From nobody Wed Apr 06 03:04:11 2022 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id C5C0F1A8461E; Wed, 6 Apr 2022 03:04:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4KY8Vg56mrz4dgR; Wed, 6 Apr 2022 03:04:11 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1649214251; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=qMcxvzm8MdB7PU/i9vrfvJlEd7fntI8zBjXjTkAQHwU=; b=T3+a5nxDX/P8t/RUQYXHtc+JsUoK0Kriz55N8YulVl4BhPyCISpX2LxOYXPhR8VlenLd+U 4cy442CEnyYFfykacl1zf2MCvoExrc3lhKYlZ+JH8G5VYvMH90Hx0ppJjVkGpDMt/iubiX HnVa5TA8MbWIHnoB6enMlC0VQHujMsLRPNoaKMOacdDTqhPu47iUS7x8iktluKNq/QusNI rJ6vEe2etcuH/WMg9Hc+SRyuOV/jwruYzv8bOW/jSNw3TlHkuj5nmP6Wbz3sAf6VwS6TdV /8ga4j8Bwf/zg/DBcy77z4xUgMMU/VV5c/VlOOJubF2C5m0zO73Kv+cnlZQrTg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 90EFC13525; Wed, 6 Apr 2022 03:04:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 23634Bx9034688; Wed, 6 Apr 2022 03:04:11 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 23634BEA034687; Wed, 6 Apr 2022 03:04:11 GMT (envelope-from git) Date: Wed, 6 Apr 2022 03:04:11 GMT Message-Id: <202204060304.23634BEA034687@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: 5b789e0c92a7 - releng/13.0 - pf: Initialize the table entry zone limit at initialization time List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/releng/13.0 X-Git-Reftype: branch X-Git-Commit: 5b789e0c92a7c363b36111b1f75519f2acd21f97 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1649214251; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=qMcxvzm8MdB7PU/i9vrfvJlEd7fntI8zBjXjTkAQHwU=; b=ZmltVIL5r6fQenBIacZy6UDxHobtniYUKv21tG2q2ZuBB5DPeAiVjw6Xm0ZOZnI82ZXy6o 6mf3clJ+KQixS95VHO4aQa1pPs/da65+qOy15cPV5RJVRuysmPXfwlCjf7D7LkSatftNM2 EQb9ZkKUWMH6hSbWHD+Rbg8j9VEVpyK6Z6FzVteBvc+hP35y4sonUlF5+uWhnHymD8l9C8 9afb4jAM6GMK5JN6ywg6ZVE1EpJKQqrGyTYFFpzlJcjzlf34sz9OgFI1cs0iZ41ZmsG9o2 2iPc+Xuluhga/429Y9BM2ZQ3gUV8qDtlO93Za1KcrmW4buH3jUqPZFe8Zf8Biw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1649214251; a=rsa-sha256; cv=none; b=DOPLxB3VxoKkovP7NxiMoNGoepAtSGe+Lp6ckwmZH/j4r9thMtEK4HelTEsybuU3VyvpRt kZG8v7tKHM/Q7gq7ZbtX/pEf9/EEu9ZtpY8lEfBWO4nYL7XRejppB9A3JEiNB6HJcD0rzh 6fvtiGaYSE7zOIvXBCZp0VPyF5mSNnSlgYpR3ETdeL9Z0JVSbAEKLWJaUu/uTbtxwkIO27 Jj22xUTTasvUZ53eqKVDZoVKHxup2wzmGDHHoXsnW5df+hRnWC1JAnBXIgJFXCJV058tgz 90hh+8T85C6maNyshpeTC5GDSRY6vHws2CYURixGqxLfgKBMtWv6DJ4e+bkHHg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch releng/13.0 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=5b789e0c92a7c363b36111b1f75519f2acd21f97 commit 5b789e0c92a7c363b36111b1f75519f2acd21f97 Author: Mark Johnston AuthorDate: 2022-04-05 23:26:02 +0000 Commit: Ed Maste CommitDate: 2022-04-05 23:26:02 +0000 pf: Initialize the table entry zone limit at initialization time The limit may later be updated by the "set limit" directive in pf.conf. UMA does not permit a limit to be set on a zone after any items have been allocated from a zone. Other UMA zones used by pf do not appear to be susceptible to this problem: they either set a limit at zone creation time or never set one at all. PR: 260406 Reviewed by: kp Sponsored by: The FreeBSD Foundation (cherry picked from commit 7d1ab866911a2b29e041d64bc83a93638533f957) (cherry picked from commit 1487f84223ce1341ebdfc87e50fbcddedc6d1de8) Approved by: so Security: FreeBSD-EN-22:15.pf --- sys/netpfil/pf/pf_table.c | 1 + 1 file changed, 1 insertion(+) diff --git a/sys/netpfil/pf/pf_table.c b/sys/netpfil/pf/pf_table.c index af2f614c9e8c..6d81f57096be 100644 --- a/sys/netpfil/pf/pf_table.c +++ b/sys/netpfil/pf/pf_table.c @@ -209,6 +209,7 @@ pfr_initialize(void) V_pfr_kentry_z = uma_zcreate("pf table entries", sizeof(struct pfr_kentry), NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0); + uma_zone_set_max(V_pfr_kentry_z, PFR_KENTRY_HIWAT); V_pf_limits[PF_LIMIT_TABLE_ENTRIES].zone = V_pfr_kentry_z; V_pf_limits[PF_LIMIT_TABLE_ENTRIES].limit = PFR_KENTRY_HIWAT; }