From owner-dev-commits-src-branches@freebsd.org  Fri Jul  9 13:24:25 2021
Return-Path: <owner-dev-commits-src-branches@freebsd.org>
Delivered-To: dev-commits-src-branches@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9597965FABA;
 Fri,  9 Jul 2021 13:24:25 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4GLv5P2KXnz3Jc9;
 Fri,  9 Jul 2021 13:24:25 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:5])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2EFA31566D;
 Fri,  9 Jul 2021 13:24:25 +0000 (UTC) (envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
 by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 169DOP8P063370;
 Fri, 9 Jul 2021 13:24:25 GMT (envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
 by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 169DOPmW063369;
 Fri, 9 Jul 2021 13:24:25 GMT (envelope-from git)
Date: Fri, 9 Jul 2021 13:24:25 GMT
Message-Id: <202107091324.169DOPmW063369@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
 dev-commits-src-branches@FreeBSD.org
From: Kristof Provost <kp@FreeBSD.org>
Subject: git: 63a8dc255208 - stable/12 - pf: Reduce the data returned in
 DIOCGETSTATESNV
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: kp
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/12
X-Git-Reftype: branch
X-Git-Commit: 63a8dc255208692f022beff22f38ae16ea51565b
Auto-Submitted: auto-generated
X-BeenThere: dev-commits-src-branches@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Commits to the stable branches of the FreeBSD src repository
 <dev-commits-src-branches.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/dev-commits-src-branches/>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Help: <mailto:dev-commits-src-branches-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/dev-commits-src-branches>, 
 <mailto:dev-commits-src-branches-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Jul 2021 13:24:26 -0000

The branch stable/12 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=63a8dc255208692f022beff22f38ae16ea51565b

commit 63a8dc255208692f022beff22f38ae16ea51565b
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2021-06-29 08:26:40 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2021-07-09 08:07:52 +0000

    pf: Reduce the data returned in DIOCGETSTATESNV
    
    This call is particularly slow due to the large amount of data it
    returns. Remove all fields pfctl does not use. There is no functional
    impact to pfctl, but it somewhat speeds up the call.
    
    It might affect other (i.e. non-FreeBSD) code that uses the new
    interface, but this call is very new, so there's unlikely to be any. No
    releases contained the previous version, so we choose to live with the
    ABI modification.
    
    Reviewed by:    donner
    MFC after:      1 week
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    Differential Revision:  https://reviews.freebsd.org/D30944
    
    (cherry picked from commit 34285eefddc99c994c3e5374ba7836cc7cfc8e2e)
---
 lib/libpfctl/libpfctl.c | 22 ----------------------
 lib/libpfctl/libpfctl.h | 12 ------------
 sys/netpfil/pf/pf_nv.c  | 34 +---------------------------------
 3 files changed, 1 insertion(+), 67 deletions(-)

diff --git a/lib/libpfctl/libpfctl.c b/lib/libpfctl/libpfctl.c
index 52cd0ed7f36c..524e2472238e 100644
--- a/lib/libpfctl/libpfctl.c
+++ b/lib/libpfctl/libpfctl.c
@@ -636,35 +636,15 @@ pfctl_nv_add_state_cmp(nvlist_t *nvl, const char *name,
 	nvlist_destroy(nv);
 }
 
-static void
-pf_nvstate_scrub_to_state_scrub(const nvlist_t *nvl,
-    struct pfctl_state_scrub *scrub)
-{
-	bzero(scrub, sizeof(*scrub));
-
-	scrub->timestamp = nvlist_get_bool(nvl, "timestamp");
-	scrub->ttl = nvlist_get_number(nvl, "ttl");
-	scrub->ts_mod = nvlist_get_number(nvl, "ts_mod");
-}
-
 static void
 pf_nvstate_peer_to_state_peer(const nvlist_t *nvl,
     struct pfctl_state_peer *peer)
 {
 	bzero(peer, sizeof(*peer));
 
-	if (nvlist_exists_nvlist(nvl, "scrub")) {
-		peer->scrub = malloc(sizeof(*peer->scrub));
-		pf_nvstate_scrub_to_state_scrub(
-		    nvlist_get_nvlist(nvl, "scrub"),
-		    peer->scrub);
-	}
-
 	peer->seqlo = nvlist_get_number(nvl, "seqlo");
 	peer->seqhi = nvlist_get_number(nvl, "seqhi");
 	peer->seqdiff = nvlist_get_number(nvl, "seqdiff");
-	peer->max_win = nvlist_get_number(nvl, "max_win");
-	peer->mss = nvlist_get_number(nvl, "mss");
 	peer->state = nvlist_get_number(nvl, "state");
 	peer->wscale = nvlist_get_number(nvl, "wscale");
 }
@@ -721,9 +701,7 @@ pf_nvstate_to_state(const nvlist_t *nvl, struct pfctl_state *s)
 	pf_nvuint_64_array(nvl, "packets", 2, s->packets, NULL);
 	pf_nvuint_64_array(nvl, "bytes", 2, s->bytes, NULL);
 
-	s->log = nvlist_get_number(nvl, "log");
 	s->state_flags = nvlist_get_number(nvl, "state_flags");
-	s->timeout = nvlist_get_number(nvl, "timeout");
 	s->sync_flags = nvlist_get_number(nvl, "sync_flags");
 }
 
diff --git a/lib/libpfctl/libpfctl.h b/lib/libpfctl/libpfctl.h
index a54ee9db6ec7..62866e17f904 100644
--- a/lib/libpfctl/libpfctl.h
+++ b/lib/libpfctl/libpfctl.h
@@ -197,19 +197,10 @@ struct pfctl_kill {
 	bool			kill_match;
 };
 
-struct pfctl_state_scrub {
-	bool		timestamp;
-	uint8_t		ttl;
-	uint32_t	ts_mod;
-};
-
 struct pfctl_state_peer {
-	struct pfctl_state_scrub	*scrub;
 	uint32_t			 seqlo;
 	uint32_t			 seqhi;
 	uint32_t			 seqdiff;
-	uint16_t			 max_win;
-	uint16_t			 mss;
 	uint8_t				 state;
 	uint8_t				 wscale;
 };
@@ -243,10 +234,7 @@ struct pfctl_state {
 	uint32_t		 creation;
 	uint32_t		 expire;
 	uint32_t		 pfsync_time;
-	uint16_t		 tag;
-	uint8_t			 log;
 	uint8_t			 state_flags;
-	uint8_t			 timeout;
 	uint32_t		 sync_flags;
 };
 
diff --git a/sys/netpfil/pf/pf_nv.c b/sys/netpfil/pf/pf_nv.c
index 553290c88586..e52d52642eab 100644
--- a/sys/netpfil/pf/pf_nv.c
+++ b/sys/netpfil/pf/pf_nv.c
@@ -874,52 +874,22 @@ errout:
 	return (NULL);
 }
 
-static nvlist_t *
-pf_state_scrub_to_nvstate_scrub(const struct pf_state_scrub *scrub)
-{
-	nvlist_t *nvl;
-
-	nvl = nvlist_create(0);
-	if (nvl == NULL)
-		return (NULL);
-
-	nvlist_add_bool(nvl, "timestamp", scrub->pfss_flags & PFSS_TIMESTAMP);
-	nvlist_add_number(nvl, "ttl", scrub->pfss_ttl);
-	nvlist_add_number(nvl, "ts_mod", scrub->pfss_ts_mod);
-
-	return (nvl);
-}
-
 static nvlist_t *
 pf_state_peer_to_nvstate_peer(const struct pf_state_peer *peer)
 {
-	nvlist_t *nvl, *tmp;
+	nvlist_t *nvl;
 
 	nvl = nvlist_create(0);
 	if (nvl == NULL)
 		return (NULL);
 
-	if (peer->scrub) {
-		tmp = pf_state_scrub_to_nvstate_scrub(peer->scrub);
-		if (tmp == NULL)
-			goto errout;
-		nvlist_add_nvlist(nvl, "scrub", tmp);
-		nvlist_destroy(tmp);
-	}
-
 	nvlist_add_number(nvl, "seqlo", peer->seqlo);
 	nvlist_add_number(nvl, "seqhi", peer->seqhi);
 	nvlist_add_number(nvl, "seqdiff", peer->seqdiff);
-	nvlist_add_number(nvl, "max_win", peer->max_win);
-	nvlist_add_number(nvl, "mss", peer->mss);
 	nvlist_add_number(nvl, "state", peer->state);
 	nvlist_add_number(nvl, "wscale", peer->wscale);
 
 	return (nvl);
-
-errout:
-	nvlist_destroy(nvl);
-	return (NULL);
 }
 
 nvlist_t *
@@ -989,9 +959,7 @@ pf_state_to_nvstate(const struct pf_state *s)
 
 	nvlist_add_number(nvl, "creatorid", s->creatorid);
 	nvlist_add_number(nvl, "direction", s->direction);
-	nvlist_add_number(nvl, "log", s->log);
 	nvlist_add_number(nvl, "state_flags", s->state_flags);
-	nvlist_add_number(nvl, "timeout", s->timeout);
 	if (s->src_node)
 		flags |= PFSYNC_FLAG_SRCNODE;
 	if (s->nat_src_node)