The following reply was made to PR kern/144874; it has been noted by GNATS.

From: Gleb Kurtsou <gleb.kurt...@gmail.com>
To: bug-follo...@freebsd.org, jacobmd...@comcast.net
Cc:  
Subject: Re: kern/144874: [if_bridge] [patch] if_bridge frees mbuf after
 pfil hooks returns non-zero
Date: Sat, 20 Mar 2010 03:50:04 +0200

 [...]
 > Create a simple pfil hook and install it with pfil_add_hook(PFIL_IN).
 > The hook should drop (some) packets by returning a non-zero value. The
 > hook should free the mbuf on dropped packets by calling m_freem(*mp).
 > The filter should _not_ modify the mbuf pointer (mp). Install a
                   ^^^^^^^^^ documentation is wrong here.
 As far as I can see all firewalls in the tree zero mp after free,
 something like:
        if (chk && *m) {
                m_freem(*m);
                *m = NULL;
        }
 
 Correct fix would be to update documentation and add KASSERT to
 pfil_run_hooks checking *mp == 0 if hook returned non-zero result.
 
 > if_bridge on the system, and pass traffic through the bridge, such
 > that at least one packet gets dropped by the pfil hook. At some point
 > shortly after that the system will panic. The panic is usually occurs
 > in sbflush_internal(), though there are other ways that the corruption
 > can manifest.
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"

Reply via email to