Print this page
4596 Callers of ip_srcid_find_id() need to be more careful
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/inet/ip/icmp.c
+++ new/usr/src/uts/common/inet/ip/icmp.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
|
↓ open down ↓ |
13 lines elided |
↑ open up ↑ |
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright (c) 1991, 2010, Oracle and/or its affiliates. All rights reserved.
23 23 * Copyright (c) 2013 by Delphix. All rights reserved.
24 + * Copyright 2014, OmniTI Computer Consulting, Inc. All rights reserved.
24 25 */
25 26 /* Copyright (c) 1990 Mentat Inc. */
26 27
27 28 #include <sys/types.h>
28 29 #include <sys/stream.h>
29 30 #include <sys/stropts.h>
30 31 #include <sys/strlog.h>
31 32 #include <sys/strsun.h>
32 33 #define _SUN_TPI_VERSION 2
33 34 #include <sys/tihdr.h>
34 35 #include <sys/timod.h>
35 36 #include <sys/ddi.h>
36 37 #include <sys/sunddi.h>
37 38 #include <sys/strsubr.h>
38 39 #include <sys/suntpi.h>
39 40 #include <sys/xti_inet.h>
40 41 #include <sys/cmn_err.h>
41 42 #include <sys/kmem.h>
42 43 #include <sys/cred.h>
43 44 #include <sys/policy.h>
44 45 #include <sys/priv.h>
45 46 #include <sys/ucred.h>
46 47 #include <sys/zone.h>
47 48
48 49 #include <sys/sockio.h>
49 50 #include <sys/socket.h>
50 51 #include <sys/socketvar.h>
51 52 #include <sys/vtrace.h>
52 53 #include <sys/sdt.h>
53 54 #include <sys/debug.h>
54 55 #include <sys/isa_defs.h>
55 56 #include <sys/random.h>
56 57 #include <netinet/in.h>
57 58 #include <netinet/ip6.h>
58 59 #include <netinet/icmp6.h>
59 60 #include <netinet/udp.h>
60 61
61 62 #include <inet/common.h>
62 63 #include <inet/ip.h>
63 64 #include <inet/ip_impl.h>
64 65 #include <inet/ipsec_impl.h>
65 66 #include <inet/ip6.h>
66 67 #include <inet/ip_ire.h>
67 68 #include <inet/ip_if.h>
68 69 #include <inet/ip_multi.h>
69 70 #include <inet/ip_ndp.h>
70 71 #include <inet/proto_set.h>
71 72 #include <inet/mib2.h>
72 73 #include <inet/nd.h>
73 74 #include <inet/optcom.h>
74 75 #include <inet/snmpcom.h>
75 76 #include <inet/kstatcom.h>
76 77 #include <inet/ipclassifier.h>
77 78
78 79 #include <sys/tsol/label.h>
79 80 #include <sys/tsol/tnet.h>
80 81
81 82 #include <inet/rawip_impl.h>
82 83
83 84 #include <sys/disp.h>
84 85
85 86 /*
86 87 * Synchronization notes:
87 88 *
88 89 * RAWIP is MT and uses the usual kernel synchronization primitives. We use
89 90 * conn_lock to protect the icmp_t.
90 91 *
91 92 * Plumbing notes:
92 93 * ICMP is always a device driver. For compatibility with mibopen() code
93 94 * it is possible to I_PUSH "icmp", but that results in pushing a passthrough
94 95 * dummy module.
95 96 */
96 97 static void icmp_addr_req(queue_t *q, mblk_t *mp);
97 98 static void icmp_tpi_bind(queue_t *q, mblk_t *mp);
98 99 static void icmp_bind_proto(icmp_t *icmp);
99 100 static int icmp_build_hdr_template(conn_t *, const in6_addr_t *,
100 101 const in6_addr_t *, uint32_t);
101 102 static void icmp_capability_req(queue_t *q, mblk_t *mp);
102 103 static int icmp_close(queue_t *q, int flags);
103 104 static void icmp_close_free(conn_t *);
104 105 static void icmp_tpi_connect(queue_t *q, mblk_t *mp);
105 106 static void icmp_tpi_disconnect(queue_t *q, mblk_t *mp);
106 107 static void icmp_err_ack(queue_t *q, mblk_t *mp, t_scalar_t t_error,
107 108 int sys_error);
108 109 static void icmp_err_ack_prim(queue_t *q, mblk_t *mp, t_scalar_t primitive,
109 110 t_scalar_t tlierr, int sys_error);
110 111 static void icmp_icmp_input(void *arg1, mblk_t *mp, void *arg2,
111 112 ip_recv_attr_t *);
112 113 static void icmp_icmp_error_ipv6(conn_t *connp, mblk_t *mp,
113 114 ip_recv_attr_t *);
114 115 static void icmp_info_req(queue_t *q, mblk_t *mp);
115 116 static void icmp_input(void *, mblk_t *, void *, ip_recv_attr_t *);
116 117 static conn_t *icmp_open(int family, cred_t *credp, int *err, int flags);
117 118 static int icmp_openv4(queue_t *q, dev_t *devp, int flag, int sflag,
118 119 cred_t *credp);
119 120 static int icmp_openv6(queue_t *q, dev_t *devp, int flag, int sflag,
120 121 cred_t *credp);
121 122 static boolean_t icmp_opt_allow_udr_set(t_scalar_t level, t_scalar_t name);
122 123 int icmp_opt_set(conn_t *connp, uint_t optset_context,
123 124 int level, int name, uint_t inlen,
124 125 uchar_t *invalp, uint_t *outlenp, uchar_t *outvalp,
125 126 void *thisdg_attrs, cred_t *cr);
126 127 int icmp_opt_get(conn_t *connp, int level, int name,
127 128 uchar_t *ptr);
128 129 static int icmp_output_newdst(conn_t *connp, mblk_t *data_mp, sin_t *sin,
129 130 sin6_t *sin6, cred_t *cr, pid_t pid, ip_xmit_attr_t *ixa);
130 131 static mblk_t *icmp_prepend_hdr(conn_t *, ip_xmit_attr_t *, const ip_pkt_t *,
131 132 const in6_addr_t *, const in6_addr_t *, uint32_t, mblk_t *, int *);
132 133 static mblk_t *icmp_prepend_header_template(conn_t *, ip_xmit_attr_t *,
133 134 mblk_t *, const in6_addr_t *, uint32_t, int *);
134 135 static int icmp_snmp_set(queue_t *q, t_scalar_t level, t_scalar_t name,
135 136 uchar_t *ptr, int len);
136 137 static void icmp_ud_err(queue_t *q, mblk_t *mp, t_scalar_t err);
137 138 static void icmp_tpi_unbind(queue_t *q, mblk_t *mp);
138 139 static void icmp_wput(queue_t *q, mblk_t *mp);
139 140 static void icmp_wput_fallback(queue_t *q, mblk_t *mp);
140 141 static void icmp_wput_other(queue_t *q, mblk_t *mp);
141 142 static void icmp_wput_iocdata(queue_t *q, mblk_t *mp);
142 143 static void icmp_wput_restricted(queue_t *q, mblk_t *mp);
143 144 static void icmp_ulp_recv(conn_t *, mblk_t *, uint_t);
144 145
145 146 static void *rawip_stack_init(netstackid_t stackid, netstack_t *ns);
146 147 static void rawip_stack_fini(netstackid_t stackid, void *arg);
147 148
148 149 static void *rawip_kstat_init(netstackid_t stackid);
149 150 static void rawip_kstat_fini(netstackid_t stackid, kstat_t *ksp);
150 151 static int rawip_kstat_update(kstat_t *kp, int rw);
151 152 static void rawip_stack_shutdown(netstackid_t stackid, void *arg);
152 153
153 154 /* Common routines for TPI and socket module */
154 155 static conn_t *rawip_do_open(int, cred_t *, int *, int);
155 156 static void rawip_do_close(conn_t *);
156 157 static int rawip_do_bind(conn_t *, struct sockaddr *, socklen_t);
157 158 static int rawip_do_unbind(conn_t *);
158 159 static int rawip_do_connect(conn_t *, const struct sockaddr *, socklen_t,
159 160 cred_t *, pid_t);
160 161
161 162 int rawip_getsockname(sock_lower_handle_t, struct sockaddr *,
162 163 socklen_t *, cred_t *);
163 164 int rawip_getpeername(sock_lower_handle_t, struct sockaddr *,
164 165 socklen_t *, cred_t *);
165 166
166 167 static struct module_info icmp_mod_info = {
167 168 5707, "icmp", 1, INFPSZ, 512, 128
168 169 };
169 170
170 171 /*
171 172 * Entry points for ICMP as a device.
172 173 * We have separate open functions for the /dev/icmp and /dev/icmp6 devices.
173 174 */
174 175 static struct qinit icmprinitv4 = {
175 176 NULL, NULL, icmp_openv4, icmp_close, NULL, &icmp_mod_info
176 177 };
177 178
178 179 static struct qinit icmprinitv6 = {
179 180 NULL, NULL, icmp_openv6, icmp_close, NULL, &icmp_mod_info
180 181 };
181 182
182 183 static struct qinit icmpwinit = {
183 184 (pfi_t)icmp_wput, (pfi_t)ip_wsrv, NULL, NULL, NULL, &icmp_mod_info
184 185 };
185 186
186 187 /* ICMP entry point during fallback */
187 188 static struct qinit icmp_fallback_sock_winit = {
188 189 (pfi_t)icmp_wput_fallback, NULL, NULL, NULL, NULL, &icmp_mod_info
189 190 };
190 191
191 192 /* For AF_INET aka /dev/icmp */
192 193 struct streamtab icmpinfov4 = {
193 194 &icmprinitv4, &icmpwinit
194 195 };
195 196
196 197 /* For AF_INET6 aka /dev/icmp6 */
197 198 struct streamtab icmpinfov6 = {
198 199 &icmprinitv6, &icmpwinit
199 200 };
200 201
201 202 /* Default structure copied into T_INFO_ACK messages */
202 203 static struct T_info_ack icmp_g_t_info_ack = {
203 204 T_INFO_ACK,
204 205 IP_MAXPACKET, /* TSDU_size. icmp allows maximum size messages. */
205 206 T_INVALID, /* ETSDU_size. icmp does not support expedited data. */
206 207 T_INVALID, /* CDATA_size. icmp does not support connect data. */
207 208 T_INVALID, /* DDATA_size. icmp does not support disconnect data. */
208 209 0, /* ADDR_size - filled in later. */
209 210 0, /* OPT_size - not initialized here */
210 211 IP_MAXPACKET, /* TIDU_size. icmp allows maximum size messages. */
211 212 T_CLTS, /* SERV_type. icmp supports connection-less. */
212 213 TS_UNBND, /* CURRENT_state. This is set from icmp_state. */
213 214 (XPG4_1|SENDZERO) /* PROVIDER_flag */
214 215 };
215 216
216 217 static int
217 218 icmp_set_buf_prop(netstack_t *stack, cred_t *cr, mod_prop_info_t *pinfo,
218 219 const char *ifname, const void *pval, uint_t flags)
219 220 {
220 221 return (mod_set_buf_prop(stack->netstack_icmp->is_propinfo_tbl,
221 222 stack, cr, pinfo, ifname, pval, flags));
222 223 }
223 224
224 225 static int
225 226 icmp_get_buf_prop(netstack_t *stack, mod_prop_info_t *pinfo, const char *ifname,
226 227 void *val, uint_t psize, uint_t flags)
227 228 {
228 229 return (mod_get_buf_prop(stack->netstack_icmp->is_propinfo_tbl, stack,
229 230 pinfo, ifname, val, psize, flags));
230 231 }
231 232
232 233 /*
233 234 * All of these are alterable, within the min/max values given, at run time.
234 235 *
235 236 * Note: All those tunables which do not start with "icmp_" are Committed and
236 237 * therefore are public. See PSARC 2010/080.
237 238 */
238 239 static mod_prop_info_t icmp_propinfo_tbl[] = {
239 240 /* tunable - 0 */
240 241 { "_wroff_extra", MOD_PROTO_RAWIP,
241 242 mod_set_uint32, mod_get_uint32,
242 243 {0, 128, 32}, {32} },
243 244
244 245 { "_ipv4_ttl", MOD_PROTO_RAWIP,
245 246 mod_set_uint32, mod_get_uint32,
246 247 {1, 255, 255}, {255} },
247 248
248 249 { "_ipv6_hoplimit", MOD_PROTO_RAWIP,
249 250 mod_set_uint32, mod_get_uint32,
250 251 {0, IPV6_MAX_HOPS, IPV6_DEFAULT_HOPS},
251 252 {IPV6_DEFAULT_HOPS} },
252 253
253 254 { "_bsd_compat", MOD_PROTO_RAWIP,
254 255 mod_set_boolean, mod_get_boolean,
255 256 {B_TRUE}, {B_TRUE} },
256 257
257 258 { "send_buf", MOD_PROTO_RAWIP,
258 259 icmp_set_buf_prop, icmp_get_buf_prop,
259 260 {4096, 65536, 8192}, {8192} },
260 261
261 262 { "_xmit_lowat", MOD_PROTO_RAWIP,
262 263 mod_set_uint32, mod_get_uint32,
263 264 {0, 65536, 1024}, {1024} },
264 265
265 266 { "recv_buf", MOD_PROTO_RAWIP,
266 267 icmp_set_buf_prop, icmp_get_buf_prop,
267 268 {4096, 65536, 8192}, {8192} },
268 269
269 270 { "max_buf", MOD_PROTO_RAWIP,
270 271 mod_set_uint32, mod_get_uint32,
271 272 {65536, ULP_MAX_BUF, 256*1024}, {256*1024} },
272 273
273 274 { "_pmtu_discovery", MOD_PROTO_RAWIP,
274 275 mod_set_boolean, mod_get_boolean,
275 276 {B_FALSE}, {B_FALSE} },
276 277
277 278 { "_sendto_ignerr", MOD_PROTO_RAWIP,
278 279 mod_set_boolean, mod_get_boolean,
279 280 {B_FALSE}, {B_FALSE} },
280 281
281 282 { "?", MOD_PROTO_RAWIP, NULL, mod_get_allprop, {0}, {0} },
282 283
283 284 { NULL, 0, NULL, NULL, {0}, {0} }
284 285 };
285 286
286 287 #define is_wroff_extra is_propinfo_tbl[0].prop_cur_uval
287 288 #define is_ipv4_ttl is_propinfo_tbl[1].prop_cur_uval
288 289 #define is_ipv6_hoplimit is_propinfo_tbl[2].prop_cur_uval
289 290 #define is_bsd_compat is_propinfo_tbl[3].prop_cur_bval
290 291 #define is_xmit_hiwat is_propinfo_tbl[4].prop_cur_uval
291 292 #define is_xmit_lowat is_propinfo_tbl[5].prop_cur_uval
292 293 #define is_recv_hiwat is_propinfo_tbl[6].prop_cur_uval
293 294 #define is_max_buf is_propinfo_tbl[7].prop_cur_uval
294 295 #define is_pmtu_discovery is_propinfo_tbl[8].prop_cur_bval
295 296 #define is_sendto_ignerr is_propinfo_tbl[9].prop_cur_bval
296 297
297 298 typedef union T_primitives *t_primp_t;
298 299
299 300 /*
300 301 * This routine is called to handle each O_T_BIND_REQ/T_BIND_REQ message
301 302 * passed to icmp_wput.
302 303 * It calls IP to verify the local IP address, and calls IP to insert
303 304 * the conn_t in the fanout table.
304 305 * If everything is ok it then sends the T_BIND_ACK back up.
305 306 */
306 307 static void
307 308 icmp_tpi_bind(queue_t *q, mblk_t *mp)
308 309 {
309 310 int error;
310 311 struct sockaddr *sa;
311 312 struct T_bind_req *tbr;
312 313 socklen_t len;
313 314 sin_t *sin;
314 315 sin6_t *sin6;
315 316 icmp_t *icmp;
316 317 conn_t *connp = Q_TO_CONN(q);
317 318 mblk_t *mp1;
318 319 cred_t *cr;
319 320
320 321 /*
321 322 * All Solaris components should pass a db_credp
322 323 * for this TPI message, hence we ASSERT.
323 324 * But in case there is some other M_PROTO that looks
324 325 * like a TPI message sent by some other kernel
325 326 * component, we check and return an error.
326 327 */
327 328 cr = msg_getcred(mp, NULL);
328 329 ASSERT(cr != NULL);
329 330 if (cr == NULL) {
330 331 icmp_err_ack(q, mp, TSYSERR, EINVAL);
331 332 return;
332 333 }
333 334
334 335 icmp = connp->conn_icmp;
335 336 if ((mp->b_wptr - mp->b_rptr) < sizeof (*tbr)) {
336 337 (void) mi_strlog(q, 1, SL_ERROR|SL_TRACE,
337 338 "icmp_bind: bad req, len %u",
338 339 (uint_t)(mp->b_wptr - mp->b_rptr));
339 340 icmp_err_ack(q, mp, TPROTO, 0);
340 341 return;
341 342 }
342 343
343 344 if (icmp->icmp_state != TS_UNBND) {
344 345 (void) mi_strlog(q, 1, SL_ERROR|SL_TRACE,
345 346 "icmp_bind: bad state, %u", icmp->icmp_state);
346 347 icmp_err_ack(q, mp, TOUTSTATE, 0);
347 348 return;
348 349 }
349 350
350 351 /*
351 352 * Reallocate the message to make sure we have enough room for an
352 353 * address.
353 354 */
354 355 mp1 = reallocb(mp, sizeof (struct T_bind_ack) + sizeof (sin6_t), 1);
355 356 if (mp1 == NULL) {
356 357 icmp_err_ack(q, mp, TSYSERR, ENOMEM);
357 358 return;
358 359 }
359 360 mp = mp1;
360 361
361 362 /* Reset the message type in preparation for shipping it back. */
362 363 DB_TYPE(mp) = M_PCPROTO;
363 364 tbr = (struct T_bind_req *)mp->b_rptr;
364 365 len = tbr->ADDR_length;
365 366 switch (len) {
366 367 case 0: /* request for a generic port */
367 368 tbr->ADDR_offset = sizeof (struct T_bind_req);
368 369 if (connp->conn_family == AF_INET) {
369 370 tbr->ADDR_length = sizeof (sin_t);
370 371 sin = (sin_t *)&tbr[1];
371 372 *sin = sin_null;
372 373 sin->sin_family = AF_INET;
373 374 mp->b_wptr = (uchar_t *)&sin[1];
374 375 sa = (struct sockaddr *)sin;
375 376 len = sizeof (sin_t);
376 377 } else {
377 378 ASSERT(connp->conn_family == AF_INET6);
378 379 tbr->ADDR_length = sizeof (sin6_t);
379 380 sin6 = (sin6_t *)&tbr[1];
380 381 *sin6 = sin6_null;
381 382 sin6->sin6_family = AF_INET6;
382 383 mp->b_wptr = (uchar_t *)&sin6[1];
383 384 sa = (struct sockaddr *)sin6;
384 385 len = sizeof (sin6_t);
385 386 }
386 387 break;
387 388
388 389 case sizeof (sin_t): /* Complete IPv4 address */
389 390 sa = (struct sockaddr *)mi_offset_param(mp, tbr->ADDR_offset,
390 391 sizeof (sin_t));
391 392 break;
392 393
393 394 case sizeof (sin6_t): /* Complete IPv6 address */
394 395 sa = (struct sockaddr *)mi_offset_param(mp,
395 396 tbr->ADDR_offset, sizeof (sin6_t));
396 397 break;
397 398
398 399 default:
399 400 (void) mi_strlog(q, 1, SL_ERROR|SL_TRACE,
400 401 "icmp_bind: bad ADDR_length %u", tbr->ADDR_length);
401 402 icmp_err_ack(q, mp, TBADADDR, 0);
402 403 return;
403 404 }
404 405
405 406 error = rawip_do_bind(connp, sa, len);
406 407 if (error != 0) {
407 408 if (error > 0) {
408 409 icmp_err_ack(q, mp, TSYSERR, error);
409 410 } else {
410 411 icmp_err_ack(q, mp, -error, 0);
411 412 }
412 413 } else {
413 414 tbr->PRIM_type = T_BIND_ACK;
414 415 qreply(q, mp);
415 416 }
416 417 }
417 418
418 419 static int
419 420 rawip_do_bind(conn_t *connp, struct sockaddr *sa, socklen_t len)
420 421 {
421 422 sin_t *sin;
422 423 sin6_t *sin6;
423 424 icmp_t *icmp = connp->conn_icmp;
424 425 int error = 0;
425 426 ip_laddr_t laddr_type = IPVL_UNICAST_UP; /* INADDR_ANY */
426 427 in_port_t lport; /* Network byte order */
427 428 ipaddr_t v4src; /* Set if AF_INET */
428 429 in6_addr_t v6src;
429 430 uint_t scopeid = 0;
430 431 zoneid_t zoneid = IPCL_ZONEID(connp);
431 432 ip_stack_t *ipst = connp->conn_netstack->netstack_ip;
432 433
433 434 if (sa == NULL || !OK_32PTR((char *)sa)) {
434 435 return (EINVAL);
435 436 }
436 437
437 438 switch (len) {
438 439 case sizeof (sin_t): /* Complete IPv4 address */
439 440 sin = (sin_t *)sa;
440 441 if (sin->sin_family != AF_INET ||
441 442 connp->conn_family != AF_INET) {
442 443 /* TSYSERR, EAFNOSUPPORT */
443 444 return (EAFNOSUPPORT);
444 445 }
445 446 v4src = sin->sin_addr.s_addr;
446 447 IN6_IPADDR_TO_V4MAPPED(v4src, &v6src);
447 448 if (v4src != INADDR_ANY) {
448 449 laddr_type = ip_laddr_verify_v4(v4src, zoneid, ipst,
449 450 B_TRUE);
450 451 }
451 452 lport = sin->sin_port;
452 453 break;
453 454 case sizeof (sin6_t): /* Complete IPv6 address */
454 455 sin6 = (sin6_t *)sa;
455 456 if (sin6->sin6_family != AF_INET6 ||
456 457 connp->conn_family != AF_INET6) {
457 458 /* TSYSERR, EAFNOSUPPORT */
458 459 return (EAFNOSUPPORT);
459 460 }
460 461 /* No support for mapped addresses on raw sockets */
461 462 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
462 463 /* TSYSERR, EADDRNOTAVAIL */
463 464 return (EADDRNOTAVAIL);
464 465 }
465 466 v6src = sin6->sin6_addr;
466 467 if (!IN6_IS_ADDR_UNSPECIFIED(&v6src)) {
467 468 if (IN6_IS_ADDR_LINKSCOPE(&v6src))
468 469 scopeid = sin6->sin6_scope_id;
469 470 laddr_type = ip_laddr_verify_v6(&v6src, zoneid, ipst,
470 471 B_TRUE, scopeid);
471 472 }
472 473 lport = sin6->sin6_port;
473 474 break;
474 475
475 476 default:
476 477 /* TBADADDR */
477 478 return (EADDRNOTAVAIL);
478 479 }
479 480
480 481 /* Is the local address a valid unicast, multicast, or broadcast? */
481 482 if (laddr_type == IPVL_BAD)
482 483 return (EADDRNOTAVAIL);
483 484
484 485 /*
485 486 * The state must be TS_UNBND.
486 487 */
487 488 mutex_enter(&connp->conn_lock);
488 489 if (icmp->icmp_state != TS_UNBND) {
489 490 mutex_exit(&connp->conn_lock);
490 491 return (-TOUTSTATE);
491 492 }
492 493
493 494 /*
494 495 * Copy the source address into our icmp structure. This address
495 496 * may still be zero; if so, ip will fill in the correct address
496 497 * each time an outbound packet is passed to it.
497 498 * If we are binding to a broadcast or multicast address then
498 499 * we just set the conn_bound_addr since we don't want to use
499 500 * that as the source address when sending.
500 501 */
501 502 connp->conn_bound_addr_v6 = v6src;
502 503 connp->conn_laddr_v6 = v6src;
503 504 if (scopeid != 0) {
504 505 connp->conn_ixa->ixa_flags |= IXAF_SCOPEID_SET;
505 506 connp->conn_ixa->ixa_scopeid = scopeid;
506 507 connp->conn_incoming_ifindex = scopeid;
507 508 } else {
508 509 connp->conn_ixa->ixa_flags &= ~IXAF_SCOPEID_SET;
509 510 connp->conn_incoming_ifindex = connp->conn_bound_if;
510 511 }
511 512
512 513 switch (laddr_type) {
513 514 case IPVL_UNICAST_UP:
514 515 case IPVL_UNICAST_DOWN:
515 516 connp->conn_saddr_v6 = v6src;
516 517 connp->conn_mcbc_bind = B_FALSE;
517 518 break;
518 519 case IPVL_MCAST:
519 520 case IPVL_BCAST:
520 521 /* ip_set_destination will pick a source address later */
521 522 connp->conn_saddr_v6 = ipv6_all_zeros;
522 523 connp->conn_mcbc_bind = B_TRUE;
523 524 break;
524 525 }
525 526
526 527 /* Any errors after this point should use late_error */
527 528
528 529 /*
529 530 * Use sin_port/sin6_port since applications like psh use SOCK_RAW
530 531 * with IPPROTO_TCP.
531 532 */
532 533 connp->conn_lport = lport;
533 534 connp->conn_fport = 0;
534 535
535 536 if (connp->conn_family == AF_INET) {
536 537 ASSERT(connp->conn_ipversion == IPV4_VERSION);
537 538 } else {
538 539 ASSERT(connp->conn_ipversion == IPV6_VERSION);
539 540 }
540 541
541 542 icmp->icmp_state = TS_IDLE;
542 543
543 544 /*
544 545 * We create an initial header template here to make a subsequent
545 546 * sendto have a starting point. Since conn_last_dst is zero the
546 547 * first sendto will always follow the 'dst changed' code path.
547 548 * Note that we defer massaging options and the related checksum
548 549 * adjustment until we have a destination address.
549 550 */
550 551 error = icmp_build_hdr_template(connp, &connp->conn_saddr_v6,
551 552 &connp->conn_faddr_v6, connp->conn_flowinfo);
552 553 if (error != 0) {
553 554 mutex_exit(&connp->conn_lock);
554 555 goto late_error;
555 556 }
556 557 /* Just in case */
557 558 connp->conn_faddr_v6 = ipv6_all_zeros;
558 559 connp->conn_v6lastdst = ipv6_all_zeros;
559 560 mutex_exit(&connp->conn_lock);
560 561
561 562 error = ip_laddr_fanout_insert(connp);
562 563 if (error != 0)
563 564 goto late_error;
564 565
565 566 /* Bind succeeded */
566 567 return (0);
567 568
568 569 late_error:
569 570 mutex_enter(&connp->conn_lock);
570 571 connp->conn_saddr_v6 = ipv6_all_zeros;
571 572 connp->conn_bound_addr_v6 = ipv6_all_zeros;
572 573 connp->conn_laddr_v6 = ipv6_all_zeros;
573 574 if (scopeid != 0) {
574 575 connp->conn_ixa->ixa_flags &= ~IXAF_SCOPEID_SET;
575 576 connp->conn_incoming_ifindex = connp->conn_bound_if;
576 577 }
577 578 icmp->icmp_state = TS_UNBND;
578 579 connp->conn_v6lastdst = ipv6_all_zeros;
579 580 connp->conn_lport = 0;
580 581
581 582 /* Restore the header that was built above - different source address */
582 583 (void) icmp_build_hdr_template(connp, &connp->conn_saddr_v6,
583 584 &connp->conn_faddr_v6, connp->conn_flowinfo);
584 585 mutex_exit(&connp->conn_lock);
585 586 return (error);
586 587 }
587 588
588 589 /*
589 590 * Tell IP to just bind to the protocol.
590 591 */
591 592 static void
592 593 icmp_bind_proto(icmp_t *icmp)
593 594 {
594 595 conn_t *connp = icmp->icmp_connp;
595 596
596 597 mutex_enter(&connp->conn_lock);
597 598 connp->conn_saddr_v6 = ipv6_all_zeros;
598 599 connp->conn_laddr_v6 = ipv6_all_zeros;
599 600 connp->conn_faddr_v6 = ipv6_all_zeros;
600 601 connp->conn_v6lastdst = ipv6_all_zeros;
601 602 mutex_exit(&connp->conn_lock);
602 603
603 604 (void) ip_laddr_fanout_insert(connp);
604 605 }
605 606
606 607 /*
607 608 * This routine handles each T_CONN_REQ message passed to icmp. It
608 609 * associates a default destination address with the stream.
609 610 *
610 611 * After various error checks are completed, icmp_connect() lays
611 612 * the target address and port into the composite header template.
612 613 * Then we ask IP for information, including a source address if we didn't
613 614 * already have one. Finally we send up the T_OK_ACK reply message.
614 615 */
615 616 static void
616 617 icmp_tpi_connect(queue_t *q, mblk_t *mp)
617 618 {
618 619 conn_t *connp = Q_TO_CONN(q);
619 620 struct T_conn_req *tcr;
620 621 struct sockaddr *sa;
621 622 socklen_t len;
622 623 int error;
623 624 cred_t *cr;
624 625 pid_t pid;
625 626 /*
626 627 * All Solaris components should pass a db_credp
627 628 * for this TPI message, hence we ASSERT.
628 629 * But in case there is some other M_PROTO that looks
629 630 * like a TPI message sent by some other kernel
630 631 * component, we check and return an error.
631 632 */
632 633 cr = msg_getcred(mp, &pid);
633 634 ASSERT(cr != NULL);
634 635 if (cr == NULL) {
635 636 icmp_err_ack(q, mp, TSYSERR, EINVAL);
636 637 return;
637 638 }
638 639
639 640 tcr = (struct T_conn_req *)mp->b_rptr;
640 641 /* Sanity checks */
641 642 if ((mp->b_wptr - mp->b_rptr) < sizeof (struct T_conn_req)) {
642 643 icmp_err_ack(q, mp, TPROTO, 0);
643 644 return;
644 645 }
645 646
646 647 if (tcr->OPT_length != 0) {
647 648 icmp_err_ack(q, mp, TBADOPT, 0);
648 649 return;
649 650 }
650 651
651 652 len = tcr->DEST_length;
652 653
653 654 switch (len) {
654 655 default:
655 656 icmp_err_ack(q, mp, TBADADDR, 0);
656 657 return;
657 658 case sizeof (sin_t):
658 659 sa = (struct sockaddr *)mi_offset_param(mp, tcr->DEST_offset,
659 660 sizeof (sin_t));
660 661 break;
661 662 case sizeof (sin6_t):
662 663 sa = (struct sockaddr *)mi_offset_param(mp,
663 664 tcr->DEST_offset, sizeof (sin6_t));
664 665 break;
665 666 }
666 667
667 668 error = proto_verify_ip_addr(connp->conn_family, sa, len);
668 669 if (error != 0) {
669 670 icmp_err_ack(q, mp, TSYSERR, error);
670 671 return;
671 672 }
672 673
673 674 error = rawip_do_connect(connp, sa, len, cr, pid);
674 675 if (error != 0) {
675 676 if (error < 0) {
676 677 icmp_err_ack(q, mp, -error, 0);
677 678 } else {
678 679 icmp_err_ack(q, mp, 0, error);
679 680 }
680 681 } else {
681 682 mblk_t *mp1;
682 683
683 684 /*
684 685 * We have to send a connection confirmation to
685 686 * keep TLI happy.
686 687 */
687 688 if (connp->conn_family == AF_INET) {
688 689 mp1 = mi_tpi_conn_con(NULL, (char *)sa,
689 690 sizeof (sin_t), NULL, 0);
690 691 } else {
691 692 ASSERT(connp->conn_family == AF_INET6);
692 693 mp1 = mi_tpi_conn_con(NULL, (char *)sa,
693 694 sizeof (sin6_t), NULL, 0);
694 695 }
695 696 if (mp1 == NULL) {
696 697 icmp_err_ack(q, mp, TSYSERR, ENOMEM);
697 698 return;
698 699 }
699 700
700 701 /*
701 702 * Send ok_ack for T_CONN_REQ
702 703 */
703 704 mp = mi_tpi_ok_ack_alloc(mp);
704 705 if (mp == NULL) {
705 706 /* Unable to reuse the T_CONN_REQ for the ack. */
706 707 icmp_err_ack_prim(q, mp1, T_CONN_REQ, TSYSERR, ENOMEM);
707 708 return;
708 709 }
709 710 putnext(connp->conn_rq, mp);
710 711 putnext(connp->conn_rq, mp1);
711 712 }
712 713 }
713 714
714 715 static int
715 716 rawip_do_connect(conn_t *connp, const struct sockaddr *sa, socklen_t len,
716 717 cred_t *cr, pid_t pid)
717 718 {
718 719 icmp_t *icmp;
719 720 sin_t *sin;
720 721 sin6_t *sin6;
721 722 int error;
722 723 uint16_t dstport;
723 724 ipaddr_t v4dst;
724 725 in6_addr_t v6dst;
725 726 uint32_t flowinfo;
726 727 ip_xmit_attr_t *ixa;
727 728 ip_xmit_attr_t *oldixa;
728 729 uint_t scopeid = 0;
729 730 uint_t srcid = 0;
730 731 in6_addr_t v6src = connp->conn_saddr_v6;
731 732
732 733 icmp = connp->conn_icmp;
733 734
734 735 if (sa == NULL || !OK_32PTR((char *)sa)) {
735 736 return (EINVAL);
736 737 }
737 738
738 739 ASSERT(sa != NULL && len != 0);
739 740
740 741 /*
741 742 * Determine packet type based on type of address passed in
742 743 * the request should contain an IPv4 or IPv6 address.
743 744 * Make sure that address family matches the type of
744 745 * family of the address passed down.
745 746 */
746 747 switch (len) {
747 748 case sizeof (sin_t):
748 749 sin = (sin_t *)sa;
749 750
750 751 v4dst = sin->sin_addr.s_addr;
751 752 dstport = sin->sin_port;
752 753 IN6_IPADDR_TO_V4MAPPED(v4dst, &v6dst);
753 754 ASSERT(connp->conn_ipversion == IPV4_VERSION);
754 755 break;
755 756
756 757 case sizeof (sin6_t):
757 758 sin6 = (sin6_t *)sa;
758 759
759 760 /* No support for mapped addresses on raw sockets */
760 761 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
|
↓ open down ↓ |
727 lines elided |
↑ open up ↑ |
761 762 return (EADDRNOTAVAIL);
762 763 }
763 764 v6dst = sin6->sin6_addr;
764 765 dstport = sin6->sin6_port;
765 766 ASSERT(connp->conn_ipversion == IPV6_VERSION);
766 767 flowinfo = sin6->sin6_flowinfo;
767 768 if (IN6_IS_ADDR_LINKLOCAL(&sin6->sin6_addr))
768 769 scopeid = sin6->sin6_scope_id;
769 770 srcid = sin6->__sin6_src_id;
770 771 if (srcid != 0 && IN6_IS_ADDR_UNSPECIFIED(&v6src)) {
771 - ip_srcid_find_id(srcid, &v6src, IPCL_ZONEID(connp),
772 - connp->conn_netstack);
772 + /* Due to check above, we know sin6_addr is v6-only. */
773 + if (!ip_srcid_find_id(srcid, &v6src, IPCL_ZONEID(connp),
774 + B_FALSE, connp->conn_netstack)) {
775 + /* Mismatch - v6src would be v4mapped. */
776 + return (EADDRNOTAVAIL);
777 + }
773 778 }
774 779 break;
775 780 }
776 781
777 782 /*
778 783 * If there is a different thread using conn_ixa then we get a new
779 784 * copy and cut the old one loose from conn_ixa. Otherwise we use
780 785 * conn_ixa and prevent any other thread from using/changing it.
781 786 * Once connect() is done other threads can use conn_ixa since the
782 787 * refcnt will be back at one.
783 788 * We defer updating conn_ixa until later to handle any concurrent
784 789 * conn_ixa_cleanup thread.
785 790 */
786 791 ixa = conn_get_ixa(connp, B_FALSE);
787 792 if (ixa == NULL)
788 793 return (ENOMEM);
789 794
790 795 mutex_enter(&connp->conn_lock);
791 796 /*
792 797 * This icmp_t must have bound already before doing a connect.
793 798 * Reject if a connect is in progress (we drop conn_lock during
794 799 * rawip_do_connect).
795 800 */
796 801 if (icmp->icmp_state == TS_UNBND || icmp->icmp_state == TS_WCON_CREQ) {
797 802 mutex_exit(&connp->conn_lock);
798 803 ixa_refrele(ixa);
799 804 return (-TOUTSTATE);
800 805 }
801 806
802 807 if (icmp->icmp_state == TS_DATA_XFER) {
803 808 /* Already connected - clear out state */
804 809 if (connp->conn_mcbc_bind)
805 810 connp->conn_saddr_v6 = ipv6_all_zeros;
806 811 else
807 812 connp->conn_saddr_v6 = connp->conn_bound_addr_v6;
808 813 connp->conn_laddr_v6 = connp->conn_bound_addr_v6;
809 814 connp->conn_faddr_v6 = ipv6_all_zeros;
810 815 icmp->icmp_state = TS_IDLE;
811 816 }
812 817
813 818 /*
814 819 * Use sin_port/sin6_port since applications like psh use SOCK_RAW
815 820 * with IPPROTO_TCP.
816 821 */
817 822 connp->conn_fport = dstport;
818 823 if (connp->conn_ipversion == IPV4_VERSION) {
819 824 /*
820 825 * Interpret a zero destination to mean loopback.
821 826 * Update the T_CONN_REQ (sin/sin6) since it is used to
822 827 * generate the T_CONN_CON.
823 828 */
824 829 if (v4dst == INADDR_ANY) {
825 830 v4dst = htonl(INADDR_LOOPBACK);
826 831 IN6_IPADDR_TO_V4MAPPED(v4dst, &v6dst);
827 832 ASSERT(connp->conn_family == AF_INET);
828 833 sin->sin_addr.s_addr = v4dst;
829 834 }
830 835 connp->conn_faddr_v6 = v6dst;
831 836 connp->conn_flowinfo = 0;
832 837 } else {
833 838 ASSERT(connp->conn_ipversion == IPV6_VERSION);
834 839 /*
835 840 * Interpret a zero destination to mean loopback.
836 841 * Update the T_CONN_REQ (sin/sin6) since it is used to
837 842 * generate the T_CONN_CON.
838 843 */
839 844 if (IN6_IS_ADDR_UNSPECIFIED(&v6dst)) {
840 845 v6dst = ipv6_loopback;
841 846 sin6->sin6_addr = v6dst;
842 847 }
843 848 connp->conn_faddr_v6 = v6dst;
844 849 connp->conn_flowinfo = flowinfo;
845 850 }
846 851
847 852 /*
848 853 * We update our cred/cpid based on the caller of connect
849 854 */
850 855 if (connp->conn_cred != cr) {
851 856 crhold(cr);
852 857 crfree(connp->conn_cred);
853 858 connp->conn_cred = cr;
854 859 }
855 860 connp->conn_cpid = pid;
856 861 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
857 862 ixa->ixa_cred = cr;
858 863 ixa->ixa_cpid = pid;
859 864 if (is_system_labeled()) {
860 865 /* We need to restart with a label based on the cred */
861 866 ip_xmit_attr_restore_tsl(ixa, ixa->ixa_cred);
862 867 }
863 868
864 869 if (scopeid != 0) {
865 870 ixa->ixa_flags |= IXAF_SCOPEID_SET;
866 871 ixa->ixa_scopeid = scopeid;
867 872 connp->conn_incoming_ifindex = scopeid;
868 873 } else {
869 874 ixa->ixa_flags &= ~IXAF_SCOPEID_SET;
870 875 connp->conn_incoming_ifindex = connp->conn_bound_if;
871 876 }
872 877
873 878 /*
874 879 * conn_connect will drop conn_lock and reacquire it.
875 880 * To prevent a send* from messing with this icmp_t while the lock
876 881 * is dropped we set icmp_state and clear conn_v6lastdst.
877 882 * That will make all send* fail with EISCONN.
878 883 */
879 884 connp->conn_v6lastdst = ipv6_all_zeros;
880 885 icmp->icmp_state = TS_WCON_CREQ;
881 886
882 887 error = conn_connect(connp, NULL, IPDF_ALLOW_MCBC);
883 888 mutex_exit(&connp->conn_lock);
884 889 if (error != 0)
885 890 goto connect_failed;
886 891
887 892 /*
888 893 * The addresses have been verified. Time to insert in
889 894 * the correct fanout list.
890 895 */
891 896 error = ipcl_conn_insert(connp);
892 897 if (error != 0)
893 898 goto connect_failed;
894 899
895 900 mutex_enter(&connp->conn_lock);
896 901 error = icmp_build_hdr_template(connp, &connp->conn_saddr_v6,
897 902 &connp->conn_faddr_v6, connp->conn_flowinfo);
898 903 if (error != 0) {
899 904 mutex_exit(&connp->conn_lock);
900 905 goto connect_failed;
901 906 }
902 907
903 908 icmp->icmp_state = TS_DATA_XFER;
904 909 /* Record this as the "last" send even though we haven't sent any */
905 910 connp->conn_v6lastdst = connp->conn_faddr_v6;
906 911 connp->conn_lastipversion = connp->conn_ipversion;
907 912 connp->conn_lastdstport = connp->conn_fport;
908 913 connp->conn_lastflowinfo = connp->conn_flowinfo;
909 914 connp->conn_lastscopeid = scopeid;
910 915 connp->conn_lastsrcid = srcid;
911 916 /* Also remember a source to use together with lastdst */
912 917 connp->conn_v6lastsrc = v6src;
913 918
914 919 oldixa = conn_replace_ixa(connp, ixa);
915 920 mutex_exit(&connp->conn_lock);
916 921 ixa_refrele(oldixa);
917 922
918 923 ixa_refrele(ixa);
919 924 return (0);
920 925
921 926 connect_failed:
922 927 if (ixa != NULL)
923 928 ixa_refrele(ixa);
924 929 mutex_enter(&connp->conn_lock);
925 930 icmp->icmp_state = TS_IDLE;
926 931 /* In case the source address was set above */
927 932 if (connp->conn_mcbc_bind)
928 933 connp->conn_saddr_v6 = ipv6_all_zeros;
929 934 else
930 935 connp->conn_saddr_v6 = connp->conn_bound_addr_v6;
931 936 connp->conn_laddr_v6 = connp->conn_bound_addr_v6;
932 937 connp->conn_faddr_v6 = ipv6_all_zeros;
933 938 connp->conn_v6lastdst = ipv6_all_zeros;
934 939 connp->conn_flowinfo = 0;
935 940
936 941 (void) icmp_build_hdr_template(connp, &connp->conn_saddr_v6,
937 942 &connp->conn_faddr_v6, connp->conn_flowinfo);
938 943 mutex_exit(&connp->conn_lock);
939 944 return (error);
940 945 }
941 946
942 947 static void
943 948 rawip_do_close(conn_t *connp)
944 949 {
945 950 ASSERT(connp != NULL && IPCL_IS_RAWIP(connp));
946 951
947 952 ip_quiesce_conn(connp);
948 953
949 954 if (!IPCL_IS_NONSTR(connp)) {
950 955 qprocsoff(connp->conn_rq);
951 956 }
952 957
953 958 icmp_close_free(connp);
954 959
955 960 /*
956 961 * Now we are truly single threaded on this stream, and can
957 962 * delete the things hanging off the connp, and finally the connp.
958 963 * We removed this connp from the fanout list, it cannot be
959 964 * accessed thru the fanouts, and we already waited for the
960 965 * conn_ref to drop to 0. We are already in close, so
961 966 * there cannot be any other thread from the top. qprocsoff
962 967 * has completed, and service has completed or won't run in
963 968 * future.
964 969 */
965 970 ASSERT(connp->conn_ref == 1);
966 971
967 972 if (!IPCL_IS_NONSTR(connp)) {
968 973 inet_minor_free(connp->conn_minor_arena, connp->conn_dev);
969 974 } else {
970 975 ip_free_helper_stream(connp);
971 976 }
972 977
973 978 connp->conn_ref--;
974 979 ipcl_conn_destroy(connp);
975 980 }
976 981
977 982 static int
978 983 icmp_close(queue_t *q, int flags)
979 984 {
980 985 conn_t *connp;
981 986
982 987 if (flags & SO_FALLBACK) {
983 988 /*
984 989 * stream is being closed while in fallback
985 990 * simply free the resources that were allocated
986 991 */
987 992 inet_minor_free(WR(q)->q_ptr, (dev_t)(RD(q)->q_ptr));
988 993 qprocsoff(q);
989 994 goto done;
990 995 }
991 996
992 997 connp = Q_TO_CONN(q);
993 998 (void) rawip_do_close(connp);
994 999 done:
995 1000 q->q_ptr = WR(q)->q_ptr = NULL;
996 1001 return (0);
997 1002 }
998 1003
999 1004 static void
1000 1005 icmp_close_free(conn_t *connp)
1001 1006 {
1002 1007 icmp_t *icmp = connp->conn_icmp;
1003 1008
1004 1009 if (icmp->icmp_filter != NULL) {
1005 1010 kmem_free(icmp->icmp_filter, sizeof (icmp6_filter_t));
1006 1011 icmp->icmp_filter = NULL;
1007 1012 }
1008 1013
1009 1014 /*
1010 1015 * Clear any fields which the kmem_cache constructor clears.
1011 1016 * Only icmp_connp needs to be preserved.
1012 1017 * TBD: We should make this more efficient to avoid clearing
1013 1018 * everything.
1014 1019 */
1015 1020 ASSERT(icmp->icmp_connp == connp);
1016 1021 bzero(icmp, sizeof (icmp_t));
1017 1022 icmp->icmp_connp = connp;
1018 1023 }
1019 1024
1020 1025 /*
1021 1026 * This routine handles each T_DISCON_REQ message passed to icmp
1022 1027 * as an indicating that ICMP is no longer connected. This results
1023 1028 * in telling IP to restore the binding to just the local address.
1024 1029 */
1025 1030 static int
1026 1031 icmp_do_disconnect(conn_t *connp)
1027 1032 {
1028 1033 icmp_t *icmp = connp->conn_icmp;
1029 1034 int error;
1030 1035
1031 1036 mutex_enter(&connp->conn_lock);
1032 1037 if (icmp->icmp_state != TS_DATA_XFER) {
1033 1038 mutex_exit(&connp->conn_lock);
1034 1039 return (-TOUTSTATE);
1035 1040 }
1036 1041 if (connp->conn_mcbc_bind)
1037 1042 connp->conn_saddr_v6 = ipv6_all_zeros;
1038 1043 else
1039 1044 connp->conn_saddr_v6 = connp->conn_bound_addr_v6;
1040 1045 connp->conn_laddr_v6 = connp->conn_bound_addr_v6;
1041 1046 connp->conn_faddr_v6 = ipv6_all_zeros;
1042 1047 icmp->icmp_state = TS_IDLE;
1043 1048
1044 1049 connp->conn_v6lastdst = ipv6_all_zeros;
1045 1050 error = icmp_build_hdr_template(connp, &connp->conn_saddr_v6,
1046 1051 &connp->conn_faddr_v6, connp->conn_flowinfo);
1047 1052 mutex_exit(&connp->conn_lock);
1048 1053 if (error != 0)
1049 1054 return (error);
1050 1055
1051 1056 /*
1052 1057 * Tell IP to remove the full binding and revert
1053 1058 * to the local address binding.
1054 1059 */
1055 1060 return (ip_laddr_fanout_insert(connp));
1056 1061 }
1057 1062
1058 1063 static void
1059 1064 icmp_tpi_disconnect(queue_t *q, mblk_t *mp)
1060 1065 {
1061 1066 conn_t *connp = Q_TO_CONN(q);
1062 1067 int error;
1063 1068
1064 1069 /*
1065 1070 * Allocate the largest primitive we need to send back
1066 1071 * T_error_ack is > than T_ok_ack
1067 1072 */
1068 1073 mp = reallocb(mp, sizeof (struct T_error_ack), 1);
1069 1074 if (mp == NULL) {
1070 1075 /* Unable to reuse the T_DISCON_REQ for the ack. */
1071 1076 icmp_err_ack_prim(q, mp, T_DISCON_REQ, TSYSERR, ENOMEM);
1072 1077 return;
1073 1078 }
1074 1079
1075 1080 error = icmp_do_disconnect(connp);
1076 1081
1077 1082 if (error != 0) {
1078 1083 if (error > 0) {
1079 1084 icmp_err_ack(q, mp, 0, error);
1080 1085 } else {
1081 1086 icmp_err_ack(q, mp, -error, 0);
1082 1087 }
1083 1088 } else {
1084 1089 mp = mi_tpi_ok_ack_alloc(mp);
1085 1090 ASSERT(mp != NULL);
1086 1091 qreply(q, mp);
1087 1092 }
1088 1093 }
1089 1094
1090 1095 static int
1091 1096 icmp_disconnect(conn_t *connp)
1092 1097 {
1093 1098 int error;
1094 1099
1095 1100 connp->conn_dgram_errind = B_FALSE;
1096 1101
1097 1102 error = icmp_do_disconnect(connp);
1098 1103
1099 1104 if (error < 0)
1100 1105 error = proto_tlitosyserr(-error);
1101 1106 return (error);
1102 1107 }
1103 1108
1104 1109 /* This routine creates a T_ERROR_ACK message and passes it upstream. */
1105 1110 static void
1106 1111 icmp_err_ack(queue_t *q, mblk_t *mp, t_scalar_t t_error, int sys_error)
1107 1112 {
1108 1113 if ((mp = mi_tpi_err_ack_alloc(mp, t_error, sys_error)) != NULL)
1109 1114 qreply(q, mp);
1110 1115 }
1111 1116
1112 1117 /* Shorthand to generate and send TPI error acks to our client */
1113 1118 static void
1114 1119 icmp_err_ack_prim(queue_t *q, mblk_t *mp, t_scalar_t primitive,
1115 1120 t_scalar_t t_error, int sys_error)
1116 1121 {
1117 1122 struct T_error_ack *teackp;
1118 1123
1119 1124 if ((mp = tpi_ack_alloc(mp, sizeof (struct T_error_ack),
1120 1125 M_PCPROTO, T_ERROR_ACK)) != NULL) {
1121 1126 teackp = (struct T_error_ack *)mp->b_rptr;
1122 1127 teackp->ERROR_prim = primitive;
1123 1128 teackp->TLI_error = t_error;
1124 1129 teackp->UNIX_error = sys_error;
1125 1130 qreply(q, mp);
1126 1131 }
1127 1132 }
1128 1133
1129 1134 /*
1130 1135 * icmp_icmp_input is called as conn_recvicmp to process ICMP messages.
1131 1136 * Generates the appropriate T_UDERROR_IND for permanent (non-transient) errors.
1132 1137 * Assumes that IP has pulled up everything up to and including the ICMP header.
1133 1138 */
1134 1139 /* ARGSUSED2 */
1135 1140 static void
1136 1141 icmp_icmp_input(void *arg1, mblk_t *mp, void *arg2, ip_recv_attr_t *ira)
1137 1142 {
1138 1143 conn_t *connp = (conn_t *)arg1;
1139 1144 icmp_t *icmp = connp->conn_icmp;
1140 1145 icmph_t *icmph;
1141 1146 ipha_t *ipha;
1142 1147 int iph_hdr_length;
1143 1148 sin_t sin;
1144 1149 mblk_t *mp1;
1145 1150 int error = 0;
1146 1151
1147 1152 ipha = (ipha_t *)mp->b_rptr;
1148 1153
1149 1154 ASSERT(OK_32PTR(mp->b_rptr));
1150 1155
1151 1156 if (IPH_HDR_VERSION(ipha) != IPV4_VERSION) {
1152 1157 ASSERT(IPH_HDR_VERSION(ipha) == IPV6_VERSION);
1153 1158 icmp_icmp_error_ipv6(connp, mp, ira);
1154 1159 return;
1155 1160 }
1156 1161 ASSERT(IPH_HDR_VERSION(ipha) == IPV4_VERSION);
1157 1162
1158 1163 /* Skip past the outer IP and ICMP headers */
1159 1164 ASSERT(IPH_HDR_LENGTH(ipha) == ira->ira_ip_hdr_length);
1160 1165 iph_hdr_length = ira->ira_ip_hdr_length;
1161 1166 icmph = (icmph_t *)&mp->b_rptr[iph_hdr_length];
1162 1167 ipha = (ipha_t *)&icmph[1]; /* Inner IP header */
1163 1168
1164 1169 iph_hdr_length = IPH_HDR_LENGTH(ipha);
1165 1170
1166 1171 switch (icmph->icmph_type) {
1167 1172 case ICMP_DEST_UNREACHABLE:
1168 1173 switch (icmph->icmph_code) {
1169 1174 case ICMP_FRAGMENTATION_NEEDED: {
1170 1175 ipha_t *ipha;
1171 1176 ip_xmit_attr_t *ixa;
1172 1177 /*
1173 1178 * IP has already adjusted the path MTU.
1174 1179 * But we need to adjust DF for IPv4.
1175 1180 */
1176 1181 if (connp->conn_ipversion != IPV4_VERSION)
1177 1182 break;
1178 1183
1179 1184 ixa = conn_get_ixa(connp, B_FALSE);
1180 1185 if (ixa == NULL || ixa->ixa_ire == NULL) {
1181 1186 /*
1182 1187 * Some other thread holds conn_ixa. We will
1183 1188 * redo this on the next ICMP too big.
1184 1189 */
1185 1190 if (ixa != NULL)
1186 1191 ixa_refrele(ixa);
1187 1192 break;
1188 1193 }
1189 1194 (void) ip_get_pmtu(ixa);
1190 1195
1191 1196 mutex_enter(&connp->conn_lock);
1192 1197 ipha = (ipha_t *)connp->conn_ht_iphc;
1193 1198 if (ixa->ixa_flags & IXAF_PMTU_IPV4_DF) {
1194 1199 ipha->ipha_fragment_offset_and_flags |=
1195 1200 IPH_DF_HTONS;
1196 1201 } else {
1197 1202 ipha->ipha_fragment_offset_and_flags &=
1198 1203 ~IPH_DF_HTONS;
1199 1204 }
1200 1205 mutex_exit(&connp->conn_lock);
1201 1206 ixa_refrele(ixa);
1202 1207 break;
1203 1208 }
1204 1209 case ICMP_PORT_UNREACHABLE:
1205 1210 case ICMP_PROTOCOL_UNREACHABLE:
1206 1211 error = ECONNREFUSED;
1207 1212 break;
1208 1213 default:
1209 1214 /* Transient errors */
1210 1215 break;
1211 1216 }
1212 1217 break;
1213 1218 default:
1214 1219 /* Transient errors */
1215 1220 break;
1216 1221 }
1217 1222 if (error == 0) {
1218 1223 freemsg(mp);
1219 1224 return;
1220 1225 }
1221 1226
1222 1227 /*
1223 1228 * Deliver T_UDERROR_IND when the application has asked for it.
1224 1229 * The socket layer enables this automatically when connected.
1225 1230 */
1226 1231 if (!connp->conn_dgram_errind) {
1227 1232 freemsg(mp);
1228 1233 return;
1229 1234 }
1230 1235
1231 1236 sin = sin_null;
1232 1237 sin.sin_family = AF_INET;
1233 1238 sin.sin_addr.s_addr = ipha->ipha_dst;
1234 1239
1235 1240 if (IPCL_IS_NONSTR(connp)) {
1236 1241 mutex_enter(&connp->conn_lock);
1237 1242 if (icmp->icmp_state == TS_DATA_XFER) {
1238 1243 if (sin.sin_addr.s_addr == connp->conn_faddr_v4) {
1239 1244 mutex_exit(&connp->conn_lock);
1240 1245 (*connp->conn_upcalls->su_set_error)
1241 1246 (connp->conn_upper_handle, error);
1242 1247 goto done;
1243 1248 }
1244 1249 } else {
1245 1250 icmp->icmp_delayed_error = error;
1246 1251 *((sin_t *)&icmp->icmp_delayed_addr) = sin;
1247 1252 }
1248 1253 mutex_exit(&connp->conn_lock);
1249 1254 } else {
1250 1255 mp1 = mi_tpi_uderror_ind((char *)&sin, sizeof (sin_t), NULL, 0,
1251 1256 error);
1252 1257 if (mp1 != NULL)
1253 1258 putnext(connp->conn_rq, mp1);
1254 1259 }
1255 1260 done:
1256 1261 freemsg(mp);
1257 1262 }
1258 1263
1259 1264 /*
1260 1265 * icmp_icmp_error_ipv6 is called by icmp_icmp_error to process ICMP for IPv6.
1261 1266 * Generates the appropriate T_UDERROR_IND for permanent (non-transient) errors.
1262 1267 * Assumes that IP has pulled up all the extension headers as well as the
1263 1268 * ICMPv6 header.
1264 1269 */
1265 1270 static void
1266 1271 icmp_icmp_error_ipv6(conn_t *connp, mblk_t *mp, ip_recv_attr_t *ira)
1267 1272 {
1268 1273 icmp6_t *icmp6;
1269 1274 ip6_t *ip6h, *outer_ip6h;
1270 1275 uint16_t iph_hdr_length;
1271 1276 uint8_t *nexthdrp;
1272 1277 sin6_t sin6;
1273 1278 mblk_t *mp1;
1274 1279 int error = 0;
1275 1280 icmp_t *icmp = connp->conn_icmp;
1276 1281
1277 1282 outer_ip6h = (ip6_t *)mp->b_rptr;
1278 1283 #ifdef DEBUG
1279 1284 if (outer_ip6h->ip6_nxt != IPPROTO_ICMPV6)
1280 1285 iph_hdr_length = ip_hdr_length_v6(mp, outer_ip6h);
1281 1286 else
1282 1287 iph_hdr_length = IPV6_HDR_LEN;
1283 1288 ASSERT(iph_hdr_length == ira->ira_ip_hdr_length);
1284 1289 #endif
1285 1290 /* Skip past the outer IP and ICMP headers */
1286 1291 iph_hdr_length = ira->ira_ip_hdr_length;
1287 1292 icmp6 = (icmp6_t *)&mp->b_rptr[iph_hdr_length];
1288 1293
1289 1294 ip6h = (ip6_t *)&icmp6[1]; /* Inner IP header */
1290 1295 if (!ip_hdr_length_nexthdr_v6(mp, ip6h, &iph_hdr_length, &nexthdrp)) {
1291 1296 freemsg(mp);
1292 1297 return;
1293 1298 }
1294 1299
1295 1300 switch (icmp6->icmp6_type) {
1296 1301 case ICMP6_DST_UNREACH:
1297 1302 switch (icmp6->icmp6_code) {
1298 1303 case ICMP6_DST_UNREACH_NOPORT:
1299 1304 error = ECONNREFUSED;
1300 1305 break;
1301 1306 case ICMP6_DST_UNREACH_ADMIN:
1302 1307 case ICMP6_DST_UNREACH_NOROUTE:
1303 1308 case ICMP6_DST_UNREACH_BEYONDSCOPE:
1304 1309 case ICMP6_DST_UNREACH_ADDR:
1305 1310 /* Transient errors */
1306 1311 break;
1307 1312 default:
1308 1313 break;
1309 1314 }
1310 1315 break;
1311 1316 case ICMP6_PACKET_TOO_BIG: {
1312 1317 struct T_unitdata_ind *tudi;
1313 1318 struct T_opthdr *toh;
1314 1319 size_t udi_size;
1315 1320 mblk_t *newmp;
1316 1321 t_scalar_t opt_length = sizeof (struct T_opthdr) +
1317 1322 sizeof (struct ip6_mtuinfo);
1318 1323 sin6_t *sin6;
1319 1324 struct ip6_mtuinfo *mtuinfo;
1320 1325
1321 1326 /*
1322 1327 * If the application has requested to receive path mtu
1323 1328 * information, send up an empty message containing an
1324 1329 * IPV6_PATHMTU ancillary data item.
1325 1330 */
1326 1331 if (!connp->conn_ipv6_recvpathmtu)
1327 1332 break;
1328 1333
1329 1334 udi_size = sizeof (struct T_unitdata_ind) + sizeof (sin6_t) +
1330 1335 opt_length;
1331 1336 if ((newmp = allocb(udi_size, BPRI_MED)) == NULL) {
1332 1337 BUMP_MIB(&icmp->icmp_is->is_rawip_mib, rawipInErrors);
1333 1338 break;
1334 1339 }
1335 1340
1336 1341 /*
1337 1342 * newmp->b_cont is left to NULL on purpose. This is an
1338 1343 * empty message containing only ancillary data.
1339 1344 */
1340 1345 newmp->b_datap->db_type = M_PROTO;
1341 1346 tudi = (struct T_unitdata_ind *)newmp->b_rptr;
1342 1347 newmp->b_wptr = (uchar_t *)tudi + udi_size;
1343 1348 tudi->PRIM_type = T_UNITDATA_IND;
1344 1349 tudi->SRC_length = sizeof (sin6_t);
1345 1350 tudi->SRC_offset = sizeof (struct T_unitdata_ind);
1346 1351 tudi->OPT_offset = tudi->SRC_offset + sizeof (sin6_t);
1347 1352 tudi->OPT_length = opt_length;
1348 1353
1349 1354 sin6 = (sin6_t *)&tudi[1];
1350 1355 bzero(sin6, sizeof (sin6_t));
1351 1356 sin6->sin6_family = AF_INET6;
1352 1357 sin6->sin6_addr = connp->conn_faddr_v6;
1353 1358
1354 1359 toh = (struct T_opthdr *)&sin6[1];
1355 1360 toh->level = IPPROTO_IPV6;
1356 1361 toh->name = IPV6_PATHMTU;
1357 1362 toh->len = opt_length;
1358 1363 toh->status = 0;
1359 1364
1360 1365 mtuinfo = (struct ip6_mtuinfo *)&toh[1];
1361 1366 bzero(mtuinfo, sizeof (struct ip6_mtuinfo));
1362 1367 mtuinfo->ip6m_addr.sin6_family = AF_INET6;
1363 1368 mtuinfo->ip6m_addr.sin6_addr = ip6h->ip6_dst;
1364 1369 mtuinfo->ip6m_mtu = icmp6->icmp6_mtu;
1365 1370 /*
1366 1371 * We've consumed everything we need from the original
1367 1372 * message. Free it, then send our empty message.
1368 1373 */
1369 1374 freemsg(mp);
1370 1375 icmp_ulp_recv(connp, newmp, msgdsize(newmp));
1371 1376 return;
1372 1377 }
1373 1378 case ICMP6_TIME_EXCEEDED:
1374 1379 /* Transient errors */
1375 1380 break;
1376 1381 case ICMP6_PARAM_PROB:
1377 1382 /* If this corresponds to an ICMP_PROTOCOL_UNREACHABLE */
1378 1383 if (icmp6->icmp6_code == ICMP6_PARAMPROB_NEXTHEADER &&
1379 1384 (uchar_t *)ip6h + icmp6->icmp6_pptr ==
1380 1385 (uchar_t *)nexthdrp) {
1381 1386 error = ECONNREFUSED;
1382 1387 break;
1383 1388 }
1384 1389 break;
1385 1390 }
1386 1391 if (error == 0) {
1387 1392 freemsg(mp);
1388 1393 return;
1389 1394 }
1390 1395
1391 1396 /*
1392 1397 * Deliver T_UDERROR_IND when the application has asked for it.
1393 1398 * The socket layer enables this automatically when connected.
1394 1399 */
1395 1400 if (!connp->conn_dgram_errind) {
1396 1401 freemsg(mp);
1397 1402 return;
1398 1403 }
1399 1404
1400 1405 sin6 = sin6_null;
1401 1406 sin6.sin6_family = AF_INET6;
1402 1407 sin6.sin6_addr = ip6h->ip6_dst;
1403 1408 sin6.sin6_flowinfo = ip6h->ip6_vcf & ~IPV6_VERS_AND_FLOW_MASK;
1404 1409 if (IPCL_IS_NONSTR(connp)) {
1405 1410 mutex_enter(&connp->conn_lock);
1406 1411 if (icmp->icmp_state == TS_DATA_XFER) {
1407 1412 if (IN6_ARE_ADDR_EQUAL(&sin6.sin6_addr,
1408 1413 &connp->conn_faddr_v6)) {
1409 1414 mutex_exit(&connp->conn_lock);
1410 1415 (*connp->conn_upcalls->su_set_error)
1411 1416 (connp->conn_upper_handle, error);
1412 1417 goto done;
1413 1418 }
1414 1419 } else {
1415 1420 icmp->icmp_delayed_error = error;
1416 1421 *((sin6_t *)&icmp->icmp_delayed_addr) = sin6;
1417 1422 }
1418 1423 mutex_exit(&connp->conn_lock);
1419 1424 } else {
1420 1425 mp1 = mi_tpi_uderror_ind((char *)&sin6, sizeof (sin6_t),
1421 1426 NULL, 0, error);
1422 1427 if (mp1 != NULL)
1423 1428 putnext(connp->conn_rq, mp1);
1424 1429 }
1425 1430 done:
1426 1431 freemsg(mp);
1427 1432 }
1428 1433
1429 1434 /*
1430 1435 * This routine responds to T_ADDR_REQ messages. It is called by icmp_wput.
1431 1436 * The local address is filled in if endpoint is bound. The remote address
1432 1437 * is filled in if remote address has been precified ("connected endpoint")
1433 1438 * (The concept of connected CLTS sockets is alien to published TPI
1434 1439 * but we support it anyway).
1435 1440 */
1436 1441 static void
1437 1442 icmp_addr_req(queue_t *q, mblk_t *mp)
1438 1443 {
1439 1444 struct sockaddr *sa;
1440 1445 mblk_t *ackmp;
1441 1446 struct T_addr_ack *taa;
1442 1447 icmp_t *icmp = Q_TO_ICMP(q);
1443 1448 conn_t *connp = icmp->icmp_connp;
1444 1449 uint_t addrlen;
1445 1450
1446 1451 /* Make it large enough for worst case */
1447 1452 ackmp = reallocb(mp, sizeof (struct T_addr_ack) +
1448 1453 2 * sizeof (sin6_t), 1);
1449 1454 if (ackmp == NULL) {
1450 1455 icmp_err_ack(q, mp, TSYSERR, ENOMEM);
1451 1456 return;
1452 1457 }
1453 1458 taa = (struct T_addr_ack *)ackmp->b_rptr;
1454 1459
1455 1460 bzero(taa, sizeof (struct T_addr_ack));
1456 1461 ackmp->b_wptr = (uchar_t *)&taa[1];
1457 1462
1458 1463 taa->PRIM_type = T_ADDR_ACK;
1459 1464 ackmp->b_datap->db_type = M_PCPROTO;
1460 1465
1461 1466 if (connp->conn_family == AF_INET)
1462 1467 addrlen = sizeof (sin_t);
1463 1468 else
1464 1469 addrlen = sizeof (sin6_t);
1465 1470
1466 1471 mutex_enter(&connp->conn_lock);
1467 1472 /*
1468 1473 * Note: Following code assumes 32 bit alignment of basic
1469 1474 * data structures like sin_t and struct T_addr_ack.
1470 1475 */
1471 1476 if (icmp->icmp_state != TS_UNBND) {
1472 1477 /*
1473 1478 * Fill in local address first
1474 1479 */
1475 1480 taa->LOCADDR_offset = sizeof (*taa);
1476 1481 taa->LOCADDR_length = addrlen;
1477 1482 sa = (struct sockaddr *)&taa[1];
1478 1483 (void) conn_getsockname(connp, sa, &addrlen);
1479 1484 ackmp->b_wptr += addrlen;
1480 1485 }
1481 1486 if (icmp->icmp_state == TS_DATA_XFER) {
1482 1487 /*
1483 1488 * connected, fill remote address too
1484 1489 */
1485 1490 taa->REMADDR_length = addrlen;
1486 1491 /* assumed 32-bit alignment */
1487 1492 taa->REMADDR_offset = taa->LOCADDR_offset + taa->LOCADDR_length;
1488 1493 sa = (struct sockaddr *)(ackmp->b_rptr + taa->REMADDR_offset);
1489 1494 (void) conn_getpeername(connp, sa, &addrlen);
1490 1495 ackmp->b_wptr += addrlen;
1491 1496 }
1492 1497 mutex_exit(&connp->conn_lock);
1493 1498 ASSERT(ackmp->b_wptr <= ackmp->b_datap->db_lim);
1494 1499 qreply(q, ackmp);
1495 1500 }
1496 1501
1497 1502 static void
1498 1503 icmp_copy_info(struct T_info_ack *tap, icmp_t *icmp)
1499 1504 {
1500 1505 conn_t *connp = icmp->icmp_connp;
1501 1506
1502 1507 *tap = icmp_g_t_info_ack;
1503 1508
1504 1509 if (connp->conn_family == AF_INET6)
1505 1510 tap->ADDR_size = sizeof (sin6_t);
1506 1511 else
1507 1512 tap->ADDR_size = sizeof (sin_t);
1508 1513 tap->CURRENT_state = icmp->icmp_state;
1509 1514 tap->OPT_size = icmp_max_optsize;
1510 1515 }
1511 1516
1512 1517 static void
1513 1518 icmp_do_capability_ack(icmp_t *icmp, struct T_capability_ack *tcap,
1514 1519 t_uscalar_t cap_bits1)
1515 1520 {
1516 1521 tcap->CAP_bits1 = 0;
1517 1522
1518 1523 if (cap_bits1 & TC1_INFO) {
1519 1524 icmp_copy_info(&tcap->INFO_ack, icmp);
1520 1525 tcap->CAP_bits1 |= TC1_INFO;
1521 1526 }
1522 1527 }
1523 1528
1524 1529 /*
1525 1530 * This routine responds to T_CAPABILITY_REQ messages. It is called by
1526 1531 * icmp_wput. Much of the T_CAPABILITY_ACK information is copied from
1527 1532 * icmp_g_t_info_ack. The current state of the stream is copied from
1528 1533 * icmp_state.
1529 1534 */
1530 1535 static void
1531 1536 icmp_capability_req(queue_t *q, mblk_t *mp)
1532 1537 {
1533 1538 icmp_t *icmp = Q_TO_ICMP(q);
1534 1539 t_uscalar_t cap_bits1;
1535 1540 struct T_capability_ack *tcap;
1536 1541
1537 1542 cap_bits1 = ((struct T_capability_req *)mp->b_rptr)->CAP_bits1;
1538 1543
1539 1544 mp = tpi_ack_alloc(mp, sizeof (struct T_capability_ack),
1540 1545 mp->b_datap->db_type, T_CAPABILITY_ACK);
1541 1546 if (!mp)
1542 1547 return;
1543 1548
1544 1549 tcap = (struct T_capability_ack *)mp->b_rptr;
1545 1550
1546 1551 icmp_do_capability_ack(icmp, tcap, cap_bits1);
1547 1552
1548 1553 qreply(q, mp);
1549 1554 }
1550 1555
1551 1556 /*
1552 1557 * This routine responds to T_INFO_REQ messages. It is called by icmp_wput.
1553 1558 * Most of the T_INFO_ACK information is copied from icmp_g_t_info_ack.
1554 1559 * The current state of the stream is copied from icmp_state.
1555 1560 */
1556 1561 static void
1557 1562 icmp_info_req(queue_t *q, mblk_t *mp)
1558 1563 {
1559 1564 icmp_t *icmp = Q_TO_ICMP(q);
1560 1565
1561 1566 /* Create a T_INFO_ACK message. */
1562 1567 mp = tpi_ack_alloc(mp, sizeof (struct T_info_ack), M_PCPROTO,
1563 1568 T_INFO_ACK);
1564 1569 if (!mp)
1565 1570 return;
1566 1571 icmp_copy_info((struct T_info_ack *)mp->b_rptr, icmp);
1567 1572 qreply(q, mp);
1568 1573 }
1569 1574
1570 1575 static int
1571 1576 icmp_tpi_open(queue_t *q, dev_t *devp, int flag, int sflag, cred_t *credp,
1572 1577 int family)
1573 1578 {
1574 1579 conn_t *connp;
1575 1580 dev_t conn_dev;
1576 1581 int error;
1577 1582
1578 1583 /* If the stream is already open, return immediately. */
1579 1584 if (q->q_ptr != NULL)
1580 1585 return (0);
1581 1586
1582 1587 if (sflag == MODOPEN)
1583 1588 return (EINVAL);
1584 1589
1585 1590 /*
1586 1591 * Since ICMP is not used so heavily, allocating from the small
1587 1592 * arena should be sufficient.
1588 1593 */
1589 1594 if ((conn_dev = inet_minor_alloc(ip_minor_arena_sa)) == 0) {
1590 1595 return (EBUSY);
1591 1596 }
1592 1597
1593 1598 if (flag & SO_FALLBACK) {
1594 1599 /*
1595 1600 * Non streams socket needs a stream to fallback to
1596 1601 */
1597 1602 RD(q)->q_ptr = (void *)conn_dev;
1598 1603 WR(q)->q_qinfo = &icmp_fallback_sock_winit;
1599 1604 WR(q)->q_ptr = (void *)ip_minor_arena_sa;
1600 1605 qprocson(q);
1601 1606 return (0);
1602 1607 }
1603 1608
1604 1609 connp = rawip_do_open(family, credp, &error, KM_SLEEP);
1605 1610 if (connp == NULL) {
1606 1611 ASSERT(error != 0);
1607 1612 inet_minor_free(ip_minor_arena_sa, conn_dev);
1608 1613 return (error);
1609 1614 }
1610 1615
1611 1616 *devp = makedevice(getemajor(*devp), (minor_t)conn_dev);
1612 1617 connp->conn_dev = conn_dev;
1613 1618 connp->conn_minor_arena = ip_minor_arena_sa;
1614 1619
1615 1620 /*
1616 1621 * Initialize the icmp_t structure for this stream.
1617 1622 */
1618 1623 q->q_ptr = connp;
1619 1624 WR(q)->q_ptr = connp;
1620 1625 connp->conn_rq = q;
1621 1626 connp->conn_wq = WR(q);
1622 1627
1623 1628 WR(q)->q_hiwat = connp->conn_sndbuf;
1624 1629 WR(q)->q_lowat = connp->conn_sndlowat;
1625 1630
1626 1631 qprocson(q);
1627 1632
1628 1633 /* Set the Stream head write offset. */
1629 1634 (void) proto_set_tx_wroff(q, connp, connp->conn_wroff);
1630 1635 (void) proto_set_rx_hiwat(connp->conn_rq, connp, connp->conn_rcvbuf);
1631 1636
1632 1637 mutex_enter(&connp->conn_lock);
1633 1638 connp->conn_state_flags &= ~CONN_INCIPIENT;
1634 1639 mutex_exit(&connp->conn_lock);
1635 1640
1636 1641 icmp_bind_proto(connp->conn_icmp);
1637 1642
1638 1643 return (0);
1639 1644 }
1640 1645
1641 1646 /* For /dev/icmp aka AF_INET open */
1642 1647 static int
1643 1648 icmp_openv4(queue_t *q, dev_t *devp, int flag, int sflag, cred_t *credp)
1644 1649 {
1645 1650 return (icmp_tpi_open(q, devp, flag, sflag, credp, AF_INET));
1646 1651 }
1647 1652
1648 1653 /* For /dev/icmp6 aka AF_INET6 open */
1649 1654 static int
1650 1655 icmp_openv6(queue_t *q, dev_t *devp, int flag, int sflag, cred_t *credp)
1651 1656 {
1652 1657 return (icmp_tpi_open(q, devp, flag, sflag, credp, AF_INET6));
1653 1658 }
1654 1659
1655 1660 /*
1656 1661 * This is the open routine for icmp. It allocates a icmp_t structure for
1657 1662 * the stream and, on the first open of the module, creates an ND table.
1658 1663 */
1659 1664 static conn_t *
1660 1665 rawip_do_open(int family, cred_t *credp, int *err, int flags)
1661 1666 {
1662 1667 icmp_t *icmp;
1663 1668 conn_t *connp;
1664 1669 zoneid_t zoneid;
1665 1670 netstack_t *ns;
1666 1671 icmp_stack_t *is;
1667 1672 int len;
1668 1673 boolean_t isv6 = B_FALSE;
1669 1674
1670 1675 *err = secpolicy_net_icmpaccess(credp);
1671 1676 if (*err != 0)
1672 1677 return (NULL);
1673 1678
1674 1679 if (family == AF_INET6)
1675 1680 isv6 = B_TRUE;
1676 1681
1677 1682 ns = netstack_find_by_cred(credp);
1678 1683 ASSERT(ns != NULL);
1679 1684 is = ns->netstack_icmp;
1680 1685 ASSERT(is != NULL);
1681 1686
1682 1687 /*
1683 1688 * For exclusive stacks we set the zoneid to zero
1684 1689 * to make ICMP operate as if in the global zone.
1685 1690 */
1686 1691 if (ns->netstack_stackid != GLOBAL_NETSTACKID)
1687 1692 zoneid = GLOBAL_ZONEID;
1688 1693 else
1689 1694 zoneid = crgetzoneid(credp);
1690 1695
1691 1696 ASSERT(flags == KM_SLEEP || flags == KM_NOSLEEP);
1692 1697
1693 1698 connp = ipcl_conn_create(IPCL_RAWIPCONN, flags, ns);
1694 1699 icmp = connp->conn_icmp;
1695 1700
1696 1701 /*
1697 1702 * ipcl_conn_create did a netstack_hold. Undo the hold that was
1698 1703 * done by netstack_find_by_cred()
1699 1704 */
1700 1705 netstack_rele(ns);
1701 1706
1702 1707 /*
1703 1708 * Since this conn_t/icmp_t is not yet visible to anybody else we don't
1704 1709 * need to lock anything.
1705 1710 */
1706 1711 ASSERT(connp->conn_proto == IPPROTO_ICMP);
1707 1712 ASSERT(connp->conn_icmp == icmp);
1708 1713 ASSERT(icmp->icmp_connp == connp);
1709 1714
1710 1715 /* Set the initial state of the stream and the privilege status. */
1711 1716 icmp->icmp_state = TS_UNBND;
1712 1717 connp->conn_ixa->ixa_flags |= IXAF_VERIFY_SOURCE;
1713 1718 if (isv6) {
1714 1719 connp->conn_family = AF_INET6;
1715 1720 connp->conn_ipversion = IPV6_VERSION;
1716 1721 connp->conn_ixa->ixa_flags &= ~IXAF_IS_IPV4;
1717 1722 connp->conn_proto = IPPROTO_ICMPV6;
1718 1723 /* May be changed by a SO_PROTOTYPE socket option. */
1719 1724 connp->conn_proto = IPPROTO_ICMPV6;
1720 1725 connp->conn_ixa->ixa_protocol = connp->conn_proto;
1721 1726 connp->conn_ixa->ixa_raw_cksum_offset = 2;
1722 1727 connp->conn_default_ttl = is->is_ipv6_hoplimit;
1723 1728 len = sizeof (ip6_t);
1724 1729 } else {
1725 1730 connp->conn_family = AF_INET;
1726 1731 connp->conn_ipversion = IPV4_VERSION;
1727 1732 connp->conn_ixa->ixa_flags |= IXAF_IS_IPV4;
1728 1733 /* May be changed by a SO_PROTOTYPE socket option. */
1729 1734 connp->conn_proto = IPPROTO_ICMP;
1730 1735 connp->conn_ixa->ixa_protocol = connp->conn_proto;
1731 1736 connp->conn_default_ttl = is->is_ipv4_ttl;
1732 1737 len = sizeof (ipha_t);
1733 1738 }
1734 1739 connp->conn_xmit_ipp.ipp_unicast_hops = connp->conn_default_ttl;
1735 1740
1736 1741 connp->conn_ixa->ixa_multicast_ttl = IP_DEFAULT_MULTICAST_TTL;
1737 1742
1738 1743 /*
1739 1744 * For the socket of protocol IPPROTO_RAW or when IP_HDRINCL is set,
1740 1745 * the checksum is provided in the pre-built packet. We clear
1741 1746 * IXAF_SET_ULP_CKSUM to tell IP that the application has sent a
1742 1747 * complete IP header and not to compute the transport checksum.
1743 1748 */
1744 1749 connp->conn_ixa->ixa_flags |= IXAF_MULTICAST_LOOP | IXAF_SET_ULP_CKSUM;
1745 1750 /* conn_allzones can not be set this early, hence no IPCL_ZONEID */
1746 1751 connp->conn_ixa->ixa_zoneid = zoneid;
1747 1752
1748 1753 connp->conn_zoneid = zoneid;
1749 1754
1750 1755 /*
1751 1756 * If the caller has the process-wide flag set, then default to MAC
1752 1757 * exempt mode. This allows read-down to unlabeled hosts.
1753 1758 */
1754 1759 if (getpflags(NET_MAC_AWARE, credp) != 0)
1755 1760 connp->conn_mac_mode = CONN_MAC_AWARE;
1756 1761
1757 1762 connp->conn_zone_is_global = (crgetzoneid(credp) == GLOBAL_ZONEID);
1758 1763
1759 1764 icmp->icmp_is = is;
1760 1765
1761 1766 connp->conn_rcvbuf = is->is_recv_hiwat;
1762 1767 connp->conn_sndbuf = is->is_xmit_hiwat;
1763 1768 connp->conn_sndlowat = is->is_xmit_lowat;
1764 1769 connp->conn_rcvlowat = icmp_mod_info.mi_lowat;
1765 1770
1766 1771 connp->conn_wroff = len + is->is_wroff_extra;
1767 1772 connp->conn_so_type = SOCK_RAW;
1768 1773
1769 1774 connp->conn_recv = icmp_input;
1770 1775 connp->conn_recvicmp = icmp_icmp_input;
1771 1776 crhold(credp);
1772 1777 connp->conn_cred = credp;
1773 1778 connp->conn_cpid = curproc->p_pid;
1774 1779 connp->conn_open_time = ddi_get_lbolt64();
1775 1780 /* Cache things in ixa without an extra refhold */
1776 1781 ASSERT(!(connp->conn_ixa->ixa_free_flags & IXA_FREE_CRED));
1777 1782 connp->conn_ixa->ixa_cred = connp->conn_cred;
1778 1783 connp->conn_ixa->ixa_cpid = connp->conn_cpid;
1779 1784 if (is_system_labeled())
1780 1785 connp->conn_ixa->ixa_tsl = crgetlabel(connp->conn_cred);
1781 1786
1782 1787 connp->conn_flow_cntrld = B_FALSE;
1783 1788
1784 1789 if (is->is_pmtu_discovery)
1785 1790 connp->conn_ixa->ixa_flags |= IXAF_PMTU_DISCOVERY;
1786 1791
1787 1792 return (connp);
1788 1793 }
1789 1794
1790 1795 /*
1791 1796 * Which ICMP options OK to set through T_UNITDATA_REQ...
1792 1797 */
1793 1798 /* ARGSUSED */
1794 1799 static boolean_t
1795 1800 icmp_opt_allow_udr_set(t_scalar_t level, t_scalar_t name)
1796 1801 {
1797 1802 return (B_TRUE);
1798 1803 }
1799 1804
1800 1805 /*
1801 1806 * This routine gets default values of certain options whose default
1802 1807 * values are maintained by protcol specific code
1803 1808 */
1804 1809 int
1805 1810 icmp_opt_default(queue_t *q, t_scalar_t level, t_scalar_t name, uchar_t *ptr)
1806 1811 {
1807 1812 icmp_t *icmp = Q_TO_ICMP(q);
1808 1813 icmp_stack_t *is = icmp->icmp_is;
1809 1814 int *i1 = (int *)ptr;
1810 1815
1811 1816 switch (level) {
1812 1817 case IPPROTO_IP:
1813 1818 switch (name) {
1814 1819 case IP_MULTICAST_TTL:
1815 1820 *ptr = (uchar_t)IP_DEFAULT_MULTICAST_TTL;
1816 1821 return (sizeof (uchar_t));
1817 1822 case IP_MULTICAST_LOOP:
1818 1823 *ptr = (uchar_t)IP_DEFAULT_MULTICAST_LOOP;
1819 1824 return (sizeof (uchar_t));
1820 1825 }
1821 1826 break;
1822 1827 case IPPROTO_IPV6:
1823 1828 switch (name) {
1824 1829 case IPV6_MULTICAST_HOPS:
1825 1830 *i1 = IP_DEFAULT_MULTICAST_TTL;
1826 1831 return (sizeof (int));
1827 1832 case IPV6_MULTICAST_LOOP:
1828 1833 *i1 = IP_DEFAULT_MULTICAST_LOOP;
1829 1834 return (sizeof (int));
1830 1835 case IPV6_UNICAST_HOPS:
1831 1836 *i1 = is->is_ipv6_hoplimit;
1832 1837 return (sizeof (int));
1833 1838 }
1834 1839 break;
1835 1840 case IPPROTO_ICMPV6:
1836 1841 switch (name) {
1837 1842 case ICMP6_FILTER:
1838 1843 /* Make it look like "pass all" */
1839 1844 ICMP6_FILTER_SETPASSALL((icmp6_filter_t *)ptr);
1840 1845 return (sizeof (icmp6_filter_t));
1841 1846 }
1842 1847 break;
1843 1848 }
1844 1849 return (-1);
1845 1850 }
1846 1851
1847 1852 /*
1848 1853 * This routine retrieves the current status of socket options.
1849 1854 * It returns the size of the option retrieved, or -1.
1850 1855 */
1851 1856 int
1852 1857 icmp_opt_get(conn_t *connp, int level, int name, uchar_t *ptr)
1853 1858 {
1854 1859 icmp_t *icmp = connp->conn_icmp;
1855 1860 int *i1 = (int *)ptr;
1856 1861 conn_opt_arg_t coas;
1857 1862 int retval;
1858 1863
1859 1864 coas.coa_connp = connp;
1860 1865 coas.coa_ixa = connp->conn_ixa;
1861 1866 coas.coa_ipp = &connp->conn_xmit_ipp;
1862 1867 coas.coa_ancillary = B_FALSE;
1863 1868 coas.coa_changed = 0;
1864 1869
1865 1870 /*
1866 1871 * We assume that the optcom framework has checked for the set
1867 1872 * of levels and names that are supported, hence we don't worry
1868 1873 * about rejecting based on that.
1869 1874 * First check for ICMP specific handling, then pass to common routine.
1870 1875 */
1871 1876 switch (level) {
1872 1877 case IPPROTO_IP:
1873 1878 /*
1874 1879 * Only allow IPv4 option processing on IPv4 sockets.
1875 1880 */
1876 1881 if (connp->conn_family != AF_INET)
1877 1882 return (-1);
1878 1883
1879 1884 switch (name) {
1880 1885 case IP_OPTIONS:
1881 1886 case T_IP_OPTIONS:
1882 1887 /* Options are passed up with each packet */
1883 1888 return (0);
1884 1889 case IP_HDRINCL:
1885 1890 mutex_enter(&connp->conn_lock);
1886 1891 *i1 = (int)icmp->icmp_hdrincl;
1887 1892 mutex_exit(&connp->conn_lock);
1888 1893 return (sizeof (int));
1889 1894 }
1890 1895 break;
1891 1896
1892 1897 case IPPROTO_IPV6:
1893 1898 /*
1894 1899 * Only allow IPv6 option processing on native IPv6 sockets.
1895 1900 */
1896 1901 if (connp->conn_family != AF_INET6)
1897 1902 return (-1);
1898 1903
1899 1904 switch (name) {
1900 1905 case IPV6_CHECKSUM:
1901 1906 /*
1902 1907 * Return offset or -1 if no checksum offset.
1903 1908 * Does not apply to IPPROTO_ICMPV6
1904 1909 */
1905 1910 if (connp->conn_proto == IPPROTO_ICMPV6)
1906 1911 return (-1);
1907 1912
1908 1913 mutex_enter(&connp->conn_lock);
1909 1914 if (connp->conn_ixa->ixa_flags & IXAF_SET_RAW_CKSUM)
1910 1915 *i1 = connp->conn_ixa->ixa_raw_cksum_offset;
1911 1916 else
1912 1917 *i1 = -1;
1913 1918 mutex_exit(&connp->conn_lock);
1914 1919 return (sizeof (int));
1915 1920 }
1916 1921 break;
1917 1922
1918 1923 case IPPROTO_ICMPV6:
1919 1924 /*
1920 1925 * Only allow IPv6 option processing on native IPv6 sockets.
1921 1926 */
1922 1927 if (connp->conn_family != AF_INET6)
1923 1928 return (-1);
1924 1929
1925 1930 if (connp->conn_proto != IPPROTO_ICMPV6)
1926 1931 return (-1);
1927 1932
1928 1933 switch (name) {
1929 1934 case ICMP6_FILTER:
1930 1935 mutex_enter(&connp->conn_lock);
1931 1936 if (icmp->icmp_filter == NULL) {
1932 1937 /* Make it look like "pass all" */
1933 1938 ICMP6_FILTER_SETPASSALL((icmp6_filter_t *)ptr);
1934 1939 } else {
1935 1940 (void) bcopy(icmp->icmp_filter, ptr,
1936 1941 sizeof (icmp6_filter_t));
1937 1942 }
1938 1943 mutex_exit(&connp->conn_lock);
1939 1944 return (sizeof (icmp6_filter_t));
1940 1945 }
1941 1946 }
1942 1947 mutex_enter(&connp->conn_lock);
1943 1948 retval = conn_opt_get(&coas, level, name, ptr);
1944 1949 mutex_exit(&connp->conn_lock);
1945 1950 return (retval);
1946 1951 }
1947 1952
1948 1953 /*
1949 1954 * This routine retrieves the current status of socket options.
1950 1955 * It returns the size of the option retrieved, or -1.
1951 1956 */
1952 1957 int
1953 1958 icmp_tpi_opt_get(queue_t *q, int level, int name, uchar_t *ptr)
1954 1959 {
1955 1960 conn_t *connp = Q_TO_CONN(q);
1956 1961 int err;
1957 1962
1958 1963 err = icmp_opt_get(connp, level, name, ptr);
1959 1964 return (err);
1960 1965 }
1961 1966
1962 1967 /*
1963 1968 * This routine sets socket options.
1964 1969 */
1965 1970 int
1966 1971 icmp_do_opt_set(conn_opt_arg_t *coa, int level, int name,
1967 1972 uint_t inlen, uchar_t *invalp, cred_t *cr, boolean_t checkonly)
1968 1973 {
1969 1974 conn_t *connp = coa->coa_connp;
1970 1975 ip_xmit_attr_t *ixa = coa->coa_ixa;
1971 1976 icmp_t *icmp = connp->conn_icmp;
1972 1977 icmp_stack_t *is = icmp->icmp_is;
1973 1978 int *i1 = (int *)invalp;
1974 1979 boolean_t onoff = (*i1 == 0) ? 0 : 1;
1975 1980 int error;
1976 1981
1977 1982 ASSERT(MUTEX_NOT_HELD(&coa->coa_connp->conn_lock));
1978 1983
1979 1984 /*
1980 1985 * For fixed length options, no sanity check
1981 1986 * of passed in length is done. It is assumed *_optcom_req()
1982 1987 * routines do the right thing.
1983 1988 */
1984 1989
1985 1990 switch (level) {
1986 1991 case SOL_SOCKET:
1987 1992 switch (name) {
1988 1993 case SO_PROTOTYPE:
1989 1994 if ((*i1 & 0xFF) != IPPROTO_ICMP &&
1990 1995 (*i1 & 0xFF) != IPPROTO_ICMPV6 &&
1991 1996 secpolicy_net_rawaccess(cr) != 0) {
1992 1997 return (EACCES);
1993 1998 }
1994 1999 if (checkonly)
1995 2000 break;
1996 2001
1997 2002 mutex_enter(&connp->conn_lock);
1998 2003 connp->conn_proto = *i1 & 0xFF;
1999 2004 ixa->ixa_protocol = connp->conn_proto;
2000 2005 if ((connp->conn_proto == IPPROTO_RAW ||
2001 2006 connp->conn_proto == IPPROTO_IGMP) &&
2002 2007 connp->conn_family == AF_INET) {
2003 2008 icmp->icmp_hdrincl = 1;
2004 2009 ixa->ixa_flags &= ~IXAF_SET_ULP_CKSUM;
2005 2010 } else if (connp->conn_proto == IPPROTO_UDP ||
2006 2011 connp->conn_proto == IPPROTO_TCP ||
2007 2012 connp->conn_proto == IPPROTO_SCTP) {
2008 2013 /* Used by test applications like psh */
2009 2014 icmp->icmp_hdrincl = 0;
2010 2015 ixa->ixa_flags &= ~IXAF_SET_ULP_CKSUM;
2011 2016 } else {
2012 2017 icmp->icmp_hdrincl = 0;
2013 2018 ixa->ixa_flags |= IXAF_SET_ULP_CKSUM;
2014 2019 }
2015 2020
2016 2021 if (connp->conn_family == AF_INET6 &&
2017 2022 connp->conn_proto == IPPROTO_ICMPV6) {
2018 2023 /* Set offset for icmp6_cksum */
2019 2024 ixa->ixa_flags &= ~IXAF_SET_RAW_CKSUM;
2020 2025 ixa->ixa_raw_cksum_offset = 2;
2021 2026 }
2022 2027 if (icmp->icmp_filter != NULL &&
2023 2028 connp->conn_proto != IPPROTO_ICMPV6) {
2024 2029 kmem_free(icmp->icmp_filter,
2025 2030 sizeof (icmp6_filter_t));
2026 2031 icmp->icmp_filter = NULL;
2027 2032 }
2028 2033 mutex_exit(&connp->conn_lock);
2029 2034
2030 2035 coa->coa_changed |= COA_HEADER_CHANGED;
2031 2036 /*
2032 2037 * For SCTP, we don't use icmp_bind_proto() for
2033 2038 * raw socket binding.
2034 2039 */
2035 2040 if (connp->conn_proto == IPPROTO_SCTP)
2036 2041 return (0);
2037 2042
2038 2043 coa->coa_changed |= COA_ICMP_BIND_NEEDED;
2039 2044 return (0);
2040 2045
2041 2046 case SO_SNDBUF:
2042 2047 if (*i1 > is->is_max_buf) {
2043 2048 return (ENOBUFS);
2044 2049 }
2045 2050 break;
2046 2051 case SO_RCVBUF:
2047 2052 if (*i1 > is->is_max_buf) {
2048 2053 return (ENOBUFS);
2049 2054 }
2050 2055 break;
2051 2056 }
2052 2057 break;
2053 2058
2054 2059 case IPPROTO_IP:
2055 2060 /*
2056 2061 * Only allow IPv4 option processing on IPv4 sockets.
2057 2062 */
2058 2063 if (connp->conn_family != AF_INET)
2059 2064 return (EINVAL);
2060 2065
2061 2066 switch (name) {
2062 2067 case IP_HDRINCL:
2063 2068 if (!checkonly) {
2064 2069 mutex_enter(&connp->conn_lock);
2065 2070 icmp->icmp_hdrincl = onoff;
2066 2071 if (onoff)
2067 2072 ixa->ixa_flags &= ~IXAF_SET_ULP_CKSUM;
2068 2073 else
2069 2074 ixa->ixa_flags |= IXAF_SET_ULP_CKSUM;
2070 2075 mutex_exit(&connp->conn_lock);
2071 2076 }
2072 2077 break;
2073 2078 }
2074 2079 break;
2075 2080
2076 2081 case IPPROTO_IPV6:
2077 2082 if (connp->conn_family != AF_INET6)
2078 2083 return (EINVAL);
2079 2084
2080 2085 switch (name) {
2081 2086 case IPV6_CHECKSUM:
2082 2087 /*
2083 2088 * Integer offset into the user data of where the
2084 2089 * checksum is located.
2085 2090 * Offset of -1 disables option.
2086 2091 * Does not apply to IPPROTO_ICMPV6.
2087 2092 */
2088 2093 if (connp->conn_proto == IPPROTO_ICMPV6 ||
2089 2094 coa->coa_ancillary) {
2090 2095 return (EINVAL);
2091 2096 }
2092 2097 if ((*i1 != -1) && ((*i1 < 0) || (*i1 & 0x1) != 0)) {
2093 2098 /* Negative or not 16 bit aligned offset */
2094 2099 return (EINVAL);
2095 2100 }
2096 2101 if (checkonly)
2097 2102 break;
2098 2103
2099 2104 mutex_enter(&connp->conn_lock);
2100 2105 if (*i1 == -1) {
2101 2106 ixa->ixa_flags &= ~IXAF_SET_RAW_CKSUM;
2102 2107 ixa->ixa_raw_cksum_offset = 0;
2103 2108 ixa->ixa_flags &= ~IXAF_SET_ULP_CKSUM;
2104 2109 } else {
2105 2110 ixa->ixa_flags |= IXAF_SET_RAW_CKSUM;
2106 2111 ixa->ixa_raw_cksum_offset = *i1;
2107 2112 ixa->ixa_flags |= IXAF_SET_ULP_CKSUM;
2108 2113 }
2109 2114 mutex_exit(&connp->conn_lock);
2110 2115 break;
2111 2116 }
2112 2117 break;
2113 2118
2114 2119 case IPPROTO_ICMPV6:
2115 2120 /*
2116 2121 * Only allow IPv6 option processing on IPv6 sockets.
2117 2122 */
2118 2123 if (connp->conn_family != AF_INET6)
2119 2124 return (EINVAL);
2120 2125 if (connp->conn_proto != IPPROTO_ICMPV6)
2121 2126 return (EINVAL);
2122 2127
2123 2128 switch (name) {
2124 2129 case ICMP6_FILTER:
2125 2130 if (checkonly)
2126 2131 break;
2127 2132
2128 2133 if ((inlen != 0) &&
2129 2134 (inlen != sizeof (icmp6_filter_t)))
2130 2135 return (EINVAL);
2131 2136
2132 2137 mutex_enter(&connp->conn_lock);
2133 2138 if (inlen == 0) {
2134 2139 if (icmp->icmp_filter != NULL) {
2135 2140 kmem_free(icmp->icmp_filter,
2136 2141 sizeof (icmp6_filter_t));
2137 2142 icmp->icmp_filter = NULL;
2138 2143 }
2139 2144 } else {
2140 2145 if (icmp->icmp_filter == NULL) {
2141 2146 icmp->icmp_filter = kmem_alloc(
2142 2147 sizeof (icmp6_filter_t),
2143 2148 KM_NOSLEEP);
2144 2149 if (icmp->icmp_filter == NULL) {
2145 2150 mutex_exit(&connp->conn_lock);
2146 2151 return (ENOBUFS);
2147 2152 }
2148 2153 }
2149 2154 (void) bcopy(invalp, icmp->icmp_filter, inlen);
2150 2155 }
2151 2156 mutex_exit(&connp->conn_lock);
2152 2157 break;
2153 2158 }
2154 2159 break;
2155 2160 }
2156 2161 error = conn_opt_set(coa, level, name, inlen, invalp,
2157 2162 checkonly, cr);
2158 2163 return (error);
2159 2164 }
2160 2165
2161 2166 /*
2162 2167 * This routine sets socket options.
2163 2168 */
2164 2169 int
2165 2170 icmp_opt_set(conn_t *connp, uint_t optset_context, int level, int name,
2166 2171 uint_t inlen, uchar_t *invalp, uint_t *outlenp, uchar_t *outvalp,
2167 2172 void *thisdg_attrs, cred_t *cr)
2168 2173 {
2169 2174 icmp_t *icmp = connp->conn_icmp;
2170 2175 int err;
2171 2176 conn_opt_arg_t coas, *coa;
2172 2177 boolean_t checkonly;
2173 2178 icmp_stack_t *is = icmp->icmp_is;
2174 2179
2175 2180 switch (optset_context) {
2176 2181 case SETFN_OPTCOM_CHECKONLY:
2177 2182 checkonly = B_TRUE;
2178 2183 /*
2179 2184 * Note: Implies T_CHECK semantics for T_OPTCOM_REQ
2180 2185 * inlen != 0 implies value supplied and
2181 2186 * we have to "pretend" to set it.
2182 2187 * inlen == 0 implies that there is no
2183 2188 * value part in T_CHECK request and just validation
2184 2189 * done elsewhere should be enough, we just return here.
2185 2190 */
2186 2191 if (inlen == 0) {
2187 2192 *outlenp = 0;
2188 2193 return (0);
2189 2194 }
2190 2195 break;
2191 2196 case SETFN_OPTCOM_NEGOTIATE:
2192 2197 checkonly = B_FALSE;
2193 2198 break;
2194 2199 case SETFN_UD_NEGOTIATE:
2195 2200 case SETFN_CONN_NEGOTIATE:
2196 2201 checkonly = B_FALSE;
2197 2202 /*
2198 2203 * Negotiating local and "association-related" options
2199 2204 * through T_UNITDATA_REQ.
2200 2205 *
2201 2206 * Following routine can filter out ones we do not
2202 2207 * want to be "set" this way.
2203 2208 */
2204 2209 if (!icmp_opt_allow_udr_set(level, name)) {
2205 2210 *outlenp = 0;
2206 2211 return (EINVAL);
2207 2212 }
2208 2213 break;
2209 2214 default:
2210 2215 /*
2211 2216 * We should never get here
2212 2217 */
2213 2218 *outlenp = 0;
2214 2219 return (EINVAL);
2215 2220 }
2216 2221
2217 2222 ASSERT((optset_context != SETFN_OPTCOM_CHECKONLY) ||
2218 2223 (optset_context == SETFN_OPTCOM_CHECKONLY && inlen != 0));
2219 2224
2220 2225 if (thisdg_attrs != NULL) {
2221 2226 /* Options from T_UNITDATA_REQ */
2222 2227 coa = (conn_opt_arg_t *)thisdg_attrs;
2223 2228 ASSERT(coa->coa_connp == connp);
2224 2229 ASSERT(coa->coa_ixa != NULL);
2225 2230 ASSERT(coa->coa_ipp != NULL);
2226 2231 ASSERT(coa->coa_ancillary);
2227 2232 } else {
2228 2233 coa = &coas;
2229 2234 coas.coa_connp = connp;
2230 2235 /* Get a reference on conn_ixa to prevent concurrent mods */
2231 2236 coas.coa_ixa = conn_get_ixa(connp, B_TRUE);
2232 2237 if (coas.coa_ixa == NULL) {
2233 2238 *outlenp = 0;
2234 2239 return (ENOMEM);
2235 2240 }
2236 2241 coas.coa_ipp = &connp->conn_xmit_ipp;
2237 2242 coas.coa_ancillary = B_FALSE;
2238 2243 coas.coa_changed = 0;
2239 2244 }
2240 2245
2241 2246 err = icmp_do_opt_set(coa, level, name, inlen, invalp,
2242 2247 cr, checkonly);
2243 2248 if (err != 0) {
2244 2249 errout:
2245 2250 if (!coa->coa_ancillary)
2246 2251 ixa_refrele(coa->coa_ixa);
2247 2252 *outlenp = 0;
2248 2253 return (err);
2249 2254 }
2250 2255
2251 2256 /*
2252 2257 * Common case of OK return with outval same as inval.
2253 2258 */
2254 2259 if (invalp != outvalp) {
2255 2260 /* don't trust bcopy for identical src/dst */
2256 2261 (void) bcopy(invalp, outvalp, inlen);
2257 2262 }
2258 2263 *outlenp = inlen;
2259 2264
2260 2265 /*
2261 2266 * If this was not ancillary data, then we rebuild the headers,
2262 2267 * update the IRE/NCE, and IPsec as needed.
2263 2268 * Since the label depends on the destination we go through
2264 2269 * ip_set_destination first.
2265 2270 */
2266 2271 if (coa->coa_ancillary) {
2267 2272 return (0);
2268 2273 }
2269 2274
2270 2275 if (coa->coa_changed & COA_ROUTE_CHANGED) {
2271 2276 in6_addr_t saddr, faddr, nexthop;
2272 2277 in_port_t fport;
2273 2278
2274 2279 /*
2275 2280 * We clear lastdst to make sure we pick up the change
2276 2281 * next time sending.
2277 2282 * If we are connected we re-cache the information.
2278 2283 * We ignore errors to preserve BSD behavior.
2279 2284 * Note that we don't redo IPsec policy lookup here
2280 2285 * since the final destination (or source) didn't change.
2281 2286 */
2282 2287 mutex_enter(&connp->conn_lock);
2283 2288 connp->conn_v6lastdst = ipv6_all_zeros;
2284 2289
2285 2290 ip_attr_nexthop(coa->coa_ipp, coa->coa_ixa,
2286 2291 &connp->conn_faddr_v6, &nexthop);
2287 2292 saddr = connp->conn_saddr_v6;
2288 2293 faddr = connp->conn_faddr_v6;
2289 2294 fport = connp->conn_fport;
2290 2295 mutex_exit(&connp->conn_lock);
2291 2296
2292 2297 if (!IN6_IS_ADDR_UNSPECIFIED(&faddr) &&
2293 2298 !IN6_IS_ADDR_V4MAPPED_ANY(&faddr)) {
2294 2299 (void) ip_attr_connect(connp, coa->coa_ixa,
2295 2300 &saddr, &faddr, &nexthop, fport, NULL, NULL,
2296 2301 IPDF_ALLOW_MCBC | IPDF_VERIFY_DST);
2297 2302 }
2298 2303 }
2299 2304
2300 2305 ixa_refrele(coa->coa_ixa);
2301 2306
2302 2307 if (coa->coa_changed & COA_HEADER_CHANGED) {
2303 2308 /*
2304 2309 * Rebuild the header template if we are connected.
2305 2310 * Otherwise clear conn_v6lastdst so we rebuild the header
2306 2311 * in the data path.
2307 2312 */
2308 2313 mutex_enter(&connp->conn_lock);
2309 2314 if (!IN6_IS_ADDR_UNSPECIFIED(&connp->conn_faddr_v6) &&
2310 2315 !IN6_IS_ADDR_V4MAPPED_ANY(&connp->conn_faddr_v6)) {
2311 2316 err = icmp_build_hdr_template(connp,
2312 2317 &connp->conn_saddr_v6, &connp->conn_faddr_v6,
2313 2318 connp->conn_flowinfo);
2314 2319 if (err != 0) {
2315 2320 mutex_exit(&connp->conn_lock);
2316 2321 return (err);
2317 2322 }
2318 2323 } else {
2319 2324 connp->conn_v6lastdst = ipv6_all_zeros;
2320 2325 }
2321 2326 mutex_exit(&connp->conn_lock);
2322 2327 }
2323 2328 if (coa->coa_changed & COA_RCVBUF_CHANGED) {
2324 2329 (void) proto_set_rx_hiwat(connp->conn_rq, connp,
2325 2330 connp->conn_rcvbuf);
2326 2331 }
2327 2332 if ((coa->coa_changed & COA_SNDBUF_CHANGED) && !IPCL_IS_NONSTR(connp)) {
2328 2333 connp->conn_wq->q_hiwat = connp->conn_sndbuf;
2329 2334 }
2330 2335 if (coa->coa_changed & COA_WROFF_CHANGED) {
2331 2336 /* Increase wroff if needed */
2332 2337 uint_t wroff;
2333 2338
2334 2339 mutex_enter(&connp->conn_lock);
2335 2340 wroff = connp->conn_ht_iphc_allocated + is->is_wroff_extra;
2336 2341 if (wroff > connp->conn_wroff) {
2337 2342 connp->conn_wroff = wroff;
2338 2343 mutex_exit(&connp->conn_lock);
2339 2344 (void) proto_set_tx_wroff(connp->conn_rq, connp, wroff);
2340 2345 } else {
2341 2346 mutex_exit(&connp->conn_lock);
2342 2347 }
2343 2348 }
2344 2349 if (coa->coa_changed & COA_ICMP_BIND_NEEDED) {
2345 2350 icmp_bind_proto(icmp);
2346 2351 }
2347 2352 return (err);
2348 2353 }
2349 2354
2350 2355 /* This routine sets socket options. */
2351 2356 int
2352 2357 icmp_tpi_opt_set(queue_t *q, uint_t optset_context, int level, int name,
2353 2358 uint_t inlen, uchar_t *invalp, uint_t *outlenp, uchar_t *outvalp,
2354 2359 void *thisdg_attrs, cred_t *cr)
2355 2360 {
2356 2361 conn_t *connp = Q_TO_CONN(q);
2357 2362 int error;
2358 2363
2359 2364 error = icmp_opt_set(connp, optset_context, level, name, inlen, invalp,
2360 2365 outlenp, outvalp, thisdg_attrs, cr);
2361 2366 return (error);
2362 2367 }
2363 2368
2364 2369 /*
2365 2370 * Setup IP headers.
2366 2371 *
2367 2372 * Note that IP_HDRINCL has ipha_protocol that is different than conn_proto,
2368 2373 * but icmp_output_hdrincl restores ipha_protocol once we return.
2369 2374 */
2370 2375 mblk_t *
2371 2376 icmp_prepend_hdr(conn_t *connp, ip_xmit_attr_t *ixa, const ip_pkt_t *ipp,
2372 2377 const in6_addr_t *v6src, const in6_addr_t *v6dst, uint32_t flowinfo,
2373 2378 mblk_t *data_mp, int *errorp)
2374 2379 {
2375 2380 mblk_t *mp;
2376 2381 icmp_stack_t *is = connp->conn_netstack->netstack_icmp;
2377 2382 uint_t data_len;
2378 2383 uint32_t cksum;
2379 2384
2380 2385 data_len = msgdsize(data_mp);
2381 2386 mp = conn_prepend_hdr(ixa, ipp, v6src, v6dst, connp->conn_proto,
2382 2387 flowinfo, 0, data_mp, data_len, is->is_wroff_extra, &cksum, errorp);
2383 2388 if (mp == NULL) {
2384 2389 ASSERT(*errorp != 0);
2385 2390 return (NULL);
2386 2391 }
2387 2392
2388 2393 ixa->ixa_pktlen = data_len + ixa->ixa_ip_hdr_length;
2389 2394
2390 2395 /*
2391 2396 * If there was a routing option/header then conn_prepend_hdr
2392 2397 * has massaged it and placed the pseudo-header checksum difference
2393 2398 * in the cksum argument.
2394 2399 *
2395 2400 * Prepare for ICMPv6 checksum done in IP.
2396 2401 *
2397 2402 * We make it easy for IP to include our pseudo header
2398 2403 * by putting our length (and any routing header adjustment)
2399 2404 * in the ICMPv6 checksum field.
2400 2405 * The IP source, destination, and length have already been set by
2401 2406 * conn_prepend_hdr.
2402 2407 */
2403 2408 cksum += data_len;
2404 2409 cksum = (cksum >> 16) + (cksum & 0xFFFF);
2405 2410 ASSERT(cksum < 0x10000);
2406 2411
2407 2412 if (ixa->ixa_flags & IXAF_IS_IPV4) {
2408 2413 ipha_t *ipha = (ipha_t *)mp->b_rptr;
2409 2414
2410 2415 ASSERT(ntohs(ipha->ipha_length) == ixa->ixa_pktlen);
2411 2416 } else {
2412 2417 ip6_t *ip6h = (ip6_t *)mp->b_rptr;
2413 2418 uint_t cksum_offset = 0;
2414 2419
2415 2420 ASSERT(ntohs(ip6h->ip6_plen) + IPV6_HDR_LEN == ixa->ixa_pktlen);
2416 2421
2417 2422 if (ixa->ixa_flags & IXAF_SET_ULP_CKSUM) {
2418 2423 if (connp->conn_proto == IPPROTO_ICMPV6) {
2419 2424 cksum_offset = ixa->ixa_ip_hdr_length +
2420 2425 offsetof(icmp6_t, icmp6_cksum);
2421 2426 } else if (ixa->ixa_flags & IXAF_SET_RAW_CKSUM) {
2422 2427 cksum_offset = ixa->ixa_ip_hdr_length +
2423 2428 ixa->ixa_raw_cksum_offset;
2424 2429 }
2425 2430 }
2426 2431 if (cksum_offset != 0) {
2427 2432 uint16_t *ptr;
2428 2433
2429 2434 /* Make sure the checksum fits in the first mblk */
2430 2435 if (cksum_offset + sizeof (short) > MBLKL(mp)) {
2431 2436 mblk_t *mp1;
2432 2437
2433 2438 mp1 = msgpullup(mp,
2434 2439 cksum_offset + sizeof (short));
2435 2440 freemsg(mp);
2436 2441 if (mp1 == NULL) {
2437 2442 *errorp = ENOMEM;
2438 2443 return (NULL);
2439 2444 }
2440 2445 mp = mp1;
2441 2446 ip6h = (ip6_t *)mp->b_rptr;
2442 2447 }
2443 2448 ptr = (uint16_t *)(mp->b_rptr + cksum_offset);
2444 2449 *ptr = htons(cksum);
2445 2450 }
2446 2451 }
2447 2452
2448 2453 /* Note that we don't try to update wroff due to ancillary data */
2449 2454 return (mp);
2450 2455 }
2451 2456
2452 2457 static int
2453 2458 icmp_build_hdr_template(conn_t *connp, const in6_addr_t *v6src,
2454 2459 const in6_addr_t *v6dst, uint32_t flowinfo)
2455 2460 {
2456 2461 int error;
2457 2462
2458 2463 ASSERT(MUTEX_HELD(&connp->conn_lock));
2459 2464 /*
2460 2465 * We clear lastdst to make sure we don't use the lastdst path
2461 2466 * next time sending since we might not have set v6dst yet.
2462 2467 */
2463 2468 connp->conn_v6lastdst = ipv6_all_zeros;
2464 2469
2465 2470 error = conn_build_hdr_template(connp, 0, 0, v6src, v6dst, flowinfo);
2466 2471 if (error != 0)
2467 2472 return (error);
2468 2473
2469 2474 /*
2470 2475 * Any routing header/option has been massaged. The checksum difference
2471 2476 * is stored in conn_sum.
2472 2477 */
2473 2478 return (0);
2474 2479 }
2475 2480
2476 2481 static mblk_t *
2477 2482 icmp_queue_fallback(icmp_t *icmp, mblk_t *mp)
2478 2483 {
2479 2484 ASSERT(MUTEX_HELD(&icmp->icmp_recv_lock));
2480 2485 if (IPCL_IS_NONSTR(icmp->icmp_connp)) {
2481 2486 /*
2482 2487 * fallback has started but messages have not been moved yet
2483 2488 */
2484 2489 if (icmp->icmp_fallback_queue_head == NULL) {
2485 2490 ASSERT(icmp->icmp_fallback_queue_tail == NULL);
2486 2491 icmp->icmp_fallback_queue_head = mp;
2487 2492 icmp->icmp_fallback_queue_tail = mp;
2488 2493 } else {
2489 2494 ASSERT(icmp->icmp_fallback_queue_tail != NULL);
2490 2495 icmp->icmp_fallback_queue_tail->b_next = mp;
2491 2496 icmp->icmp_fallback_queue_tail = mp;
2492 2497 }
2493 2498 return (NULL);
2494 2499 } else {
2495 2500 /*
2496 2501 * Fallback completed, let the caller putnext() the mblk.
2497 2502 */
2498 2503 return (mp);
2499 2504 }
2500 2505 }
2501 2506
2502 2507 /*
2503 2508 * Deliver data to ULP. In case we have a socket, and it's falling back to
2504 2509 * TPI, then we'll queue the mp for later processing.
2505 2510 */
2506 2511 static void
2507 2512 icmp_ulp_recv(conn_t *connp, mblk_t *mp, uint_t len)
2508 2513 {
2509 2514 if (IPCL_IS_NONSTR(connp)) {
2510 2515 icmp_t *icmp = connp->conn_icmp;
2511 2516 int error;
2512 2517
2513 2518 ASSERT(len == msgdsize(mp));
2514 2519 if ((*connp->conn_upcalls->su_recv)
2515 2520 (connp->conn_upper_handle, mp, len, 0, &error, NULL) < 0) {
2516 2521 mutex_enter(&icmp->icmp_recv_lock);
2517 2522 if (error == ENOSPC) {
2518 2523 /*
2519 2524 * let's confirm while holding the lock
2520 2525 */
2521 2526 if ((*connp->conn_upcalls->su_recv)
2522 2527 (connp->conn_upper_handle, NULL, 0, 0,
2523 2528 &error, NULL) < 0) {
2524 2529 ASSERT(error == ENOSPC);
2525 2530 if (error == ENOSPC) {
2526 2531 connp->conn_flow_cntrld =
2527 2532 B_TRUE;
2528 2533 }
2529 2534 }
2530 2535 mutex_exit(&icmp->icmp_recv_lock);
2531 2536 } else {
2532 2537 ASSERT(error == EOPNOTSUPP);
2533 2538 mp = icmp_queue_fallback(icmp, mp);
2534 2539 mutex_exit(&icmp->icmp_recv_lock);
2535 2540 if (mp != NULL)
2536 2541 putnext(connp->conn_rq, mp);
2537 2542 }
2538 2543 }
2539 2544 ASSERT(MUTEX_NOT_HELD(&icmp->icmp_recv_lock));
2540 2545 } else {
2541 2546 putnext(connp->conn_rq, mp);
2542 2547 }
2543 2548 }
2544 2549
2545 2550 /*
2546 2551 * This is the inbound data path.
2547 2552 * IP has already pulled up the IP headers and verified alignment
2548 2553 * etc.
2549 2554 */
2550 2555 /* ARGSUSED2 */
2551 2556 static void
2552 2557 icmp_input(void *arg1, mblk_t *mp, void *arg2, ip_recv_attr_t *ira)
2553 2558 {
2554 2559 conn_t *connp = (conn_t *)arg1;
2555 2560 struct T_unitdata_ind *tudi;
2556 2561 uchar_t *rptr; /* Pointer to IP header */
2557 2562 int ip_hdr_length;
2558 2563 int udi_size; /* Size of T_unitdata_ind */
2559 2564 int pkt_len;
2560 2565 icmp_t *icmp;
2561 2566 ip_pkt_t ipps;
2562 2567 ip6_t *ip6h;
2563 2568 mblk_t *mp1;
2564 2569 crb_t recv_ancillary;
2565 2570 icmp_stack_t *is;
2566 2571 sin_t *sin;
2567 2572 sin6_t *sin6;
2568 2573 ipha_t *ipha;
2569 2574
2570 2575 ASSERT(connp->conn_flags & IPCL_RAWIPCONN);
2571 2576
2572 2577 icmp = connp->conn_icmp;
2573 2578 is = icmp->icmp_is;
2574 2579 rptr = mp->b_rptr;
2575 2580
2576 2581 ASSERT(DB_TYPE(mp) == M_DATA);
2577 2582 ASSERT(OK_32PTR(rptr));
2578 2583 ASSERT(ira->ira_pktlen == msgdsize(mp));
2579 2584 pkt_len = ira->ira_pktlen;
2580 2585
2581 2586 /*
2582 2587 * Get a snapshot of these and allow other threads to change
2583 2588 * them after that. We need the same recv_ancillary when determining
2584 2589 * the size as when adding the ancillary data items.
2585 2590 */
2586 2591 mutex_enter(&connp->conn_lock);
2587 2592 recv_ancillary = connp->conn_recv_ancillary;
2588 2593 mutex_exit(&connp->conn_lock);
2589 2594
2590 2595 ip_hdr_length = ira->ira_ip_hdr_length;
2591 2596 ASSERT(MBLKL(mp) >= ip_hdr_length); /* IP did a pullup */
2592 2597
2593 2598 /* Initialize regardless of IP version */
2594 2599 ipps.ipp_fields = 0;
2595 2600
2596 2601 if (ira->ira_flags & IRAF_IS_IPV4) {
2597 2602 ASSERT(IPH_HDR_VERSION(rptr) == IPV4_VERSION);
2598 2603 ASSERT(MBLKL(mp) >= sizeof (ipha_t));
2599 2604 ASSERT(ira->ira_ip_hdr_length == IPH_HDR_LENGTH(rptr));
2600 2605
2601 2606 ipha = (ipha_t *)mp->b_rptr;
2602 2607 if (recv_ancillary.crb_all != 0)
2603 2608 (void) ip_find_hdr_v4(ipha, &ipps, B_FALSE);
2604 2609
2605 2610 /*
2606 2611 * BSD for some reason adjusts ipha_length to exclude the
2607 2612 * IP header length. We do the same.
2608 2613 */
2609 2614 if (is->is_bsd_compat) {
2610 2615 ushort_t len;
2611 2616
2612 2617 len = ntohs(ipha->ipha_length);
2613 2618 if (mp->b_datap->db_ref > 1) {
2614 2619 /*
2615 2620 * Allocate a new IP header so that we can
2616 2621 * modify ipha_length.
2617 2622 */
2618 2623 mblk_t *mp1;
2619 2624
2620 2625 mp1 = allocb(ip_hdr_length, BPRI_MED);
2621 2626 if (mp1 == NULL) {
2622 2627 freemsg(mp);
2623 2628 BUMP_MIB(&is->is_rawip_mib,
2624 2629 rawipInErrors);
2625 2630 return;
2626 2631 }
2627 2632 bcopy(rptr, mp1->b_rptr, ip_hdr_length);
2628 2633 mp->b_rptr = rptr + ip_hdr_length;
2629 2634 rptr = mp1->b_rptr;
2630 2635 ipha = (ipha_t *)rptr;
2631 2636 mp1->b_cont = mp;
2632 2637 mp1->b_wptr = rptr + ip_hdr_length;
2633 2638 mp = mp1;
2634 2639 }
2635 2640 len -= ip_hdr_length;
2636 2641 ipha->ipha_length = htons(len);
2637 2642 }
2638 2643
2639 2644 /*
2640 2645 * For RAW sockets we not pass ICMP/IPv4 packets to AF_INET6
2641 2646 * sockets. This is ensured by icmp_bind and the IP fanout code.
2642 2647 */
2643 2648 ASSERT(connp->conn_family == AF_INET);
2644 2649
2645 2650 /*
2646 2651 * This is the inbound data path. Packets are passed upstream
2647 2652 * as T_UNITDATA_IND messages with full IPv4 headers still
2648 2653 * attached.
2649 2654 */
2650 2655
2651 2656 /*
2652 2657 * Normally only send up the source address.
2653 2658 * If any ancillary data items are wanted we add those.
2654 2659 */
2655 2660 udi_size = sizeof (struct T_unitdata_ind) + sizeof (sin_t);
2656 2661 if (recv_ancillary.crb_all != 0) {
2657 2662 udi_size += conn_recvancillary_size(connp,
2658 2663 recv_ancillary, ira, mp, &ipps);
2659 2664 }
2660 2665
2661 2666 /* Allocate a message block for the T_UNITDATA_IND structure. */
2662 2667 mp1 = allocb(udi_size, BPRI_MED);
2663 2668 if (mp1 == NULL) {
2664 2669 freemsg(mp);
2665 2670 BUMP_MIB(&is->is_rawip_mib, rawipInErrors);
2666 2671 return;
2667 2672 }
2668 2673 mp1->b_cont = mp;
2669 2674 tudi = (struct T_unitdata_ind *)mp1->b_rptr;
2670 2675 mp1->b_datap->db_type = M_PROTO;
2671 2676 mp1->b_wptr = (uchar_t *)tudi + udi_size;
2672 2677 tudi->PRIM_type = T_UNITDATA_IND;
2673 2678 tudi->SRC_length = sizeof (sin_t);
2674 2679 tudi->SRC_offset = sizeof (struct T_unitdata_ind);
2675 2680 sin = (sin_t *)&tudi[1];
2676 2681 *sin = sin_null;
2677 2682 sin->sin_family = AF_INET;
2678 2683 sin->sin_addr.s_addr = ipha->ipha_src;
2679 2684 *(uint32_t *)&sin->sin_zero[0] = 0;
2680 2685 *(uint32_t *)&sin->sin_zero[4] = 0;
2681 2686 tudi->OPT_offset = sizeof (struct T_unitdata_ind) +
2682 2687 sizeof (sin_t);
2683 2688 udi_size -= (sizeof (struct T_unitdata_ind) + sizeof (sin_t));
2684 2689 tudi->OPT_length = udi_size;
2685 2690
2686 2691 /*
2687 2692 * Add options if IP_RECVIF etc is set
2688 2693 */
2689 2694 if (udi_size != 0) {
2690 2695 conn_recvancillary_add(connp, recv_ancillary, ira,
2691 2696 &ipps, (uchar_t *)&sin[1], udi_size);
2692 2697 }
2693 2698 goto deliver;
2694 2699 }
2695 2700
2696 2701 ASSERT(IPH_HDR_VERSION(rptr) == IPV6_VERSION);
2697 2702 /*
2698 2703 * IPv6 packets can only be received by applications
2699 2704 * that are prepared to receive IPv6 addresses.
2700 2705 * The IP fanout must ensure this.
2701 2706 */
2702 2707 ASSERT(connp->conn_family == AF_INET6);
2703 2708
2704 2709 /*
2705 2710 * Handle IPv6 packets. We don't pass up the IP headers with the
2706 2711 * payload for IPv6.
2707 2712 */
2708 2713
2709 2714 ip6h = (ip6_t *)rptr;
2710 2715 if (recv_ancillary.crb_all != 0) {
2711 2716 /*
2712 2717 * Call on ip_find_hdr_v6 which gets individual lenghts of
2713 2718 * extension headers (and pointers to them).
2714 2719 */
2715 2720 uint8_t nexthdr;
2716 2721
2717 2722 /* We don't care about the length or nextheader. */
2718 2723 (void) ip_find_hdr_v6(mp, ip6h, B_TRUE, &ipps, &nexthdr);
2719 2724
2720 2725 /*
2721 2726 * We do not pass up hop-by-hop options or any other
2722 2727 * extension header as part of the packet. Applications
2723 2728 * that want to see them have to specify IPV6_RECV* socket
2724 2729 * options. And conn_recvancillary_size/add explicitly
2725 2730 * drops the TX option from IPV6_HOPOPTS as it does for UDP.
2726 2731 *
2727 2732 * If we had multilevel ICMP sockets, then we'd want to
2728 2733 * modify conn_recvancillary_size/add to
2729 2734 * allow the user to see the label.
2730 2735 */
2731 2736 }
2732 2737
2733 2738 /*
2734 2739 * Check a filter for ICMPv6 types if needed.
2735 2740 * Verify raw checksums if needed.
2736 2741 */
2737 2742 mutex_enter(&connp->conn_lock);
2738 2743 if (icmp->icmp_filter != NULL) {
2739 2744 int type;
2740 2745
2741 2746 /* Assumes that IP has done the pullupmsg */
2742 2747 type = mp->b_rptr[ip_hdr_length];
2743 2748
2744 2749 ASSERT(mp->b_rptr + ip_hdr_length <= mp->b_wptr);
2745 2750 if (ICMP6_FILTER_WILLBLOCK(type, icmp->icmp_filter)) {
2746 2751 mutex_exit(&connp->conn_lock);
2747 2752 freemsg(mp);
2748 2753 return;
2749 2754 }
2750 2755 }
2751 2756 if (connp->conn_ixa->ixa_flags & IXAF_SET_RAW_CKSUM) {
2752 2757 /* Checksum */
2753 2758 uint16_t *up;
2754 2759 uint32_t sum;
2755 2760 int remlen;
2756 2761
2757 2762 up = (uint16_t *)&ip6h->ip6_src;
2758 2763
2759 2764 remlen = msgdsize(mp) - ip_hdr_length;
2760 2765 sum = htons(connp->conn_proto + remlen)
2761 2766 + up[0] + up[1] + up[2] + up[3]
2762 2767 + up[4] + up[5] + up[6] + up[7]
2763 2768 + up[8] + up[9] + up[10] + up[11]
2764 2769 + up[12] + up[13] + up[14] + up[15];
2765 2770 sum = (sum & 0xffff) + (sum >> 16);
2766 2771 sum = IP_CSUM(mp, ip_hdr_length, sum);
2767 2772 if (sum != 0) {
2768 2773 /* IPv6 RAW checksum failed */
2769 2774 ip0dbg(("icmp_rput: RAW checksum failed %x\n", sum));
2770 2775 mutex_exit(&connp->conn_lock);
2771 2776 freemsg(mp);
2772 2777 BUMP_MIB(&is->is_rawip_mib, rawipInCksumErrs);
2773 2778 return;
2774 2779 }
2775 2780 }
2776 2781 mutex_exit(&connp->conn_lock);
2777 2782
2778 2783 udi_size = sizeof (struct T_unitdata_ind) + sizeof (sin6_t);
2779 2784
2780 2785 if (recv_ancillary.crb_all != 0) {
2781 2786 udi_size += conn_recvancillary_size(connp,
2782 2787 recv_ancillary, ira, mp, &ipps);
2783 2788 }
2784 2789
2785 2790 mp1 = allocb(udi_size, BPRI_MED);
2786 2791 if (mp1 == NULL) {
2787 2792 freemsg(mp);
2788 2793 BUMP_MIB(&is->is_rawip_mib, rawipInErrors);
2789 2794 return;
2790 2795 }
2791 2796 mp1->b_cont = mp;
2792 2797 mp1->b_datap->db_type = M_PROTO;
2793 2798 tudi = (struct T_unitdata_ind *)mp1->b_rptr;
2794 2799 mp1->b_wptr = (uchar_t *)tudi + udi_size;
2795 2800 tudi->PRIM_type = T_UNITDATA_IND;
2796 2801 tudi->SRC_length = sizeof (sin6_t);
2797 2802 tudi->SRC_offset = sizeof (struct T_unitdata_ind);
2798 2803 tudi->OPT_offset = sizeof (struct T_unitdata_ind) + sizeof (sin6_t);
2799 2804 udi_size -= (sizeof (struct T_unitdata_ind) + sizeof (sin6_t));
2800 2805 tudi->OPT_length = udi_size;
2801 2806 sin6 = (sin6_t *)&tudi[1];
2802 2807 *sin6 = sin6_null;
2803 2808 sin6->sin6_port = 0;
2804 2809 sin6->sin6_family = AF_INET6;
2805 2810
2806 2811 sin6->sin6_addr = ip6h->ip6_src;
2807 2812 /* No sin6_flowinfo per API */
2808 2813 sin6->sin6_flowinfo = 0;
2809 2814 /* For link-scope pass up scope id */
2810 2815 if (IN6_IS_ADDR_LINKSCOPE(&ip6h->ip6_src))
2811 2816 sin6->sin6_scope_id = ira->ira_ruifindex;
2812 2817 else
2813 2818 sin6->sin6_scope_id = 0;
2814 2819 sin6->__sin6_src_id = ip_srcid_find_addr(&ip6h->ip6_dst,
2815 2820 IPCL_ZONEID(connp), is->is_netstack);
2816 2821
2817 2822 if (udi_size != 0) {
2818 2823 conn_recvancillary_add(connp, recv_ancillary, ira,
2819 2824 &ipps, (uchar_t *)&sin6[1], udi_size);
2820 2825 }
2821 2826
2822 2827 /* Skip all the IPv6 headers per API */
2823 2828 mp->b_rptr += ip_hdr_length;
2824 2829 pkt_len -= ip_hdr_length;
2825 2830
2826 2831 deliver:
2827 2832 BUMP_MIB(&is->is_rawip_mib, rawipInDatagrams);
2828 2833 icmp_ulp_recv(connp, mp1, pkt_len);
2829 2834 }
2830 2835
2831 2836 /*
2832 2837 * return SNMP stuff in buffer in mpdata. We don't hold any lock and report
2833 2838 * information that can be changing beneath us.
2834 2839 */
2835 2840 mblk_t *
2836 2841 icmp_snmp_get(queue_t *q, mblk_t *mpctl)
2837 2842 {
2838 2843 mblk_t *mpdata;
2839 2844 struct opthdr *optp;
2840 2845 conn_t *connp = Q_TO_CONN(q);
2841 2846 icmp_stack_t *is = connp->conn_netstack->netstack_icmp;
2842 2847 mblk_t *mp2ctl;
2843 2848
2844 2849 /*
2845 2850 * make a copy of the original message
2846 2851 */
2847 2852 mp2ctl = copymsg(mpctl);
2848 2853
2849 2854 if (mpctl == NULL ||
2850 2855 (mpdata = mpctl->b_cont) == NULL) {
2851 2856 freemsg(mpctl);
2852 2857 freemsg(mp2ctl);
2853 2858 return (0);
2854 2859 }
2855 2860
2856 2861 /* fixed length structure for IPv4 and IPv6 counters */
2857 2862 optp = (struct opthdr *)&mpctl->b_rptr[sizeof (struct T_optmgmt_ack)];
2858 2863 optp->level = EXPER_RAWIP;
2859 2864 optp->name = 0;
2860 2865 (void) snmp_append_data(mpdata, (char *)&is->is_rawip_mib,
2861 2866 sizeof (is->is_rawip_mib));
2862 2867 optp->len = msgdsize(mpdata);
2863 2868 qreply(q, mpctl);
2864 2869
2865 2870 return (mp2ctl);
2866 2871 }
2867 2872
2868 2873 /*
2869 2874 * Return 0 if invalid set request, 1 otherwise, including non-rawip requests.
2870 2875 * TODO: If this ever actually tries to set anything, it needs to be
2871 2876 * to do the appropriate locking.
2872 2877 */
2873 2878 /* ARGSUSED */
2874 2879 int
2875 2880 icmp_snmp_set(queue_t *q, t_scalar_t level, t_scalar_t name,
2876 2881 uchar_t *ptr, int len)
2877 2882 {
2878 2883 switch (level) {
2879 2884 case EXPER_RAWIP:
2880 2885 return (0);
2881 2886 default:
2882 2887 return (1);
2883 2888 }
2884 2889 }
2885 2890
2886 2891 /*
2887 2892 * This routine creates a T_UDERROR_IND message and passes it upstream.
2888 2893 * The address and options are copied from the T_UNITDATA_REQ message
2889 2894 * passed in mp. This message is freed.
2890 2895 */
2891 2896 static void
2892 2897 icmp_ud_err(queue_t *q, mblk_t *mp, t_scalar_t err)
2893 2898 {
2894 2899 struct T_unitdata_req *tudr;
2895 2900 mblk_t *mp1;
2896 2901 uchar_t *destaddr;
2897 2902 t_scalar_t destlen;
2898 2903 uchar_t *optaddr;
2899 2904 t_scalar_t optlen;
2900 2905
2901 2906 if ((mp->b_wptr < mp->b_rptr) ||
2902 2907 (MBLKL(mp)) < sizeof (struct T_unitdata_req)) {
2903 2908 goto done;
2904 2909 }
2905 2910 tudr = (struct T_unitdata_req *)mp->b_rptr;
2906 2911 destaddr = mp->b_rptr + tudr->DEST_offset;
2907 2912 if (destaddr < mp->b_rptr || destaddr >= mp->b_wptr ||
2908 2913 destaddr + tudr->DEST_length < mp->b_rptr ||
2909 2914 destaddr + tudr->DEST_length > mp->b_wptr) {
2910 2915 goto done;
2911 2916 }
2912 2917 optaddr = mp->b_rptr + tudr->OPT_offset;
2913 2918 if (optaddr < mp->b_rptr || optaddr >= mp->b_wptr ||
2914 2919 optaddr + tudr->OPT_length < mp->b_rptr ||
2915 2920 optaddr + tudr->OPT_length > mp->b_wptr) {
2916 2921 goto done;
2917 2922 }
2918 2923 destlen = tudr->DEST_length;
2919 2924 optlen = tudr->OPT_length;
2920 2925
2921 2926 mp1 = mi_tpi_uderror_ind((char *)destaddr, destlen,
2922 2927 (char *)optaddr, optlen, err);
2923 2928 if (mp1 != NULL)
2924 2929 qreply(q, mp1);
2925 2930
2926 2931 done:
2927 2932 freemsg(mp);
2928 2933 }
2929 2934
2930 2935 static int
2931 2936 rawip_do_unbind(conn_t *connp)
2932 2937 {
2933 2938 icmp_t *icmp = connp->conn_icmp;
2934 2939
2935 2940 mutex_enter(&connp->conn_lock);
2936 2941 /* If a bind has not been done, we can't unbind. */
2937 2942 if (icmp->icmp_state == TS_UNBND) {
2938 2943 mutex_exit(&connp->conn_lock);
2939 2944 return (-TOUTSTATE);
2940 2945 }
2941 2946 connp->conn_saddr_v6 = ipv6_all_zeros;
2942 2947 connp->conn_bound_addr_v6 = ipv6_all_zeros;
2943 2948 connp->conn_laddr_v6 = ipv6_all_zeros;
2944 2949 connp->conn_mcbc_bind = B_FALSE;
2945 2950 connp->conn_lport = 0;
2946 2951 connp->conn_fport = 0;
2947 2952 /* In case we were also connected */
2948 2953 connp->conn_faddr_v6 = ipv6_all_zeros;
2949 2954 connp->conn_v6lastdst = ipv6_all_zeros;
2950 2955
2951 2956 icmp->icmp_state = TS_UNBND;
2952 2957
2953 2958 (void) icmp_build_hdr_template(connp, &connp->conn_saddr_v6,
2954 2959 &connp->conn_faddr_v6, connp->conn_flowinfo);
2955 2960 mutex_exit(&connp->conn_lock);
2956 2961
2957 2962 ip_unbind(connp);
2958 2963 return (0);
2959 2964 }
2960 2965
2961 2966 /*
2962 2967 * This routine is called by icmp_wput to handle T_UNBIND_REQ messages.
2963 2968 * After some error checking, the message is passed downstream to ip.
2964 2969 */
2965 2970 static void
2966 2971 icmp_tpi_unbind(queue_t *q, mblk_t *mp)
2967 2972 {
2968 2973 conn_t *connp = Q_TO_CONN(q);
2969 2974 int error;
2970 2975
2971 2976 ASSERT(mp->b_cont == NULL);
2972 2977 error = rawip_do_unbind(connp);
2973 2978 if (error) {
2974 2979 if (error < 0) {
2975 2980 icmp_err_ack(q, mp, -error, 0);
2976 2981 } else {
2977 2982 icmp_err_ack(q, mp, 0, error);
2978 2983 }
2979 2984 return;
2980 2985 }
2981 2986
2982 2987 /*
2983 2988 * Convert mp into a T_OK_ACK
2984 2989 */
2985 2990
2986 2991 mp = mi_tpi_ok_ack_alloc(mp);
2987 2992
2988 2993 /*
2989 2994 * should not happen in practice... T_OK_ACK is smaller than the
2990 2995 * original message.
2991 2996 */
2992 2997 ASSERT(mp != NULL);
2993 2998 ASSERT(((struct T_ok_ack *)mp->b_rptr)->PRIM_type == T_OK_ACK);
2994 2999 qreply(q, mp);
2995 3000 }
2996 3001
2997 3002 /*
2998 3003 * Process IPv4 packets that already include an IP header.
2999 3004 * Used when IP_HDRINCL has been set (implicit for IPPROTO_RAW and
3000 3005 * IPPROTO_IGMP).
3001 3006 * In this case we ignore the address and any options in the T_UNITDATA_REQ.
3002 3007 *
3003 3008 * The packet is assumed to have a base (20 byte) IP header followed
3004 3009 * by the upper-layer protocol. We include any IP_OPTIONS including a
3005 3010 * CIPSO label but otherwise preserve the base IP header.
3006 3011 */
3007 3012 static int
3008 3013 icmp_output_hdrincl(conn_t *connp, mblk_t *mp, cred_t *cr, pid_t pid)
3009 3014 {
3010 3015 icmp_t *icmp = connp->conn_icmp;
3011 3016 icmp_stack_t *is = icmp->icmp_is;
3012 3017 ipha_t iphas;
3013 3018 ipha_t *ipha;
3014 3019 int ip_hdr_length;
3015 3020 int tp_hdr_len;
3016 3021 ip_xmit_attr_t *ixa;
3017 3022 ip_pkt_t *ipp;
3018 3023 in6_addr_t v6src;
3019 3024 in6_addr_t v6dst;
3020 3025 in6_addr_t v6nexthop;
3021 3026 int error;
3022 3027 boolean_t do_ipsec;
3023 3028
3024 3029 /*
3025 3030 * We need an exclusive copy of conn_ixa since the included IP
3026 3031 * header could have any destination.
3027 3032 * That copy has no pointers hence we
3028 3033 * need to set them up once we've parsed the ancillary data.
3029 3034 */
3030 3035 ixa = conn_get_ixa_exclusive(connp);
3031 3036 if (ixa == NULL) {
3032 3037 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3033 3038 freemsg(mp);
3034 3039 return (ENOMEM);
3035 3040 }
3036 3041 ASSERT(cr != NULL);
3037 3042 /*
3038 3043 * Caller has a reference on cr; from db_credp or because we
3039 3044 * are running in process context.
3040 3045 */
3041 3046 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
3042 3047 ixa->ixa_cred = cr;
3043 3048 ixa->ixa_cpid = pid;
3044 3049 if (is_system_labeled()) {
3045 3050 /* We need to restart with a label based on the cred */
3046 3051 ip_xmit_attr_restore_tsl(ixa, ixa->ixa_cred);
3047 3052 }
3048 3053
3049 3054 /* In case previous destination was multicast or multirt */
3050 3055 ip_attr_newdst(ixa);
3051 3056
3052 3057 /* Get a copy of conn_xmit_ipp since the TX label might change it */
3053 3058 ipp = kmem_zalloc(sizeof (*ipp), KM_NOSLEEP);
3054 3059 if (ipp == NULL) {
3055 3060 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
3056 3061 ixa->ixa_cred = connp->conn_cred; /* Restore */
3057 3062 ixa->ixa_cpid = connp->conn_cpid;
3058 3063 ixa_refrele(ixa);
3059 3064 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3060 3065 freemsg(mp);
3061 3066 return (ENOMEM);
3062 3067 }
3063 3068 mutex_enter(&connp->conn_lock);
3064 3069 error = ip_pkt_copy(&connp->conn_xmit_ipp, ipp, KM_NOSLEEP);
3065 3070 mutex_exit(&connp->conn_lock);
3066 3071 if (error != 0) {
3067 3072 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3068 3073 freemsg(mp);
3069 3074 goto done;
3070 3075 }
3071 3076
3072 3077 /* Sanity check length of packet */
3073 3078 ipha = (ipha_t *)mp->b_rptr;
3074 3079
3075 3080 ip_hdr_length = IP_SIMPLE_HDR_LENGTH;
3076 3081 if ((mp->b_wptr - mp->b_rptr) < IP_SIMPLE_HDR_LENGTH) {
3077 3082 if (!pullupmsg(mp, IP_SIMPLE_HDR_LENGTH)) {
3078 3083 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3079 3084 freemsg(mp);
3080 3085 goto done;
3081 3086 }
3082 3087 ipha = (ipha_t *)mp->b_rptr;
3083 3088 }
3084 3089 ipha->ipha_version_and_hdr_length =
3085 3090 (IP_VERSION<<4) | (ip_hdr_length>>2);
3086 3091
3087 3092 /*
3088 3093 * We set IXAF_DONTFRAG if the application set DF which makes
3089 3094 * IP not fragment.
3090 3095 */
3091 3096 ipha->ipha_fragment_offset_and_flags &= htons(IPH_DF);
3092 3097 if (ipha->ipha_fragment_offset_and_flags & htons(IPH_DF))
3093 3098 ixa->ixa_flags |= (IXAF_DONTFRAG | IXAF_PMTU_IPV4_DF);
3094 3099 else
3095 3100 ixa->ixa_flags &= ~(IXAF_DONTFRAG | IXAF_PMTU_IPV4_DF);
3096 3101
3097 3102 /* Even for multicast and broadcast we honor the apps ttl */
3098 3103 ixa->ixa_flags |= IXAF_NO_TTL_CHANGE;
3099 3104
3100 3105 /*
3101 3106 * No source verification for non-local addresses
3102 3107 */
3103 3108 if (ipha->ipha_src != INADDR_ANY &&
3104 3109 ip_laddr_verify_v4(ipha->ipha_src, ixa->ixa_zoneid,
3105 3110 is->is_netstack->netstack_ip, B_FALSE)
3106 3111 != IPVL_UNICAST_UP) {
3107 3112 ixa->ixa_flags &= ~IXAF_VERIFY_SOURCE;
3108 3113 }
3109 3114
3110 3115 if (ipha->ipha_dst == INADDR_ANY)
3111 3116 ipha->ipha_dst = htonl(INADDR_LOOPBACK);
3112 3117
3113 3118 IN6_IPADDR_TO_V4MAPPED(ipha->ipha_src, &v6src);
3114 3119 IN6_IPADDR_TO_V4MAPPED(ipha->ipha_dst, &v6dst);
3115 3120
3116 3121 /* Defer IPsec if it might need to look at ICMP type/code */
3117 3122 do_ipsec = ipha->ipha_protocol != IPPROTO_ICMP;
3118 3123 ixa->ixa_flags |= IXAF_IS_IPV4;
3119 3124
3120 3125 ip_attr_nexthop(ipp, ixa, &v6dst, &v6nexthop);
3121 3126 error = ip_attr_connect(connp, ixa, &v6src, &v6dst, &v6nexthop,
3122 3127 connp->conn_fport, &v6src, NULL, IPDF_ALLOW_MCBC | IPDF_VERIFY_DST |
3123 3128 (do_ipsec ? IPDF_IPSEC : 0));
3124 3129 switch (error) {
3125 3130 case 0:
3126 3131 break;
3127 3132 case EADDRNOTAVAIL:
3128 3133 /*
3129 3134 * IXAF_VERIFY_SOURCE tells us to pick a better source.
3130 3135 * Don't have the application see that errno
3131 3136 */
3132 3137 error = ENETUNREACH;
3133 3138 goto failed;
3134 3139 case ENETDOWN:
3135 3140 /*
3136 3141 * Have !ipif_addr_ready address; drop packet silently
3137 3142 * until we can get applications to not send until we
3138 3143 * are ready.
3139 3144 */
3140 3145 error = 0;
3141 3146 goto failed;
3142 3147 case EHOSTUNREACH:
3143 3148 case ENETUNREACH:
3144 3149 if (ixa->ixa_ire != NULL) {
3145 3150 /*
3146 3151 * Let conn_ip_output/ire_send_noroute return
3147 3152 * the error and send any local ICMP error.
3148 3153 */
3149 3154 error = 0;
3150 3155 break;
3151 3156 }
3152 3157 /* FALLTHRU */
3153 3158 default:
3154 3159 failed:
3155 3160 freemsg(mp);
3156 3161 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3157 3162 goto done;
3158 3163 }
3159 3164 if (ipha->ipha_src == INADDR_ANY)
3160 3165 IN6_V4MAPPED_TO_IPADDR(&v6src, ipha->ipha_src);
3161 3166
3162 3167 /*
3163 3168 * We might be going to a different destination than last time,
3164 3169 * thus check that TX allows the communication and compute any
3165 3170 * needed label.
3166 3171 *
3167 3172 * TSOL Note: We have an exclusive ipp and ixa for this thread so we
3168 3173 * don't have to worry about concurrent threads.
3169 3174 */
3170 3175 if (is_system_labeled()) {
3171 3176 /*
3172 3177 * Check whether Trusted Solaris policy allows communication
3173 3178 * with this host, and pretend that the destination is
3174 3179 * unreachable if not.
3175 3180 * Compute any needed label and place it in ipp_label_v4/v6.
3176 3181 *
3177 3182 * Later conn_build_hdr_template/conn_prepend_hdr takes
3178 3183 * ipp_label_v4/v6 to form the packet.
3179 3184 *
3180 3185 * Tsol note: We have ipp structure local to this thread so
3181 3186 * no locking is needed.
3182 3187 */
3183 3188 error = conn_update_label(connp, ixa, &v6dst, ipp);
3184 3189 if (error != 0) {
3185 3190 freemsg(mp);
3186 3191 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3187 3192 goto done;
3188 3193 }
3189 3194 }
3190 3195
3191 3196 /*
3192 3197 * Save away a copy of the IPv4 header the application passed down
3193 3198 * and then prepend an IPv4 header complete with any IP options
3194 3199 * including label.
3195 3200 * We need a struct copy since icmp_prepend_hdr will reuse the available
3196 3201 * space in the mblk.
3197 3202 */
3198 3203 iphas = *ipha;
3199 3204 mp->b_rptr += IP_SIMPLE_HDR_LENGTH;
3200 3205
3201 3206 mp = icmp_prepend_hdr(connp, ixa, ipp, &v6src, &v6dst, 0, mp, &error);
3202 3207 if (mp == NULL) {
3203 3208 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3204 3209 ASSERT(error != 0);
3205 3210 goto done;
3206 3211 }
3207 3212 if (ixa->ixa_pktlen > IP_MAXPACKET) {
3208 3213 error = EMSGSIZE;
3209 3214 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3210 3215 freemsg(mp);
3211 3216 goto done;
3212 3217 }
3213 3218 /* Restore key parts of the header that the application passed down */
3214 3219 ipha = (ipha_t *)mp->b_rptr;
3215 3220 ipha->ipha_type_of_service = iphas.ipha_type_of_service;
3216 3221 ipha->ipha_ident = iphas.ipha_ident;
3217 3222 ipha->ipha_fragment_offset_and_flags =
3218 3223 iphas.ipha_fragment_offset_and_flags;
3219 3224 ipha->ipha_ttl = iphas.ipha_ttl;
3220 3225 ipha->ipha_protocol = iphas.ipha_protocol;
3221 3226 ipha->ipha_src = iphas.ipha_src;
3222 3227 ipha->ipha_dst = iphas.ipha_dst;
3223 3228
3224 3229 ixa->ixa_protocol = ipha->ipha_protocol;
3225 3230
3226 3231 /*
3227 3232 * Make sure that the IP header plus any transport header that is
3228 3233 * checksumed by ip_output is in the first mblk. (ip_output assumes
3229 3234 * that at least the checksum field is in the first mblk.)
3230 3235 */
3231 3236 switch (ipha->ipha_protocol) {
3232 3237 case IPPROTO_UDP:
3233 3238 tp_hdr_len = 8;
3234 3239 break;
3235 3240 case IPPROTO_TCP:
3236 3241 tp_hdr_len = 20;
3237 3242 break;
3238 3243 default:
3239 3244 tp_hdr_len = 0;
3240 3245 break;
3241 3246 }
3242 3247 ip_hdr_length = IPH_HDR_LENGTH(ipha);
3243 3248 if (mp->b_wptr - mp->b_rptr < ip_hdr_length + tp_hdr_len) {
3244 3249 if (!pullupmsg(mp, ip_hdr_length + tp_hdr_len)) {
3245 3250 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3246 3251 if (mp->b_cont == NULL)
3247 3252 error = EINVAL;
3248 3253 else
3249 3254 error = ENOMEM;
3250 3255 freemsg(mp);
3251 3256 goto done;
3252 3257 }
3253 3258 }
3254 3259
3255 3260 if (!do_ipsec) {
3256 3261 /* Policy might differ for different ICMP type/code */
3257 3262 if (ixa->ixa_ipsec_policy != NULL) {
3258 3263 IPPOL_REFRELE(ixa->ixa_ipsec_policy);
3259 3264 ixa->ixa_ipsec_policy = NULL;
3260 3265 ixa->ixa_flags &= ~IXAF_IPSEC_SECURE;
3261 3266 }
3262 3267 mp = ip_output_attach_policy(mp, ipha, NULL, connp, ixa);
3263 3268 if (mp == NULL) {
3264 3269 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3265 3270 error = EHOSTUNREACH; /* IPsec policy failure */
3266 3271 goto done;
3267 3272 }
3268 3273 }
3269 3274
3270 3275 /* We're done. Pass the packet to ip. */
3271 3276 BUMP_MIB(&is->is_rawip_mib, rawipOutDatagrams);
3272 3277
3273 3278 error = conn_ip_output(mp, ixa);
3274 3279 /* No rawipOutErrors if an error since IP increases its error counter */
3275 3280 switch (error) {
3276 3281 case 0:
3277 3282 break;
3278 3283 case EWOULDBLOCK:
3279 3284 (void) ixa_check_drain_insert(connp, ixa);
3280 3285 error = 0;
3281 3286 break;
3282 3287 case EADDRNOTAVAIL:
3283 3288 /*
3284 3289 * IXAF_VERIFY_SOURCE tells us to pick a better source.
3285 3290 * Don't have the application see that errno
3286 3291 */
3287 3292 error = ENETUNREACH;
3288 3293 break;
3289 3294 }
3290 3295 done:
3291 3296 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
3292 3297 ixa->ixa_cred = connp->conn_cred; /* Restore */
3293 3298 ixa->ixa_cpid = connp->conn_cpid;
3294 3299 ixa_refrele(ixa);
3295 3300 ip_pkt_free(ipp);
3296 3301 kmem_free(ipp, sizeof (*ipp));
3297 3302 return (error);
3298 3303 }
3299 3304
3300 3305 static mblk_t *
3301 3306 icmp_output_attach_policy(mblk_t *mp, conn_t *connp, ip_xmit_attr_t *ixa)
3302 3307 {
3303 3308 ipha_t *ipha = NULL;
3304 3309 ip6_t *ip6h = NULL;
3305 3310
3306 3311 if (ixa->ixa_flags & IXAF_IS_IPV4)
3307 3312 ipha = (ipha_t *)mp->b_rptr;
3308 3313 else
3309 3314 ip6h = (ip6_t *)mp->b_rptr;
3310 3315
3311 3316 if (ixa->ixa_ipsec_policy != NULL) {
3312 3317 IPPOL_REFRELE(ixa->ixa_ipsec_policy);
3313 3318 ixa->ixa_ipsec_policy = NULL;
3314 3319 ixa->ixa_flags &= ~IXAF_IPSEC_SECURE;
3315 3320 }
3316 3321 return (ip_output_attach_policy(mp, ipha, ip6h, connp, ixa));
3317 3322 }
3318 3323
3319 3324 /*
3320 3325 * Handle T_UNITDATA_REQ with options. Both IPv4 and IPv6
3321 3326 * Either tudr_mp or msg is set. If tudr_mp we take ancillary data from
3322 3327 * the TPI options, otherwise we take them from msg_control.
3323 3328 * If both sin and sin6 is set it is a connected socket and we use conn_faddr.
3324 3329 * Always consumes mp; never consumes tudr_mp.
3325 3330 */
3326 3331 static int
3327 3332 icmp_output_ancillary(conn_t *connp, sin_t *sin, sin6_t *sin6, mblk_t *mp,
3328 3333 mblk_t *tudr_mp, struct nmsghdr *msg, cred_t *cr, pid_t pid)
3329 3334 {
|
↓ open down ↓ |
2547 lines elided |
↑ open up ↑ |
3330 3335 icmp_t *icmp = connp->conn_icmp;
3331 3336 icmp_stack_t *is = icmp->icmp_is;
3332 3337 int error;
3333 3338 ip_xmit_attr_t *ixa;
3334 3339 ip_pkt_t *ipp;
3335 3340 in6_addr_t v6src;
3336 3341 in6_addr_t v6dst;
3337 3342 in6_addr_t v6nexthop;
3338 3343 in_port_t dstport;
3339 3344 uint32_t flowinfo;
3340 - uint_t srcid;
3341 3345 int is_absreq_failure = 0;
3342 3346 conn_opt_arg_t coas, *coa;
3343 3347
3344 3348 ASSERT(tudr_mp != NULL || msg != NULL);
3345 3349
3346 3350 /*
3347 3351 * Get ixa before checking state to handle a disconnect race.
3348 3352 *
3349 3353 * We need an exclusive copy of conn_ixa since the ancillary data
3350 3354 * options might modify it. That copy has no pointers hence we
3351 3355 * need to set them up once we've parsed the ancillary data.
3352 3356 */
3353 3357 ixa = conn_get_ixa_exclusive(connp);
3354 3358 if (ixa == NULL) {
3355 3359 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3356 3360 freemsg(mp);
3357 3361 return (ENOMEM);
3358 3362 }
3359 3363 ASSERT(cr != NULL);
3360 3364 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
3361 3365 ixa->ixa_cred = cr;
3362 3366 ixa->ixa_cpid = pid;
3363 3367 if (is_system_labeled()) {
3364 3368 /* We need to restart with a label based on the cred */
3365 3369 ip_xmit_attr_restore_tsl(ixa, ixa->ixa_cred);
3366 3370 }
3367 3371
3368 3372 /* In case previous destination was multicast or multirt */
3369 3373 ip_attr_newdst(ixa);
3370 3374
3371 3375 /* Get a copy of conn_xmit_ipp since the options might change it */
3372 3376 ipp = kmem_zalloc(sizeof (*ipp), KM_NOSLEEP);
3373 3377 if (ipp == NULL) {
3374 3378 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
3375 3379 ixa->ixa_cred = connp->conn_cred; /* Restore */
3376 3380 ixa->ixa_cpid = connp->conn_cpid;
3377 3381 ixa_refrele(ixa);
3378 3382 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3379 3383 freemsg(mp);
3380 3384 return (ENOMEM);
3381 3385 }
3382 3386 mutex_enter(&connp->conn_lock);
3383 3387 error = ip_pkt_copy(&connp->conn_xmit_ipp, ipp, KM_NOSLEEP);
3384 3388 mutex_exit(&connp->conn_lock);
3385 3389 if (error != 0) {
3386 3390 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3387 3391 freemsg(mp);
3388 3392 goto done;
3389 3393 }
3390 3394
3391 3395 /*
3392 3396 * Parse the options and update ixa and ipp as a result.
3393 3397 */
3394 3398
3395 3399 coa = &coas;
3396 3400 coa->coa_connp = connp;
3397 3401 coa->coa_ixa = ixa;
3398 3402 coa->coa_ipp = ipp;
3399 3403 coa->coa_ancillary = B_TRUE;
3400 3404 coa->coa_changed = 0;
3401 3405
3402 3406 if (msg != NULL) {
3403 3407 error = process_auxiliary_options(connp, msg->msg_control,
3404 3408 msg->msg_controllen, coa, &icmp_opt_obj, icmp_opt_set, cr);
3405 3409 } else {
3406 3410 struct T_unitdata_req *tudr;
3407 3411
3408 3412 tudr = (struct T_unitdata_req *)tudr_mp->b_rptr;
3409 3413 ASSERT(tudr->PRIM_type == T_UNITDATA_REQ);
3410 3414 error = tpi_optcom_buf(connp->conn_wq, tudr_mp,
3411 3415 &tudr->OPT_length, tudr->OPT_offset, cr, &icmp_opt_obj,
3412 3416 coa, &is_absreq_failure);
3413 3417 }
3414 3418 if (error != 0) {
3415 3419 /*
3416 3420 * Note: No special action needed in this
3417 3421 * module for "is_absreq_failure"
3418 3422 */
3419 3423 freemsg(mp);
3420 3424 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3421 3425 goto done;
3422 3426 }
3423 3427 ASSERT(is_absreq_failure == 0);
3424 3428
3425 3429 mutex_enter(&connp->conn_lock);
3426 3430 /*
3427 3431 * If laddr is unspecified then we look at sin6_src_id.
3428 3432 * We will give precedence to a source address set with IPV6_PKTINFO
3429 3433 * (aka IPPF_ADDR) but that is handled in build_hdrs. However, we don't
3430 3434 * want ip_attr_connect to select a source (since it can fail) when
3431 3435 * IPV6_PKTINFO is specified.
3432 3436 * If this doesn't result in a source address then we get a source
|
↓ open down ↓ |
82 lines elided |
↑ open up ↑ |
3433 3437 * from ip_attr_connect() below.
3434 3438 */
3435 3439 v6src = connp->conn_saddr_v6;
3436 3440 if (sin != NULL) {
3437 3441 IN6_IPADDR_TO_V4MAPPED(sin->sin_addr.s_addr, &v6dst);
3438 3442 dstport = sin->sin_port;
3439 3443 flowinfo = 0;
3440 3444 ixa->ixa_flags &= ~IXAF_SCOPEID_SET;
3441 3445 ixa->ixa_flags |= IXAF_IS_IPV4;
3442 3446 } else if (sin6 != NULL) {
3447 + boolean_t v4mapped;
3448 + uint_t srcid;
3449 +
3443 3450 v6dst = sin6->sin6_addr;
3444 3451 dstport = sin6->sin6_port;
3445 3452 flowinfo = sin6->sin6_flowinfo;
3446 3453 srcid = sin6->__sin6_src_id;
3447 3454 if (IN6_IS_ADDR_LINKSCOPE(&v6dst) && sin6->sin6_scope_id != 0) {
3448 3455 ixa->ixa_scopeid = sin6->sin6_scope_id;
3449 3456 ixa->ixa_flags |= IXAF_SCOPEID_SET;
3450 3457 } else {
3451 3458 ixa->ixa_flags &= ~IXAF_SCOPEID_SET;
3452 3459 }
3453 - if (srcid != 0 && IN6_IS_ADDR_UNSPECIFIED(&v6src)) {
3454 - ip_srcid_find_id(srcid, &v6src, IPCL_ZONEID(connp),
3455 - connp->conn_netstack);
3456 - }
3457 - if (IN6_IS_ADDR_V4MAPPED(&v6dst))
3460 + v4mapped = IN6_IS_ADDR_V4MAPPED(&v6dst);
3461 + if (v4mapped)
3458 3462 ixa->ixa_flags |= IXAF_IS_IPV4;
3459 3463 else
3460 3464 ixa->ixa_flags &= ~IXAF_IS_IPV4;
3465 + if (srcid != 0 && IN6_IS_ADDR_UNSPECIFIED(&v6src)) {
3466 + if (ip_srcid_find_id(srcid, &v6src, IPCL_ZONEID(connp),
3467 + v4mapped, connp->conn_netstack)) {
3468 + /* Mismatched v4mapped/v6 specified by srcid. */
3469 + mutex_exit(&connp->conn_lock);
3470 + error = EADDRNOTAVAIL;
3471 + goto failed; /* Does freemsg() and mib. */
3472 + }
3473 + }
3461 3474 } else {
3462 3475 /* Connected case */
3463 3476 v6dst = connp->conn_faddr_v6;
3464 3477 flowinfo = connp->conn_flowinfo;
3465 3478 }
3466 3479 mutex_exit(&connp->conn_lock);
3467 3480 /* Handle IP_PKTINFO/IPV6_PKTINFO setting source address. */
3468 3481 if (ipp->ipp_fields & IPPF_ADDR) {
3469 3482 if (ixa->ixa_flags & IXAF_IS_IPV4) {
3470 3483 if (IN6_IS_ADDR_V4MAPPED(&ipp->ipp_addr))
3471 3484 v6src = ipp->ipp_addr;
3472 3485 } else {
3473 3486 if (!IN6_IS_ADDR_V4MAPPED(&ipp->ipp_addr))
3474 3487 v6src = ipp->ipp_addr;
3475 3488 }
3476 3489 }
3477 3490 /*
3478 3491 * Allow source not assigned to the system
3479 3492 * only if it is not a local addresses
3480 3493 */
3481 3494 if (!V6_OR_V4_INADDR_ANY(v6src)) {
3482 3495 ip_laddr_t laddr_type;
3483 3496
3484 3497 if (ixa->ixa_flags & IXAF_IS_IPV4) {
3485 3498 ipaddr_t v4src;
3486 3499
3487 3500 IN6_V4MAPPED_TO_IPADDR(&v6src, v4src);
3488 3501 laddr_type = ip_laddr_verify_v4(v4src, ixa->ixa_zoneid,
3489 3502 is->is_netstack->netstack_ip, B_FALSE);
3490 3503 } else {
3491 3504 laddr_type = ip_laddr_verify_v6(&v6src, ixa->ixa_zoneid,
3492 3505 is->is_netstack->netstack_ip, B_FALSE, B_FALSE);
3493 3506 }
3494 3507 if (laddr_type != IPVL_UNICAST_UP)
3495 3508 ixa->ixa_flags &= ~IXAF_VERIFY_SOURCE;
3496 3509 }
3497 3510
3498 3511 ip_attr_nexthop(ipp, ixa, &v6dst, &v6nexthop);
3499 3512 error = ip_attr_connect(connp, ixa, &v6src, &v6dst, &v6nexthop, dstport,
3500 3513 &v6src, NULL, IPDF_ALLOW_MCBC | IPDF_VERIFY_DST);
3501 3514
3502 3515 switch (error) {
3503 3516 case 0:
3504 3517 break;
3505 3518 case EADDRNOTAVAIL:
3506 3519 /*
3507 3520 * IXAF_VERIFY_SOURCE tells us to pick a better source.
3508 3521 * Don't have the application see that errno
3509 3522 */
3510 3523 error = ENETUNREACH;
3511 3524 goto failed;
3512 3525 case ENETDOWN:
3513 3526 /*
3514 3527 * Have !ipif_addr_ready address; drop packet silently
3515 3528 * until we can get applications to not send until we
3516 3529 * are ready.
3517 3530 */
3518 3531 error = 0;
3519 3532 goto failed;
3520 3533 case EHOSTUNREACH:
3521 3534 case ENETUNREACH:
3522 3535 if (ixa->ixa_ire != NULL) {
3523 3536 /*
3524 3537 * Let conn_ip_output/ire_send_noroute return
3525 3538 * the error and send any local ICMP error.
3526 3539 */
3527 3540 error = 0;
3528 3541 break;
3529 3542 }
3530 3543 /* FALLTHRU */
3531 3544 default:
3532 3545 failed:
3533 3546 freemsg(mp);
3534 3547 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3535 3548 goto done;
3536 3549 }
3537 3550
3538 3551 /*
3539 3552 * We might be going to a different destination than last time,
3540 3553 * thus check that TX allows the communication and compute any
3541 3554 * needed label.
3542 3555 *
3543 3556 * TSOL Note: We have an exclusive ipp and ixa for this thread so we
3544 3557 * don't have to worry about concurrent threads.
3545 3558 */
3546 3559 if (is_system_labeled()) {
3547 3560 /*
3548 3561 * Check whether Trusted Solaris policy allows communication
3549 3562 * with this host, and pretend that the destination is
3550 3563 * unreachable if not.
3551 3564 * Compute any needed label and place it in ipp_label_v4/v6.
3552 3565 *
3553 3566 * Later conn_build_hdr_template/conn_prepend_hdr takes
3554 3567 * ipp_label_v4/v6 to form the packet.
3555 3568 *
3556 3569 * Tsol note: We have ipp structure local to this thread so
3557 3570 * no locking is needed.
3558 3571 */
3559 3572 error = conn_update_label(connp, ixa, &v6dst, ipp);
3560 3573 if (error != 0) {
3561 3574 freemsg(mp);
3562 3575 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3563 3576 goto done;
3564 3577 }
3565 3578 }
3566 3579 mp = icmp_prepend_hdr(connp, ixa, ipp, &v6src, &v6dst, flowinfo, mp,
3567 3580 &error);
3568 3581 if (mp == NULL) {
3569 3582 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3570 3583 ASSERT(error != 0);
3571 3584 goto done;
3572 3585 }
3573 3586 if (ixa->ixa_pktlen > IP_MAXPACKET) {
3574 3587 error = EMSGSIZE;
3575 3588 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3576 3589 freemsg(mp);
3577 3590 goto done;
3578 3591 }
3579 3592
3580 3593 /* Policy might differ for different ICMP type/code */
3581 3594 mp = icmp_output_attach_policy(mp, connp, ixa);
3582 3595 if (mp == NULL) {
3583 3596 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3584 3597 error = EHOSTUNREACH; /* IPsec policy failure */
3585 3598 goto done;
3586 3599 }
3587 3600
3588 3601 /* We're done. Pass the packet to ip. */
3589 3602 BUMP_MIB(&is->is_rawip_mib, rawipOutDatagrams);
3590 3603
3591 3604 error = conn_ip_output(mp, ixa);
3592 3605 if (!connp->conn_unspec_src)
3593 3606 ixa->ixa_flags |= IXAF_VERIFY_SOURCE;
3594 3607 /* No rawipOutErrors if an error since IP increases its error counter */
3595 3608 switch (error) {
3596 3609 case 0:
3597 3610 break;
3598 3611 case EWOULDBLOCK:
3599 3612 (void) ixa_check_drain_insert(connp, ixa);
3600 3613 error = 0;
3601 3614 break;
3602 3615 case EADDRNOTAVAIL:
3603 3616 /*
3604 3617 * IXAF_VERIFY_SOURCE tells us to pick a better source.
3605 3618 * Don't have the application see that errno
3606 3619 */
3607 3620 error = ENETUNREACH;
3608 3621 /* FALLTHRU */
3609 3622 default:
3610 3623 mutex_enter(&connp->conn_lock);
3611 3624 /*
3612 3625 * Clear the source and v6lastdst so we call ip_attr_connect
3613 3626 * for the next packet and try to pick a better source.
3614 3627 */
3615 3628 if (connp->conn_mcbc_bind)
3616 3629 connp->conn_saddr_v6 = ipv6_all_zeros;
3617 3630 else
3618 3631 connp->conn_saddr_v6 = connp->conn_bound_addr_v6;
3619 3632 connp->conn_v6lastdst = ipv6_all_zeros;
3620 3633 mutex_exit(&connp->conn_lock);
3621 3634 break;
3622 3635 }
3623 3636 done:
3624 3637 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
3625 3638 ixa->ixa_cred = connp->conn_cred; /* Restore */
3626 3639 ixa->ixa_cpid = connp->conn_cpid;
3627 3640 ixa_refrele(ixa);
3628 3641 ip_pkt_free(ipp);
3629 3642 kmem_free(ipp, sizeof (*ipp));
3630 3643 return (error);
3631 3644 }
3632 3645
3633 3646 /*
3634 3647 * Handle sending an M_DATA for a connected socket.
3635 3648 * Handles both IPv4 and IPv6.
3636 3649 */
3637 3650 int
3638 3651 icmp_output_connected(conn_t *connp, mblk_t *mp, cred_t *cr, pid_t pid)
3639 3652 {
3640 3653 icmp_t *icmp = connp->conn_icmp;
3641 3654 icmp_stack_t *is = icmp->icmp_is;
3642 3655 int error;
3643 3656 ip_xmit_attr_t *ixa;
3644 3657 boolean_t do_ipsec;
3645 3658
3646 3659 /*
3647 3660 * If no other thread is using conn_ixa this just gets a reference to
3648 3661 * conn_ixa. Otherwise we get a safe copy of conn_ixa.
3649 3662 */
3650 3663 ixa = conn_get_ixa(connp, B_FALSE);
3651 3664 if (ixa == NULL) {
3652 3665 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3653 3666 freemsg(mp);
3654 3667 return (ENOMEM);
3655 3668 }
3656 3669
3657 3670 ASSERT(cr != NULL);
3658 3671 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
3659 3672 ixa->ixa_cred = cr;
3660 3673 ixa->ixa_cpid = pid;
3661 3674
3662 3675 /* Defer IPsec if it might need to look at ICMP type/code */
3663 3676 switch (ixa->ixa_protocol) {
3664 3677 case IPPROTO_ICMP:
3665 3678 case IPPROTO_ICMPV6:
3666 3679 do_ipsec = B_FALSE;
3667 3680 break;
3668 3681 default:
3669 3682 do_ipsec = B_TRUE;
3670 3683 }
3671 3684
3672 3685 mutex_enter(&connp->conn_lock);
3673 3686 mp = icmp_prepend_header_template(connp, ixa, mp,
3674 3687 &connp->conn_saddr_v6, connp->conn_flowinfo, &error);
3675 3688
3676 3689 if (mp == NULL) {
3677 3690 ASSERT(error != 0);
3678 3691 mutex_exit(&connp->conn_lock);
3679 3692 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
3680 3693 ixa->ixa_cred = connp->conn_cred; /* Restore */
3681 3694 ixa->ixa_cpid = connp->conn_cpid;
3682 3695 ixa_refrele(ixa);
3683 3696 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3684 3697 freemsg(mp);
3685 3698 return (error);
3686 3699 }
3687 3700
3688 3701 if (!do_ipsec) {
3689 3702 /* Policy might differ for different ICMP type/code */
3690 3703 mp = icmp_output_attach_policy(mp, connp, ixa);
3691 3704 if (mp == NULL) {
3692 3705 mutex_exit(&connp->conn_lock);
3693 3706 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3694 3707 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
3695 3708 ixa->ixa_cred = connp->conn_cred; /* Restore */
3696 3709 ixa->ixa_cpid = connp->conn_cpid;
3697 3710 ixa_refrele(ixa);
3698 3711 return (EHOSTUNREACH); /* IPsec policy failure */
3699 3712 }
3700 3713 }
3701 3714
3702 3715 /*
3703 3716 * In case we got a safe copy of conn_ixa, or if opt_set made us a new
3704 3717 * safe copy, then we need to fill in any pointers in it.
3705 3718 */
3706 3719 if (ixa->ixa_ire == NULL) {
3707 3720 in6_addr_t faddr, saddr;
3708 3721 in6_addr_t nexthop;
3709 3722 in_port_t fport;
3710 3723
3711 3724 saddr = connp->conn_saddr_v6;
3712 3725 faddr = connp->conn_faddr_v6;
3713 3726 fport = connp->conn_fport;
3714 3727 ip_attr_nexthop(&connp->conn_xmit_ipp, ixa, &faddr, &nexthop);
3715 3728 mutex_exit(&connp->conn_lock);
3716 3729
3717 3730 error = ip_attr_connect(connp, ixa, &saddr, &faddr, &nexthop,
3718 3731 fport, NULL, NULL, IPDF_ALLOW_MCBC | IPDF_VERIFY_DST |
3719 3732 (do_ipsec ? IPDF_IPSEC : 0));
3720 3733 switch (error) {
3721 3734 case 0:
3722 3735 break;
3723 3736 case EADDRNOTAVAIL:
3724 3737 /*
3725 3738 * IXAF_VERIFY_SOURCE tells us to pick a better source.
3726 3739 * Don't have the application see that errno
3727 3740 */
3728 3741 error = ENETUNREACH;
3729 3742 goto failed;
3730 3743 case ENETDOWN:
3731 3744 /*
3732 3745 * Have !ipif_addr_ready address; drop packet silently
3733 3746 * until we can get applications to not send until we
3734 3747 * are ready.
3735 3748 */
3736 3749 error = 0;
3737 3750 goto failed;
3738 3751 case EHOSTUNREACH:
3739 3752 case ENETUNREACH:
3740 3753 if (ixa->ixa_ire != NULL) {
3741 3754 /*
3742 3755 * Let conn_ip_output/ire_send_noroute return
3743 3756 * the error and send any local ICMP error.
3744 3757 */
3745 3758 error = 0;
3746 3759 break;
3747 3760 }
3748 3761 /* FALLTHRU */
3749 3762 default:
3750 3763 failed:
3751 3764 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
3752 3765 ixa->ixa_cred = connp->conn_cred; /* Restore */
3753 3766 ixa->ixa_cpid = connp->conn_cpid;
3754 3767 ixa_refrele(ixa);
3755 3768 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3756 3769 freemsg(mp);
3757 3770 return (error);
3758 3771 }
3759 3772 } else {
3760 3773 /* Done with conn_t */
3761 3774 mutex_exit(&connp->conn_lock);
3762 3775 }
3763 3776
3764 3777 /* We're done. Pass the packet to ip. */
3765 3778 BUMP_MIB(&is->is_rawip_mib, rawipOutDatagrams);
3766 3779
3767 3780 error = conn_ip_output(mp, ixa);
3768 3781 /* No rawipOutErrors if an error since IP increases its error counter */
3769 3782 switch (error) {
3770 3783 case 0:
3771 3784 break;
3772 3785 case EWOULDBLOCK:
3773 3786 (void) ixa_check_drain_insert(connp, ixa);
3774 3787 error = 0;
3775 3788 break;
3776 3789 case EADDRNOTAVAIL:
3777 3790 /*
3778 3791 * IXAF_VERIFY_SOURCE tells us to pick a better source.
3779 3792 * Don't have the application see that errno
3780 3793 */
3781 3794 error = ENETUNREACH;
3782 3795 break;
3783 3796 }
3784 3797 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
3785 3798 ixa->ixa_cred = connp->conn_cred; /* Restore */
3786 3799 ixa->ixa_cpid = connp->conn_cpid;
3787 3800 ixa_refrele(ixa);
3788 3801 return (error);
3789 3802 }
3790 3803
3791 3804 /*
3792 3805 * Handle sending an M_DATA to the last destination.
3793 3806 * Handles both IPv4 and IPv6.
3794 3807 *
3795 3808 * NOTE: The caller must hold conn_lock and we drop it here.
3796 3809 */
3797 3810 int
3798 3811 icmp_output_lastdst(conn_t *connp, mblk_t *mp, cred_t *cr, pid_t pid,
3799 3812 ip_xmit_attr_t *ixa)
3800 3813 {
3801 3814 icmp_t *icmp = connp->conn_icmp;
3802 3815 icmp_stack_t *is = icmp->icmp_is;
3803 3816 int error;
3804 3817 boolean_t do_ipsec;
3805 3818
3806 3819 ASSERT(MUTEX_HELD(&connp->conn_lock));
3807 3820 ASSERT(ixa != NULL);
3808 3821
3809 3822 ASSERT(cr != NULL);
3810 3823 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
3811 3824 ixa->ixa_cred = cr;
3812 3825 ixa->ixa_cpid = pid;
3813 3826
3814 3827 /* Defer IPsec if it might need to look at ICMP type/code */
3815 3828 switch (ixa->ixa_protocol) {
3816 3829 case IPPROTO_ICMP:
3817 3830 case IPPROTO_ICMPV6:
3818 3831 do_ipsec = B_FALSE;
3819 3832 break;
3820 3833 default:
3821 3834 do_ipsec = B_TRUE;
3822 3835 }
3823 3836
3824 3837
3825 3838 mp = icmp_prepend_header_template(connp, ixa, mp,
3826 3839 &connp->conn_v6lastsrc, connp->conn_lastflowinfo, &error);
3827 3840
3828 3841 if (mp == NULL) {
3829 3842 ASSERT(error != 0);
3830 3843 mutex_exit(&connp->conn_lock);
3831 3844 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
3832 3845 ixa->ixa_cred = connp->conn_cred; /* Restore */
3833 3846 ixa->ixa_cpid = connp->conn_cpid;
3834 3847 ixa_refrele(ixa);
3835 3848 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3836 3849 freemsg(mp);
3837 3850 return (error);
3838 3851 }
3839 3852
3840 3853 if (!do_ipsec) {
3841 3854 /* Policy might differ for different ICMP type/code */
3842 3855 mp = icmp_output_attach_policy(mp, connp, ixa);
3843 3856 if (mp == NULL) {
3844 3857 mutex_exit(&connp->conn_lock);
3845 3858 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3846 3859 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
3847 3860 ixa->ixa_cred = connp->conn_cred; /* Restore */
3848 3861 ixa->ixa_cpid = connp->conn_cpid;
3849 3862 ixa_refrele(ixa);
3850 3863 return (EHOSTUNREACH); /* IPsec policy failure */
3851 3864 }
3852 3865 }
3853 3866
3854 3867 /*
3855 3868 * In case we got a safe copy of conn_ixa, or if opt_set made us a new
3856 3869 * safe copy, then we need to fill in any pointers in it.
3857 3870 */
3858 3871 if (ixa->ixa_ire == NULL) {
3859 3872 in6_addr_t lastdst, lastsrc;
3860 3873 in6_addr_t nexthop;
3861 3874 in_port_t lastport;
3862 3875
3863 3876 lastsrc = connp->conn_v6lastsrc;
3864 3877 lastdst = connp->conn_v6lastdst;
3865 3878 lastport = connp->conn_lastdstport;
3866 3879 ip_attr_nexthop(&connp->conn_xmit_ipp, ixa, &lastdst, &nexthop);
3867 3880 mutex_exit(&connp->conn_lock);
3868 3881
3869 3882 error = ip_attr_connect(connp, ixa, &lastsrc, &lastdst,
3870 3883 &nexthop, lastport, NULL, NULL, IPDF_ALLOW_MCBC |
3871 3884 IPDF_VERIFY_DST | (do_ipsec ? IPDF_IPSEC : 0));
3872 3885 switch (error) {
3873 3886 case 0:
3874 3887 break;
3875 3888 case EADDRNOTAVAIL:
3876 3889 /*
3877 3890 * IXAF_VERIFY_SOURCE tells us to pick a better source.
3878 3891 * Don't have the application see that errno
3879 3892 */
3880 3893 error = ENETUNREACH;
3881 3894 goto failed;
3882 3895 case ENETDOWN:
3883 3896 /*
3884 3897 * Have !ipif_addr_ready address; drop packet silently
3885 3898 * until we can get applications to not send until we
3886 3899 * are ready.
3887 3900 */
3888 3901 error = 0;
3889 3902 goto failed;
3890 3903 case EHOSTUNREACH:
3891 3904 case ENETUNREACH:
3892 3905 if (ixa->ixa_ire != NULL) {
3893 3906 /*
3894 3907 * Let conn_ip_output/ire_send_noroute return
3895 3908 * the error and send any local ICMP error.
3896 3909 */
3897 3910 error = 0;
3898 3911 break;
3899 3912 }
3900 3913 /* FALLTHRU */
3901 3914 default:
3902 3915 failed:
3903 3916 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
3904 3917 ixa->ixa_cred = connp->conn_cred; /* Restore */
3905 3918 ixa->ixa_cpid = connp->conn_cpid;
3906 3919 ixa_refrele(ixa);
3907 3920 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
3908 3921 freemsg(mp);
3909 3922 return (error);
3910 3923 }
3911 3924 } else {
3912 3925 /* Done with conn_t */
3913 3926 mutex_exit(&connp->conn_lock);
3914 3927 }
3915 3928
3916 3929 /* We're done. Pass the packet to ip. */
3917 3930 BUMP_MIB(&is->is_rawip_mib, rawipOutDatagrams);
3918 3931 error = conn_ip_output(mp, ixa);
3919 3932 /* No rawipOutErrors if an error since IP increases its error counter */
3920 3933 switch (error) {
3921 3934 case 0:
3922 3935 break;
3923 3936 case EWOULDBLOCK:
3924 3937 (void) ixa_check_drain_insert(connp, ixa);
3925 3938 error = 0;
3926 3939 break;
3927 3940 case EADDRNOTAVAIL:
3928 3941 /*
3929 3942 * IXAF_VERIFY_SOURCE tells us to pick a better source.
3930 3943 * Don't have the application see that errno
3931 3944 */
3932 3945 error = ENETUNREACH;
3933 3946 /* FALLTHRU */
3934 3947 default:
3935 3948 mutex_enter(&connp->conn_lock);
3936 3949 /*
3937 3950 * Clear the source and v6lastdst so we call ip_attr_connect
3938 3951 * for the next packet and try to pick a better source.
3939 3952 */
3940 3953 if (connp->conn_mcbc_bind)
3941 3954 connp->conn_saddr_v6 = ipv6_all_zeros;
3942 3955 else
3943 3956 connp->conn_saddr_v6 = connp->conn_bound_addr_v6;
3944 3957 connp->conn_v6lastdst = ipv6_all_zeros;
3945 3958 mutex_exit(&connp->conn_lock);
3946 3959 break;
3947 3960 }
3948 3961 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
3949 3962 ixa->ixa_cred = connp->conn_cred; /* Restore */
3950 3963 ixa->ixa_cpid = connp->conn_cpid;
3951 3964 ixa_refrele(ixa);
3952 3965 return (error);
3953 3966 }
3954 3967
3955 3968
3956 3969 /*
3957 3970 * Prepend the header template and then fill in the source and
3958 3971 * flowinfo. The caller needs to handle the destination address since
3959 3972 * it's setting is different if rthdr or source route.
3960 3973 *
3961 3974 * Returns NULL is allocation failed or if the packet would exceed IP_MAXPACKET.
3962 3975 * When it returns NULL it sets errorp.
3963 3976 */
3964 3977 static mblk_t *
3965 3978 icmp_prepend_header_template(conn_t *connp, ip_xmit_attr_t *ixa, mblk_t *mp,
3966 3979 const in6_addr_t *v6src, uint32_t flowinfo, int *errorp)
3967 3980 {
3968 3981 icmp_t *icmp = connp->conn_icmp;
3969 3982 icmp_stack_t *is = icmp->icmp_is;
3970 3983 uint_t pktlen;
3971 3984 uint_t copylen;
3972 3985 uint8_t *iph;
3973 3986 uint_t ip_hdr_length;
3974 3987 uint32_t cksum;
3975 3988 ip_pkt_t *ipp;
3976 3989
3977 3990 ASSERT(MUTEX_HELD(&connp->conn_lock));
3978 3991
3979 3992 /*
3980 3993 * Copy the header template.
3981 3994 */
3982 3995 copylen = connp->conn_ht_iphc_len;
3983 3996 pktlen = copylen + msgdsize(mp);
3984 3997 if (pktlen > IP_MAXPACKET) {
3985 3998 freemsg(mp);
3986 3999 *errorp = EMSGSIZE;
3987 4000 return (NULL);
3988 4001 }
3989 4002 ixa->ixa_pktlen = pktlen;
3990 4003
3991 4004 /* check/fix buffer config, setup pointers into it */
3992 4005 iph = mp->b_rptr - copylen;
3993 4006 if (DB_REF(mp) != 1 || iph < DB_BASE(mp) || !OK_32PTR(iph)) {
3994 4007 mblk_t *mp1;
3995 4008
3996 4009 mp1 = allocb(copylen + is->is_wroff_extra, BPRI_MED);
3997 4010 if (mp1 == NULL) {
3998 4011 freemsg(mp);
3999 4012 *errorp = ENOMEM;
4000 4013 return (NULL);
4001 4014 }
4002 4015 mp1->b_wptr = DB_LIM(mp1);
4003 4016 mp1->b_cont = mp;
4004 4017 mp = mp1;
4005 4018 iph = (mp->b_wptr - copylen);
4006 4019 }
4007 4020 mp->b_rptr = iph;
4008 4021 bcopy(connp->conn_ht_iphc, iph, copylen);
4009 4022 ip_hdr_length = (uint_t)(connp->conn_ht_ulp - connp->conn_ht_iphc);
4010 4023
4011 4024 ixa->ixa_ip_hdr_length = ip_hdr_length;
4012 4025
4013 4026 /*
4014 4027 * Prepare for ICMPv6 checksum done in IP.
4015 4028 *
4016 4029 * icmp_build_hdr_template has already massaged any routing header
4017 4030 * and placed the result in conn_sum.
4018 4031 *
4019 4032 * We make it easy for IP to include our pseudo header
4020 4033 * by putting our length (and any routing header adjustment)
4021 4034 * in the ICMPv6 checksum field.
4022 4035 */
4023 4036 cksum = pktlen - ip_hdr_length;
4024 4037
4025 4038 cksum += connp->conn_sum;
4026 4039 cksum = (cksum >> 16) + (cksum & 0xFFFF);
4027 4040 ASSERT(cksum < 0x10000);
4028 4041
4029 4042 ipp = &connp->conn_xmit_ipp;
4030 4043 if (ixa->ixa_flags & IXAF_IS_IPV4) {
4031 4044 ipha_t *ipha = (ipha_t *)iph;
4032 4045
4033 4046 ipha->ipha_length = htons((uint16_t)pktlen);
4034 4047
4035 4048 /* if IP_PKTINFO specified an addres it wins over bind() */
4036 4049 if ((ipp->ipp_fields & IPPF_ADDR) &&
4037 4050 IN6_IS_ADDR_V4MAPPED(&ipp->ipp_addr)) {
4038 4051 ASSERT(ipp->ipp_addr_v4 != INADDR_ANY);
4039 4052 ipha->ipha_src = ipp->ipp_addr_v4;
4040 4053 } else {
4041 4054 IN6_V4MAPPED_TO_IPADDR(v6src, ipha->ipha_src);
4042 4055 }
4043 4056 } else {
4044 4057 ip6_t *ip6h = (ip6_t *)iph;
4045 4058 uint_t cksum_offset = 0;
4046 4059
4047 4060 ip6h->ip6_plen = htons((uint16_t)(pktlen - IPV6_HDR_LEN));
4048 4061
4049 4062 /* if IP_PKTINFO specified an addres it wins over bind() */
4050 4063 if ((ipp->ipp_fields & IPPF_ADDR) &&
4051 4064 !IN6_IS_ADDR_V4MAPPED(&ipp->ipp_addr)) {
4052 4065 ASSERT(!IN6_IS_ADDR_UNSPECIFIED(&ipp->ipp_addr));
4053 4066 ip6h->ip6_src = ipp->ipp_addr;
4054 4067 } else {
4055 4068 ip6h->ip6_src = *v6src;
4056 4069 }
4057 4070 ip6h->ip6_vcf =
4058 4071 (IPV6_DEFAULT_VERS_AND_FLOW & IPV6_VERS_AND_FLOW_MASK) |
4059 4072 (flowinfo & ~IPV6_VERS_AND_FLOW_MASK);
4060 4073 if (ipp->ipp_fields & IPPF_TCLASS) {
4061 4074 /* Overrides the class part of flowinfo */
4062 4075 ip6h->ip6_vcf = IPV6_TCLASS_FLOW(ip6h->ip6_vcf,
4063 4076 ipp->ipp_tclass);
4064 4077 }
4065 4078
4066 4079 if (ixa->ixa_flags & IXAF_SET_ULP_CKSUM) {
4067 4080 if (connp->conn_proto == IPPROTO_ICMPV6) {
4068 4081 cksum_offset = ixa->ixa_ip_hdr_length +
4069 4082 offsetof(icmp6_t, icmp6_cksum);
4070 4083 } else if (ixa->ixa_flags & IXAF_SET_RAW_CKSUM) {
4071 4084 cksum_offset = ixa->ixa_ip_hdr_length +
4072 4085 ixa->ixa_raw_cksum_offset;
4073 4086 }
4074 4087 }
4075 4088 if (cksum_offset != 0) {
4076 4089 uint16_t *ptr;
4077 4090
4078 4091 /* Make sure the checksum fits in the first mblk */
4079 4092 if (cksum_offset + sizeof (short) > MBLKL(mp)) {
4080 4093 mblk_t *mp1;
4081 4094
4082 4095 mp1 = msgpullup(mp,
4083 4096 cksum_offset + sizeof (short));
4084 4097 freemsg(mp);
4085 4098 if (mp1 == NULL) {
4086 4099 *errorp = ENOMEM;
4087 4100 return (NULL);
4088 4101 }
4089 4102 mp = mp1;
4090 4103 iph = mp->b_rptr;
4091 4104 ip6h = (ip6_t *)iph;
4092 4105 }
4093 4106 ptr = (uint16_t *)(mp->b_rptr + cksum_offset);
4094 4107 *ptr = htons(cksum);
4095 4108 }
4096 4109 }
4097 4110
4098 4111 return (mp);
4099 4112 }
4100 4113
4101 4114 /*
4102 4115 * This routine handles all messages passed downstream. It either
4103 4116 * consumes the message or passes it downstream; it never queues a
4104 4117 * a message.
4105 4118 */
4106 4119 void
4107 4120 icmp_wput(queue_t *q, mblk_t *mp)
4108 4121 {
4109 4122 sin6_t *sin6;
4110 4123 sin_t *sin = NULL;
4111 4124 uint_t srcid;
4112 4125 conn_t *connp = Q_TO_CONN(q);
4113 4126 icmp_t *icmp = connp->conn_icmp;
4114 4127 int error = 0;
4115 4128 struct sockaddr *addr = NULL;
4116 4129 socklen_t addrlen;
4117 4130 icmp_stack_t *is = icmp->icmp_is;
4118 4131 struct T_unitdata_req *tudr;
4119 4132 mblk_t *data_mp;
4120 4133 cred_t *cr;
4121 4134 pid_t pid;
4122 4135
4123 4136 /*
4124 4137 * We directly handle several cases here: T_UNITDATA_REQ message
4125 4138 * coming down as M_PROTO/M_PCPROTO and M_DATA messages for connected
4126 4139 * socket.
4127 4140 */
4128 4141 switch (DB_TYPE(mp)) {
4129 4142 case M_DATA:
4130 4143 /* sockfs never sends down M_DATA */
4131 4144 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
4132 4145 freemsg(mp);
4133 4146 return;
4134 4147
4135 4148 case M_PROTO:
4136 4149 case M_PCPROTO:
4137 4150 tudr = (struct T_unitdata_req *)mp->b_rptr;
4138 4151 if (MBLKL(mp) < sizeof (*tudr) ||
4139 4152 ((t_primp_t)mp->b_rptr)->type != T_UNITDATA_REQ) {
4140 4153 icmp_wput_other(q, mp);
4141 4154 return;
4142 4155 }
4143 4156 break;
4144 4157
4145 4158 default:
4146 4159 icmp_wput_other(q, mp);
4147 4160 return;
4148 4161 }
4149 4162
4150 4163 /* Handle valid T_UNITDATA_REQ here */
4151 4164 data_mp = mp->b_cont;
4152 4165 if (data_mp == NULL) {
4153 4166 error = EPROTO;
4154 4167 goto ud_error2;
4155 4168 }
4156 4169 mp->b_cont = NULL;
4157 4170
4158 4171 if (!MBLKIN(mp, 0, tudr->DEST_offset + tudr->DEST_length)) {
4159 4172 error = EADDRNOTAVAIL;
4160 4173 goto ud_error2;
4161 4174 }
4162 4175
4163 4176 /*
4164 4177 * All Solaris components should pass a db_credp
4165 4178 * for this message, hence we ASSERT.
4166 4179 * On production kernels we return an error to be robust against
4167 4180 * random streams modules sitting on top of us.
4168 4181 */
4169 4182 cr = msg_getcred(mp, &pid);
4170 4183 ASSERT(cr != NULL);
4171 4184 if (cr == NULL) {
4172 4185 error = EINVAL;
4173 4186 goto ud_error2;
4174 4187 }
4175 4188
4176 4189 /*
4177 4190 * If a port has not been bound to the stream, fail.
4178 4191 * This is not a problem when sockfs is directly
4179 4192 * above us, because it will ensure that the socket
4180 4193 * is first bound before allowing data to be sent.
4181 4194 */
4182 4195 if (icmp->icmp_state == TS_UNBND) {
4183 4196 error = EPROTO;
4184 4197 goto ud_error2;
4185 4198 }
4186 4199 addr = (struct sockaddr *)&mp->b_rptr[tudr->DEST_offset];
4187 4200 addrlen = tudr->DEST_length;
4188 4201
4189 4202 switch (connp->conn_family) {
4190 4203 case AF_INET6:
4191 4204 sin6 = (sin6_t *)addr;
4192 4205 if (!OK_32PTR((char *)sin6) || (addrlen != sizeof (sin6_t)) ||
4193 4206 (sin6->sin6_family != AF_INET6)) {
4194 4207 error = EADDRNOTAVAIL;
4195 4208 goto ud_error2;
4196 4209 }
4197 4210
4198 4211 /* No support for mapped addresses on raw sockets */
4199 4212 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
4200 4213 error = EADDRNOTAVAIL;
4201 4214 goto ud_error2;
4202 4215 }
4203 4216 srcid = sin6->__sin6_src_id;
4204 4217
4205 4218 /*
4206 4219 * If the local address is a mapped address return
4207 4220 * an error.
4208 4221 * It would be possible to send an IPv6 packet but the
4209 4222 * response would never make it back to the application
4210 4223 * since it is bound to a mapped address.
4211 4224 */
4212 4225 if (IN6_IS_ADDR_V4MAPPED(&connp->conn_saddr_v6)) {
4213 4226 error = EADDRNOTAVAIL;
4214 4227 goto ud_error2;
4215 4228 }
4216 4229
4217 4230 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr))
4218 4231 sin6->sin6_addr = ipv6_loopback;
4219 4232
4220 4233 if (tudr->OPT_length != 0) {
4221 4234 /*
4222 4235 * If we are connected then the destination needs to be
4223 4236 * the same as the connected one.
4224 4237 */
4225 4238 if (icmp->icmp_state == TS_DATA_XFER &&
4226 4239 !conn_same_as_last_v6(connp, sin6)) {
4227 4240 error = EISCONN;
4228 4241 goto ud_error2;
4229 4242 }
4230 4243 error = icmp_output_ancillary(connp, NULL, sin6,
4231 4244 data_mp, mp, NULL, cr, pid);
4232 4245 } else {
4233 4246 ip_xmit_attr_t *ixa;
4234 4247
4235 4248 /*
4236 4249 * We have to allocate an ip_xmit_attr_t before we grab
4237 4250 * conn_lock and we need to hold conn_lock once we've
4238 4251 * checked conn_same_as_last_v6 to handle concurrent
4239 4252 * send* calls on a socket.
4240 4253 */
4241 4254 ixa = conn_get_ixa(connp, B_FALSE);
4242 4255 if (ixa == NULL) {
4243 4256 error = ENOMEM;
4244 4257 goto ud_error2;
4245 4258 }
4246 4259 mutex_enter(&connp->conn_lock);
4247 4260
4248 4261 if (conn_same_as_last_v6(connp, sin6) &&
4249 4262 connp->conn_lastsrcid == srcid &&
4250 4263 ipsec_outbound_policy_current(ixa)) {
4251 4264 /* icmp_output_lastdst drops conn_lock */
4252 4265 error = icmp_output_lastdst(connp, data_mp, cr,
4253 4266 pid, ixa);
4254 4267 } else {
4255 4268 /* icmp_output_newdst drops conn_lock */
4256 4269 error = icmp_output_newdst(connp, data_mp, NULL,
4257 4270 sin6, cr, pid, ixa);
4258 4271 }
4259 4272 ASSERT(MUTEX_NOT_HELD(&connp->conn_lock));
4260 4273 }
4261 4274 if (error == 0) {
4262 4275 freeb(mp);
4263 4276 return;
4264 4277 }
4265 4278 break;
4266 4279
4267 4280 case AF_INET:
4268 4281 sin = (sin_t *)addr;
4269 4282 if ((!OK_32PTR((char *)sin) || addrlen != sizeof (sin_t)) ||
4270 4283 (sin->sin_family != AF_INET)) {
4271 4284 error = EADDRNOTAVAIL;
4272 4285 goto ud_error2;
4273 4286 }
4274 4287 if (sin->sin_addr.s_addr == INADDR_ANY)
4275 4288 sin->sin_addr.s_addr = htonl(INADDR_LOOPBACK);
4276 4289
4277 4290 /* Protocol 255 contains full IP headers */
4278 4291 /* Read without holding lock */
4279 4292 if (icmp->icmp_hdrincl) {
4280 4293 if (MBLKL(data_mp) < IP_SIMPLE_HDR_LENGTH) {
4281 4294 if (!pullupmsg(data_mp, IP_SIMPLE_HDR_LENGTH)) {
4282 4295 error = EINVAL;
4283 4296 goto ud_error2;
4284 4297 }
4285 4298 }
4286 4299 error = icmp_output_hdrincl(connp, data_mp, cr, pid);
4287 4300 if (error == 0) {
4288 4301 freeb(mp);
4289 4302 return;
4290 4303 }
4291 4304 /* data_mp consumed above */
4292 4305 data_mp = NULL;
4293 4306 goto ud_error2;
4294 4307 }
4295 4308
4296 4309 if (tudr->OPT_length != 0) {
4297 4310 /*
4298 4311 * If we are connected then the destination needs to be
4299 4312 * the same as the connected one.
4300 4313 */
4301 4314 if (icmp->icmp_state == TS_DATA_XFER &&
4302 4315 !conn_same_as_last_v4(connp, sin)) {
4303 4316 error = EISCONN;
4304 4317 goto ud_error2;
4305 4318 }
4306 4319 error = icmp_output_ancillary(connp, sin, NULL,
4307 4320 data_mp, mp, NULL, cr, pid);
4308 4321 } else {
4309 4322 ip_xmit_attr_t *ixa;
4310 4323
4311 4324 /*
4312 4325 * We have to allocate an ip_xmit_attr_t before we grab
4313 4326 * conn_lock and we need to hold conn_lock once we've
4314 4327 * checked conn_same_as_last_v4 to handle concurrent
4315 4328 * send* calls on a socket.
4316 4329 */
4317 4330 ixa = conn_get_ixa(connp, B_FALSE);
4318 4331 if (ixa == NULL) {
4319 4332 error = ENOMEM;
4320 4333 goto ud_error2;
4321 4334 }
4322 4335 mutex_enter(&connp->conn_lock);
4323 4336
4324 4337 if (conn_same_as_last_v4(connp, sin) &&
4325 4338 ipsec_outbound_policy_current(ixa)) {
4326 4339 /* icmp_output_lastdst drops conn_lock */
4327 4340 error = icmp_output_lastdst(connp, data_mp, cr,
4328 4341 pid, ixa);
4329 4342 } else {
4330 4343 /* icmp_output_newdst drops conn_lock */
4331 4344 error = icmp_output_newdst(connp, data_mp, sin,
4332 4345 NULL, cr, pid, ixa);
4333 4346 }
4334 4347 ASSERT(MUTEX_NOT_HELD(&connp->conn_lock));
4335 4348 }
4336 4349 if (error == 0) {
4337 4350 freeb(mp);
4338 4351 return;
4339 4352 }
4340 4353 break;
4341 4354 }
4342 4355 ASSERT(mp != NULL);
4343 4356 /* mp is freed by the following routine */
4344 4357 icmp_ud_err(q, mp, (t_scalar_t)error);
4345 4358 return;
4346 4359
4347 4360 ud_error2:
4348 4361 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
4349 4362 freemsg(data_mp);
4350 4363 ASSERT(mp != NULL);
4351 4364 /* mp is freed by the following routine */
4352 4365 icmp_ud_err(q, mp, (t_scalar_t)error);
4353 4366 }
4354 4367
4355 4368 /*
4356 4369 * Handle the case of the IP address or flow label being different
4357 4370 * for both IPv4 and IPv6.
4358 4371 *
4359 4372 * NOTE: The caller must hold conn_lock and we drop it here.
4360 4373 */
4361 4374 static int
4362 4375 icmp_output_newdst(conn_t *connp, mblk_t *data_mp, sin_t *sin, sin6_t *sin6,
4363 4376 cred_t *cr, pid_t pid, ip_xmit_attr_t *ixa)
4364 4377 {
4365 4378 icmp_t *icmp = connp->conn_icmp;
4366 4379 icmp_stack_t *is = icmp->icmp_is;
4367 4380 int error;
4368 4381 ip_xmit_attr_t *oldixa;
4369 4382 boolean_t do_ipsec;
4370 4383 uint_t srcid;
4371 4384 uint32_t flowinfo;
4372 4385 in6_addr_t v6src;
4373 4386 in6_addr_t v6dst;
4374 4387 in6_addr_t v6nexthop;
4375 4388 in_port_t dstport;
4376 4389
4377 4390 ASSERT(MUTEX_HELD(&connp->conn_lock));
4378 4391 ASSERT(ixa != NULL);
4379 4392
4380 4393 /*
4381 4394 * We hold conn_lock across all the use and modifications of
4382 4395 * the conn_lastdst, conn_ixa, and conn_xmit_ipp to ensure that they
4383 4396 * stay consistent.
4384 4397 */
4385 4398
4386 4399 ASSERT(cr != NULL);
4387 4400 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
4388 4401 ixa->ixa_cred = cr;
4389 4402 ixa->ixa_cpid = pid;
4390 4403 if (is_system_labeled()) {
4391 4404 /* We need to restart with a label based on the cred */
4392 4405 ip_xmit_attr_restore_tsl(ixa, ixa->ixa_cred);
4393 4406 }
4394 4407 /*
4395 4408 * If we are connected then the destination needs to be the
4396 4409 * same as the connected one, which is not the case here since we
4397 4410 * checked for that above.
4398 4411 */
4399 4412 if (icmp->icmp_state == TS_DATA_XFER) {
4400 4413 mutex_exit(&connp->conn_lock);
4401 4414 error = EISCONN;
4402 4415 goto ud_error;
4403 4416 }
4404 4417
4405 4418 /* In case previous destination was multicast or multirt */
4406 4419 ip_attr_newdst(ixa);
4407 4420
4408 4421 /*
4409 4422 * If laddr is unspecified then we look at sin6_src_id.
4410 4423 * We will give precedence to a source address set with IPV6_PKTINFO
4411 4424 * (aka IPPF_ADDR) but that is handled in build_hdrs. However, we don't
|
↓ open down ↓ |
941 lines elided |
↑ open up ↑ |
4412 4425 * want ip_attr_connect to select a source (since it can fail) when
4413 4426 * IPV6_PKTINFO is specified.
4414 4427 * If this doesn't result in a source address then we get a source
4415 4428 * from ip_attr_connect() below.
4416 4429 */
4417 4430 v6src = connp->conn_saddr_v6;
4418 4431 if (sin != NULL) {
4419 4432 IN6_IPADDR_TO_V4MAPPED(sin->sin_addr.s_addr, &v6dst);
4420 4433 dstport = sin->sin_port;
4421 4434 flowinfo = 0;
4435 + /* Don't bother with ip_srcid_find_id(), but indicate anyway. */
4422 4436 srcid = 0;
4423 4437 ixa->ixa_flags &= ~IXAF_SCOPEID_SET;
4424 - if (srcid != 0 && V4_PART_OF_V6(&v6src) == INADDR_ANY) {
4425 - ip_srcid_find_id(srcid, &v6src, IPCL_ZONEID(connp),
4426 - connp->conn_netstack);
4427 - }
4428 4438 ixa->ixa_flags |= IXAF_IS_IPV4;
4429 4439 } else {
4440 + boolean_t v4mapped;
4441 +
4430 4442 v6dst = sin6->sin6_addr;
4431 4443 dstport = sin6->sin6_port;
4432 4444 flowinfo = sin6->sin6_flowinfo;
4433 4445 srcid = sin6->__sin6_src_id;
4434 4446 if (IN6_IS_ADDR_LINKSCOPE(&v6dst) && sin6->sin6_scope_id != 0) {
4435 4447 ixa->ixa_scopeid = sin6->sin6_scope_id;
4436 4448 ixa->ixa_flags |= IXAF_SCOPEID_SET;
4437 4449 } else {
4438 4450 ixa->ixa_flags &= ~IXAF_SCOPEID_SET;
4439 4451 }
4440 - if (srcid != 0 && IN6_IS_ADDR_UNSPECIFIED(&v6src)) {
4441 - ip_srcid_find_id(srcid, &v6src, IPCL_ZONEID(connp),
4442 - connp->conn_netstack);
4443 - }
4444 - if (IN6_IS_ADDR_V4MAPPED(&v6dst))
4452 + v4mapped = IN6_IS_ADDR_V4MAPPED(&v6dst);
4453 + if (v4mapped)
4445 4454 ixa->ixa_flags |= IXAF_IS_IPV4;
4446 4455 else
4447 4456 ixa->ixa_flags &= ~IXAF_IS_IPV4;
4457 + if (srcid != 0 && IN6_IS_ADDR_UNSPECIFIED(&v6src)) {
4458 + if (ip_srcid_find_id(srcid, &v6src, IPCL_ZONEID(connp),
4459 + v4mapped, connp->conn_netstack)) {
4460 + /* Mismatched v4mapped/v6 specified by srcid. */
4461 + mutex_exit(&connp->conn_lock);
4462 + error = EADDRNOTAVAIL;
4463 + goto ud_error;
4464 + }
4465 + }
4448 4466 }
4449 4467 /* Handle IP_PKTINFO/IPV6_PKTINFO setting source address. */
4450 4468 if (connp->conn_xmit_ipp.ipp_fields & IPPF_ADDR) {
4451 4469 ip_pkt_t *ipp = &connp->conn_xmit_ipp;
4452 4470
4453 4471 if (ixa->ixa_flags & IXAF_IS_IPV4) {
4454 4472 if (IN6_IS_ADDR_V4MAPPED(&ipp->ipp_addr))
4455 4473 v6src = ipp->ipp_addr;
4456 4474 } else {
4457 4475 if (!IN6_IS_ADDR_V4MAPPED(&ipp->ipp_addr))
4458 4476 v6src = ipp->ipp_addr;
4459 4477 }
4460 4478 }
4461 4479
4462 4480 /* Defer IPsec if it might need to look at ICMP type/code */
4463 4481 switch (ixa->ixa_protocol) {
4464 4482 case IPPROTO_ICMP:
4465 4483 case IPPROTO_ICMPV6:
4466 4484 do_ipsec = B_FALSE;
4467 4485 break;
4468 4486 default:
4469 4487 do_ipsec = B_TRUE;
4470 4488 }
4471 4489
4472 4490 ip_attr_nexthop(&connp->conn_xmit_ipp, ixa, &v6dst, &v6nexthop);
4473 4491 mutex_exit(&connp->conn_lock);
4474 4492
4475 4493 error = ip_attr_connect(connp, ixa, &v6src, &v6dst, &v6nexthop, dstport,
4476 4494 &v6src, NULL, IPDF_ALLOW_MCBC | IPDF_VERIFY_DST |
4477 4495 (do_ipsec ? IPDF_IPSEC : 0));
4478 4496 switch (error) {
4479 4497 case 0:
4480 4498 break;
4481 4499 case EADDRNOTAVAIL:
4482 4500 /*
4483 4501 * IXAF_VERIFY_SOURCE tells us to pick a better source.
4484 4502 * Don't have the application see that errno
4485 4503 */
4486 4504 error = ENETUNREACH;
4487 4505 goto failed;
4488 4506 case ENETDOWN:
4489 4507 /*
4490 4508 * Have !ipif_addr_ready address; drop packet silently
4491 4509 * until we can get applications to not send until we
4492 4510 * are ready.
4493 4511 */
4494 4512 error = 0;
4495 4513 goto failed;
4496 4514 case EHOSTUNREACH:
4497 4515 case ENETUNREACH:
4498 4516 if (ixa->ixa_ire != NULL) {
4499 4517 /*
4500 4518 * Let conn_ip_output/ire_send_noroute return
4501 4519 * the error and send any local ICMP error.
4502 4520 */
4503 4521 error = 0;
4504 4522 break;
4505 4523 }
4506 4524 /* FALLTHRU */
4507 4525 default:
4508 4526 failed:
4509 4527 goto ud_error;
4510 4528 }
4511 4529
4512 4530 mutex_enter(&connp->conn_lock);
4513 4531 /*
4514 4532 * While we dropped the lock some other thread might have connected
4515 4533 * this socket. If so we bail out with EISCONN to ensure that the
4516 4534 * connecting thread is the one that updates conn_ixa, conn_ht_*
4517 4535 * and conn_*last*.
4518 4536 */
4519 4537 if (icmp->icmp_state == TS_DATA_XFER) {
4520 4538 mutex_exit(&connp->conn_lock);
4521 4539 error = EISCONN;
4522 4540 goto ud_error;
4523 4541 }
4524 4542
4525 4543 /*
4526 4544 * We need to rebuild the headers if
4527 4545 * - we are labeling packets (could be different for different
4528 4546 * destinations)
4529 4547 * - we have a source route (or routing header) since we need to
4530 4548 * massage that to get the pseudo-header checksum
4531 4549 * - a socket option with COA_HEADER_CHANGED has been set which
4532 4550 * set conn_v6lastdst to zero.
4533 4551 *
4534 4552 * Otherwise the prepend function will just update the src, dst,
4535 4553 * and flow label.
4536 4554 */
4537 4555 if (is_system_labeled()) {
4538 4556 /* TX MLP requires SCM_UCRED and don't have that here */
4539 4557 if (connp->conn_mlp_type != mlptSingle) {
4540 4558 mutex_exit(&connp->conn_lock);
4541 4559 error = ECONNREFUSED;
4542 4560 goto ud_error;
4543 4561 }
4544 4562 /*
4545 4563 * Check whether Trusted Solaris policy allows communication
4546 4564 * with this host, and pretend that the destination is
4547 4565 * unreachable if not.
4548 4566 * Compute any needed label and place it in ipp_label_v4/v6.
4549 4567 *
4550 4568 * Later conn_build_hdr_template/conn_prepend_hdr takes
4551 4569 * ipp_label_v4/v6 to form the packet.
4552 4570 *
4553 4571 * Tsol note: Since we hold conn_lock we know no other
4554 4572 * thread manipulates conn_xmit_ipp.
4555 4573 */
4556 4574 error = conn_update_label(connp, ixa, &v6dst,
4557 4575 &connp->conn_xmit_ipp);
4558 4576 if (error != 0) {
4559 4577 mutex_exit(&connp->conn_lock);
4560 4578 goto ud_error;
4561 4579 }
4562 4580 /* Rebuild the header template */
4563 4581 error = icmp_build_hdr_template(connp, &v6src, &v6dst,
4564 4582 flowinfo);
4565 4583 if (error != 0) {
4566 4584 mutex_exit(&connp->conn_lock);
4567 4585 goto ud_error;
4568 4586 }
4569 4587 } else if (connp->conn_xmit_ipp.ipp_fields &
4570 4588 (IPPF_IPV4_OPTIONS|IPPF_RTHDR) ||
4571 4589 IN6_IS_ADDR_UNSPECIFIED(&connp->conn_v6lastdst)) {
4572 4590 /* Rebuild the header template */
4573 4591 error = icmp_build_hdr_template(connp, &v6src, &v6dst,
4574 4592 flowinfo);
4575 4593 if (error != 0) {
4576 4594 mutex_exit(&connp->conn_lock);
4577 4595 goto ud_error;
4578 4596 }
4579 4597 } else {
4580 4598 /* Simply update the destination address if no source route */
4581 4599 if (ixa->ixa_flags & IXAF_IS_IPV4) {
4582 4600 ipha_t *ipha = (ipha_t *)connp->conn_ht_iphc;
4583 4601
4584 4602 IN6_V4MAPPED_TO_IPADDR(&v6dst, ipha->ipha_dst);
4585 4603 if (ixa->ixa_flags & IXAF_PMTU_IPV4_DF) {
4586 4604 ipha->ipha_fragment_offset_and_flags |=
4587 4605 IPH_DF_HTONS;
4588 4606 } else {
4589 4607 ipha->ipha_fragment_offset_and_flags &=
4590 4608 ~IPH_DF_HTONS;
4591 4609 }
4592 4610 } else {
4593 4611 ip6_t *ip6h = (ip6_t *)connp->conn_ht_iphc;
4594 4612 ip6h->ip6_dst = v6dst;
4595 4613 }
4596 4614 }
4597 4615
4598 4616 /*
4599 4617 * Remember the dst etc which corresponds to the built header
4600 4618 * template and conn_ixa.
4601 4619 */
4602 4620 oldixa = conn_replace_ixa(connp, ixa);
4603 4621 connp->conn_v6lastdst = v6dst;
4604 4622 connp->conn_lastflowinfo = flowinfo;
4605 4623 connp->conn_lastscopeid = ixa->ixa_scopeid;
4606 4624 connp->conn_lastsrcid = srcid;
4607 4625 /* Also remember a source to use together with lastdst */
4608 4626 connp->conn_v6lastsrc = v6src;
4609 4627
4610 4628 data_mp = icmp_prepend_header_template(connp, ixa, data_mp, &v6src,
4611 4629 flowinfo, &error);
4612 4630
4613 4631 /* Done with conn_t */
4614 4632 mutex_exit(&connp->conn_lock);
4615 4633 ixa_refrele(oldixa);
4616 4634
4617 4635 if (data_mp == NULL) {
4618 4636 ASSERT(error != 0);
4619 4637 goto ud_error;
4620 4638 }
4621 4639
4622 4640 if (!do_ipsec) {
4623 4641 /* Policy might differ for different ICMP type/code */
4624 4642 data_mp = icmp_output_attach_policy(data_mp, connp, ixa);
4625 4643 if (data_mp == NULL) {
4626 4644 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
4627 4645 error = EHOSTUNREACH; /* IPsec policy failure */
4628 4646 goto done;
4629 4647 }
4630 4648 }
4631 4649
4632 4650 /* We're done. Pass the packet to ip. */
4633 4651 BUMP_MIB(&is->is_rawip_mib, rawipOutDatagrams);
4634 4652
4635 4653 error = conn_ip_output(data_mp, ixa);
4636 4654 /* No rawipOutErrors if an error since IP increases its error counter */
4637 4655 switch (error) {
4638 4656 case 0:
4639 4657 break;
4640 4658 case EWOULDBLOCK:
4641 4659 (void) ixa_check_drain_insert(connp, ixa);
4642 4660 error = 0;
4643 4661 break;
4644 4662 case EADDRNOTAVAIL:
4645 4663 /*
4646 4664 * IXAF_VERIFY_SOURCE tells us to pick a better source.
4647 4665 * Don't have the application see that errno
4648 4666 */
4649 4667 error = ENETUNREACH;
4650 4668 /* FALLTHRU */
4651 4669 default:
4652 4670 mutex_enter(&connp->conn_lock);
4653 4671 /*
4654 4672 * Clear the source and v6lastdst so we call ip_attr_connect
4655 4673 * for the next packet and try to pick a better source.
4656 4674 */
4657 4675 if (connp->conn_mcbc_bind)
4658 4676 connp->conn_saddr_v6 = ipv6_all_zeros;
4659 4677 else
4660 4678 connp->conn_saddr_v6 = connp->conn_bound_addr_v6;
4661 4679 connp->conn_v6lastdst = ipv6_all_zeros;
4662 4680 mutex_exit(&connp->conn_lock);
4663 4681 break;
4664 4682 }
4665 4683 done:
4666 4684 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
4667 4685 ixa->ixa_cred = connp->conn_cred; /* Restore */
4668 4686 ixa->ixa_cpid = connp->conn_cpid;
4669 4687 ixa_refrele(ixa);
4670 4688 return (error);
4671 4689
4672 4690 ud_error:
4673 4691 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
4674 4692 ixa->ixa_cred = connp->conn_cred; /* Restore */
4675 4693 ixa->ixa_cpid = connp->conn_cpid;
4676 4694 ixa_refrele(ixa);
4677 4695
4678 4696 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
4679 4697 freemsg(data_mp);
4680 4698 return (error);
4681 4699 }
4682 4700
4683 4701 /* ARGSUSED */
4684 4702 static void
4685 4703 icmp_wput_fallback(queue_t *q, mblk_t *mp)
4686 4704 {
4687 4705 #ifdef DEBUG
4688 4706 cmn_err(CE_CONT, "icmp_wput_fallback: Message during fallback \n");
4689 4707 #endif
4690 4708 freemsg(mp);
4691 4709 }
4692 4710
4693 4711 static void
4694 4712 icmp_wput_other(queue_t *q, mblk_t *mp)
4695 4713 {
4696 4714 uchar_t *rptr = mp->b_rptr;
4697 4715 struct iocblk *iocp;
4698 4716 conn_t *connp = Q_TO_CONN(q);
4699 4717 icmp_t *icmp = connp->conn_icmp;
4700 4718 cred_t *cr;
4701 4719
4702 4720 switch (mp->b_datap->db_type) {
4703 4721 case M_PROTO:
4704 4722 case M_PCPROTO:
4705 4723 if (mp->b_wptr - rptr < sizeof (t_scalar_t)) {
4706 4724 /*
4707 4725 * If the message does not contain a PRIM_type,
4708 4726 * throw it away.
4709 4727 */
4710 4728 freemsg(mp);
4711 4729 return;
4712 4730 }
4713 4731 switch (((t_primp_t)rptr)->type) {
4714 4732 case T_ADDR_REQ:
4715 4733 icmp_addr_req(q, mp);
4716 4734 return;
4717 4735 case O_T_BIND_REQ:
4718 4736 case T_BIND_REQ:
4719 4737 icmp_tpi_bind(q, mp);
4720 4738 return;
4721 4739 case T_CONN_REQ:
4722 4740 icmp_tpi_connect(q, mp);
4723 4741 return;
4724 4742 case T_CAPABILITY_REQ:
4725 4743 icmp_capability_req(q, mp);
4726 4744 return;
4727 4745 case T_INFO_REQ:
4728 4746 icmp_info_req(q, mp);
4729 4747 return;
4730 4748 case T_UNITDATA_REQ:
4731 4749 /*
4732 4750 * If a T_UNITDATA_REQ gets here, the address must
4733 4751 * be bad. Valid T_UNITDATA_REQs are handled
4734 4752 * in icmp_wput.
4735 4753 */
4736 4754 icmp_ud_err(q, mp, EADDRNOTAVAIL);
4737 4755 return;
4738 4756 case T_UNBIND_REQ:
4739 4757 icmp_tpi_unbind(q, mp);
4740 4758 return;
4741 4759 case T_SVR4_OPTMGMT_REQ:
4742 4760 /*
4743 4761 * All Solaris components should pass a db_credp
4744 4762 * for this TPI message, hence we ASSERT.
4745 4763 * But in case there is some other M_PROTO that looks
4746 4764 * like a TPI message sent by some other kernel
4747 4765 * component, we check and return an error.
4748 4766 */
4749 4767 cr = msg_getcred(mp, NULL);
4750 4768 ASSERT(cr != NULL);
4751 4769 if (cr == NULL) {
4752 4770 icmp_err_ack(q, mp, TSYSERR, EINVAL);
4753 4771 return;
4754 4772 }
4755 4773
4756 4774 if (!snmpcom_req(q, mp, icmp_snmp_set, ip_snmp_get,
4757 4775 cr)) {
4758 4776 svr4_optcom_req(q, mp, cr, &icmp_opt_obj);
4759 4777 }
4760 4778 return;
4761 4779
4762 4780 case T_OPTMGMT_REQ:
4763 4781 /*
4764 4782 * All Solaris components should pass a db_credp
4765 4783 * for this TPI message, hence we ASSERT.
4766 4784 * But in case there is some other M_PROTO that looks
4767 4785 * like a TPI message sent by some other kernel
4768 4786 * component, we check and return an error.
4769 4787 */
4770 4788 cr = msg_getcred(mp, NULL);
4771 4789 ASSERT(cr != NULL);
4772 4790 if (cr == NULL) {
4773 4791 icmp_err_ack(q, mp, TSYSERR, EINVAL);
4774 4792 return;
4775 4793 }
4776 4794 tpi_optcom_req(q, mp, cr, &icmp_opt_obj);
4777 4795 return;
4778 4796
4779 4797 case T_DISCON_REQ:
4780 4798 icmp_tpi_disconnect(q, mp);
4781 4799 return;
4782 4800
4783 4801 /* The following TPI message is not supported by icmp. */
4784 4802 case O_T_CONN_RES:
4785 4803 case T_CONN_RES:
4786 4804 icmp_err_ack(q, mp, TNOTSUPPORT, 0);
4787 4805 return;
4788 4806
4789 4807 /* The following 3 TPI requests are illegal for icmp. */
4790 4808 case T_DATA_REQ:
4791 4809 case T_EXDATA_REQ:
4792 4810 case T_ORDREL_REQ:
4793 4811 icmp_err_ack(q, mp, TNOTSUPPORT, 0);
4794 4812 return;
4795 4813 default:
4796 4814 break;
4797 4815 }
4798 4816 break;
4799 4817 case M_FLUSH:
4800 4818 if (*rptr & FLUSHW)
4801 4819 flushq(q, FLUSHDATA);
4802 4820 break;
4803 4821 case M_IOCTL:
4804 4822 iocp = (struct iocblk *)mp->b_rptr;
4805 4823 switch (iocp->ioc_cmd) {
4806 4824 case TI_GETPEERNAME:
4807 4825 if (icmp->icmp_state != TS_DATA_XFER) {
4808 4826 /*
4809 4827 * If a default destination address has not
4810 4828 * been associated with the stream, then we
4811 4829 * don't know the peer's name.
4812 4830 */
4813 4831 iocp->ioc_error = ENOTCONN;
4814 4832 iocp->ioc_count = 0;
4815 4833 mp->b_datap->db_type = M_IOCACK;
4816 4834 qreply(q, mp);
4817 4835 return;
4818 4836 }
4819 4837 /* FALLTHRU */
4820 4838 case TI_GETMYNAME:
4821 4839 /*
4822 4840 * For TI_GETPEERNAME and TI_GETMYNAME, we first
4823 4841 * need to copyin the user's strbuf structure.
4824 4842 * Processing will continue in the M_IOCDATA case
4825 4843 * below.
4826 4844 */
4827 4845 mi_copyin(q, mp, NULL,
4828 4846 SIZEOF_STRUCT(strbuf, iocp->ioc_flag));
4829 4847 return;
4830 4848 default:
4831 4849 break;
4832 4850 }
4833 4851 break;
4834 4852 case M_IOCDATA:
4835 4853 icmp_wput_iocdata(q, mp);
4836 4854 return;
4837 4855 default:
4838 4856 /* Unrecognized messages are passed through without change. */
4839 4857 break;
4840 4858 }
4841 4859 ip_wput_nondata(q, mp);
4842 4860 }
4843 4861
4844 4862 /*
4845 4863 * icmp_wput_iocdata is called by icmp_wput_other to handle all M_IOCDATA
4846 4864 * messages.
4847 4865 */
4848 4866 static void
4849 4867 icmp_wput_iocdata(queue_t *q, mblk_t *mp)
4850 4868 {
4851 4869 mblk_t *mp1;
4852 4870 STRUCT_HANDLE(strbuf, sb);
4853 4871 uint_t addrlen;
4854 4872 conn_t *connp = Q_TO_CONN(q);
4855 4873 icmp_t *icmp = connp->conn_icmp;
4856 4874
4857 4875 /* Make sure it is one of ours. */
4858 4876 switch (((struct iocblk *)mp->b_rptr)->ioc_cmd) {
4859 4877 case TI_GETMYNAME:
4860 4878 case TI_GETPEERNAME:
4861 4879 break;
4862 4880 default:
4863 4881 ip_wput_nondata(q, mp);
4864 4882 return;
4865 4883 }
4866 4884
4867 4885 switch (mi_copy_state(q, mp, &mp1)) {
4868 4886 case -1:
4869 4887 return;
4870 4888 case MI_COPY_CASE(MI_COPY_IN, 1):
4871 4889 break;
4872 4890 case MI_COPY_CASE(MI_COPY_OUT, 1):
4873 4891 /*
4874 4892 * The address has been copied out, so now
4875 4893 * copyout the strbuf.
4876 4894 */
4877 4895 mi_copyout(q, mp);
4878 4896 return;
4879 4897 case MI_COPY_CASE(MI_COPY_OUT, 2):
4880 4898 /*
4881 4899 * The address and strbuf have been copied out.
4882 4900 * We're done, so just acknowledge the original
4883 4901 * M_IOCTL.
4884 4902 */
4885 4903 mi_copy_done(q, mp, 0);
4886 4904 return;
4887 4905 default:
4888 4906 /*
4889 4907 * Something strange has happened, so acknowledge
4890 4908 * the original M_IOCTL with an EPROTO error.
4891 4909 */
4892 4910 mi_copy_done(q, mp, EPROTO);
4893 4911 return;
4894 4912 }
4895 4913
4896 4914 /*
4897 4915 * Now we have the strbuf structure for TI_GETMYNAME
4898 4916 * and TI_GETPEERNAME. Next we copyout the requested
4899 4917 * address and then we'll copyout the strbuf.
4900 4918 */
4901 4919 STRUCT_SET_HANDLE(sb, ((struct iocblk *)mp->b_rptr)->ioc_flag,
4902 4920 (void *)mp1->b_rptr);
4903 4921
4904 4922 if (connp->conn_family == AF_INET)
4905 4923 addrlen = sizeof (sin_t);
4906 4924 else
4907 4925 addrlen = sizeof (sin6_t);
4908 4926
4909 4927 if (STRUCT_FGET(sb, maxlen) < addrlen) {
4910 4928 mi_copy_done(q, mp, EINVAL);
4911 4929 return;
4912 4930 }
4913 4931 switch (((struct iocblk *)mp->b_rptr)->ioc_cmd) {
4914 4932 case TI_GETMYNAME:
4915 4933 break;
4916 4934 case TI_GETPEERNAME:
4917 4935 if (icmp->icmp_state != TS_DATA_XFER) {
4918 4936 mi_copy_done(q, mp, ENOTCONN);
4919 4937 return;
4920 4938 }
4921 4939 break;
4922 4940 default:
4923 4941 mi_copy_done(q, mp, EPROTO);
4924 4942 return;
4925 4943 }
4926 4944 mp1 = mi_copyout_alloc(q, mp, STRUCT_FGETP(sb, buf), addrlen, B_TRUE);
4927 4945 if (!mp1)
4928 4946 return;
4929 4947
4930 4948 STRUCT_FSET(sb, len, addrlen);
4931 4949 switch (((struct iocblk *)mp->b_rptr)->ioc_cmd) {
4932 4950 case TI_GETMYNAME:
4933 4951 (void) conn_getsockname(connp, (struct sockaddr *)mp1->b_wptr,
4934 4952 &addrlen);
4935 4953 break;
4936 4954 case TI_GETPEERNAME:
4937 4955 (void) conn_getpeername(connp, (struct sockaddr *)mp1->b_wptr,
4938 4956 &addrlen);
4939 4957 break;
4940 4958 }
4941 4959 mp1->b_wptr += addrlen;
4942 4960 /* Copy out the address */
4943 4961 mi_copyout(q, mp);
4944 4962 }
4945 4963
4946 4964 void
4947 4965 icmp_ddi_g_init(void)
4948 4966 {
4949 4967 icmp_max_optsize = optcom_max_optsize(icmp_opt_obj.odb_opt_des_arr,
4950 4968 icmp_opt_obj.odb_opt_arr_cnt);
4951 4969
4952 4970 /*
4953 4971 * We want to be informed each time a stack is created or
4954 4972 * destroyed in the kernel, so we can maintain the
4955 4973 * set of icmp_stack_t's.
4956 4974 */
4957 4975 netstack_register(NS_ICMP, rawip_stack_init, NULL, rawip_stack_fini);
4958 4976 }
4959 4977
4960 4978 void
4961 4979 icmp_ddi_g_destroy(void)
4962 4980 {
4963 4981 netstack_unregister(NS_ICMP);
4964 4982 }
4965 4983
4966 4984 #define INET_NAME "ip"
4967 4985
4968 4986 /*
4969 4987 * Initialize the ICMP stack instance.
4970 4988 */
4971 4989 static void *
4972 4990 rawip_stack_init(netstackid_t stackid, netstack_t *ns)
4973 4991 {
4974 4992 icmp_stack_t *is;
4975 4993 int error = 0;
4976 4994 size_t arrsz;
4977 4995 major_t major;
4978 4996
4979 4997 is = (icmp_stack_t *)kmem_zalloc(sizeof (*is), KM_SLEEP);
4980 4998 is->is_netstack = ns;
4981 4999
4982 5000 arrsz = sizeof (icmp_propinfo_tbl);
4983 5001 is->is_propinfo_tbl = (mod_prop_info_t *)kmem_alloc(arrsz, KM_SLEEP);
4984 5002 bcopy(icmp_propinfo_tbl, is->is_propinfo_tbl, arrsz);
4985 5003
4986 5004 is->is_ksp = rawip_kstat_init(stackid);
4987 5005
4988 5006 major = mod_name_to_major(INET_NAME);
4989 5007 error = ldi_ident_from_major(major, &is->is_ldi_ident);
4990 5008 ASSERT(error == 0);
4991 5009 return (is);
4992 5010 }
4993 5011
4994 5012 /*
4995 5013 * Free the ICMP stack instance.
4996 5014 */
4997 5015 static void
4998 5016 rawip_stack_fini(netstackid_t stackid, void *arg)
4999 5017 {
5000 5018 icmp_stack_t *is = (icmp_stack_t *)arg;
5001 5019
5002 5020 kmem_free(is->is_propinfo_tbl, sizeof (icmp_propinfo_tbl));
5003 5021 is->is_propinfo_tbl = NULL;
5004 5022
5005 5023 rawip_kstat_fini(stackid, is->is_ksp);
5006 5024 is->is_ksp = NULL;
5007 5025 ldi_ident_release(is->is_ldi_ident);
5008 5026 kmem_free(is, sizeof (*is));
5009 5027 }
5010 5028
5011 5029 static void *
5012 5030 rawip_kstat_init(netstackid_t stackid) {
5013 5031 kstat_t *ksp;
5014 5032
5015 5033 rawip_named_kstat_t template = {
5016 5034 { "inDatagrams", KSTAT_DATA_UINT32, 0 },
5017 5035 { "inCksumErrs", KSTAT_DATA_UINT32, 0 },
5018 5036 { "inErrors", KSTAT_DATA_UINT32, 0 },
5019 5037 { "outDatagrams", KSTAT_DATA_UINT32, 0 },
5020 5038 { "outErrors", KSTAT_DATA_UINT32, 0 },
5021 5039 };
5022 5040
5023 5041 ksp = kstat_create_netstack("icmp", 0, "rawip", "mib2",
5024 5042 KSTAT_TYPE_NAMED,
5025 5043 NUM_OF_FIELDS(rawip_named_kstat_t),
5026 5044 0, stackid);
5027 5045 if (ksp == NULL || ksp->ks_data == NULL)
5028 5046 return (NULL);
5029 5047
5030 5048 bcopy(&template, ksp->ks_data, sizeof (template));
5031 5049 ksp->ks_update = rawip_kstat_update;
5032 5050 ksp->ks_private = (void *)(uintptr_t)stackid;
5033 5051
5034 5052 kstat_install(ksp);
5035 5053 return (ksp);
5036 5054 }
5037 5055
5038 5056 static void
5039 5057 rawip_kstat_fini(netstackid_t stackid, kstat_t *ksp)
5040 5058 {
5041 5059 if (ksp != NULL) {
5042 5060 ASSERT(stackid == (netstackid_t)(uintptr_t)ksp->ks_private);
5043 5061 kstat_delete_netstack(ksp, stackid);
5044 5062 }
5045 5063 }
5046 5064
5047 5065 static int
5048 5066 rawip_kstat_update(kstat_t *ksp, int rw)
5049 5067 {
5050 5068 rawip_named_kstat_t *rawipkp;
5051 5069 netstackid_t stackid = (netstackid_t)(uintptr_t)ksp->ks_private;
5052 5070 netstack_t *ns;
5053 5071 icmp_stack_t *is;
5054 5072
5055 5073 if ((ksp == NULL) || (ksp->ks_data == NULL))
5056 5074 return (EIO);
5057 5075
5058 5076 if (rw == KSTAT_WRITE)
5059 5077 return (EACCES);
5060 5078
5061 5079 rawipkp = (rawip_named_kstat_t *)ksp->ks_data;
5062 5080
5063 5081 ns = netstack_find_by_stackid(stackid);
5064 5082 if (ns == NULL)
5065 5083 return (-1);
5066 5084 is = ns->netstack_icmp;
5067 5085 if (is == NULL) {
5068 5086 netstack_rele(ns);
5069 5087 return (-1);
5070 5088 }
5071 5089 rawipkp->inDatagrams.value.ui32 = is->is_rawip_mib.rawipInDatagrams;
5072 5090 rawipkp->inCksumErrs.value.ui32 = is->is_rawip_mib.rawipInCksumErrs;
5073 5091 rawipkp->inErrors.value.ui32 = is->is_rawip_mib.rawipInErrors;
5074 5092 rawipkp->outDatagrams.value.ui32 = is->is_rawip_mib.rawipOutDatagrams;
5075 5093 rawipkp->outErrors.value.ui32 = is->is_rawip_mib.rawipOutErrors;
5076 5094 netstack_rele(ns);
5077 5095 return (0);
5078 5096 }
5079 5097
5080 5098 /* ARGSUSED */
5081 5099 int
5082 5100 rawip_accept(sock_lower_handle_t lproto_handle,
5083 5101 sock_lower_handle_t eproto_handle, sock_upper_handle_t sock_handle,
5084 5102 cred_t *cr)
5085 5103 {
5086 5104 return (EOPNOTSUPP);
5087 5105 }
5088 5106
5089 5107 /* ARGSUSED */
5090 5108 int
5091 5109 rawip_bind(sock_lower_handle_t proto_handle, struct sockaddr *sa,
5092 5110 socklen_t len, cred_t *cr)
5093 5111 {
5094 5112 conn_t *connp = (conn_t *)proto_handle;
5095 5113 int error;
5096 5114
5097 5115 /* All Solaris components should pass a cred for this operation. */
5098 5116 ASSERT(cr != NULL);
5099 5117
5100 5118 /* Binding to a NULL address really means unbind */
5101 5119 if (sa == NULL)
5102 5120 error = rawip_do_unbind(connp);
5103 5121 else
5104 5122 error = rawip_do_bind(connp, sa, len);
5105 5123
5106 5124 if (error < 0) {
5107 5125 if (error == -TOUTSTATE)
5108 5126 error = EINVAL;
5109 5127 else
5110 5128 error = proto_tlitosyserr(-error);
5111 5129 }
5112 5130 return (error);
5113 5131 }
5114 5132
5115 5133 static int
5116 5134 rawip_implicit_bind(conn_t *connp)
5117 5135 {
5118 5136 sin6_t sin6addr;
5119 5137 sin_t *sin;
5120 5138 sin6_t *sin6;
5121 5139 socklen_t len;
5122 5140 int error;
5123 5141
5124 5142 if (connp->conn_family == AF_INET) {
5125 5143 len = sizeof (struct sockaddr_in);
5126 5144 sin = (sin_t *)&sin6addr;
5127 5145 *sin = sin_null;
5128 5146 sin->sin_family = AF_INET;
5129 5147 sin->sin_addr.s_addr = INADDR_ANY;
5130 5148 } else {
5131 5149 ASSERT(connp->conn_family == AF_INET6);
5132 5150 len = sizeof (sin6_t);
5133 5151 sin6 = (sin6_t *)&sin6addr;
5134 5152 *sin6 = sin6_null;
5135 5153 sin6->sin6_family = AF_INET6;
5136 5154 V6_SET_ZERO(sin6->sin6_addr);
5137 5155 }
5138 5156
5139 5157 error = rawip_do_bind(connp, (struct sockaddr *)&sin6addr, len);
5140 5158
5141 5159 return ((error < 0) ? proto_tlitosyserr(-error) : error);
5142 5160 }
5143 5161
5144 5162 static int
5145 5163 rawip_unbind(conn_t *connp)
5146 5164 {
5147 5165 int error;
5148 5166
5149 5167 error = rawip_do_unbind(connp);
5150 5168 if (error < 0) {
5151 5169 error = proto_tlitosyserr(-error);
5152 5170 }
5153 5171 return (error);
5154 5172 }
5155 5173
5156 5174 /* ARGSUSED */
5157 5175 int
5158 5176 rawip_listen(sock_lower_handle_t proto_handle, int backlog, cred_t *cr)
5159 5177 {
5160 5178 return (EOPNOTSUPP);
5161 5179 }
5162 5180
5163 5181 int
5164 5182 rawip_connect(sock_lower_handle_t proto_handle, const struct sockaddr *sa,
5165 5183 socklen_t len, sock_connid_t *id, cred_t *cr)
5166 5184 {
5167 5185 conn_t *connp = (conn_t *)proto_handle;
5168 5186 icmp_t *icmp = connp->conn_icmp;
5169 5187 int error;
5170 5188 boolean_t did_bind = B_FALSE;
5171 5189 pid_t pid = curproc->p_pid;
5172 5190
5173 5191 /* All Solaris components should pass a cred for this operation. */
5174 5192 ASSERT(cr != NULL);
5175 5193
5176 5194 if (sa == NULL) {
5177 5195 /*
5178 5196 * Disconnect
5179 5197 * Make sure we are connected
5180 5198 */
5181 5199 if (icmp->icmp_state != TS_DATA_XFER)
5182 5200 return (EINVAL);
5183 5201
5184 5202 error = icmp_disconnect(connp);
5185 5203 return (error);
5186 5204 }
5187 5205
5188 5206 error = proto_verify_ip_addr(connp->conn_family, sa, len);
5189 5207 if (error != 0)
5190 5208 return (error);
5191 5209
5192 5210 /* do an implicit bind if necessary */
5193 5211 if (icmp->icmp_state == TS_UNBND) {
5194 5212 error = rawip_implicit_bind(connp);
5195 5213 /*
5196 5214 * We could be racing with an actual bind, in which case
5197 5215 * we would see EPROTO. We cross our fingers and try
5198 5216 * to connect.
5199 5217 */
5200 5218 if (!(error == 0 || error == EPROTO))
5201 5219 return (error);
5202 5220 did_bind = B_TRUE;
5203 5221 }
5204 5222
5205 5223 /*
5206 5224 * set SO_DGRAM_ERRIND
5207 5225 */
5208 5226 connp->conn_dgram_errind = B_TRUE;
5209 5227
5210 5228 error = rawip_do_connect(connp, sa, len, cr, pid);
5211 5229 if (error != 0 && did_bind) {
5212 5230 int unbind_err;
5213 5231
5214 5232 unbind_err = rawip_unbind(connp);
5215 5233 ASSERT(unbind_err == 0);
5216 5234 }
5217 5235
5218 5236 if (error == 0) {
5219 5237 *id = 0;
5220 5238 (*connp->conn_upcalls->su_connected)(connp->conn_upper_handle,
5221 5239 0, NULL, -1);
5222 5240 } else if (error < 0) {
5223 5241 error = proto_tlitosyserr(-error);
5224 5242 }
5225 5243 return (error);
5226 5244 }
5227 5245
5228 5246 /* ARGSUSED2 */
5229 5247 int
5230 5248 rawip_fallback(sock_lower_handle_t proto_handle, queue_t *q,
5231 5249 boolean_t direct_sockfs, so_proto_quiesced_cb_t quiesced_cb,
5232 5250 sock_quiesce_arg_t *arg)
5233 5251 {
5234 5252 conn_t *connp = (conn_t *)proto_handle;
5235 5253 icmp_t *icmp;
5236 5254 struct T_capability_ack tca;
5237 5255 struct sockaddr_in6 laddr, faddr;
5238 5256 socklen_t laddrlen, faddrlen;
5239 5257 short opts;
5240 5258 struct stroptions *stropt;
5241 5259 mblk_t *mp, *stropt_mp;
5242 5260 int error;
5243 5261
5244 5262 icmp = connp->conn_icmp;
5245 5263
5246 5264 stropt_mp = allocb_wait(sizeof (*stropt), BPRI_HI, STR_NOSIG, NULL);
5247 5265
5248 5266 /*
5249 5267 * setup the fallback stream that was allocated
5250 5268 */
5251 5269 connp->conn_dev = (dev_t)RD(q)->q_ptr;
5252 5270 connp->conn_minor_arena = WR(q)->q_ptr;
5253 5271
5254 5272 RD(q)->q_ptr = WR(q)->q_ptr = connp;
5255 5273
5256 5274 WR(q)->q_qinfo = &icmpwinit;
5257 5275
5258 5276 connp->conn_rq = RD(q);
5259 5277 connp->conn_wq = WR(q);
5260 5278
5261 5279 /* Notify stream head about options before sending up data */
5262 5280 stropt_mp->b_datap->db_type = M_SETOPTS;
5263 5281 stropt_mp->b_wptr += sizeof (*stropt);
5264 5282 stropt = (struct stroptions *)stropt_mp->b_rptr;
5265 5283 stropt->so_flags = SO_WROFF | SO_HIWAT;
5266 5284 stropt->so_wroff = connp->conn_wroff;
5267 5285 stropt->so_hiwat = connp->conn_rcvbuf;
5268 5286 putnext(RD(q), stropt_mp);
5269 5287
5270 5288 /*
5271 5289 * free helper stream
5272 5290 */
5273 5291 ip_free_helper_stream(connp);
5274 5292
5275 5293 /*
5276 5294 * Collect the information needed to sync with the sonode
5277 5295 */
5278 5296 icmp_do_capability_ack(icmp, &tca, TC1_INFO);
5279 5297
5280 5298 laddrlen = faddrlen = sizeof (sin6_t);
5281 5299 (void) rawip_getsockname((sock_lower_handle_t)connp,
5282 5300 (struct sockaddr *)&laddr, &laddrlen, CRED());
5283 5301 error = rawip_getpeername((sock_lower_handle_t)connp,
5284 5302 (struct sockaddr *)&faddr, &faddrlen, CRED());
5285 5303 if (error != 0)
5286 5304 faddrlen = 0;
5287 5305 opts = 0;
5288 5306 if (connp->conn_dgram_errind)
5289 5307 opts |= SO_DGRAM_ERRIND;
5290 5308 if (connp->conn_ixa->ixa_flags & IXAF_DONTROUTE)
5291 5309 opts |= SO_DONTROUTE;
5292 5310
5293 5311 mp = (*quiesced_cb)(connp->conn_upper_handle, arg, &tca,
5294 5312 (struct sockaddr *)&laddr, laddrlen,
5295 5313 (struct sockaddr *)&faddr, faddrlen, opts);
5296 5314
5297 5315 /*
5298 5316 * Attempts to send data up during fallback will result in it being
5299 5317 * queued in icmp_t. Now we push up any queued packets.
5300 5318 */
5301 5319 mutex_enter(&icmp->icmp_recv_lock);
5302 5320 if (mp != NULL) {
5303 5321 mp->b_next = icmp->icmp_fallback_queue_head;
5304 5322 icmp->icmp_fallback_queue_head = mp;
5305 5323 }
5306 5324 while (icmp->icmp_fallback_queue_head != NULL) {
5307 5325 mp = icmp->icmp_fallback_queue_head;
5308 5326 icmp->icmp_fallback_queue_head = mp->b_next;
5309 5327 mp->b_next = NULL;
5310 5328 mutex_exit(&icmp->icmp_recv_lock);
5311 5329 putnext(RD(q), mp);
5312 5330 mutex_enter(&icmp->icmp_recv_lock);
5313 5331 }
5314 5332 icmp->icmp_fallback_queue_tail = icmp->icmp_fallback_queue_head;
5315 5333
5316 5334 /*
5317 5335 * No longer a streams less socket
5318 5336 */
5319 5337 mutex_enter(&connp->conn_lock);
5320 5338 connp->conn_flags &= ~IPCL_NONSTR;
5321 5339 mutex_exit(&connp->conn_lock);
5322 5340
5323 5341 mutex_exit(&icmp->icmp_recv_lock);
5324 5342
5325 5343 ASSERT(icmp->icmp_fallback_queue_head == NULL &&
5326 5344 icmp->icmp_fallback_queue_tail == NULL);
5327 5345
5328 5346 ASSERT(connp->conn_ref >= 1);
5329 5347
5330 5348 return (0);
5331 5349 }
5332 5350
5333 5351 /* ARGSUSED2 */
5334 5352 sock_lower_handle_t
5335 5353 rawip_create(int family, int type, int proto, sock_downcalls_t **sock_downcalls,
5336 5354 uint_t *smodep, int *errorp, int flags, cred_t *credp)
5337 5355 {
5338 5356 conn_t *connp;
5339 5357
5340 5358 if (type != SOCK_RAW || (family != AF_INET && family != AF_INET6)) {
5341 5359 *errorp = EPROTONOSUPPORT;
5342 5360 return (NULL);
5343 5361 }
5344 5362
5345 5363 connp = rawip_do_open(family, credp, errorp, flags);
5346 5364 if (connp != NULL) {
5347 5365 connp->conn_flags |= IPCL_NONSTR;
5348 5366
5349 5367 mutex_enter(&connp->conn_lock);
5350 5368 connp->conn_state_flags &= ~CONN_INCIPIENT;
5351 5369 mutex_exit(&connp->conn_lock);
5352 5370 *sock_downcalls = &sock_rawip_downcalls;
5353 5371 *smodep = SM_ATOMIC;
5354 5372 } else {
5355 5373 ASSERT(*errorp != 0);
5356 5374 }
5357 5375
5358 5376 return ((sock_lower_handle_t)connp);
5359 5377 }
5360 5378
5361 5379 /* ARGSUSED3 */
5362 5380 void
5363 5381 rawip_activate(sock_lower_handle_t proto_handle,
5364 5382 sock_upper_handle_t sock_handle, sock_upcalls_t *sock_upcalls, int flags,
5365 5383 cred_t *cr)
5366 5384 {
5367 5385 conn_t *connp = (conn_t *)proto_handle;
5368 5386 struct sock_proto_props sopp;
5369 5387
5370 5388 /* All Solaris components should pass a cred for this operation. */
5371 5389 ASSERT(cr != NULL);
5372 5390
5373 5391 connp->conn_upcalls = sock_upcalls;
5374 5392 connp->conn_upper_handle = sock_handle;
5375 5393
5376 5394 sopp.sopp_flags = SOCKOPT_WROFF | SOCKOPT_RCVHIWAT | SOCKOPT_RCVLOWAT |
5377 5395 SOCKOPT_MAXBLK | SOCKOPT_MAXPSZ | SOCKOPT_MINPSZ;
5378 5396 sopp.sopp_wroff = connp->conn_wroff;
5379 5397 sopp.sopp_rxhiwat = connp->conn_rcvbuf;
5380 5398 sopp.sopp_rxlowat = connp->conn_rcvlowat;
5381 5399 sopp.sopp_maxblk = INFPSZ;
5382 5400 sopp.sopp_maxpsz = IP_MAXPACKET;
5383 5401 sopp.sopp_minpsz = (icmp_mod_info.mi_minpsz == 1) ? 0 :
5384 5402 icmp_mod_info.mi_minpsz;
5385 5403
5386 5404 (*connp->conn_upcalls->su_set_proto_props)
5387 5405 (connp->conn_upper_handle, &sopp);
5388 5406
5389 5407 icmp_bind_proto(connp->conn_icmp);
5390 5408 }
5391 5409
5392 5410 /* ARGSUSED3 */
5393 5411 int
5394 5412 rawip_getpeername(sock_lower_handle_t proto_handle, struct sockaddr *sa,
5395 5413 socklen_t *salenp, cred_t *cr)
5396 5414 {
5397 5415 conn_t *connp = (conn_t *)proto_handle;
5398 5416 icmp_t *icmp = connp->conn_icmp;
5399 5417 int error;
5400 5418
5401 5419 /* All Solaris components should pass a cred for this operation. */
5402 5420 ASSERT(cr != NULL);
5403 5421
5404 5422 mutex_enter(&connp->conn_lock);
5405 5423 if (icmp->icmp_state != TS_DATA_XFER)
5406 5424 error = ENOTCONN;
5407 5425 else
5408 5426 error = conn_getpeername(connp, sa, salenp);
5409 5427 mutex_exit(&connp->conn_lock);
5410 5428 return (error);
5411 5429 }
5412 5430
5413 5431 /* ARGSUSED3 */
5414 5432 int
5415 5433 rawip_getsockname(sock_lower_handle_t proto_handle, struct sockaddr *sa,
5416 5434 socklen_t *salenp, cred_t *cr)
5417 5435 {
5418 5436 conn_t *connp = (conn_t *)proto_handle;
5419 5437 int error;
5420 5438
5421 5439 /* All Solaris components should pass a cred for this operation. */
5422 5440 ASSERT(cr != NULL);
5423 5441
5424 5442 mutex_enter(&connp->conn_lock);
5425 5443 error = conn_getsockname(connp, sa, salenp);
5426 5444 mutex_exit(&connp->conn_lock);
5427 5445 return (error);
5428 5446 }
5429 5447
5430 5448 int
5431 5449 rawip_setsockopt(sock_lower_handle_t proto_handle, int level, int option_name,
5432 5450 const void *optvalp, socklen_t optlen, cred_t *cr)
5433 5451 {
5434 5452 conn_t *connp = (conn_t *)proto_handle;
5435 5453 int error;
5436 5454
5437 5455 /* All Solaris components should pass a cred for this operation. */
5438 5456 ASSERT(cr != NULL);
5439 5457
5440 5458 error = proto_opt_check(level, option_name, optlen, NULL,
5441 5459 icmp_opt_obj.odb_opt_des_arr,
5442 5460 icmp_opt_obj.odb_opt_arr_cnt,
5443 5461 B_TRUE, B_FALSE, cr);
5444 5462
5445 5463 if (error != 0) {
5446 5464 /*
5447 5465 * option not recognized
5448 5466 */
5449 5467 if (error < 0) {
5450 5468 error = proto_tlitosyserr(-error);
5451 5469 }
5452 5470 return (error);
5453 5471 }
5454 5472
5455 5473 error = icmp_opt_set(connp, SETFN_OPTCOM_NEGOTIATE, level,
5456 5474 option_name, optlen, (uchar_t *)optvalp, (uint_t *)&optlen,
5457 5475 (uchar_t *)optvalp, NULL, cr);
5458 5476
5459 5477 ASSERT(error >= 0);
5460 5478
5461 5479 return (error);
5462 5480 }
5463 5481
5464 5482 int
5465 5483 rawip_getsockopt(sock_lower_handle_t proto_handle, int level, int option_name,
5466 5484 void *optvalp, socklen_t *optlen, cred_t *cr)
5467 5485 {
5468 5486 int error;
5469 5487 conn_t *connp = (conn_t *)proto_handle;
5470 5488 t_uscalar_t max_optbuf_len;
5471 5489 void *optvalp_buf;
5472 5490 int len;
5473 5491
5474 5492 /* All Solaris components should pass a cred for this operation. */
5475 5493 ASSERT(cr != NULL);
5476 5494
5477 5495 error = proto_opt_check(level, option_name, *optlen, &max_optbuf_len,
5478 5496 icmp_opt_obj.odb_opt_des_arr,
5479 5497 icmp_opt_obj.odb_opt_arr_cnt,
5480 5498 B_FALSE, B_TRUE, cr);
5481 5499
5482 5500 if (error != 0) {
5483 5501 if (error < 0) {
5484 5502 error = proto_tlitosyserr(-error);
5485 5503 }
5486 5504 return (error);
5487 5505 }
5488 5506
5489 5507 optvalp_buf = kmem_alloc(max_optbuf_len, KM_SLEEP);
5490 5508 len = icmp_opt_get(connp, level, option_name, optvalp_buf);
5491 5509 if (len == -1) {
5492 5510 kmem_free(optvalp_buf, max_optbuf_len);
5493 5511 return (EINVAL);
5494 5512 }
5495 5513
5496 5514 /*
5497 5515 * update optlen and copy option value
5498 5516 */
5499 5517 t_uscalar_t size = MIN(len, *optlen);
5500 5518
5501 5519 bcopy(optvalp_buf, optvalp, size);
5502 5520 bcopy(&size, optlen, sizeof (size));
5503 5521
5504 5522 kmem_free(optvalp_buf, max_optbuf_len);
5505 5523 return (0);
5506 5524 }
5507 5525
5508 5526 /* ARGSUSED1 */
5509 5527 int
5510 5528 rawip_close(sock_lower_handle_t proto_handle, int flags, cred_t *cr)
5511 5529 {
5512 5530 conn_t *connp = (conn_t *)proto_handle;
5513 5531
5514 5532 /* All Solaris components should pass a cred for this operation. */
5515 5533 ASSERT(cr != NULL);
5516 5534
5517 5535 (void) rawip_do_close(connp);
5518 5536 return (0);
5519 5537 }
5520 5538
5521 5539 /* ARGSUSED2 */
5522 5540 int
5523 5541 rawip_shutdown(sock_lower_handle_t proto_handle, int how, cred_t *cr)
5524 5542 {
5525 5543 conn_t *connp = (conn_t *)proto_handle;
5526 5544
5527 5545 /* All Solaris components should pass a cred for this operation. */
5528 5546 ASSERT(cr != NULL);
5529 5547
5530 5548 /* shut down the send side */
5531 5549 if (how != SHUT_RD)
5532 5550 (*connp->conn_upcalls->su_opctl)(connp->conn_upper_handle,
5533 5551 SOCK_OPCTL_SHUT_SEND, 0);
5534 5552 /* shut down the recv side */
5535 5553 if (how != SHUT_WR)
5536 5554 (*connp->conn_upcalls->su_opctl)(connp->conn_upper_handle,
5537 5555 SOCK_OPCTL_SHUT_RECV, 0);
5538 5556 return (0);
5539 5557 }
5540 5558
5541 5559 void
5542 5560 rawip_clr_flowctrl(sock_lower_handle_t proto_handle)
5543 5561 {
5544 5562 conn_t *connp = (conn_t *)proto_handle;
5545 5563 icmp_t *icmp = connp->conn_icmp;
5546 5564
5547 5565 mutex_enter(&icmp->icmp_recv_lock);
5548 5566 connp->conn_flow_cntrld = B_FALSE;
5549 5567 mutex_exit(&icmp->icmp_recv_lock);
5550 5568 }
5551 5569
5552 5570 int
5553 5571 rawip_ioctl(sock_lower_handle_t proto_handle, int cmd, intptr_t arg,
5554 5572 int mode, int32_t *rvalp, cred_t *cr)
5555 5573 {
5556 5574 conn_t *connp = (conn_t *)proto_handle;
5557 5575 int error;
5558 5576
5559 5577 /* All Solaris components should pass a cred for this operation. */
5560 5578 ASSERT(cr != NULL);
5561 5579
5562 5580 /*
5563 5581 * If we don't have a helper stream then create one.
5564 5582 * ip_create_helper_stream takes care of locking the conn_t,
5565 5583 * so this check for NULL is just a performance optimization.
5566 5584 */
5567 5585 if (connp->conn_helper_info == NULL) {
5568 5586 icmp_stack_t *is = connp->conn_icmp->icmp_is;
5569 5587
5570 5588 ASSERT(is->is_ldi_ident != NULL);
5571 5589
5572 5590 /*
5573 5591 * Create a helper stream for non-STREAMS socket.
5574 5592 */
5575 5593 error = ip_create_helper_stream(connp, is->is_ldi_ident);
5576 5594 if (error != 0) {
5577 5595 ip0dbg(("rawip_ioctl: create of IP helper stream "
5578 5596 "failed %d\n", error));
5579 5597 return (error);
5580 5598 }
5581 5599 }
5582 5600
5583 5601 switch (cmd) {
5584 5602 case _SIOCSOCKFALLBACK:
5585 5603 case TI_GETPEERNAME:
5586 5604 case TI_GETMYNAME:
5587 5605 #ifdef DEBUG
5588 5606 cmn_err(CE_CONT, "icmp_ioctl cmd 0x%x on non streams"
5589 5607 " socket", cmd);
5590 5608 #endif
5591 5609 error = EINVAL;
5592 5610 break;
5593 5611 default:
5594 5612 /*
5595 5613 * Pass on to IP using helper stream
5596 5614 */
5597 5615 error = ldi_ioctl(connp->conn_helper_info->iphs_handle,
5598 5616 cmd, arg, mode, cr, rvalp);
5599 5617 break;
5600 5618 }
5601 5619 return (error);
5602 5620 }
5603 5621
5604 5622 int
5605 5623 rawip_send(sock_lower_handle_t proto_handle, mblk_t *mp, struct nmsghdr *msg,
5606 5624 cred_t *cr)
5607 5625 {
5608 5626 sin6_t *sin6;
5609 5627 sin_t *sin = NULL;
5610 5628 uint_t srcid;
5611 5629 conn_t *connp = (conn_t *)proto_handle;
5612 5630 icmp_t *icmp = connp->conn_icmp;
5613 5631 int error = 0;
5614 5632 icmp_stack_t *is = icmp->icmp_is;
5615 5633 pid_t pid = curproc->p_pid;
5616 5634 ip_xmit_attr_t *ixa;
5617 5635
5618 5636 ASSERT(DB_TYPE(mp) == M_DATA);
5619 5637
5620 5638 /* All Solaris components should pass a cred for this operation. */
5621 5639 ASSERT(cr != NULL);
5622 5640
5623 5641 /* do an implicit bind if necessary */
5624 5642 if (icmp->icmp_state == TS_UNBND) {
5625 5643 error = rawip_implicit_bind(connp);
5626 5644 /*
5627 5645 * We could be racing with an actual bind, in which case
5628 5646 * we would see EPROTO. We cross our fingers and try
5629 5647 * to connect.
5630 5648 */
5631 5649 if (!(error == 0 || error == EPROTO)) {
5632 5650 freemsg(mp);
5633 5651 return (error);
5634 5652 }
5635 5653 }
5636 5654
5637 5655 /* Protocol 255 contains full IP headers */
5638 5656 /* Read without holding lock */
5639 5657 if (icmp->icmp_hdrincl) {
5640 5658 ASSERT(connp->conn_ipversion == IPV4_VERSION);
5641 5659 if (mp->b_wptr - mp->b_rptr < IP_SIMPLE_HDR_LENGTH) {
5642 5660 if (!pullupmsg(mp, IP_SIMPLE_HDR_LENGTH)) {
5643 5661 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
5644 5662 freemsg(mp);
5645 5663 return (EINVAL);
5646 5664 }
5647 5665 }
5648 5666 error = icmp_output_hdrincl(connp, mp, cr, pid);
5649 5667 if (is->is_sendto_ignerr)
5650 5668 return (0);
5651 5669 else
5652 5670 return (error);
5653 5671 }
5654 5672
5655 5673 /* Connected? */
5656 5674 if (msg->msg_name == NULL) {
5657 5675 if (icmp->icmp_state != TS_DATA_XFER) {
5658 5676 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
5659 5677 return (EDESTADDRREQ);
5660 5678 }
5661 5679 if (msg->msg_controllen != 0) {
5662 5680 error = icmp_output_ancillary(connp, NULL, NULL, mp,
5663 5681 NULL, msg, cr, pid);
5664 5682 } else {
5665 5683 error = icmp_output_connected(connp, mp, cr, pid);
5666 5684 }
5667 5685 if (is->is_sendto_ignerr)
5668 5686 return (0);
5669 5687 else
5670 5688 return (error);
5671 5689 }
5672 5690 if (icmp->icmp_state == TS_DATA_XFER) {
5673 5691 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
5674 5692 return (EISCONN);
5675 5693 }
5676 5694 error = proto_verify_ip_addr(connp->conn_family,
5677 5695 (struct sockaddr *)msg->msg_name, msg->msg_namelen);
5678 5696 if (error != 0) {
5679 5697 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
5680 5698 return (error);
5681 5699 }
5682 5700 switch (connp->conn_family) {
5683 5701 case AF_INET6:
5684 5702 sin6 = (sin6_t *)msg->msg_name;
5685 5703
5686 5704 /* No support for mapped addresses on raw sockets */
5687 5705 if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
5688 5706 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
5689 5707 return (EADDRNOTAVAIL);
5690 5708 }
5691 5709 srcid = sin6->__sin6_src_id;
5692 5710
5693 5711 /*
5694 5712 * If the local address is a mapped address return
5695 5713 * an error.
5696 5714 * It would be possible to send an IPv6 packet but the
5697 5715 * response would never make it back to the application
5698 5716 * since it is bound to a mapped address.
5699 5717 */
5700 5718 if (IN6_IS_ADDR_V4MAPPED(&connp->conn_saddr_v6)) {
5701 5719 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
5702 5720 return (EADDRNOTAVAIL);
5703 5721 }
5704 5722
5705 5723 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr))
5706 5724 sin6->sin6_addr = ipv6_loopback;
5707 5725
5708 5726 /*
5709 5727 * We have to allocate an ip_xmit_attr_t before we grab
5710 5728 * conn_lock and we need to hold conn_lock once we've check
5711 5729 * conn_same_as_last_v6 to handle concurrent send* calls on a
5712 5730 * socket.
5713 5731 */
5714 5732 if (msg->msg_controllen == 0) {
5715 5733 ixa = conn_get_ixa(connp, B_FALSE);
5716 5734 if (ixa == NULL) {
5717 5735 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
5718 5736 return (ENOMEM);
5719 5737 }
5720 5738 } else {
5721 5739 ixa = NULL;
5722 5740 }
5723 5741 mutex_enter(&connp->conn_lock);
5724 5742 if (icmp->icmp_delayed_error != 0) {
5725 5743 sin6_t *sin2 = (sin6_t *)&icmp->icmp_delayed_addr;
5726 5744
5727 5745 error = icmp->icmp_delayed_error;
5728 5746 icmp->icmp_delayed_error = 0;
5729 5747
5730 5748 /* Compare IP address and family */
5731 5749
5732 5750 if (IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr,
5733 5751 &sin2->sin6_addr) &&
5734 5752 sin6->sin6_family == sin2->sin6_family) {
5735 5753 mutex_exit(&connp->conn_lock);
5736 5754 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
5737 5755 if (ixa != NULL)
5738 5756 ixa_refrele(ixa);
5739 5757 return (error);
5740 5758 }
5741 5759 }
5742 5760 if (msg->msg_controllen != 0) {
5743 5761 mutex_exit(&connp->conn_lock);
5744 5762 ASSERT(ixa == NULL);
5745 5763 error = icmp_output_ancillary(connp, NULL, sin6, mp,
5746 5764 NULL, msg, cr, pid);
5747 5765 } else if (conn_same_as_last_v6(connp, sin6) &&
5748 5766 connp->conn_lastsrcid == srcid &&
5749 5767 ipsec_outbound_policy_current(ixa)) {
5750 5768 /* icmp_output_lastdst drops conn_lock */
5751 5769 error = icmp_output_lastdst(connp, mp, cr, pid, ixa);
5752 5770 } else {
5753 5771 /* icmp_output_newdst drops conn_lock */
5754 5772 error = icmp_output_newdst(connp, mp, NULL, sin6, cr,
5755 5773 pid, ixa);
5756 5774 }
5757 5775 ASSERT(MUTEX_NOT_HELD(&connp->conn_lock));
5758 5776 if (is->is_sendto_ignerr)
5759 5777 return (0);
5760 5778 else
5761 5779 return (error);
5762 5780 case AF_INET:
5763 5781 sin = (sin_t *)msg->msg_name;
5764 5782
5765 5783 if (sin->sin_addr.s_addr == INADDR_ANY)
5766 5784 sin->sin_addr.s_addr = htonl(INADDR_LOOPBACK);
5767 5785
5768 5786 /*
5769 5787 * We have to allocate an ip_xmit_attr_t before we grab
5770 5788 * conn_lock and we need to hold conn_lock once we've check
5771 5789 * conn_same_as_last_v6 to handle concurrent send* on a socket.
5772 5790 */
5773 5791 if (msg->msg_controllen == 0) {
5774 5792 ixa = conn_get_ixa(connp, B_FALSE);
5775 5793 if (ixa == NULL) {
5776 5794 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
5777 5795 return (ENOMEM);
5778 5796 }
5779 5797 } else {
5780 5798 ixa = NULL;
5781 5799 }
5782 5800 mutex_enter(&connp->conn_lock);
5783 5801 if (icmp->icmp_delayed_error != 0) {
5784 5802 sin_t *sin2 = (sin_t *)&icmp->icmp_delayed_addr;
5785 5803
5786 5804 error = icmp->icmp_delayed_error;
5787 5805 icmp->icmp_delayed_error = 0;
5788 5806
5789 5807 /* Compare IP address */
5790 5808
5791 5809 if (sin->sin_addr.s_addr == sin2->sin_addr.s_addr) {
5792 5810 mutex_exit(&connp->conn_lock);
5793 5811 BUMP_MIB(&is->is_rawip_mib, rawipOutErrors);
5794 5812 if (ixa != NULL)
5795 5813 ixa_refrele(ixa);
5796 5814 return (error);
5797 5815 }
5798 5816 }
5799 5817
5800 5818 if (msg->msg_controllen != 0) {
5801 5819 mutex_exit(&connp->conn_lock);
5802 5820 ASSERT(ixa == NULL);
5803 5821 error = icmp_output_ancillary(connp, sin, NULL, mp,
5804 5822 NULL, msg, cr, pid);
5805 5823 } else if (conn_same_as_last_v4(connp, sin) &&
5806 5824 ipsec_outbound_policy_current(ixa)) {
5807 5825 /* icmp_output_lastdst drops conn_lock */
5808 5826 error = icmp_output_lastdst(connp, mp, cr, pid, ixa);
5809 5827 } else {
5810 5828 /* icmp_output_newdst drops conn_lock */
5811 5829 error = icmp_output_newdst(connp, mp, sin, NULL, cr,
5812 5830 pid, ixa);
5813 5831 }
5814 5832 ASSERT(MUTEX_NOT_HELD(&connp->conn_lock));
5815 5833 if (is->is_sendto_ignerr)
5816 5834 return (0);
5817 5835 else
5818 5836 return (error);
5819 5837 default:
5820 5838 return (EINVAL);
5821 5839 }
5822 5840 }
5823 5841
5824 5842 sock_downcalls_t sock_rawip_downcalls = {
5825 5843 rawip_activate,
5826 5844 rawip_accept,
5827 5845 rawip_bind,
5828 5846 rawip_listen,
5829 5847 rawip_connect,
5830 5848 rawip_getpeername,
5831 5849 rawip_getsockname,
5832 5850 rawip_getsockopt,
5833 5851 rawip_setsockopt,
5834 5852 rawip_send,
5835 5853 NULL,
5836 5854 NULL,
5837 5855 NULL,
5838 5856 rawip_shutdown,
5839 5857 rawip_clr_flowctrl,
5840 5858 rawip_ioctl,
5841 5859 rawip_close
5842 5860 };
|
↓ open down ↓ |
1385 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX