xref: /titanic_52/usr/src/uts/common/ipp/flowacct/flowacct.c (revision 8780f632c8794e526157dc18c87834b2cc4f6592)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #include <sys/types.h>
28 #include <sys/kmem.h>
29 #include <sys/conf.h>
30 #include <sys/atomic.h>
31 #include <netinet/in.h>
32 #include <netinet/in_systm.h>
33 #include <netinet/ip6.h>
34 #include <sys/socket.h>
35 #include <sys/acct.h>
36 #include <sys/exacct.h>
37 #include <inet/common.h>
38 #include <inet/ip.h>
39 #include <inet/ip6.h>
40 #include <sys/ddi.h>
41 #include <sys/strsun.h>
42 #include <sys/strsubr.h>
43 #include <ipp/flowacct/flowacct_impl.h>
44 
45 /*
46  * flowacct - IPQoS accounting module. The module maintains an array
47  * of 256 hash buckets. When the action routine is invoked for a flow,
48  * if the flow (identified by the 5-tuple: saddr, daddr, sport, dport, proto)
49  * is already present in the flow table (indexed by the hash function FLOW_HASH)
50  * then a check is made to see if an item for this flow with the same
51  * dsfield, projid & user id is present. If it is, then the number of packets
52  * and the bytes are incremented for that item. If the item does
53  * not exist a new item is added for the flow. If the flow is not present
54  * an entry is made for the flow.
55  *
56  * A timer runs thru the table and writes all the flow items that have
57  * timed out to the accounting file (via exacct PSARC/1999/119), if present
58  * Configuration commands to change the timing interval is provided. The
59  * flow timeout value can also be configured. While the timeout is in nsec,
60  * the flow timer interval is in usec.
61  * Information for an active flow can be obtained by using kstats.
62  */
63 
64 /* Used in computing the hash index */
65 #define	FLOWACCT_ADDR_HASH(addr) 			\
66 	((addr).s6_addr8[8] ^ (addr).s6_addr8[9] ^ 	\
67 	(addr).s6_addr8[10] ^ (addr).s6_addr8[13] ^ 	\
68 	(addr).s6_addr8[14] ^ (addr).s6_addr8[15])
69 
70 #define	FLOWACCT_FLOW_HASH(f)				\
71 	(((FLOWACCT_ADDR_HASH(f->saddr)) + 		\
72 	(FLOWACCT_ADDR_HASH(f->daddr)) + 		\
73 	(f->proto) + (f->sport) + (f->dport)) 		\
74 	% FLOW_TBL_COUNT)
75 
76 /*
77  * Compute difference between a and b in nsec and store in delta.
78  * delta should be a hrtime_t. Taken from ip_mroute.c.
79  */
80 #define	FLOWACCT_DELTA(a, b, delta) { \
81 	int xxs; \
82  \
83 	delta = (a).tv_nsec - (b).tv_nsec; \
84 	if ((xxs = (a).tv_sec - (b).tv_sec) != 0) { \
85 		switch (xxs) { \
86 		case 2: \
87 		    delta += NANOSEC; \
88 		    /*FALLTHRU*/ \
89 		case 1: \
90 		    delta += NANOSEC; \
91 		    break; \
92 		default: \
93 		    delta += ((hrtime_t)NANOSEC * xxs); \
94 		} \
95 	} \
96 }
97 
98 /* Debug level */
99 int flowacct_debug = 0;
100 
101 /* Collect timed out flows to be written to the accounting file */
102 typedef struct flow_records_s {
103 	flow_usage_t *fl_use;
104 	struct flow_records_s *next;
105 }flow_records_t;
106 
107 /* Get port information from the packet. Ignore fragments. */
108 static void
109 flowacct_port_info(header_t *header, void *iph, int af, mblk_t *mp)
110 {
111 	uint16_t *up;
112 
113 	if (af == AF_INET) {
114 		ipha_t *ipha = (ipha_t *)iph;
115 		uint32_t u2, u1;
116 		uint_t iplen;
117 
118 		u2 = ntohs(ipha->ipha_fragment_offset_and_flags);
119 		u1 = u2 & (IPH_MF | IPH_OFFSET);
120 		if (u1 != 0) {
121 			return;
122 		}
123 		iplen = (ipha->ipha_version_and_hdr_length & 0xF) << 2;
124 		up = (uint16_t *)(mp->b_rptr + iplen);
125 		header->sport = (uint16_t)*up++;
126 		header->dport = (uint16_t)*up;
127 	} else {
128 		ip6_t *ip6h = (ip6_t *)iph;
129 		uint_t  length = IPV6_HDR_LEN;
130 		uint_t  ehdrlen;
131 		uint8_t *nexthdrp, *whereptr, *endptr;
132 		ip6_dest_t *desthdr;
133 		ip6_rthdr_t *rthdr;
134 		ip6_hbh_t *hbhhdr;
135 
136 		whereptr = ((uint8_t *)&ip6h[1]);
137 		endptr = mp->b_wptr;
138 		nexthdrp = &ip6h->ip6_nxt;
139 		while (whereptr < endptr) {
140 			switch (*nexthdrp) {
141 			case IPPROTO_HOPOPTS:
142 				hbhhdr = (ip6_hbh_t *)whereptr;
143 				ehdrlen = 8 * (hbhhdr->ip6h_len + 1);
144 				if ((uchar_t *)hbhhdr +  ehdrlen > endptr)
145 					return;
146 				nexthdrp = &hbhhdr->ip6h_nxt;
147 				break;
148 			case IPPROTO_DSTOPTS:
149 				desthdr = (ip6_dest_t *)whereptr;
150 				ehdrlen = 8 * (desthdr->ip6d_len + 1);
151 				if ((uchar_t *)desthdr +  ehdrlen > endptr)
152 					return;
153 				nexthdrp = &desthdr->ip6d_nxt;
154 				break;
155 			case IPPROTO_ROUTING:
156 				rthdr = (ip6_rthdr_t *)whereptr;
157 				ehdrlen =  8 * (rthdr->ip6r_len + 1);
158 				if ((uchar_t *)rthdr +  ehdrlen > endptr)
159 					return;
160 				nexthdrp = &rthdr->ip6r_nxt;
161 				break;
162 			case IPPROTO_FRAGMENT:
163 				return;
164 			case IPPROTO_TCP:
165 			case IPPROTO_UDP:
166 			case IPPROTO_SCTP:
167 				/*
168 				 * Verify we have at least ICMP_MIN_TP_HDR_LEN
169 				 * bytes of the ULP's header to get the port
170 				 * info.
171 				 */
172 				if (((uchar_t *)ip6h + length +
173 				    ICMP_MIN_TP_HDR_LEN)  > endptr) {
174 					return;
175 				}
176 				/* Get the protocol & ports */
177 				header->proto = *nexthdrp;
178 				up = (uint16_t *)((uchar_t *)ip6h + length);
179 				header->sport = (uint16_t)*up++;
180 				header->dport = (uint16_t)*up;
181 				return;
182 			case IPPROTO_ICMPV6:
183 			case IPPROTO_ENCAP:
184 			case IPPROTO_IPV6:
185 			case IPPROTO_ESP:
186 			case IPPROTO_AH:
187 				header->proto = *nexthdrp;
188 				return;
189 			case IPPROTO_NONE:
190 			default:
191 				return;
192 			}
193 			length += ehdrlen;
194 			whereptr += ehdrlen;
195 		}
196 	}
197 }
198 
199 /*
200  * flowacct_find_ids(mp, header)
201  *
202  * attempt to discern the uid and projid of the originator of a packet by
203  * looking at the dblks making up the packet - yeuch!
204  *
205  * We do it by skipping any fragments with a credp of NULL (originated in
206  * kernel), taking the first value that isn't NULL to be the cred_t for the
207  * whole packet.
208  */
209 static void
210 flowacct_find_ids(mblk_t *mp, header_t *header)
211 {
212 	cred_t *cr;
213 
214 	cr = msg_getcred(mp, NULL);
215 	if (cr != NULL) {
216 		header->uid = crgetuid(cr);
217 		header->projid = crgetprojid(cr);
218 	} else {
219 		header->uid = (uid_t)-1;
220 		header->projid = -1;
221 	}
222 }
223 
224 /*
225  * Extract header information in a header_t structure so that we don't have
226  * have to parse the packet everytime.
227  */
228 static int
229 flowacct_extract_header(mblk_t *mp, header_t *header)
230 {
231 	ipha_t *ipha;
232 	ip6_t *ip6h;
233 #define	rptr	((uchar_t *)ipha)
234 
235 	/* 0 means no port extracted. */
236 	header->sport = 0;
237 	header->dport = 0;
238 	flowacct_find_ids(mp, header);
239 
240 	V6_SET_ZERO(header->saddr);
241 	V6_SET_ZERO(header->daddr);
242 
243 	ipha = (ipha_t *)mp->b_rptr;
244 	header->isv4 = IPH_HDR_VERSION(ipha) == IPV4_VERSION;
245 	if (header->isv4) {
246 		ipha = (ipha_t *)mp->b_rptr;
247 		V4_PART_OF_V6(header->saddr) = (int32_t)ipha->ipha_src;
248 		V4_PART_OF_V6(header->daddr) = (int32_t)ipha->ipha_dst;
249 		header->dsfield = ipha->ipha_type_of_service;
250 		header->proto = ipha->ipha_protocol;
251 		header->pktlen = ntohs(ipha->ipha_length);
252 		if ((header->proto == IPPROTO_TCP) ||
253 		    (header->proto == IPPROTO_UDP) ||
254 		    (header->proto == IPPROTO_SCTP)) {
255 			flowacct_port_info(header, ipha, AF_INET, mp);
256 		}
257 	} else {
258 		/*
259 		 * Need to pullup everything.
260 		 */
261 		if (mp->b_cont != NULL) {
262 			if (!pullupmsg(mp, -1)) {
263 				flowacct0dbg(("flowacct_extract_header: "\
264 				    "pullup error"));
265 				return (-1);
266 			}
267 		}
268 		ip6h = (ip6_t *)mp->b_rptr;
269 		bcopy(ip6h->ip6_src.s6_addr32, header->saddr.s6_addr32,
270 		    sizeof (ip6h->ip6_src.s6_addr32));
271 		bcopy(ip6h->ip6_dst.s6_addr32, header->daddr.s6_addr32,
272 		    sizeof (ip6h->ip6_dst.s6_addr32));
273 		header->dsfield = __IPV6_TCLASS_FROM_FLOW(ip6h->ip6_vcf);
274 		header->proto = ip6h->ip6_nxt;
275 		header->pktlen = ntohs(ip6h->ip6_plen) +
276 		    ip_hdr_length_v6(mp, ip6h);
277 		flowacct_port_info(header, ip6h, AF_INET6, mp);
278 
279 	}
280 #undef	rptr
281 	return (0);
282 }
283 
284 /* Check if the flow (identified by the 5-tuple) exists in the hash table */
285 static flow_t *
286 flowacct_flow_present(header_t *header, int index,
287     flowacct_data_t *flowacct_data)
288 {
289 	list_hdr_t *hdr = flowacct_data->flows_tbl[index].head;
290 	flow_t *flow;
291 
292 	while (hdr != NULL) {
293 		flow = (flow_t *)hdr->objp;
294 		if ((flow != NULL) &&
295 		    (IN6_ARE_ADDR_EQUAL(&flow->saddr, &header->saddr)) &&
296 		    (IN6_ARE_ADDR_EQUAL(&flow->daddr, &header->daddr)) &&
297 		    (flow->proto == header->proto) &&
298 		    (flow->sport == header->sport) &&
299 		    (flow->dport == header->dport)) {
300 			return (flow);
301 		}
302 		hdr = hdr->next;
303 	}
304 	return ((flow_t *)NULL);
305 }
306 
307 /*
308  * Add an object to the list at insert_point. This could be a flow item or
309  * a flow itself.
310  */
311 static list_hdr_t *
312 flowacct_add_obj(list_head_t *tophdr, list_hdr_t *insert_point, void *obj)
313 {
314 	list_hdr_t *new_hdr;
315 
316 	if (tophdr == NULL) {
317 		return ((list_hdr_t *)NULL);
318 	}
319 
320 	new_hdr = (list_hdr_t *)kmem_zalloc(FLOWACCT_HDR_SZ, KM_NOSLEEP);
321 	if (new_hdr == NULL) {
322 		flowacct0dbg(("flowacct_add_obj: error allocating mem"));
323 		return ((list_hdr_t *)NULL);
324 	}
325 	gethrestime(&new_hdr->last_seen);
326 	new_hdr->objp = obj;
327 	tophdr->nbr_items++;
328 
329 	if (insert_point == NULL) {
330 		if (tophdr->head == NULL) {
331 			tophdr->head = new_hdr;
332 			tophdr->tail = new_hdr;
333 			return (new_hdr);
334 		}
335 
336 		new_hdr->next = tophdr->head;
337 		tophdr->head->prev = new_hdr;
338 		tophdr->head = new_hdr;
339 		return (new_hdr);
340 	}
341 
342 	if (insert_point == tophdr->tail) {
343 		tophdr->tail->next = new_hdr;
344 		new_hdr->prev = tophdr->tail;
345 		tophdr->tail = new_hdr;
346 		return (new_hdr);
347 	}
348 
349 	new_hdr->next = insert_point->next;
350 	new_hdr->prev = insert_point;
351 	insert_point->next->prev = new_hdr;
352 	insert_point->next = new_hdr;
353 	return (new_hdr);
354 }
355 
356 /* Delete an obj from the list. This could be a flow item or the flow itself */
357 static void
358 flowacct_del_obj(list_head_t *tophdr, list_hdr_t *hdr, uint_t mode)
359 {
360 	size_t	length;
361 	uint_t	type;
362 
363 	if ((tophdr == NULL) || (hdr == NULL)) {
364 		return;
365 	}
366 
367 	type = ((flow_t *)hdr->objp)->type;
368 
369 	tophdr->nbr_items--;
370 
371 	if (hdr->next != NULL) {
372 		hdr->next->prev = hdr->prev;
373 	}
374 	if (hdr->prev != NULL) {
375 		hdr->prev->next = hdr->next;
376 	}
377 	if (tophdr->head == hdr) {
378 		tophdr->head = hdr->next;
379 	}
380 	if (tophdr->tail == hdr) {
381 		tophdr->tail = hdr->prev;
382 	}
383 
384 	if (mode == FLOWACCT_DEL_OBJ) {
385 		switch (type) {
386 		case FLOWACCT_FLOW:
387 			length = FLOWACCT_FLOW_SZ;
388 			break;
389 		case FLOWACCT_ITEM:
390 			length = FLOWACCT_ITEM_SZ;
391 			break;
392 		}
393 		kmem_free(hdr->objp, length);
394 		hdr->objp = NULL;
395 	}
396 
397 	kmem_free((void *)hdr, FLOWACCT_HDR_SZ);
398 }
399 
400 /*
401  * Checks if the given item (identified by dsfield, project id and uid)
402  * is already present for the flow.
403  */
404 static flow_item_t *
405 flowacct_item_present(flow_t *flow, uint8_t dsfield, pid_t proj_id, uint_t uid)
406 {
407 	list_hdr_t	*itemhdr;
408 	flow_item_t	*item;
409 
410 	itemhdr = flow->items.head;
411 
412 	while (itemhdr != NULL) {
413 		item = (flow_item_t *)itemhdr->objp;
414 
415 		if ((item->dsfield != dsfield) || (item->projid != proj_id) ||
416 		    (item->uid != uid)) {
417 			itemhdr = itemhdr->next;
418 			continue;
419 		}
420 		return (item);
421 	}
422 
423 	return ((flow_item_t *)NULL);
424 }
425 
426 /*
427  * Add the flow to the table, if not already present. If the flow is
428  * present in the table, add the item. Also, update the flow stats.
429  * Additionally, re-adjust the timout list as well.
430  */
431 static int
432 flowacct_update_flows_tbl(header_t *header, flowacct_data_t *flowacct_data)
433 {
434 	int index;
435 	list_head_t *fhead;
436 	list_head_t *thead;
437 	list_head_t *ihead;
438 	boolean_t added_flow = B_FALSE;
439 	timespec_t  now;
440 	flow_item_t *item;
441 	flow_t *flow;
442 
443 	index = FLOWACCT_FLOW_HASH(header);
444 	fhead = &flowacct_data->flows_tbl[index];
445 
446 	/* The timeout list */
447 	thead = &flowacct_data->flows_tbl[FLOW_TBL_COUNT];
448 
449 	mutex_enter(&fhead->lock);
450 	flow = flowacct_flow_present(header, index, flowacct_data);
451 	if (flow == NULL) {
452 		flow = (flow_t *)kmem_zalloc(FLOWACCT_FLOW_SZ, KM_NOSLEEP);
453 		if (flow == NULL) {
454 			mutex_exit(&fhead->lock);
455 			flowacct0dbg(("flowacct_update_flows_tbl: mem alloc "\
456 			    "error"));
457 			return (-1);
458 		}
459 		flow->hdr = flowacct_add_obj(fhead, fhead->tail, (void *)flow);
460 		if (flow->hdr == NULL) {
461 			mutex_exit(&fhead->lock);
462 			kmem_free(flow, FLOWACCT_FLOW_SZ);
463 			flowacct0dbg(("flowacct_update_flows_tbl: mem alloc "\
464 			    "error"));
465 			return (-1);
466 		}
467 
468 		flow->type = FLOWACCT_FLOW;
469 		flow->isv4 = header->isv4;
470 		bcopy(header->saddr.s6_addr32, flow->saddr.s6_addr32,
471 		    sizeof (header->saddr.s6_addr32));
472 		bcopy(header->daddr.s6_addr32, flow->daddr.s6_addr32,
473 		    sizeof (header->daddr.s6_addr32));
474 		flow->proto = header->proto;
475 		flow->sport = header->sport;
476 		flow->dport = header->dport;
477 		flow->back_ptr = fhead;
478 		added_flow = B_TRUE;
479 	} else {
480 		/*
481 		 * We need to make sure that this 'flow' is not deleted
482 		 * either by a scheduled timeout or an explict call
483 		 * to flowacct_timer() below.
484 		 */
485 		flow->inuse = B_TRUE;
486 	}
487 
488 	ihead = &flow->items;
489 	item = flowacct_item_present(flow, header->dsfield, header->projid,
490 	    header->uid);
491 	if (item == NULL) {
492 		boolean_t just_once = B_TRUE;
493 		/*
494 		 * For all practical purposes, we limit the no. of entries in
495 		 * the flow table - i.e. the max_limt that a user specifies is
496 		 * the maximum no. of flow items in the table.
497 		 */
498 	try_again:
499 		atomic_add_32(&flowacct_data->nflows, 1);
500 		if (flowacct_data->nflows > flowacct_data->max_limit) {
501 			atomic_add_32(&flowacct_data->nflows, -1);
502 
503 			/* Try timing out once */
504 			if (just_once) {
505 				/*
506 				 * Need to release the lock, as this entry
507 				 * could contain a flow that can be timed
508 				 * out.
509 				 */
510 				mutex_exit(&fhead->lock);
511 				flowacct_timer(FLOWACCT_JUST_ONE,
512 				    flowacct_data);
513 				mutex_enter(&fhead->lock);
514 				/* Lets check again */
515 				just_once = B_FALSE;
516 				goto try_again;
517 			} else {
518 				flow->inuse = B_FALSE;
519 				/* Need to remove the flow, if one was added */
520 				if (added_flow) {
521 					flowacct_del_obj(fhead, flow->hdr,
522 					    FLOWACCT_DEL_OBJ);
523 				}
524 				mutex_exit(&fhead->lock);
525 				flowacct1dbg(("flowacct_update_flows_tbl: "\
526 				    "maximum active flows exceeded\n"));
527 				return (-1);
528 			}
529 		}
530 		item = (flow_item_t *)kmem_zalloc(FLOWACCT_ITEM_SZ, KM_NOSLEEP);
531 		if (item == NULL) {
532 			flow->inuse = B_FALSE;
533 			/* Need to remove the flow, if one was added */
534 			if (added_flow) {
535 				flowacct_del_obj(fhead, flow->hdr,
536 				    FLOWACCT_DEL_OBJ);
537 			}
538 			mutex_exit(&fhead->lock);
539 			atomic_add_32(&flowacct_data->nflows, -1);
540 			flowacct0dbg(("flowacct_update_flows_tbl: mem alloc "\
541 			    "error"));
542 			return (-1);
543 		}
544 		item->hdr = flowacct_add_obj(ihead, ihead->tail, (void *)item);
545 		if (item->hdr == NULL) {
546 			flow->inuse = B_FALSE;
547 			/* Need to remove the flow, if one was added */
548 			if (added_flow) {
549 				flowacct_del_obj(fhead, flow->hdr,
550 				    FLOWACCT_DEL_OBJ);
551 			}
552 			mutex_exit(&fhead->lock);
553 			atomic_add_32(&flowacct_data->nflows, -1);
554 			kmem_free(item, FLOWACCT_ITEM_SZ);
555 			flowacct0dbg(("flowacct_update_flows_tbl: mem alloc "\
556 			    "error\n"));
557 			return (-1);
558 		}
559 		/* If a flow was added, add it too */
560 		if (added_flow) {
561 			atomic_add_64(&flowacct_data->usedmem,
562 			    FLOWACCT_FLOW_RECORD_SZ);
563 		}
564 		atomic_add_64(&flowacct_data->usedmem, FLOWACCT_ITEM_RECORD_SZ);
565 
566 		item->type = FLOWACCT_ITEM;
567 		item->dsfield = header->dsfield;
568 		item->projid = header->projid;
569 		item->uid = header->uid;
570 		item->npackets = 1;
571 		item->nbytes = header->pktlen;
572 		item->creation_time = item->hdr->last_seen;
573 	} else {
574 		item->npackets++;
575 		item->nbytes += header->pktlen;
576 	}
577 	gethrestime(&now);
578 	flow->hdr->last_seen = item->hdr->last_seen = now;
579 	mutex_exit(&fhead->lock);
580 
581 	/*
582 	 * Re-adjust the timeout list. The timer takes the thead lock
583 	 * follwed by fhead lock(s), so we release fhead, take thead
584 	 * and re-take fhead.
585 	 */
586 	mutex_enter(&thead->lock);
587 	mutex_enter(&fhead->lock);
588 	/* If the flow was added, append it to the tail of the timeout list */
589 	if (added_flow) {
590 		if (thead->head == NULL) {
591 			thead->head = flow->hdr;
592 			thead->tail = flow->hdr;
593 		} else {
594 			thead->tail->timeout_next = flow->hdr;
595 			flow->hdr->timeout_prev = thead->tail;
596 			thead->tail = flow->hdr;
597 		}
598 	/*
599 	 * Else, move this flow to the tail of the timeout list, if it is not
600 	 * already.
601 	 * flow->hdr in the timeout list :-
602 	 * timeout_next = NULL, timeout_prev != NULL, at the tail end.
603 	 * timeout_next != NULL, timeout_prev = NULL, at the head.
604 	 * timeout_next != NULL, timeout_prev != NULL, in the middle.
605 	 * timeout_next = NULL, timeout_prev = NULL, not in the timeout list,
606 	 * ignore such flow.
607 	 */
608 	} else if ((flow->hdr->timeout_next != NULL) ||
609 	    (flow->hdr->timeout_prev != NULL)) {
610 		if (flow->hdr != thead->tail) {
611 			if (flow->hdr == thead->head) {
612 				thead->head->timeout_next->timeout_prev = NULL;
613 				thead->head = thead->head->timeout_next;
614 				flow->hdr->timeout_next = NULL;
615 				thead->tail->timeout_next = flow->hdr;
616 				flow->hdr->timeout_prev = thead->tail;
617 				thead->tail = flow->hdr;
618 			} else {
619 				flow->hdr->timeout_prev->timeout_next =
620 				    flow->hdr->timeout_next;
621 				flow->hdr->timeout_next->timeout_prev =
622 				    flow->hdr->timeout_prev;
623 				flow->hdr->timeout_next = NULL;
624 				thead->tail->timeout_next = flow->hdr;
625 				flow->hdr->timeout_prev = thead->tail;
626 				thead->tail = flow->hdr;
627 			}
628 		}
629 	}
630 	/*
631 	 * Unset this variable, now it is fine even if this
632 	 * flow gets deleted (i.e. after timing out its
633 	 * flow items) since we are done using it.
634 	 */
635 	flow->inuse = B_FALSE;
636 	mutex_exit(&fhead->lock);
637 	mutex_exit(&thead->lock);
638 	atomic_add_64(&flowacct_data->tbytes, header->pktlen);
639 	return (0);
640 }
641 
642 /* Timer for timing out flows/items from the flow table */
643 void
644 flowacct_timeout_flows(void *args)
645 {
646 	flowacct_data_t *flowacct_data = (flowacct_data_t *)args;
647 	flowacct_timer(FLOWACCT_FLOW_TIMER, flowacct_data);
648 	flowacct_data->flow_tid = timeout(flowacct_timeout_flows, flowacct_data,
649 	    drv_usectohz(flowacct_data->timer));
650 }
651 
652 
653 /* Delete the item from the flow in the flow table */
654 static void
655 flowacct_timeout_item(flow_t **flow, list_hdr_t **item_hdr)
656 {
657 	list_hdr_t *next_it_hdr;
658 
659 	next_it_hdr = (*item_hdr)->next;
660 	flowacct_del_obj(&(*flow)->items, *item_hdr, FLOWACCT_DEL_OBJ);
661 	*item_hdr = next_it_hdr;
662 }
663 
664 /* Create a flow record for this timed out item */
665 static flow_records_t *
666 flowacct_create_record(flow_t *flow, list_hdr_t *ithdr)
667 {
668 	int count;
669 	flow_item_t *item = (flow_item_t *)ithdr->objp;
670 	flow_records_t *tmp_frec = NULL;
671 
672 	/* Record to be written into the accounting file */
673 	tmp_frec = kmem_zalloc(sizeof (flow_records_t), KM_NOSLEEP);
674 	if (tmp_frec == NULL) {
675 		flowacct0dbg(("flowacct_create_record: mem alloc error.\n"));
676 		return (NULL);
677 	}
678 	tmp_frec->fl_use = kmem_zalloc(sizeof (flow_usage_t), KM_NOSLEEP);
679 	if (tmp_frec->fl_use == NULL) {
680 		flowacct0dbg(("flowacct_create_record: mem alloc error\n"));
681 		kmem_free(tmp_frec, sizeof (flow_records_t));
682 		return (NULL);
683 	}
684 
685 	/* Copy the IP address */
686 	for (count = 0; count < 4; count++) {
687 		tmp_frec->fl_use->fu_saddr[count] =
688 		    htonl(flow->saddr.s6_addr32[count]);
689 		tmp_frec->fl_use->fu_daddr[count] =
690 		    htonl(flow->daddr.s6_addr32[count]);
691 	}
692 
693 	/*
694 	 * Ports, protocol, version, dsfield, project id, uid, nbytes, npackets
695 	 * creation time and last seen.
696 	 */
697 	tmp_frec->fl_use->fu_sport = htons(flow->sport);
698 	tmp_frec->fl_use->fu_dport = htons(flow->dport);
699 	tmp_frec->fl_use->fu_protocol = flow->proto;
700 	tmp_frec->fl_use->fu_isv4 = flow->isv4;
701 	tmp_frec->fl_use->fu_dsfield = item->dsfield;
702 	tmp_frec->fl_use->fu_projid = item->projid;
703 	tmp_frec->fl_use->fu_userid = item->uid;
704 	tmp_frec->fl_use->fu_nbytes = item->nbytes;
705 	tmp_frec->fl_use->fu_npackets = item->npackets;
706 	tmp_frec->fl_use->fu_lseen =
707 	    (uint64_t)(ulong_t)ithdr->last_seen.tv_sec;
708 	tmp_frec->fl_use->fu_ctime =
709 	    (uint64_t)(ulong_t)item->creation_time.tv_sec;
710 
711 	return (tmp_frec);
712 }
713 
714 /*
715  * Scan thru the timeout list and write the records to the accounting file, if
716  * possible. Basically step thru the timeout list maintained in the last
717  * hash bucket, FLOW_COUNT_TBL + 1, and timeout flows. This could be called
718  * from the timer, FLOWACCT_TIMER - delete only timed out flows or when this
719  * instance is deleted, FLOWACCT_PURGE_FLOW - delete all the flows from the
720  * table or as FLOWACCT_JUST_ONE - delete the first timed out flow. Since the
721  * flows are cronologically arranged in the timeout list,  when called as
722  * FLOWACCT_TIMER and FLOWACCT_JUST_ONE, we can stop when we come across
723  * the first flow that has not timed out (which means none of the following
724  * flows would have timed out).
725  */
726 void
727 flowacct_timer(int type, flowacct_data_t *flowacct_data)
728 {
729 	hrtime_t diff;
730 	timespec_t now;
731 	list_head_t *head, *thead;
732 	flow_t *flow;
733 	flow_item_t *item;
734 	list_hdr_t *fl_hdr, *next_fl_hdr;
735 	list_hdr_t *ithdr = (list_hdr_t *)NULL;
736 	flow_records_t *frec = NULL, *tmp_frec, *tail;
737 	uint64_t flow_size;
738 	uint64_t item_size;
739 
740 	ASSERT(flowacct_data != NULL);
741 
742 	/* 2s-complement for subtraction */
743 	flow_size = ~FLOWACCT_FLOW_RECORD_SZ + 1;
744 	item_size = ~FLOWACCT_ITEM_RECORD_SZ + 1;
745 
746 	/* Get the current time */
747 	gethrestime(&now);
748 
749 	/*
750 	 * For each flow in the table, scan thru all the items and delete
751 	 * those that have exceeded the timeout. If all the items in a
752 	 * flow have timed out, delete the flow entry as well. Finally,
753 	 * write all the delted items to the accounting file.
754 	 */
755 	thead = &flowacct_data->flows_tbl[FLOW_TBL_COUNT];
756 
757 	mutex_enter(&thead->lock);
758 	fl_hdr = thead->head;
759 	while (fl_hdr != NULL) {
760 		uint32_t	items_deleted = 0;
761 
762 		next_fl_hdr = fl_hdr->timeout_next;
763 		flow = (flow_t *)fl_hdr->objp;
764 		head = flow->back_ptr;
765 		mutex_enter(&head->lock);
766 
767 		/*LINTED*/
768 		FLOWACCT_DELTA(now, fl_hdr->last_seen, diff);
769 
770 		/*
771 		 * If type is FLOW_TIMER, then check if the item has timed out.
772 		 * If type is FLOW_PURGE delete the entry anyways.
773 		 */
774 		if ((type != FLOWACCT_PURGE_FLOW) &&
775 		    (diff < flowacct_data->timeout)) {
776 			mutex_exit(&head->lock);
777 			mutex_exit(&thead->lock);
778 			goto write_records;
779 		}
780 
781 		ithdr = flow->items.head;
782 		while (ithdr != NULL) {
783 			item = (flow_item_t *)ithdr->objp;
784 			/*
785 			 * Fill in the flow record to be
786 			 * written to the accounting file.
787 			 */
788 			tmp_frec = flowacct_create_record(flow, ithdr);
789 			/*
790 			 * If we don't have memory for records,
791 			 * we will come back in case this is
792 			 * called as FLOW_TIMER, else we will
793 			 * go ahead and delete the item from
794 			 * the table (when asked to PURGE the
795 			 * table), so there could be some
796 			 * entries not written to the file
797 			 * when this action instance is
798 			 * deleted.
799 			 */
800 			if (tmp_frec != NULL) {
801 				tmp_frec->fl_use->fu_aname =
802 				    flowacct_data->act_name;
803 				if (frec == NULL) {
804 					frec = tmp_frec;
805 					tail = frec;
806 				} else {
807 					tail->next = tmp_frec;
808 					tail = tmp_frec;
809 				}
810 			} else if (type != FLOWACCT_PURGE_FLOW) {
811 				mutex_exit(&head->lock);
812 				mutex_exit(&thead->lock);
813 				atomic_add_32(&flowacct_data->nflows,
814 				    (~items_deleted + 1));
815 				goto write_records;
816 			}
817 
818 			/* Update stats */
819 			atomic_add_64(&flowacct_data->tbytes, (~item->nbytes +
820 			    1));
821 
822 			/* Delete the item */
823 			flowacct_timeout_item(&flow, &ithdr);
824 			items_deleted++;
825 			atomic_add_64(&flowacct_data->usedmem, item_size);
826 		}
827 		ASSERT(flow->items.nbr_items == 0);
828 		atomic_add_32(&flowacct_data->nflows, (~items_deleted + 1));
829 
830 		/*
831 		 * Don't delete this flow if we are making place for
832 		 * a new item for this flow.
833 		 */
834 		if (!flow->inuse) {
835 			if (fl_hdr->timeout_prev != NULL) {
836 				fl_hdr->timeout_prev->timeout_next =
837 				    fl_hdr->timeout_next;
838 			} else {
839 				thead->head = fl_hdr->timeout_next;
840 			}
841 			if (fl_hdr->timeout_next != NULL) {
842 				fl_hdr->timeout_next->timeout_prev =
843 				    fl_hdr->timeout_prev;
844 			} else {
845 				thead->tail = fl_hdr->timeout_prev;
846 			}
847 			fl_hdr->timeout_prev = NULL;
848 			fl_hdr->timeout_next = NULL;
849 			flowacct_del_obj(head, fl_hdr, FLOWACCT_DEL_OBJ);
850 			atomic_add_64(&flowacct_data->usedmem, flow_size);
851 		}
852 		mutex_exit(&head->lock);
853 		if (type == FLOWACCT_JUST_ONE) {
854 			mutex_exit(&thead->lock);
855 			goto write_records;
856 		}
857 		fl_hdr = next_fl_hdr;
858 	}
859 	mutex_exit(&thead->lock);
860 write_records:
861 	/* Write all the timed out flows to the accounting file */
862 	while (frec != NULL) {
863 		tmp_frec = frec->next;
864 		exacct_commit_flow(frec->fl_use);
865 		kmem_free(frec->fl_use, sizeof (flow_usage_t));
866 		kmem_free(frec, sizeof (flow_records_t));
867 		frec = tmp_frec;
868 	}
869 }
870 
871 /*
872  * Get the IP header contents from the packet, update the flow table with
873  * this item and return.
874  */
875 int
876 flowacct_process(mblk_t **mpp, flowacct_data_t *flowacct_data)
877 {
878 	header_t *header;
879 	mblk_t *mp = *mpp;
880 
881 	ASSERT(mp != NULL);
882 
883 	/* If we don't find an M_DATA, return error */
884 	if (mp->b_datap->db_type != M_DATA) {
885 		if ((mp->b_cont != NULL) &&
886 		    (mp->b_cont->b_datap->db_type == M_DATA)) {
887 			mp = mp->b_cont;
888 		} else {
889 			flowacct0dbg(("flowacct_process: no data\n"));
890 			atomic_add_64(&flowacct_data->epackets, 1);
891 			return (EINVAL);
892 		}
893 	}
894 
895 	header = kmem_zalloc(FLOWACCT_HEADER_SZ, KM_NOSLEEP);
896 	if (header == NULL) {
897 		flowacct0dbg(("flowacct_process: error allocing mem"));
898 		atomic_add_64(&flowacct_data->epackets, 1);
899 		return (ENOMEM);
900 	}
901 
902 	/* Get all the required information into header. */
903 	if (flowacct_extract_header(mp, header) != 0) {
904 		kmem_free(header, FLOWACCT_HEADER_SZ);
905 		atomic_add_64(&flowacct_data->epackets, 1);
906 		return (EINVAL);
907 	}
908 
909 	/* Updated the flow table with this entry */
910 	if (flowacct_update_flows_tbl(header, flowacct_data) != 0) {
911 		kmem_free(header, FLOWACCT_HEADER_SZ);
912 		atomic_add_64(&flowacct_data->epackets, 1);
913 		return (ENOMEM);
914 	}
915 
916 	/* Update global stats */
917 	atomic_add_64(&flowacct_data->npackets, 1);
918 	atomic_add_64(&flowacct_data->nbytes, header->pktlen);
919 
920 	kmem_free(header, FLOWACCT_HEADER_SZ);
921 	if (flowacct_data->flow_tid == 0) {
922 		flowacct_data->flow_tid = timeout(flowacct_timeout_flows,
923 		    flowacct_data, drv_usectohz(flowacct_data->timer));
924 	}
925 	return (0);
926 }
927