1 /* 2 * Copyright (c) 2003, 2004 Jeffrey M. Hsu. All rights reserved. 3 * Copyright (c) 2003, 2004 The DragonFly Project. All rights reserved. 4 * 5 * This code is derived from software contributed to The DragonFly Project 6 * by Jeffrey M. Hsu. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of The DragonFly Project nor the names of its 17 * contributors may be used to endorse or promote products derived 18 * from this software without specific, prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 24 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 27 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 30 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #include "opt_inet.h" 35 #include "opt_rss.h" 36 37 #include <sys/param.h> 38 #include <sys/systm.h> 39 #include <sys/kernel.h> 40 #include <sys/socket.h> 41 #include <sys/socketvar.h> 42 #include <sys/thread.h> 43 #include <sys/sysctl.h> 44 #include <sys/globaldata.h> 45 46 #include <net/if.h> 47 #include <net/netisr.h> 48 #include <net/toeplitz2.h> 49 50 #include <netinet/in_systm.h> 51 #include <netinet/in.h> 52 #include <netinet/in_var.h> 53 #include <netinet/in_pcb.h> 54 #include <netinet/ip.h> 55 #include <netinet/ip_var.h> 56 #include <netinet/tcp.h> 57 #include <netinet/tcpip.h> 58 #include <netinet/tcp_var.h> 59 #include <netinet/udp.h> 60 #include <netinet/udp_var.h> 61 62 extern int udp_mpsafe_thread; 63 64 /* 65 * Toeplitz hash functions - the idea is to match the hardware. 66 */ 67 static __inline int 68 INP_MPORT_HASH_UDP(in_addr_t faddr, in_addr_t laddr, 69 in_port_t fport, in_port_t lport) 70 { 71 return toeplitz_hash(toeplitz_rawhash_addr(faddr, laddr)); 72 } 73 74 static __inline int 75 INP_MPORT_HASH_TCP(in_addr_t faddr, in_addr_t laddr, 76 in_port_t fport, in_port_t lport) 77 { 78 return toeplitz_hash( 79 toeplitz_rawhash_addrport(faddr, laddr, fport, lport)); 80 } 81 82 /* 83 * Map a network address to a processor. 84 */ 85 int 86 tcp_addrcpu(in_addr_t faddr, in_port_t fport, in_addr_t laddr, in_port_t lport) 87 { 88 return (INP_MPORT_HASH_TCP(faddr, laddr, fport, lport)); 89 } 90 91 /* 92 * Not implemented yet, use protocol thread 0 93 */ 94 int 95 udp_addrcpu(in_addr_t faddr, in_port_t fport, in_addr_t laddr, in_port_t lport) 96 { 97 #ifdef notyet 98 return (INP_MPORT_HASH_UDP(faddr, laddr, fport, lport)); 99 #else 100 return 0; 101 #endif 102 } 103 104 /* 105 * If the packet is a valid IP datagram, upon returning of this function 106 * following things are promised: 107 * 108 * o IP header (including any possible IP options) and any data preceding 109 * IP header (usually linker layer header) are in one mbuf (m_len). 110 * o IP header length is not less than the minimum (sizeof(struct ip)). 111 * o IP total length is not less than IP header length. 112 * o IP datagram resides completely in the mbuf chain, 113 * i.e. pkthdr.len >= IP total length. 114 * 115 * If the packet is a UDP datagram, 116 * o IP header (including any possible IP options) and UDP header are in 117 * one mbuf (m_len). 118 * o IP total length is not less than (IP header length + UDP header length). 119 * 120 * If the packet is a TCP segment, 121 * o IP header (including any possible IP options) and TCP header (including 122 * any possible TCP options) are in one mbuf (m_len). 123 * o TCP header length is not less than the minimum (sizeof(struct tcphdr)). 124 * o IP total length is not less than (IP header length + TCP header length). 125 */ 126 boolean_t 127 ip_lengthcheck(struct mbuf **mp, int hoff) 128 { 129 struct mbuf *m = *mp; 130 struct ip *ip; 131 int len, iphlen, iplen; 132 struct tcphdr *th; 133 int thoff; /* TCP data offset */ 134 135 len = hoff + sizeof(struct ip); 136 137 /* The packet must be at least the size of an IP header. */ 138 if (m->m_pkthdr.len < len) { 139 ipstat.ips_tooshort++; 140 goto fail; 141 } 142 143 /* The fixed IP header must reside completely in the first mbuf. */ 144 if (m->m_len < len) { 145 m = m_pullup(m, len); 146 if (m == NULL) { 147 ipstat.ips_toosmall++; 148 goto fail; 149 } 150 } 151 152 ip = mtodoff(m, struct ip *, hoff); 153 154 /* Bound check the packet's stated IP header length. */ 155 iphlen = ip->ip_hl << 2; 156 if (iphlen < sizeof(struct ip)) { /* minimum header length */ 157 ipstat.ips_badhlen++; 158 goto fail; 159 } 160 161 /* The full IP header must reside completely in the one mbuf. */ 162 if (m->m_len < hoff + iphlen) { 163 m = m_pullup(m, hoff + iphlen); 164 if (m == NULL) { 165 ipstat.ips_badhlen++; 166 goto fail; 167 } 168 ip = mtodoff(m, struct ip *, hoff); 169 } 170 171 iplen = ntohs(ip->ip_len); 172 173 /* 174 * Check that the amount of data in the buffers is as 175 * at least much as the IP header would have us expect. 176 */ 177 if (m->m_pkthdr.len < hoff + iplen) { 178 ipstat.ips_tooshort++; 179 goto fail; 180 } 181 182 /* 183 * Fragments other than the first fragment don't have much 184 * length information. 185 */ 186 if (ntohs(ip->ip_off) & IP_OFFMASK) 187 goto ipcheckonly; 188 189 /* 190 * The TCP/IP or UDP/IP header must be entirely contained within 191 * the first fragment of a packet. Packet filters will break if they 192 * aren't. 193 * 194 * Since the packet will be trimmed to ip_len we must also make sure 195 * the potentially trimmed down length is still sufficient to hold 196 * the header(s). 197 */ 198 switch (ip->ip_p) { 199 case IPPROTO_TCP: 200 if (iplen < iphlen + sizeof(struct tcphdr)) { 201 ++tcpstat.tcps_rcvshort; 202 goto fail; 203 } 204 if (m->m_len < hoff + iphlen + sizeof(struct tcphdr)) { 205 m = m_pullup(m, hoff + iphlen + sizeof(struct tcphdr)); 206 if (m == NULL) { 207 tcpstat.tcps_rcvshort++; 208 goto fail; 209 } 210 ip = mtodoff(m, struct ip *, hoff); 211 } 212 th = (struct tcphdr *)((caddr_t)ip + iphlen); 213 thoff = th->th_off << 2; 214 if (thoff < sizeof(struct tcphdr) || 215 thoff + iphlen > ntohs(ip->ip_len)) { 216 tcpstat.tcps_rcvbadoff++; 217 goto fail; 218 } 219 if (m->m_len < hoff + iphlen + thoff) { 220 m = m_pullup(m, hoff + iphlen + thoff); 221 if (m == NULL) { 222 tcpstat.tcps_rcvshort++; 223 goto fail; 224 } 225 } 226 break; 227 case IPPROTO_UDP: 228 if (iplen < iphlen + sizeof(struct udphdr)) { 229 ++udpstat.udps_hdrops; 230 goto fail; 231 } 232 if (m->m_len < hoff + iphlen + sizeof(struct udphdr)) { 233 m = m_pullup(m, hoff + iphlen + sizeof(struct udphdr)); 234 if (m == NULL) { 235 udpstat.udps_hdrops++; 236 goto fail; 237 } 238 } 239 break; 240 default: 241 ipcheckonly: 242 if (iplen < iphlen) { 243 ++ipstat.ips_badlen; 244 goto fail; 245 } 246 break; 247 } 248 249 m->m_flags |= M_LENCHECKED; 250 *mp = m; 251 return TRUE; 252 253 fail: 254 if (m != NULL) 255 m_freem(m); 256 *mp = NULL; 257 return FALSE; 258 } 259 260 /* 261 * Assign a protocol processing thread to a packet. The IP header is at 262 * offset (hoff) in the packet (i.e. the mac header might still be intact). 263 * 264 * This function can blow away the mbuf if the packet is malformed. 265 */ 266 void 267 ip_cpufn(struct mbuf **mptr, int hoff, int dir) 268 { 269 struct ip *ip; 270 int iphlen; 271 struct tcphdr *th; 272 struct udphdr *uh; 273 struct mbuf *m; 274 int thoff; /* TCP data offset */ 275 int cpu; 276 277 if (!ip_lengthcheck(mptr, hoff)) 278 return; 279 280 m = *mptr; 281 ip = mtodoff(m, struct ip *, hoff); 282 iphlen = ip->ip_hl << 2; 283 284 /* 285 * XXX generic packet handling defrag on CPU 0 for now. 286 */ 287 if (ntohs(ip->ip_off) & (IP_MF | IP_OFFMASK)) { 288 cpu = 0; 289 goto back; 290 } 291 292 switch (ip->ip_p) { 293 case IPPROTO_TCP: 294 th = (struct tcphdr *)((caddr_t)ip + iphlen); 295 thoff = th->th_off << 2; 296 cpu = INP_MPORT_HASH_TCP(ip->ip_src.s_addr, 297 ip->ip_dst.s_addr, 298 th->th_sport, 299 th->th_dport); 300 break; 301 302 case IPPROTO_UDP: 303 uh = (struct udphdr *)((caddr_t)ip + iphlen); 304 305 cpu = INP_MPORT_HASH_UDP(ip->ip_src.s_addr, 306 ip->ip_dst.s_addr, 307 uh->uh_sport, 308 uh->uh_dport); 309 break; 310 311 default: 312 cpu = 0; 313 break; 314 } 315 back: 316 m->m_flags |= M_HASH; 317 m->m_pkthdr.hash = cpu; 318 } 319 320 void 321 ip_cpufn_in(struct mbuf **mptr, int hoff) 322 { 323 ip_cpufn(mptr, hoff, IP_MPORT_IN); 324 } 325 326 /* 327 * Verify and adjust the hash value of the packet. 328 * 329 * Unlike ip_cpufn(), the packet content is not accessed. The packet info 330 * (pi) and the hash of the packet (m_pkthdr.hash) is used instead. 331 * 332 * Caller has already made sure that m_pkthdr.hash is valid, i.e. m_flags 333 * has M_HASH set. 334 */ 335 void 336 ip_hashcheck(struct mbuf *m, const struct pktinfo *pi) 337 { 338 KASSERT((m->m_flags & M_HASH), ("no valid packet hash")); 339 KASSERT(m->m_pkthdr.hash < ncpus2, 340 ("invalid packet hash %#x", m->m_pkthdr.hash)); 341 342 /* 343 * XXX generic packet handling defrag on CPU 0 for now. 344 */ 345 if (pi->pi_flags & PKTINFO_FLAG_FRAG) { 346 m->m_pkthdr.hash = 0; 347 return; 348 } 349 350 switch (pi->pi_l3proto) { 351 case IPPROTO_TCP: 352 case IPPROTO_UDP: 353 break; 354 355 default: 356 /* Let software calculate the hash */ 357 m->m_flags &= ~M_HASH; 358 break; 359 } 360 } 361 362 /* 363 * This is used to map a socket to a message port for sendmsg() and friends. 364 * It is not called for any other purpose. In the case of TCP we just return 365 * the port already installed in the socket. 366 */ 367 lwkt_port_t 368 tcp_soport(struct socket *so, struct sockaddr *nam, 369 struct mbuf **dummy __unused) 370 { 371 return(so->so_port); 372 } 373 374 /* 375 * Used to route icmp messages to the proper protocol thread for ctlinput 376 * operation. 377 */ 378 lwkt_port_t 379 tcp_ctlport(int cmd, struct sockaddr *sa, void *vip) 380 { 381 struct ip *ip = vip; 382 struct tcphdr *th; 383 struct in_addr faddr; 384 int cpu; 385 386 faddr = ((struct sockaddr_in *)sa)->sin_addr; 387 if (sa->sa_family != AF_INET || faddr.s_addr == INADDR_ANY) 388 return(NULL); 389 if (ip == NULL || PRC_IS_REDIRECT(cmd) || cmd == PRC_HOSTDEAD) { 390 /* 391 * A new message will be allocated later to save necessary 392 * information and will be forwarded to all network protocol 393 * threads in the following way: 394 * 395 * (the the thread owns the msgport that we return here) 396 * netisr0 <--+ 397 * | | 398 * | | 399 * | | 400 * +-------+ 401 * sendmsg 402 * [msg is kmalloc()ed] 403 * 404 * 405 * Later on, when the msg is received by netisr0: 406 * 407 * forwardmsg forwardmsg 408 * netisr0 ---------> netisr1 ---------> netisrN 409 * [msg is kfree()ed] 410 */ 411 return cpu0_ctlport(cmd, sa, vip); 412 } else { 413 th = (struct tcphdr *)((caddr_t)ip + (ip->ip_hl << 2)); 414 cpu = tcp_addrcpu(faddr.s_addr, th->th_dport, 415 ip->ip_src.s_addr, th->th_sport); 416 } 417 return(cpu_portfn(cpu)); 418 } 419 420 lwkt_port_t 421 tcp_addrport(in_addr_t faddr, in_port_t fport, in_addr_t laddr, in_port_t lport) 422 { 423 return(cpu_portfn(tcp_addrcpu(faddr, fport, laddr, lport))); 424 } 425 426 lwkt_port_t 427 tcp_addrport0(void) 428 { 429 return(cpu_portfn(0)); 430 } 431 432 lwkt_port_t 433 udp_addrport(in_addr_t faddr, in_port_t fport, in_addr_t laddr, in_port_t lport) 434 { 435 return(cpu_portfn(udp_addrcpu(faddr, fport, laddr, lport))); 436 } 437 438 /* 439 * Used to route icmp messages to the proper protocol thread for ctlinput 440 * operation. 441 */ 442 lwkt_port_t 443 udp_ctlport(int cmd, struct sockaddr *sa, void *vip) 444 { 445 struct ip *ip = vip; 446 struct udphdr *uh; 447 struct in_addr faddr; 448 int cpu; 449 450 faddr = ((struct sockaddr_in *)sa)->sin_addr; 451 if (sa->sa_family != AF_INET || faddr.s_addr == INADDR_ANY) 452 return(NULL); 453 if (PRC_IS_REDIRECT(cmd)) { 454 /* 455 * See the comment in tcp_ctlport; the only difference 456 * is that message is forwarded to UDP protocol theads. 457 */ 458 return cpu0_ctlport(cmd, sa, vip); 459 } else if (ip == NULL || cmd == PRC_HOSTDEAD) { 460 /* 461 * XXX 462 * Once UDP inpcbs are CPU localized, we should do 463 * the same forwarding as PRC_IS_REDIRECT(cmd) 464 */ 465 cpu = 0; 466 } else { 467 uh = (struct udphdr *)((caddr_t)ip + (ip->ip_hl << 2)); 468 469 cpu = udp_addrcpu(faddr.s_addr, ip->ip_src.s_addr, 470 uh->uh_dport, uh->uh_sport); 471 } 472 return (cpu_portfn(cpu)); 473 } 474