/*
- * Copyright (c) 2009-2013 Apple Inc. All rights reserved.
+ * Copyright (c) 2009-2016 Apple Inc. All rights reserved.
*
* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
*
sin6_src->sin6_family != AF_INET6 ||
sin6_dst->sin6_family != AF_INET6) {
m_freem(m);
- return (EAFNOSUPPORT);
+ return EAFNOSUPPORT;
}
switch (family) {
#if INET
case AF_INET:
- {
+ {
struct ip *ip;
proto = IPPROTO_IPV4;
- if (mbuf_len(m) < sizeof (*ip)) {
- m = m_pullup(m, sizeof (*ip));
- if (!m)
- return (ENOBUFS);
+ if (mbuf_len(m) < sizeof(*ip)) {
+ m = m_pullup(m, sizeof(*ip));
+ if (!m) {
+ return ENOBUFS;
+ }
}
ip = mtod(m, struct ip *);
itos = ip->ip_tos;
break;
- }
+ }
#endif
#if INET6
case AF_INET6:
- {
+ {
proto = IPPROTO_IPV6;
- if (mbuf_len(m) < sizeof (*ip6)) {
- m = m_pullup(m, sizeof (*ip6));
- if (!m)
- return (ENOBUFS);
+ if (mbuf_len(m) < sizeof(*ip6)) {
+ m = m_pullup(m, sizeof(*ip6));
+ if (!m) {
+ return ENOBUFS;
+ }
}
ip6 = mtod(m, struct ip6_hdr *);
itos = (ntohl(ip6->ip6_flow) >> 20) & 0xff;
break;
- }
+ }
#endif
default:
#if DEBUG
printf("in6_gif_output: warning: unknown family %d passed\n",
- family);
+ family);
#endif
m_freem(m);
- return (EAFNOSUPPORT);
+ return EAFNOSUPPORT;
}
/* prepend new IP header */
- M_PREPEND(m, sizeof (struct ip6_hdr), M_DONTWAIT);
- if (m && mbuf_len(m) < sizeof (struct ip6_hdr))
- m = m_pullup(m, sizeof (struct ip6_hdr));
+ M_PREPEND(m, sizeof(struct ip6_hdr), M_DONTWAIT, 1);
+ if (m && mbuf_len(m) < sizeof(struct ip6_hdr)) {
+ m = m_pullup(m, sizeof(struct ip6_hdr));
+ }
if (m == NULL) {
printf("ENOBUFS in in6_gif_output %d\n", __LINE__);
- return (ENOBUFS);
+ return ENOBUFS;
}
ip6 = mtod(m, struct ip6_hdr *);
- ip6->ip6_flow = 0;
- ip6->ip6_vfc &= ~IPV6_VERSION_MASK;
- ip6->ip6_vfc |= IPV6_VERSION;
- ip6->ip6_plen = htons((u_short)m->m_pkthdr.len);
- ip6->ip6_nxt = proto;
- ip6->ip6_hlim = ip6_gif_hlim;
- ip6->ip6_src = sin6_src->sin6_addr;
+ ip6->ip6_flow = 0;
+ ip6->ip6_vfc &= ~IPV6_VERSION_MASK;
+ ip6->ip6_vfc |= IPV6_VERSION;
+ ip6->ip6_plen = htons((u_short)m->m_pkthdr.len);
+ ip6->ip6_nxt = proto;
+ ip6->ip6_hlim = ip6_gif_hlim;
+ ip6->ip6_src = sin6_src->sin6_addr;
/* bidirectional configured tunnel mode */
- if (!IN6_IS_ADDR_UNSPECIFIED(&sin6_dst->sin6_addr))
+ if (!IN6_IS_ADDR_UNSPECIFIED(&sin6_dst->sin6_addr)) {
ip6->ip6_dst = sin6_dst->sin6_addr;
- else {
+ } else {
m_freem(m);
- return (ENETUNREACH);
+ return ENETUNREACH;
}
- ip_ecn_ingress((ifp->if_flags & IFF_LINK1) ? ECN_ALLOWED : ECN_NOCARE,
+ ip_ecn_ingress((ifp->if_flags & IFF_LINK1) ? ECN_NORMAL : ECN_NOCARE,
&otos, &itos);
ip6->ip6_flow &= ~htonl(0xff << 20);
ip6->ip6_flow |= htonl((u_int32_t)otos << 20);
!IN6_ARE_ADDR_EQUAL(&dst->sin6_addr, &sin6_dst->sin6_addr) ||
(sc->gif_ro6.ro_rt != NULL && sc->gif_ro6.ro_rt->rt_ifp == ifp)) {
/* cache route doesn't match or recursive route */
- bzero(dst, sizeof (*dst));
+ bzero(dst, sizeof(*dst));
dst->sin6_family = sin6_dst->sin6_family;
- dst->sin6_len = sizeof (struct sockaddr_in6);
+ dst->sin6_len = sizeof(struct sockaddr_in6);
dst->sin6_addr = sin6_dst->sin6_addr;
ROUTE_RELEASE(&sc->gif_ro6);
#if 0
rtalloc((struct route *)&sc->gif_ro6);
if (sc->gif_ro6.ro_rt == NULL) {
m_freem(m);
- return (ENETUNREACH);
+ return ENETUNREACH;
}
RT_LOCK(sc->gif_ro6.ro_rt);
/* if it constitutes infinite encapsulation, punt. */
if (sc->gif_ro6.ro_rt->rt_ifp == ifp) {
RT_UNLOCK(sc->gif_ro6.ro_rt);
m_freem(m);
- return (ENETUNREACH); /* XXX */
+ return ENETUNREACH; /* XXX */
}
#if 0
ifp->if_mtu = sc->gif_ro6.ro_rt->rt_ifp->if_mtu
- - sizeof (struct ip6_hdr);
+ - sizeof(struct ip6_hdr);
#endif
RT_UNLOCK(sc->gif_ro6.ro_rt);
}
* it is too painful to ask for resend of inner packet, to achieve
* path MTU discovery for encapsulated packets.
*/
- return (ip6_output(m, 0, &sc->gif_ro6, IPV6_MINMTU, 0, NULL, NULL));
+ return ip6_output(m, 0, &sc->gif_ro6, IPV6_MINMTU, 0, NULL, NULL);
#else
- return (ip6_output(m, 0, &sc->gif_ro6, 0, 0, NULL, NULL));
+ return ip6_output(m, 0, &sc->gif_ro6, 0, 0, NULL, NULL);
#endif
}
struct ip6_hdr *ip6;
int af = 0;
u_int32_t otos;
+ int egress_success = 0;
ip6 = mtod(m, struct ip6_hdr *);
if (gifp == NULL || (gifp->if_flags & IFF_UP) == 0) {
m_freem(m);
ip6stat.ip6s_nogif++;
- return (IPPROTO_DONE);
+ return IPPROTO_DONE;
}
otos = ip6->ip6_flow;
switch (proto) {
#if INET
case IPPROTO_IPV4:
- {
+ {
struct ip *ip;
- u_int8_t otos8;
+ u_int8_t otos8, old_tos;
+ int sum;
+
af = AF_INET;
otos8 = (ntohl(otos) >> 20) & 0xff;
- if (mbuf_len(m) < sizeof (*ip)) {
- m = m_pullup(m, sizeof (*ip));
- if (!m)
- return (IPPROTO_DONE);
+ if (mbuf_len(m) < sizeof(*ip)) {
+ m = m_pullup(m, sizeof(*ip));
+ if (!m) {
+ return IPPROTO_DONE;
+ }
}
ip = mtod(m, struct ip *);
- if (gifp->if_flags & IFF_LINK1)
- ip_ecn_egress(ECN_ALLOWED, &otos8, &ip->ip_tos);
- else
- ip_ecn_egress(ECN_NOCARE, &otos8, &ip->ip_tos);
+ if (gifp->if_flags & IFF_LINK1) {
+ old_tos = ip->ip_tos;
+ egress_success = ip_ecn_egress(ECN_NORMAL, &otos8, &ip->ip_tos);
+ if (old_tos != ip->ip_tos) {
+ sum = ~ntohs(ip->ip_sum) & 0xffff;
+ sum += (~old_tos & 0xffff) + ip->ip_tos;
+ sum = (sum >> 16) + (sum & 0xffff);
+ sum += (sum >> 16); /* add carry */
+ ip->ip_sum = htons(~sum & 0xffff);
+ }
+ } else {
+ egress_success = ip_ecn_egress(ECN_NOCARE, &otos8, &ip->ip_tos);
+ }
break;
- }
+ }
#endif /* INET */
#if INET6
case IPPROTO_IPV6:
- {
+ {
af = AF_INET6;
- if (mbuf_len(m) < sizeof (*ip6)) {
- m = m_pullup(m, sizeof (*ip6));
- if (!m)
- return (IPPROTO_DONE);
+ if (mbuf_len(m) < sizeof(*ip6)) {
+ m = m_pullup(m, sizeof(*ip6));
+ if (!m) {
+ return IPPROTO_DONE;
+ }
}
ip6 = mtod(m, struct ip6_hdr *);
- if (gifp->if_flags & IFF_LINK1)
- ip6_ecn_egress(ECN_ALLOWED, &otos, &ip6->ip6_flow);
- else
- ip6_ecn_egress(ECN_NOCARE, &otos, &ip6->ip6_flow);
+ if (gifp->if_flags & IFF_LINK1) {
+ egress_success = ip6_ecn_egress(ECN_NORMAL, &otos, &ip6->ip6_flow);
+ } else {
+ egress_success = ip6_ecn_egress(ECN_NOCARE, &otos, &ip6->ip6_flow);
+ }
break;
- }
+ }
#endif
default:
ip6stat.ip6s_nogif++;
m_freem(m);
- return (IPPROTO_DONE);
+ return IPPROTO_DONE;
+ }
+
+ if (egress_success == 0) {
+ ip6stat.ip6s_nogif++;
+ m_freem(m);
+ return IPPROTO_DONE;
}
/* Replace the rcvif by gifp for ifnet_input to route it correctly */
- if (m->m_pkthdr.rcvif)
+ if (m->m_pkthdr.rcvif) {
m->m_pkthdr.rcvif = gifp;
+ }
ifnet_input(gifp, m, NULL);
- return (IPPROTO_DONE);
+ return IPPROTO_DONE;
}
/*
* and the *destination* address of the packet, and vice versa.
*/
if (!IN6_ARE_ADDR_EQUAL(&src->sin6_addr, &ip6->ip6_dst) ||
- !IN6_ARE_ADDR_EQUAL(&dst->sin6_addr, &ip6->ip6_src))
- return (0);
+ !IN6_ARE_ADDR_EQUAL(&dst->sin6_addr, &ip6->ip6_src)) {
+ return 0;
+ }
/* martian filters on outer source - done in ip6_input */
struct sockaddr_in6 sin6;
struct rtentry *rt;
- bzero(&sin6, sizeof (sin6));
+ bzero(&sin6, sizeof(sin6));
sin6.sin6_family = AF_INET6;
- sin6.sin6_len = sizeof (struct sockaddr_in6);
+ sin6.sin6_len = sizeof(struct sockaddr_in6);
sin6.sin6_addr = ip6->ip6_src;
rt = rtalloc1((struct sockaddr *)&sin6, 0, 0);
- if (rt != NULL)
+ if (rt != NULL) {
RT_LOCK(rt);
+ }
if (!rt || rt->rt_ifp != ifp) {
#if 0
log(LOG_WARNING, "%s: packet from %s dropped "
RT_UNLOCK(rt);
rtfree(rt);
}
- return (0);
+ return 0;
}
RT_UNLOCK(rt);
rtfree(rt);
}
- return (128 * 2);
+ return 128 * 2;
}
/*
GIF_LOCK_ASSERT(sc);
- mbuf_copydata((struct mbuf *)(size_t)m, 0, sizeof (ip6), &ip6);
+ mbuf_copydata((struct mbuf *)(size_t)m, 0, sizeof(ip6), &ip6);
ifp = ((m->m_flags & M_PKTHDR) != 0) ? m->m_pkthdr.rcvif : NULL;
- return (gif_validate6(&ip6, sc, ifp));
+ return gif_validate6(&ip6, sc, ifp);
}