svn commit: r344964 - stable/11/sys/netpfil/pf

Sat, 09 Mar 2019 08:39:38 -0800 

Author: kp
Date: Sat Mar  9 10:28:36 2019
New Revision: 344964
URL: https://svnweb.freebsd.org/changeset/base/344964

Log:
  MFC r340073, r341359:
  
  pf: Keep a reference to struct ifnets we're using
  
  Ensure that the struct ifnet we use can't go away until we're done with
  it.
  
  pf: Fix panic on overlapping interface names
  
  In rare situations[*] it's possible for two different interfaces to have
  the same name. This confuses pf, because kifs are indexed by name (which
  is assumed to be unique). As a result we can end up trying to
  if_rele(NULL), which panics.
  
  Explicitly checking the ifp pointer before if_rele() prevents the panic.
  Note pf will likely behave in unexpected ways on the the overlapping
  interfaces.
  
  [*] Insert an interface in a vnet jail. Rename it to an interface which
  exists on the host. Remove the jail. There are now two interfaces with
  the same name in the host.

Modified:
  stable/11/sys/netpfil/pf/pf_if.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/sys/netpfil/pf/pf_if.c
==============================================================================
--- stable/11/sys/netpfil/pf/pf_if.c    Sat Mar  9 10:28:36 2019        
(r344963)
+++ stable/11/sys/netpfil/pf/pf_if.c    Sat Mar  9 10:28:36 2019        
(r344964)
@@ -163,8 +163,10 @@ pfi_cleanup_vnet(void)
                RB_REMOVE(pfi_ifhead, &V_pfi_ifs, kif);
                if (kif->pfik_group)
                        kif->pfik_group->ifg_pf_kif = NULL;
-               if (kif->pfik_ifp)
+               if (kif->pfik_ifp) {
+                       if_rele(kif->pfik_ifp);
                        kif->pfik_ifp->if_pf_kif = NULL;
+               }
                free(kif, PFI_MTYPE);
        }
 
@@ -315,6 +317,8 @@ pfi_attach_ifnet(struct ifnet *ifp)
        V_pfi_update++;
        kif = pfi_kif_attach(kif, ifp->if_xname);
 
+       if_ref(ifp);
+
        kif->pfik_ifp = ifp;
        ifp->if_pf_kif = kif;
 
@@ -845,6 +849,9 @@ pfi_detach_ifnet_event(void *arg __unused, struct ifne
        PF_RULES_WLOCK();
        V_pfi_update++;
        pfi_kif_update(kif);
+
+       if (kif->pfik_ifp)
+               if_rele(kif->pfik_ifp);
 
        kif->pfik_ifp = NULL;
        ifp->if_pf_kif = NULL;
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to