CVSROOT: /cvs
Module name: src
Changes by: bl...@cvs.openbsd.org 2017/06/21 09:29:23
Modified files:
sys/net : pf.c
Log message:
Fix kernel diagnostic assertion "(sk->inp == NULL) || (sk->inp->inp_pf_sk
== NULL)". The problem was that setting the inp pointer in the
statekey to NULL was delayed until the statekey refcounter reached
0. So the inp could get linked to another statekey while an mbuf
in the socket buffer was keeping the refcounter at 1. Set the
statekey inp pointer to NULL in pf_state_key_detach() immediately,
then the kassert can be even stricter.
OK sashan@
