cvs commit: src/sys/contrib/ipfilter/netinet - Imported sources
Max Laier
max at love2party.net
Fri Oct 19 10:18:42 PDT 2007
On Friday 19 October 2007, Robert Watson wrote:
> On Thu, 18 Oct 2007, Darren Reed wrote:
> > darrenr 2007-10-18 21:42:54 UTC
> >
> > FreeBSD src repository
> >
> > src/sys/contrib/ipfilter/netinet - Imported sources
> > Update of /home/ncvs/src/sys/contrib/ipfilter/netinet
> > In directory repoman.freebsd.org:/tmp/cvs-serv15525
> >
> > Log Message:
> > Import IPFilter 4.1.28
> >
> > Status:
> >
> > Vendor Tag: DARRENR
> > Release Tags: v4-1-28
>
> I didn't see a reply from you on the thread on current@ regarding the
> ipfilter panics, so I'll ask here: does this import resolve the panics
> that users are experiencing with ipfilter on 7.x/8.x when INVARIANTS is
> enabled?
According to my reading, the crashes described in
http://lists.freebsd.org/pipermail/freebsd-current/2007-October/078484.html
are still present due to the following code in ip_fil_freebsd.c line
490ff:
READ_ENTER(&ipf_global);
error = fr_ioctlswitch(unit, data, cmd, mode, p->p_uid, p);
Where fr_ioctlswitch() does the actual copyin/copyout and READ_ENTER
acquires a rwlock(9) which can't sleep. This is an improvement over the
previous attempt to sleep in the transmission path (due to useing sx(9)
locks), but it is still not correct and fragile even without INVARIANTS.
--
/"\ Best regards, | mlaier at freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier at EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: This is a digitally signed message part.
Url : http://lists.freebsd.org/pipermail/cvs-src/attachments/20071019/e0623531/attachment.pgp
More information about the cvs-src
mailing list