cvs commit: src/sys/contrib/pf/net if_pfsync.c
Bruce M. Simpson
bms at incunabulum.net
Tue Apr 24 06:38:06 UTC 2007
Robert Watson wrote:
> Part of the issue here is that kernel consumers aren't the only
> sources of multicast address registrations -- for example, user
> applications can register them directly using ioctls. Kernel
> consumers should be given every opportunity to unregister addresses
> themselves (via event handlers on tear-down) before they are ripped
> out, but if they're still there when it comes time to free the
> interface, the stack should clean them up.
The code as it currently stands mostly captures these semantics.
Userland can only join IPv4 groups on a socket, therefore those
allocations are already tracked, and garbage collected with the socket.
For link layer groups, userland may currently join only once, because
there is no other way of tracking multiple allocations -- the socket
ioctl used for this can't return an opaque handle without changing the
ABI. This is a rarely used feature, so this change in semantics seems OK.
The code Glebius is referring to is a case where the event handler, used
to detect that the member interface of a pfsync instance was detached
from the rest of the system, runs only after netinet itself has been
detached from the interface, but just before the interface is actually
removed. Therefore, netinet has already cleaned up after itself and
freed the pfsync group memberships, the detach handler need do nothing.
If we made the attachment and detachment of protocol domains explicit in
the network stack, then the whole would be cleaner. However, this would
be a very wide ranging architectural change, far more so than the
introduction of reference counting to in_multi.
More information about the cvs-src