[Bug 268832] panics in check_uidgid() for outgoing packets

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 268832] panics in check_uidgid() for outgoing packets"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Tue, 10 Jan 2023 11:34:15 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268832

Alexander V. Chernikov <melifaro@FreeBSD.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Assignee|bugs@FreeBSD.org            |net@FreeBSD.org

--- Comment #2 from Alexander V. Chernikov <melifaro@FreeBSD.org> ---
The following set of conditions leads to this:

* tcp_respond() does not propagate inpcb pointer if the connection is reset
(TH_RST)
* On the output path, ipfw_chk is called
* ipfw may run check_uidgid() to verify jail/uid/gid ruleset opcodes
* check_uidgid() performs incpb lookup, requesting read lock
* As inpcb is already write-locked, the search results in the panic

-- 
You are receiving this mail because:
You are the assignee for the bug.