X-Git-Url: https://git.saurik.com/apple/xnu.git/blobdiff_plain/43866e378188c25dd1e2208016ab3cbeb086ae6c..060df5ea7c632b1ac8cc8aac1fb59758165c2084:/bsd/netinet/ip_mroute.c?ds=sidebyside diff --git a/bsd/netinet/ip_mroute.c b/bsd/netinet/ip_mroute.c index 6668caa0e..e61d2ed64 100644 --- a/bsd/netinet/ip_mroute.c +++ b/bsd/netinet/ip_mroute.c @@ -1,16 +1,19 @@ /* - * Copyright (c) 2000 Apple Computer, Inc. All rights reserved. + * Copyright (c) 2000-2007 Apple Inc. All rights reserved. * - * @APPLE_LICENSE_HEADER_START@ - * - * Copyright (c) 1999-2003 Apple Computer, Inc. All Rights Reserved. + * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ * * This file contains Original Code and/or Modifications of Original Code * as defined in and that are subject to the Apple Public Source License * Version 2.0 (the 'License'). You may not use this file except in - * compliance with the License. Please obtain a copy of the License at - * http://www.opensource.apple.com/apsl/ and read it before using this - * file. + * compliance with the License. The rights granted to you under the License + * may not be used to create, or enable the creation or redistribution of, + * unlawful or unlicensed copies of an Apple operating system, or to + * circumvent, violate, or enable the circumvention or violation of, any + * terms of an Apple operating system software license agreement. + * + * Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this file. * * The Original Code and all software distributed under the License are * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER @@ -20,7 +23,13 @@ * Please see the License for the specific language governing rights and * limitations under the License. * - * @APPLE_LICENSE_HEADER_END@ + * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ + */ +/* + * NOTICE: This file was modified by SPARTA, Inc. in 2005 to introduce + * support for mandatory and extensible security protections. This notice + * is included in support of clause 2.2 (b) of the Apple Public License, + * Version 2.0. */ /* * IP multicast forwarding procedures @@ -48,8 +57,12 @@ #include #include #include + +#include + #include #include +#include #include #include #include @@ -59,28 +72,19 @@ #include #include -#ifndef NTOHL -#if BYTE_ORDER != BIG_ENDIAN -#define NTOHL(d) ((d) = ntohl((d))) -#define NTOHS(d) ((d) = ntohs((u_short)(d))) -#define HTONL(d) ((d) = htonl((d))) -#define HTONS(d) ((d) = htons((u_short)(d))) -#else -#define NTOHL(d) -#define NTOHS(d) -#define HTONL(d) -#define HTONS(d) -#endif +#if CONFIG_MACF_NET +#include #endif -#ifndef MROUTING -extern u_long _ip_mcast_src __P((int vifi)); -extern int _ip_mforward __P((struct ip *ip, struct ifnet *ifp, - struct mbuf *m, struct ip_moptions *imo)); -extern int _ip_mrouter_done __P((void)); -extern int _ip_mrouter_get __P((struct socket *so, struct sockopt *sopt)); -extern int _ip_mrouter_set __P((struct socket *so, struct sockopt *sopt)); -extern int _mrt_ioctl __P((int req, caddr_t data, struct proc *p)); + +#if !MROUTING +extern u_int32_t _ip_mcast_src(int vifi); +extern int _ip_mforward(struct ip *ip, struct ifnet *ifp, + struct mbuf *m, struct ip_moptions *imo); +extern int _ip_mrouter_done(void); +extern int _ip_mrouter_get(struct socket *so, struct sockopt *sopt); +extern int _ip_mrouter_set(struct socket *so, struct sockopt *sopt); +extern int _mrt_ioctl(int req, caddr_t data, struct proc *p); /* * Dummy routines and globals used when multicast routing is not compiled in. @@ -90,9 +94,8 @@ struct socket *ip_mrouter = NULL; u_int rsvpdebug = 0; int -_ip_mrouter_set(so, sopt) - struct socket *so; - struct sockopt *sopt; +_ip_mrouter_set(__unused struct socket *so, + __unused struct sockopt *sopt) { return(EOPNOTSUPP); } @@ -101,9 +104,8 @@ int (*ip_mrouter_set)(struct socket *, struct sockopt *) = _ip_mrouter_set; int -_ip_mrouter_get(so, sopt) - struct socket *so; - struct sockopt *sopt; +_ip_mrouter_get(__unused struct socket *so, + __unused sockopt *sopt) { return(EOPNOTSUPP); } @@ -111,7 +113,7 @@ _ip_mrouter_get(so, sopt) int (*ip_mrouter_get)(struct socket *, struct sockopt *) = _ip_mrouter_get; int -_ip_mrouter_done() +_ip_mrouter_done(void) { return(0); } @@ -119,11 +121,8 @@ _ip_mrouter_done() int (*ip_mrouter_done)(void) = _ip_mrouter_done; int -_ip_mforward(ip, ifp, m, imo) - struct ip *ip; - struct ifnet *ifp; - struct mbuf *m; - struct ip_moptions *imo; +_ip_mforward(__unused struct ip *ip, __unused struct ifnet *ifp, + __unused struct mbuf *m, __unused ip_moptions *imo) { return(0); } @@ -132,7 +131,7 @@ int (*ip_mforward)(struct ip *, struct ifnet *, struct mbuf *, struct ip_moptions *) = _ip_mforward; int -_mrt_ioctl(int req, caddr_t data, struct proc *p) +_mrt_ioctl(__unused int req, __unused caddr_t data, __unused struct proc *p) { return EOPNOTSUPP; } @@ -140,9 +139,7 @@ _mrt_ioctl(int req, caddr_t data, struct proc *p) int (*mrt_ioctl)(int, caddr_t, struct proc *) = _mrt_ioctl; void -rsvp_input(m, iphlen) /* XXX must fixup manually */ - struct mbuf *m; - int iphlen; +rsvp_input(struct mbuf *m, int iphlen) /* XXX must fixup manually */ { /* Can still get packets with rsvp_on = 0 if there is a local member * of the group to which the RSVP packet is addressed. But in this @@ -174,9 +171,9 @@ int (*legal_vif_num)(int) = 0; * just in case it does get called, the code a little lower in ip_output * will assign the packet a local address. */ -u_long +u_int32_t _ip_mcast_src(int vifi) { return INADDR_ANY; } -u_long (*ip_mcast_src)(int) = _ip_mcast_src; +u_int32_t (*ip_mcast_src)(int) = _ip_mcast_src; int ip_rsvp_vif_init(so, sopt) @@ -218,7 +215,7 @@ ip_rsvp_force_done(so) struct socket *ip_mrouter = NULL; static struct mrtstat mrtstat; #else /* MROUTE_LKM */ -extern void X_ipip_input __P((struct mbuf *m, int iphlen)); +extern void X_ipip_input(struct mbuf *m, int iphlen); extern struct mrtstat mrtstat; static int ip_mrtproto; #endif @@ -226,9 +223,9 @@ static int ip_mrtproto; #define NO_RTE_FOUND 0x1 #define RTE_FOUND 0x2 -static struct mfc *mfctable[MFCTBLSIZ]; -static u_char nexpire[MFCTBLSIZ]; -static struct vif viftable[MAXVIFS]; +static struct mfc *mfctable[CONFIG_MFCTBLSIZ]; +static u_char nexpire[CONFIG_MFCTBLSIZ]; +static struct vif viftable[CONFIG_MAXVIFS]; static u_int mrtdebug = 0; /* debug level */ #define DEBUG_MFC 0x02 #define DEBUG_FORWARD 0x04 @@ -245,7 +242,7 @@ static u_int rsvpdebug = 0; /* rsvp debug level */ * tbftable -> each vif has one of these for storing info */ -static struct tbf tbftable[MAXVIFS]; +static struct tbf tbftable[CONFIG_MAXVIFS]; #define TBF_REPROCESS (hz / 100) /* 100x / second */ /* @@ -256,7 +253,7 @@ static struct tbf tbftable[MAXVIFS]; * can't be sent this way. They only exist as a placeholder for * multicast source verification. */ -static struct ifnet multicast_decap_if[MAXVIFS]; +static struct ifnet multicast_decap_if[CONFIG_MAXVIFS]; #define ENCAP_TTL 64 #define ENCAP_PROTO IPPROTO_IPIP /* 4 */ @@ -274,6 +271,7 @@ static struct ip multicast_encap_iphdr = { 0, /* frag offset */ ENCAP_TTL, ENCAP_PROTO, 0, /* checksum */ + { 0 }, { 0 } }; /* @@ -286,16 +284,16 @@ static int have_encap_tunnel = 0; * one-back cache used by ipip_input to locate a tunnel's vif * given a datagram's src ip address. */ -static u_long last_encap_src; +static u_int32_t last_encap_src; static struct vif *last_encap_vif; -static u_long X_ip_mcast_src __P((int vifi)); -static int X_ip_mforward __P((struct ip *ip, struct ifnet *ifp, struct mbuf *m, struct ip_moptions *imo)); -static int X_ip_mrouter_done __P((void)); -static int X_ip_mrouter_get __P((struct socket *so, struct sockopt *m)); -static int X_ip_mrouter_set __P((struct socket *so, struct sockopt *m)); -static int X_legal_vif_num __P((int vif)); -static int X_mrt_ioctl __P((int cmd, caddr_t data)); +static u_int32_t X_ip_mcast_src(int vifi); +static int X_ip_mforward(struct ip *ip, struct ifnet *ifp, struct mbuf *m, struct ip_moptions *imo); +static int X_ip_mrouter_done(void); +static int X_ip_mrouter_get(struct socket *so, struct sockopt *m); +static int X_ip_mrouter_set(struct socket *so, struct sockopt *m); +static int X_legal_vif_num(int vif); +static int X_mrt_ioctl(int cmd, caddr_t data); static int get_sg_cnt(struct sioc_sg_req *); static int get_vif_cnt(struct sioc_vif_req *); @@ -311,7 +309,7 @@ static int ip_mdq(struct mbuf *, struct ifnet *, struct mfc *, vifi_t); static void phyint_send(struct ip *, struct vif *, struct mbuf *); static void encap_send(struct ip *, struct vif *, struct mbuf *); -static void tbf_control(struct vif *, struct mbuf *, struct ip *, u_long); +static void tbf_control(struct vif *, struct mbuf *, struct ip *, u_int32_t); static void tbf_queue(struct vif *, struct mbuf *); static void tbf_process_q(struct vif *); static void tbf_reprocess_q(void *); @@ -342,7 +340,7 @@ static int pim_assert; */ #define MFCFIND(o, g, rt) { \ - register struct mfc *_rt = mfctable[MFCHASH(o,g)]; \ + struct mfc *_rt = mfctable[MFCHASH(o,g)]; \ rt = NULL; \ ++mrtstat.mrts_mfc_lookups; \ while (_rt) { \ @@ -365,7 +363,7 @@ static int pim_assert; * Borrowed from Van Jacobson's scheduling code */ #define TV_DELTA(a, b, delta) { \ - register int xxs; \ + int xxs; \ \ delta = (a).tv_usec - (b).tv_usec; \ if ((xxs = (a).tv_sec - (b).tv_sec)) { \ @@ -386,7 +384,7 @@ static int pim_assert; (a).tv_sec <= (b).tv_sec) || (a).tv_sec < (b).tv_sec) #if UPCALL_TIMING -u_long upcall_data[51]; +u_int32_t upcall_data[51]; static void collate(struct timeval *); #endif /* UPCALL_TIMING */ @@ -395,9 +393,7 @@ static void collate(struct timeval *); * Handle MRT setsockopt commands to modify the multicast routing tables. */ static int -X_ip_mrouter_set(so, sopt) - struct socket *so; - struct sockopt *sopt; +X_ip_mrouter_set(struct socket *so, struct sockopt *sopt) { int error, optval; vifi_t vifi; @@ -469,16 +465,14 @@ int (*ip_mrouter_set)(struct socket *, struct sockopt *) = X_ip_mrouter_set; * Handle MRT getsockopt commands */ static int -X_ip_mrouter_get(so, sopt) - struct socket *so; - struct sockopt *sopt; +X_ip_mrouter_get(__unused struct socket *so, struct sockopt *sopt) { int error; - static int version = 0x0305; /* !!! why is this here? XXX */ + static int vers = 0x0305; /* !!! why is this here? XXX */ switch (sopt->sopt_name) { case MRT_VERSION: - error = sooptcopyout(sopt, &version, sizeof version); + error = sooptcopyout(sopt, &vers, sizeof vers); break; case MRT_ASSERT: @@ -499,9 +493,7 @@ int (*ip_mrouter_get)(struct socket *, struct sockopt *) = X_ip_mrouter_get; * Handle ioctl commands to obtain information from the cache */ static int -X_mrt_ioctl(cmd, data) - int cmd; - caddr_t data; +X_mrt_ioctl(int cmd, caddr_t data) { int error = 0; @@ -527,15 +519,11 @@ int (*mrt_ioctl)(int, caddr_t) = X_mrt_ioctl; * returns the packet, byte, rpf-failure count for the source group provided */ static int -get_sg_cnt(req) - register struct sioc_sg_req *req; +get_sg_cnt(struct sioc_sg_req *req) { - register struct mfc *rt; - int s; + struct mfc *rt; - s = splnet(); MFCFIND(req->src.s_addr, req->grp.s_addr, rt); - splx(s); if (rt != NULL) { req->pktcnt = rt->mfc_pkt_cnt; req->bytecnt = rt->mfc_byte_cnt; @@ -550,10 +538,9 @@ get_sg_cnt(req) * returns the input and output packet and byte counts on the vif provided */ static int -get_vif_cnt(req) - register struct sioc_vif_req *req; +get_vif_cnt(struct sioc_vif_req *req) { - register vifi_t vifi = req->vifi; + vifi_t vifi = req->vifi; if (vifi >= numvifs) return EINVAL; @@ -569,9 +556,7 @@ get_vif_cnt(req) * Enable multicast routing */ static int -ip_mrouter_init(so, version) - struct socket *so; - int version; +ip_mrouter_init(struct socket *so, int vers) { if (mrtdebug) log(LOG_DEBUG,"ip_mrouter_init: so_type = %d, pr_protocol = %d\n", @@ -580,7 +565,7 @@ ip_mrouter_init(so, version) if (so->so_type != SOCK_RAW || so->so_proto->pr_protocol != IPPROTO_IGMP) return EOPNOTSUPP; - if (version != 1) + if (vers != 1) return ENOPROTOOPT; if (ip_mrouter != NULL) return EADDRINUSE; @@ -604,7 +589,7 @@ ip_mrouter_init(so, version) * Disable multicast routing */ static int -X_ip_mrouter_done() +X_ip_mrouter_done(void) { vifi_t vifi; int i; @@ -612,9 +597,6 @@ X_ip_mrouter_done() struct ifreq ifr; struct mfc *rt; struct rtdetq *rte; - int s; - - s = splnet(); /* * For each phyint in use, disable promiscuous reception of all IP @@ -640,7 +622,7 @@ X_ip_mrouter_done() /* * Free all multicast forwarding cache entries. */ - for (i = 0; i < MFCTBLSIZ; i++) { + for (i = 0; i < CONFIG_MFCTBLSIZ; i++) { for (rt = mfctable[i]; rt != NULL; ) { struct mfc *nr = rt->mfc_next; @@ -667,8 +649,6 @@ X_ip_mrouter_done() ip_mrouter = NULL; - splx(s); - if (mrtdebug) log(LOG_DEBUG, "ip_mrouter_done\n"); @@ -683,8 +663,7 @@ int (*ip_mrouter_done)(void) = X_ip_mrouter_done; * Set PIM assert processing global */ static int -set_assert(i) - int i; +set_assert(int i) { if ((i != 1) && (i != 0)) return EINVAL; @@ -698,17 +677,17 @@ set_assert(i) * Add a vif to the vif table */ static int -add_vif(vifcp) - register struct vifctl *vifcp; +add_vif(struct vifctl *vifcp) { - register struct vif *vifp = viftable + vifcp->vifc_vifi; - static struct sockaddr_in sin = {sizeof sin, AF_INET}; + struct vif *vifp = viftable + vifcp->vifc_vifi; + static struct sockaddr_in sin = { sizeof sin, AF_INET, + 0 , {0}, {0,0,0,0,0,0,0,0,} }; struct ifaddr *ifa; struct ifnet *ifp; int error, s; struct tbf *v_tbf = tbftable + vifcp->vifc_vifi; - if (vifcp->vifc_vifi >= MAXVIFS) return EINVAL; + if (vifcp->vifc_vifi >= CONFIG_MAXVIFS) return EINVAL; if (vifp->v_lcl_addr.s_addr != 0) return EADDRINUSE; /* Find the interface with an address in AF_INET family */ @@ -716,6 +695,8 @@ add_vif(vifcp) ifa = ifa_ifwithaddr((struct sockaddr *)&sin); if (ifa == 0) return EADDRNOTAVAIL; ifp = ifa->ifa_ifp; + ifafree(ifa); + ifa = NULL; if (vifcp->vifc_flags & VIFF_TUNNEL) { if ((vifcp->vifc_flags & VIFF_SRCRT) == 0) { @@ -725,7 +706,7 @@ add_vif(vifcp) */ if (have_encap_tunnel == 0) { have_encap_tunnel = 1; - for (s = 0; s < MAXVIFS; ++s) { + for (s = 0; s < CONFIG_MAXVIFS; ++s) { multicast_decap_if[s].if_name = "mdecap"; multicast_decap_if[s].if_unit = s; multicast_decap_if[s].if_family = APPLE_IF_FAM_MDECAP; @@ -749,14 +730,11 @@ add_vif(vifcp) return EOPNOTSUPP; /* Enable promiscuous reception of all IP multicasts from the if */ - s = splnet(); error = if_allmulti(ifp, 1); - splx(s); if (error) return error; } - s = splnet(); /* define parameters for the tbf structure */ vifp->v_tbf = v_tbf; GET_TIME(vifp->v_tbf->tbf_last_pkt_t); @@ -779,7 +757,6 @@ add_vif(vifcp) vifp->v_pkt_out = 0; vifp->v_bytes_in = 0; vifp->v_bytes_out = 0; - splx(s); /* Adjust numvifs up if the vifi is higher than numvifs */ if (numvifs <= vifcp->vifc_vifi) numvifs = vifcp->vifc_vifi + 1; @@ -787,9 +764,9 @@ add_vif(vifcp) if (mrtdebug) log(LOG_DEBUG, "add_vif #%d, lcladdr %lx, %s %lx, thresh %x, rate %d\n", vifcp->vifc_vifi, - (u_long)ntohl(vifcp->vifc_lcl_addr.s_addr), + (u_int32_t)ntohl(vifcp->vifc_lcl_addr.s_addr), (vifcp->vifc_flags & VIFF_TUNNEL) ? "rmtaddr" : "mask", - (u_long)ntohl(vifcp->vifc_rmt_addr.s_addr), + (u_int32_t)ntohl(vifcp->vifc_rmt_addr.s_addr), vifcp->vifc_threshold, vifcp->vifc_rate_limit); @@ -800,20 +777,16 @@ add_vif(vifcp) * Delete a vif from the vif table */ static int -del_vif(vifi) - vifi_t vifi; +del_vif(vifi_t vifi) { - register struct vif *vifp = &viftable[vifi]; - register struct mbuf *m; + struct vif *vifp = &viftable[vifi]; + struct mbuf *m; struct ifnet *ifp; struct ifreq ifr; - int s; if (vifi >= numvifs) return EINVAL; if (vifp->v_lcl_addr.s_addr == 0) return EADDRNOTAVAIL; - s = splnet(); - if (!(vifp->v_flags & VIFF_TUNNEL)) { ((struct sockaddr_in *)&(ifr.ifr_addr))->sin_family = AF_INET; ((struct sockaddr_in *)&(ifr.ifr_addr))->sin_addr.s_addr = INADDR_ANY; @@ -846,8 +819,6 @@ del_vif(vifi) if (viftable[vifi-1].v_lcl_addr.s_addr != 0) break; numvifs = vifi; - splx(s); - return 0; } @@ -855,14 +826,12 @@ del_vif(vifi) * Add an mfc entry */ static int -add_mfc(mfccp) - struct mfcctl *mfccp; +add_mfc(struct mfcctl *mfccp) { struct mfc *rt; - u_long hash; + u_int32_t hash; struct rtdetq *rte; - register u_short nstl; - int s; + u_short nstl; int i; MFCFIND(mfccp->mfcc_origin.s_addr, mfccp->mfcc_mcastgrp.s_addr, rt); @@ -871,22 +840,19 @@ add_mfc(mfccp) if (rt) { if (mrtdebug & DEBUG_MFC) log(LOG_DEBUG,"add_mfc update o %lx g %lx p %x\n", - (u_long)ntohl(mfccp->mfcc_origin.s_addr), - (u_long)ntohl(mfccp->mfcc_mcastgrp.s_addr), + (u_int32_t)ntohl(mfccp->mfcc_origin.s_addr), + (u_int32_t)ntohl(mfccp->mfcc_mcastgrp.s_addr), mfccp->mfcc_parent); - s = splnet(); rt->mfc_parent = mfccp->mfcc_parent; for (i = 0; i < numvifs; i++) rt->mfc_ttls[i] = mfccp->mfcc_ttls[i]; - splx(s); return 0; } /* * Find the entry for which the upcall was made and update */ - s = splnet(); hash = MFCHASH(mfccp->mfcc_origin.s_addr, mfccp->mfcc_mcastgrp.s_addr); for (rt = mfctable[hash], nstl = 0; rt; rt = rt->mfc_next) { @@ -897,14 +863,14 @@ add_mfc(mfccp) if (nstl++) log(LOG_ERR, "add_mfc %s o %lx g %lx p %x dbx %p\n", "multiple kernel entries", - (u_long)ntohl(mfccp->mfcc_origin.s_addr), - (u_long)ntohl(mfccp->mfcc_mcastgrp.s_addr), + (u_int32_t)ntohl(mfccp->mfcc_origin.s_addr), + (u_int32_t)ntohl(mfccp->mfcc_mcastgrp.s_addr), mfccp->mfcc_parent, (void *)rt->mfc_stall); if (mrtdebug & DEBUG_MFC) log(LOG_DEBUG,"add_mfc o %lx g %lx p %x dbg %p\n", - (u_long)ntohl(mfccp->mfcc_origin.s_addr), - (u_long)ntohl(mfccp->mfcc_mcastgrp.s_addr), + (u_int32_t)ntohl(mfccp->mfcc_origin.s_addr), + (u_int32_t)ntohl(mfccp->mfcc_mcastgrp.s_addr), mfccp->mfcc_parent, (void *)rt->mfc_stall); rt->mfc_origin = mfccp->mfcc_origin; @@ -943,8 +909,8 @@ add_mfc(mfccp) if (nstl == 0) { if (mrtdebug & DEBUG_MFC) log(LOG_DEBUG,"add_mfc no upcall h %lu o %lx g %lx p %x\n", - hash, (u_long)ntohl(mfccp->mfcc_origin.s_addr), - (u_long)ntohl(mfccp->mfcc_mcastgrp.s_addr), + hash, (u_int32_t)ntohl(mfccp->mfcc_origin.s_addr), + (u_int32_t)ntohl(mfccp->mfcc_mcastgrp.s_addr), mfccp->mfcc_parent); for (rt = mfctable[hash]; rt != NULL; rt = rt->mfc_next) { @@ -971,7 +937,6 @@ add_mfc(mfccp) /* no upcall, so make a new entry */ rt = (struct mfc *) _MALLOC(sizeof(*rt), M_MRTABLE, M_NOWAIT); if (rt == NULL) { - splx(s); return ENOBUFS; } @@ -994,7 +959,6 @@ add_mfc(mfccp) mfctable[hash] = rt; } } - splx(s); return 0; } @@ -1002,12 +966,12 @@ add_mfc(mfccp) /* * collect delay statistics on the upcalls */ -static void collate(t) -register struct timeval *t; +static void +collate(struct timeval *t) { - register u_long d; - register struct timeval tp; - register u_long delta; + u_int32_t d; + struct timeval tp; + u_int32_t delta; GET_TIME(tp); @@ -1028,15 +992,13 @@ register struct timeval *t; * Delete an mfc entry */ static int -del_mfc(mfccp) - struct mfcctl *mfccp; +del_mfc(struct mfcctl *mfccp) { struct in_addr origin; struct in_addr mcastgrp; struct mfc *rt; struct mfc **nptr; - u_long hash; - int s; + u_int32_t hash; origin = mfccp->mfcc_origin; mcastgrp = mfccp->mfcc_mcastgrp; @@ -1044,9 +1006,7 @@ del_mfc(mfccp) if (mrtdebug & DEBUG_MFC) log(LOG_DEBUG,"del_mfc orig %lx mcastgrp %lx\n", - (u_long)ntohl(origin.s_addr), (u_long)ntohl(mcastgrp.s_addr)); - - s = splnet(); + (u_int32_t)ntohl(origin.s_addr), (u_int32_t)ntohl(mcastgrp.s_addr)); nptr = &mfctable[hash]; while ((rt = *nptr) != NULL) { @@ -1058,15 +1018,12 @@ del_mfc(mfccp) nptr = &rt->mfc_next; } if (rt == NULL) { - splx(s); return EADDRNOTAVAIL; } *nptr = rt->mfc_next; FREE(rt, M_MRTABLE); - splx(s); - return 0; } @@ -1074,19 +1031,19 @@ del_mfc(mfccp) * Send a message to mrouted on the multicast routing socket */ static int -socket_send(s, mm, src) - struct socket *s; - struct mbuf *mm; - struct sockaddr_in *src; +socket_send(struct socket *s, struct mbuf *mm, struct sockaddr_in *src) { + socket_lock(s, 1); if (s) { if (sbappendaddr(&s->so_rcv, (struct sockaddr *)src, - mm, (struct mbuf *)0) != 0) { + mm, (struct mbuf *)0, NULL) != 0) { sorwakeup(s); + socket_unlock(s, 1); return 0; } } + socket_unlock(s, 1); m_freem(mm); return -1; } @@ -1106,24 +1063,21 @@ socket_send(s, mm, src) #define TUNNEL_LEN 12 /* # bytes of IP option for tunnel encapsulation */ static int -X_ip_mforward(ip, ifp, m, imo) - register struct ip *ip; - struct ifnet *ifp; - struct mbuf *m; - struct ip_moptions *imo; +X_ip_mforward(struct ip *ip, struct ifnet *ifp, struct mbuf *m, + struct ip_moptions *imo) { - register struct mfc *rt; - register u_char *ipoptions; - static struct sockaddr_in k_igmpsrc = { sizeof k_igmpsrc, AF_INET }; + struct mfc *rt; + u_char *ipoptions; + static struct sockaddr_in k_igmpsrc = { sizeof k_igmpsrc, AF_INET, + 0 , {0}, {0,0,0,0,0,0,0,0,} }; static int srctun = 0; - register struct mbuf *mm; - int s; + struct mbuf *mm; vifi_t vifi; struct vif *vifp; if (mrtdebug & DEBUG_FORWARD) log(LOG_DEBUG, "ip_mforward: src %lx, dst %lx, ifp %p\n", - (u_long)ntohl(ip->ip_src.s_addr), (u_long)ntohl(ip->ip_dst.s_addr), + (u_int32_t)ntohl(ip->ip_src.s_addr), (u_int32_t)ntohl(ip->ip_dst.s_addr), (void *)ifp); if (ip->ip_hl < (IP_HDR_LEN + TUNNEL_LEN) >> 2 || @@ -1140,7 +1094,7 @@ X_ip_mforward(ip, ifp, m, imo) if ((srctun++ % 1000) == 0) log(LOG_ERR, "ip_mforward: received source-routed packet from %lx\n", - (u_long)ntohl(ip->ip_src.s_addr)); + (u_int32_t)ntohl(ip->ip_src.s_addr)); return 1; } @@ -1150,7 +1104,7 @@ X_ip_mforward(ip, ifp, m, imo) ip->ip_ttl++; /* compensate for -1 in *_send routines */ if (rsvpdebug && ip->ip_p == IPPROTO_RSVP) { vifp = viftable + vifi; - printf("Sending IPPROTO_RSVP from %lx to %lx on vif %d (%s%s%d)\n", + printf("Sending IPPROTO_RSVP from %x to %x on vif %d (%s%s%d)\n", ntohl(ip->ip_src.s_addr), ntohl(ip->ip_dst.s_addr), vifi, (vifp->v_flags & VIFF_TUNNEL) ? "tunnel on " : "", vifp->v_ifp->if_name, vifp->v_ifp->if_unit); @@ -1158,7 +1112,7 @@ X_ip_mforward(ip, ifp, m, imo) return (ip_mdq(m, ifp, NULL, vifi)); } if (rsvpdebug && ip->ip_p == IPPROTO_RSVP) { - printf("Warning: IPPROTO_RSVP from %lx to %lx without vif option\n", + printf("Warning: IPPROTO_RSVP from %x to %x without vif option\n", ntohl(ip->ip_src.s_addr), ntohl(ip->ip_dst.s_addr)); if(!imo) printf("In fact, no options were specified at all\n"); @@ -1175,12 +1129,10 @@ X_ip_mforward(ip, ifp, m, imo) /* * Determine forwarding vifs from the forwarding cache table */ - s = splnet(); MFCFIND(ip->ip_src.s_addr, ip->ip_dst.s_addr, rt); /* Entry exists, so forward if necessary */ if (rt != NULL) { - splx(s); return (ip_mdq(m, ifp, rt, -1)); } else { /* @@ -1189,9 +1141,9 @@ X_ip_mforward(ip, ifp, m, imo) * send message to routing daemon */ - register struct mbuf *mb0; - register struct rtdetq *rte; - register u_long hash; + struct mbuf *mb0; + struct rtdetq *rte; + u_int32_t hash; int hlen = ip->ip_hl << 2; #if UPCALL_TIMING struct timeval tp; @@ -1202,8 +1154,8 @@ X_ip_mforward(ip, ifp, m, imo) mrtstat.mrts_no_route++; if (mrtdebug & (DEBUG_FORWARD | DEBUG_MFC)) log(LOG_DEBUG, "ip_mforward: no rte s %lx g %lx\n", - (u_long)ntohl(ip->ip_src.s_addr), - (u_long)ntohl(ip->ip_dst.s_addr)); + (u_int32_t)ntohl(ip->ip_src.s_addr), + (u_int32_t)ntohl(ip->ip_dst.s_addr)); /* * Allocate mbufs early so that we don't do extra work if we are @@ -1212,7 +1164,6 @@ X_ip_mforward(ip, ifp, m, imo) */ rte = (struct rtdetq *) _MALLOC((sizeof *rte), M_MRTABLE, M_NOWAIT); if (rte == NULL) { - splx(s); return ENOBUFS; } mb0 = m_copy(m, 0, M_COPYALL); @@ -1220,7 +1171,6 @@ X_ip_mforward(ip, ifp, m, imo) mb0 = m_pullup(mb0, hlen); if (mb0 == NULL) { FREE(rte, M_MRTABLE); - splx(s); return ENOBUFS; } @@ -1242,7 +1192,6 @@ X_ip_mforward(ip, ifp, m, imo) if (rt == NULL) { FREE(rte, M_MRTABLE); m_freem(mb0); - splx(s); return ENOBUFS; } /* Make a copy of the header to send to the user level process */ @@ -1251,7 +1200,6 @@ X_ip_mforward(ip, ifp, m, imo) FREE(rte, M_MRTABLE); m_freem(mb0); FREE(rt, M_MRTABLE); - splx(s); return ENOBUFS; } @@ -1273,7 +1221,6 @@ X_ip_mforward(ip, ifp, m, imo) FREE(rte, M_MRTABLE); m_freem(mb0); FREE(rt, M_MRTABLE); - splx(s); return ENOBUFS; } @@ -1303,7 +1250,6 @@ X_ip_mforward(ip, ifp, m, imo) mrtstat.mrts_upq_ovflw++; FREE(rte, M_MRTABLE); m_freem(mb0); - splx(s); return 0; } @@ -1318,8 +1264,6 @@ X_ip_mforward(ip, ifp, m, imo) #endif rte->next = NULL; - splx(s); - return 0; } } @@ -1333,19 +1277,13 @@ int (*ip_mforward)(struct ip *, struct ifnet *, struct mbuf *, * Clean up the cache entry if upcall is not serviced */ static void -expire_upcalls(void *unused) +expire_upcalls(__unused void *unused) { struct rtdetq *rte; struct mfc *mfc, **nptr; int i; - int s; - boolean_t funnel_state; - - funnel_state = thread_funnel_set(network_flock, TRUE); - - s = splnet(); - for (i = 0; i < MFCTBLSIZ; i++) { + for (i = 0; i < CONFIG_MFCTBLSIZ; i++) { if (nexpire[i] == 0) continue; nptr = &mfctable[i]; @@ -1360,8 +1298,8 @@ expire_upcalls(void *unused) --mfc->mfc_expire == 0) { if (mrtdebug & DEBUG_EXPIRE) log(LOG_DEBUG, "expire_upcalls: expiring (%lx %lx)\n", - (u_long)ntohl(mfc->mfc_origin.s_addr), - (u_long)ntohl(mfc->mfc_mcastgrp.s_addr)); + (u_int32_t)ntohl(mfc->mfc_origin.s_addr), + (u_int32_t)ntohl(mfc->mfc_mcastgrp.s_addr)); /* * drop all the packets * free the mbuf with the pkt, if, timing info @@ -1383,25 +1321,20 @@ expire_upcalls(void *unused) } } } - splx(s); timeout(expire_upcalls, (caddr_t)NULL, EXPIRE_TIMEOUT); - (void) thread_funnel_set(network_flock, FALSE); } /* * Packet forwarding routine once entry in the cache is made */ static int -ip_mdq(m, ifp, rt, xmt_vif) - register struct mbuf *m; - register struct ifnet *ifp; - register struct mfc *rt; - register vifi_t xmt_vif; +ip_mdq(struct mbuf *m, struct ifnet *ifp, struct mfc *rt, + vifi_t xmt_vif) { - register struct ip *ip = mtod(m, struct ip *); - register vifi_t vifi; - register struct vif *vifp; - register int plen = ip->ip_len; + struct ip *ip = mtod(m, struct ip *); + vifi_t vifi; + struct vif *vifp; + int plen = ip->ip_len; /* * Macro to send packet on vif. Since RSVP packets don't get counted on @@ -1449,7 +1382,7 @@ ip_mdq(m, ifp, rt, xmt_vif) struct igmpmsg *im; int hlen = ip->ip_hl << 2; struct timeval now; - register u_long delta; + u_int32_t delta; GET_TIME(now); @@ -1511,8 +1444,7 @@ ip_mdq(m, ifp, rt, xmt_vif) * numvifs there, */ static int -X_legal_vif_num(vif) - int vif; +X_legal_vif_num(int vif) { if (vif >= 0 && vif < numvifs) return(1); @@ -1527,9 +1459,8 @@ int (*legal_vif_num)(int) = X_legal_vif_num; /* * Return the local address used by this vif */ -static u_long -X_ip_mcast_src(vifi) - int vifi; +static u_int32_t +X_ip_mcast_src(int vifi) { if (vifi >= 0 && vifi < numvifs) return viftable[vifi].v_lcl_addr.s_addr; @@ -1538,17 +1469,14 @@ X_ip_mcast_src(vifi) } #if !defined(MROUTE_LKM) || !MROUTE_LKM -u_long (*ip_mcast_src)(int) = X_ip_mcast_src; +u_int32_t (*ip_mcast_src)(int) = X_ip_mcast_src; #endif static void -phyint_send(ip, vifp, m) - struct ip *ip; - struct vif *vifp; - struct mbuf *m; +phyint_send(struct ip *ip, struct vif *vifp, struct mbuf *m) { - register struct mbuf *mb_copy; - register int hlen = ip->ip_hl << 2; + struct mbuf *mb_copy; + int hlen = ip->ip_hl << 2; /* * Make a new reference to the packet; make sure that @@ -1568,14 +1496,11 @@ phyint_send(ip, vifp, m) } static void -encap_send(ip, vifp, m) - register struct ip *ip; - register struct vif *vifp; - register struct mbuf *m; +encap_send(struct ip *ip, struct vif *vifp, struct mbuf *m) { - register struct mbuf *mb_copy; - register struct ip *ip_copy; - register int i, len = ip->ip_len; + struct mbuf *mb_copy; + struct ip *ip_copy; + int i, len = ip->ip_len; /* * copy the old packet & pullup its IP header into the @@ -1585,6 +1510,9 @@ encap_send(ip, vifp, m) MGETHDR(mb_copy, M_DONTWAIT, MT_HEADER); if (mb_copy == NULL) return; +#if CONFIG_MACF_NET + mac_mbuf_label_associate_multicast_encap(m, vifp->v_ifp, mb_copy); +#endif mb_copy->m_data += max_linkhdr; mb_copy->m_len = sizeof(multicast_encap_iphdr); @@ -1619,8 +1547,12 @@ encap_send(ip, vifp, m) */ ip = (struct ip *)((caddr_t)ip_copy + sizeof(multicast_encap_iphdr)); --ip->ip_ttl; + +#if BYTE_ORDER != BIG_ENDIAN HTONS(ip->ip_len); HTONS(ip->ip_off); +#endif + ip->ip_sum = 0; mb_copy->m_data += sizeof(multicast_encap_iphdr); ip->ip_sum = in_cksum(mb_copy, ip->ip_hl << 2); @@ -1639,19 +1571,15 @@ encap_send(ip, vifp, m) */ void #if MROUTE_LKM -X_ipip_input(m, iphlen) +X_ipip_input(struct mbuf *m, int iphlen) #else -ipip_input(m, iphlen) +ipip_input(struct mbuf *m, int iphlen) #endif - register struct mbuf *m; - int iphlen; { struct ifnet *ifp = m->m_pkthdr.rcvif; - register struct ip *ip = mtod(m, struct ip *); - register int hlen = ip->ip_hl << 2; - register int s; - register struct ifqueue *ifq; - register struct vif *vifp; + struct ip *ip = mtod(m, struct ip *); + int hlen = ip->ip_hl << 2; + struct vif *vifp; if (!have_encap_tunnel) { rip_input(m, iphlen); @@ -1670,7 +1598,7 @@ ipip_input(m, iphlen) return; } if (ip->ip_src.s_addr != last_encap_src) { - register struct vif *vife; + struct vif *vife; vifp = viftable; vife = vifp + numvifs; @@ -1690,7 +1618,7 @@ ipip_input(m, iphlen) m_freem(m); if (mrtdebug) log(LOG_DEBUG, "ip_mforward: no tunnel with %lx\n", - (u_long)ntohl(ip->ip_src.s_addr)); + (u_int32_t)ntohl(ip->ip_src.s_addr)); return; } ifp = vifp->v_ifp; @@ -1701,23 +1629,8 @@ ipip_input(m, iphlen) m->m_len -= IP_HDR_LEN; m->m_pkthdr.len -= IP_HDR_LEN; m->m_pkthdr.rcvif = ifp; - - ifq = &ipintrq; - s = splimp(); - if (IF_QFULL(ifq)) { - IF_DROP(ifq); - m_freem(m); - } else { - IF_ENQUEUE(ifq, m); - /* - * normally we would need a "schednetisr(NETISR_IP)" - * here but we were called by ip_input and it is going - * to loop back & try to dequeue the packet we just - * queued as soon as we return so we avoid the - * unnecessary software interrrupt. - */ - } - splx(s); + + proto_inject(PF_INET, m); } /* @@ -1725,13 +1638,10 @@ ipip_input(m, iphlen) */ static void -tbf_control(vifp, m, ip, p_len) - register struct vif *vifp; - register struct mbuf *m; - register struct ip *ip; - register u_long p_len; +tbf_control(struct vif *vifp, struct mbuf *m, struct ip *ip, + u_int32_t p_len) { - register struct tbf *t = vifp->v_tbf; + struct tbf *t = vifp->v_tbf; if (p_len > MAX_BKT_SIZE) { /* drop if packet is too large */ @@ -1779,12 +1689,9 @@ tbf_control(vifp, m, ip, p_len) * adds a packet to the queue at the interface */ static void -tbf_queue(vifp, m) - register struct vif *vifp; - register struct mbuf *m; +tbf_queue(struct vif *vifp, struct mbuf *m) { - register int s = splnet(); - register struct tbf *t = vifp->v_tbf; + struct tbf *t = vifp->v_tbf; if (t->tbf_t == NULL) { /* Queue was empty */ @@ -1805,8 +1712,6 @@ tbf_queue(vifp, m) m->m_act = NULL; t->tbf_q_len++; - - splx(s); } @@ -1814,13 +1719,11 @@ tbf_queue(vifp, m) * processes the queue at the interface */ static void -tbf_process_q(vifp) - register struct vif *vifp; +tbf_process_q(struct vif *vifp) { - register struct mbuf *m; - register int len; - register int s = splnet(); - register struct tbf *t = vifp->v_tbf; + struct mbuf *m; + int len; + struct tbf *t = vifp->v_tbf; /* loop through the queue at the interface and send as many packets * as possible @@ -1847,19 +1750,14 @@ tbf_process_q(vifp) } else break; } - splx(s); } static void -tbf_reprocess_q(xvifp) - void *xvifp; +tbf_reprocess_q(void *xvifp) { - register struct vif *vifp = xvifp; - boolean_t funnel_state; + struct vif *vifp = xvifp; - funnel_state = thread_funnel_set(network_flock, TRUE); if (ip_mrouter == NULL) { - (void) thread_funnel_set(network_flock, FALSE); return; } @@ -1869,22 +1767,18 @@ tbf_reprocess_q(xvifp) if (vifp->v_tbf->tbf_q_len) timeout(tbf_reprocess_q, (caddr_t)vifp, TBF_REPROCESS); - (void) thread_funnel_set(network_flock, FALSE); } /* function that will selectively discard a member of the queue * based on the precedence value and the priority */ static int -tbf_dq_sel(vifp, ip) - register struct vif *vifp; - register struct ip *ip; +tbf_dq_sel(struct vif *vifp, struct ip *ip) { - register int s = splnet(); - register u_int p; - register struct mbuf *m, *last; - register struct mbuf **np; - register struct tbf *t = vifp->v_tbf; + u_int p; + struct mbuf *m, *last; + struct mbuf **np; + struct tbf *t = vifp->v_tbf; p = priority(vifp, ip); @@ -1901,31 +1795,26 @@ tbf_dq_sel(vifp, ip) * we check anyway. */ if (--t->tbf_q_len == 0) t->tbf_t = NULL; - splx(s); mrtstat.mrts_drop_sel++; return(1); } np = &m->m_act; last = m; } - splx(s); return(0); } static void -tbf_send_packet(vifp, m) - register struct vif *vifp; - register struct mbuf *m; +tbf_send_packet(struct vif *vifp, struct mbuf *m) { struct ip_moptions imo; int error; static struct route ro; - int s = splnet(); if (vifp->v_flags & VIFF_TUNNEL) { /* If tunnel options */ ip_output(m, (struct mbuf *)0, &vifp->v_route, - IP_FORWARDING, (struct ip_moptions *)0); + IP_FORWARDING, (struct ip_moptions *)0, NULL); } else { imo.imo_multicast_ifp = vifp->v_ifp; imo.imo_multicast_ttl = mtod(m, struct ip *)->ip_ttl - 1; @@ -1939,13 +1828,12 @@ tbf_send_packet(vifp, m) * the loopback interface, thus preventing looping. */ error = ip_output(m, (struct mbuf *)0, &ro, - IP_FORWARDING, &imo); + IP_FORWARDING, &imo, NULL); if (mrtdebug & DEBUG_XMIT) log(LOG_DEBUG, "phyint_send on vif %d err %d\n", vifp - viftable, error); } - splx(s); } /* determine the current time and then @@ -1953,13 +1841,11 @@ tbf_send_packet(vifp, m) * in milliseconds & update the no. of tokens in the bucket */ static void -tbf_update_tokens(vifp) - register struct vif *vifp; +tbf_update_tokens(struct vif *vifp) { struct timeval tp; - register u_long tm; - register int s = splnet(); - register struct tbf *t = vifp->v_tbf; + u_int32_t tm; + struct tbf *t = vifp->v_tbf; GET_TIME(tp); @@ -1979,16 +1865,12 @@ tbf_update_tokens(vifp) if (t->tbf_n_tok > MAX_BKT_SIZE) t->tbf_n_tok = MAX_BKT_SIZE; - - splx(s); } static int -priority(vifp, ip) - register struct vif *vifp; - register struct ip *ip; +priority(__unused struct vif *vifp, struct ip *ip) { - register int prio; + int prio; /* temporary hack; may add general packet classifier some day */ @@ -2028,11 +1910,9 @@ priority(vifp, ip) */ int -ip_rsvp_vif_init(so, sopt) - struct socket *so; - struct sockopt *sopt; +ip_rsvp_vif_init(struct socket *so, struct sockopt *sopt) { - int error, i, s; + int error, i; if (rsvpdebug) printf("ip_rsvp_vif_init: so_type = %d, pr_protocol = %d\n", @@ -2049,17 +1929,13 @@ ip_rsvp_vif_init(so, sopt) if (rsvpdebug) printf("ip_rsvp_vif_init: vif = %d rsvp_on = %d\n", i, rsvp_on); - s = splnet(); - /* Check vif. */ if (!legal_vif_num(i)) { - splx(s); return EADDRNOTAVAIL; } /* Check if socket is available. */ if (viftable[i].v_rsvpd != NULL) { - splx(s); return EADDRINUSE; } @@ -2072,16 +1948,13 @@ ip_rsvp_vif_init(so, sopt) rsvp_on++; } - splx(s); return 0; } int -ip_rsvp_vif_done(so, sopt) - struct socket *so; - struct sockopt *sopt; +ip_rsvp_vif_done(struct socket *so, struct sockopt *sopt) { - int error, i, s; + int error, i; if (rsvpdebug) printf("ip_rsvp_vif_done: so_type = %d, pr_protocol = %d\n", @@ -2094,12 +1967,9 @@ ip_rsvp_vif_done(so, sopt) error = sooptcopyin(sopt, &i, sizeof i, sizeof i); if (error) return (error); - - s = splnet(); - + /* Check vif. */ if (!legal_vif_num(i)) { - splx(s); return EADDRNOTAVAIL; } @@ -2117,23 +1987,18 @@ ip_rsvp_vif_done(so, sopt) rsvp_on--; } - splx(s); return 0; } void -ip_rsvp_force_done(so) - struct socket *so; +ip_rsvp_force_done(struct socket *so) { int vifi; - register int s; /* Don't bother if it is not the right type of socket. */ if (so->so_type != SOCK_RAW || so->so_proto->pr_protocol != IPPROTO_RSVP) return; - s = splnet(); - /* The socket may be attached to more than one vif...this * is perfectly legal. */ @@ -2150,19 +2015,16 @@ ip_rsvp_force_done(so) } } - splx(s); return; } void -rsvp_input(m, iphlen) - struct mbuf *m; - int iphlen; +rsvp_input(struct mbuf *m, int iphlen) { int vifi; - register struct ip *ip = mtod(m, struct ip *); - static struct sockaddr_in rsvp_src = { sizeof rsvp_src, AF_INET }; - register int s; + struct ip *ip = mtod(m, struct ip *); + static struct sockaddr_in rsvp_src = { sizeof rsvp_src, AF_INET, + 0 , {0}, {0,0,0,0,0,0,0,0,} }; struct ifnet *ifp; if (rsvpdebug) @@ -2177,8 +2039,6 @@ rsvp_input(m, iphlen) return; } - s = splnet(); - if (rsvpdebug) printf("rsvp_input: check vifs\n"); @@ -2210,13 +2070,12 @@ rsvp_input(m, iphlen) printf("rsvp_input: No socket defined for vif %d\n",vifi); m_freem(m); } - splx(s); return; } rsvp_src.sin_addr = ip->ip_src; if (rsvpdebug && m) - printf("rsvp_input: m->m_len = %d, sbspace() = %ld\n", + printf("rsvp_input: m->m_len = %d, sbspace() = %d\n", m->m_len,sbspace(&(viftable[vifi].v_rsvpd->so_rcv))); if (socket_send(viftable[vifi].v_rsvpd, m, &rsvp_src) < 0) { @@ -2227,7 +2086,6 @@ rsvp_input(m, iphlen) printf("rsvp_input: send packet up\n"); } - splx(s); } #if MROUTE_LKM