Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/sys/netinet/raw_ip.c,v rcsdiff: /ftp/cvs/cvsroot/src/sys/netinet/raw_ip.c,v: warning: Unknown phrases like `commitid ...;' are present. retrieving revision 1.145 retrieving revision 1.171.2.3 diff -u -p -r1.145 -r1.171.2.3 --- src/sys/netinet/raw_ip.c 2014/08/09 05:33:01 1.145 +++ src/sys/netinet/raw_ip.c 2018/05/02 07:20:23 1.171.2.3 @@ -1,4 +1,4 @@ -/* $NetBSD: raw_ip.c,v 1.145 2014/08/09 05:33:01 rtr Exp $ */ +/* $NetBSD: raw_ip.c,v 1.171.2.3 2018/05/02 07:20:23 pgoyette Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -65,16 +65,17 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: raw_ip.c,v 1.145 2014/08/09 05:33:01 rtr Exp $"); +__KERNEL_RCSID(0, "$NetBSD: raw_ip.c,v 1.171.2.3 2018/05/02 07:20:23 pgoyette Exp $"); +#ifdef _KERNEL_OPT #include "opt_inet.h" -#include "opt_compat_netbsd.h" #include "opt_ipsec.h" #include "opt_mrouting.h" +#include "opt_net_mpsafe.h" +#endif #include #include -#include #include #include #include @@ -85,7 +86,6 @@ __KERNEL_RCSID(0, "$NetBSD: raw_ip.c,v 1 #include #include -#include #include #include @@ -100,19 +100,13 @@ __KERNEL_RCSID(0, "$NetBSD: raw_ip.c,v 1 #ifdef IPSEC #include -#include -#include -#endif /* IPSEC */ - -#ifdef COMPAT_50 -#include #endif struct inpcbtable rawcbtable; int rip_pcbnotify(struct inpcbtable *, struct in_addr, struct in_addr, int, int, void (*)(struct inpcb *, int)); -int rip_connect_pcb(struct inpcb *, struct mbuf *); +static int rip_connect_pcb(struct inpcb *, struct sockaddr_in *); static void rip_disconnect1(struct inpcb *); static void sysctl_net_inet_raw_setup(struct sysctllog **); @@ -143,23 +137,23 @@ rip_init(void) static void rip_sbappendaddr(struct inpcb *last, struct ip *ip, const struct sockaddr *sa, - int hlen, struct mbuf *opts, struct mbuf *n) + int hlen, struct mbuf *n) { + struct mbuf *opts = NULL; + if (last->inp_flags & INP_NOHEADER) m_adj(n, hlen); - if (last->inp_flags & INP_CONTROLOPTS -#ifdef SO_OTIMESTAMP - || last->inp_socket->so_options & SO_OTIMESTAMP -#endif - || last->inp_socket->so_options & SO_TIMESTAMP) + if (last->inp_flags & INP_CONTROLOPTS || + SOOPT_TIMESTAMP(last->inp_socket->so_options)) ip_savecontrol(last, &opts, ip, n); if (sbappendaddr(&last->inp_socket->so_rcv, sa, n, opts) == 0) { - /* should notify about lost packet */ + soroverflow(last->inp_socket); m_freem(n); if (opts) m_freem(opts); - } else + } else { sorwakeup(last->inp_socket); + } } /* @@ -175,7 +169,7 @@ rip_input(struct mbuf *m, ...) struct inpcb_hdr *inph; struct inpcb *inp; struct inpcb *last = NULL; - struct mbuf *n, *opts = NULL; + struct mbuf *n; struct sockaddr_in ripsrc; va_list ap; @@ -207,36 +201,32 @@ rip_input(struct mbuf *m, ...) if (!in_nullhost(inp->inp_faddr) && !in_hosteq(inp->inp_faddr, ip->ip_src)) continue; - if (last == NULL) + + if (last == NULL) { ; + } #if defined(IPSEC) - /* check AH/ESP integrity. */ - else if (ipsec_used && - ipsec4_in_reject_so(m, last->inp_socket)) { - IPSEC_STATINC(IPSEC_STAT_IN_POLVIO); - /* do not inject data to pcb */ + else if (ipsec_used && ipsec_in_reject(m, last)) { + /* do not inject data into pcb */ } -#endif /*IPSEC*/ +#endif else if ((n = m_copypacket(m, M_DONTWAIT)) != NULL) { - rip_sbappendaddr(last, ip, sintosa(&ripsrc), hlen, opts, - n); - opts = NULL; + rip_sbappendaddr(last, ip, sintosa(&ripsrc), hlen, n); } + last = inp; } + #if defined(IPSEC) - /* check AH/ESP integrity. */ - if (ipsec_used && last != NULL - && ipsec4_in_reject_so(m, last->inp_socket)) { + if (ipsec_used && last != NULL && ipsec_in_reject(m, last)) { m_freem(m); - IPSEC_STATINC(IPSEC_STAT_IN_POLVIO); IP_STATDEC(IP_STAT_DELIVERED); - /* do not inject data to pcb */ + /* do not inject data into pcb */ } else -#endif /*IPSEC*/ - if (last != NULL) - rip_sbappendaddr(last, ip, sintosa(&ripsrc), hlen, opts, m); - else if (inetsw[ip_protox[ip->ip_p]].pr_input == rip_input) { +#endif + if (last != NULL) { + rip_sbappendaddr(last, ip, sintosa(&ripsrc), hlen, m); + } else if (inetsw[ip_protox[ip->ip_p]].pr_input == rip_input) { uint64_t *ips; icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_PROTOCOL, @@ -245,8 +235,10 @@ rip_input(struct mbuf *m, ...) ips[IP_STAT_NOPROTO]++; ips[IP_STAT_DELIVERED]--; IP_STAT_PUTREF(); - } else + } else { m_freem(m); + } + return; } @@ -310,21 +302,30 @@ rip_ctlinput(int cmd, const struct socka * Tack on options user may have setup with control call. */ int -rip_output(struct mbuf *m, ...) +rip_output(struct mbuf *m, struct inpcb *inp, struct mbuf *control, + struct lwp *l) { - struct inpcb *inp; struct ip *ip; struct mbuf *opts; - int flags; - va_list ap; - - va_start(ap, m); - inp = va_arg(ap, struct inpcb *); - va_end(ap); - - flags = - (inp->inp_socket->so_options & SO_DONTROUTE) | IP_ALLOWBROADCAST - | IP_RETURNMTU; + struct ip_pktopts pktopts; + kauth_cred_t cred; + int error, flags; + + flags = (inp->inp_socket->so_options & SO_DONTROUTE) | + IP_ALLOWBROADCAST | IP_RETURNMTU; + + if (l == NULL) + cred = NULL; + else + cred = l->l_cred; + + /* Setup IP outgoing packet options */ + memset(&pktopts, 0, sizeof(pktopts)); + error = ip_setpktopts(control, &pktopts, &flags, inp, cred); + if (control != NULL) + m_freem(control); + if (error != 0) + goto release; /* * If the user handed us a complete IP packet, use it. @@ -332,25 +333,27 @@ rip_output(struct mbuf *m, ...) */ if ((inp->inp_flags & INP_HDRINCL) == 0) { if ((m->m_pkthdr.len + sizeof(struct ip)) > IP_MAXPACKET) { - m_freem(m); - return (EMSGSIZE); + error = EMSGSIZE; + goto release; } M_PREPEND(m, sizeof(struct ip), M_DONTWAIT); - if (!m) - return (ENOBUFS); + if (!m) { + error = ENOBUFS; + goto release; + } ip = mtod(m, struct ip *); ip->ip_tos = 0; ip->ip_off = htons(0); ip->ip_p = inp->inp_ip.ip_p; ip->ip_len = htons(m->m_pkthdr.len); - ip->ip_src = inp->inp_laddr; + ip->ip_src = pktopts.ippo_laddr.sin_addr; ip->ip_dst = inp->inp_faddr; ip->ip_ttl = MAXTTL; opts = inp->inp_options; } else { if (m->m_pkthdr.len > IP_MAXPACKET) { - m_freem(m); - return (EMSGSIZE); + error = EMSGSIZE; + goto release; } ip = mtod(m, struct ip *); @@ -363,15 +366,17 @@ rip_output(struct mbuf *m, ...) int hlen = ip->ip_hl << 2; m = m_copyup(m, hlen, (max_linkhdr + 3) & ~3); - if (m == NULL) - return (ENOMEM); /* XXX */ + if (m == NULL) { + error = ENOMEM; /* XXX */ + goto release; + } ip = mtod(m, struct ip *); } /* XXX userland passes ip_len and ip_off in host order */ if (m->m_pkthdr.len != ip->ip_len) { - m_freem(m); - return (EINVAL); + error = EINVAL; + goto release; } HTONS(ip->ip_len); HTONS(ip->ip_off); @@ -387,8 +392,13 @@ rip_output(struct mbuf *m, ...) * IP output. Note: if IP_RETURNMTU flag is set, the MTU size * will be stored in inp_errormtu. */ - return ip_output(m, opts, &inp->inp_route, flags, inp->inp_moptions, - inp->inp_socket); + return ip_output(m, opts, &inp->inp_route, flags, pktopts.ippo_imo, + inp); + + release: + if (m != NULL) + m_freem(m); + return error; } /* @@ -481,13 +491,10 @@ rip_ctloutput(int op, struct socket *so, } int -rip_connect_pcb(struct inpcb *inp, struct mbuf *nam) +rip_connect_pcb(struct inpcb *inp, struct sockaddr_in *addr) { - struct sockaddr_in *addr = mtod(nam, struct sockaddr_in *); - if (nam->m_len != sizeof(*addr)) - return (EINVAL); - if (IFNET_EMPTY()) + if (IFNET_READER_EMPTY()) return (EADDRNOTAVAIL); if (addr->sin_family != AF_INET) return (EAFNOSUPPORT); @@ -548,7 +555,7 @@ rip_detach(struct socket *so) } static int -rip_accept(struct socket *so, struct mbuf *nam) +rip_accept(struct socket *so, struct sockaddr *nam) { KASSERT(solocked(so)); @@ -558,24 +565,23 @@ rip_accept(struct socket *so, struct mbu } static int -rip_bind(struct socket *so, struct mbuf *nam, struct lwp *l) +rip_bind(struct socket *so, struct sockaddr *nam, struct lwp *l) { struct inpcb *inp = sotoinpcb(so); - struct sockaddr_in *addr; + struct sockaddr_in *addr = (struct sockaddr_in *)nam; int error = 0; - int s; + int s, ss; + struct ifaddr *ifa; KASSERT(solocked(so)); KASSERT(inp != NULL); KASSERT(nam != NULL); + if (addr->sin_len != sizeof(*addr)) + return EINVAL; + s = splsoftnet(); - addr = mtod(nam, struct sockaddr_in *); - if (nam->m_len != sizeof(*addr)) { - error = EINVAL; - goto release; - } - if (IFNET_EMPTY()) { + if (IFNET_READER_EMPTY()) { error = EADDRNOTAVAIL; goto release; } @@ -583,11 +589,21 @@ rip_bind(struct socket *so, struct mbuf error = EAFNOSUPPORT; goto release; } - if (!in_nullhost(addr->sin_addr) && - ifa_ifwithaddr(sintosa(addr)) == 0) { + ss = pserialize_read_enter(); + if ((ifa = ifa_ifwithaddr(sintosa(addr))) == NULL && + !in_nullhost(addr->sin_addr)) + { + pserialize_read_exit(ss); + error = EADDRNOTAVAIL; + goto release; + } + if (ifa && (ifatoia(ifa))->ia4_flags & IN6_IFF_DUPLICATED) { + pserialize_read_exit(ss); error = EADDRNOTAVAIL; goto release; } + pserialize_read_exit(ss); + inp->inp_laddr = addr->sin_addr; release: @@ -604,7 +620,7 @@ rip_listen(struct socket *so, struct lwp } static int -rip_connect(struct socket *so, struct mbuf *nam, struct lwp *l) +rip_connect(struct socket *so, struct sockaddr *nam, struct lwp *l) { struct inpcb *inp = sotoinpcb(so); int error = 0; @@ -615,7 +631,7 @@ rip_connect(struct socket *so, struct mb KASSERT(nam != NULL); s = splsoftnet(); - error = rip_connect_pcb(inp, nam); + error = rip_connect_pcb(inp, (struct sockaddr_in *)nam); if (! error) soisconnected(so); splx(s); @@ -691,7 +707,7 @@ rip_stat(struct socket *so, struct stat } static int -rip_peeraddr(struct socket *so, struct mbuf *nam) +rip_peeraddr(struct socket *so, struct sockaddr *nam) { int s; @@ -700,14 +716,14 @@ rip_peeraddr(struct socket *so, struct m KASSERT(nam != NULL); s = splsoftnet(); - in_setpeeraddr(sotoinpcb(so), nam); + in_setpeeraddr(sotoinpcb(so), (struct sockaddr_in *)nam); splx(s); return 0; } static int -rip_sockaddr(struct socket *so, struct mbuf *nam) +rip_sockaddr(struct socket *so, struct sockaddr *nam) { int s; @@ -716,7 +732,7 @@ rip_sockaddr(struct socket *so, struct m KASSERT(nam != NULL); s = splsoftnet(); - in_setsockaddr(sotoinpcb(so), nam); + in_setsockaddr(sotoinpcb(so), (struct sockaddr_in *)nam); splx(s); return 0; @@ -739,7 +755,7 @@ rip_recvoob(struct socket *so, struct mb } static int -rip_send(struct socket *so, struct mbuf *m, struct mbuf *nam, +rip_send(struct socket *so, struct mbuf *m, struct sockaddr *nam, struct mbuf *control, struct lwp *l) { struct inpcb *inp = sotoinpcb(so); @@ -754,34 +770,31 @@ rip_send(struct socket *so, struct mbuf * Ship a packet out. The appropriate raw output * routine handles any massaging necessary. */ - if (control && control->m_len) { - m_freem(control); - m_freem(m); - return EINVAL; - } - s = splsoftnet(); if (nam) { if ((so->so_state & SS_ISCONNECTED) != 0) { error = EISCONN; goto die; } - error = rip_connect_pcb(inp, nam); - if (error) { - die: - m_freem(m); - splx(s); - return error; - } + error = rip_connect_pcb(inp, (struct sockaddr_in *)nam); + if (error) + goto die; } else { if ((so->so_state & SS_ISCONNECTED) == 0) { error = ENOTCONN; goto die; } } - error = rip_output(m, inp); + error = rip_output(m, inp, control, l); + m = NULL; + control = NULL; if (nam) rip_disconnect1(inp); + die: + if (m != NULL) + m_freem(m); + if (control != NULL) + m_freem(control); splx(s); return error; @@ -806,7 +819,13 @@ rip_purgeif(struct socket *so, struct if s = splsoftnet(); mutex_enter(softnet_lock); in_pcbpurgeif0(&rawcbtable, ifp); +#ifdef NET_MPSAFE + mutex_exit(softnet_lock); +#endif in_purgeif(ifp); +#ifdef NET_MPSAFE + mutex_enter(softnet_lock); +#endif in_pcbpurgeif(&rawcbtable, ifp); mutex_exit(softnet_lock); splx(s); @@ -814,40 +833,6 @@ rip_purgeif(struct socket *so, struct if return 0; } -int -rip_usrreq(struct socket *so, int req, struct mbuf *m, struct mbuf *nam, - struct mbuf *control, struct lwp *l) -{ - KASSERT(req != PRU_ATTACH); - KASSERT(req != PRU_DETACH); - KASSERT(req != PRU_ACCEPT); - KASSERT(req != PRU_BIND); - KASSERT(req != PRU_LISTEN); - KASSERT(req != PRU_CONNECT); - KASSERT(req != PRU_CONNECT2); - KASSERT(req != PRU_DISCONNECT); - KASSERT(req != PRU_SHUTDOWN); - KASSERT(req != PRU_ABORT); - KASSERT(req != PRU_CONTROL); - KASSERT(req != PRU_SENSE); - KASSERT(req != PRU_PEERADDR); - KASSERT(req != PRU_SOCKADDR); - KASSERT(req != PRU_RCVD); - KASSERT(req != PRU_RCVOOB); - KASSERT(req != PRU_SEND); - KASSERT(req != PRU_SENDOOB); - KASSERT(req != PRU_PURGEIF); - - KASSERT(solocked(so)); - - if (sotoinpcb(so) == NULL) - return EINVAL; - - panic("rip_usrreq"); - - return 0; -} - PR_WRAP_USRREQS(rip) #define rip_attach rip_attach_wrapper #define rip_detach rip_detach_wrapper @@ -868,7 +853,6 @@ PR_WRAP_USRREQS(rip) #define rip_send rip_send_wrapper #define rip_sendoob rip_sendoob_wrapper #define rip_purgeif rip_purgeif_wrapper -#define rip_usrreq rip_usrreq_wrapper const struct pr_usrreqs rip_usrreqs = { .pr_attach = rip_attach, @@ -890,7 +874,6 @@ const struct pr_usrreqs rip_usrreqs = { .pr_send = rip_send, .pr_sendoob = rip_sendoob, .pr_purgeif = rip_purgeif, - .pr_generic = rip_usrreq, }; static void