The branch stable/13 has been updated by kp:
URL:
https://cgit.FreeBSD.org/src/commit/?id=87246654e350e502a66fa74b731b8db3748cc1e8
commit 87246654e350e502a66fa74b731b8db3748cc1e8
Author: Kristof Provost <k...@freebsd.org>
AuthorDate: 2021-12-02 16:42:56 +0000
Commit: Kristof Provost <k...@freebsd.org>
CommitDate: 2021-12-13 13:49:27 +0000
pfsync: locking fixes
* Ensure we unlock the pfsync lock in pfsync_defer()
* We must hold the bucket lock when calling pfsync_push()
* The pfsync_defer_tmo() callout locks the bucket lock, not the pfsync
lock
Reviewed by: glebius
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D33243
(cherry picked from commit 41c4f1987243cefe81adcc31d5401e7a80a0428c)
---
sys/netpfil/pf/if_pfsync.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/sys/netpfil/pf/if_pfsync.c b/sys/netpfil/pf/if_pfsync.c
index a4f1d43f5ea0..455e1ad09e93 100644
--- a/sys/netpfil/pf/if_pfsync.c
+++ b/sys/netpfil/pf/if_pfsync.c
@@ -1751,12 +1751,17 @@ pfsync_defer(struct pf_kstate *st, struct mbuf *m)
return (0);
}
+ PFSYNC_BUCKET_LOCK(b);
+ PFSYNC_UNLOCK(sc);
+
if (b->b_deferred >= 128)
pfsync_undefer(TAILQ_FIRST(&b->b_deferrals), 0);
pd = malloc(sizeof(*pd), M_PFSYNC, M_NOWAIT);
- if (pd == NULL)
+ if (pd == NULL) {
+ PFSYNC_BUCKET_UNLOCK(b);
return (0);
+ }
b->b_deferred++;
m->m_flags |= M_SKIP_FIREWALL;
@@ -1773,6 +1778,7 @@ pfsync_defer(struct pf_kstate *st, struct mbuf *m)
callout_reset(&pd->pd_tmo, PFSYNC_DEFER_TIMEOUT, pfsync_defer_tmo, pd);
pfsync_push(b);
+ PFSYNC_BUCKET_UNLOCK(b);
return (1);
}
@@ -1821,7 +1827,7 @@ pfsync_defer_tmo(void *arg)
pd->pd_st->state_flags &= ~PFSTATE_ACK; /* XXX: locking! */
if (pd->pd_refs == 0)
free(pd, M_PFSYNC);
- PFSYNC_UNLOCK(sc);
+ PFSYNC_BUCKET_UNLOCK(b);
ip_output(m, NULL, NULL, 0, NULL, NULL);
