On Sun, Aug 09, 2020 at 02:33:01PM +0200, Klemens Nanni wrote:
> mvs's vnet(4) diff reminded me of pfsync(4).
>
> This works on my my pair of amd64 firewalls.
>
> Feedback? OK?
>
Does `IFXF_MPSAFE' bit assume that pfsyncioctl() should not rely to
kernel lock and pfsync(4) related data structures already have their own
protection?
>
> Index: if_pfsync.c
> ===================================================================
> RCS file: /cvs/src/sys/net/if_pfsync.c,v
> retrieving revision 1.275
> diff -u -p -r1.275 if_pfsync.c
> --- if_pfsync.c 29 Jul 2020 12:08:15 -0000 1.275
> +++ if_pfsync.c 9 Aug 2020 00:52:41 -0000
> @@ -253,7 +253,7 @@ void pfsync_update_net_tdb(struct pfsync
> int pfsyncoutput(struct ifnet *, struct mbuf *, struct sockaddr *,
> struct rtentry *);
> int pfsyncioctl(struct ifnet *, u_long, caddr_t);
> -void pfsyncstart(struct ifnet *);
> +void pfsyncstart(struct ifqueue *);
> void pfsync_syncdev_state(void *);
> void pfsync_ifdetach(void *);
>
> @@ -339,12 +339,12 @@ pfsync_clone_create(struct if_clone *ifc
> ifp->if_softc = sc;
> ifp->if_ioctl = pfsyncioctl;
> ifp->if_output = pfsyncoutput;
> - ifp->if_start = pfsyncstart;
> + ifp->if_qstart = pfsyncstart;
> ifp->if_type = IFT_PFSYNC;
> ifq_set_maxlen(&ifp->if_snd, IFQ_MAXLEN);
> ifp->if_hdrlen = sizeof(struct pfsync_header);
> ifp->if_mtu = ETHERMTU;
> - ifp->if_xflags = IFXF_CLONED;
> + ifp->if_xflags = IFXF_CLONED | IFXF_MPSAFE;
> timeout_set_proc(&sc->sc_tmo, pfsync_timeout, NULL);
> timeout_set_proc(&sc->sc_bulk_tmo, pfsync_bulk_update, NULL);
> timeout_set_proc(&sc->sc_bulkfail_tmo, pfsync_bulk_fail, NULL);
> @@ -418,9 +418,9 @@ pfsync_clone_destroy(struct ifnet *ifp)
> * Start output on the pfsync interface.
> */
> void
> -pfsyncstart(struct ifnet *ifp)
> +pfsyncstart(struct ifqueue *ifq)
> {
> - ifq_purge(&ifp->if_snd);
> + ifq_purge(ifq);
> }
>
> void
>
