From 8cfc1ee57a049402d88ef882a298a1628e046446 Mon Sep 17 00:00:00 2001 From: kn Date: Thu, 27 Apr 2023 12:10:30 +0000 Subject: [PATCH] Remove net lock from DIOCGETTIMEOUT 'pfctl -s timeouts' values are only used inside of pf, entirely protected by the pf lock through the ioctl interface; the net lock is useless. Previous attempts to remove net lock usage showed that the pf lock cannot yet entirely replace it, so start with small pieces like this one. Contrary to IPv4/6 read-only ioctls, some pf ioctls without FWRITE flag do modify internal pf state, which is not entirely obvious when approached from the ioctl layer. OK sashan dlg --- sys/net/pf_ioctl.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c index 8045a818d03..b427365c362 100644 --- a/sys/net/pf_ioctl.c +++ b/sys/net/pf_ioctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pf_ioctl.c,v 1.398 2023/04/26 19:54:35 mvs Exp $ */ +/* $OpenBSD: pf_ioctl.c,v 1.399 2023/04/27 12:10:30 kn Exp $ */ /* * Copyright (c) 2001 Daniel Hartmeier @@ -2047,11 +2047,9 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p) error = EINVAL; goto fail; } - NET_LOCK(); PF_LOCK(); pt->seconds = pf_default_rule.timeout[pt->timeout]; PF_UNLOCK(); - NET_UNLOCK(); break; } -- 2.20.1