Drop the KERNEL_LOCK() in pf_purge_thread().

The NET_LOCK() is currently what guarantees that accesses to PF data
structures are serialized.

While here use rwsleep(9) instead of calling NET_LOCK()/NET_UNLOCK()
for every iteration.

Tested by Hrvoje Popovski, ok sashan@, visa@

diff --git a/sys/net/pf.c b/sys/net/pf.c
index 70c6489..82be49e 100644 (file)
--- a/sys/net/pf.c
+++ b/sys/net/pf.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: pf.c,v 1.1035 2017/06/21 15:29:23 bluhm Exp $ */
+/*     $OpenBSD: pf.c,v 1.1036 2017/07/03 08:11:21 mpi Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -1204,10 +1204,12 @@ pf_purge_thread(void *v)
 {
        int nloops = 0, s;
 
+       KERNEL_UNLOCK();
+
+       NET_LOCK(s);
        for (;;) {
-               tsleep(pf_purge_thread, PWAIT, "pftm", 1 * hz);
+               rwsleep(pf_purge_thread, &netlock, PWAIT, "pftm", 1 * hz);
 
-               NET_LOCK(s);
 
                PF_LOCK();
                /* process a fraction of the state table every second */
@@ -1227,9 +1229,8 @@ pf_purge_thread(void *v)
                        pf_purge_expired_fragments();
                        nloops = 0;
                }
-
-               NET_UNLOCK(s);
        }
+       NET_UNLOCK(s);
 }
 
 int32_t