1 | /* |
2 | * Copyright (c) 2000-2018 Apple Inc. All rights reserved. |
3 | * |
4 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ |
5 | * |
6 | * This file contains Original Code and/or Modifications of Original Code |
7 | * as defined in and that are subject to the Apple Public Source License |
8 | * Version 2.0 (the 'License'). You may not use this file except in |
9 | * compliance with the License. The rights granted to you under the License |
10 | * may not be used to create, or enable the creation or redistribution of, |
11 | * unlawful or unlicensed copies of an Apple operating system, or to |
12 | * circumvent, violate, or enable the circumvention or violation of, any |
13 | * terms of an Apple operating system software license agreement. |
14 | * |
15 | * Please obtain a copy of the License at |
16 | * http://www.opensource.apple.com/apsl/ and read it before using this file. |
17 | * |
18 | * The Original Code and all software distributed under the License are |
19 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER |
20 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, |
21 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, |
22 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. |
23 | * Please see the License for the specific language governing rights and |
24 | * limitations under the License. |
25 | * |
26 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ |
27 | */ |
28 | /* |
29 | * Copyright (c) 1982, 1986, 1988, 1993 |
30 | * The Regents of the University of California. All rights reserved. |
31 | * |
32 | * Redistribution and use in source and binary forms, with or without |
33 | * modification, are permitted provided that the following conditions |
34 | * are met: |
35 | * 1. Redistributions of source code must retain the above copyright |
36 | * notice, this list of conditions and the following disclaimer. |
37 | * 2. Redistributions in binary form must reproduce the above copyright |
38 | * notice, this list of conditions and the following disclaimer in the |
39 | * documentation and/or other materials provided with the distribution. |
40 | * 3. All advertising materials mentioning features or use of this software |
41 | * must display the following acknowledgement: |
42 | * This product includes software developed by the University of |
43 | * California, Berkeley and its contributors. |
44 | * 4. Neither the name of the University nor the names of its contributors |
45 | * may be used to endorse or promote products derived from this software |
46 | * without specific prior written permission. |
47 | * |
48 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND |
49 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
50 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
51 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE |
52 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
53 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
54 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
55 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
56 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
57 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
58 | * SUCH DAMAGE. |
59 | * |
60 | * @(#)raw_ip.c 8.7 (Berkeley) 5/15/95 |
61 | */ |
62 | /* |
63 | * NOTICE: This file was modified by SPARTA, Inc. in 2005 to introduce |
64 | * support for mandatory and extensible security protections. This notice |
65 | * is included in support of clause 2.2 (b) of the Apple Public License, |
66 | * Version 2.0. |
67 | */ |
68 | |
69 | #include <sys/param.h> |
70 | #include <sys/systm.h> |
71 | #include <sys/kernel.h> |
72 | #include <sys/malloc.h> |
73 | #include <sys/mbuf.h> |
74 | #include <sys/mcache.h> |
75 | #include <sys/proc.h> |
76 | #include <sys/domain.h> |
77 | #include <sys/protosw.h> |
78 | #include <sys/socket.h> |
79 | #include <sys/socketvar.h> |
80 | #include <sys/sysctl.h> |
81 | #include <libkern/OSAtomic.h> |
82 | #include <kern/zalloc.h> |
83 | |
84 | #include <pexpert/pexpert.h> |
85 | |
86 | #include <net/if.h> |
87 | #include <net/net_api_stats.h> |
88 | #include <net/route.h> |
89 | |
90 | #define _IP_VHL |
91 | #include <netinet/in.h> |
92 | #include <netinet/in_systm.h> |
93 | #include <netinet/in_tclass.h> |
94 | #include <netinet/ip.h> |
95 | #include <netinet/in_pcb.h> |
96 | #include <netinet/in_var.h> |
97 | #include <netinet/ip_var.h> |
98 | |
99 | #if INET6 |
100 | #include <netinet6/in6_pcb.h> |
101 | #endif /* INET6 */ |
102 | |
103 | #include <netinet/ip_fw.h> |
104 | |
105 | #if IPSEC |
106 | #include <netinet6/ipsec.h> |
107 | #endif /*IPSEC*/ |
108 | |
109 | #if DUMMYNET |
110 | #include <netinet/ip_dummynet.h> |
111 | #endif |
112 | |
113 | #if CONFIG_MACF_NET |
114 | #include <security/mac_framework.h> |
115 | #endif /* MAC_NET */ |
116 | |
117 | int load_ipfw(void); |
118 | int rip_detach(struct socket *); |
119 | int rip_abort(struct socket *); |
120 | int rip_disconnect(struct socket *); |
121 | int rip_bind(struct socket *, struct sockaddr *, struct proc *); |
122 | int rip_connect(struct socket *, struct sockaddr *, struct proc *); |
123 | int rip_shutdown(struct socket *); |
124 | |
125 | struct inpcbhead ripcb; |
126 | struct inpcbinfo ripcbinfo; |
127 | |
128 | /* control hooks for ipfw and dummynet */ |
129 | #if IPFIREWALL |
130 | ip_fw_ctl_t *ip_fw_ctl_ptr; |
131 | #endif /* IPFIREWALL */ |
132 | #if DUMMYNET |
133 | ip_dn_ctl_t *ip_dn_ctl_ptr; |
134 | #endif /* DUMMYNET */ |
135 | |
136 | /* |
137 | * Nominal space allocated to a raw ip socket. |
138 | */ |
139 | #define RIPSNDQ 8192 |
140 | #define RIPRCVQ 8192 |
141 | |
142 | /* |
143 | * Raw interface to IP protocol. |
144 | */ |
145 | |
146 | /* |
147 | * Initialize raw connection block q. |
148 | */ |
149 | void |
150 | rip_init(struct protosw *pp, struct domain *dp) |
151 | { |
152 | #pragma unused(dp) |
153 | static int rip_initialized = 0; |
154 | struct inpcbinfo *pcbinfo; |
155 | |
156 | VERIFY((pp->pr_flags & (PR_INITIALIZED|PR_ATTACHED)) == PR_ATTACHED); |
157 | |
158 | if (rip_initialized) |
159 | return; |
160 | rip_initialized = 1; |
161 | |
162 | LIST_INIT(&ripcb); |
163 | ripcbinfo.ipi_listhead = &ripcb; |
164 | /* |
165 | * XXX We don't use the hash list for raw IP, but it's easier |
166 | * to allocate a one entry hash list than it is to check all |
167 | * over the place for ipi_hashbase == NULL. |
168 | */ |
169 | ripcbinfo.ipi_hashbase = hashinit(1, M_PCB, &ripcbinfo.ipi_hashmask); |
170 | ripcbinfo.ipi_porthashbase = hashinit(1, M_PCB, &ripcbinfo.ipi_porthashmask); |
171 | |
172 | ripcbinfo.ipi_zone = zinit(sizeof(struct inpcb), |
173 | (4096 * sizeof(struct inpcb)), 4096, "ripzone" ); |
174 | |
175 | pcbinfo = &ripcbinfo; |
176 | /* |
177 | * allocate lock group attribute and group for udp pcb mutexes |
178 | */ |
179 | pcbinfo->ipi_lock_grp_attr = lck_grp_attr_alloc_init(); |
180 | pcbinfo->ipi_lock_grp = lck_grp_alloc_init("ripcb" , pcbinfo->ipi_lock_grp_attr); |
181 | |
182 | /* |
183 | * allocate the lock attribute for udp pcb mutexes |
184 | */ |
185 | pcbinfo->ipi_lock_attr = lck_attr_alloc_init(); |
186 | if ((pcbinfo->ipi_lock = lck_rw_alloc_init(pcbinfo->ipi_lock_grp, |
187 | pcbinfo->ipi_lock_attr)) == NULL) { |
188 | panic("%s: unable to allocate PCB lock\n" , __func__); |
189 | /* NOTREACHED */ |
190 | } |
191 | |
192 | in_pcbinfo_attach(&ripcbinfo); |
193 | } |
194 | |
195 | static struct sockaddr_in ripsrc = { sizeof(ripsrc), AF_INET , 0, {0}, {0,0,0,0,0,0,0,0,} }; |
196 | /* |
197 | * Setup generic address and protocol structures |
198 | * for raw_input routine, then pass them along with |
199 | * mbuf chain. |
200 | */ |
201 | void |
202 | rip_input(struct mbuf *m, int iphlen) |
203 | { |
204 | struct ip *ip = mtod(m, struct ip *); |
205 | struct inpcb *inp; |
206 | struct inpcb *last = 0; |
207 | struct mbuf *opts = 0; |
208 | int skipit = 0, ret = 0; |
209 | struct ifnet *ifp = m->m_pkthdr.rcvif; |
210 | |
211 | /* Expect 32-bit aligned data pointer on strict-align platforms */ |
212 | MBUF_STRICT_DATA_ALIGNMENT_CHECK_32(m); |
213 | |
214 | ripsrc.sin_addr = ip->ip_src; |
215 | lck_rw_lock_shared(ripcbinfo.ipi_lock); |
216 | LIST_FOREACH(inp, &ripcb, inp_list) { |
217 | #if INET6 |
218 | if ((inp->inp_vflag & INP_IPV4) == 0) |
219 | continue; |
220 | #endif |
221 | if (inp->inp_ip_p && (inp->inp_ip_p != ip->ip_p)) |
222 | continue; |
223 | if (inp->inp_laddr.s_addr && |
224 | inp->inp_laddr.s_addr != ip->ip_dst.s_addr) |
225 | continue; |
226 | if (inp->inp_faddr.s_addr && |
227 | inp->inp_faddr.s_addr != ip->ip_src.s_addr) |
228 | continue; |
229 | if (inp_restricted_recv(inp, ifp)) |
230 | continue; |
231 | if (last) { |
232 | struct mbuf *n = m_copy(m, 0, (int)M_COPYALL); |
233 | |
234 | skipit = 0; |
235 | |
236 | #if NECP |
237 | if (n && !necp_socket_is_allowed_to_send_recv_v4(last, 0, 0, |
238 | &ip->ip_dst, &ip->ip_src, ifp, NULL, NULL, NULL)) { |
239 | m_freem(n); |
240 | /* do not inject data to pcb */ |
241 | skipit = 1; |
242 | } |
243 | #endif /* NECP */ |
244 | #if CONFIG_MACF_NET |
245 | if (n && skipit == 0) { |
246 | if (mac_inpcb_check_deliver(last, n, AF_INET, |
247 | SOCK_RAW) != 0) { |
248 | m_freem(n); |
249 | skipit = 1; |
250 | } |
251 | } |
252 | #endif |
253 | if (n && skipit == 0) { |
254 | int error = 0; |
255 | if ((last->inp_flags & INP_CONTROLOPTS) != 0 || |
256 | (last->inp_socket->so_options & SO_TIMESTAMP) != 0 || |
257 | (last->inp_socket->so_options & SO_TIMESTAMP_MONOTONIC) != 0 || |
258 | (last->inp_socket->so_options & SO_TIMESTAMP_CONTINUOUS) != 0) { |
259 | ret = ip_savecontrol(last, &opts, ip, n); |
260 | if (ret != 0) { |
261 | m_freem(n); |
262 | m_freem(opts); |
263 | last = inp; |
264 | continue; |
265 | } |
266 | } |
267 | if (last->inp_flags & INP_STRIPHDR) { |
268 | n->m_len -= iphlen; |
269 | n->m_pkthdr.len -= iphlen; |
270 | n->m_data += iphlen; |
271 | } |
272 | so_recv_data_stat(last->inp_socket, m, 0); |
273 | if (sbappendaddr(&last->inp_socket->so_rcv, |
274 | (struct sockaddr *)&ripsrc, n, |
275 | opts, &error) != 0) { |
276 | sorwakeup(last->inp_socket); |
277 | } else { |
278 | if (error) { |
279 | /* should notify about lost packet */ |
280 | ipstat.ips_raw_sappend_fail++; |
281 | } |
282 | } |
283 | opts = 0; |
284 | } |
285 | } |
286 | last = inp; |
287 | } |
288 | |
289 | skipit = 0; |
290 | #if NECP |
291 | if (last && !necp_socket_is_allowed_to_send_recv_v4(last, 0, 0, |
292 | &ip->ip_dst, &ip->ip_src, ifp, NULL, NULL, NULL)) { |
293 | m_freem(m); |
294 | OSAddAtomic(1, &ipstat.ips_delivered); |
295 | /* do not inject data to pcb */ |
296 | skipit = 1; |
297 | } |
298 | #endif /* NECP */ |
299 | #if CONFIG_MACF_NET |
300 | if (last && skipit == 0) { |
301 | if (mac_inpcb_check_deliver(last, m, AF_INET, SOCK_RAW) != 0) { |
302 | skipit = 1; |
303 | m_freem(m); |
304 | } |
305 | } |
306 | #endif |
307 | if (skipit == 0) { |
308 | if (last) { |
309 | if ((last->inp_flags & INP_CONTROLOPTS) != 0 || |
310 | (last->inp_socket->so_options & SO_TIMESTAMP) != 0 || |
311 | (last->inp_socket->so_options & SO_TIMESTAMP_MONOTONIC) != 0 || |
312 | (last->inp_socket->so_options & SO_TIMESTAMP_CONTINUOUS) != 0) { |
313 | ret = ip_savecontrol(last, &opts, ip, m); |
314 | if (ret != 0) { |
315 | m_freem(m); |
316 | m_freem(opts); |
317 | goto unlock; |
318 | } |
319 | } |
320 | if (last->inp_flags & INP_STRIPHDR) { |
321 | m->m_len -= iphlen; |
322 | m->m_pkthdr.len -= iphlen; |
323 | m->m_data += iphlen; |
324 | } |
325 | so_recv_data_stat(last->inp_socket, m, 0); |
326 | if (sbappendaddr(&last->inp_socket->so_rcv, |
327 | (struct sockaddr *)&ripsrc, m, opts, NULL) != 0) { |
328 | sorwakeup(last->inp_socket); |
329 | } else { |
330 | ipstat.ips_raw_sappend_fail++; |
331 | } |
332 | } else { |
333 | m_freem(m); |
334 | OSAddAtomic(1, &ipstat.ips_noproto); |
335 | OSAddAtomic(-1, &ipstat.ips_delivered); |
336 | } |
337 | } |
338 | unlock: |
339 | /* |
340 | * Keep the list locked because socket filter may force the socket lock |
341 | * to be released when calling sbappendaddr() -- see rdar://7627704 |
342 | */ |
343 | lck_rw_done(ripcbinfo.ipi_lock); |
344 | } |
345 | |
346 | /* |
347 | * Generate IP header and pass packet to ip_output. |
348 | * Tack on options user may have setup with control call. |
349 | */ |
350 | int |
351 | rip_output( |
352 | struct mbuf *m, |
353 | struct socket *so, |
354 | u_int32_t dst, |
355 | struct mbuf *control) |
356 | { |
357 | struct ip *ip; |
358 | struct inpcb *inp = sotoinpcb(so); |
359 | int flags = (so->so_options & SO_DONTROUTE) | IP_ALLOWBROADCAST; |
360 | struct ip_out_args ipoa; |
361 | struct ip_moptions *imo; |
362 | int error = 0; |
363 | |
364 | bzero(&ipoa, sizeof(ipoa)); |
365 | ipoa.ipoa_boundif = IFSCOPE_NONE; |
366 | ipoa.ipoa_flags = IPOAF_SELECT_SRCIF; |
367 | |
368 | int sotc = SO_TC_UNSPEC; |
369 | int netsvctype = _NET_SERVICE_TYPE_UNSPEC; |
370 | |
371 | |
372 | if (control != NULL) { |
373 | sotc = so_tc_from_control(control, &netsvctype); |
374 | |
375 | m_freem(control); |
376 | control = NULL; |
377 | } |
378 | if (sotc == SO_TC_UNSPEC) { |
379 | sotc = so->so_traffic_class; |
380 | netsvctype = so->so_netsvctype; |
381 | } |
382 | |
383 | if (inp == NULL |
384 | #if NECP |
385 | || (necp_socket_should_use_flow_divert(inp)) |
386 | #endif /* NECP */ |
387 | ) { |
388 | if (m != NULL) |
389 | m_freem(m); |
390 | VERIFY(control == NULL); |
391 | return (inp == NULL ? EINVAL : EPROTOTYPE); |
392 | } |
393 | |
394 | flags |= IP_OUTARGS; |
395 | /* If socket was bound to an ifindex, tell ip_output about it */ |
396 | if (inp->inp_flags & INP_BOUND_IF) { |
397 | ipoa.ipoa_boundif = inp->inp_boundifp->if_index; |
398 | ipoa.ipoa_flags |= IPOAF_BOUND_IF; |
399 | } |
400 | if (INP_NO_CELLULAR(inp)) |
401 | ipoa.ipoa_flags |= IPOAF_NO_CELLULAR; |
402 | if (INP_NO_EXPENSIVE(inp)) |
403 | ipoa.ipoa_flags |= IPOAF_NO_EXPENSIVE; |
404 | if (INP_AWDL_UNRESTRICTED(inp)) |
405 | ipoa.ipoa_flags |= IPOAF_AWDL_UNRESTRICTED; |
406 | ipoa.ipoa_sotc = sotc; |
407 | ipoa.ipoa_netsvctype = netsvctype; |
408 | |
409 | if (inp->inp_flowhash == 0) |
410 | inp->inp_flowhash = inp_calc_flowhash(inp); |
411 | |
412 | /* |
413 | * If the user handed us a complete IP packet, use it. |
414 | * Otherwise, allocate an mbuf for a header and fill it in. |
415 | */ |
416 | if ((inp->inp_flags & INP_HDRINCL) == 0) { |
417 | if (m->m_pkthdr.len + sizeof(struct ip) > IP_MAXPACKET) { |
418 | m_freem(m); |
419 | return(EMSGSIZE); |
420 | } |
421 | M_PREPEND(m, sizeof(struct ip), M_WAIT, 1); |
422 | if (m == NULL) |
423 | return ENOBUFS; |
424 | ip = mtod(m, struct ip *); |
425 | ip->ip_tos = inp->inp_ip_tos; |
426 | ip->ip_off = 0; |
427 | ip->ip_p = inp->inp_ip_p; |
428 | ip->ip_len = m->m_pkthdr.len; |
429 | ip->ip_src = inp->inp_laddr; |
430 | ip->ip_dst.s_addr = dst; |
431 | ip->ip_ttl = inp->inp_ip_ttl; |
432 | } else { |
433 | if (m->m_pkthdr.len > IP_MAXPACKET) { |
434 | m_freem(m); |
435 | return(EMSGSIZE); |
436 | } |
437 | ip = mtod(m, struct ip *); |
438 | /* don't allow both user specified and setsockopt options, |
439 | and don't allow packet length sizes that will crash */ |
440 | if (((IP_VHL_HL(ip->ip_vhl) != (sizeof (*ip) >> 2)) |
441 | && inp->inp_options) |
442 | || (ip->ip_len > m->m_pkthdr.len) |
443 | || (ip->ip_len < (IP_VHL_HL(ip->ip_vhl) << 2))) { |
444 | m_freem(m); |
445 | return EINVAL; |
446 | } |
447 | if (ip->ip_id == 0 && !(rfc6864 && IP_OFF_IS_ATOMIC(ntohs(ip->ip_off)))) |
448 | ip->ip_id = ip_randomid(); |
449 | /* XXX prevent ip_output from overwriting header fields */ |
450 | flags |= IP_RAWOUTPUT; |
451 | OSAddAtomic(1, &ipstat.ips_rawout); |
452 | } |
453 | |
454 | if (inp->inp_laddr.s_addr != INADDR_ANY) |
455 | ipoa.ipoa_flags |= IPOAF_BOUND_SRCADDR; |
456 | |
457 | #if NECP |
458 | { |
459 | necp_kernel_policy_id policy_id; |
460 | necp_kernel_policy_id skip_policy_id; |
461 | u_int32_t route_rule_id; |
462 | |
463 | /* |
464 | * We need a route to perform NECP route rule checks |
465 | */ |
466 | if (net_qos_policy_restricted != 0 && |
467 | ROUTE_UNUSABLE(&inp->inp_route)) { |
468 | struct sockaddr_in to; |
469 | struct sockaddr_in from; |
470 | struct in_addr laddr = ip->ip_src; |
471 | |
472 | ROUTE_RELEASE(&inp->inp_route); |
473 | |
474 | bzero(&from, sizeof(struct sockaddr_in)); |
475 | from.sin_family = AF_INET; |
476 | from.sin_len = sizeof(struct sockaddr_in); |
477 | from.sin_addr = laddr; |
478 | |
479 | bzero(&to, sizeof(struct sockaddr_in)); |
480 | to.sin_family = AF_INET; |
481 | to.sin_len = sizeof(struct sockaddr_in); |
482 | to.sin_addr.s_addr = ip->ip_dst.s_addr; |
483 | |
484 | if ((error = in_pcbladdr(inp, (struct sockaddr *)&to, |
485 | &laddr, ipoa.ipoa_boundif, NULL, 1)) != 0) { |
486 | printf("%s in_pcbladdr(%p) error %d\n" , |
487 | __func__, inp, error); |
488 | m_freem(m); |
489 | return (error); |
490 | } |
491 | |
492 | inp_update_necp_policy(inp, (struct sockaddr *)&from, |
493 | (struct sockaddr *)&to, ipoa.ipoa_boundif); |
494 | inp->inp_policyresult.results.qos_marking_gencount = 0; |
495 | } |
496 | |
497 | if (!necp_socket_is_allowed_to_send_recv_v4(inp, 0, 0, |
498 | &ip->ip_src, &ip->ip_dst, NULL, &policy_id, &route_rule_id, &skip_policy_id)) { |
499 | m_freem(m); |
500 | return(EHOSTUNREACH); |
501 | } |
502 | |
503 | necp_mark_packet_from_socket(m, inp, policy_id, route_rule_id, skip_policy_id); |
504 | |
505 | if (net_qos_policy_restricted != 0) { |
506 | struct ifnet *rt_ifp = NULL; |
507 | |
508 | if (inp->inp_route.ro_rt != NULL) |
509 | rt_ifp = inp->inp_route.ro_rt->rt_ifp; |
510 | |
511 | necp_socket_update_qos_marking(inp, inp->inp_route.ro_rt, |
512 | NULL, route_rule_id); |
513 | } |
514 | } |
515 | #endif /* NECP */ |
516 | if ((so->so_flags1 & SOF1_QOSMARKING_ALLOWED)) |
517 | ipoa.ipoa_flags |= IPOAF_QOSMARKING_ALLOWED; |
518 | |
519 | #if IPSEC |
520 | if (inp->inp_sp != NULL && ipsec_setsocket(m, so) != 0) { |
521 | m_freem(m); |
522 | return ENOBUFS; |
523 | } |
524 | #endif /*IPSEC*/ |
525 | |
526 | if (ROUTE_UNUSABLE(&inp->inp_route)) |
527 | ROUTE_RELEASE(&inp->inp_route); |
528 | |
529 | set_packet_service_class(m, so, sotc, 0); |
530 | m->m_pkthdr.pkt_flowsrc = FLOWSRC_INPCB; |
531 | m->m_pkthdr.pkt_flowid = inp->inp_flowhash; |
532 | m->m_pkthdr.pkt_flags |= (PKTF_FLOW_ID | PKTF_FLOW_LOCALSRC | |
533 | PKTF_FLOW_RAWSOCK); |
534 | m->m_pkthdr.pkt_proto = inp->inp_ip_p; |
535 | m->m_pkthdr.tx_rawip_pid = so->last_pid; |
536 | m->m_pkthdr.tx_rawip_e_pid = so->e_pid; |
537 | if (so->so_flags & SOF_DELEGATED) |
538 | m->m_pkthdr.tx_rawip_e_pid = so->e_pid; |
539 | else |
540 | m->m_pkthdr.tx_rawip_e_pid = 0; |
541 | |
542 | #if CONFIG_MACF_NET |
543 | mac_mbuf_label_associate_inpcb(inp, m); |
544 | #endif |
545 | |
546 | imo = inp->inp_moptions; |
547 | if (imo != NULL) |
548 | IMO_ADDREF(imo); |
549 | /* |
550 | * The domain lock is held across ip_output, so it is okay |
551 | * to pass the PCB cached route pointer directly to IP and |
552 | * the modules beneath it. |
553 | */ |
554 | // TODO: PASS DOWN ROUTE RULE ID |
555 | error = ip_output(m, inp->inp_options, &inp->inp_route, flags, |
556 | imo, &ipoa); |
557 | |
558 | if (imo != NULL) |
559 | IMO_REMREF(imo); |
560 | |
561 | if (inp->inp_route.ro_rt != NULL) { |
562 | struct rtentry *rt = inp->inp_route.ro_rt; |
563 | struct ifnet *outif; |
564 | |
565 | if ((rt->rt_flags & (RTF_MULTICAST|RTF_BROADCAST)) || |
566 | inp->inp_socket == NULL || |
567 | !(inp->inp_socket->so_state & SS_ISCONNECTED)) { |
568 | rt = NULL; /* unusable */ |
569 | } |
570 | /* |
571 | * Always discard the cached route for unconnected |
572 | * socket or if it is a multicast route. |
573 | */ |
574 | if (rt == NULL) |
575 | ROUTE_RELEASE(&inp->inp_route); |
576 | |
577 | /* |
578 | * If this is a connected socket and the destination |
579 | * route is unicast, update outif with that of the |
580 | * route interface used by IP. |
581 | */ |
582 | if (rt != NULL && |
583 | (outif = rt->rt_ifp) != inp->inp_last_outifp) { |
584 | inp->inp_last_outifp = outif; |
585 | } |
586 | } else { |
587 | ROUTE_RELEASE(&inp->inp_route); |
588 | } |
589 | |
590 | /* |
591 | * If output interface was cellular/expensive, and this socket is |
592 | * denied access to it, generate an event. |
593 | */ |
594 | if (error != 0 && (ipoa.ipoa_retflags & IPOARF_IFDENIED) && |
595 | (INP_NO_CELLULAR(inp) || INP_NO_EXPENSIVE(inp))) |
596 | soevent(so, (SO_FILT_HINT_LOCKED|SO_FILT_HINT_IFDENIED)); |
597 | |
598 | return (error); |
599 | } |
600 | |
601 | #if IPFIREWALL |
602 | int |
603 | load_ipfw(void) |
604 | { |
605 | kern_return_t err; |
606 | |
607 | ipfw_init(); |
608 | |
609 | #if DUMMYNET |
610 | if (!DUMMYNET_LOADED) |
611 | ip_dn_init(); |
612 | #endif /* DUMMYNET */ |
613 | err = 0; |
614 | |
615 | return err == 0 && ip_fw_ctl_ptr == NULL ? -1 : err; |
616 | } |
617 | #endif /* IPFIREWALL */ |
618 | |
619 | /* |
620 | * Raw IP socket option processing. |
621 | */ |
622 | int |
623 | rip_ctloutput(struct socket *so, struct sockopt *sopt) |
624 | { |
625 | struct inpcb *inp = sotoinpcb(so); |
626 | int error, optval; |
627 | |
628 | /* Allow <SOL_SOCKET,SO_FLUSH> at this level */ |
629 | if (sopt->sopt_level != IPPROTO_IP && |
630 | !(sopt->sopt_level == SOL_SOCKET && sopt->sopt_name == SO_FLUSH)) |
631 | return (EINVAL); |
632 | |
633 | error = 0; |
634 | |
635 | switch (sopt->sopt_dir) { |
636 | case SOPT_GET: |
637 | switch (sopt->sopt_name) { |
638 | case IP_HDRINCL: |
639 | optval = inp->inp_flags & INP_HDRINCL; |
640 | error = sooptcopyout(sopt, &optval, sizeof optval); |
641 | break; |
642 | |
643 | case IP_STRIPHDR: |
644 | optval = inp->inp_flags & INP_STRIPHDR; |
645 | error = sooptcopyout(sopt, &optval, sizeof optval); |
646 | break; |
647 | |
648 | #if IPFIREWALL |
649 | case IP_FW_ADD: |
650 | case IP_FW_GET: |
651 | case IP_OLD_FW_ADD: |
652 | case IP_OLD_FW_GET: |
653 | if (ip_fw_ctl_ptr == 0) |
654 | error = load_ipfw(); |
655 | if (ip_fw_ctl_ptr && error == 0) |
656 | error = ip_fw_ctl_ptr(sopt); |
657 | else |
658 | error = ENOPROTOOPT; |
659 | break; |
660 | #endif /* IPFIREWALL */ |
661 | |
662 | #if DUMMYNET |
663 | case IP_DUMMYNET_GET: |
664 | if (!DUMMYNET_LOADED) |
665 | ip_dn_init(); |
666 | if (DUMMYNET_LOADED) |
667 | error = ip_dn_ctl_ptr(sopt); |
668 | else |
669 | error = ENOPROTOOPT; |
670 | break ; |
671 | #endif /* DUMMYNET */ |
672 | |
673 | default: |
674 | error = ip_ctloutput(so, sopt); |
675 | break; |
676 | } |
677 | break; |
678 | |
679 | case SOPT_SET: |
680 | switch (sopt->sopt_name) { |
681 | case IP_HDRINCL: |
682 | error = sooptcopyin(sopt, &optval, sizeof optval, |
683 | sizeof optval); |
684 | if (error) |
685 | break; |
686 | if (optval) |
687 | inp->inp_flags |= INP_HDRINCL; |
688 | else |
689 | inp->inp_flags &= ~INP_HDRINCL; |
690 | break; |
691 | |
692 | case IP_STRIPHDR: |
693 | error = sooptcopyin(sopt, &optval, sizeof optval, |
694 | sizeof optval); |
695 | if (error) |
696 | break; |
697 | if (optval) |
698 | inp->inp_flags |= INP_STRIPHDR; |
699 | else |
700 | inp->inp_flags &= ~INP_STRIPHDR; |
701 | break; |
702 | |
703 | #if IPFIREWALL |
704 | case IP_FW_ADD: |
705 | case IP_FW_DEL: |
706 | case IP_FW_FLUSH: |
707 | case IP_FW_ZERO: |
708 | case IP_FW_RESETLOG: |
709 | case IP_OLD_FW_ADD: |
710 | case IP_OLD_FW_DEL: |
711 | case IP_OLD_FW_FLUSH: |
712 | case IP_OLD_FW_ZERO: |
713 | case IP_OLD_FW_RESETLOG: |
714 | if (ip_fw_ctl_ptr == 0) |
715 | error = load_ipfw(); |
716 | if (ip_fw_ctl_ptr && error == 0) |
717 | error = ip_fw_ctl_ptr(sopt); |
718 | else |
719 | error = ENOPROTOOPT; |
720 | break; |
721 | #endif /* IPFIREWALL */ |
722 | |
723 | #if DUMMYNET |
724 | case IP_DUMMYNET_CONFIGURE: |
725 | case IP_DUMMYNET_DEL: |
726 | case IP_DUMMYNET_FLUSH: |
727 | if (!DUMMYNET_LOADED) |
728 | ip_dn_init(); |
729 | if (DUMMYNET_LOADED) |
730 | error = ip_dn_ctl_ptr(sopt); |
731 | else |
732 | error = ENOPROTOOPT ; |
733 | break ; |
734 | #endif |
735 | |
736 | case SO_FLUSH: |
737 | if ((error = sooptcopyin(sopt, &optval, sizeof (optval), |
738 | sizeof (optval))) != 0) |
739 | break; |
740 | |
741 | error = inp_flush(inp, optval); |
742 | break; |
743 | |
744 | default: |
745 | error = ip_ctloutput(so, sopt); |
746 | break; |
747 | } |
748 | break; |
749 | } |
750 | |
751 | return (error); |
752 | } |
753 | |
754 | /* |
755 | * This function exists solely to receive the PRC_IFDOWN messages which |
756 | * are sent by if_down(). It looks for an ifaddr whose ifa_addr is sa, |
757 | * and calls in_ifadown() to remove all routes corresponding to that address. |
758 | * It also receives the PRC_IFUP messages from if_up() and reinstalls the |
759 | * interface routes. |
760 | */ |
761 | void |
762 | rip_ctlinput( |
763 | int cmd, |
764 | struct sockaddr *sa, |
765 | __unused void *vip, |
766 | __unused struct ifnet *ifp) |
767 | { |
768 | struct in_ifaddr *ia = NULL; |
769 | struct ifnet *iaifp = NULL; |
770 | int err = 0; |
771 | int flags, done = 0; |
772 | |
773 | switch (cmd) { |
774 | case PRC_IFDOWN: |
775 | lck_rw_lock_shared(in_ifaddr_rwlock); |
776 | for (ia = in_ifaddrhead.tqh_first; ia; |
777 | ia = ia->ia_link.tqe_next) { |
778 | IFA_LOCK(&ia->ia_ifa); |
779 | if (ia->ia_ifa.ifa_addr == sa && |
780 | (ia->ia_flags & IFA_ROUTE)) { |
781 | done = 1; |
782 | IFA_ADDREF_LOCKED(&ia->ia_ifa); |
783 | IFA_UNLOCK(&ia->ia_ifa); |
784 | lck_rw_done(in_ifaddr_rwlock); |
785 | lck_mtx_lock(rnh_lock); |
786 | /* |
787 | * in_ifscrub kills the interface route. |
788 | */ |
789 | in_ifscrub(ia->ia_ifp, ia, 1); |
790 | /* |
791 | * in_ifadown gets rid of all the rest of |
792 | * the routes. This is not quite the right |
793 | * thing to do, but at least if we are running |
794 | * a routing process they will come back. |
795 | */ |
796 | in_ifadown(&ia->ia_ifa, 1); |
797 | lck_mtx_unlock(rnh_lock); |
798 | IFA_REMREF(&ia->ia_ifa); |
799 | break; |
800 | } |
801 | IFA_UNLOCK(&ia->ia_ifa); |
802 | } |
803 | if (!done) |
804 | lck_rw_done(in_ifaddr_rwlock); |
805 | break; |
806 | |
807 | case PRC_IFUP: |
808 | lck_rw_lock_shared(in_ifaddr_rwlock); |
809 | for (ia = in_ifaddrhead.tqh_first; ia; |
810 | ia = ia->ia_link.tqe_next) { |
811 | IFA_LOCK(&ia->ia_ifa); |
812 | if (ia->ia_ifa.ifa_addr == sa) { |
813 | /* keep it locked */ |
814 | break; |
815 | } |
816 | IFA_UNLOCK(&ia->ia_ifa); |
817 | } |
818 | if (ia == NULL || (ia->ia_flags & IFA_ROUTE) || |
819 | (ia->ia_ifa.ifa_debug & IFD_NOTREADY)) { |
820 | if (ia != NULL) |
821 | IFA_UNLOCK(&ia->ia_ifa); |
822 | lck_rw_done(in_ifaddr_rwlock); |
823 | return; |
824 | } |
825 | IFA_ADDREF_LOCKED(&ia->ia_ifa); |
826 | IFA_UNLOCK(&ia->ia_ifa); |
827 | lck_rw_done(in_ifaddr_rwlock); |
828 | |
829 | flags = RTF_UP; |
830 | iaifp = ia->ia_ifa.ifa_ifp; |
831 | |
832 | if ((iaifp->if_flags & IFF_LOOPBACK) |
833 | || (iaifp->if_flags & IFF_POINTOPOINT)) |
834 | flags |= RTF_HOST; |
835 | |
836 | err = rtinit(&ia->ia_ifa, RTM_ADD, flags); |
837 | if (err == 0) { |
838 | IFA_LOCK_SPIN(&ia->ia_ifa); |
839 | ia->ia_flags |= IFA_ROUTE; |
840 | IFA_UNLOCK(&ia->ia_ifa); |
841 | } |
842 | IFA_REMREF(&ia->ia_ifa); |
843 | break; |
844 | } |
845 | } |
846 | |
847 | u_int32_t rip_sendspace = RIPSNDQ; |
848 | u_int32_t rip_recvspace = RIPRCVQ; |
849 | |
850 | SYSCTL_INT(_net_inet_raw, OID_AUTO, maxdgram, CTLFLAG_RW | CTLFLAG_LOCKED, |
851 | &rip_sendspace, 0, "Maximum outgoing raw IP datagram size" ); |
852 | SYSCTL_INT(_net_inet_raw, OID_AUTO, recvspace, CTLFLAG_RW | CTLFLAG_LOCKED, |
853 | &rip_recvspace, 0, "Maximum incoming raw IP datagram size" ); |
854 | SYSCTL_UINT(_net_inet_raw, OID_AUTO, pcbcount, CTLFLAG_RD | CTLFLAG_LOCKED, |
855 | &ripcbinfo.ipi_count, 0, "Number of active PCBs" ); |
856 | |
857 | static int |
858 | rip_attach(struct socket *so, int proto, struct proc *p) |
859 | { |
860 | struct inpcb *inp; |
861 | int error; |
862 | |
863 | inp = sotoinpcb(so); |
864 | if (inp) |
865 | panic("rip_attach" ); |
866 | if ((so->so_state & SS_PRIV) == 0) |
867 | return (EPERM); |
868 | |
869 | error = soreserve(so, rip_sendspace, rip_recvspace); |
870 | if (error) |
871 | return error; |
872 | error = in_pcballoc(so, &ripcbinfo, p); |
873 | if (error) |
874 | return error; |
875 | inp = (struct inpcb *)so->so_pcb; |
876 | inp->inp_vflag |= INP_IPV4; |
877 | inp->inp_ip_p = proto; |
878 | inp->inp_ip_ttl = ip_defttl; |
879 | return 0; |
880 | } |
881 | |
882 | __private_extern__ int |
883 | rip_detach(struct socket *so) |
884 | { |
885 | struct inpcb *inp; |
886 | |
887 | inp = sotoinpcb(so); |
888 | if (inp == 0) |
889 | panic("rip_detach" ); |
890 | in_pcbdetach(inp); |
891 | return 0; |
892 | } |
893 | |
894 | __private_extern__ int |
895 | rip_abort(struct socket *so) |
896 | { |
897 | soisdisconnected(so); |
898 | return rip_detach(so); |
899 | } |
900 | |
901 | __private_extern__ int |
902 | rip_disconnect(struct socket *so) |
903 | { |
904 | if ((so->so_state & SS_ISCONNECTED) == 0) |
905 | return ENOTCONN; |
906 | return rip_abort(so); |
907 | } |
908 | |
909 | __private_extern__ int |
910 | rip_bind(struct socket *so, struct sockaddr *nam, struct proc *p) |
911 | { |
912 | #pragma unused(p) |
913 | struct inpcb *inp = sotoinpcb(so); |
914 | struct sockaddr_in sin; |
915 | struct ifaddr *ifa = NULL; |
916 | struct ifnet *outif = NULL; |
917 | |
918 | if (inp == NULL |
919 | #if NECP |
920 | || (necp_socket_should_use_flow_divert(inp)) |
921 | #endif /* NECP */ |
922 | ) |
923 | return (inp == NULL ? EINVAL : EPROTOTYPE); |
924 | |
925 | if (nam->sa_len != sizeof (struct sockaddr_in)) |
926 | return (EINVAL); |
927 | |
928 | /* Sanitized local copy for interface address searches */ |
929 | bzero(&sin, sizeof (sin)); |
930 | sin.sin_family = AF_INET; |
931 | sin.sin_len = sizeof (struct sockaddr_in); |
932 | sin.sin_addr.s_addr = SIN(nam)->sin_addr.s_addr; |
933 | |
934 | if (TAILQ_EMPTY(&ifnet_head) || |
935 | (sin.sin_family != AF_INET && sin.sin_family != AF_IMPLINK) || |
936 | (sin.sin_addr.s_addr && (ifa = ifa_ifwithaddr(SA(&sin))) == 0)) { |
937 | return (EADDRNOTAVAIL); |
938 | } else if (ifa) { |
939 | /* |
940 | * Opportunistically determine the outbound |
941 | * interface that may be used; this may not |
942 | * hold true if we end up using a route |
943 | * going over a different interface, e.g. |
944 | * when sending to a local address. This |
945 | * will get updated again after sending. |
946 | */ |
947 | IFA_LOCK(ifa); |
948 | outif = ifa->ifa_ifp; |
949 | IFA_UNLOCK(ifa); |
950 | IFA_REMREF(ifa); |
951 | } |
952 | inp->inp_laddr = sin.sin_addr; |
953 | inp->inp_last_outifp = outif; |
954 | |
955 | return (0); |
956 | } |
957 | |
958 | __private_extern__ int |
959 | rip_connect(struct socket *so, struct sockaddr *nam, __unused struct proc *p) |
960 | { |
961 | struct inpcb *inp = sotoinpcb(so); |
962 | struct sockaddr_in *addr = (struct sockaddr_in *)(void *)nam; |
963 | |
964 | if (inp == NULL |
965 | #if NECP |
966 | || (necp_socket_should_use_flow_divert(inp)) |
967 | #endif /* NECP */ |
968 | ) |
969 | return (inp == NULL ? EINVAL : EPROTOTYPE); |
970 | if (nam->sa_len != sizeof(*addr)) |
971 | return EINVAL; |
972 | if (TAILQ_EMPTY(&ifnet_head)) |
973 | return EADDRNOTAVAIL; |
974 | if ((addr->sin_family != AF_INET) && |
975 | (addr->sin_family != AF_IMPLINK)) |
976 | return EAFNOSUPPORT; |
977 | |
978 | if (!(so->so_flags1 & SOF1_CONNECT_COUNTED)) { |
979 | so->so_flags1 |= SOF1_CONNECT_COUNTED; |
980 | INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_inet_dgram_connected); |
981 | } |
982 | |
983 | inp->inp_faddr = addr->sin_addr; |
984 | soisconnected(so); |
985 | |
986 | return 0; |
987 | } |
988 | |
989 | __private_extern__ int |
990 | rip_shutdown(struct socket *so) |
991 | { |
992 | socantsendmore(so); |
993 | return 0; |
994 | } |
995 | |
996 | __private_extern__ int |
997 | rip_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *nam, |
998 | struct mbuf *control, struct proc *p) |
999 | { |
1000 | #pragma unused(flags, p) |
1001 | struct inpcb *inp = sotoinpcb(so); |
1002 | u_int32_t dst; |
1003 | int error = 0; |
1004 | |
1005 | if (inp == NULL |
1006 | #if NECP |
1007 | || (necp_socket_should_use_flow_divert(inp) && (error = EPROTOTYPE)) |
1008 | #endif /* NECP */ |
1009 | ) { |
1010 | if (inp == NULL) |
1011 | error = EINVAL; |
1012 | else |
1013 | error = EPROTOTYPE; |
1014 | goto bad; |
1015 | } |
1016 | |
1017 | if (so->so_state & SS_ISCONNECTED) { |
1018 | if (nam != NULL) { |
1019 | error = EISCONN; |
1020 | goto bad; |
1021 | } |
1022 | dst = inp->inp_faddr.s_addr; |
1023 | } else { |
1024 | if (nam == NULL) { |
1025 | error = ENOTCONN; |
1026 | goto bad; |
1027 | } |
1028 | dst = ((struct sockaddr_in *)(void *)nam)->sin_addr.s_addr; |
1029 | } |
1030 | return (rip_output(m, so, dst, control)); |
1031 | |
1032 | bad: |
1033 | VERIFY(error != 0); |
1034 | |
1035 | if (m != NULL) |
1036 | m_freem(m); |
1037 | if (control != NULL) |
1038 | m_freem(control); |
1039 | |
1040 | return (error); |
1041 | } |
1042 | |
1043 | /* note: rip_unlock is called from different protos instead of the generic socket_unlock, |
1044 | * it will handle the socket dealloc on last reference |
1045 | * */ |
1046 | int |
1047 | rip_unlock(struct socket *so, int refcount, void *debug) |
1048 | { |
1049 | void *lr_saved; |
1050 | struct inpcb *inp = sotoinpcb(so); |
1051 | |
1052 | if (debug == NULL) |
1053 | lr_saved = __builtin_return_address(0); |
1054 | else |
1055 | lr_saved = debug; |
1056 | |
1057 | if (refcount) { |
1058 | if (so->so_usecount <= 0) { |
1059 | panic("rip_unlock: bad refoucnt so=%p val=%x lrh= %s\n" , |
1060 | so, so->so_usecount, solockhistory_nr(so)); |
1061 | /* NOTREACHED */ |
1062 | } |
1063 | so->so_usecount--; |
1064 | if (so->so_usecount == 0 && (inp->inp_wantcnt == WNT_STOPUSING)) { |
1065 | /* cleanup after last reference */ |
1066 | lck_mtx_unlock(so->so_proto->pr_domain->dom_mtx); |
1067 | lck_rw_lock_exclusive(ripcbinfo.ipi_lock); |
1068 | if (inp->inp_state != INPCB_STATE_DEAD) { |
1069 | #if INET6 |
1070 | if (SOCK_CHECK_DOM(so, PF_INET6)) |
1071 | in6_pcbdetach(inp); |
1072 | else |
1073 | #endif /* INET6 */ |
1074 | in_pcbdetach(inp); |
1075 | } |
1076 | in_pcbdispose(inp); |
1077 | lck_rw_done(ripcbinfo.ipi_lock); |
1078 | return(0); |
1079 | } |
1080 | } |
1081 | so->unlock_lr[so->next_unlock_lr] = lr_saved; |
1082 | so->next_unlock_lr = (so->next_unlock_lr+1) % SO_LCKDBG_MAX; |
1083 | lck_mtx_unlock(so->so_proto->pr_domain->dom_mtx); |
1084 | return(0); |
1085 | } |
1086 | |
1087 | static int |
1088 | rip_pcblist SYSCTL_HANDLER_ARGS |
1089 | { |
1090 | #pragma unused(oidp, arg1, arg2) |
1091 | int error, i, n; |
1092 | struct inpcb *inp, **inp_list; |
1093 | inp_gen_t gencnt; |
1094 | struct xinpgen xig; |
1095 | |
1096 | /* |
1097 | * The process of preparing the TCB list is too time-consuming and |
1098 | * resource-intensive to repeat twice on every request. |
1099 | */ |
1100 | lck_rw_lock_exclusive(ripcbinfo.ipi_lock); |
1101 | if (req->oldptr == USER_ADDR_NULL) { |
1102 | n = ripcbinfo.ipi_count; |
1103 | req->oldidx = 2 * (sizeof xig) |
1104 | + (n + n/8) * sizeof(struct xinpcb); |
1105 | lck_rw_done(ripcbinfo.ipi_lock); |
1106 | return 0; |
1107 | } |
1108 | |
1109 | if (req->newptr != USER_ADDR_NULL) { |
1110 | lck_rw_done(ripcbinfo.ipi_lock); |
1111 | return EPERM; |
1112 | } |
1113 | |
1114 | /* |
1115 | * OK, now we're committed to doing something. |
1116 | */ |
1117 | gencnt = ripcbinfo.ipi_gencnt; |
1118 | n = ripcbinfo.ipi_count; |
1119 | |
1120 | bzero(&xig, sizeof(xig)); |
1121 | xig.xig_len = sizeof xig; |
1122 | xig.xig_count = n; |
1123 | xig.xig_gen = gencnt; |
1124 | xig.xig_sogen = so_gencnt; |
1125 | error = SYSCTL_OUT(req, &xig, sizeof xig); |
1126 | if (error) { |
1127 | lck_rw_done(ripcbinfo.ipi_lock); |
1128 | return error; |
1129 | } |
1130 | /* |
1131 | * We are done if there is no pcb |
1132 | */ |
1133 | if (n == 0) { |
1134 | lck_rw_done(ripcbinfo.ipi_lock); |
1135 | return 0; |
1136 | } |
1137 | |
1138 | inp_list = _MALLOC(n * sizeof *inp_list, M_TEMP, M_WAITOK); |
1139 | if (inp_list == 0) { |
1140 | lck_rw_done(ripcbinfo.ipi_lock); |
1141 | return ENOMEM; |
1142 | } |
1143 | |
1144 | for (inp = ripcbinfo.ipi_listhead->lh_first, i = 0; inp && i < n; |
1145 | inp = inp->inp_list.le_next) { |
1146 | if (inp->inp_gencnt <= gencnt && inp->inp_state != INPCB_STATE_DEAD) |
1147 | inp_list[i++] = inp; |
1148 | } |
1149 | n = i; |
1150 | |
1151 | error = 0; |
1152 | for (i = 0; i < n; i++) { |
1153 | inp = inp_list[i]; |
1154 | if (inp->inp_gencnt <= gencnt && inp->inp_state != INPCB_STATE_DEAD) { |
1155 | struct xinpcb xi; |
1156 | |
1157 | bzero(&xi, sizeof(xi)); |
1158 | xi.xi_len = sizeof xi; |
1159 | /* XXX should avoid extra copy */ |
1160 | inpcb_to_compat(inp, &xi.xi_inp); |
1161 | if (inp->inp_socket) |
1162 | sotoxsocket(inp->inp_socket, &xi.xi_socket); |
1163 | error = SYSCTL_OUT(req, &xi, sizeof xi); |
1164 | } |
1165 | } |
1166 | if (!error) { |
1167 | /* |
1168 | * Give the user an updated idea of our state. |
1169 | * If the generation differs from what we told |
1170 | * her before, she knows that something happened |
1171 | * while we were processing this request, and it |
1172 | * might be necessary to retry. |
1173 | */ |
1174 | bzero(&xig, sizeof(xig)); |
1175 | xig.xig_len = sizeof xig; |
1176 | xig.xig_gen = ripcbinfo.ipi_gencnt; |
1177 | xig.xig_sogen = so_gencnt; |
1178 | xig.xig_count = ripcbinfo.ipi_count; |
1179 | error = SYSCTL_OUT(req, &xig, sizeof xig); |
1180 | } |
1181 | FREE(inp_list, M_TEMP); |
1182 | lck_rw_done(ripcbinfo.ipi_lock); |
1183 | return error; |
1184 | } |
1185 | |
1186 | SYSCTL_PROC(_net_inet_raw, OID_AUTO/*XXX*/, pcblist, |
1187 | CTLTYPE_STRUCT | CTLFLAG_RD | CTLFLAG_LOCKED, 0, 0, |
1188 | rip_pcblist, "S,xinpcb" , "List of active raw IP sockets" ); |
1189 | |
1190 | #if !CONFIG_EMBEDDED |
1191 | |
1192 | static int |
1193 | rip_pcblist64 SYSCTL_HANDLER_ARGS |
1194 | { |
1195 | #pragma unused(oidp, arg1, arg2) |
1196 | int error, i, n; |
1197 | struct inpcb *inp, **inp_list; |
1198 | inp_gen_t gencnt; |
1199 | struct xinpgen xig; |
1200 | |
1201 | /* |
1202 | * The process of preparing the TCB list is too time-consuming and |
1203 | * resource-intensive to repeat twice on every request. |
1204 | */ |
1205 | lck_rw_lock_exclusive(ripcbinfo.ipi_lock); |
1206 | if (req->oldptr == USER_ADDR_NULL) { |
1207 | n = ripcbinfo.ipi_count; |
1208 | req->oldidx = 2 * (sizeof xig) |
1209 | + (n + n/8) * sizeof(struct xinpcb64); |
1210 | lck_rw_done(ripcbinfo.ipi_lock); |
1211 | return 0; |
1212 | } |
1213 | |
1214 | if (req->newptr != USER_ADDR_NULL) { |
1215 | lck_rw_done(ripcbinfo.ipi_lock); |
1216 | return EPERM; |
1217 | } |
1218 | |
1219 | /* |
1220 | * OK, now we're committed to doing something. |
1221 | */ |
1222 | gencnt = ripcbinfo.ipi_gencnt; |
1223 | n = ripcbinfo.ipi_count; |
1224 | |
1225 | bzero(&xig, sizeof(xig)); |
1226 | xig.xig_len = sizeof xig; |
1227 | xig.xig_count = n; |
1228 | xig.xig_gen = gencnt; |
1229 | xig.xig_sogen = so_gencnt; |
1230 | error = SYSCTL_OUT(req, &xig, sizeof xig); |
1231 | if (error) { |
1232 | lck_rw_done(ripcbinfo.ipi_lock); |
1233 | return error; |
1234 | } |
1235 | /* |
1236 | * We are done if there is no pcb |
1237 | */ |
1238 | if (n == 0) { |
1239 | lck_rw_done(ripcbinfo.ipi_lock); |
1240 | return 0; |
1241 | } |
1242 | |
1243 | inp_list = _MALLOC(n * sizeof *inp_list, M_TEMP, M_WAITOK); |
1244 | if (inp_list == 0) { |
1245 | lck_rw_done(ripcbinfo.ipi_lock); |
1246 | return ENOMEM; |
1247 | } |
1248 | |
1249 | for (inp = ripcbinfo.ipi_listhead->lh_first, i = 0; inp && i < n; |
1250 | inp = inp->inp_list.le_next) { |
1251 | if (inp->inp_gencnt <= gencnt && inp->inp_state != INPCB_STATE_DEAD) |
1252 | inp_list[i++] = inp; |
1253 | } |
1254 | n = i; |
1255 | |
1256 | error = 0; |
1257 | for (i = 0; i < n; i++) { |
1258 | inp = inp_list[i]; |
1259 | if (inp->inp_gencnt <= gencnt && inp->inp_state != INPCB_STATE_DEAD) { |
1260 | struct xinpcb64 xi; |
1261 | |
1262 | bzero(&xi, sizeof(xi)); |
1263 | xi.xi_len = sizeof xi; |
1264 | inpcb_to_xinpcb64(inp, &xi); |
1265 | if (inp->inp_socket) |
1266 | sotoxsocket64(inp->inp_socket, &xi.xi_socket); |
1267 | error = SYSCTL_OUT(req, &xi, sizeof xi); |
1268 | } |
1269 | } |
1270 | if (!error) { |
1271 | /* |
1272 | * Give the user an updated idea of our state. |
1273 | * If the generation differs from what we told |
1274 | * her before, she knows that something happened |
1275 | * while we were processing this request, and it |
1276 | * might be necessary to retry. |
1277 | */ |
1278 | bzero(&xig, sizeof(xig)); |
1279 | xig.xig_len = sizeof xig; |
1280 | xig.xig_gen = ripcbinfo.ipi_gencnt; |
1281 | xig.xig_sogen = so_gencnt; |
1282 | xig.xig_count = ripcbinfo.ipi_count; |
1283 | error = SYSCTL_OUT(req, &xig, sizeof xig); |
1284 | } |
1285 | FREE(inp_list, M_TEMP); |
1286 | lck_rw_done(ripcbinfo.ipi_lock); |
1287 | return error; |
1288 | } |
1289 | |
1290 | SYSCTL_PROC(_net_inet_raw, OID_AUTO, pcblist64, |
1291 | CTLTYPE_STRUCT | CTLFLAG_RD | CTLFLAG_LOCKED, 0, 0, |
1292 | rip_pcblist64, "S,xinpcb64" , "List of active raw IP sockets" ); |
1293 | |
1294 | #endif /* !CONFIG_EMBEDDED */ |
1295 | |
1296 | |
1297 | static int |
1298 | rip_pcblist_n SYSCTL_HANDLER_ARGS |
1299 | { |
1300 | #pragma unused(oidp, arg1, arg2) |
1301 | int error = 0; |
1302 | |
1303 | error = get_pcblist_n(IPPROTO_IP, req, &ripcbinfo); |
1304 | |
1305 | return error; |
1306 | } |
1307 | |
1308 | SYSCTL_PROC(_net_inet_raw, OID_AUTO, pcblist_n, |
1309 | CTLTYPE_STRUCT | CTLFLAG_RD | CTLFLAG_LOCKED, 0, 0, |
1310 | rip_pcblist_n, "S,xinpcb_n" , "List of active raw IP sockets" ); |
1311 | |
1312 | struct pr_usrreqs rip_usrreqs = { |
1313 | .pru_abort = rip_abort, |
1314 | .pru_attach = rip_attach, |
1315 | .pru_bind = rip_bind, |
1316 | .pru_connect = rip_connect, |
1317 | .pru_control = in_control, |
1318 | .pru_detach = rip_detach, |
1319 | .pru_disconnect = rip_disconnect, |
1320 | .pru_peeraddr = in_getpeeraddr, |
1321 | .pru_send = rip_send, |
1322 | .pru_shutdown = rip_shutdown, |
1323 | .pru_sockaddr = in_getsockaddr, |
1324 | .pru_sosend = sosend, |
1325 | .pru_soreceive = soreceive, |
1326 | }; |
1327 | /* DSEP Review Done pl-20051213-v02 @3253 */ |
1328 | |