git: 485be9798a75 - main - pfsync: replace struct pfsync_pkt with int flags
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 22 Aug 2022 21:47:07 UTC
The branch main has been updated by kp:
URL: https://cgit.FreeBSD.org/src/commit/?id=485be9798a755cc051130b9a3e28d660ee93a497
commit 485be9798a755cc051130b9a3e28d660ee93a497
Author: Luiz Amaral <email@luiz.eng.br>
AuthorDate: 2022-08-22 18:54:36 +0000
Commit: Kristof Provost <kp@FreeBSD.org>
CommitDate: 2022-08-22 21:46:50 +0000
pfsync: replace struct pfsync_pkt with int flags
Get rid of struct pfsync_pkt. It was used to store data on the stack to
pass to all the submessage handlers, but only the flags part of it was
ever used. Just pass the flags directly instead.
Reviewed by: kp
Obtained from: OpenBSD
Sponsored by: InnoGames GmbH
Differential Revision: https://reviews.freebsd.org/D36294
---
sys/net/pfvar.h | 2 +-
sys/netpfil/pf/if_pfsync.c | 76 +++++++++++++++++++---------------------------
2 files changed, 33 insertions(+), 45 deletions(-)
diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h
index ef30058966dc..ffec6764f6f8 100644
--- a/sys/net/pfvar.h
+++ b/sys/net/pfvar.h
@@ -1067,7 +1067,7 @@ struct pfsync_state {
#ifdef _KERNEL
/* pfsync */
-typedef int pfsync_state_import_t(struct pfsync_state *, u_int8_t);
+typedef int pfsync_state_import_t(struct pfsync_state *, int);
typedef void pfsync_insert_state_t(struct pf_kstate *);
typedef void pfsync_update_state_t(struct pf_kstate *);
typedef void pfsync_delete_state_t(struct pf_kstate *);
diff --git a/sys/netpfil/pf/if_pfsync.c b/sys/netpfil/pf/if_pfsync.c
index 907ffc95bc29..bf4b9322df56 100644
--- a/sys/netpfil/pf/if_pfsync.c
+++ b/sys/netpfil/pf/if_pfsync.c
@@ -108,28 +108,22 @@ __FBSDID("$FreeBSD$");
struct pfsync_bucket;
-struct pfsync_pkt {
- struct ip *ip;
- struct in_addr src;
- u_int8_t flags;
-};
-
static int pfsync_upd_tcp(struct pf_kstate *, struct pfsync_state_peer *,
struct pfsync_state_peer *);
-static int pfsync_in_clr(struct pfsync_pkt *, struct mbuf *, int, int);
-static int pfsync_in_ins(struct pfsync_pkt *, struct mbuf *, int, int);
-static int pfsync_in_iack(struct pfsync_pkt *, struct mbuf *, int, int);
-static int pfsync_in_upd(struct pfsync_pkt *, struct mbuf *, int, int);
-static int pfsync_in_upd_c(struct pfsync_pkt *, struct mbuf *, int, int);
-static int pfsync_in_ureq(struct pfsync_pkt *, struct mbuf *, int, int);
-static int pfsync_in_del(struct pfsync_pkt *, struct mbuf *, int, int);
-static int pfsync_in_del_c(struct pfsync_pkt *, struct mbuf *, int, int);
-static int pfsync_in_bus(struct pfsync_pkt *, struct mbuf *, int, int);
-static int pfsync_in_tdb(struct pfsync_pkt *, struct mbuf *, int, int);
-static int pfsync_in_eof(struct pfsync_pkt *, struct mbuf *, int, int);
-static int pfsync_in_error(struct pfsync_pkt *, struct mbuf *, int, int);
-
-static int (*pfsync_acts[])(struct pfsync_pkt *, struct mbuf *, int, int) = {
+static int pfsync_in_clr(struct mbuf *, int, int, int);
+static int pfsync_in_ins(struct mbuf *, int, int, int);
+static int pfsync_in_iack(struct mbuf *, int, int, int);
+static int pfsync_in_upd(struct mbuf *, int, int, int);
+static int pfsync_in_upd_c(struct mbuf *, int, int, int);
+static int pfsync_in_ureq(struct mbuf *, int, int, int);
+static int pfsync_in_del(struct mbuf *, int, int, int);
+static int pfsync_in_del_c(struct mbuf *, int, int, int);
+static int pfsync_in_bus(struct mbuf *, int, int, int);
+static int pfsync_in_tdb(struct mbuf *, int, int, int);
+static int pfsync_in_eof(struct mbuf *, int, int, int);
+static int pfsync_in_error(struct mbuf *, int, int, int);
+
+static int (*pfsync_acts[])(struct mbuf *, int, int, int) = {
pfsync_in_clr, /* PFSYNC_ACT_CLR */
pfsync_in_ins, /* PFSYNC_ACT_INS */
pfsync_in_iack, /* PFSYNC_ACT_INS_ACK */
@@ -454,7 +448,7 @@ pfsync_alloc_scrub_memory(struct pfsync_state_peer *s,
}
static int
-pfsync_state_import(struct pfsync_state *sp, u_int8_t flags)
+pfsync_state_import(struct pfsync_state *sp, int flags)
{
struct pfsync_softc *sc = V_pfsyncif;
#ifndef __NO_STRICT_ALIGNMENT
@@ -626,13 +620,12 @@ static int
pfsync_input(struct mbuf **mp, int *offp __unused, int proto __unused)
{
struct pfsync_softc *sc = V_pfsyncif;
- struct pfsync_pkt pkt;
struct mbuf *m = *mp;
struct ip *ip = mtod(m, struct ip *);
struct pfsync_header *ph;
struct pfsync_subheader subh;
- int offset, len;
+ int offset, len, flags = 0;
int rv;
uint16_t count;
@@ -687,18 +680,13 @@ pfsync_input(struct mbuf **mp, int *offp __unused, int proto __unused)
goto done;
}
- /* Cheaper to grab this now than having to mess with mbufs later */
- pkt.ip = ip;
- pkt.src = ip->ip_src;
- pkt.flags = 0;
-
/*
* Trusting pf_chksum during packet processing, as well as seeking
* in interface name tree, require holding PF_RULES_RLOCK().
*/
PF_RULES_RLOCK();
if (!bcmp(&ph->pfcksum, &V_pf_status.pf_chksum, PF_MD5_DIGEST_LENGTH))
- pkt.flags |= PFSYNC_SI_CKSUM;
+ flags = PFSYNC_SI_CKSUM;
offset += sizeof(*ph);
while (offset <= len - sizeof(subh)) {
@@ -713,7 +701,7 @@ pfsync_input(struct mbuf **mp, int *offp __unused, int proto __unused)
count = ntohs(subh.count);
V_pfsyncstats.pfsyncs_iacts[subh.action] += count;
- rv = (*pfsync_acts[subh.action])(&pkt, m, offset, count);
+ rv = (*pfsync_acts[subh.action])(m, offset, count, flags);
if (rv == -1) {
PF_RULES_RUNLOCK();
return (IPPROTO_DONE);
@@ -729,7 +717,7 @@ done:
}
static int
-pfsync_in_clr(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
+pfsync_in_clr(struct mbuf *m, int offset, int count, int flags)
{
struct pfsync_clr *clr;
struct mbuf *mp;
@@ -771,7 +759,7 @@ relock:
}
static int
-pfsync_in_ins(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
+pfsync_in_ins(struct mbuf *m, int offset, int count, int flags)
{
struct mbuf *mp;
struct pfsync_state *sa, *sp;
@@ -800,7 +788,7 @@ pfsync_in_ins(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
continue;
}
- if (pfsync_state_import(sp, pkt->flags) == ENOMEM)
+ if (pfsync_state_import(sp, flags) == ENOMEM)
/* Drop out, but process the rest of the actions. */
break;
}
@@ -809,7 +797,7 @@ pfsync_in_ins(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
}
static int
-pfsync_in_iack(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
+pfsync_in_iack(struct mbuf *m, int offset, int count, int flags)
{
struct pfsync_ins_ack *ia, *iaa;
struct pf_kstate *st;
@@ -880,7 +868,7 @@ pfsync_upd_tcp(struct pf_kstate *st, struct pfsync_state_peer *src,
}
static int
-pfsync_in_upd(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
+pfsync_in_upd(struct mbuf *m, int offset, int count, int flags)
{
struct pfsync_softc *sc = V_pfsyncif;
struct pfsync_state *sa, *sp;
@@ -916,7 +904,7 @@ pfsync_in_upd(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
st = pf_find_state_byid(sp->id, sp->creatorid);
if (st == NULL) {
/* insert the update */
- if (pfsync_state_import(sp, pkt->flags))
+ if (pfsync_state_import(sp, flags))
V_pfsyncstats.pfsyncs_badstate++;
continue;
}
@@ -966,7 +954,7 @@ pfsync_in_upd(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
}
static int
-pfsync_in_upd_c(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
+pfsync_in_upd_c(struct mbuf *m, int offset, int count, int flags)
{
struct pfsync_softc *sc = V_pfsyncif;
struct pfsync_upd_c *ua, *up;
@@ -1053,7 +1041,7 @@ pfsync_in_upd_c(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
}
static int
-pfsync_in_ureq(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
+pfsync_in_ureq(struct mbuf *m, int offset, int count, int flags)
{
struct pfsync_upd_req *ur, *ura;
struct mbuf *mp;
@@ -1094,7 +1082,7 @@ pfsync_in_ureq(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
}
static int
-pfsync_in_del(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
+pfsync_in_del(struct mbuf *m, int offset, int count, int flags)
{
struct mbuf *mp;
struct pfsync_state *sa, *sp;
@@ -1125,7 +1113,7 @@ pfsync_in_del(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
}
static int
-pfsync_in_del_c(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
+pfsync_in_del_c(struct mbuf *m, int offset, int count, int flags)
{
struct mbuf *mp;
struct pfsync_del_c *sa, *sp;
@@ -1157,7 +1145,7 @@ pfsync_in_del_c(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
}
static int
-pfsync_in_bus(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
+pfsync_in_bus(struct mbuf *m, int offset, int count, int flags)
{
struct pfsync_softc *sc = V_pfsyncif;
struct pfsync_bus *bus;
@@ -1219,7 +1207,7 @@ pfsync_in_bus(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
}
static int
-pfsync_in_tdb(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
+pfsync_in_tdb(struct mbuf *m, int offset, int count, int flags)
{
int len = count * sizeof(struct pfsync_tdb);
@@ -1284,7 +1272,7 @@ bad:
#endif
static int
-pfsync_in_eof(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
+pfsync_in_eof(struct mbuf *m, int offset, int count, int flags)
{
/* check if we are at the right place in the packet */
if (offset != m->m_pkthdr.len)
@@ -1296,7 +1284,7 @@ pfsync_in_eof(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
}
static int
-pfsync_in_error(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count)
+pfsync_in_error(struct mbuf *m, int offset, int count, int flags)
{
V_pfsyncstats.pfsyncs_badact++;