Page MenuHomeFreeBSD
Files F144814087

D37976.id.diff
No OneTemporary
Actions

D37976.id.diff
View Options

diff --git a/sys/dev/virtio/network/if_vtnet.c b/sys/dev/virtio/network/if_vtnet.c
--- a/sys/dev/virtio/network/if_vtnet.c
+++ b/sys/dev/virtio/network/if_vtnet.c
@@ -2137,12 +2137,8 @@
if (PFIL_HOOKED_IN(sc->vtnet_pfil)) {
pfil_return_t pfil;
- pfil = pfil_run_hooks(sc->vtnet_pfil, &m, ifp, PFIL_IN,
- NULL);
+ pfil = pfil_mbuf_in(sc->vtnet_pfil, &m, ifp, NULL);
switch (pfil) {
- case PFIL_REALLOCED:
- m = pfil_mem2mbuf(m->m_data);
- break;
case PFIL_DROPPED:
case PFIL_CONSUMED:
continue;
diff --git a/sys/net/if_bridge.c b/sys/net/if_bridge.c
--- a/sys/net/if_bridge.c
+++ b/sys/net/if_bridge.c
@@ -3365,7 +3365,7 @@
/* Run the packet through pfil before stripping link headers */
if (PFIL_HOOKED_OUT(V_link_pfil_head) && V_pfil_ipfw != 0 &&
dir == PFIL_OUT && ifp != NULL) {
- switch (pfil_run_hooks(V_link_pfil_head, mp, ifp, dir, NULL)) {
+ switch (pfil_mbuf_out(V_link_pfil_head, mp, ifp, NULL)) {
case PFIL_DROPPED:
return (EACCES);
case PFIL_CONSUMED:
@@ -3419,17 +3419,20 @@
* in_if -> bridge_if -> out_if
*/
if (V_pfil_bridge && dir == PFIL_OUT && bifp != NULL && (rv =
- pfil_run_hooks(V_inet_pfil_head, mp, bifp, dir, NULL)) !=
+ pfil_mbuf_out(V_inet_pfil_head, mp, bifp, NULL)) !=
PFIL_PASS)
break;
- if (V_pfil_member && ifp != NULL && (rv =
- pfil_run_hooks(V_inet_pfil_head, mp, ifp, dir, NULL)) !=
- PFIL_PASS)
- break;
+ if (V_pfil_member && ifp != NULL) {
+ rv = (dir == PFIL_OUT) ?
+ pfil_mbuf_out(V_inet_pfil_head, mp, ifp, NULL) :
+ pfil_mbuf_in(V_inet_pfil_head, mp, ifp, NULL);
+ if (rv != PFIL_PASS)
+ break;
+ }
if (V_pfil_bridge && dir == PFIL_IN && bifp != NULL && (rv =
- pfil_run_hooks(V_inet_pfil_head, mp, bifp, dir, NULL)) !=
+ pfil_mbuf_in(V_inet_pfil_head, mp, bifp, NULL)) !=
PFIL_PASS)
break;
@@ -3467,17 +3470,20 @@
#ifdef INET6
case ETHERTYPE_IPV6:
if (V_pfil_bridge && dir == PFIL_OUT && bifp != NULL && (rv =
- pfil_run_hooks(V_inet6_pfil_head, mp, bifp, dir, NULL)) !=
+ pfil_mbuf_out(V_inet6_pfil_head, mp, bifp, NULL)) !=
PFIL_PASS)
break;
- if (V_pfil_member && ifp != NULL && (rv =
- pfil_run_hooks(V_inet6_pfil_head, mp, ifp, dir, NULL)) !=
- PFIL_PASS)
- break;
+ if (V_pfil_member && ifp != NULL) {
+ rv = (dir == PFIL_OUT) ?
+ pfil_mbuf_out(V_inet6_pfil_head, mp, ifp, NULL) :
+ pfil_mbuf_in(V_inet6_pfil_head, mp, ifp, NULL);
+ if (rv != PFIL_PASS)
+ break;
+ }
if (V_pfil_bridge && dir == PFIL_IN && bifp != NULL && (rv =
- pfil_run_hooks(V_inet6_pfil_head, mp, bifp, dir, NULL)) !=
+ pfil_mbuf_in(V_inet6_pfil_head, mp, bifp, NULL)) !=
PFIL_PASS)
break;
break;
diff --git a/sys/net/if_enc.c b/sys/net/if_enc.c
--- a/sys/net/if_enc.c
+++ b/sys/net/if_enc.c
@@ -247,7 +247,7 @@
struct enc_softc *sc;
struct ifnet *ifp, *rcvif;
struct pfil_head *ph;
- int pdir;
+ int pdir, ret;
sc = (struct enc_softc *)udata;
ifp = sc->sc_ifp;
@@ -307,7 +307,11 @@
/* Make a packet looks like it was received on enc(4) */
rcvif = (*ctx->mp)->m_pkthdr.rcvif;
(*ctx->mp)->m_pkthdr.rcvif = ifp;
- if (pfil_run_hooks(ph, ctx->mp, ifp, pdir, ctx->inp) != PFIL_PASS) {
+ if (pdir == PFIL_IN)
+ ret = pfil_mbuf_in(ph, ctx->mp, ifp, ctx->inp);
+ else
+ ret = pfil_mbuf_out(ph, ctx->mp, ifp, ctx->inp);
+ if (ret != PFIL_PASS) {
*ctx->mp = NULL; /* consumed by filter */
return (EACCES);
}
diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c
--- a/sys/net/if_ethersubr.c
+++ b/sys/net/if_ethersubr.c
@@ -474,8 +474,7 @@
return (0);
if (PFIL_HOOKED_OUT(V_link_pfil_head))
- switch (pfil_run_hooks(V_link_pfil_head, &m, ifp, PFIL_OUT,
- NULL)) {
+ switch (pfil_mbuf_out(V_link_pfil_head, &m, ifp, NULL)) {
case PFIL_DROPPED:
return (EACCES);
case PFIL_CONSUMED:
@@ -853,7 +852,7 @@
/* Do not grab PROMISC frames in case we are re-entered. */
if (PFIL_HOOKED_IN(V_link_pfil_head) && !(m->m_flags & M_PROMISC)) {
- i = pfil_run_hooks(V_link_pfil_head, &m, ifp, PFIL_IN, NULL);
+ i = pfil_mbuf_in(V_link_pfil_head, &m, ifp, NULL);
if (i != 0 || m == NULL)
return;
}
diff --git a/sys/netinet/ip_output.c b/sys/netinet/ip_output.c
--- a/sys/netinet/ip_output.c
+++ b/sys/netinet/ip_output.c
@@ -116,14 +116,13 @@
struct mbuf *m;
struct in_addr odst;
struct ip *ip;
- int pflags = PFIL_OUT;
m = *mp;
ip = mtod(m, struct ip *);
/* Run through list of hooks for output packets. */
odst.s_addr = ip->ip_dst.s_addr;
- switch (pfil_run_hooks(V_inet_pfil_head, mp, ifp, pflags, inp)) {
+ switch (pfil_mbuf_out(V_inet_pfil_head, mp, ifp, inp)) {
case PFIL_DROPPED:
*error = EACCES;
/* FALLTHROUGH */

File Metadata

Mime Type
text/plain
Expires
Fri, Feb 13, 11:44 PM (3 h, 40 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
28682857
Default Alt Text
D37976.id.diff (4 KB)

Event Timeline