From 153e09568d984c61776793ceaa1e574638a215d8 Mon Sep 17 00:00:00 2001 From: Sepherosa Ziehau Date: Tue, 16 Sep 2008 11:24:57 +0000 Subject: [PATCH] Bump ipfw static rules generation when set/clear IPFW_FULE_F_STATE to avoid possible races if network thread slept on dyn_lock (e.g. to install state) --- sys/net/ipfw/ip_fw2.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/sys/net/ipfw/ip_fw2.c b/sys/net/ipfw/ip_fw2.c index c5de1f0ae9..d01886d6e8 100644 --- a/sys/net/ipfw/ip_fw2.c +++ b/sys/net/ipfw/ip_fw2.c @@ -23,7 +23,7 @@ * SUCH DAMAGE. * * $FreeBSD: src/sys/netinet/ip_fw2.c,v 1.6.2.12 2003/04/08 10:42:32 maxim Exp $ - * $DragonFly: src/sys/net/ipfw/ip_fw2.c,v 1.84 2008/09/15 05:11:02 sephe Exp $ + * $DragonFly: src/sys/net/ipfw/ip_fw2.c,v 1.85 2008/09/16 11:24:57 sephe Exp $ */ #define DEB(x) @@ -2597,6 +2597,9 @@ ipfw_enable_state_dispatch(struct netmsg *nmsg) { struct lwkt_msg *lmsg = &nmsg->nm_lmsg; struct ip_fw *rule = lmsg->u.ms_resultp; + struct ipfw_context *ctx = ipfw_ctx[mycpuid]; + + ctx->ipfw_gen++; KKASSERT(rule->cpuid == mycpuid); KKASSERT(rule->stub != NULL && rule->stub->rule[mycpuid] == rule); @@ -2789,8 +2792,11 @@ static void ipfw_disable_rule_state_dispatch(struct netmsg *nmsg) { struct netmsg_del *dmsg = (struct netmsg_del *)nmsg; + struct ipfw_context *ctx = ipfw_ctx[mycpuid]; struct ip_fw *rule; + ctx->ipfw_gen++; + rule = dmsg->start_rule; if (rule != NULL) { KKASSERT(rule->cpuid == mycpuid); @@ -2801,8 +2807,6 @@ ipfw_disable_rule_state_dispatch(struct netmsg *nmsg) */ dmsg->start_rule = rule->sibling; } else { - struct ipfw_context *ctx = ipfw_ctx[mycpuid]; - KKASSERT(dmsg->rulenum == 0); rule = ctx->ipfw_layer3_chain; } @@ -3062,6 +3066,8 @@ ipfw_disable_ruleset_state_dispatch(struct netmsg *nmsg) int cleared = 0; #endif + ctx->ipfw_gen++; + for (rule = ctx->ipfw_layer3_chain; rule; rule = rule->next) { if (rule->set == dmsg->from_set) { #ifdef INVARIANTS -- 2.41.0