svn commit: r302142 - projects/vnet/sys/netpfil/pf
Bjoern A. Zeeb
bz at FreeBSD.org
Thu Jun 23 16:34:56 UTC 2016
Author: bz
Date: Thu Jun 23 16:34:55 2016
New Revision: 302142
URL: https://svnweb.freebsd.org/changeset/base/302142
Log:
DO not attach before pf is attached as we borrow locks from there;
do not detach before pf is detached as otherwise we might still be called
for VNETs and thus reference freed memory.
Sponsored by: The FreeBSD Foundation
Modified:
projects/vnet/sys/netpfil/pf/if_pflog.c
Modified: projects/vnet/sys/netpfil/pf/if_pflog.c
==============================================================================
--- projects/vnet/sys/netpfil/pf/if_pflog.c Thu Jun 23 15:02:57 2016 (r302141)
+++ projects/vnet/sys/netpfil/pf/if_pflog.c Thu Jun 23 16:34:55 2016 (r302142)
@@ -268,7 +268,7 @@ vnet_pflog_init(const void *unused __unu
pflogattach(1);
}
-VNET_SYSINIT(vnet_pflog_init, SI_SUB_PSEUDO, SI_ORDER_ANY,
+VNET_SYSINIT(vnet_pflog_init, SI_SUB_PROTO_FIREWALL, SI_ORDER_ANY,
vnet_pflog_init, NULL);
static void
@@ -277,6 +277,10 @@ vnet_pflog_uninit(const void *unused __u
if_clone_detach(V_pflog_cloner);
}
+/*
+ * Detach after pf is gone; otherwise we might touch pflog memory
+ * from within pf after freeing pflog.
+ */
VNET_SYSUNINIT(vnet_pflog_uninit, SI_SUB_INIT_IF, SI_ORDER_SECOND,
vnet_pflog_uninit, NULL);
@@ -308,6 +312,7 @@ static moduledata_t pflog_mod = { pflogn
#define PFLOG_MODVER 1
-DECLARE_MODULE(pflog, pflog_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
+/* Do not run before pf is initialized as we depend on its locks. */
+DECLARE_MODULE(pflog, pflog_mod, SI_SUB_PROTO_FIREWALL, SI_ORDER_ANY);
MODULE_VERSION(pflog, PFLOG_MODVER);
MODULE_DEPEND(pflog, pf, PF_MODVER, PF_MODVER, PF_MODVER);
More information about the svn-src-projects
mailing list