diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h --- a/sys/net/pfvar.h +++ b/sys/net/pfvar.h @@ -501,10 +501,10 @@ u_int8_t pad[2]; LIST_ENTRY(pf_state_key) entry; - TAILQ_HEAD(, pf_state) states[2]; + TAILQ_HEAD(, pf_kstate) states[2]; }; -/* Keep synced with struct pf_state. */ +/* Keep synced with struct pf_kstate. */ struct pf_state_cmp { u_int64_t id; u_int32_t creatorid; @@ -521,16 +521,16 @@ #define PFSTATE_SETMASK (PFSTATE_SETPRIO) #ifdef _KERNEL -struct pf_state { +struct pf_kstate { u_int64_t id; u_int32_t creatorid; u_int8_t direction; u_int8_t pad[3]; u_int refs; - TAILQ_ENTRY(pf_state) sync_list; - TAILQ_ENTRY(pf_state) key_list[2]; - LIST_ENTRY(pf_state) entry; + TAILQ_ENTRY(pf_kstate) sync_list; + TAILQ_ENTRY(pf_kstate) key_list[2]; + LIST_ENTRY(pf_kstate) entry; struct pf_state_peer src; struct pf_state_peer dst; union pf_krule_ptr rule; @@ -562,7 +562,7 @@ /* * Size <= fits 13 objects per page on LP64. Try to not grow the struct beyond that. */ -_Static_assert(sizeof(struct pf_state) <= 312, "pf_state size crosses 312 bytes"); +_Static_assert(sizeof(struct pf_kstate) <= 312, "pf_kstate size crosses 312 bytes"); #endif /* @@ -623,11 +623,11 @@ #ifdef _KERNEL /* pfsync */ typedef int pfsync_state_import_t(struct pfsync_state *, u_int8_t); -typedef void pfsync_insert_state_t(struct pf_state *); -typedef void pfsync_update_state_t(struct pf_state *); -typedef void pfsync_delete_state_t(struct pf_state *); +typedef void pfsync_insert_state_t(struct pf_kstate *); +typedef void pfsync_update_state_t(struct pf_kstate *); +typedef void pfsync_delete_state_t(struct pf_kstate *); typedef void pfsync_clear_states_t(u_int32_t, const char *); -typedef int pfsync_defer_t(struct pf_state *, struct mbuf *); +typedef int pfsync_defer_t(struct pf_kstate *, struct mbuf *); typedef void pfsync_detach_ifnet_t(struct ifnet *); VNET_DECLARE(pfsync_state_import_t *, pfsync_state_import_ptr); @@ -645,7 +645,7 @@ extern pfsync_detach_ifnet_t *pfsync_detach_ifnet_ptr; void pfsync_state_export(struct pfsync_state *, - struct pf_state *); + struct pf_kstate *); /* pflog */ struct pf_kruleset; @@ -1474,7 +1474,7 @@ }; struct pf_idhash { - LIST_HEAD(, pf_state) states; + LIST_HEAD(, pf_kstate) states; struct mtx lock; }; @@ -1548,26 +1548,26 @@ extern void pf_intr(void *); extern void pf_purge_expired_src_nodes(void); -extern int pf_unlink_state(struct pf_state *, u_int); +extern int pf_unlink_state(struct pf_kstate *, u_int); #define PF_ENTER_LOCKED 0x00000001 #define PF_RETURN_LOCKED 0x00000002 extern int pf_state_insert(struct pfi_kkif *, struct pfi_kkif *, struct pf_state_key *, struct pf_state_key *, - struct pf_state *); -extern struct pf_state *pf_alloc_state(int); -extern void pf_free_state(struct pf_state *); + struct pf_kstate *); +extern struct pf_kstate *pf_alloc_state(int); +extern void pf_free_state(struct pf_kstate *); static __inline void -pf_ref_state(struct pf_state *s) +pf_ref_state(struct pf_kstate *s) { refcount_acquire(&s->refs); } static __inline int -pf_release_state(struct pf_state *s) +pf_release_state(struct pf_kstate *s) { if (refcount_release(&s->refs)) { @@ -1578,7 +1578,7 @@ } static __inline int -pf_release_staten(struct pf_state *s, u_int n) +pf_release_staten(struct pf_kstate *s, u_int n) { if (refcount_releasen(&s->refs, n)) { @@ -1588,14 +1588,14 @@ return (0); } -extern struct pf_state *pf_find_state_byid(uint64_t, uint32_t); -extern struct pf_state *pf_find_state_all(struct pf_state_key_cmp *, +extern struct pf_kstate *pf_find_state_byid(uint64_t, uint32_t); +extern struct pf_kstate *pf_find_state_all(struct pf_state_key_cmp *, u_int, int *); extern struct pf_ksrc_node *pf_find_src_node(struct pf_addr *, struct pf_krule *, sa_family_t, int); extern void pf_unlink_src_node(struct pf_ksrc_node *); extern u_int pf_free_src_nodes(struct pf_ksrc_node_list *); -extern void pf_print_state(struct pf_state *); +extern void pf_print_state(struct pf_kstate *); extern void pf_print_flags(u_int8_t); extern u_int16_t pf_cksum_fixup(u_int16_t, u_int16_t, u_int16_t, u_int8_t); @@ -1626,7 +1626,7 @@ int pf_refragment6(struct ifnet *, struct mbuf **, struct m_tag *); #endif /* INET6 */ -u_int32_t pf_new_isn(struct pf_state *); +u_int32_t pf_new_isn(struct pf_kstate *); void *pf_pull_hdr(struct mbuf *, int, void *, int, u_short *, u_short *, sa_family_t); void pf_change_a(void *, u_int16_t *, u_int32_t, u_int8_t); @@ -1637,7 +1637,7 @@ bool, u_int8_t); void pf_patch_32_unaligned(struct mbuf *, u_int16_t *, void *, u_int32_t, bool, u_int8_t); -void pf_send_deferred_syn(struct pf_state *); +void pf_send_deferred_syn(struct pf_kstate *); int pf_match_addr(u_int8_t, struct pf_addr *, struct pf_addr *, struct pf_addr *, sa_family_t); int pf_match_addr_range(struct pf_addr *, struct pf_addr *, @@ -1648,14 +1648,14 @@ void pf_normalize_cleanup(void); int pf_normalize_tcp(int, struct pfi_kkif *, struct mbuf *, int, int, void *, struct pf_pdesc *); -void pf_normalize_tcp_cleanup(struct pf_state *); +void pf_normalize_tcp_cleanup(struct pf_kstate *); int pf_normalize_tcp_init(struct mbuf *, int, struct pf_pdesc *, struct tcphdr *, struct pf_state_peer *, struct pf_state_peer *); int pf_normalize_tcp_stateful(struct mbuf *, int, struct pf_pdesc *, - u_short *, struct tcphdr *, struct pf_state *, + u_short *, struct tcphdr *, struct pf_kstate *, struct pf_state_peer *, struct pf_state_peer *, int *); u_int32_t - pf_state_expires(const struct pf_state *); + pf_state_expires(const struct pf_kstate *); void pf_purge_expired_fragments(void); void pf_purge_fragments(uint32_t); int pf_routable(struct pf_addr *addr, sa_family_t af, struct pfi_kkif *, diff --git a/sys/netpfil/pf/if_pfsync.c b/sys/netpfil/pf/if_pfsync.c --- a/sys/netpfil/pf/if_pfsync.c +++ b/sys/netpfil/pf/if_pfsync.c @@ -115,7 +115,7 @@ u_int8_t flags; }; -static int pfsync_upd_tcp(struct pf_state *, struct pfsync_state_peer *, +static int pfsync_upd_tcp(struct pf_kstate *, struct pfsync_state_peer *, struct pfsync_state_peer *); static int pfsync_in_clr(struct pfsync_pkt *, struct mbuf *, int, int); static int pfsync_in_ins(struct pfsync_pkt *, struct mbuf *, int, int); @@ -147,16 +147,16 @@ }; struct pfsync_q { - void (*write)(struct pf_state *, void *); + void (*write)(struct pf_kstate *, void *); size_t len; u_int8_t action; }; /* we have one of these for every PFSYNC_S_ */ -static void pfsync_out_state(struct pf_state *, void *); -static void pfsync_out_iack(struct pf_state *, void *); -static void pfsync_out_upd_c(struct pf_state *, void *); -static void pfsync_out_del(struct pf_state *, void *); +static void pfsync_out_state(struct pf_kstate *, void *); +static void pfsync_out_iack(struct pf_kstate *, void *); +static void pfsync_out_upd_c(struct pf_kstate *, void *); +static void pfsync_out_del(struct pf_kstate *, void *); static struct pfsync_q pfsync_qs[] = { { pfsync_out_state, sizeof(struct pfsync_state), PFSYNC_ACT_INS }, @@ -166,10 +166,10 @@ { pfsync_out_del, sizeof(struct pfsync_del_c), PFSYNC_ACT_DEL_C } }; -static void pfsync_q_ins(struct pf_state *, int, bool); -static void pfsync_q_del(struct pf_state *, bool, struct pfsync_bucket *); +static void pfsync_q_ins(struct pf_kstate *, int, bool); +static void pfsync_q_del(struct pf_kstate *, bool, struct pfsync_bucket *); -static void pfsync_update_state(struct pf_state *); +static void pfsync_update_state(struct pf_kstate *); struct pfsync_upd_req_item { TAILQ_ENTRY(pfsync_upd_req_item) ur_entry; @@ -182,7 +182,7 @@ u_int pd_refs; struct callout pd_tmo; - struct pf_state *pd_st; + struct pf_kstate *pd_st; struct mbuf *pd_m; }; @@ -198,7 +198,7 @@ #define PFSYNCF_BUCKET_PUSH 0x00000001 size_t b_len; - TAILQ_HEAD(, pf_state) b_qs[PFSYNC_S_COUNT]; + TAILQ_HEAD(, pf_kstate) b_qs[PFSYNC_S_COUNT]; TAILQ_HEAD(, pfsync_upd_req_item) b_upd_req_list; TAILQ_HEAD(, pfsync_deferral) b_deferrals; u_int b_deferred; @@ -291,13 +291,13 @@ const struct sockaddr *, struct route *); static int pfsyncioctl(struct ifnet *, u_long, caddr_t); -static int pfsync_defer(struct pf_state *, struct mbuf *); +static int pfsync_defer(struct pf_kstate *, struct mbuf *); static void pfsync_undefer(struct pfsync_deferral *, int); -static void pfsync_undefer_state(struct pf_state *, int); +static void pfsync_undefer_state(struct pf_kstate *, int); static void pfsync_defer_tmo(void *); static void pfsync_request_update(u_int32_t, u_int64_t); -static bool pfsync_update_state_req(struct pf_state *); +static bool pfsync_update_state_req(struct pf_kstate *); static void pfsync_drop(struct pfsync_softc *); static void pfsync_sendout(int, int); @@ -313,7 +313,7 @@ static void pfsync_update_net_tdb(struct pfsync_tdb *); #endif static struct pfsync_bucket *pfsync_get_bucket(struct pfsync_softc *, - struct pf_state *); + struct pf_kstate *); #define PFSYNC_MAX_BULKTRIES 12 @@ -461,7 +461,7 @@ struct pfsync_state_key key[2]; #endif struct pfsync_state_key *kw, *ks; - struct pf_state *st = NULL; + struct pf_kstate *st = NULL; struct pf_state_key *skw = NULL, *sks = NULL; struct pf_krule *r = NULL; struct pfi_kkif *kif; @@ -753,7 +753,7 @@ for (int i = 0; i <= pf_hashmask; i++) { struct pf_idhash *ih = &V_pf_idhash[i]; - struct pf_state *s; + struct pf_kstate *s; relock: PF_HASHROW_LOCK(ih); LIST_FOREACH(s, &ih->states, entry) { @@ -812,7 +812,7 @@ pfsync_in_iack(struct pfsync_pkt *pkt, struct mbuf *m, int offset, int count) { struct pfsync_ins_ack *ia, *iaa; - struct pf_state *st; + struct pf_kstate *st; struct mbuf *mp; int len = count * sizeof(*ia); @@ -846,7 +846,7 @@ } static int -pfsync_upd_tcp(struct pf_state *st, struct pfsync_state_peer *src, +pfsync_upd_tcp(struct pf_kstate *st, struct pfsync_state_peer *src, struct pfsync_state_peer *dst) { int sync = 0; @@ -884,7 +884,7 @@ { struct pfsync_softc *sc = V_pfsyncif; struct pfsync_state *sa, *sp; - struct pf_state *st; + struct pf_kstate *st; int sync; struct mbuf *mp; @@ -970,7 +970,7 @@ { struct pfsync_softc *sc = V_pfsyncif; struct pfsync_upd_c *ua, *up; - struct pf_state *st; + struct pf_kstate *st; int len = count * sizeof(*up); int sync; struct mbuf *mp; @@ -1060,7 +1060,7 @@ int len = count * sizeof(*ur); int i, offp; - struct pf_state *st; + struct pf_kstate *st; mp = m_pulldown(m, offset, len, &offp); if (mp == NULL) { @@ -1098,7 +1098,7 @@ { struct mbuf *mp; struct pfsync_state *sa, *sp; - struct pf_state *st; + struct pf_kstate *st; int len = count * sizeof(*sp); int offp, i; @@ -1129,7 +1129,7 @@ { struct mbuf *mp; struct pfsync_del_c *sa, *sp; - struct pf_state *st; + struct pf_kstate *st; int len = count * sizeof(*sp); int offp, i; @@ -1480,7 +1480,7 @@ } static void -pfsync_out_state(struct pf_state *st, void *buf) +pfsync_out_state(struct pf_kstate *st, void *buf) { struct pfsync_state *sp = buf; @@ -1488,7 +1488,7 @@ } static void -pfsync_out_iack(struct pf_state *st, void *buf) +pfsync_out_iack(struct pf_kstate *st, void *buf) { struct pfsync_ins_ack *iack = buf; @@ -1497,7 +1497,7 @@ } static void -pfsync_out_upd_c(struct pf_state *st, void *buf) +pfsync_out_upd_c(struct pf_kstate *st, void *buf) { struct pfsync_upd_c *up = buf; @@ -1510,7 +1510,7 @@ } static void -pfsync_out_del(struct pf_state *st, void *buf) +pfsync_out_del(struct pf_kstate *st, void *buf) { struct pfsync_del_c *dp = buf; @@ -1522,7 +1522,7 @@ static void pfsync_drop(struct pfsync_softc *sc) { - struct pf_state *st, *next; + struct pf_kstate *st, *next; struct pfsync_upd_req_item *ur; struct pfsync_bucket *b; int c, q; @@ -1562,7 +1562,7 @@ struct ip *ip; struct pfsync_header *ph; struct pfsync_subheader *subh; - struct pf_state *st, *st_next; + struct pf_kstate *st, *st_next; struct pfsync_upd_req_item *ur; struct pfsync_bucket *b = &sc->sc_buckets[c]; int offset; @@ -1702,7 +1702,7 @@ } static void -pfsync_insert_state(struct pf_state *st) +pfsync_insert_state(struct pf_kstate *st) { struct pfsync_softc *sc = V_pfsyncif; struct pfsync_bucket *b = pfsync_get_bucket(sc, st); @@ -1730,7 +1730,7 @@ } static int -pfsync_defer(struct pf_state *st, struct mbuf *m) +pfsync_defer(struct pf_kstate *st, struct mbuf *m) { struct pfsync_softc *sc = V_pfsyncif; struct pfsync_deferral *pd; @@ -1778,7 +1778,7 @@ { struct pfsync_softc *sc = pd->pd_sc; struct mbuf *m = pd->pd_m; - struct pf_state *st = pd->pd_st; + struct pf_kstate *st = pd->pd_st; struct pfsync_bucket *b = pfsync_get_bucket(sc, st); PFSYNC_BUCKET_LOCK_ASSERT(b); @@ -1804,7 +1804,7 @@ struct pfsync_deferral *pd = arg; struct pfsync_softc *sc = pd->pd_sc; struct mbuf *m = pd->pd_m; - struct pf_state *st = pd->pd_st; + struct pf_kstate *st = pd->pd_st; struct pfsync_bucket *b = pfsync_get_bucket(sc, st); PFSYNC_BUCKET_LOCK_ASSERT(b); @@ -1828,7 +1828,7 @@ } static void -pfsync_undefer_state(struct pf_state *st, int drop) +pfsync_undefer_state(struct pf_kstate *st, int drop) { struct pfsync_softc *sc = V_pfsyncif; struct pfsync_deferral *pd; @@ -1851,14 +1851,14 @@ } static struct pfsync_bucket* -pfsync_get_bucket(struct pfsync_softc *sc, struct pf_state *st) +pfsync_get_bucket(struct pfsync_softc *sc, struct pf_kstate *st) { int c = PF_IDHASH(st) % pfsync_buckets; return &sc->sc_buckets[c]; } static void -pfsync_update_state(struct pf_state *st) +pfsync_update_state(struct pf_kstate *st) { struct pfsync_softc *sc = V_pfsyncif; bool sync = false, ref = true; @@ -1956,7 +1956,7 @@ } static bool -pfsync_update_state_req(struct pf_state *st) +pfsync_update_state_req(struct pf_kstate *st) { struct pfsync_softc *sc = V_pfsyncif; bool ref = true, full = false; @@ -2003,7 +2003,7 @@ } static void -pfsync_delete_state(struct pf_state *st) +pfsync_delete_state(struct pf_kstate *st) { struct pfsync_softc *sc = V_pfsyncif; struct pfsync_bucket *b = pfsync_get_bucket(sc, st); @@ -2067,7 +2067,7 @@ } static void -pfsync_q_ins(struct pf_state *st, int q, bool ref) +pfsync_q_ins(struct pf_kstate *st, int q, bool ref) { struct pfsync_softc *sc = V_pfsyncif; size_t nlen = pfsync_qs[q].len; @@ -2097,7 +2097,7 @@ } static void -pfsync_q_del(struct pf_state *st, bool unref, struct pfsync_bucket *b) +pfsync_q_del(struct pf_kstate *st, bool unref, struct pfsync_bucket *b) { int q = st->sync_state; @@ -2137,7 +2137,7 @@ pfsync_bulk_update(void *arg) { struct pfsync_softc *sc = arg; - struct pf_state *s; + struct pf_kstate *s; int i, sent = 0; PFSYNC_BLOCK_ASSERT(sc); diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -115,12 +115,12 @@ SDT_PROVIDER_DEFINE(pf); SDT_PROBE_DEFINE4(pf, ip, test, done, "int", "int", "struct pf_krule *", - "struct pf_state *"); + "struct pf_kstate *"); SDT_PROBE_DEFINE4(pf, ip, test6, done, "int", "int", "struct pf_krule *", - "struct pf_state *"); + "struct pf_kstate *"); SDT_PROBE_DEFINE5(pf, ip, state, lookup, "struct pfi_kkif *", "struct pf_state_key_cmp *", "int", "struct pf_pdesc *", - "struct pf_state *"); + "struct pf_kstate *"); /* * Global variables @@ -228,7 +228,7 @@ #define PFID_MAXID (~PFID_CPUMASK) CTASSERT((1 << PFID_CPUBITS) >= MAXCPU); -static void pf_src_tree_remove_state(struct pf_state *); +static void pf_src_tree_remove_state(struct pf_kstate *); static void pf_init_threshold(struct pf_threshold *, u_int32_t, u_int32_t); static void pf_add_threshold(struct pf_threshold *); @@ -251,13 +251,13 @@ u_int16_t, struct ifnet *); static void pf_send_icmp(struct mbuf *, u_int8_t, u_int8_t, sa_family_t, struct pf_krule *); -static void pf_detach_state(struct pf_state *); +static void pf_detach_state(struct pf_kstate *); static int pf_state_key_attach(struct pf_state_key *, - struct pf_state_key *, struct pf_state *); -static void pf_state_key_detach(struct pf_state *, int); + struct pf_state_key *, struct pf_kstate *); +static void pf_state_key_detach(struct pf_kstate *, int); static int pf_state_key_ctor(void *, int, void *, int); static u_int32_t pf_tcp_iss(struct pf_pdesc *); -static int pf_test_rule(struct pf_krule **, struct pf_state **, +static int pf_test_rule(struct pf_krule **, struct pf_kstate **, int, struct pfi_kkif *, struct mbuf *, int, struct pf_pdesc *, struct pf_krule **, struct pf_kruleset **, struct inpcb *); @@ -266,29 +266,29 @@ struct pf_ksrc_node *, struct pf_state_key *, struct pf_state_key *, struct mbuf *, int, u_int16_t, u_int16_t, int *, struct pfi_kkif *, - struct pf_state **, int, u_int16_t, u_int16_t, + struct pf_kstate **, int, u_int16_t, u_int16_t, int); static int pf_test_fragment(struct pf_krule **, int, struct pfi_kkif *, struct mbuf *, void *, struct pf_pdesc *, struct pf_krule **, struct pf_kruleset **); static int pf_tcp_track_full(struct pf_state_peer *, - struct pf_state_peer *, struct pf_state **, + struct pf_state_peer *, struct pf_kstate **, struct pfi_kkif *, struct mbuf *, int, struct pf_pdesc *, u_short *, int *); static int pf_tcp_track_sloppy(struct pf_state_peer *, - struct pf_state_peer *, struct pf_state **, + struct pf_state_peer *, struct pf_kstate **, struct pf_pdesc *, u_short *); -static int pf_test_state_tcp(struct pf_state **, int, +static int pf_test_state_tcp(struct pf_kstate **, int, struct pfi_kkif *, struct mbuf *, int, void *, struct pf_pdesc *, u_short *); -static int pf_test_state_udp(struct pf_state **, int, +static int pf_test_state_udp(struct pf_kstate **, int, struct pfi_kkif *, struct mbuf *, int, void *, struct pf_pdesc *); -static int pf_test_state_icmp(struct pf_state **, int, +static int pf_test_state_icmp(struct pf_kstate **, int, struct pfi_kkif *, struct mbuf *, int, void *, struct pf_pdesc *, u_short *); -static int pf_test_state_other(struct pf_state **, int, +static int pf_test_state_other(struct pf_kstate **, int, struct pfi_kkif *, struct mbuf *, struct pf_pdesc *); static u_int8_t pf_get_wscale(struct mbuf *, int, u_int16_t, sa_family_t); @@ -298,15 +298,15 @@ int, u_int16_t); static int pf_check_proto_cksum(struct mbuf *, int, int, u_int8_t, sa_family_t); -static void pf_print_state_parts(struct pf_state *, +static void pf_print_state_parts(struct pf_kstate *, struct pf_state_key *, struct pf_state_key *); static int pf_addr_wrap_neq(struct pf_addr_wrap *, struct pf_addr_wrap *); static void pf_patch_8(struct mbuf *, u_int16_t *, u_int8_t *, u_int8_t, bool, u_int8_t); -static struct pf_state *pf_find_state(struct pfi_kkif *, +static struct pf_kstate *pf_find_state(struct pfi_kkif *, struct pf_state_key_cmp *, u_int); -static int pf_src_connlimit(struct pf_state **); +static int pf_src_connlimit(struct pf_kstate **); static void pf_overload_task(void *v, int pending); static int pf_insert_src_node(struct pf_ksrc_node **, struct pf_krule *, struct pf_addr *, sa_family_t); @@ -316,14 +316,14 @@ static void pf_mtag_free(struct m_tag *); #ifdef INET static void pf_route(struct mbuf **, struct pf_krule *, int, - struct ifnet *, struct pf_state *, + struct ifnet *, struct pf_kstate *, struct pf_pdesc *, struct inpcb *); #endif /* INET */ #ifdef INET6 static void pf_change_a6(struct pf_addr *, u_int16_t *, struct pf_addr *, u_int8_t); static void pf_route6(struct mbuf **, struct pf_krule *, int, - struct ifnet *, struct pf_state *, + struct ifnet *, struct pf_kstate *, struct pf_pdesc *, struct inpcb *); #endif /* INET6 */ @@ -480,7 +480,7 @@ #ifdef ALTQ static int -pf_state_hash(struct pf_state *s) +pf_state_hash(struct pf_kstate *s) { u_int32_t hv = (intptr_t)s / sizeof(*s); @@ -543,7 +543,7 @@ } static int -pf_src_connlimit(struct pf_state **state) +pf_src_connlimit(struct pf_kstate **state) { struct pf_overload_entry *pfoe; int bad = 0; @@ -659,7 +659,7 @@ for (int i = 0; i <= pf_hashmask; i++) { struct pf_idhash *ih = &V_pf_idhash[i]; struct pf_state_key *sk; - struct pf_state *s; + struct pf_kstate *s; PF_HASHROW_LOCK(ih); LIST_FOREACH(s, &ih->states, entry) { @@ -844,7 +844,7 @@ V_pf_hashseed = arc4random(); /* States and state keys storage. */ - V_pf_state_z = uma_zcreate("pf states", sizeof(struct pf_state), + V_pf_state_z = uma_zcreate("pf states", sizeof(struct pf_kstate), NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0); V_pf_limits[PF_LIMIT_STATES].zone = V_pf_state_z; uma_zone_set_max(V_pf_state_z, PFSTATE_HIWAT); @@ -1007,11 +1007,11 @@ static int pf_state_key_attach(struct pf_state_key *skw, struct pf_state_key *sks, - struct pf_state *s) + struct pf_kstate *s) { struct pf_keyhash *khs, *khw, *kh; struct pf_state_key *sk, *cur; - struct pf_state *si, *olds = NULL; + struct pf_kstate *si, *olds = NULL; int idx; KASSERT(s->refs == 0, ("%s: state not pristine", __func__)); @@ -1172,7 +1172,7 @@ } static void -pf_detach_state(struct pf_state *s) +pf_detach_state(struct pf_kstate *s) { struct pf_state_key *sks = s->key[PF_SK_STACK]; struct pf_keyhash *kh; @@ -1203,7 +1203,7 @@ } static void -pf_state_key_detach(struct pf_state *s, int idx) +pf_state_key_detach(struct pf_kstate *s, int idx) { struct pf_state_key *sk = s->key[idx]; #ifdef INVARIANTS @@ -1268,10 +1268,10 @@ int pf_state_insert(struct pfi_kkif *kif, struct pfi_kkif *orig_kif, - struct pf_state_key *skw, struct pf_state_key *sks, struct pf_state *s) + struct pf_state_key *skw, struct pf_state_key *sks, struct pf_kstate *s) { struct pf_idhash *ih; - struct pf_state *cur; + struct pf_kstate *cur; int error; KASSERT(TAILQ_EMPTY(&sks->states[0]) && TAILQ_EMPTY(&sks->states[1]), @@ -1328,11 +1328,11 @@ /* * Find state by ID: returns with locked row on success. */ -struct pf_state * +struct pf_kstate * pf_find_state_byid(uint64_t id, uint32_t creatorid) { struct pf_idhash *ih; - struct pf_state *s; + struct pf_kstate *s; counter_u64_add(V_pf_status.fcounters[FCNT_STATE_SEARCH], 1); @@ -1353,12 +1353,12 @@ * Find state by key. * Returns with ID hash slot locked on success. */ -static struct pf_state * +static struct pf_kstate * pf_find_state(struct pfi_kkif *kif, struct pf_state_key_cmp *key, u_int dir) { struct pf_keyhash *kh; struct pf_state_key *sk; - struct pf_state *s; + struct pf_kstate *s; int idx; counter_u64_add(V_pf_status.fcounters[FCNT_STATE_SEARCH], 1); @@ -1397,12 +1397,12 @@ return (NULL); } -struct pf_state * +struct pf_kstate * pf_find_state_all(struct pf_state_key_cmp *key, u_int dir, int *more) { struct pf_keyhash *kh; struct pf_state_key *sk; - struct pf_state *s, *ret = NULL; + struct pf_kstate *s, *ret = NULL; int idx, inout = 0; counter_u64_add(V_pf_status.fcounters[FCNT_STATE_SEARCH], 1); @@ -1592,7 +1592,7 @@ } u_int32_t -pf_state_expires(const struct pf_state *state) +pf_state_expires(const struct pf_kstate *state) { u_int32_t timeout; u_int32_t start; @@ -1656,7 +1656,7 @@ } static void -pf_src_tree_remove_state(struct pf_state *s) +pf_src_tree_remove_state(struct pf_kstate *s) { struct pf_ksrc_node *sn; struct pf_srchash *sh; @@ -1693,7 +1693,7 @@ * unlocked, since it needs to go through key hash locking. */ int -pf_unlink_state(struct pf_state *s, u_int flags) +pf_unlink_state(struct pf_kstate *s, u_int flags) { struct pf_idhash *ih = &V_pf_idhash[PF_IDHASH(s)]; @@ -1740,7 +1740,7 @@ return (pf_release_staten(s, 2)); } -struct pf_state * +struct pf_kstate * pf_alloc_state(int flags) { @@ -1748,7 +1748,7 @@ } void -pf_free_state(struct pf_state *cur) +pf_free_state(struct pf_kstate *cur) { KASSERT(cur->refs == 0, ("%s: %p has refs", __func__, cur)); @@ -1767,7 +1767,7 @@ pf_purge_expired_states(u_int i, int maxcheck) { struct pf_idhash *ih; - struct pf_state *s; + struct pf_kstate *s; V_pf_status.states = uma_zone_get_cur(V_pf_state_z); @@ -1925,13 +1925,13 @@ } void -pf_print_state(struct pf_state *s) +pf_print_state(struct pf_kstate *s) { pf_print_state_parts(s, NULL, NULL); } static void -pf_print_state_parts(struct pf_state *s, +pf_print_state_parts(struct pf_kstate *s, struct pf_state_key *skwp, struct pf_state_key *sksp) { struct pf_state_key *skw, *sks; @@ -3330,7 +3330,7 @@ } static int -pf_test_rule(struct pf_krule **rm, struct pf_state **sm, int direction, +pf_test_rule(struct pf_krule **rm, struct pf_kstate **sm, int direction, struct pfi_kkif *kif, struct mbuf *m, int off, struct pf_pdesc *pd, struct pf_krule **am, struct pf_kruleset **rsm, struct inpcb *inp) { @@ -3707,10 +3707,10 @@ pf_create_state(struct pf_krule *r, struct pf_krule *nr, struct pf_krule *a, struct pf_pdesc *pd, struct pf_ksrc_node *nsn, struct pf_state_key *nk, struct pf_state_key *sk, struct mbuf *m, int off, u_int16_t sport, - u_int16_t dport, int *rewrite, struct pfi_kkif *kif, struct pf_state **sm, + u_int16_t dport, int *rewrite, struct pfi_kkif *kif, struct pf_kstate **sm, int tag, u_int16_t bproto_sum, u_int16_t bip_sum, int hdrlen) { - struct pf_state *s = NULL; + struct pf_kstate *s = NULL; struct pf_ksrc_node *sn = NULL; struct tcphdr *th = &pd->hdr.tcp; u_int16_t mss = V_tcp_mssdflt; @@ -4049,7 +4049,7 @@ static int pf_tcp_track_full(struct pf_state_peer *src, struct pf_state_peer *dst, - struct pf_state **state, struct pfi_kkif *kif, struct mbuf *m, int off, + struct pf_kstate **state, struct pfi_kkif *kif, struct mbuf *m, int off, struct pf_pdesc *pd, u_short *reason, int *copyback) { struct tcphdr *th = &pd->hdr.tcp; @@ -4375,7 +4375,7 @@ static int pf_tcp_track_sloppy(struct pf_state_peer *src, struct pf_state_peer *dst, - struct pf_state **state, struct pf_pdesc *pd, u_short *reason) + struct pf_kstate **state, struct pf_pdesc *pd, u_short *reason) { struct tcphdr *th = &pd->hdr.tcp; @@ -4445,7 +4445,7 @@ } static int -pf_test_state_tcp(struct pf_state **state, int direction, struct pfi_kkif *kif, +pf_test_state_tcp(struct pf_kstate **state, int direction, struct pfi_kkif *kif, struct mbuf *m, int off, void *h, struct pf_pdesc *pd, u_short *reason) { @@ -4613,7 +4613,7 @@ } static int -pf_test_state_udp(struct pf_state **state, int direction, struct pfi_kkif *kif, +pf_test_state_udp(struct pf_kstate **state, int direction, struct pfi_kkif *kif, struct mbuf *m, int off, void *h, struct pf_pdesc *pd) { struct pf_state_peer *src, *dst; @@ -4680,7 +4680,7 @@ } static int -pf_test_state_icmp(struct pf_state **state, int direction, struct pfi_kkif *kif, +pf_test_state_icmp(struct pf_kstate **state, int direction, struct pfi_kkif *kif, struct mbuf *m, int off, void *h, struct pf_pdesc *pd, u_short *reason) { struct pf_addr *saddr = pd->src, *daddr = pd->dst; @@ -5284,7 +5284,7 @@ } static int -pf_test_state_other(struct pf_state **state, int direction, struct pfi_kkif *kif, +pf_test_state_other(struct pf_kstate **state, int direction, struct pfi_kkif *kif, struct mbuf *m, struct pf_pdesc *pd) { struct pf_state_peer *src, *dst; @@ -5456,7 +5456,7 @@ #ifdef INET static void pf_route(struct mbuf **m, struct pf_krule *r, int dir, struct ifnet *oifp, - struct pf_state *s, struct pf_pdesc *pd, struct inpcb *inp) + struct pf_kstate *s, struct pf_pdesc *pd, struct inpcb *inp) { struct mbuf *m0, *m1; struct sockaddr_in dst; @@ -5644,7 +5644,7 @@ #ifdef INET6 static void pf_route6(struct mbuf **m, struct pf_krule *r, int dir, struct ifnet *oifp, - struct pf_state *s, struct pf_pdesc *pd, struct inpcb *inp) + struct pf_kstate *s, struct pf_pdesc *pd, struct inpcb *inp) { struct mbuf *m0; struct sockaddr_in6 dst; @@ -5933,7 +5933,7 @@ struct ip *h = NULL; struct m_tag *ipfwtag; struct pf_krule *a = NULL, *r = &V_pf_default_rule, *tr, *nr; - struct pf_state *s = NULL; + struct pf_kstate *s = NULL; struct pf_kruleset *ruleset = NULL; struct pf_pdesc pd; int off, dirndx, pqid = 0; @@ -6321,7 +6321,7 @@ struct m_tag *mtag; struct ip6_hdr *h = NULL; struct pf_krule *a = NULL, *r = &V_pf_default_rule, *tr, *nr; - struct pf_state *s = NULL; + struct pf_kstate *s = NULL; struct pf_kruleset *ruleset = NULL; struct pf_pdesc pd; int off, terminal = 0, dirndx, rh_cnt = 0, pqid = 0; diff --git a/sys/netpfil/pf/pf_ioctl.c b/sys/netpfil/pf/pf_ioctl.c --- a/sys/netpfil/pf/pf_ioctl.c +++ b/sys/netpfil/pf/pf_ioctl.c @@ -1957,7 +1957,7 @@ static unsigned int pf_kill_matching_state(struct pf_state_key_cmp *key, int dir) { - struct pf_state *match; + struct pf_kstate *match; int more = 0; unsigned int killed = 0; @@ -1975,7 +1975,7 @@ static int pf_killstates_row(struct pf_kstate_kill *psk, struct pf_idhash *ih) { - struct pf_state *s; + struct pf_kstate *s; struct pf_state_key *sk; struct pf_addr *srcaddr, *dstaddr; struct pf_state_key_cmp match_key; @@ -2807,7 +2807,7 @@ case DIOCGETSTATE: { struct pfioc_state *ps = (struct pfioc_state *)addr; - struct pf_state *s; + struct pf_kstate *s; s = pf_find_state_byid(ps->state.id, ps->state.creatorid); if (s == NULL) { @@ -2827,7 +2827,7 @@ case DIOCGETSTATES: { struct pfioc_states *ps = (struct pfioc_states *)addr; - struct pf_state *s; + struct pf_kstate *s; struct pfsync_state *pstore, *p; int i, nr; @@ -2942,7 +2942,7 @@ case DIOCNATLOOK: { struct pfioc_natlook *pnl = (struct pfioc_natlook *)addr; struct pf_state_key *sk; - struct pf_state *state; + struct pf_kstate *state; struct pf_state_key_cmp key; int m = 0, direction = pnl->direction; int sidx, didx; @@ -4537,7 +4537,7 @@ } void -pfsync_state_export(struct pfsync_state *sp, struct pf_state *st) +pfsync_state_export(struct pfsync_state *sp, struct pf_kstate *st) { bzero(sp, sizeof(struct pfsync_state)); @@ -4618,7 +4618,7 @@ static void pf_clear_all_states(void) { - struct pf_state *s; + struct pf_kstate *s; u_int i; for (i = 0; i <= pf_hashmask; i++) { @@ -4653,7 +4653,7 @@ static void pf_clear_srcnodes(struct pf_ksrc_node *n) { - struct pf_state *s; + struct pf_kstate *s; int i; for (i = 0; i <= pf_hashmask; i++) { @@ -4717,7 +4717,7 @@ for (int i = 0; i <= pf_hashmask; i++) { struct pf_idhash *ih = &V_pf_idhash[i]; - struct pf_state *s; + struct pf_kstate *s; PF_HASHROW_LOCK(ih); LIST_FOREACH(s, &ih->states, entry) { @@ -4771,7 +4771,7 @@ pf_clear_states(const struct pf_kstate_kill *kill) { struct pf_state_key_cmp match_key; - struct pf_state *s; + struct pf_kstate *s; struct pfi_kkif *kif; int idx; unsigned int killed = 0, dir; @@ -4837,7 +4837,7 @@ static int pf_killstates(struct pf_kstate_kill *kill, unsigned int *killed) { - struct pf_state *s; + struct pf_kstate *s; if (kill->psk_pfcmp.id) { if (kill->psk_pfcmp.creatorid == 0) @@ -4976,11 +4976,11 @@ static int pf_getstate(struct pfioc_nv *nv) { - nvlist_t *nvl = NULL, *nvls; - void *nvlpacked = NULL; - struct pf_state *s = NULL; - int error = 0; - uint64_t id, creatorid; + nvlist_t *nvl = NULL, *nvls; + void *nvlpacked = NULL; + struct pf_kstate *s = NULL; + int error = 0; + uint64_t id, creatorid; #define ERROUT(x) ERROUT_FUNCTION(errout, x) @@ -5043,11 +5043,11 @@ static int pf_getstates(struct pfioc_nv *nv) { - nvlist_t *nvl = NULL, *nvls; - void *nvlpacked = NULL; - struct pf_state *s = NULL; - int error = 0; - uint64_t count = 0; + nvlist_t *nvl = NULL, *nvls; + void *nvlpacked = NULL; + struct pf_kstate *s = NULL; + int error = 0; + uint64_t count = 0; #define ERROUT(x) ERROUT_FUNCTION(errout, x) diff --git a/sys/netpfil/pf/pf_norm.c b/sys/netpfil/pf/pf_norm.c --- a/sys/netpfil/pf/pf_norm.c +++ b/sys/netpfil/pf/pf_norm.c @@ -1522,7 +1522,7 @@ } void -pf_normalize_tcp_cleanup(struct pf_state *state) +pf_normalize_tcp_cleanup(struct pf_kstate *state) { if (state->src.scrub) uma_zfree(V_pf_state_scrub_z, state->src.scrub); @@ -1534,7 +1534,7 @@ int pf_normalize_tcp_stateful(struct mbuf *m, int off, struct pf_pdesc *pd, - u_short *reason, struct tcphdr *th, struct pf_state *state, + u_short *reason, struct tcphdr *th, struct pf_kstate *state, struct pf_state_peer *src, struct pf_state_peer *dst, int *writeback) { struct timeval uptime; diff --git a/sys/netpfil/pf/pf_nv.h b/sys/netpfil/pf/pf_nv.h --- a/sys/netpfil/pf/pf_nv.h +++ b/sys/netpfil/pf/pf_nv.h @@ -81,6 +81,6 @@ int pf_nvrule_to_krule(const nvlist_t *, struct pf_krule *); int pf_nvstate_kill_to_kstate_kill(const nvlist_t *, struct pf_kstate_kill *); -nvlist_t *pf_state_to_nvstate(const struct pf_state *); +nvlist_t *pf_state_to_nvstate(const struct pf_kstate *); #endif diff --git a/sys/netpfil/pf/pf_nv.c b/sys/netpfil/pf/pf_nv.c --- a/sys/netpfil/pf/pf_nv.c +++ b/sys/netpfil/pf/pf_nv.c @@ -893,7 +893,7 @@ } nvlist_t * -pf_state_to_nvstate(const struct pf_state *s) +pf_state_to_nvstate(const struct pf_kstate *s) { nvlist_t *nvl, *tmp; uint32_t expire, flags = 0;