1 /* 2 * Copyright (c) 1982, 1986, 1991, 1993, 1995 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * @(#)in_pcb.c 8.4 (Berkeley) 5/24/95 34 * $FreeBSD: src/sys/netinet/in_pcb.c,v 1.59.2.26 2003/01/24 05:11:33 sam Exp $ 35 * $DragonFly: src/sys/netinet/in_pcb.c,v 1.2 2003/06/17 04:28:51 dillon Exp $ 36 */ 37 38 #include "opt_ipsec.h" 39 #include "opt_inet6.h" 40 41 #include <sys/param.h> 42 #include <sys/systm.h> 43 #include <sys/malloc.h> 44 #include <sys/mbuf.h> 45 #include <sys/domain.h> 46 #include <sys/protosw.h> 47 #include <sys/socket.h> 48 #include <sys/socketvar.h> 49 #include <sys/proc.h> 50 #include <sys/jail.h> 51 #include <sys/kernel.h> 52 #include <sys/sysctl.h> 53 54 #include <machine/limits.h> 55 56 #include <vm/vm_zone.h> 57 58 #include <net/if.h> 59 #include <net/if_types.h> 60 #include <net/route.h> 61 62 #include <netinet/in.h> 63 #include <netinet/in_pcb.h> 64 #include <netinet/in_var.h> 65 #include <netinet/ip_var.h> 66 #ifdef INET6 67 #include <netinet/ip6.h> 68 #include <netinet6/ip6_var.h> 69 #endif /* INET6 */ 70 71 #ifdef IPSEC 72 #include <netinet6/ipsec.h> 73 #include <netkey/key.h> 74 #endif /* IPSEC */ 75 76 #ifdef FAST_IPSEC 77 #if defined(IPSEC) || defined(IPSEC_ESP) 78 #error "Bad idea: don't compile with both IPSEC and FAST_IPSEC!" 79 #endif 80 81 #include <netipsec/ipsec.h> 82 #include <netipsec/key.h> 83 #define IPSEC 84 #endif /* FAST_IPSEC */ 85 86 struct in_addr zeroin_addr; 87 88 /* 89 * These configure the range of local port addresses assigned to 90 * "unspecified" outgoing connections/packets/whatever. 91 */ 92 int ipport_lowfirstauto = IPPORT_RESERVED - 1; /* 1023 */ 93 int ipport_lowlastauto = IPPORT_RESERVEDSTART; /* 600 */ 94 int ipport_firstauto = IPPORT_RESERVED; /* 1024 */ 95 int ipport_lastauto = IPPORT_USERRESERVED; /* 5000 */ 96 int ipport_hifirstauto = IPPORT_HIFIRSTAUTO; /* 49152 */ 97 int ipport_hilastauto = IPPORT_HILASTAUTO; /* 65535 */ 98 99 #define RANGECHK(var, min, max) \ 100 if ((var) < (min)) { (var) = (min); } \ 101 else if ((var) > (max)) { (var) = (max); } 102 103 static int 104 sysctl_net_ipport_check(SYSCTL_HANDLER_ARGS) 105 { 106 int error = sysctl_handle_int(oidp, 107 oidp->oid_arg1, oidp->oid_arg2, req); 108 if (!error) { 109 RANGECHK(ipport_lowfirstauto, 1, IPPORT_RESERVED - 1); 110 RANGECHK(ipport_lowlastauto, 1, IPPORT_RESERVED - 1); 111 RANGECHK(ipport_firstauto, IPPORT_RESERVED, USHRT_MAX); 112 RANGECHK(ipport_lastauto, IPPORT_RESERVED, USHRT_MAX); 113 RANGECHK(ipport_hifirstauto, IPPORT_RESERVED, USHRT_MAX); 114 RANGECHK(ipport_hilastauto, IPPORT_RESERVED, USHRT_MAX); 115 } 116 return error; 117 } 118 119 #undef RANGECHK 120 121 SYSCTL_NODE(_net_inet_ip, IPPROTO_IP, portrange, CTLFLAG_RW, 0, "IP Ports"); 122 123 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, lowfirst, CTLTYPE_INT|CTLFLAG_RW, 124 &ipport_lowfirstauto, 0, &sysctl_net_ipport_check, "I", ""); 125 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, lowlast, CTLTYPE_INT|CTLFLAG_RW, 126 &ipport_lowlastauto, 0, &sysctl_net_ipport_check, "I", ""); 127 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, first, CTLTYPE_INT|CTLFLAG_RW, 128 &ipport_firstauto, 0, &sysctl_net_ipport_check, "I", ""); 129 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, last, CTLTYPE_INT|CTLFLAG_RW, 130 &ipport_lastauto, 0, &sysctl_net_ipport_check, "I", ""); 131 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, hifirst, CTLTYPE_INT|CTLFLAG_RW, 132 &ipport_hifirstauto, 0, &sysctl_net_ipport_check, "I", ""); 133 SYSCTL_PROC(_net_inet_ip_portrange, OID_AUTO, hilast, CTLTYPE_INT|CTLFLAG_RW, 134 &ipport_hilastauto, 0, &sysctl_net_ipport_check, "I", ""); 135 136 /* 137 * in_pcb.c: manage the Protocol Control Blocks. 138 * 139 * NOTE: It is assumed that most of these functions will be called at 140 * splnet(). XXX - There are, unfortunately, a few exceptions to this 141 * rule that should be fixed. 142 */ 143 144 /* 145 * Allocate a PCB and associate it with the socket. 146 */ 147 int 148 in_pcballoc(so, pcbinfo, p) 149 struct socket *so; 150 struct inpcbinfo *pcbinfo; 151 struct proc *p; 152 { 153 register struct inpcb *inp; 154 #ifdef IPSEC 155 int error; 156 #endif 157 158 inp = zalloci(pcbinfo->ipi_zone); 159 if (inp == NULL) 160 return (ENOBUFS); 161 bzero((caddr_t)inp, sizeof(*inp)); 162 inp->inp_gencnt = ++pcbinfo->ipi_gencnt; 163 inp->inp_pcbinfo = pcbinfo; 164 inp->inp_socket = so; 165 #ifdef IPSEC 166 error = ipsec_init_policy(so, &inp->inp_sp); 167 if (error != 0) { 168 zfreei(pcbinfo->ipi_zone, inp); 169 return error; 170 } 171 #endif /*IPSEC*/ 172 #if defined(INET6) 173 if (INP_SOCKAF(so) == AF_INET6 && ip6_v6only) 174 inp->inp_flags |= IN6P_IPV6_V6ONLY; 175 #endif 176 LIST_INSERT_HEAD(pcbinfo->listhead, inp, inp_list); 177 pcbinfo->ipi_count++; 178 so->so_pcb = (caddr_t)inp; 179 #ifdef INET6 180 if (ip6_auto_flowlabel) 181 inp->inp_flags |= IN6P_AUTOFLOWLABEL; 182 #endif 183 return (0); 184 } 185 186 int 187 in_pcbbind(inp, nam, p) 188 register struct inpcb *inp; 189 struct sockaddr *nam; 190 struct proc *p; 191 { 192 register struct socket *so = inp->inp_socket; 193 unsigned short *lastport; 194 struct sockaddr_in *sin; 195 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 196 u_short lport = 0; 197 int wild = 0, reuseport = (so->so_options & SO_REUSEPORT); 198 int error, prison = 0; 199 200 if (TAILQ_EMPTY(&in_ifaddrhead)) /* XXX broken! */ 201 return (EADDRNOTAVAIL); 202 if (inp->inp_lport || inp->inp_laddr.s_addr != INADDR_ANY) 203 return (EINVAL); 204 if ((so->so_options & (SO_REUSEADDR|SO_REUSEPORT)) == 0) 205 wild = 1; 206 if (nam) { 207 sin = (struct sockaddr_in *)nam; 208 if (nam->sa_len != sizeof (*sin)) 209 return (EINVAL); 210 #ifdef notdef 211 /* 212 * We should check the family, but old programs 213 * incorrectly fail to initialize it. 214 */ 215 if (sin->sin_family != AF_INET) 216 return (EAFNOSUPPORT); 217 #endif 218 if (sin->sin_addr.s_addr != INADDR_ANY) 219 if (prison_ip(p, 0, &sin->sin_addr.s_addr)) 220 return(EINVAL); 221 lport = sin->sin_port; 222 if (IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) { 223 /* 224 * Treat SO_REUSEADDR as SO_REUSEPORT for multicast; 225 * allow complete duplication of binding if 226 * SO_REUSEPORT is set, or if SO_REUSEADDR is set 227 * and a multicast address is bound on both 228 * new and duplicated sockets. 229 */ 230 if (so->so_options & SO_REUSEADDR) 231 reuseport = SO_REUSEADDR|SO_REUSEPORT; 232 } else if (sin->sin_addr.s_addr != INADDR_ANY) { 233 sin->sin_port = 0; /* yech... */ 234 bzero(&sin->sin_zero, sizeof(sin->sin_zero)); 235 if (ifa_ifwithaddr((struct sockaddr *)sin) == 0) 236 return (EADDRNOTAVAIL); 237 } 238 if (lport) { 239 struct inpcb *t; 240 241 /* GROSS */ 242 if (ntohs(lport) < IPPORT_RESERVED && p && 243 suser_xxx(0, p, PRISON_ROOT)) 244 return (EACCES); 245 if (p && p->p_prison) 246 prison = 1; 247 if (so->so_cred->cr_uid != 0 && 248 !IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) { 249 t = in_pcblookup_local(inp->inp_pcbinfo, 250 sin->sin_addr, lport, 251 prison ? 0 : INPLOOKUP_WILDCARD); 252 if (t && 253 (ntohl(sin->sin_addr.s_addr) != INADDR_ANY || 254 ntohl(t->inp_laddr.s_addr) != INADDR_ANY || 255 (t->inp_socket->so_options & 256 SO_REUSEPORT) == 0) && 257 (so->so_cred->cr_uid != 258 t->inp_socket->so_cred->cr_uid)) { 259 #if defined(INET6) 260 if (ntohl(sin->sin_addr.s_addr) != 261 INADDR_ANY || 262 ntohl(t->inp_laddr.s_addr) != 263 INADDR_ANY || 264 INP_SOCKAF(so) == 265 INP_SOCKAF(t->inp_socket)) 266 #endif /* defined(INET6) */ 267 return (EADDRINUSE); 268 } 269 } 270 if (prison && 271 prison_ip(p, 0, &sin->sin_addr.s_addr)) 272 return (EADDRNOTAVAIL); 273 t = in_pcblookup_local(pcbinfo, sin->sin_addr, 274 lport, prison ? 0 : wild); 275 if (t && 276 (reuseport & t->inp_socket->so_options) == 0) { 277 #if defined(INET6) 278 if (ntohl(sin->sin_addr.s_addr) != 279 INADDR_ANY || 280 ntohl(t->inp_laddr.s_addr) != 281 INADDR_ANY || 282 INP_SOCKAF(so) == 283 INP_SOCKAF(t->inp_socket)) 284 #endif /* defined(INET6) */ 285 return (EADDRINUSE); 286 } 287 } 288 inp->inp_laddr = sin->sin_addr; 289 } 290 if (lport == 0) { 291 ushort first, last; 292 int count; 293 294 if (inp->inp_laddr.s_addr != INADDR_ANY) 295 if (prison_ip(p, 0, &inp->inp_laddr.s_addr )) { 296 inp->inp_laddr.s_addr = INADDR_ANY; 297 return (EINVAL); 298 } 299 inp->inp_flags |= INP_ANONPORT; 300 301 if (inp->inp_flags & INP_HIGHPORT) { 302 first = ipport_hifirstauto; /* sysctl */ 303 last = ipport_hilastauto; 304 lastport = &pcbinfo->lasthi; 305 } else if (inp->inp_flags & INP_LOWPORT) { 306 if (p && (error = suser_xxx(0, p, PRISON_ROOT))) { 307 inp->inp_laddr.s_addr = INADDR_ANY; 308 return error; 309 } 310 first = ipport_lowfirstauto; /* 1023 */ 311 last = ipport_lowlastauto; /* 600 */ 312 lastport = &pcbinfo->lastlow; 313 } else { 314 first = ipport_firstauto; /* sysctl */ 315 last = ipport_lastauto; 316 lastport = &pcbinfo->lastport; 317 } 318 /* 319 * Simple check to ensure all ports are not used up causing 320 * a deadlock here. 321 * 322 * We split the two cases (up and down) so that the direction 323 * is not being tested on each round of the loop. 324 */ 325 if (first > last) { 326 /* 327 * counting down 328 */ 329 count = first - last; 330 331 do { 332 if (count-- < 0) { /* completely used? */ 333 inp->inp_laddr.s_addr = INADDR_ANY; 334 return (EADDRNOTAVAIL); 335 } 336 --*lastport; 337 if (*lastport > first || *lastport < last) 338 *lastport = first; 339 lport = htons(*lastport); 340 } while (in_pcblookup_local(pcbinfo, 341 inp->inp_laddr, lport, wild)); 342 } else { 343 /* 344 * counting up 345 */ 346 count = last - first; 347 348 do { 349 if (count-- < 0) { /* completely used? */ 350 inp->inp_laddr.s_addr = INADDR_ANY; 351 return (EADDRNOTAVAIL); 352 } 353 ++*lastport; 354 if (*lastport < first || *lastport > last) 355 *lastport = first; 356 lport = htons(*lastport); 357 } while (in_pcblookup_local(pcbinfo, 358 inp->inp_laddr, lport, wild)); 359 } 360 } 361 inp->inp_lport = lport; 362 if (prison_ip(p, 0, &inp->inp_laddr.s_addr)) { 363 inp->inp_laddr.s_addr = INADDR_ANY; 364 inp->inp_lport = 0; 365 return (EINVAL); 366 } 367 if (in_pcbinshash(inp) != 0) { 368 inp->inp_laddr.s_addr = INADDR_ANY; 369 inp->inp_lport = 0; 370 return (EAGAIN); 371 } 372 return (0); 373 } 374 375 /* 376 * Transform old in_pcbconnect() into an inner subroutine for new 377 * in_pcbconnect(): Do some validity-checking on the remote 378 * address (in mbuf 'nam') and then determine local host address 379 * (i.e., which interface) to use to access that remote host. 380 * 381 * This preserves definition of in_pcbconnect(), while supporting a 382 * slightly different version for T/TCP. (This is more than 383 * a bit of a kludge, but cleaning up the internal interfaces would 384 * have forced minor changes in every protocol). 385 */ 386 387 int 388 in_pcbladdr(inp, nam, plocal_sin) 389 register struct inpcb *inp; 390 struct sockaddr *nam; 391 struct sockaddr_in **plocal_sin; 392 { 393 struct in_ifaddr *ia; 394 register struct sockaddr_in *sin = (struct sockaddr_in *)nam; 395 396 if (nam->sa_len != sizeof (*sin)) 397 return (EINVAL); 398 if (sin->sin_family != AF_INET) 399 return (EAFNOSUPPORT); 400 if (sin->sin_port == 0) 401 return (EADDRNOTAVAIL); 402 if (!TAILQ_EMPTY(&in_ifaddrhead)) { 403 /* 404 * If the destination address is INADDR_ANY, 405 * use the primary local address. 406 * If the supplied address is INADDR_BROADCAST, 407 * and the primary interface supports broadcast, 408 * choose the broadcast address for that interface. 409 */ 410 if (sin->sin_addr.s_addr == INADDR_ANY) 411 sin->sin_addr = IA_SIN(TAILQ_FIRST(&in_ifaddrhead))->sin_addr; 412 else if (sin->sin_addr.s_addr == (u_long)INADDR_BROADCAST && 413 (TAILQ_FIRST(&in_ifaddrhead)->ia_ifp->if_flags & IFF_BROADCAST)) 414 sin->sin_addr = satosin(&TAILQ_FIRST(&in_ifaddrhead)->ia_broadaddr)->sin_addr; 415 } 416 if (inp->inp_laddr.s_addr == INADDR_ANY) { 417 register struct route *ro; 418 419 ia = (struct in_ifaddr *)0; 420 /* 421 * If route is known or can be allocated now, 422 * our src addr is taken from the i/f, else punt. 423 * Note that we should check the address family of the cached 424 * destination, in case of sharing the cache with IPv6. 425 */ 426 ro = &inp->inp_route; 427 if (ro->ro_rt && 428 (ro->ro_dst.sa_family != AF_INET || 429 satosin(&ro->ro_dst)->sin_addr.s_addr != 430 sin->sin_addr.s_addr || 431 inp->inp_socket->so_options & SO_DONTROUTE)) { 432 RTFREE(ro->ro_rt); 433 ro->ro_rt = (struct rtentry *)0; 434 } 435 if ((inp->inp_socket->so_options & SO_DONTROUTE) == 0 && /*XXX*/ 436 (ro->ro_rt == (struct rtentry *)0 || 437 ro->ro_rt->rt_ifp == (struct ifnet *)0)) { 438 /* No route yet, so try to acquire one */ 439 bzero(&ro->ro_dst, sizeof(struct sockaddr_in)); 440 ro->ro_dst.sa_family = AF_INET; 441 ro->ro_dst.sa_len = sizeof(struct sockaddr_in); 442 ((struct sockaddr_in *) &ro->ro_dst)->sin_addr = 443 sin->sin_addr; 444 rtalloc(ro); 445 } 446 /* 447 * If we found a route, use the address 448 * corresponding to the outgoing interface 449 * unless it is the loopback (in case a route 450 * to our address on another net goes to loopback). 451 */ 452 if (ro->ro_rt && !(ro->ro_rt->rt_ifp->if_flags & IFF_LOOPBACK)) 453 ia = ifatoia(ro->ro_rt->rt_ifa); 454 if (ia == 0) { 455 u_short fport = sin->sin_port; 456 457 sin->sin_port = 0; 458 ia = ifatoia(ifa_ifwithdstaddr(sintosa(sin))); 459 if (ia == 0) 460 ia = ifatoia(ifa_ifwithnet(sintosa(sin))); 461 sin->sin_port = fport; 462 if (ia == 0) 463 ia = TAILQ_FIRST(&in_ifaddrhead); 464 if (ia == 0) 465 return (EADDRNOTAVAIL); 466 } 467 /* 468 * If the destination address is multicast and an outgoing 469 * interface has been set as a multicast option, use the 470 * address of that interface as our source address. 471 */ 472 if (IN_MULTICAST(ntohl(sin->sin_addr.s_addr)) && 473 inp->inp_moptions != NULL) { 474 struct ip_moptions *imo; 475 struct ifnet *ifp; 476 477 imo = inp->inp_moptions; 478 if (imo->imo_multicast_ifp != NULL) { 479 ifp = imo->imo_multicast_ifp; 480 TAILQ_FOREACH(ia, &in_ifaddrhead, ia_link) 481 if (ia->ia_ifp == ifp) 482 break; 483 if (ia == 0) 484 return (EADDRNOTAVAIL); 485 } 486 } 487 /* 488 * Don't do pcblookup call here; return interface in plocal_sin 489 * and exit to caller, that will do the lookup. 490 */ 491 *plocal_sin = &ia->ia_addr; 492 493 } 494 return(0); 495 } 496 497 /* 498 * Outer subroutine: 499 * Connect from a socket to a specified address. 500 * Both address and port must be specified in argument sin. 501 * If don't have a local address for this socket yet, 502 * then pick one. 503 */ 504 int 505 in_pcbconnect(inp, nam, p) 506 register struct inpcb *inp; 507 struct sockaddr *nam; 508 struct proc *p; 509 { 510 struct sockaddr_in *ifaddr; 511 struct sockaddr_in *sin = (struct sockaddr_in *)nam; 512 struct sockaddr_in sa; 513 int error; 514 515 if (inp->inp_laddr.s_addr == INADDR_ANY && p->p_prison != NULL) { 516 bzero(&sa, sizeof (sa)); 517 sa.sin_addr.s_addr = htonl(p->p_prison->pr_ip); 518 sa.sin_len=sizeof (sa); 519 sa.sin_family = AF_INET; 520 error = in_pcbbind(inp, (struct sockaddr *)&sa, p); 521 if (error) 522 return (error); 523 } 524 /* 525 * Call inner routine, to assign local interface address. 526 */ 527 if ((error = in_pcbladdr(inp, nam, &ifaddr)) != 0) 528 return(error); 529 530 if (in_pcblookup_hash(inp->inp_pcbinfo, sin->sin_addr, sin->sin_port, 531 inp->inp_laddr.s_addr ? inp->inp_laddr : ifaddr->sin_addr, 532 inp->inp_lport, 0, NULL) != NULL) { 533 return (EADDRINUSE); 534 } 535 if (inp->inp_laddr.s_addr == INADDR_ANY) { 536 if (inp->inp_lport == 0) { 537 error = in_pcbbind(inp, (struct sockaddr *)0, p); 538 if (error) 539 return (error); 540 } 541 inp->inp_laddr = ifaddr->sin_addr; 542 } 543 inp->inp_faddr = sin->sin_addr; 544 inp->inp_fport = sin->sin_port; 545 in_pcbrehash(inp); 546 return (0); 547 } 548 549 void 550 in_pcbdisconnect(inp) 551 struct inpcb *inp; 552 { 553 554 inp->inp_faddr.s_addr = INADDR_ANY; 555 inp->inp_fport = 0; 556 in_pcbrehash(inp); 557 if (inp->inp_socket->so_state & SS_NOFDREF) 558 in_pcbdetach(inp); 559 } 560 561 void 562 in_pcbdetach(inp) 563 struct inpcb *inp; 564 { 565 struct socket *so = inp->inp_socket; 566 struct inpcbinfo *ipi = inp->inp_pcbinfo; 567 568 #ifdef IPSEC 569 ipsec4_delete_pcbpolicy(inp); 570 #endif /*IPSEC*/ 571 inp->inp_gencnt = ++ipi->ipi_gencnt; 572 in_pcbremlists(inp); 573 so->so_pcb = 0; 574 sofree(so); 575 if (inp->inp_options) 576 (void)m_free(inp->inp_options); 577 if (inp->inp_route.ro_rt) 578 rtfree(inp->inp_route.ro_rt); 579 ip_freemoptions(inp->inp_moptions); 580 inp->inp_vflag = 0; 581 zfreei(ipi->ipi_zone, inp); 582 } 583 584 /* 585 * The calling convention of in_setsockaddr() and in_setpeeraddr() was 586 * modified to match the pru_sockaddr() and pru_peeraddr() entry points 587 * in struct pr_usrreqs, so that protocols can just reference then directly 588 * without the need for a wrapper function. The socket must have a valid 589 * (i.e., non-nil) PCB, but it should be impossible to get an invalid one 590 * except through a kernel programming error, so it is acceptable to panic 591 * (or in this case trap) if the PCB is invalid. (Actually, we don't trap 592 * because there actually /is/ a programming error somewhere... XXX) 593 */ 594 int 595 in_setsockaddr(so, nam) 596 struct socket *so; 597 struct sockaddr **nam; 598 { 599 int s; 600 register struct inpcb *inp; 601 register struct sockaddr_in *sin; 602 603 /* 604 * Do the malloc first in case it blocks. 605 */ 606 MALLOC(sin, struct sockaddr_in *, sizeof *sin, M_SONAME, 607 M_WAITOK | M_ZERO); 608 sin->sin_family = AF_INET; 609 sin->sin_len = sizeof(*sin); 610 611 s = splnet(); 612 inp = sotoinpcb(so); 613 if (!inp) { 614 splx(s); 615 free(sin, M_SONAME); 616 return ECONNRESET; 617 } 618 sin->sin_port = inp->inp_lport; 619 sin->sin_addr = inp->inp_laddr; 620 splx(s); 621 622 *nam = (struct sockaddr *)sin; 623 return 0; 624 } 625 626 int 627 in_setpeeraddr(so, nam) 628 struct socket *so; 629 struct sockaddr **nam; 630 { 631 int s; 632 struct inpcb *inp; 633 register struct sockaddr_in *sin; 634 635 /* 636 * Do the malloc first in case it blocks. 637 */ 638 MALLOC(sin, struct sockaddr_in *, sizeof *sin, M_SONAME, 639 M_WAITOK | M_ZERO); 640 sin->sin_family = AF_INET; 641 sin->sin_len = sizeof(*sin); 642 643 s = splnet(); 644 inp = sotoinpcb(so); 645 if (!inp) { 646 splx(s); 647 free(sin, M_SONAME); 648 return ECONNRESET; 649 } 650 sin->sin_port = inp->inp_fport; 651 sin->sin_addr = inp->inp_faddr; 652 splx(s); 653 654 *nam = (struct sockaddr *)sin; 655 return 0; 656 } 657 658 void 659 in_pcbnotifyall(head, faddr, errno, notify) 660 struct inpcbhead *head; 661 struct in_addr faddr; 662 void (*notify) __P((struct inpcb *, int)); 663 { 664 struct inpcb *inp, *ninp; 665 int s; 666 667 s = splnet(); 668 for (inp = LIST_FIRST(head); inp != NULL; inp = ninp) { 669 ninp = LIST_NEXT(inp, inp_list); 670 #ifdef INET6 671 if ((inp->inp_vflag & INP_IPV4) == 0) 672 continue; 673 #endif 674 if (inp->inp_faddr.s_addr != faddr.s_addr || 675 inp->inp_socket == NULL) 676 continue; 677 (*notify)(inp, errno); 678 } 679 splx(s); 680 } 681 682 void 683 in_pcbpurgeif0(head, ifp) 684 struct inpcb *head; 685 struct ifnet *ifp; 686 { 687 struct inpcb *inp; 688 struct ip_moptions *imo; 689 int i, gap; 690 691 for (inp = head; inp != NULL; inp = LIST_NEXT(inp, inp_list)) { 692 imo = inp->inp_moptions; 693 if ((inp->inp_vflag & INP_IPV4) && 694 imo != NULL) { 695 /* 696 * Unselect the outgoing interface if it is being 697 * detached. 698 */ 699 if (imo->imo_multicast_ifp == ifp) 700 imo->imo_multicast_ifp = NULL; 701 702 /* 703 * Drop multicast group membership if we joined 704 * through the interface being detached. 705 */ 706 for (i = 0, gap = 0; i < imo->imo_num_memberships; 707 i++) { 708 if (imo->imo_membership[i]->inm_ifp == ifp) { 709 in_delmulti(imo->imo_membership[i]); 710 gap++; 711 } else if (gap != 0) 712 imo->imo_membership[i - gap] = 713 imo->imo_membership[i]; 714 } 715 imo->imo_num_memberships -= gap; 716 } 717 } 718 } 719 720 /* 721 * Check for alternatives when higher level complains 722 * about service problems. For now, invalidate cached 723 * routing information. If the route was created dynamically 724 * (by a redirect), time to try a default gateway again. 725 */ 726 void 727 in_losing(inp) 728 struct inpcb *inp; 729 { 730 register struct rtentry *rt; 731 struct rt_addrinfo info; 732 733 if ((rt = inp->inp_route.ro_rt)) { 734 bzero((caddr_t)&info, sizeof(info)); 735 info.rti_flags = rt->rt_flags; 736 info.rti_info[RTAX_DST] = rt_key(rt); 737 info.rti_info[RTAX_GATEWAY] = rt->rt_gateway; 738 info.rti_info[RTAX_NETMASK] = rt_mask(rt); 739 rt_missmsg(RTM_LOSING, &info, rt->rt_flags, 0); 740 if (rt->rt_flags & RTF_DYNAMIC) 741 (void) rtrequest1(RTM_DELETE, &info, NULL); 742 inp->inp_route.ro_rt = NULL; 743 rtfree(rt); 744 /* 745 * A new route can be allocated 746 * the next time output is attempted. 747 */ 748 } 749 } 750 751 /* 752 * After a routing change, flush old routing 753 * and allocate a (hopefully) better one. 754 */ 755 void 756 in_rtchange(inp, errno) 757 register struct inpcb *inp; 758 int errno; 759 { 760 if (inp->inp_route.ro_rt) { 761 rtfree(inp->inp_route.ro_rt); 762 inp->inp_route.ro_rt = 0; 763 /* 764 * A new route can be allocated the next time 765 * output is attempted. 766 */ 767 } 768 } 769 770 /* 771 * Lookup a PCB based on the local address and port. 772 */ 773 struct inpcb * 774 in_pcblookup_local(pcbinfo, laddr, lport_arg, wild_okay) 775 struct inpcbinfo *pcbinfo; 776 struct in_addr laddr; 777 u_int lport_arg; 778 int wild_okay; 779 { 780 register struct inpcb *inp; 781 int matchwild = 3, wildcard; 782 u_short lport = lport_arg; 783 784 if (!wild_okay) { 785 struct inpcbhead *head; 786 /* 787 * Look for an unconnected (wildcard foreign addr) PCB that 788 * matches the local address and port we're looking for. 789 */ 790 head = &pcbinfo->hashbase[INP_PCBHASH(INADDR_ANY, lport, 0, pcbinfo->hashmask)]; 791 LIST_FOREACH(inp, head, inp_hash) { 792 #ifdef INET6 793 if ((inp->inp_vflag & INP_IPV4) == 0) 794 continue; 795 #endif 796 if (inp->inp_faddr.s_addr == INADDR_ANY && 797 inp->inp_laddr.s_addr == laddr.s_addr && 798 inp->inp_lport == lport) { 799 /* 800 * Found. 801 */ 802 return (inp); 803 } 804 } 805 /* 806 * Not found. 807 */ 808 return (NULL); 809 } else { 810 struct inpcbporthead *porthash; 811 struct inpcbport *phd; 812 struct inpcb *match = NULL; 813 /* 814 * Best fit PCB lookup. 815 * 816 * First see if this local port is in use by looking on the 817 * port hash list. 818 */ 819 porthash = &pcbinfo->porthashbase[INP_PCBPORTHASH(lport, 820 pcbinfo->porthashmask)]; 821 LIST_FOREACH(phd, porthash, phd_hash) { 822 if (phd->phd_port == lport) 823 break; 824 } 825 if (phd != NULL) { 826 /* 827 * Port is in use by one or more PCBs. Look for best 828 * fit. 829 */ 830 LIST_FOREACH(inp, &phd->phd_pcblist, inp_portlist) { 831 wildcard = 0; 832 #ifdef INET6 833 if ((inp->inp_vflag & INP_IPV4) == 0) 834 continue; 835 #endif 836 if (inp->inp_faddr.s_addr != INADDR_ANY) 837 wildcard++; 838 if (inp->inp_laddr.s_addr != INADDR_ANY) { 839 if (laddr.s_addr == INADDR_ANY) 840 wildcard++; 841 else if (inp->inp_laddr.s_addr != laddr.s_addr) 842 continue; 843 } else { 844 if (laddr.s_addr != INADDR_ANY) 845 wildcard++; 846 } 847 if (wildcard < matchwild) { 848 match = inp; 849 matchwild = wildcard; 850 if (matchwild == 0) { 851 break; 852 } 853 } 854 } 855 } 856 return (match); 857 } 858 } 859 860 /* 861 * Lookup PCB in hash list. 862 */ 863 struct inpcb * 864 in_pcblookup_hash(pcbinfo, faddr, fport_arg, laddr, lport_arg, wildcard, 865 ifp) 866 struct inpcbinfo *pcbinfo; 867 struct in_addr faddr, laddr; 868 u_int fport_arg, lport_arg; 869 int wildcard; 870 struct ifnet *ifp; 871 { 872 struct inpcbhead *head; 873 register struct inpcb *inp; 874 u_short fport = fport_arg, lport = lport_arg; 875 876 /* 877 * First look for an exact match. 878 */ 879 head = &pcbinfo->hashbase[INP_PCBHASH(faddr.s_addr, lport, fport, pcbinfo->hashmask)]; 880 LIST_FOREACH(inp, head, inp_hash) { 881 #ifdef INET6 882 if ((inp->inp_vflag & INP_IPV4) == 0) 883 continue; 884 #endif 885 if (inp->inp_faddr.s_addr == faddr.s_addr && 886 inp->inp_laddr.s_addr == laddr.s_addr && 887 inp->inp_fport == fport && 888 inp->inp_lport == lport) { 889 /* 890 * Found. 891 */ 892 return (inp); 893 } 894 } 895 if (wildcard) { 896 struct inpcb *local_wild = NULL; 897 #if defined(INET6) 898 struct inpcb *local_wild_mapped = NULL; 899 #endif /* defined(INET6) */ 900 901 head = &pcbinfo->hashbase[INP_PCBHASH(INADDR_ANY, lport, 0, pcbinfo->hashmask)]; 902 LIST_FOREACH(inp, head, inp_hash) { 903 #ifdef INET6 904 if ((inp->inp_vflag & INP_IPV4) == 0) 905 continue; 906 #endif 907 if (inp->inp_faddr.s_addr == INADDR_ANY && 908 inp->inp_lport == lport) { 909 if (ifp && ifp->if_type == IFT_FAITH && 910 (inp->inp_flags & INP_FAITH) == 0) 911 continue; 912 if (inp->inp_laddr.s_addr == laddr.s_addr) 913 return (inp); 914 else if (inp->inp_laddr.s_addr == INADDR_ANY) { 915 #if defined(INET6) 916 if (INP_CHECK_SOCKAF(inp->inp_socket, 917 AF_INET6)) 918 local_wild_mapped = inp; 919 else 920 #endif /* defined(INET6) */ 921 local_wild = inp; 922 } 923 } 924 } 925 #if defined(INET6) 926 if (local_wild == NULL) 927 return (local_wild_mapped); 928 #endif /* defined(INET6) */ 929 return (local_wild); 930 } 931 932 /* 933 * Not found. 934 */ 935 return (NULL); 936 } 937 938 /* 939 * Insert PCB onto various hash lists. 940 */ 941 int 942 in_pcbinshash(inp) 943 struct inpcb *inp; 944 { 945 struct inpcbhead *pcbhash; 946 struct inpcbporthead *pcbporthash; 947 struct inpcbinfo *pcbinfo = inp->inp_pcbinfo; 948 struct inpcbport *phd; 949 u_int32_t hashkey_faddr; 950 951 #ifdef INET6 952 if (inp->inp_vflag & INP_IPV6) 953 hashkey_faddr = inp->in6p_faddr.s6_addr32[3] /* XXX */; 954 else 955 #endif /* INET6 */ 956 hashkey_faddr = inp->inp_faddr.s_addr; 957 958 pcbhash = &pcbinfo->hashbase[INP_PCBHASH(hashkey_faddr, 959 inp->inp_lport, inp->inp_fport, pcbinfo->hashmask)]; 960 961 pcbporthash = &pcbinfo->porthashbase[INP_PCBPORTHASH(inp->inp_lport, 962 pcbinfo->porthashmask)]; 963 964 /* 965 * Go through port list and look for a head for this lport. 966 */ 967 LIST_FOREACH(phd, pcbporthash, phd_hash) { 968 if (phd->phd_port == inp->inp_lport) 969 break; 970 } 971 /* 972 * If none exists, malloc one and tack it on. 973 */ 974 if (phd == NULL) { 975 MALLOC(phd, struct inpcbport *, sizeof(struct inpcbport), M_PCB, M_NOWAIT); 976 if (phd == NULL) { 977 return (ENOBUFS); /* XXX */ 978 } 979 phd->phd_port = inp->inp_lport; 980 LIST_INIT(&phd->phd_pcblist); 981 LIST_INSERT_HEAD(pcbporthash, phd, phd_hash); 982 } 983 inp->inp_phd = phd; 984 LIST_INSERT_HEAD(&phd->phd_pcblist, inp, inp_portlist); 985 LIST_INSERT_HEAD(pcbhash, inp, inp_hash); 986 return (0); 987 } 988 989 /* 990 * Move PCB to the proper hash bucket when { faddr, fport } have been 991 * changed. NOTE: This does not handle the case of the lport changing (the 992 * hashed port list would have to be updated as well), so the lport must 993 * not change after in_pcbinshash() has been called. 994 */ 995 void 996 in_pcbrehash(inp) 997 struct inpcb *inp; 998 { 999 struct inpcbhead *head; 1000 u_int32_t hashkey_faddr; 1001 1002 #ifdef INET6 1003 if (inp->inp_vflag & INP_IPV6) 1004 hashkey_faddr = inp->in6p_faddr.s6_addr32[3] /* XXX */; 1005 else 1006 #endif /* INET6 */ 1007 hashkey_faddr = inp->inp_faddr.s_addr; 1008 1009 head = &inp->inp_pcbinfo->hashbase[INP_PCBHASH(hashkey_faddr, 1010 inp->inp_lport, inp->inp_fport, inp->inp_pcbinfo->hashmask)]; 1011 1012 LIST_REMOVE(inp, inp_hash); 1013 LIST_INSERT_HEAD(head, inp, inp_hash); 1014 } 1015 1016 /* 1017 * Remove PCB from various lists. 1018 */ 1019 void 1020 in_pcbremlists(inp) 1021 struct inpcb *inp; 1022 { 1023 inp->inp_gencnt = ++inp->inp_pcbinfo->ipi_gencnt; 1024 if (inp->inp_lport) { 1025 struct inpcbport *phd = inp->inp_phd; 1026 1027 LIST_REMOVE(inp, inp_hash); 1028 LIST_REMOVE(inp, inp_portlist); 1029 if (LIST_FIRST(&phd->phd_pcblist) == NULL) { 1030 LIST_REMOVE(phd, phd_hash); 1031 free(phd, M_PCB); 1032 } 1033 } 1034 LIST_REMOVE(inp, inp_list); 1035 inp->inp_pcbinfo->ipi_count--; 1036 } 1037 1038 int 1039 prison_xinpcb(struct proc *p, struct inpcb *inp) 1040 { 1041 if (!p->p_prison) 1042 return (0); 1043 if (ntohl(inp->inp_laddr.s_addr) == p->p_prison->pr_ip) 1044 return (0); 1045 return (1); 1046 } 1047