snmpd(8) and 'pfctl -s Interfaces' dump pf's internal list of interfaces.
pf.conf's 'set skip on ifN' and 'pfctl -F all|Reset' set and clear flags,
PFI_IFLAG_SKIP being the only flag.
(There's no other usage of these ioctls in base.)
pf's internal interface list is completely protected by the pf lock,
pf lock assertions since pf_if.c r1.110 from over a week ago support this.
OK?
Index: pf_ioctl.c
===================================================================
RCS file: /cvs/src/sys/net/pf_ioctl.c,v
retrieving revision 1.405
diff -u -p -r1.405 pf_ioctl.c
--- pf_ioctl.c 26 May 2023 12:13:26 -0000 1.405
+++ pf_ioctl.c 26 May 2023 12:46:37 -0000
@@ -2942,11 +2942,9 @@ pfioctl(dev_t dev, u_long cmd, caddr_t a
goto fail;
}
- NET_LOCK();
PF_LOCK();
pfi_get_ifaces(io->pfiio_name, kif_buf, &io->pfiio_size);
PF_UNLOCK();
- NET_UNLOCK();
if (copyout(kif_buf, io->pfiio_buffer, sizeof(*kif_buf) *
io->pfiio_size))
error = EFAULT;
@@ -2962,11 +2960,9 @@ pfioctl(dev_t dev, u_long cmd, caddr_t a
goto fail;
}
- NET_LOCK();
PF_LOCK();
error = pfi_set_flags(io->pfiio_name, io->pfiio_flags);
PF_UNLOCK();
- NET_UNLOCK();
break;
}
@@ -2978,11 +2974,9 @@ pfioctl(dev_t dev, u_long cmd, caddr_t a
goto fail;
}
- NET_LOCK();
PF_LOCK();
error = pfi_clear_flags(io->pfiio_name, io->pfiio_flags);
PF_UNLOCK();
- NET_UNLOCK();
break;
}
