Author: glebius
Date: Thu Dec 13 12:48:57 2012
New Revision: 244184
URL: http://svnweb.freebsd.org/changeset/base/244184
Log:
Initialize state id prior to attaching state to key hash. Otherwise a
race can happen, when pf_find_state() finds state via key hash, and locks
id hash slot 0 instead of appropriate to state id slot.
Modified:
head/sys/netpfil/pf/pf.c
Modified: head/sys/netpfil/pf/pf.c
==============================================================================
--- head/sys/netpfil/pf/pf.c Thu Dec 13 11:11:15 2012 (r244183)
+++ head/sys/netpfil/pf/pf.c Thu Dec 13 12:48:57 2012 (r244184)
@@ -1080,9 +1080,6 @@ pf_state_insert(struct pfi_kif *kif, str
s->kif = kif;
- if (pf_state_key_attach(skw, sks, s))
- return (-1);
-
if (s->id == 0 && s->creatorid == 0) {
/* XXX: should be atomic, but probability of collision low */
if ((s->id = V_pf_stateid[curcpu]++) == PFID_MAXID)
@@ -1092,6 +1089,9 @@ pf_state_insert(struct pfi_kif *kif, str
s->creatorid = V_pf_status.hostid;
}
+ if (pf_state_key_attach(skw, sks, s))
+ return (-1);
+
ih = &V_pf_idhash[PF_IDHASH(s)];
PF_HASHROW_LOCK(ih);
LIST_FOREACH(cur, &ih->states, entry)
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
