svn commit: r337644 - head/sys/netpfil/pf
Kristof Provost
kp at FreeBSD.org
Sat Aug 11 16:37:57 UTC 2018
Author: kp
Date: Sat Aug 11 16:37:55 2018
New Revision: 337644
URL: https://svnweb.freebsd.org/changeset/base/337644
Log:
pf: Take the IF_ADDR_RLOCK() when iterating over the group list
We did do this elsewhere in pf, but the lock was missing here.
Sponsored by: Essen Hackathon
Modified:
head/sys/netpfil/pf/pf_if.c
Modified: head/sys/netpfil/pf/pf_if.c
==============================================================================
--- head/sys/netpfil/pf/pf_if.c Sat Aug 11 16:34:30 2018 (r337643)
+++ head/sys/netpfil/pf/pf_if.c Sat Aug 11 16:37:55 2018 (r337644)
@@ -297,11 +297,16 @@ pfi_kif_match(struct pfi_kif *rule_kif, struct pfi_kif
if (rule_kif == NULL || rule_kif == packet_kif)
return (1);
- if (rule_kif->pfik_group != NULL)
- /* XXXGL: locking? */
+ if (rule_kif->pfik_group != NULL) {
+ IF_ADDR_RLOCK(packet_kif->pfik_ifp);
CK_STAILQ_FOREACH(p, &packet_kif->pfik_ifp->if_groups, ifgl_next)
- if (p->ifgl_group == rule_kif->pfik_group)
+ if (p->ifgl_group == rule_kif->pfik_group) {
+ IF_ADDR_RUNLOCK(packet_kif->pfik_ifp);
return (1);
+ }
+ IF_ADDR_RUNLOCK(packet_kif->pfik_ifp);
+ }
+
return (0);
}
More information about the svn-src-all
mailing list