From nobody Wed Apr 16 18:02:58 2025 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Zd85G4hMkz5t2RW; Wed, 16 Apr 2025 18:02:58 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Zd85G3GQRz3RR6; Wed, 16 Apr 2025 18:02:58 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1744826578; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=kLDRJepgwxJ8wJ01l4p8uN4P6hHeoAzGqhlhlhwq0Hs=; b=S+zb69aAyQboGCyPAKbo+/K+kpnCAtfygilRgOVRJ6K+lW6vRl4DgVnYJ5DNBFB9o0NRHk Lzh5trRh9/91oVFMT57lihEYYl3VSPtz/gpauptu+QqyjJhFBBepT2oK2pY5B5WlWPeiqz gE2BMI9+u2pQLyDNPMa267XLBEkFdv/G2I6eMJ7PzKP617A/ny/y9Hy7y/mdD+6vxrNzZJ bZ94oshefzBXGith4yepg14oDPZiOsAEiKW7GaKT4uhM096TGT8fZ5yhVlhpkJrPECO2CE W1EavnyI6TPW0xDib4DOO/eiT6ZgRXCcnCfikUI2iWOSIdDF4N4EiAIuHJZS+Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1744826578; a=rsa-sha256; cv=none; b=YgzyzuSSfVUhpJvGeXTjkEpslYTmtbjGLbYrjA5i69wo1n3fY3VrAqJaXioY+kldvVFdR6 oxCGMIPjCHhRZLYAwyftcRosi4OCWOwGo1exVvsbi2zcBkFER2B6+qKhdqFS+ofbGhHqxy WVl6OLw5Ugq3V9Rc8t7yEc8hm91dwlhY+9ADpUgxg0FvVjmHo25Y4MJiDD85J5Hh2PrYg6 DFb+yfkKynubfXu2/qagkge3R3QxmGwWx3RWnHcNwamBLqgdFc//VmWkiopCZ7DyKm9JCm 9hmrIpADYL6gko4hP0SU4583aYc2Xmf+9JbQl4wDlltm3DdluIUwXLmyyt4msg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1744826578; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=kLDRJepgwxJ8wJ01l4p8uN4P6hHeoAzGqhlhlhwq0Hs=; b=OOVxb4VINnQ1G62+w2yEqrPbl0qF8a7jF7ff7jP78Id6zX61U8LE5h3tDaxq1N8GEFKFWK NWguW+kuST8QDZT/iugxHalqGW0ZyVP7jy0B5VUGeMSLQNg0MmV0ilJ2KwsDzxtheN71e+ JcyBM4EDyyDCpmv1irvojYg/SAOptiqbSRp44agub6gCk2r64YS8nLkjh2QLKQaLu07SQO Q4FFxCk/KJTMQLfWsbLjzrLA5MwuGz8mtMrk1UkhX7qT3HtWu5vfBQ0Q+iGMkzp/j3S/5x ugt0sQfDbDcsQ5gyVJDoi7vMUUlVklXb+1sJ4l2Y+LvKCXQz6kzmjx/ShPmUVg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Zd85G2rFVz1Rpc; Wed, 16 Apr 2025 18:02:58 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 53GI2w5o075933; Wed, 16 Apr 2025 18:02:58 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 53GI2wqC075930; Wed, 16 Apr 2025 18:02:58 GMT (envelope-from git) Date: Wed, 16 Apr 2025 18:02:58 GMT Message-Id: <202504161802.53GI2wqC075930@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Kristof Provost Subject: git: 911d74bcbd7a - main - pf: simplify pf_patch* arguments List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kp X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 911d74bcbd7aa4202f1ee7251ac6b01af7fbfe4c Auto-Submitted: auto-generated The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=911d74bcbd7aa4202f1ee7251ac6b01af7fbfe4c commit 911d74bcbd7aa4202f1ee7251ac6b01af7fbfe4c Author: Kristof Provost AuthorDate: 2025-04-16 10:17:45 +0000 Commit: Kristof Provost CommitDate: 2025-04-16 14:23:49 +0000 pf: simplify pf_patch* arguments Pass struct pf_pdesc rather than separate arguments. Sponsored by: Rubicon Communications, LLC ("Netgate") --- sys/net/pfvar.h | 6 ++---- sys/netpfil/pf/pf.c | 42 +++++++++++++++++++----------------------- sys/netpfil/pf/pf_norm.c | 18 ++++++------------ 3 files changed, 27 insertions(+), 39 deletions(-) diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h index a38525353a9c..b216b888832f 100644 --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -2453,10 +2453,8 @@ void pf_change_a(void *, u_int16_t *, u_int32_t, u_int8_t); void pf_change_proto_a(struct mbuf *, void *, u_int16_t *, u_int32_t, u_int8_t); void pf_change_tcp_a(struct mbuf *, void *, u_int16_t *, u_int32_t); -void pf_patch_16_unaligned(struct mbuf *, u_int16_t *, void *, u_int16_t, - bool, u_int8_t); -void pf_patch_32_unaligned(struct mbuf *, u_int16_t *, void *, u_int32_t, - bool, u_int8_t); +void pf_patch_16_unaligned(struct pf_pdesc *, void *, u_int16_t, bool); +void pf_patch_32_unaligned(struct pf_pdesc *, void *, u_int32_t, bool); void pf_send_deferred_syn(struct pf_kstate *); int pf_match_addr(u_int8_t, const struct pf_addr *, const struct pf_addr *, const struct pf_addr *, sa_family_t); diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index 97d332bd348c..24963d010e04 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -381,8 +381,8 @@ static int pf_walk_header6(struct pf_pdesc *, struct ip6_hdr *, u_short *); static void pf_print_state_parts(struct pf_kstate *, struct pf_state_key *, struct pf_state_key *); -static void pf_patch_8(struct mbuf *, u_int16_t *, u_int8_t *, u_int8_t, - bool, u_int8_t); +static void pf_patch_8(struct pf_pdesc *, u_int8_t *, u_int8_t, + bool); static struct pf_kstate *pf_find_state(struct pfi_kkif *, const struct pf_state_key_cmp *, u_int); static bool pf_src_connlimit(struct pf_kstate *); @@ -3216,8 +3216,7 @@ pf_cksum_fixup(u_int16_t cksum, u_int16_t old, u_int16_t new, u_int8_t udp) } static void -pf_patch_8(struct mbuf *m, u_int16_t *cksum, u_int8_t *f, u_int8_t v, bool hi, - u_int8_t udp) +pf_patch_8(struct pf_pdesc *pd, u_int8_t *f, u_int8_t v, bool hi) { u_int16_t old = htons(hi ? (*f << 8) : *f); u_int16_t new = htons(hi ? ( v << 8) : v); @@ -3227,34 +3226,33 @@ pf_patch_8(struct mbuf *m, u_int16_t *cksum, u_int8_t *f, u_int8_t v, bool hi, *f = v; - if (m->m_pkthdr.csum_flags & (CSUM_DELAY_DATA | CSUM_DELAY_DATA_IPV6)) + if (pd->m->m_pkthdr.csum_flags & (CSUM_DELAY_DATA | CSUM_DELAY_DATA_IPV6)) return; - *cksum = pf_cksum_fixup(*cksum, old, new, udp); + *pd->pcksum = pf_cksum_fixup(*pd->pcksum, old, new, + pd->proto == IPPROTO_UDP); } void -pf_patch_16_unaligned(struct mbuf *m, u_int16_t *cksum, void *f, u_int16_t v, - bool hi, u_int8_t udp) +pf_patch_16_unaligned(struct pf_pdesc *pd, void *f, u_int16_t v, bool hi) { u_int8_t *fb = (u_int8_t *)f; u_int8_t *vb = (u_int8_t *)&v; - pf_patch_8(m, cksum, fb++, *vb++, hi, udp); - pf_patch_8(m, cksum, fb++, *vb++, !hi, udp); + pf_patch_8(pd, fb++, *vb++, hi); + pf_patch_8(pd, fb++, *vb++, !hi); } void -pf_patch_32_unaligned(struct mbuf *m, u_int16_t *cksum, void *f, u_int32_t v, - bool hi, u_int8_t udp) +pf_patch_32_unaligned(struct pf_pdesc *pd, void *f, u_int32_t v, bool hi) { u_int8_t *fb = (u_int8_t *)f; u_int8_t *vb = (u_int8_t *)&v; - pf_patch_8(m, cksum, fb++, *vb++, hi, udp); - pf_patch_8(m, cksum, fb++, *vb++, !hi, udp); - pf_patch_8(m, cksum, fb++, *vb++, hi, udp); - pf_patch_8(m, cksum, fb++, *vb++, !hi, udp); + pf_patch_8(pd, fb++, *vb++, hi); + pf_patch_8(pd, fb++, *vb++, !hi); + pf_patch_8(pd, fb++, *vb++, hi); + pf_patch_8(pd, fb++, *vb++, !hi); } u_int16_t @@ -3952,16 +3950,14 @@ pf_modulate_sack(struct pf_pdesc *pd, struct tcphdr *th, for (i = 2; i + TCPOLEN_SACK <= olen; i += TCPOLEN_SACK) { memcpy(&sack, &opt[i], sizeof(sack)); - pf_patch_32_unaligned(pd->m, - &th->th_sum, &sack.start, + pf_patch_32_unaligned(pd, + &sack.start, htonl(ntohl(sack.start) - dst->seqdiff), - PF_ALGNMNT(startoff), - 0); - pf_patch_32_unaligned(pd->m, &th->th_sum, + PF_ALGNMNT(startoff)); + pf_patch_32_unaligned(pd, &sack.end, htonl(ntohl(sack.end) - dst->seqdiff), - PF_ALGNMNT(startoff), - 0); + PF_ALGNMNT(startoff)); memcpy(&opt[i], &sack, sizeof(sack)); } copyback = 1; diff --git a/sys/netpfil/pf/pf_norm.c b/sys/netpfil/pf/pf_norm.c index 1bf672f39204..10e740d33b0d 100644 --- a/sys/netpfil/pf/pf_norm.c +++ b/sys/netpfil/pf/pf_norm.c @@ -1633,13 +1633,11 @@ pf_normalize_tcp_stateful(struct pf_pdesc *pd, (src->scrub->pfss_flags & PFSS_TIMESTAMP)) { tsval = ntohl(tsval); - pf_patch_32_unaligned(pd->m, - &th->th_sum, + pf_patch_32_unaligned(pd, &opt[2], htonl(tsval + src->scrub->pfss_ts_mod), - PF_ALGNMNT(startoff), - 0); + PF_ALGNMNT(startoff)); copyback = 1; } @@ -1651,12 +1649,10 @@ pf_normalize_tcp_stateful(struct pf_pdesc *pd, PFSS_TIMESTAMP)) { tsecr = ntohl(tsecr) - dst->scrub->pfss_ts_mod; - pf_patch_32_unaligned(pd->m, - &th->th_sum, + pf_patch_32_unaligned(pd, &opt[6], htonl(tsecr), - PF_ALGNMNT(startoff), - 0); + PF_ALGNMNT(startoff)); copyback = 1; } got_ts = 1; @@ -1978,11 +1974,9 @@ pf_normalize_mss(struct pf_pdesc *pd) case TCPOPT_MAXSEG: mss = (u_int16_t *)(optp + 2); if ((ntohs(*mss)) > pd->act.max_mss) { - pf_patch_16_unaligned(pd->m, - &th->th_sum, + pf_patch_16_unaligned(pd, mss, htons(pd->act.max_mss), - PF_ALGNMNT(startoff), - 0); + PF_ALGNMNT(startoff)); m_copyback(pd->m, pd->off + sizeof(*th), thoff - sizeof(*th), opts); m_copyback(pd->m, pd->off, sizeof(*th), (caddr_t)th);