CVSROOT: /cvs
Module name: src
Changes by: d...@cvs.openbsd.org 2022/11/11 08:02:31
Modified files:
sys/net : pfvar_priv.h pf.c
Log message:
add a mutex to struct pf_state and init it.
nothing is protected by it yet but it will allow us to provide
consistent updates to individual states without relying on a global
lock. getting that right between the packet processing in pf itself,
pfsync, the pf purge code, the ioctl paths, etc is not worth the
required contortions.
while pf_state does grow, it doesn't use more cachelines on machines
where we will want to run in parallel with a lot of states.
stolen from and ok sashan@
