diff options
| author | Craig Rodrigues <rodrigc@FreeBSD.org> | 2015-01-06 09:03:03 +0000 |
|---|---|---|
| committer | Craig Rodrigues <rodrigc@FreeBSD.org> | 2015-01-06 09:03:03 +0000 |
| commit | 4de985af0bcf30abf005595785caecabfd3ae66a (patch) | |
| tree | 08105b8a01fba1ea8ae30309fc89756f9a050dd1 /sys/netpfil/pf | |
| parent | c75820c7569bb9e281f84e4bda884b543902e4d5 (diff) | |
| download | src-4de985af0bcf30abf005595785caecabfd3ae66a.tar.gz src-4de985af0bcf30abf005595785caecabfd3ae66a.zip | |
Instead of creating a purge thread for every vnet, create
a single purge thread and clean up all vnets from this thread.
PR: 194515
Differential Revision: D1315
Submitted by: Nikos Vassiliadis <nvass@gmx.com>
Notes
Notes:
svn path=/head/; revision=276747
Diffstat (limited to 'sys/netpfil/pf')
| -rw-r--r-- | sys/netpfil/pf/pf.c | 82 |
1 files changed, 24 insertions, 58 deletions
diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index bfa273f68fa9..eedcfa107d15 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -1384,71 +1384,37 @@ pf_intr(void *v) } void -pf_purge_thread(void *v) +pf_purge_thread(void *v __unused) { u_int idx = 0; - - CURVNET_SET((struct vnet *)v); + VNET_ITERATOR_DECL(vnet_iter); for (;;) { - PF_RULES_RLOCK(); - rw_sleep(pf_purge_thread, &pf_rules_lock, 0, "pftm", hz / 10); - - if (V_pf_end_threads) { - /* - * To cleanse up all kifs and rules we need - * two runs: first one clears reference flags, - * then pf_purge_expired_states() doesn't - * raise them, and then second run frees. - */ - PF_RULES_RUNLOCK(); - pf_purge_unlinked_rules(); - pfi_kif_purge(); - - /* - * Now purge everything. - */ - pf_purge_expired_states(0, pf_hashmask); - pf_purge_expired_fragments(); - pf_purge_expired_src_nodes(); - - /* - * Now all kifs & rules should be unreferenced, - * thus should be successfully freed. - */ - pf_purge_unlinked_rules(); - pfi_kif_purge(); - - /* - * Announce success and exit. - */ - PF_RULES_RLOCK(); - V_pf_end_threads++; - PF_RULES_RUNLOCK(); - wakeup(pf_purge_thread); - kproc_exit(0); - } - PF_RULES_RUNLOCK(); - - /* Process 1/interval fraction of the state table every run. */ - idx = pf_purge_expired_states(idx, pf_hashmask / - (V_pf_default_rule.timeout[PFTM_INTERVAL] * 10)); - - /* Purge other expired types every PFTM_INTERVAL seconds. */ - if (idx == 0) { - /* - * Order is important: - * - states and src nodes reference rules - * - states and rules reference kifs - */ - pf_purge_expired_fragments(); - pf_purge_expired_src_nodes(); - pf_purge_unlinked_rules(); - pfi_kif_purge(); + tsleep(pf_purge_thread, PWAIT, "pftm", hz / 10); + VNET_LIST_RLOCK(); + VNET_FOREACH(vnet_iter) { + CURVNET_SET(vnet_iter); + /* Process 1/interval fraction of the state table every run. */ + idx = pf_purge_expired_states(idx, pf_hashmask / + (V_pf_default_rule.timeout[PFTM_INTERVAL] * 10)); + + /* Purge other expired types every PFTM_INTERVAL seconds. */ + if (idx == 0) { + /* + * Order is important: + * - states and src nodes reference rules + * - states and rules reference kifs + */ + pf_purge_expired_fragments(); + pf_purge_expired_src_nodes(); + pf_purge_unlinked_rules(); + pfi_kif_purge(); + } + CURVNET_RESTORE(); } + VNET_LIST_RUNLOCK(); } /* not reached */ - CURVNET_RESTORE(); } u_int32_t |