src/sys/netinet/ip_input.c - diff

Return to ip_input.c CVS log

Up to [cvs.NetBSD.org] / src / sys / netinet

Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.

Diff for /src/sys/netinet/ip_input.c between version 1.262 and 1.262.6.2

version 1.262, 2008/02/06 03:20:51

version 1.262.6.2, 2008/06/02 13:24:24

Line 45

* 2. Redistributions in binary form must reproduce the above copyright

* notice, this list of conditions and the following disclaimer in the

* documentation and/or other materials provided with the distribution.

* 3. All advertising materials mentioning features or use of this software

* must display the following acknowledgement:

* This product includes software developed by the NetBSD

* Foundation, Inc. and its contributors.

* 4. Neither the name of The NetBSD Foundation nor the names of its

* contributors may be used to endorse or promote products derived

* from this software without specific prior written permission.

* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS

* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED

Line 135 __KERNEL_RCSID(0, "$NetBSD$");

Line 128 __KERNEL_RCSID(0, "$NetBSD$");

#include <netinet/in_proto.h>

#include <netinet/in_var.h>

#include <netinet/ip_var.h>

#include <netinet/ip_private.h>

#include <netinet/ip_icmp.h>

/* just for gif_ttl */

#include <netinet/in_gif.h>

Line 148 __KERNEL_RCSID(0, "$NetBSD$");

Line 142 __KERNEL_RCSID(0, "$NetBSD$");

#ifdef IPSEC

#include <netinet6/ipsec.h>

#include <netinet6/ipsec_private.h>

#include <netkey/key.h>

#endif

#ifdef FAST_IPSEC

Line 230 u_long in_multihash; /* size of hash

Line 225 u_long in_multihash; /* size of hash

int in_multientries; /* total number of addrs */

struct in_multihashhead *in_multihashtbl;

struct ifqueue ipintrq;

struct ipstat ipstat;

uint16_t ip_id;

percpu_t *ipstat_percpu;

#ifdef PFIL_HOOKS

struct pfil_head inet_pfil_hook;

#endif

Line 424 ip_init(void)

Line 420 ip_init(void)

ip_nmbclusters_changed();

TAILQ_INIT(&in_ifaddrhead);

in_ifaddrhashtbl = hashinit(IN_IFADDR_HASH_SIZE, HASH_LIST, M_IFADDR,

in_ifaddrhashtbl = hashinit(IN_IFADDR_HASH_SIZE, HASH_LIST, true,

M_WAITOK, &in_ifaddrhash);

&in_ifaddrhash);

in_multihashtbl = hashinit(IN_IFADDR_HASH_SIZE, HASH_LIST, M_IPMADDR,

in_multihashtbl = hashinit(IN_IFADDR_HASH_SIZE, HASH_LIST, true,

M_WAITOK, &in_multihash);

&in_multihash);

ip_mtudisc_timeout_q = rt_timer_queue_create(ip_mtudisc_timeout);

#ifdef GATEWAY

ipflow_init(ip_hashsize);

Line 447 ip_init(void)

Line 443 ip_init(void)

MOWNER_ATTACH(&ip_tx_mowner);

MOWNER_ATTACH(&ip_rx_mowner);

#endif /* MBUFTRACE */

ipstat_percpu = percpu_alloc(sizeof(uint64_t) * IP_NSTATS);

}

struct sockaddr_in ipaddr = {

Line 464 ipintr(void)

Line 462 ipintr(void)

int s;

struct mbuf *m;

mutex_enter(softnet_lock);

KERNEL_LOCK(1, NULL);

while (!IF_IS_EMPTY(&ipintrq)) {

s = splnet();

IF_DEQUEUE(&ipintrq, m);

splx(s);

if (m == 0)

if (m == NULL)

return;

break;

ip_input(m);

}

KERNEL_UNLOCK_ONE(NULL);

mutex_exit(softnet_lock);

}

Line 511 ip_input(struct mbuf *m)

Line 513 ip_input(struct mbuf *m)

if (TAILQ_FIRST(&in_ifaddrhead) == 0)

goto bad;

ipstat.ips_total++;

IP_STATINC(IP_STAT_TOTAL);

* If the IP header is not aligned, slurp it up into a new

* mbuf with space for link headers, in the event we forward

Line 522 ip_input(struct mbuf *m)

Line 524 ip_input(struct mbuf *m)

if ((m = m_copyup(m, sizeof(struct ip),

(max_linkhdr + 3) & ~3)) == NULL) {

/* XXXJRT new stat, please */

ipstat.ips_toosmall++;

IP_STATINC(IP_STAT_TOOSMALL);

return;

}

} else if (__predict_false(m->m_len < sizeof (struct ip))) {

if ((m = m_pullup(m, sizeof (struct ip))) == NULL) {

ipstat.ips_toosmall++;

IP_STATINC(IP_STAT_TOOSMALL);

return;

}

ip = mtod(m, struct ip *);

if (ip->ip_v != IPVERSION) {

ipstat.ips_badvers++;

IP_STATINC(IP_STAT_BADVERS);

goto bad;

}

hlen = ip->ip_hl << 2;

if (hlen < sizeof(struct ip)) { /* minimum header length */

ipstat.ips_badhlen++;

IP_STATINC(IP_STAT_BADHLEN);

goto bad;

}

if (hlen > m->m_len) {

if ((m = m_pullup(m, hlen)) == 0) {

ipstat.ips_badhlen++;

IP_STATINC(IP_STAT_BADHLEN);

return;

}

ip = mtod(m, struct ip *);

Line 554 ip_input(struct mbuf *m)

Line 556 ip_input(struct mbuf *m)

* not allowed.

if (IN_MULTICAST(ip->ip_src.s_addr)) {

ipstat.ips_badaddr++;

IP_STATINC(IP_STAT_BADADDR);

goto bad;

}

Line 562 ip_input(struct mbuf *m)

Line 564 ip_input(struct mbuf *m)

if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET ||

(ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) {

if ((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) == 0) {

ipstat.ips_badaddr++;

IP_STATINC(IP_STAT_BADADDR);

goto bad;

}

Line 600 ip_input(struct mbuf *m)

Line 602 ip_input(struct mbuf *m)

* Check for additional length bogosity

if (len < hlen) {

ipstat.ips_badlen++;

IP_STATINC(IP_STAT_BADLEN);

goto bad;

}

Line 611 ip_input(struct mbuf *m)

Line 613 ip_input(struct mbuf *m)

* Drop packet if shorter than we expect.

if (m->m_pkthdr.len < len) {

ipstat.ips_tooshort++;

IP_STATINC(IP_STAT_TOOSHORT);

goto bad;

}

if (m->m_pkthdr.len > len) {

Line 780 ip_input(struct mbuf *m)

Line 782 ip_input(struct mbuf *m)

* ip_output().)

if (ip_mforward(m, m->m_pkthdr.rcvif) != 0) {

ipstat.ips_cantforward++;

IP_STATINC(IP_STAT_CANTFORWARD);

m_freem(m);

return;

}

Line 792 ip_input(struct mbuf *m)

Line 794 ip_input(struct mbuf *m)

if (ip->ip_p == IPPROTO_IGMP)

goto ours;

ipstat.ips_forward++;

IP_STATINC(IP_STAT_CANTFORWARD);

}

#endif

Line 801 ip_input(struct mbuf *m)

Line 803 ip_input(struct mbuf *m)

IN_LOOKUP_MULTI(ip->ip_dst, m->m_pkthdr.rcvif, inm);

if (inm == NULL) {

ipstat.ips_cantforward++;

IP_STATINC(IP_STAT_CANTFORWARD);

m_freem(m);

return;

}

Line 815 ip_input(struct mbuf *m)

Line 817 ip_input(struct mbuf *m)

* Not for us; forward if possible and desirable.

if (ipforwarding == 0) {

ipstat.ips_cantforward++;

IP_STATINC(IP_STAT_CANTFORWARD);

m_freem(m);

} else {

Line 826 ip_input(struct mbuf *m)

Line 828 ip_input(struct mbuf *m)

if (downmatch) {

icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_HOST, 0, 0);

ipstat.ips_cantforward++;

IP_STATINC(IP_STAT_CANTFORWARD);

return;

}

#ifdef IPSEC

if (ipsec4_in_reject(m, NULL)) {

ipsecstat.in_polvio++;

IPSEC_STATINC(IPSEC_STAT_IN_POLVIO);

goto bad;

}

#endif

Line 859 ip_input(struct mbuf *m)

Line 861 ip_input(struct mbuf *m)

KEY_FREESP(&sp);

splx(s);

if (error) {

ipstat.ips_cantforward++;

IP_STATINC(IP_STAT_CANTFORWARD);

goto bad;

}

Line 906 ours:

Line 908 ours:

off = (ntohs(ip->ip_off) & IP_OFFMASK) << 3;

if ((off > 0 ? off + hlen : len) < IP_MINFRAGSIZE - 1) {

ipstat.ips_badfrags++;

IP_STATINC(IP_STAT_BADFRAGS);

goto bad;

}

Line 925 ours:

Line 927 ours:

* fragments.

if (ip->ip_tos != fp->ipq_tos) {

ipstat.ips_badfrags++;

IP_STATINC(IP_STAT_BADFRAGS);

goto bad;

}

goto found;

Line 948 found:

Line 950 found:

if (ntohs(ip->ip_len) == 0 ||

(ntohs(ip->ip_len) & 0x7) != 0) {

ipstat.ips_badfrags++;

IP_STATINC(IP_STAT_BADFRAGS);

IPQ_UNLOCK();

goto bad;

}

Line 961 found:

Line 963 found:

* attempt reassembly; if it succeeds, proceed.

if (mff || ip->ip_off != htons(0)) {

ipstat.ips_fragments++;

IP_STATINC(IP_STAT_FRAGMENTS);

s = splvm();

ipqe = pool_get(&ipqent_pool, PR_NOWAIT);

splx(s);

if (ipqe == NULL) {

ipstat.ips_rcvmemdrop++;

IP_STATINC(IP_STAT_RCVMEMDROP);

IPQ_UNLOCK();

goto bad;

}

Line 978 found:

Line 980 found:

IPQ_UNLOCK();

return;

}

ipstat.ips_reassembled++;

IP_STATINC(IP_STAT_REASSEMBLED);

ip = mtod(m, struct ip *);

hlen = ip->ip_hl << 2;

ip->ip_len = htons(ntohs(ip->ip_len) + hlen);

Line 996 found:

Line 998 found:

if ((inetsw[ip_protox[ip->ip_p]].pr_flags & PR_LASTHDR) != 0 &&

ipsec4_in_reject(m, NULL)) {

ipsecstat.in_polvio++;

IPSEC_STATINC(IPSEC_STAT_IN_POLVIO);

goto bad;

}

#endif

Line 1046 DPRINTF(("ip_input: no SP, packet discar

Line 1048 DPRINTF(("ip_input: no SP, packet discar

if (ia && ip)

ia->ia_ifa.ifa_data.ifad_inbytes += ntohs(ip->ip_len);

#endif

ipstat.ips_delivered++;

IP_STATINC(IP_STAT_DELIVERED);

{

int off = hlen, nh = ip->ip_p;

Line 1058 bad:

Line 1060 bad:

return;

badcsum:

ipstat.ips_badsum++;

IP_STATINC(IP_STAT_BADSUM);

m_freem(m);

}

Line 1216 insert:

Line 1218 insert:

q = TAILQ_FIRST(&fp->ipq_fragq);

ip = q->ipqe_ip;

if ((next + (ip->ip_hl << 2)) > IP_MAXPACKET) {

ipstat.ips_toolong++;

IP_STATINC(IP_STAT_TOOLONG);

ip_freef(fp);

return (0);

}

Line 1266 dropfrag:

Line 1268 dropfrag:

if (fp != 0)

fp->ipq_nfrags--;

ip_nfrags--;

ipstat.ips_fragdropped++;

IP_STATINC(IP_STAT_FRAGDROPPED);

m_freem(m);

s = splvm();

pool_put(&ipqent_pool, ipqe);

Line 1333 ip_reass_ttl_decr(u_int ticks)

Line 1335 ip_reass_ttl_decr(u_int ticks)

0 : fp->ipq_ttl - ticks);

nfp = LIST_NEXT(fp, ipq_q);

if (fp->ipq_ttl == 0) {

ipstat.ips_fragtimeout++;

IP_STATINC(IP_STAT_FRAGTIMEOUT);

ip_freef(fp);

} else {

nfrags += fp->ipq_nfrags;

Line 1384 ip_slowtimo(void)

Line 1386 ip_slowtimo(void)

static u_int dropscanidx = 0;

u_int i;

u_int median_ttl;

int s = splsoftnet();

mutex_enter(softnet_lock);

KERNEL_LOCK(1, NULL);

IPQ_LOCK();

Line 1426 ip_slowtimo(void)

Line 1430 ip_slowtimo(void)

dropscanidx = i;

}

IPQ_UNLOCK();

splx(s);

KERNEL_UNLOCK_ONE(NULL);

mutex_exit(softnet_lock);

}

* Drain off all datagram fragments.

* Drain off all datagram fragments. Don't acquire softnet_lock as

* can be called from hardware interrupt context.

void

ip_drain(void)

{

KERNEL_LOCK(1, NULL);

* We may be called from a device's interrupt context. If

* the ipq is already busy, just bail out now.

if (ipq_lock_try() == 0)

if (ipq_lock_try() != 0) {

return;

* Drop half the total fragments now. If more mbufs are

* needed, we will be called again soon.

* Drop half the total fragments now. If more mbufs are needed,

* we will be called again soon.

ip_reass_drophalf();

IPQ_UNLOCK();

ip_reass_drophalf();

}

IPQ_UNLOCK();

KERNEL_UNLOCK_ONE(NULL);

}

Line 1680 ip_dooptions(struct mbuf *m)

Line 1689 ip_dooptions(struct mbuf *m)

return (0);

bad:

icmp_error(m, type, code, 0, 0);

ipstat.ips_badoptions++;

IP_STATINC(IP_STAT_BADOPTIONS);

return (1);

}

Line 1853 ip_forward(struct mbuf *m, int srcrt)

Line 1862 ip_forward(struct mbuf *m, int srcrt)

}

#endif

if (m->m_flags & (M_BCAST|M_MCAST) || in_canforward(ip->ip_dst) == 0) {

ipstat.ips_cantforward++;

IP_STATINC(IP_STAT_CANTFORWARD);

m_freem(m);

return;

}

Line 1917 ip_forward(struct mbuf *m, int srcrt)

Line 1926 ip_forward(struct mbuf *m, int srcrt)

(struct ip_moptions *)NULL, (struct socket *)NULL);

if (error)

ipstat.ips_cantforward++;

IP_STATINC(IP_STAT_CANTFORWARD);

else {

ipstat.ips_forward++;

uint64_t *ips = IP_STAT_GETREF();

if (type)

ips[IP_STAT_FORWARD]++;

ipstat.ips_redirectsent++;

if (type) {

else {

ips[IP_STAT_REDIRECTSENT]++;

IP_STAT_PUTREF();

} else {

IP_STAT_PUTREF();

if (mcopy) {

#ifdef GATEWAY

if (mcopy->m_flags & M_CANFASTFWD)

Line 1954 ip_forward(struct mbuf *m, int srcrt)

Line 1966 ip_forward(struct mbuf *m, int srcrt)

case EMSGSIZE:

type = ICMP_UNREACH;

code = ICMP_UNREACH_NEEDFRAG;

#if !defined(IPSEC) && !defined(FAST_IPSEC)

if ((rt = rtcache_validate(&ipforward_rt)) != NULL)

destmtu = rt->rt_ifp->if_mtu;

#else

* If the packet is routed over IPsec tunnel, tell the

* originator the tunnel MTU.

* tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz

* XXX quickhack!!!

if ((rt = rtcache_validate(&ipforward_rt)) != NULL) {

#if defined(IPSEC) || defined(FAST_IPSEC)

* If the packet is routed over IPsec tunnel, tell the

* originator the tunnel MTU.

* tunnel MTU = if MTU - sizeof(IP) - ESP/AH hdrsiz

* XXX quickhack!!!

struct secpolicy *sp;

int ipsecerror;

size_t ipsechdr;

Line 1973 ip_forward(struct mbuf *m, int srcrt)

Line 1985 ip_forward(struct mbuf *m, int srcrt)

sp = ipsec4_getpolicybyaddr(mcopy,

IPSEC_DIR_OUTBOUND, IP_FORWARDING,

&ipsecerror);

#endif

if (sp == NULL)

destmtu = rt->rt_ifp->if_mtu;

#if defined(IPSEC) || defined(FAST_IPSEC)

else {

if (sp != NULL) {

/* count IPsec header size */

ipsechdr = ipsec4_hdrsiz(mcopy,

IPSEC_DIR_OUTBOUND, NULL);

Line 2005 ip_forward(struct mbuf *m, int srcrt)

Line 2018 ip_forward(struct mbuf *m, int srcrt)

KEY_FREESP(&sp);

#endif

}

#endif /*defined(IPSEC) || defined(FAST_IPSEC)*/

}

#endif /*IPSEC*/

IP_STATINC(IP_STAT_CANTFRAG);

ipstat.ips_cantfrag++;

break;

case ENOBUFS:

Line 2150 sysctl_net_inet_ip_maxflows(SYSCTLFN_ARG

Line 2163 sysctl_net_inet_ip_maxflows(SYSCTLFN_ARG

return (s);

s = splsoftnet();

ipflow_reap(0);

ipflow_prune();

splx(s);

return (0);

Line 2186 sysctl_net_inet_ip_hashsize(SYSCTLFN_ARG

Line 2199 sysctl_net_inet_ip_hashsize(SYSCTLFN_ARG

}

#endif /* GATEWAY */

static int

sysctl_net_inet_ip_stats(SYSCTLFN_ARGS)

{

return (NETSTAT_SYSCTL(ipstat_percpu, IP_NSTATS));

}

SYSCTL_SETUP(sysctl_net_inet_ip_setup, "sysctl net.inet.ip subtree setup")

{

Line 2390 SYSCTL_SETUP(sysctl_net_inet_ip_setup, "

Line 2409 SYSCTL_SETUP(sysctl_net_inet_ip_setup, "

CTLFLAG_PERMANENT,

CTLTYPE_STRUCT, "stats",

SYSCTL_DESCR("IP statistics"),

NULL, 0, &ipstat, sizeof(ipstat),

sysctl_net_inet_ip_stats, 0, NULL, 0,

CTL_NET, PF_INET, IPPROTO_IP, IPCTL_STATS,

CTL_EOL);

}

void

ip_statinc(u_int stat)

{

KASSERT(stat < IP_NSTATS);

IP_STATINC(stat);

}

CVSweb <webmaster@jp.NetBSD.org>