Define a module version for accept filter modules.

Otherwise accept filters compiled into the kernel do not preempt
preloaded accept filter modules.  Then, the preloaded file registers its
accept filter module before the kernel, and the kernel's attempt fails
since duplicate accept filter list entries are not permitted.  This
causes the preloaded file's module to be released, since
module_register_init() does a lookup by name, so the preloaded file is
unloaded, and the accept filter's callback points to random memory since
preload_delete_name() unmaps the file on x86 as of r336505.

Add a new ACCEPT_FILTER_DEFINE macro which wraps the accept filter and
module definitions, and ensures that a module version is defined.

PR:		245870
Reported by:	Thomas von Dein <freebsd@daemon.de>
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation

sys/netinet/accf_data.c

@@ -42,20 +42,7 @@ __FBSDID("$FreeBSD$");
 
 static int	sohasdata(struct socket *so, void *arg, int waitflag);
 
-static struct accept_filter accf_data_filter = {
-	"dataready",
-	sohasdata,
-	NULL,
-	NULL
-};
-
-static moduledata_t accf_data_mod = {
-	"accf_data",
-	accept_filt_generic_mod_event,
-	&accf_data_filter
-};
-
-DECLARE_MODULE(accf_data, accf_data_mod, SI_SUB_DRIVERS, SI_ORDER_MIDDLE);
+ACCEPT_FILTER_DEFINE(accf_data, "dataready", sohasdata, NULL, NULL, 1);
 
 static int
 sohasdata(struct socket *so, void *arg, int waitflag)

sys/netinet/accf_dns.c

@@ -41,6 +41,8 @@
 /* check for full DNS request */
 static int sohasdns(struct socket *so, void *arg, int waitflag);
 
+ACCEPT_FILTER_DEFINE(accf_dns, "dnsready", sohasdns, NULL, NULL, 1);
+
 struct packet {
 	struct mbuf *m;		/* Current mbuf. */
 	struct mbuf *n;		/* nextpkt mbuf. */
@@ -56,21 +58,6 @@ struct packet {
 /* check we can skip over various parts of DNS request */
 static int skippacket(struct sockbuf *sb);
 
-static struct accept_filter accf_dns_filter = {
-	"dnsready",
-	sohasdns,
-	NULL,
-	NULL
-};
-
-static moduledata_t accf_dns_mod = {
-	"accf_dns",
-	accept_filt_generic_mod_event,
-	&accf_dns_filter
-};
-
-DECLARE_MODULE(accf_dns, accf_dns_mod, SI_SUB_DRIVERS, SI_ORDER_MIDDLE);
-
 static int
 sohasdns(struct socket *so, void *arg, int waitflag)
 {

sys/netinet/accf_http.c

@@ -54,20 +54,7 @@ static int mbufstrncmp(struct mbuf *m, struct mbuf *npkt, int offset,
 /* socketbuffer is full */
 static int sbfull(struct sockbuf *sb);
 
-static struct accept_filter accf_http_filter = {
-	"httpready",
-	sohashttpget,
-	NULL,
-	NULL
-};
-
-static moduledata_t accf_http_mod = {
-	"accf_http",
-	accept_filt_generic_mod_event,
-	&accf_http_filter
-};
-
-DECLARE_MODULE(accf_http, accf_http_mod, SI_SUB_DRIVERS, SI_ORDER_MIDDLE);
+ACCEPT_FILTER_DEFINE(accf_http, "httpready", sohashttpget, NULL, NULL, 1);
 
 static int parse_http_version = 1;
 
@@ -75,8 +62,8 @@ static SYSCTL_NODE(_net_inet_accf, OID_AUTO, http,
     CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
     "HTTP accept filter");
 SYSCTL_INT(_net_inet_accf_http, OID_AUTO, parsehttpversion, CTLFLAG_RW,
-&parse_http_version, 1,
-"Parse http version so that non 1.x requests work");
+    &parse_http_version, 1,
+    "Parse http version so that non 1.x requests work");
 
 #ifdef ACCF_HTTP_DEBUG
 #define DPRINT(fmt, args...)						\

sys/sys/socketvar.h

@@ -335,6 +335,22 @@ struct accept_filter {
 	SLIST_ENTRY(accept_filter) accf_next;
 };
 
+#define	ACCEPT_FILTER_DEFINE(modname, filtname, cb, create, destroy, ver) \
+	static struct accept_filter modname##_filter = {		\
+		.accf_name = filtname,					\
+		.accf_callback = cb,					\
+		.accf_create = create,					\
+		.accf_destroy = destroy,				\
+	};								\
+	static moduledata_t modname##_mod = {				\
+		.name = __XSTRING(modname),				\
+		.evhand = accept_filt_generic_mod_event,		\
+		.priv = &modname##_filter,				\
+	};								\
+	DECLARE_MODULE(modname, modname##_mod, SI_SUB_DRIVERS,		\
+	    SI_ORDER_MIDDLE);						\
+	MODULE_VERSION(modname, 1)
+
 #ifdef MALLOC_DECLARE
 MALLOC_DECLARE(M_ACCF);
 MALLOC_DECLARE(M_PCB);