Date: Mon, 16 Oct 2006 21:51:02 GMT From: Paolo Pisati <piso@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 108003 for review Message-ID: <200610162151.k9GLp2Fe092320@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=108003 Change 108003 by piso@piso_newluxor on 2006/10/16 21:50:47 Complete movement of nat entries under ip_fw_chain: used IPFW_[RW]LOCK instead of NAT_[RW]LOCK, deleted nat_chain_rwl and reviewed some locking. Affected files ... .. //depot/projects/soc2005/libalias/sys/netinet/ip_fw2.c#22 edit Differences ... ==== //depot/projects/soc2005/libalias/sys/netinet/ip_fw2.c#22 (text+ko) ==== @@ -154,6 +154,8 @@ #define IPFW_WLOCK(p) rw_wlock(&(p)->rwmtx) #define IPFW_WUNLOCK(p) rw_wunlock(&(p)->rwmtx) +static eventhandler_tag ifaddr_event_tag; + /* * list of rules for layer 3 */ @@ -305,14 +307,6 @@ MODULE_DEPEND(ipfw, libalias, 1, 1, 1); -#define NAT_WLOCK_ASSERT(_chain) IPFW_WLOCK_ASSERT(_chain) -#define NAT_RLOCK(p) IPFW_RLOCK(p) -#define NAT_RUNLOCK(p) IPFW_RUNLOCK(p) -#define NAT_WLOCK(p) IPFW_WLOCK(p) -#define NAT_WUNLOCK(p) IPFW_WUNLOCK(p) - -static eventhandler_tag ifaddr_event_tag; - static int fw_deny_unknown_exthdrs = 1; /* @@ -2041,7 +2035,7 @@ flush_nat_ptrs(const int i) { struct ip_fw *rule; - IPFW_WLOCK(&layer3_chain); + IPFW_WLOCK_ASSERT(&layer3_chain); for (rule = layer3_chain.rules; rule; rule = rule->next) { ipfw_insn_nat *cmd = (ipfw_insn_nat *)ACTION_PTR(rule); @@ -2050,7 +2044,6 @@ if (cmd->nat != NULL && cmd->nat->id == i) cmd->nat = NULL; } - IPFW_WUNLOCK(&layer3_chain); } static struct cfg_nat * @@ -2064,12 +2057,12 @@ } #define HOOK_NAT(b, p) do { \ - NAT_WLOCK_ASSERT(&layer3_chain); \ + IPFW_WLOCK_ASSERT(&layer3_chain); \ LIST_INSERT_HEAD(b, p, _next); \ } while (0) #define UNHOOK_NAT(p) do { \ - NAT_WLOCK_ASSERT(&layer3_chain); \ + IPFW_WLOCK_ASSERT(&layer3_chain); \ LIST_REMOVE(p, _next); \ } while (0) @@ -3438,12 +3431,10 @@ args->rule = f; /* Report matching rule. */ retval = 0; t = ((ipfw_insn_nat *)cmd)->nat; - NAT_RLOCK(&layer3_chain); if (t == NULL) { t = lookup_nat(cmd->arg1); if (t == NULL) { retval = IP_FW_DENY; - NAT_RUNLOCK(&layer3_chain); goto done; } else ((ipfw_insn_nat *)cmd)->nat = t; @@ -3509,7 +3500,6 @@ /* XXX - should i add some logging? */ m_free(mcl); badnat: - NAT_RUNLOCK(&layer3_chain); args->m = NULL; retval = IP_FW_DENY; goto done; @@ -3575,7 +3565,6 @@ args->m = mcl; retval = IP_FW_NAT; - NAT_RUNLOCK(&layer3_chain); goto done; } @@ -4310,7 +4299,7 @@ struct cfg_nat *ptr; struct ifaddr *ifa; - NAT_WLOCK(&layer3_chain); + IPFW_WLOCK(&layer3_chain); /* Check every nat entry... */ LIST_FOREACH(ptr, &layer3_chain.nat, _next) { /* ...using nic 'ifp->if_xname' as dynamic alias address. */ @@ -4328,7 +4317,7 @@ mtx_unlock(&ifp->if_addr_mtx); } } - NAT_WUNLOCK(&layer3_chain); + IPFW_WUNLOCK(&layer3_chain); } /** @@ -4568,21 +4557,21 @@ /* * Find/create nat rule. */ - NAT_WLOCK(&layer3_chain); + IPFW_WLOCK(&layer3_chain); ptr = lookup_nat(ser_n->id); if (ptr == NULL) { /* New rule: allocate and init new instance. */ ptr = malloc(sizeof(struct cfg_nat), M_IPFW, M_NOWAIT | M_ZERO); if (ptr == NULL) { free(buf, M_IPFW); - NAT_WUNLOCK(&layer3_chain); + IPFW_WUNLOCK(&layer3_chain); return (ENOSPC); } ptr->lib = LibAliasInit(NULL); if (ptr->lib == NULL) { free(ptr, M_IPFW); free(buf, M_IPFW); - NAT_WUNLOCK(&layer3_chain); + IPFW_WUNLOCK(&layer3_chain); return(EINVAL); } LIST_INIT(&ptr->redir_chain); @@ -4590,7 +4579,7 @@ UNHOOK_NAT(ptr); flush_nat_ptrs(ser_n->id); } - NAT_WUNLOCK(&layer3_chain); + IPFW_WUNLOCK(&layer3_chain); /* * Basic nat configuration. @@ -4614,9 +4603,9 @@ add_redir_spool_cfg(&buf[(sizeof(struct cfg_nat))], ptr); /* Add new entries. */ free(buf, M_IPFW); - NAT_WLOCK(&layer3_chain); + IPFW_WLOCK(&layer3_chain); HOOK_NAT(&layer3_chain.nat, ptr); - NAT_WUNLOCK(&layer3_chain); + IPFW_WUNLOCK(&layer3_chain); } break; @@ -4626,16 +4615,16 @@ int i; error = sooptcopyin(sopt, &i, sizeof i, sizeof i); - NAT_WLOCK(&layer3_chain); + IPFW_WLOCK(&layer3_chain); ptr = lookup_nat(i); if (ptr == NULL) { error = EINVAL; - NAT_WUNLOCK(&layer3_chain); + IPFW_WUNLOCK(&layer3_chain); break; } UNHOOK_NAT(ptr); - NAT_WUNLOCK(&layer3_chain); flush_nat_ptrs(i); + IPFW_WUNLOCK(&layer3_chain); del_redir_spool_cfg(ptr, &ptr->redir_chain); LibAliasUninit(ptr->lib); free(ptr, M_IPFW); @@ -4656,7 +4645,7 @@ data = malloc(NAT_BUF_LEN, M_IPFW, M_NOWAIT | M_ZERO); if (data == NULL) return (ENOSPC); - NAT_RLOCK(&layer3_chain); + IPFW_RLOCK(&layer3_chain); /* Serialize all the data. */ LIST_FOREACH(n, &layer3_chain.nat, _next) { nat_cnt++; @@ -4681,12 +4670,12 @@ goto nospace; } bcopy(&nat_cnt, data, sizeof(nat_cnt)); - NAT_RUNLOCK(&layer3_chain); + IPFW_RUNLOCK(&layer3_chain); error = sooptcopyout(sopt, data, NAT_BUF_LEN); free(data, M_IPFW); break; nospace: - NAT_RUNLOCK(&layer3_chain); + IPFW_RUNLOCK(&layer3_chain); printf("serialized data buffer not big enough: please increase NAT_BUF_LEN\n"); free(data, M_IPFW); } @@ -4699,7 +4688,7 @@ int sof = LIBALIAS_BUF_SIZE; int i, size, cnt = 0; - NAT_RLOCK(&layer3_chain); + IPFW_RLOCK(&layer3_chain); size = i = 0; LIST_FOREACH(ptr, &layer3_chain.nat, _next) { if (ptr->lib->logDesc == NULL) @@ -4708,7 +4697,7 @@ size = cnt * (sof + sizeof(int)); data = realloc(data, size, M_IPFW, M_NOWAIT | M_ZERO); if (data == NULL) { - NAT_RUNLOCK(&layer3_chain); + IPFW_RUNLOCK(&layer3_chain); return (ENOSPC); } bcopy(&ptr->id, &data[i], sizeof(int)); @@ -4716,7 +4705,7 @@ bcopy(ptr->lib->logDesc, &data[i], sof); i += sof; } - NAT_RUNLOCK(&layer3_chain); + IPFW_RUNLOCK(&layer3_chain); error = sooptcopyout(sopt, data, size); free(data, M_IPFW); } @@ -4911,14 +4900,12 @@ callout_drain(&ipfw_timeout); IPFW_WLOCK(&layer3_chain); flush_tables(&layer3_chain); - NAT_WLOCK(&layer3_chain); LIST_FOREACH_SAFE(ptr, &layer3_chain.nat, _next, ptr_temp) { LIST_REMOVE(ptr, _next); del_redir_spool_cfg(ptr, &ptr->redir_chain); LibAliasUninit(ptr->lib); free(ptr, M_IPFW); } - NAT_WUNLOCK(&layer3_chain); EVENTHANDLER_DEREGISTER(ifaddr_event, ifaddr_event_tag); layer3_chain.reap = NULL; free_chain(&layer3_chain, 1 /* kill default rule */);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200610162151.k9GLp2Fe092320>