Differential D33874

pf: protect the rpool from races
ClosedPublic
Actions

Authored by kp on Jan 13 2022, 10:06 AM.

Tags

None

Referenced Files

	F150241504: D33874.id.diff
	Mon, Mar 30, 1:31 PM

	Unknown Object (File)
	Mon, Mar 30, 2:59 AM

	Unknown Object (File)
	Sat, Mar 28, 7:06 AM

	Unknown Object (File)
	Fri, Mar 27, 10:53 PM

	Unknown Object (File)
	Thu, Mar 26, 12:25 PM

	Unknown Object (File)
	Thu, Mar 26, 11:14 AM

	Unknown Object (File)
	Wed, Mar 25, 8:39 PM

	Unknown Object (File)
	Fri, Mar 20, 7:29 AM

Subscribers

Details

Reviewers

Group Reviewers

network
pfsense

Commits

rG650607380c58: pf: protect the rpool from races
rGa9f1b6ccfa82: pf: protect the rpool from races
rG5f5e32f1b394: pf: protect the rpool from races

Summary

The roundrobin pool stores its state in the rule, which could
potentially lead to invalid addresses being returned.

For example, thread A just executed PF_AINC(&rpool->counter) and
immediately afterwards thread B executes PF_ACPY(naddr, &rpool->counter)
(i.e. after the pf_match_addr() check of rpool->counter).

Lock the rpool with its own mutex to prevent these races. The
performance impact of this is expected to be low, as each rule has its
own lock, and the lock is also only relevant when state is being created
(so only for the initial packets of a connection, not for all traffic).

See also: https://redmine.pfsense.org/issues/12660
MFC after: 3 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Passed

Unit

No Test Coverage

Build Status

Buildable 43897
Build 40785: arc lint + arc unit

Event Timeline

kp created this revision.Jan 13 2022, 10:06 AM

Herald added subscribers: glebius, melifaro, farrokhi and 2 others. · View Herald TranscriptJan 13 2022, 10:06 AM

kp requested review of this revision.Jan 13 2022, 10:06 AM

Harbormaster completed remote builds in B43897: Diff 101408.Jan 13 2022, 10:06 AM

Thanks for addressing this long time problem!

This revision is now accepted and ready to land.Jan 13 2022, 4:52 PM

Closed by commit rG5f5e32f1b394: pf: protect the rpool from races (authored by kp). · Explain WhyJan 14 2022, 9:31 AM

This revision was automatically updated to reflect the committed changes.

kp added a commit: rG5f5e32f1b394: pf: protect the rpool from races.

kp added a commit: rGa9f1b6ccfa82: pf: protect the rpool from races.Feb 4 2022, 2:23 PM

kp added a commit: rG650607380c58: pf: protect the rpool from races.

Revision Contents
Changeset List

Path

Size

sys/

net/

1 line

netpfil/

pf/

4 lines

46 lines

Diff 101408

sys/net/pfvar.h

Loading...

sys/netpfil/pf/pf_ioctl.c

Loading...

sys/netpfil/pf/pf_lb.c

Loading...