_committer 2017-09-22 09:01:44 UTC
ng_con_nodes() receives two nodes are parameters, 'node' is referenced and locked while 'node2' is just referenced.  Calling ng_findhook(node2) is racy with any hook modifications of node2.

The call should be removed as the check is also done, and with correct locking, in ng_con_part2().  It's just a little bit too noisy right now.