From owner-svn-src-projects@FreeBSD.ORG Thu Jun 7 15:57:31 2012
Return-Path: <owner-svn-src-projects@FreeBSD.ORG>
Delivered-To: svn-src-projects@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
by hub.freebsd.org (Postfix) with ESMTP id 6336E106566C;
Thu, 7 Jun 2012 15:57:31 +0000 (UTC)
(envelope-from glebius@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c])
by mx1.freebsd.org (Postfix) with ESMTP id 4F5568FC0A;
Thu, 7 Jun 2012 15:57:31 +0000 (UTC)
Received: from svn.freebsd.org (localhost [127.0.0.1])
by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q57FvVLv097440;
Thu, 7 Jun 2012 15:57:31 GMT (envelope-from glebius@svn.freebsd.org)
Received: (from glebius@localhost)
by svn.freebsd.org (8.14.4/8.14.4/Submit) id q57FvVUD097438;
Thu, 7 Jun 2012 15:57:31 GMT (envelope-from glebius@svn.freebsd.org)
Message-Id: <201206071557.q57FvVUD097438@svn.freebsd.org>
From: Gleb Smirnoff <glebius@FreeBSD.org>
Date: Thu, 7 Jun 2012 15:57:31 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-projects@freebsd.org
X-SVN-Group: projects
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Cc:
Subject: svn commit: r236718 - projects/pf/head/sys/contrib/pf/net
X-BeenThere: svn-src-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "SVN commit messages for the src " projects"
tree" <svn-src-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-projects>,
<mailto:svn-src-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-projects>
List-Post: <mailto:svn-src-projects@freebsd.org>
List-Help: <mailto:svn-src-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-projects>,
<mailto:svn-src-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Jun 2012 15:57:31 -0000
Author: glebius
Date: Thu Jun 7 15:57:30 2012
New Revision: 236718
URL: http://svn.freebsd.org/changeset/base/236718
Log:
o Close a race on state unlink. Although a state is already removed
from the id hash, it still can be located via key hash. To avoid
this, check for the PFTM_UNLINKED value in the pf_find_state().
o Call into pfsync_delete_state() after state had been removed
from both hashes.
Modified:
projects/pf/head/sys/contrib/pf/net/pf.c
Modified: projects/pf/head/sys/contrib/pf/net/pf.c
==============================================================================
--- projects/pf/head/sys/contrib/pf/net/pf.c Thu Jun 7 15:54:52 2012 (r236717)
+++ projects/pf/head/sys/contrib/pf/net/pf.c Thu Jun 7 15:57:30 2012 (r236718)
@@ -1183,6 +1183,15 @@ pf_find_state(struct pfi_kif *kif, struc
if (s->kif == V_pfi_all || s->kif == kif) {
PF_STATE_LOCK(s);
PF_HASHROW_UNLOCK(kh);
+ if (s->timeout == PFTM_UNLINKED) {
+ /*
+ * State is being processed
+ * by pf_unlink_state() in
+ * an other thread.
+ */
+ PF_STATE_UNLOCK(s);
+ return (NULL);
+ }
return (s);
}
PF_HASHROW_UNLOCK(kh);
@@ -1464,8 +1473,6 @@ pf_unlink_state(struct pf_state *s, u_in
if (export_pflow_ptr != NULL)
export_pflow_ptr(s);
#endif
- if (pfsync_delete_state_ptr != NULL)
- pfsync_delete_state_ptr(s);
s->timeout = PFTM_UNLINKED;
pf_src_tree_remove_state(s);
PF_HASHROW_UNLOCK(ih);
@@ -1473,6 +1480,9 @@ pf_unlink_state(struct pf_state *s, u_in
pf_detach_state(s);
refcount_release(&s->refs);
+ if (pfsync_delete_state_ptr != NULL)
+ pfsync_delete_state_ptr(s);
+
return (pf_release_state(s));
}