1 /*- 2 * Copyright (c) 1982, 1986, 1988, 1990, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * @(#)ip_output.c 8.3 (Berkeley) 1/21/94 30 */ 31 32 #include <sys/cdefs.h> 33 __FBSDID("$FreeBSD$"); 34 35 #include "opt_ipfw.h" 36 #include "opt_ipsec.h" 37 #include "opt_mac.h" 38 #include "opt_mbuf_stress_test.h" 39 40 #include <sys/param.h> 41 #include <sys/systm.h> 42 #include <sys/kernel.h> 43 #include <sys/malloc.h> 44 #include <sys/mbuf.h> 45 #include <sys/priv.h> 46 #include <sys/proc.h> 47 #include <sys/protosw.h> 48 #include <sys/socket.h> 49 #include <sys/socketvar.h> 50 #include <sys/sysctl.h> 51 #include <sys/ucred.h> 52 53 #include <net/if.h> 54 #include <net/netisr.h> 55 #include <net/pfil.h> 56 #include <net/route.h> 57 58 #include <netinet/in.h> 59 #include <netinet/in_systm.h> 60 #include <netinet/ip.h> 61 #include <netinet/in_pcb.h> 62 #include <netinet/in_var.h> 63 #include <netinet/ip_var.h> 64 #include <netinet/ip_options.h> 65 66 #ifdef IPSEC 67 #include <netinet/ip_ipsec.h> 68 #include <netipsec/ipsec.h> 69 #endif /* IPSEC*/ 70 71 #include <machine/in_cksum.h> 72 73 #include <security/mac/mac_framework.h> 74 75 #define print_ip(x, a, y) printf("%s %d.%d.%d.%d%s",\ 76 x, (ntohl(a.s_addr)>>24)&0xFF,\ 77 (ntohl(a.s_addr)>>16)&0xFF,\ 78 (ntohl(a.s_addr)>>8)&0xFF,\ 79 (ntohl(a.s_addr))&0xFF, y); 80 81 u_short ip_id; 82 83 #ifdef MBUF_STRESS_TEST 84 int mbuf_frag_size = 0; 85 SYSCTL_INT(_net_inet_ip, OID_AUTO, mbuf_frag_size, CTLFLAG_RW, 86 &mbuf_frag_size, 0, "Fragment outgoing mbufs to this size"); 87 #endif 88 89 static void ip_mloopback 90 (struct ifnet *, struct mbuf *, struct sockaddr_in *, int); 91 92 93 extern struct protosw inetsw[]; 94 95 /* 96 * IP output. The packet in mbuf chain m contains a skeletal IP 97 * header (with len, off, ttl, proto, tos, src, dst). 98 * The mbuf chain containing the packet will be freed. 99 * The mbuf opt, if present, will not be freed. 100 * In the IP forwarding case, the packet will arrive with options already 101 * inserted, so must have a NULL opt pointer. 102 */ 103 int 104 ip_output(struct mbuf *m, struct mbuf *opt, struct route *ro, int flags, 105 struct ip_moptions *imo, struct inpcb *inp) 106 { 107 struct ip *ip; 108 struct ifnet *ifp = NULL; /* keep compiler happy */ 109 struct mbuf *m0; 110 int hlen = sizeof (struct ip); 111 int mtu; 112 int len, error = 0; 113 struct sockaddr_in *dst = NULL; /* keep compiler happy */ 114 struct in_ifaddr *ia = NULL; 115 int isbroadcast, sw_csum; 116 struct route iproute; 117 struct in_addr odst; 118 #ifdef IPFIREWALL_FORWARD 119 struct m_tag *fwd_tag = NULL; 120 #endif 121 M_ASSERTPKTHDR(m); 122 123 if (ro == NULL) { 124 ro = &iproute; 125 bzero(ro, sizeof (*ro)); 126 } 127 128 if (inp != NULL) 129 INP_LOCK_ASSERT(inp); 130 131 if (opt) { 132 len = 0; 133 m = ip_insertoptions(m, opt, &len); 134 if (len != 0) 135 hlen = len; 136 } 137 ip = mtod(m, struct ip *); 138 139 /* 140 * Fill in IP header. If we are not allowing fragmentation, 141 * then the ip_id field is meaningless, but we don't set it 142 * to zero. Doing so causes various problems when devices along 143 * the path (routers, load balancers, firewalls, etc.) illegally 144 * disable DF on our packet. Note that a 16-bit counter 145 * will wrap around in less than 10 seconds at 100 Mbit/s on a 146 * medium with MTU 1500. See Steven M. Bellovin, "A Technique 147 * for Counting NATted Hosts", Proc. IMW'02, available at 148 * <http://www.cs.columbia.edu/~smb/papers/fnat.pdf>. 149 */ 150 if ((flags & (IP_FORWARDING|IP_RAWOUTPUT)) == 0) { 151 ip->ip_v = IPVERSION; 152 ip->ip_hl = hlen >> 2; 153 ip->ip_id = ip_newid(); 154 ipstat.ips_localout++; 155 } else { 156 hlen = ip->ip_hl << 2; 157 } 158 159 dst = (struct sockaddr_in *)&ro->ro_dst; 160 again: 161 /* 162 * If there is a cached route, 163 * check that it is to the same destination 164 * and is still up. If not, free it and try again. 165 * The address family should also be checked in case of sharing the 166 * cache with IPv6. 167 */ 168 if (ro->ro_rt && ((ro->ro_rt->rt_flags & RTF_UP) == 0 || 169 dst->sin_family != AF_INET || 170 dst->sin_addr.s_addr != ip->ip_dst.s_addr)) { 171 RTFREE(ro->ro_rt); 172 ro->ro_rt = (struct rtentry *)NULL; 173 } 174 #ifdef IPFIREWALL_FORWARD 175 if (ro->ro_rt == NULL && fwd_tag == NULL) { 176 #else 177 if (ro->ro_rt == NULL) { 178 #endif 179 bzero(dst, sizeof(*dst)); 180 dst->sin_family = AF_INET; 181 dst->sin_len = sizeof(*dst); 182 dst->sin_addr = ip->ip_dst; 183 } 184 /* 185 * If routing to interface only, short circuit routing lookup. 186 * The use of an all-ones broadcast address implies this; an 187 * interface is specified by the broadcast address of an interface, 188 * or the destination address of a ptp interface. 189 */ 190 if (flags & IP_SENDONES) { 191 if ((ia = ifatoia(ifa_ifwithbroadaddr(sintosa(dst)))) == NULL && 192 (ia = ifatoia(ifa_ifwithdstaddr(sintosa(dst)))) == NULL) { 193 ipstat.ips_noroute++; 194 error = ENETUNREACH; 195 goto bad; 196 } 197 ip->ip_dst.s_addr = INADDR_BROADCAST; 198 dst->sin_addr = ip->ip_dst; 199 ifp = ia->ia_ifp; 200 ip->ip_ttl = 1; 201 isbroadcast = 1; 202 } else if (flags & IP_ROUTETOIF) { 203 if ((ia = ifatoia(ifa_ifwithdstaddr(sintosa(dst)))) == NULL && 204 (ia = ifatoia(ifa_ifwithnet(sintosa(dst)))) == NULL) { 205 ipstat.ips_noroute++; 206 error = ENETUNREACH; 207 goto bad; 208 } 209 ifp = ia->ia_ifp; 210 ip->ip_ttl = 1; 211 isbroadcast = in_broadcast(dst->sin_addr, ifp); 212 } else if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr)) && 213 imo != NULL && imo->imo_multicast_ifp != NULL) { 214 /* 215 * Bypass the normal routing lookup for multicast 216 * packets if the interface is specified. 217 */ 218 ifp = imo->imo_multicast_ifp; 219 IFP_TO_IA(ifp, ia); 220 isbroadcast = 0; /* fool gcc */ 221 } else { 222 /* 223 * We want to do any cloning requested by the link layer, 224 * as this is probably required in all cases for correct 225 * operation (as it is for ARP). 226 */ 227 if (ro->ro_rt == NULL) 228 rtalloc_ign(ro, 0); 229 if (ro->ro_rt == NULL) { 230 ipstat.ips_noroute++; 231 error = EHOSTUNREACH; 232 goto bad; 233 } 234 ia = ifatoia(ro->ro_rt->rt_ifa); 235 ifp = ro->ro_rt->rt_ifp; 236 ro->ro_rt->rt_rmx.rmx_pksent++; 237 if (ro->ro_rt->rt_flags & RTF_GATEWAY) 238 dst = (struct sockaddr_in *)ro->ro_rt->rt_gateway; 239 if (ro->ro_rt->rt_flags & RTF_HOST) 240 isbroadcast = (ro->ro_rt->rt_flags & RTF_BROADCAST); 241 else 242 isbroadcast = in_broadcast(dst->sin_addr, ifp); 243 } 244 /* 245 * Calculate MTU. If we have a route that is up, use that, 246 * otherwise use the interface's MTU. 247 */ 248 if (ro->ro_rt != NULL && (ro->ro_rt->rt_flags & (RTF_UP|RTF_HOST))) { 249 /* 250 * This case can happen if the user changed the MTU 251 * of an interface after enabling IP on it. Because 252 * most netifs don't keep track of routes pointing to 253 * them, there is no way for one to update all its 254 * routes when the MTU is changed. 255 */ 256 if (ro->ro_rt->rt_rmx.rmx_mtu > ifp->if_mtu) 257 ro->ro_rt->rt_rmx.rmx_mtu = ifp->if_mtu; 258 mtu = ro->ro_rt->rt_rmx.rmx_mtu; 259 } else { 260 mtu = ifp->if_mtu; 261 } 262 if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) { 263 struct in_multi *inm; 264 265 m->m_flags |= M_MCAST; 266 /* 267 * IP destination address is multicast. Make sure "dst" 268 * still points to the address in "ro". (It may have been 269 * changed to point to a gateway address, above.) 270 */ 271 dst = (struct sockaddr_in *)&ro->ro_dst; 272 /* 273 * See if the caller provided any multicast options 274 */ 275 if (imo != NULL) { 276 ip->ip_ttl = imo->imo_multicast_ttl; 277 if (imo->imo_multicast_vif != -1) 278 ip->ip_src.s_addr = 279 ip_mcast_src ? 280 ip_mcast_src(imo->imo_multicast_vif) : 281 INADDR_ANY; 282 } else 283 ip->ip_ttl = IP_DEFAULT_MULTICAST_TTL; 284 /* 285 * Confirm that the outgoing interface supports multicast. 286 */ 287 if ((imo == NULL) || (imo->imo_multicast_vif == -1)) { 288 if ((ifp->if_flags & IFF_MULTICAST) == 0) { 289 ipstat.ips_noroute++; 290 error = ENETUNREACH; 291 goto bad; 292 } 293 } 294 /* 295 * If source address not specified yet, use address 296 * of outgoing interface. 297 */ 298 if (ip->ip_src.s_addr == INADDR_ANY) { 299 /* Interface may have no addresses. */ 300 if (ia != NULL) 301 ip->ip_src = IA_SIN(ia)->sin_addr; 302 } 303 304 IN_MULTI_LOCK(); 305 IN_LOOKUP_MULTI(ip->ip_dst, ifp, inm); 306 if (inm != NULL && 307 (imo == NULL || imo->imo_multicast_loop)) { 308 IN_MULTI_UNLOCK(); 309 /* 310 * If we belong to the destination multicast group 311 * on the outgoing interface, and the caller did not 312 * forbid loopback, loop back a copy. 313 */ 314 ip_mloopback(ifp, m, dst, hlen); 315 } 316 else { 317 IN_MULTI_UNLOCK(); 318 /* 319 * If we are acting as a multicast router, perform 320 * multicast forwarding as if the packet had just 321 * arrived on the interface to which we are about 322 * to send. The multicast forwarding function 323 * recursively calls this function, using the 324 * IP_FORWARDING flag to prevent infinite recursion. 325 * 326 * Multicasts that are looped back by ip_mloopback(), 327 * above, will be forwarded by the ip_input() routine, 328 * if necessary. 329 */ 330 if (ip_mrouter && (flags & IP_FORWARDING) == 0) { 331 /* 332 * If rsvp daemon is not running, do not 333 * set ip_moptions. This ensures that the packet 334 * is multicast and not just sent down one link 335 * as prescribed by rsvpd. 336 */ 337 if (!rsvp_on) 338 imo = NULL; 339 if (ip_mforward && 340 ip_mforward(ip, ifp, m, imo) != 0) { 341 m_freem(m); 342 goto done; 343 } 344 } 345 } 346 347 /* 348 * Multicasts with a time-to-live of zero may be looped- 349 * back, above, but must not be transmitted on a network. 350 * Also, multicasts addressed to the loopback interface 351 * are not sent -- the above call to ip_mloopback() will 352 * loop back a copy if this host actually belongs to the 353 * destination group on the loopback interface. 354 */ 355 if (ip->ip_ttl == 0 || ifp->if_flags & IFF_LOOPBACK) { 356 m_freem(m); 357 goto done; 358 } 359 360 goto sendit; 361 } 362 363 /* 364 * If the source address is not specified yet, use the address 365 * of the outoing interface. 366 */ 367 if (ip->ip_src.s_addr == INADDR_ANY) { 368 /* Interface may have no addresses. */ 369 if (ia != NULL) { 370 ip->ip_src = IA_SIN(ia)->sin_addr; 371 } 372 } 373 374 /* 375 * Verify that we have any chance at all of being able to queue the 376 * packet or packet fragments, unless ALTQ is enabled on the given 377 * interface in which case packetdrop should be done by queueing. 378 */ 379 #ifdef ALTQ 380 if ((!ALTQ_IS_ENABLED(&ifp->if_snd)) && 381 ((ifp->if_snd.ifq_len + ip->ip_len / mtu + 1) >= 382 ifp->if_snd.ifq_maxlen)) 383 #else 384 if ((ifp->if_snd.ifq_len + ip->ip_len / mtu + 1) >= 385 ifp->if_snd.ifq_maxlen) 386 #endif /* ALTQ */ 387 { 388 error = ENOBUFS; 389 ipstat.ips_odropped++; 390 ifp->if_snd.ifq_drops += (ip->ip_len / ifp->if_mtu + 1); 391 goto bad; 392 } 393 394 /* 395 * Look for broadcast address and 396 * verify user is allowed to send 397 * such a packet. 398 */ 399 if (isbroadcast) { 400 if ((ifp->if_flags & IFF_BROADCAST) == 0) { 401 error = EADDRNOTAVAIL; 402 goto bad; 403 } 404 if ((flags & IP_ALLOWBROADCAST) == 0) { 405 error = EACCES; 406 goto bad; 407 } 408 /* don't allow broadcast messages to be fragmented */ 409 if (ip->ip_len > mtu) { 410 error = EMSGSIZE; 411 goto bad; 412 } 413 m->m_flags |= M_BCAST; 414 } else { 415 m->m_flags &= ~M_BCAST; 416 } 417 418 sendit: 419 #ifdef IPSEC 420 switch(ip_ipsec_output(&m, inp, &flags, &error, &ro, &iproute, &dst, &ia, &ifp)) { 421 case 1: 422 goto bad; 423 case -1: 424 goto done; 425 case 0: 426 default: 427 break; /* Continue with packet processing. */ 428 } 429 /* Update variables that are affected by ipsec4_output(). */ 430 ip = mtod(m, struct ip *); 431 hlen = ip->ip_hl << 2; 432 #endif /* IPSEC */ 433 434 /* Jump over all PFIL processing if hooks are not active. */ 435 if (!PFIL_HOOKED(&inet_pfil_hook)) 436 goto passout; 437 438 /* Run through list of hooks for output packets. */ 439 odst.s_addr = ip->ip_dst.s_addr; 440 error = pfil_run_hooks(&inet_pfil_hook, &m, ifp, PFIL_OUT, inp); 441 if (error != 0 || m == NULL) 442 goto done; 443 444 ip = mtod(m, struct ip *); 445 446 /* See if destination IP address was changed by packet filter. */ 447 if (odst.s_addr != ip->ip_dst.s_addr) { 448 m->m_flags |= M_SKIP_FIREWALL; 449 /* If destination is now ourself drop to ip_input(). */ 450 if (in_localip(ip->ip_dst)) { 451 m->m_flags |= M_FASTFWD_OURS; 452 if (m->m_pkthdr.rcvif == NULL) 453 m->m_pkthdr.rcvif = loif; 454 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA) { 455 m->m_pkthdr.csum_flags |= 456 CSUM_DATA_VALID | CSUM_PSEUDO_HDR; 457 m->m_pkthdr.csum_data = 0xffff; 458 } 459 m->m_pkthdr.csum_flags |= 460 CSUM_IP_CHECKED | CSUM_IP_VALID; 461 462 error = netisr_queue(NETISR_IP, m); 463 goto done; 464 } else 465 goto again; /* Redo the routing table lookup. */ 466 } 467 468 #ifdef IPFIREWALL_FORWARD 469 /* See if local, if yes, send it to netisr with IP_FASTFWD_OURS. */ 470 if (m->m_flags & M_FASTFWD_OURS) { 471 if (m->m_pkthdr.rcvif == NULL) 472 m->m_pkthdr.rcvif = loif; 473 if (m->m_pkthdr.csum_flags & CSUM_DELAY_DATA) { 474 m->m_pkthdr.csum_flags |= 475 CSUM_DATA_VALID | CSUM_PSEUDO_HDR; 476 m->m_pkthdr.csum_data = 0xffff; 477 } 478 m->m_pkthdr.csum_flags |= 479 CSUM_IP_CHECKED | CSUM_IP_VALID; 480 481 error = netisr_queue(NETISR_IP, m); 482 goto done; 483 } 484 /* Or forward to some other address? */ 485 fwd_tag = m_tag_find(m, PACKET_TAG_IPFORWARD, NULL); 486 if (fwd_tag) { 487 dst = (struct sockaddr_in *)&ro->ro_dst; 488 bcopy((fwd_tag+1), dst, sizeof(struct sockaddr_in)); 489 m->m_flags |= M_SKIP_FIREWALL; 490 m_tag_delete(m, fwd_tag); 491 goto again; 492 } 493 #endif /* IPFIREWALL_FORWARD */ 494 495 passout: 496 /* 127/8 must not appear on wire - RFC1122. */ 497 if ((ntohl(ip->ip_dst.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET || 498 (ntohl(ip->ip_src.s_addr) >> IN_CLASSA_NSHIFT) == IN_LOOPBACKNET) { 499 if ((ifp->if_flags & IFF_LOOPBACK) == 0) { 500 ipstat.ips_badaddr++; 501 error = EADDRNOTAVAIL; 502 goto bad; 503 } 504 } 505 506 m->m_pkthdr.csum_flags |= CSUM_IP; 507 sw_csum = m->m_pkthdr.csum_flags & ~ifp->if_hwassist; 508 if (sw_csum & CSUM_DELAY_DATA) { 509 in_delayed_cksum(m); 510 sw_csum &= ~CSUM_DELAY_DATA; 511 } 512 m->m_pkthdr.csum_flags &= ifp->if_hwassist; 513 514 /* 515 * If small enough for interface, or the interface will take 516 * care of the fragmentation for us, we can just send directly. 517 */ 518 if (ip->ip_len <= mtu || 519 (m->m_pkthdr.csum_flags & ifp->if_hwassist & CSUM_TSO) != 0 || 520 ((ip->ip_off & IP_DF) == 0 && (ifp->if_hwassist & CSUM_FRAGMENT))) { 521 ip->ip_len = htons(ip->ip_len); 522 ip->ip_off = htons(ip->ip_off); 523 ip->ip_sum = 0; 524 if (sw_csum & CSUM_DELAY_IP) 525 ip->ip_sum = in_cksum(m, hlen); 526 527 /* 528 * Record statistics for this interface address. 529 * With CSUM_TSO the byte/packet count will be slightly 530 * incorrect because we count the IP+TCP headers only 531 * once instead of for every generated packet. 532 */ 533 if (!(flags & IP_FORWARDING) && ia) { 534 if (m->m_pkthdr.csum_flags & CSUM_TSO) 535 ia->ia_ifa.if_opackets += 536 m->m_pkthdr.len / m->m_pkthdr.tso_segsz; 537 else 538 ia->ia_ifa.if_opackets++; 539 ia->ia_ifa.if_obytes += m->m_pkthdr.len; 540 } 541 #ifdef MBUF_STRESS_TEST 542 if (mbuf_frag_size && m->m_pkthdr.len > mbuf_frag_size) 543 m = m_fragment(m, M_DONTWAIT, mbuf_frag_size); 544 #endif 545 /* 546 * Reset layer specific mbuf flags 547 * to avoid confusing lower layers. 548 */ 549 m->m_flags &= ~(M_PROTOFLAGS); 550 551 error = (*ifp->if_output)(ifp, m, 552 (struct sockaddr *)dst, ro->ro_rt); 553 goto done; 554 } 555 556 /* Balk when DF bit is set or the interface didn't support TSO. */ 557 if ((ip->ip_off & IP_DF) || (m->m_pkthdr.csum_flags & CSUM_TSO)) { 558 error = EMSGSIZE; 559 ipstat.ips_cantfrag++; 560 goto bad; 561 } 562 563 /* 564 * Too large for interface; fragment if possible. If successful, 565 * on return, m will point to a list of packets to be sent. 566 */ 567 error = ip_fragment(ip, &m, mtu, ifp->if_hwassist, sw_csum); 568 if (error) 569 goto bad; 570 for (; m; m = m0) { 571 m0 = m->m_nextpkt; 572 m->m_nextpkt = 0; 573 if (error == 0) { 574 /* Record statistics for this interface address. */ 575 if (ia != NULL) { 576 ia->ia_ifa.if_opackets++; 577 ia->ia_ifa.if_obytes += m->m_pkthdr.len; 578 } 579 /* 580 * Reset layer specific mbuf flags 581 * to avoid confusing upper layers. 582 */ 583 m->m_flags &= ~(M_PROTOFLAGS); 584 585 error = (*ifp->if_output)(ifp, m, 586 (struct sockaddr *)dst, ro->ro_rt); 587 } else 588 m_freem(m); 589 } 590 591 if (error == 0) 592 ipstat.ips_fragmented++; 593 594 done: 595 if (ro == &iproute && ro->ro_rt) { 596 RTFREE(ro->ro_rt); 597 } 598 return (error); 599 bad: 600 m_freem(m); 601 goto done; 602 } 603 604 /* 605 * Create a chain of fragments which fit the given mtu. m_frag points to the 606 * mbuf to be fragmented; on return it points to the chain with the fragments. 607 * Return 0 if no error. If error, m_frag may contain a partially built 608 * chain of fragments that should be freed by the caller. 609 * 610 * if_hwassist_flags is the hw offload capabilities (see if_data.ifi_hwassist) 611 * sw_csum contains the delayed checksums flags (e.g., CSUM_DELAY_IP). 612 */ 613 int 614 ip_fragment(struct ip *ip, struct mbuf **m_frag, int mtu, 615 u_long if_hwassist_flags, int sw_csum) 616 { 617 int error = 0; 618 int hlen = ip->ip_hl << 2; 619 int len = (mtu - hlen) & ~7; /* size of payload in each fragment */ 620 int off; 621 struct mbuf *m0 = *m_frag; /* the original packet */ 622 int firstlen; 623 struct mbuf **mnext; 624 int nfrags; 625 626 if (ip->ip_off & IP_DF) { /* Fragmentation not allowed */ 627 ipstat.ips_cantfrag++; 628 return EMSGSIZE; 629 } 630 631 /* 632 * Must be able to put at least 8 bytes per fragment. 633 */ 634 if (len < 8) 635 return EMSGSIZE; 636 637 /* 638 * If the interface will not calculate checksums on 639 * fragmented packets, then do it here. 640 */ 641 if (m0->m_pkthdr.csum_flags & CSUM_DELAY_DATA && 642 (if_hwassist_flags & CSUM_IP_FRAGS) == 0) { 643 in_delayed_cksum(m0); 644 m0->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA; 645 } 646 647 if (len > PAGE_SIZE) { 648 /* 649 * Fragment large datagrams such that each segment 650 * contains a multiple of PAGE_SIZE amount of data, 651 * plus headers. This enables a receiver to perform 652 * page-flipping zero-copy optimizations. 653 * 654 * XXX When does this help given that sender and receiver 655 * could have different page sizes, and also mtu could 656 * be less than the receiver's page size ? 657 */ 658 int newlen; 659 struct mbuf *m; 660 661 for (m = m0, off = 0; m && (off+m->m_len) <= mtu; m = m->m_next) 662 off += m->m_len; 663 664 /* 665 * firstlen (off - hlen) must be aligned on an 666 * 8-byte boundary 667 */ 668 if (off < hlen) 669 goto smart_frag_failure; 670 off = ((off - hlen) & ~7) + hlen; 671 newlen = (~PAGE_MASK) & mtu; 672 if ((newlen + sizeof (struct ip)) > mtu) { 673 /* we failed, go back the default */ 674 smart_frag_failure: 675 newlen = len; 676 off = hlen + len; 677 } 678 len = newlen; 679 680 } else { 681 off = hlen + len; 682 } 683 684 firstlen = off - hlen; 685 mnext = &m0->m_nextpkt; /* pointer to next packet */ 686 687 /* 688 * Loop through length of segment after first fragment, 689 * make new header and copy data of each part and link onto chain. 690 * Here, m0 is the original packet, m is the fragment being created. 691 * The fragments are linked off the m_nextpkt of the original 692 * packet, which after processing serves as the first fragment. 693 */ 694 for (nfrags = 1; off < ip->ip_len; off += len, nfrags++) { 695 struct ip *mhip; /* ip header on the fragment */ 696 struct mbuf *m; 697 int mhlen = sizeof (struct ip); 698 699 MGETHDR(m, M_DONTWAIT, MT_DATA); 700 if (m == NULL) { 701 error = ENOBUFS; 702 ipstat.ips_odropped++; 703 goto done; 704 } 705 m->m_flags |= (m0->m_flags & M_MCAST) | M_FRAG; 706 /* 707 * In the first mbuf, leave room for the link header, then 708 * copy the original IP header including options. The payload 709 * goes into an additional mbuf chain returned by m_copy(). 710 */ 711 m->m_data += max_linkhdr; 712 mhip = mtod(m, struct ip *); 713 *mhip = *ip; 714 if (hlen > sizeof (struct ip)) { 715 mhlen = ip_optcopy(ip, mhip) + sizeof (struct ip); 716 mhip->ip_v = IPVERSION; 717 mhip->ip_hl = mhlen >> 2; 718 } 719 m->m_len = mhlen; 720 /* XXX do we need to add ip->ip_off below ? */ 721 mhip->ip_off = ((off - hlen) >> 3) + ip->ip_off; 722 if (off + len >= ip->ip_len) { /* last fragment */ 723 len = ip->ip_len - off; 724 m->m_flags |= M_LASTFRAG; 725 } else 726 mhip->ip_off |= IP_MF; 727 mhip->ip_len = htons((u_short)(len + mhlen)); 728 m->m_next = m_copy(m0, off, len); 729 if (m->m_next == NULL) { /* copy failed */ 730 m_free(m); 731 error = ENOBUFS; /* ??? */ 732 ipstat.ips_odropped++; 733 goto done; 734 } 735 m->m_pkthdr.len = mhlen + len; 736 m->m_pkthdr.rcvif = NULL; 737 #ifdef MAC 738 mac_netinet_fragment(m0, m); 739 #endif 740 m->m_pkthdr.csum_flags = m0->m_pkthdr.csum_flags; 741 mhip->ip_off = htons(mhip->ip_off); 742 mhip->ip_sum = 0; 743 if (sw_csum & CSUM_DELAY_IP) 744 mhip->ip_sum = in_cksum(m, mhlen); 745 *mnext = m; 746 mnext = &m->m_nextpkt; 747 } 748 ipstat.ips_ofragments += nfrags; 749 750 /* set first marker for fragment chain */ 751 m0->m_flags |= M_FIRSTFRAG | M_FRAG; 752 m0->m_pkthdr.csum_data = nfrags; 753 754 /* 755 * Update first fragment by trimming what's been copied out 756 * and updating header. 757 */ 758 m_adj(m0, hlen + firstlen - ip->ip_len); 759 m0->m_pkthdr.len = hlen + firstlen; 760 ip->ip_len = htons((u_short)m0->m_pkthdr.len); 761 ip->ip_off |= IP_MF; 762 ip->ip_off = htons(ip->ip_off); 763 ip->ip_sum = 0; 764 if (sw_csum & CSUM_DELAY_IP) 765 ip->ip_sum = in_cksum(m0, hlen); 766 767 done: 768 *m_frag = m0; 769 return error; 770 } 771 772 void 773 in_delayed_cksum(struct mbuf *m) 774 { 775 struct ip *ip; 776 u_short csum, offset; 777 778 ip = mtod(m, struct ip *); 779 offset = ip->ip_hl << 2 ; 780 csum = in_cksum_skip(m, ip->ip_len, offset); 781 if (m->m_pkthdr.csum_flags & CSUM_UDP && csum == 0) 782 csum = 0xffff; 783 offset += m->m_pkthdr.csum_data; /* checksum offset */ 784 785 if (offset + sizeof(u_short) > m->m_len) { 786 printf("delayed m_pullup, m->len: %d off: %d p: %d\n", 787 m->m_len, offset, ip->ip_p); 788 /* 789 * XXX 790 * this shouldn't happen, but if it does, the 791 * correct behavior may be to insert the checksum 792 * in the appropriate next mbuf in the chain. 793 */ 794 return; 795 } 796 *(u_short *)(m->m_data + offset) = csum; 797 } 798 799 /* 800 * IP socket option processing. 801 */ 802 int 803 ip_ctloutput(struct socket *so, struct sockopt *sopt) 804 { 805 struct inpcb *inp = sotoinpcb(so); 806 int error, optval; 807 808 error = optval = 0; 809 if (sopt->sopt_level != IPPROTO_IP) { 810 return (EINVAL); 811 } 812 813 switch (sopt->sopt_dir) { 814 case SOPT_SET: 815 switch (sopt->sopt_name) { 816 case IP_OPTIONS: 817 #ifdef notyet 818 case IP_RETOPTS: 819 #endif 820 { 821 struct mbuf *m; 822 if (sopt->sopt_valsize > MLEN) { 823 error = EMSGSIZE; 824 break; 825 } 826 MGET(m, sopt->sopt_td ? M_WAIT : M_DONTWAIT, MT_DATA); 827 if (m == NULL) { 828 error = ENOBUFS; 829 break; 830 } 831 m->m_len = sopt->sopt_valsize; 832 error = sooptcopyin(sopt, mtod(m, char *), m->m_len, 833 m->m_len); 834 if (error) { 835 m_free(m); 836 break; 837 } 838 INP_LOCK(inp); 839 error = ip_pcbopts(inp, sopt->sopt_name, m); 840 INP_UNLOCK(inp); 841 return (error); 842 } 843 844 case IP_TOS: 845 case IP_TTL: 846 case IP_MINTTL: 847 case IP_RECVOPTS: 848 case IP_RECVRETOPTS: 849 case IP_RECVDSTADDR: 850 case IP_RECVTTL: 851 case IP_RECVIF: 852 case IP_FAITH: 853 case IP_ONESBCAST: 854 case IP_DONTFRAG: 855 error = sooptcopyin(sopt, &optval, sizeof optval, 856 sizeof optval); 857 if (error) 858 break; 859 860 switch (sopt->sopt_name) { 861 case IP_TOS: 862 inp->inp_ip_tos = optval; 863 break; 864 865 case IP_TTL: 866 inp->inp_ip_ttl = optval; 867 break; 868 869 case IP_MINTTL: 870 if (optval > 0 && optval <= MAXTTL) 871 inp->inp_ip_minttl = optval; 872 else 873 error = EINVAL; 874 break; 875 876 #define OPTSET(bit) do { \ 877 INP_LOCK(inp); \ 878 if (optval) \ 879 inp->inp_flags |= bit; \ 880 else \ 881 inp->inp_flags &= ~bit; \ 882 INP_UNLOCK(inp); \ 883 } while (0) 884 885 case IP_RECVOPTS: 886 OPTSET(INP_RECVOPTS); 887 break; 888 889 case IP_RECVRETOPTS: 890 OPTSET(INP_RECVRETOPTS); 891 break; 892 893 case IP_RECVDSTADDR: 894 OPTSET(INP_RECVDSTADDR); 895 break; 896 897 case IP_RECVTTL: 898 OPTSET(INP_RECVTTL); 899 break; 900 901 case IP_RECVIF: 902 OPTSET(INP_RECVIF); 903 break; 904 905 case IP_FAITH: 906 OPTSET(INP_FAITH); 907 break; 908 909 case IP_ONESBCAST: 910 OPTSET(INP_ONESBCAST); 911 break; 912 case IP_DONTFRAG: 913 OPTSET(INP_DONTFRAG); 914 break; 915 } 916 break; 917 #undef OPTSET 918 919 /* 920 * Multicast socket options are processed by the in_mcast 921 * module. 922 */ 923 case IP_MULTICAST_IF: 924 case IP_MULTICAST_VIF: 925 case IP_MULTICAST_TTL: 926 case IP_MULTICAST_LOOP: 927 case IP_ADD_MEMBERSHIP: 928 case IP_DROP_MEMBERSHIP: 929 case IP_ADD_SOURCE_MEMBERSHIP: 930 case IP_DROP_SOURCE_MEMBERSHIP: 931 case IP_BLOCK_SOURCE: 932 case IP_UNBLOCK_SOURCE: 933 case IP_MSFILTER: 934 case MCAST_JOIN_GROUP: 935 case MCAST_LEAVE_GROUP: 936 case MCAST_JOIN_SOURCE_GROUP: 937 case MCAST_LEAVE_SOURCE_GROUP: 938 case MCAST_BLOCK_SOURCE: 939 case MCAST_UNBLOCK_SOURCE: 940 error = inp_setmoptions(inp, sopt); 941 break; 942 943 case IP_PORTRANGE: 944 error = sooptcopyin(sopt, &optval, sizeof optval, 945 sizeof optval); 946 if (error) 947 break; 948 949 INP_LOCK(inp); 950 switch (optval) { 951 case IP_PORTRANGE_DEFAULT: 952 inp->inp_flags &= ~(INP_LOWPORT); 953 inp->inp_flags &= ~(INP_HIGHPORT); 954 break; 955 956 case IP_PORTRANGE_HIGH: 957 inp->inp_flags &= ~(INP_LOWPORT); 958 inp->inp_flags |= INP_HIGHPORT; 959 break; 960 961 case IP_PORTRANGE_LOW: 962 inp->inp_flags &= ~(INP_HIGHPORT); 963 inp->inp_flags |= INP_LOWPORT; 964 break; 965 966 default: 967 error = EINVAL; 968 break; 969 } 970 INP_UNLOCK(inp); 971 break; 972 973 #ifdef IPSEC 974 case IP_IPSEC_POLICY: 975 { 976 caddr_t req; 977 struct mbuf *m; 978 979 if ((error = soopt_getm(sopt, &m)) != 0) /* XXX */ 980 break; 981 if ((error = soopt_mcopyin(sopt, m)) != 0) /* XXX */ 982 break; 983 req = mtod(m, caddr_t); 984 error = ipsec4_set_policy(inp, sopt->sopt_name, req, 985 m->m_len, (sopt->sopt_td != NULL) ? 986 sopt->sopt_td->td_ucred : NULL); 987 m_freem(m); 988 break; 989 } 990 #endif /* IPSEC */ 991 992 default: 993 error = ENOPROTOOPT; 994 break; 995 } 996 break; 997 998 case SOPT_GET: 999 switch (sopt->sopt_name) { 1000 case IP_OPTIONS: 1001 case IP_RETOPTS: 1002 if (inp->inp_options) 1003 error = sooptcopyout(sopt, 1004 mtod(inp->inp_options, 1005 char *), 1006 inp->inp_options->m_len); 1007 else 1008 sopt->sopt_valsize = 0; 1009 break; 1010 1011 case IP_TOS: 1012 case IP_TTL: 1013 case IP_MINTTL: 1014 case IP_RECVOPTS: 1015 case IP_RECVRETOPTS: 1016 case IP_RECVDSTADDR: 1017 case IP_RECVTTL: 1018 case IP_RECVIF: 1019 case IP_PORTRANGE: 1020 case IP_FAITH: 1021 case IP_ONESBCAST: 1022 case IP_DONTFRAG: 1023 switch (sopt->sopt_name) { 1024 1025 case IP_TOS: 1026 optval = inp->inp_ip_tos; 1027 break; 1028 1029 case IP_TTL: 1030 optval = inp->inp_ip_ttl; 1031 break; 1032 1033 case IP_MINTTL: 1034 optval = inp->inp_ip_minttl; 1035 break; 1036 1037 #define OPTBIT(bit) (inp->inp_flags & bit ? 1 : 0) 1038 1039 case IP_RECVOPTS: 1040 optval = OPTBIT(INP_RECVOPTS); 1041 break; 1042 1043 case IP_RECVRETOPTS: 1044 optval = OPTBIT(INP_RECVRETOPTS); 1045 break; 1046 1047 case IP_RECVDSTADDR: 1048 optval = OPTBIT(INP_RECVDSTADDR); 1049 break; 1050 1051 case IP_RECVTTL: 1052 optval = OPTBIT(INP_RECVTTL); 1053 break; 1054 1055 case IP_RECVIF: 1056 optval = OPTBIT(INP_RECVIF); 1057 break; 1058 1059 case IP_PORTRANGE: 1060 if (inp->inp_flags & INP_HIGHPORT) 1061 optval = IP_PORTRANGE_HIGH; 1062 else if (inp->inp_flags & INP_LOWPORT) 1063 optval = IP_PORTRANGE_LOW; 1064 else 1065 optval = 0; 1066 break; 1067 1068 case IP_FAITH: 1069 optval = OPTBIT(INP_FAITH); 1070 break; 1071 1072 case IP_ONESBCAST: 1073 optval = OPTBIT(INP_ONESBCAST); 1074 break; 1075 case IP_DONTFRAG: 1076 optval = OPTBIT(INP_DONTFRAG); 1077 break; 1078 } 1079 error = sooptcopyout(sopt, &optval, sizeof optval); 1080 break; 1081 1082 /* 1083 * Multicast socket options are processed by the in_mcast 1084 * module. 1085 */ 1086 case IP_MULTICAST_IF: 1087 case IP_MULTICAST_VIF: 1088 case IP_MULTICAST_TTL: 1089 case IP_MULTICAST_LOOP: 1090 case IP_MSFILTER: 1091 error = inp_getmoptions(inp, sopt); 1092 break; 1093 1094 #ifdef IPSEC 1095 case IP_IPSEC_POLICY: 1096 { 1097 struct mbuf *m = NULL; 1098 caddr_t req = NULL; 1099 size_t len = 0; 1100 1101 if (m != 0) { 1102 req = mtod(m, caddr_t); 1103 len = m->m_len; 1104 } 1105 error = ipsec4_get_policy(sotoinpcb(so), req, len, &m); 1106 if (error == 0) 1107 error = soopt_mcopyout(sopt, m); /* XXX */ 1108 if (error == 0) 1109 m_freem(m); 1110 break; 1111 } 1112 #endif /* IPSEC */ 1113 1114 default: 1115 error = ENOPROTOOPT; 1116 break; 1117 } 1118 break; 1119 } 1120 return (error); 1121 } 1122 1123 /* 1124 * Routine called from ip_output() to loop back a copy of an IP multicast 1125 * packet to the input queue of a specified interface. Note that this 1126 * calls the output routine of the loopback "driver", but with an interface 1127 * pointer that might NOT be a loopback interface -- evil, but easier than 1128 * replicating that code here. 1129 */ 1130 static void 1131 ip_mloopback(struct ifnet *ifp, struct mbuf *m, struct sockaddr_in *dst, 1132 int hlen) 1133 { 1134 register struct ip *ip; 1135 struct mbuf *copym; 1136 1137 copym = m_copy(m, 0, M_COPYALL); 1138 if (copym != NULL && (copym->m_flags & M_EXT || copym->m_len < hlen)) 1139 copym = m_pullup(copym, hlen); 1140 if (copym != NULL) { 1141 /* If needed, compute the checksum and mark it as valid. */ 1142 if (copym->m_pkthdr.csum_flags & CSUM_DELAY_DATA) { 1143 in_delayed_cksum(copym); 1144 copym->m_pkthdr.csum_flags &= ~CSUM_DELAY_DATA; 1145 copym->m_pkthdr.csum_flags |= 1146 CSUM_DATA_VALID | CSUM_PSEUDO_HDR; 1147 copym->m_pkthdr.csum_data = 0xffff; 1148 } 1149 /* 1150 * We don't bother to fragment if the IP length is greater 1151 * than the interface's MTU. Can this possibly matter? 1152 */ 1153 ip = mtod(copym, struct ip *); 1154 ip->ip_len = htons(ip->ip_len); 1155 ip->ip_off = htons(ip->ip_off); 1156 ip->ip_sum = 0; 1157 ip->ip_sum = in_cksum(copym, hlen); 1158 /* 1159 * NB: 1160 * It's not clear whether there are any lingering 1161 * reentrancy problems in other areas which might 1162 * be exposed by using ip_input directly (in 1163 * particular, everything which modifies the packet 1164 * in-place). Yet another option is using the 1165 * protosw directly to deliver the looped back 1166 * packet. For the moment, we'll err on the side 1167 * of safety by using if_simloop(). 1168 */ 1169 #if 1 /* XXX */ 1170 if (dst->sin_family != AF_INET) { 1171 printf("ip_mloopback: bad address family %d\n", 1172 dst->sin_family); 1173 dst->sin_family = AF_INET; 1174 } 1175 #endif 1176 1177 #ifdef notdef 1178 copym->m_pkthdr.rcvif = ifp; 1179 ip_input(copym); 1180 #else 1181 if_simloop(ifp, copym, dst->sin_family, 0); 1182 #endif 1183 } 1184 } 1185