Date: Thu, 7 Jun 2012 15:57:31 +0000 (UTC) From: Gleb Smirnoff <glebius@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r236718 - projects/pf/head/sys/contrib/pf/net Message-ID: <201206071557.q57FvVUD097438@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: glebius Date: Thu Jun 7 15:57:30 2012 New Revision: 236718 URL: http://svn.freebsd.org/changeset/base/236718 Log: o Close a race on state unlink. Although a state is already removed from the id hash, it still can be located via key hash. To avoid this, check for the PFTM_UNLINKED value in the pf_find_state(). o Call into pfsync_delete_state() after state had been removed from both hashes. Modified: projects/pf/head/sys/contrib/pf/net/pf.c Modified: projects/pf/head/sys/contrib/pf/net/pf.c ============================================================================== --- projects/pf/head/sys/contrib/pf/net/pf.c Thu Jun 7 15:54:52 2012 (r236717) +++ projects/pf/head/sys/contrib/pf/net/pf.c Thu Jun 7 15:57:30 2012 (r236718) @@ -1183,6 +1183,15 @@ pf_find_state(struct pfi_kif *kif, struc if (s->kif == V_pfi_all || s->kif == kif) { PF_STATE_LOCK(s); PF_HASHROW_UNLOCK(kh); + if (s->timeout == PFTM_UNLINKED) { + /* + * State is being processed + * by pf_unlink_state() in + * an other thread. + */ + PF_STATE_UNLOCK(s); + return (NULL); + } return (s); } PF_HASHROW_UNLOCK(kh); @@ -1464,8 +1473,6 @@ pf_unlink_state(struct pf_state *s, u_in if (export_pflow_ptr != NULL) export_pflow_ptr(s); #endif - if (pfsync_delete_state_ptr != NULL) - pfsync_delete_state_ptr(s); s->timeout = PFTM_UNLINKED; pf_src_tree_remove_state(s); PF_HASHROW_UNLOCK(ih); @@ -1473,6 +1480,9 @@ pf_unlink_state(struct pf_state *s, u_in pf_detach_state(s); refcount_release(&s->refs); + if (pfsync_delete_state_ptr != NULL) + pfsync_delete_state_ptr(s); + return (pf_release_state(s)); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201206071557.q57FvVUD097438>