cvs commit: src/share/man/man4 ipfirewall.4 src/share/man/man9 pfil.9 src/sys/alpha/conf GENERIC src/sys/amd64/conf GENERIC src/sys/conf NOTES files options src/sys/i386/conf GENERIC src/sys/ia64/conf GENERIC SKI src/sys/modules/bridge Makefile ...

Max Laier max at love2party.net
Fri Aug 27 09:35:56 PDT 2004 

On Friday 27 August 2004 18:27, Andre Oppermann wrote:
> Max Laier wrote:
> > On Friday 27 August 2004 17:16, Andre Oppermann wrote:
> > > andre       2004-08-27 15:16:24 UTC
> > >
> > >   FreeBSD src repository
> > >
> > >   Modified files:
> > >     share/man/man4       ipfirewall.4
> > >     share/man/man9       pfil.9
> > >     sys/alpha/conf       GENERIC
> > >     sys/amd64/conf       GENERIC
> > >     sys/conf             NOTES files options
> > >     sys/i386/conf        GENERIC
> > >     sys/ia64/conf        GENERIC SKI
> > >     sys/modules/bridge   Makefile
> > >     sys/net              bridge.c
> > >     sys/netinet          ip_fastfwd.c ip_fw_pfil.c ip_input.c
> > >                          ip_output.c ip_var.h
> > >     sys/netinet6         ip6_forward.c ip6_input.c ip6_output.c
> > >                          ip6_var.h
> > >     sys/pc98/conf        GENERIC
> > >     sys/powerpc/conf     GENERIC
> > >     sys/sparc64/conf     GENERIC
> > >     .                    UPDATING
> > >   Log:
> > >   Always compile PFIL_HOOKS into the kernel and remove the associated
> > > kernel compile option.  All FreeBSD packet filters now use the
> > > PFIL_HOOKS API and thus it becomes a standard part of the network
> > > stack.
> > >
> > >   If no hooks are connected the entire packet filter hooks section and
> > > related activities are jumped over.  This removes any performance
> > > impact if no hooks are active.
> >
> > Great!!!
> >
> > Maybe we should hide:
> >   if (inet_pfil_hook.ph_busy_count == -1)
> > behind a macro in case we modify the locking for pfil_hooks in the
> > future. I am thinking of something like:
> >  if (PFIL_IS_EMPTY(&inet_pfil_hook))
>
> Checking for (inet_pfil_hook.ph_busy_count == -1) is the official to see if
> there are any hooks connected.  I don't think we need to abstract this in a
> macro.

Well, having written the locking there I can tell you that ph_busy_count is 
really an *internal* value of the locking and should not be used directly. At 
least as long as we want to be able to change the locking at a later point.

Right now pfil uses a handrolled sleep lock (as the default sx(9) lock is not 
very suitable or fast) but this might change in the future. Using 
ph_busy_count globaly will make that change more difficult.

Moreover, I find PFIL_IS_EMPTY much easier to understand.

-- 
/"\  Best regards,                      | mlaier at freebsd.org
\ /  Max Laier                          | ICQ #67774661
 X   http://pf4freebsd.love2party.net/  | mlaier at EFnet
/ \  ASCII Ribbon Campaign              | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: signature
Url : http://lists.freebsd.org/pipermail/cvs-all/attachments/20040827/4bb9eb1f/attachment.bin

More information about the cvs-all mailing list