pf: ensure we don't destroy an uninitialised lock

The new lock introduced in 5f5e32f1 needs to be initialised early so that it can be safely destroyed if we error out. Reported-by: syzbot+d76113e9a4ae0c0fcac2@syzkaller.appspotmail.com MFC after: 3 weeks Sponsored by: Rubicon Communications, LLC ("Netgate")

pf: ensure we don't destroy an uninitialised lock
The new lock introduced in 5f5e32f1 needs to be initialised early so that it can be safely destroyed if we error out. Reported-by: syzbot+d76113e9a4ae0c0fcac2@syzkaller.appspotmail.com MFC after: 3 weeks Sponsored by: Rubicon Communications, LLC ("Netgate")
e5ca5e80 · Kristof Provost · 340cebe9 · e5ca5e80
Commit e5ca5e80 authored Jan 16, 2022 by Kristof Provost
--- a/sys/netpfil/pf/pf_ioctl.c
+++ b/sys/netpfil/pf/pf_ioctl.c
@@ -1862,6 +1862,8 @@ pf_ioctl_addrule(struct pf_krule *rule, uint32_t ticket,
 	int			 rs_num;
 	int			 error = 0;

+	mtx_init(&rule->rpool.mtx, "pf_krule_pool", NULL, MTX_DEF);
+
 	if ((rule->return_icmp >> 8) > ICMP_MAXTYPE) {
 		error = EINVAL;
 		goto errout_unlocked;
@@ -2002,7 +2004,6 @@ pf_ioctl_addrule(struct pf_krule *rule, uint32_t ticket,
 	    rule, entries);
 	ruleset->rules[rs_num].inactive.rcount++;

-	mtx_init(&rule->rpool.mtx, "pf_krule_pool", NULL, MTX_DEF);
 	PF_RULES_WUNLOCK();

 	return (0);