| @@ -1,1373 +1,1362 @@ | | | @@ -1,1373 +1,1362 @@ |
1 | /* $NetBSD: ip_output.c,v 1.247 2015/09/02 11:35:11 ozaki-r Exp $ */ | | 1 | /* $NetBSD: ip_output.c,v 1.248 2016/01/20 22:12:22 riastradh Exp $ */ |
2 | | | 2 | |
3 | /* | | 3 | /* |
4 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | | 4 | * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. |
5 | * All rights reserved. | | 5 | * All rights reserved. |
6 | * | | 6 | * |
7 | * Redistribution and use in source and binary forms, with or without | | 7 | * Redistribution and use in source and binary forms, with or without |
8 | * modification, are permitted provided that the following conditions | | 8 | * modification, are permitted provided that the following conditions |
9 | * are met: | | 9 | * are met: |
10 | * 1. Redistributions of source code must retain the above copyright | | 10 | * 1. Redistributions of source code must retain the above copyright |
11 | * notice, this list of conditions and the following disclaimer. | | 11 | * notice, this list of conditions and the following disclaimer. |
12 | * 2. Redistributions in binary form must reproduce the above copyright | | 12 | * 2. Redistributions in binary form must reproduce the above copyright |
13 | * notice, this list of conditions and the following disclaimer in the | | 13 | * notice, this list of conditions and the following disclaimer in the |
14 | * documentation and/or other materials provided with the distribution. | | 14 | * documentation and/or other materials provided with the distribution. |
15 | * 3. Neither the name of the project nor the names of its contributors | | 15 | * 3. Neither the name of the project nor the names of its contributors |
16 | * may be used to endorse or promote products derived from this software | | 16 | * may be used to endorse or promote products derived from this software |
17 | * without specific prior written permission. | | 17 | * without specific prior written permission. |
18 | * | | 18 | * |
19 | * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND | | 19 | * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND |
20 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | | 20 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
21 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | | 21 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
22 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE | | 22 | * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE |
23 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | | 23 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
24 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | | 24 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
25 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | | 25 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
26 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | | 26 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
27 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | | 27 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
28 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | | 28 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
29 | * SUCH DAMAGE. | | 29 | * SUCH DAMAGE. |
30 | */ | | 30 | */ |
31 | | | 31 | |
32 | /*- | | 32 | /*- |
33 | * Copyright (c) 1998 The NetBSD Foundation, Inc. | | 33 | * Copyright (c) 1998 The NetBSD Foundation, Inc. |
34 | * All rights reserved. | | 34 | * All rights reserved. |
35 | * | | 35 | * |
36 | * This code is derived from software contributed to The NetBSD Foundation | | 36 | * This code is derived from software contributed to The NetBSD Foundation |
37 | * by Public Access Networks Corporation ("Panix"). It was developed under | | 37 | * by Public Access Networks Corporation ("Panix"). It was developed under |
38 | * contract to Panix by Eric Haszlakiewicz and Thor Lancelot Simon. | | 38 | * contract to Panix by Eric Haszlakiewicz and Thor Lancelot Simon. |
39 | * | | 39 | * |
40 | * Redistribution and use in source and binary forms, with or without | | 40 | * Redistribution and use in source and binary forms, with or without |
41 | * modification, are permitted provided that the following conditions | | 41 | * modification, are permitted provided that the following conditions |
42 | * are met: | | 42 | * are met: |
43 | * 1. Redistributions of source code must retain the above copyright | | 43 | * 1. Redistributions of source code must retain the above copyright |
44 | * notice, this list of conditions and the following disclaimer. | | 44 | * notice, this list of conditions and the following disclaimer. |
45 | * 2. Redistributions in binary form must reproduce the above copyright | | 45 | * 2. Redistributions in binary form must reproduce the above copyright |
46 | * notice, this list of conditions and the following disclaimer in the | | 46 | * notice, this list of conditions and the following disclaimer in the |
47 | * documentation and/or other materials provided with the distribution. | | 47 | * documentation and/or other materials provided with the distribution. |
48 | * | | 48 | * |
49 | * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS | | 49 | * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS |
50 | * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED | | 50 | * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED |
51 | * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | | 51 | * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
52 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS | | 52 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS |
53 | * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR | | 53 | * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
54 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF | | 54 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
55 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS | | 55 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
56 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN | | 56 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
57 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | | 57 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
58 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | | 58 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
59 | * POSSIBILITY OF SUCH DAMAGE. | | 59 | * POSSIBILITY OF SUCH DAMAGE. |
60 | */ | | 60 | */ |
61 | | | 61 | |
62 | /* | | 62 | /* |
63 | * Copyright (c) 1982, 1986, 1988, 1990, 1993 | | 63 | * Copyright (c) 1982, 1986, 1988, 1990, 1993 |
64 | * The Regents of the University of California. All rights reserved. | | 64 | * The Regents of the University of California. All rights reserved. |
65 | * | | 65 | * |
66 | * Redistribution and use in source and binary forms, with or without | | 66 | * Redistribution and use in source and binary forms, with or without |
67 | * modification, are permitted provided that the following conditions | | 67 | * modification, are permitted provided that the following conditions |
68 | * are met: | | 68 | * are met: |
69 | * 1. Redistributions of source code must retain the above copyright | | 69 | * 1. Redistributions of source code must retain the above copyright |
70 | * notice, this list of conditions and the following disclaimer. | | 70 | * notice, this list of conditions and the following disclaimer. |
71 | * 2. Redistributions in binary form must reproduce the above copyright | | 71 | * 2. Redistributions in binary form must reproduce the above copyright |
72 | * notice, this list of conditions and the following disclaimer in the | | 72 | * notice, this list of conditions and the following disclaimer in the |
73 | * documentation and/or other materials provided with the distribution. | | 73 | * documentation and/or other materials provided with the distribution. |
74 | * 3. Neither the name of the University nor the names of its contributors | | 74 | * 3. Neither the name of the University nor the names of its contributors |
75 | * may be used to endorse or promote products derived from this software | | 75 | * may be used to endorse or promote products derived from this software |
76 | * without specific prior written permission. | | 76 | * without specific prior written permission. |
77 | * | | 77 | * |
78 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND | | 78 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND |
79 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | | 79 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
80 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | | 80 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
81 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | | 81 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE |
82 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | | 82 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
83 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | | 83 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
84 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | | 84 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
85 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | | 85 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
86 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | | 86 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
87 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | | 87 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
88 | * SUCH DAMAGE. | | 88 | * SUCH DAMAGE. |
89 | * | | 89 | * |
90 | * @(#)ip_output.c 8.3 (Berkeley) 1/21/94 | | 90 | * @(#)ip_output.c 8.3 (Berkeley) 1/21/94 |
91 | */ | | 91 | */ |
92 | | | 92 | |
93 | #include <sys/cdefs.h> | | 93 | #include <sys/cdefs.h> |
94 | __KERNEL_RCSID(0, "$NetBSD: ip_output.c,v 1.247 2015/09/02 11:35:11 ozaki-r Exp $"); | | 94 | __KERNEL_RCSID(0, "$NetBSD: ip_output.c,v 1.248 2016/01/20 22:12:22 riastradh Exp $"); |
95 | | | 95 | |
96 | #ifdef _KERNEL_OPT | | 96 | #ifdef _KERNEL_OPT |
97 | #include "opt_inet.h" | | 97 | #include "opt_inet.h" |
98 | #include "opt_ipsec.h" | | 98 | #include "opt_ipsec.h" |
99 | #include "opt_mrouting.h" | | 99 | #include "opt_mrouting.h" |
100 | #include "opt_net_mpsafe.h" | | 100 | #include "opt_net_mpsafe.h" |
101 | #include "opt_mpls.h" | | 101 | #include "opt_mpls.h" |
102 | #endif | | 102 | #endif |
103 | | | 103 | |
104 | #include <sys/param.h> | | 104 | #include <sys/param.h> |
105 | #include <sys/kmem.h> | | 105 | #include <sys/kmem.h> |
106 | #include <sys/mbuf.h> | | 106 | #include <sys/mbuf.h> |
107 | #include <sys/protosw.h> | | 107 | #include <sys/protosw.h> |
108 | #include <sys/socket.h> | | 108 | #include <sys/socket.h> |
109 | #include <sys/socketvar.h> | | 109 | #include <sys/socketvar.h> |
110 | #include <sys/kauth.h> | | 110 | #include <sys/kauth.h> |
111 | #ifdef IPSEC | | 111 | #ifdef IPSEC |
112 | #include <sys/domain.h> | | 112 | #include <sys/domain.h> |
113 | #endif | | 113 | #endif |
114 | #include <sys/systm.h> | | 114 | #include <sys/systm.h> |
115 | | | 115 | |
116 | #include <net/if.h> | | 116 | #include <net/if.h> |
117 | #include <net/if_types.h> | | 117 | #include <net/if_types.h> |
118 | #include <net/route.h> | | 118 | #include <net/route.h> |
119 | #include <net/pfil.h> | | 119 | #include <net/pfil.h> |
120 | | | 120 | |
121 | #include <netinet/in.h> | | 121 | #include <netinet/in.h> |
122 | #include <netinet/in_systm.h> | | 122 | #include <netinet/in_systm.h> |
123 | #include <netinet/ip.h> | | 123 | #include <netinet/ip.h> |
124 | #include <netinet/in_pcb.h> | | 124 | #include <netinet/in_pcb.h> |
125 | #include <netinet/in_var.h> | | 125 | #include <netinet/in_var.h> |
126 | #include <netinet/ip_var.h> | | 126 | #include <netinet/ip_var.h> |
127 | #include <netinet/ip_private.h> | | 127 | #include <netinet/ip_private.h> |
128 | #include <netinet/in_offload.h> | | 128 | #include <netinet/in_offload.h> |
129 | #include <netinet/portalgo.h> | | 129 | #include <netinet/portalgo.h> |
130 | #include <netinet/udp.h> | | 130 | #include <netinet/udp.h> |
131 | | | 131 | |
132 | #ifdef INET6 | | 132 | #ifdef INET6 |
133 | #include <netinet6/ip6_var.h> | | 133 | #include <netinet6/ip6_var.h> |
134 | #endif | | 134 | #endif |
135 | | | 135 | |
136 | #ifdef MROUTING | | 136 | #ifdef MROUTING |
137 | #include <netinet/ip_mroute.h> | | 137 | #include <netinet/ip_mroute.h> |
138 | #endif | | 138 | #endif |
139 | | | 139 | |
140 | #ifdef IPSEC | | 140 | #ifdef IPSEC |
141 | #include <netipsec/ipsec.h> | | 141 | #include <netipsec/ipsec.h> |
142 | #include <netipsec/key.h> | | 142 | #include <netipsec/key.h> |
143 | #endif | | 143 | #endif |
144 | | | 144 | |
145 | #ifdef MPLS | | 145 | #ifdef MPLS |
146 | #include <netmpls/mpls.h> | | 146 | #include <netmpls/mpls.h> |
147 | #include <netmpls/mpls_var.h> | | 147 | #include <netmpls/mpls_var.h> |
148 | #endif | | 148 | #endif |
149 | | | 149 | |
150 | static int ip_pcbopts(struct inpcb *, const struct sockopt *); | | 150 | static int ip_pcbopts(struct inpcb *, const struct sockopt *); |
151 | static struct mbuf *ip_insertoptions(struct mbuf *, struct mbuf *, int *); | | 151 | static struct mbuf *ip_insertoptions(struct mbuf *, struct mbuf *, int *); |
152 | static struct ifnet *ip_multicast_if(struct in_addr *, int *); | | 152 | static struct ifnet *ip_multicast_if(struct in_addr *, int *); |
153 | static void ip_mloopback(struct ifnet *, struct mbuf *, | | 153 | static void ip_mloopback(struct ifnet *, struct mbuf *, |
154 | const struct sockaddr_in *); | | 154 | const struct sockaddr_in *); |
155 | | | 155 | |
156 | extern pfil_head_t *inet_pfil_hook; /* XXX */ | | 156 | extern pfil_head_t *inet_pfil_hook; /* XXX */ |
157 | | | 157 | |
158 | int ip_do_loopback_cksum = 0; | | 158 | int ip_do_loopback_cksum = 0; |
159 | | | 159 | |
160 | static bool | | 160 | static bool |
161 | ip_hresolv_needed(const struct ifnet * const ifp) | | 161 | ip_hresolv_needed(const struct ifnet * const ifp) |
162 | { | | 162 | { |
163 | switch (ifp->if_type) { | | 163 | switch (ifp->if_type) { |
164 | case IFT_ARCNET: | | 164 | case IFT_ARCNET: |
165 | case IFT_ATM: | | 165 | case IFT_ATM: |
166 | case IFT_ECONET: | | 166 | case IFT_ECONET: |
167 | case IFT_ETHER: | | 167 | case IFT_ETHER: |
168 | case IFT_FDDI: | | 168 | case IFT_FDDI: |
169 | case IFT_HIPPI: | | 169 | case IFT_HIPPI: |
170 | case IFT_IEEE1394: | | 170 | case IFT_IEEE1394: |
171 | case IFT_ISO88025: | | 171 | case IFT_ISO88025: |
172 | case IFT_SLIP: | | 172 | case IFT_SLIP: |
173 | return true; | | 173 | return true; |
174 | default: | | 174 | default: |
175 | return false; | | 175 | return false; |
176 | } | | 176 | } |
177 | } | | 177 | } |
178 | | | 178 | |
179 | static int | | 179 | static int |
180 | klock_if_output(struct ifnet * const ifp, struct mbuf * const m, | | 180 | klock_if_output(struct ifnet * const ifp, struct mbuf * const m, |
181 | const struct sockaddr * const dst, struct rtentry *rt) | | 181 | const struct sockaddr * const dst, struct rtentry *rt) |
182 | { | | 182 | { |
183 | int error; | | 183 | int error; |
184 | | | 184 | |
185 | #ifndef NET_MPSAFE | | 185 | #ifndef NET_MPSAFE |
186 | KERNEL_LOCK(1, NULL); | | 186 | KERNEL_LOCK(1, NULL); |
187 | #endif | | 187 | #endif |
188 | | | 188 | |
189 | error = (*ifp->if_output)(ifp, m, dst, rt); | | 189 | error = (*ifp->if_output)(ifp, m, dst, rt); |
190 | | | 190 | |
191 | #ifndef NET_MPSAFE | | 191 | #ifndef NET_MPSAFE |
192 | KERNEL_UNLOCK_ONE(NULL); | | 192 | KERNEL_UNLOCK_ONE(NULL); |
193 | #endif | | 193 | #endif |
194 | | | 194 | |
195 | return error; | | 195 | return error; |
196 | } | | 196 | } |
197 | | | 197 | |
198 | /* | | 198 | /* |
199 | * Send an IP packet to a host. | | 199 | * Send an IP packet to a host. |
200 | * | | 200 | * |
201 | * If necessary, resolve the arbitrary IP route, rt0, to an IP host route before | | 201 | * If necessary, resolve the arbitrary IP route, rt0, to an IP host route before |
202 | * calling ifp's output routine. | | 202 | * calling ifp's output routine. |
203 | */ | | 203 | */ |
204 | int | | 204 | int |
205 | ip_hresolv_output(struct ifnet * const ifp0, struct mbuf * const m, | | 205 | ip_hresolv_output(struct ifnet * const ifp0, struct mbuf * const m, |
206 | const struct sockaddr * const dst, struct rtentry *rt00) | | 206 | const struct sockaddr * const dst, struct rtentry *rt00) |
207 | { | | 207 | { |
208 | int error = 0; | | 208 | int error = 0; |
209 | struct ifnet *ifp = ifp0; | | 209 | struct ifnet *ifp = ifp0; |
210 | struct rtentry *rt, *rt0, *gwrt; | | 210 | struct rtentry *rt, *rt0, *gwrt; |
211 | | | 211 | |
212 | #define RTFREE_IF_NEEDED(_rt) \ | | 212 | #define RTFREE_IF_NEEDED(_rt) \ |
213 | if ((_rt) != NULL && (_rt) != rt00) \ | | 213 | if ((_rt) != NULL && (_rt) != rt00) \ |
214 | rtfree((_rt)); | | 214 | rtfree((_rt)); |
215 | | | 215 | |
216 | rt0 = rt00; | | 216 | rt0 = rt00; |
217 | retry: | | 217 | retry: |
218 | if (!ip_hresolv_needed(ifp)) { | | 218 | if (!ip_hresolv_needed(ifp)) { |
219 | rt = rt0; | | 219 | rt = rt0; |
220 | goto out; | | 220 | goto out; |
221 | } | | 221 | } |
222 | | | 222 | |
223 | if (rt0 == NULL) { | | 223 | if (rt0 == NULL) { |
224 | rt = NULL; | | 224 | rt = NULL; |
225 | goto out; | | 225 | goto out; |
226 | } | | 226 | } |
227 | | | 227 | |
228 | rt = rt0; | | 228 | rt = rt0; |
229 | | | 229 | |
230 | /* | | 230 | /* |
231 | * The following block is highly questionable. How did we get here | | 231 | * The following block is highly questionable. How did we get here |
232 | * with a !RTF_UP route? Does rtalloc1() always return an RTF_UP | | 232 | * with a !RTF_UP route? Does rtalloc1() always return an RTF_UP |
233 | * route? | | 233 | * route? |
234 | */ | | 234 | */ |
235 | if ((rt->rt_flags & RTF_UP) == 0) { | | 235 | if ((rt->rt_flags & RTF_UP) == 0) { |
236 | rt = rtalloc1(dst, 1); | | 236 | rt = rtalloc1(dst, 1); |
237 | if (rt == NULL) { | | 237 | if (rt == NULL) { |
238 | error = EHOSTUNREACH; | | 238 | error = EHOSTUNREACH; |
239 | goto bad; | | 239 | goto bad; |
240 | } | | 240 | } |
241 | rt0 = rt; | | 241 | rt0 = rt; |
242 | if (rt->rt_ifp != ifp) { | | 242 | if (rt->rt_ifp != ifp) { |
243 | ifp = rt->rt_ifp; | | 243 | ifp = rt->rt_ifp; |
244 | goto retry; | | 244 | goto retry; |
245 | } | | 245 | } |
246 | } | | 246 | } |
247 | | | 247 | |
248 | if ((rt->rt_flags & RTF_GATEWAY) == 0) | | 248 | if ((rt->rt_flags & RTF_GATEWAY) == 0) |
249 | goto out; | | 249 | goto out; |
250 | | | 250 | |
251 | gwrt = rt_get_gwroute(rt); | | 251 | gwrt = rt_get_gwroute(rt); |
252 | RTFREE_IF_NEEDED(rt); | | 252 | RTFREE_IF_NEEDED(rt); |
253 | rt = gwrt; | | 253 | rt = gwrt; |
254 | if (rt == NULL || (rt->rt_flags & RTF_UP) == 0) { | | 254 | if (rt == NULL || (rt->rt_flags & RTF_UP) == 0) { |
255 | if (rt != NULL) { | | 255 | if (rt != NULL) { |
256 | RTFREE_IF_NEEDED(rt); | | 256 | RTFREE_IF_NEEDED(rt); |
257 | rt = rt0; | | 257 | rt = rt0; |
258 | } | | 258 | } |
259 | if (rt == NULL) { | | 259 | if (rt == NULL) { |
260 | error = EHOSTUNREACH; | | 260 | error = EHOSTUNREACH; |
261 | goto bad; | | 261 | goto bad; |
262 | } | | 262 | } |
263 | gwrt = rtalloc1(rt->rt_gateway, 1); | | 263 | gwrt = rtalloc1(rt->rt_gateway, 1); |
264 | rt_set_gwroute(rt, gwrt); | | 264 | rt_set_gwroute(rt, gwrt); |
265 | RTFREE_IF_NEEDED(rt); | | 265 | RTFREE_IF_NEEDED(rt); |
266 | rt = gwrt; | | 266 | rt = gwrt; |
267 | if (rt == NULL) { | | 267 | if (rt == NULL) { |
268 | error = EHOSTUNREACH; | | 268 | error = EHOSTUNREACH; |
269 | goto bad; | | 269 | goto bad; |
270 | } | | 270 | } |
271 | /* the "G" test below also prevents rt == rt0 */ | | 271 | /* the "G" test below also prevents rt == rt0 */ |
272 | if ((rt->rt_flags & RTF_GATEWAY) != 0 || rt->rt_ifp != ifp) { | | 272 | if ((rt->rt_flags & RTF_GATEWAY) != 0 || rt->rt_ifp != ifp) { |
273 | if (rt0->rt_gwroute != NULL) | | 273 | if (rt0->rt_gwroute != NULL) |
274 | rtfree(rt0->rt_gwroute); | | 274 | rtfree(rt0->rt_gwroute); |
275 | rt0->rt_gwroute = NULL; | | 275 | rt0->rt_gwroute = NULL; |
276 | error = EHOSTUNREACH; | | 276 | error = EHOSTUNREACH; |
277 | goto bad; | | 277 | goto bad; |
278 | } | | 278 | } |
279 | } | | 279 | } |
280 | if ((rt->rt_flags & RTF_REJECT) != 0) { | | 280 | if ((rt->rt_flags & RTF_REJECT) != 0) { |
281 | if (rt->rt_rmx.rmx_expire == 0 || | | 281 | if (rt->rt_rmx.rmx_expire == 0 || |
282 | time_uptime < rt->rt_rmx.rmx_expire) { | | 282 | time_uptime < rt->rt_rmx.rmx_expire) { |
283 | error = (rt == rt0) ? EHOSTDOWN : EHOSTUNREACH; | | 283 | error = (rt == rt0) ? EHOSTDOWN : EHOSTUNREACH; |
284 | goto bad; | | 284 | goto bad; |
285 | } | | 285 | } |
286 | } | | 286 | } |
287 | | | 287 | |
288 | out: | | 288 | out: |
289 | #ifdef MPLS | | 289 | #ifdef MPLS |
290 | if (rt0 != NULL && rt_gettag(rt0) != NULL && | | 290 | if (rt0 != NULL && rt_gettag(rt0) != NULL && |
291 | rt_gettag(rt0)->sa_family == AF_MPLS && | | 291 | rt_gettag(rt0)->sa_family == AF_MPLS && |
292 | (m->m_flags & (M_MCAST | M_BCAST)) == 0 && | | 292 | (m->m_flags & (M_MCAST | M_BCAST)) == 0 && |
293 | ifp->if_type == IFT_ETHER) { | | 293 | ifp->if_type == IFT_ETHER) { |
294 | union mpls_shim msh; | | 294 | union mpls_shim msh; |
295 | msh.s_addr = MPLS_GETSADDR(rt0); | | 295 | msh.s_addr = MPLS_GETSADDR(rt0); |
296 | if (msh.shim.label != MPLS_LABEL_IMPLNULL) { | | 296 | if (msh.shim.label != MPLS_LABEL_IMPLNULL) { |
297 | struct m_tag *mtag; | | 297 | struct m_tag *mtag; |
298 | /* | | 298 | /* |
299 | * XXX tentative solution to tell ether_output | | 299 | * XXX tentative solution to tell ether_output |
300 | * it's MPLS. Need some more efficient solution. | | 300 | * it's MPLS. Need some more efficient solution. |
301 | */ | | 301 | */ |
302 | mtag = m_tag_get(PACKET_TAG_MPLS, | | 302 | mtag = m_tag_get(PACKET_TAG_MPLS, |
303 | sizeof(int) /* dummy */, | | 303 | sizeof(int) /* dummy */, |
304 | M_NOWAIT); | | 304 | M_NOWAIT); |
305 | if (mtag == NULL) { | | 305 | if (mtag == NULL) { |
306 | error = ENOMEM; | | 306 | error = ENOMEM; |
307 | goto bad; | | 307 | goto bad; |
308 | } | | 308 | } |
309 | m_tag_prepend(m, mtag); | | 309 | m_tag_prepend(m, mtag); |
310 | } | | 310 | } |
311 | } | | 311 | } |
312 | #endif | | 312 | #endif |
313 | | | 313 | |
314 | error = klock_if_output(ifp, m, dst, rt); | | 314 | error = klock_if_output(ifp, m, dst, rt); |
315 | goto exit; | | 315 | goto exit; |
316 | | | 316 | |
317 | bad: | | 317 | bad: |
318 | if (m != NULL) | | 318 | if (m != NULL) |
319 | m_freem(m); | | 319 | m_freem(m); |
320 | exit: | | 320 | exit: |
321 | RTFREE_IF_NEEDED(rt); | | 321 | RTFREE_IF_NEEDED(rt); |
322 | | | 322 | |
323 | return error; | | 323 | return error; |
324 | | | 324 | |
325 | #undef RTFREE_IF_NEEDED | | 325 | #undef RTFREE_IF_NEEDED |
326 | } | | 326 | } |
327 | | | 327 | |
328 | /* | | 328 | /* |
329 | * IP output. The packet in mbuf chain m contains a skeletal IP | | 329 | * IP output. The packet in mbuf chain m contains a skeletal IP |
330 | * header (with len, off, ttl, proto, tos, src, dst). | | 330 | * header (with len, off, ttl, proto, tos, src, dst). |
331 | * The mbuf chain containing the packet will be freed. | | 331 | * The mbuf chain containing the packet will be freed. |
332 | * The mbuf opt, if present, will not be freed. | | 332 | * The mbuf opt, if present, will not be freed. |
333 | */ | | 333 | */ |
334 | int | | 334 | int |
335 | ip_output(struct mbuf *m0, ...) | | 335 | ip_output(struct mbuf *m0, struct mbuf *opt, struct route *ro, int flags, |
| | | 336 | struct ip_moptions *imo, struct socket *so) |
336 | { | | 337 | { |
337 | struct rtentry *rt; | | 338 | struct rtentry *rt; |
338 | struct ip *ip; | | 339 | struct ip *ip; |
339 | struct ifnet *ifp; | | 340 | struct ifnet *ifp; |
340 | struct mbuf *m = m0; | | 341 | struct mbuf *m = m0; |
341 | int hlen = sizeof (struct ip); | | 342 | int hlen = sizeof (struct ip); |
342 | int len, error = 0; | | 343 | int len, error = 0; |
343 | struct route iproute; | | 344 | struct route iproute; |
344 | const struct sockaddr_in *dst; | | 345 | const struct sockaddr_in *dst; |
345 | struct in_ifaddr *ia; | | 346 | struct in_ifaddr *ia; |
346 | int isbroadcast; | | 347 | int isbroadcast; |
347 | struct mbuf *opt; | | 348 | int sw_csum; |
348 | struct route *ro; | | | |
349 | int flags, sw_csum; | | | |
350 | u_long mtu; | | 349 | u_long mtu; |
351 | struct ip_moptions *imo; | | | |
352 | struct socket *so; | | | |
353 | va_list ap; | | | |
354 | #ifdef IPSEC | | 350 | #ifdef IPSEC |
355 | struct secpolicy *sp = NULL; | | 351 | struct secpolicy *sp = NULL; |
356 | #endif | | 352 | #endif |
357 | bool natt_frag = false; | | 353 | bool natt_frag = false; |
358 | bool rtmtu_nolock; | | 354 | bool rtmtu_nolock; |
359 | union { | | 355 | union { |
360 | struct sockaddr dst; | | 356 | struct sockaddr dst; |
361 | struct sockaddr_in dst4; | | 357 | struct sockaddr_in dst4; |
362 | } u; | | 358 | } u; |
363 | struct sockaddr *rdst = &u.dst; /* real IP destination, as opposed | | 359 | struct sockaddr *rdst = &u.dst; /* real IP destination, as opposed |
364 | * to the nexthop | | 360 | * to the nexthop |
365 | */ | | 361 | */ |
366 | | | 362 | |
367 | len = 0; | | 363 | len = 0; |
368 | va_start(ap, m0); | | | |
369 | opt = va_arg(ap, struct mbuf *); | | | |
370 | ro = va_arg(ap, struct route *); | | | |
371 | flags = va_arg(ap, int); | | | |
372 | imo = va_arg(ap, struct ip_moptions *); | | | |
373 | so = va_arg(ap, struct socket *); | | | |
374 | va_end(ap); | | | |
375 | | | 364 | |
376 | MCLAIM(m, &ip_tx_mowner); | | 365 | MCLAIM(m, &ip_tx_mowner); |
377 | | | 366 | |
378 | KASSERT((m->m_flags & M_PKTHDR) != 0); | | 367 | KASSERT((m->m_flags & M_PKTHDR) != 0); |
379 | KASSERT((m->m_pkthdr.csum_flags & (M_CSUM_TCPv6|M_CSUM_UDPv6)) == 0); | | 368 | KASSERT((m->m_pkthdr.csum_flags & (M_CSUM_TCPv6|M_CSUM_UDPv6)) == 0); |
380 | KASSERT((m->m_pkthdr.csum_flags & (M_CSUM_TCPv4|M_CSUM_UDPv4)) != | | 369 | KASSERT((m->m_pkthdr.csum_flags & (M_CSUM_TCPv4|M_CSUM_UDPv4)) != |
381 | (M_CSUM_TCPv4|M_CSUM_UDPv4)); | | 370 | (M_CSUM_TCPv4|M_CSUM_UDPv4)); |
382 | | | 371 | |
383 | if (opt) { | | 372 | if (opt) { |
384 | m = ip_insertoptions(m, opt, &len); | | 373 | m = ip_insertoptions(m, opt, &len); |
385 | if (len >= sizeof(struct ip)) | | 374 | if (len >= sizeof(struct ip)) |
386 | hlen = len; | | 375 | hlen = len; |
387 | } | | 376 | } |
388 | ip = mtod(m, struct ip *); | | 377 | ip = mtod(m, struct ip *); |
389 | | | 378 | |
390 | /* | | 379 | /* |
391 | * Fill in IP header. | | 380 | * Fill in IP header. |
392 | */ | | 381 | */ |
393 | if ((flags & (IP_FORWARDING|IP_RAWOUTPUT)) == 0) { | | 382 | if ((flags & (IP_FORWARDING|IP_RAWOUTPUT)) == 0) { |
394 | ip->ip_v = IPVERSION; | | 383 | ip->ip_v = IPVERSION; |
395 | ip->ip_off = htons(0); | | 384 | ip->ip_off = htons(0); |
396 | /* ip->ip_id filled in after we find out source ia */ | | 385 | /* ip->ip_id filled in after we find out source ia */ |
397 | ip->ip_hl = hlen >> 2; | | 386 | ip->ip_hl = hlen >> 2; |
398 | IP_STATINC(IP_STAT_LOCALOUT); | | 387 | IP_STATINC(IP_STAT_LOCALOUT); |
399 | } else { | | 388 | } else { |
400 | hlen = ip->ip_hl << 2; | | 389 | hlen = ip->ip_hl << 2; |
401 | } | | 390 | } |
402 | | | 391 | |
403 | /* | | 392 | /* |
404 | * Route packet. | | 393 | * Route packet. |
405 | */ | | 394 | */ |
406 | if (ro == NULL) { | | 395 | if (ro == NULL) { |
407 | memset(&iproute, 0, sizeof(iproute)); | | 396 | memset(&iproute, 0, sizeof(iproute)); |
408 | ro = &iproute; | | 397 | ro = &iproute; |
409 | } | | 398 | } |
410 | sockaddr_in_init(&u.dst4, &ip->ip_dst, 0); | | 399 | sockaddr_in_init(&u.dst4, &ip->ip_dst, 0); |
411 | dst = satocsin(rtcache_getdst(ro)); | | 400 | dst = satocsin(rtcache_getdst(ro)); |
412 | | | 401 | |
413 | /* | | 402 | /* |
414 | * If there is a cached route, check that it is to the same | | 403 | * If there is a cached route, check that it is to the same |
415 | * destination and is still up. If not, free it and try again. | | 404 | * destination and is still up. If not, free it and try again. |
416 | * The address family should also be checked in case of sharing | | 405 | * The address family should also be checked in case of sharing |
417 | * the cache with IPv6. | | 406 | * the cache with IPv6. |
418 | */ | | 407 | */ |
419 | if (dst && (dst->sin_family != AF_INET || | | 408 | if (dst && (dst->sin_family != AF_INET || |
420 | !in_hosteq(dst->sin_addr, ip->ip_dst))) | | 409 | !in_hosteq(dst->sin_addr, ip->ip_dst))) |
421 | rtcache_free(ro); | | 410 | rtcache_free(ro); |
422 | | | 411 | |
423 | if ((rt = rtcache_validate(ro)) == NULL && | | 412 | if ((rt = rtcache_validate(ro)) == NULL && |
424 | (rt = rtcache_update(ro, 1)) == NULL) { | | 413 | (rt = rtcache_update(ro, 1)) == NULL) { |
425 | dst = &u.dst4; | | 414 | dst = &u.dst4; |
426 | error = rtcache_setdst(ro, &u.dst); | | 415 | error = rtcache_setdst(ro, &u.dst); |
427 | if (error != 0) | | 416 | if (error != 0) |
428 | goto bad; | | 417 | goto bad; |
429 | } | | 418 | } |
430 | | | 419 | |
431 | /* | | 420 | /* |
432 | * If routing to interface only, short circuit routing lookup. | | 421 | * If routing to interface only, short circuit routing lookup. |
433 | */ | | 422 | */ |
434 | if (flags & IP_ROUTETOIF) { | | 423 | if (flags & IP_ROUTETOIF) { |
435 | if ((ia = ifatoia(ifa_ifwithladdr(sintocsa(dst)))) == NULL) { | | 424 | if ((ia = ifatoia(ifa_ifwithladdr(sintocsa(dst)))) == NULL) { |
436 | IP_STATINC(IP_STAT_NOROUTE); | | 425 | IP_STATINC(IP_STAT_NOROUTE); |
437 | error = ENETUNREACH; | | 426 | error = ENETUNREACH; |
438 | goto bad; | | 427 | goto bad; |
439 | } | | 428 | } |
440 | ifp = ia->ia_ifp; | | 429 | ifp = ia->ia_ifp; |
441 | mtu = ifp->if_mtu; | | 430 | mtu = ifp->if_mtu; |
442 | ip->ip_ttl = 1; | | 431 | ip->ip_ttl = 1; |
443 | isbroadcast = in_broadcast(dst->sin_addr, ifp); | | 432 | isbroadcast = in_broadcast(dst->sin_addr, ifp); |
444 | } else if ((IN_MULTICAST(ip->ip_dst.s_addr) || | | 433 | } else if ((IN_MULTICAST(ip->ip_dst.s_addr) || |
445 | ip->ip_dst.s_addr == INADDR_BROADCAST) && | | 434 | ip->ip_dst.s_addr == INADDR_BROADCAST) && |
446 | imo != NULL && imo->imo_multicast_ifp != NULL) { | | 435 | imo != NULL && imo->imo_multicast_ifp != NULL) { |
447 | ifp = imo->imo_multicast_ifp; | | 436 | ifp = imo->imo_multicast_ifp; |
448 | mtu = ifp->if_mtu; | | 437 | mtu = ifp->if_mtu; |
449 | IFP_TO_IA(ifp, ia); | | 438 | IFP_TO_IA(ifp, ia); |
450 | isbroadcast = 0; | | 439 | isbroadcast = 0; |
451 | } else { | | 440 | } else { |
452 | if (rt == NULL) | | 441 | if (rt == NULL) |
453 | rt = rtcache_init(ro); | | 442 | rt = rtcache_init(ro); |
454 | if (rt == NULL) { | | 443 | if (rt == NULL) { |
455 | IP_STATINC(IP_STAT_NOROUTE); | | 444 | IP_STATINC(IP_STAT_NOROUTE); |
456 | error = EHOSTUNREACH; | | 445 | error = EHOSTUNREACH; |
457 | goto bad; | | 446 | goto bad; |
458 | } | | 447 | } |
459 | ia = ifatoia(rt->rt_ifa); | | 448 | ia = ifatoia(rt->rt_ifa); |
460 | ifp = rt->rt_ifp; | | 449 | ifp = rt->rt_ifp; |
461 | if ((mtu = rt->rt_rmx.rmx_mtu) == 0) | | 450 | if ((mtu = rt->rt_rmx.rmx_mtu) == 0) |
462 | mtu = ifp->if_mtu; | | 451 | mtu = ifp->if_mtu; |
463 | rt->rt_use++; | | 452 | rt->rt_use++; |
464 | if (rt->rt_flags & RTF_GATEWAY) | | 453 | if (rt->rt_flags & RTF_GATEWAY) |
465 | dst = satosin(rt->rt_gateway); | | 454 | dst = satosin(rt->rt_gateway); |
466 | if (rt->rt_flags & RTF_HOST) | | 455 | if (rt->rt_flags & RTF_HOST) |
467 | isbroadcast = rt->rt_flags & RTF_BROADCAST; | | 456 | isbroadcast = rt->rt_flags & RTF_BROADCAST; |
468 | else | | 457 | else |
469 | isbroadcast = in_broadcast(dst->sin_addr, ifp); | | 458 | isbroadcast = in_broadcast(dst->sin_addr, ifp); |
470 | } | | 459 | } |
471 | rtmtu_nolock = rt && (rt->rt_rmx.rmx_locks & RTV_MTU) == 0; | | 460 | rtmtu_nolock = rt && (rt->rt_rmx.rmx_locks & RTV_MTU) == 0; |
472 | | | 461 | |
473 | if (IN_MULTICAST(ip->ip_dst.s_addr) || | | 462 | if (IN_MULTICAST(ip->ip_dst.s_addr) || |
474 | (ip->ip_dst.s_addr == INADDR_BROADCAST)) { | | 463 | (ip->ip_dst.s_addr == INADDR_BROADCAST)) { |
475 | bool inmgroup; | | 464 | bool inmgroup; |
476 | | | 465 | |
477 | m->m_flags |= (ip->ip_dst.s_addr == INADDR_BROADCAST) ? | | 466 | m->m_flags |= (ip->ip_dst.s_addr == INADDR_BROADCAST) ? |
478 | M_BCAST : M_MCAST; | | 467 | M_BCAST : M_MCAST; |
479 | /* | | 468 | /* |
480 | * See if the caller provided any multicast options | | 469 | * See if the caller provided any multicast options |
481 | */ | | 470 | */ |
482 | if (imo != NULL) | | 471 | if (imo != NULL) |
483 | ip->ip_ttl = imo->imo_multicast_ttl; | | 472 | ip->ip_ttl = imo->imo_multicast_ttl; |
484 | else | | 473 | else |
485 | ip->ip_ttl = IP_DEFAULT_MULTICAST_TTL; | | 474 | ip->ip_ttl = IP_DEFAULT_MULTICAST_TTL; |
486 | | | 475 | |
487 | /* | | 476 | /* |
488 | * if we don't know the outgoing ifp yet, we can't generate | | 477 | * if we don't know the outgoing ifp yet, we can't generate |
489 | * output | | 478 | * output |
490 | */ | | 479 | */ |
491 | if (!ifp) { | | 480 | if (!ifp) { |
492 | IP_STATINC(IP_STAT_NOROUTE); | | 481 | IP_STATINC(IP_STAT_NOROUTE); |
493 | error = ENETUNREACH; | | 482 | error = ENETUNREACH; |
494 | goto bad; | | 483 | goto bad; |
495 | } | | 484 | } |
496 | | | 485 | |
497 | /* | | 486 | /* |
498 | * If the packet is multicast or broadcast, confirm that | | 487 | * If the packet is multicast or broadcast, confirm that |
499 | * the outgoing interface can transmit it. | | 488 | * the outgoing interface can transmit it. |
500 | */ | | 489 | */ |
501 | if (((m->m_flags & M_MCAST) && | | 490 | if (((m->m_flags & M_MCAST) && |
502 | (ifp->if_flags & IFF_MULTICAST) == 0) || | | 491 | (ifp->if_flags & IFF_MULTICAST) == 0) || |
503 | ((m->m_flags & M_BCAST) && | | 492 | ((m->m_flags & M_BCAST) && |
504 | (ifp->if_flags & (IFF_BROADCAST|IFF_POINTOPOINT)) == 0)) { | | 493 | (ifp->if_flags & (IFF_BROADCAST|IFF_POINTOPOINT)) == 0)) { |
505 | IP_STATINC(IP_STAT_NOROUTE); | | 494 | IP_STATINC(IP_STAT_NOROUTE); |
506 | error = ENETUNREACH; | | 495 | error = ENETUNREACH; |
507 | goto bad; | | 496 | goto bad; |
508 | } | | 497 | } |
509 | /* | | 498 | /* |
510 | * If source address not specified yet, use an address | | 499 | * If source address not specified yet, use an address |
511 | * of outgoing interface. | | 500 | * of outgoing interface. |
512 | */ | | 501 | */ |
513 | if (in_nullhost(ip->ip_src)) { | | 502 | if (in_nullhost(ip->ip_src)) { |
514 | struct in_ifaddr *xia; | | 503 | struct in_ifaddr *xia; |
515 | struct ifaddr *xifa; | | 504 | struct ifaddr *xifa; |
516 | | | 505 | |
517 | IFP_TO_IA(ifp, xia); | | 506 | IFP_TO_IA(ifp, xia); |
518 | if (!xia) { | | 507 | if (!xia) { |
519 | error = EADDRNOTAVAIL; | | 508 | error = EADDRNOTAVAIL; |
520 | goto bad; | | 509 | goto bad; |
521 | } | | 510 | } |
522 | xifa = &xia->ia_ifa; | | 511 | xifa = &xia->ia_ifa; |
523 | if (xifa->ifa_getifa != NULL) { | | 512 | if (xifa->ifa_getifa != NULL) { |
524 | xia = ifatoia((*xifa->ifa_getifa)(xifa, rdst)); | | 513 | xia = ifatoia((*xifa->ifa_getifa)(xifa, rdst)); |
525 | if (xia == NULL) { | | 514 | if (xia == NULL) { |
526 | error = EADDRNOTAVAIL; | | 515 | error = EADDRNOTAVAIL; |
527 | goto bad; | | 516 | goto bad; |
528 | } | | 517 | } |
529 | } | | 518 | } |
530 | ip->ip_src = xia->ia_addr.sin_addr; | | 519 | ip->ip_src = xia->ia_addr.sin_addr; |
531 | } | | 520 | } |
532 | | | 521 | |
533 | inmgroup = in_multi_group(ip->ip_dst, ifp, flags); | | 522 | inmgroup = in_multi_group(ip->ip_dst, ifp, flags); |
534 | if (inmgroup && (imo == NULL || imo->imo_multicast_loop)) { | | 523 | if (inmgroup && (imo == NULL || imo->imo_multicast_loop)) { |
535 | /* | | 524 | /* |
536 | * If we belong to the destination multicast group | | 525 | * If we belong to the destination multicast group |
537 | * on the outgoing interface, and the caller did not | | 526 | * on the outgoing interface, and the caller did not |
538 | * forbid loopback, loop back a copy. | | 527 | * forbid loopback, loop back a copy. |
539 | */ | | 528 | */ |
540 | ip_mloopback(ifp, m, &u.dst4); | | 529 | ip_mloopback(ifp, m, &u.dst4); |
541 | } | | 530 | } |
542 | #ifdef MROUTING | | 531 | #ifdef MROUTING |
543 | else { | | 532 | else { |
544 | /* | | 533 | /* |
545 | * If we are acting as a multicast router, perform | | 534 | * If we are acting as a multicast router, perform |
546 | * multicast forwarding as if the packet had just | | 535 | * multicast forwarding as if the packet had just |
547 | * arrived on the interface to which we are about | | 536 | * arrived on the interface to which we are about |
548 | * to send. The multicast forwarding function | | 537 | * to send. The multicast forwarding function |
549 | * recursively calls this function, using the | | 538 | * recursively calls this function, using the |
550 | * IP_FORWARDING flag to prevent infinite recursion. | | 539 | * IP_FORWARDING flag to prevent infinite recursion. |
551 | * | | 540 | * |
552 | * Multicasts that are looped back by ip_mloopback(), | | 541 | * Multicasts that are looped back by ip_mloopback(), |
553 | * above, will be forwarded by the ip_input() routine, | | 542 | * above, will be forwarded by the ip_input() routine, |
554 | * if necessary. | | 543 | * if necessary. |
555 | */ | | 544 | */ |
556 | extern struct socket *ip_mrouter; | | 545 | extern struct socket *ip_mrouter; |
557 | | | 546 | |
558 | if (ip_mrouter && (flags & IP_FORWARDING) == 0) { | | 547 | if (ip_mrouter && (flags & IP_FORWARDING) == 0) { |
559 | if (ip_mforward(m, ifp) != 0) { | | 548 | if (ip_mforward(m, ifp) != 0) { |
560 | m_freem(m); | | 549 | m_freem(m); |
561 | goto done; | | 550 | goto done; |
562 | } | | 551 | } |
563 | } | | 552 | } |
564 | } | | 553 | } |
565 | #endif | | 554 | #endif |
566 | /* | | 555 | /* |
567 | * Multicasts with a time-to-live of zero may be looped- | | 556 | * Multicasts with a time-to-live of zero may be looped- |
568 | * back, above, but must not be transmitted on a network. | | 557 | * back, above, but must not be transmitted on a network. |
569 | * Also, multicasts addressed to the loopback interface | | 558 | * Also, multicasts addressed to the loopback interface |
570 | * are not sent -- the above call to ip_mloopback() will | | 559 | * are not sent -- the above call to ip_mloopback() will |
571 | * loop back a copy if this host actually belongs to the | | 560 | * loop back a copy if this host actually belongs to the |
572 | * destination group on the loopback interface. | | 561 | * destination group on the loopback interface. |
573 | */ | | 562 | */ |
574 | if (ip->ip_ttl == 0 || (ifp->if_flags & IFF_LOOPBACK) != 0) { | | 563 | if (ip->ip_ttl == 0 || (ifp->if_flags & IFF_LOOPBACK) != 0) { |
575 | m_freem(m); | | 564 | m_freem(m); |
576 | goto done; | | 565 | goto done; |
577 | } | | 566 | } |
578 | goto sendit; | | 567 | goto sendit; |
579 | } | | 568 | } |
580 | | | 569 | |
581 | /* | | 570 | /* |
582 | * If source address not specified yet, use address | | 571 | * If source address not specified yet, use address |
583 | * of outgoing interface. | | 572 | * of outgoing interface. |
584 | */ | | 573 | */ |
585 | if (in_nullhost(ip->ip_src)) { | | 574 | if (in_nullhost(ip->ip_src)) { |
586 | struct ifaddr *xifa; | | 575 | struct ifaddr *xifa; |
587 | | | 576 | |
588 | xifa = &ia->ia_ifa; | | 577 | xifa = &ia->ia_ifa; |
589 | if (xifa->ifa_getifa != NULL) { | | 578 | if (xifa->ifa_getifa != NULL) { |
590 | ia = ifatoia((*xifa->ifa_getifa)(xifa, rdst)); | | 579 | ia = ifatoia((*xifa->ifa_getifa)(xifa, rdst)); |
591 | if (ia == NULL) { | | 580 | if (ia == NULL) { |
592 | error = EADDRNOTAVAIL; | | 581 | error = EADDRNOTAVAIL; |
593 | goto bad; | | 582 | goto bad; |
594 | } | | 583 | } |
595 | } | | 584 | } |
596 | ip->ip_src = ia->ia_addr.sin_addr; | | 585 | ip->ip_src = ia->ia_addr.sin_addr; |
597 | } | | 586 | } |
598 | | | 587 | |
599 | /* | | 588 | /* |
600 | * packets with Class-D address as source are not valid per | | 589 | * packets with Class-D address as source are not valid per |
601 | * RFC 1112 | | 590 | * RFC 1112 |
602 | */ | | 591 | */ |
603 | if (IN_MULTICAST(ip->ip_src.s_addr)) { | | 592 | if (IN_MULTICAST(ip->ip_src.s_addr)) { |
604 | IP_STATINC(IP_STAT_ODROPPED); | | 593 | IP_STATINC(IP_STAT_ODROPPED); |
605 | error = EADDRNOTAVAIL; | | 594 | error = EADDRNOTAVAIL; |
606 | goto bad; | | 595 | goto bad; |
607 | } | | 596 | } |
608 | | | 597 | |
609 | /* | | 598 | /* |
610 | * Look for broadcast address and and verify user is allowed to | | 599 | * Look for broadcast address and and verify user is allowed to |
611 | * send such a packet. | | 600 | * send such a packet. |
612 | */ | | 601 | */ |
613 | if (isbroadcast) { | | 602 | if (isbroadcast) { |
614 | if ((ifp->if_flags & IFF_BROADCAST) == 0) { | | 603 | if ((ifp->if_flags & IFF_BROADCAST) == 0) { |
615 | error = EADDRNOTAVAIL; | | 604 | error = EADDRNOTAVAIL; |
616 | goto bad; | | 605 | goto bad; |
617 | } | | 606 | } |
618 | if ((flags & IP_ALLOWBROADCAST) == 0) { | | 607 | if ((flags & IP_ALLOWBROADCAST) == 0) { |
619 | error = EACCES; | | 608 | error = EACCES; |
620 | goto bad; | | 609 | goto bad; |
621 | } | | 610 | } |
622 | /* don't allow broadcast messages to be fragmented */ | | 611 | /* don't allow broadcast messages to be fragmented */ |
623 | if (ntohs(ip->ip_len) > ifp->if_mtu) { | | 612 | if (ntohs(ip->ip_len) > ifp->if_mtu) { |
624 | error = EMSGSIZE; | | 613 | error = EMSGSIZE; |
625 | goto bad; | | 614 | goto bad; |
626 | } | | 615 | } |
627 | m->m_flags |= M_BCAST; | | 616 | m->m_flags |= M_BCAST; |
628 | } else | | 617 | } else |
629 | m->m_flags &= ~M_BCAST; | | 618 | m->m_flags &= ~M_BCAST; |
630 | | | 619 | |
631 | sendit: | | 620 | sendit: |
632 | if ((flags & (IP_FORWARDING|IP_NOIPNEWID)) == 0) { | | 621 | if ((flags & (IP_FORWARDING|IP_NOIPNEWID)) == 0) { |
633 | if (m->m_pkthdr.len < IP_MINFRAGSIZE) { | | 622 | if (m->m_pkthdr.len < IP_MINFRAGSIZE) { |
634 | ip->ip_id = 0; | | 623 | ip->ip_id = 0; |
635 | } else if ((m->m_pkthdr.csum_flags & M_CSUM_TSOv4) == 0) { | | 624 | } else if ((m->m_pkthdr.csum_flags & M_CSUM_TSOv4) == 0) { |
636 | ip->ip_id = ip_newid(ia); | | 625 | ip->ip_id = ip_newid(ia); |
637 | } else { | | 626 | } else { |
638 | | | 627 | |
639 | /* | | 628 | /* |
640 | * TSO capable interfaces (typically?) increment | | 629 | * TSO capable interfaces (typically?) increment |
641 | * ip_id for each segment. | | 630 | * ip_id for each segment. |
642 | * "allocate" enough ids here to increase the chance | | 631 | * "allocate" enough ids here to increase the chance |
643 | * for them to be unique. | | 632 | * for them to be unique. |
644 | * | | 633 | * |
645 | * note that the following calculation is not | | 634 | * note that the following calculation is not |
646 | * needed to be precise. wasting some ip_id is fine. | | 635 | * needed to be precise. wasting some ip_id is fine. |
647 | */ | | 636 | */ |
648 | | | 637 | |
649 | unsigned int segsz = m->m_pkthdr.segsz; | | 638 | unsigned int segsz = m->m_pkthdr.segsz; |
650 | unsigned int datasz = ntohs(ip->ip_len) - hlen; | | 639 | unsigned int datasz = ntohs(ip->ip_len) - hlen; |
651 | unsigned int num = howmany(datasz, segsz); | | 640 | unsigned int num = howmany(datasz, segsz); |
652 | | | 641 | |
653 | ip->ip_id = ip_newid_range(ia, num); | | 642 | ip->ip_id = ip_newid_range(ia, num); |
654 | } | | 643 | } |
655 | } | | 644 | } |
656 | | | 645 | |
657 | /* | | 646 | /* |
658 | * If we're doing Path MTU Discovery, we need to set DF unless | | 647 | * If we're doing Path MTU Discovery, we need to set DF unless |
659 | * the route's MTU is locked. | | 648 | * the route's MTU is locked. |
660 | */ | | 649 | */ |
661 | if ((flags & IP_MTUDISC) != 0 && rtmtu_nolock) { | | 650 | if ((flags & IP_MTUDISC) != 0 && rtmtu_nolock) { |
662 | ip->ip_off |= htons(IP_DF); | | 651 | ip->ip_off |= htons(IP_DF); |
663 | } | | 652 | } |
664 | | | 653 | |
665 | #ifdef IPSEC | | 654 | #ifdef IPSEC |
666 | if (ipsec_used) { | | 655 | if (ipsec_used) { |
667 | bool ipsec_done = false; | | 656 | bool ipsec_done = false; |
668 | | | 657 | |
669 | /* Perform IPsec processing, if any. */ | | 658 | /* Perform IPsec processing, if any. */ |
670 | error = ipsec4_output(m, so, flags, &sp, &mtu, &natt_frag, | | 659 | error = ipsec4_output(m, so, flags, &sp, &mtu, &natt_frag, |
671 | &ipsec_done); | | 660 | &ipsec_done); |
672 | if (error || ipsec_done) | | 661 | if (error || ipsec_done) |
673 | goto done; | | 662 | goto done; |
674 | } | | 663 | } |
675 | #endif | | 664 | #endif |
676 | | | 665 | |
677 | /* | | 666 | /* |
678 | * Run through list of hooks for output packets. | | 667 | * Run through list of hooks for output packets. |
679 | */ | | 668 | */ |
680 | error = pfil_run_hooks(inet_pfil_hook, &m, ifp, PFIL_OUT); | | 669 | error = pfil_run_hooks(inet_pfil_hook, &m, ifp, PFIL_OUT); |
681 | if (error) | | 670 | if (error) |
682 | goto done; | | 671 | goto done; |
683 | if (m == NULL) | | 672 | if (m == NULL) |
684 | goto done; | | 673 | goto done; |
685 | | | 674 | |
686 | ip = mtod(m, struct ip *); | | 675 | ip = mtod(m, struct ip *); |
687 | hlen = ip->ip_hl << 2; | | 676 | hlen = ip->ip_hl << 2; |
688 | | | 677 | |
689 | m->m_pkthdr.csum_data |= hlen << 16; | | 678 | m->m_pkthdr.csum_data |= hlen << 16; |
690 | | | 679 | |
691 | #if IFA_STATS | | 680 | #if IFA_STATS |
692 | /* | | 681 | /* |
693 | * search for the source address structure to | | 682 | * search for the source address structure to |
694 | * maintain output statistics. | | 683 | * maintain output statistics. |
695 | */ | | 684 | */ |
696 | INADDR_TO_IA(ip->ip_src, ia); | | 685 | INADDR_TO_IA(ip->ip_src, ia); |
697 | #endif | | 686 | #endif |
698 | | | 687 | |
699 | /* Maybe skip checksums on loopback interfaces. */ | | 688 | /* Maybe skip checksums on loopback interfaces. */ |
700 | if (IN_NEED_CHECKSUM(ifp, M_CSUM_IPv4)) { | | 689 | if (IN_NEED_CHECKSUM(ifp, M_CSUM_IPv4)) { |
701 | m->m_pkthdr.csum_flags |= M_CSUM_IPv4; | | 690 | m->m_pkthdr.csum_flags |= M_CSUM_IPv4; |
702 | } | | 691 | } |
703 | sw_csum = m->m_pkthdr.csum_flags & ~ifp->if_csum_flags_tx; | | 692 | sw_csum = m->m_pkthdr.csum_flags & ~ifp->if_csum_flags_tx; |
704 | /* | | 693 | /* |
705 | * If small enough for mtu of path, or if using TCP segmentation | | 694 | * If small enough for mtu of path, or if using TCP segmentation |
706 | * offload, can just send directly. | | 695 | * offload, can just send directly. |
707 | */ | | 696 | */ |
708 | if (ntohs(ip->ip_len) <= mtu || | | 697 | if (ntohs(ip->ip_len) <= mtu || |
709 | (m->m_pkthdr.csum_flags & M_CSUM_TSOv4) != 0) { | | 698 | (m->m_pkthdr.csum_flags & M_CSUM_TSOv4) != 0) { |
710 | const struct sockaddr *sa; | | 699 | const struct sockaddr *sa; |
711 | | | 700 | |
712 | #if IFA_STATS | | 701 | #if IFA_STATS |
713 | if (ia) | | 702 | if (ia) |
714 | ia->ia_ifa.ifa_data.ifad_outbytes += ntohs(ip->ip_len); | | 703 | ia->ia_ifa.ifa_data.ifad_outbytes += ntohs(ip->ip_len); |
715 | #endif | | 704 | #endif |
716 | /* | | 705 | /* |
717 | * Always initialize the sum to 0! Some HW assisted | | 706 | * Always initialize the sum to 0! Some HW assisted |
718 | * checksumming requires this. | | 707 | * checksumming requires this. |
719 | */ | | 708 | */ |
720 | ip->ip_sum = 0; | | 709 | ip->ip_sum = 0; |
721 | | | 710 | |
722 | if ((m->m_pkthdr.csum_flags & M_CSUM_TSOv4) == 0) { | | 711 | if ((m->m_pkthdr.csum_flags & M_CSUM_TSOv4) == 0) { |
723 | /* | | 712 | /* |
724 | * Perform any checksums that the hardware can't do | | 713 | * Perform any checksums that the hardware can't do |
725 | * for us. | | 714 | * for us. |
726 | * | | 715 | * |
727 | * XXX Does any hardware require the {th,uh}_sum | | 716 | * XXX Does any hardware require the {th,uh}_sum |
728 | * XXX fields to be 0? | | 717 | * XXX fields to be 0? |
729 | */ | | 718 | */ |
730 | if (sw_csum & M_CSUM_IPv4) { | | 719 | if (sw_csum & M_CSUM_IPv4) { |
731 | KASSERT(IN_NEED_CHECKSUM(ifp, M_CSUM_IPv4)); | | 720 | KASSERT(IN_NEED_CHECKSUM(ifp, M_CSUM_IPv4)); |
732 | ip->ip_sum = in_cksum(m, hlen); | | 721 | ip->ip_sum = in_cksum(m, hlen); |
733 | m->m_pkthdr.csum_flags &= ~M_CSUM_IPv4; | | 722 | m->m_pkthdr.csum_flags &= ~M_CSUM_IPv4; |
734 | } | | 723 | } |
735 | if (sw_csum & (M_CSUM_TCPv4|M_CSUM_UDPv4)) { | | 724 | if (sw_csum & (M_CSUM_TCPv4|M_CSUM_UDPv4)) { |
736 | if (IN_NEED_CHECKSUM(ifp, | | 725 | if (IN_NEED_CHECKSUM(ifp, |
737 | sw_csum & (M_CSUM_TCPv4|M_CSUM_UDPv4))) { | | 726 | sw_csum & (M_CSUM_TCPv4|M_CSUM_UDPv4))) { |
738 | in_delayed_cksum(m); | | 727 | in_delayed_cksum(m); |
739 | } | | 728 | } |
740 | m->m_pkthdr.csum_flags &= | | 729 | m->m_pkthdr.csum_flags &= |
741 | ~(M_CSUM_TCPv4|M_CSUM_UDPv4); | | 730 | ~(M_CSUM_TCPv4|M_CSUM_UDPv4); |
742 | } | | 731 | } |
743 | } | | 732 | } |
744 | | | 733 | |
745 | sa = (m->m_flags & M_MCAST) ? sintocsa(rdst) : sintocsa(dst); | | 734 | sa = (m->m_flags & M_MCAST) ? sintocsa(rdst) : sintocsa(dst); |
746 | if (__predict_true( | | 735 | if (__predict_true( |
747 | (m->m_pkthdr.csum_flags & M_CSUM_TSOv4) == 0 || | | 736 | (m->m_pkthdr.csum_flags & M_CSUM_TSOv4) == 0 || |
748 | (ifp->if_capenable & IFCAP_TSOv4) != 0)) { | | 737 | (ifp->if_capenable & IFCAP_TSOv4) != 0)) { |
749 | error = ip_hresolv_output(ifp, m, sa, rt); | | 738 | error = ip_hresolv_output(ifp, m, sa, rt); |
750 | } else { | | 739 | } else { |
751 | error = ip_tso_output(ifp, m, sa, rt); | | 740 | error = ip_tso_output(ifp, m, sa, rt); |
752 | } | | 741 | } |
753 | goto done; | | 742 | goto done; |
754 | } | | 743 | } |
755 | | | 744 | |
756 | /* | | 745 | /* |
757 | * We can't use HW checksumming if we're about to | | 746 | * We can't use HW checksumming if we're about to |
758 | * to fragment the packet. | | 747 | * to fragment the packet. |
759 | * | | 748 | * |
760 | * XXX Some hardware can do this. | | 749 | * XXX Some hardware can do this. |
761 | */ | | 750 | */ |
762 | if (m->m_pkthdr.csum_flags & (M_CSUM_TCPv4|M_CSUM_UDPv4)) { | | 751 | if (m->m_pkthdr.csum_flags & (M_CSUM_TCPv4|M_CSUM_UDPv4)) { |
763 | if (IN_NEED_CHECKSUM(ifp, | | 752 | if (IN_NEED_CHECKSUM(ifp, |
764 | m->m_pkthdr.csum_flags & (M_CSUM_TCPv4|M_CSUM_UDPv4))) { | | 753 | m->m_pkthdr.csum_flags & (M_CSUM_TCPv4|M_CSUM_UDPv4))) { |
765 | in_delayed_cksum(m); | | 754 | in_delayed_cksum(m); |
766 | } | | 755 | } |
767 | m->m_pkthdr.csum_flags &= ~(M_CSUM_TCPv4|M_CSUM_UDPv4); | | 756 | m->m_pkthdr.csum_flags &= ~(M_CSUM_TCPv4|M_CSUM_UDPv4); |
768 | } | | 757 | } |
769 | | | 758 | |
770 | /* | | 759 | /* |
771 | * Too large for interface; fragment if possible. | | 760 | * Too large for interface; fragment if possible. |
772 | * Must be able to put at least 8 bytes per fragment. | | 761 | * Must be able to put at least 8 bytes per fragment. |
773 | */ | | 762 | */ |
774 | if (ntohs(ip->ip_off) & IP_DF) { | | 763 | if (ntohs(ip->ip_off) & IP_DF) { |
775 | if (flags & IP_RETURNMTU) { | | 764 | if (flags & IP_RETURNMTU) { |
776 | struct inpcb *inp; | | 765 | struct inpcb *inp; |
777 | | | 766 | |
778 | KASSERT(so && solocked(so)); | | 767 | KASSERT(so && solocked(so)); |
779 | inp = sotoinpcb(so); | | 768 | inp = sotoinpcb(so); |
780 | inp->inp_errormtu = mtu; | | 769 | inp->inp_errormtu = mtu; |
781 | } | | 770 | } |
782 | error = EMSGSIZE; | | 771 | error = EMSGSIZE; |
783 | IP_STATINC(IP_STAT_CANTFRAG); | | 772 | IP_STATINC(IP_STAT_CANTFRAG); |
784 | goto bad; | | 773 | goto bad; |
785 | } | | 774 | } |
786 | | | 775 | |
787 | error = ip_fragment(m, ifp, mtu); | | 776 | error = ip_fragment(m, ifp, mtu); |
788 | if (error) { | | 777 | if (error) { |
789 | m = NULL; | | 778 | m = NULL; |
790 | goto bad; | | 779 | goto bad; |
791 | } | | 780 | } |
792 | | | 781 | |
793 | for (; m; m = m0) { | | 782 | for (; m; m = m0) { |
794 | m0 = m->m_nextpkt; | | 783 | m0 = m->m_nextpkt; |
795 | m->m_nextpkt = 0; | | 784 | m->m_nextpkt = 0; |
796 | if (error) { | | 785 | if (error) { |
797 | m_freem(m); | | 786 | m_freem(m); |
798 | continue; | | 787 | continue; |
799 | } | | 788 | } |
800 | #if IFA_STATS | | 789 | #if IFA_STATS |
801 | if (ia) | | 790 | if (ia) |
802 | ia->ia_ifa.ifa_data.ifad_outbytes += ntohs(ip->ip_len); | | 791 | ia->ia_ifa.ifa_data.ifad_outbytes += ntohs(ip->ip_len); |
803 | #endif | | 792 | #endif |
804 | /* | | 793 | /* |
805 | * If we get there, the packet has not been handled by | | 794 | * If we get there, the packet has not been handled by |
806 | * IPsec whereas it should have. Now that it has been | | 795 | * IPsec whereas it should have. Now that it has been |
807 | * fragmented, re-inject it in ip_output so that IPsec | | 796 | * fragmented, re-inject it in ip_output so that IPsec |
808 | * processing can occur. | | 797 | * processing can occur. |
809 | */ | | 798 | */ |
810 | if (natt_frag) { | | 799 | if (natt_frag) { |
811 | error = ip_output(m, opt, ro, | | 800 | error = ip_output(m, opt, ro, |
812 | flags | IP_RAWOUTPUT | IP_NOIPNEWID, | | 801 | flags | IP_RAWOUTPUT | IP_NOIPNEWID, |
813 | imo, so); | | 802 | imo, so); |
814 | } else { | | 803 | } else { |
815 | KASSERT((m->m_pkthdr.csum_flags & | | 804 | KASSERT((m->m_pkthdr.csum_flags & |
816 | (M_CSUM_UDPv4 | M_CSUM_TCPv4)) == 0); | | 805 | (M_CSUM_UDPv4 | M_CSUM_TCPv4)) == 0); |
817 | error = ip_hresolv_output(ifp, m, | | 806 | error = ip_hresolv_output(ifp, m, |
818 | (m->m_flags & M_MCAST) ? | | 807 | (m->m_flags & M_MCAST) ? |
819 | sintocsa(rdst) : sintocsa(dst), rt); | | 808 | sintocsa(rdst) : sintocsa(dst), rt); |
820 | } | | 809 | } |
821 | } | | 810 | } |
822 | if (error == 0) { | | 811 | if (error == 0) { |
823 | IP_STATINC(IP_STAT_FRAGMENTED); | | 812 | IP_STATINC(IP_STAT_FRAGMENTED); |
824 | } | | 813 | } |
825 | done: | | 814 | done: |
826 | if (ro == &iproute) { | | 815 | if (ro == &iproute) { |
827 | rtcache_free(&iproute); | | 816 | rtcache_free(&iproute); |
828 | } | | 817 | } |
829 | #ifdef IPSEC | | 818 | #ifdef IPSEC |
830 | if (sp) { | | 819 | if (sp) { |
831 | KEY_FREESP(&sp); | | 820 | KEY_FREESP(&sp); |
832 | } | | 821 | } |
833 | #endif | | 822 | #endif |
834 | return error; | | 823 | return error; |
835 | bad: | | 824 | bad: |
836 | m_freem(m); | | 825 | m_freem(m); |
837 | goto done; | | 826 | goto done; |
838 | } | | 827 | } |
839 | | | 828 | |
840 | int | | 829 | int |
841 | ip_fragment(struct mbuf *m, struct ifnet *ifp, u_long mtu) | | 830 | ip_fragment(struct mbuf *m, struct ifnet *ifp, u_long mtu) |
842 | { | | 831 | { |
843 | struct ip *ip, *mhip; | | 832 | struct ip *ip, *mhip; |
844 | struct mbuf *m0; | | 833 | struct mbuf *m0; |
845 | int len, hlen, off; | | 834 | int len, hlen, off; |
846 | int mhlen, firstlen; | | 835 | int mhlen, firstlen; |
847 | struct mbuf **mnext; | | 836 | struct mbuf **mnext; |
848 | int sw_csum = m->m_pkthdr.csum_flags; | | 837 | int sw_csum = m->m_pkthdr.csum_flags; |
849 | int fragments = 0; | | 838 | int fragments = 0; |
850 | int s; | | 839 | int s; |
851 | int error = 0; | | 840 | int error = 0; |
852 | | | 841 | |
853 | ip = mtod(m, struct ip *); | | 842 | ip = mtod(m, struct ip *); |
854 | hlen = ip->ip_hl << 2; | | 843 | hlen = ip->ip_hl << 2; |
855 | if (ifp != NULL) | | 844 | if (ifp != NULL) |
856 | sw_csum &= ~ifp->if_csum_flags_tx; | | 845 | sw_csum &= ~ifp->if_csum_flags_tx; |
857 | | | 846 | |
858 | len = (mtu - hlen) &~ 7; | | 847 | len = (mtu - hlen) &~ 7; |
859 | if (len < 8) { | | 848 | if (len < 8) { |
860 | m_freem(m); | | 849 | m_freem(m); |
861 | return (EMSGSIZE); | | 850 | return (EMSGSIZE); |
862 | } | | 851 | } |
863 | | | 852 | |
864 | firstlen = len; | | 853 | firstlen = len; |
865 | mnext = &m->m_nextpkt; | | 854 | mnext = &m->m_nextpkt; |
866 | | | 855 | |
867 | /* | | 856 | /* |
868 | * Loop through length of segment after first fragment, | | 857 | * Loop through length of segment after first fragment, |
869 | * make new header and copy data of each part and link onto chain. | | 858 | * make new header and copy data of each part and link onto chain. |
870 | */ | | 859 | */ |
871 | m0 = m; | | 860 | m0 = m; |
872 | mhlen = sizeof (struct ip); | | 861 | mhlen = sizeof (struct ip); |
873 | for (off = hlen + len; off < ntohs(ip->ip_len); off += len) { | | 862 | for (off = hlen + len; off < ntohs(ip->ip_len); off += len) { |
874 | MGETHDR(m, M_DONTWAIT, MT_HEADER); | | 863 | MGETHDR(m, M_DONTWAIT, MT_HEADER); |
875 | if (m == 0) { | | 864 | if (m == 0) { |
876 | error = ENOBUFS; | | 865 | error = ENOBUFS; |
877 | IP_STATINC(IP_STAT_ODROPPED); | | 866 | IP_STATINC(IP_STAT_ODROPPED); |
878 | goto sendorfree; | | 867 | goto sendorfree; |
879 | } | | 868 | } |
880 | MCLAIM(m, m0->m_owner); | | 869 | MCLAIM(m, m0->m_owner); |
881 | *mnext = m; | | 870 | *mnext = m; |
882 | mnext = &m->m_nextpkt; | | 871 | mnext = &m->m_nextpkt; |
883 | m->m_data += max_linkhdr; | | 872 | m->m_data += max_linkhdr; |
884 | mhip = mtod(m, struct ip *); | | 873 | mhip = mtod(m, struct ip *); |
885 | *mhip = *ip; | | 874 | *mhip = *ip; |
886 | /* we must inherit MCAST and BCAST flags */ | | 875 | /* we must inherit MCAST and BCAST flags */ |
887 | m->m_flags |= m0->m_flags & (M_MCAST|M_BCAST); | | 876 | m->m_flags |= m0->m_flags & (M_MCAST|M_BCAST); |
888 | if (hlen > sizeof (struct ip)) { | | 877 | if (hlen > sizeof (struct ip)) { |
889 | mhlen = ip_optcopy(ip, mhip) + sizeof (struct ip); | | 878 | mhlen = ip_optcopy(ip, mhip) + sizeof (struct ip); |
890 | mhip->ip_hl = mhlen >> 2; | | 879 | mhip->ip_hl = mhlen >> 2; |
891 | } | | 880 | } |
892 | m->m_len = mhlen; | | 881 | m->m_len = mhlen; |
893 | mhip->ip_off = ((off - hlen) >> 3) + | | 882 | mhip->ip_off = ((off - hlen) >> 3) + |
894 | (ntohs(ip->ip_off) & ~IP_MF); | | 883 | (ntohs(ip->ip_off) & ~IP_MF); |
895 | if (ip->ip_off & htons(IP_MF)) | | 884 | if (ip->ip_off & htons(IP_MF)) |
896 | mhip->ip_off |= IP_MF; | | 885 | mhip->ip_off |= IP_MF; |
897 | if (off + len >= ntohs(ip->ip_len)) | | 886 | if (off + len >= ntohs(ip->ip_len)) |
898 | len = ntohs(ip->ip_len) - off; | | 887 | len = ntohs(ip->ip_len) - off; |
899 | else | | 888 | else |
900 | mhip->ip_off |= IP_MF; | | 889 | mhip->ip_off |= IP_MF; |
901 | HTONS(mhip->ip_off); | | 890 | HTONS(mhip->ip_off); |
902 | mhip->ip_len = htons((u_int16_t)(len + mhlen)); | | 891 | mhip->ip_len = htons((u_int16_t)(len + mhlen)); |
903 | m->m_next = m_copym(m0, off, len, M_DONTWAIT); | | 892 | m->m_next = m_copym(m0, off, len, M_DONTWAIT); |
904 | if (m->m_next == 0) { | | 893 | if (m->m_next == 0) { |
905 | error = ENOBUFS; /* ??? */ | | 894 | error = ENOBUFS; /* ??? */ |
906 | IP_STATINC(IP_STAT_ODROPPED); | | 895 | IP_STATINC(IP_STAT_ODROPPED); |
907 | goto sendorfree; | | 896 | goto sendorfree; |
908 | } | | 897 | } |
909 | m->m_pkthdr.len = mhlen + len; | | 898 | m->m_pkthdr.len = mhlen + len; |
910 | m->m_pkthdr.rcvif = NULL; | | 899 | m->m_pkthdr.rcvif = NULL; |
911 | mhip->ip_sum = 0; | | 900 | mhip->ip_sum = 0; |
912 | KASSERT((m->m_pkthdr.csum_flags & M_CSUM_IPv4) == 0); | | 901 | KASSERT((m->m_pkthdr.csum_flags & M_CSUM_IPv4) == 0); |
913 | if (sw_csum & M_CSUM_IPv4) { | | 902 | if (sw_csum & M_CSUM_IPv4) { |
914 | mhip->ip_sum = in_cksum(m, mhlen); | | 903 | mhip->ip_sum = in_cksum(m, mhlen); |
915 | } else { | | 904 | } else { |
916 | /* | | 905 | /* |
917 | * checksum is hw-offloaded or not necessary. | | 906 | * checksum is hw-offloaded or not necessary. |
918 | */ | | 907 | */ |
919 | m->m_pkthdr.csum_flags |= | | 908 | m->m_pkthdr.csum_flags |= |
920 | m0->m_pkthdr.csum_flags & M_CSUM_IPv4; | | 909 | m0->m_pkthdr.csum_flags & M_CSUM_IPv4; |
921 | m->m_pkthdr.csum_data |= mhlen << 16; | | 910 | m->m_pkthdr.csum_data |= mhlen << 16; |
922 | KASSERT(!(ifp != NULL && | | 911 | KASSERT(!(ifp != NULL && |
923 | IN_NEED_CHECKSUM(ifp, M_CSUM_IPv4)) || | | 912 | IN_NEED_CHECKSUM(ifp, M_CSUM_IPv4)) || |
924 | (m->m_pkthdr.csum_flags & M_CSUM_IPv4) != 0); | | 913 | (m->m_pkthdr.csum_flags & M_CSUM_IPv4) != 0); |
925 | } | | 914 | } |
926 | IP_STATINC(IP_STAT_OFRAGMENTS); | | 915 | IP_STATINC(IP_STAT_OFRAGMENTS); |
927 | fragments++; | | 916 | fragments++; |
928 | } | | 917 | } |
929 | /* | | 918 | /* |
930 | * Update first fragment by trimming what's been copied out | | 919 | * Update first fragment by trimming what's been copied out |
931 | * and updating header, then send each fragment (in order). | | 920 | * and updating header, then send each fragment (in order). |
932 | */ | | 921 | */ |
933 | m = m0; | | 922 | m = m0; |
934 | m_adj(m, hlen + firstlen - ntohs(ip->ip_len)); | | 923 | m_adj(m, hlen + firstlen - ntohs(ip->ip_len)); |
935 | m->m_pkthdr.len = hlen + firstlen; | | 924 | m->m_pkthdr.len = hlen + firstlen; |
936 | ip->ip_len = htons((u_int16_t)m->m_pkthdr.len); | | 925 | ip->ip_len = htons((u_int16_t)m->m_pkthdr.len); |
937 | ip->ip_off |= htons(IP_MF); | | 926 | ip->ip_off |= htons(IP_MF); |
938 | ip->ip_sum = 0; | | 927 | ip->ip_sum = 0; |
939 | if (sw_csum & M_CSUM_IPv4) { | | 928 | if (sw_csum & M_CSUM_IPv4) { |
940 | ip->ip_sum = in_cksum(m, hlen); | | 929 | ip->ip_sum = in_cksum(m, hlen); |
941 | m->m_pkthdr.csum_flags &= ~M_CSUM_IPv4; | | 930 | m->m_pkthdr.csum_flags &= ~M_CSUM_IPv4; |
942 | } else { | | 931 | } else { |
943 | /* | | 932 | /* |
944 | * checksum is hw-offloaded or not necessary. | | 933 | * checksum is hw-offloaded or not necessary. |
945 | */ | | 934 | */ |
946 | KASSERT(!(ifp != NULL && IN_NEED_CHECKSUM(ifp, M_CSUM_IPv4)) || | | 935 | KASSERT(!(ifp != NULL && IN_NEED_CHECKSUM(ifp, M_CSUM_IPv4)) || |
947 | (m->m_pkthdr.csum_flags & M_CSUM_IPv4) != 0); | | 936 | (m->m_pkthdr.csum_flags & M_CSUM_IPv4) != 0); |
948 | KASSERT(M_CSUM_DATA_IPv4_IPHL(m->m_pkthdr.csum_data) >= | | 937 | KASSERT(M_CSUM_DATA_IPv4_IPHL(m->m_pkthdr.csum_data) >= |
949 | sizeof(struct ip)); | | 938 | sizeof(struct ip)); |
950 | } | | 939 | } |
951 | sendorfree: | | 940 | sendorfree: |
952 | /* | | 941 | /* |
953 | * If there is no room for all the fragments, don't queue | | 942 | * If there is no room for all the fragments, don't queue |
954 | * any of them. | | 943 | * any of them. |
955 | */ | | 944 | */ |
956 | if (ifp != NULL) { | | 945 | if (ifp != NULL) { |
957 | s = splnet(); | | 946 | s = splnet(); |
958 | if (ifp->if_snd.ifq_maxlen - ifp->if_snd.ifq_len < fragments && | | 947 | if (ifp->if_snd.ifq_maxlen - ifp->if_snd.ifq_len < fragments && |
959 | error == 0) { | | 948 | error == 0) { |
960 | error = ENOBUFS; | | 949 | error = ENOBUFS; |
961 | IP_STATINC(IP_STAT_ODROPPED); | | 950 | IP_STATINC(IP_STAT_ODROPPED); |
962 | IFQ_INC_DROPS(&ifp->if_snd); | | 951 | IFQ_INC_DROPS(&ifp->if_snd); |
963 | } | | 952 | } |
964 | splx(s); | | 953 | splx(s); |
965 | } | | 954 | } |
966 | if (error) { | | 955 | if (error) { |
967 | for (m = m0; m; m = m0) { | | 956 | for (m = m0; m; m = m0) { |
968 | m0 = m->m_nextpkt; | | 957 | m0 = m->m_nextpkt; |
969 | m->m_nextpkt = NULL; | | 958 | m->m_nextpkt = NULL; |
970 | m_freem(m); | | 959 | m_freem(m); |
971 | } | | 960 | } |
972 | } | | 961 | } |
973 | return (error); | | 962 | return (error); |
974 | } | | 963 | } |
975 | | | 964 | |
976 | /* | | 965 | /* |
977 | * Process a delayed payload checksum calculation. | | 966 | * Process a delayed payload checksum calculation. |
978 | */ | | 967 | */ |
979 | void | | 968 | void |
980 | in_delayed_cksum(struct mbuf *m) | | 969 | in_delayed_cksum(struct mbuf *m) |
981 | { | | 970 | { |
982 | struct ip *ip; | | 971 | struct ip *ip; |
983 | u_int16_t csum, offset; | | 972 | u_int16_t csum, offset; |
984 | | | 973 | |
985 | ip = mtod(m, struct ip *); | | 974 | ip = mtod(m, struct ip *); |
986 | offset = ip->ip_hl << 2; | | 975 | offset = ip->ip_hl << 2; |
987 | csum = in4_cksum(m, 0, offset, ntohs(ip->ip_len) - offset); | | 976 | csum = in4_cksum(m, 0, offset, ntohs(ip->ip_len) - offset); |
988 | if (csum == 0 && (m->m_pkthdr.csum_flags & M_CSUM_UDPv4) != 0) | | 977 | if (csum == 0 && (m->m_pkthdr.csum_flags & M_CSUM_UDPv4) != 0) |
989 | csum = 0xffff; | | 978 | csum = 0xffff; |
990 | | | 979 | |
991 | offset += M_CSUM_DATA_IPv4_OFFSET(m->m_pkthdr.csum_data); | | 980 | offset += M_CSUM_DATA_IPv4_OFFSET(m->m_pkthdr.csum_data); |
992 | | | 981 | |
993 | if ((offset + sizeof(u_int16_t)) > m->m_len) { | | 982 | if ((offset + sizeof(u_int16_t)) > m->m_len) { |
994 | /* This happen when ip options were inserted | | 983 | /* This happen when ip options were inserted |
995 | printf("in_delayed_cksum: pullup len %d off %d proto %d\n", | | 984 | printf("in_delayed_cksum: pullup len %d off %d proto %d\n", |
996 | m->m_len, offset, ip->ip_p); | | 985 | m->m_len, offset, ip->ip_p); |
997 | */ | | 986 | */ |
998 | m_copyback(m, offset, sizeof(csum), (void *) &csum); | | 987 | m_copyback(m, offset, sizeof(csum), (void *) &csum); |
999 | } else | | 988 | } else |
1000 | *(u_int16_t *)(mtod(m, char *) + offset) = csum; | | 989 | *(u_int16_t *)(mtod(m, char *) + offset) = csum; |
1001 | } | | 990 | } |
1002 | | | 991 | |
1003 | /* | | 992 | /* |
1004 | * Determine the maximum length of the options to be inserted; | | 993 | * Determine the maximum length of the options to be inserted; |
1005 | * we would far rather allocate too much space rather than too little. | | 994 | * we would far rather allocate too much space rather than too little. |
1006 | */ | | 995 | */ |
1007 | | | 996 | |
1008 | u_int | | 997 | u_int |
1009 | ip_optlen(struct inpcb *inp) | | 998 | ip_optlen(struct inpcb *inp) |
1010 | { | | 999 | { |
1011 | struct mbuf *m = inp->inp_options; | | 1000 | struct mbuf *m = inp->inp_options; |
1012 | | | 1001 | |
1013 | if (m && m->m_len > offsetof(struct ipoption, ipopt_dst)) { | | 1002 | if (m && m->m_len > offsetof(struct ipoption, ipopt_dst)) { |
1014 | return (m->m_len - offsetof(struct ipoption, ipopt_dst)); | | 1003 | return (m->m_len - offsetof(struct ipoption, ipopt_dst)); |
1015 | } | | 1004 | } |
1016 | return 0; | | 1005 | return 0; |
1017 | } | | 1006 | } |
1018 | | | 1007 | |
1019 | /* | | 1008 | /* |
1020 | * Insert IP options into preformed packet. | | 1009 | * Insert IP options into preformed packet. |
1021 | * Adjust IP destination as required for IP source routing, | | 1010 | * Adjust IP destination as required for IP source routing, |
1022 | * as indicated by a non-zero in_addr at the start of the options. | | 1011 | * as indicated by a non-zero in_addr at the start of the options. |
1023 | */ | | 1012 | */ |
1024 | static struct mbuf * | | 1013 | static struct mbuf * |
1025 | ip_insertoptions(struct mbuf *m, struct mbuf *opt, int *phlen) | | 1014 | ip_insertoptions(struct mbuf *m, struct mbuf *opt, int *phlen) |
1026 | { | | 1015 | { |
1027 | struct ipoption *p = mtod(opt, struct ipoption *); | | 1016 | struct ipoption *p = mtod(opt, struct ipoption *); |
1028 | struct mbuf *n; | | 1017 | struct mbuf *n; |
1029 | struct ip *ip = mtod(m, struct ip *); | | 1018 | struct ip *ip = mtod(m, struct ip *); |
1030 | unsigned optlen; | | 1019 | unsigned optlen; |
1031 | | | 1020 | |
1032 | optlen = opt->m_len - sizeof(p->ipopt_dst); | | 1021 | optlen = opt->m_len - sizeof(p->ipopt_dst); |
1033 | if (optlen + ntohs(ip->ip_len) > IP_MAXPACKET) | | 1022 | if (optlen + ntohs(ip->ip_len) > IP_MAXPACKET) |
1034 | return (m); /* XXX should fail */ | | 1023 | return (m); /* XXX should fail */ |
1035 | if (!in_nullhost(p->ipopt_dst)) | | 1024 | if (!in_nullhost(p->ipopt_dst)) |
1036 | ip->ip_dst = p->ipopt_dst; | | 1025 | ip->ip_dst = p->ipopt_dst; |
1037 | if (M_READONLY(m) || M_LEADINGSPACE(m) < optlen) { | | 1026 | if (M_READONLY(m) || M_LEADINGSPACE(m) < optlen) { |
1038 | MGETHDR(n, M_DONTWAIT, MT_HEADER); | | 1027 | MGETHDR(n, M_DONTWAIT, MT_HEADER); |
1039 | if (n == 0) | | 1028 | if (n == 0) |
1040 | return (m); | | 1029 | return (m); |
1041 | MCLAIM(n, m->m_owner); | | 1030 | MCLAIM(n, m->m_owner); |
1042 | M_MOVE_PKTHDR(n, m); | | 1031 | M_MOVE_PKTHDR(n, m); |
1043 | m->m_len -= sizeof(struct ip); | | 1032 | m->m_len -= sizeof(struct ip); |
1044 | m->m_data += sizeof(struct ip); | | 1033 | m->m_data += sizeof(struct ip); |
1045 | n->m_next = m; | | 1034 | n->m_next = m; |
1046 | m = n; | | 1035 | m = n; |
1047 | m->m_len = optlen + sizeof(struct ip); | | 1036 | m->m_len = optlen + sizeof(struct ip); |
1048 | m->m_data += max_linkhdr; | | 1037 | m->m_data += max_linkhdr; |
1049 | bcopy((void *)ip, mtod(m, void *), sizeof(struct ip)); | | 1038 | bcopy((void *)ip, mtod(m, void *), sizeof(struct ip)); |
1050 | } else { | | 1039 | } else { |
1051 | m->m_data -= optlen; | | 1040 | m->m_data -= optlen; |
1052 | m->m_len += optlen; | | 1041 | m->m_len += optlen; |
1053 | memmove(mtod(m, void *), ip, sizeof(struct ip)); | | 1042 | memmove(mtod(m, void *), ip, sizeof(struct ip)); |
1054 | } | | 1043 | } |
1055 | m->m_pkthdr.len += optlen; | | 1044 | m->m_pkthdr.len += optlen; |
1056 | ip = mtod(m, struct ip *); | | 1045 | ip = mtod(m, struct ip *); |
1057 | bcopy((void *)p->ipopt_list, (void *)(ip + 1), (unsigned)optlen); | | 1046 | bcopy((void *)p->ipopt_list, (void *)(ip + 1), (unsigned)optlen); |
1058 | *phlen = sizeof(struct ip) + optlen; | | 1047 | *phlen = sizeof(struct ip) + optlen; |
1059 | ip->ip_len = htons(ntohs(ip->ip_len) + optlen); | | 1048 | ip->ip_len = htons(ntohs(ip->ip_len) + optlen); |
1060 | return (m); | | 1049 | return (m); |
1061 | } | | 1050 | } |
1062 | | | 1051 | |
1063 | /* | | 1052 | /* |
1064 | * Copy options from ip to jp, | | 1053 | * Copy options from ip to jp, |
1065 | * omitting those not copied during fragmentation. | | 1054 | * omitting those not copied during fragmentation. |
1066 | */ | | 1055 | */ |
1067 | int | | 1056 | int |
1068 | ip_optcopy(struct ip *ip, struct ip *jp) | | 1057 | ip_optcopy(struct ip *ip, struct ip *jp) |
1069 | { | | 1058 | { |
1070 | u_char *cp, *dp; | | 1059 | u_char *cp, *dp; |
1071 | int opt, optlen, cnt; | | 1060 | int opt, optlen, cnt; |
1072 | | | 1061 | |
1073 | cp = (u_char *)(ip + 1); | | 1062 | cp = (u_char *)(ip + 1); |
1074 | dp = (u_char *)(jp + 1); | | 1063 | dp = (u_char *)(jp + 1); |
1075 | cnt = (ip->ip_hl << 2) - sizeof (struct ip); | | 1064 | cnt = (ip->ip_hl << 2) - sizeof (struct ip); |
1076 | for (; cnt > 0; cnt -= optlen, cp += optlen) { | | 1065 | for (; cnt > 0; cnt -= optlen, cp += optlen) { |
1077 | opt = cp[0]; | | 1066 | opt = cp[0]; |
1078 | if (opt == IPOPT_EOL) | | 1067 | if (opt == IPOPT_EOL) |
1079 | break; | | 1068 | break; |
1080 | if (opt == IPOPT_NOP) { | | 1069 | if (opt == IPOPT_NOP) { |
1081 | /* Preserve for IP mcast tunnel's LSRR alignment. */ | | 1070 | /* Preserve for IP mcast tunnel's LSRR alignment. */ |
1082 | *dp++ = IPOPT_NOP; | | 1071 | *dp++ = IPOPT_NOP; |
1083 | optlen = 1; | | 1072 | optlen = 1; |
1084 | continue; | | 1073 | continue; |
1085 | } | | 1074 | } |
1086 | | | 1075 | |
1087 | KASSERT(cnt >= IPOPT_OLEN + sizeof(*cp)); | | 1076 | KASSERT(cnt >= IPOPT_OLEN + sizeof(*cp)); |
1088 | optlen = cp[IPOPT_OLEN]; | | 1077 | optlen = cp[IPOPT_OLEN]; |
1089 | KASSERT(optlen >= IPOPT_OLEN + sizeof(*cp) && optlen < cnt); | | 1078 | KASSERT(optlen >= IPOPT_OLEN + sizeof(*cp) && optlen < cnt); |
1090 | | | 1079 | |
1091 | /* Invalid lengths should have been caught by ip_dooptions. */ | | 1080 | /* Invalid lengths should have been caught by ip_dooptions. */ |
1092 | if (optlen > cnt) | | 1081 | if (optlen > cnt) |
1093 | optlen = cnt; | | 1082 | optlen = cnt; |
1094 | if (IPOPT_COPIED(opt)) { | | 1083 | if (IPOPT_COPIED(opt)) { |
1095 | bcopy((void *)cp, (void *)dp, (unsigned)optlen); | | 1084 | bcopy((void *)cp, (void *)dp, (unsigned)optlen); |
1096 | dp += optlen; | | 1085 | dp += optlen; |
1097 | } | | 1086 | } |
1098 | } | | 1087 | } |
1099 | for (optlen = dp - (u_char *)(jp+1); optlen & 0x3; optlen++) | | 1088 | for (optlen = dp - (u_char *)(jp+1); optlen & 0x3; optlen++) |
1100 | *dp++ = IPOPT_EOL; | | 1089 | *dp++ = IPOPT_EOL; |
1101 | return (optlen); | | 1090 | return (optlen); |
1102 | } | | 1091 | } |
1103 | | | 1092 | |
1104 | /* | | 1093 | /* |
1105 | * IP socket option processing. | | 1094 | * IP socket option processing. |
1106 | */ | | 1095 | */ |
1107 | int | | 1096 | int |
1108 | ip_ctloutput(int op, struct socket *so, struct sockopt *sopt) | | 1097 | ip_ctloutput(int op, struct socket *so, struct sockopt *sopt) |
1109 | { | | 1098 | { |
1110 | struct inpcb *inp = sotoinpcb(so); | | 1099 | struct inpcb *inp = sotoinpcb(so); |
1111 | struct ip *ip = &inp->inp_ip; | | 1100 | struct ip *ip = &inp->inp_ip; |
1112 | int inpflags = inp->inp_flags; | | 1101 | int inpflags = inp->inp_flags; |
1113 | int optval = 0, error = 0; | | 1102 | int optval = 0, error = 0; |
1114 | | | 1103 | |
1115 | if (sopt->sopt_level != IPPROTO_IP) { | | 1104 | if (sopt->sopt_level != IPPROTO_IP) { |
1116 | if (sopt->sopt_level == SOL_SOCKET && sopt->sopt_name == SO_NOHEADER) | | 1105 | if (sopt->sopt_level == SOL_SOCKET && sopt->sopt_name == SO_NOHEADER) |
1117 | return 0; | | 1106 | return 0; |
1118 | return ENOPROTOOPT; | | 1107 | return ENOPROTOOPT; |
1119 | } | | 1108 | } |
1120 | | | 1109 | |
1121 | switch (op) { | | 1110 | switch (op) { |
1122 | case PRCO_SETOPT: | | 1111 | case PRCO_SETOPT: |
1123 | switch (sopt->sopt_name) { | | 1112 | switch (sopt->sopt_name) { |
1124 | case IP_OPTIONS: | | 1113 | case IP_OPTIONS: |
1125 | #ifdef notyet | | 1114 | #ifdef notyet |
1126 | case IP_RETOPTS: | | 1115 | case IP_RETOPTS: |
1127 | #endif | | 1116 | #endif |
1128 | error = ip_pcbopts(inp, sopt); | | 1117 | error = ip_pcbopts(inp, sopt); |
1129 | break; | | 1118 | break; |
1130 | | | 1119 | |
1131 | case IP_TOS: | | 1120 | case IP_TOS: |
1132 | case IP_TTL: | | 1121 | case IP_TTL: |
1133 | case IP_MINTTL: | | 1122 | case IP_MINTTL: |
1134 | case IP_PKTINFO: | | 1123 | case IP_PKTINFO: |
1135 | case IP_RECVOPTS: | | 1124 | case IP_RECVOPTS: |
1136 | case IP_RECVRETOPTS: | | 1125 | case IP_RECVRETOPTS: |
1137 | case IP_RECVDSTADDR: | | 1126 | case IP_RECVDSTADDR: |
1138 | case IP_RECVIF: | | 1127 | case IP_RECVIF: |
1139 | case IP_RECVPKTINFO: | | 1128 | case IP_RECVPKTINFO: |
1140 | case IP_RECVTTL: | | 1129 | case IP_RECVTTL: |
1141 | error = sockopt_getint(sopt, &optval); | | 1130 | error = sockopt_getint(sopt, &optval); |
1142 | if (error) | | 1131 | if (error) |
1143 | break; | | 1132 | break; |
1144 | | | 1133 | |
1145 | switch (sopt->sopt_name) { | | 1134 | switch (sopt->sopt_name) { |
1146 | case IP_TOS: | | 1135 | case IP_TOS: |
1147 | ip->ip_tos = optval; | | 1136 | ip->ip_tos = optval; |
1148 | break; | | 1137 | break; |
1149 | | | 1138 | |
1150 | case IP_TTL: | | 1139 | case IP_TTL: |
1151 | ip->ip_ttl = optval; | | 1140 | ip->ip_ttl = optval; |
1152 | break; | | 1141 | break; |
1153 | | | 1142 | |
1154 | case IP_MINTTL: | | 1143 | case IP_MINTTL: |
1155 | if (optval > 0 && optval <= MAXTTL) | | 1144 | if (optval > 0 && optval <= MAXTTL) |
1156 | inp->inp_ip_minttl = optval; | | 1145 | inp->inp_ip_minttl = optval; |
1157 | else | | 1146 | else |
1158 | error = EINVAL; | | 1147 | error = EINVAL; |
1159 | break; | | 1148 | break; |
1160 | #define OPTSET(bit) \ | | 1149 | #define OPTSET(bit) \ |
1161 | if (optval) \ | | 1150 | if (optval) \ |
1162 | inpflags |= bit; \ | | 1151 | inpflags |= bit; \ |
1163 | else \ | | 1152 | else \ |
1164 | inpflags &= ~bit; | | 1153 | inpflags &= ~bit; |
1165 | | | 1154 | |
1166 | case IP_PKTINFO: | | 1155 | case IP_PKTINFO: |
1167 | OPTSET(INP_PKTINFO); | | 1156 | OPTSET(INP_PKTINFO); |
1168 | break; | | 1157 | break; |
1169 | | | 1158 | |
1170 | case IP_RECVOPTS: | | 1159 | case IP_RECVOPTS: |
1171 | OPTSET(INP_RECVOPTS); | | 1160 | OPTSET(INP_RECVOPTS); |
1172 | break; | | 1161 | break; |
1173 | | | 1162 | |
1174 | case IP_RECVPKTINFO: | | 1163 | case IP_RECVPKTINFO: |
1175 | OPTSET(INP_RECVPKTINFO); | | 1164 | OPTSET(INP_RECVPKTINFO); |
1176 | break; | | 1165 | break; |
1177 | | | 1166 | |
1178 | case IP_RECVRETOPTS: | | 1167 | case IP_RECVRETOPTS: |
1179 | OPTSET(INP_RECVRETOPTS); | | 1168 | OPTSET(INP_RECVRETOPTS); |
1180 | break; | | 1169 | break; |
1181 | | | 1170 | |
1182 | case IP_RECVDSTADDR: | | 1171 | case IP_RECVDSTADDR: |
1183 | OPTSET(INP_RECVDSTADDR); | | 1172 | OPTSET(INP_RECVDSTADDR); |
1184 | break; | | 1173 | break; |
1185 | | | 1174 | |
1186 | case IP_RECVIF: | | 1175 | case IP_RECVIF: |
1187 | OPTSET(INP_RECVIF); | | 1176 | OPTSET(INP_RECVIF); |
1188 | break; | | 1177 | break; |
1189 | | | 1178 | |
1190 | case IP_RECVTTL: | | 1179 | case IP_RECVTTL: |
1191 | OPTSET(INP_RECVTTL); | | 1180 | OPTSET(INP_RECVTTL); |
1192 | break; | | 1181 | break; |
1193 | } | | 1182 | } |
1194 | break; | | 1183 | break; |
1195 | #undef OPTSET | | 1184 | #undef OPTSET |
1196 | | | 1185 | |
1197 | case IP_MULTICAST_IF: | | 1186 | case IP_MULTICAST_IF: |
1198 | case IP_MULTICAST_TTL: | | 1187 | case IP_MULTICAST_TTL: |
1199 | case IP_MULTICAST_LOOP: | | 1188 | case IP_MULTICAST_LOOP: |
1200 | case IP_ADD_MEMBERSHIP: | | 1189 | case IP_ADD_MEMBERSHIP: |
1201 | case IP_DROP_MEMBERSHIP: | | 1190 | case IP_DROP_MEMBERSHIP: |
1202 | error = ip_setmoptions(&inp->inp_moptions, sopt); | | 1191 | error = ip_setmoptions(&inp->inp_moptions, sopt); |
1203 | break; | | 1192 | break; |
1204 | | | 1193 | |
1205 | case IP_PORTRANGE: | | 1194 | case IP_PORTRANGE: |
1206 | error = sockopt_getint(sopt, &optval); | | 1195 | error = sockopt_getint(sopt, &optval); |
1207 | if (error) | | 1196 | if (error) |
1208 | break; | | 1197 | break; |
1209 | | | 1198 | |
1210 | switch (optval) { | | 1199 | switch (optval) { |
1211 | case IP_PORTRANGE_DEFAULT: | | 1200 | case IP_PORTRANGE_DEFAULT: |
1212 | case IP_PORTRANGE_HIGH: | | 1201 | case IP_PORTRANGE_HIGH: |
1213 | inpflags &= ~(INP_LOWPORT); | | 1202 | inpflags &= ~(INP_LOWPORT); |
1214 | break; | | 1203 | break; |
1215 | | | 1204 | |
1216 | case IP_PORTRANGE_LOW: | | 1205 | case IP_PORTRANGE_LOW: |
1217 | inpflags |= INP_LOWPORT; | | 1206 | inpflags |= INP_LOWPORT; |
1218 | break; | | 1207 | break; |
1219 | | | 1208 | |
1220 | default: | | 1209 | default: |
1221 | error = EINVAL; | | 1210 | error = EINVAL; |
1222 | break; | | 1211 | break; |
1223 | } | | 1212 | } |
1224 | break; | | 1213 | break; |
1225 | | | 1214 | |
1226 | case IP_PORTALGO: | | 1215 | case IP_PORTALGO: |
1227 | error = sockopt_getint(sopt, &optval); | | 1216 | error = sockopt_getint(sopt, &optval); |
1228 | if (error) | | 1217 | if (error) |
1229 | break; | | 1218 | break; |
1230 | | | 1219 | |
1231 | error = portalgo_algo_index_select( | | 1220 | error = portalgo_algo_index_select( |
1232 | (struct inpcb_hdr *)inp, optval); | | 1221 | (struct inpcb_hdr *)inp, optval); |
1233 | break; | | 1222 | break; |
1234 | | | 1223 | |
1235 | #if defined(IPSEC) | | 1224 | #if defined(IPSEC) |
1236 | case IP_IPSEC_POLICY: | | 1225 | case IP_IPSEC_POLICY: |
1237 | if (ipsec_enabled) { | | 1226 | if (ipsec_enabled) { |
1238 | error = ipsec4_set_policy(inp, sopt->sopt_name, | | 1227 | error = ipsec4_set_policy(inp, sopt->sopt_name, |
1239 | sopt->sopt_data, sopt->sopt_size, | | 1228 | sopt->sopt_data, sopt->sopt_size, |
1240 | curlwp->l_cred); | | 1229 | curlwp->l_cred); |
1241 | break; | | 1230 | break; |
1242 | } | | 1231 | } |
1243 | /*FALLTHROUGH*/ | | 1232 | /*FALLTHROUGH*/ |
1244 | #endif /* IPSEC */ | | 1233 | #endif /* IPSEC */ |
1245 | | | 1234 | |
1246 | default: | | 1235 | default: |
1247 | error = ENOPROTOOPT; | | 1236 | error = ENOPROTOOPT; |
1248 | break; | | 1237 | break; |
1249 | } | | 1238 | } |
1250 | break; | | 1239 | break; |
1251 | | | 1240 | |
1252 | case PRCO_GETOPT: | | 1241 | case PRCO_GETOPT: |
1253 | switch (sopt->sopt_name) { | | 1242 | switch (sopt->sopt_name) { |
1254 | case IP_OPTIONS: | | 1243 | case IP_OPTIONS: |
1255 | case IP_RETOPTS: { | | 1244 | case IP_RETOPTS: { |
1256 | struct mbuf *mopts = inp->inp_options; | | 1245 | struct mbuf *mopts = inp->inp_options; |
1257 | | | 1246 | |
1258 | if (mopts) { | | 1247 | if (mopts) { |
1259 | struct mbuf *m; | | 1248 | struct mbuf *m; |
1260 | | | 1249 | |
1261 | m = m_copym(mopts, 0, M_COPYALL, M_DONTWAIT); | | 1250 | m = m_copym(mopts, 0, M_COPYALL, M_DONTWAIT); |
1262 | if (m == NULL) { | | 1251 | if (m == NULL) { |
1263 | error = ENOBUFS; | | 1252 | error = ENOBUFS; |
1264 | break; | | 1253 | break; |
1265 | } | | 1254 | } |
1266 | error = sockopt_setmbuf(sopt, m); | | 1255 | error = sockopt_setmbuf(sopt, m); |
1267 | } | | 1256 | } |
1268 | break; | | 1257 | break; |
1269 | } | | 1258 | } |
1270 | case IP_PKTINFO: | | 1259 | case IP_PKTINFO: |
1271 | case IP_TOS: | | 1260 | case IP_TOS: |
1272 | case IP_TTL: | | 1261 | case IP_TTL: |
1273 | case IP_MINTTL: | | 1262 | case IP_MINTTL: |
1274 | case IP_RECVOPTS: | | 1263 | case IP_RECVOPTS: |
1275 | case IP_RECVRETOPTS: | | 1264 | case IP_RECVRETOPTS: |
1276 | case IP_RECVDSTADDR: | | 1265 | case IP_RECVDSTADDR: |
1277 | case IP_RECVIF: | | 1266 | case IP_RECVIF: |
1278 | case IP_RECVPKTINFO: | | 1267 | case IP_RECVPKTINFO: |
1279 | case IP_RECVTTL: | | 1268 | case IP_RECVTTL: |
1280 | case IP_ERRORMTU: | | 1269 | case IP_ERRORMTU: |
1281 | switch (sopt->sopt_name) { | | 1270 | switch (sopt->sopt_name) { |
1282 | case IP_TOS: | | 1271 | case IP_TOS: |
1283 | optval = ip->ip_tos; | | 1272 | optval = ip->ip_tos; |
1284 | break; | | 1273 | break; |
1285 | | | 1274 | |
1286 | case IP_TTL: | | 1275 | case IP_TTL: |
1287 | optval = ip->ip_ttl; | | 1276 | optval = ip->ip_ttl; |
1288 | break; | | 1277 | break; |
1289 | | | 1278 | |
1290 | case IP_MINTTL: | | 1279 | case IP_MINTTL: |
1291 | optval = inp->inp_ip_minttl; | | 1280 | optval = inp->inp_ip_minttl; |
1292 | break; | | 1281 | break; |
1293 | | | 1282 | |
1294 | case IP_ERRORMTU: | | 1283 | case IP_ERRORMTU: |
1295 | optval = inp->inp_errormtu; | | 1284 | optval = inp->inp_errormtu; |
1296 | break; | | 1285 | break; |
1297 | | | 1286 | |
1298 | #define OPTBIT(bit) (inpflags & bit ? 1 : 0) | | 1287 | #define OPTBIT(bit) (inpflags & bit ? 1 : 0) |
1299 | | | 1288 | |
1300 | case IP_PKTINFO: | | 1289 | case IP_PKTINFO: |
1301 | optval = OPTBIT(INP_PKTINFO); | | 1290 | optval = OPTBIT(INP_PKTINFO); |
1302 | break; | | 1291 | break; |
1303 | | | 1292 | |
1304 | case IP_RECVOPTS: | | 1293 | case IP_RECVOPTS: |
1305 | optval = OPTBIT(INP_RECVOPTS); | | 1294 | optval = OPTBIT(INP_RECVOPTS); |
1306 | break; | | 1295 | break; |
1307 | | | 1296 | |
1308 | case IP_RECVPKTINFO: | | 1297 | case IP_RECVPKTINFO: |
1309 | optval = OPTBIT(INP_RECVPKTINFO); | | 1298 | optval = OPTBIT(INP_RECVPKTINFO); |
1310 | break; | | 1299 | break; |
1311 | | | 1300 | |
1312 | case IP_RECVRETOPTS: | | 1301 | case IP_RECVRETOPTS: |
1313 | optval = OPTBIT(INP_RECVRETOPTS); | | 1302 | optval = OPTBIT(INP_RECVRETOPTS); |
1314 | break; | | 1303 | break; |
1315 | | | 1304 | |
1316 | case IP_RECVDSTADDR: | | 1305 | case IP_RECVDSTADDR: |
1317 | optval = OPTBIT(INP_RECVDSTADDR); | | 1306 | optval = OPTBIT(INP_RECVDSTADDR); |
1318 | break; | | 1307 | break; |
1319 | | | 1308 | |
1320 | case IP_RECVIF: | | 1309 | case IP_RECVIF: |
1321 | optval = OPTBIT(INP_RECVIF); | | 1310 | optval = OPTBIT(INP_RECVIF); |
1322 | break; | | 1311 | break; |
1323 | | | 1312 | |
1324 | case IP_RECVTTL: | | 1313 | case IP_RECVTTL: |
1325 | optval = OPTBIT(INP_RECVTTL); | | 1314 | optval = OPTBIT(INP_RECVTTL); |
1326 | break; | | 1315 | break; |
1327 | } | | 1316 | } |
1328 | error = sockopt_setint(sopt, optval); | | 1317 | error = sockopt_setint(sopt, optval); |
1329 | break; | | 1318 | break; |
1330 | | | 1319 | |
1331 | #if 0 /* defined(IPSEC) */ | | 1320 | #if 0 /* defined(IPSEC) */ |
1332 | case IP_IPSEC_POLICY: | | 1321 | case IP_IPSEC_POLICY: |
1333 | { | | 1322 | { |
1334 | struct mbuf *m = NULL; | | 1323 | struct mbuf *m = NULL; |
1335 | | | 1324 | |
1336 | /* XXX this will return EINVAL as sopt is empty */ | | 1325 | /* XXX this will return EINVAL as sopt is empty */ |
1337 | error = ipsec4_get_policy(inp, sopt->sopt_data, | | 1326 | error = ipsec4_get_policy(inp, sopt->sopt_data, |
1338 | sopt->sopt_size, &m); | | 1327 | sopt->sopt_size, &m); |
1339 | if (error == 0) | | 1328 | if (error == 0) |
1340 | error = sockopt_setmbuf(sopt, m); | | 1329 | error = sockopt_setmbuf(sopt, m); |
1341 | break; | | 1330 | break; |
1342 | } | | 1331 | } |
1343 | #endif /*IPSEC*/ | | 1332 | #endif /*IPSEC*/ |
1344 | | | 1333 | |
1345 | case IP_MULTICAST_IF: | | 1334 | case IP_MULTICAST_IF: |
1346 | case IP_MULTICAST_TTL: | | 1335 | case IP_MULTICAST_TTL: |
1347 | case IP_MULTICAST_LOOP: | | 1336 | case IP_MULTICAST_LOOP: |
1348 | case IP_ADD_MEMBERSHIP: | | 1337 | case IP_ADD_MEMBERSHIP: |
1349 | case IP_DROP_MEMBERSHIP: | | 1338 | case IP_DROP_MEMBERSHIP: |
1350 | error = ip_getmoptions(inp->inp_moptions, sopt); | | 1339 | error = ip_getmoptions(inp->inp_moptions, sopt); |
1351 | break; | | 1340 | break; |
1352 | | | 1341 | |
1353 | case IP_PORTRANGE: | | 1342 | case IP_PORTRANGE: |
1354 | if (inpflags & INP_LOWPORT) | | 1343 | if (inpflags & INP_LOWPORT) |
1355 | optval = IP_PORTRANGE_LOW; | | 1344 | optval = IP_PORTRANGE_LOW; |
1356 | else | | 1345 | else |
1357 | optval = IP_PORTRANGE_DEFAULT; | | 1346 | optval = IP_PORTRANGE_DEFAULT; |
1358 | error = sockopt_setint(sopt, optval); | | 1347 | error = sockopt_setint(sopt, optval); |
1359 | break; | | 1348 | break; |
1360 | | | 1349 | |
1361 | case IP_PORTALGO: | | 1350 | case IP_PORTALGO: |
1362 | optval = inp->inp_portalgo; | | 1351 | optval = inp->inp_portalgo; |
1363 | error = sockopt_setint(sopt, optval); | | 1352 | error = sockopt_setint(sopt, optval); |
1364 | break; | | 1353 | break; |
1365 | | | 1354 | |
1366 | default: | | 1355 | default: |
1367 | error = ENOPROTOOPT; | | 1356 | error = ENOPROTOOPT; |
1368 | break; | | 1357 | break; |
1369 | } | | 1358 | } |
1370 | break; | | 1359 | break; |
1371 | } | | 1360 | } |
1372 | | | 1361 | |
1373 | if (!error) { | | 1362 | if (!error) { |