The branch main has been updated by kp:
URL:
https://cgit.FreeBSD.org/src/commit/?id=b1e0f0ff9d35913f6c1dbedcf3a7f5d63eed682c
commit b1e0f0ff9d35913f6c1dbedcf3a7f5d63eed682c
Author: Kristof Provost <k...@freebsd.org>
AuthorDate: 2024-07-09 18:41:52 +0000
Commit: Kristof Provost <k...@freebsd.org>
CommitDate: 2024-07-10 09:55:06 +0000
pf: fix state locking issue when dumping by id
We forgot to unlock the state after dumping it. Do so now.
Sponsored by: Orange Business Services
---
sys/netpfil/pf/pf_nl.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/sys/netpfil/pf/pf_nl.c b/sys/netpfil/pf/pf_nl.c
index 615a9229b3f3..401baddde948 100644
--- a/sys/netpfil/pf/pf_nl.c
+++ b/sys/netpfil/pf/pf_nl.c
@@ -148,6 +148,8 @@ dump_state(struct nlpcb *nlp, const struct nlmsghdr *hdr,
struct pf_kstate *s,
int af;
struct pf_state_key *key;
+ PF_STATE_LOCK_ASSERT(s);
+
if (!nlmsg_reply(nw, hdr, sizeof(struct genlmsghdr)))
goto enomem;
@@ -282,10 +284,16 @@ static int
handle_getstate(struct nlpcb *nlp, struct nl_parsed_state *attrs,
struct nlmsghdr *hdr, struct nl_pstate *npt)
{
- struct pf_kstate *s = pf_find_state_byid(attrs->id, attrs->creatorid);
+ struct pf_kstate *s;
+ int ret;
+
+ s = pf_find_state_byid(attrs->id, attrs->creatorid);
if (s == NULL)
return (ENOENT);
- return (dump_state(nlp, hdr, s, npt));
+ ret = dump_state(nlp, hdr, s, npt);
+ PF_STATE_UNLOCK(s);
+
+ return (ret);
}
static int
