git: 006fadf8347b - stable/12 - pf: do not copy anchor_wildcard / anchor_relative from userspace
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 22 Oct 2021 12:32:47 UTC
The branch stable/12 has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=006fadf8347bd640b8e4c07288bb744350c56609 commit 006fadf8347bd640b8e4c07288bb744350c56609 Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2021-10-08 13:13:21 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2021-10-22 07:34:18 +0000 pf: do not copy anchor_wildcard / anchor_relative from userspace We overwrite these fields again in pf_kanchor_setup() anyway. MFC after: 2 weeks Sponsored by: Rubicon Communications, LLC ("Netgate") (cherry picked from commit 1c680e620bf7e53d043d10b23bdfc980e45e6455) --- sys/netpfil/pf/pf_ioctl.c | 2 -- sys/netpfil/pf/pf_nv.c | 2 -- 2 files changed, 4 deletions(-) diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index bbafaed0c1b0..ff7e4d4235a6 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -1792,8 +1792,6 @@ pf_rule_to_krule(const struct pf_rule *rule, struct pf_krule *krule) krule->return_ttl = rule->return_ttl; krule->tos = rule->tos; krule->set_tos = rule->set_tos; - krule->anchor_relative = rule->anchor_relative; - krule->anchor_wildcard = rule->anchor_wildcard; krule->flush = rule->flush; krule->prio = rule->prio; diff --git a/sys/netpfil/pf/pf_nv.c b/sys/netpfil/pf/pf_nv.c index 5eda6b3917f4..d53c6fe4b84e 100644 --- a/sys/netpfil/pf/pf_nv.c +++ b/sys/netpfil/pf/pf_nv.c @@ -603,8 +603,6 @@ pf_nvrule_to_krule(const nvlist_t *nvl, struct pf_krule *rule) PFNV_CHK(pf_nvuint8(nvl, "return_ttl", &rule->return_ttl)); PFNV_CHK(pf_nvuint8(nvl, "tos", &rule->tos)); PFNV_CHK(pf_nvuint8(nvl, "set_tos", &rule->set_tos)); - PFNV_CHK(pf_nvuint8(nvl, "anchor_relative", &rule->anchor_relative)); - PFNV_CHK(pf_nvuint8(nvl, "anchor_wildcard", &rule->anchor_wildcard)); PFNV_CHK(pf_nvuint8(nvl, "flush", &rule->flush)); PFNV_CHK(pf_nvuint8(nvl, "prio", &rule->prio));