svn commit: r241966 - user/andre/tcp_workqueue/sys/net

Andre Oppermann andre at freebsd.org
Tue Oct 23 19:31:31 UTC 2012 

On 23.10.2012 21:26, Andre Oppermann wrote:
> Author: andre
> Date: Tue Oct 23 19:26:49 2012
> New Revision: 241966
> URL: http://svn.freebsd.org/changeset/base/241966
>
> Log:
>    Extend PFIL hooks with explicit hook ordering and reinjecting of
>    packets into the chain after a particular hook.
>
>    Add pfil_add_hook_order() taking a numerical value between 0-255
>    to specify the relative position of this hook in the list of all
>    hooks.  Lower numbers have higher ordering (ie. will run first).
>    Within a particular order value the last added will be the first
>    to run.  Three fixed positions are defined:
>     PFIL_ORDER_FIRST	  0
>     PFIL_ORDER_DEFAULT	200
>     PFIL_ORDER_LAST	255
>
>    Previously the order was non-deterministic and dependent on the
>    ordering of the add hook calls.  The last added would always
>    become the first to run.
>
>    Non-ordering aware pfil consumers using the pfil_add_hook() call
>    get PFIL_ORDER_DEFAULT assigned resulting in the previous ordering.
>
>    The ordering is determined at hookup time by the pfil consumer
>    and no tool for later manual re-ordering is provided.  Most well
>    known pfil consumers are expected to have a predetermined preferred
>    position in the order.  A tool or sysctl reporting the order of
>    hooked pfil consumers will be provided later.
>
>    Add pfil_run_inject() taking an opaque cookie value obtained with
>    pfil_get_cookie() after the hook is added.  Processing of the hook
>    chain skips all hooks until after the one with the same cookie.
>    The cookie is valid as long as this hook remains hooked.  If no
>    cookie is found processing is started with the first hook again.
>    If the cookie is invalid processing of all hooks is effectively
>    skipped.
>
>    With this pfil hooks consumers can dequeue packets for further
>    processing and later re-inject them with the next hook.

Besides the obvious ordering solution to the exiting pfil consumers
my idea is to explore converting most of ether_input/output and IPsec
processing to pfil hooks.  This will need some further definitions
for the default PFIL_ORDER points but that'll happen when there's
some practical experimenting with running it.

-- 
Andre

More information about the svn-src-user mailing list