From fac944a70a00eab9c2ba2b2e96df710bcfc78593 Mon Sep 17 00:00:00 2001 From: bz Date: Wed, 1 Jun 2016 10:14:04 +0000 Subject: [PATCH] The pr_destroy field does not allow us to run the teardown code in a specific order. VNET_SYSUNINITs however are doing exactly that. Thus remove the VIMAGE conditional field from the domain(9) protosw structure and replace it with VNET_SYSUNINITs. This also allows us to change some order and to make the teardown functions file local static. Also convert divert(4) as it uses the same mechanism ip(4) and ip6(4) use internally. Slightly reshuffle the SI_SUB_* fields in kernel.h and add a new ones, e.g., for pfil consumers (firewalls), partially for this commit and for others to come. Reviewed by: gnn, tuexen (sctp), jhb (kernel.h) Obtained from: projects/vnet MFC after: 2 weeks X-MFC: do not remove pr_destroy Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D6652 --- share/man/man9/domain.9 | 3 +-- sys/kern/uipc_domain.c | 4 ---- sys/netinet/in_proto.c | 18 ------------------ sys/netinet/ip_divert.c | 18 +++++++----------- sys/netinet/ip_input.c | 6 ++++-- sys/netinet/ip_var.h | 6 ------ sys/netinet/raw_ip.c | 5 +++-- sys/netinet/sctp_usrreq.c | 9 +++++---- sys/netinet/sctp_var.h | 1 - sys/netinet/tcp_subr.c | 5 +++-- sys/netinet/tcp_var.h | 3 --- sys/netinet/udp_usrreq.c | 11 +++++++---- sys/netinet/udp_var.h | 4 ---- sys/netinet6/in6_proto.c | 3 --- sys/netinet6/ip6_input.c | 6 ++++-- sys/netinet6/ip6_var.h | 3 --- sys/sys/kernel.h | 5 ++++- sys/sys/protosw.h | 2 -- 18 files changed, 38 insertions(+), 74 deletions(-) diff --git a/share/man/man9/domain.9 b/share/man/man9/domain.9 index 464274bff994..e205b3807e7d 100644 --- a/share/man/man9/domain.9 +++ b/share/man/man9/domain.9 @@ -26,7 +26,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 6, 2014 +.Dd June 1, 2016 .Dt DOMAIN 9 .Os .Sh NAME @@ -105,7 +105,6 @@ struct protosw { pr_ctloutput_t *pr_ctloutput; /* control output (from above) */ /* utility hooks */ pr_init_t *pr_init; - pr_destroy_t *pr_destroy; pr_fasttimo_t *pr_fasttimo; /* fast timeout (200ms) */ pr_slowtimo_t *pr_slowtimo; /* slow timeout (500ms) */ pr_drain_t *pr_drain; /* flush any excess space possible */ diff --git a/sys/kern/uipc_domain.c b/sys/kern/uipc_domain.c index 211cfa114944..a80b974c1aaf 100644 --- a/sys/kern/uipc_domain.c +++ b/sys/kern/uipc_domain.c @@ -196,11 +196,7 @@ void vnet_domain_uninit(void *arg) { struct domain *dp = arg; - struct protosw *pr; - for (pr = dp->dom_protosw; pr < dp->dom_protoswNPROTOSW; pr++) - if (pr->pr_destroy) - (*pr->pr_destroy)(); if (dp->dom_destroy) (*dp->dom_destroy)(); } diff --git a/sys/netinet/in_proto.c b/sys/netinet/in_proto.c index f7ef48092ee3..7403ec08ba5b 100644 --- a/sys/netinet/in_proto.c +++ b/sys/netinet/in_proto.c @@ -119,9 +119,6 @@ struct protosw inetsw[] = { .pr_domain = &inetdomain, .pr_protocol = IPPROTO_IP, .pr_init = ip_init, -#ifdef VIMAGE - .pr_destroy = ip_destroy, -#endif .pr_slowtimo = ip_slowtimo, .pr_drain = ip_drain, .pr_usrreqs = &nousrreqs @@ -135,9 +132,6 @@ struct protosw inetsw[] = { .pr_ctlinput = udp_ctlinput, .pr_ctloutput = udp_ctloutput, .pr_init = udp_init, -#ifdef VIMAGE - .pr_destroy = udp_destroy, -#endif .pr_usrreqs = &udp_usrreqs }, { @@ -149,9 +143,6 @@ struct protosw inetsw[] = { .pr_ctlinput = tcp_ctlinput, .pr_ctloutput = tcp_ctloutput, .pr_init = tcp_init, -#ifdef VIMAGE - .pr_destroy = tcp_destroy, -#endif .pr_slowtimo = tcp_slowtimo, .pr_drain = tcp_drain, .pr_usrreqs = &tcp_usrreqs @@ -166,9 +157,6 @@ struct protosw inetsw[] = { .pr_ctlinput = sctp_ctlinput, .pr_ctloutput = sctp_ctloutput, .pr_init = sctp_init, -#ifdef VIMAGE - .pr_destroy = sctp_finish, -#endif .pr_drain = sctp_drain, .pr_usrreqs = &sctp_usrreqs }, @@ -193,9 +181,6 @@ struct protosw inetsw[] = { .pr_ctlinput = udplite_ctlinput, .pr_ctloutput = udp_ctloutput, .pr_init = udplite_init, -#ifdef VIMAGE - .pr_destroy = udplite_destroy, -#endif .pr_usrreqs = &udp_usrreqs }, { @@ -343,9 +328,6 @@ IPPROTOSPACER, .pr_input = rip_input, .pr_ctloutput = rip_ctloutput, .pr_init = rip_init, -#ifdef VIMAGE - .pr_destroy = rip_destroy, -#endif .pr_usrreqs = &rip_usrreqs }, }; diff --git a/sys/netinet/ip_divert.c b/sys/netinet/ip_divert.c index a17d6d9c02af..4d4572ffc6b4 100644 --- a/sys/netinet/ip_divert.c +++ b/sys/netinet/ip_divert.c @@ -162,11 +162,13 @@ div_init(void) } static void -div_destroy(void) +div_destroy(void *unused __unused) { in_pcbinfo_destroy(&V_divcbinfo); } +VNET_SYSUNINIT(divert, SI_SUB_PROTO_DOMAININIT, SI_ORDER_ANY, + div_destroy, NULL); /* * IPPROTO_DIVERT is not in the real IP protocol number space; this @@ -755,9 +757,6 @@ struct protosw div_protosw = { .pr_ctlinput = div_ctlinput, .pr_ctloutput = ip_ctloutput, .pr_init = div_init, -#ifdef VIMAGE - .pr_destroy = div_destroy, -#endif .pr_usrreqs = &div_usrreqs }; @@ -789,10 +788,6 @@ div_modevent(module_t mod, int type, void *unused) err = EPERM; break; case MOD_UNLOAD: -#ifdef VIMAGE - err = EPERM; - break; -#else /* * Forced unload. * @@ -813,10 +808,11 @@ div_modevent(module_t mod, int type, void *unused) ip_divert_ptr = NULL; err = pf_proto_unregister(PF_INET, IPPROTO_DIVERT, SOCK_RAW); INP_INFO_WUNLOCK(&V_divcbinfo); - div_destroy(); +#ifndef VIMAGE + div_destroy(NULL); +#endif EVENTHANDLER_DEREGISTER(maxsockets_change, ip_divert_event_tag); break; -#endif /* !VIMAGE */ default: err = EOPNOTSUPP; break; @@ -830,6 +826,6 @@ static moduledata_t ipdivertmod = { 0 }; -DECLARE_MODULE(ipdivert, ipdivertmod, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_ANY); +DECLARE_MODULE(ipdivert, ipdivertmod, SI_SUB_PROTO_FIREWALL, SI_ORDER_ANY); MODULE_DEPEND(ipdivert, ipfw, 3, 3, 3); MODULE_VERSION(ipdivert, 1); diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c index 773d7aeb807a..9afb8d66b381 100644 --- a/sys/netinet/ip_input.c +++ b/sys/netinet/ip_input.c @@ -361,8 +361,8 @@ ip_init(void) } #ifdef VIMAGE -void -ip_destroy(void) +static void +ip_destroy(void *unused __unused) { int error; @@ -388,6 +388,8 @@ ip_destroy(void) /* Destroy IP reassembly queue. */ ipreass_destroy(); } + +VNET_SYSUNINIT(ip, SI_SUB_PROTO_DOMAIN, SI_ORDER_THIRD, ip_destroy, NULL); #endif #ifdef RSS diff --git a/sys/netinet/ip_var.h b/sys/netinet/ip_var.h index f4ad4ffe0dd5..847704fd1d7f 100644 --- a/sys/netinet/ip_var.h +++ b/sys/netinet/ip_var.h @@ -209,9 +209,6 @@ int ip_fragment(struct ip *ip, struct mbuf **m_frag, int mtu, u_long if_hwassist_flags); void ip_forward(struct mbuf *m, int srcrt); void ip_init(void); -#ifdef VIMAGE -void ip_destroy(void); -#endif extern int (*ip_mforward)(struct ip *, struct ifnet *, struct mbuf *, struct ip_moptions *); @@ -229,9 +226,6 @@ void ip_fillid(struct ip *); int rip_ctloutput(struct socket *, struct sockopt *); void rip_ctlinput(int, struct sockaddr *, void *); void rip_init(void); -#ifdef VIMAGE -void rip_destroy(void); -#endif int rip_input(struct mbuf **, int *, int); int rip_output(struct mbuf *, struct socket *, ...); int ipip_input(struct mbuf **, int *, int); diff --git a/sys/netinet/raw_ip.c b/sys/netinet/raw_ip.c index 59540a50c361..6d409547029b 100644 --- a/sys/netinet/raw_ip.c +++ b/sys/netinet/raw_ip.c @@ -218,12 +218,13 @@ rip_init(void) } #ifdef VIMAGE -void -rip_destroy(void) +static void +rip_destroy(void *unused __unused) { in_pcbinfo_destroy(&V_ripcbinfo); } +VNET_SYSUNINIT(raw_ip, SI_SUB_PROTO_DOMAIN, SI_ORDER_FOURTH, rip_destroy, NULL); #endif #ifdef INET diff --git a/sys/netinet/sctp_usrreq.c b/sys/netinet/sctp_usrreq.c index 7b65d5337e4e..6e5cbe332831 100644 --- a/sys/netinet/sctp_usrreq.c +++ b/sys/netinet/sctp_usrreq.c @@ -89,13 +89,14 @@ sctp_init(void) #endif } -void -sctp_finish(void) +#ifdef VIMAGE +static void +sctp_finish(void *unused __unused) { sctp_pcb_finish(); } - - +VNET_SYSUNINIT(sctp, SI_SUB_PROTO_DOMAIN, SI_ORDER_FOURTH, sctp_finish, NULL); +#endif void sctp_pathmtu_adjustment(struct sctp_tcb *stcb, uint16_t nxtsz) diff --git a/sys/netinet/sctp_var.h b/sys/netinet/sctp_var.h index 8b4f7db88ddc..a4d2b99867a9 100644 --- a/sys/netinet/sctp_var.h +++ b/sys/netinet/sctp_var.h @@ -344,7 +344,6 @@ void sctp_init(void); void sctp_notify(struct sctp_inpcb *, struct sctp_tcb *, struct sctp_nets *, uint8_t, uint8_t, uint16_t, uint16_t); -void sctp_finish(void); int sctp_flush(struct socket *, int); int sctp_shutdown(struct socket *); int diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c index 75dd3d704a27..7863f1c5f0aa 100644 --- a/sys/netinet/tcp_subr.c +++ b/sys/netinet/tcp_subr.c @@ -728,8 +728,8 @@ tcp_init(void) } #ifdef VIMAGE -void -tcp_destroy(void) +static void +tcp_destroy(void *unused __unused) { int error; @@ -772,6 +772,7 @@ tcp_destroy(void) HHOOK_TYPE_TCP, HHOOK_TCP_EST_OUT, error); } } +VNET_SYSUNINIT(tcp, SI_SUB_PROTO_DOMAIN, SI_ORDER_FOURTH, tcp_destroy, NULL); #endif void diff --git a/sys/netinet/tcp_var.h b/sys/netinet/tcp_var.h index 2bbd5e348108..abfa21ab216f 100644 --- a/sys/netinet/tcp_var.h +++ b/sys/netinet/tcp_var.h @@ -755,9 +755,6 @@ struct tcpcb * tcp_drop(struct tcpcb *, int); void tcp_drain(void); void tcp_init(void); -#ifdef VIMAGE -void tcp_destroy(void); -#endif void tcp_fini(void *); char *tcp_log_addrs(struct in_conninfo *, struct tcphdr *, void *, const void *); diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index 503f059a3873..a1d9a433e8ee 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -269,20 +269,23 @@ udp_discardcb(struct udpcb *up) } #ifdef VIMAGE -void -udp_destroy(void) +static void +udp_destroy(void *unused __unused) { in_pcbinfo_destroy(&V_udbinfo); uma_zdestroy(V_udpcb_zone); } +VNET_SYSUNINIT(udp, SI_SUB_PROTO_DOMAIN, SI_ORDER_FOURTH, udp_destroy, NULL); -void -udplite_destroy(void) +static void +udplite_destroy(void *unused __unused) { in_pcbinfo_destroy(&V_ulitecbinfo); } +VNET_SYSUNINIT(udplite, SI_SUB_PROTO_DOMAIN, SI_ORDER_FOURTH, udplite_destroy, + NULL); #endif #ifdef INET diff --git a/sys/netinet/udp_var.h b/sys/netinet/udp_var.h index 6d19deea103e..9564da291a3d 100644 --- a/sys/netinet/udp_var.h +++ b/sys/netinet/udp_var.h @@ -171,10 +171,6 @@ void udplite_ctlinput(int, struct sockaddr *, void *); int udp_ctloutput(struct socket *, struct sockopt *); void udp_init(void); void udplite_init(void); -#ifdef VIMAGE -void udp_destroy(void); -void udplite_destroy(void); -#endif int udp_input(struct mbuf **, int *, int); void udplite_input(struct mbuf *, int); struct inpcb *udp_notify(struct inpcb *inp, int errno); diff --git a/sys/netinet6/in6_proto.c b/sys/netinet6/in6_proto.c index 4ab14dd23367..cfb762887bf6 100644 --- a/sys/netinet6/in6_proto.c +++ b/sys/netinet6/in6_proto.c @@ -153,9 +153,6 @@ struct protosw inet6sw[] = { .pr_domain = &inet6domain, .pr_protocol = IPPROTO_IPV6, .pr_init = ip6_init, -#ifdef VIMAGE - .pr_destroy = ip6_destroy, -#endif .pr_slowtimo = frag6_slowtimo, .pr_drain = frag6_drain, .pr_usrreqs = &nousrreqs, diff --git a/sys/netinet6/ip6_input.c b/sys/netinet6/ip6_input.c index 6b49b26de9aa..d7fc9eeaf33a 100644 --- a/sys/netinet6/ip6_input.c +++ b/sys/netinet6/ip6_input.c @@ -305,8 +305,8 @@ ip6proto_unregister(short ip6proto) } #ifdef VIMAGE -void -ip6_destroy() +static void +ip6_destroy(void *unused __unused) { int error; @@ -329,6 +329,8 @@ ip6_destroy() nd6_destroy(); in6_ifattach_destroy(); } + +VNET_SYSUNINIT(inet6, SI_SUB_PROTO_DOMAIN, SI_ORDER_THIRD, ip6_destroy, NULL); #endif static int diff --git a/sys/netinet6/ip6_var.h b/sys/netinet6/ip6_var.h index 8a45f5576d43..e52a32068560 100644 --- a/sys/netinet6/ip6_var.h +++ b/sys/netinet6/ip6_var.h @@ -354,9 +354,6 @@ int icmp6_ctloutput(struct socket *, struct sockopt *sopt); struct in6_ifaddr; void ip6_init(void); -#ifdef VIMAGE -void ip6_destroy(void); -#endif int ip6proto_register(short); int ip6proto_unregister(short); diff --git a/sys/sys/kernel.h b/sys/sys/kernel.h index c6dd8481a72a..d3e2151b4d4d 100644 --- a/sys/sys/kernel.h +++ b/sys/sys/kernel.h @@ -139,10 +139,13 @@ enum sysinit_sub_id { SI_SUB_PSEUDO = 0x7000000, /* pseudo devices*/ SI_SUB_EXEC = 0x7400000, /* execve() handlers */ SI_SUB_PROTO_BEGIN = 0x8000000, /* VNET initialization */ + SI_SUB_PROTO_PFIL = 0x8100000, /* Initialize pfil before FWs */ SI_SUB_PROTO_IF = 0x8400000, /* interfaces*/ SI_SUB_PROTO_DOMAININIT = 0x8600000, /* domain registration system */ + SI_SUB_PROTO_MC = 0x8700000, /* Multicast */ SI_SUB_PROTO_DOMAIN = 0x8800000, /* domains (address families?)*/ - SI_SUB_PROTO_IFATTACHDOMAIN = 0x8800001, /* domain dependent data init*/ + SI_SUB_PROTO_FIREWALL = 0x8806000, /* Firewalls */ + SI_SUB_PROTO_IFATTACHDOMAIN = 0x8808000,/* domain dependent data init */ SI_SUB_PROTO_END = 0x8ffffff, /* VNET helper functions */ SI_SUB_KPROF = 0x9000000, /* kernel profiling*/ SI_SUB_KICK_SCHEDULER = 0xa000000, /* start the timeout events*/ diff --git a/sys/sys/protosw.h b/sys/sys/protosw.h index 2a44d80e777a..896ec253243a 100644 --- a/sys/sys/protosw.h +++ b/sys/sys/protosw.h @@ -70,7 +70,6 @@ typedef int pr_output_t (struct mbuf *, struct socket *, ...); typedef void pr_ctlinput_t (int, struct sockaddr *, void *); typedef int pr_ctloutput_t (struct socket *, struct sockopt *); typedef void pr_init_t (void); -typedef void pr_destroy_t (void); typedef void pr_fasttimo_t (void); typedef void pr_slowtimo_t (void); typedef void pr_drain_t (void); @@ -87,7 +86,6 @@ struct protosw { pr_ctloutput_t *pr_ctloutput; /* control output (from above) */ /* utility hooks */ pr_init_t *pr_init; - pr_destroy_t *pr_destroy; pr_fasttimo_t *pr_fasttimo; /* fast timeout (200ms) */ pr_slowtimo_t *pr_slowtimo; /* slow timeout (500ms) */ pr_drain_t *pr_drain; /* flush any excess space possible */