Date: Sun, 7 May 2017 14:33:58 +0000 (UTC) From: Kristof Provost <kp@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r317907 - head/sys/netpfil/pf Message-ID: <201705071433.v47EXwtT080884@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kp Date: Sun May 7 14:33:58 2017 New Revision: 317907 URL: https://svnweb.freebsd.org/changeset/base/317907 Log: pf: Fix vnet initialisation When running the vnet init code (pf_load_vnet()) we used to iterate over all vnets, marking them as unhooked. This is incorrect and leads to panics if pf is unloaded, as the unload code does not unregister the pfil hooks (because the vnet is marked as unhooked). There's no need or reason to touch other vnets during initialisation. Their pf_load_vnet() function will be triggered, which handles all required initialisation. Reviewed by: zec, gnn Differential Revision: https://reviews.freebsd.org/D10592 Modified: head/sys/netpfil/pf/pf_ioctl.c Modified: head/sys/netpfil/pf/pf_ioctl.c ============================================================================== --- head/sys/netpfil/pf/pf_ioctl.c Sun May 7 12:12:45 2017 (r317906) +++ head/sys/netpfil/pf/pf_ioctl.c Sun May 7 14:33:58 2017 (r317907) @@ -3712,17 +3712,8 @@ dehook_pf(void) static void pf_load_vnet(void) { - VNET_ITERATOR_DECL(vnet_iter); - - VNET_LIST_RLOCK(); - VNET_FOREACH(vnet_iter) { - CURVNET_SET(vnet_iter); - V_pf_pfil_hooked = 0; - TAILQ_INIT(&V_pf_tags); - TAILQ_INIT(&V_pf_qids); - CURVNET_RESTORE(); - } - VNET_LIST_RUNLOCK(); + TAILQ_INIT(&V_pf_tags); + TAILQ_INIT(&V_pf_qids); pfattach_vnet(); V_pf_vnet_active = 1;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201705071433.v47EXwtT080884>