Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v rcsdiff: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v: warning: Unknown phrases like `commitid ...;' are present. retrieving revision 1.337.2.4 retrieving revision 1.356 diff -u -p -r1.337.2.4 -r1.356 --- src/sys/netinet/ip_input.c 2017/03/20 06:57:50 1.337.2.4 +++ src/sys/netinet/ip_input.c 2017/07/06 17:08:57 1.356 @@ -1,4 +1,4 @@ -/* $NetBSD: ip_input.c,v 1.337.2.4 2017/03/20 06:57:50 pgoyette Exp $ */ +/* $NetBSD: ip_input.c,v 1.356 2017/07/06 17:08:57 christos Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -91,11 +91,10 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.337.2.4 2017/03/20 06:57:50 pgoyette Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ip_input.c,v 1.356 2017/07/06 17:08:57 christos Exp $"); #ifdef _KERNEL_OPT #include "opt_inet.h" -#include "opt_compat_netbsd.h" #include "opt_gateway.h" #include "opt_ipsec.h" #include "opt_mrouting.h" @@ -174,11 +173,6 @@ __KERNEL_RCSID(0, "$NetBSD: ip_input.c,v #define IPMTUDISCTIMEOUT (10 * 60) /* as per RFC 1191 */ #endif -#ifdef COMPAT_50 -#include -#include -#endif - /* * Note: DIRECTED_BROADCAST is handled this way so that previous * configuration using this option will Just Work. @@ -226,7 +220,7 @@ pfil_head_t * inet_pfil_hook __read_mo ipid_state_t * ip_ids __read_mostly; percpu_t * ipstat_percpu __read_mostly; -static struct route ipforward_rt __cacheline_aligned; +static percpu_t *ipforward_rt_percpu __cacheline_aligned; uint16_t ip_id; @@ -253,30 +247,23 @@ EVCNT_ATTACH_STATIC(ip_swcsum); #endif /* INET_CSUM_COUNTERS */ /* - * We need to save the IP options in case a protocol wants to respond + * Used to save the IP options in case a protocol wants to respond * to an incoming packet over the same route if the packet got here * using IP source routing. This allows connection establishment and * maintenance when the remote end is on a network that is not known * to us. */ - -static int ip_nhops = 0; - -static struct ip_srcrt { - struct in_addr dst; /* final destination */ - char nop; /* one NOP to align */ - char srcopt[IPOPT_OFFSET + 1]; /* OPTVAL, OLEN and OFFSET */ - struct in_addr route[MAX_IPOPTLEN/sizeof(struct in_addr)]; -} ip_srcrt; +struct ip_srcrt { + int isr_nhops; /* number of hops */ + struct in_addr isr_dst; /* final destination */ + char isr_nop; /* one NOP to align */ + char isr_hdr[IPOPT_OFFSET + 1]; /* OPTVAL, OLEN & OFFSET */ + struct in_addr isr_routes[MAX_IPOPTLEN/sizeof(struct in_addr)]; +}; static int ip_drainwanted; -struct sockaddr_in ipaddr = { - .sin_len = sizeof(ipaddr), - .sin_family = AF_INET, -}; - -static void save_rte(u_char *, struct in_addr); +static void save_rte(struct mbuf *, u_char *, struct in_addr); #ifdef MBUFTRACE struct mowner ip_rx_mowner = MOWNER_INIT("internet", "rx"); @@ -349,11 +336,7 @@ ip_init(void) #endif /* MBUFTRACE */ ipstat_percpu = percpu_alloc(sizeof(uint64_t) * IP_NSTATS); - ipforward_rt_percpu = percpu_alloc(sizeof(struct route)); - if (ipforward_rt_percpu == NULL) - panic("failed to allocate ipforward_rt_percpu"); - ip_mtudisc_timeout_q = rt_timer_queue_create(ip_mtudisc_timeout); } @@ -388,7 +371,8 @@ ip_match_our_address(struct ifnet *ifp, continue; if (checkif && ia->ia_ifp != ifp) continue; - if ((ia->ia_ifp->if_flags & IFF_UP) != 0) + if ((ia->ia_ifp->if_flags & IFF_UP) != 0 && + (ia->ia4_flags & IN_IFF_DETACHED) == 0) break; else (*downmatch)++; @@ -408,7 +392,7 @@ ip_match_our_address_broadcast(struct if if (ifa->ifa_addr->sa_family != AF_INET) continue; ia = ifatoia(ifa); - if (ia->ia4_flags & IN_IFF_NOTREADY) + if (ia->ia4_flags & (IN_IFF_NOTREADY | IN_IFF_DETACHED)) continue; if (in_hosteq(ip->ip_dst, ia->ia_broadaddr.sin_addr) || in_hosteq(ip->ip_dst, ia->ia_netbroadcast) || @@ -668,7 +652,6 @@ ip_input(struct mbuf *m) * error was detected (causing an icmp message * to be sent and the original packet to be freed). */ - ip_nhops = 0; /* for source routed packets */ if (hlen > sizeof (struct ip) && ip_dooptions(m)) { m = NULL; goto out; @@ -949,6 +932,11 @@ ip_dooptions(struct mbuf *m) case IPOPT_LSRR: case IPOPT_SSRR: { struct psref psref; + struct sockaddr_in ipaddr = { + .sin_len = sizeof(ipaddr), + .sin_family = AF_INET, + }; + if (ip_allowsrcrt == 0) { type = ICMP_UNREACH; code = ICMP_UNREACH_NET_PROHIB; @@ -986,7 +974,7 @@ ip_dooptions(struct mbuf *m) /* * End of source route. Should be for us. */ - save_rte(cp, ip->ip_src); + save_rte(m, cp, ip->ip_src); break; } /* @@ -1023,6 +1011,11 @@ ip_dooptions(struct mbuf *m) case IPOPT_RR: { struct psref psref; + struct sockaddr_in ipaddr = { + .sin_len = sizeof(ipaddr), + .sin_family = AF_INET, + }; + if (optlen < IPOPT_OFFSET + sizeof(*cp)) { code = &cp[IPOPT_OLEN] - (u_char *)ip; goto bad; @@ -1089,6 +1082,10 @@ ip_dooptions(struct mbuf *m) case IPOPT_TS_TSANDADDR: { struct ifnet *rcvif; int _s, _ss; + struct sockaddr_in ipaddr = { + .sin_len = sizeof(ipaddr), + .sin_family = AF_INET, + }; if (ipt->ipt_ptr - 1 + sizeof(n_time) + sizeof(struct in_addr) > ipt->ipt_len) { @@ -1116,7 +1113,12 @@ ip_dooptions(struct mbuf *m) break; } - case IPOPT_TS_PRESPEC: + case IPOPT_TS_PRESPEC: { + struct sockaddr_in ipaddr = { + .sin_len = sizeof(ipaddr), + .sin_family = AF_INET, + }; + if (ipt->ipt_ptr - 1 + sizeof(n_time) + sizeof(struct in_addr) > ipt->ipt_len) { code = (u_char *)&ipt->ipt_ptr - @@ -1134,6 +1136,7 @@ ip_dooptions(struct mbuf *m) pserialize_read_exit(s); ipt->ipt_ptr += sizeof(struct in_addr); break; + } default: /* XXX can't take &ipt->ipt_flg */ @@ -1187,6 +1190,7 @@ ip_rtaddr(struct in_addr dst, struct psr struct sockaddr dst; struct sockaddr_in dst4; } u; + struct route *ro; sockaddr_in_init(&u.dst4, &dst, 0); @@ -1209,16 +1213,25 @@ ip_rtaddr(struct in_addr dst, struct psr * up later by ip_srcroute if the receiver is interested. */ static void -save_rte(u_char *option, struct in_addr dst) +save_rte(struct mbuf *m, u_char *option, struct in_addr dst) { + struct ip_srcrt *isr; + struct m_tag *mtag; unsigned olen; olen = option[IPOPT_OLEN]; - if (olen > sizeof(ip_srcrt) - (1 + sizeof(dst))) + if (olen > sizeof(isr->isr_hdr) + sizeof(isr->isr_routes)) return; - memcpy((void *)ip_srcrt.srcopt, (void *)option, olen); - ip_nhops = (olen - IPOPT_OFFSET - 1) / sizeof(struct in_addr); - ip_srcrt.dst = dst; + + mtag = m_tag_get(PACKET_TAG_SRCROUTE, sizeof(*isr), M_NOWAIT); + if (mtag == NULL) + return; + isr = (struct ip_srcrt *)(mtag + 1); + + memcpy(isr->isr_hdr, option, olen); + isr->isr_nhops = (olen - IPOPT_OFFSET - 1) / sizeof(struct in_addr); + isr->isr_dst = dst; + m_tag_prepend(m, mtag); } /* @@ -1227,36 +1240,43 @@ save_rte(u_char *option, struct in_addr * The first hop is placed before the options, will be removed later. */ struct mbuf * -ip_srcroute(void) +ip_srcroute(struct mbuf *m0) { struct in_addr *p, *q; struct mbuf *m; + struct ip_srcrt *isr; + struct m_tag *mtag; - if (ip_nhops == 0) + mtag = m_tag_find(m0, PACKET_TAG_SRCROUTE, NULL); + if (mtag == NULL) return NULL; + isr = (struct ip_srcrt *)(mtag + 1); + + if (isr->isr_nhops == 0) + return NULL; + m = m_get(M_DONTWAIT, MT_SOOPTS); - if (m == 0) + if (m == NULL) return NULL; MCLAIM(m, &inetdomain.dom_mowner); -#define OPTSIZ (sizeof(ip_srcrt.nop) + sizeof(ip_srcrt.srcopt)) +#define OPTSIZ (sizeof(isr->isr_nop) + sizeof(isr->isr_hdr)) - /* length is (nhops+1)*sizeof(addr) + sizeof(nop + srcrt header) */ - m->m_len = ip_nhops * sizeof(struct in_addr) + sizeof(struct in_addr) + - OPTSIZ; + /* length is (nhops+1)*sizeof(addr) + sizeof(nop + header) */ + m->m_len = (isr->isr_nhops + 1) * sizeof(struct in_addr) + OPTSIZ; /* * First save first hop for return route */ - p = &ip_srcrt.route[ip_nhops - 1]; + p = &(isr->isr_routes[isr->isr_nhops - 1]); *(mtod(m, struct in_addr *)) = *p--; /* * Copy option fields and padding (nop) to mbuf. */ - ip_srcrt.nop = IPOPT_NOP; - ip_srcrt.srcopt[IPOPT_OFFSET] = IPOPT_MINOFF; - memmove(mtod(m, char *) + sizeof(struct in_addr), &ip_srcrt.nop, + isr->isr_nop = IPOPT_NOP; + isr->isr_hdr[IPOPT_OFFSET] = IPOPT_MINOFF; + memmove(mtod(m, char *) + sizeof(struct in_addr), &isr->isr_nop, OPTSIZ); q = (struct in_addr *)(mtod(m, char *) + sizeof(struct in_addr) + OPTSIZ); @@ -1265,14 +1285,15 @@ ip_srcroute(void) * Record return path as an IP source route, * reversing the path (pointers are now aligned). */ - while (p >= ip_srcrt.route) { + while (p >= isr->isr_routes) { *q++ = *p--; } /* * Last hop goes to final destination. */ - *q = ip_srcrt.dst; - return (m); + *q = isr->isr_dst; + m_tag_delete(m0, mtag); + return m; } const int inetctlerrmap[PRC_NCMDS] = { @@ -1329,6 +1350,7 @@ ip_forward(struct mbuf *m, int srcrt, st struct sockaddr_in dst4; } u; uint64_t *ips; + struct route *ro; KASSERTMSG(cpu_softintr_p(), "ip_forward: not in the software " "interrupt handler; synchronization assumptions violated"); @@ -1405,7 +1427,7 @@ ip_forward(struct mbuf *m, int srcrt, st } rtcache_unref(rt, ro); - error = ip_output(m, NULL, &ipforward_rt, + error = ip_output(m, NULL, ro, (IP_FORWARDING | (ip_directedbcast ? IP_ALLOWBROADCAST : 0)), NULL, NULL); @@ -1427,7 +1449,7 @@ ip_forward(struct mbuf *m, int srcrt, st if (mcopy) { #ifdef GATEWAY if (mcopy->m_flags & M_CANFASTFWD) - ipflow_create(&ipforward_rt, mcopy); + ipflow_create(ro, mcopy); #endif m_freem(mcopy); } @@ -1501,27 +1523,9 @@ ip_savecontrol(struct inpcb *inp, struct if (__predict_false(ifp == NULL)) return; /* XXX should report error? */ - if (so->so_options & SO_TIMESTAMP -#ifdef SO_OTIMESTAMP - || so->so_options & SO_OTIMESTAMP -#endif - ) { - struct timeval tv; - - microtime(&tv); -#ifdef SO_OTIMESTAMP - if (so->so_options & SO_OTIMESTAMP) { - struct timeval50 tv50; - timeval_to_timeval50(&tv, &tv50); - *mp = sbcreatecontrol((void *) &tv50, sizeof(tv50), - SCM_OTIMESTAMP, SOL_SOCKET); - } else -#endif - *mp = sbcreatecontrol((void *) &tv, sizeof(tv), - SCM_TIMESTAMP, SOL_SOCKET); - if (*mp) - mp = &(*mp)->m_next; - } + if (SOOPT_TIMESTAMP(so->so_options)) + mp = sbsavetimestamp(so->so_options, m, mp); + if (inpflags & INP_RECVDSTADDR) { *mp = sbcreatecontrol((void *) &ip->ip_dst, sizeof(struct in_addr), IP_RECVDSTADDR, IPPROTO_IP);