git: ee49c5d33d93 - main - carp: turn net.inet.carp.allow into a RW tunable

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Alexander V. Chernikov <melifaro_at_FreeBSD.org>
Date: Mon, 30 Jan 2023 11:33:50 UTC

The branch main has been updated by melifaro:

URL: https://cgit.FreeBSD.org/src/commit/?id=ee49c5d33d93a6b10222f64a0dc16590ac2048a0

commit ee49c5d33d93a6b10222f64a0dc16590ac2048a0
Author:     Boris Lytochkin <lytboris@gmail.com>
AuthorDate: 2023-01-29 16:42:40 +0000
Commit:     Alexander V. Chernikov <melifaro@FreeBSD.org>
CommitDate: 2023-01-30 11:23:53 +0000

    carp: turn net.inet.carp.allow into a RW tunable
    
    Currently CARP starts announcing its state when initialised, regardless
    of the state of the other services provided by the server.
    As a result, the device can become master while still loading the
    firewall ruleset or initialising long-starting service.
    
    This change adds the way to request delayed CARP start by setting the
      net.inet.carp.allow=0 in the loader.conf.
    
    Differential Revision: https://reviews.freebsd.org/D38167
    MFC after:      2 weeks
---
 sys/netinet/ip_carp.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/sys/netinet/ip_carp.c b/sys/netinet/ip_carp.c
index 7c0318c82e75..3846576b4482 100644
--- a/sys/netinet/ip_carp.c
+++ b/sys/netinet/ip_carp.c
@@ -216,8 +216,8 @@ static int carp_demote_adj_sysctl(SYSCTL_HANDLER_ARGS);
 SYSCTL_NODE(_net_inet, IPPROTO_CARP, carp, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
     "CARP");
 SYSCTL_PROC(_net_inet_carp, OID_AUTO, allow,
-    CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
-    0, 0, carp_allow_sysctl, "I",
+    CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RWTUN | CTLFLAG_MPSAFE,
+    &VNET_NAME(carp_allow), 0, carp_allow_sysctl, "I",
     "Accept incoming CARP packets");
 SYSCTL_PROC(_net_inet_carp, OID_AUTO, dscp,
     CTLFLAG_VNET | CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
@@ -2197,6 +2197,15 @@ carp_mod_cleanup(void)
 	sx_destroy(&carp_sx);
 }
 
+static void
+ipcarp_sysinit(void)
+{
+
+	/* Load allow as tunable so to postpone carp start after module load */
+	TUNABLE_INT_FETCH("net.inet.carp.allow", &V_carp_allow);
+}
+VNET_SYSINIT(ip_carp, SI_SUB_PROTO_DOMAIN, SI_ORDER_ANY, ipcarp_sysinit, NULL);
+
 static int
 carp_mod_load(void)
 {