svn commit: r236718 - projects/pf/head/sys/contrib/pf/net
Gleb Smirnoff
glebius at FreeBSD.org
Thu Jun 7 15:57:31 UTC 2012
Author: glebius
Date: Thu Jun 7 15:57:30 2012
New Revision: 236718
URL: http://svn.freebsd.org/changeset/base/236718
Log:
o Close a race on state unlink. Although a state is already removed
from the id hash, it still can be located via key hash. To avoid
this, check for the PFTM_UNLINKED value in the pf_find_state().
o Call into pfsync_delete_state() after state had been removed
from both hashes.
Modified:
projects/pf/head/sys/contrib/pf/net/pf.c
Modified: projects/pf/head/sys/contrib/pf/net/pf.c
==============================================================================
--- projects/pf/head/sys/contrib/pf/net/pf.c Thu Jun 7 15:54:52 2012 (r236717)
+++ projects/pf/head/sys/contrib/pf/net/pf.c Thu Jun 7 15:57:30 2012 (r236718)
@@ -1183,6 +1183,15 @@ pf_find_state(struct pfi_kif *kif, struc
if (s->kif == V_pfi_all || s->kif == kif) {
PF_STATE_LOCK(s);
PF_HASHROW_UNLOCK(kh);
+ if (s->timeout == PFTM_UNLINKED) {
+ /*
+ * State is being processed
+ * by pf_unlink_state() in
+ * an other thread.
+ */
+ PF_STATE_UNLOCK(s);
+ return (NULL);
+ }
return (s);
}
PF_HASHROW_UNLOCK(kh);
@@ -1464,8 +1473,6 @@ pf_unlink_state(struct pf_state *s, u_in
if (export_pflow_ptr != NULL)
export_pflow_ptr(s);
#endif
- if (pfsync_delete_state_ptr != NULL)
- pfsync_delete_state_ptr(s);
s->timeout = PFTM_UNLINKED;
pf_src_tree_remove_state(s);
PF_HASHROW_UNLOCK(ih);
@@ -1473,6 +1480,9 @@ pf_unlink_state(struct pf_state *s, u_in
pf_detach_state(s);
refcount_release(&s->refs);
+ if (pfsync_delete_state_ptr != NULL)
+ pfsync_delete_state_ptr(s);
+
return (pf_release_state(s));
}
More information about the svn-src-projects
mailing list