[src/trunk]: src/sys - Rewrite parts of pfil(9): use array to store hooks and...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/sys - Rewrite parts of pfil(9): use array to store hooks and...
From: rmind <rmind%NetBSD.org@localhost>
Date: Tue, 07 Apr 2020 00:53:04 +0000
details:   https://anonhg.NetBSD.org/src/rev/a79f06e180ca
branches:  trunk
changeset: 787727:a79f06e180ca
user:      rmind <rmind%NetBSD.org@localhost>
date:      Sat Jun 29 21:06:57 2013 +0000

description:
- Rewrite parts of pfil(9): use array to store hooks and thus be more cache
  friendly (there are only few hooks in the system).  Make the structures
  opaque and the interface more strict.
- Remove PFIL_HOOKS option by making pfil(9) mandatory.

diffstat:

 sys/conf/files                               |    5 +-
 sys/external/bsd/ipf/netinet/ip_fil.h        |    4 +-
 sys/external/bsd/ipf/netinet/ip_fil_netbsd.c |   19 +-
 sys/net/if.c                                 |   36 +-
 sys/net/if.h                                 |    4 +-
 sys/net/if_bridge.c                          |   45 +-
 sys/net/if_ecosubr.c                         |   13 +-
 sys/net/if_ethersubr.c                       |   13 +-
 sys/net/if_pppoe.c                           |   28 +-
 sys/net/if_spppsubr.c                        |   23 +-
 sys/net/npf/npf_handler.c                    |   20 +-
 sys/net/pfil.c                               |  379 +++++++++++++-------------
 sys/net/pfil.h                               |   85 +-----
 sys/netinet/in.c                             |   25 +-
 sys/netinet/ip_input.c                       |   23 +-
 sys/netinet/ip_output.c                      |   13 +-
 sys/netinet6/in6.c                           |   18 +-
 sys/netinet6/ip6_forward.c                   |   20 +-
 sys/netinet6/ip6_input.c                     |   26 +-
 sys/netinet6/ip6_output.c                    |   16 +-
 20 files changed, 325 insertions(+), 490 deletions(-)

diffs (truncated from 1788 to 300 lines):

diff -r ddb01792b439 -r a79f06e180ca sys/conf/files
--- a/sys/conf/files    Sat Jun 29 20:44:52 2013 +0000
+++ b/sys/conf/files    Sat Jun 29 21:06:57 2013 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: files,v 1.1076 2013/06/24 16:19:43 jakllsch Exp $
+#      $NetBSD: files,v 1.1077 2013/06/29 21:06:57 rmind Exp $
 #      @(#)files.newconf       7.5 (Berkeley) 5/10/93
 
 version        20100430
@@ -212,7 +212,6 @@
 obsolete defparam opt_md.h     MEMORY_RBFLAGS  # superseded by
                                                # MEMORY_DISK_RBFLAGS
 
-defflag                                PFIL_HOOKS      # pfil(9)
 defflag        opt_bridge_ipf.h        BRIDGE_IPF      # bridge(4) use inet_pfil_hooks
 defflag        opt_ppp.h               PPP_DEFLATE PPP_BSDCOMP PPP_FILTER
                                                # Include deflate or bsd
@@ -1693,7 +1692,7 @@
 file   net/if_tun.c                    tun
 file   net/if_vlan.c                   vlan                    needs-flag
 file   net/if_pppoe.c                  pppoe                   needs-flag
-file   net/pfil.c                      pfil_hooks | ipfilter | pf
+file   net/pfil.c
 file   net/ppp-deflate.c               ppp & ppp_deflate
 file   net/ppp_tty.c                   ppp
 file   net/net_stats.c
diff -r ddb01792b439 -r a79f06e180ca sys/external/bsd/ipf/netinet/ip_fil.h
--- a/sys/external/bsd/ipf/netinet/ip_fil.h     Sat Jun 29 20:44:52 2013 +0000
+++ b/sys/external/bsd/ipf/netinet/ip_fil.h     Sat Jun 29 21:06:57 2013 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ip_fil.h,v 1.4 2012/09/15 16:56:45 plunky Exp $        */
+/*     $NetBSD: ip_fil.h,v 1.5 2013/06/29 21:06:57 rmind Exp $ */
 
 /*
  * Copyright (C) 2012 by Darren Reed.
@@ -1455,7 +1455,7 @@
 #if (defined(NetBSD) && (NetBSD > 199609) && (NetBSD <= 1991011)) || \
     (defined(NetBSD1_2) && NetBSD1_2 > 1) || \
     (defined(__FreeBSD__) && (__FreeBSD_version >= 500043))
-# if (NetBSD >= 199905)
+# if (NetBSD >= 199905) && !defined(PFIL_HOOKS)
 #  define PFIL_HOOKS
 # endif
 # ifdef PFIL_HOOKS
diff -r ddb01792b439 -r a79f06e180ca sys/external/bsd/ipf/netinet/ip_fil_netbsd.c
--- a/sys/external/bsd/ipf/netinet/ip_fil_netbsd.c      Sat Jun 29 20:44:52 2013 +0000
+++ b/sys/external/bsd/ipf/netinet/ip_fil_netbsd.c      Sat Jun 29 21:06:57 2013 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ip_fil_netbsd.c,v 1.4 2013/01/15 03:39:16 msaitoh Exp $        */
+/*     $NetBSD: ip_fil_netbsd.c,v 1.5 2013/06/29 21:06:57 rmind Exp $  */
 
 /*
  * Copyright (C) 2012 by Darren Reed.
@@ -8,7 +8,7 @@
 #if !defined(lint)
 #if defined(__NetBSD__)
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_fil_netbsd.c,v 1.4 2013/01/15 03:39:16 msaitoh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_fil_netbsd.c,v 1.5 2013/06/29 21:06:57 rmind Exp $");
 #else
 static const char sccsid[] = "@(#)ip_fil.c     2.41 6/5/96 (C) 1993-2000 Darren Reed";
 static const char rcsid[] = "@(#)Id: ip_fil_netbsd.c,v 1.1.1.2 2012/07/22 13:45:17 darrenr Exp";
@@ -23,7 +23,6 @@
 #endif
 #include <sys/param.h>
 #if (NetBSD >= 199905) && !defined(IPFILTER_LKM)
-# include "opt_pfil_hooks.h"
 # include "opt_ipsec.h"
 #endif
 #include <sys/errno.h>
@@ -326,12 +325,12 @@
 #if defined(NETBSD_PF) && (__NetBSD_Version__ >= 104200000)
        int error = 0;
 # if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 105110000)
-        struct pfil_head *ph_inet;
+        pfil_head_t *ph_inet;
 #  ifdef USE_INET6
-        struct pfil_head *ph_inet6;
+        pfil_head_t *ph_inet6;
 #  endif
 #  if defined(PFIL_TYPE_IFNET) && defined(PFIL_IFNET)
-        struct pfil_head *ph_ifsync;
+        pfil_head_t *ph_ifsync;
 #  endif
 # endif
 #endif
@@ -353,9 +352,9 @@
 #ifdef NETBSD_PF
 # if (__NetBSD_Version__ >= 104200000)
 #  if __NetBSD_Version__ >= 105110000
-       ph_inet = pfil_head_get(PFIL_TYPE_AF, AF_INET);
+       ph_inet = pfil_head_get(PFIL_TYPE_AF, (void *)AF_INET);
 #   ifdef USE_INET6
-       ph_inet6 = pfil_head_get(PFIL_TYPE_AF, AF_INET6);
+       ph_inet6 = pfil_head_get(PFIL_TYPE_AF, (void *)AF_INET6);
 #   endif
 #   if defined(PFIL_TYPE_IFNET) && defined(PFIL_IFNET)
        ph_ifsync = pfil_head_get(PFIL_TYPE_IFNET, 0);
@@ -503,9 +502,9 @@
 #if defined(NETBSD_PF) && (__NetBSD_Version__ >= 104200000)
        int error = 0;
 # if __NetBSD_Version__ >= 105150000
-       struct pfil_head *ph_inet = pfil_head_get(PFIL_TYPE_AF, AF_INET);
+       pfil_head_t *ph_inet = pfil_head_get(PFIL_TYPE_AF, (void *)AF_INET);
 #  ifdef USE_INET6
-       struct pfil_head *ph_inet6 = pfil_head_get(PFIL_TYPE_AF, AF_INET6);
+       pfil_head_t *ph_inet6 = pfil_head_get(PFIL_TYPE_AF, (void *)AF_INET6);
 #  endif
 #  if defined(PFIL_TYPE_IFNET) && defined(PFIL_IFNET)
        struct pfil_head *ph_ifsync = pfil_head_get(PFIL_TYPE_IFNET, 0);
diff -r ddb01792b439 -r a79f06e180ca sys/net/if.c
--- a/sys/net/if.c      Sat Jun 29 20:44:52 2013 +0000
+++ b/sys/net/if.c      Sat Jun 29 21:06:57 2013 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: if.c,v 1.264 2013/06/20 13:56:29 roy Exp $     */
+/*     $NetBSD: if.c,v 1.265 2013/06/29 21:06:58 rmind Exp $   */
 
 /*-
  * Copyright (c) 1999, 2000, 2001, 2008 The NetBSD Foundation, Inc.
@@ -90,13 +90,12 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.264 2013/06/20 13:56:29 roy Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.265 2013/06/29 21:06:58 rmind Exp $");
 
 #include "opt_inet.h"
 
 #include "opt_atalk.h"
 #include "opt_natm.h"
-#include "opt_pfil_hooks.h"
 
 #include <sys/param.h>
 #include <sys/mbuf.h>
@@ -164,9 +163,8 @@
 static uint64_t index_gen;
 static kmutex_t index_gen_mtx;
 
-#ifdef PFIL_HOOKS
-struct pfil_head if_pfil;      /* packet filtering hook for interfaces */
-#endif
+/* Packet filtering hook for interfaces. */
+pfil_head_t *  if_pfil;
 
 static kauth_listener_t if_listener;
 
@@ -237,15 +235,9 @@
 void
 ifinit1(void)
 {
-
        mutex_init(&index_gen_mtx, MUTEX_DEFAULT, IPL_NONE);
-
-#ifdef PFIL_HOOKS
-       if_pfil.ph_type = PFIL_TYPE_IFNET;
-       if_pfil.ph_ifnet = NULL;
-       if (pfil_head_register(&if_pfil) != 0)
-               printf("WARNING: unable to register pfil hook\n");
-#endif
+       if_pfil = pfil_head_create(PFIL_TYPE_IFNET, NULL);
+       KASSERT(if_pfil != NULL);
 }
 
 struct ifnet *
@@ -611,15 +603,9 @@
        ifp->if_snd.altq_ifp  = ifp;
 #endif
 
-#ifdef PFIL_HOOKS
-       ifp->if_pfil.ph_type = PFIL_TYPE_IFNET;
-       ifp->if_pfil.ph_ifnet = ifp;
-       if (pfil_head_register(&ifp->if_pfil) != 0)
-               printf("%s: WARNING: unable to register pfil hook\n",
-                   ifp->if_xname);
-       (void)pfil_run_hooks(&if_pfil,
+       ifp->if_pfil = pfil_head_create(PFIL_TYPE_IFNET, ifp);
+       (void)pfil_run_hooks(if_pfil,
            (struct mbuf **)PFIL_IFNET_ATTACH, ifp, PFIL_IFNET);
-#endif
 
        if (!STAILQ_EMPTY(&domains))
                if_attachdomain1(ifp);
@@ -845,11 +831,9 @@
                }
        }
 
-#ifdef PFIL_HOOKS
-       (void)pfil_run_hooks(&if_pfil,
+       (void)pfil_run_hooks(if_pfil,
            (struct mbuf **)PFIL_IFNET_DETACH, ifp, PFIL_IFNET);
-       (void)pfil_head_unregister(&ifp->if_pfil);
-#endif
+       (void)pfil_head_destroy(ifp->if_pfil);
 
        /* Announce that the interface is gone. */
        rt_ifannouncemsg(ifp, IFAN_DEPARTURE);
diff -r ddb01792b439 -r a79f06e180ca sys/net/if.h
--- a/sys/net/if.h      Sat Jun 29 20:44:52 2013 +0000
+++ b/sys/net/if.h      Sat Jun 29 21:06:57 2013 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: if.h,v 1.155 2012/10/25 11:53:14 msaitoh Exp $ */
+/*     $NetBSD: if.h,v 1.156 2013/06/29 21:06:58 rmind Exp $   */
 
 /*-
  * Copyright (c) 1999, 2000, 2001 The NetBSD Foundation, Inc.
@@ -284,7 +284,7 @@
        const uint8_t *if_broadcastaddr;/* linklevel broadcast bytestring */
        void    *if_bridge;             /* bridge glue */
        int     if_dlt;                 /* data link type (<net/dlt.h>) */
-       struct pfil_head if_pfil;       /* filtering point */
+       pfil_head_t *   if_pfil;        /* filtering point */
        uint64_t if_capabilities;       /* interface capabilities */
        uint64_t if_capenable;          /* capabilities enabled */
        union {
diff -r ddb01792b439 -r a79f06e180ca sys/net/if_bridge.c
--- a/sys/net/if_bridge.c       Sat Jun 29 20:44:52 2013 +0000
+++ b/sys/net/if_bridge.c       Sat Jun 29 21:06:57 2013 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: if_bridge.c,v 1.76 2012/03/22 12:59:33 wiz Exp $       */
+/*     $NetBSD: if_bridge.c,v 1.77 2013/06/29 21:06:58 rmind Exp $     */
 
 /*
  * Copyright 2001 Wasabi Systems, Inc.
@@ -80,12 +80,11 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: if_bridge.c,v 1.76 2012/03/22 12:59:33 wiz Exp $");
+__KERNEL_RCSID(0, "$NetBSD: if_bridge.c,v 1.77 2013/06/29 21:06:58 rmind Exp $");
 
 #ifdef _KERNEL_OPT
 #include "opt_bridge_ipf.h"
 #include "opt_inet.h"
-#include "opt_pfil_hooks.h"
 #endif /* _KERNEL_OPT */
 
 #include <sys/param.h>
@@ -111,7 +110,7 @@
 #include <net/if_ether.h>
 #include <net/if_bridgevar.h>
 
-#if defined(BRIDGE_IPF) && defined(PFIL_HOOKS)
+#if defined(BRIDGE_IPF)
 /* Used for bridge_ip[6]_checkbasic */
 #include <netinet/in.h>
 #include <netinet/in_systm.h>
@@ -123,7 +122,7 @@
 #include <netinet6/in6_var.h>
 #include <netinet6/ip6_var.h>
 #include <netinet6/ip6_private.h>      /* XXX */
-#endif /* BRIDGE_IPF && PFIL_HOOKS */
+#endif /* BRIDGE_IPF */
 
 /*
  * Size of the route hash table.  Must be a power of two.
@@ -243,7 +242,7 @@
 static int     bridge_ioctl_sma(struct bridge_softc *, void *);
 static int     bridge_ioctl_sifprio(struct bridge_softc *, void *);
 static int     bridge_ioctl_sifcost(struct bridge_softc *, void *);
-#if defined(BRIDGE_IPF) && defined(PFIL_HOOKS)
+#if defined(BRIDGE_IPF)
 static int     bridge_ioctl_gfilt(struct bridge_softc *, void *);
 static int     bridge_ioctl_sfilt(struct bridge_softc *, void *);
 static int     bridge_ipf(void *, struct mbuf **, struct ifnet *, int);
@@ -251,7 +250,7 @@
 # ifdef INET6
 static int     bridge_ip6_checkbasic(struct mbuf **mp);
 # endif /* INET6 */
-#endif /* BRIDGE_IPF && PFIL_HOOKS */
+#endif /* BRIDGE_IPF */
 
 struct bridge_control {
        int     (*bc_func)(struct bridge_softc *, void *);
@@ -300,10 +299,10 @@
 [BRDGSIFPRIO] = {bridge_ioctl_sifprio, sizeof(struct ifbreq), BC_F_COPYIN|BC_F_SUSER}, 
 
 [BRDGSIFCOST] = {bridge_ioctl_sifcost, sizeof(struct ifbreq), BC_F_COPYIN|BC_F_SUSER}, 
-#if defined(BRIDGE_IPF) && defined(PFIL_HOOKS)
+#if defined(BRIDGE_IPF)
 [BRDGGFILT] = {bridge_ioctl_gfilt, sizeof(struct ifbrparam), BC_F_COPYOUT},
 [BRDGSFILT] = {bridge_ioctl_sfilt, sizeof(struct ifbrparam), BC_F_COPYIN|BC_F_SUSER},
-#endif /* BRIDGE_IPF && PFIL_HOOKS */
+#endif /* BRIDGE_IPF */
 };
 static const int bridge_control_table_size = __arraycount(bridge_control_table);
 
@@ -1016,7 +1015,7 @@
        return (0);
 }
 
-#if defined(BRIDGE_IPF) && defined(PFIL_HOOKS)
+#if defined(BRIDGE_IPF)
 static int
 bridge_ioctl_gfilt(struct bridge_softc *sc, void *arg)
 {
@@ -1041,18 +1040,18 @@
 
        if ((nflags & IFBF_FILT_USEIPF) && !(oflags & IFBF_FILT_USEIPF)) {
                pfil_add_hook((void *)bridge_ipf, NULL, PFIL_IN|PFIL_OUT,
-                       &sc->sc_if.if_pfil);
Prev by Date: [src/trunk]: src/sbin/umount Use the protocol we mounted the filesystem with ...
Next by Date: [src/trunk]: src/sbin/mount_nfs declare the variables that getnfsargs need in...
Previous by Thread: [src/trunk]: src/sbin/umount Use the protocol we mounted the filesystem with ...
Next by Thread: [src/trunk]: src/sbin/mount_nfs declare the variables that getnfsargs need in...
Indexes:
Home | Main Index | Thread Index | Old Index