Skip to content

Commit

Permalink
pf: fix panic on deferred packets
Browse files Browse the repository at this point in the history 
The pfsync_defer_tmo() callout needs to set the correct vnet before it
can transmit packets. It used the rcvif in the mbuf to get this vnet,
but that doesn't work for locally originated traffic. In that case the
rcvif pointer is NULL, and the dereference leads to a panic.

Instead use the sc_sync_if, which is always set (if pfsync is enabled,
at least).

PR:		268246
MFC after:	2 weeks

(cherry picked from commit fd02192)
  • Loading branch information
@kprovost @fichtner
kprovost authored and fichtner committed Jan 30, 2023
1 parent 0b23a1a commit 6b25257
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion sys/netpfil/pf/if_pfsync.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1822,8 +1822,11 @@ pfsync_defer_tmo(void *arg)

PFSYNC_BUCKET_LOCK_ASSERT(b);

if (sc->sc_sync_if == NULL)
return;

NET_EPOCH_ENTER(et);
CURVNET_SET(m->m_pkthdr.rcvif->if_vnet);
CURVNET_SET(sc->sc_sync_if->if_vnet);

TAILQ_REMOVE(&b->b_deferrals, pd, pd_entry);
b->b_deferred--;
Expand Down

0 comments on commit 6b25257

Please sign in to comment.