git: d8a78048a246 - main - ipfw: don't recurse on the upper half lock in ipfw_iface_ref()

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Gleb Smirnoff <glebius_at_FreeBSD.org>
Date: Tue, 27 Jan 2026 17:38:29 UTC
The branch main has been updated by glebius:

URL: https://cgit.FreeBSD.org/src/commit/?id=d8a78048a24662dc9310bfd4e4498d278fe00f0a

commit d8a78048a24662dc9310bfd4e4498d278fe00f0a
Author:     Gleb Smirnoff <glebius@FreeBSD.org>
AuthorDate: 2026-01-27 17:30:13 +0000
Commit:     Gleb Smirnoff <glebius@FreeBSD.org>
CommitDate: 2026-01-27 17:38:20 +0000

    ipfw: don't recurse on the upper half lock in ipfw_iface_ref()
    
    Fixes:  e3caa360d5d0a73af0de1d293d5b8ff6e900ceb4
---
 sys/netpfil/ipfw/ip_fw_iface.c | 16 +++++-----------
 1 file changed, 5 insertions(+), 11 deletions(-)

diff --git a/sys/netpfil/ipfw/ip_fw_iface.c b/sys/netpfil/ipfw/ip_fw_iface.c
index 7aa4a7bfbf7d..731587adef21 100644
--- a/sys/netpfil/ipfw/ip_fw_iface.c
+++ b/sys/netpfil/ipfw/ip_fw_iface.c
@@ -246,13 +246,13 @@ vnet_ipfw_iface_init(struct ip_fw_chain *ch)
 {
 	struct namedobj_instance *ii;
 
+	IPFW_UH_WLOCK_ASSERT(ch);
+
 	ii = ipfw_objhash_create(DEFAULT_IFACES, DEFAULT_OBJHASH_SIZE);
-	IPFW_UH_WLOCK(ch);
 	if (ch->ifcfg == NULL) {
 		ch->ifcfg = ii;
 		ii = NULL;
 	}
-	IPFW_UH_WUNLOCK(ch);
 
 	if (ii != NULL) {
 		/* Already initialized. Free namehash. */
@@ -296,9 +296,7 @@ vnet_ipfw_iface_destroy(struct ip_fw_chain *ch)
 
 /*
  * Notify the subsystem that we are interested in tracking
- * interface @name. This function has to be called without
- * holding any locks to permit allocating the necessary states
- * for proper interface tracking.
+ * interface @name.
  *
  * Returns 0 on success.
  */
@@ -309,11 +307,11 @@ ipfw_iface_ref(struct ip_fw_chain *ch, char *name,
 	struct namedobj_instance *ii;
 	struct ipfw_iface *iif, *tmp;
 
+	IPFW_UH_WLOCK_ASSERT(ch);
+
 	if (strlen(name) >= sizeof(iif->ifname))
 		return (EINVAL);
 
-	IPFW_UH_WLOCK(ch);
-
 	ii = CHAIN_TO_II(ch);
 	if (ii == NULL) {
 		/*
@@ -329,7 +327,6 @@ ipfw_iface_ref(struct ip_fw_chain *ch, char *name,
 	if (iif != NULL) {
 		iif->no.refcnt++;
 		ic->iface = iif;
-		IPFW_UH_WUNLOCK(ch);
 		return (0);
 	}
 
@@ -352,7 +349,6 @@ ipfw_iface_ref(struct ip_fw_chain *ch, char *name,
 		/* Interface has been created since unlock. Ref and return */
 		tmp->no.refcnt++;
 		ic->iface = tmp;
-		IPFW_UH_WUNLOCK(ch);
 		free(iif, M_IPFW);
 		return (0);
 	}
@@ -364,8 +360,6 @@ ipfw_iface_ref(struct ip_fw_chain *ch, char *name,
 	ipfw_objhash_add(ii, &iif->no);
 	ic->iface = iif;
 
-	IPFW_UH_WUNLOCK(ch);
-
 	return (0);
 }