diff options
| author | Patrick Wildt <patrick@cvs.openbsd.org> | 2021-02-12 16:16:11 +0000 |
|---|---|---|
| committer | Patrick Wildt <patrick@cvs.openbsd.org> | 2021-02-12 16:16:11 +0000 |
| commit | de2cc463712b51751598acb2488e829ad41bc2c4 (patch) | |
| tree | ff38157e537696dd06fae5ae1e1ccada45f89e38 /sys/net/pf.c | |
| parent | ba2bd42089aed8ce999f834f1617483123f83488 (diff) | |
pf_remove_divert_state() is an entry point into pf, modifying the pf state
table. Hence we have to grab both the pf lock and the pf state lock.
Found by dlg@
ok bluhm@ sashan@
Diffstat (limited to 'sys/net/pf.c')
| -rw-r--r-- | sys/net/pf.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c index be76937ce86..80174ecc6d4 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.1109 2021/02/12 13:48:31 bluhm Exp $ */ +/* $OpenBSD: pf.c,v 1.1110 2021/02/12 16:16:10 patrick Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -1404,6 +1404,10 @@ pf_remove_divert_state(struct pf_state_key *sk) { struct pf_state_item *si; + PF_ASSERT_UNLOCKED(); + + PF_LOCK(); + PF_STATE_ENTER_WRITE(); TAILQ_FOREACH(si, &sk->states, entry) { if (sk == si->s->key[PF_SK_STACK] && si->s->rule.ptr && (si->s->rule.ptr->divert.type == PF_DIVERT_TO || @@ -1412,6 +1416,8 @@ pf_remove_divert_state(struct pf_state_key *sk) break; } } + PF_STATE_EXIT_WRITE(); + PF_UNLOCK(); } void |