Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 7 Apr 2014 07:06:13 +0000 (UTC)
From:      Martin Matuska <mm@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r264220 - head/sys/netpfil/pf
Message-ID:  <201404070706.s3776D05087034@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: mm
Date: Mon Apr  7 07:06:13 2014
New Revision: 264220
URL: http://svnweb.freebsd.org/changeset/base/264220

Log:
  Merge from projects/pf r264198:
  Execute pf_overload_task() in vnet context. Fixes a vnet kernel panic.
  
  Reviewed by:	trociny
  MFC after:	1 week

Modified:
  head/sys/netpfil/pf/pf.c
Directory Properties:
  head/sys/   (props changed)

Modified: head/sys/netpfil/pf/pf.c
==============================================================================
--- head/sys/netpfil/pf/pf.c	Mon Apr  7 05:33:30 2014	(r264219)
+++ head/sys/netpfil/pf/pf.c	Mon Apr  7 07:06:13 2014	(r264220)
@@ -284,7 +284,7 @@ static int		 pf_addr_wrap_neq(struct pf_
 static struct pf_state	*pf_find_state(struct pfi_kif *,
 			    struct pf_state_key_cmp *, u_int);
 static int		 pf_src_connlimit(struct pf_state **);
-static void		 pf_overload_task(void *c, int pending);
+static void		 pf_overload_task(void *v, int pending);
 static int		 pf_insert_src_node(struct pf_src_node **,
 			    struct pf_rule *, struct pf_addr *, sa_family_t);
 static u_int		 pf_purge_expired_states(u_int, int);
@@ -516,16 +516,18 @@ pf_src_connlimit(struct pf_state **state
 }
 
 static void
-pf_overload_task(void *c, int pending)
+pf_overload_task(void *v, int pending)
 {
 	struct pf_overload_head queue;
 	struct pfr_addr p;
 	struct pf_overload_entry *pfoe, *pfoe1;
 	uint32_t killed = 0;
 
+	CURVNET_SET((struct vnet *)v);
+
 	PF_OVERLOADQ_LOCK();
-	queue = *(struct pf_overload_head *)c;
-	SLIST_INIT((struct pf_overload_head *)c);
+	queue = V_pf_overloadqueue;
+	SLIST_INIT(&V_pf_overloadqueue);
 	PF_OVERLOADQ_UNLOCK();
 
 	bzero(&p, sizeof(p));
@@ -569,8 +571,10 @@ pf_overload_task(void *c, int pending)
 			V_pf_status.lcounters[LCNT_OVERLOAD_FLUSH]++;
 
 	/* If nothing to flush, return. */
-	if (SLIST_EMPTY(&queue))
+	if (SLIST_EMPTY(&queue)) {
+		CURVNET_RESTORE();
 		return;
+	}
 
 	for (int i = 0; i <= pf_hashmask; i++) {
 		struct pf_idhash *ih = &V_pf_idhash[i];
@@ -599,6 +603,8 @@ pf_overload_task(void *c, int pending)
 		free(pfoe, M_PFTEMP);
 	if (V_pf_status.debug >= PF_DEBUG_MISC)
 		printf("%s: %u states killed", __func__, killed);
+
+	CURVNET_RESTORE();
 }
 
 /*
@@ -795,7 +801,7 @@ pf_initialize()
 	/* Send & overload+flush queues. */
 	STAILQ_INIT(&V_pf_sendqueue);
 	SLIST_INIT(&V_pf_overloadqueue);
-	TASK_INIT(&V_pf_overloadtask, 0, pf_overload_task, &V_pf_overloadqueue);
+	TASK_INIT(&V_pf_overloadtask, 0, pf_overload_task, curvnet);
 	mtx_init(&pf_sendqueue_mtx, "pf send queue", NULL, MTX_DEF);
 	mtx_init(&pf_overloadqueue_mtx, "pf overload/flush queue", NULL,
 	    MTX_DEF);



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201404070706.s3776D05087034>