K 10
svn:author
V 7
glebius
K 8
svn:date
V 27
2012-05-25T14:11:02.758727Z
K 7
svn:log
V 1698
1) Locking kifs. In r234651 I made safe expiring of rules. However, states
   may also reference kifs directly. Rules, and some structures hanging off
   rules may also reference kifs. Now, states no longer update refcount on
   kifs, only rules do. When refcount on a kif reaches zero, and kif isn't
   representing an existing interface or group, then it is moved to a list
   of unlinked kifs locked by a separate mutex. These unlinked kifs are
   purged via naive mark-and-sweep run, similarly to unlinked rules expiry.

2) Apart from rules we've got some more structures that a hanging off the
   rules, and are read by the packet processing path: struct pfi_kif,
   struct pfi_dynaddr, struct pfr_ktable, struct pf_pool, struct pf_pooladdr.
   Reading these should require reader lock on rules, and modifying them writer
   lock.
   - Convert PF_LOCK to PF_RULES_WLOCK() in appropriate ioctls.
   - Acquire PF_RULES_WLOCK() in pf_free_rule(). To avoid LOR with unlinked
     rules mutex, use a temporary list on stack.
   - Assert pf rules lock in many functions that operate on tables or
     struct pf_addr_wrap.
   - Remove separate uma(9) zone for dynaddrs, no reason for it.

3) In many ioctl paths we used to obtain locks quite early, and thus wasn't
   able to use M_WAITOK. Make a poor attempt to make situation here better:
   - Do some parameter validation prior to actually processing the request
   - Pre-allocate struct pf_rule, struct pfi_kif prior to obtaining locks
   with M_WAITOK. Free them on failure.
   Unfortunately, fixing all pf(4) ioctls to use M_WAITOK is quite difficult,
   especially configuring pf tables, where rn_inithead() is called, which
   uses M_NOWAIT.

END