summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Gwynne <dlg@cvs.openbsd.org>2009-02-26 07:29:47 +0000
committerDavid Gwynne <dlg@cvs.openbsd.org>2009-02-26 07:29:47 +0000
commitea40a2de385d5e8b5b0fb8ebdd11092a68306c43 (patch)
treee4242c1e1a01c55517a9900cd5bdefdbf7534f80
parentb67a27b60ef7981aab90906220ccc33a8c34b073 (diff)
bulk updates are sent from a timeout which walks over the state tree and
modifies the pfsync state queues, however, it didnt prevent interrupts from whacking the same structures. this diff makes the bulk update code take splsoftnet() to prevent the panics ive been suffering all day when a firewall peer was booted. ok deraadt@
-rw-r--r--sys/net/if_pfsync.c9
1 files changed, 7 insertions, 2 deletions
diff --git a/sys/net/if_pfsync.c b/sys/net/if_pfsync.c
index 41cc6de8723..cafbdaa30bb 100644
--- a/sys/net/if_pfsync.c
+++ b/sys/net/if_pfsync.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: if_pfsync.c,v 1.111 2009/02/24 21:47:28 dlg Exp $ */
+/* $OpenBSD: if_pfsync.c,v 1.112 2009/02/26 07:29:46 dlg Exp $ */
/*
* Copyright (c) 2002 Michael Shalayeff
@@ -2238,7 +2238,9 @@ pfsync_bulk_update(void *arg)
struct pfsync_softc *sc = arg;
struct pf_state *st = sc->sc_bulk_next;
int i = 0;
+ int s;
+ s = splsoftnet();
do {
if (st->sync_state == PFSYNC_S_NONE &&
st->timeout < PFTM_MAX &&
@@ -2254,7 +2256,7 @@ pfsync_bulk_update(void *arg)
if (i > 0 && TAILQ_EMPTY(&sc->sc_qs[PFSYNC_S_UPD])) {
sc->sc_bulk_next = st;
timeout_add(&sc->sc_bulk_tmo, 1);
- return;
+ goto out;
}
} while (st != sc->sc_bulk_last);
@@ -2262,6 +2264,9 @@ pfsync_bulk_update(void *arg)
sc->sc_bulk_next = NULL;
sc->sc_bulk_last = NULL;
pfsync_bulk_status(PFSYNC_BUS_END);
+
+out:
+ splx(s);
}
void