The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/netipsec/ipsec_mbuf.c

Version: -  FREEBSD  -  FREEBSD-13-STABLE  -  FREEBSD-13-0  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  l41  -  OPENBSD  -  linux-2.6  -  MK84  -  PLAN9  -  xnu-8792 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * Copyright (c) 2002, 2003 Sam Leffler, Errno Consulting
    3  * All rights reserved.
    4  *
    5  * Redistribution and use in source and binary forms, with or without
    6  * modification, are permitted provided that the following conditions
    7  * are met:
    8  * 1. Redistributions of source code must retain the above copyright
    9  *    notice, this list of conditions and the following disclaimer.
   10  * 2. Redistributions in binary form must reproduce the above copyright
   11  *    notice, this list of conditions and the following disclaimer in the
   12  *    documentation and/or other materials provided with the distribution.
   13  *
   14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
   15  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   16  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   17  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
   18  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   19  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   20  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   21  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   22  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   23  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   24  * SUCH DAMAGE.
   25  *
   26  * $FreeBSD: releng/5.2/sys/netipsec/ipsec_mbuf.c 120585 2003-09-29 22:57:43Z sam $
   27  */
   28 
   29 /*
   30  * IPsec-specific mbuf routines.
   31  */
   32 
   33 #include "opt_param.h"
   34 
   35 #include <sys/param.h>
   36 #include <sys/systm.h>
   37 #include <sys/mbuf.h>
   38 #include <sys/socket.h>
   39 
   40 #include <net/route.h>
   41 #include <netinet/in.h>
   42 
   43 #include <netipsec/ipsec.h>
   44 
   45 extern  struct mbuf *m_getptr(struct mbuf *, int, int *);
   46 
   47 /*
   48  * Create a writable copy of the mbuf chain.  While doing this
   49  * we compact the chain with a goal of producing a chain with
   50  * at most two mbufs.  The second mbuf in this chain is likely
   51  * to be a cluster.  The primary purpose of this work is to create
   52  * a writable packet for encryption, compression, etc.  The
   53  * secondary goal is to linearize the data so the data can be
   54  * passed to crypto hardware in the most efficient manner possible.
   55  */
   56 struct mbuf *
   57 m_clone(struct mbuf *m0)
   58 {
   59         struct mbuf *m, *mprev;
   60         struct mbuf *n, *mfirst, *mlast;
   61         int len, off;
   62 
   63         IPSEC_ASSERT(m0 != NULL, ("null mbuf"));
   64 
   65         mprev = NULL;
   66         for (m = m0; m != NULL; m = mprev->m_next) {
   67                 /*
   68                  * Regular mbufs are ignored unless there's a cluster
   69                  * in front of it that we can use to coalesce.  We do
   70                  * the latter mainly so later clusters can be coalesced
   71                  * also w/o having to handle them specially (i.e. convert
   72                  * mbuf+cluster -> cluster).  This optimization is heavily
   73                  * influenced by the assumption that we're running over
   74                  * Ethernet where MCLBYTES is large enough that the max
   75                  * packet size will permit lots of coalescing into a
   76                  * single cluster.  This in turn permits efficient
   77                  * crypto operations, especially when using hardware.
   78                  */
   79                 if ((m->m_flags & M_EXT) == 0) {
   80                         if (mprev && (mprev->m_flags & M_EXT) &&
   81                             m->m_len <= M_TRAILINGSPACE(mprev)) {
   82                                 /* XXX: this ignores mbuf types */
   83                                 memcpy(mtod(mprev, caddr_t) + mprev->m_len,
   84                                        mtod(m, caddr_t), m->m_len);
   85                                 mprev->m_len += m->m_len;
   86                                 mprev->m_next = m->m_next;      /* unlink from chain */
   87                                 m_free(m);                      /* reclaim mbuf */
   88                                 newipsecstat.ips_mbcoalesced++;
   89                         } else {
   90                                 mprev = m;
   91                         }
   92                         continue;
   93                 }
   94                 /*
   95                  * Writable mbufs are left alone (for now).
   96                  */
   97                 if (!MEXT_IS_REF(m)) {
   98                         mprev = m;
   99                         continue;
  100                 }
  101 
  102                 /*
  103                  * Not writable, replace with a copy or coalesce with
  104                  * the previous mbuf if possible (since we have to copy
  105                  * it anyway, we try to reduce the number of mbufs and
  106                  * clusters so that future work is easier).
  107                  */
  108                 IPSEC_ASSERT(m->m_flags & M_EXT, ("m_flags 0x%x", m->m_flags));
  109                 /* NB: we only coalesce into a cluster or larger */
  110                 if (mprev != NULL && (mprev->m_flags & M_EXT) &&
  111                     m->m_len <= M_TRAILINGSPACE(mprev)) {
  112                         /* XXX: this ignores mbuf types */
  113                         memcpy(mtod(mprev, caddr_t) + mprev->m_len,
  114                                mtod(m, caddr_t), m->m_len);
  115                         mprev->m_len += m->m_len;
  116                         mprev->m_next = m->m_next;      /* unlink from chain */
  117                         m_free(m);                      /* reclaim mbuf */
  118                         newipsecstat.ips_clcoalesced++;
  119                         continue;
  120                 }
  121 
  122                 /*
  123                  * Allocate new space to hold the copy...
  124                  */
  125                 /* XXX why can M_PKTHDR be set past the first mbuf? */
  126                 if (mprev == NULL && (m->m_flags & M_PKTHDR)) {
  127                         /*
  128                          * NB: if a packet header is present we must
  129                          * allocate the mbuf separately from any cluster
  130                          * because M_MOVE_PKTHDR will smash the data
  131                          * pointer and drop the M_EXT marker.
  132                          */
  133                         MGETHDR(n, M_DONTWAIT, m->m_type);
  134                         if (n == NULL) {
  135                                 m_freem(m0);
  136                                 return (NULL);
  137                         }
  138                         M_MOVE_PKTHDR(n, m);
  139                         MCLGET(n, M_DONTWAIT);
  140                         if ((n->m_flags & M_EXT) == 0) {
  141                                 m_free(n);
  142                                 m_freem(m0);
  143                                 return (NULL);
  144                         }
  145                 } else {
  146                         n = m_getcl(M_DONTWAIT, m->m_type, m->m_flags);
  147                         if (n == NULL) {
  148                                 m_freem(m0);
  149                                 return (NULL);
  150                         }
  151                 }
  152                 /*
  153                  * ... and copy the data.  We deal with jumbo mbufs
  154                  * (i.e. m_len > MCLBYTES) by splitting them into
  155                  * clusters.  We could just malloc a buffer and make
  156                  * it external but too many device drivers don't know
  157                  * how to break up the non-contiguous memory when
  158                  * doing DMA.
  159                  */
  160                 len = m->m_len;
  161                 off = 0;
  162                 mfirst = n;
  163                 mlast = NULL;
  164                 for (;;) {
  165                         int cc = min(len, MCLBYTES);
  166                         memcpy(mtod(n, caddr_t), mtod(m, caddr_t) + off, cc);
  167                         n->m_len = cc;
  168                         if (mlast != NULL)
  169                                 mlast->m_next = n;
  170                         mlast = n;      
  171                         newipsecstat.ips_clcopied++;
  172 
  173                         len -= cc;
  174                         if (len <= 0)
  175                                 break;
  176                         off += cc;
  177 
  178                         n = m_getcl(M_DONTWAIT, m->m_type, m->m_flags);
  179                         if (n == NULL) {
  180                                 m_freem(mfirst);
  181                                 m_freem(m0);
  182                                 return (NULL);
  183                         }
  184                 }
  185                 n->m_next = m->m_next; 
  186                 if (mprev == NULL)
  187                         m0 = mfirst;            /* new head of chain */
  188                 else
  189                         mprev->m_next = mfirst; /* replace old mbuf */
  190                 m_free(m);                      /* release old mbuf */
  191                 mprev = mfirst;
  192         }
  193         return (m0);
  194 }
  195 
  196 /*
  197  * Make space for a new header of length hlen at skip bytes
  198  * into the packet.  When doing this we allocate new mbufs only
  199  * when absolutely necessary.  The mbuf where the new header
  200  * is to go is returned together with an offset into the mbuf.
  201  * If NULL is returned then the mbuf chain may have been modified;
  202  * the caller is assumed to always free the chain.
  203  */
  204 struct mbuf *
  205 m_makespace(struct mbuf *m0, int skip, int hlen, int *off)
  206 {
  207         struct mbuf *m;
  208         unsigned remain;
  209 
  210         IPSEC_ASSERT(m0 != NULL, ("null mbuf"));
  211         IPSEC_ASSERT(hlen < MHLEN, ("hlen too big: %u", hlen));
  212 
  213         for (m = m0; m && skip > m->m_len; m = m->m_next)
  214                 skip -= m->m_len;
  215         if (m == NULL)
  216                 return (NULL);
  217         /*
  218          * At this point skip is the offset into the mbuf m
  219          * where the new header should be placed.  Figure out
  220          * if there's space to insert the new header.  If so,
  221          * and copying the remainder makese sense then do so.
  222          * Otherwise insert a new mbuf in the chain, splitting
  223          * the contents of m as needed.
  224          */
  225         remain = m->m_len - skip;               /* data to move */
  226         if (hlen > M_TRAILINGSPACE(m)) {
  227                 struct mbuf *n;
  228 
  229                 /* XXX code doesn't handle clusters XXX */
  230                 IPSEC_ASSERT(remain < MLEN, ("remainder too big: %u", remain));
  231                 /*
  232                  * Not enough space in m, split the contents
  233                  * of m, inserting new mbufs as required.
  234                  *
  235                  * NB: this ignores mbuf types.
  236                  */
  237                 MGET(n, M_DONTWAIT, MT_DATA);
  238                 if (n == NULL)
  239                         return (NULL);
  240                 n->m_next = m->m_next;          /* splice new mbuf */
  241                 m->m_next = n;
  242                 newipsecstat.ips_mbinserted++;
  243                 if (hlen <= M_TRAILINGSPACE(m) + remain) {
  244                         /*
  245                          * New header fits in the old mbuf if we copy
  246                          * the remainder; just do the copy to the new
  247                          * mbuf and we're good to go.
  248                          */
  249                         memcpy(mtod(n, caddr_t),
  250                                mtod(m, caddr_t) + skip, remain);
  251                         n->m_len = remain;
  252                         m->m_len = skip + hlen;
  253                         *off = skip;
  254                 } else {
  255                         /*
  256                          * No space in the old mbuf for the new header.
  257                          * Make space in the new mbuf and check the
  258                          * remainder'd data fits too.  If not then we
  259                          * must allocate an additional mbuf (yech).
  260                          */
  261                         n->m_len = 0;
  262                         if (remain + hlen > M_TRAILINGSPACE(n)) {
  263                                 struct mbuf *n2;
  264 
  265                                 MGET(n2, M_DONTWAIT, MT_DATA);
  266                                 /* NB: new mbuf is on chain, let caller free */
  267                                 if (n2 == NULL)
  268                                         return (NULL);
  269                                 n2->m_len = 0;
  270                                 memcpy(mtod(n2, caddr_t),
  271                                        mtod(m, caddr_t) + skip, remain);
  272                                 n2->m_len = remain;
  273                                 /* splice in second mbuf */
  274                                 n2->m_next = n->m_next;
  275                                 n->m_next = n2;
  276                                 newipsecstat.ips_mbinserted++;
  277                         } else {
  278                                 memcpy(mtod(n, caddr_t) + hlen,
  279                                        mtod(m, caddr_t) + skip, remain);
  280                                 n->m_len += remain;
  281                         }
  282                         m->m_len -= remain;
  283                         n->m_len += hlen;
  284                         m = n;                  /* header is at front ... */
  285                         *off = 0;               /* ... of new mbuf */
  286                 }
  287         } else {
  288                 /*
  289                  * Copy the remainder to the back of the mbuf
  290                  * so there's space to write the new header.
  291                  */
  292                 bcopy(mtod(m, caddr_t) + skip,
  293                       mtod(m, caddr_t) + skip + hlen, remain);
  294                 m->m_len += hlen;
  295                 *off = skip;
  296         }
  297         m0->m_pkthdr.len += hlen;               /* adjust packet length */
  298         return m;
  299 }
  300 
  301 /*
  302  * m_pad(m, n) pads <m> with <n> bytes at the end. The packet header
  303  * length is updated, and a pointer to the first byte of the padding
  304  * (which is guaranteed to be all in one mbuf) is returned.
  305  */
  306 caddr_t
  307 m_pad(struct mbuf *m, int n)
  308 {
  309         register struct mbuf *m0, *m1;
  310         register int len, pad;
  311         caddr_t retval;
  312 
  313         if (n <= 0) {  /* No stupid arguments. */
  314                 DPRINTF(("%s: pad length invalid (%d)\n", __func__, n));
  315                 m_freem(m);
  316                 return NULL;
  317         }
  318 
  319         len = m->m_pkthdr.len;
  320         pad = n;
  321         m0 = m;
  322 
  323         while (m0->m_len < len) {
  324                 len -= m0->m_len;
  325                 m0 = m0->m_next;
  326         }
  327 
  328         if (m0->m_len != len) {
  329                 DPRINTF(("%s: length mismatch (should be %d instead of %d)\n",
  330                         __func__, m->m_pkthdr.len,
  331                         m->m_pkthdr.len + m0->m_len - len));
  332 
  333                 m_freem(m);
  334                 return NULL;
  335         }
  336 
  337         /* Check for zero-length trailing mbufs, and find the last one. */
  338         for (m1 = m0; m1->m_next; m1 = m1->m_next) {
  339                 if (m1->m_next->m_len != 0) {
  340                         DPRINTF(("%s: length mismatch (should be %d instead "
  341                                 "of %d)\n", __func__,
  342                                 m->m_pkthdr.len,
  343                                 m->m_pkthdr.len + m1->m_next->m_len));
  344 
  345                         m_freem(m);
  346                         return NULL;
  347                 }
  348 
  349                 m0 = m1->m_next;
  350         }
  351 
  352         if (pad > M_TRAILINGSPACE(m0)) {
  353                 /* Add an mbuf to the chain. */
  354                 MGET(m1, M_DONTWAIT, MT_DATA);
  355                 if (m1 == 0) {
  356                         m_freem(m0);
  357                         DPRINTF(("%s: unable to get extra mbuf\n", __func__));
  358                         return NULL;
  359                 }
  360 
  361                 m0->m_next = m1;
  362                 m0 = m1;
  363                 m0->m_len = 0;
  364         }
  365 
  366         retval = m0->m_data + m0->m_len;
  367         m0->m_len += pad;
  368         m->m_pkthdr.len += pad;
  369 
  370         return retval;
  371 }
  372 
  373 /*
  374  * Remove hlen data at offset skip in the packet.  This is used by
  375  * the protocols strip protocol headers and associated data (e.g. IV,
  376  * authenticator) on input.
  377  */
  378 int
  379 m_striphdr(struct mbuf *m, int skip, int hlen)
  380 {
  381         struct mbuf *m1;
  382         int roff;
  383 
  384         /* Find beginning of header */
  385         m1 = m_getptr(m, skip, &roff);
  386         if (m1 == NULL)
  387                 return (EINVAL);
  388 
  389         /* Remove the header and associated data from the mbuf. */
  390         if (roff == 0) {
  391                 /* The header was at the beginning of the mbuf */
  392                 newipsecstat.ips_input_front++;
  393                 m_adj(m1, hlen);
  394                 if ((m1->m_flags & M_PKTHDR) == 0)
  395                         m->m_pkthdr.len -= hlen;
  396         } else if (roff + hlen >= m1->m_len) {
  397                 struct mbuf *mo;
  398 
  399                 /*
  400                  * Part or all of the header is at the end of this mbuf,
  401                  * so first let's remove the remainder of the header from
  402                  * the beginning of the remainder of the mbuf chain, if any.
  403                  */
  404                 newipsecstat.ips_input_end++;
  405                 if (roff + hlen > m1->m_len) {
  406                         /* Adjust the next mbuf by the remainder */
  407                         m_adj(m1->m_next, roff + hlen - m1->m_len);
  408 
  409                         /* The second mbuf is guaranteed not to have a pkthdr... */
  410                         m->m_pkthdr.len -= (roff + hlen - m1->m_len);
  411                 }
  412 
  413                 /* Now, let's unlink the mbuf chain for a second...*/
  414                 mo = m1->m_next;
  415                 m1->m_next = NULL;
  416 
  417                 /* ...and trim the end of the first part of the chain...sick */
  418                 m_adj(m1, -(m1->m_len - roff));
  419                 if ((m1->m_flags & M_PKTHDR) == 0)
  420                         m->m_pkthdr.len -= (m1->m_len - roff);
  421 
  422                 /* Finally, let's relink */
  423                 m1->m_next = mo;
  424         } else {
  425                 /*
  426                  * The header lies in the "middle" of the mbuf; copy
  427                  * the remainder of the mbuf down over the header.
  428                  */
  429                 newipsecstat.ips_input_middle++;
  430                 bcopy(mtod(m1, u_char *) + roff + hlen,
  431                       mtod(m1, u_char *) + roff,
  432                       m1->m_len - (roff + hlen));
  433                 m1->m_len -= hlen;
  434                 m->m_pkthdr.len -= hlen;
  435         }
  436         return (0);
  437 }
  438 
  439 /*
  440  * Diagnostic routine to check mbuf alignment as required by the
  441  * crypto device drivers (that use DMA).
  442  */
  443 void
  444 m_checkalignment(const char* where, struct mbuf *m0, int off, int len)
  445 {
  446         int roff;
  447         struct mbuf *m = m_getptr(m0, off, &roff);
  448         caddr_t addr;
  449 
  450         if (m == NULL)
  451                 return;
  452         printf("%s (off %u len %u): ", where, off, len);
  453         addr = mtod(m, caddr_t) + roff;
  454         do {
  455                 int mlen;
  456 
  457                 if (((uintptr_t) addr) & 3) {
  458                         printf("addr misaligned %p,", addr);
  459                         break;
  460                 }
  461                 mlen = m->m_len;
  462                 if (mlen > len)
  463                         mlen = len;
  464                 len -= mlen;
  465                 if (len && (mlen & 3)) {
  466                         printf("len mismatch %u,", mlen);
  467                         break;
  468                 }
  469                 m = m->m_next;
  470                 addr = m ? mtod(m, caddr_t) : NULL;
  471         } while (m && len > 0);
  472         for (m = m0; m; m = m->m_next)
  473                 printf(" [%p:%u]", mtod(m, caddr_t), m->m_len);
  474         printf("\n");
  475 }

Cache object: c98d2c60dd42cbcfe0c181801723dea9


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.