[src/trunk]: src/sys/external/bsd/ipf/netinet Enable building of ipfilter cod...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/sys/external/bsd/ipf/netinet Enable building of ipfilter cod...
From: pgoyette <pgoyette%NetBSD.org@localhost>
Date: Tue, 31 Jul 2018 20:14:08 +0000
details:   https://anonhg.NetBSD.org/src/rev/7ca74d1eaaf0
branches:  trunk
changeset: 345798:7ca74d1eaaf0
user:      pgoyette <pgoyette%NetBSD.org@localhost>
date:      Thu Jun 09 04:43:46 2016 +0000

description:
Enable building of ipfilter code as a separately-loaded module.

diffstat:

 sys/external/bsd/ipf/netinet/ip_compat.h     |   18 ++-
 sys/external/bsd/ipf/netinet/ip_fil_netbsd.c |  140 +++++++++++++++++++++++++-
 sys/external/bsd/ipf/netinet/ip_htable.c     |   12 +-
 sys/external/bsd/ipf/netinet/ip_lookup.c     |   12 +-
 sys/external/bsd/ipf/netinet/ip_pool.c       |   12 +-
 5 files changed, 175 insertions(+), 19 deletions(-)

diffs (truncated from 345 to 300 lines):

diff -r 0e8c63f8721b -r 7ca74d1eaaf0 sys/external/bsd/ipf/netinet/ip_compat.h
--- a/sys/external/bsd/ipf/netinet/ip_compat.h  Thu Jun 09 04:42:50 2016 +0000
+++ b/sys/external/bsd/ipf/netinet/ip_compat.h  Thu Jun 09 04:43:46 2016 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ip_compat.h,v 1.7 2014/03/20 20:43:12 christos Exp $   */
+/*     $NetBSD: ip_compat.h,v 1.8 2016/06/09 04:43:46 pgoyette Exp $   */
 
 /*
  * Copyright (C) 2012 by Darren Reed.
@@ -837,7 +837,13 @@
 #  if (__NetBSD_Version__ < 399001400)
 #   include "opt_ipfilter_log.h"
 #  else
-#   include "opt_ipfilter.h"
+#   if (__NetBSD_Version__ >= 799003000)
+#    if defined(_KERNEL_OPT)
+#     include "opt_ipfilter.h"
+#    endif
+#   else
+#    include "opt_ipfilter.h"
+#   endif
 #  endif
 # endif
 # if defined(_KERNEL)
@@ -857,7 +863,13 @@
 #    include "bpfilter.h"
 #  endif
 #  if defined(__NetBSD_Version__) && (__NetBSD_Version__ >= 104110000)
-#   include "opt_inet.h"
+#   if (__NetBSD_Version__ >= 799003000)
+#    if defined(_KERNEL_OPT)
+#     include "opt_inet.h"
+#    endif
+#   else
+#    include "opt_inet.h"
+#   endif
 #  endif
 #  ifdef INET6
 #   define USE_INET6
diff -r 0e8c63f8721b -r 7ca74d1eaaf0 sys/external/bsd/ipf/netinet/ip_fil_netbsd.c
--- a/sys/external/bsd/ipf/netinet/ip_fil_netbsd.c      Thu Jun 09 04:42:50 2016 +0000
+++ b/sys/external/bsd/ipf/netinet/ip_fil_netbsd.c      Thu Jun 09 04:43:46 2016 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ip_fil_netbsd.c,v 1.12 2016/01/20 22:11:23 riastradh Exp $     */
+/*     $NetBSD: ip_fil_netbsd.c,v 1.13 2016/06/09 04:43:46 pgoyette Exp $      */
 
 /*
  * Copyright (C) 2012 by Darren Reed.
@@ -8,7 +8,7 @@
 #if !defined(lint)
 #if defined(__NetBSD__)
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_fil_netbsd.c,v 1.12 2016/01/20 22:11:23 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_fil_netbsd.c,v 1.13 2016/06/09 04:43:46 pgoyette Exp $");
 #else
 static const char sccsid[] = "@(#)ip_fil.c     2.41 6/5/96 (C) 1993-2000 Darren Reed";
 static const char rcsid[] = "@(#)Id: ip_fil_netbsd.c,v 1.1.1.2 2012/07/22 13:45:17 darrenr Exp";
@@ -23,7 +23,13 @@
 #endif
 #include <sys/param.h>
 #if (NetBSD >= 199905) && !defined(IPFILTER_LKM)
-# include "opt_ipsec.h"
+# if (__NetBSD_Version__ >= 799003000)
+#   ifdef _KERNEL_OPT
+#    include "opt_ipsec.h"
+#   endif
+# else
+#  include "opt_ipsec.h"
+# endif
 #endif
 #include <sys/errno.h>
 #include <sys/types.h>
@@ -47,6 +53,10 @@
 #if (__NetBSD_Version__ >= 399002000)
 # include <sys/kauth.h>
 #endif
+#if (__NetBSD_Version__ >= 799003000)
+#include <sys/module.h>
+#include <sys/mutex.h>
+#endif
 
 #include <net/if.h>
 #include <net/route.h>
@@ -147,6 +157,10 @@
        .d_flag = 0
 #endif
 };
+#if (__NetBSD_Version__ >= 799003000)
+kmutex_t ipf_ref_mutex;
+int    ipf_active;
+#endif
 
 ipf_main_softc_t ipfmain;
 
@@ -315,6 +329,9 @@
 ipfilterattach(int count)
 {
 
+#if (__NetBSD_Version__ >= 799003000)
+       return;
+#else
 #if (__NetBSD_Version__ >= 599002000)
        ipf_listener = kauth_listen_scope(KAUTH_SCOPE_NETWORK,
            ipf_listener_cb, NULL);
@@ -322,6 +339,7 @@
 
        if (ipf_load_all() == 0)
                (void) ipf_create_all(&ipfmain);
+#endif
 }
 
 
@@ -1988,6 +2006,13 @@
                        break;
                }
        }
+#if (__NetBSD_Version__ >= 799003000)
+       if (error == 0) {
+               mutex_enter(&ipf_ref_mutex);
+               ipf_active = 1;
+               mutex_exit(&ipf_ref_mutex);
+       }
+#endif
        return error;
 }
 
@@ -2001,10 +2026,15 @@
        u_int   unit = GET_MINOR(dev);
 
        if (IPL_LOGMAX < unit)
-               unit = ENXIO;
-       else
-               unit = 0;
-       return unit;
+               return ENXIO;
+       else {
+#if (__NetBSD_Version__ >= 799003000)
+               mutex_enter(&ipf_ref_mutex);
+               ipf_active = 0;
+               mutex_exit(&ipf_ref_mutex);
+#endif
+               return 0;
+       }
 }
 
 /*
@@ -2123,3 +2153,99 @@
        sum2 = ~sum & 0xffff;
        return sum2;
 }
+
+#if (__NetBSD_Version__ >= 799003000)
+
+/* NetBSD module interface */
+
+MODULE(MODULE_CLASS_DRIVER, ipl, "bpf_filter");
+
+static int ipl_init(void *);
+static int ipl_fini(void *);
+static int ipl_modcmd(modcmd_t, void *);
+
+static devmajor_t ipl_cmaj = -1, ipl_bmaj = -1;
+
+static int
+ipl_modcmd(modcmd_t cmd, void *opaque)
+{
+
+       switch (cmd) {
+       case MODULE_CMD_INIT:
+               return ipl_init(opaque);
+       case MODULE_CMD_FINI:
+               return ipl_fini(opaque);
+       default:
+               return ENOTTY;
+       }
+}
+
+static int
+ipl_init(void *opaque)
+{
+       int error;
+
+       ipf_listener = kauth_listen_scope(KAUTH_SCOPE_NETWORK,
+           ipf_listener_cb, NULL);
+
+       if ((error = ipf_load_all()) != 0)
+               return error;
+
+       if (ipf_create_all(&ipfmain) == NULL) {
+               ipf_unload_all();
+               return ENODEV;
+       }
+
+       /* Initialize our mutex and reference count */
+       mutex_init(&ipf_ref_mutex, MUTEX_DEFAULT, IPL_NONE);
+       ipf_active = 0;
+
+       /*
+        * Insert ourself into the cdevsw list.  It's OK if we are
+        * already there, since this will happen when our module is
+        * built-in to the kernel.  (We could skip the insert in
+        * that case, but that would break the possibility of a
+        * unload/re-load sequence for the built-in module, which
+        * corresponds to disable/re-enable.)
+        */
+       error = devsw_attach("ipl", NULL, &ipl_bmaj, &ipl_cdevsw, &ipl_cmaj);
+       if (error == EEXIST)
+               error = 0;
+
+       if (error)
+               ipl_fini(opaque);
+
+       return error;
+}
+
+static int
+ipl_fini(void *opaque)
+{
+
+       (void)devsw_detach(NULL, &ipl_cdevsw);
+
+       /*
+        * Grab the mutex, verify that there are no references
+        * and that there are no running filters.  If either
+        * of these exists, reinsert our cdevsw entry and return
+        * an error.
+        */
+       mutex_enter(&ipf_ref_mutex);
+       if (ipf_active != 0 || ipfmain.ipf_running > 0) {
+               (void)devsw_attach("ipl", NULL, &ipl_bmaj,
+                   &ipl_cdevsw, &ipl_cmaj);
+               mutex_exit(&ipf_ref_mutex);
+               return EBUSY;
+       }
+
+       /* Clean up the rest of our state before being unloaded */
+
+       mutex_exit(&ipf_ref_mutex);
+       mutex_destroy(&ipf_ref_mutex);
+       ipf_destroy_all(&ipfmain);
+       ipf_unload_all();
+       kauth_unlisten_scope(ipf_listener);
+
+       return 0;
+}
+#endif /* (__NetBSD_Version__ >= 799003000) */
diff -r 0e8c63f8721b -r 7ca74d1eaaf0 sys/external/bsd/ipf/netinet/ip_htable.c
--- a/sys/external/bsd/ipf/netinet/ip_htable.c  Thu Jun 09 04:42:50 2016 +0000
+++ b/sys/external/bsd/ipf/netinet/ip_htable.c  Thu Jun 09 04:43:46 2016 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ip_htable.c,v 1.6 2014/03/20 20:43:12 christos Exp $   */
+/*     $NetBSD: ip_htable.c,v 1.7 2016/06/09 04:43:46 pgoyette Exp $   */
 
 /*
  * Copyright (C) 2012 by Darren Reed.
@@ -14,7 +14,13 @@
 #include <sys/param.h>
 #if defined(__NetBSD__)
 # if (NetBSD >= 199905) && !defined(IPFILTER_LKM) && defined(_KERNEL)
-#  include "opt_ipfilter.h"
+#  if (__NetBSD_Version__ >= 799003000)
+#   if defined(_KERNEL_OPT)
+#    include "opt_ipfilter.h"
+#   endif
+#  else
+#   include "opt_ipfilter.h"
+#  endif
 # endif
 #endif
 #include <sys/types.h>
@@ -60,7 +66,7 @@
 #if !defined(lint)
 #if defined(__NetBSD__)
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ip_htable.c,v 1.6 2014/03/20 20:43:12 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ip_htable.c,v 1.7 2016/06/09 04:43:46 pgoyette Exp $");
 #else
 static const char rcsid[] = "@(#)Id: ip_htable.c,v 1.1.1.2 2012/07/22 13:45:19 darrenr Exp";
 #endif
diff -r 0e8c63f8721b -r 7ca74d1eaaf0 sys/external/bsd/ipf/netinet/ip_lookup.c
--- a/sys/external/bsd/ipf/netinet/ip_lookup.c  Thu Jun 09 04:42:50 2016 +0000
+++ b/sys/external/bsd/ipf/netinet/ip_lookup.c  Thu Jun 09 04:43:46 2016 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ip_lookup.c,v 1.4 2014/03/20 20:43:12 christos Exp $   */
+/*     $NetBSD: ip_lookup.c,v 1.5 2016/06/09 04:43:46 pgoyette Exp $   */
 
 /*
  * Copyright (C) 2012 by Darren Reed.
@@ -17,7 +17,13 @@
 #include <sys/param.h>
 #if defined(__NetBSD__)
 # if (NetBSD >= 199905) && !defined(IPFILTER_LKM) && defined(_KERNEL)
-#  include "opt_ipfilter.h"
+#  if (__NetBSD_Version__ >= 799003000)
+#   if defined(_KERNEL_OPT)
+#    include "opt_ipfilter.h"
+#   endif
+#  else
+#   include "opt_ipfilter.h"
+#  endif
Prev by Date: [src/trunk]: src/sys/modules New module for ipl (aka ipfilter).
Next by Date: [src/trunk]: src/distrib/sets/lists/modules Update sets lists for new ipl (ak...
Previous by Thread: [src/trunk]: src/sys/modules New module for ipl (aka ipfilter).
Next by Thread: [src/trunk]: src/distrib/sets/lists/modules Update sets lists for new ipl (ak...
Indexes:
Home | Main Index | Thread Index | Old Index