version 1.161, 2016/09/29 12:19:47 |
version 1.171.2.4, 2018/05/21 04:36:16 |
Line 69 __KERNEL_RCSID(0, "$NetBSD$"); |
|
Line 69 __KERNEL_RCSID(0, "$NetBSD$"); |
|
|
|
#ifdef _KERNEL_OPT |
#ifdef _KERNEL_OPT |
#include "opt_inet.h" |
#include "opt_inet.h" |
#include "opt_compat_netbsd.h" |
|
#include "opt_ipsec.h" |
#include "opt_ipsec.h" |
#include "opt_mrouting.h" |
#include "opt_mrouting.h" |
|
#include "opt_net_mpsafe.h" |
#endif |
#endif |
|
|
#include <sys/param.h> |
#include <sys/param.h> |
Line 100 __KERNEL_RCSID(0, "$NetBSD$"); |
|
Line 100 __KERNEL_RCSID(0, "$NetBSD$"); |
|
|
|
#ifdef IPSEC |
#ifdef IPSEC |
#include <netipsec/ipsec.h> |
#include <netipsec/ipsec.h> |
#include <netipsec/ipsec_var.h> |
|
#include <netipsec/ipsec_private.h> |
|
#endif /* IPSEC */ |
|
|
|
#ifdef COMPAT_50 |
|
#include <compat/sys/socket.h> |
|
#endif |
#endif |
|
|
struct inpcbtable rawcbtable; |
struct inpcbtable rawcbtable; |
|
|
|
|
static void |
static void |
rip_sbappendaddr(struct inpcb *last, struct ip *ip, const struct sockaddr *sa, |
rip_sbappendaddr(struct inpcb *last, struct ip *ip, const struct sockaddr *sa, |
int hlen, struct mbuf *opts, struct mbuf *n) |
int hlen, struct mbuf *n) |
{ |
{ |
|
struct mbuf *opts = NULL; |
|
|
if (last->inp_flags & INP_NOHEADER) |
if (last->inp_flags & INP_NOHEADER) |
m_adj(n, hlen); |
m_adj(n, hlen); |
if (last->inp_flags & INP_CONTROLOPTS |
if (last->inp_flags & INP_CONTROLOPTS || |
#ifdef SO_OTIMESTAMP |
SOOPT_TIMESTAMP(last->inp_socket->so_options)) |
|| last->inp_socket->so_options & SO_OTIMESTAMP |
|
#endif |
|
|| last->inp_socket->so_options & SO_TIMESTAMP) |
|
ip_savecontrol(last, &opts, ip, n); |
ip_savecontrol(last, &opts, ip, n); |
if (sbappendaddr(&last->inp_socket->so_rcv, sa, n, opts) == 0) { |
if (sbappendaddr(&last->inp_socket->so_rcv, sa, n, opts) == 0) { |
/* should notify about lost packet */ |
soroverflow(last->inp_socket); |
m_freem(n); |
m_freem(n); |
if (opts) |
if (opts) |
m_freem(opts); |
m_freem(opts); |
} else |
} else { |
sorwakeup(last->inp_socket); |
sorwakeup(last->inp_socket); |
|
} |
} |
} |
|
|
/* |
/* |
Line 175 rip_input(struct mbuf *m, ...) |
|
Line 169 rip_input(struct mbuf *m, ...) |
|
struct inpcb_hdr *inph; |
struct inpcb_hdr *inph; |
struct inpcb *inp; |
struct inpcb *inp; |
struct inpcb *last = NULL; |
struct inpcb *last = NULL; |
struct mbuf *n, *opts = NULL; |
struct mbuf *n; |
struct sockaddr_in ripsrc; |
struct sockaddr_in ripsrc; |
va_list ap; |
va_list ap; |
|
|
Line 207 rip_input(struct mbuf *m, ...) |
|
Line 201 rip_input(struct mbuf *m, ...) |
|
if (!in_nullhost(inp->inp_faddr) && |
if (!in_nullhost(inp->inp_faddr) && |
!in_hosteq(inp->inp_faddr, ip->ip_src)) |
!in_hosteq(inp->inp_faddr, ip->ip_src)) |
continue; |
continue; |
if (last == NULL) |
|
|
if (last == NULL) { |
; |
; |
|
} |
#if defined(IPSEC) |
#if defined(IPSEC) |
/* check AH/ESP integrity. */ |
else if (ipsec_used && ipsec_in_reject(m, last)) { |
else if (ipsec_used && |
/* do not inject data into pcb */ |
ipsec4_in_reject_so(m, last->inp_socket)) { |
|
IPSEC_STATINC(IPSEC_STAT_IN_POLVIO); |
|
/* do not inject data to pcb */ |
|
} |
} |
#endif /*IPSEC*/ |
#endif |
else if ((n = m_copypacket(m, M_DONTWAIT)) != NULL) { |
else if ((n = m_copypacket(m, M_DONTWAIT)) != NULL) { |
rip_sbappendaddr(last, ip, sintosa(&ripsrc), hlen, opts, |
rip_sbappendaddr(last, ip, sintosa(&ripsrc), hlen, n); |
n); |
|
opts = NULL; |
|
} |
} |
|
|
last = inp; |
last = inp; |
} |
} |
|
|
#if defined(IPSEC) |
#if defined(IPSEC) |
/* check AH/ESP integrity. */ |
if (ipsec_used && last != NULL && ipsec_in_reject(m, last)) { |
if (ipsec_used && last != NULL |
|
&& ipsec4_in_reject_so(m, last->inp_socket)) { |
|
m_freem(m); |
m_freem(m); |
IPSEC_STATINC(IPSEC_STAT_IN_POLVIO); |
|
IP_STATDEC(IP_STAT_DELIVERED); |
IP_STATDEC(IP_STAT_DELIVERED); |
/* do not inject data to pcb */ |
/* do not inject data into pcb */ |
} else |
} else |
#endif /*IPSEC*/ |
#endif |
if (last != NULL) |
if (last != NULL) { |
rip_sbappendaddr(last, ip, sintosa(&ripsrc), hlen, opts, m); |
rip_sbappendaddr(last, ip, sintosa(&ripsrc), hlen, m); |
else if (inetsw[ip_protox[ip->ip_p]].pr_input == rip_input) { |
} else if (inetsw[ip_protox[ip->ip_p]].pr_input == rip_input) { |
uint64_t *ips; |
uint64_t *ips; |
|
|
icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_PROTOCOL, |
icmp_error(m, ICMP_UNREACH, ICMP_UNREACH_PROTOCOL, |
Line 245 rip_input(struct mbuf *m, ...) |
|
Line 235 rip_input(struct mbuf *m, ...) |
|
ips[IP_STAT_NOPROTO]++; |
ips[IP_STAT_NOPROTO]++; |
ips[IP_STAT_DELIVERED]--; |
ips[IP_STAT_DELIVERED]--; |
IP_STAT_PUTREF(); |
IP_STAT_PUTREF(); |
} else |
} else { |
m_freem(m); |
m_freem(m); |
|
} |
|
|
return; |
return; |
} |
} |
|
|
Line 310 rip_ctlinput(int cmd, const struct socka |
|
Line 302 rip_ctlinput(int cmd, const struct socka |
|
* Tack on options user may have setup with control call. |
* Tack on options user may have setup with control call. |
*/ |
*/ |
int |
int |
rip_output(struct mbuf *m, struct inpcb *inp) |
rip_output(struct mbuf *m, struct inpcb *inp, struct mbuf *control, |
|
struct lwp *l) |
{ |
{ |
struct ip *ip; |
struct ip *ip; |
struct mbuf *opts; |
struct mbuf *opts; |
int flags; |
struct ip_pktopts pktopts; |
|
kauth_cred_t cred; |
flags = |
int error, flags; |
(inp->inp_socket->so_options & SO_DONTROUTE) | IP_ALLOWBROADCAST |
|
| IP_RETURNMTU; |
flags = (inp->inp_socket->so_options & SO_DONTROUTE) | |
|
IP_ALLOWBROADCAST | IP_RETURNMTU; |
|
|
|
if (l == NULL) |
|
cred = NULL; |
|
else |
|
cred = l->l_cred; |
|
|
|
/* Setup IP outgoing packet options */ |
|
memset(&pktopts, 0, sizeof(pktopts)); |
|
error = ip_setpktopts(control, &pktopts, &flags, inp, cred); |
|
if (control != NULL) |
|
m_freem(control); |
|
if (error != 0) |
|
goto release; |
|
|
/* |
/* |
* If the user handed us a complete IP packet, use it. |
* If the user handed us a complete IP packet, use it. |
Line 326 rip_output(struct mbuf *m, struct inpcb |
|
Line 333 rip_output(struct mbuf *m, struct inpcb |
|
*/ |
*/ |
if ((inp->inp_flags & INP_HDRINCL) == 0) { |
if ((inp->inp_flags & INP_HDRINCL) == 0) { |
if ((m->m_pkthdr.len + sizeof(struct ip)) > IP_MAXPACKET) { |
if ((m->m_pkthdr.len + sizeof(struct ip)) > IP_MAXPACKET) { |
m_freem(m); |
error = EMSGSIZE; |
return (EMSGSIZE); |
goto release; |
} |
} |
M_PREPEND(m, sizeof(struct ip), M_DONTWAIT); |
M_PREPEND(m, sizeof(struct ip), M_DONTWAIT); |
if (!m) |
if (!m) { |
return (ENOBUFS); |
error = ENOBUFS; |
|
goto release; |
|
} |
ip = mtod(m, struct ip *); |
ip = mtod(m, struct ip *); |
ip->ip_tos = 0; |
ip->ip_tos = 0; |
ip->ip_off = htons(0); |
ip->ip_off = htons(0); |
ip->ip_p = inp->inp_ip.ip_p; |
ip->ip_p = inp->inp_ip.ip_p; |
ip->ip_len = htons(m->m_pkthdr.len); |
ip->ip_len = htons(m->m_pkthdr.len); |
ip->ip_src = inp->inp_laddr; |
ip->ip_src = pktopts.ippo_laddr.sin_addr; |
ip->ip_dst = inp->inp_faddr; |
ip->ip_dst = inp->inp_faddr; |
ip->ip_ttl = MAXTTL; |
ip->ip_ttl = MAXTTL; |
opts = inp->inp_options; |
opts = inp->inp_options; |
} else { |
} else { |
if (m->m_pkthdr.len > IP_MAXPACKET) { |
if (m->m_pkthdr.len > IP_MAXPACKET) { |
m_freem(m); |
error = EMSGSIZE; |
return (EMSGSIZE); |
goto release; |
|
} |
|
if (m->m_pkthdr.len < sizeof(struct ip)) { |
|
error = EINVAL; |
|
goto release; |
} |
} |
ip = mtod(m, struct ip *); |
ip = mtod(m, struct ip *); |
|
|
Line 357 rip_output(struct mbuf *m, struct inpcb |
|
Line 370 rip_output(struct mbuf *m, struct inpcb |
|
int hlen = ip->ip_hl << 2; |
int hlen = ip->ip_hl << 2; |
|
|
m = m_copyup(m, hlen, (max_linkhdr + 3) & ~3); |
m = m_copyup(m, hlen, (max_linkhdr + 3) & ~3); |
if (m == NULL) |
if (m == NULL) { |
return (ENOMEM); /* XXX */ |
error = ENOMEM; |
|
goto release; |
|
} |
ip = mtod(m, struct ip *); |
ip = mtod(m, struct ip *); |
} |
} |
|
|
/* XXX userland passes ip_len and ip_off in host order */ |
/* XXX userland passes ip_len and ip_off in host order */ |
if (m->m_pkthdr.len != ip->ip_len) { |
if (m->m_pkthdr.len != ip->ip_len) { |
m_freem(m); |
error = EINVAL; |
return (EINVAL); |
goto release; |
} |
} |
HTONS(ip->ip_len); |
HTONS(ip->ip_len); |
HTONS(ip->ip_off); |
HTONS(ip->ip_off); |
|
|
if (ip->ip_id != 0 || m->m_pkthdr.len < IP_MINFRAGSIZE) |
if (ip->ip_id != 0 || m->m_pkthdr.len < IP_MINFRAGSIZE) |
flags |= IP_NOIPNEWID; |
flags |= IP_NOIPNEWID; |
opts = NULL; |
opts = NULL; |
/* XXX prevent ip_output from overwriting header fields */ |
|
|
/* Prevent ip_output from overwriting header fields. */ |
flags |= IP_RAWOUTPUT; |
flags |= IP_RAWOUTPUT; |
|
|
IP_STATINC(IP_STAT_RAWOUT); |
IP_STATINC(IP_STAT_RAWOUT); |
} |
} |
|
|
Line 381 rip_output(struct mbuf *m, struct inpcb |
|
Line 399 rip_output(struct mbuf *m, struct inpcb |
|
* IP output. Note: if IP_RETURNMTU flag is set, the MTU size |
* IP output. Note: if IP_RETURNMTU flag is set, the MTU size |
* will be stored in inp_errormtu. |
* will be stored in inp_errormtu. |
*/ |
*/ |
return ip_output(m, opts, &inp->inp_route, flags, inp->inp_moptions, |
return ip_output(m, opts, &inp->inp_route, flags, pktopts.ippo_imo, |
inp->inp_socket); |
inp); |
|
|
|
release: |
|
if (m != NULL) |
|
m_freem(m); |
|
return error; |
} |
} |
|
|
/* |
/* |
Line 754 rip_send(struct socket *so, struct mbuf |
|
Line 777 rip_send(struct socket *so, struct mbuf |
|
* Ship a packet out. The appropriate raw output |
* Ship a packet out. The appropriate raw output |
* routine handles any massaging necessary. |
* routine handles any massaging necessary. |
*/ |
*/ |
if (control && control->m_len) { |
|
m_freem(control); |
|
m_freem(m); |
|
return EINVAL; |
|
} |
|
|
|
s = splsoftnet(); |
s = splsoftnet(); |
if (nam) { |
if (nam) { |
if ((so->so_state & SS_ISCONNECTED) != 0) { |
if ((so->so_state & SS_ISCONNECTED) != 0) { |
Line 767 rip_send(struct socket *so, struct mbuf |
|
Line 784 rip_send(struct socket *so, struct mbuf |
|
goto die; |
goto die; |
} |
} |
error = rip_connect_pcb(inp, (struct sockaddr_in *)nam); |
error = rip_connect_pcb(inp, (struct sockaddr_in *)nam); |
if (error) { |
if (error) |
die: |
goto die; |
m_freem(m); |
|
splx(s); |
|
return error; |
|
} |
|
} else { |
} else { |
if ((so->so_state & SS_ISCONNECTED) == 0) { |
if ((so->so_state & SS_ISCONNECTED) == 0) { |
error = ENOTCONN; |
error = ENOTCONN; |
goto die; |
goto die; |
} |
} |
} |
} |
error = rip_output(m, inp); |
error = rip_output(m, inp, control, l); |
|
m = NULL; |
|
control = NULL; |
if (nam) |
if (nam) |
rip_disconnect1(inp); |
rip_disconnect1(inp); |
|
die: |
|
if (m != NULL) |
|
m_freem(m); |
|
if (control != NULL) |
|
m_freem(control); |
|
|
splx(s); |
splx(s); |
return error; |
return error; |
Line 806 rip_purgeif(struct socket *so, struct if |
|
Line 826 rip_purgeif(struct socket *so, struct if |
|
s = splsoftnet(); |
s = splsoftnet(); |
mutex_enter(softnet_lock); |
mutex_enter(softnet_lock); |
in_pcbpurgeif0(&rawcbtable, ifp); |
in_pcbpurgeif0(&rawcbtable, ifp); |
|
#ifdef NET_MPSAFE |
|
mutex_exit(softnet_lock); |
|
#endif |
in_purgeif(ifp); |
in_purgeif(ifp); |
|
#ifdef NET_MPSAFE |
|
mutex_enter(softnet_lock); |
|
#endif |
in_pcbpurgeif(&rawcbtable, ifp); |
in_pcbpurgeif(&rawcbtable, ifp); |
mutex_exit(softnet_lock); |
mutex_exit(softnet_lock); |
splx(s); |
splx(s); |