diff --git a/sys/netinet/dccp.h b/sys/netinet/dccp.h index 4fb6a0d2ab3e..da83a1b06861 100644 --- a/sys/netinet/dccp.h +++ b/sys/netinet/dccp.h @@ -1,76 +1,76 @@ /*- * SPDX-License-Identifier: BSD-2-Clause * * Copyright (c) 2019 Tom Jones * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef _NETINET_DCCP_H_ #define _NETINET_DCCP_H_ /* DCCP protocol header as per RFC4340 */ struct dccphdr { uint16_t d_sport; uint16_t d_dport; uint8_t d_doff; #if BYTE_ORDER == LITTLE_ENDIAN uint8_t d_cscov:4, d_ccval:4; #endif #if BYTE_ORDER == BIG_ENDIAN uint8_t d_ccval:4, d_cscov:4; #endif uint8_t d_cksum[2]; #if BYTE_ORDER == LITTLE_ENDIAN uint8_t d_res:3, d_type:4, d_x:1; #endif #if BYTE_ORDER == BIG_ENDIAN uint8_t d_x:1, d_type:4, d_res:3; #endif /* * Provide enough space for both the short (24 bit) sequence number and * the long (48 bit) sequene number and a leading reserved byte in * front of the long sequence number. */ union dccp_seqno { uint8_t shortseq[3]; struct dccp_long_seqno { uint8_t res; uint8_t seq[6]; } longseq; } d_seqno; -}; +} __packed; #define d_seqno_short d_seqno.shortseq; #define d_seqno_long d_seqno.longseq.seq; #define DCCP_SHORTHDR 12 #define DCCP_LONGHDR 16 #define DCCP_EXTHDR 0x80 #endif /* _NETINET_DCCP_H */ diff --git a/sys/netinet/ip.h b/sys/netinet/ip.h index 44db466912d0..6de41a7e79fa 100644 --- a/sys/netinet/ip.h +++ b/sys/netinet/ip.h @@ -1,226 +1,226 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1982, 1986, 1993 * The Regents of the University of California. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef _NETINET_IP_H_ #define _NETINET_IP_H_ #include #include /* * Definitions for internet protocol version 4. * * Per RFC 791, September 1981. */ #define IPVERSION 4 /* * Structure of an internet header, naked of options. */ struct ip { #if BYTE_ORDER == LITTLE_ENDIAN u_char ip_hl:4, /* header length */ ip_v:4; /* version */ #endif #if BYTE_ORDER == BIG_ENDIAN u_char ip_v:4, /* version */ ip_hl:4; /* header length */ #endif u_char ip_tos; /* type of service */ u_short ip_len; /* total length */ u_short ip_id; /* identification */ u_short ip_off; /* fragment offset field */ #define IP_RF 0x8000 /* reserved fragment flag */ #define IP_DF 0x4000 /* dont fragment flag */ #define IP_MF 0x2000 /* more fragments flag */ #define IP_OFFMASK 0x1fff /* mask for fragmenting bits */ u_char ip_ttl; /* time to live */ u_char ip_p; /* protocol */ u_short ip_sum; /* checksum */ struct in_addr ip_src,ip_dst; /* source and dest address */ -} __packed __aligned(2); +} __packed; #define IP_MAXPACKET 65535 /* maximum packet size */ /* * Definitions for IP type of service (ip_tos). */ #define IPTOS_LOWDELAY 0x10 #define IPTOS_THROUGHPUT 0x08 #define IPTOS_RELIABILITY 0x04 #define IPTOS_MINCOST IPTOS_DSCP_CS0 /* * Definitions for IP precedence (also in ip_tos) (deprecated). */ #define IPTOS_PREC_NETCONTROL IPTOS_DSCP_CS7 #define IPTOS_PREC_INTERNETCONTROL IPTOS_DSCP_CS6 #define IPTOS_PREC_CRITIC_ECP IPTOS_DSCP_CS5 #define IPTOS_PREC_FLASHOVERRIDE IPTOS_DSCP_CS4 #define IPTOS_PREC_FLASH IPTOS_DSCP_CS3 #define IPTOS_PREC_IMMEDIATE IPTOS_DSCP_CS2 #define IPTOS_PREC_PRIORITY IPTOS_DSCP_CS1 #define IPTOS_PREC_ROUTINE IPTOS_DSCP_CS0 /* * Offset of Diffserv decimal value to convert it to tos value . */ #define IPTOS_DSCP_OFFSET 2 /* * Definitions for DiffServ Codepoints as per RFC2474 and RFC5865. */ #define IPTOS_DSCP_CS0 0x00 #define IPTOS_DSCP_CS1 0x20 #define IPTOS_DSCP_AF11 0x28 #define IPTOS_DSCP_AF12 0x30 #define IPTOS_DSCP_AF13 0x38 #define IPTOS_DSCP_CS2 0x40 #define IPTOS_DSCP_AF21 0x48 #define IPTOS_DSCP_AF22 0x50 #define IPTOS_DSCP_AF23 0x58 #define IPTOS_DSCP_CS3 0x60 #define IPTOS_DSCP_AF31 0x68 #define IPTOS_DSCP_AF32 0x70 #define IPTOS_DSCP_AF33 0x78 #define IPTOS_DSCP_CS4 0x80 #define IPTOS_DSCP_AF41 0x88 #define IPTOS_DSCP_AF42 0x90 #define IPTOS_DSCP_AF43 0x98 #define IPTOS_DSCP_CS5 0xa0 #define IPTOS_DSCP_VA 0xb0 #define IPTOS_DSCP_EF 0xb8 #define IPTOS_DSCP_CS6 0xc0 #define IPTOS_DSCP_CS7 0xe0 /* * ECN (Explicit Congestion Notification) codepoints in RFC3168 mapped to the * lower 2 bits of the TOS field. */ #define IPTOS_ECN_NOTECT 0x00 /* not-ECT */ #define IPTOS_ECN_ECT1 0x01 /* ECN-capable transport (1) */ #define IPTOS_ECN_ECT0 0x02 /* ECN-capable transport (0) */ #define IPTOS_ECN_CE 0x03 /* congestion experienced */ #define IPTOS_ECN_MASK 0x03 /* ECN field mask */ /* * Definitions for options. */ #define IPOPT_COPIED(o) ((o)&0x80) #define IPOPT_CLASS(o) ((o)&0x60) #define IPOPT_NUMBER(o) ((o)&0x1f) #define IPOPT_CONTROL 0x00 #define IPOPT_RESERVED1 0x20 #define IPOPT_DEBMEAS 0x40 #define IPOPT_RESERVED2 0x60 #define IPOPT_EOL 0 /* end of option list */ #define IPOPT_NOP 1 /* no operation */ #define IPOPT_RR 7 /* record packet route */ #define IPOPT_TS 68 /* timestamp */ #define IPOPT_SECURITY 130 /* provide s,c,h,tcc */ #define IPOPT_LSRR 131 /* loose source route */ #define IPOPT_ESO 133 /* extended security */ #define IPOPT_CIPSO 134 /* commercial security */ #define IPOPT_SATID 136 /* satnet id */ #define IPOPT_SSRR 137 /* strict source route */ #define IPOPT_RA 148 /* router alert */ /* * Offsets to fields in options other than EOL and NOP. */ #define IPOPT_OPTVAL 0 /* option ID */ #define IPOPT_OLEN 1 /* option length */ #define IPOPT_OFFSET 2 /* offset within option */ #define IPOPT_MINOFF 4 /* min value of above */ /* * Time stamp option structure. */ struct ip_timestamp { u_char ipt_code; /* IPOPT_TS */ u_char ipt_len; /* size of structure (variable) */ u_char ipt_ptr; /* index of current entry */ #if BYTE_ORDER == LITTLE_ENDIAN u_char ipt_flg:4, /* flags, see below */ ipt_oflw:4; /* overflow counter */ #endif #if BYTE_ORDER == BIG_ENDIAN u_char ipt_oflw:4, /* overflow counter */ ipt_flg:4; /* flags, see below */ #endif union ipt_timestamp { uint32_t ipt_time[1]; /* network format */ struct ipt_ta { struct in_addr ipt_addr; uint32_t ipt_time; /* network format */ } ipt_ta[1]; } ipt_timestamp; -}; +} __packed; /* Flag bits for ipt_flg. */ #define IPOPT_TS_TSONLY 0 /* timestamps only */ #define IPOPT_TS_TSANDADDR 1 /* timestamps and addresses */ #define IPOPT_TS_PRESPEC 3 /* specified modules only */ /* Bits for security (not byte swapped). */ #define IPOPT_SECUR_UNCLASS 0x0000 #define IPOPT_SECUR_CONFID 0xf135 #define IPOPT_SECUR_EFTO 0x789a #define IPOPT_SECUR_MMMM 0xbc4d #define IPOPT_SECUR_RESTR 0xaf13 #define IPOPT_SECUR_SECRET 0xd788 #define IPOPT_SECUR_TOPSECRET 0x6bc5 /* * Internet implementation parameters. */ #define MAXTTL 255 /* maximum time to live (seconds) */ #define IPDEFTTL 64 /* default ttl, from RFC 1340 */ #define IPTTLDEC 1 /* subtracted when forwarding */ #define IP_MSS 576 /* default maximum segment size */ /* * This is the real IPv4 pseudo header, used for computing the TCP and UDP * checksums. For the Internet checksum, struct ipovly can be used instead. * For stronger checksums, the real thing must be used. */ struct ippseudo { struct in_addr ippseudo_src; /* source internet address */ struct in_addr ippseudo_dst; /* destination internet address */ u_char ippseudo_pad; /* pad, must be zero */ u_char ippseudo_p; /* protocol */ u_short ippseudo_len; /* protocol length */ }; #endif diff --git a/sys/netinet/ip_var.h b/sys/netinet/ip_var.h index 18ca5861a40e..f782ebc53eb0 100644 --- a/sys/netinet/ip_var.h +++ b/sys/netinet/ip_var.h @@ -1,358 +1,358 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1982, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef _NETINET_IP_VAR_H_ #define _NETINET_IP_VAR_H_ #include #include #include #include /* * Overlay for ip header used by other protocols (tcp, udp). */ struct ipovly { u_char ih_x1[9]; /* (unused) */ u_char ih_pr; /* protocol */ u_short ih_len; /* protocol length */ struct in_addr ih_src; /* source internet address */ struct in_addr ih_dst; /* destination internet address */ -}; +} __packed; #ifdef _KERNEL /* * Ip reassembly queue structure. Each fragment * being reassembled is attached to one of these structures. * They are timed out after net.inet.ip.fragttl seconds, and may also be * reclaimed if memory becomes tight. */ struct ipq { TAILQ_ENTRY(ipq) ipq_list; /* to other reass headers */ time_t ipq_expire; /* time_uptime when ipq expires */ u_char ipq_nfrags; /* # frags in this packet */ u_char ipq_p; /* protocol of this fragment */ u_short ipq_id; /* sequence id for reassembly */ int ipq_maxoff; /* total length of packet */ struct mbuf *ipq_frags; /* to ip headers of fragments */ struct in_addr ipq_src,ipq_dst; struct label *ipq_label; /* MAC label */ }; #endif /* _KERNEL */ /* * Structure stored in mbuf in inpcb.ip_options * and passed to ip_output when ip options are in use. * The actual length of the options (including ipopt_dst) * is in m_len. */ #define MAX_IPOPTLEN 40 struct ipoption { struct in_addr ipopt_dst; /* first-hop dst if source routed */ char ipopt_list[MAX_IPOPTLEN]; /* options proper */ }; #if defined(_NETINET_IN_VAR_H_) && defined(_KERNEL) /* * Structure attached to inpcb.ip_moptions and * passed to ip_output when IP multicast options are in use. * This structure is lazy-allocated. */ struct ip_moptions { struct ifnet *imo_multicast_ifp; /* ifp for outgoing multicasts */ struct in_addr imo_multicast_addr; /* ifindex/addr on MULTICAST_IF */ u_long imo_multicast_vif; /* vif num outgoing multicasts */ u_char imo_multicast_ttl; /* TTL for outgoing multicasts */ u_char imo_multicast_loop; /* 1 => hear sends if a member */ struct ip_mfilter_head imo_head; /* group membership list */ }; #else struct ip_moptions; #endif struct ipstat { uint64_t ips_total; /* total packets received */ uint64_t ips_badsum; /* checksum bad */ uint64_t ips_tooshort; /* packet too short */ uint64_t ips_toosmall; /* not enough data */ uint64_t ips_badhlen; /* ip header length < data size */ uint64_t ips_badlen; /* ip length < ip header length */ uint64_t ips_fragments; /* fragments received */ uint64_t ips_fragdropped; /* frags dropped (dups, out of space) */ uint64_t ips_fragtimeout; /* fragments timed out */ uint64_t ips_forward; /* packets forwarded */ uint64_t ips_fastforward; /* packets fast forwarded */ uint64_t ips_cantforward; /* packets rcvd for unreachable dest */ uint64_t ips_redirectsent; /* packets forwarded on same net */ uint64_t ips_noproto; /* unknown or unsupported protocol */ uint64_t ips_delivered; /* datagrams delivered to upper level*/ uint64_t ips_localout; /* total ip packets generated here */ uint64_t ips_odropped; /* lost packets due to nobufs, etc. */ uint64_t ips_reassembled; /* total packets reassembled ok */ uint64_t ips_fragmented; /* datagrams successfully fragmented */ uint64_t ips_ofragments; /* output fragments created */ uint64_t ips_cantfrag; /* don't fragment flag was set, etc. */ uint64_t ips_badoptions; /* error in option processing */ uint64_t ips_noroute; /* packets discarded due to no route */ uint64_t ips_badvers; /* ip version != 4 */ uint64_t ips_rawout; /* total raw ip packets generated */ uint64_t ips_toolong; /* ip length > max ip packet size */ uint64_t ips_notmember; /* multicasts for unregistered grps */ uint64_t ips_nogif; /* no match gif found */ uint64_t ips_badaddr; /* invalid address on header */ }; #ifdef _KERNEL #include #include #include VNET_PCPUSTAT_DECLARE(struct ipstat, ipstat); /* * In-kernel consumers can use these accessor macros directly to update * stats. */ #define IPSTAT_ADD(name, val) \ do { \ MIB_SDT_PROBE1(ip, count, name, (val)); \ VNET_PCPUSTAT_ADD(struct ipstat, ipstat, name, (val)); \ } while (0) #define IPSTAT_SUB(name, val) IPSTAT_ADD(name, -(val)) #define IPSTAT_INC(name) IPSTAT_ADD(name, 1) #define IPSTAT_DEC(name) IPSTAT_SUB(name, 1) /* * Kernel module consumers must use this accessor macro. */ void kmod_ipstat_inc(int statnum); #define KMOD_IPSTAT_INC(name) \ do { \ MIB_SDT_PROBE1(ip, count, name, 1); \ kmod_ipstat_inc( \ offsetof(struct ipstat, name) / sizeof(uint64_t)); \ } while (0) void kmod_ipstat_dec(int statnum); #define KMOD_IPSTAT_DEC(name) \ do { \ MIB_SDT_PROBE1(ip, count, name, -1); \ kmod_ipstat_dec( \ offsetof(struct ipstat, name) / sizeof(uint64_t)); \ } while (0) /* flags passed to ip_output as last parameter */ #define IP_FORWARDING 0x1 /* most of ip header exists */ #define IP_RAWOUTPUT 0x2 /* raw ip header exists */ #define IP_SENDONES 0x4 /* send all-ones broadcast */ #define IP_SENDTOIF 0x8 /* send on specific ifnet */ #define IP_ROUTETOIF SO_DONTROUTE /* 0x10 bypass routing tables */ #define IP_ALLOWBROADCAST SO_BROADCAST /* 0x20 can send broadcast packets */ #define IP_NODEFAULTFLOWID 0x40 /* Don't set the flowid from inp */ #define IP_NO_SND_TAG_RL 0x80 /* Don't send down the ratelimit tag */ #ifdef __NO_STRICT_ALIGNMENT #define IP_HDR_ALIGNED_P(ip) 1 #else #define IP_HDR_ALIGNED_P(ip) ((((intptr_t) (ip)) & 3) == 0) #endif struct ip; struct inpcb; struct route; struct sockopt; struct inpcbinfo; VNET_DECLARE(int, ip_defttl); /* default IP ttl */ VNET_DECLARE(int, ipforwarding); /* ip forwarding */ VNET_DECLARE(int, ipsendredirects); #ifdef IPSTEALTH VNET_DECLARE(int, ipstealth); /* stealth forwarding */ #endif VNET_DECLARE(struct socket *, ip_rsvpd); /* reservation protocol daemon*/ VNET_DECLARE(struct socket *, ip_mrouter); /* multicast routing daemon */ extern int (*legal_vif_num)(int); extern u_long (*ip_mcast_src)(int); VNET_DECLARE(int, rsvp_on); VNET_DECLARE(int, drop_redirect); VNET_DECLARE(int, ip_random_id); #define V_ip_id VNET(ip_id) #define V_ip_defttl VNET(ip_defttl) #define V_ipforwarding VNET(ipforwarding) #define V_ipsendredirects VNET(ipsendredirects) #ifdef IPSTEALTH #define V_ipstealth VNET(ipstealth) #endif #define V_ip_rsvpd VNET(ip_rsvpd) #define V_ip_mrouter VNET(ip_mrouter) #define V_rsvp_on VNET(rsvp_on) #define V_drop_redirect VNET(drop_redirect) #define V_ip_random_id VNET(ip_random_id) void inp_freemoptions(struct ip_moptions *); int inp_getmoptions(struct inpcb *, struct sockopt *); int inp_setmoptions(struct inpcb *, struct sockopt *); int ip_ctloutput(struct socket *, struct sockopt *sopt); int ip_fragment(struct ip *ip, struct mbuf **m_frag, int mtu, u_long if_hwassist_flags); void ip_forward(struct mbuf *m, int srcrt); extern int (*ip_mforward)(struct ip *, struct ifnet *, struct mbuf *, struct ip_moptions *); int ip_output(struct mbuf *, struct mbuf *, struct route *, int, struct ip_moptions *, struct inpcb *); struct mbuf * ip_reass(struct mbuf *); void ip_savecontrol(struct inpcb *, struct mbuf **, struct ip *, struct mbuf *); void ip_fillid(struct ip *, bool); int rip_ctloutput(struct socket *, struct sockopt *); int ipip_input(struct mbuf **, int *, int); int rsvp_input(struct mbuf **, int *, int); int ip_rsvp_init(struct socket *); int ip_rsvp_done(void); extern int (*ip_rsvp_vif)(struct socket *, struct sockopt *); extern void (*ip_rsvp_force_done)(struct socket *); extern int (*rsvp_input_p)(struct mbuf **, int *, int); typedef int ipproto_input_t(struct mbuf **, int *, int); struct icmp; typedef void ipproto_ctlinput_t(struct icmp *); int ipproto_register(uint8_t, ipproto_input_t, ipproto_ctlinput_t); int ipproto_unregister(uint8_t); #define IPPROTO_REGISTER(prot, input, ctl) do { \ int error __diagused; \ error = ipproto_register(prot, input, ctl); \ MPASS(error == 0); \ } while (0) ipproto_input_t rip_input; ipproto_ctlinput_t rip_ctlinput; VNET_DECLARE(struct pfil_head *, inet_pfil_head); #define V_inet_pfil_head VNET(inet_pfil_head) #define PFIL_INET_NAME "inet" VNET_DECLARE(struct pfil_head *, inet_local_pfil_head); #define V_inet_local_pfil_head VNET(inet_local_pfil_head) #define PFIL_INET_LOCAL_NAME "inet-local" void in_delayed_cksum(struct mbuf *m); /* Hooks for ipfw, dummynet, divert etc. Most are declared in raw_ip.c */ /* * Reference to an ipfw or packet filter rule that can be carried * outside critical sections. * A rule is identified by rulenum:rule_id which is ordered. * In version chain_id the rule can be found in slot 'slot', so * we don't need a lookup if chain_id == chain->id. * * On exit from the firewall this structure refers to the rule after * the matching one (slot points to the new rule; rulenum:rule_id-1 * is the matching rule), and additional info (e.g. info often contains * the insn argument or tablearg in the low 16 bits, in host format). * On entry, the structure is valid if slot>0, and refers to the starting * rules. 'info' contains the reason for reinject, e.g. divert port, * divert direction, and so on. * * Packet Mark is an analogue to ipfw tags with O(1) lookup from mbuf while * regular tags require a single-linked list traversal. Mark is a 32-bit * number that can be looked up in a table [with 'number' table-type], matched * or compared with a number with optional mask applied before comparison. * Having generic nature, Mark can be used in a variety of needs. * For example, it could be used as a security group: mark will hold a * security group id and represent a group of packet flows that shares same * access control policy. * O_MASK opcode can match mark value bitwise so one can build a hierarchical * model designating different meanings for a bit range(s). */ struct ipfw_rule_ref { /* struct m_tag spans 24 bytes above this point, see mbuf_tags(9) */ /* spare space just to be save in case struct m_tag grows */ /* -- 32 bytes -- */ uint32_t slot; /* slot for matching rule */ uint32_t rulenum; /* matching rule number */ uint32_t rule_id; /* matching rule id */ uint32_t chain_id; /* ruleset id */ uint32_t info; /* see below */ uint32_t pkt_mark; /* packet mark */ uint32_t spare[2]; /* -- 64 bytes -- */ }; enum { IPFW_INFO_MASK = 0x0000ffff, IPFW_INFO_OUT = 0x00000000, /* outgoing, just for convenience */ IPFW_INFO_IN = 0x80000000, /* incoming, overloads dir */ IPFW_ONEPASS = 0x40000000, /* One-pass, do not reinject */ IPFW_IS_MASK = 0x30000000, /* which source ? */ IPFW_IS_DIVERT = 0x20000000, IPFW_IS_DUMMYNET =0x10000000, IPFW_IS_PIPE = 0x08000000, /* pipe=1, queue = 0 */ }; #define MTAG_IPFW 1148380143 /* IPFW-tagged cookie */ #define MTAG_IPFW_RULE 1262273568 /* rule reference */ #define MTAG_IPFW_CALL 1308397630 /* call stack */ struct ip_fw_args; typedef int (*ip_fw_ctl_ptr_t)(struct sockopt *); VNET_DECLARE(ip_fw_ctl_ptr_t, ip_fw_ctl_ptr); #define V_ip_fw_ctl_ptr VNET(ip_fw_ctl_ptr) /* Divert hooks. */ extern void (*ip_divert_ptr)(struct mbuf *m, bool incoming); /* ng_ipfw hooks -- XXX make it the same as divert and dummynet */ extern int (*ng_ipfw_input_p)(struct mbuf **, struct ip_fw_args *, bool); extern int (*ip_dn_ctl_ptr)(struct sockopt *); extern int (*ip_dn_io_ptr)(struct mbuf **, struct ip_fw_args *); /* pf specific mtag for divert(4) support */ __enum_uint8_decl(pf_mtag_dir) { PF_DIVERT_MTAG_DIR_IN = 1, PF_DIVERT_MTAG_DIR_OUT = 2 }; struct pf_divert_mtag { __enum_uint8(pf_mtag_dir) idir; /* initial pkt direction */ union { __enum_uint8(pf_mtag_dir) ndir; /* new dir after re-enter */ uint16_t port; /* initial divert(4) port */ }; }; #define MTAG_PF_DIVERT 1262273569 #endif /* _KERNEL */ #endif /* !_NETINET_IP_VAR_H_ */ diff --git a/sys/netinet/pim.h b/sys/netinet/pim.h index 98230fc6ae2d..4744ffc7e9d8 100644 --- a/sys/netinet/pim.h +++ b/sys/netinet/pim.h @@ -1,119 +1,119 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1996-2000 * University of Southern California/Information Sciences Institute. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the project nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef _NETINET_PIM_H_ #define _NETINET_PIM_H_ /* * Protocol Independent Multicast (PIM) definitions. * RFC 2362, June 1998. * * Written by Ahmed Helmy, USC/SGI, July 1996. * Modified by George Edmond Eddy (Rusty), ISI, February 1998. * Modified by Pavlin Radoslavov, USC/ISI, May 1998, October 2000. */ #include #ifndef _PIM_VT #ifndef BYTE_ORDER # error BYTE_ORDER is not defined! #endif #if (BYTE_ORDER != BIG_ENDIAN) && (BYTE_ORDER != LITTLE_ENDIAN) # error BYTE_ORDER must be defined to either BIG_ENDIAN or LITTLE_ENDIAN #endif #endif /* ! _PIM_VT */ /* * PIM packet header */ struct pim { #ifdef _PIM_VT uint8_t pim_vt; /* PIM version and message type */ #else /* ! _PIM_VT */ #if BYTE_ORDER == BIG_ENDIAN u_int pim_vers:4, /* PIM protocol version */ pim_type:4; /* PIM message type */ #endif #if BYTE_ORDER == LITTLE_ENDIAN u_int pim_type:4, /* PIM message type */ pim_vers:4; /* PIM protocol version */ #endif #endif /* ! _PIM_VT */ uint8_t pim_reserved; /* Reserved */ uint16_t pim_cksum; /* IP-style checksum */ -}; +} __packed; /* KAME-related name backward compatibility */ #define pim_ver pim_vers #define pim_rsv pim_reserved #ifdef _PIM_VT #define PIM_MAKE_VT(v, t) (0xff & (((v) << 4) | (0x0f & (t)))) #define PIM_VT_V(x) (((x) >> 4) & 0x0f) #define PIM_VT_T(x) ((x) & 0x0f) #endif /* _PIM_VT */ #define PIM_VERSION 2 #define PIM_MINLEN 8 /* PIM message min. length */ #define PIM_REG_MINLEN (PIM_MINLEN+20) /* PIM Register hdr + inner IPv4 hdr */ #define PIM6_REG_MINLEN (PIM_MINLEN+40) /* PIM Register hdr + inner IPv6 hdr */ /* * PIM message types */ #define PIM_HELLO 0x0 /* PIM-SM and PIM-DM */ #define PIM_REGISTER 0x1 /* PIM-SM only */ #define PIM_REGISTER_STOP 0x2 /* PIM-SM only */ #define PIM_JOIN_PRUNE 0x3 /* PIM-SM and PIM-DM */ #define PIM_BOOTSTRAP 0x4 /* PIM-SM only */ #define PIM_ASSERT 0x5 /* PIM-SM and PIM-DM */ #define PIM_GRAFT 0x6 /* PIM-DM only */ #define PIM_GRAFT_ACK 0x7 /* PIM-DM only */ #define PIM_CAND_RP_ADV 0x8 /* PIM-SM only */ #define PIM_ALL_DF_ELECTION 0xa /* Bidir-PIM-SM only */ /* * PIM-Register message flags */ #define PIM_BORDER_REGISTER 0x80000000U /* The Border bit (host-order) */ #define PIM_NULL_REGISTER 0x40000000U /* The Null-Register bit (host-order)*/ /* * All-PIM-Routers IPv4 and IPv6 multicast addresses */ #define INADDR_ALLPIM_ROUTERS_GROUP (uint32_t)0xe000000dU /* 224.0.0.13 */ #define IN6ADDR_LINKLOCAL_ALLPIM_ROUTERS "ff02::d" #define IN6ADDR_LINKLOCAL_ALLPIM_ROUTERS_INIT \ {{{ 0xff, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0d }}} #endif /* _NETINET_PIM_H_ */ diff --git a/sys/netinet/tcp.h b/sys/netinet/tcp.h index 94d41ff67836..41a49b318cd5 100644 --- a/sys/netinet/tcp.h +++ b/sys/netinet/tcp.h @@ -1,577 +1,577 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1982, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef _NETINET_TCP_H_ #define _NETINET_TCP_H_ #include #if __BSD_VISIBLE typedef u_int32_t tcp_seq; #define tcp6_seq tcp_seq /* for KAME src sync over BSD*'s */ #define tcp6hdr tcphdr /* for KAME src sync over BSD*'s */ /* * TCP header. * Per RFC 793, September, 1981. */ struct tcphdr { u_short th_sport; /* source port */ u_short th_dport; /* destination port */ tcp_seq th_seq; /* sequence number */ tcp_seq th_ack; /* acknowledgement number */ #if BYTE_ORDER == LITTLE_ENDIAN u_char th_x2:4, /* upper 4 (reserved) flags */ th_off:4; /* data offset */ #endif #if BYTE_ORDER == BIG_ENDIAN u_char th_off:4, /* data offset */ th_x2:4; /* upper 4 (reserved) flags */ #endif u_char th_flags; #define TH_FIN 0x01 #define TH_SYN 0x02 #define TH_RST 0x04 #define TH_PUSH 0x08 #define TH_ACK 0x10 #define TH_URG 0x20 #define TH_ECE 0x40 #define TH_CWR 0x80 #define TH_AE 0x100 /* maps into th_x2 */ #define TH_RES3 0x200 #define TH_RES2 0x400 #define TH_RES1 0x800 #define TH_FLAGS (TH_FIN|TH_SYN|TH_RST|TH_PUSH|TH_ACK|TH_URG|TH_ECE|TH_CWR|TH_AE) #define PRINT_TH_FLAGS "\20\1FIN\2SYN\3RST\4PUSH\5ACK\6URG\7ECE\10CWR\11AE" u_short th_win; /* window */ u_short th_sum; /* checksum */ u_short th_urp; /* urgent pointer */ -}; +} __packed; static __inline uint16_t __tcp_get_flags(const struct tcphdr *th) { return (((uint16_t)th->th_x2 << 8) | th->th_flags); } static __inline void __tcp_set_flags(struct tcphdr *th, uint16_t flags) { th->th_x2 = (flags >> 8) & 0x0f; th->th_flags = flags & 0xff; } #ifdef _KERNEL #define tcp_get_flags(th) __tcp_get_flags(th) #define tcp_set_flags(th, flags) __tcp_set_flags(th, flags) #endif #define PADTCPOLEN(len) ((((len) / 4) + !!((len) % 4)) * 4) #define TCPOPT_EOL 0 #define TCPOLEN_EOL 1 #define TCPOPT_PAD 0 /* padding after EOL */ #define TCPOLEN_PAD 1 #define TCPOPT_NOP 1 #define TCPOLEN_NOP 1 #define TCPOPT_MAXSEG 2 #define TCPOLEN_MAXSEG 4 #define TCPOPT_WINDOW 3 #define TCPOLEN_WINDOW 3 #define TCPOPT_SACK_PERMITTED 4 #define TCPOLEN_SACK_PERMITTED 2 #define TCPOPT_SACK 5 #define TCPOLEN_SACKHDR 2 #define TCPOLEN_SACK 8 /* 2*sizeof(tcp_seq) */ #define TCPOPT_TIMESTAMP 8 #define TCPOLEN_TIMESTAMP 10 #define TCPOLEN_TSTAMP_APPA (TCPOLEN_TIMESTAMP+2) /* appendix A */ #define TCPOPT_SIGNATURE 19 /* Keyed MD5: RFC 2385 */ #define TCPOLEN_SIGNATURE 18 #define TCPOPT_FAST_OPEN 34 #define TCPOLEN_FAST_OPEN_EMPTY 2 #define MAX_TCPOPTLEN 40 /* Absolute maximum TCP options len */ /* Miscellaneous constants */ #define MAX_SACK_BLKS 6 /* Max # SACK blocks stored at receiver side */ #define TCP_MAX_SACK 4 /* MAX # SACKs sent in any segment */ /* * The default maximum segment size (MSS) to be used for new TCP connections * when path MTU discovery is not enabled. * * RFC879 derives the default MSS from the largest datagram size hosts are * minimally required to handle directly or through IP reassembly minus the * size of the IP and TCP header. With IPv6 the minimum MTU is specified * in RFC2460. * * For IPv4 the MSS is 576 - sizeof(struct tcpiphdr) * For IPv6 the MSS is IPV6_MMTU - sizeof(struct ip6_hdr) - sizeof(struct tcphdr) * * We use explicit numerical definition here to avoid header pollution. */ #define TCP_MSS 536 #define TCP6_MSS 1220 /* * Limit the lowest MSS we accept for path MTU discovery and the TCP SYN MSS * option. Allowing low values of MSS can consume significant resources and * be used to mount a resource exhaustion attack. * Connections requesting lower MSS values will be rounded up to this value * and the IP_DF flag will be cleared to allow fragmentation along the path. * * See tcp_subr.c tcp_minmss SYSCTL declaration for more comments. Setting * it to "0" disables the minmss check. * * The default value is fine for TCP across the Internet's smallest official * link MTU (256 bytes for AX.25 packet radio). However, a connection is very * unlikely to come across such low MTU interfaces these days (anno domini 2003). */ #define TCP_MINMSS 216 #define TCP_MAXWIN 65535 /* largest value for (unscaled) window */ #define TTCP_CLIENT_SND_WND 4096 /* dflt send window for T/TCP client */ #define TCP_MAX_WINSHIFT 14 /* maximum window shift */ #define TCP_MAXHLEN (0xf<<2) /* max length of header in bytes */ #define TCP_MAXOLEN (TCP_MAXHLEN - sizeof(struct tcphdr)) /* max space left for options */ #define TCP_FASTOPEN_MIN_COOKIE_LEN 4 /* Per RFC7413 */ #define TCP_FASTOPEN_MAX_COOKIE_LEN 16 /* Per RFC7413 */ #define TCP_FASTOPEN_PSK_LEN 16 /* Same as TCP_FASTOPEN_KEY_LEN */ #endif /* __BSD_VISIBLE */ /* * User-settable options (used with setsockopt). These are discrete * values and are not masked together. Some values appear to be * bitmasks for historical reasons. */ #define TCP_NODELAY 1 /* don't delay send to coalesce packets */ #if __BSD_VISIBLE #define TCP_MAXSEG 2 /* set maximum segment size */ #define TCP_NOPUSH 4 /* don't push last block of write */ #define TCP_NOOPT 8 /* don't use TCP options */ #define TCP_MD5SIG 16 /* use MD5 digests (RFC2385) */ #define TCP_INFO 32 /* retrieve tcp_info structure */ #define TCP_STATS 33 /* retrieve stats blob structure */ #define TCP_LOG 34 /* configure event logging for connection */ #define TCP_LOGBUF 35 /* retrieve event log for connection */ #define TCP_LOGID 36 /* configure log ID to correlate connections */ #define TCP_LOGDUMP 37 /* dump connection log events to device */ #define TCP_LOGDUMPID 38 /* dump events from connections with same ID to device */ #define TCP_TXTLS_ENABLE 39 /* TLS framing and encryption for transmit */ #define TCP_TXTLS_MODE 40 /* Transmit TLS mode */ #define TCP_RXTLS_ENABLE 41 /* TLS framing and encryption for receive */ #define TCP_RXTLS_MODE 42 /* Receive TLS mode */ #define TCP_IWND_NB 43 /* Override initial window (units: bytes) */ #define TCP_IWND_NSEG 44 /* Override initial window (units: MSS segs) */ #ifdef _KERNEL #define TCP_USE_DDP 45 /* Use direct data placement for so_rcvbuf */ #endif #define TCP_LOGID_CNT 46 /* get number of connections with the same ID */ #define TCP_LOG_TAG 47 /* configure tag for grouping logs */ #define TCP_USER_LOG 48 /* userspace log event */ #define TCP_CONGESTION 64 /* get/set congestion control algorithm */ #define TCP_CCALGOOPT 65 /* get/set cc algorithm specific options */ #define TCP_MAXUNACKTIME 68 /* maximum time without making progress (sec) */ /* unused 69 */ #define TCP_IDLE_REDUCE 70 /* Reduce cwnd on idle input */ #define TCP_REMOTE_UDP_ENCAPS_PORT 71 /* Enable TCP over UDP tunneling via the specified port */ #define TCP_DELACK 72 /* socket option for delayed ack */ #define TCP_FIN_IS_RST 73 /* A fin from the peer is treated has a RST */ #define TCP_LOG_LIMIT 74 /* Limit to number of records in tcp-log */ #define TCP_SHARED_CWND_ALLOWED 75 /* Use of a shared cwnd is allowed */ #define TCP_PROC_ACCOUNTING 76 /* Do accounting on tcp cpu usage and counts */ #define TCP_USE_CMP_ACKS 77 /* The transport can handle the Compressed mbuf acks */ #define TCP_PERF_INFO 78 /* retrieve accounting counters */ #define TCP_KEEPINIT 128 /* N, time to establish connection */ #define TCP_KEEPIDLE 256 /* L,N,X start keeplives after this period */ #define TCP_KEEPINTVL 512 /* L,N interval between keepalives */ #define TCP_KEEPCNT 1024 /* L,N number of keepalives before close */ #define TCP_FASTOPEN 1025 /* enable TFO / was created via TFO */ /* unused 2048 was TCP_PCAP_OUT */ /* unused 4096 was TCP_PCAP_IN */ #define TCP_FUNCTION_BLK 8192 /* Set the tcp function pointers to the specified stack */ #define TCP_FUNCTION_ALIAS 8193 /* Get the current tcp function pointer name alias */ /* Options for Rack and BBR */ #define TCP_REUSPORT_LB_NUMA 1026 /* set listen socket numa domain */ #define TCP_RACK_MBUF_QUEUE 1050 /* Do we allow mbuf queuing if supported */ /* unused 1051 */ #define TCP_RACK_TLP_REDUCE 1052 /* RACK TLP cwnd reduction (bool) */ /* unused 1053 */ #define TCP_RACK_PACE_MAX_SEG 1054 /* Max TSO size we will send */ #define TCP_RACK_PACE_ALWAYS 1055 /* Use the always pace method */ /* unused 1056 */ #define TCP_RACK_PRR_SENDALOT 1057 /* Allow PRR to send more than one seg */ #define TCP_RACK_MIN_TO 1058 /* Minimum time between rack t-o's in ms */ /* unused 1059 */ #define TCP_RACK_EARLY_SEG 1060 /* If early recovery max segments */ #define TCP_RACK_REORD_THRESH 1061 /* RACK reorder threshold (shift amount) */ #define TCP_RACK_REORD_FADE 1062 /* Does reordering fade after ms time */ #define TCP_RACK_TLP_THRESH 1063 /* RACK TLP theshold i.e. srtt+(srtt/N) */ #define TCP_RACK_PKT_DELAY 1064 /* RACK added ms i.e. rack-rtt + reord + N */ /* unused 1065 */ /* unused 1066 */ #define TCP_BBR_IWINTSO 1067 /* Initial TSO window for BBRs first sends */ /* unused 1068 */ #define TCP_BBR_STARTUP_PG 1069 /* Startup pacing gain */ #define TCP_BBR_DRAIN_PG 1070 /* Drain pacing gain */ /* unused 1071 */ #define TCP_BBR_PROBE_RTT_INT 1072 /* How long in useconds between probe-rtt */ /* unused 1073 */ #define TCP_BBR_STARTUP_LOSS_EXIT 1074 /* Do we exit a loss during startup if not 20% incr */ /* unused 1075 */ #define TCP_BBR_TSLIMITS 1076 /* Do we use experimental Timestamp limiting for our algo */ #define TCP_BBR_PACE_OH 1077 /* pacing overhead setting */ /* unused 1078 */ #define TCP_BBR_USEDEL_RATE 1079 /* Enable use of delivery rate for loss recovery */ #define TCP_BBR_MIN_RTO 1080 /* Min RTO in milliseconds */ #define TCP_BBR_MAX_RTO 1081 /* Max RTO in milliseconds */ /* unused 1082 */ #define TCP_BBR_ALGORITHM 1083 /* What measurement algo does BBR use netflix=0, google=1 */ /* unused 1084 */ /* unused 1085 */ #define TCP_BBR_PACE_PER_SEC 1086 #define TCP_BBR_PACE_DEL_TAR 1087 #define TCP_BBR_PACE_SEG_MAX 1088 #define TCP_BBR_PACE_SEG_MIN 1089 #define TCP_BBR_PACE_CROSS 1090 /* unused 1091 */ /* unused 1092 */ /* unused 1093 */ /* unused 1094 */ #define TCP_RACK_TLP_USE 1095 #define TCP_BBR_TMR_PACE_OH 1096 /* ??? */ #define TCP_RACK_DO_DETECTION 1097 /* Recycle of extra gain for rack, attack detection */ #define TCP_BBR_RACK_RTT_USE 1098 /* what RTT should we use 0, 1, or 2? */ #define TCP_BBR_RETRAN_WTSO 1099 #define TCP_DATA_AFTER_CLOSE 1100 #define TCP_BBR_PROBE_RTT_GAIN 1101 #define TCP_BBR_PROBE_RTT_LEN 1102 #define TCP_BBR_SEND_IWND_IN_TSO 1103 /* Do we burst out whole iwin size chunks at start? */ #define TCP_BBR_USE_RACK_RR 1104 /* Do we use the rack rapid recovery for pacing rxt's */ #define TCP_BBR_USE_RACK_CHEAT TCP_BBR_USE_RACK_RR /* Compat. */ #define TCP_BBR_HDWR_PACE 1105 /* Enable/disable hardware pacing */ #define TCP_BBR_UTTER_MAX_TSO 1106 /* Do we enforce an utter max TSO size */ #define TCP_BBR_EXTRA_STATE 1107 /* Special exit-persist catch up */ #define TCP_BBR_FLOOR_MIN_TSO 1108 /* The min tso size */ #define TCP_BBR_MIN_TOPACEOUT 1109 /* Do we suspend pacing until */ #define TCP_BBR_TSTMP_RAISES 1110 /* Can a timestamp measurement raise the b/w */ #define TCP_BBR_POLICER_DETECT 1111 /* Turn on/off google mode policer detection */ #define TCP_BBR_RACK_INIT_RATE 1112 /* Set an initial pacing rate for when we have no b/w in kbits per sec */ #define TCP_RACK_RR_CONF 1113 /* Rack rapid recovery configuration control*/ #define TCP_RACK_GP_INCREASE_CA 1114 /* GP increase for Congestion Avoidance */ #define TCP_RACK_GP_INCREASE_SS 1115 /* GP increase for Slow Start */ #define TCP_RACK_GP_INCREASE_REC 1116 /* GP increase for Recovery */ #define TCP_RACK_FORCE_MSEG 1117 /* Override to use the user set max-seg value */ #define TCP_RACK_PACE_RATE_CA 1118 /* Pacing rate for Congestion Avoidance */ #define TCP_RACK_PACE_RATE_SS 1119 /* Pacing rate for Slow Start */ #define TCP_RACK_PACE_RATE_REC 1120 /* Pacing rate for Recovery */ #define TCP_NO_PRR 1122 /* If pacing, don't use prr */ #define TCP_RACK_NONRXT_CFG_RATE 1123 /* In recovery does a non-rxt use the cfg rate */ #define TCP_SHARED_CWND_ENABLE 1124 /* Use a shared cwnd if allowed */ #define TCP_TIMELY_DYN_ADJ 1125 /* Do we attempt dynamic multipler adjustment with timely. */ #define TCP_RACK_NO_PUSH_AT_MAX 1126 /* For timely do not push if we are over max rtt */ #define TCP_RACK_PACE_TO_FILL 1127 /* If we are not in recovery, always pace to fill the cwnd in 1 RTT */ #define TCP_SHARED_CWND_TIME_LIMIT 1128 /* we should limit to low time values the scwnd life */ #define TCP_RACK_PROFILE 1129 /* Select a profile that sets multiple options */ #define TCP_HDWR_RATE_CAP 1130 /* Allow hardware rates to cap pacing rate */ #define TCP_PACING_RATE_CAP 1131 /* Highest rate allowed in pacing in bytes per second (uint64_t) */ #define TCP_HDWR_UP_ONLY 1132 /* Allow the pacing rate to climb but not descend (with the exception of fill-cw */ #define TCP_RACK_ABC_VAL 1133 /* Set a local ABC value different then the system default */ #define TCP_REC_ABC_VAL 1134 /* Do we use the ABC value for recovery or the override one from sysctl */ #define TCP_RACK_MEASURE_CNT 1135 /* How many measurements are required in GP pacing */ #define TCP_DEFER_OPTIONS 1136 /* Defer options until the proper number of measurements occur, does not defer TCP_RACK_MEASURE_CNT */ /* unused 1137 */ #define TCP_RACK_PACING_BETA 1138 /* Changing the beta for pacing */ #define TCP_RACK_PACING_BETA_ECN 1139 /* Changing the beta for ecn with pacing */ #define TCP_RACK_TIMER_SLOP 1140 /* Set or get the timer slop used */ #define TCP_RACK_DSACK_OPT 1141 /* How do we setup rack timer DSACK options bit 1/2 */ #define TCP_RACK_ENABLE_HYSTART 1142 /* Do we allow hystart in the CC modules */ #define TCP_RACK_SET_RXT_OPTIONS 1143 /* Set the bits in the retransmit options */ #define TCP_RACK_HI_BETA 1144 /* Turn on/off high beta */ #define TCP_RACK_SPLIT_LIMIT 1145 /* Set a split limit for split allocations */ #define TCP_RACK_PACING_DIVISOR 1146 /* Pacing divisor given to rate-limit code for burst sizing */ #define TCP_RACK_PACE_MIN_SEG 1147 /* Pacing min seg size rack will use */ #define TCP_RACK_DGP_IN_REC 1148 /* Do we use full DGP in recovery? */ /* unused 1149 */ #define TCP_HYBRID_PACING 1150 /* Hybrid pacing enablement */ #define TCP_PACING_DND 1151 /* When pacing with rr_config=3 can sacks disturb us */ #define TCP_SS_EEXIT 1152 /* Do we do early exit from slowtart if no b/w growth */ #define TCP_DGP_UPPER_BOUNDS 1153 /* SS and CA upper bound in percentage */ #define TCP_NO_TIMELY 1154 /* Disable/enable Timely */ #define TCP_HONOR_HPTS_MIN 1155 /* Do we honor hpts min to */ #define TCP_REC_IS_DYN 1156 /* Do we allow timely to change recovery multiplier? */ #define TCP_SIDECHAN_DIS 1157 /* Disable/enable the side-channel */ #define TCP_FILLCW_RATE_CAP 1158 /* Set a cap for DGP's fillcw */ /* unused 1159 */ #define TCP_STACK_SPEC_INFO 1160 /* Get stack specific information (if present) */ #define RACK_CSPR_IS_FCC 1161 #define TCP_GP_USE_LTBW 1162 /* how we use lt_bw 0=not, 1=min, 2=max */ /* Start of reserved space for third-party user-settable options. */ #define TCP_VENDOR SO_VENDOR #define TCP_CA_NAME_MAX 16 /* max congestion control name length */ #define TCPI_OPT_TIMESTAMPS 0x01 #define TCPI_OPT_SACK 0x02 #define TCPI_OPT_WSCALE 0x04 #define TCPI_OPT_ECN 0x08 #define TCPI_OPT_TOE 0x10 #define TCPI_OPT_TFO 0x20 #define TCPI_OPT_ACE 0x40 /* Maximum length of log ID. */ #define TCP_LOG_ID_LEN 64 /* TCP accounting counters */ #define TCP_NUM_PROC_COUNTERS 11 #define TCP_NUM_CNT_COUNTERS 13 /* Must match counter array sizes in tcpcb */ struct tcp_perf_info { uint64_t tcp_cnt_counters[TCP_NUM_CNT_COUNTERS]; uint64_t tcp_proc_time[TCP_NUM_CNT_COUNTERS]; uint64_t timebase; /* timebase for tcp_proc_time */ uint8_t tb_is_stable; /* timebase is stable/invariant */ }; /* * The TCP_INFO socket option comes from the Linux 2.6 TCP API, and permits * the caller to query certain information about the state of a TCP * connection. We provide an overlapping set of fields with the Linux * implementation, but since this is a fixed size structure, room has been * left for growth. In order to maximize potential future compatibility with * the Linux API, the same variable names and order have been adopted, and * padding left to make room for omitted fields in case they are added later. * * XXX: This is currently an unstable ABI/API, in that it is expected to * change. */ struct tcp_info { u_int8_t tcpi_state; /* TCP FSM state. */ u_int8_t __tcpi_ca_state; u_int8_t __tcpi_retransmits; u_int8_t __tcpi_probes; u_int8_t __tcpi_backoff; u_int8_t tcpi_options; /* Options enabled on conn. */ u_int8_t tcpi_snd_wscale:4, /* RFC1323 send shift value. */ tcpi_rcv_wscale:4; /* RFC1323 recv shift value. */ u_int32_t tcpi_rto; /* Retransmission timeout (usec). */ u_int32_t __tcpi_ato; u_int32_t tcpi_snd_mss; /* Max segment size for send. */ u_int32_t tcpi_rcv_mss; /* Max segment size for receive. */ u_int32_t __tcpi_unacked; u_int32_t __tcpi_sacked; u_int32_t __tcpi_lost; u_int32_t __tcpi_retrans; u_int32_t __tcpi_fackets; /* Times; measurements in usecs. */ u_int32_t __tcpi_last_data_sent; u_int32_t __tcpi_last_ack_sent; /* Also unimpl. on Linux? */ u_int32_t tcpi_last_data_recv; /* Time since last recv data. */ u_int32_t __tcpi_last_ack_recv; /* Metrics; variable units. */ u_int32_t __tcpi_pmtu; u_int32_t __tcpi_rcv_ssthresh; u_int32_t tcpi_rtt; /* Smoothed RTT in usecs. */ u_int32_t tcpi_rttvar; /* RTT variance in usecs. */ u_int32_t tcpi_snd_ssthresh; /* Slow start threshold. */ u_int32_t tcpi_snd_cwnd; /* Send congestion window. */ u_int32_t __tcpi_advmss; u_int32_t __tcpi_reordering; u_int32_t __tcpi_rcv_rtt; u_int32_t tcpi_rcv_space; /* Advertised recv window. */ /* FreeBSD extensions to tcp_info. */ u_int32_t tcpi_snd_wnd; /* Advertised send window. */ u_int32_t tcpi_snd_bwnd; /* No longer used. */ u_int32_t tcpi_snd_nxt; /* Next egress seqno */ u_int32_t tcpi_rcv_nxt; /* Next ingress seqno */ u_int32_t tcpi_toe_tid; /* HWTID for TOE endpoints */ u_int32_t tcpi_snd_rexmitpack; /* Retransmitted packets */ u_int32_t tcpi_rcv_ooopack; /* Out-of-order packets */ u_int32_t tcpi_snd_zerowin; /* Zero-sized windows sent */ /* Accurate ECN counters. */ u_int32_t tcpi_delivered_ce; u_int32_t tcpi_received_ce; /* # of CE marks received */ u_int32_t __tcpi_delivered_e1_bytes; u_int32_t __tcpi_delivered_e0_bytes; u_int32_t __tcpi_delivered_ce_bytes; u_int32_t __tcpi_received_e1_bytes; u_int32_t __tcpi_received_e0_bytes; u_int32_t __tcpi_received_ce_bytes; u_int32_t tcpi_total_tlp; /* tail loss probes sent */ u_int64_t tcpi_total_tlp_bytes; /* tail loss probe bytes sent */ u_int32_t tcpi_snd_una; /* Unacked seqno sent */ u_int32_t tcpi_snd_max; /* Highest seqno sent */ u_int32_t tcpi_rcv_numsacks; /* Distinct SACK blks present */ u_int32_t tcpi_rcv_adv; /* Peer advertised window */ u_int32_t tcpi_dupacks; /* Consecutive dup ACKs recvd */ u_int32_t tcpi_rttmin; /* Min observed RTT */ /* Padding to grow without breaking ABI. */ u_int32_t __tcpi_pad[14]; /* Padding. */ }; /* * If this structure is provided when setting the TCP_FASTOPEN socket * option, and the enable member is non-zero, a subsequent connect will use * pre-shared key (PSK) mode using the provided key. */ struct tcp_fastopen { int enable; uint8_t psk[TCP_FASTOPEN_PSK_LEN]; }; #define TCP_FUNCTION_NAME_LEN_MAX 32 struct stack_specific_info { char stack_name[TCP_FUNCTION_NAME_LEN_MAX]; uint64_t policer_last_bw; /* Only valid if detection enabled and policer detected */ uint64_t bytes_transmitted; uint64_t bytes_retransmitted; uint32_t policer_detection_enabled: 1, policer_detected : 1, /* transport thinks a policer is on path */ highly_buffered : 1, /* transport considers the path highly buffered */ spare : 29; uint32_t policer_bucket_size; /* Only valid if detection enabled and policer detected */ uint32_t current_round; uint32_t _rack_i_pad[18]; }; struct tcp_function_set { char function_set_name[TCP_FUNCTION_NAME_LEN_MAX]; uint32_t pcbcnt; }; /* TLS modes for TCP_TXTLS_MODE */ #define TCP_TLS_MODE_NONE 0 #define TCP_TLS_MODE_SW 1 #define TCP_TLS_MODE_IFNET 2 #define TCP_TLS_MODE_TOE 3 /* * TCP Control message types */ #define TLS_SET_RECORD_TYPE 1 #define TLS_GET_RECORD 2 /* * TCP log user opaque */ struct tcp_snd_req { uint64_t timestamp; uint64_t start; uint64_t end; uint32_t flags; uint32_t playout_ms; }; union tcp_log_userdata { struct tcp_snd_req tcp_req; }; struct tcp_log_user { uint32_t type; uint32_t subtype; union tcp_log_userdata data; }; /* user types, i.e. apps */ #define TCP_LOG_USER_HTTPD 1 /* user subtypes */ #define TCP_LOG_HTTPD_TS 1 /* client timestamp */ #define TCP_LOG_HTTPD_TS_REQ 2 /* client timestamp and request info */ /* HTTPD REQ flags */ #define TCP_LOG_HTTPD_RANGE_START 0x0001 #define TCP_LOG_HTTPD_RANGE_END 0x0002 /* Flags for hybrid pacing */ #define TCP_HYBRID_PACING_CU 0x0001 /* Enable catch-up mode */ #define TCP_HYBRID_PACING_DTL 0x0002 /* Enable Detailed logging */ #define TCP_HYBRID_PACING_CSPR 0x0004 /* A client suggested rate is present */ #define TCP_HYBRID_PACING_H_MS 0x0008 /* A client hint for maxseg is present */ #define TCP_HYBRID_PACING_ENABLE 0x0010 /* We are enabling hybrid pacing else disable */ #define TCP_HYBRID_PACING_S_MSS 0x0020 /* Clent wants us to set the mss overriding gp est in CU */ #define TCP_HAS_PLAYOUT_MS 0x0040 /* The client included the chunk playout milliseconds: deprecate */ /* the below are internal only flags */ #define TCP_HYBRID_PACING_USER_MASK 0x0FFF /* Non-internal flags mask */ #define TCP_HYBRID_PACING_SETMSS 0x1000 /* Internal flag that tells us we set the mss on this entry */ #define TCP_HYBRID_PACING_WASSET 0x2000 /* We init to this to know if a hybrid command was issued */ #define TCP_HYBRID_PACING_SENDTIME 0x4000 /* Duplicate tm to last, use sendtime for catch up mode */ struct tcp_hybrid_req { struct tcp_snd_req req; uint64_t cspr; uint32_t hint_maxseg; uint32_t hybrid_flags; }; /* * TCP specific variables of interest for tp->t_stats stats(9) accounting. */ #define VOI_TCP_TXPB 0 /* Transmit payload bytes */ #define VOI_TCP_RETXPB 1 /* Retransmit payload bytes */ #define VOI_TCP_FRWIN 2 /* Foreign receive window */ #define VOI_TCP_LCWIN 3 /* Local congesiton window */ #define VOI_TCP_RTT 4 /* Round trip time */ #define VOI_TCP_CSIG 5 /* Congestion signal */ #define VOI_TCP_GPUT 6 /* Goodput */ #define VOI_TCP_CALCFRWINDIFF 7 /* Congestion avoidance LCWIN - FRWIN */ #define VOI_TCP_GPUT_ND 8 /* Goodput normalised delta */ #define VOI_TCP_ACKLEN 9 /* Average ACKed bytes per ACK */ #define VOI_TCP_PATHRTT 10 /* The path RTT based on ACK arrival */ #define TCP_REUSPORT_LB_NUMA_NODOM (-2) /* remove numa binding */ #define TCP_REUSPORT_LB_NUMA_CURDOM (-1) /* bind to current domain */ #endif /* __BSD_VISIBLE */ #endif /* !_NETINET_TCP_H_ */ diff --git a/sys/netinet/udp.h b/sys/netinet/udp.h index edff456ba70e..010f2210b516 100644 --- a/sys/netinet/udp.h +++ b/sys/netinet/udp.h @@ -1,70 +1,70 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1982, 1986, 1993 * The Regents of the University of California. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef _NETINET_UDP_H_ #define _NETINET_UDP_H_ #include /* * UDP protocol header. * Per RFC 768, September, 1981. */ struct udphdr { u_short uh_sport; /* source port */ u_short uh_dport; /* destination port */ u_short uh_ulen; /* udp length */ u_short uh_sum; /* udp checksum */ -}; +} __packed; /* * User-settable options (used with setsockopt). */ #define UDP_ENCAP 1 /* Start of reserved space for third-party user-settable options. */ #define UDP_VENDOR SO_VENDOR /* * UDP Encapsulation of IPsec Packets options. */ /* Encapsulation types. */ #define UDP_ENCAP_ESPINUDP_NON_IKE 1 /* draft-ietf-ipsec-nat-t-ike-00/01 */ #define UDP_ENCAP_ESPINUDP 2 /* RFC3948 */ /* Default ESP in UDP encapsulation port. */ #define UDP_ENCAP_ESPINUDP_PORT 500 /* Maximum UDP fragment size for ESP over UDP. */ #define UDP_ENCAP_ESPINUDP_MAXFRAGLEN 552 #endif diff --git a/tests/sys/netinet/ip_reass_test.c b/tests/sys/netinet/ip_reass_test.c index a65bfa34e1d4..538815bd7a2c 100644 --- a/tests/sys/netinet/ip_reass_test.c +++ b/tests/sys/netinet/ip_reass_test.c @@ -1,380 +1,384 @@ /*- * Copyright (c) 2018 The FreeBSD Foundation * * This software was developed by Mark Johnston under sponsorship from * the FreeBSD Foundation. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are * met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include struct lopacket { u_int family; struct ip hdr; char payload[]; }; static void update_cksum(struct ip *ip) { size_t i; uint32_t cksum; - uint16_t *cksump; + uint8_t *cksump; + uint16_t tmp; ip->ip_sum = 0; - cksump = (uint16_t *)ip; - for (cksum = 0, i = 0; i < sizeof(*ip) / sizeof(*cksump); cksump++, i++) - cksum += ntohs(*cksump); + cksump = (char *)ip; + for (cksum = 0, i = 0; i < sizeof(*ip) / sizeof(uint16_t); i++) { + tmp = *cksump++; + tmp = tmp << 8 | *cksump++; + cksum += ntohs(tmp); + } cksum = (cksum >> 16) + (cksum & 0xffff); cksum = ~(cksum + (cksum >> 16)); ip->ip_sum = htons((uint16_t)cksum); } static struct lopacket * alloc_lopacket(in_addr_t dstaddr, size_t payloadlen) { struct ip *ip; struct lopacket *packet; size_t pktlen; pktlen = sizeof(*packet) + payloadlen; packet = malloc(pktlen); ATF_REQUIRE(packet != NULL); memset(packet, 0, pktlen); packet->family = AF_INET; ip = &packet->hdr; ip->ip_hl = sizeof(struct ip) >> 2; ip->ip_v = 4; ip->ip_tos = 0; ip->ip_len = htons(sizeof(*ip) + payloadlen); ip->ip_id = 0; ip->ip_off = 0; ip->ip_ttl = 1; ip->ip_p = IPPROTO_IP; ip->ip_sum = 0; ip->ip_src.s_addr = dstaddr; ip->ip_dst.s_addr = dstaddr; update_cksum(ip); return (packet); } static void free_lopacket(struct lopacket *packet) { free(packet); } static void write_lopacket(int bpffd, struct lopacket *packet) { struct timespec ts; ssize_t n; size_t len; len = sizeof(packet->family) + ntohs(packet->hdr.ip_len); n = write(bpffd, packet, len); ATF_REQUIRE_MSG(n >= 0, "packet write failed: %s", strerror(errno)); ATF_REQUIRE_MSG((size_t)n == len, "wrote %zd bytes instead of %zu", n, len); /* * Loopback packets are dispatched asynchronously, give netisr some * time. */ ts.tv_sec = 0; ts.tv_nsec = 5000000; /* 5ms */ (void)nanosleep(&ts, NULL); } static int open_lobpf(in_addr_t *addrp) { struct ifreq ifr; struct ifaddrs *ifa, *ifap; int error, fd; fd = open("/dev/bpf0", O_RDWR); if (fd < 0 && errno == ENOENT) atf_tc_skip("no BPF device available"); ATF_REQUIRE_MSG(fd >= 0, "open(/dev/bpf0): %s", strerror(errno)); error = getifaddrs(&ifap); ATF_REQUIRE(error == 0); for (ifa = ifap; ifa != NULL; ifa = ifa->ifa_next) if ((ifa->ifa_flags & IFF_LOOPBACK) != 0 && ifa->ifa_addr->sa_family == AF_INET) break; if (ifa == NULL) atf_tc_skip("no loopback address found"); memset(&ifr, 0, sizeof(ifr)); strlcpy(ifr.ifr_name, ifa->ifa_name, IFNAMSIZ); error = ioctl(fd, BIOCSETIF, &ifr); ATF_REQUIRE_MSG(error == 0, "ioctl(BIOCSETIF): %s", strerror(errno)); *addrp = ((struct sockaddr_in *)(void *)ifa->ifa_addr)->sin_addr.s_addr; freeifaddrs(ifap); return (fd); } static void get_ipstat(struct ipstat *stat) { size_t len; int error; memset(stat, 0, sizeof(*stat)); len = sizeof(*stat); error = sysctlbyname("net.inet.ip.stats", stat, &len, NULL, 0); ATF_REQUIRE_MSG(error == 0, "sysctl(net.inet.ip.stats) failed: %s", strerror(errno)); ATF_REQUIRE(len == sizeof(*stat)); } #define CHECK_IP_COUNTER(oldp, newp, counter) \ ATF_REQUIRE_MSG((oldp)->ips_ ## counter < (newp)->ips_ ## counter, \ "ips_" #counter " wasn't incremented (%ju vs. %ju)", \ (uintmax_t)old.ips_ ## counter, (uintmax_t)new.ips_## counter); /* * Make sure a fragment with MF set doesn't come after the last fragment of a * packet. Make sure that multiple fragments with MF clear have the same offset * and length. */ ATF_TC(ip_reass__multiple_last_fragments); ATF_TC_HEAD(ip_reass__multiple_last_fragments, tc) { atf_tc_set_md_var(tc, "require.user", "root"); } ATF_TC_BODY(ip_reass__multiple_last_fragments, tc) { struct ipstat old, new; struct ip *ip; struct lopacket *packet1, *packet2, *packet3, *packet4; in_addr_t addr; int error, fd; uint16_t ipid; fd = open_lobpf(&addr); ipid = arc4random_uniform(UINT16_MAX + 1); packet1 = alloc_lopacket(addr, 16); ip = &packet1->hdr; ip->ip_id = ipid; ip->ip_off = htons(0x10); update_cksum(ip); packet2 = alloc_lopacket(addr, 16); ip = &packet2->hdr; ip->ip_id = ipid; ip->ip_off = htons(0x20); update_cksum(ip); packet3 = alloc_lopacket(addr, 16); ip = &packet3->hdr; ip->ip_id = ipid; ip->ip_off = htons(0x8); update_cksum(ip); packet4 = alloc_lopacket(addr, 32); ip = &packet4->hdr; ip->ip_id = ipid; ip->ip_off = htons(0x10); update_cksum(ip); write_lopacket(fd, packet1); /* packet2 comes after packet1. */ get_ipstat(&old); write_lopacket(fd, packet2); get_ipstat(&new); CHECK_IP_COUNTER(&old, &new, fragdropped); /* packet2 comes after packet1 and has MF set. */ packet2->hdr.ip_off = htons(IP_MF | 0x20); update_cksum(&packet2->hdr); get_ipstat(&old); write_lopacket(fd, packet2); get_ipstat(&new); CHECK_IP_COUNTER(&old, &new, fragdropped); /* packet3 comes before packet1 but overlaps. */ get_ipstat(&old); write_lopacket(fd, packet3); get_ipstat(&new); CHECK_IP_COUNTER(&old, &new, fragdropped); /* packet4 has the same offset as packet1 but is longer. */ get_ipstat(&old); write_lopacket(fd, packet4); get_ipstat(&new); CHECK_IP_COUNTER(&old, &new, fragdropped); error = close(fd); ATF_REQUIRE(error == 0); free_lopacket(packet1); free_lopacket(packet2); free_lopacket(packet3); free_lopacket(packet4); } /* * Make sure that we reject zero-length fragments. */ ATF_TC(ip_reass__zero_length_fragment); ATF_TC_HEAD(ip_reass__zero_length_fragment, tc) { atf_tc_set_md_var(tc, "require.user", "root"); } ATF_TC_BODY(ip_reass__zero_length_fragment, tc) { struct ipstat old, new; struct ip *ip; struct lopacket *packet1, *packet2; in_addr_t addr; int error, fd; uint16_t ipid; fd = open_lobpf(&addr); ipid = arc4random_uniform(UINT16_MAX + 1); /* * Create two packets, one with MF set, one without. */ packet1 = alloc_lopacket(addr, 0); ip = &packet1->hdr; ip->ip_id = ipid; ip->ip_off = htons(IP_MF | 0x10); update_cksum(ip); packet2 = alloc_lopacket(addr, 0); ip = &packet2->hdr; ip->ip_id = ~ipid; ip->ip_off = htons(0x10); update_cksum(ip); get_ipstat(&old); write_lopacket(fd, packet1); get_ipstat(&new); CHECK_IP_COUNTER(&old, &new, toosmall); CHECK_IP_COUNTER(&old, &new, fragdropped); get_ipstat(&old); write_lopacket(fd, packet2); get_ipstat(&new); CHECK_IP_COUNTER(&old, &new, toosmall); CHECK_IP_COUNTER(&old, &new, fragdropped); error = close(fd); ATF_REQUIRE(error == 0); free_lopacket(packet1); free_lopacket(packet2); } ATF_TC(ip_reass__large_fragment); ATF_TC_HEAD(ip_reass__large_fragment, tc) { atf_tc_set_md_var(tc, "require.user", "root"); } ATF_TC_BODY(ip_reass__large_fragment, tc) { struct ipstat old, new; struct ip *ip; struct lopacket *packet1, *packet2; in_addr_t addr; int error, fd; uint16_t ipid; fd = open_lobpf(&addr); ipid = arc4random_uniform(UINT16_MAX + 1); /* * Create two packets, one with MF set, one without. * * 16 + (0x1fff << 3) > IP_MAXPACKET, so these should fail the check. */ packet1 = alloc_lopacket(addr, 16); ip = &packet1->hdr; ip->ip_id = ipid; ip->ip_off = htons(IP_MF | 0x1fff); update_cksum(ip); packet2 = alloc_lopacket(addr, 16); ip = &packet2->hdr; ip->ip_id = ipid; ip->ip_off = htons(0x1fff); update_cksum(ip); get_ipstat(&old); write_lopacket(fd, packet1); get_ipstat(&new); CHECK_IP_COUNTER(&old, &new, toolong); CHECK_IP_COUNTER(&old, &new, fragdropped); get_ipstat(&old); write_lopacket(fd, packet2); get_ipstat(&new); CHECK_IP_COUNTER(&old, &new, toolong); CHECK_IP_COUNTER(&old, &new, fragdropped); error = close(fd); ATF_REQUIRE(error == 0); free_lopacket(packet1); free_lopacket(packet2); } ATF_TP_ADD_TCS(tp) { ATF_TP_ADD_TC(tp, ip_reass__multiple_last_fragments); ATF_TP_ADD_TC(tp, ip_reass__zero_length_fragment); ATF_TP_ADD_TC(tp, ip_reass__large_fragment); return (atf_no_error()); }