Date: Thu, 6 Dec 2012 08:32:29 +0000 (UTC) From: Gleb Smirnoff <glebius@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r243941 - head/sys/netpfil/pf Message-ID: <201212060832.qB68WT3S099268@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: glebius Date: Thu Dec 6 08:32:28 2012 New Revision: 243941 URL: http://svnweb.freebsd.org/changeset/base/243941 Log: Close possible races between state deletion and sent being sent out from pfsync: - Call into pfsync_delete_state() holding the state lock. - Set the state timeout to PFTM_UNLINKED after state has been moved to the PFSYNC_S_DEL queue in pfsync. Reported by: Ian FREISLICH <ianf cloudseed.co.za> Modified: head/sys/netpfil/pf/pf.c Modified: head/sys/netpfil/pf/pf.c ============================================================================== --- head/sys/netpfil/pf/pf.c Thu Dec 6 08:22:08 2012 (r243940) +++ head/sys/netpfil/pf/pf.c Thu Dec 6 08:32:28 2012 (r243941) @@ -1487,8 +1487,6 @@ pf_unlink_state(struct pf_state *s, u_in return (0); /* XXXGL: undefined actually */ } - s->timeout = PFTM_UNLINKED; - if (s->src.state == PF_TCPS_PROXY_DST) { /* XXX wire key the right one? */ pf_send_tcp(NULL, s->rule.ptr, s->key[PF_SK_WIRE]->af, @@ -1502,11 +1500,14 @@ pf_unlink_state(struct pf_state *s, u_in LIST_REMOVE(s, entry); pf_src_tree_remove_state(s); - PF_HASHROW_UNLOCK(ih); if (pfsync_delete_state_ptr != NULL) pfsync_delete_state_ptr(s); + s->timeout = PFTM_UNLINKED; + + PF_HASHROW_UNLOCK(ih); + pf_detach_state(s); refcount_release(&s->refs);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201212060832.qB68WT3S099268>