diff options
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/net/pfil.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/sys/net/pfil.c b/sys/net/pfil.c index f5fff2a..bfd382d 100644 --- a/sys/net/pfil.c +++ b/sys/net/pfil.c @@ -119,8 +119,16 @@ pfil_run_hooks(struct pfil_head *ph, struct mbuf **mp, struct ifnet *ifp, struct mbuf *m = *mp; int rv = 0; - if (ph->ph_busy_count == -1 || ph->ph_want_write) - return (0); + /* + * Prevent packet filtering from starving the modification of + * the packet filters. We would prefer a reader/writer locking + * mechanism with guaranteed ordering, though. + */ + if (ph->ph_busy_count == -1 || ph->ph_want_write) { + m_freem(*mp); + *mp = NULL; + return (ENOBUFS); + } PFIL_RLOCK(ph); for (pfh = pfil_hook_get(dir, ph); pfh != NULL; |
