diff options
| author | Kristof Provost <kp@FreeBSD.org> | 2026-04-20 09:22:13 +0000 |
|---|---|---|
| committer | Kristof Provost <kp@FreeBSD.org> | 2026-04-20 12:50:40 +0000 |
| commit | ff76ec3e9b287df9378f09ce29eca668162903f4 (patch) | |
| tree | a928cb1d89b0865fee0ec3baba2eeafe18a49203 | |
| parent | 4cdbcc2b6a2e551529f7133665ef406869b48bf7 (diff) | |
pf: be more robust against interface name conflicts
pf assumes that interface names are unique (and share a namespace with
interface group names).
Unfortunately the FreeBSD network stack has a few edge cases where this
assumption can be violated. Try to be more robust against this: rather
than changing the association between a kif and ifp just ignore the next
interface with the same name.
Sponsored by: Rubicon Communications, LLC ("Netgate")
| -rw-r--r-- | sys/netpfil/pf/pf_if.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/sys/netpfil/pf/pf_if.c b/sys/netpfil/pf/pf_if.c index 5288de3d78a0..507879004b17 100644 --- a/sys/netpfil/pf/pf_if.c +++ b/sys/netpfil/pf/pf_if.c @@ -498,8 +498,15 @@ pfi_attach_ifnet(struct ifnet *ifp, struct pfi_kkif *kif) V_pfi_update++; kif = pfi_kkif_attach(kif, ifp->if_xname); + if (kif->pfik_ifp != NULL && kif->pfik_ifp != ifp) { + /* Try to not panic later. */ + printf("WARNING: pf: duplicate interface name detected: %s\n", + if_name(ifp)); + return; + } if_ref(ifp); kif->pfik_ifp = ifp; + MPASS(ifp->if_pf_kif == NULL); ifp->if_pf_kif = kif; pfi_kkif_update(kif); } |