o Fix panic on module unload, that happened due to mutex being

  destroyed prior to pfsync_uninit(). To do this, move all the
  initialization to the module_t method, instead of SYSINIT(9).
o Fix another panic after module unload, due to not clearing the
  m_addr_chg_pf_p pointer.
o Refuse to unload module, unless being unloaded forcibly.
o Revert the sub argument to MODULE_DECLARE, to the stable/8 value.

This change probably isn't correct from viewpoint of VIMAGE, but
the module wasn't VIMAGE-correct before the change, as well.

Glanced at by:	bz

1 files changed, 27 insertions, 52 deletions

diff --git a/sys/contrib/pf/net/pf_ioctl.c b/sys/contrib/pf/net/pf_ioctl.c
index d5a9b92..a0f6575 100644
--- a/sys/contrib/pf/net/pf_ioctl.c
+++ b/sys/contrib/pf/net/pf_ioctl.c
@@ -4328,57 +4328,25 @@ dehook_pf(void)
 	return (0);
 }
 
-/* Vnet accessors */
-static int
-vnet_pf_init(const void *unused) 
-{
-
-	V_pf_pfil_hooked = 0;
-	V_pf_end_threads = 0;
-
-	V_debug_pfugidhack = 0;
-
-	TAILQ_INIT(&V_pf_tags);
-	TAILQ_INIT(&V_pf_qids);
-
-	pf_load();
-
-	return (0);
-}
-
-static int
-vnet_pf_uninit(const void *unused)
-{
-
-	pf_unload();
-
-	return (0);
-}
-
-/* Define startup order. */
-#define	PF_SYSINIT_ORDER	SI_SUB_PROTO_BEGIN
-#define	PF_MODEVENT_ORDER	(SI_ORDER_FIRST) /* On boot slot in here. */
-#define	PF_VNET_ORDER		(PF_MODEVENT_ORDER + 2) /* Later still. */
-
-/*
- * Starting up.
- * VNET_SYSINIT is called for each existing vnet and each new vnet.
- */
-VNET_SYSINIT(vnet_pf_init, PF_SYSINIT_ORDER, PF_VNET_ORDER,
-    vnet_pf_init, NULL);
-
-/*
- * Closing up shop. These are done in REVERSE ORDER,
- * Not called on reboot.
- * VNET_SYSUNINIT is called for each exiting vnet as it exits.
- */
-VNET_SYSUNINIT(vnet_pf_uninit, PF_SYSINIT_ORDER, PF_VNET_ORDER,
-    vnet_pf_uninit, NULL);
-
 static int
 pf_load(void)
 {
+	VNET_ITERATOR_DECL(vnet_iter);
+
+	VNET_LIST_RLOCK();
+	VNET_FOREACH(vnet_iter) {
+		CURVNET_SET(vnet_iter);
+		V_pf_pfil_hooked = 0;
+		V_pf_end_threads = 0;
+		V_debug_pfugidhack = 0;
+		TAILQ_INIT(&V_pf_tags);
+		TAILQ_INIT(&V_pf_qids);
+		CURVNET_RESTORE();
+	}
+	VNET_LIST_RUNLOCK();
 
+	init_pf_mutex();
+	pf_dev = make_dev(&pf_cdevsw, 0, 0, 0, 0600, PF_NAME);
 	init_zone_var();
 	sx_init(&V_pf_consistency_lock, "pf_statetbl_lock");
 	if (pfattach() < 0)
@@ -4395,6 +4363,7 @@ pf_unload(void)
 	PF_LOCK();
 	V_pf_status.running = 0;
 	PF_UNLOCK();
+	m_addr_chg_pf_p = NULL;
 	error = dehook_pf();
 	if (error) {
 		/*
@@ -4417,6 +4386,8 @@ pf_unload(void)
 	pf_osfp_cleanup();
 	cleanup_pf_zone();
 	PF_UNLOCK();
+	destroy_dev(pf_dev);
+	destroy_pf_mutex();
 	sx_destroy(&V_pf_consistency_lock);
 	return error;
 }
@@ -4428,12 +4399,16 @@ pf_modevent(module_t mod, int type, void *data)
 
 	switch(type) {
 	case MOD_LOAD:
-		init_pf_mutex();
-		pf_dev = make_dev(&pf_cdevsw, 0, 0, 0, 0600, PF_NAME);
+		error = pf_load();
+		break;
+	case MOD_QUIESCE:
+		/*
+		 * Module should not be unloaded due to race conditions.
+		 */
+		error = EPERM;
 		break;
 	case MOD_UNLOAD:
-		destroy_dev(pf_dev);
-		destroy_pf_mutex();
+		error = pf_unload();
 		break;
 	default:
 		error = EINVAL;
@@ -4448,6 +4423,6 @@ static moduledata_t pf_mod = {
 	0
 };
 
-DECLARE_MODULE(pf, pf_mod, SI_SUB_PSEUDO, SI_ORDER_FIRST);
+DECLARE_MODULE(pf, pf_mod, SI_SUB_PROTO_IFATTACHDOMAIN, SI_ORDER_FIRST);
 MODULE_VERSION(pf, PF_MODVER);
 #endif /* __FreeBSD__ */