From owner-svn-src-all@freebsd.org Thu Dec 19 09:27:04 2019 Return-Path: Delivered-To: svn-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 928F31DACFC; Thu, 19 Dec 2019 09:27:04 +0000 (UTC) (envelope-from melifaro@ipfw.ru) Received: from forward501j.mail.yandex.net (forward501j.mail.yandex.net [5.45.198.251]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 47dmjf5fD1z4SGD; Thu, 19 Dec 2019 09:27:02 +0000 (UTC) (envelope-from melifaro@ipfw.ru) Received: from mxback2q.mail.yandex.net (mxback2q.mail.yandex.net [IPv6:2a02:6b8:c0e:40:0:640:9c8c:4946]) by forward501j.mail.yandex.net (Yandex) with ESMTP id C4EB93380712; Thu, 19 Dec 2019 12:26:58 +0300 (MSK) Received: from localhost (localhost [::1]) by mxback2q.mail.yandex.net (mxback/Yandex) with ESMTP id 1nH4cb4Scw-QvdG49O2; Thu, 19 Dec 2019 12:26:57 +0300 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfw.ru; s=mail; t=1576747617; bh=05wo2e8Qlfl1UNMLqfNdqzJr16FoqGTi2SVEnfM5zVA=; h=References:Date:Message-Id:Subject:In-Reply-To:To:From; b=puy0F2KYOB32FGinKsihTKdndaynm1owSDwmTU/VzpcA0DttpWlZNpQVm6NSe6Sap AWswWbRoIp2BlTYFPIk5CgeQeJuM1zOogW/1Hy496Ain9gGK8yV5ZY64gKwCdifGhU LnAO1dY4oNQZMi0zIQ77Oev1rMiU0qW5M27GYvi0= Received: by vla3-985002032993.qloud-c.yandex.net with HTTP; Thu, 19 Dec 2019 12:26:57 +0300 From: Alexander V. Chernikov To: "src-committers@freebsd.org" , "svn-src-all@freebsd.org" , "svn-src-head@freebsd.org" In-Reply-To: <201912190919.xBJ9JSXS014836@repo.freebsd.org> References: <201912190919.xBJ9JSXS014836@repo.freebsd.org> Subject: Re: svn commit: r355908 - head/sys/netpfil/ipfw MIME-Version: 1.0 X-Mailer: Yamail [ http://yandex.ru ] 5.0 Date: Thu, 19 Dec 2019 09:26:57 +0000 Message-Id: <38008821576747617@vla3-985002032993.qloud-c.yandex.net> Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=utf-8 X-Rspamd-Queue-Id: 47dmjf5fD1z4SGD X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=ipfw.ru header.s=mail header.b=puy0F2KY; dmarc=none; spf=pass (mx1.freebsd.org: domain of melifaro@ipfw.ru designates 5.45.198.251 as permitted sender) smtp.mailfrom=melifaro@ipfw.ru X-Spamd-Result: default: False [-4.32 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[ipfw.ru:s=mail]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip4:5.45.192.0/19]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[ipfw.ru]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_COUNT_THREE(0.00)[3]; IP_SCORE(-1.72)[ipnet: 5.45.192.0/18(-4.82), asn: 13238(-3.79), country: RU(0.01)]; DKIM_TRACE(0.00)[ipfw.ru:+]; TO_DN_EQ_ADDR_ALL(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[251.198.45.5.list.dnswl.org : 127.0.5.1]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:13238, ipnet:5.45.192.0/18, country:RU]; RCVD_TLS_LAST(0.00)[] X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Dec 2019 09:27:04 -0000 19.12.2019, 09:19, "Alexander V. Chernikov" : > Author: melifaro > Date: Thu Dec 19 09:19:27 2019 > New Revision: 355908 > URL: https://svnweb.freebsd.org/changeset/base/355908 > > Log: >   svn-commit.tmp Should have been ipfw: Don't rollback state in alloc_table_vidx() if atomicity is not required. Submitted by: Neel Chauhan MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D22662 > > Modified: >   head/sys/netpfil/ipfw/ip_fw_table.c >   head/sys/netpfil/ipfw/ip_fw_table.h >   head/sys/netpfil/ipfw/ip_fw_table_value.c > > Modified: head/sys/netpfil/ipfw/ip_fw_table.c > ============================================================================== > --- head/sys/netpfil/ipfw/ip_fw_table.c Thu Dec 19 08:52:16 2019 (r355907) > +++ head/sys/netpfil/ipfw/ip_fw_table.c Thu Dec 19 09:19:27 2019 (r355908) > @@ -623,7 +623,7 @@ restart: >           * >           * May release/reacquire UH_WLOCK. >           */ > - error = ipfw_link_table_values(ch, &ts); > + error = ipfw_link_table_values(ch, &ts, flags); >          if (error != 0) >                  goto cleanup; >          if (ts.modified != 0) > @@ -654,6 +654,14 @@ restart: >                  num = 0; >                  /* check limit before adding */ >                  if ((error = check_table_limit(tc, ptei)) == 0) { > + /* > + * It should be safe to insert a record w/o > + * a properly-linked value if atomicity is > + * not required. > + * > + * If the added item does not have a valid value > + * index, it would get rejected by ta->add(). > + * */ >                          error = ta->add(tc->astate, KIDX_TO_TI(ch, kidx), >                              ptei, v, &num); >                          /* Set status flag to inform userland */ > > Modified: head/sys/netpfil/ipfw/ip_fw_table.h > ============================================================================== > --- head/sys/netpfil/ipfw/ip_fw_table.h Thu Dec 19 08:52:16 2019 (r355907) > +++ head/sys/netpfil/ipfw/ip_fw_table.h Thu Dec 19 09:19:27 2019 (r355908) > @@ -168,7 +168,8 @@ struct table_config; >  struct tableop_state; >  void ipfw_table_value_init(struct ip_fw_chain *ch, int first); >  void ipfw_table_value_destroy(struct ip_fw_chain *ch, int last); > -int ipfw_link_table_values(struct ip_fw_chain *ch, struct tableop_state *ts); > +int ipfw_link_table_values(struct ip_fw_chain *ch, struct tableop_state *ts, > + uint8_t flags); >  void ipfw_garbage_table_values(struct ip_fw_chain *ch, struct table_config *tc, >      struct tentry_info *tei, uint32_t count, int rollback); >  void ipfw_import_table_value_v1(ipfw_table_value *iv); > > Modified: head/sys/netpfil/ipfw/ip_fw_table_value.c > ============================================================================== > --- head/sys/netpfil/ipfw/ip_fw_table_value.c Thu Dec 19 08:52:16 2019 (r355907) > +++ head/sys/netpfil/ipfw/ip_fw_table_value.c Thu Dec 19 09:19:27 2019 (r355908) > @@ -363,7 +363,7 @@ rollback_table_values(struct tableop_state *ts) >   */ >  static int >  alloc_table_vidx(struct ip_fw_chain *ch, struct tableop_state *ts, > - struct namedobj_instance *vi, uint16_t *pvidx) > + struct namedobj_instance *vi, uint16_t *pvidx, uint8_t flags) >  { >          int error, vlimit; >          uint16_t vidx; > @@ -384,16 +384,13 @@ alloc_table_vidx(struct ip_fw_chain *ch, struct tableo >          } > >          vlimit = ts->ta->vlimit; > - if (vlimit != 0 && vidx >= vlimit) { > + if (vlimit != 0 && vidx >= vlimit && !(flags & IPFW_CTF_ATOMIC)) { > >                  /* >                   * Algorithm is not able to store given index. >                   * We have to rollback state, start using >                   * per-table value array or return error >                   * if we're already using it. > - * > - * TODO: do not rollback state if > - * atomicity is not required. >                   */ >                  if (ts->vshared != 0) { >                          /* shared -> per-table */ > @@ -426,9 +423,10 @@ ipfw_garbage_table_values(struct ip_fw_chain *ch, stru >           * either (1) we are successful / partially successful, >           * in that case we need >           * * to ignore ADDED entries values > - * * rollback every other values (either UPDATED since > - * old value has been stored there, or some failure like > - * EXISTS or LIMIT or simply "ignored" case. > + * * rollback every other values if atomicity is not > + * * required (either UPDATED since old value has been > + * stored there, or some failure like EXISTS or LIMIT > + * or simply "ignored" case. >           * >           * (2): atomic rollback of partially successful operation >           * in that case we simply need to unref all entries. > @@ -473,7 +471,8 @@ ipfw_garbage_table_values(struct ip_fw_chain *ch, stru >   * Success: return 0. >   */ >  int > -ipfw_link_table_values(struct ip_fw_chain *ch, struct tableop_state *ts) > +ipfw_link_table_values(struct ip_fw_chain *ch, struct tableop_state *ts, > + uint8_t flags) >  { >          int error, i, found; >          struct namedobj_instance *vi; > @@ -577,7 +576,7 @@ ipfw_link_table_values(struct ip_fw_chain *ch, struct >                  } > >                  /* May perform UH unlock/lock */ > - error = alloc_table_vidx(ch, ts, vi, &vidx); > + error = alloc_table_vidx(ch, ts, vi, &vidx, flags); >                  if (error != 0) { >                          ts->opstate.func(ts->tc, &ts->opstate); >                          return (error);