kernel/2923: Ethernet drivers "always" calls if_attach() with ifp->if_addrlen == 0

>Number: 2923
>Category: kernel
>Synopsis: Ethernet drivers "always" calls if_attach() with ifp->if_addrlen == 0
>Confidential: no
Astrakan Computer Club, Sweden
net
>Environment:

	System      : OpenBSD 3.1
	Architecture: OpenBSD.i386
	Machine     : i386

>Description:

	Ethernet drivers (the ones that I've looked at) calls if_attach()
	with ifp->if_addrlen == 0. This causes if_attach() to calculate the 
	socksize of the link layer sockaddr based on faulty information and
	the result is 6 bytes too small. ifp->if_addrlen is normally assigned
	in ether_ifattach() which is called by drivers after if_attach()
	
	This is of no harm if the interface name is <= 6 bytes in which case
	the standard 12 bytes of sdl_data is enough but if name is longer
	the link layer address will not fit in.

	Ofcourse this is not a real problem with the current naming scheme
	but it is a design flaw though which should be fixed in the spirit of
	correctness.

>How-To-Repeat:

	Change name of, for example the fxp device, from "fxp" to "coolfxp".
	Check if_addrlen value passed to if_attach(). Also check the result
	from sysctl_iflist(). When printing the address the last byte will
	be bogus, probably the first byte in the name-mask sockaddr.

>Fix:

	The easy fix is to add "ifp->if_addrlen = ETHER_ADDR_LEN;" before
	the if_attach() call in the drivers. 

	However, as the problem really is a design flaw there is probably
	a more beatiful fix for it.

>Release-Note:
Received on Thu Nov 7 15:31:59 2002