Instead of copying a table structure so we can mask off a bit before

"validating" it, pass the bits to be ignored down to the validating
function in its allowedflags argument.  Saves a 1kB+ stack allocation.

ok henning@

4 files changed, 12 insertions, 13 deletions

diff --git a/sys/net/pf_if.c b/sys/net/pf_if.c
index 01201b4b705..8850cd2b9d7 100644
--- a/sys/net/pf_if.c
+++ b/sys/net/pf_if.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pf_if.c,v 1.40 2005/07/20 17:06:30 henning Exp $ */
+/*	$OpenBSD: pf_if.c,v 1.41 2005/08/02 12:40:42 pascoe Exp $ */
 
 /*
  * Copyright 2005 Henning Brauer <henning@openbsd.org>
@@ -434,7 +434,6 @@ void
 pfi_table_update(struct pfr_ktable *kt, struct pfi_kif *kif, int net, int flags)
 {
 	int			 e, size2 = 0;
-	struct pfr_table	 t;
 	struct ifg_member	*ifgm;
 
 	pfi_buffer_cnt = 0;
@@ -445,10 +444,8 @@ pfi_table_update(struct pfr_ktable *kt, struct pfi_kif *kif, int net, int flags)
 		TAILQ_FOREACH(ifgm, &kif->pfik_group->ifg_members, ifgm_next)
 			pfi_instance_add(ifgm->ifgm_ifp, net, flags);
 
-	t = kt->pfrkt_t;
-	t.pfrt_flags = 0;
-	if ((e = pfr_set_addrs(&t, pfi_buffer, pfi_buffer_cnt, &size2,
-	    NULL, NULL, NULL, 0)))
+	if ((e = pfr_set_addrs(&kt->pfrkt_t, pfi_buffer, pfi_buffer_cnt, &size2,
+	    NULL, NULL, NULL, 0, PFR_TFLAG_ALLMASK)))
 		printf("pfi_table_update: cannot set %d new addresses "
 		    "into table %s: %d\n", pfi_buffer_cnt, kt->pfrkt_name, e);
 }
diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c
index a2c0657a03a..667ccf2a56b 100644
--- a/sys/net/pf_ioctl.c
+++ b/sys/net/pf_ioctl.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pf_ioctl.c,v 1.149 2005/08/01 05:39:27 pascoe Exp $ */
+/*	$OpenBSD: pf_ioctl.c,v 1.150 2005/08/02 12:40:42 pascoe Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -2563,7 +2563,7 @@ pfioctl(dev_t dev, u_long cmd, caddr_t addr, int flags, struct proc *p)
 		error = pfr_set_addrs(&io->pfrio_table, io->pfrio_buffer,
 		    io->pfrio_size, &io->pfrio_size2, &io->pfrio_nadd,
 		    &io->pfrio_ndel, &io->pfrio_nchange, io->pfrio_flags |
-		    PFR_FLAG_USERIOCTL);
+		    PFR_FLAG_USERIOCTL, 0);
 		break;
 	}
 
diff --git a/sys/net/pf_table.c b/sys/net/pf_table.c
index ce3c0c74f9c..ca6eb2aef55 100644
--- a/sys/net/pf_table.c
+++ b/sys/net/pf_table.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pf_table.c,v 1.66 2005/06/06 09:01:55 dhartmei Exp $	*/
+/*	$OpenBSD: pf_table.c,v 1.67 2005/08/02 12:40:42 pascoe Exp $	*/
 
 /*
  * Copyright (c) 2002 Cedric Berger
@@ -404,7 +404,8 @@ _bad:
 
 int
 pfr_set_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size,
-    int *size2, int *nadd, int *ndel, int *nchange, int flags)
+    int *size2, int *nadd, int *ndel, int *nchange, int flags,
+    u_int32_t ignore_pfrt_flags)
 {
 	struct pfr_ktable	*kt, *tmpkt;
 	struct pfr_kentryworkq	 addq, delq, changeq;
@@ -414,7 +415,8 @@ pfr_set_addrs(struct pfr_table *tbl, struct pfr_addr *addr, int size,
 	long			 tzero = time_second;
 
 	ACCEPT_FLAGS(PFR_FLAG_ATOMIC+PFR_FLAG_DUMMY+PFR_FLAG_FEEDBACK);
-	if (pfr_validate_table(tbl, 0, flags & PFR_FLAG_USERIOCTL))
+	if (pfr_validate_table(tbl, ignore_pfrt_flags, flags &
+	    PFR_FLAG_USERIOCTL))
 		return (EINVAL);
 	kt = pfr_lookup_table(tbl);
 	if (kt == NULL || !(kt->pfrkt_flags & PFR_TFLAG_ACTIVE))
diff --git a/sys/net/pfvar.h b/sys/net/pfvar.h
index a2690328df5..0ed3b1ae83d 100644
--- a/sys/net/pfvar.h
+++ b/sys/net/pfvar.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pfvar.h,v 1.226 2005/07/31 05:20:57 pascoe Exp $ */
+/*	$OpenBSD: pfvar.h,v 1.227 2005/08/02 12:40:42 pascoe Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -1501,7 +1501,7 @@ int	pfr_add_addrs(struct pfr_table *, struct pfr_addr *, int, int *,
 int	pfr_del_addrs(struct pfr_table *, struct pfr_addr *, int, int *,
 	    int);
 int	pfr_set_addrs(struct pfr_table *, struct pfr_addr *, int, int *,
-	    int *, int *, int *, int);
+	    int *, int *, int *, int, u_int32_t);
 int	pfr_get_addrs(struct pfr_table *, struct pfr_addr *, int *, int);
 int	pfr_get_astats(struct pfr_table *, struct pfr_astats *, int *, int);
 int	pfr_clr_astats(struct pfr_table *, struct pfr_addr *, int, int *,