/*
- * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
+ * Copyright (c) 1998-2007 Apple Inc. All rights reserved.
*
- * @APPLE_LICENSE_HEADER_START@
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
*
- * The contents of this file constitute Original Code as defined in and
- * are subject to the Apple Public Source License Version 1.1 (the
- * "License"). You may not use this file except in compliance with the
- * License. Please obtain a copy of the License at
- * http://www.apple.com/publicsource and read it before using this file.
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. The rights granted to you under the License
+ * may not be used to create, or enable the creation or redistribution of,
+ * unlawful or unlicensed copies of an Apple operating system, or to
+ * circumvent, violate, or enable the circumvention or violation of, any
+ * terms of an Apple operating system software license agreement.
*
- * This Original Code and all software distributed under the License are
- * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
- * License for the specific language governing rights and limitations
- * under the License.
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
*
- * @APPLE_LICENSE_HEADER_END@
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
*/
-/* Copyright (c) 1998, 1999 Apple Computer, Inc. All Rights Reserved */
/* Copyright (c) 1995 NeXT Computer, Inc. All Rights Reserved */
/*
* Copyright (c) 1982, 1986, 1993
#include <sys/time.h>
#include <sys/kernel.h>
#include <sys/systm.h>
-#include <sys/proc.h>
+#include <sys/proc_internal.h>
#include <sys/sysctl.h>
#include <sys/syslog.h>
#include <sys/queue.h>
-void pffasttimo __P((void *));
-void pfslowtimo __P((void *));
+#include <pexpert/pexpert.h>
+
+void domaininit(void) __attribute__((section("__TEXT, initcode")));
+void init_domain(struct domain *dp) __attribute__((section("__TEXT, initcode")));
+void concat_domain(struct domain *dp) __attribute__((section("__TEXT, initcode")));
+
+
+void pffasttimo(void *);
+void pfslowtimo(void *);
+
+struct protosw *pffindprotonotype(int, int);
+struct protosw *pffindprotonotype_locked(int , int , int);
+struct domain *pffinddomain(int);
+void concat_domain(struct domain *);
+void init_domain(struct domain *);
/*
* Add/delete 'domain': Link structure into system list,
* To delete, just remove from the list (dom_refs must be zero)
*/
+lck_grp_t *domain_proto_mtx_grp;
+lck_attr_t *domain_proto_mtx_attr;
+static lck_grp_attr_t *domain_proto_mtx_grp_attr;
+lck_mtx_t *domain_proto_mtx;
+extern int do_reclaim;
+
+static void
+init_proto(struct protosw *pr)
+{
+ TAILQ_INIT(&pr->pr_filter_head);
+ if (pr->pr_init)
+ (*pr->pr_init)();
+
+ /* Make sure pr_init isn't called again!! */
+ pr->pr_init = 0;
+}
-void init_domain(register struct domain *dp)
+void
+init_domain(struct domain *dp)
{
struct protosw *pr;
+ if ((dp->dom_mtx = lck_mtx_alloc_init(domain_proto_mtx_grp, domain_proto_mtx_attr)) == NULL) {
+ printf("init_domain: can't init domain mtx for domain=%s\n", dp->dom_name);
+ return; /* we have a problem... */
+ }
+
if (dp->dom_init)
(*dp->dom_init)();
dp->dom_name,
(int)(pr - dp->dom_protosw));
- if (pr->pr_init)
- (*pr->pr_init)();
+ init_proto(pr);
+
}
/* Recompute for new protocol */
max_datalen = MHLEN - max_hdr;
}
-void concat_domain(struct domain *dp)
+void
+concat_domain(struct domain *dp)
{
+ lck_mtx_assert(domain_proto_mtx, LCK_MTX_ASSERT_OWNED);
dp->dom_next = domains;
domains = dp;
}
void
-net_add_domain(register struct domain *dp)
-{ register struct protosw *pr;
- register int s;
- extern int splhigh(void);
- extern int splx(int);
-
+net_add_domain(struct domain *dp)
+{
kprintf("Adding domain %s (family %d)\n", dp->dom_name,
dp->dom_family);
/* First, link in the domain */
- s = splhigh();
+ lck_mtx_lock(domain_proto_mtx);
concat_domain(dp);
init_domain(dp);
+ lck_mtx_unlock(domain_proto_mtx);
- splx(s);
}
int
-net_del_domain(register struct domain *dp)
+net_del_domain(struct domain *dp)
{ register struct domain *dp1, *dp2;
- register int s, retval = 0;
- extern int splhigh(void);
- extern int splx(int);
+ register int retval = 0;
+
+ lck_mtx_lock(domain_proto_mtx);
- if (dp->dom_refs)
+ if (dp->dom_refs) {
+ lck_mtx_unlock(domain_proto_mtx);
return(EBUSY);
-
- s = splhigh();
+ }
for (dp2 = NULL, dp1 = domains; dp1; dp2 = dp1, dp1 = dp1->dom_next)
{ if (dp == dp1)
domains = dp1->dom_next;
} else
retval = EPFNOSUPPORT;
- splx(s);
+ lck_mtx_unlock(domain_proto_mtx);
return(retval);
}
/*
* net_add_proto - link a protosw into a domain's protosw chain
+ *
+ * note: protocols must use their own domain lock before calling net_add_proto
*/
int
-net_add_proto(register struct protosw *pp,
- register struct domain *dp)
+net_add_proto(struct protosw *pp, struct domain *dp)
{ register struct protosw *pp1, *pp2;
- register int s;
- extern int splhigh(void);
- extern int splx(int);
- s = splhigh();
for (pp2 = NULL, pp1 = dp->dom_protosw; pp1; pp1 = pp1->pr_next)
{ if (pp1->pr_type == pp->pr_type &&
pp1->pr_protocol == pp->pr_protocol) {
- splx(s);
return(EEXIST);
}
pp2 = pp1;
dp->dom_protosw = pp;
else
pp2->pr_next = pp;
- pp->pr_next = NULL;
- TAILQ_INIT(&pp->pr_sfilter);
- if (pp->pr_init)
- (*pp->pr_init)();
- /* Make sure pr_init isn't called again!! */
- pp->pr_init = 0;
- splx(s);
+ init_proto(pp);
+
return(0);
}
* net_del_proto - remove a protosw from a domain's protosw chain.
* Search the protosw chain for the element with matching data.
* Then unlink and return.
+ *
+ * note: protocols must use their own domain lock before calling net_del_proto
*/
int
-net_del_proto(register int type,
- register int protocol,
- register struct domain *dp)
-{ register struct protosw *pp1, *pp2;
- int s;
- extern int splhigh(void);
- extern int splx(int);
+net_del_proto(int type, int protocol, struct domain *dp)
+{
+ register struct protosw *pp1, *pp2;
- s = splhigh();
for (pp2 = NULL, pp1 = dp->dom_protosw; pp1; pp1 = pp1->pr_next)
{ if (pp1->pr_type == type &&
pp1->pr_protocol == protocol)
pp2 = pp1;
}
if (pp1 == NULL) {
- splx(s);
return(ENXIO);
}
if (pp2)
pp2->pr_next = pp1->pr_next;
else
dp->dom_protosw = pp1->pr_next;
- splx(s);
return(0);
}
-void
-domaininit()
-{ register struct domain *dp;
- register struct protosw *pr;
- extern struct domain localdomain, routedomain, ndrvdomain, inetdomain;
- extern struct domain systemdomain;
#if NS
- extern struct domain nsdomain;
+extern struct domain nsdomain;
#endif
#if ISO
- extern struct domain isodomain;
+extern struct domain isodomain;
#endif
#if CCITT
- extern struct domain ccittdomain;
+extern struct domain ccittdomain;
#endif
#if NETAT
- extern struct domain atalkdomain;
+extern struct domain atalkdomain;
#endif
#if INET6
- extern struct domain inet6domain;
+extern struct domain inet6domain;
#endif
#if IPSEC
- extern struct domain keydomain;
+extern struct domain keydomain;
#endif
+extern struct domain routedomain, ndrvdomain, inetdomain;
+extern struct domain systemdomain;
+
+void
+domaininit(void)
+{
+ register struct domain *dp;
+
+ /*
+ * allocate lock group attribute and group for domain mutexes
+ */
+ domain_proto_mtx_grp_attr = lck_grp_attr_alloc_init();
+
+ domain_proto_mtx_grp = lck_grp_alloc_init("domain", domain_proto_mtx_grp_attr);
+
+ /*
+ * allocate the lock attribute for per domain mutexes
+ */
+ domain_proto_mtx_attr = lck_attr_alloc_init();
+
+ if ((domain_proto_mtx = lck_mtx_alloc_init(domain_proto_mtx_grp, domain_proto_mtx_attr)) == NULL) {
+ printf("domaininit: can't init domain mtx for domain list\n");
+ return; /* we have a problem... */
+ }
/*
* Add all the static domains to the domains list
*/
- thread_funnel_switch(KERNEL_FUNNEL, NETWORK_FUNNEL);
+ lck_mtx_lock(domain_proto_mtx);
+
concat_domain(&localdomain);
concat_domain(&routedomain);
concat_domain(&inetdomain);
for (dp = domains; dp; dp = dp->dom_next)
init_domain(dp);
+ lck_mtx_unlock(domain_proto_mtx);
timeout(pffasttimo, NULL, 1);
timeout(pfslowtimo, NULL, 1);
- thread_funnel_switch(NETWORK_FUNNEL, KERNEL_FUNNEL);
+}
+
+static __inline__ struct domain *
+pffinddomain_locked(int pf)
+{
+ struct domain *dp;
+
+ dp = domains;
+ while (dp != NULL)
+ { if (dp->dom_family == pf) {
+ break;
+ }
+ dp = dp->dom_next;
+ }
+ return (dp);
}
struct protosw *
-pffindtype(family, type)
- int family, type;
+pffindtype(int family, int type)
{
register struct domain *dp;
register struct protosw *pr;
- for (dp = domains; dp; dp = dp->dom_next)
- if (dp->dom_family == family)
- goto found;
- return (0);
-found:
+ lck_mtx_assert(domain_proto_mtx, LCK_MTX_ASSERT_NOTOWNED);
+ lck_mtx_lock(domain_proto_mtx);
+ dp = pffinddomain_locked(family);
+ if (dp == NULL) {
+ lck_mtx_unlock(domain_proto_mtx);
+ return (NULL);
+ }
for (pr = dp->dom_protosw; pr; pr = pr->pr_next)
- if (pr->pr_type && pr->pr_type == type)
+ if (pr->pr_type && pr->pr_type == type) {
+ lck_mtx_unlock(domain_proto_mtx);
return (pr);
+ }
+ lck_mtx_unlock(domain_proto_mtx);
return (0);
}
struct domain *
pffinddomain(int pf)
-{ struct domain *dp;
+{
+ struct domain *dp;
- dp = domains;
- while (dp)
- { if (dp->dom_family == pf)
+ lck_mtx_assert(domain_proto_mtx, LCK_MTX_ASSERT_NOTOWNED);
+ lck_mtx_lock(domain_proto_mtx);
+ dp = pffinddomain_locked(pf);
+ lck_mtx_unlock(domain_proto_mtx);
return(dp);
- dp = dp->dom_next;
- }
- return(NULL);
+ }
+
+struct protosw *
+pffindproto(int family, int protocol, int type)
+{
+ register struct protosw *pr;
+ lck_mtx_assert(domain_proto_mtx, LCK_MTX_ASSERT_NOTOWNED);
+ lck_mtx_lock(domain_proto_mtx);
+ pr = pffindproto_locked(family, protocol, type);
+ lck_mtx_unlock(domain_proto_mtx);
+ return (pr);
}
struct protosw *
-pffindproto(family, protocol, type)
- int family, protocol, type;
+pffindproto_locked(int family, int protocol, int type)
{
register struct domain *dp;
register struct protosw *pr;
if (family == 0)
return (0);
- for (dp = domains; dp; dp = dp->dom_next)
- if (dp->dom_family == family)
- goto found;
- return (0);
-found:
+ dp = pffinddomain_locked(family);
+ if (dp == NULL) {
+ return (NULL);
+ }
for (pr = dp->dom_protosw; pr; pr = pr->pr_next) {
if ((pr->pr_protocol == protocol) && (pr->pr_type == type))
return (pr);
return (maybe);
}
+struct protosw *
+pffindprotonotype_locked(int family, int protocol, __unused int type)
+{
+ register struct domain *dp;
+ register struct protosw *pr;
+
+ if (family == 0)
+ return (0);
+ dp = pffinddomain_locked(family);
+ if (dp == NULL) {
+ return (NULL);
+ }
+ for (pr = dp->dom_protosw; pr; pr = pr->pr_next) {
+ if (pr->pr_protocol == protocol) {
+ return (pr);
+ }
+ }
+ return (NULL);
+}
+
+struct protosw *
+pffindprotonotype(int family, int protocol)
+{
+ register struct protosw *pr;
+ if (protocol == 0) {
+ return (NULL);
+ }
+ lck_mtx_assert(domain_proto_mtx, LCK_MTX_ASSERT_NOTOWNED);
+ lck_mtx_lock(domain_proto_mtx);
+ pr = pffindprotonotype_locked(family, protocol, 0);
+ lck_mtx_unlock(domain_proto_mtx);
+ return (pr);
+}
+
int
-net_sysctl(name, namelen, oldp, oldlenp, newp, newlen, p)
- int *name;
- u_int namelen;
- void *oldp;
- size_t *oldlenp;
- void *newp;
- size_t newlen;
- struct proc *p;
+net_sysctl(int *name, u_int namelen, user_addr_t oldp, size_t *oldlenp,
+ user_addr_t newp, size_t newlen, __unused struct proc *p)
{
register struct domain *dp;
register struct protosw *pr;
- int family, protocol;
+ int family, protocol, error;
/*
* All sysctl names at this level are nonterminal;
if (family == 0)
return (0);
+ lck_mtx_lock(domain_proto_mtx);
for (dp = domains; dp; dp = dp->dom_next)
if (dp->dom_family == family)
goto found;
+ lck_mtx_unlock(domain_proto_mtx);
return (ENOPROTOOPT);
found:
for (pr = dp->dom_protosw; pr; pr = pr->pr_next)
- if (pr->pr_protocol == protocol && pr->pr_sysctl)
- return ((*pr->pr_sysctl)(name + 2, namelen - 2,
- oldp, oldlenp, newp, newlen));
+ if (pr->pr_protocol == protocol && pr->pr_sysctl) {
+ error = (*pr->pr_sysctl)(name + 2, namelen - 2,
+ oldp, oldlenp, newp, newlen);
+ lck_mtx_unlock(domain_proto_mtx);
+ return (error);
+ }
+ lck_mtx_unlock(domain_proto_mtx);
return (ENOPROTOOPT);
}
void
-pfctlinput(cmd, sa)
- int cmd;
- struct sockaddr *sa;
+pfctlinput(int cmd, struct sockaddr *sa)
{
- register struct domain *dp;
- register struct protosw *pr;
+ pfctlinput2(cmd, sa, (void*)0);
+}
+
+void
+pfctlinput2(int cmd, struct sockaddr *sa, void *ctlparam)
+{
+ struct domain *dp;
+ struct protosw *pr;
+
+ if (!sa)
+ return;
+ lck_mtx_lock(domain_proto_mtx);
for (dp = domains; dp; dp = dp->dom_next)
for (pr = dp->dom_protosw; pr; pr = pr->pr_next)
if (pr->pr_ctlinput)
- (*pr->pr_ctlinput)(cmd, sa, (caddr_t)0);
+ (*pr->pr_ctlinput)(cmd, sa, ctlparam);
+ lck_mtx_unlock(domain_proto_mtx);
}
void
-pfslowtimo(arg)
- void *arg;
+pfslowtimo(__unused void *arg)
{
register struct domain *dp;
register struct protosw *pr;
- boolean_t funnel_state;
- funnel_state = thread_funnel_set(network_flock, TRUE);
-
- for (dp = domains; dp; dp = dp->dom_next)
- for (pr = dp->dom_protosw; pr; pr = pr->pr_next)
+ lck_mtx_lock(domain_proto_mtx);
+ for (dp = domains; dp; dp = dp->dom_next)
+ for (pr = dp->dom_protosw; pr; pr = pr->pr_next) {
if (pr->pr_slowtimo)
(*pr->pr_slowtimo)();
- timeout(pfslowtimo, NULL, hz/2);
+ if (do_reclaim && pr->pr_drain)
+ (*pr->pr_drain)();
+ }
+ do_reclaim = 0;
+ lck_mtx_unlock(domain_proto_mtx);
+ timeout(pfslowtimo, NULL, hz/PR_SLOWHZ);
- (void) thread_funnel_set(network_flock, FALSE);
}
void
-pffasttimo(arg)
- void *arg;
+pffasttimo(__unused void *arg)
{
register struct domain *dp;
register struct protosw *pr;
- boolean_t funnel_state;
-
- funnel_state = thread_funnel_set(network_flock, TRUE);
+ lck_mtx_lock(domain_proto_mtx);
for (dp = domains; dp; dp = dp->dom_next)
for (pr = dp->dom_protosw; pr; pr = pr->pr_next)
if (pr->pr_fasttimo)
(*pr->pr_fasttimo)();
- timeout(pffasttimo, NULL, hz/5);
-
- (void) thread_funnel_set(network_flock, FALSE);
+ lck_mtx_unlock(domain_proto_mtx);
+ timeout(pffasttimo, NULL, hz/PR_FASTHZ);
}