/*
- * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
+ * Copyright (c) 2000-2010 Apple Inc. All rights reserved.
*
- * @APPLE_LICENSE_HEADER_START@
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
*
- * The contents of this file constitute Original Code as defined in and
- * are subject to the Apple Public Source License Version 1.1 (the
- * "License"). You may not use this file except in compliance with the
- * License. Please obtain a copy of the License at
- * http://www.apple.com/publicsource and read it before using this file.
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. The rights granted to you under the License
+ * may not be used to create, or enable the creation or redistribution of,
+ * unlawful or unlicensed copies of an Apple operating system, or to
+ * circumvent, violate, or enable the circumvention or violation of, any
+ * terms of an Apple operating system software license agreement.
*
- * This Original Code and all software distributed under the License are
- * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
- * License for the specific language governing rights and limitations
- * under the License.
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
*
- * @APPLE_LICENSE_HEADER_END@
+ * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
*/
/*
* Copyright (c) 1982, 1986, 1993
*
* @(#)ip_var.h 8.2 (Berkeley) 1/9/95
*/
+/*
+ * NOTICE: This file was modified by SPARTA, Inc. in 2007 to introduce
+ * support for mandatory and extensible security protections. This notice
+ * is included in support of clause 2.2 (b) of the Apple Public License,
+ * Version 2.0.
+ */
#ifndef _NETINET_IP_VAR_H_
#define _NETINET_IP_VAR_H_
#include <sys/appleapiopts.h>
-#ifdef __APPLE_API_PRIVATE
/*
* Overlay for ip header used by other protocols (tcp, udp).
*/
struct in_addr ih_dst; /* destination internet address */
};
+#ifdef KERNEL_PRIVATE
+#if CONFIG_MACF_NET
+struct label;
+#endif
/*
* Ip reassembly queue structure. Each fragment
* being reassembled is attached to one of these structures.
u_short ipq_id; /* sequence id for reassembly */
struct mbuf *ipq_frags; /* to ip headers of fragments */
struct in_addr ipq_src,ipq_dst;
- u_long reserved[4]; /* for future use */
+ u_int32_t ipq_nfrags;
+ TAILQ_ENTRY(ipq) ipq_list;
+#if CONFIG_MACF_NET
+ struct label *ipq_label; /* MAC label */
+#endif
#if IPDIVERT
#ifdef IPDIVERT_44
u_int32_t ipq_div_info; /* ipfw divert port & flags */
* The actual length of the options (including ipopt_dst)
* is in m_len.
*/
+#endif /* KERNEL_PRIVATE */
#define MAX_IPOPTLEN 40
+#ifdef XNU_KERNEL_PRIVATE
struct ipoption {
struct in_addr ipopt_dst; /* first-hop dst if source routed */
* passed to ip_output when IP multicast options are in use.
*/
struct ip_moptions {
+ decl_lck_mtx_data(, imo_lock);
+ uint32_t imo_refcnt; /* ref count */
+ uint32_t imo_debug; /* see ifa_debug flags */
struct ifnet *imo_multicast_ifp; /* ifp for outgoing multicasts */
u_char imo_multicast_ttl; /* TTL for outgoing multicasts */
u_char imo_multicast_loop; /* 1 => hear sends if a member */
u_short imo_num_memberships; /* no. memberships this socket */
- struct in_multi *imo_membership[IP_MAX_MEMBERSHIPS];
- u_long imo_multicast_vif; /* vif num outgoing multicasts */
+ u_short imo_max_memberships; /* max memberships this socket */
+ struct in_multi **imo_membership; /* group memberships */
+ struct in_mfilter *imo_mfilters; /* source filters */
+ u_int32_t imo_multicast_vif; /* vif num outgoing multicasts */
struct in_addr imo_multicast_addr; /* ifindex/addr on MULTICAST_IF */
+ void (*imo_trace) /* callback fn for tracing refs */
+ (struct ip_moptions *, int);
};
-#endif /* __APPLE_API_PRIVATE */
-#ifdef __APPLE_API_UNSTABLE
-struct ipstat {
- u_long ips_total; /* total packets received */
- u_long ips_badsum; /* checksum bad */
- u_long ips_tooshort; /* packet too short */
- u_long ips_toosmall; /* not enough data */
- u_long ips_badhlen; /* ip header length < data size */
- u_long ips_badlen; /* ip length < ip header length */
- u_long ips_fragments; /* fragments received */
- u_long ips_fragdropped; /* frags dropped (dups, out of space) */
- u_long ips_fragtimeout; /* fragments timed out */
- u_long ips_forward; /* packets forwarded */
- u_long ips_fastforward; /* packets fast forwarded */
- u_long ips_cantforward; /* packets rcvd for unreachable dest */
- u_long ips_redirectsent; /* packets forwarded on same net */
- u_long ips_noproto; /* unknown or unsupported protocol */
- u_long ips_delivered; /* datagrams delivered to upper level*/
- u_long ips_localout; /* total ip packets generated here */
- u_long ips_odropped; /* lost packets due to nobufs, etc. */
- u_long ips_reassembled; /* total packets reassembled ok */
- u_long ips_fragmented; /* datagrams successfully fragmented */
- u_long ips_ofragments; /* output fragments created */
- u_long ips_cantfrag; /* don't fragment flag was set, etc. */
- u_long ips_badoptions; /* error in option processing */
- u_long ips_noroute; /* packets discarded due to no route */
- u_long ips_badvers; /* ip version != 4 */
- u_long ips_rawout; /* total raw ip packets generated */
- u_long ips_toolong; /* ip length > max ip packet size */
- u_long ips_notmember; /* multicasts for unregistered grps */
- u_long ips_nogif; /* no match gif found */
- u_long ips_badaddr; /* invalid address on header */
+#define IMO_LOCK_ASSERT_HELD(_imo) \
+ lck_mtx_assert(&(_imo)->imo_lock, LCK_MTX_ASSERT_OWNED)
+
+#define IMO_LOCK_ASSERT_NOTHELD(_imo) \
+ lck_mtx_assert(&(_imo)->imo_lock, LCK_MTX_ASSERT_NOTOWNED)
+
+#define IMO_LOCK(_imo) \
+ lck_mtx_lock(&(_imo)->imo_lock)
+
+#define IMO_LOCK_SPIN(_imo) \
+ lck_mtx_lock_spin(&(_imo)->imo_lock)
+
+#define IMO_CONVERT_LOCK(_imo) do { \
+ IMO_LOCK_ASSERT_HELD(_imo); \
+ lck_mtx_convert_spin(&(_imo)->imo_lock); \
+} while (0)
+
+#define IMO_UNLOCK(_imo) \
+ lck_mtx_unlock(&(_imo)->imo_lock)
+
+#define IMO_ADDREF(_imo) \
+ imo_addref(_imo, 0)
+
+#define IMO_ADDREF_LOCKED(_imo) \
+ imo_addref(_imo, 1)
+
+#define IMO_REMREF(_imo) \
+ imo_remref(_imo)
+
+/* mbuf tag for ip_forwarding info */
+struct ip_fwd_tag {
+ struct sockaddr_in *next_hop; /* next_hop */
};
-#endif /* __APPLE_API_UNSTABLE */
-#ifdef __APPLE_API_PRIVATE
-#ifdef KERNEL
+#endif /* XNU_KERNEL_PRIVATE */
+
+struct ipstat {
+ u_int32_t ips_total; /* total packets received */
+ u_int32_t ips_badsum; /* checksum bad */
+ u_int32_t ips_tooshort; /* packet too short */
+ u_int32_t ips_toosmall; /* not enough data */
+ u_int32_t ips_badhlen; /* ip header length < data size */
+ u_int32_t ips_badlen; /* ip length < ip header length */
+ u_int32_t ips_fragments; /* fragments received */
+ u_int32_t ips_fragdropped; /* frags dropped (dups, out of space) */
+ u_int32_t ips_fragtimeout; /* fragments timed out */
+ u_int32_t ips_forward; /* packets forwarded */
+ u_int32_t ips_fastforward; /* packets fast forwarded */
+ u_int32_t ips_cantforward; /* packets rcvd for unreachable dest */
+ u_int32_t ips_redirectsent; /* packets forwarded on same net */
+ u_int32_t ips_noproto; /* unknown or unsupported protocol */
+ u_int32_t ips_delivered; /* datagrams delivered to upper level*/
+ u_int32_t ips_localout; /* total ip packets generated here */
+ u_int32_t ips_odropped; /* lost packets due to nobufs, etc. */
+ u_int32_t ips_reassembled; /* total packets reassembled ok */
+ u_int32_t ips_fragmented; /* datagrams successfully fragmented */
+ u_int32_t ips_ofragments; /* output fragments created */
+ u_int32_t ips_cantfrag; /* don't fragment flag was set, etc. */
+ u_int32_t ips_badoptions; /* error in option processing */
+ u_int32_t ips_noroute; /* packets discarded due to no route */
+ u_int32_t ips_badvers; /* ip version != 4 */
+ u_int32_t ips_rawout; /* total raw ip packets generated */
+ u_int32_t ips_toolong; /* ip length > max ip packet size */
+ u_int32_t ips_notmember; /* multicasts for unregistered grps */
+ u_int32_t ips_nogif; /* no match gif found */
+ u_int32_t ips_badaddr; /* invalid address on header */
+#ifdef PRIVATE
+ u_int32_t ips_pktdropcntrl; /* pkt dropped, no mbufs for control data */
+#endif /* PRIVATE */
+};
struct ip_linklocal_stat {
- u_long iplls_in_total;
- u_long iplls_in_badttl;
- u_long iplls_out_total;
- u_long iplls_out_badttl;
+ u_int32_t iplls_in_total;
+ u_int32_t iplls_in_badttl;
+ u_int32_t iplls_out_total;
+ u_int32_t iplls_out_badttl;
};
+#ifdef KERNEL_PRIVATE
/* flags passed to ip_output as last parameter */
#define IP_FORWARDING 0x1 /* most of ip header exists */
#define IP_RAWOUTPUT 0x2 /* raw ip header exists */
-#define IP_ROUTETOIF SO_DONTROUTE /* bypass routing tables */
-#define IP_ALLOWBROADCAST SO_BROADCAST /* can send broadcast packets */
+#define IP_NOIPSEC 0x4 /* No IPSec processing */
+#define IP_ROUTETOIF SO_DONTROUTE /* bypass routing tables (0x0010) */
+#define IP_ALLOWBROADCAST SO_BROADCAST /* can send broadcast packets (0x0020) */
+#define IP_OUTARGS 0x100 /* has ancillary output info */
struct ip;
struct inpcb;
struct route;
struct sockopt;
+/*
+ * Extra information passed to ip_output when IP_OUTARGS is set.
+ */
+struct ip_out_args {
+ unsigned int ipoa_boundif; /* bound outgoing interface */
+ unsigned int ipoa_nocell; /* don't use IFT_CELLULAR */
+};
+
extern struct ipstat ipstat;
#if !defined(RANDOM_IP_ID) || RANDOM_IP_ID == 0
extern u_short ip_id; /* ip packet ctr, for ids */
extern struct protosw *ip_protox[];
extern struct socket *ip_rsvpd; /* reservation protocol daemon */
extern struct socket *ip_mrouter; /* multicast routing daemon */
-extern int (*legal_vif_num) __P((int));
-extern u_long (*ip_mcast_src) __P((int));
+extern int (*legal_vif_num)(int);
+extern u_int32_t (*ip_mcast_src)(int);
extern int rsvp_on;
extern struct pr_usrreqs rip_usrreqs;
+extern int ip_doscopedroute;
+
+extern void ip_moptions_init(void);
+extern struct ip_moptions *ip_allocmoptions(int);
+extern int inp_getmoptions(struct inpcb *, struct sockopt *);
+extern int inp_setmoptions(struct inpcb *, struct sockopt *);
+extern void imo_addref(struct ip_moptions *, int);
+extern void imo_remref(struct ip_moptions *);
-int ip_ctloutput __P((struct socket *, struct sockopt *sopt));
-void ip_drain __P((void));
-void ip_freemoptions __P((struct ip_moptions *));
-void ip_init __P((void));
-extern int (*ip_mforward) __P((struct ip *, struct ifnet *, struct mbuf *,
- struct ip_moptions *));
-int ip_output __P((struct mbuf *,
- struct mbuf *, struct route *, int, struct ip_moptions *));
-void ip_savecontrol __P((struct inpcb *, struct mbuf **, struct ip *,
- struct mbuf *));
-void ip_slowtimo __P((void));
+int ip_ctloutput(struct socket *, struct sockopt *sopt);
+void ip_drain(void);
+void ip_init(void) __attribute__((section("__TEXT, initcode")));
+extern int (*ip_mforward)(struct ip *, struct ifnet *, struct mbuf *,
+ struct ip_moptions *);
+extern int ip_output(struct mbuf *, struct mbuf *, struct route *, int,
+ struct ip_moptions *, struct ip_out_args *);
+extern int ip_output_list(struct mbuf *, int, struct mbuf *, struct route *,
+ int, struct ip_moptions *, struct ip_out_args *);
+struct in_ifaddr *ip_rtaddr(struct in_addr);
+int ip_savecontrol(struct inpcb *, struct mbuf **, struct ip *,
+ struct mbuf *);
+void ip_slowtimo(void);
struct mbuf *
- ip_srcroute __P((void));
-void ip_stripoptions __P((struct mbuf *, struct mbuf *));
+ ip_srcroute(void);
+void ip_stripoptions(struct mbuf *, struct mbuf *);
#if RANDOM_IP_ID
u_int16_t
- ip_randomid __P((void));
+ ip_randomid(void);
#endif
-int rip_ctloutput __P((struct socket *, struct sockopt *));
-void rip_ctlinput __P((int, struct sockaddr *, void *));
-void rip_init __P((void));
-void rip_input __P((struct mbuf *, int));
-int rip_output __P((struct mbuf *, struct socket *, u_long));
-void ipip_input __P((struct mbuf *, int));
-void rsvp_input __P((struct mbuf *, int));
-int ip_rsvp_init __P((struct socket *));
-int ip_rsvp_done __P((void));
-int ip_rsvp_vif_init __P((struct socket *, struct sockopt *));
-int ip_rsvp_vif_done __P((struct socket *, struct sockopt *));
-void ip_rsvp_force_done __P((struct socket *));
+int rip_ctloutput(struct socket *, struct sockopt *);
+void rip_ctlinput(int, struct sockaddr *, void *);
+void rip_init(void) __attribute__((section("__TEXT, initcode")));
+void rip_input(struct mbuf *, int);
+int rip_output(struct mbuf *, struct socket *, u_int32_t, struct mbuf *);
+int rip_unlock(struct socket *, int, void *);
+void ipip_input(struct mbuf *, int);
+void rsvp_input(struct mbuf *, int);
+int ip_rsvp_init(struct socket *);
+int ip_rsvp_done(void);
+int ip_rsvp_vif_init(struct socket *, struct sockopt *);
+int ip_rsvp_vif_done(struct socket *, struct sockopt *);
+void ip_rsvp_force_done(struct socket *);
-#if IPDIVERT
-void div_init __P((void));
-void div_input __P((struct mbuf *, int));
-void divert_packet __P((struct mbuf *, int, int));
-extern struct pr_usrreqs div_usrreqs;
-extern u_int16_t ip_divert_cookie;
-#endif
+void in_delayed_cksum(struct mbuf *m);
-extern struct sockaddr_in *ip_fw_fwd_addr;
+extern void tcp_in_cksum_stats(u_int32_t);
+extern void tcp_out_cksum_stats(u_int32_t);
-void in_delayed_cksum(struct mbuf *m);
+extern void udp_in_cksum_stats(u_int32_t);
+extern void udp_out_cksum_stats(u_int32_t);
+
+int rip_send(struct socket *, int , struct mbuf *, struct sockaddr *,
+ struct mbuf *, struct proc *);
-#endif /* _KERNEL */
-#endif /* __APPLE_API_PRIVATE */
+extern int ip_fragment(struct mbuf *, struct ifnet *, unsigned long, int);
+#endif /* KERNEL_PRIVATE */
#endif /* !_NETINET_IP_VAR_H_ */
projects / apple / xnu.git / blobdiff