]> git.saurik.com Git - apple/xnu.git/blob - bsd/netinet6/udp6_usrreq.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-7195.60.75.tar.gz
[apple/xnu.git] / bsd / netinet6 / udp6_usrreq.c
1 /*
2 * Copyright (c) 2000-2020 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
29 /* $FreeBSD: src/sys/netinet6/udp6_usrreq.c,v 1.6.2.6 2001/07/29 19:32:40 ume Exp $ */
30 /* $KAME: udp6_usrreq.c,v 1.27 2001/05/21 05:45:10 jinmei Exp $ */
31
32 /*
33 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
34 * All rights reserved.
35 *
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
38 * are met:
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 3. Neither the name of the project nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 */
60
61 /*
62 * Copyright (c) 1982, 1986, 1989, 1993
63 * The Regents of the University of California. All rights reserved.
64 *
65 * Redistribution and use in source and binary forms, with or without
66 * modification, are permitted provided that the following conditions
67 * are met:
68 * 1. Redistributions of source code must retain the above copyright
69 * notice, this list of conditions and the following disclaimer.
70 * 2. Redistributions in binary form must reproduce the above copyright
71 * notice, this list of conditions and the following disclaimer in the
72 * documentation and/or other materials provided with the distribution.
73 * 3. All advertising materials mentioning features or use of this software
74 * must display the following acknowledgement:
75 * This product includes software developed by the University of
76 * California, Berkeley and its contributors.
77 * 4. Neither the name of the University nor the names of its contributors
78 * may be used to endorse or promote products derived from this software
79 * without specific prior written permission.
80 *
81 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
82 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
83 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
84 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
85 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
86 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
87 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
88 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
89 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
90 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
91 * SUCH DAMAGE.
92 *
93 * @(#)udp_var.h 8.1 (Berkeley) 6/10/93
94 */
95 #include <sys/kernel.h>
96 #include <sys/malloc.h>
97 #include <sys/mbuf.h>
98 #include <sys/param.h>
99 #include <sys/protosw.h>
100 #include <sys/socket.h>
101 #include <sys/socketvar.h>
102 #include <sys/sysctl.h>
103 #include <sys/errno.h>
104 #include <sys/stat.h>
105 #include <sys/systm.h>
106 #include <sys/syslog.h>
107 #include <sys/proc.h>
108 #include <sys/kauth.h>
109
110 #include <net/if.h>
111 #include <net/route.h>
112 #include <net/if_types.h>
113 #include <net/ntstat.h>
114 #include <net/dlil.h>
115 #include <net/net_api_stats.h>
116
117 #include <netinet/in.h>
118 #include <netinet/in_systm.h>
119 #include <netinet/ip.h>
120 #include <netinet/in_pcb.h>
121 #include <netinet/in_var.h>
122 #include <netinet/ip_var.h>
123 #include <netinet/udp.h>
124 #include <netinet/udp_var.h>
125 #include <netinet/ip6.h>
126 #include <netinet6/ip6_var.h>
127 #include <netinet6/in6_pcb.h>
128 #include <netinet/icmp6.h>
129 #include <netinet6/udp6_var.h>
130 #include <netinet6/ip6protosw.h>
131
132 #if IPSEC
133 #include <netinet6/ipsec.h>
134 #include <netinet6/ipsec6.h>
135 #include <netinet6/esp6.h>
136 #include <netkey/key.h>
137 extern int ipsec_bypass;
138 extern int esp_udp_encap_port;
139 #endif /* IPSEC */
140
141 #if NECP
142 #include <net/necp.h>
143 #endif /* NECP */
144
145 #if FLOW_DIVERT
146 #include <netinet/flow_divert.h>
147 #endif /* FLOW_DIVERT */
148
149 #if CONTENT_FILTER
150 #include <net/content_filter.h>
151 #endif /* CONTENT_FILTER */
152
153 /*
154 * UDP protocol inplementation.
155 * Per RFC 768, August, 1980.
156 */
157
158 static int udp6_abort(struct socket *);
159 static int udp6_attach(struct socket *, int, struct proc *);
160 static int udp6_bind(struct socket *, struct sockaddr *, struct proc *);
161 static int udp6_connectx(struct socket *, struct sockaddr *,
162 struct sockaddr *, struct proc *, uint32_t, sae_associd_t,
163 sae_connid_t *, uint32_t, void *, uint32_t, struct uio *, user_ssize_t *);
164 static int udp6_detach(struct socket *);
165 static int udp6_disconnect(struct socket *);
166 static int udp6_disconnectx(struct socket *, sae_associd_t, sae_connid_t);
167 static int udp6_send(struct socket *, int, struct mbuf *, struct sockaddr *,
168 struct mbuf *, struct proc *);
169 static void udp6_append(struct inpcb *, struct ip6_hdr *,
170 struct sockaddr_in6 *, struct mbuf *, int, struct ifnet *);
171 static int udp6_input_checksum(struct mbuf *, struct udphdr *, int, int);
172
173 struct pr_usrreqs udp6_usrreqs = {
174 .pru_abort = udp6_abort,
175 .pru_attach = udp6_attach,
176 .pru_bind = udp6_bind,
177 .pru_connect = udp6_connect,
178 .pru_connectx = udp6_connectx,
179 .pru_control = in6_control,
180 .pru_detach = udp6_detach,
181 .pru_disconnect = udp6_disconnect,
182 .pru_disconnectx = udp6_disconnectx,
183 .pru_peeraddr = in6_mapped_peeraddr,
184 .pru_send = udp6_send,
185 .pru_shutdown = udp_shutdown,
186 .pru_sockaddr = in6_mapped_sockaddr,
187 .pru_sosend = sosend,
188 .pru_soreceive = soreceive,
189 .pru_soreceive_list = soreceive_list,
190 };
191
192 /*
193 * subroutine of udp6_input(), mainly for source code readability.
194 */
195 static void
196 udp6_append(struct inpcb *last, struct ip6_hdr *ip6,
197 struct sockaddr_in6 *udp_in6, struct mbuf *n, int off, struct ifnet *ifp)
198 {
199 #pragma unused(ip6)
200 struct mbuf *opts = NULL;
201 int ret = 0;
202 boolean_t cell = IFNET_IS_CELLULAR(ifp);
203 boolean_t wifi = (!cell && IFNET_IS_WIFI(ifp));
204 boolean_t wired = (!wifi && IFNET_IS_WIRED(ifp));
205
206 if ((last->in6p_flags & INP_CONTROLOPTS) != 0 ||
207 #if CONTENT_FILTER
208 /* Content Filter needs to see local address */
209 (last->in6p_socket->so_cfil_db != NULL) ||
210 #endif
211 (last->in6p_socket->so_options & SO_TIMESTAMP) != 0 ||
212 (last->in6p_socket->so_options & SO_TIMESTAMP_MONOTONIC) != 0 ||
213 (last->in6p_socket->so_options & SO_TIMESTAMP_CONTINUOUS) != 0) {
214 ret = ip6_savecontrol(last, n, &opts);
215 if (ret != 0) {
216 m_freem(n);
217 m_freem(opts);
218 return;
219 }
220 }
221 m_adj(n, off);
222 if (nstat_collect) {
223 INP_ADD_STAT(last, cell, wifi, wired, rxpackets, 1);
224 INP_ADD_STAT(last, cell, wifi, wired, rxbytes, n->m_pkthdr.len);
225 inp_set_activity_bitmap(last);
226 }
227 so_recv_data_stat(last->in6p_socket, n, 0);
228 if (sbappendaddr(&last->in6p_socket->so_rcv,
229 (struct sockaddr *)udp_in6, n, opts, NULL) == 0) {
230 udpstat.udps_fullsock++;
231 } else {
232 sorwakeup(last->in6p_socket);
233 }
234 }
235
236 int
237 udp6_input(struct mbuf **mp, int *offp, int proto)
238 {
239 #pragma unused(proto)
240 struct mbuf *m = *mp;
241 struct ifnet *ifp;
242 struct ip6_hdr *ip6;
243 struct udphdr *uh;
244 struct inpcb *in6p;
245 struct mbuf *opts = NULL;
246 int off = *offp;
247 int plen, ulen, ret = 0;
248 boolean_t cell, wifi, wired;
249 struct sockaddr_in6 udp_in6;
250 struct inpcbinfo *pcbinfo = &udbinfo;
251 struct sockaddr_in6 fromsa;
252 u_int16_t pf_tag = 0;
253
254 IP6_EXTHDR_CHECK(m, off, sizeof(struct udphdr), return IPPROTO_DONE);
255
256 /* Expect 32-bit aligned data pointer on strict-align platforms */
257 MBUF_STRICT_DATA_ALIGNMENT_CHECK_32(m);
258
259 ifp = m->m_pkthdr.rcvif;
260 ip6 = mtod(m, struct ip6_hdr *);
261 cell = IFNET_IS_CELLULAR(ifp);
262 wifi = (!cell && IFNET_IS_WIFI(ifp));
263 wired = (!wifi && IFNET_IS_WIRED(ifp));
264
265 if (m->m_flags & M_PKTHDR) {
266 pf_tag = m_pftag(m)->pftag_tag;
267 }
268
269 udpstat.udps_ipackets++;
270
271 plen = ntohs(ip6->ip6_plen) - off + sizeof(*ip6);
272 uh = (struct udphdr *)(void *)((caddr_t)ip6 + off);
273 ulen = ntohs((u_short)uh->uh_ulen);
274
275 if (plen != ulen) {
276 udpstat.udps_badlen++;
277 IF_UDP_STATINC(ifp, badlength);
278 goto bad;
279 }
280
281 /* destination port of 0 is illegal, based on RFC768. */
282 if (uh->uh_dport == 0) {
283 IF_UDP_STATINC(ifp, port0);
284 goto bad;
285 }
286
287 /*
288 * Checksum extended UDP header and data.
289 */
290 if (udp6_input_checksum(m, uh, off, ulen)) {
291 goto bad;
292 }
293
294 /*
295 * Construct sockaddr format source address.
296 */
297 init_sin6(&fromsa, m);
298 fromsa.sin6_port = uh->uh_sport;
299
300 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
301 int reuse_sock = 0, mcast_delivered = 0;
302 struct ip6_moptions *imo;
303
304 /*
305 * Deliver a multicast datagram to all sockets
306 * for which the local and remote addresses and ports match
307 * those of the incoming datagram. This allows more than
308 * one process to receive multicasts on the same port.
309 * (This really ought to be done for unicast datagrams as
310 * well, but that would cause problems with existing
311 * applications that open both address-specific sockets and
312 * a wildcard socket listening to the same port -- they would
313 * end up receiving duplicates of every unicast datagram.
314 * Those applications open the multiple sockets to overcome an
315 * inadequacy of the UDP socket interface, but for backwards
316 * compatibility we avoid the problem here rather than
317 * fixing the interface. Maybe 4.5BSD will remedy this?)
318 */
319
320 /*
321 * In a case that laddr should be set to the link-local
322 * address (this happens in RIPng), the multicast address
323 * specified in the received packet does not match with
324 * laddr. To cure this situation, the matching is relaxed
325 * if the receiving interface is the same as one specified
326 * in the socket and if the destination multicast address
327 * matches one of the multicast groups specified in the socket.
328 */
329
330 /*
331 * Construct sockaddr format source address.
332 */
333 init_sin6(&udp_in6, m); /* general init */
334 udp_in6.sin6_port = uh->uh_sport;
335 /*
336 * KAME note: usually we drop udphdr from mbuf here.
337 * We need udphdr for IPsec processing so we do that later.
338 */
339
340 /*
341 * Locate pcb(s) for datagram.
342 * (Algorithm copied from raw_intr().)
343 */
344 lck_rw_lock_shared(pcbinfo->ipi_lock);
345
346 LIST_FOREACH(in6p, &udb, inp_list) {
347 #if IPSEC
348 int skipit;
349 #endif /* IPSEC */
350
351 if ((in6p->inp_vflag & INP_IPV6) == 0) {
352 continue;
353 }
354
355 if (inp_restricted_recv(in6p, ifp)) {
356 continue;
357 }
358
359 if (in_pcb_checkstate(in6p, WNT_ACQUIRE, 0) ==
360 WNT_STOPUSING) {
361 continue;
362 }
363
364 udp_lock(in6p->in6p_socket, 1, 0);
365
366 if (in_pcb_checkstate(in6p, WNT_RELEASE, 1) ==
367 WNT_STOPUSING) {
368 udp_unlock(in6p->in6p_socket, 1, 0);
369 continue;
370 }
371 if (in6p->in6p_lport != uh->uh_dport) {
372 udp_unlock(in6p->in6p_socket, 1, 0);
373 continue;
374 }
375
376 /*
377 * Handle socket delivery policy for any-source
378 * and source-specific multicast. [RFC3678]
379 */
380 imo = in6p->in6p_moptions;
381 if (imo && IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) {
382 struct sockaddr_in6 mcaddr;
383 int blocked;
384
385 IM6O_LOCK(imo);
386 bzero(&mcaddr, sizeof(struct sockaddr_in6));
387 mcaddr.sin6_len = sizeof(struct sockaddr_in6);
388 mcaddr.sin6_family = AF_INET6;
389 mcaddr.sin6_addr = ip6->ip6_dst;
390
391 blocked = im6o_mc_filter(imo, ifp,
392 &mcaddr, &fromsa);
393 IM6O_UNLOCK(imo);
394 if (blocked != MCAST_PASS) {
395 udp_unlock(in6p->in6p_socket, 1, 0);
396 if (blocked == MCAST_NOTSMEMBER ||
397 blocked == MCAST_MUTED) {
398 udpstat.udps_filtermcast++;
399 }
400 continue;
401 }
402 }
403 if (!IN6_IS_ADDR_UNSPECIFIED(&in6p->in6p_faddr) &&
404 (!IN6_ARE_ADDR_EQUAL(&in6p->in6p_faddr,
405 &ip6->ip6_src) ||
406 in6p->in6p_fport != uh->uh_sport)) {
407 udp_unlock(in6p->in6p_socket, 1, 0);
408 continue;
409 }
410
411 reuse_sock = in6p->inp_socket->so_options &
412 (SO_REUSEPORT | SO_REUSEADDR);
413
414 #if NECP
415 skipit = 0;
416 if (!necp_socket_is_allowed_to_send_recv_v6(in6p,
417 uh->uh_dport, uh->uh_sport, &ip6->ip6_dst,
418 &ip6->ip6_src, ifp, pf_tag, NULL, NULL, NULL, NULL)) {
419 /* do not inject data to pcb */
420 skipit = 1;
421 }
422 if (skipit == 0)
423 #endif /* NECP */
424 {
425 struct mbuf *n = NULL;
426 /*
427 * KAME NOTE: do not
428 * m_copy(m, offset, ...) below.
429 * sbappendaddr() expects M_PKTHDR,
430 * and m_copy() will copy M_PKTHDR
431 * only if offset is 0.
432 */
433 if (reuse_sock) {
434 n = m_copy(m, 0, M_COPYALL);
435 }
436 udp6_append(in6p, ip6, &udp_in6, m,
437 off + sizeof(struct udphdr), ifp);
438 mcast_delivered++;
439 m = n;
440 }
441 udp_unlock(in6p->in6p_socket, 1, 0);
442
443 /*
444 * Don't look for additional matches if this one does
445 * not have either the SO_REUSEPORT or SO_REUSEADDR
446 * socket options set. This heuristic avoids searching
447 * through all pcbs in the common case of a non-shared
448 * port. It assumes that an application will never
449 * clear these options after setting them.
450 */
451 if (reuse_sock == 0 || m == NULL) {
452 break;
453 }
454
455 /*
456 * Expect 32-bit aligned data pointer on strict-align
457 * platforms.
458 */
459 MBUF_STRICT_DATA_ALIGNMENT_CHECK_32(m);
460
461 /*
462 * Recompute IP and UDP header pointers for new mbuf
463 */
464 ip6 = mtod(m, struct ip6_hdr *);
465 uh = (struct udphdr *)(void *)((caddr_t)ip6 + off);
466 }
467 lck_rw_done(pcbinfo->ipi_lock);
468
469 if (mcast_delivered == 0) {
470 /*
471 * No matching pcb found; discard datagram.
472 * (No need to send an ICMP Port Unreachable
473 * for a broadcast or multicast datgram.)
474 */
475 udpstat.udps_noport++;
476 udpstat.udps_noportmcast++;
477 IF_UDP_STATINC(ifp, port_unreach);
478 goto bad;
479 }
480
481 /* free the extra copy of mbuf or skipped by NECP */
482 if (m != NULL) {
483 m_freem(m);
484 }
485 return IPPROTO_DONE;
486 }
487
488 #if IPSEC
489 /*
490 * UDP to port 4500 with a payload where the first four bytes are
491 * not zero is a UDP encapsulated IPsec packet. Packets where
492 * the payload is one byte and that byte is 0xFF are NAT keepalive
493 * packets. Decapsulate the ESP packet and carry on with IPsec input
494 * or discard the NAT keep-alive.
495 */
496 if (ipsec_bypass == 0 && (esp_udp_encap_port & 0xFFFF) != 0 &&
497 (uh->uh_dport == ntohs((u_short)esp_udp_encap_port) ||
498 uh->uh_sport == ntohs((u_short)esp_udp_encap_port))) {
499 /*
500 * Check if ESP or keepalive:
501 * 1. If the destination port of the incoming packet is 4500.
502 * 2. If the source port of the incoming packet is 4500,
503 * then check the SADB to match IP address and port.
504 */
505 bool check_esp = true;
506 if (uh->uh_dport != ntohs((u_short)esp_udp_encap_port)) {
507 check_esp = key_checksa_present(AF_INET6, (caddr_t)&ip6->ip6_dst,
508 (caddr_t)&ip6->ip6_src, uh->uh_dport,
509 uh->uh_sport);
510 }
511
512 if (check_esp) {
513 int payload_len = ulen - sizeof(struct udphdr) > 4 ? 4 :
514 ulen - sizeof(struct udphdr);
515
516 if (m->m_len < off + sizeof(struct udphdr) + payload_len) {
517 if ((m = m_pullup(m, off + sizeof(struct udphdr) +
518 payload_len)) == NULL) {
519 udpstat.udps_hdrops++;
520 goto bad;
521 }
522 /*
523 * Expect 32-bit aligned data pointer on strict-align
524 * platforms.
525 */
526 MBUF_STRICT_DATA_ALIGNMENT_CHECK_32(m);
527
528 ip6 = mtod(m, struct ip6_hdr *);
529 uh = (struct udphdr *)(void *)((caddr_t)ip6 + off);
530 }
531 /* Check for NAT keepalive packet */
532 if (payload_len == 1 && *(u_int8_t*)
533 ((caddr_t)uh + sizeof(struct udphdr)) == 0xFF) {
534 goto bad;
535 } else if (payload_len == 4 && *(u_int32_t*)(void *)
536 ((caddr_t)uh + sizeof(struct udphdr)) != 0) {
537 /* UDP encapsulated IPsec packet to pass through NAT */
538 /* preserve the udp header */
539 *offp = off + sizeof(struct udphdr);
540 return esp6_input(mp, offp, IPPROTO_UDP);
541 }
542 }
543 }
544 #endif /* IPSEC */
545
546 /*
547 * Locate pcb for datagram.
548 */
549 in6p = in6_pcblookup_hash(&udbinfo, &ip6->ip6_src, uh->uh_sport,
550 &ip6->ip6_dst, uh->uh_dport, 1, m->m_pkthdr.rcvif);
551 if (in6p == NULL) {
552 IF_UDP_STATINC(ifp, port_unreach);
553
554 if (udp_log_in_vain) {
555 char buf[INET6_ADDRSTRLEN];
556
557 strlcpy(buf, ip6_sprintf(&ip6->ip6_dst), sizeof(buf));
558 if (udp_log_in_vain < 3) {
559 log(LOG_INFO, "Connection attempt to UDP "
560 "%s:%d from %s:%d\n", buf,
561 ntohs(uh->uh_dport),
562 ip6_sprintf(&ip6->ip6_src),
563 ntohs(uh->uh_sport));
564 } else if (!(m->m_flags & (M_BCAST | M_MCAST)) &&
565 !IN6_ARE_ADDR_EQUAL(&ip6->ip6_dst, &ip6->ip6_src)) {
566 log(LOG_INFO, "Connection attempt "
567 "to UDP %s:%d from %s:%d\n", buf,
568 ntohs(uh->uh_dport),
569 ip6_sprintf(&ip6->ip6_src),
570 ntohs(uh->uh_sport));
571 }
572 }
573 udpstat.udps_noport++;
574 if (m->m_flags & M_MCAST) {
575 printf("UDP6: M_MCAST is set in a unicast packet.\n");
576 udpstat.udps_noportmcast++;
577 IF_UDP_STATINC(ifp, badmcast);
578 goto bad;
579 }
580 icmp6_error(m, ICMP6_DST_UNREACH, ICMP6_DST_UNREACH_NOPORT, 0);
581 return IPPROTO_DONE;
582 }
583 #if NECP
584 if (!necp_socket_is_allowed_to_send_recv_v6(in6p, uh->uh_dport,
585 uh->uh_sport, &ip6->ip6_dst, &ip6->ip6_src, ifp, pf_tag, NULL, NULL, NULL, NULL)) {
586 in_pcb_checkstate(in6p, WNT_RELEASE, 0);
587 IF_UDP_STATINC(ifp, badipsec);
588 goto bad;
589 }
590 #endif /* NECP */
591
592 /*
593 * Construct sockaddr format source address.
594 * Stuff source address and datagram in user buffer.
595 */
596 udp_lock(in6p->in6p_socket, 1, 0);
597
598 if (in_pcb_checkstate(in6p, WNT_RELEASE, 1) == WNT_STOPUSING) {
599 udp_unlock(in6p->in6p_socket, 1, 0);
600 IF_UDP_STATINC(ifp, cleanup);
601 goto bad;
602 }
603
604 init_sin6(&udp_in6, m); /* general init */
605 udp_in6.sin6_port = uh->uh_sport;
606 if ((in6p->in6p_flags & INP_CONTROLOPTS) != 0 ||
607 #if CONTENT_FILTER
608 /* Content Filter needs to see local address */
609 (in6p->in6p_socket->so_cfil_db != NULL) ||
610 #endif
611 (in6p->in6p_socket->so_options & SO_TIMESTAMP) != 0 ||
612 (in6p->in6p_socket->so_options & SO_TIMESTAMP_MONOTONIC) != 0 ||
613 (in6p->in6p_socket->so_options & SO_TIMESTAMP_CONTINUOUS) != 0) {
614 ret = ip6_savecontrol(in6p, m, &opts);
615 if (ret != 0) {
616 udp_unlock(in6p->in6p_socket, 1, 0);
617 goto bad;
618 }
619 }
620 m_adj(m, off + sizeof(struct udphdr));
621 if (nstat_collect) {
622 INP_ADD_STAT(in6p, cell, wifi, wired, rxpackets, 1);
623 INP_ADD_STAT(in6p, cell, wifi, wired, rxbytes, m->m_pkthdr.len);
624 inp_set_activity_bitmap(in6p);
625 }
626 so_recv_data_stat(in6p->in6p_socket, m, 0);
627 if (sbappendaddr(&in6p->in6p_socket->so_rcv,
628 (struct sockaddr *)&udp_in6, m, opts, NULL) == 0) {
629 m = NULL;
630 opts = NULL;
631 udpstat.udps_fullsock++;
632 udp_unlock(in6p->in6p_socket, 1, 0);
633 goto bad;
634 }
635 sorwakeup(in6p->in6p_socket);
636 udp_unlock(in6p->in6p_socket, 1, 0);
637 return IPPROTO_DONE;
638 bad:
639 if (m != NULL) {
640 m_freem(m);
641 }
642 if (opts != NULL) {
643 m_freem(opts);
644 }
645 return IPPROTO_DONE;
646 }
647
648 void
649 udp6_ctlinput(int cmd, struct sockaddr *sa, void *d, __unused struct ifnet *ifp)
650 {
651 struct udphdr uh;
652 struct ip6_hdr *ip6;
653 struct mbuf *m;
654 int off = 0;
655 struct ip6ctlparam *ip6cp = NULL;
656 struct icmp6_hdr *icmp6 = NULL;
657 const struct sockaddr_in6 *sa6_src = NULL;
658 void *cmdarg = NULL;
659 void (*notify)(struct inpcb *, int) = udp_notify;
660 struct inpcb *in6p;
661 struct udp_portonly {
662 u_int16_t uh_sport;
663 u_int16_t uh_dport;
664 } *uhp;
665
666 if (sa->sa_family != AF_INET6 ||
667 sa->sa_len != sizeof(struct sockaddr_in6)) {
668 return;
669 }
670
671 if ((unsigned)cmd >= PRC_NCMDS) {
672 return;
673 }
674 if (PRC_IS_REDIRECT(cmd)) {
675 notify = in6_rtchange;
676 d = NULL;
677 } else if (cmd == PRC_HOSTDEAD) {
678 d = NULL;
679 } else if (inet6ctlerrmap[cmd] == 0) {
680 return;
681 }
682
683 /* if the parameter is from icmp6, decode it. */
684 if (d != NULL) {
685 ip6cp = (struct ip6ctlparam *)d;
686 icmp6 = ip6cp->ip6c_icmp6;
687 m = ip6cp->ip6c_m;
688 ip6 = ip6cp->ip6c_ip6;
689 off = ip6cp->ip6c_off;
690 cmdarg = ip6cp->ip6c_cmdarg;
691 sa6_src = ip6cp->ip6c_src;
692 } else {
693 m = NULL;
694 ip6 = NULL;
695 cmdarg = NULL;
696 sa6_src = &sa6_any;
697 }
698
699 if (ip6 != NULL) {
700 /*
701 * XXX: We assume that when IPV6 is non NULL,
702 * M and OFF are valid.
703 */
704 /* check if we can safely examine src and dst ports */
705 if (m->m_pkthdr.len < off + sizeof(*uhp)) {
706 return;
707 }
708
709 bzero(&uh, sizeof(uh));
710 m_copydata(m, off, sizeof(*uhp), (caddr_t)&uh);
711
712 in6p = in6_pcblookup_hash(&udbinfo, &ip6->ip6_dst, uh.uh_dport,
713 &ip6->ip6_src, uh.uh_sport, 0, NULL);
714 if (cmd == PRC_MSGSIZE && in6p != NULL && !uuid_is_null(in6p->necp_client_uuid)) {
715 uuid_t null_uuid;
716 uuid_clear(null_uuid);
717 necp_update_flow_protoctl_event(null_uuid, in6p->necp_client_uuid,
718 PRC_MSGSIZE, ntohl(icmp6->icmp6_mtu), 0);
719 }
720
721 (void) in6_pcbnotify(&udbinfo, sa, uh.uh_dport,
722 (struct sockaddr*)ip6cp->ip6c_src, uh.uh_sport,
723 cmd, cmdarg, notify);
724 }
725 /*
726 * XXX The else condition here was broken for a long time.
727 * Fixing it made us deliver notification correctly but broke
728 * some frameworks that didn't handle it well.
729 * For now we have removed it and will revisit it later.
730 */
731 }
732
733 static int
734 udp6_abort(struct socket *so)
735 {
736 struct inpcb *inp;
737
738 inp = sotoinpcb(so);
739 if (inp == NULL) {
740 panic("%s: so=%p null inp\n", __func__, so);
741 /* NOTREACHED */
742 }
743 soisdisconnected(so);
744 in6_pcbdetach(inp);
745 return 0;
746 }
747
748 static int
749 udp6_attach(struct socket *so, int proto, struct proc *p)
750 {
751 #pragma unused(proto)
752 struct inpcb *inp;
753 int error;
754
755 inp = sotoinpcb(so);
756 if (inp != NULL) {
757 return EINVAL;
758 }
759
760 error = in_pcballoc(so, &udbinfo, p);
761 if (error) {
762 return error;
763 }
764
765 if (so->so_snd.sb_hiwat == 0 || so->so_rcv.sb_hiwat == 0) {
766 error = soreserve(so, udp_sendspace, udp_recvspace);
767 if (error) {
768 return error;
769 }
770 }
771 inp = (struct inpcb *)so->so_pcb;
772 inp->inp_vflag |= INP_IPV6;
773 if (ip6_mapped_addr_on) {
774 inp->inp_vflag |= INP_IPV4;
775 }
776 inp->in6p_hops = -1; /* use kernel default */
777 inp->in6p_cksum = -1; /* just to be sure */
778 /*
779 * XXX: ugly!!
780 * IPv4 TTL initialization is necessary for an IPv6 socket as well,
781 * because the socket may be bound to an IPv6 wildcard address,
782 * which may match an IPv4-mapped IPv6 address.
783 */
784 inp->inp_ip_ttl = (u_char)ip_defttl;
785 if (nstat_collect) {
786 nstat_udp_new_pcb(inp);
787 }
788 return 0;
789 }
790
791 static int
792 udp6_bind(struct socket *so, struct sockaddr *nam, struct proc *p)
793 {
794 struct inpcb *inp;
795 int error;
796
797 inp = sotoinpcb(so);
798 if (inp == NULL) {
799 return EINVAL;
800 }
801
802 inp->inp_vflag &= ~INP_IPV4;
803 inp->inp_vflag |= INP_IPV6;
804 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0) {
805 struct sockaddr_in6 *sin6_p;
806
807 sin6_p = (struct sockaddr_in6 *)(void *)nam;
808
809 if (IN6_IS_ADDR_UNSPECIFIED(&sin6_p->sin6_addr)) {
810 inp->inp_vflag |= INP_IPV4;
811 } else if (IN6_IS_ADDR_V4MAPPED(&sin6_p->sin6_addr)) {
812 struct sockaddr_in sin;
813
814 in6_sin6_2_sin(&sin, sin6_p);
815 inp->inp_vflag |= INP_IPV4;
816 inp->inp_vflag &= ~INP_IPV6;
817 error = in_pcbbind(inp, (struct sockaddr *)&sin, p);
818 return error;
819 }
820 }
821
822 error = in6_pcbbind(inp, nam, p);
823 return error;
824 }
825
826 int
827 udp6_connect(struct socket *so, struct sockaddr *nam, struct proc *p)
828 {
829 struct inpcb *inp;
830 int error;
831 #if defined(NECP) && defined(FLOW_DIVERT)
832 int should_use_flow_divert = 0;
833 #endif /* defined(NECP) && defined(FLOW_DIVERT) */
834
835 inp = sotoinpcb(so);
836 if (inp == NULL) {
837 return EINVAL;
838 }
839
840 #if defined(NECP) && defined(FLOW_DIVERT)
841 should_use_flow_divert = necp_socket_should_use_flow_divert(inp);
842 #endif /* defined(NECP) && defined(FLOW_DIVERT) */
843
844 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0) {
845 struct sockaddr_in6 *sin6_p;
846
847 sin6_p = (struct sockaddr_in6 *)(void *)nam;
848 if (IN6_IS_ADDR_V4MAPPED(&sin6_p->sin6_addr)) {
849 struct sockaddr_in sin;
850
851 if (inp->inp_faddr.s_addr != INADDR_ANY) {
852 return EISCONN;
853 }
854
855 if (!(so->so_flags1 & SOF1_CONNECT_COUNTED)) {
856 so->so_flags1 |= SOF1_CONNECT_COUNTED;
857 INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_inet_dgram_connected);
858 }
859
860 in6_sin6_2_sin(&sin, sin6_p);
861 #if defined(NECP) && defined(FLOW_DIVERT)
862 if (should_use_flow_divert) {
863 goto do_flow_divert;
864 }
865 #endif /* defined(NECP) && defined(FLOW_DIVERT) */
866 error = in_pcbconnect(inp, (struct sockaddr *)&sin,
867 p, IFSCOPE_NONE, NULL);
868 if (error == 0) {
869 #if NECP
870 /* Update NECP client with connected five-tuple */
871 if (!uuid_is_null(inp->necp_client_uuid)) {
872 socket_unlock(so, 0);
873 necp_client_assign_from_socket(so->last_pid, inp->necp_client_uuid, inp);
874 socket_lock(so, 0);
875 }
876 #endif /* NECP */
877 inp->inp_vflag |= INP_IPV4;
878 inp->inp_vflag &= ~INP_IPV6;
879 soisconnected(so);
880 }
881 return error;
882 }
883 }
884
885 if (!IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) {
886 return EISCONN;
887 }
888
889 if (!(so->so_flags1 & SOF1_CONNECT_COUNTED)) {
890 so->so_flags1 |= SOF1_CONNECT_COUNTED;
891 INC_ATOMIC_INT64_LIM(net_api_stats.nas_socket_inet6_dgram_connected);
892 }
893
894 #if defined(NECP) && defined(FLOW_DIVERT)
895 do_flow_divert:
896 if (should_use_flow_divert) {
897 error = flow_divert_pcb_init(so);
898 if (error == 0) {
899 error = flow_divert_connect_out(so, nam, p);
900 }
901 return error;
902 }
903 #endif /* defined(NECP) && defined(FLOW_DIVERT) */
904
905 error = in6_pcbconnect(inp, nam, p);
906 if (error == 0) {
907 /* should be non mapped addr */
908 if (ip6_mapped_addr_on ||
909 (inp->inp_flags & IN6P_IPV6_V6ONLY) == 0) {
910 inp->inp_vflag &= ~INP_IPV4;
911 inp->inp_vflag |= INP_IPV6;
912 }
913 #if NECP
914 /* Update NECP client with connected five-tuple */
915 if (!uuid_is_null(inp->necp_client_uuid)) {
916 socket_unlock(so, 0);
917 necp_client_assign_from_socket(so->last_pid, inp->necp_client_uuid, inp);
918 socket_lock(so, 0);
919 }
920 #endif /* NECP */
921 soisconnected(so);
922 if (inp->inp_flowhash == 0) {
923 inp->inp_flowhash = inp_calc_flowhash(inp);
924 }
925 /* update flowinfo - RFC 6437 */
926 if (inp->inp_flow == 0 &&
927 inp->in6p_flags & IN6P_AUTOFLOWLABEL) {
928 inp->inp_flow &= ~IPV6_FLOWLABEL_MASK;
929 inp->inp_flow |=
930 (htonl(inp->inp_flowhash) & IPV6_FLOWLABEL_MASK);
931 }
932 }
933 return error;
934 }
935
936 static int
937 udp6_connectx(struct socket *so, struct sockaddr *src,
938 struct sockaddr *dst, struct proc *p, uint32_t ifscope,
939 sae_associd_t aid, sae_connid_t *pcid, uint32_t flags, void *arg,
940 uint32_t arglen, struct uio *uio, user_ssize_t *bytes_written)
941 {
942 return udp_connectx_common(so, AF_INET6, src, dst,
943 p, ifscope, aid, pcid, flags, arg, arglen, uio, bytes_written);
944 }
945
946 static int
947 udp6_detach(struct socket *so)
948 {
949 struct inpcb *inp;
950
951 inp = sotoinpcb(so);
952 if (inp == NULL) {
953 return EINVAL;
954 }
955 in6_pcbdetach(inp);
956 return 0;
957 }
958
959 static int
960 udp6_disconnect(struct socket *so)
961 {
962 struct inpcb *inp;
963
964 inp = sotoinpcb(so);
965 if (inp == NULL
966 #if NECP
967 || (necp_socket_should_use_flow_divert(inp))
968 #endif /* NECP */
969 ) {
970 return inp == NULL ? EINVAL : EPROTOTYPE;
971 }
972
973 if (inp->inp_vflag & INP_IPV4) {
974 struct pr_usrreqs *pru;
975
976 pru = ip_protox[IPPROTO_UDP]->pr_usrreqs;
977 return (*pru->pru_disconnect)(so);
978 }
979
980 if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) {
981 return ENOTCONN;
982 }
983
984 in6_pcbdisconnect(inp);
985
986 /* reset flow-controlled state, just in case */
987 inp_reset_fc_state(inp);
988
989 inp->in6p_laddr = in6addr_any;
990 inp->in6p_last_outifp = NULL;
991
992 so->so_state &= ~SS_ISCONNECTED; /* XXX */
993 return 0;
994 }
995
996 static int
997 udp6_disconnectx(struct socket *so, sae_associd_t aid, sae_connid_t cid)
998 {
999 #pragma unused(cid)
1000 if (aid != SAE_ASSOCID_ANY && aid != SAE_ASSOCID_ALL) {
1001 return EINVAL;
1002 }
1003
1004 return udp6_disconnect(so);
1005 }
1006
1007 static int
1008 udp6_send(struct socket *so, int flags, struct mbuf *m, struct sockaddr *addr,
1009 struct mbuf *control, struct proc *p)
1010 {
1011 struct inpcb *inp;
1012 int error = 0;
1013 #if defined(NECP) && defined(FLOW_DIVERT)
1014 int should_use_flow_divert = 0;
1015 #endif /* defined(NECP) && defined(FLOW_DIVERT) */
1016 #if CONTENT_FILTER
1017 struct m_tag *cfil_tag = NULL;
1018 struct sockaddr *cfil_faddr = NULL;
1019 #endif
1020
1021 inp = sotoinpcb(so);
1022 if (inp == NULL) {
1023 error = EINVAL;
1024 goto bad;
1025 }
1026
1027 #if CONTENT_FILTER
1028 //If socket is subject to UDP Content Filter and unconnected, get addr from tag.
1029 if (so->so_cfil_db && !addr && IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_faddr)) {
1030 cfil_tag = cfil_dgram_get_socket_state(m, NULL, NULL, &cfil_faddr, NULL);
1031 if (cfil_tag) {
1032 addr = (struct sockaddr *)cfil_faddr;
1033 }
1034 }
1035 #endif
1036
1037 #if defined(NECP) && defined(FLOW_DIVERT)
1038 should_use_flow_divert = necp_socket_should_use_flow_divert(inp);
1039 #endif /* defined(NECP) && defined(FLOW_DIVERT) */
1040
1041 if (addr != NULL) {
1042 if (addr->sa_len != sizeof(struct sockaddr_in6)) {
1043 error = EINVAL;
1044 goto bad;
1045 }
1046 if (addr->sa_family != AF_INET6) {
1047 error = EAFNOSUPPORT;
1048 goto bad;
1049 }
1050 }
1051
1052 if (ip6_mapped_addr_on || (inp->inp_flags & IN6P_IPV6_V6ONLY) == 0) {
1053 int hasv4addr;
1054 struct sockaddr_in6 *sin6 = NULL;
1055
1056 if (addr == NULL) {
1057 hasv4addr = (inp->inp_vflag & INP_IPV4);
1058 } else {
1059 sin6 = (struct sockaddr_in6 *)(void *)addr;
1060 hasv4addr =
1061 IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr) ? 1 : 0;
1062 }
1063 if (hasv4addr) {
1064 struct pr_usrreqs *pru;
1065
1066 if (sin6 != NULL) {
1067 in6_sin6_2_sin_in_sock(addr);
1068 }
1069 #if defined(NECP) && defined(FLOW_DIVERT)
1070 if (should_use_flow_divert) {
1071 goto do_flow_divert;
1072 }
1073 #endif /* defined(NECP) && defined(FLOW_DIVERT) */
1074 pru = ip_protox[IPPROTO_UDP]->pr_usrreqs;
1075 error = ((*pru->pru_send)(so, flags, m, addr,
1076 control, p));
1077 #if CONTENT_FILTER
1078 if (cfil_tag) {
1079 m_tag_free(cfil_tag);
1080 }
1081 #endif
1082 /* addr will just be freed in sendit(). */
1083 return error;
1084 }
1085 }
1086
1087 #if defined(NECP) && defined(FLOW_DIVERT)
1088 do_flow_divert:
1089 if (should_use_flow_divert) {
1090 /* Implicit connect */
1091 error = flow_divert_implicit_data_out(so, flags, m, addr, control, p);
1092 #if CONTENT_FILTER
1093 if (cfil_tag) {
1094 m_tag_free(cfil_tag);
1095 }
1096 #endif
1097 return error;
1098 }
1099 #endif /* defined(NECP) && defined(FLOW_DIVERT) */
1100
1101 error = udp6_output(inp, m, addr, control, p);
1102 #if CONTENT_FILTER
1103 if (cfil_tag) {
1104 m_tag_free(cfil_tag);
1105 }
1106 #endif
1107 return error;
1108
1109 bad:
1110 VERIFY(error != 0);
1111
1112 if (m != NULL) {
1113 m_freem(m);
1114 }
1115 if (control != NULL) {
1116 m_freem(control);
1117 }
1118 #if CONTENT_FILTER
1119 if (cfil_tag) {
1120 m_tag_free(cfil_tag);
1121 }
1122 #endif
1123 return error;
1124 }
1125
1126 /*
1127 * Checksum extended UDP header and data.
1128 */
1129 static int
1130 udp6_input_checksum(struct mbuf *m, struct udphdr *uh, int off, int ulen)
1131 {
1132 struct ifnet *ifp = m->m_pkthdr.rcvif;
1133 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
1134
1135 if (!(m->m_pkthdr.csum_flags & CSUM_DATA_VALID) &&
1136 uh->uh_sum == 0) {
1137 /* UDP/IPv6 checksum is mandatory (RFC2460) */
1138
1139 /*
1140 * If checksum was already validated, ignore this check.
1141 * This is necessary for transport-mode ESP, which may be
1142 * getting UDP payloads without checksums when the network
1143 * has a NAT64.
1144 */
1145 udpstat.udps_nosum++;
1146 goto badsum;
1147 }
1148
1149 if ((hwcksum_rx || (ifp->if_flags & IFF_LOOPBACK) ||
1150 (m->m_pkthdr.pkt_flags & PKTF_LOOP)) &&
1151 (m->m_pkthdr.csum_flags & CSUM_DATA_VALID)) {
1152 if (m->m_pkthdr.csum_flags & CSUM_PSEUDO_HDR) {
1153 uh->uh_sum = m->m_pkthdr.csum_rx_val;
1154 } else {
1155 uint32_t sum = m->m_pkthdr.csum_rx_val;
1156 uint32_t start = m->m_pkthdr.csum_rx_start;
1157 int32_t trailer = (m_pktlen(m) - (off + ulen));
1158
1159 /*
1160 * Perform 1's complement adjustment of octets
1161 * that got included/excluded in the hardware-
1162 * calculated checksum value. Also take care
1163 * of any trailing bytes and subtract out
1164 * their partial sum.
1165 */
1166 ASSERT(trailer >= 0);
1167 if ((m->m_pkthdr.csum_flags & CSUM_PARTIAL) &&
1168 (start != off || trailer != 0)) {
1169 uint32_t swbytes = (uint32_t)trailer;
1170 uint16_t s = 0, d = 0;
1171
1172 if (IN6_IS_SCOPE_EMBED(&ip6->ip6_src)) {
1173 s = ip6->ip6_src.s6_addr16[1];
1174 ip6->ip6_src.s6_addr16[1] = 0;
1175 }
1176 if (IN6_IS_SCOPE_EMBED(&ip6->ip6_dst)) {
1177 d = ip6->ip6_dst.s6_addr16[1];
1178 ip6->ip6_dst.s6_addr16[1] = 0;
1179 }
1180
1181 /* callee folds in sum */
1182 sum = m_adj_sum16(m, start, off, ulen, sum);
1183 if (off > start) {
1184 swbytes += (off - start);
1185 } else {
1186 swbytes += (start - off);
1187 }
1188
1189 if (IN6_IS_SCOPE_EMBED(&ip6->ip6_src)) {
1190 ip6->ip6_src.s6_addr16[1] = s;
1191 }
1192 if (IN6_IS_SCOPE_EMBED(&ip6->ip6_dst)) {
1193 ip6->ip6_dst.s6_addr16[1] = d;
1194 }
1195
1196 if (swbytes != 0) {
1197 udp_in_cksum_stats(swbytes);
1198 }
1199 if (trailer != 0) {
1200 m_adj(m, -trailer);
1201 }
1202 }
1203
1204 uh->uh_sum = in6_pseudo(&ip6->ip6_src, &ip6->ip6_dst,
1205 sum + htonl(ulen + IPPROTO_UDP));
1206 }
1207 uh->uh_sum ^= 0xffff;
1208 } else {
1209 udp_in6_cksum_stats(ulen);
1210 uh->uh_sum = in6_cksum(m, IPPROTO_UDP, off, ulen);
1211 }
1212
1213 if (uh->uh_sum != 0) {
1214 badsum:
1215 udpstat.udps_badsum++;
1216 IF_UDP_STATINC(ifp, badchksum);
1217 return -1;
1218 }
1219
1220 return 0;
1221 }
mirror of XNU