From nobody Fri Aug 19 13:13:02 2022 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M8Mct4dS4z4Z6Cp; Fri, 19 Aug 2022 13:13:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4M8Mct45v3z45bS; Fri, 19 Aug 2022 13:13:02 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660914782; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=mud3gUmCWKZe2alRWDHVGw8jxCckYD2ils+SmRCrsYQ=; b=MnwRZlUxJVILXihXBjvy0LB7tlTo7QZb9PEON3OEY5XszqW+PQRoplhxUdoTPG/GVudPAv DItKosxUmIy6xrSnUMFdU4h1Wclw94Dtg2wE6qVH9Epk0vlCk+TlDfBCp98Q+eh0OoKSvL hfhiubB+UdONE7EZxO/R25lo2ysRYu1yfMgVpmii4AeZKskOZwpEFD04rBGp0q4+m0h0rQ KjFia3W024MbhCa6wSR5bi9SqxYSRJcaC/aIQpqmsUBKjyoI1YuZeO9moiJiz7r97dXcBn eCeSefo74Qece3E8s9UnHMKP+GHgCPPOz2mSK/K6Pq8HRwVFw4lzlw3gyUU5vw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4M8Mct37Xgzv0X; Fri, 19 Aug 2022 13:13:02 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 27JDD2QU093632; Fri, 19 Aug 2022 13:13:02 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 27JDD2kh093631; Fri, 19 Aug 2022 13:13:02 GMT (envelope-from git) Date: Fri, 19 Aug 2022 13:13:02 GMT Message-Id: <202208191313.27JDD2kh093631@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Kristof Provost Subject: git: c780d3ad7bcb - main - pf: clear ethernet rules prior to shutdown List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: c780d3ad7bcbf3cc181b50a4e09b8ab18b8bd3c6 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1660914782; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=mud3gUmCWKZe2alRWDHVGw8jxCckYD2ils+SmRCrsYQ=; b=ItbxUjoHav3hEEvuGnBNhv2k6rW3lF5z6+NT5jgJkyfSU+GVCkzEqwVfmIIkRLZolIw09m prbTgkkBOM/lTZLGvgENhSy9deyTGjT0IEmc2GEts86kkfLr9VMrtZyjNQY30asRzXgV0+ aDH40pJIsZdt60ZQ1p4IfdM807kg5ztYKp596FE1R5r2Q/wul6+OlF5z/Z4Rp2I2e2U6+s QkaFf0aDLInDSUKBQ3pkYtZOFWyd+67qg5DPosDJMAnouGXex0KL0xTYz0gP6x25/ZQnhF 0uAcoCLPIv2tp5289dhQqhzuWGssfeS4slDzTxo6NOouJWurA5oNpuHcATRJdA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1660914782; a=rsa-sha256; cv=none; b=iG5sTcbM/5JO0MRi8Tq0VKETW1psL8vgeDmuJC/cRqnDPdCjBYAzD0SUfCUv/kw6VRQR16 zxZ5Ocz6BZs1q0brti9mZhZjY5XpmVZj2+KV/NQNbsO11r1Eb/v9pzu2Gv+TUItSyILJfC YbwAXGXqlPnjB7XFIH47sNYtmyJ1ym9S0uZdRpc4Sc/wDqqq1HTcRr0dGIrwx+eccWq6YI LSk9TQRWKB3AbCwPv/RJ1KJiYkVdUlEBmvph5c5e9wHiY53P5+wWNy7EYwDu+qM58+fMpr Jxf4qY+LZRPjXZ/lsmuEmvmdvSKZasz5NQQouYGvalrScWjdFJE5DLLW84PHvg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=c780d3ad7bcbf3cc181b50a4e09b8ab18b8bd3c6 commit c780d3ad7bcbf3cc181b50a4e09b8ab18b8bd3c6 Author: Kristof Provost AuthorDate: 2022-08-19 10:01:58 +0000 Commit: Kristof Provost CommitDate: 2022-08-19 12:53:09 +0000 pf: clear ethernet rules prior to shutdown Ethernet rule cleanup is postponed to an epoch callback. Ensure it's been called before we remove the entire vnet, or we risk the rules still getting hit after we've freed the uma zone, i.e. a use-after-free. Sponsored by: Rubicon Communications, LLC ("Netgate") --- sys/netpfil/pf/pf_ioctl.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index 696ae4d0de70..81f35ba1c98c 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -6714,6 +6714,9 @@ pf_unload_vnet(void) shutdown_pf(); PF_RULES_WUNLOCK(); + /* Make sure we've cleaned up ethernet rules before we continue. */ + NET_EPOCH_DRAIN_CALLBACKS(); + ret = swi_remove(V_pf_swi_cookie); MPASS(ret == 0); ret = intr_event_destroy(V_pf_swi_ie);