git: d9653edbaeae - stable/12 - pf: Factor out pf_krule_free()

[Kristof Provost]

The branch stable/12 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=d9653edbaeae779ed331d1d7331ded1348f2b980

commit d9653edbaeae779ed331d1d7331ded1348f2b980
Author:     Kristof Provost <kp at FreeBSD.org>
AuthorDate: 2021-03-10 10:10:04 +0000
Commit:     Kristof Provost <kp at FreeBSD.org>
CommitDate: 2021-03-19 22:38:45 +0000

    pf: Factor out pf_krule_free()
    
    Reviewed by:    melifaro@
    MFC after:      1 week
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    Differential Revision:  https://reviews.freebsd.org/D29194
    
    (cherry picked from commit 5e9dae8e149ae8848f52148b665f3a0d031ca40f)
---
 sys/net/pfvar.h           |  2 ++
 sys/netpfil/pf/pf_ioctl.c | 50 ++++++++++++++++++++---------------------------
 2 files changed, 23 insertions(+), 29 deletions(-)

diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h
index 3a535d04f12f..ef25bfc85605 100644
--- a/sys/net/pfvar.h
+++ b/sys/net/pfvar.h
@@ -1641,6 +1641,8 @@ void			 pf_remove_if_empty_kruleset(struct pf_kruleset *);
 struct pf_kruleset	*pf_find_kruleset(const char *);
 struct pf_kruleset	*pf_find_or_create_kruleset(const char *);
 void			 pf_rs_initialize(void);
+
+void			 pf_krule_free(struct pf_krule *);
 #endif
 
 /* The fingerprint functions can be linked into userland programs (tcpdump) */
diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c
index c3e8d0459c88..02ad40c6abd9 100644
--- a/sys/netpfil/pf/pf_ioctl.c
+++ b/sys/netpfil/pf/pf_ioctl.c
@@ -466,15 +466,8 @@ pf_free_rule(struct pf_krule *rule)
 		pfi_kkif_unref(rule->kif);
 	pf_kanchor_remove(rule);
 	pf_empty_kpool(&rule->rpool.list);
-	counter_u64_free(rule->evaluations);
-	for (int i = 0; i < 2; i++) {
-		counter_u64_free(rule->packets[i]);
-		counter_u64_free(rule->bytes[i]);
-	}
-	counter_u64_free(rule->states_cur);
-	counter_u64_free(rule->states_tot);
-	counter_u64_free(rule->src_nodes);
-	free(rule, M_PFRULE);
+
+	pf_krule_free(rule);
 }
 
 static void
@@ -1436,6 +1429,23 @@ pf_altq_get_nth_active(u_int32_t n)
 }
 #endif /* ALTQ */
 
+void
+pf_krule_free(struct pf_krule *rule)
+{
+	if (rule == NULL)
+		return;
+
+	counter_u64_free(rule->evaluations);
+	for (int i = 0; i < 2; i++) {
+		counter_u64_free(rule->packets[i]);
+		counter_u64_free(rule->bytes[i]);
+	}
+	counter_u64_free(rule->states_cur);
+	counter_u64_free(rule->states_tot);
+	counter_u64_free(rule->src_nodes);
+	free(rule, M_PFRULE);
+}
+
 static void
 pf_kpooladdr_to_pooladdr(const struct pf_kpooladdr *kpool,
     struct pf_pooladdr *pool)
@@ -2002,15 +2012,7 @@ pfioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags, struct thread *td
 #undef ERROUT
 DIOCADDRULE_error:
 		PF_RULES_WUNLOCK();
-		counter_u64_free(rule->evaluations);
-		for (int i = 0; i < 2; i++) {
-			counter_u64_free(rule->packets[i]);
-			counter_u64_free(rule->bytes[i]);
-		}
-		counter_u64_free(rule->states_cur);
-		counter_u64_free(rule->states_tot);
-		counter_u64_free(rule->src_nodes);
-		free(rule, M_PFRULE);
+		pf_krule_free(rule);
 		if (kif)
 			pf_kkif_free(kif);
 		break;
@@ -2310,17 +2312,7 @@ DIOCADDRULE_error:
 #undef ERROUT
 DIOCCHANGERULE_error:
 		PF_RULES_WUNLOCK();
-		if (newrule != NULL) {
-			counter_u64_free(newrule->evaluations);
-			for (int i = 0; i < 2; i++) {
-				counter_u64_free(newrule->packets[i]);
-				counter_u64_free(newrule->bytes[i]);
-			}
-			counter_u64_free(newrule->states_cur);
-			counter_u64_free(newrule->states_tot);
-			counter_u64_free(newrule->src_nodes);
-			free(newrule, M_PFRULE);
-		}
+		pf_krule_free(newrule);
 		if (kif != NULL)
 			pf_kkif_free(kif);
 		break;