From 128c3c8c87582da19c1b4f60c191a69b1d4207df Mon Sep 17 00:00:00 2001
From: kn <kn@openbsd.org>
Date: Thu, 18 May 2023 14:11:18 +0000
Subject: [PATCH] Assert pf lock on interface handling

Make sure that all hooks into pf's internal list of interfaces do happen
with the pf lock held, i.e. nothing relies on the net lock alone, so that
later unlocking can then rely on it.

Full i386 regress (thanks bluhm) and daily usage are fine
OK sashan
---
 sys/net/pf_if.c | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/sys/net/pf_if.c b/sys/net/pf_if.c
index 9722484e544..74661507497 100644
--- a/sys/net/pf_if.c
+++ b/sys/net/pf_if.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pf_if.c,v 1.109 2022/11/22 22:28:40 sashan Exp $ */
+/*	$OpenBSD: pf_if.c,v 1.110 2023/05/18 14:11:18 kn Exp $ */
 
 /*
  * Copyright 2005 Henning Brauer <henning@openbsd.org>
@@ -157,6 +157,8 @@ pfi_kif_find(const char *kif_name)
 {
 	struct pfi_kif_cmp	 s;
 
+	PF_ASSERT_LOCKED();
+
 	memset(&s, 0, sizeof(s));
 	strlcpy(s.pfik_name, kif_name, sizeof(s.pfik_name));
 	return (RB_FIND(pfi_ifhead, &pfi_ifs, (struct pfi_kif *)&s));
@@ -167,6 +169,8 @@ pfi_kif_get(const char *kif_name, struct pfi_kif **prealloc)
 {
 	struct pfi_kif		*kif;
 
+	PF_ASSERT_LOCKED();
+
 	if ((kif = pfi_kif_find(kif_name)))
 		return (kif);
 
@@ -187,6 +191,8 @@ pfi_kif_get(const char *kif_name, struct pfi_kif **prealloc)
 void
 pfi_kif_ref(struct pfi_kif *kif, enum pfi_kif_refs what)
 {
+	PF_ASSERT_LOCKED();
+
 	switch (what) {
 	case PFI_KIF_REF_RULE:
 		kif->pfik_rules++;
@@ -214,6 +220,8 @@ pfi_kif_unref(struct pfi_kif *kif, enum pfi_kif_refs what)
 	if (kif == NULL)
 		return;
 
+	PF_ASSERT_LOCKED();
+
 	switch (what) {
 	case PFI_KIF_REF_NONE:
 		break;
@@ -801,6 +809,8 @@ pfi_skip_if(const char *filter, struct pfi_kif *p)
 	struct ifg_list	*i;
 	int		 n;
 
+	PF_ASSERT_LOCKED();
+
 	if (filter == NULL || !*filter)
 		return (0);
 	if (!strcmp(p->pfik_name, filter))
@@ -823,6 +833,8 @@ pfi_set_flags(const char *name, int flags)
 	struct pfi_kif	*p;
 	size_t	n;
 
+	PF_ASSERT_LOCKED();
+
 	if (name != NULL && name[0] != '\0') {
 		p = pfi_kif_find(name);
 		if (p == NULL) {
@@ -862,6 +874,8 @@ pfi_clear_flags(const char *name, int flags)
 {
 	struct pfi_kif	*p, *w;
 
+	PF_ASSERT_LOCKED();
+
 	if (name != NULL && name[0] != '\0') {
 		p = pfi_kif_find(name);
 		if (p != NULL) {
@@ -899,6 +913,8 @@ pfi_xcommit(void)
 	struct ifnet	*ifp;
 	size_t n;
 
+	PF_ASSERT_LOCKED();
+
 	RB_FOREACH(p, pfi_ifhead, &pfi_ifs) {
 		p->pfik_flags = p->pfik_flags_new;
 		n = strlen(p->pfik_name);
-- 
2.20.1