1 /* 2 * Copyright (c) 2003, 2004 Jeffrey M. Hsu. All rights reserved. 3 * Copyright (c) 2003, 2004 The DragonFly Project. All rights reserved. 4 * 5 * This code is derived from software contributed to The DragonFly Project 6 * by Jeffrey M. Hsu. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of The DragonFly Project nor the names of its 17 * contributors may be used to endorse or promote products derived 18 * from this software without specific, prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 24 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 27 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 30 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #include "opt_inet.h" 35 #include "opt_rss.h" 36 37 #include <sys/param.h> 38 #include <sys/systm.h> 39 #include <sys/kernel.h> 40 #include <sys/socket.h> 41 #include <sys/socketvar.h> 42 #include <sys/thread.h> 43 #include <sys/sysctl.h> 44 #include <sys/globaldata.h> 45 46 #include <net/if.h> 47 #include <net/netisr2.h> 48 #include <net/toeplitz2.h> 49 50 #include <netinet/in_systm.h> 51 #include <netinet/in.h> 52 #include <netinet/in_var.h> 53 #include <netinet/in_pcb.h> 54 #include <netinet/ip.h> 55 #include <netinet/ip_var.h> 56 #include <netinet/tcp.h> 57 #include <netinet/tcpip.h> 58 #include <netinet/tcp_var.h> 59 #include <netinet/udp.h> 60 #include <netinet/udp_var.h> 61 62 /* 63 * Toeplitz hash functions - the idea is to match the hardware. 64 */ 65 static __inline int 66 INP_MPORT_HASH_UDP(in_addr_t faddr, in_addr_t laddr, 67 in_port_t fport, in_port_t lport) 68 { 69 return toeplitz_hash(toeplitz_rawhash_addr(faddr, laddr)); 70 } 71 72 static __inline int 73 INP_MPORT_HASH_TCP(in_addr_t faddr, in_addr_t laddr, 74 in_port_t fport, in_port_t lport) 75 { 76 return toeplitz_hash( 77 toeplitz_rawhash_addrport(faddr, laddr, fport, lport)); 78 } 79 80 /* 81 * Map a network address to a processor. 82 */ 83 int 84 tcp_addrcpu(in_addr_t faddr, in_port_t fport, in_addr_t laddr, in_port_t lport) 85 { 86 return (netisr_hashcpu(INP_MPORT_HASH_TCP(faddr, laddr, fport, lport))); 87 } 88 89 int 90 udp_addrcpu(in_addr_t faddr, in_port_t fport, in_addr_t laddr, in_port_t lport) 91 { 92 /* 93 * NOTE: laddr could be multicast, since UDP socket could be 94 * bound to multicast address. 95 */ 96 if (IN_MULTICAST(ntohl(faddr)) || IN_MULTICAST(ntohl(laddr))) { 97 /* XXX handle multicast on CPU0 for now */ 98 return 0; 99 } 100 return (netisr_hashcpu(INP_MPORT_HASH_UDP(faddr, laddr, fport, lport))); 101 } 102 103 /* 104 * If the packet is a valid IP datagram, upon returning of this function 105 * following things are promised: 106 * 107 * o IP header (including any possible IP options) and any data preceding 108 * IP header (usually linker layer header) are in one mbuf (m_len). 109 * o IP header length is not less than the minimum (sizeof(struct ip)). 110 * o IP total length is not less than IP header length. 111 * o IP datagram resides completely in the mbuf chain, 112 * i.e. pkthdr.len >= IP total length. 113 * 114 * If the packet is a UDP datagram, 115 * o IP header (including any possible IP options) and UDP header are in 116 * one mbuf (m_len). 117 * o IP total length is not less than (IP header length + UDP header length). 118 * 119 * If the packet is a TCP segment, 120 * o IP header (including any possible IP options) and TCP header (including 121 * any possible TCP options) are in one mbuf (m_len). 122 * o TCP header length is not less than the minimum (sizeof(struct tcphdr)). 123 * o IP total length is not less than (IP header length + TCP header length). 124 */ 125 boolean_t 126 ip_lengthcheck(struct mbuf **mp, int hoff) 127 { 128 struct mbuf *m = *mp; 129 struct ip *ip; 130 int len, iphlen, iplen; 131 struct tcphdr *th; 132 int thoff; /* TCP data offset */ 133 134 len = hoff + sizeof(struct ip); 135 136 /* The packet must be at least the size of an IP header. */ 137 if (m->m_pkthdr.len < len) { 138 ipstat.ips_tooshort++; 139 goto fail; 140 } 141 142 /* The fixed IP header must reside completely in the first mbuf. */ 143 if (m->m_len < len) { 144 m = m_pullup(m, len); 145 if (m == NULL) { 146 ipstat.ips_toosmall++; 147 goto fail; 148 } 149 } 150 151 ip = mtodoff(m, struct ip *, hoff); 152 153 /* Bound check the packet's stated IP header length. */ 154 iphlen = ip->ip_hl << 2; 155 if (iphlen < sizeof(struct ip)) { /* minimum header length */ 156 ipstat.ips_badhlen++; 157 goto fail; 158 } 159 160 /* The full IP header must reside completely in the one mbuf. */ 161 if (m->m_len < hoff + iphlen) { 162 m = m_pullup(m, hoff + iphlen); 163 if (m == NULL) { 164 ipstat.ips_badhlen++; 165 goto fail; 166 } 167 ip = mtodoff(m, struct ip *, hoff); 168 } 169 170 iplen = ntohs(ip->ip_len); 171 172 /* 173 * Check that the amount of data in the buffers is as 174 * at least much as the IP header would have us expect. 175 */ 176 if (m->m_pkthdr.len < hoff + iplen) { 177 ipstat.ips_tooshort++; 178 goto fail; 179 } 180 181 /* 182 * Fragments other than the first fragment don't have much 183 * length information. 184 */ 185 if (ntohs(ip->ip_off) & IP_OFFMASK) 186 goto ipcheckonly; 187 188 /* 189 * The TCP/IP or UDP/IP header must be entirely contained within 190 * the first fragment of a packet. Packet filters will break if they 191 * aren't. 192 * 193 * Since the packet will be trimmed to ip_len we must also make sure 194 * the potentially trimmed down length is still sufficient to hold 195 * the header(s). 196 */ 197 switch (ip->ip_p) { 198 case IPPROTO_TCP: 199 if (iplen < iphlen + sizeof(struct tcphdr)) { 200 ++tcpstat.tcps_rcvshort; 201 goto fail; 202 } 203 if (m->m_len < hoff + iphlen + sizeof(struct tcphdr)) { 204 m = m_pullup(m, hoff + iphlen + sizeof(struct tcphdr)); 205 if (m == NULL) { 206 tcpstat.tcps_rcvshort++; 207 goto fail; 208 } 209 ip = mtodoff(m, struct ip *, hoff); 210 } 211 th = (struct tcphdr *)((caddr_t)ip + iphlen); 212 thoff = th->th_off << 2; 213 if (thoff < sizeof(struct tcphdr) || 214 thoff + iphlen > ntohs(ip->ip_len)) { 215 tcpstat.tcps_rcvbadoff++; 216 goto fail; 217 } 218 if (m->m_len < hoff + iphlen + thoff) { 219 m = m_pullup(m, hoff + iphlen + thoff); 220 if (m == NULL) { 221 tcpstat.tcps_rcvshort++; 222 goto fail; 223 } 224 } 225 break; 226 case IPPROTO_UDP: 227 if (iplen < iphlen + sizeof(struct udphdr)) { 228 ++udp_stat.udps_hdrops; 229 goto fail; 230 } 231 if (m->m_len < hoff + iphlen + sizeof(struct udphdr)) { 232 m = m_pullup(m, hoff + iphlen + sizeof(struct udphdr)); 233 if (m == NULL) { 234 udp_stat.udps_hdrops++; 235 goto fail; 236 } 237 } 238 break; 239 default: 240 ipcheckonly: 241 if (iplen < iphlen) { 242 ++ipstat.ips_badlen; 243 goto fail; 244 } 245 break; 246 } 247 248 m->m_flags |= M_LENCHECKED; 249 *mp = m; 250 return TRUE; 251 252 fail: 253 if (m != NULL) 254 m_freem(m); 255 *mp = NULL; 256 return FALSE; 257 } 258 259 /* 260 * Assign a protocol processing thread to a packet. The IP header is at 261 * offset (hoff) in the packet (i.e. the mac header might still be intact). 262 * 263 * This function can blow away the mbuf if the packet is malformed. 264 */ 265 void 266 ip_hashfn(struct mbuf **mptr, int hoff) 267 { 268 struct ip *ip; 269 int iphlen; 270 struct tcphdr *th; 271 struct udphdr *uh; 272 struct mbuf *m; 273 int hash; 274 275 if (!ip_lengthcheck(mptr, hoff)) 276 return; 277 278 m = *mptr; 279 ip = mtodoff(m, struct ip *, hoff); 280 iphlen = ip->ip_hl << 2; 281 282 if (ntohs(ip->ip_off) & (IP_MF | IP_OFFMASK)) { 283 hash = toeplitz_hash(toeplitz_rawhash_addr( 284 ip->ip_src.s_addr, ip->ip_dst.s_addr)); 285 goto back; 286 } 287 288 switch (ip->ip_p) { 289 case IPPROTO_TCP: 290 th = (struct tcphdr *)((caddr_t)ip + iphlen); 291 hash = INP_MPORT_HASH_TCP(ip->ip_src.s_addr, ip->ip_dst.s_addr, 292 th->th_sport, th->th_dport); 293 break; 294 295 case IPPROTO_UDP: 296 if (IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) { 297 /* XXX handle multicast on CPU0 for now */ 298 hash = 0; 299 break; 300 } 301 uh = (struct udphdr *)((caddr_t)ip + iphlen); 302 hash = INP_MPORT_HASH_UDP(ip->ip_src.s_addr, ip->ip_dst.s_addr, 303 uh->uh_sport, uh->uh_dport); 304 break; 305 306 default: 307 hash = 0; 308 break; 309 } 310 back: 311 m->m_flags |= M_HASH; 312 m->m_pkthdr.hash = hash; 313 } 314 315 /* 316 * Verify and adjust the hash value of the packet. 317 * 318 * Unlike ip_hashfn(), the packet content is not accessed. The packet info 319 * (pi) and the hash of the packet (m_pkthdr.hash) is used instead. 320 * 321 * Caller has already made sure that m_pkthdr.hash is valid, i.e. m_flags 322 * has M_HASH set. 323 */ 324 void 325 ip_hashcheck(struct mbuf *m, const struct pktinfo *pi) 326 { 327 KASSERT((m->m_flags & M_HASH), ("no valid packet hash")); 328 329 switch (pi->pi_l3proto) { 330 case IPPROTO_TCP: 331 case IPPROTO_UDP: 332 break; 333 334 default: 335 /* Let software calculate the hash */ 336 m->m_flags &= ~M_HASH; 337 break; 338 } 339 } 340 341 /* 342 * This is used to map a socket to a message port for sendmsg() and friends. 343 * It is not called for any other purpose. In the case of TCP we just return 344 * the port already installed in the socket. 345 */ 346 lwkt_port_t 347 tcp_soport(struct socket *so, struct sockaddr *nam, 348 struct mbuf **dummy __unused) 349 { 350 return(so->so_port); 351 } 352 353 /* 354 * Used to route icmp messages to the proper protocol thread for ctlinput 355 * operation. 356 */ 357 lwkt_port_t 358 tcp_ctlport(int cmd, struct sockaddr *sa, void *vip, int *cpuid) 359 { 360 struct ip *ip = vip; 361 inp_notify_t notify; 362 int arg; 363 364 notify = tcp_get_inpnotify(cmd, sa, &arg, &ip, cpuid); 365 if (notify == NULL) 366 return NULL; 367 368 if (*cpuid == ncpus) { 369 /* 370 * Go through all CPUs. 371 * 372 * A new message will be allocated later to save necessary 373 * information and will be forwarded to all network protocol 374 * threads in the following way: 375 * 376 * (the the thread owns the msgport that we return here) 377 * netisr0 <--+ 378 * | | 379 * | | 380 * | | 381 * +-------+ 382 * sendmsg 383 * [msg is kmalloc()ed] 384 * 385 * 386 * Later on, when the msg is received by netisr0: 387 * 388 * forwardmsg forwardmsg 389 * netisr0 ---------> netisr1 ---------> netisrN 390 * [msg is kfree()ed] 391 */ 392 return netisr_cpuport(0); 393 } else { 394 return netisr_cpuport(*cpuid); 395 } 396 } 397 398 lwkt_port_t 399 tcp_addrport(in_addr_t faddr, in_port_t fport, in_addr_t laddr, in_port_t lport) 400 { 401 return(netisr_cpuport(tcp_addrcpu(faddr, fport, laddr, lport))); 402 } 403 404 lwkt_port_t 405 tcp_addrport0(void) 406 { 407 return(netisr_cpuport(0)); 408 } 409 410 lwkt_port_t 411 udp_addrport(in_addr_t faddr, in_port_t fport, in_addr_t laddr, in_port_t lport) 412 { 413 return(netisr_cpuport(udp_addrcpu(faddr, fport, laddr, lport))); 414 } 415 416 /* 417 * Used to route icmp messages to the proper protocol thread for ctlinput 418 * operation. 419 */ 420 lwkt_port_t 421 udp_ctlport(int cmd, struct sockaddr *sa, void *vip, int *cpuid) 422 { 423 struct ip *ip = vip; 424 inp_notify_t notify; 425 426 notify = udp_get_inpnotify(cmd, sa, &ip, cpuid); 427 if (notify == NULL) 428 return NULL; 429 430 if (*cpuid == ncpus) { 431 /* 432 * Go through all CPUs. 433 * 434 * See the comment in tcp_ctlport. 435 */ 436 return netisr_cpuport(0); 437 } else { 438 return netisr_cpuport(*cpuid); 439 } 440 } 441 442 struct lwkt_port * 443 tcp_initport(void) 444 { 445 return netisr_cpuport(mycpuid & ncpus2_mask); 446 } 447 448 struct lwkt_port * 449 udp_initport(void) 450 { 451 return netisr_cpuport(mycpuid & ncpus2_mask); 452 } 453