 @@ -23,55 +23,59 @@
  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  */
 /*
  * NPF main: dynamic load/initialisation and unload routines.
  */
 #ifdef _KERNEL
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: npf.c,v 1.43 2020/05/30 14:16:56 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf.c,v 1.44 2020/08/27 18:50:25 riastradh Exp $");
 #include <sys/param.h>
 #include <sys/types.h>
 #include <sys/conf.h>
 #include <sys/kmem.h>
 #include <sys/percpu.h>
 #include <sys/xcall.h>
 #endif
 #include "npf_impl.h"
 #include "npf_conn.h"
 static __read_mostly npf_t *	npf_kernel_ctx = NULL;
 __dso_public int
 npfk_sysinit(unsigned nworkers)
+{
 	npf_bpf_sysinit();
 	npf_tableset_sysinit();
 	npf_nat_sysinit();
 	npf_portmap_sysinit();
 	return npf_worker_sysinit(nworkers);
+}
 __dso_public void
 npfk_sysfini(void)
+{
 	npf_worker_sysfini();
 	npf_portmap_sysfini();
 	npf_nat_sysfini();
 	npf_tableset_sysfini();
 	npf_bpf_sysfini();
+}
 __dso_public npf_t *
 npfk_create(int flags, const npf_mbufops_t *mbufops,
     const npf_ifops_t *ifops, void *arg)
+{
 	npf_t *npf;
 	npf = kmem_zalloc(sizeof(npf_t), KM_SLEEP);
 	npf->ebr = npf_ebr_create();

 @@ -462,26 +462,29 @@ void		npf_state_sysinit(npf_t *);
 void		npf_state_sysfini(npf_t *);
 bool		npf_state_init(npf_cache_t *, npf_state_t *);
 bool		npf_state_inspect(npf_cache_t *, npf_state_t *, npf_flow_t);
 int		npf_state_etime(npf_t *, const npf_state_t *, const int);
 void		npf_state_destroy(npf_state_t *);
 void		npf_state_tcp_sysinit(npf_t *);
 void		npf_state_tcp_sysfini(npf_t *);
 bool		npf_state_tcp(npf_cache_t *, npf_state_t *, npf_flow_t);
 int		npf_state_tcp_timeout(npf_t *, const npf_state_t *);
 /* Portmap. */
 void		npf_portmap_sysinit(void);
 void		npf_portmap_sysfini(void);
 void		npf_portmap_init(npf_t *);
 void		npf_portmap_fini(npf_t *);
 npf_portmap_t *	npf_portmap_create(int, int);
 void		npf_portmap_destroy(npf_portmap_t *);
 in_port_t	npf_portmap_get(npf_portmap_t *, int, const npf_addr_t *);
 bool		npf_portmap_take(npf_portmap_t *, int, const npf_addr_t *, in_port_t);
 void		npf_portmap_put(npf_portmap_t *, int, const npf_addr_t *, in_port_t);
 void		npf_portmap_flush(npf_portmap_t *);
 /* NAT. */
 void		npf_nat_sysinit(void);

 @@ -25,27 +25,27 @@
  */
 /*
  * NPF port map mechanism.
+ *
  *	The port map is a bitmap used to track TCP/UDP ports used for
  *	translation.  Port maps are per IP addresses, therefore multiple
  *	NAT policies operating on the same IP address will share the
  *	same port map.
  */
 #ifdef _KERNEL
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: npf_portmap.c,v 1.5 2020/05/30 14:16:56 rmind Exp $");
+__KERNEL_RCSID(0, "$NetBSD: npf_portmap.c,v 1.6 2020/08/27 18:50:25 riastradh Exp $");
 #include <sys/param.h>
 #include <sys/types.h>
 #include <sys/atomic.h>
 #include <sys/bitops.h>
 #include <sys/kmem.h>
 #include <sys/mutex.h>
 #include <sys/cprng.h>
 #include <sys/thmap.h>
 #endif
 #include "npf_impl.h"
 @@ -99,54 +99,70 @@ typedef struct bitmap {
 #define	NPF_PORTMAP_MAXPORT	65535
 struct npf_portmap {
 	thmap_t	*		addr_map;
 	LIST_HEAD(, bitmap)	bitmap_list;
 	kmutex_t		list_lock;
 	int			min_port;
 	int			max_port;
 };
 static kmutex_t			portmap_lock;
 void
 npf_portmap_sysinit(void)
+{
 	mutex_init(&portmap_lock, MUTEX_DEFAULT, IPL_SOFTNET);
 	__insn_barrier();
+}
 void
 npf_portmap_sysfini(void)
+{
 	mutex_destroy(&portmap_lock);
 	__insn_barrier();
+}
 void
 npf_portmap_init(npf_t *npf)
+{
 	npf_portmap_t *pm = npf_portmap_create(
 	    NPF_PORTMAP_MINPORT, NPF_PORTMAP_MAXPORT);
 	npf_param_t param_map[] = {
+		{
 			"portmap.min_port",
 			&pm->min_port,
 			.default_val = NPF_PORTMAP_MINPORT,
 			.min = 1024, .max = 65535
 		},
+		{
 			"portmap.max_port",
 			&pm->max_port,
 			.default_val = 49151, // RFC 6335
 			.min = 1024, .max = 65535
+		}
 	};
 	npf_param_register(npf, param_map, __arraycount(param_map));
 	mutex_init(&portmap_lock, MUTEX_DEFAULT, IPL_SOFTNET);
 	npf->portmap = pm;
+}
 void
 npf_portmap_fini(npf_t *npf)
+{
 	npf_portmap_destroy(npf->portmap);
 	mutex_destroy(&portmap_lock);
 	npf->portmap = NULL; // diagnostic
+}
 npf_portmap_t *
 npf_portmap_create(int min_port, int max_port)
+{
 	npf_portmap_t *pm;
 	pm = kmem_zalloc(sizeof(npf_portmap_t), KM_SLEEP);
 	mutex_init(&pm->list_lock, MUTEX_DEFAULT, IPL_SOFTNET);
 	pm->addr_map = thmap_create(0, NULL, THMAP_NOCOPY);
 	pm->min_port = min_port;
 	pm->max_port = max_port;

 @@ -61,46 +61,45 @@ void
 npf_test_init(int (*pton_func)(int, const char *, void *),
     const char *(*ntop_func)(int, const void *, char *, socklen_t),
     long (*rndfunc)(void))
+{
 	npf_t *npf;
 #ifdef __NetBSD__
 	// XXX: Workaround for npf_init()
 	if ((npf = npf_getkernctx()) != NULL) {
 		npf_worker_discharge(npf);
 		npf_worker_sysfini();
+	}
 #endif
 	npfk_sysinit(0);
 	npf = npfk_create(0, &npftest_mbufops, &npftest_ifops, NULL);
 	npfk_thread_register(npf);
 	npf_setkernctx(npf);
 	npf_state_setsampler(npf_state_sample);
 	_pton_func = pton_func;
 	_ntop_func = ntop_func;
 	_random_func = rndfunc;
 	(void)npf_test_addif(IFNAME_DUMMY, false, false);
+}
 void
 npf_test_fini(void)
+{
 	npf_t *npf = npf_getkernctx();
 	npfk_thread_unregister(npf);
 	npfk_destroy(npf);
 	npfk_sysfini();
+}
 int
 npf_test_load(const void *buf, size_t len, bool verbose)
+{
 	nvlist_t *npf_dict;
 	npf_error_t error;
 	int ret;
 	npf_dict = nvlist_unpack(buf, len, 0);
 	if (!npf_dict) {
 		printf("%s: could not unpack the nvlist\n", __func__);
 		return EINVAL;