git: c8ee75f2315e - main - Use network epoch to protect local IPv4 addresses hash.
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 22 Oct 2021 21:55:25 UTC
The branch main has been updated by glebius:
URL: https://cgit.FreeBSD.org/src/commit/?id=c8ee75f2315e8267ad814dc5b4645ef205f0e0e1
commit c8ee75f2315e8267ad814dc5b4645ef205f0e0e1
Author: Gleb Smirnoff <glebius@FreeBSD.org>
AuthorDate: 2021-10-10 17:02:26 +0000
Commit: Gleb Smirnoff <glebius@FreeBSD.org>
CommitDate: 2021-10-22 21:40:53 +0000
Use network epoch to protect local IPv4 addresses hash.
The modification to the hash are already naturally locked by
in_control_sx. Convert the hash lists to CK lists. Remove the
in_ifaddr_rmlock. Assert the network epoch where necessary.
Most cases when the hash lookup is done the epoch is already entered.
Cover a few cases, that need entering the epoch, which mostly is
initial configuration of tunnel interfaces and multicast addresses.
Reviewed by: melifaro
Differential revision: https://reviews.freebsd.org/D32584
---
sys/net/if_ipsec.c | 3 +++
sys/net/if_me.c | 3 +++
sys/net/if_stf.c | 6 +-----
sys/netinet/if_ether.c | 13 +++----------
sys/netinet/in.c | 46 ++++++++++++++++++++--------------------------
sys/netinet/in.h | 2 +-
sys/netinet/in_debug.c | 6 +++---
sys/netinet/in_gif.c | 3 +++
sys/netinet/in_mcast.c | 28 +++++++++++++++-------------
sys/netinet/in_var.h | 24 +++++++-----------------
sys/netinet/ip_gre.c | 3 +++
sys/netinet/ip_icmp.c | 7 +------
sys/netinet/ip_input.c | 12 ++++--------
sys/netpfil/pf/pf.c | 17 +++--------------
14 files changed, 70 insertions(+), 103 deletions(-)
diff --git a/sys/net/if_ipsec.c b/sys/net/if_ipsec.c
index b9931286a735..b170ac177a64 100644
--- a/sys/net/if_ipsec.c
+++ b/sys/net/if_ipsec.c
@@ -1014,6 +1014,7 @@ static int
ipsec_set_tunnel(struct ipsec_softc *sc, struct sockaddr *src,
struct sockaddr *dst, uint32_t reqid)
{
+ struct epoch_tracker et;
struct secpolicy *sp[IPSEC_SPCOUNT];
int i;
@@ -1037,7 +1038,9 @@ ipsec_set_tunnel(struct ipsec_softc *sc, struct sockaddr *src,
sc->ifp->if_drv_flags &= ~IFF_DRV_RUNNING;
return (ENOMEM);
}
+ NET_EPOCH_ENTER(et);
ipsec_set_running(sc);
+ NET_EPOCH_EXIT(et);
return (0);
}
diff --git a/sys/net/if_me.c b/sys/net/if_me.c
index 067ab22cd84d..e1b932bdb16c 100644
--- a/sys/net/if_me.c
+++ b/sys/net/if_me.c
@@ -403,6 +403,7 @@ me_srcaddr(void *arg __unused, const struct sockaddr *sa,
static int
me_set_tunnel(struct me_softc *sc, in_addr_t src, in_addr_t dst)
{
+ struct epoch_tracker et;
struct me_softc *tmp;
sx_assert(&me_ioctl_sx, SA_XLOCKED);
@@ -429,7 +430,9 @@ me_set_tunnel(struct me_softc *sc, in_addr_t src, in_addr_t dst)
CK_LIST_INSERT_HEAD(&ME_HASH(src, dst), sc, chain);
CK_LIST_INSERT_HEAD(&ME_SRCHASH(src), sc, srchash);
+ NET_EPOCH_ENTER(et);
me_set_running(sc);
+ NET_EPOCH_EXIT(et);
if_link_state_change(ME2IFP(sc), LINK_STATE_UP);
return (0);
}
diff --git a/sys/net/if_stf.c b/sys/net/if_stf.c
index f7d6758d052c..de442a133fc6 100644
--- a/sys/net/if_stf.c
+++ b/sys/net/if_stf.c
@@ -87,7 +87,6 @@
#include <sys/module.h>
#include <sys/proc.h>
#include <sys/queue.h>
-#include <sys/rmlock.h>
#include <sys/sysctl.h>
#include <machine/cpu.h>
@@ -369,7 +368,6 @@ stf_encapcheck(const struct mbuf *m, int off, int proto, void *arg)
static int
stf_getsrcifa6(struct ifnet *ifp, struct in6_addr *addr, struct in6_addr *mask)
{
- struct rm_priotracker in_ifa_tracker;
struct ifaddr *ia;
struct in_ifaddr *ia4;
struct in6_ifaddr *ia6;
@@ -386,11 +384,9 @@ stf_getsrcifa6(struct ifnet *ifp, struct in6_addr *addr, struct in6_addr *mask)
continue;
bcopy(GET_V4(&sin6->sin6_addr), &in, sizeof(in));
- IN_IFADDR_RLOCK(&in_ifa_tracker);
- LIST_FOREACH(ia4, INADDR_HASH(in.s_addr), ia_hash)
+ CK_LIST_FOREACH(ia4, INADDR_HASH(in.s_addr), ia_hash)
if (ia4->ia_addr.sin_addr.s_addr == in.s_addr)
break;
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
if (ia4 == NULL)
continue;
diff --git a/sys/netinet/if_ether.c b/sys/netinet/if_ether.c
index 45ce04117948..f54df9937936 100644
--- a/sys/netinet/if_ether.c
+++ b/sys/netinet/if_ether.c
@@ -52,7 +52,6 @@ __FBSDID("$FreeBSD$");
#include <sys/mbuf.h>
#include <sys/malloc.h>
#include <sys/proc.h>
-#include <sys/rmlock.h>
#include <sys/socket.h>
#include <sys/syslog.h>
@@ -779,7 +778,6 @@ SYSCTL_INT(_net_link_ether_inet, OID_AUTO, allow_multicast, CTLFLAG_RW,
static void
in_arpinput(struct mbuf *m)
{
- struct rm_priotracker in_ifa_tracker;
struct arphdr *ah;
struct ifnet *ifp = m->m_pkthdr.rcvif;
struct llentry *la = NULL, *la_tmp;
@@ -846,24 +844,21 @@ in_arpinput(struct mbuf *m)
* of the receive interface. (This will change slightly
* when we have clusters of interfaces).
*/
- IN_IFADDR_RLOCK(&in_ifa_tracker);
- LIST_FOREACH(ia, INADDR_HASH(itaddr.s_addr), ia_hash) {
+ CK_LIST_FOREACH(ia, INADDR_HASH(itaddr.s_addr), ia_hash) {
if (((bridged && ia->ia_ifp->if_bridge == ifp->if_bridge) ||
ia->ia_ifp == ifp) &&
itaddr.s_addr == ia->ia_addr.sin_addr.s_addr &&
(ia->ia_ifa.ifa_carp == NULL ||
(*carp_iamatch_p)(&ia->ia_ifa, &enaddr))) {
ifa_ref(&ia->ia_ifa);
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
goto match;
}
}
- LIST_FOREACH(ia, INADDR_HASH(isaddr.s_addr), ia_hash)
+ CK_LIST_FOREACH(ia, INADDR_HASH(isaddr.s_addr), ia_hash)
if (((bridged && ia->ia_ifp->if_bridge == ifp->if_bridge) ||
ia->ia_ifp == ifp) &&
isaddr.s_addr == ia->ia_addr.sin_addr.s_addr) {
ifa_ref(&ia->ia_ifa);
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
goto match;
}
@@ -878,17 +873,15 @@ in_arpinput(struct mbuf *m)
* meant to be destined to the bridge member.
*/
if (is_bridge) {
- LIST_FOREACH(ia, INADDR_HASH(itaddr.s_addr), ia_hash) {
+ CK_LIST_FOREACH(ia, INADDR_HASH(itaddr.s_addr), ia_hash) {
if (BDG_MEMBER_MATCHES_ARP(itaddr.s_addr, ifp, ia)) {
ifa_ref(&ia->ia_ifa);
ifp = ia->ia_ifp;
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
goto match;
}
}
}
#undef BDG_MEMBER_MATCHES_ARP
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
/*
* No match, use the first inet address on the receive interface
diff --git a/sys/netinet/in.c b/sys/netinet/in.c
index aa87546be2d4..8eb20f0f2d27 100644
--- a/sys/netinet/in.c
+++ b/sys/netinet/in.c
@@ -46,7 +46,6 @@ __FBSDID("$FreeBSD$");
#include <sys/kernel.h>
#include <sys/lock.h>
#include <sys/proc.h>
-#include <sys/rmlock.h>
#include <sys/sysctl.h>
#include <sys/syslog.h>
#include <sys/sx.h>
@@ -124,21 +123,18 @@ in_localaddr(struct in_addr in)
* Return 1 if an internet address is for the local host and configured
* on one of its interfaces.
*/
-int
+bool
in_localip(struct in_addr in)
{
- struct rm_priotracker in_ifa_tracker;
struct in_ifaddr *ia;
- IN_IFADDR_RLOCK(&in_ifa_tracker);
- LIST_FOREACH(ia, INADDR_HASH(in.s_addr), ia_hash) {
- if (IA_SIN(ia)->sin_addr.s_addr == in.s_addr) {
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
- return (1);
- }
- }
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
- return (0);
+ NET_EPOCH_ASSERT();
+
+ CK_LIST_FOREACH(ia, INADDR_HASH(in.s_addr), ia_hash)
+ if (IA_SIN(ia)->sin_addr.s_addr == in.s_addr)
+ return (true);
+
+ return (false);
}
/*
@@ -170,24 +166,24 @@ in_ifhasaddr(struct ifnet *ifp, struct in_addr in)
static struct in_ifaddr *
in_localip_more(struct in_ifaddr *original_ia)
{
- struct rm_priotracker in_ifa_tracker;
+ struct epoch_tracker et;
in_addr_t original_addr = IA_SIN(original_ia)->sin_addr.s_addr;
uint32_t original_fib = original_ia->ia_ifa.ifa_ifp->if_fib;
struct in_ifaddr *ia;
- IN_IFADDR_RLOCK(&in_ifa_tracker);
- LIST_FOREACH(ia, INADDR_HASH(original_addr), ia_hash) {
+ NET_EPOCH_ENTER(et);
+ CK_LIST_FOREACH(ia, INADDR_HASH(original_addr), ia_hash) {
in_addr_t addr = IA_SIN(ia)->sin_addr.s_addr;
uint32_t fib = ia->ia_ifa.ifa_ifp->if_fib;
if (!V_rt_add_addr_allfibs && (original_fib != fib))
continue;
if ((original_ia != ia) && (original_addr == addr)) {
ifa_ref(&ia->ia_ifa);
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
+ NET_EPOCH_EXIT(et);
return (ia);
}
}
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
+ NET_EPOCH_EXIT(et);
return (NULL);
}
@@ -500,10 +496,10 @@ in_aifaddr_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp, struct thread *td)
IF_ADDR_WUNLOCK(ifp);
ifa_ref(ifa); /* in_ifaddrhead */
- IN_IFADDR_WLOCK();
+ sx_assert(&in_control_sx, SA_XLOCKED);
CK_STAILQ_INSERT_TAIL(&V_in_ifaddrhead, ia, ia_link);
- LIST_INSERT_HEAD(INADDR_HASH(ia->ia_addr.sin_addr.s_addr), ia, ia_hash);
- IN_IFADDR_WUNLOCK();
+ CK_LIST_INSERT_HEAD(INADDR_HASH(ia->ia_addr.sin_addr.s_addr), ia,
+ ia_hash);
/*
* Give the interface a chance to initialize
@@ -575,10 +571,9 @@ fail1:
IF_ADDR_WUNLOCK(ifp);
ifa_free(&ia->ia_ifa); /* if_addrhead */
- IN_IFADDR_WLOCK();
+ sx_assert(&in_control_sx, SA_XLOCKED);
CK_STAILQ_REMOVE(&V_in_ifaddrhead, ia, in_ifaddr, ia_link);
- LIST_REMOVE(ia, ia_hash);
- IN_IFADDR_WUNLOCK();
+ CK_LIST_REMOVE(ia, ia_hash);
ifa_free(&ia->ia_ifa); /* in_ifaddrhead */
return (error);
@@ -639,10 +634,9 @@ in_difaddr_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp, struct thread *td)
IF_ADDR_WUNLOCK(ifp);
ifa_free(&ia->ia_ifa); /* if_addrhead */
- IN_IFADDR_WLOCK();
+ sx_assert(&in_control_sx, SA_XLOCKED);
CK_STAILQ_REMOVE(&V_in_ifaddrhead, ia, in_ifaddr, ia_link);
- LIST_REMOVE(ia, ia_hash);
- IN_IFADDR_WUNLOCK();
+ CK_LIST_REMOVE(ia, ia_hash);
/*
* in_scrubprefix() kills the interface route.
diff --git a/sys/netinet/in.h b/sys/netinet/in.h
index 0206fd16d2fe..0506f1739e9b 100644
--- a/sys/netinet/in.h
+++ b/sys/netinet/in.h
@@ -649,7 +649,7 @@ int in_broadcast(struct in_addr, struct ifnet *);
int in_ifaddr_broadcast(struct in_addr, struct in_ifaddr *);
int in_canforward(struct in_addr);
int in_localaddr(struct in_addr);
-int in_localip(struct in_addr);
+bool in_localip(struct in_addr);
int in_ifhasaddr(struct ifnet *, struct in_addr);
struct in_ifaddr *in_findlocal(uint32_t, bool);
int inet_aton(const char *, struct in_addr *); /* in libkern */
diff --git a/sys/netinet/in_debug.c b/sys/netinet/in_debug.c
index d39c528dd9cd..00bc2636b436 100644
--- a/sys/netinet/in_debug.c
+++ b/sys/netinet/in_debug.c
@@ -90,9 +90,9 @@ in_show_in_ifaddr(struct in_ifaddr *ia)
IA_DB_RPINTF_PTR("%p", ia_ifa);
IA_DB_RPINTF("0x%08lx", ia_subnet);
IA_DB_RPINTF("0x%08lx", ia_subnetmask);
- IA_DB_RPINTF("%p", ia_hash.le_next);
- IA_DB_RPINTF("%p", ia_hash.le_prev);
- IA_DB_RPINTF_DPTR("%p", ia_hash.le_prev);
+ IA_DB_RPINTF("%p", ia_hash.cle_next);
+ IA_DB_RPINTF("%p", ia_hash.cle_prev);
+ IA_DB_RPINTF_DPTR("%p", ia_hash.cle_prev);
IA_DB_RPINTF("%p", ia_link.cstqe_next);
IA_DB_RPINTF_PTR("%p", ia_addr);
IA_DB_RPINTF_PTR("%p", ia_dstaddr);
diff --git a/sys/netinet/in_gif.c b/sys/netinet/in_gif.c
index a9f3d384fb5a..6290de6cb31e 100644
--- a/sys/netinet/in_gif.c
+++ b/sys/netinet/in_gif.c
@@ -196,6 +196,7 @@ int
in_gif_ioctl(struct gif_softc *sc, u_long cmd, caddr_t data)
{
struct ifreq *ifr = (struct ifreq *)data;
+ struct epoch_tracker et;
struct sockaddr_in *dst, *src;
struct ip *ip;
int error;
@@ -245,7 +246,9 @@ in_gif_ioctl(struct gif_softc *sc, u_long cmd, caddr_t data)
sc->gif_family = AF_INET;
sc->gif_iphdr = ip;
in_gif_attach(sc);
+ NET_EPOCH_ENTER(et);
in_gif_set_running(sc);
+ NET_EPOCH_EXIT(et);
break;
case SIOCGIFPSRCADDR:
case SIOCGIFPDSTADDR:
diff --git a/sys/netinet/in_mcast.c b/sys/netinet/in_mcast.c
index f307be283e64..6ac81aa98e44 100644
--- a/sys/netinet/in_mcast.c
+++ b/sys/netinet/in_mcast.c
@@ -44,7 +44,6 @@ __FBSDID("$FreeBSD$");
#include <sys/malloc.h>
#include <sys/mbuf.h>
#include <sys/protosw.h>
-#include <sys/rmlock.h>
#include <sys/socket.h>
#include <sys/socketvar.h>
#include <sys/protosw.h>
@@ -1378,7 +1377,6 @@ static int
inp_block_unblock_source(struct inpcb *inp, struct sockopt *sopt)
{
struct group_source_req gsr;
- struct rm_priotracker in_ifa_tracker;
sockunion_t *gsa, *ssa;
struct ifnet *ifp;
struct in_mfilter *imf;
@@ -1416,9 +1414,12 @@ inp_block_unblock_source(struct inpcb *inp, struct sockopt *sopt)
ssa->sin.sin_addr = mreqs.imr_sourceaddr;
if (!in_nullhost(mreqs.imr_interface)) {
- IN_IFADDR_RLOCK(&in_ifa_tracker);
+ struct epoch_tracker et;
+
+ NET_EPOCH_ENTER(et);
INADDR_TO_IFP(mreqs.imr_interface, ifp);
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
+ /* XXXGL: ifref? */
+ NET_EPOCH_EXIT(et);
}
if (sopt->sopt_name == IP_BLOCK_SOURCE)
doblock = 1;
@@ -1871,7 +1872,6 @@ static struct ifnet *
inp_lookup_mcast_ifp(const struct inpcb *inp,
const struct sockaddr_in *gsin, const struct in_addr ina)
{
- struct rm_priotracker in_ifa_tracker;
struct ifnet *ifp;
struct nhop_object *nh;
@@ -1883,11 +1883,9 @@ inp_lookup_mcast_ifp(const struct inpcb *inp,
ifp = NULL;
if (!in_nullhost(ina)) {
- IN_IFADDR_RLOCK(&in_ifa_tracker);
INADDR_TO_IFP(ina, ifp);
if (ifp != NULL)
if_ref(ifp);
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
} else {
nh = fib4_lookup(inp->inp_inc.inc_fibnum, gsin->sin_addr, 0, NHR_NONE, 0);
if (nh != NULL) {
@@ -2247,7 +2245,6 @@ inp_leave_group(struct inpcb *inp, struct sockopt *sopt)
{
struct group_source_req gsr;
struct ip_mreq_source mreqs;
- struct rm_priotracker in_ifa_tracker;
sockunion_t *gsa, *ssa;
struct ifnet *ifp;
struct in_mfilter *imf;
@@ -2307,9 +2304,12 @@ inp_leave_group(struct inpcb *inp, struct sockopt *sopt)
* using an IPv4 address as a key is racy.
*/
if (!in_nullhost(mreqs.imr_interface)) {
- IN_IFADDR_RLOCK(&in_ifa_tracker);
+ struct epoch_tracker et;
+
+ NET_EPOCH_ENTER(et);
INADDR_TO_IFP(mreqs.imr_interface, ifp);
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
+ /* XXXGL ifref? */
+ NET_EPOCH_EXIT(et);
}
CTR3(KTR_IGMPV3, "%s: imr_interface = 0x%08x, ifp = %p",
__func__, ntohl(mreqs.imr_interface.s_addr), ifp);
@@ -2465,7 +2465,6 @@ out_inp_locked:
static int
inp_set_multicast_if(struct inpcb *inp, struct sockopt *sopt)
{
- struct rm_priotracker in_ifa_tracker;
struct in_addr addr;
struct ip_mreqn mreqn;
struct ifnet *ifp;
@@ -2504,9 +2503,12 @@ inp_set_multicast_if(struct inpcb *inp, struct sockopt *sopt)
if (in_nullhost(addr)) {
ifp = NULL;
} else {
- IN_IFADDR_RLOCK(&in_ifa_tracker);
+ struct epoch_tracker et;
+
+ NET_EPOCH_ENTER(et);
INADDR_TO_IFP(addr, ifp);
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
+ /* XXXGL ifref? */
+ NET_EPOCH_EXIT(et);
if (ifp == NULL)
return (EADDRNOTAVAIL);
}
diff --git a/sys/netinet/in_var.h b/sys/netinet/in_var.h
index c33098e2c79c..a6902159e739 100644
--- a/sys/netinet/in_var.h
+++ b/sys/netinet/in_var.h
@@ -79,7 +79,7 @@ struct in_ifaddr {
/* ia_subnet{,mask} in host order */
u_long ia_subnet; /* subnet address */
u_long ia_subnetmask; /* mask of subnet */
- LIST_ENTRY(in_ifaddr) ia_hash; /* entry in bucket of inet addresses */
+ CK_LIST_ENTRY(in_ifaddr) ia_hash; /* hash of internet addresses */
CK_STAILQ_ENTRY(in_ifaddr) ia_link; /* list of internet addresses */
struct sockaddr_in ia_addr; /* reserve space for interface name */
struct sockaddr_in ia_dstaddr; /* reserve space for broadcast addr */
@@ -108,7 +108,7 @@ extern u_char inetctlerrmap[];
* Hash table for IP addresses.
*/
CK_STAILQ_HEAD(in_ifaddrhead, in_ifaddr);
-LIST_HEAD(in_ifaddrhashhead, in_ifaddr);
+CK_LIST_HEAD(in_ifaddrhashhead, in_ifaddr);
VNET_DECLARE(struct in_ifaddrhashhead *, in_ifaddrhashtbl);
VNET_DECLARE(struct in_ifaddrhead, in_ifaddrhead);
@@ -124,16 +124,6 @@ VNET_DECLARE(u_long, in_ifaddrhmask); /* mask for hash table */
#define INADDR_HASH(x) \
(&V_in_ifaddrhashtbl[INADDR_HASHVAL(x) & V_in_ifaddrhmask])
-extern struct rmlock in_ifaddr_lock;
-
-#define IN_IFADDR_LOCK_ASSERT() rm_assert(&in_ifaddr_lock, RA_LOCKED)
-#define IN_IFADDR_RLOCK(t) rm_rlock(&in_ifaddr_lock, (t))
-#define IN_IFADDR_RLOCK_ASSERT() rm_assert(&in_ifaddr_lock, RA_RLOCKED)
-#define IN_IFADDR_RUNLOCK(t) rm_runlock(&in_ifaddr_lock, (t))
-#define IN_IFADDR_WLOCK() rm_wlock(&in_ifaddr_lock)
-#define IN_IFADDR_WLOCK_ASSERT() rm_assert(&in_ifaddr_lock, RA_WLOCKED)
-#define IN_IFADDR_WUNLOCK() rm_wunlock(&in_ifaddr_lock)
-
/*
* Macro for finding the internet address structure (in_ifaddr)
* corresponding to one of our IP addresses (in_addr).
@@ -141,11 +131,11 @@ extern struct rmlock in_ifaddr_lock;
#define INADDR_TO_IFADDR(addr, ia) \
/* struct in_addr addr; */ \
/* struct in_ifaddr *ia; */ \
-do { \
-\
- LIST_FOREACH(ia, INADDR_HASH((addr).s_addr), ia_hash) \
- if (IA_SIN(ia)->sin_addr.s_addr == (addr).s_addr) \
- break; \
+do { \
+ NET_EPOCH_ASSERT(); \
+ CK_LIST_FOREACH(ia, INADDR_HASH((addr).s_addr), ia_hash) \
+ if (IA_SIN(ia)->sin_addr.s_addr == (addr).s_addr) \
+ break; \
} while (0)
/*
diff --git a/sys/netinet/ip_gre.c b/sys/netinet/ip_gre.c
index 0afd490944a4..6a2135fa32cd 100644
--- a/sys/netinet/ip_gre.c
+++ b/sys/netinet/ip_gre.c
@@ -363,6 +363,7 @@ fail:
static int
in_gre_attach(struct gre_softc *sc)
{
+ struct epoch_tracker et;
struct grehdr *gh;
int error;
@@ -397,7 +398,9 @@ in_gre_attach(struct gre_softc *sc)
sc, srchash);
/* Set IFF_DRV_RUNNING if interface is ready */
+ NET_EPOCH_ENTER(et);
in_gre_set_running(sc);
+ NET_EPOCH_EXIT(et);
return (0);
}
diff --git a/sys/netinet/ip_icmp.c b/sys/netinet/ip_icmp.c
index f8dfc21df8f3..463ac8c8e04d 100644
--- a/sys/netinet/ip_icmp.c
+++ b/sys/netinet/ip_icmp.c
@@ -44,7 +44,6 @@ __FBSDID("$FreeBSD$");
#include <sys/time.h>
#include <sys/kernel.h>
#include <sys/lock.h>
-#include <sys/rmlock.h>
#include <sys/sysctl.h>
#include <sys/syslog.h>
@@ -756,7 +755,6 @@ freeit:
static void
icmp_reflect(struct mbuf *m)
{
- struct rm_priotracker in_ifa_tracker;
struct ip *ip = mtod(m, struct ip *);
struct ifaddr *ifa;
struct ifnet *ifp;
@@ -785,15 +783,12 @@ icmp_reflect(struct mbuf *m)
* If the incoming packet was addressed directly to one of our
* own addresses, use dst as the src for the reply.
*/
- IN_IFADDR_RLOCK(&in_ifa_tracker);
- LIST_FOREACH(ia, INADDR_HASH(t.s_addr), ia_hash) {
+ CK_LIST_FOREACH(ia, INADDR_HASH(t.s_addr), ia_hash) {
if (t.s_addr == IA_SIN(ia)->sin_addr.s_addr) {
t = IA_SIN(ia)->sin_addr;
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
goto match;
}
}
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
/*
* If the incoming packet was addressed to one of our broadcast
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c
index 465c00e4dac7..dc122dd62e99 100644
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@@ -102,9 +102,6 @@ extern void ipreass_slowtimo(void);
extern void ipreass_destroy(void);
#endif
-struct rmlock in_ifaddr_lock;
-RM_SYSINIT(in_ifaddr_lock, &in_ifaddr_lock, "in_ifaddr_lock");
-
VNET_DEFINE(int, rsvp_on);
VNET_DEFINE(int, ipforwarding);
@@ -180,6 +177,9 @@ VNET_DEFINE(struct in_ifaddrhead, in_ifaddrhead); /* first inet address */
VNET_DEFINE(struct in_ifaddrhashhead *, in_ifaddrhashtbl); /* inet addr hash table */
VNET_DEFINE(u_long, in_ifaddrhmask); /* mask for hash table */
+/* Make sure it is safe to use hashinit(9) on CK_LIST. */
+CTASSERT(sizeof(struct in_ifaddrhashhead) == sizeof(LIST_HEAD(, in_addr)));
+
#ifdef IPCTL_DEFMTU
SYSCTL_INT(_net_inet_ip, IPCTL_DEFMTU, mtu, CTLFLAG_RW,
&ip_mtu, 0, "Default MTU");
@@ -453,7 +453,6 @@ void
ip_input(struct mbuf *m)
{
MROUTER_RLOCK_TRACKER;
- struct rm_priotracker in_ifa_tracker;
struct ip *ip = NULL;
struct in_ifaddr *ia = NULL;
struct ifaddr *ifa;
@@ -689,8 +688,7 @@ passin:
/*
* Check for exact addresses in the hash bucket.
*/
- IN_IFADDR_RLOCK(&in_ifa_tracker);
- LIST_FOREACH(ia, INADDR_HASH(ip->ip_dst.s_addr), ia_hash) {
+ CK_LIST_FOREACH(ia, INADDR_HASH(ip->ip_dst.s_addr), ia_hash) {
/*
* If the address matches, verify that the packet
* arrived via the correct interface if checking is
@@ -701,11 +699,9 @@ passin:
counter_u64_add(ia->ia_ifa.ifa_ipackets, 1);
counter_u64_add(ia->ia_ifa.ifa_ibytes,
m->m_pkthdr.len);
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
goto ours;
}
}
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
/*
* Check for broadcast addresses.
diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index 17253373628c..bb7667a3e270 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -1593,20 +1593,9 @@ pf_isforlocal(struct mbuf *m, int af)
switch (af) {
#ifdef INET
case AF_INET: {
- struct rm_priotracker in_ifa_tracker;
- struct ip *ip;
- struct in_ifaddr *ia = NULL;
-
- ip = mtod(m, struct ip *);
- IN_IFADDR_RLOCK(&in_ifa_tracker);
- LIST_FOREACH(ia, INADDR_HASH(ip->ip_dst.s_addr), ia_hash) {
- if (IA_SIN(ia)->sin_addr.s_addr == ip->ip_dst.s_addr) {
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
- return (true);
- }
- }
- IN_IFADDR_RUNLOCK(&in_ifa_tracker);
- break;
+ struct ip *ip = mtod(m, struct ip *);
+
+ return (in_localip(ip->ip_dst));
}
#endif
#ifdef INET6