git: 6ab80e727509 - main - pf: do not block new Ethernet rules for in-progress transactions

From: Kristof Provost <kp_at_FreeBSD.org>
Date: Sat, 27 Aug 2022 22:23:21 UTC
The branch main has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=6ab80e7275091c900da8d2e84a7b0bb4c34a1e41

commit 6ab80e7275091c900da8d2e84a7b0bb4c34a1e41
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2022-08-19 10:05:12 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2022-08-27 20:25:01 +0000

    pf: do not block new Ethernet rules for in-progress transactions
    
    Make Ethernet rule addition behave just like L3 rules, in that we now
    allow ongoing transaction to be interrupted, rather than rejecting a new
    one.
    
    The result of that is that we can no longer end up in a state where a
    transaction failed, but was not rolled back, blocking us from setting
    new rules.
    
    It's safe to assume there's no pending epoch callback for cleanup here,
    because we've explicitly called it before hitting pf_begin_eth().
    
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
---
 sys/netpfil/pf/pf_ioctl.c | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c
index 81f35ba1c98c..13726880a894 100644
--- a/sys/netpfil/pf/pf_ioctl.c
+++ b/sys/netpfil/pf/pf_ioctl.c
@@ -739,11 +739,6 @@ pf_begin_eth(uint32_t *ticket, const char *anchor)
 	if (rs == NULL)
 		return (EINVAL);
 
-	if (rs->inactive.open)
-		/* We may be waiting for NET_EPOCH_CALL(pf_rollback_eth_cb) to
-		 * finish. */
-		return (EBUSY);
-
 	/* Purge old inactive rules. */
 	TAILQ_FOREACH_SAFE(rule, rs->inactive.rules, entries,
 	    tmp) {