From owner-svn-src-projects@FreeBSD.ORG Mon Jun 4 07:54:54 2012 Return-Path: Delivered-To: svn-src-projects@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id A1BEC106566B; Mon, 4 Jun 2012 07:54:54 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 8C2818FC0A; Mon, 4 Jun 2012 07:54:54 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q547ssmV013669; Mon, 4 Jun 2012 07:54:54 GMT (envelope-from glebius@svn.freebsd.org) Received: (from glebius@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id q547ss5B013665; Mon, 4 Jun 2012 07:54:54 GMT (envelope-from glebius@svn.freebsd.org) Message-Id: <201206040754.q547ss5B013665@svn.freebsd.org> From: Gleb Smirnoff Date: Mon, 4 Jun 2012 07:54:54 +0000 (UTC) To: src-committers@freebsd.org, svn-src-projects@freebsd.org X-SVN-Group: projects MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r236548 - projects/pf/head/sys/contrib/pf/net X-BeenThere: svn-src-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the src " projects" tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Jun 2012 07:54:54 -0000 Author: glebius Date: Mon Jun 4 07:54:53 2012 New Revision: 236548 URL: http://svn.freebsd.org/changeset/base/236548 Log: Some cleanup of pf osfp: - We don't need separate uma(9) zones for things that are allocated very infrequently, use malloc(9). - Don't pretend that pf_ospf.c can be compiled as userland program. Modified: projects/pf/head/sys/contrib/pf/net/pf_ioctl.c projects/pf/head/sys/contrib/pf/net/pf_osfp.c projects/pf/head/sys/contrib/pf/net/pfvar.h Modified: projects/pf/head/sys/contrib/pf/net/pf_ioctl.c ============================================================================== --- projects/pf/head/sys/contrib/pf/net/pf_ioctl.c Mon Jun 4 07:16:12 2012 (r236547) +++ projects/pf/head/sys/contrib/pf/net/pf_ioctl.c Mon Jun 4 07:54:53 2012 (r236548) @@ -249,7 +249,6 @@ pfattach(void) pf_initialize(); pfi_initialize(); - pf_osfp_initialize(); pf_normalize_init(); V_pf_limits[PF_LIMIT_STATES].limit = PFSTATE_HIWAT; @@ -3782,7 +3781,6 @@ pf_unload(void) pf_normalize_cleanup(); pfi_cleanup(); pf_osfp_flush(); - pf_osfp_cleanup(); pf_cleanup(); PF_RULES_WUNLOCK(); destroy_dev(pf_dev); Modified: projects/pf/head/sys/contrib/pf/net/pf_osfp.c ============================================================================== --- projects/pf/head/sys/contrib/pf/net/pf_osfp.c Mon Jun 4 07:16:12 2012 (r236547) +++ projects/pf/head/sys/contrib/pf/net/pf_osfp.c Mon Jun 4 07:54:53 2012 (r236548) @@ -22,10 +22,10 @@ __FBSDID("$FreeBSD$"); #include #include -#ifdef _KERNEL #include -#endif /* _KERNEL */ +#include #include +#include #include #include @@ -36,49 +36,17 @@ __FBSDID("$FreeBSD$"); #include #include -#ifdef _KERNEL #include -#endif - -#ifdef _KERNEL +static MALLOC_DEFINE(M_PFOSFP, "pf(4) osfp", "pf(4) operating system fingerprints"); #define DPFPRINTF(format, x...) \ if (V_pf_status.debug >= PF_DEBUG_NOISY) \ printf(format , ##x) -typedef uma_zone_t pool_t; - -#else -/* Userland equivalents so we can lend code to tcpdump et al. */ - -#include -#include -#include -#include -#include -#include -#define pool_t int -#define pool_get(pool, flags) malloc(*(pool)) -#define pool_put(pool, item) free(item) -#define pool_init(pool, size, a, ao, f, m, p) (*(pool)) = (size) - -#define NTOHS(x) (x) = ntohs((u_int16_t)(x)) - -#ifdef PFDEBUG -#include -#define DPFPRINTF(format, x...) fprintf(stderr, format , ##x) -#else -#define DPFPRINTF(format, x...) ((void)0) -#endif /* PFDEBUG */ -#endif /* _KERNEL */ - SLIST_HEAD(pf_osfp_list, pf_os_fingerprint); -VNET_DEFINE(struct pf_osfp_list, pf_osfp_list); +static VNET_DEFINE(struct pf_osfp_list, pf_osfp_list) = + SLIST_HEAD_INITIALIZER(); #define V_pf_osfp_list VNET(pf_osfp_list) -VNET_DEFINE(pool_t, pf_osfp_entry_z); -#define pf_osfp_entry_pl VNET(pf_osfp_entry_z) -VNET_DEFINE(pool_t, pf_osfp_z); -#define pf_osfp_pl VNET(pf_osfp_z) static struct pf_osfp_enlist *pf_osfp_fingerprint_hdr(const struct ip *, const struct ip6_hdr *, @@ -93,7 +61,6 @@ static void pf_osfp_insert(struct pf_ static struct pf_os_fingerprint *pf_osfp_validate(void); #endif -#ifdef _KERNEL /* * Passively fingerprint the OS of the host (IPv4 TCP SYN packets only) * Returns the list of possible OSes. @@ -122,7 +89,6 @@ pf_osfp_fingerprint(struct pf_pdesc *pd, return (pf_osfp_fingerprint_hdr(ip, ip6, (struct tcphdr *)hdr)); } -#endif /* _KERNEL */ static struct pf_osfp_enlist * pf_osfp_fingerprint_hdr(const struct ip *ip, const struct ip6_hdr *ip6, const struct tcphdr *tcp) @@ -130,11 +96,7 @@ pf_osfp_fingerprint_hdr(const struct ip struct pf_os_fingerprint fp, *fpresult; int cnt, optlen = 0; const u_int8_t *optp; -#ifdef _KERNEL char srcname[128]; -#else - char srcname[NI_MAXHOST]; -#endif if ((tcp->th_flags & (TH_SYN|TH_ACK)) != TH_SYN) return (NULL); @@ -146,49 +108,21 @@ pf_osfp_fingerprint_hdr(const struct ip memset(&fp, 0, sizeof(fp)); if (ip) { -#ifndef _KERNEL - struct sockaddr_in sin; -#endif - fp.fp_psize = ntohs(ip->ip_len); fp.fp_ttl = ip->ip_ttl; if (ip->ip_off & htons(IP_DF)) fp.fp_flags |= PF_OSFP_DF; -#ifdef _KERNEL strlcpy(srcname, inet_ntoa(ip->ip_src), sizeof(srcname)); -#else - memset(&sin, 0, sizeof(sin)); - sin.sin_family = AF_INET; - sin.sin_len = sizeof(struct sockaddr_in); - sin.sin_addr = ip->ip_src; - (void)getnameinfo((struct sockaddr *)&sin, - sizeof(struct sockaddr_in), srcname, sizeof(srcname), - NULL, 0, NI_NUMERICHOST); -#endif } #ifdef INET6 else if (ip6) { -#ifndef _KERNEL - struct sockaddr_in6 sin6; -#endif - /* jumbo payload? */ fp.fp_psize = sizeof(struct ip6_hdr) + ntohs(ip6->ip6_plen); fp.fp_ttl = ip6->ip6_hlim; fp.fp_flags |= PF_OSFP_DF; fp.fp_flags |= PF_OSFP_INET6; -#ifdef _KERNEL strlcpy(srcname, ip6_sprintf((struct in6_addr *)&ip6->ip6_src), sizeof(srcname)); -#else - memset(&sin6, 0, sizeof(sin6)); - sin6.sin6_family = AF_INET6; - sin6.sin6_len = sizeof(struct sockaddr_in6); - sin6.sin6_addr = ip6->ip6_src; - (void)getnameinfo((struct sockaddr *)&sin6, - sizeof(struct sockaddr_in6), srcname, sizeof(srcname), - NULL, 0, NI_NUMERICHOST); -#endif } #endif else @@ -302,28 +236,6 @@ pf_osfp_match(struct pf_osfp_enlist *lis return (0); } -#ifdef _KERNEL -/* Initialize the OS fingerprint system */ -void -pf_osfp_initialize(void) -{ - pf_osfp_entry_z = uma_zcreate("pfospfen", sizeof(struct pf_osfp_entry), - NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0); - pf_osfp_z = uma_zcreate("pfosfp", sizeof(struct pf_os_fingerprint), - NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0); - - SLIST_INIT(&V_pf_osfp_list); -} - -void -pf_osfp_cleanup(void) -{ - - uma_zdestroy(pf_osfp_entry_z); - uma_zdestroy(pf_osfp_z); -} -#endif - /* Flush the fingerprint list */ void pf_osfp_flush(void) @@ -335,9 +247,9 @@ pf_osfp_flush(void) SLIST_REMOVE_HEAD(&V_pf_osfp_list, fp_next); while ((entry = SLIST_FIRST(&fp->fp_oses))) { SLIST_REMOVE_HEAD(&fp->fp_oses, fp_entry); - uma_zfree(pf_osfp_entry_z, entry); + free(entry, M_PFOSFP); } - uma_zfree(pf_osfp_z, fp); + free(fp, M_PFOSFP); } } @@ -349,6 +261,8 @@ pf_osfp_add(struct pf_osfp_ioctl *fpioc) struct pf_os_fingerprint *fp, fpadd; struct pf_osfp_entry *entry; + PF_RULES_WASSERT(); + memset(&fpadd, 0, sizeof(fpadd)); fpadd.fp_tcpopts = fpioc->fp_tcpopts; fpadd.fp_wsize = fpioc->fp_wsize; @@ -390,14 +304,13 @@ pf_osfp_add(struct pf_osfp_ioctl *fpioc) if (PF_OSFP_ENTRY_EQ(entry, &fpioc->fp_os)) return (EEXIST); } - if ((entry = uma_zalloc(pf_osfp_entry_z, - M_NOWAIT)) == NULL) + if ((entry = malloc(sizeof(*entry), M_PFOSFP, M_NOWAIT)) + == NULL) return (ENOMEM); } else { - if ((fp = uma_zalloc(pf_osfp_z, - M_NOWAIT)) == NULL) + if ((fp = malloc(sizeof(*fp), M_PFOSFP, M_ZERO | M_NOWAIT)) + == NULL) return (ENOMEM); - memset(fp, 0, sizeof(*fp)); fp->fp_tcpopts = fpioc->fp_tcpopts; fp->fp_wsize = fpioc->fp_wsize; fp->fp_psize = fpioc->fp_psize; @@ -407,9 +320,9 @@ pf_osfp_add(struct pf_osfp_ioctl *fpioc) fp->fp_wscale = fpioc->fp_wscale; fp->fp_ttl = fpioc->fp_ttl; SLIST_INIT(&fp->fp_oses); - if ((entry = uma_zalloc(pf_osfp_entry_z, - M_NOWAIT)) == NULL) { - uma_zfree(pf_osfp_z, fp); + if ((entry = malloc(sizeof(*entry), M_PFOSFP, M_NOWAIT)) + == NULL) { + free(fp, M_PFOSFP); return (ENOMEM); } pf_osfp_insert(&V_pf_osfp_list, fp); Modified: projects/pf/head/sys/contrib/pf/net/pfvar.h ============================================================================== --- projects/pf/head/sys/contrib/pf/net/pfvar.h Mon Jun 4 07:16:12 2012 (r236547) +++ projects/pf/head/sys/contrib/pf/net/pfvar.h Mon Jun 4 07:54:53 2012 (r236548) @@ -1962,8 +1962,6 @@ struct pf_osfp_enlist * #endif /* _KERNEL */ void pf_osfp_flush(void); int pf_osfp_get(struct pf_osfp_ioctl *); -void pf_osfp_initialize(void); -void pf_osfp_cleanup(void); int pf_osfp_match(struct pf_osfp_enlist *, pf_osfp_t); #ifdef _KERNEL