pf: pf_clear_srcnodes() is always called with NULL

The functions pf_clear_srcnodes() is only used to perform a removal of all source nodes, never of a given one. Remove the code allowing for removal of a given source node. Reviewed by: kp Differential Revision: https://reviews.freebsd.org/D46819
2024-10-18 02:19:39 +00:00 · 2024-09-28 18:59:13 +02:00 · 2024-09-28 18:59:13 +02:00 · 37881f65ea
commit 37881f65ea
parent c44fbfdb56
1 changed files with 17 additions and 25 deletions
--- a/sys/netpfil/pf/pf_ioctl.c
+++ b/sys/netpfil/pf/pf_ioctl.c
@ -233,7 +233,7 @@ static int		 pf_clearstates_nv(struct pfioc_nv *);
 static int		 pf_getstate(struct pfioc_nv *);
 static int		 pf_getstatus(struct pfioc_nv *);
 static int		 pf_clear_tables(void);
-static void		 pf_clear_srcnodes(struct pf_ksrc_node *);
+static void		 pf_clear_srcnodes(void);
 static void		 pf_kill_srcnodes(struct pfioc_src_node_kill *);
 static int		 pf_keepcounters(struct pfioc_nv *);
 static void		 pf_tbladdr_copyout(struct pf_addr_wrap *);
@ -5427,7 +5427,7 @@ pfioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags, struct thread *td
 	}

 	case DIOCCLRSRCNODES: {
-		pf_clear_srcnodes(NULL);
+		pf_clear_srcnodes();
 		pf_purge_expired_src_nodes();
 		break;
 	}
@ -5904,40 +5904,32 @@ pf_clear_tables(void)
 }

 static void
-pf_clear_srcnodes(struct pf_ksrc_node *n)
+pf_clear_srcnodes(void)
 {
-	struct pf_kstate *s;
-	int i;
+	struct pf_kstate	*s;
+	struct pf_srchash	*sh;
+	struct pf_ksrc_node	*sn;
+	int			 i;

 	for (i = 0; i <= V_pf_hashmask; i++) {
 		struct pf_idhash *ih = &V_pf_idhash[i];

 		PF_HASHROW_LOCK(ih);
 		LIST_FOREACH(s, &ih->states, entry) {
-			if (n == NULL || n == s->src_node)
-				s->src_node = NULL;
-			if (n == NULL || n == s->nat_src_node)
-				s->nat_src_node = NULL;
+			s->src_node = NULL;
+			s->nat_src_node = NULL;
 		}
 		PF_HASHROW_UNLOCK(ih);
 	}

-	if (n == NULL) {
-		struct pf_srchash *sh;
-
-		for (i = 0, sh = V_pf_srchash; i <= V_pf_srchashmask;
-		    i++, sh++) {
-			PF_HASHROW_LOCK(sh);
-			LIST_FOREACH(n, &sh->nodes, entry) {
-				n->expire = 1;
-				n->states = 0;
-			}
-			PF_HASHROW_UNLOCK(sh);
+	for (i = 0, sh = V_pf_srchash; i <= V_pf_srchashmask;
+	    i++, sh++) {
+		PF_HASHROW_LOCK(sh);
+		LIST_FOREACH(sn, &sh->nodes, entry) {
+			sn->expire = 1;
+			sn->states = 0;
 		}
-	} else {
-		/* XXX: hash slot should already be locked here. */
-		n->expire = 1;
-		n->states = 0;
+		PF_HASHROW_UNLOCK(sh);
 	}
 }

@ -6406,7 +6398,7 @@ shutdown_pf(void)

 		pf_clear_all_states();

-		pf_clear_srcnodes(NULL);
+		pf_clear_srcnodes();

 		/* status does not use malloced mem so no need to cleanup */
 		/* fingerprints and interfaces have their own cleanup code */