git: 4496aecb56e6 - main - pf: drain Ethernet rules cleanup before starting a new transaction

From: Kristof Provost <kp_at_FreeBSD.org>
Date: Mon, 11 Apr 2022 15:51:09 UTC
The branch main has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=4496aecb56e667ab11bbbb92e164d3277205bae6

commit 4496aecb56e667ab11bbbb92e164d3277205bae6
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2022-04-06 15:03:13 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2022-04-11 13:47:57 +0000

    pf: drain Ethernet rules cleanup before starting a new transaction
    
    Inactive Ethernet rules get cleaned by a net_epoch callback. This
    callback may still be pending when we try to start a new (pf rules)
    transaction, causing it to fail.
    This is especially likely to occur in scripted scenarios, such as the
    regression tests.
    
    Drain the epoch callbacks before starting a new transaction, ensuring
    we've had the opportunity to clean up the inactive rules.
    
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    Differential Revision:  https://reviews.freebsd.org/D34846
---
 sys/netpfil/pf/pf_ioctl.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c
index a8f9261111db..52f11f57c068 100644
--- a/sys/netpfil/pf/pf_ioctl.c
+++ b/sys/netpfil/pf/pf_ioctl.c
@@ -5089,6 +5089,8 @@ DIOCCHANGEADDR_error:
 			free(ioes, M_TEMP);
 			break;
 		}
+		/* Ensure there's no more ethernet rules to clean up. */
+		epoch_drain_callbacks(net_epoch_preempt);
 		PF_RULES_WLOCK();
 		for (i = 0, ioe = ioes; i < io->size; i++, ioe++) {
 			ioe->anchor[sizeof(ioe->anchor) - 1] = '\0';