net: add pfil_mbuf_{in,out}
This shaves a lot of branching due to MEMPTR flag. Reviewed by: glebius Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D36454
This commit is contained in:
parent
cb6abe87cf
commit
0b70e3e78b
@ -198,6 +198,42 @@ pfil_run_hooks(struct pfil_head *head, pfil_packet_t p, struct ifnet *ifp,
|
||||
return (rv);
|
||||
}
|
||||
|
||||
static __always_inline int
|
||||
pfil_mbuf_common(pfil_chain_t *pch, pfil_packet_t p, struct ifnet *ifp,
|
||||
int flags, struct inpcb *inp)
|
||||
{
|
||||
struct pfil_link *link;
|
||||
pfil_return_t rv;
|
||||
|
||||
NET_EPOCH_ASSERT();
|
||||
KASSERT(flags == PFIL_IN || flags == PFIL_OUT,
|
||||
("%s: unsupported flags %d", __func__, flags));
|
||||
|
||||
rv = PFIL_PASS;
|
||||
CK_STAILQ_FOREACH(link, pch, link_chain) {
|
||||
rv = (*link->link_func)(p, ifp, flags, link->link_ruleset, inp);
|
||||
if (rv == PFIL_DROPPED || rv == PFIL_CONSUMED)
|
||||
break;
|
||||
}
|
||||
return (rv);
|
||||
}
|
||||
|
||||
int
|
||||
pfil_mbuf_in(struct pfil_head *head, pfil_packet_t p, struct ifnet *ifp,
|
||||
struct inpcb *inp)
|
||||
{
|
||||
|
||||
return (pfil_mbuf_common(&head->head_in, p, ifp, PFIL_IN, inp));
|
||||
}
|
||||
|
||||
int
|
||||
pfil_mbuf_out(struct pfil_head *head, pfil_packet_t p, struct ifnet *ifp,
|
||||
struct inpcb *inp)
|
||||
{
|
||||
|
||||
return (pfil_mbuf_common(&head->head_out, p, ifp, PFIL_OUT, inp));
|
||||
}
|
||||
|
||||
/*
|
||||
* pfil_head_register() registers a pfil_head with the packet filter hook
|
||||
* mechanism.
|
||||
|
@ -194,6 +194,10 @@ void pfil_head_unregister(pfil_head_t);
|
||||
/* Public functions to run the packet inspection by inspection points. */
|
||||
int pfil_run_hooks(struct pfil_head *, pfil_packet_t, struct ifnet *, int,
|
||||
struct inpcb *inp);
|
||||
int pfil_mbuf_in(struct pfil_head *, pfil_packet_t, struct ifnet *,
|
||||
struct inpcb *inp);
|
||||
int pfil_mbuf_out(struct pfil_head *, pfil_packet_t, struct ifnet *,
|
||||
struct inpcb *inp);
|
||||
/*
|
||||
* Minimally exposed structure to avoid function call in case of absence
|
||||
* of any filters by protocols and macros to do the check.
|
||||
|
Loading…
Reference in New Issue
Block a user