1/*
2 * Copyright (c) 2000-2013 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28/*
29 * Copyright (c) 1982, 1986, 1993
30 * The Regents of the University of California. All rights reserved.
31 *
32 * Redistribution and use in source and binary forms, with or without
33 * modification, are permitted provided that the following conditions
34 * are met:
35 * 1. Redistributions of source code must retain the above copyright
36 * notice, this list of conditions and the following disclaimer.
37 * 2. Redistributions in binary form must reproduce the above copyright
38 * notice, this list of conditions and the following disclaimer in the
39 * documentation and/or other materials provided with the distribution.
40 * 3. All advertising materials mentioning features or use of this software
41 * must display the following acknowledgement:
42 * This product includes software developed by the University of
43 * California, Berkeley and its contributors.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 * @(#)in_proto.c 8.2 (Berkeley) 2/9/95
61 */
62
63#include <sys/param.h>
64#include <sys/kernel.h>
65#include <sys/socket.h>
66#include <sys/domain.h>
67#include <sys/protosw.h>
68#include <sys/queue.h>
69#include <sys/sysctl.h>
70#include <sys/mbuf.h>
71
72#include <kern/debug.h>
73
74#include <net/if.h>
75#include <net/route.h>
76#include <net/kpi_protocol.h>
77
78#include <netinet/in.h>
79#include <netinet/in_var.h>
80#include <netinet/in_systm.h>
81#include <netinet/ip.h>
82#include <netinet/ip_var.h>
83#include <netinet/ip_icmp.h>
84#include <netinet/igmp_var.h>
85#include <netinet/tcp.h>
86#include <netinet/tcp_timer.h>
87#include <netinet/tcp_var.h>
88#include <netinet/tcpip.h>
89#include <netinet/udp.h>
90#include <netinet/udp_var.h>
91#include <netinet/ip_encap.h>
92#include <netinet/ip_divert.h>
93
94
95/*
96 * TCP/IP protocol family: IP, ICMP, UDP, TCP.
97 */
98
99#if IPSEC
100#include <netinet6/ipsec.h>
101#include <netinet6/ah.h>
102#if IPSEC_ESP
103#include <netinet6/esp.h>
104#endif
105#include <netinet6/ipcomp.h>
106#endif /* IPSEC */
107
108static void in_dinit(struct domain *);
109static void ip_proto_input(protocol_family_t, mbuf_t);
110
111extern struct domain inetdomain_s;
112static struct pr_usrreqs nousrreqs;
113extern struct pr_usrreqs icmp_dgram_usrreqs;
114extern int icmp_dgram_ctloutput(struct socket *, struct sockopt *);
115
116struct domain *inetdomain = NULL;
117
118/* Thanks to PPP, this still needs to be exported */
119lck_mtx_t *inet_domain_mutex;
120
121static struct protosw inetsw[] = {
122{
123 .pr_type = 0,
124 .pr_protocol = 0,
125 .pr_init = ip_init,
126 .pr_drain = ip_drain,
127 .pr_usrreqs = &nousrreqs,
128},
129{
130 .pr_type = SOCK_DGRAM,
131 .pr_protocol = IPPROTO_UDP,
132 .pr_flags = PR_ATOMIC|PR_ADDR|PR_PROTOLOCK|PR_PCBLOCK|
133 PR_EVCONNINFO|PR_PRECONN_WRITE,
134 .pr_input = udp_input,
135 .pr_ctlinput = udp_ctlinput,
136 .pr_ctloutput = udp_ctloutput,
137 .pr_init = udp_init,
138 .pr_usrreqs = &udp_usrreqs,
139 .pr_lock = udp_lock,
140 .pr_unlock = udp_unlock,
141 .pr_getlock = udp_getlock,
142},
143{
144 .pr_type = SOCK_STREAM,
145 .pr_protocol = IPPROTO_TCP,
146 .pr_flags = PR_CONNREQUIRED|PR_WANTRCVD|PR_PCBLOCK|
147 PR_PROTOLOCK|PR_DISPOSE|PR_EVCONNINFO|
148 PR_PRECONN_WRITE|PR_DATA_IDEMPOTENT,
149 .pr_input = tcp_input,
150 .pr_ctlinput = tcp_ctlinput,
151 .pr_ctloutput = tcp_ctloutput,
152 .pr_init = tcp_init,
153 .pr_drain = tcp_drain,
154 .pr_usrreqs = &tcp_usrreqs,
155 .pr_lock = tcp_lock,
156 .pr_unlock = tcp_unlock,
157 .pr_getlock = tcp_getlock,
158},
159{
160 .pr_type = SOCK_RAW,
161 .pr_protocol = IPPROTO_RAW,
162 .pr_flags = PR_ATOMIC|PR_ADDR,
163 .pr_input = rip_input,
164 .pr_ctlinput = rip_ctlinput,
165 .pr_ctloutput = rip_ctloutput,
166 .pr_usrreqs = &rip_usrreqs,
167 .pr_unlock = rip_unlock,
168},
169{
170 .pr_type = SOCK_RAW,
171 .pr_protocol = IPPROTO_ICMP,
172 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR,
173 .pr_input = icmp_input,
174 .pr_ctloutput = rip_ctloutput,
175 .pr_usrreqs = &rip_usrreqs,
176 .pr_unlock = rip_unlock,
177},
178{
179 .pr_type = SOCK_DGRAM,
180 .pr_protocol = IPPROTO_ICMP,
181 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR,
182 .pr_input = icmp_input,
183 .pr_ctloutput = icmp_dgram_ctloutput,
184 .pr_usrreqs = &icmp_dgram_usrreqs,
185 .pr_unlock = rip_unlock,
186},
187{
188 .pr_type = SOCK_RAW,
189 .pr_protocol = IPPROTO_IGMP,
190 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR,
191 .pr_input = igmp_input,
192 .pr_ctloutput = rip_ctloutput,
193 .pr_init = igmp_init,
194 .pr_usrreqs = &rip_usrreqs,
195 .pr_unlock = rip_unlock,
196},
197{
198 .pr_type = SOCK_RAW,
199 .pr_protocol = IPPROTO_GRE,
200 .pr_flags = PR_ATOMIC|PR_ADDR,
201 .pr_input = gre_input,
202 .pr_ctlinput = rip_ctlinput,
203 .pr_ctloutput = rip_ctloutput,
204 .pr_usrreqs = &rip_usrreqs,
205 .pr_unlock = rip_unlock,
206},
207#if IPSEC
208{
209 .pr_type = SOCK_RAW,
210 .pr_protocol = IPPROTO_AH,
211 .pr_flags = PR_ATOMIC|PR_ADDR|PR_PROTOLOCK,
212 .pr_input = ah4_input,
213 .pr_usrreqs = &nousrreqs,
214},
215#if IPSEC_ESP
216{
217 .pr_type = SOCK_RAW,
218 .pr_protocol = IPPROTO_ESP,
219 .pr_flags = PR_ATOMIC|PR_ADDR|PR_PROTOLOCK,
220 .pr_input = esp4_input,
221 .pr_usrreqs = &nousrreqs,
222},
223#endif /* IPSEC_ESP */
224{
225 .pr_type = SOCK_RAW,
226 .pr_protocol = IPPROTO_IPCOMP,
227 .pr_flags = PR_ATOMIC|PR_ADDR|PR_PROTOLOCK,
228 .pr_input = ipcomp4_input,
229 .pr_usrreqs = &nousrreqs,
230},
231#endif /* IPSEC */
232{
233 .pr_type = SOCK_RAW,
234 .pr_protocol = IPPROTO_IPV4,
235 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR,
236 .pr_input = encap4_input,
237 .pr_ctloutput = rip_ctloutput,
238 .pr_init = encap4_init,
239 .pr_usrreqs = &rip_usrreqs,
240 .pr_unlock = rip_unlock,
241},
242#if INET6
243{
244 .pr_type = SOCK_RAW,
245 .pr_protocol = IPPROTO_IPV6,
246 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR,
247 .pr_input = encap4_input,
248 .pr_ctloutput = rip_ctloutput,
249 .pr_init = encap4_init,
250 .pr_usrreqs = &rip_usrreqs,
251 .pr_unlock = rip_unlock,
252},
253#endif /* INET6 */
254#if IPDIVERT
255{
256 .pr_type = SOCK_RAW,
257 .pr_protocol = IPPROTO_DIVERT,
258 .pr_flags = PR_ATOMIC|PR_ADDR|PR_PCBLOCK,
259 .pr_input = div_input,
260 .pr_ctloutput = ip_ctloutput,
261 .pr_init = div_init,
262 .pr_usrreqs = &div_usrreqs,
263 .pr_lock = div_lock,
264 .pr_unlock = div_unlock,
265 .pr_getlock = div_getlock,
266},
267#endif /* IPDIVERT */
268/* raw wildcard */
269{
270 .pr_type = SOCK_RAW,
271 .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR,
272 .pr_input = rip_input,
273 .pr_ctloutput = rip_ctloutput,
274 .pr_init = rip_init,
275 .pr_usrreqs = &rip_usrreqs,
276 .pr_unlock = rip_unlock,
277},
278};
279
280static int in_proto_count = (sizeof (inetsw) / sizeof (struct protosw));
281
282struct domain inetdomain_s = {
283 .dom_family = PF_INET,
284 .dom_flags = DOM_REENTRANT,
285 .dom_name = "internet",
286 .dom_init = in_dinit,
287 .dom_rtattach = in_inithead,
288 .dom_rtoffset = 32,
289 .dom_maxrtkey = sizeof (struct sockaddr_in),
290 .dom_protohdrlen = sizeof (struct tcpiphdr),
291};
292
293/* Initialize the PF_INET domain, and add in the pre-defined protos */
294void
295in_dinit(struct domain *dp)
296{
297 struct protosw *pr;
298 int i;
299 domain_unguard_t unguard;
300
301 VERIFY(!(dp->dom_flags & DOM_INITIALIZED));
302 VERIFY(inetdomain == NULL);
303
304 inetdomain = dp;
305
306 /*
307 * Verify that the maximum possible tcp/ip header will still
308 * fit in a small mbuf because m_pullup only puls into 256
309 * byte mbuf
310 */
311 _CASSERT((sizeof(struct tcpiphdr) + TCP_MAXOLEN) <= _MHLEN);
312
313 /*
314 * Attach first, then initialize; ip_init() needs raw IP handler.
315 */
316 for (i = 0, pr = &inetsw[0]; i < in_proto_count; i++, pr++)
317 net_add_proto(pr, dp, 0);
318 for (i = 0, pr = &inetsw[0]; i < in_proto_count; i++, pr++)
319 net_init_proto(pr, dp);
320
321 inet_domain_mutex = dp->dom_mtx;
322
323 unguard = domain_unguard_deploy();
324 i = proto_register_input(PF_INET, ip_proto_input, NULL, 1);
325 if (i != 0) {
326 panic("%s: failed to register PF_INET protocol: %d\n",
327 __func__, i);
328 /* NOTREACHED */
329 }
330 domain_unguard_release(unguard);
331}
332
333static void
334ip_proto_input(protocol_family_t protocol, mbuf_t packet_list)
335{
336#pragma unused(protocol)
337
338 if (packet_list->m_nextpkt != NULL) {
339 ip_input_process_list(packet_list);
340 } else {
341 /*
342 * XXX remove this path if ip_input_process_list is proven
343 * to be stable and has minimum overhead on most platforms.
344 */
345 ip_input(packet_list);
346 }
347}
348
349SYSCTL_NODE(_net, PF_INET, inet,
350 CTLFLAG_RW|CTLFLAG_LOCKED, 0, "Internet Family");
351
352SYSCTL_NODE(_net_inet, IPPROTO_IP, ip,
353 CTLFLAG_RW|CTLFLAG_LOCKED, 0, "IP");
354SYSCTL_NODE(_net_inet, IPPROTO_ICMP, icmp,
355 CTLFLAG_RW|CTLFLAG_LOCKED, 0, "ICMP");
356SYSCTL_NODE(_net_inet, IPPROTO_UDP, udp,
357 CTLFLAG_RW|CTLFLAG_LOCKED, 0, "UDP");
358SYSCTL_NODE(_net_inet, IPPROTO_TCP, tcp,
359 CTLFLAG_RW|CTLFLAG_LOCKED, 0, "TCP");
360SYSCTL_NODE(_net_inet, IPPROTO_IGMP, igmp,
361 CTLFLAG_RW|CTLFLAG_LOCKED, 0, "IGMP");
362#if IPSEC
363SYSCTL_NODE(_net_inet, IPPROTO_AH, ipsec,
364 CTLFLAG_RW|CTLFLAG_LOCKED, 0, "IPSEC");
365#endif /* IPSEC */
366SYSCTL_NODE(_net_inet, IPPROTO_RAW, raw,
367 CTLFLAG_RW|CTLFLAG_LOCKED, 0, "RAW");
368#if IPDIVERT
369SYSCTL_NODE(_net_inet, IPPROTO_DIVERT, div,
370 CTLFLAG_RW|CTLFLAG_LOCKED, 0, "DIVERT");
371#endif /* IPDIVERT */
372