svn commit: r235993 - projects/pf/head/sys/contrib/pf/net
Ermal Luçi
eri at freebsd.org
Fri May 25 15:49:22 UTC 2012
I am not sure you understand the implications here and previous commit.
But word CONSISTENCY and wrong behviour is the first to look after.
On Fri, May 25, 2012 at 4:49 PM, Gleb Smirnoff <glebius at freebsd.org> wrote:
> Author: glebius
> Date: Fri May 25 14:49:51 2012
> New Revision: 235993
> URL: http://svn.freebsd.org/changeset/base/235993
>
> Log:
> - Stop referencing tag names by states. Not a big deal if tag name
> disappears.
> - Make tag code more private to pf_ioctl.c
>
> Modified:
> projects/pf/head/sys/contrib/pf/net/pf.c
> projects/pf/head/sys/contrib/pf/net/pf_ioctl.c
> projects/pf/head/sys/contrib/pf/net/pfvar.h
>
> Modified: projects/pf/head/sys/contrib/pf/net/pf.c
> ==============================================================================
> --- projects/pf/head/sys/contrib/pf/net/pf.c Fri May 25 14:40:56 2012 (r235992)
> +++ projects/pf/head/sys/contrib/pf/net/pf.c Fri May 25 14:49:51 2012 (r235993)
> @@ -1472,8 +1472,6 @@ pf_free_state(struct pf_state *cur)
> if (cur->anchor.ptr != NULL)
> --cur->anchor.ptr->states_cur;
> pf_normalize_tcp_cleanup(cur);
> - if (cur->tag)
> - pf_tag_unref(cur->tag);
> uma_zfree(V_pf_state_z, cur);
> V_pf_status.fcounters[FCNT_STATE_REMOVALS]++;
> V_pf_status.states--;
> @@ -3446,10 +3444,8 @@ pf_create_state(struct pf_rule *r, struc
> *sm = s;
>
> pf_set_rt_ifp(s, pd->src); /* needs s->state_key set */
> - if (tag > 0) {
> - pf_tag_ref(tag);
> + if (tag > 0)
> s->tag = tag;
> - }
> if (pd->proto == IPPROTO_TCP && (th->th_flags & (TH_SYN|TH_ACK)) ==
> TH_SYN && r->keep_state == PF_STATE_SYNPROXY) {
> s->src.state = PF_TCPS_PROXY_SRC;
>
> Modified: projects/pf/head/sys/contrib/pf/net/pf_ioctl.c
> ==============================================================================
> --- projects/pf/head/sys/contrib/pf/net/pf_ioctl.c Fri May 25 14:40:56 2012 (r235992)
> +++ projects/pf/head/sys/contrib/pf/net/pf_ioctl.c Fri May 25 14:49:51 2012 (r235993)
> @@ -135,8 +135,6 @@ static int pf_addr_setup(struct pf_rul
> static void pf_addr_copyout(struct pf_addr_wrap *);
> static void pf_pkt_addr_changed(struct mbuf *);
>
> -#define TAGID_MAX 50000
> -
> VNET_DEFINE(struct pf_rule, pf_default_rule);
> VNET_DEFINE(struct sx, pf_consistency_lock);
> #define V_pf_consistency_lock VNET(pf_consistency_lock)
> @@ -146,13 +144,20 @@ static VNET_DEFINE(int, pf_altq_running
> #define V_pf_altq_running VNET(pf_altq_running)
> #endif
>
> -TAILQ_HEAD(pf_tags, pf_tagname);
> +#define TAGID_MAX 50000
> +struct pf_tagname {
> + TAILQ_ENTRY(pf_tagname) entries;
> + char name[PF_TAG_NAME_SIZE];
> + uint16_t tag;
> + int ref;
> +};
>
> +TAILQ_HEAD(pf_tags, pf_tagname);
> #define V_pf_tags VNET(pf_tags)
> VNET_DEFINE(struct pf_tags, pf_tags);
> #define V_pf_qids VNET(pf_qids)
> VNET_DEFINE(struct pf_tags, pf_qids);
> -
> +MALLOC_DEFINE(M_PFTAG, "pf tags", "pf tags");
>
> #if (PF_QNAME_SIZE != PF_TAG_NAME_SIZE)
> #error PF_QNAME_SIZE must be equal to PF_TAG_NAME_SIZE
> @@ -160,7 +165,7 @@ VNET_DEFINE(struct pf_tags, pf_qids);
>
> static u_int16_t tagname2tag(struct pf_tags *, char *);
> static u_int16_t pf_tagname2tag(char *);
> -void tag_unref(struct pf_tags *, u_int16_t);
> +static void tag_unref(struct pf_tags *, u_int16_t);
>
> #define DPFPRINTF(n, x) if (V_pf_status.debug >= (n)) printf x
>
> @@ -406,8 +411,10 @@ pf_free_rule(struct pf_rule *rule)
>
> PF_RULES_WASSERT();
>
> - pf_tag_unref(rule->tag);
> - pf_tag_unref(rule->match_tag);
> + if (rule->tag)
> + tag_unref(&V_pf_tags, rule->tag);
> + if (rule->match_tag)
> + tag_unref(&V_pf_tags, rule->match_tag);
> #ifdef ALTQ
> if (rule->pqid != rule->qid)
> pf_qid_unref(rule->pqid);
> @@ -444,6 +451,8 @@ tagname2tag(struct pf_tags *head, char *
> struct pf_tagname *tag, *p = NULL;
> u_int16_t new_tagid = 1;
>
> + PF_RULES_WASSERT();
> +
> TAILQ_FOREACH(tag, head, entries)
> if (strcmp(tagname, tag->name) == 0) {
> tag->ref++;
> @@ -466,7 +475,7 @@ tagname2tag(struct pf_tags *head, char *
> return (0);
>
> /* allocate and fill new struct pf_tagname */
> - tag = malloc(sizeof(*tag), M_TEMP, M_NOWAIT|M_ZERO);
> + tag = malloc(sizeof(*tag), M_PFTAG, M_NOWAIT|M_ZERO);
> if (tag == NULL)
> return (0);
> strlcpy(tag->name, tagname, sizeof(tag->name));
> @@ -481,20 +490,19 @@ tagname2tag(struct pf_tags *head, char *
> return (tag->tag);
> }
>
> -void
> +static void
> tag_unref(struct pf_tags *head, u_int16_t tag)
> {
> struct pf_tagname *p, *next;
>
> - if (tag == 0)
> - return;
> + PF_RULES_WASSERT();
>
> for (p = TAILQ_FIRST(head); p != NULL; p = next) {
> next = TAILQ_NEXT(p, entries);
> if (tag == p->tag) {
> if (--p->ref == 0) {
> TAILQ_REMOVE(head, p, entries);
> - free(p, M_TEMP);
> + free(p, M_PFTAG);
> }
> break;
> }
> @@ -507,24 +515,6 @@ pf_tagname2tag(char *tagname)
> return (tagname2tag(&V_pf_tags, tagname));
> }
>
> -void
> -pf_tag_ref(u_int16_t tag)
> -{
> - struct pf_tagname *t;
> -
> - TAILQ_FOREACH(t, &V_pf_tags, entries)
> - if (t->tag == tag)
> - break;
> - if (t != NULL)
> - t->ref++;
> -}
> -
> -void
> -pf_tag_unref(u_int16_t tag)
> -{
> - tag_unref(&V_pf_tags, tag);
> -}
> -
> #ifdef ALTQ
> static u_int32_t
> pf_qname2qid(char *qname)
>
> Modified: projects/pf/head/sys/contrib/pf/net/pfvar.h
> ==============================================================================
> --- projects/pf/head/sys/contrib/pf/net/pfvar.h Fri May 25 14:40:56 2012 (r235992)
> +++ projects/pf/head/sys/contrib/pf/net/pfvar.h Fri May 25 14:49:51 2012 (r235993)
> @@ -1410,13 +1410,6 @@ struct pf_altq {
> u_int32_t qid; /* return value */
> };
>
> -struct pf_tagname {
> - TAILQ_ENTRY(pf_tagname) entries;
> - char name[PF_TAG_NAME_SIZE];
> - u_int16_t tag;
> - int ref;
> -};
> -
> struct pf_divert {
> union {
> struct in_addr ipv4;
> @@ -1931,8 +1924,6 @@ int pfi_clear_flags(const char *, int)
>
> int pf_match_tag(struct mbuf *, struct pf_rule *, int *,
> struct pf_mtag *);
> -void pf_tag_ref(u_int16_t);
> -void pf_tag_unref(u_int16_t);
> int pf_tag_packet(struct mbuf *, int, int, struct pf_mtag *);
> void pf_qid2qname(u_int32_t, char *);
>
--
Ermal
More information about the svn-src-projects
mailing list