svn commit: r236513 - projects/pf/head/sys/contrib/pf/net
Gleb Smirnoff
glebius at FreeBSD.org
Sun Jun 3 12:11:04 UTC 2012
Author: glebius
Date: Sun Jun 3 12:11:03 2012
New Revision: 236513
URL: http://svn.freebsd.org/changeset/base/236513
Log:
Good bye PF_LOCK(), or "the pf Giant" how I have called you. I hope,
we can sustain without you. Bye!
Details:
- Remove PF_LOCK from forwarding paths.
- Change PF_LOCK to PF_RULES_WLOCK to protect rest of data structures,
that wasn't protected with separate locks before.
Modified:
projects/pf/head/sys/contrib/pf/net/if_pflog.c
projects/pf/head/sys/contrib/pf/net/if_pfsync.c
projects/pf/head/sys/contrib/pf/net/pf.c
projects/pf/head/sys/contrib/pf/net/pf_ioctl.c
projects/pf/head/sys/contrib/pf/net/pfvar.h
Modified: projects/pf/head/sys/contrib/pf/net/if_pflog.c
==============================================================================
--- projects/pf/head/sys/contrib/pf/net/if_pflog.c Sun Jun 3 11:57:05 2012 (r236512)
+++ projects/pf/head/sys/contrib/pf/net/if_pflog.c Sun Jun 3 12:11:03 2012 (r236513)
@@ -269,14 +269,14 @@ pflog_modevent(module_t mod, int type, v
switch (type) {
case MOD_LOAD:
pflogattach(1);
- PF_LOCK();
+ PF_RULES_WLOCK();
pflog_packet_ptr = pflog_packet;
- PF_UNLOCK();
+ PF_RULES_WUNLOCK();
break;
case MOD_UNLOAD:
- PF_LOCK();
+ PF_RULES_WLOCK();
pflog_packet_ptr = NULL;
- PF_UNLOCK();
+ PF_RULES_WUNLOCK();
if_clone_detach(&pflog_cloner);
break;
default:
Modified: projects/pf/head/sys/contrib/pf/net/if_pfsync.c
==============================================================================
--- projects/pf/head/sys/contrib/pf/net/if_pfsync.c Sun Jun 3 11:57:05 2012 (r236512)
+++ projects/pf/head/sys/contrib/pf/net/if_pfsync.c Sun Jun 3 12:11:03 2012 (r236513)
@@ -629,7 +629,6 @@ pfsync_input(struct mbuf *m, __unused in
pkt.src = ip->ip_src;
pkt.flags = 0;
- PF_LOCK();
/*
* Trusting pf_chksum during packet processing, as well as seeking
* in interface name tree, require holding PF_RULES_RLOCK().
@@ -646,7 +645,6 @@ pfsync_input(struct mbuf *m, __unused in
if (subh.action >= PFSYNC_ACT_MAX) {
V_pfsyncstats.pfsyncs_badact++;
PF_RULES_RUNLOCK();
- PF_UNLOCK();
goto done;
}
@@ -655,14 +653,12 @@ pfsync_input(struct mbuf *m, __unused in
rv = (*pfsync_acts[subh.action])(&pkt, m, offset, count);
if (rv == -1) {
PF_RULES_RUNLOCK();
- PF_UNLOCK();
return;
}
offset += rv;
}
PF_RULES_RUNLOCK();
- PF_UNLOCK();
done:
m_freem(m);
@@ -1290,12 +1286,10 @@ pfsyncioctl(struct ifnet *ifp, u_long cm
ifr->ifr_mtu > sc->sc_sync_if->if_mtu)
return (EINVAL);
if (ifr->ifr_mtu < ifp->if_mtu) {
- PF_LOCK();
PFSYNC_LOCK(sc);
if (sc->sc_len > PFSYNC_MINPKT)
pfsync_sendout(1);
PFSYNC_UNLOCK(sc);
- PF_UNLOCK();
}
ifp->if_mtu = ifr->ifr_mtu;
break;
@@ -1336,7 +1330,6 @@ pfsyncioctl(struct ifnet *ifp, u_long cm
mship = malloc((sizeof(struct in_multi *) *
IP_MIN_MEMBERSHIPS), M_PFSYNC, M_WAITOK | M_ZERO);
- PF_LOCK();
PFSYNC_LOCK(sc);
if (pfsyncr.pfsyncr_syncpeer.s_addr == 0)
sc->sc_sync_peer.s_addr = htonl(INADDR_PFSYNC_GROUP);
@@ -1360,7 +1353,6 @@ pfsyncioctl(struct ifnet *ifp, u_long cm
if (imo->imo_membership)
pfsync_multicast_cleanup(sc);
PFSYNC_UNLOCK(sc);
- PF_UNLOCK();
free(mship, M_PFSYNC);
break;
}
@@ -1408,7 +1400,6 @@ pfsyncioctl(struct ifnet *ifp, u_long cm
printf("pfsync: requesting bulk update\n");
pfsync_request_update(0, 0);
PFSYNC_UNLOCK(sc);
- PF_UNLOCK();
PFSYNC_BLOCK(sc);
sc->sc_ureq_sent = time_uptime;
callout_reset(&sc->sc_bulkfail_tmo, 5 * hz, pfsync_bulk_fail,
@@ -1919,8 +1910,6 @@ pfsync_delete_state(struct pf_state *st)
struct pfsync_softc *sc = V_pfsyncif;
int schedswi = 0;
- PF_LOCK_ASSERT();
-
PFSYNC_LOCK(sc);
if (st->state_flags & PFSTATE_ACK)
pfsync_undefer_state(st, 1);
@@ -1968,8 +1957,6 @@ pfsync_clear_states(u_int32_t creatorid,
struct pfsync_clr clr;
} __packed r;
- PF_LOCK_ASSERT();
-
bzero(&r, sizeof(r));
r.subh.action = PFSYNC_ACT_CLR;
@@ -2039,7 +2026,6 @@ pfsync_bulk_start(void)
if (V_pf_status.debug >= PF_DEBUG_MISC)
printf("pfsync: received bulk update request\n");
- PF_LOCK_ASSERT();
PFSYNC_BLOCK(sc);
sc->sc_ureq_received = time_uptime;
@@ -2057,7 +2043,6 @@ pfsync_bulk_update(void *arg)
struct pf_state *s;
int i, sent = 0;
- PF_LOCK_ASSERT();
PFSYNC_BLOCK_ASSERT(sc);
CURVNET_SET(sc->sc_ifp->if_vnet);
@@ -2126,8 +2111,6 @@ pfsync_bulk_status(u_int8_t status)
struct pfsync_softc *sc = V_pfsyncif;
- PF_LOCK_ASSERT();
-
bzero(&r, sizeof(r));
r.subh.action = PFSYNC_ACT_BUS;
@@ -2181,7 +2164,6 @@ pfsync_send_plus(void *plus, size_t plus
{
struct pfsync_softc *sc = V_pfsyncif;
- PF_LOCK_ASSERT();
PFSYNC_LOCK_ASSERT(sc);
if (sc->sc_len + pluslen > sc->sc_ifp->if_mtu)
@@ -2310,14 +2292,14 @@ pfsync_init()
goto fail;
}
#endif
- PF_LOCK();
+ PF_RULES_WLOCK();
pfsync_state_import_ptr = pfsync_state_import;
pfsync_insert_state_ptr = pfsync_insert_state;
pfsync_update_state_ptr = pfsync_update_state;
pfsync_delete_state_ptr = pfsync_delete_state;
pfsync_clear_states_ptr = pfsync_clear_states;
pfsync_defer_ptr = pfsync_defer;
- PF_UNLOCK();
+ PF_RULES_WUNLOCK();
return (0);
Modified: projects/pf/head/sys/contrib/pf/net/pf.c
==============================================================================
--- projects/pf/head/sys/contrib/pf/net/pf.c Sun Jun 3 11:57:05 2012 (r236512)
+++ projects/pf/head/sys/contrib/pf/net/pf.c Sun Jun 3 12:11:03 2012 (r236513)
@@ -1304,14 +1304,11 @@ pf_purge_thread(void *v)
for (;;) {
tsleep(pf_purge_thread, PWAIT, "pftm", hz / 10);
- PF_LOCK();
-
if (V_pf_end_threads) {
pf_purge_expired_states(V_pf_hashmask + 1);
pf_purge_expired_fragments();
pf_purge_expired_src_nodes();
V_pf_end_threads++;
- PF_UNLOCK();
wakeup(pf_purge_thread);
kproc_exit(0);
}
@@ -1332,8 +1329,6 @@ pf_purge_thread(void *v)
pf_purge_unlinked_rules();
pfi_kif_purge();
}
-
- PF_UNLOCK();
}
/* not reached */
CURVNET_RESTORE();
@@ -2635,7 +2630,6 @@ pf_socket_lookup(int direction, struct p
saddr = pd->dst;
daddr = pd->src;
}
- PF_UNLOCK();
switch (pd->af) {
#ifdef INET
case AF_INET:
@@ -2679,7 +2673,7 @@ pf_socket_lookup(int direction, struct p
pd->lookup.uid = inp->inp_cred->cr_uid;
pd->lookup.gid = inp->inp_cred->cr_groups[0];
INP_RUNLOCK(inp);
- PF_LOCK();
+
return (1);
}
@@ -5101,14 +5095,12 @@ pf_route(struct mbuf **m, struct pf_rule
if ((m0 = m_dup(*m, M_NOWAIT)) == NULL) {
if (s)
PF_STATE_UNLOCK(s);
- PF_UNLOCK();
return;
}
} else {
if ((r->rt == PF_REPLYTO) == (r->direction == dir)) {
if (s)
PF_STATE_UNLOCK(s);
- PF_UNLOCK();
return;
}
m0 = *m;
@@ -5126,7 +5118,6 @@ pf_route(struct mbuf **m, struct pf_rule
if (s)
PF_STATE_UNLOCK(s);
- PF_UNLOCK();
rt = rtalloc1_fib(sintosa(&dst), 0, 0, M_GETFIB(m0));
if (rt == NULL) {
RTFREE_LOCKED(rt);
@@ -5154,14 +5145,12 @@ pf_route(struct mbuf **m, struct pf_rule
dst.sin_addr.s_addr = naddr.v4.s_addr;
ifp = r->rpool.cur->kif ?
r->rpool.cur->kif->pfik_ifp : NULL;
- PF_UNLOCK();
} else {
if (!PF_AZERO(&s->rt_addr, AF_INET))
dst.sin_addr.s_addr =
s->rt_addr.v4.s_addr;
ifp = s->rt_kif ? s->rt_kif->pfik_ifp : NULL;
PF_STATE_UNLOCK(s);
- PF_UNLOCK();
}
}
if (ifp == NULL)
@@ -5256,7 +5245,6 @@ done:
bad_locked:
if (s)
PF_STATE_UNLOCK(s);
- PF_UNLOCK();
bad:
m_freem(m0);
goto done;
@@ -5289,14 +5277,12 @@ pf_route6(struct mbuf **m, struct pf_rul
if ((m0 = m_dup(*m, M_NOWAIT)) == NULL) {
if (s)
PF_STATE_UNLOCK(s);
- PF_UNLOCK();
return;
}
} else {
if ((r->rt == PF_REPLYTO) == (r->direction == dir)) {
if (s)
PF_STATE_UNLOCK(s);
- PF_UNLOCK();
return;
}
m0 = *m;
@@ -5313,7 +5299,6 @@ pf_route6(struct mbuf **m, struct pf_rul
if (r->rt == PF_FASTROUTE) {
if (s)
PF_STATE_UNLOCK(s);
- PF_UNLOCK();
m0->m_flags |= M_SKIP_FIREWALL;
ip6_output(m0, NULL, NULL, 0, NULL, NULL, NULL);
return;
@@ -5340,7 +5325,6 @@ pf_route6(struct mbuf **m, struct pf_rul
if (s)
PF_STATE_UNLOCK(s);
- PF_UNLOCK();
if (ifp == NULL)
goto bad;
@@ -5386,7 +5370,6 @@ done:
bad_locked:
if (s)
PF_STATE_UNLOCK(s);
- PF_UNLOCK();
bad:
m_freem(m0);
goto done;
@@ -5571,11 +5554,9 @@ pf_test(int dir, struct ifnet *ifp, stru
action = PF_DROP;
REASON_SET(&reason, PFRES_SHORT);
log = 1;
- PF_LOCK();
goto done;
}
- PF_LOCK();
PF_RULES_RLOCK();
if (ip_divert_ptr != NULL &&
@@ -5786,7 +5767,6 @@ done:
if (s)
PF_STATE_UNLOCK(s);
- PF_UNLOCK();
m_tag_prepend(m, ipfwtag);
if (m->m_flags & M_FASTFWD_OURS) {
@@ -5884,7 +5864,6 @@ done:
}
if (s)
PF_STATE_UNLOCK(s);
- PF_UNLOCK();
return (action);
}
@@ -5932,11 +5911,9 @@ pf_test6(int dir, struct ifnet *ifp, str
action = PF_DROP;
REASON_SET(&reason, PFRES_SHORT);
log = 1;
- PF_LOCK();
goto done;
}
- PF_LOCK();
PF_RULES_RLOCK();
/* We do IP header normalization and packet reassembly here */
@@ -6268,7 +6245,7 @@ done:
if (s)
PF_STATE_UNLOCK(s);
- PF_UNLOCK();
+
return (action);
}
#endif /* INET6 */
Modified: projects/pf/head/sys/contrib/pf/net/pf_ioctl.c
==============================================================================
--- projects/pf/head/sys/contrib/pf/net/pf_ioctl.c Sun Jun 3 11:57:05 2012 (r236512)
+++ projects/pf/head/sys/contrib/pf/net/pf_ioctl.c Sun Jun 3 12:11:03 2012 (r236513)
@@ -212,7 +212,6 @@ static volatile VNET_DEFINE(int, pf_pfil
#define V_pf_pfil_hooked VNET(pf_pfil_hooked)
VNET_DEFINE(int, pf_end_threads);
-struct mtx pf_mtx;
struct rwlock pf_rules_lock;
/* pfsync */
@@ -231,7 +230,6 @@ static void
init_pf_mutex(void)
{
- mtx_init(&pf_mtx, "pf Giant", NULL, MTX_DEF);
rw_init(&pf_rules_lock, "pf rulesets");
sx_init(&V_pf_consistency_lock, "pfioctl");
}
@@ -240,7 +238,6 @@ static void
destroy_pf_mutex(void)
{
- mtx_destroy(&pf_mtx);
rw_destroy(&pf_rules_lock);
sx_destroy(&V_pf_consistency_lock);
}
@@ -1121,21 +1118,20 @@ pfioctl(struct cdev *dev, u_long cmd, ca
switch (cmd) {
case DIOCSTART:
- PF_LOCK();
+ PF_RULES_WLOCK();
if (V_pf_status.running)
error = EEXIST;
else {
int cpu;
- PF_UNLOCK();
+ PF_RULES_WUNLOCK();
error = hook_pf();
- PF_LOCK();
if (error) {
DPFPRINTF(PF_DEBUG_MISC,
- ("pf: pfil registeration fail\n"));
- PF_UNLOCK();
+ ("pf: pfil registration failed\n"));
break;
}
+ PF_RULES_WLOCK();
V_pf_status.running = 1;
V_pf_status.since = time_second;
@@ -1144,27 +1140,27 @@ pfioctl(struct cdev *dev, u_long cmd, ca
DPFPRINTF(PF_DEBUG_MISC, ("pf: started\n"));
}
- PF_UNLOCK();
+ PF_RULES_WUNLOCK();
break;
case DIOCSTOP:
- PF_LOCK();
+ PF_RULES_WLOCK();
if (!V_pf_status.running)
error = ENOENT;
else {
V_pf_status.running = 0;
- PF_UNLOCK();
+ PF_RULES_WUNLOCK();
error = dehook_pf();
- PF_LOCK();
if (error) {
V_pf_status.running = 1;
DPFPRINTF(PF_DEBUG_MISC,
- ("pf: pfil unregisteration failed\n"));
+ ("pf: pfil unregistration failed\n"));
}
+ PF_RULES_WLOCK();
V_pf_status.since = time_second;
DPFPRINTF(PF_DEBUG_MISC, ("pf: stopped\n"));
}
- PF_UNLOCK();
+ PF_RULES_WUNLOCK();
break;
case DIOCADDRULE: {
@@ -1633,7 +1629,6 @@ DIOCCHANGERULE_error:
struct pfioc_state_kill *psk = (struct pfioc_state_kill *)addr;
u_int i, killed = 0;
- PF_LOCK();
for (i = 0; i <= V_pf_hashmask; i++) {
struct pf_idhash *ih = &V_pf_idhash[i];
@@ -1657,7 +1652,6 @@ relock_DIOCCLRSTATES:
psk->psk_killed = killed;
if (pfsync_clear_states_ptr != NULL)
pfsync_clear_states_ptr(V_pf_status.hostid, psk->psk_ifname);
- PF_UNLOCK();
break;
}
@@ -1669,7 +1663,6 @@ relock_DIOCCLRSTATES:
struct pfioc_state_kill *psk = (struct pfioc_state_kill *)addr;
u_int i, killed = 0;
- PF_LOCK();
if (psk->psk_pfcmp.id) {
if (psk->psk_pfcmp.creatorid == 0)
psk->psk_pfcmp.creatorid = V_pf_status.hostid;
@@ -1678,7 +1671,6 @@ relock_DIOCCLRSTATES:
pf_unlink_state(s, PF_ENTER_LOCKED);
psk->psk_killed = 1;
}
- PF_UNLOCK();
break;
}
@@ -1734,7 +1726,6 @@ relock_DIOCKILLSTATES:
}
PF_HASHROW_UNLOCK(ih);
}
- PF_UNLOCK();
psk->psk_killed = killed;
break;
}
@@ -1761,17 +1752,14 @@ relock_DIOCKILLSTATES:
struct pfioc_state *ps = (struct pfioc_state *)addr;
struct pf_state *s;
- PF_LOCK();
s = pf_find_state_byid(ps->state.id, ps->state.creatorid);
if (s == NULL) {
- PF_UNLOCK();
error = ENOENT;
break;
}
pfsync_state_export(&ps->state, s);
PF_STATE_UNLOCK(s);
- PF_UNLOCK();
break;
}
@@ -1824,36 +1812,35 @@ DIOCGETSTATES_full:
case DIOCGETSTATUS: {
struct pf_status *s = (struct pf_status *)addr;
- PF_LOCK();
+ PF_RULES_RLOCK();
bcopy(&V_pf_status, s, sizeof(struct pf_status));
pfi_update_status(s->ifname, s);
- PF_UNLOCK();
+ PF_RULES_RUNLOCK();
break;
}
case DIOCSETSTATUSIF: {
struct pfioc_if *pi = (struct pfioc_if *)addr;
- PF_LOCK();
if (pi->ifname[0] == 0) {
bzero(V_pf_status.ifname, IFNAMSIZ);
- PF_UNLOCK();
break;
}
+ PF_RULES_WLOCK();
strlcpy(V_pf_status.ifname, pi->ifname, IFNAMSIZ);
- PF_UNLOCK();
+ PF_RULES_WUNLOCK();
break;
}
case DIOCCLRSTATUS: {
- PF_LOCK();
+ PF_RULES_WLOCK();
bzero(V_pf_status.counters, sizeof(V_pf_status.counters));
bzero(V_pf_status.fcounters, sizeof(V_pf_status.fcounters));
bzero(V_pf_status.scounters, sizeof(V_pf_status.scounters));
V_pf_status.since = time_second;
if (*V_pf_status.ifname)
pfi_update_status(V_pf_status.ifname, NULL);
- PF_UNLOCK();
+ PF_RULES_WUNLOCK();
break;
}
@@ -1865,7 +1852,6 @@ DIOCGETSTATES_full:
int m = 0, direction = pnl->direction;
int sidx, didx;
- PF_LOCK();
/* NATLOOK src and dst are reversed, so reverse sidx/didx */
sidx = (direction == PF_IN) ? 1 : 0;
didx = (direction == PF_IN) ? 0 : 1;
@@ -1899,7 +1885,6 @@ DIOCGETSTATES_full:
} else
error = ENOENT;
}
- PF_UNLOCK();
break;
}
@@ -1912,7 +1897,7 @@ DIOCGETSTATES_full:
error = EINVAL;
break;
}
- PF_LOCK();
+ PF_RULES_WLOCK();
old = V_pf_default_rule.timeout[pt->timeout];
if (pt->timeout == PFTM_INTERVAL && pt->seconds == 0)
pt->seconds = 1;
@@ -1920,7 +1905,7 @@ DIOCGETSTATES_full:
if (pt->timeout == PFTM_INTERVAL && pt->seconds < old)
wakeup(pf_purge_thread);
pt->seconds = old;
- PF_UNLOCK();
+ PF_RULES_WUNLOCK();
break;
}
@@ -1931,7 +1916,9 @@ DIOCGETSTATES_full:
error = EINVAL;
break;
}
+ PF_RULES_RLOCK();
pt->seconds = V_pf_default_rule.timeout[pt->timeout];
+ PF_RULES_RUNLOCK();
break;
}
@@ -1942,7 +1929,9 @@ DIOCGETSTATES_full:
error = EINVAL;
break;
}
+ PF_RULES_RLOCK();
pl->limit = V_pf_limits[pl->index].limit;
+ PF_RULES_RUNLOCK();
break;
}
@@ -1950,10 +1939,10 @@ DIOCGETSTATES_full:
struct pfioc_limit *pl = (struct pfioc_limit *)addr;
int old_limit;
- PF_LOCK();
+ PF_RULES_WLOCK();
if (pl->index < 0 || pl->index >= PF_LIMIT_MAX ||
V_pf_limits[pl->index].zone == NULL) {
- PF_UNLOCK();
+ PF_RULES_WUNLOCK();
error = EINVAL;
break;
}
@@ -1961,14 +1950,16 @@ DIOCGETSTATES_full:
old_limit = V_pf_limits[pl->index].limit;
V_pf_limits[pl->index].limit = pl->limit;
pl->limit = old_limit;
- PF_UNLOCK();
+ PF_RULES_WUNLOCK();
break;
}
case DIOCSETDEBUG: {
u_int32_t *level = (u_int32_t *)addr;
+ PF_RULES_WLOCK();
V_pf_status.debug = *level;
+ PF_RULES_WUNLOCK();
break;
}
@@ -2874,17 +2865,17 @@ DIOCCHANGEADDR_error:
case DIOCOSFPADD: {
struct pf_osfp_ioctl *io = (struct pf_osfp_ioctl *)addr;
- PF_LOCK();
+ PF_RULES_WLOCK();
error = pf_osfp_add(io);
- PF_UNLOCK();
+ PF_RULES_WUNLOCK();
break;
}
case DIOCOSFPGET: {
struct pf_osfp_ioctl *io = (struct pf_osfp_ioctl *)addr;
- PF_LOCK();
+ PF_RULES_RLOCK();
error = pf_osfp_get(io);
- PF_UNLOCK();
+ PF_RULES_RUNLOCK();
break;
}
@@ -3194,11 +3185,9 @@ DIOCCHANGEADDR_error:
case DIOCCLRSRCNODES: {
- PF_LOCK();
pf_clear_srcnodes(NULL);
pf_purge_expired_src_nodes();
V_pf_status.src_nodes = 0;
- PF_UNLOCK();
break;
}
@@ -3245,19 +3234,19 @@ DIOCCHANGEADDR_error:
case DIOCSETHOSTID: {
u_int32_t *hostid = (u_int32_t *)addr;
- PF_LOCK();
+ PF_RULES_WLOCK();
if (*hostid == 0)
V_pf_status.hostid = arc4random();
else
V_pf_status.hostid = *hostid;
- PF_UNLOCK();
+ PF_RULES_WUNLOCK();
break;
}
case DIOCOSFPFLUSH:
- PF_LOCK();
+ PF_RULES_WLOCK();
pf_osfp_flush();
- PF_UNLOCK();
+ PF_RULES_WUNLOCK();
break;
case DIOCIGETIFACES: {
@@ -3676,8 +3665,6 @@ hook_pf(void)
struct pfil_head *pfh_inet6;
#endif
- PF_UNLOCK_ASSERT();
-
if (V_pf_pfil_hooked)
return (0);
@@ -3717,8 +3704,6 @@ dehook_pf(void)
struct pfil_head *pfh_inet6;
#endif
- PF_UNLOCK_ASSERT();
-
if (V_pf_pfil_hooked == 0)
return (0);
@@ -3790,9 +3775,9 @@ pf_unload(void)
{
int error = 0;
- PF_LOCK();
+ PF_RULES_WLOCK();
V_pf_status.running = 0;
- PF_UNLOCK();
+ PF_RULES_WUNLOCK();
m_addr_chg_pf_p = NULL;
swi_remove(V_pf_swi_cookie);
error = dehook_pf();
@@ -3805,19 +3790,19 @@ pf_unload(void)
printf("%s : pfil unregisteration fail\n", __FUNCTION__);
return error;
}
- PF_LOCK();
+ PF_RULES_WLOCK();
shutdown_pf();
V_pf_end_threads = 1;
while (V_pf_end_threads < 2) {
wakeup_one(pf_purge_thread);
- msleep(pf_purge_thread, &pf_mtx, 0, "pftmo", hz);
+ tsleep(pf_purge_thread, PWAIT, "pftmo", hz);
}
pf_normalize_cleanup();
pfi_cleanup();
pf_osfp_flush();
pf_osfp_cleanup();
pf_cleanup();
- PF_UNLOCK();
+ PF_RULES_WUNLOCK();
destroy_dev(pf_dev);
destroy_pf_mutex();
Modified: projects/pf/head/sys/contrib/pf/net/pfvar.h
==============================================================================
--- projects/pf/head/sys/contrib/pf/net/pfvar.h Sun Jun 3 11:57:05 2012 (r236512)
+++ projects/pf/head/sys/contrib/pf/net/pfvar.h Sun Jun 3 12:11:03 2012 (r236513)
@@ -198,12 +198,6 @@ struct pfi_dynaddr {
#define PF_NAME "pf"
-extern struct mtx pf_mtx;
-#define PF_LOCK_ASSERT() mtx_assert(&pf_mtx, MA_OWNED)
-#define PF_UNLOCK_ASSERT() mtx_assert(&pf_mtx, MA_NOTOWNED)
-#define PF_LOCK() mtx_lock(&pf_mtx)
-#define PF_UNLOCK() mtx_unlock(&pf_mtx)
-
#define PF_HASHROW_ASSERT(h) mtx_assert(&(h)->lock, MA_OWNED)
#define PF_HASHROW_LOCK(h) mtx_lock(&(h)->lock)
#define PF_HASHROW_UNLOCK(h) mtx_unlock(&(h)->lock)
More information about the svn-src-projects
mailing list