Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v rcsdiff: /ftp/cvs/cvsroot/src/sys/netinet/ip_input.c,v: warning: Unknown phrases like `commitid ...;' are present. retrieving revision 1.66 retrieving revision 1.79 diff -u -p -r1.66 -r1.79 --- src/sys/netinet/ip_input.c 1998/05/24 20:14:53 1.66 +++ src/sys/netinet/ip_input.c 1999/01/19 23:03:21 1.79 @@ -1,4 +1,4 @@ -/* $NetBSD: ip_input.c,v 1.66 1998/05/24 20:14:53 thorpej Exp $ */ +/* $NetBSD: ip_input.c,v 1.79 1999/01/19 23:03:21 mycroft Exp $ */ /*- * Copyright (c) 1998 The NetBSD Foundation, Inc. @@ -73,6 +73,7 @@ */ #include "opt_gateway.h" +#include "opt_pfil_hooks.h" #include "opt_mrouting.h" #include @@ -87,6 +88,7 @@ #include #include #include +#include #include #include @@ -162,7 +164,61 @@ struct ifqueue ipintrq; struct ipstat ipstat; u_int16_t ip_id; int ip_defttl; + struct ipqhead ipq; +int ipq_locked; + +static __inline int ipq_lock_try __P((void)); +static __inline void ipq_unlock __P((void)); + +static __inline int +ipq_lock_try() +{ + int s; + + s = splimp(); + if (ipq_locked) { + splx(s); + return (0); + } + ipq_locked = 1; + splx(s); + return (1); +} + +static __inline void +ipq_unlock() +{ + int s; + + s = splimp(); + ipq_locked = 0; + splx(s); +} + +#ifdef DIAGNOSTIC +#define IPQ_LOCK() \ +do { \ + if (ipq_lock_try() == 0) { \ + printf("%s:%d: ipq already locked\n", __FILE__, __LINE__); \ + panic("ipq_lock"); \ + } \ +} while (0) +#define IPQ_LOCK_CHECK() \ +do { \ + if (ipq_locked == 0) { \ + printf("%s:%d: ipq lock not held\n", __FILE__, __LINE__); \ + panic("ipq lock check"); \ + } \ +} while (0) +#else +#define IPQ_LOCK() (void) ipq_lock_try() +#define IPQ_LOCK_CHECK() /* nothing */ +#endif + +#define IPQ_UNLOCK() ipq_unlock() + +struct pool ipqent_pool; /* * We need to save the IP options in case a protocol wants to respond @@ -191,6 +247,9 @@ ip_init() register struct protosw *pr; register int i; + pool_init(&ipqent_pool, sizeof(struct ipqent), 0, 0, 0, "ipqepl", + 0, NULL, NULL, M_IPQ); + pr = pffindproto(PF_INET, IPPROTO_RAW, SOCK_RAW); if (pr == 0) panic("ip_init"); @@ -210,6 +269,9 @@ ip_init() if (ip_mtudisc != 0) ip_mtudisc_timeout_q = rt_timer_queue_create(ip_mtudisc_timeout); +#ifdef GATEWAY + ipflow_init(); +#endif } struct sockaddr_in ipaddr = { sizeof(ipaddr), AF_INET }; @@ -278,7 +340,7 @@ next: } ip = mtod(m, struct ip *); } - if ((ip->ip_sum = in_cksum(m, hlen)) != 0) { + if (in_cksum(m, hlen) != 0) { ipstat.ips_badsum++; goto bad; } @@ -329,7 +391,10 @@ next: rv = pfh->pfil_func(ip, hlen, m->m_pkthdr.rcvif, 0, &m0); if (rv) goto next; - ip = mtod(m = m0, struct ip *); + m = m0; + if (m == NULL) + goto next; + ip = mtod(m, struct ip *); } #endif /* PFIL_HOOKS */ @@ -453,6 +518,7 @@ ours: * Look for queue of fragments * of this datagram. */ + IPQ_LOCK(); for (fp = ipq.lh_first; fp != NULL; fp = fp->ipq_q.le_next) if (ip->ip_id == fp->ipq_id && in_hosteq(ip->ip_src, fp->ipq_src) && @@ -476,6 +542,7 @@ found: */ if (ip->ip_len == 0 || (ip->ip_len & 0x7) != 0) { ipstat.ips_badfrags++; + IPQ_UNLOCK(); goto bad; } } @@ -488,25 +555,29 @@ found: */ if (mff || ip->ip_off) { ipstat.ips_fragments++; - MALLOC(ipqe, struct ipqent *, sizeof (struct ipqent), - M_IPQ, M_NOWAIT); + ipqe = pool_get(&ipqent_pool, PR_NOWAIT); if (ipqe == NULL) { ipstat.ips_rcvmemdrop++; + IPQ_UNLOCK(); goto bad; } ipqe->ipqe_mff = mff; ipqe->ipqe_m = m; ipqe->ipqe_ip = ip; m = ip_reass(ipqe, fp); - if (m == 0) + if (m == 0) { + IPQ_UNLOCK(); goto next; + } ipstat.ips_reassembled++; ip = mtod(m, struct ip *); + hlen = ip->ip_hl << 2; + ip->ip_len += hlen; } else if (fp) ip_freef(fp); - } else - ip->ip_len -= hlen; + IPQ_UNLOCK(); + } /* * Switch out to protocol's input routine. @@ -537,6 +608,8 @@ ip_reass(ipqe, fp) int hlen = ipqe->ipqe_ip->ip_hl << 2; int i, next; + IPQ_LOCK_CHECK(); + /* * Presence of header sizes in mbufs * would confuse code below. @@ -605,7 +678,7 @@ ip_reass(ipqe, fp) nq = q->ipqe_q.le_next; m_freem(q->ipqe_m); LIST_REMOVE(q, ipqe_q); - FREE(q, M_IPQ); + pool_put(&ipqent_pool, q); } insert: @@ -644,11 +717,11 @@ insert: m->m_next = 0; m_cat(m, t); nq = q->ipqe_q.le_next; - FREE(q, M_IPQ); + pool_put(&ipqent_pool, q); for (q = nq; q != NULL; q = nq) { t = q->ipqe_m; nq = q->ipqe_q.le_next; - FREE(q, M_IPQ); + pool_put(&ipqent_pool, q); m_cat(m, t); } @@ -677,7 +750,7 @@ insert: dropfrag: ipstat.ips_fragdropped++; m_freem(m); - FREE(ipqe, M_IPQ); + pool_put(&ipqent_pool, ipqe); return (0); } @@ -691,11 +764,13 @@ ip_freef(fp) { register struct ipqent *q, *p; + IPQ_LOCK_CHECK(); + for (q = fp->ipq_fragq.lh_first; q != NULL; q = p) { p = q->ipqe_q.le_next; m_freem(q->ipqe_m); LIST_REMOVE(q, ipqe_q); - FREE(q, M_IPQ); + pool_put(&ipqent_pool, q); } LIST_REMOVE(fp, ipq_q); FREE(fp, M_FTABLE); @@ -712,6 +787,7 @@ ip_slowtimo() register struct ipq *fp, *nfp; int s = splsoftnet(); + IPQ_LOCK(); for (fp = ipq.lh_first; fp != NULL; fp = nfp) { nfp = fp->ipq_q.le_next; if (--fp->ipq_ttl == 0) { @@ -719,6 +795,7 @@ ip_slowtimo() ip_freef(fp); } } + IPQ_UNLOCK(); #ifdef GATEWAY ipflow_slowtimo(); #endif @@ -732,10 +809,19 @@ void ip_drain() { + /* + * We may be called from a device's interrupt context. If + * the ipq is already busy, just bail out now. + */ + if (ipq_lock_try() == 0) + return; + while (ipq.lh_first != NULL) { ipstat.ips_fragdropped++; ip_freef(ipq.lh_first); } + + IPQ_UNLOCK(); } /* @@ -935,7 +1021,6 @@ ip_dooptions(m) } return (0); bad: - ip->ip_len -= ip->ip_hl << 2; /* XXX icmp_error adds in hdr length */ icmp_error(m, type, code, 0, 0); ipstat.ips_badoptions++; return (1); @@ -1078,14 +1163,15 @@ ip_stripoptions(m, mopt) register caddr_t opts; int olen; - olen = (ip->ip_hl<<2) - sizeof (struct ip); + olen = (ip->ip_hl << 2) - sizeof (struct ip); opts = (caddr_t)(ip + 1); i = m->m_len - (sizeof (struct ip) + olen); bcopy(opts + olen, opts, (unsigned)i); m->m_len -= olen; if (m->m_flags & M_PKTHDR) m->m_pkthdr.len -= olen; - ip->ip_hl = sizeof(struct ip) >> 2; + ip->ip_len -= olen; + ip->ip_hl = sizeof (struct ip) >> 2; } int inetctlerrmap[PRC_NCMDS] = { @@ -1127,15 +1213,15 @@ ip_forward(m, srcrt) dest = 0; #ifdef DIAGNOSTIC if (ipprintfs) - printf("forward: src %x dst %x ttl %x\n", - ip->ip_src.s_addr, ip->ip_dst.s_addr, ip->ip_ttl); + printf("forward: src %2.2x dst %2.2x ttl %x\n", + ntohl(ip->ip_src.s_addr), + ntohl(ip->ip_dst.s_addr), ip->ip_ttl); #endif if (m->m_flags & M_BCAST || in_canforward(ip->ip_dst) == 0) { ipstat.ips_cantforward++; m_freem(m); return; } - HTONS(ip->ip_id); if (ip->ip_ttl <= IPTTLDEC) { icmp_error(m, ICMP_TIMXCEED, ICMP_TIMXCEED_INTRANS, dest, 0); return; @@ -1182,16 +1268,20 @@ ip_forward(m, srcrt) if (rt->rt_ifa && (ip->ip_src.s_addr & ifatoia(rt->rt_ifa)->ia_subnetmask) == ifatoia(rt->rt_ifa)->ia_subnet) { - if (rt->rt_flags & RTF_GATEWAY) - dest = satosin(rt->rt_gateway)->sin_addr.s_addr; - else - dest = ip->ip_dst.s_addr; - /* Router requirements says to only send host redirects */ - type = ICMP_REDIRECT; - code = ICMP_REDIRECT_HOST; + if (rt->rt_flags & RTF_GATEWAY) + dest = satosin(rt->rt_gateway)->sin_addr.s_addr; + else + dest = ip->ip_dst.s_addr; + /* + * Router requirements says to only send host + * redirects. + */ + type = ICMP_REDIRECT; + code = ICMP_REDIRECT_HOST; #ifdef DIAGNOSTIC - if (ipprintfs) - printf("redirect (%d) to %x\n", code, (u_int32_t)dest); + if (ipprintfs) + printf("redirect (%d) to %x\n", code, + (u_int32_t)dest); #endif } } @@ -1400,10 +1490,16 @@ ip_sysctl(name, namelen, oldp, oldlenp, return (error); #ifdef GATEWAY case IPCTL_MAXFLOWS: + { + int s; + error = sysctl_int(oldp, oldlenp, newp, newlen, &ip_maxflows); + s = splsoftnet(); ipflow_reap(0); + splx(s); return (error); + } #endif default: return (EOPNOTSUPP);