LOR in pf on 6.2
Bill Marquette
bill.marquette at gmail.com
Tue Jan 29 17:35:06 PST 2008
On Jan 29, 2008 1:35 PM, Max Laier <max at love2party.net> wrote:
> From the pf.conf(5) in RELENG_6_2:
>
> BUGS
> Due to a lock order reversal (LOR) with the socket layer, the use of the
> group and user filter parameter in conjuction with a Giant-free netstack
> can result in a deadlock. If you have to use group or user you must set
> debug.mpsafenet to ``0'' from the loader(8), for the moment. This work-
> around will still produce the LOR, but Giant will protect from the dead-
> lock.
Crud, didn't see that...I was suspecting the user/group code. Thanks
Max, I'll pull that from our ruleset immediately.
--Bill
More information about the freebsd-pf
mailing list