git: ff76ec3e9b28 - main - pf: be more robust against interface name conflicts
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 20 Apr 2026 14:24:14 UTC
The branch main has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=ff76ec3e9b287df9378f09ce29eca668162903f4
commit ff76ec3e9b287df9378f09ce29eca668162903f4
Author: Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2026-04-20 09:22:13 +0000
Commit: Kristof Provost <kp@FreeBSD.org>
CommitDate: 2026-04-20 12:50:40 +0000
pf: be more robust against interface name conflicts
pf assumes that interface names are unique (and share a namespace with
interface group names).
Unfortunately the FreeBSD network stack has a few edge cases where this
assumption can be violated. Try to be more robust against this: rather
than changing the association between a kif and ifp just ignore the next
interface with the same name.
Sponsored by: Rubicon Communications, LLC ("Netgate")
---
sys/netpfil/pf/pf_if.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/sys/netpfil/pf/pf_if.c b/sys/netpfil/pf/pf_if.c
index 5288de3d78a0..507879004b17 100644
--- a/sys/netpfil/pf/pf_if.c
+++ b/sys/netpfil/pf/pf_if.c
@@ -498,8 +498,15 @@ pfi_attach_ifnet(struct ifnet *ifp, struct pfi_kkif *kif)
V_pfi_update++;
kif = pfi_kkif_attach(kif, ifp->if_xname);
+ if (kif->pfik_ifp != NULL && kif->pfik_ifp != ifp) {
+ /* Try to not panic later. */
+ printf("WARNING: pf: duplicate interface name detected: %s\n",
+ if_name(ifp));
+ return;
+ }
if_ref(ifp);
kif->pfik_ifp = ifp;
+ MPASS(ifp->if_pf_kif == NULL);
ifp->if_pf_kif = kif;
pfi_kkif_update(kif);
}