Lines Matching +full:tlv +full:- +full:layout
1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause
69 * Special IPFW_VTYPE_LEGACY ( (uint32_t)-1 ) represents old
70 * single-value-for-all approach.
129 #define CHAIN_TO_NI(chain) (CHAIN_TO_TCFG(chain)->namehash)
130 #define KIDX_TO_TI(ch, k) (&(((struct table_info *)(ch)->tablestate)[k]))
132 #define TA_BUF_SZ 128 /* On-stack buffer for add/delete state */
141 TAILQ_FOREACH(os, &tcfg->state_list, next) in rollback_toperation_state()
142 os->func(object, os); in rollback_toperation_state()
151 TAILQ_INSERT_HEAD(&tcfg->state_list, &ts->opstate, next); in add_toperation_state()
160 TAILQ_REMOVE(&tcfg->state_list, &ts->opstate, next); in del_toperation_state()
167 tc->no.refcnt++; in tc_ref()
174 tc->no.refcnt--; in tc_unref()
182 pval = (struct table_value *)ch->valuestate; in get_table_value()
199 if (tc->limit == 0 || tc->count < tc->limit) in check_table_limit()
202 if ((tei->flags & TEI_FLAGS_UPDATE) == 0) { in check_table_limit()
204 tei->flags |= TEI_FLAGS_LIMIT; in check_table_limit()
214 tei->flags |= TEI_FLAGS_DONTADD; in check_table_limit()
221 * one of pre-defined states known by userland.
247 tei->flags |= flag; in store_tei_result()
253 * @pkidx if non-zero.
254 * Used for table auto-creation to support old binaries.
283 * or non-zero return code.
301 if (tc->no.subtype != ti->type) in find_ref_table()
304 if (tc->locked != 0) in find_ref_table()
313 tc->no.refcnt++; in find_ref_table()
322 if ((tei->flags & TEI_FLAGS_COMPAT) == 0) in find_ref_table()
342 * Assume the following layout:
343 * 1) ADD state (ta_buf_m[0] ... t_buf_m[added - 1]) for handling update cases
344 * 2) DEL state (ta_buf_m[count[ ... t_buf_m[count + added - 1])
361 ta = tc->ta; in rollback_added_entries()
362 ta_buf_sz = ta->ta_buf_size; in rollback_added_entries()
367 if ((ptei->flags & TEI_FLAGS_UPDATED) != 0) { in rollback_added_entries()
370 * call in @ptei->value. Do add once again in rollback_added_entries()
373 error = ta->add(tc->astate, tinfo, ptei, v, &num); in rollback_added_entries()
379 error = ta->prepare_del(ch, ptei, vv); in rollback_added_entries()
380 KASSERT(error == 0, ("pre-rollback INSERT failed")); in rollback_added_entries()
381 error = ta->del(tc->astate, tinfo, ptei, vv, &num); in rollback_added_entries()
383 tc->count -= num; in rollback_added_entries()
404 ta_buf_sz = ta->ta_buf_size; in prepare_batch_buffer()
406 /* Single add/delete, use on-stack buffer */ in prepare_batch_buffer()
427 ta->prepare_add(ch, ptei, v) : ta->prepare_del(ch, ptei, v); in prepare_batch_buffer()
456 ta_buf_sz = ta->ta_buf_size; in flush_batch_buffer()
462 ta->flush_entry(ch, ptei, v); in flush_batch_buffer()
463 if (ptei->ptv != NULL) { in flush_batch_buffer()
464 free(ptei->ptv, M_IPFW); in flush_batch_buffer()
465 ptei->ptv = NULL; in flush_batch_buffer()
473 ta->flush_entry(ch, &tei[i], v); in flush_batch_buffer()
488 if (ts->tc != object && ts->ch != object) in rollback_add_entry()
491 ch = ts->ch; in rollback_add_entry()
499 ts->modified = 1; in rollback_add_entry()
514 * we have per-chain linked list, protected with UH lock.
515 * add_table_entry prepares special on-stack structure wthich is passed
578 ta = tc->ta; in add_table_entry()
584 ts.vshared = tc->vshared; in add_table_entry()
585 ts.vmask = tc->vmask; in add_table_entry()
601 tc->no.refcnt--; in add_table_entry()
616 * Link all values values to shared/per-table value array. in add_table_entry()
630 kidx = tc->no.kidx; in add_table_entry()
638 kidx = tc->no.kidx; in add_table_entry()
639 ta = tc->ta; in add_table_entry()
646 for (i = 0; i < count; i++, v += ta->ta_buf_size) { in add_table_entry()
653 * a properly-linked value if atomicity is in add_table_entry()
657 * index, it would get rejected by ta->add(). in add_table_entry()
659 error = ta->add(tc->astate, KIDX_TO_TI(ch, kidx), in add_table_entry()
666 tc->count += num; in add_table_entry()
693 /* Permit post-add algorithm grow/rehash. */ in add_table_entry()
735 ta = tc->ta; in del_table_entry()
748 tc->no.refcnt--; in del_table_entry()
754 if (ta != tc->ta) { in del_table_entry()
760 kidx = tc->no.kidx; in del_table_entry()
766 for (i = 0; i < count; i++, v += ta->ta_buf_size) { in del_table_entry()
769 error = ta->del(tc->astate, KIDX_TO_TI(ch, kidx), ptei, v, in del_table_entry()
775 tc->count -= num; in del_table_entry()
780 /* Unlink non-used values */ in del_table_entry()
784 /* Run post-del hook to permit shrinking */ in del_table_entry()
804 * 0) need_modify() (UH_WLOCK) - checks if @count items can be added w/o resize.
806 * 1) alloc_modify (no locks, M_WAITOK) - alloc new state based on @pflags.
807 * 2) prepare_modifyt (UH_WLOCK) - copy old data into new storage
808 * 3) modify (UH_WLOCK + WLOCK) - switch pointers
809 * 4) flush_modify (UH_WLOCK) - free state, if needed
825 ta = tc->ta; in check_table_space()
826 if (ta->need_modify == NULL) in check_table_space()
830 tc->no.refcnt++; in check_table_space()
839 if (ta->need_modify(tc->astate, ti, count, &pflags) == 0) { in check_table_space()
850 error = ta->prepare_mod(ta_buf, &pflags); in check_table_space()
859 if (ts != NULL && ts->modified != 0) { in check_table_space()
865 ta->flush_mod(ta_buf); in check_table_space()
870 ti = KIDX_TO_TI(ch, tc->no.kidx); in check_table_space()
871 if (ta->need_modify(tc->astate, ti, count, &pflags) == 0) { in check_table_space()
878 ta->flush_mod(ta_buf); in check_table_space()
882 error = ta->fill_mod(tc->astate, ti, ta_buf, &pflags); in check_table_space()
886 ta->modify(tc->astate, ti, ta_buf, pflags); in check_table_space()
891 ta->flush_mod(ta_buf); in check_table_space()
894 tc->no.refcnt--; in check_table_space()
900 * Data layout (v0):
918 if (sd->valsize < (sizeof(*op3) + hdrlen)) in manage_table_ent_v0()
925 if (xent->len < hdrlen || xent->len + read > sd->valsize) in manage_table_ent_v0()
929 tei.paddr = &xent->k; in manage_table_ent_v0()
930 tei.masklen = xent->masklen; in manage_table_ent_v0()
931 ipfw_import_table_value_legacy(xent->value, &v); in manage_table_ent_v0()
935 if (xent->type == IPFW_TABLE_ADDR) { in manage_table_ent_v0()
936 if (xent->len - hdrlen == sizeof(in_addr_t)) in manage_table_ent_v0()
943 ti.uidx = xent->tbl; in manage_table_ent_v0()
944 ti.type = xent->type; in manage_table_ent_v0()
946 error = (op3->opcode == IP_FW_TABLE_XADD) ? in manage_table_ent_v0()
955 * Data layout (v1)(current):
974 if (sd->valsize < (sizeof(*oh) + sizeof(*ctlv))) in manage_table_ent_v1()
978 if (sd->valsize != sd->kavail) in manage_table_ent_v1()
981 oh = (ipfw_obj_header *)sd->kbuf; in manage_table_ent_v1()
984 if (oh->ntlv.head.length != sizeof(oh->ntlv)) in manage_table_ent_v1()
990 if (ctlv->head.length + read != sd->valsize) in manage_table_ent_v1()
995 if (ctlv->count * sizeof(*tent) + read != sd->valsize) in manage_table_ent_v1()
998 if (ctlv->count == 0) in manage_table_ent_v1()
1006 ipfw_get_sopt_header(sd, sd->valsize); in manage_table_ent_v1()
1010 kidx = tent->idx; in manage_table_ent_v1()
1011 for (i = 0; i < ctlv->count; i++, ptent++) { in manage_table_ent_v1()
1012 if (ptent->head.length != sizeof(*ptent)) in manage_table_ent_v1()
1014 if (ptent->idx != kidx) in manage_table_ent_v1()
1020 ti.type = oh->ntlv.type; in manage_table_ent_v1()
1023 /* Use on-stack buffer for single add/del */ in manage_table_ent_v1()
1024 if (ctlv->count == 1) { in manage_table_ent_v1()
1028 tei_buf = malloc(ctlv->count * sizeof(tei), M_TEMP, in manage_table_ent_v1()
1033 for (i = 0; i < ctlv->count; i++, ptent++, ptei++) { in manage_table_ent_v1()
1034 ptei->paddr = &ptent->k; in manage_table_ent_v1()
1035 ptei->subtype = ptent->subtype; in manage_table_ent_v1()
1036 ptei->masklen = ptent->masklen; in manage_table_ent_v1()
1037 if (ptent->head.flags & IPFW_TF_UPDATE) in manage_table_ent_v1()
1038 ptei->flags |= TEI_FLAGS_UPDATE; in manage_table_ent_v1()
1040 ipfw_import_table_value_v1(&ptent->v.value); in manage_table_ent_v1()
1041 ptei->pvalue = (struct table_value *)&ptent->v.value; in manage_table_ent_v1()
1044 error = (oh->opheader.opcode == IP_FW_TABLE_XADD) ? in manage_table_ent_v1()
1045 add_table_entry(ch, &ti, tei_buf, ctlv->flags, ctlv->count) : in manage_table_ent_v1()
1046 del_table_entry(ch, &ti, tei_buf, ctlv->flags, ctlv->count); in manage_table_ent_v1()
1051 for (i = 0; i < ctlv->count; i++, ptent++, ptei++) { in manage_table_ent_v1()
1052 if (ptei->flags & TEI_FLAGS_ADDED) in manage_table_ent_v1()
1053 ptent->result = IPFW_TR_ADDED; in manage_table_ent_v1()
1054 else if (ptei->flags & TEI_FLAGS_DELETED) in manage_table_ent_v1()
1055 ptent->result = IPFW_TR_DELETED; in manage_table_ent_v1()
1056 else if (ptei->flags & TEI_FLAGS_UPDATED) in manage_table_ent_v1()
1057 ptent->result = IPFW_TR_UPDATED; in manage_table_ent_v1()
1058 else if (ptei->flags & TEI_FLAGS_LIMIT) in manage_table_ent_v1()
1059 ptent->result = IPFW_TR_LIMIT; in manage_table_ent_v1()
1060 else if (ptei->flags & TEI_FLAGS_ERROR) in manage_table_ent_v1()
1061 ptent->result = IPFW_TR_ERROR; in manage_table_ent_v1()
1062 else if (ptei->flags & TEI_FLAGS_NOTFOUND) in manage_table_ent_v1()
1063 ptent->result = IPFW_TR_NOTFOUND; in manage_table_ent_v1()
1064 else if (ptei->flags & TEI_FLAGS_EXISTS) in manage_table_ent_v1()
1065 ptent->result = IPFW_TR_EXISTS; in manage_table_ent_v1()
1066 ipfw_export_table_value_v1(ptei->pvalue, &ptent->v.value); in manage_table_ent_v1()
1077 * Data layout (v0)(current):
1100 if (sd->valsize != sz) in find_table_entry()
1107 if (oh->ntlv.head.length != sizeof(oh->ntlv)) in find_table_entry()
1111 ti.type = oh->ntlv.type; in find_table_entry()
1112 ti.uidx = tent->idx; in find_table_entry()
1127 if (tc->no.subtype != ti.type) { in find_table_entry()
1132 kti = KIDX_TO_TI(ch, tc->no.kidx); in find_table_entry()
1133 ta = tc->ta; in find_table_entry()
1135 if (ta->find_tentry == NULL) in find_table_entry()
1138 error = ta->find_tentry(tc->astate, kti, tent); in find_table_entry()
1140 pval = get_table_value(ch, tc, tent->v.kidx); in find_table_entry()
1141 ipfw_export_table_value_v1(pval, &tent->v.value); in find_table_entry()
1150 * Data layout (v0)(current):
1163 if (sd->valsize != sizeof(*oh)) in flush_table_v0()
1169 if (op3->opcode == IP_FW_TABLE_XDESTROY) in flush_table_v0()
1171 else if (op3->opcode == IP_FW_TABLE_XFLUSH) in flush_table_v0()
1186 if (ts->tc != object) in restart_flush()
1190 ts->modified = 1; in restart_flush()
1235 ta = tc->ta; in flush_table()
1237 if ((ta->flags & TA_FLAG_READONLY) != 0) { in flush_table()
1242 if (ta->print_config != NULL) { in flush_table()
1243 ta->print_config(tc->astate, KIDX_TO_TI(ch, tc->no.kidx), in flush_table()
1248 tflags = tc->tflags; in flush_table()
1249 tc->no.refcnt++; in flush_table()
1257 ta->destroy(astate_new, &ti_new); in flush_table()
1265 error = ta->init(ch, &astate_new, &ti_new, pstate, tflags); in flush_table()
1268 * Stage 3: swap old state pointers with newly-allocated ones. in flush_table()
1272 tc->no.refcnt--; in flush_table()
1293 kidx = tc->no.kidx; in flush_table()
1294 tablestate = (struct table_info *)ch->tablestate; in flush_table()
1301 astate_old = tc->astate; in flush_table()
1302 tc->astate = astate_new; in flush_table()
1303 tc->ti_copy = ti_new; in flush_table()
1304 tc->count = 0; in flush_table()
1307 if (ta->change_ti != NULL) in flush_table()
1308 ta->change_ti(tc->astate, &tablestate[kidx]); in flush_table()
1319 ta->destroy(astate_old, &ti_old); in flush_table()
1326 * Data layout (v0)(current):
1339 if (sd->valsize != sizeof(*oh) + sizeof(ipfw_obj_ntlv)) in swap_table()
1343 ntlv_to_ti(&oh->ntlv, &ti_a); in swap_table()
1363 * runtime data @ti (ch->tablestate)
1365 * algo-specific data (@tc->astate)
1374 * Note that referencing @tc won't protect tc->ta from change.
1413 if (tc_a->no.subtype!=tc_b->no.subtype || tc_a->tflags!=tc_b->tflags) { in swap_tables()
1419 if ((tc_a->limit != 0 && tc_b->count > tc_a->limit) || in swap_tables()
1420 (tc_b->limit != 0 && tc_a->count > tc_b->limit)) { in swap_tables()
1426 if (((tc_a->ta->flags | tc_b->ta->flags) & TA_FLAG_READONLY) != 0) { in swap_tables()
1436 tablestate = (struct table_info *)ch->tablestate; in swap_tables()
1437 ti = tablestate[tc_a->no.kidx]; in swap_tables()
1438 ta = tc_a->ta; in swap_tables()
1439 astate = tc_a->astate; in swap_tables()
1440 count = tc_a->count; in swap_tables()
1443 /* a <- b */ in swap_tables()
1444 tablestate[tc_a->no.kidx] = tablestate[tc_b->no.kidx]; in swap_tables()
1445 tc_a->ta = tc_b->ta; in swap_tables()
1446 tc_a->astate = tc_b->astate; in swap_tables()
1447 tc_a->count = tc_b->count; in swap_tables()
1448 /* b <- a */ in swap_tables()
1449 tablestate[tc_b->no.kidx] = ti; in swap_tables()
1450 tc_b->ta = ta; in swap_tables()
1451 tc_b->astate = astate; in swap_tables()
1452 tc_b->count = count; in swap_tables()
1456 tc_a->ti_copy = tablestate[tc_a->no.kidx]; in swap_tables()
1457 tc_b->ti_copy = tablestate[tc_b->no.kidx]; in swap_tables()
1460 if (tc_a->ta->change_ti != NULL) in swap_tables()
1461 tc_a->ta->change_ti(tc_a->astate, &tablestate[tc_a->no.kidx]); in swap_tables()
1462 if (tc_b->ta->change_ti != NULL) in swap_tables()
1463 tc_b->ta->change_ti(tc_b->astate, &tablestate[tc_b->no.kidx]); in swap_tables()
1472 * Data layout (v0)(current):
1492 if (tc->no.refcnt > 0) { in destroy_table()
1502 if (ipfw_objhash_free_idx(ni, tc->no.kidx) != 0) in destroy_table()
1504 tc->no.kidx, tc->tablename); in destroy_table()
1507 ipfw_unref_table_values(ch, tc, tc->ta, tc->astate, &tc->ti_copy); in destroy_table()
1559 memcpy(tablestate, ch->tablestate, sizeof(struct table_info) * tbl); in ipfw_resize_tables()
1565 old_tablestate = ch->tablestate; in ipfw_resize_tables()
1566 ch->tablestate = tablestate; in ipfw_resize_tables()
1574 ti = (struct table_info *)ch->tablestate; in ipfw_resize_tables()
1576 if (ti->lookup == NULL) in ipfw_resize_tables()
1579 if (tc == NULL || tc->ta->change_ti == NULL) in ipfw_resize_tables()
1582 tc->ta->change_ti(tc->astate, ti); in ipfw_resize_tables()
1626 *kidx = tc->no.kidx; in ipfw_ref_table()
1642 no->refcnt--; in ipfw_unref_table()
1659 return (ti->lookup(ti, paddr, plen, val)); in ipfw_lookup_table()
1668 * High-level 'get' cmds sysctl handlers
1673 * Data layout (v0)(current):
1689 if (sd->valsize < olh->size) in list_tables()
1701 * Data layout (v0)(current):
1737 * Data layout (v0)(current):
1753 if (sd->valsize != sizeof(*oh) + sizeof(ipfw_xtable_info)) in modify_table()
1756 oh = (struct _ipfw_obj_header *)sd->kbuf; in modify_table()
1760 * Verify user-supplied strings. in modify_table()
1761 * Check for null-terminated/zero-length strings/ in modify_table()
1763 tname = oh->ntlv.name; in modify_table()
1768 ti.type = i->type; in modify_table()
1778 if ((tc->ta->flags & TA_FLAG_READONLY) != 0) { in modify_table()
1783 if ((i->mflags & IPFW_TMFLAGS_LIMIT) != 0) in modify_table()
1784 tc->limit = i->limit; in modify_table()
1785 if ((i->mflags & IPFW_TMFLAGS_LOCK) != 0) in modify_table()
1786 tc->locked = ((i->flags & IPFW_TGFLAGS_LOCKED) != 0); in modify_table()
1794 * Data layout (v0)(current):
1809 if (sd->valsize != sizeof(*oh) + sizeof(ipfw_xtable_info)) in create_table()
1812 oh = (struct _ipfw_obj_header *)sd->kbuf; in create_table()
1816 * Verify user-supplied strings. in create_table()
1817 * Check for null-terminated/zero-length strings/ in create_table()
1819 tname = oh->ntlv.name; in create_table()
1820 aname = i->algoname; in create_table()
1822 strnlen(aname, sizeof(i->algoname)) == sizeof(i->algoname)) in create_table()
1831 ti.type = i->type; in create_table()
1849 * Stores allocated table kidx inside @pkidx (if non-NULL).
1850 * Reference created table if @compat is non-zero.
1869 tc = alloc_table_config(ch, ti, ta, aname, i->tflags); in create_table_internal()
1873 tc->vmask = i->vmask; in create_table_internal()
1874 tc->limit = i->limit; in create_table_internal()
1875 if (ta->flags & TA_FLAG_READONLY) in create_table_internal()
1876 tc->locked = 1; in create_table_internal()
1878 tc->locked = (i->flags & IPFW_TGFLAGS_LOCKED) != 0; in create_table_internal()
1890 if (compat == 0 || tc_new->no.subtype != tc->no.subtype) { in create_table_internal()
1909 tc->no.kidx = kidx; in create_table_internal()
1910 tc->no.etlv = IPFW_TLV_TBL_NAME; in create_table_internal()
1916 tc->no.refcnt++; in create_table_internal()
1918 *pkidx = tc->no.kidx; in create_table_internal()
1933 ti->set = ntlv->set; in ntlv_to_ti()
1934 ti->uidx = ntlv->idx; in ntlv_to_ti()
1935 ti->tlvs = ntlv; in ntlv_to_ti()
1936 ti->tlen = ntlv->head.length; in ntlv_to_ti()
1943 ntlv_to_ti(&oh->ntlv, ti); in objheader_to_ti()
1954 * Exports basic table info as name TLV.
1977 ntlv->head.type = IPFW_TLV_TBL_NAME; in ipfw_export_table_ntlv()
1978 ntlv->head.length = sizeof(*ntlv); in ipfw_export_table_ntlv()
1979 ntlv->idx = no->kidx; in ipfw_export_table_ntlv()
1980 strlcpy(ntlv->name, no->name, sizeof(ntlv->name)); in ipfw_export_table_ntlv()
2006 da->cnt++; in count_ext_entries()
2014 * externally-managed tables.
2025 ti = KIDX_TO_TI(ch, tc->no.kidx); in table_get_count()
2026 ta = tc->ta; in table_get_count()
2028 /* Use internal counter for self-managed tables */ in table_get_count()
2029 if ((ta->flags & TA_FLAG_READONLY) == 0) in table_get_count()
2030 return (tc->count); in table_get_count()
2033 if ((ta->flags & TA_FLAG_EXTCOUNTER) != 0) in table_get_count()
2034 return (ta->get_count(tc->astate, ti)); in table_get_count()
2038 ta->foreach(tc->astate, ti, count_ext_entries, &da); in table_get_count()
2053 i->type = tc->no.subtype; in export_table_info()
2054 i->tflags = tc->tflags; in export_table_info()
2055 i->vmask = tc->vmask; in export_table_info()
2056 i->set = tc->no.set; in export_table_info()
2057 i->kidx = tc->no.kidx; in export_table_info()
2058 i->refcnt = tc->no.refcnt; in export_table_info()
2059 i->count = table_get_count(ch, tc); in export_table_info()
2060 i->limit = tc->limit; in export_table_info()
2061 i->flags |= (tc->locked != 0) ? IPFW_TGFLAGS_LOCKED : 0; in export_table_info()
2062 i->size = i->count * sizeof(ipfw_obj_tentry); in export_table_info()
2063 i->size += sizeof(ipfw_obj_header) + sizeof(ipfw_xtable_info); in export_table_info()
2064 strlcpy(i->tablename, tc->tablename, sizeof(i->tablename)); in export_table_info()
2065 ti = KIDX_TO_TI(ch, tc->no.kidx); in export_table_info()
2066 ta = tc->ta; in export_table_info()
2067 if (ta->print_config != NULL) { in export_table_info()
2069 ta->print_config(tc->astate, ti, i->algoname, in export_table_info()
2070 sizeof(i->algoname)); in export_table_info()
2072 strlcpy(i->algoname, ta->name, sizeof(i->algoname)); in export_table_info()
2073 /* Dump algo-specific data, if possible */ in export_table_info()
2074 if (ta->dump_tinfo != NULL) { in export_table_info()
2075 ta->dump_tinfo(tc->astate, ti, &i->ta_info); in export_table_info()
2076 i->ta_info.flags |= IPFW_TATFLAGS_DATA; in export_table_info()
2094 i = (ipfw_xtable_info *)ipfw_get_sopt_space(dta->sd, sizeof(*i)); in export_table_internal()
2097 export_table_info(dta->ch, (struct table_config *)no, i); in export_table_internal()
2121 olh->count = count; in export_tables()
2122 olh->objsize = sizeof(ipfw_xtable_info); in export_tables()
2124 if (size > olh->size) { in export_tables()
2125 olh->size = size; in export_tables()
2129 olh->size = size; in export_tables()
2141 * Data layout (v1)(current):
2174 if (sd->valsize < i->size) { in dump_table_v1()
2190 da.ti = KIDX_TO_TI(ch, tc->no.kidx); in dump_table_v1()
2194 ta = tc->ta; in dump_table_v1()
2196 ta->foreach(tc->astate, da.ti, dump_table_tentry, &da); in dump_table_v1()
2204 * Data layout (version 0)(legacy):
2226 ti.uidx = xtbl->tbl; in dump_table_v0()
2236 xtbl->cnt = count; in dump_table_v0()
2237 xtbl->size = sz; in dump_table_v0()
2238 xtbl->type = tc->no.subtype; in dump_table_v0()
2239 xtbl->tbl = ti.uidx; in dump_table_v0()
2241 if (sd->valsize < sz) { in dump_table_v0()
2255 da.ti = KIDX_TO_TI(ch, tc->no.kidx); in dump_table_v0()
2259 ta = tc->ta; in dump_table_v0()
2261 ta->foreach(tc->astate, da.ti, dump_table_xentry, &da); in dump_table_v0()
2340 tc = da->tc; in dump_table_entry()
2341 ta = tc->ta; in dump_table_entry()
2344 if (da->cnt == da->size) in dump_table_entry()
2346 ent = da->ent++; in dump_table_entry()
2347 ent->tbl = da->uidx; in dump_table_entry()
2348 da->cnt++; in dump_table_entry()
2350 error = ta->dump_tentry(tc->astate, da->ti, e, &da->tent); in dump_table_entry()
2354 ent->addr = da->tent.k.addr.s_addr; in dump_table_entry()
2355 ent->masklen = da->tent.masklen; in dump_table_entry()
2356 pval = get_table_value(da->ch, da->tc, da->tent.v.kidx); in dump_table_entry()
2357 ent->value = ipfw_export_table_value_legacy(pval); in dump_table_entry()
2363 * Dumps table in pre-8.1 legacy format.
2373 tbl->cnt = 0; in ipfw_dump_table_legacy()
2378 ta = tc->ta; in ipfw_dump_table_legacy()
2381 if (tc->no.subtype != IPFW_TABLE_ADDR) in ipfw_dump_table_legacy()
2386 da.ti = KIDX_TO_TI(ch, tc->no.kidx); in ipfw_dump_table_legacy()
2388 da.ent = &tbl->ent[0]; in ipfw_dump_table_legacy()
2389 da.size = tbl->size; in ipfw_dump_table_legacy()
2391 tbl->cnt = 0; in ipfw_dump_table_legacy()
2392 ta->foreach(tc->astate, da.ti, dump_table_entry, &da); in ipfw_dump_table_legacy()
2393 tbl->cnt = da.cnt; in ipfw_dump_table_legacy()
2413 tc = da->tc; in dump_table_tentry()
2414 ta = tc->ta; in dump_table_tentry()
2416 tent = (ipfw_obj_tentry *)ipfw_get_sopt_space(da->sd, sizeof(*tent)); in dump_table_tentry()
2419 da->error = ENOMEM; in dump_table_tentry()
2422 tent->head.length = sizeof(ipfw_obj_tentry); in dump_table_tentry()
2423 tent->idx = da->uidx; in dump_table_tentry()
2425 error = ta->dump_tentry(tc->astate, da->ti, e, tent); in dump_table_tentry()
2429 pval = get_table_value(da->ch, da->tc, tent->v.kidx); in dump_table_tentry()
2430 ipfw_export_table_value_v1(pval, &tent->v.value); in dump_table_tentry()
2451 tc = da->tc; in dump_table_xentry()
2452 ta = tc->ta; in dump_table_xentry()
2454 xent = (ipfw_table_xentry *)ipfw_get_sopt_space(da->sd, sizeof(*xent)); in dump_table_xentry()
2458 xent->len = sizeof(ipfw_table_xentry); in dump_table_xentry()
2459 xent->tbl = da->uidx; in dump_table_xentry()
2461 memset(&da->tent, 0, sizeof(da->tent)); in dump_table_xentry()
2462 tent = &da->tent; in dump_table_xentry()
2463 error = ta->dump_tentry(tc->astate, da->ti, e, tent); in dump_table_xentry()
2468 xent->masklen = tent->masklen; in dump_table_xentry()
2469 pval = get_table_value(da->ch, da->tc, da->tent.v.kidx); in dump_table_xentry()
2470 xent->value = ipfw_export_table_value_legacy(pval); in dump_table_xentry()
2472 if (tc->no.subtype == IPFW_TABLE_ADDR && tent->subtype == AF_INET) { in dump_table_xentry()
2473 xent->k.addr6.s6_addr32[3] = tent->k.addr.s_addr; in dump_table_xentry()
2474 xent->flags = IPFW_TCF_INET; in dump_table_xentry()
2476 memcpy(&xent->k, &tent->k, sizeof(xent->k)); in dump_table_xentry()
2497 tc = da->tc; in prepare_table_tentry()
2498 ta = tc->ta; in prepare_table_tentry()
2500 error = ta->dump_tentry(tc->astate, da->ti, e, &da->tent); in prepare_table_tentry()
2504 da->f(&da->tent, da->farg); in prepare_table_tentry()
2527 ta = tc->ta; in ipfw_foreach_table_tentry()
2531 da.ti = KIDX_TO_TI(ch, tc->no.kidx); in ipfw_foreach_table_tentry()
2536 ta->foreach(tc->astate, da.ti, prepare_table_tentry, &da); in ipfw_foreach_table_tentry()
2556 if (ti->type > IPFW_TABLE_MAXTYPE) in find_table_algo()
2560 if (ti->atype != 0) { in find_table_algo()
2561 if (ti->atype > tcfg->algo_count) in find_table_algo()
2563 return (tcfg->algo[ti->atype]); in find_table_algo()
2568 return (tcfg->def_algo[ti->type]); in find_table_algo()
2573 for (i = 1; i <= tcfg->algo_count; i++) { in find_table_algo()
2574 ta = tcfg->algo[i]; in find_table_algo()
2584 l = strlen(ta->name); in find_table_algo()
2585 if (strncmp(name, ta->name, l) != 0) in find_table_algo()
2590 if (ti->type != 0 && ti->type != ta->type) in find_table_algo()
2615 /* Check for the required on-stack size for add/del */ in ipfw_add_table_algo()
2616 sz = roundup2(ta->ta_buf_size, sizeof(void *)); in ipfw_add_table_algo()
2620 KASSERT(ta->type <= IPFW_TABLE_MAXTYPE,("Increase IPFW_TABLE_MAXTYPE")); in ipfw_add_table_algo()
2628 KASSERT(tcfg->algo_count < 255, ("Increase algo array size")); in ipfw_add_table_algo()
2630 tcfg->algo[++tcfg->algo_count] = ta_new; in ipfw_add_table_algo()
2631 ta_new->idx = tcfg->algo_count; in ipfw_add_table_algo()
2634 if ((ta_new->flags & TA_FLAG_DEFAULT) != 0 && in ipfw_add_table_algo()
2635 tcfg->def_algo[ta_new->type] == NULL) in ipfw_add_table_algo()
2636 tcfg->def_algo[ta_new->type] = ta_new; in ipfw_add_table_algo()
2638 *idx = ta_new->idx; in ipfw_add_table_algo()
2656 KASSERT(idx <= tcfg->algo_count, ("algo idx %d out of range 1..%d", in ipfw_del_table_algo()
2657 idx, tcfg->algo_count)); in ipfw_del_table_algo()
2659 ta = tcfg->algo[idx]; in ipfw_del_table_algo()
2662 if (tcfg->def_algo[ta->type] == ta) in ipfw_del_table_algo()
2663 tcfg->def_algo[ta->type] = NULL; in ipfw_del_table_algo()
2670 * Data layout (v0)(current):
2689 if (sd->valsize < olh->size) in list_table_algo()
2694 count = tcfg->algo_count; in list_table_algo()
2698 olh->count = count; in list_table_algo()
2699 olh->objsize = sizeof(ipfw_ta_info); in list_table_algo()
2701 if (size > olh->size) { in list_table_algo()
2702 olh->size = size; in list_table_algo()
2706 olh->size = size; in list_table_algo()
2711 ta = tcfg->algo[n]; in list_table_algo()
2712 strlcpy(i->algoname, ta->name, sizeof(i->algoname)); in list_table_algo()
2713 i->type = ta->type; in list_table_algo()
2714 i->refcnt = ta->refcnt; in list_table_algo()
2726 *puidx = cmd->arg1; in classify_srcdst()
2734 * in 32bit big-endian format. in classify_srcdst()
2736 v = ((ipfw_insn_u32 *)cmd)->d[1]; in classify_srcdst()
2766 if (cmdif->name[0] != '\1') in classify_via()
2770 *puidx = cmdif->p.kidx; in classify_via()
2779 *puidx = cmd->arg1; in classify_flow()
2788 *puidx = cmd->arg1; in classify_mac_lookup()
2797 cmd->arg1 = idx; in update_arg1()
2806 cmdif->p.kidx = idx; in update_via()
2822 *pno = &tc->no; in table_findbyname()
2826 /* XXX: sets-sets! */
2838 return (&tc->no); in table_findbykidx()
2867 * Return EOPNOTSUPP for COUNT_ONE when per-set sysctl is in table_manage_sets()
2874 /* Use generic sets handler when per-set sysctl is enabled. */ in table_manage_sets()
2897 * accessible from all sets when per-set tables sysctl in table_manage_sets_all()
2907 /* Use generic sets handler when per-set sysctl is enabled. */ in table_manage_sets_all()
3001 if (no->set != 0) in test_sets_cb()
3046 for (i = 0; i < ch->n_rules; i++) { in ipfw_switch_tables_namespace()
3047 rule = ch->map[i]; in ipfw_switch_tables_namespace()
3049 l = rule->cmd_len; in ipfw_switch_tables_namespace()
3050 cmd = rule->cmd; in ipfw_switch_tables_namespace()
3052 for ( ; l > 0 ; l -= cmdlen, cmd += cmdlen) { in ipfw_switch_tables_namespace()
3057 if (rw->opcode != cmd->opcode) in ipfw_switch_tables_namespace()
3059 if (rw->classifier(cmd, &kidx, &subtype) == 0) in ipfw_switch_tables_namespace()
3066 if (no->set != 0 || rule->set != 0) { in ipfw_switch_tables_namespace()
3110 if (ti->tlvs != NULL) { in find_table_err()
3111 ntlv = ipfw_find_name_tlv_type(ti->tlvs, ti->tlen, ti->uidx, in find_table_err()
3115 name = ntlv->name; in find_table_err()
3122 set = (V_fw_tables_sets != 0) ? ti->set : 0; in find_table_err()
3124 snprintf(bname, sizeof(bname), "%d", ti->uidx); in find_table_err()
3169 if (ti->tlvs != NULL) { in alloc_table_config()
3170 ntlv = ipfw_find_name_tlv_type(ti->tlvs, ti->tlen, ti->uidx, in alloc_table_config()
3174 name = ntlv->name; in alloc_table_config()
3175 set = (V_fw_tables_sets == 0) ? 0 : ntlv->set; in alloc_table_config()
3178 snprintf(bname, sizeof(bname), "%d", ti->uidx); in alloc_table_config()
3184 tc->no.name = tc->tablename; in alloc_table_config()
3185 tc->no.subtype = ta->type; in alloc_table_config()
3186 tc->no.set = set; in alloc_table_config()
3187 tc->tflags = tflags; in alloc_table_config()
3188 tc->ta = ta; in alloc_table_config()
3189 strlcpy(tc->tablename, name, sizeof(tc->tablename)); in alloc_table_config()
3191 tc->vshared = 1; in alloc_table_config()
3194 error = ta->init(ch, &tc->astate, &tc->ti_copy, aname, tflags); in alloc_table_config()
3210 KASSERT(tc->linked == 0, ("free() on linked config")); in free_table_config()
3217 tc->ta->destroy(tc->astate, &tc->ti_copy); in free_table_config()
3235 kidx = tc->no.kidx; in link_table()
3237 ipfw_objhash_add(ni, &tc->no); in link_table()
3240 *ti = tc->ti_copy; in link_table()
3243 if (tc->ta->change_ti != NULL) in link_table()
3244 tc->ta->change_ti(tc->astate, ti); in link_table()
3246 tc->linked = 1; in link_table()
3247 tc->ta->refcnt++; in link_table()
3265 kidx = tc->no.kidx; in unlink_table()
3268 ipfw_objhash_del(ni, &tc->no); in unlink_table()
3271 tc->linked = 0; in unlink_table()
3272 tc->ta->refcnt--; in unlink_table()
3275 if (tc->ta->change_ti != NULL) in unlink_table()
3276 tc->ta->change_ti(tc->astate, NULL); in unlink_table()
3304 if (ipfw_objhash_free_idx(ni, no->kidx) != 0) in destroy_table_locked()
3306 no->kidx, no->name); in destroy_table_locked()
3329 free(ch->tablestate, M_IPFW); in ipfw_destroy_tables()
3347 ch->tablestate = malloc(V_fw_tables_max * sizeof(struct table_info), in ipfw_init_tables()
3351 tcfg->namehash = ipfw_objhash_create(V_fw_tables_max); in ipfw_init_tables()
3352 ch->tblcfg = tcfg; in ipfw_init_tables()