git: 26c841e2a402 - main - pf: Allocate and free pfi_kkif in separate functions

Kristof Provost kp at FreeBSD.org
Tue Jan 5 22:37:55 UTC 2021 

The branch main has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=26c841e2a402ed43896313d1b3f00facaa9d839f

commit 26c841e2a402ed43896313d1b3f00facaa9d839f
Author:     Kristof Provost <kp at FreeBSD.org>
AuthorDate: 2020-12-13 10:36:54 +0000
Commit:     Kristof Provost <kp at FreeBSD.org>
CommitDate: 2021-01-05 22:35:37 +0000

    pf: Allocate and free pfi_kkif in separate functions
    
    Factor out allocating and freeing pfi_kkif structures. This will be
    useful when we change the counters to be counter_u64, so we don't have
    to deal with that complexity in the multiple locations where we allocate
    pfi_kkif structures.
    
    No functional change.
    
    MFC after:      2 weeks
    Sponsored by:   Orange Business Services
    Differential Revision:  https://reviews.freebsd.org/D27762
---
 sys/net/pfvar.h           |  3 +++
 sys/netpfil/pf/pf_if.c    | 41 ++++++++++++++++++++++++++++++-----------
 sys/netpfil/pf/pf_ioctl.c | 16 ++++++++--------
 3 files changed, 41 insertions(+), 19 deletions(-)

diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h
index d72d06490040..65328941ff01 100644
--- a/sys/net/pfvar.h
+++ b/sys/net/pfvar.h
@@ -1675,6 +1675,9 @@ struct pf_krule		*pf_get_translation(struct pf_pdesc *, struct mbuf *,
 struct pf_state_key	*pf_state_key_setup(struct pf_pdesc *, struct pf_addr *,
 			    struct pf_addr *, u_int16_t, u_int16_t);
 struct pf_state_key	*pf_state_key_clone(struct pf_state_key *);
+
+struct pfi_kkif		*pf_kkif_create(int);
+void			 pf_kkif_free(struct pfi_kkif *);
 #endif /* _KERNEL */
 
 #endif /* _NET_PFVAR_H_ */
diff --git a/sys/netpfil/pf/pf_if.c b/sys/netpfil/pf/pf_if.c
index aa10f0cc9a54..5c389d7a45c5 100644
--- a/sys/netpfil/pf/pf_if.c
+++ b/sys/netpfil/pf/pf_if.c
@@ -133,7 +133,7 @@ pfi_initialize_vnet(void)
 		nkifs++;
 
 	for (int n = 0; n < nkifs; n++) {
-		kif = malloc(sizeof(*kif), PFI_MTYPE, M_WAITOK);
+		kif = pf_kkif_create(M_WAITOK);
 		LIST_INSERT_HEAD(&kifs, kif, pfik_list);
 	}
 
@@ -193,13 +193,13 @@ pfi_cleanup_vnet(void)
 			if_rele(kif->pfik_ifp);
 			kif->pfik_ifp->if_pf_kif = NULL;
 		}
-		free(kif, PFI_MTYPE);
+		pf_kkif_free(kif);
 	}
 
 	mtx_lock(&pfi_unlnkdkifs_mtx);
 	while ((kif = LIST_FIRST(&V_pfi_unlinked_kifs))) {
 		LIST_REMOVE(kif, pfik_list);
-		free(kif, PFI_MTYPE);
+		pf_kkif_free(kif);
 	}
 	mtx_unlock(&pfi_unlnkdkifs_mtx);
 
@@ -218,6 +218,25 @@ pfi_cleanup(void)
 	EVENTHANDLER_DEREGISTER(ifaddr_event, pfi_ifaddr_event_cookie);
 }
 
+struct pfi_kkif*
+pf_kkif_create(int flags)
+{
+	struct pfi_kkif *kif;
+
+	kif = malloc(sizeof(*kif), PFI_MTYPE, flags);
+
+	return (kif);
+}
+
+void
+pf_kkif_free(struct pfi_kkif *kif)
+{
+	if (! kif)
+		return;
+
+	free(kif, PFI_MTYPE);
+}
+
 struct pfi_kkif *
 pfi_kkif_find(const char *kif_name)
 {
@@ -241,7 +260,7 @@ pfi_kkif_attach(struct pfi_kkif *kif, const char *kif_name)
 
 	kif1 = pfi_kkif_find(kif_name);
 	if (kif1 != NULL) {
-		free(kif, PFI_MTYPE);
+		pf_kkif_free(kif);
 		return (kif1);
 	}
 
@@ -310,7 +329,7 @@ pfi_kkif_purge(void)
 	LIST_FOREACH_SAFE(kif, &V_pfi_unlinked_kifs, pfik_list, kif1) {
 		if (!(kif->pfik_flags & PFI_IFLAG_REFS)) {
 			LIST_REMOVE(kif, pfik_list);
-			free(kif, PFI_MTYPE);
+			pf_kkif_free(kif);
 		} else
 			kif->pfik_flags &= ~PFI_IFLAG_REFS;
 	}
@@ -415,7 +434,7 @@ pfi_dynaddr_setup(struct pf_addr_wrap *aw, sa_family_t af)
 	if ((dyn = malloc(sizeof(*dyn), PFI_MTYPE, M_NOWAIT | M_ZERO)) == NULL)
 		return (ENOMEM);
 
-	if ((kif = malloc(sizeof(*kif), PFI_MTYPE, M_NOWAIT)) == NULL) {
+	if ((kif = pf_kkif_create(M_NOWAIT)) == NULL) {
 		free(dyn, PFI_MTYPE);
 		return (ENOMEM);
 	}
@@ -825,7 +844,7 @@ pfi_set_flags(const char *name, int flags)
 	struct epoch_tracker et;
 	struct pfi_kkif	*p, *kif;
 
-	kif = malloc(sizeof(*kif), PFI_MTYPE, M_NOWAIT);
+	kif = pf_kkif_create(M_NOWAIT);
 	if (kif == NULL)
 		return (ENOMEM);
 
@@ -858,7 +877,7 @@ pfi_clear_flags(const char *name, int flags)
 		    p->pfik_flags == 0 && p->pfik_rulerefs == 0) {
 			/* Delete this kif. */
 			RB_REMOVE(pfi_ifhead, &V_pfi_ifs, p);
-			free(p, PFI_MTYPE);
+			pf_kkif_free(p);
 		}
 	}
 	NET_EPOCH_EXIT(et);
@@ -895,7 +914,7 @@ pfi_attach_ifnet_event(void *arg __unused, struct ifnet *ifp)
 		/* Avoid teardown race in the least expensive way. */
 		return;
 	}
-	kif = malloc(sizeof(*kif), PFI_MTYPE, M_WAITOK);
+	kif = pf_kkif_create(M_NOWAIT);
 	NET_EPOCH_ENTER(et);
 	PF_RULES_WLOCK();
 	pfi_attach_ifnet(ifp, kif);
@@ -950,7 +969,7 @@ pfi_attach_group_event(void *arg __unused, struct ifg_group *ifg)
 		/* Avoid teardown race in the least expensive way. */
 		return;
 	}
-	kif = malloc(sizeof(*kif), PFI_MTYPE, M_WAITOK);
+	kif = pf_kkif_create(M_WAITOK);
 	NET_EPOCH_ENTER(et);
 	PF_RULES_WLOCK();
 	pfi_attach_ifgroup(ifg, kif);
@@ -969,7 +988,7 @@ pfi_change_group_event(void *arg __unused, char *gname)
 		return;
 	}
 
-	kif = malloc(sizeof(*kif), PFI_MTYPE, M_WAITOK);
+	kif = pf_kkif_create(M_WAITOK);
 	NET_EPOCH_ENTER(et);
 	PF_RULES_WLOCK();
 	V_pfi_update++;
diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c
index 9ba9e4315baa..b6e2ec98ddce 100644
--- a/sys/netpfil/pf/pf_ioctl.c
+++ b/sys/netpfil/pf/pf_ioctl.c
@@ -1837,7 +1837,7 @@ pfioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags, struct thread *td
 		pf_rule_to_krule(&pr->rule, rule);
 
 		if (rule->ifname[0])
-			kif = malloc(sizeof(*kif), PFI_MTYPE, M_WAITOK);
+			kif = pf_kkif_create(M_WAITOK);
 		rule->evaluations = counter_u64_alloc(M_WAITOK);
 		for (int i = 0; i < 2; i++) {
 			rule->packets[i] = counter_u64_alloc(M_WAITOK);
@@ -1979,7 +1979,7 @@ DIOCADDRULE_error:
 		counter_u64_free(rule->src_nodes);
 		free(rule, M_PFRULE);
 		if (kif)
-			free(kif, PFI_MTYPE);
+			pf_kkif_free(kif);
 		break;
 	}
 
@@ -2106,7 +2106,7 @@ DIOCADDRULE_error:
 			pf_rule_to_krule(&pcr->rule, newrule);
 
 			if (newrule->ifname[0])
-				kif = malloc(sizeof(*kif), PFI_MTYPE, M_WAITOK);
+				kif = pf_kkif_create(M_WAITOK);
 			newrule->evaluations = counter_u64_alloc(M_WAITOK);
 			for (int i = 0; i < 2; i++) {
 				newrule->packets[i] =
@@ -2296,7 +2296,7 @@ DIOCCHANGERULE_error:
 			free(newrule, M_PFRULE);
 		}
 		if (kif != NULL)
-			free(kif, PFI_MTYPE);
+			pf_kkif_free(kif);
 		break;
 	}
 
@@ -2932,12 +2932,12 @@ DIOCGETSTATES_full:
 		pa = malloc(sizeof(*pa), M_PFRULE, M_WAITOK);
 		pf_pooladdr_to_kpooladdr(&pp->addr, pa);
 		if (pa->ifname[0])
-			kif = malloc(sizeof(*kif), PFI_MTYPE, M_WAITOK);
+			kif = pf_kkif_create(M_WAITOK);
 		PF_RULES_WLOCK();
 		if (pp->ticket != V_ticket_pabuf) {
 			PF_RULES_WUNLOCK();
 			if (pa->ifname[0])
-				free(kif, PFI_MTYPE);
+				pf_kkif_free(kif);
 			free(pa, M_PFRULE);
 			error = EBUSY;
 			break;
@@ -3049,7 +3049,7 @@ DIOCGETSTATES_full:
 			newpa = malloc(sizeof(*newpa), M_PFRULE, M_WAITOK);
 			bcopy(&pca->addr, newpa, sizeof(struct pf_pooladdr));
 			if (newpa->ifname[0])
-				kif = malloc(sizeof(*kif), PFI_MTYPE, M_WAITOK);
+				kif = pf_kkif_create(M_WAITOK);
 			newpa->kif = NULL;
 		}
 #define	ERROUT(x)	{ error = (x); goto DIOCCHANGEADDR_error; }
@@ -3140,7 +3140,7 @@ DIOCCHANGEADDR_error:
 		}
 		PF_RULES_WUNLOCK();
 		if (kif != NULL)
-			free(kif, PFI_MTYPE);
+			pf_kkif_free(kif);
 		break;
 	}

More information about the dev-commits-src-all mailing list