From owner-freebsd-pf@FreeBSD.ORG  Sat Apr  5 22:21:31 2014
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 5DB10250;
 Sat,  5 Apr 2014 22:21:31 +0000 (UTC)
Received: from mail.vx.sk (mail.vx.sk [IPv6:2a01:4f8:150:6101::4])
 by mx1.freebsd.org (Postfix) with ESMTP id 1B159381;
 Sat,  5 Apr 2014 22:21:31 +0000 (UTC)
Received: from mail.vx.sk (localhost [127.0.0.1])
 by mail.vx.sk (Postfix) with ESMTP id BC10BB58F;
 Sun,  6 Apr 2014 00:21:29 +0200 (CEST)
X-Virus-Scanned: amavisd-new at mail.vx.sk
Received: from mail.vx.sk by mail.vx.sk (amavisd-new, unix socket) with LMTP
 id GiaYUcmaN6Mt; Sun,  6 Apr 2014 00:21:29 +0200 (CEST)
Received: from [192.168.2.103] (dslb-092-078-029-103.pools.arcor-ip.net
 [92.78.29.103]) by mail.vx.sk (Postfix) with ESMTPSA id A2CBCB585;
 Sun,  6 Apr 2014 00:21:28 +0200 (CEST)
Message-ID: <534081E7.3040403@FreeBSD.org>
Date: Sun, 06 Apr 2014 00:21:27 +0200
From: Martin Matuska <mm@FreeBSD.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: Mikolaj Golub <trociny@FreeBSD.org>
Subject: Re: CFR projects/pf: vnet awareness for pf_overloadqueue
References: <5337D55A.6030607@FreeBSD.org> <20140331194109.GA17582@gmail.com>
In-Reply-To: <20140331194109.GA17582@gmail.com>
X-Enigmail-Version: 1.5.2
Content-Type: multipart/mixed; boundary="------------070903080608050809070009"
Cc: freebsd-pf@FreeBSD.org
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
 \(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
 <mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Apr 2014 22:21:31 -0000

This is a multi-part message in MIME format.
--------------070903080608050809070009
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

An reworked pf_overloadqueue patch is attached (Mikolaj thanks for the
input).
This time to keep a united look I used identical syntax as in some other
functions.

Thank you for reviewing & comments.

--------------070903080608050809070009
Content-Type: text/x-patch;
 name="pf_overloadqueue_2.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="pf_overloadqueue_2.patch"

Index: projects/pf/head/sys/netpfil/pf/pf.c
===================================================================
--- projects/pf/head/sys/netpfil/pf/pf.c	(revision 263908)
+++ projects/pf/head/sys/netpfil/pf/pf.c	(working copy)
@@ -288,7 +288,7 @@ static int		 pf_addr_wrap_neq(struct pf_addr_wrap
 static struct pf_state	*pf_find_state(struct pfi_kif *,
 			    struct pf_state_key_cmp *, u_int);
 static int		 pf_src_connlimit(struct pf_state **);
-static void		 pf_overload_task(void *c, int pending);
+static void		 pf_overload_task(void *v, int pending);
 static int		 pf_insert_src_node(struct pf_src_node **,
 			    struct pf_rule *, struct pf_addr *, sa_family_t);
 static u_int		 pf_purge_expired_states(u_int, int);
@@ -520,7 +520,7 @@ pf_src_connlimit(struct pf_state **state)
 }
 
 static void
-pf_overload_task(void *c, int pending)
+pf_overload_task(void *v, int pending)
 {
 	struct pf_overload_head queue;
 	struct pfr_addr p;
@@ -527,9 +527,11 @@ static void
 	struct pf_overload_entry *pfoe, *pfoe1;
 	uint32_t killed = 0;
 
+	CURVNET_SET((struct vnet *)v);
+
 	PF_OVERLOADQ_LOCK();
-	queue = *(struct pf_overload_head *)c;
-	SLIST_INIT((struct pf_overload_head *)c);
+	queue = V_pf_overloadqueue;
+	SLIST_INIT(&V_pf_overloadqueue);
 	PF_OVERLOADQ_UNLOCK();
 
 	bzero(&p, sizeof(p));
@@ -573,8 +575,10 @@ static void
 			V_pf_status.lcounters[LCNT_OVERLOAD_FLUSH]++;
 
 	/* If nothing to flush, return. */
-	if (SLIST_EMPTY(&queue))
+	if (SLIST_EMPTY(&queue)) {
+		CURVNET_RESTORE();
 		return;
+	}
 
 	for (int i = 0; i <= pf_hashmask; i++) {
 		struct pf_idhash *ih = &V_pf_idhash[i];
@@ -603,6 +607,8 @@ static void
 		free(pfoe, M_PFTEMP);
 	if (V_pf_status.debug >= PF_DEBUG_MISC)
 		printf("%s: %u states killed", __func__, killed);
+
+	CURVNET_RESTORE();
 }
 
 /*
@@ -804,7 +810,7 @@ pf_vnet_initialize()
 	/* Send & overload+flush queues. */
 	STAILQ_INIT(&V_pf_sendqueue);
 	SLIST_INIT(&V_pf_overloadqueue);
-	TASK_INIT(&V_pf_overloadtask, 0, pf_overload_task, &V_pf_overloadqueue);
+	TASK_INIT(&V_pf_overloadtask, 0, pf_overload_task, curvnet);
 
 	/* Unlinked, but may be referenced rules. */
 	TAILQ_INIT(&V_pf_unlinked_rules);

--------------070903080608050809070009--