Page MenuHomeFreeBSD
Differential D19558

pf :Use counter(9) in pf tables.
ClosedPublic
Actions

Authored by kp on Mar 12 2019, 12:45 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Apr 18, 12:17 PM
Unknown Object (File)
Jan 11 2024, 7:56 PM
Unknown Object (File)
Dec 23 2023, 3:49 AM
Unknown Object (File)
Dec 19 2023, 6:36 PM
Unknown Object (File)
Sep 16 2023, 9:11 PM
Unknown Object (File)
Sep 16 2023, 9:10 PM
Unknown Object (File)
Sep 15 2023, 2:59 PM
Unknown Object (File)
Sep 15 2023, 2:57 PM
View All 24 Files
Subscribers
ae
farrokhi
glebius
imp

Details

Reviewers
glebius
Group Reviewers
network
Commits
rS345177: pf :Use counter(9) in pf tables.
Summary

The counters of pf tables are updated outside the rule lock. That means state
updates might overwrite each other. Furthermore allocation and
freeing of counters happens outside the lock as well.

Use counter(9) for the counters, and always allocate the counter table
element, so that the race condition cannot happen any more.

Submitted by: Kajetan Staszkiewicz <vegeta@tuxpowered.net>
PR: 230619

Diff Detail

Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 23032
Build 22103: arc lint + arc unit

Event Timeline

kp created this revision.Mar 12 2019, 12:45 PM
Herald added subscribers: farrokhi, ae. · View Herald TranscriptMar 12 2019, 12:45 PM
Harbormaster completed remote builds in B23032: Diff 54970.Mar 12 2019, 12:45 PM
kp added a reviewer: network.Mar 12 2019, 12:46 PM
kp edited the summary of this revision. (Show Details)
glebius accepted this revision.Mar 12 2019, 9:35 PM
glebius added a subscriber: glebius.
glebius added inline comments.
sys/netpfil/pf/pf_table.c
794

Let's put a comment that previous allocation isn't leaked, since any failure of ​pfr_create_kentry_counter() is followed by pfr_destroy_kentry(ke).

This revision is now accepted and ready to land.Mar 12 2019, 9:35 PM
kp updated this revision to Diff 55023.Mar 13 2019, 4:17 PM

Add comment

This revision now requires review to proceed.Mar 13 2019, 4:17 PM
Harbormaster completed remote builds in B23064: Diff 55023.Mar 13 2019, 4:17 PM
This revision was not accepted when it landed; it landed in state Needs Review.Mar 15 2019, 11:09 AM
Closed by commit rS345177: pf :Use counter(9) in pf tables. (authored by kp). · Explain Why
This revision was automatically updated to reflect the committed changes.
Herald added a subscriber: imp. · View Herald TranscriptMar 15 2019, 11:09 AM

Revision Contents
Changeset List

PathSize
sys/
net/
37 lines
netpfil/
pf/
223 lines

Diff 54970

View Options

sys/net/pfvar.h

Loading...
View Options

sys/netpfil/pf/pf_table.c

Loading...