cvs commit: src/sys/contrib/pf/net if_pfsync.c

Bruce M. Simpson bms at
Tue Apr 24 06:38:06 UTC 2007

Robert Watson wrote:
> Part of the issue here is that kernel consumers aren't the only 
> sources of multicast address registrations -- for example, user 
> applications can register them directly using ioctls.  Kernel 
> consumers should be given every opportunity to unregister addresses 
> themselves (via event handlers on tear-down) before they are ripped 
> out, but if they're still there when it comes time to free the 
> interface, the stack should clean them up.

The code as it currently stands mostly captures these semantics.

Userland can only join IPv4 groups on a socket, therefore those 
allocations are already tracked, and garbage collected with the socket.

For link layer groups, userland may currently join only once, because 
there is no other way of tracking multiple allocations -- the socket 
ioctl used for this can't return an opaque handle without changing the 
ABI. This is a rarely used feature, so this change in semantics seems OK.

The code Glebius is referring to is a case where the event handler, used 
to detect that the member interface of a pfsync instance was detached 
from the rest of the system, runs only after netinet itself has been 
detached from the interface, but just before the interface is actually 
removed. Therefore, netinet has already cleaned up after itself and 
freed the pfsync group memberships, the detach handler need do nothing.

If we made the attachment and detachment of protocol domains explicit in 
the network stack, then the whole would be cleaner. However, this would 
be a very wide ranging architectural change, far more so than the 
introduction of reference counting to in_multi.


More information about the cvs-src mailing list