Diffusion FreeBSD src repository 0578fe492284

pf: rework pf_icmp_state_lookup() failure mode
0578fe492284
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

pf: rework pf_icmp_state_lookup() failure mode

If pf_icmp_state_lookup() finds a state but rejects it for not matching the
expected direction we should unlock the state (and NULL out *state). This
simplifies life for callers, and also ensures there's no confusion about what a
non-NULL returned state means.

Previously it could have been left in there by the caller, resulting in callers
unlocking the same state twice.

MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")

Details

Provenance

kp	Authored on Aug 30 2024, 11:36 AM

Parents

rG3da3eb6081a2: pf: be less strict about icmp state checking for sloppy state tracking

Branches

Unknown

Tags

Unknown

Event Timeline

kp committed rG0578fe492284: pf: rework pf_icmp_state_lookup() failure mode (authored by kp).Sep 1 2024, 3:05 PM

kp mentioned this in rGd6e5f8643d37: pf: rework pf_icmp_state_lookup() failure mode.Sep 4 2024, 8:53 AM

kp mentioned this in rG38f74de7184a: pf: rework pf_icmp_state_lookup() failure mode.

kp mentioned this in rGe893ec49afb2: pf: rework pf_icmp_state_lookup() failure mode.Sep 5 2024, 7:36 AM

markj mentioned this in rG1e965d5399e1: pf: rework pf_icmp_state_lookup() failure mode.Sep 19 2024, 1:03 PM

markj mentioned this in rG413ae023b056: pf: rework pf_icmp_state_lookup() failure mode.

markj mentioned this in rGea9257bcd0e1: pf: rework pf_icmp_state_lookup() failure mode.Sep 19 2024, 1:09 PM

Changes (2)

Path

Size

sys/

net/

netpfil/

pf/

rG0578fe492284

sys/net/pfvar.h

Loading...

sys/netpfil/pf/pf.c

Loading...