svn commit: r276747 - head/sys/netpfil/pf
Gleb Smirnoff
glebius at FreeBSD.org
Wed Jan 21 21:44:50 UTC 2015
On Wed, Jan 07, 2015 at 11:46:31PM +0300, Gleb Smirnoff wrote:
T> On Tue, Jan 06, 2015 at 09:03:04AM +0000, Craig Rodrigues wrote:
T> C> Author: rodrigc
T> C> Date: Tue Jan 6 09:03:03 2015
T> C> New Revision: 276747
T> C> URL: https://svnweb.freebsd.org/changeset/base/276747
T> C>
T> C> Log:
T> C> Instead of creating a purge thread for every vnet, create
T> C> a single purge thread and clean up all vnets from this thread.
T> C>
T> C> PR: 194515
T> C> Differential Revision: D1315
T> C> Submitted by: Nikos Vassiliadis <nvass at gmx.com>
T>
T> I am not sure that this is a good idea. The core idea of VNETs
T> is that they are isolated from each other. If we serialize purging,
T> then vnets are strongly affecting each other.
T>
T> AFAIU, from the PR there is some panic fixed. What is the actual bug
T> and why couldn't it be fixed with having per-vnet thread?
So, after closer inspection, this commit is a completely messed up.
You blindly remove kproc_exit(). What do you think would happen on
'kldunload -f pf'?
You removed PF_RULES_RLOCK(). Cool! Now the purging thread doesn't
acquire the pf lock.
You substitute rw_sleep() with tsleep(). And the latter requires
Giant to be held. If you tried your change with INVARIANTS, it
would panic immediately.
--
Totus tuus, Glebius.
More information about the svn-src-head
mailing list