diff options
author | Gleb Smirnoff <glebius@FreeBSD.org> | 2021-10-10 17:02:26 +0000 |
---|---|---|
committer | Gleb Smirnoff <glebius@FreeBSD.org> | 2021-10-22 21:40:53 +0000 |
commit | c8ee75f2315e8267ad814dc5b4645ef205f0e0e1 (patch) | |
tree | 30e480de346acf793e0f49a25400e6358dc3a90d /sys/netpfil/pf/pf.c | |
parent | c2426723394ba9ab8ffa0d69bd132af1aaa2ea12 (diff) | |
download | src-c8ee75f2315e8267ad814dc5b4645ef205f0e0e1.tar.gz src-c8ee75f2315e8267ad814dc5b4645ef205f0e0e1.zip |
Use network epoch to protect local IPv4 addresses hash.
The modification to the hash are already naturally locked by
in_control_sx. Convert the hash lists to CK lists. Remove the
in_ifaddr_rmlock. Assert the network epoch where necessary.
Most cases when the hash lookup is done the epoch is already entered.
Cover a few cases, that need entering the epoch, which mostly is
initial configuration of tunnel interfaces and multicast addresses.
Reviewed by: melifaro
Differential revision: https://reviews.freebsd.org/D32584
Diffstat (limited to 'sys/netpfil/pf/pf.c')
-rw-r--r-- | sys/netpfil/pf/pf.c | 17 |
1 files changed, 3 insertions, 14 deletions
diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 17253373628c..bb7667a3e270 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -1593,20 +1593,9 @@ pf_isforlocal(struct mbuf *m, int af) switch (af) { #ifdef INET case AF_INET: { - struct rm_priotracker in_ifa_tracker; - struct ip *ip; - struct in_ifaddr *ia = NULL; - - ip = mtod(m, struct ip *); - IN_IFADDR_RLOCK(&in_ifa_tracker); - LIST_FOREACH(ia, INADDR_HASH(ip->ip_dst.s_addr), ia_hash) { - if (IA_SIN(ia)->sin_addr.s_addr == ip->ip_dst.s_addr) { - IN_IFADDR_RUNLOCK(&in_ifa_tracker); - return (true); - } - } - IN_IFADDR_RUNLOCK(&in_ifa_tracker); - break; + struct ip *ip = mtod(m, struct ip *); + + return (in_localip(ip->ip_dst)); } #endif #ifdef INET6 |