svn commit: r304043 - head/sys/netpfil/ipfw

Sat Aug 13 15:48:57 UTC 2016

Author: ae
Date: Sat Aug 13 15:48:56 2016
New Revision: 304043
URL: https://svnweb.freebsd.org/changeset/base/304043

Log:
  Add three helper function to manage tables from external modules.
  
  ipfw_objhash_lookup_table_kidx does lookup kernel index of table;
  ipfw_ref_table/ipfw_unref_table takes and releases reference to table.
  
  Obtained from:	Yandex LLC
  Sponsored by:	Yandex LLC

Modified:
  head/sys/netpfil/ipfw/ip_fw_private.h
  head/sys/netpfil/ipfw/ip_fw_table.c

Modified: head/sys/netpfil/ipfw/ip_fw_private.h
==============================================================================

--- head/sys/netpfil/ipfw/ip_fw_private.h	Sat Aug 13 15:48:34 2016	(r304042)
+++ head/sys/netpfil/ipfw/ip_fw_private.h	Sat Aug 13 15:48:56 2016	(r304043)
@@ -743,8 +743,12 @@ typedef int (table_lookup_t)(struct tabl
 
 int ipfw_lookup_table(struct ip_fw_chain *ch, uint16_t tbl, in_addr_t addr,
     uint32_t *val);
-int ipfw_lookup_table_extended(struct ip_fw_chain *ch, uint16_t tbl, uint16_t plen,
-    void *paddr, uint32_t *val);
+int ipfw_lookup_table_extended(struct ip_fw_chain *ch, uint16_t tbl,
+    uint16_t plen, void *paddr, uint32_t *val);
+struct named_object *ipfw_objhash_lookup_table_kidx(struct ip_fw_chain *ch,
+    uint16_t kidx);
+int ipfw_ref_table(struct ip_fw_chain *ch, ipfw_obj_ntlv *ntlv, uint16_t *kidx);
+void ipfw_unref_table(struct ip_fw_chain *ch, uint16_t kidx);
 int ipfw_init_tables(struct ip_fw_chain *ch, int first);
 int ipfw_resize_tables(struct ip_fw_chain *ch, unsigned int ntables);
 int ipfw_switch_tables_namespace(struct ip_fw_chain *ch, unsigned int nsets);

Modified: head/sys/netpfil/ipfw/ip_fw_table.c
==============================================================================
--- head/sys/netpfil/ipfw/ip_fw_table.c	Sat Aug 13 15:48:34 2016	(r304042)
+++ head/sys/netpfil/ipfw/ip_fw_table.c	Sat Aug 13 15:48:56 2016	(r304043)
@@ -1602,6 +1602,57 @@ ipfw_resize_tables(struct ip_fw_chain *c
 }
 
 /*
+ * Lookup table's named object by its @kidx.
+ */
+struct named_object *
+ipfw_objhash_lookup_table_kidx(struct ip_fw_chain *ch, uint16_t kidx)
+{
+
+	return (ipfw_objhash_lookup_kidx(CHAIN_TO_NI(ch), kidx));
+}
+
+/*
+ * Take reference to table specified in @ntlv.
+ * On success return its @kidx.
+ */
+int
+ipfw_ref_table(struct ip_fw_chain *ch, ipfw_obj_ntlv *ntlv, uint16_t *kidx)
+{
+	struct tid_info ti;
+	struct table_config *tc;
+	int error;
+
+	IPFW_UH_WLOCK_ASSERT(ch);
+
+	ntlv_to_ti(ntlv, &ti);
+	error = find_table_err(CHAIN_TO_NI(ch), &ti, &tc);
+	if (error != 0)
+		return (error);
+
+	if (tc == NULL)
+		return (ESRCH);
+
+	tc_ref(tc);
+	*kidx = tc->no.kidx;
+
+	return (0);
+}
+
+void
+ipfw_unref_table(struct ip_fw_chain *ch, uint16_t kidx)
+{
+
+	struct namedobj_instance *ni;
+	struct named_object *no;
+
+	IPFW_UH_WLOCK_ASSERT(ch);
+	ni = CHAIN_TO_NI(ch);
+	no = ipfw_objhash_lookup_kidx(ni, kidx);
+	KASSERT(no != NULL, ("Table with index %d not found", kidx));
+	no->refcnt--;
+}
+
+/*
  * Lookup an IP @addr in table @tbl.
  * Stores found value in @val.
  *
