svn commit: r236710 - in projects/pf/head/sys: contrib/pf/net
netinet/ipfw
Gleb Smirnoff
glebius at FreeBSD.org
Thu Jun 7 09:47:37 UTC 2012
Author: glebius
Date: Thu Jun 7 09:47:36 2012
New Revision: 236710
URL: http://svn.freebsd.org/changeset/base/236710
Log:
- Use a separate zone with init method for pf mbuf tags.
- The pf_mtag.h is reduced to pf_mtag_find().
- ipfw(4) allocates pf-compatible mtag manually.
Modified:
projects/pf/head/sys/contrib/pf/net/pf.c
projects/pf/head/sys/contrib/pf/net/pf_mtag.h
projects/pf/head/sys/contrib/pf/net/pfvar.h
projects/pf/head/sys/netinet/ipfw/ip_fw2.c
Modified: projects/pf/head/sys/contrib/pf/net/pf.c
==============================================================================
--- projects/pf/head/sys/contrib/pf/net/pf.c Thu Jun 7 09:22:41 2012 (r236709)
+++ projects/pf/head/sys/contrib/pf/net/pf.c Thu Jun 7 09:47:36 2012 (r236710)
@@ -212,12 +212,13 @@ static struct mtx pf_flushqueue_mtx;
VNET_DEFINE(struct pf_rulequeue, pf_unlinked_rules);
struct mtx pf_unlnkdrules_mtx;
-VNET_DEFINE(uma_zone_t, pf_sources_z);
+static VNET_DEFINE(uma_zone_t, pf_sources_z);
+#define V_pf_sources_z VNET(pf_sources_z)
+static VNET_DEFINE(uma_zone_t, pf_mtag_z);
+#define V_pf_mtag_z VNET(pf_mtag_z)
VNET_DEFINE(uma_zone_t, pf_state_z);
VNET_DEFINE(uma_zone_t, pf_state_key_z);
-#define V_pf_sources_z VNET(pf_sources_z)
-
VNET_DEFINE(uint64_t, pf_stateid[MAXCPU]);
#define PFID_CPUBITS 8
#define PFID_CPUSHIFT (sizeof(uint64_t) * NBBY - PFID_CPUBITS)
@@ -319,6 +320,8 @@ static int pf_insert_src_node(struct p
struct pf_rule *, struct pf_addr *, sa_family_t);
static int pf_purge_expired_states(int);
static void pf_purge_unlinked_rules(void);
+static int pf_mtag_init(void *, int, int);
+static void pf_mtag_free(struct m_tag *);
int in4_cksum(struct mbuf *m, u_int8_t nxt, int off, int len);
@@ -751,6 +754,11 @@ pf_initialize()
V_pf_altqs_active = &V_pf_altqs[0];
V_pf_altqs_inactive = &V_pf_altqs[1];
+ /* Mbuf tags */
+ V_pf_mtag_z = uma_zcreate("pf mtags", sizeof(struct m_tag) +
+ sizeof(struct pf_mtag), NULL, NULL, pf_mtag_init, NULL,
+ UMA_ALIGN_PTR, 0);
+
/* Send & flush queues. */
STAILQ_INIT(&V_pf_sendqueue);
SLIST_INIT(&V_pf_flushqueue);
@@ -800,12 +808,51 @@ pf_cleanup()
mtx_destroy(&pf_flushqueue_mtx);
mtx_destroy(&pf_unlnkdrules_mtx);
+ uma_zdestroy(V_pf_mtag_z);
uma_zdestroy(V_pf_sources_z);
uma_zdestroy(V_pf_state_z);
uma_zdestroy(V_pf_state_key_z);
}
static int
+pf_mtag_init(void *mem, int size, int how)
+{
+ struct m_tag *t;
+
+ t = (struct m_tag *)mem;
+ t->m_tag_cookie = MTAG_ABI_COMPAT;
+ t->m_tag_id = PACKET_TAG_PF;
+ t->m_tag_len = sizeof(struct pf_mtag);
+ t->m_tag_free = pf_mtag_free;
+
+ return (0);
+}
+
+static void
+pf_mtag_free(struct m_tag *t)
+{
+
+ uma_zfree(V_pf_mtag_z, t);
+}
+
+struct pf_mtag *
+pf_get_mtag(struct mbuf *m)
+{
+ struct m_tag *mtag;
+
+ if ((mtag = m_tag_find(m, PACKET_TAG_PF, NULL)) != NULL)
+ return ((struct pf_mtag *)(mtag + 1));
+
+ mtag = uma_zalloc(V_pf_mtag_z, M_NOWAIT);
+ if (mtag == NULL)
+ return (NULL);
+ bzero(mtag + 1, sizeof(struct pf_mtag));
+ m_tag_prepend(m, mtag);
+
+ return ((struct pf_mtag *)(mtag + 1));
+}
+
+static int
pf_state_key_attach(struct pf_state_key *skw, struct pf_state_key *sks,
struct pf_state *s)
{
Modified: projects/pf/head/sys/contrib/pf/net/pf_mtag.h
==============================================================================
--- projects/pf/head/sys/contrib/pf/net/pf_mtag.h Thu Jun 7 09:22:41 2012 (r236709)
+++ projects/pf/head/sys/contrib/pf/net/pf_mtag.h Thu Jun 7 09:47:36 2012 (r236710)
@@ -48,9 +48,6 @@ struct pf_mtag {
u_int8_t routed;
};
-static __inline struct pf_mtag *pf_find_mtag(struct mbuf *);
-static __inline struct pf_mtag *pf_get_mtag(struct mbuf *);
-
static __inline struct pf_mtag *
pf_find_mtag(struct mbuf *m)
{
@@ -61,22 +58,5 @@ pf_find_mtag(struct mbuf *m)
return ((struct pf_mtag *)(mtag + 1));
}
-
-static __inline struct pf_mtag *
-pf_get_mtag(struct mbuf *m)
-{
- struct m_tag *mtag;
-
- if ((mtag = m_tag_find(m, PACKET_TAG_PF, NULL)) == NULL) {
- mtag = m_tag_get(PACKET_TAG_PF, sizeof(struct pf_mtag),
- M_NOWAIT);
- if (mtag == NULL)
- return (NULL);
- bzero(mtag + 1, sizeof(struct pf_mtag));
- m_tag_prepend(m, mtag);
- }
-
- return ((struct pf_mtag *)(mtag + 1));
-}
#endif /* _KERNEL */
#endif /* _NET_PF_MTAG_H_ */
Modified: projects/pf/head/sys/contrib/pf/net/pfvar.h
==============================================================================
--- projects/pf/head/sys/contrib/pf/net/pfvar.h Thu Jun 7 09:22:41 2012 (r236709)
+++ projects/pf/head/sys/contrib/pf/net/pfvar.h Thu Jun 7 09:47:36 2012 (r236710)
@@ -1718,6 +1718,8 @@ VNET_DECLARE(struct pf_rulequeue, pf_unl
void pf_initialize(void);
void pf_cleanup(void);
+struct pf_mtag *pf_get_mtag(struct mbuf *);
+
extern void pf_calc_skip_steps(struct pf_rulequeue *);
#ifdef ALTQ
extern void pf_altq_ifnet_event(struct ifnet *, int);
Modified: projects/pf/head/sys/netinet/ipfw/ip_fw2.c
==============================================================================
--- projects/pf/head/sys/netinet/ipfw/ip_fw2.c Thu Jun 7 09:22:41 2012 (r236709)
+++ projects/pf/head/sys/netinet/ipfw/ip_fw2.c Thu Jun 7 09:47:36 2012 (r236710)
@@ -1698,20 +1698,30 @@ do { \
case O_ALTQ: {
struct pf_mtag *at;
+ struct m_tag *mtag;
ipfw_insn_altq *altq = (ipfw_insn_altq *)cmd;
+ /*
+ * ALTQ uses mbuf tags from another
+ * packet filtering system - pf(4).
+ * We allocate a tag in its format
+ * and fill it in, pretending to be pf(4).
+ */
match = 1;
at = pf_find_mtag(m);
if (at != NULL && at->qid != 0)
break;
- at = pf_get_mtag(m);
- if (at == NULL) {
+ mtag = m_tag_get(PACKET_TAG_PF,
+ sizeof(struct pf_mtag), M_NOWAIT | M_ZERO);
+ if (mtag == NULL) {
/*
* Let the packet fall back to the
* default ALTQ.
*/
break;
}
+ m_tag_prepend(m, mtag);
+ at = (struct pf_mtag *)(mtag + 1);
at->qid = altq->qid;
at->hdr = ip;
break;
More information about the svn-src-projects
mailing list