Author: glebius
Date: Wed Nov 7 07:30:40 2012
New Revision: 242693
URL: http://svnweb.freebsd.org/changeset/base/242693
Log:
It may happen that pfsync holds the last reference on a state. In this
case keys had already been freed. If encountering such state, then
just release last reference.
Not sure this can happen as a runtime race, but can be reproduced by
the following scenario:
- enable pfsync
- disable pfsync
- wait some time
- enable pfsync
Modified:
head/sys/netpfil/pf/if_pfsync.c
Modified: head/sys/netpfil/pf/if_pfsync.c
==============================================================================
--- head/sys/netpfil/pf/if_pfsync.c Wed Nov 7 07:00:59 2012
(r242692)
+++ head/sys/netpfil/pf/if_pfsync.c Wed Nov 7 07:30:40 2012
(r242693)
@@ -1545,6 +1545,16 @@ pfsync_sendout(int schedswi)
KASSERT(st->sync_state == q,
("%s: st->sync_state == q",
__func__));
+ if (st->timeout == PFTM_UNLINKED) {
+ /*
+ * This happens if pfsync was once
+ * stopped, and then re-enabled
+ * after long time. Theoretically
+ * may happen at usual runtime, too.
+ */
+ pf_release_state(st);
+ continue;
+ }
/*
* XXXGL: some of write methods do unlocked reads
* of state data :(
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
