On Mon, Dec 04, 2006 at 07:49:08AM +0100, Pavel Cahyna wrote:
> On Mon, Dec 04, 2006 at 02:58:06AM +0000, David Young wrote:
> > 
> > Module Name:	src
> > Committed By:	dyoung
> > Date:		Mon Dec  4 02:58:06 UTC 2006
> > 
> > Modified Files:
> > 	src/sys/dist/pf/net: pf.c pfvar.h
> > 
> > Log Message:
> > Lightly constify.  Helps compile-time checking that we are not
> > scribbling over shared or read-only memory---e.g., in mbufs.
> 
> Why?

I was tracking a bug where pf corrupted packets.  Making subroutine
arguments const made it easier to winnow code paths from consideration:
if a pointer to mbuf storage was passed as const *, I knew it would not
be overwritten deliberately.

> mbufs passed to pf are guaranteed to be writable. (see PR 26433)

I did not think that the fix in 26433 was intended as anything but
a stopgap.  It does not seem efficient to copy IP+(UDP|TCP) headers on
every single packet regardless of whether it will be modified.  A better
fix would use your safe mbuf macros throughout pf.  (What is the status
of that, anyway?)

> I am afraid that such changes will make merging new versions of pf more
> difficult. (Have you cousulted with Peter Postma?)

I did not consult with Peter.  I think that this will make merging
negligibly more difficult.

Dave

-- 
David Young             OJC Technologies
dyoung@ojctech.com      Urbana, IL * (217) 278-3933