Bug Summary

File:netpfil/pf/pf_ioctl.c
Warning:line 3624, column 11
Copies out a struct with a union element with different sizes

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -triple x86_64-unknown-freebsd11.2 -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name pf_ioctl.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -mrelocation-model static -mthread-model posix -mdisable-fp-elim -relaxed-aliasing -masm-verbose -mconstructor-aliases -ffreestanding -mcode-model kernel -target-cpu x86-64 -target-feature -mmx -target-feature -sse -target-feature -aes -target-feature -avx -disable-red-zone -no-implicit-float -dwarf-column-info -debugger-tuning=gdb -nostdsysteminc -nobuiltininc -resource-dir /root/kernel-uninitialized-memory-checker/build/lib/clang/8.0.0 -include /usr/obj/root/freebsd/amd64.amd64/sys/GENERIC/opt_global.h -D _KERNEL -D KLD_MODULE -D KLD_TIED -D HAVE_KERNEL_OPTION_HEADERS -I . -I /root/freebsd/sys -I /root/freebsd/sys/contrib/ck/include -I /usr/obj/root/freebsd/amd64.amd64/sys/GENERIC -D __printf__=__freebsd_kprintf__ -O2 -Wno-pointer-sign -Wno-unknown-pragmas -Wno-error-tautological-compare -Wno-error-empty-body -Wno-error-parentheses-equality -Wno-error-unused-function -Wno-error-pointer-sign -Wno-error-shift-negative-value -Wno-address-of-packed-member -std=iso9899:1999 -fdebug-compilation-dir /usr/obj/root/freebsd/amd64.amd64/sys/GENERIC/modules/root/freebsd/sys/modules/pf -ferror-limit 19 -fmessage-length 0 -fwrapv -stack-protector 1 -fobjc-runtime=gnustep -fno-common -fdiagnostics-show-option -vectorize-loops -vectorize-slp -analyzer-checker alpha.security.KernelMemoryDisclosure -analyzer-disable-checker core,unix,deadcode,nullability -analyzer-output=html -o /root/analyzer/2018-12-28-044519-76292-1 -x c /root/freebsd/sys/netpfil/pf/pf_ioctl.c -faddrsig
1/*-
2 * SPDX-License-Identifier: BSD-2-Clause
3 *
4 * Copyright (c) 2001 Daniel Hartmeier
5 * Copyright (c) 2002,2003 Henning Brauer
6 * Copyright (c) 2012 Gleb Smirnoff <[email protected]>
7 * All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 *
13 * - Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * - Redistributions in binary form must reproduce the above
16 * copyright notice, this list of conditions and the following
17 * disclaimer in the documentation and/or other materials provided
18 * with the distribution.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
27 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
28 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
30 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
31 * POSSIBILITY OF SUCH DAMAGE.
32 *
33 * Effort sponsored in part by the Defense Advanced Research Projects
34 * Agency (DARPA) and Air Force Research Laboratory, Air Force
35 * Materiel Command, USAF, under agreement number F30602-01-2-0537.
36 *
37 * $OpenBSD: pf_ioctl.c,v 1.213 2009/02/15 21:46:12 mbalmer Exp $
38 */
39
40#include <sys/cdefs.h>
41__FBSDID("$FreeBSD$")__asm__(".ident\t\"" "$FreeBSD$" "\"");
42
43#include "opt_inet.h"
44#include "opt_inet6.h"
45#include "opt_bpf.h"
46#include "opt_pf.h"
47
48#include <sys/param.h>
49#include <sys/bus.h>
50#include <sys/conf.h>
51#include <sys/endian.h>
52#include <sys/fcntl.h>
53#include <sys/filio.h>
54#include <sys/interrupt.h>
55#include <sys/jail.h>
56#include <sys/kernel.h>
57#include <sys/kthread.h>
58#include <sys/lock.h>
59#include <sys/mbuf.h>
60#include <sys/module.h>
61#include <sys/proc.h>
62#include <sys/smp.h>
63#include <sys/socket.h>
64#include <sys/sysctl.h>
65#include <sys/md5.h>
66#include <sys/ucred.h>
67
68#include <net/if.h>
69#include <net/if_var.h>
70#include <net/vnet.h>
71#include <net/route.h>
72#include <net/pfil.h>
73#include <net/pfvar.h>
74#include <net/if_pfsync.h>
75#include <net/if_pflog.h>
76
77#include <netinet/in.h>
78#include <netinet/ip.h>
79#include <netinet/ip_var.h>
80#include <netinet6/ip6_var.h>
81#include <netinet/ip_icmp.h>
82
83#ifdef INET61
84#include <netinet/ip6.h>
85#endif /* INET6 */
86
87#ifdef ALTQ
88#include <net/altq/altq.h>
89#endif
90
91static struct pf_pool *pf_get_pool(char *, u_int32_t, u_int8_t, u_int32_t,
92 u_int8_t, u_int8_t, u_int8_t);
93
94static void pf_mv_pool(struct pf_palist *, struct pf_palist *);
95static void pf_empty_pool(struct pf_palist *);
96static int pfioctl(struct cdev *, u_long, caddr_t, int,
97 struct thread *);
98#ifdef ALTQ
99static int pf_begin_altq(u_int32_t *);
100static int pf_rollback_altq(u_int32_t);
101static int pf_commit_altq(u_int32_t);
102static int pf_enable_altq(struct pf_altqpf_kaltq *);
103static int pf_disable_altq(struct pf_altqpf_kaltq *);
104static u_int32_t pf_qname2qid(char *);
105static void pf_qid_unref(u_int32_t);
106#endif /* ALTQ */
107static int pf_begin_rules(u_int32_t *, int, const char *);
108static int pf_rollback_rules(u_int32_t, int, char *);
109static int pf_setup_pfsync_matching(struct pf_ruleset *);
110static void pf_hash_rule(MD5_CTX *, struct pf_rule *);
111static void pf_hash_rule_addr(MD5_CTX *, struct pf_rule_addr *);
112static int pf_commit_rules(u_int32_t, int, char *);
113static int pf_addr_setup(struct pf_ruleset *,
114 struct pf_addr_wrap *, sa_family_t);
115static void pf_addr_copyout(struct pf_addr_wrap *);
116#ifdef ALTQ
117static int pf_export_kaltq(struct pf_altqpf_kaltq *,
118 struct pfioc_altq_v1 *, size_t);
119static int pf_import_kaltq(struct pfioc_altq_v1 *,
120 struct pf_altqpf_kaltq *, size_t);
121#endif /* ALTQ */
122
123VNET_DEFINE(struct pf_rule, pf_default_rule)struct _hack; struct pf_rule vnet_entry_pf_default_rule __attribute__
((__section__("set_vnet"))) __attribute__((__used__));
124
125#ifdef ALTQ
126VNET_DEFINE_STATIC(int, pf_altq_running)static int vnet_entry_pf_altq_running __attribute__((__section__
("set_vnet"))) __attribute__((__used__));
127#define V_pf_altq_running VNET(pf_altq_running)(*(__typeof(vnet_entry_pf_altq_running)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_altq_running
))
128#endif
129
130#define TAGID_MAX50000 50000
131struct pf_tagname {
132 TAILQ_ENTRY(pf_tagname)struct { struct pf_tagname *tqe_next; struct pf_tagname **tqe_prev
; } entries;
133 char name[PF_TAG_NAME_SIZE64];
134 uint16_t tag;
135 int ref;
136};
137
138TAILQ_HEAD(pf_tags, pf_tagname)struct pf_tags { struct pf_tagname *tqh_first; struct pf_tagname
**tqh_last; };
139#define V_pf_tags(*(__typeof(vnet_entry_pf_tags)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_tags)) VNET(pf_tags)(*(__typeof(vnet_entry_pf_tags)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_tags))
140VNET_DEFINE(struct pf_tags, pf_tags)struct _hack; struct pf_tags vnet_entry_pf_tags __attribute__
((__section__("set_vnet"))) __attribute__((__used__));
141#define V_pf_qids(*(__typeof(vnet_entry_pf_qids)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_qids)) VNET(pf_qids)(*(__typeof(vnet_entry_pf_qids)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_qids))
142VNET_DEFINE(struct pf_tags, pf_qids)struct _hack; struct pf_tags vnet_entry_pf_qids __attribute__
((__section__("set_vnet"))) __attribute__((__used__));
143static MALLOC_DEFINE(M_PFTAG, "pf_tag", "pf(4) tag names")struct malloc_type M_PFTAG[1] = { { ((void *)0), 877983977, "pf_tag"
, ((void *)0) } }; static struct sysinit M_PFTAG_init_sys_init
= { SI_SUB_KMEM, SI_ORDER_THIRD, (sysinit_cfunc_t)(sysinit_nfunc_t
)malloc_init, ((void *)(M_PFTAG)) }; __asm__(".globl " "__start_set_sysinit_set"
); __asm__(".globl " "__stop_set_sysinit_set"); static void const
* __set_sysinit_set_sym_M_PFTAG_init_sys_init __attribute__(
(__section__("set_" "sysinit_set"))) __attribute__((__used__)
) = &(M_PFTAG_init_sys_init); static struct sysinit M_PFTAG_uninit_sys_uninit
= { SI_SUB_KMEM, SI_ORDER_ANY, (sysinit_cfunc_t)(sysinit_nfunc_t
)malloc_uninit, ((void *)(M_PFTAG)) }; __asm__(".globl " "__start_set_sysuninit_set"
); __asm__(".globl " "__stop_set_sysuninit_set"); static void
const * __set_sysuninit_set_sym_M_PFTAG_uninit_sys_uninit __attribute__
((__section__("set_" "sysuninit_set"))) __attribute__((__used__
)) = &(M_PFTAG_uninit_sys_uninit);
144static MALLOC_DEFINE(M_PFALTQ, "pf_altq", "pf(4) altq configuration db")struct malloc_type M_PFALTQ[1] = { { ((void *)0), 877983977, "pf_altq"
, ((void *)0) } }; static struct sysinit M_PFALTQ_init_sys_init
= { SI_SUB_KMEM, SI_ORDER_THIRD, (sysinit_cfunc_t)(sysinit_nfunc_t
)malloc_init, ((void *)(M_PFALTQ)) }; __asm__(".globl " "__start_set_sysinit_set"
); __asm__(".globl " "__stop_set_sysinit_set"); static void const
* __set_sysinit_set_sym_M_PFALTQ_init_sys_init __attribute__
((__section__("set_" "sysinit_set"))) __attribute__((__used__
)) = &(M_PFALTQ_init_sys_init); static struct sysinit M_PFALTQ_uninit_sys_uninit
= { SI_SUB_KMEM, SI_ORDER_ANY, (sysinit_cfunc_t)(sysinit_nfunc_t
)malloc_uninit, ((void *)(M_PFALTQ)) }; __asm__(".globl " "__start_set_sysuninit_set"
); __asm__(".globl " "__stop_set_sysuninit_set"); static void
const * __set_sysuninit_set_sym_M_PFALTQ_uninit_sys_uninit __attribute__
((__section__("set_" "sysuninit_set"))) __attribute__((__used__
)) = &(M_PFALTQ_uninit_sys_uninit);
145static MALLOC_DEFINE(M_PFRULE, "pf_rule", "pf(4) rules")struct malloc_type M_PFRULE[1] = { { ((void *)0), 877983977, "pf_rule"
, ((void *)0) } }; static struct sysinit M_PFRULE_init_sys_init
= { SI_SUB_KMEM, SI_ORDER_THIRD, (sysinit_cfunc_t)(sysinit_nfunc_t
)malloc_init, ((void *)(M_PFRULE)) }; __asm__(".globl " "__start_set_sysinit_set"
); __asm__(".globl " "__stop_set_sysinit_set"); static void const
* __set_sysinit_set_sym_M_PFRULE_init_sys_init __attribute__
((__section__("set_" "sysinit_set"))) __attribute__((__used__
)) = &(M_PFRULE_init_sys_init); static struct sysinit M_PFRULE_uninit_sys_uninit
= { SI_SUB_KMEM, SI_ORDER_ANY, (sysinit_cfunc_t)(sysinit_nfunc_t
)malloc_uninit, ((void *)(M_PFRULE)) }; __asm__(".globl " "__start_set_sysuninit_set"
); __asm__(".globl " "__stop_set_sysuninit_set"); static void
const * __set_sysuninit_set_sym_M_PFRULE_uninit_sys_uninit __attribute__
((__section__("set_" "sysuninit_set"))) __attribute__((__used__
)) = &(M_PFRULE_uninit_sys_uninit);
146
147#if (PF_QNAME_SIZE64 != PF_TAG_NAME_SIZE64)
148#error PF_QNAME_SIZE64 must be equal to PF_TAG_NAME_SIZE64
149#endif
150
151static u_int16_t tagname2tag(struct pf_tags *, char *);
152static u_int16_t pf_tagname2tag(char *);
153static void tag_unref(struct pf_tags *, u_int16_t);
154
155#define DPFPRINTF(n, x)if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (n)) printf x if (V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (n)) printf x
156
157struct cdev *pf_dev;
158
159/*
160 * XXX - These are new and need to be checked when moveing to a new version
161 */
162static void pf_clear_states(void);
163static int pf_clear_tables(void);
164static void pf_clear_srcnodes(struct pf_src_node *);
165static void pf_kill_srcnodes(struct pfioc_src_node_kill *);
166static void pf_tbladdr_copyout(struct pf_addr_wrap *);
167
168/*
169 * Wrapper functions for pfil(9) hooks
170 */
171#ifdef INET1
172static int pf_check_in(void *arg, struct mbuf **m, struct ifnet *ifp,
173 int dir, int flags, struct inpcb *inp);
174static int pf_check_out(void *arg, struct mbuf **m, struct ifnet *ifp,
175 int dir, int flags, struct inpcb *inp);
176#endif
177#ifdef INET61
178static int pf_check6_in(void *arg, struct mbuf **m, struct ifnet *ifp,
179 int dir, int flags, struct inpcb *inp);
180static int pf_check6_out(void *arg, struct mbuf **m, struct ifnet *ifp,
181 int dir, int flags, struct inpcb *inp);
182#endif
183
184static int hook_pf(void);
185static int dehook_pf(void);
186static int shutdown_pf(void);
187static int pf_load(void);
188static void pf_unload(void);
189
190static struct cdevsw pf_cdevsw = {
191 .d_ioctl = pfioctl,
192 .d_name = PF_NAME"pf",
193 .d_version = D_VERSION0x17122009,
194};
195
196volatile VNET_DEFINE_STATIC(int, pf_pfil_hooked)static int vnet_entry_pf_pfil_hooked __attribute__((__section__
("set_vnet"))) __attribute__((__used__));
197#define V_pf_pfil_hooked(*(__typeof(vnet_entry_pf_pfil_hooked)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_pfil_hooked
)) VNET(pf_pfil_hooked)(*(__typeof(vnet_entry_pf_pfil_hooked)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_pfil_hooked
))
198
199/*
200 * We need a flag that is neither hooked nor running to know when
201 * the VNET is "valid". We primarily need this to control (global)
202 * external event, e.g., eventhandlers.
203 */
204VNET_DEFINE(int, pf_vnet_active)struct _hack; int vnet_entry_pf_vnet_active __attribute__((__section__
("set_vnet"))) __attribute__((__used__));
205#define V_pf_vnet_active(*(__typeof(vnet_entry_pf_vnet_active)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_vnet_active
)) VNET(pf_vnet_active)(*(__typeof(vnet_entry_pf_vnet_active)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_vnet_active
))
206
207int pf_end_threads;
208struct proc *pf_purge_proc;
209
210struct rmlock pf_rules_lock;
211struct sx pf_ioctl_lock;
212struct sx pf_end_lock;
213
214/* pfsync */
215VNET_DEFINE(pfsync_state_import_t *, pfsync_state_import_ptr)struct _hack; pfsync_state_import_t * vnet_entry_pfsync_state_import_ptr
__attribute__((__section__("set_vnet"))) __attribute__((__used__
));
216VNET_DEFINE(pfsync_insert_state_t *, pfsync_insert_state_ptr)struct _hack; pfsync_insert_state_t * vnet_entry_pfsync_insert_state_ptr
__attribute__((__section__("set_vnet"))) __attribute__((__used__
));
217VNET_DEFINE(pfsync_update_state_t *, pfsync_update_state_ptr)struct _hack; pfsync_update_state_t * vnet_entry_pfsync_update_state_ptr
__attribute__((__section__("set_vnet"))) __attribute__((__used__
));
218VNET_DEFINE(pfsync_delete_state_t *, pfsync_delete_state_ptr)struct _hack; pfsync_delete_state_t * vnet_entry_pfsync_delete_state_ptr
__attribute__((__section__("set_vnet"))) __attribute__((__used__
));
219VNET_DEFINE(pfsync_clear_states_t *, pfsync_clear_states_ptr)struct _hack; pfsync_clear_states_t * vnet_entry_pfsync_clear_states_ptr
__attribute__((__section__("set_vnet"))) __attribute__((__used__
));
220VNET_DEFINE(pfsync_defer_t *, pfsync_defer_ptr)struct _hack; pfsync_defer_t * vnet_entry_pfsync_defer_ptr __attribute__
((__section__("set_vnet"))) __attribute__((__used__));
221pfsync_detach_ifnet_t *pfsync_detach_ifnet_ptr;
222
223/* pflog */
224pflog_packet_t *pflog_packet_ptr = NULL((void *)0);
225
226extern u_long pf_ioctl_maxcount;
227
228static void
229pfattach_vnet(void)
230{
231 u_int32_t *my_timeout = V_pf_default_rule(*(__typeof(vnet_entry_pf_default_rule)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_default_rule
)).timeout;
232
233 pf_initialize();
234 pfr_initialize();
235 pfi_initialize_vnet();
236 pf_normalize_init();
237
238 V_pf_limits(*(__typeof(vnet_entry_pf_limits)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_limits
))[PF_LIMIT_STATES].limit = PFSTATE_HIWAT100000;
239 V_pf_limits(*(__typeof(vnet_entry_pf_limits)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_limits
))[PF_LIMIT_SRC_NODES].limit = PFSNODE_HIWAT10000;
240
241 RB_INIT(&V_pf_anchors)do { (&(*(__typeof(vnet_entry_pf_anchors)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_anchors
)))->rbh_root = ((void *)0); } while ( 0);
242 pf_init_ruleset(&pf_main_ruleset(*(__typeof(vnet_entry_pf_main_anchor)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_main_anchor
)).ruleset);
243
244 /* default rule should never be garbage collected */
245 V_pf_default_rule(*(__typeof(vnet_entry_pf_default_rule)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_default_rule
)).entries.tqe_prev = &V_pf_default_rule(*(__typeof(vnet_entry_pf_default_rule)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_default_rule
)).entries.tqe_next;
246#ifdef PF_DEFAULT_TO_DROP
247 V_pf_default_rule(*(__typeof(vnet_entry_pf_default_rule)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_default_rule
)).action = PF_DROP;
248#else
249 V_pf_default_rule(*(__typeof(vnet_entry_pf_default_rule)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_default_rule
)).action = PF_PASS;
250#endif
251 V_pf_default_rule(*(__typeof(vnet_entry_pf_default_rule)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_default_rule
)).nr = -1;
252 V_pf_default_rule(*(__typeof(vnet_entry_pf_default_rule)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_default_rule
)).rtableid = -1;
253
254 V_pf_default_rule(*(__typeof(vnet_entry_pf_default_rule)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_default_rule
)).states_cur = counter_u64_alloc(M_WAITOK0x0002);
255 V_pf_default_rule(*(__typeof(vnet_entry_pf_default_rule)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_default_rule
)).states_tot = counter_u64_alloc(M_WAITOK0x0002);
256 V_pf_default_rule(*(__typeof(vnet_entry_pf_default_rule)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_default_rule
)).src_nodes = counter_u64_alloc(M_WAITOK0x0002);
257
258 /* initialize default timeouts */
259 my_timeout[PFTM_TCP_FIRST_PACKET] = PFTM_TCP_FIRST_PACKET_VAL120;
260 my_timeout[PFTM_TCP_OPENING] = PFTM_TCP_OPENING_VAL30;
261 my_timeout[PFTM_TCP_ESTABLISHED] = PFTM_TCP_ESTABLISHED_VAL24*60*60;
262 my_timeout[PFTM_TCP_CLOSING] = PFTM_TCP_CLOSING_VAL15 * 60;
263 my_timeout[PFTM_TCP_FIN_WAIT] = PFTM_TCP_FIN_WAIT_VAL45;
264 my_timeout[PFTM_TCP_CLOSED] = PFTM_TCP_CLOSED_VAL90;
265 my_timeout[PFTM_UDP_FIRST_PACKET] = PFTM_UDP_FIRST_PACKET_VAL60;
266 my_timeout[PFTM_UDP_SINGLE] = PFTM_UDP_SINGLE_VAL30;
267 my_timeout[PFTM_UDP_MULTIPLE] = PFTM_UDP_MULTIPLE_VAL60;
268 my_timeout[PFTM_ICMP_FIRST_PACKET] = PFTM_ICMP_FIRST_PACKET_VAL20;
269 my_timeout[PFTM_ICMP_ERROR_REPLY] = PFTM_ICMP_ERROR_REPLY_VAL10;
270 my_timeout[PFTM_OTHER_FIRST_PACKET] = PFTM_OTHER_FIRST_PACKET_VAL60;
271 my_timeout[PFTM_OTHER_SINGLE] = PFTM_OTHER_SINGLE_VAL30;
272 my_timeout[PFTM_OTHER_MULTIPLE] = PFTM_OTHER_MULTIPLE_VAL60;
273 my_timeout[PFTM_FRAG] = PFTM_FRAG_VAL30;
274 my_timeout[PFTM_INTERVAL] = PFTM_INTERVAL_VAL10;
275 my_timeout[PFTM_SRC_NODE] = PFTM_SRC_NODE_VAL0;
276 my_timeout[PFTM_TS_DIFF] = PFTM_TS_DIFF_VAL30;
277 my_timeout[PFTM_ADAPTIVE_START] = PFSTATE_ADAPT_START60000;
278 my_timeout[PFTM_ADAPTIVE_END] = PFSTATE_ADAPT_END120000;
279
280 bzero(&V_pf_status, sizeof(V_pf_status))__builtin_memset((&(*(__typeof(vnet_entry_pf_status)*) ((
(((__curthread())->td_vnet))->vnet_data_base) + (uintptr_t
)&vnet_entry_pf_status))), 0, (sizeof((*(__typeof(vnet_entry_pf_status
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_status)))));
281 V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug = PF_DEBUG_URGENT;
282
283 V_pf_pfil_hooked(*(__typeof(vnet_entry_pf_pfil_hooked)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_pfil_hooked
)) = 0;
284
285 /* XXX do our best to avoid a conflict */
286 V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).hostid = arc4random();
287
288 for (int i = 0; i < PFRES_MAX16; i++)
289 V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).counters[i] = counter_u64_alloc(M_WAITOK0x0002);
290 for (int i = 0; i < LCNT_MAX7; i++)
291 V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).lcounters[i] = counter_u64_alloc(M_WAITOK0x0002);
292 for (int i = 0; i < FCNT_MAX3; i++)
293 V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).fcounters[i] = counter_u64_alloc(M_WAITOK0x0002);
294 for (int i = 0; i < SCNT_MAX3; i++)
295 V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).scounters[i] = counter_u64_alloc(M_WAITOK0x0002);
296
297 if (swi_add(NULL((void *)0), "pf send", pf_intr, curvnet(__curthread())->td_vnet, SWI_NET1,
298 INTR_MPSAFE, &V_pf_swi_cookie(*(__typeof(vnet_entry_pf_swi_cookie)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_swi_cookie
))) != 0)
299 /* XXXGL: leaked all above. */
300 return;
301}
302
303
304static struct pf_pool *
305pf_get_pool(char *anchor, u_int32_t ticket, u_int8_t rule_action,
306 u_int32_t rule_number, u_int8_t r_last, u_int8_t active,
307 u_int8_t check_ticket)
308{
309 struct pf_ruleset *ruleset;
310 struct pf_rule *rule;
311 int rs_num;
312
313 ruleset = pf_find_ruleset(anchor);
314 if (ruleset == NULL((void *)0))
315 return (NULL((void *)0));
316 rs_num = pf_get_ruleset_number(rule_action);
317 if (rs_num >= PF_RULESET_MAX)
318 return (NULL((void *)0));
319 if (active) {
320 if (check_ticket && ticket !=
321 ruleset->rules[rs_num].active.ticket)
322 return (NULL((void *)0));
323 if (r_last)
324 rule = TAILQ_LAST(ruleset->rules[rs_num].active.ptr,(*(((struct pf_rulequeue *)((ruleset->rules[rs_num].active
.ptr)->tqh_last))->tqh_last))
325 pf_rulequeue)(*(((struct pf_rulequeue *)((ruleset->rules[rs_num].active
.ptr)->tqh_last))->tqh_last));
326 else
327 rule = TAILQ_FIRST(ruleset->rules[rs_num].active.ptr)((ruleset->rules[rs_num].active.ptr)->tqh_first);
328 } else {
329 if (check_ticket && ticket !=
330 ruleset->rules[rs_num].inactive.ticket)
331 return (NULL((void *)0));
332 if (r_last)
333 rule = TAILQ_LAST(ruleset->rules[rs_num].inactive.ptr,(*(((struct pf_rulequeue *)((ruleset->rules[rs_num].inactive
.ptr)->tqh_last))->tqh_last))
334 pf_rulequeue)(*(((struct pf_rulequeue *)((ruleset->rules[rs_num].inactive
.ptr)->tqh_last))->tqh_last));
335 else
336 rule = TAILQ_FIRST(ruleset->rules[rs_num].inactive.ptr)((ruleset->rules[rs_num].inactive.ptr)->tqh_first);
337 }
338 if (!r_last) {
339 while ((rule != NULL((void *)0)) && (rule->nr != rule_number))
340 rule = TAILQ_NEXT(rule, entries)((rule)->entries.tqe_next);
341 }
342 if (rule == NULL((void *)0))
343 return (NULL((void *)0));
344
345 return (&rule->rpool);
346}
347
348static void
349pf_mv_pool(struct pf_palist *poola, struct pf_palist *poolb)
350{
351 struct pf_pooladdr *mv_pool_pa;
352
353 while ((mv_pool_pa = TAILQ_FIRST(poola)((poola)->tqh_first)) != NULL((void *)0)) {
354 TAILQ_REMOVE(poola, mv_pool_pa, entries)do { ; ; do { if ((((mv_pool_pa))->entries.tqe_next) != ((
void *)0) && (((mv_pool_pa))->entries.tqe_next)->
entries.tqe_prev != &((mv_pool_pa)->entries.tqe_next))
panic("Bad link elm %p next->prev != elm", (mv_pool_pa));
} while (0); do { if (*(mv_pool_pa)->entries.tqe_prev != (
mv_pool_pa)) panic("Bad link elm %p prev->next != elm", (mv_pool_pa
)); } while (0); if (((((mv_pool_pa))->entries.tqe_next)) !=
((void *)0)) (((mv_pool_pa))->entries.tqe_next)->entries
.tqe_prev = (mv_pool_pa)->entries.tqe_prev; else { (poola)
->tqh_last = (mv_pool_pa)->entries.tqe_prev; ; } *(mv_pool_pa
)->entries.tqe_prev = (((mv_pool_pa))->entries.tqe_next
); ; ; ; } while (0);
355 TAILQ_INSERT_TAIL(poolb, mv_pool_pa, entries)do { do { if (*(poolb)->tqh_last != ((void *)0)) panic("Bad tailq NEXT(%p->tqh_last) != NULL"
, (poolb)); } while (0); (((mv_pool_pa))->entries.tqe_next
) = ((void *)0); (mv_pool_pa)->entries.tqe_prev = (poolb)->
tqh_last; *(poolb)->tqh_last = (mv_pool_pa); (poolb)->tqh_last
= &(((mv_pool_pa))->entries.tqe_next); ; ; } while (0
);
356 }
357}
358
359static void
360pf_empty_pool(struct pf_palist *poola)
361{
362 struct pf_pooladdr *pa;
363
364 while ((pa = TAILQ_FIRST(poola)((poola)->tqh_first)) != NULL((void *)0)) {
365 switch (pa->addr.type) {
366 case PF_ADDR_DYNIFTL:
367 pfi_dynaddr_remove(pa->addr.p.dyn);
368 break;
369 case PF_ADDR_TABLE:
370 /* XXX: this could be unfinished pooladdr on pabuf */
371 if (pa->addr.p.tbl != NULL((void *)0))
372 pfr_detach_table(pa->addr.p.tbl);
373 break;
374 }
375 if (pa->kif)
376 pfi_kif_unref(pa->kif);
377 TAILQ_REMOVE(poola, pa, entries)do { ; ; do { if ((((pa))->entries.tqe_next) != ((void *)0
) && (((pa))->entries.tqe_next)->entries.tqe_prev
!= &((pa)->entries.tqe_next)) panic("Bad link elm %p next->prev != elm"
, (pa)); } while (0); do { if (*(pa)->entries.tqe_prev != (
pa)) panic("Bad link elm %p prev->next != elm", (pa)); } while
(0); if (((((pa))->entries.tqe_next)) != ((void *)0)) (((
pa))->entries.tqe_next)->entries.tqe_prev = (pa)->entries
.tqe_prev; else { (poola)->tqh_last = (pa)->entries.tqe_prev
; ; } *(pa)->entries.tqe_prev = (((pa))->entries.tqe_next
); ; ; ; } while (0);
378 free(pa, M_PFRULE);
379 }
380}
381
382static void
383pf_unlink_rule(struct pf_rulequeue *rulequeue, struct pf_rule *rule)
384{
385
386 PF_RULES_WASSERT()_rm_assert((&pf_rules_lock), (0x00000004), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 386);
387
388 TAILQ_REMOVE(rulequeue, rule, entries)do { ; ; do { if ((((rule))->entries.tqe_next) != ((void *
)0) && (((rule))->entries.tqe_next)->entries.tqe_prev
!= &((rule)->entries.tqe_next)) panic("Bad link elm %p next->prev != elm"
, (rule)); } while (0); do { if (*(rule)->entries.tqe_prev
!= (rule)) panic("Bad link elm %p prev->next != elm", (rule
)); } while (0); if (((((rule))->entries.tqe_next)) != ((void
*)0)) (((rule))->entries.tqe_next)->entries.tqe_prev =
(rule)->entries.tqe_prev; else { (rulequeue)->tqh_last
= (rule)->entries.tqe_prev; ; } *(rule)->entries.tqe_prev
= (((rule))->entries.tqe_next); ; ; ; } while (0);
389
390 PF_UNLNKDRULES_LOCK()__mtx_lock_flags(&((((&pf_unlnkdrules_mtx))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (390));
391 rule->rule_flag |= PFRULE_REFS0x0080;
392 TAILQ_INSERT_TAIL(&V_pf_unlinked_rules, rule, entries)do { do { if (*(&(*(__typeof(vnet_entry_pf_unlinked_rules
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_unlinked_rules)))->tqh_last !=
((void *)0)) panic("Bad tailq NEXT(%p->tqh_last) != NULL"
, (&(*(__typeof(vnet_entry_pf_unlinked_rules)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_unlinked_rules
)))); } while (0); (((rule))->entries.tqe_next) = ((void *
)0); (rule)->entries.tqe_prev = (&(*(__typeof(vnet_entry_pf_unlinked_rules
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_unlinked_rules)))->tqh_last; *
(&(*(__typeof(vnet_entry_pf_unlinked_rules)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_unlinked_rules
)))->tqh_last = (rule); (&(*(__typeof(vnet_entry_pf_unlinked_rules
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_unlinked_rules)))->tqh_last =
&(((rule))->entries.tqe_next); ; ; } while (0);
393 PF_UNLNKDRULES_UNLOCK()__mtx_unlock_flags(&((((&pf_unlnkdrules_mtx))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (393));
394}
395
396void
397pf_free_rule(struct pf_rule *rule)
398{
399
400 PF_RULES_WASSERT()_rm_assert((&pf_rules_lock), (0x00000004), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 400);
401
402 if (rule->tag)
403 tag_unref(&V_pf_tags(*(__typeof(vnet_entry_pf_tags)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_tags)), rule->tag);
404 if (rule->match_tag)
405 tag_unref(&V_pf_tags(*(__typeof(vnet_entry_pf_tags)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_tags)), rule->match_tag);
406#ifdef ALTQ
407 if (rule->pqid != rule->qid)
408 pf_qid_unref(rule->pqid);
409 pf_qid_unref(rule->qid);
410#endif
411 switch (rule->src.addr.type) {
412 case PF_ADDR_DYNIFTL:
413 pfi_dynaddr_remove(rule->src.addr.p.dyn);
414 break;
415 case PF_ADDR_TABLE:
416 pfr_detach_table(rule->src.addr.p.tbl);
417 break;
418 }
419 switch (rule->dst.addr.type) {
420 case PF_ADDR_DYNIFTL:
421 pfi_dynaddr_remove(rule->dst.addr.p.dyn);
422 break;
423 case PF_ADDR_TABLE:
424 pfr_detach_table(rule->dst.addr.p.tbl);
425 break;
426 }
427 if (rule->overload_tbl)
428 pfr_detach_table(rule->overload_tbl);
429 if (rule->kif)
430 pfi_kif_unref(rule->kif);
431 pf_anchor_remove(rule);
432 pf_empty_pool(&rule->rpool.list);
433 counter_u64_free(rule->states_cur);
434 counter_u64_free(rule->states_tot);
435 counter_u64_free(rule->src_nodes);
436 free(rule, M_PFRULE);
437}
438
439static u_int16_t
440tagname2tag(struct pf_tags *head, char *tagname)
441{
442 struct pf_tagname *tag, *p = NULL((void *)0);
443 u_int16_t new_tagid = 1;
444
445 PF_RULES_WASSERT()_rm_assert((&pf_rules_lock), (0x00000004), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 445);
446
447 TAILQ_FOREACH(tag, head, entries)for ((tag) = (((head))->tqh_first); (tag); (tag) = (((tag)
)->entries.tqe_next))
448 if (strcmp(tagname, tag->name) == 0) {
449 tag->ref++;
450 return (tag->tag);
451 }
452
453 /*
454 * to avoid fragmentation, we do a linear search from the beginning
455 * and take the first free slot we find. if there is none or the list
456 * is empty, append a new entry at the end.
457 */
458
459 /* new entry */
460 if (!TAILQ_EMPTY(head)((head)->tqh_first == ((void *)0)))
461 for (p = TAILQ_FIRST(head)((head)->tqh_first); p != NULL((void *)0) &&
462 p->tag == new_tagid; p = TAILQ_NEXT(p, entries)((p)->entries.tqe_next))
463 new_tagid = p->tag + 1;
464
465 if (new_tagid > TAGID_MAX50000)
466 return (0);
467
468 /* allocate and fill new struct pf_tagname */
469 tag = malloc(sizeof(*tag), M_PFTAG, M_NOWAIT0x0001|M_ZERO0x0100);
470 if (tag == NULL((void *)0))
471 return (0);
472 strlcpy(tag->name, tagname, sizeof(tag->name));
473 tag->tag = new_tagid;
474 tag->ref++;
475
476 if (p != NULL((void *)0)) /* insert new entry before p */
477 TAILQ_INSERT_BEFORE(p, tag, entries)do { do { if (*(p)->entries.tqe_prev != (p)) panic("Bad link elm %p prev->next != elm"
, (p)); } while (0); (tag)->entries.tqe_prev = (p)->entries
.tqe_prev; (((tag))->entries.tqe_next) = (p); *(p)->entries
.tqe_prev = (tag); (p)->entries.tqe_prev = &(((tag))->
entries.tqe_next); ; ; } while (0);
478 else /* either list empty or no free slot in between */
479 TAILQ_INSERT_TAIL(head, tag, entries)do { do { if (*(head)->tqh_last != ((void *)0)) panic("Bad tailq NEXT(%p->tqh_last) != NULL"
, (head)); } while (0); (((tag))->entries.tqe_next) = ((void
*)0); (tag)->entries.tqe_prev = (head)->tqh_last; *(head
)->tqh_last = (tag); (head)->tqh_last = &(((tag))->
entries.tqe_next); ; ; } while (0);
480
481 return (tag->tag);
482}
483
484static void
485tag_unref(struct pf_tags *head, u_int16_t tag)
486{
487 struct pf_tagname *p, *next;
488
489 PF_RULES_WASSERT()_rm_assert((&pf_rules_lock), (0x00000004), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 489);
490
491 for (p = TAILQ_FIRST(head)((head)->tqh_first); p != NULL((void *)0); p = next) {
492 next = TAILQ_NEXT(p, entries)((p)->entries.tqe_next);
493 if (tag == p->tag) {
494 if (--p->ref == 0) {
495 TAILQ_REMOVE(head, p, entries)do { ; ; do { if ((((p))->entries.tqe_next) != ((void *)0)
&& (((p))->entries.tqe_next)->entries.tqe_prev
!= &((p)->entries.tqe_next)) panic("Bad link elm %p next->prev != elm"
, (p)); } while (0); do { if (*(p)->entries.tqe_prev != (p
)) panic("Bad link elm %p prev->next != elm", (p)); } while
(0); if (((((p))->entries.tqe_next)) != ((void *)0)) (((p
))->entries.tqe_next)->entries.tqe_prev = (p)->entries
.tqe_prev; else { (head)->tqh_last = (p)->entries.tqe_prev
; ; } *(p)->entries.tqe_prev = (((p))->entries.tqe_next
); ; ; ; } while (0);
496 free(p, M_PFTAG);
497 }
498 break;
499 }
500 }
501}
502
503static u_int16_t
504pf_tagname2tag(char *tagname)
505{
506 return (tagname2tag(&V_pf_tags(*(__typeof(vnet_entry_pf_tags)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_tags)), tagname));
507}
508
509#ifdef ALTQ
510static u_int32_t
511pf_qname2qid(char *qname)
512{
513 return ((u_int32_t)tagname2tag(&V_pf_qids(*(__typeof(vnet_entry_pf_qids)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_qids)), qname));
514}
515
516static void
517pf_qid_unref(u_int32_t qid)
518{
519 tag_unref(&V_pf_qids(*(__typeof(vnet_entry_pf_qids)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_qids)), (u_int16_t)qid);
520}
521
522static int
523pf_begin_altq(u_int32_t *ticket)
524{
525 struct pf_altqpf_kaltq *altq;
526 int error = 0;
527
528 PF_RULES_WASSERT()_rm_assert((&pf_rules_lock), (0x00000004), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 528);
529
530 /* Purge the old altq list */
531 while ((altq = TAILQ_FIRST(V_pf_altqs_inactive)(((*(__typeof(vnet_entry_pf_altqs_inactive)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_altqs_inactive
)))->tqh_first)) != NULL((void *)0)) {
532 TAILQ_REMOVE(V_pf_altqs_inactive, altq, entries)do { ; ; do { if ((((altq))->entries.tqe_next) != ((void *
)0) && (((altq))->entries.tqe_next)->entries.tqe_prev
!= &((altq)->entries.tqe_next)) panic("Bad link elm %p next->prev != elm"
, (altq)); } while (0); do { if (*(altq)->entries.tqe_prev
!= (altq)) panic("Bad link elm %p prev->next != elm", (altq
)); } while (0); if (((((altq))->entries.tqe_next)) != ((void
*)0)) (((altq))->entries.tqe_next)->entries.tqe_prev =
(altq)->entries.tqe_prev; else { ((*(__typeof(vnet_entry_pf_altqs_inactive
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_altqs_inactive)))->tqh_last =
(altq)->entries.tqe_prev; ; } *(altq)->entries.tqe_prev
= (((altq))->entries.tqe_next); ; ; ; } while (0);
533 if (altq->qname[0] == 0 &&
534 (altq->local_flags & PFALTQ_FLAG_IF_REMOVED0x01) == 0) {
535 /* detach and destroy the discipline */
536 error = altq_remove(altq);
537 } else
538 pf_qid_unref(altq->qid);
539 free(altq, M_PFALTQ);
540 }
541 if (error)
542 return (error);
543 *ticket = ++V_ticket_altqs_inactive(*(__typeof(vnet_entry_ticket_altqs_inactive)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_ticket_altqs_inactive
));
544 V_altqs_inactive_open(*(__typeof(vnet_entry_altqs_inactive_open)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_altqs_inactive_open
)) = 1;
545 return (0);
546}
547
548static int
549pf_rollback_altq(u_int32_t ticket)
550{
551 struct pf_altqpf_kaltq *altq;
552 int error = 0;
553
554 PF_RULES_WASSERT()_rm_assert((&pf_rules_lock), (0x00000004), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 554);
555
556 if (!V_altqs_inactive_open(*(__typeof(vnet_entry_altqs_inactive_open)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_altqs_inactive_open
)) || ticket != V_ticket_altqs_inactive(*(__typeof(vnet_entry_ticket_altqs_inactive)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_ticket_altqs_inactive
)))
557 return (0);
558 /* Purge the old altq list */
559 while ((altq = TAILQ_FIRST(V_pf_altqs_inactive)(((*(__typeof(vnet_entry_pf_altqs_inactive)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_altqs_inactive
)))->tqh_first)) != NULL((void *)0)) {
560 TAILQ_REMOVE(V_pf_altqs_inactive, altq, entries)do { ; ; do { if ((((altq))->entries.tqe_next) != ((void *
)0) && (((altq))->entries.tqe_next)->entries.tqe_prev
!= &((altq)->entries.tqe_next)) panic("Bad link elm %p next->prev != elm"
, (altq)); } while (0); do { if (*(altq)->entries.tqe_prev
!= (altq)) panic("Bad link elm %p prev->next != elm", (altq
)); } while (0); if (((((altq))->entries.tqe_next)) != ((void
*)0)) (((altq))->entries.tqe_next)->entries.tqe_prev =
(altq)->entries.tqe_prev; else { ((*(__typeof(vnet_entry_pf_altqs_inactive
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_altqs_inactive)))->tqh_last =
(altq)->entries.tqe_prev; ; } *(altq)->entries.tqe_prev
= (((altq))->entries.tqe_next); ; ; ; } while (0);
561 if (altq->qname[0] == 0 &&
562 (altq->local_flags & PFALTQ_FLAG_IF_REMOVED0x01) == 0) {
563 /* detach and destroy the discipline */
564 error = altq_remove(altq);
565 } else
566 pf_qid_unref(altq->qid);
567 free(altq, M_PFALTQ);
568 }
569 V_altqs_inactive_open(*(__typeof(vnet_entry_altqs_inactive_open)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_altqs_inactive_open
)) = 0;
570 return (error);
571}
572
573static int
574pf_commit_altq(u_int32_t ticket)
575{
576 struct pf_altqqueue *old_altqs;
577 struct pf_altqpf_kaltq *altq;
578 int err, error = 0;
579
580 PF_RULES_WASSERT()_rm_assert((&pf_rules_lock), (0x00000004), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 580);
581
582 if (!V_altqs_inactive_open(*(__typeof(vnet_entry_altqs_inactive_open)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_altqs_inactive_open
)) || ticket != V_ticket_altqs_inactive(*(__typeof(vnet_entry_ticket_altqs_inactive)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_ticket_altqs_inactive
)))
583 return (EBUSY16);
584
585 /* swap altqs, keep the old. */
586 old_altqs = V_pf_altqs_active(*(__typeof(vnet_entry_pf_altqs_active)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_altqs_active
));
587 V_pf_altqs_active(*(__typeof(vnet_entry_pf_altqs_active)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_altqs_active
)) = V_pf_altqs_inactive(*(__typeof(vnet_entry_pf_altqs_inactive)*) (((((__curthread(
))->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_altqs_inactive
));
588 V_pf_altqs_inactive(*(__typeof(vnet_entry_pf_altqs_inactive)*) (((((__curthread(
))->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_altqs_inactive
)) = old_altqs;
589 V_ticket_altqs_active(*(__typeof(vnet_entry_ticket_altqs_active)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_ticket_altqs_active
)) = V_ticket_altqs_inactive(*(__typeof(vnet_entry_ticket_altqs_inactive)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_ticket_altqs_inactive
));
590
591 /* Attach new disciplines */
592 TAILQ_FOREACH(altq, V_pf_altqs_active, entries)for ((altq) = ((((*(__typeof(vnet_entry_pf_altqs_active)*) ((
(((__curthread())->td_vnet))->vnet_data_base) + (uintptr_t
)&vnet_entry_pf_altqs_active))))->tqh_first); (altq); (
altq) = (((altq))->entries.tqe_next)) {
593 if (altq->qname[0] == 0 &&
594 (altq->local_flags & PFALTQ_FLAG_IF_REMOVED0x01) == 0) {
595 /* attach the discipline */
596 error = altq_pfattach(altq);
597 if (error == 0 && V_pf_altq_running)
598 error = pf_enable_altq(altq);
599 if (error != 0)
600 return (error);
601 }
602 }
603
604 /* Purge the old altq list */
605 while ((altq = TAILQ_FIRST(V_pf_altqs_inactive)(((*(__typeof(vnet_entry_pf_altqs_inactive)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_altqs_inactive
)))->tqh_first)) != NULL((void *)0)) {
606 TAILQ_REMOVE(V_pf_altqs_inactive, altq, entries)do { ; ; do { if ((((altq))->entries.tqe_next) != ((void *
)0) && (((altq))->entries.tqe_next)->entries.tqe_prev
!= &((altq)->entries.tqe_next)) panic("Bad link elm %p next->prev != elm"
, (altq)); } while (0); do { if (*(altq)->entries.tqe_prev
!= (altq)) panic("Bad link elm %p prev->next != elm", (altq
)); } while (0); if (((((altq))->entries.tqe_next)) != ((void
*)0)) (((altq))->entries.tqe_next)->entries.tqe_prev =
(altq)->entries.tqe_prev; else { ((*(__typeof(vnet_entry_pf_altqs_inactive
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_altqs_inactive)))->tqh_last =
(altq)->entries.tqe_prev; ; } *(altq)->entries.tqe_prev
= (((altq))->entries.tqe_next); ; ; ; } while (0);
607 if (altq->qname[0] == 0 &&
608 (altq->local_flags & PFALTQ_FLAG_IF_REMOVED0x01) == 0) {
609 /* detach and destroy the discipline */
610 if (V_pf_altq_running)
611 error = pf_disable_altq(altq);
612 err = altq_pfdetach(altq);
613 if (err != 0 && error == 0)
614 error = err;
615 err = altq_remove(altq);
616 if (err != 0 && error == 0)
617 error = err;
618 } else
619 pf_qid_unref(altq->qid);
620 free(altq, M_PFALTQ);
621 }
622
623 V_altqs_inactive_open(*(__typeof(vnet_entry_altqs_inactive_open)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_altqs_inactive_open
)) = 0;
624 return (error);
625}
626
627static int
628pf_enable_altq(struct pf_altqpf_kaltq *altq)
629{
630 struct ifnet *ifp;
631 struct tb_profile tb;
632 int error = 0;
633
634 if ((ifp = ifunit(altq->ifname)) == NULL((void *)0))
635 return (EINVAL22);
636
637 if (ifp->if_snd.altq_type != ALTQT_NONE)
638 error = altq_enable(&ifp->if_snd);
639
640 /* set tokenbucket regulator */
641 if (error == 0 && ifp != NULL((void *)0) && ALTQ_IS_ENABLED(&ifp->if_snd)0) {
642 tb.rate = altq->ifbandwidth;
643 tb.depth = altq->tbrsize;
644 error = tbr_set(&ifp->if_snd, &tb);
645 }
646
647 return (error);
648}
649
650static int
651pf_disable_altq(struct pf_altqpf_kaltq *altq)
652{
653 struct ifnet *ifp;
654 struct tb_profile tb;
655 int error;
656
657 if ((ifp = ifunit(altq->ifname)) == NULL((void *)0))
658 return (EINVAL22);
659
660 /*
661 * when the discipline is no longer referenced, it was overridden
662 * by a new one. if so, just return.
663 */
664 if (altq->altq_disc != ifp->if_snd.altq_disc)
665 return (0);
666
667 error = altq_disable(&ifp->if_snd);
668
669 if (error == 0) {
670 /* clear tokenbucket regulator */
671 tb.rate = 0;
672 error = tbr_set(&ifp->if_snd, &tb);
673 }
674
675 return (error);
676}
677
678void
679pf_altq_ifnet_event(struct ifnet *ifp, int remove)
680{
681 struct ifnet *ifp1;
682 struct pf_altqpf_kaltq *a1, *a2, *a3;
683 u_int32_t ticket;
684 int error = 0;
685
686 /* Interrupt userland queue modifications */
687 if (V_altqs_inactive_open(*(__typeof(vnet_entry_altqs_inactive_open)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_altqs_inactive_open
)))
688 pf_rollback_altq(V_ticket_altqs_inactive(*(__typeof(vnet_entry_ticket_altqs_inactive)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_ticket_altqs_inactive
)));
689
690 /* Start new altq ruleset */
691 if (pf_begin_altq(&ticket))
692 return;
693
694 /* Copy the current active set */
695 TAILQ_FOREACH(a1, V_pf_altqs_active, entries)for ((a1) = ((((*(__typeof(vnet_entry_pf_altqs_active)*) ((((
(__curthread())->td_vnet))->vnet_data_base) + (uintptr_t
)&vnet_entry_pf_altqs_active))))->tqh_first); (a1); (a1
) = (((a1))->entries.tqe_next)) {
696 a2 = malloc(sizeof(*a2), M_PFALTQ, M_NOWAIT0x0001);
697 if (a2 == NULL((void *)0)) {
698 error = ENOMEM12;
699 break;
700 }
701 bcopy(a1, a2, sizeof(struct pf_altq))__builtin_memmove((a2), (a1), (sizeof(struct pf_kaltq)));
702
703 if (a2->qname[0] != 0) {
704 if ((a2->qid = pf_qname2qid(a2->qname)) == 0) {
705 error = EBUSY16;
706 free(a2, M_PFALTQ);
707 break;
708 }
709 a2->altq_disc = NULL((void *)0);
710 TAILQ_FOREACH(a3, V_pf_altqs_inactive, entries)for ((a3) = ((((*(__typeof(vnet_entry_pf_altqs_inactive)*) ((
(((__curthread())->td_vnet))->vnet_data_base) + (uintptr_t
)&vnet_entry_pf_altqs_inactive))))->tqh_first); (a3); (
a3) = (((a3))->entries.tqe_next)) {
711 if (strncmp(a3->ifname, a2->ifname,
712 IFNAMSIZ16) == 0 && a3->qname[0] == 0) {
713 a2->altq_disc = a3->altq_disc;
714 break;
715 }
716 }
717 }
718 /* Deactivate the interface in question */
719 a2->local_flags &= ~PFALTQ_FLAG_IF_REMOVED0x01;
720 if ((ifp1 = ifunit(a2->ifname)) == NULL((void *)0) ||
721 (remove && ifp1 == ifp)) {
722 a2->local_flags |= PFALTQ_FLAG_IF_REMOVED0x01;
723 } else {
724 error = altq_add(a2);
725
726 if (ticket != V_ticket_altqs_inactive(*(__typeof(vnet_entry_ticket_altqs_inactive)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_ticket_altqs_inactive
)))
727 error = EBUSY16;
728
729 if (error) {
730 free(a2, M_PFALTQ);
731 break;
732 }
733 }
734
735 TAILQ_INSERT_TAIL(V_pf_altqs_inactive, a2, entries)do { do { if (*((*(__typeof(vnet_entry_pf_altqs_inactive)*) (
((((__curthread())->td_vnet))->vnet_data_base) + (uintptr_t
)&vnet_entry_pf_altqs_inactive)))->tqh_last != ((void *
)0)) panic("Bad tailq NEXT(%p->tqh_last) != NULL", ((*(__typeof
(vnet_entry_pf_altqs_inactive)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_altqs_inactive
)))); } while (0); (((a2))->entries.tqe_next) = ((void *)0
); (a2)->entries.tqe_prev = ((*(__typeof(vnet_entry_pf_altqs_inactive
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_altqs_inactive)))->tqh_last; *
((*(__typeof(vnet_entry_pf_altqs_inactive)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_altqs_inactive
)))->tqh_last = (a2); ((*(__typeof(vnet_entry_pf_altqs_inactive
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_altqs_inactive)))->tqh_last =
&(((a2))->entries.tqe_next); ; ; } while (0);
736 }
737
738 if (error != 0)
739 pf_rollback_altq(ticket);
740 else
741 pf_commit_altq(ticket);
742}
743#endif /* ALTQ */
744
745static int
746pf_begin_rules(u_int32_t *ticket, int rs_num, const char *anchor)
747{
748 struct pf_ruleset *rs;
749 struct pf_rule *rule;
750
751 PF_RULES_WASSERT()_rm_assert((&pf_rules_lock), (0x00000004), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 751);
752
753 if (rs_num < 0 || rs_num >= PF_RULESET_MAX)
754 return (EINVAL22);
755 rs = pf_find_or_create_ruleset(anchor);
756 if (rs == NULL((void *)0))
757 return (EINVAL22);
758 while ((rule = TAILQ_FIRST(rs->rules[rs_num].inactive.ptr)((rs->rules[rs_num].inactive.ptr)->tqh_first)) != NULL((void *)0)) {
759 pf_unlink_rule(rs->rules[rs_num].inactive.ptr, rule);
760 rs->rules[rs_num].inactive.rcount--;
761 }
762 *ticket = ++rs->rules[rs_num].inactive.ticket;
763 rs->rules[rs_num].inactive.open = 1;
764 return (0);
765}
766
767static int
768pf_rollback_rules(u_int32_t ticket, int rs_num, char *anchor)
769{
770 struct pf_ruleset *rs;
771 struct pf_rule *rule;
772
773 PF_RULES_WASSERT()_rm_assert((&pf_rules_lock), (0x00000004), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 773);
774
775 if (rs_num < 0 || rs_num >= PF_RULESET_MAX)
776 return (EINVAL22);
777 rs = pf_find_ruleset(anchor);
778 if (rs == NULL((void *)0) || !rs->rules[rs_num].inactive.open ||
779 rs->rules[rs_num].inactive.ticket != ticket)
780 return (0);
781 while ((rule = TAILQ_FIRST(rs->rules[rs_num].inactive.ptr)((rs->rules[rs_num].inactive.ptr)->tqh_first)) != NULL((void *)0)) {
782 pf_unlink_rule(rs->rules[rs_num].inactive.ptr, rule);
783 rs->rules[rs_num].inactive.rcount--;
784 }
785 rs->rules[rs_num].inactive.open = 0;
786 return (0);
787}
788
789#define PF_MD5_UPD(st, elm)MD5Update(ctx, (u_int8_t *) &(st)->elm, sizeof((st)->
elm)) \
790 MD5Update(ctx, (u_int8_t *) &(st)->elm, sizeof((st)->elm))
791
792#define PF_MD5_UPD_STR(st, elm)MD5Update(ctx, (u_int8_t *) (st)->elm, strlen((st)->elm
)) \
793 MD5Update(ctx, (u_int8_t *) (st)->elm, strlen((st)->elm))
794
795#define PF_MD5_UPD_HTONL(st, elm, stor)do { (stor) = (__builtin_constant_p((st)->elm) ? (((__uint32_t
)((__uint16_t)(__builtin_constant_p(((__uint32_t)((st)->elm
)) & 0xffff) ? (__uint16_t)(((__uint16_t)(((__uint32_t)((
st)->elm)) & 0xffff)) << 8 | ((__uint16_t)(((__uint32_t
)((st)->elm)) & 0xffff)) >> 8) : __bswap16_var((
(__uint32_t)((st)->elm)) & 0xffff))) << 16) | ((
__uint16_t)(__builtin_constant_p(((__uint32_t)((st)->elm))
>> 16) ? (__uint16_t)(((__uint16_t)(((__uint32_t)((st)
->elm)) >> 16)) << 8 | ((__uint16_t)(((__uint32_t
)((st)->elm)) >> 16)) >> 8) : __bswap16_var(((
__uint32_t)((st)->elm)) >> 16)))) : __bswap32_var((st
)->elm)); MD5Update(ctx, (u_int8_t *) &(stor), sizeof(
u_int32_t));} while (0) do { \
796 (stor) = htonl((st)->elm)(__builtin_constant_p((st)->elm) ? (((__uint32_t)((__uint16_t
)(__builtin_constant_p(((__uint32_t)((st)->elm)) & 0xffff
) ? (__uint16_t)(((__uint16_t)(((__uint32_t)((st)->elm)) &
0xffff)) << 8 | ((__uint16_t)(((__uint32_t)((st)->elm
)) & 0xffff)) >> 8) : __bswap16_var(((__uint32_t)((
st)->elm)) & 0xffff))) << 16) | ((__uint16_t)(__builtin_constant_p
(((__uint32_t)((st)->elm)) >> 16) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)((st)->elm)) >> 16)) << 8 | ((__uint16_t
)(((__uint32_t)((st)->elm)) >> 16)) >> 8) : __bswap16_var
(((__uint32_t)((st)->elm)) >> 16)))) : __bswap32_var
((st)->elm)); \
797 MD5Update(ctx, (u_int8_t *) &(stor), sizeof(u_int32_t));\
798} while (0)
799
800#define PF_MD5_UPD_HTONS(st, elm, stor)do { (stor) = ((__uint16_t)(__builtin_constant_p((st)->elm
) ? (__uint16_t)(((__uint16_t)((st)->elm)) << 8 | ((
__uint16_t)((st)->elm)) >> 8) : __bswap16_var((st)->
elm))); MD5Update(ctx, (u_int8_t *) &(stor), sizeof(u_int16_t
));} while (0) do { \
801 (stor) = htons((st)->elm)((__uint16_t)(__builtin_constant_p((st)->elm) ? (__uint16_t
)(((__uint16_t)((st)->elm)) << 8 | ((__uint16_t)((st
)->elm)) >> 8) : __bswap16_var((st)->elm))); \
802 MD5Update(ctx, (u_int8_t *) &(stor), sizeof(u_int16_t));\
803} while (0)
804
805static void
806pf_hash_rule_addr(MD5_CTX *ctx, struct pf_rule_addr *pfr)
807{
808 PF_MD5_UPD(pfr, addr.type)MD5Update(ctx, (u_int8_t *) &(pfr)->addr.type, sizeof(
(pfr)->addr.type));
809 switch (pfr->addr.type) {
810 case PF_ADDR_DYNIFTL:
811 PF_MD5_UPD(pfr, addr.v.ifname)MD5Update(ctx, (u_int8_t *) &(pfr)->addr.v.ifname, sizeof
((pfr)->addr.v.ifname));
812 PF_MD5_UPD(pfr, addr.iflags)MD5Update(ctx, (u_int8_t *) &(pfr)->addr.iflags, sizeof
((pfr)->addr.iflags));
813 break;
814 case PF_ADDR_TABLE:
815 PF_MD5_UPD(pfr, addr.v.tblname)MD5Update(ctx, (u_int8_t *) &(pfr)->addr.v.tblname, sizeof
((pfr)->addr.v.tblname));
816 break;
817 case PF_ADDR_ADDRMASK:
818 /* XXX ignore af? */
819 PF_MD5_UPD(pfr, addr.v.a.addr.addr32)MD5Update(ctx, (u_int8_t *) &(pfr)->addr.v.a.addr.pfa.
addr32, sizeof((pfr)->addr.v.a.addr.pfa.addr32));
820 PF_MD5_UPD(pfr, addr.v.a.mask.addr32)MD5Update(ctx, (u_int8_t *) &(pfr)->addr.v.a.mask.pfa.
addr32, sizeof((pfr)->addr.v.a.mask.pfa.addr32));
821 break;
822 }
823
824 PF_MD5_UPD(pfr, port[0])MD5Update(ctx, (u_int8_t *) &(pfr)->port[0], sizeof((pfr
)->port[0]));
825 PF_MD5_UPD(pfr, port[1])MD5Update(ctx, (u_int8_t *) &(pfr)->port[1], sizeof((pfr
)->port[1]));
826 PF_MD5_UPD(pfr, neg)MD5Update(ctx, (u_int8_t *) &(pfr)->neg, sizeof((pfr)->
neg));
827 PF_MD5_UPD(pfr, port_op)MD5Update(ctx, (u_int8_t *) &(pfr)->port_op, sizeof((pfr
)->port_op));
828}
829
830static void
831pf_hash_rule(MD5_CTX *ctx, struct pf_rule *rule)
832{
833 u_int16_t x;
834 u_int32_t y;
835
836 pf_hash_rule_addr(ctx, &rule->src);
837 pf_hash_rule_addr(ctx, &rule->dst);
838 PF_MD5_UPD_STR(rule, label)MD5Update(ctx, (u_int8_t *) (rule)->label, strlen((rule)->
label));
839 PF_MD5_UPD_STR(rule, ifname)MD5Update(ctx, (u_int8_t *) (rule)->ifname, strlen((rule)->
ifname));
840 PF_MD5_UPD_STR(rule, match_tagname)MD5Update(ctx, (u_int8_t *) (rule)->match_tagname, strlen(
(rule)->match_tagname));
841 PF_MD5_UPD_HTONS(rule, match_tag, x)do { (x) = ((__uint16_t)(__builtin_constant_p((rule)->match_tag
) ? (__uint16_t)(((__uint16_t)((rule)->match_tag)) <<
8 | ((__uint16_t)((rule)->match_tag)) >> 8) : __bswap16_var
((rule)->match_tag))); MD5Update(ctx, (u_int8_t *) &(x
), sizeof(u_int16_t));} while (0); /* dup? */
842 PF_MD5_UPD_HTONL(rule, os_fingerprint, y)do { (y) = (__builtin_constant_p((rule)->os_fingerprint) ?
(((__uint32_t)((__uint16_t)(__builtin_constant_p(((__uint32_t
)((rule)->os_fingerprint)) & 0xffff) ? (__uint16_t)(((
__uint16_t)(((__uint32_t)((rule)->os_fingerprint)) & 0xffff
)) << 8 | ((__uint16_t)(((__uint32_t)((rule)->os_fingerprint
)) & 0xffff)) >> 8) : __bswap16_var(((__uint32_t)((
rule)->os_fingerprint)) & 0xffff))) << 16) | ((__uint16_t
)(__builtin_constant_p(((__uint32_t)((rule)->os_fingerprint
)) >> 16) ? (__uint16_t)(((__uint16_t)(((__uint32_t)((rule
)->os_fingerprint)) >> 16)) << 8 | ((__uint16_t
)(((__uint32_t)((rule)->os_fingerprint)) >> 16)) >>
8) : __bswap16_var(((__uint32_t)((rule)->os_fingerprint))
>> 16)))) : __bswap32_var((rule)->os_fingerprint));
MD5Update(ctx, (u_int8_t *) &(y), sizeof(u_int32_t));} while
(0);
843 PF_MD5_UPD_HTONL(rule, prob, y)do { (y) = (__builtin_constant_p((rule)->prob) ? (((__uint32_t
)((__uint16_t)(__builtin_constant_p(((__uint32_t)((rule)->
prob)) & 0xffff) ? (__uint16_t)(((__uint16_t)(((__uint32_t
)((rule)->prob)) & 0xffff)) << 8 | ((__uint16_t)
(((__uint32_t)((rule)->prob)) & 0xffff)) >> 8) :
__bswap16_var(((__uint32_t)((rule)->prob)) & 0xffff))
) << 16) | ((__uint16_t)(__builtin_constant_p(((__uint32_t
)((rule)->prob)) >> 16) ? (__uint16_t)(((__uint16_t)
(((__uint32_t)((rule)->prob)) >> 16)) << 8 | (
(__uint16_t)(((__uint32_t)((rule)->prob)) >> 16)) >>
8) : __bswap16_var(((__uint32_t)((rule)->prob)) >> 16
)))) : __bswap32_var((rule)->prob)); MD5Update(ctx, (u_int8_t
*) &(y), sizeof(u_int32_t));} while (0);
844 PF_MD5_UPD_HTONL(rule, uid.uid[0], y)do { (y) = (__builtin_constant_p((rule)->uid.uid[0]) ? (((
__uint32_t)((__uint16_t)(__builtin_constant_p(((__uint32_t)((
rule)->uid.uid[0])) & 0xffff) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)((rule)->uid.uid[0])) & 0xffff)) <<
8 | ((__uint16_t)(((__uint32_t)((rule)->uid.uid[0])) &
0xffff)) >> 8) : __bswap16_var(((__uint32_t)((rule)->
uid.uid[0])) & 0xffff))) << 16) | ((__uint16_t)(__builtin_constant_p
(((__uint32_t)((rule)->uid.uid[0])) >> 16) ? (__uint16_t
)(((__uint16_t)(((__uint32_t)((rule)->uid.uid[0])) >>
16)) << 8 | ((__uint16_t)(((__uint32_t)((rule)->uid
.uid[0])) >> 16)) >> 8) : __bswap16_var(((__uint32_t
)((rule)->uid.uid[0])) >> 16)))) : __bswap32_var((rule
)->uid.uid[0])); MD5Update(ctx, (u_int8_t *) &(y), sizeof
(u_int32_t));} while (0);
845 PF_MD5_UPD_HTONL(rule, uid.uid[1], y)do { (y) = (__builtin_constant_p((rule)->uid.uid[1]) ? (((
__uint32_t)((__uint16_t)(__builtin_constant_p(((__uint32_t)((
rule)->uid.uid[1])) & 0xffff) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)((rule)->uid.uid[1])) & 0xffff)) <<
8 | ((__uint16_t)(((__uint32_t)((rule)->uid.uid[1])) &
0xffff)) >> 8) : __bswap16_var(((__uint32_t)((rule)->
uid.uid[1])) & 0xffff))) << 16) | ((__uint16_t)(__builtin_constant_p
(((__uint32_t)((rule)->uid.uid[1])) >> 16) ? (__uint16_t
)(((__uint16_t)(((__uint32_t)((rule)->uid.uid[1])) >>
16)) << 8 | ((__uint16_t)(((__uint32_t)((rule)->uid
.uid[1])) >> 16)) >> 8) : __bswap16_var(((__uint32_t
)((rule)->uid.uid[1])) >> 16)))) : __bswap32_var((rule
)->uid.uid[1])); MD5Update(ctx, (u_int8_t *) &(y), sizeof
(u_int32_t));} while (0);
846 PF_MD5_UPD(rule, uid.op)MD5Update(ctx, (u_int8_t *) &(rule)->uid.op, sizeof((rule
)->uid.op));
847 PF_MD5_UPD_HTONL(rule, gid.gid[0], y)do { (y) = (__builtin_constant_p((rule)->gid.gid[0]) ? (((
__uint32_t)((__uint16_t)(__builtin_constant_p(((__uint32_t)((
rule)->gid.gid[0])) & 0xffff) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)((rule)->gid.gid[0])) & 0xffff)) <<
8 | ((__uint16_t)(((__uint32_t)((rule)->gid.gid[0])) &
0xffff)) >> 8) : __bswap16_var(((__uint32_t)((rule)->
gid.gid[0])) & 0xffff))) << 16) | ((__uint16_t)(__builtin_constant_p
(((__uint32_t)((rule)->gid.gid[0])) >> 16) ? (__uint16_t
)(((__uint16_t)(((__uint32_t)((rule)->gid.gid[0])) >>
16)) << 8 | ((__uint16_t)(((__uint32_t)((rule)->gid
.gid[0])) >> 16)) >> 8) : __bswap16_var(((__uint32_t
)((rule)->gid.gid[0])) >> 16)))) : __bswap32_var((rule
)->gid.gid[0])); MD5Update(ctx, (u_int8_t *) &(y), sizeof
(u_int32_t));} while (0);
848 PF_MD5_UPD_HTONL(rule, gid.gid[1], y)do { (y) = (__builtin_constant_p((rule)->gid.gid[1]) ? (((
__uint32_t)((__uint16_t)(__builtin_constant_p(((__uint32_t)((
rule)->gid.gid[1])) & 0xffff) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)((rule)->gid.gid[1])) & 0xffff)) <<
8 | ((__uint16_t)(((__uint32_t)((rule)->gid.gid[1])) &
0xffff)) >> 8) : __bswap16_var(((__uint32_t)((rule)->
gid.gid[1])) & 0xffff))) << 16) | ((__uint16_t)(__builtin_constant_p
(((__uint32_t)((rule)->gid.gid[1])) >> 16) ? (__uint16_t
)(((__uint16_t)(((__uint32_t)((rule)->gid.gid[1])) >>
16)) << 8 | ((__uint16_t)(((__uint32_t)((rule)->gid
.gid[1])) >> 16)) >> 8) : __bswap16_var(((__uint32_t
)((rule)->gid.gid[1])) >> 16)))) : __bswap32_var((rule
)->gid.gid[1])); MD5Update(ctx, (u_int8_t *) &(y), sizeof
(u_int32_t));} while (0);
849 PF_MD5_UPD(rule, gid.op)MD5Update(ctx, (u_int8_t *) &(rule)->gid.op, sizeof((rule
)->gid.op));
850 PF_MD5_UPD_HTONL(rule, rule_flag, y)do { (y) = (__builtin_constant_p((rule)->rule_flag) ? (((__uint32_t
)((__uint16_t)(__builtin_constant_p(((__uint32_t)((rule)->
rule_flag)) & 0xffff) ? (__uint16_t)(((__uint16_t)(((__uint32_t
)((rule)->rule_flag)) & 0xffff)) << 8 | ((__uint16_t
)(((__uint32_t)((rule)->rule_flag)) & 0xffff)) >>
8) : __bswap16_var(((__uint32_t)((rule)->rule_flag)) &
0xffff))) << 16) | ((__uint16_t)(__builtin_constant_p(
((__uint32_t)((rule)->rule_flag)) >> 16) ? (__uint16_t
)(((__uint16_t)(((__uint32_t)((rule)->rule_flag)) >>
16)) << 8 | ((__uint16_t)(((__uint32_t)((rule)->rule_flag
)) >> 16)) >> 8) : __bswap16_var(((__uint32_t)((rule
)->rule_flag)) >> 16)))) : __bswap32_var((rule)->
rule_flag)); MD5Update(ctx, (u_int8_t *) &(y), sizeof(u_int32_t
));} while (0);
851 PF_MD5_UPD(rule, action)MD5Update(ctx, (u_int8_t *) &(rule)->action, sizeof((rule
)->action));
852 PF_MD5_UPD(rule, direction)MD5Update(ctx, (u_int8_t *) &(rule)->direction, sizeof
((rule)->direction));
853 PF_MD5_UPD(rule, af)MD5Update(ctx, (u_int8_t *) &(rule)->af, sizeof((rule)
->af));
854 PF_MD5_UPD(rule, quick)MD5Update(ctx, (u_int8_t *) &(rule)->quick, sizeof((rule
)->quick));
855 PF_MD5_UPD(rule, ifnot)MD5Update(ctx, (u_int8_t *) &(rule)->ifnot, sizeof((rule
)->ifnot));
856 PF_MD5_UPD(rule, match_tag_not)MD5Update(ctx, (u_int8_t *) &(rule)->match_tag_not, sizeof
((rule)->match_tag_not));
857 PF_MD5_UPD(rule, natpass)MD5Update(ctx, (u_int8_t *) &(rule)->natpass, sizeof((
rule)->natpass));
858 PF_MD5_UPD(rule, keep_state)MD5Update(ctx, (u_int8_t *) &(rule)->keep_state, sizeof
((rule)->keep_state));
859 PF_MD5_UPD(rule, proto)MD5Update(ctx, (u_int8_t *) &(rule)->proto, sizeof((rule
)->proto));
860 PF_MD5_UPD(rule, type)MD5Update(ctx, (u_int8_t *) &(rule)->type, sizeof((rule
)->type));
861 PF_MD5_UPD(rule, code)MD5Update(ctx, (u_int8_t *) &(rule)->code, sizeof((rule
)->code));
862 PF_MD5_UPD(rule, flags)MD5Update(ctx, (u_int8_t *) &(rule)->flags, sizeof((rule
)->flags));
863 PF_MD5_UPD(rule, flagset)MD5Update(ctx, (u_int8_t *) &(rule)->flagset, sizeof((
rule)->flagset));
864 PF_MD5_UPD(rule, allow_opts)MD5Update(ctx, (u_int8_t *) &(rule)->allow_opts, sizeof
((rule)->allow_opts));
865 PF_MD5_UPD(rule, rt)MD5Update(ctx, (u_int8_t *) &(rule)->rt, sizeof((rule)
->rt));
866 PF_MD5_UPD(rule, tos)MD5Update(ctx, (u_int8_t *) &(rule)->tos, sizeof((rule
)->tos));
867}
868
869static int
870pf_commit_rules(u_int32_t ticket, int rs_num, char *anchor)
871{
872 struct pf_ruleset *rs;
873 struct pf_rule *rule, **old_array;
874 struct pf_rulequeue *old_rules;
875 int error;
876 u_int32_t old_rcount;
877
878 PF_RULES_WASSERT()_rm_assert((&pf_rules_lock), (0x00000004), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 878);
879
880 if (rs_num < 0 || rs_num >= PF_RULESET_MAX)
881 return (EINVAL22);
882 rs = pf_find_ruleset(anchor);
883 if (rs == NULL((void *)0) || !rs->rules[rs_num].inactive.open ||
884 ticket != rs->rules[rs_num].inactive.ticket)
885 return (EBUSY16);
886
887 /* Calculate checksum for the main ruleset */
888 if (rs == &pf_main_ruleset(*(__typeof(vnet_entry_pf_main_anchor)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_main_anchor
)).ruleset) {
889 error = pf_setup_pfsync_matching(rs);
890 if (error != 0)
891 return (error);
892 }
893
894 /* Swap rules, keep the old. */
895 old_rules = rs->rules[rs_num].active.ptr;
896 old_rcount = rs->rules[rs_num].active.rcount;
897 old_array = rs->rules[rs_num].active.ptr_array;
898
899 rs->rules[rs_num].active.ptr =
900 rs->rules[rs_num].inactive.ptr;
901 rs->rules[rs_num].active.ptr_array =
902 rs->rules[rs_num].inactive.ptr_array;
903 rs->rules[rs_num].active.rcount =
904 rs->rules[rs_num].inactive.rcount;
905 rs->rules[rs_num].inactive.ptr = old_rules;
906 rs->rules[rs_num].inactive.ptr_array = old_array;
907 rs->rules[rs_num].inactive.rcount = old_rcount;
908
909 rs->rules[rs_num].active.ticket =
910 rs->rules[rs_num].inactive.ticket;
911 pf_calc_skip_steps(rs->rules[rs_num].active.ptr);
912
913
914 /* Purge the old rule list. */
915 while ((rule = TAILQ_FIRST(old_rules)((old_rules)->tqh_first)) != NULL((void *)0))
916 pf_unlink_rule(old_rules, rule);
917 if (rs->rules[rs_num].inactive.ptr_array)
918 free(rs->rules[rs_num].inactive.ptr_array, M_TEMP);
919 rs->rules[rs_num].inactive.ptr_array = NULL((void *)0);
920 rs->rules[rs_num].inactive.rcount = 0;
921 rs->rules[rs_num].inactive.open = 0;
922 pf_remove_if_empty_ruleset(rs);
923
924 return (0);
925}
926
927static int
928pf_setup_pfsync_matching(struct pf_ruleset *rs)
929{
930 MD5_CTX ctx;
931 struct pf_rule *rule;
932 int rs_cnt;
933 u_int8_t digest[PF_MD5_DIGEST_LENGTH16];
934
935 MD5Init(&ctx);
936 for (rs_cnt = 0; rs_cnt < PF_RULESET_MAX; rs_cnt++) {
937 /* XXX PF_RULESET_SCRUB as well? */
938 if (rs_cnt == PF_RULESET_SCRUB)
939 continue;
940
941 if (rs->rules[rs_cnt].inactive.ptr_array)
942 free(rs->rules[rs_cnt].inactive.ptr_array, M_TEMP);
943 rs->rules[rs_cnt].inactive.ptr_array = NULL((void *)0);
944
945 if (rs->rules[rs_cnt].inactive.rcount) {
946 rs->rules[rs_cnt].inactive.ptr_array =
947 malloc(sizeof(caddr_t) *
948 rs->rules[rs_cnt].inactive.rcount,
949 M_TEMP, M_NOWAIT0x0001);
950
951 if (!rs->rules[rs_cnt].inactive.ptr_array)
952 return (ENOMEM12);
953 }
954
955 TAILQ_FOREACH(rule, rs->rules[rs_cnt].inactive.ptr,for ((rule) = (((rs->rules[rs_cnt].inactive.ptr))->tqh_first
); (rule); (rule) = (((rule))->entries.tqe_next))
956 entries)for ((rule) = (((rs->rules[rs_cnt].inactive.ptr))->tqh_first
); (rule); (rule) = (((rule))->entries.tqe_next)) {
957 pf_hash_rule(&ctx, rule);
958 (rs->rules[rs_cnt].inactive.ptr_array)[rule->nr] = rule;
959 }
960 }
961
962 MD5Final(digest, &ctx);
963 memcpy(V_pf_status.pf_chksum, digest, sizeof(V_pf_status.pf_chksum))__builtin_memcpy(((*(__typeof(vnet_entry_pf_status)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).pf_chksum), (digest), (sizeof((*(__typeof(vnet_entry_pf_status
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_status)).pf_chksum)));
964 return (0);
965}
966
967static int
968pf_addr_setup(struct pf_ruleset *ruleset, struct pf_addr_wrap *addr,
969 sa_family_t af)
970{
971 int error = 0;
972
973 switch (addr->type) {
974 case PF_ADDR_TABLE:
975 addr->p.tbl = pfr_attach_table(ruleset, addr->v.tblname);
976 if (addr->p.tbl == NULL((void *)0))
977 error = ENOMEM12;
978 break;
979 case PF_ADDR_DYNIFTL:
980 error = pfi_dynaddr_setup(addr, af);
981 break;
982 }
983
984 return (error);
985}
986
987static void
988pf_addr_copyout(struct pf_addr_wrap *addr)
989{
990
991 switch (addr->type) {
992 case PF_ADDR_DYNIFTL:
993 pfi_dynaddr_copyout(addr);
994 break;
995 case PF_ADDR_TABLE:
996 pf_tbladdr_copyout(addr);
997 break;
998 }
999}
1000
1001#ifdef ALTQ
1002/*
1003 * Handle export of struct pf_kaltq to user binaries that may be using any
1004 * version of struct pf_altq.
1005 */
1006static int
1007pf_export_kaltq(struct pf_altqpf_kaltq *q, struct pfioc_altq_v1 *pa, size_t ioc_size)
1008{
1009 u_int32_t version;
1010
1011 if (ioc_size == sizeof(struct pfioc_altq_v0))
1012 version = 0;
1013 else
1014 version = pa->version;
1015
1016 if (version > PFIOC_ALTQ_VERSION1)
1017 return (EINVAL22);
1018
1019#define ASSIGN(x) exported_q->x = q->x
1020#define COPY(x) \
1021 bcopy(&q->x, &exported_q->x, min(sizeof(q->x), sizeof(exported_q->x)))__builtin_memmove((&exported_q->x), (&q->x), (min
(sizeof(q->x), sizeof(exported_q->x))))
1022#define SATU16(x) (u_int32_t)uqmin((x), USHRT_MAX0xffff)
1023#define SATU32(x) (u_int32_t)uqmin((x), UINT_MAX0xffffffff)
1024
1025 switch (version) {
1026 case 0: {
1027 struct pf_altq_v0 *exported_q =
1028 &((struct pfioc_altq_v0 *)pa)->altq;
1029
1030 COPY(ifname);
1031
1032 ASSIGN(scheduler);
1033 ASSIGN(tbrsize);
1034 exported_q->tbrsize = SATU16(q->tbrsize);
1035 exported_q->ifbandwidth = SATU32(q->ifbandwidth);
1036
1037 COPY(qname);
1038 COPY(parent);
1039 ASSIGN(parent_qid);
1040 exported_q->bandwidth = SATU32(q->bandwidth);
1041 ASSIGN(priority);
1042 ASSIGN(local_flags);
1043
1044 ASSIGN(qlimit);
1045 ASSIGN(flags);
1046
1047 if (q->scheduler == ALTQT_HFSC) {
1048#define ASSIGN_OPT(x) exported_q->pq_u.hfsc_opts.x = q->pq_u.hfsc_opts.x
1049#define ASSIGN_OPT_SATU32(x) exported_q->pq_u.hfsc_opts.x = \
1050 SATU32(q->pq_u.hfsc_opts.x)
1051
1052 ASSIGN_OPT_SATU32(rtsc_m1);
1053 ASSIGN_OPT(rtsc_d);
1054 ASSIGN_OPT_SATU32(rtsc_m2);
1055
1056 ASSIGN_OPT_SATU32(lssc_m1);
1057 ASSIGN_OPT(lssc_d);
1058 ASSIGN_OPT_SATU32(lssc_m2);
1059
1060 ASSIGN_OPT_SATU32(ulsc_m1);
1061 ASSIGN_OPT(ulsc_d);
1062 ASSIGN_OPT_SATU32(ulsc_m2);
1063
1064 ASSIGN_OPT(flags);
1065
1066#undef ASSIGN_OPT
1067#undef ASSIGN_OPT_SATU32
1068 } else
1069 COPY(pq_u);
1070
1071 ASSIGN(qid);
1072 break;
1073 }
1074 case 1: {
1075 struct pf_altq_v1 *exported_q =
1076 &((struct pfioc_altq_v1 *)pa)->altq;
1077
1078 COPY(ifname);
1079
1080 ASSIGN(scheduler);
1081 ASSIGN(tbrsize);
1082 ASSIGN(ifbandwidth);
1083
1084 COPY(qname);
1085 COPY(parent);
1086 ASSIGN(parent_qid);
1087 ASSIGN(bandwidth);
1088 ASSIGN(priority);
1089 ASSIGN(local_flags);
1090
1091 ASSIGN(qlimit);
1092 ASSIGN(flags);
1093 COPY(pq_u);
1094
1095 ASSIGN(qid);
1096 break;
1097 }
1098 default:
1099 panic("%s: unhandled struct pfioc_altq version", __func__);
1100 break;
1101 }
1102
1103#undef ASSIGN
1104#undef COPY
1105#undef SATU16
1106#undef SATU32
1107
1108 return (0);
1109}
1110
1111/*
1112 * Handle import to struct pf_kaltq of struct pf_altq from user binaries
1113 * that may be using any version of it.
1114 */
1115static int
1116pf_import_kaltq(struct pfioc_altq_v1 *pa, struct pf_altqpf_kaltq *q, size_t ioc_size)
1117{
1118 u_int32_t version;
1119
1120 if (ioc_size == sizeof(struct pfioc_altq_v0))
1121 version = 0;
1122 else
1123 version = pa->version;
1124
1125 if (version > PFIOC_ALTQ_VERSION1)
1126 return (EINVAL22);
1127
1128#define ASSIGN(x) q->x = imported_q->x
1129#define COPY(x) \
1130 bcopy(&imported_q->x, &q->x, min(sizeof(imported_q->x), sizeof(q->x)))__builtin_memmove((&q->x), (&imported_q->x), (min
(sizeof(imported_q->x), sizeof(q->x))))
1131
1132 switch (version) {
1133 case 0: {
1134 struct pf_altq_v0 *imported_q =
1135 &((struct pfioc_altq_v0 *)pa)->altq;
1136
1137 COPY(ifname);
1138
1139 ASSIGN(scheduler);
1140 ASSIGN(tbrsize); /* 16-bit -> 32-bit */
1141 ASSIGN(ifbandwidth); /* 32-bit -> 64-bit */
1142
1143 COPY(qname);
1144 COPY(parent);
1145 ASSIGN(parent_qid);
1146 ASSIGN(bandwidth); /* 32-bit -> 64-bit */
1147 ASSIGN(priority);
1148 ASSIGN(local_flags);
1149
1150 ASSIGN(qlimit);
1151 ASSIGN(flags);
1152
1153 if (imported_q->scheduler == ALTQT_HFSC) {
1154#define ASSIGN_OPT(x) q->pq_u.hfsc_opts.x = imported_q->pq_u.hfsc_opts.x
1155
1156 /*
1157 * The m1 and m2 parameters are being copied from
1158 * 32-bit to 64-bit.
1159 */
1160 ASSIGN_OPT(rtsc_m1);
1161 ASSIGN_OPT(rtsc_d);
1162 ASSIGN_OPT(rtsc_m2);
1163
1164 ASSIGN_OPT(lssc_m1);
1165 ASSIGN_OPT(lssc_d);
1166 ASSIGN_OPT(lssc_m2);
1167
1168 ASSIGN_OPT(ulsc_m1);
1169 ASSIGN_OPT(ulsc_d);
1170 ASSIGN_OPT(ulsc_m2);
1171
1172 ASSIGN_OPT(flags);
1173
1174#undef ASSIGN_OPT
1175 } else
1176 COPY(pq_u);
1177
1178 ASSIGN(qid);
1179 break;
1180 }
1181 case 1: {
1182 struct pf_altq_v1 *imported_q =
1183 &((struct pfioc_altq_v1 *)pa)->altq;
1184
1185 COPY(ifname);
1186
1187 ASSIGN(scheduler);
1188 ASSIGN(tbrsize);
1189 ASSIGN(ifbandwidth);
1190
1191 COPY(qname);
1192 COPY(parent);
1193 ASSIGN(parent_qid);
1194 ASSIGN(bandwidth);
1195 ASSIGN(priority);
1196 ASSIGN(local_flags);
1197
1198 ASSIGN(qlimit);
1199 ASSIGN(flags);
1200 COPY(pq_u);
1201
1202 ASSIGN(qid);
1203 break;
1204 }
1205 default:
1206 panic("%s: unhandled struct pfioc_altq version", __func__);
1207 break;
1208 }
1209
1210#undef ASSIGN
1211#undef COPY
1212
1213 return (0);
1214}
1215#endif /* ALTQ */
1216
1217static int
1218pfioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags, struct thread *td)
1219{
1220 int error = 0;
1221 PF_RULES_RLOCK_TRACKERstruct rm_priotracker _pf_rules_tracker;
1222
1223 /* XXX keep in sync with switch() below */
1224 if (securelevel_gt(td->td_ucred, 2))
1
Assuming the condition is false
2
Taking false branch
1225 switch (cmd) {
1226 case DIOCGETRULES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_rule)) & ((1 << 13) - 1)) << 16) | (((
'D')) << 8) | ((6)))):
1227 case DIOCGETRULE((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_rule)) & ((1 << 13) - 1)) << 16) | (((
'D')) << 8) | ((7)))):
1228 case DIOCGETADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_pooladdr)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((53)))):
1229 case DIOCGETADDR((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_pooladdr)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((54)))):
1230 case DIOCGETSTATE((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_state)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((19)))):
1231 case DIOCSETSTATUSIF((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_if)) & ((1 << 13) - 1)) << 16) | ((('D'
)) << 8) | ((20)))):
1232 case DIOCGETSTATUS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pf_status)) & ((1 << 13) - 1)) << 16) | ((('D'
)) << 8) | ((21)))):
1233 case DIOCCLRSTATUS((unsigned long) ((0x20000000) | (((0) & ((1 << 13)
- 1)) << 16) | ((('D')) << 8) | ((22)))):
1234 case DIOCNATLOOK((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_natlook)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((23)))):
1235 case DIOCSETDEBUG((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(u_int32_t
)) & ((1 << 13) - 1)) << 16) | ((('D')) <<
8) | ((24)))):
1236 case DIOCGETSTATES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_states)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((25)))):
1237 case DIOCGETTIMEOUT((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_tm)) & ((1 << 13) - 1)) << 16) | ((('D'
)) << 8) | ((30)))):
1238 case DIOCCLRRULECTRS((unsigned long) ((0x20000000) | (((0) & ((1 << 13)
- 1)) << 16) | ((('D')) << 8) | ((38)))):
1239 case DIOCGETLIMIT((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_limit)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((39)))):
1240 case DIOCGETALTQSV0((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_altq_v0)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((47)))):
1241 case DIOCGETALTQSV1((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_altq_v1)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((47)))):
1242 case DIOCGETALTQV0((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_altq_v0)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((48)))):
1243 case DIOCGETALTQV1((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_altq_v1)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((48)))):
1244 case DIOCGETQSTATSV0((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_qstats_v0)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((50)))):
1245 case DIOCGETQSTATSV1((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_qstats_v1)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((50)))):
1246 case DIOCGETRULESETS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_ruleset)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((58)))):
1247 case DIOCGETRULESET((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_ruleset)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((59)))):
1248 case DIOCRGETTABLES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((63)))):
1249 case DIOCRGETTSTATS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((64)))):
1250 case DIOCRCLRTSTATS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((65)))):
1251 case DIOCRCLRADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((66)))):
1252 case DIOCRADDADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((67)))):
1253 case DIOCRDELADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((68)))):
1254 case DIOCRSETADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((69)))):
1255 case DIOCRGETADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((70)))):
1256 case DIOCRGETASTATS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((71)))):
1257 case DIOCRCLRASTATS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((72)))):
1258 case DIOCRTSTADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((73)))):
1259 case DIOCOSFPGET((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pf_osfp_ioctl)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((80)))):
1260 case DIOCGETSRCNODES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_src_nodes)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((84)))):
1261 case DIOCCLRSRCNODES((unsigned long) ((0x20000000) | (((0) & ((1 << 13)
- 1)) << 16) | ((('D')) << 8) | ((85)))):
1262 case DIOCIGETIFACES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_iface)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((87)))):
1263 case DIOCGIFSPEEDV0((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pf_ifspeed_v0)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((92)))):
1264 case DIOCGIFSPEEDV1((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pf_ifspeed_v1)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((92)))):
1265 case DIOCSETIFFLAG((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_iface)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((89)))):
1266 case DIOCCLRIFFLAG((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_iface)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((90)))):
1267 break;
1268 case DIOCRCLRTABLES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((60)))):
1269 case DIOCRADDTABLES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((61)))):
1270 case DIOCRDELTABLES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((62)))):
1271 case DIOCRSETTFLAGS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((74)))):
1272 if (((struct pfioc_table *)addr)->pfrio_flags &
1273 PFR_FLAG_DUMMY0x00000002)
1274 break; /* dummy operation ok */
1275 return (EPERM1);
1276 default:
1277 return (EPERM1);
1278 }
1279
1280 if (!(flags & FWRITE0x0002))
3
Assuming the condition is false
4
Taking false branch
1281 switch (cmd) {
1282 case DIOCGETRULES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_rule)) & ((1 << 13) - 1)) << 16) | (((
'D')) << 8) | ((6)))):
1283 case DIOCGETADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_pooladdr)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((53)))):
1284 case DIOCGETADDR((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_pooladdr)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((54)))):
1285 case DIOCGETSTATE((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_state)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((19)))):
1286 case DIOCGETSTATUS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pf_status)) & ((1 << 13) - 1)) << 16) | ((('D'
)) << 8) | ((21)))):
1287 case DIOCGETSTATES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_states)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((25)))):
1288 case DIOCGETTIMEOUT((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_tm)) & ((1 << 13) - 1)) << 16) | ((('D'
)) << 8) | ((30)))):
1289 case DIOCGETLIMIT((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_limit)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((39)))):
1290 case DIOCGETALTQSV0((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_altq_v0)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((47)))):
1291 case DIOCGETALTQSV1((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_altq_v1)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((47)))):
1292 case DIOCGETALTQV0((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_altq_v0)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((48)))):
1293 case DIOCGETALTQV1((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_altq_v1)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((48)))):
1294 case DIOCGETQSTATSV0((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_qstats_v0)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((50)))):
1295 case DIOCGETQSTATSV1((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_qstats_v1)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((50)))):
1296 case DIOCGETRULESETS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_ruleset)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((58)))):
1297 case DIOCGETRULESET((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_ruleset)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((59)))):
1298 case DIOCNATLOOK((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_natlook)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((23)))):
1299 case DIOCRGETTABLES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((63)))):
1300 case DIOCRGETTSTATS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((64)))):
1301 case DIOCRGETADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((70)))):
1302 case DIOCRGETASTATS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((71)))):
1303 case DIOCRTSTADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((73)))):
1304 case DIOCOSFPGET((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pf_osfp_ioctl)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((80)))):
1305 case DIOCGETSRCNODES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_src_nodes)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((84)))):
1306 case DIOCIGETIFACES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_iface)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((87)))):
1307 case DIOCGIFSPEEDV1((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pf_ifspeed_v1)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((92)))):
1308 case DIOCGIFSPEEDV0((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pf_ifspeed_v0)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((92)))):
1309 break;
1310 case DIOCRCLRTABLES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((60)))):
1311 case DIOCRADDTABLES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((61)))):
1312 case DIOCRDELTABLES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((62)))):
1313 case DIOCRCLRTSTATS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((65)))):
1314 case DIOCRCLRADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((66)))):
1315 case DIOCRADDADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((67)))):
1316 case DIOCRDELADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((68)))):
1317 case DIOCRSETADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((69)))):
1318 case DIOCRSETTFLAGS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((74)))):
1319 if (((struct pfioc_table *)addr)->pfrio_flags &
1320 PFR_FLAG_DUMMY0x00000002) {
1321 flags |= FWRITE0x0002; /* need write lock for dummy */
1322 break; /* dummy operation ok */
1323 }
1324 return (EACCES13);
1325 case DIOCGETRULE((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_rule)) & ((1 << 13) - 1)) << 16) | (((
'D')) << 8) | ((7)))):
1326 if (((struct pfioc_rule *)addr)->action ==
1327 PF_GET_CLR_CNTR)
1328 return (EACCES13);
1329 break;
1330 default:
1331 return (EACCES13);
1332 }
1333
1334 CURVNET_SET(TD_TO_VNET(td))do { if (!((((td)->td_ucred)->cr_prison->pr_vnet) !=
((void *)0) && (((td)->td_ucred)->cr_prison->
pr_vnet)->vnet_magic_n == 0x3e0d8f29)) panic ("CURVNET_SET at %s:%d %s() curvnet=%p vnet=%p"
, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 1334, __func__, (
__curthread())->td_vnet, (((td)->td_ucred)->cr_prison
->pr_vnet)); } while (0); struct vnet *saved_vnet = (__curthread
())->td_vnet; (__curthread())->td_vnet = ((td)->td_ucred
)->cr_prison->pr_vnet;;
5
Assuming the condition is true
6
Assuming the condition is true
7
Taking false branch
8
Loop condition is false. Exiting loop
1335
1336 switch (cmd) {
9
Control jumps to 'case 3222291540:' at line 3574
1337 case DIOCSTART((unsigned long) ((0x20000000) | (((0) & ((1 << 13)
- 1)) << 16) | ((('D')) << 8) | ((1)))):
1338 sx_xlock(&pf_ioctl_lock)(void)_sx_xlock(((&pf_ioctl_lock)), 0, ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
), (1338));
1339 if (V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).running)
1340 error = EEXIST17;
1341 else {
1342 int cpu;
1343
1344 error = hook_pf();
1345 if (error) {
1346 DPFPRINTF(PF_DEBUG_MISC,if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("pf: pfil registration failed\n"
)
1347 ("pf: pfil registration failed\n"))if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("pf: pfil registration failed\n"
);
1348 break;
1349 }
1350 V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).running = 1;
1351 V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).since = time_second;
1352
1353 CPU_FOREACH(cpu)for ((cpu) = 0; (cpu) <= mp_maxid; (cpu)++) if (!(!((((&
all_cpus)->__bits[(((((((256)) + (((sizeof(long) * 8)) - 1
)) / ((sizeof(long) * 8)))) == 1) ? 0 : (((cpu)) / (sizeof(long
) * 8)))] & (1L << ((((((((256))) + (((sizeof(long)
* 8)) - 1)) / ((sizeof(long) * 8)))) == 1) ? (__size_t)(((cpu
))) : ((((cpu))) % (sizeof(long) * 8))))) != 0))))
1354 V_pf_stateid(*(__typeof(vnet_entry_pf_stateid)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_stateid
))[cpu] = time_second;
1355
1356 DPFPRINTF(PF_DEBUG_MISC, ("pf: started\n"))if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("pf: started\n");
1357 }
1358 break;
1359
1360 case DIOCSTOP((unsigned long) ((0x20000000) | (((0) & ((1 << 13)
- 1)) << 16) | ((('D')) << 8) | ((2)))):
1361 sx_xlock(&pf_ioctl_lock)(void)_sx_xlock(((&pf_ioctl_lock)), 0, ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
), (1361));
1362 if (!V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).running)
1363 error = ENOENT2;
1364 else {
1365 V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).running = 0;
1366 error = dehook_pf();
1367 if (error) {
1368 V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).running = 1;
1369 DPFPRINTF(PF_DEBUG_MISC,if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("pf: pfil unregistration failed\n"
)
1370 ("pf: pfil unregistration failed\n"))if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("pf: pfil unregistration failed\n"
);
1371 }
1372 V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).since = time_second;
1373 DPFPRINTF(PF_DEBUG_MISC, ("pf: stopped\n"))if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("pf: stopped\n");
1374 }
1375 break;
1376
1377 case DIOCADDRULE((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_rule)) & ((1 << 13) - 1)) << 16) | (((
'D')) << 8) | ((4)))): {
1378 struct pfioc_rule *pr = (struct pfioc_rule *)addr;
1379 struct pf_ruleset *ruleset;
1380 struct pf_rule *rule, *tail;
1381 struct pf_pooladdr *pa;
1382 struct pfi_kif *kif = NULL((void *)0);
1383 int rs_num;
1384
1385 if (pr->rule.return_icmp >> 8 > ICMP_MAXTYPE40) {
1386 error = EINVAL22;
1387 break;
1388 }
1389#ifndef INET1
1390 if (pr->rule.af == AF_INET2) {
1391 error = EAFNOSUPPORT47;
1392 break;
1393 }
1394#endif /* INET */
1395#ifndef INET61
1396 if (pr->rule.af == AF_INET628) {
1397 error = EAFNOSUPPORT47;
1398 break;
1399 }
1400#endif /* INET6 */
1401
1402 rule = malloc(sizeof(*rule), M_PFRULE, M_WAITOK0x0002);
1403 bcopy(&pr->rule, rule, sizeof(struct pf_rule))__builtin_memmove((rule), (&pr->rule), (sizeof(struct pf_rule
)));
1404 if (rule->ifname[0])
1405 kif = malloc(sizeof(*kif), PFI_MTYPE, M_WAITOK0x0002);
1406 rule->states_cur = counter_u64_alloc(M_WAITOK0x0002);
1407 rule->states_tot = counter_u64_alloc(M_WAITOK0x0002);
1408 rule->src_nodes = counter_u64_alloc(M_WAITOK0x0002);
1409 rule->cuid = td->td_ucred->cr_ruid;
1410 rule->cpid = td->td_proc ? td->td_proc->p_pid : 0;
1411 TAILQ_INIT(&rule->rpool.list)do { (((&rule->rpool.list))->tqh_first) = ((void *)
0); (&rule->rpool.list)->tqh_last = &(((&rule
->rpool.list))->tqh_first); ; } while (0);
1412
1413#define ERROUT(x) { error = (x); goto DIOCADDRULE_error; }
1414
1415 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1415);
1416 pr->anchor[sizeof(pr->anchor) - 1] = 0;
1417 ruleset = pf_find_ruleset(pr->anchor);
1418 if (ruleset == NULL((void *)0))
1419 ERROUT(EINVAL22);
1420 rs_num = pf_get_ruleset_number(pr->rule.action);
1421 if (rs_num >= PF_RULESET_MAX)
1422 ERROUT(EINVAL22);
1423 if (pr->ticket != ruleset->rules[rs_num].inactive.ticket) {
1424 DPFPRINTF(PF_DEBUG_MISC,if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("ticket: %d != [%d]%d\n"
, pr->ticket, rs_num, ruleset->rules[rs_num].inactive.ticket
)
1425 ("ticket: %d != [%d]%d\n", pr->ticket, rs_num,if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("ticket: %d != [%d]%d\n"
, pr->ticket, rs_num, ruleset->rules[rs_num].inactive.ticket
)
1426 ruleset->rules[rs_num].inactive.ticket))if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("ticket: %d != [%d]%d\n"
, pr->ticket, rs_num, ruleset->rules[rs_num].inactive.ticket
);
1427 ERROUT(EBUSY16);
1428 }
1429 if (pr->pool_ticket != V_ticket_pabuf(*(__typeof(vnet_entry_ticket_pabuf)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_ticket_pabuf
))) {
1430 DPFPRINTF(PF_DEBUG_MISC,if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("pool_ticket: %d != %d\n"
, pr->pool_ticket, (*(__typeof(vnet_entry_ticket_pabuf)*) (
((((__curthread())->td_vnet))->vnet_data_base) + (uintptr_t
)&vnet_entry_ticket_pabuf)))
1431 ("pool_ticket: %d != %d\n", pr->pool_ticket,if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("pool_ticket: %d != %d\n"
, pr->pool_ticket, (*(__typeof(vnet_entry_ticket_pabuf)*) (
((((__curthread())->td_vnet))->vnet_data_base) + (uintptr_t
)&vnet_entry_ticket_pabuf)))
1432 V_ticket_pabuf))if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("pool_ticket: %d != %d\n"
, pr->pool_ticket, (*(__typeof(vnet_entry_ticket_pabuf)*) (
((((__curthread())->td_vnet))->vnet_data_base) + (uintptr_t
)&vnet_entry_ticket_pabuf)));
1433 ERROUT(EBUSY16);
1434 }
1435
1436 tail = TAILQ_LAST(ruleset->rules[rs_num].inactive.ptr,(*(((struct pf_rulequeue *)((ruleset->rules[rs_num].inactive
.ptr)->tqh_last))->tqh_last))
1437 pf_rulequeue)(*(((struct pf_rulequeue *)((ruleset->rules[rs_num].inactive
.ptr)->tqh_last))->tqh_last));
1438 if (tail)
1439 rule->nr = tail->nr + 1;
1440 else
1441 rule->nr = 0;
1442 if (rule->ifname[0]) {
1443 rule->kif = pfi_kif_attach(kif, rule->ifname);
1444 pfi_kif_ref(rule->kif);
1445 } else
1446 rule->kif = NULL((void *)0);
1447
1448 if (rule->rtableid > 0 && rule->rtableid >= rt_numfibs)
1449 error = EBUSY16;
1450
1451#ifdef ALTQ
1452 /* set queue IDs */
1453 if (rule->qname[0] != 0) {
1454 if ((rule->qid = pf_qname2qid(rule->qname)) == 0)
1455 error = EBUSY16;
1456 else if (rule->pqname[0] != 0) {
1457 if ((rule->pqid =
1458 pf_qname2qid(rule->pqname)) == 0)
1459 error = EBUSY16;
1460 } else
1461 rule->pqid = rule->qid;
1462 }
1463#endif
1464 if (rule->tagname[0])
1465 if ((rule->tag = pf_tagname2tag(rule->tagname)) == 0)
1466 error = EBUSY16;
1467 if (rule->match_tagname[0])
1468 if ((rule->match_tag =
1469 pf_tagname2tag(rule->match_tagname)) == 0)
1470 error = EBUSY16;
1471 if (rule->rt && !rule->direction)
1472 error = EINVAL22;
1473 if (!rule->log)
1474 rule->logif = 0;
1475 if (rule->logif >= PFLOGIFS_MAX16)
1476 error = EINVAL22;
1477 if (pf_addr_setup(ruleset, &rule->src.addr, rule->af))
1478 error = ENOMEM12;
1479 if (pf_addr_setup(ruleset, &rule->dst.addr, rule->af))
1480 error = ENOMEM12;
1481 if (pf_anchor_setup(rule, ruleset, pr->anchor_call))
1482 error = EINVAL22;
1483 if (rule->scrub_flags & PFSTATE_SETPRIO0x0200 &&
1484 (rule->set_prio[0] > PF_PRIO_MAX7 ||
1485 rule->set_prio[1] > PF_PRIO_MAX7))
1486 error = EINVAL22;
1487 TAILQ_FOREACH(pa, &V_pf_pabuf, entries)for ((pa) = (((&(*(__typeof(vnet_entry_pf_pabuf)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_pabuf
))))->tqh_first); (pa); (pa) = (((pa))->entries.tqe_next
))
1488 if (pa->addr.type == PF_ADDR_TABLE) {
1489 pa->addr.p.tbl = pfr_attach_table(ruleset,
1490 pa->addr.v.tblname);
1491 if (pa->addr.p.tbl == NULL((void *)0))
1492 error = ENOMEM12;
1493 }
1494
1495 rule->overload_tbl = NULL((void *)0);
1496 if (rule->overload_tblname[0]) {
1497 if ((rule->overload_tbl = pfr_attach_table(ruleset,
1498 rule->overload_tblname)) == NULL((void *)0))
1499 error = EINVAL22;
1500 else
1501 rule->overload_tbl->pfrkt_flagspfrkt_ts.pfrts_t.pfrt_flags |=
1502 PFR_TFLAG_ACTIVE0x00000004;
1503 }
1504
1505 pf_mv_pool(&V_pf_pabuf(*(__typeof(vnet_entry_pf_pabuf)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_pabuf)
), &rule->rpool.list);
1506 if (((((rule->action == PF_NAT) || (rule->action == PF_RDR) ||
1507 (rule->action == PF_BINAT)) && rule->anchor == NULL((void *)0)) ||
1508 (rule->rt > PF_NOPFROUTE)) &&
1509 (TAILQ_FIRST(&rule->rpool.list)((&rule->rpool.list)->tqh_first) == NULL((void *)0)))
1510 error = EINVAL22;
1511
1512 if (error) {
1513 pf_free_rule(rule);
1514 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1514);
1515 break;
1516 }
1517
1518 rule->rpool.cur = TAILQ_FIRST(&rule->rpool.list)((&rule->rpool.list)->tqh_first);
1519 rule->evaluations = rule->packets[0] = rule->packets[1] =
1520 rule->bytes[0] = rule->bytes[1] = 0;
1521 TAILQ_INSERT_TAIL(ruleset->rules[rs_num].inactive.ptr,do { do { if (*(ruleset->rules[rs_num].inactive.ptr)->tqh_last
!= ((void *)0)) panic("Bad tailq NEXT(%p->tqh_last) != NULL"
, (ruleset->rules[rs_num].inactive.ptr)); } while (0); (((
rule))->entries.tqe_next) = ((void *)0); (rule)->entries
.tqe_prev = (ruleset->rules[rs_num].inactive.ptr)->tqh_last
; *(ruleset->rules[rs_num].inactive.ptr)->tqh_last = (rule
); (ruleset->rules[rs_num].inactive.ptr)->tqh_last = &
(((rule))->entries.tqe_next); ; ; } while (0)
1522 rule, entries)do { do { if (*(ruleset->rules[rs_num].inactive.ptr)->tqh_last
!= ((void *)0)) panic("Bad tailq NEXT(%p->tqh_last) != NULL"
, (ruleset->rules[rs_num].inactive.ptr)); } while (0); (((
rule))->entries.tqe_next) = ((void *)0); (rule)->entries
.tqe_prev = (ruleset->rules[rs_num].inactive.ptr)->tqh_last
; *(ruleset->rules[rs_num].inactive.ptr)->tqh_last = (rule
); (ruleset->rules[rs_num].inactive.ptr)->tqh_last = &
(((rule))->entries.tqe_next); ; ; } while (0);
1523 ruleset->rules[rs_num].inactive.rcount++;
1524 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1524);
1525 break;
1526
1527#undef ERROUT
1528DIOCADDRULE_error:
1529 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1529);
1530 counter_u64_free(rule->states_cur);
1531 counter_u64_free(rule->states_tot);
1532 counter_u64_free(rule->src_nodes);
1533 free(rule, M_PFRULE);
1534 if (kif)
1535 free(kif, PFI_MTYPE);
1536 break;
1537 }
1538
1539 case DIOCGETRULES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_rule)) & ((1 << 13) - 1)) << 16) | (((
'D')) << 8) | ((6)))): {
1540 struct pfioc_rule *pr = (struct pfioc_rule *)addr;
1541 struct pf_ruleset *ruleset;
1542 struct pf_rule *tail;
1543 int rs_num;
1544
1545 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1545);
1546 pr->anchor[sizeof(pr->anchor) - 1] = 0;
1547 ruleset = pf_find_ruleset(pr->anchor);
1548 if (ruleset == NULL((void *)0)) {
1549 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1549);
1550 error = EINVAL22;
1551 break;
1552 }
1553 rs_num = pf_get_ruleset_number(pr->rule.action);
1554 if (rs_num >= PF_RULESET_MAX) {
1555 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1555);
1556 error = EINVAL22;
1557 break;
1558 }
1559 tail = TAILQ_LAST(ruleset->rules[rs_num].active.ptr,(*(((struct pf_rulequeue *)((ruleset->rules[rs_num].active
.ptr)->tqh_last))->tqh_last))
1560 pf_rulequeue)(*(((struct pf_rulequeue *)((ruleset->rules[rs_num].active
.ptr)->tqh_last))->tqh_last));
1561 if (tail)
1562 pr->nr = tail->nr + 1;
1563 else
1564 pr->nr = 0;
1565 pr->ticket = ruleset->rules[rs_num].active.ticket;
1566 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1566);
1567 break;
1568 }
1569
1570 case DIOCGETRULE((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_rule)) & ((1 << 13) - 1)) << 16) | (((
'D')) << 8) | ((7)))): {
1571 struct pfioc_rule *pr = (struct pfioc_rule *)addr;
1572 struct pf_ruleset *ruleset;
1573 struct pf_rule *rule;
1574 int rs_num, i;
1575
1576 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1576);
1577 pr->anchor[sizeof(pr->anchor) - 1] = 0;
1578 ruleset = pf_find_ruleset(pr->anchor);
1579 if (ruleset == NULL((void *)0)) {
1580 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1580);
1581 error = EINVAL22;
1582 break;
1583 }
1584 rs_num = pf_get_ruleset_number(pr->rule.action);
1585 if (rs_num >= PF_RULESET_MAX) {
1586 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1586);
1587 error = EINVAL22;
1588 break;
1589 }
1590 if (pr->ticket != ruleset->rules[rs_num].active.ticket) {
1591 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1591);
1592 error = EBUSY16;
1593 break;
1594 }
1595 rule = TAILQ_FIRST(ruleset->rules[rs_num].active.ptr)((ruleset->rules[rs_num].active.ptr)->tqh_first);
1596 while ((rule != NULL((void *)0)) && (rule->nr != pr->nr))
1597 rule = TAILQ_NEXT(rule, entries)((rule)->entries.tqe_next);
1598 if (rule == NULL((void *)0)) {
1599 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1599);
1600 error = EBUSY16;
1601 break;
1602 }
1603 bcopy(rule, &pr->rule, sizeof(struct pf_rule))__builtin_memmove((&pr->rule), (rule), (sizeof(struct pf_rule
)));
1604 pr->rule.u_states_cur = counter_u64_fetch(rule->states_cur);
1605 pr->rule.u_states_tot = counter_u64_fetch(rule->states_tot);
1606 pr->rule.u_src_nodes = counter_u64_fetch(rule->src_nodes);
1607 if (pf_anchor_copyout(ruleset, rule, pr)) {
1608 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1608);
1609 error = EBUSY16;
1610 break;
1611 }
1612 pf_addr_copyout(&pr->rule.src.addr);
1613 pf_addr_copyout(&pr->rule.dst.addr);
1614 for (i = 0; i < PF_SKIP_COUNT8; ++i)
1615 if (rule->skip[i].ptr == NULL((void *)0))
1616 pr->rule.skip[i].nr = -1;
1617 else
1618 pr->rule.skip[i].nr =
1619 rule->skip[i].ptr->nr;
1620
1621 if (pr->action == PF_GET_CLR_CNTR) {
1622 rule->evaluations = 0;
1623 rule->packets[0] = rule->packets[1] = 0;
1624 rule->bytes[0] = rule->bytes[1] = 0;
1625 counter_u64_zero(rule->states_tot);
1626 }
1627 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1627);
1628 break;
1629 }
1630
1631 case DIOCCHANGERULE((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_rule)) & ((1 << 13) - 1)) << 16) | (((
'D')) << 8) | ((26)))): {
1632 struct pfioc_rule *pcr = (struct pfioc_rule *)addr;
1633 struct pf_ruleset *ruleset;
1634 struct pf_rule *oldrule = NULL((void *)0), *newrule = NULL((void *)0);
1635 struct pfi_kif *kif = NULL((void *)0);
1636 struct pf_pooladdr *pa;
1637 u_int32_t nr = 0;
1638 int rs_num;
1639
1640 if (pcr->action < PF_CHANGE_ADD_HEAD ||
1641 pcr->action > PF_CHANGE_GET_TICKET) {
1642 error = EINVAL22;
1643 break;
1644 }
1645 if (pcr->rule.return_icmp >> 8 > ICMP_MAXTYPE40) {
1646 error = EINVAL22;
1647 break;
1648 }
1649
1650 if (pcr->action != PF_CHANGE_REMOVE) {
1651#ifndef INET1
1652 if (pcr->rule.af == AF_INET2) {
1653 error = EAFNOSUPPORT47;
1654 break;
1655 }
1656#endif /* INET */
1657#ifndef INET61
1658 if (pcr->rule.af == AF_INET628) {
1659 error = EAFNOSUPPORT47;
1660 break;
1661 }
1662#endif /* INET6 */
1663 newrule = malloc(sizeof(*newrule), M_PFRULE, M_WAITOK0x0002);
1664 bcopy(&pcr->rule, newrule, sizeof(struct pf_rule))__builtin_memmove((newrule), (&pcr->rule), (sizeof(struct
pf_rule)));
1665 if (newrule->ifname[0])
1666 kif = malloc(sizeof(*kif), PFI_MTYPE, M_WAITOK0x0002);
1667 newrule->states_cur = counter_u64_alloc(M_WAITOK0x0002);
1668 newrule->states_tot = counter_u64_alloc(M_WAITOK0x0002);
1669 newrule->src_nodes = counter_u64_alloc(M_WAITOK0x0002);
1670 newrule->cuid = td->td_ucred->cr_ruid;
1671 newrule->cpid = td->td_proc ? td->td_proc->p_pid : 0;
1672 TAILQ_INIT(&newrule->rpool.list)do { (((&newrule->rpool.list))->tqh_first) = ((void
*)0); (&newrule->rpool.list)->tqh_last = &(((&
newrule->rpool.list))->tqh_first); ; } while (0);
1673 }
1674
1675#define ERROUT(x) { error = (x); goto DIOCCHANGERULE_error; }
1676
1677 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1677);
1678 if (!(pcr->action == PF_CHANGE_REMOVE ||
1679 pcr->action == PF_CHANGE_GET_TICKET) &&
1680 pcr->pool_ticket != V_ticket_pabuf(*(__typeof(vnet_entry_ticket_pabuf)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_ticket_pabuf
)))
1681 ERROUT(EBUSY16);
1682
1683 ruleset = pf_find_ruleset(pcr->anchor);
1684 if (ruleset == NULL((void *)0))
1685 ERROUT(EINVAL22);
1686
1687 rs_num = pf_get_ruleset_number(pcr->rule.action);
1688 if (rs_num >= PF_RULESET_MAX)
1689 ERROUT(EINVAL22);
1690
1691 if (pcr->action == PF_CHANGE_GET_TICKET) {
1692 pcr->ticket = ++ruleset->rules[rs_num].active.ticket;
1693 ERROUT(0);
1694 } else if (pcr->ticket !=
1695 ruleset->rules[rs_num].active.ticket)
1696 ERROUT(EINVAL22);
1697
1698 if (pcr->action != PF_CHANGE_REMOVE) {
1699 if (newrule->ifname[0]) {
1700 newrule->kif = pfi_kif_attach(kif,
1701 newrule->ifname);
1702 pfi_kif_ref(newrule->kif);
1703 } else
1704 newrule->kif = NULL((void *)0);
1705
1706 if (newrule->rtableid > 0 &&
1707 newrule->rtableid >= rt_numfibs)
1708 error = EBUSY16;
1709
1710#ifdef ALTQ
1711 /* set queue IDs */
1712 if (newrule->qname[0] != 0) {
1713 if ((newrule->qid =
1714 pf_qname2qid(newrule->qname)) == 0)
1715 error = EBUSY16;
1716 else if (newrule->pqname[0] != 0) {
1717 if ((newrule->pqid =
1718 pf_qname2qid(newrule->pqname)) == 0)
1719 error = EBUSY16;
1720 } else
1721 newrule->pqid = newrule->qid;
1722 }
1723#endif /* ALTQ */
1724 if (newrule->tagname[0])
1725 if ((newrule->tag =
1726 pf_tagname2tag(newrule->tagname)) == 0)
1727 error = EBUSY16;
1728 if (newrule->match_tagname[0])
1729 if ((newrule->match_tag = pf_tagname2tag(
1730 newrule->match_tagname)) == 0)
1731 error = EBUSY16;
1732 if (newrule->rt && !newrule->direction)
1733 error = EINVAL22;
1734 if (!newrule->log)
1735 newrule->logif = 0;
1736 if (newrule->logif >= PFLOGIFS_MAX16)
1737 error = EINVAL22;
1738 if (pf_addr_setup(ruleset, &newrule->src.addr, newrule->af))
1739 error = ENOMEM12;
1740 if (pf_addr_setup(ruleset, &newrule->dst.addr, newrule->af))
1741 error = ENOMEM12;
1742 if (pf_anchor_setup(newrule, ruleset, pcr->anchor_call))
1743 error = EINVAL22;
1744 TAILQ_FOREACH(pa, &V_pf_pabuf, entries)for ((pa) = (((&(*(__typeof(vnet_entry_pf_pabuf)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_pabuf
))))->tqh_first); (pa); (pa) = (((pa))->entries.tqe_next
))
1745 if (pa->addr.type == PF_ADDR_TABLE) {
1746 pa->addr.p.tbl =
1747 pfr_attach_table(ruleset,
1748 pa->addr.v.tblname);
1749 if (pa->addr.p.tbl == NULL((void *)0))
1750 error = ENOMEM12;
1751 }
1752
1753 newrule->overload_tbl = NULL((void *)0);
1754 if (newrule->overload_tblname[0]) {
1755 if ((newrule->overload_tbl = pfr_attach_table(
1756 ruleset, newrule->overload_tblname)) ==
1757 NULL((void *)0))
1758 error = EINVAL22;
1759 else
1760 newrule->overload_tbl->pfrkt_flagspfrkt_ts.pfrts_t.pfrt_flags |=
1761 PFR_TFLAG_ACTIVE0x00000004;
1762 }
1763
1764 pf_mv_pool(&V_pf_pabuf(*(__typeof(vnet_entry_pf_pabuf)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_pabuf)
), &newrule->rpool.list);
1765 if (((((newrule->action == PF_NAT) ||
1766 (newrule->action == PF_RDR) ||
1767 (newrule->action == PF_BINAT) ||
1768 (newrule->rt > PF_NOPFROUTE)) &&
1769 !newrule->anchor)) &&
1770 (TAILQ_FIRST(&newrule->rpool.list)((&newrule->rpool.list)->tqh_first) == NULL((void *)0)))
1771 error = EINVAL22;
1772
1773 if (error) {
1774 pf_free_rule(newrule);
1775 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1775);
1776 break;
1777 }
1778
1779 newrule->rpool.cur = TAILQ_FIRST(&newrule->rpool.list)((&newrule->rpool.list)->tqh_first);
1780 newrule->evaluations = 0;
1781 newrule->packets[0] = newrule->packets[1] = 0;
1782 newrule->bytes[0] = newrule->bytes[1] = 0;
1783 }
1784 pf_empty_pool(&V_pf_pabuf(*(__typeof(vnet_entry_pf_pabuf)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_pabuf)
));
1785
1786 if (pcr->action == PF_CHANGE_ADD_HEAD)
1787 oldrule = TAILQ_FIRST(((ruleset->rules[rs_num].active.ptr)->tqh_first)
1788 ruleset->rules[rs_num].active.ptr)((ruleset->rules[rs_num].active.ptr)->tqh_first);
1789 else if (pcr->action == PF_CHANGE_ADD_TAIL)
1790 oldrule = TAILQ_LAST((*(((struct pf_rulequeue *)((ruleset->rules[rs_num].active
.ptr)->tqh_last))->tqh_last))
1791 ruleset->rules[rs_num].active.ptr, pf_rulequeue)(*(((struct pf_rulequeue *)((ruleset->rules[rs_num].active
.ptr)->tqh_last))->tqh_last));
1792 else {
1793 oldrule = TAILQ_FIRST(((ruleset->rules[rs_num].active.ptr)->tqh_first)
1794 ruleset->rules[rs_num].active.ptr)((ruleset->rules[rs_num].active.ptr)->tqh_first);
1795 while ((oldrule != NULL((void *)0)) && (oldrule->nr != pcr->nr))
1796 oldrule = TAILQ_NEXT(oldrule, entries)((oldrule)->entries.tqe_next);
1797 if (oldrule == NULL((void *)0)) {
1798 if (newrule != NULL((void *)0))
1799 pf_free_rule(newrule);
1800 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1800);
1801 error = EINVAL22;
1802 break;
1803 }
1804 }
1805
1806 if (pcr->action == PF_CHANGE_REMOVE) {
1807 pf_unlink_rule(ruleset->rules[rs_num].active.ptr,
1808 oldrule);
1809 ruleset->rules[rs_num].active.rcount--;
1810 } else {
1811 if (oldrule == NULL((void *)0))
1812 TAILQ_INSERT_TAIL(do { do { if (*(ruleset->rules[rs_num].active.ptr)->tqh_last
!= ((void *)0)) panic("Bad tailq NEXT(%p->tqh_last) != NULL"
, (ruleset->rules[rs_num].active.ptr)); } while (0); (((newrule
))->entries.tqe_next) = ((void *)0); (newrule)->entries
.tqe_prev = (ruleset->rules[rs_num].active.ptr)->tqh_last
; *(ruleset->rules[rs_num].active.ptr)->tqh_last = (newrule
); (ruleset->rules[rs_num].active.ptr)->tqh_last = &
(((newrule))->entries.tqe_next); ; ; } while (0)
1813 ruleset->rules[rs_num].active.ptr,do { do { if (*(ruleset->rules[rs_num].active.ptr)->tqh_last
!= ((void *)0)) panic("Bad tailq NEXT(%p->tqh_last) != NULL"
, (ruleset->rules[rs_num].active.ptr)); } while (0); (((newrule
))->entries.tqe_next) = ((void *)0); (newrule)->entries
.tqe_prev = (ruleset->rules[rs_num].active.ptr)->tqh_last
; *(ruleset->rules[rs_num].active.ptr)->tqh_last = (newrule
); (ruleset->rules[rs_num].active.ptr)->tqh_last = &
(((newrule))->entries.tqe_next); ; ; } while (0)
1814 newrule, entries)do { do { if (*(ruleset->rules[rs_num].active.ptr)->tqh_last
!= ((void *)0)) panic("Bad tailq NEXT(%p->tqh_last) != NULL"
, (ruleset->rules[rs_num].active.ptr)); } while (0); (((newrule
))->entries.tqe_next) = ((void *)0); (newrule)->entries
.tqe_prev = (ruleset->rules[rs_num].active.ptr)->tqh_last
; *(ruleset->rules[rs_num].active.ptr)->tqh_last = (newrule
); (ruleset->rules[rs_num].active.ptr)->tqh_last = &
(((newrule))->entries.tqe_next); ; ; } while (0);
1815 else if (pcr->action == PF_CHANGE_ADD_HEAD ||
1816 pcr->action == PF_CHANGE_ADD_BEFORE)
1817 TAILQ_INSERT_BEFORE(oldrule, newrule, entries)do { do { if (*(oldrule)->entries.tqe_prev != (oldrule)) panic
("Bad link elm %p prev->next != elm", (oldrule)); } while (
0); (newrule)->entries.tqe_prev = (oldrule)->entries.tqe_prev
; (((newrule))->entries.tqe_next) = (oldrule); *(oldrule)->
entries.tqe_prev = (newrule); (oldrule)->entries.tqe_prev =
&(((newrule))->entries.tqe_next); ; ; } while (0);
1818 else
1819 TAILQ_INSERT_AFTER(do { do { if ((((oldrule))->entries.tqe_next) != ((void *)
0) && (((oldrule))->entries.tqe_next)->entries.
tqe_prev != &((oldrule)->entries.tqe_next)) panic("Bad link elm %p next->prev != elm"
, (oldrule)); } while (0); if (((((newrule))->entries.tqe_next
) = (((oldrule))->entries.tqe_next)) != ((void *)0)) (((newrule
))->entries.tqe_next)->entries.tqe_prev = &(((newrule
))->entries.tqe_next); else { (ruleset->rules[rs_num].active
.ptr)->tqh_last = &(((newrule))->entries.tqe_next);
; } (((oldrule))->entries.tqe_next) = (newrule); (newrule
)->entries.tqe_prev = &(((oldrule))->entries.tqe_next
); ; ; } while (0)
1820 ruleset->rules[rs_num].active.ptr,do { do { if ((((oldrule))->entries.tqe_next) != ((void *)
0) && (((oldrule))->entries.tqe_next)->entries.
tqe_prev != &((oldrule)->entries.tqe_next)) panic("Bad link elm %p next->prev != elm"
, (oldrule)); } while (0); if (((((newrule))->entries.tqe_next
) = (((oldrule))->entries.tqe_next)) != ((void *)0)) (((newrule
))->entries.tqe_next)->entries.tqe_prev = &(((newrule
))->entries.tqe_next); else { (ruleset->rules[rs_num].active
.ptr)->tqh_last = &(((newrule))->entries.tqe_next);
; } (((oldrule))->entries.tqe_next) = (newrule); (newrule
)->entries.tqe_prev = &(((oldrule))->entries.tqe_next
); ; ; } while (0)
1821 oldrule, newrule, entries)do { do { if ((((oldrule))->entries.tqe_next) != ((void *)
0) && (((oldrule))->entries.tqe_next)->entries.
tqe_prev != &((oldrule)->entries.tqe_next)) panic("Bad link elm %p next->prev != elm"
, (oldrule)); } while (0); if (((((newrule))->entries.tqe_next
) = (((oldrule))->entries.tqe_next)) != ((void *)0)) (((newrule
))->entries.tqe_next)->entries.tqe_prev = &(((newrule
))->entries.tqe_next); else { (ruleset->rules[rs_num].active
.ptr)->tqh_last = &(((newrule))->entries.tqe_next);
; } (((oldrule))->entries.tqe_next) = (newrule); (newrule
)->entries.tqe_prev = &(((oldrule))->entries.tqe_next
); ; ; } while (0);
1822 ruleset->rules[rs_num].active.rcount++;
1823 }
1824
1825 nr = 0;
1826 TAILQ_FOREACH(oldrule,for ((oldrule) = (((ruleset->rules[rs_num].active.ptr))->
tqh_first); (oldrule); (oldrule) = (((oldrule))->entries.tqe_next
))
1827 ruleset->rules[rs_num].active.ptr, entries)for ((oldrule) = (((ruleset->rules[rs_num].active.ptr))->
tqh_first); (oldrule); (oldrule) = (((oldrule))->entries.tqe_next
))
1828 oldrule->nr = nr++;
1829
1830 ruleset->rules[rs_num].active.ticket++;
1831
1832 pf_calc_skip_steps(ruleset->rules[rs_num].active.ptr);
1833 pf_remove_if_empty_ruleset(ruleset);
1834
1835 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1835);
1836 break;
1837
1838#undef ERROUT
1839DIOCCHANGERULE_error:
1840 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 1840);
1841 if (newrule != NULL((void *)0)) {
1842 counter_u64_free(newrule->states_cur);
1843 counter_u64_free(newrule->states_tot);
1844 counter_u64_free(newrule->src_nodes);
1845 free(newrule, M_PFRULE);
1846 }
1847 if (kif != NULL((void *)0))
1848 free(kif, PFI_MTYPE);
1849 break;
1850 }
1851
1852 case DIOCCLRSTATES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_state_kill)) & ((1 << 13) - 1)) << 16)
| ((('D')) << 8) | ((18)))): {
1853 struct pf_state *s;
1854 struct pfioc_state_kill *psk = (struct pfioc_state_kill *)addr;
1855 u_int i, killed = 0;
1856
1857 for (i = 0; i <= pf_hashmask; i++) {
1858 struct pf_idhash *ih = &V_pf_idhash(*(__typeof(vnet_entry_pf_idhash)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_idhash
))[i];
1859
1860relock_DIOCCLRSTATES:
1861 PF_HASHROW_LOCK(ih)__mtx_lock_flags(&((((&(ih)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (1861));
1862 LIST_FOREACH(s, &ih->states, entry)for ((s) = (((&ih->states))->lh_first); (s); (s) = (
((s))->entry.le_next))
1863 if (!psk->psk_ifname[0] ||
1864 !strcmp(psk->psk_ifname,
1865 s->kif->pfik_name)) {
1866 /*
1867 * Don't send out individual
1868 * delete messages.
1869 */
1870 s->state_flags |= PFSTATE_NOSYNC0x08;
1871 pf_unlink_state(s, PF_ENTER_LOCKED0x00000001);
1872 killed++;
1873 goto relock_DIOCCLRSTATES;
1874 }
1875 PF_HASHROW_UNLOCK(ih)__mtx_unlock_flags(&((((&(ih)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (1875));
1876 }
1877 psk->psk_killed = killed;
1878 if (V_pfsync_clear_states_ptr(*(__typeof(vnet_entry_pfsync_clear_states_ptr)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pfsync_clear_states_ptr
)) != NULL((void *)0))
1879 V_pfsync_clear_states_ptr(*(__typeof(vnet_entry_pfsync_clear_states_ptr)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pfsync_clear_states_ptr
))(V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).hostid, psk->psk_ifname);
1880 break;
1881 }
1882
1883 case DIOCKILLSTATES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_state_kill)) & ((1 << 13) - 1)) << 16)
| ((('D')) << 8) | ((41)))): {
1884 struct pf_state *s;
1885 struct pf_state_key *sk;
1886 struct pf_addr *srcaddr, *dstaddr;
1887 u_int16_t srcport, dstport;
1888 struct pfioc_state_kill *psk = (struct pfioc_state_kill *)addr;
1889 u_int i, killed = 0;
1890
1891 if (psk->psk_pfcmp.id) {
1892 if (psk->psk_pfcmp.creatorid == 0)
1893 psk->psk_pfcmp.creatorid = V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).hostid;
1894 if ((s = pf_find_state_byid(psk->psk_pfcmp.id,
1895 psk->psk_pfcmp.creatorid))) {
1896 pf_unlink_state(s, PF_ENTER_LOCKED0x00000001);
1897 psk->psk_killed = 1;
1898 }
1899 break;
1900 }
1901
1902 for (i = 0; i <= pf_hashmask; i++) {
1903 struct pf_idhash *ih = &V_pf_idhash(*(__typeof(vnet_entry_pf_idhash)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_idhash
))[i];
1904
1905relock_DIOCKILLSTATES:
1906 PF_HASHROW_LOCK(ih)__mtx_lock_flags(&((((&(ih)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (1906));
1907 LIST_FOREACH(s, &ih->states, entry)for ((s) = (((&ih->states))->lh_first); (s); (s) = (
((s))->entry.le_next)) {
1908 sk = s->key[PF_SK_WIRE];
1909 if (s->direction == PF_OUT) {
1910 srcaddr = &sk->addr[1];
1911 dstaddr = &sk->addr[0];
1912 srcport = sk->port[1];
1913 dstport = sk->port[0];
1914 } else {
1915 srcaddr = &sk->addr[0];
1916 dstaddr = &sk->addr[1];
1917 srcport = sk->port[0];
1918 dstport = sk->port[1];
1919 }
1920
1921 if ((!psk->psk_af || sk->af == psk->psk_af)
1922 && (!psk->psk_proto || psk->psk_proto ==
1923 sk->proto) &&
1924 PF_MATCHA(psk->psk_src.neg,pf_match_addr(psk->psk_src.neg, &psk->psk_src.addr.
v.a.addr, &psk->psk_src.addr.v.a.mask, srcaddr, sk->
af)
1925 &psk->psk_src.addr.v.a.addr,pf_match_addr(psk->psk_src.neg, &psk->psk_src.addr.
v.a.addr, &psk->psk_src.addr.v.a.mask, srcaddr, sk->
af)
1926 &psk->psk_src.addr.v.a.mask,pf_match_addr(psk->psk_src.neg, &psk->psk_src.addr.
v.a.addr, &psk->psk_src.addr.v.a.mask, srcaddr, sk->
af)
1927 srcaddr, sk->af)pf_match_addr(psk->psk_src.neg, &psk->psk_src.addr.
v.a.addr, &psk->psk_src.addr.v.a.mask, srcaddr, sk->
af) &&
1928 PF_MATCHA(psk->psk_dst.neg,pf_match_addr(psk->psk_dst.neg, &psk->psk_dst.addr.
v.a.addr, &psk->psk_dst.addr.v.a.mask, dstaddr, sk->
af)
1929 &psk->psk_dst.addr.v.a.addr,pf_match_addr(psk->psk_dst.neg, &psk->psk_dst.addr.
v.a.addr, &psk->psk_dst.addr.v.a.mask, dstaddr, sk->
af)
1930 &psk->psk_dst.addr.v.a.mask,pf_match_addr(psk->psk_dst.neg, &psk->psk_dst.addr.
v.a.addr, &psk->psk_dst.addr.v.a.mask, dstaddr, sk->
af)
1931 dstaddr, sk->af)pf_match_addr(psk->psk_dst.neg, &psk->psk_dst.addr.
v.a.addr, &psk->psk_dst.addr.v.a.mask, dstaddr, sk->
af) &&
1932 (psk->psk_src.port_op == 0 ||
1933 pf_match_port(psk->psk_src.port_op,
1934 psk->psk_src.port[0], psk->psk_src.port[1],
1935 srcport)) &&
1936 (psk->psk_dst.port_op == 0 ||
1937 pf_match_port(psk->psk_dst.port_op,
1938 psk->psk_dst.port[0], psk->psk_dst.port[1],
1939 dstport)) &&
1940 (!psk->psk_label[0] ||
1941 (s->rule.ptr->label[0] &&
1942 !strcmp(psk->psk_label,
1943 s->rule.ptr->label))) &&
1944 (!psk->psk_ifname[0] ||
1945 !strcmp(psk->psk_ifname,
1946 s->kif->pfik_name))) {
1947 pf_unlink_state(s, PF_ENTER_LOCKED0x00000001);
1948 killed++;
1949 goto relock_DIOCKILLSTATES;
1950 }
1951 }
1952 PF_HASHROW_UNLOCK(ih)__mtx_unlock_flags(&((((&(ih)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (1952));
1953 }
1954 psk->psk_killed = killed;
1955 break;
1956 }
1957
1958 case DIOCADDSTATE((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_state)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((37)))): {
1959 struct pfioc_state *ps = (struct pfioc_state *)addr;
1960 struct pfsync_state *sp = &ps->state;
1961
1962 if (sp->timeout >= PFTM_MAX) {
1963 error = EINVAL22;
1964 break;
1965 }
1966 if (V_pfsync_state_import_ptr(*(__typeof(vnet_entry_pfsync_state_import_ptr)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pfsync_state_import_ptr
)) != NULL((void *)0)) {
1967 PF_RULES_RLOCK()((void)_rm_rlock_debug((&pf_rules_lock),(&_pf_rules_tracker
), 0, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 1967 ));
1968 error = V_pfsync_state_import_ptr(*(__typeof(vnet_entry_pfsync_state_import_ptr)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pfsync_state_import_ptr
))(sp, PFSYNC_SI_IOCTL0x01);
1969 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 1969 );
1970 } else
1971 error = EOPNOTSUPP45;
1972 break;
1973 }
1974
1975 case DIOCGETSTATE((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_state)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((19)))): {
1976 struct pfioc_state *ps = (struct pfioc_state *)addr;
1977 struct pf_state *s;
1978
1979 s = pf_find_state_byid(ps->state.id, ps->state.creatorid);
1980 if (s == NULL((void *)0)) {
1981 error = ENOENT2;
1982 break;
1983 }
1984
1985 pfsync_state_export(&ps->state, s);
1986 PF_STATE_UNLOCK(s)do { struct pf_idhash *_ih = &(*(__typeof(vnet_entry_pf_idhash
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_idhash))[((__builtin_constant_p(
(((s))->id)) ? (((__uint64_t)(__builtin_constant_p(((__uint64_t
)((((s))->id))) & 0xffffffff) ? (((__uint32_t)((__uint16_t
)(__builtin_constant_p(((__uint32_t)(((__uint64_t)((((s))->
id))) & 0xffffffff)) & 0xffff) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)(((__uint64_t)((((s))->id))) & 0xffffffff
)) & 0xffff)) << 8 | ((__uint16_t)(((__uint32_t)(((
__uint64_t)((((s))->id))) & 0xffffffff)) & 0xffff)
) >> 8) : __bswap16_var(((__uint32_t)(((__uint64_t)((((
s))->id))) & 0xffffffff)) & 0xffff))) << 16)
| ((__uint16_t)(__builtin_constant_p(((__uint32_t)(((__uint64_t
)((((s))->id))) & 0xffffffff)) >> 16) ? (__uint16_t
)(((__uint16_t)(((__uint32_t)(((__uint64_t)((((s))->id))) &
0xffffffff)) >> 16)) << 8 | ((__uint16_t)(((__uint32_t
)(((__uint64_t)((((s))->id))) & 0xffffffff)) >> 16
)) >> 8) : __bswap16_var(((__uint32_t)(((__uint64_t)(((
(s))->id))) & 0xffffffff)) >> 16)))) : __bswap32_var
(((__uint64_t)((((s))->id))) & 0xffffffff)) << 32
) | (__builtin_constant_p(((__uint64_t)((((s))->id))) >>
32) ? (((__uint32_t)((__uint16_t)(__builtin_constant_p(((__uint32_t
)(((__uint64_t)((((s))->id))) >> 32)) & 0xffff) ?
(__uint16_t)(((__uint16_t)(((__uint32_t)(((__uint64_t)((((s)
)->id))) >> 32)) & 0xffff)) << 8 | ((__uint16_t
)(((__uint32_t)(((__uint64_t)((((s))->id))) >> 32)) &
0xffff)) >> 8) : __bswap16_var(((__uint32_t)(((__uint64_t
)((((s))->id))) >> 32)) & 0xffff))) << 16)
| ((__uint16_t)(__builtin_constant_p(((__uint32_t)(((__uint64_t
)((((s))->id))) >> 32)) >> 16) ? (__uint16_t)(
((__uint16_t)(((__uint32_t)(((__uint64_t)((((s))->id))) >>
32)) >> 16)) << 8 | ((__uint16_t)(((__uint32_t)(
((__uint64_t)((((s))->id))) >> 32)) >> 16)) >>
8) : __bswap16_var(((__uint32_t)(((__uint64_t)((((s))->id
))) >> 32)) >> 16)))) : __bswap32_var(((__uint64_t
)((((s))->id))) >> 32))) : __bswap64_var((((s))->
id))) % (pf_hashmask + 1))]; __mtx_unlock_flags(&((((&
(_ih)->lock))))->mtx_lock, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
), (1986)); } while (0);
1987 break;
1988 }
1989
1990 case DIOCGETSTATES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_states)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((25)))): {
1991 struct pfioc_states *ps = (struct pfioc_states *)addr;
1992 struct pf_state *s;
1993 struct pfsync_state *pstore, *p;
1994 int i, nr;
1995
1996 if (ps->ps_len == 0) {
1997 nr = uma_zone_get_cur(V_pf_state_z(*(__typeof(vnet_entry_pf_state_z)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_state_z
)));
1998 ps->ps_len = sizeof(struct pfsync_state) * nr;
1999 break;
2000 }
2001
2002 p = pstore = malloc(ps->ps_len, M_TEMP, M_WAITOK0x0002);
2003 nr = 0;
2004
2005 for (i = 0; i <= pf_hashmask; i++) {
2006 struct pf_idhash *ih = &V_pf_idhash(*(__typeof(vnet_entry_pf_idhash)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_idhash
))[i];
2007
2008 PF_HASHROW_LOCK(ih)__mtx_lock_flags(&((((&(ih)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (2008));
2009 LIST_FOREACH(s, &ih->states, entry)for ((s) = (((&ih->states))->lh_first); (s); (s) = (
((s))->entry.le_next)) {
2010
2011 if (s->timeout == PFTM_UNLINKED)
2012 continue;
2013
2014 if ((nr+1) * sizeof(*p) > ps->ps_len) {
2015 PF_HASHROW_UNLOCK(ih)__mtx_unlock_flags(&((((&(ih)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (2015));
2016 goto DIOCGETSTATES_full;
2017 }
2018 pfsync_state_export(p, s);
2019 p++;
2020 nr++;
2021 }
2022 PF_HASHROW_UNLOCK(ih)__mtx_unlock_flags(&((((&(ih)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (2022));
2023 }
2024DIOCGETSTATES_full:
2025 error = copyout(pstore, ps->ps_statesps_u.psu_states,
2026 sizeof(struct pfsync_state) * nr);
2027 if (error) {
2028 free(pstore, M_TEMP);
2029 break;
2030 }
2031 ps->ps_len = sizeof(struct pfsync_state) * nr;
2032 free(pstore, M_TEMP);
2033
2034 break;
2035 }
2036
2037 case DIOCGETSTATUS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pf_status)) & ((1 << 13) - 1)) << 16) | ((('D'
)) << 8) | ((21)))): {
2038 struct pf_status *s = (struct pf_status *)addr;
2039
2040 PF_RULES_RLOCK()((void)_rm_rlock_debug((&pf_rules_lock),(&_pf_rules_tracker
), 0, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2040 ));
2041 s->running = V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).running;
2042 s->since = V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).since;
2043 s->debug = V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug;
2044 s->hostid = V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).hostid;
2045 s->states = V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).states;
2046 s->src_nodes = V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).src_nodes;
2047
2048 for (int i = 0; i < PFRES_MAX16; i++)
2049 s->counters[i] =
2050 counter_u64_fetch(V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).counters[i]);
2051 for (int i = 0; i < LCNT_MAX7; i++)
2052 s->lcounters[i] =
2053 counter_u64_fetch(V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).lcounters[i]);
2054 for (int i = 0; i < FCNT_MAX3; i++)
2055 s->fcounters[i] =
2056 counter_u64_fetch(V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).fcounters[i]);
2057 for (int i = 0; i < SCNT_MAX3; i++)
2058 s->scounters[i] =
2059 counter_u64_fetch(V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).scounters[i]);
2060
2061 bcopy(V_pf_status.ifname, s->ifname, IFNAMSIZ)__builtin_memmove((s->ifname), ((*(__typeof(vnet_entry_pf_status
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_status)).ifname), (16));
2062 bcopy(V_pf_status.pf_chksum, s->pf_chksum,__builtin_memmove((s->pf_chksum), ((*(__typeof(vnet_entry_pf_status
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_status)).pf_chksum), (16))
2063 PF_MD5_DIGEST_LENGTH)__builtin_memmove((s->pf_chksum), ((*(__typeof(vnet_entry_pf_status
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_status)).pf_chksum), (16));
2064
2065 pfi_update_status(s->ifname, s);
2066 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2066 );
2067 break;
2068 }
2069
2070 case DIOCSETSTATUSIF((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_if)) & ((1 << 13) - 1)) << 16) | ((('D'
)) << 8) | ((20)))): {
2071 struct pfioc_if *pi = (struct pfioc_if *)addr;
2072
2073 if (pi->ifname[0] == 0) {
2074 bzero(V_pf_status.ifname, IFNAMSIZ)__builtin_memset(((*(__typeof(vnet_entry_pf_status)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).ifname), 0, (16));
2075 break;
2076 }
2077 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2077);
2078 strlcpy(V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).ifname, pi->ifname, IFNAMSIZ16);
2079 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2079);
2080 break;
2081 }
2082
2083 case DIOCCLRSTATUS((unsigned long) ((0x20000000) | (((0) & ((1 << 13)
- 1)) << 16) | ((('D')) << 8) | ((22)))): {
2084 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2084);
2085 for (int i = 0; i < PFRES_MAX16; i++)
2086 counter_u64_zero(V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).counters[i]);
2087 for (int i = 0; i < FCNT_MAX3; i++)
2088 counter_u64_zero(V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).fcounters[i]);
2089 for (int i = 0; i < SCNT_MAX3; i++)
2090 counter_u64_zero(V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).scounters[i]);
2091 for (int i = 0; i < LCNT_MAX7; i++)
2092 counter_u64_zero(V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).lcounters[i]);
2093 V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).since = time_second;
2094 if (*V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).ifname)
2095 pfi_update_status(V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).ifname, NULL((void *)0));
2096 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2096);
2097 break;
2098 }
2099
2100 case DIOCNATLOOK((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_natlook)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((23)))): {
2101 struct pfioc_natlook *pnl = (struct pfioc_natlook *)addr;
2102 struct pf_state_key *sk;
2103 struct pf_state *state;
2104 struct pf_state_key_cmp key;
2105 int m = 0, direction = pnl->direction;
2106 int sidx, didx;
2107
2108 /* NATLOOK src and dst are reversed, so reverse sidx/didx */
2109 sidx = (direction == PF_IN) ? 1 : 0;
2110 didx = (direction == PF_IN) ? 0 : 1;
2111
2112 if (!pnl->proto ||
2113 PF_AZERO(&pnl->saddr, pnl->af)((pnl->af == 2 && !(&pnl->saddr)->pfa.addr32
[0]) || (pnl->af == 28 && !(&pnl->saddr)->
pfa.addr32[0] && !(&pnl->saddr)->pfa.addr32
[1] && !(&pnl->saddr)->pfa.addr32[2] &&
!(&pnl->saddr)->pfa.addr32[3] )) ||
2114 PF_AZERO(&pnl->daddr, pnl->af)((pnl->af == 2 && !(&pnl->daddr)->pfa.addr32
[0]) || (pnl->af == 28 && !(&pnl->daddr)->
pfa.addr32[0] && !(&pnl->daddr)->pfa.addr32
[1] && !(&pnl->daddr)->pfa.addr32[2] &&
!(&pnl->daddr)->pfa.addr32[3] )) ||
2115 ((pnl->proto == IPPROTO_TCP6 ||
2116 pnl->proto == IPPROTO_UDP17) &&
2117 (!pnl->dport || !pnl->sport)))
2118 error = EINVAL22;
2119 else {
2120 bzero(&key, sizeof(key))__builtin_memset((&key), 0, (sizeof(key)));
2121 key.af = pnl->af;
2122 key.proto = pnl->proto;
2123 PF_ACPY(&key.addr[sidx], &pnl->saddr, pnl->af)pf_addrcpy(&key.addr[sidx], &pnl->saddr, pnl->af
);
2124 key.port[sidx] = pnl->sport;
2125 PF_ACPY(&key.addr[didx], &pnl->daddr, pnl->af)pf_addrcpy(&key.addr[didx], &pnl->daddr, pnl->af
);
2126 key.port[didx] = pnl->dport;
2127
2128 state = pf_find_state_all(&key, direction, &m);
2129
2130 if (m > 1)
2131 error = E2BIG7; /* more than one state */
2132 else if (state != NULL((void *)0)) {
2133 /* XXXGL: not locked read */
2134 sk = state->key[sidx];
2135 PF_ACPY(&pnl->rsaddr, &sk->addr[sidx], sk->af)pf_addrcpy(&pnl->rsaddr, &sk->addr[sidx], sk->
af);
2136 pnl->rsport = sk->port[sidx];
2137 PF_ACPY(&pnl->rdaddr, &sk->addr[didx], sk->af)pf_addrcpy(&pnl->rdaddr, &sk->addr[didx], sk->
af);
2138 pnl->rdport = sk->port[didx];
2139 } else
2140 error = ENOENT2;
2141 }
2142 break;
2143 }
2144
2145 case DIOCSETTIMEOUT((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_tm)) & ((1 << 13) - 1)) << 16) | ((('D'
)) << 8) | ((29)))): {
2146 struct pfioc_tm *pt = (struct pfioc_tm *)addr;
2147 int old;
2148
2149 if (pt->timeout < 0 || pt->timeout >= PFTM_MAX ||
2150 pt->seconds < 0) {
2151 error = EINVAL22;
2152 break;
2153 }
2154 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2154);
2155 old = V_pf_default_rule(*(__typeof(vnet_entry_pf_default_rule)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_default_rule
)).timeout[pt->timeout];
2156 if (pt->timeout == PFTM_INTERVAL && pt->seconds == 0)
2157 pt->seconds = 1;
2158 V_pf_default_rule(*(__typeof(vnet_entry_pf_default_rule)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_default_rule
)).timeout[pt->timeout] = pt->seconds;
2159 if (pt->timeout == PFTM_INTERVAL && pt->seconds < old)
2160 wakeup(pf_purge_thread);
2161 pt->seconds = old;
2162 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2162);
2163 break;
2164 }
2165
2166 case DIOCGETTIMEOUT((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_tm)) & ((1 << 13) - 1)) << 16) | ((('D'
)) << 8) | ((30)))): {
2167 struct pfioc_tm *pt = (struct pfioc_tm *)addr;
2168
2169 if (pt->timeout < 0 || pt->timeout >= PFTM_MAX) {
2170 error = EINVAL22;
2171 break;
2172 }
2173 PF_RULES_RLOCK()((void)_rm_rlock_debug((&pf_rules_lock),(&_pf_rules_tracker
), 0, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2173 ));
2174 pt->seconds = V_pf_default_rule(*(__typeof(vnet_entry_pf_default_rule)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_default_rule
)).timeout[pt->timeout];
2175 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2175 );
2176 break;
2177 }
2178
2179 case DIOCGETLIMIT((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_limit)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((39)))): {
2180 struct pfioc_limit *pl = (struct pfioc_limit *)addr;
2181
2182 if (pl->index < 0 || pl->index >= PF_LIMIT_MAX) {
2183 error = EINVAL22;
2184 break;
2185 }
2186 PF_RULES_RLOCK()((void)_rm_rlock_debug((&pf_rules_lock),(&_pf_rules_tracker
), 0, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2186 ));
2187 pl->limit = V_pf_limits(*(__typeof(vnet_entry_pf_limits)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_limits
))[pl->index].limit;
2188 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2188 );
2189 break;
2190 }
2191
2192 case DIOCSETLIMIT((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_limit)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((40)))): {
2193 struct pfioc_limit *pl = (struct pfioc_limit *)addr;
2194 int old_limit;
2195
2196 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2196);
2197 if (pl->index < 0 || pl->index >= PF_LIMIT_MAX ||
2198 V_pf_limits(*(__typeof(vnet_entry_pf_limits)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_limits
))[pl->index].zone == NULL((void *)0)) {
2199 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2199);
2200 error = EINVAL22;
2201 break;
2202 }
2203 uma_zone_set_max(V_pf_limits(*(__typeof(vnet_entry_pf_limits)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_limits
))[pl->index].zone, pl->limit);
2204 old_limit = V_pf_limits(*(__typeof(vnet_entry_pf_limits)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_limits
))[pl->index].limit;
2205 V_pf_limits(*(__typeof(vnet_entry_pf_limits)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_limits
))[pl->index].limit = pl->limit;
2206 pl->limit = old_limit;
2207 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2207);
2208 break;
2209 }
2210
2211 case DIOCSETDEBUG((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(u_int32_t
)) & ((1 << 13) - 1)) << 16) | ((('D')) <<
8) | ((24)))): {
2212 u_int32_t *level = (u_int32_t *)addr;
2213
2214 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2214);
2215 V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug = *level;
2216 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2216);
2217 break;
2218 }
2219
2220 case DIOCCLRRULECTRS((unsigned long) ((0x20000000) | (((0) & ((1 << 13)
- 1)) << 16) | ((('D')) << 8) | ((38)))): {
2221 /* obsoleted by DIOCGETRULE with action=PF_GET_CLR_CNTR */
2222 struct pf_ruleset *ruleset = &pf_main_ruleset(*(__typeof(vnet_entry_pf_main_anchor)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_main_anchor
)).ruleset;
2223 struct pf_rule *rule;
2224
2225 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2225);
2226 TAILQ_FOREACH(rule,for ((rule) = (((ruleset->rules[PF_RULESET_FILTER].active.
ptr))->tqh_first); (rule); (rule) = (((rule))->entries.
tqe_next))
2227 ruleset->rules[PF_RULESET_FILTER].active.ptr, entries)for ((rule) = (((ruleset->rules[PF_RULESET_FILTER].active.
ptr))->tqh_first); (rule); (rule) = (((rule))->entries.
tqe_next)) {
2228 rule->evaluations = 0;
2229 rule->packets[0] = rule->packets[1] = 0;
2230 rule->bytes[0] = rule->bytes[1] = 0;
2231 }
2232 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2232);
2233 break;
2234 }
2235
2236 case DIOCGIFSPEEDV0((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pf_ifspeed_v0)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((92)))):
2237 case DIOCGIFSPEEDV1((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pf_ifspeed_v1)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((92)))): {
2238 struct pf_ifspeed_v1 *psp = (struct pf_ifspeed_v1 *)addr;
2239 struct pf_ifspeed_v1 ps;
2240 struct ifnet *ifp;
2241
2242 if (psp->ifname[0] != 0) {
2243 /* Can we completely trust user-land? */
2244 strlcpy(ps.ifname, psp->ifname, IFNAMSIZ16);
2245 ifp = ifunit(ps.ifname);
2246 if (ifp != NULL((void *)0)) {
2247 psp->baudrate32 =
2248 (u_int32_t)uqmin(ifp->if_baudrate, UINT_MAX0xffffffff);
2249 if (cmd == DIOCGIFSPEEDV1((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pf_ifspeed_v1)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((92)))))
2250 psp->baudrate = ifp->if_baudrate;
2251 } else
2252 error = EINVAL22;
2253 } else
2254 error = EINVAL22;
2255 break;
2256 }
2257
2258#ifdef ALTQ
2259 case DIOCSTARTALTQ((unsigned long) ((0x20000000) | (((0) & ((1 << 13)
- 1)) << 16) | ((('D')) << 8) | ((42)))): {
2260 struct pf_altqpf_kaltq *altq;
2261
2262 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2262);
2263 /* enable all altq interfaces on active list */
2264 TAILQ_FOREACH(altq, V_pf_altqs_active, entries)for ((altq) = ((((*(__typeof(vnet_entry_pf_altqs_active)*) ((
(((__curthread())->td_vnet))->vnet_data_base) + (uintptr_t
)&vnet_entry_pf_altqs_active))))->tqh_first); (altq); (
altq) = (((altq))->entries.tqe_next)) {
2265 if (altq->qname[0] == 0 && (altq->local_flags &
2266 PFALTQ_FLAG_IF_REMOVED0x01) == 0) {
2267 error = pf_enable_altq(altq);
2268 if (error != 0)
2269 break;
2270 }
2271 }
2272 if (error == 0)
2273 V_pf_altq_running = 1;
2274 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2274);
2275 DPFPRINTF(PF_DEBUG_MISC, ("altq: started\n"))if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("altq: started\n");
2276 break;
2277 }
2278
2279 case DIOCSTOPALTQ((unsigned long) ((0x20000000) | (((0) & ((1 << 13)
- 1)) << 16) | ((('D')) << 8) | ((43)))): {
2280 struct pf_altqpf_kaltq *altq;
2281
2282 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2282);
2283 /* disable all altq interfaces on active list */
2284 TAILQ_FOREACH(altq, V_pf_altqs_active, entries)for ((altq) = ((((*(__typeof(vnet_entry_pf_altqs_active)*) ((
(((__curthread())->td_vnet))->vnet_data_base) + (uintptr_t
)&vnet_entry_pf_altqs_active))))->tqh_first); (altq); (
altq) = (((altq))->entries.tqe_next)) {
2285 if (altq->qname[0] == 0 && (altq->local_flags &
2286 PFALTQ_FLAG_IF_REMOVED0x01) == 0) {
2287 error = pf_disable_altq(altq);
2288 if (error != 0)
2289 break;
2290 }
2291 }
2292 if (error == 0)
2293 V_pf_altq_running = 0;
2294 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2294);
2295 DPFPRINTF(PF_DEBUG_MISC, ("altq: stopped\n"))if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("altq: stopped\n");
2296 break;
2297 }
2298
2299 case DIOCADDALTQV0((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_altq_v0)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((45)))):
2300 case DIOCADDALTQV1((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_altq_v1)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((45)))): {
2301 struct pfioc_altq_v1 *pa = (struct pfioc_altq_v1 *)addr;
2302 struct pf_altqpf_kaltq *altq, *a;
2303 struct ifnet *ifp;
2304
2305 altq = malloc(sizeof(*altq), M_PFALTQ, M_WAITOK0x0002 | M_ZERO0x0100);
2306 error = pf_import_kaltq(pa, altq, IOCPARM_LEN(cmd)(((cmd) >> 16) & ((1 << 13) - 1)));
2307 if (error)
2308 break;
2309 altq->local_flags = 0;
2310
2311 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2311);
2312 if (pa->ticket != V_ticket_altqs_inactive(*(__typeof(vnet_entry_ticket_altqs_inactive)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_ticket_altqs_inactive
))) {
2313 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2313);
2314 free(altq, M_PFALTQ);
2315 error = EBUSY16;
2316 break;
2317 }
2318
2319 /*
2320 * if this is for a queue, find the discipline and
2321 * copy the necessary fields
2322 */
2323 if (altq->qname[0] != 0) {
2324 if ((altq->qid = pf_qname2qid(altq->qname)) == 0) {
2325 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2325);
2326 error = EBUSY16;
2327 free(altq, M_PFALTQ);
2328 break;
2329 }
2330 altq->altq_disc = NULL((void *)0);
2331 TAILQ_FOREACH(a, V_pf_altqs_inactive, entries)for ((a) = ((((*(__typeof(vnet_entry_pf_altqs_inactive)*) (((
((__curthread())->td_vnet))->vnet_data_base) + (uintptr_t
)&vnet_entry_pf_altqs_inactive))))->tqh_first); (a); (
a) = (((a))->entries.tqe_next)) {
2332 if (strncmp(a->ifname, altq->ifname,
2333 IFNAMSIZ16) == 0 && a->qname[0] == 0) {
2334 altq->altq_disc = a->altq_disc;
2335 break;
2336 }
2337 }
2338 }
2339
2340 if ((ifp = ifunit(altq->ifname)) == NULL((void *)0))
2341 altq->local_flags |= PFALTQ_FLAG_IF_REMOVED0x01;
2342 else
2343 error = altq_add(altq);
2344
2345 if (error) {
2346 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2346);
2347 free(altq, M_PFALTQ);
2348 break;
2349 }
2350
2351 TAILQ_INSERT_TAIL(V_pf_altqs_inactive, altq, entries)do { do { if (*((*(__typeof(vnet_entry_pf_altqs_inactive)*) (
((((__curthread())->td_vnet))->vnet_data_base) + (uintptr_t
)&vnet_entry_pf_altqs_inactive)))->tqh_last != ((void *
)0)) panic("Bad tailq NEXT(%p->tqh_last) != NULL", ((*(__typeof
(vnet_entry_pf_altqs_inactive)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_altqs_inactive
)))); } while (0); (((altq))->entries.tqe_next) = ((void *
)0); (altq)->entries.tqe_prev = ((*(__typeof(vnet_entry_pf_altqs_inactive
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_altqs_inactive)))->tqh_last; *
((*(__typeof(vnet_entry_pf_altqs_inactive)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_altqs_inactive
)))->tqh_last = (altq); ((*(__typeof(vnet_entry_pf_altqs_inactive
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_altqs_inactive)))->tqh_last =
&(((altq))->entries.tqe_next); ; ; } while (0);
2352 /* version error check done on import above */
2353 pf_export_kaltq(altq, pa, IOCPARM_LEN(cmd)(((cmd) >> 16) & ((1 << 13) - 1)));
2354 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2354);
2355 break;
2356 }
2357
2358 case DIOCGETALTQSV0((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_altq_v0)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((47)))):
2359 case DIOCGETALTQSV1((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_altq_v1)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((47)))): {
2360 struct pfioc_altq_v1 *pa = (struct pfioc_altq_v1 *)addr;
2361 struct pf_altqpf_kaltq *altq;
2362
2363 PF_RULES_RLOCK()((void)_rm_rlock_debug((&pf_rules_lock),(&_pf_rules_tracker
), 0, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2363 ));
2364 pa->nr = 0;
2365 TAILQ_FOREACH(altq, V_pf_altqs_active, entries)for ((altq) = ((((*(__typeof(vnet_entry_pf_altqs_active)*) ((
(((__curthread())->td_vnet))->vnet_data_base) + (uintptr_t
)&vnet_entry_pf_altqs_active))))->tqh_first); (altq); (
altq) = (((altq))->entries.tqe_next))
2366 pa->nr++;
2367 pa->ticket = V_ticket_altqs_active(*(__typeof(vnet_entry_ticket_altqs_active)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_ticket_altqs_active
));
2368 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2368 );
2369 break;
2370 }
2371
2372 case DIOCGETALTQV0((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_altq_v0)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((48)))):
2373 case DIOCGETALTQV1((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_altq_v1)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((48)))): {
2374 struct pfioc_altq_v1 *pa = (struct pfioc_altq_v1 *)addr;
2375 struct pf_altqpf_kaltq *altq;
2376 u_int32_t nr;
2377
2378 PF_RULES_RLOCK()((void)_rm_rlock_debug((&pf_rules_lock),(&_pf_rules_tracker
), 0, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2378 ));
2379 if (pa->ticket != V_ticket_altqs_active(*(__typeof(vnet_entry_ticket_altqs_active)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_ticket_altqs_active
))) {
2380 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2380 );
2381 error = EBUSY16;
2382 break;
2383 }
2384 nr = 0;
2385 altq = TAILQ_FIRST(V_pf_altqs_active)(((*(__typeof(vnet_entry_pf_altqs_active)*) (((((__curthread(
))->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_altqs_active
)))->tqh_first);
2386 while ((altq != NULL((void *)0)) && (nr < pa->nr)) {
2387 altq = TAILQ_NEXT(altq, entries)((altq)->entries.tqe_next);
2388 nr++;
2389 }
2390 if (altq == NULL((void *)0)) {
2391 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2391 );
2392 error = EBUSY16;
2393 break;
2394 }
2395 pf_export_kaltq(altq, pa, IOCPARM_LEN(cmd)(((cmd) >> 16) & ((1 << 13) - 1)));
2396 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2396 );
2397 break;
2398 }
2399
2400 case DIOCCHANGEALTQV0((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_altq_v0)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((49)))):
2401 case DIOCCHANGEALTQV1((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_altq_v1)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((49)))):
2402 /* CHANGEALTQ not supported yet! */
2403 error = ENODEV19;
2404 break;
2405
2406 case DIOCGETQSTATSV0((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_qstats_v0)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((50)))):
2407 case DIOCGETQSTATSV1((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_qstats_v1)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((50)))): {
2408 struct pfioc_qstats_v1 *pq = (struct pfioc_qstats_v1 *)addr;
2409 struct pf_altqpf_kaltq *altq;
2410 u_int32_t nr;
2411 int nbytes;
2412 u_int32_t version;
2413
2414 PF_RULES_RLOCK()((void)_rm_rlock_debug((&pf_rules_lock),(&_pf_rules_tracker
), 0, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2414 ));
2415 if (pq->ticket != V_ticket_altqs_active(*(__typeof(vnet_entry_ticket_altqs_active)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_ticket_altqs_active
))) {
2416 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2416 );
2417 error = EBUSY16;
2418 break;
2419 }
2420 nbytes = pq->nbytes;
2421 nr = 0;
2422 altq = TAILQ_FIRST(V_pf_altqs_active)(((*(__typeof(vnet_entry_pf_altqs_active)*) (((((__curthread(
))->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_altqs_active
)))->tqh_first);
2423 while ((altq != NULL((void *)0)) && (nr < pq->nr)) {
2424 altq = TAILQ_NEXT(altq, entries)((altq)->entries.tqe_next);
2425 nr++;
2426 }
2427 if (altq == NULL((void *)0)) {
2428 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2428 );
2429 error = EBUSY16;
2430 break;
2431 }
2432
2433 if ((altq->local_flags & PFALTQ_FLAG_IF_REMOVED0x01) != 0) {
2434 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2434 );
2435 error = ENXIO6;
2436 break;
2437 }
2438 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2438 );
2439 if (cmd == DIOCGETQSTATSV0((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_qstats_v0)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((50)))))
2440 version = 0; /* DIOCGETQSTATSV0 means stats struct v0 */
2441 else
2442 version = pq->version;
2443 error = altq_getqstats(altq, pq->buf, &nbytes, version);
2444 if (error == 0) {
2445 pq->scheduler = altq->scheduler;
2446 pq->nbytes = nbytes;
2447 }
2448 break;
2449 }
2450#endif /* ALTQ */
2451
2452 case DIOCBEGINADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_pooladdr)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((51)))): {
2453 struct pfioc_pooladdr *pp = (struct pfioc_pooladdr *)addr;
2454
2455 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2455);
2456 pf_empty_pool(&V_pf_pabuf(*(__typeof(vnet_entry_pf_pabuf)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_pabuf)
));
2457 pp->ticket = ++V_ticket_pabuf(*(__typeof(vnet_entry_ticket_pabuf)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_ticket_pabuf
));
2458 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2458);
2459 break;
2460 }
2461
2462 case DIOCADDADDR((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_pooladdr)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((52)))): {
2463 struct pfioc_pooladdr *pp = (struct pfioc_pooladdr *)addr;
2464 struct pf_pooladdr *pa;
2465 struct pfi_kif *kif = NULL((void *)0);
2466
2467#ifndef INET1
2468 if (pp->af == AF_INET2) {
2469 error = EAFNOSUPPORT47;
2470 break;
2471 }
2472#endif /* INET */
2473#ifndef INET61
2474 if (pp->af == AF_INET628) {
2475 error = EAFNOSUPPORT47;
2476 break;
2477 }
2478#endif /* INET6 */
2479 if (pp->addr.addr.type != PF_ADDR_ADDRMASK &&
2480 pp->addr.addr.type != PF_ADDR_DYNIFTL &&
2481 pp->addr.addr.type != PF_ADDR_TABLE) {
2482 error = EINVAL22;
2483 break;
2484 }
2485 pa = malloc(sizeof(*pa), M_PFRULE, M_WAITOK0x0002);
2486 bcopy(&pp->addr, pa, sizeof(struct pf_pooladdr))__builtin_memmove((pa), (&pp->addr), (sizeof(struct pf_pooladdr
)));
2487 if (pa->ifname[0])
2488 kif = malloc(sizeof(*kif), PFI_MTYPE, M_WAITOK0x0002);
2489 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2489);
2490 if (pp->ticket != V_ticket_pabuf(*(__typeof(vnet_entry_ticket_pabuf)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_ticket_pabuf
))) {
2491 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2491);
2492 if (pa->ifname[0])
2493 free(kif, PFI_MTYPE);
2494 free(pa, M_PFRULE);
2495 error = EBUSY16;
2496 break;
2497 }
2498 if (pa->ifname[0]) {
2499 pa->kif = pfi_kif_attach(kif, pa->ifname);
2500 pfi_kif_ref(pa->kif);
2501 } else
2502 pa->kif = NULL((void *)0);
2503 if (pa->addr.type == PF_ADDR_DYNIFTL && ((error =
2504 pfi_dynaddr_setup(&pa->addr, pp->af)) != 0)) {
2505 if (pa->ifname[0])
2506 pfi_kif_unref(pa->kif);
2507 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2507);
2508 free(pa, M_PFRULE);
2509 break;
2510 }
2511 TAILQ_INSERT_TAIL(&V_pf_pabuf, pa, entries)do { do { if (*(&(*(__typeof(vnet_entry_pf_pabuf)*) (((((
__curthread())->td_vnet))->vnet_data_base) + (uintptr_t
)&vnet_entry_pf_pabuf)))->tqh_last != ((void *)0)) panic
("Bad tailq NEXT(%p->tqh_last) != NULL", (&(*(__typeof
(vnet_entry_pf_pabuf)*) (((((__curthread())->td_vnet))->
vnet_data_base) + (uintptr_t)&vnet_entry_pf_pabuf)))); } while
(0); (((pa))->entries.tqe_next) = ((void *)0); (pa)->entries
.tqe_prev = (&(*(__typeof(vnet_entry_pf_pabuf)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_pabuf
)))->tqh_last; *(&(*(__typeof(vnet_entry_pf_pabuf)*) (
((((__curthread())->td_vnet))->vnet_data_base) + (uintptr_t
)&vnet_entry_pf_pabuf)))->tqh_last = (pa); (&(*(__typeof
(vnet_entry_pf_pabuf)*) (((((__curthread())->td_vnet))->
vnet_data_base) + (uintptr_t)&vnet_entry_pf_pabuf)))->
tqh_last = &(((pa))->entries.tqe_next); ; ; } while (0
);
2512 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2512);
2513 break;
2514 }
2515
2516 case DIOCGETADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_pooladdr)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((53)))): {
2517 struct pfioc_pooladdr *pp = (struct pfioc_pooladdr *)addr;
2518 struct pf_pool *pool;
2519 struct pf_pooladdr *pa;
2520
2521 PF_RULES_RLOCK()((void)_rm_rlock_debug((&pf_rules_lock),(&_pf_rules_tracker
), 0, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2521 ));
2522 pp->nr = 0;
2523 pool = pf_get_pool(pp->anchor, pp->ticket, pp->r_action,
2524 pp->r_num, 0, 1, 0);
2525 if (pool == NULL((void *)0)) {
2526 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2526 );
2527 error = EBUSY16;
2528 break;
2529 }
2530 TAILQ_FOREACH(pa, &pool->list, entries)for ((pa) = (((&pool->list))->tqh_first); (pa); (pa
) = (((pa))->entries.tqe_next))
2531 pp->nr++;
2532 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2532 );
2533 break;
2534 }
2535
2536 case DIOCGETADDR((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_pooladdr)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((54)))): {
2537 struct pfioc_pooladdr *pp = (struct pfioc_pooladdr *)addr;
2538 struct pf_pool *pool;
2539 struct pf_pooladdr *pa;
2540 u_int32_t nr = 0;
2541
2542 PF_RULES_RLOCK()((void)_rm_rlock_debug((&pf_rules_lock),(&_pf_rules_tracker
), 0, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2542 ));
2543 pool = pf_get_pool(pp->anchor, pp->ticket, pp->r_action,
2544 pp->r_num, 0, 1, 1);
2545 if (pool == NULL((void *)0)) {
2546 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2546 );
2547 error = EBUSY16;
2548 break;
2549 }
2550 pa = TAILQ_FIRST(&pool->list)((&pool->list)->tqh_first);
2551 while ((pa != NULL((void *)0)) && (nr < pp->nr)) {
2552 pa = TAILQ_NEXT(pa, entries)((pa)->entries.tqe_next);
2553 nr++;
2554 }
2555 if (pa == NULL((void *)0)) {
2556 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2556 );
2557 error = EBUSY16;
2558 break;
2559 }
2560 bcopy(pa, &pp->addr, sizeof(struct pf_pooladdr))__builtin_memmove((&pp->addr), (pa), (sizeof(struct pf_pooladdr
)));
2561 pf_addr_copyout(&pp->addr.addr);
2562 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2562 );
2563 break;
2564 }
2565
2566 case DIOCCHANGEADDR((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_pooladdr)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((55)))): {
2567 struct pfioc_pooladdr *pca = (struct pfioc_pooladdr *)addr;
2568 struct pf_pool *pool;
2569 struct pf_pooladdr *oldpa = NULL((void *)0), *newpa = NULL((void *)0);
2570 struct pf_ruleset *ruleset;
2571 struct pfi_kif *kif = NULL((void *)0);
2572
2573 if (pca->action < PF_CHANGE_ADD_HEAD ||
2574 pca->action > PF_CHANGE_REMOVE) {
2575 error = EINVAL22;
2576 break;
2577 }
2578 if (pca->addr.addr.type != PF_ADDR_ADDRMASK &&
2579 pca->addr.addr.type != PF_ADDR_DYNIFTL &&
2580 pca->addr.addr.type != PF_ADDR_TABLE) {
2581 error = EINVAL22;
2582 break;
2583 }
2584
2585 if (pca->action != PF_CHANGE_REMOVE) {
2586#ifndef INET1
2587 if (pca->af == AF_INET2) {
2588 error = EAFNOSUPPORT47;
2589 break;
2590 }
2591#endif /* INET */
2592#ifndef INET61
2593 if (pca->af == AF_INET628) {
2594 error = EAFNOSUPPORT47;
2595 break;
2596 }
2597#endif /* INET6 */
2598 newpa = malloc(sizeof(*newpa), M_PFRULE, M_WAITOK0x0002);
2599 bcopy(&pca->addr, newpa, sizeof(struct pf_pooladdr))__builtin_memmove((newpa), (&pca->addr), (sizeof(struct
pf_pooladdr)));
2600 if (newpa->ifname[0])
2601 kif = malloc(sizeof(*kif), PFI_MTYPE, M_WAITOK0x0002);
2602 newpa->kif = NULL((void *)0);
2603 }
2604
2605#define ERROUT(x) { error = (x); goto DIOCCHANGEADDR_error; }
2606 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2606);
2607 ruleset = pf_find_ruleset(pca->anchor);
2608 if (ruleset == NULL((void *)0))
2609 ERROUT(EBUSY16);
2610
2611 pool = pf_get_pool(pca->anchor, pca->ticket, pca->r_action,
2612 pca->r_num, pca->r_last, 1, 1);
2613 if (pool == NULL((void *)0))
2614 ERROUT(EBUSY16);
2615
2616 if (pca->action != PF_CHANGE_REMOVE) {
2617 if (newpa->ifname[0]) {
2618 newpa->kif = pfi_kif_attach(kif, newpa->ifname);
2619 pfi_kif_ref(newpa->kif);
2620 kif = NULL((void *)0);
2621 }
2622
2623 switch (newpa->addr.type) {
2624 case PF_ADDR_DYNIFTL:
2625 error = pfi_dynaddr_setup(&newpa->addr,
2626 pca->af);
2627 break;
2628 case PF_ADDR_TABLE:
2629 newpa->addr.p.tbl = pfr_attach_table(ruleset,
2630 newpa->addr.v.tblname);
2631 if (newpa->addr.p.tbl == NULL((void *)0))
2632 error = ENOMEM12;
2633 break;
2634 }
2635 if (error)
2636 goto DIOCCHANGEADDR_error;
2637 }
2638
2639 switch (pca->action) {
2640 case PF_CHANGE_ADD_HEAD:
2641 oldpa = TAILQ_FIRST(&pool->list)((&pool->list)->tqh_first);
2642 break;
2643 case PF_CHANGE_ADD_TAIL:
2644 oldpa = TAILQ_LAST(&pool->list, pf_palist)(*(((struct pf_palist *)((&pool->list)->tqh_last))->
tqh_last));
2645 break;
2646 default:
2647 oldpa = TAILQ_FIRST(&pool->list)((&pool->list)->tqh_first);
2648 for (int i = 0; oldpa && i < pca->nr; i++)
2649 oldpa = TAILQ_NEXT(oldpa, entries)((oldpa)->entries.tqe_next);
2650
2651 if (oldpa == NULL((void *)0))
2652 ERROUT(EINVAL22);
2653 }
2654
2655 if (pca->action == PF_CHANGE_REMOVE) {
2656 TAILQ_REMOVE(&pool->list, oldpa, entries)do { ; ; do { if ((((oldpa))->entries.tqe_next) != ((void *
)0) && (((oldpa))->entries.tqe_next)->entries.tqe_prev
!= &((oldpa)->entries.tqe_next)) panic("Bad link elm %p next->prev != elm"
, (oldpa)); } while (0); do { if (*(oldpa)->entries.tqe_prev
!= (oldpa)) panic("Bad link elm %p prev->next != elm", (oldpa
)); } while (0); if (((((oldpa))->entries.tqe_next)) != ((
void *)0)) (((oldpa))->entries.tqe_next)->entries.tqe_prev
= (oldpa)->entries.tqe_prev; else { (&pool->list)->
tqh_last = (oldpa)->entries.tqe_prev; ; } *(oldpa)->entries
.tqe_prev = (((oldpa))->entries.tqe_next); ; ; ; } while (
0);
2657 switch (oldpa->addr.type) {
2658 case PF_ADDR_DYNIFTL:
2659 pfi_dynaddr_remove(oldpa->addr.p.dyn);
2660 break;
2661 case PF_ADDR_TABLE:
2662 pfr_detach_table(oldpa->addr.p.tbl);
2663 break;
2664 }
2665 if (oldpa->kif)
2666 pfi_kif_unref(oldpa->kif);
2667 free(oldpa, M_PFRULE);
2668 } else {
2669 if (oldpa == NULL((void *)0))
2670 TAILQ_INSERT_TAIL(&pool->list, newpa, entries)do { do { if (*(&pool->list)->tqh_last != ((void *)
0)) panic("Bad tailq NEXT(%p->tqh_last) != NULL", (&pool
->list)); } while (0); (((newpa))->entries.tqe_next) = (
(void *)0); (newpa)->entries.tqe_prev = (&pool->list
)->tqh_last; *(&pool->list)->tqh_last = (newpa);
(&pool->list)->tqh_last = &(((newpa))->entries
.tqe_next); ; ; } while (0);
2671 else if (pca->action == PF_CHANGE_ADD_HEAD ||
2672 pca->action == PF_CHANGE_ADD_BEFORE)
2673 TAILQ_INSERT_BEFORE(oldpa, newpa, entries)do { do { if (*(oldpa)->entries.tqe_prev != (oldpa)) panic
("Bad link elm %p prev->next != elm", (oldpa)); } while (0
); (newpa)->entries.tqe_prev = (oldpa)->entries.tqe_prev
; (((newpa))->entries.tqe_next) = (oldpa); *(oldpa)->entries
.tqe_prev = (newpa); (oldpa)->entries.tqe_prev = &(((newpa
))->entries.tqe_next); ; ; } while (0);
2674 else
2675 TAILQ_INSERT_AFTER(&pool->list, oldpa,do { do { if ((((oldpa))->entries.tqe_next) != ((void *)0)
&& (((oldpa))->entries.tqe_next)->entries.tqe_prev
!= &((oldpa)->entries.tqe_next)) panic("Bad link elm %p next->prev != elm"
, (oldpa)); } while (0); if (((((newpa))->entries.tqe_next
) = (((oldpa))->entries.tqe_next)) != ((void *)0)) (((newpa
))->entries.tqe_next)->entries.tqe_prev = &(((newpa
))->entries.tqe_next); else { (&pool->list)->tqh_last
= &(((newpa))->entries.tqe_next); ; } (((oldpa))->
entries.tqe_next) = (newpa); (newpa)->entries.tqe_prev = &
(((oldpa))->entries.tqe_next); ; ; } while (0)
2676 newpa, entries)do { do { if ((((oldpa))->entries.tqe_next) != ((void *)0)
&& (((oldpa))->entries.tqe_next)->entries.tqe_prev
!= &((oldpa)->entries.tqe_next)) panic("Bad link elm %p next->prev != elm"
, (oldpa)); } while (0); if (((((newpa))->entries.tqe_next
) = (((oldpa))->entries.tqe_next)) != ((void *)0)) (((newpa
))->entries.tqe_next)->entries.tqe_prev = &(((newpa
))->entries.tqe_next); else { (&pool->list)->tqh_last
= &(((newpa))->entries.tqe_next); ; } (((oldpa))->
entries.tqe_next) = (newpa); (newpa)->entries.tqe_prev = &
(((oldpa))->entries.tqe_next); ; ; } while (0);
2677 }
2678
2679 pool->cur = TAILQ_FIRST(&pool->list)((&pool->list)->tqh_first);
2680 PF_ACPY(&pool->counter, &pool->cur->addr.v.a.addr, pca->af)pf_addrcpy(&pool->counter, &pool->cur->addr.
v.a.addr, pca->af);
2681 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2681);
2682 break;
2683
2684#undef ERROUT
2685DIOCCHANGEADDR_error:
2686 if (newpa != NULL((void *)0)) {
2687 if (newpa->kif)
2688 pfi_kif_unref(newpa->kif);
2689 free(newpa, M_PFRULE);
2690 }
2691 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2691);
2692 if (kif != NULL((void *)0))
2693 free(kif, PFI_MTYPE);
2694 break;
2695 }
2696
2697 case DIOCGETRULESETS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_ruleset)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((58)))): {
2698 struct pfioc_ruleset *pr = (struct pfioc_ruleset *)addr;
2699 struct pf_ruleset *ruleset;
2700 struct pf_anchor *anchor;
2701
2702 PF_RULES_RLOCK()((void)_rm_rlock_debug((&pf_rules_lock),(&_pf_rules_tracker
), 0, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2702 ));
2703 pr->path[sizeof(pr->path) - 1] = 0;
2704 if ((ruleset = pf_find_ruleset(pr->path)) == NULL((void *)0)) {
2705 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2705 );
2706 error = ENOENT2;
2707 break;
2708 }
2709 pr->nr = 0;
2710 if (ruleset->anchor == NULL((void *)0)) {
2711 /* XXX kludge for pf_main_ruleset */
2712 RB_FOREACH(anchor, pf_anchor_global, &V_pf_anchors)for ((anchor) = pf_anchor_global_RB_MINMAX(&(*(__typeof(vnet_entry_pf_anchors
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_anchors)), -1); (anchor) != ((void
*)0); (anchor) = pf_anchor_global_RB_NEXT(anchor))
2713 if (anchor->parent == NULL((void *)0))
2714 pr->nr++;
2715 } else {
2716 RB_FOREACH(anchor, pf_anchor_node,for ((anchor) = pf_anchor_node_RB_MINMAX(&ruleset->anchor
->children, -1); (anchor) != ((void *)0); (anchor) = pf_anchor_node_RB_NEXT
(anchor))
2717 &ruleset->anchor->children)for ((anchor) = pf_anchor_node_RB_MINMAX(&ruleset->anchor
->children, -1); (anchor) != ((void *)0); (anchor) = pf_anchor_node_RB_NEXT
(anchor))
2718 pr->nr++;
2719 }
2720 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2720 );
2721 break;
2722 }
2723
2724 case DIOCGETRULESET((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_ruleset)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((59)))): {
2725 struct pfioc_ruleset *pr = (struct pfioc_ruleset *)addr;
2726 struct pf_ruleset *ruleset;
2727 struct pf_anchor *anchor;
2728 u_int32_t nr = 0;
2729
2730 PF_RULES_RLOCK()((void)_rm_rlock_debug((&pf_rules_lock),(&_pf_rules_tracker
), 0, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2730 ));
2731 pr->path[sizeof(pr->path) - 1] = 0;
2732 if ((ruleset = pf_find_ruleset(pr->path)) == NULL((void *)0)) {
2733 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2733 );
2734 error = ENOENT2;
2735 break;
2736 }
2737 pr->name[0] = 0;
2738 if (ruleset->anchor == NULL((void *)0)) {
2739 /* XXX kludge for pf_main_ruleset */
2740 RB_FOREACH(anchor, pf_anchor_global, &V_pf_anchors)for ((anchor) = pf_anchor_global_RB_MINMAX(&(*(__typeof(vnet_entry_pf_anchors
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_anchors)), -1); (anchor) != ((void
*)0); (anchor) = pf_anchor_global_RB_NEXT(anchor))
2741 if (anchor->parent == NULL((void *)0) && nr++ == pr->nr) {
2742 strlcpy(pr->name, anchor->name,
2743 sizeof(pr->name));
2744 break;
2745 }
2746 } else {
2747 RB_FOREACH(anchor, pf_anchor_node,for ((anchor) = pf_anchor_node_RB_MINMAX(&ruleset->anchor
->children, -1); (anchor) != ((void *)0); (anchor) = pf_anchor_node_RB_NEXT
(anchor))
2748 &ruleset->anchor->children)for ((anchor) = pf_anchor_node_RB_MINMAX(&ruleset->anchor
->children, -1); (anchor) != ((void *)0); (anchor) = pf_anchor_node_RB_NEXT
(anchor))
2749 if (nr++ == pr->nr) {
2750 strlcpy(pr->name, anchor->name,
2751 sizeof(pr->name));
2752 break;
2753 }
2754 }
2755 if (!pr->name[0])
2756 error = EBUSY16;
2757 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2757 );
2758 break;
2759 }
2760
2761 case DIOCRCLRTABLES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((60)))): {
2762 struct pfioc_table *io = (struct pfioc_table *)addr;
2763
2764 if (io->pfrio_esize != 0) {
2765 error = ENODEV19;
2766 break;
2767 }
2768 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2768);
2769 error = pfr_clr_tables(&io->pfrio_table, &io->pfrio_ndel,
2770 io->pfrio_flags | PFR_FLAG_USERIOCTL0x10000000);
2771 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2771);
2772 break;
2773 }
2774
2775 case DIOCRADDTABLES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((61)))): {
2776 struct pfioc_table *io = (struct pfioc_table *)addr;
2777 struct pfr_table *pfrts;
2778 size_t totlen;
2779
2780 if (io->pfrio_esize != sizeof(struct pfr_table)) {
2781 error = ENODEV19;
2782 break;
2783 }
2784
2785 if (io->pfrio_size < 0 || io->pfrio_size > pf_ioctl_maxcount ||
2786 WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_table))) {
2787 error = ENOMEM12;
2788 break;
2789 }
2790
2791 totlen = io->pfrio_size * sizeof(struct pfr_table);
2792 pfrts = mallocarray(io->pfrio_size, sizeof(struct pfr_table),
2793 M_TEMP, M_WAITOK0x0002);
2794 error = copyin(io->pfrio_buffer, pfrts, totlen);
2795 if (error) {
2796 free(pfrts, M_TEMP);
2797 break;
2798 }
2799 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2799);
2800 error = pfr_add_tables(pfrts, io->pfrio_size,
2801 &io->pfrio_nadd, io->pfrio_flags | PFR_FLAG_USERIOCTL0x10000000);
2802 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2802);
2803 free(pfrts, M_TEMP);
2804 break;
2805 }
2806
2807 case DIOCRDELTABLES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((62)))): {
2808 struct pfioc_table *io = (struct pfioc_table *)addr;
2809 struct pfr_table *pfrts;
2810 size_t totlen;
2811
2812 if (io->pfrio_esize != sizeof(struct pfr_table)) {
2813 error = ENODEV19;
2814 break;
2815 }
2816
2817 if (io->pfrio_size < 0 || io->pfrio_size > pf_ioctl_maxcount ||
2818 WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_table))) {
2819 error = ENOMEM12;
2820 break;
2821 }
2822
2823 totlen = io->pfrio_size * sizeof(struct pfr_table);
2824 pfrts = mallocarray(io->pfrio_size, sizeof(struct pfr_table),
2825 M_TEMP, M_WAITOK0x0002);
2826 error = copyin(io->pfrio_buffer, pfrts, totlen);
2827 if (error) {
2828 free(pfrts, M_TEMP);
2829 break;
2830 }
2831 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2831);
2832 error = pfr_del_tables(pfrts, io->pfrio_size,
2833 &io->pfrio_ndel, io->pfrio_flags | PFR_FLAG_USERIOCTL0x10000000);
2834 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2834);
2835 free(pfrts, M_TEMP);
2836 break;
2837 }
2838
2839 case DIOCRGETTABLES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((63)))): {
2840 struct pfioc_table *io = (struct pfioc_table *)addr;
2841 struct pfr_table *pfrts;
2842 size_t totlen, n;
2843
2844 if (io->pfrio_esize != sizeof(struct pfr_table)) {
2845 error = ENODEV19;
2846 break;
2847 }
2848 PF_RULES_RLOCK()((void)_rm_rlock_debug((&pf_rules_lock),(&_pf_rules_tracker
), 0, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2848 ));
2849 n = pfr_table_count(&io->pfrio_table, io->pfrio_flags);
2850 io->pfrio_size = min(io->pfrio_size, n);
2851
2852 totlen = io->pfrio_size * sizeof(struct pfr_table);
2853
2854 pfrts = mallocarray(io->pfrio_size, sizeof(struct pfr_table),
2855 M_TEMP, M_NOWAIT0x0001);
2856 if (pfrts == NULL((void *)0)) {
2857 error = ENOMEM12;
2858 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2858 );
2859 break;
2860 }
2861 error = pfr_get_tables(&io->pfrio_table, pfrts,
2862 &io->pfrio_size, io->pfrio_flags | PFR_FLAG_USERIOCTL0x10000000);
2863 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 2863 );
2864 if (error == 0)
2865 error = copyout(pfrts, io->pfrio_buffer, totlen);
2866 free(pfrts, M_TEMP);
2867 break;
2868 }
2869
2870 case DIOCRGETTSTATS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((64)))): {
2871 struct pfioc_table *io = (struct pfioc_table *)addr;
2872 struct pfr_tstats *pfrtstats;
2873 size_t totlen, n;
2874
2875 if (io->pfrio_esize != sizeof(struct pfr_tstats)) {
2876 error = ENODEV19;
2877 break;
2878 }
2879 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2879);
2880 n = pfr_table_count(&io->pfrio_table, io->pfrio_flags);
2881 io->pfrio_size = min(io->pfrio_size, n);
2882
2883 totlen = io->pfrio_size * sizeof(struct pfr_tstats);
2884 pfrtstats = mallocarray(io->pfrio_size,
2885 sizeof(struct pfr_tstats), M_TEMP, M_NOWAIT0x0001);
2886 if (pfrtstats == NULL((void *)0)) {
2887 error = ENOMEM12;
2888 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2888);
2889 break;
2890 }
2891 error = pfr_get_tstats(&io->pfrio_table, pfrtstats,
2892 &io->pfrio_size, io->pfrio_flags | PFR_FLAG_USERIOCTL0x10000000);
2893 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2893);
2894 if (error == 0)
2895 error = copyout(pfrtstats, io->pfrio_buffer, totlen);
2896 free(pfrtstats, M_TEMP);
2897 break;
2898 }
2899
2900 case DIOCRCLRTSTATS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((65)))): {
2901 struct pfioc_table *io = (struct pfioc_table *)addr;
2902 struct pfr_table *pfrts;
2903 size_t totlen, n;
2904
2905 if (io->pfrio_esize != sizeof(struct pfr_table)) {
2906 error = ENODEV19;
2907 break;
2908 }
2909
2910 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2910);
2911 n = pfr_table_count(&io->pfrio_table, io->pfrio_flags);
2912 io->pfrio_size = min(io->pfrio_size, n);
2913
2914 totlen = io->pfrio_size * sizeof(struct pfr_table);
2915 pfrts = mallocarray(io->pfrio_size, sizeof(struct pfr_table),
2916 M_TEMP, M_NOWAIT0x0001);
2917 if (pfrts == NULL((void *)0)) {
2918 error = ENOMEM12;
2919 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2919);
2920 break;
2921 }
2922 error = copyin(io->pfrio_buffer, pfrts, totlen);
2923 if (error) {
2924 free(pfrts, M_TEMP);
2925 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2925);
2926 break;
2927 }
2928 error = pfr_clr_tstats(pfrts, io->pfrio_size,
2929 &io->pfrio_nzeropfrio_nadd, io->pfrio_flags | PFR_FLAG_USERIOCTL0x10000000);
2930 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2930);
2931 free(pfrts, M_TEMP);
2932 break;
2933 }
2934
2935 case DIOCRSETTFLAGS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((74)))): {
2936 struct pfioc_table *io = (struct pfioc_table *)addr;
2937 struct pfr_table *pfrts;
2938 size_t totlen, n;
2939
2940 if (io->pfrio_esize != sizeof(struct pfr_table)) {
2941 error = ENODEV19;
2942 break;
2943 }
2944
2945 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2945);
2946 n = pfr_table_count(&io->pfrio_table, io->pfrio_flags);
2947 io->pfrio_size = min(io->pfrio_size, n);
2948
2949 totlen = io->pfrio_size * sizeof(struct pfr_table);
2950 pfrts = mallocarray(io->pfrio_size, sizeof(struct pfr_table),
2951 M_TEMP, M_NOWAIT0x0001);
2952 if (pfrts == NULL((void *)0)) {
2953 error = ENOMEM12;
2954 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2954);
2955 break;
2956 }
2957 error = copyin(io->pfrio_buffer, pfrts, totlen);
2958 if (error) {
2959 free(pfrts, M_TEMP);
2960 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2960);
2961 break;
2962 }
2963 error = pfr_set_tflags(pfrts, io->pfrio_size,
2964 io->pfrio_setflagpfrio_size2, io->pfrio_clrflagpfrio_nadd, &io->pfrio_nchange,
2965 &io->pfrio_ndel, io->pfrio_flags | PFR_FLAG_USERIOCTL0x10000000);
2966 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2966);
2967 free(pfrts, M_TEMP);
2968 break;
2969 }
2970
2971 case DIOCRCLRADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((66)))): {
2972 struct pfioc_table *io = (struct pfioc_table *)addr;
2973
2974 if (io->pfrio_esize != 0) {
2975 error = ENODEV19;
2976 break;
2977 }
2978 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2978);
2979 error = pfr_clr_addrs(&io->pfrio_table, &io->pfrio_ndel,
2980 io->pfrio_flags | PFR_FLAG_USERIOCTL0x10000000);
2981 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 2981);
2982 break;
2983 }
2984
2985 case DIOCRADDADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((67)))): {
2986 struct pfioc_table *io = (struct pfioc_table *)addr;
2987 struct pfr_addr *pfras;
2988 size_t totlen;
2989
2990 if (io->pfrio_esize != sizeof(struct pfr_addr)) {
2991 error = ENODEV19;
2992 break;
2993 }
2994 if (io->pfrio_size < 0 ||
2995 io->pfrio_size > pf_ioctl_maxcount ||
2996 WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_addr))) {
2997 error = EINVAL22;
2998 break;
2999 }
3000 totlen = io->pfrio_size * sizeof(struct pfr_addr);
3001 pfras = mallocarray(io->pfrio_size, sizeof(struct pfr_addr),
3002 M_TEMP, M_NOWAIT0x0001);
3003 if (! pfras) {
3004 error = ENOMEM12;
3005 break;
3006 }
3007 error = copyin(io->pfrio_buffer, pfras, totlen);
3008 if (error) {
3009 free(pfras, M_TEMP);
3010 break;
3011 }
3012 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3012);
3013 error = pfr_add_addrs(&io->pfrio_table, pfras,
3014 io->pfrio_size, &io->pfrio_nadd, io->pfrio_flags |
3015 PFR_FLAG_USERIOCTL0x10000000);
3016 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3016);
3017 if (error == 0 && io->pfrio_flags & PFR_FLAG_FEEDBACK0x00000004)
3018 error = copyout(pfras, io->pfrio_buffer, totlen);
3019 free(pfras, M_TEMP);
3020 break;
3021 }
3022
3023 case DIOCRDELADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((68)))): {
3024 struct pfioc_table *io = (struct pfioc_table *)addr;
3025 struct pfr_addr *pfras;
3026 size_t totlen;
3027
3028 if (io->pfrio_esize != sizeof(struct pfr_addr)) {
3029 error = ENODEV19;
3030 break;
3031 }
3032 if (io->pfrio_size < 0 ||
3033 io->pfrio_size > pf_ioctl_maxcount ||
3034 WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_addr))) {
3035 error = EINVAL22;
3036 break;
3037 }
3038 totlen = io->pfrio_size * sizeof(struct pfr_addr);
3039 pfras = mallocarray(io->pfrio_size, sizeof(struct pfr_addr),
3040 M_TEMP, M_NOWAIT0x0001);
3041 if (! pfras) {
3042 error = ENOMEM12;
3043 break;
3044 }
3045 error = copyin(io->pfrio_buffer, pfras, totlen);
3046 if (error) {
3047 free(pfras, M_TEMP);
3048 break;
3049 }
3050 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3050);
3051 error = pfr_del_addrs(&io->pfrio_table, pfras,
3052 io->pfrio_size, &io->pfrio_ndel, io->pfrio_flags |
3053 PFR_FLAG_USERIOCTL0x10000000);
3054 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3054);
3055 if (error == 0 && io->pfrio_flags & PFR_FLAG_FEEDBACK0x00000004)
3056 error = copyout(pfras, io->pfrio_buffer, totlen);
3057 free(pfras, M_TEMP);
3058 break;
3059 }
3060
3061 case DIOCRSETADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((69)))): {
3062 struct pfioc_table *io = (struct pfioc_table *)addr;
3063 struct pfr_addr *pfras;
3064 size_t totlen, count;
3065
3066 if (io->pfrio_esize != sizeof(struct pfr_addr)) {
3067 error = ENODEV19;
3068 break;
3069 }
3070 if (io->pfrio_size < 0 || io->pfrio_size2 < 0) {
3071 error = EINVAL22;
3072 break;
3073 }
3074 count = max(io->pfrio_size, io->pfrio_size2);
3075 if (count > pf_ioctl_maxcount ||
3076 WOULD_OVERFLOW(count, sizeof(struct pfr_addr))) {
3077 error = EINVAL22;
3078 break;
3079 }
3080 totlen = count * sizeof(struct pfr_addr);
3081 pfras = mallocarray(count, sizeof(struct pfr_addr), M_TEMP,
3082 M_NOWAIT0x0001);
3083 if (! pfras) {
3084 error = ENOMEM12;
3085 break;
3086 }
3087 error = copyin(io->pfrio_buffer, pfras, totlen);
3088 if (error) {
3089 free(pfras, M_TEMP);
3090 break;
3091 }
3092 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3092);
3093 error = pfr_set_addrs(&io->pfrio_table, pfras,
3094 io->pfrio_size, &io->pfrio_size2, &io->pfrio_nadd,
3095 &io->pfrio_ndel, &io->pfrio_nchange, io->pfrio_flags |
3096 PFR_FLAG_USERIOCTL0x10000000, 0);
3097 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3097);
3098 if (error == 0 && io->pfrio_flags & PFR_FLAG_FEEDBACK0x00000004)
3099 error = copyout(pfras, io->pfrio_buffer, totlen);
3100 free(pfras, M_TEMP);
3101 break;
3102 }
3103
3104 case DIOCRGETADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((70)))): {
3105 struct pfioc_table *io = (struct pfioc_table *)addr;
3106 struct pfr_addr *pfras;
3107 size_t totlen;
3108
3109 if (io->pfrio_esize != sizeof(struct pfr_addr)) {
3110 error = ENODEV19;
3111 break;
3112 }
3113 if (io->pfrio_size < 0 ||
3114 io->pfrio_size > pf_ioctl_maxcount ||
3115 WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_addr))) {
3116 error = EINVAL22;
3117 break;
3118 }
3119 totlen = io->pfrio_size * sizeof(struct pfr_addr);
3120 pfras = mallocarray(io->pfrio_size, sizeof(struct pfr_addr),
3121 M_TEMP, M_NOWAIT0x0001);
3122 if (! pfras) {
3123 error = ENOMEM12;
3124 break;
3125 }
3126 PF_RULES_RLOCK()((void)_rm_rlock_debug((&pf_rules_lock),(&_pf_rules_tracker
), 0, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 3126 ));
3127 error = pfr_get_addrs(&io->pfrio_table, pfras,
3128 &io->pfrio_size, io->pfrio_flags | PFR_FLAG_USERIOCTL0x10000000);
3129 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 3129 );
3130 if (error == 0)
3131 error = copyout(pfras, io->pfrio_buffer, totlen);
3132 free(pfras, M_TEMP);
3133 break;
3134 }
3135
3136 case DIOCRGETASTATS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((71)))): {
3137 struct pfioc_table *io = (struct pfioc_table *)addr;
3138 struct pfr_astats *pfrastats;
3139 size_t totlen;
3140
3141 if (io->pfrio_esize != sizeof(struct pfr_astats)) {
3142 error = ENODEV19;
3143 break;
3144 }
3145 if (io->pfrio_size < 0 ||
3146 io->pfrio_size > pf_ioctl_maxcount ||
3147 WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_astats))) {
3148 error = EINVAL22;
3149 break;
3150 }
3151 totlen = io->pfrio_size * sizeof(struct pfr_astats);
3152 pfrastats = mallocarray(io->pfrio_size,
3153 sizeof(struct pfr_astats), M_TEMP, M_NOWAIT0x0001);
3154 if (! pfrastats) {
3155 error = ENOMEM12;
3156 break;
3157 }
3158 PF_RULES_RLOCK()((void)_rm_rlock_debug((&pf_rules_lock),(&_pf_rules_tracker
), 0, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 3158 ));
3159 error = pfr_get_astats(&io->pfrio_table, pfrastats,
3160 &io->pfrio_size, io->pfrio_flags | PFR_FLAG_USERIOCTL0x10000000);
3161 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 3161 );
3162 if (error == 0)
3163 error = copyout(pfrastats, io->pfrio_buffer, totlen);
3164 free(pfrastats, M_TEMP);
3165 break;
3166 }
3167
3168 case DIOCRCLRASTATS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((72)))): {
3169 struct pfioc_table *io = (struct pfioc_table *)addr;
3170 struct pfr_addr *pfras;
3171 size_t totlen;
3172
3173 if (io->pfrio_esize != sizeof(struct pfr_addr)) {
3174 error = ENODEV19;
3175 break;
3176 }
3177 if (io->pfrio_size < 0 ||
3178 io->pfrio_size > pf_ioctl_maxcount ||
3179 WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_addr))) {
3180 error = EINVAL22;
3181 break;
3182 }
3183 totlen = io->pfrio_size * sizeof(struct pfr_addr);
3184 pfras = mallocarray(io->pfrio_size, sizeof(struct pfr_addr),
3185 M_TEMP, M_NOWAIT0x0001);
3186 if (! pfras) {
3187 error = ENOMEM12;
3188 break;
3189 }
3190 error = copyin(io->pfrio_buffer, pfras, totlen);
3191 if (error) {
3192 free(pfras, M_TEMP);
3193 break;
3194 }
3195 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3195);
3196 error = pfr_clr_astats(&io->pfrio_table, pfras,
3197 io->pfrio_size, &io->pfrio_nzeropfrio_nadd, io->pfrio_flags |
3198 PFR_FLAG_USERIOCTL0x10000000);
3199 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3199);
3200 if (error == 0 && io->pfrio_flags & PFR_FLAG_FEEDBACK0x00000004)
3201 error = copyout(pfras, io->pfrio_buffer, totlen);
3202 free(pfras, M_TEMP);
3203 break;
3204 }
3205
3206 case DIOCRTSTADDRS((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((73)))): {
3207 struct pfioc_table *io = (struct pfioc_table *)addr;
3208 struct pfr_addr *pfras;
3209 size_t totlen;
3210
3211 if (io->pfrio_esize != sizeof(struct pfr_addr)) {
3212 error = ENODEV19;
3213 break;
3214 }
3215 if (io->pfrio_size < 0 ||
3216 io->pfrio_size > pf_ioctl_maxcount ||
3217 WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_addr))) {
3218 error = EINVAL22;
3219 break;
3220 }
3221 totlen = io->pfrio_size * sizeof(struct pfr_addr);
3222 pfras = mallocarray(io->pfrio_size, sizeof(struct pfr_addr),
3223 M_TEMP, M_NOWAIT0x0001);
3224 if (! pfras) {
3225 error = ENOMEM12;
3226 break;
3227 }
3228 error = copyin(io->pfrio_buffer, pfras, totlen);
3229 if (error) {
3230 free(pfras, M_TEMP);
3231 break;
3232 }
3233 PF_RULES_RLOCK()((void)_rm_rlock_debug((&pf_rules_lock),(&_pf_rules_tracker
), 0, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 3233 ));
3234 error = pfr_tst_addrs(&io->pfrio_table, pfras,
3235 io->pfrio_size, &io->pfrio_nmatchpfrio_nadd, io->pfrio_flags |
3236 PFR_FLAG_USERIOCTL0x10000000);
3237 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 3237 );
3238 if (error == 0)
3239 error = copyout(pfras, io->pfrio_buffer, totlen);
3240 free(pfras, M_TEMP);
3241 break;
3242 }
3243
3244 case DIOCRINADEFINE((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_table)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((77)))): {
3245 struct pfioc_table *io = (struct pfioc_table *)addr;
3246 struct pfr_addr *pfras;
3247 size_t totlen;
3248
3249 if (io->pfrio_esize != sizeof(struct pfr_addr)) {
3250 error = ENODEV19;
3251 break;
3252 }
3253 if (io->pfrio_size < 0 ||
3254 io->pfrio_size > pf_ioctl_maxcount ||
3255 WOULD_OVERFLOW(io->pfrio_size, sizeof(struct pfr_addr))) {
3256 error = EINVAL22;
3257 break;
3258 }
3259 totlen = io->pfrio_size * sizeof(struct pfr_addr);
3260 pfras = mallocarray(io->pfrio_size, sizeof(struct pfr_addr),
3261 M_TEMP, M_NOWAIT0x0001);
3262 if (! pfras) {
3263 error = ENOMEM12;
3264 break;
3265 }
3266 error = copyin(io->pfrio_buffer, pfras, totlen);
3267 if (error) {
3268 free(pfras, M_TEMP);
3269 break;
3270 }
3271 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3271);
3272 error = pfr_ina_define(&io->pfrio_table, pfras,
3273 io->pfrio_size, &io->pfrio_nadd, &io->pfrio_naddrpfrio_size2,
3274 io->pfrio_ticket, io->pfrio_flags | PFR_FLAG_USERIOCTL0x10000000);
3275 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3275);
3276 free(pfras, M_TEMP);
3277 break;
3278 }
3279
3280 case DIOCOSFPADD((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pf_osfp_ioctl)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((79)))): {
3281 struct pf_osfp_ioctl *io = (struct pf_osfp_ioctl *)addr;
3282 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3282);
3283 error = pf_osfp_add(io);
3284 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3284);
3285 break;
3286 }
3287
3288 case DIOCOSFPGET((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pf_osfp_ioctl)) & ((1 << 13) - 1)) << 16) | (
(('D')) << 8) | ((80)))): {
3289 struct pf_osfp_ioctl *io = (struct pf_osfp_ioctl *)addr;
3290 PF_RULES_RLOCK()((void)_rm_rlock_debug((&pf_rules_lock),(&_pf_rules_tracker
), 0, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 3290 ));
3291 error = pf_osfp_get(io);
3292 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 3292 );
3293 break;
3294 }
3295
3296 case DIOCXBEGIN((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_trans)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((81)))): {
3297 struct pfioc_trans *io = (struct pfioc_trans *)addr;
3298 struct pfioc_trans_e *ioes, *ioe;
3299 size_t totlen;
3300 int i;
3301
3302 if (io->esize != sizeof(*ioe)) {
3303 error = ENODEV19;
3304 break;
3305 }
3306 if (io->size < 0 ||
3307 io->size > pf_ioctl_maxcount ||
3308 WOULD_OVERFLOW(io->size, sizeof(struct pfioc_trans_e))) {
3309 error = EINVAL22;
3310 break;
3311 }
3312 totlen = sizeof(struct pfioc_trans_e) * io->size;
3313 ioes = mallocarray(io->size, sizeof(struct pfioc_trans_e),
3314 M_TEMP, M_NOWAIT0x0001);
3315 if (! ioes) {
3316 error = ENOMEM12;
3317 break;
3318 }
3319 error = copyin(io->array, ioes, totlen);
3320 if (error) {
3321 free(ioes, M_TEMP);
3322 break;
3323 }
3324 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3324);
3325 for (i = 0, ioe = ioes; i < io->size; i++, ioe++) {
3326 switch (ioe->rs_num) {
3327#ifdef ALTQ
3328 case PF_RULESET_ALTQ(PF_RULESET_MAX):
3329 if (ioe->anchor[0]) {
3330 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3330);
3331 free(ioes, M_TEMP);
3332 error = EINVAL22;
3333 goto fail;
3334 }
3335 if ((error = pf_begin_altq(&ioe->ticket))) {
3336 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3336);
3337 free(ioes, M_TEMP);
3338 goto fail;
3339 }
3340 break;
3341#endif /* ALTQ */
3342 case PF_RULESET_TABLE(PF_RULESET_MAX+1):
3343 {
3344 struct pfr_table table;
3345
3346 bzero(&table, sizeof(table))__builtin_memset((&table), 0, (sizeof(table)));
3347 strlcpy(table.pfrt_anchor, ioe->anchor,
3348 sizeof(table.pfrt_anchor));
3349 if ((error = pfr_ina_begin(&table,
3350 &ioe->ticket, NULL((void *)0), 0))) {
3351 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3351);
3352 free(ioes, M_TEMP);
3353 goto fail;
3354 }
3355 break;
3356 }
3357 default:
3358 if ((error = pf_begin_rules(&ioe->ticket,
3359 ioe->rs_num, ioe->anchor))) {
3360 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3360);
3361 free(ioes, M_TEMP);
3362 goto fail;
3363 }
3364 break;
3365 }
3366 }
3367 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3367);
3368 error = copyout(ioes, io->array, totlen);
3369 free(ioes, M_TEMP);
3370 break;
3371 }
3372
3373 case DIOCXROLLBACK((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_trans)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((83)))): {
3374 struct pfioc_trans *io = (struct pfioc_trans *)addr;
3375 struct pfioc_trans_e *ioe, *ioes;
3376 size_t totlen;
3377 int i;
3378
3379 if (io->esize != sizeof(*ioe)) {
3380 error = ENODEV19;
3381 break;
3382 }
3383 if (io->size < 0 ||
3384 io->size > pf_ioctl_maxcount ||
3385 WOULD_OVERFLOW(io->size, sizeof(struct pfioc_trans_e))) {
3386 error = EINVAL22;
3387 break;
3388 }
3389 totlen = sizeof(struct pfioc_trans_e) * io->size;
3390 ioes = mallocarray(io->size, sizeof(struct pfioc_trans_e),
3391 M_TEMP, M_NOWAIT0x0001);
3392 if (! ioes) {
3393 error = ENOMEM12;
3394 break;
3395 }
3396 error = copyin(io->array, ioes, totlen);
3397 if (error) {
3398 free(ioes, M_TEMP);
3399 break;
3400 }
3401 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3401);
3402 for (i = 0, ioe = ioes; i < io->size; i++, ioe++) {
3403 switch (ioe->rs_num) {
3404#ifdef ALTQ
3405 case PF_RULESET_ALTQ(PF_RULESET_MAX):
3406 if (ioe->anchor[0]) {
3407 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3407);
3408 free(ioes, M_TEMP);
3409 error = EINVAL22;
3410 goto fail;
3411 }
3412 if ((error = pf_rollback_altq(ioe->ticket))) {
3413 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3413);
3414 free(ioes, M_TEMP);
3415 goto fail; /* really bad */
3416 }
3417 break;
3418#endif /* ALTQ */
3419 case PF_RULESET_TABLE(PF_RULESET_MAX+1):
3420 {
3421 struct pfr_table table;
3422
3423 bzero(&table, sizeof(table))__builtin_memset((&table), 0, (sizeof(table)));
3424 strlcpy(table.pfrt_anchor, ioe->anchor,
3425 sizeof(table.pfrt_anchor));
3426 if ((error = pfr_ina_rollback(&table,
3427 ioe->ticket, NULL((void *)0), 0))) {
3428 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3428);
3429 free(ioes, M_TEMP);
3430 goto fail; /* really bad */
3431 }
3432 break;
3433 }
3434 default:
3435 if ((error = pf_rollback_rules(ioe->ticket,
3436 ioe->rs_num, ioe->anchor))) {
3437 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3437);
3438 free(ioes, M_TEMP);
3439 goto fail; /* really bad */
3440 }
3441 break;
3442 }
3443 }
3444 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3444);
3445 free(ioes, M_TEMP);
3446 break;
3447 }
3448
3449 case DIOCXCOMMIT((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_trans)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((82)))): {
3450 struct pfioc_trans *io = (struct pfioc_trans *)addr;
3451 struct pfioc_trans_e *ioe, *ioes;
3452 struct pf_ruleset *rs;
3453 size_t totlen;
3454 int i;
3455
3456 if (io->esize != sizeof(*ioe)) {
3457 error = ENODEV19;
3458 break;
3459 }
3460
3461 if (io->size < 0 ||
3462 io->size > pf_ioctl_maxcount ||
3463 WOULD_OVERFLOW(io->size, sizeof(struct pfioc_trans_e))) {
3464 error = EINVAL22;
3465 break;
3466 }
3467
3468 totlen = sizeof(struct pfioc_trans_e) * io->size;
3469 ioes = mallocarray(io->size, sizeof(struct pfioc_trans_e),
3470 M_TEMP, M_NOWAIT0x0001);
3471 if (ioes == NULL((void *)0)) {
3472 error = ENOMEM12;
3473 break;
3474 }
3475 error = copyin(io->array, ioes, totlen);
3476 if (error) {
3477 free(ioes, M_TEMP);
3478 break;
3479 }
3480 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3480);
3481 /* First makes sure everything will succeed. */
3482 for (i = 0, ioe = ioes; i < io->size; i++, ioe++) {
3483 switch (ioe->rs_num) {
3484#ifdef ALTQ
3485 case PF_RULESET_ALTQ(PF_RULESET_MAX):
3486 if (ioe->anchor[0]) {
3487 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3487);
3488 free(ioes, M_TEMP);
3489 error = EINVAL22;
3490 goto fail;
3491 }
3492 if (!V_altqs_inactive_open(*(__typeof(vnet_entry_altqs_inactive_open)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_altqs_inactive_open
)) || ioe->ticket !=
3493 V_ticket_altqs_inactive(*(__typeof(vnet_entry_ticket_altqs_inactive)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_ticket_altqs_inactive
))) {
3494 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3494);
3495 free(ioes, M_TEMP);
3496 error = EBUSY16;
3497 goto fail;
3498 }
3499 break;
3500#endif /* ALTQ */
3501 case PF_RULESET_TABLE(PF_RULESET_MAX+1):
3502 rs = pf_find_ruleset(ioe->anchor);
3503 if (rs == NULL((void *)0) || !rs->topen || ioe->ticket !=
3504 rs->tticket) {
3505 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3505);
3506 free(ioes, M_TEMP);
3507 error = EBUSY16;
3508 goto fail;
3509 }
3510 break;
3511 default:
3512 if (ioe->rs_num < 0 || ioe->rs_num >=
3513 PF_RULESET_MAX) {
3514 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3514);
3515 free(ioes, M_TEMP);
3516 error = EINVAL22;
3517 goto fail;
3518 }
3519 rs = pf_find_ruleset(ioe->anchor);
3520 if (rs == NULL((void *)0) ||
3521 !rs->rules[ioe->rs_num].inactive.open ||
3522 rs->rules[ioe->rs_num].inactive.ticket !=
3523 ioe->ticket) {
3524 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3524);
3525 free(ioes, M_TEMP);
3526 error = EBUSY16;
3527 goto fail;
3528 }
3529 break;
3530 }
3531 }
3532 /* Now do the commit - no errors should happen here. */
3533 for (i = 0, ioe = ioes; i < io->size; i++, ioe++) {
3534 switch (ioe->rs_num) {
3535#ifdef ALTQ
3536 case PF_RULESET_ALTQ(PF_RULESET_MAX):
3537 if ((error = pf_commit_altq(ioe->ticket))) {
3538 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3538);
3539 free(ioes, M_TEMP);
3540 goto fail; /* really bad */
3541 }
3542 break;
3543#endif /* ALTQ */
3544 case PF_RULESET_TABLE(PF_RULESET_MAX+1):
3545 {
3546 struct pfr_table table;
3547
3548 bzero(&table, sizeof(table))__builtin_memset((&table), 0, (sizeof(table)));
3549 strlcpy(table.pfrt_anchor, ioe->anchor,
3550 sizeof(table.pfrt_anchor));
3551 if ((error = pfr_ina_commit(&table,
3552 ioe->ticket, NULL((void *)0), NULL((void *)0), 0))) {
3553 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3553);
3554 free(ioes, M_TEMP);
3555 goto fail; /* really bad */
3556 }
3557 break;
3558 }
3559 default:
3560 if ((error = pf_commit_rules(ioe->ticket,
3561 ioe->rs_num, ioe->anchor))) {
3562 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3562);
3563 free(ioes, M_TEMP);
3564 goto fail; /* really bad */
3565 }
3566 break;
3567 }
3568 }
3569 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3569);
3570 free(ioes, M_TEMP);
3571 break;
3572 }
3573
3574 case DIOCGETSRCNODES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_src_nodes)) & ((1 << 13) - 1)) << 16) |
((('D')) << 8) | ((84)))): {
3575 struct pfioc_src_nodes *psn = (struct pfioc_src_nodes *)addr;
3576 struct pf_srchash *sh;
3577 struct pf_src_node *n, *p, *pstore;
3578 uint32_t i, nr = 0;
3579
3580 if (psn->psn_len == 0) {
10
Assuming the condition is false
11
Taking false branch
3581 for (i = 0, sh = V_pf_srchash(*(__typeof(vnet_entry_pf_srchash)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_srchash
)); i <= pf_srchashmask;
3582 i++, sh++) {
3583 PF_HASHROW_LOCK(sh)__mtx_lock_flags(&((((&(sh)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (3583));
3584 LIST_FOREACH(n, &sh->nodes, entry)for ((n) = (((&sh->nodes))->lh_first); (n); (n) = (
((n))->entry.le_next))
3585 nr++;
3586 PF_HASHROW_UNLOCK(sh)__mtx_unlock_flags(&((((&(sh)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (3586));
3587 }
3588 psn->psn_len = sizeof(struct pf_src_node) * nr;
3589 break;
3590 }
3591
3592 p = pstore = malloc(psn->psn_len, M_TEMP, M_WAITOK0x0002);
3593 for (i = 0, sh = V_pf_srchash(*(__typeof(vnet_entry_pf_srchash)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_srchash
)); i <= pf_srchashmask;
12
Loop condition is true. Entering loop body
23
Assuming 'i' is > 'pf_srchashmask'
24
Loop condition is false. Execution continues on line 3624
3594 i++, sh++) {
3595 PF_HASHROW_LOCK(sh)__mtx_lock_flags(&((((&(sh)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (3595));
3596 LIST_FOREACH(n, &sh->nodes, entry)for ((n) = (((&sh->nodes))->lh_first); (n); (n) = (
((n))->entry.le_next)) {
13
Loop condition is true. Entering loop body
22
Loop condition is false. Execution continues on line 3622
3597 int secs = time_uptime, diff;
3598
3599 if ((nr + 1) * sizeof(*p) > (unsigned)psn->psn_len)
14
Assuming the condition is false
15
Taking false branch
3600 break;
3601
3602 bcopy(n, p, sizeof(struct pf_src_node))__builtin_memmove((p), (n), (sizeof(struct pf_src_node)));
3603 if (n->rule.ptr != NULL((void *)0))
16
Assuming the condition is false
17
Taking false branch
3604 p->rule.nr = n->rule.ptr->nr;
3605 p->creation = secs - p->creation;
3606 if (p->expire > secs)
18
Assuming the condition is false
19
Taking false branch
3607 p->expire -= secs;
3608 else
3609 p->expire = 0;
3610
3611 /* Adjust the connection rate estimate. */
3612 diff = secs - n->conn_rate.last;
3613 if (diff >= n->conn_rate.seconds)
20
Assuming the condition is true
21
Taking true branch
3614 p->conn_rate.count = 0;
3615 else
3616 p->conn_rate.count -=
3617 n->conn_rate.count * diff /
3618 n->conn_rate.seconds;
3619 p++;
3620 nr++;
3621 }
3622 PF_HASHROW_UNLOCK(sh)__mtx_unlock_flags(&((((&(sh)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (3622));
3623 }
3624 error = copyout(pstore, psn->psn_src_nodespsn_u.psu_src_nodes,
25
Copies out a struct with a union element with different sizes
3625 sizeof(struct pf_src_node) * nr);
3626 if (error) {
3627 free(pstore, M_TEMP);
3628 break;
3629 }
3630 psn->psn_len = sizeof(struct pf_src_node) * nr;
3631 free(pstore, M_TEMP);
3632 break;
3633 }
3634
3635 case DIOCCLRSRCNODES((unsigned long) ((0x20000000) | (((0) & ((1 << 13)
- 1)) << 16) | ((('D')) << 8) | ((85)))): {
3636
3637 pf_clear_srcnodes(NULL((void *)0));
3638 pf_purge_expired_src_nodes();
3639 break;
3640 }
3641
3642 case DIOCKILLSRCNODES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_src_node_kill)) & ((1 << 13) - 1)) << 16
) | ((('D')) << 8) | ((91)))):
3643 pf_kill_srcnodes((struct pfioc_src_node_kill *)addr);
3644 break;
3645
3646 case DIOCSETHOSTID((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(u_int32_t
)) & ((1 << 13) - 1)) << 16) | ((('D')) <<
8) | ((86)))): {
3647 u_int32_t *hostid = (u_int32_t *)addr;
3648
3649 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3649);
3650 if (*hostid == 0)
3651 V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).hostid = arc4random();
3652 else
3653 V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).hostid = *hostid;
3654 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3654);
3655 break;
3656 }
3657
3658 case DIOCOSFPFLUSH((unsigned long) ((0x20000000) | (((0) & ((1 << 13)
- 1)) << 16) | ((('D')) << 8) | ((78)))):
3659 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3659);
3660 pf_osfp_flush();
3661 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3661);
3662 break;
3663
3664 case DIOCIGETIFACES((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_iface)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((87)))): {
3665 struct pfioc_iface *io = (struct pfioc_iface *)addr;
3666 struct pfi_kif *ifstore;
3667 size_t bufsiz;
3668
3669 if (io->pfiio_esize != sizeof(struct pfi_kif)) {
3670 error = ENODEV19;
3671 break;
3672 }
3673
3674 if (io->pfiio_size < 0 ||
3675 io->pfiio_size > pf_ioctl_maxcount ||
3676 WOULD_OVERFLOW(io->pfiio_size, sizeof(struct pfi_kif))) {
3677 error = EINVAL22;
3678 break;
3679 }
3680
3681 bufsiz = io->pfiio_size * sizeof(struct pfi_kif);
3682 ifstore = mallocarray(io->pfiio_size, sizeof(struct pfi_kif),
3683 M_TEMP, M_NOWAIT0x0001);
3684 if (ifstore == NULL((void *)0)) {
3685 error = ENOMEM12;
3686 break;
3687 }
3688
3689 PF_RULES_RLOCK()((void)_rm_rlock_debug((&pf_rules_lock),(&_pf_rules_tracker
), 0, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 3689 ));
3690 pfi_get_ifaces(io->pfiio_name, ifstore, &io->pfiio_size);
3691 PF_RULES_RUNLOCK()_rm_runlock_debug((&pf_rules_lock), (&_pf_rules_tracker
), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 3691 );
3692 error = copyout(ifstore, io->pfiio_buffer, bufsiz);
3693 free(ifstore, M_TEMP);
3694 break;
3695 }
3696
3697 case DIOCSETIFFLAG((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_iface)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((89)))): {
3698 struct pfioc_iface *io = (struct pfioc_iface *)addr;
3699
3700 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3700);
3701 error = pfi_set_flags(io->pfiio_name, io->pfiio_flags);
3702 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3702);
3703 break;
3704 }
3705
3706 case DIOCCLRIFFLAG((unsigned long) (((0x80000000|0x40000000)) | (((sizeof(struct
pfioc_iface)) & ((1 << 13) - 1)) << 16) | ((
('D')) << 8) | ((90)))): {
3707 struct pfioc_iface *io = (struct pfioc_iface *)addr;
3708
3709 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3709);
3710 error = pfi_clear_flags(io->pfiio_name, io->pfiio_flags);
3711 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 3711);
3712 break;
3713 }
3714
3715 default:
3716 error = ENODEV19;
3717 break;
3718 }
3719fail:
3720 if (sx_xlocked(&pf_ioctl_lock)(((&pf_ioctl_lock)->sx_lock & ~((0x01 | 0x02 | 0x04
| 0x10 | 0x08) & ~0x01)) == (uintptr_t)(__curthread())))
3721 sx_xunlock(&pf_ioctl_lock)_sx_xunlock(((&pf_ioctl_lock)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
), (3721));
3722 CURVNET_RESTORE()do { if (!((__curthread())->td_vnet != ((void *)0) &&
(saved_vnet == ((void *)0) || saved_vnet->vnet_magic_n ==
0x3e0d8f29))) panic ("CURVNET_RESTORE at %s:%d %s() curvnet=%p saved_vnet=%p"
, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 3722, __func__, (
__curthread())->td_vnet, saved_vnet); } while (0); (__curthread
())->td_vnet = saved_vnet;;
3723
3724 return (error);
3725}
3726
3727void
3728pfsync_state_export(struct pfsync_state *sp, struct pf_state *st)
3729{
3730 bzero(sp, sizeof(struct pfsync_state))__builtin_memset((sp), 0, (sizeof(struct pfsync_state)));
3731
3732 /* copy from state key */
3733 sp->key[PF_SK_WIRE].addr[0] = st->key[PF_SK_WIRE]->addr[0];
3734 sp->key[PF_SK_WIRE].addr[1] = st->key[PF_SK_WIRE]->addr[1];
3735 sp->key[PF_SK_WIRE].port[0] = st->key[PF_SK_WIRE]->port[0];
3736 sp->key[PF_SK_WIRE].port[1] = st->key[PF_SK_WIRE]->port[1];
3737 sp->key[PF_SK_STACK].addr[0] = st->key[PF_SK_STACK]->addr[0];
3738 sp->key[PF_SK_STACK].addr[1] = st->key[PF_SK_STACK]->addr[1];
3739 sp->key[PF_SK_STACK].port[0] = st->key[PF_SK_STACK]->port[0];
3740 sp->key[PF_SK_STACK].port[1] = st->key[PF_SK_STACK]->port[1];
3741 sp->proto = st->key[PF_SK_WIRE]->proto;
3742 sp->af = st->key[PF_SK_WIRE]->af;
3743
3744 /* copy from state */
3745 strlcpy(sp->ifname, st->kif->pfik_name, sizeof(sp->ifname));
3746 bcopy(&st->rt_addr, &sp->rt_addr, sizeof(sp->rt_addr))__builtin_memmove((&sp->rt_addr), (&st->rt_addr
), (sizeof(sp->rt_addr)));
3747 sp->creation = htonl(time_uptime - st->creation)(__builtin_constant_p(time_uptime - st->creation) ? (((__uint32_t
)((__uint16_t)(__builtin_constant_p(((__uint32_t)(time_uptime
- st->creation)) & 0xffff) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)(time_uptime - st->creation)) & 0xffff)
) << 8 | ((__uint16_t)(((__uint32_t)(time_uptime - st->
creation)) & 0xffff)) >> 8) : __bswap16_var(((__uint32_t
)(time_uptime - st->creation)) & 0xffff))) << 16
) | ((__uint16_t)(__builtin_constant_p(((__uint32_t)(time_uptime
- st->creation)) >> 16) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)(time_uptime - st->creation)) >> 16))
<< 8 | ((__uint16_t)(((__uint32_t)(time_uptime - st->
creation)) >> 16)) >> 8) : __bswap16_var(((__uint32_t
)(time_uptime - st->creation)) >> 16)))) : __bswap32_var
(time_uptime - st->creation));
3748 sp->expire = pf_state_expires(st);
3749 if (sp->expire <= time_uptime)
3750 sp->expire = htonl(0)(__builtin_constant_p(0) ? (((__uint32_t)((__uint16_t)(__builtin_constant_p
(((__uint32_t)(0)) & 0xffff) ? (__uint16_t)(((__uint16_t)
(((__uint32_t)(0)) & 0xffff)) << 8 | ((__uint16_t)(
((__uint32_t)(0)) & 0xffff)) >> 8) : __bswap16_var(
((__uint32_t)(0)) & 0xffff))) << 16) | ((__uint16_t
)(__builtin_constant_p(((__uint32_t)(0)) >> 16) ? (__uint16_t
)(((__uint16_t)(((__uint32_t)(0)) >> 16)) << 8 | (
(__uint16_t)(((__uint32_t)(0)) >> 16)) >> 8) : __bswap16_var
(((__uint32_t)(0)) >> 16)))) : __bswap32_var(0));
3751 else
3752 sp->expire = htonl(sp->expire - time_uptime)(__builtin_constant_p(sp->expire - time_uptime) ? (((__uint32_t
)((__uint16_t)(__builtin_constant_p(((__uint32_t)(sp->expire
- time_uptime)) & 0xffff) ? (__uint16_t)(((__uint16_t)((
(__uint32_t)(sp->expire - time_uptime)) & 0xffff)) <<
8 | ((__uint16_t)(((__uint32_t)(sp->expire - time_uptime)
) & 0xffff)) >> 8) : __bswap16_var(((__uint32_t)(sp
->expire - time_uptime)) & 0xffff))) << 16) | ((
__uint16_t)(__builtin_constant_p(((__uint32_t)(sp->expire -
time_uptime)) >> 16) ? (__uint16_t)(((__uint16_t)(((__uint32_t
)(sp->expire - time_uptime)) >> 16)) << 8 | ((
__uint16_t)(((__uint32_t)(sp->expire - time_uptime)) >>
16)) >> 8) : __bswap16_var(((__uint32_t)(sp->expire
- time_uptime)) >> 16)))) : __bswap32_var(sp->expire
- time_uptime));
3753
3754 sp->direction = st->direction;
3755 sp->log = st->log;
3756 sp->timeout = st->timeout;
3757 sp->state_flags = st->state_flags;
3758 if (st->src_node)
3759 sp->sync_flags |= PFSYNC_FLAG_SRCNODE0x04;
3760 if (st->nat_src_node)
3761 sp->sync_flags |= PFSYNC_FLAG_NATSRCNODE0x08;
3762
3763 sp->id = st->id;
3764 sp->creatorid = st->creatorid;
3765 pf_state_peer_hton(&st->src, &sp->src)do { (&sp->src)->seqlo = (__builtin_constant_p((&
st->src)->seqlo) ? (((__uint32_t)((__uint16_t)(__builtin_constant_p
(((__uint32_t)((&st->src)->seqlo)) & 0xffff) ? (
__uint16_t)(((__uint16_t)(((__uint32_t)((&st->src)->
seqlo)) & 0xffff)) << 8 | ((__uint16_t)(((__uint32_t
)((&st->src)->seqlo)) & 0xffff)) >> 8) : __bswap16_var
(((__uint32_t)((&st->src)->seqlo)) & 0xffff))) <<
16) | ((__uint16_t)(__builtin_constant_p(((__uint32_t)((&
st->src)->seqlo)) >> 16) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)((&st->src)->seqlo)) >> 16)) <<
8 | ((__uint16_t)(((__uint32_t)((&st->src)->seqlo)
) >> 16)) >> 8) : __bswap16_var(((__uint32_t)((&
st->src)->seqlo)) >> 16)))) : __bswap32_var((&
st->src)->seqlo)); (&sp->src)->seqhi = (__builtin_constant_p
((&st->src)->seqhi) ? (((__uint32_t)((__uint16_t)(__builtin_constant_p
(((__uint32_t)((&st->src)->seqhi)) & 0xffff) ? (
__uint16_t)(((__uint16_t)(((__uint32_t)((&st->src)->
seqhi)) & 0xffff)) << 8 | ((__uint16_t)(((__uint32_t
)((&st->src)->seqhi)) & 0xffff)) >> 8) : __bswap16_var
(((__uint32_t)((&st->src)->seqhi)) & 0xffff))) <<
16) | ((__uint16_t)(__builtin_constant_p(((__uint32_t)((&
st->src)->seqhi)) >> 16) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)((&st->src)->seqhi)) >> 16)) <<
8 | ((__uint16_t)(((__uint32_t)((&st->src)->seqhi)
) >> 16)) >> 8) : __bswap16_var(((__uint32_t)((&
st->src)->seqhi)) >> 16)))) : __bswap32_var((&
st->src)->seqhi)); (&sp->src)->seqdiff = (__builtin_constant_p
((&st->src)->seqdiff) ? (((__uint32_t)((__uint16_t)
(__builtin_constant_p(((__uint32_t)((&st->src)->seqdiff
)) & 0xffff) ? (__uint16_t)(((__uint16_t)(((__uint32_t)((
&st->src)->seqdiff)) & 0xffff)) << 8 | ((
__uint16_t)(((__uint32_t)((&st->src)->seqdiff)) &
0xffff)) >> 8) : __bswap16_var(((__uint32_t)((&st->
src)->seqdiff)) & 0xffff))) << 16) | ((__uint16_t
)(__builtin_constant_p(((__uint32_t)((&st->src)->seqdiff
)) >> 16) ? (__uint16_t)(((__uint16_t)(((__uint32_t)((&
st->src)->seqdiff)) >> 16)) << 8 | ((__uint16_t
)(((__uint32_t)((&st->src)->seqdiff)) >> 16))
>> 8) : __bswap16_var(((__uint32_t)((&st->src)->
seqdiff)) >> 16)))) : __bswap32_var((&st->src)->
seqdiff)); (&sp->src)->max_win = ((__uint16_t)(__builtin_constant_p
((&st->src)->max_win) ? (__uint16_t)(((__uint16_t)(
(&st->src)->max_win)) << 8 | ((__uint16_t)((&
st->src)->max_win)) >> 8) : __bswap16_var((&st
->src)->max_win))); (&sp->src)->mss = ((__uint16_t
)(__builtin_constant_p((&st->src)->mss) ? (__uint16_t
)(((__uint16_t)((&st->src)->mss)) << 8 | ((__uint16_t
)((&st->src)->mss)) >> 8) : __bswap16_var((&
st->src)->mss))); (&sp->src)->state = (&st
->src)->state; (&sp->src)->wscale = (&st->
src)->wscale; if ((&st->src)->scrub) { (&sp->
src)->scrub.pfss_flags = ((__uint16_t)(__builtin_constant_p
((&st->src)->scrub->pfss_flags & 0x0001) ? (
__uint16_t)(((__uint16_t)((&st->src)->scrub->pfss_flags
& 0x0001)) << 8 | ((__uint16_t)((&st->src)->
scrub->pfss_flags & 0x0001)) >> 8) : __bswap16_var
((&st->src)->scrub->pfss_flags & 0x0001))); (
&sp->src)->scrub.pfss_ttl = (&st->src)->scrub
->pfss_ttl; (&sp->src)->scrub.pfss_ts_mod = (__builtin_constant_p
((&st->src)->scrub->pfss_ts_mod) ? (((__uint32_t
)((__uint16_t)(__builtin_constant_p(((__uint32_t)((&st->
src)->scrub->pfss_ts_mod)) & 0xffff) ? (__uint16_t)
(((__uint16_t)(((__uint32_t)((&st->src)->scrub->
pfss_ts_mod)) & 0xffff)) << 8 | ((__uint16_t)(((__uint32_t
)((&st->src)->scrub->pfss_ts_mod)) & 0xffff)
) >> 8) : __bswap16_var(((__uint32_t)((&st->src)
->scrub->pfss_ts_mod)) & 0xffff))) << 16) | (
(__uint16_t)(__builtin_constant_p(((__uint32_t)((&st->
src)->scrub->pfss_ts_mod)) >> 16) ? (__uint16_t)(
((__uint16_t)(((__uint32_t)((&st->src)->scrub->pfss_ts_mod
)) >> 16)) << 8 | ((__uint16_t)(((__uint32_t)((&
st->src)->scrub->pfss_ts_mod)) >> 16)) >>
8) : __bswap16_var(((__uint32_t)((&st->src)->scrub
->pfss_ts_mod)) >> 16)))) : __bswap32_var((&st->
src)->scrub->pfss_ts_mod)); (&sp->src)->scrub
.scrub_flag = 0x01; } } while (0);
3766 pf_state_peer_hton(&st->dst, &sp->dst)do { (&sp->dst)->seqlo = (__builtin_constant_p((&
st->dst)->seqlo) ? (((__uint32_t)((__uint16_t)(__builtin_constant_p
(((__uint32_t)((&st->dst)->seqlo)) & 0xffff) ? (
__uint16_t)(((__uint16_t)(((__uint32_t)((&st->dst)->
seqlo)) & 0xffff)) << 8 | ((__uint16_t)(((__uint32_t
)((&st->dst)->seqlo)) & 0xffff)) >> 8) : __bswap16_var
(((__uint32_t)((&st->dst)->seqlo)) & 0xffff))) <<
16) | ((__uint16_t)(__builtin_constant_p(((__uint32_t)((&
st->dst)->seqlo)) >> 16) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)((&st->dst)->seqlo)) >> 16)) <<
8 | ((__uint16_t)(((__uint32_t)((&st->dst)->seqlo)
) >> 16)) >> 8) : __bswap16_var(((__uint32_t)((&
st->dst)->seqlo)) >> 16)))) : __bswap32_var((&
st->dst)->seqlo)); (&sp->dst)->seqhi = (__builtin_constant_p
((&st->dst)->seqhi) ? (((__uint32_t)((__uint16_t)(__builtin_constant_p
(((__uint32_t)((&st->dst)->seqhi)) & 0xffff) ? (
__uint16_t)(((__uint16_t)(((__uint32_t)((&st->dst)->
seqhi)) & 0xffff)) << 8 | ((__uint16_t)(((__uint32_t
)((&st->dst)->seqhi)) & 0xffff)) >> 8) : __bswap16_var
(((__uint32_t)((&st->dst)->seqhi)) & 0xffff))) <<
16) | ((__uint16_t)(__builtin_constant_p(((__uint32_t)((&
st->dst)->seqhi)) >> 16) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)((&st->dst)->seqhi)) >> 16)) <<
8 | ((__uint16_t)(((__uint32_t)((&st->dst)->seqhi)
) >> 16)) >> 8) : __bswap16_var(((__uint32_t)((&
st->dst)->seqhi)) >> 16)))) : __bswap32_var((&
st->dst)->seqhi)); (&sp->dst)->seqdiff = (__builtin_constant_p
((&st->dst)->seqdiff) ? (((__uint32_t)((__uint16_t)
(__builtin_constant_p(((__uint32_t)((&st->dst)->seqdiff
)) & 0xffff) ? (__uint16_t)(((__uint16_t)(((__uint32_t)((
&st->dst)->seqdiff)) & 0xffff)) << 8 | ((
__uint16_t)(((__uint32_t)((&st->dst)->seqdiff)) &
0xffff)) >> 8) : __bswap16_var(((__uint32_t)((&st->
dst)->seqdiff)) & 0xffff))) << 16) | ((__uint16_t
)(__builtin_constant_p(((__uint32_t)((&st->dst)->seqdiff
)) >> 16) ? (__uint16_t)(((__uint16_t)(((__uint32_t)((&
st->dst)->seqdiff)) >> 16)) << 8 | ((__uint16_t
)(((__uint32_t)((&st->dst)->seqdiff)) >> 16))
>> 8) : __bswap16_var(((__uint32_t)((&st->dst)->
seqdiff)) >> 16)))) : __bswap32_var((&st->dst)->
seqdiff)); (&sp->dst)->max_win = ((__uint16_t)(__builtin_constant_p
((&st->dst)->max_win) ? (__uint16_t)(((__uint16_t)(
(&st->dst)->max_win)) << 8 | ((__uint16_t)((&
st->dst)->max_win)) >> 8) : __bswap16_var((&st
->dst)->max_win))); (&sp->dst)->mss = ((__uint16_t
)(__builtin_constant_p((&st->dst)->mss) ? (__uint16_t
)(((__uint16_t)((&st->dst)->mss)) << 8 | ((__uint16_t
)((&st->dst)->mss)) >> 8) : __bswap16_var((&
st->dst)->mss))); (&sp->dst)->state = (&st
->dst)->state; (&sp->dst)->wscale = (&st->
dst)->wscale; if ((&st->dst)->scrub) { (&sp->
dst)->scrub.pfss_flags = ((__uint16_t)(__builtin_constant_p
((&st->dst)->scrub->pfss_flags & 0x0001) ? (
__uint16_t)(((__uint16_t)((&st->dst)->scrub->pfss_flags
& 0x0001)) << 8 | ((__uint16_t)((&st->dst)->
scrub->pfss_flags & 0x0001)) >> 8) : __bswap16_var
((&st->dst)->scrub->pfss_flags & 0x0001))); (
&sp->dst)->scrub.pfss_ttl = (&st->dst)->scrub
->pfss_ttl; (&sp->dst)->scrub.pfss_ts_mod = (__builtin_constant_p
((&st->dst)->scrub->pfss_ts_mod) ? (((__uint32_t
)((__uint16_t)(__builtin_constant_p(((__uint32_t)((&st->
dst)->scrub->pfss_ts_mod)) & 0xffff) ? (__uint16_t)
(((__uint16_t)(((__uint32_t)((&st->dst)->scrub->
pfss_ts_mod)) & 0xffff)) << 8 | ((__uint16_t)(((__uint32_t
)((&st->dst)->scrub->pfss_ts_mod)) & 0xffff)
) >> 8) : __bswap16_var(((__uint32_t)((&st->dst)
->scrub->pfss_ts_mod)) & 0xffff))) << 16) | (
(__uint16_t)(__builtin_constant_p(((__uint32_t)((&st->
dst)->scrub->pfss_ts_mod)) >> 16) ? (__uint16_t)(
((__uint16_t)(((__uint32_t)((&st->dst)->scrub->pfss_ts_mod
)) >> 16)) << 8 | ((__uint16_t)(((__uint32_t)((&
st->dst)->scrub->pfss_ts_mod)) >> 16)) >>
8) : __bswap16_var(((__uint32_t)((&st->dst)->scrub
->pfss_ts_mod)) >> 16)))) : __bswap32_var((&st->
dst)->scrub->pfss_ts_mod)); (&sp->dst)->scrub
.scrub_flag = 0x01; } } while (0);
3767
3768 if (st->rule.ptr == NULL((void *)0))
3769 sp->rule = htonl(-1)(__builtin_constant_p(-1) ? (((__uint32_t)((__uint16_t)(__builtin_constant_p
(((__uint32_t)(-1)) & 0xffff) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)(-1)) & 0xffff)) << 8 | ((__uint16_t
)(((__uint32_t)(-1)) & 0xffff)) >> 8) : __bswap16_var
(((__uint32_t)(-1)) & 0xffff))) << 16) | ((__uint16_t
)(__builtin_constant_p(((__uint32_t)(-1)) >> 16) ? (__uint16_t
)(((__uint16_t)(((__uint32_t)(-1)) >> 16)) << 8 |
((__uint16_t)(((__uint32_t)(-1)) >> 16)) >> 8) :
__bswap16_var(((__uint32_t)(-1)) >> 16)))) : __bswap32_var
(-1));
3770 else
3771 sp->rule = htonl(st->rule.ptr->nr)(__builtin_constant_p(st->rule.ptr->nr) ? (((__uint32_t
)((__uint16_t)(__builtin_constant_p(((__uint32_t)(st->rule
.ptr->nr)) & 0xffff) ? (__uint16_t)(((__uint16_t)(((__uint32_t
)(st->rule.ptr->nr)) & 0xffff)) << 8 | ((__uint16_t
)(((__uint32_t)(st->rule.ptr->nr)) & 0xffff)) >>
8) : __bswap16_var(((__uint32_t)(st->rule.ptr->nr)) &
0xffff))) << 16) | ((__uint16_t)(__builtin_constant_p(
((__uint32_t)(st->rule.ptr->nr)) >> 16) ? (__uint16_t
)(((__uint16_t)(((__uint32_t)(st->rule.ptr->nr)) >>
16)) << 8 | ((__uint16_t)(((__uint32_t)(st->rule.ptr
->nr)) >> 16)) >> 8) : __bswap16_var(((__uint32_t
)(st->rule.ptr->nr)) >> 16)))) : __bswap32_var(st
->rule.ptr->nr));
3772 if (st->anchor.ptr == NULL((void *)0))
3773 sp->anchor = htonl(-1)(__builtin_constant_p(-1) ? (((__uint32_t)((__uint16_t)(__builtin_constant_p
(((__uint32_t)(-1)) & 0xffff) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)(-1)) & 0xffff)) << 8 | ((__uint16_t
)(((__uint32_t)(-1)) & 0xffff)) >> 8) : __bswap16_var
(((__uint32_t)(-1)) & 0xffff))) << 16) | ((__uint16_t
)(__builtin_constant_p(((__uint32_t)(-1)) >> 16) ? (__uint16_t
)(((__uint16_t)(((__uint32_t)(-1)) >> 16)) << 8 |
((__uint16_t)(((__uint32_t)(-1)) >> 16)) >> 8) :
__bswap16_var(((__uint32_t)(-1)) >> 16)))) : __bswap32_var
(-1));
3774 else
3775 sp->anchor = htonl(st->anchor.ptr->nr)(__builtin_constant_p(st->anchor.ptr->nr) ? (((__uint32_t
)((__uint16_t)(__builtin_constant_p(((__uint32_t)(st->anchor
.ptr->nr)) & 0xffff) ? (__uint16_t)(((__uint16_t)(((__uint32_t
)(st->anchor.ptr->nr)) & 0xffff)) << 8 | ((__uint16_t
)(((__uint32_t)(st->anchor.ptr->nr)) & 0xffff)) >>
8) : __bswap16_var(((__uint32_t)(st->anchor.ptr->nr)) &
0xffff))) << 16) | ((__uint16_t)(__builtin_constant_p(
((__uint32_t)(st->anchor.ptr->nr)) >> 16) ? (__uint16_t
)(((__uint16_t)(((__uint32_t)(st->anchor.ptr->nr)) >>
16)) << 8 | ((__uint16_t)(((__uint32_t)(st->anchor.
ptr->nr)) >> 16)) >> 8) : __bswap16_var(((__uint32_t
)(st->anchor.ptr->nr)) >> 16)))) : __bswap32_var(
st->anchor.ptr->nr));
3776 if (st->nat_rule.ptr == NULL((void *)0))
3777 sp->nat_rule = htonl(-1)(__builtin_constant_p(-1) ? (((__uint32_t)((__uint16_t)(__builtin_constant_p
(((__uint32_t)(-1)) & 0xffff) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)(-1)) & 0xffff)) << 8 | ((__uint16_t
)(((__uint32_t)(-1)) & 0xffff)) >> 8) : __bswap16_var
(((__uint32_t)(-1)) & 0xffff))) << 16) | ((__uint16_t
)(__builtin_constant_p(((__uint32_t)(-1)) >> 16) ? (__uint16_t
)(((__uint16_t)(((__uint32_t)(-1)) >> 16)) << 8 |
((__uint16_t)(((__uint32_t)(-1)) >> 16)) >> 8) :
__bswap16_var(((__uint32_t)(-1)) >> 16)))) : __bswap32_var
(-1));
3778 else
3779 sp->nat_rule = htonl(st->nat_rule.ptr->nr)(__builtin_constant_p(st->nat_rule.ptr->nr) ? (((__uint32_t
)((__uint16_t)(__builtin_constant_p(((__uint32_t)(st->nat_rule
.ptr->nr)) & 0xffff) ? (__uint16_t)(((__uint16_t)(((__uint32_t
)(st->nat_rule.ptr->nr)) & 0xffff)) << 8 | ((
__uint16_t)(((__uint32_t)(st->nat_rule.ptr->nr)) & 0xffff
)) >> 8) : __bswap16_var(((__uint32_t)(st->nat_rule.
ptr->nr)) & 0xffff))) << 16) | ((__uint16_t)(__builtin_constant_p
(((__uint32_t)(st->nat_rule.ptr->nr)) >> 16) ? (__uint16_t
)(((__uint16_t)(((__uint32_t)(st->nat_rule.ptr->nr)) >>
16)) << 8 | ((__uint16_t)(((__uint32_t)(st->nat_rule
.ptr->nr)) >> 16)) >> 8) : __bswap16_var(((__uint32_t
)(st->nat_rule.ptr->nr)) >> 16)))) : __bswap32_var
(st->nat_rule.ptr->nr));
3780
3781 pf_state_counter_hton(st->packets[0], sp->packets[0])do { sp->packets[0][0] = (__builtin_constant_p((st->packets
[0]>>32)&0xffffffff) ? (((__uint32_t)((__uint16_t)(
__builtin_constant_p(((__uint32_t)((st->packets[0]>>
32)&0xffffffff)) & 0xffff) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)((st->packets[0]>>32)&0xffffffff)
) & 0xffff)) << 8 | ((__uint16_t)(((__uint32_t)((st
->packets[0]>>32)&0xffffffff)) & 0xffff)) >>
8) : __bswap16_var(((__uint32_t)((st->packets[0]>>32
)&0xffffffff)) & 0xffff))) << 16) | ((__uint16_t
)(__builtin_constant_p(((__uint32_t)((st->packets[0]>>
32)&0xffffffff)) >> 16) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)((st->packets[0]>>32)&0xffffffff)
) >> 16)) << 8 | ((__uint16_t)(((__uint32_t)((st->
packets[0]>>32)&0xffffffff)) >> 16)) >>
8) : __bswap16_var(((__uint32_t)((st->packets[0]>>32
)&0xffffffff)) >> 16)))) : __bswap32_var((st->packets
[0]>>32)&0xffffffff)); sp->packets[0][1] = (__builtin_constant_p
(st->packets[0]&0xffffffff) ? (((__uint32_t)((__uint16_t
)(__builtin_constant_p(((__uint32_t)(st->packets[0]&0xffffffff
)) & 0xffff) ? (__uint16_t)(((__uint16_t)(((__uint32_t)(st
->packets[0]&0xffffffff)) & 0xffff)) << 8 | (
(__uint16_t)(((__uint32_t)(st->packets[0]&0xffffffff))
& 0xffff)) >> 8) : __bswap16_var(((__uint32_t)(st->
packets[0]&0xffffffff)) & 0xffff))) << 16) | ((
__uint16_t)(__builtin_constant_p(((__uint32_t)(st->packets
[0]&0xffffffff)) >> 16) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)(st->packets[0]&0xffffffff)) >> 16
)) << 8 | ((__uint16_t)(((__uint32_t)(st->packets[0]
&0xffffffff)) >> 16)) >> 8) : __bswap16_var((
(__uint32_t)(st->packets[0]&0xffffffff)) >> 16))
)) : __bswap32_var(st->packets[0]&0xffffffff)); } while
(0);
3782 pf_state_counter_hton(st->packets[1], sp->packets[1])do { sp->packets[1][0] = (__builtin_constant_p((st->packets
[1]>>32)&0xffffffff) ? (((__uint32_t)((__uint16_t)(
__builtin_constant_p(((__uint32_t)((st->packets[1]>>
32)&0xffffffff)) & 0xffff) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)((st->packets[1]>>32)&0xffffffff)
) & 0xffff)) << 8 | ((__uint16_t)(((__uint32_t)((st
->packets[1]>>32)&0xffffffff)) & 0xffff)) >>
8) : __bswap16_var(((__uint32_t)((st->packets[1]>>32
)&0xffffffff)) & 0xffff))) << 16) | ((__uint16_t
)(__builtin_constant_p(((__uint32_t)((st->packets[1]>>
32)&0xffffffff)) >> 16) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)((st->packets[1]>>32)&0xffffffff)
) >> 16)) << 8 | ((__uint16_t)(((__uint32_t)((st->
packets[1]>>32)&0xffffffff)) >> 16)) >>
8) : __bswap16_var(((__uint32_t)((st->packets[1]>>32
)&0xffffffff)) >> 16)))) : __bswap32_var((st->packets
[1]>>32)&0xffffffff)); sp->packets[1][1] = (__builtin_constant_p
(st->packets[1]&0xffffffff) ? (((__uint32_t)((__uint16_t
)(__builtin_constant_p(((__uint32_t)(st->packets[1]&0xffffffff
)) & 0xffff) ? (__uint16_t)(((__uint16_t)(((__uint32_t)(st
->packets[1]&0xffffffff)) & 0xffff)) << 8 | (
(__uint16_t)(((__uint32_t)(st->packets[1]&0xffffffff))
& 0xffff)) >> 8) : __bswap16_var(((__uint32_t)(st->
packets[1]&0xffffffff)) & 0xffff))) << 16) | ((
__uint16_t)(__builtin_constant_p(((__uint32_t)(st->packets
[1]&0xffffffff)) >> 16) ? (__uint16_t)(((__uint16_t
)(((__uint32_t)(st->packets[1]&0xffffffff)) >> 16
)) << 8 | ((__uint16_t)(((__uint32_t)(st->packets[1]
&0xffffffff)) >> 16)) >> 8) : __bswap16_var((
(__uint32_t)(st->packets[1]&0xffffffff)) >> 16))
)) : __bswap32_var(st->packets[1]&0xffffffff)); } while
(0);
3783 pf_state_counter_hton(st->bytes[0], sp->bytes[0])do { sp->bytes[0][0] = (__builtin_constant_p((st->bytes
[0]>>32)&0xffffffff) ? (((__uint32_t)((__uint16_t)(
__builtin_constant_p(((__uint32_t)((st->bytes[0]>>32
)&0xffffffff)) & 0xffff) ? (__uint16_t)(((__uint16_t)
(((__uint32_t)((st->bytes[0]>>32)&0xffffffff)) &
0xffff)) << 8 | ((__uint16_t)(((__uint32_t)((st->bytes
[0]>>32)&0xffffffff)) & 0xffff)) >> 8) : __bswap16_var
(((__uint32_t)((st->bytes[0]>>32)&0xffffffff)) &
0xffff))) << 16) | ((__uint16_t)(__builtin_constant_p(
((__uint32_t)((st->bytes[0]>>32)&0xffffffff)) >>
16) ? (__uint16_t)(((__uint16_t)(((__uint32_t)((st->bytes
[0]>>32)&0xffffffff)) >> 16)) << 8 | ((
__uint16_t)(((__uint32_t)((st->bytes[0]>>32)&0xffffffff
)) >> 16)) >> 8) : __bswap16_var(((__uint32_t)((st
->bytes[0]>>32)&0xffffffff)) >> 16)))) : __bswap32_var
((st->bytes[0]>>32)&0xffffffff)); sp->bytes[0
][1] = (__builtin_constant_p(st->bytes[0]&0xffffffff) ?
(((__uint32_t)((__uint16_t)(__builtin_constant_p(((__uint32_t
)(st->bytes[0]&0xffffffff)) & 0xffff) ? (__uint16_t
)(((__uint16_t)(((__uint32_t)(st->bytes[0]&0xffffffff)
) & 0xffff)) << 8 | ((__uint16_t)(((__uint32_t)(st->
bytes[0]&0xffffffff)) & 0xffff)) >> 8) : __bswap16_var
(((__uint32_t)(st->bytes[0]&0xffffffff)) & 0xffff)
)) << 16) | ((__uint16_t)(__builtin_constant_p(((__uint32_t
)(st->bytes[0]&0xffffffff)) >> 16) ? (__uint16_t
)(((__uint16_t)(((__uint32_t)(st->bytes[0]&0xffffffff)
) >> 16)) << 8 | ((__uint16_t)(((__uint32_t)(st->
bytes[0]&0xffffffff)) >> 16)) >> 8) : __bswap16_var
(((__uint32_t)(st->bytes[0]&0xffffffff)) >> 16))
)) : __bswap32_var(st->bytes[0]&0xffffffff)); } while (
0);
3784 pf_state_counter_hton(st->bytes[1], sp->bytes[1])do { sp->bytes[1][0] = (__builtin_constant_p((st->bytes
[1]>>32)&0xffffffff) ? (((__uint32_t)((__uint16_t)(
__builtin_constant_p(((__uint32_t)((st->bytes[1]>>32
)&0xffffffff)) & 0xffff) ? (__uint16_t)(((__uint16_t)
(((__uint32_t)((st->bytes[1]>>32)&0xffffffff)) &
0xffff)) << 8 | ((__uint16_t)(((__uint32_t)((st->bytes
[1]>>32)&0xffffffff)) & 0xffff)) >> 8) : __bswap16_var
(((__uint32_t)((st->bytes[1]>>32)&0xffffffff)) &
0xffff))) << 16) | ((__uint16_t)(__builtin_constant_p(
((__uint32_t)((st->bytes[1]>>32)&0xffffffff)) >>
16) ? (__uint16_t)(((__uint16_t)(((__uint32_t)((st->bytes
[1]>>32)&0xffffffff)) >> 16)) << 8 | ((
__uint16_t)(((__uint32_t)((st->bytes[1]>>32)&0xffffffff
)) >> 16)) >> 8) : __bswap16_var(((__uint32_t)((st
->bytes[1]>>32)&0xffffffff)) >> 16)))) : __bswap32_var
((st->bytes[1]>>32)&0xffffffff)); sp->bytes[1
][1] = (__builtin_constant_p(st->bytes[1]&0xffffffff) ?
(((__uint32_t)((__uint16_t)(__builtin_constant_p(((__uint32_t
)(st->bytes[1]&0xffffffff)) & 0xffff) ? (__uint16_t
)(((__uint16_t)(((__uint32_t)(st->bytes[1]&0xffffffff)
) & 0xffff)) << 8 | ((__uint16_t)(((__uint32_t)(st->
bytes[1]&0xffffffff)) & 0xffff)) >> 8) : __bswap16_var
(((__uint32_t)(st->bytes[1]&0xffffffff)) & 0xffff)
)) << 16) | ((__uint16_t)(__builtin_constant_p(((__uint32_t
)(st->bytes[1]&0xffffffff)) >> 16) ? (__uint16_t
)(((__uint16_t)(((__uint32_t)(st->bytes[1]&0xffffffff)
) >> 16)) << 8 | ((__uint16_t)(((__uint32_t)(st->
bytes[1]&0xffffffff)) >> 16)) >> 8) : __bswap16_var
(((__uint32_t)(st->bytes[1]&0xffffffff)) >> 16))
)) : __bswap32_var(st->bytes[1]&0xffffffff)); } while (
0);
3785
3786}
3787
3788static void
3789pf_tbladdr_copyout(struct pf_addr_wrap *aw)
3790{
3791 struct pfr_ktable *kt;
3792
3793 KASSERT(aw->type == PF_ADDR_TABLE, ("%s: type %u", __func__, aw->type))do { if (__builtin_expect((!(aw->type == PF_ADDR_TABLE)), 0
)) panic ("%s: type %u", __func__, aw->type); } while (0);
3794
3795 kt = aw->p.tbl;
3796 if (!(kt->pfrkt_flagspfrkt_ts.pfrts_t.pfrt_flags & PFR_TFLAG_ACTIVE0x00000004) && kt->pfrkt_root != NULL((void *)0))
3797 kt = kt->pfrkt_root;
3798 aw->p.tbl = NULL((void *)0);
3799 aw->p.tblcnt = (kt->pfrkt_flagspfrkt_ts.pfrts_t.pfrt_flags & PFR_TFLAG_ACTIVE0x00000004) ?
3800 kt->pfrkt_cntpfrkt_ts.pfrts_cnt : -1;
3801}
3802
3803/*
3804 * XXX - Check for version missmatch!!!
3805 */
3806static void
3807pf_clear_states(void)
3808{
3809 struct pf_state *s;
3810 u_int i;
3811
3812 for (i = 0; i <= pf_hashmask; i++) {
3813 struct pf_idhash *ih = &V_pf_idhash(*(__typeof(vnet_entry_pf_idhash)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_idhash
))[i];
3814relock:
3815 PF_HASHROW_LOCK(ih)__mtx_lock_flags(&((((&(ih)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (3815));
3816 LIST_FOREACH(s, &ih->states, entry)for ((s) = (((&ih->states))->lh_first); (s); (s) = (
((s))->entry.le_next)) {
3817 s->timeout = PFTM_PURGE;
3818 /* Don't send out individual delete messages. */
3819 s->state_flags |= PFSTATE_NOSYNC0x08;
3820 pf_unlink_state(s, PF_ENTER_LOCKED0x00000001);
3821 goto relock;
3822 }
3823 PF_HASHROW_UNLOCK(ih)__mtx_unlock_flags(&((((&(ih)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (3823));
3824 }
3825}
3826
3827static int
3828pf_clear_tables(void)
3829{
3830 struct pfioc_table io;
3831 int error;
3832
3833 bzero(&io, sizeof(io))__builtin_memset((&io), 0, (sizeof(io)));
3834
3835 error = pfr_clr_tables(&io.pfrio_table, &io.pfrio_ndel,
3836 io.pfrio_flags);
3837
3838 return (error);
3839}
3840
3841static void
3842pf_clear_srcnodes(struct pf_src_node *n)
3843{
3844 struct pf_state *s;
3845 int i;
3846
3847 for (i = 0; i <= pf_hashmask; i++) {
3848 struct pf_idhash *ih = &V_pf_idhash(*(__typeof(vnet_entry_pf_idhash)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_idhash
))[i];
3849
3850 PF_HASHROW_LOCK(ih)__mtx_lock_flags(&((((&(ih)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (3850));
3851 LIST_FOREACH(s, &ih->states, entry)for ((s) = (((&ih->states))->lh_first); (s); (s) = (
((s))->entry.le_next)) {
3852 if (n == NULL((void *)0) || n == s->src_node)
3853 s->src_node = NULL((void *)0);
3854 if (n == NULL((void *)0) || n == s->nat_src_node)
3855 s->nat_src_node = NULL((void *)0);
3856 }
3857 PF_HASHROW_UNLOCK(ih)__mtx_unlock_flags(&((((&(ih)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (3857));
3858 }
3859
3860 if (n == NULL((void *)0)) {
3861 struct pf_srchash *sh;
3862
3863 for (i = 0, sh = V_pf_srchash(*(__typeof(vnet_entry_pf_srchash)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_srchash
)); i <= pf_srchashmask;
3864 i++, sh++) {
3865 PF_HASHROW_LOCK(sh)__mtx_lock_flags(&((((&(sh)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (3865));
3866 LIST_FOREACH(n, &sh->nodes, entry)for ((n) = (((&sh->nodes))->lh_first); (n); (n) = (
((n))->entry.le_next)) {
3867 n->expire = 1;
3868 n->states = 0;
3869 }
3870 PF_HASHROW_UNLOCK(sh)__mtx_unlock_flags(&((((&(sh)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (3870));
3871 }
3872 } else {
3873 /* XXX: hash slot should already be locked here. */
3874 n->expire = 1;
3875 n->states = 0;
3876 }
3877}
3878
3879static void
3880pf_kill_srcnodes(struct pfioc_src_node_kill *psnk)
3881{
3882 struct pf_src_node_list kill;
3883
3884 LIST_INIT(&kill)do { (((&kill))->lh_first) = ((void *)0); } while (0);
3885 for (int i = 0; i <= pf_srchashmask; i++) {
3886 struct pf_srchash *sh = &V_pf_srchash(*(__typeof(vnet_entry_pf_srchash)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_srchash
))[i];
3887 struct pf_src_node *sn, *tmp;
3888
3889 PF_HASHROW_LOCK(sh)__mtx_lock_flags(&((((&(sh)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (3889));
3890 LIST_FOREACH_SAFE(sn, &sh->nodes, entry, tmp)for ((sn) = (((&sh->nodes))->lh_first); (sn) &&
((tmp) = (((sn))->entry.le_next), 1); (sn) = (tmp))
3891 if (PF_MATCHA(psnk->psnk_src.neg,pf_match_addr(psnk->psnk_src.neg, &psnk->psnk_src.addr
.v.a.addr, &psnk->psnk_src.addr.v.a.mask, &sn->
addr, sn->af)
3892 &psnk->psnk_src.addr.v.a.addr,pf_match_addr(psnk->psnk_src.neg, &psnk->psnk_src.addr
.v.a.addr, &psnk->psnk_src.addr.v.a.mask, &sn->
addr, sn->af)
3893 &psnk->psnk_src.addr.v.a.mask,pf_match_addr(psnk->psnk_src.neg, &psnk->psnk_src.addr
.v.a.addr, &psnk->psnk_src.addr.v.a.mask, &sn->
addr, sn->af)
3894 &sn->addr, sn->af)pf_match_addr(psnk->psnk_src.neg, &psnk->psnk_src.addr
.v.a.addr, &psnk->psnk_src.addr.v.a.mask, &sn->
addr, sn->af) &&
3895 PF_MATCHA(psnk->psnk_dst.neg,pf_match_addr(psnk->psnk_dst.neg, &psnk->psnk_dst.addr
.v.a.addr, &psnk->psnk_dst.addr.v.a.mask, &sn->
raddr, sn->af)
3896 &psnk->psnk_dst.addr.v.a.addr,pf_match_addr(psnk->psnk_dst.neg, &psnk->psnk_dst.addr
.v.a.addr, &psnk->psnk_dst.addr.v.a.mask, &sn->
raddr, sn->af)
3897 &psnk->psnk_dst.addr.v.a.mask,pf_match_addr(psnk->psnk_dst.neg, &psnk->psnk_dst.addr
.v.a.addr, &psnk->psnk_dst.addr.v.a.mask, &sn->
raddr, sn->af)
3898 &sn->raddr, sn->af)pf_match_addr(psnk->psnk_dst.neg, &psnk->psnk_dst.addr
.v.a.addr, &psnk->psnk_dst.addr.v.a.mask, &sn->
raddr, sn->af)) {
3899 pf_unlink_src_node(sn);
3900 LIST_INSERT_HEAD(&kill, sn, entry)do { do { if (((((&kill)))->lh_first) != ((void *)0) &&
((((&kill)))->lh_first)->entry.le_prev != &(((
(&kill)))->lh_first)) panic("Bad list head %p first->prev != head"
, ((&kill))); } while (0); if (((((sn))->entry.le_next
) = (((&kill))->lh_first)) != ((void *)0)) (((&kill
))->lh_first)->entry.le_prev = &(((sn))->entry.le_next
); (((&kill))->lh_first) = (sn); (sn)->entry.le_prev
= &(((&kill))->lh_first); } while (0);
3901 sn->expire = 1;
3902 }
3903 PF_HASHROW_UNLOCK(sh)__mtx_unlock_flags(&((((&(sh)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (3903));
3904 }
3905
3906 for (int i = 0; i <= pf_hashmask; i++) {
3907 struct pf_idhash *ih = &V_pf_idhash(*(__typeof(vnet_entry_pf_idhash)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_idhash
))[i];
3908 struct pf_state *s;
3909
3910 PF_HASHROW_LOCK(ih)__mtx_lock_flags(&((((&(ih)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (3910));
3911 LIST_FOREACH(s, &ih->states, entry)for ((s) = (((&ih->states))->lh_first); (s); (s) = (
((s))->entry.le_next)) {
3912 if (s->src_node && s->src_node->expire == 1)
3913 s->src_node = NULL((void *)0);
3914 if (s->nat_src_node && s->nat_src_node->expire == 1)
3915 s->nat_src_node = NULL((void *)0);
3916 }
3917 PF_HASHROW_UNLOCK(ih)__mtx_unlock_flags(&((((&(ih)->lock))))->mtx_lock
, ((0)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"), (3917));
3918 }
3919
3920 psnk->psnk_killed = pf_free_src_nodes(&kill);
3921}
3922
3923/*
3924 * XXX - Check for version missmatch!!!
3925 */
3926
3927/*
3928 * Duplicate pfctl -Fa operation to get rid of as much as we can.
3929 */
3930static int
3931shutdown_pf(void)
3932{
3933 int error = 0;
3934 u_int32_t t[5];
3935 char nn = '\0';
3936
3937 do {
3938 if ((error = pf_begin_rules(&t[0], PF_RULESET_SCRUB, &nn))
3939 != 0) {
3940 DPFPRINTF(PF_DEBUG_MISC, ("shutdown_pf: SCRUB\n"))if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("shutdown_pf: SCRUB\n"
);
3941 break;
3942 }
3943 if ((error = pf_begin_rules(&t[1], PF_RULESET_FILTER, &nn))
3944 != 0) {
3945 DPFPRINTF(PF_DEBUG_MISC, ("shutdown_pf: FILTER\n"))if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("shutdown_pf: FILTER\n"
);
3946 break; /* XXX: rollback? */
3947 }
3948 if ((error = pf_begin_rules(&t[2], PF_RULESET_NAT, &nn))
3949 != 0) {
3950 DPFPRINTF(PF_DEBUG_MISC, ("shutdown_pf: NAT\n"))if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("shutdown_pf: NAT\n");
3951 break; /* XXX: rollback? */
3952 }
3953 if ((error = pf_begin_rules(&t[3], PF_RULESET_BINAT, &nn))
3954 != 0) {
3955 DPFPRINTF(PF_DEBUG_MISC, ("shutdown_pf: BINAT\n"))if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("shutdown_pf: BINAT\n"
);
3956 break; /* XXX: rollback? */
3957 }
3958 if ((error = pf_begin_rules(&t[4], PF_RULESET_RDR, &nn))
3959 != 0) {
3960 DPFPRINTF(PF_DEBUG_MISC, ("shutdown_pf: RDR\n"))if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("shutdown_pf: RDR\n");
3961 break; /* XXX: rollback? */
3962 }
3963
3964 /* XXX: these should always succeed here */
3965 pf_commit_rules(t[0], PF_RULESET_SCRUB, &nn);
3966 pf_commit_rules(t[1], PF_RULESET_FILTER, &nn);
3967 pf_commit_rules(t[2], PF_RULESET_NAT, &nn);
3968 pf_commit_rules(t[3], PF_RULESET_BINAT, &nn);
3969 pf_commit_rules(t[4], PF_RULESET_RDR, &nn);
3970
3971 if ((error = pf_clear_tables()) != 0)
3972 break;
3973
3974#ifdef ALTQ
3975 if ((error = pf_begin_altq(&t[0])) != 0) {
3976 DPFPRINTF(PF_DEBUG_MISC, ("shutdown_pf: ALTQ\n"))if ((*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).debug >= (PF_DEBUG_MISC)) printf ("shutdown_pf: ALTQ\n"
);
3977 break;
3978 }
3979 pf_commit_altq(t[0]);
3980#endif
3981
3982 pf_clear_states();
3983
3984 pf_clear_srcnodes(NULL((void *)0));
3985
3986 /* status does not use malloced mem so no need to cleanup */
3987 /* fingerprints and interfaces have their own cleanup code */
3988
3989 /* Free counters last as we updated them during shutdown. */
3990 counter_u64_free(V_pf_default_rule(*(__typeof(vnet_entry_pf_default_rule)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_default_rule
)).states_cur);
3991 counter_u64_free(V_pf_default_rule(*(__typeof(vnet_entry_pf_default_rule)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_default_rule
)).states_tot);
3992 counter_u64_free(V_pf_default_rule(*(__typeof(vnet_entry_pf_default_rule)*) (((((__curthread())
->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_default_rule
)).src_nodes);
3993
3994 for (int i = 0; i < PFRES_MAX16; i++)
3995 counter_u64_free(V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).counters[i]);
3996 for (int i = 0; i < LCNT_MAX7; i++)
3997 counter_u64_free(V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).lcounters[i]);
3998 for (int i = 0; i < FCNT_MAX3; i++)
3999 counter_u64_free(V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).fcounters[i]);
4000 for (int i = 0; i < SCNT_MAX3; i++)
4001 counter_u64_free(V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).scounters[i]);
4002 } while(0);
4003
4004 return (error);
4005}
4006
4007#ifdef INET1
4008static int
4009pf_check_in(void *arg, struct mbuf **m, struct ifnet *ifp, int dir, int flags,
4010 struct inpcb *inp)
4011{
4012 int chk;
4013
4014 chk = pf_test(PF_IN, flags, ifp, m, inp);
4015 if (chk && *m) {
4016 m_freem(*m);
4017 *m = NULL((void *)0);
4018 }
4019
4020 if (chk != PF_PASS)
4021 return (EACCES13);
4022 return (0);
4023}
4024
4025static int
4026pf_check_out(void *arg, struct mbuf **m, struct ifnet *ifp, int dir, int flags,
4027 struct inpcb *inp)
4028{
4029 int chk;
4030
4031 chk = pf_test(PF_OUT, flags, ifp, m, inp);
4032 if (chk && *m) {
4033 m_freem(*m);
4034 *m = NULL((void *)0);
4035 }
4036
4037 if (chk != PF_PASS)
4038 return (EACCES13);
4039 return (0);
4040}
4041#endif
4042
4043#ifdef INET61
4044static int
4045pf_check6_in(void *arg, struct mbuf **m, struct ifnet *ifp, int dir, int flags,
4046 struct inpcb *inp)
4047{
4048 int chk;
4049
4050 /*
4051 * In case of loopback traffic IPv6 uses the real interface in
4052 * order to support scoped addresses. In order to support stateful
4053 * filtering we have change this to lo0 as it is the case in IPv4.
4054 */
4055 CURVNET_SET(ifp->if_vnet)do { if (!((ifp->if_vnet) != ((void *)0) && (ifp->
if_vnet)->vnet_magic_n == 0x3e0d8f29)) panic ("CURVNET_SET at %s:%d %s() curvnet=%p vnet=%p"
, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 4055, __func__, (
__curthread())->td_vnet, (ifp->if_vnet)); } while (0); struct
vnet *saved_vnet = (__curthread())->td_vnet; (__curthread
())->td_vnet = ifp->if_vnet;;
4056 chk = pf_test6(PF_IN, flags, (*m)->m_flags & M_LOOP0x00020000 ? V_loif(*(__typeof(vnet_entry_loif)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_loif)) : ifp, m, inp);
4057 CURVNET_RESTORE()do { if (!((__curthread())->td_vnet != ((void *)0) &&
(saved_vnet == ((void *)0) || saved_vnet->vnet_magic_n ==
0x3e0d8f29))) panic ("CURVNET_RESTORE at %s:%d %s() curvnet=%p saved_vnet=%p"
, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 4057, __func__, (
__curthread())->td_vnet, saved_vnet); } while (0); (__curthread
())->td_vnet = saved_vnet;;
4058 if (chk && *m) {
4059 m_freem(*m);
4060 *m = NULL((void *)0);
4061 }
4062 if (chk != PF_PASS)
4063 return (EACCES13);
4064 return (0);
4065}
4066
4067static int
4068pf_check6_out(void *arg, struct mbuf **m, struct ifnet *ifp, int dir, int flags,
4069 struct inpcb *inp)
4070{
4071 int chk;
4072
4073 CURVNET_SET(ifp->if_vnet)do { if (!((ifp->if_vnet) != ((void *)0) && (ifp->
if_vnet)->vnet_magic_n == 0x3e0d8f29)) panic ("CURVNET_SET at %s:%d %s() curvnet=%p vnet=%p"
, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 4073, __func__, (
__curthread())->td_vnet, (ifp->if_vnet)); } while (0); struct
vnet *saved_vnet = (__curthread())->td_vnet; (__curthread
())->td_vnet = ifp->if_vnet;;
4074 chk = pf_test6(PF_OUT, flags, ifp, m, inp);
4075 CURVNET_RESTORE()do { if (!((__curthread())->td_vnet != ((void *)0) &&
(saved_vnet == ((void *)0) || saved_vnet->vnet_magic_n ==
0x3e0d8f29))) panic ("CURVNET_RESTORE at %s:%d %s() curvnet=%p saved_vnet=%p"
, "/root/freebsd/sys/netpfil/pf/pf_ioctl.c", 4075, __func__, (
__curthread())->td_vnet, saved_vnet); } while (0); (__curthread
())->td_vnet = saved_vnet;;
4076 if (chk && *m) {
4077 m_freem(*m);
4078 *m = NULL((void *)0);
4079 }
4080 if (chk != PF_PASS)
4081 return (EACCES13);
4082 return (0);
4083}
4084#endif /* INET6 */
4085
4086static int
4087hook_pf(void)
4088{
4089#ifdef INET1
4090 struct pfil_head *pfh_inet;
4091#endif
4092#ifdef INET61
4093 struct pfil_head *pfh_inet6;
4094#endif
4095
4096 if (V_pf_pfil_hooked(*(__typeof(vnet_entry_pf_pfil_hooked)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_pfil_hooked
)))
4097 return (0);
4098
4099#ifdef INET1
4100 pfh_inet = pfil_head_get(PFIL_TYPE_AF1, AF_INET2);
4101 if (pfh_inet == NULL((void *)0))
4102 return (ESRCH3); /* XXX */
4103 pfil_add_hook_flags(pf_check_in, NULL((void *)0), PFIL_IN0x00000001 | PFIL_WAITOK0x00000004, pfh_inet);
4104 pfil_add_hook_flags(pf_check_out, NULL((void *)0), PFIL_OUT0x00000002 | PFIL_WAITOK0x00000004, pfh_inet);
4105#endif
4106#ifdef INET61
4107 pfh_inet6 = pfil_head_get(PFIL_TYPE_AF1, AF_INET628);
4108 if (pfh_inet6 == NULL((void *)0)) {
4109#ifdef INET1
4110 pfil_remove_hook_flags(pf_check_in, NULL((void *)0), PFIL_IN0x00000001 | PFIL_WAITOK0x00000004,
4111 pfh_inet);
4112 pfil_remove_hook_flags(pf_check_out, NULL((void *)0), PFIL_OUT0x00000002 | PFIL_WAITOK0x00000004,
4113 pfh_inet);
4114#endif
4115 return (ESRCH3); /* XXX */
4116 }
4117 pfil_add_hook_flags(pf_check6_in, NULL((void *)0), PFIL_IN0x00000001 | PFIL_WAITOK0x00000004, pfh_inet6);
4118 pfil_add_hook_flags(pf_check6_out, NULL((void *)0), PFIL_OUT0x00000002 | PFIL_WAITOK0x00000004, pfh_inet6);
4119#endif
4120
4121 V_pf_pfil_hooked(*(__typeof(vnet_entry_pf_pfil_hooked)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_pfil_hooked
)) = 1;
4122 return (0);
4123}
4124
4125static int
4126dehook_pf(void)
4127{
4128#ifdef INET1
4129 struct pfil_head *pfh_inet;
4130#endif
4131#ifdef INET61
4132 struct pfil_head *pfh_inet6;
4133#endif
4134
4135 if (V_pf_pfil_hooked(*(__typeof(vnet_entry_pf_pfil_hooked)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_pfil_hooked
)) == 0)
4136 return (0);
4137
4138#ifdef INET1
4139 pfh_inet = pfil_head_get(PFIL_TYPE_AF1, AF_INET2);
4140 if (pfh_inet == NULL((void *)0))
4141 return (ESRCH3); /* XXX */
4142 pfil_remove_hook_flags(pf_check_in, NULL((void *)0), PFIL_IN0x00000001 | PFIL_WAITOK0x00000004,
4143 pfh_inet);
4144 pfil_remove_hook_flags(pf_check_out, NULL((void *)0), PFIL_OUT0x00000002 | PFIL_WAITOK0x00000004,
4145 pfh_inet);
4146#endif
4147#ifdef INET61
4148 pfh_inet6 = pfil_head_get(PFIL_TYPE_AF1, AF_INET628);
4149 if (pfh_inet6 == NULL((void *)0))
4150 return (ESRCH3); /* XXX */
4151 pfil_remove_hook_flags(pf_check6_in, NULL((void *)0), PFIL_IN0x00000001 | PFIL_WAITOK0x00000004,
4152 pfh_inet6);
4153 pfil_remove_hook_flags(pf_check6_out, NULL((void *)0), PFIL_OUT0x00000002 | PFIL_WAITOK0x00000004,
4154 pfh_inet6);
4155#endif
4156
4157 V_pf_pfil_hooked(*(__typeof(vnet_entry_pf_pfil_hooked)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_pfil_hooked
)) = 0;
4158 return (0);
4159}
4160
4161static void
4162pf_load_vnet(void)
4163{
4164 TAILQ_INIT(&V_pf_tags)do { (((&(*(__typeof(vnet_entry_pf_tags)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_tags
))))->tqh_first) = ((void *)0); (&(*(__typeof(vnet_entry_pf_tags
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_tags)))->tqh_last = &(((&
(*(__typeof(vnet_entry_pf_tags)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_tags))
))->tqh_first); ; } while (0);
4165 TAILQ_INIT(&V_pf_qids)do { (((&(*(__typeof(vnet_entry_pf_qids)*) (((((__curthread
())->td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_qids
))))->tqh_first) = ((void *)0); (&(*(__typeof(vnet_entry_pf_qids
)*) (((((__curthread())->td_vnet))->vnet_data_base) + (
uintptr_t)&vnet_entry_pf_qids)))->tqh_last = &(((&
(*(__typeof(vnet_entry_pf_qids)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_qids))
))->tqh_first); ; } while (0);
4166
4167 pfattach_vnet();
4168 V_pf_vnet_active(*(__typeof(vnet_entry_pf_vnet_active)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_vnet_active
)) = 1;
4169}
4170
4171static int
4172pf_load(void)
4173{
4174 int error;
4175
4176 rm_init(&pf_rules_lock, "pf rulesets");
4177 sx_init(&pf_ioctl_lock, "pf ioctl")sx_init_flags((&pf_ioctl_lock), ("pf ioctl"), 0);
4178 sx_init(&pf_end_lock, "pf end thread")sx_init_flags((&pf_end_lock), ("pf end thread"), 0);
4179
4180 pf_mtag_initialize();
4181
4182 pf_dev = make_dev(&pf_cdevsw, 0, 0, 0, 0600, PF_NAME"pf");
4183 if (pf_dev == NULL((void *)0))
4184 return (ENOMEM12);
4185
4186 pf_end_threads = 0;
4187 error = kproc_create(pf_purge_thread, NULL((void *)0), &pf_purge_proc, 0, 0, "pf purge");
4188 if (error != 0)
4189 return (error);
4190
4191 pfi_initialize();
4192
4193 return (0);
4194}
4195
4196static void
4197pf_unload_vnet(void)
4198{
4199 int error;
4200
4201 V_pf_vnet_active(*(__typeof(vnet_entry_pf_vnet_active)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_vnet_active
)) = 0;
4202 V_pf_status(*(__typeof(vnet_entry_pf_status)*) (((((__curthread())->td_vnet
))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_status
)).running = 0;
4203 error = dehook_pf();
4204 if (error) {
4205 /*
4206 * Should not happen!
4207 * XXX Due to error code ESRCH, kldunload will show
4208 * a message like 'No such process'.
4209 */
4210 printf("%s : pfil unregisteration fail\n", __FUNCTION__);
4211 return;
4212 }
4213
4214 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 4214);
4215 shutdown_pf();
4216 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 4216);
4217
4218 swi_remove(V_pf_swi_cookie(*(__typeof(vnet_entry_pf_swi_cookie)*) (((((__curthread())->
td_vnet))->vnet_data_base) + (uintptr_t)&vnet_entry_pf_swi_cookie
)));
4219
4220 pf_unload_vnet_purge();
4221
4222 pf_normalize_cleanup();
4223 PF_RULES_WLOCK()_rm_wlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 4223);
4224 pfi_cleanup_vnet();
4225 PF_RULES_WUNLOCK()_rm_wunlock_debug((&pf_rules_lock), "/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
, 4225);
4226 pfr_cleanup();
4227 pf_osfp_flush();
4228 pf_cleanup();
4229 if (IS_DEFAULT_VNET(curvnet)(((__curthread())->td_vnet) == vnet0))
4230 pf_mtag_cleanup();
4231}
4232
4233static void
4234pf_unload(void)
4235{
4236
4237 sx_xlock(&pf_end_lock)(void)_sx_xlock(((&pf_end_lock)), 0, ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
), (4237));
4238 pf_end_threads = 1;
4239 while (pf_end_threads < 2) {
4240 wakeup_one(pf_purge_thread);
4241 sx_sleep(pf_purge_proc, &pf_end_lock, 0, "pftmo", 0)_sleep((pf_purge_proc), &(&pf_end_lock)->lock_object
, (0), ("pftmo"), tick_sbt * (0), 0, 0x0100);
4242 }
4243 sx_xunlock(&pf_end_lock)_sx_xunlock(((&pf_end_lock)), ("/root/freebsd/sys/netpfil/pf/pf_ioctl.c"
), (4243));
4244
4245 if (pf_dev != NULL((void *)0))
4246 destroy_dev(pf_dev);
4247
4248 pfi_cleanup();
4249
4250 rm_destroy(&pf_rules_lock);
4251 sx_destroy(&pf_ioctl_lock);
4252 sx_destroy(&pf_end_lock);
4253}
4254
4255static void
4256vnet_pf_init(void *unused __unused__attribute__((__unused__)))
4257{
4258
4259 pf_load_vnet();
4260}
4261VNET_SYSINIT(vnet_pf_init, SI_SUB_PROTO_FIREWALL, SI_ORDER_THIRD,static struct vnet_sysinit vnet_pf_init_vnet_init = { SI_SUB_PROTO_FIREWALL
, SI_ORDER_THIRD, (sysinit_cfunc_t)(sysinit_nfunc_t)vnet_pf_init
, (((void *)0)) }; static struct sysinit vnet_init_vnet_pf_init_sys_init
= { SI_SUB_PROTO_FIREWALL, SI_ORDER_THIRD, (sysinit_cfunc_t)
(sysinit_nfunc_t)vnet_register_sysinit, ((void *)(&vnet_pf_init_vnet_init
)) }; __asm__(".globl " "__start_set_sysinit_set"); __asm__(".globl "
"__stop_set_sysinit_set"); static void const * __set_sysinit_set_sym_vnet_init_vnet_pf_init_sys_init
__attribute__((__section__("set_" "sysinit_set"))) __attribute__
((__used__)) = &(vnet_init_vnet_pf_init_sys_init); static
struct sysinit vnet_init_vnet_pf_init_sys_uninit = { SI_SUB_PROTO_FIREWALL
, SI_ORDER_THIRD, (sysinit_cfunc_t)(sysinit_nfunc_t)vnet_deregister_sysinit
, ((void *)(&vnet_pf_init_vnet_init)) }; __asm__(".globl "
"__start_set_sysuninit_set"); __asm__(".globl " "__stop_set_sysuninit_set"
); static void const * __set_sysuninit_set_sym_vnet_init_vnet_pf_init_sys_uninit
__attribute__((__section__("set_" "sysuninit_set"))) __attribute__
((__used__)) = &(vnet_init_vnet_pf_init_sys_uninit)
4262 vnet_pf_init, NULL)static struct vnet_sysinit vnet_pf_init_vnet_init = { SI_SUB_PROTO_FIREWALL
, SI_ORDER_THIRD, (sysinit_cfunc_t)(sysinit_nfunc_t)vnet_pf_init
, (((void *)0)) }; static struct sysinit vnet_init_vnet_pf_init_sys_init
= { SI_SUB_PROTO_FIREWALL, SI_ORDER_THIRD, (sysinit_cfunc_t)
(sysinit_nfunc_t)vnet_register_sysinit, ((void *)(&vnet_pf_init_vnet_init
)) }; __asm__(".globl " "__start_set_sysinit_set"); __asm__(".globl "
"__stop_set_sysinit_set"); static void const * __set_sysinit_set_sym_vnet_init_vnet_pf_init_sys_init
__attribute__((__section__("set_" "sysinit_set"))) __attribute__
((__used__)) = &(vnet_init_vnet_pf_init_sys_init); static
struct sysinit vnet_init_vnet_pf_init_sys_uninit = { SI_SUB_PROTO_FIREWALL
, SI_ORDER_THIRD, (sysinit_cfunc_t)(sysinit_nfunc_t)vnet_deregister_sysinit
, ((void *)(&vnet_pf_init_vnet_init)) }; __asm__(".globl "
"__start_set_sysuninit_set"); __asm__(".globl " "__stop_set_sysuninit_set"
); static void const * __set_sysuninit_set_sym_vnet_init_vnet_pf_init_sys_uninit
__attribute__((__section__("set_" "sysuninit_set"))) __attribute__
((__used__)) = &(vnet_init_vnet_pf_init_sys_uninit);
4263
4264static void
4265vnet_pf_uninit(const void *unused __unused__attribute__((__unused__)))
4266{
4267
4268 pf_unload_vnet();
4269}
4270SYSUNINIT(pf_unload, SI_SUB_PROTO_FIREWALL, SI_ORDER_SECOND, pf_unload, NULL)static struct sysinit pf_unload_sys_uninit = { SI_SUB_PROTO_FIREWALL
, SI_ORDER_SECOND, (sysinit_cfunc_t)(sysinit_nfunc_t)pf_unload
, ((void *)(((void *)0))) }; __asm__(".globl " "__start_set_sysuninit_set"
); __asm__(".globl " "__stop_set_sysuninit_set"); static void
const * __set_sysuninit_set_sym_pf_unload_sys_uninit __attribute__
((__section__("set_" "sysuninit_set"))) __attribute__((__used__
)) = &(pf_unload_sys_uninit);
4271VNET_SYSUNINIT(vnet_pf_uninit, SI_SUB_PROTO_FIREWALL, SI_ORDER_THIRD,static struct vnet_sysinit vnet_pf_uninit_vnet_uninit = { SI_SUB_PROTO_FIREWALL
, SI_ORDER_THIRD, (sysinit_cfunc_t)(sysinit_nfunc_t)vnet_pf_uninit
, (((void *)0)) }; static struct sysinit vnet_uninit_vnet_pf_uninit_sys_init
= { SI_SUB_PROTO_FIREWALL, SI_ORDER_THIRD, (sysinit_cfunc_t)
(sysinit_nfunc_t)vnet_register_sysuninit, ((void *)(&vnet_pf_uninit_vnet_uninit
)) }; __asm__(".globl " "__start_set_sysinit_set"); __asm__(".globl "
"__stop_set_sysinit_set"); static void const * __set_sysinit_set_sym_vnet_uninit_vnet_pf_uninit_sys_init
__attribute__((__section__("set_" "sysinit_set"))) __attribute__
((__used__)) = &(vnet_uninit_vnet_pf_uninit_sys_init); static
struct sysinit vnet_uninit_vnet_pf_uninit_sys_uninit = { SI_SUB_PROTO_FIREWALL
, SI_ORDER_THIRD, (sysinit_cfunc_t)(sysinit_nfunc_t)vnet_deregister_sysuninit
, ((void *)(&vnet_pf_uninit_vnet_uninit)) }; __asm__(".globl "
"__start_set_sysuninit_set"); __asm__(".globl " "__stop_set_sysuninit_set"
); static void const * __set_sysuninit_set_sym_vnet_uninit_vnet_pf_uninit_sys_uninit
__attribute__((__section__("set_" "sysuninit_set"))) __attribute__
((__used__)) = &(vnet_uninit_vnet_pf_uninit_sys_uninit)
4272 vnet_pf_uninit, NULL)static struct vnet_sysinit vnet_pf_uninit_vnet_uninit = { SI_SUB_PROTO_FIREWALL
, SI_ORDER_THIRD, (sysinit_cfunc_t)(sysinit_nfunc_t)vnet_pf_uninit
, (((void *)0)) }; static struct sysinit vnet_uninit_vnet_pf_uninit_sys_init
= { SI_SUB_PROTO_FIREWALL, SI_ORDER_THIRD, (sysinit_cfunc_t)
(sysinit_nfunc_t)vnet_register_sysuninit, ((void *)(&vnet_pf_uninit_vnet_uninit
)) }; __asm__(".globl " "__start_set_sysinit_set"); __asm__(".globl "
"__stop_set_sysinit_set"); static void const * __set_sysinit_set_sym_vnet_uninit_vnet_pf_uninit_sys_init
__attribute__((__section__("set_" "sysinit_set"))) __attribute__
((__used__)) = &(vnet_uninit_vnet_pf_uninit_sys_init); static
struct sysinit vnet_uninit_vnet_pf_uninit_sys_uninit = { SI_SUB_PROTO_FIREWALL
, SI_ORDER_THIRD, (sysinit_cfunc_t)(sysinit_nfunc_t)vnet_deregister_sysuninit
, ((void *)(&vnet_pf_uninit_vnet_uninit)) }; __asm__(".globl "
"__start_set_sysuninit_set"); __asm__(".globl " "__stop_set_sysuninit_set"
); static void const * __set_sysuninit_set_sym_vnet_uninit_vnet_pf_uninit_sys_uninit
__attribute__((__section__("set_" "sysuninit_set"))) __attribute__
((__used__)) = &(vnet_uninit_vnet_pf_uninit_sys_uninit);
4273
4274
4275static int
4276pf_modevent(module_t mod, int type, void *data)
4277{
4278 int error = 0;
4279
4280 switch(type) {
4281 case MOD_LOAD:
4282 error = pf_load();
4283 break;
4284 case MOD_UNLOAD:
4285 /* Handled in SYSUNINIT(pf_unload) to ensure it's done after
4286 * the vnet_pf_uninit()s */
4287 break;
4288 default:
4289 error = EINVAL22;
4290 break;
4291 }
4292
4293 return (error);
4294}
4295
4296static moduledata_t pf_mod = {
4297 "pf",
4298 pf_modevent,
4299 0
4300};
4301
4302DECLARE_MODULE(pf, pf_mod, SI_SUB_PROTO_FIREWALL, SI_ORDER_SECOND)static struct mod_depend _pf_depend_on_kernel __attribute__((
__section__(".data"))) = { 1300006, 1300006, 1300006 }; static
struct mod_metadata _mod_metadata_md_pf_on_kernel = { 1, 1, &
_pf_depend_on_kernel, "kernel" }; __asm__(".globl " "__start_set_modmetadata_set"
); __asm__(".globl " "__stop_set_modmetadata_set"); static void
const * const __set_modmetadata_set_sym__mod_metadata_md_pf_on_kernel
__attribute__((__section__("set_" "modmetadata_set"))) __attribute__
((__used__)) = &(_mod_metadata_md_pf_on_kernel); static struct
mod_metadata _mod_metadata_md_pf = { 1, 2, &pf_mod, "pf"
}; __asm__(".globl " "__start_set_modmetadata_set"); __asm__
(".globl " "__stop_set_modmetadata_set"); static void const *
const __set_modmetadata_set_sym__mod_metadata_md_pf __attribute__
((__section__("set_" "modmetadata_set"))) __attribute__((__used__
)) = &(_mod_metadata_md_pf); static struct sysinit pfmodule_sys_init
= { SI_SUB_PROTO_FIREWALL, SI_ORDER_SECOND, (sysinit_cfunc_t
)(sysinit_nfunc_t)module_register_init, ((void *)(&pf_mod
)) }; __asm__(".globl " "__start_set_sysinit_set"); __asm__(".globl "
"__stop_set_sysinit_set"); static void const * __set_sysinit_set_sym_pfmodule_sys_init
__attribute__((__section__("set_" "sysinit_set"))) __attribute__
((__used__)) = &(pfmodule_sys_init); struct __hack;
4303MODULE_VERSION(pf, PF_MODVER)static struct mod_version _pf_version __attribute__((__section__
(".data"))) = { 1 }; static struct mod_metadata _mod_metadata_pf_version
= { 1, 3, &_pf_version, "pf" }; __asm__(".globl " "__start_set_modmetadata_set"
); __asm__(".globl " "__stop_set_modmetadata_set"); static void
const * const __set_modmetadata_set_sym__mod_metadata_pf_version
__attribute__((__section__("set_" "modmetadata_set"))) __attribute__
((__used__)) = &(_mod_metadata_pf_version);