1 /** @file 2 IP6 internal functions and definitions to process the incoming packets. 3 4 Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR> 5 6 SPDX-License-Identifier: BSD-2-Clause-Patent 7 8 **/ 9 10 #ifndef __EFI_IP6_INPUT_H__ 11 #define __EFI_IP6_INPUT_H__ 12 13 #define IP6_MIN_HEADLEN 40 14 #define IP6_MAX_HEADLEN 120 15 /// 16 /// 8(ESP header) + 16(max IV) + 16(max padding) + 2(ESP tail) + 12(max ICV) = 54 17 /// 18 #define IP6_MAX_IPSEC_HEADLEN 54 19 20 21 #define IP6_ASSEMLE_HASH_SIZE 127 22 /// 23 /// Lift time in seconds. 24 /// 25 #define IP6_FRAGMENT_LIFE 60 26 #define IP6_MAX_PACKET_SIZE 65535 27 28 29 #define IP6_GET_CLIP_INFO(Packet) ((IP6_CLIP_INFO *) ((Packet)->ProtoData)) 30 31 #define IP6_ASSEMBLE_HASH(Dst, Src, Id) \ 32 ((*((UINT32 *) (Dst)) + *((UINT32 *) (Src)) + (Id)) % IP6_ASSEMLE_HASH_SIZE) 33 34 #define IP6_RXDATA_WRAP_SIZE(NumFrag) \ 35 (sizeof (IP6_RXDATA_WRAP) + sizeof (EFI_IP6_FRAGMENT_DATA) * ((NumFrag) - 1)) 36 37 // 38 // Per packet information for input process. LinkFlag specifies whether 39 // the packet is received as Link layer unicast, multicast or broadcast. 40 // The CastType is the IP layer cast type, such as IP multicast or unicast. 41 // Start, End and Length are staffs used to assemble the packets. Start 42 // is the sequence number of the first byte of data in the packet. Length 43 // is the number of bytes of data. End = Start + Length, that is, the 44 // sequence number of last byte + 1. Each assembled packet has a count down 45 // life. If it isn't consumed before Life reaches zero, the packet is released. 46 // 47 typedef struct { 48 UINT32 LinkFlag; 49 INT32 CastType; 50 INT32 Start; 51 INT32 End; 52 INT32 Length; 53 UINT32 Life; 54 EFI_STATUS Status; 55 UINT32 Id; 56 UINT16 HeadLen; 57 UINT8 NextHeader; 58 UINT8 LastFrag; 59 UINT32 FormerNextHeader; 60 } IP6_CLIP_INFO; 61 62 // 63 // Structure used to assemble IP packets. 64 // 65 typedef struct { 66 LIST_ENTRY Link; 67 LIST_ENTRY Fragments; // List of all the fragments of this packet 68 69 // 70 // Identity of one IP6 packet. Each fragment of a packet has 71 // the same (Dst, Src, Id). 72 // 73 EFI_IPv6_ADDRESS Dst; 74 EFI_IPv6_ADDRESS Src; 75 UINT32 Id; 76 77 UINT32 TotalLen; 78 UINT32 CurLen; 79 UINT32 Life; // Count down life for the packet. 80 81 EFI_IP6_HEADER *Head; // IP head of the first fragment 82 IP6_CLIP_INFO *Info; // Per packet information of the first fragment 83 NET_BUF *Packet; // The first fragment of the packet 84 } IP6_ASSEMBLE_ENTRY; 85 86 // 87 // Each Ip service instance has an assemble table to reassemble 88 // the packets before delivery to its children. It is organized 89 // as hash table. 90 // 91 typedef struct { 92 LIST_ENTRY Bucket[IP6_ASSEMLE_HASH_SIZE]; 93 } IP6_ASSEMBLE_TABLE; 94 95 /** 96 The IP6 input routine. It is called by the IP6_INTERFACE when an 97 IP6 fragment is received from MNP. 98 99 @param[in] Packet The IP6 packet received. 100 @param[in] IoStatus The return status of receive request. 101 @param[in] Flag The link layer flag for the packet received, such 102 as multicast. 103 @param[in] Context The IP6 service instance that own the MNP. 104 105 **/ 106 VOID 107 Ip6AcceptFrame ( 108 IN NET_BUF *Packet, 109 IN EFI_STATUS IoStatus, 110 IN UINT32 Flag, 111 IN VOID *Context 112 ); 113 114 /** 115 Deliver the received packets to upper layer if there are both received 116 requests and enqueued packets. If the enqueued packet is shared, it will 117 duplicate it to a non-shared packet, release the shared packet, then 118 deliver the non-shared packet up. 119 120 @param[in] IpInstance The IP child to deliver the packet up. 121 122 @retval EFI_OUT_OF_RESOURCES Failed to allocate resources to deliver the 123 packets. 124 @retval EFI_SUCCESS All the enqueued packets that can be delivered 125 are delivered up. 126 127 **/ 128 EFI_STATUS 129 Ip6InstanceDeliverPacket ( 130 IN IP6_PROTOCOL *IpInstance 131 ); 132 133 /** 134 The work function to locate the IPsec protocol to process the inbound or 135 outbound IP packets. The process routine handles the packet with the following 136 actions: bypass the packet, discard the packet, or protect the packet. 137 138 @param[in] IpSb The IP6 service instance. 139 @param[in, out] Head The caller-supplied IP6 header. 140 @param[in, out] LastHead The next header field of last IP header. 141 @param[in, out] Netbuf The IP6 packet to be processed by IPsec. 142 @param[in, out] ExtHdrs The caller-supplied options. 143 @param[in, out] ExtHdrsLen The length of the option. 144 @param[in] Direction The directionality in an SPD entry, 145 EfiIPsecInBound, or EfiIPsecOutBound. 146 @param[in] Context The token's wrap. 147 148 @retval EFI_SUCCESS The IPsec protocol is not available or disabled. 149 @retval EFI_SUCCESS The packet was bypassed, and all buffers remain the same. 150 @retval EFI_SUCCESS The packet was protected. 151 @retval EFI_ACCESS_DENIED The packet was discarded. 152 @retval EFI_OUT_OF_RESOURCES There are not suffcient resources to complete the operation. 153 @retval EFI_BUFFER_TOO_SMALL The number of non-empty blocks is bigger than the 154 number of input data blocks when building a fragment table. 155 156 **/ 157 EFI_STATUS 158 Ip6IpSecProcessPacket ( 159 IN IP6_SERVICE *IpSb, 160 IN OUT EFI_IP6_HEADER **Head, 161 IN OUT UINT8 *LastHead, 162 IN OUT NET_BUF **Netbuf, 163 IN OUT UINT8 **ExtHdrs, 164 IN OUT UINT32 *ExtHdrsLen, 165 IN EFI_IPSEC_TRAFFIC_DIR Direction, 166 IN VOID *Context 167 ); 168 169 /** 170 Initialize an already allocated assemble table. This is generally 171 the assemble table embedded in the IP6 service instance. 172 173 @param[in, out] Table The assemble table to initialize. 174 175 **/ 176 VOID 177 Ip6CreateAssembleTable ( 178 IN OUT IP6_ASSEMBLE_TABLE *Table 179 ); 180 181 /** 182 Clean up the assemble table: remove all the fragments 183 and assemble entries. 184 185 @param[in, out] Table The assemble table to clean up. 186 187 **/ 188 VOID 189 Ip6CleanAssembleTable ( 190 IN OUT IP6_ASSEMBLE_TABLE *Table 191 ); 192 193 /** 194 Demultiple the packet. the packet delivery is processed in two 195 passes. The first pass will enque a shared copy of the packet 196 to each IP6 child that accepts the packet. The second pass will 197 deliver a non-shared copy of the packet to each IP6 child that 198 has pending receive requests. Data is copied if more than one 199 child wants to consume the packet bacause each IP child need 200 its own copy of the packet to make changes. 201 202 @param[in] IpSb The IP6 service instance that received the packet. 203 @param[in] Head The header of the received packet. 204 @param[in] Packet The data of the received packet. 205 206 @retval EFI_NOT_FOUND No IP child accepts the packet. 207 @retval EFI_SUCCESS The packet is enqueued or delivered to some IP 208 children. 209 210 **/ 211 EFI_STATUS 212 Ip6Demultiplex ( 213 IN IP6_SERVICE *IpSb, 214 IN EFI_IP6_HEADER *Head, 215 IN NET_BUF *Packet 216 ); 217 218 /** 219 Timeout the fragmented, enqueued, and transmitted packets. 220 221 @param[in] IpSb The IP6 service instance to timeout. 222 223 **/ 224 VOID 225 Ip6PacketTimerTicking ( 226 IN IP6_SERVICE *IpSb 227 ); 228 229 #endif 230