Page MenuHomeFreeBSD

kp (Kristof Provost)
Troubleshooter

Projects (6)

User Details

User Since
Sep 28 2014, 7:22 PM (613 w, 5 d)

Recent Activity

Yesterday

kp added inline comments to D58021: pf: fix a crash on sendfile().
Fri, Jul 3, 12:36 PM
kp added a comment to D58021: pf: fix a crash on sendfile().

That looks pretty good to me, but I'd like to give Gleb some time to look as well. He's a lot more familiar with unmapped buffers than I am.

Fri, Jul 3, 12:35 PM
kp committed rGc9d98c013486: netlink: add const variants of NLA iteration macros (authored by iagrawal9990_gmail.com).
netlink: add const variants of NLA iteration macros
Fri, Jul 3, 8:40 AM

Wed, Jul 1

kp accepted D57866: pf: revert netlink commands back to enum.
Wed, Jul 1, 12:25 PM

Tue, Jun 30

kp committed rGb8c6f5811b2a: pflog: run VNET_SYSUNINIT in SI_SUB_PROTO_FIREWALL (authored by kp).
pflog: run VNET_SYSUNINIT in SI_SUB_PROTO_FIREWALL
Tue, Jun 30, 1:58 PM

Sun, Jun 28

kp committed rGe4f3ab161a9e: pflog: create bpf tapping points without ifnet(9) (authored by kp).
pflog: create bpf tapping points without ifnet(9)
Sun, Jun 28, 2:31 PM
kp closed D57851: pflog: create bpf tapping points without ifnet(9).
Sun, Jun 28, 2:31 PM

Fri, Jun 26

kp committed rG9de06f27b140: libpfctl: fix memory leak (authored by kp).
libpfctl: fix memory leak
Fri, Jun 26, 11:02 PM
kp committed rGf95439f6c9d0: libpfctl: retrieve family id only once (authored by kp).
libpfctl: retrieve family id only once
Fri, Jun 26, 11:02 PM
kp added a comment to D57851: pflog: create bpf tapping points without ifnet(9).
In D57851#1327098, @kp wrote:

Do you happen to know of a way to get an interface (struct ifnet) without AF_INET6? I used to use pflog0 for this, and now clearly can't any more. (The test for PR 288263 does that.)
Ideally I'd like to not remove the test, but without such an interface there's no point to it.

The whole point of the change, that now (after pfsync0 de-ifnetting) you can assert that any interface has IPv6 context. Lots of checks for that in netinet6 go away.

Fri, Jun 26, 10:17 PM
kp updated the diff for D57851: pflog: create bpf tapping points without ifnet(9).

Remove epoch cleanup.
Update failing test case to use pfsync0 iso. pflog0 (for now).

Fri, Jun 26, 10:16 PM
kp updated the diff for D57851: pflog: create bpf tapping points without ifnet(9).

mtx -> sx

Fri, Jun 26, 5:59 PM
kp added a comment to D57851: pflog: create bpf tapping points without ifnet(9).

Do you happen to know of a way to get an interface (struct ifnet) without AF_INET6? I used to use pflog0 for this, and now clearly can't any more. (The test for PR 288263 does that.)
Ideally I'd like to not remove the test, but without such an interface there's no point to it.

Fri, Jun 26, 5:56 PM
kp accepted D57865: libsysdecode: parse enums.
Fri, Jun 26, 2:58 PM
kp accepted D57866: pf: revert netlink commands back to enum.
Fri, Jun 26, 1:43 PM
kp added inline comments to D57865: libsysdecode: parse enums.
Fri, Jun 26, 1:04 PM
kp updated the diff for D57851: pflog: create bpf tapping points without ifnet(9).
  • locking fixes
  • man page improvement
  • fix pflogd to not look for a network interface
  • have /etc/rc.d/pflogd create extra log devices if required
Fri, Jun 26, 12:40 PM
kp added a comment to D57851: pflog: create bpf tapping points without ifnet(9).

My only concern is racyness of sysctl vs sysctl. The node and proc are marked CTLFLAG_MPSAFE, so they can execute in parallel. bpf_attach() doesn't have protection against duplicates, so we will leak one.

Ah, yeah, that's an issue.
I could remove the MPSAFE, but we probably don't want to rely on Giant, so that's not great either.

Fri, Jun 26, 8:28 AM

Thu, Jun 25

kp committed rGefcc183f9b0d: pflog: remove unused argument from pflogattach() (authored by kp).
pflog: remove unused argument from pflogattach()
Thu, Jun 25, 7:35 PM
kp requested review of D57851: pflog: create bpf tapping points without ifnet(9).
Thu, Jun 25, 7:32 PM

Wed, Jun 24

kp committed rG6c744621c720: truss: add AF_NETLINK syscall argument decoding support (authored by Ishan Agrawal <iagrawal9990@gmail.com>).
truss: add AF_NETLINK syscall argument decoding support
Wed, Jun 24, 2:51 PM
kp committed rG4c932a4d45fb: netlink: decode netlink message flags symbolically (authored by Ishan Agrawal <iagrawal9990@gmail.com>).
netlink: decode netlink message flags symbolically
Wed, Jun 24, 12:17 PM

Tue, Jun 23

kp committed rGf4e2f07f0cbc: pfsync: remove invalid panic (authored by kp).
pfsync: remove invalid panic
Tue, Jun 23, 6:47 AM
kp committed rG26a94ad8fb31: pfsync: remove invalid panic (authored by kp).
pfsync: remove invalid panic
Tue, Jun 23, 6:47 AM

Mon, Jun 22

kp added a comment to D57737: libpfctl: reset the snl(3) arena per netlink transaction.

Oh, thank you somehow I have missed it.

Thanks!

Mon, Jun 22, 11:15 AM
kp added a comment to D57737: libpfctl: reset the snl(3) arena per netlink transaction.

Yes. that's indeed a bug, but I fixed it two weeks ago: https://cgit.freebsd.org/src/commit/?id=fcb31b57112425a4eb64241651a0206108105298

Mon, Jun 22, 10:58 AM

Sat, Jun 20

kp accepted D57696: if_ovpn: Fix a lock leak in an error path.
Sat, Jun 20, 3:57 AM

Wed, Jun 17

kp abandoned D52851: vxlan: support VNET.
Wed, Jun 17, 7:59 PM
kp abandoned D52852: vxlan: support moving to a different vnet.
Wed, Jun 17, 7:58 PM
kp abandoned D52853: vxlan tests: move a vxlan interface into a jail.
Wed, Jun 17, 7:58 PM
kp accepted D57550: iflib: handle transient errors from isc_txd_encap().
Wed, Jun 17, 7:45 PM
kp committed rGe2903636a069: iflib: Fix mbufs leaked by 0 len packets emitted from the if driver (authored by linnemannr_gmail.com).
iflib: Fix mbufs leaked by 0 len packets emitted from the if driver
Wed, Jun 17, 7:31 PM
kp closed D57537: iflib: Fix mbufs leaked by 0 len packets emitted from the if driver.
Wed, Jun 17, 7:31 PM · network
kp added a comment to D57537: iflib: Fix mbufs leaked by 0 len packets emitted from the if driver.

@gallatin Do you want to commit this, or should I? (Reid doesn't have a bit, so someone else needs to.)

If you could push it, that would be great.

Will do.

Wed, Jun 17, 6:12 PM · network
kp added a comment to D57537: iflib: Fix mbufs leaked by 0 len packets emitted from the if driver.

It took me a while, but I think your patch is correct.

Wed, Jun 17, 4:54 PM · network

Tue, Jun 16

kp accepted D57608: pfctl: pfctl_get_astats() doesn't set errno.
Tue, Jun 16, 4:49 PM

Fri, Jun 12

kp committed rGfcb31b571124: libpfctl: fix memory leak (authored by kp).
libpfctl: fix memory leak
Fri, Jun 12, 11:54 AM
kp committed rG2a478dfc7f9c: libpfctl: retrieve family id only once (authored by kp).
libpfctl: retrieve family id only once
Fri, Jun 12, 11:54 AM

Thu, Jun 11

kp committed rGa9ebef44a473: pf: switch to getmicro(up)time() (authored by kp).
pf: switch to getmicro(up)time()
Thu, Jun 11, 8:29 PM

Wed, Jun 10

kp committed rGb0f75189f6cb: pfdenied: fix checking root anchor (authored by kp).
pfdenied: fix checking root anchor
Wed, Jun 10, 7:49 AM
kp committed rG4df539cc3864: pfdenied: fix checking root anchor (authored by kp).
pfdenied: fix checking root anchor
Wed, Jun 10, 7:49 AM

Mon, Jun 8

kp committed rG035e87247f84: pfsync: remove invalid panic (authored by kp).
pfsync: remove invalid panic
Mon, Jun 8, 9:08 AM

Fri, Jun 5

kp accepted D57408: tests/pf/route_to: check_random: rely on test timeout to fail.
Fri, Jun 5, 12:10 PM

Jun 3 2026

kp committed rG3d9cd10b2857: pfdenied: fix checking root anchor (authored by kp).
pfdenied: fix checking root anchor
Jun 3 2026, 1:16 PM
kp committed rG017690e50913: netpfil: add PF netlink command decoding support (authored by Ishan Agrawal <iagrawal9990@gmail.com>).
netpfil: add PF netlink command decoding support
Jun 3 2026, 1:16 PM

May 28 2026

kp committed rG45aaba521c3b: pf: fix incorrect table decoding in netlink (authored by kp).
pf: fix incorrect table decoding in netlink
May 28 2026, 11:38 AM

May 26 2026

kp committed rGfda33ae0a1ac: snmp_pf: fix refresh (authored by kp).
snmp_pf: fix refresh
May 26 2026, 9:07 AM
kp committed rGe0d4064bcae3: snmp_pf: fix refresh (authored by kp).
snmp_pf: fix refresh
May 26 2026, 9:01 AM

May 21 2026

kp committed rG64327f769cee: pf: fix incorrect table decoding in netlink (authored by kp).
pf: fix incorrect table decoding in netlink
May 21 2026, 9:20 PM
kp committed rGe4130ac13d2f: pf: switch to getmicro(up)time() (authored by kp).
pf: switch to getmicro(up)time()
May 21 2026, 9:20 PM

May 16 2026

kp committed rG9d0b771caa49: pfctl: relax interface name requirement (authored by kp).
pfctl: relax interface name requirement
May 16 2026, 4:45 PM
kp committed rGe5536b061033: pfctl: relax interface name requirement (authored by kp).
pfctl: relax interface name requirement
May 16 2026, 4:45 PM

May 12 2026

kp committed rG91d1c1c2b1e7: pfsync: reject invalid SCTP states (authored by kp).
pfsync: reject invalid SCTP states
May 12 2026, 4:46 PM
kp committed rG8d583858e499: pfsync: reject invalid SCTP states (authored by kp).
pfsync: reject invalid SCTP states
May 12 2026, 4:45 PM

May 9 2026

kp committed rGfab9bfc92751: pf: do not reject rules with colliding hashes (authored by kp).
pf: do not reject rules with colliding hashes
May 9 2026, 1:31 PM
kp committed rG0cd655f71b46: pf: do not reject rules with colliding hashes (authored by kp).
pf: do not reject rules with colliding hashes
May 9 2026, 1:31 PM

May 7 2026

kp committed rG4e7c1ff95a51: pfctl: relax interface name requirement (authored by kp).
pfctl: relax interface name requirement
May 7 2026, 4:24 PM
kp committed rG726ff260ecfa: pfctl: optionally print the rule in the state overview (authored by kp).
pfctl: optionally print the rule in the state overview
May 7 2026, 4:24 PM

May 5 2026

kp committed rGc24b1d9359b8: pfctl: handle errors from PFNL_CMD_GETSTATES (authored by kp).
pfctl: handle errors from PFNL_CMD_GETSTATES
May 5 2026, 9:26 PM
kp committed rGa0e4c65f1814: pf: do not reject rules with colliding hashes (authored by kp).
pf: do not reject rules with colliding hashes
May 5 2026, 9:26 PM
kp closed D56745: pf: do not reject rules with colliding hashes.
May 5 2026, 9:26 PM
kp committed rG730fb48f1387: pf: improve ASCONF chunk validation (authored by kp).
pf: improve ASCONF chunk validation
May 5 2026, 4:26 PM
kp committed rG9fe189c79a81: pf: improve ASCONF chunk validation (authored by kp).
pf: improve ASCONF chunk validation
May 5 2026, 4:26 PM
kp accepted D56778: if_vlan: Use the exclusive lock everywhere.
May 5 2026, 9:12 AM
kp committed rGbf6d00afdb61: pfsync: reject invalid SCTP states (authored by kp).
pfsync: reject invalid SCTP states
May 5 2026, 8:35 AM

May 1 2026

kp committed R11:a1f2cc4491c3: net/libpfctl: add 15.1, remove 13.5 (authored by kp).
net/libpfctl: add 15.1, remove 13.5
May 1 2026, 9:13 PM

Apr 30 2026

kp requested review of D56745: pf: do not reject rules with colliding hashes.
Apr 30 2026, 11:44 AM

Apr 29 2026

kp committed rGbf1529d83918: netlink: fix LINT-NOVIMAGE build (authored by kp).
netlink: fix LINT-NOVIMAGE build
Apr 29 2026, 7:58 AM

Apr 28 2026

kp committed rG47c12f20bf58: pf: only allow a subset of netlink calls when securelevel is set (authored by kp).
pf: only allow a subset of netlink calls when securelevel is set
Apr 28 2026, 4:05 PM
kp committed rGff141ea17cb7: pf: do not allow flags to be changed with securelevel set (authored by kp).
pf: do not allow flags to be changed with securelevel set
Apr 28 2026, 4:05 PM
kp committed rGafbda5806304: pf: do not allow flags to be changed with securelevel set (authored by kp).
pf: do not allow flags to be changed with securelevel set
Apr 28 2026, 4:05 PM
kp committed rGbea1c2fcd783: pf: improve ASCONF chunk validation (authored by kp).
pf: improve ASCONF chunk validation
Apr 28 2026, 1:31 PM

Apr 26 2026

kp committed rGfdcc60f52841: pf: fix duplicate rule detection for automatic tables (authored by kp).
pf: fix duplicate rule detection for automatic tables
Apr 26 2026, 10:13 AM
kp committed rG4fc1503f8617: pf: fix duplicate rule detection for automatic tables (authored by kp).
pf: fix duplicate rule detection for automatic tables
Apr 26 2026, 10:13 AM

Apr 25 2026

kp committed rG4001613878fe: pfsync: rename unused variable (authored by kp).
pfsync: rename unused variable
Apr 25 2026, 12:48 PM
kp added inline comments to D56564: offload: Compute and insert checksums as late as possible.
Apr 25 2026, 12:32 PM

Apr 23 2026

kp committed rGfb8383527517: pf: fix duplicate rule detection for automatic tables (authored by kp).
pf: fix duplicate rule detection for automatic tables
Apr 23 2026, 11:47 AM
kp accepted D56559: pf: Document broadcast/multicast forwarding through route-to.

I suppose we could spell the example rules like this too:
block out quick on $wan from any to { 255.255.255.255, ($wan:broadcast), 224.0.0.0/4, ff00::/8 } received-on any
but they're fine as they are. They result in the same rules in the kernel anyway.

Apr 23 2026, 9:00 AM · pfsense
kp committed rG3103d39cd99f: netlink: fix LINT-NOVIMAGE build (authored by kp).
netlink: fix LINT-NOVIMAGE build
Apr 23 2026, 7:38 AM

Apr 22 2026

kp added a comment to D56559: pf: Document broadcast/multicast forwarding through route-to.

There are good arguments for both blocking and allowing this I believe.
I'm not entirely sure where I fall. On the one hand, yes, users should be allowed to shoot themselves in the foot if they really want to, but on the other hand, it's non-obvious that this will happen. There are going to be a lot more users in the "I didn't want this to happen but it did" camp than there'd be in the "I want to do this dumb thing and pf won't let me." camp.

Apr 22 2026, 12:44 PM · pfsense
kp added a comment to D56563: divert: Define semantics for SO_REUSEPORT_LB on divert sockets.

The pf change looks fine to me.

Apr 22 2026, 8:48 AM

Apr 21 2026

kp committed rG07a3501e6c85: loopback: fix use-after-free (authored by kp).
loopback: fix use-after-free
Apr 21 2026, 11:33 AM
kp committed rG9933bdcb1264: pf: only allow a subset of netlink calls when securelevel is set (authored by kp).
pf: only allow a subset of netlink calls when securelevel is set
Apr 21 2026, 11:33 AM
kp committed rGd5ca00f2d874: pf: do not allow flags to be changed with securelevel set (authored by kp).
pf: do not allow flags to be changed with securelevel set
Apr 21 2026, 11:33 AM
kp closed D56390: pf: only allow a subset of netlink calls when securelevel is set.
Apr 21 2026, 11:33 AM

Apr 20 2026

kp added a comment to D54817: Committer's Guide: Add project's AI policy and link to AI guide.

Maybe we should rename ai-policy to ai-note. During the many and length meetings, discussions, a "policy" cannot please everyone.

The current situation and the truth is that people are already using it, and we can't stop them. A strong "NO" will just let some people lie and pretend not using it, or worse, we lost some good contributions.

Apr 20 2026, 9:36 PM
kp accepted D56501: pf: Use MTX_DUPOK to initialize hash chain mutexes.
Apr 20 2026, 4:12 PM
kp added inline comments to D56501: pf: Use MTX_DUPOK to initialize hash chain mutexes.
Apr 20 2026, 3:24 PM
kp committed rG18de44e7b442: pfctl: fix man page and error message for -S option (authored by ross_ross-williams.net).
pfctl: fix man page and error message for -S option
Apr 20 2026, 2:25 PM
kp committed rG19eecf94fa16: pfctl: clarify usage of load option flags (authored by ross_ross-williams.net).
pfctl: clarify usage of load option flags
Apr 20 2026, 2:25 PM
kp committed rGff76ec3e9b28: pf: be more robust against interface name conflicts (authored by kp).
pf: be more robust against interface name conflicts
Apr 20 2026, 2:25 PM
kp updated the diff for D56390: pf: only allow a subset of netlink calls when securelevel is set.

If we tweak it slightly I guess we can express everything we need.
So here's a version where we deny the call from the indicated securelevel on up,
and don't do anything if the value is 0

Apr 20 2026, 2:20 PM

Apr 19 2026

kp added a comment to D56501: pf: Use MTX_DUPOK to initialize hash chain mutexes.

I did see a warning about that recently but didn't investigate too much. This (with Gleb's remark) makes sense.

Apr 19 2026, 9:37 AM

Apr 17 2026

kp committed rG3c9cd6e4dc59: pf: use correct address family in pfr_pool_get() (authored by kp).
pf: use correct address family in pfr_pool_get()
Apr 17 2026, 11:56 AM
kp committed rG5b7192230a15: pf: pf_frag_compare() should not be using subtraction to compare fragment IDs (authored by kp).
pf: pf_frag_compare() should not be using subtraction to compare fragment IDs
Apr 17 2026, 11:56 AM
kp committed rG05ac1013984c: pf: fix error handling in pf_sourcelim_add() (authored by kp).
pf: fix error handling in pf_sourcelim_add()
Apr 17 2026, 11:56 AM
kp committed rG6f8ea66cbcf2: pfctl: fix how source and state limiters are wired into rbtrees (authored by kp).
pfctl: fix how source and state limiters are wired into rbtrees
Apr 17 2026, 11:56 AM
kp committed rG13b4a14c719a: libpfctl: fix add state/source limiter (authored by kp).
libpfctl: fix add state/source limiter
Apr 17 2026, 11:56 AM
kp committed rG95fe1ba5579d: pf tests: test having multiple state limiters (authored by kp).
pf tests: test having multiple state limiters
Apr 17 2026, 11:56 AM

Apr 16 2026

kp added a comment to D56390: pf: only allow a subset of netlink calls when securelevel is set.

The previous version (modulo the mistake) looked better. What's the point in the additional bool? All existing declarations rely on sparse initialization, so would have .cmd_securelevel = 0 always. If you add cmd_securelevel_set, it would be .cmd_securelevel_set = false. Thus, checking .cmd_securelevel_set for being true has no difference to checking .cmd_securelevel to be positive. I'd suggest to just do the securelevel_gt() check unconditionally.

P.S. Of course the inverted logic of securelevel_gt() really blows one's mind.

Apr 16 2026, 8:26 AM