cvs commit: src UPDATING src/share/man/man9 pfil.9
src/sys/contrib/ipfilter/netinet ip_fil.c src/sys/contrib/pf/net
pf.c pf_ioctl.c pfvar.h src/sys/net bridge.c pfil.c pfil.h
src/sys/netinet ip_fastfwd.c ip_fw.h ip_fw2.c ip_fw_pfil.c ...
Christian S.J. Peron
csjp at freebsd.org
Wed Sep 29 06:34:24 PDT 2004
On 29 Sep 2004 Max Laier wrote:
> Add an additional struct inpcb * argument to pfil(9) in order to enable
> passing along socket information. This is required to work around a LOR with
> the socket code which results in an easy reproducible hard lockup with
> debug.mpsafenet=1. This commit does *not* fix the LOR, but enables us to do
> so later. The missing piece is to turn the filter locking into a leaf lock
> and will follow in a seperate (later) commit.
>
> This will hopefully be MT5'ed in order to fix the problem for RELENG_5 in
> forseeable future.
It's also important to note that this will boost the performance of ucred
based firewalling as it removes the overhead of looking up PCB entries
on local outgoing packets.
--
Christian S.J. Peron
csjp at FreeBSD.ORG
FreeBSD Committer
More information about the cvs-src
mailing list