CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2020/01/24 22:10:53
Modified files:
sys/net : if_tun.c
Log message:
rework the driver to better manage lifetimes and device lifetimes.
i want to make tun_dev_read and tun_dev_write safe to run without
the kernel lock. the problem with that is you need a way to prevent
the tun_softc from going away while it's being used by those syscall
paths rather than relying on the big lock to serialise them. blocking
reads sleep, and this was coped with by checking if the interface
went away or changed by looking up the ifindex after every sleep
and seeing if the ifp changed.
i wanted to simplify this by just refusing to let an interface get
destroyed while the device side is open. everyone i asked at a2k20
about whether this was acceptable said this is wrong and i was a
terrible person for trying to make my life easier for myself. so i
ended up going down this rabbit hole.
the code now keeps track of the actual device node (ie, both the
major and minor) which is open, and when the interface is destroyed
it calls VOP_REVOKE against it. this basically calls tun_dev_close
immediately, and wires the fd/vfs stuff up against some deadfs thing
which makes subsequent operations fail as if the device was pulled.
this is good. previously if a tun/tap interface was destroyed while
it was open, and then got recreated, userland wouldnt notice and
would just go ahead and use the newly created device as if it always
had it open. now it actually has access revoked, and access to a
newly created tun/tap interface has to have a new tun_dev_open call
against it.
im putting this in now so people can have a go at it. claudio@ and
i have been hitting it pretty hard, but more testing is welcome.
ok claudio@
