diff options
| author | Mark Kettenis <kettenis@cvs.openbsd.org> | 2022-11-25 18:03:54 +0000 |
|---|---|---|
| committer | Mark Kettenis <kettenis@cvs.openbsd.org> | 2022-11-25 18:03:54 +0000 |
| commit | a3124a7782db483f922c26905a69be0632679399 (patch) | |
| tree | 738a65c46408a67038a7f4076f700ec28f6fae0e /sys | |
| parent | 7515d31fcdce1cdbe1b89e781ca44681a109c257 (diff) | |
Revert previous commit. It was not properly tested and produces splassert
warnings. Rushing to pile more stuff on top of it isn't the answer. This
needs a rethink.
ok deraadt@
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/net/pf.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c index 2552da3ea84..33f030f9aa5 100644 --- a/sys/net/pf.c +++ b/sys/net/pf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf.c,v 1.1154 2022/11/25 03:45:39 dlg Exp $ */ +/* $OpenBSD: pf.c,v 1.1155 2022/11/25 18:03:53 kettenis Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -1603,6 +1603,9 @@ pf_purge(void *null) { unsigned int interval = max(1, pf_default_rule.timeout[PFTM_INTERVAL]); + /* XXX is NET_LOCK necessary? */ + NET_LOCK(); + PF_LOCK(); pf_purge_expired_src_nodes(); @@ -1613,6 +1616,7 @@ pf_purge(void *null) * Fragments don't require PF_LOCK(), they use their own lock. */ pf_purge_expired_fragments(); + NET_UNLOCK(); /* interpret the interval as idle time between runs */ timeout_add_sec(&pf_purge_to, interval); @@ -1887,6 +1891,7 @@ pf_purge_expired_states(const unsigned int limit, const unsigned int collect) if (SLIST_EMPTY(&gcl)) return (scanned); + NET_LOCK(); rw_enter_write(&pf_state_list.pfs_rwl); PF_LOCK(); PF_STATE_ENTER_WRITE(); @@ -1899,6 +1904,7 @@ pf_purge_expired_states(const unsigned int limit, const unsigned int collect) PF_STATE_EXIT_WRITE(); PF_UNLOCK(); rw_exit_write(&pf_state_list.pfs_rwl); + NET_UNLOCK(); while ((st = SLIST_FIRST(&gcl)) != NULL) { SLIST_REMOVE_HEAD(&gcl, gc_list); |