The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/netipsec/ipsec_mbuf.c

Version: -  FREEBSD  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-2  -  FREEBSD-11-1  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-4  -  FREEBSD-10-3  -  FREEBSD-10-2  -  FREEBSD-10-1  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-3  -  FREEBSD-9-2  -  FREEBSD-9-1  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-4  -  FREEBSD-8-3  -  FREEBSD-8-2  -  FREEBSD-8-1  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-4  -  FREEBSD-7-3  -  FREEBSD-7-2  -  FREEBSD-7-1  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-4  -  FREEBSD-6-3  -  FREEBSD-6-2  -  FREEBSD-6-1  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-5  -  FREEBSD-5-4  -  FREEBSD-5-3  -  FREEBSD-5-2  -  FREEBSD-5-1  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  linux-2.6  -  linux-2.4.22  -  MK83  -  MK84  -  PLAN9  -  DFBSD  -  NETBSD  -  NETBSD5  -  NETBSD4  -  NETBSD3  -  NETBSD20  -  OPENBSD  -  xnu-517  -  xnu-792  -  xnu-792.6.70  -  xnu-1228  -  xnu-1456.1.26  -  xnu-1699.24.8  -  xnu-2050.18.24  -  OPENSOLARIS  -  minix-3-1-1 
SearchContext: -  none  -  3  -  10 

    1 /*      $NetBSD: ipsec_mbuf.c,v 1.6 2005/02/26 22:45:13 perry Exp $     */
    2 /*-
    3  * Copyright (c) 2002, 2003 Sam Leffler, Errno Consulting
    4  * All rights reserved.
    5  *
    6  * Redistribution and use in source and binary forms, with or without
    7  * modification, are permitted provided that the following conditions
    8  * are met:
    9  * 1. Redistributions of source code must retain the above copyright
   10  *    notice, this list of conditions and the following disclaimer.
   11  * 2. Redistributions in binary form must reproduce the above copyright
   12  *    notice, this list of conditions and the following disclaimer in the
   13  *    documentation and/or other materials provided with the distribution.
   14  *
   15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
   16  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   17  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   18  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
   19  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   21  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   22  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   23  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   24  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   25  * SUCH DAMAGE.
   26  *
   27  * $FreeBSD: /repoman/r/ncvs/src/sys/netipsec/ipsec_mbuf.c,v 1.5.2.2 2003/03/28 20:32:53 sam Exp $
   28  */
   29 
   30 #include <sys/cdefs.h>
   31 __KERNEL_RCSID(0, "$NetBSD: ipsec_mbuf.c,v 1.6 2005/02/26 22:45:13 perry Exp $");
   32 
   33 /*
   34  * IPsec-specific mbuf routines.
   35  */
   36 
   37 #ifdef __FreeBSD__
   38 #include "opt_param.h"
   39 #endif
   40 
   41 #include <sys/param.h>
   42 #include <sys/systm.h>
   43 #include <sys/mbuf.h>
   44 #include <sys/socket.h>
   45 
   46 #include <net/route.h>
   47 #include <netinet/in.h>
   48 
   49 #include <netipsec/ipsec.h>
   50 #include <netipsec/ipsec_var.h>
   51 
   52 #include <netipsec/ipsec_osdep.h>
   53 #include <net/net_osdep.h>
   54 
   55 extern  struct mbuf *m_getptr(struct mbuf *, int, int *);
   56 
   57 /*
   58  * Create a writable copy of the mbuf chain.  While doing this
   59  * we compact the chain with a goal of producing a chain with
   60  * at most two mbufs.  The second mbuf in this chain is likely
   61  * to be a cluster.  The primary purpose of this work is to create
   62  * a writable packet for encryption, compression, etc.  The
   63  * secondary goal is to linearize the data so the data can be
   64  * passed to crypto hardware in the most efficient manner possible.
   65  */
   66 struct mbuf *
   67 m_clone(struct mbuf *m0)
   68 {
   69         struct mbuf *m, *mprev;
   70         struct mbuf *n, *mfirst, *mlast;
   71         int len, off;
   72 
   73         IPSEC_ASSERT(m0 != NULL, ("m_clone: null mbuf"));
   74 
   75         mprev = NULL;
   76         for (m = m0; m != NULL; m = mprev->m_next) {
   77                 /*
   78                  * Regular mbufs are ignored unless there's a cluster
   79                  * in front of it that we can use to coalesce.  We do
   80                  * the latter mainly so later clusters can be coalesced
   81                  * also w/o having to handle them specially (i.e. convert
   82                  * mbuf+cluster -> cluster).  This optimization is heavily
   83                  * influenced by the assumption that we're running over
   84                  * Ethernet where MCLBYTES is large enough that the max
   85                  * packet size will permit lots of coalescing into a
   86                  * single cluster.  This in turn permits efficient
   87                  * crypto operations, especially when using hardware.
   88                  */
   89                 if ((m->m_flags & M_EXT) == 0) {
   90                         if (mprev && (mprev->m_flags & M_EXT) &&
   91                             m->m_len <= M_TRAILINGSPACE(mprev)) {
   92                                 /* XXX: this ignores mbuf types */
   93                                 memcpy(mtod(mprev, caddr_t) + mprev->m_len,
   94                                        mtod(m, caddr_t), m->m_len);
   95                                 mprev->m_len += m->m_len;
   96                                 mprev->m_next = m->m_next;      /* unlink from chain */
   97                                 m_free(m);                      /* reclaim mbuf */
   98                                 newipsecstat.ips_mbcoalesced++;
   99                         } else {
  100                                 mprev = m;
  101                         }
  102                         continue;
  103                 }
  104                 /*
  105                  * Writable mbufs are left alone (for now).  Note
  106                  * that for 4.x systems it's not possible to identify
  107                  * whether or not mbufs with external buffers are
  108                  * writable unless they use clusters.
  109                  */
  110                 if (M_EXT_WRITABLE(m)) {
  111                         mprev = m;
  112                         continue;
  113                 }
  114 
  115                 /*
  116                  * Not writable, replace with a copy or coalesce with
  117                  * the previous mbuf if possible (since we have to copy
  118                  * it anyway, we try to reduce the number of mbufs and
  119                  * clusters so that future work is easier).
  120                  */
  121                 IPSEC_ASSERT(m->m_flags & M_EXT,
  122                         ("m_clone: m_flags 0x%x", m->m_flags));
  123                 /* NB: we only coalesce into a cluster or larger */
  124                 if (mprev != NULL && (mprev->m_flags & M_EXT) &&
  125                     m->m_len <= M_TRAILINGSPACE(mprev)) {
  126                         /* XXX: this ignores mbuf types */
  127                         memcpy(mtod(mprev, caddr_t) + mprev->m_len,
  128                                mtod(m, caddr_t), m->m_len);
  129                         mprev->m_len += m->m_len;
  130                         mprev->m_next = m->m_next;      /* unlink from chain */
  131                         m_free(m);                      /* reclaim mbuf */
  132                         newipsecstat.ips_clcoalesced++;
  133                         continue;
  134                 }
  135 
  136                 /*
  137                  * Allocate new space to hold the copy...
  138                  */
  139                 /* XXX why can M_PKTHDR be set past the first mbuf? */
  140                 if (mprev == NULL && (m->m_flags & M_PKTHDR)) {
  141                         /*
  142                          * NB: if a packet header is present we must
  143                          * allocate the mbuf separately from any cluster
  144                          * because M_MOVE_PKTHDR will smash the data
  145                          * pointer and drop the M_EXT marker.
  146                          */
  147                         MGETHDR(n, M_DONTWAIT, m->m_type);
  148                         if (n == NULL) {
  149                                 m_freem(m0);
  150                                 return (NULL);
  151                         }
  152                         M_MOVE_PKTHDR(n, m);
  153                         MCLGET(n, M_DONTWAIT);
  154                         if ((n->m_flags & M_EXT) == 0) {
  155                                 m_free(n);
  156                                 m_freem(m0);
  157                                 return (NULL);
  158                         }
  159                 } else {
  160                         n = m_getcl(M_DONTWAIT, m->m_type, m->m_flags);
  161                         if (n == NULL) {
  162                                 m_freem(m0);
  163                                 return (NULL);
  164                         }
  165                 }
  166                 /*
  167                  * ... and copy the data.  We deal with jumbo mbufs
  168                  * (i.e. m_len > MCLBYTES) by splitting them into
  169                  * clusters.  We could just malloc a buffer and make
  170                  * it external but too many device drivers don't know
  171                  * how to break up the non-contiguous memory when
  172                  * doing DMA.
  173                  */
  174                 len = m->m_len;
  175                 off = 0;
  176                 mfirst = n;
  177                 mlast = NULL;
  178                 for (;;) {
  179                         int cc = min(len, MCLBYTES);
  180                         memcpy(mtod(n, caddr_t), mtod(m, caddr_t) + off, cc);
  181                         n->m_len = cc;
  182                         if (mlast != NULL)
  183                                 mlast->m_next = n;
  184                         mlast = n;
  185                         newipsecstat.ips_clcopied++;
  186 
  187                         len -= cc;
  188                         if (len <= 0)
  189                                 break;
  190                         off += cc;
  191 
  192                         n = m_getcl(M_DONTWAIT, m->m_type, m->m_flags);
  193                         if (n == NULL) {
  194                                 m_freem(mfirst);
  195                                 m_freem(m0);
  196                                 return (NULL);
  197                         }
  198                 }
  199                 n->m_next = m->m_next;
  200                 if (mprev == NULL)
  201                         m0 = mfirst;            /* new head of chain */
  202                 else
  203                         mprev->m_next = mfirst; /* replace old mbuf */
  204                 m_free(m);                      /* release old mbuf */
  205                 mprev = mfirst;
  206         }
  207         return (m0);
  208 }
  209 
  210 /*
  211  * Make space for a new header of length hlen at skip bytes
  212  * into the packet.  When doing this we allocate new mbufs only
  213  * when absolutely necessary.  The mbuf where the new header
  214  * is to go is returned together with an offset into the mbuf.
  215  * If NULL is returned then the mbuf chain may have been modified;
  216  * the caller is assumed to always free the chain.
  217  */
  218 struct mbuf *
  219 m_makespace(struct mbuf *m0, int skip, int hlen, int *off)
  220 {
  221         struct mbuf *m;
  222         unsigned remain;
  223 
  224         IPSEC_ASSERT(m0 != NULL, ("m_dmakespace: null mbuf"));
  225         IPSEC_ASSERT(hlen < MHLEN, ("m_makespace: hlen too big: %u", hlen));
  226 
  227         for (m = m0; m && skip > m->m_len; m = m->m_next)
  228                 skip -= m->m_len;
  229         if (m == NULL)
  230                 return (NULL);
  231         /*
  232          * At this point skip is the offset into the mbuf m
  233          * where the new header should be placed.  Figure out
  234          * if there's space to insert the new header.  If so,
  235          * and copying the remainder makese sense then do so.
  236          * Otherwise insert a new mbuf in the chain, splitting
  237          * the contents of m as needed.
  238          */
  239         remain = m->m_len - skip;               /* data to move */
  240         if (hlen > M_TRAILINGSPACE(m)) {
  241                 struct mbuf *n;
  242 
  243                 /* XXX code doesn't handle clusters XXX */
  244                 IPSEC_ASSERT(remain < MLEN,
  245                         ("m_makespace: remainder too big: %u", remain));
  246                 /*
  247                  * Not enough space in m, split the contents
  248                  * of m, inserting new mbufs as required.
  249                  *
  250                  * NB: this ignores mbuf types.
  251                  */
  252                 MGET(n, M_DONTWAIT, MT_DATA);
  253                 if (n == NULL)
  254                         return (NULL);
  255                 n->m_next = m->m_next;          /* splice new mbuf */
  256                 m->m_next = n;
  257                 newipsecstat.ips_mbinserted++;
  258                 if (hlen <= M_TRAILINGSPACE(m) + remain) {
  259                         /*
  260                          * New header fits in the old mbuf if we copy
  261                          * the remainder; just do the copy to the new
  262                          * mbuf and we're good to go.
  263                          */
  264                         memcpy(mtod(n, caddr_t),
  265                                mtod(m, caddr_t) + skip, remain);
  266                         n->m_len = remain;
  267                         m->m_len = skip + hlen;
  268                         *off = skip;
  269                 } else {
  270                         /*
  271                          * No space in the old mbuf for the new header.
  272                          * Make space in the new mbuf and check the
  273                          * remainder'd data fits too.  If not then we
  274                          * must allocate an additional mbuf (yech).
  275                          */
  276                         n->m_len = 0;
  277                         if (remain + hlen > M_TRAILINGSPACE(n)) {
  278                                 struct mbuf *n2;
  279 
  280                                 MGET(n2, M_DONTWAIT, MT_DATA);
  281                                 /* NB: new mbuf is on chain, let caller free */
  282                                 if (n2 == NULL)
  283                                         return (NULL);
  284                                 n2->m_len = 0;
  285                                 memcpy(mtod(n2, caddr_t),
  286                                        mtod(m, caddr_t) + skip, remain);
  287                                 n2->m_len = remain;
  288                                 /* splice in second mbuf */
  289                                 n2->m_next = n->m_next;
  290                                 n->m_next = n2;
  291                                 newipsecstat.ips_mbinserted++;
  292                         } else {
  293                                 memcpy(mtod(n, caddr_t) + hlen,
  294                                        mtod(m, caddr_t) + skip, remain);
  295                                 n->m_len += remain;
  296                         }
  297                         m->m_len -= remain;
  298                         n->m_len += hlen;
  299                         m = n;                  /* header is at front ... */
  300                         *off = 0;               /* ... of new mbuf */
  301                 }
  302         } else {
  303                 /*
  304                  * Copy the remainder to the back of the mbuf
  305                  * so there's space to write the new header.
  306                  */
  307                 /* XXX can this be memcpy? does it handle overlap? */
  308                 ovbcopy(mtod(m, caddr_t) + skip,
  309                         mtod(m, caddr_t) + skip + hlen, remain);
  310                 m->m_len += hlen;
  311                 *off = skip;
  312         }
  313         m0->m_pkthdr.len += hlen;               /* adjust packet length */
  314         return m;
  315 }
  316 
  317 /*
  318  * m_pad(m, n) pads <m> with <n> bytes at the end. The packet header
  319  * length is updated, and a pointer to the first byte of the padding
  320  * (which is guaranteed to be all in one mbuf) is returned.
  321  */
  322 caddr_t
  323 m_pad(struct mbuf *m, int n)
  324 {
  325         register struct mbuf *m0, *m1;
  326         register int len, pad;
  327         caddr_t retval;
  328 
  329         if (n <= 0) {  /* No stupid arguments. */
  330                 DPRINTF(("m_pad: pad length invalid (%d)\n", n));
  331                 m_freem(m);
  332                 return NULL;
  333         }
  334 
  335         len = m->m_pkthdr.len;
  336         pad = n;
  337         m0 = m;
  338 
  339         while (m0->m_len < len) {
  340 IPSEC_ASSERT(m0->m_next != NULL, ("m_pad: m0 null, len %u m_len %u", len, m0->m_len));/*XXX*/
  341                 len -= m0->m_len;
  342                 m0 = m0->m_next;
  343         }
  344 
  345         if (m0->m_len != len) {
  346                 DPRINTF(("m_pad: length mismatch (should be %d instead of %d)\n",
  347                     m->m_pkthdr.len, m->m_pkthdr.len + m0->m_len - len));
  348 
  349                 m_freem(m);
  350                 return NULL;
  351         }
  352 
  353         /* Check for zero-length trailing mbufs, and find the last one. */
  354         for (m1 = m0; m1->m_next; m1 = m1->m_next) {
  355                 if (m1->m_next->m_len != 0) {
  356                         DPRINTF(("m_pad: length mismatch (should be %d "
  357                             "instead of %d)\n",
  358                             m->m_pkthdr.len,
  359                             m->m_pkthdr.len + m1->m_next->m_len));
  360 
  361                         m_freem(m);
  362                         return NULL;
  363                 }
  364 
  365                 m0 = m1->m_next;
  366         }
  367 
  368         if (pad > M_TRAILINGSPACE(m0)) {
  369                 /* Add an mbuf to the chain. */
  370                 MGET(m1, M_DONTWAIT, MT_DATA);
  371                 if (m1 == 0) {
  372                         m_freem(m0);
  373                         DPRINTF(("m_pad: unable to get extra mbuf\n"));
  374                         return NULL;
  375                 }
  376 
  377                 m0->m_next = m1;
  378                 m0 = m1;
  379                 m0->m_len = 0;
  380         }
  381 
  382         retval = m0->m_data + m0->m_len;
  383         m0->m_len += pad;
  384         m->m_pkthdr.len += pad;
  385 
  386         return retval;
  387 }
  388 
  389 /*
  390  * Remove hlen data at offset skip in the packet.  This is used by
  391  * the protocols strip protocol headers and associated data (e.g. IV,
  392  * authenticator) on input.
  393  */
  394 int
  395 m_striphdr(struct mbuf *m, int skip, int hlen)
  396 {
  397         struct mbuf *m1;
  398         int roff;
  399 
  400         /* Find beginning of header */
  401         m1 = m_getptr(m, skip, &roff);
  402         if (m1 == NULL)
  403                 return (EINVAL);
  404 
  405         /* Remove the header and associated data from the mbuf. */
  406         if (roff == 0) {
  407                 /* The header was at the beginning of the mbuf */
  408                 newipsecstat.ips_input_front++;
  409                 m_adj(m1, hlen);
  410                 if ((m1->m_flags & M_PKTHDR) == 0)
  411                         m->m_pkthdr.len -= hlen;
  412         } else if (roff + hlen >= m1->m_len) {
  413                 struct mbuf *mo;
  414 
  415                 /*
  416                  * Part or all of the header is at the end of this mbuf,
  417                  * so first let's remove the remainder of the header from
  418                  * the beginning of the remainder of the mbuf chain, if any.
  419                  */
  420                 newipsecstat.ips_input_end++;
  421                 if (roff + hlen > m1->m_len) {
  422                         /* Adjust the next mbuf by the remainder */
  423                         m_adj(m1->m_next, roff + hlen - m1->m_len);
  424 
  425                         /* The second mbuf is guaranteed not to have a pkthdr... */
  426                         m->m_pkthdr.len -= (roff + hlen - m1->m_len);
  427                 }
  428 
  429                 /* Now, let's unlink the mbuf chain for a second...*/
  430                 mo = m1->m_next;
  431                 m1->m_next = NULL;
  432 
  433                 /* ...and trim the end of the first part of the chain...sick */
  434                 m_adj(m1, -(m1->m_len - roff));
  435                 if ((m1->m_flags & M_PKTHDR) == 0)
  436                         m->m_pkthdr.len -= (m1->m_len - roff);
  437 
  438                 /* Finally, let's relink */
  439                 m1->m_next = mo;
  440         } else {
  441                 /*
  442                  * The header lies in the "middle" of the mbuf; copy
  443                  * the remainder of the mbuf down over the header.
  444                  */
  445                 newipsecstat.ips_input_middle++;
  446                 ovbcopy(mtod(m1, u_char *) + roff + hlen,
  447                       mtod(m1, u_char *) + roff,
  448                       m1->m_len - (roff + hlen));
  449                 m1->m_len -= hlen;
  450                 m->m_pkthdr.len -= hlen;
  451         }
  452         return (0);
  453 }
  454 
  455 /*
  456  * Diagnostic routine to check mbuf alignment as required by the
  457  * crypto device drivers (that use DMA).
  458  */
  459 void
  460 m_checkalignment(const char* where, struct mbuf *m0, int off, int len)
  461 {
  462         int roff;
  463         struct mbuf *m = m_getptr(m0, off, &roff);
  464         caddr_t addr;
  465 
  466         if (m == NULL)
  467                 return;
  468         printf("%s (off %u len %u): ", where, off, len);
  469         addr = mtod(m, caddr_t) + roff;
  470         do {
  471                 int mlen;
  472 
  473                 if (((uintptr_t) addr) & 3) {
  474                         printf("addr misaligned %p,", addr);
  475                         break;
  476                 }
  477                 mlen = m->m_len;
  478                 if (mlen > len)
  479                         mlen = len;
  480                 len -= mlen;
  481                 if (len && (mlen & 3)) {
  482                         printf("len mismatch %u,", mlen);
  483                         break;
  484                 }
  485                 m = m->m_next;
  486                 addr = m ? mtod(m, caddr_t) : NULL;
  487         } while (m && len > 0);
  488         for (m = m0; m; m = m->m_next)
  489                 printf(" [%p:%u]", mtod(m, caddr_t), m->m_len);
  490         printf("\n");
  491 }

Cache object: 44670d2a2c6f1d683d5a729142c88e6c


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.