From owner-svn-src-all@FreeBSD.ORG Wed Nov 26 22:32:09 2008 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 889E71065673; Wed, 26 Nov 2008 22:32:09 +0000 (UTC) (envelope-from zec@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 6ADF48FC14; Wed, 26 Nov 2008 22:32:09 +0000 (UTC) (envelope-from zec@FreeBSD.org) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id mAQMW9SV068192; Wed, 26 Nov 2008 22:32:09 GMT (envelope-from zec@svn.freebsd.org) Received: (from zec@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id mAQMW7PQ068162; Wed, 26 Nov 2008 22:32:07 GMT (envelope-from zec@svn.freebsd.org) Message-Id: <200811262232.mAQMW7PQ068162@svn.freebsd.org> From: Marko Zec Date: Wed, 26 Nov 2008 22:32:07 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r185348 - in head/sys: kern net netinet netinet6 netipsec X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Nov 2008 22:32:09 -0000 Author: zec Date: Wed Nov 26 22:32:07 2008 New Revision: 185348 URL: http://svn.freebsd.org/changeset/base/185348 Log: Merge more of currently non-functional (i.e. resolving to whitespace) macros from p4/vimage branch. Do a better job at enclosing all instantiations of globals scheduled for virtualization in #ifdef VIMAGE_GLOBALS blocks. De-virtualize and mark as const saorder_state_alive and saorder_state_any arrays from ipsec code, given that they are never updated at runtime, so virtualizing them would be pointless. Reviewed by: bz, julian Approved by: julian (mentor) Obtained from: //depot/projects/vimage-commit2/... X-MFC after: never Sponsored by: NLnet Foundation, The FreeBSD Foundation Modified: head/sys/kern/kern_poll.c head/sys/kern/kern_sysctl.c head/sys/net/bpf.c head/sys/net/if.c head/sys/net/if_loop.c head/sys/net/route.c head/sys/netinet/if_ether.c head/sys/netinet/in_pcb.c head/sys/netinet/in_rmx.c head/sys/netinet/ip_divert.c head/sys/netinet/ip_fw_pfil.c head/sys/netinet/ip_output.c head/sys/netinet/tcp_input.c head/sys/netinet/tcp_subr.c head/sys/netinet/tcp_syncache.c head/sys/netinet/tcp_timewait.c head/sys/netinet/udp_usrreq.c head/sys/netinet/vinet.h head/sys/netinet6/icmp6.c head/sys/netinet6/in6_ifattach.c head/sys/netinet6/in6_proto.c head/sys/netinet6/in6_rmx.c head/sys/netinet6/in6_src.c head/sys/netinet6/nd6_nbr.c head/sys/netinet6/nd6_rtr.c head/sys/netinet6/raw_ip6.c head/sys/netipsec/ipsec.c head/sys/netipsec/key.c head/sys/netipsec/keysock.c head/sys/netipsec/vipsec.h Modified: head/sys/kern/kern_poll.c ============================================================================== --- head/sys/kern/kern_poll.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/kern/kern_poll.c Wed Nov 26 22:32:07 2008 (r185348) @@ -521,6 +521,7 @@ ether_poll_deregister(struct ifnet *ifp) static int poll_switch(SYSCTL_HANDLER_ARGS) { + INIT_VNET_NET(curvnet); struct ifnet *ifp; int error; int val = polling; Modified: head/sys/kern/kern_sysctl.c ============================================================================== --- head/sys/kern/kern_sysctl.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/kern/kern_sysctl.c Wed Nov 26 22:32:07 2008 (r185348) @@ -52,6 +52,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include @@ -1413,6 +1414,7 @@ userland_sysctl(struct thread *td, int * req.lock = REQ_LOCKED; SYSCTL_LOCK(); + CURVNET_SET(TD_TO_VNET(curthread)); do { req.oldidx = 0; @@ -1423,6 +1425,7 @@ userland_sysctl(struct thread *td, int * if (req.lock == REQ_WIRED && req.validlen > 0) vsunlock(req.oldptr, req.validlen); + CURVNET_RESTORE(); SYSCTL_UNLOCK(); if (error && error != ENOMEM) Modified: head/sys/net/bpf.c ============================================================================== --- head/sys/net/bpf.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/net/bpf.c Wed Nov 26 22:32:07 2008 (r185348) @@ -56,6 +56,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include @@ -566,7 +567,9 @@ bpf_detachd(struct bpf_d *d) */ if (d->bd_promisc) { d->bd_promisc = 0; + CURVNET_SET(ifp->if_vnet); error = ifpromisc(ifp, 0); + CURVNET_RESTORE(); if (error != 0 && error != ENXIO) { /* * ENXIO can happen if a pccard is unplugged @@ -872,7 +875,9 @@ bpfwrite(struct cdev *dev, struct uio *u #ifdef MAC BPFD_LOCK(d); + CURVNET_SET(ifp->if_vnet); mac_bpfdesc_create_mbuf(d, m); + CURVNET_RESTORE(); if (mc != NULL) mac_bpfdesc_create_mbuf(d, mc); BPFD_UNLOCK(d); @@ -993,6 +998,7 @@ bpfioctl(struct cdev *dev, u_long cmd, c return (EPERM); } } + CURVNET_SET(TD_TO_VNET(td)); switch (cmd) { default: @@ -1322,6 +1328,7 @@ bpfioctl(struct cdev *dev, u_long cmd, c case BIOCROTZBUF: return (bpf_ioctl_rotzbuf(td, d, (struct bpf_zbuf *)addr)); } + CURVNET_RESTORE(); return (error); } Modified: head/sys/net/if.c ============================================================================== --- head/sys/net/if.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/net/if.c Wed Nov 26 22:32:07 2008 (r185348) @@ -192,7 +192,6 @@ ifnet_setbyindex(u_short idx, struct ifn struct ifaddr * ifaddr_byindex(u_short idx) { - INIT_VNET_NET(curvnet); struct ifaddr *ifa; IFNET_RLOCK(); Modified: head/sys/net/if_loop.c ============================================================================== --- head/sys/net/if_loop.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/net/if_loop.c Wed Nov 26 22:32:07 2008 (r185348) @@ -105,6 +105,9 @@ IFC_SIMPLE_DECLARE(lo, 1); static void lo_clone_destroy(struct ifnet *ifp) { +#ifdef INVARIANTS + INIT_VNET_NET(ifp->if_vnet); +#endif /* XXX: destroying lo0 will lead to panics. */ KASSERT(V_loif != ifp, ("%s: destroying lo0", __func__)); @@ -141,6 +144,7 @@ lo_clone_create(struct if_clone *ifc, in static int loop_modevent(module_t mod, int type, void *data) { + INIT_VNET_NET(curvnet); switch (type) { case MOD_LOAD: Modified: head/sys/net/route.c ============================================================================== --- head/sys/net/route.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/net/route.c Wed Nov 26 22:32:07 2008 (r185348) @@ -145,6 +145,7 @@ SYSCTL_PROC(_net, OID_AUTO, my_fibnum, C static void route_init(void) { + INIT_VNET_INET(curvnet); int table; struct domain *dom; int fam; Modified: head/sys/netinet/if_ether.c ============================================================================== --- head/sys/netinet/if_ether.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet/if_ether.c Wed Nov 26 22:32:07 2008 (r185348) @@ -89,8 +89,8 @@ static int useloopback; /* use loopback static int arp_proxyall; #endif -SYSCTL_INT(_net_link_ether_inet, OID_AUTO, max_age, CTLFLAG_RW, - &arpt_keep, 0, "ARP entry lifetime in seconds"); +SYSCTL_V_INT(V_NET, vnet_inet, _net_link_ether_inet, OID_AUTO, max_age, + CTLFLAG_RW, arpt_keep, 0, "ARP entry lifetime in seconds"); #define rt_expire rt_rmx.rmx_expire Modified: head/sys/netinet/in_pcb.c ============================================================================== --- head/sys/netinet/in_pcb.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet/in_pcb.c Wed Nov 26 22:32:07 2008 (r185348) @@ -120,6 +120,7 @@ int ipport_tcplastcount; static int sysctl_net_ipport_check(SYSCTL_HANDLER_ARGS) { + INIT_VNET_INET(curvnet); int error; error = sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req); @@ -1474,7 +1475,7 @@ inp_apply_all(void (*func)(struct inpcb struct inpcb *inp; INP_INFO_RLOCK(&V_tcbinfo); - LIST_FOREACH(inp, tcbinfo.ipi_listhead, inp_list) { + LIST_FOREACH(inp, V_tcbinfo.ipi_listhead, inp_list) { INP_WLOCK(inp); func(inp, arg); INP_WUNLOCK(inp); Modified: head/sys/netinet/in_rmx.c ============================================================================== --- head/sys/netinet/in_rmx.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet/in_rmx.c Wed Nov 26 22:32:07 2008 (r185348) @@ -287,6 +287,7 @@ in_rtqtimo(void *rock) static void in_rtqtimo_one(void *rock) { + INIT_VNET_INET(curvnet); struct radix_node_head *rnh = rock; struct rtqk_arg arg; static time_t last_adjusted_timeout = 0; @@ -341,6 +342,7 @@ in_rtqdrain(void) VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); INIT_VNET_NET(vnet_iter); + for ( fibnum = 0; fibnum < rt_numfibs; fibnum++) { rnh = V_rt_tables[fibnum][AF_INET]; arg.found = arg.killed = 0; Modified: head/sys/netinet/ip_divert.c ============================================================================== --- head/sys/netinet/ip_divert.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet/ip_divert.c Wed Nov 26 22:32:07 2008 (r185348) @@ -581,6 +581,7 @@ div_ctlinput(int cmd, struct sockaddr *s static int div_pcblist(SYSCTL_HANDLER_ARGS) { + INIT_VNET_INET(curvnet); int error, i, n; struct inpcb *inp, **inp_list; inp_gen_t gencnt; Modified: head/sys/netinet/ip_fw_pfil.c ============================================================================== --- head/sys/netinet/ip_fw_pfil.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet/ip_fw_pfil.c Wed Nov 26 22:32:07 2008 (r185348) @@ -487,6 +487,7 @@ ipfw6_unhook(void) int ipfw_chg_hook(SYSCTL_HANDLER_ARGS) { + INIT_VNET_IPFW(curvnet); int enable = *(int *)arg1; int error; Modified: head/sys/netinet/ip_output.c ============================================================================== --- head/sys/netinet/ip_output.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet/ip_output.c Wed Nov 26 22:32:07 2008 (r185348) @@ -791,6 +791,7 @@ done: void in_delayed_cksum(struct mbuf *m) { + INIT_VNET_INET(curvnet); struct ip *ip; u_short csum, offset; Modified: head/sys/netinet/tcp_input.c ============================================================================== --- head/sys/netinet/tcp_input.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet/tcp_input.c Wed Nov 26 22:32:07 2008 (r185348) @@ -2986,6 +2986,7 @@ tcp_mss(struct tcpcb *tp, int offer) int isipv6; #endif KASSERT(tp != NULL, ("%s: tp == NULL", __func__)); + INIT_VNET_INET(tp->t_vnet); tcp_mss_update(tp, offer, &metrics, &mtuflags); Modified: head/sys/netinet/tcp_subr.c ============================================================================== --- head/sys/netinet/tcp_subr.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet/tcp_subr.c Wed Nov 26 22:32:07 2008 (r185348) @@ -130,7 +130,7 @@ static int tcp_inflight_stab; static int sysctl_net_inet_tcp_mss_check(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(TD_TO_VNET(curthread)); + INIT_VNET_INET(curvnet); int error, new; new = V_tcp_mssdflt; @@ -144,15 +144,16 @@ sysctl_net_inet_tcp_mss_check(SYSCTL_HAN return (error); } -SYSCTL_PROC(_net_inet_tcp, TCPCTL_MSSDFLT, mssdflt, CTLTYPE_INT|CTLFLAG_RW, - &tcp_mssdflt, 0, &sysctl_net_inet_tcp_mss_check, "I", - "Default TCP Maximum Segment Size"); +SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_tcp, TCPCTL_MSSDFLT, mssdflt, + CTLTYPE_INT|CTLFLAG_RW, tcp_mssdflt, 0, + &sysctl_net_inet_tcp_mss_check, "I", + "Default TCP Maximum Segment Size"); #ifdef INET6 static int sysctl_net_inet_tcp_mss_v6_check(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET6(TD_TO_VNET(curthread)); + INIT_VNET_INET6(curvnet); int error, new; new = V_tcp_v6mssdflt; @@ -166,9 +167,10 @@ sysctl_net_inet_tcp_mss_v6_check(SYSCTL_ return (error); } -SYSCTL_PROC(_net_inet_tcp, TCPCTL_V6MSSDFLT, v6mssdflt, CTLTYPE_INT|CTLFLAG_RW, - &tcp_v6mssdflt, 0, &sysctl_net_inet_tcp_mss_v6_check, "I", - "Default TCP Maximum Segment Size for IPv6"); +SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_tcp, TCPCTL_V6MSSDFLT, v6mssdflt, + CTLTYPE_INT|CTLFLAG_RW, tcp_v6mssdflt, 0, + &sysctl_net_inet_tcp_mss_v6_check, "I", + "Default TCP Maximum Segment Size for IPv6"); #endif /* @@ -225,9 +227,9 @@ static int tcp_inflight_debug = 0; SYSCTL_INT(_net_inet_tcp_inflight, OID_AUTO, debug, CTLFLAG_RW, &tcp_inflight_debug, 0, "Debug TCP inflight calculations"); -SYSCTL_PROC(_net_inet_tcp_inflight, OID_AUTO, rttthresh, CTLTYPE_INT|CTLFLAG_RW, - &tcp_inflight_rttthresh, 0, sysctl_msec_to_ticks, "I", - "RTT threshold below which inflight will deactivate itself"); +SYSCTL_V_PROC(V_NET, vnet_inet, _net_inet_tcp_inflight, OID_AUTO, rttthresh, + CTLTYPE_INT|CTLFLAG_RW, tcp_inflight_rttthresh, 0, sysctl_msec_to_ticks, + "I", "RTT threshold below which inflight will deactivate itself"); SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp_inflight, OID_AUTO, min, CTLFLAG_RW, tcp_inflight_min, 0, "Lower-bound for TCP inflight window"); @@ -947,6 +949,9 @@ static struct inpcb * tcp_notify(struct inpcb *inp, int error) { struct tcpcb *tp; +#ifdef INVARIANTS + INIT_VNET_INET(inp->inp_vnet); /* V_tcbinfo WLOCK ASSERT */ +#endif INP_INFO_WLOCK_ASSERT(&V_tcbinfo); INP_WLOCK_ASSERT(inp); @@ -1940,6 +1945,7 @@ int tcp_signature_compute(struct mbuf *m, int _unused, int len, int optlen, u_char *buf, u_int direction) { + INIT_VNET_IPSEC(curvnet); union sockaddr_union dst; struct ippseudo ippseudo; MD5_CTX ctx; Modified: head/sys/netinet/tcp_syncache.c ============================================================================== --- head/sys/netinet/tcp_syncache.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet/tcp_syncache.c Wed Nov 26 22:32:07 2008 (r185348) @@ -105,12 +105,12 @@ static int tcp_syncookiesonly; int tcp_sc_rst_sock_fail; #endif -SYSCTL_INT(_net_inet_tcp, OID_AUTO, syncookies, CTLFLAG_RW, - &tcp_syncookies, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, syncookies, + CTLFLAG_RW, tcp_syncookies, 0, "Use TCP SYN cookies if the syncache overflows"); -SYSCTL_INT(_net_inet_tcp, OID_AUTO, syncookies_only, CTLFLAG_RW, - &tcp_syncookiesonly, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, syncookies_only, + CTLFLAG_RW, tcp_syncookiesonly, 0, "Use only TCP SYN cookies"); #ifdef TCP_OFFLOAD_DISABLE @@ -359,11 +359,13 @@ static void syncache_timer(void *xsch) { struct syncache_head *sch = (struct syncache_head *)xsch; - INIT_VNET_INET(sch->sch_vnet); struct syncache *sc, *nsc; int tick = ticks; char *s; + CURVNET_SET(sch->sch_vnet); + INIT_VNET_INET(sch->sch_vnet); + /* NB: syncache_head has already been locked by the callout. */ SCH_LOCK_ASSERT(sch); @@ -412,6 +414,7 @@ syncache_timer(void *xsch) if (!TAILQ_EMPTY(&(sch)->sch_bucket)) callout_reset(&(sch)->sch_timer, (sch)->sch_nextc - tick, syncache_timer, (void *)(sch)); + CURVNET_RESTORE(); } /* @@ -836,7 +839,7 @@ syncache_expand(struct in_conninfo *inc, * B. check that the syncookie is valid. If it is, then * cobble up a fake syncache entry, and return. */ - if (!tcp_syncookies) { + if (!V_tcp_syncookies) { SCH_UNLOCK(sch); if ((s = tcp_log_addrs(inc, th, NULL, NULL))) log(LOG_DEBUG, "%s; %s: Spurious ACK, " @@ -929,6 +932,7 @@ int tcp_offload_syncache_expand(struct in_conninfo *inc, struct tcpopt *to, struct tcphdr *th, struct socket **lsop, struct mbuf *m) { + INIT_VNET_INET(curvnet); int rc; INP_INFO_WLOCK(&V_tcbinfo); @@ -1097,7 +1101,7 @@ _syncache_add(struct in_conninfo *inc, s syncache_drop(sc, sch); sc = uma_zalloc(V_tcp_syncache.zone, M_NOWAIT | M_ZERO); if (sc == NULL) { - if (tcp_syncookies) { + if (V_tcp_syncookies) { bzero(&scs, sizeof(scs)); sc = &scs; } else { @@ -1206,7 +1210,7 @@ _syncache_add(struct in_conninfo *inc, s if ((th->th_flags & (TH_ECE|TH_CWR)) && V_tcp_do_ecn) sc->sc_flags |= SCF_ECN; - if (tcp_syncookies) { + if (V_tcp_syncookies) { syncookie_generate(sch, sc, &flowtmp); #ifdef INET6 if (autoflowlabel) @@ -1225,7 +1229,7 @@ _syncache_add(struct in_conninfo *inc, s * Do a standard 3-way handshake. */ if (TOEPCB_ISSET(sc) || syncache_respond(sc) == 0) { - if (tcp_syncookies && tcp_syncookiesonly && sc != &scs) + if (V_tcp_syncookies && V_tcp_syncookiesonly && sc != &scs) syncache_free(sc); else if (sc != &scs) syncache_insert(sc, sch); /* locks and unlocks sch */ Modified: head/sys/netinet/tcp_timewait.c ============================================================================== --- head/sys/netinet/tcp_timewait.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet/tcp_timewait.c Wed Nov 26 22:32:07 2008 (r185348) @@ -150,8 +150,8 @@ SYSCTL_PROC(_net_inet_tcp, OID_AUTO, max &maxtcptw, 0, sysctl_maxtcptw, "IU", "Maximum number of compressed TCP TIME_WAIT entries"); -SYSCTL_INT(_net_inet_tcp, OID_AUTO, nolocaltimewait, CTLFLAG_RW, - &nolocaltimewait, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_tcp, OID_AUTO, nolocaltimewait, + CTLFLAG_RW, nolocaltimewait, 0, "Do not create compressed TCP TIME_WAIT entries for local connections"); void Modified: head/sys/netinet/udp_usrreq.c ============================================================================== --- head/sys/netinet/udp_usrreq.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet/udp_usrreq.c Wed Nov 26 22:32:07 2008 (r185348) @@ -113,7 +113,8 @@ int udp_log_in_vain = 0; SYSCTL_INT(_net_inet_udp, OID_AUTO, log_in_vain, CTLFLAG_RW, &udp_log_in_vain, 0, "Log all incoming UDP packets"); -SYSCTL_INT(_net_inet_udp, OID_AUTO, blackhole, CTLFLAG_RW, &udp_blackhole, 0, +SYSCTL_V_INT(V_NET, vnet_inet, _net_inet_udp, OID_AUTO, blackhole, + CTLFLAG_RW, udp_blackhole, 0, "Do not send port unreachables for refused connects"); u_long udp_sendspace = 9216; /* really max datagram size */ Modified: head/sys/netinet/vinet.h ============================================================================== --- head/sys/netinet/vinet.h Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet/vinet.h Wed Nov 26 22:32:07 2008 (r185348) @@ -89,12 +89,16 @@ struct vnet_inet { struct tcpstat _tcpstat; /* tcp statistics */ struct tcp_hostcache _tcp_hostcache; struct callout _tcp_hc_callout; + struct tcp_syncache _tcp_syncache; + int _tcp_syncookies; + int _tcp_syncookiesonly; + int _tcp_sc_rst_sock_fail; + struct inpcbhead _divcb; struct inpcbinfo _divcbinfo; TAILQ_HEAD(, tcptw) _twq_2msl; - int _tcp_sc_rst_sock_fail; int _tcp_mssdflt; int _tcp_v6mssdflt; int _tcp_minmss; @@ -206,7 +210,6 @@ struct vnet_inet { #define V_arp_maxtries VNET_INET(arp_maxtries) #define V_arp_proxyall VNET_INET(arp_proxyall) #define V_arpt_keep VNET_INET(arpt_keep) -#define V_arpt_prune VNET_INET(arpt_prune) #define V_blackhole VNET_INET(blackhole) #define V_divcb VNET_INET(divcb) #define V_divcbinfo VNET_INET(divcbinfo) Modified: head/sys/netinet6/icmp6.c ============================================================================== --- head/sys/netinet6/icmp6.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet6/icmp6.c Wed Nov 26 22:32:07 2008 (r185348) @@ -108,12 +108,13 @@ __FBSDID("$FreeBSD$"); #endif extern struct domain inet6domain; + +#ifdef VIMAGE_GLOBALS extern struct inpcbinfo ripcbinfo; extern struct inpcbhead ripcb; extern int icmp6errppslim; extern int icmp6_nodeinfo; -#ifdef VIMAGE_GLOBALS struct icmp6stat icmp6stat; static int icmp6errpps_count; static struct timeval icmp6errppslim_last; Modified: head/sys/netinet6/in6_ifattach.c ============================================================================== --- head/sys/netinet6/in6_ifattach.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet6/in6_ifattach.c Wed Nov 26 22:32:07 2008 (r185348) @@ -65,10 +65,9 @@ __FBSDID("$FreeBSD$"); unsigned long in6_maxmtu; int ip6_auto_linklocal; struct callout in6_tmpaddrtimer_ch; -#endif - extern struct inpcbinfo udbinfo; extern struct inpcbinfo ripcbinfo; +#endif static int get_rand_ifid(struct ifnet *, struct in6_addr *); static int generate_tmp_ifid(u_int8_t *, const u_int8_t *, u_int8_t *); Modified: head/sys/netinet6/in6_proto.c ============================================================================== --- head/sys/netinet6/in6_proto.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet6/in6_proto.c Wed Nov 26 22:32:07 2008 (r185348) @@ -563,6 +563,6 @@ SYSCTL_V_INT(V_NET, vnet_inet6, _net_ine SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_DEBUG, nd6_debug, CTLFLAG_RW, nd6_debug, 0, ""); -SYSCTL_INT(_net_inet6_icmp6, ICMPV6CTL_ND6_ONLINKNSRFC4861, - nd6_onlink_ns_rfc4861, CTLFLAG_RW, &nd6_onlink_ns_rfc4861, 0, +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_icmp6, ICMPV6CTL_ND6_ONLINKNSRFC4861, + nd6_onlink_ns_rfc4861, CTLFLAG_RW, nd6_onlink_ns_rfc4861, 0, "Accept 'on-link' nd6 NS in compliance with RFC 4861."); Modified: head/sys/netinet6/in6_rmx.c ============================================================================== --- head/sys/netinet6/in6_rmx.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet6/in6_rmx.c Wed Nov 26 22:32:07 2008 (r185348) @@ -225,14 +225,14 @@ static int rtq_minreallyold6; static int rtq_toomany6; #endif -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_RTEXPIRE, rtexpire, - CTLFLAG_RW, &rtq_reallyold6 , 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_RTEXPIRE, + rtexpire, CTLFLAG_RW, rtq_reallyold6 , 0, ""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_RTMINEXPIRE, rtminexpire, - CTLFLAG_RW, &rtq_minreallyold6 , 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_RTMINEXPIRE, + rtminexpire, CTLFLAG_RW, rtq_minreallyold6 , 0, ""); -SYSCTL_INT(_net_inet6_ip6, IPV6CTL_RTMAXCACHE, rtmaxcache, - CTLFLAG_RW, &rtq_toomany6 , 0, ""); +SYSCTL_V_INT(V_NET, vnet_inet6, _net_inet6_ip6, IPV6CTL_RTMAXCACHE, + rtmaxcache, CTLFLAG_RW, rtq_toomany6 , 0, ""); /* Modified: head/sys/netinet6/in6_src.c ============================================================================== --- head/sys/netinet6/in6_src.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet6/in6_src.c Wed Nov 26 22:32:07 2008 (r185348) @@ -462,7 +462,6 @@ selectroute(struct sockaddr_in6 *dstsock struct ifnet **retifp, struct rtentry **retrt, int clone, int norouteok) { - INIT_VNET_NET(curvnet); INIT_VNET_INET6(curvnet); int error = 0; struct ifnet *ifp = NULL; Modified: head/sys/netinet6/nd6_nbr.c ============================================================================== --- head/sys/netinet6/nd6_nbr.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet6/nd6_nbr.c Wed Nov 26 22:32:07 2008 (r185348) @@ -153,7 +153,7 @@ nd6_ns_input(struct mbuf *m, int off, in "(wrong ip6 dst)\n")); goto bad; } - } else if (!nd6_onlink_ns_rfc4861) { + } else if (!V_nd6_onlink_ns_rfc4861) { struct sockaddr_in6 src_sa6; /* Modified: head/sys/netinet6/nd6_rtr.c ============================================================================== --- head/sys/netinet6/nd6_rtr.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet6/nd6_rtr.c Wed Nov 26 22:32:07 2008 (r185348) @@ -85,9 +85,9 @@ static void in6_init_address_ltimes __P( static int rt6_deleteroute(struct radix_node *, void *); +#ifdef VIMAGE_GLOBALS extern int nd6_recalc_reachtm_interval; -#ifdef VIMAGE_GLOBALS static struct ifnet *nd6_defifp; int nd6_defifindex; Modified: head/sys/netinet6/raw_ip6.c ============================================================================== --- head/sys/netinet6/raw_ip6.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netinet6/raw_ip6.c Wed Nov 26 22:32:07 2008 (r185348) @@ -112,15 +112,15 @@ __FBSDID("$FreeBSD$"); * Raw interface to IP6 protocol. */ +#ifdef VIMAGE_GLOBALS extern struct inpcbhead ripcb; extern struct inpcbinfo ripcbinfo; -extern u_long rip_sendspace; -extern u_long rip_recvspace; - -#ifdef VIMAGE_GLOBALS struct rip6stat rip6stat; #endif +extern u_long rip_sendspace; +extern u_long rip_recvspace; + /* * Hooks for multicast forwarding. */ @@ -765,7 +765,6 @@ static int rip6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, struct mbuf *control, struct thread *td) { - INIT_VNET_INET(so->so_vnet); struct inpcb *inp; struct sockaddr_in6 tmp; struct sockaddr_in6 *dst; Modified: head/sys/netipsec/ipsec.c ============================================================================== --- head/sys/netipsec/ipsec.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netipsec/ipsec.c Wed Nov 26 22:32:07 2008 (r185348) @@ -2009,7 +2009,7 @@ static void ipsec_attach(void) { SECPOLICY_LOCK_INIT(&V_ip4_def_policy); - ip4_def_policy.refcnt = 1; /* NB: disallow free */ + V_ip4_def_policy.refcnt = 1; /* NB: disallow free */ } SYSINIT(ipsec, SI_SUB_PROTO_DOMAIN, SI_ORDER_FIRST, ipsec_attach, NULL); Modified: head/sys/netipsec/key.c ============================================================================== --- head/sys/netipsec/key.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netipsec/key.c Wed Nov 26 22:32:07 2008 (r185348) @@ -189,11 +189,11 @@ static const u_int saorder_state_valid_p static const u_int saorder_state_valid_prefer_new[] = { SADB_SASTATE_MATURE, SADB_SASTATE_DYING, }; -static u_int saorder_state_alive[] = { +static const u_int saorder_state_alive[] = { /* except DEAD */ SADB_SASTATE_MATURE, SADB_SASTATE_DYING, SADB_SASTATE_LARVAL }; -static u_int saorder_state_any[] = { +static const u_int saorder_state_any[] = { SADB_SASTATE_MATURE, SADB_SASTATE_DYING, SADB_SASTATE_LARVAL, SADB_SASTATE_DEAD }; @@ -2699,9 +2699,9 @@ key_delsah(sah) /* searching all SA registerd in the secindex. */ for (stateidx = 0; - stateidx < _ARRAYLEN(V_saorder_state_any); + stateidx < _ARRAYLEN(saorder_state_any); stateidx++) { - u_int state = V_saorder_state_any[stateidx]; + u_int state = saorder_state_any[stateidx]; LIST_FOREACH_SAFE(sav, &sah->savtree[state], chain, nextsav) { if (sav->refcnt == 0) { /* sanity check */ @@ -2985,10 +2985,10 @@ key_getsavbyspi(sah, spi) SAHTREE_LOCK_ASSERT(); /* search all status */ for (stateidx = 0; - stateidx < _ARRAYLEN(V_saorder_state_alive); + stateidx < _ARRAYLEN(saorder_state_alive); stateidx++) { - state = V_saorder_state_alive[stateidx]; + state = saorder_state_alive[stateidx]; LIST_FOREACH(sav, &sah->savtree[state], chain) { /* sanity check */ @@ -4336,6 +4336,7 @@ key_timehandler(void) VNET_ITERATOR_DECL(vnet_iter); time_t now = time_second; + VNET_LIST_RLOCK(); VNET_FOREACH(vnet_iter) { CURVNET_SET(vnet_iter); key_flush_spd(now); @@ -4344,6 +4345,7 @@ key_timehandler(void) key_flush_spacq(now); CURVNET_RESTORE(); } + VNET_LIST_RUNLOCK(); #ifndef IPSEC_DEBUG2 /* do exchange to tick time !! */ @@ -5313,9 +5315,9 @@ key_delete_all(so, m, mhp, proto) /* Delete all non-LARVAL SAs. */ for (stateidx = 0; - stateidx < _ARRAYLEN(V_saorder_state_alive); + stateidx < _ARRAYLEN(saorder_state_alive); stateidx++) { - state = V_saorder_state_alive[stateidx]; + state = saorder_state_alive[stateidx]; if (state == SADB_SASTATE_LARVAL) continue; for (sav = LIST_FIRST(&sah->savtree[state]); @@ -6518,9 +6520,9 @@ key_flush(so, m, mhp) continue; for (stateidx = 0; - stateidx < _ARRAYLEN(V_saorder_state_alive); + stateidx < _ARRAYLEN(saorder_state_alive); stateidx++) { - state = V_saorder_state_any[stateidx]; + state = saorder_state_any[stateidx]; for (sav = LIST_FIRST(&sah->savtree[state]); sav != NULL; sav = nextsav) { @@ -6603,9 +6605,9 @@ key_dump(so, m, mhp) continue; for (stateidx = 0; - stateidx < _ARRAYLEN(V_saorder_state_any); + stateidx < _ARRAYLEN(saorder_state_any); stateidx++) { - state = V_saorder_state_any[stateidx]; + state = saorder_state_any[stateidx]; LIST_FOREACH(sav, &sah->savtree[state], chain) { cnt++; } @@ -6633,9 +6635,9 @@ key_dump(so, m, mhp) } for (stateidx = 0; - stateidx < _ARRAYLEN(V_saorder_state_any); + stateidx < _ARRAYLEN(saorder_state_any); stateidx++) { - state = V_saorder_state_any[stateidx]; + state = saorder_state_any[stateidx]; LIST_FOREACH(sav, &sah->savtree[state], chain) { n = key_setdumpsa(sav, SADB_DUMP, satype, --cnt, mhp->msg->sadb_msg_pid); Modified: head/sys/netipsec/keysock.c ============================================================================== --- head/sys/netipsec/keysock.c Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netipsec/keysock.c Wed Nov 26 22:32:07 2008 (r185348) @@ -76,7 +76,7 @@ static struct key_cb key_cb; struct pfkeystat pfkeystat; #endif -static struct sockaddr key_src = { 2, PF_KEY, }; +static struct sockaddr key_src = { 2, PF_KEY }; static int key_sendup0 __P((struct rawcb *, struct mbuf *, int)); @@ -166,7 +166,7 @@ key_sendup0(rp, m, promisc) V_pfkeystat.in_msgtype[pmsg->sadb_msg_type]++; } - if (!sbappendaddr(&rp->rcb_socket->so_rcv, (struct sockaddr *)&V_key_src, + if (!sbappendaddr(&rp->rcb_socket->so_rcv, (struct sockaddr *)&key_src, m, NULL)) { V_pfkeystat.in_nomem++; m_freem(m); Modified: head/sys/netipsec/vipsec.h ============================================================================== --- head/sys/netipsec/vipsec.h Wed Nov 26 21:44:57 2008 (r185347) +++ head/sys/netipsec/vipsec.h Wed Nov 26 22:32:07 2008 (r185348) @@ -81,8 +81,6 @@ struct vnet_ipsec { int _key_preferred_oldsa; u_int32_t _acq_seq; - u_int _saorder_state_alive[3]; - u_int _saorder_state_any[4]; int _esp_enable; struct espstat _espstat; int _esp_max_ivlen; @@ -98,7 +96,6 @@ struct vnet_ipsec { int _ip6_ah_trans_deflev; int _ip6_ah_net_deflev; int _ip6_ipsec_ecn; - int _ip6_esp_randpad; int _ah_enable; int _ah_cleartos; @@ -109,9 +106,6 @@ struct vnet_ipsec { struct pfkeystat _pfkeystat; struct key_cb _key_cb; - struct sockaddr _key_dst; - struct sockaddr _key_src; - LIST_HEAD(, secpolicy) _sptree[IPSEC_DIR_MAX]; LIST_HEAD(, secashead) _sahtree; LIST_HEAD(, secreg) _regtree[SADB_SATYPE_MAX + 1]; @@ -168,20 +162,16 @@ struct vnet_ipsec { #define V_key_blockacq_lifetime VNET_IPSEC(key_blockacq_lifetime) #define V_key_cb VNET_IPSEC(key_cb) #define V_key_debug_level VNET_IPSEC(key_debug_level) -#define V_key_dst VNET_IPSEC(key_dst) #define V_key_int_random VNET_IPSEC(key_int_random) #define V_key_larval_lifetime VNET_IPSEC(key_larval_lifetime) #define V_key_preferred_oldsa VNET_IPSEC(key_preferred_oldsa) #define V_key_spi_maxval VNET_IPSEC(key_spi_maxval) #define V_key_spi_minval VNET_IPSEC(key_spi_minval) #define V_key_spi_trycnt VNET_IPSEC(key_spi_trycnt) -#define V_key_src VNET_IPSEC(key_src) #define V_pfkeystat VNET_IPSEC(pfkeystat) #define V_policy_id VNET_IPSEC(policy_id) #define V_regtree VNET_IPSEC(regtree) #define V_sahtree VNET_IPSEC(sahtree) -#define V_saorder_state_alive VNET_IPSEC(saorder_state_alive) -#define V_saorder_state_any VNET_IPSEC(saorder_state_any) #define V_spacqtree VNET_IPSEC(spacqtree) #define V_sptree VNET_IPSEC(sptree)