The following reply was made to PR kern/144874; it has been noted by GNATS.
From: Gleb Kurtsou <gleb.kurt...@gmail.com> To: bug-follo...@freebsd.org, jacobmd...@comcast.net Cc: Subject: Re: kern/144874: [if_bridge] [patch] if_bridge frees mbuf after pfil hooks returns non-zero Date: Sat, 20 Mar 2010 03:50:04 +0200 [...] > Create a simple pfil hook and install it with pfil_add_hook(PFIL_IN). > The hook should drop (some) packets by returning a non-zero value. The > hook should free the mbuf on dropped packets by calling m_freem(*mp). > The filter should _not_ modify the mbuf pointer (mp). Install a ^^^^^^^^^ documentation is wrong here. As far as I can see all firewalls in the tree zero mp after free, something like: if (chk && *m) { m_freem(*m); *m = NULL; } Correct fix would be to update documentation and add KASSERT to pfil_run_hooks checking *mp == 0 if hook returned non-zero result. > if_bridge on the system, and pass traffic through the bridge, such > that at least one packet gets dropped by the pfil hook. At some point > shortly after that the system will panic. The panic is usually occurs > in sbflush_internal(), though there are other ways that the corruption > can manifest. _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"