diff options
| author | Kristof Provost <kp@FreeBSD.org> | 2021-06-14 12:04:02 +0000 |
|---|---|---|
| committer | Kristof Provost <kp@FreeBSD.org> | 2021-06-17 12:38:08 +0000 |
| commit | ea01d2bc1c5cfa2aed195e99dec08d36582121d2 (patch) | |
| tree | 313ae1096bd9e1441f71dcd994d50ec94e19b1f4 | |
| parent | 3a57bb60f4ad6afdfc0bbf833e7b6cf62a2038e8 (diff) | |
| download | src-ea01d2bc1c5cfa2aed195e99dec08d36582121d2.tar.gz src-ea01d2bc1c5cfa2aed195e99dec08d36582121d2.zip | |
pf: don't hold a lock during copyout()
copyout() can trigger page faults, so it may potentially sleep.
Reported by: avg
MFC after: 3 days
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit 8b5f4e692b1d1585ecfc6690552650114e3e704e)
| -rw-r--r-- | sys/netpfil/pf/pf_ioctl.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index 30f12da782e6..657c0e1945d3 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -2521,8 +2521,6 @@ DIOCADDRULENV_error: ERROUT(ENOSPC); } - error = copyout(nvlpacked, nv->data, nv->len); - if (clear_counter) { counter_u64_zero(rule->evaluations); for (int i = 0; i < 2; i++) { @@ -2533,6 +2531,8 @@ DIOCADDRULENV_error: } PF_RULES_WUNLOCK(); + error = copyout(nvlpacked, nv->data, nv->len); + #undef ERROUT DIOCGETRULENV_error: free(nvlpacked, M_NVLIST); |