From nobody Wed Dec 27 01:43:22 2023 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4T0Dtf4WpDz54mHn; Wed, 27 Dec 2023 01:43:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4T0Dtf3jr2z4SLG; Wed, 27 Dec 2023 01:43:22 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1703641402; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=9+VSZocMUPv3txXWpu0FxZ1K+LGHFpsA7aRvuGxLraM=; b=G16YRAS7MQXsTx64tEUyxiV5xom+l5BxR7LhqhgdfhbGYaca4DgrnTSTktJl+7ZkkMC67e rQahk5vEyeHLQlsoVmEdQ90mx9T2ohlVfJgqkSF5WSy7d81tMG360+AealJCcsuYsdPY59 E8LDpdpM0GX7yaYbdPrrk6VGsgpcN01mZ2vgAsS9cltZu4kirSxxI2rOPuk+DVVIDXlBXf dvofmxre7w3TUpYxjH3VefvRDT6IQSJmsyW3u1eyH6eP1H09SikVdOJllDdRRFAjUsIrTI bGtINMxKJPY9oQGnUNGklyl/McI6XjpYD5kIY7YNeqFXr3aHtW/RTxj4HpmkZw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1703641402; a=rsa-sha256; cv=none; b=ZRU8PfVaxa08Ot27dfd4LOEz6pag0vt7WdalK371OdwakoJi7l8CSqWaqBzsFz9sGRckub sOVrr4Sk0R2d6tr3P/+747Kx3l3XbKzi6mZ8uqpaoJPr99+nLE5DG7e5Tlre/R3bjVLIDZ Ct8eqUeQXDvqltoRUqrad62WL/79B79ameJppgs0Lzu+wSjza7GbHBsGc3/xwS5oxsEETn O9tp8AKVqKBccWC7I51cIcstmJE15Vsc3eZbfQhUXE2mseoIzcEbAO2A8P3rTmmKauFYus Fa9oBg/PvXkiMp/SLaQ0JJqZML5M0uXTCc96FmVYqfwO4L1olaMN9WVuZ64dEw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1703641402; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=9+VSZocMUPv3txXWpu0FxZ1K+LGHFpsA7aRvuGxLraM=; b=iM3Vo1D3X1hRCuCBAr0PsfFzXaaIUEmpNFjUFokRtJsRpsGaYqlHXjmPaTuTW65wYT/qkl xWj59EPKfH3ygG2npAhsNLmlXWxc6TkGkCdpekR6Wy6v2mKv5okxq/LaaYJqnLYC2XtOyc Nz7gvWzBDV2JpowVxiSldtPdj+tvpR2ftnbIUeweTvjp1mFMNOC1A4Un72dgZY1x6Xqwia t8lt5Pa2/lLJynNfcibT/D6J5y2PaNQrKeH5fBvl1cZ+9CjSkSn4PTaYkg3CI7zpGzlT9+ YoC0BtRgDcxhasHfrJ2hV5YqLzSkya89OMBXoeEFROkXvYJpkKlTo67pHybfTg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4T0Dtf2mVrz45X; Wed, 27 Dec 2023 01:43:22 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 3BR1hMWG085315; Wed, 27 Dec 2023 01:43:22 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 3BR1hMQf085312; Wed, 27 Dec 2023 01:43:22 GMT (envelope-from git) Date: Wed, 27 Dec 2023 01:43:22 GMT Message-Id: <202312270143.3BR1hMQf085312@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Richard Scheffenegger Subject: git: a8b70cf26030 - main - netpfil: Use accessor functions and named constants for all tcphdr flags List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: rscheff X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: a8b70cf26030d68631200619bd1b0ad35b34b6b8 Auto-Submitted: auto-generated The branch main has been updated by rscheff: URL: https://cgit.FreeBSD.org/src/commit/?id=a8b70cf26030d68631200619bd1b0ad35b34b6b8 commit a8b70cf26030d68631200619bd1b0ad35b34b6b8 Author: Richard Scheffenegger AuthorDate: 2023-12-25 11:26:25 +0000 Commit: Richard Scheffenegger CommitDate: 2023-12-25 12:18:01 +0000 netpfil: Use accessor functions and named constants for all tcphdr flags Update all remaining references to the struct tcphdr th_x2 field. This completes the compatibilty of various aspects with AccECN (TH_AE), after the internal ipfw "re-checksum required" was moved to use the TH_RES1 flag. No functional change. Reviewed By: tuexen, #transport, glebius Sponsored by: NetApp, Inc. Differential Revision: https://reviews.freebsd.org/D43172 --- sys/dev/xen/netback/netback_unit_tests.c | 4 ++-- sys/netgraph/ng_nat.c | 10 +++++----- sys/netinet/tcp.h | 13 +++++++++++++ sys/netinet/tcp_var.h | 12 ------------ sys/netpfil/ipfilter/netinet/ip_compat.h | 6 ------ sys/netpfil/ipfilter/netinet/ip_fil_freebsd.c | 7 +++---- sys/netpfil/pf/pf_norm.c | 11 ++++++----- 7 files changed, 29 insertions(+), 34 deletions(-) diff --git a/sys/dev/xen/netback/netback_unit_tests.c b/sys/dev/xen/netback/netback_unit_tests.c index e5a000c872d8..af88d5ced498 100644 --- a/sys/dev/xen/netback/netback_unit_tests.c +++ b/sys/dev/xen/netback/netback_unit_tests.c @@ -35,6 +35,7 @@ */ #include +#include /** * \file netback_unit_tests.c * @@ -2311,9 +2312,8 @@ xnb_fill_tcp(struct mbuf *m) tcp->th_dport = htons(2222); tcp->th_seq = htonl(0x00f72b10); tcp->th_ack = htonl(0x7f37ba6c); - tcp->th_x2 = 0; + tcp_set_flags(tcp, TH_ACK | TH_PUSH); tcp->th_off = 8; - tcp->th_flags = 0x18; tcp->th_win = htons(0x410); /* th_sum is incorrect; will be inserted by function under test */ tcp->th_sum = htons(0xbaad); diff --git a/sys/netgraph/ng_nat.c b/sys/netgraph/ng_nat.c index ae083608a199..d7492b71e07c 100644 --- a/sys/netgraph/ng_nat.c +++ b/sys/netgraph/ng_nat.c @@ -862,9 +862,9 @@ ng_nat_rcvdata(hook_p hook, item_p item ) * doesn't have any idea about checksum offloading * in kernel. To workaround this, we do not do * checksumming in LibAlias, but only mark the - * packets in th_x2 field. If we receive a marked - * packet, we calculate correct checksum for it - * aware of offloading. + * packets with TH_RES1 in the th_x2 field. If we + * receive a marked packet, we calculate correct + * checksum for it aware of offloading. * * Why do I do such a terrible hack instead of * recalculating checksum for each packet? @@ -875,10 +875,10 @@ ng_nat_rcvdata(hook_p hook, item_p item ) * has this problem, too. */ - if (th->th_x2) { + if (tcp_get_flags(th) & TH_RES1) { uint16_t ip_len = ntohs(ip->ip_len); - th->th_x2 = 0; + tcp_set_flags(th, tcp_get_flags(th) & ~TH_RES1); th->th_sum = in_pseudo(ip->ip_src.s_addr, ip->ip_dst.s_addr, htons(IPPROTO_TCP + ip_len - (ip->ip_hl << 2))); diff --git a/sys/netinet/tcp.h b/sys/netinet/tcp.h index 44f8a67a1e64..209b89c9a427 100644 --- a/sys/netinet/tcp.h +++ b/sys/netinet/tcp.h @@ -79,6 +79,19 @@ struct tcphdr { u_short th_urp; /* urgent pointer */ }; +static inline uint16_t +tcp_get_flags(const struct tcphdr *th) +{ + return (((uint16_t)th->th_x2 << 8) | th->th_flags); +} + +static inline void +tcp_set_flags(struct tcphdr *th, uint16_t flags) +{ + th->th_x2 = (flags >> 8) & 0x0f; + th->th_flags = flags & 0xff; +} + #define PADTCPOLEN(len) ((((len) / 4) + !!((len) % 4)) * 4) #define TCPOPT_EOL 0 diff --git a/sys/netinet/tcp_var.h b/sys/netinet/tcp_var.h index af441b4fc7d7..c2b15526c15b 100644 --- a/sys/netinet/tcp_var.h +++ b/sys/netinet/tcp_var.h @@ -1578,16 +1578,4 @@ tcp_fields_to_net(struct tcphdr *th) } #endif /* _KERNEL */ -static inline uint16_t -tcp_get_flags(const struct tcphdr *th) -{ - return (((uint16_t)th->th_x2 << 8) | th->th_flags); -} - -static inline void -tcp_set_flags(struct tcphdr *th, uint16_t flags) -{ - th->th_x2 = (flags >> 8) & 0x0f; - th->th_flags = flags & 0xff; -} #endif /* _NETINET_TCP_VAR_H_ */ diff --git a/sys/netpfil/ipfilter/netinet/ip_compat.h b/sys/netpfil/ipfilter/netinet/ip_compat.h index 08ce4b572d43..c73af315b132 100644 --- a/sys/netpfil/ipfilter/netinet/ip_compat.h +++ b/sys/netpfil/ipfilter/netinet/ip_compat.h @@ -687,12 +687,6 @@ typedef struct tcpiphdr tcpiphdr_t; #ifndef IP_HL_A # define IP_HL_A(x,y) (x)->ip_hl = ((y) & 0xf) #endif -#ifndef TCP_X2 -# define TCP_X2(x) (x)->th_x2 -#endif -#ifndef TCP_X2_A -# define TCP_X2_A(x,y) (x)->th_x2 = (y) -#endif #ifndef TCP_OFF # define TCP_OFF(x) (x)->th_off #endif diff --git a/sys/netpfil/ipfilter/netinet/ip_fil_freebsd.c b/sys/netpfil/ipfilter/netinet/ip_fil_freebsd.c index 139aff9b1c73..1922880e90df 100644 --- a/sys/netpfil/ipfilter/netinet/ip_fil_freebsd.c +++ b/sys/netpfil/ipfilter/netinet/ip_fil_freebsd.c @@ -379,18 +379,17 @@ ipf_send_reset(fr_info_t *fin) tcp2->th_sport = tcp->th_dport; tcp2->th_dport = tcp->th_sport; - if (tcp->th_flags & TH_ACK) { + if (tcp_get_flags(tcp) & TH_ACK) { tcp2->th_seq = tcp->th_ack; - tcp2->th_flags = TH_RST; + tcp_set_flags(tcp2, TH_RST); tcp2->th_ack = 0; } else { tcp2->th_seq = 0; tcp2->th_ack = ntohl(tcp->th_seq); tcp2->th_ack += tlen; tcp2->th_ack = htonl(tcp2->th_ack); - tcp2->th_flags = TH_RST|TH_ACK; + tcp_set_flags(tcp2, TH_RST|TH_ACK); } - TCP_X2_A(tcp2, 0); TCP_OFF_A(tcp2, sizeof(*tcp2) >> 2); tcp2->th_win = tcp->th_win; tcp2->th_sum = 0; diff --git a/sys/netpfil/pf/pf_norm.c b/sys/netpfil/pf/pf_norm.c index a92462c53f15..a119d85f806e 100644 --- a/sys/netpfil/pf/pf_norm.c +++ b/sys/netpfil/pf/pf_norm.c @@ -1376,7 +1376,7 @@ pf_normalize_tcp(struct pfi_kkif *kif, struct mbuf *m, int ipoff, struct tcphdr *th = &pd->hdr.tcp; int rewrite = 0; u_short reason; - u_int8_t flags; + u_int16_t flags; sa_family_t af = pd->af; int srs; @@ -1434,7 +1434,7 @@ pf_normalize_tcp(struct pfi_kkif *kif, struct mbuf *m, int ipoff, if (rm && rm->rule_flag & PFRULE_REASSEMBLE_TCP) pd->flags |= PFDESC_TCP_NORM; - flags = th->th_flags; + flags = tcp_get_flags(th); if (flags & TH_SYN) { /* Illegal packet */ if (flags & TH_RST) @@ -1459,12 +1459,13 @@ pf_normalize_tcp(struct pfi_kkif *kif, struct mbuf *m, int ipoff, goto tcp_drop; /* If flags changed, or reserved data set, then adjust */ - if (flags != th->th_flags || th->th_x2 != 0) { + if (flags != tcp_get_flags(th) || + (tcp_get_flags(th) & (TH_RES1|TH_RES2|TH_RES2)) != 0) { u_int16_t ov, nv; ov = *(u_int16_t *)(&th->th_ack + 1); - th->th_flags = flags; - th->th_x2 = 0; + flags &= ~(TH_RES1 | TH_RES2 | TH_RES3); + tcp_set_flags(th, flags); nv = *(u_int16_t *)(&th->th_ack + 1); th->th_sum = pf_proto_cksum_fixup(m, th->th_sum, ov, nv, 0);