svn commit: r317907 - head/sys/netpfil/pf

Kristof Provost kp at FreeBSD.org
Sun May 7 14:34:00 UTC 2017


Author: kp
Date: Sun May  7 14:33:58 2017
New Revision: 317907
URL: https://svnweb.freebsd.org/changeset/base/317907

Log:
  pf: Fix vnet initialisation
  
  When running the vnet init code (pf_load_vnet()) we used to iterate over
  all vnets, marking them as unhooked.
  This is incorrect and leads to panics if pf is unloaded, as the unload
  code does not unregister the pfil hooks (because the vnet is marked as
  unhooked).
  
  There's no need or reason to touch other vnets during initialisation.
  Their pf_load_vnet() function will be triggered, which handles all
  required initialisation.
  
  Reviewed by:	zec, gnn
  Differential Revision:	https://reviews.freebsd.org/D10592

Modified:
  head/sys/netpfil/pf/pf_ioctl.c

Modified: head/sys/netpfil/pf/pf_ioctl.c
==============================================================================
--- head/sys/netpfil/pf/pf_ioctl.c	Sun May  7 12:12:45 2017	(r317906)
+++ head/sys/netpfil/pf/pf_ioctl.c	Sun May  7 14:33:58 2017	(r317907)
@@ -3712,17 +3712,8 @@ dehook_pf(void)
 static void
 pf_load_vnet(void)
 {
-	VNET_ITERATOR_DECL(vnet_iter);
-
-	VNET_LIST_RLOCK();
-	VNET_FOREACH(vnet_iter) {
-		CURVNET_SET(vnet_iter);
-		V_pf_pfil_hooked = 0;
-		TAILQ_INIT(&V_pf_tags);
-		TAILQ_INIT(&V_pf_qids);
-		CURVNET_RESTORE();
-	}
-	VNET_LIST_RUNLOCK();
+	TAILQ_INIT(&V_pf_tags);
+	TAILQ_INIT(&V_pf_qids);
 
 	pfattach_vnet();
 	V_pf_vnet_active = 1;


More information about the svn-src-head mailing list