Hi,
Previous diff made src-node have a reference for the kif. My
colleague pointed out that incrementing the reference count of the kif
is required.
ok?
Fix previous commit which made src-node have a reference for the kif.
Src-node should use the reference counter since it might live longer
than its table entry, rule or the associated states.
Index: sys/net/pf.c
===================================================================
RCS file: /cvs/src/sys/net/pf.c,v
retrieving revision 1.1083
diff -u -p -r1.1083 pf.c
--- sys/net/pf.c 2 Jul 2019 09:04:53 -0000 1.1083
+++ sys/net/pf.c 5 Jul 2019 07:57:57 -0000
@@ -589,6 +589,7 @@ pf_insert_src_node(struct pf_src_node **
(*sn)->kif = kif;
pf_status.scounters[SCNT_SRC_NODE_INSERT]++;
pf_status.src_nodes++;
+ pfi_kif_ref(kif, PFI_KIF_REF_SRCNODE);
} else {
if (rule->max_src_states &&
(*sn)->states >= rule->max_src_states) {
@@ -612,6 +613,7 @@ pf_remove_src_node(struct pf_src_node *s
RB_REMOVE(pf_src_tree, &tree_src_tracking, sn);
pf_status.scounters[SCNT_SRC_NODE_REMOVALS]++;
pf_status.src_nodes--;
+ pfi_kif_unref(sn->kif, PFI_KIF_REF_SRCNODE);
pool_put(&pf_src_tree_pl, sn);
}
Index: sys/net/pf_if.c
===================================================================
RCS file: /cvs/src/sys/net/pf_if.c,v
retrieving revision 1.96
diff -u -p -r1.96 pf_if.c
--- sys/net/pf_if.c 10 Dec 2018 16:48:15 -0000 1.96
+++ sys/net/pf_if.c 5 Jul 2019 07:57:57 -0000
@@ -147,6 +147,9 @@ pfi_kif_ref(struct pfi_kif *kif, enum pf
case PFI_KIF_REF_ROUTE:
kif->pfik_routes++;
break;
+ case PFI_KIF_REF_SRCNODE:
+ kif->pfik_srcnodes++;
+ break;
default:
panic("pfi_kif_ref with unknown type");
}
@@ -185,6 +188,14 @@ pfi_kif_unref(struct pfi_kif *kif, enum
}
kif->pfik_routes--;
break;
+ case PFI_KIF_REF_SRCNODE:
+ if (kif->pfik_srcnodes <= 0) {
+ DPFPRINTF(LOG_ERR,
+ "pfi_kif_unref: src-node refcount <= 0");
+ return;
+ }
+ kif->pfik_srcnodes--;
+ break;
default:
panic("pfi_kif_unref with unknown type");
}
@@ -192,7 +203,8 @@ pfi_kif_unref(struct pfi_kif *kif, enum
if (kif->pfik_ifp != NULL || kif->pfik_group != NULL || kif == pfi_all)
return;
- if (kif->pfik_rules || kif->pfik_states || kif->pfik_routes)
+ if (kif->pfik_rules || kif->pfik_states || kif->pfik_routes ||
+ kif->pfik_srcnodes)
return;
RB_REMOVE(pfi_ifhead, &pfi_ifs, kif);
Index: sys/net/pfvar.h
===================================================================
RCS file: /cvs/src/sys/net/pfvar.h,v
retrieving revision 1.491
diff -u -p -r1.491 pfvar.h
--- sys/net/pfvar.h 2 Jul 2019 09:04:53 -0000 1.491
+++ sys/net/pfvar.h 5 Jul 2019 07:57:58 -0000
@@ -1162,6 +1162,7 @@ struct pfi_kif {
int pfik_states;
int pfik_rules;
int pfik_routes;
+ int pfik_srcnodes;
TAILQ_HEAD(, pfi_dynaddr) pfik_dynaddrs;
};
@@ -1169,7 +1170,8 @@ enum pfi_kif_refs {
PFI_KIF_REF_NONE,
PFI_KIF_REF_STATE,
PFI_KIF_REF_RULE,
- PFI_KIF_REF_ROUTE
+ PFI_KIF_REF_ROUTE,
+ PFI_KIF_REF_SRCNODE
};
#define PFI_IFLAG_SKIP 0x0100 /* skip filtering on interface */
