summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--sys/net/pf.c6
-rw-r--r--sys/net/pf_ioctl.c10
2 files changed, 8 insertions, 8 deletions
diff --git a/sys/net/pf.c b/sys/net/pf.c
index 8af5155866a..56739a2e8fc 100644
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf.c,v 1.1174 2023/04/28 14:08:34 phessler Exp $ */
+/* $OpenBSD: pf.c,v 1.1175 2023/05/03 10:32:47 kn Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -1370,6 +1370,8 @@ pf_state_import(const struct pfsync_state *sp, int flags)
int error = ENOMEM;
int n = 0;
+ PF_ASSERT_LOCKED();
+
if (sp->creatorid == 0) {
DPFPRINTF(LOG_NOTICE, "%s: invalid creator id: %08x", __func__,
ntohl(sp->creatorid));
@@ -4270,6 +4272,8 @@ pf_test_rule(struct pf_pdesc *pd, struct pf_rule **rm, struct pf_state **sm,
struct pf_test_ctx ctx;
int rv;
+ PF_ASSERT_LOCKED();
+
memset(&ctx, 0, sizeof(ctx));
ctx.pd = pd;
ctx.rm = rm;
diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c
index 61a1660766d..14c377d5ef6 100644
--- a/sys/net/pf_ioctl.c
+++ b/sys/net/pf_ioctl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pf_ioctl.c,v 1.402 2023/04/29 10:25:32 kn Exp $ */
+/* $OpenBSD: pf_ioctl.c,v 1.403 2023/05/03 10:32:48 kn Exp $ */
/*
* Copyright (c) 2001 Daniel Hartmeier
@@ -858,6 +858,8 @@ pf_commit_rules(u_int32_t version, char *anchor)
struct pf_rulequeue *old_rules;
u_int32_t old_rcount;
+ PF_ASSERT_LOCKED();
+
rs = pf_find_ruleset(anchor);
if (rs == NULL || !rs->rules.inactive.open ||
version != rs->rules.inactive.version)
@@ -2151,13 +2153,11 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
struct pf_ruleset *ruleset;
struct pf_anchor *anchor;
- NET_LOCK();
PF_LOCK();
pr->path[sizeof(pr->path) - 1] = '\0';
if ((ruleset = pf_find_ruleset(pr->path)) == NULL) {
error = EINVAL;
PF_UNLOCK();
- NET_UNLOCK();
goto fail;
}
pr->nr = 0;
@@ -2172,7 +2172,6 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
pr->nr++;
}
PF_UNLOCK();
- NET_UNLOCK();
break;
}
@@ -2182,13 +2181,11 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
struct pf_anchor *anchor;
u_int32_t nr = 0;
- NET_LOCK();
PF_LOCK();
pr->path[sizeof(pr->path) - 1] = '\0';
if ((ruleset = pf_find_ruleset(pr->path)) == NULL) {
error = EINVAL;
PF_UNLOCK();
- NET_UNLOCK();
goto fail;
}
pr->name[0] = '\0';
@@ -2210,7 +2207,6 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
}
}
PF_UNLOCK();
- NET_UNLOCK();
if (!pr->name[0])
error = EBUSY;
break;