Site Navigation

Date:      Mon, 19 Dec 2005 13:19:29 +0100
From:      Max Laier <max@love2party.net>
To:        freebsd-pf@freebsd.org
Cc:        Andrew Thompson <thompsa@freebsd.org>, dhartmei@freebsd.org
Subject:   Re: cvs commit: src/sys/contrib/pf/net pf.c pfvar.h
Message-ID:  <200512191319.35764.max@love2party.net>
In-Reply-To: <20051219032129.GA10219@heff.fud.org.nz>
References:  <200507201858.j6KIwRNZ097685@repoman.freebsd.org> <20051218090822.GA8358@heff.fud.org.nz> <20051219032129.GA10219@heff.fud.org.nz>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

--nextPart1186789.5yYGLEeU4N
Content-Type: multipart/mixed;
  boundary="Boundary-01=_SVqpDalcTOfvl3U"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--Boundary-01=_SVqpDalcTOfvl3U
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

On Monday 19 December 2005 04:21, Andrew Thompson wrote:
> On Sun, Dec 18, 2005 at 10:08:22PM +1300, Andrew Thompson wrote:
> > On Wed, Jul 20, 2005 at 06:58:27PM +0000, Max Laier wrote:
> > > mlaier      2005-07-20 18:58:27 UTC
> > >
> > >   FreeBSD src repository
> > >
> > >   Modified files:
> > >     sys/contrib/pf/net   pf.c pfvar.h
> > >   Log:
> > >   Prevent a race condition.  As pf_send_tcp() - called for expired
> > > synproxy states - has to drop the lock when calling back to
> > > ip_output(), the state purge timeout might run and gc the state. This
> > > results in a rb-tree inconsistency.  With this change we flag expiring
> > > states while holding the lock and back off if the flag is already set.
> >
> > This commit seems to have broken net/pfflowd in ports. It still recieves
> > packets from pfsync0 but nothing with action =3D=3D PFSYNC_ACT_DEL.
>
> More specifically the pfsync_delete_state() macro is broken.
>
>  pf_purge_expired_state(struct pf_state *cur)
>    {
>      if (cur->sync_flags & PFSTATE_EXPIRING)
>              return;
>      cur->sync_flags |=3D PFSTATE_EXPIRING;
>      <...>
>      pfsync_delete_state(cur);
>
>
> But this will not do anything since sync_flags is not non-zero, as it is
> checked in the macro.
>
>  #define pfsync_delete_state(st) do {                         \
>         if (!st->sync_flags)                                  \
>                 pfsync_pack_state(PFSYNC_ACT_DEL, (st),       \
>                     PFSYNC_FLAG_COMPRESS);                    \
>         st->sync_flags &=3D ~PFSTATE_FROMSYNC;                  \
>  } while (0)

Autsch - good catch!  Quick fix, using pad-space, attached.  Not sure if th=
is=20
is the best sollution, but it certainly is the least invasive.  Looking at=
=20
the current OpenBSD code we still have 8bit padding somewhere in struct=20
pf_state, so we can continue like this.  I will commit and MFC this, unless=
 I=20
hear complains.

=2D-=20
/"\  Best regards,                      | mlaier@freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier@EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News

--Boundary-01=_SVqpDalcTOfvl3U
Content-Type: text/x-diff; charset="iso-8859-1"; name="pf_state_expiring.diff"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
	filename="pf_state_expiring.diff"

Index: pf.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
RCS file: /usr/store/mlaier/fcvs/src/sys/contrib/pf/net/pf.c,v
retrieving revision 1.38
diff -u -r1.38 pf.c
=2D-- pf.c	5 Dec 2005 11:58:31 -0000	1.38
+++ pf.c	19 Dec 2005 12:11:22 -0000
@@ -1102,9 +1102,9 @@
 pf_purge_expired_state(struct pf_state *cur)
 {
 #ifdef __FreeBSD__
=2D	if (cur->sync_flags & PFSTATE_EXPIRING)
+	if (cur->local_flags & PFSTATE_EXPIRING)
 		return;
=2D	cur->sync_flags |=3D PFSTATE_EXPIRING;
+	cur->local_flags |=3D PFSTATE_EXPIRING;
 #endif
 	if (cur->src.state =3D=3D PF_TCPS_PROXY_DST)
 		pf_send_tcp(cur->rule.ptr, cur->af,
Index: pfvar.h
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
RCS file: /usr/store/mlaier/fcvs/src/sys/contrib/pf/net/pfvar.h,v
retrieving revision 1.12
diff -u -r1.12 pfvar.h
=2D-- pfvar.h	20 Jul 2005 18:58:27 -0000	1.12
+++ pfvar.h	19 Dec 2005 12:09:51 -0000
@@ -791,9 +791,11 @@
 #define	PFSTATE_FROMSYNC 0x02
 #define	PFSTATE_STALE	 0x04
 #ifdef __FreeBSD__
=2D#define	PFSTATE_EXPIRING 0x10
=2D#endif
+	u_int8_t	 local_flags;
+#define	PFSTATE_EXPIRING 0x01
+#else
 	u_int8_t	 pad;
+#endif
 };
=20
 TAILQ_HEAD(pf_rulequeue, pf_rule);

--Boundary-01=_SVqpDalcTOfvl3U--

--nextPart1186789.5yYGLEeU4N
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)

iD8DBQBDpqVXXyyEoT62BG0RAjLPAJ92Sy/WOyc2nXS50gs75dS8nEsAYgCdENKW
YYlDMlnRo3woordK9q6pC4c=
=/lIX
-----END PGP SIGNATURE-----

--nextPart1186789.5yYGLEeU4N--

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200512191319.35764.max>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact