[Bug 220217] deadlock on enc and pf
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Aug 21 09:03:59 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220217
--- Comment #10 from commit-hook at freebsd.org ---
A commit references this bug:
Author: ae
Date: Mon Aug 21 09:03:21 UTC 2017
New revision: 322741
URL: https://svnweb.freebsd.org/changeset/base/322741
Log:
MFC r321779:
Add inpcb pointer to struct ipsec_ctx_data and pass it to the pfil hook
from enc_hhook().
This should solve the problem when pf is used with if_enc(4) interface,
and outbound packet with existing PCB checked by pf, and this leads to
deadlock due to pf does its own PCB lookup and tries to take rlock when
wlock is already held.
Now we pass PCB pointer if it is known to the pfil hook, this helps to
avoid extra PCB lookup and thus rlock acquiring is not needed.
For inbound packets it is safe to pass NULL, because we do not held any
PCB locks yet.
PR: 220217
Sponsored by: Yandex LLC
Changes:
_U stable/11/
stable/11/sys/net/if_enc.c
stable/11/sys/net/if_enc.h
stable/11/sys/netipsec/ipsec.h
stable/11/sys/netipsec/ipsec_input.c
stable/11/sys/netipsec/ipsec_output.c
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-net
mailing list