K 10
svn:author
V 7
glebius
K 8
svn:date
V 27
2012-04-14T11:44:10.883816Z
K 7
svn:log
V 1274
Remove the "pfugidhack".

The core problem here is that we need to do in_pcblookup() from the
pf(4). This leads to LOR between "pf Giant" and pcb hash locks.

The lookup can be done in several cases:

1. When processing rules that specify uid/gid.
2. When logging on a rule that has "log (user)" option.
   2.1 ..., when processing rulesets.
   2.2 ..., at the end of pf_test(), if memory allocation failed or
       if packet has IP Options.

In the new locking scheme, in 1 and 2.1 we would only have
reader lock on rulesets. In 2.2 we might have a state lock.

Since lock on rulesets is _reader_, the LOR between it and
PCB locks is safe. By the way, we already have LOR between
pfil(9) reader lock and PCBs. Thus, in the new locking scheme
lookup in 1 and 2.1 is safe and doesn't require any hacks.

In the 2.2 we avoid lookup, if we got a state. This is really
a rare case, and tiny degradation of pflog(4) output can be
sustained. For this pflog_packet() gets an additional argument.

While we still have the "pf Giant" we unlock it in
pf_socket_lookup() temporarily.

While here:
- Reduce argument list for pf_test_rule().
- Reduce argument list for pf_socket_lookup(), simplifing code.
- Remove pid_t from pdesc. Our socket layer doesn't provide this
  information.

END