svn commit: r235993 - projects/pf/head/sys/contrib/pf/net

Fri May 25 14:49:52 UTC 2012

Author: glebius
Date: Fri May 25 14:49:51 2012
New Revision: 235993
URL: http://svn.freebsd.org/changeset/base/235993

Log:
  - Stop referencing tag names by states. Not a big deal if tag name
    disappears.
  - Make tag code more private to pf_ioctl.c

Modified:
  projects/pf/head/sys/contrib/pf/net/pf.c
  projects/pf/head/sys/contrib/pf/net/pf_ioctl.c
  projects/pf/head/sys/contrib/pf/net/pfvar.h

Modified: projects/pf/head/sys/contrib/pf/net/pf.c
==============================================================================

--- projects/pf/head/sys/contrib/pf/net/pf.c	Fri May 25 14:40:56 2012	(r235992)
+++ projects/pf/head/sys/contrib/pf/net/pf.c	Fri May 25 14:49:51 2012	(r235993)
@@ -1472,8 +1472,6 @@ pf_free_state(struct pf_state *cur)
 	if (cur->anchor.ptr != NULL)
 		--cur->anchor.ptr->states_cur;
 	pf_normalize_tcp_cleanup(cur);
-	if (cur->tag)
-		pf_tag_unref(cur->tag);
 	uma_zfree(V_pf_state_z, cur);
 	V_pf_status.fcounters[FCNT_STATE_REMOVALS]++;
 	V_pf_status.states--;
@@ -3446,10 +3444,8 @@ pf_create_state(struct pf_rule *r, struc
 		*sm = s;
 
 	pf_set_rt_ifp(s, pd->src);	/* needs s->state_key set */
-	if (tag > 0) {
-		pf_tag_ref(tag);
+	if (tag > 0)
 		s->tag = tag;
-	}
 	if (pd->proto == IPPROTO_TCP && (th->th_flags & (TH_SYN|TH_ACK)) ==
 	    TH_SYN && r->keep_state == PF_STATE_SYNPROXY) {
 		s->src.state = PF_TCPS_PROXY_SRC;

Modified: projects/pf/head/sys/contrib/pf/net/pf_ioctl.c
==============================================================================
--- projects/pf/head/sys/contrib/pf/net/pf_ioctl.c	Fri May 25 14:40:56 2012	(r235992)
+++ projects/pf/head/sys/contrib/pf/net/pf_ioctl.c	Fri May 25 14:49:51 2012	(r235993)
@@ -135,8 +135,6 @@ static int		 pf_addr_setup(struct pf_rul
 static void		 pf_addr_copyout(struct pf_addr_wrap *);
 static void		 pf_pkt_addr_changed(struct mbuf *);
 
-#define	TAGID_MAX	 50000
-
 VNET_DEFINE(struct pf_rule,	pf_default_rule);
 VNET_DEFINE(struct sx,		pf_consistency_lock);
 #define V_pf_consistency_lock	VNET(pf_consistency_lock)
@@ -146,13 +144,20 @@ static VNET_DEFINE(int,		pf_altq_running
 #define	V_pf_altq_running	VNET(pf_altq_running)
 #endif
 
-TAILQ_HEAD(pf_tags, pf_tagname);
+#define	TAGID_MAX	 50000
+struct pf_tagname {
+	TAILQ_ENTRY(pf_tagname)	entries;
+	char			name[PF_TAG_NAME_SIZE];
+	uint16_t		tag;
+	int			ref;
+};
 
+TAILQ_HEAD(pf_tags, pf_tagname);
 #define	V_pf_tags		VNET(pf_tags)
 VNET_DEFINE(struct pf_tags, pf_tags);
 #define	V_pf_qids		VNET(pf_qids)
 VNET_DEFINE(struct pf_tags, pf_qids);
-
+MALLOC_DEFINE(M_PFTAG, "pf tags", "pf tags");
 
 #if (PF_QNAME_SIZE != PF_TAG_NAME_SIZE)
 #error PF_QNAME_SIZE must be equal to PF_TAG_NAME_SIZE
@@ -160,7 +165,7 @@ VNET_DEFINE(struct pf_tags, pf_qids);
 
 static u_int16_t	 tagname2tag(struct pf_tags *, char *);
 static u_int16_t	 pf_tagname2tag(char *);
-void			 tag_unref(struct pf_tags *, u_int16_t);
+static void		 tag_unref(struct pf_tags *, u_int16_t);
 
 #define DPFPRINTF(n, x) if (V_pf_status.debug >= (n)) printf x
 
@@ -406,8 +411,10 @@ pf_free_rule(struct pf_rule *rule)
 
 	PF_RULES_WASSERT();
 
-	pf_tag_unref(rule->tag);
-	pf_tag_unref(rule->match_tag);
+	if (rule->tag)
+		tag_unref(&V_pf_tags, rule->tag);
+	if (rule->match_tag)
+		tag_unref(&V_pf_tags, rule->match_tag);
 #ifdef ALTQ
 	if (rule->pqid != rule->qid)
 		pf_qid_unref(rule->pqid);
@@ -444,6 +451,8 @@ tagname2tag(struct pf_tags *head, char *
 	struct pf_tagname	*tag, *p = NULL;
 	u_int16_t		 new_tagid = 1;
 
+	PF_RULES_WASSERT();
+
 	TAILQ_FOREACH(tag, head, entries)
 		if (strcmp(tagname, tag->name) == 0) {
 			tag->ref++;
@@ -466,7 +475,7 @@ tagname2tag(struct pf_tags *head, char *
 		return (0);
 
 	/* allocate and fill new struct pf_tagname */
-	tag = malloc(sizeof(*tag), M_TEMP, M_NOWAIT|M_ZERO);
+	tag = malloc(sizeof(*tag), M_PFTAG, M_NOWAIT|M_ZERO);
 	if (tag == NULL)
 		return (0);
 	strlcpy(tag->name, tagname, sizeof(tag->name));
@@ -481,20 +490,19 @@ tagname2tag(struct pf_tags *head, char *
 	return (tag->tag);
 }
 
-void
+static void
 tag_unref(struct pf_tags *head, u_int16_t tag)
 {
 	struct pf_tagname	*p, *next;
 
-	if (tag == 0)
-		return;
+	PF_RULES_WASSERT();
 
 	for (p = TAILQ_FIRST(head); p != NULL; p = next) {
 		next = TAILQ_NEXT(p, entries);
 		if (tag == p->tag) {
 			if (--p->ref == 0) {
 				TAILQ_REMOVE(head, p, entries);
-				free(p, M_TEMP);
+				free(p, M_PFTAG);
 			}
 			break;
 		}
@@ -507,24 +515,6 @@ pf_tagname2tag(char *tagname)
 	return (tagname2tag(&V_pf_tags, tagname));
 }
 
-void
-pf_tag_ref(u_int16_t tag)
-{
-	struct pf_tagname *t;
-
-	TAILQ_FOREACH(t, &V_pf_tags, entries)
-		if (t->tag == tag)
-			break;
-	if (t != NULL)
-		t->ref++;
-}
-
-void
-pf_tag_unref(u_int16_t tag)
-{
-	tag_unref(&V_pf_tags, tag);
-}
-
 #ifdef ALTQ
 static u_int32_t
 pf_qname2qid(char *qname)

Modified: projects/pf/head/sys/contrib/pf/net/pfvar.h
==============================================================================
--- projects/pf/head/sys/contrib/pf/net/pfvar.h	Fri May 25 14:40:56 2012	(r235992)
+++ projects/pf/head/sys/contrib/pf/net/pfvar.h	Fri May 25 14:49:51 2012	(r235993)
@@ -1410,13 +1410,6 @@ struct pf_altq {
 	u_int32_t		 qid;		/* return value */
 };
 
-struct pf_tagname {
-	TAILQ_ENTRY(pf_tagname)	entries;
-	char			name[PF_TAG_NAME_SIZE];
-	u_int16_t		tag;
-	int			ref;
-};
-
 struct pf_divert {
 	union {
 		struct in_addr	ipv4;
@@ -1931,8 +1924,6 @@ int		 pfi_clear_flags(const char *, int)
 
 int		 pf_match_tag(struct mbuf *, struct pf_rule *, int *,
 		    struct pf_mtag *);
-void		 pf_tag_ref(u_int16_t);
-void		 pf_tag_unref(u_int16_t);
 int		 pf_tag_packet(struct mbuf *, int, int, struct pf_mtag *);
 void		 pf_qid2qname(u_int32_t, char *);
 
