git: f520c87f3a09 - stable/12 - Revert "pf: Limit the maximum number of fragments per packet"

Sun Feb 28 16:03:58 UTC 2021

The branch stable/12 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=f520c87f3a0993e9b1e872f38177639468f2e64c

commit f520c87f3a0993e9b1e872f38177639468f2e64c
Author:     Kristof Provost <kp at FreeBSD.org>
AuthorDate: 2018-11-02 15:01:59 +0000
Commit:     Kristof Provost <kp at FreeBSD.org>
CommitDate: 2021-02-28 15:36:05 +0000

    Revert "pf: Limit the maximum number of fragments per packet"
    
    This reverts commit r337969.
    We'll handle this the OpenBSD way, in upcoming commits.
    
    (cherry picked from commit 19a22ae31328d9a960732a0904116c1b5566351b)
---
 sys/netpfil/pf/pf_norm.c | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/sys/netpfil/pf/pf_norm.c b/sys/netpfil/pf/pf_norm.c
index b453bda84721..cadc7a73dca4 100644
--- a/sys/netpfil/pf/pf_norm.c
+++ b/sys/netpfil/pf/pf_norm.c
@@ -91,10 +91,8 @@ struct pf_fragment {
 	TAILQ_ENTRY(pf_fragment) frag_next;
 	uint32_t	fr_timeout;
 	uint16_t	fr_maxlen;	/* maximum length of single fragment */
-	uint16_t	fr_entries;	/* Total number of pf_fragment entries */
 	TAILQ_HEAD(pf_fragq, pf_frent) fr_queue;
 };
-#define PF_MAX_FRENT_PER_FRAGMENT	64
 
 struct pf_fragment_tag {
 	uint16_t	ft_hdrlen;	/* header length of reassembled pkt */
@@ -386,7 +384,6 @@ pf_fillup_fragment(struct pf_fragment_cmp *key, struct pf_frent *frent,
 		*(struct pf_fragment_cmp *)frag = *key;
 		frag->fr_timeout = time_uptime;
 		frag->fr_maxlen = frent->fe_len;
-		frag->fr_entries = 0;
 		TAILQ_INIT(&frag->fr_queue);
 
 		RB_INSERT(pf_frag_tree, &V_pf_frag_tree, frag);
@@ -398,9 +395,6 @@ pf_fillup_fragment(struct pf_fragment_cmp *key, struct pf_frent *frent,
 		return (frag);
 	}
 
-	if (frag->fr_entries >= PF_MAX_FRENT_PER_FRAGMENT)
-		goto bad_fragment;
-
 	KASSERT(!TAILQ_EMPTY(&frag->fr_queue), ("!TAILQ_EMPTY()->fr_queue"));
 
 	/* Remember maximum fragment len for refragmentation. */
@@ -473,8 +467,6 @@ pf_fillup_fragment(struct pf_fragment_cmp *key, struct pf_frent *frent,
 	else
 		TAILQ_INSERT_AFTER(&frag->fr_queue, prev, frent, fr_next);
 
-	frag->fr_entries++;
-
 	return (frag);
 
 bad_fragment:
