From nobody Thu Nov 28 09:39:22 2024
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XzWVL6djzz5fTDp;
	Thu, 28 Nov 2024 09:39:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4XzWVL66W1z4Kpf;
	Thu, 28 Nov 2024 09:39:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1732786762;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=JTusg8TY8XjqrIIK6v5tCaPK++6oBsxVWE7OHgJzgEU=;
	b=MSE2j6bjNz5mnvXm3vFtamv4l+ZaJIvzljAtMS6dvYkbYpOcpNQYYxrBPX3z3ODILDPFSM
	Smmqdx0NiS1Ia1Z3BfEL+J0kCAaQWfDLuTHaa0tkGlQqFuh2c48NsER398ixwQLkulTY8A
	OC9D/t8dTR10K0eOsatuo0vCOp3rvHKSGPGq5E3q7yo3NIoVwCN4YBqf5GCq67x0wd66Tt
	6nwcxJbCGA8YInCtUAXMM8Ouet5pPrIPBUAgiJCM2+s+0ezyBUDSnk0XeDLMXSYPsBqoib
	LrMKdc25WQePKaznxyFmhqPbtaf8P+aHviZP78TM78X+V+g9laJ8hiXzc5AWdA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1732786762;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=JTusg8TY8XjqrIIK6v5tCaPK++6oBsxVWE7OHgJzgEU=;
	b=ETk/8Cz9+4kfFLhAEvpmFtzvkaBB4V0jsLBtxDuf+F95daUJKk7VawrwHQZXEfgKgfOjav
	NVxImLeiSk/Tn1Rl4yTl797pRs3uF61cAllGOJu4y2n9vkihoVBbO4SH4OfHsj7ywsornR
	+IjL1Js4k/HEB3J+l3YfFBQYpgI+uxLctbSPnTjDEpjijWsAJehiXF3zTNiDEq3qXlNVxi
	yzNmMm2IeipEiCi+ztsNS4LWFURu9btxjrVJIWMitRg0IRUJC6rEV5y+w/vGDpyctepl1P
	Rj4087i7IOLQPnH8j9htlpehLhdNAec3BEBiOsBdTYAny79BgTRhs8eY3qMf6Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1732786762; a=rsa-sha256; cv=none;
	b=YZrL2iOqBLLASN1B5LY/bo36OJfTnyqWXpBOcvg55S/F/cBnB6VCmHilDiZxZ8CAWhhRMG
	7fhck+06HH4fqZqc9cWorOlibynG44carHAHads7DB+WfD+ybjc4w1MN+rruvojVnRK7vE
	YnTP+fOkWbOO6vF1fMAYuLRZGCYUYLCc9LlFcGk/Jvfk4rea5rncLohE1D/9ln2GrRGfNk
	sgmYz6UJLg8+XNcCAuxjl2W1OH6gpi0MTN1uBRKQdUl1Y1lMYiQ8d/77xMWszH19OSrrOF
	p+E0gid2MyvlZOHtFZXYlcd8KbQJyAYFZ45FlnUMTKIe8qjv9YVmgC+A2uiISg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4XzWVL5bLRzYfM;
	Thu, 28 Nov 2024 09:39:22 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4AS9dMSI076561;
	Thu, 28 Nov 2024 09:39:22 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4AS9dM3H076558;
	Thu, 28 Nov 2024 09:39:22 GMT
	(envelope-from git)
Date: Thu, 28 Nov 2024 09:39:22 GMT
Message-Id: <202411280939.4AS9dM3H076558@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Kajetan Staszkiewicz <ks@FreeBSD.org>
Subject: git: 9f9cf83f114a - main - pf: Use a single pointer to
  state in pf_src_connlimit()
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-main@freebsd.org
Sender: owner-dev-commits-src-main@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: ks
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 9f9cf83f114a50185ac0054abc5cec174ad83e53
Auto-Submitted: auto-generated

The branch main has been updated by ks:

URL: https://cgit.FreeBSD.org/src/commit/?id=9f9cf83f114a50185ac0054abc5cec174ad83e53

commit 9f9cf83f114a50185ac0054abc5cec174ad83e53
Author:     Kajetan Staszkiewicz <ks@FreeBSD.org>
AuthorDate: 2024-11-24 16:32:17 +0000
Commit:     Kajetan Staszkiewicz <ks@FreeBSD.org>
CommitDate: 2024-11-28 09:37:35 +0000

    pf: Use a single pointer to state in pf_src_connlimit()
    
    There's no need for a double pointer, the function pf_src_connlimit()
    does not modify the state.
    
    Reviewed by:            kp
    Approved by:            kp (mentor)
    Sponsored by:           InnoGames GmbH
    Differential Revision:  https://reviews.freebsd.org/D47758
---
 sys/netpfil/pf/pf.c | 46 +++++++++++++++++++++++-----------------------
 1 file changed, 23 insertions(+), 23 deletions(-)

diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c
index f6bd1b93ca1b..9436a4247411 100644
--- a/sys/netpfil/pf/pf.c
+++ b/sys/netpfil/pf/pf.c
@@ -372,7 +372,7 @@ static void		 pf_patch_8(struct mbuf *, u_int16_t *, u_int8_t *, u_int8_t,
 			    bool, u_int8_t);
 static struct pf_kstate	*pf_find_state(struct pfi_kkif *,
 			    const struct pf_state_key_cmp *, u_int);
-static int		 pf_src_connlimit(struct pf_kstate **);
+static int		 pf_src_connlimit(struct pf_kstate *);
 static int		 pf_match_rcvif(struct mbuf *, struct pf_krule *);
 static void		 pf_counters_inc(int, struct pf_pdesc *,
 			    struct pf_kstate *, struct pf_krule *,
@@ -813,30 +813,30 @@ pf_check_threshold(struct pf_threshold *threshold)
 }
 
 static int
-pf_src_connlimit(struct pf_kstate **state)
+pf_src_connlimit(struct pf_kstate *state)
 {
 	struct pf_overload_entry *pfoe;
 	int bad = 0;
 
-	PF_STATE_LOCK_ASSERT(*state);
+	PF_STATE_LOCK_ASSERT(state);
 	/*
 	 * XXXKS: The src node is accessed unlocked!
-	 * PF_SRC_NODE_LOCK_ASSERT((*state)->src_node);
+	 * PF_SRC_NODE_LOCK_ASSERT(state->src_node);
 	 */
 
-	(*state)->src_node->conn++;
-	(*state)->src.tcp_est = 1;
-	pf_add_threshold(&(*state)->src_node->conn_rate);
+	state->src_node->conn++;
+	state->src.tcp_est = 1;
+	pf_add_threshold(&state->src_node->conn_rate);
 
-	if ((*state)->rule->max_src_conn &&
-	    (*state)->rule->max_src_conn <
-	    (*state)->src_node->conn) {
+	if (state->rule->max_src_conn &&
+	    state->rule->max_src_conn <
+	    state->src_node->conn) {
 		counter_u64_add(V_pf_status.lcounters[LCNT_SRCCONN], 1);
 		bad++;
 	}
 
-	if ((*state)->rule->max_src_conn_rate.limit &&
-	    pf_check_threshold(&(*state)->src_node->conn_rate)) {
+	if (state->rule->max_src_conn_rate.limit &&
+	    pf_check_threshold(&state->src_node->conn_rate)) {
 		counter_u64_add(V_pf_status.lcounters[LCNT_SRCCONNRATE], 1);
 		bad++;
 	}
@@ -845,10 +845,10 @@ pf_src_connlimit(struct pf_kstate **state)
 		return (0);
 
 	/* Kill this state. */
-	(*state)->timeout = PFTM_PURGE;
-	pf_set_protostate(*state, PF_PEER_BOTH, TCPS_CLOSED);
+	state->timeout = PFTM_PURGE;
+	pf_set_protostate(state, PF_PEER_BOTH, TCPS_CLOSED);
 
-	if ((*state)->rule->overload_tbl == NULL)
+	if (state->rule->overload_tbl == NULL)
 		return (1);
 
 	/* Schedule overloading and flushing task. */
@@ -856,10 +856,10 @@ pf_src_connlimit(struct pf_kstate **state)
 	if (pfoe == NULL)
 		return (1);	/* too bad :( */
 
-	bcopy(&(*state)->src_node->addr, &pfoe->addr, sizeof(pfoe->addr));
-	pfoe->af = (*state)->key[PF_SK_WIRE]->af;
-	pfoe->rule = (*state)->rule;
-	pfoe->dir = (*state)->direction;
+	bcopy(&state->src_node->addr, &pfoe->addr, sizeof(pfoe->addr));
+	pfoe->af = state->key[PF_SK_WIRE]->af;
+	pfoe->rule = state->rule;
+	pfoe->dir = state->direction;
 	PF_OVERLOADQ_LOCK();
 	SLIST_INSERT_HEAD(&V_pf_overloadqueue, pfoe, next);
 	PF_OVERLOADQ_UNLOCK();
@@ -5811,7 +5811,7 @@ pf_tcp_track_full(struct pf_kstate **state, struct pf_pdesc *pd,
 				    TCPS_ESTABLISHED);
 				if (src->state == TCPS_ESTABLISHED &&
 				    (*state)->src_node != NULL &&
-				    pf_src_connlimit(state)) {
+				    pf_src_connlimit(*state)) {
 					REASON_SET(reason, PFRES_SRCLIMIT);
 					return (PF_DROP);
 				}
@@ -5982,7 +5982,7 @@ pf_tcp_track_sloppy(struct pf_kstate **state, struct pf_pdesc *pd, u_short *reas
 			pf_set_protostate(*state, pdst, TCPS_ESTABLISHED);
 			if (src->state == TCPS_ESTABLISHED &&
 			    (*state)->src_node != NULL &&
-			    pf_src_connlimit(state)) {
+			    pf_src_connlimit(*state)) {
 				REASON_SET(reason, PFRES_SRCLIMIT);
 				return (PF_DROP);
 			}
@@ -6000,7 +6000,7 @@ pf_tcp_track_sloppy(struct pf_kstate **state, struct pf_pdesc *pd, u_short *reas
 			    TCPS_ESTABLISHED);
 			dst->state = src->state = TCPS_ESTABLISHED;
 			if ((*state)->src_node != NULL &&
-			    pf_src_connlimit(state)) {
+			    pf_src_connlimit(*state)) {
 				REASON_SET(reason, PFRES_SRCLIMIT);
 				return (PF_DROP);
 			}
@@ -6067,7 +6067,7 @@ pf_synproxy(struct pf_pdesc *pd, struct pf_kstate **state, u_short *reason)
 			REASON_SET(reason, PFRES_SYNPROXY);
 			return (PF_DROP);
 		} else if ((*state)->src_node != NULL &&
-		    pf_src_connlimit(state)) {
+		    pf_src_connlimit(*state)) {
 			REASON_SET(reason, PFRES_SRCLIMIT);
 			return (PF_DROP);
 		} else