freebsd-skq/sys/netpfil/pf
Kristof Provost a0d571cbef pf: Must be in NET_EPOCH to call icmp_error
icmp_reflect(), called through icmp_error() requires us to be in NET_EPOCH.
Failure to hold it leads to the following panic (with INVARIANTS):

  panic: Assertion in_epoch(net_epoch_preempt) failed at /usr/src/sys/netinet/ip_icmp.c:742
  cpuid = 2
  time = 1571233273
  KDB: stack backtrace:
  db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe00e0977920
  vpanic() at vpanic+0x17e/frame 0xfffffe00e0977980
  panic() at panic+0x43/frame 0xfffffe00e09779e0
  icmp_reflect() at icmp_reflect+0x625/frame 0xfffffe00e0977aa0
  icmp_error() at icmp_error+0x720/frame 0xfffffe00e0977b10
  pf_intr() at pf_intr+0xd5/frame 0xfffffe00e0977b50
  ithread_loop() at ithread_loop+0x1c6/frame 0xfffffe00e0977bb0
  fork_exit() at fork_exit+0x80/frame 0xfffffe00e0977bf0
  fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe00e0977bf0

Note that we now enter NET_EPOCH twice if we enter ip_output() from pf_intr(),
but ip_output() will soon be converted to a function that requires epoch, so
entering NET_EPOCH directly from pf_intr() makes more sense.

Discussed with:	glebius@
2019-10-18 03:36:26 +00:00
..
if_pflog.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
if_pfsync.c Convert all IPv4 and IPv6 multicast memberships into using a STAILQ 2019-06-25 11:54:41 +00:00
in4_cksum.c SPDX: license IDs for some ISC-related files. 2017-12-08 15:57:29 +00:00
pf_altq.h Extended pf(4) ioctl interface and pfctl(8) to allow bandwidths of 2018-08-22 19:38:48 +00:00
pf_if.c Widen NET_EPOCH coverage. 2019-10-07 22:40:05 +00:00
pf_ioctl.c pf: zero (another) output buffer in pfioctl 2019-07-31 16:58:09 +00:00
pf_lb.c pf: Fix endless loop on NAT exhaustion with sticky-address 2018-12-12 20:15:06 +00:00
pf_mtag.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
pf_norm.c pf: Remove partial RFC2675 support 2019-07-29 13:21:31 +00:00
pf_osfp.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
pf_ruleset.c sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
pf_table.c pf :Use counter(9) in pf tables. 2019-03-15 11:08:44 +00:00
pf.c pf: Must be in NET_EPOCH to call icmp_error 2019-10-18 03:36:26 +00:00
pf.h netpfil: Introduce PFIL_FWD flag 2018-03-23 16:56:44 +00:00