1 | /* |
2 | * Copyright (c) 2000-2013 Apple Inc. All rights reserved. |
3 | * |
4 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ |
5 | * |
6 | * This file contains Original Code and/or Modifications of Original Code |
7 | * as defined in and that are subject to the Apple Public Source License |
8 | * Version 2.0 (the 'License'). You may not use this file except in |
9 | * compliance with the License. The rights granted to you under the License |
10 | * may not be used to create, or enable the creation or redistribution of, |
11 | * unlawful or unlicensed copies of an Apple operating system, or to |
12 | * circumvent, violate, or enable the circumvention or violation of, any |
13 | * terms of an Apple operating system software license agreement. |
14 | * |
15 | * Please obtain a copy of the License at |
16 | * http://www.opensource.apple.com/apsl/ and read it before using this file. |
17 | * |
18 | * The Original Code and all software distributed under the License are |
19 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER |
20 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, |
21 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, |
22 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. |
23 | * Please see the License for the specific language governing rights and |
24 | * limitations under the License. |
25 | * |
26 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ |
27 | */ |
28 | /* |
29 | * Copyright (c) 1982, 1986, 1993 |
30 | * The Regents of the University of California. All rights reserved. |
31 | * |
32 | * Redistribution and use in source and binary forms, with or without |
33 | * modification, are permitted provided that the following conditions |
34 | * are met: |
35 | * 1. Redistributions of source code must retain the above copyright |
36 | * notice, this list of conditions and the following disclaimer. |
37 | * 2. Redistributions in binary form must reproduce the above copyright |
38 | * notice, this list of conditions and the following disclaimer in the |
39 | * documentation and/or other materials provided with the distribution. |
40 | * 3. All advertising materials mentioning features or use of this software |
41 | * must display the following acknowledgement: |
42 | * This product includes software developed by the University of |
43 | * California, Berkeley and its contributors. |
44 | * 4. Neither the name of the University nor the names of its contributors |
45 | * may be used to endorse or promote products derived from this software |
46 | * without specific prior written permission. |
47 | * |
48 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND |
49 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
50 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
51 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE |
52 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
53 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
54 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
55 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
56 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
57 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
58 | * SUCH DAMAGE. |
59 | * |
60 | * @(#)in_proto.c 8.2 (Berkeley) 2/9/95 |
61 | */ |
62 | |
63 | #include <sys/param.h> |
64 | #include <sys/kernel.h> |
65 | #include <sys/socket.h> |
66 | #include <sys/domain.h> |
67 | #include <sys/protosw.h> |
68 | #include <sys/queue.h> |
69 | #include <sys/sysctl.h> |
70 | #include <sys/mbuf.h> |
71 | |
72 | #include <kern/debug.h> |
73 | |
74 | #include <net/if.h> |
75 | #include <net/route.h> |
76 | #include <net/kpi_protocol.h> |
77 | |
78 | #include <netinet/in.h> |
79 | #include <netinet/in_var.h> |
80 | #include <netinet/in_systm.h> |
81 | #include <netinet/ip.h> |
82 | #include <netinet/ip_var.h> |
83 | #include <netinet/ip_icmp.h> |
84 | #include <netinet/igmp_var.h> |
85 | #include <netinet/tcp.h> |
86 | #include <netinet/tcp_timer.h> |
87 | #include <netinet/tcp_var.h> |
88 | #include <netinet/tcpip.h> |
89 | #include <netinet/udp.h> |
90 | #include <netinet/udp_var.h> |
91 | #include <netinet/ip_encap.h> |
92 | #include <netinet/ip_divert.h> |
93 | |
94 | |
95 | /* |
96 | * TCP/IP protocol family: IP, ICMP, UDP, TCP. |
97 | */ |
98 | |
99 | #if IPSEC |
100 | #include <netinet6/ipsec.h> |
101 | #include <netinet6/ah.h> |
102 | #if IPSEC_ESP |
103 | #include <netinet6/esp.h> |
104 | #endif |
105 | #include <netinet6/ipcomp.h> |
106 | #endif /* IPSEC */ |
107 | |
108 | static void in_dinit(struct domain *); |
109 | static void ip_proto_input(protocol_family_t, mbuf_t); |
110 | |
111 | extern struct domain inetdomain_s; |
112 | static struct pr_usrreqs nousrreqs; |
113 | extern struct pr_usrreqs icmp_dgram_usrreqs; |
114 | extern int icmp_dgram_ctloutput(struct socket *, struct sockopt *); |
115 | |
116 | struct domain *inetdomain = NULL; |
117 | |
118 | /* Thanks to PPP, this still needs to be exported */ |
119 | lck_mtx_t *inet_domain_mutex; |
120 | |
121 | static struct protosw inetsw[] = { |
122 | { |
123 | .pr_type = 0, |
124 | .pr_protocol = 0, |
125 | .pr_init = ip_init, |
126 | .pr_drain = ip_drain, |
127 | .pr_usrreqs = &nousrreqs, |
128 | }, |
129 | { |
130 | .pr_type = SOCK_DGRAM, |
131 | .pr_protocol = IPPROTO_UDP, |
132 | .pr_flags = PR_ATOMIC|PR_ADDR|PR_PROTOLOCK|PR_PCBLOCK| |
133 | PR_EVCONNINFO|PR_PRECONN_WRITE, |
134 | .pr_input = udp_input, |
135 | .pr_ctlinput = udp_ctlinput, |
136 | .pr_ctloutput = udp_ctloutput, |
137 | .pr_init = udp_init, |
138 | .pr_usrreqs = &udp_usrreqs, |
139 | .pr_lock = udp_lock, |
140 | .pr_unlock = udp_unlock, |
141 | .pr_getlock = udp_getlock, |
142 | }, |
143 | { |
144 | .pr_type = SOCK_STREAM, |
145 | .pr_protocol = IPPROTO_TCP, |
146 | .pr_flags = PR_CONNREQUIRED|PR_WANTRCVD|PR_PCBLOCK| |
147 | PR_PROTOLOCK|PR_DISPOSE|PR_EVCONNINFO| |
148 | PR_PRECONN_WRITE|PR_DATA_IDEMPOTENT, |
149 | .pr_input = tcp_input, |
150 | .pr_ctlinput = tcp_ctlinput, |
151 | .pr_ctloutput = tcp_ctloutput, |
152 | .pr_init = tcp_init, |
153 | .pr_drain = tcp_drain, |
154 | .pr_usrreqs = &tcp_usrreqs, |
155 | .pr_lock = tcp_lock, |
156 | .pr_unlock = tcp_unlock, |
157 | .pr_getlock = tcp_getlock, |
158 | }, |
159 | { |
160 | .pr_type = SOCK_RAW, |
161 | .pr_protocol = IPPROTO_RAW, |
162 | .pr_flags = PR_ATOMIC|PR_ADDR, |
163 | .pr_input = rip_input, |
164 | .pr_ctlinput = rip_ctlinput, |
165 | .pr_ctloutput = rip_ctloutput, |
166 | .pr_usrreqs = &rip_usrreqs, |
167 | .pr_unlock = rip_unlock, |
168 | }, |
169 | { |
170 | .pr_type = SOCK_RAW, |
171 | .pr_protocol = IPPROTO_ICMP, |
172 | .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, |
173 | .pr_input = icmp_input, |
174 | .pr_ctloutput = rip_ctloutput, |
175 | .pr_usrreqs = &rip_usrreqs, |
176 | .pr_unlock = rip_unlock, |
177 | }, |
178 | { |
179 | .pr_type = SOCK_DGRAM, |
180 | .pr_protocol = IPPROTO_ICMP, |
181 | .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, |
182 | .pr_input = icmp_input, |
183 | .pr_ctloutput = icmp_dgram_ctloutput, |
184 | .pr_usrreqs = &icmp_dgram_usrreqs, |
185 | .pr_unlock = rip_unlock, |
186 | }, |
187 | { |
188 | .pr_type = SOCK_RAW, |
189 | .pr_protocol = IPPROTO_IGMP, |
190 | .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, |
191 | .pr_input = igmp_input, |
192 | .pr_ctloutput = rip_ctloutput, |
193 | .pr_init = igmp_init, |
194 | .pr_usrreqs = &rip_usrreqs, |
195 | .pr_unlock = rip_unlock, |
196 | }, |
197 | { |
198 | .pr_type = SOCK_RAW, |
199 | .pr_protocol = IPPROTO_GRE, |
200 | .pr_flags = PR_ATOMIC|PR_ADDR, |
201 | .pr_input = gre_input, |
202 | .pr_ctlinput = rip_ctlinput, |
203 | .pr_ctloutput = rip_ctloutput, |
204 | .pr_usrreqs = &rip_usrreqs, |
205 | .pr_unlock = rip_unlock, |
206 | }, |
207 | #if IPSEC |
208 | { |
209 | .pr_type = SOCK_RAW, |
210 | .pr_protocol = IPPROTO_AH, |
211 | .pr_flags = PR_ATOMIC|PR_ADDR|PR_PROTOLOCK, |
212 | .pr_input = ah4_input, |
213 | .pr_usrreqs = &nousrreqs, |
214 | }, |
215 | #if IPSEC_ESP |
216 | { |
217 | .pr_type = SOCK_RAW, |
218 | .pr_protocol = IPPROTO_ESP, |
219 | .pr_flags = PR_ATOMIC|PR_ADDR|PR_PROTOLOCK, |
220 | .pr_input = esp4_input, |
221 | .pr_usrreqs = &nousrreqs, |
222 | }, |
223 | #endif /* IPSEC_ESP */ |
224 | { |
225 | .pr_type = SOCK_RAW, |
226 | .pr_protocol = IPPROTO_IPCOMP, |
227 | .pr_flags = PR_ATOMIC|PR_ADDR|PR_PROTOLOCK, |
228 | .pr_input = ipcomp4_input, |
229 | .pr_usrreqs = &nousrreqs, |
230 | }, |
231 | #endif /* IPSEC */ |
232 | { |
233 | .pr_type = SOCK_RAW, |
234 | .pr_protocol = IPPROTO_IPV4, |
235 | .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, |
236 | .pr_input = encap4_input, |
237 | .pr_ctloutput = rip_ctloutput, |
238 | .pr_init = encap4_init, |
239 | .pr_usrreqs = &rip_usrreqs, |
240 | .pr_unlock = rip_unlock, |
241 | }, |
242 | #if INET6 |
243 | { |
244 | .pr_type = SOCK_RAW, |
245 | .pr_protocol = IPPROTO_IPV6, |
246 | .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, |
247 | .pr_input = encap4_input, |
248 | .pr_ctloutput = rip_ctloutput, |
249 | .pr_init = encap4_init, |
250 | .pr_usrreqs = &rip_usrreqs, |
251 | .pr_unlock = rip_unlock, |
252 | }, |
253 | #endif /* INET6 */ |
254 | #if IPDIVERT |
255 | { |
256 | .pr_type = SOCK_RAW, |
257 | .pr_protocol = IPPROTO_DIVERT, |
258 | .pr_flags = PR_ATOMIC|PR_ADDR|PR_PCBLOCK, |
259 | .pr_input = div_input, |
260 | .pr_ctloutput = ip_ctloutput, |
261 | .pr_init = div_init, |
262 | .pr_usrreqs = &div_usrreqs, |
263 | .pr_lock = div_lock, |
264 | .pr_unlock = div_unlock, |
265 | .pr_getlock = div_getlock, |
266 | }, |
267 | #endif /* IPDIVERT */ |
268 | /* raw wildcard */ |
269 | { |
270 | .pr_type = SOCK_RAW, |
271 | .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, |
272 | .pr_input = rip_input, |
273 | .pr_ctloutput = rip_ctloutput, |
274 | .pr_init = rip_init, |
275 | .pr_usrreqs = &rip_usrreqs, |
276 | .pr_unlock = rip_unlock, |
277 | }, |
278 | }; |
279 | |
280 | static int in_proto_count = (sizeof (inetsw) / sizeof (struct protosw)); |
281 | |
282 | struct domain inetdomain_s = { |
283 | .dom_family = PF_INET, |
284 | .dom_flags = DOM_REENTRANT, |
285 | .dom_name = "internet" , |
286 | .dom_init = in_dinit, |
287 | .dom_rtattach = in_inithead, |
288 | .dom_rtoffset = 32, |
289 | .dom_maxrtkey = sizeof (struct sockaddr_in), |
290 | .dom_protohdrlen = sizeof (struct tcpiphdr), |
291 | }; |
292 | |
293 | /* Initialize the PF_INET domain, and add in the pre-defined protos */ |
294 | void |
295 | in_dinit(struct domain *dp) |
296 | { |
297 | struct protosw *pr; |
298 | int i; |
299 | domain_unguard_t unguard; |
300 | |
301 | VERIFY(!(dp->dom_flags & DOM_INITIALIZED)); |
302 | VERIFY(inetdomain == NULL); |
303 | |
304 | inetdomain = dp; |
305 | |
306 | /* |
307 | * Verify that the maximum possible tcp/ip header will still |
308 | * fit in a small mbuf because m_pullup only puls into 256 |
309 | * byte mbuf |
310 | */ |
311 | _CASSERT((sizeof(struct tcpiphdr) + TCP_MAXOLEN) <= _MHLEN); |
312 | |
313 | /* |
314 | * Attach first, then initialize; ip_init() needs raw IP handler. |
315 | */ |
316 | for (i = 0, pr = &inetsw[0]; i < in_proto_count; i++, pr++) |
317 | net_add_proto(pr, dp, 0); |
318 | for (i = 0, pr = &inetsw[0]; i < in_proto_count; i++, pr++) |
319 | net_init_proto(pr, dp); |
320 | |
321 | inet_domain_mutex = dp->dom_mtx; |
322 | |
323 | unguard = domain_unguard_deploy(); |
324 | i = proto_register_input(PF_INET, ip_proto_input, NULL, 1); |
325 | if (i != 0) { |
326 | panic("%s: failed to register PF_INET protocol: %d\n" , |
327 | __func__, i); |
328 | /* NOTREACHED */ |
329 | } |
330 | domain_unguard_release(unguard); |
331 | } |
332 | |
333 | static void |
334 | ip_proto_input(protocol_family_t protocol, mbuf_t packet_list) |
335 | { |
336 | #pragma unused(protocol) |
337 | |
338 | if (packet_list->m_nextpkt != NULL) { |
339 | ip_input_process_list(packet_list); |
340 | } else { |
341 | /* |
342 | * XXX remove this path if ip_input_process_list is proven |
343 | * to be stable and has minimum overhead on most platforms. |
344 | */ |
345 | ip_input(packet_list); |
346 | } |
347 | } |
348 | |
349 | SYSCTL_NODE(_net, PF_INET, inet, |
350 | CTLFLAG_RW|CTLFLAG_LOCKED, 0, "Internet Family" ); |
351 | |
352 | SYSCTL_NODE(_net_inet, IPPROTO_IP, ip, |
353 | CTLFLAG_RW|CTLFLAG_LOCKED, 0, "IP" ); |
354 | SYSCTL_NODE(_net_inet, IPPROTO_ICMP, icmp, |
355 | CTLFLAG_RW|CTLFLAG_LOCKED, 0, "ICMP" ); |
356 | SYSCTL_NODE(_net_inet, IPPROTO_UDP, udp, |
357 | CTLFLAG_RW|CTLFLAG_LOCKED, 0, "UDP" ); |
358 | SYSCTL_NODE(_net_inet, IPPROTO_TCP, tcp, |
359 | CTLFLAG_RW|CTLFLAG_LOCKED, 0, "TCP" ); |
360 | SYSCTL_NODE(_net_inet, IPPROTO_IGMP, igmp, |
361 | CTLFLAG_RW|CTLFLAG_LOCKED, 0, "IGMP" ); |
362 | #if IPSEC |
363 | SYSCTL_NODE(_net_inet, IPPROTO_AH, ipsec, |
364 | CTLFLAG_RW|CTLFLAG_LOCKED, 0, "IPSEC" ); |
365 | #endif /* IPSEC */ |
366 | SYSCTL_NODE(_net_inet, IPPROTO_RAW, raw, |
367 | CTLFLAG_RW|CTLFLAG_LOCKED, 0, "RAW" ); |
368 | #if IPDIVERT |
369 | SYSCTL_NODE(_net_inet, IPPROTO_DIVERT, div, |
370 | CTLFLAG_RW|CTLFLAG_LOCKED, 0, "DIVERT" ); |
371 | #endif /* IPDIVERT */ |
372 | |