git: cdc231bd4949 - main - pfsync: Remove deletion of states using the full pfsync_state struct

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Kristof Provost <kp_at_FreeBSD.org>
Date: Wed, 17 May 2023 02:40:49 UTC
The branch main has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=cdc231bd49498481801686913872c361dbc01f95

commit cdc231bd49498481801686913872c361dbc01f95
Author:     Kajetan Staszkiewicz <vegeta@tuxpowered.net>
AuthorDate: 2023-05-15 19:43:06 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2023-05-17 00:39:58 +0000

    pfsync: Remove deletion of states using the full pfsync_state struct
    
    State deletions are sent over pfsync using struct pfsync_del_c.
    
    Remove the code for receiving state deletions using struct pfsync_state
    as such deletions are never sent. Rename functions and constants so that
    only the "compressed" versions remain.
    
    Reviewed by:    kp
    Sponsored by:   InnoGames GmbH
    Differential Revision:  https://reviews.freebsd.org/D40004
---
 sys/net/if_pfsync.h        |  2 +-
 sys/netpfil/pf/if_pfsync.c | 44 ++++++--------------------------------------
 2 files changed, 7 insertions(+), 39 deletions(-)

diff --git a/sys/net/if_pfsync.h b/sys/net/if_pfsync.h
index bee247cd0a84..a13e26fd3bdf 100644
--- a/sys/net/if_pfsync.h
+++ b/sys/net/if_pfsync.h
@@ -274,7 +274,7 @@ struct pfsyncioc_nv {
 #define	PFSYNC_S_IACK	0x01
 #define	PFSYNC_S_UPD	0x02
 #define	PFSYNC_S_UPD_C	0x03
-#define	PFSYNC_S_DEL	0x04
+#define	PFSYNC_S_DEL_C	0x04
 #define	PFSYNC_S_COUNT	0x05
 
 #define	PFSYNC_S_DEFER	0xfe
diff --git a/sys/netpfil/pf/if_pfsync.c b/sys/netpfil/pf/if_pfsync.c
index a7924d822eee..f53479283ecd 100644
--- a/sys/netpfil/pf/if_pfsync.c
+++ b/sys/netpfil/pf/if_pfsync.c
@@ -128,7 +128,6 @@ static int	pfsync_in_iack(struct mbuf *, int, int, int);
 static int	pfsync_in_upd(struct mbuf *, int, int, int);
 static int	pfsync_in_upd_c(struct mbuf *, int, int, int);
 static int	pfsync_in_ureq(struct mbuf *, int, int, int);
-static int	pfsync_in_del(struct mbuf *, int, int, int);
 static int	pfsync_in_del_c(struct mbuf *, int, int, int);
 static int	pfsync_in_bus(struct mbuf *, int, int, int);
 static int	pfsync_in_tdb(struct mbuf *, int, int, int);
@@ -142,7 +141,7 @@ static int (*pfsync_acts[])(struct mbuf *, int, int, int) = {
 	pfsync_in_upd,			/* PFSYNC_ACT_UPD */
 	pfsync_in_upd_c,		/* PFSYNC_ACT_UPD_C */
 	pfsync_in_ureq,			/* PFSYNC_ACT_UPD_REQ */
-	pfsync_in_del,			/* PFSYNC_ACT_DEL */
+	pfsync_in_error,		/* PFSYNC_ACT_DEL */
 	pfsync_in_del_c,		/* PFSYNC_ACT_DEL_C */
 	pfsync_in_error,		/* PFSYNC_ACT_INS_F */
 	pfsync_in_error,		/* PFSYNC_ACT_DEL_F */
@@ -161,14 +160,14 @@ struct pfsync_q {
 static void	pfsync_out_state(struct pf_kstate *, void *);
 static void	pfsync_out_iack(struct pf_kstate *, void *);
 static void	pfsync_out_upd_c(struct pf_kstate *, void *);
-static void	pfsync_out_del(struct pf_kstate *, void *);
+static void	pfsync_out_del_c(struct pf_kstate *, void *);
 
 static struct pfsync_q pfsync_qs[] = {
 	{ pfsync_out_state, sizeof(struct pfsync_state),   PFSYNC_ACT_INS },
 	{ pfsync_out_iack,  sizeof(struct pfsync_ins_ack), PFSYNC_ACT_INS_ACK },
 	{ pfsync_out_state, sizeof(struct pfsync_state),   PFSYNC_ACT_UPD },
 	{ pfsync_out_upd_c, sizeof(struct pfsync_upd_c),   PFSYNC_ACT_UPD_C },
-	{ pfsync_out_del,   sizeof(struct pfsync_del_c),   PFSYNC_ACT_DEL_C }
+	{ pfsync_out_del_c, sizeof(struct pfsync_del_c),   PFSYNC_ACT_DEL_C }
 };
 
 static void	pfsync_q_ins(struct pf_kstate *, int, bool);
@@ -1127,37 +1126,6 @@ pfsync_in_ureq(struct mbuf *m, int offset, int count, int flags)
 	return (len);
 }
 
-static int
-pfsync_in_del(struct mbuf *m, int offset, int count, int flags)
-{
-	struct mbuf *mp;
-	struct pfsync_state *sa, *sp;
-	struct pf_kstate *st;
-	int len = count * sizeof(*sp);
-	int offp, i;
-
-	mp = m_pulldown(m, offset, len, &offp);
-	if (mp == NULL) {
-		V_pfsyncstats.pfsyncs_badlen++;
-		return (-1);
-	}
-	sa = (struct pfsync_state *)(mp->m_data + offp);
-
-	for (i = 0; i < count; i++) {
-		sp = &sa[i];
-
-		st = pf_find_state_byid(sp->id, sp->creatorid);
-		if (st == NULL) {
-			V_pfsyncstats.pfsyncs_badstate++;
-			continue;
-		}
-		st->state_flags |= PFSTATE_NOSYNC;
-		pf_unlink_state(st);
-	}
-
-	return (len);
-}
-
 static int
 pfsync_in_del_c(struct mbuf *m, int offset, int count, int flags)
 {
@@ -1526,7 +1494,7 @@ pfsync_out_upd_c(struct pf_kstate *st, void *buf)
 }
 
 static void
-pfsync_out_del(struct pf_kstate *st, void *buf)
+pfsync_out_del_c(struct pf_kstate *st, void *buf)
 {
 	struct pfsync_del_c *dp = buf;
 
@@ -2039,7 +2007,7 @@ pfsync_update_state_req(struct pf_kstate *st)
 
 	case PFSYNC_S_INS:
 	case PFSYNC_S_UPD:
-	case PFSYNC_S_DEL:
+	case PFSYNC_S_DEL_C:
 		/* we're already handling it */
 		break;
 
@@ -2089,7 +2057,7 @@ pfsync_delete_state(struct pf_kstate *st)
 		/* FALLTHROUGH */
 
 	case PFSYNC_S_NONE:
-		pfsync_q_ins(st, PFSYNC_S_DEL, ref);
+		pfsync_q_ins(st, PFSYNC_S_DEL_C, ref);
 		break;
 
 	default: