diff options
| author | zec <zec@FreeBSD.org> | 2008-11-19 09:39:34 +0000 |
|---|---|---|
| committer | zec <zec@FreeBSD.org> | 2008-11-19 09:39:34 +0000 |
| commit | 815d52c5df6a76286604478e5223d2f2c87b2c04 (patch) | |
| tree | 3d398563f1e14b804a0558dd3dda1de9a42b9970 /sys/netinet/in_pcb.c | |
| parent | 881f5acc93790d49318ffde65d52c6f45ca9c1f8 (diff) | |
| download | FreeBSD-src-815d52c5df6a76286604478e5223d2f2c87b2c04.zip FreeBSD-src-815d52c5df6a76286604478e5223d2f2c87b2c04.tar.gz | |
Change the initialization methodology for global variables scheduled
for virtualization.
Instead of initializing the affected global variables at instatiation,
assign initial values to them in initializer functions. As a rule,
initialization at instatiation for such variables should never be
introduced again from now on. Furthermore, enclose all instantiations
of such global variables in #ifdef VIMAGE_GLOBALS blocks.
Essentialy, this change should have zero functional impact. In the next
phase of merging network stack virtualization infrastructure from
p4/vimage branch, the new initialization methology will allow us to
switch between using global variables and their counterparts residing in
virtualization containers with minimum code churn, and in the long run
allow us to intialize multiple instances of such container structures.
Discussed at: devsummit Strassburg
Reviewed by: bz, julian
Approved by: julian (mentor)
Obtained from: //depot/projects/vimage-commit2/...
X-MFC after: never
Sponsored by: NLnet Foundation, The FreeBSD Foundation
Diffstat (limited to 'sys/netinet/in_pcb.c')
| -rw-r--r-- | sys/netinet/in_pcb.c | 26 |
1 files changed, 14 insertions, 12 deletions
diff --git a/sys/netinet/in_pcb.c b/sys/netinet/in_pcb.c index 7732133..8611bee 100644 --- a/sys/netinet/in_pcb.c +++ b/sys/netinet/in_pcb.c @@ -84,32 +84,34 @@ __FBSDID("$FreeBSD$"); #include <security/mac/mac_framework.h> +#ifdef VIMAGE_GLOBALS /* * These configure the range of local port addresses assigned to * "unspecified" outgoing connections/packets/whatever. */ -int ipport_lowfirstauto = IPPORT_RESERVED - 1; /* 1023 */ -int ipport_lowlastauto = IPPORT_RESERVEDSTART; /* 600 */ -int ipport_firstauto = IPPORT_EPHEMERALFIRST; /* 10000 */ -int ipport_lastauto = IPPORT_EPHEMERALLAST; /* 65535 */ -int ipport_hifirstauto = IPPORT_HIFIRSTAUTO; /* 49152 */ -int ipport_hilastauto = IPPORT_HILASTAUTO; /* 65535 */ +int ipport_lowfirstauto; +int ipport_lowlastauto; +int ipport_firstauto; +int ipport_lastauto; +int ipport_hifirstauto; +int ipport_hilastauto; /* * Reserved ports accessible only to root. There are significant * security considerations that must be accounted for when changing these, * but the security benefits can be great. Please be careful. */ -int ipport_reservedhigh = IPPORT_RESERVED - 1; /* 1023 */ -int ipport_reservedlow = 0; +int ipport_reservedhigh; +int ipport_reservedlow; /* Variables dealing with random ephemeral port allocation. */ -int ipport_randomized = 1; /* user controlled via sysctl */ -int ipport_randomcps = 10; /* user controlled via sysctl */ -int ipport_randomtime = 45; /* user controlled via sysctl */ -int ipport_stoprandom = 0; /* toggled by ipport_tick */ +int ipport_randomized; +int ipport_randomcps; +int ipport_randomtime; +int ipport_stoprandom; int ipport_tcpallocs; int ipport_tcplastcount; +#endif #define RANGECHK(var, min, max) \ if ((var) < (min)) { (var) = (min); } \ |
