make /dev/pf a clonable device.

this provides a 1:1 relationship of pfopen() calls to pfclose()
calls. in turn, this makes it a lot easier to track stuff allocated
by a process and then clean it up if that process goes away
unexpectedly. the unique dev_t provided by the cloning machinery
gives us a good identifier to track this state with too.

discussed with h2k22
ok sashan@
deraadt@ agrees this is a good time to put this in

diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c
index b540afc..ef4f18e 100644 (file)
--- a/sys/net/pf_ioctl.c
+++ b/sys/net/pf_ioctl.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: pf_ioctl.c,v 1.385 2022/08/06 15:57:58 bluhm Exp $ */
+/*     $OpenBSD: pf_ioctl.c,v 1.386 2022/11/06 13:03:52 dlg Exp $ */
 
 /*
  * Copyright (c) 2001 Daniel Hartmeier
@@ -54,6 +54,7 @@
 #include <sys/proc.h>
 #include <sys/rwlock.h>
 #include <sys/syslog.h>
+#include <sys/specdev.h>
 #include <uvm/uvm_extern.h>
 
 #include <crypto/md5.h>
@@ -265,16 +266,17 @@ pfattach(int num)
 int
 pfopen(dev_t dev, int flags, int fmt, struct proc *p)
 {
-       if (minor(dev) >= 1)
+       int unit = minor(dev);
+
+       if (unit & ((1 << CLONE_SHIFT) - 1))
                return (ENXIO);
+
        return (0);
 }
 
 int
 pfclose(dev_t dev, int flags, int fmt, struct proc *p)
 {
-       if (minor(dev) >= 1)
-               return (ENXIO);
        return (0);
 }
 

diff --git a/sys/sys/conf.h b/sys/sys/conf.h
index 73b7b14..e651732 100644 (file)
--- a/sys/sys/conf.h
+++ b/sys/sys/conf.h
@@ -1,4 +1,4 @@
-/*     $OpenBSD: conf.h,v 1.159 2022/09/02 20:06:56 miod Exp $ */
+/*     $OpenBSD: conf.h,v 1.160 2022/11/06 13:03:52 dlg Exp $  */
 /*     $NetBSD: conf.h,v 1.33 1996/05/03 20:03:32 christos Exp $       */
 
 /*-
@@ -358,7 +358,7 @@ extern struct cdevsw cdevsw[];
        dev_init(c,n,open), dev_init(c,n,close), (dev_type_read((*))) enodev, \
        (dev_type_write((*))) enodev, dev_init(c,n,ioctl), \
        (dev_type_stop((*))) enodev, 0, \
-       (dev_type_mmap((*))) enodev }
+       (dev_type_mmap((*))) enodev, 0, D_CLONE }
 
 /* open, close, read, write, ioctl, kqfilter */
 #define        cdev_usbdev_init(c,n) { \