From owner-svn-src-head@freebsd.org Mon Oct 12 12:39:37 2020 Return-Path: Delivered-To: svn-src-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BE560436CF2; Mon, 12 Oct 2020 12:39:37 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4C8ytK4Mx8z49ZH; Mon, 12 Oct 2020 12:39:37 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 74C27CB8D; Mon, 12 Oct 2020 12:39:37 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 09CCdboZ040382; Mon, 12 Oct 2020 12:39:37 GMT (envelope-from kp@FreeBSD.org) Received: (from kp@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 09CCdbSm040381; Mon, 12 Oct 2020 12:39:37 GMT (envelope-from kp@FreeBSD.org) Message-Id: <202010121239.09CCdbSm040381@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kp set sender to kp@FreeBSD.org using -f From: Kristof Provost Date: Mon, 12 Oct 2020 12:39:37 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r366647 - head/sys/netpfil/pf X-SVN-Group: head X-SVN-Commit-Author: kp X-SVN-Commit-Paths: head/sys/netpfil/pf X-SVN-Commit-Revision: 366647 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Oct 2020 12:39:37 -0000 Author: kp Date: Mon Oct 12 12:39:37 2020 New Revision: 366647 URL: https://svnweb.freebsd.org/changeset/base/366647 Log: pf: create a kif for flags If userspace tries to set flags (e.g. 'set skip on ') and doesn't exist we should create a kif so that we apply the flags when the does turn up. Otherwise we'd end up in surprising situations where the rules say the interface should be skipped, but it's not until the rules get re-applied. Reviewed by: Lutz Donnerhacke MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D26742 Modified: head/sys/netpfil/pf/pf_if.c Modified: head/sys/netpfil/pf/pf_if.c ============================================================================== --- head/sys/netpfil/pf/pf_if.c Mon Oct 12 11:40:43 2020 (r366646) +++ head/sys/netpfil/pf/pf_if.c Mon Oct 12 12:39:37 2020 (r366647) @@ -801,9 +801,16 @@ int pfi_set_flags(const char *name, int flags) { struct epoch_tracker et; - struct pfi_kif *p; + struct pfi_kif *p, *kif; + kif = malloc(sizeof(*kif), PFI_MTYPE, M_NOWAIT); + if (kif == NULL) + return (ENOMEM); + NET_EPOCH_ENTER(et); + + kif = pfi_kif_attach(kif, name); + RB_FOREACH(p, pfi_ifhead, &V_pfi_ifs) { if (pfi_skip_if(name, p)) continue; @@ -817,13 +824,20 @@ int pfi_clear_flags(const char *name, int flags) { struct epoch_tracker et; - struct pfi_kif *p; + struct pfi_kif *p, *tmp; NET_EPOCH_ENTER(et); - RB_FOREACH(p, pfi_ifhead, &V_pfi_ifs) { + RB_FOREACH_SAFE(p, pfi_ifhead, &V_pfi_ifs, tmp) { if (pfi_skip_if(name, p)) continue; p->pfik_flags &= ~flags; + + if (p->pfik_ifp == NULL && p->pfik_group == NULL && + p->pfik_flags == 0) { + /* Delete this kif. */ + RB_REMOVE(pfi_ifhead, &V_pfi_ifs, p); + free(p, PFI_MTYPE); + } } NET_EPOCH_EXIT(et); return (0);