diff options
| author | Kristof Provost <kp@FreeBSD.org> | 2021-06-14 12:04:02 +0000 |
|---|---|---|
| committer | Kristof Provost <kp@FreeBSD.org> | 2021-06-17 14:53:36 +0000 |
| commit | dddbe852320818451f004177d4ff887618adaa85 (patch) | |
| tree | 73dfa02e85d3044d4654f2d9960b3d1d31b819e7 | |
| parent | 719f6456fbdee54f94109f945d7d945b2abf9589 (diff) | |
| download | src-dddbe852320818451f004177d4ff887618adaa85.tar.gz src-dddbe852320818451f004177d4ff887618adaa85.zip | |
pf: don't hold a lock during copyout()
copyout() can trigger page faults, so it may potentially sleep.
Reported by: avg
MFC after: 3 days
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit 8b5f4e692b1d1585ecfc6690552650114e3e704e)
| -rw-r--r-- | sys/netpfil/pf/pf_ioctl.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c index 3a5a7601b51e..3d5ae03b5a11 100644 --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -2532,8 +2532,6 @@ DIOCADDRULENV_error: ERROUT(ENOSPC); } - error = copyout(nvlpacked, nv->data, nv->len); - if (clear_counter) { counter_u64_zero(rule->evaluations); for (int i = 0; i < 2; i++) { @@ -2544,6 +2542,8 @@ DIOCADDRULENV_error: } PF_RULES_WUNLOCK(); + error = copyout(nvlpacked, nv->data, nv->len); + #undef ERROUT DIOCGETRULENV_error: free(nvlpacked, M_NVLIST); |