enc: create an interface at SI_SUB_PROTO_IF stage

Creation of enc0 before SI_SUB_PROTO_MC mangles the MLD list as well as
encounters IGMP mutex not initialized yet.

Reported & tested by:	mjg

NB: the enc(4) is not a true interface indeed.  In a perfect world the
module shall not create a cloner, shall not enter if_attach(), shall not
trigger ifnet_arrival_event, neither shall have any protocol attached to
it. The enc0 exists for two purposes: 1) create a bpf(9) tap; 2) to allow
injection packets in the middle of ipsec(4) processing temporarily
rewriting m_pkthdr.rcvif to point at enc0.  While the problem 1 is already
solved with a recent divorce between bpf(9) and ifnet(9), the problem 2 is
harder to solve without breaking packet filter rules that use "via enc0".
This commit is contained in:
Gleb Smirnoff
2026-01-09 15:31:11 -08:00
parent c1376acb8a
commit e8348e2b35
+1 -1
View File
@@ -387,7 +387,7 @@ vnet_enc_init(const void *unused __unused)
ifc_create_ifp(encname, &ifd, &ifp);
V_enc_sc = ifp->if_softc;
}
VNET_SYSINIT(vnet_enc_init, SI_SUB_PSEUDO, SI_ORDER_ANY,
VNET_SYSINIT(vnet_enc_init, SI_SUB_PROTO_IF, SI_ORDER_ANY,
vnet_enc_init, NULL);
static void