From nobody Tue May 10 21:17:06 2022 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 936E51ADEA7B; Tue, 10 May 2022 21:17:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4KyW823kWpz3rtl; Tue, 10 May 2022 21:17:06 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1652217426; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=dEU8po3n60GJ6rO2qnPQRSv17X++fCchuRr6KtJjD/A=; b=QBw2/z/wXQjkfRZ9CbuHsG7acW4S8N2hdrCtwCkoxay6PovI+l/KS3QFgd3CmKP85mAyHg c8F+VomOdrq9YKzL6Z5gHkTWBtiBkGT96b02Jmu84EbXpwmUoFg7C3pDb3yFw7WARCk+5s ItmDzcaqg9E9ukpob6WmdFc7fA0JRi0ubeRVPMkMqZyJ8i4vH1sXR39ap693+eycjPJe/O Pcv3MelaczAZw8rl+mXAir3eT4bOaGqzMCjoZK5Q4hwQOCOwXFwl4hcPLcMYiDI8nq2nR0 /YuqQAmQ1V4nwPCJJRnlIQWptTXp/CqI1GyVHMwbrSYrWsqcXSxvSkjt+7KFEw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5BD984C77; Tue, 10 May 2022 21:17:06 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 24ALH6cn096957; Tue, 10 May 2022 21:17:06 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 24ALH6S2096956; Tue, 10 May 2022 21:17:06 GMT (envelope-from git) Date: Tue, 10 May 2022 21:17:06 GMT Message-Id: <202205102117.24ALH6S2096956@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Mateusz Guzik Subject: git: ff80dd034a8c - main - pf: fix DIOCCHANGERULE after pf config and rb tree of rules List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mjg X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: ff80dd034a8ca73274b7861e1b3fc801c837a385 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1652217426; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=dEU8po3n60GJ6rO2qnPQRSv17X++fCchuRr6KtJjD/A=; b=UkuFhoJp8gitbietoPPWHogu5iP38yV6uC5ZbCWPZ3TPRBB3CieVO1D4Zdu7FAITFyhym1 bJl48ki3Ny1OkNRE5SCHVCLWtCarRWBRv9SFbGJaU5LPWVPkcuaNZyK1F7xSVeo6662d+n dSK/k2W6dR1nDbIV18AVO3XuhpWur/MLgM8Mhe3GrzdB2JwU63W64w4QQqXmygCE+1wTQ3 ikaja2SwHS6g4rsQviWZ38nK1Wuc7rSinu8PGrS2t1/TxsoA9IG3Bie0DGEu4xgr2x3W14 pwTv8U5AviA1U3v7/DC6flAOU9JxJbZaQG522Kg2aTT2RbLvhTmKFj/BR09OkA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1652217426; a=rsa-sha256; cv=none; b=HkVm1z0Cx+H2x6GEac7LI9kWtngGZLWcmClQHo1DMPaMGY8mDJOfwWoL+gLYK+9FTZIQMY BkicKPvg0hSWqDBGyB6uUFiU0ZTFjYeNAxSD0oBu8PEmoauVSqWrBL5AnvYufjehNl98y6 d4b04BHJvVPD5O+n0DAnkEfyi7w9E/iHgNEzJRAHh5ZV5WoQaNHKev8ebu/HUANdu/Bd/7 ZRg95tcNYpY1NFhkShAYzxXp829NVrBArlNW4lIVDig5rF3E9R3gEpCSO8Ecxwha/tOT96 AjWpJ0Oau16agmMTCkyhHiaP0BcAHZvKJQ9bAz8faEwkPZTKQ22p/hgm1arZCg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by mjg: URL: https://cgit.FreeBSD.org/src/commit/?id=ff80dd034a8ca73274b7861e1b3fc801c837a385 commit ff80dd034a8ca73274b7861e1b3fc801c837a385 Author: Mateusz Guzik AuthorDate: 2022-05-04 19:53:12 +0000 Commit: Mateusz Guzik CommitDate: 2022-05-10 21:16:47 +0000 pf: fix DIOCCHANGERULE after pf config and rb tree of rules Reviewed by: kp Sponsored by: Rubicon Communications, LLC ("Netgate") --- sys/netpfil/pf/pf_ioctl.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index 65839d1d31d9..6b8d63b8bdce 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -3432,6 +3432,7 @@ DIOCGETRULENV_error: } #define ERROUT(x) ERROUT_IOCTL(DIOCCHANGERULE_error, x) + PF_CONFIG_LOCK(); PF_RULES_WLOCK(); #ifdef PF_WANT_32_TO_64_COUNTER if (newrule != NULL) { @@ -3540,6 +3541,7 @@ DIOCGETRULENV_error: if (error) { pf_free_rule(newrule); PF_RULES_WUNLOCK(); + PF_CONFIG_UNLOCK(); break; } @@ -3562,6 +3564,7 @@ DIOCGETRULENV_error: if (newrule != NULL) pf_free_rule(newrule); PF_RULES_WUNLOCK(); + PF_CONFIG_UNLOCK(); error = EINVAL; break; } @@ -3570,8 +3573,20 @@ DIOCGETRULENV_error: if (pcr->action == PF_CHANGE_REMOVE) { pf_unlink_rule(ruleset->rules[rs_num].active.ptr, oldrule); + RB_REMOVE(pf_krule_global, + ruleset->rules[rs_num].active.tree, oldrule); ruleset->rules[rs_num].active.rcount--; } else { + pf_hash_rule(newrule); + if (RB_INSERT(pf_krule_global, + ruleset->rules[rs_num].active.tree, newrule) != NULL) { + pf_free_rule(newrule); + PF_RULES_WUNLOCK(); + PF_CONFIG_UNLOCK(); + error = EEXIST; + break; + } + if (oldrule == NULL) TAILQ_INSERT_TAIL( ruleset->rules[rs_num].active.ptr, @@ -3597,6 +3612,7 @@ DIOCGETRULENV_error: pf_remove_if_empty_kruleset(ruleset); PF_RULES_WUNLOCK(); + PF_CONFIG_UNLOCK(); break; #undef ERROUT