CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	ae <ae@FreeBSD.org>
	Mon, 21 Aug 2017 09:03:20 +0000 (09:03 +0000)
committer	ae <ae@FreeBSD.org>
	Mon, 21 Aug 2017 09:03:20 +0000 (09:03 +0000)
commit	4683f93d198d5dc926b2d73beb0b4c09ff8646f4
tree	07fc9e3534f7bcc96809b791f7af0a81b4bf0d79	tree \| snapshot
parent	12f422ac2385363132e3a85971332c09f6486c25	commit \| diff

MFC r321779:
  Add inpcb pointer to struct ipsec_ctx_data and pass it to the pfil hook
  from enc_hhook().

  This should solve the problem when pf is used with if_enc(4) interface,
  and outbound packet with existing PCB checked by pf, and this leads to
  deadlock due to pf does its own PCB lookup and tries to take rlock when
  wlock is already held.

  Now we pass PCB pointer if it is known to the pfil hook, this helps to
  avoid extra PCB lookup and thus rlock acquiring is not needed.
  For inbound packets it is safe to pass NULL, because we do not held any
  PCB locks yet.

  PR: 220217
  Sponsored by: Yandex LLC

sys/net/if_enc.c		diff \| blob \| history
sys/net/if_enc.h		diff \| blob \| history
sys/netipsec/ipsec.h		diff \| blob \| history
sys/netipsec/ipsec_input.c		diff \| blob \| history
sys/netipsec/ipsec_output.c		diff \| blob \| history