The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=0ed5f66c5ad23a6fe02d60765acf5e5e00957542
commit 0ed5f66c5ad23a6fe02d60765acf5e5e00957542 Author: Kristof Provost <[email protected]> AuthorDate: 2023-02-02 09:34:57 +0000 Commit: Kristof Provost <[email protected]> CommitDate: 2023-02-03 08:39:09 +0000 pfsync: add missing bucket lock pfsync_q_ins() expects us to hold the bucket lock, but when we enter it from pfsync_state_import() we don't. MFC after: 2 weeks --- sys/netpfil/pf/if_pfsync.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/sys/netpfil/pf/if_pfsync.c b/sys/netpfil/pf/if_pfsync.c index 3aa9bbfb633f..2301dc475e27 100644 --- a/sys/netpfil/pf/if_pfsync.c +++ b/sys/netpfil/pf/if_pfsync.c @@ -605,7 +605,11 @@ pfsync_state_import(struct pfsync_state *sp, int flags) if (!(flags & PFSYNC_SI_IOCTL)) { st->state_flags &= ~PFSTATE_NOSYNC; if (st->state_flags & PFSTATE_ACK) { + struct pfsync_bucket *b = pfsync_get_bucket(sc, st); + PFSYNC_BUCKET_LOCK(b); pfsync_q_ins(st, PFSYNC_S_IACK, true); + PFSYNC_BUCKET_UNLOCK(b); + pfsync_push_all(sc); } }
