git: dddbe8523208 - stable/12 - pf: don't hold a lock during copyout()
Kristof Provost
kp at FreeBSD.org
Thu Jun 17 14:54:47 UTC 2021
The branch stable/12 has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=dddbe852320818451f004177d4ff887618adaa85
commit dddbe852320818451f004177d4ff887618adaa85
Author: Kristof Provost <kp at FreeBSD.org>
AuthorDate: 2021-06-14 12:04:02 +0000
Commit: Kristof Provost <kp at FreeBSD.org>
CommitDate: 2021-06-17 14:53:36 +0000
pf: don't hold a lock during copyout()
copyout() can trigger page faults, so it may potentially sleep.
Reported by: avg
MFC after: 3 days
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit 8b5f4e692b1d1585ecfc6690552650114e3e704e)
---
sys/netpfil/pf/pf_ioctl.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c
index 3a5a7601b51e..3d5ae03b5a11 100644
--- a/sys/netpfil/pf/pf_ioctl.c
+++ b/sys/netpfil/pf/pf_ioctl.c
@@ -2532,8 +2532,6 @@ DIOCADDRULENV_error:
ERROUT(ENOSPC);
}
- error = copyout(nvlpacked, nv->data, nv->len);
-
if (clear_counter) {
counter_u64_zero(rule->evaluations);
for (int i = 0; i < 2; i++) {
@@ -2544,6 +2542,8 @@ DIOCADDRULENV_error:
}
PF_RULES_WUNLOCK();
+ error = copyout(nvlpacked, nv->data, nv->len);
+
#undef ERROUT
DIOCGETRULENV_error:
free(nvlpacked, M_NVLIST);
More information about the dev-commits-src-all
mailing list