artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ab72b8b) | patch
Protect sbappendaddr() in divert_packet() with kernel lock. With
authorbluhm <bluhm@openbsd.org>
Mon, 9 May 2022 19:33:46 +0000 (19:33 +0000)
committerbluhm <bluhm@openbsd.org>
Mon, 9 May 2022 19:33:46 +0000 (19:33 +0000)
commitddfdd69b7d10ca2e51fb57f397dd2e190b205350
tree4efbd8f0638a665321a47be8dadd3ff34f58879ctree | snapshot
parentab72b8b8c221a7e276a078466106e0297ab6d900commit | diff
Protect sbappendaddr() in divert_packet() with kernel lock.  With
divert-packet rules pf calls directly from IP layer to protocol
layer.  As the former has only shared net lock, additional protection
against parallel access is needed.  Kernel lock is a temporary
workaround until the socket layer is MP safe.
discussed with kettenis@ mvs@
sys/netinet/ip_divert.c diff | blob | history
sys/netinet6/ip6_divert.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim