diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c
index ef0b1f705260..4332f4ce864e 100644
--- a/sys/net/if_ethersubr.c
+++ b/sys/net/if_ethersubr.c
@@ -1,1545 +1,1545 @@
/*-
* SPDX-License-Identifier: BSD-3-Clause
*
* Copyright (c) 1982, 1989, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "opt_inet.h"
#include "opt_inet6.h"
#include "opt_netgraph.h"
#include "opt_mbuf_profiling.h"
#include "opt_rss.h"
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/devctl.h>
#include <sys/eventhandler.h>
#include <sys/jail.h>
#include <sys/kernel.h>
#include <sys/lock.h>
#include <sys/malloc.h>
#include <sys/mbuf.h>
#include <sys/module.h>
#include <sys/msan.h>
#include <sys/proc.h>
#include <sys/priv.h>
#include <sys/random.h>
#include <sys/socket.h>
#include <sys/sockio.h>
#include <sys/sysctl.h>
#include <sys/uuid.h>
#ifdef KDB
#include <sys/kdb.h>
#endif
#include <net/ieee_oui.h>
#include <net/if.h>
#include <net/if_var.h>
#include <net/if_private.h>
#include <net/if_arp.h>
#include <net/netisr.h>
#include <net/route.h>
#include <net/if_llc.h>
#include <net/if_dl.h>
#include <net/if_types.h>
#include <net/bpf.h>
#include <net/ethernet.h>
#include <net/if_bridgevar.h>
#include <net/if_vlan_var.h>
#include <net/if_llatbl.h>
#include <net/pfil.h>
#include <net/rss_config.h>
#include <net/vnet.h>
#include <netpfil/pf/pf_mtag.h>
#if defined(INET) || defined(INET6)
#include <netinet/in.h>
#include <netinet/in_var.h>
#include <netinet/if_ether.h>
#include <netinet/ip_carp.h>
#include <netinet/ip_var.h>
#endif
#ifdef INET6
#include <netinet6/nd6.h>
#endif
#include <security/mac/mac_framework.h>
#include <crypto/sha1.h>
#ifdef CTASSERT
CTASSERT(sizeof (struct ether_header) == ETHER_ADDR_LEN * 2 + 2);
CTASSERT(sizeof (struct ether_addr) == ETHER_ADDR_LEN);
#endif
VNET_DEFINE(pfil_head_t, link_pfil_head); /* Packet filter hooks */
/* netgraph node hooks for ng_ether(4) */
void (*ng_ether_input_p)(struct ifnet *ifp, struct mbuf **mp);
void (*ng_ether_input_orphan_p)(struct ifnet *ifp, struct mbuf *m);
int (*ng_ether_output_p)(struct ifnet *ifp, struct mbuf **mp);
void (*ng_ether_attach_p)(struct ifnet *ifp);
void (*ng_ether_detach_p)(struct ifnet *ifp);
void (*vlan_input_p)(struct ifnet *, struct mbuf *);
/* if_bridge(4) support */
void (*bridge_dn_p)(struct mbuf *, struct ifnet *);
/* if_lagg(4) support */
struct mbuf *(*lagg_input_ethernet_p)(struct ifnet *, struct mbuf *);
static const u_char etherbroadcastaddr[ETHER_ADDR_LEN] =
{ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
static int ether_resolvemulti(struct ifnet *, struct sockaddr **,
struct sockaddr *);
static int ether_requestencap(struct ifnet *, struct if_encap_req *);
static inline bool ether_do_pcp(struct ifnet *, struct mbuf *);
#define senderr(e) do { error = (e); goto bad;} while (0)
static void
update_mbuf_csumflags(struct mbuf *src, struct mbuf *dst)
{
int csum_flags = 0;
if (src->m_pkthdr.csum_flags & CSUM_IP)
csum_flags |= (CSUM_IP_CHECKED|CSUM_IP_VALID);
if (src->m_pkthdr.csum_flags & CSUM_DELAY_DATA)
csum_flags |= (CSUM_DATA_VALID|CSUM_PSEUDO_HDR);
if (src->m_pkthdr.csum_flags & CSUM_SCTP)
csum_flags |= CSUM_SCTP_VALID;
dst->m_pkthdr.csum_flags |= csum_flags;
if (csum_flags & CSUM_DATA_VALID)
dst->m_pkthdr.csum_data = 0xffff;
}
/*
* Handle link-layer encapsulation requests.
*/
static int
ether_requestencap(struct ifnet *ifp, struct if_encap_req *req)
{
struct ether_header *eh;
struct arphdr *ah;
uint16_t etype;
const u_char *lladdr;
if (req->rtype != IFENCAP_LL)
return (EOPNOTSUPP);
if (req->bufsize < ETHER_HDR_LEN)
return (ENOMEM);
eh = (struct ether_header *)req->buf;
lladdr = req->lladdr;
req->lladdr_off = 0;
switch (req->family) {
case AF_INET:
etype = htons(ETHERTYPE_IP);
break;
case AF_INET6:
etype = htons(ETHERTYPE_IPV6);
break;
case AF_ARP:
ah = (struct arphdr *)req->hdata;
ah->ar_hrd = htons(ARPHRD_ETHER);
switch(ntohs(ah->ar_op)) {
case ARPOP_REVREQUEST:
case ARPOP_REVREPLY:
etype = htons(ETHERTYPE_REVARP);
break;
case ARPOP_REQUEST:
case ARPOP_REPLY:
default:
etype = htons(ETHERTYPE_ARP);
break;
}
if (req->flags & IFENCAP_FLAG_BROADCAST)
lladdr = ifp->if_broadcastaddr;
break;
default:
return (EAFNOSUPPORT);
}
memcpy(&eh->ether_type, &etype, sizeof(eh->ether_type));
memcpy(eh->ether_dhost, lladdr, ETHER_ADDR_LEN);
memcpy(eh->ether_shost, IF_LLADDR(ifp), ETHER_ADDR_LEN);
req->bufsize = sizeof(struct ether_header);
return (0);
}
static int
ether_resolve_addr(struct ifnet *ifp, struct mbuf *m,
const struct sockaddr *dst, struct route *ro, u_char *phdr,
uint32_t *pflags, struct llentry **plle)
{
uint32_t lleflags = 0;
int error = 0;
#if defined(INET) || defined(INET6)
struct ether_header *eh = (struct ether_header *)phdr;
uint16_t etype;
#endif
if (plle)
*plle = NULL;
switch (dst->sa_family) {
#ifdef INET
case AF_INET:
if ((m->m_flags & (M_BCAST | M_MCAST)) == 0)
error = arpresolve(ifp, 0, m, dst, phdr, &lleflags,
plle);
else {
if (m->m_flags & M_BCAST)
memcpy(eh->ether_dhost, ifp->if_broadcastaddr,
ETHER_ADDR_LEN);
else {
const struct in_addr *a;
a = &(((const struct sockaddr_in *)dst)->sin_addr);
ETHER_MAP_IP_MULTICAST(a, eh->ether_dhost);
}
etype = htons(ETHERTYPE_IP);
memcpy(&eh->ether_type, &etype, sizeof(etype));
memcpy(eh->ether_shost, IF_LLADDR(ifp), ETHER_ADDR_LEN);
}
break;
#endif
#ifdef INET6
case AF_INET6:
if ((m->m_flags & M_MCAST) == 0) {
int af = RO_GET_FAMILY(ro, dst);
error = nd6_resolve(ifp, LLE_SF(af, 0), m, dst, phdr,
&lleflags, plle);
} else {
const struct in6_addr *a6;
a6 = &(((const struct sockaddr_in6 *)dst)->sin6_addr);
ETHER_MAP_IPV6_MULTICAST(a6, eh->ether_dhost);
etype = htons(ETHERTYPE_IPV6);
memcpy(&eh->ether_type, &etype, sizeof(etype));
memcpy(eh->ether_shost, IF_LLADDR(ifp), ETHER_ADDR_LEN);
}
break;
#endif
default:
if_printf(ifp, "can't handle af%d\n", dst->sa_family);
if (m != NULL)
m_freem(m);
return (EAFNOSUPPORT);
}
if (error == EHOSTDOWN) {
if (ro != NULL && (ro->ro_flags & RT_HAS_GW) != 0)
error = EHOSTUNREACH;
}
if (error != 0)
return (error);
*pflags = RT_MAY_LOOP;
if (lleflags & LLE_IFADDR)
*pflags |= RT_L2_ME;
return (0);
}
/*
* Ethernet output routine.
* Encapsulate a packet of type family for the local net.
* Use trailer local net encapsulation if enough data in first
* packet leaves a multiple of 512 bytes of data in remainder.
*/
int
ether_output(struct ifnet *ifp, struct mbuf *m,
const struct sockaddr *dst, struct route *ro)
{
int error = 0;
char linkhdr[ETHER_HDR_LEN], *phdr;
struct ether_header *eh;
struct pf_mtag *t;
bool loop_copy;
int hlen; /* link layer header length */
uint32_t pflags;
struct llentry *lle = NULL;
int addref = 0;
phdr = NULL;
pflags = 0;
if (ro != NULL) {
/* XXX BPF uses ro_prepend */
if (ro->ro_prepend != NULL) {
phdr = ro->ro_prepend;
hlen = ro->ro_plen;
} else if (!(m->m_flags & (M_BCAST | M_MCAST))) {
if ((ro->ro_flags & RT_LLE_CACHE) != 0) {
lle = ro->ro_lle;
if (lle != NULL &&
(lle->la_flags & LLE_VALID) == 0) {
LLE_FREE(lle);
lle = NULL; /* redundant */
ro->ro_lle = NULL;
}
if (lle == NULL) {
/* if we lookup, keep cache */
addref = 1;
} else
/*
* Notify LLE code that
* the entry was used
* by datapath.
*/
llentry_provide_feedback(lle);
}
if (lle != NULL) {
phdr = lle->r_linkdata;
hlen = lle->r_hdrlen;
pflags = lle->r_flags;
}
}
}
#ifdef MAC
error = mac_ifnet_check_transmit(ifp, m);
if (error)
senderr(error);
#endif
M_PROFILE(m);
if (ifp->if_flags & IFF_MONITOR)
senderr(ENETDOWN);
if (!((ifp->if_flags & IFF_UP) &&
(ifp->if_drv_flags & IFF_DRV_RUNNING)))
senderr(ENETDOWN);
if (phdr == NULL) {
/* No prepend data supplied. Try to calculate ourselves. */
phdr = linkhdr;
hlen = ETHER_HDR_LEN;
error = ether_resolve_addr(ifp, m, dst, ro, phdr, &pflags,
addref ? &lle : NULL);
if (addref && lle != NULL)
ro->ro_lle = lle;
if (error != 0)
return (error == EWOULDBLOCK ? 0 : error);
}
if ((pflags & RT_L2_ME) != 0) {
update_mbuf_csumflags(m, m);
return (if_simloop(ifp, m, RO_GET_FAMILY(ro, dst), 0));
}
loop_copy = (pflags & RT_MAY_LOOP) != 0;
/*
* Add local net header. If no space in first mbuf,
* allocate another.
*
* Note that we do prepend regardless of RT_HAS_HEADER flag.
* This is done because BPF code shifts m_data pointer
* to the end of ethernet header prior to calling if_output().
*/
M_PREPEND(m, hlen, M_NOWAIT);
if (m == NULL)
senderr(ENOBUFS);
if ((pflags & RT_HAS_HEADER) == 0) {
eh = mtod(m, struct ether_header *);
memcpy(eh, phdr, hlen);
}
/*
* If a simplex interface, and the packet is being sent to our
* Ethernet address or a broadcast address, loopback a copy.
* XXX To make a simplex device behave exactly like a duplex
* device, we should copy in the case of sending to our own
* ethernet address (thus letting the original actually appear
* on the wire). However, we don't do that here for security
* reasons and compatibility with the original behavior.
*/
if ((m->m_flags & M_BCAST) && loop_copy && (ifp->if_flags & IFF_SIMPLEX) &&
((t = pf_find_mtag(m)) == NULL || !t->routed)) {
struct mbuf *n;
/*
* Because if_simloop() modifies the packet, we need a
* writable copy through m_dup() instead of a readonly
* one as m_copy[m] would give us. The alternative would
* be to modify if_simloop() to handle the readonly mbuf,
* but performancewise it is mostly equivalent (trading
* extra data copying vs. extra locking).
*
* XXX This is a local workaround. A number of less
* often used kernel parts suffer from the same bug.
* See PR kern/105943 for a proposed general solution.
*/
if ((n = m_dup(m, M_NOWAIT)) != NULL) {
update_mbuf_csumflags(m, n);
(void)if_simloop(ifp, n, RO_GET_FAMILY(ro, dst), hlen);
} else
if_inc_counter(ifp, IFCOUNTER_IQDROPS, 1);
}
/*
* Bridges require special output handling.
*/
if (ifp->if_bridge) {
BRIDGE_OUTPUT(ifp, m, error);
return (error);
}
#if defined(INET) || defined(INET6)
if (ifp->if_carp &&
(error = (*carp_output_p)(ifp, m, dst)))
goto bad;
#endif
/* Handle ng_ether(4) processing, if any */
if (ifp->if_l2com != NULL) {
KASSERT(ng_ether_output_p != NULL,
("ng_ether_output_p is NULL"));
if ((error = (*ng_ether_output_p)(ifp, &m)) != 0) {
bad: if (m != NULL)
m_freem(m);
return (error);
}
if (m == NULL)
return (0);
}
/* Continue with link-layer output */
return ether_output_frame(ifp, m);
}
static bool
ether_set_pcp(struct mbuf **mp, struct ifnet *ifp, uint8_t pcp)
{
struct ether_8021q_tag qtag;
struct ether_header *eh;
eh = mtod(*mp, struct ether_header *);
if (eh->ether_type == htons(ETHERTYPE_VLAN) ||
eh->ether_type == htons(ETHERTYPE_QINQ)) {
(*mp)->m_flags &= ~M_VLANTAG;
return (true);
}
qtag.vid = 0;
qtag.pcp = pcp;
qtag.proto = ETHERTYPE_VLAN;
if (ether_8021q_frame(mp, ifp, ifp, &qtag))
return (true);
if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
return (false);
}
/*
* Ethernet link layer output routine to send a raw frame to the device.
*
* This assumes that the 14 byte Ethernet header is present and contiguous
* in the first mbuf (if BRIDGE'ing).
*/
int
ether_output_frame(struct ifnet *ifp, struct mbuf *m)
{
if (ether_do_pcp(ifp, m) && !ether_set_pcp(&m, ifp, ifp->if_pcp))
return (0);
if (PFIL_HOOKED_OUT(V_link_pfil_head))
switch (pfil_mbuf_out(V_link_pfil_head, &m, ifp, NULL)) {
case PFIL_DROPPED:
return (EACCES);
case PFIL_CONSUMED:
return (0);
}
#ifdef EXPERIMENTAL
#if defined(INET6) && defined(INET)
/* draft-ietf-6man-ipv6only-flag */
/* Catch ETHERTYPE_IP, and ETHERTYPE_[REV]ARP if we are v6-only. */
if ((ND_IFINFO(ifp)->flags & ND6_IFF_IPV6_ONLY_MASK) != 0) {
struct ether_header *eh;
eh = mtod(m, struct ether_header *);
switch (ntohs(eh->ether_type)) {
case ETHERTYPE_IP:
case ETHERTYPE_ARP:
case ETHERTYPE_REVARP:
m_freem(m);
return (EAFNOSUPPORT);
/* NOTREACHED */
break;
};
}
#endif
#endif
/*
* Queue message on interface, update output statistics if successful,
* and start output if interface not yet active.
*
* If KMSAN is enabled, use it to verify that the data does not contain
* any uninitialized bytes.
*/
kmsan_check_mbuf(m, "ether_output");
return ((ifp->if_transmit)(ifp, m));
}
/*
* Process a received Ethernet packet; the packet is in the
* mbuf chain m with the ethernet header at the front.
*/
static void
ether_input_internal(struct ifnet *ifp, struct mbuf *m)
{
struct ether_header *eh;
u_short etype;
if ((ifp->if_flags & IFF_UP) == 0) {
m_freem(m);
return;
}
#ifdef DIAGNOSTIC
if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) {
if_printf(ifp, "discard frame at !IFF_DRV_RUNNING\n");
m_freem(m);
return;
}
#endif
if (m->m_len < ETHER_HDR_LEN) {
/* XXX maybe should pullup? */
if_printf(ifp, "discard frame w/o leading ethernet "
"header (len %u pkt len %u)\n",
m->m_len, m->m_pkthdr.len);
if_inc_counter(ifp, IFCOUNTER_IERRORS, 1);
m_freem(m);
return;
}
eh = mtod(m, struct ether_header *);
etype = ntohs(eh->ether_type);
random_harvest_queue_ether(m, sizeof(*m));
#ifdef EXPERIMENTAL
#if defined(INET6) && defined(INET)
/* draft-ietf-6man-ipv6only-flag */
/* Catch ETHERTYPE_IP, and ETHERTYPE_[REV]ARP if we are v6-only. */
if ((ND_IFINFO(ifp)->flags & ND6_IFF_IPV6_ONLY_MASK) != 0) {
switch (etype) {
case ETHERTYPE_IP:
case ETHERTYPE_ARP:
case ETHERTYPE_REVARP:
m_freem(m);
return;
/* NOTREACHED */
break;
};
}
#endif
#endif
CURVNET_SET_QUIET(ifp->if_vnet);
if (ETHER_IS_MULTICAST(eh->ether_dhost)) {
if (ETHER_IS_BROADCAST(eh->ether_dhost))
m->m_flags |= M_BCAST;
else
m->m_flags |= M_MCAST;
if_inc_counter(ifp, IFCOUNTER_IMCASTS, 1);
}
#ifdef MAC
/*
* Tag the mbuf with an appropriate MAC label before any other
* consumers can get to it.
*/
mac_ifnet_create_mbuf(ifp, m);
#endif
/*
* Give bpf a chance at the packet.
*/
ETHER_BPF_MTAP(ifp, m);
/*
* If the CRC is still on the packet, trim it off. We do this once
* and once only in case we are re-entered. Nothing else on the
* Ethernet receive path expects to see the FCS.
*/
if (m->m_flags & M_HASFCS) {
m_adj(m, -ETHER_CRC_LEN);
m->m_flags &= ~M_HASFCS;
}
if (!(ifp->if_capenable & IFCAP_HWSTATS))
if_inc_counter(ifp, IFCOUNTER_IBYTES, m->m_pkthdr.len);
/* Allow monitor mode to claim this frame, after stats are updated. */
if (ifp->if_flags & IFF_MONITOR) {
m_freem(m);
CURVNET_RESTORE();
return;
}
/* Handle input from a lagg(4) port */
if (ifp->if_type == IFT_IEEE8023ADLAG) {
KASSERT(lagg_input_ethernet_p != NULL,
("%s: if_lagg not loaded!", __func__));
m = (*lagg_input_ethernet_p)(ifp, m);
if (m != NULL)
ifp = m->m_pkthdr.rcvif;
else {
CURVNET_RESTORE();
return;
}
}
/*
* If the hardware did not process an 802.1Q tag, do this now,
* to allow 802.1P priority frames to be passed to the main input
* path correctly.
*/
if ((m->m_flags & M_VLANTAG) == 0 &&
((etype == ETHERTYPE_VLAN) || (etype == ETHERTYPE_QINQ))) {
struct ether_vlan_header *evl;
if (m->m_len < sizeof(*evl) &&
(m = m_pullup(m, sizeof(*evl))) == NULL) {
#ifdef DIAGNOSTIC
if_printf(ifp, "cannot pullup VLAN header\n");
#endif
if_inc_counter(ifp, IFCOUNTER_IERRORS, 1);
CURVNET_RESTORE();
return;
}
evl = mtod(m, struct ether_vlan_header *);
m->m_pkthdr.ether_vtag = ntohs(evl->evl_tag);
m->m_flags |= M_VLANTAG;
bcopy((char *)evl, (char *)evl + ETHER_VLAN_ENCAP_LEN,
ETHER_HDR_LEN - ETHER_TYPE_LEN);
m_adj(m, ETHER_VLAN_ENCAP_LEN);
eh = mtod(m, struct ether_header *);
}
M_SETFIB(m, ifp->if_fib);
/* Allow ng_ether(4) to claim this frame. */
if (ifp->if_l2com != NULL) {
KASSERT(ng_ether_input_p != NULL,
("%s: ng_ether_input_p is NULL", __func__));
m->m_flags &= ~M_PROMISC;
(*ng_ether_input_p)(ifp, &m);
if (m == NULL) {
CURVNET_RESTORE();
return;
}
eh = mtod(m, struct ether_header *);
}
/*
* Allow if_bridge(4) to claim this frame.
*
* The BRIDGE_INPUT() macro will update ifp if the bridge changed it
* and the frame should be delivered locally.
*
* If M_BRIDGE_INJECT is set, the packet was received directly by the
* bridge via netmap, so "ifp" is the bridge itself and the packet
* should be re-examined.
*/
if (ifp->if_bridge != NULL || (m->m_flags & M_BRIDGE_INJECT) != 0) {
m->m_flags &= ~M_PROMISC;
BRIDGE_INPUT(ifp, m);
if (m == NULL) {
CURVNET_RESTORE();
return;
}
eh = mtod(m, struct ether_header *);
}
#if defined(INET) || defined(INET6)
/*
* Clear M_PROMISC on frame so that carp(4) will see it when the
* mbuf flows up to Layer 3.
* FreeBSD's implementation of carp(4) uses the inprotosw
* to dispatch IPPROTO_CARP. carp(4) also allocates its own
* Ethernet addresses of the form 00:00:5e:00:01:xx, which
* is outside the scope of the M_PROMISC test below.
* TODO: Maintain a hash table of ethernet addresses other than
* ether_dhost which may be active on this ifp.
*/
if (ifp->if_carp && (*carp_forus_p)(ifp, eh->ether_dhost)) {
m->m_flags &= ~M_PROMISC;
} else
#endif
{
/*
* If the frame received was not for our MAC address, set the
* M_PROMISC flag on the mbuf chain. The frame may need to
* be seen by the rest of the Ethernet input path in case of
* re-entry (e.g. bridge, vlan, netgraph) but should not be
* seen by upper protocol layers.
*/
if (!ETHER_IS_MULTICAST(eh->ether_dhost) &&
bcmp(IF_LLADDR(ifp), eh->ether_dhost, ETHER_ADDR_LEN) != 0)
m->m_flags |= M_PROMISC;
}
ether_demux(ifp, m);
CURVNET_RESTORE();
}
/*
* Ethernet input dispatch; by default, direct dispatch here regardless of
* global configuration. However, if RSS is enabled, hook up RSS affinity
* so that when deferred or hybrid dispatch is enabled, we can redistribute
* load based on RSS.
*
* XXXRW: Would be nice if the ifnet passed up a flag indicating whether or
* not it had already done work distribution via multi-queue. Then we could
* direct dispatch in the event load balancing was already complete and
* handle the case of interfaces with different capabilities better.
*
* XXXRW: Sort of want an M_DISTRIBUTED flag to avoid multiple distributions
* at multiple layers?
*
* XXXRW: For now, enable all this only if RSS is compiled in, although it
* works fine without RSS. Need to characterise the performance overhead
* of the detour through the netisr code in the event the result is always
* direct dispatch.
*/
static void
ether_nh_input(struct mbuf *m)
{
M_ASSERTPKTHDR(m);
KASSERT(m->m_pkthdr.rcvif != NULL,
("%s: NULL interface pointer", __func__));
ether_input_internal(m->m_pkthdr.rcvif, m);
}
static struct netisr_handler ether_nh = {
.nh_name = "ether",
.nh_handler = ether_nh_input,
.nh_proto = NETISR_ETHER,
#ifdef RSS
.nh_policy = NETISR_POLICY_CPU,
.nh_dispatch = NETISR_DISPATCH_DIRECT,
.nh_m2cpuid = rss_m2cpuid,
#else
.nh_policy = NETISR_POLICY_SOURCE,
.nh_dispatch = NETISR_DISPATCH_DIRECT,
#endif
};
static void
ether_init(__unused void *arg)
{
netisr_register(ðer_nh);
}
SYSINIT(ether, SI_SUB_INIT_IF, SI_ORDER_ANY, ether_init, NULL);
static void
vnet_ether_init(__unused void *arg)
{
struct pfil_head_args args;
args.pa_version = PFIL_VERSION;
args.pa_flags = PFIL_IN | PFIL_OUT;
args.pa_type = PFIL_TYPE_ETHERNET;
args.pa_headname = PFIL_ETHER_NAME;
V_link_pfil_head = pfil_head_register(&args);
#ifdef VIMAGE
netisr_register_vnet(ðer_nh);
#endif
}
VNET_SYSINIT(vnet_ether_init, SI_SUB_PROTO_IF, SI_ORDER_ANY,
vnet_ether_init, NULL);
#ifdef VIMAGE
static void
vnet_ether_pfil_destroy(__unused void *arg)
{
pfil_head_unregister(V_link_pfil_head);
}
VNET_SYSUNINIT(vnet_ether_pfil_uninit, SI_SUB_PROTO_PFIL, SI_ORDER_ANY,
vnet_ether_pfil_destroy, NULL);
static void
vnet_ether_destroy(__unused void *arg)
{
netisr_unregister_vnet(ðer_nh);
}
VNET_SYSUNINIT(vnet_ether_uninit, SI_SUB_PROTO_IF, SI_ORDER_ANY,
vnet_ether_destroy, NULL);
#endif
static void
ether_input(struct ifnet *ifp, struct mbuf *m)
{
struct epoch_tracker et;
struct mbuf *mn;
bool needs_epoch;
needs_epoch = (ifp->if_flags & IFF_NEEDSEPOCH);
#ifdef INVARIANTS
/*
* This temporary code is here to prevent epoch unaware and unmarked
* drivers to panic the system. Once all drivers are taken care of,
* the whole INVARIANTS block should go away.
*/
if (!needs_epoch && !in_epoch(net_epoch_preempt)) {
static bool printedonce;
needs_epoch = true;
if (!printedonce) {
printedonce = true;
if_printf(ifp, "called %s w/o net epoch! "
"PLEASE file a bug report.", __func__);
#ifdef KDB
kdb_backtrace();
#endif
}
}
#endif
/*
* The drivers are allowed to pass in a chain of packets linked with
* m_nextpkt. We split them up into separate packets here and pass
* them up. This allows the drivers to amortize the receive lock.
*/
CURVNET_SET_QUIET(ifp->if_vnet);
if (__predict_false(needs_epoch))
NET_EPOCH_ENTER(et);
while (m) {
mn = m->m_nextpkt;
m->m_nextpkt = NULL;
/*
* We will rely on rcvif being set properly in the deferred
* context, so assert it is correct here.
*/
MPASS((m->m_pkthdr.csum_flags & CSUM_SND_TAG) == 0);
KASSERT(m->m_pkthdr.rcvif == ifp, ("%s: ifnet mismatch m %p "
"rcvif %p ifp %p", __func__, m, m->m_pkthdr.rcvif, ifp));
netisr_dispatch(NETISR_ETHER, m);
m = mn;
}
if (__predict_false(needs_epoch))
NET_EPOCH_EXIT(et);
CURVNET_RESTORE();
}
/*
* Upper layer processing for a received Ethernet packet.
*/
void
ether_demux(struct ifnet *ifp, struct mbuf *m)
{
struct ether_header *eh;
int i, isr;
u_short ether_type;
NET_EPOCH_ASSERT();
KASSERT(ifp != NULL, ("%s: NULL interface pointer", __func__));
/* Do not grab PROMISC frames in case we are re-entered. */
if (PFIL_HOOKED_IN(V_link_pfil_head) && !(m->m_flags & M_PROMISC)) {
i = pfil_mbuf_in(V_link_pfil_head, &m, ifp, NULL);
- if (i != 0 || m == NULL)
+ if (i != PFIL_PASS)
return;
}
eh = mtod(m, struct ether_header *);
ether_type = ntohs(eh->ether_type);
/*
* If this frame has a VLAN tag other than 0, call vlan_input()
* if its module is loaded. Otherwise, drop.
*/
if ((m->m_flags & M_VLANTAG) &&
EVL_VLANOFTAG(m->m_pkthdr.ether_vtag) != 0) {
if (ifp->if_vlantrunk == NULL) {
if_inc_counter(ifp, IFCOUNTER_NOPROTO, 1);
m_freem(m);
return;
}
KASSERT(vlan_input_p != NULL,("%s: VLAN not loaded!",
__func__));
/* Clear before possibly re-entering ether_input(). */
m->m_flags &= ~M_PROMISC;
(*vlan_input_p)(ifp, m);
return;
}
/*
* Pass promiscuously received frames to the upper layer if the user
* requested this by setting IFF_PPROMISC. Otherwise, drop them.
*/
if ((ifp->if_flags & IFF_PPROMISC) == 0 && (m->m_flags & M_PROMISC)) {
m_freem(m);
return;
}
/*
* Reset layer specific mbuf flags to avoid confusing upper layers.
*/
m->m_flags &= ~M_VLANTAG;
m_clrprotoflags(m);
/*
* Dispatch frame to upper layer.
*/
switch (ether_type) {
#ifdef INET
case ETHERTYPE_IP:
isr = NETISR_IP;
break;
case ETHERTYPE_ARP:
if (ifp->if_flags & IFF_NOARP) {
/* Discard packet if ARP is disabled on interface */
m_freem(m);
return;
}
isr = NETISR_ARP;
break;
#endif
#ifdef INET6
case ETHERTYPE_IPV6:
isr = NETISR_IPV6;
break;
#endif
default:
goto discard;
}
/* Strip off Ethernet header. */
m_adj(m, ETHER_HDR_LEN);
netisr_dispatch(isr, m);
return;
discard:
/*
* Packet is to be discarded. If netgraph is present,
* hand the packet to it for last chance processing;
* otherwise dispose of it.
*/
if (ifp->if_l2com != NULL) {
KASSERT(ng_ether_input_orphan_p != NULL,
("ng_ether_input_orphan_p is NULL"));
(*ng_ether_input_orphan_p)(ifp, m);
return;
}
m_freem(m);
}
/*
* Convert Ethernet address to printable (loggable) representation.
* This routine is for compatibility; it's better to just use
*
* printf("%6D", <pointer to address>, ":");
*
* since there's no static buffer involved.
*/
char *
ether_sprintf(const u_char *ap)
{
static char etherbuf[18];
snprintf(etherbuf, sizeof (etherbuf), "%6D", ap, ":");
return (etherbuf);
}
/*
* Perform common duties while attaching to interface list
*/
void
ether_ifattach(struct ifnet *ifp, const u_int8_t *lla)
{
int i;
struct ifaddr *ifa;
struct sockaddr_dl *sdl;
ifp->if_addrlen = ETHER_ADDR_LEN;
ifp->if_hdrlen = ETHER_HDR_LEN;
ifp->if_mtu = ETHERMTU;
if_attach(ifp);
ifp->if_output = ether_output;
ifp->if_input = ether_input;
ifp->if_resolvemulti = ether_resolvemulti;
ifp->if_requestencap = ether_requestencap;
#ifdef VIMAGE
ifp->if_reassign = ether_reassign;
#endif
if (ifp->if_baudrate == 0)
ifp->if_baudrate = IF_Mbps(10); /* just a default */
ifp->if_broadcastaddr = etherbroadcastaddr;
ifa = ifp->if_addr;
KASSERT(ifa != NULL, ("%s: no lladdr!\n", __func__));
sdl = (struct sockaddr_dl *)ifa->ifa_addr;
sdl->sdl_type = IFT_ETHER;
sdl->sdl_alen = ifp->if_addrlen;
bcopy(lla, LLADDR(sdl), ifp->if_addrlen);
if (ifp->if_hw_addr != NULL)
bcopy(lla, ifp->if_hw_addr, ifp->if_addrlen);
bpfattach(ifp, DLT_EN10MB, ETHER_HDR_LEN);
if (ng_ether_attach_p != NULL)
(*ng_ether_attach_p)(ifp);
/* Announce Ethernet MAC address if non-zero. */
for (i = 0; i < ifp->if_addrlen; i++)
if (lla[i] != 0)
break;
if (i != ifp->if_addrlen)
if_printf(ifp, "Ethernet address: %6D\n", lla, ":");
uuid_ether_add(LLADDR(sdl));
/* Add necessary bits are setup; announce it now. */
EVENTHANDLER_INVOKE(ether_ifattach_event, ifp);
if (IS_DEFAULT_VNET(curvnet))
devctl_notify("ETHERNET", ifp->if_xname, "IFATTACH", NULL);
}
/*
* Perform common duties while detaching an Ethernet interface
*/
void
ether_ifdetach(struct ifnet *ifp)
{
struct sockaddr_dl *sdl;
sdl = (struct sockaddr_dl *)(ifp->if_addr->ifa_addr);
uuid_ether_del(LLADDR(sdl));
if (ifp->if_l2com != NULL) {
KASSERT(ng_ether_detach_p != NULL,
("ng_ether_detach_p is NULL"));
(*ng_ether_detach_p)(ifp);
}
bpfdetach(ifp);
if_detach(ifp);
}
#ifdef VIMAGE
void
ether_reassign(struct ifnet *ifp, struct vnet *new_vnet, char *unused __unused)
{
if (ifp->if_l2com != NULL) {
KASSERT(ng_ether_detach_p != NULL,
("ng_ether_detach_p is NULL"));
(*ng_ether_detach_p)(ifp);
}
if (ng_ether_attach_p != NULL) {
CURVNET_SET_QUIET(new_vnet);
(*ng_ether_attach_p)(ifp);
CURVNET_RESTORE();
}
}
#endif
SYSCTL_DECL(_net_link);
SYSCTL_NODE(_net_link, IFT_ETHER, ether, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
"Ethernet");
#if 0
/*
* This is for reference. We have a table-driven version
* of the little-endian crc32 generator, which is faster
* than the double-loop.
*/
uint32_t
ether_crc32_le(const uint8_t *buf, size_t len)
{
size_t i;
uint32_t crc;
int bit;
uint8_t data;
crc = 0xffffffff; /* initial value */
for (i = 0; i < len; i++) {
for (data = *buf++, bit = 0; bit < 8; bit++, data >>= 1) {
carry = (crc ^ data) & 1;
crc >>= 1;
if (carry)
crc = (crc ^ ETHER_CRC_POLY_LE);
}
}
return (crc);
}
#else
uint32_t
ether_crc32_le(const uint8_t *buf, size_t len)
{
static const uint32_t crctab[] = {
0x00000000, 0x1db71064, 0x3b6e20c8, 0x26d930ac,
0x76dc4190, 0x6b6b51f4, 0x4db26158, 0x5005713c,
0xedb88320, 0xf00f9344, 0xd6d6a3e8, 0xcb61b38c,
0x9b64c2b0, 0x86d3d2d4, 0xa00ae278, 0xbdbdf21c
};
size_t i;
uint32_t crc;
crc = 0xffffffff; /* initial value */
for (i = 0; i < len; i++) {
crc ^= buf[i];
crc = (crc >> 4) ^ crctab[crc & 0xf];
crc = (crc >> 4) ^ crctab[crc & 0xf];
}
return (crc);
}
#endif
uint32_t
ether_crc32_be(const uint8_t *buf, size_t len)
{
size_t i;
uint32_t crc, carry;
int bit;
uint8_t data;
crc = 0xffffffff; /* initial value */
for (i = 0; i < len; i++) {
for (data = *buf++, bit = 0; bit < 8; bit++, data >>= 1) {
carry = ((crc & 0x80000000) ? 1 : 0) ^ (data & 0x01);
crc <<= 1;
if (carry)
crc = (crc ^ ETHER_CRC_POLY_BE) | carry;
}
}
return (crc);
}
int
ether_ioctl(struct ifnet *ifp, u_long command, caddr_t data)
{
struct ifaddr *ifa = (struct ifaddr *) data;
struct ifreq *ifr = (struct ifreq *) data;
int error = 0;
switch (command) {
case SIOCSIFADDR:
ifp->if_flags |= IFF_UP;
switch (ifa->ifa_addr->sa_family) {
#ifdef INET
case AF_INET:
ifp->if_init(ifp->if_softc); /* before arpwhohas */
arp_ifinit(ifp, ifa);
break;
#endif
default:
ifp->if_init(ifp->if_softc);
break;
}
break;
case SIOCGIFADDR:
bcopy(IF_LLADDR(ifp), &ifr->ifr_addr.sa_data[0],
ETHER_ADDR_LEN);
break;
case SIOCSIFMTU:
/*
* Set the interface MTU.
*/
if (ifr->ifr_mtu > ETHERMTU) {
error = EINVAL;
} else {
ifp->if_mtu = ifr->ifr_mtu;
}
break;
case SIOCSLANPCP:
error = priv_check(curthread, PRIV_NET_SETLANPCP);
if (error != 0)
break;
if (ifr->ifr_lan_pcp > 7 &&
ifr->ifr_lan_pcp != IFNET_PCP_NONE) {
error = EINVAL;
} else {
ifp->if_pcp = ifr->ifr_lan_pcp;
/* broadcast event about PCP change */
EVENTHANDLER_INVOKE(ifnet_event, ifp, IFNET_EVENT_PCP);
}
break;
case SIOCGLANPCP:
ifr->ifr_lan_pcp = ifp->if_pcp;
break;
default:
error = EINVAL; /* XXX netbsd has ENOTTY??? */
break;
}
return (error);
}
static int
ether_resolvemulti(struct ifnet *ifp, struct sockaddr **llsa,
struct sockaddr *sa)
{
struct sockaddr_dl *sdl;
#ifdef INET
struct sockaddr_in *sin;
#endif
#ifdef INET6
struct sockaddr_in6 *sin6;
#endif
u_char *e_addr;
switch(sa->sa_family) {
case AF_LINK:
/*
* No mapping needed. Just check that it's a valid MC address.
*/
sdl = (struct sockaddr_dl *)sa;
e_addr = LLADDR(sdl);
if (!ETHER_IS_MULTICAST(e_addr))
return EADDRNOTAVAIL;
*llsa = NULL;
return 0;
#ifdef INET
case AF_INET:
sin = (struct sockaddr_in *)sa;
if (!IN_MULTICAST(ntohl(sin->sin_addr.s_addr)))
return EADDRNOTAVAIL;
sdl = link_init_sdl(ifp, *llsa, IFT_ETHER);
sdl->sdl_alen = ETHER_ADDR_LEN;
e_addr = LLADDR(sdl);
ETHER_MAP_IP_MULTICAST(&sin->sin_addr, e_addr);
*llsa = (struct sockaddr *)sdl;
return 0;
#endif
#ifdef INET6
case AF_INET6:
sin6 = (struct sockaddr_in6 *)sa;
if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) {
/*
* An IP6 address of 0 means listen to all
* of the Ethernet multicast address used for IP6.
* (This is used for multicast routers.)
*/
ifp->if_flags |= IFF_ALLMULTI;
*llsa = NULL;
return 0;
}
if (!IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr))
return EADDRNOTAVAIL;
sdl = link_init_sdl(ifp, *llsa, IFT_ETHER);
sdl->sdl_alen = ETHER_ADDR_LEN;
e_addr = LLADDR(sdl);
ETHER_MAP_IPV6_MULTICAST(&sin6->sin6_addr, e_addr);
*llsa = (struct sockaddr *)sdl;
return 0;
#endif
default:
/*
* Well, the text isn't quite right, but it's the name
* that counts...
*/
return EAFNOSUPPORT;
}
}
static moduledata_t ether_mod = {
.name = "ether",
};
void
ether_vlan_mtap(struct bpf_if *bp, struct mbuf *m, void *data, u_int dlen)
{
struct ether_vlan_header vlan;
struct mbuf mv, mb;
KASSERT((m->m_flags & M_VLANTAG) != 0,
("%s: vlan information not present", __func__));
KASSERT(m->m_len >= sizeof(struct ether_header),
("%s: mbuf not large enough for header", __func__));
bcopy(mtod(m, char *), &vlan, sizeof(struct ether_header));
vlan.evl_proto = vlan.evl_encap_proto;
vlan.evl_encap_proto = htons(ETHERTYPE_VLAN);
vlan.evl_tag = htons(m->m_pkthdr.ether_vtag);
m->m_len -= sizeof(struct ether_header);
m->m_data += sizeof(struct ether_header);
/*
* If a data link has been supplied by the caller, then we will need to
* re-create a stack allocated mbuf chain with the following structure:
*
* (1) mbuf #1 will contain the supplied data link
* (2) mbuf #2 will contain the vlan header
* (3) mbuf #3 will contain the original mbuf's packet data
*
* Otherwise, submit the packet and vlan header via bpf_mtap2().
*/
if (data != NULL) {
mv.m_next = m;
mv.m_data = (caddr_t)&vlan;
mv.m_len = sizeof(vlan);
mb.m_next = &mv;
mb.m_data = data;
mb.m_len = dlen;
bpf_mtap(bp, &mb);
} else
bpf_mtap2(bp, &vlan, sizeof(vlan), m);
m->m_len += sizeof(struct ether_header);
m->m_data -= sizeof(struct ether_header);
}
struct mbuf *
ether_vlanencap_proto(struct mbuf *m, uint16_t tag, uint16_t proto)
{
struct ether_vlan_header *evl;
M_PREPEND(m, ETHER_VLAN_ENCAP_LEN, M_NOWAIT);
if (m == NULL)
return (NULL);
/* M_PREPEND takes care of m_len, m_pkthdr.len for us */
if (m->m_len < sizeof(*evl)) {
m = m_pullup(m, sizeof(*evl));
if (m == NULL)
return (NULL);
}
/*
* Transform the Ethernet header into an Ethernet header
* with 802.1Q encapsulation.
*/
evl = mtod(m, struct ether_vlan_header *);
bcopy((char *)evl + ETHER_VLAN_ENCAP_LEN,
(char *)evl, ETHER_HDR_LEN - ETHER_TYPE_LEN);
evl->evl_encap_proto = htons(proto);
evl->evl_tag = htons(tag);
return (m);
}
void
ether_bpf_mtap_if(struct ifnet *ifp, struct mbuf *m)
{
if (bpf_peers_present(ifp->if_bpf)) {
M_ASSERTVALID(m);
if ((m->m_flags & M_VLANTAG) != 0)
ether_vlan_mtap(ifp->if_bpf, m, NULL, 0);
else
bpf_mtap(ifp->if_bpf, m);
}
}
static SYSCTL_NODE(_net_link, IFT_L2VLAN, vlan, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
"IEEE 802.1Q VLAN");
static SYSCTL_NODE(_net_link_vlan, PF_LINK, link,
CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
"for consistency");
VNET_DEFINE_STATIC(int, soft_pad);
#define V_soft_pad VNET(soft_pad)
SYSCTL_INT(_net_link_vlan, OID_AUTO, soft_pad, CTLFLAG_RW | CTLFLAG_VNET,
&VNET_NAME(soft_pad), 0,
"pad short frames before tagging");
/*
* For now, make preserving PCP via an mbuf tag optional, as it increases
* per-packet memory allocations and frees. In the future, it would be
* preferable to reuse ether_vtag for this, or similar.
*/
VNET_DEFINE(int, vlan_mtag_pcp) = 0;
#define V_vlan_mtag_pcp VNET(vlan_mtag_pcp)
SYSCTL_INT(_net_link_vlan, OID_AUTO, mtag_pcp, CTLFLAG_RW | CTLFLAG_VNET,
&VNET_NAME(vlan_mtag_pcp), 0,
"Retain VLAN PCP information as packets are passed up the stack");
static inline bool
ether_do_pcp(struct ifnet *ifp, struct mbuf *m)
{
if (ifp->if_type == IFT_L2VLAN)
return (false);
if (ifp->if_pcp != IFNET_PCP_NONE || (m->m_flags & M_VLANTAG) != 0)
return (true);
if (V_vlan_mtag_pcp &&
m_tag_locate(m, MTAG_8021Q, MTAG_8021Q_PCP_OUT, NULL) != NULL)
return (true);
return (false);
}
bool
ether_8021q_frame(struct mbuf **mp, struct ifnet *ife, struct ifnet *p,
const struct ether_8021q_tag *qtag)
{
struct m_tag *mtag;
int n;
uint16_t tag;
uint8_t pcp = qtag->pcp;
static const char pad[8]; /* just zeros */
/*
* Pad the frame to the minimum size allowed if told to.
* This option is in accord with IEEE Std 802.1Q, 2003 Ed.,
* paragraph C.4.4.3.b. It can help to work around buggy
* bridges that violate paragraph C.4.4.3.a from the same
* document, i.e., fail to pad short frames after untagging.
* E.g., a tagged frame 66 bytes long (incl. FCS) is OK, but
* untagging it will produce a 62-byte frame, which is a runt
* and requires padding. There are VLAN-enabled network
* devices that just discard such runts instead or mishandle
* them somehow.
*/
if (V_soft_pad && p->if_type == IFT_ETHER) {
for (n = ETHERMIN + ETHER_HDR_LEN - (*mp)->m_pkthdr.len;
n > 0; n -= sizeof(pad)) {
if (!m_append(*mp, min(n, sizeof(pad)), pad))
break;
}
if (n > 0) {
m_freem(*mp);
*mp = NULL;
if_printf(ife, "cannot pad short frame");
return (false);
}
}
/*
* If PCP is set in mbuf, use it
*/
if ((*mp)->m_flags & M_VLANTAG) {
pcp = EVL_PRIOFTAG((*mp)->m_pkthdr.ether_vtag);
}
/*
* If underlying interface can do VLAN tag insertion itself,
* just pass the packet along. However, we need some way to
* tell the interface where the packet came from so that it
* knows how to find the VLAN tag to use, so we attach a
* packet tag that holds it.
*/
if (V_vlan_mtag_pcp && (mtag = m_tag_locate(*mp, MTAG_8021Q,
MTAG_8021Q_PCP_OUT, NULL)) != NULL)
tag = EVL_MAKETAG(qtag->vid, *(uint8_t *)(mtag + 1), 0);
else
tag = EVL_MAKETAG(qtag->vid, pcp, 0);
if ((p->if_capenable & IFCAP_VLAN_HWTAGGING) &&
(qtag->proto == ETHERTYPE_VLAN)) {
(*mp)->m_pkthdr.ether_vtag = tag;
(*mp)->m_flags |= M_VLANTAG;
} else {
*mp = ether_vlanencap_proto(*mp, tag, qtag->proto);
if (*mp == NULL) {
if_printf(ife, "unable to prepend 802.1Q header");
return (false);
}
(*mp)->m_flags &= ~M_VLANTAG;
}
return (true);
}
/*
* Allocate an address from the FreeBSD Foundation OUI. This uses a
* cryptographic hash function on the containing jail's name, UUID and the
* interface name to attempt to provide a unique but stable address.
* Pseudo-interfaces which require a MAC address should use this function to
* allocate non-locally-administered addresses.
*/
void
ether_gen_addr_byname(const char *nameunit, struct ether_addr *hwaddr)
{
SHA1_CTX ctx;
char *buf;
char uuid[HOSTUUIDLEN + 1];
uint64_t addr;
int i, sz;
char digest[SHA1_RESULTLEN];
char jailname[MAXHOSTNAMELEN];
getcredhostuuid(curthread->td_ucred, uuid, sizeof(uuid));
if (strncmp(uuid, DEFAULT_HOSTUUID, sizeof(uuid)) == 0) {
/* Fall back to a random mac address. */
goto rando;
}
/* If each (vnet) jail would also have a unique hostuuid this would not
* be necessary. */
getjailname(curthread->td_ucred, jailname, sizeof(jailname));
sz = asprintf(&buf, M_TEMP, "%s-%s-%s", uuid, nameunit,
jailname);
if (sz < 0) {
/* Fall back to a random mac address. */
goto rando;
}
SHA1Init(&ctx);
SHA1Update(&ctx, buf, sz);
SHA1Final(digest, &ctx);
free(buf, M_TEMP);
addr = ((digest[0] << 16) | (digest[1] << 8) | digest[2]) &
OUI_FREEBSD_GENERATED_MASK;
addr = OUI_FREEBSD(addr);
for (i = 0; i < ETHER_ADDR_LEN; ++i) {
hwaddr->octet[i] = addr >> ((ETHER_ADDR_LEN - i - 1) * 8) &
0xFF;
}
return;
rando:
arc4rand(hwaddr, sizeof(*hwaddr), 0);
/* Unicast */
hwaddr->octet[0] &= 0xFE;
/* Locally administered. */
hwaddr->octet[0] |= 0x02;
}
void
ether_gen_addr(struct ifnet *ifp, struct ether_addr *hwaddr)
{
ether_gen_addr_byname(if_name(ifp), hwaddr);
}
DECLARE_MODULE(ether, ether_mod, SI_SUB_INIT_IF, SI_ORDER_ANY);
MODULE_VERSION(ether, 1);
diff --git a/sys/net/pfil.c b/sys/net/pfil.c
index 3ceffcefb758..fae150839eb3 100644
--- a/sys/net/pfil.c
+++ b/sys/net/pfil.c
@@ -1,722 +1,727 @@
/* $NetBSD: pfil.c,v 1.20 2001/11/12 23:49:46 lukem Exp $ */
/*-
* SPDX-License-Identifier: BSD-3-Clause
*
* Copyright (c) 2019 Gleb Smirnoff <glebius@FreeBSD.org>
* Copyright (c) 1996 Matthew R. Green
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <sys/param.h>
#include <sys/conf.h>
#include <sys/kernel.h>
#include <sys/epoch.h>
#include <sys/errno.h>
#include <sys/lock.h>
#include <sys/malloc.h>
#include <sys/socket.h>
#include <sys/socketvar.h>
#include <sys/systm.h>
#include <sys/lock.h>
#include <sys/mutex.h>
#include <sys/proc.h>
#include <sys/queue.h>
#include <sys/ucred.h>
#include <sys/jail.h>
#include <net/if.h>
#include <net/if_var.h>
#include <net/pfil.h>
static MALLOC_DEFINE(M_PFIL, "pfil", "pfil(9) packet filter hooks");
static int pfil_ioctl(struct cdev *, u_long, caddr_t, int, struct thread *);
static struct cdevsw pfil_cdevsw = {
.d_ioctl = pfil_ioctl,
.d_name = PFILDEV,
.d_version = D_VERSION,
};
static struct cdev *pfil_dev;
static struct mtx pfil_lock;
MTX_SYSINIT(pfil_mtxinit, &pfil_lock, "pfil(9) lock", MTX_DEF);
#define PFIL_LOCK() mtx_lock(&pfil_lock)
#define PFIL_UNLOCK() mtx_unlock(&pfil_lock)
#define PFIL_LOCK_ASSERT() mtx_assert(&pfil_lock, MA_OWNED)
struct pfil_hook {
pfil_mbuf_chk_t hook_mbuf_chk;
pfil_mem_chk_t hook_mem_chk;
void *hook_ruleset;
int hook_flags;
int hook_links;
enum pfil_types hook_type;
const char *hook_modname;
const char *hook_rulname;
LIST_ENTRY(pfil_hook) hook_list;
};
struct pfil_link {
CK_STAILQ_ENTRY(pfil_link) link_chain;
pfil_mbuf_chk_t link_mbuf_chk;
pfil_mem_chk_t link_mem_chk;
void *link_ruleset;
int link_flags;
struct pfil_hook *link_hook;
struct epoch_context link_epoch_ctx;
};
typedef CK_STAILQ_HEAD(pfil_chain, pfil_link) pfil_chain_t;
struct pfil_head {
int head_nhooksin;
int head_nhooksout;
pfil_chain_t head_in;
pfil_chain_t head_out;
int head_flags;
enum pfil_types head_type;
LIST_ENTRY(pfil_head) head_list;
const char *head_name;
};
LIST_HEAD(pfilheadhead, pfil_head);
VNET_DEFINE_STATIC(struct pfilheadhead, pfil_head_list) =
LIST_HEAD_INITIALIZER(pfil_head_list);
#define V_pfil_head_list VNET(pfil_head_list)
LIST_HEAD(pfilhookhead, pfil_hook);
VNET_DEFINE_STATIC(struct pfilhookhead, pfil_hook_list) =
LIST_HEAD_INITIALIZER(pfil_hook_list);
#define V_pfil_hook_list VNET(pfil_hook_list)
static struct pfil_link *pfil_link_remove(pfil_chain_t *, pfil_hook_t );
static void pfil_link_free(epoch_context_t);
/*
* To couple a filtering point that provides memory pointer with a filter that
* works on mbufs only.
*/
static __noinline int
pfil_fake_mbuf(pfil_mbuf_chk_t func, void *mem, u_int len, struct ifnet *ifp,
int flags, void *ruleset, struct mbuf **mp)
{
struct mbuf m;
pfil_return_t rv;
(void)m_init(&m, M_NOWAIT, MT_DATA, M_NOFREE | M_PKTHDR);
m_extadd(&m, mem, len, NULL, NULL, NULL, 0, EXT_RXRING);
m.m_len = m.m_pkthdr.len = len;
*mp = &m;
rv = func(mp, ifp, flags, ruleset, NULL);
if (rv == PFIL_PASS && *mp != &m) {
/*
* Firewalls that need pfil_fake_mbuf() most likely don't
* know they need return PFIL_REALLOCED.
*/
rv = PFIL_REALLOCED;
}
return (rv);
}
static __always_inline int
pfil_mem_common(pfil_chain_t *pch, void *mem, u_int len, int flags,
struct ifnet *ifp, struct mbuf **m)
{
struct pfil_link *link;
pfil_return_t rv;
bool realloc = false;
NET_EPOCH_ASSERT();
KASSERT(flags == PFIL_IN || flags == PFIL_OUT,
("%s: unsupported flags %d", __func__, flags));
rv = PFIL_PASS;
CK_STAILQ_FOREACH(link, pch, link_chain) {
if (__predict_true(link->link_mem_chk != NULL && !realloc))
rv = link->link_mem_chk(mem, len, flags, ifp,
link->link_ruleset, m);
else if (!realloc)
rv = pfil_fake_mbuf(link->link_mbuf_chk, mem, len, ifp,
flags, link->link_ruleset, m);
else
rv = link->link_mbuf_chk(m, ifp, flags,
link->link_ruleset, NULL);
if (rv == PFIL_DROPPED || rv == PFIL_CONSUMED)
break;
else if (rv == PFIL_REALLOCED)
realloc = true;
}
if (realloc && rv == PFIL_PASS)
rv = PFIL_REALLOCED;
return (rv);
}
int
pfil_mem_in(struct pfil_head *head, void *mem, u_int len, struct ifnet *ifp,
struct mbuf **m)
{
return (pfil_mem_common(&head->head_in, mem, len, PFIL_IN, ifp, m));
}
int
pfil_mem_out(struct pfil_head *head, void *mem, u_int len, struct ifnet *ifp,
struct mbuf **m)
{
return (pfil_mem_common(&head->head_out, mem, len, PFIL_OUT, ifp, m));
}
static __always_inline int
pfil_mbuf_common(pfil_chain_t *pch, struct mbuf **m, struct ifnet *ifp,
int flags, struct inpcb *inp)
{
struct pfil_link *link;
pfil_return_t rv;
NET_EPOCH_ASSERT();
KASSERT((flags & ~(PFIL_IN|PFIL_OUT|PFIL_FWD)) == 0,
("%s: unsupported flags %#x", __func__, flags));
KASSERT((flags & ~PFIL_FWD) == PFIL_IN ||
(flags & ~PFIL_FWD) == PFIL_OUT,
("%s: conflicting directions %#x", __func__, flags));
rv = PFIL_PASS;
CK_STAILQ_FOREACH(link, pch, link_chain) {
rv = link->link_mbuf_chk(m, ifp, flags, link->link_ruleset,
inp);
- if (rv == PFIL_DROPPED || rv == PFIL_CONSUMED)
+ if (rv == PFIL_DROPPED || rv == PFIL_CONSUMED) {
+ MPASS(*m == NULL);
break;
+ } else {
+ MPASS(*m != NULL);
+ }
}
+
return (rv);
}
int
pfil_mbuf_in(struct pfil_head *head, struct mbuf **m, struct ifnet *ifp,
struct inpcb *inp)
{
return (pfil_mbuf_common(&head->head_in, m, ifp, PFIL_IN, inp));
}
int
pfil_mbuf_out(struct pfil_head *head, struct mbuf **m, struct ifnet *ifp,
struct inpcb *inp)
{
return (pfil_mbuf_common(&head->head_out, m, ifp, PFIL_OUT, inp));
}
int
pfil_mbuf_fwd(struct pfil_head *head, struct mbuf **m, struct ifnet *ifp,
struct inpcb *inp)
{
return (pfil_mbuf_common(&head->head_out, m, ifp, PFIL_OUT | PFIL_FWD, inp));
}
/*
* pfil_head_register() registers a pfil_head with the packet filter hook
* mechanism.
*/
pfil_head_t
pfil_head_register(struct pfil_head_args *pa)
{
struct pfil_head *head, *list;
MPASS(pa->pa_version == PFIL_VERSION);
head = malloc(sizeof(struct pfil_head), M_PFIL, M_WAITOK);
head->head_nhooksin = head->head_nhooksout = 0;
head->head_flags = pa->pa_flags;
head->head_type = pa->pa_type;
head->head_name = pa->pa_headname;
CK_STAILQ_INIT(&head->head_in);
CK_STAILQ_INIT(&head->head_out);
PFIL_LOCK();
LIST_FOREACH(list, &V_pfil_head_list, head_list)
if (strcmp(pa->pa_headname, list->head_name) == 0) {
printf("pfil: duplicate head \"%s\"\n",
pa->pa_headname);
}
LIST_INSERT_HEAD(&V_pfil_head_list, head, head_list);
PFIL_UNLOCK();
return (head);
}
/*
* pfil_head_unregister() removes a pfil_head from the packet filter hook
* mechanism. The producer of the hook promises that all outstanding
* invocations of the hook have completed before it unregisters the hook.
*/
void
pfil_head_unregister(pfil_head_t ph)
{
struct pfil_link *link, *next;
PFIL_LOCK();
LIST_REMOVE(ph, head_list);
CK_STAILQ_FOREACH_SAFE(link, &ph->head_in, link_chain, next) {
link->link_hook->hook_links--;
free(link, M_PFIL);
}
CK_STAILQ_FOREACH_SAFE(link, &ph->head_out, link_chain, next) {
link->link_hook->hook_links--;
free(link, M_PFIL);
}
PFIL_UNLOCK();
free(ph, M_PFIL);
}
pfil_hook_t
pfil_add_hook(struct pfil_hook_args *pa)
{
struct pfil_hook *hook, *list;
MPASS(pa->pa_version == PFIL_VERSION);
hook = malloc(sizeof(struct pfil_hook), M_PFIL, M_WAITOK | M_ZERO);
hook->hook_mbuf_chk = pa->pa_mbuf_chk;
hook->hook_mem_chk = pa->pa_mem_chk;
hook->hook_ruleset = pa->pa_ruleset;
hook->hook_flags = pa->pa_flags;
hook->hook_type = pa->pa_type;
hook->hook_modname = pa->pa_modname;
hook->hook_rulname = pa->pa_rulname;
PFIL_LOCK();
LIST_FOREACH(list, &V_pfil_hook_list, hook_list)
if (strcmp(pa->pa_modname, list->hook_modname) == 0 &&
strcmp(pa->pa_rulname, list->hook_rulname) == 0) {
printf("pfil: duplicate hook \"%s:%s\"\n",
pa->pa_modname, pa->pa_rulname);
}
LIST_INSERT_HEAD(&V_pfil_hook_list, hook, hook_list);
PFIL_UNLOCK();
return (hook);
}
static int
pfil_unlink(struct pfil_link_args *pa, pfil_head_t head, pfil_hook_t hook)
{
struct pfil_link *in, *out;
PFIL_LOCK_ASSERT();
if (pa->pa_flags & PFIL_IN) {
in = pfil_link_remove(&head->head_in, hook);
if (in != NULL) {
head->head_nhooksin--;
hook->hook_links--;
}
} else
in = NULL;
if (pa->pa_flags & PFIL_OUT) {
out = pfil_link_remove(&head->head_out, hook);
if (out != NULL) {
head->head_nhooksout--;
hook->hook_links--;
}
} else
out = NULL;
PFIL_UNLOCK();
if (in != NULL)
NET_EPOCH_CALL(pfil_link_free, &in->link_epoch_ctx);
if (out != NULL)
NET_EPOCH_CALL(pfil_link_free, &out->link_epoch_ctx);
if (in == NULL && out == NULL)
return (ENOENT);
else
return (0);
}
int
pfil_link(struct pfil_link_args *pa)
{
struct pfil_link *in, *out, *link;
struct pfil_head *head;
struct pfil_hook *hook;
int error;
MPASS(pa->pa_version == PFIL_VERSION);
if ((pa->pa_flags & (PFIL_IN | PFIL_UNLINK)) == PFIL_IN)
in = malloc(sizeof(*in), M_PFIL, M_WAITOK | M_ZERO);
else
in = NULL;
if ((pa->pa_flags & (PFIL_OUT | PFIL_UNLINK)) == PFIL_OUT)
out = malloc(sizeof(*out), M_PFIL, M_WAITOK | M_ZERO);
else
out = NULL;
PFIL_LOCK();
if (pa->pa_flags & PFIL_HEADPTR)
head = pa->pa_head;
else
LIST_FOREACH(head, &V_pfil_head_list, head_list)
if (strcmp(pa->pa_headname, head->head_name) == 0)
break;
if (pa->pa_flags & PFIL_HOOKPTR)
hook = pa->pa_hook;
else
LIST_FOREACH(hook, &V_pfil_hook_list, hook_list)
if (strcmp(pa->pa_modname, hook->hook_modname) == 0 &&
strcmp(pa->pa_rulname, hook->hook_rulname) == 0)
break;
if (head == NULL || hook == NULL) {
error = ENOENT;
goto fail;
}
if (pa->pa_flags & PFIL_UNLINK)
return (pfil_unlink(pa, head, hook));
if (head->head_type != hook->hook_type ||
((hook->hook_flags & pa->pa_flags) & ~head->head_flags)) {
error = EINVAL;
goto fail;
}
if (pa->pa_flags & PFIL_IN)
CK_STAILQ_FOREACH(link, &head->head_in, link_chain)
if (link->link_hook == hook) {
error = EEXIST;
goto fail;
}
if (pa->pa_flags & PFIL_OUT)
CK_STAILQ_FOREACH(link, &head->head_out, link_chain)
if (link->link_hook == hook) {
error = EEXIST;
goto fail;
}
if (pa->pa_flags & PFIL_IN) {
in->link_hook = hook;
in->link_mbuf_chk = hook->hook_mbuf_chk;
in->link_mem_chk = hook->hook_mem_chk;
in->link_flags = hook->hook_flags;
in->link_ruleset = hook->hook_ruleset;
if (pa->pa_flags & PFIL_APPEND)
CK_STAILQ_INSERT_TAIL(&head->head_in, in, link_chain);
else
CK_STAILQ_INSERT_HEAD(&head->head_in, in, link_chain);
hook->hook_links++;
head->head_nhooksin++;
}
if (pa->pa_flags & PFIL_OUT) {
out->link_hook = hook;
out->link_mbuf_chk = hook->hook_mbuf_chk;
out->link_mem_chk = hook->hook_mem_chk;
out->link_flags = hook->hook_flags;
out->link_ruleset = hook->hook_ruleset;
if (pa->pa_flags & PFIL_APPEND)
CK_STAILQ_INSERT_HEAD(&head->head_out, out, link_chain);
else
CK_STAILQ_INSERT_TAIL(&head->head_out, out, link_chain);
hook->hook_links++;
head->head_nhooksout++;
}
PFIL_UNLOCK();
return (0);
fail:
PFIL_UNLOCK();
free(in, M_PFIL);
free(out, M_PFIL);
return (error);
}
static void
pfil_link_free(epoch_context_t ctx)
{
struct pfil_link *link;
link = __containerof(ctx, struct pfil_link, link_epoch_ctx);
free(link, M_PFIL);
}
/*
* pfil_remove_hook removes a filter from all filtering points.
*/
void
pfil_remove_hook(pfil_hook_t hook)
{
struct pfil_head *head;
struct pfil_link *in, *out;
PFIL_LOCK();
LIST_FOREACH(head, &V_pfil_head_list, head_list) {
retry:
in = pfil_link_remove(&head->head_in, hook);
if (in != NULL) {
head->head_nhooksin--;
hook->hook_links--;
NET_EPOCH_CALL(pfil_link_free, &in->link_epoch_ctx);
}
out = pfil_link_remove(&head->head_out, hook);
if (out != NULL) {
head->head_nhooksout--;
hook->hook_links--;
NET_EPOCH_CALL(pfil_link_free, &out->link_epoch_ctx);
}
if (in != NULL || out != NULL)
/* What if some stupid admin put same filter twice? */
goto retry;
}
LIST_REMOVE(hook, hook_list);
PFIL_UNLOCK();
MPASS(hook->hook_links == 0);
free(hook, M_PFIL);
}
/*
* Internal: Remove a pfil hook from a hook chain.
*/
static struct pfil_link *
pfil_link_remove(pfil_chain_t *chain, pfil_hook_t hook)
{
struct pfil_link *link;
PFIL_LOCK_ASSERT();
CK_STAILQ_FOREACH(link, chain, link_chain)
if (link->link_hook == hook) {
CK_STAILQ_REMOVE(chain, link, pfil_link, link_chain);
return (link);
}
return (NULL);
}
static void
pfil_init(const void *unused __unused)
{
struct make_dev_args args;
int error __diagused;
make_dev_args_init(&args);
args.mda_flags = MAKEDEV_WAITOK | MAKEDEV_CHECKNAME;
args.mda_devsw = &pfil_cdevsw;
args.mda_uid = UID_ROOT;
args.mda_gid = GID_WHEEL;
args.mda_mode = 0600;
error = make_dev_s(&args, &pfil_dev, PFILDEV);
KASSERT(error == 0, ("%s: failed to create dev: %d", __func__, error));
}
/*
* Make sure the pfil bits are first before any possible subsystem which
* might piggyback on the SI_SUB_PROTO_PFIL.
*/
SYSINIT(pfil_init, SI_SUB_PROTO_PFIL, SI_ORDER_FIRST, pfil_init, NULL);
/*
* User control interface.
*/
static int pfilioc_listheads(struct pfilioc_list *);
static int pfilioc_listhooks(struct pfilioc_list *);
static int pfilioc_link(struct pfilioc_link *);
static int
pfil_ioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags,
struct thread *td)
{
int error;
CURVNET_SET(TD_TO_VNET(td));
error = 0;
switch (cmd) {
case PFILIOC_LISTHEADS:
error = pfilioc_listheads((struct pfilioc_list *)addr);
break;
case PFILIOC_LISTHOOKS:
error = pfilioc_listhooks((struct pfilioc_list *)addr);
break;
case PFILIOC_LINK:
error = pfilioc_link((struct pfilioc_link *)addr);
break;
default:
error = EINVAL;
break;
}
CURVNET_RESTORE();
return (error);
}
static int
pfilioc_listheads(struct pfilioc_list *req)
{
struct pfil_head *head;
struct pfil_link *link;
struct pfilioc_head *iohead;
struct pfilioc_hook *iohook;
u_int nheads, nhooks, hd, hk;
int error;
PFIL_LOCK();
restart:
nheads = nhooks = 0;
LIST_FOREACH(head, &V_pfil_head_list, head_list) {
nheads++;
nhooks += head->head_nhooksin + head->head_nhooksout;
}
PFIL_UNLOCK();
if (req->pio_nheads < nheads || req->pio_nhooks < nhooks) {
req->pio_nheads = nheads;
req->pio_nhooks = nhooks;
return (0);
}
iohead = malloc(sizeof(*iohead) * nheads, M_TEMP, M_WAITOK);
iohook = malloc(sizeof(*iohook) * nhooks, M_TEMP, M_WAITOK);
hd = hk = 0;
PFIL_LOCK();
LIST_FOREACH(head, &V_pfil_head_list, head_list) {
if (hd + 1 > nheads ||
hk + head->head_nhooksin + head->head_nhooksout > nhooks) {
/* Configuration changed during malloc(). */
free(iohead, M_TEMP);
free(iohook, M_TEMP);
goto restart;
}
strlcpy(iohead[hd].pio_name, head->head_name,
sizeof(iohead[0].pio_name));
iohead[hd].pio_nhooksin = head->head_nhooksin;
iohead[hd].pio_nhooksout = head->head_nhooksout;
iohead[hd].pio_type = head->head_type;
CK_STAILQ_FOREACH(link, &head->head_in, link_chain) {
strlcpy(iohook[hk].pio_module,
link->link_hook->hook_modname,
sizeof(iohook[0].pio_module));
strlcpy(iohook[hk].pio_ruleset,
link->link_hook->hook_rulname,
sizeof(iohook[0].pio_ruleset));
hk++;
}
CK_STAILQ_FOREACH(link, &head->head_out, link_chain) {
strlcpy(iohook[hk].pio_module,
link->link_hook->hook_modname,
sizeof(iohook[0].pio_module));
strlcpy(iohook[hk].pio_ruleset,
link->link_hook->hook_rulname,
sizeof(iohook[0].pio_ruleset));
hk++;
}
hd++;
}
PFIL_UNLOCK();
error = copyout(iohead, req->pio_heads,
sizeof(*iohead) * min(hd, req->pio_nheads));
if (error == 0)
error = copyout(iohook, req->pio_hooks,
sizeof(*iohook) * min(req->pio_nhooks, hk));
req->pio_nheads = hd;
req->pio_nhooks = hk;
free(iohead, M_TEMP);
free(iohook, M_TEMP);
return (error);
}
static int
pfilioc_listhooks(struct pfilioc_list *req)
{
struct pfil_hook *hook;
struct pfilioc_hook *iohook;
u_int nhooks, hk;
int error;
PFIL_LOCK();
restart:
nhooks = 0;
LIST_FOREACH(hook, &V_pfil_hook_list, hook_list)
nhooks++;
PFIL_UNLOCK();
if (req->pio_nhooks < nhooks) {
req->pio_nhooks = nhooks;
return (0);
}
iohook = malloc(sizeof(*iohook) * nhooks, M_TEMP, M_WAITOK);
hk = 0;
PFIL_LOCK();
LIST_FOREACH(hook, &V_pfil_hook_list, hook_list) {
if (hk + 1 > nhooks) {
/* Configuration changed during malloc(). */
free(iohook, M_TEMP);
goto restart;
}
strlcpy(iohook[hk].pio_module, hook->hook_modname,
sizeof(iohook[0].pio_module));
strlcpy(iohook[hk].pio_ruleset, hook->hook_rulname,
sizeof(iohook[0].pio_ruleset));
iohook[hk].pio_type = hook->hook_type;
iohook[hk].pio_flags = hook->hook_flags;
hk++;
}
PFIL_UNLOCK();
error = copyout(iohook, req->pio_hooks,
sizeof(*iohook) * min(req->pio_nhooks, hk));
req->pio_nhooks = hk;
free(iohook, M_TEMP);
return (error);
}
static int
pfilioc_link(struct pfilioc_link *req)
{
struct pfil_link_args args;
if (req->pio_flags & ~(PFIL_IN | PFIL_OUT | PFIL_UNLINK | PFIL_APPEND))
return (EINVAL);
args.pa_version = PFIL_VERSION;
args.pa_flags = req->pio_flags;
args.pa_headname = req->pio_name;
args.pa_modname = req->pio_module;
args.pa_rulname = req->pio_ruleset;
return (pfil_link(&args));
}
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c
index e501c15cb7e8..82d7acdd0710 100644
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@@ -1,1388 +1,1384 @@
/*-
* SPDX-License-Identifier: BSD-3-Clause
*
* Copyright (c) 1982, 1986, 1988, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
#include "opt_bootp.h"
#include "opt_inet.h"
#include "opt_ipstealth.h"
#include "opt_ipsec.h"
#include "opt_route.h"
#include "opt_rss.h"
#include "opt_sctp.h"
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/hhook.h>
#include <sys/mbuf.h>
#include <sys/malloc.h>
#include <sys/domain.h>
#include <sys/protosw.h>
#include <sys/socket.h>
#include <sys/time.h>
#include <sys/kernel.h>
#include <sys/lock.h>
#include <sys/rmlock.h>
#include <sys/rwlock.h>
#include <sys/sdt.h>
#include <sys/syslog.h>
#include <sys/sysctl.h>
#include <net/if.h>
#include <net/if_types.h>
#include <net/if_var.h>
#include <net/if_dl.h>
#include <net/if_private.h>
#include <net/pfil.h>
#include <net/route.h>
#include <net/route/nhop.h>
#include <net/netisr.h>
#include <net/rss_config.h>
#include <net/vnet.h>
#include <netinet/in.h>
#include <netinet/in_kdtrace.h>
#include <netinet/in_systm.h>
#include <netinet/in_var.h>
#include <netinet/ip.h>
#include <netinet/in_fib.h>
#include <netinet/in_pcb.h>
#include <netinet/ip_var.h>
#include <netinet/ip_encap.h>
#include <netinet/ip_fw.h>
#include <netinet/ip_icmp.h>
#include <netinet/igmp_var.h>
#include <netinet/ip_options.h>
#include <machine/in_cksum.h>
#include <netinet/ip_carp.h>
#include <netinet/in_rss.h>
#ifdef SCTP
#include <netinet/sctp_var.h>
#endif
#include <netipsec/ipsec_support.h>
#include <sys/socketvar.h>
#include <security/mac/mac_framework.h>
#ifdef CTASSERT
CTASSERT(sizeof(struct ip) == 20);
#endif
/* IP reassembly functions are defined in ip_reass.c. */
extern void ipreass_init(void);
extern void ipreass_vnet_init(void);
#ifdef VIMAGE
extern void ipreass_destroy(void);
#endif
VNET_DEFINE(int, rsvp_on);
VNET_DEFINE(int, ipforwarding);
SYSCTL_INT(_net_inet_ip, IPCTL_FORWARDING, forwarding, CTLFLAG_VNET | CTLFLAG_RW,
&VNET_NAME(ipforwarding), 0,
"Enable IP forwarding between interfaces");
/*
* Respond with an ICMP host redirect when we forward a packet out of
* the same interface on which it was received. See RFC 792.
*/
VNET_DEFINE(int, ipsendredirects) = 1;
SYSCTL_INT(_net_inet_ip, IPCTL_SENDREDIRECTS, redirect, CTLFLAG_VNET | CTLFLAG_RW,
&VNET_NAME(ipsendredirects), 0,
"Enable sending IP redirects");
VNET_DEFINE_STATIC(bool, ip_strong_es) = false;
#define V_ip_strong_es VNET(ip_strong_es)
SYSCTL_BOOL(_net_inet_ip, OID_AUTO, rfc1122_strong_es,
CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip_strong_es), false,
"Packet's IP destination address must match address on arrival interface");
VNET_DEFINE_STATIC(bool, ip_sav) = true;
#define V_ip_sav VNET(ip_sav)
SYSCTL_BOOL(_net_inet_ip, OID_AUTO, source_address_validation,
CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip_sav), true,
"Drop incoming packets with source address that is a local address");
/* Packet filter hooks */
VNET_DEFINE(pfil_head_t, inet_pfil_head);
VNET_DEFINE(pfil_head_t, inet_local_pfil_head);
static struct netisr_handler ip_nh = {
.nh_name = "ip",
.nh_handler = ip_input,
.nh_proto = NETISR_IP,
#ifdef RSS
.nh_m2cpuid = rss_soft_m2cpuid_v4,
.nh_policy = NETISR_POLICY_CPU,
.nh_dispatch = NETISR_DISPATCH_HYBRID,
#else
.nh_policy = NETISR_POLICY_FLOW,
#endif
};
#ifdef RSS
/*
* Directly dispatched frames are currently assumed
* to have a flowid already calculated.
*
* It should likely have something that assert it
* actually has valid flow details.
*/
static struct netisr_handler ip_direct_nh = {
.nh_name = "ip_direct",
.nh_handler = ip_direct_input,
.nh_proto = NETISR_IP_DIRECT,
.nh_m2cpuid = rss_soft_m2cpuid_v4,
.nh_policy = NETISR_POLICY_CPU,
.nh_dispatch = NETISR_DISPATCH_HYBRID,
};
#endif
ipproto_input_t *ip_protox[IPPROTO_MAX] = {
[0 ... IPPROTO_MAX - 1] = rip_input };
ipproto_ctlinput_t *ip_ctlprotox[IPPROTO_MAX] = {
[0 ... IPPROTO_MAX - 1] = rip_ctlinput };
VNET_DEFINE(struct in_ifaddrhead, in_ifaddrhead); /* first inet address */
VNET_DEFINE(struct in_ifaddrhashhead *, in_ifaddrhashtbl); /* inet addr hash table */
VNET_DEFINE(u_long, in_ifaddrhmask); /* mask for hash table */
/* Make sure it is safe to use hashinit(9) on CK_LIST. */
CTASSERT(sizeof(struct in_ifaddrhashhead) == sizeof(LIST_HEAD(, in_addr)));
#ifdef IPCTL_DEFMTU
SYSCTL_INT(_net_inet_ip, IPCTL_DEFMTU, mtu, CTLFLAG_RW,
&ip_mtu, 0, "Default MTU");
#endif
#ifdef IPSTEALTH
VNET_DEFINE(int, ipstealth);
SYSCTL_INT(_net_inet_ip, OID_AUTO, stealth, CTLFLAG_VNET | CTLFLAG_RW,
&VNET_NAME(ipstealth), 0,
"IP stealth mode, no TTL decrementation on forwarding");
#endif
/*
* IP statistics are stored in the "array" of counter(9)s.
*/
VNET_PCPUSTAT_DEFINE(struct ipstat, ipstat);
VNET_PCPUSTAT_SYSINIT(ipstat);
SYSCTL_VNET_PCPUSTAT(_net_inet_ip, IPCTL_STATS, stats, struct ipstat, ipstat,
"IP statistics (struct ipstat, netinet/ip_var.h)");
#ifdef VIMAGE
VNET_PCPUSTAT_SYSUNINIT(ipstat);
#endif /* VIMAGE */
/*
* Kernel module interface for updating ipstat. The argument is an index
* into ipstat treated as an array.
*/
void
kmod_ipstat_inc(int statnum)
{
counter_u64_add(VNET(ipstat)[statnum], 1);
}
void
kmod_ipstat_dec(int statnum)
{
counter_u64_add(VNET(ipstat)[statnum], -1);
}
static int
sysctl_netinet_intr_queue_maxlen(SYSCTL_HANDLER_ARGS)
{
int error, qlimit;
netisr_getqlimit(&ip_nh, &qlimit);
error = sysctl_handle_int(oidp, &qlimit, 0, req);
if (error || !req->newptr)
return (error);
if (qlimit < 1)
return (EINVAL);
return (netisr_setqlimit(&ip_nh, qlimit));
}
SYSCTL_PROC(_net_inet_ip, IPCTL_INTRQMAXLEN, intr_queue_maxlen,
CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 0,
sysctl_netinet_intr_queue_maxlen, "I",
"Maximum size of the IP input queue");
static int
sysctl_netinet_intr_queue_drops(SYSCTL_HANDLER_ARGS)
{
u_int64_t qdrops_long;
int error, qdrops;
netisr_getqdrops(&ip_nh, &qdrops_long);
qdrops = qdrops_long;
error = sysctl_handle_int(oidp, &qdrops, 0, req);
if (error || !req->newptr)
return (error);
if (qdrops != 0)
return (EINVAL);
netisr_clearqdrops(&ip_nh);
return (0);
}
SYSCTL_PROC(_net_inet_ip, IPCTL_INTRQDROPS, intr_queue_drops,
CTLTYPE_INT | CTLFLAG_RD | CTLFLAG_MPSAFE,
0, 0, sysctl_netinet_intr_queue_drops, "I",
"Number of packets dropped from the IP input queue");
#ifdef RSS
static int
sysctl_netinet_intr_direct_queue_maxlen(SYSCTL_HANDLER_ARGS)
{
int error, qlimit;
netisr_getqlimit(&ip_direct_nh, &qlimit);
error = sysctl_handle_int(oidp, &qlimit, 0, req);
if (error || !req->newptr)
return (error);
if (qlimit < 1)
return (EINVAL);
return (netisr_setqlimit(&ip_direct_nh, qlimit));
}
SYSCTL_PROC(_net_inet_ip, IPCTL_INTRDQMAXLEN, intr_direct_queue_maxlen,
CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
0, 0, sysctl_netinet_intr_direct_queue_maxlen,
"I", "Maximum size of the IP direct input queue");
static int
sysctl_netinet_intr_direct_queue_drops(SYSCTL_HANDLER_ARGS)
{
u_int64_t qdrops_long;
int error, qdrops;
netisr_getqdrops(&ip_direct_nh, &qdrops_long);
qdrops = qdrops_long;
error = sysctl_handle_int(oidp, &qdrops, 0, req);
if (error || !req->newptr)
return (error);
if (qdrops != 0)
return (EINVAL);
netisr_clearqdrops(&ip_direct_nh);
return (0);
}
SYSCTL_PROC(_net_inet_ip, IPCTL_INTRDQDROPS, intr_direct_queue_drops,
CTLTYPE_INT | CTLFLAG_RD | CTLFLAG_MPSAFE, 0, 0,
sysctl_netinet_intr_direct_queue_drops, "I",
"Number of packets dropped from the IP direct input queue");
#endif /* RSS */
/*
* IP initialization: fill in IP protocol switch table.
* All protocols not implemented in kernel go to raw IP protocol handler.
*/
static void
ip_vnet_init(void *arg __unused)
{
struct pfil_head_args args;
CK_STAILQ_INIT(&V_in_ifaddrhead);
V_in_ifaddrhashtbl = hashinit(INADDR_NHASH, M_IFADDR, &V_in_ifaddrhmask);
/* Initialize IP reassembly queue. */
ipreass_vnet_init();
/* Initialize packet filter hooks. */
args.pa_version = PFIL_VERSION;
args.pa_flags = PFIL_IN | PFIL_OUT;
args.pa_type = PFIL_TYPE_IP4;
args.pa_headname = PFIL_INET_NAME;
V_inet_pfil_head = pfil_head_register(&args);
args.pa_flags = PFIL_OUT;
args.pa_headname = PFIL_INET_LOCAL_NAME;
V_inet_local_pfil_head = pfil_head_register(&args);
if (hhook_head_register(HHOOK_TYPE_IPSEC_IN, AF_INET,
&V_ipsec_hhh_in[HHOOK_IPSEC_INET],
HHOOK_WAITOK | HHOOK_HEADISINVNET) != 0)
printf("%s: WARNING: unable to register input helper hook\n",
__func__);
if (hhook_head_register(HHOOK_TYPE_IPSEC_OUT, AF_INET,
&V_ipsec_hhh_out[HHOOK_IPSEC_INET],
HHOOK_WAITOK | HHOOK_HEADISINVNET) != 0)
printf("%s: WARNING: unable to register output helper hook\n",
__func__);
#ifdef VIMAGE
netisr_register_vnet(&ip_nh);
#ifdef RSS
netisr_register_vnet(&ip_direct_nh);
#endif
#endif
}
VNET_SYSINIT(ip_vnet_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_FOURTH,
ip_vnet_init, NULL);
static void
ip_init(const void *unused __unused)
{
ipreass_init();
/*
* Register statically compiled protocols, that are unlikely to
* ever become dynamic.
*/
IPPROTO_REGISTER(IPPROTO_ICMP, icmp_input, NULL);
IPPROTO_REGISTER(IPPROTO_IGMP, igmp_input, NULL);
IPPROTO_REGISTER(IPPROTO_RSVP, rsvp_input, NULL);
IPPROTO_REGISTER(IPPROTO_IPV4, encap4_input, NULL);
IPPROTO_REGISTER(IPPROTO_MOBILE, encap4_input, NULL);
IPPROTO_REGISTER(IPPROTO_ETHERIP, encap4_input, NULL);
IPPROTO_REGISTER(IPPROTO_GRE, encap4_input, NULL);
IPPROTO_REGISTER(IPPROTO_IPV6, encap4_input, NULL);
IPPROTO_REGISTER(IPPROTO_PIM, encap4_input, NULL);
#ifdef SCTP /* XXX: has a loadable & static version */
IPPROTO_REGISTER(IPPROTO_SCTP, sctp_input, sctp_ctlinput);
#endif
netisr_register(&ip_nh);
#ifdef RSS
netisr_register(&ip_direct_nh);
#endif
}
SYSINIT(ip_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_THIRD, ip_init, NULL);
#ifdef VIMAGE
static void
ip_destroy(void *unused __unused)
{
int error;
#ifdef RSS
netisr_unregister_vnet(&ip_direct_nh);
#endif
netisr_unregister_vnet(&ip_nh);
pfil_head_unregister(V_inet_pfil_head);
error = hhook_head_deregister(V_ipsec_hhh_in[HHOOK_IPSEC_INET]);
if (error != 0) {
printf("%s: WARNING: unable to deregister input helper hook "
"type HHOOK_TYPE_IPSEC_IN, id HHOOK_IPSEC_INET: "
"error %d returned\n", __func__, error);
}
error = hhook_head_deregister(V_ipsec_hhh_out[HHOOK_IPSEC_INET]);
if (error != 0) {
printf("%s: WARNING: unable to deregister output helper hook "
"type HHOOK_TYPE_IPSEC_OUT, id HHOOK_IPSEC_INET: "
"error %d returned\n", __func__, error);
}
/* Remove the IPv4 addresses from all interfaces. */
in_ifscrub_all();
/* Make sure the IPv4 routes are gone as well. */
rib_flush_routes_family(AF_INET);
/* Destroy IP reassembly queue. */
ipreass_destroy();
/* Cleanup in_ifaddr hash table; should be empty. */
hashdestroy(V_in_ifaddrhashtbl, M_IFADDR, V_in_ifaddrhmask);
}
VNET_SYSUNINIT(ip, SI_SUB_PROTO_DOMAIN, SI_ORDER_THIRD, ip_destroy, NULL);
#endif
#ifdef RSS
/*
* IP direct input routine.
*
* This is called when reinjecting completed fragments where
* all of the previous checking and book-keeping has been done.
*/
void
ip_direct_input(struct mbuf *m)
{
struct ip *ip;
int hlen;
ip = mtod(m, struct ip *);
hlen = ip->ip_hl << 2;
#if defined(IPSEC) || defined(IPSEC_SUPPORT)
if (IPSEC_ENABLED(ipv4)) {
if (IPSEC_INPUT(ipv4, m, hlen, ip->ip_p) != 0)
return;
}
#endif /* IPSEC */
IPSTAT_INC(ips_delivered);
ip_protox[ip->ip_p](&m, &hlen, ip->ip_p);
}
#endif
/*
* Ip input routine. Checksum and byte swap header. If fragmented
* try to reassemble. Process options. Pass to next level.
*/
void
ip_input(struct mbuf *m)
{
struct ip *ip = NULL;
struct in_ifaddr *ia = NULL;
struct ifaddr *ifa;
struct ifnet *ifp;
int hlen = 0;
uint16_t sum, ip_len;
int dchg = 0; /* dest changed after fw */
struct in_addr odst; /* original dst address */
bool strong_es;
M_ASSERTPKTHDR(m);
NET_EPOCH_ASSERT();
if (m->m_flags & M_FASTFWD_OURS) {
m->m_flags &= ~M_FASTFWD_OURS;
/* Set up some basics that will be used later. */
ip = mtod(m, struct ip *);
hlen = ip->ip_hl << 2;
ip_len = ntohs(ip->ip_len);
goto ours;
}
IPSTAT_INC(ips_total);
if (__predict_false(m->m_pkthdr.len < sizeof(struct ip)))
goto tooshort;
if (m->m_len < sizeof(struct ip)) {
m = m_pullup(m, sizeof(struct ip));
if (__predict_false(m == NULL)) {
IPSTAT_INC(ips_toosmall);
return;
}
}
ip = mtod(m, struct ip *);
if (__predict_false(ip->ip_v != IPVERSION)) {
IPSTAT_INC(ips_badvers);
goto bad;
}
hlen = ip->ip_hl << 2;
if (__predict_false(hlen < sizeof(struct ip))) { /* minimum header length */
IPSTAT_INC(ips_badhlen);
goto bad;
}
if (hlen > m->m_len) {
m = m_pullup(m, hlen);
if (__predict_false(m == NULL)) {
IPSTAT_INC(ips_badhlen);
return;
}
ip = mtod(m, struct ip *);
}
IP_PROBE(receive, NULL, NULL, ip, m->m_pkthdr.rcvif, ip, NULL);
/* IN_LOOPBACK must not appear on the wire - RFC1122 */
ifp = m->m_pkthdr.rcvif;
if (IN_LOOPBACK(ntohl(ip->ip_dst.s_addr)) ||
IN_LOOPBACK(ntohl(ip->ip_src.s_addr))) {
if ((ifp->if_flags & IFF_LOOPBACK) == 0) {
IPSTAT_INC(ips_badaddr);
goto bad;
}
}
/* The unspecified address can appear only as a src address - RFC1122 */
if (__predict_false(ntohl(ip->ip_dst.s_addr) == INADDR_ANY)) {
IPSTAT_INC(ips_badaddr);
goto bad;
}
if (m->m_pkthdr.csum_flags & CSUM_IP_CHECKED) {
sum = !(m->m_pkthdr.csum_flags & CSUM_IP_VALID);
} else {
if (hlen == sizeof(struct ip)) {
sum = in_cksum_hdr(ip);
} else {
sum = in_cksum(m, hlen);
}
}
if (__predict_false(sum)) {
IPSTAT_INC(ips_badsum);
goto bad;
}
ip_len = ntohs(ip->ip_len);
if (__predict_false(ip_len < hlen)) {
IPSTAT_INC(ips_badlen);
goto bad;
}
/*
* Check that the amount of data in the buffers
* is as at least much as the IP header would have us expect.
* Trim mbufs if longer than we expect.
* Drop packet if shorter than we expect.
*/
if (__predict_false(m->m_pkthdr.len < ip_len)) {
tooshort:
IPSTAT_INC(ips_tooshort);
goto bad;
}
if (m->m_pkthdr.len > ip_len) {
if (m->m_len == m->m_pkthdr.len) {
m->m_len = ip_len;
m->m_pkthdr.len = ip_len;
} else
m_adj(m, ip_len - m->m_pkthdr.len);
}
/*
* Try to forward the packet, but if we fail continue.
* ip_tryforward() may generate redirects these days.
* XXX the logic below falling through to normal processing
* if redirects are required should be revisited as well.
* ip_tryforward() does inbound and outbound packet firewall
* processing. If firewall has decided that destination becomes
* our local address, it sets M_FASTFWD_OURS flag. In this
* case skip another inbound firewall processing and update
* ip pointer.
*/
if (V_ipforwarding != 0
#if defined(IPSEC) || defined(IPSEC_SUPPORT)
&& (!IPSEC_ENABLED(ipv4) ||
IPSEC_CAPS(ipv4, m, IPSEC_CAP_OPERABLE) == 0)
#endif
) {
/*
* ip_dooptions() was run so we can ignore the source route (or
* any IP options case) case for redirects in ip_tryforward().
*/
if ((m = ip_tryforward(m)) == NULL)
return;
if (m->m_flags & M_FASTFWD_OURS) {
m->m_flags &= ~M_FASTFWD_OURS;
ip = mtod(m, struct ip *);
goto ours;
}
}
#if defined(IPSEC) || defined(IPSEC_SUPPORT)
/*
* Bypass packet filtering for packets previously handled by IPsec.
*/
if (IPSEC_ENABLED(ipv4) &&
IPSEC_CAPS(ipv4, m, IPSEC_CAP_BYPASS_FILTER) != 0)
goto passin;
#endif
/*
* Run through list of hooks for input packets.
*
* NB: Beware of the destination address changing (e.g.
* by NAT rewriting). When this happens, tell
* ip_forward to do the right thing.
*/
/* Jump over all PFIL processing if hooks are not active. */
if (!PFIL_HOOKED_IN(V_inet_pfil_head))
goto passin;
odst = ip->ip_dst;
if (pfil_mbuf_in(V_inet_pfil_head, &m, ifp, NULL) !=
PFIL_PASS)
return;
- if (m == NULL) /* consumed by filter */
- return;
ip = mtod(m, struct ip *);
dchg = (odst.s_addr != ip->ip_dst.s_addr);
if (m->m_flags & M_FASTFWD_OURS) {
m->m_flags &= ~M_FASTFWD_OURS;
goto ours;
}
if (m->m_flags & M_IP_NEXTHOP) {
if (m_tag_find(m, PACKET_TAG_IPFORWARD, NULL) != NULL) {
/*
* Directly ship the packet on. This allows
* forwarding packets originally destined to us
* to some other directly connected host.
*/
ip_forward(m, 1);
return;
}
}
passin:
/*
* Process options and, if not destined for us,
* ship it on. ip_dooptions returns 1 when an
* error was detected (causing an icmp message
* to be sent and the original packet to be freed).
*/
if (hlen > sizeof (struct ip) && ip_dooptions(m, 0))
return;
/* greedy RSVP, snatches any PATH packet of the RSVP protocol and no
* matter if it is destined to another node, or whether it is
* a multicast one, RSVP wants it! and prevents it from being forwarded
* anywhere else. Also checks if the rsvp daemon is running before
* grabbing the packet.
*/
if (ip->ip_p == IPPROTO_RSVP && V_rsvp_on)
goto ours;
/*
* Check our list of addresses, to see if the packet is for us.
* If we don't have any addresses, assume any unicast packet
* we receive might be for us (and let the upper layers deal
* with it).
*/
if (CK_STAILQ_EMPTY(&V_in_ifaddrhead) &&
(m->m_flags & (M_MCAST|M_BCAST)) == 0)
goto ours;
/*
* Enable a consistency check between the destination address
* and the arrival interface for a unicast packet (the RFC 1122
* strong ES model) with a list of additional predicates:
* - if IP forwarding is disabled
* - the packet is not locally generated
* - the packet is not subject to 'ipfw fwd'
* - Interface is not running CARP. If the packet got here, we already
* checked it with carp_iamatch() and carp_forus().
*/
strong_es = V_ip_strong_es && (V_ipforwarding == 0) &&
((ifp->if_flags & IFF_LOOPBACK) == 0) &&
ifp->if_carp == NULL && (dchg == 0);
/*
* Check for exact addresses in the hash bucket.
*/
CK_LIST_FOREACH(ia, INADDR_HASH(ip->ip_dst.s_addr), ia_hash) {
if (IA_SIN(ia)->sin_addr.s_addr != ip->ip_dst.s_addr)
continue;
/*
* net.inet.ip.rfc1122_strong_es: the address matches, verify
* that the packet arrived via the correct interface.
*/
if (__predict_false(strong_es && ia->ia_ifp != ifp)) {
IPSTAT_INC(ips_badaddr);
goto bad;
}
/*
* net.inet.ip.source_address_validation: drop incoming
* packets that pretend to be ours.
*/
if (V_ip_sav && !(ifp->if_flags & IFF_LOOPBACK) &&
__predict_false(in_localip_fib(ip->ip_src, ifp->if_fib))) {
IPSTAT_INC(ips_badaddr);
goto bad;
}
counter_u64_add(ia->ia_ifa.ifa_ipackets, 1);
counter_u64_add(ia->ia_ifa.ifa_ibytes, m->m_pkthdr.len);
goto ours;
}
/*
* Check for broadcast addresses.
*
* Only accept broadcast packets that arrive via the matching
* interface. Reception of forwarded directed broadcasts would
* be handled via ip_forward() and ether_output() with the loopback
* into the stack for SIMPLEX interfaces handled by ether_output().
*/
if (ifp->if_flags & IFF_BROADCAST) {
CK_STAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) {
if (ifa->ifa_addr->sa_family != AF_INET)
continue;
ia = ifatoia(ifa);
if (satosin(&ia->ia_broadaddr)->sin_addr.s_addr ==
ip->ip_dst.s_addr) {
counter_u64_add(ia->ia_ifa.ifa_ipackets, 1);
counter_u64_add(ia->ia_ifa.ifa_ibytes,
m->m_pkthdr.len);
goto ours;
}
#ifdef BOOTP_COMPAT
if (IA_SIN(ia)->sin_addr.s_addr == INADDR_ANY) {
counter_u64_add(ia->ia_ifa.ifa_ipackets, 1);
counter_u64_add(ia->ia_ifa.ifa_ibytes,
m->m_pkthdr.len);
goto ours;
}
#endif
}
ia = NULL;
}
if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) {
/*
* RFC 3927 2.7: Do not forward multicast packets from
* IN_LINKLOCAL.
*/
if (V_ip_mrouter && !IN_LINKLOCAL(ntohl(ip->ip_src.s_addr))) {
/*
* If we are acting as a multicast router, all
* incoming multicast packets are passed to the
* kernel-level multicast forwarding function.
* The packet is returned (relatively) intact; if
* ip_mforward() returns a non-zero value, the packet
* must be discarded, else it may be accepted below.
*/
if (ip_mforward && ip_mforward(ip, ifp, m, 0) != 0) {
IPSTAT_INC(ips_cantforward);
m_freem(m);
return;
}
/*
* The process-level routing daemon needs to receive
* all multicast IGMP packets, whether or not this
* host belongs to their destination groups.
*/
if (ip->ip_p == IPPROTO_IGMP) {
goto ours;
}
IPSTAT_INC(ips_forward);
}
/*
* Assume the packet is for us, to avoid prematurely taking
* a lock on the in_multi hash. Protocols must perform
* their own filtering and update statistics accordingly.
*/
goto ours;
}
if (ip->ip_dst.s_addr == (u_long)INADDR_BROADCAST)
goto ours;
if (ip->ip_dst.s_addr == INADDR_ANY)
goto ours;
/* RFC 3927 2.7: Do not forward packets to or from IN_LINKLOCAL. */
if (IN_LINKLOCAL(ntohl(ip->ip_dst.s_addr)) ||
IN_LINKLOCAL(ntohl(ip->ip_src.s_addr))) {
IPSTAT_INC(ips_cantforward);
m_freem(m);
return;
}
/*
* Not for us; forward if possible and desirable.
*/
if (V_ipforwarding == 0) {
IPSTAT_INC(ips_cantforward);
m_freem(m);
} else {
ip_forward(m, dchg);
}
return;
ours:
#ifdef IPSTEALTH
/*
* IPSTEALTH: Process non-routing options only
* if the packet is destined for us.
*/
if (V_ipstealth && hlen > sizeof (struct ip) && ip_dooptions(m, 1))
return;
#endif /* IPSTEALTH */
/*
* We are going to ship the packet to the local protocol stack. Call the
* filter again for this 'output' action, allowing redirect-like rules
* to adjust the source address.
*/
if (PFIL_HOOKED_OUT(V_inet_local_pfil_head)) {
if (pfil_mbuf_out(V_inet_local_pfil_head, &m, V_loif, NULL) !=
PFIL_PASS)
return;
- if (m == NULL) /* consumed by filter */
- return;
ip = mtod(m, struct ip *);
}
/*
* Attempt reassembly; if it succeeds, proceed.
* ip_reass() will return a different mbuf.
*/
if (ip->ip_off & htons(IP_MF | IP_OFFMASK)) {
/* XXXGL: shouldn't we save & set m_flags? */
m = ip_reass(m);
if (m == NULL)
return;
ip = mtod(m, struct ip *);
/* Get the header length of the reassembled packet */
hlen = ip->ip_hl << 2;
}
#if defined(IPSEC) || defined(IPSEC_SUPPORT)
if (IPSEC_ENABLED(ipv4)) {
if (IPSEC_INPUT(ipv4, m, hlen, ip->ip_p) != 0)
return;
}
#endif /* IPSEC */
/*
* Switch out to protocol's input routine.
*/
IPSTAT_INC(ips_delivered);
ip_protox[ip->ip_p](&m, &hlen, ip->ip_p);
return;
bad:
m_freem(m);
}
int
ipproto_register(uint8_t proto, ipproto_input_t input, ipproto_ctlinput_t ctl)
{
MPASS(proto > 0);
/*
* The protocol slot must not be occupied by another protocol
* already. An index pointing to rip_input() is unused.
*/
if (ip_protox[proto] == rip_input) {
ip_protox[proto] = input;
ip_ctlprotox[proto] = ctl;
return (0);
} else
return (EEXIST);
}
int
ipproto_unregister(uint8_t proto)
{
MPASS(proto > 0);
if (ip_protox[proto] != rip_input) {
ip_protox[proto] = rip_input;
ip_ctlprotox[proto] = rip_ctlinput;
return (0);
} else
return (ENOENT);
}
/*
* Forward a packet. If some error occurs return the sender
* an icmp packet. Note we can't always generate a meaningful
* icmp message because icmp doesn't have a large enough repertoire
* of codes and types.
*
* If not forwarding, just drop the packet. This could be confusing
* if ipforwarding was zero but some routing protocol was advancing
* us as a gateway to somewhere. However, we must let the routing
* protocol deal with that.
*
* The srcrt parameter indicates whether the packet is being forwarded
* via a source route.
*/
void
ip_forward(struct mbuf *m, int srcrt)
{
struct ip *ip = mtod(m, struct ip *);
struct in_ifaddr *ia;
struct mbuf *mcopy;
struct sockaddr_in *sin;
struct in_addr dest;
struct route ro;
uint32_t flowid;
int error, type = 0, code = 0, mtu = 0;
NET_EPOCH_ASSERT();
if (m->m_flags & (M_BCAST|M_MCAST) || in_canforward(ip->ip_dst) == 0) {
IPSTAT_INC(ips_cantforward);
m_freem(m);
return;
}
if (
#ifdef IPSTEALTH
V_ipstealth == 0 &&
#endif
ip->ip_ttl <= IPTTLDEC) {
icmp_error(m, ICMP_TIMXCEED, ICMP_TIMXCEED_INTRANS, 0, 0);
return;
}
bzero(&ro, sizeof(ro));
sin = (struct sockaddr_in *)&ro.ro_dst;
sin->sin_family = AF_INET;
sin->sin_len = sizeof(*sin);
sin->sin_addr = ip->ip_dst;
flowid = m->m_pkthdr.flowid;
ro.ro_nh = fib4_lookup(M_GETFIB(m), ip->ip_dst, 0, NHR_REF, flowid);
if (ro.ro_nh != NULL) {
ia = ifatoia(ro.ro_nh->nh_ifa);
} else
ia = NULL;
/*
* Save the IP header and at most 8 bytes of the payload,
* in case we need to generate an ICMP message to the src.
*
* XXX this can be optimized a lot by saving the data in a local
* buffer on the stack (72 bytes at most), and only allocating the
* mbuf if really necessary. The vast majority of the packets
* are forwarded without having to send an ICMP back (either
* because unnecessary, or because rate limited), so we are
* really we are wasting a lot of work here.
*
* We don't use m_copym() because it might return a reference
* to a shared cluster. Both this function and ip_output()
* assume exclusive access to the IP header in `m', so any
* data in a cluster may change before we reach icmp_error().
*/
mcopy = m_gethdr(M_NOWAIT, m->m_type);
if (mcopy != NULL && !m_dup_pkthdr(mcopy, m, M_NOWAIT)) {
/*
* It's probably ok if the pkthdr dup fails (because
* the deep copy of the tag chain failed), but for now
* be conservative and just discard the copy since
* code below may some day want the tags.
*/
m_free(mcopy);
mcopy = NULL;
}
if (mcopy != NULL) {
mcopy->m_len = min(ntohs(ip->ip_len), M_TRAILINGSPACE(mcopy));
mcopy->m_pkthdr.len = mcopy->m_len;
m_copydata(m, 0, mcopy->m_len, mtod(mcopy, caddr_t));
}
#ifdef IPSTEALTH
if (V_ipstealth == 0)
#endif
ip->ip_ttl -= IPTTLDEC;
#if defined(IPSEC) || defined(IPSEC_SUPPORT)
if (IPSEC_ENABLED(ipv4)) {
if ((error = IPSEC_FORWARD(ipv4, m)) != 0) {
/* mbuf consumed by IPsec */
RO_NHFREE(&ro);
m_freem(mcopy);
if (error != EINPROGRESS)
IPSTAT_INC(ips_cantforward);
return;
}
/* No IPsec processing required */
}
#endif /* IPSEC */
/*
* If forwarding packet using same interface that it came in on,
* perhaps should send a redirect to sender to shortcut a hop.
* Only send redirect if source is sending directly to us,
* and if packet was not source routed (or has any options).
* Also, don't send redirect if forwarding using a default route
* or a route modified by a redirect.
*/
dest.s_addr = 0;
if (!srcrt && V_ipsendredirects &&
ia != NULL && ia->ia_ifp == m->m_pkthdr.rcvif) {
struct nhop_object *nh;
nh = ro.ro_nh;
if (nh != NULL && ((nh->nh_flags & (NHF_REDIRECT|NHF_DEFAULT)) == 0)) {
struct in_ifaddr *nh_ia = (struct in_ifaddr *)(nh->nh_ifa);
u_long src = ntohl(ip->ip_src.s_addr);
if (nh_ia != NULL &&
(src & nh_ia->ia_subnetmask) == nh_ia->ia_subnet) {
/* Router requirements says to only send host redirects */
type = ICMP_REDIRECT;
code = ICMP_REDIRECT_HOST;
if (nh->nh_flags & NHF_GATEWAY) {
if (nh->gw_sa.sa_family == AF_INET)
dest.s_addr = nh->gw4_sa.sin_addr.s_addr;
else /* Do not redirect in case gw is AF_INET6 */
type = 0;
} else
dest.s_addr = ip->ip_dst.s_addr;
}
}
}
error = ip_output(m, NULL, &ro, IP_FORWARDING, NULL, NULL);
if (error == EMSGSIZE && ro.ro_nh)
mtu = ro.ro_nh->nh_mtu;
RO_NHFREE(&ro);
if (error)
IPSTAT_INC(ips_cantforward);
else {
IPSTAT_INC(ips_forward);
if (type)
IPSTAT_INC(ips_redirectsent);
else {
if (mcopy)
m_freem(mcopy);
return;
}
}
if (mcopy == NULL)
return;
switch (error) {
case 0: /* forwarded, but need redirect */
/* type, code set above */
break;
case ENETUNREACH:
case EHOSTUNREACH:
case ENETDOWN:
case EHOSTDOWN:
default:
type = ICMP_UNREACH;
code = ICMP_UNREACH_HOST;
break;
case EMSGSIZE:
type = ICMP_UNREACH;
code = ICMP_UNREACH_NEEDFRAG;
/*
* If the MTU was set before make sure we are below the
* interface MTU.
* If the MTU wasn't set before use the interface mtu or
* fall back to the next smaller mtu step compared to the
* current packet size.
*/
if (mtu != 0) {
if (ia != NULL)
mtu = min(mtu, ia->ia_ifp->if_mtu);
} else {
if (ia != NULL)
mtu = ia->ia_ifp->if_mtu;
else
mtu = ip_next_mtu(ntohs(ip->ip_len), 0);
}
IPSTAT_INC(ips_cantfrag);
break;
case ENOBUFS:
case EACCES: /* ipfw denied packet */
m_freem(mcopy);
return;
}
icmp_error(mcopy, type, code, dest.s_addr, mtu);
}
#define CHECK_SO_CT(sp, ct) \
(((sp->so_options & SO_TIMESTAMP) && (sp->so_ts_clock == ct)) ? 1 : 0)
void
ip_savecontrol(struct inpcb *inp, struct mbuf **mp, struct ip *ip,
struct mbuf *m)
{
bool stamped;
stamped = false;
if ((inp->inp_socket->so_options & SO_BINTIME) ||
CHECK_SO_CT(inp->inp_socket, SO_TS_BINTIME)) {
struct bintime boottimebin, bt;
struct timespec ts1;
if ((m->m_flags & (M_PKTHDR | M_TSTMP)) == (M_PKTHDR |
M_TSTMP)) {
mbuf_tstmp2timespec(m, &ts1);
timespec2bintime(&ts1, &bt);
getboottimebin(&boottimebin);
bintime_add(&bt, &boottimebin);
} else {
bintime(&bt);
}
*mp = sbcreatecontrol(&bt, sizeof(bt), SCM_BINTIME,
SOL_SOCKET, M_NOWAIT);
if (*mp != NULL) {
mp = &(*mp)->m_next;
stamped = true;
}
}
if (CHECK_SO_CT(inp->inp_socket, SO_TS_REALTIME_MICRO)) {
struct bintime boottimebin, bt1;
struct timespec ts1;
struct timeval tv;
if ((m->m_flags & (M_PKTHDR | M_TSTMP)) == (M_PKTHDR |
M_TSTMP)) {
mbuf_tstmp2timespec(m, &ts1);
timespec2bintime(&ts1, &bt1);
getboottimebin(&boottimebin);
bintime_add(&bt1, &boottimebin);
bintime2timeval(&bt1, &tv);
} else {
microtime(&tv);
}
*mp = sbcreatecontrol((caddr_t)&tv, sizeof(tv), SCM_TIMESTAMP,
SOL_SOCKET, M_NOWAIT);
if (*mp != NULL) {
mp = &(*mp)->m_next;
stamped = true;
}
} else if (CHECK_SO_CT(inp->inp_socket, SO_TS_REALTIME)) {
struct bintime boottimebin;
struct timespec ts, ts1;
if ((m->m_flags & (M_PKTHDR | M_TSTMP)) == (M_PKTHDR |
M_TSTMP)) {
mbuf_tstmp2timespec(m, &ts);
getboottimebin(&boottimebin);
bintime2timespec(&boottimebin, &ts1);
timespecadd(&ts, &ts1, &ts);
} else {
nanotime(&ts);
}
*mp = sbcreatecontrol(&ts, sizeof(ts), SCM_REALTIME,
SOL_SOCKET, M_NOWAIT);
if (*mp != NULL) {
mp = &(*mp)->m_next;
stamped = true;
}
} else if (CHECK_SO_CT(inp->inp_socket, SO_TS_MONOTONIC)) {
struct timespec ts;
if ((m->m_flags & (M_PKTHDR | M_TSTMP)) == (M_PKTHDR |
M_TSTMP))
mbuf_tstmp2timespec(m, &ts);
else
nanouptime(&ts);
*mp = sbcreatecontrol(&ts, sizeof(ts), SCM_MONOTONIC,
SOL_SOCKET, M_NOWAIT);
if (*mp != NULL) {
mp = &(*mp)->m_next;
stamped = true;
}
}
if (stamped && (m->m_flags & (M_PKTHDR | M_TSTMP)) == (M_PKTHDR |
M_TSTMP)) {
struct sock_timestamp_info sti;
bzero(&sti, sizeof(sti));
sti.st_info_flags = ST_INFO_HW;
if ((m->m_flags & M_TSTMP_HPREC) != 0)
sti.st_info_flags |= ST_INFO_HW_HPREC;
*mp = sbcreatecontrol(&sti, sizeof(sti), SCM_TIME_INFO,
SOL_SOCKET, M_NOWAIT);
if (*mp != NULL)
mp = &(*mp)->m_next;
}
if (inp->inp_flags & INP_RECVDSTADDR) {
*mp = sbcreatecontrol(&ip->ip_dst, sizeof(struct in_addr),
IP_RECVDSTADDR, IPPROTO_IP, M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
}
if (inp->inp_flags & INP_RECVTTL) {
*mp = sbcreatecontrol(&ip->ip_ttl, sizeof(u_char), IP_RECVTTL,
IPPROTO_IP, M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
}
#ifdef notyet
/* XXX
* Moving these out of udp_input() made them even more broken
* than they already were.
*/
/* options were tossed already */
if (inp->inp_flags & INP_RECVOPTS) {
*mp = sbcreatecontrol(opts_deleted_above,
sizeof(struct in_addr), IP_RECVOPTS, IPPROTO_IP, M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
}
/* ip_srcroute doesn't do what we want here, need to fix */
if (inp->inp_flags & INP_RECVRETOPTS) {
*mp = sbcreatecontrol(ip_srcroute(m), sizeof(struct in_addr),
IP_RECVRETOPTS, IPPROTO_IP, M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
}
#endif
if (inp->inp_flags & INP_RECVIF) {
struct ifnet *ifp;
struct sdlbuf {
struct sockaddr_dl sdl;
u_char pad[32];
} sdlbuf;
struct sockaddr_dl *sdp;
struct sockaddr_dl *sdl2 = &sdlbuf.sdl;
if ((ifp = m->m_pkthdr.rcvif)) {
sdp = (struct sockaddr_dl *)ifp->if_addr->ifa_addr;
/*
* Change our mind and don't try copy.
*/
if (sdp->sdl_family != AF_LINK ||
sdp->sdl_len > sizeof(sdlbuf)) {
goto makedummy;
}
bcopy(sdp, sdl2, sdp->sdl_len);
} else {
makedummy:
sdl2->sdl_len =
offsetof(struct sockaddr_dl, sdl_data[0]);
sdl2->sdl_family = AF_LINK;
sdl2->sdl_index = 0;
sdl2->sdl_nlen = sdl2->sdl_alen = sdl2->sdl_slen = 0;
}
*mp = sbcreatecontrol(sdl2, sdl2->sdl_len, IP_RECVIF,
IPPROTO_IP, M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
}
if (inp->inp_flags & INP_RECVTOS) {
*mp = sbcreatecontrol(&ip->ip_tos, sizeof(u_char), IP_RECVTOS,
IPPROTO_IP, M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
}
if (inp->inp_flags2 & INP_RECVFLOWID) {
uint32_t flowid, flow_type;
flowid = m->m_pkthdr.flowid;
flow_type = M_HASHTYPE_GET(m);
/*
* XXX should handle the failure of one or the
* other - don't populate both?
*/
*mp = sbcreatecontrol(&flowid, sizeof(uint32_t), IP_FLOWID,
IPPROTO_IP, M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
*mp = sbcreatecontrol(&flow_type, sizeof(uint32_t),
IP_FLOWTYPE, IPPROTO_IP, M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
}
#ifdef RSS
if (inp->inp_flags2 & INP_RECVRSSBUCKETID) {
uint32_t flowid, flow_type;
uint32_t rss_bucketid;
flowid = m->m_pkthdr.flowid;
flow_type = M_HASHTYPE_GET(m);
if (rss_hash2bucket(flowid, flow_type, &rss_bucketid) == 0) {
*mp = sbcreatecontrol(&rss_bucketid, sizeof(uint32_t),
IP_RSSBUCKETID, IPPROTO_IP, M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
}
}
#endif
}
/*
* XXXRW: Multicast routing code in ip_mroute.c is generally MPSAFE, but the
* ip_rsvp and ip_rsvp_on variables need to be interlocked with rsvp_on
* locking. This code remains in ip_input.c as ip_mroute.c is optionally
* compiled.
*/
VNET_DEFINE_STATIC(int, ip_rsvp_on);
VNET_DEFINE(struct socket *, ip_rsvpd);
#define V_ip_rsvp_on VNET(ip_rsvp_on)
int
ip_rsvp_init(struct socket *so)
{
if (V_ip_rsvpd != NULL)
return EADDRINUSE;
V_ip_rsvpd = so;
/*
* This may seem silly, but we need to be sure we don't over-increment
* the RSVP counter, in case something slips up.
*/
if (!V_ip_rsvp_on) {
V_ip_rsvp_on = 1;
V_rsvp_on++;
}
return 0;
}
int
ip_rsvp_done(void)
{
V_ip_rsvpd = NULL;
/*
* This may seem silly, but we need to be sure we don't over-decrement
* the RSVP counter, in case something slips up.
*/
if (V_ip_rsvp_on) {
V_ip_rsvp_on = 0;
V_rsvp_on--;
}
return 0;
}
int
rsvp_input(struct mbuf **mp, int *offp, int proto)
{
struct mbuf *m;
m = *mp;
*mp = NULL;
if (rsvp_input_p) { /* call the real one if loaded */
*mp = m;
rsvp_input_p(mp, offp, proto);
return (IPPROTO_DONE);
}
/* Can still get packets with rsvp_on = 0 if there is a local member
* of the group to which the RSVP packet is addressed. But in this
* case we want to throw the packet away.
*/
if (!V_rsvp_on) {
m_freem(m);
return (IPPROTO_DONE);
}
if (V_ip_rsvpd != NULL) {
*mp = m;
rip_input(mp, offp, proto);
return (IPPROTO_DONE);
}
/* Drop the packet */
m_freem(m);
return (IPPROTO_DONE);
}
diff --git a/sys/netinet6/ip6_input.c b/sys/netinet6/ip6_input.c
index 5de8f49b5483..11b92c152a1a 100644
--- a/sys/netinet6/ip6_input.c
+++ b/sys/netinet6/ip6_input.c
@@ -1,1725 +1,1723 @@
/*-
* SPDX-License-Identifier: BSD-3-Clause
*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the project nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $KAME: ip6_input.c,v 1.259 2002/01/21 04:58:09 jinmei Exp $
*/
/*-
* Copyright (c) 1982, 1986, 1988, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
#include "opt_inet.h"
#include "opt_inet6.h"
#include "opt_ipsec.h"
#include "opt_route.h"
#include "opt_rss.h"
#include "opt_sctp.h"
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/hhook.h>
#include <sys/malloc.h>
#include <sys/mbuf.h>
#include <sys/proc.h>
#include <sys/domain.h>
#include <sys/protosw.h>
#include <sys/sdt.h>
#include <sys/socket.h>
#include <sys/socketvar.h>
#include <sys/errno.h>
#include <sys/time.h>
#include <sys/kernel.h>
#include <sys/lock.h>
#include <sys/rmlock.h>
#include <sys/syslog.h>
#include <sys/sysctl.h>
#include <sys/eventhandler.h>
#include <net/if.h>
#include <net/if_var.h>
#include <net/if_types.h>
#include <net/if_private.h>
#include <net/if_dl.h>
#include <net/route.h>
#include <net/netisr.h>
#include <net/rss_config.h>
#include <net/pfil.h>
#include <net/vnet.h>
#include <netinet/in.h>
#include <netinet/in_kdtrace.h>
#include <netinet/ip_var.h>
#include <netinet/in_systm.h>
#include <net/if_llatbl.h>
#ifdef INET
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
#endif /* INET */
#include <netinet/ip6.h>
#include <netinet6/in6_var.h>
#include <netinet6/ip6_var.h>
#include <netinet/ip_encap.h>
#include <netinet/in_pcb.h>
#include <netinet/icmp6.h>
#include <netinet6/scope6_var.h>
#include <netinet6/in6_ifattach.h>
#include <netinet6/mld6_var.h>
#include <netinet6/nd6.h>
#include <netinet6/in6_rss.h>
#ifdef SCTP
#include <netinet/sctp_pcb.h>
#include <netinet6/sctp6_var.h>
#endif
#include <netipsec/ipsec_support.h>
ip6proto_input_t *ip6_protox[IPPROTO_MAX] = {
[0 ... IPPROTO_MAX - 1] = rip6_input };
ip6proto_ctlinput_t *ip6_ctlprotox[IPPROTO_MAX] = {
[0 ... IPPROTO_MAX - 1] = rip6_ctlinput };
VNET_DEFINE(struct in6_ifaddrhead, in6_ifaddrhead);
VNET_DEFINE(struct in6_ifaddrlisthead *, in6_ifaddrhashtbl);
VNET_DEFINE(u_long, in6_ifaddrhmask);
static struct netisr_handler ip6_nh = {
.nh_name = "ip6",
.nh_handler = ip6_input,
.nh_proto = NETISR_IPV6,
#ifdef RSS
.nh_m2cpuid = rss_soft_m2cpuid_v6,
.nh_policy = NETISR_POLICY_CPU,
.nh_dispatch = NETISR_DISPATCH_HYBRID,
#else
.nh_policy = NETISR_POLICY_FLOW,
#endif
};
static int
sysctl_netinet6_intr_queue_maxlen(SYSCTL_HANDLER_ARGS)
{
int error, qlimit;
netisr_getqlimit(&ip6_nh, &qlimit);
error = sysctl_handle_int(oidp, &qlimit, 0, req);
if (error || !req->newptr)
return (error);
if (qlimit < 1)
return (EINVAL);
return (netisr_setqlimit(&ip6_nh, qlimit));
}
SYSCTL_DECL(_net_inet6_ip6);
SYSCTL_PROC(_net_inet6_ip6, IPV6CTL_INTRQMAXLEN, intr_queue_maxlen,
CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
0, 0, sysctl_netinet6_intr_queue_maxlen, "I",
"Maximum size of the IPv6 input queue");
VNET_DEFINE_STATIC(bool, ip6_sav) = true;
#define V_ip6_sav VNET(ip6_sav)
SYSCTL_BOOL(_net_inet6_ip6, OID_AUTO, source_address_validation,
CTLFLAG_VNET | CTLFLAG_RW, &VNET_NAME(ip6_sav), true,
"Drop incoming packets with source address that is a local address");
#ifdef RSS
static struct netisr_handler ip6_direct_nh = {
.nh_name = "ip6_direct",
.nh_handler = ip6_direct_input,
.nh_proto = NETISR_IPV6_DIRECT,
.nh_m2cpuid = rss_soft_m2cpuid_v6,
.nh_policy = NETISR_POLICY_CPU,
.nh_dispatch = NETISR_DISPATCH_HYBRID,
};
static int
sysctl_netinet6_intr_direct_queue_maxlen(SYSCTL_HANDLER_ARGS)
{
int error, qlimit;
netisr_getqlimit(&ip6_direct_nh, &qlimit);
error = sysctl_handle_int(oidp, &qlimit, 0, req);
if (error || !req->newptr)
return (error);
if (qlimit < 1)
return (EINVAL);
return (netisr_setqlimit(&ip6_direct_nh, qlimit));
}
SYSCTL_PROC(_net_inet6_ip6, IPV6CTL_INTRDQMAXLEN, intr_direct_queue_maxlen,
CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
0, 0, sysctl_netinet6_intr_direct_queue_maxlen, "I",
"Maximum size of the IPv6 direct input queue");
#endif
VNET_DEFINE(pfil_head_t, inet6_pfil_head);
VNET_DEFINE(pfil_head_t, inet6_local_pfil_head);
VNET_PCPUSTAT_DEFINE(struct ip6stat, ip6stat);
VNET_PCPUSTAT_SYSINIT(ip6stat);
#ifdef VIMAGE
VNET_PCPUSTAT_SYSUNINIT(ip6stat);
#endif /* VIMAGE */
struct rmlock in6_ifaddr_lock;
RM_SYSINIT(in6_ifaddr_lock, &in6_ifaddr_lock, "in6_ifaddr_lock");
static int ip6_hopopts_input(u_int32_t *, u_int32_t *, struct mbuf **, int *);
/*
* IP6 initialization: fill in IP6 protocol switch table.
* All protocols not implemented in kernel go to raw IP6 protocol handler.
*/
static void
ip6_vnet_init(void *arg __unused)
{
struct pfil_head_args args;
TUNABLE_INT_FETCH("net.inet6.ip6.auto_linklocal",
&V_ip6_auto_linklocal);
TUNABLE_INT_FETCH("net.inet6.ip6.accept_rtadv", &V_ip6_accept_rtadv);
TUNABLE_INT_FETCH("net.inet6.ip6.no_radr", &V_ip6_no_radr);
CK_STAILQ_INIT(&V_in6_ifaddrhead);
V_in6_ifaddrhashtbl = hashinit(IN6ADDR_NHASH, M_IFADDR,
&V_in6_ifaddrhmask);
/* Initialize packet filter hooks. */
args.pa_version = PFIL_VERSION;
args.pa_flags = PFIL_IN | PFIL_OUT;
args.pa_type = PFIL_TYPE_IP6;
args.pa_headname = PFIL_INET6_NAME;
V_inet6_pfil_head = pfil_head_register(&args);
args.pa_flags = PFIL_OUT;
args.pa_headname = PFIL_INET6_LOCAL_NAME;
V_inet6_local_pfil_head = pfil_head_register(&args);
if (hhook_head_register(HHOOK_TYPE_IPSEC_IN, AF_INET6,
&V_ipsec_hhh_in[HHOOK_IPSEC_INET6],
HHOOK_WAITOK | HHOOK_HEADISINVNET) != 0)
printf("%s: WARNING: unable to register input helper hook\n",
__func__);
if (hhook_head_register(HHOOK_TYPE_IPSEC_OUT, AF_INET6,
&V_ipsec_hhh_out[HHOOK_IPSEC_INET6],
HHOOK_WAITOK | HHOOK_HEADISINVNET) != 0)
printf("%s: WARNING: unable to register output helper hook\n",
__func__);
scope6_init();
addrsel_policy_init();
nd6_init();
frag6_init();
V_ip6_desync_factor = arc4random() % MAX_TEMP_DESYNC_FACTOR;
/* Skip global initialization stuff for non-default instances. */
#ifdef VIMAGE
netisr_register_vnet(&ip6_nh);
#ifdef RSS
netisr_register_vnet(&ip6_direct_nh);
#endif
#endif
}
VNET_SYSINIT(ip6_vnet_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_FOURTH,
ip6_vnet_init, NULL);
static void
ip6_init(void *arg __unused)
{
/*
* Register statically those protocols that are unlikely to ever go
* dynamic.
*/
IP6PROTO_REGISTER(IPPROTO_ICMPV6, icmp6_input, rip6_ctlinput);
IP6PROTO_REGISTER(IPPROTO_DSTOPTS, dest6_input, NULL);
IP6PROTO_REGISTER(IPPROTO_ROUTING, route6_input, NULL);
IP6PROTO_REGISTER(IPPROTO_FRAGMENT, frag6_input, NULL);
IP6PROTO_REGISTER(IPPROTO_IPV4, encap6_input, NULL);
IP6PROTO_REGISTER(IPPROTO_IPV6, encap6_input, NULL);
IP6PROTO_REGISTER(IPPROTO_ETHERIP, encap6_input, NULL);
IP6PROTO_REGISTER(IPPROTO_GRE, encap6_input, NULL);
IP6PROTO_REGISTER(IPPROTO_PIM, encap6_input, NULL);
#ifdef SCTP /* XXX: has a loadable & static version */
IP6PROTO_REGISTER(IPPROTO_SCTP, sctp6_input, sctp6_ctlinput);
#endif
EVENTHANDLER_REGISTER(vm_lowmem, frag6_drain, NULL, LOWMEM_PRI_DEFAULT);
EVENTHANDLER_REGISTER(mbuf_lowmem, frag6_drain, NULL,
LOWMEM_PRI_DEFAULT);
netisr_register(&ip6_nh);
#ifdef RSS
netisr_register(&ip6_direct_nh);
#endif
}
SYSINIT(ip6_init, SI_SUB_PROTO_DOMAIN, SI_ORDER_THIRD, ip6_init, NULL);
int
ip6proto_register(uint8_t proto, ip6proto_input_t input,
ip6proto_ctlinput_t ctl)
{
MPASS(proto > 0);
if (ip6_protox[proto] == rip6_input) {
ip6_protox[proto] = input;
ip6_ctlprotox[proto] = ctl;
return (0);
} else
return (EEXIST);
}
int
ip6proto_unregister(uint8_t proto)
{
MPASS(proto > 0);
if (ip6_protox[proto] != rip6_input) {
ip6_protox[proto] = rip6_input;
ip6_ctlprotox[proto] = rip6_ctlinput;
return (0);
} else
return (ENOENT);
}
#ifdef VIMAGE
static void
ip6_destroy(void *unused __unused)
{
struct ifaddr *ifa, *nifa;
struct ifnet *ifp;
int error;
#ifdef RSS
netisr_unregister_vnet(&ip6_direct_nh);
#endif
netisr_unregister_vnet(&ip6_nh);
pfil_head_unregister(V_inet6_pfil_head);
error = hhook_head_deregister(V_ipsec_hhh_in[HHOOK_IPSEC_INET6]);
if (error != 0) {
printf("%s: WARNING: unable to deregister input helper hook "
"type HHOOK_TYPE_IPSEC_IN, id HHOOK_IPSEC_INET6: "
"error %d returned\n", __func__, error);
}
error = hhook_head_deregister(V_ipsec_hhh_out[HHOOK_IPSEC_INET6]);
if (error != 0) {
printf("%s: WARNING: unable to deregister output helper hook "
"type HHOOK_TYPE_IPSEC_OUT, id HHOOK_IPSEC_INET6: "
"error %d returned\n", __func__, error);
}
/* Cleanup addresses. */
IFNET_RLOCK();
CK_STAILQ_FOREACH(ifp, &V_ifnet, if_link) {
/* Cannot lock here - lock recursion. */
/* IF_ADDR_LOCK(ifp); */
CK_STAILQ_FOREACH_SAFE(ifa, &ifp->if_addrhead, ifa_link, nifa) {
if (ifa->ifa_addr->sa_family != AF_INET6)
continue;
in6_purgeaddr(ifa);
}
/* IF_ADDR_UNLOCK(ifp); */
in6_ifdetach_destroy(ifp);
mld_domifdetach(ifp);
}
IFNET_RUNLOCK();
/* Make sure any routes are gone as well. */
rib_flush_routes_family(AF_INET6);
frag6_destroy();
nd6_destroy();
in6_ifattach_destroy();
hashdestroy(V_in6_ifaddrhashtbl, M_IFADDR, V_in6_ifaddrhmask);
}
VNET_SYSUNINIT(inet6, SI_SUB_PROTO_DOMAIN, SI_ORDER_THIRD, ip6_destroy, NULL);
#endif
static int
ip6_input_hbh(struct mbuf **mp, uint32_t *plen, uint32_t *rtalert, int *off,
int *nxt, int *ours)
{
struct mbuf *m;
struct ip6_hdr *ip6;
struct ip6_hbh *hbh;
if (ip6_hopopts_input(plen, rtalert, mp, off)) {
#if 0 /*touches NULL pointer*/
in6_ifstat_inc((*mp)->m_pkthdr.rcvif, ifs6_in_discard);
#endif
goto out; /* m have already been freed */
}
/* adjust pointer */
m = *mp;
ip6 = mtod(m, struct ip6_hdr *);
/*
* if the payload length field is 0 and the next header field
* indicates Hop-by-Hop Options header, then a Jumbo Payload
* option MUST be included.
*/
if (ip6->ip6_plen == 0 && *plen == 0) {
/*
* Note that if a valid jumbo payload option is
* contained, ip6_hopopts_input() must set a valid
* (non-zero) payload length to the variable plen.
*/
IP6STAT_INC(ip6s_badoptions);
in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_discard);
in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_hdrerr);
icmp6_error(m, ICMP6_PARAM_PROB,
ICMP6_PARAMPROB_HEADER,
(caddr_t)&ip6->ip6_plen - (caddr_t)ip6);
goto out;
}
/* ip6_hopopts_input() ensures that mbuf is contiguous */
hbh = (struct ip6_hbh *)(ip6 + 1);
*nxt = hbh->ip6h_nxt;
/*
* If we are acting as a router and the packet contains a
* router alert option, see if we know the option value.
* Currently, we only support the option value for MLD, in which
* case we should pass the packet to the multicast routing
* daemon.
*/
if (*rtalert != ~0) {
switch (*rtalert) {
case IP6OPT_RTALERT_MLD:
if (V_ip6_forwarding)
*ours = 1;
break;
default:
/*
* RFC2711 requires unrecognized values must be
* silently ignored.
*/
break;
}
}
return (0);
out:
return (1);
}
#ifdef RSS
/*
* IPv6 direct input routine.
*
* This is called when reinjecting completed fragments where
* all of the previous checking and book-keeping has been done.
*/
void
ip6_direct_input(struct mbuf *m)
{
int off, nxt;
int nest;
struct m_tag *mtag;
struct ip6_direct_ctx *ip6dc;
mtag = m_tag_locate(m, MTAG_ABI_IPV6, IPV6_TAG_DIRECT, NULL);
KASSERT(mtag != NULL, ("Reinjected packet w/o direct ctx tag!"));
ip6dc = (struct ip6_direct_ctx *)(mtag + 1);
nxt = ip6dc->ip6dc_nxt;
off = ip6dc->ip6dc_off;
nest = 0;
m_tag_delete(m, mtag);
while (nxt != IPPROTO_DONE) {
if (V_ip6_hdrnestlimit && (++nest > V_ip6_hdrnestlimit)) {
IP6STAT_INC(ip6s_toomanyhdr);
goto bad;
}
/*
* protection against faulty packet - there should be
* more sanity checks in header chain processing.
*/
if (m->m_pkthdr.len < off) {
IP6STAT_INC(ip6s_tooshort);
in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_truncated);
goto bad;
}
#if defined(IPSEC) || defined(IPSEC_SUPPORT)
if (IPSEC_ENABLED(ipv6)) {
if (IPSEC_INPUT(ipv6, m, off, nxt) != 0)
return;
}
#endif /* IPSEC */
nxt = ip6_protox[nxt](&m, &off, nxt);
}
return;
bad:
m_freem(m);
}
#endif
void
ip6_input(struct mbuf *m)
{
struct in6_addr odst;
struct ip6_hdr *ip6;
struct in6_ifaddr *ia;
struct ifnet *rcvif;
u_int32_t plen;
u_int32_t rtalert = ~0;
int off = sizeof(struct ip6_hdr), nest;
int nxt, ours = 0;
int srcrt = 0;
/*
* Drop the packet if IPv6 operation is disabled on the interface.
*/
rcvif = m->m_pkthdr.rcvif;
if ((ND_IFINFO(rcvif)->flags & ND6_IFF_IFDISABLED))
goto bad;
#if defined(IPSEC) || defined(IPSEC_SUPPORT)
/*
* should the inner packet be considered authentic?
* see comment in ah4_input().
* NB: m cannot be NULL when passed to the input routine
*/
m->m_flags &= ~M_AUTHIPHDR;
m->m_flags &= ~M_AUTHIPDGM;
#endif /* IPSEC */
if (m->m_flags & M_FASTFWD_OURS) {
/*
* Firewall changed destination to local.
*/
ip6 = mtod(m, struct ip6_hdr *);
goto passin;
}
/*
* mbuf statistics
*/
if (m->m_flags & M_EXT) {
if (m->m_next)
IP6STAT_INC(ip6s_mext2m);
else
IP6STAT_INC(ip6s_mext1);
} else {
if (m->m_next) {
struct ifnet *ifp = (m->m_flags & M_LOOP) ? V_loif : rcvif;
int ifindex = ifp->if_index;
if (ifindex >= IP6S_M2MMAX)
ifindex = 0;
IP6STAT_INC(ip6s_m2m[ifindex]);
} else
IP6STAT_INC(ip6s_m1);
}
in6_ifstat_inc(rcvif, ifs6_in_receive);
IP6STAT_INC(ip6s_total);
/*
* L2 bridge code and some other code can return mbuf chain
* that does not conform to KAME requirement. too bad.
* XXX: fails to join if interface MTU > MCLBYTES. jumbogram?
*/
if (m && m->m_next != NULL && m->m_pkthdr.len < MCLBYTES) {
struct mbuf *n;
if (m->m_pkthdr.len > MHLEN)
n = m_getcl(M_NOWAIT, MT_DATA, M_PKTHDR);
else
n = m_gethdr(M_NOWAIT, MT_DATA);
if (n == NULL)
goto bad;
m_move_pkthdr(n, m);
m_copydata(m, 0, n->m_pkthdr.len, mtod(n, caddr_t));
n->m_len = n->m_pkthdr.len;
m_freem(m);
m = n;
}
if (m->m_len < sizeof(struct ip6_hdr)) {
if ((m = m_pullup(m, sizeof(struct ip6_hdr))) == NULL) {
IP6STAT_INC(ip6s_toosmall);
in6_ifstat_inc(rcvif, ifs6_in_hdrerr);
goto bad;
}
}
ip6 = mtod(m, struct ip6_hdr *);
if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) {
IP6STAT_INC(ip6s_badvers);
in6_ifstat_inc(rcvif, ifs6_in_hdrerr);
goto bad;
}
IP6STAT_INC(ip6s_nxthist[ip6->ip6_nxt]);
IP_PROBE(receive, NULL, NULL, ip6, rcvif, NULL, ip6);
/*
* Check against address spoofing/corruption.
*/
if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_src) ||
IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_dst)) {
/*
* XXX: "badscope" is not very suitable for a multicast source.
*/
IP6STAT_INC(ip6s_badscope);
in6_ifstat_inc(rcvif, ifs6_in_addrerr);
goto bad;
}
if (IN6_IS_ADDR_MC_INTFACELOCAL(&ip6->ip6_dst) &&
!(m->m_flags & M_LOOP)) {
/*
* In this case, the packet should come from the loopback
* interface. However, we cannot just check the if_flags,
* because ip6_mloopback() passes the "actual" interface
* as the outgoing/incoming interface.
*/
IP6STAT_INC(ip6s_badscope);
in6_ifstat_inc(rcvif, ifs6_in_addrerr);
goto bad;
}
if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) &&
IPV6_ADDR_MC_SCOPE(&ip6->ip6_dst) == 0) {
/*
* RFC4291 2.7:
* Nodes must not originate a packet to a multicast address
* whose scop field contains the reserved value 0; if such
* a packet is received, it must be silently dropped.
*/
IP6STAT_INC(ip6s_badscope);
in6_ifstat_inc(rcvif, ifs6_in_addrerr);
goto bad;
}
/*
* The following check is not documented in specs. A malicious
* party may be able to use IPv4 mapped addr to confuse tcp/udp stack
* and bypass security checks (act as if it was from 127.0.0.1 by using
* IPv6 src ::ffff:127.0.0.1). Be cautious.
*
* We have supported IPv6-only kernels for a few years and this issue
* has not come up. The world seems to move mostly towards not using
* v4mapped on the wire, so it makes sense for us to keep rejecting
* any such packets.
*/
if (IN6_IS_ADDR_V4MAPPED(&ip6->ip6_src) ||
IN6_IS_ADDR_V4MAPPED(&ip6->ip6_dst)) {
IP6STAT_INC(ip6s_badscope);
in6_ifstat_inc(rcvif, ifs6_in_addrerr);
goto bad;
}
#if 0
/*
* Reject packets with IPv4 compatible addresses (auto tunnel).
*
* The code forbids auto tunnel relay case in RFC1933 (the check is
* stronger than RFC1933). We may want to re-enable it if mech-xx
* is revised to forbid relaying case.
*/
if (IN6_IS_ADDR_V4COMPAT(&ip6->ip6_src) ||
IN6_IS_ADDR_V4COMPAT(&ip6->ip6_dst)) {
IP6STAT_INC(ip6s_badscope);
in6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_addrerr);
goto bad;
}
#endif
/*
* Try to forward the packet, but if we fail continue.
* ip6_tryforward() does not generate redirects, so fall
* through to normal processing if redirects are required.
* ip6_tryforward() does inbound and outbound packet firewall
* processing. If firewall has decided that destination becomes
* our local address, it sets M_FASTFWD_OURS flag. In this
* case skip another inbound firewall processing and update
* ip6 pointer.
*/
if (V_ip6_forwarding != 0 && V_ip6_sendredirects == 0
#if defined(IPSEC) || defined(IPSEC_SUPPORT)
&& (!IPSEC_ENABLED(ipv6) ||
IPSEC_CAPS(ipv6, m, IPSEC_CAP_OPERABLE) == 0)
#endif
) {
if ((m = ip6_tryforward(m)) == NULL)
return;
if (m->m_flags & M_FASTFWD_OURS) {
ip6 = mtod(m, struct ip6_hdr *);
goto passin;
}
}
#if defined(IPSEC) || defined(IPSEC_SUPPORT)
/*
* Bypass packet filtering for packets previously handled by IPsec.
*/
if (IPSEC_ENABLED(ipv6) &&
IPSEC_CAPS(ipv6, m, IPSEC_CAP_BYPASS_FILTER) != 0)
goto passin;
#endif
/*
* Run through list of hooks for input packets.
*
* NB: Beware of the destination address changing
* (e.g. by NAT rewriting). When this happens,
* tell ip6_forward to do the right thing.
*/
/* Jump over all PFIL processing if hooks are not active. */
if (!PFIL_HOOKED_IN(V_inet6_pfil_head))
goto passin;
odst = ip6->ip6_dst;
if (pfil_mbuf_in(V_inet6_pfil_head, &m, m->m_pkthdr.rcvif,
NULL) != PFIL_PASS)
return;
ip6 = mtod(m, struct ip6_hdr *);
srcrt = !IN6_ARE_ADDR_EQUAL(&odst, &ip6->ip6_dst);
if ((m->m_flags & (M_IP6_NEXTHOP | M_FASTFWD_OURS)) == M_IP6_NEXTHOP &&
m_tag_find(m, PACKET_TAG_IPFORWARD, NULL) != NULL) {
/*
* Directly ship the packet on. This allows forwarding
* packets originally destined to us to some other directly
* connected host.
*/
ip6_forward(m, 1);
return;
}
passin:
/*
* Disambiguate address scope zones (if there is ambiguity).
* We first make sure that the original source or destination address
* is not in our internal form for scoped addresses. Such addresses
* are not necessarily invalid spec-wise, but we cannot accept them due
* to the usage conflict.
* in6_setscope() then also checks and rejects the cases where src or
* dst are the loopback address and the receiving interface
* is not loopback.
*/
if (in6_clearscope(&ip6->ip6_src) || in6_clearscope(&ip6->ip6_dst)) {
IP6STAT_INC(ip6s_badscope); /* XXX */
goto bad;
}
if (in6_setscope(&ip6->ip6_src, rcvif, NULL) ||
in6_setscope(&ip6->ip6_dst, rcvif, NULL)) {
IP6STAT_INC(ip6s_badscope);
goto bad;
}
if (m->m_flags & M_FASTFWD_OURS) {
m->m_flags &= ~M_FASTFWD_OURS;
ours = 1;
goto hbhcheck;
}
/*
* Multicast check. Assume packet is for us to avoid
* prematurely taking locks.
*/
if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
ours = 1;
in6_ifstat_inc(rcvif, ifs6_in_mcast);
goto hbhcheck;
}
/*
* Unicast check
* XXX: For now we keep link-local IPv6 addresses with embedded
* scope zone id, therefore we use zero zoneid here.
*/
ia = in6ifa_ifwithaddr(&ip6->ip6_dst, 0 /* XXX */, false);
if (ia != NULL) {
if (ia->ia6_flags & IN6_IFF_NOTREADY) {
char ip6bufs[INET6_ADDRSTRLEN];
char ip6bufd[INET6_ADDRSTRLEN];
/* address is not ready, so discard the packet. */
nd6log((LOG_INFO,
"ip6_input: packet to an unready address %s->%s\n",
ip6_sprintf(ip6bufs, &ip6->ip6_src),
ip6_sprintf(ip6bufd, &ip6->ip6_dst)));
goto bad;
}
if (V_ip6_sav && !(m->m_flags & M_LOOP) &&
__predict_false(in6_localip_fib(&ip6->ip6_src,
rcvif->if_fib))) {
IP6STAT_INC(ip6s_badscope); /* XXX */
goto bad;
}
/* Count the packet in the ip address stats */
counter_u64_add(ia->ia_ifa.ifa_ipackets, 1);
counter_u64_add(ia->ia_ifa.ifa_ibytes, m->m_pkthdr.len);
ours = 1;
goto hbhcheck;
}
/*
* Now there is no reason to process the packet if it's not our own
* and we're not a router.
*/
if (!V_ip6_forwarding) {
IP6STAT_INC(ip6s_cantforward);
goto bad;
}
hbhcheck:
/*
* Process Hop-by-Hop options header if it's contained.
* m may be modified in ip6_hopopts_input().
* If a JumboPayload option is included, plen will also be modified.
*/
plen = (u_int32_t)ntohs(ip6->ip6_plen);
if (ip6->ip6_nxt == IPPROTO_HOPOPTS) {
if (ip6_input_hbh(&m, &plen, &rtalert, &off, &nxt, &ours) != 0)
return;
} else
nxt = ip6->ip6_nxt;
/*
* Use mbuf flags to propagate Router Alert option to
* ICMPv6 layer, as hop-by-hop options have been stripped.
*/
if (rtalert != ~0)
m->m_flags |= M_RTALERT_MLD;
/*
* Check that the amount of data in the buffers
* is as at least much as the IPv6 header would have us expect.
* Trim mbufs if longer than we expect.
* Drop packet if shorter than we expect.
*/
if (m->m_pkthdr.len - sizeof(struct ip6_hdr) < plen) {
IP6STAT_INC(ip6s_tooshort);
in6_ifstat_inc(rcvif, ifs6_in_truncated);
goto bad;
}
if (m->m_pkthdr.len > sizeof(struct ip6_hdr) + plen) {
if (m->m_len == m->m_pkthdr.len) {
m->m_len = sizeof(struct ip6_hdr) + plen;
m->m_pkthdr.len = sizeof(struct ip6_hdr) + plen;
} else
m_adj(m, sizeof(struct ip6_hdr) + plen - m->m_pkthdr.len);
}
/*
* Forward if desirable.
*/
if (V_ip6_mrouter &&
IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
/*
* If we are acting as a multicast router, all
* incoming multicast packets are passed to the
* kernel-level multicast forwarding function.
* The packet is returned (relatively) intact; if
* ip6_mforward() returns a non-zero value, the packet
* must be discarded, else it may be accepted below.
*
* XXX TODO: Check hlim and multicast scope here to avoid
* unnecessarily calling into ip6_mforward().
*/
if (ip6_mforward && ip6_mforward(ip6, rcvif, m)) {
IP6STAT_INC(ip6s_cantforward);
goto bad;
}
} else if (!ours) {
ip6_forward(m, srcrt);
return;
}
/*
* We are going to ship the packet to the local protocol stack. Call the
* filter again for this 'output' action, allowing redirect-like rules
* to adjust the source address.
*/
if (PFIL_HOOKED_OUT(V_inet6_local_pfil_head)) {
if (pfil_mbuf_out(V_inet6_local_pfil_head, &m, V_loif, NULL) !=
PFIL_PASS)
return;
- if (m == NULL) /* consumed by filter */
- return;
ip6 = mtod(m, struct ip6_hdr *);
}
/*
* Tell launch routine the next header
*/
IP6STAT_INC(ip6s_delivered);
in6_ifstat_inc(rcvif, ifs6_in_deliver);
nest = 0;
while (nxt != IPPROTO_DONE) {
if (V_ip6_hdrnestlimit && (++nest > V_ip6_hdrnestlimit)) {
IP6STAT_INC(ip6s_toomanyhdr);
goto bad;
}
/*
* protection against faulty packet - there should be
* more sanity checks in header chain processing.
*/
if (m->m_pkthdr.len < off) {
IP6STAT_INC(ip6s_tooshort);
in6_ifstat_inc(rcvif, ifs6_in_truncated);
goto bad;
}
#if defined(IPSEC) || defined(IPSEC_SUPPORT)
if (IPSEC_ENABLED(ipv6)) {
if (IPSEC_INPUT(ipv6, m, off, nxt) != 0)
return;
}
#endif /* IPSEC */
nxt = ip6_protox[nxt](&m, &off, nxt);
}
return;
bad:
in6_ifstat_inc(rcvif, ifs6_in_discard);
if (m != NULL)
m_freem(m);
}
/*
* Hop-by-Hop options header processing. If a valid jumbo payload option is
* included, the real payload length will be stored in plenp.
*
* rtalertp - XXX: should be stored more smart way
*/
static int
ip6_hopopts_input(u_int32_t *plenp, u_int32_t *rtalertp,
struct mbuf **mp, int *offp)
{
struct mbuf *m = *mp;
int off = *offp, hbhlen;
struct ip6_hbh *hbh;
/* validation of the length of the header */
if (m->m_len < off + sizeof(*hbh)) {
m = m_pullup(m, off + sizeof(*hbh));
if (m == NULL) {
IP6STAT_INC(ip6s_exthdrtoolong);
*mp = NULL;
return (-1);
}
}
hbh = (struct ip6_hbh *)(mtod(m, caddr_t) + off);
hbhlen = (hbh->ip6h_len + 1) << 3;
if (m->m_len < off + hbhlen) {
m = m_pullup(m, off + hbhlen);
if (m == NULL) {
IP6STAT_INC(ip6s_exthdrtoolong);
*mp = NULL;
return (-1);
}
}
hbh = (struct ip6_hbh *)(mtod(m, caddr_t) + off);
off += hbhlen;
hbhlen -= sizeof(struct ip6_hbh);
if (ip6_process_hopopts(m, (u_int8_t *)hbh + sizeof(struct ip6_hbh),
hbhlen, rtalertp, plenp) < 0) {
*mp = NULL;
return (-1);
}
*offp = off;
*mp = m;
return (0);
}
/*
* Search header for all Hop-by-hop options and process each option.
* This function is separate from ip6_hopopts_input() in order to
* handle a case where the sending node itself process its hop-by-hop
* options header. In such a case, the function is called from ip6_output().
*
* The function assumes that hbh header is located right after the IPv6 header
* (RFC2460 p7), opthead is pointer into data content in m, and opthead to
* opthead + hbhlen is located in contiguous memory region.
*/
int
ip6_process_hopopts(struct mbuf *m, u_int8_t *opthead, int hbhlen,
u_int32_t *rtalertp, u_int32_t *plenp)
{
struct ip6_hdr *ip6;
int optlen = 0;
u_int8_t *opt = opthead;
u_int16_t rtalert_val;
u_int32_t jumboplen;
const int erroff = sizeof(struct ip6_hdr) + sizeof(struct ip6_hbh);
for (; hbhlen > 0; hbhlen -= optlen, opt += optlen) {
switch (*opt) {
case IP6OPT_PAD1:
optlen = 1;
break;
case IP6OPT_PADN:
if (hbhlen < IP6OPT_MINLEN) {
IP6STAT_INC(ip6s_toosmall);
goto bad;
}
optlen = *(opt + 1) + 2;
break;
case IP6OPT_ROUTER_ALERT:
/* XXX may need check for alignment */
if (hbhlen < IP6OPT_RTALERT_LEN) {
IP6STAT_INC(ip6s_toosmall);
goto bad;
}
if (*(opt + 1) != IP6OPT_RTALERT_LEN - 2) {
/* XXX stat */
icmp6_error(m, ICMP6_PARAM_PROB,
ICMP6_PARAMPROB_HEADER,
erroff + opt + 1 - opthead);
return (-1);
}
optlen = IP6OPT_RTALERT_LEN;
bcopy((caddr_t)(opt + 2), (caddr_t)&rtalert_val, 2);
*rtalertp = ntohs(rtalert_val);
break;
case IP6OPT_JUMBO:
/* XXX may need check for alignment */
if (hbhlen < IP6OPT_JUMBO_LEN) {
IP6STAT_INC(ip6s_toosmall);
goto bad;
}
if (*(opt + 1) != IP6OPT_JUMBO_LEN - 2) {
/* XXX stat */
icmp6_error(m, ICMP6_PARAM_PROB,
ICMP6_PARAMPROB_HEADER,
erroff + opt + 1 - opthead);
return (-1);
}
optlen = IP6OPT_JUMBO_LEN;
/*
* IPv6 packets that have non 0 payload length
* must not contain a jumbo payload option.
*/
ip6 = mtod(m, struct ip6_hdr *);
if (ip6->ip6_plen) {
IP6STAT_INC(ip6s_badoptions);
icmp6_error(m, ICMP6_PARAM_PROB,
ICMP6_PARAMPROB_HEADER,
erroff + opt - opthead);
return (-1);
}
/*
* We may see jumbolen in unaligned location, so
* we'd need to perform bcopy().
*/
bcopy(opt + 2, &jumboplen, sizeof(jumboplen));
jumboplen = (u_int32_t)htonl(jumboplen);
#if 1
/*
* if there are multiple jumbo payload options,
* *plenp will be non-zero and the packet will be
* rejected.
* the behavior may need some debate in ipngwg -
* multiple options does not make sense, however,
* there's no explicit mention in specification.
*/
if (*plenp != 0) {
IP6STAT_INC(ip6s_badoptions);
icmp6_error(m, ICMP6_PARAM_PROB,
ICMP6_PARAMPROB_HEADER,
erroff + opt + 2 - opthead);
return (-1);
}
#endif
/*
* jumbo payload length must be larger than 65535.
*/
if (jumboplen <= IPV6_MAXPACKET) {
IP6STAT_INC(ip6s_badoptions);
icmp6_error(m, ICMP6_PARAM_PROB,
ICMP6_PARAMPROB_HEADER,
erroff + opt + 2 - opthead);
return (-1);
}
*plenp = jumboplen;
break;
default: /* unknown option */
if (hbhlen < IP6OPT_MINLEN) {
IP6STAT_INC(ip6s_toosmall);
goto bad;
}
optlen = ip6_unknown_opt(opt, m,
erroff + opt - opthead);
if (optlen == -1)
return (-1);
optlen += 2;
break;
}
}
return (0);
bad:
m_freem(m);
return (-1);
}
/*
* Unknown option processing.
* The third argument `off' is the offset from the IPv6 header to the option,
* which is necessary if the IPv6 header the and option header and IPv6 header
* is not contiguous in order to return an ICMPv6 error.
*/
int
ip6_unknown_opt(u_int8_t *optp, struct mbuf *m, int off)
{
struct ip6_hdr *ip6;
switch (IP6OPT_TYPE(*optp)) {
case IP6OPT_TYPE_SKIP: /* ignore the option */
return ((int)*(optp + 1));
case IP6OPT_TYPE_DISCARD: /* silently discard */
m_freem(m);
return (-1);
case IP6OPT_TYPE_FORCEICMP: /* send ICMP even if multicasted */
IP6STAT_INC(ip6s_badoptions);
icmp6_error(m, ICMP6_PARAM_PROB, ICMP6_PARAMPROB_OPTION, off);
return (-1);
case IP6OPT_TYPE_ICMP: /* send ICMP if not multicasted */
IP6STAT_INC(ip6s_badoptions);
ip6 = mtod(m, struct ip6_hdr *);
if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst) ||
(m->m_flags & (M_BCAST|M_MCAST)))
m_freem(m);
else
icmp6_error(m, ICMP6_PARAM_PROB,
ICMP6_PARAMPROB_OPTION, off);
return (-1);
}
m_freem(m); /* XXX: NOTREACHED */
return (-1);
}
/*
* Create the "control" list for this pcb.
* These functions will not modify mbuf chain at all.
*
* The routine will be called from upper layer handlers like tcp6_input().
* Thus the routine assumes that the caller (tcp6_input) have already
* called m_pullup() and all the extension headers are located in the
* very first mbuf on the mbuf chain.
*
* ip6_savecontrol_v4 will handle those options that are possible to be
* set on a v4-mapped socket.
* ip6_savecontrol will directly call ip6_savecontrol_v4 to handle those
* options and handle the v6-only ones itself.
*/
struct mbuf **
ip6_savecontrol_v4(struct inpcb *inp, struct mbuf *m, struct mbuf **mp,
int *v4only)
{
struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
#ifdef SO_TIMESTAMP
if ((inp->inp_socket->so_options & SO_TIMESTAMP) != 0) {
union {
struct timeval tv;
struct bintime bt;
struct timespec ts;
} t;
struct bintime boottimebin, bt1;
struct timespec ts1;
bool stamped;
stamped = false;
switch (inp->inp_socket->so_ts_clock) {
case SO_TS_REALTIME_MICRO:
if ((m->m_flags & (M_PKTHDR | M_TSTMP)) == (M_PKTHDR |
M_TSTMP)) {
mbuf_tstmp2timespec(m, &ts1);
timespec2bintime(&ts1, &bt1);
getboottimebin(&boottimebin);
bintime_add(&bt1, &boottimebin);
bintime2timeval(&bt1, &t.tv);
} else {
microtime(&t.tv);
}
*mp = sbcreatecontrol(&t.tv, sizeof(t.tv),
SCM_TIMESTAMP, SOL_SOCKET, M_NOWAIT);
if (*mp != NULL) {
mp = &(*mp)->m_next;
stamped = true;
}
break;
case SO_TS_BINTIME:
if ((m->m_flags & (M_PKTHDR | M_TSTMP)) == (M_PKTHDR |
M_TSTMP)) {
mbuf_tstmp2timespec(m, &ts1);
timespec2bintime(&ts1, &t.bt);
getboottimebin(&boottimebin);
bintime_add(&t.bt, &boottimebin);
} else {
bintime(&t.bt);
}
*mp = sbcreatecontrol(&t.bt, sizeof(t.bt), SCM_BINTIME,
SOL_SOCKET, M_NOWAIT);
if (*mp != NULL) {
mp = &(*mp)->m_next;
stamped = true;
}
break;
case SO_TS_REALTIME:
if ((m->m_flags & (M_PKTHDR | M_TSTMP)) == (M_PKTHDR |
M_TSTMP)) {
mbuf_tstmp2timespec(m, &t.ts);
getboottimebin(&boottimebin);
bintime2timespec(&boottimebin, &ts1);
timespecadd(&t.ts, &ts1, &t.ts);
} else {
nanotime(&t.ts);
}
*mp = sbcreatecontrol(&t.ts, sizeof(t.ts),
SCM_REALTIME, SOL_SOCKET, M_NOWAIT);
if (*mp != NULL) {
mp = &(*mp)->m_next;
stamped = true;
}
break;
case SO_TS_MONOTONIC:
if ((m->m_flags & (M_PKTHDR | M_TSTMP)) == (M_PKTHDR |
M_TSTMP))
mbuf_tstmp2timespec(m, &t.ts);
else
nanouptime(&t.ts);
*mp = sbcreatecontrol(&t.ts, sizeof(t.ts),
SCM_MONOTONIC, SOL_SOCKET, M_NOWAIT);
if (*mp != NULL) {
mp = &(*mp)->m_next;
stamped = true;
}
break;
default:
panic("unknown (corrupted) so_ts_clock");
}
if (stamped && (m->m_flags & (M_PKTHDR | M_TSTMP)) ==
(M_PKTHDR | M_TSTMP)) {
struct sock_timestamp_info sti;
bzero(&sti, sizeof(sti));
sti.st_info_flags = ST_INFO_HW;
if ((m->m_flags & M_TSTMP_HPREC) != 0)
sti.st_info_flags |= ST_INFO_HW_HPREC;
*mp = sbcreatecontrol(&sti, sizeof(sti), SCM_TIME_INFO,
SOL_SOCKET, M_NOWAIT);
if (*mp != NULL)
mp = &(*mp)->m_next;
}
}
#endif
#define IS2292(inp, x, y) (((inp)->inp_flags & IN6P_RFC2292) ? (x) : (y))
/* RFC 2292 sec. 5 */
if ((inp->inp_flags & IN6P_PKTINFO) != 0) {
struct in6_pktinfo pi6;
if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) {
#ifdef INET
struct ip *ip;
ip = mtod(m, struct ip *);
pi6.ipi6_addr.s6_addr32[0] = 0;
pi6.ipi6_addr.s6_addr32[1] = 0;
pi6.ipi6_addr.s6_addr32[2] = IPV6_ADDR_INT32_SMP;
pi6.ipi6_addr.s6_addr32[3] = ip->ip_dst.s_addr;
#else
/* We won't hit this code */
bzero(&pi6.ipi6_addr, sizeof(struct in6_addr));
#endif
} else {
bcopy(&ip6->ip6_dst, &pi6.ipi6_addr, sizeof(struct in6_addr));
in6_clearscope(&pi6.ipi6_addr); /* XXX */
}
pi6.ipi6_ifindex =
(m && m->m_pkthdr.rcvif) ? m->m_pkthdr.rcvif->if_index : 0;
*mp = sbcreatecontrol(&pi6, sizeof(struct in6_pktinfo),
IS2292(inp, IPV6_2292PKTINFO, IPV6_PKTINFO), IPPROTO_IPV6,
M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
}
if ((inp->inp_flags & IN6P_HOPLIMIT) != 0) {
int hlim;
if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) {
#ifdef INET
struct ip *ip;
ip = mtod(m, struct ip *);
hlim = ip->ip_ttl;
#else
/* We won't hit this code */
hlim = 0;
#endif
} else {
hlim = ip6->ip6_hlim & 0xff;
}
*mp = sbcreatecontrol(&hlim, sizeof(int),
IS2292(inp, IPV6_2292HOPLIMIT, IPV6_HOPLIMIT),
IPPROTO_IPV6, M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
}
if ((inp->inp_flags & IN6P_TCLASS) != 0) {
int tclass;
if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) {
#ifdef INET
struct ip *ip;
ip = mtod(m, struct ip *);
tclass = ip->ip_tos;
#else
/* We won't hit this code */
tclass = 0;
#endif
} else {
u_int32_t flowinfo;
flowinfo = (u_int32_t)ntohl(ip6->ip6_flow & IPV6_FLOWINFO_MASK);
flowinfo >>= 20;
tclass = flowinfo & 0xff;
}
*mp = sbcreatecontrol(&tclass, sizeof(int), IPV6_TCLASS,
IPPROTO_IPV6, M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
}
if (v4only != NULL) {
if ((ip6->ip6_vfc & IPV6_VERSION_MASK) != IPV6_VERSION) {
*v4only = 1;
} else {
*v4only = 0;
}
}
return (mp);
}
void
ip6_savecontrol(struct inpcb *inp, struct mbuf *m, struct mbuf **mp)
{
struct ip6_hdr *ip6;
int v4only = 0;
mp = ip6_savecontrol_v4(inp, m, mp, &v4only);
if (v4only)
return;
ip6 = mtod(m, struct ip6_hdr *);
/*
* IPV6_HOPOPTS socket option. Recall that we required super-user
* privilege for the option (see ip6_ctloutput), but it might be too
* strict, since there might be some hop-by-hop options which can be
* returned to normal user.
* See also RFC 2292 section 6 (or RFC 3542 section 8).
*/
if ((inp->inp_flags & IN6P_HOPOPTS) != 0) {
/*
* Check if a hop-by-hop options header is contatined in the
* received packet, and if so, store the options as ancillary
* data. Note that a hop-by-hop options header must be
* just after the IPv6 header, which is assured through the
* IPv6 input processing.
*/
if (ip6->ip6_nxt == IPPROTO_HOPOPTS) {
struct ip6_hbh *hbh;
u_int hbhlen;
hbh = (struct ip6_hbh *)(ip6 + 1);
hbhlen = (hbh->ip6h_len + 1) << 3;
/*
* XXX: We copy the whole header even if a
* jumbo payload option is included, the option which
* is to be removed before returning according to
* RFC2292.
* Note: this constraint is removed in RFC3542
*/
*mp = sbcreatecontrol(hbh, hbhlen,
IS2292(inp, IPV6_2292HOPOPTS, IPV6_HOPOPTS),
IPPROTO_IPV6, M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
}
}
if ((inp->inp_flags & (IN6P_RTHDR | IN6P_DSTOPTS)) != 0) {
int nxt = ip6->ip6_nxt, off = sizeof(struct ip6_hdr);
/*
* Search for destination options headers or routing
* header(s) through the header chain, and stores each
* header as ancillary data.
* Note that the order of the headers remains in
* the chain of ancillary data.
*/
while (1) { /* is explicit loop prevention necessary? */
struct ip6_ext *ip6e = NULL;
u_int elen;
/*
* if it is not an extension header, don't try to
* pull it from the chain.
*/
switch (nxt) {
case IPPROTO_DSTOPTS:
case IPPROTO_ROUTING:
case IPPROTO_HOPOPTS:
case IPPROTO_AH: /* is it possible? */
break;
default:
goto loopend;
}
if (off + sizeof(*ip6e) > m->m_len)
goto loopend;
ip6e = (struct ip6_ext *)(mtod(m, caddr_t) + off);
if (nxt == IPPROTO_AH)
elen = (ip6e->ip6e_len + 2) << 2;
else
elen = (ip6e->ip6e_len + 1) << 3;
if (off + elen > m->m_len)
goto loopend;
switch (nxt) {
case IPPROTO_DSTOPTS:
if (!(inp->inp_flags & IN6P_DSTOPTS))
break;
*mp = sbcreatecontrol(ip6e, elen,
IS2292(inp, IPV6_2292DSTOPTS, IPV6_DSTOPTS),
IPPROTO_IPV6, M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
break;
case IPPROTO_ROUTING:
if (!(inp->inp_flags & IN6P_RTHDR))
break;
*mp = sbcreatecontrol(ip6e, elen,
IS2292(inp, IPV6_2292RTHDR, IPV6_RTHDR),
IPPROTO_IPV6, M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
break;
case IPPROTO_HOPOPTS:
case IPPROTO_AH: /* is it possible? */
break;
default:
/*
* other cases have been filtered in the above.
* none will visit this case. here we supply
* the code just in case (nxt overwritten or
* other cases).
*/
goto loopend;
}
/* proceed with the next header. */
off += elen;
nxt = ip6e->ip6e_nxt;
ip6e = NULL;
}
loopend:
;
}
if (inp->inp_flags2 & INP_RECVFLOWID) {
uint32_t flowid, flow_type;
flowid = m->m_pkthdr.flowid;
flow_type = M_HASHTYPE_GET(m);
/*
* XXX should handle the failure of one or the
* other - don't populate both?
*/
*mp = sbcreatecontrol(&flowid, sizeof(uint32_t), IPV6_FLOWID,
IPPROTO_IPV6, M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
*mp = sbcreatecontrol(&flow_type, sizeof(uint32_t),
IPV6_FLOWTYPE, IPPROTO_IPV6, M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
}
#ifdef RSS
if (inp->inp_flags2 & INP_RECVRSSBUCKETID) {
uint32_t flowid, flow_type;
uint32_t rss_bucketid;
flowid = m->m_pkthdr.flowid;
flow_type = M_HASHTYPE_GET(m);
if (rss_hash2bucket(flowid, flow_type, &rss_bucketid) == 0) {
*mp = sbcreatecontrol(&rss_bucketid, sizeof(uint32_t),
IPV6_RSSBUCKETID, IPPROTO_IPV6, M_NOWAIT);
if (*mp)
mp = &(*mp)->m_next;
}
}
#endif
}
#undef IS2292
void
ip6_notify_pmtu(struct inpcb *inp, struct sockaddr_in6 *dst, u_int32_t mtu)
{
struct socket *so;
struct mbuf *m_mtu;
struct ip6_mtuinfo mtuctl;
KASSERT(inp != NULL, ("%s: inp == NULL", __func__));
/*
* Notify the error by sending IPV6_PATHMTU ancillary data if
* application wanted to know the MTU value.
* NOTE: we notify disconnected sockets, because some udp
* applications keep sending sockets disconnected.
* NOTE: our implementation doesn't notify connected sockets that has
* foreign address that is different than given destination addresses
* (this is permitted by RFC 3542).
*/
if ((inp->inp_flags & IN6P_MTU) == 0 || (
!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr) &&
!IN6_ARE_ADDR_EQUAL(&inp->in6p_faddr, &dst->sin6_addr)))
return;
mtuctl.ip6m_mtu = mtu;
mtuctl.ip6m_addr = *dst;
if (sa6_recoverscope(&mtuctl.ip6m_addr))
return;
if ((m_mtu = sbcreatecontrol(&mtuctl, sizeof(mtuctl), IPV6_PATHMTU,
IPPROTO_IPV6, M_NOWAIT)) == NULL)
return;
so = inp->inp_socket;
if (sbappendaddr(&so->so_rcv, (struct sockaddr *)dst, NULL, m_mtu)
== 0) {
soroverflow(so);
m_freem(m_mtu);
/* XXX: should count statistics */
} else
sorwakeup(so);
}
/*
* Get pointer to the previous header followed by the header
* currently processed.
*/
int
ip6_get_prevhdr(const struct mbuf *m, int off)
{
struct ip6_ext ip6e;
struct ip6_hdr *ip6;
int len, nlen, nxt;
if (off == sizeof(struct ip6_hdr))
return (offsetof(struct ip6_hdr, ip6_nxt));
if (off < sizeof(struct ip6_hdr))
panic("%s: off < sizeof(struct ip6_hdr)", __func__);
ip6 = mtod(m, struct ip6_hdr *);
nxt = ip6->ip6_nxt;
len = sizeof(struct ip6_hdr);
nlen = 0;
while (len < off) {
m_copydata(m, len, sizeof(ip6e), (caddr_t)&ip6e);
switch (nxt) {
case IPPROTO_FRAGMENT:
nlen = sizeof(struct ip6_frag);
break;
case IPPROTO_AH:
nlen = (ip6e.ip6e_len + 2) << 2;
break;
default:
nlen = (ip6e.ip6e_len + 1) << 3;
}
len += nlen;
nxt = ip6e.ip6e_nxt;
}
return (len - nlen);
}
/*
* get next header offset. m will be retained.
*/
int
ip6_nexthdr(const struct mbuf *m, int off, int proto, int *nxtp)
{
struct ip6_hdr ip6;
struct ip6_ext ip6e;
struct ip6_frag fh;
/* just in case */
if (m == NULL)
panic("ip6_nexthdr: m == NULL");
if ((m->m_flags & M_PKTHDR) == 0 || m->m_pkthdr.len < off)
return -1;
switch (proto) {
case IPPROTO_IPV6:
if (m->m_pkthdr.len < off + sizeof(ip6))
return -1;
m_copydata(m, off, sizeof(ip6), (caddr_t)&ip6);
if (nxtp)
*nxtp = ip6.ip6_nxt;
off += sizeof(ip6);
return off;
case IPPROTO_FRAGMENT:
/*
* terminate parsing if it is not the first fragment,
* it does not make sense to parse through it.
*/
if (m->m_pkthdr.len < off + sizeof(fh))
return -1;
m_copydata(m, off, sizeof(fh), (caddr_t)&fh);
/* IP6F_OFF_MASK = 0xfff8(BigEndian), 0xf8ff(LittleEndian) */
if (fh.ip6f_offlg & IP6F_OFF_MASK)
return -1;
if (nxtp)
*nxtp = fh.ip6f_nxt;
off += sizeof(struct ip6_frag);
return off;
case IPPROTO_AH:
if (m->m_pkthdr.len < off + sizeof(ip6e))
return -1;
m_copydata(m, off, sizeof(ip6e), (caddr_t)&ip6e);
if (nxtp)
*nxtp = ip6e.ip6e_nxt;
off += (ip6e.ip6e_len + 2) << 2;
return off;
case IPPROTO_HOPOPTS:
case IPPROTO_ROUTING:
case IPPROTO_DSTOPTS:
if (m->m_pkthdr.len < off + sizeof(ip6e))
return -1;
m_copydata(m, off, sizeof(ip6e), (caddr_t)&ip6e);
if (nxtp)
*nxtp = ip6e.ip6e_nxt;
off += (ip6e.ip6e_len + 1) << 3;
return off;
case IPPROTO_NONE:
case IPPROTO_ESP:
case IPPROTO_IPCOMP:
/* give up */
return -1;
default:
return -1;
}
/* NOTREACHED */
}
/*
* get offset for the last header in the chain. m will be kept untainted.
*/
int
ip6_lasthdr(const struct mbuf *m, int off, int proto, int *nxtp)
{
int newoff;
int nxt;
if (!nxtp) {
nxt = -1;
nxtp = &nxt;
}
while (1) {
newoff = ip6_nexthdr(m, off, proto, nxtp);
if (newoff < 0)
return off;
else if (newoff < off)
return -1; /* invalid */
else if (newoff == off)
return newoff;
off = newoff;
proto = *nxtp;
}
}
diff --git a/sys/netpfil/ipfilter/netinet/ip_fil_freebsd.c b/sys/netpfil/ipfilter/netinet/ip_fil_freebsd.c
index 1922880e90df..bcde0d2c7323 100644
--- a/sys/netpfil/ipfilter/netinet/ip_fil_freebsd.c
+++ b/sys/netpfil/ipfilter/netinet/ip_fil_freebsd.c
@@ -1,1458 +1,1462 @@
/*
* Copyright (C) 2012 by Darren Reed.
*
* See the IPFILTER.LICENCE file for details on licencing.
*/
#if defined(KERNEL) || defined(_KERNEL)
# undef KERNEL
# undef _KERNEL
# define KERNEL 1
# define _KERNEL 1
#endif
#if defined(__FreeBSD__) && \
!defined(KLD_MODULE) && !defined(IPFILTER_LKM)
# include "opt_inet6.h"
#endif
#include <sys/param.h>
#include <sys/eventhandler.h>
#include <sys/conf.h>
#include <sys/errno.h>
#include <sys/types.h>
#include <sys/file.h>
#include <sys/fcntl.h>
#include <sys/filio.h>
#include <sys/time.h>
#include <sys/systm.h>
#include <sys/dirent.h>
#if defined(__FreeBSD__)
# include <sys/jail.h>
#endif
#include <sys/malloc.h>
#include <sys/mbuf.h>
#include <sys/sockopt.h>
#include <sys/socket.h>
#include <sys/selinfo.h>
#include <net/if.h>
#include <net/if_var.h>
#include <net/netisr.h>
#include <net/route.h>
#include <net/route/nhop.h>
#include <netinet/in.h>
#include <netinet/in_fib.h>
#include <netinet/in_pcb.h>
#include <netinet/in_var.h>
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/ip_var.h>
#include <netinet/tcp.h>
#include <netinet/tcp_var.h>
#include <net/vnet.h>
#include <netinet/udp.h>
#include <netinet/tcpip.h>
#include <netinet/ip_icmp.h>
#include "netinet/ip_compat.h"
#ifdef USE_INET6
# include <netinet/icmp6.h>
#endif
#include "netinet/ip_fil.h"
#include "netinet/ip_nat.h"
#include "netinet/ip_frag.h"
#include "netinet/ip_state.h"
#include "netinet/ip_proxy.h"
#include "netinet/ip_auth.h"
#include "netinet/ip_sync.h"
#include "netinet/ip_lookup.h"
#include "netinet/ip_dstlist.h"
#ifdef IPFILTER_SCAN
# include "netinet/ip_scan.h"
#endif
#include "netinet/ip_pool.h"
#include <sys/malloc.h>
#include <sys/kernel.h>
#ifdef CSUM_DATA_VALID
# include <machine/in_cksum.h>
#endif
extern int ip_optcopy(struct ip *, struct ip *);
#ifdef IPFILTER_M_IPFILTER
MALLOC_DEFINE(M_IPFILTER, "ipfilter", "IP Filter packet filter data structures");
#endif
static int ipf_send_ip(fr_info_t *, mb_t *);
static void ipf_timer_func(void *arg);
VNET_DEFINE(ipf_main_softc_t, ipfmain) = {
.ipf_running = -2,
};
#define V_ipfmain VNET(ipfmain)
#include <sys/conf.h>
#include <net/pfil.h>
VNET_DEFINE_STATIC(eventhandler_tag, ipf_arrivetag);
VNET_DEFINE_STATIC(eventhandler_tag, ipf_departtag);
#define V_ipf_arrivetag VNET(ipf_arrivetag)
#define V_ipf_departtag VNET(ipf_departtag)
#if 0
/*
* Disable the "cloner" event handler; we are getting interface
* events before the firewall is fully initiallized and also no vnet
* information thus leading to uninitialised memory accesses.
* In addition it is unclear why we need it in first place.
* If it turns out to be needed, well need a dedicated event handler
* for it to deal with the ifc and the correct vnet.
*/
VNET_DEFINE_STATIC(eventhandler_tag, ipf_clonetag);
#define V_ipf_clonetag VNET(ipf_clonetag)
#endif
static void ipf_ifevent(void *arg, struct ifnet *ifp);
static void ipf_ifevent(void *arg, struct ifnet *ifp)
{
CURVNET_SET(ifp->if_vnet);
if (V_ipfmain.ipf_running > 0)
ipf_sync(&V_ipfmain, NULL);
CURVNET_RESTORE();
}
static pfil_return_t
ipf_check_wrapper(struct mbuf **mp, struct ifnet *ifp, int flags,
void *ruleset __unused, struct inpcb *inp)
{
struct ip *ip = mtod(*mp, struct ip *);
pfil_return_t rv;
CURVNET_SET(ifp->if_vnet);
rv = ipf_check(&V_ipfmain, ip, ip->ip_hl << 2, ifp,
!!(flags & PFIL_OUT), mp);
CURVNET_RESTORE();
+ if (rv == 0 && *mp == NULL)
+ return (PFIL_CONSUMED);
return (rv == 0 ? PFIL_PASS : PFIL_DROPPED);
}
#ifdef USE_INET6
static pfil_return_t
ipf_check_wrapper6(struct mbuf **mp, struct ifnet *ifp, int flags,
void *ruleset __unused, struct inpcb *inp)
{
pfil_return_t rv;
CURVNET_SET(ifp->if_vnet);
rv = ipf_check(&V_ipfmain, mtod(*mp, struct ip *),
sizeof(struct ip6_hdr), ifp, !!(flags & PFIL_OUT), mp);
CURVNET_RESTORE();
+ if (rv == 0 && *mp == NULL)
+ return (PFIL_CONSUMED);
return (rv == 0 ? PFIL_PASS : PFIL_DROPPED);
}
# endif
#if defined(IPFILTER_LKM)
int ipf_identify(char *s)
{
if (strcmp(s, "ipl") == 0)
return (1);
return (0);
}
#endif /* IPFILTER_LKM */
static void
ipf_timer_func(void *arg)
{
ipf_main_softc_t *softc = arg;
SPL_INT(s);
SPL_NET(s);
READ_ENTER(&softc->ipf_global);
if (softc->ipf_running > 0)
ipf_slowtimer(softc);
if (softc->ipf_running == -1 || softc->ipf_running == 1) {
#if 0
softc->ipf_slow_ch = timeout(ipf_timer_func, softc, hz/2);
#endif
callout_init(&softc->ipf_slow_ch, 1);
callout_reset(&softc->ipf_slow_ch,
(hz / IPF_HZ_DIVIDE) * IPF_HZ_MULT,
ipf_timer_func, softc);
}
RWLOCK_EXIT(&softc->ipf_global);
SPL_X(s);
}
int
ipfattach(ipf_main_softc_t *softc)
{
#ifdef USE_SPL
int s;
#endif
SPL_NET(s);
if (softc->ipf_running > 0) {
SPL_X(s);
return (EBUSY);
}
if (ipf_init_all(softc) < 0) {
SPL_X(s);
return (EIO);
}
bzero((char *)V_ipfmain.ipf_selwait, sizeof(V_ipfmain.ipf_selwait));
softc->ipf_running = 1;
if (softc->ipf_control_forwarding & 1)
V_ipforwarding = 1;
SPL_X(s);
#if 0
softc->ipf_slow_ch = timeout(ipf_timer_func, softc,
(hz / IPF_HZ_DIVIDE) * IPF_HZ_MULT);
#endif
callout_init(&softc->ipf_slow_ch, 1);
callout_reset(&softc->ipf_slow_ch, (hz / IPF_HZ_DIVIDE) * IPF_HZ_MULT,
ipf_timer_func, softc);
return (0);
}
/*
* Disable the filter by removing the hooks from the IP input/output
* stream.
*/
int
ipfdetach(ipf_main_softc_t *softc)
{
#ifdef USE_SPL
int s;
#endif
if (softc->ipf_control_forwarding & 2)
V_ipforwarding = 0;
SPL_NET(s);
#if 0
if (softc->ipf_slow_ch.callout != NULL)
untimeout(ipf_timer_func, softc, softc->ipf_slow_ch);
bzero(&softc->ipf_slow, sizeof(softc->ipf_slow));
#endif
callout_drain(&softc->ipf_slow_ch);
ipf_fini_all(softc);
softc->ipf_running = -2;
SPL_X(s);
return (0);
}
/*
* Filter ioctl interface.
*/
int
ipfioctl(struct cdev *dev, ioctlcmd_t cmd, caddr_t data,
int mode, struct thread *p)
#define p_cred td_ucred
#define p_uid td_ucred->cr_ruid
{
int error = 0, unit = 0;
SPL_INT(s);
CURVNET_SET(TD_TO_VNET(p));
if (securelevel_ge(p->p_cred, 3) && (mode & FWRITE))
{
V_ipfmain.ipf_interror = 130001;
CURVNET_RESTORE();
return (EPERM);
}
if (jailed_without_vnet(p->p_cred)) {
V_ipfmain.ipf_interror = 130018;
CURVNET_RESTORE();
return (EOPNOTSUPP);
}
unit = GET_MINOR(dev);
if ((IPL_LOGMAX < unit) || (unit < 0)) {
V_ipfmain.ipf_interror = 130002;
CURVNET_RESTORE();
return (ENXIO);
}
if (V_ipfmain.ipf_running <= 0) {
if (unit != IPL_LOGIPF && cmd != SIOCIPFINTERROR) {
V_ipfmain.ipf_interror = 130003;
CURVNET_RESTORE();
return (EIO);
}
if (cmd != SIOCIPFGETNEXT && cmd != SIOCIPFGET &&
cmd != SIOCIPFSET && cmd != SIOCFRENB &&
cmd != SIOCGETFS && cmd != SIOCGETFF &&
cmd != SIOCIPFINTERROR) {
V_ipfmain.ipf_interror = 130004;
CURVNET_RESTORE();
return (EIO);
}
}
SPL_NET(s);
error = ipf_ioctlswitch(&V_ipfmain, unit, data, cmd, mode, p->p_uid, p);
CURVNET_RESTORE();
if (error != -1) {
SPL_X(s);
return (error);
}
SPL_X(s);
return (error);
}
/*
* ipf_send_reset - this could conceivably be a call to tcp_respond(), but that
* requires a large amount of setting up and isn't any more efficient.
*/
int
ipf_send_reset(fr_info_t *fin)
{
struct tcphdr *tcp, *tcp2;
int tlen = 0, hlen;
struct mbuf *m;
#ifdef USE_INET6
ip6_t *ip6;
#endif
ip_t *ip;
tcp = fin->fin_dp;
if (tcp->th_flags & TH_RST)
return (-1); /* feedback loop */
if (ipf_checkl4sum(fin) == -1)
return (-1);
tlen = fin->fin_dlen - (TCP_OFF(tcp) << 2) +
((tcp->th_flags & TH_SYN) ? 1 : 0) +
((tcp->th_flags & TH_FIN) ? 1 : 0);
#ifdef USE_INET6
hlen = (fin->fin_v == 6) ? sizeof(ip6_t) : sizeof(ip_t);
#else
hlen = sizeof(ip_t);
#endif
#ifdef MGETHDR
MGETHDR(m, M_NOWAIT, MT_HEADER);
#else
MGET(m, M_NOWAIT, MT_HEADER);
#endif
if (m == NULL)
return (-1);
if (sizeof(*tcp2) + hlen > MLEN) {
if (!(MCLGET(m, M_NOWAIT))) {
FREE_MB_T(m);
return (-1);
}
}
m->m_len = sizeof(*tcp2) + hlen;
m->m_data += max_linkhdr;
m->m_pkthdr.len = m->m_len;
m->m_pkthdr.rcvif = (struct ifnet *)0;
ip = mtod(m, struct ip *);
bzero((char *)ip, hlen);
#ifdef USE_INET6
ip6 = (ip6_t *)ip;
#endif
tcp2 = (struct tcphdr *)((char *)ip + hlen);
tcp2->th_sport = tcp->th_dport;
tcp2->th_dport = tcp->th_sport;
if (tcp_get_flags(tcp) & TH_ACK) {
tcp2->th_seq = tcp->th_ack;
tcp_set_flags(tcp2, TH_RST);
tcp2->th_ack = 0;
} else {
tcp2->th_seq = 0;
tcp2->th_ack = ntohl(tcp->th_seq);
tcp2->th_ack += tlen;
tcp2->th_ack = htonl(tcp2->th_ack);
tcp_set_flags(tcp2, TH_RST|TH_ACK);
}
TCP_OFF_A(tcp2, sizeof(*tcp2) >> 2);
tcp2->th_win = tcp->th_win;
tcp2->th_sum = 0;
tcp2->th_urp = 0;
#ifdef USE_INET6
if (fin->fin_v == 6) {
ip6->ip6_flow = ((ip6_t *)fin->fin_ip)->ip6_flow;
ip6->ip6_plen = htons(sizeof(struct tcphdr));
ip6->ip6_nxt = IPPROTO_TCP;
ip6->ip6_hlim = 0;
ip6->ip6_src = fin->fin_dst6.in6;
ip6->ip6_dst = fin->fin_src6.in6;
tcp2->th_sum = in6_cksum(m, IPPROTO_TCP,
sizeof(*ip6), sizeof(*tcp2));
return (ipf_send_ip(fin, m));
}
#endif
ip->ip_p = IPPROTO_TCP;
ip->ip_len = htons(sizeof(struct tcphdr));
ip->ip_src.s_addr = fin->fin_daddr;
ip->ip_dst.s_addr = fin->fin_saddr;
tcp2->th_sum = in_cksum(m, hlen + sizeof(*tcp2));
ip->ip_len = htons(hlen + sizeof(*tcp2));
return (ipf_send_ip(fin, m));
}
/*
* ip_len must be in network byte order when called.
*/
static int
ipf_send_ip(fr_info_t *fin, mb_t *m)
{
fr_info_t fnew;
ip_t *ip, *oip;
int hlen;
ip = mtod(m, ip_t *);
bzero((char *)&fnew, sizeof(fnew));
fnew.fin_main_soft = fin->fin_main_soft;
IP_V_A(ip, fin->fin_v);
switch (fin->fin_v)
{
case 4 :
oip = fin->fin_ip;
hlen = sizeof(*oip);
fnew.fin_v = 4;
fnew.fin_p = ip->ip_p;
fnew.fin_plen = ntohs(ip->ip_len);
IP_HL_A(ip, sizeof(*oip) >> 2);
ip->ip_tos = oip->ip_tos;
ip->ip_id = fin->fin_ip->ip_id;
ip->ip_off = htons(V_path_mtu_discovery ? IP_DF : 0);
ip->ip_ttl = V_ip_defttl;
ip->ip_sum = 0;
break;
#ifdef USE_INET6
case 6 :
{
ip6_t *ip6 = (ip6_t *)ip;
ip6->ip6_vfc = 0x60;
ip6->ip6_hlim = IPDEFTTL;
hlen = sizeof(*ip6);
fnew.fin_p = ip6->ip6_nxt;
fnew.fin_v = 6;
fnew.fin_plen = ntohs(ip6->ip6_plen) + hlen;
break;
}
#endif
default :
return (EINVAL);
}
#ifdef IPSEC_SUPPORT
m->m_pkthdr.rcvif = NULL;
#endif
fnew.fin_ifp = fin->fin_ifp;
fnew.fin_flx = FI_NOCKSUM;
fnew.fin_m = m;
fnew.fin_ip = ip;
fnew.fin_mp = &m;
fnew.fin_hlen = hlen;
fnew.fin_dp = (char *)ip + hlen;
(void) ipf_makefrip(hlen, ip, &fnew);
return (ipf_fastroute(m, &m, &fnew, NULL));
}
int
ipf_send_icmp_err(int type, fr_info_t *fin, int dst)
{
int err, hlen, xtra, iclen, ohlen, avail, code;
struct in_addr dst4;
struct icmp *icmp;
struct mbuf *m;
i6addr_t dst6;
void *ifp;
#ifdef USE_INET6
ip6_t *ip6;
#endif
ip_t *ip, *ip2;
if ((type < 0) || (type >= ICMP_MAXTYPE))
return (-1);
code = fin->fin_icode;
#ifdef USE_INET6
/* See NetBSD ip_fil_netbsd.c r1.4: */
if ((code < 0) || (code >= sizeof(icmptoicmp6unreach)/sizeof(int)))
return (-1);
#endif
if (ipf_checkl4sum(fin) == -1)
return (-1);
#ifdef MGETHDR
MGETHDR(m, M_NOWAIT, MT_HEADER);
#else
MGET(m, M_NOWAIT, MT_HEADER);
#endif
if (m == NULL)
return (-1);
avail = MHLEN;
xtra = 0;
hlen = 0;
ohlen = 0;
dst4.s_addr = 0;
ifp = fin->fin_ifp;
if (fin->fin_v == 4) {
if ((fin->fin_p == IPPROTO_ICMP) && !(fin->fin_flx & FI_SHORT))
switch (ntohs(fin->fin_data[0]) >> 8)
{
case ICMP_ECHO :
case ICMP_TSTAMP :
case ICMP_IREQ :
case ICMP_MASKREQ :
break;
default :
FREE_MB_T(m);
return (0);
}
if (dst == 0) {
if (ipf_ifpaddr(&V_ipfmain, 4, FRI_NORMAL, ifp,
&dst6, NULL) == -1) {
FREE_MB_T(m);
return (-1);
}
dst4 = dst6.in4;
} else
dst4.s_addr = fin->fin_daddr;
hlen = sizeof(ip_t);
ohlen = fin->fin_hlen;
iclen = hlen + offsetof(struct icmp, icmp_ip) + ohlen;
if (fin->fin_hlen < fin->fin_plen)
xtra = MIN(fin->fin_dlen, 8);
else
xtra = 0;
}
#ifdef USE_INET6
else if (fin->fin_v == 6) {
hlen = sizeof(ip6_t);
ohlen = sizeof(ip6_t);
iclen = hlen + offsetof(struct icmp, icmp_ip) + ohlen;
type = icmptoicmp6types[type];
if (type == ICMP6_DST_UNREACH)
code = icmptoicmp6unreach[code];
if (iclen + max_linkhdr + fin->fin_plen > avail) {
if (!(MCLGET(m, M_NOWAIT))) {
FREE_MB_T(m);
return (-1);
}
avail = MCLBYTES;
}
xtra = MIN(fin->fin_plen, avail - iclen - max_linkhdr);
xtra = MIN(xtra, IPV6_MMTU - iclen);
if (dst == 0) {
if (ipf_ifpaddr(&V_ipfmain, 6, FRI_NORMAL, ifp,
&dst6, NULL) == -1) {
FREE_MB_T(m);
return (-1);
}
} else
dst6 = fin->fin_dst6;
}
#endif
else {
FREE_MB_T(m);
return (-1);
}
avail -= (max_linkhdr + iclen);
if (avail < 0) {
FREE_MB_T(m);
return (-1);
}
if (xtra > avail)
xtra = avail;
iclen += xtra;
m->m_data += max_linkhdr;
m->m_pkthdr.rcvif = (struct ifnet *)0;
m->m_pkthdr.len = iclen;
m->m_len = iclen;
ip = mtod(m, ip_t *);
icmp = (struct icmp *)((char *)ip + hlen);
ip2 = (ip_t *)&icmp->icmp_ip;
icmp->icmp_type = type;
icmp->icmp_code = fin->fin_icode;
icmp->icmp_cksum = 0;
#ifdef icmp_nextmtu
if (type == ICMP_UNREACH && fin->fin_icode == ICMP_UNREACH_NEEDFRAG) {
if (fin->fin_mtu != 0) {
icmp->icmp_nextmtu = htons(fin->fin_mtu);
} else if (ifp != NULL) {
icmp->icmp_nextmtu = htons(GETIFMTU_4(ifp));
} else { /* make up a number... */
icmp->icmp_nextmtu = htons(fin->fin_plen - 20);
}
}
#endif
bcopy((char *)fin->fin_ip, (char *)ip2, ohlen);
#ifdef USE_INET6
ip6 = (ip6_t *)ip;
if (fin->fin_v == 6) {
ip6->ip6_flow = ((ip6_t *)fin->fin_ip)->ip6_flow;
ip6->ip6_plen = htons(iclen - hlen);
ip6->ip6_nxt = IPPROTO_ICMPV6;
ip6->ip6_hlim = 0;
ip6->ip6_src = dst6.in6;
ip6->ip6_dst = fin->fin_src6.in6;
if (xtra > 0)
bcopy((char *)fin->fin_ip + ohlen,
(char *)&icmp->icmp_ip + ohlen, xtra);
icmp->icmp_cksum = in6_cksum(m, IPPROTO_ICMPV6,
sizeof(*ip6), iclen - hlen);
} else
#endif
{
ip->ip_p = IPPROTO_ICMP;
ip->ip_src.s_addr = dst4.s_addr;
ip->ip_dst.s_addr = fin->fin_saddr;
if (xtra > 0)
bcopy((char *)fin->fin_ip + ohlen,
(char *)&icmp->icmp_ip + ohlen, xtra);
icmp->icmp_cksum = ipf_cksum((u_short *)icmp,
sizeof(*icmp) + 8);
ip->ip_len = htons(iclen);
ip->ip_p = IPPROTO_ICMP;
}
err = ipf_send_ip(fin, m);
return (err);
}
/*
* m0 - pointer to mbuf where the IP packet starts
* mpp - pointer to the mbuf pointer that is the start of the mbuf chain
*/
int
ipf_fastroute(mb_t *m0, mb_t **mpp, fr_info_t *fin, frdest_t *fdp)
{
register struct ip *ip, *mhip;
register struct mbuf *m = *mpp;
int len, off, error = 0, hlen, code;
struct ifnet *ifp, *sifp;
struct route ro;
struct sockaddr_in *dst;
const struct sockaddr *gw;
struct nhop_object *nh;
u_long fibnum = 0;
u_short ip_off;
frdest_t node;
frentry_t *fr;
#ifdef M_WRITABLE
/*
* HOT FIX/KLUDGE:
*
* If the mbuf we're about to send is not writable (because of
* a cluster reference, for example) we'll need to make a copy
* of it since this routine modifies the contents.
*
* If you have non-crappy network hardware that can transmit data
* from the mbuf, rather than making a copy, this is gonna be a
* problem.
*/
if (M_WRITABLE(m) == 0) {
m0 = m_dup(m, M_NOWAIT);
if (m0 != NULL) {
FREE_MB_T(m);
m = m0;
*mpp = m;
} else {
error = ENOBUFS;
FREE_MB_T(m);
goto done;
}
}
#endif
#ifdef USE_INET6
if (fin->fin_v == 6) {
/*
* currently "to <if>" and "to <if>:ip#" are not supported
* for IPv6
*/
return (ip6_output(m, NULL, NULL, 0, NULL, NULL, NULL));
}
#endif
hlen = fin->fin_hlen;
ip = mtod(m0, struct ip *);
ifp = NULL;
/*
* Route packet.
*/
bzero(&ro, sizeof (ro));
dst = (struct sockaddr_in *)&ro.ro_dst;
dst->sin_family = AF_INET;
dst->sin_addr = ip->ip_dst;
dst->sin_len = sizeof(dst);
gw = (const struct sockaddr *)dst;
fr = fin->fin_fr;
if ((fr != NULL) && !(fr->fr_flags & FR_KEEPSTATE) && (fdp != NULL) &&
(fdp->fd_type == FRD_DSTLIST)) {
if (ipf_dstlist_select_node(fin, fdp->fd_ptr, NULL, &node) == 0)
fdp = &node;
}
if (fdp != NULL)
ifp = fdp->fd_ptr;
else
ifp = fin->fin_ifp;
if ((ifp == NULL) && ((fr == NULL) || !(fr->fr_flags & FR_FASTROUTE))) {
error = -2;
goto bad;
}
if ((fdp != NULL) && (fdp->fd_ip.s_addr != 0))
dst->sin_addr = fdp->fd_ip;
fibnum = M_GETFIB(m0);
NET_EPOCH_ASSERT();
nh = fib4_lookup(fibnum, dst->sin_addr, 0, NHR_NONE, 0);
if (nh == NULL) {
if (in_localaddr(ip->ip_dst))
error = EHOSTUNREACH;
else
error = ENETUNREACH;
goto bad;
}
if (ifp == NULL)
ifp = nh->nh_ifp;
if (nh->nh_flags & NHF_GATEWAY) {
gw = &nh->gw_sa;
ro.ro_flags |= RT_HAS_GW;
}
/*
* For input packets which are being "fastrouted", they won't
* go back through output filtering and miss their chance to get
* NAT'd and counted. Duplicated packets aren't considered to be
* part of the normal packet stream, so do not NAT them or pass
* them through stateful checking, etc.
*/
if ((fdp != &fr->fr_dif) && (fin->fin_out == 0)) {
sifp = fin->fin_ifp;
fin->fin_ifp = ifp;
fin->fin_out = 1;
(void) ipf_acctpkt(fin, NULL);
fin->fin_fr = NULL;
if (!fr || !(fr->fr_flags & FR_RETMASK)) {
u_32_t pass;
(void) ipf_state_check(fin, &pass);
}
switch (ipf_nat_checkout(fin, NULL))
{
case 0 :
break;
case 1 :
ip->ip_sum = 0;
break;
case -1 :
error = -1;
goto bad;
break;
}
fin->fin_ifp = sifp;
fin->fin_out = 0;
} else
ip->ip_sum = 0;
/*
* If small enough for interface, can just send directly.
*/
if (ntohs(ip->ip_len) <= ifp->if_mtu) {
if (!ip->ip_sum)
ip->ip_sum = in_cksum(m, hlen);
error = (*ifp->if_output)(ifp, m, gw, &ro);
goto done;
}
/*
* Too large for interface; fragment if possible.
* Must be able to put at least 8 bytes per fragment.
*/
ip_off = ntohs(ip->ip_off);
if (ip_off & IP_DF) {
error = EMSGSIZE;
goto bad;
}
len = (ifp->if_mtu - hlen) &~ 7;
if (len < 8) {
error = EMSGSIZE;
goto bad;
}
{
int mhlen, firstlen = len;
struct mbuf **mnext = &m->m_act;
/*
* Loop through length of segment after first fragment,
* make new header and copy data of each part and link onto chain.
*/
m0 = m;
mhlen = sizeof (struct ip);
for (off = hlen + len; off < ntohs(ip->ip_len); off += len) {
#ifdef MGETHDR
MGETHDR(m, M_NOWAIT, MT_HEADER);
#else
MGET(m, M_NOWAIT, MT_HEADER);
#endif
if (m == NULL) {
m = m0;
error = ENOBUFS;
goto bad;
}
m->m_data += max_linkhdr;
mhip = mtod(m, struct ip *);
bcopy((char *)ip, (char *)mhip, sizeof(*ip));
if (hlen > sizeof (struct ip)) {
mhlen = ip_optcopy(ip, mhip) + sizeof (struct ip);
IP_HL_A(mhip, mhlen >> 2);
}
m->m_len = mhlen;
mhip->ip_off = ((off - hlen) >> 3) + ip_off;
if (off + len >= ntohs(ip->ip_len))
len = ntohs(ip->ip_len) - off;
else
mhip->ip_off |= IP_MF;
mhip->ip_len = htons((u_short)(len + mhlen));
*mnext = m;
m->m_next = m_copym(m0, off, len, M_NOWAIT);
if (m->m_next == 0) {
error = ENOBUFS; /* ??? */
goto sendorfree;
}
m->m_pkthdr.len = mhlen + len;
m->m_pkthdr.rcvif = NULL;
mhip->ip_off = htons((u_short)mhip->ip_off);
mhip->ip_sum = 0;
mhip->ip_sum = in_cksum(m, mhlen);
mnext = &m->m_act;
}
/*
* Update first fragment by trimming what's been copied out
* and updating header, then send each fragment (in order).
*/
m_adj(m0, hlen + firstlen - ip->ip_len);
ip->ip_len = htons((u_short)(hlen + firstlen));
ip->ip_off = htons((u_short)IP_MF);
ip->ip_sum = 0;
ip->ip_sum = in_cksum(m0, hlen);
sendorfree:
for (m = m0; m; m = m0) {
m0 = m->m_act;
m->m_act = 0;
if (error == 0)
error = (*ifp->if_output)(ifp, m, gw, &ro);
else
FREE_MB_T(m);
}
}
done:
if (!error)
V_ipfmain.ipf_frouteok[0]++;
else
V_ipfmain.ipf_frouteok[1]++;
return (0);
bad:
if (error == EMSGSIZE) {
sifp = fin->fin_ifp;
code = fin->fin_icode;
fin->fin_icode = ICMP_UNREACH_NEEDFRAG;
fin->fin_ifp = ifp;
(void) ipf_send_icmp_err(ICMP_UNREACH, fin, 1);
fin->fin_ifp = sifp;
fin->fin_icode = code;
}
FREE_MB_T(m);
goto done;
}
int
ipf_verifysrc(fr_info_t *fin)
{
struct nhop_object *nh;
NET_EPOCH_ASSERT();
nh = fib4_lookup(RT_DEFAULT_FIB, fin->fin_src, 0, NHR_NONE, 0);
if (nh == NULL)
return (0);
return (fin->fin_ifp == nh->nh_ifp);
}
/*
* return the first IP Address associated with an interface
*/
int
ipf_ifpaddr(ipf_main_softc_t *softc, int v, int atype, void *ifptr,
i6addr_t *inp, i6addr_t *inpmask)
{
#ifdef USE_INET6
struct in6_addr *ia6 = NULL;
#endif
struct sockaddr *sock, *mask;
struct sockaddr_in *sin;
struct ifaddr *ifa;
struct ifnet *ifp;
if ((ifptr == NULL) || (ifptr == (void *)-1))
return (-1);
sin = NULL;
ifp = ifptr;
if (v == 4)
inp->in4.s_addr = 0;
#ifdef USE_INET6
else if (v == 6)
bzero((char *)inp, sizeof(*inp));
#endif
ifa = CK_STAILQ_FIRST(&ifp->if_addrhead);
sock = ifa->ifa_addr;
while (sock != NULL && ifa != NULL) {
sin = (struct sockaddr_in *)sock;
if ((v == 4) && (sin->sin_family == AF_INET))
break;
#ifdef USE_INET6
if ((v == 6) && (sin->sin_family == AF_INET6)) {
ia6 = &((struct sockaddr_in6 *)sin)->sin6_addr;
if (!IN6_IS_ADDR_LINKLOCAL(ia6) &&
!IN6_IS_ADDR_LOOPBACK(ia6))
break;
}
#endif
ifa = CK_STAILQ_NEXT(ifa, ifa_link);
if (ifa != NULL)
sock = ifa->ifa_addr;
}
if (ifa == NULL || sin == NULL)
return (-1);
mask = ifa->ifa_netmask;
if (atype == FRI_BROADCAST)
sock = ifa->ifa_broadaddr;
else if (atype == FRI_PEERADDR)
sock = ifa->ifa_dstaddr;
if (sock == NULL)
return (-1);
#ifdef USE_INET6
if (v == 6) {
return (ipf_ifpfillv6addr(atype, (struct sockaddr_in6 *)sock,
(struct sockaddr_in6 *)mask,
inp, inpmask));
}
#endif
return (ipf_ifpfillv4addr(atype, (struct sockaddr_in *)sock,
(struct sockaddr_in *)mask,
&inp->in4, &inpmask->in4));
}
u_32_t
ipf_newisn(fr_info_t *fin)
{
u_32_t newiss;
newiss = arc4random();
return (newiss);
}
int
ipf_checkv4sum(fr_info_t *fin)
{
#ifdef CSUM_DATA_VALID
int manual = 0;
u_short sum;
ip_t *ip;
mb_t *m;
if ((fin->fin_flx & FI_NOCKSUM) != 0)
return (0);
if ((fin->fin_flx & FI_SHORT) != 0)
return (1);
if (fin->fin_cksum != FI_CK_NEEDED)
return (fin->fin_cksum > FI_CK_NEEDED) ? 0 : -1;
m = fin->fin_m;
if (m == NULL) {
manual = 1;
goto skipauto;
}
ip = fin->fin_ip;
if ((m->m_pkthdr.csum_flags & (CSUM_IP_CHECKED|CSUM_IP_VALID)) ==
CSUM_IP_CHECKED) {
fin->fin_cksum = FI_CK_BAD;
fin->fin_flx |= FI_BAD;
DT2(ipf_fi_bad_checkv4sum_csum_ip_checked, fr_info_t *, fin, u_int, m->m_pkthdr.csum_flags & (CSUM_IP_CHECKED|CSUM_IP_VALID));
return (-1);
}
if (m->m_pkthdr.csum_flags & CSUM_DATA_VALID) {
/* Depending on the driver, UDP may have zero checksum */
if (fin->fin_p == IPPROTO_UDP && (fin->fin_flx &
(FI_FRAG|FI_SHORT|FI_BAD)) == 0) {
udphdr_t *udp = fin->fin_dp;
if (udp->uh_sum == 0) {
/*
* we're good no matter what the hardware
* checksum flags and csum_data say (handling
* of csum_data for zero UDP checksum is not
* consistent across all drivers)
*/
fin->fin_cksum = 1;
return (0);
}
}
if (m->m_pkthdr.csum_flags & CSUM_PSEUDO_HDR)
sum = m->m_pkthdr.csum_data;
else
sum = in_pseudo(ip->ip_src.s_addr, ip->ip_dst.s_addr,
htonl(m->m_pkthdr.csum_data +
fin->fin_dlen + fin->fin_p));
sum ^= 0xffff;
if (sum != 0) {
fin->fin_cksum = FI_CK_BAD;
fin->fin_flx |= FI_BAD;
DT2(ipf_fi_bad_checkv4sum_sum, fr_info_t *, fin, u_int, sum);
} else {
fin->fin_cksum = FI_CK_SUMOK;
return (0);
}
} else {
if (m->m_pkthdr.csum_flags == CSUM_DELAY_DATA) {
fin->fin_cksum = FI_CK_L4FULL;
return (0);
} else if (m->m_pkthdr.csum_flags == CSUM_TCP ||
m->m_pkthdr.csum_flags == CSUM_UDP ||
m->m_pkthdr.csum_flags == CSUM_IP) {
fin->fin_cksum = FI_CK_L4PART;
return (0);
} else {
manual = 1;
}
}
skipauto:
if (manual != 0) {
if (ipf_checkl4sum(fin) == -1) {
fin->fin_flx |= FI_BAD;
DT2(ipf_fi_bad_checkv4sum_manual, fr_info_t *, fin, u_int, manual);
return (-1);
}
}
#else
if (ipf_checkl4sum(fin) == -1) {
fin->fin_flx |= FI_BAD;
DT2(ipf_fi_bad_checkv4sum_checkl4sum, fr_info_t *, fin, u_int, -1);
return (-1);
}
#endif
return (0);
}
#ifdef USE_INET6
int
ipf_checkv6sum(fr_info_t *fin)
{
if ((fin->fin_flx & FI_NOCKSUM) != 0) {
DT(ipf_checkv6sum_fi_nocksum);
return (0);
}
if ((fin->fin_flx & FI_SHORT) != 0) {
DT(ipf_checkv6sum_fi_short);
return (1);
}
if (fin->fin_cksum != FI_CK_NEEDED) {
DT(ipf_checkv6sum_fi_ck_needed);
return (fin->fin_cksum > FI_CK_NEEDED) ? 0 : -1;
}
if (ipf_checkl4sum(fin) == -1) {
fin->fin_flx |= FI_BAD;
DT2(ipf_fi_bad_checkv6sum_checkl4sum, fr_info_t *, fin, u_int, -1);
return (-1);
}
return (0);
}
#endif /* USE_INET6 */
size_t
mbufchainlen(struct mbuf *m0)
{
size_t len;
if ((m0->m_flags & M_PKTHDR) != 0) {
len = m0->m_pkthdr.len;
} else {
struct mbuf *m;
for (m = m0, len = 0; m != NULL; m = m->m_next)
len += m->m_len;
}
return (len);
}
/* ------------------------------------------------------------------------ */
/* Function: ipf_pullup */
/* Returns: NULL == pullup failed, else pointer to protocol header */
/* Parameters: xmin(I)- pointer to buffer where data packet starts */
/* fin(I) - pointer to packet information */
/* len(I) - number of bytes to pullup */
/* */
/* Attempt to move at least len bytes (from the start of the buffer) into a */
/* single buffer for ease of access. Operating system native functions are */
/* used to manage buffers - if necessary. If the entire packet ends up in */
/* a single buffer, set the FI_COALESCE flag even though ipf_coalesce() has */
/* not been called. Both fin_ip and fin_dp are updated before exiting _IF_ */
/* and ONLY if the pullup succeeds. */
/* */
/* We assume that 'xmin' is a pointer to a buffer that is part of the chain */
/* of buffers that starts at *fin->fin_mp. */
/* ------------------------------------------------------------------------ */
ip_t *
ipf_pullup(mb_t *xmin, fr_info_t *fin, int len)
{
int dpoff, ipoff;
mb_t *m = xmin;
ip_t *ip;
if (m == NULL)
return (NULL);
ip = fin->fin_ip;
if ((fin->fin_flx & FI_COALESCE) != 0)
return (ip);
ipoff = fin->fin_ipoff;
if (fin->fin_dp != NULL)
dpoff = (char *)fin->fin_dp - (char *)ip;
else
dpoff = 0;
if (M_LEN(m) < len) {
mb_t *n = *fin->fin_mp;
/*
* Assume that M_PKTHDR is set and just work with what is left
* rather than check..
* Should not make any real difference, anyway.
*/
if (m != n) {
/*
* Record the mbuf that points to the mbuf that we're
* about to go to work on so that we can update the
* m_next appropriately later.
*/
for (; n->m_next != m; n = n->m_next)
;
} else {
n = NULL;
}
#ifdef MHLEN
if (len > MHLEN)
#else
if (len > MLEN)
#endif
{
#ifdef HAVE_M_PULLDOWN
if (m_pulldown(m, 0, len, NULL) == NULL)
m = NULL;
#else
FREE_MB_T(*fin->fin_mp);
m = NULL;
n = NULL;
#endif
} else
{
m = m_pullup(m, len);
}
if (n != NULL)
n->m_next = m;
if (m == NULL) {
/*
* When n is non-NULL, it indicates that m pointed to
* a sub-chain (tail) of the mbuf and that the head
* of this chain has not yet been free'd.
*/
if (n != NULL) {
FREE_MB_T(*fin->fin_mp);
}
*fin->fin_mp = NULL;
fin->fin_m = NULL;
return (NULL);
}
if (n == NULL)
*fin->fin_mp = m;
while (M_LEN(m) == 0) {
m = m->m_next;
}
fin->fin_m = m;
ip = MTOD(m, ip_t *) + ipoff;
fin->fin_ip = ip;
if (fin->fin_dp != NULL)
fin->fin_dp = (char *)fin->fin_ip + dpoff;
if (fin->fin_fraghdr != NULL)
fin->fin_fraghdr = (char *)ip +
((char *)fin->fin_fraghdr -
(char *)fin->fin_ip);
}
if (len == fin->fin_plen)
fin->fin_flx |= FI_COALESCE;
return (ip);
}
int
ipf_inject(fr_info_t *fin, mb_t *m)
{
struct epoch_tracker et;
int error = 0;
NET_EPOCH_ENTER(et);
if (fin->fin_out == 0) {
netisr_dispatch(NETISR_IP, m);
} else {
fin->fin_ip->ip_len = ntohs(fin->fin_ip->ip_len);
fin->fin_ip->ip_off = ntohs(fin->fin_ip->ip_off);
error = ip_output(m, NULL, NULL, IP_FORWARDING, NULL, NULL);
}
NET_EPOCH_EXIT(et);
return (error);
}
VNET_DEFINE_STATIC(pfil_hook_t, ipf_inet_hook);
VNET_DEFINE_STATIC(pfil_hook_t, ipf_inet6_hook);
#define V_ipf_inet_hook VNET(ipf_inet_hook)
#define V_ipf_inet6_hook VNET(ipf_inet6_hook)
int ipf_pfil_unhook(void) {
pfil_remove_hook(V_ipf_inet_hook);
#ifdef USE_INET6
pfil_remove_hook(V_ipf_inet6_hook);
#endif
return (0);
}
int ipf_pfil_hook(void) {
int error, error6;
struct pfil_hook_args pha = {
.pa_version = PFIL_VERSION,
.pa_flags = PFIL_IN | PFIL_OUT,
.pa_modname = "ipfilter",
.pa_rulname = "default-ip4",
.pa_mbuf_chk = ipf_check_wrapper,
.pa_type = PFIL_TYPE_IP4,
};
V_ipf_inet_hook = pfil_add_hook(&pha);
#ifdef USE_INET6
pha.pa_rulname = "default-ip6";
pha.pa_mbuf_chk = ipf_check_wrapper6;
pha.pa_type = PFIL_TYPE_IP6;
V_ipf_inet6_hook = pfil_add_hook(&pha);
#endif
struct pfil_link_args pla = {
.pa_version = PFIL_VERSION,
.pa_flags = PFIL_IN | PFIL_OUT | PFIL_HEADPTR | PFIL_HOOKPTR,
.pa_head = V_inet_pfil_head,
.pa_hook = V_ipf_inet_hook,
};
error = pfil_link(&pla);
error6 = 0;
#ifdef USE_INET6
pla.pa_head = V_inet6_pfil_head;
pla.pa_hook = V_ipf_inet6_hook;
error6 = pfil_link(&pla);
#endif
if (error || error6)
error = ENODEV;
else
error = 0;
return (error);
}
void
ipf_event_reg(void)
{
V_ipf_arrivetag = EVENTHANDLER_REGISTER(ifnet_arrival_event, \
ipf_ifevent, NULL, \
EVENTHANDLER_PRI_ANY);
V_ipf_departtag = EVENTHANDLER_REGISTER(ifnet_departure_event, \
ipf_ifevent, NULL, \
EVENTHANDLER_PRI_ANY);
#if 0
V_ipf_clonetag = EVENTHANDLER_REGISTER(if_clone_event, ipf_ifevent, \
NULL, EVENTHANDLER_PRI_ANY);
#endif
}
void
ipf_event_dereg(void)
{
if (V_ipf_arrivetag != NULL) {
EVENTHANDLER_DEREGISTER(ifnet_arrival_event, V_ipf_arrivetag);
}
if (V_ipf_departtag != NULL) {
EVENTHANDLER_DEREGISTER(ifnet_departure_event, V_ipf_departtag);
}
#if 0
if (V_ipf_clonetag != NULL) {
EVENTHANDLER_DEREGISTER(if_clone_event, V_ipf_clonetag);
}
#endif
}
u_32_t
ipf_random(void)
{
return (arc4random());
}
u_int
ipf_pcksum(fr_info_t *fin, int hlen, u_int sum)
{
struct mbuf *m;
u_int sum2;
int off;
m = fin->fin_m;
off = (char *)fin->fin_dp - (char *)fin->fin_ip;
m->m_data += hlen;
m->m_len -= hlen;
sum2 = in_cksum(fin->fin_m, fin->fin_plen - off);
m->m_len += hlen;
m->m_data -= hlen;
/*
* Both sum and sum2 are partial sums, so combine them together.
*/
sum += ~sum2 & 0xffff;
while (sum > 0xffff)
sum = (sum & 0xffff) + (sum >> 16);
sum2 = ~sum & 0xffff;
return (sum2);
}
#ifdef USE_INET6
u_int
ipf_pcksum6(struct mbuf *m, ip6_t *ip6, u_int32_t off, u_int32_t len)
{
#ifdef _KERNEL
int sum;
if (m->m_len < sizeof(struct ip6_hdr)) {
return (0xffff);
}
sum = in6_cksum(m, ip6->ip6_nxt, off, len);
return (sum);
#else
u_short *sp;
u_int sum;
sp = (u_short *)&ip6->ip6_src;
sum = *sp++; /* ip6_src */
sum += *sp++;
sum += *sp++;
sum += *sp++;
sum += *sp++;
sum += *sp++;
sum += *sp++;
sum += *sp++;
sum += *sp++; /* ip6_dst */
sum += *sp++;
sum += *sp++;
sum += *sp++;
sum += *sp++;
sum += *sp++;
sum += *sp++;
sum += *sp++;
return (ipf_pcksum(fin, off, sum));
#endif
}
#endif
void
ipf_fbsd_kenv_get(ipf_main_softc_t *softc)
{
TUNABLE_INT_FETCH("net.inet.ipf.large_nat",
&softc->ipf_large_nat);
}