On Tue, Nov 15, 2016 at 03:41:48PM +0100, Martin Pieuchot wrote:
> Kill a bunch of recursive splsoftnet()s. pf_ioctl() already call
> splsoftnet() and for the functions that are also called from pf_test()
> the spl level is already IPL_SOFTNET.
>
> ok?
OK bluhm@
>
> Index: net/pf_if.c
> ===================================================================
> RCS file: /cvs/src/sys/net/pf_if.c,v
> retrieving revision 1.86
> diff -u -p -r1.86 pf_if.c
> --- net/pf_if.c 27 Sep 2016 04:57:17 -0000 1.86
> +++ net/pf_if.c 15 Nov 2016 14:27:47 -0000
> @@ -356,7 +356,7 @@ pfi_dynaddr_setup(struct pf_addr_wrap *a
> struct pfi_dynaddr *dyn;
> char tblname[PF_TABLE_NAME_SIZE];
> struct pf_ruleset *ruleset = NULL;
> - int s, rv = 0;
> + int rv = 0;
>
> if (aw->type != PF_ADDR_DYNIFTL)
> return (0);
> @@ -364,7 +364,6 @@ pfi_dynaddr_setup(struct pf_addr_wrap *a
> == NULL)
> return (1);
>
> - s = splsoftnet();
> if (!strcmp(aw->v.ifname, "self"))
> dyn->pfid_kif = pfi_kif_get(IFG_ALL);
> else
> @@ -407,7 +406,6 @@ pfi_dynaddr_setup(struct pf_addr_wrap *a
> TAILQ_INSERT_TAIL(&dyn->pfid_kif->pfik_dynaddrs, dyn, entry);
> aw->p.dyn = dyn;
> pfi_kif_update(dyn->pfid_kif);
> - splx(s);
> return (0);
>
> _bad:
> @@ -418,7 +416,6 @@ _bad:
> if (dyn->pfid_kif != NULL)
> pfi_kif_unref(dyn->pfid_kif, PFI_KIF_REF_RULE);
> pool_put(&pfi_addr_pl, dyn);
> - splx(s);
> return (rv);
> }
>
> @@ -589,13 +586,10 @@ pfi_address_add(struct sockaddr *sa, sa_
> void
> pfi_dynaddr_remove(struct pf_addr_wrap *aw)
> {
> - int s;
> -
> if (aw->type != PF_ADDR_DYNIFTL || aw->p.dyn == NULL ||
> aw->p.dyn->pfid_kif == NULL || aw->p.dyn->pfid_kt == NULL)
> return;
>
> - s = splsoftnet();
> TAILQ_REMOVE(&aw->p.dyn->pfid_kif->pfik_dynaddrs, aw->p.dyn, entry);
> pfi_kif_unref(aw->p.dyn->pfid_kif, PFI_KIF_REF_RULE);
> aw->p.dyn->pfid_kif = NULL;
> @@ -603,7 +597,6 @@ pfi_dynaddr_remove(struct pf_addr_wrap *
> aw->p.dyn->pfid_kt = NULL;
> pool_put(&pfi_addr_pl, aw->p.dyn);
> aw->p.dyn = NULL;
> - splx(s);
> }
>
> void
> @@ -640,23 +633,20 @@ pfi_update_status(const char *name, stru
> struct pfi_kif_cmp key;
> struct ifg_member p_member, *ifgm;
> TAILQ_HEAD(, ifg_member) ifg_members;
> - int i, j, k, s;
> + int i, j, k;
>
> - s = splsoftnet();
> if (*name == '\0' && pfs == NULL) {
> RB_FOREACH(p, pfi_ifhead, &pfi_ifs) {
> bzero(p->pfik_packets, sizeof(p->pfik_packets));
> bzero(p->pfik_bytes, sizeof(p->pfik_bytes));
> p->pfik_tzero = time_second;
> }
> - splx(s);
> return;
> }
>
> strlcpy(key.pfik_name, name, sizeof(key.pfik_name));
> p = RB_FIND(pfi_ifhead, &pfi_ifs, (struct pfi_kif *)&key);
> if (p == NULL) {
> - splx(s);
> return;
> }
> if (p->pfik_group != NULL) {
> @@ -694,16 +684,14 @@ pfi_update_status(const char *name, stru
> p->pfik_bytes[i][j][k];
> }
> }
> - splx(s);
> }
>
> int
> pfi_get_ifaces(const char *name, struct pfi_kif *buf, int *size)
> {
> struct pfi_kif *p, *nextp;
> - int s, n = 0;
> + int n = 0;
>
> - s = splsoftnet();
> for (p = RB_MIN(pfi_ifhead, &pfi_ifs); p; p = nextp) {
> nextp = RB_NEXT(pfi_ifhead, &pfi_ifs, p);
> if (pfi_skip_if(name, p))
> @@ -714,14 +702,12 @@ pfi_get_ifaces(const char *name, struct
> pfi_kif_ref(p, PFI_KIF_REF_RULE);
> if (copyout(p, buf++, sizeof(*buf))) {
> pfi_kif_unref(p, PFI_KIF_REF_RULE);
> - splx(s);
> return (EFAULT);
> }
> nextp = RB_NEXT(pfi_ifhead, &pfi_ifs, p);
> pfi_kif_unref(p, PFI_KIF_REF_RULE);
> }
> }
> - splx(s);
> *size = n;
> return (0);
> }
> @@ -752,15 +738,12 @@ int
> pfi_set_flags(const char *name, int flags)
> {
> struct pfi_kif *p;
> - int s;
>
> - s = splsoftnet();
> RB_FOREACH(p, pfi_ifhead, &pfi_ifs) {
> if (pfi_skip_if(name, p))
> continue;
> p->pfik_flags_new = p->pfik_flags | flags;
> }
> - splx(s);
> return (0);
> }
>
> @@ -768,15 +751,12 @@ int
> pfi_clear_flags(const char *name, int flags)
> {
> struct pfi_kif *p;
> - int s;
>
> - s = splsoftnet();
> RB_FOREACH(p, pfi_ifhead, &pfi_ifs) {
> if (pfi_skip_if(name, p))
> continue;
> p->pfik_flags_new = p->pfik_flags & ~flags;
> }
> - splx(s);
> return (0);
> }
>
> @@ -784,12 +764,9 @@ void
> pfi_xcommit(void)
> {
> struct pfi_kif *p;
> - int s;
>
> - s = splsoftnet();
> RB_FOREACH(p, pfi_ifhead, &pfi_ifs)
> p->pfik_flags = p->pfik_flags_new;
> - splx(s);
> }
>
> /* from pf_print_state.c */
> Index: net/pf_ioctl.c
> ===================================================================
> RCS file: /cvs/src/sys/net/pf_ioctl.c,v
> retrieving revision 1.304
> diff -u -p -r1.304 pf_ioctl.c
> --- net/pf_ioctl.c 28 Oct 2016 07:54:19 -0000 1.304
> +++ net/pf_ioctl.c 15 Nov 2016 14:26:42 -0000
> @@ -769,7 +769,7 @@ pf_commit_rules(u_int32_t ticket, char *
> struct pf_ruleset *rs;
> struct pf_rule *rule, **old_array;
> struct pf_rulequeue *old_rules;
> - int s, error;
> + int error;
> u_int32_t old_rcount;
>
> /* Make sure any expired rules get removed from active rules first. */
> @@ -788,7 +788,6 @@ pf_commit_rules(u_int32_t ticket, char *
> }
>
> /* Swap rules, keep the old. */
> - s = splsoftnet();
> old_rules = rs->rules.active.ptr;
> old_rcount = rs->rules.active.rcount;
> old_array = rs->rules.active.ptr_array;
> @@ -813,7 +812,6 @@ pf_commit_rules(u_int32_t ticket, char *
> rs->rules.inactive.rcount = 0;
> rs->rules.inactive.open = 0;
> pf_remove_if_empty_ruleset(rs);
> - splx(s);
>
> /* queue defs only in the main ruleset */
> if (anchor[0])
