diff options
| author | zec <zec@FreeBSD.org> | 2009-06-08 17:15:40 +0000 |
|---|---|---|
| committer | zec <zec@FreeBSD.org> | 2009-06-08 17:15:40 +0000 |
| commit | 8b1f38241aaf07621c062901b7946145be2862b6 (patch) | |
| tree | 7c00057a3f90cc6cfd121e2a6594d254fc72cba3 /sys/netipsec/ipsec.c | |
| parent | 76b38c556af92b00895865a09a6f444150b8a8d8 (diff) | |
| download | FreeBSD-src-8b1f38241aaf07621c062901b7946145be2862b6.zip FreeBSD-src-8b1f38241aaf07621c062901b7946145be2862b6.tar.gz | |
Introduce an infrastructure for dismantling vnet instances.
Vnet modules and protocol domains may now register destructor
functions to clean up and release per-module state. The destructor
mechanisms can be triggered by invoking "vimage -d", or a future
equivalent command which will be provided via the new jail framework.
While this patch introduces numerous placeholder destructor functions,
many of those are currently incomplete, thus leaking memory or (even
worse) failing to stop all running timers. Many of such issues are
already known and will be incrementaly fixed over the next weeks in
smaller incremental commits.
Apart from introducing new fields in structs ifnet, domain, protosw
and vnet_net, which requires the kernel and modules to be rebuilt, this
change should have no impact on nooptions VIMAGE builds, since vnet
destructors can only be called in VIMAGE kernels. Moreover,
destructor functions should be in general compiled in only in
options VIMAGE builds, except for kernel modules which can be safely
kldunloaded at run time.
Bump __FreeBSD_version to 800097.
Reviewed by: bz, julian
Approved by: rwatson, kib (re), julian (mentor)
Diffstat (limited to 'sys/netipsec/ipsec.c')
| -rw-r--r-- | sys/netipsec/ipsec.c | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/sys/netipsec/ipsec.c b/sys/netipsec/ipsec.c index 6c42e32..4eef064 100644 --- a/sys/netipsec/ipsec.c +++ b/sys/netipsec/ipsec.c @@ -104,6 +104,9 @@ struct vnet_ipsec vnet_ipsec_0; #endif static int ipsec_iattach(const void *); +#ifdef VIMAGE +static int ipsec_idetach(const void *); +#endif #ifdef VIMAGE_GLOBALS /* NB: name changed so netstat doesn't use it. */ @@ -256,7 +259,10 @@ static const vnet_modinfo_t vnet_ipsec_modinfo = { .vmi_name = "ipsec", .vmi_size = sizeof(struct vnet_ipsec), .vmi_dependson = VNET_MOD_INET, /* XXX revisit - INET6 ? */ - .vmi_iattach = ipsec_iattach + .vmi_iattach = ipsec_iattach, +#ifdef VIMAGE + .vmi_idetach = ipsec_idetach +#endif }; #endif /* !VIMAGE_GLOBALS */ @@ -1791,7 +1797,6 @@ ipsec_attach(void) #else ipsec_iattach(NULL); #endif - } static int @@ -1804,6 +1809,17 @@ ipsec_iattach(const void *unused __unused) return (0); } + +#ifdef VIMAGE +static int +ipsec_idetach(const void *unused __unused) +{ + + /* XXX revisit this! */ + + return (0); +} +#endif SYSINIT(ipsec, SI_SUB_PROTO_DOMAIN, SI_ORDER_FIRST, ipsec_attach, NULL); |
