Page MenuHomeFreeBSD
Differential D27764

pfctl: Stop sharing pf_ruleset.c with the kernel
ClosedPublic
Actions

Authored by kp on Dec 24 2020, 3:49 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Oct 19, 9:47 PM
Unknown Object (File)
Sat, Oct 19, 9:47 PM
Unknown Object (File)
Sat, Oct 19, 9:47 PM
Unknown Object (File)
Sat, Oct 19, 9:41 PM
Unknown Object (File)
Sun, Oct 13, 2:00 PM
Unknown Object (File)
Oct 5 2024, 5:56 AM
Unknown Object (File)
Oct 5 2024, 4:27 AM
Unknown Object (File)
Oct 4 2024, 7:09 PM
View All Files
Subscribers
donner
farrokhi
imp
melifaro

Details

Reviewers
philip
scottl
Group Reviewers
network
Commits
rG34b94d9ebb2d: pfctl: Stop sharing pf_ruleset.c with the kernel
rGfda7daf06301: pfctl: Stop sharing pf_ruleset.c with the kernel
Summary

Now that we've split up the datastructures used by the kernel and
userspace there's essentually no more overlap between the pf_ruleset.c
code used by userspace and kernelspace.

Copy the userspace bits to the pfctl directory and stop using the kernel
file.

MFC after: 2 weeks
Sponsored by: Orange Business Services

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kp created this revision.Dec 24 2020, 3:49 PM
Herald added subscribers: melifaro, farrokhi, imp. · View Herald TranscriptDec 24 2020, 3:49 PM
kp requested review of this revision.Dec 24 2020, 3:49 PM
Harbormaster completed remote builds in B35676: Diff 81136.Dec 24 2020, 3:49 PM
kp added a parent revision: D27763: pf: Convert pfi_kkif to use counter_u64.Dec 24 2020, 3:49 PM
kp added a comment.Dec 29 2020, 8:34 PM

If there are no objections to this series (D27707, D27756 - D27764) I'm going to push this tomorrow.

donner added a subscriber: donner.EditedDec 30 2020, 9:44 AM

Given, that the old file was included by user space programms, I'd suggest to include some lines like

#ifndef KERNEL
# error "Kernel only file! Please include ...."
#endif
philip accepted this revision as: philip.Dec 30 2020, 11:15 AM
This revision is now accepted and ready to land.Dec 30 2020, 11:15 AM
kp updated this revision to Diff 81372.Dec 30 2020, 2:46 PM

Fail build if the kernel file is used in userspace.

This revision now requires review to proceed.Dec 30 2020, 2:46 PM
Harbormaster completed remote builds in B35792: Diff 81372.Dec 30 2020, 2:46 PM
philip accepted this revision as: philip.Dec 31 2020, 12:16 AM

Still looks good to me.

This patch series is likely to be very upsetting to pftop. Though I think it was already broken. Maybe the #error will nudge someone to fix it?

This revision is now accepted and ready to land.Dec 31 2020, 12:16 AM
kp added a comment.Dec 31 2020, 10:24 AM
In D27764#622510, @philip wrote:

Still looks good to me.

This patch series is likely to be very upsetting to pftop. Though I think it was already broken. Maybe the #error will nudge someone to fix it?

It appears to still just build and work, at least with some basic testing.
This patch is the most visible to userspace, because userspace is now expected to no longer use kernel files (ick, ick, ew). The ioctl interface for pf is entirely unchanged, at least as far as userspace can tell.
A few definitions moved around in the header files, but pfvar.h includes pf.h, so that doesn't really matter either.

Closed by commit rGfda7daf06301: pfctl: Stop sharing pf_ruleset.c with the kernel (authored by kp). · Explain WhyJan 5 2021, 10:39 PM
This revision was automatically updated to reflect the committed changes.
kp added a commit: rGfda7daf06301: pfctl: Stop sharing pf_ruleset.c with the kernel.
kp added a commit: rG34b94d9ebb2d: pfctl: Stop sharing pf_ruleset.c with the kernel.Jan 20 2021, 2:46 PM

Revision Contents
Changeset List

PathSize
sbin/
pfctl/
3 lines
sbin/
pfctl/
sys/
netpfil/
pf/
329 lines
sys/
netpfil/
pf/
286 lines

Diff 81715

View Options

sbin/pfctl/Makefile

Loading...
View Options

sbin/pfctl/pf_ruleset.c

Loading...
View Options

sys/netpfil/pf/pf_ruleset.c

Loading...