From b2e71f0b62be8515b77fbaaca09ab9c2fa104241 Mon Sep 17 00:00:00 2001 From: Alexandr Nedvedicky Date: Thu, 21 Apr 2022 15:22:51 +0000 Subject: Introduce a dedicated link entries for snapshots in pfsync(4). The purpose of snapshots is to allow pfsync(4) to move items from global lists to local lists (a.k.a. snapshots) under a mutex protection. Snapshots are then processed without holding any mutexes. Such idea does not fly well if link entry is currently used for global lists as well as snapshots. Feedback by bluhm@ Credits also goes to hrvoje@ for extensive testing. OK bluhm@ --- sys/netinet/ip_ipsp.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'sys/netinet/ip_ipsp.h') diff --git a/sys/netinet/ip_ipsp.h b/sys/netinet/ip_ipsp.h index c697994047b..7004a40a579 100644 --- a/sys/netinet/ip_ipsp.h +++ b/sys/netinet/ip_ipsp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ip_ipsp.h,v 1.237 2022/03/13 21:38:32 bluhm Exp $ */ +/* $OpenBSD: ip_ipsp.h,v 1.238 2022/04/21 15:22:50 sashan Exp $ */ /* * The authors of this code are John Ioannidis (ji@tla.org), * Angelos D. Keromytis (kermit@csd.uch.gr), @@ -355,6 +355,7 @@ struct tdb { /* tunnel descriptor block */ #define TDBF_PFSYNC 0x40000 /* TDB will be synced */ #define TDBF_PFSYNC_RPL 0x80000 /* Replay counter should be bumped */ #define TDBF_ESN 0x100000 /* 64-bit sequence numbers (ESN) */ +#define TDBF_PFSYNC_SNAPPED 0x200000 /* entry is being dispatched to peer */ #define TDBF_BITS ("\20" \ "\1UNIQUE\2TIMER\3BYTES\4ALLOCATIONS" \ @@ -439,6 +440,7 @@ struct tdb { /* tunnel descriptor block */ TAILQ_HEAD(tdb_policy_head, ipsec_policy) tdb_policy_head; /* [p] */ TAILQ_ENTRY(tdb) tdb_sync_entry; + TAILQ_ENTRY(tdb) tdb_sync_snap; }; enum tdb_counters { -- cgit v1.2.3