/*
- * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
+ * Copyright (c) 1998-2011 Apple Inc. All rights reserved.
*
- * @APPLE_LICENSE_HEADER_START@
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
*
- * The contents of this file constitute Original Code as defined in and
- * are subject to the Apple Public Source License Version 1.1 (the
- * "License"). You may not use this file except in compliance with the
- * License. Please obtain a copy of the License at
- * http://www.apple.com/publicsource and read it before using this file.
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. The rights granted to you under the License
+ * may not be used to create, or enable the creation or redistribution of,
+ * unlawful or unlicensed copies of an Apple operating system, or to
+ * circumvent, violate, or enable the circumvention or violation of, any
+ * terms of an Apple operating system software license agreement.
*
- * This Original Code and all software distributed under the License are
- * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
- * License for the specific language governing rights and limitations
- * under the License.
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
*
- * @APPLE_LICENSE_HEADER_END@
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
*/
-/* Copyright (c) 1998, 1999 Apple Computer, Inc. All Rights Reserved */
/* Copyright (c) 1995 NeXT Computer, Inc. All Rights Reserved */
/*
* Copyright (c) 1982, 1986, 1993
#include <sys/time.h>
#include <sys/kernel.h>
#include <sys/systm.h>
-#include <sys/proc.h>
+#include <sys/proc_internal.h>
#include <sys/sysctl.h>
#include <sys/syslog.h>
#include <sys/queue.h>
-void pffasttimo __P((void *));
-void pfslowtimo __P((void *));
+#include <pexpert/pexpert.h>
+
+void init_domain(struct domain *dp) __attribute__((section("__TEXT, initcode")));
+void prepend_domain(struct domain *dp) __attribute__((section("__TEXT, initcode")));
+
+void pfslowtimo(void *);
+
+struct protosw *pffindprotonotype(int, int);
+struct protosw *pffindprotonotype_locked(int , int , int);
+struct domain *pffinddomain(int);
+static void net_update_uptime(void);
/*
* Add/delete 'domain': Link structure into system list,
* To delete, just remove from the list (dom_refs must be zero)
*/
+lck_grp_t *domain_proto_mtx_grp;
+lck_attr_t *domain_proto_mtx_attr;
+static lck_grp_attr_t *domain_proto_mtx_grp_attr;
+lck_mtx_t *domain_proto_mtx;
+extern int do_reclaim;
+
+extern sysctlfn net_sysctl;
+
+static u_int64_t uptime;
+
+#ifdef INET6
+extern void ip6_fin(void);
+#endif
+
+static void
+init_proto(struct protosw *pr)
+{
+ TAILQ_INIT(&pr->pr_filter_head);
+ if (pr->pr_init)
+ (*pr->pr_init)();
+
+ /* Make sure pr_init isn't called again!! */
+ pr->pr_init = 0;
+}
-void init_domain(register struct domain *dp)
+void
+init_domain(struct domain *dp)
{
struct protosw *pr;
+ if ((dp->dom_mtx = lck_mtx_alloc_init(domain_proto_mtx_grp, domain_proto_mtx_attr)) == NULL) {
+ printf("init_domain: can't init domain mtx for domain=%s\n", dp->dom_name);
+ return; /* we have a problem... */
+ }
+
if (dp->dom_init)
(*dp->dom_init)();
dp->dom_name,
(int)(pr - dp->dom_protosw));
- if (pr->pr_init)
- (*pr->pr_init)();
+#if __APPLE__
+ /*
+ * Warn that pr_fasttimo (now pr_unused) is deprecated since rdar://7617868
+ */
+ if (pr->pr_unused != NULL) {
+ printf("init_domain: warning %s, proto %d: pr_fasttimo is deprecated and won't be called\n",
+ dp->dom_name, pr->pr_protocol);
+ }
+#endif
+
+ init_proto(pr);
+
}
/* Recompute for new protocol */
max_datalen = MHLEN - max_hdr;
}
-void concat_domain(struct domain *dp)
-{
+void
+prepend_domain(struct domain *dp)
+{
+ lck_mtx_assert(domain_proto_mtx, LCK_MTX_ASSERT_OWNED);
dp->dom_next = domains;
domains = dp;
}
void
-net_add_domain(register struct domain *dp)
-{ register struct protosw *pr;
- register int s;
- extern int splhigh(void);
- extern int splx(int);
-
+net_add_domain(struct domain *dp)
+{
kprintf("Adding domain %s (family %d)\n", dp->dom_name,
dp->dom_family);
/* First, link in the domain */
- s = splhigh();
- concat_domain(dp);
+ lck_mtx_lock(domain_proto_mtx);
+ prepend_domain(dp);
init_domain(dp);
+ lck_mtx_unlock(domain_proto_mtx);
- splx(s);
}
int
-net_del_domain(register struct domain *dp)
+net_del_domain(struct domain *dp)
{ register struct domain *dp1, *dp2;
- register int s, retval = 0;
- extern int splhigh(void);
- extern int splx(int);
+ register int retval = 0;
+
+ lck_mtx_lock(domain_proto_mtx);
- if (dp->dom_refs)
+ if (dp->dom_refs) {
+ lck_mtx_unlock(domain_proto_mtx);
return(EBUSY);
-
- s = splhigh();
+ }
for (dp2 = NULL, dp1 = domains; dp1; dp2 = dp1, dp1 = dp1->dom_next)
{ if (dp == dp1)
domains = dp1->dom_next;
} else
retval = EPFNOSUPPORT;
- splx(s);
+ lck_mtx_unlock(domain_proto_mtx);
return(retval);
}
/*
* net_add_proto - link a protosw into a domain's protosw chain
+ *
+ * note: protocols must use their own domain lock before calling net_add_proto
*/
int
-net_add_proto(register struct protosw *pp,
- register struct domain *dp)
+net_add_proto(struct protosw *pp, struct domain *dp)
{ register struct protosw *pp1, *pp2;
- register int s;
- extern int splhigh(void);
- extern int splx(int);
- s = splhigh();
for (pp2 = NULL, pp1 = dp->dom_protosw; pp1; pp1 = pp1->pr_next)
{ if (pp1->pr_type == pp->pr_type &&
pp1->pr_protocol == pp->pr_protocol) {
- splx(s);
return(EEXIST);
}
pp2 = pp1;
dp->dom_protosw = pp;
else
pp2->pr_next = pp;
- pp->pr_next = NULL;
- TAILQ_INIT(&pp->pr_sfilter);
- if (pp->pr_init)
- (*pp->pr_init)();
- /* Make sure pr_init isn't called again!! */
- pp->pr_init = 0;
- splx(s);
+ init_proto(pp);
+
return(0);
}
* net_del_proto - remove a protosw from a domain's protosw chain.
* Search the protosw chain for the element with matching data.
* Then unlink and return.
+ *
+ * note: protocols must use their own domain lock before calling net_del_proto
*/
int
-net_del_proto(register int type,
- register int protocol,
- register struct domain *dp)
-{ register struct protosw *pp1, *pp2;
- int s;
- extern int splhigh(void);
- extern int splx(int);
+net_del_proto(int type, int protocol, struct domain *dp)
+{
+ register struct protosw *pp1, *pp2;
- s = splhigh();
for (pp2 = NULL, pp1 = dp->dom_protosw; pp1; pp1 = pp1->pr_next)
{ if (pp1->pr_type == type &&
pp1->pr_protocol == protocol)
pp2 = pp1;
}
if (pp1 == NULL) {
- splx(s);
return(ENXIO);
}
if (pp2)
pp2->pr_next = pp1->pr_next;
else
dp->dom_protosw = pp1->pr_next;
- splx(s);
return(0);
}
-void
-domaininit()
-{ register struct domain *dp;
- register struct protosw *pr;
- extern struct domain localdomain, routedomain, ndrvdomain, inetdomain;
- extern struct domain systemdomain;
#if NS
- extern struct domain nsdomain;
+extern struct domain nsdomain;
#endif
#if ISO
- extern struct domain isodomain;
+extern struct domain isodomain;
#endif
#if CCITT
- extern struct domain ccittdomain;
+extern struct domain ccittdomain;
#endif
#if NETAT
- extern struct domain atalkdomain;
+extern struct domain atalkdomain;
#endif
#if INET6
- extern struct domain inet6domain;
+extern struct domain inet6domain;
#endif
#if IPSEC
- extern struct domain keydomain;
+extern struct domain keydomain;
#endif
+extern struct domain routedomain, ndrvdomain, inetdomain;
+extern struct domain systemdomain;
+
+void
+domaininit(void)
+{
+ register struct domain *dp;
+
+ /*
+ * allocate lock group attribute and group for domain mutexes
+ */
+ domain_proto_mtx_grp_attr = lck_grp_attr_alloc_init();
+
+ domain_proto_mtx_grp = lck_grp_alloc_init("domain", domain_proto_mtx_grp_attr);
+
+ /*
+ * allocate the lock attribute for per domain mutexes
+ */
+ domain_proto_mtx_attr = lck_attr_alloc_init();
+
+ if ((domain_proto_mtx = lck_mtx_alloc_init(domain_proto_mtx_grp, domain_proto_mtx_attr)) == NULL) {
+ printf("domaininit: can't init domain mtx for domain list\n");
+ return; /* we have a problem... */
+ }
/*
* Add all the static domains to the domains list
*/
- thread_funnel_switch(KERNEL_FUNNEL, NETWORK_FUNNEL);
- concat_domain(&localdomain);
- concat_domain(&routedomain);
- concat_domain(&inetdomain);
+ lck_mtx_lock(domain_proto_mtx);
+
+ prepend_domain(&localdomain);
+ prepend_domain(&inetdomain);
#if NETAT
- concat_domain(&atalkdomain);
+ prepend_domain(&atalkdomain);
#endif
#if INET6
- concat_domain(&inet6domain);
+ prepend_domain(&inet6domain);
#endif
+ prepend_domain(&routedomain);
+
#if IPSEC
- concat_domain(&keydomain);
+ prepend_domain(&keydomain);
#endif
#if NS
- concat_domain(&nsdomain);
+ prepend_domain(&nsdomain);
#endif
#if ISO
- concat_domain(&isodomain);
+ prepend_domain(&isodomain);
#endif
#if CCITT
- concat_domain(&ccittdomain);
+ prepend_domain(&ccittdomain);
#endif
- concat_domain(&ndrvdomain);
+ prepend_domain(&ndrvdomain);
- concat_domain(&systemdomain);
+ prepend_domain(&systemdomain);
/*
* Now ask them all to init (XXX including the routing domain,
for (dp = domains; dp; dp = dp->dom_next)
init_domain(dp);
- timeout(pffasttimo, NULL, 1);
+ lck_mtx_unlock(domain_proto_mtx);
timeout(pfslowtimo, NULL, 1);
- thread_funnel_switch(NETWORK_FUNNEL, KERNEL_FUNNEL);
+}
+
+void
+domainfin(void)
+{
+#ifdef INET6
+ ip6_fin();
+#endif
+}
+
+static __inline__ struct domain *
+pffinddomain_locked(int pf)
+{
+ struct domain *dp;
+
+ dp = domains;
+ while (dp != NULL)
+ { if (dp->dom_family == pf) {
+ break;
+ }
+ dp = dp->dom_next;
+ }
+ return (dp);
}
struct protosw *
-pffindtype(family, type)
- int family, type;
+pffindtype(int family, int type)
{
register struct domain *dp;
register struct protosw *pr;
- for (dp = domains; dp; dp = dp->dom_next)
- if (dp->dom_family == family)
- goto found;
- return (0);
-found:
+ lck_mtx_assert(domain_proto_mtx, LCK_MTX_ASSERT_NOTOWNED);
+ lck_mtx_lock(domain_proto_mtx);
+ dp = pffinddomain_locked(family);
+ if (dp == NULL) {
+ lck_mtx_unlock(domain_proto_mtx);
+ return (NULL);
+ }
for (pr = dp->dom_protosw; pr; pr = pr->pr_next)
- if (pr->pr_type && pr->pr_type == type)
+ if (pr->pr_type && pr->pr_type == type) {
+ lck_mtx_unlock(domain_proto_mtx);
return (pr);
+ }
+ lck_mtx_unlock(domain_proto_mtx);
return (0);
}
struct domain *
pffinddomain(int pf)
-{ struct domain *dp;
+{
+ struct domain *dp;
- dp = domains;
- while (dp)
- { if (dp->dom_family == pf)
+ lck_mtx_assert(domain_proto_mtx, LCK_MTX_ASSERT_NOTOWNED);
+ lck_mtx_lock(domain_proto_mtx);
+ dp = pffinddomain_locked(pf);
+ lck_mtx_unlock(domain_proto_mtx);
return(dp);
- dp = dp->dom_next;
- }
- return(NULL);
+ }
+
+struct protosw *
+pffindproto(int family, int protocol, int type)
+{
+ register struct protosw *pr;
+ lck_mtx_assert(domain_proto_mtx, LCK_MTX_ASSERT_NOTOWNED);
+ lck_mtx_lock(domain_proto_mtx);
+ pr = pffindproto_locked(family, protocol, type);
+ lck_mtx_unlock(domain_proto_mtx);
+ return (pr);
}
struct protosw *
-pffindproto(family, protocol, type)
- int family, protocol, type;
+pffindproto_locked(int family, int protocol, int type)
{
register struct domain *dp;
register struct protosw *pr;
if (family == 0)
return (0);
- for (dp = domains; dp; dp = dp->dom_next)
- if (dp->dom_family == family)
- goto found;
- return (0);
-found:
+ dp = pffinddomain_locked(family);
+ if (dp == NULL) {
+ return (NULL);
+ }
for (pr = dp->dom_protosw; pr; pr = pr->pr_next) {
if ((pr->pr_protocol == protocol) && (pr->pr_type == type))
return (pr);
return (maybe);
}
+struct protosw *
+pffindprotonotype_locked(int family, int protocol, __unused int type)
+{
+ register struct domain *dp;
+ register struct protosw *pr;
+
+ if (family == 0)
+ return (0);
+ dp = pffinddomain_locked(family);
+ if (dp == NULL) {
+ return (NULL);
+ }
+ for (pr = dp->dom_protosw; pr; pr = pr->pr_next) {
+ if (pr->pr_protocol == protocol) {
+ return (pr);
+ }
+ }
+ return (NULL);
+}
+
+struct protosw *
+pffindprotonotype(int family, int protocol)
+{
+ register struct protosw *pr;
+ if (protocol == 0) {
+ return (NULL);
+ }
+ lck_mtx_assert(domain_proto_mtx, LCK_MTX_ASSERT_NOTOWNED);
+ lck_mtx_lock(domain_proto_mtx);
+ pr = pffindprotonotype_locked(family, protocol, 0);
+ lck_mtx_unlock(domain_proto_mtx);
+ return (pr);
+}
+
int
-net_sysctl(name, namelen, oldp, oldlenp, newp, newlen, p)
- int *name;
- u_int namelen;
- void *oldp;
- size_t *oldlenp;
- void *newp;
- size_t newlen;
- struct proc *p;
+net_sysctl(int *name, u_int namelen, user_addr_t oldp, size_t *oldlenp,
+ user_addr_t newp, size_t newlen, __unused struct proc *p)
{
register struct domain *dp;
register struct protosw *pr;
- int family, protocol;
+ int family, protocol, error;
/*
* All sysctl names at this level are nonterminal;
if (family == 0)
return (0);
+ lck_mtx_lock(domain_proto_mtx);
for (dp = domains; dp; dp = dp->dom_next)
if (dp->dom_family == family)
goto found;
+ lck_mtx_unlock(domain_proto_mtx);
return (ENOPROTOOPT);
found:
for (pr = dp->dom_protosw; pr; pr = pr->pr_next)
- if (pr->pr_protocol == protocol && pr->pr_sysctl)
- return ((*pr->pr_sysctl)(name + 2, namelen - 2,
- oldp, oldlenp, newp, newlen));
+ if (pr->pr_protocol == protocol && pr->pr_sysctl) {
+ error = (*pr->pr_sysctl)(name + 2, namelen - 2,
+ (void *)(uintptr_t)oldp, oldlenp, (void *)(uintptr_t)newp, newlen);
+ lck_mtx_unlock(domain_proto_mtx);
+ return (error);
+ }
+ lck_mtx_unlock(domain_proto_mtx);
return (ENOPROTOOPT);
}
void
-pfctlinput(cmd, sa)
- int cmd;
- struct sockaddr *sa;
+pfctlinput(int cmd, struct sockaddr *sa)
{
- register struct domain *dp;
- register struct protosw *pr;
+ pfctlinput2(cmd, sa, (void*)0);
+}
+
+void
+pfctlinput2(int cmd, struct sockaddr *sa, void *ctlparam)
+{
+ struct domain *dp;
+ struct protosw *pr;
+
+ if (!sa)
+ return;
+ lck_mtx_lock(domain_proto_mtx);
for (dp = domains; dp; dp = dp->dom_next)
for (pr = dp->dom_protosw; pr; pr = pr->pr_next)
if (pr->pr_ctlinput)
- (*pr->pr_ctlinput)(cmd, sa, (caddr_t)0);
+ (*pr->pr_ctlinput)(cmd, sa, ctlparam);
+ lck_mtx_unlock(domain_proto_mtx);
}
void
-pfslowtimo(arg)
- void *arg;
+pfslowtimo(__unused void *arg)
{
register struct domain *dp;
register struct protosw *pr;
- boolean_t funnel_state;
- funnel_state = thread_funnel_set(network_flock, TRUE);
+ /*
+ * Update coarse-grained networking timestamp (in sec.); the idea
+ * is to piggy-back on the periodic slow timeout callout to update
+ * the counter returnable via net_uptime().
+ */
+ net_update_uptime();
- for (dp = domains; dp; dp = dp->dom_next)
- for (pr = dp->dom_protosw; pr; pr = pr->pr_next)
+ lck_mtx_lock(domain_proto_mtx);
+ for (dp = domains; dp; dp = dp->dom_next)
+ for (pr = dp->dom_protosw; pr; pr = pr->pr_next) {
if (pr->pr_slowtimo)
(*pr->pr_slowtimo)();
- timeout(pfslowtimo, NULL, hz/2);
-
- (void) thread_funnel_set(network_flock, FALSE);
+ if ((do_reclaim || (pr->pr_flags & PR_AGGDRAIN)) &&
+ pr->pr_drain)
+ (*pr->pr_drain)();
+ }
+ do_reclaim = 0;
+ lck_mtx_unlock(domain_proto_mtx);
+ timeout(pfslowtimo, NULL, hz/PR_SLOWHZ);
}
-void
-pffasttimo(arg)
- void *arg;
+static void
+net_update_uptime(void)
{
- register struct domain *dp;
- register struct protosw *pr;
- boolean_t funnel_state;
+ struct timeval tv;
- funnel_state = thread_funnel_set(network_flock, TRUE);
+ microuptime(&tv);
+ uptime = tv.tv_sec;
+}
- for (dp = domains; dp; dp = dp->dom_next)
- for (pr = dp->dom_protosw; pr; pr = pr->pr_next)
- if (pr->pr_fasttimo)
- (*pr->pr_fasttimo)();
- timeout(pffasttimo, NULL, hz/5);
+/*
+ * An alternative way to obtain the coarse-grained uptime (in seconds)
+ * for networking code which do not require high-precision timestamp,
+ * as this is significantly cheaper than microuptime().
+ */
+u_int64_t
+net_uptime(void)
+{
+ /* If we get here before pfslowtimo() fires for the first time */
+ if (uptime == 0)
+ net_update_uptime();
- (void) thread_funnel_set(network_flock, FALSE);
+ return (uptime);
}