1 /*- 2 * Copyright (c) 1982, 1986, 1991, 1993, 1995 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * @(#)in_pcb.c 8.4 (Berkeley) 5/24/95 30 * $FreeBSD$ 31 */ 32 33 #include "opt_ipsec.h" 34 #include "opt_inet6.h" 35 #include "opt_mac.h" 36 37 #include <sys/param.h> 38 #include <sys/systm.h> 39 #include <sys/mac.h> 40 #include <sys/malloc.h> 41 #include <sys/mbuf.h> 42 #include <sys/domain.h> 43 #include <sys/protosw.h> 44 #include <sys/socket.h> 45 #include <sys/socketvar.h> 46 #include <sys/proc.h> 47 #include <sys/jail.h> 48 #include <sys/kernel.h> 49 #include <sys/sysctl.h> 50 51 #include <vm/uma.h> 52 53 #include <net/if.h> 54 #include <net/if_types.h> 55 #include <net/route.h> 56 57 #include <netinet/in.h> 58 #include <netinet/in_pcb.h> 59 #include <netinet/in_var.h> 60 #include <netinet/ip_var.h> 61 #include <netinet/tcp_var.h> 62 #include <netinet/udp.h> 63 #include <netinet/udp_var.h> 64 #ifdef INET6 65 #include <netinet/ip6.h> 66 #include <netinet6/ip6_var.h> 67 #endif /* INET6 */ 68 69 #ifdef IPSEC 70 #include <netinet6/ipsec.h> 71 #include <netkey/key.h> 72 #endif /* IPSEC */ 73 74 #ifdef FAST_IPSEC 75 #if defined(IPSEC) || defined(IPSEC_ESP) 76 #error "Bad idea: don't compile with both IPSEC and FAST_IPSEC!" 77 #endif 78 79 #include <netipsec/ipsec.h> 80 #include <netipsec/key.h> 81 #endif /* FAST_IPSEC */ 82 83 /* 84 * These configure the range of local port addresses assigned to 85 * "unspecified" outgoing connections/packets/whatever. 86 */ 87 int ipport_lowfirstauto = IPPORT_RESERVED - 1; /* 1023 */ 88 int ipport_lowlastauto = IPPORT_RESERVEDSTART; /* 600 */ 89 int ipport_firstauto = IPPORT_HIFIRSTAUTO; /* 49152 */ 90 int ipport_lastauto = IPPORT_HILASTAUTO; /* 65535 */ 91 int ipport_hifirstauto = IPPORT_HIFIRSTAUTO; /* 49152 */ 92 int ipport_hilastauto = IPPORT_HILASTAUTO; /* 65535 */ 93 94 /* 95 * Reserved ports accessible only to root. There are significant 96 * security considerations that must be accounted for when changing these, 97 * but the security benefits can be great. Please be careful. 98 */ 99 int ipport_reservedhigh = IPPORT_RESERVED - 1; /* 1023 */ 100 int ipport_reservedlow = 0; 101 102 /* Variables dealing with random ephemeral port allocation. */ 103 int ipport_randomized = 1; /* user controlled via sysctl */ 104 int ipport_randomcps = 10; /* user controlled via sysctl */ 105 int ipport_randomtime = 45; /* user controlled via sysctl */ 106 int ipport_stoprandom = 0; /* toggled by ipport_tick */ 107 int ipport_tcpallocs; 108 int ipport_tcplastcount; 109 110 #define RANGECHK(var, min, max) \ 111 if ((var) < (min)) { (var) = (min); } \ 112 else if ((var) > (max)) { (var) = (max); } 113 114 static int 115 sysctl_net_ipport_check(SYSCTL_HANDLER_ARGS) 116 { 117 int error; 118 119 error = sysctl_handle_int(oidp, oidp->oid_arg1, oidp->oid_arg2, req); 120 if (error == 0) { 121 RANGECHK(ipport_lowfirstauto, 1, IPPORT_RESERVED - 1); 122 RANGECHK(ipport_lowlastauto, 1, IPPORT_RESERVED - 1); 123 RANGECHK(ipport_firstauto, IPPORT_RESERVED, IPPORT_MAX); 124 RANGECHK(ipport_lastauto, IPPORT_RESERVED, IPPORT_MAX); 125 RANGECHK(ipport_hifirstauto, IPPORT_RESERVED, IPPORT_MAX); 126 RANGECHK(ipport_hilastauto, IPPORT_RESERVED, IPPORT_MAX); 127 } 128 return (error); 129 } 130 131 #undef RANGECHK 132 133 SYSCTL_NODE(_net_inet_ip, IPPROTO_IP, portrange, CTLFLAG_RW, 0, "IP Ports"); 134 135 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, lowfirst, CTLTYPE_INT|CTLFLAG_RW, 136 &ipport_lowfirstauto, 0, &sysctl_net_ipport_check, "I", ""); 137 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, lowlast, CTLTYPE_INT|CTLFLAG_RW, 138 &ipport_lowlastauto, 0, &sysctl_net_ipport_check, "I", ""); 139 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, first, CTLTYPE_INT|CTLFLAG_RW, 140 &ipport_firstauto, 0, &sysctl_net_ipport_check, "I", ""); 141 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, last, CTLTYPE_INT|CTLFLAG_RW, 142 &ipport_lastauto, 0, &sysctl_net_ipport_check, "I", ""); 143 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, hifirst, CTLTYPE_INT|CTLFLAG_RW, 144 &ipport_hifirstauto, 0, &sysctl_net_ipport_check, "I", ""); 145 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, hilast, CTLTYPE_INT|CTLFLAG_RW, 146 &ipport_hilastauto, 0, &sysctl_net_ipport_check, "I", ""); 147 SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, reservedhigh, 148 CTLFLAG_RW|CTLFLAG_SECURE, &ipport_reservedhigh, 0, ""); 149 SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, reservedlow, 150 CTLFLAG_RW|CTLFLAG_SECURE, &ipport_reservedlow, 0, ""); 151 SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, randomized, 152 CTLFLAG_RW, &ipport_randomized, 0, ""); 153 SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, randomcps, 154 CTLFLAG_RW, &ipport_randomcps, 0, ""); 155 SYSCTL_INT(_net_inet_ip_portrange, OID_AUTO, randomtime, 156 CTLFLAG_RW, &ipport_randomtime, 0, ""); 157 158 /* 159 * in_pcb.c: manage the Protocol Control Blocks. 160 * 161 * NOTE: It is assumed that most of these functions will be called at 162 * splnet(). XXX - There are, unfortunately, a few exceptions to this 163 * rule that should be fixed. 164 */ 165 166 /* 167 * Allocate a PCB and associate it with the socket. 168 */ 169 int 170 in_pcballoc(so, pcbinfo, type) 171 struct socket *so; 172 struct inpcbinfo *pcbinfo; 173 const char *type; 174 { 175 register struct inpcb *inp; 176 int error; 177 178 INP_INFO_WLOCK_ASSERT(pcbinfo); 179 error = 0; 180 inp = uma_zalloc(pcbinfo->ipi_zone, M_NOWAIT | M_ZERO); 181 if (inp == NULL) 182 return (ENOBUFS); 183 inp->inp_gencnt = ++pcbinfo->ipi_gencnt; 184 inp->inp_pcbinfo = pcbinfo; 185 inp->inp_socket = so; 186 #ifdef MAC 187 error = mac_init_inpcb(inp, M_NOWAIT); 188 if (error != 0) 189 goto out; 190 SOCK_LOCK(so); 191 mac_create_inpcb_from_socket(so, inp); 192 SOCK_UNLOCK(so); 193 #endif 194 #if defined(IPSEC) || defined(FAST_IPSEC) 195 #ifdef FAST_IPSEC 196 error = ipsec_init_policy(so, &inp->inp_sp); 197 #else 198 error = ipsec_init_pcbpolicy(so, &inp->inp_sp); 199 #endif 200 if (error != 0) 201 goto out; 202 #endif /*IPSEC*/ 203 #if defined(INET6) 204 if (INP_SOCKAF(so) == AF_INET6) { 205 inp->inp_vflag |= INP_IPV6PROTO; 206 if (ip6_v6only) 207 inp->inp_flags |= IN6P_IPV6_V6ONLY; 208 } 209 #endif 210 LIST_INSERT_HEAD(pcbinfo->listhead, inp, inp_list); 211 pcbinfo->ipi_count++; 212 so->so_pcb = (caddr_t)inp; 213 INP_LOCK_INIT(inp, "inp", type); 214 #ifdef INET6 215 if (ip6_auto_flowlabel) 216 inp->inp_flags |= IN6P_AUTOFLOWLABEL; 217 #endif 218 #if defined(IPSEC) || defined(FAST_IPSEC) || defined(MAC) 219 out: 220 if (error != 0) 221 uma_zfree(pcbinfo->ipi_zone, inp); 222 #endif 223 return (error); 224 } 225 226 int 227 in_pcbbind(inp, nam, cred) 228 register struct inpcb *inp; 229 struct sockaddr *nam; 230 struct ucred *cred; 231 { 232 int anonport, error; 233 234 INP_INFO_WLOCK_ASSERT(inp->inp_pcbinfo); 235 INP_LOCK_ASSERT(inp); 236 237 if (inp->inp_lport != 0 || inp->inp_laddr.s_addr != INADDR_ANY) 238 return (EINVAL); 239 anonport = inp->inp_lport == 0 && (nam == NULL || 240 ((struct sockaddr_in *)nam)->sin_port == 0); 241 error = in_pcbbind_setup(inp, nam, &inp->inp_laddr.s_addr, 242 &inp->inp_lport, cred); 243 if (error) 244 return (error); 245 if (in_pcbinshash(inp) != 0) { 246 inp->inp_laddr.s_addr = INADDR_ANY; 247 inp->inp_lport = 0; 248 return (EAGAIN); 249 } 250 if (anonport) 251 inp->inp_flags |= INP_ANONPORT; 252 return (0); 253 } 254 255 /* 256 * Set up a bind operation on a PCB, performing port allocation 257 * as required, but do not actually modify the PCB. Callers can 258 * either complete the bind by setting inp_laddr/inp_lport and 259 * calling in_pcbinshash(), or they can just use the resulting 260 * port and address to authorise the sending of a once-off packet. 261 * 262 * On error, the values of *laddrp and *lportp are not changed. 263 */ 264 int 265 in_pcbbind_setup(inp, nam, laddrp, lportp, cred) 266 struct inpcb *inp; 267 struct sockaddr *nam; 268 in_addr_t *laddrp; 269 u_short *lportp; 270 struct ucred *cred; 271 { 272 struct socket *so = inp->inp_socket; 273 unsigned short *lastport; 274 struct sockaddr_in *sin; 275 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 276 struct in_addr laddr; 277 u_short lport = 0; 278 int wild = 0, reuseport = (so->so_options & SO_REUSEPORT); 279 int error, prison = 0; 280 int dorandom; 281 282 INP_INFO_WLOCK_ASSERT(pcbinfo); 283 INP_LOCK_ASSERT(inp); 284 285 if (TAILQ_EMPTY(&in_ifaddrhead)) /* XXX broken! */ 286 return (EADDRNOTAVAIL); 287 laddr.s_addr = *laddrp; 288 if (nam != NULL && laddr.s_addr != INADDR_ANY) 289 return (EINVAL); 290 if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0) 291 wild = 1; 292 if (nam) { 293 sin = (struct sockaddr_in *)nam; 294 if (nam->sa_len != sizeof (*sin)) 295 return (EINVAL); 296 #ifdef notdef 297 /* 298 * We should check the family, but old programs 299 * incorrectly fail to initialize it. 300 */ 301 if (sin->sin_family != AF_INET) 302 return (EAFNOSUPPORT); 303 #endif 304 if (sin->sin_addr.s_addr != INADDR_ANY) 305 if (prison_ip(cred, 0, &sin->sin_addr.s_addr)) 306 return(EINVAL); 307 if (sin->sin_port != *lportp) { 308 /* Don't allow the port to change. */ 309 if (*lportp != 0) 310 return (EINVAL); 311 lport = sin->sin_port; 312 } 313 /* NB: lport is left as 0 if the port isn't being changed. */ 314 if (IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) { 315 /* 316 * Treat SO_REUSEADDR as SO_REUSEPORT for multicast; 317 * allow complete duplication of binding if 318 * SO_REUSEPORT is set, or if SO_REUSEADDR is set 319 * and a multicast address is bound on both 320 * new and duplicated sockets. 321 */ 322 if (so->so_options & SO_REUSEADDR) 323 reuseport = SO_REUSEADDR|SO_REUSEPORT; 324 } else if (sin->sin_addr.s_addr != INADDR_ANY) { 325 sin->sin_port = 0; /* yech... */ 326 bzero(&sin->sin_zero, sizeof(sin->sin_zero)); 327 if (ifa_ifwithaddr((struct sockaddr *)sin) == 0) 328 return (EADDRNOTAVAIL); 329 } 330 laddr = sin->sin_addr; 331 if (lport) { 332 struct inpcb *t; 333 /* GROSS */ 334 if (ntohs(lport) <= ipport_reservedhigh && 335 ntohs(lport) >= ipport_reservedlow && 336 suser_cred(cred, SUSER_ALLOWJAIL)) 337 return (EACCES); 338 if (jailed(cred)) 339 prison = 1; 340 if (so->so_cred->cr_uid != 0 && 341 !IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) { 342 t = in_pcblookup_local(inp->inp_pcbinfo, 343 sin->sin_addr, lport, 344 prison ? 0 : INPLOOKUP_WILDCARD); 345 /* 346 * XXX 347 * This entire block sorely needs a rewrite. 348 */ 349 if (t && 350 ((t->inp_vflag & INP_TIMEWAIT) == 0) && 351 (so->so_type != SOCK_STREAM || 352 ntohl(t->inp_faddr.s_addr) == INADDR_ANY) && 353 (ntohl(sin->sin_addr.s_addr) != INADDR_ANY || 354 ntohl(t->inp_laddr.s_addr) != INADDR_ANY || 355 (t->inp_socket->so_options & 356 SO_REUSEPORT) == 0) && 357 (so->so_cred->cr_uid != 358 t->inp_socket->so_cred->cr_uid)) 359 return (EADDRINUSE); 360 } 361 if (prison && prison_ip(cred, 0, &sin->sin_addr.s_addr)) 362 return (EADDRNOTAVAIL); 363 t = in_pcblookup_local(pcbinfo, sin->sin_addr, 364 lport, prison ? 0 : wild); 365 if (t && (t->inp_vflag & INP_TIMEWAIT)) { 366 if ((reuseport & intotw(t)->tw_so_options) == 0) 367 return (EADDRINUSE); 368 } else 369 if (t && 370 (reuseport & t->inp_socket->so_options) == 0) { 371 #if defined(INET6) 372 if (ntohl(sin->sin_addr.s_addr) != 373 INADDR_ANY || 374 ntohl(t->inp_laddr.s_addr) != 375 INADDR_ANY || 376 INP_SOCKAF(so) == 377 INP_SOCKAF(t->inp_socket)) 378 #endif /* defined(INET6) */ 379 return (EADDRINUSE); 380 } 381 } 382 } 383 if (*lportp != 0) 384 lport = *lportp; 385 if (lport == 0) { 386 u_short first, last; 387 int count; 388 389 if (laddr.s_addr != INADDR_ANY) 390 if (prison_ip(cred, 0, &laddr.s_addr)) 391 return (EINVAL); 392 393 if (inp->inp_flags & INP_HIGHPORT) { 394 first = ipport_hifirstauto; /* sysctl */ 395 last = ipport_hilastauto; 396 lastport = &pcbinfo->lasthi; 397 } else if (inp->inp_flags & INP_LOWPORT) { 398 if ((error = suser_cred(cred, SUSER_ALLOWJAIL)) != 0) 399 return error; 400 first = ipport_lowfirstauto; /* 1023 */ 401 last = ipport_lowlastauto; /* 600 */ 402 lastport = &pcbinfo->lastlow; 403 } else { 404 first = ipport_firstauto; /* sysctl */ 405 last = ipport_lastauto; 406 lastport = &pcbinfo->lastport; 407 } 408 /* 409 * For UDP, use random port allocation as long as the user 410 * allows it. For TCP (and as of yet unknown) connections, 411 * use random port allocation only if the user allows it AND 412 * ipport_tick allows it. 413 */ 414 if (ipport_randomized && 415 (!ipport_stoprandom || pcbinfo == &udbinfo)) 416 dorandom = 1; 417 else 418 dorandom = 0; 419 /* Make sure to not include UDP packets in the count. */ 420 if (pcbinfo != &udbinfo) 421 ipport_tcpallocs++; 422 /* 423 * Simple check to ensure all ports are not used up causing 424 * a deadlock here. 425 * 426 * We split the two cases (up and down) so that the direction 427 * is not being tested on each round of the loop. 428 */ 429 if (first > last) { 430 /* 431 * counting down 432 */ 433 if (dorandom) 434 *lastport = first - 435 (arc4random() % (first - last)); 436 count = first - last; 437 438 do { 439 if (count-- < 0) /* completely used? */ 440 return (EADDRNOTAVAIL); 441 --*lastport; 442 if (*lastport > first || *lastport < last) 443 *lastport = first; 444 lport = htons(*lastport); 445 } while (in_pcblookup_local(pcbinfo, laddr, lport, 446 wild)); 447 } else { 448 /* 449 * counting up 450 */ 451 if (dorandom) 452 *lastport = first + 453 (arc4random() % (last - first)); 454 count = last - first; 455 456 do { 457 if (count-- < 0) /* completely used? */ 458 return (EADDRNOTAVAIL); 459 ++*lastport; 460 if (*lastport < first || *lastport > last) 461 *lastport = first; 462 lport = htons(*lastport); 463 } while (in_pcblookup_local(pcbinfo, laddr, lport, 464 wild)); 465 } 466 } 467 if (prison_ip(cred, 0, &laddr.s_addr)) 468 return (EINVAL); 469 *laddrp = laddr.s_addr; 470 *lportp = lport; 471 return (0); 472 } 473 474 /* 475 * Connect from a socket to a specified address. 476 * Both address and port must be specified in argument sin. 477 * If don't have a local address for this socket yet, 478 * then pick one. 479 */ 480 int 481 in_pcbconnect(inp, nam, cred) 482 register struct inpcb *inp; 483 struct sockaddr *nam; 484 struct ucred *cred; 485 { 486 u_short lport, fport; 487 in_addr_t laddr, faddr; 488 int anonport, error; 489 490 INP_INFO_WLOCK_ASSERT(inp->inp_pcbinfo); 491 INP_LOCK_ASSERT(inp); 492 493 lport = inp->inp_lport; 494 laddr = inp->inp_laddr.s_addr; 495 anonport = (lport == 0); 496 error = in_pcbconnect_setup(inp, nam, &laddr, &lport, &faddr, &fport, 497 NULL, cred); 498 if (error) 499 return (error); 500 501 /* Do the initial binding of the local address if required. */ 502 if (inp->inp_laddr.s_addr == INADDR_ANY && inp->inp_lport == 0) { 503 inp->inp_lport = lport; 504 inp->inp_laddr.s_addr = laddr; 505 if (in_pcbinshash(inp) != 0) { 506 inp->inp_laddr.s_addr = INADDR_ANY; 507 inp->inp_lport = 0; 508 return (EAGAIN); 509 } 510 } 511 512 /* Commit the remaining changes. */ 513 inp->inp_lport = lport; 514 inp->inp_laddr.s_addr = laddr; 515 inp->inp_faddr.s_addr = faddr; 516 inp->inp_fport = fport; 517 in_pcbrehash(inp); 518 #ifdef IPSEC 519 if (inp->inp_socket->so_type == SOCK_STREAM) 520 ipsec_pcbconn(inp->inp_sp); 521 #endif 522 if (anonport) 523 inp->inp_flags |= INP_ANONPORT; 524 return (0); 525 } 526 527 /* 528 * Set up for a connect from a socket to the specified address. 529 * On entry, *laddrp and *lportp should contain the current local 530 * address and port for the PCB; these are updated to the values 531 * that should be placed in inp_laddr and inp_lport to complete 532 * the connect. 533 * 534 * On success, *faddrp and *fportp will be set to the remote address 535 * and port. These are not updated in the error case. 536 * 537 * If the operation fails because the connection already exists, 538 * *oinpp will be set to the PCB of that connection so that the 539 * caller can decide to override it. In all other cases, *oinpp 540 * is set to NULL. 541 */ 542 int 543 in_pcbconnect_setup(inp, nam, laddrp, lportp, faddrp, fportp, oinpp, cred) 544 register struct inpcb *inp; 545 struct sockaddr *nam; 546 in_addr_t *laddrp; 547 u_short *lportp; 548 in_addr_t *faddrp; 549 u_short *fportp; 550 struct inpcb **oinpp; 551 struct ucred *cred; 552 { 553 struct sockaddr_in *sin = (struct sockaddr_in *)nam; 554 struct in_ifaddr *ia; 555 struct sockaddr_in sa; 556 struct ucred *socred; 557 struct inpcb *oinp; 558 struct in_addr laddr, faddr; 559 u_short lport, fport; 560 int error; 561 562 INP_INFO_WLOCK_ASSERT(inp->inp_pcbinfo); 563 INP_LOCK_ASSERT(inp); 564 565 if (oinpp != NULL) 566 *oinpp = NULL; 567 if (nam->sa_len != sizeof (*sin)) 568 return (EINVAL); 569 if (sin->sin_family != AF_INET) 570 return (EAFNOSUPPORT); 571 if (sin->sin_port == 0) 572 return (EADDRNOTAVAIL); 573 laddr.s_addr = *laddrp; 574 lport = *lportp; 575 faddr = sin->sin_addr; 576 fport = sin->sin_port; 577 socred = inp->inp_socket->so_cred; 578 if (laddr.s_addr == INADDR_ANY && jailed(socred)) { 579 bzero(&sa, sizeof(sa)); 580 sa.sin_addr.s_addr = htonl(prison_getip(socred)); 581 sa.sin_len = sizeof(sa); 582 sa.sin_family = AF_INET; 583 error = in_pcbbind_setup(inp, (struct sockaddr *)&sa, 584 &laddr.s_addr, &lport, cred); 585 if (error) 586 return (error); 587 } 588 if (!TAILQ_EMPTY(&in_ifaddrhead)) { 589 /* 590 * If the destination address is INADDR_ANY, 591 * use the primary local address. 592 * If the supplied address is INADDR_BROADCAST, 593 * and the primary interface supports broadcast, 594 * choose the broadcast address for that interface. 595 */ 596 if (faddr.s_addr == INADDR_ANY) 597 faddr = IA_SIN(TAILQ_FIRST(&in_ifaddrhead))->sin_addr; 598 else if (faddr.s_addr == (u_long)INADDR_BROADCAST && 599 (TAILQ_FIRST(&in_ifaddrhead)->ia_ifp->if_flags & 600 IFF_BROADCAST)) 601 faddr = satosin(&TAILQ_FIRST( 602 &in_ifaddrhead)->ia_broadaddr)->sin_addr; 603 } 604 if (laddr.s_addr == INADDR_ANY) { 605 struct route sro; 606 607 bzero(&sro, sizeof(sro)); 608 ia = (struct in_ifaddr *)0; 609 /* 610 * If route is known our src addr is taken from the i/f, 611 * else punt. 612 */ 613 if ((inp->inp_socket->so_options & SO_DONTROUTE) == 0) { 614 /* Find out route to destination */ 615 sro.ro_dst.sa_family = AF_INET; 616 sro.ro_dst.sa_len = sizeof(struct sockaddr_in); 617 ((struct sockaddr_in *)&sro.ro_dst)->sin_addr = faddr; 618 rtalloc_ign(&sro, RTF_CLONING); 619 } 620 /* 621 * If we found a route, use the address 622 * corresponding to the outgoing interface. 623 */ 624 if (sro.ro_rt) { 625 ia = ifatoia(sro.ro_rt->rt_ifa); 626 RTFREE(sro.ro_rt); 627 } 628 if (ia == 0) { 629 bzero(&sa, sizeof(sa)); 630 sa.sin_addr = faddr; 631 sa.sin_len = sizeof(sa); 632 sa.sin_family = AF_INET; 633 634 ia = ifatoia(ifa_ifwithdstaddr(sintosa(&sa))); 635 if (ia == 0) 636 ia = ifatoia(ifa_ifwithnet(sintosa(&sa))); 637 if (ia == 0) 638 return (ENETUNREACH); 639 } 640 /* 641 * If the destination address is multicast and an outgoing 642 * interface has been set as a multicast option, use the 643 * address of that interface as our source address. 644 */ 645 if (IN_MULTICAST(ntohl(faddr.s_addr)) && 646 inp->inp_moptions != NULL) { 647 struct ip_moptions *imo; 648 struct ifnet *ifp; 649 650 imo = inp->inp_moptions; 651 if (imo->imo_multicast_ifp != NULL) { 652 ifp = imo->imo_multicast_ifp; 653 TAILQ_FOREACH(ia, &in_ifaddrhead, ia_link) 654 if (ia->ia_ifp == ifp) 655 break; 656 if (ia == 0) 657 return (EADDRNOTAVAIL); 658 } 659 } 660 laddr = ia->ia_addr.sin_addr; 661 } 662 663 oinp = in_pcblookup_hash(inp->inp_pcbinfo, faddr, fport, laddr, lport, 664 0, NULL); 665 if (oinp != NULL) { 666 if (oinpp != NULL) 667 *oinpp = oinp; 668 return (EADDRINUSE); 669 } 670 if (lport == 0) { 671 error = in_pcbbind_setup(inp, NULL, &laddr.s_addr, &lport, 672 cred); 673 if (error) 674 return (error); 675 } 676 *laddrp = laddr.s_addr; 677 *lportp = lport; 678 *faddrp = faddr.s_addr; 679 *fportp = fport; 680 return (0); 681 } 682 683 void 684 in_pcbdisconnect(inp) 685 struct inpcb *inp; 686 { 687 INP_LOCK_ASSERT(inp); 688 689 inp->inp_faddr.s_addr = INADDR_ANY; 690 inp->inp_fport = 0; 691 in_pcbrehash(inp); 692 #ifdef IPSEC 693 ipsec_pcbdisconn(inp->inp_sp); 694 #endif 695 if (inp->inp_socket->so_state & SS_NOFDREF) 696 in_pcbdetach(inp); 697 } 698 699 void 700 in_pcbdetach(inp) 701 struct inpcb *inp; 702 { 703 struct socket *so = inp->inp_socket; 704 struct inpcbinfo *ipi = inp->inp_pcbinfo; 705 706 INP_LOCK_ASSERT(inp); 707 708 #if defined(IPSEC) || defined(FAST_IPSEC) 709 ipsec4_delete_pcbpolicy(inp); 710 #endif /*IPSEC*/ 711 inp->inp_gencnt = ++ipi->ipi_gencnt; 712 in_pcbremlists(inp); 713 if (so) { 714 ACCEPT_LOCK(); 715 SOCK_LOCK(so); 716 so->so_pcb = NULL; 717 sotryfree(so); 718 } 719 if (inp->inp_options) 720 (void)m_free(inp->inp_options); 721 ip_freemoptions(inp->inp_moptions); 722 inp->inp_vflag = 0; 723 INP_LOCK_DESTROY(inp); 724 #ifdef MAC 725 mac_destroy_inpcb(inp); 726 #endif 727 uma_zfree(ipi->ipi_zone, inp); 728 } 729 730 struct sockaddr * 731 in_sockaddr(port, addr_p) 732 in_port_t port; 733 struct in_addr *addr_p; 734 { 735 struct sockaddr_in *sin; 736 737 MALLOC(sin, struct sockaddr_in *, sizeof *sin, M_SONAME, 738 M_WAITOK | M_ZERO); 739 sin->sin_family = AF_INET; 740 sin->sin_len = sizeof(*sin); 741 sin->sin_addr = *addr_p; 742 sin->sin_port = port; 743 744 return (struct sockaddr *)sin; 745 } 746 747 /* 748 * The wrapper function will pass down the pcbinfo for this function to lock. 749 * The socket must have a valid 750 * (i.e., non-nil) PCB, but it should be impossible to get an invalid one 751 * except through a kernel programming error, so it is acceptable to panic 752 * (or in this case trap) if the PCB is invalid. (Actually, we don't trap 753 * because there actually /is/ a programming error somewhere... XXX) 754 */ 755 int 756 in_setsockaddr(so, nam, pcbinfo) 757 struct socket *so; 758 struct sockaddr **nam; 759 struct inpcbinfo *pcbinfo; 760 { 761 int s; 762 register struct inpcb *inp; 763 struct in_addr addr; 764 in_port_t port; 765 766 s = splnet(); 767 INP_INFO_RLOCK(pcbinfo); 768 inp = sotoinpcb(so); 769 if (!inp) { 770 INP_INFO_RUNLOCK(pcbinfo); 771 splx(s); 772 return ECONNRESET; 773 } 774 INP_LOCK(inp); 775 port = inp->inp_lport; 776 addr = inp->inp_laddr; 777 INP_UNLOCK(inp); 778 INP_INFO_RUNLOCK(pcbinfo); 779 splx(s); 780 781 *nam = in_sockaddr(port, &addr); 782 return 0; 783 } 784 785 /* 786 * The wrapper function will pass down the pcbinfo for this function to lock. 787 */ 788 int 789 in_setpeeraddr(so, nam, pcbinfo) 790 struct socket *so; 791 struct sockaddr **nam; 792 struct inpcbinfo *pcbinfo; 793 { 794 int s; 795 register struct inpcb *inp; 796 struct in_addr addr; 797 in_port_t port; 798 799 s = splnet(); 800 INP_INFO_RLOCK(pcbinfo); 801 inp = sotoinpcb(so); 802 if (!inp) { 803 INP_INFO_RUNLOCK(pcbinfo); 804 splx(s); 805 return ECONNRESET; 806 } 807 INP_LOCK(inp); 808 port = inp->inp_fport; 809 addr = inp->inp_faddr; 810 INP_UNLOCK(inp); 811 INP_INFO_RUNLOCK(pcbinfo); 812 splx(s); 813 814 *nam = in_sockaddr(port, &addr); 815 return 0; 816 } 817 818 void 819 in_pcbnotifyall(pcbinfo, faddr, errno, notify) 820 struct inpcbinfo *pcbinfo; 821 struct in_addr faddr; 822 int errno; 823 struct inpcb *(*notify)(struct inpcb *, int); 824 { 825 struct inpcb *inp, *ninp; 826 struct inpcbhead *head; 827 int s; 828 829 s = splnet(); 830 INP_INFO_WLOCK(pcbinfo); 831 head = pcbinfo->listhead; 832 for (inp = LIST_FIRST(head); inp != NULL; inp = ninp) { 833 INP_LOCK(inp); 834 ninp = LIST_NEXT(inp, inp_list); 835 #ifdef INET6 836 if ((inp->inp_vflag & INP_IPV4) == 0) { 837 INP_UNLOCK(inp); 838 continue; 839 } 840 #endif 841 if (inp->inp_faddr.s_addr != faddr.s_addr || 842 inp->inp_socket == NULL) { 843 INP_UNLOCK(inp); 844 continue; 845 } 846 if ((*notify)(inp, errno)) 847 INP_UNLOCK(inp); 848 } 849 INP_INFO_WUNLOCK(pcbinfo); 850 splx(s); 851 } 852 853 void 854 in_pcbpurgeif0(pcbinfo, ifp) 855 struct inpcbinfo *pcbinfo; 856 struct ifnet *ifp; 857 { 858 struct inpcb *inp; 859 struct ip_moptions *imo; 860 int i, gap; 861 862 /* why no splnet here? XXX */ 863 INP_INFO_RLOCK(pcbinfo); 864 LIST_FOREACH(inp, pcbinfo->listhead, inp_list) { 865 INP_LOCK(inp); 866 imo = inp->inp_moptions; 867 if ((inp->inp_vflag & INP_IPV4) && 868 imo != NULL) { 869 /* 870 * Unselect the outgoing interface if it is being 871 * detached. 872 */ 873 if (imo->imo_multicast_ifp == ifp) 874 imo->imo_multicast_ifp = NULL; 875 876 /* 877 * Drop multicast group membership if we joined 878 * through the interface being detached. 879 */ 880 for (i = 0, gap = 0; i < imo->imo_num_memberships; 881 i++) { 882 if (imo->imo_membership[i]->inm_ifp == ifp) { 883 in_delmulti(imo->imo_membership[i]); 884 gap++; 885 } else if (gap != 0) 886 imo->imo_membership[i - gap] = 887 imo->imo_membership[i]; 888 } 889 imo->imo_num_memberships -= gap; 890 } 891 INP_UNLOCK(inp); 892 } 893 INP_INFO_RUNLOCK(pcbinfo); 894 } 895 896 /* 897 * Lookup a PCB based on the local address and port. 898 */ 899 struct inpcb * 900 in_pcblookup_local(pcbinfo, laddr, lport_arg, wild_okay) 901 struct inpcbinfo *pcbinfo; 902 struct in_addr laddr; 903 u_int lport_arg; 904 int wild_okay; 905 { 906 register struct inpcb *inp; 907 int matchwild = 3, wildcard; 908 u_short lport = lport_arg; 909 910 INP_INFO_WLOCK_ASSERT(pcbinfo); 911 912 if (!wild_okay) { 913 struct inpcbhead *head; 914 /* 915 * Look for an unconnected (wildcard foreign addr) PCB that 916 * matches the local address and port we're looking for. 917 */ 918 head = &pcbinfo->hashbase[INP_PCBHASH(INADDR_ANY, lport, 0, pcbinfo->hashmask)]; 919 LIST_FOREACH(inp, head, inp_hash) { 920 #ifdef INET6 921 if ((inp->inp_vflag & INP_IPV4) == 0) 922 continue; 923 #endif 924 if (inp->inp_faddr.s_addr == INADDR_ANY && 925 inp->inp_laddr.s_addr == laddr.s_addr && 926 inp->inp_lport == lport) { 927 /* 928 * Found. 929 */ 930 return (inp); 931 } 932 } 933 /* 934 * Not found. 935 */ 936 return (NULL); 937 } else { 938 struct inpcbporthead *porthash; 939 struct inpcbport *phd; 940 struct inpcb *match = NULL; 941 /* 942 * Best fit PCB lookup. 943 * 944 * First see if this local port is in use by looking on the 945 * port hash list. 946 */ 947 retrylookup: 948 porthash = &pcbinfo->porthashbase[INP_PCBPORTHASH(lport, 949 pcbinfo->porthashmask)]; 950 LIST_FOREACH(phd, porthash, phd_hash) { 951 if (phd->phd_port == lport) 952 break; 953 } 954 if (phd != NULL) { 955 /* 956 * Port is in use by one or more PCBs. Look for best 957 * fit. 958 */ 959 LIST_FOREACH(inp, &phd->phd_pcblist, inp_portlist) { 960 wildcard = 0; 961 #ifdef INET6 962 if ((inp->inp_vflag & INP_IPV4) == 0) 963 continue; 964 #endif 965 /* 966 * Clean out old time_wait sockets if they 967 * are clogging up needed local ports. 968 */ 969 if ((inp->inp_vflag & INP_TIMEWAIT) != 0) { 970 if (tcp_twrecycleable((struct tcptw *)inp->inp_ppcb)) { 971 INP_LOCK(inp); 972 tcp_twclose((struct tcptw *)inp->inp_ppcb, 0); 973 match = NULL; 974 goto retrylookup; 975 } 976 } 977 if (inp->inp_faddr.s_addr != INADDR_ANY) 978 wildcard++; 979 if (inp->inp_laddr.s_addr != INADDR_ANY) { 980 if (laddr.s_addr == INADDR_ANY) 981 wildcard++; 982 else if (inp->inp_laddr.s_addr != laddr.s_addr) 983 continue; 984 } else { 985 if (laddr.s_addr != INADDR_ANY) 986 wildcard++; 987 } 988 if (wildcard < matchwild) { 989 match = inp; 990 matchwild = wildcard; 991 if (matchwild == 0) { 992 break; 993 } 994 } 995 } 996 } 997 return (match); 998 } 999 } 1000 1001 /* 1002 * Lookup PCB in hash list. 1003 */ 1004 struct inpcb * 1005 in_pcblookup_hash(pcbinfo, faddr, fport_arg, laddr, lport_arg, wildcard, 1006 ifp) 1007 struct inpcbinfo *pcbinfo; 1008 struct in_addr faddr, laddr; 1009 u_int fport_arg, lport_arg; 1010 int wildcard; 1011 struct ifnet *ifp; 1012 { 1013 struct inpcbhead *head; 1014 register struct inpcb *inp; 1015 u_short fport = fport_arg, lport = lport_arg; 1016 1017 INP_INFO_RLOCK_ASSERT(pcbinfo); 1018 /* 1019 * First look for an exact match. 1020 */ 1021 head = &pcbinfo->hashbase[INP_PCBHASH(faddr.s_addr, lport, fport, pcbinfo->hashmask)]; 1022 LIST_FOREACH(inp, head, inp_hash) { 1023 #ifdef INET6 1024 if ((inp->inp_vflag & INP_IPV4) == 0) 1025 continue; 1026 #endif 1027 if (inp->inp_faddr.s_addr == faddr.s_addr && 1028 inp->inp_laddr.s_addr == laddr.s_addr && 1029 inp->inp_fport == fport && 1030 inp->inp_lport == lport) { 1031 /* 1032 * Found. 1033 */ 1034 return (inp); 1035 } 1036 } 1037 if (wildcard) { 1038 struct inpcb *local_wild = NULL; 1039 #if defined(INET6) 1040 struct inpcb *local_wild_mapped = NULL; 1041 #endif /* defined(INET6) */ 1042 1043 head = &pcbinfo->hashbase[INP_PCBHASH(INADDR_ANY, lport, 0, pcbinfo->hashmask)]; 1044 LIST_FOREACH(inp, head, inp_hash) { 1045 #ifdef INET6 1046 if ((inp->inp_vflag & INP_IPV4) == 0) 1047 continue; 1048 #endif 1049 if (inp->inp_faddr.s_addr == INADDR_ANY && 1050 inp->inp_lport == lport) { 1051 if (ifp && ifp->if_type == IFT_FAITH && 1052 (inp->inp_flags & INP_FAITH) == 0) 1053 continue; 1054 if (inp->inp_laddr.s_addr == laddr.s_addr) 1055 return (inp); 1056 else if (inp->inp_laddr.s_addr == INADDR_ANY) { 1057 #if defined(INET6) 1058 if (INP_CHECK_SOCKAF(inp->inp_socket, 1059 AF_INET6)) 1060 local_wild_mapped = inp; 1061 else 1062 #endif /* defined(INET6) */ 1063 local_wild = inp; 1064 } 1065 } 1066 } 1067 #if defined(INET6) 1068 if (local_wild == NULL) 1069 return (local_wild_mapped); 1070 #endif /* defined(INET6) */ 1071 return (local_wild); 1072 } 1073 1074 /* 1075 * Not found. 1076 */ 1077 return (NULL); 1078 } 1079 1080 /* 1081 * Insert PCB onto various hash lists. 1082 */ 1083 int 1084 in_pcbinshash(inp) 1085 struct inpcb *inp; 1086 { 1087 struct inpcbhead *pcbhash; 1088 struct inpcbporthead *pcbporthash; 1089 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 1090 struct inpcbport *phd; 1091 u_int32_t hashkey_faddr; 1092 1093 INP_INFO_WLOCK_ASSERT(pcbinfo); 1094 #ifdef INET6 1095 if (inp->inp_vflag & INP_IPV6) 1096 hashkey_faddr = inp->in6p_faddr.s6_addr32[3] /* XXX */; 1097 else 1098 #endif /* INET6 */ 1099 hashkey_faddr = inp->inp_faddr.s_addr; 1100 1101 pcbhash = &pcbinfo->hashbase[INP_PCBHASH(hashkey_faddr, 1102 inp->inp_lport, inp->inp_fport, pcbinfo->hashmask)]; 1103 1104 pcbporthash = &pcbinfo->porthashbase[INP_PCBPORTHASH(inp->inp_lport, 1105 pcbinfo->porthashmask)]; 1106 1107 /* 1108 * Go through port list and look for a head for this lport. 1109 */ 1110 LIST_FOREACH(phd, pcbporthash, phd_hash) { 1111 if (phd->phd_port == inp->inp_lport) 1112 break; 1113 } 1114 /* 1115 * If none exists, malloc one and tack it on. 1116 */ 1117 if (phd == NULL) { 1118 MALLOC(phd, struct inpcbport *, sizeof(struct inpcbport), M_PCB, M_NOWAIT); 1119 if (phd == NULL) { 1120 return (ENOBUFS); /* XXX */ 1121 } 1122 phd->phd_port = inp->inp_lport; 1123 LIST_INIT(&phd->phd_pcblist); 1124 LIST_INSERT_HEAD(pcbporthash, phd, phd_hash); 1125 } 1126 inp->inp_phd = phd; 1127 LIST_INSERT_HEAD(&phd->phd_pcblist, inp, inp_portlist); 1128 LIST_INSERT_HEAD(pcbhash, inp, inp_hash); 1129 return (0); 1130 } 1131 1132 /* 1133 * Move PCB to the proper hash bucket when { faddr, fport } have been 1134 * changed. NOTE: This does not handle the case of the lport changing (the 1135 * hashed port list would have to be updated as well), so the lport must 1136 * not change after in_pcbinshash() has been called. 1137 */ 1138 void 1139 in_pcbrehash(inp) 1140 struct inpcb *inp; 1141 { 1142 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 1143 struct inpcbhead *head; 1144 u_int32_t hashkey_faddr; 1145 1146 INP_INFO_WLOCK_ASSERT(pcbinfo); 1147 INP_LOCK_ASSERT(inp); 1148 #ifdef INET6 1149 if (inp->inp_vflag & INP_IPV6) 1150 hashkey_faddr = inp->in6p_faddr.s6_addr32[3] /* XXX */; 1151 else 1152 #endif /* INET6 */ 1153 hashkey_faddr = inp->inp_faddr.s_addr; 1154 1155 head = &pcbinfo->hashbase[INP_PCBHASH(hashkey_faddr, 1156 inp->inp_lport, inp->inp_fport, pcbinfo->hashmask)]; 1157 1158 LIST_REMOVE(inp, inp_hash); 1159 LIST_INSERT_HEAD(head, inp, inp_hash); 1160 } 1161 1162 /* 1163 * Remove PCB from various lists. 1164 */ 1165 void 1166 in_pcbremlists(inp) 1167 struct inpcb *inp; 1168 { 1169 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 1170 1171 INP_INFO_WLOCK_ASSERT(pcbinfo); 1172 INP_LOCK_ASSERT(inp); 1173 1174 inp->inp_gencnt = ++pcbinfo->ipi_gencnt; 1175 if (inp->inp_lport) { 1176 struct inpcbport *phd = inp->inp_phd; 1177 1178 LIST_REMOVE(inp, inp_hash); 1179 LIST_REMOVE(inp, inp_portlist); 1180 if (LIST_FIRST(&phd->phd_pcblist) == NULL) { 1181 LIST_REMOVE(phd, phd_hash); 1182 free(phd, M_PCB); 1183 } 1184 } 1185 LIST_REMOVE(inp, inp_list); 1186 pcbinfo->ipi_count--; 1187 } 1188 1189 /* 1190 * A set label operation has occurred at the socket layer, propagate the 1191 * label change into the in_pcb for the socket. 1192 */ 1193 void 1194 in_pcbsosetlabel(so) 1195 struct socket *so; 1196 { 1197 #ifdef MAC 1198 struct inpcb *inp; 1199 1200 inp = (struct inpcb *)so->so_pcb; 1201 INP_LOCK(inp); 1202 SOCK_LOCK(so); 1203 mac_inpcb_sosetlabel(so, inp); 1204 SOCK_UNLOCK(so); 1205 INP_UNLOCK(inp); 1206 #endif 1207 } 1208 1209 /* 1210 * ipport_tick runs once per second, determining if random port 1211 * allocation should be continued. If more than ipport_randomcps 1212 * ports have been allocated in the last second, then we return to 1213 * sequential port allocation. We return to random allocation only 1214 * once we drop below ipport_randomcps for at least 5 seconds. 1215 */ 1216 1217 void 1218 ipport_tick(xtp) 1219 void *xtp; 1220 { 1221 if (ipport_tcpallocs > ipport_tcplastcount + ipport_randomcps) { 1222 ipport_stoprandom = ipport_randomtime; 1223 } else { 1224 if (ipport_stoprandom > 0) 1225 ipport_stoprandom--; 1226 } 1227 ipport_tcplastcount = ipport_tcpallocs; 1228 callout_reset(&ipport_tick_callout, hz, ipport_tick, NULL); 1229 } 1230