Date: Fri, 17 Jun 2016 16:14:42 +0000 (UTC) From: "Bjoern A. Zeeb" <bz@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r301990 - in projects/vnet/sys: net netpfil/pf Message-ID: <201606171614.u5HGEg0J075637@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: bz Date: Fri Jun 17 16:14:42 2016 New Revision: 301990 URL: https://svnweb.freebsd.org/changeset/base/301990 Log: Tie up a few lose ends on pf vnet cleanup and in theory if we could unload the module try to also end the kthread again. Sponsored by: The FreeBSD Foundation Modified: projects/vnet/sys/net/pfvar.h projects/vnet/sys/netpfil/pf/pf.c projects/vnet/sys/netpfil/pf/pf_ioctl.c Modified: projects/vnet/sys/net/pfvar.h ============================================================================== --- projects/vnet/sys/net/pfvar.h Fri Jun 17 09:07:27 2016 (r301989) +++ projects/vnet/sys/net/pfvar.h Fri Jun 17 16:14:42 2016 (r301990) @@ -1514,6 +1514,7 @@ VNET_DECLARE(uma_zone_t, pf_state_scrub #define V_pf_state_scrub_z VNET(pf_state_scrub_z) extern void pf_purge_thread(void *); +extern void pf_unload_vnet_purge(void); extern void pf_intr(void *); extern void pf_purge_expired_src_nodes(void); Modified: projects/vnet/sys/netpfil/pf/pf.c ============================================================================== --- projects/vnet/sys/netpfil/pf/pf.c Fri Jun 17 09:07:27 2016 (r301989) +++ projects/vnet/sys/netpfil/pf/pf.c Fri Jun 17 16:14:42 2016 (r301990) @@ -298,7 +298,7 @@ static void pf_route6(struct mbuf **, int in4_cksum(struct mbuf *m, u_int8_t nxt, int off, int len); -VNET_DECLARE(int, pf_end_threads); +extern int pf_end_threads; VNET_DEFINE(struct pf_limit, pf_limits[PF_LIMIT_MAX]); @@ -1434,43 +1434,10 @@ pf_purge_thread(void *unused __unused) VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); -#if 0 - /* XXX-BZ cleanup needs to happen elsewhere. */ - if (V_pf_end_threads) { - /* - * To cleanse up all kifs and rules we need - * two runs: first one clears reference flags, - * then pf_purge_expired_states() doesn't - * raise them, and then second run frees. - */ - PF_RULES_RUNLOCK(); - pf_purge_unlinked_rules(); - pfi_kif_purge(); - - /* - * Now purge everything. - */ - pf_purge_expired_states(0, pf_hashmask); - pf_purge_expired_fragments(); - pf_purge_expired_src_nodes(); - - /* - * Now all kifs & rules should be unreferenced, - * thus should be successfully freed. - */ - pf_purge_unlinked_rules(); - pfi_kif_purge(); - - /* - * Announce success and exit. - */ - PF_RULES_RLOCK(); - V_pf_end_threads++; - PF_RULES_RUNLOCK(); + if (pf_end_threads) { wakeup(pf_purge_thread); - //kproc_exit(0); + kproc_exit(0); } -#endif /* Process 1/interval fraction of the state table every run. */ idx = pf_purge_expired_states(idx, pf_hashmask / @@ -1495,6 +1462,35 @@ pf_purge_thread(void *unused __unused) /* not reached */ } +void +pf_unload_vnet_purge(void) +{ + + /* + * To cleanse up all kifs and rules we need + * two runs: first one clears reference flags, + * then pf_purge_expired_states() doesn't + * raise them, and then second run frees. + */ + pf_purge_unlinked_rules(); + pfi_kif_purge(); + + /* + * Now purge everything. + */ + pf_purge_expired_states(0, pf_hashmask); + pf_purge_expired_fragments(); + pf_purge_expired_src_nodes(); + + /* + * Now all kifs & rules should be unreferenced, + * thus should be successfully freed. + */ + pf_purge_unlinked_rules(); + pfi_kif_purge(); +} + + u_int32_t pf_state_expires(const struct pf_state *state) { Modified: projects/vnet/sys/netpfil/pf/pf_ioctl.c ============================================================================== --- projects/vnet/sys/netpfil/pf/pf_ioctl.c Fri Jun 17 09:07:27 2016 (r301989) +++ projects/vnet/sys/netpfil/pf/pf_ioctl.c Fri Jun 17 16:14:42 2016 (r301990) @@ -87,7 +87,6 @@ __FBSDID("$FreeBSD$"); #include <net/altq/altq.h> #endif -static int pfattach(void); static struct pf_pool *pf_get_pool(char *, u_int32_t, u_int8_t, u_int32_t, u_int8_t, u_int8_t, u_int8_t); @@ -189,7 +188,7 @@ static struct cdevsw pf_cdevsw = { static volatile VNET_DEFINE(int, pf_pfil_hooked); #define V_pf_pfil_hooked VNET(pf_pfil_hooked) -VNET_DEFINE(int, pf_end_threads); +int pf_end_threads; struct rwlock pf_rules_lock; struct sx pf_ioctl_lock; @@ -279,21 +278,6 @@ pfattach_vnet(void) return; } -static int -pfattach(void) -{ - int error; - - pf_mtag_initialize(); - - error = kproc_create(pf_purge_thread, NULL, NULL, 0, 0, "pf purge"); - if (error != 0) { - pf_mtag_cleanup(); - return (error); - } - - return (0); -} static struct pf_pool * pf_get_pool(char *anchor, u_int32_t ticket, u_int8_t rule_action, @@ -3707,9 +3691,6 @@ pf_load_vnet(void) VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); V_pf_pfil_hooked = 0; -#if 0 - V_pf_end_threads = 0; -#endif TAILQ_INIT(&V_pf_tags); TAILQ_INIT(&V_pf_qids); CURVNET_RESTORE(); @@ -3727,8 +3708,15 @@ pf_load(void) rw_init(&pf_rules_lock, "pf rulesets"); sx_init(&pf_ioctl_lock, "pf ioctl"); + pf_mtag_initialize(); + pf_dev = make_dev(&pf_cdevsw, 0, 0, 0, 0600, PF_NAME); - if ((error = pfattach()) != 0) + if (pf_dev == NULL) + return (ENOMEM); + + pf_end_threads = 0; + error = kproc_create(pf_purge_thread, NULL, NULL, 0, 0, "pf purge"); + if (error != 0) return (error); return (0); @@ -3751,16 +3739,13 @@ pf_unload_vnet() printf("%s : pfil unregisteration fail\n", __FUNCTION__); return; } + + pf_unload_vnet_purge(); + PF_RULES_WLOCK(); shutdown_pf(); -#if 0 - V_pf_end_threads = 1; - while (V_pf_end_threads < 2) { - wakeup_one(pf_purge_thread); - rw_sleep(pf_purge_thread, &pf_rules_lock, 0, "pftmo", 0); - } -#endif PF_RULES_WUNLOCK(); + pf_normalize_cleanup(); pfi_cleanup_vnet(); pfr_cleanup(); @@ -3775,9 +3760,17 @@ pf_unload(void) { int error = 0; + pf_end_threads = 1; + while (pf_end_threads < 2) { + wakeup_one(pf_purge_thread); + rw_sleep(pf_purge_thread, &pf_rules_lock, 0, "pftmo", 0); + } + + if (pf_dev != NULL) + destroy_dev(pf_dev); + pfi_cleanup(); - destroy_dev(pf_dev); rw_destroy(&pf_rules_lock); sx_destroy(&pf_ioctl_lock);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201606171614.u5HGEg0J075637>