diff options
author | bz <bz@FreeBSD.org> | 2008-10-04 15:06:34 +0000 |
---|---|---|
committer | bz <bz@FreeBSD.org> | 2008-10-04 15:06:34 +0000 |
commit | 77f80e067299bffd274515d2db4724fd7d914bec (patch) | |
tree | 798bd6e57445e0123df29550d1712a406a9067ef /sys/netinet/ip_fw2.c | |
parent | 848f285a655e18bcbd21886fa35dbab3286b54e4 (diff) | |
download | FreeBSD-src-77f80e067299bffd274515d2db4724fd7d914bec.zip FreeBSD-src-77f80e067299bffd274515d2db4724fd7d914bec.tar.gz |
Cache so_cred as inp_cred in the inpcb.
This means that inp_cred is always there, even after the socket
has gone away. It also means that it is constant for the lifetime
of the inp.
Both facts lead to simpler code and possibly less locking.
Suggested by: rwatson
Reviewed by: rwatson
MFC after: 6 weeks
X-MFC Note: use a inp_pspare for inp_cred
Diffstat (limited to 'sys/netinet/ip_fw2.c')
-rw-r--r-- | sys/netinet/ip_fw2.c | 22 |
1 files changed, 7 insertions, 15 deletions
diff --git a/sys/netinet/ip_fw2.c b/sys/netinet/ip_fw2.c index 861f9e9..ab4fbb6 100644 --- a/sys/netinet/ip_fw2.c +++ b/sys/netinet/ip_fw2.c @@ -1977,15 +1977,11 @@ fill_ugid_cache(struct inpcb *inp, struct ip_fw_ugid *ugp) { struct ucred *cr; - if (inp->inp_socket != NULL) { - cr = inp->inp_socket->so_cred; - ugp->fw_prid = jailed(cr) ? - cr->cr_prison->pr_id : -1; - ugp->fw_uid = cr->cr_uid; - ugp->fw_ngroups = cr->cr_ngroups; - bcopy(cr->cr_groups, ugp->fw_groups, - sizeof(ugp->fw_groups)); - } + cr = inp->inp_cred; + ugp->fw_prid = jailed(cr) ? cr->cr_prison->pr_id : -1; + ugp->fw_uid = cr->cr_uid; + ugp->fw_ngroups = cr->cr_ngroups; + bcopy(cr->cr_groups, ugp->fw_groups, sizeof(ugp->fw_groups)); } static int @@ -2042,12 +2038,8 @@ check_uidgid(ipfw_insn_u32 *insn, int proto, struct ifnet *oif, dst_ip, htons(dst_port), wildcard, NULL); if (pcb != NULL) { - INP_RLOCK(pcb); - if (pcb->inp_socket != NULL) { - fill_ugid_cache(pcb, ugp); - *ugid_lookupp = 1; - } - INP_RUNLOCK(pcb); + fill_ugid_cache(pcb, ugp); + *ugid_lookupp = 1; } INP_INFO_RUNLOCK(pi); if (*ugid_lookupp == 0) { |