1 /* 2 * Copyright (c) 1992 Regents of the University of California. 3 * All rights reserved. 4 * 5 * This software was developed by the Computer Systems Engineering group 6 * at Lawrence Berkeley Laboratory under DARPA contract BG 91-66 and 7 * contributed to Berkeley. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 /* 35 * The send and receive functions were originally implemented in udp.c and 36 * moved here. Also it is likely some more cleanup can be done, especially 37 * once we will implement the support for tcp. 38 */ 39 40 #include <sys/cdefs.h> 41 42 #include <sys/param.h> 43 #include <sys/socket.h> 44 #include <sys/queue.h> 45 46 #include <string.h> 47 #include <stdbool.h> 48 49 #include <net/if.h> 50 #include <netinet/in.h> 51 #include <netinet/if_ether.h> 52 #include <netinet/in_systm.h> 53 54 #include <netinet/ip.h> 55 #include <netinet/ip_var.h> 56 #include <netinet/udp.h> 57 #include <netinet/udp_var.h> 58 59 #include "stand.h" 60 #include "net.h" 61 62 typedef STAILQ_HEAD(ipqueue, ip_queue) ip_queue_t; 63 struct ip_queue { 64 void *ipq_pkt; 65 struct ip *ipq_hdr; 66 STAILQ_ENTRY(ip_queue) ipq_next; 67 }; 68 69 /* 70 * Fragment re-assembly queue. 71 */ 72 struct ip_reasm { 73 struct in_addr ip_src; 74 struct in_addr ip_dst; 75 uint16_t ip_id; 76 uint8_t ip_proto; 77 uint8_t ip_ttl; 78 size_t ip_total_size; 79 ip_queue_t ip_queue; 80 void *ip_pkt; 81 struct ip *ip_hdr; 82 STAILQ_ENTRY(ip_reasm) ip_next; 83 }; 84 85 STAILQ_HEAD(ire_list, ip_reasm) ire_list = STAILQ_HEAD_INITIALIZER(ire_list); 86 87 /* Caller must leave room for ethernet and ip headers in front!! */ 88 ssize_t 89 sendip(struct iodesc *d, void *pkt, size_t len, uint8_t proto) 90 { 91 ssize_t cc; 92 struct ip *ip; 93 uchar_t *ea; 94 95 #ifdef NET_DEBUG 96 if (debug) { 97 printf("sendip: proto: %x d=%p called.\n", proto, (void *)d); 98 printf("saddr: %s:%d daddr: %s:%d\n", 99 inet_ntoa(d->myip), ntohs(d->myport), 100 inet_ntoa(d->destip), ntohs(d->destport)); 101 } 102 #endif 103 104 ip = (struct ip *)pkt - 1; 105 len += sizeof (*ip); 106 107 bzero(ip, sizeof (*ip)); 108 109 ip->ip_v = IPVERSION; /* half-char */ 110 ip->ip_hl = sizeof (*ip) >> 2; /* half-char */ 111 ip->ip_len = htons(len); 112 ip->ip_p = proto; /* char */ 113 ip->ip_ttl = IPDEFTTL; /* char */ 114 ip->ip_src = d->myip; 115 ip->ip_dst = d->destip; 116 ip->ip_sum = in_cksum(ip, sizeof (*ip)); /* short, but special */ 117 118 if (ip->ip_dst.s_addr == INADDR_BROADCAST || ip->ip_src.s_addr == 0 || 119 netmask == 0 || SAMENET(ip->ip_src, ip->ip_dst, netmask)) 120 ea = arpwhohas(d, ip->ip_dst); 121 else 122 ea = arpwhohas(d, gateip); 123 124 cc = sendether(d, ip, len, ea, ETHERTYPE_IP); 125 if (cc == -1) 126 return (-1); 127 if (cc != len) 128 panic("sendip: bad write (%zd != %zd)", cc, len); 129 return (cc - sizeof (*ip)); 130 } 131 132 static void 133 ip_reasm_free(struct ip_reasm *ipr) 134 { 135 struct ip_queue *ipq; 136 137 while ((ipq = STAILQ_FIRST(&ipr->ip_queue)) != NULL) { 138 STAILQ_REMOVE_HEAD(&ipr->ip_queue, ipq_next); 139 free(ipq->ipq_pkt); 140 free(ipq); 141 } 142 free(ipr->ip_pkt); 143 free(ipr); 144 } 145 146 static bool 147 ip_reasm_add(struct ip_reasm *ipr, void *pkt, struct ip *ip) 148 { 149 struct ip_queue *ipq, *p; 150 uint16_t off_q, off_ip; 151 152 if ((ipq = calloc(1, sizeof (*ipq))) == NULL) 153 return (false); 154 155 ipq->ipq_pkt = pkt; 156 ipq->ipq_hdr = ip; 157 158 STAILQ_FOREACH(p, &ipr->ip_queue, ipq_next) { 159 off_q = ntohs(p->ipq_hdr->ip_off) & IP_OFFMASK; 160 off_ip = ntohs(ip->ip_off) & IP_OFFMASK; 161 162 if (off_q == off_ip) { /* duplicate */ 163 free(pkt); 164 free(ipq); 165 return (true); 166 } 167 168 if (off_ip < off_q) { 169 /* 170 * Everything in queue has larger offset, 171 * drop out of loop and insert to HEAD. 172 */ 173 break; 174 } 175 176 /* 177 * p in queue is smaller than ip, check if we need to put 178 * ip after p or after p->next. 179 */ 180 struct ip_queue *next = STAILQ_NEXT(p, ipq_next); 181 if (next == NULL) { 182 /* insert after p */ 183 STAILQ_INSERT_AFTER(&ipr->ip_queue, p, ipq, ipq_next); 184 return (true); 185 } 186 187 off_q = ntohs(next->ipq_hdr->ip_off) & IP_OFFMASK; 188 if (off_ip < off_q) { 189 /* next fragment offset is larger, insert after p. */ 190 STAILQ_INSERT_AFTER(&ipr->ip_queue, p, ipq, ipq_next); 191 return (true); 192 } 193 /* next fragment offset is smaller, loop */ 194 } 195 STAILQ_INSERT_HEAD(&ipr->ip_queue, ipq, ipq_next); 196 return (true); 197 } 198 199 /* 200 * Receive a IP packet and validate it is for us. 201 */ 202 static ssize_t 203 readipv4(struct iodesc *d, void **pkt, void **payload, ssize_t n) 204 { 205 struct ip *ip = *payload; 206 size_t hlen; 207 struct ether_header *eh; 208 struct udphdr *uh; 209 char *ptr = *pkt; 210 struct ip_reasm *ipr; 211 struct ip_queue *ipq, *last; 212 bool morefrag, isfrag; 213 uint16_t fragoffset; 214 215 if (n < sizeof (*ip)) { 216 free(ptr); 217 errno = EAGAIN; /* Call me again. */ 218 return (-1); 219 } 220 221 hlen = ip->ip_hl << 2; 222 if (hlen < sizeof (*ip) || 223 in_cksum(ip, hlen) != 0) { 224 #ifdef NET_DEBUG 225 if (debug) 226 printf("%s: short hdr or bad cksum.\n", __func__); 227 #endif 228 free(ptr); 229 errno = EAGAIN; /* Call me again. */ 230 return (-1); 231 } 232 233 if (n < ntohs(ip->ip_len)) { 234 #ifdef NET_DEBUG 235 if (debug) { 236 printf("readip: bad length %dz < %d.\n", 237 n, ntohs(ip->ip_len)); 238 } 239 #endif 240 free(ptr); 241 errno = EAGAIN; /* Call me again. */ 242 return (-1); 243 } 244 245 fragoffset = (ntohs(ip->ip_off) & IP_OFFMASK) * 8; 246 morefrag = (ntohs(ip->ip_off) & IP_MF) == 0 ? false : true; 247 isfrag = morefrag || fragoffset != 0; 248 249 uh = (struct udphdr *)((uintptr_t)ip + sizeof (*ip)); 250 251 if (d->myip.s_addr && ip->ip_dst.s_addr != d->myip.s_addr) { 252 #ifdef NET_DEBUG 253 if (debug) { 254 printf("%s: not for us: saddr %s (%d) != %s (%d)\n", 255 __func__, inet_ntoa(d->myip), ntohs(d->myport), 256 inet_ntoa(ip->ip_dst), ntohs(uh->uh_dport)); 257 } 258 #endif 259 free(ptr); 260 errno = EAGAIN; /* Call me again. */ 261 return (-1); 262 } 263 264 /* Unfragmented packet. */ 265 if (!isfrag) { 266 #ifdef NET_DEBUG 267 if (debug) { 268 printf("%s: unfragmented saddr %s:%d -> ", 269 __func__, 270 inet_ntoa(ip->ip_src), ntohs(uh->uh_sport)); 271 printf("%s:%d\n", 272 inet_ntoa(ip->ip_dst), ntohs(uh->uh_dport)); 273 } 274 #endif 275 /* If there were ip options, make them go away */ 276 if (hlen != sizeof (*ip)) { 277 bcopy(((uchar_t *)ip) + hlen, uh, 278 ntohs(uh->uh_ulen) - hlen); 279 ip->ip_len = htons(sizeof (*ip)); 280 n -= hlen - sizeof (*ip); 281 } 282 283 n = (n > (ntohs(ip->ip_len) - sizeof (*ip))) ? 284 ntohs(ip->ip_len) - sizeof (*ip) : n; 285 *pkt = ptr; 286 *payload = (void *)((uintptr_t)ip + sizeof (*ip)); 287 return (n); 288 } 289 290 STAILQ_FOREACH(ipr, &ire_list, ip_next) { 291 if (ipr->ip_src.s_addr == ip->ip_src.s_addr && 292 ipr->ip_dst.s_addr == ip->ip_dst.s_addr && 293 ipr->ip_id == ip->ip_id && 294 ipr->ip_proto == ip->ip_p) 295 break; 296 } 297 298 /* Allocate new reassembly entry */ 299 if (ipr == NULL) { 300 if ((ipr = calloc(1, sizeof (*ipr))) == NULL) { 301 free(ptr); 302 return (-1); 303 } 304 305 ipr->ip_src = ip->ip_src; 306 ipr->ip_dst = ip->ip_dst; 307 ipr->ip_id = ip->ip_id; 308 ipr->ip_proto = ip->ip_p; 309 ipr->ip_ttl = MAXTTL; 310 STAILQ_INIT(&ipr->ip_queue); 311 STAILQ_INSERT_TAIL(&ire_list, ipr, ip_next); 312 #ifdef NET_DEBUG 313 if (debug) { 314 printf("%s: new reassembly ID=%d %s -> ", 315 __func__, ntohs(ip->ip_id), inet_ntoa(ip->ip_src)); 316 printf("%s\n", inet_ntoa(ip->ip_dst)); 317 } 318 #endif 319 } 320 321 /* 322 * NOTE: with ip_reasm_add() ptr will be stored in reassembly 323 * queue and we can not free it without destroying the queue. 324 */ 325 if (!ip_reasm_add(ipr, ptr, ip)) { 326 STAILQ_REMOVE(&ire_list, ipr, ip_reasm, ip_next); 327 free(ipr); 328 free(ptr); 329 return (-1); 330 } 331 332 /* 333 * Walk the packet list in reassembly queue, if we got all the 334 * fragments, build the packet. 335 */ 336 n = 0; 337 last = NULL; 338 STAILQ_FOREACH(ipq, &ipr->ip_queue, ipq_next) { 339 fragoffset = (ntohs(ipq->ipq_hdr->ip_off) & IP_OFFMASK) * 8; 340 if (fragoffset != n) { 341 #ifdef NET_DEBUG 342 if (debug) { 343 printf("%s: need more fragments %d %s -> ", 344 __func__, ntohs(ipq->ipq_hdr->ip_id), 345 inet_ntoa(ipq->ipq_hdr->ip_src)); 346 printf("%s offset=%d MF=%d\n", 347 inet_ntoa(ipq->ipq_hdr->ip_dst), 348 fragoffset, 349 (ntohs(ipq->ipq_hdr->ip_off) & IP_MF) != 0); 350 } 351 #endif 352 errno = EAGAIN; 353 return (-1); 354 } 355 356 n += ntohs(ipq->ipq_hdr->ip_len) - (ipq->ipq_hdr->ip_hl << 2); 357 last = ipq; 358 } 359 360 /* complete queue has last packet with MF 0 */ 361 if ((ntohs(last->ipq_hdr->ip_off) & IP_MF) != 0) { 362 #ifdef NET_DEBUG 363 if (debug) { 364 printf("%s: need more fragments %d %s -> ", 365 __func__, ntohs(last->ipq_hdr->ip_id), 366 inet_ntoa(last->ipq_hdr->ip_src)); 367 printf("%s offset=%d MF=%d\n", 368 inet_ntoa(last->ipq_hdr->ip_dst), 369 (ntohs(last->ipq_hdr->ip_off) & IP_OFFMASK) * 8, 370 (ntohs(last->ipq_hdr->ip_off) & IP_MF) != 0); 371 } 372 #endif 373 errno = EAGAIN; 374 return (-1); 375 } 376 377 ipr->ip_total_size = n + sizeof (*ip) + sizeof (struct ether_header); 378 ipr->ip_pkt = malloc(ipr->ip_total_size + 2); 379 if (ipr->ip_pkt == NULL) { 380 STAILQ_REMOVE(&ire_list, ipr, ip_reasm, ip_next); 381 ip_reasm_free(ipr); 382 return (-1); 383 } 384 385 ipq = STAILQ_FIRST(&ipr->ip_queue); 386 /* Fabricate ethernet header */ 387 eh = (struct ether_header *)((uintptr_t)ipr->ip_pkt + 2); 388 bcopy((void *)((uintptr_t)ipq->ipq_pkt + 2), eh, sizeof (*eh)); 389 390 /* Fabricate IP header */ 391 ipr->ip_hdr = (struct ip *)((uintptr_t)eh + sizeof (*eh)); 392 bcopy(ipq->ipq_hdr, ipr->ip_hdr, sizeof (*ipr->ip_hdr)); 393 ipr->ip_hdr->ip_hl = sizeof (*ipr->ip_hdr) >> 2; 394 ipr->ip_hdr->ip_len = htons(n); 395 ipr->ip_hdr->ip_sum = 0; 396 ipr->ip_hdr->ip_sum = in_cksum(ipr->ip_hdr, sizeof (*ipr->ip_hdr)); 397 398 n = 0; 399 ptr = (char *)((uintptr_t)ipr->ip_hdr + sizeof (*ipr->ip_hdr)); 400 STAILQ_FOREACH(ipq, &ipr->ip_queue, ipq_next) { 401 char *data; 402 size_t len; 403 404 hlen = ipq->ipq_hdr->ip_hl << 2; 405 len = ntohs(ipq->ipq_hdr->ip_len) - hlen; 406 data = (char *)((uintptr_t)ipq->ipq_hdr + hlen); 407 408 bcopy(data, ptr + n, len); 409 n += len; 410 } 411 412 *pkt = ipr->ip_pkt; 413 ipr->ip_pkt = NULL; /* Avoid free from ip_reasm_free() */ 414 *payload = ptr; 415 416 /* Clean up the reassembly list */ 417 while ((ipr = STAILQ_FIRST(&ire_list)) != NULL) { 418 STAILQ_REMOVE_HEAD(&ire_list, ip_next); 419 ip_reasm_free(ipr); 420 } 421 #ifdef NET_DEBUG 422 if (debug) { 423 printf("%s: completed fragments ID=%d %s -> %s\n", 424 __func__, ntohs(ip->ip_id), inet_ntoa(ip->ip_src), 425 inet_ntoa(ip->ip_dst)); 426 } 427 #endif 428 return (n); 429 } 430 431 /* 432 * Receive a IP packet. 433 */ 434 ssize_t 435 readip(struct iodesc *d, void **pkt, void **payload, time_t tleft, 436 uint8_t proto) 437 { 438 time_t t; 439 ssize_t ret = -1; 440 441 t = getsecs(); 442 while ((getsecs() - t) < tleft) { 443 ssize_t n; 444 uint16_t etype; /* host order */ 445 void *ptr = NULL; 446 void *data = NULL; 447 448 errno = 0; 449 n = readether(d, &ptr, &data, tleft, &etype); 450 if (n == -1) { 451 free(ptr); 452 continue; 453 } 454 /* Ethernet address checks are done in readether() */ 455 456 /* Need to respond to ARP requests. */ 457 if (etype == ETHERTYPE_ARP) { 458 struct arphdr *ah = data; 459 460 #ifdef NET_DEBUG 461 if (debug) 462 printf("%s: ARP request\n", __func__); 463 #endif 464 465 if (ah->ar_op == htons(ARPOP_REQUEST)) { 466 /* Send ARP reply */ 467 arp_reply(d, ah); 468 } 469 free(ptr); 470 continue; /* Get next packet */ 471 } 472 473 if (etype == ETHERTYPE_IP) { 474 struct ip *ip = data; 475 476 if (ip->ip_v == IPVERSION && /* half char */ 477 ip->ip_p == proto) { 478 errno = 0; 479 ret = readipv4(d, &ptr, &data, n); 480 if (ret >= 0) { 481 *pkt = ptr; 482 *payload = data; 483 return (ret); 484 } 485 486 /* 487 * Bubble up the error if it wasn't successful 488 */ 489 if (errno != EAGAIN) 490 return (-1); 491 continue; 492 } 493 #ifdef NET_DEBUG 494 if (debug) { 495 printf("%s: IP version or proto. " 496 "ip_v=%d ip_p=%d\n", 497 __func__, ip->ip_v, ip->ip_p); 498 } 499 #endif 500 free(ptr); 501 continue; 502 } 503 free(ptr); 504 } 505 /* We've exhausted tleft; timeout */ 506 errno = ETIMEDOUT; 507 #ifdef NET_DEBUG 508 if (debug) { 509 printf("%s: timeout\n", __func__); 510 } 511 #endif 512 return (-1); 513 } 514