From b143a7c7bfe3d93e117e597d08e1855b58f2449f Mon Sep 17 00:00:00 2001 From: mlaier Date: Fri, 8 Oct 2004 12:07:20 +0000 Subject: [PATCH] Change pfil starvation prevention from fail-open to fail-close. We return ENOBUF to indicate the problem, which is an errno that should be handled well everywhere. Requested & Submitted by: green Silently okay'ed by: The rest of the firewall gang MFC after: 3 days --- share/man/man9/pfil.9 | 6 +++++- sys/net/pfil.c | 12 ++++++++++-- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/share/man/man9/pfil.9 b/share/man/man9/pfil.9 index 293e605d1766..4416b3035bf3 100644 --- a/share/man/man9/pfil.9 +++ b/share/man/man9/pfil.9 @@ -203,8 +203,12 @@ When a .Vt pfil_head is being modified, no traffic is diverted (to avoid deadlock). -This means that unwanted traffic may flow for a short period +This means that traffic may be dropped unconditionally for a short period of time. +.Fn pfil_run_hooks +will return +.Dv ENOBUF +to indicate this. .Sh SEE ALSO .Xr bpf 4 , .Xr bridge 4 diff --git a/sys/net/pfil.c b/sys/net/pfil.c index f5fff2a8fcab..bfd382db6bed 100644 --- a/sys/net/pfil.c +++ b/sys/net/pfil.c @@ -119,8 +119,16 @@ pfil_run_hooks(struct pfil_head *ph, struct mbuf **mp, struct ifnet *ifp, struct mbuf *m = *mp; int rv = 0; - if (ph->ph_busy_count == -1 || ph->ph_want_write) - return (0); + /* + * Prevent packet filtering from starving the modification of + * the packet filters. We would prefer a reader/writer locking + * mechanism with guaranteed ordering, though. + */ + if (ph->ph_busy_count == -1 || ph->ph_want_write) { + m_freem(*mp); + *mp = NULL; + return (ENOBUFS); + } PFIL_RLOCK(ph); for (pfh = pfil_hook_get(dir, ph); pfh != NULL;