1c398230bSWarner Losh /*- 22469dd60SGarrett Wollman * Copyright (c) 1982, 1986, 1991, 1993, 1995 3df8bae1dSRodney W. Grimes * The Regents of the University of California. All rights reserved. 4df8bae1dSRodney W. Grimes * 5df8bae1dSRodney W. Grimes * Redistribution and use in source and binary forms, with or without 6df8bae1dSRodney W. Grimes * modification, are permitted provided that the following conditions 7df8bae1dSRodney W. Grimes * are met: 8df8bae1dSRodney W. Grimes * 1. Redistributions of source code must retain the above copyright 9df8bae1dSRodney W. Grimes * notice, this list of conditions and the following disclaimer. 10df8bae1dSRodney W. Grimes * 2. Redistributions in binary form must reproduce the above copyright 11df8bae1dSRodney W. Grimes * notice, this list of conditions and the following disclaimer in the 12df8bae1dSRodney W. Grimes * documentation and/or other materials provided with the distribution. 13df8bae1dSRodney W. Grimes * 4. Neither the name of the University nor the names of its contributors 14df8bae1dSRodney W. Grimes * may be used to endorse or promote products derived from this software 15df8bae1dSRodney W. Grimes * without specific prior written permission. 16df8bae1dSRodney W. Grimes * 17df8bae1dSRodney W. Grimes * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18df8bae1dSRodney W. Grimes * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19df8bae1dSRodney W. Grimes * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20df8bae1dSRodney W. Grimes * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21df8bae1dSRodney W. Grimes * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22df8bae1dSRodney W. Grimes * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23df8bae1dSRodney W. Grimes * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24df8bae1dSRodney W. Grimes * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25df8bae1dSRodney W. Grimes * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26df8bae1dSRodney W. Grimes * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27df8bae1dSRodney W. Grimes * SUCH DAMAGE. 28df8bae1dSRodney W. Grimes * 292469dd60SGarrett Wollman * @(#)in_pcb.c 8.4 (Berkeley) 5/24/95 30c3aac50fSPeter Wemm * $FreeBSD$ 31df8bae1dSRodney W. Grimes */ 32df8bae1dSRodney W. Grimes 336a800098SYoshinobu Inoue #include "opt_ipsec.h" 34cfa1ca9dSYoshinobu Inoue #include "opt_inet6.h" 35a557af22SRobert Watson #include "opt_mac.h" 36cfa1ca9dSYoshinobu Inoue 37df8bae1dSRodney W. Grimes #include <sys/param.h> 38df8bae1dSRodney W. Grimes #include <sys/systm.h> 39a557af22SRobert Watson #include <sys/mac.h> 40df8bae1dSRodney W. Grimes #include <sys/malloc.h> 41df8bae1dSRodney W. Grimes #include <sys/mbuf.h> 42cfa1ca9dSYoshinobu Inoue #include <sys/domain.h> 43df8bae1dSRodney W. Grimes #include <sys/protosw.h> 44df8bae1dSRodney W. Grimes #include <sys/socket.h> 45df8bae1dSRodney W. Grimes #include <sys/socketvar.h> 46df8bae1dSRodney W. Grimes #include <sys/proc.h> 4775c13541SPoul-Henning Kamp #include <sys/jail.h> 48101f9fc8SPeter Wemm #include <sys/kernel.h> 49101f9fc8SPeter Wemm #include <sys/sysctl.h> 508781d8e9SBruce Evans 5169c2d429SJeff Roberson #include <vm/uma.h> 52df8bae1dSRodney W. Grimes 53df8bae1dSRodney W. Grimes #include <net/if.h> 54cfa1ca9dSYoshinobu Inoue #include <net/if_types.h> 55df8bae1dSRodney W. Grimes #include <net/route.h> 56df8bae1dSRodney W. Grimes 57df8bae1dSRodney W. Grimes #include <netinet/in.h> 58df8bae1dSRodney W. Grimes #include <netinet/in_pcb.h> 59df8bae1dSRodney W. Grimes #include <netinet/in_var.h> 60df8bae1dSRodney W. Grimes #include <netinet/ip_var.h> 61340c35deSJonathan Lemon #include <netinet/tcp_var.h> 625f311da2SMike Silbersack #include <netinet/udp.h> 635f311da2SMike Silbersack #include <netinet/udp_var.h> 64cfa1ca9dSYoshinobu Inoue #ifdef INET6 65cfa1ca9dSYoshinobu Inoue #include <netinet/ip6.h> 66cfa1ca9dSYoshinobu Inoue #include <netinet6/ip6_var.h> 67cfa1ca9dSYoshinobu Inoue #endif /* INET6 */ 68cfa1ca9dSYoshinobu Inoue 69cfa1ca9dSYoshinobu Inoue #ifdef IPSEC 70cfa1ca9dSYoshinobu Inoue #include <netinet6/ipsec.h> 71cfa1ca9dSYoshinobu Inoue #include <netkey/key.h> 72cfa1ca9dSYoshinobu Inoue #endif /* IPSEC */ 73df8bae1dSRodney W. Grimes 74b9234fafSSam Leffler #ifdef FAST_IPSEC 75b9234fafSSam Leffler #if defined(IPSEC) || defined(IPSEC_ESP) 76b9234fafSSam Leffler #error "Bad idea: don't compile with both IPSEC and FAST_IPSEC!" 77b9234fafSSam Leffler #endif 78b9234fafSSam Leffler 79b9234fafSSam Leffler #include <netipsec/ipsec.h> 80b9234fafSSam Leffler #include <netipsec/key.h> 81b9234fafSSam Leffler #endif /* FAST_IPSEC */ 82b9234fafSSam Leffler 83101f9fc8SPeter Wemm /* 84101f9fc8SPeter Wemm * These configure the range of local port addresses assigned to 85101f9fc8SPeter Wemm * "unspecified" outgoing connections/packets/whatever. 86101f9fc8SPeter Wemm */ 8782cd038dSYoshinobu Inoue int ipport_lowfirstauto = IPPORT_RESERVED - 1; /* 1023 */ 8882cd038dSYoshinobu Inoue int ipport_lowlastauto = IPPORT_RESERVEDSTART; /* 600 */ 899e5a5ed4SMike Silbersack int ipport_firstauto = IPPORT_HIFIRSTAUTO; /* 49152 */ 909e5a5ed4SMike Silbersack int ipport_lastauto = IPPORT_HILASTAUTO; /* 65535 */ 9182cd038dSYoshinobu Inoue int ipport_hifirstauto = IPPORT_HIFIRSTAUTO; /* 49152 */ 9282cd038dSYoshinobu Inoue int ipport_hilastauto = IPPORT_HILASTAUTO; /* 65535 */ 93101f9fc8SPeter Wemm 94b0d22693SCrist J. Clark /* 95b0d22693SCrist J. Clark * Reserved ports accessible only to root. There are significant 96b0d22693SCrist J. Clark * security considerations that must be accounted for when changing these, 97b0d22693SCrist J. Clark * but the security benefits can be great. Please be careful. 98b0d22693SCrist J. Clark */ 99b0d22693SCrist J. Clark int ipport_reservedhigh = IPPORT_RESERVED - 1; /* 1023 */ 100b0d22693SCrist J. Clark int ipport_reservedlow = 0; 101b0d22693SCrist J. Clark 1025f311da2SMike Silbersack /* Variables dealing with random ephemeral port allocation. */ 1035f311da2SMike Silbersack int ipport_randomized = 1; /* user controlled via sysctl */ 1045f311da2SMike Silbersack int ipport_randomcps = 10; /* user controlled via sysctl */ 1055f311da2SMike Silbersack int ipport_randomtime = 45; /* user controlled via sysctl */ 1065f311da2SMike Silbersack int ipport_stoprandom = 0; /* toggled by ipport_tick */ 1075f311da2SMike Silbersack int ipport_tcpallocs; 1085f311da2SMike Silbersack int ipport_tcplastcount; 1096ac48b74SMike Silbersack 110bbd42ad0SPeter Wemm #define RANGECHK(var, min, max) \ 111bbd42ad0SPeter Wemm if ((var) < (min)) { (var) = (min); } \ 112bbd42ad0SPeter Wemm else if ((var) > (max)) { (var) = (max); } 113bbd42ad0SPeter Wemm 114bbd42ad0SPeter Wemm static int 11582d9ae4eSPoul-Henning Kamp sysctl_net_ipport_check(SYSCTL_HANDLER_ARGS) 116bbd42ad0SPeter Wemm { 11730a4ab08SBruce Evans int error; 11830a4ab08SBruce Evans 11930a4ab08SBruce Evans error = sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req); 12030a4ab08SBruce Evans if (error == 0) { 121bbd42ad0SPeter Wemm RANGECHK(ipport_lowfirstauto, 1, IPPORT_RESERVED - 1); 122bbd42ad0SPeter Wemm RANGECHK(ipport_lowlastauto, 1, IPPORT_RESERVED - 1); 12330a4ab08SBruce Evans RANGECHK(ipport_firstauto, IPPORT_RESERVED, IPPORT_MAX); 12430a4ab08SBruce Evans RANGECHK(ipport_lastauto, IPPORT_RESERVED, IPPORT_MAX); 12530a4ab08SBruce Evans RANGECHK(ipport_hifirstauto, IPPORT_RESERVED, IPPORT_MAX); 12630a4ab08SBruce Evans RANGECHK(ipport_hilastauto, IPPORT_RESERVED, IPPORT_MAX); 127bbd42ad0SPeter Wemm } 12830a4ab08SBruce Evans return (error); 129bbd42ad0SPeter Wemm } 130bbd42ad0SPeter Wemm 131bbd42ad0SPeter Wemm #undef RANGECHK 132bbd42ad0SPeter Wemm 13333b3ac06SPeter Wemm SYSCTL_NODE(_net_inet_ip, IPPROTO_IP, portrange, CTLFLAG_RW, 0, "IP Ports"); 13433b3ac06SPeter Wemm 135bbd42ad0SPeter Wemm SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, lowfirst, CTLTYPE_INT|CTLFLAG_RW, 136bbd42ad0SPeter Wemm &ipport_lowfirstauto, 0, &sysctl_net_ipport_check, "I", ""); 137bbd42ad0SPeter Wemm SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, lowlast, CTLTYPE_INT|CTLFLAG_RW, 138bbd42ad0SPeter Wemm &ipport_lowlastauto, 0, &sysctl_net_ipport_check, "I", ""); 139bbd42ad0SPeter Wemm SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, first, CTLTYPE_INT|CTLFLAG_RW, 140bbd42ad0SPeter Wemm &ipport_firstauto, 0, &sysctl_net_ipport_check, "I", ""); 141bbd42ad0SPeter Wemm SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, last, CTLTYPE_INT|CTLFLAG_RW, 142bbd42ad0SPeter Wemm &ipport_lastauto, 0, &sysctl_net_ipport_check, "I", ""); 143bbd42ad0SPeter Wemm SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, hifirst, CTLTYPE_INT|CTLFLAG_RW, 144bbd42ad0SPeter Wemm &ipport_hifirstauto, 0, &sysctl_net_ipport_check, "I", ""); 145bbd42ad0SPeter Wemm SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, hilast, CTLTYPE_INT|CTLFLAG_RW, 146bbd42ad0SPeter Wemm &ipport_hilastauto, 0, &sysctl_net_ipport_check, "I", ""); 147b0d22693SCrist J. Clark SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, reservedhigh, 148b0d22693SCrist J. Clark CTLFLAG_RW|CTLFLAG_SECURE, &ipport_reservedhigh, 0, ""); 149b0d22693SCrist J. Clark SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, reservedlow, 150b0d22693SCrist J. Clark CTLFLAG_RW|CTLFLAG_SECURE, &ipport_reservedlow, 0, ""); 1516ee79c59SMaxim Konovalov SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, randomized, CTLFLAG_RW, 1526ee79c59SMaxim Konovalov &ipport_randomized, 0, "Enable random port allocation"); 1536ee79c59SMaxim Konovalov SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, randomcps, CTLFLAG_RW, 1546ee79c59SMaxim Konovalov &ipport_randomcps, 0, "Maximum number of random port " 1556ee79c59SMaxim Konovalov "allocations before switching to a sequental one"); 1566ee79c59SMaxim Konovalov SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, randomtime, CTLFLAG_RW, 1576ee79c59SMaxim Konovalov &ipport_randomtime, 0, "Minimum time to keep sequental port " 1586ee79c59SMaxim Konovalov "allocation before switching to a random one"); 1590312fbe9SPoul-Henning Kamp 160c3229e05SDavid Greenman /* 161c3229e05SDavid Greenman * in_pcb.c: manage the Protocol Control Blocks. 162c3229e05SDavid Greenman * 163de35559fSRobert Watson * NOTE: It is assumed that most of these functions will be called with 164de35559fSRobert Watson * the pcbinfo lock held, and often, the inpcb lock held, as these utility 165de35559fSRobert Watson * functions often modify hash chains or addresses in pcbs. 166c3229e05SDavid Greenman */ 167c3229e05SDavid Greenman 168c3229e05SDavid Greenman /* 169c3229e05SDavid Greenman * Allocate a PCB and associate it with the socket. 170c3229e05SDavid Greenman */ 171df8bae1dSRodney W. Grimes int 172136d4f1cSRobert Watson in_pcballoc(struct socket *so, struct inpcbinfo *pcbinfo, const char *type) 173df8bae1dSRodney W. Grimes { 174136d4f1cSRobert Watson struct inpcb *inp; 17513cf67f3SHajimu UMEMOTO int error; 176a557af22SRobert Watson 17759daba27SSam Leffler INP_INFO_WLOCK_ASSERT(pcbinfo); 178a557af22SRobert Watson error = 0; 179d1dd20beSSam Leffler inp = uma_zalloc(pcbinfo->ipi_zone, M_NOWAIT | M_ZERO); 180df8bae1dSRodney W. Grimes if (inp == NULL) 181df8bae1dSRodney W. Grimes return (ENOBUFS); 1823d4d47f3SGarrett Wollman inp->inp_gencnt = ++pcbinfo->ipi_gencnt; 18315bd2b43SDavid Greenman inp->inp_pcbinfo = pcbinfo; 184df8bae1dSRodney W. Grimes inp->inp_socket = so; 185a557af22SRobert Watson #ifdef MAC 186a557af22SRobert Watson error = mac_init_inpcb(inp, M_NOWAIT); 187a557af22SRobert Watson if (error != 0) 188a557af22SRobert Watson goto out; 189310e7cebSRobert Watson SOCK_LOCK(so); 190a557af22SRobert Watson mac_create_inpcb_from_socket(so, inp); 191310e7cebSRobert Watson SOCK_UNLOCK(so); 192a557af22SRobert Watson #endif 1930f9ade71SHajimu UMEMOTO #if defined(IPSEC) || defined(FAST_IPSEC) 1940f9ade71SHajimu UMEMOTO #ifdef FAST_IPSEC 19513cf67f3SHajimu UMEMOTO error = ipsec_init_policy(so, &inp->inp_sp); 1960f9ade71SHajimu UMEMOTO #else 1970f9ade71SHajimu UMEMOTO error = ipsec_init_pcbpolicy(so, &inp->inp_sp); 1980f9ade71SHajimu UMEMOTO #endif 199a557af22SRobert Watson if (error != 0) 200a557af22SRobert Watson goto out; 20113cf67f3SHajimu UMEMOTO #endif /*IPSEC*/ 20275daea93SPaul Saab #if defined(INET6) 203340c35deSJonathan Lemon if (INP_SOCKAF(so) == AF_INET6) { 204340c35deSJonathan Lemon inp->inp_vflag |= INP_IPV6PROTO; 205340c35deSJonathan Lemon if (ip6_v6only) 20633841545SHajimu UMEMOTO inp->inp_flags |= IN6P_IPV6_V6ONLY; 207340c35deSJonathan Lemon } 20875daea93SPaul Saab #endif 20915bd2b43SDavid Greenman LIST_INSERT_HEAD(pcbinfo->listhead, inp, inp_list); 2103d4d47f3SGarrett Wollman pcbinfo->ipi_count++; 211df8bae1dSRodney W. Grimes so->so_pcb = (caddr_t)inp; 2125bd311a5SSam Leffler INP_LOCK_INIT(inp, "inp", type); 21333841545SHajimu UMEMOTO #ifdef INET6 21433841545SHajimu UMEMOTO if (ip6_auto_flowlabel) 21533841545SHajimu UMEMOTO inp->inp_flags |= IN6P_AUTOFLOWLABEL; 21633841545SHajimu UMEMOTO #endif 217a557af22SRobert Watson #if defined(IPSEC) || defined(FAST_IPSEC) || defined(MAC) 218a557af22SRobert Watson out: 219a557af22SRobert Watson if (error != 0) 220a557af22SRobert Watson uma_zfree(pcbinfo->ipi_zone, inp); 221a557af22SRobert Watson #endif 222a557af22SRobert Watson return (error); 223df8bae1dSRodney W. Grimes } 224df8bae1dSRodney W. Grimes 225df8bae1dSRodney W. Grimes int 226136d4f1cSRobert Watson in_pcbbind(struct inpcb *inp, struct sockaddr *nam, struct ucred *cred) 227df8bae1dSRodney W. Grimes { 2284b932371SIan Dowse int anonport, error; 2294b932371SIan Dowse 2301b73ca0bSSam Leffler INP_INFO_WLOCK_ASSERT(inp->inp_pcbinfo); 23159daba27SSam Leffler INP_LOCK_ASSERT(inp); 23259daba27SSam Leffler 2334b932371SIan Dowse if (inp->inp_lport != 0 || inp->inp_laddr.s_addr != INADDR_ANY) 2344b932371SIan Dowse return (EINVAL); 2354b932371SIan Dowse anonport = inp->inp_lport == 0 && (nam == NULL || 2364b932371SIan Dowse ((struct sockaddr_in *)nam)->sin_port == 0); 2374b932371SIan Dowse error = in_pcbbind_setup(inp, nam, &inp->inp_laddr.s_addr, 238b0330ed9SPawel Jakub Dawidek &inp->inp_lport, cred); 2394b932371SIan Dowse if (error) 2404b932371SIan Dowse return (error); 2414b932371SIan Dowse if (in_pcbinshash(inp) != 0) { 2424b932371SIan Dowse inp->inp_laddr.s_addr = INADDR_ANY; 2434b932371SIan Dowse inp->inp_lport = 0; 2444b932371SIan Dowse return (EAGAIN); 2454b932371SIan Dowse } 2464b932371SIan Dowse if (anonport) 2474b932371SIan Dowse inp->inp_flags |= INP_ANONPORT; 2484b932371SIan Dowse return (0); 2494b932371SIan Dowse } 2504b932371SIan Dowse 2514b932371SIan Dowse /* 2524b932371SIan Dowse * Set up a bind operation on a PCB, performing port allocation 2534b932371SIan Dowse * as required, but do not actually modify the PCB. Callers can 2544b932371SIan Dowse * either complete the bind by setting inp_laddr/inp_lport and 2554b932371SIan Dowse * calling in_pcbinshash(), or they can just use the resulting 2564b932371SIan Dowse * port and address to authorise the sending of a once-off packet. 2574b932371SIan Dowse * 2584b932371SIan Dowse * On error, the values of *laddrp and *lportp are not changed. 2594b932371SIan Dowse */ 2604b932371SIan Dowse int 261136d4f1cSRobert Watson in_pcbbind_setup(struct inpcb *inp, struct sockaddr *nam, in_addr_t *laddrp, 262136d4f1cSRobert Watson u_short *lportp, struct ucred *cred) 2634b932371SIan Dowse { 2644b932371SIan Dowse struct socket *so = inp->inp_socket; 26537bd2b30SPeter Wemm unsigned short *lastport; 26615bd2b43SDavid Greenman struct sockaddr_in *sin; 267c3229e05SDavid Greenman struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 2684b932371SIan Dowse struct in_addr laddr; 269df8bae1dSRodney W. Grimes u_short lport = 0; 2704cc20ab1SSeigo Tanimura int wild = 0, reuseport = (so->so_options & SO_REUSEPORT); 27175c13541SPoul-Henning Kamp int error, prison = 0; 2725f311da2SMike Silbersack int dorandom; 273df8bae1dSRodney W. Grimes 2741b73ca0bSSam Leffler INP_INFO_WLOCK_ASSERT(pcbinfo); 27559daba27SSam Leffler INP_LOCK_ASSERT(inp); 27659daba27SSam Leffler 27759562606SGarrett Wollman if (TAILQ_EMPTY(&in_ifaddrhead)) /* XXX broken! */ 278df8bae1dSRodney W. Grimes return (EADDRNOTAVAIL); 2794b932371SIan Dowse laddr.s_addr = *laddrp; 2804b932371SIan Dowse if (nam != NULL && laddr.s_addr != INADDR_ANY) 281df8bae1dSRodney W. Grimes return (EINVAL); 282c3229e05SDavid Greenman if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0) 2836d6a026bSDavid Greenman wild = 1; 284df8bae1dSRodney W. Grimes if (nam) { 28557bf258eSGarrett Wollman sin = (struct sockaddr_in *)nam; 28657bf258eSGarrett Wollman if (nam->sa_len != sizeof (*sin)) 287df8bae1dSRodney W. Grimes return (EINVAL); 288df8bae1dSRodney W. Grimes #ifdef notdef 289df8bae1dSRodney W. Grimes /* 290df8bae1dSRodney W. Grimes * We should check the family, but old programs 291df8bae1dSRodney W. Grimes * incorrectly fail to initialize it. 292df8bae1dSRodney W. Grimes */ 293df8bae1dSRodney W. Grimes if (sin->sin_family != AF_INET) 294df8bae1dSRodney W. Grimes return (EAFNOSUPPORT); 295df8bae1dSRodney W. Grimes #endif 296e4bdf25dSPoul-Henning Kamp if (sin->sin_addr.s_addr != INADDR_ANY) 297b0330ed9SPawel Jakub Dawidek if (prison_ip(cred, 0, &sin->sin_addr.s_addr)) 29875c13541SPoul-Henning Kamp return(EINVAL); 2994b932371SIan Dowse if (sin->sin_port != *lportp) { 3004b932371SIan Dowse /* Don't allow the port to change. */ 3014b932371SIan Dowse if (*lportp != 0) 3024b932371SIan Dowse return (EINVAL); 303df8bae1dSRodney W. Grimes lport = sin->sin_port; 3044b932371SIan Dowse } 3054b932371SIan Dowse /* NB: lport is left as 0 if the port isn't being changed. */ 306df8bae1dSRodney W. Grimes if (IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) { 307df8bae1dSRodney W. Grimes /* 308df8bae1dSRodney W. Grimes * Treat SO_REUSEADDR as SO_REUSEPORT for multicast; 309df8bae1dSRodney W. Grimes * allow complete duplication of binding if 310df8bae1dSRodney W. Grimes * SO_REUSEPORT is set, or if SO_REUSEADDR is set 311df8bae1dSRodney W. Grimes * and a multicast address is bound on both 312df8bae1dSRodney W. Grimes * new and duplicated sockets. 313df8bae1dSRodney W. Grimes */ 314df8bae1dSRodney W. Grimes if (so->so_options & SO_REUSEADDR) 315df8bae1dSRodney W. Grimes reuseport = SO_REUSEADDR|SO_REUSEPORT; 316df8bae1dSRodney W. Grimes } else if (sin->sin_addr.s_addr != INADDR_ANY) { 317df8bae1dSRodney W. Grimes sin->sin_port = 0; /* yech... */ 31883103a73SAndrew R. Reiter bzero(&sin->sin_zero, sizeof(sin->sin_zero)); 319df8bae1dSRodney W. Grimes if (ifa_ifwithaddr((struct sockaddr *)sin) == 0) 320df8bae1dSRodney W. Grimes return (EADDRNOTAVAIL); 321df8bae1dSRodney W. Grimes } 3224b932371SIan Dowse laddr = sin->sin_addr; 323df8bae1dSRodney W. Grimes if (lport) { 324df8bae1dSRodney W. Grimes struct inpcb *t; 325ae0e7143SRobert Watson struct tcptw *tw; 326ae0e7143SRobert Watson 327df8bae1dSRodney W. Grimes /* GROSS */ 328b0d22693SCrist J. Clark if (ntohs(lport) <= ipport_reservedhigh && 329b0d22693SCrist J. Clark ntohs(lport) >= ipport_reservedlow && 33056f21b9dSColin Percival suser_cred(cred, SUSER_ALLOWJAIL)) 3312469dd60SGarrett Wollman return (EACCES); 332b0330ed9SPawel Jakub Dawidek if (jailed(cred)) 33375c13541SPoul-Henning Kamp prison = 1; 3342f9a2132SBrian Feldman if (so->so_cred->cr_uid != 0 && 33552b65dbeSBill Fenner !IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) { 3364049a042SGuido van Rooij t = in_pcblookup_local(inp->inp_pcbinfo, 33775c13541SPoul-Henning Kamp sin->sin_addr, lport, 33875c13541SPoul-Henning Kamp prison ? 0 : INPLOOKUP_WILDCARD); 339340c35deSJonathan Lemon /* 340340c35deSJonathan Lemon * XXX 341340c35deSJonathan Lemon * This entire block sorely needs a rewrite. 342340c35deSJonathan Lemon */ 3434cc20ab1SSeigo Tanimura if (t && 3444658dc83SYaroslav Tykhiy ((t->inp_vflag & INP_TIMEWAIT) == 0) && 3454658dc83SYaroslav Tykhiy (so->so_type != SOCK_STREAM || 3464658dc83SYaroslav Tykhiy ntohl(t->inp_faddr.s_addr) == INADDR_ANY) && 3474cc20ab1SSeigo Tanimura (ntohl(sin->sin_addr.s_addr) != INADDR_ANY || 34852b65dbeSBill Fenner ntohl(t->inp_laddr.s_addr) != INADDR_ANY || 34952b65dbeSBill Fenner (t->inp_socket->so_options & 35052b65dbeSBill Fenner SO_REUSEPORT) == 0) && 3512f9a2132SBrian Feldman (so->so_cred->cr_uid != 352a4eb4405SYaroslav Tykhiy t->inp_socket->so_cred->cr_uid)) 3534049a042SGuido van Rooij return (EADDRINUSE); 3544049a042SGuido van Rooij } 355b0330ed9SPawel Jakub Dawidek if (prison && prison_ip(cred, 0, &sin->sin_addr.s_addr)) 356970680faSPoul-Henning Kamp return (EADDRNOTAVAIL); 357c3229e05SDavid Greenman t = in_pcblookup_local(pcbinfo, sin->sin_addr, 35875c13541SPoul-Henning Kamp lport, prison ? 0 : wild); 359340c35deSJonathan Lemon if (t && (t->inp_vflag & INP_TIMEWAIT)) { 360ae0e7143SRobert Watson /* 361ae0e7143SRobert Watson * XXXRW: If an incpb has had its timewait 362ae0e7143SRobert Watson * state recycled, we treat the address as 363ae0e7143SRobert Watson * being in use (for now). This is better 364ae0e7143SRobert Watson * than a panic, but not desirable. 365ae0e7143SRobert Watson */ 366ae0e7143SRobert Watson tw = intotw(inp); 367ae0e7143SRobert Watson if (tw == NULL || 368ae0e7143SRobert Watson (reuseport & tw->tw_so_options) == 0) 369340c35deSJonathan Lemon return (EADDRINUSE); 370ae0e7143SRobert Watson } else if (t && 3714cc20ab1SSeigo Tanimura (reuseport & t->inp_socket->so_options) == 0) { 372cfa1ca9dSYoshinobu Inoue #if defined(INET6) 37333841545SHajimu UMEMOTO if (ntohl(sin->sin_addr.s_addr) != 374cfa1ca9dSYoshinobu Inoue INADDR_ANY || 375cfa1ca9dSYoshinobu Inoue ntohl(t->inp_laddr.s_addr) != 376cfa1ca9dSYoshinobu Inoue INADDR_ANY || 377cfa1ca9dSYoshinobu Inoue INP_SOCKAF(so) == 378cfa1ca9dSYoshinobu Inoue INP_SOCKAF(t->inp_socket)) 379cfa1ca9dSYoshinobu Inoue #endif /* defined(INET6) */ 380df8bae1dSRodney W. Grimes return (EADDRINUSE); 381df8bae1dSRodney W. Grimes } 382cfa1ca9dSYoshinobu Inoue } 383df8bae1dSRodney W. Grimes } 3844b932371SIan Dowse if (*lportp != 0) 3854b932371SIan Dowse lport = *lportp; 38633b3ac06SPeter Wemm if (lport == 0) { 3876ac48b74SMike Silbersack u_short first, last; 388174624e0SMike Silbersack int count; 38933b3ac06SPeter Wemm 3904b932371SIan Dowse if (laddr.s_addr != INADDR_ANY) 391b0330ed9SPawel Jakub Dawidek if (prison_ip(cred, 0, &laddr.s_addr)) 39275c13541SPoul-Henning Kamp return (EINVAL); 393321a2846SPoul-Henning Kamp 39433b3ac06SPeter Wemm if (inp->inp_flags & INP_HIGHPORT) { 39533b3ac06SPeter Wemm first = ipport_hifirstauto; /* sysctl */ 39633b3ac06SPeter Wemm last = ipport_hilastauto; 397c3229e05SDavid Greenman lastport = &pcbinfo->lasthi; 39833b3ac06SPeter Wemm } else if (inp->inp_flags & INP_LOWPORT) { 39956f21b9dSColin Percival if ((error = suser_cred(cred, SUSER_ALLOWJAIL)) != 0) 400a29f300eSGarrett Wollman return error; 401bbd42ad0SPeter Wemm first = ipport_lowfirstauto; /* 1023 */ 402bbd42ad0SPeter Wemm last = ipport_lowlastauto; /* 600 */ 403c3229e05SDavid Greenman lastport = &pcbinfo->lastlow; 40433b3ac06SPeter Wemm } else { 40533b3ac06SPeter Wemm first = ipport_firstauto; /* sysctl */ 40633b3ac06SPeter Wemm last = ipport_lastauto; 407c3229e05SDavid Greenman lastport = &pcbinfo->lastport; 40833b3ac06SPeter Wemm } 40933b3ac06SPeter Wemm /* 4105f311da2SMike Silbersack * For UDP, use random port allocation as long as the user 4115f311da2SMike Silbersack * allows it. For TCP (and as of yet unknown) connections, 4125f311da2SMike Silbersack * use random port allocation only if the user allows it AND 41329f2a6ecSMaxim Konovalov * ipport_tick() allows it. 4145f311da2SMike Silbersack */ 4155f311da2SMike Silbersack if (ipport_randomized && 4165f311da2SMike Silbersack (!ipport_stoprandom || pcbinfo == &udbinfo)) 4175f311da2SMike Silbersack dorandom = 1; 4185f311da2SMike Silbersack else 4195f311da2SMike Silbersack dorandom = 0; 420e99971bfSMaxim Konovalov /* 421e99971bfSMaxim Konovalov * It makes no sense to do random port allocation if 422e99971bfSMaxim Konovalov * we have the only port available. 423e99971bfSMaxim Konovalov */ 424e99971bfSMaxim Konovalov if (first == last) 425e99971bfSMaxim Konovalov dorandom = 0; 4265f311da2SMike Silbersack /* Make sure to not include UDP packets in the count. */ 4275f311da2SMike Silbersack if (pcbinfo != &udbinfo) 4285f311da2SMike Silbersack ipport_tcpallocs++; 4295f311da2SMike Silbersack /* 43033b3ac06SPeter Wemm * Simple check to ensure all ports are not used up causing 43133b3ac06SPeter Wemm * a deadlock here. 43233b3ac06SPeter Wemm * 43333b3ac06SPeter Wemm * We split the two cases (up and down) so that the direction 43433b3ac06SPeter Wemm * is not being tested on each round of the loop. 43533b3ac06SPeter Wemm */ 43633b3ac06SPeter Wemm if (first > last) { 43733b3ac06SPeter Wemm /* 43833b3ac06SPeter Wemm * counting down 43933b3ac06SPeter Wemm */ 4405f311da2SMike Silbersack if (dorandom) 4416b2fc10bSMike Silbersack *lastport = first - 4426b2fc10bSMike Silbersack (arc4random() % (first - last)); 44333b3ac06SPeter Wemm count = first - last; 444174624e0SMike Silbersack 445df8bae1dSRodney W. Grimes do { 4466ac48b74SMike Silbersack if (count-- < 0) /* completely used? */ 447550b1518SWes Peters return (EADDRNOTAVAIL); 44833b3ac06SPeter Wemm --*lastport; 44933b3ac06SPeter Wemm if (*lastport > first || *lastport < last) 45033b3ac06SPeter Wemm *lastport = first; 45115bd2b43SDavid Greenman lport = htons(*lastport); 4524b932371SIan Dowse } while (in_pcblookup_local(pcbinfo, laddr, lport, 4534b932371SIan Dowse wild)); 45433b3ac06SPeter Wemm } else { 45533b3ac06SPeter Wemm /* 45633b3ac06SPeter Wemm * counting up 45733b3ac06SPeter Wemm */ 4585f311da2SMike Silbersack if (dorandom) 4596b2fc10bSMike Silbersack *lastport = first + 4606b2fc10bSMike Silbersack (arc4random() % (last - first)); 46133b3ac06SPeter Wemm count = last - first; 462174624e0SMike Silbersack 46333b3ac06SPeter Wemm do { 4646ac48b74SMike Silbersack if (count-- < 0) /* completely used? */ 465550b1518SWes Peters return (EADDRNOTAVAIL); 46633b3ac06SPeter Wemm ++*lastport; 46733b3ac06SPeter Wemm if (*lastport < first || *lastport > last) 46833b3ac06SPeter Wemm *lastport = first; 46933b3ac06SPeter Wemm lport = htons(*lastport); 4704b932371SIan Dowse } while (in_pcblookup_local(pcbinfo, laddr, lport, 4714b932371SIan Dowse wild)); 47233b3ac06SPeter Wemm } 47333b3ac06SPeter Wemm } 474b0330ed9SPawel Jakub Dawidek if (prison_ip(cred, 0, &laddr.s_addr)) 475e4bdf25dSPoul-Henning Kamp return (EINVAL); 4764b932371SIan Dowse *laddrp = laddr.s_addr; 4774b932371SIan Dowse *lportp = lport; 478df8bae1dSRodney W. Grimes return (0); 479df8bae1dSRodney W. Grimes } 480df8bae1dSRodney W. Grimes 481999f1343SGarrett Wollman /* 4825200e00eSIan Dowse * Connect from a socket to a specified address. 4835200e00eSIan Dowse * Both address and port must be specified in argument sin. 4845200e00eSIan Dowse * If don't have a local address for this socket yet, 4855200e00eSIan Dowse * then pick one. 486999f1343SGarrett Wollman */ 487999f1343SGarrett Wollman int 488136d4f1cSRobert Watson in_pcbconnect(struct inpcb *inp, struct sockaddr *nam, struct ucred *cred) 489999f1343SGarrett Wollman { 4905200e00eSIan Dowse u_short lport, fport; 4915200e00eSIan Dowse in_addr_t laddr, faddr; 4925200e00eSIan Dowse int anonport, error; 493df8bae1dSRodney W. Grimes 49427f74fd0SRobert Watson INP_INFO_WLOCK_ASSERT(inp->inp_pcbinfo); 49527f74fd0SRobert Watson INP_LOCK_ASSERT(inp); 49627f74fd0SRobert Watson 4975200e00eSIan Dowse lport = inp->inp_lport; 4985200e00eSIan Dowse laddr = inp->inp_laddr.s_addr; 4995200e00eSIan Dowse anonport = (lport == 0); 5005200e00eSIan Dowse error = in_pcbconnect_setup(inp, nam, &laddr, &lport, &faddr, &fport, 501b0330ed9SPawel Jakub Dawidek NULL, cred); 5025200e00eSIan Dowse if (error) 5035200e00eSIan Dowse return (error); 5045200e00eSIan Dowse 5055200e00eSIan Dowse /* Do the initial binding of the local address if required. */ 5065200e00eSIan Dowse if (inp->inp_laddr.s_addr == INADDR_ANY && inp->inp_lport == 0) { 5075200e00eSIan Dowse inp->inp_lport = lport; 5085200e00eSIan Dowse inp->inp_laddr.s_addr = laddr; 5095200e00eSIan Dowse if (in_pcbinshash(inp) != 0) { 5105200e00eSIan Dowse inp->inp_laddr.s_addr = INADDR_ANY; 5115200e00eSIan Dowse inp->inp_lport = 0; 5125200e00eSIan Dowse return (EAGAIN); 5135200e00eSIan Dowse } 5145200e00eSIan Dowse } 5155200e00eSIan Dowse 5165200e00eSIan Dowse /* Commit the remaining changes. */ 5175200e00eSIan Dowse inp->inp_lport = lport; 5185200e00eSIan Dowse inp->inp_laddr.s_addr = laddr; 5195200e00eSIan Dowse inp->inp_faddr.s_addr = faddr; 5205200e00eSIan Dowse inp->inp_fport = fport; 5215200e00eSIan Dowse in_pcbrehash(inp); 5220f9ade71SHajimu UMEMOTO #ifdef IPSEC 5230f9ade71SHajimu UMEMOTO if (inp->inp_socket->so_type == SOCK_STREAM) 5240f9ade71SHajimu UMEMOTO ipsec_pcbconn(inp->inp_sp); 5250f9ade71SHajimu UMEMOTO #endif 5265200e00eSIan Dowse if (anonport) 5275200e00eSIan Dowse inp->inp_flags |= INP_ANONPORT; 5285200e00eSIan Dowse return (0); 5295200e00eSIan Dowse } 5305200e00eSIan Dowse 5315200e00eSIan Dowse /* 5325200e00eSIan Dowse * Set up for a connect from a socket to the specified address. 5335200e00eSIan Dowse * On entry, *laddrp and *lportp should contain the current local 5345200e00eSIan Dowse * address and port for the PCB; these are updated to the values 5355200e00eSIan Dowse * that should be placed in inp_laddr and inp_lport to complete 5365200e00eSIan Dowse * the connect. 5375200e00eSIan Dowse * 5385200e00eSIan Dowse * On success, *faddrp and *fportp will be set to the remote address 5395200e00eSIan Dowse * and port. These are not updated in the error case. 5405200e00eSIan Dowse * 5415200e00eSIan Dowse * If the operation fails because the connection already exists, 5425200e00eSIan Dowse * *oinpp will be set to the PCB of that connection so that the 5435200e00eSIan Dowse * caller can decide to override it. In all other cases, *oinpp 5445200e00eSIan Dowse * is set to NULL. 5455200e00eSIan Dowse */ 5465200e00eSIan Dowse int 547136d4f1cSRobert Watson in_pcbconnect_setup(struct inpcb *inp, struct sockaddr *nam, 548136d4f1cSRobert Watson in_addr_t *laddrp, u_short *lportp, in_addr_t *faddrp, u_short *fportp, 549136d4f1cSRobert Watson struct inpcb **oinpp, struct ucred *cred) 5505200e00eSIan Dowse { 5515200e00eSIan Dowse struct sockaddr_in *sin = (struct sockaddr_in *)nam; 5525200e00eSIan Dowse struct in_ifaddr *ia; 5535200e00eSIan Dowse struct sockaddr_in sa; 554b0330ed9SPawel Jakub Dawidek struct ucred *socred; 5555200e00eSIan Dowse struct inpcb *oinp; 5565200e00eSIan Dowse struct in_addr laddr, faddr; 5575200e00eSIan Dowse u_short lport, fport; 5585200e00eSIan Dowse int error; 5595200e00eSIan Dowse 56027f74fd0SRobert Watson INP_INFO_WLOCK_ASSERT(inp->inp_pcbinfo); 56127f74fd0SRobert Watson INP_LOCK_ASSERT(inp); 56227f74fd0SRobert Watson 5635200e00eSIan Dowse if (oinpp != NULL) 5645200e00eSIan Dowse *oinpp = NULL; 56557bf258eSGarrett Wollman if (nam->sa_len != sizeof (*sin)) 566df8bae1dSRodney W. Grimes return (EINVAL); 567df8bae1dSRodney W. Grimes if (sin->sin_family != AF_INET) 568df8bae1dSRodney W. Grimes return (EAFNOSUPPORT); 569df8bae1dSRodney W. Grimes if (sin->sin_port == 0) 570df8bae1dSRodney W. Grimes return (EADDRNOTAVAIL); 5715200e00eSIan Dowse laddr.s_addr = *laddrp; 5725200e00eSIan Dowse lport = *lportp; 5735200e00eSIan Dowse faddr = sin->sin_addr; 5745200e00eSIan Dowse fport = sin->sin_port; 575b0330ed9SPawel Jakub Dawidek socred = inp->inp_socket->so_cred; 576b0330ed9SPawel Jakub Dawidek if (laddr.s_addr == INADDR_ANY && jailed(socred)) { 5775200e00eSIan Dowse bzero(&sa, sizeof(sa)); 578b0330ed9SPawel Jakub Dawidek sa.sin_addr.s_addr = htonl(prison_getip(socred)); 5795200e00eSIan Dowse sa.sin_len = sizeof(sa); 5805200e00eSIan Dowse sa.sin_family = AF_INET; 5815200e00eSIan Dowse error = in_pcbbind_setup(inp, (struct sockaddr *)&sa, 582b0330ed9SPawel Jakub Dawidek &laddr.s_addr, &lport, cred); 5835200e00eSIan Dowse if (error) 5845200e00eSIan Dowse return (error); 5855200e00eSIan Dowse } 58659562606SGarrett Wollman if (!TAILQ_EMPTY(&in_ifaddrhead)) { 587df8bae1dSRodney W. Grimes /* 588df8bae1dSRodney W. Grimes * If the destination address is INADDR_ANY, 589df8bae1dSRodney W. Grimes * use the primary local address. 590df8bae1dSRodney W. Grimes * If the supplied address is INADDR_BROADCAST, 591df8bae1dSRodney W. Grimes * and the primary interface supports broadcast, 592df8bae1dSRodney W. Grimes * choose the broadcast address for that interface. 593df8bae1dSRodney W. Grimes */ 5945200e00eSIan Dowse if (faddr.s_addr == INADDR_ANY) 5955200e00eSIan Dowse faddr = IA_SIN(TAILQ_FIRST(&in_ifaddrhead))->sin_addr; 5965200e00eSIan Dowse else if (faddr.s_addr == (u_long)INADDR_BROADCAST && 5975200e00eSIan Dowse (TAILQ_FIRST(&in_ifaddrhead)->ia_ifp->if_flags & 5985200e00eSIan Dowse IFF_BROADCAST)) 5995200e00eSIan Dowse faddr = satosin(&TAILQ_FIRST( 6005200e00eSIan Dowse &in_ifaddrhead)->ia_broadaddr)->sin_addr; 601df8bae1dSRodney W. Grimes } 6025200e00eSIan Dowse if (laddr.s_addr == INADDR_ANY) { 603df8bae1dSRodney W. Grimes ia = (struct in_ifaddr *)0; 604df8bae1dSRodney W. Grimes /* 60597d8d152SAndre Oppermann * If route is known our src addr is taken from the i/f, 60697d8d152SAndre Oppermann * else punt. 607cf744713SAndre Oppermann * 608cf744713SAndre Oppermann * Find out route to destination 609df8bae1dSRodney W. Grimes */ 610cf744713SAndre Oppermann if ((inp->inp_socket->so_options & SO_DONTROUTE) == 0) 611cf744713SAndre Oppermann ia = ip_rtaddr(faddr); 612df8bae1dSRodney W. Grimes /* 613cf744713SAndre Oppermann * If we found a route, use the address corresponding to 614cf744713SAndre Oppermann * the outgoing interface. 615cf744713SAndre Oppermann * 616cf744713SAndre Oppermann * Otherwise assume faddr is reachable on a directly connected 617cf744713SAndre Oppermann * network and try to find a corresponding interface to take 618cf744713SAndre Oppermann * the source address from. 619df8bae1dSRodney W. Grimes */ 620df8bae1dSRodney W. Grimes if (ia == 0) { 6215200e00eSIan Dowse bzero(&sa, sizeof(sa)); 6225200e00eSIan Dowse sa.sin_addr = faddr; 6235200e00eSIan Dowse sa.sin_len = sizeof(sa); 6245200e00eSIan Dowse sa.sin_family = AF_INET; 625df8bae1dSRodney W. Grimes 6265200e00eSIan Dowse ia = ifatoia(ifa_ifwithdstaddr(sintosa(&sa))); 627df8bae1dSRodney W. Grimes if (ia == 0) 6285200e00eSIan Dowse ia = ifatoia(ifa_ifwithnet(sintosa(&sa))); 629df8bae1dSRodney W. Grimes if (ia == 0) 630ef14c369SMaxim Konovalov return (ENETUNREACH); 631df8bae1dSRodney W. Grimes } 632df8bae1dSRodney W. Grimes /* 633df8bae1dSRodney W. Grimes * If the destination address is multicast and an outgoing 634df8bae1dSRodney W. Grimes * interface has been set as a multicast option, use the 635df8bae1dSRodney W. Grimes * address of that interface as our source address. 636df8bae1dSRodney W. Grimes */ 6375200e00eSIan Dowse if (IN_MULTICAST(ntohl(faddr.s_addr)) && 638df8bae1dSRodney W. Grimes inp->inp_moptions != NULL) { 639df8bae1dSRodney W. Grimes struct ip_moptions *imo; 640df8bae1dSRodney W. Grimes struct ifnet *ifp; 641df8bae1dSRodney W. Grimes 642df8bae1dSRodney W. Grimes imo = inp->inp_moptions; 643df8bae1dSRodney W. Grimes if (imo->imo_multicast_ifp != NULL) { 644df8bae1dSRodney W. Grimes ifp = imo->imo_multicast_ifp; 64537d40066SPoul-Henning Kamp TAILQ_FOREACH(ia, &in_ifaddrhead, ia_link) 646df8bae1dSRodney W. Grimes if (ia->ia_ifp == ifp) 647df8bae1dSRodney W. Grimes break; 648df8bae1dSRodney W. Grimes if (ia == 0) 649df8bae1dSRodney W. Grimes return (EADDRNOTAVAIL); 650df8bae1dSRodney W. Grimes } 651df8bae1dSRodney W. Grimes } 6525200e00eSIan Dowse laddr = ia->ia_addr.sin_addr; 653999f1343SGarrett Wollman } 654999f1343SGarrett Wollman 6555200e00eSIan Dowse oinp = in_pcblookup_hash(inp->inp_pcbinfo, faddr, fport, laddr, lport, 6565200e00eSIan Dowse 0, NULL); 6575200e00eSIan Dowse if (oinp != NULL) { 6585200e00eSIan Dowse if (oinpp != NULL) 6595200e00eSIan Dowse *oinpp = oinp; 660df8bae1dSRodney W. Grimes return (EADDRINUSE); 661c3229e05SDavid Greenman } 6625200e00eSIan Dowse if (lport == 0) { 663b0330ed9SPawel Jakub Dawidek error = in_pcbbind_setup(inp, NULL, &laddr.s_addr, &lport, 664b0330ed9SPawel Jakub Dawidek cred); 6655a903f8dSPierre Beyssac if (error) 6665a903f8dSPierre Beyssac return (error); 6675a903f8dSPierre Beyssac } 6685200e00eSIan Dowse *laddrp = laddr.s_addr; 6695200e00eSIan Dowse *lportp = lport; 6705200e00eSIan Dowse *faddrp = faddr.s_addr; 6715200e00eSIan Dowse *fportp = fport; 672df8bae1dSRodney W. Grimes return (0); 673df8bae1dSRodney W. Grimes } 674df8bae1dSRodney W. Grimes 67526f9a767SRodney W. Grimes void 676136d4f1cSRobert Watson in_pcbdisconnect(struct inpcb *inp) 677df8bae1dSRodney W. Grimes { 6786b348152SRobert Watson 679fe6bfc37SRobert Watson INP_INFO_WLOCK_ASSERT(inp->inp_pcbinfo); 68059daba27SSam Leffler INP_LOCK_ASSERT(inp); 681df8bae1dSRodney W. Grimes 682df8bae1dSRodney W. Grimes inp->inp_faddr.s_addr = INADDR_ANY; 683df8bae1dSRodney W. Grimes inp->inp_fport = 0; 68415bd2b43SDavid Greenman in_pcbrehash(inp); 6850f9ade71SHajimu UMEMOTO #ifdef IPSEC 6860f9ade71SHajimu UMEMOTO ipsec_pcbdisconn(inp->inp_sp); 6870f9ade71SHajimu UMEMOTO #endif 688df8bae1dSRodney W. Grimes } 689df8bae1dSRodney W. Grimes 6904c7c478dSRobert Watson /* 6914c7c478dSRobert Watson * In the old world order, in_pcbdetach() served two functions: to detach the 6924c7c478dSRobert Watson * pcb from the socket/potentially free the socket, and to free the pcb 6934c7c478dSRobert Watson * itself. In the new world order, the protocol code is responsible for 6944c7c478dSRobert Watson * managing the relationship with the socket, and this code simply frees the 6954c7c478dSRobert Watson * pcb. 6964c7c478dSRobert Watson */ 69726f9a767SRodney W. Grimes void 698136d4f1cSRobert Watson in_pcbdetach(struct inpcb *inp) 699df8bae1dSRodney W. Grimes { 7004c7c478dSRobert Watson 7014c7c478dSRobert Watson KASSERT(inp->inp_socket != NULL, ("in_pcbdetach: inp_socket == NULL")); 7024c7c478dSRobert Watson inp->inp_socket->so_pcb = NULL; 7034c7c478dSRobert Watson inp->inp_socket = NULL; 7044c7c478dSRobert Watson } 7054c7c478dSRobert Watson 7064c7c478dSRobert Watson void 7074c7c478dSRobert Watson in_pcbfree(struct inpcb *inp) 7084c7c478dSRobert Watson { 7093d4d47f3SGarrett Wollman struct inpcbinfo *ipi = inp->inp_pcbinfo; 710df8bae1dSRodney W. Grimes 7114c7c478dSRobert Watson KASSERT(inp->inp_socket == NULL, ("in_pcbfree: inp_socket != NULL")); 712fe6bfc37SRobert Watson INP_INFO_WLOCK_ASSERT(ipi); 71359daba27SSam Leffler INP_LOCK_ASSERT(inp); 71459daba27SSam Leffler 7150f9ade71SHajimu UMEMOTO #if defined(IPSEC) || defined(FAST_IPSEC) 716cfa1ca9dSYoshinobu Inoue ipsec4_delete_pcbpolicy(inp); 717cfa1ca9dSYoshinobu Inoue #endif /*IPSEC*/ 7183d4d47f3SGarrett Wollman inp->inp_gencnt = ++ipi->ipi_gencnt; 719c3229e05SDavid Greenman in_pcbremlists(inp); 720df8bae1dSRodney W. Grimes if (inp->inp_options) 721df8bae1dSRodney W. Grimes (void)m_free(inp->inp_options); 722df8bae1dSRodney W. Grimes ip_freemoptions(inp->inp_moptions); 723cfa1ca9dSYoshinobu Inoue inp->inp_vflag = 0; 724f76fcf6dSJeffrey Hsu INP_LOCK_DESTROY(inp); 725a557af22SRobert Watson #ifdef MAC 726a557af22SRobert Watson mac_destroy_inpcb(inp); 727a557af22SRobert Watson #endif 72869c2d429SJeff Roberson uma_zfree(ipi->ipi_zone, inp); 729df8bae1dSRodney W. Grimes } 730df8bae1dSRodney W. Grimes 73110702a28SRobert Watson /* 73210702a28SRobert Watson * TCP needs to maintain its inpcb structure after the TCP connection has 73310702a28SRobert Watson * been torn down. However, it must be disconnected from the inpcb hashes as 73410702a28SRobert Watson * it must not prevent binding of future connections to the same port/ip 73510702a28SRobert Watson * combination by other inpcbs. 73610702a28SRobert Watson */ 73710702a28SRobert Watson void 73810702a28SRobert Watson in_pcbdrop(struct inpcb *inp) 73910702a28SRobert Watson { 74010702a28SRobert Watson struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 74110702a28SRobert Watson 74210702a28SRobert Watson INP_INFO_WLOCK_ASSERT(pcbinfo); 74310702a28SRobert Watson INP_LOCK_ASSERT(inp); 74410702a28SRobert Watson 74510702a28SRobert Watson inp->inp_vflag |= INP_DROPPED; 74610702a28SRobert Watson if (inp->inp_lport) { 74710702a28SRobert Watson struct inpcbport *phd = inp->inp_phd; 74810702a28SRobert Watson 74910702a28SRobert Watson LIST_REMOVE(inp, inp_hash); 75010702a28SRobert Watson LIST_REMOVE(inp, inp_portlist); 75110702a28SRobert Watson if (LIST_FIRST(&phd->phd_pcblist) == NULL) { 75210702a28SRobert Watson LIST_REMOVE(phd, phd_hash); 75310702a28SRobert Watson free(phd, M_PCB); 75410702a28SRobert Watson } 75510702a28SRobert Watson inp->inp_lport = 0; 75610702a28SRobert Watson } 75710702a28SRobert Watson } 75810702a28SRobert Watson 75926ef6ac4SDon Lewis struct sockaddr * 760136d4f1cSRobert Watson in_sockaddr(in_port_t port, struct in_addr *addr_p) 76126ef6ac4SDon Lewis { 76226ef6ac4SDon Lewis struct sockaddr_in *sin; 76326ef6ac4SDon Lewis 76426ef6ac4SDon Lewis MALLOC(sin, struct sockaddr_in *, sizeof *sin, M_SONAME, 765a163d034SWarner Losh M_WAITOK | M_ZERO); 76626ef6ac4SDon Lewis sin->sin_family = AF_INET; 76726ef6ac4SDon Lewis sin->sin_len = sizeof(*sin); 76826ef6ac4SDon Lewis sin->sin_addr = *addr_p; 76926ef6ac4SDon Lewis sin->sin_port = port; 77026ef6ac4SDon Lewis 77126ef6ac4SDon Lewis return (struct sockaddr *)sin; 77226ef6ac4SDon Lewis } 77326ef6ac4SDon Lewis 774117bcae7SGarrett Wollman /* 775f76fcf6dSJeffrey Hsu * The wrapper function will pass down the pcbinfo for this function to lock. 776f76fcf6dSJeffrey Hsu * The socket must have a valid 777117bcae7SGarrett Wollman * (i.e., non-nil) PCB, but it should be impossible to get an invalid one 778117bcae7SGarrett Wollman * except through a kernel programming error, so it is acceptable to panic 77957bf258eSGarrett Wollman * (or in this case trap) if the PCB is invalid. (Actually, we don't trap 78057bf258eSGarrett Wollman * because there actually /is/ a programming error somewhere... XXX) 781117bcae7SGarrett Wollman */ 782117bcae7SGarrett Wollman int 783136d4f1cSRobert Watson in_setsockaddr(struct socket *so, struct sockaddr **nam, 784136d4f1cSRobert Watson struct inpcbinfo *pcbinfo) 785df8bae1dSRodney W. Grimes { 786136d4f1cSRobert Watson struct inpcb *inp; 78726ef6ac4SDon Lewis struct in_addr addr; 78826ef6ac4SDon Lewis in_port_t port; 78942fa505bSDavid Greenman 790fdc984f7STor Egge inp = sotoinpcb(so); 7916466b28aSRobert Watson KASSERT(inp != NULL, ("in_setsockaddr: inp == NULL")); 7926466b28aSRobert Watson 793f76fcf6dSJeffrey Hsu INP_LOCK(inp); 79426ef6ac4SDon Lewis port = inp->inp_lport; 79526ef6ac4SDon Lewis addr = inp->inp_laddr; 796f76fcf6dSJeffrey Hsu INP_UNLOCK(inp); 79742fa505bSDavid Greenman 79826ef6ac4SDon Lewis *nam = in_sockaddr(port, &addr); 799117bcae7SGarrett Wollman return 0; 800df8bae1dSRodney W. Grimes } 801df8bae1dSRodney W. Grimes 802f76fcf6dSJeffrey Hsu /* 803f76fcf6dSJeffrey Hsu * The wrapper function will pass down the pcbinfo for this function to lock. 804f76fcf6dSJeffrey Hsu */ 805117bcae7SGarrett Wollman int 806136d4f1cSRobert Watson in_setpeeraddr(struct socket *so, struct sockaddr **nam, 807136d4f1cSRobert Watson struct inpcbinfo *pcbinfo) 808df8bae1dSRodney W. Grimes { 809136d4f1cSRobert Watson struct inpcb *inp; 81026ef6ac4SDon Lewis struct in_addr addr; 81126ef6ac4SDon Lewis in_port_t port; 81242fa505bSDavid Greenman 813fdc984f7STor Egge inp = sotoinpcb(so); 8146466b28aSRobert Watson KASSERT(inp != NULL, ("in_setpeeraddr: inp == NULL")); 8156466b28aSRobert Watson 816f76fcf6dSJeffrey Hsu INP_LOCK(inp); 81726ef6ac4SDon Lewis port = inp->inp_fport; 81826ef6ac4SDon Lewis addr = inp->inp_faddr; 819f76fcf6dSJeffrey Hsu INP_UNLOCK(inp); 82042fa505bSDavid Greenman 82126ef6ac4SDon Lewis *nam = in_sockaddr(port, &addr); 822117bcae7SGarrett Wollman return 0; 823df8bae1dSRodney W. Grimes } 824df8bae1dSRodney W. Grimes 82526f9a767SRodney W. Grimes void 826136d4f1cSRobert Watson in_pcbnotifyall(struct inpcbinfo *pcbinfo, struct in_addr faddr, int errno, 827136d4f1cSRobert Watson struct inpcb *(*notify)(struct inpcb *, int)) 828d1c54148SJesper Skriver { 829c693a045SJonathan Lemon struct inpcb *inp, *ninp; 830f76fcf6dSJeffrey Hsu struct inpcbhead *head; 831d1c54148SJesper Skriver 8323dc7ebf9SJeffrey Hsu INP_INFO_WLOCK(pcbinfo); 833f76fcf6dSJeffrey Hsu head = pcbinfo->listhead; 834c693a045SJonathan Lemon for (inp = LIST_FIRST(head); inp != NULL; inp = ninp) { 835f76fcf6dSJeffrey Hsu INP_LOCK(inp); 836c693a045SJonathan Lemon ninp = LIST_NEXT(inp, inp_list); 837d1c54148SJesper Skriver #ifdef INET6 838f76fcf6dSJeffrey Hsu if ((inp->inp_vflag & INP_IPV4) == 0) { 839f76fcf6dSJeffrey Hsu INP_UNLOCK(inp); 840d1c54148SJesper Skriver continue; 841f76fcf6dSJeffrey Hsu } 842d1c54148SJesper Skriver #endif 843d1c54148SJesper Skriver if (inp->inp_faddr.s_addr != faddr.s_addr || 844f76fcf6dSJeffrey Hsu inp->inp_socket == NULL) { 845f76fcf6dSJeffrey Hsu INP_UNLOCK(inp); 846d1c54148SJesper Skriver continue; 847d1c54148SJesper Skriver } 8483dc7ebf9SJeffrey Hsu if ((*notify)(inp, errno)) 849f76fcf6dSJeffrey Hsu INP_UNLOCK(inp); 850f76fcf6dSJeffrey Hsu } 8513dc7ebf9SJeffrey Hsu INP_INFO_WUNLOCK(pcbinfo); 852d1c54148SJesper Skriver } 853d1c54148SJesper Skriver 854e43cc4aeSHajimu UMEMOTO void 855136d4f1cSRobert Watson in_pcbpurgeif0(struct inpcbinfo *pcbinfo, struct ifnet *ifp) 856e43cc4aeSHajimu UMEMOTO { 857e43cc4aeSHajimu UMEMOTO struct inpcb *inp; 858e43cc4aeSHajimu UMEMOTO struct ip_moptions *imo; 859e43cc4aeSHajimu UMEMOTO int i, gap; 860e43cc4aeSHajimu UMEMOTO 861f76fcf6dSJeffrey Hsu INP_INFO_RLOCK(pcbinfo); 8623cfcc388SJeffrey Hsu LIST_FOREACH(inp, pcbinfo->listhead, inp_list) { 863f76fcf6dSJeffrey Hsu INP_LOCK(inp); 864e43cc4aeSHajimu UMEMOTO imo = inp->inp_moptions; 865e43cc4aeSHajimu UMEMOTO if ((inp->inp_vflag & INP_IPV4) && 866e43cc4aeSHajimu UMEMOTO imo != NULL) { 867e43cc4aeSHajimu UMEMOTO /* 868e43cc4aeSHajimu UMEMOTO * Unselect the outgoing interface if it is being 869e43cc4aeSHajimu UMEMOTO * detached. 870e43cc4aeSHajimu UMEMOTO */ 871e43cc4aeSHajimu UMEMOTO if (imo->imo_multicast_ifp == ifp) 872e43cc4aeSHajimu UMEMOTO imo->imo_multicast_ifp = NULL; 873e43cc4aeSHajimu UMEMOTO 874e43cc4aeSHajimu UMEMOTO /* 875e43cc4aeSHajimu UMEMOTO * Drop multicast group membership if we joined 876e43cc4aeSHajimu UMEMOTO * through the interface being detached. 877e43cc4aeSHajimu UMEMOTO */ 878e43cc4aeSHajimu UMEMOTO for (i = 0, gap = 0; i < imo->imo_num_memberships; 879e43cc4aeSHajimu UMEMOTO i++) { 880e43cc4aeSHajimu UMEMOTO if (imo->imo_membership[i]->inm_ifp == ifp) { 881e43cc4aeSHajimu UMEMOTO in_delmulti(imo->imo_membership[i]); 882e43cc4aeSHajimu UMEMOTO gap++; 883e43cc4aeSHajimu UMEMOTO } else if (gap != 0) 884e43cc4aeSHajimu UMEMOTO imo->imo_membership[i - gap] = 885e43cc4aeSHajimu UMEMOTO imo->imo_membership[i]; 886e43cc4aeSHajimu UMEMOTO } 887e43cc4aeSHajimu UMEMOTO imo->imo_num_memberships -= gap; 888e43cc4aeSHajimu UMEMOTO } 889f76fcf6dSJeffrey Hsu INP_UNLOCK(inp); 890e43cc4aeSHajimu UMEMOTO } 8913cfcc388SJeffrey Hsu INP_INFO_RUNLOCK(pcbinfo); 892e43cc4aeSHajimu UMEMOTO } 893e43cc4aeSHajimu UMEMOTO 894df8bae1dSRodney W. Grimes /* 895c3229e05SDavid Greenman * Lookup a PCB based on the local address and port. 896c3229e05SDavid Greenman */ 897d5e8a67eSHajimu UMEMOTO #define INP_LOOKUP_MAPPED_PCB_COST 3 898df8bae1dSRodney W. Grimes struct inpcb * 899136d4f1cSRobert Watson in_pcblookup_local(struct inpcbinfo *pcbinfo, struct in_addr laddr, 900136d4f1cSRobert Watson u_int lport_arg, int wild_okay) 901df8bae1dSRodney W. Grimes { 902136d4f1cSRobert Watson struct inpcb *inp; 903afa39e25SRobert Watson struct tcptw *tw; 904d5e8a67eSHajimu UMEMOTO #ifdef INET6 905d5e8a67eSHajimu UMEMOTO int matchwild = 3 + INP_LOOKUP_MAPPED_PCB_COST; 906d5e8a67eSHajimu UMEMOTO #else 907d5e8a67eSHajimu UMEMOTO int matchwild = 3; 908d5e8a67eSHajimu UMEMOTO #endif 909d5e8a67eSHajimu UMEMOTO int wildcard; 910c3229e05SDavid Greenman u_short lport = lport_arg; 9117bc4aca7SDavid Greenman 9121b73ca0bSSam Leffler INP_INFO_WLOCK_ASSERT(pcbinfo); 9131b73ca0bSSam Leffler 914c3229e05SDavid Greenman if (!wild_okay) { 915c3229e05SDavid Greenman struct inpcbhead *head; 916c3229e05SDavid Greenman /* 917c3229e05SDavid Greenman * Look for an unconnected (wildcard foreign addr) PCB that 918c3229e05SDavid Greenman * matches the local address and port we're looking for. 919c3229e05SDavid Greenman */ 920c3229e05SDavid Greenman head = &pcbinfo->hashbase[INP_PCBHASH(INADDR_ANY, lport, 0, pcbinfo->hashmask)]; 921fc2ffbe6SPoul-Henning Kamp LIST_FOREACH(inp, head, inp_hash) { 922cfa1ca9dSYoshinobu Inoue #ifdef INET6 923369dc8ceSEivind Eklund if ((inp->inp_vflag & INP_IPV4) == 0) 924cfa1ca9dSYoshinobu Inoue continue; 925cfa1ca9dSYoshinobu Inoue #endif 926c3229e05SDavid Greenman if (inp->inp_faddr.s_addr == INADDR_ANY && 927c3229e05SDavid Greenman inp->inp_laddr.s_addr == laddr.s_addr && 928c3229e05SDavid Greenman inp->inp_lport == lport) { 929c3229e05SDavid Greenman /* 930c3229e05SDavid Greenman * Found. 931c3229e05SDavid Greenman */ 932c3229e05SDavid Greenman return (inp); 933df8bae1dSRodney W. Grimes } 934c3229e05SDavid Greenman } 935c3229e05SDavid Greenman /* 936c3229e05SDavid Greenman * Not found. 937c3229e05SDavid Greenman */ 938c3229e05SDavid Greenman return (NULL); 939c3229e05SDavid Greenman } else { 940c3229e05SDavid Greenman struct inpcbporthead *porthash; 941c3229e05SDavid Greenman struct inpcbport *phd; 942c3229e05SDavid Greenman struct inpcb *match = NULL; 943c3229e05SDavid Greenman /* 944c3229e05SDavid Greenman * Best fit PCB lookup. 945c3229e05SDavid Greenman * 946c3229e05SDavid Greenman * First see if this local port is in use by looking on the 947c3229e05SDavid Greenman * port hash list. 948c3229e05SDavid Greenman */ 94996af9ea5SMike Silbersack retrylookup: 950c3229e05SDavid Greenman porthash = &pcbinfo->porthashbase[INP_PCBPORTHASH(lport, 951c3229e05SDavid Greenman pcbinfo->porthashmask)]; 952fc2ffbe6SPoul-Henning Kamp LIST_FOREACH(phd, porthash, phd_hash) { 953c3229e05SDavid Greenman if (phd->phd_port == lport) 954c3229e05SDavid Greenman break; 955c3229e05SDavid Greenman } 956c3229e05SDavid Greenman if (phd != NULL) { 957c3229e05SDavid Greenman /* 958c3229e05SDavid Greenman * Port is in use by one or more PCBs. Look for best 959c3229e05SDavid Greenman * fit. 960c3229e05SDavid Greenman */ 96137d40066SPoul-Henning Kamp LIST_FOREACH(inp, &phd->phd_pcblist, inp_portlist) { 962c3229e05SDavid Greenman wildcard = 0; 963cfa1ca9dSYoshinobu Inoue #ifdef INET6 964369dc8ceSEivind Eklund if ((inp->inp_vflag & INP_IPV4) == 0) 965cfa1ca9dSYoshinobu Inoue continue; 966d5e8a67eSHajimu UMEMOTO /* 967d5e8a67eSHajimu UMEMOTO * We never select the PCB that has 968d5e8a67eSHajimu UMEMOTO * INP_IPV6 flag and is bound to :: if 969d5e8a67eSHajimu UMEMOTO * we have another PCB which is bound 970d5e8a67eSHajimu UMEMOTO * to 0.0.0.0. If a PCB has the 971d5e8a67eSHajimu UMEMOTO * INP_IPV6 flag, then we set its cost 972d5e8a67eSHajimu UMEMOTO * higher than IPv4 only PCBs. 973d5e8a67eSHajimu UMEMOTO * 974d5e8a67eSHajimu UMEMOTO * Note that the case only happens 975d5e8a67eSHajimu UMEMOTO * when a socket is bound to ::, under 976d5e8a67eSHajimu UMEMOTO * the condition that the use of the 977d5e8a67eSHajimu UMEMOTO * mapped address is allowed. 978d5e8a67eSHajimu UMEMOTO */ 979d5e8a67eSHajimu UMEMOTO if ((inp->inp_vflag & INP_IPV6) != 0) 980d5e8a67eSHajimu UMEMOTO wildcard += INP_LOOKUP_MAPPED_PCB_COST; 981cfa1ca9dSYoshinobu Inoue #endif 98296af9ea5SMike Silbersack /* 98396af9ea5SMike Silbersack * Clean out old time_wait sockets if they 98496af9ea5SMike Silbersack * are clogging up needed local ports. 98596af9ea5SMike Silbersack */ 98696af9ea5SMike Silbersack if ((inp->inp_vflag & INP_TIMEWAIT) != 0) { 987afa39e25SRobert Watson tw = intotw(inp); 988ae0e7143SRobert Watson if (tw != NULL && 989ae0e7143SRobert Watson tcp_twrecycleable(tw)) { 990f7bbe2c0SSam Leffler INP_LOCK(inp); 991afa39e25SRobert Watson tcp_twclose(tw, 0); 99296af9ea5SMike Silbersack match = NULL; 99396af9ea5SMike Silbersack goto retrylookup; 99496af9ea5SMike Silbersack } 99596af9ea5SMike Silbersack } 996c3229e05SDavid Greenman if (inp->inp_faddr.s_addr != INADDR_ANY) 997c3229e05SDavid Greenman wildcard++; 99815bd2b43SDavid Greenman if (inp->inp_laddr.s_addr != INADDR_ANY) { 99915bd2b43SDavid Greenman if (laddr.s_addr == INADDR_ANY) 100015bd2b43SDavid Greenman wildcard++; 100115bd2b43SDavid Greenman else if (inp->inp_laddr.s_addr != laddr.s_addr) 100215bd2b43SDavid Greenman continue; 100315bd2b43SDavid Greenman } else { 100415bd2b43SDavid Greenman if (laddr.s_addr != INADDR_ANY) 100515bd2b43SDavid Greenman wildcard++; 100615bd2b43SDavid Greenman } 1007df8bae1dSRodney W. Grimes if (wildcard < matchwild) { 1008df8bae1dSRodney W. Grimes match = inp; 1009df8bae1dSRodney W. Grimes matchwild = wildcard; 10103dbdc25cSDavid Greenman if (matchwild == 0) { 1011df8bae1dSRodney W. Grimes break; 1012df8bae1dSRodney W. Grimes } 1013df8bae1dSRodney W. Grimes } 10143dbdc25cSDavid Greenman } 1015c3229e05SDavid Greenman } 1016df8bae1dSRodney W. Grimes return (match); 1017df8bae1dSRodney W. Grimes } 1018c3229e05SDavid Greenman } 1019d5e8a67eSHajimu UMEMOTO #undef INP_LOOKUP_MAPPED_PCB_COST 102015bd2b43SDavid Greenman 102115bd2b43SDavid Greenman /* 102215bd2b43SDavid Greenman * Lookup PCB in hash list. 102315bd2b43SDavid Greenman */ 102415bd2b43SDavid Greenman struct inpcb * 1025136d4f1cSRobert Watson in_pcblookup_hash(struct inpcbinfo *pcbinfo, struct in_addr faddr, 1026136d4f1cSRobert Watson u_int fport_arg, struct in_addr laddr, u_int lport_arg, int wildcard, 1027136d4f1cSRobert Watson struct ifnet *ifp) 102815bd2b43SDavid Greenman { 102915bd2b43SDavid Greenman struct inpcbhead *head; 1030136d4f1cSRobert Watson struct inpcb *inp; 103115bd2b43SDavid Greenman u_short fport = fport_arg, lport = lport_arg; 103215bd2b43SDavid Greenman 103359daba27SSam Leffler INP_INFO_RLOCK_ASSERT(pcbinfo); 1034602cc7f1SRobert Watson 103515bd2b43SDavid Greenman /* 103615bd2b43SDavid Greenman * First look for an exact match. 103715bd2b43SDavid Greenman */ 1038ddd79a97SDavid Greenman head = &pcbinfo->hashbase[INP_PCBHASH(faddr.s_addr, lport, fport, pcbinfo->hashmask)]; 1039fc2ffbe6SPoul-Henning Kamp LIST_FOREACH(inp, head, inp_hash) { 1040cfa1ca9dSYoshinobu Inoue #ifdef INET6 1041369dc8ceSEivind Eklund if ((inp->inp_vflag & INP_IPV4) == 0) 1042cfa1ca9dSYoshinobu Inoue continue; 1043cfa1ca9dSYoshinobu Inoue #endif 10446d6a026bSDavid Greenman if (inp->inp_faddr.s_addr == faddr.s_addr && 1045ca98b82cSDavid Greenman inp->inp_laddr.s_addr == laddr.s_addr && 1046ca98b82cSDavid Greenman inp->inp_fport == fport && 1047c3229e05SDavid Greenman inp->inp_lport == lport) { 1048c3229e05SDavid Greenman /* 1049c3229e05SDavid Greenman * Found. 1050c3229e05SDavid Greenman */ 1051c3229e05SDavid Greenman return (inp); 1052c3229e05SDavid Greenman } 10536d6a026bSDavid Greenman } 10546d6a026bSDavid Greenman if (wildcard) { 10556d6a026bSDavid Greenman struct inpcb *local_wild = NULL; 1056cfa1ca9dSYoshinobu Inoue #if defined(INET6) 1057cfa1ca9dSYoshinobu Inoue struct inpcb *local_wild_mapped = NULL; 1058cfa1ca9dSYoshinobu Inoue #endif /* defined(INET6) */ 10596d6a026bSDavid Greenman 1060ddd79a97SDavid Greenman head = &pcbinfo->hashbase[INP_PCBHASH(INADDR_ANY, lport, 0, pcbinfo->hashmask)]; 1061fc2ffbe6SPoul-Henning Kamp LIST_FOREACH(inp, head, inp_hash) { 1062cfa1ca9dSYoshinobu Inoue #ifdef INET6 1063369dc8ceSEivind Eklund if ((inp->inp_vflag & INP_IPV4) == 0) 1064cfa1ca9dSYoshinobu Inoue continue; 1065cfa1ca9dSYoshinobu Inoue #endif 10666d6a026bSDavid Greenman if (inp->inp_faddr.s_addr == INADDR_ANY && 1067c3229e05SDavid Greenman inp->inp_lport == lport) { 1068cfa1ca9dSYoshinobu Inoue if (ifp && ifp->if_type == IFT_FAITH && 1069cfa1ca9dSYoshinobu Inoue (inp->inp_flags & INP_FAITH) == 0) 1070cfa1ca9dSYoshinobu Inoue continue; 10716d6a026bSDavid Greenman if (inp->inp_laddr.s_addr == laddr.s_addr) 1072c3229e05SDavid Greenman return (inp); 1073cfa1ca9dSYoshinobu Inoue else if (inp->inp_laddr.s_addr == INADDR_ANY) { 1074cfa1ca9dSYoshinobu Inoue #if defined(INET6) 1075cfa1ca9dSYoshinobu Inoue if (INP_CHECK_SOCKAF(inp->inp_socket, 1076cfa1ca9dSYoshinobu Inoue AF_INET6)) 1077cfa1ca9dSYoshinobu Inoue local_wild_mapped = inp; 1078cfa1ca9dSYoshinobu Inoue else 1079cfa1ca9dSYoshinobu Inoue #endif /* defined(INET6) */ 10806d6a026bSDavid Greenman local_wild = inp; 10816d6a026bSDavid Greenman } 10826d6a026bSDavid Greenman } 1083cfa1ca9dSYoshinobu Inoue } 1084cfa1ca9dSYoshinobu Inoue #if defined(INET6) 1085cfa1ca9dSYoshinobu Inoue if (local_wild == NULL) 1086cfa1ca9dSYoshinobu Inoue return (local_wild_mapped); 1087cfa1ca9dSYoshinobu Inoue #endif /* defined(INET6) */ 1088c3229e05SDavid Greenman return (local_wild); 10896d6a026bSDavid Greenman } 1090c3229e05SDavid Greenman 1091c3229e05SDavid Greenman /* 1092c3229e05SDavid Greenman * Not found. 1093c3229e05SDavid Greenman */ 10946d6a026bSDavid Greenman return (NULL); 109515bd2b43SDavid Greenman } 109615bd2b43SDavid Greenman 10977bc4aca7SDavid Greenman /* 1098c3229e05SDavid Greenman * Insert PCB onto various hash lists. 10997bc4aca7SDavid Greenman */ 1100c3229e05SDavid Greenman int 1101136d4f1cSRobert Watson in_pcbinshash(struct inpcb *inp) 110215bd2b43SDavid Greenman { 1103c3229e05SDavid Greenman struct inpcbhead *pcbhash; 1104c3229e05SDavid Greenman struct inpcbporthead *pcbporthash; 1105c3229e05SDavid Greenman struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 1106c3229e05SDavid Greenman struct inpcbport *phd; 1107cfa1ca9dSYoshinobu Inoue u_int32_t hashkey_faddr; 110815bd2b43SDavid Greenman 110959daba27SSam Leffler INP_INFO_WLOCK_ASSERT(pcbinfo); 1110602cc7f1SRobert Watson INP_LOCK_ASSERT(inp); 1111602cc7f1SRobert Watson 1112cfa1ca9dSYoshinobu Inoue #ifdef INET6 1113cfa1ca9dSYoshinobu Inoue if (inp->inp_vflag & INP_IPV6) 1114cfa1ca9dSYoshinobu Inoue hashkey_faddr = inp->in6p_faddr.s6_addr32[3] /* XXX */; 1115cfa1ca9dSYoshinobu Inoue else 1116cfa1ca9dSYoshinobu Inoue #endif /* INET6 */ 1117cfa1ca9dSYoshinobu Inoue hashkey_faddr = inp->inp_faddr.s_addr; 1118cfa1ca9dSYoshinobu Inoue 1119cfa1ca9dSYoshinobu Inoue pcbhash = &pcbinfo->hashbase[INP_PCBHASH(hashkey_faddr, 1120c3229e05SDavid Greenman inp->inp_lport, inp->inp_fport, pcbinfo->hashmask)]; 112115bd2b43SDavid Greenman 1122c3229e05SDavid Greenman pcbporthash = &pcbinfo->porthashbase[INP_PCBPORTHASH(inp->inp_lport, 1123c3229e05SDavid Greenman pcbinfo->porthashmask)]; 1124c3229e05SDavid Greenman 1125c3229e05SDavid Greenman /* 1126c3229e05SDavid Greenman * Go through port list and look for a head for this lport. 1127c3229e05SDavid Greenman */ 1128fc2ffbe6SPoul-Henning Kamp LIST_FOREACH(phd, pcbporthash, phd_hash) { 1129c3229e05SDavid Greenman if (phd->phd_port == inp->inp_lport) 1130c3229e05SDavid Greenman break; 1131c3229e05SDavid Greenman } 1132c3229e05SDavid Greenman /* 1133c3229e05SDavid Greenman * If none exists, malloc one and tack it on. 1134c3229e05SDavid Greenman */ 1135c3229e05SDavid Greenman if (phd == NULL) { 1136c3229e05SDavid Greenman MALLOC(phd, struct inpcbport *, sizeof(struct inpcbport), M_PCB, M_NOWAIT); 1137c3229e05SDavid Greenman if (phd == NULL) { 1138c3229e05SDavid Greenman return (ENOBUFS); /* XXX */ 1139c3229e05SDavid Greenman } 1140c3229e05SDavid Greenman phd->phd_port = inp->inp_lport; 1141c3229e05SDavid Greenman LIST_INIT(&phd->phd_pcblist); 1142c3229e05SDavid Greenman LIST_INSERT_HEAD(pcbporthash, phd, phd_hash); 1143c3229e05SDavid Greenman } 1144c3229e05SDavid Greenman inp->inp_phd = phd; 1145c3229e05SDavid Greenman LIST_INSERT_HEAD(&phd->phd_pcblist, inp, inp_portlist); 1146c3229e05SDavid Greenman LIST_INSERT_HEAD(pcbhash, inp, inp_hash); 1147c3229e05SDavid Greenman return (0); 114815bd2b43SDavid Greenman } 114915bd2b43SDavid Greenman 1150c3229e05SDavid Greenman /* 1151c3229e05SDavid Greenman * Move PCB to the proper hash bucket when { faddr, fport } have been 1152c3229e05SDavid Greenman * changed. NOTE: This does not handle the case of the lport changing (the 1153c3229e05SDavid Greenman * hashed port list would have to be updated as well), so the lport must 1154c3229e05SDavid Greenman * not change after in_pcbinshash() has been called. 1155c3229e05SDavid Greenman */ 115615bd2b43SDavid Greenman void 1157136d4f1cSRobert Watson in_pcbrehash(struct inpcb *inp) 115815bd2b43SDavid Greenman { 115959daba27SSam Leffler struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 116015bd2b43SDavid Greenman struct inpcbhead *head; 1161cfa1ca9dSYoshinobu Inoue u_int32_t hashkey_faddr; 116215bd2b43SDavid Greenman 116359daba27SSam Leffler INP_INFO_WLOCK_ASSERT(pcbinfo); 11644c2bb15aSRobert Watson INP_LOCK_ASSERT(inp); 1165602cc7f1SRobert Watson 1166cfa1ca9dSYoshinobu Inoue #ifdef INET6 1167cfa1ca9dSYoshinobu Inoue if (inp->inp_vflag & INP_IPV6) 1168cfa1ca9dSYoshinobu Inoue hashkey_faddr = inp->in6p_faddr.s6_addr32[3] /* XXX */; 1169cfa1ca9dSYoshinobu Inoue else 1170cfa1ca9dSYoshinobu Inoue #endif /* INET6 */ 1171cfa1ca9dSYoshinobu Inoue hashkey_faddr = inp->inp_faddr.s_addr; 1172cfa1ca9dSYoshinobu Inoue 117359daba27SSam Leffler head = &pcbinfo->hashbase[INP_PCBHASH(hashkey_faddr, 117459daba27SSam Leffler inp->inp_lport, inp->inp_fport, pcbinfo->hashmask)]; 117515bd2b43SDavid Greenman 1176c3229e05SDavid Greenman LIST_REMOVE(inp, inp_hash); 117715bd2b43SDavid Greenman LIST_INSERT_HEAD(head, inp, inp_hash); 1178c3229e05SDavid Greenman } 1179c3229e05SDavid Greenman 1180c3229e05SDavid Greenman /* 1181c3229e05SDavid Greenman * Remove PCB from various lists. 1182c3229e05SDavid Greenman */ 118376429de4SYoshinobu Inoue void 1184136d4f1cSRobert Watson in_pcbremlists(struct inpcb *inp) 1185c3229e05SDavid Greenman { 118659daba27SSam Leffler struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 118759daba27SSam Leffler 118859daba27SSam Leffler INP_INFO_WLOCK_ASSERT(pcbinfo); 118959daba27SSam Leffler INP_LOCK_ASSERT(inp); 119059daba27SSam Leffler 119159daba27SSam Leffler inp->inp_gencnt = ++pcbinfo->ipi_gencnt; 1192c3229e05SDavid Greenman if (inp->inp_lport) { 1193c3229e05SDavid Greenman struct inpcbport *phd = inp->inp_phd; 1194c3229e05SDavid Greenman 1195c3229e05SDavid Greenman LIST_REMOVE(inp, inp_hash); 1196c3229e05SDavid Greenman LIST_REMOVE(inp, inp_portlist); 1197fc2ffbe6SPoul-Henning Kamp if (LIST_FIRST(&phd->phd_pcblist) == NULL) { 1198c3229e05SDavid Greenman LIST_REMOVE(phd, phd_hash); 1199c3229e05SDavid Greenman free(phd, M_PCB); 1200c3229e05SDavid Greenman } 1201c3229e05SDavid Greenman } 1202c3229e05SDavid Greenman LIST_REMOVE(inp, inp_list); 120359daba27SSam Leffler pcbinfo->ipi_count--; 120415bd2b43SDavid Greenman } 120575c13541SPoul-Henning Kamp 1206a557af22SRobert Watson /* 1207a557af22SRobert Watson * A set label operation has occurred at the socket layer, propagate the 1208a557af22SRobert Watson * label change into the in_pcb for the socket. 1209a557af22SRobert Watson */ 1210a557af22SRobert Watson void 1211136d4f1cSRobert Watson in_pcbsosetlabel(struct socket *so) 1212a557af22SRobert Watson { 1213a557af22SRobert Watson #ifdef MAC 1214a557af22SRobert Watson struct inpcb *inp; 1215a557af22SRobert Watson 12164c7c478dSRobert Watson inp = sotoinpcb(so); 12174c7c478dSRobert Watson KASSERT(inp != NULL, ("in_pcbsosetlabel: so->so_pcb == NULL")); 1218602cc7f1SRobert Watson 1219a557af22SRobert Watson INP_LOCK(inp); 1220310e7cebSRobert Watson SOCK_LOCK(so); 1221a557af22SRobert Watson mac_inpcb_sosetlabel(so, inp); 1222310e7cebSRobert Watson SOCK_UNLOCK(so); 1223a557af22SRobert Watson INP_UNLOCK(inp); 1224a557af22SRobert Watson #endif 1225a557af22SRobert Watson } 12265f311da2SMike Silbersack 12275f311da2SMike Silbersack /* 12285f311da2SMike Silbersack * ipport_tick runs once per second, determining if random port 12295f311da2SMike Silbersack * allocation should be continued. If more than ipport_randomcps 12305f311da2SMike Silbersack * ports have been allocated in the last second, then we return to 12315f311da2SMike Silbersack * sequential port allocation. We return to random allocation only 12326ee79c59SMaxim Konovalov * once we drop below ipport_randomcps for at least ipport_randomtime 12336ee79c59SMaxim Konovalov * seconds. 12345f311da2SMike Silbersack */ 12355f311da2SMike Silbersack 12365f311da2SMike Silbersack void 1237136d4f1cSRobert Watson ipport_tick(void *xtp) 12385f311da2SMike Silbersack { 12395f311da2SMike Silbersack if (ipport_tcpallocs > ipport_tcplastcount + ipport_randomcps) { 12405f311da2SMike Silbersack ipport_stoprandom = ipport_randomtime; 12415f311da2SMike Silbersack } else { 12425f311da2SMike Silbersack if (ipport_stoprandom > 0) 12435f311da2SMike Silbersack ipport_stoprandom--; 12445f311da2SMike Silbersack } 12455f311da2SMike Silbersack ipport_tcplastcount = ipport_tcpallocs; 12465f311da2SMike Silbersack callout_reset(&ipport_tick_callout, hz, ipport_tick, NULL); 12475f311da2SMike Silbersack } 1248